projects / deliverable / linux.git / blob
? search:


cd8cbeb5fa34f4ed685d9247995846e4c2d0fd32
[deliverable/linux.git] / arch / x86 / kernel / amd_iommu.c
1 /*
2 * Copyright (C) 2007-2010 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
4 * Leo Duran <leo.duran@amd.com>
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published
8 * by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19
20 #include <linux/pci.h>
21 #include <linux/pci-ats.h>
22 #include <linux/bitmap.h>
23 #include <linux/slab.h>
24 #include <linux/debugfs.h>
25 #include <linux/scatterlist.h>
26 #include <linux/dma-mapping.h>
27 #include <linux/iommu-helper.h>
28 #include <linux/iommu.h>
29 #include <linux/delay.h>
30 #include <asm/proto.h>
31 #include <asm/iommu.h>
32 #include <asm/gart.h>
33 #include <asm/amd_iommu_proto.h>
34 #include <asm/amd_iommu_types.h>
35 #include <asm/amd_iommu.h>
36
37 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
38
39 #define LOOP_TIMEOUT 100000
40
41 static DEFINE_RWLOCK(amd_iommu_devtable_lock);
42
43 /* A list of preallocated protection domains */
44 static LIST_HEAD(iommu_pd_list);
45 static DEFINE_SPINLOCK(iommu_pd_list_lock);
46
47 /*
48 * Domain for untranslated devices - only allocated
49 * if iommu=pt passed on kernel cmd line.
50 */
51 static struct protection_domain *pt_domain;
52
53 static struct iommu_ops amd_iommu_ops;
54
55 /*
56 * general struct to manage commands send to an IOMMU
57 */
58 struct iommu_cmd {
59 u32 data[4];
60 };
61
62 static void update_domain(struct protection_domain *domain);
63
64 /****************************************************************************
65 *
66 * Helper functions
67 *
68 ****************************************************************************/
69
70 static inline u16 get_device_id(struct device *dev)
71 {
72 struct pci_dev *pdev = to_pci_dev(dev);
73
74 return calc_devid(pdev->bus->number, pdev->devfn);
75 }
76
77 static struct iommu_dev_data *get_dev_data(struct device *dev)
78 {
79 return dev->archdata.iommu;
80 }
81
82 /*
83 * In this function the list of preallocated protection domains is traversed to
84 * find the domain for a specific device
85 */
86 static struct dma_ops_domain *find_protection_domain(u16 devid)
87 {
88 struct dma_ops_domain *entry, *ret = NULL;
89 unsigned long flags;
90 u16 alias = amd_iommu_alias_table[devid];
91
92 if (list_empty(&iommu_pd_list))
93 return NULL;
94
95 spin_lock_irqsave(&iommu_pd_list_lock, flags);
96
97 list_for_each_entry(entry, &iommu_pd_list, list) {
98 if (entry->target_dev == devid ||
99 entry->target_dev == alias) {
100 ret = entry;
101 break;
102 }
103 }
104
105 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
106
107 return ret;
108 }
109
110 /*
111 * This function checks if the driver got a valid device from the caller to
112 * avoid dereferencing invalid pointers.
113 */
114 static bool check_device(struct device *dev)
115 {
116 u16 devid;
117
118 if (!dev || !dev->dma_mask)
119 return false;
120
121 /* No device or no PCI device */
122 if (dev->bus != &pci_bus_type)
123 return false;
124
125 devid = get_device_id(dev);
126
127 /* Out of our scope? */
128 if (devid > amd_iommu_last_bdf)
129 return false;
130
131 if (amd_iommu_rlookup_table[devid] == NULL)
132 return false;
133
134 return true;
135 }
136
137 static int iommu_init_device(struct device *dev)
138 {
139 struct iommu_dev_data *dev_data;
140 struct pci_dev *pdev;
141 u16 devid, alias;
142
143 if (dev->archdata.iommu)
144 return 0;
145
146 dev_data = kzalloc(sizeof(*dev_data), GFP_KERNEL);
147 if (!dev_data)
148 return -ENOMEM;
149
150 dev_data->dev = dev;
151
152 devid = get_device_id(dev);
153 alias = amd_iommu_alias_table[devid];
154 pdev = pci_get_bus_and_slot(PCI_BUS(alias), alias & 0xff);
155 if (pdev)
156 dev_data->alias = &pdev->dev;
157
158 atomic_set(&dev_data->bind, 0);
159
160 dev->archdata.iommu = dev_data;
161
162
163 return 0;
164 }
165
166 static void iommu_uninit_device(struct device *dev)
167 {
168 kfree(dev->archdata.iommu);
169 }
170
171 void __init amd_iommu_uninit_devices(void)
172 {
173 struct pci_dev *pdev = NULL;
174
175 for_each_pci_dev(pdev) {
176
177 if (!check_device(&pdev->dev))
178 continue;
179
180 iommu_uninit_device(&pdev->dev);
181 }
182 }
183
184 int __init amd_iommu_init_devices(void)
185 {
186 struct pci_dev *pdev = NULL;
187 int ret = 0;
188
189 for_each_pci_dev(pdev) {
190
191 if (!check_device(&pdev->dev))
192 continue;
193
194 ret = iommu_init_device(&pdev->dev);
195 if (ret)
196 goto out_free;
197 }
198
199 return 0;
200
201 out_free:
202
203 amd_iommu_uninit_devices();
204
205 return ret;
206 }
207 #ifdef CONFIG_AMD_IOMMU_STATS
208
209 /*
210 * Initialization code for statistics collection
211 */
212
213 DECLARE_STATS_COUNTER(compl_wait);
214 DECLARE_STATS_COUNTER(cnt_map_single);
215 DECLARE_STATS_COUNTER(cnt_unmap_single);
216 DECLARE_STATS_COUNTER(cnt_map_sg);
217 DECLARE_STATS_COUNTER(cnt_unmap_sg);
218 DECLARE_STATS_COUNTER(cnt_alloc_coherent);
219 DECLARE_STATS_COUNTER(cnt_free_coherent);
220 DECLARE_STATS_COUNTER(cross_page);
221 DECLARE_STATS_COUNTER(domain_flush_single);
222 DECLARE_STATS_COUNTER(domain_flush_all);
223 DECLARE_STATS_COUNTER(alloced_io_mem);
224 DECLARE_STATS_COUNTER(total_map_requests);
225
226 static struct dentry *stats_dir;
227 static struct dentry *de_fflush;
228
229 static void amd_iommu_stats_add(struct __iommu_counter *cnt)
230 {
231 if (stats_dir == NULL)
232 return;
233
234 cnt->dent = debugfs_create_u64(cnt->name, 0444, stats_dir,
235 &cnt->value);
236 }
237
238 static void amd_iommu_stats_init(void)
239 {
240 stats_dir = debugfs_create_dir("amd-iommu", NULL);
241 if (stats_dir == NULL)
242 return;
243
244 de_fflush = debugfs_create_bool("fullflush", 0444, stats_dir,
245 (u32 *)&amd_iommu_unmap_flush);
246
247 amd_iommu_stats_add(&compl_wait);
248 amd_iommu_stats_add(&cnt_map_single);
249 amd_iommu_stats_add(&cnt_unmap_single);
250 amd_iommu_stats_add(&cnt_map_sg);
251 amd_iommu_stats_add(&cnt_unmap_sg);
252 amd_iommu_stats_add(&cnt_alloc_coherent);
253 amd_iommu_stats_add(&cnt_free_coherent);
254 amd_iommu_stats_add(&cross_page);
255 amd_iommu_stats_add(&domain_flush_single);
256 amd_iommu_stats_add(&domain_flush_all);
257 amd_iommu_stats_add(&alloced_io_mem);
258 amd_iommu_stats_add(&total_map_requests);
259 }
260
261 #endif
262
263 /****************************************************************************
264 *
265 * Interrupt handling functions
266 *
267 ****************************************************************************/
268
269 static void dump_dte_entry(u16 devid)
270 {
271 int i;
272
273 for (i = 0; i < 8; ++i)
274 pr_err("AMD-Vi: DTE[%d]: %08x\n", i,
275 amd_iommu_dev_table[devid].data[i]);
276 }
277
278 static void dump_command(unsigned long phys_addr)
279 {
280 struct iommu_cmd *cmd = phys_to_virt(phys_addr);
281 int i;
282
283 for (i = 0; i < 4; ++i)
284 pr_err("AMD-Vi: CMD[%d]: %08x\n", i, cmd->data[i]);
285 }
286
287 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
288 {
289 u32 *event = __evt;
290 int type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
291 int devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
292 int domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
293 int flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
294 u64 address = (u64)(((u64)event[3]) << 32) | event[2];
295
296 printk(KERN_ERR "AMD-Vi: Event logged [");
297
298 switch (type) {
299 case EVENT_TYPE_ILL_DEV:
300 printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
301 "address=0x%016llx flags=0x%04x]\n",
302 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
303 address, flags);
304 dump_dte_entry(devid);
305 break;
306 case EVENT_TYPE_IO_FAULT:
307 printk("IO_PAGE_FAULT device=%02x:%02x.%x "
308 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
309 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
310 domid, address, flags);
311 break;
312 case EVENT_TYPE_DEV_TAB_ERR:
313 printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
314 "address=0x%016llx flags=0x%04x]\n",
315 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
316 address, flags);
317 break;
318 case EVENT_TYPE_PAGE_TAB_ERR:
319 printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
320 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
321 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
322 domid, address, flags);
323 break;
324 case EVENT_TYPE_ILL_CMD:
325 printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
326 dump_command(address);
327 break;
328 case EVENT_TYPE_CMD_HARD_ERR:
329 printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
330 "flags=0x%04x]\n", address, flags);
331 break;
332 case EVENT_TYPE_IOTLB_INV_TO:
333 printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
334 "address=0x%016llx]\n",
335 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
336 address);
337 break;
338 case EVENT_TYPE_INV_DEV_REQ:
339 printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
340 "address=0x%016llx flags=0x%04x]\n",
341 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
342 address, flags);
343 break;
344 default:
345 printk(KERN_ERR "UNKNOWN type=0x%02x]\n", type);
346 }
347 }
348
349 static void iommu_poll_events(struct amd_iommu *iommu)
350 {
351 u32 head, tail;
352 unsigned long flags;
353
354 spin_lock_irqsave(&iommu->lock, flags);
355
356 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
357 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
358
359 while (head != tail) {
360 iommu_print_event(iommu, iommu->evt_buf + head);
361 head = (head + EVENT_ENTRY_SIZE) % iommu->evt_buf_size;
362 }
363
364 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
365
366 spin_unlock_irqrestore(&iommu->lock, flags);
367 }
368
369 irqreturn_t amd_iommu_int_thread(int irq, void *data)
370 {
371 struct amd_iommu *iommu;
372
373 for_each_iommu(iommu)
374 iommu_poll_events(iommu);
375
376 return IRQ_HANDLED;
377 }
378
379 irqreturn_t amd_iommu_int_handler(int irq, void *data)
380 {
381 return IRQ_WAKE_THREAD;
382 }
383
384 /****************************************************************************
385 *
386 * IOMMU command queuing functions
387 *
388 ****************************************************************************/
389
390 static int wait_on_sem(volatile u64 *sem)
391 {
392 int i = 0;
393
394 while (*sem == 0 && i < LOOP_TIMEOUT) {
395 udelay(1);
396 i += 1;
397 }
398
399 if (i == LOOP_TIMEOUT) {
400 pr_alert("AMD-Vi: Completion-Wait loop timed out\n");
401 return -EIO;
402 }
403
404 return 0;
405 }
406
407 static void copy_cmd_to_buffer(struct amd_iommu *iommu,
408 struct iommu_cmd *cmd,
409 u32 tail)
410 {
411 u8 *target;
412
413 target = iommu->cmd_buf + tail;
414 tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
415
416 /* Copy command to buffer */
417 memcpy(target, cmd, sizeof(*cmd));
418
419 /* Tell the IOMMU about it */
420 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
421 }
422
423 static void build_completion_wait(struct iommu_cmd *cmd, u64 address)
424 {
425 WARN_ON(address & 0x7ULL);
426
427 memset(cmd, 0, sizeof(*cmd));
428 cmd->data[0] = lower_32_bits(__pa(address)) | CMD_COMPL_WAIT_STORE_MASK;
429 cmd->data[1] = upper_32_bits(__pa(address));
430 cmd->data[2] = 1;
431 CMD_SET_TYPE(cmd, CMD_COMPL_WAIT);
432 }
433
434 static void build_inv_dte(struct iommu_cmd *cmd, u16 devid)
435 {
436 memset(cmd, 0, sizeof(*cmd));
437 cmd->data[0] = devid;
438 CMD_SET_TYPE(cmd, CMD_INV_DEV_ENTRY);
439 }
440
441 static void build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
442 size_t size, u16 domid, int pde)
443 {
444 u64 pages;
445 int s;
446
447 pages = iommu_num_pages(address, size, PAGE_SIZE);
448 s = 0;
449
450 if (pages > 1) {
451 /*
452 * If we have to flush more than one page, flush all
453 * TLB entries for this domain
454 */
455 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
456 s = 1;
457 }
458
459 address &= PAGE_MASK;
460
461 memset(cmd, 0, sizeof(*cmd));
462 cmd->data[1] |= domid;
463 cmd->data[2] = lower_32_bits(address);
464 cmd->data[3] = upper_32_bits(address);
465 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
466 if (s) /* size bit - we flush more than one 4kb page */
467 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
468 if (pde) /* PDE bit - we wan't flush everything not only the PTEs */
469 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
470 }
471
472 static void build_inv_iotlb_pages(struct iommu_cmd *cmd, u16 devid, int qdep,
473 u64 address, size_t size)
474 {
475 u64 pages;
476 int s;
477
478 pages = iommu_num_pages(address, size, PAGE_SIZE);
479 s = 0;
480
481 if (pages > 1) {
482 /*
483 * If we have to flush more than one page, flush all
484 * TLB entries for this domain
485 */
486 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
487 s = 1;
488 }
489
490 address &= PAGE_MASK;
491
492 memset(cmd, 0, sizeof(*cmd));
493 cmd->data[0] = devid;
494 cmd->data[0] |= (qdep & 0xff) << 24;
495 cmd->data[1] = devid;
496 cmd->data[2] = lower_32_bits(address);
497 cmd->data[3] = upper_32_bits(address);
498 CMD_SET_TYPE(cmd, CMD_INV_IOTLB_PAGES);
499 if (s)
500 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
501 }
502
503 static void build_inv_all(struct iommu_cmd *cmd)
504 {
505 memset(cmd, 0, sizeof(*cmd));
506 CMD_SET_TYPE(cmd, CMD_INV_ALL);
507 }
508
509 /*
510 * Writes the command to the IOMMUs command buffer and informs the
511 * hardware about the new command.
512 */
513 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
514 {
515 u32 left, tail, head, next_tail;
516 unsigned long flags;
517
518 WARN_ON(iommu->cmd_buf_size & CMD_BUFFER_UNINITIALIZED);
519
520 again:
521 spin_lock_irqsave(&iommu->lock, flags);
522
523 head = readl(iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
524 tail = readl(iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
525 next_tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
526 left = (head - next_tail) % iommu->cmd_buf_size;
527
528 if (left <= 2) {
529 struct iommu_cmd sync_cmd;
530 volatile u64 sem = 0;
531 int ret;
532
533 build_completion_wait(&sync_cmd, (u64)&sem);
534 copy_cmd_to_buffer(iommu, &sync_cmd, tail);
535
536 spin_unlock_irqrestore(&iommu->lock, flags);
537
538 if ((ret = wait_on_sem(&sem)) != 0)
539 return ret;
540
541 goto again;
542 }
543
544 copy_cmd_to_buffer(iommu, cmd, tail);
545
546 /* We need to sync now to make sure all commands are processed */
547 iommu->need_sync = true;
548
549 spin_unlock_irqrestore(&iommu->lock, flags);
550
551 return 0;
552 }
553
554 /*
555 * This function queues a completion wait command into the command
556 * buffer of an IOMMU
557 */
558 static int iommu_completion_wait(struct amd_iommu *iommu)
559 {
560 struct iommu_cmd cmd;
561 volatile u64 sem = 0;
562 int ret;
563
564 if (!iommu->need_sync)
565 return 0;
566
567 build_completion_wait(&cmd, (u64)&sem);
568
569 ret = iommu_queue_command(iommu, &cmd);
570 if (ret)
571 return ret;
572
573 return wait_on_sem(&sem);
574 }
575
576 static int iommu_flush_dte(struct amd_iommu *iommu, u16 devid)
577 {
578 struct iommu_cmd cmd;
579
580 build_inv_dte(&cmd, devid);
581
582 return iommu_queue_command(iommu, &cmd);
583 }
584
585 static void iommu_flush_dte_all(struct amd_iommu *iommu)
586 {
587 u32 devid;
588
589 for (devid = 0; devid <= 0xffff; ++devid)
590 iommu_flush_dte(iommu, devid);
591
592 iommu_completion_wait(iommu);
593 }
594
595 /*
596 * This function uses heavy locking and may disable irqs for some time. But
597 * this is no issue because it is only called during resume.
598 */
599 static void iommu_flush_tlb_all(struct amd_iommu *iommu)
600 {
601 u32 dom_id;
602
603 for (dom_id = 0; dom_id <= 0xffff; ++dom_id) {
604 struct iommu_cmd cmd;
605 build_inv_iommu_pages(&cmd, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
606 dom_id, 1);
607 iommu_queue_command(iommu, &cmd);
608 }
609
610 iommu_completion_wait(iommu);
611 }
612
613 static void iommu_flush_all(struct amd_iommu *iommu)
614 {
615 struct iommu_cmd cmd;
616
617 build_inv_all(&cmd);
618
619 iommu_queue_command(iommu, &cmd);
620 iommu_completion_wait(iommu);
621 }
622
623 void iommu_flush_all_caches(struct amd_iommu *iommu)
624 {
625 if (iommu_feature(iommu, FEATURE_IA)) {
626 iommu_flush_all(iommu);
627 } else {
628 iommu_flush_dte_all(iommu);
629 iommu_flush_tlb_all(iommu);
630 }
631 }
632
633 /*
634 * Command send function for flushing on-device TLB
635 */
636 static int device_flush_iotlb(struct device *dev, u64 address, size_t size)
637 {
638 struct pci_dev *pdev = to_pci_dev(dev);
639 struct amd_iommu *iommu;
640 struct iommu_cmd cmd;
641 u16 devid;
642 int qdep;
643
644 qdep = pci_ats_queue_depth(pdev);
645 devid = get_device_id(dev);
646 iommu = amd_iommu_rlookup_table[devid];
647
648 build_inv_iotlb_pages(&cmd, devid, qdep, address, size);
649
650 return iommu_queue_command(iommu, &cmd);
651 }
652
653 /*
654 * Command send function for invalidating a device table entry
655 */
656 static int device_flush_dte(struct device *dev)
657 {
658 struct amd_iommu *iommu;
659 struct pci_dev *pdev;
660 u16 devid;
661 int ret;
662
663 pdev = to_pci_dev(dev);
664 devid = get_device_id(dev);
665 iommu = amd_iommu_rlookup_table[devid];
666
667 ret = iommu_flush_dte(iommu, devid);
668 if (ret)
669 return ret;
670
671 if (pci_ats_enabled(pdev))
672 ret = device_flush_iotlb(dev, 0, ~0UL);
673
674 return ret;
675 }
676
677 /*
678 * TLB invalidation function which is called from the mapping functions.
679 * It invalidates a single PTE if the range to flush is within a single
680 * page. Otherwise it flushes the whole TLB of the IOMMU.
681 */
682 static void __domain_flush_pages(struct protection_domain *domain,
683 u64 address, size_t size, int pde)
684 {
685 struct iommu_dev_data *dev_data;
686 struct iommu_cmd cmd;
687 int ret = 0, i;
688
689 build_inv_iommu_pages(&cmd, address, size, domain->id, pde);
690
691 for (i = 0; i < amd_iommus_present; ++i) {
692 if (!domain->dev_iommu[i])
693 continue;
694
695 /*
696 * Devices of this domain are behind this IOMMU
697 * We need a TLB flush
698 */
699 ret |= iommu_queue_command(amd_iommus[i], &cmd);
700 }
701
702 list_for_each_entry(dev_data, &domain->dev_list, list) {
703 struct pci_dev *pdev = to_pci_dev(dev_data->dev);
704
705 if (!pci_ats_enabled(pdev))
706 continue;
707
708 ret |= device_flush_iotlb(dev_data->dev, address, size);
709 }
710
711 WARN_ON(ret);
712 }
713
714 static void domain_flush_pages(struct protection_domain *domain,
715 u64 address, size_t size)
716 {
717 __domain_flush_pages(domain, address, size, 0);
718 }
719
720 /* Flush the whole IO/TLB for a given protection domain */
721 static void domain_flush_tlb(struct protection_domain *domain)
722 {
723 __domain_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 0);
724 }
725
726 /* Flush the whole IO/TLB for a given protection domain - including PDE */
727 static void domain_flush_tlb_pde(struct protection_domain *domain)
728 {
729 __domain_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 1);
730 }
731
732 static void domain_flush_complete(struct protection_domain *domain)
733 {
734 int i;
735
736 for (i = 0; i < amd_iommus_present; ++i) {
737 if (!domain->dev_iommu[i])
738 continue;
739
740 /*
741 * Devices of this domain are behind this IOMMU
742 * We need to wait for completion of all commands.
743 */
744 iommu_completion_wait(amd_iommus[i]);
745 }
746 }
747
748
749 /*
750 * This function flushes the DTEs for all devices in domain
751 */
752 static void domain_flush_devices(struct protection_domain *domain)
753 {
754 struct iommu_dev_data *dev_data;
755 unsigned long flags;
756
757 spin_lock_irqsave(&domain->lock, flags);
758
759 list_for_each_entry(dev_data, &domain->dev_list, list)
760 device_flush_dte(dev_data->dev);
761
762 spin_unlock_irqrestore(&domain->lock, flags);
763 }
764
765 /****************************************************************************
766 *
767 * The functions below are used the create the page table mappings for
768 * unity mapped regions.
769 *
770 ****************************************************************************/
771
772 /*
773 * This function is used to add another level to an IO page table. Adding
774 * another level increases the size of the address space by 9 bits to a size up
775 * to 64 bits.
776 */
777 static bool increase_address_space(struct protection_domain *domain,
778 gfp_t gfp)
779 {
780 u64 *pte;
781
782 if (domain->mode == PAGE_MODE_6_LEVEL)
783 /* address space already 64 bit large */
784 return false;
785
786 pte = (void *)get_zeroed_page(gfp);
787 if (!pte)
788 return false;
789
790 *pte = PM_LEVEL_PDE(domain->mode,
791 virt_to_phys(domain->pt_root));
792 domain->pt_root = pte;
793 domain->mode += 1;
794 domain->updated = true;
795
796 return true;
797 }
798
799 static u64 *alloc_pte(struct protection_domain *domain,
800 unsigned long address,
801 unsigned long page_size,
802 u64 **pte_page,
803 gfp_t gfp)
804 {
805 int level, end_lvl;
806 u64 *pte, *page;
807
808 BUG_ON(!is_power_of_2(page_size));
809
810 while (address > PM_LEVEL_SIZE(domain->mode))
811 increase_address_space(domain, gfp);
812
813 level = domain->mode - 1;
814 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
815 address = PAGE_SIZE_ALIGN(address, page_size);
816 end_lvl = PAGE_SIZE_LEVEL(page_size);
817
818 while (level > end_lvl) {
819 if (!IOMMU_PTE_PRESENT(*pte)) {
820 page = (u64 *)get_zeroed_page(gfp);
821 if (!page)
822 return NULL;
823 *pte = PM_LEVEL_PDE(level, virt_to_phys(page));
824 }
825
826 /* No level skipping support yet */
827 if (PM_PTE_LEVEL(*pte) != level)
828 return NULL;
829
830 level -= 1;
831
832 pte = IOMMU_PTE_PAGE(*pte);
833
834 if (pte_page && level == end_lvl)
835 *pte_page = pte;
836
837 pte = &pte[PM_LEVEL_INDEX(level, address)];
838 }
839
840 return pte;
841 }
842
843 /*
844 * This function checks if there is a PTE for a given dma address. If
845 * there is one, it returns the pointer to it.
846 */
847 static u64 *fetch_pte(struct protection_domain *domain, unsigned long address)
848 {
849 int level;
850 u64 *pte;
851
852 if (address > PM_LEVEL_SIZE(domain->mode))
853 return NULL;
854
855 level = domain->mode - 1;
856 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
857
858 while (level > 0) {
859
860 /* Not Present */
861 if (!IOMMU_PTE_PRESENT(*pte))
862 return NULL;
863
864 /* Large PTE */
865 if (PM_PTE_LEVEL(*pte) == 0x07) {
866 unsigned long pte_mask, __pte;
867
868 /*
869 * If we have a series of large PTEs, make
870 * sure to return a pointer to the first one.
871 */
872 pte_mask = PTE_PAGE_SIZE(*pte);
873 pte_mask = ~((PAGE_SIZE_PTE_COUNT(pte_mask) << 3) - 1);
874 __pte = ((unsigned long)pte) & pte_mask;
875
876 return (u64 *)__pte;
877 }
878
879 /* No level skipping support yet */
880 if (PM_PTE_LEVEL(*pte) != level)
881 return NULL;
882
883 level -= 1;
884
885 /* Walk to the next level */
886 pte = IOMMU_PTE_PAGE(*pte);
887 pte = &pte[PM_LEVEL_INDEX(level, address)];
888 }
889
890 return pte;
891 }
892
893 /*
894 * Generic mapping functions. It maps a physical address into a DMA
895 * address space. It allocates the page table pages if necessary.
896 * In the future it can be extended to a generic mapping function
897 * supporting all features of AMD IOMMU page tables like level skipping
898 * and full 64 bit address spaces.
899 */
900 static int iommu_map_page(struct protection_domain *dom,
901 unsigned long bus_addr,
902 unsigned long phys_addr,
903 int prot,
904 unsigned long page_size)
905 {
906 u64 __pte, *pte;
907 int i, count;
908
909 if (!(prot & IOMMU_PROT_MASK))
910 return -EINVAL;
911
912 bus_addr = PAGE_ALIGN(bus_addr);
913 phys_addr = PAGE_ALIGN(phys_addr);
914 count = PAGE_SIZE_PTE_COUNT(page_size);
915 pte = alloc_pte(dom, bus_addr, page_size, NULL, GFP_KERNEL);
916
917 for (i = 0; i < count; ++i)
918 if (IOMMU_PTE_PRESENT(pte[i]))
919 return -EBUSY;
920
921 if (page_size > PAGE_SIZE) {
922 __pte = PAGE_SIZE_PTE(phys_addr, page_size);
923 __pte |= PM_LEVEL_ENC(7) | IOMMU_PTE_P | IOMMU_PTE_FC;
924 } else
925 __pte = phys_addr | IOMMU_PTE_P | IOMMU_PTE_FC;
926
927 if (prot & IOMMU_PROT_IR)
928 __pte |= IOMMU_PTE_IR;
929 if (prot & IOMMU_PROT_IW)
930 __pte |= IOMMU_PTE_IW;
931
932 for (i = 0; i < count; ++i)
933 pte[i] = __pte;
934
935 update_domain(dom);
936
937 return 0;
938 }
939
940 static unsigned long iommu_unmap_page(struct protection_domain *dom,
941 unsigned long bus_addr,
942 unsigned long page_size)
943 {
944 unsigned long long unmap_size, unmapped;
945 u64 *pte;
946
947 BUG_ON(!is_power_of_2(page_size));
948
949 unmapped = 0;
950
951 while (unmapped < page_size) {
952
953 pte = fetch_pte(dom, bus_addr);
954
955 if (!pte) {
956 /*
957 * No PTE for this address
958 * move forward in 4kb steps
959 */
960 unmap_size = PAGE_SIZE;
961 } else if (PM_PTE_LEVEL(*pte) == 0) {
962 /* 4kb PTE found for this address */
963 unmap_size = PAGE_SIZE;
964 *pte = 0ULL;
965 } else {
966 int count, i;
967
968 /* Large PTE found which maps this address */
969 unmap_size = PTE_PAGE_SIZE(*pte);
970 count = PAGE_SIZE_PTE_COUNT(unmap_size);
971 for (i = 0; i < count; i++)
972 pte[i] = 0ULL;
973 }
974
975 bus_addr = (bus_addr & ~(unmap_size - 1)) + unmap_size;
976 unmapped += unmap_size;
977 }
978
979 BUG_ON(!is_power_of_2(unmapped));
980
981 return unmapped;
982 }
983
984 /*
985 * This function checks if a specific unity mapping entry is needed for
986 * this specific IOMMU.
987 */
988 static int iommu_for_unity_map(struct amd_iommu *iommu,
989 struct unity_map_entry *entry)
990 {
991 u16 bdf, i;
992
993 for (i = entry->devid_start; i <= entry->devid_end; ++i) {
994 bdf = amd_iommu_alias_table[i];
995 if (amd_iommu_rlookup_table[bdf] == iommu)
996 return 1;
997 }
998
999 return 0;
1000 }
1001
1002 /*
1003 * This function actually applies the mapping to the page table of the
1004 * dma_ops domain.
1005 */
1006 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
1007 struct unity_map_entry *e)
1008 {
1009 u64 addr;
1010 int ret;
1011
1012 for (addr = e->address_start; addr < e->address_end;
1013 addr += PAGE_SIZE) {
1014 ret = iommu_map_page(&dma_dom->domain, addr, addr, e->prot,
1015 PAGE_SIZE);
1016 if (ret)
1017 return ret;
1018 /*
1019 * if unity mapping is in aperture range mark the page
1020 * as allocated in the aperture
1021 */
1022 if (addr < dma_dom->aperture_size)
1023 __set_bit(addr >> PAGE_SHIFT,
1024 dma_dom->aperture[0]->bitmap);
1025 }
1026
1027 return 0;
1028 }
1029
1030 /*
1031 * Init the unity mappings for a specific IOMMU in the system
1032 *
1033 * Basically iterates over all unity mapping entries and applies them to
1034 * the default domain DMA of that IOMMU if necessary.
1035 */
1036 static int iommu_init_unity_mappings(struct amd_iommu *iommu)
1037 {
1038 struct unity_map_entry *entry;
1039 int ret;
1040
1041 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
1042 if (!iommu_for_unity_map(iommu, entry))
1043 continue;
1044 ret = dma_ops_unity_map(iommu->default_dom, entry);
1045 if (ret)
1046 return ret;
1047 }
1048
1049 return 0;
1050 }
1051
1052 /*
1053 * Inits the unity mappings required for a specific device
1054 */
1055 static int init_unity_mappings_for_device(struct dma_ops_domain *dma_dom,
1056 u16 devid)
1057 {
1058 struct unity_map_entry *e;
1059 int ret;
1060
1061 list_for_each_entry(e, &amd_iommu_unity_map, list) {
1062 if (!(devid >= e->devid_start && devid <= e->devid_end))
1063 continue;
1064 ret = dma_ops_unity_map(dma_dom, e);
1065 if (ret)
1066 return ret;
1067 }
1068
1069 return 0;
1070 }
1071
1072 /****************************************************************************
1073 *
1074 * The next functions belong to the address allocator for the dma_ops
1075 * interface functions. They work like the allocators in the other IOMMU
1076 * drivers. Its basically a bitmap which marks the allocated pages in
1077 * the aperture. Maybe it could be enhanced in the future to a more
1078 * efficient allocator.
1079 *
1080 ****************************************************************************/
1081
1082 /*
1083 * The address allocator core functions.
1084 *
1085 * called with domain->lock held
1086 */
1087
1088 /*
1089 * Used to reserve address ranges in the aperture (e.g. for exclusion
1090 * ranges.
1091 */
1092 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
1093 unsigned long start_page,
1094 unsigned int pages)
1095 {
1096 unsigned int i, last_page = dom->aperture_size >> PAGE_SHIFT;
1097
1098 if (start_page + pages > last_page)
1099 pages = last_page - start_page;
1100
1101 for (i = start_page; i < start_page + pages; ++i) {
1102 int index = i / APERTURE_RANGE_PAGES;
1103 int page = i % APERTURE_RANGE_PAGES;
1104 __set_bit(page, dom->aperture[index]->bitmap);
1105 }
1106 }
1107
1108 /*
1109 * This function is used to add a new aperture range to an existing
1110 * aperture in case of dma_ops domain allocation or address allocation
1111 * failure.
1112 */
1113 static int alloc_new_range(struct dma_ops_domain *dma_dom,
1114 bool populate, gfp_t gfp)
1115 {
1116 int index = dma_dom->aperture_size >> APERTURE_RANGE_SHIFT;
1117 struct amd_iommu *iommu;
1118 unsigned long i;
1119
1120 #ifdef CONFIG_IOMMU_STRESS
1121 populate = false;
1122 #endif
1123
1124 if (index >= APERTURE_MAX_RANGES)
1125 return -ENOMEM;
1126
1127 dma_dom->aperture[index] = kzalloc(sizeof(struct aperture_range), gfp);
1128 if (!dma_dom->aperture[index])
1129 return -ENOMEM;
1130
1131 dma_dom->aperture[index]->bitmap = (void *)get_zeroed_page(gfp);
1132 if (!dma_dom->aperture[index]->bitmap)
1133 goto out_free;
1134
1135 dma_dom->aperture[index]->offset = dma_dom->aperture_size;
1136
1137 if (populate) {
1138 unsigned long address = dma_dom->aperture_size;
1139 int i, num_ptes = APERTURE_RANGE_PAGES / 512;
1140 u64 *pte, *pte_page;
1141
1142 for (i = 0; i < num_ptes; ++i) {
1143 pte = alloc_pte(&dma_dom->domain, address, PAGE_SIZE,
1144 &pte_page, gfp);
1145 if (!pte)
1146 goto out_free;
1147
1148 dma_dom->aperture[index]->pte_pages[i] = pte_page;
1149
1150 address += APERTURE_RANGE_SIZE / 64;
1151 }
1152 }
1153
1154 dma_dom->aperture_size += APERTURE_RANGE_SIZE;
1155
1156 /* Initialize the exclusion range if necessary */
1157 for_each_iommu(iommu) {
1158 if (iommu->exclusion_start &&
1159 iommu->exclusion_start >= dma_dom->aperture[index]->offset
1160 && iommu->exclusion_start < dma_dom->aperture_size) {
1161 unsigned long startpage;
1162 int pages = iommu_num_pages(iommu->exclusion_start,
1163 iommu->exclusion_length,
1164 PAGE_SIZE);
1165 startpage = iommu->exclusion_start >> PAGE_SHIFT;
1166 dma_ops_reserve_addresses(dma_dom, startpage, pages);
1167 }
1168 }
1169
1170 /*
1171 * Check for areas already mapped as present in the new aperture
1172 * range and mark those pages as reserved in the allocator. Such
1173 * mappings may already exist as a result of requested unity
1174 * mappings for devices.
1175 */
1176 for (i = dma_dom->aperture[index]->offset;
1177 i < dma_dom->aperture_size;
1178 i += PAGE_SIZE) {
1179 u64 *pte = fetch_pte(&dma_dom->domain, i);
1180 if (!pte || !IOMMU_PTE_PRESENT(*pte))
1181 continue;
1182
1183 dma_ops_reserve_addresses(dma_dom, i << PAGE_SHIFT, 1);
1184 }
1185
1186 update_domain(&dma_dom->domain);
1187
1188 return 0;
1189
1190 out_free:
1191 update_domain(&dma_dom->domain);
1192
1193 free_page((unsigned long)dma_dom->aperture[index]->bitmap);
1194
1195 kfree(dma_dom->aperture[index]);
1196 dma_dom->aperture[index] = NULL;
1197
1198 return -ENOMEM;
1199 }
1200
1201 static unsigned long dma_ops_area_alloc(struct device *dev,
1202 struct dma_ops_domain *dom,
1203 unsigned int pages,
1204 unsigned long align_mask,
1205 u64 dma_mask,
1206 unsigned long start)
1207 {
1208 unsigned long next_bit = dom->next_address % APERTURE_RANGE_SIZE;
1209 int max_index = dom->aperture_size >> APERTURE_RANGE_SHIFT;
1210 int i = start >> APERTURE_RANGE_SHIFT;
1211 unsigned long boundary_size;
1212 unsigned long address = -1;
1213 unsigned long limit;
1214
1215 next_bit >>= PAGE_SHIFT;
1216
1217 boundary_size = ALIGN(dma_get_seg_boundary(dev) + 1,
1218 PAGE_SIZE) >> PAGE_SHIFT;
1219
1220 for (;i < max_index; ++i) {
1221 unsigned long offset = dom->aperture[i]->offset >> PAGE_SHIFT;
1222
1223 if (dom->aperture[i]->offset >= dma_mask)
1224 break;
1225
1226 limit = iommu_device_max_index(APERTURE_RANGE_PAGES, offset,
1227 dma_mask >> PAGE_SHIFT);
1228
1229 address = iommu_area_alloc(dom->aperture[i]->bitmap,
1230 limit, next_bit, pages, 0,
1231 boundary_size, align_mask);
1232 if (address != -1) {
1233 address = dom->aperture[i]->offset +
1234 (address << PAGE_SHIFT);
1235 dom->next_address = address + (pages << PAGE_SHIFT);
1236 break;
1237 }
1238
1239 next_bit = 0;
1240 }
1241
1242 return address;
1243 }
1244
1245 static unsigned long dma_ops_alloc_addresses(struct device *dev,
1246 struct dma_ops_domain *dom,
1247 unsigned int pages,
1248 unsigned long align_mask,
1249 u64 dma_mask)
1250 {
1251 unsigned long address;
1252
1253 #ifdef CONFIG_IOMMU_STRESS
1254 dom->next_address = 0;
1255 dom->need_flush = true;
1256 #endif
1257
1258 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1259 dma_mask, dom->next_address);
1260
1261 if (address == -1) {
1262 dom->next_address = 0;
1263 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1264 dma_mask, 0);
1265 dom->need_flush = true;
1266 }
1267
1268 if (unlikely(address == -1))
1269 address = DMA_ERROR_CODE;
1270
1271 WARN_ON((address + (PAGE_SIZE*pages)) > dom->aperture_size);
1272
1273 return address;
1274 }
1275
1276 /*
1277 * The address free function.
1278 *
1279 * called with domain->lock held
1280 */
1281 static void dma_ops_free_addresses(struct dma_ops_domain *dom,
1282 unsigned long address,
1283 unsigned int pages)
1284 {
1285 unsigned i = address >> APERTURE_RANGE_SHIFT;
1286 struct aperture_range *range = dom->aperture[i];
1287
1288 BUG_ON(i >= APERTURE_MAX_RANGES || range == NULL);
1289
1290 #ifdef CONFIG_IOMMU_STRESS
1291 if (i < 4)
1292 return;
1293 #endif
1294
1295 if (address >= dom->next_address)
1296 dom->need_flush = true;
1297
1298 address = (address % APERTURE_RANGE_SIZE) >> PAGE_SHIFT;
1299
1300 bitmap_clear(range->bitmap, address, pages);
1301
1302 }
1303
1304 /****************************************************************************
1305 *
1306 * The next functions belong to the domain allocation. A domain is
1307 * allocated for every IOMMU as the default domain. If device isolation
1308 * is enabled, every device get its own domain. The most important thing
1309 * about domains is the page table mapping the DMA address space they
1310 * contain.
1311 *
1312 ****************************************************************************/
1313
1314 /*
1315 * This function adds a protection domain to the global protection domain list
1316 */
1317 static void add_domain_to_list(struct protection_domain *domain)
1318 {
1319 unsigned long flags;
1320
1321 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1322 list_add(&domain->list, &amd_iommu_pd_list);
1323 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1324 }
1325
1326 /*
1327 * This function removes a protection domain to the global
1328 * protection domain list
1329 */
1330 static void del_domain_from_list(struct protection_domain *domain)
1331 {
1332 unsigned long flags;
1333
1334 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1335 list_del(&domain->list);
1336 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1337 }
1338
1339 static u16 domain_id_alloc(void)
1340 {
1341 unsigned long flags;
1342 int id;
1343
1344 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1345 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
1346 BUG_ON(id == 0);
1347 if (id > 0 && id < MAX_DOMAIN_ID)
1348 __set_bit(id, amd_iommu_pd_alloc_bitmap);
1349 else
1350 id = 0;
1351 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1352
1353 return id;
1354 }
1355
1356 static void domain_id_free(int id)
1357 {
1358 unsigned long flags;
1359
1360 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1361 if (id > 0 && id < MAX_DOMAIN_ID)
1362 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1363 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1364 }
1365
1366 static void free_pagetable(struct protection_domain *domain)
1367 {
1368 int i, j;
1369 u64 *p1, *p2, *p3;
1370
1371 p1 = domain->pt_root;
1372
1373 if (!p1)
1374 return;
1375
1376 for (i = 0; i < 512; ++i) {
1377 if (!IOMMU_PTE_PRESENT(p1[i]))
1378 continue;
1379
1380 p2 = IOMMU_PTE_PAGE(p1[i]);
1381 for (j = 0; j < 512; ++j) {
1382 if (!IOMMU_PTE_PRESENT(p2[j]))
1383 continue;
1384 p3 = IOMMU_PTE_PAGE(p2[j]);
1385 free_page((unsigned long)p3);
1386 }
1387
1388 free_page((unsigned long)p2);
1389 }
1390
1391 free_page((unsigned long)p1);
1392
1393 domain->pt_root = NULL;
1394 }
1395
1396 /*
1397 * Free a domain, only used if something went wrong in the
1398 * allocation path and we need to free an already allocated page table
1399 */
1400 static void dma_ops_domain_free(struct dma_ops_domain *dom)
1401 {
1402 int i;
1403
1404 if (!dom)
1405 return;
1406
1407 del_domain_from_list(&dom->domain);
1408
1409 free_pagetable(&dom->domain);
1410
1411 for (i = 0; i < APERTURE_MAX_RANGES; ++i) {
1412 if (!dom->aperture[i])
1413 continue;
1414 free_page((unsigned long)dom->aperture[i]->bitmap);
1415 kfree(dom->aperture[i]);
1416 }
1417
1418 kfree(dom);
1419 }
1420
1421 /*
1422 * Allocates a new protection domain usable for the dma_ops functions.
1423 * It also initializes the page table and the address allocator data
1424 * structures required for the dma_ops interface
1425 */
1426 static struct dma_ops_domain *dma_ops_domain_alloc(void)
1427 {
1428 struct dma_ops_domain *dma_dom;
1429
1430 dma_dom = kzalloc(sizeof(struct dma_ops_domain), GFP_KERNEL);
1431 if (!dma_dom)
1432 return NULL;
1433
1434 spin_lock_init(&dma_dom->domain.lock);
1435
1436 dma_dom->domain.id = domain_id_alloc();
1437 if (dma_dom->domain.id == 0)
1438 goto free_dma_dom;
1439 INIT_LIST_HEAD(&dma_dom->domain.dev_list);
1440 dma_dom->domain.mode = PAGE_MODE_2_LEVEL;
1441 dma_dom->domain.pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1442 dma_dom->domain.flags = PD_DMA_OPS_MASK;
1443 dma_dom->domain.priv = dma_dom;
1444 if (!dma_dom->domain.pt_root)
1445 goto free_dma_dom;
1446
1447 dma_dom->need_flush = false;
1448 dma_dom->target_dev = 0xffff;
1449
1450 add_domain_to_list(&dma_dom->domain);
1451
1452 if (alloc_new_range(dma_dom, true, GFP_KERNEL))
1453 goto free_dma_dom;
1454
1455 /*
1456 * mark the first page as allocated so we never return 0 as
1457 * a valid dma-address. So we can use 0 as error value
1458 */
1459 dma_dom->aperture[0]->bitmap[0] = 1;
1460 dma_dom->next_address = 0;
1461
1462
1463 return dma_dom;
1464
1465 free_dma_dom:
1466 dma_ops_domain_free(dma_dom);
1467
1468 return NULL;
1469 }
1470
1471 /*
1472 * little helper function to check whether a given protection domain is a
1473 * dma_ops domain
1474 */
1475 static bool dma_ops_domain(struct protection_domain *domain)
1476 {
1477 return domain->flags & PD_DMA_OPS_MASK;
1478 }
1479
1480 static void set_dte_entry(u16 devid, struct protection_domain *domain, bool ats)
1481 {
1482 u64 pte_root = virt_to_phys(domain->pt_root);
1483 u32 flags = 0;
1484
1485 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1486 << DEV_ENTRY_MODE_SHIFT;
1487 pte_root |= IOMMU_PTE_IR | IOMMU_PTE_IW | IOMMU_PTE_P | IOMMU_PTE_TV;
1488
1489 if (ats)
1490 flags |= DTE_FLAG_IOTLB;
1491
1492 amd_iommu_dev_table[devid].data[3] |= flags;
1493 amd_iommu_dev_table[devid].data[2] = domain->id;
1494 amd_iommu_dev_table[devid].data[1] = upper_32_bits(pte_root);
1495 amd_iommu_dev_table[devid].data[0] = lower_32_bits(pte_root);
1496 }
1497
1498 static void clear_dte_entry(u16 devid)
1499 {
1500 /* remove entry from the device table seen by the hardware */
1501 amd_iommu_dev_table[devid].data[0] = IOMMU_PTE_P | IOMMU_PTE_TV;
1502 amd_iommu_dev_table[devid].data[1] = 0;
1503 amd_iommu_dev_table[devid].data[2] = 0;
1504
1505 amd_iommu_apply_erratum_63(devid);
1506 }
1507
1508 static void do_attach(struct device *dev, struct protection_domain *domain)
1509 {
1510 struct iommu_dev_data *dev_data;
1511 struct amd_iommu *iommu;
1512 struct pci_dev *pdev;
1513 bool ats = false;
1514 u16 devid;
1515
1516 devid = get_device_id(dev);
1517 iommu = amd_iommu_rlookup_table[devid];
1518 dev_data = get_dev_data(dev);
1519 pdev = to_pci_dev(dev);
1520
1521 if (amd_iommu_iotlb_sup)
1522 ats = pci_ats_enabled(pdev);
1523
1524 /* Update data structures */
1525 dev_data->domain = domain;
1526 list_add(&dev_data->list, &domain->dev_list);
1527 set_dte_entry(devid, domain, ats);
1528
1529 /* Do reference counting */
1530 domain->dev_iommu[iommu->index] += 1;
1531 domain->dev_cnt += 1;
1532
1533 /* Flush the DTE entry */
1534 device_flush_dte(dev);
1535 }
1536
1537 static void do_detach(struct device *dev)
1538 {
1539 struct iommu_dev_data *dev_data;
1540 struct amd_iommu *iommu;
1541 u16 devid;
1542
1543 devid = get_device_id(dev);
1544 iommu = amd_iommu_rlookup_table[devid];
1545 dev_data = get_dev_data(dev);
1546
1547 /* decrease reference counters */
1548 dev_data->domain->dev_iommu[iommu->index] -= 1;
1549 dev_data->domain->dev_cnt -= 1;
1550
1551 /* Update data structures */
1552 dev_data->domain = NULL;
1553 list_del(&dev_data->list);
1554 clear_dte_entry(devid);
1555
1556 /* Flush the DTE entry */
1557 device_flush_dte(dev);
1558 }
1559
1560 /*
1561 * If a device is not yet associated with a domain, this function does
1562 * assigns it visible for the hardware
1563 */
1564 static int __attach_device(struct device *dev,
1565 struct protection_domain *domain)
1566 {
1567 struct iommu_dev_data *dev_data, *alias_data;
1568 int ret;
1569
1570 dev_data = get_dev_data(dev);
1571 alias_data = get_dev_data(dev_data->alias);
1572
1573 if (!alias_data)
1574 return -EINVAL;
1575
1576 /* lock domain */
1577 spin_lock(&domain->lock);
1578
1579 /* Some sanity checks */
1580 ret = -EBUSY;
1581 if (alias_data->domain != NULL &&
1582 alias_data->domain != domain)
1583 goto out_unlock;
1584
1585 if (dev_data->domain != NULL &&
1586 dev_data->domain != domain)
1587 goto out_unlock;
1588
1589 /* Do real assignment */
1590 if (dev_data->alias != dev) {
1591 alias_data = get_dev_data(dev_data->alias);
1592 if (alias_data->domain == NULL)
1593 do_attach(dev_data->alias, domain);
1594
1595 atomic_inc(&alias_data->bind);
1596 }
1597
1598 if (dev_data->domain == NULL)
1599 do_attach(dev, domain);
1600
1601 atomic_inc(&dev_data->bind);
1602
1603 ret = 0;
1604
1605 out_unlock:
1606
1607 /* ready */
1608 spin_unlock(&domain->lock);
1609
1610 return ret;
1611 }
1612
1613 /*
1614 * If a device is not yet associated with a domain, this function does
1615 * assigns it visible for the hardware
1616 */
1617 static int attach_device(struct device *dev,
1618 struct protection_domain *domain)
1619 {
1620 struct pci_dev *pdev = to_pci_dev(dev);
1621 unsigned long flags;
1622 int ret;
1623
1624 if (amd_iommu_iotlb_sup)
1625 pci_enable_ats(pdev, PAGE_SHIFT);
1626
1627 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1628 ret = __attach_device(dev, domain);
1629 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1630
1631 /*
1632 * We might boot into a crash-kernel here. The crashed kernel
1633 * left the caches in the IOMMU dirty. So we have to flush
1634 * here to evict all dirty stuff.
1635 */
1636 domain_flush_tlb_pde(domain);
1637
1638 return ret;
1639 }
1640
1641 /*
1642 * Removes a device from a protection domain (unlocked)
1643 */
1644 static void __detach_device(struct device *dev)
1645 {
1646 struct iommu_dev_data *dev_data = get_dev_data(dev);
1647 struct iommu_dev_data *alias_data;
1648 struct protection_domain *domain;
1649 unsigned long flags;
1650
1651 BUG_ON(!dev_data->domain);
1652
1653 domain = dev_data->domain;
1654
1655 spin_lock_irqsave(&domain->lock, flags);
1656
1657 if (dev_data->alias != dev) {
1658 alias_data = get_dev_data(dev_data->alias);
1659 if (atomic_dec_and_test(&alias_data->bind))
1660 do_detach(dev_data->alias);
1661 }
1662
1663 if (atomic_dec_and_test(&dev_data->bind))
1664 do_detach(dev);
1665
1666 spin_unlock_irqrestore(&domain->lock, flags);
1667
1668 /*
1669 * If we run in passthrough mode the device must be assigned to the
1670 * passthrough domain if it is detached from any other domain.
1671 * Make sure we can deassign from the pt_domain itself.
1672 */
1673 if (iommu_pass_through &&
1674 (dev_data->domain == NULL && domain != pt_domain))
1675 __attach_device(dev, pt_domain);
1676 }
1677
1678 /*
1679 * Removes a device from a protection domain (with devtable_lock held)
1680 */
1681 static void detach_device(struct device *dev)
1682 {
1683 struct pci_dev *pdev = to_pci_dev(dev);
1684 unsigned long flags;
1685
1686 /* lock device table */
1687 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1688 __detach_device(dev);
1689 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1690
1691 if (amd_iommu_iotlb_sup && pci_ats_enabled(pdev))
1692 pci_disable_ats(pdev);
1693 }
1694
1695 /*
1696 * Find out the protection domain structure for a given PCI device. This
1697 * will give us the pointer to the page table root for example.
1698 */
1699 static struct protection_domain *domain_for_device(struct device *dev)
1700 {
1701 struct protection_domain *dom;
1702 struct iommu_dev_data *dev_data, *alias_data;
1703 unsigned long flags;
1704 u16 devid;
1705
1706 devid = get_device_id(dev);
1707 dev_data = get_dev_data(dev);
1708 alias_data = get_dev_data(dev_data->alias);
1709 if (!alias_data)
1710 return NULL;
1711
1712 read_lock_irqsave(&amd_iommu_devtable_lock, flags);
1713 dom = dev_data->domain;
1714 if (dom == NULL &&
1715 alias_data->domain != NULL) {
1716 __attach_device(dev, alias_data->domain);
1717 dom = alias_data->domain;
1718 }
1719
1720 read_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1721
1722 return dom;
1723 }
1724
1725 static int device_change_notifier(struct notifier_block *nb,
1726 unsigned long action, void *data)
1727 {
1728 struct device *dev = data;
1729 u16 devid;
1730 struct protection_domain *domain;
1731 struct dma_ops_domain *dma_domain;
1732 struct amd_iommu *iommu;
1733 unsigned long flags;
1734
1735 if (!check_device(dev))
1736 return 0;
1737
1738 devid = get_device_id(dev);
1739 iommu = amd_iommu_rlookup_table[devid];
1740
1741 switch (action) {
1742 case BUS_NOTIFY_UNBOUND_DRIVER:
1743
1744 domain = domain_for_device(dev);
1745
1746 if (!domain)
1747 goto out;
1748 if (iommu_pass_through)
1749 break;
1750 detach_device(dev);
1751 break;
1752 case BUS_NOTIFY_ADD_DEVICE:
1753
1754 iommu_init_device(dev);
1755
1756 domain = domain_for_device(dev);
1757
1758 /* allocate a protection domain if a device is added */
1759 dma_domain = find_protection_domain(devid);
1760 if (dma_domain)
1761 goto out;
1762 dma_domain = dma_ops_domain_alloc();
1763 if (!dma_domain)
1764 goto out;
1765 dma_domain->target_dev = devid;
1766
1767 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1768 list_add_tail(&dma_domain->list, &iommu_pd_list);
1769 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1770
1771 break;
1772 case BUS_NOTIFY_DEL_DEVICE:
1773
1774 iommu_uninit_device(dev);
1775
1776 default:
1777 goto out;
1778 }
1779
1780 device_flush_dte(dev);
1781 iommu_completion_wait(iommu);
1782
1783 out:
1784 return 0;
1785 }
1786
1787 static struct notifier_block device_nb = {
1788 .notifier_call = device_change_notifier,
1789 };
1790
1791 void amd_iommu_init_notifier(void)
1792 {
1793 bus_register_notifier(&pci_bus_type, &device_nb);
1794 }
1795
1796 /*****************************************************************************
1797 *
1798 * The next functions belong to the dma_ops mapping/unmapping code.
1799 *
1800 *****************************************************************************/
1801
1802 /*
1803 * In the dma_ops path we only have the struct device. This function
1804 * finds the corresponding IOMMU, the protection domain and the
1805 * requestor id for a given device.
1806 * If the device is not yet associated with a domain this is also done
1807 * in this function.
1808 */
1809 static struct protection_domain *get_domain(struct device *dev)
1810 {
1811 struct protection_domain *domain;
1812 struct dma_ops_domain *dma_dom;
1813 u16 devid = get_device_id(dev);
1814
1815 if (!check_device(dev))
1816 return ERR_PTR(-EINVAL);
1817
1818 domain = domain_for_device(dev);
1819 if (domain != NULL && !dma_ops_domain(domain))
1820 return ERR_PTR(-EBUSY);
1821
1822 if (domain != NULL)
1823 return domain;
1824
1825 /* Device not bount yet - bind it */
1826 dma_dom = find_protection_domain(devid);
1827 if (!dma_dom)
1828 dma_dom = amd_iommu_rlookup_table[devid]->default_dom;
1829 attach_device(dev, &dma_dom->domain);
1830 DUMP_printk("Using protection domain %d for device %s\n",
1831 dma_dom->domain.id, dev_name(dev));
1832
1833 return &dma_dom->domain;
1834 }
1835
1836 static void update_device_table(struct protection_domain *domain)
1837 {
1838 struct iommu_dev_data *dev_data;
1839
1840 list_for_each_entry(dev_data, &domain->dev_list, list) {
1841 struct pci_dev *pdev = to_pci_dev(dev_data->dev);
1842 u16 devid = get_device_id(dev_data->dev);
1843 set_dte_entry(devid, domain, pci_ats_enabled(pdev));
1844 }
1845 }
1846
1847 static void update_domain(struct protection_domain *domain)
1848 {
1849 if (!domain->updated)
1850 return;
1851
1852 update_device_table(domain);
1853
1854 domain_flush_devices(domain);
1855 domain_flush_tlb_pde(domain);
1856
1857 domain->updated = false;
1858 }
1859
1860 /*
1861 * This function fetches the PTE for a given address in the aperture
1862 */
1863 static u64* dma_ops_get_pte(struct dma_ops_domain *dom,
1864 unsigned long address)
1865 {
1866 struct aperture_range *aperture;
1867 u64 *pte, *pte_page;
1868
1869 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1870 if (!aperture)
1871 return NULL;
1872
1873 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1874 if (!pte) {
1875 pte = alloc_pte(&dom->domain, address, PAGE_SIZE, &pte_page,
1876 GFP_ATOMIC);
1877 aperture->pte_pages[APERTURE_PAGE_INDEX(address)] = pte_page;
1878 } else
1879 pte += PM_LEVEL_INDEX(0, address);
1880
1881 update_domain(&dom->domain);
1882
1883 return pte;
1884 }
1885
1886 /*
1887 * This is the generic map function. It maps one 4kb page at paddr to
1888 * the given address in the DMA address space for the domain.
1889 */
1890 static dma_addr_t dma_ops_domain_map(struct dma_ops_domain *dom,
1891 unsigned long address,
1892 phys_addr_t paddr,
1893 int direction)
1894 {
1895 u64 *pte, __pte;
1896
1897 WARN_ON(address > dom->aperture_size);
1898
1899 paddr &= PAGE_MASK;
1900
1901 pte = dma_ops_get_pte(dom, address);
1902 if (!pte)
1903 return DMA_ERROR_CODE;
1904
1905 __pte = paddr | IOMMU_PTE_P | IOMMU_PTE_FC;
1906
1907 if (direction == DMA_TO_DEVICE)
1908 __pte |= IOMMU_PTE_IR;
1909 else if (direction == DMA_FROM_DEVICE)
1910 __pte |= IOMMU_PTE_IW;
1911 else if (direction == DMA_BIDIRECTIONAL)
1912 __pte |= IOMMU_PTE_IR | IOMMU_PTE_IW;
1913
1914 WARN_ON(*pte);
1915
1916 *pte = __pte;
1917
1918 return (dma_addr_t)address;
1919 }
1920
1921 /*
1922 * The generic unmapping function for on page in the DMA address space.
1923 */
1924 static void dma_ops_domain_unmap(struct dma_ops_domain *dom,
1925 unsigned long address)
1926 {
1927 struct aperture_range *aperture;
1928 u64 *pte;
1929
1930 if (address >= dom->aperture_size)
1931 return;
1932
1933 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1934 if (!aperture)
1935 return;
1936
1937 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1938 if (!pte)
1939 return;
1940
1941 pte += PM_LEVEL_INDEX(0, address);
1942
1943 WARN_ON(!*pte);
1944
1945 *pte = 0ULL;
1946 }
1947
1948 /*
1949 * This function contains common code for mapping of a physically
1950 * contiguous memory region into DMA address space. It is used by all
1951 * mapping functions provided with this IOMMU driver.
1952 * Must be called with the domain lock held.
1953 */
1954 static dma_addr_t __map_single(struct device *dev,
1955 struct dma_ops_domain *dma_dom,
1956 phys_addr_t paddr,
1957 size_t size,
1958 int dir,
1959 bool align,
1960 u64 dma_mask)
1961 {
1962 dma_addr_t offset = paddr & ~PAGE_MASK;
1963 dma_addr_t address, start, ret;
1964 unsigned int pages;
1965 unsigned long align_mask = 0;
1966 int i;
1967
1968 pages = iommu_num_pages(paddr, size, PAGE_SIZE);
1969 paddr &= PAGE_MASK;
1970
1971 INC_STATS_COUNTER(total_map_requests);
1972
1973 if (pages > 1)
1974 INC_STATS_COUNTER(cross_page);
1975
1976 if (align)
1977 align_mask = (1UL << get_order(size)) - 1;
1978
1979 retry:
1980 address = dma_ops_alloc_addresses(dev, dma_dom, pages, align_mask,
1981 dma_mask);
1982 if (unlikely(address == DMA_ERROR_CODE)) {
1983 /*
1984 * setting next_address here will let the address
1985 * allocator only scan the new allocated range in the
1986 * first run. This is a small optimization.
1987 */
1988 dma_dom->next_address = dma_dom->aperture_size;
1989
1990 if (alloc_new_range(dma_dom, false, GFP_ATOMIC))
1991 goto out;
1992
1993 /*
1994 * aperture was successfully enlarged by 128 MB, try
1995 * allocation again
1996 */
1997 goto retry;
1998 }
1999
2000 start = address;
2001 for (i = 0; i < pages; ++i) {
2002 ret = dma_ops_domain_map(dma_dom, start, paddr, dir);
2003 if (ret == DMA_ERROR_CODE)
2004 goto out_unmap;
2005
2006 paddr += PAGE_SIZE;
2007 start += PAGE_SIZE;
2008 }
2009 address += offset;
2010
2011 ADD_STATS_COUNTER(alloced_io_mem, size);
2012
2013 if (unlikely(dma_dom->need_flush && !amd_iommu_unmap_flush)) {
2014 domain_flush_tlb(&dma_dom->domain);
2015 dma_dom->need_flush = false;
2016 } else if (unlikely(amd_iommu_np_cache))
2017 domain_flush_pages(&dma_dom->domain, address, size);
2018
2019 out:
2020 return address;
2021
2022 out_unmap:
2023
2024 for (--i; i >= 0; --i) {
2025 start -= PAGE_SIZE;
2026 dma_ops_domain_unmap(dma_dom, start);
2027 }
2028
2029 dma_ops_free_addresses(dma_dom, address, pages);
2030
2031 return DMA_ERROR_CODE;
2032 }
2033
2034 /*
2035 * Does the reverse of the __map_single function. Must be called with
2036 * the domain lock held too
2037 */
2038 static void __unmap_single(struct dma_ops_domain *dma_dom,
2039 dma_addr_t dma_addr,
2040 size_t size,
2041 int dir)
2042 {
2043 dma_addr_t flush_addr;
2044 dma_addr_t i, start;
2045 unsigned int pages;
2046
2047 if ((dma_addr == DMA_ERROR_CODE) ||
2048 (dma_addr + size > dma_dom->aperture_size))
2049 return;
2050
2051 flush_addr = dma_addr;
2052 pages = iommu_num_pages(dma_addr, size, PAGE_SIZE);
2053 dma_addr &= PAGE_MASK;
2054 start = dma_addr;
2055
2056 for (i = 0; i < pages; ++i) {
2057 dma_ops_domain_unmap(dma_dom, start);
2058 start += PAGE_SIZE;
2059 }
2060
2061 SUB_STATS_COUNTER(alloced_io_mem, size);
2062
2063 dma_ops_free_addresses(dma_dom, dma_addr, pages);
2064
2065 if (amd_iommu_unmap_flush || dma_dom->need_flush) {
2066 domain_flush_pages(&dma_dom->domain, flush_addr, size);
2067 dma_dom->need_flush = false;
2068 }
2069 }
2070
2071 /*
2072 * The exported map_single function for dma_ops.
2073 */
2074 static dma_addr_t map_page(struct device *dev, struct page *page,
2075 unsigned long offset, size_t size,
2076 enum dma_data_direction dir,
2077 struct dma_attrs *attrs)
2078 {
2079 unsigned long flags;
2080 struct protection_domain *domain;
2081 dma_addr_t addr;
2082 u64 dma_mask;
2083 phys_addr_t paddr = page_to_phys(page) + offset;
2084
2085 INC_STATS_COUNTER(cnt_map_single);
2086
2087 domain = get_domain(dev);
2088 if (PTR_ERR(domain) == -EINVAL)
2089 return (dma_addr_t)paddr;
2090 else if (IS_ERR(domain))
2091 return DMA_ERROR_CODE;
2092
2093 dma_mask = *dev->dma_mask;
2094
2095 spin_lock_irqsave(&domain->lock, flags);
2096
2097 addr = __map_single(dev, domain->priv, paddr, size, dir, false,
2098 dma_mask);
2099 if (addr == DMA_ERROR_CODE)
2100 goto out;
2101
2102 domain_flush_complete(domain);
2103
2104 out:
2105 spin_unlock_irqrestore(&domain->lock, flags);
2106
2107 return addr;
2108 }
2109
2110 /*
2111 * The exported unmap_single function for dma_ops.
2112 */
2113 static void unmap_page(struct device *dev, dma_addr_t dma_addr, size_t size,
2114 enum dma_data_direction dir, struct dma_attrs *attrs)
2115 {
2116 unsigned long flags;
2117 struct protection_domain *domain;
2118
2119 INC_STATS_COUNTER(cnt_unmap_single);
2120
2121 domain = get_domain(dev);
2122 if (IS_ERR(domain))
2123 return;
2124
2125 spin_lock_irqsave(&domain->lock, flags);
2126
2127 __unmap_single(domain->priv, dma_addr, size, dir);
2128
2129 domain_flush_complete(domain);
2130
2131 spin_unlock_irqrestore(&domain->lock, flags);
2132 }
2133
2134 /*
2135 * This is a special map_sg function which is used if we should map a
2136 * device which is not handled by an AMD IOMMU in the system.
2137 */
2138 static int map_sg_no_iommu(struct device *dev, struct scatterlist *sglist,
2139 int nelems, int dir)
2140 {
2141 struct scatterlist *s;
2142 int i;
2143
2144 for_each_sg(sglist, s, nelems, i) {
2145 s->dma_address = (dma_addr_t)sg_phys(s);
2146 s->dma_length = s->length;
2147 }
2148
2149 return nelems;
2150 }
2151
2152 /*
2153 * The exported map_sg function for dma_ops (handles scatter-gather
2154 * lists).
2155 */
2156 static int map_sg(struct device *dev, struct scatterlist *sglist,
2157 int nelems, enum dma_data_direction dir,
2158 struct dma_attrs *attrs)
2159 {
2160 unsigned long flags;
2161 struct protection_domain *domain;
2162 int i;
2163 struct scatterlist *s;
2164 phys_addr_t paddr;
2165 int mapped_elems = 0;
2166 u64 dma_mask;
2167
2168 INC_STATS_COUNTER(cnt_map_sg);
2169
2170 domain = get_domain(dev);
2171 if (PTR_ERR(domain) == -EINVAL)
2172 return map_sg_no_iommu(dev, sglist, nelems, dir);
2173 else if (IS_ERR(domain))
2174 return 0;
2175
2176 dma_mask = *dev->dma_mask;
2177
2178 spin_lock_irqsave(&domain->lock, flags);
2179
2180 for_each_sg(sglist, s, nelems, i) {
2181 paddr = sg_phys(s);
2182
2183 s->dma_address = __map_single(dev, domain->priv,
2184 paddr, s->length, dir, false,
2185 dma_mask);
2186
2187 if (s->dma_address) {
2188 s->dma_length = s->length;
2189 mapped_elems++;
2190 } else
2191 goto unmap;
2192 }
2193
2194 domain_flush_complete(domain);
2195
2196 out:
2197 spin_unlock_irqrestore(&domain->lock, flags);
2198
2199 return mapped_elems;
2200 unmap:
2201 for_each_sg(sglist, s, mapped_elems, i) {
2202 if (s->dma_address)
2203 __unmap_single(domain->priv, s->dma_address,
2204 s->dma_length, dir);
2205 s->dma_address = s->dma_length = 0;
2206 }
2207
2208 mapped_elems = 0;
2209
2210 goto out;
2211 }
2212
2213 /*
2214 * The exported map_sg function for dma_ops (handles scatter-gather
2215 * lists).
2216 */
2217 static void unmap_sg(struct device *dev, struct scatterlist *sglist,
2218 int nelems, enum dma_data_direction dir,
2219 struct dma_attrs *attrs)
2220 {
2221 unsigned long flags;
2222 struct protection_domain *domain;
2223 struct scatterlist *s;
2224 int i;
2225
2226 INC_STATS_COUNTER(cnt_unmap_sg);
2227
2228 domain = get_domain(dev);
2229 if (IS_ERR(domain))
2230 return;
2231
2232 spin_lock_irqsave(&domain->lock, flags);
2233
2234 for_each_sg(sglist, s, nelems, i) {
2235 __unmap_single(domain->priv, s->dma_address,
2236 s->dma_length, dir);
2237 s->dma_address = s->dma_length = 0;
2238 }
2239
2240 domain_flush_complete(domain);
2241
2242 spin_unlock_irqrestore(&domain->lock, flags);
2243 }
2244
2245 /*
2246 * The exported alloc_coherent function for dma_ops.
2247 */
2248 static void *alloc_coherent(struct device *dev, size_t size,
2249 dma_addr_t *dma_addr, gfp_t flag)
2250 {
2251 unsigned long flags;
2252 void *virt_addr;
2253 struct protection_domain *domain;
2254 phys_addr_t paddr;
2255 u64 dma_mask = dev->coherent_dma_mask;
2256
2257 INC_STATS_COUNTER(cnt_alloc_coherent);
2258
2259 domain = get_domain(dev);
2260 if (PTR_ERR(domain) == -EINVAL) {
2261 virt_addr = (void *)__get_free_pages(flag, get_order(size));
2262 *dma_addr = __pa(virt_addr);
2263 return virt_addr;
2264 } else if (IS_ERR(domain))
2265 return NULL;
2266
2267 dma_mask = dev->coherent_dma_mask;
2268 flag &= ~(__GFP_DMA | __GFP_HIGHMEM | __GFP_DMA32);
2269 flag |= __GFP_ZERO;
2270
2271 virt_addr = (void *)__get_free_pages(flag, get_order(size));
2272 if (!virt_addr)
2273 return NULL;
2274
2275 paddr = virt_to_phys(virt_addr);
2276
2277 if (!dma_mask)
2278 dma_mask = *dev->dma_mask;
2279
2280 spin_lock_irqsave(&domain->lock, flags);
2281
2282 *dma_addr = __map_single(dev, domain->priv, paddr,
2283 size, DMA_BIDIRECTIONAL, true, dma_mask);
2284
2285 if (*dma_addr == DMA_ERROR_CODE) {
2286 spin_unlock_irqrestore(&domain->lock, flags);
2287 goto out_free;
2288 }
2289
2290 domain_flush_complete(domain);
2291
2292 spin_unlock_irqrestore(&domain->lock, flags);
2293
2294 return virt_addr;
2295
2296 out_free:
2297
2298 free_pages((unsigned long)virt_addr, get_order(size));
2299
2300 return NULL;
2301 }
2302
2303 /*
2304 * The exported free_coherent function for dma_ops.
2305 */
2306 static void free_coherent(struct device *dev, size_t size,
2307 void *virt_addr, dma_addr_t dma_addr)
2308 {
2309 unsigned long flags;
2310 struct protection_domain *domain;
2311
2312 INC_STATS_COUNTER(cnt_free_coherent);
2313
2314 domain = get_domain(dev);
2315 if (IS_ERR(domain))
2316 goto free_mem;
2317
2318 spin_lock_irqsave(&domain->lock, flags);
2319
2320 __unmap_single(domain->priv, dma_addr, size, DMA_BIDIRECTIONAL);
2321
2322 domain_flush_complete(domain);
2323
2324 spin_unlock_irqrestore(&domain->lock, flags);
2325
2326 free_mem:
2327 free_pages((unsigned long)virt_addr, get_order(size));
2328 }
2329
2330 /*
2331 * This function is called by the DMA layer to find out if we can handle a
2332 * particular device. It is part of the dma_ops.
2333 */
2334 static int amd_iommu_dma_supported(struct device *dev, u64 mask)
2335 {
2336 return check_device(dev);
2337 }
2338
2339 /*
2340 * The function for pre-allocating protection domains.
2341 *
2342 * If the driver core informs the DMA layer if a driver grabs a device
2343 * we don't need to preallocate the protection domains anymore.
2344 * For now we have to.
2345 */
2346 static void prealloc_protection_domains(void)
2347 {
2348 struct pci_dev *dev = NULL;
2349 struct dma_ops_domain *dma_dom;
2350 u16 devid;
2351
2352 for_each_pci_dev(dev) {
2353
2354 /* Do we handle this device? */
2355 if (!check_device(&dev->dev))
2356 continue;
2357
2358 /* Is there already any domain for it? */
2359 if (domain_for_device(&dev->dev))
2360 continue;
2361
2362 devid = get_device_id(&dev->dev);
2363
2364 dma_dom = dma_ops_domain_alloc();
2365 if (!dma_dom)
2366 continue;
2367 init_unity_mappings_for_device(dma_dom, devid);
2368 dma_dom->target_dev = devid;
2369
2370 attach_device(&dev->dev, &dma_dom->domain);
2371
2372 list_add_tail(&dma_dom->list, &iommu_pd_list);
2373 }
2374 }
2375
2376 static struct dma_map_ops amd_iommu_dma_ops = {
2377 .alloc_coherent = alloc_coherent,
2378 .free_coherent = free_coherent,
2379 .map_page = map_page,
2380 .unmap_page = unmap_page,
2381 .map_sg = map_sg,
2382 .unmap_sg = unmap_sg,
2383 .dma_supported = amd_iommu_dma_supported,
2384 };
2385
2386 /*
2387 * The function which clues the AMD IOMMU driver into dma_ops.
2388 */
2389
2390 void __init amd_iommu_init_api(void)
2391 {
2392 register_iommu(&amd_iommu_ops);
2393 }
2394
2395 int __init amd_iommu_init_dma_ops(void)
2396 {
2397 struct amd_iommu *iommu;
2398 int ret;
2399
2400 /*
2401 * first allocate a default protection domain for every IOMMU we
2402 * found in the system. Devices not assigned to any other
2403 * protection domain will be assigned to the default one.
2404 */
2405 for_each_iommu(iommu) {
2406 iommu->default_dom = dma_ops_domain_alloc();
2407 if (iommu->default_dom == NULL)
2408 return -ENOMEM;
2409 iommu->default_dom->domain.flags |= PD_DEFAULT_MASK;
2410 ret = iommu_init_unity_mappings(iommu);
2411 if (ret)
2412 goto free_domains;
2413 }
2414
2415 /*
2416 * Pre-allocate the protection domains for each device.
2417 */
2418 prealloc_protection_domains();
2419
2420 iommu_detected = 1;
2421 swiotlb = 0;
2422
2423 /* Make the driver finally visible to the drivers */
2424 dma_ops = &amd_iommu_dma_ops;
2425
2426 amd_iommu_stats_init();
2427
2428 return 0;
2429
2430 free_domains:
2431
2432 for_each_iommu(iommu) {
2433 if (iommu->default_dom)
2434 dma_ops_domain_free(iommu->default_dom);
2435 }
2436
2437 return ret;
2438 }
2439
2440 /*****************************************************************************
2441 *
2442 * The following functions belong to the exported interface of AMD IOMMU
2443 *
2444 * This interface allows access to lower level functions of the IOMMU
2445 * like protection domain handling and assignement of devices to domains
2446 * which is not possible with the dma_ops interface.
2447 *
2448 *****************************************************************************/
2449
2450 static void cleanup_domain(struct protection_domain *domain)
2451 {
2452 struct iommu_dev_data *dev_data, *next;
2453 unsigned long flags;
2454
2455 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
2456
2457 list_for_each_entry_safe(dev_data, next, &domain->dev_list, list) {
2458 struct device *dev = dev_data->dev;
2459
2460 __detach_device(dev);
2461 atomic_set(&dev_data->bind, 0);
2462 }
2463
2464 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
2465 }
2466
2467 static void protection_domain_free(struct protection_domain *domain)
2468 {
2469 if (!domain)
2470 return;
2471
2472 del_domain_from_list(domain);
2473
2474 if (domain->id)
2475 domain_id_free(domain->id);
2476
2477 kfree(domain);
2478 }
2479
2480 static struct protection_domain *protection_domain_alloc(void)
2481 {
2482 struct protection_domain *domain;
2483
2484 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2485 if (!domain)
2486 return NULL;
2487
2488 spin_lock_init(&domain->lock);
2489 mutex_init(&domain->api_lock);
2490 domain->id = domain_id_alloc();
2491 if (!domain->id)
2492 goto out_err;
2493 INIT_LIST_HEAD(&domain->dev_list);
2494
2495 add_domain_to_list(domain);
2496
2497 return domain;
2498
2499 out_err:
2500 kfree(domain);
2501
2502 return NULL;
2503 }
2504
2505 static int amd_iommu_domain_init(struct iommu_domain *dom)
2506 {
2507 struct protection_domain *domain;
2508
2509 domain = protection_domain_alloc();
2510 if (!domain)
2511 goto out_free;
2512
2513 domain->mode = PAGE_MODE_3_LEVEL;
2514 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2515 if (!domain->pt_root)
2516 goto out_free;
2517
2518 dom->priv = domain;
2519
2520 return 0;
2521
2522 out_free:
2523 protection_domain_free(domain);
2524
2525 return -ENOMEM;
2526 }
2527
2528 static void amd_iommu_domain_destroy(struct iommu_domain *dom)
2529 {
2530 struct protection_domain *domain = dom->priv;
2531
2532 if (!domain)
2533 return;
2534
2535 if (domain->dev_cnt > 0)
2536 cleanup_domain(domain);
2537
2538 BUG_ON(domain->dev_cnt != 0);
2539
2540 free_pagetable(domain);
2541
2542 protection_domain_free(domain);
2543
2544 dom->priv = NULL;
2545 }
2546
2547 static void amd_iommu_detach_device(struct iommu_domain *dom,
2548 struct device *dev)
2549 {
2550 struct iommu_dev_data *dev_data = dev->archdata.iommu;
2551 struct amd_iommu *iommu;
2552 u16 devid;
2553
2554 if (!check_device(dev))
2555 return;
2556
2557 devid = get_device_id(dev);
2558
2559 if (dev_data->domain != NULL)
2560 detach_device(dev);
2561
2562 iommu = amd_iommu_rlookup_table[devid];
2563 if (!iommu)
2564 return;
2565
2566 device_flush_dte(dev);
2567 iommu_completion_wait(iommu);
2568 }
2569
2570 static int amd_iommu_attach_device(struct iommu_domain *dom,
2571 struct device *dev)
2572 {
2573 struct protection_domain *domain = dom->priv;
2574 struct iommu_dev_data *dev_data;
2575 struct amd_iommu *iommu;
2576 int ret;
2577 u16 devid;
2578
2579 if (!check_device(dev))
2580 return -EINVAL;
2581
2582 dev_data = dev->archdata.iommu;
2583
2584 devid = get_device_id(dev);
2585
2586 iommu = amd_iommu_rlookup_table[devid];
2587 if (!iommu)
2588 return -EINVAL;
2589
2590 if (dev_data->domain)
2591 detach_device(dev);
2592
2593 ret = attach_device(dev, domain);
2594
2595 iommu_completion_wait(iommu);
2596
2597 return ret;
2598 }
2599
2600 static int amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
2601 phys_addr_t paddr, int gfp_order, int iommu_prot)
2602 {
2603 unsigned long page_size = 0x1000UL << gfp_order;
2604 struct protection_domain *domain = dom->priv;
2605 int prot = 0;
2606 int ret;
2607
2608 if (iommu_prot & IOMMU_READ)
2609 prot |= IOMMU_PROT_IR;
2610 if (iommu_prot & IOMMU_WRITE)
2611 prot |= IOMMU_PROT_IW;
2612
2613 mutex_lock(&domain->api_lock);
2614 ret = iommu_map_page(domain, iova, paddr, prot, page_size);
2615 mutex_unlock(&domain->api_lock);
2616
2617 return ret;
2618 }
2619
2620 static int amd_iommu_unmap(struct iommu_domain *dom, unsigned long iova,
2621 int gfp_order)
2622 {
2623 struct protection_domain *domain = dom->priv;
2624 unsigned long page_size, unmap_size;
2625
2626 page_size = 0x1000UL << gfp_order;
2627
2628 mutex_lock(&domain->api_lock);
2629 unmap_size = iommu_unmap_page(domain, iova, page_size);
2630 mutex_unlock(&domain->api_lock);
2631
2632 domain_flush_tlb_pde(domain);
2633
2634 return get_order(unmap_size);
2635 }
2636
2637 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2638 unsigned long iova)
2639 {
2640 struct protection_domain *domain = dom->priv;
2641 unsigned long offset_mask;
2642 phys_addr_t paddr;
2643 u64 *pte, __pte;
2644
2645 pte = fetch_pte(domain, iova);
2646
2647 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2648 return 0;
2649
2650 if (PM_PTE_LEVEL(*pte) == 0)
2651 offset_mask = PAGE_SIZE - 1;
2652 else
2653 offset_mask = PTE_PAGE_SIZE(*pte) - 1;
2654
2655 __pte = *pte & PM_ADDR_MASK;
2656 paddr = (__pte & ~offset_mask) | (iova & offset_mask);
2657
2658 return paddr;
2659 }
2660
2661 static int amd_iommu_domain_has_cap(struct iommu_domain *domain,
2662 unsigned long cap)
2663 {
2664 switch (cap) {
2665 case IOMMU_CAP_CACHE_COHERENCY:
2666 return 1;
2667 }
2668
2669 return 0;
2670 }
2671
2672 static struct iommu_ops amd_iommu_ops = {
2673 .domain_init = amd_iommu_domain_init,
2674 .domain_destroy = amd_iommu_domain_destroy,
2675 .attach_dev = amd_iommu_attach_device,
2676 .detach_dev = amd_iommu_detach_device,
2677 .map = amd_iommu_map,
2678 .unmap = amd_iommu_unmap,
2679 .iova_to_phys = amd_iommu_iova_to_phys,
2680 .domain_has_cap = amd_iommu_domain_has_cap,
2681 };
2682
2683 /*****************************************************************************
2684 *
2685 * The next functions do a basic initialization of IOMMU for pass through
2686 * mode
2687 *
2688 * In passthrough mode the IOMMU is initialized and enabled but not used for
2689 * DMA-API translation.
2690 *
2691 *****************************************************************************/
2692
2693 int __init amd_iommu_init_passthrough(void)
2694 {
2695 struct amd_iommu *iommu;
2696 struct pci_dev *dev = NULL;
2697 u16 devid;
2698
2699 /* allocate passthrough domain */
2700 pt_domain = protection_domain_alloc();
2701 if (!pt_domain)
2702 return -ENOMEM;
2703
2704 pt_domain->mode |= PAGE_MODE_NONE;
2705
2706 for_each_pci_dev(dev) {
2707 if (!check_device(&dev->dev))
2708 continue;
2709
2710 devid = get_device_id(&dev->dev);
2711
2712 iommu = amd_iommu_rlookup_table[devid];
2713 if (!iommu)
2714 continue;
2715
2716 attach_device(&dev->dev, pt_domain);
2717 }
2718
2719 pr_info("AMD-Vi: Initialized for Passthrough Mode\n");
2720
2721 return 0;
2722 }
Linux kernel - Deliverables
This page took 0.082009 seconds and 4 git commands to generate.