]> git.proxmox.com Git - mirror_ubuntu-hirsute-kernel.git/blob - drivers/iommu/amd_iommu.c
projects / mirror_ubuntu-hirsute-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
iommu/amd: Put IOMMUv2 capable devices in pt_domain
[mirror_ubuntu-hirsute-kernel.git] / drivers / iommu / amd_iommu.c
1 /*
2 * Copyright (C) 2007-2010 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
4 * Leo Duran <leo.duran@amd.com>
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published
8 * by the Free Software Foundation.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
18 */
19
20 #include <linux/pci.h>
21 #include <linux/pci-ats.h>
22 #include <linux/bitmap.h>
23 #include <linux/slab.h>
24 #include <linux/debugfs.h>
25 #include <linux/scatterlist.h>
26 #include <linux/dma-mapping.h>
27 #include <linux/iommu-helper.h>
28 #include <linux/iommu.h>
29 #include <linux/delay.h>
30 #include <linux/amd-iommu.h>
31 #include <asm/msidef.h>
32 #include <asm/proto.h>
33 #include <asm/iommu.h>
34 #include <asm/gart.h>
35 #include <asm/dma.h>
36
37 #include "amd_iommu_proto.h"
38 #include "amd_iommu_types.h"
39
40 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
41
42 #define LOOP_TIMEOUT 100000
43
44 static DEFINE_RWLOCK(amd_iommu_devtable_lock);
45
46 /* A list of preallocated protection domains */
47 static LIST_HEAD(iommu_pd_list);
48 static DEFINE_SPINLOCK(iommu_pd_list_lock);
49
50 /* List of all available dev_data structures */
51 static LIST_HEAD(dev_data_list);
52 static DEFINE_SPINLOCK(dev_data_list_lock);
53
54 /*
55 * Domain for untranslated devices - only allocated
56 * if iommu=pt passed on kernel cmd line.
57 */
58 static struct protection_domain *pt_domain;
59
60 static struct iommu_ops amd_iommu_ops;
61
62 /*
63 * general struct to manage commands send to an IOMMU
64 */
65 struct iommu_cmd {
66 u32 data[4];
67 };
68
69 static void update_domain(struct protection_domain *domain);
70 static int __init alloc_passthrough_domain(void);
71
72 /****************************************************************************
73 *
74 * Helper functions
75 *
76 ****************************************************************************/
77
78 static struct iommu_dev_data *alloc_dev_data(u16 devid)
79 {
80 struct iommu_dev_data *dev_data;
81 unsigned long flags;
82
83 dev_data = kzalloc(sizeof(*dev_data), GFP_KERNEL);
84 if (!dev_data)
85 return NULL;
86
87 dev_data->devid = devid;
88 atomic_set(&dev_data->bind, 0);
89
90 spin_lock_irqsave(&dev_data_list_lock, flags);
91 list_add_tail(&dev_data->dev_data_list, &dev_data_list);
92 spin_unlock_irqrestore(&dev_data_list_lock, flags);
93
94 return dev_data;
95 }
96
97 static void free_dev_data(struct iommu_dev_data *dev_data)
98 {
99 unsigned long flags;
100
101 spin_lock_irqsave(&dev_data_list_lock, flags);
102 list_del(&dev_data->dev_data_list);
103 spin_unlock_irqrestore(&dev_data_list_lock, flags);
104
105 kfree(dev_data);
106 }
107
108 static struct iommu_dev_data *search_dev_data(u16 devid)
109 {
110 struct iommu_dev_data *dev_data;
111 unsigned long flags;
112
113 spin_lock_irqsave(&dev_data_list_lock, flags);
114 list_for_each_entry(dev_data, &dev_data_list, dev_data_list) {
115 if (dev_data->devid == devid)
116 goto out_unlock;
117 }
118
119 dev_data = NULL;
120
121 out_unlock:
122 spin_unlock_irqrestore(&dev_data_list_lock, flags);
123
124 return dev_data;
125 }
126
127 static struct iommu_dev_data *find_dev_data(u16 devid)
128 {
129 struct iommu_dev_data *dev_data;
130
131 dev_data = search_dev_data(devid);
132
133 if (dev_data == NULL)
134 dev_data = alloc_dev_data(devid);
135
136 return dev_data;
137 }
138
139 static inline u16 get_device_id(struct device *dev)
140 {
141 struct pci_dev *pdev = to_pci_dev(dev);
142
143 return calc_devid(pdev->bus->number, pdev->devfn);
144 }
145
146 static struct iommu_dev_data *get_dev_data(struct device *dev)
147 {
148 return dev->archdata.iommu;
149 }
150
151 static bool pci_iommuv2_capable(struct pci_dev *pdev)
152 {
153 static const int caps[] = {
154 PCI_EXT_CAP_ID_ATS,
155 PCI_PRI_CAP,
156 PCI_PASID_CAP,
157 };
158 int i, pos;
159
160 for (i = 0; i < 3; ++i) {
161 pos = pci_find_ext_capability(pdev, caps[i]);
162 if (pos == 0)
163 return false;
164 }
165
166 return true;
167 }
168
169 /*
170 * In this function the list of preallocated protection domains is traversed to
171 * find the domain for a specific device
172 */
173 static struct dma_ops_domain *find_protection_domain(u16 devid)
174 {
175 struct dma_ops_domain *entry, *ret = NULL;
176 unsigned long flags;
177 u16 alias = amd_iommu_alias_table[devid];
178
179 if (list_empty(&iommu_pd_list))
180 return NULL;
181
182 spin_lock_irqsave(&iommu_pd_list_lock, flags);
183
184 list_for_each_entry(entry, &iommu_pd_list, list) {
185 if (entry->target_dev == devid ||
186 entry->target_dev == alias) {
187 ret = entry;
188 break;
189 }
190 }
191
192 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
193
194 return ret;
195 }
196
197 /*
198 * This function checks if the driver got a valid device from the caller to
199 * avoid dereferencing invalid pointers.
200 */
201 static bool check_device(struct device *dev)
202 {
203 u16 devid;
204
205 if (!dev || !dev->dma_mask)
206 return false;
207
208 /* No device or no PCI device */
209 if (dev->bus != &pci_bus_type)
210 return false;
211
212 devid = get_device_id(dev);
213
214 /* Out of our scope? */
215 if (devid > amd_iommu_last_bdf)
216 return false;
217
218 if (amd_iommu_rlookup_table[devid] == NULL)
219 return false;
220
221 return true;
222 }
223
224 static int iommu_init_device(struct device *dev)
225 {
226 struct pci_dev *pdev = to_pci_dev(dev);
227 struct iommu_dev_data *dev_data;
228 u16 alias;
229
230 if (dev->archdata.iommu)
231 return 0;
232
233 dev_data = find_dev_data(get_device_id(dev));
234 if (!dev_data)
235 return -ENOMEM;
236
237 alias = amd_iommu_alias_table[dev_data->devid];
238 if (alias != dev_data->devid) {
239 struct iommu_dev_data *alias_data;
240
241 alias_data = find_dev_data(alias);
242 if (alias_data == NULL) {
243 pr_err("AMD-Vi: Warning: Unhandled device %s\n",
244 dev_name(dev));
245 free_dev_data(dev_data);
246 return -ENOTSUPP;
247 }
248 dev_data->alias_data = alias_data;
249 }
250
251 if (pci_iommuv2_capable(pdev)) {
252 struct amd_iommu *iommu;
253
254 iommu = amd_iommu_rlookup_table[dev_data->devid];
255 dev_data->iommu_v2 = iommu->is_iommu_v2;
256 }
257
258 dev->archdata.iommu = dev_data;
259
260 return 0;
261 }
262
263 static void iommu_ignore_device(struct device *dev)
264 {
265 u16 devid, alias;
266
267 devid = get_device_id(dev);
268 alias = amd_iommu_alias_table[devid];
269
270 memset(&amd_iommu_dev_table[devid], 0, sizeof(struct dev_table_entry));
271 memset(&amd_iommu_dev_table[alias], 0, sizeof(struct dev_table_entry));
272
273 amd_iommu_rlookup_table[devid] = NULL;
274 amd_iommu_rlookup_table[alias] = NULL;
275 }
276
277 static void iommu_uninit_device(struct device *dev)
278 {
279 /*
280 * Nothing to do here - we keep dev_data around for unplugged devices
281 * and reuse it when the device is re-plugged - not doing so would
282 * introduce a ton of races.
283 */
284 }
285
286 void __init amd_iommu_uninit_devices(void)
287 {
288 struct iommu_dev_data *dev_data, *n;
289 struct pci_dev *pdev = NULL;
290
291 for_each_pci_dev(pdev) {
292
293 if (!check_device(&pdev->dev))
294 continue;
295
296 iommu_uninit_device(&pdev->dev);
297 }
298
299 /* Free all of our dev_data structures */
300 list_for_each_entry_safe(dev_data, n, &dev_data_list, dev_data_list)
301 free_dev_data(dev_data);
302 }
303
304 int __init amd_iommu_init_devices(void)
305 {
306 struct pci_dev *pdev = NULL;
307 int ret = 0;
308
309 for_each_pci_dev(pdev) {
310
311 if (!check_device(&pdev->dev))
312 continue;
313
314 ret = iommu_init_device(&pdev->dev);
315 if (ret == -ENOTSUPP)
316 iommu_ignore_device(&pdev->dev);
317 else if (ret)
318 goto out_free;
319 }
320
321 return 0;
322
323 out_free:
324
325 amd_iommu_uninit_devices();
326
327 return ret;
328 }
329 #ifdef CONFIG_AMD_IOMMU_STATS
330
331 /*
332 * Initialization code for statistics collection
333 */
334
335 DECLARE_STATS_COUNTER(compl_wait);
336 DECLARE_STATS_COUNTER(cnt_map_single);
337 DECLARE_STATS_COUNTER(cnt_unmap_single);
338 DECLARE_STATS_COUNTER(cnt_map_sg);
339 DECLARE_STATS_COUNTER(cnt_unmap_sg);
340 DECLARE_STATS_COUNTER(cnt_alloc_coherent);
341 DECLARE_STATS_COUNTER(cnt_free_coherent);
342 DECLARE_STATS_COUNTER(cross_page);
343 DECLARE_STATS_COUNTER(domain_flush_single);
344 DECLARE_STATS_COUNTER(domain_flush_all);
345 DECLARE_STATS_COUNTER(alloced_io_mem);
346 DECLARE_STATS_COUNTER(total_map_requests);
347
348 static struct dentry *stats_dir;
349 static struct dentry *de_fflush;
350
351 static void amd_iommu_stats_add(struct __iommu_counter *cnt)
352 {
353 if (stats_dir == NULL)
354 return;
355
356 cnt->dent = debugfs_create_u64(cnt->name, 0444, stats_dir,
357 &cnt->value);
358 }
359
360 static void amd_iommu_stats_init(void)
361 {
362 stats_dir = debugfs_create_dir("amd-iommu", NULL);
363 if (stats_dir == NULL)
364 return;
365
366 de_fflush = debugfs_create_bool("fullflush", 0444, stats_dir,
367 (u32 *)&amd_iommu_unmap_flush);
368
369 amd_iommu_stats_add(&compl_wait);
370 amd_iommu_stats_add(&cnt_map_single);
371 amd_iommu_stats_add(&cnt_unmap_single);
372 amd_iommu_stats_add(&cnt_map_sg);
373 amd_iommu_stats_add(&cnt_unmap_sg);
374 amd_iommu_stats_add(&cnt_alloc_coherent);
375 amd_iommu_stats_add(&cnt_free_coherent);
376 amd_iommu_stats_add(&cross_page);
377 amd_iommu_stats_add(&domain_flush_single);
378 amd_iommu_stats_add(&domain_flush_all);
379 amd_iommu_stats_add(&alloced_io_mem);
380 amd_iommu_stats_add(&total_map_requests);
381 }
382
383 #endif
384
385 /****************************************************************************
386 *
387 * Interrupt handling functions
388 *
389 ****************************************************************************/
390
391 static void dump_dte_entry(u16 devid)
392 {
393 int i;
394
395 for (i = 0; i < 4; ++i)
396 pr_err("AMD-Vi: DTE[%d]: %016llx\n", i,
397 amd_iommu_dev_table[devid].data[i]);
398 }
399
400 static void dump_command(unsigned long phys_addr)
401 {
402 struct iommu_cmd *cmd = phys_to_virt(phys_addr);
403 int i;
404
405 for (i = 0; i < 4; ++i)
406 pr_err("AMD-Vi: CMD[%d]: %08x\n", i, cmd->data[i]);
407 }
408
409 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
410 {
411 u32 *event = __evt;
412 int type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
413 int devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
414 int domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
415 int flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
416 u64 address = (u64)(((u64)event[3]) << 32) | event[2];
417
418 printk(KERN_ERR "AMD-Vi: Event logged [");
419
420 switch (type) {
421 case EVENT_TYPE_ILL_DEV:
422 printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
423 "address=0x%016llx flags=0x%04x]\n",
424 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
425 address, flags);
426 dump_dte_entry(devid);
427 break;
428 case EVENT_TYPE_IO_FAULT:
429 printk("IO_PAGE_FAULT device=%02x:%02x.%x "
430 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
431 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
432 domid, address, flags);
433 break;
434 case EVENT_TYPE_DEV_TAB_ERR:
435 printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
436 "address=0x%016llx flags=0x%04x]\n",
437 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
438 address, flags);
439 break;
440 case EVENT_TYPE_PAGE_TAB_ERR:
441 printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
442 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
443 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
444 domid, address, flags);
445 break;
446 case EVENT_TYPE_ILL_CMD:
447 printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
448 dump_command(address);
449 break;
450 case EVENT_TYPE_CMD_HARD_ERR:
451 printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
452 "flags=0x%04x]\n", address, flags);
453 break;
454 case EVENT_TYPE_IOTLB_INV_TO:
455 printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
456 "address=0x%016llx]\n",
457 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
458 address);
459 break;
460 case EVENT_TYPE_INV_DEV_REQ:
461 printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
462 "address=0x%016llx flags=0x%04x]\n",
463 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
464 address, flags);
465 break;
466 default:
467 printk(KERN_ERR "UNKNOWN type=0x%02x]\n", type);
468 }
469 }
470
471 static void iommu_poll_events(struct amd_iommu *iommu)
472 {
473 u32 head, tail;
474 unsigned long flags;
475
476 spin_lock_irqsave(&iommu->lock, flags);
477
478 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
479 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
480
481 while (head != tail) {
482 iommu_print_event(iommu, iommu->evt_buf + head);
483 head = (head + EVENT_ENTRY_SIZE) % iommu->evt_buf_size;
484 }
485
486 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
487
488 spin_unlock_irqrestore(&iommu->lock, flags);
489 }
490
491 irqreturn_t amd_iommu_int_thread(int irq, void *data)
492 {
493 struct amd_iommu *iommu;
494
495 for_each_iommu(iommu)
496 iommu_poll_events(iommu);
497
498 return IRQ_HANDLED;
499 }
500
501 irqreturn_t amd_iommu_int_handler(int irq, void *data)
502 {
503 return IRQ_WAKE_THREAD;
504 }
505
506 /****************************************************************************
507 *
508 * IOMMU command queuing functions
509 *
510 ****************************************************************************/
511
512 static int wait_on_sem(volatile u64 *sem)
513 {
514 int i = 0;
515
516 while (*sem == 0 && i < LOOP_TIMEOUT) {
517 udelay(1);
518 i += 1;
519 }
520
521 if (i == LOOP_TIMEOUT) {
522 pr_alert("AMD-Vi: Completion-Wait loop timed out\n");
523 return -EIO;
524 }
525
526 return 0;
527 }
528
529 static void copy_cmd_to_buffer(struct amd_iommu *iommu,
530 struct iommu_cmd *cmd,
531 u32 tail)
532 {
533 u8 *target;
534
535 target = iommu->cmd_buf + tail;
536 tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
537
538 /* Copy command to buffer */
539 memcpy(target, cmd, sizeof(*cmd));
540
541 /* Tell the IOMMU about it */
542 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
543 }
544
545 static void build_completion_wait(struct iommu_cmd *cmd, u64 address)
546 {
547 WARN_ON(address & 0x7ULL);
548
549 memset(cmd, 0, sizeof(*cmd));
550 cmd->data[0] = lower_32_bits(__pa(address)) | CMD_COMPL_WAIT_STORE_MASK;
551 cmd->data[1] = upper_32_bits(__pa(address));
552 cmd->data[2] = 1;
553 CMD_SET_TYPE(cmd, CMD_COMPL_WAIT);
554 }
555
556 static void build_inv_dte(struct iommu_cmd *cmd, u16 devid)
557 {
558 memset(cmd, 0, sizeof(*cmd));
559 cmd->data[0] = devid;
560 CMD_SET_TYPE(cmd, CMD_INV_DEV_ENTRY);
561 }
562
563 static void build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
564 size_t size, u16 domid, int pde)
565 {
566 u64 pages;
567 int s;
568
569 pages = iommu_num_pages(address, size, PAGE_SIZE);
570 s = 0;
571
572 if (pages > 1) {
573 /*
574 * If we have to flush more than one page, flush all
575 * TLB entries for this domain
576 */
577 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
578 s = 1;
579 }
580
581 address &= PAGE_MASK;
582
583 memset(cmd, 0, sizeof(*cmd));
584 cmd->data[1] |= domid;
585 cmd->data[2] = lower_32_bits(address);
586 cmd->data[3] = upper_32_bits(address);
587 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
588 if (s) /* size bit - we flush more than one 4kb page */
589 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
590 if (pde) /* PDE bit - we wan't flush everything not only the PTEs */
591 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
592 }
593
594 static void build_inv_iotlb_pages(struct iommu_cmd *cmd, u16 devid, int qdep,
595 u64 address, size_t size)
596 {
597 u64 pages;
598 int s;
599
600 pages = iommu_num_pages(address, size, PAGE_SIZE);
601 s = 0;
602
603 if (pages > 1) {
604 /*
605 * If we have to flush more than one page, flush all
606 * TLB entries for this domain
607 */
608 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
609 s = 1;
610 }
611
612 address &= PAGE_MASK;
613
614 memset(cmd, 0, sizeof(*cmd));
615 cmd->data[0] = devid;
616 cmd->data[0] |= (qdep & 0xff) << 24;
617 cmd->data[1] = devid;
618 cmd->data[2] = lower_32_bits(address);
619 cmd->data[3] = upper_32_bits(address);
620 CMD_SET_TYPE(cmd, CMD_INV_IOTLB_PAGES);
621 if (s)
622 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
623 }
624
625 static void build_inv_all(struct iommu_cmd *cmd)
626 {
627 memset(cmd, 0, sizeof(*cmd));
628 CMD_SET_TYPE(cmd, CMD_INV_ALL);
629 }
630
631 /*
632 * Writes the command to the IOMMUs command buffer and informs the
633 * hardware about the new command.
634 */
635 static int iommu_queue_command_sync(struct amd_iommu *iommu,
636 struct iommu_cmd *cmd,
637 bool sync)
638 {
639 u32 left, tail, head, next_tail;
640 unsigned long flags;
641
642 WARN_ON(iommu->cmd_buf_size & CMD_BUFFER_UNINITIALIZED);
643
644 again:
645 spin_lock_irqsave(&iommu->lock, flags);
646
647 head = readl(iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
648 tail = readl(iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
649 next_tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
650 left = (head - next_tail) % iommu->cmd_buf_size;
651
652 if (left <= 2) {
653 struct iommu_cmd sync_cmd;
654 volatile u64 sem = 0;
655 int ret;
656
657 build_completion_wait(&sync_cmd, (u64)&sem);
658 copy_cmd_to_buffer(iommu, &sync_cmd, tail);
659
660 spin_unlock_irqrestore(&iommu->lock, flags);
661
662 if ((ret = wait_on_sem(&sem)) != 0)
663 return ret;
664
665 goto again;
666 }
667
668 copy_cmd_to_buffer(iommu, cmd, tail);
669
670 /* We need to sync now to make sure all commands are processed */
671 iommu->need_sync = sync;
672
673 spin_unlock_irqrestore(&iommu->lock, flags);
674
675 return 0;
676 }
677
678 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
679 {
680 return iommu_queue_command_sync(iommu, cmd, true);
681 }
682
683 /*
684 * This function queues a completion wait command into the command
685 * buffer of an IOMMU
686 */
687 static int iommu_completion_wait(struct amd_iommu *iommu)
688 {
689 struct iommu_cmd cmd;
690 volatile u64 sem = 0;
691 int ret;
692
693 if (!iommu->need_sync)
694 return 0;
695
696 build_completion_wait(&cmd, (u64)&sem);
697
698 ret = iommu_queue_command_sync(iommu, &cmd, false);
699 if (ret)
700 return ret;
701
702 return wait_on_sem(&sem);
703 }
704
705 static int iommu_flush_dte(struct amd_iommu *iommu, u16 devid)
706 {
707 struct iommu_cmd cmd;
708
709 build_inv_dte(&cmd, devid);
710
711 return iommu_queue_command(iommu, &cmd);
712 }
713
714 static void iommu_flush_dte_all(struct amd_iommu *iommu)
715 {
716 u32 devid;
717
718 for (devid = 0; devid <= 0xffff; ++devid)
719 iommu_flush_dte(iommu, devid);
720
721 iommu_completion_wait(iommu);
722 }
723
724 /*
725 * This function uses heavy locking and may disable irqs for some time. But
726 * this is no issue because it is only called during resume.
727 */
728 static void iommu_flush_tlb_all(struct amd_iommu *iommu)
729 {
730 u32 dom_id;
731
732 for (dom_id = 0; dom_id <= 0xffff; ++dom_id) {
733 struct iommu_cmd cmd;
734 build_inv_iommu_pages(&cmd, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
735 dom_id, 1);
736 iommu_queue_command(iommu, &cmd);
737 }
738
739 iommu_completion_wait(iommu);
740 }
741
742 static void iommu_flush_all(struct amd_iommu *iommu)
743 {
744 struct iommu_cmd cmd;
745
746 build_inv_all(&cmd);
747
748 iommu_queue_command(iommu, &cmd);
749 iommu_completion_wait(iommu);
750 }
751
752 void iommu_flush_all_caches(struct amd_iommu *iommu)
753 {
754 if (iommu_feature(iommu, FEATURE_IA)) {
755 iommu_flush_all(iommu);
756 } else {
757 iommu_flush_dte_all(iommu);
758 iommu_flush_tlb_all(iommu);
759 }
760 }
761
762 /*
763 * Command send function for flushing on-device TLB
764 */
765 static int device_flush_iotlb(struct iommu_dev_data *dev_data,
766 u64 address, size_t size)
767 {
768 struct amd_iommu *iommu;
769 struct iommu_cmd cmd;
770 int qdep;
771
772 qdep = dev_data->ats.qdep;
773 iommu = amd_iommu_rlookup_table[dev_data->devid];
774
775 build_inv_iotlb_pages(&cmd, dev_data->devid, qdep, address, size);
776
777 return iommu_queue_command(iommu, &cmd);
778 }
779
780 /*
781 * Command send function for invalidating a device table entry
782 */
783 static int device_flush_dte(struct iommu_dev_data *dev_data)
784 {
785 struct amd_iommu *iommu;
786 int ret;
787
788 iommu = amd_iommu_rlookup_table[dev_data->devid];
789
790 ret = iommu_flush_dte(iommu, dev_data->devid);
791 if (ret)
792 return ret;
793
794 if (dev_data->ats.enabled)
795 ret = device_flush_iotlb(dev_data, 0, ~0UL);
796
797 return ret;
798 }
799
800 /*
801 * TLB invalidation function which is called from the mapping functions.
802 * It invalidates a single PTE if the range to flush is within a single
803 * page. Otherwise it flushes the whole TLB of the IOMMU.
804 */
805 static void __domain_flush_pages(struct protection_domain *domain,
806 u64 address, size_t size, int pde)
807 {
808 struct iommu_dev_data *dev_data;
809 struct iommu_cmd cmd;
810 int ret = 0, i;
811
812 build_inv_iommu_pages(&cmd, address, size, domain->id, pde);
813
814 for (i = 0; i < amd_iommus_present; ++i) {
815 if (!domain->dev_iommu[i])
816 continue;
817
818 /*
819 * Devices of this domain are behind this IOMMU
820 * We need a TLB flush
821 */
822 ret |= iommu_queue_command(amd_iommus[i], &cmd);
823 }
824
825 list_for_each_entry(dev_data, &domain->dev_list, list) {
826
827 if (!dev_data->ats.enabled)
828 continue;
829
830 ret |= device_flush_iotlb(dev_data, address, size);
831 }
832
833 WARN_ON(ret);
834 }
835
836 static void domain_flush_pages(struct protection_domain *domain,
837 u64 address, size_t size)
838 {
839 __domain_flush_pages(domain, address, size, 0);
840 }
841
842 /* Flush the whole IO/TLB for a given protection domain */
843 static void domain_flush_tlb(struct protection_domain *domain)
844 {
845 __domain_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 0);
846 }
847
848 /* Flush the whole IO/TLB for a given protection domain - including PDE */
849 static void domain_flush_tlb_pde(struct protection_domain *domain)
850 {
851 __domain_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 1);
852 }
853
854 static void domain_flush_complete(struct protection_domain *domain)
855 {
856 int i;
857
858 for (i = 0; i < amd_iommus_present; ++i) {
859 if (!domain->dev_iommu[i])
860 continue;
861
862 /*
863 * Devices of this domain are behind this IOMMU
864 * We need to wait for completion of all commands.
865 */
866 iommu_completion_wait(amd_iommus[i]);
867 }
868 }
869
870
871 /*
872 * This function flushes the DTEs for all devices in domain
873 */
874 static void domain_flush_devices(struct protection_domain *domain)
875 {
876 struct iommu_dev_data *dev_data;
877
878 list_for_each_entry(dev_data, &domain->dev_list, list)
879 device_flush_dte(dev_data);
880 }
881
882 /****************************************************************************
883 *
884 * The functions below are used the create the page table mappings for
885 * unity mapped regions.
886 *
887 ****************************************************************************/
888
889 /*
890 * This function is used to add another level to an IO page table. Adding
891 * another level increases the size of the address space by 9 bits to a size up
892 * to 64 bits.
893 */
894 static bool increase_address_space(struct protection_domain *domain,
895 gfp_t gfp)
896 {
897 u64 *pte;
898
899 if (domain->mode == PAGE_MODE_6_LEVEL)
900 /* address space already 64 bit large */
901 return false;
902
903 pte = (void *)get_zeroed_page(gfp);
904 if (!pte)
905 return false;
906
907 *pte = PM_LEVEL_PDE(domain->mode,
908 virt_to_phys(domain->pt_root));
909 domain->pt_root = pte;
910 domain->mode += 1;
911 domain->updated = true;
912
913 return true;
914 }
915
916 static u64 *alloc_pte(struct protection_domain *domain,
917 unsigned long address,
918 unsigned long page_size,
919 u64 **pte_page,
920 gfp_t gfp)
921 {
922 int level, end_lvl;
923 u64 *pte, *page;
924
925 BUG_ON(!is_power_of_2(page_size));
926
927 while (address > PM_LEVEL_SIZE(domain->mode))
928 increase_address_space(domain, gfp);
929
930 level = domain->mode - 1;
931 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
932 address = PAGE_SIZE_ALIGN(address, page_size);
933 end_lvl = PAGE_SIZE_LEVEL(page_size);
934
935 while (level > end_lvl) {
936 if (!IOMMU_PTE_PRESENT(*pte)) {
937 page = (u64 *)get_zeroed_page(gfp);
938 if (!page)
939 return NULL;
940 *pte = PM_LEVEL_PDE(level, virt_to_phys(page));
941 }
942
943 /* No level skipping support yet */
944 if (PM_PTE_LEVEL(*pte) != level)
945 return NULL;
946
947 level -= 1;
948
949 pte = IOMMU_PTE_PAGE(*pte);
950
951 if (pte_page && level == end_lvl)
952 *pte_page = pte;
953
954 pte = &pte[PM_LEVEL_INDEX(level, address)];
955 }
956
957 return pte;
958 }
959
960 /*
961 * This function checks if there is a PTE for a given dma address. If
962 * there is one, it returns the pointer to it.
963 */
964 static u64 *fetch_pte(struct protection_domain *domain, unsigned long address)
965 {
966 int level;
967 u64 *pte;
968
969 if (address > PM_LEVEL_SIZE(domain->mode))
970 return NULL;
971
972 level = domain->mode - 1;
973 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
974
975 while (level > 0) {
976
977 /* Not Present */
978 if (!IOMMU_PTE_PRESENT(*pte))
979 return NULL;
980
981 /* Large PTE */
982 if (PM_PTE_LEVEL(*pte) == 0x07) {
983 unsigned long pte_mask, __pte;
984
985 /*
986 * If we have a series of large PTEs, make
987 * sure to return a pointer to the first one.
988 */
989 pte_mask = PTE_PAGE_SIZE(*pte);
990 pte_mask = ~((PAGE_SIZE_PTE_COUNT(pte_mask) << 3) - 1);
991 __pte = ((unsigned long)pte) & pte_mask;
992
993 return (u64 *)__pte;
994 }
995
996 /* No level skipping support yet */
997 if (PM_PTE_LEVEL(*pte) != level)
998 return NULL;
999
1000 level -= 1;
1001
1002 /* Walk to the next level */
1003 pte = IOMMU_PTE_PAGE(*pte);
1004 pte = &pte[PM_LEVEL_INDEX(level, address)];
1005 }
1006
1007 return pte;
1008 }
1009
1010 /*
1011 * Generic mapping functions. It maps a physical address into a DMA
1012 * address space. It allocates the page table pages if necessary.
1013 * In the future it can be extended to a generic mapping function
1014 * supporting all features of AMD IOMMU page tables like level skipping
1015 * and full 64 bit address spaces.
1016 */
1017 static int iommu_map_page(struct protection_domain *dom,
1018 unsigned long bus_addr,
1019 unsigned long phys_addr,
1020 int prot,
1021 unsigned long page_size)
1022 {
1023 u64 __pte, *pte;
1024 int i, count;
1025
1026 if (!(prot & IOMMU_PROT_MASK))
1027 return -EINVAL;
1028
1029 bus_addr = PAGE_ALIGN(bus_addr);
1030 phys_addr = PAGE_ALIGN(phys_addr);
1031 count = PAGE_SIZE_PTE_COUNT(page_size);
1032 pte = alloc_pte(dom, bus_addr, page_size, NULL, GFP_KERNEL);
1033
1034 for (i = 0; i < count; ++i)
1035 if (IOMMU_PTE_PRESENT(pte[i]))
1036 return -EBUSY;
1037
1038 if (page_size > PAGE_SIZE) {
1039 __pte = PAGE_SIZE_PTE(phys_addr, page_size);
1040 __pte |= PM_LEVEL_ENC(7) | IOMMU_PTE_P | IOMMU_PTE_FC;
1041 } else
1042 __pte = phys_addr | IOMMU_PTE_P | IOMMU_PTE_FC;
1043
1044 if (prot & IOMMU_PROT_IR)
1045 __pte |= IOMMU_PTE_IR;
1046 if (prot & IOMMU_PROT_IW)
1047 __pte |= IOMMU_PTE_IW;
1048
1049 for (i = 0; i < count; ++i)
1050 pte[i] = __pte;
1051
1052 update_domain(dom);
1053
1054 return 0;
1055 }
1056
1057 static unsigned long iommu_unmap_page(struct protection_domain *dom,
1058 unsigned long bus_addr,
1059 unsigned long page_size)
1060 {
1061 unsigned long long unmap_size, unmapped;
1062 u64 *pte;
1063
1064 BUG_ON(!is_power_of_2(page_size));
1065
1066 unmapped = 0;
1067
1068 while (unmapped < page_size) {
1069
1070 pte = fetch_pte(dom, bus_addr);
1071
1072 if (!pte) {
1073 /*
1074 * No PTE for this address
1075 * move forward in 4kb steps
1076 */
1077 unmap_size = PAGE_SIZE;
1078 } else if (PM_PTE_LEVEL(*pte) == 0) {
1079 /* 4kb PTE found for this address */
1080 unmap_size = PAGE_SIZE;
1081 *pte = 0ULL;
1082 } else {
1083 int count, i;
1084
1085 /* Large PTE found which maps this address */
1086 unmap_size = PTE_PAGE_SIZE(*pte);
1087 count = PAGE_SIZE_PTE_COUNT(unmap_size);
1088 for (i = 0; i < count; i++)
1089 pte[i] = 0ULL;
1090 }
1091
1092 bus_addr = (bus_addr & ~(unmap_size - 1)) + unmap_size;
1093 unmapped += unmap_size;
1094 }
1095
1096 BUG_ON(!is_power_of_2(unmapped));
1097
1098 return unmapped;
1099 }
1100
1101 /*
1102 * This function checks if a specific unity mapping entry is needed for
1103 * this specific IOMMU.
1104 */
1105 static int iommu_for_unity_map(struct amd_iommu *iommu,
1106 struct unity_map_entry *entry)
1107 {
1108 u16 bdf, i;
1109
1110 for (i = entry->devid_start; i <= entry->devid_end; ++i) {
1111 bdf = amd_iommu_alias_table[i];
1112 if (amd_iommu_rlookup_table[bdf] == iommu)
1113 return 1;
1114 }
1115
1116 return 0;
1117 }
1118
1119 /*
1120 * This function actually applies the mapping to the page table of the
1121 * dma_ops domain.
1122 */
1123 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
1124 struct unity_map_entry *e)
1125 {
1126 u64 addr;
1127 int ret;
1128
1129 for (addr = e->address_start; addr < e->address_end;
1130 addr += PAGE_SIZE) {
1131 ret = iommu_map_page(&dma_dom->domain, addr, addr, e->prot,
1132 PAGE_SIZE);
1133 if (ret)
1134 return ret;
1135 /*
1136 * if unity mapping is in aperture range mark the page
1137 * as allocated in the aperture
1138 */
1139 if (addr < dma_dom->aperture_size)
1140 __set_bit(addr >> PAGE_SHIFT,
1141 dma_dom->aperture[0]->bitmap);
1142 }
1143
1144 return 0;
1145 }
1146
1147 /*
1148 * Init the unity mappings for a specific IOMMU in the system
1149 *
1150 * Basically iterates over all unity mapping entries and applies them to
1151 * the default domain DMA of that IOMMU if necessary.
1152 */
1153 static int iommu_init_unity_mappings(struct amd_iommu *iommu)
1154 {
1155 struct unity_map_entry *entry;
1156 int ret;
1157
1158 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
1159 if (!iommu_for_unity_map(iommu, entry))
1160 continue;
1161 ret = dma_ops_unity_map(iommu->default_dom, entry);
1162 if (ret)
1163 return ret;
1164 }
1165
1166 return 0;
1167 }
1168
1169 /*
1170 * Inits the unity mappings required for a specific device
1171 */
1172 static int init_unity_mappings_for_device(struct dma_ops_domain *dma_dom,
1173 u16 devid)
1174 {
1175 struct unity_map_entry *e;
1176 int ret;
1177
1178 list_for_each_entry(e, &amd_iommu_unity_map, list) {
1179 if (!(devid >= e->devid_start && devid <= e->devid_end))
1180 continue;
1181 ret = dma_ops_unity_map(dma_dom, e);
1182 if (ret)
1183 return ret;
1184 }
1185
1186 return 0;
1187 }
1188
1189 /****************************************************************************
1190 *
1191 * The next functions belong to the address allocator for the dma_ops
1192 * interface functions. They work like the allocators in the other IOMMU
1193 * drivers. Its basically a bitmap which marks the allocated pages in
1194 * the aperture. Maybe it could be enhanced in the future to a more
1195 * efficient allocator.
1196 *
1197 ****************************************************************************/
1198
1199 /*
1200 * The address allocator core functions.
1201 *
1202 * called with domain->lock held
1203 */
1204
1205 /*
1206 * Used to reserve address ranges in the aperture (e.g. for exclusion
1207 * ranges.
1208 */
1209 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
1210 unsigned long start_page,
1211 unsigned int pages)
1212 {
1213 unsigned int i, last_page = dom->aperture_size >> PAGE_SHIFT;
1214
1215 if (start_page + pages > last_page)
1216 pages = last_page - start_page;
1217
1218 for (i = start_page; i < start_page + pages; ++i) {
1219 int index = i / APERTURE_RANGE_PAGES;
1220 int page = i % APERTURE_RANGE_PAGES;
1221 __set_bit(page, dom->aperture[index]->bitmap);
1222 }
1223 }
1224
1225 /*
1226 * This function is used to add a new aperture range to an existing
1227 * aperture in case of dma_ops domain allocation or address allocation
1228 * failure.
1229 */
1230 static int alloc_new_range(struct dma_ops_domain *dma_dom,
1231 bool populate, gfp_t gfp)
1232 {
1233 int index = dma_dom->aperture_size >> APERTURE_RANGE_SHIFT;
1234 struct amd_iommu *iommu;
1235 unsigned long i, old_size;
1236
1237 #ifdef CONFIG_IOMMU_STRESS
1238 populate = false;
1239 #endif
1240
1241 if (index >= APERTURE_MAX_RANGES)
1242 return -ENOMEM;
1243
1244 dma_dom->aperture[index] = kzalloc(sizeof(struct aperture_range), gfp);
1245 if (!dma_dom->aperture[index])
1246 return -ENOMEM;
1247
1248 dma_dom->aperture[index]->bitmap = (void *)get_zeroed_page(gfp);
1249 if (!dma_dom->aperture[index]->bitmap)
1250 goto out_free;
1251
1252 dma_dom->aperture[index]->offset = dma_dom->aperture_size;
1253
1254 if (populate) {
1255 unsigned long address = dma_dom->aperture_size;
1256 int i, num_ptes = APERTURE_RANGE_PAGES / 512;
1257 u64 *pte, *pte_page;
1258
1259 for (i = 0; i < num_ptes; ++i) {
1260 pte = alloc_pte(&dma_dom->domain, address, PAGE_SIZE,
1261 &pte_page, gfp);
1262 if (!pte)
1263 goto out_free;
1264
1265 dma_dom->aperture[index]->pte_pages[i] = pte_page;
1266
1267 address += APERTURE_RANGE_SIZE / 64;
1268 }
1269 }
1270
1271 old_size = dma_dom->aperture_size;
1272 dma_dom->aperture_size += APERTURE_RANGE_SIZE;
1273
1274 /* Reserve address range used for MSI messages */
1275 if (old_size < MSI_ADDR_BASE_LO &&
1276 dma_dom->aperture_size > MSI_ADDR_BASE_LO) {
1277 unsigned long spage;
1278 int pages;
1279
1280 pages = iommu_num_pages(MSI_ADDR_BASE_LO, 0x10000, PAGE_SIZE);
1281 spage = MSI_ADDR_BASE_LO >> PAGE_SHIFT;
1282
1283 dma_ops_reserve_addresses(dma_dom, spage, pages);
1284 }
1285
1286 /* Initialize the exclusion range if necessary */
1287 for_each_iommu(iommu) {
1288 if (iommu->exclusion_start &&
1289 iommu->exclusion_start >= dma_dom->aperture[index]->offset
1290 && iommu->exclusion_start < dma_dom->aperture_size) {
1291 unsigned long startpage;
1292 int pages = iommu_num_pages(iommu->exclusion_start,
1293 iommu->exclusion_length,
1294 PAGE_SIZE);
1295 startpage = iommu->exclusion_start >> PAGE_SHIFT;
1296 dma_ops_reserve_addresses(dma_dom, startpage, pages);
1297 }
1298 }
1299
1300 /*
1301 * Check for areas already mapped as present in the new aperture
1302 * range and mark those pages as reserved in the allocator. Such
1303 * mappings may already exist as a result of requested unity
1304 * mappings for devices.
1305 */
1306 for (i = dma_dom->aperture[index]->offset;
1307 i < dma_dom->aperture_size;
1308 i += PAGE_SIZE) {
1309 u64 *pte = fetch_pte(&dma_dom->domain, i);
1310 if (!pte || !IOMMU_PTE_PRESENT(*pte))
1311 continue;
1312
1313 dma_ops_reserve_addresses(dma_dom, i >> PAGE_SHIFT, 1);
1314 }
1315
1316 update_domain(&dma_dom->domain);
1317
1318 return 0;
1319
1320 out_free:
1321 update_domain(&dma_dom->domain);
1322
1323 free_page((unsigned long)dma_dom->aperture[index]->bitmap);
1324
1325 kfree(dma_dom->aperture[index]);
1326 dma_dom->aperture[index] = NULL;
1327
1328 return -ENOMEM;
1329 }
1330
1331 static unsigned long dma_ops_area_alloc(struct device *dev,
1332 struct dma_ops_domain *dom,
1333 unsigned int pages,
1334 unsigned long align_mask,
1335 u64 dma_mask,
1336 unsigned long start)
1337 {
1338 unsigned long next_bit = dom->next_address % APERTURE_RANGE_SIZE;
1339 int max_index = dom->aperture_size >> APERTURE_RANGE_SHIFT;
1340 int i = start >> APERTURE_RANGE_SHIFT;
1341 unsigned long boundary_size;
1342 unsigned long address = -1;
1343 unsigned long limit;
1344
1345 next_bit >>= PAGE_SHIFT;
1346
1347 boundary_size = ALIGN(dma_get_seg_boundary(dev) + 1,
1348 PAGE_SIZE) >> PAGE_SHIFT;
1349
1350 for (;i < max_index; ++i) {
1351 unsigned long offset = dom->aperture[i]->offset >> PAGE_SHIFT;
1352
1353 if (dom->aperture[i]->offset >= dma_mask)
1354 break;
1355
1356 limit = iommu_device_max_index(APERTURE_RANGE_PAGES, offset,
1357 dma_mask >> PAGE_SHIFT);
1358
1359 address = iommu_area_alloc(dom->aperture[i]->bitmap,
1360 limit, next_bit, pages, 0,
1361 boundary_size, align_mask);
1362 if (address != -1) {
1363 address = dom->aperture[i]->offset +
1364 (address << PAGE_SHIFT);
1365 dom->next_address = address + (pages << PAGE_SHIFT);
1366 break;
1367 }
1368
1369 next_bit = 0;
1370 }
1371
1372 return address;
1373 }
1374
1375 static unsigned long dma_ops_alloc_addresses(struct device *dev,
1376 struct dma_ops_domain *dom,
1377 unsigned int pages,
1378 unsigned long align_mask,
1379 u64 dma_mask)
1380 {
1381 unsigned long address;
1382
1383 #ifdef CONFIG_IOMMU_STRESS
1384 dom->next_address = 0;
1385 dom->need_flush = true;
1386 #endif
1387
1388 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1389 dma_mask, dom->next_address);
1390
1391 if (address == -1) {
1392 dom->next_address = 0;
1393 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1394 dma_mask, 0);
1395 dom->need_flush = true;
1396 }
1397
1398 if (unlikely(address == -1))
1399 address = DMA_ERROR_CODE;
1400
1401 WARN_ON((address + (PAGE_SIZE*pages)) > dom->aperture_size);
1402
1403 return address;
1404 }
1405
1406 /*
1407 * The address free function.
1408 *
1409 * called with domain->lock held
1410 */
1411 static void dma_ops_free_addresses(struct dma_ops_domain *dom,
1412 unsigned long address,
1413 unsigned int pages)
1414 {
1415 unsigned i = address >> APERTURE_RANGE_SHIFT;
1416 struct aperture_range *range = dom->aperture[i];
1417
1418 BUG_ON(i >= APERTURE_MAX_RANGES || range == NULL);
1419
1420 #ifdef CONFIG_IOMMU_STRESS
1421 if (i < 4)
1422 return;
1423 #endif
1424
1425 if (address >= dom->next_address)
1426 dom->need_flush = true;
1427
1428 address = (address % APERTURE_RANGE_SIZE) >> PAGE_SHIFT;
1429
1430 bitmap_clear(range->bitmap, address, pages);
1431
1432 }
1433
1434 /****************************************************************************
1435 *
1436 * The next functions belong to the domain allocation. A domain is
1437 * allocated for every IOMMU as the default domain. If device isolation
1438 * is enabled, every device get its own domain. The most important thing
1439 * about domains is the page table mapping the DMA address space they
1440 * contain.
