From patchwork Tue Feb 20 07:29:22 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ankit Agrawal X-Patchwork-Id: 13563526 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id 2C53DC48BC3 for ; Tue, 20 Feb 2024 07:30:01 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 9E6716B0078; Tue, 20 Feb 2024 02:30:00 -0500 (EST) Received: by kanga.kvack.org (Postfix, from userid 40) id 996756B007E; Tue, 20 Feb 2024 02:30:00 -0500 (EST) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 836BD6B0087; Tue, 20 Feb 2024 02:30:00 -0500 (EST) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0016.hostedemail.com [216.40.44.16]) by kanga.kvack.org (Postfix) with ESMTP id 6F8F26B0078 for ; Tue, 20 Feb 2024 02:30:00 -0500 (EST) Received: from smtpin17.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay10.hostedemail.com (Postfix) with ESMTP id 206FAC059D for ; Tue, 20 Feb 2024 07:30:00 +0000 (UTC) X-FDA: 81811358160.17.08B3B2A Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam04on2057.outbound.protection.outlook.com [40.107.102.57]) by imf13.hostedemail.com (Postfix) with ESMTP id 375DF20016 for ; Tue, 20 Feb 2024 07:29:57 +0000 (UTC) Authentication-Results: imf13.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=ohYVfK3p; spf=pass (imf13.hostedemail.com: domain of ankita@nvidia.com designates 40.107.102.57 as permitted sender) smtp.mailfrom=ankita@nvidia.com; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1708414197; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:content-transfer-encoding:in-reply-to: references:dkim-signature; bh=kLg9l0N1ZhXakgNXLBabKwRi9c/pB2sSLQt11etlN3Y=; b=EM4t5eAo/tukeJEEJXz76eLPBVyoNVVvP94szUUaZf/hGCnCGVpLiJf/iIFNHTzRJI3wqr Bjfh+d5oXkGGWBKOuVjXdi84/l93IHVisqrumAD3emS7N7HaplCl++Qd0RXHHETFy6pEh6 lFEr5nDLlQmdo97+9OF54Z75WbcVPH8= ARC-Seal: i=2; s=arc-20220608; d=hostedemail.com; t=1708414197; a=rsa-sha256; cv=pass; b=hlf0Pxw/BpTI+XZ/PorAGtghQ97wzxWZ1HOLpXc95EyHJjbq+d62X27gxmmUTqHiIAASe5 Dqi8SIAnoTue0YYqaNxKdTUDCWmTzNx1490qZ9XHw8HllWe5sG6AuLyDXbF/VDeSYca9lN C+w8iFBIocLEC6xNy9miB2Wn5X4nrJQ= ARC-Authentication-Results: i=2; imf13.hostedemail.com; dkim=pass header.d=Nvidia.com header.s=selector2 header.b=ohYVfK3p; spf=pass (imf13.hostedemail.com: domain of ankita@nvidia.com designates 40.107.102.57 as permitted sender) smtp.mailfrom=ankita@nvidia.com; dmarc=pass (policy=reject) header.from=nvidia.com; arc=pass ("microsoft.com:s=arcselector9901:i=1") ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=dRjSCs89nQkYsTjji8i8eMjJL6tm5dDIff0qKUU3aG5ckRbJoTUWF6u1so1FUwZdUl+w14NysVPUvXGUEKCwwycV1+J6gyIQGK+25x1AwKyW4JDh2y3YHzae8D0kp/kq+kQ3qdCwFPWsUIW7JfSR7QTI2SszJD9RCkZHztmvuwm9aIVLW65Z9qM0JSycdmXYfrx0ncVi6KDeMRJPPE1jb6axCakS8tGPpZs4UFmgKx1PNSEVumBxBVdVsA3v5fIUCk0vcFAxNC7nlp5yCtr+D8mpVTV9UzNKDrGMzEJeolBLLnR4t1+kp9n0a4CNQNBOgWB1nd0De+3IVG2NrkwaAA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kLg9l0N1ZhXakgNXLBabKwRi9c/pB2sSLQt11etlN3Y=; b=RFoY/6lrbOnRHo2drSXM1cp+YG2jUbRbpwja5qFaufCEdqqp8KQKgC9zYir3a4sTY+OIT7AQMFl0SvxlCYaEUE9vtOfMYtAUtdhXT5S0mi4f/zFsQ4ZS11LxiMhNFpP7KM13TuFkeAp+SDDxY+MVttH9Wx2hucVYHFR/T1zWI2CcKcNY4y3jim0XN6cVo0H9UifV0d21xc80yGnCTx2uLcINz1SdXm1SuWbvURwUZM8bRoPE51FTdic37LXB6L29ZXQJzNl6w5yOSEkLNFktO889zfptIArAe8x/1lAVSGZEYgfWSQG4NwURGSQe7oxTh+8fEPxXiAhPRrYJMhmRZQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 216.228.117.161) smtp.rcpttodomain=kernel.org smtp.mailfrom=nvidia.com; dmarc=pass (p=reject sp=reject pct=100) action=none header.from=nvidia.com; dkim=none (message not signed); arc=none (0) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Nvidia.