From: Yi Liu <yi.l.liu@intel.com>
This traps the guest PASID-based iotlb invalidation request and propagate it
to host.
Intel VT-d 3.0 supports nested translation in PASID granularity. Guest SVA
support could be implemented by configuring nested translation on specific
pasid. This is also known as dual stage DMA translation.
Under such configuration, guest owns the GVA->GPA translation which is
configured as stage-1 page table on host side for a specific pasid, and host
owns GPA->HPA translation. As guest owns stage-1 translation table, piotlb
invalidation should be propagated to host since host IOMMU will cache first
level page table related mappings during DMA address translation.
Signed-off-by: Yi Liu <yi.l.liu@intel.com>
Signed-off-by: Yi Sun <yi.y.sun@linux.intel.com>
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
---
hw/i386/intel_iommu_internal.h | 6 +++
hw/i386/intel_iommu.c | 95 +++++++++++++++++++++++++++++++++-
2 files changed, 99 insertions(+), 2 deletions(-)
diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
index 8af1004888..c1a9263651 100644
--- a/hw/i386/intel_iommu_internal.h
+++ b/hw/i386/intel_iommu_internal.h
@@ -596,6 +596,12 @@ typedef struct VTDPASIDCacheInfo {
uint16_t devfn;
} VTDPASIDCacheInfo;
+typedef struct VTDPIOTLBInvInfo {
+ uint16_t domain_id;
+ uint32_t pasid;
+ struct iommu_hwpt_vtd_s1_invalidate *inv_data;
+} VTDPIOTLBInvInfo;
+
/* PASID Table Related Definitions */
#define VTD_PASID_DIR_BASE_ADDR_MASK (~0xfffULL)
#define VTD_PASID_TABLE_BASE_ADDR_MASK (~0xfffULL)
diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index 6c0e502d1c..7efa22f4ec 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -2611,12 +2611,99 @@ static int vtd_bind_guest_pasid(VTDAddressSpace *vtd_as, VTDPASIDOp op,
return ret;
}
+
+static void
+vtd_invalidate_piotlb_locked(VTDAddressSpace *vtd_as,
+ struct iommu_hwpt_vtd_s1_invalidate *cache)
+{
+ IntelIOMMUState *s = vtd_as->iommu_state;
+ VTDHostIOMMUDevice *vtd_hiod = vtd_find_hiod_iommufd(s, vtd_as);
+ HostIOMMUDeviceIOMMUFD *idev;
+ uint32_t entry_num = 1; /* Only implement one request for simplicity */
+ Error *local_err = NULL;
+
+ if (!vtd_hiod || !vtd_as->s1_hwpt) {
+ return;
+ }
+ idev = HOST_IOMMU_DEVICE_IOMMUFD(vtd_hiod->hiod);
+
+ if (!iommufd_backend_invalidate_cache(idev->iommufd, vtd_as->s1_hwpt,
+ IOMMU_HWPT_INVALIDATE_DATA_VTD_S1,
+ sizeof(*cache), &entry_num, cache,
+ &local_err)) {
+ /* Something wrong in kernel, but trying to continue */
+ error_report_err(local_err);
+ }
+}
+
+/*
+ * This function is a loop function for the s->vtd_address_spaces
+ * list with VTDPIOTLBInvInfo as execution filter. It propagates
+ * the piotlb invalidation to host.
