@@ -862,7 +862,7 @@ static struct dma_pte *pfn_to_dma_pte(struct dmar_domain *domain,
if (domain->use_first_level)
pteval |= DMA_FL_PTE_XD | DMA_FL_PTE_US | DMA_FL_PTE_ACCESS;
- if (cmpxchg64(&pte->val, 0ULL, pteval))
+ if (dma_set_pte(pte, pteval))
/* Someone else set it while we were thinking; use theirs. */
iommu_free_page(tmp_page);
else
@@ -934,7 +934,8 @@ static void dma_pte_clear_range(struct dmar_domain *domain,
continue;
}
do {
- dma_clear_pte(pte);
+ if (dma_pte_present(pte))
+ dma_clear_pte(pte);
start_pfn += lvl_to_nr_pages(large_page);
pte++;
} while (start_pfn <= last_pfn && !first_pte_in_page(pte));
@@ -975,7 +976,8 @@ static void dma_pte_free_level(struct dmar_domain *domain, int level,
*/
if (level < retain_level && !(start_pfn > level_pfn ||
last_pfn < level_pfn + level_size(level) - 1)) {
- dma_clear_pte(pte);
+ if (dma_pte_present(pte))
+ dma_clear_pte(pte);
domain_flush_cache(domain, pte, sizeof(*pte));
iommu_free_page(level_pte);
}
@@ -1006,12 +1008,13 @@ static void dma_pte_free_pagetable(struct dmar_domain *domain,
}
}
-/* When a page at a given level is being unlinked from its parent, we don't
- need to *modify* it at all. All we need to do is make a list of all the
- pages which can be freed just as soon as we've flushed the IOTLB and we
- know the hardware page-walk will no longer touch them.
- The 'pte' argument is the *parent* PTE, pointing to the page that is to
- be freed. */
+/*
+ * A given page at a given level is being unlinked from its parent.
+ * We need to make a list of all the pages which can be freed just as soon as
+ * we've flushed the IOTLB and we know the hardware page-walk will no longer
+ * touch them. The 'pte' argument is the *parent* PTE, pointing to the page
+ * that is to be freed.
+ */
static void dma_pte_list_pagetables(struct dmar_domain *domain,
int level, struct dma_pte *pte,
struct list_head *freelist)
@@ -1019,17 +1022,21 @@ static void dma_pte_list_pagetables(struct dmar_domain *domain,
struct page *pg;
pg = pfn_to_page(dma_pte_addr(pte) >> PAGE_SHIFT);
- list_add_tail(&pg->lru, freelist);
-
- if (level == 1)
- return;
-
pte = page_address(pg);
+
do {
- if (dma_pte_present(pte) && !dma_pte_superpage(pte))
- dma_pte_list_pagetables(domain, level - 1, pte, freelist);
+ if (dma_pte_present(pte)) {
+ if (level > 1 && !dma_pte_superpage(pte)) {
+ dma_pte_list_pagetables(domain, level - 1, pte,
+ freelist);
+ }
+ dma_clear_pte(pte);
+ }
pte++;
} while (!first_pte_in_page(pte));
+
+ page_mapcount_reset(pg);
+ list_add_tail(&pg->lru, freelist);
}
static void dma_pte_clear_level(struct dmar_domain *domain, int level,
@@ -1093,6 +1100,7 @@ static void domain_unmap(struct dmar_domain *domain, unsigned long start_pfn,
/* free pgd */
if (start_pfn == 0 && last_pfn == DOMAIN_MAX_PFN(domain->gaw)) {
struct page *pgd_page = virt_to_page(domain->pgd);
+ page_mapcount_reset(pgd_page);
list_add_tail(&pgd_page->lru, freelist);
domain->pgd = NULL;
}
@@ -2113,7 +2121,7 @@ __domain_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
/* We don't need lock here, nobody else
* touches the iova range
*/
- tmp = cmpxchg64_local(&pte->val, 0ULL, pteval);
+ tmp = dma_set_pte(pte, pteval);
if (tmp) {
static int dumps = 5;
pr_crit("ERROR: DMA PTE for vPFN 0x%lx already set (to %llx not %llx)\n",
@@ -814,11 +814,6 @@ struct dma_pte {
u64 val;
};
-static inline void dma_clear_pte(struct dma_pte *pte)
-{
- pte->val = 0;
-}
-
static inline u64 dma_pte_addr(struct dma_pte *pte)
{
#ifdef CONFIG_64BIT
@@ -830,9 +825,41 @@ static inline u64 dma_pte_addr(struct dma_pte *pte)
#endif
}
+#define DMA_PTEVAL_PRESENT(pteval) (((pteval) & 3) != 0)
static inline bool dma_pte_present(struct dma_pte *pte)
{
- return (pte->val & 3) != 0;
+ return DMA_PTEVAL_PRESENT(pte->val);
+}
+
+static inline void dma_clear_pte(struct dma_pte *pte)
+{
+ u64 old_pteval;
+
+ old_pteval = xchg(&pte->val, 0ULL);
+ if (DMA_PTEVAL_PRESENT(old_pteval)) {
+ struct page *pg = virt_to_page(pte);
+
+ atomic_dec(&pg->_mapcount);
+ } else {
+ /* Ensure that we cleared a valid entry from the page table */
+ WARN_ON_ONCE(1);
+ }
+}
+
+static inline u64 dma_set_pte(struct dma_pte *pte, u64 pteval)
+{
+ u64 old_pteval;
+
+ /* Ensure we about to set a valid entry to the page table */
+ WARN_ON_ONCE(!DMA_PTEVAL_PRESENT(pteval));
+ old_pteval = cmpxchg64(&pte->val, 0ULL, pteval);
+ if (old_pteval == 0) {
+ struct page *pg = virt_to_page(pte);
+
+ atomic_inc(&pg->_mapcount);
+ }
+
+ return old_pteval;
}
static inline bool dma_sl_pte_test_and_clear_dirty(struct dma_pte *pte,
@@ -119,7 +119,8 @@ static inline void *iommu_alloc_pages(gfp_t gfp, int order)
}
/**
- * iommu_alloc_page_node - allocate a zeroed page at specific NUMA node.
+ * iommu_alloc_page_node - allocate a zeroed page at specific NUMA node, and set
+ * mapcount in its struct page to 0.
* @nid: memory NUMA node id
* @gfp: buddy allocator flags
*
@@ -127,18 +128,29 @@ static inline void *iommu_alloc_pages(gfp_t gfp, int order)
*/
static inline void *iommu_alloc_page_node(int nid, gfp_t gfp)
{
- return iommu_alloc_pages_node(nid, gfp, 0);
+ void *virt = iommu_alloc_pages_node(nid, gfp, 0);
+
+ if (virt)
+ atomic_set(&(virt_to_page(virt))->_mapcount, 0);
+
+ return virt;
}
/**
- * iommu_alloc_page - allocate a zeroed page
+ * iommu_alloc_page - allocate a zeroed page, and set mapcount in its struct
+ * page to 0.
* @gfp: buddy allocator flags
*
* returns the virtual address of the allocated page
*/
static inline void *iommu_alloc_page(gfp_t gfp)
{
- return iommu_alloc_pages(gfp, 0);
+ void *virt = iommu_alloc_pages(gfp, 0);
+
+ if (virt)
+ atomic_set(&(virt_to_page(virt))->_mapcount, 0);
+
+ return virt;
}
/**
@@ -155,16 +167,19 @@ static inline void iommu_free_pages(void *virt, int order)
}
/**
- * iommu_free_page - free page
+ * iommu_free_page - free page, and reset mapcount
* @virt: virtual address of the page to be freed.
*/
static inline void iommu_free_page(void *virt)
{
- iommu_free_pages(virt, 0);
+ if (virt) {
+ page_mapcount_reset(virt_to_page(virt));
+ iommu_free_pages(virt, 0);
+ }
}
/**
- * iommu_put_pages_list - free a list of pages.
+ * iommu_put_pages_list - free a list of pages, and reset mapcount.
* @page: the head of the lru list to be freed.
*
* There are no locking requirement for these pages, as they are going to be
@@ -177,6 +192,7 @@ static inline void iommu_put_pages_list(struct list_head *page)
while (!list_empty(page)) {
struct page *p = list_entry(page->prev, struct page, lru);
+ page_mapcount_reset(p);
list_del(&p->lru);
__iommu_free_account(p, 0);
put_page(p);
In order to be able to efficiently free empty page table levels, count the number of entries in each page table by incremeanting and decremeanting mapcount every time a PTE is inserted or removed form the page table. For this to work correctly, add two helper function: dma_clear_pte and dma_set_pte where counting is performed, Also, modify the code so every page table entry is always updated using the two new functions. Finally, before pages are freed, we must restore mapcount to its original state by calling page_mapcount_reset(). Signed-off-by: Pasha Tatashin <pasha.tatashin@soleen.com> --- drivers/iommu/intel/iommu.c | 42 ++++++++++++++++++++++--------------- drivers/iommu/intel/iommu.h | 39 ++++++++++++++++++++++++++++------ drivers/iommu/iommu-pages.h | 30 +++++++++++++++++++------- 3 files changed, 81 insertions(+), 30 deletions(-)