From 83e13bb62d028cfeea7a4d3f3def3bff8d2b5eaa Mon Sep 17 00:00:00 2001
From: monsieuremre <130907164+monsieuremre@users.noreply.github.com>
Date: Sun, 3 Dec 2023 19:42:34 +0000
Subject: [PATCH 1/3] Update 40_enable_iommu.cfg

---
 etc/default/grub.d/40_enable_iommu.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/etc/default/grub.d/40_enable_iommu.cfg b/etc/default/grub.d/40_enable_iommu.cfg
index 579ccca..fd69000 100644
--- a/etc/default/grub.d/40_enable_iommu.cfg
+++ b/etc/default/grub.d/40_enable_iommu.cfg
@@ -2,7 +2,7 @@
 ## See the file COPYING for copying conditions.
 
 ## Enables IOMMU to prevent DMA attacks.
-GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX intel_iommu=on amd_iommu=on"
+GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX intel_iommu=on amd_iommu=force_enable iommu=strict iommu.strict=1 iommu.passthrough=0"
 
 ## Disable the busmaster bit on all PCI bridges during very
 ## early boot to avoid holes in IOMMU.

From dd15823a97e953750d7a8288c7d3b8d5f554d6f9 Mon Sep 17 00:00:00 2001
From: monsieuremre <130907164+monsieuremre@users.noreply.github.com>
Date: Sun, 3 Dec 2023 19:50:07 +0000
Subject: [PATCH 2/3] undo superfluousness

---
 etc/default/grub.d/40_enable_iommu.cfg | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/etc/default/grub.d/40_enable_iommu.cfg b/etc/default/grub.d/40_enable_iommu.cfg
index fd69000..67ea0f1 100644
--- a/etc/default/grub.d/40_enable_iommu.cfg
+++ b/etc/default/grub.d/40_enable_iommu.cfg
@@ -2,7 +2,7 @@
 ## See the file COPYING for copying conditions.
 
 ## Enables IOMMU to prevent DMA attacks.
-GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX intel_iommu=on amd_iommu=force_enable iommu=strict iommu.strict=1 iommu.passthrough=0"
+GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX intel_iommu=on amd_iommu=force_enable"
 
 ## Disable the busmaster bit on all PCI bridges during very
 ## early boot to avoid holes in IOMMU.
@@ -14,4 +14,4 @@ GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX efi=disable_early_pci_dma"
 ## Enables strict enforcement of IOMMU TLB invalidation so devices will never be able to access stale data contents
 ## https://github.com/torvalds/linux/blob/master/drivers/iommu/Kconfig#L97
 ## Page 11 of https://lenovopress.lenovo.com/lp1467.pdf
-GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX iommu.passthrough=0 iommu.strict=1"
+GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX iommu=strict iommu.passthrough=0 iommu.strict=1"

From f2ad8383cfea4bba42e8b246b05b85101d707641 Mon Sep 17 00:00:00 2001
From: monsieuremre <130907164+monsieuremre@users.noreply.github.com>
Date: Sun, 3 Dec 2023 19:51:38 +0000
Subject: [PATCH 3/3] fix

---
 etc/default/grub.d/40_enable_iommu.cfg | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/etc/default/grub.d/40_enable_iommu.cfg b/etc/default/grub.d/40_enable_iommu.cfg
index 67ea0f1..10c732f 100644
--- a/etc/default/grub.d/40_enable_iommu.cfg
+++ b/etc/default/grub.d/40_enable_iommu.cfg
@@ -14,4 +14,4 @@ GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX efi=disable_early_pci_dma"
 ## Enables strict enforcement of IOMMU TLB invalidation so devices will never be able to access stale data contents
 ## https://github.com/torvalds/linux/blob/master/drivers/iommu/Kconfig#L97
 ## Page 11 of https://lenovopress.lenovo.com/lp1467.pdf
-GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX iommu=strict iommu.passthrough=0 iommu.strict=1"
+GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX iommu=force iommu.passthrough=0 iommu.strict=1"