Nesting translation allows two-levels/stages page tables, with 1st level
for guest translations (e.g. GVA->GPA), 2nd level for host translations
(e.g. GPA->HPA). This patch adds interface for binding guest page tables
to a PASID. This PASID must have been allocated to user space before the
binding request.
Cc: Kevin Tian <[email protected]>
CC: Jacob Pan <[email protected]>
Cc: Alex Williamson <[email protected]>
Cc: Eric Auger <[email protected]>
Cc: Jean-Philippe Brucker <[email protected]>
Cc: Joerg Roedel <[email protected]>
Cc: Lu Baolu <[email protected]>
Signed-off-by: Jean-Philippe Brucker <[email protected]>
Signed-off-by: Liu Yi L <[email protected]>
Signed-off-by: Jacob Pan <[email protected]>
---
v3 -> v4:
*) address comments from Alex on v3
v2 -> v3:
*) use __iommu_sva_unbind_gpasid() for unbind call issued by VFIO
https://lore.kernel.org/linux-iommu/[email protected]/
v1 -> v2:
*) rename subject from "vfio/type1: Bind guest page tables to host"
*) remove VFIO_IOMMU_BIND, introduce VFIO_IOMMU_NESTING_OP to support bind/
unbind guet page table
*) replaced vfio_iommu_for_each_dev() with a group level loop since this
series enforces one group per container w/ nesting type as start.
*) rename vfio_bind/unbind_gpasid_fn() to vfio_dev_bind/unbind_gpasid_fn()
*) vfio_dev_unbind_gpasid() always successful
*) use vfio_mm->pasid_lock to avoid race between PASID free and page table
bind/unbind
---
drivers/vfio/vfio_iommu_type1.c | 166 ++++++++++++++++++++++++++++++++++++++++
drivers/vfio/vfio_pasid.c | 26 +++++++
include/linux/vfio.h | 20 +++++
include/uapi/linux/vfio.h | 31 ++++++++
4 files changed, 243 insertions(+)
diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c
index 55b4065..f0f21ff 100644
--- a/drivers/vfio/vfio_iommu_type1.c
+++ b/drivers/vfio/vfio_iommu_type1.c
@@ -149,6 +149,30 @@ struct vfio_regions {
#define DIRTY_BITMAP_PAGES_MAX ((u64)INT_MAX)
#define DIRTY_BITMAP_SIZE_MAX DIRTY_BITMAP_BYTES(DIRTY_BITMAP_PAGES_MAX)
+struct domain_capsule {
+ struct vfio_group *group;
+ struct iommu_domain *domain;
+ void *data;
+};
+
+/* iommu->lock must be held */
+static struct vfio_group *vfio_find_nesting_group(struct vfio_iommu *iommu)
+{
+ struct vfio_domain *d;
+ struct vfio_group *group = NULL;
+
+ if (!iommu->nesting_info)
+ return NULL;
+
+ /* only support singleton container with nesting type */
+ list_for_each_entry(d, &iommu->domain_list, next) {
+ list_for_each_entry(group, &d->group_list, next) {
+ break;
+ }
+ }
+ return group;
+}
+
static int put_pfn(unsigned long pfn, int prot);
static struct vfio_group *vfio_iommu_find_iommu_group(struct vfio_iommu *iommu,
@@ -2349,6 +2373,48 @@ static int vfio_iommu_resv_refresh(struct vfio_iommu *iommu,
return ret;
}
+static int vfio_dev_bind_gpasid_fn(struct device *dev, void *data)
+{
+ struct domain_capsule *dc = (struct domain_capsule *)data;
+ unsigned long arg = *(unsigned long *)dc->data;
+
+ return iommu_sva_bind_gpasid(dc->domain, dev, (void __user *)arg);
+}
+
+static int vfio_dev_unbind_gpasid_fn(struct device *dev, void *data)
+{
+ struct domain_capsule *dc = (struct domain_capsule *)data;
+ unsigned long arg = *(unsigned long *)dc->data;
+
+ iommu_sva_unbind_gpasid(dc->domain, dev, (void __user *)arg);
+ return 0;
+}
+
+static int __vfio_dev_unbind_gpasid_fn(struct device *dev, void *data)
+{
+ struct domain_capsule *dc = (struct domain_capsule *)data;
+ struct iommu_gpasid_bind_data *unbind_data =
+ (struct iommu_gpasid_bind_data *)dc->data;
+
+ __iommu_sva_unbind_gpasid(dc->domain, dev, unbind_data);
+ return 0;
+}
+
+static void vfio_group_unbind_gpasid_fn(ioasid_t pasid, void *data)
+{
+ struct domain_capsule *dc = (struct domain_capsule *)data;
+ struct iommu_gpasid_bind_data unbind_data;
+
+ unbind_data.argsz = offsetof(struct iommu_gpasid_bind_data, vendor);
+ unbind_data.flags = 0;
+ unbind_data.hpasid = pasid;
+
+ dc->data = &unbind_data;
+
+ iommu_group_for_each_dev(dc->group->iommu_group,
+ dc, __vfio_dev_unbind_gpasid_fn);
+}
+
static void vfio_iommu_type1_detach_group(void *iommu_data,
struct iommu_group *iommu_group)
{
@@ -2392,6 +2458,21 @@ static void vfio_iommu_type1_detach_group(void *iommu_data,
if (!group)
continue;
+ if (iommu->nesting_info && iommu->vmm &&
+ (iommu->nesting_info->features &
+ IOMMU_NESTING_FEAT_BIND_PGTBL)) {
+ struct domain_capsule dc = { .group = group,
+ .domain = domain->domain,
+ .data = NULL };
+
+ /*
+ * Unbind page tables bound with system wide PASIDs
+ * which are allocated to user space.
