> From: Peter Xu <peterx@xxxxxxxxxx> > Sent: Wednesday, March 25, 2020 2:34 AM > To: Liu, Yi L <yi.l.liu@xxxxxxxxx> > Subject: Re: [PATCH v1 20/22] intel_iommu: propagate PASID-based iotlb > invalidation to host > > On Sun, Mar 22, 2020 at 05:36:17AM -0700, Liu Yi L wrote: > > This patch propagates PASID-based iotlb invalidation to host. > > > > Intel VT-d 3.0 supports nested translation in PASID granular. > > Guest SVA support could be implemented by configuring nested > > translation on specific PASID. This is also known as dual stage DMA > > translation. > > > > Under such configuration, guest owns the GVA->GPA translation which is > > configured as first level page table in host side for a specific > > pasid, and host owns GPA->HPA translation. As guest owns first level > > translation table, piotlb invalidation should be propagated to host > > since host IOMMU will cache first level page table related mappings > > during DMA address translation. > > > > This patch traps the guest PASID-based iotlb flush and propagate it to > > host. > > > > Cc: Kevin Tian <kevin.tian@xxxxxxxxx> > > Cc: Jacob Pan <jacob.jun.pan@xxxxxxxxxxxxxxx> > > Cc: Peter Xu <peterx@xxxxxxxxxx> > > Cc: Yi Sun <yi.y.sun@xxxxxxxxxxxxxxx> > > Cc: Paolo Bonzini <pbonzini@xxxxxxxxxx> > > Cc: Richard Henderson <rth@xxxxxxxxxxx> > > Cc: Eduardo Habkost <ehabkost@xxxxxxxxxx> > > Signed-off-by: Liu Yi L <yi.l.liu@xxxxxxxxx> > > --- > > hw/i386/intel_iommu.c | 139 > +++++++++++++++++++++++++++++++++++++++++ > > hw/i386/intel_iommu_internal.h | 7 +++ > > 2 files changed, 146 insertions(+) > > > > diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c index > > b9ac07d..10d314d 100644 > > --- a/hw/i386/intel_iommu.c > > +++ b/hw/i386/intel_iommu.c > > @@ -3134,15 +3134,154 @@ static bool > vtd_process_pasid_desc(IntelIOMMUState *s, > > return (ret == 0) ? true : false; } > > > > +/** > > + * Caller of this function should hold iommu_lock. > > + */ > > +static void vtd_invalidate_piotlb(IntelIOMMUState *s, > > + VTDBus *vtd_bus, > > + int devfn, > > + DualIOMMUStage1Cache *stage1_cache) > > +{ > > + VTDHostIOMMUContext *vtd_dev_icx; > > + HostIOMMUContext *host_icx; > > + > > + vtd_dev_icx = vtd_bus->dev_icx[devfn]; > > + if (!vtd_dev_icx) { > > + goto out; > > + } > > + host_icx = vtd_dev_icx->host_icx; > > + if (!host_icx) { > > + goto out; > > + } > > + if (host_iommu_ctx_flush_stage1_cache(host_icx, stage1_cache)) { > > + error_report("Cache flush failed"); > > I think this should not easily be triggered by the guest, but just in case... Let's use > error_report_once() to be safe. Agreed. > > + } > > +out: > > + return; > > +} > > + > > +static inline bool vtd_pasid_cache_valid( > > + VTDPASIDAddressSpace *vtd_pasid_as) { > > + return vtd_pasid_as->iommu_state && > > This check can be dropped because always true? > > If you agree with both the changes, please add: > > Reviewed-by: Peter Xu <peterx@xxxxxxxxxx> I think the code should ensure all the pasid_as in hash table is valid. And we can since all the operations are under protection of iommu_lock. Thanks, Yi Liu > > + (vtd_pasid_as->iommu_state->pasid_cache_gen > > + == vtd_pasid_as->pasid_cache_entry.pasid_cache_gen); > > +} > > + > > +/** > > + * This function is a loop function for the s->vtd_pasid_as > > + * list with VTDPIOTLBInvInfo as execution filter. It propagates > > + * the piotlb invalidation to host. Caller of this function > > + * should hold iommu_lock. > > + */ > > +static void vtd_flush_pasid_iotlb(gpointer key, gpointer value, > > + gpointer user_data) { > > + VTDPIOTLBInvInfo *piotlb_info = user_data; > > + VTDPASIDAddressSpace *vtd_pasid_as = value; > > + uint16_t did; > > + > > + /* > > + * Needs to check whether the pasid entry cache stored in > > + * vtd_pasid_as is valid or not. "invalid" means the pasid > > + * cache has been flushed, thus host should have done piotlb > > + * invalidation together with a pasid cache invalidation, so > > + * no need to pass down piotlb invalidation to host for better > > + * performance. Only when pasid entry cache is "valid", should > > + * a piotlb invalidation be propagated to host since it means > > + * guest just modified a mapping in its page table. > > + */ > > + if (!vtd_pasid_cache_valid(vtd_pasid_as)) { > > + return; > > + } > > + > > + did = vtd_pe_get_domain_id( > > + &(vtd_pasid_as->pasid_cache_entry.pasid_entry)); > > + > > + if ((piotlb_info->domain_id == did) && > > + (piotlb_info->pasid == vtd_pasid_as->pasid)) { > > + vtd_invalidate_piotlb(vtd_pasid_as->iommu_state, > > + vtd_pasid_as->vtd_bus, > > + vtd_pasid_as->devfn, > > + piotlb_info->stage1_cache); > > + } > > + > > + /* > > + * TODO: needs to add QEMU piotlb flush when QEMU piotlb > > + * infrastructure is ready. For now, it is enough for passthru > > + * devices. > > + */ > > +} > > + > > static void vtd_piotlb_pasid_invalidate(IntelIOMMUState *s, > > uint16_t domain_id, > > uint32_t pasid) { > > + VTDPIOTLBInvInfo piotlb_info; > > + DualIOMMUStage1Cache *stage1_cache; > > + struct iommu_cache_invalidate_info *cache_info; > > + > > + stage1_cache = g_malloc0(sizeof(*stage1_cache)); > > + stage1_cache->pasid = pasid; > > + > > + cache_info = &stage1_cache->cache_info; > > + cache_info->version = IOMMU_UAPI_VERSION; > > + cache_info->cache = IOMMU_CACHE_INV_TYPE_IOTLB; > > + cache_info->granularity = IOMMU_INV_GRANU_PASID; > > + cache_info->pasid_info.pasid = pasid; > > + cache_info->pasid_info.flags = IOMMU_INV_PASID_FLAGS_PASID; > > + > > + piotlb_info.domain_id = domain_id; > > + piotlb_info.pasid = pasid; > > + piotlb_info.stage1_cache = stage1_cache; > > + > > + vtd_iommu_lock(s); > > + /* > > + * Here loops all the vtd_pasid_as instances in s->vtd_pasid_as > > + * to find out the affected devices since piotlb invalidation > > + * should check pasid cache per architecture point of view. > > + */ > > + g_hash_table_foreach(s->vtd_pasid_as, > > + vtd_flush_pasid_iotlb, &piotlb_info); > > + vtd_iommu_unlock(s); > > + g_free(stage1_cache); > > } > > > > static void vtd_piotlb_page_invalidate(IntelIOMMUState *s, uint16_t domain_id, > > uint32_t pasid, hwaddr addr, uint8_t am, > > bool ih) { > > + VTDPIOTLBInvInfo piotlb_info; > > + DualIOMMUStage1Cache *stage1_cache; > > + struct iommu_cache_invalidate_info *cache_info; > > + > > + stage1_cache = g_malloc0(sizeof(*stage1_cache)); > > + stage1_cache->pasid = pasid; > > + > > + cache_info = &stage1_cache->cache_info; > > + cache_info->version = IOMMU_UAPI_VERSION; > > + cache_info->cache = IOMMU_CACHE_INV_TYPE_IOTLB; > > + cache_info->granularity = IOMMU_INV_GRANU_ADDR; > > + cache_info->addr_info.flags = IOMMU_INV_ADDR_FLAGS_PASID; > > + cache_info->addr_info.flags |= ih ? IOMMU_INV_ADDR_FLAGS_LEAF : 0; > > + cache_info->addr_info.pasid = pasid; > > + cache_info->addr_info.addr = addr; > > + cache_info->addr_info.granule_size = 1 << (12 + am); > > + cache_info->addr_info.nb_granules = 1; > > + > > + piotlb_info.domain_id = domain_id; > > + piotlb_info.pasid = pasid; > > + piotlb_info.stage1_cache = stage1_cache; > > + > > + vtd_iommu_lock(s); > > + /* > > + * Here loops all the vtd_pasid_as instances in s->vtd_pasid_as > > + * to find out the affected devices since piotlb invalidation > > + * should check pasid cache per architecture point of view. > > + */ > > + g_hash_table_foreach(s->vtd_pasid_as, > > + vtd_flush_pasid_iotlb, &piotlb_info); > > + vtd_iommu_unlock(s); > > + g_free(stage1_cache); > > } > > > > static bool vtd_process_piotlb_desc(IntelIOMMUState *s, diff --git > > a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h > > index 314e2c4..967cc4f 100644 > > --- a/hw/i386/intel_iommu_internal.h > > +++ b/hw/i386/intel_iommu_internal.h > > @@ -560,6 +560,13 @@ struct VTDPASIDCacheInfo { > > VTD_PASID_CACHE_DEVSI) typedef > > struct VTDPASIDCacheInfo VTDPASIDCacheInfo; > > > > +struct VTDPIOTLBInvInfo { > > + uint16_t domain_id; > > + uint32_t pasid; > > + DualIOMMUStage1Cache *stage1_cache; }; typedef struct > > +VTDPIOTLBInvInfo VTDPIOTLBInvInfo; > > + > > /* PASID Table Related Definitions */ #define > > VTD_PASID_DIR_BASE_ADDR_MASK (~0xfffULL) #define > > VTD_PASID_TABLE_BASE_ADDR_MASK (~0xfffULL) > > -- > > 2.7.4 > > > > -- > Peter Xu