From: Quan Xu <quan.xu@intel.com>
To: andrew.cooper3@citrix.com, eddie.dong@intel.com,
ian.campbell@citrix.com, ian.jackson@eu.citrix.com,
jbeulich@suse.com, jun.nakajima@intel.com, keir@xen.org,
kevin.tian@intel.com, tim@xen.org, yang.z.zhang@intel.com,
george.dunlap@eu.citrix.com
Cc: Quan Xu <quan.xu@intel.com>, xen-devel@lists.xen.org
Subject: [Patch RFC 08/13] vt-d: Held on the freed page until the Device-TLB flush is completed.
Date: Wed, 16 Sep 2015 09:24:02 -0400 [thread overview]
Message-ID: <1442409847-65383-9-git-send-email-quan.xu@intel.com> (raw)
In-Reply-To: <1442409847-65383-1-git-send-email-quan.xu@intel.com>
The page freed from the domain should be on held, until the
Device-TLB flush is completed. The page previously associated
with the freed portion of GPA should not be reallocated for
another purpose until the appropriate invalidations have been
performed. Otherwise, the original page owner can still access
freed page though DMA.
Held on The page until the Device-TLB flush is completed.
- Unlink the page from the original owner.
- Remove the page from the page_list of domain.
- Decrease the total pages count of domain.
- Add the page to qi_hold_page_list.
The page will be put in Queued Invalidation(QI) interrupt handler
if the Device-TLB flush is completed.
Signed-off-by: Quan Xu <quan.xu@intel.com>
---
xen/drivers/passthrough/vtd/iommu.c | 35 +++++++++++++++++++++++++++++++++++
xen/include/xen/hvm/iommu.h | 8 ++++++++
2 files changed, 43 insertions(+)
diff --git a/xen/drivers/passthrough/vtd/iommu.c b/xen/drivers/passthrough/vtd/iommu.c
index fda9a84..5c03e41 100644
--- a/xen/drivers/passthrough/vtd/iommu.c
+++ b/xen/drivers/passthrough/vtd/iommu.c
@@ -1117,6 +1117,39 @@ static void _qi_msi_mask(struct iommu *iommu)
spin_unlock_irqrestore(&iommu->register_lock, flags);
}
+/*
+ * The page freed from the domain should be on held, until the
+ * Device-TLB flush is completed. The page previously associated
+ * with the freed portion of GPA should not be reallocated for
+ * another purpose until the appropriate invalidations have been
+ * performed. Otherwise, the original page owner can still access
+ * freed page though DMA.
+ *
+ * Held on The page until the Device-TLB flush is completed.
+ * - Unlink the page from the original owner.
+ * - Remove the page from the page_list of domain.
+ * - Decrease the total pages count of domain.
+ * - Add the page to qi_hold_page_list.
+ *
+ * The page will be put in Queued Invalidation(QI) interrupt
+ * handler if the Device-TLB flush is completed.