+ */
+ vfio_mm_for_each_pasid(iommu->vmm, &dc,
+ vfio_group_unbind_gpasid_fn);
+ }
+
vfio_iommu_detach_group(domain, group);
update_dirty_scope = !group->pinned_page_dirty_scope;
list_del(&group->next);
@@ -2938,6 +3019,89 @@ static int vfio_iommu_type1_pasid_request(struct vfio_iommu *iommu,
}
}
+static long vfio_iommu_handle_pgtbl_op(struct vfio_iommu *iommu,
+ bool is_bind, unsigned long arg)
+{
+ struct iommu_nesting_info *info;
+ struct domain_capsule dc = { .data = &arg };
+ struct vfio_group *group;
+ struct vfio_domain *domain;
+ int ret;
+
+ mutex_lock(&iommu->lock);
+
+ info = iommu->nesting_info;
+ if (!info || !(info->features & IOMMU_NESTING_FEAT_BIND_PGTBL)) {
+ ret = -EOPNOTSUPP;
+ goto out_unlock_iommu;
+ }
+
+ if (!iommu->vmm) {
+ ret = -EINVAL;
+ goto out_unlock_iommu;
+ }
+
+ group = vfio_find_nesting_group(iommu);
+ if (!group) {
+ ret = -EINVAL;
+ goto out_unlock_iommu;
+ }
+
+ domain = list_first_entry(&iommu->domain_list,
+ struct vfio_domain, next);
+ dc.group = group;
+ dc.domain = domain->domain;
+
+ /* Avoid race with other containers within the same process */
+ vfio_mm_pasid_lock(iommu->vmm);
+
+ if (is_bind) {
+ ret = iommu_group_for_each_dev(group->iommu_group, &dc,
+ vfio_dev_bind_gpasid_fn);
+ if (ret)
+ iommu_group_for_each_dev(group->iommu_group, &dc,
+ vfio_dev_unbind_gpasid_fn);
+ } else {
+ iommu_group_for_each_dev(group->iommu_group,
+ &dc, vfio_dev_unbind_gpasid_fn);
+ ret = 0;
+ }
+
+ vfio_mm_pasid_unlock(iommu->vmm);
+out_unlock_iommu:
+ mutex_unlock(&iommu->lock);
+ return ret;
+}
+
+static long vfio_iommu_type1_nesting_op(struct vfio_iommu *iommu,
+ unsigned long arg)
+{
+ struct vfio_iommu_type1_nesting_op hdr;
+ unsigned int minsz;
+ int ret;
+
+ minsz = offsetofend(struct vfio_iommu_type1_nesting_op, flags);
+
+ if (copy_from_user(&hdr, (void __user *)arg, minsz))
+ return -EFAULT;
+
+ if (hdr.argsz < minsz || hdr.flags & ~VFIO_NESTING_OP_MASK)
+ return -EINVAL;
+
+ switch (hdr.flags & VFIO_NESTING_OP_MASK) {
+ case VFIO_IOMMU_NESTING_OP_BIND_PGTBL:
+ ret = vfio_iommu_handle_pgtbl_op(iommu, true, arg + minsz);
+ break;
+ case VFIO_IOMMU_NESTING_OP_UNBIND_PGTBL:
+ ret = vfio_iommu_handle_pgtbl_op(iommu, false, arg + minsz);
+ break;
+ default:
+ ret = -EINVAL;
+ }
+
+ return ret;
+}
+
static long vfio_iommu_type1_ioctl(void *iommu_data,
unsigned int cmd, unsigned long arg)
{
@@ -2956,6 +3120,8 @@ static long vfio_iommu_type1_ioctl(void *iommu_data,
return vfio_iommu_type1_dirty_pages(iommu, arg);
case VFIO_IOMMU_PASID_REQUEST:
return vfio_iommu_type1_pasid_request(iommu, arg);
+ case VFIO_IOMMU_NESTING_OP:
+ return vfio_iommu_type1_nesting_op(iommu, arg);
default:
return -ENOTTY;
}
diff --git a/drivers/vfio/vfio_pasid.c b/drivers/vfio/vfio_pasid.c
index ebec244..ecabaaa 100644
--- a/drivers/vfio/vfio_pasid.c
+++ b/drivers/vfio/vfio_pasid.c
@@ -216,6 +216,8 @@ void vfio_pasid_free_range(struct vfio_mm *vmm,
* IOASID core will notify PASID users (e.g. IOMMU driver) to
* teardown necessary structures depending on the to-be-freed
* PASID.
+ * Hold pasid_lock also avoids race with PASID usages like bind/
+ * unbind page tables to requested PASID.
*/
mutex_lock(&vmm->pasid_lock);
while ((vid = vfio_find_pasid(vmm, min, max)) != NULL)
@@ -224,6 +226,30 @@ void vfio_pasid_free_range(struct vfio_mm *vmm,
}
EXPORT_SYMBOL_GPL(vfio_pasid_free_range);
+int vfio_mm_for_each_pasid(struct vfio_mm *vmm, void *data,
+ void (*fn)(ioasid_t id, void *data))
+{
+ int ret;
+
+ mutex_lock(&vmm->pasid_lock);
+ ret = ioasid_set_for_each_ioasid(vmm->ioasid_sid, fn, data);
+ mutex_unlock(&vmm->pasid_lock);
+ return ret;
+}
+EXPORT_SYMBOL_GPL(vfio_mm_for_each_pasid);
+
+void vfio_mm_pasid_lock(struct vfio_mm *vmm)
+{
+ mutex_lock(&vmm->pasid_lock);
+}
+EXPORT_SYMBOL_GPL(vfio_mm_pasid_lock);
+
+void vfio_mm_pasid_unlock(struct vfio_mm *vmm)
+{
+ mutex_unlock(&vmm->pasid_lock);
+}
+EXPORT_SYMBOL_GPL(vfio_mm_pasid_unlock);
+
static int __init vfio_pasid_init(void)
{
mutex_init(&vfio_mm_lock);
diff --git a/include/linux/vfio.h b/include/linux/vfio.h
index a111108..2bc8347 100644
--- a/include/linux/vfio.h
+++ b/include/linux/vfio.h
@@ -105,6 +105,11 @@ int vfio_mm_ioasid_sid(struct vfio_mm *vmm);
extern int vfio_pasid_alloc(struct vfio_mm *vmm, int min, int max);
extern void vfio_pasid_free_range(struct vfio_mm *vmm,
ioasid_t min, ioasid_t max);
+extern int vfio_mm_for_each_pasid(struct vfio_mm *vmm, void *data,
+ void (*fn)(ioasid_t id, void *data));
+extern void vfio_mm_pasid_lock(struct vfio_mm *vmm);
+extern void vfio_mm_pasid_unlock(struct vfio_mm *vmm);
+
#else
static inline struct vfio_mm *vfio_mm_get_from_task(struct task_struct *task)
{
@@ -129,6 +134,21 @@ static inline void vfio_pasid_free_range(struct vfio_mm *vmm,
ioasid_t min, ioasid_t max)
{
}
+
+static inline int vfio_mm_for_each_pasid(struct vfio_mm *vmm, void *data,
+ void (*fn)(ioasid_t id, void *data))
+{
+ return -ENOTTY;
+}
+
+static inline void vfio_mm_pasid_lock(struct vfio_mm *vmm)
+{
+}
+
+static inline void vfio_mm_pasid_unlock(struct vfio_mm *vmm)
+{
+}
+
#endif /* CONFIG_VFIO_PASID */
/*
diff --git a/include/uapi/linux/vfio.h b/include/uapi/linux/vfio.h
index 96a115f..a8ad786 100644
--- a/include/uapi/linux/vfio.h
+++ b/include/uapi/linux/vfio.h
@@ -1209,6 +1209,37 @@ struct vfio_iommu_type1_pasid_request {
#define VFIO_IOMMU_PASID_REQUEST _IO(VFIO_TYPE, VFIO_BASE + 18)
+/**
+ * VFIO_IOMMU_NESTING_OP - _IOW(VFIO_TYPE, VFIO_BASE + 19,
+ * struct vfio_iommu_type1_nesting_op)
+ *
+ * This interface allows user space to utilize the nesting IOMMU
+ * capabilities as reported in VFIO_IOMMU_TYPE1_INFO_CAP_NESTING
+ * cap through VFIO_IOMMU_GET_INFO.
+ *
+ * @data[] types defined for each op:
+ * +=================+===============================================+
+ * | NESTING OP | @data[] |
+ * +=================+===============================================+
+ * | BIND_PGTBL | struct iommu_gpasid_bind_data |
+ * +-----------------+-----------------------------------------------+
+ * | UNBIND_PGTBL | struct iommu_gpasid_bind_data |
+ * +-----------------+-----------------------------------------------+
+ *
+ * returns: 0 on success, -errno on failure.
+ */
+struct vfio_iommu_type1_nesting_op {
+ __u32 argsz;
+ __u32 flags;
+#define VFIO_NESTING_OP_MASK (0xffff) /* lower 16-bits for op */
+ __u8 data[];
+};
+
+#define VFIO_IOMMU_NESTING_OP_BIND_PGTBL (0)
+#define VFIO_IOMMU_NESTING_OP_UNBIND_PGTBL (1)
+
+#define VFIO_IOMMU_NESTING_OP _IO(VFIO_TYPE, VFIO_BASE + 19)
+
/* -------- Additional API for SPAPR TCE (Server POWERPC) IOMMU -------- */
/*
--
2.7.4
Yi,
On 7/12/20 1:21 PM, Liu Yi L wrote:
> Nesting translation allows two-levels/stages page tables, with 1st level
> for guest translations (e.g. GVA->GPA), 2nd level for host translations
> (e.g. GPA->HPA). This patch adds interface for binding guest page tables
> to a PASID. This PASID must have been allocated to user space before the
by the userspace?
> binding request.
>
> Cc: Kevin Tian <[email protected]>
> CC: Jacob Pan <[email protected]>
> Cc: Alex Williamson <[email protected]>
> Cc: Eric Auger <[email protected]>
> Cc: Jean-Philippe Brucker <[email protected]>
> Cc: Joerg Roedel <[email protected]>
> Cc: Lu Baolu <[email protected]>
> Signed-off-by: Jean-Philippe Brucker <[email protected]>
> Signed-off-by: Liu Yi L <[email protected]>
> Signed-off-by: Jacob Pan <[email protected]>
> ---
> v3 -> v4:
> *) address comments from Alex on v3
>
> v2 -> v3:
> *) use __iommu_sva_unbind_gpasid() for unbind call issued by VFIO
> https://lore.kernel.org/linux-iommu/[email protected]/
>
> v1 -> v2:
> *) rename subject from "vfio/type1: Bind guest page tables to host"
> *) remove VFIO_IOMMU_BIND, introduce VFIO_IOMMU_NESTING_OP to support bind/
> unbind guet page table
> *) replaced vfio_iommu_for_each_dev() with a group level loop since this
> series enforces one group per container w/ nesting type as start.
> *) rename vfio_bind/unbind_gpasid_fn() to vfio_dev_bind/unbind_gpasid_fn()
> *) vfio_dev_unbind_gpasid() always successful
> *) use vfio_mm->pasid_lock to avoid race between PASID free and page table
> bind/unbind
> ---
> drivers/vfio/vfio_iommu_type1.c | 166 ++++++++++++++++++++++++++++++++++++++++
> drivers/vfio/vfio_pasid.c | 26 +++++++
> include/linux/vfio.h | 20 +++++
> include/uapi/linux/vfio.h | 31 ++++++++
> 4 files changed, 243 insertions(+)
>
> diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c
> index 55b4065..f0f21ff 100644
> --- a/drivers/vfio/vfio_iommu_type1.c
> +++ b/drivers/vfio/vfio_iommu_type1.c
> @@ -149,6 +149,30 @@ struct vfio_regions {
> #define DIRTY_BITMAP_PAGES_MAX ((u64)INT_MAX)
> #define DIRTY_BITMAP_SIZE_MAX DIRTY_BITMAP_BYTES(DIRTY_BITMAP_PAGES_MAX)
>
> +struct domain_capsule {
> + struct vfio_group *group;
> + struct iommu_domain *domain;
> + void *data;
> +};
> +
> +/* iommu->lock must be held */
> +static struct vfio_group *vfio_find_nesting_group(struct vfio_iommu *iommu)
> +{
> + struct vfio_domain *d;
> + struct vfio_group *group = NULL;
> +
> + if (!iommu->nesting_info)
> + return NULL;
> +
> + /* only support singleton container with nesting type */
> + list_for_each_entry(d, &iommu->domain_list, next) {
> + list_for_each_entry(group, &d->group_list, next) {
> + break;
use list_first_entry?
