2 * Copyright (C) 2007-2009 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
4 * Leo Duran <leo.duran@amd.com>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published
8 * by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/pci.h>
21 #include <linux/gfp.h>
22 #include <linux/bitmap.h>
23 #include <linux/debugfs.h>
24 #include <linux/scatterlist.h>
25 #include <linux/dma-mapping.h>
26 #include <linux/iommu-helper.h>
27 #include <linux/iommu.h>
28 #include <asm/proto.h>
29 #include <asm/iommu.h>
32 #include <asm/amd_iommu_proto.h>
33 #include <asm/amd_iommu_types.h>
34 #include <asm/amd_iommu.h>
36 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
38 #define EXIT_LOOP_COUNT 10000000
40 static DEFINE_RWLOCK(amd_iommu_devtable_lock);
42 /* A list of preallocated protection domains */
43 static LIST_HEAD(iommu_pd_list);
44 static DEFINE_SPINLOCK(iommu_pd_list_lock);
47 * Domain for untranslated devices - only allocated
48 * if iommu=pt passed on kernel cmd line.
50 static struct protection_domain *pt_domain;
52 static struct iommu_ops amd_iommu_ops;
55 * general struct to manage commands send to an IOMMU
61 static void reset_iommu_command_buffer(struct amd_iommu *iommu);
62 static void update_domain(struct protection_domain *domain);
64 /****************************************************************************
68 ****************************************************************************/
70 static inline u16 get_device_id(struct device *dev)
72 struct pci_dev *pdev = to_pci_dev(dev);
74 return calc_devid(pdev->bus->number, pdev->devfn);
77 static struct iommu_dev_data *get_dev_data(struct device *dev)
79 return dev->archdata.iommu;
83 * In this function the list of preallocated protection domains is traversed to
84 * find the domain for a specific device
86 static struct dma_ops_domain *find_protection_domain(u16 devid)
88 struct dma_ops_domain *entry, *ret = NULL;
90 u16 alias = amd_iommu_alias_table[devid];
92 if (list_empty(&iommu_pd_list))
95 spin_lock_irqsave(&iommu_pd_list_lock, flags);
97 list_for_each_entry(entry, &iommu_pd_list, list) {
98 if (entry->target_dev == devid ||
99 entry->target_dev == alias) {
105 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
111 * This function checks if the driver got a valid device from the caller to
112 * avoid dereferencing invalid pointers.
114 static bool check_device(struct device *dev)
118 if (!dev || !dev->dma_mask)
121 /* No device or no PCI device */
122 if (!dev || dev->bus != &pci_bus_type)
125 devid = get_device_id(dev);
127 /* Out of our scope? */
128 if (devid > amd_iommu_last_bdf)
131 if (amd_iommu_rlookup_table[devid] == NULL)
137 static int iommu_init_device(struct device *dev)
139 struct iommu_dev_data *dev_data;
140 struct pci_dev *pdev;
143 if (dev->archdata.iommu)
146 dev_data = kzalloc(sizeof(*dev_data), GFP_KERNEL);
152 devid = get_device_id(dev);
153 alias = amd_iommu_alias_table[devid];
154 pdev = pci_get_bus_and_slot(PCI_BUS(alias), alias & 0xff);
156 dev_data->alias = &pdev->dev;
162 atomic_set(&dev_data->bind, 0);
164 dev->archdata.iommu = dev_data;
170 static void iommu_ignore_device(struct device *dev)
174 devid = get_device_id(dev);
175 alias = amd_iommu_alias_table[devid];
177 memset(&amd_iommu_dev_table[devid], 0, sizeof(struct dev_table_entry));
178 memset(&amd_iommu_dev_table[alias], 0, sizeof(struct dev_table_entry));
180 amd_iommu_rlookup_table[devid] = NULL;
181 amd_iommu_rlookup_table[alias] = NULL;
184 static void iommu_uninit_device(struct device *dev)
186 kfree(dev->archdata.iommu);
189 void __init amd_iommu_uninit_devices(void)
191 struct pci_dev *pdev = NULL;
193 for_each_pci_dev(pdev) {
195 if (!check_device(&pdev->dev))
198 iommu_uninit_device(&pdev->dev);
202 int __init amd_iommu_init_devices(void)
204 struct pci_dev *pdev = NULL;
207 for_each_pci_dev(pdev) {
209 if (!check_device(&pdev->dev))
212 ret = iommu_init_device(&pdev->dev);
213 if (ret == -ENOTSUPP)
214 iommu_ignore_device(&pdev->dev);
223 amd_iommu_uninit_devices();
227 #ifdef CONFIG_AMD_IOMMU_STATS
230 * Initialization code for statistics collection
233 DECLARE_STATS_COUNTER(compl_wait);
234 DECLARE_STATS_COUNTER(cnt_map_single);
235 DECLARE_STATS_COUNTER(cnt_unmap_single);
236 DECLARE_STATS_COUNTER(cnt_map_sg);
237 DECLARE_STATS_COUNTER(cnt_unmap_sg);
238 DECLARE_STATS_COUNTER(cnt_alloc_coherent);
239 DECLARE_STATS_COUNTER(cnt_free_coherent);
240 DECLARE_STATS_COUNTER(cross_page);
241 DECLARE_STATS_COUNTER(domain_flush_single);
242 DECLARE_STATS_COUNTER(domain_flush_all);
243 DECLARE_STATS_COUNTER(alloced_io_mem);
244 DECLARE_STATS_COUNTER(total_map_requests);
246 static struct dentry *stats_dir;
247 static struct dentry *de_fflush;
249 static void amd_iommu_stats_add(struct __iommu_counter *cnt)
251 if (stats_dir == NULL)
254 cnt->dent = debugfs_create_u64(cnt->name, 0444, stats_dir,
258 static void amd_iommu_stats_init(void)
260 stats_dir = debugfs_create_dir("amd-iommu", NULL);
261 if (stats_dir == NULL)
264 de_fflush = debugfs_create_bool("fullflush", 0444, stats_dir,
265 (u32 *)&amd_iommu_unmap_flush);
267 amd_iommu_stats_add(&compl_wait);
268 amd_iommu_stats_add(&cnt_map_single);
269 amd_iommu_stats_add(&cnt_unmap_single);
270 amd_iommu_stats_add(&cnt_map_sg);
271 amd_iommu_stats_add(&cnt_unmap_sg);
272 amd_iommu_stats_add(&cnt_alloc_coherent);
273 amd_iommu_stats_add(&cnt_free_coherent);
274 amd_iommu_stats_add(&cross_page);
275 amd_iommu_stats_add(&domain_flush_single);
276 amd_iommu_stats_add(&domain_flush_all);
277 amd_iommu_stats_add(&alloced_io_mem);
278 amd_iommu_stats_add(&total_map_requests);
283 /****************************************************************************
285 * Interrupt handling functions
287 ****************************************************************************/
289 static void dump_dte_entry(u16 devid)
293 for (i = 0; i < 8; ++i)
294 pr_err("AMD-Vi: DTE[%d]: %08x\n", i,
295 amd_iommu_dev_table[devid].data[i]);
298 static void dump_command(unsigned long phys_addr)
300 struct iommu_cmd *cmd = phys_to_virt(phys_addr);
303 for (i = 0; i < 4; ++i)
304 pr_err("AMD-Vi: CMD[%d]: %08x\n", i, cmd->data[i]);
307 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
310 int type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
311 int devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
312 int domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
313 int flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
314 u64 address = (u64)(((u64)event[3]) << 32) | event[2];
316 printk(KERN_ERR "AMD-Vi: Event logged [");
319 case EVENT_TYPE_ILL_DEV:
320 printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
321 "address=0x%016llx flags=0x%04x]\n",
322 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
324 dump_dte_entry(devid);
326 case EVENT_TYPE_IO_FAULT:
327 printk("IO_PAGE_FAULT device=%02x:%02x.%x "
328 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
329 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
330 domid, address, flags);
332 case EVENT_TYPE_DEV_TAB_ERR:
333 printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
334 "address=0x%016llx flags=0x%04x]\n",
335 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
338 case EVENT_TYPE_PAGE_TAB_ERR:
339 printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
340 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
341 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
342 domid, address, flags);
344 case EVENT_TYPE_ILL_CMD:
345 printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
346 iommu->reset_in_progress = true;
347 reset_iommu_command_buffer(iommu);
348 dump_command(address);
350 case EVENT_TYPE_CMD_HARD_ERR:
351 printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
352 "flags=0x%04x]\n", address, flags);
354 case EVENT_TYPE_IOTLB_INV_TO:
355 printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
356 "address=0x%016llx]\n",
357 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
360 case EVENT_TYPE_INV_DEV_REQ:
361 printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
362 "address=0x%016llx flags=0x%04x]\n",
363 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
367 printk(KERN_ERR "UNKNOWN type=0x%02x]\n", type);
371 static void iommu_poll_events(struct amd_iommu *iommu)
376 spin_lock_irqsave(&iommu->lock, flags);
378 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
379 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
381 while (head != tail) {
382 iommu_print_event(iommu, iommu->evt_buf + head);
383 head = (head + EVENT_ENTRY_SIZE) % iommu->evt_buf_size;
386 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
388 spin_unlock_irqrestore(&iommu->lock, flags);
391 irqreturn_t amd_iommu_int_handler(int irq, void *data)
393 struct amd_iommu *iommu;
395 for_each_iommu(iommu)
396 iommu_poll_events(iommu);
401 /****************************************************************************
403 * IOMMU command queuing functions
405 ****************************************************************************/
408 * Writes the command to the IOMMUs command buffer and informs the
409 * hardware about the new command. Must be called with iommu->lock held.