+ */
+void qi_hold_page(struct domain *d, struct page_info *pg)
+{
+ spin_lock(&d->page_alloc_lock);
+ page_set_owner(pg, NULL);
+ page_list_del(pg, &d->page_list);
+ d->tot_pages--;
+ spin_unlock(&d->page_alloc_lock);
+
+ INTEL_IOMMU_DEBUG("IOMMU: Hold on page mfn : %"PRIx64"\n",
+ page_to_mfn(pg));
+
+ spin_lock(&qi_page_lock(d));
+ page_list_add_tail(pg, &qi_hold_page_list(d));
+ spin_unlock(&qi_page_lock(d));
+}
+
static void _do_iommu_qi(struct iommu *iommu)
{
unsigned long nr_dom, i;
@@ -1449,6 +1482,8 @@ static int intel_iommu_domain_init(struct domain *d)
struct hvm_iommu *hd = domain_hvm_iommu(d);
hd->arch.agaw = width_to_agaw(DEFAULT_DOMAIN_ADDRESS_WIDTH);
+ INIT_PAGE_LIST_HEAD(&qi_hold_page_list(d));
+ spin_lock_init(&qi_page_lock(d));
return 0;
}
diff --git a/xen/include/xen/hvm/iommu.h b/xen/include/xen/hvm/iommu.h
index e40fc7b..5dc0033 100644
--- a/xen/include/xen/hvm/iommu.h
+++ b/xen/include/xen/hvm/iommu.h
@@ -53,11 +53,15 @@ struct hvm_iommu {
struct qi_talbe talbe;
bool_t qi_flag;
+ struct page_list_head qi_hold_page_list;
+ spinlock_t qi_lock;
+
/* Features supported by the IOMMU */
DECLARE_BITMAP(features, IOMMU_FEAT_count);
};
void do_qi_flushing(struct domain *d);
+void qi_hold_page(struct domain *d, struct page_info *pg);
#define iommu_set_feature(d, f) set_bit((f), domain_hvm_iommu(d)->features)
#define iommu_clear_feature(d, f) clear_bit((f), domain_hvm_iommu(d)->features)
@@ -68,5 +72,9 @@ void do_qi_flushing(struct domain *d);
(d->arch.hvm_domain.hvm_iommu.talbe.qi_table_poll_slot)
#define QI_FLUSHING(d) \
(d->arch.hvm_domain.hvm_iommu.qi_flag)
+#define qi_hold_page_list(d) \
+ (d->arch.hvm_domain.hvm_iommu.qi_hold_page_list)
+#define qi_page_lock(d) \
+ (d->arch.hvm_domain.hvm_iommu.qi_lock)
#endif /* __XEN_HVM_IOMMU_H__ */
--
1.8.3.2
next prev parent reply other threads:[~2015-09-16 13:24 UTC|newest]
Thread overview: 84+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-09-16 13:23 [Patch RFC 00/13] VT-d Asynchronous Device-TLB Flush for ATS Device Quan Xu
2015-09-16 10:46 ` Ian Jackson
2015-09-16 11:22 ` Julien Grall
2015-09-16 13:47 ` Ian Jackson
2015-09-17 9:06 ` Julien Grall
2015-09-17 10:16 ` Ian Jackson
2015-09-16 13:33 ` Xu, Quan
2015-09-16 13:23 ` [Patch RFC 01/13] vt-d: Redefine iommu_set_interrupt() for registering MSI interrupt Quan Xu
2015-09-29 8:43 ` Jan Beulich
2015-09-16 13:23 ` [Patch RFC 02/13] vt-d: Register MSI for async invalidation completion interrupt Quan Xu
2015-09-29 8:57 ` Jan Beulich
2015-10-10 8:22 ` Xu, Quan
2015-10-12 7:11 ` Jan Beulich
2015-09-16 13:23 ` [Patch RFC 03/13] vt-d: Track the Device-TLB invalidation status in an invalidation table Quan Xu
2015-09-16 9:33 ` Julien Grall
2015-09-16 13:43 ` Xu, Quan
2015-09-29 9:24 ` Jan Beulich
2015-10-10 12:27 ` Xu, Quan
2015-10-12 7:15 ` Jan Beulich
2015-09-16 13:23 ` [Patch RFC 04/13] vt-d: Clear invalidation table in invaidation interrupt handler Quan Xu
2015-09-29 9:33 ` Jan Beulich
2015-09-16 13:23 ` [Patch RFC 05/13] vt-d: Clear the IWC field of Invalidation Event Control Register in Quan Xu
2015-09-29 9:44 ` Jan Beulich