> + }
> + }
> + return group;
> +}
> +
> static int put_pfn(unsigned long pfn, int prot);
>
> static struct vfio_group *vfio_iommu_find_iommu_group(struct vfio_iommu *iommu,
> @@ -2349,6 +2373,48 @@ static int vfio_iommu_resv_refresh(struct vfio_iommu *iommu,
> return ret;
> }
>
> +static int vfio_dev_bind_gpasid_fn(struct device *dev, void *data)
> +{
> + struct domain_capsule *dc = (struct domain_capsule *)data;
> + unsigned long arg = *(unsigned long *)dc->data;
> +
> + return iommu_sva_bind_gpasid(dc->domain, dev, (void __user *)arg);
> +}
> +
> +static int vfio_dev_unbind_gpasid_fn(struct device *dev, void *data)
> +{
> + struct domain_capsule *dc = (struct domain_capsule *)data;
> + unsigned long arg = *(unsigned long *)dc->data;
> +
> + iommu_sva_unbind_gpasid(dc->domain, dev, (void __user *)arg);
> + return 0;
> +}
> +
> +static int __vfio_dev_unbind_gpasid_fn(struct device *dev, void *data)
> +{
> + struct domain_capsule *dc = (struct domain_capsule *)data;
> + struct iommu_gpasid_bind_data *unbind_data =
> + (struct iommu_gpasid_bind_data *)dc->data;
> +
> + __iommu_sva_unbind_gpasid(dc->domain, dev, unbind_data);
> + return 0;
> +}
> +
> +static void vfio_group_unbind_gpasid_fn(ioasid_t pasid, void *data)
> +{
> + struct domain_capsule *dc = (struct domain_capsule *)data;
> + struct iommu_gpasid_bind_data unbind_data;
> +
> + unbind_data.argsz = offsetof(struct iommu_gpasid_bind_data, vendor);
> + unbind_data.flags = 0;
> + unbind_data.hpasid = pasid;
> +
> + dc->data = &unbind_data;
> +
> + iommu_group_for_each_dev(dc->group->iommu_group,
> + dc, __vfio_dev_unbind_gpasid_fn);
> +}
> +
> static void vfio_iommu_type1_detach_group(void *iommu_data,
> struct iommu_group *iommu_group)
> {
> @@ -2392,6 +2458,21 @@ static void vfio_iommu_type1_detach_group(void *iommu_data,
> if (!group)
> continue;
>
> + if (iommu->nesting_info && iommu->vmm &&
> + (iommu->nesting_info->features &
> + IOMMU_NESTING_FEAT_BIND_PGTBL)) {
> + struct domain_capsule dc = { .group = group,
> + .domain = domain->domain,
> + .data = NULL };
> +
> + /*
> + * Unbind page tables bound with system wide PASIDs
> + * which are allocated to user space.
> + */
> + vfio_mm_for_each_pasid(iommu->vmm, &dc,
> + vfio_group_unbind_gpasid_fn);
> + }
> +
> vfio_iommu_detach_group(domain, group);
> update_dirty_scope = !group->pinned_page_dirty_scope;
> list_del(&group->next);
> @@ -2938,6 +3019,89 @@ static int vfio_iommu_type1_pasid_request(struct vfio_iommu *iommu,
> }
> }
>
> +static long vfio_iommu_handle_pgtbl_op(struct vfio_iommu *iommu,
> + bool is_bind, unsigned long arg)
> +{
> + struct iommu_nesting_info *info;
> + struct domain_capsule dc = { .data = &arg };
> + struct vfio_group *group;
> + struct vfio_domain *domain;
> + int ret;
> +
> + mutex_lock(&iommu->lock);
> +
> + info = iommu->nesting_info;
> + if (!info || !(info->features & IOMMU_NESTING_FEAT_BIND_PGTBL)) {
> + ret = -EOPNOTSUPP;
> + goto out_unlock_iommu;
> + }
> +
> + if (!iommu->vmm) {
> + ret = -EINVAL;
> + goto out_unlock_iommu;
> + }
> +
> + group = vfio_find_nesting_group(iommu);
is it realy useful to introduce vfio_find_nesting_group?
in this function you already test info, you fetch the first domain
below. So you would only need to fetch the 1st group?
> + if (!group) {
> + ret = -EINVAL;
can it happen?
> + goto out_unlock_iommu;
> + }
> +
> + domain = list_first_entry(&iommu->domain_list,
> + struct vfio_domain, next);
> + dc.group = group;
> + dc.domain = domain->domain;
> +
> + /* Avoid race with other containers within the same process */
> + vfio_mm_pasid_lock(iommu->vmm);
> +
> + if (is_bind) {
> + ret = iommu_group_for_each_dev(group->iommu_group, &dc,
> + vfio_dev_bind_gpasid_fn);
> + if (ret)
> + iommu_group_for_each_dev(group->iommu_group, &dc,
> + vfio_dev_unbind_gpasid_fn);
> + } else {
> + iommu_group_for_each_dev(group->iommu_group,
> + &dc, vfio_dev_unbind_gpasid_fn);
> + ret = 0;
int ret = 0;
if (is_bind) {
ret = iommu_group_for_each_dev(group->iommu_group, &dc,
vfio_dev_bind_gpasid_fn);
}
if (ret || !is_bind) {
iommu_group_for_each_dev(group->iommu_group,
&dc, vfio_dev_unbind_gpasid_fn);
}
> + }
> +
> + vfio_mm_pasid_unlock(iommu->vmm);
> +out_unlock_iommu:
> + mutex_unlock(&iommu->lock);
> + return ret;
> +}
> +
> +static long vfio_iommu_type1_nesting_op(struct vfio_iommu *iommu,
> + unsigned long arg)
> +{
> + struct vfio_iommu_type1_nesting_op hdr;
> + unsigned int minsz;
> + int ret;
> +
> + minsz = offsetofend(struct vfio_iommu_type1_nesting_op, flags);
> +
> + if (copy_from_user(&hdr, (void __user *)arg, minsz))
> + return -EFAULT;
> +
> + if (hdr.argsz < minsz || hdr.flags & ~VFIO_NESTING_OP_MASK)
> + return -EINVAL;
> +
> + switch (hdr.flags & VFIO_NESTING_OP_MASK) {
> + case VFIO_IOMMU_NESTING_OP_BIND_PGTBL:
> + ret = vfio_iommu_handle_pgtbl_op(iommu, true, arg + minsz);
> + break;
> + case VFIO_IOMMU_NESTING_OP_UNBIND_PGTBL:
> + ret = vfio_iommu_handle_pgtbl_op(iommu, false, arg + minsz);
> + break;
> + default:
> + ret = -EINVAL;
> + }
> +
> + return ret;
> +}
> +
> static long vfio_iommu_type1_ioctl(void *iommu_data,
> unsigned int cmd, unsigned long arg)
> {
> @@ -2956,6 +3120,8 @@ static long vfio_iommu_type1_ioctl(void *iommu_data,
> return vfio_iommu_type1_dirty_pages(iommu, arg);
> case VFIO_IOMMU_PASID_REQUEST:
> return vfio_iommu_type1_pasid_request(iommu, arg);
> + case VFIO_IOMMU_NESTING_OP:
> + return vfio_iommu_type1_nesting_op(iommu, arg);
> default:
> return -ENOTTY;
> }
> diff --git a/drivers/vfio/vfio_pasid.c b/drivers/vfio/vfio_pasid.c
> index ebec244..ecabaaa 100644
> --- a/drivers/vfio/vfio_pasid.c
> +++ b/drivers/vfio/vfio_pasid.c
> @@ -216,6 +216,8 @@ void vfio_pasid_free_range(struct vfio_mm *vmm,
> * IOASID core will notify PASID users (e.g. IOMMU driver) to
> * teardown necessary structures depending on the to-be-freed
> * PASID.
