From nobody Sat Apr 27 00:52:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1528791245945344.5898500539339; Tue, 12 Jun 2018 01:14:05 -0700 (PDT) Received: from localhost ([::1]:53714 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fSeRJ-0002mi-3C for importer@patchew.org; Tue, 12 Jun 2018 04:14:05 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47685) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fSeMC-0007J4-VP for qemu-devel@nongnu.org; Tue, 12 Jun 2018 04:08:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fSeMA-0003in-LI for qemu-devel@nongnu.org; Tue, 12 Jun 2018 04:08:48 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:36358 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fSeM0-0003dq-E0; Tue, 12 Jun 2018 04:08:36 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 08C88401EF1C; Tue, 12 Jun 2018 08:08:36 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-116-69.ams2.redhat.com [10.36.116.69]) by smtp.corp.redhat.com (Postfix) with ESMTP id B3D462035721; Tue, 12 Jun 2018 08:08:34 +0000 (UTC) From: Eric Auger To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org, qemu-arm@nongnu.org, peter.maydell@linaro.org, jia.he@hxt-semitech.com, hejianet@gmail.com Date: Tue, 12 Jun 2018 10:08:25 +0200 Message-Id: <1528790908-23441-2-git-send-email-eric.auger@redhat.com> In-Reply-To: <1528790908-23441-1-git-send-email-eric.auger@redhat.com> References: <1528790908-23441-1-git-send-email-eric.auger@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 12 Jun 2018 08:08:36 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 12 Jun 2018 08:08:36 +0000 (UTC) for IP:'10.11.54.6' DOMAIN:'int-mx06.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'eric.auger@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v2 1/4] hw/arm/smmuv3: Fix translate error handling X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Jia He In case the STE's config is "Bypass" we currently don't set the IOMMUTLBEntry perm flags and the access does not succeed. Also if the config is 0b0xx (Aborted/Reserved), decode_ste and smmuv3_decode_config currently returns -EINVAL and we don't enter the expected code path: we record an event whereas we should not. This patch fixes those bugs and simplifies the error handling. decode_ste and smmuv3_decode_config now return 0 if aborted or bypassed config was found. Only bad config info produces negative error values. In smmuv3_translate we more clearly differentiate errors, bypass/smmu disabled, aborted and success cases. Also trace points are differentiated. Fixes: 9bde7f0674fe ("hw/arm/smmuv3: Implement translate callback") Reported-by: jia.he@hxt-semitech.com Signed-off-by: jia.he@hxt-semitech.com Signed-off-by: Eric Auger Reviewed-by: Peter Maydell --- v1 -> v2: - set addr_mask in case of bypass and disabled. Mandated for vhost use case since a411c84b561baa94b28165c52f21c33517ee8f59 "exec: extract address_space_translate_iommu, fix page_mask corner case" --- hw/arm/smmuv3-internal.h | 12 +++++- hw/arm/smmuv3.c | 96 +++++++++++++++++++++++++++++++++-----------= ---- hw/arm/trace-events | 7 ++-- 3 files changed, 80 insertions(+), 35 deletions(-) diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h index a9d714b..bab25d6 100644 --- a/hw/arm/smmuv3-internal.h +++ b/hw/arm/smmuv3-internal.h @@ -23,6 +23,14 @@ =20 #include "hw/arm/smmu-common.h" =20 +typedef enum SMMUTranslationStatus { + SMMU_TRANS_DISABLE, + SMMU_TRANS_ABORT, + SMMU_TRANS_BYPASS, + SMMU_TRANS_ERROR, + SMMU_TRANS_SUCCESS, +} SMMUTranslationStatus; + /* MMIO Registers */ =20 REG32(IDR0, 0x0) @@ -315,7 +323,7 @@ enum { /* Command completion notification */ /* Events */ =20 typedef enum SMMUEventType { - SMMU_EVT_OK =3D 0x00, + SMMU_EVT_NONE =3D 0x00, SMMU_EVT_F_UUT , SMMU_EVT_C_BAD_STREAMID , SMMU_EVT_F_STE_FETCH , @@ -337,7 +345,7 @@ typedef enum SMMUEventType { } SMMUEventType; =20 static const char *event_stringify[] =3D { - [SMMU_EVT_OK] =3D "SMMU_EVT_OK", + [SMMU_EVT_NONE] =3D "no recorded event", [SMMU_EVT_F_UUT] =3D "SMMU_EVT_F_UUT", [SMMU_EVT_C_BAD_STREAMID] =3D "SMMU_EVT_C_BAD_STREAMID", [SMMU_EVT_F_STE_FETCH] =3D "SMMU_EVT_F_STE_FETCH", diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index b3026de..4e7833b 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -23,6 +23,7 @@ #include "hw/qdev-core.h" #include "hw/pci/pci.h" #include "exec/address-spaces.h" +#include "cpu.h" #include "trace.h" #include "qemu/log.h" #include "qemu/error-report.h" @@ -154,7 +155,7 @@ void smmuv3_record_event(SMMUv3State *s, SMMUEventInfo = *info) EVT_SET_SID(&evt, info->sid); =20 switch (info->type) { - case SMMU_EVT_OK: + case SMMU_EVT_NONE: return; case SMMU_EVT_F_UUT: EVT_SET_SSID(&evt, info->u.f_uut.ssid); @@ -312,12 +313,11 @@ static int smmu_get_cd(SMMUv3State *s, STE *ste, uint= 32_t ssid, return 0; } =20 -/* Returns <0 if the caller has no need to continue the translation */ +/* Returns < 0 in case of invalid STE, 0 otherwise */ static int decode_ste(SMMUv3State *s, SMMUTransCfg *cfg, STE *ste, SMMUEventInfo *event) { uint32_t config; - int ret =3D -EINVAL; =20 if (!STE_VALID(ste)) { goto bad_ste; @@ -326,13 +326,13 @@ static int decode_ste(SMMUv3State *s, SMMUTransCfg *c= fg, config =3D STE_CONFIG(ste); =20 if (STE_CFG_ABORT(config)) { - cfg->aborted =3D true; /* abort but don't record any event */ - return ret; + cfg->aborted =3D true; + return 0; } =20 if (STE_CFG_BYPASS(config)) { cfg->bypassed =3D true; - return ret; + return 0; } =20 if (STE_CFG_S2_ENABLED(config)) { @@ -509,7 +509,7 @@ bad_cd: * the different configuration decoding steps * @event: must be zero'ed by the caller * - * return < 0 if the translation needs to be aborted (@event is filled + * return < 0 in case of config decoding error (@event is filled * accordingly). Return 0 otherwise. */ static int smmuv3_decode_config(IOMMUMemoryRegion *mr, SMMUTransCfg *cfg, @@ -518,19 +518,26 @@ static int smmuv3_decode_config(IOMMUMemoryRegion *mr= , SMMUTransCfg *cfg, SMMUDevice *sdev =3D container_of(mr, SMMUDevice, iommu); uint32_t sid =3D smmu_get_sid(sdev); SMMUv3State *s =3D sdev->smmu; - int ret =3D -EINVAL; + int ret; STE ste; CD cd; =20 - if (smmu_find_ste(s, sid, &ste, event)) { + ret =3D smmu_find_ste(s, sid, &ste, event); + if (ret) { return ret; } =20 - if (decode_ste(s, cfg, &ste, event)) { + ret =3D decode_ste(s, cfg, &ste, event); + if (ret) { return ret; } =20 - if (smmu_get_cd(s, &ste, 0 /* ssid */, &cd, event)) { + if (cfg->aborted || cfg->bypassed) { + return 0; + } + + ret =3D smmu_get_cd(s, &ste, 0 /* ssid */, &cd, event); + if (ret) { return ret; } =20 @@ -543,8 +550,9 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion= *mr, hwaddr addr, SMMUDevice *sdev =3D container_of(mr, SMMUDevice, iommu); SMMUv3State *s =3D sdev->smmu; uint32_t sid =3D smmu_get_sid(sdev); - SMMUEventInfo event =3D {.type =3D SMMU_EVT_OK, .sid =3D sid}; + SMMUEventInfo event =3D {.type =3D SMMU_EVT_NONE, .sid =3D sid}; SMMUPTWEventInfo ptw_info =3D {}; + SMMUTranslationStatus status; SMMUTransCfg cfg =3D {}; IOMMUTLBEntry entry =3D { .target_as =3D &address_space_memory, @@ -553,23 +561,28 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegi= on *mr, hwaddr addr, .addr_mask =3D ~(hwaddr)0, .perm =3D IOMMU_NONE, }; - int ret =3D 0; =20 if (!smmu_enabled(s)) { - goto out; + status =3D SMMU_TRANS_DISABLE; + goto epilogue; } =20 - ret =3D smmuv3_decode_config(mr, &cfg, &event); - if (ret) { - goto out; + if (smmuv3_decode_config(mr, &cfg, &event)) { + status =3D SMMU_TRANS_ERROR; + goto epilogue; } =20 if (cfg.aborted) { - goto out; + status =3D SMMU_TRANS_ABORT; + goto epilogue; } =20 - ret =3D smmu_ptw(&cfg, addr, flag, &entry, &ptw_info); - if (ret) { + if (cfg.bypassed) { + status =3D SMMU_TRANS_BYPASS; + goto epilogue; + } + + if (smmu_ptw(&cfg, addr, flag, &entry, &ptw_info)) { switch (ptw_info.type) { case SMMU_PTW_ERR_WALK_EABT: event.type =3D SMMU_EVT_F_WALK_EABT; @@ -609,18 +622,41 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegi= on *mr, hwaddr addr, default: g_assert_not_reached(); } + status =3D SMMU_TRANS_ERROR; + } else { + status =3D SMMU_TRANS_SUCCESS; } -out: - if (ret) { - qemu_log_mask(LOG_GUEST_ERROR, - "%s translation failed for iova=3D0x%"PRIx64"(%d)\n", - mr->parent_obj.name, addr, ret); - entry.perm =3D IOMMU_NONE; - smmuv3_record_event(s, &event); - } else if (!cfg.aborted) { + +epilogue: + switch (status) { + case SMMU_TRANS_SUCCESS: entry.perm =3D flag; - trace_smmuv3_translate(mr->parent_obj.name, sid, addr, - entry.translated_addr, entry.perm); + trace_smmuv3_translate_success(mr->parent_obj.name, sid, addr, + entry.translated_addr, entry.perm); + break; + case SMMU_TRANS_DISABLE: + entry.perm =3D flag; + entry.addr_mask =3D ~TARGET_PAGE_MASK; + trace_smmuv3_translate_disable(mr->parent_obj.name, sid, addr, + entry.perm); + break; + case SMMU_TRANS_BYPASS: + entry.perm =3D flag; + entry.addr_mask =3D ~TARGET_PAGE_MASK; + trace_smmuv3_translate_bypass(mr->parent_obj.name, sid, addr, + entry.perm); + break; + case SMMU_TRANS_ABORT: + /* no event is recorded on abort */ + trace_smmuv3_translate_abort(mr->parent_obj.name, sid, addr, + entry.perm); + break; + case SMMU_TRANS_ERROR: + qemu_log_mask(LOG_GUEST_ERROR, + "%s translation failed for iova=3D0x%"PRIx64"(%s)\n", + mr->parent_obj.name, addr, smmu_event_string(event.t= ype)); + smmuv3_record_event(s, &event); + break; } =20 return entry; diff --git a/hw/arm/trace-events b/hw/arm/trace-events index 2d92727..0ab66bb 100644 --- a/hw/arm/trace-events +++ b/hw/arm/trace-events @@ -33,9 +33,10 @@ smmuv3_record_event(const char *type, uint32_t sid) "%s = sid=3D%d" smmuv3_find_ste(uint16_t sid, uint32_t features, uint16_t sid_split) "SID:= 0x%x features:0x%x, sid_split:0x%x" smmuv3_find_ste_2lvl(uint64_t strtab_base, uint64_t l1ptr, int l1_ste_offs= et, uint64_t l2ptr, int l2_ste_offset, int max_l2_ste) "strtab_base:0x%"PRI= x64" l1ptr:0x%"PRIx64" l1_off:0x%x, l2ptr:0x%"PRIx64" l2_off:0x%x max_l2_st= e:%d" smmuv3_get_ste(uint64_t addr) "STE addr: 0x%"PRIx64 -smmuv3_translate_bypass(const char *n, uint16_t sid, uint64_t addr, bool i= s_write) "%s sid=3D%d bypass iova:0x%"PRIx64" is_write=3D%d" -smmuv3_translate_in(uint16_t sid, int pci_bus_num, uint64_t strtab_base) "= SID:0x%x bus:%d strtab_base:0x%"PRIx64 +smmuv3_translate_disable(const char *n, uint16_t sid, uint64_t addr, bool = is_write) "%s sid=3D%d bypass (smmu disabled) iova:0x%"PRIx64" is_write=3D%= d" +smmuv3_translate_bypass(const char *n, uint16_t sid, uint64_t addr, bool i= s_write) "%s sid=3D%d STE bypass iova:0x%"PRIx64" is_write=3D%d" +smmuv3_translate_abort(const char *n, uint16_t sid, uint64_t addr, bool is= _write) "%s sid=3D%d abort on iova:0x%"PRIx64" is_write=3D%d" +smmuv3_translate_success(const char *n, uint16_t sid, uint64_t iova, uint6= 4_t translated, int perm) "%s sid=3D%d iova=3D0x%"PRIx64" translated=3D0x%"= PRIx64" perm=3D0x%x" smmuv3_get_cd(uint64_t addr) "CD addr: 0x%"PRIx64 -smmuv3_translate(const char *n, uint16_t sid, uint64_t iova, uint64_t tran= slated, int perm) "%s sid=3D%d iova=3D0x%"PRIx64" translated=3D0x%"PRIx64" = perm=3D0x%x" smmuv3_decode_cd(uint32_t oas) "oas=3D%d" smmuv3_decode_cd_tt(int i, uint32_t tsz, uint64_t ttb, uint32_t granule_sz= ) "TT[%d]:tsz:%d ttb:0x%"PRIx64" granule_sz:%d" --=20 2.5.5 From nobody Sat Apr 27 00:52:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1528791211394850.2138905549795; Tue, 12 Jun 2018 01:13:31 -0700 (PDT) Received: from localhost ([::1]:53712 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fSeQf-0002Lc-0X for importer@patchew.org; Tue, 12 Jun 2018 