2015-09-16 13:24 ` [Patch RFC 06/13] vt-d: Introduce a new per-domain flag - qi_flag Quan Xu
2015-09-16 9:34 ` Julien Grall
2015-09-16 13:24 ` [Patch RFC 07/13] vt-d: If the qi_flag is Set, the domain's vCPUs are not allowed to Quan Xu
2015-09-16 9:44 ` Julien Grall
2015-09-16 14:03 ` Xu, Quan
2015-09-16 13:24 ` Quan Xu [this message]
2015-09-16 9:45 ` [Patch RFC 08/13] vt-d: Held on the freed page until the Device-TLB flush is completed Julien Grall
2015-09-16 13:24 ` [Patch RFC 09/13] vt-d: Put the page in Queued Invalidation(QI) interrupt handler if Quan Xu
2015-09-16 13:24 ` [Patch RFC 10/13] vt-d: Held on the removed page until the Device-TLB flush is completed Quan Xu
2015-09-16 9:52 ` Julien Grall
2015-09-16 13:24 ` [Patch RFC 11/13] vt-d: If the Device-TLB flush is still not completed when Quan Xu
2015-09-16 9:56 ` Julien Grall
2015-09-23 17:38 ` Konrad Rzeszutek Wilk
2015-09-24 1:40 ` Xu, Quan
2015-09-16 13:24 ` [Patch RFC 12/13] vt-d: For gnttab_transfer, If the Device-TLB flush is still Quan Xu
2015-09-16 13:24 ` [Patch RFC 13/13] vt-d: Set the IF bit in Invalidation Wait Descriptor When submit Device-TLB Quan Xu
2015-09-29 9:46 ` Jan Beulich
2015-09-17 3:26 ` [Patch RFC 00/13] VT-d Asynchronous Device-TLB Flush for ATS Device Xu, Quan
2015-09-21 8:51 ` Jan Beulich
2015-09-21 9:46 ` Xu, Quan
2015-09-21 12:03 ` Jan Beulich
2015-09-21 14:03 ` Xu, Quan
2015-09-21 14:20 ` Jan Beulich
2015-09-21 14:09 ` Xu, Quan
2015-09-23 16:26 ` Tim Deegan
2015-09-28 3:08 ` Xu, Quan
2015-09-28 6:47 ` Jan Beulich
2015-09-29 2:53 ` Xu, Quan
2015-09-29 7:21 ` Jan Beulich
2015-09-30 13:55 ` Xu, Quan
2015-09-30 14:03 ` Jan Beulich
2015-10-13 14:29 ` Xu, Quan
2015-10-13 14:50 ` Jan Beulich
2015-10-14 14:54 ` Xu, Quan
2015-09-29 9:11 ` Tim Deegan
2015-09-29 9:57 ` Jan Beulich
2015-09-30 15:05 ` Xu, Quan
2015-10-01 9:09 ` Tim Deegan
2015-10-07 17:02 ` Xu, Quan
2015-10-08 8:51 ` Jan Beulich
2015-10-09 7:06 ` Xu, Quan
2015-10-09 7:18 ` Jan Beulich
2015-10-09 7:51 ` Xu, Quan
2015-10-10 18:24 ` Tim Deegan
2015-10-11 11:09 ` Xu, Quan
2015-10-12 12:25 ` Jan Beulich
2015-10-13 9:34 ` Tim Deegan
2015-10-14 14:44 ` Xu, Quan
2015-10-12 1:42 ` Zhang, Yang Z
2015-10-12 12:34 ` Jan Beulich
2015-10-13 5:27 ` Zhang, Yang Z
2015-10-13 9:15 ` Jan Beulich
2015-10-14 5:12 ` Zhang, Yang Z
2015-10-14 9:30 ` Jan Beulich
2015-10-15 1:03 ` Zhang, Yang Z
2015-10-15 6:46 ` Jan Beulich
2015-10-15 7:28 ` Zhang, Yang Z
2015-10-15 8:25 ` Jan Beulich
2015-10-15 8:52 ` Zhang, Yang Z
2015-10-15 9:24 ` Jan Beulich
2015-10-15 9:50 ` Zhang, Yang Z
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1442409847-65383-9-git-send-email-quan.xu@intel.com \
--to=quan.xu@intel.com \
--cc=andrew.cooper3@citrix.com \
--cc=eddie.dong@intel.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.campbell@citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=jbeulich@suse.com \
--cc=jun.nakajima@intel.com \
--cc=keir@xen.org \
--cc=kevin.tian@intel.com \
--cc=tim@xen.org \
--cc=xen-devel@lists.xen.org \
--cc=yang.z.zhang@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).