> + * Hold pasid_lock also avoids race with PASID usages like bind/
> + * unbind page tables to requested PASID.
> */
> mutex_lock(&vmm->pasid_lock);
> while ((vid = vfio_find_pasid(vmm, min, max)) != NULL)
> @@ -224,6 +226,30 @@ void vfio_pasid_free_range(struct vfio_mm *vmm,
> }
> EXPORT_SYMBOL_GPL(vfio_pasid_free_range);
>
> +int vfio_mm_for_each_pasid(struct vfio_mm *vmm, void *data,
> + void (*fn)(ioasid_t id, void *data))
> +{
> + int ret;
> +
> + mutex_lock(&vmm->pasid_lock);
> + ret = ioasid_set_for_each_ioasid(vmm->ioasid_sid, fn, data);
> + mutex_unlock(&vmm->pasid_lock);
> + return ret;
> +}
> +EXPORT_SYMBOL_GPL(vfio_mm_for_each_pasid);
> +
> +void vfio_mm_pasid_lock(struct vfio_mm *vmm)
> +{
> + mutex_lock(&vmm->pasid_lock);
> +}
> +EXPORT_SYMBOL_GPL(vfio_mm_pasid_lock);
> +
> +void vfio_mm_pasid_unlock(struct vfio_mm *vmm)
> +{
> + mutex_unlock(&vmm->pasid_lock);
> +}
> +EXPORT_SYMBOL_GPL(vfio_mm_pasid_unlock);
> +
> static int __init vfio_pasid_init(void)
> {
> mutex_init(&vfio_mm_lock);
> diff --git a/include/linux/vfio.h b/include/linux/vfio.h
> index a111108..2bc8347 100644
> --- a/include/linux/vfio.h
> +++ b/include/linux/vfio.h
> @@ -105,6 +105,11 @@ int vfio_mm_ioasid_sid(struct vfio_mm *vmm);
> extern int vfio_pasid_alloc(struct vfio_mm *vmm, int min, int max);
> extern void vfio_pasid_free_range(struct vfio_mm *vmm,
> ioasid_t min, ioasid_t max);
> +extern int vfio_mm_for_each_pasid(struct vfio_mm *vmm, void *data,
> + void (*fn)(ioasid_t id, void *data));
> +extern void vfio_mm_pasid_lock(struct vfio_mm *vmm);
> +extern void vfio_mm_pasid_unlock(struct vfio_mm *vmm);
> +
> #else
> static inline struct vfio_mm *vfio_mm_get_from_task(struct task_struct *task)
> {
> @@ -129,6 +134,21 @@ static inline void vfio_pasid_free_range(struct vfio_mm *vmm,
> ioasid_t min, ioasid_t max)
> {
> }
> +
> +static inline int vfio_mm_for_each_pasid(struct vfio_mm *vmm, void *data,
> + void (*fn)(ioasid_t id, void *data))
> +{
> + return -ENOTTY;
> +}
> +
> +static inline void vfio_mm_pasid_lock(struct vfio_mm *vmm)
> +{
> +}
> +
> +static inline void vfio_mm_pasid_unlock(struct vfio_mm *vmm)
> +{
> +}
> +
> #endif /* CONFIG_VFIO_PASID */
>
> /*
> diff --git a/include/uapi/linux/vfio.h b/include/uapi/linux/vfio.h
> index 96a115f..a8ad786 100644
> --- a/include/uapi/linux/vfio.h
> +++ b/include/uapi/linux/vfio.h
> @@ -1209,6 +1209,37 @@ struct vfio_iommu_type1_pasid_request {
>
> #define VFIO_IOMMU_PASID_REQUEST _IO(VFIO_TYPE, VFIO_BASE + 18)
>
> +/**
> + * VFIO_IOMMU_NESTING_OP - _IOW(VFIO_TYPE, VFIO_BASE + 19,
> + * struct vfio_iommu_type1_nesting_op)
> + *
> + * This interface allows user space to utilize the nesting IOMMU
> + * capabilities as reported in VFIO_IOMMU_TYPE1_INFO_CAP_NESTING
> + * cap through VFIO_IOMMU_GET_INFO.
> + *
> + * @data[] types defined for each op:
> + * +=================+===============================================+
> + * | NESTING OP | @data[] |
> + * +=================+===============================================+
> + * | BIND_PGTBL | struct iommu_gpasid_bind_data |
> + * +-----------------+-----------------------------------------------+
> + * | UNBIND_PGTBL | struct iommu_gpasid_bind_data |
> + * +-----------------+-----------------------------------------------+
> + *
> + * returns: 0 on success, -errno on failure.
