I can explain this:
- On Intel you need
intel_iommu=onto turn it on - On AMD the kernel will automatically turn the IOMMU on
- On AMD you can further ensure all devices are isolated and none are exempted with
amd_iommu=force_isolation- with linux 6.13 and higher this has recently caused black screens on newer amdgpus, it will likely be fixed in the future
- Regardless of both you should use
iommu=forceto enable it in cases where it may not be used such as low memory situation. This afaik will not turn it on, only ensure it stays on in more cases. - And you should also enable strict TLB invalidation via
iommu.strict=1, this ensures mappings are always accurately set instead of lazily updated upon changes - Lastly you want
iommu.passthrough=0this ensures the IOMMU is always enforced even for DMA efi=disable_early_pci_dmacan be used to minimize ability of DMA before full IOMMU initialization, however this can commonly cause issues with GPUs getting stuck at a black screen, so test it on your system before setting it permanently