IOMMUTLBEvent only understands IOVA, for stage-1 or stage-2
SMMU instances we consider the input address as the IOVA, but when
nesting is used, we can't mix stage-1 and stage-2 addresses, so for
nesting only stage-1 is considered the IOVA and would be notified.
Signed-off-by: Mostafa Saleh <smostafa@google.com>
---
hw/arm/smmuv3.c | 28 +++++++++++++++++++---------
hw/arm/trace-events | 2 +-
2 files changed, 20 insertions(+), 10 deletions(-)
diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
index e9007af3cd..36eb6f514a 100644
--- a/hw/arm/smmuv3.c
+++ b/hw/arm/smmuv3.c
@@ -1064,17 +1064,17 @@ epilogue:
* @iova: iova
* @tg: translation granule (if communicated through range invalidation)
* @num_pages: number of @granule sized pages (if tg != 0), otherwise 1
+ * @stage: Which stage(1 or 2) is used
*/
static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
IOMMUNotifier *n,
int asid, int vmid,
dma_addr_t iova, uint8_t tg,
- uint64_t num_pages)
+ uint64_t num_pages, int stage)
{
SMMUDevice *sdev = container_of(mr, SMMUDevice, iommu);
IOMMUTLBEvent event;
uint8_t granule;
- SMMUv3State *s = sdev->smmu;
if (!tg) {
SMMUEventInfo eventinfo = {.inval_ste_allowed = true};
@@ -1093,14 +1093,24 @@ static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
return;
}
- if (STAGE1_SUPPORTED(s)) {
+ /*
+ * stage is passed from TLB invalidation commands which can be either
+ * stage-1 or stage-2.
+ * However, IOMMUTLBEvent only understands IOVA, for stage-1 or stage-2
+ * SMMU instances we consider the input address as the IOVA, but when
+ * nesting is used, we can't mix stage-1 and stage-2 addresses, so for
+ * nesting only stage-1 is considered the IOVA and would be notified.
+ */
+ if (stage == SMMU_STAGE_1) {
tt = select_tt(cfg, iova);
if (!tt) {
return;
}
granule = tt->granule_sz;
- } else {
+ } else if ((stage == SMMU_STAGE_2) && (cfg->stage != SMMU_NESTED)) {
granule = cfg->s2cfg.granule_sz;
+ } else {
+ return;
}
} else {
@@ -1119,7 +1129,7 @@ static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
/* invalidate an asid/vmid/iova range tuple in all mr's */
static void smmuv3_inv_notifiers_iova(SMMUState *s, int asid, int vmid,
dma_addr_t iova, uint8_t tg,
- uint64_t num_pages)
+ uint64_t num_pages, int stage)
{
SMMUDevice *sdev;
@@ -1128,10 +1138,10 @@ static void smmuv3_inv_notifiers_iova(SMMUState *s, int asid, int vmid,
IOMMUNotifier *n;
trace_smmuv3_inv_notifiers_iova(mr->parent_obj.name, asid, vmid,
- iova, tg, num_pages);
+ iova, tg, num_pages, stage);
IOMMU_NOTIFIER_FOREACH(n, mr) {
- smmuv3_notify_iova(mr, n, asid, vmid, iova, tg, num_pages);
+ smmuv3_notify_iova(mr, n, asid, vmid, iova, tg, num_pages, stage);
}
}
}
@@ -1162,7 +1172,7 @@ static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, SMMUStage stage)
if (!tg) {
trace_smmuv3_range_inval(vmid, asid, addr, tg, 1, ttl, leaf, stage);
- smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, 1);
+ smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, 1, stage);
if (stage == SMMU_STAGE_1) {
smmu_iotlb_inv_iova(s, asid, vmid, addr, tg, 1, ttl);
} else {
@@ -1185,7 +1195,7 @@ static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, SMMUStage stage)
num_pages = (mask + 1) >> granule;
trace_smmuv3_range_inval(vmid, asid, addr, tg, num_pages,
ttl, leaf, stage);
- smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, num_pages);
+ smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, num_pages, stage);
if (stage == SMMU_STAGE_1) {
smmu_iotlb_inv_iova(s, asid, vmid, addr, tg, num_pages, ttl);
} else {
diff --git a/hw/arm/trace-events b/hw/arm/trace-events
index 593cc571da..be6c8f720b 100644
--- a/hw/arm/trace-events
+++ b/hw/arm/trace-events
@@ -55,7 +55,7 @@ smmuv3_cmdq_tlbi_s12_vmid(int vmid) "vmid=%d"
smmuv3_config_cache_inv(uint32_t sid) "Config cache INV for sid=0x%x"
smmuv3_notify_flag_add(const char *iommu) "ADD SMMUNotifier node for iommu mr=%s"
smmuv3_notify_flag_del(const char *iommu) "DEL SMMUNotifier node for iommu mr=%s"
-smmuv3_inv_notifiers_iova(const char *name, int asid, int vmid, uint64_t iova, uint8_t tg, uint64_t num_pages) "iommu mr=%s asid=%d vmid=%d iova=0x%"PRIx64" tg=%d num_pages=0x%"PRIx64
+smmuv3_inv_notifiers_iova(const char *name, int asid, int vmid, uint64_t iova, uint8_t tg, uint64_t num_pages, int stage) "iommu mr=%s asid=%d vmid=%d iova=0x%"PRIx64" tg=%d num_pages=0x%"PRIx64" stage=%d"
# strongarm.c
strongarm_uart_update_parameters(const char *label, int speed, char parity, int data_bits, int stop_bits) "%s speed=%d parity=%c data=%d stop=%d"
--
2.45.2.803.g4e1b14247a-googOn Mon, Jul 01, 2024 at 11:02:37AM +0000, Mostafa Saleh wrote:
> IOMMUTLBEvent only understands IOVA, for stage-1 or stage-2
> SMMU instances we consider the input address as the IOVA, but when
> nesting is used, we can't mix stage-1 and stage-2 addresses, so for
> nesting only stage-1 is considered the IOVA and would be notified.
>
> Signed-off-by: Mostafa Saleh <smostafa@google.com>
> ---
> hw/arm/smmuv3.c | 28 +++++++++++++++++++---------
> hw/arm/trace-events | 2 +-
> 2 files changed, 20 insertions(+), 10 deletions(-)
>
> diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
> index e9007af3cd..36eb6f514a 100644
> --- a/hw/arm/smmuv3.c
> +++ b/hw/arm/smmuv3.c
> @@ -1064,17 +1064,17 @@ epilogue:
> * @iova: iova
> * @tg: translation granule (if communicated through range invalidation)
> * @num_pages: number of @granule sized pages (if tg != 0), otherwise 1
> + * @stage: Which stage(1 or 2) is used
> */
> static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
> IOMMUNotifier *n,
> int asid, int vmid,
> dma_addr_t iova, uint8_t tg,
> - uint64_t num_pages)
> + uint64_t num_pages, int stage)
> {
> SMMUDevice *sdev = container_of(mr, SMMUDevice, iommu);
> IOMMUTLBEvent event;
> uint8_t granule;
> - SMMUv3State *s = sdev->smmu;
>
> if (!tg) {
Should the stage check be outside of the TG test? I think CMD_TLBI_S2_IPA
with TG != 0 and nesting enabled would still go through.
Thanks,
Jean
> SMMUEventInfo eventinfo = {.inval_ste_allowed = true};
> @@ -1093,14 +1093,24 @@ static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
> return;
> }
>
> - if (STAGE1_SUPPORTED(s)) {
> + /*
> + * stage is passed from TLB invalidation commands which can be either
> + * stage-1 or stage-2.
> + * However, IOMMUTLBEvent only understands IOVA, for stage-1 or stage-2
> + * SMMU instances we consider the input address as the IOVA, but when
> + * nesting is used, we can't mix stage-1 and stage-2 addresses, so for
> + * nesting only stage-1 is considered the IOVA and would be notified.
> + */
> + if (stage == SMMU_STAGE_1) {
> tt = select_tt(cfg, iova);
> if (!tt) {
> return;
> }
> granule = tt->granule_sz;
> - } else {
> + } else if ((stage == SMMU_STAGE_2) && (cfg->stage != SMMU_NESTED)) {
> granule = cfg->s2cfg.granule_sz;
> + } else {
> + return;
> }
>
> } else {
> @@ -1119,7 +1129,7 @@ static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
> /* invalidate an asid/vmid/iova range tuple in all mr's */
> static void smmuv3_inv_notifiers_iova(SMMUState *s, int asid, int vmid,
> dma_addr_t iova, uint8_t tg,
> - uint64_t num_pages)
> + uint64_t num_pages, int stage)
> {
> SMMUDevice *sdev;
>
> @@ -1128,10 +1138,10 @@ static void smmuv3_inv_notifiers_iova(SMMUState *s, int asid, int vmid,
> IOMMUNotifier *n;
>
> trace_smmuv3_inv_notifiers_iova(mr->parent_obj.name, asid, vmid,
> - iova, tg, num_pages);
> + iova, tg, num_pages, stage);
>
> IOMMU_NOTIFIER_FOREACH(n, mr) {
> - smmuv3_notify_iova(mr, n, asid, vmid, iova, tg, num_pages);
> + smmuv3_notify_iova(mr, n, asid, vmid, iova, tg, num_pages, stage);
> }
> }
> }
> @@ -1162,7 +1172,7 @@ static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, SMMUStage stage)
>
> if (!tg) {
> trace_smmuv3_range_inval(vmid, asid, addr, tg, 1, ttl, leaf, stage);
> - smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, 1);
> + smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, 1, stage);
> if (stage == SMMU_STAGE_1) {
> smmu_iotlb_inv_iova(s, asid, vmid, addr, tg, 1, ttl);
> } else {
> @@ -1185,7 +1195,7 @@ static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, SMMUStage stage)
> num_pages = (mask + 1) >> granule;
> trace_smmuv3_range_inval(vmid, asid, addr, tg, num_pages,
> ttl, leaf, stage);
> - smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, num_pages);
> + smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, num_pages, stage);
> if (stage == SMMU_STAGE_1) {
> smmu_iotlb_inv_iova(s, asid, vmid, addr, tg, num_pages, ttl);
> } else {
> diff --git a/hw/arm/trace-events b/hw/arm/trace-events
> index 593cc571da..be6c8f720b 100644
> --- a/hw/arm/trace-events
> +++ b/hw/arm/trace-events
> @@ -55,7 +55,7 @@ smmuv3_cmdq_tlbi_s12_vmid(int vmid) "vmid=%d"
> smmuv3_config_cache_inv(uint32_t sid) "Config cache INV for sid=0x%x"
> smmuv3_notify_flag_add(const char *iommu) "ADD SMMUNotifier node for iommu mr=%s"
> smmuv3_notify_flag_del(const char *iommu) "DEL SMMUNotifier node for iommu mr=%s"
> -smmuv3_inv_notifiers_iova(const char *name, int asid, int vmid, uint64_t iova, uint8_t tg, uint64_t num_pages) "iommu mr=%s asid=%d vmid=%d iova=0x%"PRIx64" tg=%d num_pages=0x%"PRIx64
> +smmuv3_inv_notifiers_iova(const char *name, int asid, int vmid, uint64_t iova, uint8_t tg, uint64_t num_pages, int stage) "iommu mr=%s asid=%d vmid=%d iova=0x%"PRIx64" tg=%d num_pages=0x%"PRIx64" stage=%d"
>
> # strongarm.c
> strongarm_uart_update_parameters(const char *label, int speed, char parity, int data_bits, int stop_bits) "%s speed=%d parity=%c data=%d stop=%d"
> --
> 2.45.2.803.g4e1b14247a-goog
>
Hi Jean,
On Thu, Jul 04, 2024 at 07:35:03PM +0100, Jean-Philippe Brucker wrote:
> On Mon, Jul 01, 2024 at 11:02:37AM +0000, Mostafa Saleh wrote:
> > IOMMUTLBEvent only understands IOVA, for stage-1 or stage-2
> > SMMU instances we consider the input address as the IOVA, but when
> > nesting is used, we can't mix stage-1 and stage-2 addresses, so for
> > nesting only stage-1 is considered the IOVA and would be notified.
> >
> > Signed-off-by: Mostafa Saleh <smostafa@google.com>
> > ---
> > hw/arm/smmuv3.c | 28 +++++++++++++++++++---------
> > hw/arm/trace-events | 2 +-
> > 2 files changed, 20 insertions(+), 10 deletions(-)
> >
> > diff --git a/hw/arm/smmuv3.c b/hw/arm/smmuv3.c
> > index e9007af3cd..36eb6f514a 100644
> > --- a/hw/arm/smmuv3.c
> > +++ b/hw/arm/smmuv3.c
> > @@ -1064,17 +1064,17 @@ epilogue:
> > * @iova: iova
> > * @tg: translation granule (if communicated through range invalidation)
> > * @num_pages: number of @granule sized pages (if tg != 0), otherwise 1
> > + * @stage: Which stage(1 or 2) is used
> > */
> > static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
> > IOMMUNotifier *n,
> > int asid, int vmid,
> > dma_addr_t iova, uint8_t tg,
> > - uint64_t num_pages)
> > + uint64_t num_pages, int stage)
> > {
> > SMMUDevice *sdev = container_of(mr, SMMUDevice, iommu);
> > IOMMUTLBEvent event;
> > uint8_t granule;
> > - SMMUv3State *s = sdev->smmu;
> >
> > if (!tg) {
>
> Should the stage check be outside of the TG test? I think CMD_TLBI_S2_IPA
> with TG != 0 and nesting enabled would still go through.
Ah yes, I will fix it.
Thanks,
Mostafa
>
> Thanks,
> Jean
>
> > SMMUEventInfo eventinfo = {.inval_ste_allowed = true};
> > @@ -1093,14 +1093,24 @@ static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
> > return;
> > }
> >
> > - if (STAGE1_SUPPORTED(s)) {
> > + /*
> > + * stage is passed from TLB invalidation commands which can be either
> > + * stage-1 or stage-2.
> > + * However, IOMMUTLBEvent only understands IOVA, for stage-1 or stage-2
> > + * SMMU instances we consider the input address as the IOVA, but when
> > + * nesting is used, we can't mix stage-1 and stage-2 addresses, so for
> > + * nesting only stage-1 is considered the IOVA and would be notified.
> > + */
> > + if (stage == SMMU_STAGE_1) {
> > tt = select_tt(cfg, iova);
> > if (!tt) {
> > return;
> > }
> > granule = tt->granule_sz;
> > - } else {
> > + } else if ((stage == SMMU_STAGE_2) && (cfg->stage != SMMU_NESTED)) {
> > granule = cfg->s2cfg.granule_sz;
> > + } else {
> > + return;
> > }
> >
> > } else {
> > @@ -1119,7 +1129,7 @@ static void smmuv3_notify_iova(IOMMUMemoryRegion *mr,
> > /* invalidate an asid/vmid/iova range tuple in all mr's */
> > static void smmuv3_inv_notifiers_iova(SMMUState *s, int asid, int vmid,
> > dma_addr_t iova, uint8_t tg,
> > - uint64_t num_pages)
> > + uint64_t num_pages, int stage)
> > {
> > SMMUDevice *sdev;
> >
> > @@ -1128,10 +1138,10 @@ static void smmuv3_inv_notifiers_iova(SMMUState *s, int asid, int vmid,
> > IOMMUNotifier *n;
> >
> > trace_smmuv3_inv_notifiers_iova(mr->parent_obj.name, asid, vmid,
> > - iova, tg, num_pages);
> > + iova, tg, num_pages, stage);
> >
> > IOMMU_NOTIFIER_FOREACH(n, mr) {
> > - smmuv3_notify_iova(mr, n, asid, vmid, iova, tg, num_pages);
> > + smmuv3_notify_iova(mr, n, asid, vmid, iova, tg, num_pages, stage);
> > }
> > }
> > }
> > @@ -1162,7 +1172,7 @@ static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, SMMUStage stage)
> >
> > if (!tg) {
> > trace_smmuv3_range_inval(vmid, asid, addr, tg, 1, ttl, leaf, stage);
> > - smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, 1);
> > + smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, 1, stage);
> > if (stage == SMMU_STAGE_1) {
> > smmu_iotlb_inv_iova(s, asid, vmid, addr, tg, 1, ttl);
> > } else {
> > @@ -1185,7 +1195,7 @@ static void smmuv3_range_inval(SMMUState *s, Cmd *cmd, SMMUStage stage)
> > num_pages = (mask + 1) >> granule;
> > trace_smmuv3_range_inval(vmid, asid, addr, tg, num_pages,
> > ttl, leaf, stage);
> > - smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, num_pages);
> > + smmuv3_inv_notifiers_iova(s, asid, vmid, addr, tg, num_pages, stage);
> > if (stage == SMMU_STAGE_1) {
> > smmu_iotlb_inv_iova(s, asid, vmid, addr, tg, num_pages, ttl);
> > } else {
> > diff --git a/hw/arm/trace-events b/hw/arm/trace-events
> > index 593cc571da..be6c8f720b 100644
> > --- a/hw/arm/trace-events
> > +++ b/hw/arm/trace-events
> > @@ -55,7 +55,7 @@ smmuv3_cmdq_tlbi_s12_vmid(int vmid) "vmid=%d"
> > smmuv3_config_cache_inv(uint32_t sid) "Config cache INV for sid=0x%x"
> > smmuv3_notify_flag_add(const char *iommu) "ADD SMMUNotifier node for iommu mr=%s"
> > smmuv3_notify_flag_del(const char *iommu) "DEL SMMUNotifier node for iommu mr=%s"
> > -smmuv3_inv_notifiers_iova(const char *name, int asid, int vmid, uint64_t iova, uint8_t tg, uint64_t num_pages) "iommu mr=%s asid=%d vmid=%d iova=0x%"PRIx64" tg=%d num_pages=0x%"PRIx64
> > +smmuv3_inv_notifiers_iova(const char *name, int asid, int vmid, uint64_t iova, uint8_t tg, uint64_t num_pages, int stage) "iommu mr=%s asid=%d vmid=%d iova=0x%"PRIx64" tg=%d num_pages=0x%"PRIx64" stage=%d"
> >
> > # strongarm.c
> > strongarm_uart_update_parameters(const char *label, int speed, char parity, int data_bits, int stop_bits) "%s speed=%d parity=%c data=%d stop=%d"
> > --
> > 2.45.2.803.g4e1b14247a-goog
> >
© 2016 - 2025 Red Hat, Inc.