From: Samiullah Khawaja <skhawaja@google.com>
To: Baolu Lu <baolu.lu@linux.intel.com>
Cc: David Woodhouse <dwmw2@infradead.org>,
Joerg Roedel <joro@8bytes.org>, Will Deacon <will@kernel.org>,
Jason Gunthorpe <jgg@ziepe.ca>,
Robin Murphy <robin.murphy@arm.com>,
Kevin Tian <kevin.tian@intel.com>,
Alex Williamson <alex@shazbot.org>,
Shuah Khan <shuah@kernel.org>,
iommu@lists.linux.dev, linux-kernel@vger.kernel.org,
kvm@vger.kernel.org, Saeed Mahameed <saeedm@nvidia.com>,
Adithya Jayachandran <ajayachandra@nvidia.com>,
Parav Pandit <parav@nvidia.com>,
Leon Romanovsky <leonro@nvidia.com>,
William Tu <witu@nvidia.com>,
Pratyush Yadav <pratyush@kernel.org>,
Pasha Tatashin <pasha.tatashin@soleen.com>,
David Matlack <dmatlack@google.com>,
Andrew Morton <akpm@linux-foundation.org>,
Chris Li <chrisl@kernel.org>,
Pranjal Shrivastava <praan@google.com>,
Vipin Sharma <vipinsh@google.com>,
YiFei Zhu <zhuyifei@google.com>
Subject: Re: [PATCH v2 10/16] iommu: Restore and reattach preserved domains to devices
Date: Thu, 7 May 2026 16:52:18 +0000 [thread overview]
Message-ID: <afzBptf2YsmdJ8V8@google.com> (raw)
In-Reply-To: <a88649ec-de69-43ed-a364-dcbfef09dfa6@linux.intel.com>
On Thu, May 07, 2026 at 09:54:27PM +0800, Baolu Lu wrote:
>On 4/28/2026 1:56 AM, Samiullah Khawaja wrote:
>>Restore the preserved domains by restoring the page tables using restore
>>IOMMU domain op. Reattach the preserved domain to the device during
>>default domain setup. While attaching, reuse the domain ID that was used
>>in the previous kernel. The context entry setup is not needed as that is
>>preserved during liveupdate.
>>
>>Signed-off-by: Samiullah Khawaja<skhawaja@google.com>
>>---
>> drivers/iommu/intel/iommu.c | 49 ++++++++++++++------
>> drivers/iommu/intel/iommu.h | 3 +-
>> drivers/iommu/intel/nested.c | 2 +-
>> drivers/iommu/iommu.c | 61 ++++++++++++++++++++++++-
>> drivers/iommu/liveupdate.c | 78 ++++++++++++++++++++++++++++++++
>> include/linux/iommu-liveupdate.h | 50 ++++++++++++++++++++
>> 6 files changed, 224 insertions(+), 19 deletions(-)
>
>Please split the changes in the Intel iommu driver and the iommu core
>into different patches.
Agreed. I will split these.
>
>>
>>diff --git a/drivers/iommu/intel/iommu.c b/drivers/iommu/intel/iommu.c
>>index 4118a0861f38..b90757164cd8 100644
>>--- a/drivers/iommu/intel/iommu.c
>>+++ b/drivers/iommu/intel/iommu.c
>>@@ -1031,7 +1031,8 @@ static bool first_level_by_default(struct intel_iommu *iommu)
>> return true;
>> }
>>-int domain_attach_iommu(struct dmar_domain *domain, struct intel_iommu *iommu)
>>+int domain_attach_iommu(struct dmar_domain *domain, struct intel_iommu *iommu,
>>+ int restore_did)
>
>How about using a new helper for restored domain? For example,
>
> int domain_reattach_iommu(...)
>
>or
>
> int domain_restore_iommu(...)
Agreed. I didn't do this to avoid code duplication, but I think this
might be much clean. Also in the restore path, the did test can also be
done as you pointed out below.
>
>> {
>> struct iommu_domain_info *info, *curr;
>> int num, ret = -ENOSPC;
>>@@ -1051,8 +1052,11 @@ int domain_attach_iommu(struct dmar_domain *domain, struct intel_iommu *iommu)
>> return 0;
>> }
>>- num = ida_alloc_range(&iommu->domain_ida, IDA_START_DID,
>>- cap_ndoms(iommu->cap) - 1, GFP_KERNEL);
>>+ if (restore_did >= IDA_START_DID)
>>+ num = restore_did;
>
>For a preserved domain ID, do we need to check whether it has been
>reserved from the ida pool?
Yes, I will add a sanity check once I move this logic into separate
function.