> + */
> +struct vfio_iommu_type1_nesting_op {
> + __u32 argsz;
> + __u32 flags;
> +#define VFIO_NESTING_OP_MASK (0xffff) /* lower 16-bits for op */
> + __u8 data[];
> +};
> +
> +#define VFIO_IOMMU_NESTING_OP_BIND_PGTBL (0)
> +#define VFIO_IOMMU_NESTING_OP_UNBIND_PGTBL (1)
> +
> +#define VFIO_IOMMU_NESTING_OP _IO(VFIO_TYPE, VFIO_BASE + 19)
> +
> /* -------- Additional API for SPAPR TCE (Server POWERPC) IOMMU -------- */
>
> /*
>
Thanks
Eric
Hi Eric,
> From: Auger Eric <[email protected]>
> Sent: Monday, July 20, 2020 5:37 PM
>
> Yi,
>
> On 7/12/20 1:21 PM, Liu Yi L wrote:
> > Nesting translation allows two-levels/stages page tables, with 1st level
> > for guest translations (e.g. GVA->GPA), 2nd level for host translations
> > (e.g. GPA->HPA). This patch adds interface for binding guest page tables
> > to a PASID. This PASID must have been allocated to user space before the
> by the userspace?
yes, it is. will modify it.
> > binding request.
> >
> > Cc: Kevin Tian <[email protected]>
> > CC: Jacob Pan <[email protected]>
> > Cc: Alex Williamson <[email protected]>
> > Cc: Eric Auger <[email protected]>
> > Cc: Jean-Philippe Brucker <[email protected]>
> > Cc: Joerg Roedel <[email protected]>
> > Cc: Lu Baolu <[email protected]>
> > Signed-off-by: Jean-Philippe Brucker <[email protected]>
> > Signed-off-by: Liu Yi L <[email protected]>
> > Signed-off-by: Jacob Pan <[email protected]>
> > ---
> > v3 -> v4:
> > *) address comments from Alex on v3
> >
> > v2 -> v3:
> > *) use __iommu_sva_unbind_gpasid() for unbind call issued by VFIO
> > https://lore.kernel.org/linux-iommu/1592931837-58223-6-git-send-email-
> [email protected]/
> >
> > v1 -> v2:
> > *) rename subject from "vfio/type1: Bind guest page tables to host"
> > *) remove VFIO_IOMMU_BIND, introduce VFIO_IOMMU_NESTING_OP to support
> bind/
> > unbind guet page table
> > *) replaced vfio_iommu_for_each_dev() with a group level loop since this
> > series enforces one group per container w/ nesting type as start.
> > *) rename vfio_bind/unbind_gpasid_fn() to vfio_dev_bind/unbind_gpasid_fn()
> > *) vfio_dev_unbind_gpasid() always successful
> > *) use vfio_mm->pasid_lock to avoid race between PASID free and page table
> > bind/unbind
> > ---
> > drivers/vfio/vfio_iommu_type1.c | 166
> ++++++++++++++++++++++++++++++++++++++++
> > drivers/vfio/vfio_pasid.c | 26 +++++++
> > include/linux/vfio.h | 20 +++++
> > include/uapi/linux/vfio.h | 31 ++++++++
> > 4 files changed, 243 insertions(+)
> >
> > diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c
> > index 55b4065..f0f21ff 100644
> > --- a/drivers/vfio/vfio_iommu_type1.c
> > +++ b/drivers/vfio/vfio_iommu_type1.c
> > @@ -149,6 +149,30 @@ struct vfio_regions {
> > #define DIRTY_BITMAP_PAGES_MAX ((u64)INT_MAX)
> > #define DIRTY_BITMAP_SIZE_MAX
> DIRTY_BITMAP_BYTES(DIRTY_BITMAP_PAGES_MAX)
> >
> > +struct domain_capsule {
> > + struct vfio_group *group;
> > + struct iommu_domain *domain;
> > + void *data;
> > +};
> > +
> > +/* iommu->lock must be held */
> > +static struct vfio_group *vfio_find_nesting_group(struct vfio_iommu *iommu)
> > +{
> > + struct vfio_domain *d;
> > + struct vfio_group *group = NULL;
> > +
> > + if (!iommu->nesting_info)
> > + return NULL;
> > +
> > + /* only support singleton container with nesting type */
> > + list_for_each_entry(d, &iommu->domain_list, next) {
> > + list_for_each_entry(group, &d->group_list, next) {
> > + break;
> use list_first_entry?
yeah, based on the discussion in below link, we only support singleton
container with nesting type, also if no group in container, the nesting_info
will be cleared. so yes, list_first_entry will work as well.
https://lkml.org/lkml/2020/5/15/1028
> > + }
> > + }
> > + return group;
> > +}
> > +
> > static int put_pfn(unsigned long pfn, int prot);
> >
> > static struct vfio_group *vfio_iommu_find_iommu_group(struct vfio_iommu
> *iommu,
> > @@ -2349,6 +2373,48 @@ static int vfio_iommu_resv_refresh(struct vfio_iommu
> *iommu,
> > return ret;
> > }
> >
> > +static int vfio_dev_bind_gpasid_fn(struct device *dev, void *data)
> > +{
> > + struct domain_capsule *dc = (struct domain_capsule *)data;
> > + unsigned long arg = *(unsigned long *)dc->data;
> > +
> > + return iommu_sva_bind_gpasid(dc->domain, dev, (void __user *)arg);
> > +}
> > +
> > +static int vfio_dev_unbind_gpasid_fn(struct device *dev, void *data)
> > +{
> > + struct domain_capsule *dc = (struct domain_capsule *)data;
> > + unsigned long arg = *(unsigned long *)dc->data;
> > +
> > + iommu_sva_unbind_gpasid(dc->domain, dev, (void __user *)arg);
> > + return 0;
> > +}
> > +
> > +static int __vfio_dev_unbind_gpasid_fn(struct device *dev, void *data)
> > +{
> > + struct domain_capsule *dc = (struct domain_capsule *)data;
> > + struct iommu_gpasid_bind_data *unbind_data =
> > + (struct iommu_gpasid_bind_data *)dc->data;
> > +
> > + __iommu_sva_unbind_gpasid(dc->domain, dev, unbind_data);
> > + return 0;
> > +}
> > +
> > +static void vfio_group_unbind_gpasid_fn(ioasid_t pasid, void *data)
> > +{
> > + struct domain_capsule *dc = (struct domain_capsule *)data;
> > + struct iommu_gpasid_bind_data unbind_data;
> > +
> > + unbind_data.argsz = offsetof(struct iommu_gpasid_bind_data, vendor);
> > + unbind_data.flags = 0;
> > + unbind_data.hpasid = pasid;
> > +
> > + dc->data = &unbind_data;
> > +
> > + iommu_group_for_each_dev(dc->group->iommu_group,
> > + dc, __vfio_dev_unbind_gpasid_fn);
> > +}
> > +
> > static void vfio_iommu_type1_detach_group(void *iommu_data,
> > struct iommu_group *iommu_group)
> > {
> > @@ -2392,6 +2458,21 @@ static void vfio_iommu_type1_detach_group(void
> *iommu_data,
> > if (!group)
> > continue;
> >
> > + if (iommu->nesting_info && iommu->vmm &&
> > + (iommu->nesting_info->features &
> > + IOMMU_NESTING_FEAT_BIND_PGTBL)) {
> > + struct domain_capsule dc = { .group = group,
> > + .domain = domain->domain,
> > + .data = NULL };
> > +
> > + /*
> > + * Unbind page tables bound with system wide PASIDs
> > + * which are allocated to user space.