411 static int __iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
416 tail = readl(iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
417 target = iommu->cmd_buf + tail;
418 memcpy_toio(target, cmd, sizeof(*cmd));
419 tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
420 head = readl(iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
423 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
429 * General queuing function for commands. Takes iommu->lock and calls
430 * __iommu_queue_command().
432 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
437 spin_lock_irqsave(&iommu->lock, flags);
438 ret = __iommu_queue_command(iommu, cmd);
440 iommu->need_sync = true;
441 spin_unlock_irqrestore(&iommu->lock, flags);
447 * This function waits until an IOMMU has completed a completion
450 static void __iommu_wait_for_completion(struct amd_iommu *iommu)
456 INC_STATS_COUNTER(compl_wait);
458 while (!ready && (i < EXIT_LOOP_COUNT)) {
460 /* wait for the bit to become one */
461 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
462 ready = status & MMIO_STATUS_COM_WAIT_INT_MASK;
465 /* set bit back to zero */
466 status &= ~MMIO_STATUS_COM_WAIT_INT_MASK;
467 writel(status, iommu->mmio_base + MMIO_STATUS_OFFSET);
469 if (unlikely(i == EXIT_LOOP_COUNT))
470 iommu->reset_in_progress = true;
474 * This function queues a completion wait command into the command
477 static int __iommu_completion_wait(struct amd_iommu *iommu)
479 struct iommu_cmd cmd;
481 memset(&cmd, 0, sizeof(cmd));
482 cmd.data[0] = CMD_COMPL_WAIT_INT_MASK;
483 CMD_SET_TYPE(&cmd, CMD_COMPL_WAIT);
485 return __iommu_queue_command(iommu, &cmd);
489 * This function is called whenever we need to ensure that the IOMMU has
490 * completed execution of all commands we sent. It sends a
491 * COMPLETION_WAIT command and waits for it to finish. The IOMMU informs
492 * us about that by writing a value to a physical address we pass with
495 static int iommu_completion_wait(struct amd_iommu *iommu)
500 spin_lock_irqsave(&iommu->lock, flags);
502 if (!iommu->need_sync)
505 ret = __iommu_completion_wait(iommu);
507 iommu->need_sync = false;
512 __iommu_wait_for_completion(iommu);
515 spin_unlock_irqrestore(&iommu->lock, flags);
517 if (iommu->reset_in_progress)
518 reset_iommu_command_buffer(iommu);
523 static void iommu_flush_complete(struct protection_domain *domain)
527 for (i = 0; i < amd_iommus_present; ++i) {
528 if (!domain->dev_iommu[i])
532 * Devices of this domain are behind this IOMMU
533 * We need to wait for completion of all commands.
535 iommu_completion_wait(amd_iommus[i]);
540 * Command send function for invalidating a device table entry
542 static int iommu_flush_device(struct device *dev)
544 struct amd_iommu *iommu;
545 struct iommu_cmd cmd;
548 devid = get_device_id(dev);
549 iommu = amd_iommu_rlookup_table[devid];
552 memset(&cmd, 0, sizeof(cmd));
553 CMD_SET_TYPE(&cmd, CMD_INV_DEV_ENTRY);
556 return iommu_queue_command(iommu, &cmd);
559 static void __iommu_build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
560 u16 domid, int pde, int s)
562 memset(cmd, 0, sizeof(*cmd));
563 address &= PAGE_MASK;
564 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
565 cmd->data[1] |= domid;
566 cmd->data[2] = lower_32_bits(address);
567 cmd->data[3] = upper_32_bits(address);
568 if (s) /* size bit - we flush more than one 4kb page */
569 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
570 if (pde) /* PDE bit - we wan't flush everything not only the PTEs */
571 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
575 * Generic command send function for invalidaing TLB entries
577 static int iommu_queue_inv_iommu_pages(struct amd_iommu *iommu,
578 u64 address, u16 domid, int pde, int s)
580 struct iommu_cmd cmd;
583 __iommu_build_inv_iommu_pages(&cmd, address, domid, pde, s);
585 ret = iommu_queue_command(iommu, &cmd);
591 * TLB invalidation function which is called from the mapping functions.
592 * It invalidates a single PTE if the range to flush is within a single
593 * page. Otherwise it flushes the whole TLB of the IOMMU.
595 static void __iommu_flush_pages(struct protection_domain *domain,
596 u64 address, size_t size, int pde)
599 unsigned long pages = iommu_num_pages(address, size, PAGE_SIZE);
601 address &= PAGE_MASK;
605 * If we have to flush more than one page, flush all
606 * TLB entries for this domain
608 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
613 for (i = 0; i < amd_iommus_present; ++i) {
614 if (!domain->dev_iommu[i])
618 * Devices of this domain are behind this IOMMU
619 * We need a TLB flush
621 iommu_queue_inv_iommu_pages(amd_iommus[i], address,
628 static void iommu_flush_pages(struct protection_domain *domain,
629 u64 address, size_t size)
631 __iommu_flush_pages(domain, address, size, 0);
634 /* Flush the whole IO/TLB for a given protection domain */
635 static void iommu_flush_tlb(struct protection_domain *domain)
637 __iommu_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 0);
640 /* Flush the whole IO/TLB for a given protection domain - including PDE */
641 static void iommu_flush_tlb_pde(struct protection_domain *domain)
643 __iommu_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 1);
648 * This function flushes the DTEs for all devices in domain
650 static void iommu_flush_domain_devices(struct protection_domain *domain)
652 struct iommu_dev_data *dev_data;
655 spin_lock_irqsave(&domain->lock, flags);
657 list_for_each_entry(dev_data, &domain->dev_list, list)
658 iommu_flush_device(dev_data->dev);
660 spin_unlock_irqrestore(&domain->lock, flags);
663 static void iommu_flush_all_domain_devices(void)
665 struct protection_domain *domain;
668 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
670 list_for_each_entry(domain, &amd_iommu_pd_list, list) {
671 iommu_flush_domain_devices(domain);
672 iommu_flush_complete(domain);
675 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
678 void amd_iommu_flush_all_devices(void)
680 iommu_flush_all_domain_devices();
684 * This function uses heavy locking and may disable irqs for some time. But
685 * this is no issue because it is only called during resume.
