Received: by 2002:a05:6a10:6d10:0:0:0:0 with SMTP id gq16csp928092pxb; Fri, 22 Apr 2022 14:33:20 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzxygWMFMwo3hRJPC6UQLQjkJK+D6i4ZOkg6YM6efm0N/2yjt/NNJwpqmK0Tierx6UYpGMo X-Received: by 2002:a17:903:40ce:b0:14d:8ab1:919 with SMTP id t14-20020a17090340ce00b0014d8ab10919mr6467423pld.122.1650663200530; Fri, 22 Apr 2022 14:33:20 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1650663200; cv=none; d=google.com; s=arc-20160816; b=oTXorFDaR6Je/XqYl6R9DXXn5aCW7vIzBBGi5v/Yi7bAaj0mWfimgNKXH8XHgouMuK aIS2W1iGvRZVNnKjd/rooLSV82nUDNZz9mnnzu+W+abgb1FaV2VWbgRzyD0MOdxO3MCb VEzvO9L9Pgeto4aOdQMqbypC08k01f7AeZr9/2HdJGgYJRXa0zvz80Ga9T/aKUj1Mdod 1YJYCXU4FaqzfZcRVQyAoCBGVpGn+YSW20CcDQlRaj2XGDm2YhdL3FsYZeFv2Tsl27ox PRik6dCZgJ0wVnBTceGg5fQUtG15BtFxgGj4b3txvIHb5r/ui5J8Oiua8MkVttNCIrxk 5t9Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=TdIFXYsljykcdC4RFbbEUyDGbtxT7WFhkj68neBFFEc=; b=Pha2FPS3hmnoaNqBBVmmVVhnGJMbD3gV80AVJk77IqkgRE602g9dhrx8W1TwPOQczK haX/M0OLDnXuDJaxBkzwigoP4A769DXD13yo5yIixdlnum+er/BhHzOr/j/IB9ZqT/LF 8GR8JG/GPG67HYcQvDDnWYTBFl1BDYm7onSEpHQzH3rAoY8CvHD+q1IfBcwCKF4DgbMf KbzlId51d56m4UIugFOpr4colV57L6IueZV7u1fU/RXrJ3/UodYunEYn9pJfU2ov1VY6 4Gx9UDzKYhSnYSbgAMdSk33/jZi2e3WOhTUxh/vHxrZ1BYXIu+6FJx4QrkcsBUWf557P xoSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=HgzhLOCy; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Return-Path: Received: from lindbergh.monkeyblade.net (lindbergh.monkeyblade.net. [23.128.96.19]) by mx.google.com with ESMTPS id h19-20020a056a00231300b004fa3a8dffa2si9315700pfh.89.2022.04.22.14.33.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 22 Apr 2022 14:33:20 -0700 (PDT) Received-SPF: softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) client-ip=23.128.96.19; Authentication-Results: mx.google.com; dkim=pass header.i=@intel.com header.s=Intel header.b=HgzhLOCy; spf=softfail (google.com: domain of transitioning linux-kernel-owner@vger.kernel.org does not designate 23.128.96.19 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=intel.com Received: from out1.vger.email (out1.vger.email [IPv6:2620:137:e000::1:20]) by lindbergh.monkeyblade.net (Postfix) with ESMTP id B46952F072C; Fri, 22 Apr 2022 12:40:44 -0700 (PDT) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1384373AbiDUF1L (ORCPT + 99 others); Thu, 21 Apr 2022 01:27:11 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57104 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1384357AbiDUF1H (ORCPT ); Thu, 21 Apr 2022 01:27:07 -0400 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 2D497DFAF for ; Wed, 20 Apr 2022 22:24:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1650518658; x=1682054658; h=from:to:cc:subject:date:message-id:in-reply-to: references:mime-version:content-transfer-encoding; bh=dD/iRv4YKvcUM4A7EpXodVuB+aCOAR9rbP/Lpb3e6Kg=; b=HgzhLOCyd9rH8dbqgjNMvewDTxntj5bZC2L7fX02kFWYcDx96D2zyWjL Qls7kEBCHuPpx1cFpdlXcSHkW4d4bwRwyvg/2gTGiD5gC4FsX5YVMJGVK /9x26p4HiGTKb3pPzMWm5+n0tdbLrUNf0vwGlfAnt6JXATHnKdvErLRnN A5/IjKfCYLN3SU+iayOl/r4uBTQSAi7YDf0PWZ6wiIEZRY+fEatNoHAz3 fjDZBVnaFDG+aKcsxDwQc6kJkip7WDciQurQA5O2REFVKIYRUwfwjBDTA nT9cuAkwlxamG96bm6gPBRmXP0UNYveAEq1nKiIkaGv2ZpVXxI2b7Bbye g==; X-IronPort-AV: E=McAfee;i="6400,9594,10323"; a="246135624" X-IronPort-AV: E=Sophos;i="5.90,277,1643702400"; d="scan'208";a="246135624" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Apr 2022 22:24:17 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.90,277,1643702400"; d="scan'208";a="702944103" Received: from allen-box.sh.intel.com ([10.239.159.48]) by fmsmga001.fm.intel.com with ESMTP; 20 Apr 2022 22:24:14 -0700 From: Lu Baolu To: Joerg Roedel , Jason Gunthorpe , Christoph Hellwig , Kevin Tian , Ashok Raj , Will Deacon , Robin Murphy , Jean-Philippe Brucker Cc: Eric Auger , Liu Yi L , Jacob jun Pan , iommu@lists.linux-foundation.org, linux-kernel@vger.kernel.org, Lu Baolu Subject: [PATCH v4 03/12] iommu: Add attach/detach_dev_pasid domain ops Date: Thu, 21 Apr 2022 13:21:12 +0800 Message-Id: <20220421052121.3464100-4-baolu.lu@linux.intel.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220421052121.3464100-1-baolu.lu@linux.intel.com> References: <20220421052121.3464100-1-baolu.lu@linux.intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RDNS_NONE,SPF_HELO_NONE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Attaching an IOMMU domain to a PASID of a device is a generic operation for modern IOMMU drivers which support PASID-granular DMA address translation. Currently visible usage scenarios include (but not limited): - SVA (Shared Virtual Address) - kernel DMA with PASID - hardware-assist mediated device This adds a pair of common domain ops for this purpose and adds helpers to attach/detach a domain to/from a {device, PASID}. Some buses, like PCI, route packets without considering the PASID value. Thus a DMA target address with PASID might be treated as P2P if the address falls into the MMIO BAR of other devices in the group. To make things simple, these interfaces only apply to devices belonging to the singleton groups, and the singleton is immutable in fabric i.e. not affected by hotplug. Signed-off-by: Lu Baolu --- include/linux/iommu.h | 21 ++++++++++ drivers/iommu/iommu.c | 95 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 116 insertions(+) diff --git a/include/linux/iommu.h b/include/linux/iommu.h index 36f43af0af53..fe7d9ee2bc2b 100644 --- a/include/linux/iommu.h +++ b/include/linux/iommu.h @@ -262,6 +262,8 @@ struct iommu_ops { * struct iommu_domain_ops - domain specific operations * @attach_dev: attach an iommu domain to a device * @detach_dev: detach an iommu domain from a device + * @attach_dev_pasid: attach an iommu domain to a pasid of device + * @detach_dev_pasid: detach an iommu domain from a pasid of device * @map: map a physically contiguous memory region to an iommu domain * @map_pages: map a physically contiguous set of pages of the same size to * an iommu domain. @@ -279,6 +281,10 @@ struct iommu_ops { struct iommu_domain_ops { int (*attach_dev)(struct iommu_domain *domain, struct device *dev); void (*detach_dev)(struct iommu_domain *domain, struct device *dev); + int (*attach_dev_pasid)(struct iommu_domain *domain, + struct device *dev, ioasid_t pasid); + void (*detach_dev_pasid)(struct iommu_domain *domain, + struct device *dev, ioasid_t pasid); int (*map)(struct iommu_domain *domain, unsigned long iova, phys_addr_t paddr, size_t size, int prot, gfp_t gfp); @@ -672,6 +678,10 @@ int iommu_group_claim_dma_owner(struct iommu_group *group, void *owner); void iommu_group_release_dma_owner(struct iommu_group *group); bool iommu_group_dma_owner_claimed(struct iommu_group *group); +int iommu_attach_device_pasid(struct iommu_domain *domain, + struct device *dev, ioasid_t pasid); +void iommu_detach_device_pasid(struct iommu_domain *domain, + struct device *dev, ioasid_t pasid); #else /* CONFIG_IOMMU_API */ struct iommu_ops {}; @@ -1040,6 +1050,17 @@ static inline bool iommu_group_dma_owner_claimed(struct