04:13:25 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47641) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fSeM8-0007Dv-PQ for qemu-devel@nongnu.org; Tue, 12 Jun 2018 04:08:48 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fSeM5-0003gn-V8 for qemu-devel@nongnu.org; Tue, 12 Jun 2018 04:08:44 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:33350 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fSeM1-0003eK-Ps; Tue, 12 Jun 2018 04:08:37 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6D93A818BAED; Tue, 12 Jun 2018 08:08:37 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-116-69.ams2.redhat.com [10.36.116.69]) by smtp.corp.redhat.com (Postfix) with ESMTP id 42EA62035721; Tue, 12 Jun 2018 08:08:36 +0000 (UTC) From: Eric Auger To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org, qemu-arm@nongnu.org, peter.maydell@linaro.org, jia.he@hxt-semitech.com, hejianet@gmail.com Date: Tue, 12 Jun 2018 10:08:26 +0200 Message-Id: <1528790908-23441-3-git-send-email-eric.auger@redhat.com> In-Reply-To: <1528790908-23441-1-git-send-email-eric.auger@redhat.com> References: <1528790908-23441-1-git-send-email-eric.auger@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Tue, 12 Jun 2018 08:08:37 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.8]); Tue, 12 Jun 2018 08:08:37 +0000 (UTC) for IP:'10.11.54.6' DOMAIN:'int-mx06.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'eric.auger@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v2 2/4] hw/arm/smmuv3: Cache/invalidate config data X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Let's cache config data to avoid fetching and parsing STE/CD structures on each translation. We invalidate them on data structure invalidation commands. We put in place a per-smmu mutex to protect the config cache. This will be useful too to protect the IOTLB cache. The caches can be accessed without BQL, ie. in IO dataplane. The same kind of mutex was put in place in the intel viommu. Signed-off-by: Eric Auger Reviewed-by: Peter Maydell --- v1 -> v2: - restore mutex v1: - only insert the new config if decode_cfg succeeds - use smmu_get_sid for trace_* and store hits/misses in the SMMUDevice - s/smmuv3_put_config/smmuv3_flush_config - document smmuv3_get_config - removing the mutex as BQL does the job --- hw/arm/smmu-common.c | 24 +++++++- hw/arm/smmuv3.c | 135 +++++++++++++++++++++++++++++++++++++++= ++-- hw/arm/trace-events | 6 ++ include/hw/arm/smmu-common.h | 5 ++ include/hw/arm/smmuv3.h | 1 + 5 files changed, 164 insertions(+), 7 deletions(-) diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c index 01c7be8..264e096 100644 --- a/hw/arm/smmu-common.c +++ b/hw/arm/smmu-common.c @@ -310,6 +310,24 @@ static AddressSpace *smmu_find_add_as(PCIBus *bus, voi= d *opaque, int devfn) return &sdev->as; } =20 +IOMMUMemoryRegion *smmu_iommu_mr(SMMUState *s, uint32_t sid) +{ + uint8_t bus_n, devfn; + SMMUPciBus *smmu_bus; + SMMUDevice *smmu; + + bus_n =3D PCI_BUS_NUM(sid); + smmu_bus =3D smmu_find_smmu_pcibus(s, bus_n); + if (smmu_bus) { + devfn =3D sid & 0x7; + smmu =3D smmu_bus->pbdev[devfn]; + if (smmu) { + return &smmu->iommu; + } + } + return NULL; +} + static void smmu_base_realize(DeviceState *dev, Error **errp) { SMMUState *s =3D ARM_SMMU(dev); @@ -321,7 +339,7 @@ static void smmu_base_realize(DeviceState *dev, Error *= *errp) error_propagate(errp, local_err); return; } - + s->configs =3D g_hash_table_new_full(NULL, NULL, NULL, g_free); s->smmu_pcibus_by_busptr =3D g_hash_table_new(NULL, NULL); =20 if (s->primary_bus) { @@ -333,7 +351,9 @@ static void smmu_base_realize(DeviceState *dev, Error *= *errp) =20 static void smmu_base_reset(DeviceState *dev) { - /* will be filled later on */ + SMMUState *s =3D ARM_SMMU(dev); + + g_hash_table_remove_all(s->configs); } =20 static Property smmu_dev_properties[] =3D { diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index 4e7833b..4c41f51 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -544,6 +544,58 @@ static int smmuv3_decode_config(IOMMUMemoryRegion *mr,= SMMUTransCfg *cfg, return decode_cd(cfg, &cd, event); } =20 +/** + * smmuv3_get_config - Look up for a cached copy of configuration data for + * @sdev and on cache miss performs a configuration structure decoding from + * guest RAM. + * + * @sdev: SMMUDevice handle + * @event: output event info + * + * The configuration cache contains data resulting from both STE and CD + * decoding under the form of an SMMUTransCfg struct. The hash table is in= dexed + * by the SMMUDevice handle. + */ +static SMMUTransCfg *smmuv3_get_config(SMMUDevice *sdev, SMMUEventInfo *ev= ent) +{ + SMMUv3State *s =3D sdev->smmu; + SMMUState *bc =3D &s->smmu_state; + SMMUTransCfg *cfg; + + cfg =3D g_hash_table_lookup(bc->configs, sdev); + if (cfg) { + sdev->cfg_cache_hits +=3D 1; + trace_smmuv3_config_cache_hit(smmu_get_sid(sdev), + sdev->cfg_cache_hits, sdev->cfg_cache_misses, + 100 * sdev->cfg_cache_hits / + (sdev->cfg_cache_hits + sdev->cfg_cache_misses= )); + } else { + sdev->cfg_cache_misses +=3D 1; + trace_smmuv3_config_cache_miss(smmu_get_sid(sdev), + sdev->cfg_cache_hits, sdev->cfg_cache_misses, + 100 * sdev->cfg_cache_hits / + (sdev->cfg_cache_hits + sdev->cfg_cache_misses= )); + cfg =3D g_new0(SMMUTransCfg, 1); + + if (!smmuv3_decode_config(&sdev->iommu, cfg, event)) { + g_hash_table_insert(bc->configs, sdev, cfg); + } else { + g_free(cfg); + cfg =3D NULL; + } + } + return cfg; +} + +static void smmuv3_flush_config(SMMUDevice *sdev) +{ + SMMUv3State *s =3D sdev->smmu; + SMMUState *bc =3D &s->smmu_state; + + trace_smmuv3_config_cache_inv(smmu_get_sid(sdev)); + g_hash_table_remove(bc->configs, sdev); +} + static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion *mr, hwaddr addr, IOMMUAccessFlags flag) { @@ -553,7 +605,7 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion= *mr, hwaddr addr, SMMUEventInfo event =3D {.type =3D SMMU_EVT_NONE, .sid =3D sid}; SMMUPTWEventInfo ptw_info =3D {}; SMMUTranslationStatus status; - SMMUTransCfg cfg =3D {}; + SMMUTransCfg *cfg =3D NULL; IOMMUTLBEntry entry =3D { .target_as =3D &address_space_memory, .iova =3D addr, @@ -562,27 +614,30 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegi= on *mr, hwaddr addr, .perm =3D IOMMU_NONE, }; =20 + qemu_mutex_lock(&s->mutex); + if (!smmu_enabled(s)) { status =3D SMMU_TRANS_DISABLE; goto epilogue; } =20 - if (smmuv3_decode_config(mr, &cfg, &event)) { + cfg =3D smmuv3_get_config(sdev, &event); + if (!cfg) { status =3D SMMU_TRANS_ERROR; goto epilogue; } =20 - if (cfg.aborted) { + if (cfg->aborted) { status =3D SMMU_TRANS_ABORT; goto epilogue; } =20 - if (cfg.bypassed) { + if (cfg->bypassed) { status =3D SMMU_TRANS_BYPASS; goto epilogue; } =20 - if (smmu_ptw(&cfg, addr, flag, &entry, &ptw_info)) { + if (smmu_ptw(cfg, addr, flag, &entry, &ptw_info)) { switch (ptw_info.type) { case SMMU_PTW_ERR_WALK_EABT: event.type =3D SMMU_EVT_F_WALK_EABT; @@ -628,6 +683,7 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion= *mr, hwaddr addr, } =20 epilogue: + qemu_mutex_unlock(&s->mutex); switch (status) { case SMMU_TRANS_SUCCESS: entry.perm =3D flag; @@ -664,6 +720,7 @@ epilogue: =20 static int smmuv3_cmdq_consume(SMMUv3State *s) { + SMMUState *bs =3D ARM_SMMU(s); SMMUCmdError cmd_error =3D SMMU_CERROR_NONE; SMMUQueue *q =3D &s->cmdq; SMMUCommandType type =3D 0; @@ -698,6 +755,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) =20 trace_smmuv3_cmdq_opcode(smmu_cmd_string(type)); =20 + qemu_mutex_lock(&s->mutex); switch (type) { case SMMU_CMD_SYNC: if (CMD_SYNC_CS(&cmd) & CMD_SYNC_SIG_IRQ) { @@ -706,10 +764,74 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) break; case SMMU_CMD_PREFETCH_CONFIG: case SMMU_CMD_PREFETCH_ADDR: + break; case SMMU_CMD_CFGI_STE: + { + uint32_t sid =3D CMD_SID(&cmd); + IOMMUMemoryRegion *mr =3D smmu_iommu_mr(bs, sid); + SMMUDevice *sdev; + + if (CMD_SSEC(&cmd)) { + cmd_error =3D SMMU_CERROR_ILL; + break; + } + + if (!mr) { + break; + } + + trace_smmuv3_cmdq_cfgi_ste(sid); + sdev =3D container_of(mr, SMMUDevice, iommu); + smmuv3_flush_config(sdev); + + break; + } case SMMU_CMD_CFGI_STE_RANGE: /* same as SMMU_CMD_CFGI_ALL */ + { + uint32_t start =3D CMD_SID(&cmd), end, i; + uint8_t range =3D CMD_STE_RANGE(&cmd); + + if (CMD_SSEC(&cmd)) { + cmd_error =3D SMMU_CERROR_ILL; + break; + } + + end =3D start + (1 << (range + 1)) - 1; + trace_smmuv3_cmdq_cfgi_ste_range(start, end); + + for (i =3D start; i <=3D end; i++) { + IOMMUMemoryRegion *mr =3D smmu_iommu_mr(bs, i); + SMMUDevice *sdev; + + if (!mr) { + continue; + } + sdev =3D container_of(mr, SMMUDevice, iommu); + smmuv3_flush_config(sdev); + } + break; + } case SMMU_CMD_CFGI_CD: case SMMU_CMD_CFGI_CD_ALL: + { + uint32_t sid =3D CMD_SID(&cmd); + IOMMUMemoryRegion *mr =3D smmu_iommu_mr(bs, sid); + SMMUDevice *sdev; + + if (CMD_SSEC(&cmd)) { + cmd_error =3D SMMU_CERROR_ILL; + break; + } + + if (!mr) { + break; + } + + trace_smmuv3_cmdq_cfgi_cd(sid); + sdev =3D container_of(mr, SMMUDevice, iommu); + smmuv3_flush_config(sdev); + break; + } case SMMU_CMD_TLBI_NH_ALL: case SMMU_CMD_TLBI_NH_ASID: case SMMU_CMD_TLBI_NH_VA: @@ -735,6 +857,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) "Illegal command type: %d\n", CMD_TYPE(&cmd)); break; } + qemu_mutex_unlock(&s->mutex); if (cmd_error) { break; } @@ -1114,6 +1237,8 @@ static void smmu_realize(DeviceState *d, Error **errp) return; } =20 + qemu_mutex_init(&s->mutex); + memory_region_init_io(&sys->iomem, OBJECT(s), &smmu_mem_ops, sys, TYPE_ARM_SMMUV3, 0x20000); =20 diff --git a/hw/arm/trace-events b/hw/arm/trace-events index 0ab66bb..5bddfeb 100644 --- a/hw/arm/trace-events +++ b/hw/arm/trace-events @@ -40,3 +40,9 @@ smmuv3_translate_success(const char *n, uint16_t sid, uin= t64_t iova, uint64_t tr smmuv3_get_cd(uint64_t addr) "CD addr: 0x%"PRIx64 smmuv3_decode_cd(uint32_t oas) "oas=3D%d" smmuv3_decode_cd_tt(int i, uint32_t tsz, uint64_t ttb, uint32_t granule_sz= ) "TT[%d]:tsz:%d ttb:0x%"PRIx64" granule_sz:%d" +smmuv3_cmdq_cfgi_ste(int streamid) " |_ streamid =3D%d" +smmuv3_cmdq_cfgi_ste_range(int start, int end) " |_ start=3D0x%d - end= =3D0x%d" +smmuv3_cmdq_cfgi_cd(uint32_t sid) " |_ streamid =3D %d" +smmuv3_config_cache_hit(uint32_t sid, uint32_t hits, uint32_t misses, floa= t perc) "Config cache HIT for sid %d (hits=3D%d, misses=3D%d, hit rate=3D%.= 1f)" +smmuv3_config_cache_miss(uint32_t sid, uint32_t hits, uint32_t misses, flo= at perc) "Config cache MISS for sid %d (hits=3D%d, misses=3D%d, hit rate=3D= %.1f)" +smmuv3_config_cache_inv(uint32_t sid) "Config cache INV for sid %d" diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h index c41eb5c3..7ce95ca 100644 --- a/include/hw/arm/smmu-common.h +++ b/include/hw/arm/smmu-common.h @@ -75,6 +75,8 @@ typedef struct SMMUDevice { int devfn; IOMMUMemoryRegion iommu; AddressSpace as; + uint32_t cfg_cache_hits; + uint32_t cfg_cache_misses; } SMMUDevice; =20 typedef struct SMMUNotifierNode { @@ -142,4 +144,7 @@ int smmu_ptw(SMMUTransCfg *cfg, dma_addr_t iova, IOMMUA= ccessFlags perm, */ SMMUTransTableInfo *select_tt(SMMUTransCfg *cfg, dma_addr_t iova); =20 +/* Return the iommu mr associated to @sid, or NULL if none */ +IOMMUMemoryRegion *smmu_iommu_mr(SMMUState *s, uint32_t sid); + #endif /* HW_ARM_SMMU_COMMON */ diff --git a/include/hw/arm/smmuv3.h b/include/hw/arm/smmuv3.h index 23f7036..36b2f45 100644 --- a/include/hw/arm/smmuv3.h +++ b/include/hw/arm/smmuv3.h @@ -59,6 +59,7 @@ typedef struct SMMUv3State { SMMUQueue eventq, cmdq; =20 qemu_irq irq[4]; + QemuMutex mutex; } SMMUv3State; =20 typedef enum { --=20 2.5.5 From nobody Sat Apr 27 