]>
Commit | Line | Data |
---|---|---|
54cf91dc CW |
1 | /* |
2 | * Copyright © 2008,2010 Intel Corporation | |
3 | * | |
4 | * Permission is hereby granted, free of charge, to any person obtaining a | |
5 | * copy of this software and associated documentation files (the "Software"), | |
6 | * to deal in the Software without restriction, including without limitation | |
7 | * the rights to use, copy, modify, merge, publish, distribute, sublicense, | |
8 | * and/or sell copies of the Software, and to permit persons to whom the | |
9 | * Software is furnished to do so, subject to the following conditions: | |
10 | * | |
11 | * The above copyright notice and this permission notice (including the next | |
12 | * paragraph) shall be included in all copies or substantial portions of the | |
13 | * Software. | |
14 | * | |
15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
17 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL | |
18 | * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
19 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING | |
20 | * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS | |
21 | * IN THE SOFTWARE. | |
22 | * | |
23 | * Authors: | |
24 | * Eric Anholt <eric@anholt.net> | |
25 | * Chris Wilson <chris@chris-wilson.co.uk> | |
26 | * | |
27 | */ | |
28 | ||
ad778f89 CW |
29 | #include <linux/dma_remapping.h> |
30 | #include <linux/reservation.h> | |
fec0445c | 31 | #include <linux/sync_file.h> |
ad778f89 CW |
32 | #include <linux/uaccess.h> |
33 | ||
760285e7 DH |
34 | #include <drm/drmP.h> |
35 | #include <drm/i915_drm.h> | |
ad778f89 | 36 | |
54cf91dc | 37 | #include "i915_drv.h" |
57822dc6 | 38 | #include "i915_gem_clflush.h" |
54cf91dc CW |
39 | #include "i915_trace.h" |
40 | #include "intel_drv.h" | |
5d723d7a | 41 | #include "intel_frontbuffer.h" |
54cf91dc | 42 | |
7dd4f672 CW |
43 | enum { |
44 | FORCE_CPU_RELOC = 1, | |
45 | FORCE_GTT_RELOC, | |
46 | FORCE_GPU_RELOC, | |
47 | #define DBG_FORCE_RELOC 0 /* choose one of the above! */ | |
48 | }; | |
d50415cc | 49 | |
dade2a61 CW |
50 | #define __EXEC_OBJECT_HAS_REF BIT(31) |
51 | #define __EXEC_OBJECT_HAS_PIN BIT(30) | |
52 | #define __EXEC_OBJECT_HAS_FENCE BIT(29) | |
53 | #define __EXEC_OBJECT_NEEDS_MAP BIT(28) | |
54 | #define __EXEC_OBJECT_NEEDS_BIAS BIT(27) | |
55 | #define __EXEC_OBJECT_INTERNAL_FLAGS (~0u << 27) /* all of the above */ | |
2889caa9 CW |
56 | #define __EXEC_OBJECT_RESERVED (__EXEC_OBJECT_HAS_PIN | __EXEC_OBJECT_HAS_FENCE) |
57 | ||
58 | #define __EXEC_HAS_RELOC BIT(31) | |
59 | #define __EXEC_VALIDATED BIT(30) | |
60 | #define UPDATE PIN_OFFSET_FIXED | |
d23db88c CW |
61 | |
62 | #define BATCH_OFFSET_BIAS (256*1024) | |
a415d355 | 63 | |
650bc635 CW |
64 | #define __I915_EXEC_ILLEGAL_FLAGS \ |
65 | (__I915_EXEC_UNKNOWN_FLAGS | I915_EXEC_CONSTANTS_MASK) | |
5b043f4e | 66 | |
2889caa9 CW |
67 | /** |
68 | * DOC: User command execution | |
69 | * | |
70 | * Userspace submits commands to be executed on the GPU as an instruction | |
71 | * stream within a GEM object we call a batchbuffer. This instructions may | |
72 | * refer to other GEM objects containing auxiliary state such as kernels, | |
73 | * samplers, render targets and even secondary batchbuffers. Userspace does | |
74 | * not know where in the GPU memory these objects reside and so before the | |
75 | * batchbuffer is passed to the GPU for execution, those addresses in the | |
76 | * batchbuffer and auxiliary objects are updated. This is known as relocation, | |
77 | * or patching. To try and avoid having to relocate each object on the next | |
78 | * execution, userspace is told the location of those objects in this pass, | |
79 | * but this remains just a hint as the kernel may choose a new location for | |
80 | * any object in the future. | |
81 | * | |
82 | * Processing an execbuf ioctl is conceptually split up into a few phases. | |
83 | * | |
84 | * 1. Validation - Ensure all the pointers, handles and flags are valid. | |
85 | * 2. Reservation - Assign GPU address space for every object | |
86 | * 3. Relocation - Update any addresses to point to the final locations | |
87 | * 4. Serialisation - Order the request with respect to its dependencies | |
88 | * 5. Construction - Construct a request to execute the batchbuffer | |
89 | * 6. Submission (at some point in the future execution) | |
90 | * | |
91 | * Reserving resources for the execbuf is the most complicated phase. We | |
92 | * neither want to have to migrate the object in the address space, nor do | |
93 | * we want to have to update any relocations pointing to this object. Ideally, | |
94 | * we want to leave the object where it is and for all the existing relocations | |
95 | * to match. If the object is given a new address, or if userspace thinks the | |
96 | * object is elsewhere, we have to parse all the relocation entries and update | |
97 | * the addresses. Userspace can set the I915_EXEC_NORELOC flag to hint that | |
98 | * all the target addresses in all of its objects match the value in the | |
99 | * relocation entries and that they all match the presumed offsets given by the | |
100 | * list of execbuffer objects. Using this knowledge, we know that if we haven't | |
101 | * moved any buffers, all the relocation entries are valid and we can skip | |
102 | * the update. (If userspace is wrong, the likely outcome is an impromptu GPU | |
103 | * hang.) The requirement for using I915_EXEC_NO_RELOC are: | |
104 | * | |
105 | * The addresses written in the objects must match the corresponding | |
106 | * reloc.presumed_offset which in turn must match the corresponding | |
107 | * execobject.offset. | |
108 | * | |
109 | * Any render targets written to in the batch must be flagged with | |
110 | * EXEC_OBJECT_WRITE. | |
111 | * | |
112 | * To avoid stalling, execobject.offset should match the current | |
113 | * address of that object within the active context. | |
114 | * | |
115 | * The reservation is done is multiple phases. First we try and keep any | |
116 | * object already bound in its current location - so as long as meets the | |
117 | * constraints imposed by the new execbuffer. Any object left unbound after the | |
118 | * first pass is then fitted into any available idle space. If an object does | |
119 | * not fit, all objects are removed from the reservation and the process rerun | |
120 | * after sorting the objects into a priority order (more difficult to fit | |
121 | * objects are tried first). Failing that, the entire VM is cleared and we try | |
122 | * to fit the execbuf once last time before concluding that it simply will not | |
123 | * fit. | |
124 | * | |
125 | * A small complication to all of this is that we allow userspace not only to | |
126 | * specify an alignment and a size for the object in the address space, but | |
127 | * we also allow userspace to specify the exact offset. This objects are | |
128 | * simpler to place (the location is known a priori) all we have to do is make | |
129 | * sure the space is available. | |
130 | * | |
131 | * Once all the objects are in place, patching up the buried pointers to point | |
132 | * to the final locations is a fairly simple job of walking over the relocation | |
133 | * entry arrays, looking up the right address and rewriting the value into | |
134 | * the object. Simple! ... The relocation entries are stored in user memory | |
135 | * and so to access them we have to copy them into a local buffer. That copy | |
136 | * has to avoid taking any pagefaults as they may lead back to a GEM object | |
137 | * requiring the struct_mutex (i.e. recursive deadlock). So once again we split | |
138 | * the relocation into multiple passes. First we try to do everything within an | |
139 | * atomic context (avoid the pagefaults) which requires that we never wait. If | |
140 | * we detect that we may wait, or if we need to fault, then we have to fallback | |
141 | * to a slower path. The slowpath has to drop the mutex. (Can you hear alarm | |
142 | * bells yet?) Dropping the mutex means that we lose all the state we have | |
143 | * built up so far for the execbuf and we must reset any global data. However, | |
144 | * we do leave the objects pinned in their final locations - which is a | |
145 | * potential issue for concurrent execbufs. Once we have left the mutex, we can | |
146 | * allocate and copy all the relocation entries into a large array at our | |
147 | * leisure, reacquire the mutex, reclaim all the objects and other state and | |
148 | * then proceed to update any incorrect addresses with the objects. | |
149 | * | |
150 | * As we process the relocation entries, we maintain a record of whether the | |
151 | * object is being written to. Using NORELOC, we expect userspace to provide | |
152 | * this information instead. We also check whether we can skip the relocation | |
153 | * by comparing the expected value inside the relocation entry with the target's | |
154 | * final address. If they differ, we have to map the current object and rewrite | |
155 | * the 4 or 8 byte pointer within. | |
156 | * | |
157 | * Serialising an execbuf is quite simple according to the rules of the GEM | |
158 | * ABI. Execution within each context is ordered by the order of submission. | |
159 | * Writes to any GEM object are in order of submission and are exclusive. Reads | |
160 | * from a GEM object are unordered with respect to other reads, but ordered by | |
161 | * writes. A write submitted after a read cannot occur before the read, and | |
162 | * similarly any read submitted after a write cannot occur before the write. | |
163 | * Writes are ordered between engines such that only one write occurs at any | |
164 | * time (completing any reads beforehand) - using semaphores where available | |
165 | * and CPU serialisation otherwise. Other GEM access obey the same rules, any | |
166 | * write (either via mmaps using set-domain, or via pwrite) must flush all GPU | |
167 | * reads before starting, and any read (either using set-domain or pread) must | |
168 | * flush all GPU writes before starting. (Note we only employ a barrier before, | |
169 | * we currently rely on userspace not concurrently starting a new execution | |
170 | * whilst reading or writing to an object. This may be an advantage or not | |
171 | * depending on how much you trust userspace not to shoot themselves in the | |
172 | * foot.) Serialisation may just result in the request being inserted into | |
173 | * a DAG awaiting its turn, but most simple is to wait on the CPU until | |
174 | * all dependencies are resolved. | |
175 | * | |
176 | * After all of that, is just a matter of closing the request and handing it to | |
177 | * the hardware (well, leaving it in a queue to be executed). However, we also | |
178 | * offer the ability for batchbuffers to be run with elevated privileges so | |
179 | * that they access otherwise hidden registers. (Used to adjust L3 cache etc.) | |
180 | * Before any batch is given extra privileges we first must check that it | |
181 | * contains no nefarious instructions, we check that each instruction is from | |
182 | * our whitelist and all registers are also from an allowed list. We first | |
183 | * copy the user's batchbuffer to a shadow (so that the user doesn't have | |
184 | * access to it, either by the CPU or GPU as we scan it) and then parse each | |
185 | * instruction. If everything is ok, we set a flag telling the hardware to run | |
186 | * the batchbuffer in trusted mode, otherwise the ioctl is rejected. | |
187 | */ | |
188 | ||
650bc635 | 189 | struct i915_execbuffer { |
2889caa9 CW |
190 | struct drm_i915_private *i915; /** i915 backpointer */ |
191 | struct drm_file *file; /** per-file lookup tables and limits */ | |
192 | struct drm_i915_gem_execbuffer2 *args; /** ioctl parameters */ | |
193 | struct drm_i915_gem_exec_object2 *exec; /** ioctl execobj[] */ | |
194 | ||
195 | struct intel_engine_cs *engine; /** engine to queue the request to */ | |
196 | struct i915_gem_context *ctx; /** context for building the request */ | |
197 | struct i915_address_space *vm; /** GTT and vma for the request */ | |
198 | ||
199 | struct drm_i915_gem_request *request; /** our request to build */ | |
200 | struct i915_vma *batch; /** identity of the batch obj/vma */ | |
201 | ||
202 | /** actual size of execobj[] as we may extend it for the cmdparser */ | |
203 | unsigned int buffer_count; | |
204 | ||
205 | /** list of vma not yet bound during reservation phase */ | |
206 | struct list_head unbound; | |
207 | ||
208 | /** list of vma that have execobj.relocation_count */ | |