+ */
+static void vtd_flush_host_piotlb_locked(gpointer key, gpointer value,
+ gpointer user_data)
+{
+ VTDPIOTLBInvInfo *piotlb_info = user_data;
+ VTDAddressSpace *vtd_as = value;
+ VTDPASIDCacheEntry *pc_entry = &vtd_as->pasid_cache_entry;
+ uint32_t pasid;
+ uint16_t did;
+
+ /* Replay only fills pasid entry cache for passthrough device */
+ if (!pc_entry->valid ||
+ !vtd_pe_pgtt_is_flt(&pc_entry->pasid_entry)) {
+ return;
+ }
+
+ if (vtd_as_to_iommu_pasid_locked(vtd_as, &pasid)) {
+ return;
+ }
+
+ did = VTD_SM_PASID_ENTRY_DID(&pc_entry->pasid_entry);
+
+ if (piotlb_info->domain_id == did && piotlb_info->pasid == pasid) {
+ vtd_invalidate_piotlb_locked(vtd_as, piotlb_info->inv_data);
+ }
+}
+
+static void
+vtd_flush_host_piotlb_all_locked(IntelIOMMUState *s,
+ uint16_t domain_id, uint32_t pasid,
+ hwaddr addr, uint64_t npages, bool ih)
+{
+ struct iommu_hwpt_vtd_s1_invalidate cache_info = { 0 };
+ VTDPIOTLBInvInfo piotlb_info;
+
+ cache_info.addr = addr;
+ cache_info.npages = npages;
+ cache_info.flags = ih ? IOMMU_VTD_INV_FLAGS_LEAF : 0;
+
+ piotlb_info.domain_id = domain_id;
+ piotlb_info.pasid = pasid;
+ piotlb_info.inv_data = &cache_info;
+
+ /*
+ * Go through each vtd_as instance in s->vtd_address_spaces, find out
+ * the affected host device which need host piotlb invalidation. Piotlb
+ * invalidation should check pasid cache per architecture point of view.
+ */
+ g_hash_table_foreach(s->vtd_address_spaces,
+ vtd_flush_host_piotlb_locked, &piotlb_info);
+}
#else
static int vtd_bind_guest_pasid(VTDAddressSpace *vtd_as, VTDPASIDOp op,
Error **errp)
{
return 0;
}
+
+static void
+vtd_flush_host_piotlb_all_locked(IntelIOMMUState *s,
+ uint16_t domain_id, uint32_t pasid,
+ hwaddr addr, uint64_t npages, bool ih)
+{
+}
#endif
static int vtd_bind_guest_pasid_report_err(VTDAddressSpace *vtd_as,
@@ -3295,6 +3382,7 @@ static void vtd_piotlb_pasid_invalidate(IntelIOMMUState *s,
vtd_iommu_lock(s);
g_hash_table_foreach_remove(s->iotlb, vtd_hash_remove_by_pasid,
&info);
+ vtd_flush_host_piotlb_all_locked(s, domain_id, pasid, 0, (uint64_t)-1, 0);
vtd_iommu_unlock(s);
QLIST_FOREACH(vtd_as, &s->vtd_as_with_notifiers, next) {
@@ -3316,7 +3404,8 @@ static void vtd_piotlb_pasid_invalidate(IntelIOMMUState *s,
}
static void vtd_piotlb_page_invalidate(IntelIOMMUState *s, uint16_t domain_id,
- uint32_t pasid, hwaddr addr, uint8_t am)
+ uint32_t pasid, hwaddr addr, uint8_t am,
+ bool ih)
{
VTDIOTLBPageInvInfo info;
@@ -3328,6 +3417,7 @@ static void vtd_piotlb_page_invalidate(IntelIOMMUState *s, uint16_t domain_id,
vtd_iommu_lock(s);
g_hash_table_foreach_remove(s->iotlb,
vtd_hash_remove_by_page_piotlb, &info);
+ vtd_flush_host_piotlb_all_locked(s, domain_id, pasid, addr, 1 << am, ih);
vtd_iommu_unlock(s);
vtd_iotlb_page_invalidate_notify(s, domain_id, addr, am, pasid);
@@ -3359,7 +3449,8 @@ static bool vtd_process_piotlb_desc(IntelIOMMUState *s,
case VTD_INV_DESC_PIOTLB_PSI_IN_PASID:
am = VTD_INV_DESC_PIOTLB_AM(inv_desc->val[1]);
addr = (hwaddr) VTD_INV_DESC_PIOTLB_ADDR(inv_desc->val[1]);
- vtd_piotlb_page_invalidate(s, domain_id, pasid, addr, am);
+ vtd_piotlb_page_invalidate(s, domain_id, pasid, addr, am,
+ VTD_INV_DESC_PIOTLB_IH(inv_desc->val[1]));
break;
default:
--
2.47.1
On 8/22/25 8:40 AM, Zhenzhong Duan wrote:
> From: Yi Liu <yi.l.liu@intel.com>
>
> This traps the guest PASID-based iotlb invalidation request and propagate it
> to host.