1441 *
1442 ****************************************************************************/
1443
1444 /*
1445 * This function adds a protection domain to the global protection domain list
1446 */
1447 static void add_domain_to_list(struct protection_domain *domain)
1448 {
1449 unsigned long flags;
1450
1451 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1452 list_add(&domain->list, &amd_iommu_pd_list);
1453 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1454 }
1455
1456 /*
1457 * This function removes a protection domain to the global
1458 * protection domain list
1459 */
1460 static void del_domain_from_list(struct protection_domain *domain)
1461 {
1462 unsigned long flags;
1463
1464 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1465 list_del(&domain->list);
1466 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1467 }
1468
1469 static u16 domain_id_alloc(void)
1470 {
1471 unsigned long flags;
1472 int id;
1473
1474 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1475 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
1476 BUG_ON(id == 0);
1477 if (id > 0 && id < MAX_DOMAIN_ID)
1478 __set_bit(id, amd_iommu_pd_alloc_bitmap);
1479 else
1480 id = 0;
1481 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1482
1483 return id;
1484 }
1485
1486 static void domain_id_free(int id)
1487 {
1488 unsigned long flags;
1489
1490 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1491 if (id > 0 && id < MAX_DOMAIN_ID)
1492 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1493 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1494 }
1495
1496 static void free_pagetable(struct protection_domain *domain)
1497 {
1498 int i, j;
1499 u64 *p1, *p2, *p3;
1500
1501 p1 = domain->pt_root;
1502
1503 if (!p1)
1504 return;
1505
1506 for (i = 0; i < 512; ++i) {
1507 if (!IOMMU_PTE_PRESENT(p1[i]))
1508 continue;
1509
1510 p2 = IOMMU_PTE_PAGE(p1[i]);
1511 for (j = 0; j < 512; ++j) {
1512 if (!IOMMU_PTE_PRESENT(p2[j]))
1513 continue;
1514 p3 = IOMMU_PTE_PAGE(p2[j]);
1515 free_page((unsigned long)p3);
1516 }
1517
1518 free_page((unsigned long)p2);
1519 }
1520
1521 free_page((unsigned long)p1);
1522
1523 domain->pt_root = NULL;
1524 }
1525
1526 /*
1527 * Free a domain, only used if something went wrong in the
1528 * allocation path and we need to free an already allocated page table
1529 */
1530 static void dma_ops_domain_free(struct dma_ops_domain *dom)
1531 {
1532 int i;
1533
1534 if (!dom)
1535 return;
1536
1537 del_domain_from_list(&dom->domain);
1538
1539 free_pagetable(&dom->domain);
1540
1541 for (i = 0; i < APERTURE_MAX_RANGES; ++i) {
1542 if (!dom->aperture[i])
1543 continue;
1544 free_page((unsigned long)dom->aperture[i]->bitmap);
1545 kfree(dom->aperture[i]);
1546 }
1547
1548 kfree(dom);
1549 }
1550
1551 /*
1552 * Allocates a new protection domain usable for the dma_ops functions.
1553 * It also initializes the page table and the address allocator data
1554 * structures required for the dma_ops interface
1555 */
1556 static struct dma_ops_domain *dma_ops_domain_alloc(void)
1557 {
1558 struct dma_ops_domain *dma_dom;
1559
1560 dma_dom = kzalloc(sizeof(struct dma_ops_domain), GFP_KERNEL);
1561 if (!dma_dom)
1562 return NULL;
1563
1564 spin_lock_init(&dma_dom->domain.lock);
1565
1566 dma_dom->domain.id = domain_id_alloc();
1567 if (dma_dom->domain.id == 0)
1568 goto free_dma_dom;
1569 INIT_LIST_HEAD(&dma_dom->domain.dev_list);
1570 dma_dom->domain.mode = PAGE_MODE_2_LEVEL;
1571 dma_dom->domain.pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1572 dma_dom->domain.flags = PD_DMA_OPS_MASK;
1573 dma_dom->domain.priv = dma_dom;
1574 if (!dma_dom->domain.pt_root)
1575 goto free_dma_dom;
1576
1577 dma_dom->need_flush = false;
1578 dma_dom->target_dev = 0xffff;
1579
1580 add_domain_to_list(&dma_dom->domain);
1581
1582 if (alloc_new_range(dma_dom, true, GFP_KERNEL))
1583 goto free_dma_dom;
1584
1585 /*
1586 * mark the first page as allocated so we never return 0 as
1587 * a valid dma-address. So we can use 0 as error value
1588 */
1589 dma_dom->aperture[0]->bitmap[0] = 1;
1590 dma_dom->next_address = 0;
1591
1592
1593 return dma_dom;
1594
1595 free_dma_dom:
1596 dma_ops_domain_free(dma_dom);
1597
1598 return NULL;
1599 }
1600
1601 /*
1602 * little helper function to check whether a given protection domain is a
1603 * dma_ops domain
1604 */
1605 static bool dma_ops_domain(struct protection_domain *domain)
1606 {
1607 return domain->flags & PD_DMA_OPS_MASK;
1608 }
1609
1610 static void set_dte_entry(u16 devid, struct protection_domain *domain, bool ats)
1611 {
1612 u64 pte_root = virt_to_phys(domain->pt_root);
1613 u64 flags = 0;
1614
1615 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1616 << DEV_ENTRY_MODE_SHIFT;
1617 pte_root |= IOMMU_PTE_IR | IOMMU_PTE_IW | IOMMU_PTE_P | IOMMU_PTE_TV;
1618
1619 flags = amd_iommu_dev_table[devid].data[1];
1620
1621 if (ats)
1622 flags |= DTE_FLAG_IOTLB;
1623
1624 flags &= ~(0xffffUL);
1625 flags |= domain->id;
1626
1627 amd_iommu_dev_table[devid].data[1] = flags;
1628 amd_iommu_dev_table[devid].data[0] = pte_root;
1629 }
1630
1631 static void clear_dte_entry(u16 devid)
1632 {
1633 /* remove entry from the device table seen by the hardware */
1634 amd_iommu_dev_table[devid].data[0] = IOMMU_PTE_P | IOMMU_PTE_TV;
1635 amd_iommu_dev_table[devid].data[1] = 0;
1636
1637 amd_iommu_apply_erratum_63(devid);
1638 }
1639
1640 static void do_attach(struct iommu_dev_data *dev_data,
1641 struct protection_domain *domain)
1642 {
1643 struct amd_iommu *iommu;
1644 bool ats;
1645
1646 iommu = amd_iommu_rlookup_table[dev_data->devid];
1647 ats = dev_data->ats.enabled;
1648
1649 /* Update data structures */
1650 dev_data->domain = domain;
1651 list_add(&dev_data->list, &domain->dev_list);
1652 set_dte_entry(dev_data->devid, domain, ats);
1653
1654 /* Do reference counting */
1655 domain->dev_iommu[iommu->index] += 1;
1656 domain->dev_cnt += 1;
1657
1658 /* Flush the DTE entry */
1659 device_flush_dte(dev_data);
1660 }
1661
1662 static void do_detach(struct iommu_dev_data *dev_data)
1663 {
1664 struct amd_iommu *iommu;
1665
1666 iommu = amd_iommu_rlookup_table[dev_data->devid];
1667
1668 /* decrease reference counters */
1669 dev_data->domain->dev_iommu[iommu->index] -= 1;
1670 dev_data->domain->dev_cnt -= 1;
1671
1672 /* Update data structures */
1673 dev_data->domain = NULL;
1674 list_del(&dev_data->list);
1675 clear_dte_entry(dev_data->devid);
1676
1677 /* Flush the DTE entry */
1678 device_flush_dte(dev_data);
1679 }
1680
1681 /*
1682 * If a device is not yet associated with a domain, this function does
1683 * assigns it visible for the hardware
1684 */
1685 static int __attach_device(struct iommu_dev_data *dev_data,
1686 struct protection_domain *domain)
1687 {
1688 int ret;
1689
1690 /* lock domain */
1691 spin_lock(&domain->lock);
1692
1693 if (dev_data->alias_data != NULL) {
1694 struct iommu_dev_data *alias_data = dev_data->alias_data;
1695
1696 /* Some sanity checks */
1697 ret = -EBUSY;
1698 if (alias_data->domain != NULL &&
1699 alias_data->domain != domain)
1700 goto out_unlock;
1701
1702 if (dev_data->domain != NULL &&
1703 dev_data->domain != domain)
1704 goto out_unlock;
1705
1706 /* Do real assignment */
1707 if (alias_data->domain == NULL)
1708 do_attach(alias_data, domain);
1709
1710 atomic_inc(&alias_data->bind);
1711 }
1712
1713 if (dev_data->domain == NULL)
1714 do_attach(dev_data, domain);
1715
1716 atomic_inc(&dev_data->bind);
1717
1718 ret = 0;
1719
1720 out_unlock:
1721
1722 /* ready */
1723 spin_unlock(&domain->lock);
1724
1725 return ret;
1726 }
1727
1728 /*
1729 * If a device is not yet associated with a domain, this function does
1730 * assigns it visible for the hardware
1731 */
1732 static int attach_device(struct device *dev,
1733 struct protection_domain *domain)
1734 {
1735 struct pci_dev *pdev = to_pci_dev(dev);
1736 struct iommu_dev_data *dev_data;
1737 unsigned long flags;
1738 int ret;
1739
1740 dev_data = get_dev_data(dev);
1741
1742 if (amd_iommu_iotlb_sup && pci_enable_ats(pdev, PAGE_SHIFT) == 0) {
1743 dev_data->ats.enabled = true;
1744 dev_data->ats.qdep = pci_ats_queue_depth(pdev);
1745 }
1746
1747 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1748 ret = __attach_device(dev_data, domain);
1749 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1750
1751 /*
1752 * We might boot into a crash-kernel here. The crashed kernel
1753 * left the caches in the IOMMU dirty. So we have to flush
1754 * here to evict all dirty stuff.
1755 */
1756 domain_flush_tlb_pde(domain);
1757
1758 return ret;
1759 }
1760
1761 /*
1762 * Removes a device from a protection domain (unlocked)
1763 */
1764 static void __detach_device(struct iommu_dev_data *dev_data)
1765 {
1766 struct protection_domain *domain;
1767 unsigned long flags;
1768
1769 BUG_ON(!dev_data->domain);
1770
1771 domain = dev_data->domain;
1772
1773 spin_lock_irqsave(&domain->lock, flags);
1774
1775 if (dev_data->alias_data != NULL) {
1776 struct iommu_dev_data *alias_data = dev_data->alias_data;
1777
1778 if (atomic_dec_and_test(&alias_data->bind))
1779 do_detach(alias_data);
1780 }
1781
1782 if (atomic_dec_and_test(&dev_data->bind))
1783 do_detach(dev_data);
1784
1785 spin_unlock_irqrestore(&domain->lock, flags);
1786
1787 /*
1788 * If we run in passthrough mode the device must be assigned to the
1789 * passthrough domain if it is detached from any other domain.
1790 * Make sure we can deassign from the pt_domain itself.
1791 */
1792 if (dev_data->passthrough &&
1793 (dev_data->domain == NULL && domain != pt_domain))
1794 __attach_device(dev_data, pt_domain);
1795 }
1796
1797 /*
1798 * Removes a device from a protection domain (with devtable_lock held)
1799 */
1800 static void detach_device(struct device *dev)
1801 {
1802 struct iommu_dev_data *dev_data;
1803 unsigned long flags;
1804
1805 dev_data = get_dev_data(dev);
1806
1807 /* lock device table */
1808 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1809 __detach_device(dev_data);
1810 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1811
1812 if (dev_data->ats.enabled) {
1813 pci_disable_ats(to_pci_dev(dev));
1814 dev_data->ats.enabled = false;
1815 }
1816 }
1817
1818 /*
1819 * Find out the protection domain structure for a given PCI device. This
1820 * will give us the pointer to the page table root for example.
1821 */
1822 static struct protection_domain *domain_for_device(struct device *dev)
1823 {
1824 struct iommu_dev_data *dev_data;
1825 struct protection_domain *dom = NULL;
1826 unsigned long flags;
1827
1828 dev_data = get_dev_data(dev);
1829
1830 if (dev_data->domain)
1831 return dev_data->domain;
1832
1833 if (dev_data->alias_data != NULL) {
1834 struct iommu_dev_data *alias_data = dev_data->alias_data;
1835
1836 read_lock_irqsave(&amd_iommu_devtable_lock, flags);
1837 if (alias_data->domain != NULL) {
1838 __attach_device(dev_data, alias_data->domain);
1839 dom = alias_data->domain;
1840 }
1841 read_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1842 }
1843
1844 return dom;
1845 }
1846
1847 static int device_change_notifier(struct notifier_block *nb,
1848 unsigned long action, void *data)
1849 {
1850 struct dma_ops_domain *dma_domain;
1851 struct protection_domain *domain;
1852 struct iommu_dev_data *dev_data;
1853 struct device *dev = data;
1854 struct amd_iommu *iommu;
1855 unsigned long flags;
1856 u16 devid;
1857
1858 if (!check_device(dev))
1859 return 0;
1860
1861 devid = get_device_id(dev);
1862 iommu = amd_iommu_rlookup_table[devid];
1863 dev_data = get_dev_data(dev);
1864
1865 switch (action) {
1866 case BUS_NOTIFY_UNBOUND_DRIVER:
1867
1868 domain = domain_for_device(dev);
1869
1870 if (!domain)
1871 goto out;
1872 if (dev_data->passthrough)
1873 break;
1874 detach_device(dev);
1875 break;
1876 case BUS_NOTIFY_ADD_DEVICE:
1877
1878 iommu_init_device(dev);
1879
1880 domain = domain_for_device(dev);
1881
1882 /* allocate a protection domain if a device is added */
1883 dma_domain = find_protection_domain(devid);
1884 if (dma_domain)
1885 goto out;
1886 dma_domain = dma_ops_domain_alloc();
1887 if (!dma_domain)
1888 goto out;
1889 dma_domain->target_dev = devid;
1890
1891 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1892 list_add_tail(&dma_domain->list, &iommu_pd_list);
1893 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1894
1895 break;
1896 case BUS_NOTIFY_DEL_DEVICE:
1897
1898 iommu_uninit_device(dev);
1899
1900 default:
1901 goto out;
1902 }
1903
1904 iommu_completion_wait(iommu);
1905
1906 out:
1907 return 0;
1908 }
1909
1910 static struct notifier_block device_nb = {
1911 .notifier_call = device_change_notifier,
1912 };
1913
1914 void amd_iommu_init_notifier(void)
1915 {
1916 bus_register_notifier(&pci_bus_type, &device_nb);
1917 }
1918
1919 /*****************************************************************************
1920 *
1921 * The next functions belong to the dma_ops mapping/unmapping code.
1922 *
1923 *****************************************************************************/
1924
1925 /*
1926 * In the dma_ops path we only have the struct device. This function
1927 * finds the corresponding IOMMU, the protection domain and the
1928 * requestor id for a given device.
1929 * If the device is not yet associated with a domain this is also done
1930 * in this function.
1931 */
1932 static struct protection_domain *get_domain(struct device *dev)
1933 {
1934 struct protection_domain *domain;
1935 struct dma_ops_domain *dma_dom;
1936 u16 devid = get_device_id(dev);
1937
1938 if (!check_device(dev))
1939 return ERR_PTR(-EINVAL);
1940
1941 domain = domain_for_device(dev);
1942 if (domain != NULL && !dma_ops_domain(domain))
1943 return ERR_PTR(-EBUSY);
1944
1945 if (domain != NULL)
1946 return domain;
1947
1948 /* Device not bount yet - bind it */
1949 dma_dom = find_protection_domain(devid);
1950 if (!dma_dom)
1951 dma_dom = amd_iommu_rlookup_table[devid]->default_dom;
1952 attach_device(dev, &dma_dom->domain);
1953 DUMP_printk("Using protection domain %d for device %s\n",
1954 dma_dom->domain.id, dev_name(dev));
1955
1956 return &dma_dom->domain;
1957 }
1958
1959 static void update_device_table(struct protection_domain *domain)
1960 {
1961 struct iommu_dev_data *dev_data;
1962
1963 list_for_each_entry(dev_data, &domain->dev_list, list)
1964 set_dte_entry(dev_data->devid, domain, dev_data->ats.enabled);
1965 }
1966
1967 static void update_domain(struct protection_domain *domain)
1968 {
1969 if (!domain->updated)
1970 return;
1971
1972 update_device_table(domain);
1973
1974 domain_flush_devices(domain);
1975 domain_flush_tlb_pde(domain);
1976
1977 domain->updated = false;
1978 }
1979
1980 /*
1981 * This function fetches the PTE for a given address in the aperture
1982 */
1983 static u64* dma_ops_get_pte(struct dma_ops_domain *dom,
1984 unsigned long address)
1985 {
1986 struct aperture_range *aperture;
1987 u64 *pte, *pte_page;
1988
1989 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1990 if (!aperture)
1991 return NULL;
1992
1993 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1994 if (!pte) {
1995 pte = alloc_pte(&dom->domain, address, PAGE_SIZE, &pte_page,
1996 GFP_ATOMIC);
1997 aperture->pte_pages[APERTURE_PAGE_INDEX(address)] = pte_page;
1998 } else
1999 pte += PM_LEVEL_INDEX(0, address);
2000
2001 update_domain(&dom->domain);
2002
2003 return pte;
2004 }
2005
2006 /*
2007 * This is the generic map function. It maps one 4kb page at paddr to
2008 * the given address in the DMA address space for the domain.
2009 */
2010 static dma_addr_t dma_ops_domain_map(struct dma_ops_domain *dom,
2011 unsigned long address,
2012 phys_addr_t paddr,
2013 int direction)
2014 {
2015 u64 *pte, __pte;
2016
2017 WARN_ON(address > dom->aperture_size);
2018
2019 paddr &= PAGE_MASK;
2020
2021 pte = dma_ops_get_pte(dom, address);
2022 if (!pte)
2023 return DMA_ERROR_CODE;
2024
2025 __pte = paddr | IOMMU_PTE_P | IOMMU_PTE_FC;
2026
2027 if (direction == DMA_TO_DEVICE)
2028 __pte |= IOMMU_PTE_IR;
2029 else if (direction == DMA_FROM_DEVICE)
2030 __pte |= IOMMU_PTE_IW;
2031 else if (direction == DMA_BIDIRECTIONAL)
2032 __pte |= IOMMU_PTE_IR | IOMMU_PTE_IW;
2033
2034 WARN_ON(*pte);
2035
2036 *pte = __pte;
2037
2038 return (dma_addr_t)address;
2039 }
2040
2041 /*
2042 * The generic unmapping function for on page in the DMA address space.
2043 */
2044 static void dma_ops_domain_unmap(struct dma_ops_domain *dom,
2045 unsigned long address)
2046 {
2047 struct aperture_range *aperture;
2048 u64 *pte;
2049
2050 if (address >= dom->aperture_size)
2051 return;
2052
2053 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
2054 if (!aperture)
2055 return;
2056
2057 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
2058 if (!pte)
2059 return;
2060
2061 pte += PM_LEVEL_INDEX(0, address);
2062
2063 WARN_ON(!*pte);
2064
2065 *pte = 0ULL;
2066 }
2067
2068 /*
2069 * This function contains common code for mapping of a physically
2070 * contiguous memory region into DMA address space. It is used by all
2071 * mapping functions provided with this IOMMU driver.
2072 * Must be called with the domain lock held.
2073 */
2074 static dma_addr_t __map_single(struct device *dev,
2075 struct dma_ops_domain *dma_dom,
2076 phys_addr_t paddr,
2077 size_t size,
2078 int dir,
2079 bool align,
2080 u64 dma_mask)
2081 {
2082 dma_addr_t offset = paddr & ~PAGE_MASK;
2083 dma_addr_t address, start, ret;
2084 unsigned int pages;
2085 unsigned long align_mask = 0;
2086 int i;
2087
2088 pages = iommu_num_pages(paddr, size, PAGE_SIZE);
2089 paddr &= PAGE_MASK;
2090
2091 INC_STATS_COUNTER(total_map_requests);
2092
2093 if (pages > 1)
2094 INC_STATS_COUNTER(cross_page);
2095
2096 if (align)
2097 align_mask = (1UL << get_order(size)) - 1;
2098
2099 retry:
2100 address = dma_ops_alloc_addresses(dev, dma_dom, pages, align_mask,
2101 dma_mask);
2102 if (unlikely(address == DMA_ERROR_CODE)) {
2103 /*
2104 * setting next_address here will let the address
2105 * allocator only scan the new allocated range in the
2106 * first run. This is a small optimization.
2107 */
2108 dma_dom->next_address = dma_dom->aperture_size;
2109
2110 if (alloc_new_range(dma_dom, false, GFP_ATOMIC))
2111 goto out;
2112
2113 /*
2114 * aperture was successfully enlarged by 128 MB, try
2115 * allocation again
2116 */
2117 goto retry;
2118 }
2119
2120 start = address;
2121 for (i = 0; i < pages; ++i) {
2122 ret = dma_ops_domain_map(dma_dom, start, paddr, dir);
2123 if (ret == DMA_ERROR_CODE)
2124 goto out_unmap;
2125
2126 paddr += PAGE_SIZE;
2127 start += PAGE_SIZE;
2128 }
2129 address += offset;
2130
2131 ADD_STATS_COUNTER(alloced_io_mem, size);
2132
2133 if (unlikely(dma_dom->need_flush && !amd_iommu_unmap_flush)) {
2134 domain_flush_tlb(&dma_dom->domain);
2135 dma_dom->need_flush = false;
2136 } else if (unlikely(amd_iommu_np_cache))
2137 domain_flush_pages(&dma_dom->domain, address, size);
2138
2139 out:
2140 return address;
2141
2142 out_unmap:
2143
2144 for (--i; i >= 0; --i) {
2145 start -= PAGE_SIZE;
2146 dma_ops_domain_unmap(dma_dom, start);
2147 }
2148
2149 dma_ops_free_addresses(dma_dom, address, pages);
2150
2151 return DMA_ERROR_CODE;
2152 }
2153
2154 /*
2155 * Does the reverse of the __map_single function. Must be called with
2156 * the domain lock held too
2157 */
2158 static void __unmap_single(struct dma_ops_domain *dma_dom,
2159 dma_addr_t dma_addr,
2160 size_t size,
2161 int dir)
2162 {
2163 dma_addr_t flush_addr;
2164 dma_addr_t i, start;
2165 unsigned int pages;
2166
2167 if ((dma_addr == DMA_ERROR_CODE) ||
2168 (dma_addr + size > dma_dom->aperture_size))
2169 return;
2170
2171 flush_addr = dma_addr;
2172 pages = iommu_num_pages(dma_addr, size, PAGE_SIZE);
2173 dma_addr &= PAGE_MASK;
2174 start = dma_addr;
2175
2176 for (i = 0; i < pages; ++i) {
2177 dma_ops_domain_unmap(dma_dom, start);
2178 start += PAGE_SIZE;
2179 }
2180
2181 SUB_STATS_COUNTER(alloced_io_mem, size);
2182
2183 dma_ops_free_addresses(dma_dom, dma_addr, pages);
2184
2185 if (amd_iommu_unmap_flush || dma_dom->need_flush) {
2186 domain_flush_pages(&dma_dom->domain, flush_addr, size);
2187 dma_dom->need_flush = false;
2188 }
2189 }
2190
2191 /*
2192 * The exported map_single function for dma_ops.
2193 */
2194 static dma_addr_t map_page(struct device *dev, struct page *page,
2195 unsigned long offset, size_t size,
2196 enum dma_data_direction dir,
2197 struct dma_attrs *attrs)
2198 {
2199 unsigned long flags;
2200 struct protection_domain *domain;
2201 dma_addr_t addr;
2202 u64 dma_mask;
2203 phys_addr_t paddr = page_to_phys(page) + offset;
2204
2205 INC_STATS_COUNTER(cnt_map_single);
2206
2207 domain = get_domain(dev);
2208 if (PTR_ERR(domain) == -EINVAL)
2209 return (dma_addr_t)paddr;
2210 else if (IS_ERR(domain))
2211 return DMA_ERROR_CODE;
2212
2213 dma_mask = *dev->dma_mask;
2214
2215 spin_lock_irqsave(&domain->lock, flags);
2216
2217 addr = __map_single(dev, domain->priv, paddr, size, dir, false,
2218 dma_mask);
2219 if (addr == DMA_ERROR_CODE)
2220 goto out;
2221
2222 domain_flush_complete(domain);
2223
2224 out:
2225 spin_unlock_irqrestore(&domain->lock, flags);
2226
2227 return addr;
2228 }
2229
2230 /*
2231 * The exported unmap_single function for dma_ops.
2232 */
2233 static void unmap_page(struct device *dev, dma_addr_t dma_addr, size_t size,
2234 enum dma_data_direction dir, struct dma_attrs *attrs)
2235 {
2236 unsigned long flags;
2237 struct protection_domain *domain;
2238
2239 INC_STATS_COUNTER(cnt_unmap_single);
2240
2241 domain = get_domain(dev);
2242 if (IS_ERR(domain))
2243 return;
2244
2245 spin_lock_irqsave(&domain->lock, flags);
2246
2247 __unmap_single(domain->priv, dma_addr, size, dir);
2248
2249 domain_flush_complete(domain);
2250
2251 spin_unlock_irqrestore(&domain->lock, flags);
2252 }
2253
2254 /*
2255 * This is a special map_sg function which is used if we should map a
2256 * device which is not handled by an AMD IOMMU in the system.
2257 */
2258 static int map_sg_no_iommu(struct device *dev, struct scatterlist *sglist,
2259 int nelems, int dir)
2260 {
2261 struct scatterlist *s;
2262 int i;
2263
2264 for_each_sg(sglist, s, nelems, i) {
2265 s->dma_address = (dma_addr_t)sg_phys(s);
2266 s->dma_length = s->length;
2267 }
2268
2269 return nelems;
2270 }
2271
2272 /*
2273 * The exported map_sg function for dma_ops (handles scatter-gather
2274 * lists).
2275 */
2276 static int map_sg(struct device *dev, struct scatterlist *sglist,
2277 int nelems, enum dma_data_direction dir,
2278 struct dma_attrs *attrs)
2279 {
2280 unsigned long flags;
2281 struct protection_domain *domain;
2282 int i;
2283 struct scatterlist *s;
2284 phys_addr_t paddr;
2285 int mapped_elems = 0;
2286 u64 dma_mask;
2287
2288 INC_STATS_COUNTER(cnt_map_sg);
2289
2290 domain = get_domain(dev);
2291 if (PTR_ERR(domain) == -EINVAL)
2292 return map_sg_no_iommu(dev, sglist, nelems, dir);
2293 else if (IS_ERR(domain))
2294 return 0;
2295
2296 dma_mask = *dev->dma_mask;
2297
2298 spin_lock_irqsave(&domain->lock, flags);
2299
2300 for_each_sg(sglist, s, nelems, i) {
2301 paddr = sg_phys(s);
2302
2303 s->dma_address = __map_single(dev, domain->priv,
2304 paddr, s->length, dir, false,
2305 dma_mask);
2306
2307 if (s->dma_address) {
2308 s->dma_length = s->length;
2309 mapped_elems++;
2310 } else
2311 goto unmap;
2312 }
2313
2314 domain_flush_complete(domain);
2315
2316 out:
2317 spin_unlock_irqrestore(&domain->lock, flags);
2318
2319 return mapped_elems;
2320 unmap:
2321 for_each_sg(sglist, s, mapped_elems, i) {
2322 if (s->dma_address)
2323 __unmap_single(domain->priv, s->dma_address,
2324 s->dma_length, dir);
2325 s->dma_address = s->dma_length = 0;
2326 }
2327
2328 mapped_elems = 0;
2329
2330 goto out;
2331 }
2332
2333 /*
2334 * The exported map_sg function for dma_ops (handles scatter-gather
2335 * lists).
2336 */
2337 static void unmap_sg(struct device *dev, struct scatterlist *sglist,
2338 int nelems, enum dma_data_direction dir,
2339 struct dma_attrs *attrs)
2340 {
2341 unsigned long flags;
2342 struct protection_domain *domain;
2343 struct scatterlist *s;
2344 int i;
2345
2346 INC_STATS_COUNTER(cnt_unmap_sg);
2347
2348 domain = get_domain(dev);
2349 if (IS_ERR(domain))
2350 return;
2351
2352 spin_lock_irqsave(&domain->lock, flags);
2353
2354 for_each_sg(sglist, s, nelems, i) {
2355 __unmap_single(domain->priv, s->dma_address,
2356 s->dma_length, dir);
2357 s->dma_address = s->dma_length = 0;
2358 }
2359
2360 domain_flush_complete(domain);
2361
2362 spin_unlock_irqrestore(&domain->lock, flags);
2363 }
2364
2365 /*
2366 * The exported alloc_coherent function for dma_ops.
2367 */
2368 static void *alloc_coherent(struct device *dev, size_t size,
2369 dma_addr_t *dma_addr, gfp_t flag)
2370 {
2371 unsigned long flags;
2372 void *virt_addr;
2373 struct protection_domain *domain;
2374 phys_addr_t paddr;
2375 u64 dma_mask = dev->coherent_dma_mask;
2376
2377 INC_STATS_COUNTER(cnt_alloc_coherent);
2378
2379 domain = get_domain(dev);
2380 if (PTR_ERR(domain) == -EINVAL) {
2381 virt_addr = (void *)__get_free_pages(flag, get_order(size));
2382 *dma_addr = __pa(virt_addr);
2383 return virt_addr;
2384 } else if (IS_ERR(domain))
2385 return NULL;
2386
2387 dma_mask = dev->coherent_dma_mask;
2388 flag &= ~(__GFP_DMA | __GFP_HIGHMEM | __GFP_DMA32);
2389 flag |= __GFP_ZERO;
2390
2391 virt_addr = (void *)__get_free_pages(flag, get_order(size));
2392 if (!virt_addr)
2393 return NULL;
2394
2395 paddr = virt_to_phys(virt_addr);
2396
2397 if (!dma_mask)
2398 dma_mask = *dev->dma_mask;
2399
2400 spin_lock_irqsave(&domain->lock, flags);
2401
2402 *dma_addr = __map_single(dev, domain->priv, paddr,
2403 size, DMA_BIDIRECTIONAL, true, dma_mask);
2404
2405 if (*dma_addr == DMA_ERROR_CODE) {
2406 spin_unlock_irqrestore(&domain->lock, flags);
2407 goto out_free;
2408 }
2409
2410 domain_flush_complete(domain);
2411
2412 spin_unlock_irqrestore(&domain->lock, flags);
2413
2414 return virt_addr;
2415
2416 out_free:
2417
2418 free_pages((unsigned long)virt_addr, get_order(size));
2419
2420 return NULL;
2421 }
2422
2423 /*
2424 * The exported free_coherent function for dma_ops.
2425 */
2426 static void free_coherent(struct device *dev, size_t size,
2427 void *virt_addr, dma_addr_t dma_addr)
2428 {
2429 unsigned long flags;
2430 struct protection_domain *domain;
2431
2432 INC_STATS_COUNTER(cnt_free_coherent);
2433
2434 domain = get_domain(dev);
2435 if (IS_ERR(domain))
2436 goto free_mem;
2437
2438 spin_lock_irqsave(&domain->lock, flags);
2439
2440 __unmap_single(domain->priv, dma_addr, size, DMA_BIDIRECTIONAL);
2441
2442 domain_flush_complete(domain);
2443
2444 spin_unlock_irqrestore(&domain->lock, flags);
2445
2446 free_mem:
2447 free_pages((unsigned long)virt_addr, get_order(size));
2448 }
2449
2450 /*
2451 * This function is called by the DMA layer to find out if we can handle a
2452 * particular device. It is part of the dma_ops.
2453 */
2454 static int amd_iommu_dma_supported(struct device *dev, u64 mask)
2455 {
2456 return check_device(dev);
2457 }
2458
2459 /*
2460 * The function for pre-allocating protection domains.
2461 *
2462 * If the driver core informs the DMA layer if a driver grabs a device
2463 * we don't need to preallocate the protection domains anymore.
2464 * For now we have to.
2465 */
2466 static void prealloc_protection_domains(void)
2467 {
2468 struct iommu_dev_data *dev_data;
2469 struct dma_ops_domain *dma_dom;
2470 struct pci_dev *dev = NULL;
2471 u16 devid;
2472
2473 for_each_pci_dev(dev) {
2474
2475 /* Do we handle this device? */
2476 if (!check_device(&dev->dev))
2477 continue;
2478
2479 dev_data = get_dev_data(&dev->dev);
2480 if (!amd_iommu_force_isolation && dev_data->iommu_v2) {
2481 /* Make sure passthrough domain is allocated */
2482 alloc_passthrough_domain();
2483 dev_data->passthrough = true;
2484 attach_device(&dev->dev, pt_domain);
2485 pr_info("AMD-Vi: Using passthough domain for device %s\n",
2486 dev_name(&dev->dev));
2487 }
2488
2489 /* Is there already any domain for it? */
2490 if (domain_for_device(&dev->dev))
2491 continue;
2492
2493 devid = get_device_id(&dev->dev);
2494
2495 dma_dom = dma_ops_domain_alloc();
2496 if (!dma_dom)
2497 continue;
2498 init_unity_mappings_for_device(dma_dom, devid);
2499 dma_dom->target_dev = devid;
2500
2501 attach_device(&dev->dev, &dma_dom->domain);
2502
2503 list_add_tail(&dma_dom->list, &iommu_pd_list);
2504 }
2505 }
2506
2507 static struct dma_map_ops amd_iommu_dma_ops = {
2508 .alloc_coherent = alloc_coherent,
2509 .free_coherent = free_coherent,
2510 .map_page = map_page,
2511 .unmap_page = unmap_page,
2512 .map_sg = map_sg,
2513 .unmap_sg = unmap_sg,
2514 .dma_supported = amd_iommu_dma_supported,
2515 };
2516
2517 static unsigned device_dma_ops_init(void)
2518 {
2519 struct iommu_dev_data *dev_data;
2520 struct pci_dev *pdev = NULL;
2521 unsigned unhandled = 0;
2522
2523 for_each_pci_dev(pdev) {
2524 if (!check_device(&pdev->dev)) {
2525 unhandled += 1;
2526 continue;
2527 }
2528
2529 dev_data = get_dev_data(&pdev->dev);
2530
2531 if (!dev_data->passthrough)
2532 pdev->dev.archdata.dma_ops = &amd_iommu_dma_ops;
2533 else
2534 pdev->dev.archdata.dma_ops = &nommu_dma_ops;
2535 }
2536
2537 return unhandled;
2538 }
2539
2540 /*
2541 * The function which clues the AMD IOMMU driver into dma_ops.
