If available, the kernel will enable IOMMU (a/k/a DMA remapping) by
default on boot. To tools making use of that, particularly hypervisors,
this provides better security without any downsides.
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
CONFIG_DMAR_TABLE=y
CONFIG_INTEL_IOMMU=y
CONFIG_INTEL_IOMMU_SVM=y
-# CONFIG_INTEL_IOMMU_DEFAULT_ON is not set
+CONFIG_INTEL_IOMMU_DEFAULT_ON=y
CONFIG_INTEL_IOMMU_FLOPPY_WA=y
# CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON is not set
CONFIG_IRQ_REMAP=y
#lib/modules/KVER-ipfire/build/include/config/INTEL_INT0002_VGPIO
#lib/modules/KVER-ipfire/build/include/config/INTEL_IOATDMA
#lib/modules/KVER-ipfire/build/include/config/INTEL_IOMMU
+#lib/modules/KVER-ipfire/build/include/config/INTEL_IOMMU_DEFAULT_ON
#lib/modules/KVER-ipfire/build/include/config/INTEL_IOMMU_FLOPPY_WA
#lib/modules/KVER-ipfire/build/include/config/INTEL_IOMMU_SVM
#lib/modules/KVER-ipfire/build/include/config/INTEL_IPS