tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI

The ARM64_WORKAROUND_REPEAT_TLBI workaround is used to mitigate several
errata where broadcast TLBI;DSB sequences don't provide all the
architecturally required synchronization. The workaround performs more
work than necessary, and can have significant overhead. This patch
optimizes the workaround, as explained below.

The workaround was originally added for Qualcomm Falkor erratum 1009 in
commit:

d9ff80f83ecb ("arm64: Work around Falkor erratum 1009")

As noted in the message for that commit, the workaround is applied even
in cases where it is not strictly necessary.

The workaround was later reused without changes for:

* Arm Cortex-A76 erratum #1286807
SDEN v33: https://developer.arm.com/documentation/SDEN-885749/33-0/

* Arm Cortex-A55 erratum #2441007
SDEN v16: https://developer.arm.com/documentation/SDEN-859338/1600/

* Arm Cortex-A510 erratum #2441009
SDEN v19: https://developer.arm.com/documentation/SDEN-1873351/1900/

The important details to note are as follows:

1. All relevant errata only affect the ordering and/or completion of
memory accesses which have been translated by an invalidated TLB
entry. The actual invalidation of TLB entries is unaffected.

2. The existing workaround is applied to both broadcast and local TLB
invalidation, whereas for all relevant errata it is only necessary to
apply a workaround for broadcast invalidation.

3. The existing workaround replaces every TLBI with a TLBI;DSB;TLBI
sequence, whereas for all relevant errata it is only necessary to
execute a single additional TLBI;DSB sequence after any number of
TLBIs are completed by a DSB.

For example, for a sequence of batched TLBIs:

TLBI <op1>[, <arg1>]
TLBI <op2>[, <arg2>]
TLBI <op3>[, <arg3>]
DSB ISH

... the existing workaround will expand this to:

TLBI <op1>[, <arg1>]
DSB ISH // additional
TLBI <op1>[, <arg1>] // additional
TLBI <op2>[, <arg2>]
DSB ISH // additional
TLBI <op2>[, <arg2>] // additional
TLBI <op3>[, <arg3>]
DSB ISH // additional
TLBI <op3>[, <arg3>] // additional
DSB ISH

... whereas it is sufficient to have:

TLBI <op1>[, <arg1>]
TLBI <op2>[, <arg2>]
TLBI <op3>[, <arg3>]
DSB ISH
TLBI <opX>[, <argX>] // additional
DSB ISH // additional

Using a single additional TBLI and DSB at the end of the sequence can
have significantly lower overhead as each DSB which completes a TLBI
must synchronize with other PEs in the system, with potential
performance effects both locally and system-wide.

4. The existing workaround repeats each specific TLBI operation, whereas
for all relevant errata it is sufficient for the additional TLBI to
use *any* operation which will be broadcast, regardless of which
translation regime or stage of translation the operation applies to.

For example, for a single TLBI:

TLBI ALLE2IS
DSB ISH

... the existing workaround will expand this to:

TLBI ALLE2IS
DSB ISH
TLBI ALLE2IS // additional
DSB ISH // additional

... whereas it is sufficient to have:

TLBI ALLE2IS
DSB ISH
TLBI VALE1IS, XZR // additional
DSB ISH // additional

As the additional TLBI doesn't have to match a specific earlier TLBI,
the additional TLBI can be implemented in separate code, with no
memory of the earlier TLBIs. The additional TLBI can also use a
cheaper TLBI operation.

5. The existing workaround is applied to both Stage-1 and Stage-2 TLB
invalidation, whereas for all relevant errata it is only necessary to
apply a workaround for Stage-1 invalidation.

Architecturally, TLBI operations which invalidate only Stage-2
information (e.g. IPAS2E1IS) are not required to invalidate TLB
entries which combine information from Stage-1 and Stage-2
translation table entries, and consequently may not complete memory
accesses translated by those combined entries. In these cases,
completion of memory accesses is only guaranteed after subsequent
invalidation of Stage-1 information (e.g. VMALLE1IS).

Taking the above points into account, this patch reworks the workaround
logic to reduce overhead:

* New __tlbi_sync_s1ish() and __tlbi_sync_s1ish_hyp() functions are
added and used in place of any dsb(ish) which is used to complete
broadcast Stage-1 TLB maintenance. When the
ARM64_WORKAROUND_REPEAT_TLBI workaround is enabled, these helpers will
execute an additional TLBI;DSB sequence.

For consistency, it might make sense to add __tlbi_sync_*() helpers
for local and stage 2 maintenance. For now I've left those with
open-coded dsb() to keep the diff small.

* The duplication of TLBIs in __TLBI_0() and __TLBI_1() is removed. This
is no longer needed as the necessary synchronization will happen in
__tlbi_sync_s1ish() or __tlbi_sync_s1ish_hyp().

* The additional TLBI operation is chosen to have minimal impact:

- __tlbi_sync_s1ish() uses "TLBI VALE1IS, XZR". This is only used at
EL1 or at EL2 with {E2H,TGE}=={1,1}, where it will target an unused
entry for the reserved ASID in the kernel's own translation regime,
and have no adverse affect.

- __tlbi_sync_s1ish_hyp() uses "TLBI VALE2IS, XZR". This is only used
in hyp code, where it will target an unused entry in the hyp code's
TTBR0 mapping, and should have no adverse effect.

* As __TLBI_0() and __TLBI_1() no longer replace each TLBI with a
TLBI;DSB;TLBI sequence, batching TLBIs is worthwhile, and there's no
need for arch_tlbbatch_should_defer() to consider
ARM64_WORKAROUND_REPEAT_TLBI.

When building defconfig with GCC 15.1.0, compared to v6.19-rc1, this
patch saves ~1KiB of text, makes the vmlinux ~42KiB smaller, and makes
the resulting Image 64KiB smaller:

| [mark@lakrids:~/src/linux]% size vmlinux-*
| text data bss dec hex filename
| 21179831 19660919 708216 41548966 279fca6 vmlinux-after
| 21181075 19660903 708216 41550194 27a0172 vmlinux-before
| [mark@lakrids:~/src/linux]% ls -l vmlinux-*
| -rwxr-xr-x 1 mark mark 157771472 Feb 4 12:05 vmlinux-after
| -rwxr-xr-x 1 mark mark 157815432 Feb 4 12:05 vmlinux-before
| [mark@lakrids:~/src/linux]% ls -l Image-*
| -rw-r--r-- 1 mark mark 41007616 Feb 4 12:05 Image-after
| -rw-r--r-- 1 mark mark 41073152 Feb 4 12:05 Image-before

Signed-off-by: Mark Rutland <mark.rutland@arm.com>
Cc: Catalin Marinas <catalin.marinas@arm.com>
Cc: Marc Zyngier <maz@kernel.org>
Cc: Oliver Upton <oupton@kernel.org>
Cc: Ryan Roberts <ryan.roberts@arm.com>
Cc: Will Deacon <will@kernel.org>
Signed-off-by: Will Deacon <will@kernel.org>

authored by

Mark Rutland and committed by
Will Deacon a8f78680 bfd9c931

+47 -36
+35 -24
arch/arm64/include/asm/tlbflush.h
··· 31 31 */ 32 32 #define __TLBI_0(op, arg) asm (ARM64_ASM_PREAMBLE \ 33 33 "tlbi " #op "\n" \ 34 - ALTERNATIVE("nop\n nop", \ 35 - "dsb ish\n tlbi " #op, \ 36 - ARM64_WORKAROUND_REPEAT_TLBI, \ 37 - CONFIG_ARM64_WORKAROUND_REPEAT_TLBI) \ 38 34 : : ) 39 35 40 36 #define __TLBI_1(op, arg) asm (ARM64_ASM_PREAMBLE \ 41 37 "tlbi " #op ", %x0\n" \ 42 - ALTERNATIVE("nop\n nop", \ 43 - "dsb ish\n tlbi " #op ", %x0", \ 44 - ARM64_WORKAROUND_REPEAT_TLBI, \ 45 - CONFIG_ARM64_WORKAROUND_REPEAT_TLBI) \ 46 38 : : "rZ" (arg)) 47 39 48 40 #define __TLBI_N(op, arg, n, ...) __TLBI_##n(op, arg) ··· 173 181 (__pages >> (5 * (scale) + 1)) - 1; \ 174 182 }) 175 183 184 + #define __repeat_tlbi_sync(op, arg...) \ 185 + do { \ 186 + if (!alternative_has_cap_unlikely(ARM64_WORKAROUND_REPEAT_TLBI)) \ 187 + break; \ 188 + __tlbi(op, ##arg); \ 189 + dsb(ish); \ 190 + } while (0) 191 + 192 + /* 193 + * Complete broadcast TLB maintenance issued by the host which invalidates 194 + * stage 1 information in the host's own translation regime. 195 + */ 196 + static inline void __tlbi_sync_s1ish(void) 197 + { 198 + dsb(ish); 199 + __repeat_tlbi_sync(vale1is, 0); 200 + } 201 + 202 + /* 203 + * Complete broadcast TLB maintenance issued by hyp code which invalidates 204 + * stage 1 translation information in any translation regime. 205 + */ 206 + static inline void __tlbi_sync_s1ish_hyp(void) 207 + { 208 + dsb(ish); 209 + __repeat_tlbi_sync(vale2is, 0); 210 + } 211 + 176 212 /* 177 213 * TLB Invalidation 178 214 * ================ ··· 299 279 { 300 280 dsb(ishst); 301 281 __tlbi(vmalle1is); 302 - dsb(ish); 282 + __tlbi_sync_s1ish(); 303 283 isb(); 304 284 } 305 285 ··· 311 291 asid = __TLBI_VADDR(0, ASID(mm)); 312 292 __tlbi(aside1is, asid); 313 293 __tlbi_user(aside1is, asid); 314 - dsb(ish); 294 + __tlbi_sync_s1ish(); 315 295 mmu_notifier_arch_invalidate_secondary_tlbs(mm, 0, -1UL); 316 296 } 317 297 ··· 365 345 unsigned long uaddr) 366 346 { 367 347 flush_tlb_page_nosync(vma, uaddr); 368 - dsb(ish); 348 + __tlbi_sync_s1ish(); 369 349 } 370 350 371 351 static inline bool arch_tlbbatch_should_defer(struct mm_struct *mm) 372 352 { 373 - /* 374 - * TLB flush deferral is not required on systems which are affected by 375 - * ARM64_WORKAROUND_REPEAT_TLBI, as __tlbi()/__tlbi_user() implementation 376 - * will have two consecutive TLBI instructions with a dsb(ish) in between 377 - * defeating the purpose (i.e save overall 'dsb ish' cost). 378 - */ 379 - if (alternative_has_cap_unlikely(ARM64_WORKAROUND_REPEAT_TLBI)) 380 - return false; 381 - 382 353 return true; 383 354 } 384 355 ··· 385 374 */ 386 375 static inline void arch_tlbbatch_flush(struct arch_tlbflush_unmap_batch *batch) 387 376 { 388 - dsb(ish); 377 + __tlbi_sync_s1ish(); 389 378 } 390 379 391 380 /* ··· 520 509 { 521 510 __flush_tlb_range_nosync(vma->vm_mm, start, end, stride, 522 511 last_level, tlb_level); 523 - dsb(ish); 512 + __tlbi_sync_s1ish(); 524 513 } 525 514 526 515 static inline void local_flush_tlb_contpte(struct vm_area_struct *vma, ··· 568 557 dsb(ishst); 569 558 __flush_tlb_range_op(vaale1is, start, pages, stride, 0, 570 559 TLBI_TTL_UNKNOWN, false, lpa2_is_enabled()); 571 - dsb(ish); 560 + __tlbi_sync_s1ish(); 572 561 isb(); 573 562 } 574 563 ··· 582 571 583 572 dsb(ishst); 584 573 __tlbi(vaae1is, addr); 585 - dsb(ish); 574 + __tlbi_sync_s1ish(); 586 575 isb(); 587 576 } 588 577
+1 -1
arch/arm64/kernel/sys_compat.c
··· 37 37 * We pick the reserved-ASID to minimise the impact. 38 38 */ 39 39 __tlbi(aside1is, __TLBI_VADDR(0, 0)); 40 - dsb(ish); 40 + __tlbi_sync_s1ish(); 41 41 } 42 42 43 43 ret = caches_clean_inval_user_pou(start, start + chunk);
+1 -1
arch/arm64/kvm/hyp/nvhe/mm.c
··· 271 271 */ 272 272 dsb(ishst); 273 273 __tlbi_level(vale2is, __TLBI_VADDR(addr, 0), level); 274 - dsb(ish); 274 + __tlbi_sync_s1ish_hyp(); 275 275 isb(); 276 276 } 277 277
+4 -4
arch/arm64/kvm/hyp/nvhe/tlb.c
··· 169 169 */ 170 170 dsb(ish); 171 171 __tlbi(vmalle1is); 172 - dsb(ish); 172 + __tlbi_sync_s1ish_hyp(); 173 173 isb(); 174 174 175 175 exit_vmid_context(&cxt); ··· 226 226 227 227 dsb(ish); 228 228 __tlbi(vmalle1is); 229 - dsb(ish); 229 + __tlbi_sync_s1ish_hyp(); 230 230 isb(); 231 231 232 232 exit_vmid_context(&cxt); ··· 240 240 enter_vmid_context(mmu, &cxt, false); 241 241 242 242 __tlbi(vmalls12e1is); 243 - dsb(ish); 243 + __tlbi_sync_s1ish_hyp(); 244 244 isb(); 245 245 246 246 exit_vmid_context(&cxt); ··· 266 266 /* Same remark as in enter_vmid_context() */ 267 267 dsb(ish); 268 268 __tlbi(alle1is); 269 - dsb(ish); 269 + __tlbi_sync_s1ish_hyp(); 270 270 }
+1 -1
arch/arm64/kvm/hyp/pgtable.c
··· 501 501 *unmapped += granule; 502 502 } 503 503 504 - dsb(ish); 504 + __tlbi_sync_s1ish_hyp(); 505 505 isb(); 506 506 mm_ops->put_page(ctx->ptep); 507 507
+5 -5
arch/arm64/kvm/hyp/vhe/tlb.c
··· 115 115 */ 116 116 dsb(ish); 117 117 __tlbi(vmalle1is); 118 - dsb(ish); 118 + __tlbi_sync_s1ish_hyp(); 119 119 isb(); 120 120 121 121 exit_vmid_context(&cxt); ··· 176 176 177 177 dsb(ish); 178 178 __tlbi(vmalle1is); 179 - dsb(ish); 179 + __tlbi_sync_s1ish_hyp(); 180 180 isb(); 181 181 182 182 exit_vmid_context(&cxt); ··· 192 192 enter_vmid_context(mmu, &cxt); 193 193 194 194 __tlbi(vmalls12e1is); 195 - dsb(ish); 195 + __tlbi_sync_s1ish_hyp(); 196 196 isb(); 197 197 198 198 exit_vmid_context(&cxt); ··· 217 217 { 218 218 dsb(ishst); 219 219 __tlbi(alle1is); 220 - dsb(ish); 220 + __tlbi_sync_s1ish_hyp(); 221 221 } 222 222 223 223 /* ··· 358 358 default: 359 359 ret = -EINVAL; 360 360 } 361 - dsb(ish); 361 + __tlbi_sync_s1ish_hyp(); 362 362 isb(); 363 363 364 364 if (mmu)