@@ -97,6 +97,8 @@ typedef struct VFIOContainer {
unsigned int dma_max_mappings;
IOVATree *mappings;
QemuMutex mappings_mutex;
+ /* Represents the range [0, giommu_tracked_range) not inclusive */
+ hwaddr giommu_tracked_range;
QLIST_HEAD(, VFIOGuestIOMMU) giommu_list;
QLIST_HEAD(, VFIOHostDMAWindow) hostwin_list;
QLIST_HEAD(, VFIOGroup) group_list;
@@ -44,6 +44,8 @@
#include "migration/qemu-file.h"
#include "sysemu/tpm.h"
#include "qemu/iova-tree.h"
+#include "hw/boards.h"
+#include "hw/mem/memory-device.h"
VFIOGroupList vfio_group_list =
QLIST_HEAD_INITIALIZER(vfio_group_list);
@@ -377,6 +379,38 @@ bool vfio_mig_active(void)
return true;
}
+static uint64_t vfio_get_ram_size(void)
+{
+ MachineState *ms = MACHINE(qdev_get_machine());
+ uint64_t plugged_size;
+
+ plugged_size = get_plugged_memory_size();
+ if (plugged_size == (uint64_t)-1) {
+ plugged_size = 0;
+ }
+
+ return ms->ram_size + plugged_size;
+}
+
+static int vfio_giommu_get_max_iova(VFIOContainer *container, hwaddr *max_iova)
+{
+ VFIOGuestIOMMU *giommu;
+ int ret;
+
+ giommu = QLIST_FIRST(&container->giommu_list);
+ if (!giommu) {
+ return -ENOENT;
+ }
+
+ ret = memory_region_iommu_get_attr(giommu->iommu_mr, IOMMU_ATTR_MAX_IOVA,
+ max_iova);
+ if (ret) {
+ return ret;
+ }
+
+ return 0;
+}
+
static bool vfio_have_giommu(VFIOContainer *container)
{
return !QLIST_EMPTY(&container->giommu_list);
@@ -1456,7 +1490,8 @@ static gboolean vfio_iova_tree_get_last(DMAMap *map, gpointer data)
}
static struct vfio_device_feature *
-vfio_device_feature_dma_logging_start_create(VFIOContainer *container)
+vfio_device_feature_dma_logging_start_create(VFIOContainer *container,
+ bool giommu)
{
struct vfio_device_feature *feature;
size_t feature_size;
@@ -1475,6 +1510,16 @@ vfio_device_feature_dma_logging_start_create(VFIOContainer *container)
control = (struct vfio_device_feature_dma_logging_control *)feature->data;
control->page_size = qemu_real_host_page_size();
+ if (giommu) {
+ ranges = g_malloc0(sizeof(*ranges));
+ ranges->iova = 0;
+ ranges->length = container->giommu_tracked_range;
+ control->num_ranges = 1;
+ control->ranges = (uint64_t)ranges;
+
+ return feature;
+ }
+
QEMU_LOCK_GUARD(&container->mappings_mutex);
/*
@@ -1524,12 +1569,12 @@ static void vfio_device_feature_dma_logging_start_destroy(
g_free(feature);
}
-static int vfio_devices_dma_logging_start(VFIOContainer *container)
+static int vfio_devices_dma_logging_start(VFIOContainer *container, bool giommu)
{
struct vfio_device_feature *feature;
int ret;
- feature = vfio_device_feature_dma_logging_start_create(container);
+ feature = vfio_device_feature_dma_logging_start_create(container, giommu);
if (!feature) {
return -errno;
}
@@ -1544,18 +1589,85 @@ static int vfio_devices_dma_logging_start(VFIOContainer *container)
return ret;
}
+/*
+ * This value is used in the second attempt to start device dirty tracking with
+ * vIOMMU, if the first attempt fails. It should be in the middle, not too big
+ * and not too small, allowing devices with HW limitations to do device dirty
+ * tracking while covering a fair amount of the IOVA space.
+ *
+ * This arbitrary value was chosen becasue it is the minimum value of Intel
+ * IOMMU max IOVA and mlx5 device supports tracking a range of this size.
+ */
+#define VFIO_GIOMMU_RETRY_IOVA ((1ULL << 39) - 1)
+
+#define VFIO_GIOMMU_RETRY_COUNT 3
+static int vfio_devices_start_dirty_page_tracking(VFIOContainer *container)
+{
+ hwaddr giommu_max_iova, iova_size, iova_retry_size, ram_size;
+ hwaddr iova_to_track[VFIO_GIOMMU_RETRY_COUNT] = {};
+ int ret;
+ int i;
+
+ if (!vfio_have_giommu(container)) {
+ return vfio_devices_dma_logging_start(container, false);
+ }
+
+ /*
+ * With vIOMMU we try to track the entire IOVA space. As the IOVA space can
+ * be rather big, devices might not be able to track it due to HW
+ * limitations. Therefore, retry tracking smaller ranges as follows:
+ * (1) Retry tracking a smaller part of the IOVA space.
+ * (2) Retry tracking a range in the size of the physical memory.
+ * (3) If all fail, give up.
+ */
+ ret = vfio_giommu_get_max_iova(container, &giommu_max_iova);
+ if (!ret && !REAL_HOST_PAGE_ALIGN(giommu_max_iova)) {
+ giommu_max_iova -= qemu_real_host_page_size();
+ }
+
+ iova_size = ret ? 0 : giommu_max_iova;
+ iova_retry_size = iova_size ? MIN(VFIO_GIOMMU_RETRY_IOVA, iova_size / 2) :
+ VFIO_GIOMMU_RETRY_IOVA;
+ ram_size = vfio_get_ram_size();
+
+ iova_to_track[0] = REAL_HOST_PAGE_ALIGN(iova_size);
+ iova_to_track[1] = REAL_HOST_PAGE_ALIGN(iova_retry_size);
+ iova_to_track[2] = REAL_HOST_PAGE_ALIGN(MIN(ram_size, iova_retry_size / 2));
+
+ for (i = 0; i < VFIO_GIOMMU_RETRY_COUNT; i++) {
+ if (!iova_to_track[i]) {
+ continue;
+ }
+
+ container->giommu_tracked_range = iova_to_track[i];
+ ret = vfio_devices_dma_logging_start(container, true);
+ if (!ret) {
+ break;
+ }
+
+ if (i < VFIO_GIOMMU_RETRY_COUNT - 1) {
+ warn_report("Failed to start device dirty tracking with vIOMMU "
+ "with range of size 0x%" HWADDR_PRIx
+ ", err: %d. Retrying with range "
+ "of size 0x%" HWADDR_PRIx,
+ iova_to_track[i], ret, iova_to_track[i + 1]);
+ } else {
+ error_report("Failed to start device dirty tracking with vIOMMU "
+ "with range of size 0x%" HWADDR_PRIx ", err: %d",
+ iova_to_track[i], ret);
+ }
+ }
+
+ return ret;
+}
+
static void vfio_listener_log_global_start(MemoryListener *listener)
{
VFIOContainer *container = container_of(listener, VFIOContainer, listener);
int ret;
if (vfio_devices_all_device_dirty_tracking(container)) {
- if (vfio_have_giommu(container)) {
- /* Device dirty page tracking currently doesn't support vIOMMU */
- return;
- }
-
- ret = vfio_devices_dma_logging_start(container);
+ ret = vfio_devices_start_dirty_page_tracking(container);
} else {
ret = vfio_set_dirty_page_tracking(container, true);
}
@@ -1573,11 +1685,6 @@ static void vfio_listener_log_global_stop(MemoryListener *listener)
int ret;
if (vfio_devices_all_device_dirty_tracking(container)) {
- if (vfio_have_giommu(container)) {
- /* Device dirty page tracking currently doesn't support vIOMMU */
- return;
- }
-
ret = vfio_devices_dma_logging_stop(container);
} else {
ret = vfio_set_dirty_page_tracking(container, false);
@@ -1616,6 +1723,17 @@ static int vfio_device_dma_logging_report(VFIODevice *vbasedev, hwaddr iova,
return 0;
}
+static bool vfio_iommu_range_is_device_tracked(VFIOContainer *container,
+ hwaddr iova, hwaddr size)
+{
+ /* Check overflow */
+ if (iova + size < iova) {
+ return false;
+ }
+
+ return iova + size <= container->giommu_tracked_range;
+}
+
static int vfio_devices_query_dirty_bitmap(VFIOContainer *container,
VFIOBitmap *vbmap, hwaddr iova,
hwaddr size)
@@ -1625,10 +1743,11 @@ static int vfio_devices_query_dirty_bitmap(VFIOContainer *container,
int ret;
if (vfio_have_giommu(container)) {
- /* Device dirty page tracking currently doesn't support vIOMMU */
- bitmap_set(vbmap->bitmap, 0, vbmap->pages);
+ if (!vfio_iommu_range_is_device_tracked(container, iova, size)) {
+ bitmap_set(vbmap->bitmap, 0, vbmap->pages);
- return 0;
+ return 0;
+ }
}
QLIST_FOREACH(group, &container->group_list, container_next) {
Currently, device dirty page tracking with vIOMMU is not supported - RAM pages are perpetually marked dirty in this case. When vIOMMU is used, IOVA ranges are DMA mapped/unmapped on the fly as the vIOMMU maps/unmaps them. These IOVA ranges can potentially be mapped anywhere in the vIOMMU IOVA space. Due to this dynamic nature of vIOMMU mapping/unmapping, tracking only the currently mapped IOVA ranges, as done in the non-vIOMMU case, doesn't work very well. Instead, to support device dirty tracking when vIOMMU is enabled, track the entire vIOMMU IOVA space. If that fails (IOVA space can be rather big and we might hit HW limitation), try tracking smaller range while marking untracked ranges dirty. Signed-off-by: Avihai Horon <avihaih@nvidia.com> --- include/hw/vfio/vfio-common.h | 2 + hw/vfio/common.c | 153 ++++++++++++++++++++++++++++++---- 2 files changed, 138 insertions(+), 17 deletions(-)