Hi Shameer,
On 1/27/26 11:33 AM, Shameer Kolothum wrote:
> Install an event handler on the vEVENTQ fd to read and propagate host
> generated vIOMMU events to the guest.
>
> The handler runs in QEMU’s main loop, using a non-blocking fd registered
> via qemu_set_fd_handler().
>
> Tested-by: Nicolin Chen <[email protected]>
> Signed-off-by: Shameer Kolothum <[email protected]>
> ---
> hw/arm/smmuv3-accel.c | 60 +++++++++++++++++++++++++++++++++++++++++++
> hw/arm/smmuv3-accel.h | 2 ++
> 2 files changed, 62 insertions(+)
>
> diff --git a/hw/arm/smmuv3-accel.c b/hw/arm/smmuv3-accel.c
> index e8028d4be5..ab57eae575 100644
> --- a/hw/arm/smmuv3-accel.c
> +++ b/hw/arm/smmuv3-accel.c
> @@ -390,6 +390,60 @@ bool smmuv3_accel_issue_inv_cmd(SMMUv3State *bs, void
> *cmd, SMMUDevice *sdev,
> sizeof(Cmd), &entry_num, cmd, errp);
> }
>
> +static void smmuv3_accel_event_read(void *opaque)
> +{
> + SMMUv3State *s = opaque;
> + SMMUv3AccelState *accel = s->s_accel;
> + struct {
> + struct iommufd_vevent_header hdr;
> + struct iommu_vevent_arm_smmuv3 vevent;
> + } buf;
> + ssize_t readsz = sizeof(buf);
> + uint32_t last_seq = accel->last_event_seq;
> + ssize_t bytes;
> +
> + bytes = read(accel->veventq->veventq_fd, &buf, readsz);
in case we receive a header with LOST_EVENTS at the end of tail, no data
is expected. So I am not sure you will be able to handle that case.
> + if (bytes <= 0) {
> + if (errno == EAGAIN || errno == EINTR) {
> + return;
> + }
> + error_report("vEVENTQ: read failed (%m)");
_once?
> + return;
> + }
> +
> + if (bytes < readsz) {
> + error_report("vEVENTQ: incomplete read (%zd/%zd bytes)", bytes,
> readsz);
> + return;
> + }
> +
> + if (buf.hdr.flags & IOMMU_VEVENTQ_FLAG_LOST_EVENTS) {
> + error_report("vEVENTQ has lost events");
> + accel->event_start = false;
> + accel->last_event_seq = 0;
actually I read again the include/uapi/linux/iommufd.h and nothing tells
sequence == 0 after a LOST_EVENTS.
> + return;
> + }
> +
> + /* Check sequence in hdr for lost events if any */
> + if (accel->event_start) {
> + uint32_t expected = (last_seq == INT_MAX) ? 0 : last_seq + 1;
> +
> + if (buf.hdr.sequence != expected) {
But can this happen? Normally you should have a LOST_EVENTS reported by
the kernel, no?
> + uint32_t delta;
> +
> + if (buf.hdr.sequence >= last_seq) {
> + delta = buf.hdr.sequence - last_seq;
> + } else {
> + /* Handle wraparound from INT_MAX */
> + delta = (INT_MAX - last_seq) + buf.hdr.sequence + 1;
> + }
> + error_report_once("vEVENTQ: detected lost %u event(s)", delta -
> 1);
> + }
> + }
> + accel->last_event_seq = buf.hdr.sequence;
> + accel->event_start = true;
> + smmuv3_propagate_event(s, (Evt *)&buf.vevent);
> +}
> +
> static void smmuv3_accel_free_veventq(SMMUv3AccelState *accel)
> {
> IOMMUFDVeventq *veventq = accel->veventq;
> @@ -397,6 +451,8 @@ static void smmuv3_accel_free_veventq(SMMUv3AccelState
> *accel)
> if (!veventq) {
> return;
> }
> + qemu_set_fd_handler(veventq->veventq_fd, NULL, NULL, NULL);
> + close(veventq->veventq_fd);
> iommufd_backend_free_id(accel->viommu->iommufd, veventq->veventq_id);
> g_free(veventq);
> accel->veventq = NULL;
> @@ -439,6 +495,10 @@ bool smmuv3_accel_alloc_veventq(SMMUv3State *s, Error
> **errp)
> veventq->veventq_fd = veventq_fd;
> veventq->viommu = accel->viommu;
> accel->veventq = veventq;
> +
> + /* Set up event handler for veventq fd */
> + fcntl(veventq_fd, F_SETFL, O_NONBLOCK);
Looks this can fail.
Thanks
Eric
> + qemu_set_fd_handler(veventq_fd, smmuv3_accel_event_read, NULL, s);
> return true;
> }
>
> diff --git a/hw/arm/smmuv3-accel.h b/hw/arm/smmuv3-accel.h
> index 92048bb674..ba0f40a565 100644
> --- a/hw/arm/smmuv3-accel.h
> +++ b/hw/arm/smmuv3-accel.h
> @@ -23,6 +23,8 @@
> typedef struct SMMUv3AccelState {
> IOMMUFDViommu *viommu;
> IOMMUFDVeventq *veventq;
> + uint32_t last_event_seq;
> + bool event_start;
> uint32_t bypass_hwpt_id;
> uint32_t abort_hwpt_id;
> QLIST_HEAD(, SMMUv3AccelDevice) device_list;
