[PATCH v6 0/4] VT-d minor fixes

[PATCH v6 0/4] VT-d minor fixes

[CLEMENT MATHIEU--DRIF]

From: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>

Various fixes for VT-d

This series contains fixes that will be necessary
when adding in-guest (fully emulated) SVM support.

v6
    intel_iommu: fix type of the mask field in VTDIOTLBPageInvInfo:
    	- Add 'Fixes' tag

v5
    intel_iommu: fix FRCD construction macro:
    	- Remove empty line after 'Fixes'
    
    intel_iommu: fix type of the mask field in VTDIOTLBPageInvInfo:
    	- Edit commit message after comment from Yi
    
    intel_iommu: make types match:
    	- Edit commit message (s/"make types match"/"make type match"/)

v4
    - Move declarations of VTD_FRCD_PV and VTD_FRCD_PP
    - intel_iommu: make types match:
    	- edit commit message to explain that we are not fixing a bug
    - intel_iommu: fix type of the mask field in VTDIOTLBPageInvInfo
    	- edit commit message

v3
    FRCD construction macro :
    	- Longer sha1 for the 'Fixes' tag
    	- Add '.' at the end of the sentence
    
    Make types match :
    	- Split into 2 patches (one for the fix and one for type matching)
    
    Remove patch for wait descriptor handling (will be in the PRI series)

v2
    Make commit author consistent



Clément Mathieu--Drif (4):
  intel_iommu: fix FRCD construction macro
  intel_iommu: move VTD_FRCD_PV and VTD_FRCD_PP declarations
  intel_iommu: fix type of the mask field in VTDIOTLBPageInvInfo
  intel_iommu: make type match

 hw/i386/intel_iommu.c          | 2 +-
 hw/i386/intel_iommu_internal.h | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

-- 
2.45.2

[PATCH v6 2/4] intel_iommu: move VTD_FRCD_PV and VTD_FRCD_PP declarations

[CLEMENT MATHIEU--DRIF]

From: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>

These 2 macros are for high 64-bit of the FRCD registers.
Declarations have to be moved accordingly.

Signed-off-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
Reviewed-by: Minwoo Im <minwoo.im@samsung.com>
---
 hw/i386/intel_iommu_internal.h | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
index cbc4030031..faea23e8d6 100644
--- a/hw/i386/intel_iommu_internal.h
+++ b/hw/i386/intel_iommu_internal.h
@@ -264,10 +264,10 @@
 #define VTD_FRCD_FR(val)        (((val) & 0xffULL) << 32)
 #define VTD_FRCD_SID_MASK       0xffffULL
 #define VTD_FRCD_SID(val)       ((val) & VTD_FRCD_SID_MASK)
-/* For the low 64-bit of 128-bit */
-#define VTD_FRCD_FI(val)        ((val) & ~0xfffULL)
 #define VTD_FRCD_PV(val)        (((val) & 0xffffULL) << 40)
 #define VTD_FRCD_PP(val)        (((val) & 0x1ULL) << 31)
+/* For the low 64-bit of 128-bit */
+#define VTD_FRCD_FI(val)        ((val) & ~0xfffULL)
 #define VTD_FRCD_IR_IDX(val)    (((val) & 0xffffULL) << 48)
 
 /* DMA Remapping Fault Conditions */
-- 
2.45.2

[PATCH v6 1/4] intel_iommu: fix FRCD construction macro

[CLEMENT MATHIEU--DRIF]

From: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>

The constant must be unsigned, otherwise the two's complement
overrides the other fields when a PASID is present.

Fixes: 1b2b12376c8a ("intel-iommu: PASID support")
Signed-off-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
Reviewed-by: Yi Liu <yi.l.liu@intel.com>
Reviewed-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
Reviewed-by: Minwoo Im <minwoo.im@samsung.com>
---
 hw/i386/intel_iommu_internal.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
index f8cf99bddf..cbc4030031 100644
--- a/hw/i386/intel_iommu_internal.h
+++ b/hw/i386/intel_iommu_internal.h
@@ -267,7 +267,7 @@
 /* For the low 64-bit of 128-bit */
 #define VTD_FRCD_FI(val)        ((val) & ~0xfffULL)
 #define VTD_FRCD_PV(val)        (((val) & 0xffffULL) << 40)
-#define VTD_FRCD_PP(val)        (((val) & 0x1) << 31)
+#define VTD_FRCD_PP(val)        (((val) & 0x1ULL) << 31)
 #define VTD_FRCD_IR_IDX(val)    (((val) & 0xffffULL) << 48)
 
 /* DMA Remapping Fault Conditions */
-- 
2.45.2

[PATCH v6 3/4] intel_iommu: fix type of the mask field in VTDIOTLBPageInvInfo

[CLEMENT MATHIEU--DRIF]

From: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>

The mask we are trying to store into VTDIOTLBPageInvInfo.mask might not
fit in an uint8_t. Use uint64_t to avoid overflows.

Per the below code, it can overflow as am can be larger than 8 according
to the CH 6.5.2.3 IOTLB Invalidate. And you may want a fix tag as well.

info.mask = ~((1 << am) - 1);

CH 6.5.2.3 IOTLB Invalidate

Address Mask (AM): For page-selective-within-domain invalidations,
the Address Mask specifies the number of low order bits of the ADDR
field that must be masked for the invalidation operation. This field
enables software to request invalidation of contiguous mappings for
size-aligned regions. Refer to Table 19 for encodings of this field.
When invalidating a large-page translation, software must use the
appropriate Address Mask value (0 for 4KByte page, 9 for 2-MByte page,
and 18 for 1-GByte page). Hardware implementations report the maximum
supported address mask value through the Capability register.

Fixes: b5a280c00840 ("intel-iommu: add IOTLB using hash table")
Signed-off-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
Reviewed-by: Minwoo Im <minwoo.im@samsung.com>
---
 hw/i386/intel_iommu_internal.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
index faea23e8d6..5f32c36943 100644
--- a/hw/i386/intel_iommu_internal.h
+++ b/hw/i386/intel_iommu_internal.h
@@ -436,7 +436,7 @@ struct VTDIOTLBPageInvInfo {
     uint16_t domain_id;
     uint32_t pasid;
     uint64_t addr;
-    uint8_t mask;
+    uint64_t mask;
 };
 typedef struct VTDIOTLBPageInvInfo VTDIOTLBPageInvInfo;
 
-- 
2.45.2

[PATCH v6 4/4] intel_iommu: make type match

[CLEMENT MATHIEU--DRIF]

From: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>

The 'level' field in vtd_iotlb_key is an unsigned integer.
We don't need to store level as an int in vtd_lookup_iotlb.

This is not an issue by itself, but using unsigned here seems cleaner.

Signed-off-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
Reviewed-by: Yi Liu <yi.l.liu@intel.com>
---
 hw/i386/intel_iommu.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/hw/i386/intel_iommu.c b/hw/i386/intel_iommu.c
index 37c21a0aec..be0cb39b5c 100644
--- a/hw/i386/intel_iommu.c
+++ b/hw/i386/intel_iommu.c
@@ -358,7 +358,7 @@ static VTDIOTLBEntry *vtd_lookup_iotlb(IntelIOMMUState *s, uint16_t source_id,
 {
     struct vtd_iotlb_key key;
     VTDIOTLBEntry *entry;
-    int level;
+    unsigned level;
 
     for (level = VTD_SL_PT_LEVEL; level < VTD_SL_PML4_LEVEL; level++) {
         key.gfn = vtd_get_iotlb_gfn(addr, level);
-- 
2.45.2

Re: [PATCH v6 2/4] intel_iommu: move VTD_FRCD_PV and VTD_FRCD_PP declarations

[Yi Liu]

On 2024/7/9 14:18, CLEMENT MATHIEU--DRIF wrote:
> From: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
> 
> These 2 macros are for high 64-bit of the FRCD registers.
> Declarations have to be moved accordingly.
> 
> Signed-off-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
> Reviewed-by: Minwoo Im <minwoo.im@samsung.com>
> ---
>   hw/i386/intel_iommu_internal.h | 4 ++--
>   1 file changed, 2 insertions(+), 2 deletions(-)

Reviewed-by: Yi Liu <yi.l.liu@intel.com>

> 
> diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
> index cbc4030031..faea23e8d6 100644
> --- a/hw/i386/intel_iommu_internal.h
> +++ b/hw/i386/intel_iommu_internal.h
> @@ -264,10 +264,10 @@
>   #define VTD_FRCD_FR(val)        (((val) & 0xffULL) << 32)
>   #define VTD_FRCD_SID_MASK       0xffffULL
>   #define VTD_FRCD_SID(val)       ((val) & VTD_FRCD_SID_MASK)
> -/* For the low 64-bit of 128-bit */
> -#define VTD_FRCD_FI(val)        ((val) & ~0xfffULL)
>   #define VTD_FRCD_PV(val)        (((val) & 0xffffULL) << 40)
>   #define VTD_FRCD_PP(val)        (((val) & 0x1ULL) << 31)
> +/* For the low 64-bit of 128-bit */
> +#define VTD_FRCD_FI(val)        ((val) & ~0xfffULL)
>   #define VTD_FRCD_IR_IDX(val)    (((val) & 0xffffULL) << 48)
>   
>   /* DMA Remapping Fault Conditions */

