On Thu, Feb 08, 2024 at 12:23:02AM -0800, Yi Liu wrote:
If a domain is used as the parent in nested translation its mappings might be cached using DID of the nested domain. But the existing code ignores this fact to only invalidate the iotlb entries tagged by the domain's own DID.
Loop the s1_domains list, if any, to invalidate all iotlb entries related to the target s2 address range. According to VT-d spec there is no need for software to explicitly flush the affected s1 cache. It's implicitly done by HW when s2 cache is invalidated.
I had to look this up to understand what it means.. The HW caches per-DID and if you invalidate the DID's S2 then the HW flushes the S1 as well within that DID only.
It doesn't mean that the S2 is globally shared across all the nesting translations (like ARM does), and you still have to iterate over every nesting DID.
In light of that this design seems to have gone a bit off..
A domain should have a list of places that need invalidation, specifically a list of DIDs and ATCs that need an invalidation to be issued.
Instead we now somehow have 4 different lists in the domain the invalidation code iterates over?
So I would think this:
struct dmar_domain { struct xarray iommu_array; /* Attached IOMMU array */ struct list_head devices; /* all devices' list */ struct list_head dev_pasids; /* all attached pasids */ struct list_head s1_domains;
Would make sense to be collapsed into one logical list of attached devices:
struct intel_iommu_domain_attachment { unsigned int did; ioasid_t pasid; struct device_domain_info *info; list_head item; };
When you attach a S1/S2 nest you allocate two of the above structs and one is linked on the S1 and one is linked on the S2..
Jason