From nobody Fri May 3 04:31:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1529653657658348.5012942384491; Fri, 22 Jun 2018 00:47:37 -0700 (PDT) Received: from localhost ([::1]:59857 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fWGn7-0002Dz-9v for importer@patchew.org; Fri, 22 Jun 2018 03:47:33 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41315) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fWGku-00011P-Ic for qemu-devel@nongnu.org; Fri, 22 Jun 2018 03:45:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fWGks-0000Dr-SJ for qemu-devel@nongnu.org; Fri, 22 Jun 2018 03:45:16 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:46774 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fWGkn-0008WN-1O; Fri, 22 Jun 2018 03:45:09 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 85F1C123B6A; Fri, 22 Jun 2018 07:45:08 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-106.ams2.redhat.com [10.36.117.106]) by smtp.corp.redhat.com (Postfix) with ESMTP id 362162026D6B; Fri, 22 Jun 2018 07:45:07 +0000 (UTC) From: Eric Auger To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org, qemu-arm@nongnu.org, peter.maydell@linaro.org, jia.he@hxt-semitech.com, hejianet@gmail.com Date: Fri, 22 Jun 2018 09:44:58 +0200 Message-Id: <1529653501-15358-2-git-send-email-eric.auger@redhat.com> In-Reply-To: <1529653501-15358-1-git-send-email-eric.auger@redhat.com> References: <1529653501-15358-1-git-send-email-eric.auger@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]); Fri, 22 Jun 2018 07:45:08 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.1]); Fri, 22 Jun 2018 07:45:08 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'eric.auger@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v4 1/4] hw/arm/smmuv3: Fix translate error handling X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" From: Jia He In case the STE's config is "Bypass" we currently don't set the IOMMUTLBEntry perm flags and the access does not succeed. Also if the config is 0b0xx (Aborted/Reserved), decode_ste and smmuv3_decode_config currently returns -EINVAL and we don't enter the expected code path: we record an event whereas we should not. This patch fixes those bugs and simplifies the error handling. decode_ste and smmuv3_decode_config now return 0 if aborted or bypassed config was found. Only bad config info produces negative error values. In smmuv3_translate we more clearly differentiate errors, bypass/smmu disabled, aborted and success cases. Also trace points are differentiated. Fixes: 9bde7f0674fe ("hw/arm/smmuv3: Implement translate callback") Reported-by: jia.he@hxt-semitech.com Signed-off-by: jia.he@hxt-semitech.com Signed-off-by: Eric Auger Reviewed-by: Peter Maydell --- v2 -> v3: - added Peter's R-b v1 -> v2: - set addr_mask in case of bypass and disabled. Mandated for vhost use case since a411c84b561baa94b28165c52f21c33517ee8f59 "exec: extract address_space_translate_iommu, fix page_mask corner case" --- hw/arm/smmuv3-internal.h | 12 +++++- hw/arm/smmuv3.c | 96 +++++++++++++++++++++++++++++++++-----------= ---- hw/arm/trace-events | 7 ++-- 3 files changed, 80 insertions(+), 35 deletions(-) diff --git a/hw/arm/smmuv3-internal.h b/hw/arm/smmuv3-internal.h index a9d714b..bab25d6 100644 --- a/hw/arm/smmuv3-internal.h +++ b/hw/arm/smmuv3-internal.h @@ -23,6 +23,14 @@ =20 #include "hw/arm/smmu-common.h" =20 +typedef enum SMMUTranslationStatus { + SMMU_TRANS_DISABLE, + SMMU_TRANS_ABORT, + SMMU_TRANS_BYPASS, + SMMU_TRANS_ERROR, + SMMU_TRANS_SUCCESS, +} SMMUTranslationStatus; + /* MMIO Registers */ =20 REG32(IDR0, 0x0) @@ -315,7 +323,7 @@ enum { /* Command completion notification */ /* Events */ =20 typedef enum SMMUEventType { - SMMU_EVT_OK =3D 0x00, + SMMU_EVT_NONE =3D 0x00, SMMU_EVT_F_UUT , SMMU_EVT_C_BAD_STREAMID , SMMU_EVT_F_STE_FETCH , @@ -337,7 +345,7 @@ typedef enum SMMUEventType { } SMMUEventType; =20 static const char *event_stringify[] =3D { - [SMMU_EVT_OK] =3D "SMMU_EVT_OK", + [SMMU_EVT_NONE] =3D "no recorded event", [SMMU_EVT_F_UUT] =3D "SMMU_EVT_F_UUT", [SMMU_EVT_C_BAD_STREAMID] =3D "SMMU_EVT_C_BAD_STREAMID", [SMMU_EVT_F_STE_FETCH] =3D "SMMU_EVT_F_STE_FETCH", diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index 9783309..70b8f29 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -23,6 +23,7 @@ #include "hw/qdev-core.h" #include "hw/pci/pci.h" #include "exec/address-spaces.h" +#include "cpu.h" #include "trace.h" #include "qemu/log.h" #include "qemu/error-report.h" @@ -154,7 +155,7 @@ void smmuv3_record_event(SMMUv3State *s, SMMUEventInfo = *info) EVT_SET_SID(&evt, info->sid); =20 switch (info->type) { - case SMMU_EVT_OK: + case SMMU_EVT_NONE: return; case SMMU_EVT_F_UUT: EVT_SET_SSID(&evt, info->u.f_uut.ssid); @@ -312,12 +313,11 @@ static int smmu_get_cd(SMMUv3State *s, STE *ste, uint= 32_t ssid, return 0; } =20 -/* Returns <0 if the caller has no need to continue the translation */ +/* Returns < 0 in case of invalid STE, 0 otherwise */ static int decode_ste(SMMUv3State *s, SMMUTransCfg *cfg, STE *ste, SMMUEventInfo *event) { uint32_t config; - int ret =3D -EINVAL; =20 if (!STE_VALID(ste)) { goto bad_ste; @@ -326,13 +326,13 @@ static int decode_ste(SMMUv3State *s, SMMUTransCfg *c= fg, config =3D STE_CONFIG(ste); =20 if (STE_CFG_ABORT(config)) { - cfg->aborted =3D true; /* abort but don't record any event */ - return ret; + cfg->aborted =3D true; + return 0; } =20 if (STE_CFG_BYPASS(config)) { cfg->bypassed =3D true; - return ret; + return 0; } =20 if (STE_CFG_S2_ENABLED(config)) { @@ -509,7 +509,7 @@ bad_cd: * the different configuration decoding steps * @event: must be zero'ed by the caller * - * return < 0 if the translation needs to be aborted (@event is filled + * return < 0 in case of config decoding error (@event is filled * accordingly). Return 0 otherwise. */ static int smmuv3_decode_config(IOMMUMemoryRegion *mr, SMMUTransCfg *cfg, @@ -518,19 +518,26 @@ static int smmuv3_decode_config(IOMMUMemoryRegion *mr= , SMMUTransCfg *cfg, SMMUDevice *sdev =3D container_of(mr, SMMUDevice, iommu); uint32_t sid =3D smmu_get_sid(sdev); SMMUv3State *s =3D sdev->smmu; - int ret =3D -EINVAL; + int ret; STE ste; CD cd; =20 - if (smmu_find_ste(s, sid, &ste, event)) { + ret =3D smmu_find_ste(s, sid, &ste, event); + if (ret) { return ret; } =20 - if (decode_ste(s, cfg, &ste, event)) { + ret =3D decode_ste(s, cfg, &ste, event); + if (ret) { return ret; } =20 - if (smmu_get_cd(s, &ste, 0 /* ssid */, &cd, event)) { + if (cfg->aborted || cfg->bypassed) { + return 0; + } + + ret =3D smmu_get_cd(s, &ste, 0 /* ssid */, &cd, event); + if (ret) { return ret; } =20 @@ -543,8 +550,9 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion= *mr, hwaddr addr, SMMUDevice *sdev =3D container_of(mr, SMMUDevice, iommu); SMMUv3State *s =3D sdev->smmu; uint32_t sid =3D smmu_get_sid(sdev); - SMMUEventInfo event =3D {.type =3D SMMU_EVT_OK, .sid =3D sid}; + SMMUEventInfo event =3D {.type =3D SMMU_EVT_NONE, .sid =3D sid}; SMMUPTWEventInfo ptw_info =3D {}; + SMMUTranslationStatus status; SMMUTransCfg cfg =3D {}; IOMMUTLBEntry entry =3D { .target_as =3D &address_space_memory, @@ -553,23 +561,28 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegi= on *mr, hwaddr addr, .addr_mask =3D ~(hwaddr)0, .perm =3D IOMMU_NONE, }; - int ret =3D 0; =20 if (!smmu_enabled(s)) { - goto out; + status =3D SMMU_TRANS_DISABLE; + goto epilogue; } =20 - ret =3D smmuv3_decode_config(mr, &cfg, &event); - if (ret) { - goto out; + if (smmuv3_decode_config(mr, &cfg, &event)) { + status =3D SMMU_TRANS_ERROR; + goto epilogue; } =20 if (cfg.aborted) { - goto out; + status =3D SMMU_TRANS_ABORT; + goto epilogue; } =20 - ret =3D smmu_ptw(&cfg, addr, flag, &entry, &ptw_info); - if (ret) { + if (cfg.bypassed) { + status =3D SMMU_TRANS_BYPASS; + goto epilogue; + } + + if (smmu_ptw(&cfg, addr, flag, &entry, &ptw_info)) { switch (ptw_info.type) { case SMMU_PTW_ERR_WALK_EABT: event.type =3D SMMU_EVT_F_WALK_EABT; @@ -609,18 +622,41 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegi= on *mr, hwaddr addr, default: g_assert_not_reached(); } + status =3D SMMU_TRANS_ERROR; + } else { + status =3D SMMU_TRANS_SUCCESS; } -out: - if (ret) { - qemu_log_mask(LOG_GUEST_ERROR, - "%s translation failed for iova=3D0x%"PRIx64"(%d)\n", - mr->parent_obj.name, addr, ret); - entry.perm =3D IOMMU_NONE; - smmuv3_record_event(s, &event); - } else if (!cfg.aborted) { + +epilogue: + switch (status) { + case SMMU_TRANS_SUCCESS: entry.perm =3D flag; - trace_smmuv3_translate(mr->parent_obj.name, sid, addr, - entry.translated_addr, entry.perm); + trace_smmuv3_translate_success(mr->parent_obj.name, sid, addr, + entry.translated_addr, entry.perm); + break; + case SMMU_TRANS_DISABLE: + entry.perm =3D flag; + entry.addr_mask =3D ~TARGET_PAGE_MASK; + trace_smmuv3_translate_disable(mr->parent_obj.name, sid, addr, + entry.perm); + break; + case SMMU_TRANS_BYPASS: + entry.perm =3D flag; + entry.addr_mask =3D ~TARGET_PAGE_MASK; + trace_smmuv3_translate_bypass(mr->parent_obj.name, sid, addr, + entry.perm); + break; + case SMMU_TRANS_ABORT: + /* no event is recorded on abort */ + trace_smmuv3_translate_abort(mr->parent_obj.name, sid, addr, + entry.perm); + break; + case SMMU_TRANS_ERROR: + qemu_log_mask(LOG_GUEST_ERROR, + "%s translation failed for iova=3D0x%"PRIx64"(%s)\n", + mr->parent_obj.name, addr, smmu_event_string(event.t= ype)); + smmuv3_record_event(s, &event); + break; } =20 return entry; diff --git a/hw/arm/trace-events b/hw/arm/trace-events index 2d92727..0ab66bb 100644 --- a/hw/arm/trace-events +++ b/hw/arm/trace-events @@ -33,9 +33,10 @@ smmuv3_record_event(const char *type, uint32_t sid) "%s = sid=3D%d" smmuv3_find_ste(uint16_t sid, uint32_t features, uint16_t sid_split) "SID:= 0x%x features:0x%x, sid_split:0x%x" smmuv3_find_ste_2lvl(uint64_t strtab_base, uint64_t l1ptr, int l1_ste_offs= et, uint64_t l2ptr, int l2_ste_offset, int max_l2_ste) "strtab_base:0x%"PRI= x64" l1ptr:0x%"PRIx64" l1_off:0x%x, l2ptr:0x%"PRIx64" l2_off:0x%x max_l2_st= e:%d" smmuv3_get_ste(uint64_t addr) "STE addr: 0x%"PRIx64 -smmuv3_translate_bypass(const char *n, uint16_t sid, uint64_t addr, bool i= s_write) "%s sid=3D%d bypass iova:0x%"PRIx64" is_write=3D%d" -smmuv3_translate_in(uint16_t sid, int pci_bus_num, uint64_t strtab_base) "= SID:0x%x bus:%d strtab_base:0x%"PRIx64 +smmuv3_translate_disable(const char *n, uint16_t sid, uint64_t addr, bool = is_write) "%s sid=3D%d bypass (smmu disabled) iova:0x%"PRIx64" is_write=3D%= d" +smmuv3_translate_bypass(const char *n, uint16_t sid, uint64_t addr, bool i= s_write) "%s sid=3D%d STE bypass iova:0x%"PRIx64" is_write=3D%d" +smmuv3_translate_abort(const char *n, uint16_t sid, uint64_t addr, bool is= _write) "%s sid=3D%d abort on iova:0x%"PRIx64" is_write=3D%d" +smmuv3_translate_success(const char *n, uint16_t sid, uint64_t iova, uint6= 4_t translated, int perm) "%s sid=3D%d iova=3D0x%"PRIx64" translated=3D0x%"= PRIx64" perm=3D0x%x" smmuv3_get_cd(uint64_t addr) "CD addr: 0x%"PRIx64 -smmuv3_translate(const char *n, uint16_t sid, uint64_t iova, uint64_t tran= slated, int perm) "%s sid=3D%d iova=3D0x%"PRIx64" translated=3D0x%"PRIx64" = perm=3D0x%x" smmuv3_decode_cd(uint32_t oas) "oas=3D%d" smmuv3_decode_cd_tt(int i, uint32_t tsz, uint64_t ttb, uint32_t granule_sz= ) "TT[%d]:tsz:%d ttb:0x%"PRIx64" granule_sz:%d" --=20 2.5.5 From nobody Fri May 3 04:31:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1529653694005188.07344087959916; Fri, 22 Jun 2018 00:48:14 -0700 (PDT) Received: from localhost ([::1]:59859 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fWGnl-0002hz-5g for importer@patchew.org; Fri, 22 Jun 2018 03:48:13 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41317) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fWGku-00011Y-LU for qemu-devel@nongnu.org; Fri, 22 Jun 2018 03:45:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fWGks-0000Dl-RY for qemu-devel@nongnu.org; Fri, 22 Jun 2018 03:45:16 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:41296 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fWGko-00007L-KQ; Fri, 22 Jun 2018 03:45:10 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id F36464079F07; Fri, 22 Jun 2018 07:45:09 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-106.ams2.redhat.com [10.36.117.106]) by smtp.corp.redhat.com (Postfix) with ESMTP id BFFE42026D6B; Fri, 22 Jun 2018 07:45:08 +0000 (UTC) From: Eric Auger To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org, qemu-arm@nongnu.org, peter.maydell@linaro.org, jia.he@hxt-semitech.com, hejianet@gmail.com Date: Fri, 22 Jun 2018 09:44:59 +0200 Message-Id: <1529653501-15358-3-git-send-email-eric.auger@redhat.com> In-Reply-To: <1529653501-15358-1-git-send-email-eric.auger@redhat.com> References: <1529653501-15358-1-git-send-email-eric.auger@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Fri, 22 Jun 2018 07:45:10 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.7]); Fri, 22 Jun 2018 07:45:10 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'eric.auger@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v4 2/4] hw/arm/smmuv3: Cache/invalidate config data X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Let's cache config data to avoid fetching and parsing STE/CD structures on each translation. We invalidate them on data structure invalidation commands. We put in place a per-smmu mutex to protect the config cache. This will be useful too to protect the IOTLB cache. The caches can be accessed without BQL, ie. in IO dataplane. The same kind of mutex was put in place in the intel viommu. Signed-off-by: Eric Auger Reviewed-by: Peter Maydell --- v2 -> v3: - use uint32_t instead of float in cache hit rate traces - change the format of the new traces - added Peter's R-b v1 -> v2: - restore mutex v1: - only insert the new config if decode_cfg succeeds - use smmu_get_sid for trace_* and store hits/misses in the SMMUDevice - s/smmuv3_put_config/smmuv3_flush_config - document smmuv3_get_config - removing the mutex as BQL does the job --- hw/arm/smmu-common.c | 24 +++++++- hw/arm/smmuv3.c | 135 +++++++++++++++++++++++++++++++++++++++= ++-- hw/arm/trace-events | 6 ++ include/hw/arm/smmu-common.h | 5 ++ include/hw/arm/smmuv3.h | 1 + 5 files changed, 164 insertions(+), 7 deletions(-) diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c index 3c5f724..db242c7 100644 --- a/hw/arm/smmu-common.c +++ b/hw/arm/smmu-common.c @@ -310,6 +310,24 @@ static AddressSpace *smmu_find_add_as(PCIBus *bus, voi= d *opaque, int devfn) return &sdev->as; } =20 +IOMMUMemoryRegion *smmu_iommu_mr(SMMUState *s, uint32_t sid) +{ + uint8_t bus_n, devfn; + SMMUPciBus *smmu_bus; + SMMUDevice *smmu; + + bus_n =3D PCI_BUS_NUM(sid); + smmu_bus =3D smmu_find_smmu_pcibus(s, bus_n); + if (smmu_bus) { + devfn =3D sid & 0x7; + smmu =3D smmu_bus->pbdev[devfn]; + if (smmu) { + return &smmu->iommu; + } + } + return NULL; +} + static void smmu_base_realize(DeviceState *dev, Error **errp) { SMMUState *s =3D ARM_SMMU(dev); @@ -321,7 +339,7 @@ static void smmu_base_realize(DeviceState *dev, Error *= *errp) error_propagate(errp, local_err); return; } - + s->configs =3D g_hash_table_new_full(NULL, NULL, NULL, g_free); s->smmu_pcibus_by_busptr =3D g_hash_table_new(NULL, NULL); =20 if (s->primary_bus) { @@ -333,7 +351,9 @@ static void smmu_base_realize(DeviceState *dev, Error *= *errp) =20 static void smmu_base_reset(DeviceState *dev) { - /* will be filled later on */ + SMMUState *s =3D ARM_SMMU(dev); + + g_hash_table_remove_all(s->configs); } =20 static Property smmu_dev_properties[] =3D { diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index 70b8f29..df704c2 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -544,6 +544,58 @@ static int smmuv3_decode_config(IOMMUMemoryRegion *mr,= SMMUTransCfg *cfg, return decode_cd(cfg, &cd, event); } =20 +/** + * smmuv3_get_config - Look up for a cached copy of configuration data for + * @sdev and on cache miss performs a configuration structure decoding from + * guest RAM. + * + * @sdev: SMMUDevice handle + * @event: output event info + * + * The configuration cache contains data resulting from both STE and CD + * decoding under the form of an SMMUTransCfg struct. The hash table is in= dexed + * by the SMMUDevice handle. + */ +static SMMUTransCfg *smmuv3_get_config(SMMUDevice *sdev, SMMUEventInfo *ev= ent) +{ + SMMUv3State *s =3D sdev->smmu; + SMMUState *bc =3D &s->smmu_state; + SMMUTransCfg *cfg; + + cfg =3D g_hash_table_lookup(bc->configs, sdev); + if (cfg) { + sdev->cfg_cache_hits++; + trace_smmuv3_config_cache_hit(smmu_get_sid(sdev), + sdev->cfg_cache_hits, sdev->cfg_cache_misses, + 100 * sdev->cfg_cache_hits / + (sdev->cfg_cache_hits + sdev->cfg_cache_misses= )); + } else { + sdev->cfg_cache_misses++; + trace_smmuv3_config_cache_miss(smmu_get_sid(sdev), + sdev->cfg_cache_hits, sdev->cfg_cache_misses, + 100 * sdev->cfg_cache_hits / + (sdev->cfg_cache_hits + sdev->cfg_cache_misses= )); + cfg =3D g_new0(SMMUTransCfg, 1); + + if (!smmuv3_decode_config(&sdev->iommu, cfg, event)) { + g_hash_table_insert(bc->configs, sdev, cfg); + } else { + g_free(cfg); + cfg =3D NULL; + } + } + return cfg; +} + +static void smmuv3_flush_config(SMMUDevice *sdev) +{ + SMMUv3State *s =3D sdev->smmu; + SMMUState *bc =3D &s->smmu_state; + + trace_smmuv3_config_cache_inv(smmu_get_sid(sdev)); + g_hash_table_remove(bc->configs, sdev); +} + static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion *mr, hwaddr addr, IOMMUAccessFlags flag, int iommu_idx) { @@ -553,7 +605,7 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion= *mr, hwaddr addr, SMMUEventInfo event =3D {.type =3D SMMU_EVT_NONE, .sid =3D sid}; SMMUPTWEventInfo ptw_info =3D {}; SMMUTranslationStatus status; - SMMUTransCfg cfg =3D {}; + SMMUTransCfg *cfg =3D NULL; IOMMUTLBEntry entry =3D { .target_as =3D &address_space_memory, .iova =3D addr, @@ -562,27 +614,30 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegi= on *mr, hwaddr addr, .perm =3D IOMMU_NONE, }; =20 + qemu_mutex_lock(&s->mutex); + if (!smmu_enabled(s)) { status =3D SMMU_TRANS_DISABLE; goto epilogue; } =20 - if (smmuv3_decode_config(mr, &cfg, &event)) { + cfg =3D smmuv3_get_config(sdev, &event); + if (!cfg) { status =3D SMMU_TRANS_ERROR; goto epilogue; } =20 - if (cfg.aborted) { + if (cfg->aborted) { status =3D SMMU_TRANS_ABORT; goto epilogue; } =20 - if (cfg.bypassed) { + if (cfg->bypassed) { status =3D SMMU_TRANS_BYPASS; goto epilogue; } =20 - if (smmu_ptw(&cfg, addr, flag, &entry, &ptw_info)) { + if (smmu_ptw(cfg, addr, flag, &entry, &ptw_info)) { switch (ptw_info.type) { case SMMU_PTW_ERR_WALK_EABT: event.type =3D SMMU_EVT_F_WALK_EABT; @@ -628,6 +683,7 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion= *mr, hwaddr addr, } =20 epilogue: + qemu_mutex_unlock(&s->mutex); switch (status) { case SMMU_TRANS_SUCCESS: entry.perm =3D flag; @@ -664,6 +720,7 @@ epilogue: =20 static int smmuv3_cmdq_consume(SMMUv3State *s) { + SMMUState *bs =3D ARM_SMMU(s); SMMUCmdError cmd_error =3D SMMU_CERROR_NONE; SMMUQueue *q =3D &s->cmdq; SMMUCommandType type =3D 0; @@ -698,6 +755,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) =20 trace_smmuv3_cmdq_opcode(smmu_cmd_string(type)); =20 + qemu_mutex_lock(&s->mutex); switch (type) { case SMMU_CMD_SYNC: if (CMD_SYNC_CS(&cmd) & CMD_SYNC_SIG_IRQ) { @@ -706,10 +764,74 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) break; case SMMU_CMD_PREFETCH_CONFIG: case SMMU_CMD_PREFETCH_ADDR: + break; case SMMU_CMD_CFGI_STE: + { + uint32_t sid =3D CMD_SID(&cmd); + IOMMUMemoryRegion *mr =3D smmu_iommu_mr(bs, sid); + SMMUDevice *sdev; + + if (CMD_SSEC(&cmd)) { + cmd_error =3D SMMU_CERROR_ILL; + break; + } + + if (!mr) { + break; + } + + trace_smmuv3_cmdq_cfgi_ste(sid); + sdev =3D container_of(mr, SMMUDevice, iommu); + smmuv3_flush_config(sdev); + + break; + } case SMMU_CMD_CFGI_STE_RANGE: /* same as SMMU_CMD_CFGI_ALL */ + { + uint32_t start =3D CMD_SID(&cmd), end, i; + uint8_t range =3D CMD_STE_RANGE(&cmd); + + if (CMD_SSEC(&cmd)) { + cmd_error =3D SMMU_CERROR_ILL; + break; + } + + end =3D start + (1 << (range + 1)) - 1; + trace_smmuv3_cmdq_cfgi_ste_range(start, end); + + for (i =3D start; i <=3D end; i++) { + IOMMUMemoryRegion *mr =3D smmu_iommu_mr(bs, i); + SMMUDevice *sdev; + + if (!mr) { + continue; + } + sdev =3D container_of(mr, SMMUDevice, iommu); + smmuv3_flush_config(sdev); + } + break; + } case SMMU_CMD_CFGI_CD: case SMMU_CMD_CFGI_CD_ALL: + { + uint32_t sid =3D CMD_SID(&cmd); + IOMMUMemoryRegion *mr =3D smmu_iommu_mr(bs, sid); + SMMUDevice *sdev; + + if (CMD_SSEC(&cmd)) { + cmd_error =3D SMMU_CERROR_ILL; + break; + } + + if (!mr) { + break; + } + + trace_smmuv3_cmdq_cfgi_cd(sid); + sdev =3D container_of(mr, SMMUDevice, iommu); + smmuv3_flush_config(sdev); + break; + } case SMMU_CMD_TLBI_NH_ALL: case SMMU_CMD_TLBI_NH_ASID: case SMMU_CMD_TLBI_NH_VA: @@ -735,6 +857,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) "Illegal command type: %d\n", CMD_TYPE(&cmd)); break; } + qemu_mutex_unlock(&s->mutex); if (cmd_error) { break; } @@ -1114,6 +1237,8 @@ static void smmu_realize(DeviceState *d, Error **errp) return; } =20 + qemu_mutex_init(&s->mutex); + memory_region_init_io(&sys->iomem, OBJECT(s), &smmu_mem_ops, sys, TYPE_ARM_SMMUV3, 0x20000); =20 diff --git a/hw/arm/trace-events b/hw/arm/trace-events index 0ab66bb..8ee4c21 100644 --- a/hw/arm/trace-events +++ b/hw/arm/trace-events @@ -40,3 +40,9 @@ smmuv3_translate_success(const char *n, uint16_t sid, uin= t64_t iova, uint64_t tr smmuv3_get_cd(uint64_t addr) "CD addr: 0x%"PRIx64 smmuv3_decode_cd(uint32_t oas) "oas=3D%d" smmuv3_decode_cd_tt(int i, uint32_t tsz, uint64_t ttb, uint32_t granule_sz= ) "TT[%d]:tsz:%d ttb:0x%"PRIx64" granule_sz:%d" +smmuv3_cmdq_cfgi_ste(int streamid) "streamid =3D%d" +smmuv3_cmdq_cfgi_ste_range(int start, int end) "start=3D0x%d - end=3D0x%d" +smmuv3_cmdq_cfgi_cd(uint32_t sid) "streamid =3D %d" +smmuv3_config_cache_hit(uint32_t sid, uint32_t hits, uint32_t misses, uint= 32_t perc) "Config cache HIT for sid %d (hits=3D%d, misses=3D%d, hit rate= =3D%d)" +smmuv3_config_cache_miss(uint32_t sid, uint32_t hits, uint32_t misses, uin= t32_t perc) "Config cache MISS for sid %d (hits=3D%d, misses=3D%d, hit rate= =3D%d)" +smmuv3_config_cache_inv(uint32_t sid) "Config cache INV for sid %d" diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h index c41eb5c3..7ce95ca 100644 --- a/include/hw/arm/smmu-common.h +++ b/include/hw/arm/smmu-common.h @@ -75,6 +75,8 @@ typedef struct SMMUDevice { int devfn; IOMMUMemoryRegion iommu; AddressSpace as; + uint32_t cfg_cache_hits; + uint32_t cfg_cache_misses; } SMMUDevice; =20 typedef struct SMMUNotifierNode { @@ -142,4 +144,7 @@ int smmu_ptw(SMMUTransCfg *cfg, dma_addr_t iova, IOMMUA= ccessFlags perm, */ SMMUTransTableInfo *select_tt(SMMUTransCfg *cfg, dma_addr_t iova); =20 +/* Return the iommu mr associated to @sid, or NULL if none */ +IOMMUMemoryRegion *smmu_iommu_mr(SMMUState *s, uint32_t sid); + #endif /* HW_ARM_SMMU_COMMON */ diff --git a/include/hw/arm/smmuv3.h b/include/hw/arm/smmuv3.h index 23f7036..36b2f45 100644 --- a/include/hw/arm/smmuv3.h +++ b/include/hw/arm/smmuv3.h @@ -59,6 +59,7 @@ typedef struct SMMUv3State { SMMUQueue eventq, cmdq; =20 qemu_irq irq[4]; + QemuMutex mutex; } SMMUv3State; =20 typedef enum { --=20 2.5.5 From nobody Fri May 3 04:31:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1529653816130499.297126000906; Fri, 22 Jun 2018 00:50:16 -0700 (PDT) Received: from localhost ([::1]:59867 