Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Linux>
  3. Kernel
[PATCH 00/12] Consolidate domain cache invalidation
baolu.lu at linux
Mar 24, 2024, 7:16 PM
Post #1 of 5 (23 views)
Permalink
The IOMMU hardware cache needs to be invalidated whenever the mappings
in the domain are changed. Currently, domain cache invalidation is
scattered across different places, causing several issues:

- IOMMU IOTLB Invalidation: This is done by iterating through the domain
IDs of each domain using the following code:

xa_for_each(&dmar_domain->iommu_array, i, info)
iommu_flush_iotlb_psi(info->iommu, dmar_domain,
start_pfn, nrpages,
list_empty(&gather->freelist), 0);

This code could theoretically cause a use-after-free problem because
there's no lock to protect the "info" pointer within the loop.

- Inconsistent Invalidation Methods: Different domain types implement
their own cache invalidation methods, making the code difficult to
maintain. For example, the DMA domain, SVA domain, and nested domain
have similar cache invalidation code scattered across different files.

- SVA Domain Inconsistency: The SVA domain implementation uses a
completely different data structure to track attached devices compared
to other domains. This creates unnecessary differences and, even
worse, leads to duplicate IOTLB invalidation when an SVA domain is
attached to devices belonging to different IOMMU domains.

- Nested Domain Dependency: The special overlap between a nested domain
and its parent domain requires a dedicated parent_domain_flush()
helper function to be called everywhere the parent domain's mapping
changes.

- Limited Debugging Support: There are currently no debugging aids
available for domain cache invalidation.

By consolidating domain cache invalidation into a common location, we
can address the issues mentioned above and improve the code's
maintainability and debuggability.

Jason Gunthorpe (1):
iommu: Add ops->domain_alloc_sva()

Lu Baolu (11):
iommu/vt-d: Add cache tag assignment interface
iommu/vt-d: Add cache tag invalidation helpers
iommu/vt-d: Add trace events for cache tag interface
iommu/vt-d: Use cache_tag_flush_all() in flush_iotlb_all
iommu/vt-d: Use cache_tag_flush_range() in tlb_sync
iommu/vt-d: Use cache_tag_flush_cm_range() in iotlb_sync_map
iommu/vt-d: Cleanup use of iommu_flush_iotlb_psi()
iommu/vt-d: Use cache_tag_flush_range() in cache_invalidate_user
iommu/vt-d: Use cache helpers in arch_invalidate_secondary_tlbs
iommu/vt-d: Retire intel_svm_dev
iommu/vt-d: Retire struct intel_svm

include/linux/iommu.h | 3 +
drivers/iommu/intel/iommu.h | 66 +++---
drivers/iommu/intel/trace.h | 97 +++++++++
drivers/iommu/intel/cache.c | 389 +++++++++++++++++++++++++++++++++++
drivers/iommu/intel/iommu.c | 294 ++++----------------------
drivers/iommu/intel/nested.c | 71 ++-----
drivers/iommu/intel/svm.c | 279 ++++++-------------------
drivers/iommu/iommu-sva.c | 16 +-
drivers/iommu/intel/Makefile | 2 +-
9 files changed, 660 insertions(+), 557 deletions(-)
create mode 100644 drivers/iommu/intel/cache.c

--
2.34.1
RE: [PATCH 00/12] Consolidate domain cache invalidation [ In reply to ]
kevin.tian at intel
Mar 28, 2024, 12:59 AM
Post #2 of 5 (13 views)
Permalink
> From: Lu Baolu <baolu.lu@linux.intel.com>
> Sent: Monday, March 25, 2024 10:17 AM
>
> The IOMMU hardware cache needs to be invalidated whenever the
> mappings
> in the domain are changed. Currently, domain cache invalidation is
> scattered across different places, causing several issues:
>
> - IOMMU IOTLB Invalidation: This is done by iterating through the domain
> IDs of each domain using the following code:
>
> xa_for_each(&dmar_domain->iommu_array, i, info)
> iommu_flush_iotlb_psi(info->iommu, dmar_domain,
> start_pfn, nrpages,
> list_empty(&gather->freelist), 0);
>
> This code could theoretically cause a use-after-free problem because
> there's no lock to protect the "info" pointer within the loop.
>
> - Inconsistent Invalidation Methods: Different domain types implement
> their own cache invalidation methods, making the code difficult to
> maintain. For example, the DMA domain, SVA domain, and nested domain
> have similar cache invalidation code scattered across different files.
>
> - SVA Domain Inconsistency: The SVA domain implementation uses a
> completely different data structure to track attached devices compared
> to other domains. This creates unnecessary differences and, even
> worse, leads to duplicate IOTLB invalidation when an SVA domain is
> attached to devices belonging to different IOMMU domains.

can you elaborate how duplicated invalidations are caused?