iommu_group *group) { return false; } + +static inline int iommu_attach_device_pasid(struct iommu_domain *domain, + struct device *dev, ioasid_t pasid) +{ + return -ENODEV; +} + +static inline void iommu_detach_device_pasid(struct iommu_domain *domain, + struct device *dev, ioasid_t pasid) +{ +} #endif /* CONFIG_IOMMU_API */ /** diff --git a/drivers/iommu/iommu.c b/drivers/iommu/iommu.c index 0c42ece25854..c6fdc0067d76 100644 --- a/drivers/iommu/iommu.c +++ b/drivers/iommu/iommu.c @@ -38,6 +38,7 @@ struct iommu_group { struct kobject kobj; struct kobject *devices_kobj; struct list_head devices; + struct xarray pasid_array; struct mutex mutex; void *iommu_data; void (*iommu_data_release)(void *iommu_data); @@ -630,6 +631,7 @@ struct iommu_group *iommu_group_alloc(void) mutex_init(&group->mutex); INIT_LIST_HEAD(&group->devices); INIT_LIST_HEAD(&group->entry); + xa_init(&group->pasid_array); ret = ida_simple_get(&iommu_group_ida, 0, 0, GFP_KERNEL); if (ret < 0) { @@ -3167,3 +3169,96 @@ bool iommu_group_dma_owner_claimed(struct iommu_group *group) return user; } EXPORT_SYMBOL_GPL(iommu_group_dma_owner_claimed); + +static int has_pci_alias(struct pci_dev *pdev, u16 alias, void *opaque) +{ + return (pdev != opaque) ? -EEXIST : 0; +} + +/* + * Use standard PCI bus topology, isolation features, and DMA + * alias quirks to check the immutable singleton attribute. If + * the device came from DT, assume it is static and then + * singleton can know from the device count in the group. + */ +static bool device_group_immutable_singleton(struct device *dev) +{ + struct iommu_group *group = iommu_group_get(dev); + int count; + + if (!group) + return false; + + mutex_lock(&group->mutex); + count = iommu_group_device_count(group); + mutex_unlock(&group->mutex); + iommu_group_put(group); + + if (count != 1) + return false; + + if (dev_is_pci(dev)) { + struct pci_dev *pdev = to_pci_dev(dev); + + /* + * The device could be considered to be fully isolated if + * all devices on the path from the device to the host-PCI + * bridge are protected from peer-to-peer DMA by ACS. + */ + if (!pci_acs_path_enabled(pdev, NULL, REQ_ACS_FLAGS)) + return false; + + /* Filter out devices which has any alias device. */ + if (pci_for_each_dma_alias(pdev, has_pci_alias, pdev)) + return false; + + return true; + } + + /* + * If the device came from DT, assume it is static and then + * singleton can know from the device count in the group. + */ + return is_of_node(dev_fwnode(dev)); +} + +int iommu_attach_device_pasid(struct iommu_domain *domain, + struct device *dev, ioasid_t pasid) +{ + struct iommu_group *group; + int ret = -EINVAL; + void *curr; + + if (!domain->ops->attach_dev_pasid) + return -EINVAL; + + if (!device_group_immutable_singleton(dev)) + return -EINVAL; + + group = iommu_group_get(dev); + mutex_lock(&group->mutex); + curr = xa_cmpxchg(&group->pasid_array, pasid, NULL, domain, GFP_KERNEL); + if (curr) + goto out_unlock; + ret = domain->ops->attach_dev_pasid(domain, dev, pasid); + if (ret) + xa_erase(&group->pasid_array, pasid); +out_unlock: + mutex_unlock(&group->mutex); + iommu_group_put(group); + + return ret; +} + +void iommu_detach_device_pasid(struct iommu_domain *domain, + struct device *dev, ioasid_t pasid) +{ + struct iommu_group *group = iommu_group_get(dev); + + mutex_lock(&group->mutex); + domain->ops->detach_dev_pasid(domain, dev, pasid); + xa_erase(&group->pasid_array, pasid); + mutex_unlock(&group->mutex); + + iommu_group_put(group); +} -- 2.25.1