1. Patchew
  2. linux
  3. View series

[PATCH v4 0/3] iommu/arm-smmu-v3: Tegra264 invalidation workaround

Ashish Mhetre posted 3 patches 1 day, 1 hour ago 
Documentation/arch/arm64/silicon-errata.rst   |  2 +
.../arm/arm-smmu-v3/arm-smmu-v3-iommufd.c     | 15 ++++-
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c   | 65 +++++++++++++++----
drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h   | 24 +++++++
4 files changed, 94 insertions(+), 12 deletions(-)
[PATCH v4 0/3] iommu/arm-smmu-v3: Tegra264 invalidation workaround
Posted by Ashish Mhetre 1 day, 1 hour ago 
Nvidia Tegra264 SMMUs are affected by an erratum where a TLB entry can
survive an invalidation that races with concurrent traffic targeting
the same entry. The hardware-recommended software workaround is to
issue every CFGI/TLBI command (each followed by CMD_SYNC) twice.
The second issue must execute only after the first issue's CMD_SYNC
has completed, giving the sequence:

    TLBI/CFGI ... CMD_SYNC TLBI/CFGI ... CMD_SYNC

ATC_INV is not affected and must not be doubled.

The erratum is not flagged by any SMMUv3 IDR/IIDR register, so it
cannot be detected from hardware ID. Tegra264 is device-tree-only
(no ACPI/IORT support), so detection is purely by compatible string.

This series is structured as a small refactor + detect + apply
sequence so that each step is reviewable in isolation:

 1/3 Pure refactor (no functional change): lift the existing
     force-sync conditions out of arm_smmu_cmdq_batch_add_cmd_p()
     into a new arm_smmu_cmdq_batch_force_sync() helper, so that
     adding another condition (in patch 3) is a one-liner.
     Authored by Nicolin Chen.

 2/3 Detect the erratum and provide the classifier. Adds the
     ARM_SMMU_OPT_REPEAT_TLBI_CFGI per-instance option, a global
     arm_smmu_erratum_repeat_tlbi_cfgi_key static key, and the
     arm_smmu_erratum_cmd_needs_repeating() predicate. The static
     key means the wrapper compiles to a single tested branch on
     unaffected kernels.

 3/3 Apply the workaround: factor arm_smmu_cmdq_issue_cmdlist()
     into a thin wrapper around __arm_smmu_cmdq_issue_cmdlist()
     that re-issues the cmdlist a second time when the predicate
     fires; register the same condition with the batch helper so
     full batches of CFGI/TLBI flush with sync=true; and add
     arm_vsmmu_can_batch_cmd() so iommufd does not mix command
     classes inside a single batch. Also documents the erratum
     in silicon-errata.rst.

The series applies cleanly on linux-next/master (base-commit below).

Changes since v3:
 - Drop the cmds->num == 0 early-return so the refactor is
   truly "no functional change".
 - Rename ARM_SMMU_OPT_TLBI_TWICE -> ARM_SMMU_OPT_REPEAT_TLBI_CFGI
   and rephrase its kdoc to be hardware-agnostic.
 - Rename arm_smmu_cmd_needs_tlbi_twice() ->
   arm_smmu_erratum_cmd_needs_repeating() and drop the kdoc
   above it.
 - Replace the explicit opcode switch with a single range check
   opcode >= CMDQ_OP_CFGI_STE && opcode < CMDQ_OP_ATC_INV.
 - Introduce arm_smmu_erratum_repeat_tlbi_cfgi_key static key:
   the predicate gates on it first so unaffected kernels pay
   only a single static_branch_unlikely() check.
 - Drop the verbose Tegra264-specific comments above
   arm_vsmmu_can_batch_cmd() and inside the batch helper.
 - Document the erratum in
   Documentation/arch/arm64/silicon-errata.rst.
 - Guard the repeat path in arm_smmu_cmdq_issue_cmdlist() with
   an n > 0 check so we never inspect cmds[0] on the bare-SYNC
   flush emitted by arm_smmu_cmdq_batch_add_cmd_p() when the
   next command is unsupported by the batch's pre-selected
   cmdq.
 - Drop the carried Reviewed-by tags now that the patch
   shape has changed; re-review appreciated.

Changes since v2:
 - Split into a 3-patch series (refactor / detect / apply) to keep
   each step small and bisectable.
 - Move the classifier to arm-smmu-v3.h as static inline so the
   iommufd file can share it.
 - Add arm_vsmmu_can_batch_cmd() to split iommufd batches at
   "needs repeating" transitions so the per-batch decision based
   on the first command stays correct under mixed user input.
 - Spell out in the commit message why detection is via DT and
   not via IIDR/ACPI.

Changes since v1:
 - Detect the erratum from the existing "nvidia,tegra264-smmu"
   compatible instead of adding a new property.
 - Centralise the doubling at the CMDQ submission layer and only
   apply it to CFGI/TLBI (not ATC_INV).
 - Drop the binding/dtsi patches accordingly.

Ashish Mhetre (2):
  iommu/arm-smmu-v3: Detect Tegra264 erratum
  iommu/arm-smmu-v3: Issue CFGI/TLBI twice on Tegra264

Nicolin Chen (1):
  iommu/arm-smmu-v3: Factor out CMDQ batch force-sync conditions

 Documentation/arch/arm64/silicon-errata.rst   |  2 +
 .../arm/arm-smmu-v3/arm-smmu-v3-iommufd.c     | 15 ++++-
 drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.c   | 65 +++++++++++++++----
 drivers/iommu/arm/arm-smmu-v3/arm-smmu-v3.h   | 24 +++++++
 4 files changed, 94 insertions(+), 12 deletions(-)


base-commit: 7da7f07112610a520567421dd2ffcb51beaefbcc
-- 
2.50.1

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.