>
> - Nested Domain Dependency: The special overlap between a nested domain
> and its parent domain requires a dedicated parent_domain_flush()
> helper function to be called everywhere the parent domain's mapping
> changes.
>
> - Limited Debugging Support: There are currently no debugging aids
> available for domain cache invalidation.
>
> By consolidating domain cache invalidation into a common location, we
> can address the issues mentioned above and improve the code's
> maintainability and debuggability.
>

overall this is a nice work!
Re: [PATCH 00/12] Consolidate domain cache invalidation [ In reply to ]
baolu.lu at linux
Apr 7, 2024, 12:28 AM
Post #3 of 5 (10 views)
Permalink
On 3/28/24 3:59 PM, Tian, Kevin wrote:
>> From: Lu Baolu<baolu.lu@linux.intel.com>
>> Sent: Monday, March 25, 2024 10:17 AM
>>
>> The IOMMU hardware cache needs to be invalidated whenever the
>> mappings
>> in the domain are changed. Currently, domain cache invalidation is
>> scattered across different places, causing several issues:
>>
>> - IOMMU IOTLB Invalidation: This is done by iterating through the domain
>> IDs of each domain using the following code:
>>
>> xa_for_each(&dmar_domain->iommu_array, i, info)
>> iommu_flush_iotlb_psi(info->iommu, dmar_domain,
>> start_pfn, nrpages,
>> list_empty(&gather->freelist), 0);
>>
>> This code could theoretically cause a use-after-free problem because
>> there's no lock to protect the "info" pointer within the loop.
>>
>> - Inconsistent Invalidation Methods: Different domain types implement
>> their own cache invalidation methods, making the code difficult to
>> maintain. For example, the DMA domain, SVA domain, and nested domain
>> have similar cache invalidation code scattered across different files.
>>
>> - SVA Domain Inconsistency: The SVA domain implementation uses a
>> completely different data structure to track attached devices compared
>> to other domains. This creates unnecessary differences and, even
>> worse, leads to duplicate IOTLB invalidation when an SVA domain is
>> attached to devices belonging to different IOMMU domains.
> can you elaborate how duplicated invalidations are caused?

Yes, sure.

Current Intel SVA implementation keeps the bond between mm and a PASID
of a device in a list of intel_svm_dev. In the mm notifier callback, it
iterates all intel_svam_dev in the list and invalidates the IOTLB and
device TLB sequentially.

If multiple devices belong to a single IOMMU, the IOTLB will be flushed
multiple times. However, since these devices share the same domain ID
and PASID, a single IOTLB cache invalidation is sufficient. The
additional flushes are redundant and negatively impact performance.