00:52:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1528791271319635.7964045999772; Tue, 12 Jun 2018 01:14:31 -0700 (PDT) Received: from localhost ([::1]:53715 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fSeRd-00034Z-E1 for importer@patchew.org; Tue, 12 Jun 2018 04:14:25 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47683) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fSeMC-0007J0-Uf for qemu-devel@nongnu.org; Tue, 12 Jun 2018 04:08:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fSeMA-0003iX-7W for qemu-devel@nongnu.org; Tue, 12 Jun 2018 04:08:48 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:36368 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fSeM3-0003ew-JN; Tue, 12 Jun 2018 04:08:39 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 375F5401EF22; Tue, 12 Jun 2018 08:08:39 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-116-69.ams2.redhat.com [10.36.116.69]) by smtp.corp.redhat.com (Postfix) with ESMTP id A6A852035721; Tue, 12 Jun 2018 08:08:37 +0000 (UTC) From: Eric Auger To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org, qemu-arm@nongnu.org, peter.maydell@linaro.org, jia.he@hxt-semitech.com, hejianet@gmail.com Date: Tue, 12 Jun 2018 10:08:27 +0200 Message-Id: <1528790908-23441-4-git-send-email-eric.auger@redhat.com> In-Reply-To: <1528790908-23441-1-git-send-email-eric.auger@redhat.com> References: <1528790908-23441-1-git-send-email-eric.auger@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 12 Jun 2018 08:08:39 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 12 Jun 2018 08:08:39 +0000 (UTC) for IP:'10.11.54.6' DOMAIN:'int-mx06.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'eric.auger@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v2 3/4] hw/arm/smmuv3: IOTLB emulation X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" We emulate a TLB cache of size SMMU_IOTLB_MAX_SIZE=3D256. It is implemented as a hash table whose key is a combination of the 16b asid and 48b IOVA (Jenkins hash). Entries are invalidated on TLB invalidation commands, either globally, or per asid, or per asid/iova. Signed-off-by: Eric Auger --- v1 -> v2: - add comment about Jenkins Hash - remove init of iotlb_hits, misses v1: - Add new trace point when smmu is bypassed - s/iotlb_miss/iotlb_misses, s/iotlb_hit/iotlb_hits - use SMMUIOTLBKey as a key Credit to Tomasz Nowicki who did the first implementation of this IOTLB implementation, inspired of intel_iommu implementation. --- hw/arm/smmu-common.c | 60 +++++++++++++++++++++++++++ hw/arm/smmuv3.c | 98 ++++++++++++++++++++++++++++++++++++++++= ++-- hw/arm/trace-events | 9 ++++ include/hw/arm/smmu-common.h | 13 ++++++ 4 files changed, 176 insertions(+), 4 deletions(-) diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c index 264e096..16cd33a 100644 --- a/hw/arm/smmu-common.c +++ b/hw/arm/smmu-common.c @@ -24,11 +24,43 @@ #include "qom/cpu.h" #include "hw/qdev-properties.h" #include "qapi/error.h" +#include "qemu/jhash.h" =20 #include "qemu/error-report.h" #include "hw/arm/smmu-common.h" #include "smmu-internal.h" =20 +/* IOTLB Management */ + +inline void smmu_iotlb_inv_all(SMMUState *s) +{ + trace_smmu_iotlb_inv_all(); + g_hash_table_remove_all(s->iotlb); +} + +static gboolean smmu_hash_remove_by_asid(gpointer key, gpointer value, + gpointer user_data) +{ + uint16_t asid =3D *(uint16_t *)user_data; + SMMUIOTLBKey *iotlb_key =3D (SMMUIOTLBKey *)key; + + return iotlb_key->asid =3D=3D asid; +} + +inline void smmu_iotlb_inv_iova(SMMUState *s, uint16_t asid, dma_addr_t io= va) +{ + SMMUIOTLBKey key =3D {.asid =3D asid, .iova =3D iova}; + + trace_smmu_iotlb_inv_iova(asid, iova); + g_hash_table_remove(s->iotlb, &key); +} + +inline void smmu_iotlb_inv_asid(SMMUState *s, uint16_t asid) +{ + trace_smmu_iotlb_inv_asid(asid); + g_hash_table_foreach_remove(s->iotlb, smmu_hash_remove_by_asid, &asid); +} + /* VMSAv8-64 Translation */ =20 /** @@ -328,6 +360,31 @@ IOMMUMemoryRegion *smmu_iommu_mr(SMMUState *s, uint32_= t sid) return NULL; } =20 +static guint smmu_iotlb_key_hash(gconstpointer v) +{ + SMMUIOTLBKey *key =3D (SMMUIOTLBKey *)v; + uint32_t a, b, c; + + /* Henkins hash */ + a =3D b =3D c =3D JHASH_INITVAL + sizeof(*key); + a +=3D key->asid; + b +=3D extract64(key->iova, 0, 32); + c +=3D extract64(key->iova, 32, 32); + + __jhash_mix(a, b, c); + __jhash_final(a, b, c); + + return c; +} + +static gboolean smmu_iotlb_key_equal(gconstpointer v1, gconstpointer v2) +{ + SMMUIOTLBKey *k1 =3D (SMMUIOTLBKey *)v1; + SMMUIOTLBKey *k2 =3D (SMMUIOTLBKey *)v2; + + return (k1->asid =3D=3D k2->asid) && (k1->iova =3D=3D k2->iova); +} + static void smmu_base_realize(DeviceState *dev, Error **errp) { SMMUState *s =3D ARM_SMMU(dev); @@ -340,6 +397,8 @@ static void smmu_base_realize(DeviceState *dev, Error *= *errp) return; } s->configs =3D g_hash_table_new_full(NULL, NULL, NULL, g_free); + s->iotlb =3D g_hash_table_new_full(smmu_iotlb_key_hash, smmu_iotlb_key= _equal, + g_free, g_free); s->smmu_pcibus_by_busptr =3D g_hash_table_new(NULL, NULL); =20 if (s->primary_bus) { @@ -354,6 +413,7 @@ static void smmu_base_reset(DeviceState *dev) SMMUState *s =3D ARM_SMMU(dev); =20 g_hash_table_remove_all(s->configs); + g_hash_table_remove_all(s->iotlb); } =20 static Property smmu_dev_properties[] =3D { diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index 4c41f51..cc21f4c 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -605,6 +605,10 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegio= n *mr, hwaddr addr, SMMUEventInfo event =3D {.type =3D SMMU_EVT_NONE, .sid =3D sid}; SMMUPTWEventInfo ptw_info =3D {}; SMMUTranslationStatus status; + SMMUState *bs =3D ARM_SMMU(s); + uint64_t page_mask, aligned_addr; + IOMMUTLBEntry *cached_entry =3D NULL; + SMMUTransTableInfo *tt; SMMUTransCfg *cfg =3D NULL; IOMMUTLBEntry entry =3D { .target_as =3D &address_space_memory, @@ -613,6 +617,7 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion= *mr, hwaddr addr, .addr_mask =3D ~(hwaddr)0, .perm =3D IOMMU_NONE, }; + SMMUIOTLBKey key, *new_key; =20 qemu_mutex_lock(&s->mutex); =20 @@ -637,7 +642,57 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegio= n *mr, hwaddr addr, goto epilogue; } =20 - if (smmu_ptw(cfg, addr, flag, &entry, &ptw_info)) { + tt =3D select_tt(cfg, addr); + if (!tt) { + if (event.record_trans_faults) { + event.type =3D SMMU_EVT_F_TRANSLATION; + event.u.f_translation.addr =3D addr; + event.u.f_translation.rnw =3D flag & 0x1; + } + status =3D SMMU_TRANS_ERROR; + goto epilogue; + } + + page_mask =3D (1ULL << (tt->granule_sz)) - 1; + aligned_addr =3D addr & ~page_mask; + + key.asid =3D cfg->asid; + key.iova =3D aligned_addr; + + cached_entry =3D g_hash_table_lookup(bs->iotlb, &key); + if (cached_entry) { + cfg->iotlb_hits +=3D 1; + trace_smmu_iotlb_cache_hit(cfg->asid, aligned_addr, + cfg->iotlb_hits, cfg->iotlb_misses, + 100 * cfg->iotlb_hits / + (cfg->iotlb_hits + cfg->iotlb_misses)); + if ((flag & IOMMU_WO) && !(cached_entry->perm & IOMMU_WO)) { + status =3D SMMU_TRANS_ERROR; + if (event.record_trans_faults) { + event.type =3D SMMU_EVT_F_PERMISSION; + event.u.f_permission.addr =3D addr; + event.u.f_permission.rnw =3D flag & 0x1; + } + } else { + status =3D SMMU_TRANS_SUCCESS; + } + goto epilogue; + } + + cfg->iotlb_misses +=3D 1; + trace_smmu_iotlb_cache_miss(cfg->asid, addr & ~page_mask, + cfg->iotlb_hits, cfg->iotlb_misses, + 100 * cfg->iotlb_hits / + (cfg->iotlb_hits + cfg->iotlb_misses)); + + if (g_hash_table_size(bs->iotlb) >=3D SMMU_IOTLB_MAX_SIZE) { + smmu_iotlb_inv_all(bs); + } + + cached_entry =3D g_new0(IOMMUTLBEntry, 1); + + if (smmu_ptw(cfg, aligned_addr, flag, cached_entry, &ptw_info)) { + g_free(cached_entry); switch (ptw_info.type) { case SMMU_PTW_ERR_WALK_EABT: event.type =3D SMMU_EVT_F_WALK_EABT; @@ -679,6 +734,10 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegio= n *mr, hwaddr addr, } status =3D SMMU_TRANS_ERROR; } else { + new_key =3D g_new0(SMMUIOTLBKey, 1); + new_key->asid =3D cfg->asid; + new_key->iova =3D aligned_addr; + g_hash_table_insert(bs->iotlb, new_key, cached_entry); status =3D SMMU_TRANS_SUCCESS; } =20 @@ -687,6 +746,9 @@ epilogue: switch (status) { case SMMU_TRANS_SUCCESS: entry.perm =3D flag; + entry.translated_addr =3D cached_entry->translated_addr + + (addr & page_mask); + entry.addr_mask =3D cached_entry->addr_mask; trace_smmuv3_translate_success(mr->parent_obj.name, sid, addr, entry.translated_addr, entry.perm); break; @@ -832,10 +894,39 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) smmuv3_flush_config(sdev); break; } - case SMMU_CMD_TLBI_NH_ALL: case SMMU_CMD_TLBI_NH_ASID: - case SMMU_CMD_TLBI_NH_VA: + { + uint16_t asid =3D CMD_ASID(&cmd); + + trace_smmuv3_cmdq_tlbi_nh_asid(asid); + smmu_iotlb_inv_asid(bs, asid); + break; + } + case SMMU_CMD_TLBI_NH_ALL: + case SMMU_CMD_TLBI_NSNH_ALL: + trace_smmuv3_cmdq_tlbi_nh(); + smmu_iotlb_inv_all(bs); + break; case SMMU_CMD_TLBI_NH_VAA: + { + dma_addr_t addr =3D CMD_ADDR(&cmd); + uint16_t vmid =3D CMD_VMID(&cmd); + + trace_smmuv3_cmdq_tlbi_nh_vaa(vmid, addr); + smmu_iotlb_inv_all(bs); + break; + } + case SMMU_CMD_TLBI_NH_VA: + { + uint16_t asid =3D CMD_ASID(&cmd); + uint16_t vmid =3D CMD_VMID(&cmd); + dma_addr_t addr =3D CMD_ADDR(&cmd); + bool leaf =3D CMD_LEAF(&cmd); + + trace_smmuv3_cmdq_tlbi_nh_va(vmid, asid, addr, leaf); + smmu_iotlb_inv_iova(bs, asid, addr); + break; + } case SMMU_CMD_TLBI_EL3_ALL: case SMMU_CMD_TLBI_EL3_VA: case SMMU_CMD_TLBI_EL2_ALL: @@ -844,7 +935,6 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) case SMMU_CMD_TLBI_EL2_VAA: case SMMU_CMD_TLBI_S12_VMALL: case SMMU_CMD_TLBI_S2_IPA: - case SMMU_CMD_TLBI_NSNH_ALL: case SMMU_CMD_ATC_INV: case SMMU_CMD_PRI_RESP: case SMMU_CMD_RESUME: diff --git a/hw/arm/trace-events b/hw/arm/trace-events index 5bddfeb..8ad900c 100644 --- a/hw/arm/trace-events +++ b/hw/arm/trace-events @@ -12,6 +12,11 @@ smmu_ptw_invalid_pte(int stage, int level, uint64_t base= addr, uint64_t pteaddr, smmu_ptw_page_pte(int stage, int level, uint64_t iova, uint64_t baseaddr,= uint64_t pteaddr, uint64_t pte, uint64_t address) "stage=3D%d level=3D%d i= ova=3D0x%"PRIx64" base@=3D0x%"PRIx64" pte@=3D0x%"PRIx64" pte=3D0x%"PRIx64" = page address =3D 0x%"PRIx64 smmu_ptw_block_pte(int stage, int level, uint64_t baseaddr, uint64_t ptead= dr, uint64_t pte, uint64_t iova, uint64_t gpa, int bsize_mb) "stage=3D%d le= vel=3D%d base@=3D0x%"PRIx64" pte@=3D0x%"PRIx64" pte=3D0x%"PRIx64" iova=3D0x= %"PRIx64" block address =3D 0x%"PRIx64" block size =3D %d MiB" smmu_get_pte(uint64_t baseaddr, int index, uint64_t pteaddr, uint64_t pte)= "baseaddr=3D0x%"PRIx64" index=3D0x%x, pteaddr=3D0x%"PRIx64", pte=3D0x%"PRI= x64 +smmu_iotlb_cache_hit(uint16_t asid, uint64_t addr, uint32_t hit, uint32_t = miss, float p) "IOTLB cache HIT asid=3D%d addr=3D0x%"PRIx64" hit=3D%d miss= =3D%d hit rate=3D%.1f" +smmu_iotlb_cache_miss(uint16_t asid, uint64_t addr, uint32_t hit, uint32_t= miss, float p) "IOTLB cache MISS asid=3D%d addr=3D0x%"PRIx64" hit=3D%d mis= s=3D%d hit rate=3D%.1f" +smmu_iotlb_inv_all(void) "IOTLB invalidate all" +smmu_iotlb_inv_asid(uint16_t asid) "IOTLB invalidate asid=3D%d" +smmu_iotlb_inv_iova(uint16_t asid, uint64_t addr) "IOTLB invalidate asid= =3D%d addr=3D0x%"PRIx64 =20 #hw/arm/smmuv3.c smmuv3_read_mmio(uint64_t addr, uint64_t val, unsigned size, uint32_t r) "= addr: 0x%"PRIx64" val:0x%"PRIx64" size: 0x%x(%d)" @@ -42,6 +47,10 @@ smmuv3_decode_cd(uint32_t oas) "oas=3D%d" smmuv3_decode_cd_tt(int i, uint32_t tsz, uint64_t ttb, uint32_t granule_sz= ) "TT[%d]:tsz:%d ttb:0x%"PRIx64" granule_sz:%d" smmuv3_cmdq_cfgi_ste(int streamid) " |_ streamid =3D%d" smmuv3_cmdq_cfgi_ste_range(int start, int end) " |_ start=3D0x%d - end= =3D0x%d" +smmuv3_cmdq_tlbi_nh_va(int vmid, int asid, uint64_t addr, bool leaf) " = |_ vmid =3D%d asid =3D%d addr=3D0x%"PRIx64" leaf=3D%d" +smmuv3_cmdq_tlbi_nh_vaa(int vmid, uint64_t addr) " |_ vmid =3D%d addr= =3D0x%"PRIx64 +smmuv3_cmdq_tlbi_nh(void) "" +smmuv3_cmdq_tlbi_nh_asid(uint16_t asid) "asid=3D%d" smmuv3_cmdq_cfgi_cd(uint32_t sid) " |_ streamid =3D %d" smmuv3_config_cache_hit(uint32_t sid, uint32_t hits, uint32_t misses, floa= t perc) "Config cache HIT for sid %d (hits=3D%d, misses=3D%d, hit rate=3D%.