| Message ID | 20180124025606.3020-2-gurchetansingh@chromium.org (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
Am Dienstag, den 23.01.2018, 18:56 -0800 schrieb Gurchetan Singh: > The dma_cache_maint_page function is important for cache maintenance on > ARM32 (this was determined via testing). > > Since we desire direct control of the caches in drm_cache.c, let's make > a copy of the function, rename it and use it. I don't see why having a (potentially incoherent) copy of dma_cache_maint_page in DRM does any good. Why can't we just export the original function to make it usable within DRM? Regards, Lucas > > v2: Don't use DMA API, call functions directly (Daniel) > > > Signed-off-by: Gurchetan Singh <gurchetansingh@chromium.org> > --- > drivers/gpu/drm/drm_cache.c | 61 +++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 61 insertions(+) > > diff --git a/drivers/gpu/drm/drm_cache.c b/drivers/gpu/drm/drm_cache.c > index 89cdd32fe1f3..5124582451c6 100644 > --- a/drivers/gpu/drm/drm_cache.c > +++ b/drivers/gpu/drm/drm_cache.c > @@ -69,6 +69,55 @@ static void drm_cache_flush_clflush(struct page *pages[], > } > #endif > > +#if defined(CONFIG_ARM) > +static void drm_cache_maint_page(struct page *page, unsigned long offset, > > + size_t size, enum dma_data_direction dir, > > + void (*op)(const void *, size_t, int)) > +{ > > + unsigned long pfn; > > + size_t left = size; > + > > + pfn = page_to_pfn(page) + offset / PAGE_SIZE; > > + offset %= PAGE_SIZE; > + > > + /* > > + * A single sg entry may refer to multiple physically contiguous > > + * pages. But we still need to process highmem pages individually. > > + * If highmem is not configured then the bulk of this loop gets > > + * optimized out. > > + */ > > + do { > > + size_t len = left; > > + void *vaddr; > + > > + page = pfn_to_page(pfn); > + > > + if (PageHighMem(page)) { > > + if (len + offset > PAGE_SIZE) > > + len = PAGE_SIZE - offset; > + > > + if (cache_is_vipt_nonaliasing()) { > > + vaddr = kmap_atomic(page); > > + op(vaddr + offset, len, dir); > > + kunmap_atomic(vaddr); > > + } else { > > + vaddr = kmap_high_get(page); > > + if (vaddr) { > > + op(vaddr + offset, len, dir); > > + kunmap_high(page); > > + } > > + } > > + } else { > > + vaddr = page_address(page) + offset; > > + op(vaddr, len, dir); > > + } > > + offset = 0; > > + pfn++; > > + left -= len; > > + } while (left); > +} > +#endif > + > /** > * drm_flush_pages - Flush dcache lines of a set of pages. > * @pages: List of pages to be flushed. > @@ -104,6 +153,12 @@ drm_flush_pages(struct page *pages[], unsigned long num_pages) > > (unsigned long)page_virtual + PAGE_SIZE); > > kunmap_atomic(page_virtual); > > } > +#elif defined(CONFIG_ARM) > > + unsigned long i; > + > > + for (i = 0; i < num_pages; i++) > > + drm_cache_maint_page(pages[i], 0, PAGE_SIZE, DMA_TO_DEVICE, > > + dmac_map_area); > #else > > pr_err("Architecture has no drm_cache.c support\n"); > > WARN_ON_ONCE(1); > @@ -135,6 +190,12 @@ drm_flush_sg(struct sg_table *st) > > > if (wbinvd_on_all_cpus()) > > pr_err("Timed out waiting for cache flush\n"); > +#elif defined(CONFIG_ARM) > > + struct sg_page_iter sg_iter; > + > > + for_each_sg_page(st->sgl, &sg_iter, st->nents, 0) > > + drm_cache_maint_page(sg_page_iter_page(&sg_iter), 0, PAGE_SIZE, > > + DMA_TO_DEVICE, dmac_map_area); > #else > > pr_err("Architecture has no drm_cache.c support\n"); > > WARN_ON_ONCE(1);
On Tue, Jan 23, 2018 at 06:56:03PM -0800, Gurchetan Singh wrote: > The dma_cache_maint_page function is important for cache maintenance on > ARM32 (this was determined via testing). > > Since we desire direct control of the caches in drm_cache.c, let's make > a copy of the function, rename it and use it. > > v2: Don't use DMA API, call functions directly (Daniel) > > Signed-off-by: Gurchetan Singh <gurchetansingh@chromium.org> > --- > drivers/gpu/drm/drm_cache.c | 61 +++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 61 insertions(+) > > diff --git a/drivers/gpu/drm/drm_cache.c b/drivers/gpu/drm/drm_cache.c > index 89cdd32fe1f3..5124582451c6 100644 > --- a/drivers/gpu/drm/drm_cache.c > +++ b/drivers/gpu/drm/drm_cache.c > @@ -69,6 +69,55 @@ static void drm_cache_flush_clflush(struct page *pages[], > } > #endif > > +#if defined(CONFIG_ARM) > +static void drm_cache_maint_page(struct page *page, unsigned long offset, > + size_t size, enum dma_data_direction dir, > + void (*op)(const void *, size_t, int)) > +{ > + unsigned long pfn; > + size_t left = size; > + > + pfn = page_to_pfn(page) + offset / PAGE_SIZE; > + offset %= PAGE_SIZE; > + > + /* > + * A single sg entry may refer to multiple physically contiguous > + * pages. But we still need to process highmem pages individually. > + * If highmem is not configured then the bulk of this loop gets > + * optimized out. > + */ > + do { > + size_t len = left; > + void *vaddr; > + > + page = pfn_to_page(pfn); > + > + if (PageHighMem(page)) { > + if (len + offset > PAGE_SIZE) > + len = PAGE_SIZE - offset; > + > + if (cache_is_vipt_nonaliasing()) { > + vaddr = kmap_atomic(page); > + op(vaddr + offset, len, dir); > + kunmap_atomic(vaddr); > + } else { > + vaddr = kmap_high_get(page); > + if (vaddr) { > + op(vaddr + offset, len, dir); > + kunmap_high(page); > + } > + } > + } else { > + vaddr = page_address(page) + offset; > + op(vaddr, len, dir); > + } > + offset = 0; > + pfn++; > + left -= len; > + } while (left); > +} > +#endif > + > /** > * drm_flush_pages - Flush dcache lines of a set of pages. > * @pages: List of pages to be flushed. > @@ -104,6 +153,12 @@ drm_flush_pages(struct page *pages[], unsigned long num_pages) > (unsigned long)page_virtual + PAGE_SIZE); > kunmap_atomic(page_virtual); > } > +#elif defined(CONFIG_ARM) > + unsigned long i; > + > + for (i = 0; i < num_pages; i++) > + drm_cache_maint_page(pages[i], 0, PAGE_SIZE, DMA_TO_DEVICE, > + dmac_map_area); > #else > pr_err("Architecture has no drm_cache.c support\n"); > WARN_ON_ONCE(1); > @@ -135,6 +190,12 @@ drm_flush_sg(struct sg_table *st) > > if (wbinvd_on_all_cpus()) > pr_err("Timed out waiting for cache flush\n"); > +#elif defined(CONFIG_ARM) > + struct sg_page_iter sg_iter; > + > + for_each_sg_page(st->sgl, &sg_iter, st->nents, 0) > + drm_cache_maint_page(sg_page_iter_page(&sg_iter), 0, PAGE_SIZE, > + DMA_TO_DEVICE, dmac_map_area); > #else > pr_err("Architecture has no drm_cache.c support\n"); > WARN_ON_ONCE(1); NAK. With this, you're "going under the covers" of the architecture and using architecture private functions (dmac_map_area/dmac_unmap_area) in a driver. The hint is that dmac_map_area() and dmac_unmap_area() are not declared in any asm/*.h header file, but in arch/arm/mm/dma.h, and they carry this warning above their definition: /* * These are private to the dma-mapping API. Do not use directly. * Their sole purpose is to ensure that data held in the cache * is visible to DMA, or data written by DMA to system memory is * visible to the CPU. */ So no, this is not an acceptable approach. Secondly, in light of spectre and meltdown, do we _really_ want to export cache flushing to userspace in any case - these attacks rely on being able to flush specific cache lines from the caches in order to do the timing attacks (while leaving others in place.) Currently, 32-bit ARM does not export such flushing capabilities to userspace, which makes it very difficult (I'm not going to say impossible) to get any working proof-of-code program that even illustrates the timing attack. Exposing this functionality changes that game, and means that we're much more open to these exploits. (Some may say that you can flush cache lines by reading a large enough buffer - I'm aware, I've tried that, the results are too unreliable even for a simple attempt which doesn't involve crossing privilege boundaries.) Do you really need cacheable GPU buffers, or will write combining buffers (as we use elsewhere such as etnaviv) suffice? Please provide some _real_ _world_ performance measurements that demonstrate that there is a real need for this functionality.
On Wed, Jan 24, 2018 at 4:45 AM, Russell King - ARM Linux < linux@armlinux.org.uk> wrote: > On Tue, Jan 23, 2018 at 06:56:03PM -0800, Gurchetan Singh wrote: > > The dma_cache_maint_page function is important for cache maintenance on > > ARM32 (this was determined via testing). > > > > Since we desire direct control of the caches in drm_cache.c, let's make > > a copy of the function, rename it and use it. > > > > v2: Don't use DMA API, call functions directly (Daniel) > > > > Signed-off-by: Gurchetan Singh <gurchetansingh@chromium.org> > > --- > > drivers/gpu/drm/drm_cache.c | 61 ++++++++++++++++++++++++++++++ > +++++++++++++++ > > 1 file changed, 61 insertions(+) > > > > diff --git a/drivers/gpu/drm/drm_cache.c b/drivers/gpu/drm/drm_cache.c > > index 89cdd32fe1f3..5124582451c6 100644 > > --- a/drivers/gpu/drm/drm_cache.c > > +++ b/drivers/gpu/drm/drm_cache.c > > @@ -69,6 +69,55 @@ static void drm_cache_flush_clflush(struct page > *pages[], > > } > > #endif > > > > +#if defined(CONFIG_ARM) > > +static void drm_cache_maint_page(struct page *page, unsigned long > offset, > > + size_t size, enum dma_data_direction dir, > > + void (*op)(const void *, size_t, int)) > > +{ > > + unsigned long pfn; > > + size_t left = size; > > + > > + pfn = page_to_pfn(page) + offset / PAGE_SIZE; > > + offset %= PAGE_SIZE; > > + > > + /* > > + * A single sg entry may refer to multiple physically contiguous > > + * pages. But we still need to process highmem pages individually. > > + * If highmem is not configured then the bulk of this loop gets > > + * optimized out. > > + */ > > + do { > > + size_t len = left; > > + void *vaddr; > > + > > + page = pfn_to_page(pfn); > > + > > + if (PageHighMem(page)) { > > + if (len + offset > PAGE_SIZE) > > + len = PAGE_SIZE - offset; > > + > > + if (cache_is_vipt_nonaliasing()) { > > + vaddr = kmap_atomic(page); > > + op(vaddr + offset, len, dir); > > + kunmap_atomic(vaddr); > > + } else { > > + vaddr = kmap_high_get(page); > > + if (vaddr) { > > + op(vaddr + offset, len, dir); > > + kunmap_high(page); > > + } > > + } > > + } else { > > + vaddr = page_address(page) + offset; > > + op(vaddr, len, dir); > > + } > > + offset = 0; > > + pfn++; > > + left -= len; > > + } while (left); > > +} > > +#endif > > + > > /** > > * drm_flush_pages - Flush dcache lines of a set of pages. > > * @pages: List of pages to be flushed. > > @@ -104,6 +153,12 @@ drm_flush_pages(struct page *pages[], unsigned long > num_pages) > > (unsigned long)page_virtual + > PAGE_SIZE); > > kunmap_atomic(page_virtual); > > } > > +#elif defined(CONFIG_ARM) > > + unsigned long i; > > + > > + for (i = 0; i < num_pages; i++) > > + drm_cache_maint_page(pages[i], 0, PAGE_SIZE, > DMA_TO_DEVICE, > > + dmac_map_area); > > #else > > pr_err("Architecture has no drm_cache.c support\n"); > > WARN_ON_ONCE(1); > > @@ -135,6 +190,12 @@ drm_flush_sg(struct sg_table *st) > > > > if (wbinvd_on_all_cpus()) > > pr_err("Timed out waiting for cache flush\n"); > > +#elif defined(CONFIG_ARM) > > + struct sg_page_iter sg_iter; > > + > > + for_each_sg_page(st->sgl, &sg_iter, st->nents, 0) > > + drm_cache_maint_page(sg_page_iter_page(&sg_iter), 0, > PAGE_SIZE, > > + DMA_TO_DEVICE, dmac_map_area); > > #else > > pr_err("Architecture has no drm_cache.c support\n"); > > WARN_ON_ONCE(1); > > NAK. With this, you're "going under the covers" of the architecture and > using architecture private functions (dmac_map_area/dmac_unmap_area) in > a driver. > > The hint is that dmac_map_area() and dmac_unmap_area() are not declared > in any asm/*.h header file, but in arch/arm/mm/dma.h, and they carry this > warning above their definition: > > /* > * These are private to the dma-mapping API. Do not use directly. > * Their sole purpose is to ensure that data held in the cache > * is visible to DMA, or data written by DMA to system memory is > * visible to the CPU. > */ > My preference is to use the dma-mapping API (version 1 of this patchset) too because: 1) the warnings in these headers 2) this approach entails code duplication However, I've received feedback that's not desirable for DRM. Given your disapproval of this approach, I think the dma-mapping API is the way to go. > So no, this is not an acceptable approach. > > Secondly, in light of spectre and meltdown, do we _really_ want to > export cache flushing to userspace in any case - these attacks rely > on being able to flush specific cache lines from the caches in order > to do the timing attacks (while leaving others in place.) Currently, 32-bit ARM does not export such flushing capabilities to > userspace, which makes it very difficult (I'm not going to say > impossible) to get any working proof-of-code program that even > illustrates the timing attack. Exposing this functionality changes > that game, and means that we're much more open to these exploits. > (Some may say that you can flush cache lines by reading a large > enough buffer - I'm aware, I've tried that, the results are too > unreliable even for a simple attempt which doesn't involve crossing > privilege boundaries.) > Will using the DMA API (dma_sync_single_for_device / dma_sync_sg_for_device) mitigate your Meltdown / Spectre concerns in any way? > Do you really need cacheable GPU buffers, or will write combining > buffers (as we use elsewhere such as etnaviv) suffice? Please provide > some _real_ _world_ performance measurements that demonstrate that > there is a real need for this functionality. My desire is for the vgem driver to work correctly on ARM, which requires cache flushing. The mappings vgem itself creates are write combine. The issue is the pages retrieved on ARM architecture usually have to be flushed before they can be used (see rockchip_gem_get_pages / tegra_bo_get_pages). This patch set attempts to do the flushing in an architecture independent manner (since vgem is intended to work on ARM / x86). There is some interest in cache-able DRM buffers (though, again, this patchset is not about that). Renderscript accesses are very slow on ARM and we keep shadow buffers to improve performance (see crrev.com/602736). Jeffy has done some tests with memcpys in our camera stack that shows improvements (with caching --> 4 to 7 ms, without caching --> 20 to 90ms). However, I do agree Spectre complicates things. > -- > RMK's Patch system: http://www.armlinux.org.uk/developer/patches/ > FTTC broadband for 0.8mile line in suburbia: sync at 8.8Mbps down 630kbps > up > According to speedtest.net: 8.21Mbps down 510kbps up >
On Wed, Jan 24, 2018 at 10:45:28AM -0800, Gurchetan Singh wrote: > On Wed, Jan 24, 2018 at 4:45 AM, Russell King - ARM Linux < > linux@armlinux.org.uk> wrote: > > So no, this is not an acceptable approach. > > > > Secondly, in light of spectre and meltdown, do we _really_ want to > > export cache flushing to userspace in any case - these attacks rely > > on being able to flush specific cache lines from the caches in order > > to do the timing attacks (while leaving others in place.) > > > Currently, 32-bit ARM does not export such flushing capabilities to > > userspace, which makes it very difficult (I'm not going to say > > impossible) to get any working proof-of-code program that even > > illustrates the timing attack. Exposing this functionality changes > > that game, and means that we're much more open to these exploits. > > (Some may say that you can flush cache lines by reading a large > > enough buffer - I'm aware, I've tried that, the results are too > > unreliable even for a simple attempt which doesn't involve crossing > > privilege boundaries.) > > > > Will using the DMA API (dma_sync_single_for_device / > dma_sync_sg_for_device) mitigate your Meltdown / Spectre concerns in any > way? I see no point in answering that question based on what you've written below (see below for why). > > Do you really need cacheable GPU buffers, or will write combining > > buffers (as we use elsewhere such as etnaviv) suffice? Please provide > > some _real_ _world_ performance measurements that demonstrate that > > there is a real need for this functionality. > > > My desire is for the vgem driver to work correctly on ARM, which requires > cache flushing. The mappings vgem itself creates are write combine. If the pages are mapped write-combine, they are by definition *not* cacheable, so there should be no cache flushing required. > The > issue is the pages retrieved on ARM architecture usually have to be flushed > before they can be used (see rockchip_gem_get_pages / tegra_bo_get_pages). > This patch set attempts to do the flushing in an architecture independent > manner (since vgem is intended to work on ARM / x86). I see rockchip_gem_get_pages() using shmem_read_mapping_page() to get the pages. That's more or less fine, we do that on Etnaviv too. (Side note: provided the pages are not coming from lowmem, as mapping lowmem pages are mapped cacheable, and if you also map them elsewhere as write-combine, you're stepping into some potential cache attribute issues.) How we deal with this in Etnaviv is to use dma_map_sg() after we get the pages - see etnaviv_gem_get_pages(), which calls the memory specific .get_pages method, and goes on to call etnaviv_gem_scatter_map(). There's no need for the faking up of a SG table that way, just let dma_map_sg() do whatever it needs to do. This means you're not abusing the DMA API, and if you have a system IOMMU in the way, as a bonus that gets setup for you. > There is some interest in cache-able DRM buffers (though, again, this > patchset is not about that). Renderscript accesses are very slow on ARM > and we keep shadow buffers to improve performance (see > crrev.com/602736). 404. > Jeffy > has done some tests with memcpys in our camera stack that shows > improvements (with caching --> 4 to 7 ms, without caching --> 20 to 90ms). > However, I do agree Spectre complicates things. At the moment, on 32-bit ARM, we have very little mitigation work for Spectre beyond the generic kernel work that is going on at the moment for all architectures, so I really do not want to introduce anything that makes 32-bit ARM more easily vulnerable to attack. That may change in the future (sorry, I can't say when), but right now I don't think we have much of an option.
On Wed, Jan 24, 2018 at 11:26 AM, Russell King - ARM Linux <linux@armlinux.org.uk> wrote: > On Wed, Jan 24, 2018 at 10:45:28AM -0800, Gurchetan Singh wrote: >> On Wed, Jan 24, 2018 at 4:45 AM, Russell King - ARM Linux < >> linux@armlinux.org.uk> wrote: >> > So no, this is not an acceptable approach. >> > >> > Secondly, in light of spectre and meltdown, do we _really_ want to >> > export cache flushing to userspace in any case - these attacks rely >> > on being able to flush specific cache lines from the caches in order >> > to do the timing attacks (while leaving others in place.) >> >> > Currently, 32-bit ARM does not export such flushing capabilities to >> > userspace, which makes it very difficult (I'm not going to say >> > impossible) to get any working proof-of-code program that even >> > illustrates the timing attack. Exposing this functionality changes >> > that game, and means that we're much more open to these exploits. >> > (Some may say that you can flush cache lines by reading a large >> > enough buffer - I'm aware, I've tried that, the results are too >> > unreliable even for a simple attempt which doesn't involve crossing >> > privilege boundaries.) >> > >> >> Will using the DMA API (dma_sync_single_for_device / >> dma_sync_sg_for_device) mitigate your Meltdown / Spectre concerns in any >> way? > > I see no point in answering that question based on what you've written > below (see below for why). > >> > Do you really need cacheable GPU buffers, or will write combining >> > buffers (as we use elsewhere such as etnaviv) suffice? Please provide >> > some _real_ _world_ performance measurements that demonstrate that >> > there is a real need for this functionality. >> >> >> My desire is for the vgem driver to work correctly on ARM, which requires >> cache flushing. The mappings vgem itself creates are write combine. > > If the pages are mapped write-combine, they are by definition *not* > cacheable, so there should be no cache flushing required. > >> The >> issue is the pages retrieved on ARM architecture usually have to be flushed >> before they can be used (see rockchip_gem_get_pages / tegra_bo_get_pages). >> This patch set attempts to do the flushing in an architecture independent >> manner (since vgem is intended to work on ARM / x86). > > I see rockchip_gem_get_pages() using shmem_read_mapping_page() to get > the pages. That's more or less fine, we do that on Etnaviv too. > > (Side note: provided the pages are not coming from lowmem, as mapping > lowmem pages are mapped cacheable, and if you also map them elsewhere > as write-combine, you're stepping into some potential cache attribute > issues.) > > How we deal with this in Etnaviv is to use dma_map_sg() after we get > the pages - see > > etnaviv_gem_get_pages(), which calls the memory specific .get_pages > method, and goes on to call etnaviv_gem_scatter_map(). > > There's no need for the faking up of a SG table that way, just let > dma_map_sg() do whatever it needs to do. This means you're not abusing > the DMA API, and if you have a system IOMMU in the way, as a bonus that > gets setup for you. Okay, so the recommended solution to my problem (vgem doesn't work on ARM) is to: 1) Create vgem_get_pages / vgem_put_pages functions. vgem_get_pages will be called from vgem_gem_fault (since currently vgem does delayed allocation) and vgem_pin_pages. 2) Call dma_map_sg() / dma_unmap_sg in vgem_get_pages / vgem_put_pages if the architecture is ARM. That works for me, if that works for everyone else. >> There is some interest in cache-able DRM buffers (though, again, this >> patchset is not about that). Renderscript accesses are very slow on ARM >> and we keep shadow buffers to improve performance (see >> crrev.com/602736). > > 404. Oops, the correct URL is crrev.com/c/602736. >> Jeffy >> has done some tests with memcpys in our camera stack that shows >> improvements (with caching --> 4 to 7 ms, without caching --> 20 to 90ms). >> However, I do agree Spectre complicates things. > > At the moment, on 32-bit ARM, we have very little mitigation work for > Spectre beyond the generic kernel work that is going on at the moment > for all architectures, so I really do not want to introduce anything > that makes 32-bit ARM more easily vulnerable to attack. Fair enough. >That may change in the future (sorry, I can't say when), but right now I don't > think we have much of an option. > > -- > RMK's Patch system: http://www.armlinux.org.uk/developer/patches/ > FTTC broadband for 0.8mile line in suburbia: sync at 8.8Mbps down 630kbps up > According to speedtest.net: 8.21Mbps down 510kbps up
