From: Nicolin Chen nicolinc@nvidia.com Sent: Friday, May 9, 2025 11:03 AM
+/**
- struct iommu_hw_queue_alloc - ioctl(IOMMU_HW_QUEUE_ALLOC)
- @size: sizeof(struct iommu_hw_queue_alloc)
- @flags: Must be 0
- @viommu_id: Virtual IOMMU ID to associate the HW queue with
- @type: One of enum iommu_hw_queue_type
- @index: The logical index to the HW queue per virtual IOMMU for a
multi-queue
model
I'm thinking of an alternative way w/o having the user to assign index and allowing the driver to poke object dependency (next patch).
Let's say the index is internally assigned by the driver. so this cmd is just for allowing a hw queue and it's the driver to decide the allocation policy, e.g. in ascending order.
Introduce a new flag in viommu_ops to indicate to core that the new hw queue should hold a reference to the previous hw queue.
core maintains a last_queue field in viommu. Upon success return from @hw_queue_alloc() the core increments the users refcnt of last_queue, records the dependency in iommufd_hw_queue struct, and update viommu->last_queue.
Then the destroy order is naturally guaranteed.
- @out_hw_queue_id: The ID of the new HW queue
- @base_addr: Base address of the queue memory in guest physical
address space
- @length: Length of the queue memory in the guest physical address
space
length is agnostic to address space.
+int iommufd_hw_queue_alloc_ioctl(struct iommufd_ucmd *ucmd) +{
- struct iommu_hw_queue_alloc *cmd = ucmd->cmd;
- struct iommufd_hw_queue *hw_queue;
- struct iommufd_hwpt_paging *hwpt;
- struct iommufd_viommu *viommu;
- struct page **pages;
- int max_npages, i;
- u64 end;
- int rc;
- if (cmd->flags || cmd->type == IOMMU_HW_QUEUE_TYPE_DEFAULT)
return -EOPNOTSUPP;- if (!cmd->base_addr || !cmd->length)
return -EINVAL;- if (check_add_overflow(cmd->base_addr, cmd->length - 1, &end))
return -EOVERFLOW;- max_npages = DIV_ROUND_UP(cmd->length, PAGE_SIZE);
what about [base_addr, base_addr+length) spanning two pages but 'length' is smaller than the size of one page?
- pages = kcalloc(max_npages, sizeof(*pages), GFP_KERNEL);
- if (!pages)
return -ENOMEM;
this could be moved to right before iopt_pin_pages().
- viommu = iommufd_get_viommu(ucmd, cmd->viommu_id);
- if (IS_ERR(viommu)) {
rc = PTR_ERR(viommu);goto out_free;- }
- hwpt = viommu->hwpt;
- if (!viommu->ops || !viommu->ops->hw_queue_alloc) {
rc = -EOPNOTSUPP;goto out_put_viommu;- }
- /* Quick test on the base address */
- if (!iommu_iova_to_phys(hwpt->common.domain, cmd->base_addr))
{
rc = -ENXIO;goto out_put_viommu;- }
this check is redundant. Actually it's not future proof, assuming that S2 must be pinned before the user attempts to call this cmd. But what if one day iommufd supports unpinned S2 (if a device is 100% PRI faultable) then this path will be broken.
- /*
* The underlying physical pages must be pinned to prevent themfrom
* being unmapped (via IOMMUFD_CMD_IOAS_UNMAP) during thelife cycle
* of the HW QUEUE object.*/- rc = iopt_pin_pages(&hwpt->ioas->iopt, cmd->base_addr, cmd-
length,
pages, 0);- if (rc)
goto out_put_viommu;- if (viommu->ops->flags &
IOMMUFD_VIOMMU_FLAG_HW_QUEUE_READS_PA) {
/* Validate if the underlying physical pages are contiguous */for (i = 1; i < max_npages && pages[i]; i++) {if (page_to_pfn(pages[i]) ==page_to_pfn(pages[i - 1]) + 1)continue;rc = -EFAULT;goto out_unpin;}- }
- hw_queue = viommu->ops->hw_queue_alloc(viommu, cmd->type,
cmd->index,
cmd->base_addr, cmd->length);- if (IS_ERR(hw_queue)) {
rc = PTR_ERR(hw_queue);goto out_unpin;- }
- hw_queue->viommu = viommu;
- refcount_inc(&viommu->obj.users);
- hw_queue->ictx = ucmd->ictx;
viommu/ictx are already set by iommufd_hw_queue_alloc().
- hw_queue->length = cmd->length;
- hw_queue->base_addr = cmd->base_addr;
- cmd->out_hw_queue_id = hw_queue->obj.id;
- rc = iommufd_ucmd_respond(ucmd, sizeof(*cmd));
- if (rc)
iommufd_object_abort_and_destroy(ucmd->ictx,&hw_queue->obj);
- else
iommufd_object_finalize(ucmd->ictx, &hw_queue->obj);- goto out_put_viommu;
+out_unpin:
- iopt_unpin_pages(&hwpt->ioas->iopt, cmd->base_addr, cmd-
length);
+out_put_viommu:
- iommufd_put_object(ucmd->ictx, &viommu->obj);
+out_free:
- kfree(pages);
- return rc;
+}
2.43.0