>
> Intel VT-d 3.0 supports nested translation in PASID granularity. Guest SVA
> support could be implemented by configuring nested translation on specific
> pasid. This is also known as dual stage DMA translation.
>
> Under such configuration, guest owns the GVA->GPA translation which is
> configured as stage-1 page table on host side for a specific pasid, and host
> owns GPA->HPA translation. As guest owns stage-1 translation table, piotlb
> invalidation should be propagated to host since host IOMMU will cache first
> level page table related mappings during DMA address translation.
>
> Signed-off-by: Yi Liu <yi.l.liu@intel.com>
> Signed-off-by: Yi Sun <yi.y.sun@linux.intel.com>
> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
> ---
> hw/i386/intel_iommu_internal.h | 6 +++
> hw/i386/intel_iommu.c | 95 +++++++++++++++++++++++++++++++++-
> 2 files changed, 99 insertions(+), 2 deletions(-)
>
> diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
> index 8af1004888..c1a9263651 100644
> --- a/hw/i386/intel_iommu_internal.h
> +++ b/hw/i386/intel_iommu_internal.h
> @@ -596,6 +596,12 @@ typedef struct VTDPASIDCacheInfo {
> uint16_t devfn;
> } VTDPASIDCacheInfo;
>
> +typedef struct VTDPIOTLBInvInfo {
> + uint16_t domain_id;
> + uint32_t pasid;
> + struct iommu_hwpt_vtd_s1_invalidate *inv_data;
> +} VTDPIOTLBInvInfo;
> +
> /* PASID Table Related Definitions */
> #define VTD_PASID_DIR_BASE_ADDR_MASK (~0xfffULL)
> #define VTD_PASID_TABLE_BASE_ADDR_MASK (~0xfffULL)
> diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
> index 6c0e502d1c..7efa22f4ec 100644
> --- a/hw/i386/intel_iommu.c
> +++ b/hw/i386/intel_iommu.c
> @@ -2611,12 +2611,99 @@ static int vtd_bind_guest_pasid(VTDAddressSpace *vtd_as, VTDPASIDOp op,
>
> return ret;
> }
> +
> +static void
> +vtd_invalidate_piotlb_locked(VTDAddressSpace *vtd_as,
> + struct iommu_hwpt_vtd_s1_invalidate *cache)
> +{
> + IntelIOMMUState *s = vtd_as->iommu_state;
> + VTDHostIOMMUDevice *vtd_hiod = vtd_find_hiod_iommufd(s, vtd_as);
> + HostIOMMUDeviceIOMMUFD *idev;
> + uint32_t entry_num = 1; /* Only implement one request for simplicity */
can you remind me what it is used for. What 1?
> + Error *local_err = NULL;
> +
> + if (!vtd_hiod || !vtd_as->s1_hwpt) {
> + return;
> + }
> + idev = HOST_IOMMU_DEVICE_IOMMUFD(vtd_hiod->hiod);
> +
> + if (!iommufd_backend_invalidate_cache(idev->iommufd, vtd_as->s1_hwpt,
> + IOMMU_HWPT_INVALIDATE_DATA_VTD_S1,
> + sizeof(*cache), &entry_num, cache,
> + &local_err)) {
> + /* Something wrong in kernel, but trying to continue */
> + error_report_err(local_err);
> + }
> +}
> +
> +/*
> + * This function is a loop function for the s->vtd_address_spaces
> + * list with VTDPIOTLBInvInfo as execution filter. It propagates
> + * the piotlb invalidation to host.
> + */
> +static void vtd_flush_host_piotlb_locked(gpointer key, gpointer value,
> + gpointer user_data)
> +{
> + VTDPIOTLBInvInfo *piotlb_info = user_data;
> + VTDAddressSpace *vtd_as = value;
> + VTDPASIDCacheEntry *pc_entry = &vtd_as->pasid_cache_entry;
> + uint32_t pasid;
> + uint16_t did;
> +
> + /* Replay only fills pasid entry cache for passthrough device */
> + if (!pc_entry->valid ||
> + !vtd_pe_pgtt_is_flt(&pc_entry->pasid_entry)) {
> + return;
> + }
> +
> + if (vtd_as_to_iommu_pasid_locked(vtd_as, &pasid)) {
> + return;
> + }
> +
> + did = VTD_SM_PASID_ENTRY_DID(&pc_entry->pasid_entry);
> +
> + if (piotlb_info->domain_id == did && piotlb_info->pasid == pasid) {
> + vtd_invalidate_piotlb_locked(vtd_as, piotlb_info->inv_data);
> + }
> +}
> +
> +static void
> +vtd_flush_host_piotlb_all_locked(IntelIOMMUState *s,
> + uint16_t domain_id, uint32_t pasid,
> + hwaddr addr, uint64_t npages, bool ih)
> +{
> + struct iommu_hwpt_vtd_s1_invalidate cache_info = { 0 };
> + VTDPIOTLBInvInfo piotlb_info;
> +
> + cache_info.addr = addr;
> + cache_info.npages = npages;
> + cache_info.flags = ih ? IOMMU_VTD_INV_FLAGS_LEAF : 0;
> +
> + piotlb_info.domain_id = domain_id;
> + piotlb_info.pasid = pasid;
> + piotlb_info.inv_data = &cache_info;
> +
> + /*
> + * Go through each vtd_as instance in s->vtd_address_spaces, find out
> + * the affected host device which need host piotlb invalidation. Piotlb
Are you likely to find several vts_as that match invalidation params?
> + * invalidation should check pasid cache per architecture point of view.
> + */
> + g_hash_table_foreach(s->vtd_address_spaces,
> + vtd_flush_host_piotlb_locked, &piotlb_info);
> +}
> #else
> static int vtd_bind_guest_pasid(VTDAddressSpace *vtd_as, VTDPASIDOp op,
> Error **errp)
> {
> return 0;
> }
> +
> +static void
> +vtd_flush_host_piotlb_all_locked(IntelIOMMUState *s,
> + uint16_t domain_id, uint32_t pasid,
> + hwaddr addr, uint64_t npages, bool ih)
> +{
> +}
> #endif
Can't you put those stub stuff in a specific header as it is usually done?
>
> static int vtd_bind_guest_pasid_report_err(VTDAddressSpace *vtd_as,
> @@ -3295,6 +3382,7 @@ static void vtd_piotlb_pasid_invalidate(IntelIOMMUState *s,
> vtd_iommu_lock(s);
> g_hash_table_foreach_remove(s->iotlb, vtd_hash_remove_by_pasid,
> &info);
> + vtd_flush_host_piotlb_all_locked(s, domain_id, pasid, 0, (uint64_t)-1, 0);
> vtd_iommu_unlock(s);
>
> QLIST_FOREACH(vtd_as, &s->vtd_as_with_notifiers, next) {
> @@ -3316,7 +3404,8 @@ static void vtd_piotlb_pasid_invalidate(IntelIOMMUState *s,
> }
>
> static void vtd_piotlb_page_invalidate(IntelIOMMUState *s, uint16_t domain_id,
> - uint32_t pasid, hwaddr addr, uint8_t am)
> + uint32_t pasid, hwaddr addr, uint8_t am,
> + bool ih)
> {
> VTDIOTLBPageInvInfo info;
>
> @@ -3328,6 +3417,7 @@ static void vtd_piotlb_page_invalidate(IntelIOMMUState *s, uint16_t domain_id,
> vtd_iommu_lock(s);
> g_hash_table_foreach_remove(s->iotlb,
> vtd_hash_remove_by_page_piotlb, &info);
> + vtd_flush_host_piotlb_all_locked(s, domain_id, pasid, addr, 1 << am, ih);
> vtd_iommu_unlock(s);
>