On Tue, Jan 23, 2018 at 06:56:03PM -0800, Gurchetan Singh wrote: > The dma_cache_maint_page function is important for cache maintenance on > ARM32 (this was determined via testing). > > Since we desire direct control of the caches in drm_cache.c, let's make > a copy of the function, rename it and use it. > > v2: Don't use DMA API, call functions directly (Daniel) > > Signed-off-by: Gurchetan Singh <gurchetansingh@chromium.org> fwiw, in principle, this approach has my Ack from the drm side. But if we can't get any agreement from the arch side then I guess we'll just have to suck it up and mandate that any dma-buf on ARM32 must be wc mapped, always. Not sure that's a good idea either, but should at least get things moving. -Daniel > --- > drivers/gpu/drm/drm_cache.c | 61 +++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 61 insertions(+) > > diff --git a/drivers/gpu/drm/drm_cache.c b/drivers/gpu/drm/drm_cache.c > index 89cdd32fe1f3..5124582451c6 100644 > --- a/drivers/gpu/drm/drm_cache.c > +++ b/drivers/gpu/drm/drm_cache.c > @@ -69,6 +69,55 @@ static void drm_cache_flush_clflush(struct page *pages[], > } > #endif > > +#if defined(CONFIG_ARM) > +static void drm_cache_maint_page(struct page *page, unsigned long offset, > + size_t size, enum dma_data_direction dir, > + void (*op)(const void *, size_t, int)) > +{ > + unsigned long pfn; > + size_t left = size; > + > + pfn = page_to_pfn(page) + offset / PAGE_SIZE; > + offset %= PAGE_SIZE; > + > + /* > + * A single sg entry may refer to multiple physically contiguous > + * pages. But we still need to process highmem pages individually. > + * If highmem is not configured then the bulk of this loop gets > + * optimized out. > + */ > + do { > + size_t len = left; > + void *vaddr; > + > + page = pfn_to_page(pfn); > + > + if (PageHighMem(page)) { > + if (len + offset > PAGE_SIZE) > + len = PAGE_SIZE - offset; > + > + if (cache_is_vipt_nonaliasing()) { > + vaddr = kmap_atomic(page); > + op(vaddr + offset, len, dir); > + kunmap_atomic(vaddr); > + } else { > + vaddr = kmap_high_get(page); > + if (vaddr) { > + op(vaddr + offset, len, dir); > + kunmap_high(page); > + } > + } > + } else { > + vaddr = page_address(page) + offset; > + op(vaddr, len, dir); > + } > + offset = 0; > + pfn++; > + left -= len; > + } while (left); > +} > +#endif > + > /** > * drm_flush_pages - Flush dcache lines of a set of pages. > * @pages: List of pages to be flushed. > @@ -104,6 +153,12 @@ drm_flush_pages(struct page *pages[], unsigned long num_pages) > (unsigned long)page_virtual + PAGE_SIZE); > kunmap_atomic(page_virtual); > } > +#elif defined(CONFIG_ARM) > + unsigned long i; > + > + for (i = 0; i < num_pages; i++) > + drm_cache_maint_page(pages[i], 0, PAGE_SIZE, DMA_TO_DEVICE, > + dmac_map_area); > #else > pr_err("Architecture has no drm_cache.c support\n"); > WARN_ON_ONCE(1); > @@ -135,6 +190,12 @@ drm_flush_sg(struct sg_table *st) > > if (wbinvd_on_all_cpus()) > pr_err("Timed out waiting for cache flush\n"); > +#elif defined(CONFIG_ARM) > + struct sg_page_iter sg_iter; > + > + for_each_sg_page(st->sgl, &sg_iter, st->nents, 0) > + drm_cache_maint_page(sg_page_iter_page(&sg_iter), 0, PAGE_SIZE, > + DMA_TO_DEVICE, dmac_map_area); > #else > pr_err("Architecture has no drm_cache.c support\n"); > WARN_ON_ONCE(1); > -- > 2.13.5 > > _______________________________________________ > dri-devel mailing list > dri-devel@lists.freedesktop.org > https://lists.freedesktop.org/mailman/listinfo/dri-devel
On Tue, Jan 30, 2018 at 11:14:36AM +0100, Daniel Vetter wrote: > On Tue, Jan 23, 2018 at 06:56:03PM -0800, Gurchetan Singh wrote: > > The dma_cache_maint_page function is important for cache maintenance on > > ARM32 (this was determined via testing). > > > > Since we desire direct control of the caches in drm_cache.c, let's make > > a copy of the function, rename it and use it. > > > > v2: Don't use DMA API, call functions directly (Daniel) > > > > Signed-off-by: Gurchetan Singh <gurchetansingh@chromium.org> > > fwiw, in principle, this approach has my Ack from the drm side. > > But if we can't get any agreement from the arch side then I guess we'll > just have to suck it up and mandate that any dma-buf on ARM32 must be wc > mapped, always. Not sure that's a good idea either, but should at least > get things moving. Let me expand on my objection, as I find your tone to be problematical here. The patch 2 (which is the earliest patch in this series) makes use of facilities such as dmac_map_area(), and those are defined as macros in arch/arm/mm/mm.h. I see no way that drm_cache.c can pick up on that _unless_ there's another patch (maybe that's patch 1) which moves the definition. dmac_map_area() is non-trivial to export (it's not a function, it's macro which either points to a function or a function pointer structure member) so it's likely that this patch also breaks building DRM as a module. We've been here before with drivers abusing the architecture private APIs, which is _exactly_ why dmac_map_area() is defined in arch/arm/mm.h and not in some kernel-wide asm header file - it's an implementation detail of the architectures DMA API that drivers have no business mucking about with. I've always said if the interfaces don't do what you want, talk to architecture people, don't go poking about in architecture private parts of the kernel and start abusing stuff. I say this because years ago, we had people doing _exactly_ that for the older virtually cached ARMs. Then ARMv6 came along, which needed an entire revamp of the architecture cache interfaces, and lo and behold, drivers got broken because of this kind of abuse. IOW, abusing interfaces makes kernel maintenance harder. For example, interfaces designed for flushing the cache when page tables get torn down were abused in drivers to flush data