> > + */
> > + vfio_mm_for_each_pasid(iommu->vmm, &dc,
> > + vfio_group_unbind_gpasid_fn);
> > + }
> > +
> > vfio_iommu_detach_group(domain, group);
> > update_dirty_scope = !group->pinned_page_dirty_scope;
> > list_del(&group->next);
> > @@ -2938,6 +3019,89 @@ static int vfio_iommu_type1_pasid_request(struct
> vfio_iommu *iommu,
> > }
> > }
> >
> > +static long vfio_iommu_handle_pgtbl_op(struct vfio_iommu *iommu,
> > + bool is_bind, unsigned long arg)
> > +{
> > + struct iommu_nesting_info *info;
> > + struct domain_capsule dc = { .data = &arg };
> > + struct vfio_group *group;
> > + struct vfio_domain *domain;
> > + int ret;
> > +
> > + mutex_lock(&iommu->lock);
> > +
> > + info = iommu->nesting_info;
> > + if (!info || !(info->features & IOMMU_NESTING_FEAT_BIND_PGTBL)) {
> > + ret = -EOPNOTSUPP;
> > + goto out_unlock_iommu;
> > + }
> > +
> > + if (!iommu->vmm) {
> > + ret = -EINVAL;
> > + goto out_unlock_iommu;
> > + }
> > +
> > + group = vfio_find_nesting_group(iommu);
> is it realy useful to introduce vfio_find_nesting_group?
> in this function you already test info, you fetch the first domain
> below. So you would only need to fetch the 1st group?
this function was added to highlight the singleton container support
limitation. perhaps, it can be replaced with list_first_entry.
> > + if (!group) {
> > + ret = -EINVAL;
> can it happen?
guess not. may drop if vfio_find_nesting_group() is dropped.
> > + goto out_unlock_iommu;
> > + }
> > +
> > + domain = list_first_entry(&iommu->domain_list,
> > + struct vfio_domain, next);
> > + dc.group = group;
> > + dc.domain = domain->domain;
> > +
> > + /* Avoid race with other containers within the same process */
> > + vfio_mm_pasid_lock(iommu->vmm);
> > +
> > + if (is_bind) {
> > + ret = iommu_group_for_each_dev(group->iommu_group, &dc,
> > + vfio_dev_bind_gpasid_fn);
> > + if (ret)
> > + iommu_group_for_each_dev(group->iommu_group, &dc,
> > + vfio_dev_unbind_gpasid_fn);
> > + } else {
> > + iommu_group_for_each_dev(group->iommu_group,
> > + &dc, vfio_dev_unbind_gpasid_fn);
> > + ret = 0;
>
> int ret = 0;
>
> if (is_bind) {
> ret = iommu_group_for_each_dev(group->iommu_group, &dc,
> vfio_dev_bind_gpasid_fn);
> }
> if (ret || !is_bind) {
> iommu_group_for_each_dev(group->iommu_group,
> &dc, vfio_dev_unbind_gpasid_fn);
> }
got it. :-)
Regards,
Yi Liu
> > + }
> > +
> > + vfio_mm_pasid_unlock(iommu->vmm);
> > +out_unlock_iommu:
> > + mutex_unlock(&iommu->lock);
> > + return ret;
> > +}
> > +
> > +static long vfio_iommu_type1_nesting_op(struct vfio_iommu *iommu,
> > + unsigned long arg)
> > +{
> > + struct vfio_iommu_type1_nesting_op hdr;
> > + unsigned int minsz;
> > + int ret;
> > +
> > + minsz = offsetofend(struct vfio_iommu_type1_nesting_op, flags);
> > +
> > + if (copy_from_user(&hdr, (void __user *)arg, minsz))
> > + return -EFAULT;
> > +
> > + if (hdr.argsz < minsz || hdr.flags & ~VFIO_NESTING_OP_MASK)
> > + return -EINVAL;
> > +
> > + switch (hdr.flags & VFIO_NESTING_OP_MASK) {
> > + case VFIO_IOMMU_NESTING_OP_BIND_PGTBL:
> > + ret = vfio_iommu_handle_pgtbl_op(iommu, true, arg + minsz);
> > + break;
> > + case VFIO_IOMMU_NESTING_OP_UNBIND_PGTBL:
> > + ret = vfio_iommu_handle_pgtbl_op(iommu, false, arg + minsz);
> > + break;
> > + default:
> > + ret = -EINVAL;
> > + }
> > +
> > + return ret;
> > +}
> > +
> > static long vfio_iommu_type1_ioctl(void *iommu_data,
> > unsigned int cmd, unsigned long arg)
> > {
> > @@ -2956,6 +3120,8 @@ static long vfio_iommu_type1_ioctl(void *iommu_data,
> > return vfio_iommu_type1_dirty_pages(iommu, arg);
> > case VFIO_IOMMU_PASID_REQUEST:
> > return vfio_iommu_type1_pasid_request(iommu, arg);
> > + case VFIO_IOMMU_NESTING_OP:
> > + return vfio_iommu_type1_nesting_op(iommu, arg);
> > default:
> > return -ENOTTY;
> > }
> > diff --git a/drivers/vfio/vfio_pasid.c b/drivers/vfio/vfio_pasid.c
> > index ebec244..ecabaaa 100644
> > --- a/drivers/vfio/vfio_pasid.c
> > +++ b/drivers/vfio/vfio_pasid.c
> > @@ -216,6 +216,8 @@ void vfio_pasid_free_range(struct vfio_mm *vmm,
> > * IOASID core will notify PASID users (e.g. IOMMU driver) to
> > * teardown necessary structures depending on the to-be-freed
> > * PASID.