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fWGpj-0004G7-EQ for importer@patchew.org; Fri, 22 Jun 2018 03:50:15 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41352) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fWGkw-00013m-NZ for qemu-devel@nongnu.org; Fri, 22 Jun 2018 03:45:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fWGku-0000FG-LR for qemu-devel@nongnu.org; Fri, 22 Jun 2018 03:45:18 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:35534 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fWGkq-0000AB-2Z; Fri, 22 Jun 2018 03:45:12 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 64166A27F4; Fri, 22 Jun 2018 07:45:11 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-106.ams2.redhat.com [10.36.117.106]) by smtp.corp.redhat.com (Postfix) with ESMTP id 36B9D2026D6B; Fri, 22 Jun 2018 07:45:10 +0000 (UTC) From: Eric Auger To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org, qemu-arm@nongnu.org, peter.maydell@linaro.org, jia.he@hxt-semitech.com, hejianet@gmail.com Date: Fri, 22 Jun 2018 09:45:00 +0200 Message-Id: <1529653501-15358-4-git-send-email-eric.auger@redhat.com> In-Reply-To: <1529653501-15358-1-git-send-email-eric.auger@redhat.com> References: <1529653501-15358-1-git-send-email-eric.auger@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Fri, 22 Jun 2018 07:45:11 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.2]); Fri, 22 Jun 2018 07:45:11 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'eric.auger@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v4 3/4] hw/arm/smmuv3: IOTLB emulation X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" We emulate a TLB cache of size SMMU_IOTLB_MAX_SIZE=3D256. It is implemented as a hash table whose key is a combination of the 16b asid and 48b IOVA (Jenkins hash). Entries are invalidated on TLB invalidation commands, either globally, or per asid, or per asid/iova. Signed-off-by: Eric Auger --- v2 -> v3: - use uint32_t instead of float when printing the iotlb hit rate - use const local variables in smmu_iotlb_key_equal v1 -> v2: - add comment about Jenkins Hash - remove init of iotlb_hits, misses v1: - Add new trace point when smmu is bypassed - s/iotlb_miss/iotlb_misses, s/iotlb_hit/iotlb_hits - use SMMUIOTLBKey as a key Credit to Tomasz Nowicki who did the first implementation of this IOTLB implementation, inspired of intel_iommu implementation. --- hw/arm/smmu-common.c | 60 +++++++++++++++++++++++++++ hw/arm/smmuv3.c | 98 ++++++++++++++++++++++++++++++++++++++++= ++-- hw/arm/trace-events | 9 ++++ include/hw/arm/smmu-common.h | 13 ++++++ 4 files changed, 176 insertions(+), 4 deletions(-) diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c index db242c7..f66e444 100644 --- a/hw/arm/smmu-common.c +++ b/hw/arm/smmu-common.c @@ -24,11 +24,43 @@ #include "qom/cpu.h" #include "hw/qdev-properties.h" #include "qapi/error.h" +#include "qemu/jhash.h" =20 #include "qemu/error-report.h" #include "hw/arm/smmu-common.h" #include "smmu-internal.h" =20 +/* IOTLB Management */ + +inline void smmu_iotlb_inv_all(SMMUState *s) +{ + trace_smmu_iotlb_inv_all(); + g_hash_table_remove_all(s->iotlb); +} + +static gboolean smmu_hash_remove_by_asid(gpointer key, gpointer value, + gpointer user_data) +{ + uint16_t asid =3D *(uint16_t *)user_data; + SMMUIOTLBKey *iotlb_key =3D (SMMUIOTLBKey *)key; + + return iotlb_key->asid =3D=3D asid; +} + +inline void smmu_iotlb_inv_iova(SMMUState *s, uint16_t asid, dma_addr_t io= va) +{ + SMMUIOTLBKey key =3D {.asid =3D asid, .iova =3D iova}; + + trace_smmu_iotlb_inv_iova(asid, iova); + g_hash_table_remove(s->iotlb, &key); +} + +inline void smmu_iotlb_inv_asid(SMMUState *s, uint16_t asid) +{ + trace_smmu_iotlb_inv_asid(asid); + g_hash_table_foreach_remove(s->iotlb, smmu_hash_remove_by_asid, &asid); +} + /* VMSAv8-64 Translation */ =20 /** @@ -328,6 +360,31 @@ IOMMUMemoryRegion *smmu_iommu_mr(SMMUState *s, uint32_= t sid) return NULL; } =20 +static guint smmu_iotlb_key_hash(gconstpointer v) +{ + SMMUIOTLBKey *key =3D (SMMUIOTLBKey *)v; + uint32_t a, b, c; + + /* Jenkins hash */ + a =3D b =3D c =3D JHASH_INITVAL + sizeof(*key); + a +=3D key->asid; + b +=3D extract64(key->iova, 0, 32); + c +=3D extract64(key->iova, 32, 32); + + __jhash_mix(a, b, c); + __jhash_final(a, b, c); + + return c; +} + +static gboolean smmu_iotlb_key_equal(gconstpointer v1, gconstpointer v2) +{ + const SMMUIOTLBKey *k1 =3D v1; + const SMMUIOTLBKey *k2 =3D v2; + + return (k1->asid =3D=3D k2->asid) && (k1->iova =3D=3D k2->iova); +} + static void smmu_base_realize(DeviceState *dev, Error **errp) { SMMUState *s =3D ARM_SMMU(dev); @@ -340,6 +397,8 @@ static void smmu_base_realize(DeviceState *dev, Error *= *errp) return; } s->configs =3D g_hash_table_new_full(NULL, NULL, NULL, g_free); + s->iotlb =3D g_hash_table_new_full(smmu_iotlb_key_hash, smmu_iotlb_key= _equal, + g_free, g_free); s->smmu_pcibus_by_busptr =3D g_hash_table_new(NULL, NULL); =20 if (s->primary_bus) { @@ -354,6 +413,7 @@ static void smmu_base_reset(DeviceState *dev) SMMUState *s =3D ARM_SMMU(dev); =20 g_hash_table_remove_all(s->configs); + g_hash_table_remove_all(s->iotlb); } =20 static Property smmu_dev_properties[] =3D { diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index df704c2..b6dc7ed 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -605,6 +605,10 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegio= n *mr, hwaddr addr, SMMUEventInfo event =3D {.type =3D SMMU_EVT_NONE, .sid =3D sid}; SMMUPTWEventInfo ptw_info =3D {}; SMMUTranslationStatus status; + SMMUState *bs =3D ARM_SMMU(s); + uint64_t page_mask, aligned_addr; + IOMMUTLBEntry *cached_entry =3D NULL; + SMMUTransTableInfo *tt; SMMUTransCfg *cfg =3D NULL; IOMMUTLBEntry entry =3D { .target_as =3D &address_space_memory, @@ -613,6 +617,7 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegion= *mr, hwaddr addr, .addr_mask =3D ~(hwaddr)0, .perm =3D IOMMU_NONE, }; + SMMUIOTLBKey key, *new_key; =20 qemu_mutex_lock(&s->mutex); =20 @@ -637,7 +642,57 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegio= n *mr, hwaddr addr, goto epilogue; } =20 - if (smmu_ptw(cfg, addr, flag, &entry, &ptw_info)) { + tt =3D select_tt(cfg, addr); + if (!tt) { + if (event.record_trans_faults) { + event.type =3D SMMU_EVT_F_TRANSLATION; + event.u.f_translation.addr =3D addr; + event.u.f_translation.rnw =3D flag & 0x1; + } + status =3D SMMU_TRANS_ERROR; + goto epilogue; + } + + page_mask =3D (1ULL << (tt->granule_sz)) - 1; + aligned_addr =3D addr & ~page_mask; + + key.asid =3D cfg->asid; + key.iova =3D aligned_addr; + + cached_entry =3D g_hash_table_lookup(bs->iotlb, &key); + if (cached_entry) { + cfg->iotlb_hits++; + trace_smmu_iotlb_cache_hit(cfg->asid, aligned_addr, + cfg->iotlb_hits, cfg->iotlb_misses, + 100 * cfg->iotlb_hits / + (cfg->iotlb_hits + cfg->iotlb_misses)); + if ((flag & IOMMU_WO) && !(cached_entry->perm & IOMMU_WO)) { + status =3D SMMU_TRANS_ERROR; + if (event.record_trans_faults) { + event.type =3D SMMU_EVT_F_PERMISSION; + event.u.f_permission.addr =3D addr; + event.u.f_permission.rnw =3D flag & 0x1; + } + } else { + status =3D SMMU_TRANS_SUCCESS; + } + goto epilogue; + } + + cfg->iotlb_misses++; + trace_smmu_iotlb_cache_miss(cfg->asid, addr & ~page_mask, + cfg->iotlb_hits, cfg->iotlb_misses, + 100 * cfg->iotlb_hits / + (cfg->iotlb_hits + cfg->iotlb_misses)); + + if (g_hash_table_size(bs->iotlb) >=3D SMMU_IOTLB_MAX_SIZE) { + smmu_iotlb_inv_all(bs); + } + + cached_entry =3D g_new0(IOMMUTLBEntry, 1); + + if (smmu_ptw(cfg, aligned_addr, flag, cached_entry, &ptw_info)) { + g_free(cached_entry); switch (ptw_info.type) { case SMMU_PTW_ERR_WALK_EABT: event.type =3D SMMU_EVT_F_WALK_EABT; @@ -679,6 +734,10 @@ static IOMMUTLBEntry smmuv3_translate(IOMMUMemoryRegio= n *mr, hwaddr addr, } status =3D SMMU_TRANS_ERROR; } else { + new_key =3D g_new0(SMMUIOTLBKey, 1); + new_key->asid =3D cfg->asid; + new_key->iova =3D aligned_addr; + g_hash_table_insert(bs->iotlb, new_key, cached_entry); status =3D SMMU_TRANS_SUCCESS; } =20 @@ -687,6 +746,9 @@ epilogue: switch (status) { case SMMU_TRANS_SUCCESS: entry.perm =3D flag; + entry.translated_addr =3D cached_entry->translated_addr + + (addr & page_mask); + entry.addr_mask =3D cached_entry->addr_mask; trace_smmuv3_translate_success(mr->parent_obj.name, sid, addr, entry.translated_addr, entry.perm); break; @@ -832,10 +894,39 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) smmuv3_flush_config(sdev); break; } - case SMMU_CMD_TLBI_NH_ALL: case SMMU_CMD_TLBI_NH_ASID: - case SMMU_CMD_TLBI_NH_VA: + { + uint16_t asid =3D CMD_ASID(&cmd); + + trace_smmuv3_cmdq_tlbi_nh_asid(asid); + smmu_iotlb_inv_asid(bs, asid); + break; + } + case SMMU_CMD_TLBI_NH_ALL: + case SMMU_CMD_TLBI_NSNH_ALL: + trace_smmuv3_cmdq_tlbi_nh(); + smmu_iotlb_inv_all(bs); + break; case SMMU_CMD_TLBI_NH_VAA: + { + dma_addr_t addr =3D CMD_ADDR(&cmd); + uint16_t vmid =3D CMD_VMID(&cmd); + + trace_smmuv3_cmdq_tlbi_nh_vaa(vmid, addr); + smmu_iotlb_inv_all(bs); + break; + } + case SMMU_CMD_TLBI_NH_VA: + { + uint16_t asid =3D CMD_ASID(&cmd); + uint16_t vmid =3D CMD_VMID(&cmd); + dma_addr_t addr =3D CMD_ADDR(&cmd); + bool leaf =3D CMD_LEAF(&cmd); + + trace_smmuv3_cmdq_tlbi_nh_va(vmid, asid, addr, leaf); + smmu_iotlb_inv_iova(bs, asid, addr); + break; + } case SMMU_CMD_TLBI_EL3_ALL: case SMMU_CMD_TLBI_EL3_VA: case SMMU_CMD_TLBI_EL2_ALL: @@ -844,7 +935,6 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) case SMMU_CMD_TLBI_EL2_VAA: case SMMU_CMD_TLBI_S12_VMALL: case SMMU_CMD_TLBI_S2_IPA: - case SMMU_CMD_TLBI_NSNH_ALL: case SMMU_CMD_ATC_INV: case SMMU_CMD_PRI_RESP: case SMMU_CMD_RESUME: diff --git a/hw/arm/trace-events b/hw/arm/trace-events index 8ee4c21..be69c5d 100644 --- a/hw/arm/trace-events +++ b/hw/arm/trace-events @@ -12,6 +12,11 @@ smmu_ptw_invalid_pte(int stage, int level, uint64_t base= addr, uint64_t pteaddr, smmu_ptw_page_pte(int stage, int level, uint64_t iova, uint64_t baseaddr,= uint64_t pteaddr, uint64_t pte, uint64_t address) "stage=3D%d level=3D%d i= ova=3D0x%"PRIx64" base@=3D0x%"PRIx64" pte@=3D0x%"PRIx64" pte=3D0x%"PRIx64" = page address =3D 0x%"PRIx64 smmu_ptw_block_pte(int stage, int level, uint64_t baseaddr, uint64_t ptead= dr, uint64_t pte, uint64_t iova, uint64_t gpa, int bsize_mb) "stage=3D%d le= vel=3D%d base@=3D0x%"PRIx64" pte@=3D0x%"PRIx64" pte=3D0x%"PRIx64" iova=3D0x= %"PRIx64" block address =3D 0x%"PRIx64" block size =3D %d MiB" smmu_get_pte(uint64_t baseaddr, int index, uint64_t pteaddr, uint64_t pte)= "baseaddr=3D0x%"PRIx64" index=3D0x%x, pteaddr=3D0x%"PRIx64", pte=3D0x%"PRI= x64 +smmu_iotlb_cache_hit(uint16_t asid, uint64_t addr, uint32_t hit, uint32_t = miss, uint32_t p) "IOTLB cache HIT asid=3D%d addr=3D0x%"PRIx64" hit=3D%d mi= ss=3D%d hit rate=3D%d" +smmu_iotlb_cache_miss(uint16_t asid, uint64_t addr, uint32_t hit, uint32_t= miss, uint32_t p) "IOTLB cache MISS asid=3D%d addr=3D0x%"PRIx64" hit=3D%d = miss=3D%d hit rate=3D%d" +smmu_iotlb_inv_all(void) "IOTLB invalidate all" +smmu_iotlb_inv_asid(uint16_t asid) "IOTLB invalidate asid=3D%d" +smmu_iotlb_inv_iova(uint16_t asid, uint64_t addr) "IOTLB invalidate asid= =3D%d addr=3D0x%"PRIx64 =20 #hw/arm/smmuv3.c smmuv3_read_mmio(uint64_t addr, uint64_t val, unsigned size, uint32_t r) "= addr: 0x%"PRIx64" val:0x%"PRIx64" size: 0x%x(%d)" @@ -45,4 +50,8 @@ smmuv3_cmdq_cfgi_ste_range(int start, int end) "start=3D0= x%d - end=3D0x%d" smmuv3_cmdq_cfgi_cd(uint32_t sid) "streamid =3D %d" smmuv3_config_cache_hit(uint32_t sid, uint32_t hits, uint32_t misses, uint= 32_t perc) "Config cache HIT for sid %d (hits=3D%d, misses=3D%d, hit rate= =3D%d)" smmuv3_config_cache_miss(uint32_t sid, uint32_t hits, uint32_t misses, uin= t32_t perc) "Config cache MISS for sid %d (hits=3D%d, misses=3D%d, hit rate= =3D%d)" +smmuv3_cmdq_tlbi_nh_va(int