2542 */
2543
2544 void __init amd_iommu_init_api(void)
2545 {
2546 bus_set_iommu(&pci_bus_type, &amd_iommu_ops);
2547 }
2548
2549 int __init amd_iommu_init_dma_ops(void)
2550 {
2551 struct amd_iommu *iommu;
2552 int ret, unhandled;
2553
2554 /*
2555 * first allocate a default protection domain for every IOMMU we
2556 * found in the system. Devices not assigned to any other
2557 * protection domain will be assigned to the default one.
2558 */
2559 for_each_iommu(iommu) {
2560 iommu->default_dom = dma_ops_domain_alloc();
2561 if (iommu->default_dom == NULL)
2562 return -ENOMEM;
2563 iommu->default_dom->domain.flags |= PD_DEFAULT_MASK;
2564 ret = iommu_init_unity_mappings(iommu);
2565 if (ret)
2566 goto free_domains;
2567 }
2568
2569 /*
2570 * Pre-allocate the protection domains for each device.
2571 */
2572 prealloc_protection_domains();
2573
2574 iommu_detected = 1;
2575 swiotlb = 0;
2576
2577 /* Make the driver finally visible to the drivers */
2578 unhandled = device_dma_ops_init();
2579 if (unhandled && max_pfn > MAX_DMA32_PFN) {
2580 /* There are unhandled devices - initialize swiotlb for them */
2581 swiotlb = 1;
2582 }
2583
2584 amd_iommu_stats_init();
2585
2586 return 0;
2587
2588 free_domains:
2589
2590 for_each_iommu(iommu) {
2591 if (iommu->default_dom)
2592 dma_ops_domain_free(iommu->default_dom);
2593 }
2594
2595 return ret;
2596 }
2597
2598 /*****************************************************************************
2599 *
2600 * The following functions belong to the exported interface of AMD IOMMU
2601 *
2602 * This interface allows access to lower level functions of the IOMMU
2603 * like protection domain handling and assignement of devices to domains
2604 * which is not possible with the dma_ops interface.
2605 *
2606 *****************************************************************************/
2607
2608 static void cleanup_domain(struct protection_domain *domain)
2609 {
2610 struct iommu_dev_data *dev_data, *next;
2611 unsigned long flags;
2612
2613 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
2614
2615 list_for_each_entry_safe(dev_data, next, &domain->dev_list, list) {
2616 __detach_device(dev_data);
2617 atomic_set(&dev_data->bind, 0);
2618 }
2619
2620 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
2621 }
2622
2623 static void protection_domain_free(struct protection_domain *domain)
2624 {
2625 if (!domain)
2626 return;
2627
2628 del_domain_from_list(domain);
2629
2630 if (domain->id)
2631 domain_id_free(domain->id);
2632
2633 kfree(domain);
2634 }
2635
2636 static struct protection_domain *protection_domain_alloc(void)
2637 {
2638 struct protection_domain *domain;
2639
2640 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2641 if (!domain)
2642 return NULL;
2643
2644 spin_lock_init(&domain->lock);
2645 mutex_init(&domain->api_lock);
2646 domain->id = domain_id_alloc();
2647 if (!domain->id)
2648 goto out_err;
2649 INIT_LIST_HEAD(&domain->dev_list);
2650
2651 add_domain_to_list(domain);
2652
2653 return domain;
2654
2655 out_err:
2656 kfree(domain);
2657
2658 return NULL;
2659 }
2660
2661 static int __init alloc_passthrough_domain(void)
2662 {
2663 if (pt_domain != NULL)
2664 return 0;
2665
2666 /* allocate passthrough domain */
2667 pt_domain = protection_domain_alloc();
2668 if (!pt_domain)
2669 return -ENOMEM;
2670
2671 pt_domain->mode = PAGE_MODE_NONE;
2672
2673 return 0;
2674 }
2675 static int amd_iommu_domain_init(struct iommu_domain *dom)
2676 {
2677 struct protection_domain *domain;
2678
2679 domain = protection_domain_alloc();
2680 if (!domain)
2681 goto out_free;
2682
2683 domain->mode = PAGE_MODE_3_LEVEL;
2684 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2685 if (!domain->pt_root)
2686 goto out_free;
2687
2688 dom->priv = domain;
2689
2690 return 0;
2691
2692 out_free:
2693 protection_domain_free(domain);
2694
2695 return -ENOMEM;
2696 }
2697
2698 static void amd_iommu_domain_destroy(struct iommu_domain *dom)
2699 {
2700 struct protection_domain *domain = dom->priv;
2701
2702 if (!domain)
2703 return;
2704
2705 if (domain->dev_cnt > 0)
2706 cleanup_domain(domain);
2707
2708 BUG_ON(domain->dev_cnt != 0);
2709
2710 free_pagetable(domain);
2711
2712 protection_domain_free(domain);
2713
2714 dom->priv = NULL;
2715 }
2716
2717 static void amd_iommu_detach_device(struct iommu_domain *dom,
2718 struct device *dev)
2719 {
2720 struct iommu_dev_data *dev_data = dev->archdata.iommu;
2721 struct amd_iommu *iommu;
2722 u16 devid;
2723
2724 if (!check_device(dev))
2725 return;
2726
2727 devid = get_device_id(dev);
2728
2729 if (dev_data->domain != NULL)
2730 detach_device(dev);
2731
2732 iommu = amd_iommu_rlookup_table[devid];
2733 if (!iommu)
2734 return;
2735
2736 iommu_completion_wait(iommu);
2737 }
2738
2739 static int amd_iommu_attach_device(struct iommu_domain *dom,
2740 struct device *dev)
2741 {
2742 struct protection_domain *domain = dom->priv;
2743 struct iommu_dev_data *dev_data;
2744 struct amd_iommu *iommu;
2745 int ret;
2746
2747 if (!check_device(dev))
2748 return -EINVAL;
2749
2750 dev_data = dev->archdata.iommu;
2751
2752 iommu = amd_iommu_rlookup_table[dev_data->devid];
2753 if (!iommu)
2754 return -EINVAL;
2755
2756 if (dev_data->domain)
2757 detach_device(dev);
2758
2759 ret = attach_device(dev, domain);
2760
2761 iommu_completion_wait(iommu);
2762
2763 return ret;
2764 }
2765
2766 static int amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
2767 phys_addr_t paddr, int gfp_order, int iommu_prot)
2768 {
2769 unsigned long page_size = 0x1000UL << gfp_order;
2770 struct protection_domain *domain = dom->priv;
2771 int prot = 0;
2772 int ret;
2773
2774 if (iommu_prot & IOMMU_READ)
2775 prot |= IOMMU_PROT_IR;
2776 if (iommu_prot & IOMMU_WRITE)
2777 prot |= IOMMU_PROT_IW;
2778
2779 mutex_lock(&domain->api_lock);
2780 ret = iommu_map_page(domain, iova, paddr, prot, page_size);
2781 mutex_unlock(&domain->api_lock);
2782
2783 return ret;
2784 }
2785
2786 static int amd_iommu_unmap(struct iommu_domain *dom, unsigned long iova,
2787 int gfp_order)
2788 {
2789 struct protection_domain *domain = dom->priv;
2790 unsigned long page_size, unmap_size;
2791
2792 page_size = 0x1000UL << gfp_order;
2793
2794 mutex_lock(&domain->api_lock);
2795 unmap_size = iommu_unmap_page(domain, iova, page_size);
2796 mutex_unlock(&domain->api_lock);
2797
2798 domain_flush_tlb_pde(domain);
2799
2800 return get_order(unmap_size);
2801 }
2802
2803 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2804 unsigned long iova)
2805 {
2806 struct protection_domain *domain = dom->priv;
2807 unsigned long offset_mask;
2808 phys_addr_t paddr;
2809 u64 *pte, __pte;
2810
2811 pte = fetch_pte(domain, iova);
2812
2813 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2814 return 0;
2815
2816 if (PM_PTE_LEVEL(*pte) == 0)
2817 offset_mask = PAGE_SIZE - 1;
2818 else
2819 offset_mask = PTE_PAGE_SIZE(*pte) - 1;
2820
2821 __pte = *pte & PM_ADDR_MASK;
2822 paddr = (__pte & ~offset_mask) | (iova & offset_mask);
2823
2824 return paddr;
2825 }
2826
2827 static int amd_iommu_domain_has_cap(struct iommu_domain *domain,
2828 unsigned long cap)
2829 {
2830 switch (cap) {
2831 case IOMMU_CAP_CACHE_COHERENCY:
2832 return 1;
2833 }
2834
2835 return 0;
2836 }
2837
2838 static struct iommu_ops amd_iommu_ops = {
2839 .domain_init = amd_iommu_domain_init,
2840 .domain_destroy = amd_iommu_domain_destroy,
2841 .attach_dev = amd_iommu_attach_device,
2842 .detach_dev = amd_iommu_detach_device,
2843 .map = amd_iommu_map,
2844 .unmap = amd_iommu_unmap,
2845 .iova_to_phys = amd_iommu_iova_to_phys,
2846 .domain_has_cap = amd_iommu_domain_has_cap,
2847 };
2848
2849 /*****************************************************************************
2850 *
2851 * The next functions do a basic initialization of IOMMU for pass through
2852 * mode
2853 *
2854 * In passthrough mode the IOMMU is initialized and enabled but not used for
2855 * DMA-API translation.
2856 *
2857 *****************************************************************************/
2858
2859 int __init amd_iommu_init_passthrough(void)
2860 {
2861 struct iommu_dev_data *dev_data;
2862 struct pci_dev *dev = NULL;
2863 struct amd_iommu *iommu;
2864 u16 devid;
2865 int ret;
2866
2867 ret = alloc_passthrough_domain();
2868 if (ret)
2869 return ret;
2870
2871 for_each_pci_dev(dev) {
2872 if (!check_device(&dev->dev))
2873 continue;
2874
2875 dev_data = get_dev_data(&dev->dev);
2876 dev_data->passthrough = true;
2877
2878 devid = get_device_id(&dev->dev);
2879
2880 iommu = amd_iommu_rlookup_table[devid];
2881 if (!iommu)
2882 continue;
2883
2884 attach_device(&dev->dev, pt_domain);
2885 }
2886
2887 pr_info("AMD-Vi: Initialized for Passthrough Mode\n");
2888
2889 return 0;
2890 }
Ubuntu Hirsute Linux kernel mirror