209 | struct list_head relocs; | |
210 | ||
211 | /** | |
212 | * Track the most recently used object for relocations, as we | |
213 | * frequently have to perform multiple relocations within the same | |
214 | * obj/page | |
215 | */ | |
650bc635 | 216 | struct reloc_cache { |
2889caa9 CW |
217 | struct drm_mm_node node; /** temporary GTT binding */ |
218 | unsigned long vaddr; /** Current kmap address */ | |
219 | unsigned long page; /** Currently mapped page index */ | |
7dd4f672 | 220 | unsigned int gen; /** Cached value of INTEL_GEN */ |
650bc635 | 221 | bool use_64bit_reloc : 1; |
2889caa9 CW |
222 | bool has_llc : 1; |
223 | bool has_fence : 1; | |
224 | bool needs_unfenced : 1; | |
7dd4f672 CW |
225 | |
226 | struct drm_i915_gem_request *rq; | |
227 | u32 *rq_cmd; | |
228 | unsigned int rq_size; | |
650bc635 | 229 | } reloc_cache; |
2889caa9 CW |
230 | |
231 | u64 invalid_flags; /** Set of execobj.flags that are invalid */ | |
232 | u32 context_flags; /** Set of execobj.flags to insert from the ctx */ | |
233 | ||
234 | u32 batch_start_offset; /** Location within object of batch */ | |
235 | u32 batch_len; /** Length of batch within object */ | |
236 | u32 batch_flags; /** Flags composed for emit_bb_start() */ | |
237 | ||
238 | /** | |
239 | * Indicate either the size of the hastable used to resolve | |
240 | * relocation handles, or if negative that we are using a direct | |
241 | * index into the execobj[]. | |
242 | */ | |
243 | int lut_size; | |
244 | struct hlist_head *buckets; /** ht for relocation handles */ | |
67731b87 CW |
245 | }; |
246 | ||
4ff4b44c CW |
247 | /* |
248 | * As an alternative to creating a hashtable of handle-to-vma for a batch, | |
249 | * we used the last available reserved field in the execobject[] and stash | |
250 | * a link from the execobj to its vma. | |
251 | */ | |
252 | #define __exec_to_vma(ee) (ee)->rsvd2 | |
253 | #define exec_to_vma(ee) u64_to_ptr(struct i915_vma, __exec_to_vma(ee)) | |
254 | ||
2889caa9 CW |
255 | /* |
256 | * Used to convert any address to canonical form. | |
257 | * Starting from gen8, some commands (e.g. STATE_BASE_ADDRESS, | |
258 | * MI_LOAD_REGISTER_MEM and others, see Broadwell PRM Vol2a) require the | |
259 | * addresses to be in a canonical form: | |
260 | * "GraphicsAddress[63:48] are ignored by the HW and assumed to be in correct | |
261 | * canonical form [63:48] == [47]." | |
262 | */ | |
263 | #define GEN8_HIGH_ADDRESS_BIT 47 | |
264 | static inline u64 gen8_canonical_addr(u64 address) | |
265 | { | |
266 | return sign_extend64(address, GEN8_HIGH_ADDRESS_BIT); | |
267 | } | |
268 | ||
269 | static inline u64 gen8_noncanonical_addr(u64 address) | |
270 | { | |
271 | return address & GENMASK_ULL(GEN8_HIGH_ADDRESS_BIT, 0); | |
272 | } | |
273 | ||
650bc635 | 274 | static int eb_create(struct i915_execbuffer *eb) |
67731b87 | 275 | { |
2889caa9 CW |
276 | if (!(eb->args->flags & I915_EXEC_HANDLE_LUT)) { |
277 | unsigned int size = 1 + ilog2(eb->buffer_count); | |
4ff4b44c | 278 | |
2889caa9 CW |
279 | /* |
280 | * Without a 1:1 association between relocation handles and | |
281 | * the execobject[] index, we instead create a hashtable. | |
282 | * We size it dynamically based on available memory, starting | |
283 | * first with 1:1 assocative hash and scaling back until | |
284 | * the allocation succeeds. | |
285 | * | |
286 | * Later on we use a positive lut_size to indicate we are | |
287 | * using this hashtable, and a negative value to indicate a | |
288 | * direct lookup. | |
289 | */ | |
4ff4b44c CW |
290 | do { |
291 | eb->buckets = kzalloc(sizeof(struct hlist_head) << size, | |
292 | GFP_TEMPORARY | | |
293 | __GFP_NORETRY | | |
294 | __GFP_NOWARN); | |
295 | if (eb->buckets) | |
296 | break; | |
297 | } while (--size); | |
298 | ||
299 | if (unlikely(!eb->buckets)) { | |
300 | eb->buckets = kzalloc(sizeof(struct hlist_head), | |
301 | GFP_TEMPORARY); | |
302 | if (unlikely(!eb->buckets)) | |
303 | return -ENOMEM; | |
304 | } | |
eef90ccb | 305 | |
2889caa9 | 306 | eb->lut_size = size; |
650bc635 | 307 | } else { |
2889caa9 | 308 | eb->lut_size = -eb->buffer_count; |
650bc635 | 309 | } |
eef90ccb | 310 | |
650bc635 | 311 | return 0; |
67731b87 CW |
312 | } |
313 | ||
2889caa9 CW |
314 | static bool |
315 | eb_vma_misplaced(const struct drm_i915_gem_exec_object2 *entry, | |
316 | const struct i915_vma *vma) | |
317 | { | |
318 | if (!(entry->flags & __EXEC_OBJECT_HAS_PIN)) | |
319 | return true; | |
320 | ||
321 | if (vma->node.size < entry->pad_to_size) | |
322 | return true; | |
323 | ||
324 | if (entry->alignment && !IS_ALIGNED(vma->node.start, entry->alignment)) | |
325 | return true; | |
326 | ||
327 | if (entry->flags & EXEC_OBJECT_PINNED && | |
328 | vma->node.start != entry->offset) | |
329 | return true; | |
330 | ||
331 | if (entry->flags & __EXEC_OBJECT_NEEDS_BIAS && | |
332 | vma->node.start < BATCH_OFFSET_BIAS) | |
333 | return true; | |
334 | ||
335 | if (!(entry->flags & EXEC_OBJECT_SUPPORTS_48B_ADDRESS) && | |
336 | (vma->node.start + vma->node.size - 1) >> 32) | |
337 | return true; | |
338 | ||
339 | return false; | |
340 | } | |
341 | ||
342 | static inline void | |
343 | eb_pin_vma(struct i915_execbuffer *eb, | |
344 | struct drm_i915_gem_exec_object2 *entry, | |
345 | struct i915_vma *vma) | |
346 | { | |
347 | u64 flags; | |
348 | ||
616d9cee CW |
349 | if (vma->node.size) |
350 | flags = vma->node.start; | |
351 | else | |
352 | flags = entry->offset & PIN_OFFSET_MASK; | |
353 | ||
354 | flags |= PIN_USER | PIN_NOEVICT | PIN_OFFSET_FIXED; | |
2889caa9 CW |
355 | if (unlikely(entry->flags & EXEC_OBJECT_NEEDS_GTT)) |
356 | flags |= PIN_GLOBAL; | |
616d9cee | 357 | |
2889caa9 CW |
358 | if (unlikely(i915_vma_pin(vma, 0, 0, flags))) |
359 | return; | |
360 | ||
361 | if (unlikely(entry->flags & EXEC_OBJECT_NEEDS_FENCE)) { | |
362 | if (unlikely(i915_vma_get_fence(vma))) { | |
363 | i915_vma_unpin(vma); | |
364 | return; | |
365 | } | |
366 | ||
367 | if (i915_vma_pin_fence(vma)) | |
368 | entry->flags |= __EXEC_OBJECT_HAS_FENCE; | |
369 | } | |
370 | ||
371 | entry->flags |= __EXEC_OBJECT_HAS_PIN; | |
372 | } | |
373 | ||
d55495b4 CW |
374 | static inline void |
375 | __eb_unreserve_vma(struct i915_vma *vma, | |
376 | const struct drm_i915_gem_exec_object2 *entry) | |
377 | { | |
2889caa9 CW |
378 | GEM_BUG_ON(!(entry->flags & __EXEC_OBJECT_HAS_PIN)); |
379 | ||
d55495b4 CW |
380 | if (unlikely(entry->flags & __EXEC_OBJECT_HAS_FENCE)) |
381 | i915_vma_unpin_fence(vma); | |
382 | ||
2889caa9 | 383 | __i915_vma_unpin(vma); |
d55495b4 CW |
384 | } |
385 | ||
2889caa9 CW |
386 | static inline void |
387 | eb_unreserve_vma(struct i915_vma *vma, | |
388 | struct drm_i915_gem_exec_object2 *entry) | |
d55495b4 | 389 | { |
2889caa9 CW |
390 | if (!(entry->flags & __EXEC_OBJECT_HAS_PIN)) |
391 | return; | |
d55495b4 CW |
392 | |
393 | __eb_unreserve_vma(vma, entry); | |
2889caa9 | 394 | entry->flags &= ~__EXEC_OBJECT_RESERVED; |
d55495b4 CW |
395 | } |
396 | ||
2889caa9 CW |
397 | static int |
398 | eb_validate_vma(struct i915_execbuffer *eb, | |
399 | struct drm_i915_gem_exec_object2 *entry, | |
400 | struct i915_vma *vma) | |
67731b87 | 401 | { |
2889caa9 CW |
402 | if (unlikely(entry->flags & eb->invalid_flags)) |
403 | return -EINVAL; | |
d55495b4 | 404 | |
2889caa9 CW |
405 | if (unlikely(entry->alignment && !is_power_of_2(entry->alignment))) |
406 | return -EINVAL; | |
407 | ||
408 | /* | |
409 | * Offset can be used as input (EXEC_OBJECT_PINNED), reject | |
410 | * any non-page-aligned or non-canonical addresses. | |
411 | */ | |
412 | if (unlikely(entry->flags & EXEC_OBJECT_PINNED && | |
413 | entry->offset != gen8_canonical_addr(entry->offset & PAGE_MASK))) | |
414 | return -EINVAL; | |
415 | ||
416 | /* pad_to_size was once a reserved field, so sanitize it */ | |
417 | if (entry->flags & EXEC_OBJECT_PAD_TO_SIZE) { | |
418 | if (unlikely(offset_in_page(entry->pad_to_size))) | |
419 | return -EINVAL; | |
420 | } else { | |
421 | entry->pad_to_size = 0; | |
d55495b4 CW |
422 | } |
423 | ||
2889caa9 CW |
424 | if (unlikely(vma->exec_entry)) { |
425 | DRM_DEBUG("Object [handle %d, index %d] appears more than once in object list\n", | |
426 | entry->handle, (int)(entry - eb->exec)); | |
427 | return -EINVAL; | |
428 | } | |
429 | ||
430 | /* | |
431 | * From drm_mm perspective address space is continuous, | |
432 | * so from this point we're always using non-canonical | |
433 | * form internally. | |
434 | */ | |
435 | entry->offset = gen8_noncanonical_addr(entry->offset); | |
436 | ||
437 | return 0; | |
67731b87 CW |
438 | } |
439 | ||
2889caa9 CW |
440 | static int |
441 | eb_add_vma(struct i915_execbuffer *eb, | |
442 | struct drm_i915_gem_exec_object2 *entry, | |
443 | struct i915_vma *vma) | |
59bfa124 | 444 | { |
2889caa9 CW |
445 | int err; |
446 | ||
447 | GEM_BUG_ON(i915_vma_is_closed(vma)); | |
448 | ||
449 | if (!(eb->args->flags & __EXEC_VALIDATED)) { | |
450 | err = eb_validate_vma(eb, entry, vma); | |
451 | if (unlikely(err)) | |
452 | return err; | |
4ff4b44c | 453 | } |
4ff4b44c | 454 | |
2889caa9 CW |
455 | if (eb->lut_size >= 0) { |
456 | vma->exec_handle = entry->handle; | |
4ff4b44c | 457 | hlist_add_head(&vma->exec_node, |
2889caa9 CW |
458 | &eb->buckets[hash_32(entry->handle, |
459 | eb->lut_size)]); | |
4ff4b44c | 460 | } |
59bfa124 | 461 | |
2889caa9 CW |
462 | if (entry->relocation_count) |
463 | list_add_tail(&vma->reloc_link, &eb->relocs); | |
464 | ||
465 | if (!eb->reloc_cache.has_fence) { | |
466 | entry->flags &= ~EXEC_OBJECT_NEEDS_FENCE; | |
467 | } else { | |
468 | if ((entry->flags & EXEC_OBJECT_NEEDS_FENCE || | |
469 | eb->reloc_cache.needs_unfenced) && | |
470 | i915_gem_object_is_tiled(vma->obj)) | |
471 | entry->flags |= EXEC_OBJECT_NEEDS_GTT | __EXEC_OBJECT_NEEDS_MAP; | |
472 | } | |
473 | ||
474 | if (!(entry->flags & EXEC_OBJECT_PINNED)) | |
475 | entry->flags |= eb->context_flags; | |
476 | ||
477 | /* | |
478 | * Stash a pointer from the vma to execobj, so we can query its flags, | |
479 | * size, alignment etc as provided by the user. Also we stash a pointer | |
480 | * to the vma inside the execobj so that we can use a direct lookup | |
481 | * to find the right target VMA when doing relocations. | |
482 | */ | |
483 | vma->exec_entry = entry; | |
dade2a61 | 484 | __exec_to_vma(entry) = (uintptr_t)vma; |
2889caa9 CW |
485 | |
486 | err = 0; | |
616d9cee | 487 | eb_pin_vma(eb, entry, vma); |
2889caa9 CW |
488 | if (eb_vma_misplaced(entry, vma)) { |
489 | eb_unreserve_vma(vma, entry); | |
490 | ||
491 | list_add_tail(&vma->exec_link, &eb->unbound); | |
492 | if (drm_mm_node_allocated(&vma->node)) | |
493 | err = i915_vma_unbind(vma); | |
494 | } else { | |
495 | if (entry->offset != vma->node.start) { | |
496 | entry->offset = vma->node.start | UPDATE; | |
497 | eb->args->flags |= __EXEC_HAS_RELOC; | |
498 | } | |
499 | } | |
500 | return err; | |
501 | } | |
502 | ||
503 | static inline int use_cpu_reloc(const struct reloc_cache *cache, | |
504 | const struct drm_i915_gem_object *obj) | |
505 | { | |
506 | if (!i915_gem_object_has_struct_page(obj)) | |
507 | return false; | |
508 | ||
7dd4f672 CW |
509 | if (DBG_FORCE_RELOC == FORCE_CPU_RELOC) |
510 | return true; | |
511 | ||
512 | if (DBG_FORCE_RELOC == FORCE_GTT_RELOC) | |
513 | return false; | |
2889caa9 CW |
514 | |
515 | return (cache->has_llc || | |
516 | obj->cache_dirty || | |
517 | obj->cache_level != I915_CACHE_NONE); | |
518 | } | |
519 | ||
520 | static int eb_reserve_vma(const struct i915_execbuffer *eb, | |
521 | struct i915_vma *vma) | |
522 | { | |
523 | struct drm_i915_gem_exec_object2 *entry = vma->exec_entry; | |
524 | u64 flags; | |
525 | int err; | |
526 | ||
527 | flags = PIN_USER | PIN_NONBLOCK; | |
528 | if (entry->flags & EXEC_OBJECT_NEEDS_GTT) | |
529 | flags |= PIN_GLOBAL; | |
530 | ||
531 | /* | |
532 | * Wa32bitGeneralStateOffset & Wa32bitInstructionBaseOffset, | |
533 | * limit address to the first 4GBs for unflagged objects. | |
534 | */ | |
535 | if (!(entry->flags & EXEC_OBJECT_SUPPORTS_48B_ADDRESS)) | |
536 | flags |= PIN_ZONE_4G; | |
537 | ||
538 | if (entry->flags & __EXEC_OBJECT_NEEDS_MAP) | |
539 | flags |= PIN_MAPPABLE; | |
540 | ||
541 | if (entry->flags & EXEC_OBJECT_PINNED) { | |
542 | flags |= entry->offset | PIN_OFFSET_FIXED; | |
543 | flags &= ~PIN_NONBLOCK; /* force overlapping PINNED checks */ | |
544 | } else if (entry->flags & __EXEC_OBJECT_NEEDS_BIAS) { | |
545 | flags |= BATCH_OFFSET_BIAS | PIN_OFFSET_BIAS; | |
546 | } | |
547 | ||
548 | err = i915_vma_pin(vma, entry->pad_to_size, entry->alignment, flags); | |
549 | if (err) | |
550 | return err; | |
