|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [PATCH v2 07/10] xen/arm: ffa: Transmit RXTX buffers to the SPMC
Hi Bertrand,
On Thu, Oct 24, 2024 at 11:46 AM Bertrand Marquis
<Bertrand.Marquis@xxxxxxx> wrote:
>
> Hi Jens,
>
> > On 23 Oct 2024, at 16:51, Jens Wiklander <jens.wiklander@xxxxxxxxxx> wrote:
> >
> > Hi Bertrand,
> >
> > On Wed, Oct 16, 2024 at 10:32 AM Bertrand Marquis
> > <bertrand.marquis@xxxxxxx> wrote:
> >>
> >> When an RXTX buffer is mapped by a VM transmit it to the SPMC when it
> >> supports RX_ACQUIRE.
> >> As a consequence of that, we must acquire the RX buffer of a VM from the
> >> SPMC when we want to use it:
> >> - create a generic acquire and release function to get the rx buffer of
> >> a VM which gets it from the SPMC when supported
> >> - rename the rx_acquire to hyp_rx_acquire to remove confusion
> >> - rework the rx_lock to only lock access to rx_is_free and only allow
> >> usage of the rx buffer to one who managed to acquire it, thus removing
> >> the trylock and returning busy if rx_is_free is false
> >>
> >> As part of this change move some structure definition to ffa_private
> >> from ffa_shm as those are need for the MAP call with the SPMC.
> >>
> >> Signed-off-by: Bertrand Marquis <bertrand.marquis@xxxxxxx>
> >> ---
> >> Changes in v2:
> >> - unmap VM rxtx buffer in SPMC on unmap call or on VM destroy
> >> - rework the unmap call to the SPMC to properly pass the VM ID
> >> ---
> >> xen/arch/arm/tee/ffa.c | 2 +-
> >> xen/arch/arm/tee/ffa_partinfo.c | 29 ++----
> >> xen/arch/arm/tee/ffa_private.h | 22 ++++-
> >> xen/arch/arm/tee/ffa_rxtx.c | 158 ++++++++++++++++++++++++++------
> >> xen/arch/arm/tee/ffa_shm.c | 15 ---
> >> 5 files changed, 161 insertions(+), 65 deletions(-)
> >>
> >> diff --git a/xen/arch/arm/tee/ffa.c b/xen/arch/arm/tee/ffa.c
> >> index a292003ca9fe..40ea5398fa21 100644
> >> --- a/xen/arch/arm/tee/ffa.c
> >> +++ b/xen/arch/arm/tee/ffa.c
> >> @@ -347,7 +347,7 @@ static bool ffa_handle_call(struct cpu_user_regs *regs)
> >> ffa_handle_partition_info_get(regs);
> >> return true;
> >> case FFA_RX_RELEASE:
> >> - e = ffa_handle_rx_release();
> >> + e = ffa_rx_release(d);
> >> break;
> >> case FFA_MSG_SEND_DIRECT_REQ_32:
> >> case FFA_MSG_SEND_DIRECT_REQ_64:
> >> diff --git a/xen/arch/arm/tee/ffa_partinfo.c
> >> b/xen/arch/arm/tee/ffa_partinfo.c
> >> index 3cf801523296..fde187dba4e5 100644
> >> --- a/xen/arch/arm/tee/ffa_partinfo.c
> >> +++ b/xen/arch/arm/tee/ffa_partinfo.c
> >> @@ -121,11 +121,9 @@ void ffa_handle_partition_info_get(struct
> >> cpu_user_regs *regs)
> >> goto out;
> >> }
> >>
> >> - if ( !spin_trylock(&ctx->rx_lock) )
> >> - {
> >> - ret = FFA_RET_BUSY;
> >> + ret = ffa_rx_acquire(d);
> >> + if ( ret != FFA_RET_OK )
> >> goto out;
> >> - }
> >>
> >> dst_buf = ctx->rx;
> >>
> >> @@ -135,22 +133,16 @@ void ffa_handle_partition_info_get(struct
> >> cpu_user_regs *regs)
> >> goto out_rx_release;
> >> }
> >>
> >> - if ( !ctx->page_count || !ctx->rx_is_free )
> >> - {
> >> - ret = FFA_RET_DENIED;
> >> - goto out_rx_release;
> >> - }
> >> -
> >> spin_lock(&ffa_rx_buffer_lock);
> >>
> >> ret = ffa_partition_info_get(uuid, 0, &ffa_sp_count, &src_size);
> >>
> >> if ( ret )
> >> - goto out_rx_buf_unlock;
> >> + goto out_rx_hyp_unlock;
> >>
> >> /*
> >> * ffa_partition_info_get() succeeded so we now own the RX buffer we
> >> - * share with the SPMC. We must give it back using ffa_rx_release()
> >> + * share with the SPMC. We must give it back using
> >> ffa_hyp_rx_release()
> >> * once we've copied the content.
> >> */
> >>
> >> @@ -193,15 +185,13 @@ void ffa_handle_partition_info_get(struct
> >> cpu_user_regs *regs)
> >> }
> >> }
> >>
> >> - ctx->rx_is_free = false;
> >> -
> >> out_rx_hyp_release:
> >> - ffa_rx_release();
> >> -out_rx_buf_unlock:
> >> + ffa_hyp_rx_release();
> >> +out_rx_hyp_unlock:
> >> spin_unlock(&ffa_rx_buffer_lock);
> >> out_rx_release:
> >> - spin_unlock(&ctx->rx_lock);
> >> -
> >> + if ( ret != FFA_RET_OK )
> >> + ffa_rx_release(d);
> >
> > Please comment on why ffa_rx_release() must only be called on failure.
>
> It is because the buffer contains data for the caller in case of success so
> it must be released by the caller.
Please mention the transfer of buffer ownership since that might be
easy to miss if only skimming the spec.
>
> Do i get it right that you want me to add a comment saying that in the code
> and not only tell you here ?
Yes. :-)
Cheers,
Jens
>
> >
> >> out:
> >> if ( ret )
> >> ffa_set_regs_error(regs, ret);
> >> @@ -368,8 +358,7 @@ bool ffa_partinfo_init(void)
> >> ret = init_subscribers(count, fpi_size);
> >>
> >> out:
> >> - ffa_rx_release();
> >> -
> >> + ffa_hyp_rx_release();
> >> return ret;
> >> }
> >>
> >> diff --git a/xen/arch/arm/tee/ffa_private.h
> >> b/xen/arch/arm/tee/ffa_private.h
> >> index afe69b43dbef..9adfe687c3c9 100644
> >> --- a/xen/arch/arm/tee/ffa_private.h
> >> +++ b/xen/arch/arm/tee/ffa_private.h
> >> @@ -265,6 +265,21 @@
> >> #define FFA_ABI_BITNUM(id) ((FFA_ABI_ID(id) - FFA_ABI_MIN) << 1 | \
> >> FFA_ABI_CONV(id))
> >>
> >> +/* Constituent memory region descriptor */
> >> +struct ffa_address_range {
> >> + uint64_t address;
> >> + uint32_t page_count;
> >> + uint32_t reserved;
> >> +};
> >> +
> >> +/* Composite memory region descriptor */
> >> +struct ffa_mem_region {
> >> + uint32_t total_page_count;
> >> + uint32_t address_range_count;
> >> + uint64_t reserved;
> >> + struct ffa_address_range address_range_array[];
> >> +};
> >> +
> >> struct ffa_ctx_notif {
> >> bool enabled;
> >>
> >> @@ -292,7 +307,7 @@ struct ffa_ctx {
> >> struct ffa_ctx_notif notif;
> >> /*
> >> * tx_lock is used to serialize access to tx
> >> - * rx_lock is used to serialize access to rx
> >> + * rx_lock is used to serialize access to rx_is_free
> >> * lock is used for the rest in this struct
> >> */
> >> spinlock_t tx_lock;
> >> @@ -331,7 +346,8 @@ void ffa_rxtx_domain_destroy(struct domain *d);
> >> uint32_t ffa_handle_rxtx_map(uint32_t fid, register_t tx_addr,
> >> register_t rx_addr, uint32_t page_count);
> >> uint32_t ffa_handle_rxtx_unmap(void);
> >> -int32_t ffa_handle_rx_release(void);
> >> +int32_t ffa_rx_acquire(struct domain *d);
> >> +int32_t ffa_rx_release(struct domain *d);
> >>
> >> void ffa_notif_init(void);
> >> void ffa_notif_init_interrupt(void);
> >> @@ -420,7 +436,7 @@ static inline int32_t ffa_simple_call(uint32_t fid,
> >> register_t a1,
> >> return ffa_get_ret_code(&resp);
> >> }
> >>
> >> -static inline int32_t ffa_rx_release(void)
> >> +static inline int32_t ffa_hyp_rx_release(void)
> >> {
> >> return ffa_simple_call(FFA_RX_RELEASE, 0, 0, 0, 0);
> >> }
> >> diff --git a/xen/arch/arm/tee/ffa_rxtx.c b/xen/arch/arm/tee/ffa_rxtx.c
> >> index b6931c855779..a5d43e51f843 100644
> >> --- a/xen/arch/arm/tee/ffa_rxtx.c
> >> +++ b/xen/arch/arm/tee/ffa_rxtx.c
> >> @@ -30,6 +30,17 @@ struct ffa_endpoint_rxtx_descriptor_1_1 {
> >> uint32_t tx_region_offs;
> >> };
> >>
> >> +static int32_t ffa_rxtx_map(paddr_t tx_addr, paddr_t rx_addr,
> >> + uint32_t page_count)
> >> +{
> >> + return ffa_simple_call(FFA_RXTX_MAP_64, tx_addr, rx_addr, page_count,
> >> 0);
> >> +}
> >> +
> >> +static int32_t ffa_rxtx_unmap(uint16_t id)
> >> +{
> >> + return ffa_simple_call(FFA_RXTX_UNMAP, ((uint64_t)id)<<16, 0, 0, 0);
> >> +}
> >> +
> >> uint32_t ffa_handle_rxtx_map(uint32_t fid, register_t tx_addr,
> >> register_t rx_addr, uint32_t page_count)
> >> {
> >> @@ -42,6 +53,9 @@ uint32_t ffa_handle_rxtx_map(uint32_t fid, register_t
> >> tx_addr,
> >> void *rx;
> >> void *tx;
> >>
> >> + /* The code is considering that we only get one page for now */
> >> + BUILD_BUG_ON(FFA_MAX_RXTX_PAGE_COUNT != 1);
> >> +
> >> if ( !smccc_is_conv_64(fid) )
> >> {
> >> /*
> >> @@ -87,6 +101,65 @@ uint32_t ffa_handle_rxtx_map(uint32_t fid, register_t
> >> tx_addr,
> >> if ( !rx )
> >> goto err_unmap_tx;
> >>
> >> + /*
> >> + * Transmit the RX/TX buffer information to the SPM if acquire is
> >> supported
> >> + * as the spec says that if not there is not need to
> >> acquire/release/map
> >> + * rxtx buffers from the SPMC
> >> + */
> >> + if ( ffa_fw_supports_fid(FFA_RX_ACQUIRE) )
> >> + {
> >> + struct ffa_endpoint_rxtx_descriptor_1_1 *rxtx_desc;
> >> + struct ffa_mem_region *mem_reg;
> >> +
> >> + /* All must fit in our TX buffer */
> >> + BUILD_BUG_ON((sizeof(*rxtx_desc) + sizeof(*mem_reg)*2 +
> >> + sizeof(struct ffa_address_range)*2) >
> >> FFA_PAGE_SIZE);
> >
> > Please add space before and after the binary operator "*".
> Ack
>
> > The size of the TX buffer is FFA_RXTX_PAGE_COUNT * FFA_PAGE_SIZE.
> Very right, I will fix that in v3.
>
> > Nit: the outer parenthesis around the left expression aren't needed.
> Ack
>
> >
> >> +
> >> + spin_lock(&ffa_tx_buffer_lock);
> >> + rxtx_desc = ffa_tx;
> >> +
> >> + /*
> >> + * We have only one page for each so we pack everything:
> >> + * - rx region descriptor
> >> + * - rx region range
> >> + * - tx region descriptor
> >> + * - tx region range
> >> + */
> >> + rxtx_desc->sender_id = ffa_get_vm_id(d);
> >> + rxtx_desc->reserved = 0;
> >> + rxtx_desc->rx_region_offs = sizeof(*rxtx_desc);
> >> + rxtx_desc->tx_region_offs = sizeof(*rxtx_desc) +
> >> + offsetof(struct ffa_mem_region,
> >> + address_range_array[1]);
> >> +
> >> + /* rx buffer */
> >> + mem_reg = ffa_tx + sizeof(*rxtx_desc);
> >> + mem_reg->total_page_count = 1;
> >> + mem_reg->address_range_count = 1;
> >> + mem_reg->reserved = 0;
> >> +
> >> + mem_reg->address_range_array[0].address = page_to_maddr(rx_pg);
> >> + mem_reg->address_range_array[0].page_count = 1;
> >> + mem_reg->address_range_array[0].reserved = 0;
> >> +
> >> + /* tx buffer */
> >> + mem_reg = ffa_tx + rxtx_desc->tx_region_offs;
> >> + mem_reg->total_page_count = 1;
> >> + mem_reg->address_range_count = 1;
> >> + mem_reg->reserved = 0;
> >> +
> >> + mem_reg->address_range_array[0].address = page_to_maddr(tx_pg);
> >> + mem_reg->address_range_array[0].page_count = 1;
> >> + mem_reg->address_range_array[0].reserved = 0;
> >> +
> >> + ret = ffa_rxtx_map(0, 0, 1);
> >
> > The last parameter is also MBZ when forwarding on behalf of an endpoint.
>
> Ack, will fix in v3.
>
> Cheers
> Bertrand
>
> >
> > Cheers,
> > Jens
> >
> >> +
> >> + spin_unlock(&ffa_tx_buffer_lock);
> >> +
> >> + if ( ret != FFA_RET_OK )
> >> + goto err_unmap_rx;
> >> + }
> >> +
> >> ctx->rx = rx;
> >> ctx->tx = tx;
> >> ctx->rx_pg = rx_pg;
> >> @@ -95,6 +168,8 @@ uint32_t ffa_handle_rxtx_map(uint32_t fid, register_t
> >> tx_addr,
> >> ctx->rx_is_free = true;
> >> return FFA_RET_OK;
> >>
> >> +err_unmap_rx:
> >> + unmap_domain_page_global(rx);
> >> err_unmap_tx:
> >> unmap_domain_page_global(tx);
> >> err_put_rx_pg:
> >> @@ -105,8 +180,22 @@ err_put_tx_pg:
> >> return ret;
> >> }
> >>
> >> -static void rxtx_unmap(struct ffa_ctx *ctx)
> >> +static uint32_t rxtx_unmap(struct domain *d)
> >> {
> >> + struct ffa_ctx *ctx = d->arch.tee;
> >> +
> >> + if ( !ctx->page_count )
> >> + return FFA_RET_INVALID_PARAMETERS;
> >> +
> >> + if ( ffa_fw_supports_fid(FFA_RX_ACQUIRE) )
> >> + {
> >> + uint32_t ret;
> >> +
> >> + ret = ffa_rxtx_unmap(ffa_get_vm_id(d));
> >> + if ( ret != FFA_RET_OK )
> >> + return ret;
> >> + }
> >> +
> >> unmap_domain_page_global(ctx->rx);
> >> unmap_domain_page_global(ctx->tx);
> >> put_page(ctx->rx_pg);
> >> @@ -117,32 +206,63 @@ static void rxtx_unmap(struct ffa_ctx *ctx)
> >> ctx->tx_pg = NULL;
> >> ctx->page_count = 0;
> >> ctx->rx_is_free = false;
> >> +
> >> + return FFA_RET_OK;
> >> }
> >>
> >> uint32_t ffa_handle_rxtx_unmap(void)
> >> {
> >> - struct domain *d = current->domain;
> >> + return rxtx_unmap(current->domain);
> >> +}
> >> +
> >> +int32_t ffa_rx_acquire(struct domain *d)
> >> +{
> >> + int32_t ret = FFA_RET_OK;
> >> struct ffa_ctx *ctx = d->arch.tee;
> >>
> >> - if ( !ctx->rx )
> >> - return FFA_RET_INVALID_PARAMETERS;
> >> + spin_lock(&ctx->rx_lock);
> >>
> >> - rxtx_unmap(ctx);
> >> + if ( !ctx->page_count )
> >> + {
> >> + ret = FFA_RET_DENIED;
> >> + goto out;
> >> + }
> >>
> >> - return FFA_RET_OK;
> >> + if ( !ctx->rx_is_free )
> >> + {
> >> + ret = FFA_RET_BUSY;
> >> + goto out;
> >> + }
> >> +
> >> + if ( ffa_fw_supports_fid(FFA_RX_ACQUIRE) )
> >> + {
> >> + ret = ffa_simple_call(FFA_RX_ACQUIRE, ffa_get_vm_id(d), 0, 0, 0);
> >> + if ( ret != FFA_RET_OK )
> >> + goto out;
> >> + }
> >> + ctx->rx_is_free = false;
> >> +out:
> >> + spin_unlock(&ctx->rx_lock);
> >> +
> >> + return ret;
> >> }
> >>
> >> -int32_t ffa_handle_rx_release(void)
> >> +int32_t ffa_rx_release(struct domain *d)
> >> {
> >> int32_t ret = FFA_RET_DENIED;
> >> - struct domain *d = current->domain;
> >> struct ffa_ctx *ctx = d->arch.tee;
> >>
> >> - if ( !spin_trylock(&ctx->rx_lock) )
> >> - return FFA_RET_BUSY;
> >> + spin_lock(&ctx->rx_lock);
> >>
> >> if ( !ctx->page_count || ctx->rx_is_free )
> >> goto out;
> >> +
> >> + if ( ffa_fw_supports_fid(FFA_RX_ACQUIRE) )
> >> + {
> >> + ret = ffa_simple_call(FFA_RX_RELEASE, ffa_get_vm_id(d), 0, 0, 0);
> >> + if ( ret != FFA_RET_OK )
> >> + goto out;
> >> + }
> >> ret = FFA_RET_OK;
> >> ctx->rx_is_free = true;
> >> out:
> >> @@ -151,23 +271,9 @@ out:
> >> return ret;
> >> }
> >>
> >> -static int32_t ffa_rxtx_map(paddr_t tx_addr, paddr_t rx_addr,
> >> - uint32_t page_count)
> >> -{
> >> - return ffa_simple_call(FFA_RXTX_MAP_64, tx_addr, rx_addr, page_count,
> >> 0);
> >> -}
> >> -
> >> -static int32_t ffa_rxtx_unmap(void)
> >> -{
> >> - return ffa_simple_call(FFA_RXTX_UNMAP, 0, 0, 0, 0);
> >> -}
> >> -
> >> void ffa_rxtx_domain_destroy(struct domain *d)
> >> {
> >> - struct ffa_ctx *ctx = d->arch.tee;
> >> -
> >> - if ( ctx->rx )
> >> - rxtx_unmap(ctx);
> >> + rxtx_unmap(d);
> >> }
> >>
> >> void ffa_rxtx_destroy(void)
> >> @@ -186,7 +292,7 @@ void ffa_rxtx_destroy(void)
> >> }
> >>
> >> if ( need_unmap )
> >> - ffa_rxtx_unmap();
> >> + ffa_rxtx_unmap(0);
> >> }
> >>
> >> bool ffa_rxtx_init(void)
> >> diff --git a/xen/arch/arm/tee/ffa_shm.c b/xen/arch/arm/tee/ffa_shm.c
> >> index 29675f9ba3f7..d628c1b70609 100644
> >> --- a/xen/arch/arm/tee/ffa_shm.c
> >> +++ b/xen/arch/arm/tee/ffa_shm.c
> >> @@ -16,21 +16,6 @@
> >>
> >> #include "ffa_private.h"
> >>
> >> -/* Constituent memory region descriptor */
> >> -struct ffa_address_range {
> >> - uint64_t address;
> >> - uint32_t page_count;
> >> - uint32_t reserved;
> >> -};
> >> -
> >> -/* Composite memory region descriptor */
> >> -struct ffa_mem_region {
> >> - uint32_t total_page_count;
> >> - uint32_t address_range_count;
> >> - uint64_t reserved;
> >> - struct ffa_address_range address_range_array[];
> >> -};
> >> -
> >> /* Memory access permissions descriptor */
> >> struct ffa_mem_access_perm {
> >> uint16_t endpoint_id;
> >> --
> >> 2.47.0
>
>
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |