cachepc-qemu

Fork of AMDESE/qemu with changes for cachepc side-channel attack
git clone https://git.sinitax.com/sinitax/cachepc-qemu
Log | Files | Refs | Submodules | LICENSE | sfeed.txt

qed-l2-cache.c (6122B)


      1/*
      2 * QEMU Enhanced Disk Format L2 Cache
      3 *
      4 * Copyright IBM, Corp. 2010
      5 *
      6 * Authors:
      7 *  Anthony Liguori   <aliguori@us.ibm.com>
      8 *
      9 * This work is licensed under the terms of the GNU LGPL, version 2 or later.
     10 * See the COPYING.LIB file in the top-level directory.
     11 *
     12 */
     13
     14/*
     15 * L2 table cache usage is as follows:
     16 *
     17 * An open image has one L2 table cache that is used to avoid accessing the
     18 * image file for recently referenced L2 tables.
     19 *
     20 * Cluster offset lookup translates the logical offset within the block device
     21 * to a cluster offset within the image file.  This is done by indexing into
     22 * the L1 and L2 tables which store cluster offsets.  It is here where the L2
     23 * table cache serves up recently referenced L2 tables.
     24 *
     25 * If there is a cache miss, that L2 table is read from the image file and
     26 * committed to the cache.  Subsequent accesses to that L2 table will be served
     27 * from the cache until the table is evicted from the cache.
     28 *
     29 * L2 tables are also committed to the cache when new L2 tables are allocated
     30 * in the image file.  Since the L2 table cache is write-through, the new L2
     31 * table is first written out to the image file and then committed to the
     32 * cache.
     33 *
     34 * Multiple I/O requests may be using an L2 table cache entry at any given
     35 * time.  That means an entry may be in use across several requests and
     36 * reference counting is needed to free the entry at the correct time.  In
     37 * particular, an entry evicted from the cache will only be freed once all
     38 * references are dropped.
     39 *
     40 * An in-flight I/O request will hold a reference to a L2 table cache entry for
     41 * the period during which it needs to access the L2 table.  This includes
     42 * cluster offset lookup, L2 table allocation, and L2 table update when a new
     43 * data cluster has been allocated.
     44 *
     45 * An interesting case occurs when two requests need to access an L2 table that
     46 * is not in the cache.  Since the operation to read the table from the image
     47 * file takes some time to complete, both requests may see a cache miss and
     48 * start reading the L2 table from the image file.  The first to finish will
     49 * commit its L2 table into the cache.  When the second tries to commit its
     50 * table will be deleted in favor of the existing cache entry.
     51 */
     52
     53#include "qemu/osdep.h"
     54#include "trace.h"
     55#include "qed.h"
     56
     57/* Each L2 holds 2GB so this let's us fully cache a 100GB disk */
     58#define MAX_L2_CACHE_SIZE 50
     59
     60/**
     61 * Initialize the L2 cache
     62 */
     63void qed_init_l2_cache(L2TableCache *l2_cache)
     64{
     65    QTAILQ_INIT(&l2_cache->entries);
     66    l2_cache->n_entries = 0;
     67}
     68
     69/**
     70 * Free the L2 cache
     71 */
     72void qed_free_l2_cache(L2TableCache *l2_cache)
     73{
     74    CachedL2Table *entry, *next_entry;
     75
     76    QTAILQ_FOREACH_SAFE(entry, &l2_cache->entries, node, next_entry) {
     77        qemu_vfree(entry->table);
     78        g_free(entry);
     79    }
     80}
     81
     82/**
     83 * Allocate an uninitialized entry from the cache
     84 *
     85 * The returned entry has a reference count of 1 and is owned by the caller.
     86 * The caller must allocate the actual table field for this entry and it must
     87 * be freeable using qemu_vfree().
     88 */
     89CachedL2Table *qed_alloc_l2_cache_entry(L2TableCache *l2_cache)
     90{
     91    CachedL2Table *entry;
     92
     93    entry = g_malloc0(sizeof(*entry));
     94    entry->ref++;
     95
     96    trace_qed_alloc_l2_cache_entry(l2_cache, entry);
     97
     98    return entry;
     99}
    100
    101/**
    102 * Decrease an entry's reference count and free if necessary when the reference
    103 * count drops to zero.
    104 *
    105 * Called with table_lock held.
    106 */
    107void qed_unref_l2_cache_entry(CachedL2Table *entry)
    108{
    109    if (!entry) {
    110        return;
    111    }
    112
    113    entry->ref--;
    114    trace_qed_unref_l2_cache_entry(entry, entry->ref);
    115    if (entry->ref == 0) {
    116        qemu_vfree(entry->table);
    117        g_free(entry);
    118    }
    119}
    120
    121/**
    122 * Find an entry in the L2 cache.  This may return NULL and it's up to the
    123 * caller to satisfy the cache miss.
    124 *
    125 * For a cached entry, this function increases the reference count and returns
    126 * the entry.
    127 *
    128 * Called with table_lock held.
    129 */
    130CachedL2Table *qed_find_l2_cache_entry(L2TableCache *l2_cache, uint64_t offset)
    131{
    132    CachedL2Table *entry;
    133
    134    QTAILQ_FOREACH(entry, &l2_cache->entries, node) {
    135        if (entry->offset == offset) {
    136            trace_qed_find_l2_cache_entry(l2_cache, entry, offset, entry->ref);
    137            entry->ref++;
    138            return entry;
    139        }
    140    }
    141    return NULL;
    142}
    143
    144/**
    145 * Commit an L2 cache entry into the cache.  This is meant to be used as part of
    146 * the process to satisfy a cache miss.  A caller would allocate an entry which
    147 * is not actually in the L2 cache and then once the entry was valid and
    148 * present on disk, the entry can be committed into the cache.
    149 *
    150 * Since the cache is write-through, it's important that this function is not
    151 * called until the entry is present on disk and the L1 has been updated to
    152 * point to the entry.
    153 *
    154 * N.B. This function steals a reference to the l2_table from the caller so the
    155 * caller must obtain a new reference by issuing a call to
    156 * qed_find_l2_cache_entry().
    157 *
    158 * Called with table_lock held.
    159 */
    160void qed_commit_l2_cache_entry(L2TableCache *l2_cache, CachedL2Table *l2_table)
    161{
    162    CachedL2Table *entry;
    163
    164    entry = qed_find_l2_cache_entry(l2_cache, l2_table->offset);
    165    if (entry) {
    166        qed_unref_l2_cache_entry(entry);
    167        qed_unref_l2_cache_entry(l2_table);
    168        return;
    169    }
    170
    171    /* Evict an unused cache entry so we have space.  If all entries are in use
    172     * we can grow the cache temporarily and we try to shrink back down later.
    173     */
    174    if (l2_cache->n_entries >= MAX_L2_CACHE_SIZE) {
    175        CachedL2Table *next;
    176        QTAILQ_FOREACH_SAFE(entry, &l2_cache->entries, node, next) {
    177            if (entry->ref > 1) {
    178                continue;
    179            }
    180
    181            QTAILQ_REMOVE(&l2_cache->entries, entry, node);
    182            l2_cache->n_entries--;
    183            qed_unref_l2_cache_entry(entry);
    184
    185            /* Stop evicting when we've shrunk back to max size */
    186            if (l2_cache->n_entries < MAX_L2_CACHE_SIZE) {
    187                break;
    188            }
    189        }
    190    }
    191
    192    l2_cache->n_entries++;
    193    QTAILQ_INSERT_TAIL(&l2_cache->entries, l2_table, node);
    194}