= 1f)" smmuv3_config_cache_miss(uint32_t sid, uint32_t hits, uint32_t misses, flo= at perc) "Config cache MISS for sid %d (hits=3D%d, misses=3D%d, hit rate=3D= %.1f)" diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h index 7ce95ca..d173806 100644 --- a/include/hw/arm/smmu-common.h +++ b/include/hw/arm/smmu-common.h @@ -67,6 +67,8 @@ typedef struct SMMUTransCfg { uint8_t tbi; /* Top Byte Ignore */ uint16_t asid; SMMUTransTableInfo tt[2]; + uint32_t iotlb_hits; /* counts IOTLB hits for this asid */ + uint32_t iotlb_misses; /* counts IOTLB misses for this asid */ } SMMUTransCfg; =20 typedef struct SMMUDevice { @@ -89,6 +91,11 @@ typedef struct SMMUPciBus { SMMUDevice *pbdev[0]; /* Parent array is sparse, so dynamically allo= c */ } SMMUPciBus; =20 +typedef struct SMMUIOTLBKey { + uint64_t iova; + uint16_t asid; +} SMMUIOTLBKey; + typedef struct SMMUState { /* */ SysBusDevice dev; @@ -147,4 +154,10 @@ SMMUTransTableInfo *select_tt(SMMUTransCfg *cfg, dma_a= ddr_t iova); /* Return the iommu mr associated to @sid, or NULL if none */ IOMMUMemoryRegion *smmu_iommu_mr(SMMUState *s, uint32_t sid); =20 +#define SMMU_IOTLB_MAX_SIZE 256 + +void smmu_iotlb_inv_all(SMMUState *s); +void smmu_iotlb_inv_asid(SMMUState *s, uint16_t asid); +void smmu_iotlb_inv_iova(SMMUState *s, uint16_t asid, dma_addr_t iova); + #endif /* HW_ARM_SMMU_COMMON */ --=20 2.5.5 From nobody Sat Apr 27 00:52:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1528791094071354.2723281760693; Tue, 12 Jun 2018 01:11:34 -0700 (PDT) Received: from localhost ([::1]:53700 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fSeOr-0000s3-7I for importer@patchew.org; Tue, 12 Jun 2018 04:11:33 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:47682) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fSeMC-0007Iz-US for qemu-devel@nongnu.org; Tue, 12 Jun 2018 04:08:50 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fSeMA-0003iW-6y for qemu-devel@nongnu.org; Tue, 12 Jun 2018 04:08:48 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:36382 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fSeM5-0003g9-05; Tue, 12 Jun 2018 04:08:41 -0400 Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 9B713401EF23; Tue, 12 Jun 2018 08:08:40 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-116-69.ams2.redhat.com [10.36.116.69]) by smtp.corp.redhat.com (Postfix) with ESMTP id 716AA2035721; Tue, 12 Jun 2018 08:08:39 +0000 (UTC) From: Eric Auger To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org, qemu-arm@nongnu.org, peter.maydell@linaro.org, jia.he@hxt-semitech.com, hejianet@gmail.com Date: Tue, 12 Jun 2018 10:08:28 +0200 Message-Id: <1528790908-23441-5-git-send-email-eric.auger@redhat.com> In-Reply-To: <1528790908-23441-1-git-send-email-eric.auger@redhat.com> References: <1528790908-23441-1-git-send-email-eric.auger@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.6 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 12 Jun 2018 08:08:40 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Tue, 12 Jun 2018 08:08:40 +0000 (UTC) for IP:'10.11.54.6' DOMAIN:'int-mx06.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'eric.auger@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v2 4/4] hw/arm/smmuv3: Add notifications on invalidation X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" On TLB invalidation commands, let's call registered IOMMU notifiers. Those can only be UNMAP notifiers. SMMUv3 does not support notification on MAP (VFIO). This patch allows vhost use case where IOTLB API is notified on each guest IOTLB invalidation. Signed-off-by: Eric Auger Reviewed-by: Peter Maydell --- hw/arm/smmu-common.c | 34 +++++++++++++++ hw/arm/smmuv3.c | 99 ++++++++++++++++++++++++++++++++++++++++= +++- hw/arm/trace-events | 5 +++ include/hw/arm/smmu-common.h | 6 +++ 4 files changed, 142 insertions(+), 2 deletions(-) diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c index 16cd33a..5929275 100644 --- a/hw/arm/smmu-common.c +++ b/hw/arm/smmu-common.c @@ -385,6 +385,40 @@ static gboolean smmu_iotlb_key_equal(gconstpointer v1,= gconstpointer v2) return (k1->asid =3D=3D k2->asid) && (k1->iova =3D=3D k2->iova); } =20 +/* Unmap the whole notifier's range */ +static void smmu_unmap_notifier_range(IOMMUNotifier *n) +{ + IOMMUTLBEntry entry; + + entry.target_as =3D &address_space_memory; + entry.iova =3D n->start; + entry.perm =3D IOMMU_NONE; + entry.addr_mask =3D n->end - n->start; + + memory_region_notify_one(n, &entry); +} + +/* Unmap all notifiers attached to @mr */ +inline void smmu_inv_notifiers_mr(IOMMUMemoryRegion *mr) +{ + IOMMUNotifier *n; + + trace_smmu_inv_notifiers_mr(mr->parent_obj.name); + IOMMU_NOTIFIER_FOREACH(n, mr) { + smmu_unmap_notifier_range(n); + } +} + +/* Unmap all notifiers of all mr's */ +void smmu_inv_notifiers_all(SMMUState *s) +{ + SMMUNotifierNode *node; + + QLIST_FOREACH(node, &s->notifiers_list, next) { + smmu_inv_notifiers_mr(&node->sdev->iommu); + } +} + static void smmu_base_realize(DeviceState *dev, Error **errp) { SMMUState *s =3D ARM_SMMU(dev); diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index cc21f4c..6afc07e 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -780,6 +780,68 @@ epilogue: return entry; } =20 +/** + * smmuv3_notify_iova - call the notifier @n for a given + * @asid and @iova tuple. + * + * @mr: IOMMU mr region handle + * @n: notifier to be called + * @asid: address space ID or negative value if we don't care + * @iova: iova + */ +static void smmuv3_notify_iova(IOMMUMemoryRegion *mr, + IOMMUNotifier *n, + int asid, + dma_addr_t iova) +{ + SMMUDevice *sdev =3D container_of(mr, SMMUDevice, iommu); + SMMUEventInfo event =3D {}; + SMMUTransTableInfo *tt; + SMMUTransCfg *cfg; + IOMMUTLBEntry entry; + + cfg =3D smmuv3_get_config(sdev, &event); + if (!cfg) { + qemu_log_mask(LOG_GUEST_ERROR, + "%s error decoding the configuration for iommu mr=3D= %s\n", + __func__, mr->parent_obj.name); + return; + } + + if (asid >=3D 0 && cfg->asid !