for DMA or coherency purposes, which meant that on ARMv6, where we no longer needed to flush for page table maintenance, suddenly the interfaces that drivers were using became no-ops. In this case, dmac_map_area() exists to perform any cache maintenance for the kernel view of that memory required for a non-coherent DMA mapping. What it does depends on the processsor and the requested DMA_xxx type - it _may_ invalidate (discard) or clean (writeback but leave in the cache) cache lines, or do nothing. dmac_unmap_area() has the same issues - what it does depends on what operation is being requested and what the processor requires to achieve coherency. The two functions are designed to work _together_, dmac_map_area() before the DMA operation and dmac_unmap_area() after the DMA operation. Only when they are both used together do you get the correct behaviour. These functions are only guaranteed to operate on the kernel mapping passed in as virtual addresses to the dmac_* functions. They make no guarantees about other mappings of the same memory elsewhere in the system, which, depending on the architecture of the caches, may also contain dirty cache lines (the same comment applies to the DMA API too.) On certain cache architectures (VIPT) where colouring effects apply, flushing the kernel mapping may not even be appropriate if the desired effect is to flush data from a user mapping. This is exactly why abusing APIs (like what is done in this patch) is completely unacceptable from the architecture point of view - while it may _appear_ to work, it may only work for one class of CPU or one implementation. Hence why the dmac_{un,}map_area() interfaces are not exported to drivers. You can't just abuse one of them. They are a pair that must be used together, and the DMA API knows that, and the DMA API requirements ensure that happens. It's not really surprising, these functions were written to support the DMA API, and the DMA API is the kernel-wide interface to these functions.
On Tue, Jan 30, 2018 at 12:31 PM, Russell King - ARM Linux <linux@armlinux.org.uk> wrote: > On Tue, Jan 30, 2018 at 11:14:36AM +0100, Daniel Vetter wrote: >> On Tue, Jan 23, 2018 at 06:56:03PM -0800, Gurchetan Singh wrote: >> > The dma_cache_maint_page function is important for cache maintenance on >> > ARM32 (this was determined via testing). >> > >> > Since we desire direct control of the caches in drm_cache.c, let's make >> > a copy of the function, rename it and use it. >> > >> > v2: Don't use DMA API, call functions directly (Daniel) >> > >> > Signed-off-by: Gurchetan Singh <gurchetansingh@chromium.org> >> >> fwiw, in principle, this approach has my Ack from the drm side. >> >> But if we can't get any agreement from the arch side then I guess we'll >> just have to suck it up and mandate that any dma-buf on ARM32 must be wc >> mapped, always. Not sure that's a good idea either, but should at least >> get things moving. > > Let me expand on my objection, as I find your tone to be problematical > here. > > The patch 2 (which is the earliest patch in this series) makes use of > facilities such as dmac_map_area(), and those are defined as macros in > arch/arm/mm/mm.h. I see no way that drm_cache.c can pick up on that > _unless_ there's another patch (maybe that's patch 1) which moves the > definition. > > dmac_map_area() is non-trivial to export (it's not a function, it's > macro which either points to a function or a function pointer structure > member) so it's likely that this patch also breaks building DRM as a > module. > > We've been here before with drivers abusing the architecture private APIs, > which is _exactly_ why dmac_map_area() is defined in arch/arm/mm.h and not > in some kernel-wide asm header file - it's an implementation detail of the > architectures DMA API that drivers have no business mucking about with. > > I've always said if the interfaces don't do what you want, talk to > architecture people, don't go poking about in architecture private parts > of the kernel and start abusing stuff. I say this because years ago, we > had people doing _exactly_ that for the older virtually cached ARMs. Then > ARMv6 came along, which needed an entire revamp of the architecture cache > interfaces, and lo and behold, drivers got broken because of this kind of > abuse. IOW, abusing interfaces makes kernel maintenance harder. > > For example, interfaces designed for flushing the cache when page tables > get torn down were abused in drivers to flush data for DMA or coherency > purposes, which meant that on ARMv6, where we no longer needed to flush > for page table maintenance, suddenly the interfaces that drivers were > using became no-ops. > > In this case, dmac_map_area() exists to perform any cache maintenance > for the kernel view of that memory required for a non-coherent DMA > mapping. What it does depends on the processsor and the requested > DMA_xxx type - it _may_ invalidate (discard) or clean (writeback but > leave in the cache) cache lines, or do nothing. > > dmac_unmap_area() has the same issues - what it does depends on what > operation is being requested and what the processor requires to > achieve coherency. > > The two functions are