687 void amd_iommu_flush_all_domains(void)
689 struct protection_domain *domain;
692 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
694 list_for_each_entry(domain, &amd_iommu_pd_list, list) {
695 spin_lock(&domain->lock);
696 iommu_flush_tlb_pde(domain);
697 iommu_flush_complete(domain);
698 spin_unlock(&domain->lock);
701 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
704 static void reset_iommu_command_buffer(struct amd_iommu *iommu)
706 pr_err("AMD-Vi: Resetting IOMMU command buffer\n");
708 if (iommu->reset_in_progress)
709 panic("AMD-Vi: ILLEGAL_COMMAND_ERROR while resetting command buffer\n");
711 amd_iommu_reset_cmd_buffer(iommu);
712 amd_iommu_flush_all_devices();
713 amd_iommu_flush_all_domains();
715 iommu->reset_in_progress = false;
718 /****************************************************************************
720 * The functions below are used the create the page table mappings for
721 * unity mapped regions.
723 ****************************************************************************/
726 * This function is used to add another level to an IO page table. Adding
727 * another level increases the size of the address space by 9 bits to a size up
730 static bool increase_address_space(struct protection_domain *domain,
735 if (domain->mode == PAGE_MODE_6_LEVEL)
736 /* address space already 64 bit large */
739 pte = (void *)get_zeroed_page(gfp);
743 *pte = PM_LEVEL_PDE(domain->mode,
744 virt_to_phys(domain->pt_root));
745 domain->pt_root = pte;
747 domain->updated = true;
752 static u64 *alloc_pte(struct protection_domain *domain,
753 unsigned long address,
761 while (address > PM_LEVEL_SIZE(domain->mode))
762 increase_address_space(domain, gfp);
764 level = domain->mode - 1;
765 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
767 while (level > end_lvl) {
768 if (!IOMMU_PTE_PRESENT(*pte)) {
769 page = (u64 *)get_zeroed_page(gfp);
772 *pte = PM_LEVEL_PDE(level, virt_to_phys(page));
777 pte = IOMMU_PTE_PAGE(*pte);
779 if (pte_page && level == end_lvl)
782 pte = &pte[PM_LEVEL_INDEX(level, address)];
789 * This function checks if there is a PTE for a given dma address. If
790 * there is one, it returns the pointer to it.
792 static u64 *fetch_pte(struct protection_domain *domain,
793 unsigned long address, int map_size)
798 level = domain->mode - 1;
799 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
801 while (level > map_size) {
802 if (!IOMMU_PTE_PRESENT(*pte))
807 pte = IOMMU_PTE_PAGE(*pte);
808 pte = &pte[PM_LEVEL_INDEX(level, address)];
810 if ((PM_PTE_LEVEL(*pte) == 0) && level != map_size) {
820 * Generic mapping functions. It maps a physical address into a DMA
821 * address space. It allocates the page table pages if necessary.
822 * In the future it can be extended to a generic mapping function
823 * supporting all features of AMD IOMMU page tables like level skipping
824 * and full 64 bit address spaces.
826 static int iommu_map_page(struct protection_domain *dom,
827 unsigned long bus_addr,
828 unsigned long phys_addr,
834 bus_addr = PAGE_ALIGN(bus_addr);
835 phys_addr = PAGE_ALIGN(phys_addr);
837 BUG_ON(!PM_ALIGNED(map_size, bus_addr));
838 BUG_ON(!PM_ALIGNED(map_size, phys_addr));
840 if (!(prot & IOMMU_PROT_MASK))
843 pte = alloc_pte(dom, bus_addr, map_size, NULL, GFP_KERNEL);
845 if (IOMMU_PTE_PRESENT(*pte))
848 __pte = phys_addr | IOMMU_PTE_P;
849 if (prot & IOMMU_PROT_IR)
850 __pte |= IOMMU_PTE_IR;
851 if (prot & IOMMU_PROT_IW)
852 __pte |= IOMMU_PTE_IW;
861 static void iommu_unmap_page(struct protection_domain *dom,
862 unsigned long bus_addr, int map_size)
864 u64 *pte = fetch_pte(dom, bus_addr, map_size);
871 * This function checks if a specific unity mapping entry is needed for
872 * this specific IOMMU.
874 static int iommu_for_unity_map(struct amd_iommu *iommu,
875 struct unity_map_entry *entry)
879 for (i = entry->devid_start; i <= entry->devid_end; ++i) {
880 bdf = amd_iommu_alias_table[i];
881 if (amd_iommu_rlookup_table[bdf] == iommu)
889 * This function actually applies the mapping to the page table of the
892 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
893 struct unity_map_entry *e)
898 for (addr = e->address_start; addr < e->address_end;
900 ret = iommu_map_page(&dma_dom->domain, addr, addr, e->prot,
905 * if unity mapping is in aperture range mark the page
906 * as allocated in the aperture
908 if (addr < dma_dom->aperture_size)
909 __set_bit(addr >> PAGE_SHIFT,
910 dma_dom->aperture[0]->bitmap);
917 * Init the unity mappings for a specific IOMMU in the system
919 * Basically iterates over all unity mapping entries and applies them to
920 * the default domain DMA of that IOMMU if necessary.
922 static int iommu_init_unity_mappings(struct amd_iommu *iommu)
924 struct unity_map_entry *entry;
927 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
928 if (!iommu_for_unity_map(iommu, entry))
930 ret = dma_ops_unity_map(iommu->default_dom, entry);
939 * Inits the unity mappings required for a specific device
941 static int init_unity_mappings_for_device(struct dma_ops_domain *dma_dom,
944 struct unity_map_entry *e;
947 list_for_each_entry(e, &amd_iommu_unity_map, list) {
948 if (!(devid >= e->devid_start && devid <= e->devid_end))
950 ret = dma_ops_unity_map(dma_dom, e);
958 /****************************************************************************
960 * The next functions belong to the address allocator for the dma_ops
961 * interface functions. They work like the allocators in the other IOMMU
962 * drivers. Its basically a bitmap which marks the allocated pages in
963 * the aperture. Maybe it could be enhanced in the future to a more
964 * efficient allocator.
966 ****************************************************************************/
969 * The address allocator core functions.
971 * called with domain->lock held
975 * Used to reserve address ranges in the aperture (e.g. for exclusion
978 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
979 unsigned long start_page,
982 unsigned int i, last_page = dom->aperture_size >> PAGE_SHIFT;
984 if (start_page + pages > last_page)
985 pages = last_page - start_page;
987 for (i = start_page; i < start_page + pages; ++i) {
988 int index = i / APERTURE_RANGE_PAGES;
989 int page = i % APERTURE_RANGE_PAGES;
990 __set_bit(page, dom->aperture[index]->bitmap);
995 * This function is used to add a new aperture range to an existing
996 * aperture in case of dma_ops domain allocation or address allocation
999 static int alloc_new_range(struct dma_ops_domain *dma_dom,
1000 bool populate, gfp_t gfp)
1002 int index = dma_dom->aperture_size >> APERTURE_RANGE_SHIFT;
1003 struct amd_iommu *iommu;
1006 #ifdef CONFIG_IOMMU_STRESS
1010 if (index >= APERTURE_MAX_RANGES)
1013 dma_dom->aperture[index] = kzalloc(sizeof(struct aperture_range), gfp);
1014 if (!dma_dom->aperture[index])
1017 dma_dom->aperture[index]->bitmap = (void *)get_zeroed_page(gfp);
1018 if (!dma_dom->aperture[index]->bitmap)
1021 dma_dom->aperture[index]->offset = dma_dom->aperture_size;
1024 unsigned long address = dma_dom->aperture_size;
1025 int i, num_ptes = APERTURE_RANGE_PAGES / 512;
1026 u64 *pte, *pte_page;
1028 for (i = 0; i < num_ptes; ++i) {
1029 pte = alloc_pte(&dma_dom->domain, address, PM_MAP_4k,
1034 dma_dom->aperture[index]->pte_pages[i] = pte_page;
1036 address += APERTURE_RANGE_SIZE / 64;
1040 dma_dom->aperture_size += APERTURE_RANGE_SIZE;
1042 /* Intialize the exclusion range if necessary */
1043 for_each_iommu(iommu) {
1044 if (iommu->exclusion_start &&
1045 iommu->exclusion_start >= dma_dom->aperture[index]->offset
1046 && iommu->exclusion_start < dma_dom->aperture_size) {
1047 unsigned long startpage;
1048 int pages = iommu_num_pages(iommu->exclusion_start,
1049 iommu->exclusion_length,
1051 startpage = iommu->exclusion_start >> PAGE_SHIFT;
1052 dma_ops_reserve_addresses(dma_dom, startpage, pages);
1057 * Check for areas already mapped as present in the new aperture
1058 * range and mark those pages as reserved in the allocator. Such
1059 * mappings may already exist as a result of requested unity
1060 * mappings for devices.
1062 for (i = dma_dom->aperture[index]->offset;
1063 i < dma_dom->aperture_size;
1065 u64 *pte = fetch_pte(&dma_dom->domain, i, PM_MAP_4k);
1066 if (!pte || !IOMMU_PTE_PRESENT(*pte))
1069 dma_ops_reserve_addresses(dma_dom, i << PAGE_SHIFT, 1);
1072 update_domain(&dma_dom->domain);
1077 update_domain(&dma_dom->domain);
1079 free_page((unsigned long)dma_dom->aperture[index]->bitmap);
1081 kfree(dma_dom->aperture[index]);
1082 dma_dom->aperture[index] = NULL;
1087 static unsigned long dma_ops_area_alloc(struct device *dev,
1088 struct dma_ops_domain *dom,
1090 unsigned long align_mask,
1092 unsigned long start)
1094 unsigned long next_bit = dom->next_address % APERTURE_RANGE_SIZE;
1095 int max_index = dom->aperture_size >> APERTURE_RANGE_SHIFT;
1096 int i = start >> APERTURE_RANGE_SHIFT;
1097 unsigned long boundary_size;
1098 unsigned long address = -1;
1099 unsigned long limit;
1101 next_bit >>= PAGE_SHIFT;
1103 boundary_size = ALIGN(dma_get_seg_boundary(dev) + 1,
1104 PAGE_SIZE) >> PAGE_SHIFT;
1106 for (;i < max_index; ++i) {
1107 unsigned long offset = dom->aperture[i]->offset >> PAGE_SHIFT;
1109 if (dom->aperture[i]->offset >= dma_mask)
1112 limit = iommu_device_max_index(APERTURE_RANGE_PAGES, offset,
1113 dma_mask >> PAGE_SHIFT);
1115 address = iommu_area_alloc(dom->aperture[i]->bitmap,
1116 limit, next_bit, pages, 0,
1117 boundary_size, align_mask);
1118 if (address != -1) {
1119 address = dom->aperture[i]->offset +
1120 (address << PAGE_SHIFT);
1121 dom->next_address = address + (pages << PAGE_SHIFT);
1131 static unsigned long dma_ops_alloc_addresses(struct device *dev,
1132 struct dma_ops_domain *dom,
1134 unsigned long align_mask,
1137 unsigned long address;
1139 #ifdef CONFIG_IOMMU_STRESS
1140 dom->next_address = 0;
1141 dom->need_flush = true;
1144 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1145 dma_mask, dom->next_address);
1147 if (address == -1) {
1148 dom->next_address = 0;
1149 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1151 dom->need_flush = true;
1154 if (unlikely(address == -1))
1155 address = DMA_ERROR_CODE;
1157 WARN_ON((address + (PAGE_SIZE*pages)) > dom->aperture_size);
1163 * The address free function.
1165 * called with domain->lock held
1167 static void dma_ops_free_addresses(struct dma_ops_domain *dom,
1168 unsigned long address,
1171 unsigned i = address >> APERTURE_RANGE_SHIFT;
1172 struct aperture_range *range = dom->aperture[i];
1174 BUG_ON(i >= APERTURE_MAX_RANGES || range == NULL);
1176 #ifdef CONFIG_IOMMU_STRESS
1181 if (address >= dom->next_address)
1182 dom->need_flush = true;
1184 address = (address % APERTURE_RANGE_SIZE) >> PAGE_SHIFT;
1186 bitmap_clear(range->bitmap, address, pages);
1190 /****************************************************************************
1192 * The next functions belong to the domain allocation. A domain is
1193 * allocated for every IOMMU as the default domain. If device isolation
1194 * is enabled, every device get its own domain. The most important thing
1195 * about domains is the page table mapping the DMA address space they
1198 ****************************************************************************/
1201 * This function adds a protection domain to the global protection domain list
1203 static void add_domain_to_list(struct protection_domain *domain)
1205 unsigned long flags;
1207 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1208 list_add(&domain->list, &amd_iommu_pd_list);
1209 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1213 * This function removes a protection domain to the global
1214 * protection domain list
1216 static void del_domain_from_list(struct protection_domain *domain)
1218 unsigned long flags;
1220 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1221 list_del(&domain->list);
1222 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1225 static u16 domain_id_alloc(void)
1227 unsigned long flags;
1230 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1231 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
1233 if (id > 0 && id < MAX_DOMAIN_ID)
1234 __set_bit(id, amd_iommu_pd_alloc_bitmap);
1237 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1242 static void domain_id_free(int id)
1244 unsigned long flags;
1246 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1247 if (id > 0 && id < MAX_DOMAIN_ID)
1248 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1249 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1252 static void free_pagetable(struct protection_domain *domain)
1257 p1 = domain->pt_root;
1262 for (i = 0; i < 512; ++i) {
1263 if (!IOMMU_PTE_PRESENT(p1[i]))
1266 p2 = IOMMU_PTE_PAGE(p1[i]);
1267 for (j = 0; j < 512; ++j) {
1268 if (!IOMMU_PTE_PRESENT(p2[j]))
1270 p3 = IOMMU_PTE_PAGE(p2[j]);
1271 free_page((unsigned long)p3);
1274 free_page((unsigned long)p2);
1277 free_page((unsigned long)p1);
1279 domain->pt_root = NULL;
1283 * Free a domain, only used if something went wrong in the
1284 * allocation path and we need to free an already allocated page table
1286 static void dma_ops_domain_free(struct dma_ops_domain *dom)
1293 del_domain_from_list(&dom->domain);
1295 free_pagetable(&dom->domain);
1297 for (i = 0; i < APERTURE_MAX_RANGES; ++i) {
1298 if (!dom->aperture[i])
1300 free_page((unsigned long)dom->aperture[i]->bitmap);
1301 kfree(dom->aperture[i]);
1308 * Allocates a new protection domain usable for the dma_ops functions.
1309 * It also intializes the page table and the address allocator data
1310 * structures required for the dma_ops interface
1312 static struct dma_ops_domain *dma_ops_domain_alloc(void)
1314 struct dma_ops_domain *dma_dom;
1316 dma_dom = kzalloc(sizeof(struct dma_ops_domain), GFP_KERNEL);
1320 spin_lock_init(&dma_dom->domain.lock);
1322 dma_dom->domain.id = domain_id_alloc();
1323 if (dma_dom->domain.id == 0)
1325 INIT_LIST_HEAD(&dma_dom->domain.dev_list);
1326 dma_dom->domain.mode = PAGE_MODE_2_LEVEL;
1327 dma_dom->domain.pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1328 dma_dom->domain.flags = PD_DMA_OPS_MASK;
1329 dma_dom->domain.priv = dma_dom;
1330 if (!dma_dom->domain.pt_root)
1333 dma_dom->need_flush = false;
1334 dma_dom->target_dev = 0xffff;
1336 add_domain_to_list(&dma_dom->domain);
1338 if (alloc_new_range(dma_dom, true, GFP_KERNEL))
1342 * mark the first page as allocated so we never return 0 as
1343 * a valid dma-address. So we can use 0 as error value
1345 dma_dom->aperture[0]->bitmap[0] = 1;
1346 dma_dom->next_address = 0;
1352 dma_ops_domain_free(dma_dom);
1358 * little helper function to check whether a given protection domain is a
1361 static bool dma_ops_domain(struct protection_domain *domain)
1363 return domain->flags & PD_DMA_OPS_MASK;
1366 static void set_dte_entry(u16 devid, struct protection_domain *domain)
1368 u64 pte_root = virt_to_phys(domain->pt_root);
1370 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1371 << DEV_ENTRY_MODE_SHIFT;
1372 pte_root |= IOMMU_PTE_IR | IOMMU_PTE_IW | IOMMU_PTE_P | IOMMU_PTE_TV;
1374 amd_iommu_dev_table[devid].data[2] = domain->id;
1375 amd_iommu_dev_table[devid].data[1] = upper_32_bits(pte_root);
1376 amd_iommu_dev_table[devid].data[0] = lower_32_bits(pte_root);
1379 static void clear_dte_entry(u16 devid)
1381 /* remove entry from the device table seen by the hardware */
1382 amd_iommu_dev_table[devid].data[0] = IOMMU_PTE_P | IOMMU_PTE_TV;
1383 amd_iommu_dev_table[devid].data[1] = 0;
1384 amd_iommu_dev_table[devid].data[2] = 0;
1386 amd_iommu_apply_erratum_63(devid);
1389 static void do_attach(struct device *dev, struct protection_domain *domain)
1391 struct iommu_dev_data *dev_data;
1392 struct amd_iommu *iommu;
1395 devid = get_device_id(dev);
1396 iommu = amd_iommu_rlookup_table[devid];
1397 dev_data = get_dev_data(dev);
1399 /* Update data structures */
1400 dev_data->domain = domain;
1401 list_add(&dev_data->list, &domain->dev_list);
1402 set_dte_entry(devid, domain);
1404 /* Do reference counting */
1405 domain->dev_iommu[iommu->index] += 1;
1406 domain->dev_cnt += 1;
1408 /* Flush the DTE entry */
1409 iommu_flush_device(dev);
1412 static void do_detach(struct device *dev)
1414 struct iommu_dev_data *dev_data;
1415 struct amd_iommu *iommu;
1418 devid = get_device_id(dev);
1419 iommu = amd_iommu_rlookup_table[devid];
1420 dev_data = get_dev_data(dev);
1422 /* decrease reference counters */
1423 dev_data->domain->dev_iommu[iommu->index] -= 1;
1424 dev_data->domain->dev_cnt -= 1;
1426 /* Update data structures */
1427 dev_data->domain = NULL;
1428 list_del(&dev_data->list);
1429 clear_dte_entry(devid);
1431 /* Flush the DTE entry */
1432 iommu_flush_device(dev);
1436 * If a device is not yet associated with a domain, this function does
1437 * assigns it visible for the hardware
1439 static int __attach_device(struct device *dev,
1440 struct protection_domain *domain)
1442 struct iommu_dev_data *dev_data, *alias_data;
1445 dev_data = get_dev_data(dev);
1446 alias_data = get_dev_data(dev_data->alias);
1452 spin_lock(&domain->lock);
1454 /* Some sanity checks */
1456 if (alias_data->domain != NULL &&
1457 alias_data->domain != domain)
1460 if (dev_data->domain != NULL &&
1461 dev_data->domain != domain)
1464 /* Do real assignment */
1465 if (dev_data->alias != dev) {
1466 alias_data = get_dev_data(dev_data->alias);
1467 if (alias_data->domain == NULL)
1468 do_attach(dev_data->alias, domain);
1470 atomic_inc(&alias_data->bind);
1473 if (dev_data->domain == NULL)
1474 do_attach(dev, domain);
1476 atomic_inc(&dev_data->bind);
1483 spin_unlock(&domain->lock);
1489 * If a device is not yet associated with a domain, this function does
1490 * assigns it visible for the hardware
1492 static int attach_device(struct device *dev,
1493 struct protection_domain *domain)
1495 unsigned long flags;
1498 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1499 ret = __attach_device(dev, domain);
1500 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1503 * We might boot into a crash-kernel here. The crashed kernel
1504 * left the caches in the IOMMU dirty. So we have to flush
1505 * here to evict all dirty stuff.
1507 iommu_flush_tlb_pde(domain);
1513 * Removes a device from a protection domain (unlocked)
1515 static void __detach_device(struct device *dev)
1517 struct iommu_dev_data *dev_data = get_dev_data(dev);
1518 struct iommu_dev_data *alias_data;
1519 struct protection_domain *domain;
1520 unsigned long flags;
1522 BUG_ON(!dev_data->domain);
1524 domain = dev_data->domain;
1526 spin_lock_irqsave(&domain->lock, flags);
1528 if (dev_data->alias != dev) {
1529 alias_data = get_dev_data(dev_data->alias);
1530 if (atomic_dec_and_test(&alias_data->bind))
1531 do_detach(dev_data->alias);
1534 if (atomic_dec_and_test(&dev_data->bind))
1537 spin_unlock_irqrestore(&domain->lock, flags);
1540 * If we run in passthrough mode the device must be assigned to the
1541 * passthrough domain if it is detached from any other domain.
1542 * Make sure we can deassign from the pt_domain itself.
1544 if (iommu_pass_through &&
1545 (dev_data->domain == NULL && domain != pt_domain))
1546 __attach_device(dev, pt_domain);
1550 * Removes a device from a protection domain (with devtable_lock held)
1552 static void detach_device(struct device *dev)
1554 unsigned long flags;
1556 /* lock device table */
1557 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1558 __detach_device(dev);
1559 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1563 * Find out the protection domain structure for a given PCI device. This
1564 * will give us the pointer to the page table root for example.