-- 
Regards,
Yi Liu

Re: [PATCH v6 3/4] intel_iommu: fix type of the mask field in VTDIOTLBPageInvInfo

[Yi Liu]

On 2024/7/9 14:18, CLEMENT MATHIEU--DRIF wrote:
> From: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
> 
> The mask we are trying to store into VTDIOTLBPageInvInfo.mask might not
> fit in an uint8_t. Use uint64_t to avoid overflows.
> 
> Per the below code, it can overflow as am can be larger than 8 according
> to the CH 6.5.2.3 IOTLB Invalidate. And you may want a fix tag as well.

no need to paste the comment here. Especially the last sentence. :) Just
highlight that overflow is possible.

> 
> info.mask = ~((1 << am) - 1);
> 
> CH 6.5.2.3 IOTLB Invalidate
> 
> Address Mask (AM): For page-selective-within-domain invalidations,
> the Address Mask specifies the number of low order bits of the ADDR
> field that must be masked for the invalidation operation. This field
> enables software to request invalidation of contiguous mappings for
> size-aligned regions. Refer to Table 19 for encodings of this field.
> When invalidating a large-page translation, software must use the
> appropriate Address Mask value (0 for 4KByte page, 9 for 2-MByte page,
> and 18 for 1-GByte page). Hardware implementations report the maximum
> supported address mask value through the Capability register.
> 
> Fixes: b5a280c00840 ("intel-iommu: add IOTLB using hash table")

looks like this is a very old commit. The VTD_MAMV is set as 9 at that
time. If guest sets am=9 in the PSI iotlb invalidation, there is overflow.
Just curious why there is no bug reported here. Have you encountered any
issue before this commit? Anyhow, looks good to me. Remember to refine
the commit message a bit.

Reviewed-by: Yi Liu <yi.l.liu@intel.com>

> Signed-off-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
> Reviewed-by: Minwoo Im <minwoo.im@samsung.com>
> ---
>   hw/i386/intel_iommu_internal.h | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/hw/i386/intel_iommu_internal.h b/hw/i386/intel_iommu_internal.h
> index faea23e8d6..5f32c36943 100644
> --- a/hw/i386/intel_iommu_internal.h
> +++ b/hw/i386/intel_iommu_internal.h
> @@ -436,7 +436,7 @@ struct VTDIOTLBPageInvInfo {
>       uint16_t domain_id;
>       uint32_t pasid;
>       uint64_t addr;
> -    uint8_t mask;
> +    uint64_t mask;
>   };
>   typedef struct VTDIOTLBPageInvInfo VTDIOTLBPageInvInfo;
>   

-- 
Regards,
Yi Liu

Re: [PATCH v6 3/4] intel_iommu: fix type of the mask field in VTDIOTLBPageInvInfo

[CLEMENT MATHIEU--DRIF]

On 09/07/2024 16:01, Yi Liu wrote:
> Caution: External email. Do not open attachments or click links, 
> unless this email comes from a known sender and you know the content 
> is safe.
>
>
> On 2024/7/9 14:18, CLEMENT MATHIEU--DRIF wrote:
>> From: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
>>
>> The mask we are trying to store into VTDIOTLBPageInvInfo.mask might not
>> fit in an uint8_t. Use uint64_t to avoid overflows.
>>
>> Per the below code, it can overflow as am can be larger than 8 according
>> to the CH 6.5.2.3 IOTLB Invalidate. And you may want a fix tag as well.
>
> no need to paste the comment here. Especially the last sentence. :) Just
> highlight that overflow is possible.
>
>>
>> info.mask = ~((1 << am) - 1);
>>
>> CH 6.5.2.3 IOTLB Invalidate
>>
>> Address Mask (AM): For page-selective-within-domain invalidations,
>> the Address Mask specifies the number of low order bits of the ADDR
>> field that must be masked for the invalidation operation. This field
>> enables software to request invalidation of contiguous mappings for
>> size-aligned regions. Refer to Table 19 for encodings of this field.
>> When invalidating a large-page translation, software must use the
>> appropriate Address Mask value (0 for 4KByte page, 9 for 2-MByte page,
>> and 18 for 1-GByte page). Hardware implementations report the maximum
>> supported address mask value through the Capability register.
>>
>> Fixes: b5a280c00840 ("intel-iommu: add IOTLB using hash table")
>
> looks like this is a very old commit. The VTD_MAMV is set as 9 at that
> time. If guest sets am=9 in the PSI iotlb invalidation, there is 
> overflow.
> Just curious why there is no bug reported here. Have you encountered any
> issue before this commit? Anyhow, looks good to me. Remember to refine
> the commit message a bit.
I detected weird values in gdb when I started to implement pasid-based 
invalidations for SVM
>
> Reviewed-by: Yi Liu <yi.l.liu@intel.com>
>
>> Signed-off-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
>> Reviewed-by: Minwoo Im <minwoo.im@samsung.com>
>> ---
>>   hw/i386/intel_iommu_internal.h | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/hw/i386/intel_iommu_internal.h 
>> b/hw/i386/intel_iommu_internal.h
>> index faea23e8d6..5f32c36943 100644
>> --- a/hw/i386/intel_iommu_internal.h
>> +++ b/hw/i386/intel_iommu_internal.h
>> @@ -436,7 +436,7 @@ struct VTDIOTLBPageInvInfo {
>>       uint16_t domain_id;
>>       uint32_t pasid;
>>       uint64_t addr;
>> -    uint8_t mask;
>> +    uint64_t mask;
>>   };
>>   typedef struct VTDIOTLBPageInvInfo VTDIOTLBPageInvInfo;
>>
>
> -- 
> Regards,
> Yi Liu

Re: [PATCH v6 3/4] intel_iommu: fix type of the mask field in VTDIOTLBPageInvInfo

[CLEMENT MATHIEU--DRIF]

On 09/07/2024 16:01, Yi Liu wrote:
> Caution: External email. Do not open attachments or click links, 
> unless this email comes from a known sender and you know the content 
> is safe.
>
>
> On 2024/7/9 14:18, CLEMENT MATHIEU--DRIF wrote:
>> From: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
>>
>> The mask we are trying to store into VTDIOTLBPageInvInfo.mask might not
>> fit in an uint8_t. Use uint64_t to avoid overflows.
>>
>> Per the below code, it can overflow as am can be larger than 8 according
>> to the CH 6.5.2.3 IOTLB Invalidate. And you may want a fix tag as well.
>
> no need to paste the comment here. Especially the last sentence. :) Just
> highlight that overflow is possible.
Oops, sorry, will send v7
>
>>
>> info.mask = ~((1 << am) - 1);
>>
>> CH 6.5.2.3 IOTLB Invalidate
>>
>> Address Mask (AM): For page-selective-within-domain invalidations,
>> the Address Mask specifies the number of low order bits of the ADDR
>> field that must be masked for the invalidation operation. This field
>> enables software to request invalidation of contiguous mappings for
>> size-aligned regions. Refer to Table 19 for encodings of this field.
>> When invalidating a large-page translation, software must use the
>> appropriate Address Mask value (0 for 4KByte page, 9 for 2-MByte page,
>> and 18 for 1-GByte page). Hardware implementations report the maximum
>> supported address mask value through the Capability register.
>>
>> Fixes: b5a280c00840 ("intel-iommu: add IOTLB using hash table")
>
> looks like this is a very old commit. The VTD_MAMV is set as 9 at that
> time. If guest sets am=9 in the PSI iotlb invalidation, there is 
> overflow.
> Just curious why there is no bug reported here. Have you encountered any
> issue before this commit? Anyhow, looks good to me. Remember to refine
> the commit message a bit.
>
> Reviewed-by: Yi Liu <yi.l.liu@intel.com>
>
>> Signed-off-by: Clément Mathieu--Drif <clement.mathieu--drif@eviden.com>
>> Reviewed-by: Minwoo Im <minwoo.im@samsung.com>
>> ---
>>   hw/i386/intel_iommu_internal.h | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/hw/i386/intel_iommu_internal.h 
>> b/hw/i386/intel_iommu_internal.h
>> index faea23e8d6..5f32c36943 100644
>> --- a/hw/i386/intel_iommu_internal.h
>> +++ b/hw/i386/intel_iommu_internal.h
>> @@ -436,7 +436,7 @@ struct VTDIOTLBPageInvInfo {
>>       uint16_t domain_id;
>>       uint32_t pasid;
>>       uint64_t addr;
>> -    uint8_t mask;
>> +    uint64_t mask;
>>   };
>>   typedef struct VTDIOTLBPageInvInfo VTDIOTLBPageInvInfo;
>>
>
> -- 
> Regards,
> Yi Liu