Re: [RFC PATCH] arm64: dts: ls1028a: mark ARM SMMU as DMA coherent

From: Vladimir Oltean
Date: Wed Dec 14 2022 - 11:54:15 EST

Next message: Krzysztof Kozlowski: "Re: [PATCH v2 RESEND 0/5] ARM: dts: nanobone: Fix missing/incorrect features"
Previous message: Krzysztof Kozlowski: "Re: [PATCH] dt-bindings: bcm4329-fmac: Add ingenic,iw8103-fmac compatible string"
In reply to: Robin Murphy: "Re: [RFC PATCH] arm64: dts: ls1028a: mark ARM SMMU as DMA coherent"
Next in thread: Robin Murphy: "Re: [RFC PATCH] arm64: dts: ls1028a: mark ARM SMMU as DMA coherent"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Robin,

On Thu, Dec 08, 2022 at 07:01:16PM +0000, Robin Murphy wrote:
> It's more just good fortune that it ever worked properly at all.

Thanks for the response. I don't know much about IOMMUs or the ARM SMMU,
I'm trying to understand what you've said. I hope you don't mind a few
foolish questions.

> We have to make the DT authoritative about coherency because cases exist where
> the ID register is misconfigured.

Which ID register? The ARM_SMMU_ID0_CTTW bit in ARM_SMMU_GR0_ID0, as
read by arm_smmu_device_cfg_probe()?

I tried to find more about this bit (driver suggests it's bit 14), but I'm a bit lost.
First of all, I don't know where to find the ID0 register for MMU-500.
I looked at the register summary here and didn't find it:
https://developer.arm.com/documentation/ddi0517/f/programmers-model/register-summary/global-address-space-0-registers-summary?lang=en
Then I googled it and found this page, where it just says that at bit 14
there's indeed something named CTTW (unexplained) which is hardcoded to 0:
https://developer.arm.com/documentation/ddi0517/e/programmers-model/memory-model/reset-values?lang=en
I did however download the SMMU v2 arch spec PDF at
https://developer.arm.com/documentation/ihi0062/latest

and there, I did find it. But I'm not sure why the MMU-500 says it
*should* be hardcoded to 0? Is this what you call "misconfigured"?

On my hardware (both LS1028A and LS1088A), it reads:

$ dmesg | grep smmu
[ 4.825109] arm-smmu 5000000.iommu: probing hardware configuration...
[ 4.831625] arm-smmu 5000000.iommu: SMMUv2 with:
[ 4.836293] arm-smmu 5000000.iommu: GR0_ID0: 0x7c013e80
[ 4.841569] arm-smmu 5000000.iommu: stage 1 translation
[ 4.846931] arm-smmu 5000000.iommu: stage 2 translation
[ 4.852293] arm-smmu 5000000.iommu: nested translation
[ 4.857573] arm-smmu 5000000.iommu: stream matching with 128 register groups
[ 4.864776] arm-smmu 5000000.iommu: 64 context banks (0 stage-2 only)
[ 4.871372] arm-smmu 5000000.iommu: Supported page sizes: 0x61311000
[ 4.877868] arm-smmu 5000000.iommu: Stage-1: 48-bit VA -> 48-bit IPA
[ 4.884375] arm-smmu 5000000.iommu: Stage-2: 48-bit IPA -> 48-bit PA
[ 4.893113] arm-smmu 5000000.iommu: preserved 0 boot mappings

On the other hand, in the verbal (no registers) documentation of the
MMU-500 integration in my SoCs, it does say that "The SMMU supports cache
coherency for page table walks and DVM transactions for page table cache
maintenance operations."

Does looking at the CTTW bit make any sense for MMU-500?

> You've been telling Linux that that is the case, and now the message
> is finally getting through to VFIO. If we weren't also lazy in
> io-pgtable-arm about what shareability attribute to use for IOMMU_CACHE,
> you would have actually had the broken VFIO behaviour that that check
> is now defending against.

lazy in io-pgtable-arm == ??

I assume you're talking about something which is (not) done in
arm_lpae_prot_to_pte()? Could you please clarify, as I didn't understand?

IIUC (and I've been wrong before), the IOMMU_CACHE "prot" flag means
that memory mapped by the IOMMU for DMA is coherent w.r.t. CPU caches,
and VFIO specifically needs it because:

* VFIO always sets IOMMU_CACHE because we offer no way for userspace to
* restore cache coherency.

i.o.w. user space can't execute cache invalidation instructions (DC CIVAC etc),
which would make cache-coherent DMA transactions the only viable possibility.
Right?

> I'd argue that you do want to make the DT change, because it's the truth
> of the hardware. Even if you did want to keep doing the significant
> extra work of maintaining non-coherent pagetables (there is a dubious
> snoop latency vs. TLB miss rate argument), that would be better achieved
> at the level of the io_pgtable_cfg, not by lying about the entire SMMU.

I do agree that we could set the dma-coherent property in the SMMU node
to skip some of the wmb() instructions in the TLB invalidation procedures
for stage 1/stage 2 translations. I wasn't trying to make any argument
in favor of manually maintaining the cache coherency with the page tables.

I'm just not exactly clear what does the page table walk of the SMMU TCU
have to do with the cache coherence of the DMA transactions forwarded/translated
by the TBUs. I mean, I saw the comment below:

/* Assume that a coherent TCU implies coherent TBUs */

but I simply don't understand what is it that gives this assumption any
grounds.

> However, since Jason refactored things at the VFIO end too, it looks like
> this should now be consistently checked for every individual device
> bound to a VFIO driver, so we might be able to do a bit better, as
> below.

hmm, the change in vfio_group_find_or_alloc() between iommu_capable(dev->bus)
and device_iommu_capable(dev) took place in commit a9cf69d0e7f2 ("Merge
tag 'vfio-v6.0-rc1' of https://github.com/awilliam/linux-vfio";), says my
git blame. Pretty strange. I had to use git log --graph to find your
commit specifically: 3b498b665621 ("vfio: Use device_iommu_capable()").

> I'd be rather surprised if anyone ever genuinely built this
> topology, but it does happen to be the one other combination that's easy
> to infer with reasonable confidence.

this topology == ?
non-coherent SMMU page table walks but cache coherent DMA traffic of
SMMU upstream device?

Feasible or not, VFIO doesn't have a problem working with that device
even if the SMMU doesn't do coherent walking of its translation tables,
no?

>
> Thanks,
> Robin.
>
> ----->8-----
> diff --git a/drivers/iommu/arm/arm-smmu/arm-smmu.c b/drivers/iommu/arm/arm-smmu/arm-smmu.c
> index 30dab1418e3f..a5ad9d6b51cf 100644
> --- a/drivers/iommu/arm/arm-smmu/arm-smmu.c
> +++ b/drivers/iommu/arm/arm-smmu/arm-smmu.c
> @@ -1320,7 +1320,8 @@ static bool arm_smmu_capable(struct device *dev, enum iommu_cap cap)
> switch (cap) {
> case IOMMU_CAP_CACHE_COHERENCY:
> /* Assume that a coherent TCU implies coherent TBUs */
> - return cfg->smmu->features & ARM_SMMU_FEAT_COHERENT_WALK;
> + return cfg->smmu->features & ARM_SMMU_FEAT_COHERENT_WALK ||
> + device_get_dma_attr(dev) == DEV_DMA_COHERENT;

So this works for enetc, thanks. However, do we need to also consider
handling DEV_DMA_NOT_SUPPORTED, and thus, testing != DEV_DMA_NON_COHERENT
could be better than == DEV_DMA_COHERENT?

But from your response and the explanation in commit df198b37e72c
("iommu/arm-smmu: Report IOMMU_CAP_CACHE_COHERENCY better"), I'm not
clear why we would keep looking at the COHERENT_WALK feature at all?

It seems to my layman eyes that we are artificially coupling 2 concepts
that have nothing in common, and bad reporting for one of them is
causing trouble with the other.

> case IOMMU_CAP_NOEXEC:
> return true;
> default:

Thanks!

Next message: Krzysztof Kozlowski: "Re: [PATCH v2 RESEND 0/5] ARM: dts: nanobone: Fix missing/incorrect features"
Previous message: Krzysztof Kozlowski: "Re: [PATCH] dt-bindings: bcm4329-fmac: Add ingenic,iw8103-fmac compatible string"
In reply to: Robin Murphy: "Re: [RFC PATCH] arm64: dts: ls1028a: mark ARM SMMU as DMA coherent"
Next in thread: Robin Murphy: "Re: [RFC PATCH] arm64: dts: ls1028a: mark ARM SMMU as DMA coherent"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]