Best regards,
baolu
RE: [PATCH 00/12] Consolidate domain cache invalidation [ In reply to ]
kevin.tian at intel
Apr 7, 2024, 8:03 PM
Post #4 of 5 (10 views)
Permalink
> From: Baolu Lu <baolu.lu@linux.intel.com>
> Sent: Sunday, April 7, 2024 3:28 PM
>
> On 3/28/24 3:59 PM, Tian, Kevin wrote:
> >> From: Lu Baolu<baolu.lu@linux.intel.com>
> >> Sent: Monday, March 25, 2024 10:17 AM
> >>
> >> The IOMMU hardware cache needs to be invalidated whenever the
> >> mappings
> >> in the domain are changed. Currently, domain cache invalidation is
> >> scattered across different places, causing several issues:
> >>
> >> - IOMMU IOTLB Invalidation: This is done by iterating through the domain
> >> IDs of each domain using the following code:
> >>
> >> xa_for_each(&dmar_domain->iommu_array, i, info)
> >> iommu_flush_iotlb_psi(info->iommu, dmar_domain,
> >> start_pfn, nrpages,
> >> list_empty(&gather->freelist), 0);
> >>
> >> This code could theoretically cause a use-after-free problem because
> >> there's no lock to protect the "info" pointer within the loop.
> >>
> >> - Inconsistent Invalidation Methods: Different domain types implement
> >> their own cache invalidation methods, making the code difficult to
> >> maintain. For example, the DMA domain, SVA domain, and nested
> domain
> >> have similar cache invalidation code scattered across different files.
> >>
> >> - SVA Domain Inconsistency: The SVA domain implementation uses a
> >> completely different data structure to track attached devices compared
> >> to other domains. This creates unnecessary differences and, even
> >> worse, leads to duplicate IOTLB invalidation when an SVA domain is
> >> attached to devices belonging to different IOMMU domains.
> > can you elaborate how duplicated invalidations are caused?
>
> Yes, sure.
>
> Current Intel SVA implementation keeps the bond between mm and a PASID
> of a device in a list of intel_svm_dev. In the mm notifier callback, it
> iterates all intel_svam_dev in the list and invalidates the IOTLB and
> device TLB sequentially.
>
> If multiple devices belong to a single IOMMU, the IOTLB will be flushed
> multiple times. However, since these devices share the same domain ID
> and PASID, a single IOTLB cache invalidation is sufficient. The
> additional flushes are redundant and negatively impact performance.
>

yes it's redundant. But what does "devices belonging to different
IOMMU domains" in the original context try to convey? From above
explanation it sounds irrelevant...
Re: [PATCH 00/12] Consolidate domain cache invalidation [ In reply to ]
baolu.lu at linux
Apr 7, 2024, 8:05 PM
Post #5 of 5 (10 views)
Permalink
On 4/8/24 11:03 AM, Tian, Kevin wrote:
>> From: Baolu Lu <baolu.lu@linux.intel.com>
>> Sent: Sunday, April 7, 2024 3:28 PM
>>
>> On 3/28/24 3:59 PM, Tian, Kevin wrote:
>>>> From: Lu Baolu<baolu.lu@linux.intel.com>
>>>> Sent: Monday, March 25, 2024 10:17 AM
>>>>
>>>> The IOMMU hardware cache needs to be invalidated whenever the
>>>> mappings
>>>> in the domain are changed. Currently, domain cache invalidation is
>>>> scattered across different places, causing several issues:
>>>>
>>>> - IOMMU IOTLB Invalidation: This is done by iterating through the domain
>>>> IDs of each domain using the following code:
>>>>
>>>> xa_for_each(&dmar_domain->iommu_array, i, info)
>>>> iommu_flush_iotlb_psi(info->iommu, dmar_domain,
>>>> start_pfn, nrpages,
>>>> list_empty(&gather->freelist), 0);
>>>>
>>>> This code could theoretically cause a use-after-free problem because
>>>> there's no lock to protect the "info" pointer within the loop.
>>>>
>>>> - Inconsistent Invalidation Methods: Different domain types implement
>>>> their own cache invalidation methods, making the code difficult to
>>>> maintain. For example, the DMA domain, SVA domain, and nested
>> domain
>>>> have similar cache invalidation code scattered across different files.
>>>>
>>>> - SVA Domain Inconsistency: The SVA domain implementation uses a
>>>> completely different data structure to track attached devices compared
>>>> to other domains. This creates unnecessary differences and, even
>>>> worse, leads to duplicate IOTLB invalidation when an SVA domain is
>>>> attached to devices belonging to different IOMMU domains.
>>> can you elaborate how duplicated invalidations are caused?
>>
>> Yes, sure.
>>
>> Current Intel SVA implementation keeps the bond between mm and a PASID
>> of a device in a list of intel_svm_dev. In the mm notifier callback, it
>> iterates all intel_svam_dev in the list and invalidates the IOTLB and
>> device TLB sequentially.
>>
>> If multiple devices belong to a single IOMMU, the IOTLB will be flushed
>> multiple times. However, since these devices share the same domain ID
>> and PASID, a single IOTLB cache invalidation is sufficient. The
>> additional flushes are redundant and negatively impact performance.
>>
>
> yes it's redundant. But what does "devices belonging to different
> IOMMU domains" in the original context try to convey? From above
> explanation it sounds irrelevant...

My typo. :-) Sorry for the confusion.

I should say,

"... attached to devices belonging to a same IOMMU ..."

Best regards,
baolu

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal