| // SPDX-License-Identifier: GPL-2.0 |
| /* |
| * VMID allocator. |
| * |
| * Based on Arm64 ASID allocator algorithm. |
| * Please refer arch/arm64/mm/context.c for detailed |
| * comments on algorithm. |
| * |
| * Copyright (C) 2002-2003 Deep Blue Solutions Ltd, all rights reserved. |
| * Copyright (C) 2012 ARM Ltd. |
| */ |
| |
| #include <linux/bitfield.h> |
| #include <linux/bitops.h> |
| |
| #include <asm/kvm_asm.h> |
| #include <asm/kvm_mmu.h> |
| |
| unsigned int __ro_after_init kvm_arm_vmid_bits; |
| static DEFINE_RAW_SPINLOCK(cpu_vmid_lock); |
| |
| static atomic64_t vmid_generation; |
| static unsigned long *vmid_map; |
| |
| static DEFINE_PER_CPU(atomic64_t, active_vmids); |
| static DEFINE_PER_CPU(u64, reserved_vmids); |
| |
| #define VMID_MASK (~GENMASK(kvm_arm_vmid_bits - 1, 0)) |
| #define VMID_FIRST_VERSION (1UL << kvm_arm_vmid_bits) |
| |
| #define NUM_USER_VMIDS VMID_FIRST_VERSION |
| #define vmid2idx(vmid) ((vmid) & ~VMID_MASK) |
| #define idx2vmid(idx) vmid2idx(idx) |
| |
| /* |
| * As vmid #0 is always reserved, we will never allocate one |
| * as below and can be treated as invalid. This is used to |
| * set the active_vmids on vCPU schedule out. |
| */ |
| #define VMID_ACTIVE_INVALID VMID_FIRST_VERSION |
| |
| #define vmid_gen_match(vmid) \ |
| (!(((vmid) ^ atomic64_read(&vmid_generation)) >> kvm_arm_vmid_bits)) |
| |
| static void flush_context(void) |
| { |
| int cpu; |
| u64 vmid; |
| |
| bitmap_zero(vmid_map, NUM_USER_VMIDS); |
| |
| for_each_possible_cpu(cpu) { |
| vmid = atomic64_xchg_relaxed(&per_cpu(active_vmids, cpu), 0); |
| |
| /* Preserve reserved VMID */ |
| if (vmid == 0) |
| vmid = per_cpu(reserved_vmids, cpu); |
| __set_bit(vmid2idx(vmid), vmid_map); |
| per_cpu(reserved_vmids, cpu) = vmid; |
| } |
| |
| /* |
| * Unlike ASID allocator, we expect less frequent rollover in |
| * case of VMIDs. Hence, instead of marking the CPU as |
| * flush_pending and issuing a local context invalidation on |
| * the next context-switch, we broadcast TLB flush + I-cache |
| * invalidation over the inner shareable domain on rollover. |
| */ |
| kvm_call_hyp(__kvm_flush_vm_context); |
| } |
| |
| static bool check_update_reserved_vmid(u64 vmid, u64 newvmid) |
| { |
| int cpu; |
| bool hit = false; |
| |
| /* |
| * Iterate over the set of reserved VMIDs looking for a match |
| * and update to use newvmid (i.e. the same VMID in the current |
| * generation). |
| */ |
| for_each_possible_cpu(cpu) { |
| if (per_cpu(reserved_vmids, cpu) == vmid) { |
| hit = true; |
| per_cpu(reserved_vmids, cpu) = newvmid; |
| } |
| } |
| |
| return hit; |
| } |
| |
| static u64 new_vmid(struct kvm_vmid *kvm_vmid) |
| { |
| static u32 cur_idx = 1; |
| u64 vmid = atomic64_read(&kvm_vmid->id); |
| u64 generation = atomic64_read(&vmid_generation); |
| |
| if (vmid != 0) { |
| u64 newvmid = generation | (vmid & ~VMID_MASK); |
| |
| if (check_update_reserved_vmid(vmid, newvmid)) { |
| atomic64_set(&kvm_vmid->id, newvmid); |
| return newvmid; |
| } |
| |
| if (!__test_and_set_bit(vmid2idx(vmid), vmid_map)) { |
| atomic64_set(&kvm_vmid->id, newvmid); |
| return newvmid; |
| } |
| } |
| |
| vmid = find_next_zero_bit(vmid_map, NUM_USER_VMIDS, cur_idx); |
| if (vmid != NUM_USER_VMIDS) |
| goto set_vmid; |
| |
| /* We're out of VMIDs, so increment the global generation count */ |
| generation = atomic64_add_return_relaxed(VMID_FIRST_VERSION, |
| &vmid_generation); |
| flush_context(); |
| |
| /* We have more VMIDs than CPUs, so this will always succeed */ |
| vmid = find_next_zero_bit(vmid_map, NUM_USER_VMIDS, 1); |
| |
| set_vmid: |
| __set_bit(vmid, vmid_map); |
| cur_idx = vmid; |
| vmid = idx2vmid(vmid) | generation; |
| atomic64_set(&kvm_vmid->id, vmid); |
| return vmid; |
| } |
| |
| /* Called from vCPU sched out with preemption disabled */ |
| void kvm_arm_vmid_clear_active(void) |
| { |
| atomic64_set(this_cpu_ptr(&active_vmids), VMID_ACTIVE_INVALID); |
| } |
| |
| void kvm_arm_vmid_update(struct kvm_vmid *kvm_vmid) |
| { |
| unsigned long flags; |
| u64 vmid, old_active_vmid; |
| |
| vmid = atomic64_read(&kvm_vmid->id); |
| |
| /* |
| * Please refer comments in check_and_switch_context() in |
| * arch/arm64/mm/context.c. |
| * |
| * Unlike ASID allocator, we set the active_vmids to |
| * VMID_ACTIVE_INVALID on vCPU schedule out to avoid |
| * reserving the VMID space needlessly on rollover. |
| * Hence explicitly check here for a "!= 0" to |
| * handle the sync with a concurrent rollover. |
| */ |
| old_active_vmid = atomic64_read(this_cpu_ptr(&active_vmids)); |
| if (old_active_vmid != 0 && vmid_gen_match(vmid) && |
| 0 != atomic64_cmpxchg_relaxed(this_cpu_ptr(&active_vmids), |
| old_active_vmid, vmid)) |
| return; |
| |
| raw_spin_lock_irqsave(&cpu_vmid_lock, flags); |
| |
| /* Check that our VMID belongs to the current generation. */ |
| vmid = atomic64_read(&kvm_vmid->id); |
| if (!vmid_gen_match(vmid)) |
| vmid = new_vmid(kvm_vmid); |
| |
| atomic64_set(this_cpu_ptr(&active_vmids), vmid); |
| raw_spin_unlock_irqrestore(&cpu_vmid_lock, flags); |
| } |
| |
| /* |
| * Initialize the VMID allocator |
| */ |
| int __init kvm_arm_vmid_alloc_init(void) |
| { |
| kvm_arm_vmid_bits = kvm_get_vmid_bits(); |
| |
| /* |
| * Expect allocation after rollover to fail if we don't have |
| * at least one more VMID than CPUs. VMID #0 is always reserved. |
| */ |
| WARN_ON(NUM_USER_VMIDS - 1 <= num_possible_cpus()); |
| atomic64_set(&vmid_generation, VMID_FIRST_VERSION); |
| vmid_map = bitmap_zalloc(NUM_USER_VMIDS, GFP_KERNEL); |
| if (!vmid_map) |
| return -ENOMEM; |
| |
| return 0; |
| } |
| |
| void __init kvm_arm_vmid_alloc_free(void) |
| { |
| bitmap_free(vmid_map); |
| } |