551 | ||
552 | if (entry->offset != vma->node.start) { | |
553 | entry->offset = vma->node.start | UPDATE; | |
554 | eb->args->flags |= __EXEC_HAS_RELOC; | |
555 | } | |
556 | ||
557 | entry->flags |= __EXEC_OBJECT_HAS_PIN; | |
558 | GEM_BUG_ON(eb_vma_misplaced(entry, vma)); | |
559 | ||
560 | if (unlikely(entry->flags & EXEC_OBJECT_NEEDS_FENCE)) { | |
561 | err = i915_vma_get_fence(vma); | |
562 | if (unlikely(err)) { | |
563 | i915_vma_unpin(vma); | |
564 | return err; | |
565 | } | |
566 | ||
567 | if (i915_vma_pin_fence(vma)) | |
568 | entry->flags |= __EXEC_OBJECT_HAS_FENCE; | |
569 | } | |
570 | ||
571 | return 0; | |
572 | } | |
573 | ||
574 | static int eb_reserve(struct i915_execbuffer *eb) | |
575 | { | |
576 | const unsigned int count = eb->buffer_count; | |
577 | struct list_head last; | |
578 | struct i915_vma *vma; | |
579 | unsigned int i, pass; | |
580 | int err; | |
581 | ||
582 | /* | |
583 | * Attempt to pin all of the buffers into the GTT. | |
584 | * This is done in 3 phases: | |
585 | * | |
586 | * 1a. Unbind all objects that do not match the GTT constraints for | |
587 | * the execbuffer (fenceable, mappable, alignment etc). | |
588 | * 1b. Increment pin count for already bound objects. | |
589 | * 2. Bind new objects. | |
590 | * 3. Decrement pin count. | |
591 | * | |
592 | * This avoid unnecessary unbinding of later objects in order to make | |
593 | * room for the earlier objects *unless* we need to defragment. | |
594 | */ | |
595 | ||
596 | pass = 0; | |
597 | err = 0; | |
598 | do { | |
599 | list_for_each_entry(vma, &eb->unbound, exec_link) { | |
600 | err = eb_reserve_vma(eb, vma); | |
601 | if (err) | |
602 | break; | |
603 | } | |
604 | if (err != -ENOSPC) | |
605 | return err; | |
606 | ||
607 | /* Resort *all* the objects into priority order */ | |
608 | INIT_LIST_HEAD(&eb->unbound); | |
609 | INIT_LIST_HEAD(&last); | |
610 | for (i = 0; i < count; i++) { | |
611 | struct drm_i915_gem_exec_object2 *entry = &eb->exec[i]; | |
612 | ||
613 | if (entry->flags & EXEC_OBJECT_PINNED && | |
614 | entry->flags & __EXEC_OBJECT_HAS_PIN) | |
615 | continue; | |
616 | ||
617 | vma = exec_to_vma(entry); | |
618 | eb_unreserve_vma(vma, entry); | |
619 | ||
620 | if (entry->flags & EXEC_OBJECT_PINNED) | |
621 | list_add(&vma->exec_link, &eb->unbound); | |
622 | else if (entry->flags & __EXEC_OBJECT_NEEDS_MAP) | |
623 | list_add_tail(&vma->exec_link, &eb->unbound); | |
624 | else | |
625 | list_add_tail(&vma->exec_link, &last); | |
626 | } | |
627 | list_splice_tail(&last, &eb->unbound); | |
628 | ||
629 | switch (pass++) { | |
630 | case 0: | |
631 | break; | |
632 | ||
633 | case 1: | |
634 | /* Too fragmented, unbind everything and retry */ | |
635 | err = i915_gem_evict_vm(eb->vm); | |
636 | if (err) | |
637 | return err; | |
638 | break; | |
639 | ||
640 | default: | |
641 | return -ENOSPC; | |
642 | } | |
643 | } while (1); | |
4ff4b44c | 644 | } |
59bfa124 | 645 | |
4ff4b44c | 646 | static inline struct hlist_head * |
2889caa9 | 647 | ht_head(const struct i915_gem_context_vma_lut *lut, u32 handle) |
4ff4b44c | 648 | { |
2889caa9 | 649 | return &lut->ht[hash_32(handle, lut->ht_bits)]; |
4ff4b44c CW |
650 | } |
651 | ||
652 | static inline bool | |
2889caa9 | 653 | ht_needs_resize(const struct i915_gem_context_vma_lut *lut) |
4ff4b44c | 654 | { |
2889caa9 CW |
655 | return (4*lut->ht_count > 3*lut->ht_size || |
656 | 4*lut->ht_count + 1 < lut->ht_size); | |
59bfa124 CW |
657 | } |
658 | ||
2889caa9 CW |
659 | static unsigned int eb_batch_index(const struct i915_execbuffer *eb) |
660 | { | |
1a71cf2f CW |
661 | if (eb->args->flags & I915_EXEC_BATCH_FIRST) |
662 | return 0; | |
663 | else | |
664 | return eb->buffer_count - 1; | |
2889caa9 CW |
665 | } |
666 | ||
667 | static int eb_select_context(struct i915_execbuffer *eb) | |
668 | { | |
669 | struct i915_gem_context *ctx; | |
670 | ||
671 | ctx = i915_gem_context_lookup(eb->file->driver_priv, eb->args->rsvd1); | |
672 | if (unlikely(IS_ERR(ctx))) | |
673 | return PTR_ERR(ctx); | |
674 | ||
675 | if (unlikely(i915_gem_context_is_banned(ctx))) { | |
676 | DRM_DEBUG("Context %u tried to submit while banned\n", | |
677 | ctx->user_handle); | |
678 | return -EIO; | |
679 | } | |
680 | ||
681 | eb->ctx = i915_gem_context_get(ctx); | |
682 | eb->vm = ctx->ppgtt ? &ctx->ppgtt->base : &eb->i915->ggtt.base; | |
683 | ||
684 | eb->context_flags = 0; | |
685 | if (ctx->flags & CONTEXT_NO_ZEROMAP) | |
686 | eb->context_flags |= __EXEC_OBJECT_NEEDS_BIAS; | |
687 | ||
688 | return 0; | |
689 | } | |
690 | ||
691 | static int eb_lookup_vmas(struct i915_execbuffer *eb) | |
3b96eff4 | 692 | { |
4ff4b44c | 693 | #define INTERMEDIATE BIT(0) |
2889caa9 CW |
694 | const unsigned int count = eb->buffer_count; |
695 | struct i915_gem_context_vma_lut *lut = &eb->ctx->vma_lut; | |
4ff4b44c | 696 | struct i915_vma *vma; |
2889caa9 CW |
697 | struct idr *idr; |
698 | unsigned int i; | |
4ff4b44c | 699 | int slow_pass = -1; |
2889caa9 | 700 | int err; |
3b96eff4 | 701 | |
2889caa9 CW |
702 | INIT_LIST_HEAD(&eb->relocs); |
703 | INIT_LIST_HEAD(&eb->unbound); | |
d55495b4 | 704 | |
2889caa9 CW |
705 | if (unlikely(lut->ht_size & I915_CTX_RESIZE_IN_PROGRESS)) |
706 | flush_work(&lut->resize); | |
707 | GEM_BUG_ON(lut->ht_size & I915_CTX_RESIZE_IN_PROGRESS); | |
4ff4b44c CW |
708 | |
709 | for (i = 0; i < count; i++) { | |
710 | __exec_to_vma(&eb->exec[i]) = 0; | |
711 | ||
712 | hlist_for_each_entry(vma, | |
2889caa9 | 713 | ht_head(lut, eb->exec[i].handle), |
4ff4b44c CW |
714 | ctx_node) { |
715 | if (vma->ctx_handle != eb->exec[i].handle) | |
716 | continue; | |
717 | ||
2889caa9 CW |
718 | err = eb_add_vma(eb, &eb->exec[i], vma); |
719 | if (unlikely(err)) | |
720 | return err; | |
4ff4b44c CW |
721 | |
722 | goto next_vma; | |
723 | } | |
724 | ||
725 | if (slow_pass < 0) | |
726 | slow_pass = i; | |
727 | next_vma: ; | |
728 | } | |
729 | ||
730 | if (slow_pass < 0) | |
2889caa9 | 731 | goto out; |
4ff4b44c | 732 | |
650bc635 | 733 | spin_lock(&eb->file->table_lock); |
2889caa9 CW |
734 | /* |
735 | * Grab a reference to the object and release the lock so we can lookup | |
736 | * or create the VMA without using GFP_ATOMIC | |
737 | */ | |
738 | idr = &eb->file->object_idr; | |
4ff4b44c CW |
739 | for (i = slow_pass; i < count; i++) { |
740 | struct drm_i915_gem_object *obj; | |
3b96eff4 | 741 | |
4ff4b44c CW |
742 | if (__exec_to_vma(&eb->exec[i])) |
743 | continue; | |
744 | ||
2889caa9 | 745 | obj = to_intel_bo(idr_find(idr, eb->exec[i].handle)); |
4ff4b44c | 746 | if (unlikely(!obj)) { |
650bc635 | 747 | spin_unlock(&eb->file->table_lock); |
4ff4b44c CW |
748 | DRM_DEBUG("Invalid object handle %d at index %d\n", |
749 | eb->exec[i].handle, i); | |
2889caa9 CW |
750 | err = -ENOENT; |
751 | goto err; | |
3b96eff4 CW |
752 | } |
753 | ||
4ff4b44c | 754 | __exec_to_vma(&eb->exec[i]) = INTERMEDIATE | (uintptr_t)obj; |
27173f1f | 755 | } |
650bc635 | 756 | spin_unlock(&eb->file->table_lock); |
3b96eff4 | 757 | |
4ff4b44c CW |
758 | for (i = slow_pass; i < count; i++) { |
759 | struct drm_i915_gem_object *obj; | |
6f65e29a | 760 | |
2889caa9 | 761 | if (!(__exec_to_vma(&eb->exec[i]) & INTERMEDIATE)) |
4ff4b44c | 762 | continue; |
9ae9ab52 | 763 | |
e656a6cb DV |
764 | /* |
765 | * NOTE: We can leak any vmas created here when something fails | |
766 | * later on. But that's no issue since vma_unbind can deal with | |
767 | * vmas which are not actually bound. And since only | |
768 | * lookup_or_create exists as an interface to get at the vma | |
769 | * from the (obj, vm) we don't run the risk of creating | |
770 | * duplicated vmas for the same vm. | |
771 | */ | |
2889caa9 | 772 | obj = u64_to_ptr(typeof(*obj), |
4ff4b44c | 773 | __exec_to_vma(&eb->exec[i]) & ~INTERMEDIATE); |
650bc635 | 774 | vma = i915_vma_instance(obj, eb->vm, NULL); |
058d88c4 | 775 | if (unlikely(IS_ERR(vma))) { |
27173f1f | 776 | DRM_DEBUG("Failed to lookup VMA\n"); |
2889caa9 CW |
777 | err = PTR_ERR(vma); |
778 | goto err; | |
27173f1f BW |
779 | } |
780 | ||
4ff4b44c CW |
781 | /* First come, first served */ |
782 | if (!vma->ctx) { | |
783 | vma->ctx = eb->ctx; | |
784 | vma->ctx_handle = eb->exec[i].handle; | |
785 | hlist_add_head(&vma->ctx_node, | |
2889caa9 CW |
786 | ht_head(lut, eb->exec[i].handle)); |
787 | lut->ht_count++; | |
788 | lut->ht_size |= I915_CTX_RESIZE_IN_PROGRESS; | |
4ff4b44c CW |
789 | if (i915_vma_is_ggtt(vma)) { |
790 | GEM_BUG_ON(obj->vma_hashed); | |
791 | obj->vma_hashed = vma; | |
792 | } | |
dade2a61 CW |
793 | |
794 | i915_vma_get(vma); | |
eef90ccb | 795 | } |
4ff4b44c | 796 | |
2889caa9 CW |
797 | err = eb_add_vma(eb, &eb->exec[i], vma); |
798 | if (unlikely(err)) | |
799 | goto err; | |
dade2a61 CW |
800 | |
801 | /* Only after we validated the user didn't use our bits */ | |
802 | if (vma->ctx != eb->ctx) { | |
803 | i915_vma_get(vma); | |
804 | eb->exec[i].flags |= __EXEC_OBJECT_HAS_REF; | |
805 | } | |
4ff4b44c CW |
806 | } |
807 | ||
2889caa9 CW |
808 | if (lut->ht_size & I915_CTX_RESIZE_IN_PROGRESS) { |
809 | if (ht_needs_resize(lut)) | |
810 | queue_work(system_highpri_wq, &lut->resize); | |
811 | else | |
812 | lut->ht_size &= ~I915_CTX_RESIZE_IN_PROGRESS; | |
3b96eff4 | 813 | } |
3b96eff4 | 814 | |
2889caa9 CW |
815 | out: |
816 | /* take note of the batch buffer before we might reorder the lists */ | |
817 | i = eb_batch_index(eb); | |
818 | eb->batch = exec_to_vma(&eb->exec[i]); | |
27173f1f | 819 | |
9ae9ab52 | 820 | /* |
4ff4b44c CW |
821 | * SNA is doing fancy tricks with compressing batch buffers, which leads |
822 | * to negative relocation deltas. Usually that works out ok since the | |
823 | * relocate address is still positive, except when the batch is placed | |
824 | * very low in the GTT. Ensure this doesn't happen. | |
825 | * | |
826 | * Note that actual hangs have only been observed on gen7, but for | |
827 | * paranoia do it everywhere. | |
9ae9ab52 | 828 | */ |
2889caa9 CW |
829 | if (!(eb->exec[i].flags & EXEC_OBJECT_PINNED)) |
830 | eb->exec[i].flags |= __EXEC_OBJECT_NEEDS_BIAS; | |
831 | if (eb->reloc_cache.has_fence) | |
832 | eb->exec[i].flags |= EXEC_OBJECT_NEEDS_FENCE; | |
9ae9ab52 | 833 | |
2889caa9 CW |
834 | eb->args->flags |= __EXEC_VALIDATED; |
835 | return eb_reserve(eb); | |
836 | ||
837 | err: | |
838 | for (i = slow_pass; i < count; i++) { | |
839 | if (__exec_to_vma(&eb->exec[i]) & INTERMEDIATE) | |
840 | __exec_to_vma(&eb->exec[i]) = 0; | |
841 | } | |
842 | lut->ht_size &= ~I915_CTX_RESIZE_IN_PROGRESS; | |
843 | return err; | |
844 | #undef INTERMEDIATE | |
3b96eff4 CW |
845 | } |
846 | ||
4ff4b44c | 847 | static struct i915_vma * |
2889caa9 | 848 | eb_get_vma(const struct i915_execbuffer *eb, unsigned long handle) |
67731b87 | 849 | { |
2889caa9 CW |
850 | if (eb->lut_size < 0) { |
851 | if (handle >= -eb->lut_size) | |
eef90ccb | 852 | return NULL; |
4ff4b44c | 853 | return exec_to_vma(&eb->exec[handle]); |
eef90ccb CW |
854 | } else { |
855 | struct hlist_head *head; | |
aa45950b | 856 | struct i915_vma *vma; |
67731b87 | 857 | |
2889caa9 | 858 | head = &eb->buckets[hash_32(handle, eb->lut_size)]; |
aa45950b | 859 | hlist_for_each_entry(vma, head, exec_node) { |
27173f1f BW |
860 | if (vma->exec_handle == handle) |
861 | return vma; | |
eef90ccb CW |
862 | } |
863 | return NULL; | |
864 | } | |
67731b87 CW |
865 | } |
866 | ||
2889caa9 | 867 | static void eb_release_vmas(const struct i915_execbuffer *eb) |
a415d355 | 868 | { |
2889caa9 CW |
869 | const unsigned int count = eb->buffer_count; |
870 | unsigned int i; | |
871 | ||
872 | for (i = 0; i < count; i++) { | |
873 | struct drm_i915_gem_exec_object2 *entry = &eb->exec[i]; | |
874 | struct i915_vma *vma = exec_to_vma(entry); | |
650bc635 | 875 | |
2889caa9 | 876 | if (!vma) |
d55495b4 | 877 | continue; |
bcffc3fa | 878 | |
2889caa9 | 879 | GEM_BUG_ON(vma->exec_entry != entry); |
172ae5b4 | 880 | vma->exec_entry = NULL; |
9e53d9be | 881 | |
dade2a61 CW |
882 | if (entry->flags & __EXEC_OBJECT_HAS_PIN) |
883 | __eb_unreserve_vma(vma, entry); | |
884 | ||
885 | if (entry->flags & __EXEC_OBJECT_HAS_REF) | |
886 | i915_vma_put(vma); | |
d50415cc | 887 | |
dade2a61 CW |
888 | entry->flags &= |
889 | ~(__EXEC_OBJECT_RESERVED | __EXEC_OBJECT_HAS_REF); | |
2889caa9 | 890 | } |
dabdfe02 CW |
891 | } |
892 | ||
2889caa9 | 893 | static void eb_reset_vmas(const struct i915_execbuffer *eb) |
934acce3 | 894 | { |
2889caa9 CW |
895 | eb_release_vmas(eb); |
896 | if (eb->lut_size >= 0) | |
897 | memset(eb->buckets, 0, | |
898 | sizeof(struct hlist_head) << eb->lut_size); | |
934acce3 MW |
899 | } |
900 | ||