1566 static struct protection_domain *domain_for_device(struct device *dev)
1568 struct protection_domain *dom;
1569 struct iommu_dev_data *dev_data, *alias_data;
1570 unsigned long flags;
1573 devid = get_device_id(dev);
1574 alias = amd_iommu_alias_table[devid];
1575 dev_data = get_dev_data(dev);
1576 alias_data = get_dev_data(dev_data->alias);
1580 read_lock_irqsave(&amd_iommu_devtable_lock, flags);
1581 dom = dev_data->domain;
1583 alias_data->domain != NULL) {
1584 __attach_device(dev, alias_data->domain);
1585 dom = alias_data->domain;
1588 read_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1593 static int device_change_notifier(struct notifier_block *nb,
1594 unsigned long action, void *data)
1596 struct device *dev = data;
1598 struct protection_domain *domain;
1599 struct dma_ops_domain *dma_domain;
1600 struct amd_iommu *iommu;
1601 unsigned long flags;
1603 if (!check_device(dev))
1606 devid = get_device_id(dev);
1607 iommu = amd_iommu_rlookup_table[devid];
1610 case BUS_NOTIFY_UNBOUND_DRIVER:
1612 domain = domain_for_device(dev);
1616 if (iommu_pass_through)
1620 case BUS_NOTIFY_ADD_DEVICE:
1622 iommu_init_device(dev);
1624 domain = domain_for_device(dev);
1626 /* allocate a protection domain if a device is added */
1627 dma_domain = find_protection_domain(devid);
1630 dma_domain = dma_ops_domain_alloc();
1633 dma_domain->target_dev = devid;
1635 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1636 list_add_tail(&dma_domain->list, &iommu_pd_list);
1637 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1640 case BUS_NOTIFY_DEL_DEVICE:
1642 iommu_uninit_device(dev);
1648 iommu_flush_device(dev);
1649 iommu_completion_wait(iommu);
1655 static struct notifier_block device_nb = {
1656 .notifier_call = device_change_notifier,
1659 void amd_iommu_init_notifier(void)
1661 bus_register_notifier(&pci_bus_type, &device_nb);
1664 /*****************************************************************************
1666 * The next functions belong to the dma_ops mapping/unmapping code.
1668 *****************************************************************************/
1671 * In the dma_ops path we only have the struct device. This function
1672 * finds the corresponding IOMMU, the protection domain and the
1673 * requestor id for a given device.
1674 * If the device is not yet associated with a domain this is also done
1677 static struct protection_domain *get_domain(struct device *dev)
1679 struct protection_domain *domain;
1680 struct dma_ops_domain *dma_dom;
1681 u16 devid = get_device_id(dev);
1683 if (!check_device(dev))
1684 return ERR_PTR(-EINVAL);
1686 domain = domain_for_device(dev);
1687 if (domain != NULL && !dma_ops_domain(domain))
1688 return ERR_PTR(-EBUSY);
1693 /* Device not bount yet - bind it */
1694 dma_dom = find_protection_domain(devid);
1696 dma_dom = amd_iommu_rlookup_table[devid]->default_dom;
1697 attach_device(dev, &dma_dom->domain);
1698 DUMP_printk("Using protection domain %d for device %s\n",
1699 dma_dom->domain.id, dev_name(dev));
1701 return &dma_dom->domain;
1704 static void update_device_table(struct protection_domain *domain)
1706 struct iommu_dev_data *dev_data;
1708 list_for_each_entry(dev_data, &domain->dev_list, list) {
1709 u16 devid = get_device_id(dev_data->dev);
1710 set_dte_entry(devid, domain);
1714 static void update_domain(struct protection_domain *domain)
1716 if (!domain->updated)
1719 update_device_table(domain);
1720 iommu_flush_domain_devices(domain);
1721 iommu_flush_tlb_pde(domain);
1723 domain->updated = false;
1727 * This function fetches the PTE for a given address in the aperture
1729 static u64* dma_ops_get_pte(struct dma_ops_domain *dom,
1730 unsigned long address)
1732 struct aperture_range *aperture;
1733 u64 *pte, *pte_page;
1735 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1739 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1741 pte = alloc_pte(&dom->domain, address, PM_MAP_4k, &pte_page,
1743 aperture->pte_pages[APERTURE_PAGE_INDEX(address)] = pte_page;
1745 pte += PM_LEVEL_INDEX(0, address);
1747 update_domain(&dom->domain);
1753 * This is the generic map function. It maps one 4kb page at paddr to
1754 * the given address in the DMA address space for the domain.
1756 static dma_addr_t dma_ops_domain_map(struct dma_ops_domain *dom,
1757 unsigned long address,
1763 WARN_ON(address > dom->aperture_size);
1767 pte = dma_ops_get_pte(dom, address);
1769 return DMA_ERROR_CODE;
1771 __pte = paddr | IOMMU_PTE_P | IOMMU_PTE_FC;
1773 if (direction == DMA_TO_DEVICE)
1774 __pte |= IOMMU_PTE_IR;
1775 else if (direction == DMA_FROM_DEVICE)
1776 __pte |= IOMMU_PTE_IW;
1777 else if (direction == DMA_BIDIRECTIONAL)
1778 __pte |= IOMMU_PTE_IR | IOMMU_PTE_IW;
1784 return (dma_addr_t)address;
1788 * The generic unmapping function for on page in the DMA address space.
1790 static void dma_ops_domain_unmap(struct dma_ops_domain *dom,
1791 unsigned long address)
1793 struct aperture_range *aperture;
1796 if (address >= dom->aperture_size)
1799 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1803 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1807 pte += PM_LEVEL_INDEX(0, address);
1815 * This function contains common code for mapping of a physically
1816 * contiguous memory region into DMA address space. It is used by all
1817 * mapping functions provided with this IOMMU driver.
1818 * Must be called with the domain lock held.
1820 static dma_addr_t __map_single(struct device *dev,
1821 struct dma_ops_domain *dma_dom,
1828 dma_addr_t offset = paddr & ~PAGE_MASK;
1829 dma_addr_t address, start, ret;
1831 unsigned long align_mask = 0;
1834 pages = iommu_num_pages(paddr, size, PAGE_SIZE);
1837 INC_STATS_COUNTER(total_map_requests);
1840 INC_STATS_COUNTER(cross_page);
1843 align_mask = (1UL << get_order(size)) - 1;
1846 address = dma_ops_alloc_addresses(dev, dma_dom, pages, align_mask,
1848 if (unlikely(address == DMA_ERROR_CODE)) {
1850 * setting next_address here will let the address
1851 * allocator only scan the new allocated range in the
1852 * first run. This is a small optimization.
1854 dma_dom->next_address = dma_dom->aperture_size;
1856 if (alloc_new_range(dma_dom, false, GFP_ATOMIC))
1860 * aperture was successfully enlarged by 128 MB, try
1867 for (i = 0; i < pages; ++i) {
1868 ret = dma_ops_domain_map(dma_dom, start, paddr, dir);
1869 if (ret == DMA_ERROR_CODE)
1877 ADD_STATS_COUNTER(alloced_io_mem, size);
1879 if (unlikely(dma_dom->need_flush && !amd_iommu_unmap_flush)) {
1880 iommu_flush_tlb(&dma_dom->domain);
1881 dma_dom->need_flush = false;
1882 } else if (unlikely(amd_iommu_np_cache))
1883 iommu_flush_pages(&dma_dom->domain, address, size);
1890 for (--i; i >= 0; --i) {
1892 dma_ops_domain_unmap(dma_dom, start);
1895 dma_ops_free_addresses(dma_dom, address, pages);
1897 return DMA_ERROR_CODE;
1901 * Does the reverse of the __map_single function. Must be called with
1902 * the domain lock held too
1904 static void __unmap_single(struct dma_ops_domain *dma_dom,
1905 dma_addr_t dma_addr,
1909 dma_addr_t flush_addr;
1910 dma_addr_t i, start;
1913 if ((dma_addr == DMA_ERROR_CODE) ||
1914 (dma_addr + size > dma_dom->aperture_size))
1917 flush_addr = dma_addr;
1918 pages = iommu_num_pages(dma_addr, size, PAGE_SIZE);
1919 dma_addr &= PAGE_MASK;
1922 for (i = 0; i < pages; ++i) {
1923 dma_ops_domain_unmap(dma_dom, start);
1927 SUB_STATS_COUNTER(alloced_io_mem, size);
1929 dma_ops_free_addresses(dma_dom, dma_addr, pages);
1931 if (amd_iommu_unmap_flush || dma_dom->need_flush) {
1932 iommu_flush_pages(&dma_dom->domain, flush_addr, size);
1933 dma_dom->need_flush = false;
1938 * The exported map_single function for dma_ops.