vmid, int asid, uint64_t addr, bool leaf) "vmid= =3D%d asid =3D%d addr=3D0x%"PRIx64" leaf=3D%d" +smmuv3_cmdq_tlbi_nh_vaa(int vmid, uint64_t addr) "vmid =3D%d addr=3D0x%"PR= Ix64 +smmuv3_cmdq_tlbi_nh(void) "" +smmuv3_cmdq_tlbi_nh_asid(uint16_t asid) "asid=3D%d" smmuv3_config_cache_inv(uint32_t sid) "Config cache INV for sid %d" diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h index 7ce95ca..d173806 100644 --- a/include/hw/arm/smmu-common.h +++ b/include/hw/arm/smmu-common.h @@ -67,6 +67,8 @@ typedef struct SMMUTransCfg { uint8_t tbi; /* Top Byte Ignore */ uint16_t asid; SMMUTransTableInfo tt[2]; + uint32_t iotlb_hits; /* counts IOTLB hits for this asid */ + uint32_t iotlb_misses; /* counts IOTLB misses for this asid */ } SMMUTransCfg; =20 typedef struct SMMUDevice { @@ -89,6 +91,11 @@ typedef struct SMMUPciBus { SMMUDevice *pbdev[0]; /* Parent array is sparse, so dynamically allo= c */ } SMMUPciBus; =20 +typedef struct SMMUIOTLBKey { + uint64_t iova; + uint16_t asid; +} SMMUIOTLBKey; + typedef struct SMMUState { /* */ SysBusDevice dev; @@ -147,4 +154,10 @@ SMMUTransTableInfo *select_tt(SMMUTransCfg *cfg, dma_a= ddr_t iova); /* Return the iommu mr associated to @sid, or NULL if none */ IOMMUMemoryRegion *smmu_iommu_mr(SMMUState *s, uint32_t sid); =20 +#define SMMU_IOTLB_MAX_SIZE 256 + +void smmu_iotlb_inv_all(SMMUState *s); +void smmu_iotlb_inv_asid(SMMUState *s, uint16_t asid); +void smmu_iotlb_inv_iova(SMMUState *s, uint16_t asid, dma_addr_t iova); + #endif /* HW_ARM_SMMU_COMMON */ --=20 2.5.5 From nobody Fri May 3 04:31:02 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) client-ip=208.118.235.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Authentication-Results: mx.zohomail.com; spf=pass (zoho.com: domain of gnu.org designates 208.118.235.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com Return-Path: Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) by mx.zohomail.com with SMTPS id 1529653733164646.1976552948566; Fri, 22 Jun 2018 00:48:53 -0700 (PDT) Received: from localhost ([::1]:59860 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fWGoO-0003GH-Dl for importer@patchew.org; Fri, 22 Jun 2018 03:48:52 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41347) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1fWGkw-00013O-Cj for qemu-devel@nongnu.org; Fri, 22 Jun 2018 03:45:23 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1fWGku-0000FV-P7 for qemu-devel@nongnu.org; Fri, 22 Jun 2018 03:45:18 -0400 Received: from mx3-rdu2.redhat.com ([66.187.233.73]:57670 helo=mx1.redhat.com) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1fWGkr-0000Br-9v; Fri, 22 Jun 2018 03:45:13 -0400 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com [10.11.54.4]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id C4002401EF06; Fri, 22 Jun 2018 07:45:12 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-117-106.ams2.redhat.com [10.36.117.106]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9D99E2026D6B; Fri, 22 Jun 2018 07:45:11 +0000 (UTC) From: Eric Auger To: eric.auger.pro@gmail.com, eric.auger@redhat.com, qemu-devel@nongnu.org, qemu-arm@nongnu.org, peter.maydell@linaro.org, jia.he@hxt-semitech.com, hejianet@gmail.com Date: Fri, 22 Jun 2018 09:45:01 +0200 Message-Id: <1529653501-15358-5-git-send-email-eric.auger@redhat.com> In-Reply-To: <1529653501-15358-1-git-send-email-eric.auger@redhat.com> References: <1529653501-15358-1-git-send-email-eric.auger@redhat.com> X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Fri, 22 Jun 2018 07:45:12 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.11.55.5]); Fri, 22 Jun 2018 07:45:12 +0000 (UTC) for IP:'10.11.54.4' DOMAIN:'int-mx04.intmail.prod.int.rdu2.redhat.com' HELO:'smtp.corp.redhat.com' FROM:'eric.auger@redhat.com' RCPT:'' X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 66.187.233.73 Subject: [Qemu-devel] [PATCH v4 4/4] hw/arm/smmuv3: Add notifications on invalidation X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail: RSF_0 Z_629925259 SPT_0 Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" On TLB invalidation commands, let's call registered IOMMU notifiers. Those can only be UNMAP notifiers. SMMUv3 does not support notification on MAP (VFIO). This patch allows vhost use case where IOTLB API is notified on each guest IOTLB invalidation. Signed-off-by: Eric Auger Reviewed-by: Peter Maydell --- v3 -> v4: - fixed smmuv3_notify_flag_changed (new =3D=3D IOMMU_NOTIFIER_MAP) replaced by (new & IOMMU_NOTIFIER_MAP) v2 -> v3: - added Peter's R-b --- hw/arm/smmu-common.c | 34 +++++++++++++++ hw/arm/smmuv3.c | 99 ++++++++++++++++++++++++++++++++++++++++= +++- hw/arm/trace-events | 5 +++ include/hw/arm/smmu-common.h | 6 +++ 4 files changed, 142 insertions(+), 2 deletions(-) diff --git a/hw/arm/smmu-common.c b/hw/arm/smmu-common.c index f66e444..3098915 100644 --- a/hw/arm/smmu-common.c +++ b/hw/arm/smmu-common.c @@ -385,6 +385,40 @@ static gboolean smmu_iotlb_key_equal(gconstpointer v1,= gconstpointer v2) return (k1->asid =3D=3D k2->asid) && (k1->iova =3D=3D k2->iova); } =20 +/* Unmap the whole notifier's range */ +static void smmu_unmap_notifier_range(IOMMUNotifier *n) +{ + IOMMUTLBEntry entry; + + entry.target_as =3D &address_space_memory; + entry.iova =3D n->start; + entry.perm =3D IOMMU_NONE; + entry.addr_mask =3D n->end - n->start; + + memory_region_notify_one(n, &entry); +} + +/* Unmap all notifiers attached to @mr */ +inline void smmu_inv_notifiers_mr(IOMMUMemoryRegion *mr) +{ + IOMMUNotifier *n; + + trace_smmu_inv_notifiers_mr(mr->parent_obj.name); + IOMMU_NOTIFIER_FOREACH(n, mr) { + smmu_unmap_notifier_range(n); + } +} + +/* Unmap all notifiers of all mr's */ +void smmu_inv_notifiers_all(SMMUState *s) +{ + SMMUNotifierNode *node; + + QLIST_FOREACH(node, &s->notifiers_list, next) { + smmu_inv_notifiers_mr(&node->sdev->iommu); + } +} + static void smmu_base_realize(DeviceState *dev, Error **errp) { SMMUState *s =3D ARM_SMMU(dev); diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c index b6dc7ed..39fbcbf 100644 --- a/hw/arm/smmuv3.c +++ b/hw/arm/smmuv3.c @@ -780,6 +780,68 @@ epilogue: return entry; } =20 +/** + * smmuv3_notify_iova - call the notifier @n for a given + * @asid and @iova tuple. + * + * @mr: IOMMU mr region handle + * @n: notifier to be called + * @asid: address space ID or negative value if we don't care + * @iova: iova + */ +static void smmuv3_notify_iova(IOMMUMemoryRegion *mr, + IOMMUNotifier *n, + int asid, + dma_addr_t iova) +{ + SMMUDevice *sdev =3D container_of(mr, SMMUDevice, iommu); + SMMUEventInfo event =3D {}; + SMMUTransTableInfo *tt; + SMMUTransCfg *cfg; + IOMMUTLBEntry entry; + + cfg =3D smmuv3_get_config(sdev, &event); + if (!cfg) { + qemu_log_mask(LOG_GUEST_ERROR, + "%s error decoding the configuration for iommu mr=3D= %s\n", + __func__, mr->parent_obj.name); + return; + } + + if (asid >=3D 0 && cfg->asid !=3D asid) { + return; + } + + tt =3D select_tt(cfg, iova); + if (!tt) { + return; + } + + entry.target_as =3D &address_space_memory; + entry.iova =3D iova; + entry.addr_mask =3D (1 << tt->granule_sz) - 1; + entry.perm =3D IOMMU_NONE; + + memory_region_notify_one(n, &entry); +} + +/* invalidate an asid/iova tuple in all mr's */ +static void smmuv3_inv_notifiers_iova(SMMUState *s, int asid, dma_addr_t i= ova) +{ + SMMUNotifierNode *node; + + QLIST_FOREACH(node, &s->notifiers_list, next) { + IOMMUMemoryRegion *mr =3D &node->sdev->iommu; + IOMMUNotifier *n; + + trace_smmuv3_inv_notifiers_iova(mr->parent_obj.name, asid, iova); + + IOMMU_NOTIFIER_FOREACH(n, mr) { + smmuv3_notify_iova(mr, n, asid, iova); + } + } +} + static int smmuv3_cmdq_consume(SMMUv3State *s) { SMMUState *bs =3D ARM_SMMU(s); @@ -899,12 +961,14 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) uint16_t asid =3D CMD_ASID(&cmd); =20 trace_smmuv3_cmdq_tlbi_nh_asid(asid); + smmu_inv_notifiers_all(&s->smmu_state); smmu_iotlb_inv_asid(bs, asid); break; } case SMMU_CMD_TLBI_NH_ALL: case SMMU_CMD_TLBI_NSNH_ALL: trace_smmuv3_cmdq_tlbi_nh(); + smmu_inv_notifiers_all(&s->smmu_state); smmu_iotlb_inv_all(bs); break; case SMMU_CMD_TLBI_NH_VAA: @@ -913,6 +977,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) uint16_t vmid =3D CMD_VMID(&cmd); =20 trace_smmuv3_cmdq_tlbi_nh_vaa(vmid, addr); + smmuv3_inv_notifiers_iova(bs, -1, addr); smmu_iotlb_inv_all(bs); break; } @@ -924,6 +989,7 @@ static int smmuv3_cmdq_consume(SMMUv3State *s) bool leaf =3D CMD_LEAF(&cmd); =20 trace_smmuv3_cmdq_tlbi_nh_va(vmid, asid, addr, leaf); + smmuv3_inv_notifiers_iova(bs, asid, addr); smmu_iotlb_inv_iova(bs, asid, addr); break; } @@ -1402,9 +1468,38 @@ static void smmuv3_notify_flag_changed(IOMMUMemoryRe= gion *iommu, IOMMUNotifierFlag old, IOMMUNotifierFlag new) { + SMMUDevice *sdev =3D container_of(iommu, SMMUDevice, iommu); + SMMUv3State *s3 =3D sdev->smmu; + SMMUState *s =3D &(s3->smmu_state); + SMMUNotifierNode *node =3D NULL; + SMMUNotifierNode *next_node =3D NULL; + + if (new & IOMMU_NOTIFIER_MAP) { + int bus_num =3D pci_bus_num(sdev->bus); + PCIDevice *pcidev =3D pci_find_device(sdev->bus, bus_num, sdev->de= vfn); + + warn_report("SMMUv3 does not support notification on MAP: " + "device %s will not function properly", pcidev->name); + } + if (old =3D=3D IOMMU_NOTIFIER_NONE) { - warn_report("SMMUV3 does not support vhost/vfio integration yet: " - "devices of those types will not function properly"); + trace_smmuv3_notify_flag_add(iommu->parent_obj.name); + node =3D g_malloc0(sizeof(*node)); + node->sdev =3D sdev; + QLIST_INSERT_HEAD(&s->notifiers_list, node, next); + return; + } + + /* update notifier node with new flags */ + QLIST_FOREACH_SAFE(node, &s->notifiers_list, next, next_node) { + if (node->sdev =3D=3D sdev) { + if (new =3D=3D IOMMU_NOTIFIER_NONE) { + trace_smmuv3_notify_flag_del(iommu->parent_obj.name); + QLIST_REMOVE(node, next); + g_free(node); + } + return; + } } } =20 diff --git a/hw/arm/trace-events b/hw/arm/trace-events index be69c5d..27b11d6 100644 --- a/hw/arm/trace-events +++ b/hw/arm/trace-events @@ -17,6 +17,7 @@ smmu_iotlb_cache_miss(uint16_t asid, uint64_t addr, uint3= 2_t hit, uint32_t miss, smmu_iotlb_inv_all(void) "IOTLB invalidate all" smmu_iotlb_inv_asid(uint16_t asid) "IOTLB invalidate asid=3D%d" smmu_iotlb_inv_iova(uint16_t asid, uint64_t addr) "IOTLB invalidate asid= =3D%d addr=3D0x%"PRIx64 +smmu_inv_notifiers_mr(const char *name) "iommu mr=3D%s" =20 #hw/arm/smmuv3.c smmuv3_read_mmio(uint64_t addr, uint64_t val, unsigned size, uint32_t r) "= addr: 0x%"PRIx64" val:0x%"PRIx64" size: 0x%x(%d)" @@ -55,3 +56,7 @@ smmuv3_cmdq_tlbi_nh_vaa(int vmid, uint64_t addr) "vmid = =3D%d addr=3D0x%"PRIx64 smmuv3_cmdq_tlbi_nh(void) "" smmuv3_cmdq_tlbi_nh_asid(uint16_t asid) "asid=3D%d" smmuv3_config_cache_inv(uint32_t sid) "Config cache INV for sid %d" +smmuv3_notify_flag_add(const char *iommu) "ADD SMMUNotifier node for iommu= mr=3D%s" +smmuv3_notify_flag_del(const char *iommu) "DEL SMMUNotifier node for iommu= mr=3D%s" +smmuv3_inv_notifiers_iova(const char *name, uint16_t asid, uint64_t iova) = "iommu mr=3D%s asid=3D%d iova=3D0x%"PRIx64 + diff --git a/include/hw/arm/smmu-common.h b/include/hw/arm/smmu-common.h index d173806..50e2912 100644 --- a/include/hw/arm/smmu-common.h +++ b/include/hw/arm/smmu-common.h @@ -160,4 +160,10 @@ void smmu_iotlb_inv_all(SMMUState *s); void smmu_iotlb_inv_asid(SMMUState *s, uint16_t asid); void smmu_iotlb_inv_iova(SMMUState *s, uint16_t asid, dma_addr_t iova); =20 +/* Unmap the range of all the notifiers registered to any IOMMU mr */ +void smmu_inv_notifiers_all(SMMUState *s); + +/* Unmap the range of all the notifiers registered to @mr */ +void smmu_inv_notifiers_mr(IOMMUMemoryRegion *mr); + #endif /* HW_ARM_SMMU_COMMON */ --=20 2.5.5