Hi Eric,
>-----Original Message-----
>From: Eric Auger <eric.au...@redhat.com>
><marcel.apfelb...@gmail.com>
>Subject: Re: [PATCH v2 11/19] intel_iommu: Handle PASID entry adding
>
>Hi Zhenzhong,
>
>On 6/20/25 9:18 AM, Zhenzhong Duan wrote:
>> When guest modifies a PASID entry, QEMU will capture the guest pasid
>selective
>> pasid cache invalidation, allocate or remove a VTDAddressSpace instance per
>the
>> invalidation reasons:
>>
>> a) a present pasid entry moved to non-present
>> b) a present pasid entry to be a present entry
>> c) a non-present pasid entry moved to present
>>
>> This handles c).
>
>As you use the replay terminology in the patch, please explain what it
>means in that case and how the patch achieve above goal.
Will do.
>>
>> Signed-off-by: Yi Liu <yi.l....@intel.com>
>> Signed-off-by: Yi Sun <yi.y....@linux.intel.com>
>> Signed-off-by: Zhenzhong Duan <zhenzhong.d...@intel.com>
>> ---
>> hw/i386/intel_iommu_internal.h | 1 +
>> hw/i386/intel_iommu.c | 169 ++++++++++++++++++++++++++++++++-
>> 2 files changed, 169 insertions(+), 1 deletion(-)
>>
>> diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
>> index 01c881ed4d..025787b3b9 100644
>> --- a/hw/i386/intel_iommu_internal.h
>> +++ b/hw/i386/intel_iommu_internal.h
>> @@ -558,6 +558,7 @@ typedef struct VTDRootEntry VTDRootEntry;
>> #define VTD_CTX_ENTRY_LEGACY_SIZE 16
>> #define VTD_CTX_ENTRY_SCALABLE_SIZE 32
>>
>> +#define VTD_SM_CONTEXT_ENTRY_PDTS(val) (((val) >> 9) & 0x7)
>> #define VTD_SM_CONTEXT_ENTRY_RID2PASID_MASK 0xfffff
>> #define VTD_SM_CONTEXT_ENTRY_RSVD_VAL0(aw) (0x1e0ULL |
>~VTD_HAW_MASK(aw))
>> #define VTD_SM_CONTEXT_ENTRY_RSVD_VAL1 0xffffffffffe00000ULL
>> diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
>> index 1db581d14a..f4273dc640 100644
>> --- a/hw/i386/intel_iommu.c
>> +++ b/hw/i386/intel_iommu.c
>> @@ -826,6 +826,11 @@ static inline bool
>vtd_pe_type_check(IntelIOMMUState *s, VTDPASIDEntry *pe)
>> }
>> }
>>
>> +static inline uint32_t vtd_sm_ce_get_pdt_entry_num(VTDContextEntry *ce)
>> +{
>> + return 1U << (VTD_SM_CONTEXT_ENTRY_PDTS(ce->val[0]) + 7);
>> +}
>> +
>> static inline uint16_t vtd_pe_get_did(VTDPASIDEntry *pe)
>> {
>> return VTD_SM_PASID_ENTRY_DID((pe)->val[1]);
>> @@ -3246,6 +3251,159 @@ remove:
>> return true;
>> }
>>
>> +static void vtd_sm_pasid_table_walk_one(IntelIOMMUState *s,
>> + dma_addr_t pt_base,
>> + int start,
>> + int end,
>> + VTDPASIDCacheInfo *info)
>> +{
>> + VTDPASIDEntry pe;
>> + int pasid = start;
>> + int pasid_next;
>> +
>> + while (pasid < end) {
>> + pasid_next = pasid + 1;
>> +
>> + if (!vtd_get_pe_in_pasid_leaf_table(s, pasid, pt_base, &pe)
>> + && vtd_pe_present(&pe)) {
>> + int bus_n = pci_bus_num(info->bus), devfn = info->devfn;
>> + uint16_t sid = PCI_BUILD_BDF(bus_n, devfn);
>> + VTDAddressSpace *vtd_as;
>> +
>> + vtd_iommu_lock(s);
>> + /*
>> + * When indexed by rid2pasid, vtd_as should have been created,
>> + * e.g., by PCI subsystem. For other iommu pasid, we need to
>> + * create vtd_as dynamically. The other iommu pasid is same as
>> + * PCI's pasid, so it's used as input of vtd_find_add_as().
>> + */
>> + vtd_as = vtd_as_from_iommu_pasid_locked(s, sid, pasid);
>> + vtd_iommu_unlock(s);
>> + if (!vtd_as) {
>> + vtd_as = vtd_find_add_as(s, info->bus, devfn, pasid);
>> + }
>> +
>> + if ((info->type == VTD_PASID_CACHE_DOMSI ||
>> + info->type == VTD_PASID_CACHE_PASIDSI) &&
>> + !(info->domain_id == vtd_pe_get_did(&pe))) {
>> + /*
>> + * VTD_PASID_CACHE_DOMSI and VTD_PASID_CACHE_PASIDSI
>> + * requires domain ID check. If domain Id check fail,
>> + * go to next pasid.
>> + */
>> + pasid = pasid_next;
>> + continue;
>> + }
>> + if (vtd_fill_pe_in_cache(s, vtd_as, &pe)) {
>> + pasid_cache_info_set_error(info);
>> + }
>> + }
>> + pasid = pasid_next;
>> + }
>> +}
>> +
>> +/*
>> + * Currently, VT-d scalable mode pasid table is a two level table,
>do you mean PASID dir + PASID table? in the positive I would use that
>terminology directly.
Yes, OK.
>> + * this function aims to loop a range of PASIDs in a given pasid
>aims at looping over a range of PASIDs in a given table?
>so what do you call a table here? is a a PASID directory ot a PASID table.
Yes, this is confusing, will be:
* In VT-d scalable mode translation, PASID dir + PASID table is used.
* This function aims at looping over a range of PASIDs in a given two
* level table to identify the pasid config in guest.
>> + * table to identify the pasid config in guest.
>> + */
>> +static void vtd_sm_pasid_table_walk(IntelIOMMUState *s,
>> + dma_addr_t pdt_base,
>> + int start,
>> + int end,
>> + VTDPASIDCacheInfo *info)
>> +{
>> + VTDPASIDDirEntry pdire;
>> + int pasid = start;
>> + int pasid_next;
>> + dma_addr_t pt_base;
>> +
>> + while (pasid < end) {
>> + pasid_next = ((end - pasid) > VTD_PASID_TBL_ENTRY_NUM) ?
>> + (pasid + VTD_PASID_TBL_ENTRY_NUM) : end;
>> + if (!vtd_get_pdire_from_pdir_table(pdt_base, pasid, &pdire)
>> + && vtd_pdire_present(&pdire)) {
>> + pt_base = pdire.val & VTD_PASID_TABLE_BASE_ADDR_MASK;
>> + vtd_sm_pasid_table_walk_one(s, pt_base, pasid, pasid_next,
>> info);
>> + }
>> + pasid = pasid_next;
>> + }
>> +}
>> +
>> +static void vtd_replay_pasid_bind_for_dev(IntelIOMMUState *s,
>> + int start, int end,
>> + VTDPASIDCacheInfo *info)
>> +{
>> + VTDContextEntry ce;
>> +
>> + if (!vtd_dev_to_context_entry(s, pci_bus_num(info->bus), info->devfn,
>> + &ce)) {
>> + uint32_t max_pasid;
>> +
>> + max_pasid = vtd_sm_ce_get_pdt_entry_num(&ce) *
>VTD_PASID_TBL_ENTRY_NUM;
>> + if (end > max_pasid) {
>> + end = max_pasid;
>> + }
>> + vtd_sm_pasid_table_walk(s,
>> + VTD_CE_GET_PASID_DIR_TABLE(&ce),
>> + start,
>> + end,
>> + info);
>> + }
>> +}
>> +
>> +/*
>> + * This function replay the guest pasid bindings to hosts by
>replays, host
OK
>> + * walking the guest PASID table. This ensures host will have
>> + * latest guest pasid bindings.
>> + */
>> +static void vtd_replay_guest_pasid_bindings(IntelIOMMUState *s,
>> + VTDPASIDCacheInfo *pc_info)
>> +{
>> + VTDHostIOMMUDevice *vtd_hiod;
>> + int start = 0, end = 1; /* only rid2pasid is supported */
>> + VTDPASIDCacheInfo walk_info;
>> + GHashTableIter as_it;
>> +
>> + switch (pc_info->type) {
>> + case VTD_PASID_CACHE_PASIDSI:
>> + start = pc_info->pasid;
>> + end = pc_info->pasid + 1;
>> + /*
>> + * PASID selective invalidation is within domain,
>> + * thus fall through.
>this is still not totally clean to me. For domsi I would have expected a
>different setting of start and end?
For DOMSI, it's initialized above, "start = 0, end = 1".
We only support rid2pasid in this series, so end=1.
>> + */
>> + case VTD_PASID_CACHE_DOMSI:
>fall though clause here and above?
Sure
>> + case VTD_PASID_CACHE_GLOBAL_INV:
>> + /* loop all assigned devices */
>> + break;
>> + default:
>> + error_report("invalid pc_info->type for replay");
>> + abort();
>> + }
>> +
>> + /*
>> + * In this replay, only needs to care about the devices which
>one only needs to care
OK
>> + * are backed by host IOMMU. For such devices, their vtd_hiod
>Those devices have a corresponding vtd_hiod in s->vtd_host_iommu_dev
OK
>> + * instances are in the s->vtd_host_iommu_dev. For devices which
>> + * are not backed by host IOMMU, it is not necessary to replay
>> + * the bindings since their cache could be re-created in the future
>> + * DMA address translation. Access to vtd_host_iommu_dev is already
>> + * protected by BQL, so no iommu lock needed here.
>> + */
>> + walk_info = *pc_info;
>> + g_hash_table_iter_init(&as_it, s->vtd_host_iommu_dev);
>> + while (g_hash_table_iter_next(&as_it, NULL, (void **)&vtd_hiod)) {
>> + /* bus|devfn fields are not identical with pc_info */
>Can you clarify?
I mean bus|devfn in pc_info is not used here, I'll drop this line as it's
unrelated and confusing.
>> + walk_info.bus = vtd_hiod->bus;
>> + walk_info.devfn = vtd_hiod->devfn;
>> + vtd_replay_pasid_bind_for_dev(s, start, end, &walk_info);
>> + }
>> + if (walk_info.error_happened) {
>> + pasid_cache_info_set_error(pc_info);
>> + }
>> +}
>> +
>> /*
>> * This function syncs the pasid bindings between guest and host.
>> * It includes updating the pasid cache in vIOMMU and updating the
>> @@ -3301,7 +3459,16 @@ static void vtd_pasid_cache_sync(IntelIOMMUState
>*s,
>> pc_info);
>> vtd_iommu_unlock(s);
>>
>> - /* TODO: Step 2: loop all the existing vtd_hiod instances for pasid
>> bind. */
>> + /*
>> + * Step 2: loop all the existing vtd_hiod instances for pasid bind.
>> + * Ideally, needs to loop all devices to find if there is any new
>> + * PASID binding regards to the PASID cache invalidation request.
>> + * But it is enough to loop the devices which are backed by host
>> + * IOMMU. For devices backed by vIOMMU (a.k.a emulated devices),
>> + * if new PASID happened on them, their vtd_as instance could
>> + * be created during future vIOMMU DMA translation.
>the above comment is somehow redundant with the previous one
Yes, will drop this one.
Thanks
Zhenzhong