> vtd_iotlb_page_invalidate_notify(s, domain_id, addr, am, pasid);
> @@ -3359,7 +3449,8 @@ static bool vtd_process_piotlb_desc(IntelIOMMUState *s,
> case VTD_INV_DESC_PIOTLB_PSI_IN_PASID:
> am = VTD_INV_DESC_PIOTLB_AM(inv_desc->val[1]);
> addr = (hwaddr) VTD_INV_DESC_PIOTLB_ADDR(inv_desc->val[1]);
> - vtd_piotlb_page_invalidate(s, domain_id, pasid, addr, am);
> + vtd_piotlb_page_invalidate(s, domain_id, pasid, addr, am,
> + VTD_INV_DESC_PIOTLB_IH(inv_desc->val[1]));
> break;
>
> default:
Thanks
Eric
>-----Original Message-----
>From: Eric Auger <eric.auger@redhat.com>
>Subject: Re: [PATCH v5 17/21] intel_iommu: Propagate PASID-based iotlb
>invalidation to host
>
>
>
>On 8/22/25 8:40 AM, Zhenzhong Duan wrote:
>> From: Yi Liu <yi.l.liu@intel.com>
>>
>> This traps the guest PASID-based iotlb invalidation request and propagate it
>> to host.
>>
>> Intel VT-d 3.0 supports nested translation in PASID granularity. Guest SVA
>> support could be implemented by configuring nested translation on specific
>> pasid. This is also known as dual stage DMA translation.
>>
>> Under such configuration, guest owns the GVA->GPA translation which is
>> configured as stage-1 page table on host side for a specific pasid, and host
>> owns GPA->HPA translation. As guest owns stage-1 translation table, piotlb
>> invalidation should be propagated to host since host IOMMU will cache first
>> level page table related mappings during DMA address translation.
>>
>> Signed-off-by: Yi Liu <yi.l.liu@intel.com>
>> Signed-off-by: Yi Sun <yi.y.sun@linux.intel.com>
>> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
>> ---
>> hw/i386/intel_iommu_internal.h | 6 +++
>> hw/i386/intel_iommu.c | 95
>+++++++++++++++++++++++++++++++++-
>> 2 files changed, 99 insertions(+), 2 deletions(-)
>>
>> diff --git a/hw/i386/intel_iommu_internal.h
>b/hw/i386/intel_iommu_internal.h
>> index 8af1004888..c1a9263651 100644
>> --- a/hw/i386/intel_iommu_internal.h
>> +++ b/hw/i386/intel_iommu_internal.h
>> @@ -596,6 +596,12 @@ typedef struct VTDPASIDCacheInfo {
>> uint16_t devfn;
>> } VTDPASIDCacheInfo;
>>
>> +typedef struct VTDPIOTLBInvInfo {
>> + uint16_t domain_id;
>> + uint32_t pasid;
>> + struct iommu_hwpt_vtd_s1_invalidate *inv_data;
>> +} VTDPIOTLBInvInfo;
>> +
>> /* PASID Table Related Definitions */
>> #define VTD_PASID_DIR_BASE_ADDR_MASK (~0xfffULL)
>> #define VTD_PASID_TABLE_BASE_ADDR_MASK (~0xfffULL)
>> diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
>> index 6c0e502d1c..7efa22f4ec 100644
>> --- a/hw/i386/intel_iommu.c
>> +++ b/hw/i386/intel_iommu.c
>> @@ -2611,12 +2611,99 @@ static int
>vtd_bind_guest_pasid(VTDAddressSpace *vtd_as, VTDPASIDOp op,
>>
>> return ret;
>> }
>> +
>> +static void
>> +vtd_invalidate_piotlb_locked(VTDAddressSpace *vtd_as,
>> + struct iommu_hwpt_vtd_s1_invalidate
>*cache)
>> +{
>> + IntelIOMMUState *s = vtd_as->iommu_state;
>> + VTDHostIOMMUDevice *vtd_hiod = vtd_find_hiod_iommufd(s,
>vtd_as);
>> + HostIOMMUDeviceIOMMUFD *idev;
>> + uint32_t entry_num = 1; /* Only implement one request for simplicity
>*/
>can you remind me what it is used for. What 1?
I see Yi has answered this question.
>> + Error *local_err = NULL;
>> +
>> + if (!vtd_hiod || !vtd_as->s1_hwpt) {
>> + return;
>> + }
>> + idev = HOST_IOMMU_DEVICE_IOMMUFD(vtd_hiod->hiod);
>> +
>> + if (!iommufd_backend_invalidate_cache(idev->iommufd,
>vtd_as->s1_hwpt,
>> +
>IOMMU_HWPT_INVALIDATE_DATA_VTD_S1,
>> + sizeof(*cache),
>&entry_num, cache,
>> + &local_err)) {
>> + /* Something wrong in kernel, but trying to continue */
>> + error_report_err(local_err);
>> + }
>> +}
>> +
>> +/*
>> + * This function is a loop function for the s->vtd_address_spaces
>> + * list with VTDPIOTLBInvInfo as execution filter. It propagates
>> + * the piotlb invalidation to host.
>> + */
>> +static void vtd_flush_host_piotlb_locked(gpointer key, gpointer value,
>> + gpointer user_data)
>> +{
>> + VTDPIOTLBInvInfo *piotlb_info = user_data;
>> + VTDAddressSpace *vtd_as = value;
>> + VTDPASIDCacheEntry *pc_entry = &vtd_as->pasid_cache_entry;
>> + uint32_t pasid;
>> + uint16_t did;
>> +
>> + /* Replay only fills pasid entry cache for passthrough device */
>> + if (!pc_entry->valid ||
>> + !vtd_pe_pgtt_is_flt(&pc_entry->pasid_entry)) {
>> + return;
>> + }
>> +
>> + if (vtd_as_to_iommu_pasid_locked(vtd_as, &pasid)) {
>> + return;
>> + }
>> +
>> + did = VTD_SM_PASID_ENTRY_DID(&pc_entry->pasid_entry);
>> +
>> + if (piotlb_info->domain_id == did && piotlb_info->pasid == pasid) {
>> + vtd_invalidate_piotlb_locked(vtd_as, piotlb_info->inv_data);
>> + }
>> +}
>> +
>> +static void
>> +vtd_flush_host_piotlb_all_locked(IntelIOMMUState *s,
>> + uint16_t domain_id, uint32_t
>pasid,
>> + hwaddr addr, uint64_t npages,
>bool ih)
>> +{
>> + struct iommu_hwpt_vtd_s1_invalidate cache_info = { 0 };
>> + VTDPIOTLBInvInfo piotlb_info;
>> +
>> + cache_info.addr = addr;
>> + cache_info.npages = npages;
>> + cache_info.flags = ih ? IOMMU_VTD_INV_FLAGS_LEAF : 0;
>> +
>> + piotlb_info.domain_id = domain_id;
>> + piotlb_info.pasid = pasid;
>> + piotlb_info.inv_data = &cache_info;
>> +
>> + /*
>> + * Go through each vtd_as instance in s->vtd_address_spaces, find
>out
>> + * the affected host device which need host piotlb invalidation. Piotlb
>Are you likely to find several vts_as that match invalidation params?
This is possible, it depends on guest kernel implementation. There can be N devices
attached to one domain in guest, then in qemu, N nested HWPTs created and attached to N devices on host side.
>> + * invalidation should check pasid cache per architecture point of
>view.
