The invalidate_range() notifier is called for any change to the address
space. Perform the required ATC invalidations.
Signed-off-by: Jean-Philippe Brucker <jean-philippe@xxxxxxxxxx>
---
drivers/iommu/arm-smmu-v3.c | 56 ++++++++++++++++++++++++++++++-------
1 file changed, 46 insertions(+), 10 deletions(-)
diff --git a/drivers/iommu/arm-smmu-v3.c b/drivers/iommu/arm-smmu-v3.c
index 00e5b69bb81a5..c65937d953b5f 100644
--- a/drivers/iommu/arm-smmu-v3.c
+++ b/drivers/iommu/arm-smmu-v3.c
@@ -742,7 +742,7 @@ struct arm_smmu_mmu_notifier {
struct arm_smmu_ctx_desc *cd;
bool cleared;
refcount_t refs;
- struct arm_smmu_domain *domain;
+ struct arm_smmu_domain __rcu *domain;
};
#define mn_to_smmu(mn) container_of(mn, struct arm_smmu_mmu_notifier, mn)
@@ -2396,6 +2396,20 @@ arm_smmu_atc_inv_to_cmd(int ssid, unsigned long iova, size_t size,
size_t inval_grain_shift = 12;
unsigned long page_start, page_end;
+ /*
+ * ATS and PASID:
+ *
+ * If substream_valid is clear, the PCIe TLP is sent without a PASID
+ * prefix. In that case all ATC entries within the address range are
+ * invalidated, including those that were requested with a PASID! There
+ * is no way to invalidate only entries without PASID.
+ *
+ * When using STRTAB_STE_1_S1DSS_SSID0 (reserving CD 0 for non-PASID
+ * traffic), translation requests without PASID create ATC entries
+ * without PASID, which must be invalidated with substream_valid clear.
+ * This has the unpleasant side-effect of invalidating all PASID-tagged
+ * ATC entries within the address range.
+ */
*cmd = (struct arm_smmu_cmdq_ent) {
.opcode = CMDQ_OP_ATC_INV,
.substream_valid = !!ssid,
@@ -2439,12 +2453,12 @@ arm_smmu_atc_inv_to_cmd(int ssid, unsigned long iova, size_t size,
cmd->atc.size = log2_span;
}
-static int arm_smmu_atc_inv_master(struct arm_smmu_master *master)
+static int arm_smmu_atc_inv_master(struct arm_smmu_master *master, int ssid)
{
int i;
struct arm_smmu_cmdq_ent cmd;
- arm_smmu_atc_inv_to_cmd(0, 0, 0, &cmd);
+ arm_smmu_atc_inv_to_cmd(ssid, 0, 0, &cmd);
for (i = 0; i < master->num_sids; i++) {
cmd.atc.sid = master->sids[i];
@@ -2958,7 +2972,7 @@ static void arm_smmu_disable_ats(struct arm_smmu_master *master)
* ATC invalidation via the SMMU.
*/
wmb();
- arm_smmu_atc_inv_master(master);
+ arm_smmu_atc_inv_master(master, 0);
atomic_dec(&smmu_domain->nr_ats_masters);
}
@@ -3187,7 +3201,22 @@ static void arm_smmu_mm_invalidate_range(struct mmu_notifier *mn,
struct mm_struct *mm,
unsigned long start, unsigned long end)
{
- /* TODO: invalidate ATS */
+ struct arm_smmu_mmu_notifier *smmu_mn = mn_to_smmu(mn);
+ struct arm_smmu_domain *smmu_domain;
+
+ rcu_read_lock();
+ smmu_domain = rcu_dereference(smmu_mn->domain);
+ if (smmu_domain) {
+ /*
+ * Ensure that mm->pasid is valid. Pairs with the
+ * smp_store_release() from rcu_assign_pointer() in
+ * __arm_smmu_sva_bind()
+ */
+ smp_rmb();
+ arm_smmu_atc_inv_domain(smmu_domain, mm->pasid, start,
+ end - start + 1);
+ }
+ rcu_read_unlock();
}
static void arm_smmu_mm_release(struct mmu_notifier *mn, struct mm_struct *mm)
@@ -3201,7 +3230,8 @@ static void arm_smmu_mm_release(struct mmu_notifier *mn, struct mm_struct *mm)
return;
}
- smmu_domain = smmu_mn->domain;
+ smmu_domain = rcu_dereference_protected(smmu_mn->domain,
+ lockdep_is_held(&arm_smmu_sva_lock));
/*
* DMA may still be running. Keep the cd valid but disable
@@ -3210,7 +3240,7 @@ static void arm_smmu_mm_release(struct mmu_notifier *mn, struct mm_struct *mm)
arm_smmu_write_ctx_desc(smmu_domain, mm->pasid, &invalid_cd);
arm_smmu_tlb_inv_asid(smmu_domain->smmu, smmu_mn->cd->asid);
- /* TODO: invalidate ATS */
+ arm_smmu_atc_inv_domain(smmu_domain, mm->pasid, 0, 0);
smmu_mn->cleared = true;
mutex_unlock(&arm_smmu_sva_lock);
@@ -3251,7 +3281,8 @@ __arm_smmu_sva_bind(struct device *dev, struct mm_struct *mm)
return ERR_CAST(mn);
smmu_mn = mn_to_smmu(mn);
- if (smmu_mn->domain)
+ if (rcu_dereference_protected(smmu_mn->domain,
+ lockdep_is_held(&arm_smmu_sva_lock)))
refcount_inc(&smmu_mn->refs);
bond = kzalloc(sizeof(*bond), GFP_KERNEL);
@@ -3277,7 +3308,11 @@ __arm_smmu_sva_bind(struct device *dev, struct mm_struct *mm)
bond->sva.dev = dev;
list_add(&bond->list, &master->bonds);
- smmu_mn->domain = smmu_domain;
+ /*
+ * Initialize domain last, since the invalidate() notifier assumes a
+ * valid mm->pasid after fetching a valid domain.
+ */
+ rcu_assign_pointer(smmu_mn->domain, smmu_domain);
return &bond->sva;
err_free_pasid:
@@ -3318,7 +3353,8 @@ static void __arm_smmu_sva_unbind(struct iommu_sva *handle)
if (!smmu_mn->cleared) {
arm_smmu_tlb_inv_asid(smmu_domain->smmu,
smmu_mn->cd->asid);
- /* TODO: invalidate ATS */
+ arm_smmu_atc_inv_domain(smmu_domain, bond->mm->pasid,
+ 0, 0);
}
}
--
2.26.2