>
>>+ else
>>+ num = ida_alloc_range(&iommu->domain_ida, IDA_START_DID,
>>+ cap_ndoms(iommu->cap) - 1, GFP_KERNEL);
>> if (num < 0) {
>> pr_err("%s: No free domain ids\n", iommu->name);
>> goto err_unlock;
>>@@ -1320,10 +1324,14 @@ static int dmar_domain_attach_device(struct dmar_domain *domain,
>> {
>> struct device_domain_info *info = dev_iommu_priv_get(dev);
>> struct intel_iommu *iommu = info->iommu;
>>+ struct device_ser *device_ser = NULL;
>> unsigned long flags;
>> int ret;
>>- ret = domain_attach_iommu(domain, iommu);
>>+ device_ser = dev_iommu_restored_state(dev);
>>+
>>+ ret = domain_attach_iommu(domain, iommu,
>>+ dev_iommu_restore_did(dev, &domain->domain));
>
>What is the expected behavior if there is a mismatch between the
>restored state and the availability of a domain ID? Specifically, if
>device_ser is found but dev_iommu_restore_did() fails (returns -1), how
>should the driver proceed in that case?
The restore of the domain should fail in this case, as this is
unexpected behaviour, as the DID should be preserved in the previous
kernel and in this (new) kernel the did should have been reclaimed
during iommu HW restore.
But I think we can sanity check these in the separate restore function.
I will rework this.
>
>> if (ret)
>> return ret;
>>@@ -1336,16 +1344,18 @@ static int dmar_domain_attach_device(struct dmar_domain *domain,
>> if (dev_is_real_dma_subdevice(dev))
>> return 0;
>>- if (!sm_supported(iommu))
>>- ret = domain_context_mapping(domain, dev);
>>- else if (intel_domain_is_fs_paging(domain))
>>- ret = domain_setup_first_level(iommu, domain, dev,
>>- IOMMU_NO_PASID, NULL);
>>- else if (intel_domain_is_ss_paging(domain))
>>- ret = domain_setup_second_level(iommu, domain, dev,
>>- IOMMU_NO_PASID, NULL);
>>- else if (WARN_ON(true))
>>- ret = -EINVAL;
>>+ if (!device_ser) {
>>+ if (!sm_supported(iommu))
>>+ ret = domain_context_mapping(domain, dev);
>>+ else if (intel_domain_is_fs_paging(domain))
>>+ ret = domain_setup_first_level(iommu, domain, dev,
>>+ IOMMU_NO_PASID, NULL);
>>+ else if (intel_domain_is_ss_paging(domain))
>>+ ret = domain_setup_second_level(iommu, domain, dev,
>>+ IOMMU_NO_PASID, NULL);
>>+ else if (WARN_ON(true))
>>+ ret = -EINVAL;
>>+ }
>> if (ret)
>> goto out_block_translation;
>>@@ -3170,6 +3180,15 @@ int paging_domain_compatible(struct iommu_domain *domain, struct device *dev)
>> struct intel_iommu *iommu = info->iommu;
>> int ret = -EINVAL;
>>+#ifdef CONFIG_IOMMU_LIVEUPDATE
>>+ /*
>>+ * Restored IOMMU domains are already attached to the device and can
>>+ * only be freed. So no need to check the compatibility.
>>+ */
>>+ if (iommu_domain_restored_state(domain))
>>+ return 0;
>>+#endif
>>+
>> if (intel_domain_is_fs_paging(dmar_domain))
>> ret = paging_domain_compatible_first_stage(dmar_domain, iommu);
>> else if (intel_domain_is_ss_paging(dmar_domain))
>>@@ -3647,7 +3666,7 @@ domain_add_dev_pasid(struct iommu_domain *domain,
>> if (!dev_pasid)
>> return ERR_PTR(-ENOMEM);
>>- ret = domain_attach_iommu(dmar_domain, iommu);
>>+ ret = domain_attach_iommu(dmar_domain, iommu, -1);
>> if (ret)
>> goto out_free;
>>diff --git a/drivers/iommu/intel/iommu.h b/drivers/iommu/intel/iommu.h
>>index b0ec0b471a43..8e37acf7de12 100644
>>--- a/drivers/iommu/intel/iommu.h
>>+++ b/drivers/iommu/intel/iommu.h
>>@@ -1182,7 +1182,8 @@ void __iommu_flush_iotlb(struct intel_iommu *iommu, u16 did, u64 addr,
>> */
>> #define QI_OPT_WAIT_DRAIN BIT(0)
>>-int domain_attach_iommu(struct dmar_domain *domain, struct intel_iommu *iommu);
>>+int domain_attach_iommu(struct dmar_domain *domain, struct intel_iommu *iommu,
>>+ int restore_did);
>> void domain_detach_iommu(struct dmar_domain *domain, struct intel_iommu *iommu);
>> void device_block_translation(struct device *dev);
>> int paging_domain_compatible(struct iommu_domain *domain, struct device *dev);