=3D asid) { + return; + } + + tt =3D select_tt(cfg, iova); + if (!tt) { + return; + } + + entry.target_as =3D &address_space_memory; + entry.iova =3D iova; + entry.addr_mask =3D (1 << tt->granule_sz) - 1; + entry.perm =3D IOMMU_NONE; + + memory_region_notify_one(n, &entry); +} + +/* invalidate an asid/iova tuple in all mr's */ +static void smmuv3_inv_notifiers_iova(SMMUState *s, int asid, dma_addr_t i= ova) +{ + SMMUNotifierNode *node; + + QLIST_FOREACH(node, &s->notifiers_list, next) { + IOMMUMemoryRegion *mr =3D &node->sdev->iommu; + IOMMUNotifier *n; + + trace_smmuv3_inv_notifiers_iova(mr->parent_obj.name, asid, iova); + + IOMMU_NOTIFIER_FOREACH(n, mr) { + smmuv3_notify_iova(mr, n, asid, iova); + } + } +} + static int smmuv3_cmdq_consume(SMMUv3State *s) { SMMUState *bs =3D ARM_SMMU(s); @@ -899,12 +961,14 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) uint16_t asid =3D CMD_ASID(&cmd); =20 trace_smmuv3_cmdq_tlbi_nh_asid(asid); + smmu_inv_notifiers_all(&s->smmu_state); smmu_iotlb_inv_asid(bs, asid); break; } case SMMU_CMD_TLBI_NH_ALL: case SMMU_CMD_TLBI_NSNH_ALL: trace_smmuv3_cmdq_tlbi_nh(); + smmu_inv_notifiers_all(&s->smmu_state); smmu_iotlb_inv_all(bs); break; case SMMU_CMD_TLBI_NH_VAA: @@ -913,6 +977,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) uint16_t vmid =3D CMD_VMID(&cmd); =20 trace_smmuv3_cmdq_tlbi_nh_vaa(vmid, addr); + smmuv3_inv_notifiers_iova(bs, -1, addr); smmu_iotlb_inv_all(bs); break; } @@ -924,6 +989,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) bool leaf =3D CMD_LEAF(&cmd); =20 trace_smmuv3_cmdq_tlbi_nh_va(vmid, asid, addr, leaf); + smmuv3_inv_notifiers_iova(bs, asid, addr); smmu_iotlb_inv_iova(bs, asid, addr); break; } @@ -1402,9 +1468,38 @@ static void smmuv3_notify_flag_changed(IOMMUMemoryRe= gion *iommu, IOMMUNotifierFlag old, IOMMUNotifierFlag new) { + SMMUDevice *sdev =3D container_of(iommu, SMMUDevice, iommu); + SMMUv3State *s3 =3D sdev->smmu; + SMMUState *s =3D &(s3->smmu_state); + SMMUNotifierNode *node =3D NULL; + SMMUNotifierNode *next_node =3D NULL; + + if (new =3D=3D IOMMU_NOTIFIER_MAP) { + int bus_num =3D pci_bus_num(sdev->bus); + PCIDevice *pcidev =3D pci_find_device(sdev->bus, bus_num, sdev->de= vfn); + + warn_report("SMMUv3 does not support notification on MAP: " + "device %s will not function properly", pcidev->name); + } + if (old =3D=3D IOMMU_NOTIFIER_NONE) { - warn_report("SMMUV3 does not support vhost/vfio integration yet: " - "devices of those types will not function properly"); + trace_smmuv3_notify_flag_add(iommu->parent_obj.name); + node =3D g_malloc0(sizeof(*node)); + node->sdev =3D sdev; + QLIST_INSERT_HEAD(&s->notifiers_list, node, next); + return; + } + + /* update notifier node with new flags */ + QLIST_FOREACH_SAFE(node, &s->notifiers_list, next, next_node) { + if (node->sdev =3D=3D sdev) { + if (new =3D=3D IOMMU_NOTIFIER_NONE) { + trace_smmuv3_notify_flag_del(iommu->parent_obj.name); + QLIST_REMOVE(node, next); + g_free(node); + } + return; + } } } =20 diff --git a/hw/arm/trace-events b/hw/arm/trace-events index 8ad900c..11f7bbf 100644 --- a/hw/arm/trace-events +++ b/hw/arm/trace-events @@ -17,6 +17,7 @@ smmu_iotlb_cache_miss(uint16_t asid, uint64_t addr, uint3= 2_t hit, uint32_t miss, smmu_iotlb_inv_all(void) "IOTLB invalidate all" smmu_iotlb_inv_asid(uint16_t asid) "IOTLB invalidate asid=3D%d" smmu_iotlb_inv_iova(uint16_t asid, uint64_t addr) "IOTLB invalidate asid= =3D%d addr=3D0x%"PRIx64 +smmu_inv_notifiers_mr(const char *name) "iommu mr=3D%s" =20 #hw/arm/smmuv3.c smmuv3_read_mmio(uint64_t addr, uint64_t val, unsigned size, uint32_t r) "= addr: 0x%"PRIx64" val:0x%"PRIx64" size: 0x%x(%d)" @@ -55,3 +56,7 @@ smmuv3_cmdq_cfgi_cd(uint32_t sid) " |_ streamid =3D %= d" smmuv3_config_cache_hit(uint32_t sid, uint32_t hits, uint32_t misses, floa= t perc) "Config cache HIT for sid %d (hits=3D%d, misses=3D%d, hit rate=3D%.= 1f)" smmuv3_config_cache_miss(uint32_t sid, uint32_t hits, uint32_t misses, flo= at perc) "Config cache MISS for sid %d (hits=3D%d, misses=3D%d, hit rate=3D= %.1f)" smmuv3_config_cache_inv(uint32_t sid) "Config cache INV for sid %d" +smmuv3_notify_flag_add(const char *iommu) "ADD SMMUNotifier node for iommu= mr=3D%s" +smmuv3_notify_flag_del(const char *iommu) "DEL SMMUNotifier node for iommu= mr=3D%s" +smmuv3_inv_notifiers_iova(const char *name, uint16_t asid, uint64_t iova) = "iommu mr=3D%s asid=3D%d iova=3D0x%"PRIx64 + diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h index d173806..50e2912 100644 --- a/include/hw/arm/smmu-common.h +++ b/include/hw/arm/smmu-common.h @@ -160,4 +160,10 @@ void smmu_iotlb_inv_all(SMMUState *s); void smmu_iotlb_inv_asid(SMMUState *s, uint16_t asid); void smmu_iotlb_inv_iova(SMMUState *s, uint16_t asid, dma_addr_t iova); =20 +/* Unmap the range of all the notifiers registered to any IOMMU mr */ +void smmu_inv_notifiers_all(SMMUState *s); + +/* Unmap the range of all the notifiers registered to @mr */ +void smmu_inv_notifiers_mr(IOMMUMemoryRegion *mr); + #endif /* HW_ARM_SMMU_COMMON */ --=20 2.5.5