2889caa9 | 901 | static void eb_destroy(const struct i915_execbuffer *eb) |
934acce3 | 902 | { |
7dd4f672 CW |
903 | GEM_BUG_ON(eb->reloc_cache.rq); |
904 | ||
2889caa9 CW |
905 | if (eb->lut_size >= 0) |
906 | kfree(eb->buckets); | |
934acce3 MW |
907 | } |
908 | ||
2889caa9 | 909 | static inline u64 |
d50415cc | 910 | relocation_target(const struct drm_i915_gem_relocation_entry *reloc, |
2889caa9 | 911 | const struct i915_vma *target) |
934acce3 | 912 | { |
2889caa9 | 913 | return gen8_canonical_addr((int)reloc->delta + target->node.start); |
934acce3 MW |
914 | } |
915 | ||
d50415cc CW |
916 | static void reloc_cache_init(struct reloc_cache *cache, |
917 | struct drm_i915_private *i915) | |
5032d871 | 918 | { |
31a39207 | 919 | cache->page = -1; |
d50415cc | 920 | cache->vaddr = 0; |
dfc5148f | 921 | /* Must be a variable in the struct to allow GCC to unroll. */ |
7dd4f672 | 922 | cache->gen = INTEL_GEN(i915); |
2889caa9 | 923 | cache->has_llc = HAS_LLC(i915); |
dfc5148f | 924 | cache->use_64bit_reloc = HAS_64BIT_RELOC(i915); |
7dd4f672 CW |
925 | cache->has_fence = cache->gen < 4; |
926 | cache->needs_unfenced = INTEL_INFO(i915)->unfenced_needs_alignment; | |
e8cb909a | 927 | cache->node.allocated = false; |
7dd4f672 CW |
928 | cache->rq = NULL; |
929 | cache->rq_size = 0; | |
d50415cc | 930 | } |
5032d871 | 931 | |
d50415cc CW |
932 | static inline void *unmask_page(unsigned long p) |
933 | { | |
934 | return (void *)(uintptr_t)(p & PAGE_MASK); | |
935 | } | |
936 | ||
937 | static inline unsigned int unmask_flags(unsigned long p) | |
938 | { | |
939 | return p & ~PAGE_MASK; | |
31a39207 CW |
940 | } |
941 | ||
d50415cc CW |
942 | #define KMAP 0x4 /* after CLFLUSH_FLAGS */ |
943 | ||
650bc635 CW |
944 | static inline struct i915_ggtt *cache_to_ggtt(struct reloc_cache *cache) |
945 | { | |
946 | struct drm_i915_private *i915 = | |
947 | container_of(cache, struct i915_execbuffer, reloc_cache)->i915; | |
948 | return &i915->ggtt; | |
949 | } | |
950 | ||
7dd4f672 CW |
951 | static void reloc_gpu_flush(struct reloc_cache *cache) |
952 | { | |
953 | GEM_BUG_ON(cache->rq_size >= cache->rq->batch->obj->base.size / sizeof(u32)); | |
954 | cache->rq_cmd[cache->rq_size] = MI_BATCH_BUFFER_END; | |
955 | i915_gem_object_unpin_map(cache->rq->batch->obj); | |
956 | i915_gem_chipset_flush(cache->rq->i915); | |
957 | ||
958 | __i915_add_request(cache->rq, true); | |
959 | cache->rq = NULL; | |
960 | } | |
961 | ||
650bc635 | 962 | static void reloc_cache_reset(struct reloc_cache *cache) |
31a39207 | 963 | { |
d50415cc | 964 | void *vaddr; |
5032d871 | 965 | |
7dd4f672 CW |
966 | if (cache->rq) |
967 | reloc_gpu_flush(cache); | |
968 | ||
31a39207 CW |
969 | if (!cache->vaddr) |
970 | return; | |
3c94ceee | 971 | |
d50415cc CW |
972 | vaddr = unmask_page(cache->vaddr); |
973 | if (cache->vaddr & KMAP) { | |
974 | if (cache->vaddr & CLFLUSH_AFTER) | |
975 | mb(); | |
3c94ceee | 976 | |
d50415cc CW |
977 | kunmap_atomic(vaddr); |
978 | i915_gem_obj_finish_shmem_access((struct drm_i915_gem_object *)cache->node.mm); | |
979 | } else { | |
e8cb909a | 980 | wmb(); |
d50415cc | 981 | io_mapping_unmap_atomic((void __iomem *)vaddr); |
e8cb909a | 982 | if (cache->node.allocated) { |
650bc635 | 983 | struct i915_ggtt *ggtt = cache_to_ggtt(cache); |
e8cb909a CW |
984 | |
985 | ggtt->base.clear_range(&ggtt->base, | |
986 | cache->node.start, | |
4fb84d99 | 987 | cache->node.size); |
e8cb909a CW |
988 | drm_mm_remove_node(&cache->node); |
989 | } else { | |
990 | i915_vma_unpin((struct i915_vma *)cache->node.mm); | |
3c94ceee | 991 | } |
31a39207 | 992 | } |
650bc635 CW |
993 | |
994 | cache->vaddr = 0; | |
995 | cache->page = -1; | |
31a39207 CW |
996 | } |
997 | ||
998 | static void *reloc_kmap(struct drm_i915_gem_object *obj, | |
999 | struct reloc_cache *cache, | |
2889caa9 | 1000 | unsigned long page) |
31a39207 | 1001 | { |
d50415cc CW |
1002 | void *vaddr; |
1003 | ||
1004 | if (cache->vaddr) { | |
1005 | kunmap_atomic(unmask_page(cache->vaddr)); | |
1006 | } else { | |
1007 | unsigned int flushes; | |
2889caa9 | 1008 | int err; |
31a39207 | 1009 | |
2889caa9 CW |
1010 | err = i915_gem_obj_prepare_shmem_write(obj, &flushes); |
1011 | if (err) | |
1012 | return ERR_PTR(err); | |
d50415cc CW |
1013 | |
1014 | BUILD_BUG_ON(KMAP & CLFLUSH_FLAGS); | |
1015 | BUILD_BUG_ON((KMAP | CLFLUSH_FLAGS) & PAGE_MASK); | |
3c94ceee | 1016 | |
d50415cc CW |
1017 | cache->vaddr = flushes | KMAP; |
1018 | cache->node.mm = (void *)obj; | |
1019 | if (flushes) | |
1020 | mb(); | |
3c94ceee BW |
1021 | } |
1022 | ||
d50415cc CW |
1023 | vaddr = kmap_atomic(i915_gem_object_get_dirty_page(obj, page)); |
1024 | cache->vaddr = unmask_flags(cache->vaddr) | (unsigned long)vaddr; | |
31a39207 | 1025 | cache->page = page; |
5032d871 | 1026 | |
d50415cc | 1027 | return vaddr; |
5032d871 RB |
1028 | } |
1029 | ||
d50415cc CW |
1030 | static void *reloc_iomap(struct drm_i915_gem_object *obj, |
1031 | struct reloc_cache *cache, | |
2889caa9 | 1032 | unsigned long page) |
5032d871 | 1033 | { |
650bc635 | 1034 | struct i915_ggtt *ggtt = cache_to_ggtt(cache); |
e8cb909a | 1035 | unsigned long offset; |
d50415cc | 1036 | void *vaddr; |
5032d871 | 1037 | |
d50415cc | 1038 | if (cache->vaddr) { |
615e5000 | 1039 | io_mapping_unmap_atomic((void __force __iomem *) unmask_page(cache->vaddr)); |
d50415cc CW |
1040 | } else { |
1041 | struct i915_vma *vma; | |
2889caa9 | 1042 | int err; |
5032d871 | 1043 | |
2889caa9 | 1044 | if (use_cpu_reloc(cache, obj)) |
d50415cc | 1045 | return NULL; |
3c94ceee | 1046 | |
2889caa9 CW |
1047 | err = i915_gem_object_set_to_gtt_domain(obj, true); |
1048 | if (err) | |
1049 | return ERR_PTR(err); | |
3c94ceee | 1050 | |
d50415cc CW |
1051 | vma = i915_gem_object_ggtt_pin(obj, NULL, 0, 0, |
1052 | PIN_MAPPABLE | PIN_NONBLOCK); | |
e8cb909a CW |
1053 | if (IS_ERR(vma)) { |
1054 | memset(&cache->node, 0, sizeof(cache->node)); | |
2889caa9 | 1055 | err = drm_mm_insert_node_in_range |
e8cb909a | 1056 | (&ggtt->base.mm, &cache->node, |
f51455d4 | 1057 | PAGE_SIZE, 0, I915_COLOR_UNEVICTABLE, |
e8cb909a | 1058 | 0, ggtt->mappable_end, |
4e64e553 | 1059 | DRM_MM_INSERT_LOW); |
2889caa9 | 1060 | if (err) /* no inactive aperture space, use cpu reloc */ |
c92fa4fe | 1061 | return NULL; |
e8cb909a | 1062 | } else { |
2889caa9 CW |
1063 | err = i915_vma_put_fence(vma); |
1064 | if (err) { | |
e8cb909a | 1065 | i915_vma_unpin(vma); |
2889caa9 | 1066 | return ERR_PTR(err); |
e8cb909a | 1067 | } |
5032d871 | 1068 | |
e8cb909a CW |
1069 | cache->node.start = vma->node.start; |
1070 | cache->node.mm = (void *)vma; | |
3c94ceee | 1071 | } |
e8cb909a | 1072 | } |
3c94ceee | 1073 | |
e8cb909a CW |
1074 | offset = cache->node.start; |
1075 | if (cache->node.allocated) { | |
fc099090 | 1076 | wmb(); |
e8cb909a CW |
1077 | ggtt->base.insert_page(&ggtt->base, |
1078 | i915_gem_object_get_dma_address(obj, page), | |
1079 | offset, I915_CACHE_NONE, 0); | |
1080 | } else { | |
1081 | offset += page << PAGE_SHIFT; | |
3c94ceee BW |
1082 | } |
1083 | ||
650bc635 CW |
1084 | vaddr = (void __force *)io_mapping_map_atomic_wc(&ggtt->mappable, |
1085 | offset); | |
d50415cc CW |
1086 | cache->page = page; |
1087 | cache->vaddr = (unsigned long)vaddr; | |
5032d871 | 1088 | |
d50415cc | 1089 | return vaddr; |
5032d871 RB |
1090 | } |
1091 | ||
d50415cc CW |
1092 | static void *reloc_vaddr(struct drm_i915_gem_object *obj, |
1093 | struct reloc_cache *cache, | |
2889caa9 | 1094 | unsigned long page) |
edf4427b | 1095 | { |
d50415cc | 1096 | void *vaddr; |
5032d871 | 1097 | |
d50415cc CW |
1098 | if (cache->page == page) { |
1099 | vaddr = unmask_page(cache->vaddr); | |
1100 | } else { | |
1101 | vaddr = NULL; | |
1102 | if ((cache->vaddr & KMAP) == 0) | |
1103 | vaddr = reloc_iomap(obj, cache, page); | |
1104 | if (!vaddr) | |
1105 | vaddr = reloc_kmap(obj, cache, page); | |
3c94ceee BW |
1106 | } |
1107 | ||
d50415cc | 1108 | return vaddr; |
edf4427b CW |
1109 | } |
1110 | ||
d50415cc | 1111 | static void clflush_write32(u32 *addr, u32 value, unsigned int flushes) |
edf4427b | 1112 | { |
d50415cc CW |
1113 | if (unlikely(flushes & (CLFLUSH_BEFORE | CLFLUSH_AFTER))) { |
1114 | if (flushes & CLFLUSH_BEFORE) { | |
1115 | clflushopt(addr); | |
1116 | mb(); | |
1117 | } | |
edf4427b | 1118 | |
d50415cc | 1119 | *addr = value; |
edf4427b | 1120 | |
2889caa9 CW |
1121 | /* |
1122 | * Writes to the same cacheline are serialised by the CPU | |
d50415cc CW |
1123 | * (including clflush). On the write path, we only require |
1124 | * that it hits memory in an orderly fashion and place | |
1125 | * mb barriers at the start and end of the relocation phase | |
1126 | * to ensure ordering of clflush wrt to the system. | |
1127 | */ | |
1128 | if (flushes & CLFLUSH_AFTER) | |
1129 | clflushopt(addr); | |
1130 | } else | |
1131 | *addr = value; | |
edf4427b | 1132 | } |
edf4427b | 1133 | |
7dd4f672 CW |
1134 | static int __reloc_gpu_alloc(struct i915_execbuffer *eb, |
1135 | struct i915_vma *vma, | |
1136 | unsigned int len) | |
1137 | { | |
1138 | struct reloc_cache *cache = &eb->reloc_cache; | |
1139 | struct drm_i915_gem_object *obj; | |
1140 | struct drm_i915_gem_request *rq; | |
1141 | struct i915_vma *batch; | |
1142 | u32 *cmd; | |
1143 | int err; | |
1144 | ||
1145 | GEM_BUG_ON(vma->obj->base.write_domain & I915_GEM_DOMAIN_CPU); | |
1146 | ||
1147 | obj = i915_gem_batch_pool_get(&eb->engine->batch_pool, PAGE_SIZE); | |
1148 | if (IS_ERR(obj)) | |
1149 | return PTR_ERR(obj); | |
1150 | ||
1151 | cmd = i915_gem_object_pin_map(obj, | |
1152 | cache->has_llc ? I915_MAP_WB : I915_MAP_WC); | |
1153 | i915_gem_object_unpin_pages(obj); | |
1154 | if (IS_ERR(cmd)) | |
1155 | return PTR_ERR(cmd); | |
1156 | ||
1157 | err = i915_gem_object_set_to_wc_domain(obj, false); | |
1158 | if (err) | |
1159 | goto err_unmap; | |
1160 | ||
1161 | batch = i915_vma_instance(obj, vma->vm, NULL); | |
1162 | if (IS_ERR(batch)) { | |
1163 | err = PTR_ERR(batch); | |
1164 | goto err_unmap; | |
1165 | } | |
1166 | ||
1167 | err = i915_vma_pin(batch, 0, 0, PIN_USER | PIN_NONBLOCK); | |
1168 | if (err) | |
1169 | goto err_unmap; | |
1170 | ||
1171 | rq = i915_gem_request_alloc(eb->engine, eb->ctx); | |
1172 | if (IS_ERR(rq)) { | |
1173 | err = PTR_ERR(rq); | |
1174 | goto err_unpin; | |
1175 | } | |
1176 | ||
1177 | err = i915_gem_request_await_object(rq, vma->obj, true); | |
1178 | if (err) | |
1179 | goto err_request; | |
1180 | ||
1181 | err = eb->engine->emit_flush(rq, EMIT_INVALIDATE); | |
1182 | if (err) | |
1183 | goto err_request; | |
1184 | ||
1185 | err = i915_switch_context(rq); | |
1186 | if (err) | |
1187 | goto err_request; | |
1188 | ||
1189 | err = eb->engine->emit_bb_start(rq, | |
1190 | batch->node.start, PAGE_SIZE, | |
1191 | cache->gen > 5 ? 0 : I915_DISPATCH_SECURE); | |
1192 | if (err) | |
1193 | goto err_request; | |
1194 | ||
95ff7c7d | 1195 | GEM_BUG_ON(!reservation_object_test_signaled_rcu(batch->resv, true)); |
7dd4f672 | 1196 | i915_vma_move_to_active(batch, rq, 0); |
95ff7c7d CW |
1197 | reservation_object_lock(batch->resv, NULL); |
1198 | reservation_object_add_excl_fence(batch->resv, &rq->fence); | |
1199 | reservation_object_unlock(batch->resv); | |
7dd4f672 CW |
1200 | i915_vma_unpin(batch); |
1201 | ||
1202 | i915_vma_move_to_active(vma, rq, true); | |
95ff7c7d CW |
1203 | reservation_object_lock(vma->resv, NULL); |
1204 | reservation_object_add_excl_fence(vma->resv, &rq->fence); | |
1205 | reservation_object_unlock(vma->resv); | |
7dd4f672 CW |
1206 | |
1207 | rq->batch = batch; | |
1208 | ||
1209 | cache->rq = rq; | |
1210 | cache->rq_cmd = cmd; | |
1211 | cache->rq_size = 0; | |
1212 | ||
1213 | /* Return with batch mapping (cmd) still pinned */ | |
1214 | return 0; | |
1215 | ||
1216 | err_request: | |
1217 | i915_add_request(rq); | |
1218 | err_unpin: | |
1219 | i915_vma_unpin(batch); | |
1220 | err_unmap: | |
1221 | i915_gem_object_unpin_map(obj); | |
1222 | return err; | |
1223 | } | |
1224 | ||
1225 | static u32 *reloc_gpu(struct i915_execbuffer *eb, | |
1226 | struct i915_vma *vma, | |
1227 | unsigned int len) | |
1228 | { | |
1229 | struct reloc_cache *cache = &eb->reloc_cache; | |
1230 | u32 *cmd; | |
1231 | ||
1232 | if (cache->rq_size > PAGE_SIZE/sizeof(u32) - (len + 1)) | |
1233 | reloc_gpu_flush(cache); | |
1234 | ||
1235 | if (unlikely(!cache->rq)) { | |
1236 | int err; | |
1237 | ||
1238 | err = __reloc_gpu_alloc(eb, vma, len); | |
1239 | if (unlikely(err)) | |
1240 | return ERR_PTR(err); | |
1241 | } | |
1242 | ||
1243 | cmd = cache->rq_cmd + cache->rq_size; | |
1244 | cache->rq_size += len; | |
1245 | ||
1246 | return cmd; | |
1247 | } | |
1248 | ||
2889caa9 CW |
1249 | static u64 |
1250 | relocate_entry(struct i915_vma *vma, | |
d50415cc | 1251 | const struct drm_i915_gem_relocation_entry *reloc, |
2889caa9 CW |
1252 | struct i915_execbuffer *eb, |
1253 | const struct i915_vma *target) | |
edf4427b | 1254 | { |
d50415cc | 1255 | u64 offset = reloc->offset; |
2889caa9 CW |
1256 | u64 target_offset = relocation_target(reloc, target); |
1257 | bool wide = eb->reloc_cache.use_64bit_reloc; | |
d50415cc | 1258 | void *vaddr; |
edf4427b | 1259 | |
7dd4f672 CW |
1260 | if (!eb->reloc_cache.vaddr && |
1261 | (DBG_FORCE_RELOC == FORCE_GPU_RELOC || | |
95ff7c7d | 1262 | !reservation_object_test_signaled_rcu(vma->resv, true))) { |
7dd4f672 CW |
1263 | const unsigned int gen = eb->reloc_cache.gen; |
1264 | unsigned int len; | |
1265 | u32 *batch; | |
1266 | u64 addr; | |
1267 | ||
1268 | if (wide) | |
1269 | len = offset & 7 ? 8 : 5; | |
1270 | else if (gen >= 4) | |
1271 | len = 4; | |
1272 | else if (gen >= 3) | |
1273 | len = 3; | |
1274 | else /* On gen2 MI_STORE_DWORD_IMM uses a physical address */ | |
1275 | goto repeat; | |
1276 | ||
1277 | batch = reloc_gpu(eb, vma, len); | |
1278 | if (IS_ERR(batch)) | |
1279 | goto repeat; | |
1280 | ||
1281 | addr = gen8_canonical_addr(vma->node.start + offset); | |
1282 | if (wide) { | |
1283 | if (offset & 7) { | |
1284 | *batch++ = MI_STORE_DWORD_IMM_GEN4; | |
1285 | *batch++ = lower_32_bits(addr); | |
1286 | *batch++ = upper_32_bits(addr); | |
1287 | *batch++ = lower_32_bits(target_offset); | |
1288 | ||
1289 | addr = gen8_canonical_addr(addr + 4); | |
1290 | ||
1291 | *batch++ = MI_STORE_DWORD_IMM_GEN4; | |
1292 | *batch++ = lower_32_bits(addr); | |
1293 | *batch++ = upper_32_bits(addr); | |
1294 | *batch++ = upper_32_bits(target_offset); | |
1295 | } else { | |
1296 | *batch++ = (MI_STORE_DWORD_IMM_GEN4 | (1 << 21)) + 1; | |
1297 | *batch++ = lower_32_bits(addr); | |
1298 | *batch++ = upper_32_bits(addr); | |
1299 | *batch++ = lower_32_bits(target_offset); | |
1300 | *batch++ = upper_32_bits(target_offset); | |
1301 | } | |
1302 | } else if (gen >= 6) { | |
1303 | *batch++ = MI_STORE_DWORD_IMM_GEN4; | |
1304 | *batch++ = 0; | |
1305 | *batch++ = addr; | |
1306 | *batch++ = target_offset; | |
1307 | } else if (gen >= 4) { | |
1308 | *batch++ = MI_STORE_DWORD_IMM_GEN4 | MI_USE_GGTT; | |
1309 | *batch++ = 0; | |
1310 | *batch++ = addr; | |
1311 | *batch++ = target_offset; | |
1312 | } else { | |
1313 | *batch++ = MI_STORE_DWORD_IMM | MI_MEM_VIRTUAL; | |
1314 | *batch++ = addr; | |
1315 | *batch++ = target_offset; | |
1316 | } | |
1317 | ||
1318 | goto out; | |
1319 | } | |
1320 | ||
d50415cc | 1321 | repeat: |
95ff7c7d | 1322 | vaddr = reloc_vaddr(vma->obj, &eb->reloc_cache, offset >> PAGE_SHIFT); |
d50415cc CW |
1323 | if (IS_ERR(vaddr)) |
1324 | return PTR_ERR(vaddr); | |
1325 | ||
1326 | clflush_write32(vaddr + offset_in_page(offset), | |
1327 | lower_32_bits(target_offset), | |
2889caa9 | 1328 | eb->reloc_cache.vaddr); |
d50415cc CW |
1329 | |
1330 | if (wide) { | |
1331 | offset += sizeof(u32); | |
1332 | target_offset >>= 32; | |
1333 | wide = false; | |
1334 | goto repeat; | |
edf4427b | 1335 | } |
edf4427b | 1336 | |
7dd4f672 | 1337 | out: |
2889caa9 | 1338 | return target->node.start | UPDATE; |
edf4427b | 1339 | } |
edf4427b | 1340 | |
2889caa9 CW |
1341 | static u64 |
1342 | eb_relocate_entry(struct i915_execbuffer *eb, | |
1343 | struct i915_vma *vma, | |
1344 | const struct drm_i915_gem_relocation_entry *reloc) | |
54cf91dc | 1345 | { |
507d977f | 1346 | struct i915_vma *target; |
2889caa9 | 1347 | int err; |
54cf91dc | 1348 | |
67731b87 | 1349 | /* we've already hold a reference to all valid objects */ |
507d977f CW |
1350 | target = eb_get_vma(eb, reloc->target_handle); |
1351 | if (unlikely(!target)) | |
54cf91dc | 1352 | return -ENOENT; |
e844b990 | 1353 | |
54cf91dc | 1354 | /* Validate that the target is in a valid r/w GPU domain */ |
b8f7ab17 | 1355 | if (unlikely(reloc->write_domain & (reloc->write_domain - 1))) { |
ff240199 | 1356 | DRM_DEBUG("reloc with multiple write domains: " |
507d977f | 1357 | "target %d offset %d " |
54cf91dc | 1358 | "read %08x write %08x", |
507d977f | 1359 | reloc->target_handle, |
54cf91dc CW |
1360 | (int) reloc->offset, |
1361 | reloc->read_domains, | |
1362 | reloc->write_domain); | |
8b78f0e5 | 1363 | return -EINVAL; |
54cf91dc | 1364 | } |
4ca4a250 DV |
1365 | if (unlikely((reloc->write_domain | reloc->read_domains) |
1366 | & ~I915_GEM_GPU_DOMAINS)) { | |
ff240199 | 1367 | DRM_DEBUG("reloc with read/write non-GPU domains: " |
507d977f | 1368 | "target %d offset %d " |
54cf91dc | 1369 | "read %08x write %08x", |
507d977f | 1370 | reloc->target_handle, |
54cf91dc CW |
1371 | (int) reloc->offset, |
1372 | reloc->read_domains, | |
1373 | reloc->write_domain); | |
8b78f0e5 | 1374 | return -EINVAL; |
54cf91dc | 1375 | } |
54cf91dc | 1376 | |
2889caa9 | 1377 | if (reloc->write_domain) { |
507d977f CW |
1378 | target->exec_entry->flags |= EXEC_OBJECT_WRITE; |
1379 | ||
2889caa9 CW |
1380 | /* |
1381 | * Sandybridge PPGTT errata: We need a global gtt mapping | |
1382 | * for MI and pipe_control writes because the gpu doesn't | |
1383 | * properly redirect them through the ppgtt for non_secure | |
1384 | * batchbuffers. | |
1385 | */ | |
1386 | if (reloc->write_domain == I915_GEM_DOMAIN_INSTRUCTION && | |
1387 | IS_GEN6(eb->i915)) { | |
1388 | err = i915_vma_bind(target, target->obj->cache_level, | |
1389 | PIN_GLOBAL); | |
1390 | if (WARN_ONCE(err, | |
1391 | "Unexpected failure to bind target VMA!")) | |
1392 | return err; | |
1393 | } | |
507d977f | 1394 | } |
54cf91dc | 1395 | |
2889caa9 CW |
1396 | /* |
1397 | * If the relocation already has the right value in it, no | |
54cf91dc CW |
1398 | * more work needs to be done. |
1399 | */ | |
7dd4f672 CW |
1400 | if (!DBG_FORCE_RELOC && |
1401 | gen8_canonical_addr(target->node.start) == reloc->presumed_offset) | |
67731b87 | 1402 | return 0; |
54cf91dc CW |
1403 | |
1404 | /* Check that the relocation address is valid... */ | |
3c94ceee | 1405 | if (unlikely(reloc->offset > |
507d977f | 1406 | vma->size - (eb->reloc_cache.use_64bit_reloc ? 8 : 4))) { |
ff240199 | 1407 | DRM_DEBUG("Relocation beyond object bounds: " |
507d977f CW |
1408 | "target %d offset %d size %d.\n", |
1409 | reloc->target_handle, | |
1410 | (int)reloc->offset, | |
1411 | (int)vma->size); | |
8b78f0e5 | 1412 | return -EINVAL; |
54cf91dc | 1413 | } |
b8f7ab17 | 1414 | if (unlikely(reloc->offset & 3)) { |
ff240199 | 1415 | DRM_DEBUG("Relocation not 4-byte aligned: " |
507d977f CW |
1416 | "target %d offset %d.\n", |
1417 | reloc->target_handle, | |
1418 | (int)reloc->offset); | |
8b78f0e5 | 1419 | return -EINVAL; |
54cf91dc CW |
1420 | } |
1421 | ||
071750e5 CW |
1422 | /* |
1423 | * If we write into the object, we need to force the synchronisation | |
1424 | * barrier, either with an asynchronous clflush or if we executed the | |
1425 | * patching using the GPU (though that should be serialised by the | |
1426 | * timeline). To be completely sure, and since we are required to | |
1427 | * do relocations we are already stalling, disable the user's opt | |
1428 | * of our synchronisation. | |
1429 | */ | |
1430 | vma->exec_entry->flags &= ~EXEC_OBJECT_ASYNC; | |
1431 | ||
54cf91dc | 1432 | /* and update the user's relocation entry */ |
2889caa9 | 1433 | return relocate_entry(vma, reloc, eb, target); |
54cf91dc CW |
1434 | } |
1435 | ||
2889caa9 | 1436 | static int eb_relocate_vma(struct i915_execbuffer *eb, struct i915_vma *vma) |
54cf91dc | 1437 | { |
1d83f442 | 1438 | #define N_RELOC(x) ((x) / sizeof(struct drm_i915_gem_relocation_entry)) |
2889caa9 CW |
1439 | struct drm_i915_gem_relocation_entry stack[N_RELOC(512)]; |
1440 | struct drm_i915_gem_relocation_entry __user *urelocs; | |
1441 | const struct drm_i915_gem_exec_object2 *entry = vma->exec_entry; | |
1442 | unsigned int remain; | |
54cf91dc | 1443 | |
2889caa9 | 1444 | urelocs = u64_to_user_ptr(entry->relocs_ptr); |
1d83f442 | 1445 | remain = entry->relocation_count; |
2889caa9 CW |
1446 | if (unlikely(remain > N_RELOC(ULONG_MAX))) |
1447 | return -EINVAL; | |
ebc0808f | 1448 | |
2889caa9 CW |
1449 | /* |
1450 | * We must check that the entire relocation array is safe | |
1451 | * to read. However, if the array is not writable the user loses | |
1452 | * the updated relocation values. | |
1453 | */ | |
1454 | if (unlikely(!access_ok(VERIFY_READ, urelocs, remain*sizeof(urelocs)))) | |
1455 | return -EFAULT; | |
1456 | ||
1457 | do { | |
1458 | struct drm_i915_gem_relocation_entry *r = stack; | |
1459 | unsigned int count = | |
1460 | min_t(unsigned int, remain, ARRAY_SIZE(stack)); | |
1461 | unsigned int copied; | |
1d83f442 | 1462 | |
2889caa9 CW |
1463 | /* |
1464 | * This is the fast path and we cannot handle a pagefault | |
ebc0808f CW |
1465 | * whilst holding the struct mutex lest the user pass in the |
1466 | * relocations contained within a mmaped bo. For in such a case | |
1467 | * we, the page fault handler would call i915_gem_fault() and | |
1468 | * we would try to acquire the struct mutex again. Obviously | |
1469 | * this is bad and so lockdep complains vehemently. | |
1470 | */ | |
1471 | pagefault_disable(); | |
2889caa9 | 1472 | copied = __copy_from_user_inatomic(r, urelocs, count * sizeof(r[0])); |
ebc0808f | 1473 | pagefault_enable(); |
2889caa9 CW |
1474 | if (unlikely(copied)) { |
1475 | remain = -EFAULT; | |
31a39207 CW |
1476 | goto out; |
1477 | } | |
54cf91dc | 1478 | |
2889caa9 | 1479 | remain -= count; |
1d83f442 | 1480 | do { |
2889caa9 | 1481 | u64 offset = eb_relocate_entry(eb, vma, r); |
54cf91dc | 1482 | |
2889caa9 CW |
1483 | if (likely(offset == 0)) { |
1484 | } else if ((s64)offset < 0) { | |
1485 | remain = (int)offset; | |
31a39207 | 1486 | goto out; |
2889caa9 CW |
1487 | } else { |
1488 | /* | |
1489 | * Note that reporting an error now | |
1490 | * leaves everything in an inconsistent | |
1491 | * state as we have *already* changed | |
1492 | * the relocation value inside the | |
1493 | * object. As we have not changed the | |
1494 | * reloc.presumed_offset or will not | |
1495 | * change the execobject.offset, on the | |
1496 | * call we may not rewrite the value | |
1497 | * inside the object, leaving it | |
1498 | * dangling and causing a GPU hang. Unless | |
1499 | * userspace dynamically rebuilds the | |
1500 | * relocations on each execbuf rather than | |
1501 | * presume a static tree. | |
1502 | * | |
1503 | * We did previously check if the relocations | |
1504 | * were writable (access_ok), an error now | |
1505 | * would be a strange race with mprotect, | |
1506 | * having already demonstrated that we | |
1507 | * can read from this userspace address. | |
1508 | */ | |
1509 | offset = gen8_canonical_addr(offset & ~UPDATE); | |
1510 | __put_user(offset, | |
1511 | &urelocs[r-stack].presumed_offset); | |
1d83f442 | 1512 | } |
2889caa9 CW |
1513 | } while (r++, --count); |
1514 | urelocs += ARRAY_SIZE(stack); | |
1515 | } while (remain); | |
31a39207 | 1516 | out: |
650bc635 | 1517 | reloc_cache_reset(&eb->reloc_cache); |
2889caa9 | 1518 | return remain; |
54cf91dc CW |
1519 | } |
1520 | ||
1521 | static int | |
2889caa9 | 1522 | eb_relocate_vma_slow(struct i915_execbuffer *eb, struct i915_vma *vma) |
54cf91dc | 1523 | { |
27173f1f | 1524 | const struct drm_i915_gem_exec_object2 *entry = vma->exec_entry; |
2889caa9 CW |
1525 | struct drm_i915_gem_relocation_entry *relocs = |
1526 | u64_to_ptr(typeof(*relocs), entry->relocs_ptr); | |
1527 | unsigned int i; | |
1528 | int err; | |
54cf91dc CW |
1529 | |
1530 | for (i = 0; i < entry->relocation_count; i++) { | |
2889caa9 | 1531 | u64 offset = eb_relocate_entry(eb, vma, &relocs[i]); |
d4aeee77 | 1532 | |
2889caa9 CW |
1533 | if ((s64)offset < 0) { |
1534 | err = (int)offset; | |
1535 | goto err; | |
1536 | } | |
54cf91dc | 1537 | } |
2889caa9 CW |
1538 | err = 0; |
1539 | err: | |
1540 | reloc_cache_reset(&eb->reloc_cache); | |
1541 | return err; | |
edf4427b CW |
1542 | } |
1543 | ||
2889caa9 | 1544 | static int check_relocations(const struct drm_i915_gem_exec_object2 *entry) |
1690e1eb | 1545 | { |
2889caa9 CW |
1546 | const char __user *addr, *end; |
1547 | unsigned long size; | |
1548 | char __maybe_unused c; | |
1690e1eb | 1549 | |
2889caa9 CW |
1550 | size = entry->relocation_count; |
1551 | if (size == 0) | |
1552 | return 0; | |
7788a765 | 1553 | |
2889caa9 CW |
1554 | if (size > N_RELOC(ULONG_MAX)) |
1555 | return -EINVAL; | |
9a5a53b3 | 1556 | |
2889caa9 CW |
1557 | addr = u64_to_user_ptr(entry->relocs_ptr); |
1558 | size *= sizeof(struct drm_i915_gem_relocation_entry); | |
1559 | if (!access_ok(VERIFY_READ, addr, size)) | |
1560 | return -EFAULT; | |
1690e1eb | 1561 | |
2889caa9 CW |
1562 | end = addr + size; |
1563 | for (; addr < end; addr += PAGE_SIZE) { | |
1564 | int err = __get_user(c, addr); | |
1565 | if (err) | |
1566 | return err; | |
ed5982e6 | 1567 | } |
2889caa9 | 1568 | return __get_user(c, end - 1); |
7788a765 | 1569 | } |
1690e1eb | 1570 | |
2889caa9 | 1571 | static int eb_copy_relocations(const struct i915_execbuffer *eb) |
d23db88c | 1572 | { |
2889caa9 CW |
1573 | const unsigned int count = eb->buffer_count; |
1574 | unsigned int i; | |
1575 | int err; | |
e6a84468 | 1576 | |
2889caa9 CW |
1577 | for (i = 0; i < count; i++) { |
1578 | const unsigned int nreloc = eb->exec[i].relocation_count; | |
1579 | struct drm_i915_gem_relocation_entry __user *urelocs; | |
1580 | struct drm_i915_gem_relocation_entry *relocs; | |
1581 | unsigned long size; | |
1582 | unsigned long copied; | |
e6a84468 | 1583 | |
2889caa9 CW |
1584 | if (nreloc == 0) |
1585 | continue; | |
e6a84468 | 1586 | |
2889caa9 CW |
1587 | err = check_relocations(&eb->exec[i]); |
1588 | if (err) | |
1589 | goto err; | |
d23db88c | 1590 | |
2889caa9 CW |
1591 | urelocs = u64_to_user_ptr(eb->exec[i].relocs_ptr); |
1592 | size = nreloc * sizeof(*relocs); | |
d23db88c | 1593 | |
2889caa9 CW |
1594 | relocs = kvmalloc_array(size, 1, GFP_TEMPORARY); |
1595 | if (!relocs) { | |
1596 | kvfree(relocs); | |
1597 | err = -ENOMEM; | |
1598 | goto err; | |
1599 | } | |
d23db88c | 1600 | |
2889caa9 CW |
1601 | /* copy_from_user is limited to < 4GiB */ |
1602 | copied = 0; | |
1603 | do { | |
1604 | unsigned int len = | |
1605 | min_t(u64, BIT_ULL(31), size - copied); | |
1606 | ||
1607 | if (__copy_from_user((char *)relocs + copied, | |
1608 | (char *)urelocs + copied, | |
1609 | len)) { | |
1610 | kvfree(relocs); | |
1611 | err = -EFAULT; | |
1612 | goto err; | |
1613 | } | |
91b2db6f | 1614 | |
2889caa9 CW |
1615 | copied += len; |
1616 | } while (copied < size); | |
506a8e87 | 1617 | |
2889caa9 CW |
1618 | /* |
1619 | * As we do not update the known relocation offsets after | |
1620 | * relocating (due to the complexities in lock handling), | |
1621 | * we need to mark them as invalid now so that we force the | |
1622 | * relocation processing next time. Just in case the target | |
1623 | * object is evicted and then rebound into its old | |
1624 | * presumed_offset before the next execbuffer - if that | |
1625 | * happened we would make the mistake of assuming that the | |
1626 | * relocations were valid. | |
1627 | */ | |
1628 | user_access_begin(); | |
1629 | for (copied = 0; copied < nreloc; copied++) | |
1630 | unsafe_put_user(-1, | |
1631 | &urelocs[copied].presumed_offset, | |
1632 | end_user); | |
1633 | end_user: | |
1634 | user_access_end(); | |
d23db88c | 1635 | |
2889caa9 CW |
1636 | eb->exec[i].relocs_ptr = (uintptr_t)relocs; |
1637 | } | |
edf4427b | 1638 | |
2889caa9 | 1639 | return 0; |
101b506a | 1640 | |
2889caa9 CW |
1641 | err: |
1642 | while (i--) { | |
1643 | struct drm_i915_gem_relocation_entry *relocs = | |
1644 | u64_to_ptr(typeof(*relocs), eb->exec[i].relocs_ptr); | |
1645 | if (eb->exec[i].relocation_count) | |
1646 | kvfree(relocs); | |
1647 | } | |
1648 | return err; | |
d23db88c CW |
1649 | } |
1650 | ||
2889caa9 | 1651 | static int eb_prefault_relocations(const struct i915_execbuffer *eb) |
54cf91dc | 1652 | { |
2889caa9 CW |
1653 | const unsigned int count = eb->buffer_count; |
1654 | unsigned int i; | |
54cf91dc | 1655 | |
2889caa9 CW |
1656 | if (unlikely(i915.prefault_disable)) |
1657 | return 0; | |
54cf91dc | 1658 | |
2889caa9 CW |
1659 | for (i = 0; i < count; i++) { |
1660 | int err; | |
54cf91dc | 1661 | |
2889caa9 CW |
1662 | err = check_relocations(&eb->exec[i]); |
1663 | if (err) | |
1664 | return err; | |
1665 | } | |
a415d355 | 1666 | |
2889caa9 | 1667 | return 0; |
54cf91dc CW |
1668 | } |
1669 | ||
2889caa9 | 1670 | static noinline int eb_relocate_slow(struct i915_execbuffer *eb) |
54cf91dc | 1671 | { |
650bc635 | 1672 | struct drm_device *dev = &eb->i915->drm; |
2889caa9 | 1673 | bool have_copy = false; |
27173f1f | 1674 | struct i915_vma *vma; |
2889caa9 CW |
1675 | int err = 0; |
1676 | ||
1677 | repeat: | |
1678 | if (signal_pending(current)) { | |
1679 | err = -ERESTARTSYS; | |
1680 | goto out; | |
1681 | } | |
27173f1f | 1682 | |
67731b87 | 1683 | /* We may process another execbuffer during the unlock... */ |
2889caa9 | 1684 | eb_reset_vmas(eb); |
54cf91dc CW |
1685 | mutex_unlock(&dev->struct_mutex); |
1686 | ||
2889caa9 CW |
1687 | /* |
1688 | * We take 3 passes through the slowpatch. | |
1689 | * | |
1690 | * 1 - we try to just prefault all the user relocation entries and | |
1691 | * then attempt to reuse the atomic pagefault disabled fast path again. | |
1692 | * | |
1693 | * 2 - we copy the user entries to a local buffer here outside of the | |
1694 | * local and allow ourselves to wait upon any rendering before | |
1695 | * relocations | |
1696 | * | |
1697 | * 3 - we already have a local copy of the relocation entries, but | |
1698 | * were interrupted (EAGAIN) whilst waiting for the objects, try again. | |
1699 | */ | |
1700 | if (!err) { | |
1701 | err = eb_prefault_relocations(eb); | |
1702 | } else if (!have_copy) { | |
1703 | err = eb_copy_relocations(eb); | |
1704 | have_copy = err == 0; | |
1705 | } else { | |
1706 | cond_resched(); | |
1707 | err = 0; | |
54cf91dc | 1708 | } |
2889caa9 CW |
1709 | if (err) { |
1710 | mutex_lock(&dev->struct_mutex); | |
1711 | goto out; | |
54cf91dc CW |
1712 | } |
1713 | ||
8a2421bd CW |
1714 | /* A frequent cause for EAGAIN are currently unavailable client pages */ |
1715 | flush_workqueue(eb->i915->mm.userptr_wq); | |
1716 | ||
2889caa9 CW |
1717 | err = i915_mutex_lock_interruptible(dev); |
1718 | if (err) { | |
54cf91dc | 1719 | mutex_lock(&dev->struct_mutex); |
2889caa9 | 1720 | goto out; |
54cf91dc CW |
1721 | } |
1722 | ||
67731b87 | 1723 | /* reacquire the objects */ |
2889caa9 CW |
1724 | err = eb_lookup_vmas(eb); |
1725 | if (err) | |
3b96eff4 | 1726 | goto err; |
67731b87 | 1727 | |
2889caa9 CW |
1728 | list_for_each_entry(vma, &eb->relocs, reloc_link) { |
1729 | if (!have_copy) { | |
1730 | pagefault_disable(); | |
1731 | err = eb_relocate_vma(eb, vma); | |
1732 | pagefault_enable(); | |
1733 | if (err) | |
1734 | goto repeat; | |
1735 | } else { | |
1736 | err = eb_relocate_vma_slow(eb, vma); | |
1737 | if (err) | |
1738 | goto err; | |
1739 | } | |
54cf91dc CW |
1740 | } |
1741 | ||
2889caa9 CW |
1742 | /* |
1743 | * Leave the user relocations as are, this is the painfully slow path, | |
54cf91dc CW |
1744 | * and we want to avoid the complication of dropping the lock whilst |
1745 | * having buffers reserved in the aperture and so causing spurious | |
1746 | * ENOSPC for random operations. | |
1747 | */ | |
1748 | ||
1749 | err: | |
2889caa9 CW |
1750 | if (err == -EAGAIN) |
1751 | goto repeat; | |
1752 | ||
1753 | out: | |
1754 | if (have_copy) { | |
1755 | const unsigned int count = eb->buffer_count; | |
1756 | unsigned int i; | |
1757 | ||
1758 | for (i = 0; i < count; i++) { | |
1759 | const struct drm_i915_gem_exec_object2 *entry = | |
1760 | &eb->exec[i]; | |
1761 | struct drm_i915_gem_relocation_entry *relocs; | |
1762 | ||
1763 | if (!entry->relocation_count) | |
1764 | continue; | |
1765 | ||
1766 | relocs = u64_to_ptr(typeof(*relocs), entry->relocs_ptr); | |
1767 | kvfree(relocs); | |
1768 | } | |
1769 | } | |
1770 | ||
1771 | return err ?: have_copy; | |
54cf91dc CW |
1772 | } |
1773 | ||
2889caa9 | 1774 | static int eb_relocate(struct i915_execbuffer *eb) |
54cf91dc | 1775 | { |
2889caa9 CW |
1776 | if (eb_lookup_vmas(eb)) |
1777 | goto slow; | |
1778 | ||
1779 | /* The objects are in their final locations, apply the relocations. */ | |
1780 | if (eb->args->flags & __EXEC_HAS_RELOC) { | |
1781 | struct i915_vma *vma; | |
1782 | ||
1783 | list_for_each_entry(vma, &eb->relocs, reloc_link) { | |
1784 | if (eb_relocate_vma(eb, vma)) | |
1785 | goto slow; | |
1786 | } | |
1787 | } | |
1788 | ||
1789 | return 0; | |
1790 | ||
1791 | slow: | |
1792 | return eb_relocate_slow(eb); | |
1793 | } | |
1794 | ||
95ff7c7d | 1795 | static void eb_export_fence(struct i915_vma *vma, |
2889caa9 CW |
1796 | struct drm_i915_gem_request *req, |
1797 | unsigned int flags) | |
1798 | { | |
95ff7c7d | 1799 | struct reservation_object *resv = vma->resv; |
2889caa9 CW |
1800 | |
1801 | /* | |
1802 | * Ignore errors from failing to allocate the new fence, we can't | |
1803 | * handle an error right now. Worst case should be missed | |
1804 | * synchronisation leading to rendering corruption. | |
1805 | */ | |
1806 | reservation_object_lock(resv, NULL); | |
1807 | if (flags & EXEC_OBJECT_WRITE) | |
1808 | reservation_object_add_excl_fence(resv, &req->fence); | |
1809 | else if (reservation_object_reserve_shared(resv) == 0) | |
1810 | reservation_object_add_shared_fence(resv, &req->fence); | |
1811 | reservation_object_unlock(resv); | |
1812 | } | |
1813 | ||
1814 | static int eb_move_to_gpu(struct i915_execbuffer *eb) | |
1815 | { | |
1816 | const unsigned int count = eb->buffer_count; | |
1817 | unsigned int i; | |
1818 | int err; | |
54cf91dc | 1819 | |
2889caa9 CW |
1820 | for (i = 0; i < count; i++) { |
1821 | const struct drm_i915_gem_exec_object2 *entry = &eb->exec[i]; | |
1822 | struct i915_vma *vma = exec_to_vma(entry); | |
27173f1f | 1823 | struct drm_i915_gem_object *obj = vma->obj; |
03ade511 | 1824 | |
2889caa9 | 1825 | if (entry->flags & EXEC_OBJECT_CAPTURE) { |
b0fd47ad CW |
1826 | struct i915_gem_capture_list *capture; |
1827 | ||
1828 | capture = kmalloc(sizeof(*capture), GFP_KERNEL); | |
1829 | if (unlikely(!capture)) | |
1830 | return -ENOMEM; | |
1831 | ||
650bc635 | 1832 | capture->next = eb->request->capture_list; |
b0fd47ad | 1833 | capture->vma = vma; |
650bc635 | 1834 | eb->request->capture_list = capture; |
b0fd47ad CW |
1835 | } |
1836 | ||
2889caa9 CW |
1837 | if (entry->flags & EXEC_OBJECT_ASYNC) |
1838 | goto skip_flushes; | |
77ae9957 | 1839 | |
7fc92e96 | 1840 | if (unlikely(obj->cache_dirty && !obj->cache_coherent)) |
57822dc6 | 1841 | i915_gem_clflush_object(obj, 0); |
57822dc6 | 1842 | |
2889caa9 CW |
1843 | err = i915_gem_request_await_object |
1844 | (eb->request, obj, entry->flags & EXEC_OBJECT_WRITE); | |
1845 | if (err) | |
1846 | return err; | |
1847 | ||
1848 | skip_flushes: | |
1849 | i915_vma_move_to_active(vma, eb->request, entry->flags); | |
1850 | __eb_unreserve_vma(vma, entry); | |
1851 | vma->exec_entry = NULL; | |
1852 | } | |
1853 | ||
1854 | for (i = 0; i < count; i++) { | |
1855 | const struct drm_i915_gem_exec_object2 *entry = &eb->exec[i]; | |
1856 | struct i915_vma *vma = exec_to_vma(entry); | |
1857 | ||
95ff7c7d | 1858 | eb_export_fence(vma, eb->request, entry->flags); |
dade2a61 CW |
1859 | if (unlikely(entry->flags & __EXEC_OBJECT_HAS_REF)) |
1860 | i915_vma_put(vma); | |
c59a333f | 1861 | } |
2889caa9 | 1862 | eb->exec = NULL; |
c59a333f | 1863 | |
dcd79934 | 1864 | /* Unconditionally flush any chipset caches (for streaming writes). */ |
650bc635 | 1865 | i915_gem_chipset_flush(eb->i915); |
6ac42f41 | 1866 | |
c7fe7d25 | 1867 | /* Unconditionally invalidate GPU caches and TLBs. */ |
650bc635 | 1868 | return eb->engine->emit_flush(eb->request, EMIT_INVALIDATE); |
54cf91dc CW |
1869 | } |
1870 | ||
2889caa9 | 1871 | static bool i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec) |
54cf91dc | 1872 | { |
650bc635 | 1873 | if (exec->flags & __I915_EXEC_ILLEGAL_FLAGS) |
ed5982e6 DV |
1874 | return false; |
1875 | ||
2f5945bc CW |
1876 | /* Kernel clipping was a DRI1 misfeature */ |
1877 | if (exec->num_cliprects || exec->cliprects_ptr) | |
1878 | return false; | |
1879 | ||
1880 | if (exec->DR4 == 0xffffffff) { | |
1881 | DRM_DEBUG("UXA submitting garbage DR4, fixing up\n"); | |
1882 | exec->DR4 = 0; | |
1883 | } | |
1884 | if (exec->DR1 || exec->DR4) | |
1885 | return false; | |
1886 | ||
1887 | if ((exec->batch_start_offset | exec->batch_len) & 0x7) | |
1888 | return false; | |
1889 | ||
1890 | return true; | |
54cf91dc CW |
1891 | } |
1892 | ||
5cf3d280 CW |
1893 | void i915_vma_move_to_active(struct i915_vma *vma, |
1894 | struct drm_i915_gem_request *req, | |
1895 | unsigned int flags) | |
1896 | { | |
1897 | struct drm_i915_gem_object *obj = vma->obj; | |
1898 | const unsigned int idx = req->engine->id; | |
1899 | ||
81147b07 | 1900 | lockdep_assert_held(&req->i915->drm.struct_mutex); |
5cf3d280 CW |
1901 | GEM_BUG_ON(!drm_mm_node_allocated(&vma->node)); |
1902 | ||
2889caa9 CW |
1903 | /* |
1904 | * Add a reference if we're newly entering the active list. | |
b0decaf7 CW |
1905 | * The order in which we add operations to the retirement queue is |
1906 | * vital here: mark_active adds to the start of the callback list, | |
1907 | * such that subsequent callbacks are called first. Therefore we | |
1908 | * add the active reference first and queue for it to be dropped | |
1909 | * *last*. | |
1910 | */ | |
d07f0e59 CW |
1911 | if (!i915_vma_is_active(vma)) |
1912 | obj->active_count++; | |
1913 | i915_vma_set_active(vma, idx); | |
1914 | i915_gem_active_set(&vma->last_read[idx], req); | |
1915 | list_move_tail(&vma->vm_link, &vma->vm->active_list); | |
5cf3d280 | 1916 | |
e27ab73d | 1917 | obj->base.write_domain = 0; |
5cf3d280 | 1918 | if (flags & EXEC_OBJECT_WRITE) { |
e27ab73d CW |
1919 | obj->base.write_domain = I915_GEM_DOMAIN_RENDER; |
1920 | ||
5b8c8aec CW |
1921 | if (intel_fb_obj_invalidate(obj, ORIGIN_CS)) |
1922 | i915_gem_active_set(&obj->frontbuffer_write, req); | |
5cf3d280 | 1923 | |
e27ab73d | 1924 | obj->base.read_domains = 0; |
5cf3d280 | 1925 | } |
e27ab73d | 1926 | obj->base.read_domains |= I915_GEM_GPU_DOMAINS; |
5cf3d280 | 1927 | |
49ef5294 CW |
1928 | if (flags & EXEC_OBJECT_NEEDS_FENCE) |
1929 | i915_gem_active_set(&vma->last_fence, req); | |
5cf3d280 CW |
1930 | } |
1931 | ||
2889caa9 | 1932 | static int i915_reset_gen7_sol_offsets(struct drm_i915_gem_request *req) |
ae662d31 | 1933 | { |
73dec95e TU |
1934 | u32 *cs; |
1935 | int i; | |
ae662d31 | 1936 | |
b5321f30 | 1937 | if (!IS_GEN7(req->i915) || req->engine->id != RCS) { |
9d662da8 DV |
1938 | DRM_DEBUG("sol reset is gen7/rcs only\n"); |
1939 | return -EINVAL; | |
1940 | } | |
ae662d31 | 1941 | |
2889caa9 | 1942 | cs = intel_ring_begin(req, 4 * 2 + 2); |
73dec95e TU |
1943 | if (IS_ERR(cs)) |
1944 | return PTR_ERR(cs); | |
ae662d31 | 1945 | |
2889caa9 | 1946 | *cs++ = MI_LOAD_REGISTER_IMM(4); |
ae662d31 | 1947 | for (i = 0; i < 4; i++) { |
73dec95e TU |
1948 | *cs++ = i915_mmio_reg_offset(GEN7_SO_WRITE_OFFSET(i)); |
1949 | *cs++ = 0; | |
ae662d31 | 1950 | } |
2889caa9 | 1951 | *cs++ = MI_NOOP; |
73dec95e | 1952 | intel_ring_advance(req, cs); |
ae662d31 EA |
1953 | |
1954 | return 0; | |
1955 | } | |
1956 | ||
650bc635 | 1957 | static struct i915_vma *eb_parse(struct i915_execbuffer *eb, bool is_master) |
71745376 | 1958 | { |
71745376 | 1959 | struct drm_i915_gem_object *shadow_batch_obj; |
17cabf57 | 1960 | struct i915_vma *vma; |
2889caa9 | 1961 | int err; |
71745376 | 1962 | |
650bc635 CW |
1963 | shadow_batch_obj = i915_gem_batch_pool_get(&eb->engine->batch_pool, |
1964 | PAGE_ALIGN(eb->batch_len)); | |
71745376 | 1965 | if (IS_ERR(shadow_batch_obj)) |
59bfa124 | 1966 | return ERR_CAST(shadow_batch_obj); |
71745376 | 1967 | |
2889caa9 | 1968 | err = intel_engine_cmd_parser(eb->engine, |
650bc635 | 1969 | eb->batch->obj, |
33a051a5 | 1970 | shadow_batch_obj, |
650bc635 CW |
1971 | eb->batch_start_offset, |
1972 | eb->batch_len, | |
33a051a5 | 1973 | is_master); |
2889caa9 CW |
1974 | if (err) { |
1975 | if (err == -EACCES) /* unhandled chained batch */ | |
058d88c4 CW |
1976 | vma = NULL; |
1977 | else | |
2889caa9 | 1978 | vma = ERR_PTR(err); |
058d88c4 CW |
1979 | goto out; |
1980 | } | |
71745376 | 1981 | |
058d88c4 CW |
1982 | vma = i915_gem_object_ggtt_pin(shadow_batch_obj, NULL, 0, 0, 0); |
1983 | if (IS_ERR(vma)) | |
1984 | goto out; | |
de4e783a | 1985 | |
650bc635 | 1986 | vma->exec_entry = |
2889caa9 CW |
1987 | memset(&eb->exec[eb->buffer_count++], |
1988 | 0, sizeof(*vma->exec_entry)); | |
dade2a61 | 1989 | vma->exec_entry->flags = __EXEC_OBJECT_HAS_PIN | __EXEC_OBJECT_HAS_REF; |
2889caa9 | 1990 | __exec_to_vma(vma->exec_entry) = (uintptr_t)i915_vma_get(vma); |
71745376 | 1991 | |
058d88c4 | 1992 | out: |
de4e783a | 1993 | i915_gem_object_unpin_pages(shadow_batch_obj); |
058d88c4 | 1994 | return vma; |
71745376 | 1995 | } |
5c6c6003 | 1996 | |
c8659efa | 1997 | static void |
2889caa9 | 1998 | add_to_client(struct drm_i915_gem_request *req, struct drm_file *file) |
c8659efa CW |
1999 | { |
2000 | req->file_priv = file->driver_priv; | |
2001 | list_add_tail(&req->client_link, &req->file_priv->mm.request_list); | |
2002 | } | |
2003 | ||
2889caa9 | 2004 | static int eb_submit(struct i915_execbuffer *eb) |
78382593 | 2005 | { |
2889caa9 | 2006 | int err; |
78382593 | 2007 | |
2889caa9 CW |
2008 | err = eb_move_to_gpu(eb); |
2009 | if (err) | |
2010 | return err; | |
78382593 | 2011 | |
2889caa9 CW |
2012 | err = i915_switch_context(eb->request); |
2013 | if (err) | |
2014 | return err; | |
78382593 | 2015 | |
650bc635 | 2016 | if (eb->args->flags & I915_EXEC_GEN7_SOL_RESET) { |
2889caa9 CW |
2017 | err = i915_reset_gen7_sol_offsets(eb->request); |
2018 | if (err) | |
2019 | return err; | |
78382593 OM |
2020 | } |
2021 | ||
2889caa9 | 2022 | err = eb->engine->emit_bb_start(eb->request, |
650bc635 CW |
2023 | eb->batch->node.start + |
2024 | eb->batch_start_offset, | |
2025 | eb->batch_len, | |
2889caa9 CW |
2026 | eb->batch_flags); |
2027 | if (err) | |
2028 | return err; | |
78382593 | 2029 | |
2f5945bc | 2030 | return 0; |
78382593 OM |
2031 | } |
2032 | ||
a8ebba75 ZY |
2033 | /** |
2034 | * Find one BSD ring to dispatch the corresponding BSD command. | |
c80ff16e | 2035 | * The engine index is returned. |
a8ebba75 | 2036 | */ |
de1add36 | 2037 | static unsigned int |
c80ff16e CW |
2038 | gen8_dispatch_bsd_engine(struct drm_i915_private *dev_priv, |
2039 | struct drm_file *file) | |
a8ebba75 | 2040 | { |
a8ebba75 ZY |
2041 | struct drm_i915_file_private *file_priv = file->driver_priv; |
2042 | ||
de1add36 | 2043 | /* Check whether the file_priv has already selected one ring. */ |
6f633402 JL |
2044 | if ((int)file_priv->bsd_engine < 0) |
2045 | file_priv->bsd_engine = atomic_fetch_xor(1, | |
2046 | &dev_priv->mm.bsd_engine_dispatch_index); | |
d23db88c | 2047 | |
c80ff16e | 2048 | return file_priv->bsd_engine; |
d23db88c CW |
2049 | } |
2050 | ||
de1add36 TU |
2051 | #define I915_USER_RINGS (4) |
2052 | ||
117897f4 | 2053 | static const enum intel_engine_id user_ring_map[I915_USER_RINGS + 1] = { |
de1add36 TU |
2054 | [I915_EXEC_DEFAULT] = RCS, |
2055 | [I915_EXEC_RENDER] = RCS, | |
2056 | [I915_EXEC_BLT] = BCS, | |
2057 | [I915_EXEC_BSD] = VCS, | |
2058 | [I915_EXEC_VEBOX] = VECS | |
2059 | }; | |
2060 | ||
f8ca0c07 DG |
2061 | static struct intel_engine_cs * |
2062 | eb_select_engine(struct drm_i915_private *dev_priv, | |
2063 | struct drm_file *file, | |
2064 | struct drm_i915_gem_execbuffer2 *args) | |
de1add36 TU |
2065 | { |
2066 | unsigned int user_ring_id = args->flags & I915_EXEC_RING_MASK; | |
f8ca0c07 | 2067 | struct intel_engine_cs *engine; |
de1add36 TU |
2068 | |
2069 | if (user_ring_id > I915_USER_RINGS) { | |
2070 | DRM_DEBUG("execbuf with unknown ring: %u\n", user_ring_id); | |
f8ca0c07 | 2071 | return NULL; |
de1add36 TU |
2072 | } |
2073 | ||
2074 | if ((user_ring_id != I915_EXEC_BSD) && | |
2075 | ((args->flags & I915_EXEC_BSD_MASK) != 0)) { | |
2076 | DRM_DEBUG("execbuf with non bsd ring but with invalid " | |
2077 | "bsd dispatch flags: %d\n", (int)(args->flags)); | |
f8ca0c07 | 2078 | return NULL; |
de1add36 TU |
2079 | } |
2080 | ||
2081 | if (user_ring_id == I915_EXEC_BSD && HAS_BSD2(dev_priv)) { | |
2082 | unsigned int bsd_idx = args->flags & I915_EXEC_BSD_MASK; | |
2083 | ||
2084 | if (bsd_idx == I915_EXEC_BSD_DEFAULT) { | |
c80ff16e | 2085 | bsd_idx = gen8_dispatch_bsd_engine(dev_priv, file); |
de1add36 TU |
2086 | } else if (bsd_idx >= I915_EXEC_BSD_RING1 && |
2087 | bsd_idx <= I915_EXEC_BSD_RING2) { | |
d9da6aa0 | 2088 | bsd_idx >>= I915_EXEC_BSD_SHIFT; |
de1add36 TU |
2089 | bsd_idx--; |
2090 | } else { | |
2091 | DRM_DEBUG("execbuf with unknown bsd ring: %u\n", | |
2092 | bsd_idx); | |
f8ca0c07 | 2093 | return NULL; |
de1add36 TU |
2094 | } |
2095 | ||
3b3f1650 | 2096 | engine = dev_priv->engine[_VCS(bsd_idx)]; |
de1add36 | 2097 | } else { |
3b3f1650 | 2098 | engine = dev_priv->engine[user_ring_map[user_ring_id]]; |
de1add36 TU |
2099 | } |
2100 | ||
3b3f1650 | 2101 | if (!engine) { |
de1add36 | 2102 | DRM_DEBUG("execbuf with invalid ring: %u\n", user_ring_id); |
f8ca0c07 | 2103 | return NULL; |
de1add36 TU |
2104 | } |
2105 | ||
f8ca0c07 | 2106 | return engine; |
de1add36 TU |
2107 | } |
2108 | ||
54cf91dc | 2109 | static int |
650bc635 | 2110 | i915_gem_do_execbuffer(struct drm_device *dev, |
54cf91dc CW |
2111 | struct drm_file *file, |
2112 | struct drm_i915_gem_execbuffer2 *args, | |
41bde553 | 2113 | struct drm_i915_gem_exec_object2 *exec) |
54cf91dc | 2114 | { |
650bc635 | 2115 | struct i915_execbuffer eb; |
fec0445c CW |
2116 | struct dma_fence *in_fence = NULL; |
2117 | struct sync_file *out_fence = NULL; | |
2118 | int out_fence_fd = -1; | |
2889caa9 | 2119 | int err; |
432e58ed | 2120 | |
2889caa9 CW |
2121 | BUILD_BUG_ON(__EXEC_OBJECT_INTERNAL_FLAGS & |
2122 | ~__EXEC_OBJECT_UNKNOWN_FLAGS); | |
54cf91dc | 2123 | |
650bc635 CW |
2124 | eb.i915 = to_i915(dev); |
2125 | eb.file = file; | |
2126 | eb.args = args; | |
7dd4f672 | 2127 | if (DBG_FORCE_RELOC || !(args->flags & I915_EXEC_NO_RELOC)) |
2889caa9 | 2128 | args->flags |= __EXEC_HAS_RELOC; |
650bc635 | 2129 | eb.exec = exec; |
2889caa9 CW |
2130 | eb.ctx = NULL; |
2131 | eb.invalid_flags = __EXEC_OBJECT_UNKNOWN_FLAGS; | |
2132 | if (USES_FULL_PPGTT(eb.i915)) | |
2133 | eb.invalid_flags |= EXEC_OBJECT_NEEDS_GTT; | |
650bc635 CW |
2134 | reloc_cache_init(&eb.reloc_cache, eb.i915); |
2135 | ||
2889caa9 | 2136 | eb.buffer_count = args->buffer_count; |
650bc635 CW |
2137 | eb.batch_start_offset = args->batch_start_offset; |
2138 | eb.batch_len = args->batch_len; | |
2139 | ||
2889caa9 | 2140 | eb.batch_flags = 0; |
d7d4eedd | 2141 | if (args->flags & I915_EXEC_SECURE) { |
b3ac9f25 | 2142 | if (!drm_is_current_master(file) || !capable(CAP_SYS_ADMIN)) |
d7d4eedd CW |
2143 | return -EPERM; |
2144 | ||
2889caa9 | 2145 | eb.batch_flags |= I915_DISPATCH_SECURE; |
d7d4eedd | 2146 | } |
b45305fc | 2147 | if (args->flags & I915_EXEC_IS_PINNED) |
2889caa9 | 2148 | eb.batch_flags |= I915_DISPATCH_PINNED; |
54cf91dc | 2149 | |
650bc635 CW |
2150 | eb.engine = eb_select_engine(eb.i915, file, args); |
2151 | if (!eb.engine) | |
54cf91dc | 2152 | return -EINVAL; |
54cf91dc | 2153 | |
a9ed33ca | 2154 | if (args->flags & I915_EXEC_RESOURCE_STREAMER) { |
650bc635 | 2155 | if (!HAS_RESOURCE_STREAMER(eb.i915)) { |
a9ed33ca AJ |
2156 | DRM_DEBUG("RS is only allowed for Haswell, Gen8 and above\n"); |
2157 | return -EINVAL; | |
2158 | } | |
650bc635 | 2159 | if (eb.engine->id != RCS) { |
a9ed33ca | 2160 | DRM_DEBUG("RS is not available on %s\n", |
650bc635 | 2161 | eb.engine->name); |
a9ed33ca AJ |
2162 | return -EINVAL; |
2163 | } | |
2164 | ||
2889caa9 | 2165 | eb.batch_flags |= I915_DISPATCH_RS; |
a9ed33ca AJ |
2166 | } |
2167 | ||
fec0445c CW |
2168 | if (args->flags & I915_EXEC_FENCE_IN) { |
2169 | in_fence = sync_file_get_fence(lower_32_bits(args->rsvd2)); | |
4a04e371 DCS |
2170 | if (!in_fence) |
2171 | return -EINVAL; | |
fec0445c CW |
2172 | } |
2173 | ||
2174 | if (args->flags & I915_EXEC_FENCE_OUT) { | |
2175 | out_fence_fd = get_unused_fd_flags(O_CLOEXEC); | |
2176 | if (out_fence_fd < 0) { | |
2889caa9 | 2177 | err = out_fence_fd; |
4a04e371 | 2178 | goto err_in_fence; |
fec0445c CW |
2179 | } |
2180 | } | |
2181 | ||
2889caa9 CW |
2182 | if (eb_create(&eb)) |
2183 | return -ENOMEM; | |
2184 | ||
2185 | /* | |
2186 | * Take a local wakeref for preparing to dispatch the execbuf as | |
67d97da3 CW |
2187 | * we expect to access the hardware fairly frequently in the |
2188 | * process. Upon first dispatch, we acquire another prolonged | |
2189 | * wakeref that we hold until the GPU has been idle for at least | |
2190 | * 100ms. | |
2191 | */ | |
650bc635 | 2192 | intel_runtime_pm_get(eb.i915); |
2889caa9 CW |
2193 | err = i915_mutex_lock_interruptible(dev); |
2194 | if (err) | |
2195 | goto err_rpm; | |
f65c9168 | 2196 | |
2889caa9 CW |
2197 | err = eb_select_context(&eb); |
2198 | if (unlikely(err)) | |
2199 | goto err_unlock; | |
54cf91dc | 2200 | |
2889caa9 CW |
2201 | err = eb_relocate(&eb); |
2202 | if (err) | |
2203 | /* | |
2204 | * If the user expects the execobject.offset and | |
2205 | * reloc.presumed_offset to be an exact match, | |
2206 | * as for using NO_RELOC, then we cannot update | |
2207 | * the execobject.offset until we have completed | |
2208 | * relocation. | |
2209 | */ | |
2210 | args->flags &= ~__EXEC_HAS_RELOC; | |
2211 | if (err < 0) | |
2212 | goto err_vma; | |
54cf91dc | 2213 | |
2889caa9 | 2214 | if (unlikely(eb.batch->exec_entry->flags & EXEC_OBJECT_WRITE)) { |
ff240199 | 2215 | DRM_DEBUG("Attempting to use self-modifying batch buffer\n"); |
2889caa9 CW |
2216 | err = -EINVAL; |
2217 | goto err_vma; | |
54cf91dc | 2218 | } |
650bc635 CW |
2219 | if (eb.batch_start_offset > eb.batch->size || |
2220 | eb.batch_len > eb.batch->size - eb.batch_start_offset) { | |
0b537272 | 2221 | DRM_DEBUG("Attempting to use out-of-bounds batch\n"); |
2889caa9 CW |
2222 | err = -EINVAL; |
2223 | goto err_vma; | |
0b537272 | 2224 | } |
54cf91dc | 2225 | |
650bc635 | 2226 | if (eb.engine->needs_cmd_parser && eb.batch_len) { |
59bfa124 CW |
2227 | struct i915_vma *vma; |
2228 | ||
650bc635 | 2229 | vma = eb_parse(&eb, drm_is_current_master(file)); |
59bfa124 | 2230 | if (IS_ERR(vma)) { |
2889caa9 CW |
2231 | err = PTR_ERR(vma); |
2232 | goto err_vma; | |
78a42377 | 2233 | } |
17cabf57 | 2234 | |
59bfa124 | 2235 | if (vma) { |
c7c7372e RP |
2236 | /* |
2237 | * Batch parsed and accepted: | |
2238 | * | |
2239 | * Set the DISPATCH_SECURE bit to remove the NON_SECURE | |
2240 | * bit from MI_BATCH_BUFFER_START commands issued in | |
2241 | * the dispatch_execbuffer implementations. We | |
2242 | * specifically don't want that set on batches the | |
2243 | * command parser has accepted. | |
2244 | */ | |
2889caa9 | 2245 | eb.batch_flags |= I915_DISPATCH_SECURE; |
650bc635 CW |
2246 | eb.batch_start_offset = 0; |
2247 | eb.batch = vma; | |
c7c7372e | 2248 | } |
351e3db2 BV |
2249 | } |
2250 | ||
650bc635 CW |
2251 | if (eb.batch_len == 0) |
2252 | eb.batch_len = eb.batch->size - eb.batch_start_offset; | |
78a42377 | 2253 | |
2889caa9 CW |
2254 | /* |
2255 | * snb/ivb/vlv conflate the "batch in ppgtt" bit with the "non-secure | |
d7d4eedd | 2256 | * batch" bit. Hence we need to pin secure batches into the global gtt. |
28cf5415 | 2257 | * hsw should have this fixed, but bdw mucks it up again. */ |
2889caa9 | 2258 | if (eb.batch_flags & I915_DISPATCH_SECURE) { |
058d88c4 | 2259 | struct i915_vma *vma; |
59bfa124 | 2260 | |
da51a1e7 DV |
2261 | /* |
2262 | * So on first glance it looks freaky that we pin the batch here | |
2263 | * outside of the reservation loop. But: | |
2264 | * - The batch is already pinned into the relevant ppgtt, so we | |
2265 | * already have the backing storage fully allocated. | |
2266 | * - No other BO uses the global gtt (well contexts, but meh), | |
fd0753cf | 2267 | * so we don't really have issues with multiple objects not |
da51a1e7 DV |
2268 | * fitting due to fragmentation. |
2269 | * So this is actually safe. | |
2270 | */ | |
2889caa9 | 2271 | vma = i915_gem_object_ggtt_pin(eb.batch->obj, NULL, 0, 0, 0); |
058d88c4 | 2272 | if (IS_ERR(vma)) { |
2889caa9 CW |
2273 | err = PTR_ERR(vma); |
2274 | goto err_vma; | |
058d88c4 | 2275 | } |
d7d4eedd | 2276 | |
650bc635 | 2277 | eb.batch = vma; |
59bfa124 | 2278 | } |
d7d4eedd | 2279 | |
7dd4f672 CW |
2280 | /* All GPU relocation batches must be submitted prior to the user rq */ |
2281 | GEM_BUG_ON(eb.reloc_cache.rq); | |
2282 | ||
0c8dac88 | 2283 | /* Allocate a request for this batch buffer nice and early. */ |
650bc635 CW |
2284 | eb.request = i915_gem_request_alloc(eb.engine, eb.ctx); |
2285 | if (IS_ERR(eb.request)) { | |
2889caa9 | 2286 | err = PTR_ERR(eb.request); |
0c8dac88 | 2287 | goto err_batch_unpin; |
26827088 | 2288 | } |
0c8dac88 | 2289 | |
fec0445c | 2290 | if (in_fence) { |
2889caa9 CW |
2291 | err = i915_gem_request_await_dma_fence(eb.request, in_fence); |
2292 | if (err < 0) | |
fec0445c CW |
2293 | goto err_request; |
2294 | } | |
2295 | ||
2296 | if (out_fence_fd != -1) { | |
650bc635 | 2297 | out_fence = sync_file_create(&eb.request->fence); |
fec0445c | 2298 | if (!out_fence) { |
2889caa9 | 2299 | err = -ENOMEM; |
fec0445c CW |
2300 | goto err_request; |
2301 | } | |
2302 | } | |
2303 | ||
2889caa9 CW |
2304 | /* |
2305 | * Whilst this request exists, batch_obj will be on the | |
17f298cf CW |
2306 | * active_list, and so will hold the active reference. Only when this |
2307 | * request is retired will the the batch_obj be moved onto the | |
2308 | * inactive_list and lose its active reference. Hence we do not need | |
2309 | * to explicitly hold another reference here. | |
2310 | */ | |
650bc635 | 2311 | eb.request->batch = eb.batch; |
5f19e2bf | 2312 | |
2889caa9 CW |
2313 | trace_i915_gem_request_queue(eb.request, eb.batch_flags); |
2314 | err = eb_submit(&eb); | |
aa9b7810 | 2315 | err_request: |
2889caa9 | 2316 | __i915_add_request(eb.request, err == 0); |
650bc635 | 2317 | add_to_client(eb.request, file); |
c8659efa | 2318 | |
fec0445c | 2319 | if (out_fence) { |
2889caa9 | 2320 | if (err == 0) { |
fec0445c CW |
2321 | fd_install(out_fence_fd, out_fence->file); |
2322 | args->rsvd2 &= GENMASK_ULL(0, 31); /* keep in-fence */ | |
2323 | args->rsvd2 |= (u64)out_fence_fd << 32; | |
2324 | out_fence_fd = -1; | |
2325 | } else { | |
2326 | fput(out_fence->file); | |
2327 | } | |
2328 | } | |
54cf91dc | 2329 | |
0c8dac88 | 2330 | err_batch_unpin: |
2889caa9 | 2331 | if (eb.batch_flags & I915_DISPATCH_SECURE) |
650bc635 | 2332 | i915_vma_unpin(eb.batch); |
2889caa9 CW |
2333 | err_vma: |
2334 | if (eb.exec) | |
2335 | eb_release_vmas(&eb); | |
2336 | i915_gem_context_put(eb.ctx); | |
2337 | err_unlock: | |
54cf91dc | 2338 | mutex_unlock(&dev->struct_mutex); |
2889caa9 | 2339 | err_rpm: |
650bc635 | 2340 | intel_runtime_pm_put(eb.i915); |
2889caa9 | 2341 | eb_destroy(&eb); |
fec0445c CW |
2342 | if (out_fence_fd != -1) |
2343 | put_unused_fd(out_fence_fd); | |
4a04e371 | 2344 | err_in_fence: |
fec0445c | 2345 | dma_fence_put(in_fence); |
2889caa9 | 2346 | return err; |
54cf91dc CW |
2347 | } |
2348 | ||
2349 | /* | |
2350 | * Legacy execbuffer just creates an exec2 list from the original exec object | |
2351 | * list array and passes it to the real function. | |
2352 | */ | |
2353 | int | |
2354 | i915_gem_execbuffer(struct drm_device *dev, void *data, | |
2355 | struct drm_file *file) | |
2356 | { | |
2889caa9 | 2357 | const size_t sz = sizeof(struct drm_i915_gem_exec_object2); |
54cf91dc CW |
2358 | struct drm_i915_gem_execbuffer *args = data; |
2359 | struct drm_i915_gem_execbuffer2 exec2; | |
2360 | struct drm_i915_gem_exec_object *exec_list = NULL; | |
2361 | struct drm_i915_gem_exec_object2 *exec2_list = NULL; | |
2889caa9 CW |
2362 | unsigned int i; |
2363 | int err; | |
54cf91dc | 2364 | |
2889caa9 CW |
2365 | if (args->buffer_count < 1 || args->buffer_count > SIZE_MAX / sz - 1) { |
2366 | DRM_DEBUG("execbuf2 with %d buffers\n", args->buffer_count); | |
54cf91dc CW |
2367 | return -EINVAL; |
2368 | } | |
2369 | ||
2889caa9 CW |
2370 | exec2.buffers_ptr = args->buffers_ptr; |
2371 | exec2.buffer_count = args->buffer_count; | |
2372 | exec2.batch_start_offset = args->batch_start_offset; | |
2373 | exec2.batch_len = args->batch_len; | |
2374 | exec2.DR1 = args->DR1; | |
2375 | exec2.DR4 = args->DR4; | |
2376 | exec2.num_cliprects = args->num_cliprects; | |
2377 | exec2.cliprects_ptr = args->cliprects_ptr; | |
2378 | exec2.flags = I915_EXEC_RENDER; | |
2379 | i915_execbuffer2_set_context_id(exec2, 0); | |
2380 | ||
2381 | if (!i915_gem_check_execbuffer(&exec2)) | |
2382 | return -EINVAL; | |
2383 | ||
54cf91dc | 2384 | /* Copy in the exec list from userland */ |
2889caa9 CW |
2385 | exec_list = kvmalloc_array(args->buffer_count, sizeof(*exec_list), |
2386 | __GFP_NOWARN | GFP_TEMPORARY); | |
2387 | exec2_list = kvmalloc_array(args->buffer_count + 1, sz, | |
2388 | __GFP_NOWARN | GFP_TEMPORARY); | |
54cf91dc | 2389 | if (exec_list == NULL || exec2_list == NULL) { |
ff240199 | 2390 | DRM_DEBUG("Failed to allocate exec list for %d buffers\n", |
54cf91dc | 2391 | args->buffer_count); |
2098105e MH |
2392 | kvfree(exec_list); |
2393 | kvfree(exec2_list); | |
54cf91dc CW |
2394 | return -ENOMEM; |
2395 | } | |
2889caa9 | 2396 | err = copy_from_user(exec_list, |
3ed605bc | 2397 | u64_to_user_ptr(args->buffers_ptr), |
54cf91dc | 2398 | sizeof(*exec_list) * args->buffer_count); |
2889caa9 | 2399 | if (err) { |
ff240199 | 2400 | DRM_DEBUG("copy %d exec entries failed %d\n", |
2889caa9 | 2401 | args->buffer_count, err); |
2098105e MH |
2402 | kvfree(exec_list); |
2403 | kvfree(exec2_list); | |
54cf91dc CW |
2404 | return -EFAULT; |
2405 | } | |
2406 | ||
2407 | for (i = 0; i < args->buffer_count; i++) { | |
2408 | exec2_list[i].handle = exec_list[i].handle; | |
2409 | exec2_list[i].relocation_count = exec_list[i].relocation_count; | |
2410 | exec2_list[i].relocs_ptr = exec_list[i].relocs_ptr; | |
2411 | exec2_list[i].alignment = exec_list[i].alignment; | |
2412 | exec2_list[i].offset = exec_list[i].offset; | |
f0836b72 | 2413 | if (INTEL_GEN(to_i915(dev)) < 4) |
54cf91dc CW |
2414 | exec2_list[i].flags = EXEC_OBJECT_NEEDS_FENCE; |
2415 | else | |
2416 | exec2_list[i].flags = 0; | |
2417 | } | |
2418 | ||
2889caa9 CW |
2419 | err = i915_gem_do_execbuffer(dev, file, &exec2, exec2_list); |
2420 | if (exec2.flags & __EXEC_HAS_RELOC) { | |
9aab8bff | 2421 | struct drm_i915_gem_exec_object __user *user_exec_list = |
3ed605bc | 2422 | u64_to_user_ptr(args->buffers_ptr); |
9aab8bff | 2423 | |
54cf91dc | 2424 | /* Copy the new buffer offsets back to the user's exec list. */ |
9aab8bff | 2425 | for (i = 0; i < args->buffer_count; i++) { |
2889caa9 CW |
2426 | if (!(exec2_list[i].offset & UPDATE)) |
2427 | continue; | |
2428 | ||
934acce3 | 2429 | exec2_list[i].offset = |
2889caa9 CW |
2430 | gen8_canonical_addr(exec2_list[i].offset & PIN_OFFSET_MASK); |
2431 | exec2_list[i].offset &= PIN_OFFSET_MASK; | |
2432 | if (__copy_to_user(&user_exec_list[i].offset, | |
2433 | &exec2_list[i].offset, | |
2434 | sizeof(user_exec_list[i].offset))) | |
9aab8bff | 2435 | break; |
54cf91dc CW |
2436 | } |
2437 | } | |
2438 | ||
2098105e MH |
2439 | kvfree(exec_list); |
2440 | kvfree(exec2_list); | |
2889caa9 | 2441 | return err; |
54cf91dc CW |
2442 | } |
2443 | ||
2444 | int | |
2445 | i915_gem_execbuffer2(struct drm_device *dev, void *data, | |
2446 | struct drm_file *file) | |
2447 | { | |
2889caa9 | 2448 | const size_t sz = sizeof(struct drm_i915_gem_exec_object2); |
54cf91dc | 2449 | struct drm_i915_gem_execbuffer2 *args = data; |
2889caa9 CW |
2450 | struct drm_i915_gem_exec_object2 *exec2_list; |
2451 | int err; | |
54cf91dc | 2452 | |
2889caa9 | 2453 | if (args->buffer_count < 1 || args->buffer_count > SIZE_MAX / sz - 1) { |
ff240199 | 2454 | DRM_DEBUG("execbuf2 with %d buffers\n", args->buffer_count); |
54cf91dc CW |
2455 | return -EINVAL; |
2456 | } | |
2457 | ||
2889caa9 CW |
2458 | if (!i915_gem_check_execbuffer(args)) |
2459 | return -EINVAL; | |
2460 | ||
2461 | /* Allocate an extra slot for use by the command parser */ | |
2462 | exec2_list = kvmalloc_array(args->buffer_count + 1, sz, | |
2463 | __GFP_NOWARN | GFP_TEMPORARY); | |
54cf91dc | 2464 | if (exec2_list == NULL) { |
ff240199 | 2465 | DRM_DEBUG("Failed to allocate exec list for %d buffers\n", |
54cf91dc CW |
2466 | args->buffer_count); |
2467 | return -ENOMEM; | |
2468 | } | |
2889caa9 CW |
2469 | if (copy_from_user(exec2_list, |
2470 | u64_to_user_ptr(args->buffers_ptr), | |
2471 | sizeof(*exec2_list) * args->buffer_count)) { | |
2472 | DRM_DEBUG("copy %d exec entries failed\n", args->buffer_count); | |
2098105e | 2473 | kvfree(exec2_list); |
54cf91dc CW |
2474 | return -EFAULT; |
2475 | } | |
2476 | ||
2889caa9 CW |
2477 | err = i915_gem_do_execbuffer(dev, file, args, exec2_list); |
2478 | ||
2479 | /* | |
2480 | * Now that we have begun execution of the batchbuffer, we ignore | |
2481 | * any new error after this point. Also given that we have already | |
2482 | * updated the associated relocations, we try to write out the current | |
2483 | * object locations irrespective of any error. | |
2484 | */ | |
2485 | if (args->flags & __EXEC_HAS_RELOC) { | |
d593d992 | 2486 | struct drm_i915_gem_exec_object2 __user *user_exec_list = |
2889caa9 CW |
2487 | u64_to_user_ptr(args->buffers_ptr); |
2488 | unsigned int i; | |
9aab8bff | 2489 | |
2889caa9 CW |
2490 | /* Copy the new buffer offsets back to the user's exec list. */ |
2491 | user_access_begin(); | |
9aab8bff | 2492 | for (i = 0; i < args->buffer_count; i++) { |
2889caa9 CW |
2493 | if (!(exec2_list[i].offset & UPDATE)) |
2494 | continue; | |
2495 | ||
934acce3 | 2496 | exec2_list[i].offset = |
2889caa9 CW |
2497 | gen8_canonical_addr(exec2_list[i].offset & PIN_OFFSET_MASK); |
2498 | unsafe_put_user(exec2_list[i].offset, | |
2499 | &user_exec_list[i].offset, | |
2500 | end_user); | |
54cf91dc | 2501 | } |
2889caa9 CW |
2502 | end_user: |
2503 | user_access_end(); | |
54cf91dc CW |
2504 | } |
2505 | ||
2889caa9 | 2506 | args->flags &= ~__I915_EXEC_UNKNOWN_FLAGS; |
2098105e | 2507 | kvfree(exec2_list); |
2889caa9 | 2508 | return err; |
54cf91dc | 2509 | } |