>>diff --git a/drivers/iommu/intel/nested.c b/drivers/iommu/intel/nested.c
>>index 2b979bec56ce..6e13f697b463 100644
>>--- a/drivers/iommu/intel/nested.c
>>+++ b/drivers/iommu/intel/nested.c
>>@@ -40,7 +40,7 @@ static int intel_nested_attach_dev(struct iommu_domain *domain,
>> return ret;
>> }
>>- ret = domain_attach_iommu(dmar_domain, iommu);
>>+ ret = domain_attach_iommu(dmar_domain, iommu, -1);
>> if (ret) {
>> dev_err_ratelimited(dev, "Failed to attach domain to iommu\n");
>> return ret;
>
>Thanks,
>baolu
Thanks,
Sami
next prev parent reply other threads:[~2026-05-07 16:52 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-04-27 17:56 [PATCH v2 00/16] iommu: Add live update state preservation Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 01/16] liveupdate: luo_file: Add internal APIs for file preservation Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 02/16] iommu: Implement IOMMU Live update FLB callbacks Samiullah Khawaja
2026-05-01 21:45 ` David Matlack
2026-04-27 17:56 ` [PATCH v2 03/16] iommu: Implement IOMMU domain preservation Samiullah Khawaja
2026-05-01 22:08 ` David Matlack
2026-05-04 18:33 ` Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 04/16] iommu: Implement device and IOMMU HW preservation Samiullah Khawaja
2026-05-01 22:42 ` David Matlack
2026-05-04 19:06 ` Samiullah Khawaja
2026-05-07 2:07 ` Baolu Lu
2026-05-07 18:47 ` Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 05/16] iommu/pages: Add APIs to preserve/unpreserve/restore iommu pages Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 06/16] iommupt: Implement preserve/unpreserve/restore callbacks Samiullah Khawaja
2026-05-07 2:55 ` Baolu Lu
2026-05-07 18:40 ` Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 07/16] iommu/vt-d: Implement device and iommu preserve/unpreserve ops Samiullah Khawaja
2026-05-07 6:25 ` Baolu Lu
2026-05-08 2:36 ` Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 08/16] iommu: Add APIs to get iommu and device preserved state Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 09/16] iommu/vt-d: Restore IOMMU state and reclaimed domain ids Samiullah Khawaja
2026-05-07 9:05 ` Baolu Lu
2026-05-07 17:35 ` Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 10/16] iommu: Restore and reattach preserved domains to devices Samiullah Khawaja
2026-05-07 13:54 ` Baolu Lu
2026-05-07 16:52 ` Samiullah Khawaja [this message]
2026-04-27 17:56 ` [PATCH v2 11/16] iommu/vt-d: preserve PASID table of preserved device Samiullah Khawaja
2026-05-08 6:05 ` Baolu Lu
2026-04-27 17:56 ` [PATCH v2 12/16] iommufd: Implement ioctl to mark HWPT for preservation Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 13/16] iommufd: Persist iommu hardware pagetables for live update Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 14/16] iommufd: Add APIs to preserve/unpreserve a vfio cdev Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 15/16] vfio/pci: Preserve the iommufd state of the " Samiullah Khawaja
2026-04-27 17:56 ` [PATCH v2 16/16] iommufd/selftest: Add test to verify iommufd preservation Samiullah Khawaja
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=afzBptf2YsmdJ8V8@google.com \
--to=skhawaja@google.com \
--cc=ajayachandra@nvidia.com \
--cc=akpm@linux-foundation.org \
--cc=alex@shazbot.org \
--cc=baolu.lu@linux.intel.com \
--cc=chrisl@kernel.org \
--cc=dmatlack@google.com \
--cc=dwmw2@infradead.org \
--cc=iommu@lists.linux.dev \
--cc=jgg@ziepe.ca \
--cc=joro@8bytes.org \
--cc=kevin.tian@intel.com \
--cc=kvm@vger.kernel.org \
--cc=leonro@nvidia.com \
--cc=linux-kernel@vger.kernel.org \
--cc=parav@nvidia.com \
--cc=pasha.tatashin@soleen.com \
--cc=praan@google.com \
--cc=pratyush@kernel.org \
--cc=robin.murphy@arm.com \
--cc=saeedm@nvidia.com \
--cc=shuah@kernel.org \
--cc=vipinsh@google.com \
--cc=will@kernel.org \
--cc=witu@nvidia.com \
--cc=zhuyifei@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox