>-----Original Message-----
>From: Eric Auger <[email protected]>
>Subject: Re: [PATCH v5 17/21] intel_iommu: Propagate PASID-based iotlb
>invalidation to host
>
>
>
>On 8/22/25 8:40 AM, Zhenzhong Duan wrote:
>> From: Yi Liu <[email protected]>
>>
>> This traps the guest PASID-based iotlb invalidation request and propagate it
>> to host.
>>
>> Intel VT-d 3.0 supports nested translation in PASID granularity. Guest SVA
>> support could be implemented by configuring nested translation on specific
>> pasid. This is also known as dual stage DMA translation.
>>
>> Under such configuration, guest owns the GVA->GPA translation which is
>> configured as stage-1 page table on host side for a specific pasid, and host
>> owns GPA->HPA translation. As guest owns stage-1 translation table, piotlb
>> invalidation should be propagated to host since host IOMMU will cache first
>> level page table related mappings during DMA address translation.
>>
>> Signed-off-by: Yi Liu <[email protected]>
>> Signed-off-by: Yi Sun <[email protected]>
>> Signed-off-by: Zhenzhong Duan <[email protected]>
>> ---
>> hw/i386/intel_iommu_internal.h | 6 +++
>> hw/i386/intel_iommu.c | 95
>+++++++++++++++++++++++++++++++++-
>> 2 files changed, 99 insertions(+), 2 deletions(-)
>>
>> diff --git a/hw/i386/intel_iommu_internal.h
>b/hw/i386/intel_iommu_internal.h
>> index 8af1004888..c1a9263651 100644
>> --- a/hw/i386/intel_iommu_internal.h
>> +++ b/hw/i386/intel_iommu_internal.h
>> @@ -596,6 +596,12 @@ typedef struct VTDPASIDCacheInfo {
>> uint16_t devfn;
>> } VTDPASIDCacheInfo;
>>
>> +typedef struct VTDPIOTLBInvInfo {
>> + uint16_t domain_id;
>> + uint32_t pasid;
>> + struct iommu_hwpt_vtd_s1_invalidate *inv_data;
>> +} VTDPIOTLBInvInfo;
>> +
>> /* PASID Table Related Definitions */
>> #define VTD_PASID_DIR_BASE_ADDR_MASK (~0xfffULL)
>> #define VTD_PASID_TABLE_BASE_ADDR_MASK (~0xfffULL)
>> diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
>> index 6c0e502d1c..7efa22f4ec 100644
>> --- a/hw/i386/intel_iommu.c
>> +++ b/hw/i386/intel_iommu.c
>> @@ -2611,12 +2611,99 @@ static int
>vtd_bind_guest_pasid(VTDAddressSpace *vtd_as, VTDPASIDOp op,
>>
>> return ret;
>> }
>> +
>> +static void
>> +vtd_invalidate_piotlb_locked(VTDAddressSpace *vtd_as,
>> + struct iommu_hwpt_vtd_s1_invalidate
>*cache)
>> +{
>> + IntelIOMMUState *s = vtd_as->iommu_state;
>> + VTDHostIOMMUDevice *vtd_hiod = vtd_find_hiod_iommufd(s,
>vtd_as);
>> + HostIOMMUDeviceIOMMUFD *idev;
>> + uint32_t entry_num = 1; /* Only implement one request for simplicity
>*/
>can you remind me what it is used for. What 1?
I see Yi has answered this question.
>> + Error *local_err = NULL;
>> +
>> + if (!vtd_hiod || !vtd_as->s1_hwpt) {
>> + return;
>> + }
>> + idev = HOST_IOMMU_DEVICE_IOMMUFD(vtd_hiod->hiod);
>> +
>> + if (!iommufd_backend_invalidate_cache(idev->iommufd,
>vtd_as->s1_hwpt,
>> +
>IOMMU_HWPT_INVALIDATE_DATA_VTD_S1,
>> + sizeof(*cache),
>&entry_num, cache,
>> + &local_err)) {
>> + /* Something wrong in kernel, but trying to continue */
>> + error_report_err(local_err);
>> + }
>> +}
>> +
>> +/*
>> + * This function is a loop function for the s->vtd_address_spaces
>> + * list with VTDPIOTLBInvInfo as execution filter. It propagates
>> + * the piotlb invalidation to host.
>> + */
>> +static void vtd_flush_host_piotlb_locked(gpointer key, gpointer value,
>> + gpointer user_data)
>> +{
>> + VTDPIOTLBInvInfo *piotlb_info = user_data;
>> + VTDAddressSpace *vtd_as = value;
>> + VTDPASIDCacheEntry *pc_entry = &vtd_as->pasid_cache_entry;
>> + uint32_t pasid;
>> + uint16_t did;
>> +
>> + /* Replay only fills pasid entry cache for passthrough device */
>> + if (!pc_entry->valid ||
>> + !vtd_pe_pgtt_is_flt(&pc_entry->pasid_entry)) {
>> + return;
>> + }
>> +
>> + if (vtd_as_to_iommu_pasid_locked(vtd_as, &pasid)) {
>> + return;
>> + }
>> +
>> + did = VTD_SM_PASID_ENTRY_DID(&pc_entry->pasid_entry);
>> +
>> + if (piotlb_info->domain_id == did && piotlb_info->pasid == pasid) {
>> + vtd_invalidate_piotlb_locked(vtd_as, piotlb_info->inv_data);
>> + }
>> +}
>> +
>> +static void
>> +vtd_flush_host_piotlb_all_locked(IntelIOMMUState *s,
>> + uint16_t domain_id, uint32_t
>pasid,
>> + hwaddr addr, uint64_t npages,
>bool ih)
>> +{
>> + struct iommu_hwpt_vtd_s1_invalidate cache_info = { 0 };
>> + VTDPIOTLBInvInfo piotlb_info;
>> +
>> + cache_info.addr = addr;
>> + cache_info.npages = npages;
>> + cache_info.flags = ih ? IOMMU_VTD_INV_FLAGS_LEAF : 0;
>> +
>> + piotlb_info.domain_id = domain_id;
>> + piotlb_info.pasid = pasid;
>> + piotlb_info.inv_data = &cache_info;
>> +
>> + /*
>> + * Go through each vtd_as instance in s->vtd_address_spaces, find
>out
>> + * the affected host device which need host piotlb invalidation. Piotlb
>Are you likely to find several vts_as that match invalidation params?
This is possible, it depends on guest kernel implementation. There can be N
devices
attached to one domain in guest, then in qemu, N nested HWPTs created and
attached to N devices on host side.
>> + * invalidation should check pasid cache per architecture point of
>view.
>> + */
>> + g_hash_table_foreach(s->vtd_address_spaces,
>> + vtd_flush_host_piotlb_locked,
>&piotlb_info);
>> +}
>> #else
>> static int vtd_bind_guest_pasid(VTDAddressSpace *vtd_as, VTDPASIDOp
>op,
>> Error **errp)
>> {
>> return 0;
>> }
>> +
>> +static void
>> +vtd_flush_host_piotlb_all_locked(IntelIOMMUState *s,
>> + uint16_t domain_id, uint32_t
>pasid,
>> + hwaddr addr, uint64_t npages,
>bool ih)
>> +{
>> +}
>> #endif
>Can't you put those stub stuff in a specific header as it is usually done?
That's usually true for public functions, but
vtd_flush_host_piotlb_all_locked() is a static function, do we really want to
put in header and expose it to other c files unnecessarily?
Thanks
Zhenzhong