> > + * Hold pasid_lock also avoids race with PASID usages like bind/
> > + * unbind page tables to requested PASID.
> > */
> > mutex_lock(&vmm->pasid_lock);
> > while ((vid = vfio_find_pasid(vmm, min, max)) != NULL)
> > @@ -224,6 +226,30 @@ void vfio_pasid_free_range(struct vfio_mm *vmm,
> > }
> > EXPORT_SYMBOL_GPL(vfio_pasid_free_range);
> >
> > +int vfio_mm_for_each_pasid(struct vfio_mm *vmm, void *data,
> > + void (*fn)(ioasid_t id, void *data))
> > +{
> > + int ret;
> > +
> > + mutex_lock(&vmm->pasid_lock);
> > + ret = ioasid_set_for_each_ioasid(vmm->ioasid_sid, fn, data);
> > + mutex_unlock(&vmm->pasid_lock);
> > + return ret;
> > +}
> > +EXPORT_SYMBOL_GPL(vfio_mm_for_each_pasid);
> > +
> > +void vfio_mm_pasid_lock(struct vfio_mm *vmm)
> > +{
> > + mutex_lock(&vmm->pasid_lock);
> > +}
> > +EXPORT_SYMBOL_GPL(vfio_mm_pasid_lock);
> > +
> > +void vfio_mm_pasid_unlock(struct vfio_mm *vmm)
> > +{
> > + mutex_unlock(&vmm->pasid_lock);
> > +}
> > +EXPORT_SYMBOL_GPL(vfio_mm_pasid_unlock);
> > +
> > static int __init vfio_pasid_init(void)
> > {
> > mutex_init(&vfio_mm_lock);
> > diff --git a/include/linux/vfio.h b/include/linux/vfio.h
> > index a111108..2bc8347 100644
> > --- a/include/linux/vfio.h
> > +++ b/include/linux/vfio.h
> > @@ -105,6 +105,11 @@ int vfio_mm_ioasid_sid(struct vfio_mm *vmm);
> > extern int vfio_pasid_alloc(struct vfio_mm *vmm, int min, int max);
> > extern void vfio_pasid_free_range(struct vfio_mm *vmm,
> > ioasid_t min, ioasid_t max);
> > +extern int vfio_mm_for_each_pasid(struct vfio_mm *vmm, void *data,
> > + void (*fn)(ioasid_t id, void *data));
> > +extern void vfio_mm_pasid_lock(struct vfio_mm *vmm);
> > +extern void vfio_mm_pasid_unlock(struct vfio_mm *vmm);
> > +
> > #else
> > static inline struct vfio_mm *vfio_mm_get_from_task(struct task_struct *task)
> > {
> > @@ -129,6 +134,21 @@ static inline void vfio_pasid_free_range(struct vfio_mm
> *vmm,
> > ioasid_t min, ioasid_t max)
> > {
> > }
> > +
> > +static inline int vfio_mm_for_each_pasid(struct vfio_mm *vmm, void *data,
> > + void (*fn)(ioasid_t id, void *data))
> > +{
> > + return -ENOTTY;
> > +}
> > +
> > +static inline void vfio_mm_pasid_lock(struct vfio_mm *vmm)
> > +{
> > +}
> > +
> > +static inline void vfio_mm_pasid_unlock(struct vfio_mm *vmm)
> > +{
> > +}
> > +
> > #endif /* CONFIG_VFIO_PASID */
> >
> > /*
> > diff --git a/include/uapi/linux/vfio.h b/include/uapi/linux/vfio.h
> > index 96a115f..a8ad786 100644
> > --- a/include/uapi/linux/vfio.h
> > +++ b/include/uapi/linux/vfio.h
> > @@ -1209,6 +1209,37 @@ struct vfio_iommu_type1_pasid_request {
> >
> > #define VFIO_IOMMU_PASID_REQUEST _IO(VFIO_TYPE, VFIO_BASE + 18)
> >
> > +/**
> > + * VFIO_IOMMU_NESTING_OP - _IOW(VFIO_TYPE, VFIO_BASE + 19,
> > + * struct vfio_iommu_type1_nesting_op)
> > + *
> > + * This interface allows user space to utilize the nesting IOMMU
> > + * capabilities as reported in VFIO_IOMMU_TYPE1_INFO_CAP_NESTING
> > + * cap through VFIO_IOMMU_GET_INFO.
> > + *
> > + * @data[] types defined for each op:
> > + *
> +=================+===============================================+
> > + * | NESTING OP | @data[] |
> > + *
> +=================+===============================================+
> > + * | BIND_PGTBL | struct iommu_gpasid_bind_data |
> > + * +-----------------+-----------------------------------------------+
> > + * | UNBIND_PGTBL | struct iommu_gpasid_bind_data |
> > + * +-----------------+-----------------------------------------------+
> > + *
> > + * returns: 0 on success, -errno on failure.
> > + */
> > +struct vfio_iommu_type1_nesting_op {
> > + __u32 argsz;
> > + __u32 flags;
> > +#define VFIO_NESTING_OP_MASK (0xffff) /* lower 16-bits for op */
> > + __u8 data[];
> > +};
> > +
> > +#define VFIO_IOMMU_NESTING_OP_BIND_PGTBL (0)
> > +#define VFIO_IOMMU_NESTING_OP_UNBIND_PGTBL (1)
> > +
> > +#define VFIO_IOMMU_NESTING_OP _IO(VFIO_TYPE, VFIO_BASE + 19)
> > +
> > /* -------- Additional API for SPAPR TCE (Server POWERPC) IOMMU -------- */
> >
> > /*
> >
> Thanks
>
> Eric