>> + */
>> + g_hash_table_foreach(s->vtd_address_spaces,
>> + vtd_flush_host_piotlb_locked,
>&piotlb_info);
>> +}
>> #else
>> static int vtd_bind_guest_pasid(VTDAddressSpace *vtd_as, VTDPASIDOp
>op,
>> Error **errp)
>> {
>> return 0;
>> }
>> +
>> +static void
>> +vtd_flush_host_piotlb_all_locked(IntelIOMMUState *s,
>> + uint16_t domain_id, uint32_t
>pasid,
>> + hwaddr addr, uint64_t npages,
>bool ih)
>> +{
>> +}
>> #endif
>Can't you put those stub stuff in a specific header as it is usually done?
That's usually true for public functions, but vtd_flush_host_piotlb_all_locked() is a static function, do we really want to put in header and expose it to other c files unnecessarily?
Thanks
Zhenzhong
On 2025/8/28 18:00, Eric Auger wrote:
>
>
> On 8/22/25 8:40 AM, Zhenzhong Duan wrote:
>> From: Yi Liu <yi.l.liu@intel.com>
>>
>> This traps the guest PASID-based iotlb invalidation request and propagate it
>> to host.
>>
>> Intel VT-d 3.0 supports nested translation in PASID granularity. Guest SVA
>> support could be implemented by configuring nested translation on specific
>> pasid. This is also known as dual stage DMA translation.
>>
>> Under such configuration, guest owns the GVA->GPA translation which is
>> configured as stage-1 page table on host side for a specific pasid, and host
>> owns GPA->HPA translation. As guest owns stage-1 translation table, piotlb
>> invalidation should be propagated to host since host IOMMU will cache first
>> level page table related mappings during DMA address translation.
>>
>> Signed-off-by: Yi Liu <yi.l.liu@intel.com>
>> Signed-off-by: Yi Sun <yi.y.sun@linux.intel.com>
>> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
>> ---
>> hw/i386/intel_iommu_internal.h | 6 +++
>> hw/i386/intel_iommu.c | 95 +++++++++++++++++++++++++++++++++-
>> 2 files changed, 99 insertions(+), 2 deletions(-)
>>
>> diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
>> index 8af1004888..c1a9263651 100644
>> --- a/hw/i386/intel_iommu_internal.h
>> +++ b/hw/i386/intel_iommu_internal.h
>> @@ -596,6 +596,12 @@ typedef struct VTDPASIDCacheInfo {
>> uint16_t devfn;
>> } VTDPASIDCacheInfo;
>>
>> +typedef struct VTDPIOTLBInvInfo {
>> + uint16_t domain_id;
>> + uint32_t pasid;
>> + struct iommu_hwpt_vtd_s1_invalidate *inv_data;
>> +} VTDPIOTLBInvInfo;
>> +
>> /* PASID Table Related Definitions */
>> #define VTD_PASID_DIR_BASE_ADDR_MASK (~0xfffULL)
>> #define VTD_PASID_TABLE_BASE_ADDR_MASK (~0xfffULL)
>> diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
>> index 6c0e502d1c..7efa22f4ec 100644
>> --- a/hw/i386/intel_iommu.c
>> +++ b/hw/i386/intel_iommu.c
>> @@ -2611,12 +2611,99 @@ static int vtd_bind_guest_pasid(VTDAddressSpace *vtd_as, VTDPASIDOp op,
>>
>> return ret;
>> }
>> +
>> +static void
>> +vtd_invalidate_piotlb_locked(VTDAddressSpace *vtd_as,
>> + struct iommu_hwpt_vtd_s1_invalidate *cache)
>> +{
>> + IntelIOMMUState *s = vtd_as->iommu_state;
>> + VTDHostIOMMUDevice *vtd_hiod = vtd_find_hiod_iommufd(s, vtd_as);
>> + HostIOMMUDeviceIOMMUFD *idev;
>> + uint32_t entry_num = 1; /* Only implement one request for simplicity */
> can you remind me what it is used for. What 1?
the iommufd cache invalidation interface supports passing an array
of invalidation requests. For simplicity, we start with 1.
Regards,
Yi Liu
© 2016 - 2025 Red Hat, Inc.