designed to work _together_, dmac_map_area() > before the DMA operation and dmac_unmap_area() after the DMA operation. > Only when they are both used together do you get the correct behaviour. > > These functions are only guaranteed to operate on the kernel mapping > passed in as virtual addresses to the dmac_* functions. They make no > guarantees about other mappings of the same memory elsewhere in the > system, which, depending on the architecture of the caches, may also > contain dirty cache lines (the same comment applies to the DMA API too.) > On certain cache architectures (VIPT) where colouring effects apply, > flushing the kernel mapping may not even be appropriate if the desired > effect is to flush data from a user mapping. > > This is exactly why abusing APIs (like what is done in this patch) is > completely unacceptable from the architecture point of view - while > it may _appear_ to work, it may only work for one class of CPU or one > implementation. > > Hence why the dmac_{un,}map_area() interfaces are not exported to > drivers. You can't just abuse one of them. They are a pair that > must be used together, and the DMA API knows that, and the DMA API > requirements ensure that happens. It's not really surprising, these > functions were written to support the DMA API, and the DMA API is > the kernel-wide interface to these functions. With "in principle" I meant that from a design pov I think it's totally fine if drm drivers do implement their own cache management. The implementation isn't fine, since it misses the invalidate/flush pair (which happens to be the same on x86), largely also because the CrOS use-case is very limited. I commented on that in the previous discussion, the current proposed changes. It's also clear that any such usage essentially makes the driver very tied to the platform it's running on. I think that's also fine. Like I said, drivers/gpu is already full of such hacks. I also don't care what we end up caling these (there's a patch 1, somehow the threading is broken and it's not part of the patch series). I think in an ideal world we'd split the dma_sync* stuff into a struct device and cpu specific parts. Plus figure out clear semantics for dma-buf around who must flush when, and how exactly snooped vs. non-snooped bus transactions are agreed on. And also fix up all the existing drivers ofc. But there's no one even close to willing to do all that work, so realistically muddling on is the one option we do have. -Daniel
diff --git a/drivers/gpu/drm/drm_cache.c b/drivers/gpu/drm/drm_cache.c index 89cdd32fe1f3..5124582451c6 100644 --- a/drivers/gpu/drm/drm_cache.c +++ b/drivers/gpu/drm/drm_cache.c @@ -69,6 +69,55 @@ static void drm_cache_flush_clflush(struct page *pages[], } #endif +#if defined(CONFIG_ARM) +static void drm_cache_maint_page(struct page *page, unsigned long offset, + size_t size, enum dma_data_direction dir, + void (*op)(const void *, size_t, int)) +{ + unsigned long pfn; + size_t left = size; + + pfn = page_to_pfn(page) + offset / PAGE_SIZE; + offset %= PAGE_SIZE; + + /* + * A single sg entry may refer to multiple physically contiguous + * pages. But we still need to process highmem pages individually. + * If highmem is not configured then the bulk of this loop gets + * optimized out. + */ + do { + size_t len = left; + void *vaddr; + + page = pfn_to_page(pfn); + + if (PageHighMem(page)) { + if (len + offset > PAGE_SIZE) + len = PAGE_SIZE - offset; + + if (cache_is_vipt_nonaliasing()) { + vaddr = kmap_atomic(page); + op(vaddr + offset, len, dir); + kunmap_atomic(vaddr); + } else { + vaddr = kmap_high_get(page); + if (vaddr) { + op(vaddr + offset, len, dir); + kunmap_high(page); + } + } + } else { + vaddr = page_address(page) + offset; + op(vaddr, len, dir); + } + offset = 0; + pfn++; + left -= len; + } while (left); +} +#endif + /** * drm_flush_pages - Flush dcache lines of a set of pages. * @pages: List of pages to be flushed. @@ -104,6 +153,12 @@ drm_flush_pages(struct page *pages[], unsigned long num_pages) (unsigned long)page_virtual + PAGE_SIZE); kunmap_atomic(page_virtual); } +#elif defined(CONFIG_ARM) + unsigned long i; + + for (i = 0; i < num_pages; i++) + drm_cache_maint_page(pages[i], 0, PAGE_SIZE, DMA_TO_DEVICE, + dmac_map_area); #else pr_err("Architecture has no drm_cache.c support\n"); WARN_ON_ONCE(1); @@ -135,6 +190,12 @@ drm_flush_sg(struct sg_table *st) if (wbinvd_on_all_cpus()) pr_err("Timed out waiting for cache flush\n"); +#elif defined(CONFIG_ARM) + struct sg_page_iter sg_iter; + + for_each_sg_page(st->sgl, &sg_iter, st->nents, 0) + drm_cache_maint_page(sg_page_iter_page(&sg_iter), 0, PAGE_SIZE, + DMA_TO_DEVICE, dmac_map_area); #else pr_err("Architecture has no drm_cache.c support\n"); WARN_ON_ONCE(1);
The dma_cache_maint_page function is important for cache maintenance on ARM32 (this was determined via testing). Since we desire direct control of the caches in drm_cache.c, let's make a copy of the function, rename it and use it. v2: Don't use DMA API, call functions directly (Daniel) Signed-off-by: Gurchetan Singh <gurchetansingh@chromium.org> --- drivers/gpu/drm/drm_cache.c | 61 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 61 insertions(+)