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kLg9l0N1ZhXakgNXLBabKwRi9c/pB2sSLQt11etlN3Y=; b=ohYVfK3perfQybKNmFA5/qpEX5Tv9H2A5jvEs3Nkg7P+V2YNXP4HyPjVY+knxEMPbzu8fAms7jzIl5Etfzi15glFQauNbu1jVXVkYhjYKJCOhpoipdWiZMjSHq+WY021rPtmZR090Tv5xIrELwJYAdJyAPV2hW4dK5ndEB/P+R4mKmLPn26149rS9EJb/qLTuhNxcFDHwqcO5BEbLAj2s9zGu/1W8HkGEngwRcoWRfaz2JJDJAZlPbWgH/KbFhNTIab6nQVZ+DJ3obJ0qLvObNQmB6EwPcApwMZ1VD8nC8LUFSNf4HSn2voxoE7prG91Oc1MZF/xsj4lKTj3ypUw/g== Received: from DM6PR06CA0056.namprd06.prod.outlook.com (2603:10b6:5:54::33) by CH2PR12MB4327.namprd12.prod.outlook.com (2603:10b6:610:7d::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7316.20; Tue, 20 Feb 2024 07:29:54 +0000 Received: from DS1PEPF00017094.namprd03.prod.outlook.com (2603:10b6:5:54:cafe::9d) by DM6PR06CA0056.outlook.office365.com (2603:10b6:5:54::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.39 via Frontend Transport; Tue, 20 Feb 2024 07:29:53 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 216.228.117.161) smtp.mailfrom=nvidia.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=nvidia.com; Received-SPF: Pass (protection.outlook.com: domain of nvidia.com designates 216.228.117.161 as permitted sender) receiver=protection.outlook.com; client-ip=216.228.117.161; helo=mail.nvidia.com; pr=C Received: from mail.nvidia.com (216.228.117.161) by DS1PEPF00017094.mail.protection.outlook.com (10.167.17.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7292.25 via Frontend Transport; Tue, 20 Feb 2024 07:29:53 +0000 Received: from rnnvmail204.nvidia.com (10.129.68.6) by mail.nvidia.com (10.129.200.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.986.41; Mon, 19 Feb 2024 23:29:42 -0800 Received: from rnnvmail202.nvidia.com (10.129.68.7) by rnnvmail204.nvidia.com (10.129.68.6) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12; Mon, 19 Feb 2024 23:29:41 -0800 Received: from sgarnayak-dt.nvidia.com (10.127.8.9) by mail.nvidia.com (10.129.68.7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1258.12 via Frontend Transport; Mon, 19 Feb 2024 23:29:28 -0800 From: To: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , CC: , , , , , , , , , , , , , , Subject: [PATCH v8 0/4] kvm: arm64: allow the VM to select DEVICE_* and NORMAL_NC for IO memory Date: Tue, 20 Feb 2024 12:59:22 +0530 Message-ID: <20240220072926.6466-1-ankita@nvidia.com> X-Mailer: git-send-email 2.17.1 MIME-Version: 1.0 X-NV-OnPremToCloud: ExternallySecured X-EOPAttributedMessage: 0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: DS1PEPF00017094:EE_|CH2PR12MB4327:EE_ X-MS-Office365-Filtering-Correlation-Id: 025274fa-3c38-40f8-8fc5-08dc31e5bb40 X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: F3v6yGOOPcDfjGC+Hg3AA88EduvG4M2Pmw0iJSFVGkULg0NJUmZHSlzFm+jannt5Pq4kiRilpKetdMwmvWxNTzHWuhKwl2i0V3lMOQ/xrKt4UbzKh47Fhaoac0930lmcBswYeeshmOqgbLQfn4detwsJKUpq6p1L/0M1OekbwE8488wO66jK5CTaXnT0Bn6mQqZQviIbOH3BowxXlhOLypJJIhXEB9DDYgfR2xAi7h4xpIg3xExuXB7jpFdcKVoH3ai6z02vFjg1bQ20Diu6lidBQFBlnNLY5iDXCZO8g3eNhil2r12mBxfgkz/ugKbMrVNbu1RxskuQx4OnACh6E7SqpkghZeBOYmJEOaEQDFBp6YjexeFRe5i0g+caTpx7g0GKI2byQKFrG+L/yn9i55KV9oxWDPpImUqdWZUe6poxn3DoJMTUpHKnILtuVQ2lGlxaChlsW4rw0KkKW7XFkB489I15r+p3vdBVuMIpeLwBz1cv2oVdGmixyNC0JIRdiBk5nWzEFgMJKZnVrcRxYje/zxt/M5QpWt0thzzqZwKMhw+947GrSNVelA8fV3cZpG9pJHhnlOP6FFRlOo6Pg7FqFfruMXJjXpF1hmbYwLRgqd1BhcS7WDUczvG6mUAgCblmT5PDeMZSgyMdaXxvsTBdVX3kqGVHRLIzi2HmD3//E5D8FIEQ8yDLBhsmYHgEKqGTtQBO7TPkoTIKElu1Ow== X-Forefront-Antispam-Report: CIP:216.228.117.161;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:mail.nvidia.com;PTR:dc6edge2.nvidia.com;CAT:NONE;SFS:(13230031)(230273577357003)(36860700004)(40470700004)(46966006)(921011);DIR:OUT;SFP:1101; X-OriginatorOrg: Nvidia.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 20 Feb 2024 07:29:53.6735 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 025274fa-3c38-40f8-8fc5-08dc31e5bb40 X-MS-Exchange-CrossTenant-Id: 43083d15-7273-40c1-b7db-39efd9ccc17a X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=43083d15-7273-40c1-b7db-39efd9ccc17a;Ip=[216.228.117.161];Helo=[mail.nvidia.com] X-MS-Exchange-CrossTenant-AuthSource: DS1PEPF00017094.namprd03.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH2PR12MB4327 X-Rspamd-Queue-Id: 375DF20016 X-Rspam-User: X-Stat-Signature: x47qhnnjx8uwba4yixcshgj6yp1n7kto X-Rspamd-Server: rspam03 X-HE-Tag: 1708414197-467118 X-HE-Meta: U2FsdGVkX19viO17XgtIauY+cRwx4827jEaLBZutnmQfvw14G7tRzwOjjNhuVu1czD8nZHrs6H6gUCaV5k7mu27/3pZUF6ghJQDIJsACCRboR5d9Ffj2/jZP8vqgr9Z3ymE+QU+vj7lMmSq2vzi0hfCkFfWOdqLOUjsET8WavIVW6cMRiDQg6gF8+44VqQh/49knFxDoOCb0UzeHFmznqaHLocAgzReMv48rF33SUGdI+8MUg7EW02vE4k7lmcB/XsxRKmc2Na1ZEaeUoq9krVMRluSyi1I9PY8acipjUA3w82ZxVrrdK0gMYsnRcatJE9TLopAStxXnt3IJwUcyb8XPlzpVqMV+KUjD6e2lgsbt/SIxylMVqxA9foG7Y4pAQ9GElIVwZmiGTiRXxQT8xOB2HySw1jES+tfWBTjRwSrOjKSNy+0llSNKy3fqOuOsNpaux/BfcOGJ6tW53BLcoqk/gE5zUCijb8ZAwmf9Bhh2dxUY/xlDcmYglBb5JWh1k+KMMJjCBPxeCyQM1jdeiuK1ztPUh/ooRDjIW8TGORnIf6P4fdBlVnDULwCfmH3d+IweLbsQ06DfubfUiBXm/LwHEOXZIjQHiUQ48qhEvKUgJDijfvBIA+6Bh6MTynBOfyxzFiL0mdLhXsvV3X8JM2A91qBqdJNvyAUC1P9qprYXPZEp8Ce/+0lyPlarFAcnCDlKwh/14P/gjtvVRPo5hlBDdI/+i32ij5nPRmvb0GCt6e7obNsFZAUKq/7/MZ/de9WB4CsOCBLOggnd+tWyVKX9NXErq4XKSlfAYw55vftReflmBvoEIv6caJPhaqWcwn3FnnJYeuWEa0XvYpgCZrtq8IoFKvSdtEoWweqtiGKzXPIV+7Kfn66STxLL8rgKV3r9gOGOLhuHOXzQHXNLjWQEgDzlAMmeT1D3ZLyUqRIZpb7LjY/KSxNh8kbyYtRv81UGVMSPArKZkSrFDgY GdkRaZtL rYmnegU9k6ZfH1hrcrq4b0EOqPgpIYBGXL1vjMWB8GHOhb8ITZu216VHtoU+4Uo1eKyGGKXGsLx0e+sR9bYyiXCQWgKb2aO0SC4W6+y7FQLxi6dBgRVjGG/r5btdfwtdTEiTausKTnAkd5heujXI/gKUzOY4RLMfv3/NggxFyImGaHUgnTQn8kdV1NxQGkD4tkCOGfBeNCQEQly0jalCg3HVVB9v733CB4/X9zyFOLPacd00fB1pHd4m4IU8OYbHbciwVrYzU36aee4vKkDlXo/RB+/r425I4Uej5xjcqxXzToRSWE6L8J3rNsDxNL838BYccGVaeBcz9sj73I3p+Md1tmFrD7/AS8cCYzXa9H1sEf/oB6qdgLHoPs/AXFS3daQ7GH0A0xqdJgK0= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: From: Ankit Agrawal Currently, KVM for ARM64 maps at stage 2 memory that is considered device with DEVICE_nGnRE memory attributes; this setting overrides (per ARM architecture [1]) any device MMIO mapping present at stage 1, resulting in a set-up whereby a guest operating system cannot determine device MMIO mapping memory attributes on its own but it is always overridden by the KVM stage 2 default. This set-up does not allow guest operating systems to select device memory attributes independently from KVM stage-2 mappings (refer to [1], "Combining stage 1 and stage 2 memory type attributes"), which turns out to be an issue in that guest operating systems (e.g. Linux) may request to map devices MMIO regions with memory attributes that guarantee better performance (e.g. gathering attribute - that for some devices can generate larger PCIe memory writes TLPs) and specific operations (e.g. unaligned transactions) such as the NormalNC memory type. The default device stage 2 mapping was chosen in KVM for ARM64 since it was considered safer (i.e. it would not allow guests to trigger uncontained failures ultimately crashing the machine) but this turned out to be asynchronous (SError) defeating the purpose. For these reasons, relax the KVM stage 2 device memory attributes from DEVICE_nGnRE to Normal-NC. Generalizing to other devices may be problematic, however. E.g. GICv2 VCPU interface, which is effectively a shared peripheral, can allow a guest to affect another guest's interrupt distribution. Hence limit the change to VFIO PCI as caution. This is achieved by making the VFIO PCI core module set a flag that is tested by KVM to activate the code. This could be extended to other devices in the future once that is deemed safe. [1] section D8.5 - DDI0487J_a_a-profile_architecture_reference_manual.pdf Applied over v6.8-rc5. History ======= v7 -> v8 - Changed commit message of patches 2/4 and 4/4 to include detailed description of the VM_ALLOW_ANY_UNCACHED flag posted by Jason in the commit message. - Added more detailed comment in the vfio_pci_core about VM_ALLOW_ANY_UNCACHED flag. - Rebased to v6.8-rc5. v6 -> v7 - Changed VM_VFIO_ALLOW_WC to VM_ALLOW_ANY_UNCACHED based on suggestion from Alex Williamson. - Refactored stage2_set_prot_attr() based on Will's suggestion to reorganize the switch cases. Also updated the case to return -EINVAL when both KVM_PGTABLE_PROT_DEVICE and KVM_PGTABLE_PROT_NORMAL_NC set. - Fixed nits pointed by Oliver and Catalin. v5 -> v6 - Rebased to v6.8-rc2 v4 -> v5 - Moved the cover letter description text to patch 1/4. - Cleaned up stage2_set_prot_attr() based on Marc Zyngier suggestions. - Moved the mm header file changes to a separate patch. - Rebased to v6.7-rc3. v3 -> v4 - Moved the vfio-pci change to use the VM_VFIO_ALLOW_WC into separate patch. - Added check to warn on the case NORMAL_NC and DEVICE are set simultaneously. - Fixed miscellaneous nitpicks suggested in v3. v2 -> v3 - Added a new patch (and converted to patch series) suggested by Catalin Marinas to ensure the code changes are restricted to VFIO PCI devices. - Introduced VM_VFIO_ALLOW_WC flag for VFIO PCI to communicate with VMM. - Reverted GIC mapping to DEVICE. v1 -> v2 - Updated commit log to the one posted by Lorenzo Pieralisi (Thanks!) - Added new flag to represent the NORMAL_NC setting. Updated stage2_set_prot_attr() to handle new flag. v7 Link: https://lore.kernel.org/all/20240211174705.31992-1-ankita@nvidia.com/ Suggested-by: Jason Gunthorpe Acked-by: Catalin Marinas Signed-off-by: Ankit Agrawal Ankit Agrawal (4): kvm: arm64: introduce new flag for non-cacheable IO memory mm: introduce new flag to indicate wc safe kvm: arm64: set io memory s2 pte as normalnc for vfio pci device vfio: convey kvm that the vfio-pci device is wc safe arch/arm64/include/asm/kvm_pgtable.h | 2 ++ arch/arm64/include/asm/memory.h | 2 ++ arch/arm64/kvm/hyp/pgtable.c | 24 +++++++++++++++++++----- arch/arm64/kvm/mmu.c | 14 ++++++++++---- drivers/vfio/pci/vfio_pci_core.c | 18 +++++++++++++++++- include/linux/mm.h | 14 ++++++++++++++ 6 files changed, 64 insertions(+), 10 deletions(-) Reviewed-by: Marc Zyngier