1940 static dma_addr_t map_page(struct device *dev, struct page *page,
1941 unsigned long offset, size_t size,
1942 enum dma_data_direction dir,
1943 struct dma_attrs *attrs)
1945 unsigned long flags;
1946 struct protection_domain *domain;
1949 phys_addr_t paddr = page_to_phys(page) + offset;
1951 INC_STATS_COUNTER(cnt_map_single);
1953 domain = get_domain(dev);
1954 if (PTR_ERR(domain) == -EINVAL)
1955 return (dma_addr_t)paddr;
1956 else if (IS_ERR(domain))
1957 return DMA_ERROR_CODE;
1959 dma_mask = *dev->dma_mask;
1961 spin_lock_irqsave(&domain->lock, flags);
1963 addr = __map_single(dev, domain->priv, paddr, size, dir, false,
1965 if (addr == DMA_ERROR_CODE)
1968 iommu_flush_complete(domain);
1971 spin_unlock_irqrestore(&domain->lock, flags);
1977 * The exported unmap_single function for dma_ops.
1979 static void unmap_page(struct device *dev, dma_addr_t dma_addr, size_t size,
1980 enum dma_data_direction dir, struct dma_attrs *attrs)
1982 unsigned long flags;
1983 struct protection_domain *domain;
1985 INC_STATS_COUNTER(cnt_unmap_single);
1987 domain = get_domain(dev);
1991 spin_lock_irqsave(&domain->lock, flags);
1993 __unmap_single(domain->priv, dma_addr, size, dir);
1995 iommu_flush_complete(domain);
1997 spin_unlock_irqrestore(&domain->lock, flags);
2001 * This is a special map_sg function which is used if we should map a
2002 * device which is not handled by an AMD IOMMU in the system.
2004 static int map_sg_no_iommu(struct device *dev, struct scatterlist *sglist,
2005 int nelems, int dir)
2007 struct scatterlist *s;
2010 for_each_sg(sglist, s, nelems, i) {
2011 s->dma_address = (dma_addr_t)sg_phys(s);
2012 s->dma_length = s->length;
2019 * The exported map_sg function for dma_ops (handles scatter-gather
2022 static int map_sg(struct device *dev, struct scatterlist *sglist,
2023 int nelems, enum dma_data_direction dir,
2024 struct dma_attrs *attrs)
2026 unsigned long flags;
2027 struct protection_domain *domain;
2029 struct scatterlist *s;
2031 int mapped_elems = 0;
2034 INC_STATS_COUNTER(cnt_map_sg);
2036 domain = get_domain(dev);
2037 if (PTR_ERR(domain) == -EINVAL)
2038 return map_sg_no_iommu(dev, sglist, nelems, dir);
2039 else if (IS_ERR(domain))
2042 dma_mask = *dev->dma_mask;
2044 spin_lock_irqsave(&domain->lock, flags);
2046 for_each_sg(sglist, s, nelems, i) {
2049 s->dma_address = __map_single(dev, domain->priv,
2050 paddr, s->length, dir, false,
2053 if (s->dma_address) {
2054 s->dma_length = s->length;
2060 iommu_flush_complete(domain);
2063 spin_unlock_irqrestore(&domain->lock, flags);
2065 return mapped_elems;
2067 for_each_sg(sglist, s, mapped_elems, i) {
2069 __unmap_single(domain->priv, s->dma_address,
2070 s->dma_length, dir);
2071 s->dma_address = s->dma_length = 0;
2080 * The exported map_sg function for dma_ops (handles scatter-gather
2083 static void unmap_sg(struct device *dev, struct scatterlist *sglist,
2084 int nelems, enum dma_data_direction dir,
2085 struct dma_attrs *attrs)
2087 unsigned long flags;
2088 struct protection_domain *domain;
2089 struct scatterlist *s;
2092 INC_STATS_COUNTER(cnt_unmap_sg);
2094 domain = get_domain(dev);
2098 spin_lock_irqsave(&domain->lock, flags);
2100 for_each_sg(sglist, s, nelems, i) {
2101 __unmap_single(domain->priv, s->dma_address,
2102 s->dma_length, dir);
2103 s->dma_address = s->dma_length = 0;
2106 iommu_flush_complete(domain);
2108 spin_unlock_irqrestore(&domain->lock, flags);
2112 * The exported alloc_coherent function for dma_ops.
2114 static void *alloc_coherent(struct device *dev, size_t size,
2115 dma_addr_t *dma_addr, gfp_t flag)
2117 unsigned long flags;
2119 struct protection_domain *domain;
2121 u64 dma_mask = dev->coherent_dma_mask;
2123 INC_STATS_COUNTER(cnt_alloc_coherent);
2125 domain = get_domain(dev);
2126 if (PTR_ERR(domain) == -EINVAL) {
2127 virt_addr = (void *)__get_free_pages(flag, get_order(size));
2128 *dma_addr = __pa(virt_addr);
2130 } else if (IS_ERR(domain))
2133 dma_mask = dev->coherent_dma_mask;
2134 flag &= ~(__GFP_DMA | __GFP_HIGHMEM | __GFP_DMA32);
2137 virt_addr = (void *)__get_free_pages(flag, get_order(size));
2141 paddr = virt_to_phys(virt_addr);
2144 dma_mask = *dev->dma_mask;
2146 spin_lock_irqsave(&domain->lock, flags);
2148 *dma_addr = __map_single(dev, domain->priv, paddr,
2149 size, DMA_BIDIRECTIONAL, true, dma_mask);
2151 if (*dma_addr == DMA_ERROR_CODE) {
2152 spin_unlock_irqrestore(&domain->lock, flags);
2156 iommu_flush_complete(domain);
2158 spin_unlock_irqrestore(&domain->lock, flags);
2164 free_pages((unsigned long)virt_addr, get_order(size));
2170 * The exported free_coherent function for dma_ops.
2172 static void free_coherent(struct device *dev, size_t size,
2173 void *virt_addr, dma_addr_t dma_addr)
2175 unsigned long flags;
2176 struct protection_domain *domain;
2178 INC_STATS_COUNTER(cnt_free_coherent);
2180 domain = get_domain(dev);
2184 spin_lock_irqsave(&domain->lock, flags);
2186 __unmap_single(domain->priv, dma_addr, size, DMA_BIDIRECTIONAL);
2188 iommu_flush_complete(domain);
2190 spin_unlock_irqrestore(&domain->lock, flags);
2193 free_pages((unsigned long)virt_addr, get_order(size));
2197 * This function is called by the DMA layer to find out if we can handle a
2198 * particular device. It is part of the dma_ops.
2200 static int amd_iommu_dma_supported(struct device *dev, u64 mask)
2202 return check_device(dev);
2206 * The function for pre-allocating protection domains.
2208 * If the driver core informs the DMA layer if a driver grabs a device
2209 * we don't need to preallocate the protection domains anymore.
2210 * For now we have to.
2212 static void prealloc_protection_domains(void)
2214 struct pci_dev *dev = NULL;
2215 struct dma_ops_domain *dma_dom;
2218 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2220 /* Do we handle this device? */
2221 if (!check_device(&dev->dev))
2224 /* Is there already any domain for it? */
2225 if (domain_for_device(&dev->dev))
2228 devid = get_device_id(&dev->dev);
2230 dma_dom = dma_ops_domain_alloc();
2233 init_unity_mappings_for_device(dma_dom, devid);
2234 dma_dom->target_dev = devid;
2236 attach_device(&dev->dev, &dma_dom->domain);
2238 list_add_tail(&dma_dom->list, &iommu_pd_list);
2242 static struct dma_map_ops amd_iommu_dma_ops = {
2243 .alloc_coherent = alloc_coherent,
2244 .free_coherent = free_coherent,
2245 .map_page = map_page,
2246 .unmap_page = unmap_page,
2248 .unmap_sg = unmap_sg,
2249 .dma_supported = amd_iommu_dma_supported,
2252 static unsigned device_dma_ops_init(void)
2254 struct pci_dev *pdev = NULL;
2255 unsigned unhandled = 0;
2257 for_each_pci_dev(pdev) {
2258 if (!check_device(&pdev->dev)) {
2263 pdev->dev.archdata.dma_ops = &amd_iommu_dma_ops;
2270 * The function which clues the AMD IOMMU driver into dma_ops.
2273 void __init amd_iommu_init_api(void)
2275 register_iommu(&amd_iommu_ops);
2278 int __init amd_iommu_init_dma_ops(void)
2280 struct amd_iommu *iommu;
2284 * first allocate a default protection domain for every IOMMU we
2285 * found in the system. Devices not assigned to any other
2286 * protection domain will be assigned to the default one.
2288 for_each_iommu(iommu) {
2289 iommu->default_dom = dma_ops_domain_alloc();
2290 if (iommu->default_dom == NULL)
2292 iommu->default_dom->domain.flags |= PD_DEFAULT_MASK;
2293 ret = iommu_init_unity_mappings(iommu);
2299 * Pre-allocate the protection domains for each device.
2301 prealloc_protection_domains();
2306 /* Make the driver finally visible to the drivers */
2307 unhandled = device_dma_ops_init();
2308 if (unhandled && max_pfn > MAX_DMA32_PFN) {
2309 /* There are unhandled devices - initialize swiotlb for them */
2313 amd_iommu_stats_init();
2319 for_each_iommu(iommu) {
2320 if (iommu->default_dom)
2321 dma_ops_domain_free(iommu->default_dom);
2327 /*****************************************************************************
2329 * The following functions belong to the exported interface of AMD IOMMU
2331 * This interface allows access to lower level functions of the IOMMU
2332 * like protection domain handling and assignement of devices to domains
2333 * which is not possible with the dma_ops interface.
2335 *****************************************************************************/
2337 static void cleanup_domain(struct protection_domain *domain)
2339 struct iommu_dev_data *dev_data, *next;
2340 unsigned long flags;
2342 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
2344 list_for_each_entry_safe(dev_data, next, &domain->dev_list, list) {
2345 struct device *dev = dev_data->dev;
2347 __detach_device(dev);
2348 atomic_set(&dev_data->bind, 0);
2351 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
2354 static void protection_domain_free(struct protection_domain *domain)
2359 del_domain_from_list(domain);
2362 domain_id_free(domain->id);
2367 static struct protection_domain *protection_domain_alloc(void)
2369 struct protection_domain *domain;
2371 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2375 spin_lock_init(&domain->lock);
2376 domain->id = domain_id_alloc();
2379 INIT_LIST_HEAD(&domain->dev_list);
2381 add_domain_to_list(domain);
2391 static int amd_iommu_domain_init(struct iommu_domain *dom)
2393 struct protection_domain *domain;
2395 domain = protection_domain_alloc();
2399 domain->mode = PAGE_MODE_3_LEVEL;
2400 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2401 if (!domain->pt_root)
2409 protection_domain_free(domain);
2414 static void amd_iommu_domain_destroy(struct iommu_domain *dom)
2416 struct protection_domain *domain = dom->priv;
2421 if (domain->dev_cnt > 0)
2422 cleanup_domain(domain);
2424 BUG_ON(domain->dev_cnt != 0);
2426 free_pagetable(domain);
2428 protection_domain_free(domain);
2433 static void amd_iommu_detach_device(struct iommu_domain *dom,
2436 struct iommu_dev_data *dev_data = dev->archdata.iommu;
2437 struct amd_iommu *iommu;
2440 if (!check_device(dev))
2443 devid = get_device_id(dev);
2445 if (dev_data->domain != NULL)
2448 iommu = amd_iommu_rlookup_table[devid];
2452 iommu_flush_device(dev);
2453 iommu_completion_wait(iommu);
2456 static int amd_iommu_attach_device(struct iommu_domain *dom,
2459 struct protection_domain *domain = dom->priv;
2460 struct iommu_dev_data *dev_data;
2461 struct amd_iommu *iommu;
2465 if (!check_device(dev))
2468 dev_data = dev->archdata.iommu;
2470 devid = get_device_id(dev);
2472 iommu = amd_iommu_rlookup_table[devid];
2476 if (dev_data->domain)
2479 ret = attach_device(dev, domain);
2481 iommu_completion_wait(iommu);
2486 static int amd_iommu_map_range(struct iommu_domain *dom,
2487 unsigned long iova, phys_addr_t paddr,
2488 size_t size, int iommu_prot)
2490 struct protection_domain *domain = dom->priv;
2491 unsigned long i, npages = iommu_num_pages(paddr, size, PAGE_SIZE);
2495 if (iommu_prot & IOMMU_READ)
2496 prot |= IOMMU_PROT_IR;
2497 if (iommu_prot & IOMMU_WRITE)
2498 prot |= IOMMU_PROT_IW;
2503 for (i = 0; i < npages; ++i) {
2504 ret = iommu_map_page(domain, iova, paddr, prot, PM_MAP_4k);
2515 static void amd_iommu_unmap_range(struct iommu_domain *dom,
2516 unsigned long iova, size_t size)
2519 struct protection_domain *domain = dom->priv;
2520 unsigned long i, npages = iommu_num_pages(iova, size, PAGE_SIZE);
2524 for (i = 0; i < npages; ++i) {
2525 iommu_unmap_page(domain, iova, PM_MAP_4k);
2529 iommu_flush_tlb_pde(domain);
2532 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2535 struct protection_domain *domain = dom->priv;
2536 unsigned long offset = iova & ~PAGE_MASK;
2540 pte = fetch_pte(domain, iova, PM_MAP_4k);
2542 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2545 paddr = *pte & IOMMU_PAGE_MASK;
2551 static int amd_iommu_domain_has_cap(struct iommu_domain *domain,
2557 static struct iommu_ops amd_iommu_ops = {
2558 .domain_init = amd_iommu_domain_init,
2559 .domain_destroy = amd_iommu_domain_destroy,
2560 .attach_dev = amd_iommu_attach_device,
2561 .detach_dev = amd_iommu_detach_device,
2562 .map = amd_iommu_map_range,
2563 .unmap = amd_iommu_unmap_range,
2564 .iova_to_phys = amd_iommu_iova_to_phys,
2565 .domain_has_cap = amd_iommu_domain_has_cap,
2568 /*****************************************************************************
2570 * The next functions do a basic initialization of IOMMU for pass through
2573 * In passthrough mode the IOMMU is initialized and enabled but not used for
2574 * DMA-API translation.
2576 *****************************************************************************/
2578 int __init amd_iommu_init_passthrough(void)
2580 struct amd_iommu *iommu;
2581 struct pci_dev *dev = NULL;
2584 /* allocate passthrough domain */
2585 pt_domain = protection_domain_alloc();
2589 pt_domain->mode |= PAGE_MODE_NONE;
2591 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2593 if (!check_device(&dev->dev))
2596 devid = get_device_id(&dev->dev);
2598 iommu = amd_iommu_rlookup_table[devid];
2602 attach_device(&dev->dev, pt_domain);
2605 pr_info("AMD-Vi: Initialized for Passthrough Mode\n");
projects / karo-tx-linux.git / blob