2 * Copyright (C) 2007-2009 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
4 * Leo Duran <leo.duran@amd.com>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published
8 * by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/pci.h>
21 #include <linux/gfp.h>
22 #include <linux/bitops.h>
23 #include <linux/debugfs.h>
24 #include <linux/scatterlist.h>
25 #include <linux/dma-mapping.h>
26 #include <linux/iommu-helper.h>
27 #include <linux/iommu.h>
28 #include <asm/proto.h>
29 #include <asm/iommu.h>
31 #include <asm/amd_iommu_proto.h>
32 #include <asm/amd_iommu_types.h>
33 #include <asm/amd_iommu.h>
35 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
37 #define EXIT_LOOP_COUNT 10000000
39 static DEFINE_RWLOCK(amd_iommu_devtable_lock);
41 /* A list of preallocated protection domains */
42 static LIST_HEAD(iommu_pd_list);
43 static DEFINE_SPINLOCK(iommu_pd_list_lock);
46 * Domain for untranslated devices - only allocated
47 * if iommu=pt passed on kernel cmd line.
49 static struct protection_domain *pt_domain;
51 static struct iommu_ops amd_iommu_ops;
54 * general struct to manage commands send to an IOMMU
60 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
61 struct unity_map_entry *e);
62 static struct dma_ops_domain *find_protection_domain(u16 devid);
63 static u64 *alloc_pte(struct protection_domain *domain,
64 unsigned long address, int end_lvl,
65 u64 **pte_page, gfp_t gfp);
66 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
67 unsigned long start_page,
69 static void reset_iommu_command_buffer(struct amd_iommu *iommu);
70 static u64 *fetch_pte(struct protection_domain *domain,
71 unsigned long address, int map_size);
72 static void update_domain(struct protection_domain *domain);
74 #ifdef CONFIG_AMD_IOMMU_STATS
77 * Initialization code for statistics collection
80 DECLARE_STATS_COUNTER(compl_wait);
81 DECLARE_STATS_COUNTER(cnt_map_single);
82 DECLARE_STATS_COUNTER(cnt_unmap_single);
83 DECLARE_STATS_COUNTER(cnt_map_sg);
84 DECLARE_STATS_COUNTER(cnt_unmap_sg);
85 DECLARE_STATS_COUNTER(cnt_alloc_coherent);
86 DECLARE_STATS_COUNTER(cnt_free_coherent);
87 DECLARE_STATS_COUNTER(cross_page);
88 DECLARE_STATS_COUNTER(domain_flush_single);
89 DECLARE_STATS_COUNTER(domain_flush_all);
90 DECLARE_STATS_COUNTER(alloced_io_mem);
91 DECLARE_STATS_COUNTER(total_map_requests);
93 static struct dentry *stats_dir;
94 static struct dentry *de_isolate;
95 static struct dentry *de_fflush;
97 static void amd_iommu_stats_add(struct __iommu_counter *cnt)
99 if (stats_dir == NULL)
102 cnt->dent = debugfs_create_u64(cnt->name, 0444, stats_dir,
106 static void amd_iommu_stats_init(void)
108 stats_dir = debugfs_create_dir("amd-iommu", NULL);
109 if (stats_dir == NULL)
112 de_isolate = debugfs_create_bool("isolation", 0444, stats_dir,
113 (u32 *)&amd_iommu_isolate);
115 de_fflush = debugfs_create_bool("fullflush", 0444, stats_dir,
116 (u32 *)&amd_iommu_unmap_flush);
118 amd_iommu_stats_add(&compl_wait);
119 amd_iommu_stats_add(&cnt_map_single);
120 amd_iommu_stats_add(&cnt_unmap_single);
121 amd_iommu_stats_add(&cnt_map_sg);
122 amd_iommu_stats_add(&cnt_unmap_sg);
123 amd_iommu_stats_add(&cnt_alloc_coherent);
124 amd_iommu_stats_add(&cnt_free_coherent);
125 amd_iommu_stats_add(&cross_page);
126 amd_iommu_stats_add(&domain_flush_single);
127 amd_iommu_stats_add(&domain_flush_all);
128 amd_iommu_stats_add(&alloced_io_mem);
129 amd_iommu_stats_add(&total_map_requests);
134 /* returns !0 if the IOMMU is caching non-present entries in its TLB */
135 static int iommu_has_npcache(struct amd_iommu *iommu)
137 return iommu->cap & (1UL << IOMMU_CAP_NPCACHE);
140 /****************************************************************************
142 * Interrupt handling functions
144 ****************************************************************************/
146 static void dump_dte_entry(u16 devid)
150 for (i = 0; i < 8; ++i)
151 pr_err("AMD-Vi: DTE[%d]: %08x\n", i,
152 amd_iommu_dev_table[devid].data[i]);
155 static void dump_command(unsigned long phys_addr)
157 struct iommu_cmd *cmd = phys_to_virt(phys_addr);
160 for (i = 0; i < 4; ++i)
161 pr_err("AMD-Vi: CMD[%d]: %08x\n", i, cmd->data[i]);
164 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
167 int type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
168 int devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
169 int domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
170 int flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
171 u64 address = (u64)(((u64)event[3]) << 32) | event[2];
173 printk(KERN_ERR "AMD-Vi: Event logged [");
176 case EVENT_TYPE_ILL_DEV:
177 printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
178 "address=0x%016llx flags=0x%04x]\n",
179 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
181 dump_dte_entry(devid);
183 case EVENT_TYPE_IO_FAULT:
184 printk("IO_PAGE_FAULT device=%02x:%02x.%x "
185 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
186 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
187 domid, address, flags);
189 case EVENT_TYPE_DEV_TAB_ERR:
190 printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
191 "address=0x%016llx flags=0x%04x]\n",
192 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
195 case EVENT_TYPE_PAGE_TAB_ERR:
196 printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
197 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
198 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
199 domid, address, flags);
201 case EVENT_TYPE_ILL_CMD:
202 printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
203 reset_iommu_command_buffer(iommu);
204 dump_command(address);
206 case EVENT_TYPE_CMD_HARD_ERR:
207 printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
208 "flags=0x%04x]\n", address, flags);
210 case EVENT_TYPE_IOTLB_INV_TO:
211 printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
212 "address=0x%016llx]\n",
213 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
216 case EVENT_TYPE_INV_DEV_REQ:
217 printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
218 "address=0x%016llx flags=0x%04x]\n",
219 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
223 printk(KERN_ERR "UNKNOWN type=0x%02x]\n", type);
227 static void iommu_poll_events(struct amd_iommu *iommu)
232 spin_lock_irqsave(&iommu->lock, flags);
234 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
235 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
237 while (head != tail) {
238 iommu_print_event(iommu, iommu->evt_buf + head);
239 head = (head + EVENT_ENTRY_SIZE) % iommu->evt_buf_size;
242 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
244 spin_unlock_irqrestore(&iommu->lock, flags);
247 irqreturn_t amd_iommu_int_handler(int irq, void *data)
249 struct amd_iommu *iommu;
251 for_each_iommu(iommu)
252 iommu_poll_events(iommu);
257 /****************************************************************************
259 * IOMMU command queuing functions
261 ****************************************************************************/
264 * Writes the command to the IOMMUs command buffer and informs the
265 * hardware about the new command. Must be called with iommu->lock held.
267 static int __iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
272 tail = readl(iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
273 target = iommu->cmd_buf + tail;
274 memcpy_toio(target, cmd, sizeof(*cmd));
275 tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
276 head = readl(iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
279 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
285 * General queuing function for commands. Takes iommu->lock and calls
286 * __iommu_queue_command().
288 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
293 spin_lock_irqsave(&iommu->lock, flags);
294 ret = __iommu_queue_command(iommu, cmd);
296 iommu->need_sync = true;
297 spin_unlock_irqrestore(&iommu->lock, flags);
303 * This function waits until an IOMMU has completed a completion
306 static void __iommu_wait_for_completion(struct amd_iommu *iommu)
312 INC_STATS_COUNTER(compl_wait);
314 while (!ready && (i < EXIT_LOOP_COUNT)) {
316 /* wait for the bit to become one */
317 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
318 ready = status & MMIO_STATUS_COM_WAIT_INT_MASK;
321 /* set bit back to zero */
322 status &= ~MMIO_STATUS_COM_WAIT_INT_MASK;
323 writel(status, iommu->mmio_base + MMIO_STATUS_OFFSET);
325 if (unlikely(i == EXIT_LOOP_COUNT)) {
326 spin_unlock(&iommu->lock);
327 reset_iommu_command_buffer(iommu);
328 spin_lock(&iommu->lock);
333 * This function queues a completion wait command into the command
336 static int __iommu_completion_wait(struct amd_iommu *iommu)
338 struct iommu_cmd cmd;
340 memset(&cmd, 0, sizeof(cmd));
341 cmd.data[0] = CMD_COMPL_WAIT_INT_MASK;
342 CMD_SET_TYPE(&cmd, CMD_COMPL_WAIT);
344 return __iommu_queue_command(iommu, &cmd);
348 * This function is called whenever we need to ensure that the IOMMU has
349 * completed execution of all commands we sent. It sends a
350 * COMPLETION_WAIT command and waits for it to finish. The IOMMU informs
351 * us about that by writing a value to a physical address we pass with
354 static int iommu_completion_wait(struct amd_iommu *iommu)
359 spin_lock_irqsave(&iommu->lock, flags);
361 if (!iommu->need_sync)
364 ret = __iommu_completion_wait(iommu);
366 iommu->need_sync = false;
371 __iommu_wait_for_completion(iommu);
374 spin_unlock_irqrestore(&iommu->lock, flags);
380 * Command send function for invalidating a device table entry
382 static int iommu_queue_inv_dev_entry(struct amd_iommu *iommu, u16 devid)
384 struct iommu_cmd cmd;
387 BUG_ON(iommu == NULL);
389 memset(&cmd, 0, sizeof(cmd));
390 CMD_SET_TYPE(&cmd, CMD_INV_DEV_ENTRY);
393 ret = iommu_queue_command(iommu, &cmd);
398 static void __iommu_build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
399 u16 domid, int pde, int s)
401 memset(cmd, 0, sizeof(*cmd));
402 address &= PAGE_MASK;
403 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
404 cmd->data[1] |= domid;
405 cmd->data[2] = lower_32_bits(address);
406 cmd->data[3] = upper_32_bits(address);
407 if (s) /* size bit - we flush more than one 4kb page */
408 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
409 if (pde) /* PDE bit - we wan't flush everything not only the PTEs */
410 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
414 * Generic command send function for invalidaing TLB entries
416 static int iommu_queue_inv_iommu_pages(struct amd_iommu *iommu,
417 u64 address, u16 domid, int pde, int s)
419 struct iommu_cmd cmd;
422 __iommu_build_inv_iommu_pages(&cmd, address, domid, pde, s);
424 ret = iommu_queue_command(iommu, &cmd);
430 * TLB invalidation function which is called from the mapping functions.
431 * It invalidates a single PTE if the range to flush is within a single
432 * page. Otherwise it flushes the whole TLB of the IOMMU.
434 static int iommu_flush_pages(struct amd_iommu *iommu, u16 domid,
435 u64 address, size_t size)
438 unsigned pages = iommu_num_pages(address, size, PAGE_SIZE);
440 address &= PAGE_MASK;
444 * If we have to flush more than one page, flush all
445 * TLB entries for this domain
447 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
451 iommu_queue_inv_iommu_pages(iommu, address, domid, 0, s);
456 /* Flush the whole IO/TLB for a given protection domain */
457 static void iommu_flush_tlb(struct amd_iommu *iommu, u16 domid)
459 u64 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
461 INC_STATS_COUNTER(domain_flush_single);
463 iommu_queue_inv_iommu_pages(iommu, address, domid, 0, 1);
466 /* Flush the whole IO/TLB for a given protection domain - including PDE */
467 static void iommu_flush_tlb_pde(struct amd_iommu *iommu, u16 domid)
469 u64 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
471 INC_STATS_COUNTER(domain_flush_single);
473 iommu_queue_inv_iommu_pages(iommu, address, domid, 1, 1);
477 * This function flushes one domain on one IOMMU
479 static void flush_domain_on_iommu(struct amd_iommu *iommu, u16 domid)
481 struct iommu_cmd cmd;
484 __iommu_build_inv_iommu_pages(&cmd, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
487 spin_lock_irqsave(&iommu->lock, flags);
488 __iommu_queue_command(iommu, &cmd);
489 __iommu_completion_wait(iommu);
490 __iommu_wait_for_completion(iommu);
491 spin_unlock_irqrestore(&iommu->lock, flags);
494 static void flush_all_domains_on_iommu(struct amd_iommu *iommu)
498 for (i = 1; i < MAX_DOMAIN_ID; ++i) {
499 if (!test_bit(i, amd_iommu_pd_alloc_bitmap))
501 flush_domain_on_iommu(iommu, i);
507 * This function is used to flush the IO/TLB for a given protection domain
508 * on every IOMMU in the system
510 static void iommu_flush_domain(u16 domid)
512 struct amd_iommu *iommu;
514 INC_STATS_COUNTER(domain_flush_all);
516 for_each_iommu(iommu)
517 flush_domain_on_iommu(iommu, domid);
520 void amd_iommu_flush_all_domains(void)
522 struct amd_iommu *iommu;
524 for_each_iommu(iommu)
525 flush_all_domains_on_iommu(iommu);
528 static void flush_all_devices_for_iommu(struct amd_iommu *iommu)
532 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
533 if (iommu != amd_iommu_rlookup_table[i])
536 iommu_queue_inv_dev_entry(iommu, i);
537 iommu_completion_wait(iommu);
541 static void flush_devices_by_domain(struct protection_domain *domain)
543 struct amd_iommu *iommu;
546 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
547 if ((domain == NULL && amd_iommu_pd_table[i] == NULL) ||
548 (amd_iommu_pd_table[i] != domain))
551 iommu = amd_iommu_rlookup_table[i];
555 iommu_queue_inv_dev_entry(iommu, i);
556 iommu_completion_wait(iommu);
560 static void reset_iommu_command_buffer(struct amd_iommu *iommu)
562 pr_err("AMD-Vi: Resetting IOMMU command buffer\n");
564 if (iommu->reset_in_progress)
565 panic("AMD-Vi: ILLEGAL_COMMAND_ERROR while resetting command buffer\n");
567 iommu->reset_in_progress = true;
569 amd_iommu_reset_cmd_buffer(iommu);
570 flush_all_devices_for_iommu(iommu);
571 flush_all_domains_on_iommu(iommu);
573 iommu->reset_in_progress = false;
576 void amd_iommu_flush_all_devices(void)
578 flush_devices_by_domain(NULL);
581 /****************************************************************************
583 * The functions below are used the create the page table mappings for
584 * unity mapped regions.
586 ****************************************************************************/
589 * Generic mapping functions. It maps a physical address into a DMA
590 * address space. It allocates the page table pages if necessary.
591 * In the future it can be extended to a generic mapping function
592 * supporting all features of AMD IOMMU page tables like level skipping
593 * and full 64 bit address spaces.
595 static int iommu_map_page(struct protection_domain *dom,
596 unsigned long bus_addr,
597 unsigned long phys_addr,
603 bus_addr = PAGE_ALIGN(bus_addr);
604 phys_addr = PAGE_ALIGN(phys_addr);
606 BUG_ON(!PM_ALIGNED(map_size, bus_addr));
607 BUG_ON(!PM_ALIGNED(map_size, phys_addr));
609 if (!(prot & IOMMU_PROT_MASK))
612 pte = alloc_pte(dom, bus_addr, map_size, NULL, GFP_KERNEL);
614 if (IOMMU_PTE_PRESENT(*pte))
617 __pte = phys_addr | IOMMU_PTE_P;
618 if (prot & IOMMU_PROT_IR)
619 __pte |= IOMMU_PTE_IR;
620 if (prot & IOMMU_PROT_IW)
621 __pte |= IOMMU_PTE_IW;
630 static void iommu_unmap_page(struct protection_domain *dom,
631 unsigned long bus_addr, int map_size)
633 u64 *pte = fetch_pte(dom, bus_addr, map_size);
640 * This function checks if a specific unity mapping entry is needed for
641 * this specific IOMMU.
643 static int iommu_for_unity_map(struct amd_iommu *iommu,
644 struct unity_map_entry *entry)
648 for (i = entry->devid_start; i <= entry->devid_end; ++i) {
649 bdf = amd_iommu_alias_table[i];
650 if (amd_iommu_rlookup_table[bdf] == iommu)
658 * Init the unity mappings for a specific IOMMU in the system
660 * Basically iterates over all unity mapping entries and applies them to
661 * the default domain DMA of that IOMMU if necessary.
663 static int iommu_init_unity_mappings(struct amd_iommu *iommu)
665 struct unity_map_entry *entry;
668 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
669 if (!iommu_for_unity_map(iommu, entry))
671 ret = dma_ops_unity_map(iommu->default_dom, entry);
680 * This function actually applies the mapping to the page table of the
683 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
684 struct unity_map_entry *e)
689 for (addr = e->address_start; addr < e->address_end;
691 ret = iommu_map_page(&dma_dom->domain, addr, addr, e->prot,
696 * if unity mapping is in aperture range mark the page
697 * as allocated in the aperture
699 if (addr < dma_dom->aperture_size)
700 __set_bit(addr >> PAGE_SHIFT,
701 dma_dom->aperture[0]->bitmap);
708 * Inits the unity mappings required for a specific device
710 static int init_unity_mappings_for_device(struct dma_ops_domain *dma_dom,
713 struct unity_map_entry *e;
716 list_for_each_entry(e, &amd_iommu_unity_map, list) {
717 if (!(devid >= e->devid_start && devid <= e->devid_end))
719 ret = dma_ops_unity_map(dma_dom, e);
727 /****************************************************************************
729 * The next functions belong to the address allocator for the dma_ops
730 * interface functions. They work like the allocators in the other IOMMU
731 * drivers. Its basically a bitmap which marks the allocated pages in
732 * the aperture. Maybe it could be enhanced in the future to a more
733 * efficient allocator.
735 ****************************************************************************/
738 * The address allocator core functions.
740 * called with domain->lock held
744 * This function checks if there is a PTE for a given dma address. If
745 * there is one, it returns the pointer to it.
747 static u64 *fetch_pte(struct protection_domain *domain,
748 unsigned long address, int map_size)
753 level = domain->mode - 1;
754 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
756 while (level > map_size) {
757 if (!IOMMU_PTE_PRESENT(*pte))
762 pte = IOMMU_PTE_PAGE(*pte);
763 pte = &pte[PM_LEVEL_INDEX(level, address)];
765 if ((PM_PTE_LEVEL(*pte) == 0) && level != map_size) {
775 * This function is used to add a new aperture range to an existing
776 * aperture in case of dma_ops domain allocation or address allocation
779 static int alloc_new_range(struct amd_iommu *iommu,
780 struct dma_ops_domain *dma_dom,
781 bool populate, gfp_t gfp)
783 int index = dma_dom->aperture_size >> APERTURE_RANGE_SHIFT;
786 #ifdef CONFIG_IOMMU_STRESS
790 if (index >= APERTURE_MAX_RANGES)
793 dma_dom->aperture[index] = kzalloc(sizeof(struct aperture_range), gfp);
794 if (!dma_dom->aperture[index])
797 dma_dom->aperture[index]->bitmap = (void *)get_zeroed_page(gfp);
798 if (!dma_dom->aperture[index]->bitmap)
801 dma_dom->aperture[index]->offset = dma_dom->aperture_size;
804 unsigned long address = dma_dom->aperture_size;
805 int i, num_ptes = APERTURE_RANGE_PAGES / 512;
808 for (i = 0; i < num_ptes; ++i) {
809 pte = alloc_pte(&dma_dom->domain, address, PM_MAP_4k,
814 dma_dom->aperture[index]->pte_pages[i] = pte_page;
816 address += APERTURE_RANGE_SIZE / 64;
820 dma_dom->aperture_size += APERTURE_RANGE_SIZE;
822 /* Intialize the exclusion range if necessary */
823 if (iommu->exclusion_start &&
824 iommu->exclusion_start >= dma_dom->aperture[index]->offset &&
825 iommu->exclusion_start < dma_dom->aperture_size) {
826 unsigned long startpage = iommu->exclusion_start >> PAGE_SHIFT;
827 int pages = iommu_num_pages(iommu->exclusion_start,
828 iommu->exclusion_length,
830 dma_ops_reserve_addresses(dma_dom, startpage, pages);
834 * Check for areas already mapped as present in the new aperture
835 * range and mark those pages as reserved in the allocator. Such
836 * mappings may already exist as a result of requested unity
837 * mappings for devices.
839 for (i = dma_dom->aperture[index]->offset;
840 i < dma_dom->aperture_size;
842 u64 *pte = fetch_pte(&dma_dom->domain, i, PM_MAP_4k);
843 if (!pte || !IOMMU_PTE_PRESENT(*pte))
846 dma_ops_reserve_addresses(dma_dom, i << PAGE_SHIFT, 1);
849 update_domain(&dma_dom->domain);
854 update_domain(&dma_dom->domain);
856 free_page((unsigned long)dma_dom->aperture[index]->bitmap);
858 kfree(dma_dom->aperture[index]);
859 dma_dom->aperture[index] = NULL;
864 static unsigned long dma_ops_area_alloc(struct device *dev,
865 struct dma_ops_domain *dom,
867 unsigned long align_mask,
871 unsigned long next_bit = dom->next_address % APERTURE_RANGE_SIZE;
872 int max_index = dom->aperture_size >> APERTURE_RANGE_SHIFT;
873 int i = start >> APERTURE_RANGE_SHIFT;
874 unsigned long boundary_size;
875 unsigned long address = -1;
878 next_bit >>= PAGE_SHIFT;
880 boundary_size = ALIGN(dma_get_seg_boundary(dev) + 1,
881 PAGE_SIZE) >> PAGE_SHIFT;
883 for (;i < max_index; ++i) {
884 unsigned long offset = dom->aperture[i]->offset >> PAGE_SHIFT;
886 if (dom->aperture[i]->offset >= dma_mask)
889 limit = iommu_device_max_index(APERTURE_RANGE_PAGES, offset,
890 dma_mask >> PAGE_SHIFT);
892 address = iommu_area_alloc(dom->aperture[i]->bitmap,
893 limit, next_bit, pages, 0,
894 boundary_size, align_mask);
896 address = dom->aperture[i]->offset +
897 (address << PAGE_SHIFT);
898 dom->next_address = address + (pages << PAGE_SHIFT);
908 static unsigned long dma_ops_alloc_addresses(struct device *dev,
909 struct dma_ops_domain *dom,
911 unsigned long align_mask,
914 unsigned long address;
916 #ifdef CONFIG_IOMMU_STRESS
917 dom->next_address = 0;
918 dom->need_flush = true;
921 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
922 dma_mask, dom->next_address);
925 dom->next_address = 0;
926 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
928 dom->need_flush = true;
931 if (unlikely(address == -1))
932 address = DMA_ERROR_CODE;
934 WARN_ON((address + (PAGE_SIZE*pages)) > dom->aperture_size);
940 * The address free function.
942 * called with domain->lock held
944 static void dma_ops_free_addresses(struct dma_ops_domain *dom,
945 unsigned long address,
948 unsigned i = address >> APERTURE_RANGE_SHIFT;
949 struct aperture_range *range = dom->aperture[i];
951 BUG_ON(i >= APERTURE_MAX_RANGES || range == NULL);
953 #ifdef CONFIG_IOMMU_STRESS
958 if (address >= dom->next_address)
959 dom->need_flush = true;
961 address = (address % APERTURE_RANGE_SIZE) >> PAGE_SHIFT;
963 iommu_area_free(range->bitmap, address, pages);
967 /****************************************************************************
969 * The next functions belong to the domain allocation. A domain is
970 * allocated for every IOMMU as the default domain. If device isolation
971 * is enabled, every device get its own domain. The most important thing
972 * about domains is the page table mapping the DMA address space they
975 ****************************************************************************/
977 static u16 domain_id_alloc(void)
982 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
983 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
985 if (id > 0 && id < MAX_DOMAIN_ID)
986 __set_bit(id, amd_iommu_pd_alloc_bitmap);
989 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
994 static void domain_id_free(int id)
998 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
999 if (id > 0 && id < MAX_DOMAIN_ID)
1000 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1001 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1005 * Used to reserve address ranges in the aperture (e.g. for exclusion
1008 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
1009 unsigned long start_page,
1012 unsigned int i, last_page = dom->aperture_size >> PAGE_SHIFT;
1014 if (start_page + pages > last_page)
1015 pages = last_page - start_page;
1017 for (i = start_page; i < start_page + pages; ++i) {
1018 int index = i / APERTURE_RANGE_PAGES;
1019 int page = i % APERTURE_RANGE_PAGES;
1020 __set_bit(page, dom->aperture[index]->bitmap);
1024 static void free_pagetable(struct protection_domain *domain)
1029 p1 = domain->pt_root;
1034 for (i = 0; i < 512; ++i) {
1035 if (!IOMMU_PTE_PRESENT(p1[i]))
1038 p2 = IOMMU_PTE_PAGE(p1[i]);
1039 for (j = 0; j < 512; ++j) {
1040 if (!IOMMU_PTE_PRESENT(p2[j]))
1042 p3 = IOMMU_PTE_PAGE(p2[j]);
1043 free_page((unsigned long)p3);
1046 free_page((unsigned long)p2);
1049 free_page((unsigned long)p1);
1051 domain->pt_root = NULL;
1055 * Free a domain, only used if something went wrong in the
1056 * allocation path and we need to free an already allocated page table
1058 static void dma_ops_domain_free(struct dma_ops_domain *dom)
1065 free_pagetable(&dom->domain);
1067 for (i = 0; i < APERTURE_MAX_RANGES; ++i) {
1068 if (!dom->aperture[i])
1070 free_page((unsigned long)dom->aperture[i]->bitmap);
1071 kfree(dom->aperture[i]);
1078 * Allocates a new protection domain usable for the dma_ops functions.
1079 * It also intializes the page table and the address allocator data
1080 * structures required for the dma_ops interface
1082 static struct dma_ops_domain *dma_ops_domain_alloc(struct amd_iommu *iommu)
1084 struct dma_ops_domain *dma_dom;
1086 dma_dom = kzalloc(sizeof(struct dma_ops_domain), GFP_KERNEL);
1090 spin_lock_init(&dma_dom->domain.lock);
1092 dma_dom->domain.id = domain_id_alloc();
1093 if (dma_dom->domain.id == 0)
1095 dma_dom->domain.mode = PAGE_MODE_2_LEVEL;
1096 dma_dom->domain.pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1097 dma_dom->domain.flags = PD_DMA_OPS_MASK;
1098 dma_dom->domain.priv = dma_dom;
1099 if (!dma_dom->domain.pt_root)
1102 dma_dom->need_flush = false;
1103 dma_dom->target_dev = 0xffff;
1105 if (alloc_new_range(iommu, dma_dom, true, GFP_KERNEL))
1109 * mark the first page as allocated so we never return 0 as
1110 * a valid dma-address. So we can use 0 as error value
1112 dma_dom->aperture[0]->bitmap[0] = 1;
1113 dma_dom->next_address = 0;
1119 dma_ops_domain_free(dma_dom);
1125 * little helper function to check whether a given protection domain is a
1128 static bool dma_ops_domain(struct protection_domain *domain)
1130 return domain->flags & PD_DMA_OPS_MASK;
1134 * Find out the protection domain structure for a given PCI device. This
1135 * will give us the pointer to the page table root for example.
1137 static struct protection_domain *domain_for_device(u16 devid)
1139 struct protection_domain *dom;
1140 unsigned long flags;
1142 read_lock_irqsave(&amd_iommu_devtable_lock, flags);
1143 dom = amd_iommu_pd_table[devid];
1144 read_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1149 static void set_dte_entry(u16 devid, struct protection_domain *domain)
1151 u64 pte_root = virt_to_phys(domain->pt_root);
1153 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1154 << DEV_ENTRY_MODE_SHIFT;
1155 pte_root |= IOMMU_PTE_IR | IOMMU_PTE_IW | IOMMU_PTE_P | IOMMU_PTE_TV;
1157 amd_iommu_dev_table[devid].data[2] = domain->id;
1158 amd_iommu_dev_table[devid].data[1] = upper_32_bits(pte_root);
1159 amd_iommu_dev_table[devid].data[0] = lower_32_bits(pte_root);
1161 amd_iommu_pd_table[devid] = domain;
1165 * If a device is not yet associated with a domain, this function does
1166 * assigns it visible for the hardware
1168 static void __attach_device(struct amd_iommu *iommu,
1169 struct protection_domain *domain,
1173 spin_lock(&domain->lock);
1175 /* update DTE entry */
1176 set_dte_entry(devid, domain);
1178 domain->dev_cnt += 1;
1181 spin_unlock(&domain->lock);
1185 * If a device is not yet associated with a domain, this function does
1186 * assigns it visible for the hardware
1188 static void attach_device(struct amd_iommu *iommu,
1189 struct protection_domain *domain,
1192 unsigned long flags;
1194 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1195 __attach_device(iommu, domain, devid);
1196 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1199 * We might boot into a crash-kernel here. The crashed kernel
1200 * left the caches in the IOMMU dirty. So we have to flush
1201 * here to evict all dirty stuff.
1203 iommu_queue_inv_dev_entry(iommu, devid);
1204 iommu_flush_tlb_pde(iommu, domain->id);
1208 * Removes a device from a protection domain (unlocked)
1210 static void __detach_device(struct protection_domain *domain, u16 devid)
1214 spin_lock(&domain->lock);
1216 /* remove domain from the lookup table */
1217 amd_iommu_pd_table[devid] = NULL;
1219 /* remove entry from the device table seen by the hardware */
1220 amd_iommu_dev_table[devid].data[0] = IOMMU_PTE_P | IOMMU_PTE_TV;
1221 amd_iommu_dev_table[devid].data[1] = 0;
1222 amd_iommu_dev_table[devid].data[2] = 0;
1224 amd_iommu_apply_erratum_63(devid);
1226 /* decrease reference counter */
1227 domain->dev_cnt -= 1;
1230 spin_unlock(&domain->lock);
1233 * If we run in passthrough mode the device must be assigned to the
1234 * passthrough domain if it is detached from any other domain
1236 if (iommu_pass_through) {
1237 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1238 __attach_device(iommu, pt_domain, devid);
1243 * Removes a device from a protection domain (with devtable_lock held)
1245 static void detach_device(struct protection_domain *domain, u16 devid)
1247 unsigned long flags;
1249 /* lock device table */
1250 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1251 __detach_device(domain, devid);
1252 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1255 static int device_change_notifier(struct notifier_block *nb,
1256 unsigned long action, void *data)
1258 struct device *dev = data;
1259 struct pci_dev *pdev = to_pci_dev(dev);
1260 u16 devid = calc_devid(pdev->bus->number, pdev->devfn);
1261 struct protection_domain *domain;
1262 struct dma_ops_domain *dma_domain;
1263 struct amd_iommu *iommu;
1264 unsigned long flags;
1266 if (devid > amd_iommu_last_bdf)
1269 devid = amd_iommu_alias_table[devid];
1271 iommu = amd_iommu_rlookup_table[devid];
1275 domain = domain_for_device(devid);
1277 if (domain && !dma_ops_domain(domain))
1278 WARN_ONCE(1, "AMD IOMMU WARNING: device %s already bound "
1279 "to a non-dma-ops domain\n", dev_name(dev));
1282 case BUS_NOTIFY_UNBOUND_DRIVER:
1285 if (iommu_pass_through)
1287 detach_device(domain, devid);
1289 case BUS_NOTIFY_ADD_DEVICE:
1290 /* allocate a protection domain if a device is added */
1291 dma_domain = find_protection_domain(devid);
1294 dma_domain = dma_ops_domain_alloc(iommu);
1297 dma_domain->target_dev = devid;
1299 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1300 list_add_tail(&dma_domain->list, &iommu_pd_list);
1301 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1308 iommu_queue_inv_dev_entry(iommu, devid);
1309 iommu_completion_wait(iommu);
1315 static struct notifier_block device_nb = {
1316 .notifier_call = device_change_notifier,
1319 /*****************************************************************************
1321 * The next functions belong to the dma_ops mapping/unmapping code.
1323 *****************************************************************************/
1326 * This function checks if the driver got a valid device from the caller to
1327 * avoid dereferencing invalid pointers.
1329 static bool check_device(struct device *dev)
1331 if (!dev || !dev->dma_mask)
1338 * In this function the list of preallocated protection domains is traversed to
1339 * find the domain for a specific device
1341 static struct dma_ops_domain *find_protection_domain(u16 devid)
1343 struct dma_ops_domain *entry, *ret = NULL;
1344 unsigned long flags;
1346 if (list_empty(&iommu_pd_list))
1349 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1351 list_for_each_entry(entry, &iommu_pd_list, list) {
1352 if (entry->target_dev == devid) {
1358 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1364 * In the dma_ops path we only have the struct device. This function
1365 * finds the corresponding IOMMU, the protection domain and the
1366 * requestor id for a given device.
1367 * If the device is not yet associated with a domain this is also done
1370 static int get_device_resources(struct device *dev,
1371 struct amd_iommu **iommu,
1372 struct protection_domain **domain,
1375 struct dma_ops_domain *dma_dom;
1376 struct pci_dev *pcidev;
1383 if (dev->bus != &pci_bus_type)
1386 pcidev = to_pci_dev(dev);
1387 _bdf = calc_devid(pcidev->bus->number, pcidev->devfn);
1389 /* device not translated by any IOMMU in the system? */
1390 if (_bdf > amd_iommu_last_bdf)
1393 *bdf = amd_iommu_alias_table[_bdf];
1395 *iommu = amd_iommu_rlookup_table[*bdf];
1398 *domain = domain_for_device(*bdf);
1399 if (*domain == NULL) {
1400 dma_dom = find_protection_domain(*bdf);
1402 dma_dom = (*iommu)->default_dom;
1403 *domain = &dma_dom->domain;
1404 attach_device(*iommu, *domain, *bdf);
1405 DUMP_printk("Using protection domain %d for device %s\n",
1406 (*domain)->id, dev_name(dev));
1409 if (domain_for_device(_bdf) == NULL)
1410 attach_device(*iommu, *domain, _bdf);
1415 static void update_device_table(struct protection_domain *domain)
1417 unsigned long flags;
1420 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
1421 if (amd_iommu_pd_table[i] != domain)
1423 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1424 set_dte_entry(i, domain);
1425 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1429 static void update_domain(struct protection_domain *domain)
1431 if (!domain->updated)
1434 update_device_table(domain);
1435 flush_devices_by_domain(domain);
1436 iommu_flush_domain(domain->id);
1438 domain->updated = false;
1442 * This function is used to add another level to an IO page table. Adding
1443 * another level increases the size of the address space by 9 bits to a size up
1446 static bool increase_address_space(struct protection_domain *domain,
1451 if (domain->mode == PAGE_MODE_6_LEVEL)
1452 /* address space already 64 bit large */
1455 pte = (void *)get_zeroed_page(gfp);
1459 *pte = PM_LEVEL_PDE(domain->mode,
1460 virt_to_phys(domain->pt_root));
1461 domain->pt_root = pte;
1463 domain->updated = true;
1468 static u64 *alloc_pte(struct protection_domain *domain,
1469 unsigned long address,
1477 while (address > PM_LEVEL_SIZE(domain->mode))
1478 increase_address_space(domain, gfp);
1480 level = domain->mode - 1;
1481 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
1483 while (level > end_lvl) {
1484 if (!IOMMU_PTE_PRESENT(*pte)) {
1485 page = (u64 *)get_zeroed_page(gfp);
1488 *pte = PM_LEVEL_PDE(level, virt_to_phys(page));
1493 pte = IOMMU_PTE_PAGE(*pte);
1495 if (pte_page && level == end_lvl)
1498 pte = &pte[PM_LEVEL_INDEX(level, address)];
1505 * This function fetches the PTE for a given address in the aperture
1507 static u64* dma_ops_get_pte(struct dma_ops_domain *dom,
1508 unsigned long address)
1510 struct aperture_range *aperture;
1511 u64 *pte, *pte_page;
1513 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1517 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1519 pte = alloc_pte(&dom->domain, address, PM_MAP_4k, &pte_page,
1521 aperture->pte_pages[APERTURE_PAGE_INDEX(address)] = pte_page;
1523 pte += PM_LEVEL_INDEX(0, address);
1525 update_domain(&dom->domain);
1531 * This is the generic map function. It maps one 4kb page at paddr to
1532 * the given address in the DMA address space for the domain.
1534 static dma_addr_t dma_ops_domain_map(struct amd_iommu *iommu,
1535 struct dma_ops_domain *dom,
1536 unsigned long address,
1542 WARN_ON(address > dom->aperture_size);
1546 pte = dma_ops_get_pte(dom, address);
1548 return DMA_ERROR_CODE;
1550 __pte = paddr | IOMMU_PTE_P | IOMMU_PTE_FC;
1552 if (direction == DMA_TO_DEVICE)
1553 __pte |= IOMMU_PTE_IR;
1554 else if (direction == DMA_FROM_DEVICE)
1555 __pte |= IOMMU_PTE_IW;
1556 else if (direction == DMA_BIDIRECTIONAL)
1557 __pte |= IOMMU_PTE_IR | IOMMU_PTE_IW;
1563 return (dma_addr_t)address;
1567 * The generic unmapping function for on page in the DMA address space.
1569 static void dma_ops_domain_unmap(struct amd_iommu *iommu,
1570 struct dma_ops_domain *dom,
1571 unsigned long address)
1573 struct aperture_range *aperture;
1576 if (address >= dom->aperture_size)
1579 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1583 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1587 pte += PM_LEVEL_INDEX(0, address);
1595 * This function contains common code for mapping of a physically
1596 * contiguous memory region into DMA address space. It is used by all
1597 * mapping functions provided with this IOMMU driver.
1598 * Must be called with the domain lock held.
1600 static dma_addr_t __map_single(struct device *dev,
1601 struct amd_iommu *iommu,
1602 struct dma_ops_domain *dma_dom,
1609 dma_addr_t offset = paddr & ~PAGE_MASK;
1610 dma_addr_t address, start, ret;
1612 unsigned long align_mask = 0;
1615 pages = iommu_num_pages(paddr, size, PAGE_SIZE);
1618 INC_STATS_COUNTER(total_map_requests);
1621 INC_STATS_COUNTER(cross_page);
1624 align_mask = (1UL << get_order(size)) - 1;
1627 address = dma_ops_alloc_addresses(dev, dma_dom, pages, align_mask,
1629 if (unlikely(address == DMA_ERROR_CODE)) {
1631 * setting next_address here will let the address
1632 * allocator only scan the new allocated range in the
1633 * first run. This is a small optimization.
1635 dma_dom->next_address = dma_dom->aperture_size;
1637 if (alloc_new_range(iommu, dma_dom, false, GFP_ATOMIC))
1641 * aperture was sucessfully enlarged by 128 MB, try
1648 for (i = 0; i < pages; ++i) {
1649 ret = dma_ops_domain_map(iommu, dma_dom, start, paddr, dir);
1650 if (ret == DMA_ERROR_CODE)
1658 ADD_STATS_COUNTER(alloced_io_mem, size);
1660 if (unlikely(dma_dom->need_flush && !amd_iommu_unmap_flush)) {
1661 iommu_flush_tlb(iommu, dma_dom->domain.id);
1662 dma_dom->need_flush = false;
1663 } else if (unlikely(iommu_has_npcache(iommu)))
1664 iommu_flush_pages(iommu, dma_dom->domain.id, address, size);
1671 for (--i; i >= 0; --i) {
1673 dma_ops_domain_unmap(iommu, dma_dom, start);
1676 dma_ops_free_addresses(dma_dom, address, pages);
1678 return DMA_ERROR_CODE;
1682 * Does the reverse of the __map_single function. Must be called with
1683 * the domain lock held too
1685 static void __unmap_single(struct amd_iommu *iommu,
1686 struct dma_ops_domain *dma_dom,
1687 dma_addr_t dma_addr,
1691 dma_addr_t i, start;
1694 if ((dma_addr == DMA_ERROR_CODE) ||
1695 (dma_addr + size > dma_dom->aperture_size))
1698 pages = iommu_num_pages(dma_addr, size, PAGE_SIZE);
1699 dma_addr &= PAGE_MASK;
1702 for (i = 0; i < pages; ++i) {
1703 dma_ops_domain_unmap(iommu, dma_dom, start);
1707 SUB_STATS_COUNTER(alloced_io_mem, size);
1709 dma_ops_free_addresses(dma_dom, dma_addr, pages);
1711 if (amd_iommu_unmap_flush || dma_dom->need_flush) {
1712 iommu_flush_pages(iommu, dma_dom->domain.id, dma_addr, size);
1713 dma_dom->need_flush = false;
1718 * The exported map_single function for dma_ops.
1720 static dma_addr_t map_page(struct device *dev, struct page *page,
1721 unsigned long offset, size_t size,
1722 enum dma_data_direction dir,
1723 struct dma_attrs *attrs)
1725 unsigned long flags;
1726 struct amd_iommu *iommu;
1727 struct protection_domain *domain;
1731 phys_addr_t paddr = page_to_phys(page) + offset;
1733 INC_STATS_COUNTER(cnt_map_single);
1735 if (!check_device(dev))
1736 return DMA_ERROR_CODE;
1738 dma_mask = *dev->dma_mask;
1740 get_device_resources(dev, &iommu, &domain, &devid);
1742 if (iommu == NULL || domain == NULL)
1743 /* device not handled by any AMD IOMMU */
1744 return (dma_addr_t)paddr;
1746 if (!dma_ops_domain(domain))
1747 return DMA_ERROR_CODE;
1749 spin_lock_irqsave(&domain->lock, flags);
1750 addr = __map_single(dev, iommu, domain->priv, paddr, size, dir, false,
1752 if (addr == DMA_ERROR_CODE)
1755 iommu_completion_wait(iommu);
1758 spin_unlock_irqrestore(&domain->lock, flags);
1764 * The exported unmap_single function for dma_ops.
1766 static void unmap_page(struct device *dev, dma_addr_t dma_addr, size_t size,
1767 enum dma_data_direction dir, struct dma_attrs *attrs)
1769 unsigned long flags;
1770 struct amd_iommu *iommu;
1771 struct protection_domain *domain;
1774 INC_STATS_COUNTER(cnt_unmap_single);
1776 if (!check_device(dev) ||
1777 !get_device_resources(dev, &iommu, &domain, &devid))
1778 /* device not handled by any AMD IOMMU */
1781 if (!dma_ops_domain(domain))
1784 spin_lock_irqsave(&domain->lock, flags);
1786 __unmap_single(iommu, domain->priv, dma_addr, size, dir);
1788 iommu_completion_wait(iommu);
1790 spin_unlock_irqrestore(&domain->lock, flags);
1794 * This is a special map_sg function which is used if we should map a
1795 * device which is not handled by an AMD IOMMU in the system.
1797 static int map_sg_no_iommu(struct device *dev, struct scatterlist *sglist,
1798 int nelems, int dir)
1800 struct scatterlist *s;
1803 for_each_sg(sglist, s, nelems, i) {
1804 s->dma_address = (dma_addr_t)sg_phys(s);
1805 s->dma_length = s->length;
1812 * The exported map_sg function for dma_ops (handles scatter-gather
1815 static int map_sg(struct device *dev, struct scatterlist *sglist,
1816 int nelems, enum dma_data_direction dir,
1817 struct dma_attrs *attrs)
1819 unsigned long flags;
1820 struct amd_iommu *iommu;
1821 struct protection_domain *domain;
1824 struct scatterlist *s;
1826 int mapped_elems = 0;
1829 INC_STATS_COUNTER(cnt_map_sg);
1831 if (!check_device(dev))
1834 dma_mask = *dev->dma_mask;
1836 get_device_resources(dev, &iommu, &domain, &devid);
1838 if (!iommu || !domain)
1839 return map_sg_no_iommu(dev, sglist, nelems, dir);
1841 if (!dma_ops_domain(domain))
1844 spin_lock_irqsave(&domain->lock, flags);
1846 for_each_sg(sglist, s, nelems, i) {
1849 s->dma_address = __map_single(dev, iommu, domain->priv,
1850 paddr, s->length, dir, false,
1853 if (s->dma_address) {
1854 s->dma_length = s->length;
1860 iommu_completion_wait(iommu);
1863 spin_unlock_irqrestore(&domain->lock, flags);
1865 return mapped_elems;
1867 for_each_sg(sglist, s, mapped_elems, i) {
1869 __unmap_single(iommu, domain->priv, s->dma_address,
1870 s->dma_length, dir);
1871 s->dma_address = s->dma_length = 0;
1880 * The exported map_sg function for dma_ops (handles scatter-gather
1883 static void unmap_sg(struct device *dev, struct scatterlist *sglist,
1884 int nelems, enum dma_data_direction dir,
1885 struct dma_attrs *attrs)
1887 unsigned long flags;
1888 struct amd_iommu *iommu;
1889 struct protection_domain *domain;
1890 struct scatterlist *s;
1894 INC_STATS_COUNTER(cnt_unmap_sg);
1896 if (!check_device(dev) ||
1897 !get_device_resources(dev, &iommu, &domain, &devid))
1900 if (!dma_ops_domain(domain))
1903 spin_lock_irqsave(&domain->lock, flags);
1905 for_each_sg(sglist, s, nelems, i) {
1906 __unmap_single(iommu, domain->priv, s->dma_address,
1907 s->dma_length, dir);
1908 s->dma_address = s->dma_length = 0;
1911 iommu_completion_wait(iommu);
1913 spin_unlock_irqrestore(&domain->lock, flags);
1917 * The exported alloc_coherent function for dma_ops.
1919 static void *alloc_coherent(struct device *dev, size_t size,
1920 dma_addr_t *dma_addr, gfp_t flag)
1922 unsigned long flags;
1924 struct amd_iommu *iommu;
1925 struct protection_domain *domain;
1928 u64 dma_mask = dev->coherent_dma_mask;
1930 INC_STATS_COUNTER(cnt_alloc_coherent);
1932 if (!check_device(dev))
1935 if (!get_device_resources(dev, &iommu, &domain, &devid))
1936 flag &= ~(__GFP_DMA | __GFP_HIGHMEM | __GFP_DMA32);
1939 virt_addr = (void *)__get_free_pages(flag, get_order(size));
1943 paddr = virt_to_phys(virt_addr);
1945 if (!iommu || !domain) {
1946 *dma_addr = (dma_addr_t)paddr;
1950 if (!dma_ops_domain(domain))
1954 dma_mask = *dev->dma_mask;
1956 spin_lock_irqsave(&domain->lock, flags);
1958 *dma_addr = __map_single(dev, iommu, domain->priv, paddr,
1959 size, DMA_BIDIRECTIONAL, true, dma_mask);
1961 if (*dma_addr == DMA_ERROR_CODE) {
1962 spin_unlock_irqrestore(&domain->lock, flags);
1966 iommu_completion_wait(iommu);
1968 spin_unlock_irqrestore(&domain->lock, flags);
1974 free_pages((unsigned long)virt_addr, get_order(size));
1980 * The exported free_coherent function for dma_ops.
1982 static void free_coherent(struct device *dev, size_t size,
1983 void *virt_addr, dma_addr_t dma_addr)
1985 unsigned long flags;
1986 struct amd_iommu *iommu;
1987 struct protection_domain *domain;
1990 INC_STATS_COUNTER(cnt_free_coherent);
1992 if (!check_device(dev))
1995 get_device_resources(dev, &iommu, &domain, &devid);
1997 if (!iommu || !domain)
2000 if (!dma_ops_domain(domain))
2003 spin_lock_irqsave(&domain->lock, flags);
2005 __unmap_single(iommu, domain->priv, dma_addr, size, DMA_BIDIRECTIONAL);
2007 iommu_completion_wait(iommu);
2009 spin_unlock_irqrestore(&domain->lock, flags);
2012 free_pages((unsigned long)virt_addr, get_order(size));
2016 * This function is called by the DMA layer to find out if we can handle a
2017 * particular device. It is part of the dma_ops.
2019 static int amd_iommu_dma_supported(struct device *dev, u64 mask)
2022 struct pci_dev *pcidev;
2024 /* No device or no PCI device */
2025 if (!dev || dev->bus != &pci_bus_type)
2028 pcidev = to_pci_dev(dev);
2030 bdf = calc_devid(pcidev->bus->number, pcidev->devfn);
2032 /* Out of our scope? */
2033 if (bdf > amd_iommu_last_bdf)
2040 * The function for pre-allocating protection domains.
2042 * If the driver core informs the DMA layer if a driver grabs a device
2043 * we don't need to preallocate the protection domains anymore.
2044 * For now we have to.
2046 static void prealloc_protection_domains(void)
2048 struct pci_dev *dev = NULL;
2049 struct dma_ops_domain *dma_dom;
2050 struct amd_iommu *iommu;
2053 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2054 __devid = devid = calc_devid(dev->bus->number, dev->devfn);
2055 if (devid > amd_iommu_last_bdf)
2057 devid = amd_iommu_alias_table[devid];
2058 if (domain_for_device(devid))
2060 iommu = amd_iommu_rlookup_table[devid];
2063 dma_dom = dma_ops_domain_alloc(iommu);
2066 init_unity_mappings_for_device(dma_dom, devid);
2067 dma_dom->target_dev = devid;
2069 attach_device(iommu, &dma_dom->domain, devid);
2070 if (__devid != devid)
2071 attach_device(iommu, &dma_dom->domain, __devid);
2073 list_add_tail(&dma_dom->list, &iommu_pd_list);
2077 static struct dma_map_ops amd_iommu_dma_ops = {
2078 .alloc_coherent = alloc_coherent,
2079 .free_coherent = free_coherent,
2080 .map_page = map_page,
2081 .unmap_page = unmap_page,
2083 .unmap_sg = unmap_sg,
2084 .dma_supported = amd_iommu_dma_supported,
2088 * The function which clues the AMD IOMMU driver into dma_ops.
2090 int __init amd_iommu_init_dma_ops(void)
2092 struct amd_iommu *iommu;
2096 * first allocate a default protection domain for every IOMMU we
2097 * found in the system. Devices not assigned to any other
2098 * protection domain will be assigned to the default one.
2100 for_each_iommu(iommu) {
2101 iommu->default_dom = dma_ops_domain_alloc(iommu);
2102 if (iommu->default_dom == NULL)
2104 iommu->default_dom->domain.flags |= PD_DEFAULT_MASK;
2105 ret = iommu_init_unity_mappings(iommu);
2111 * If device isolation is enabled, pre-allocate the protection
2112 * domains for each device.
2114 if (amd_iommu_isolate)
2115 prealloc_protection_domains();
2119 #ifdef CONFIG_GART_IOMMU
2120 gart_iommu_aperture_disabled = 1;
2121 gart_iommu_aperture = 0;
2124 /* Make the driver finally visible to the drivers */
2125 dma_ops = &amd_iommu_dma_ops;
2127 register_iommu(&amd_iommu_ops);
2129 bus_register_notifier(&pci_bus_type, &device_nb);
2131 amd_iommu_stats_init();
2137 for_each_iommu(iommu) {
2138 if (iommu->default_dom)
2139 dma_ops_domain_free(iommu->default_dom);
2145 /*****************************************************************************
2147 * The following functions belong to the exported interface of AMD IOMMU
2149 * This interface allows access to lower level functions of the IOMMU
2150 * like protection domain handling and assignement of devices to domains
2151 * which is not possible with the dma_ops interface.
2153 *****************************************************************************/
2155 static void cleanup_domain(struct protection_domain *domain)
2157 unsigned long flags;
2160 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
2162 for (devid = 0; devid <= amd_iommu_last_bdf; ++devid)
2163 if (amd_iommu_pd_table[devid] == domain)
2164 __detach_device(domain, devid);
2166 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
2169 static void protection_domain_free(struct protection_domain *domain)
2175 domain_id_free(domain->id);
2180 static struct protection_domain *protection_domain_alloc(void)
2182 struct protection_domain *domain;
2184 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2188 spin_lock_init(&domain->lock);
2189 domain->id = domain_id_alloc();
2201 static int amd_iommu_domain_init(struct iommu_domain *dom)
2203 struct protection_domain *domain;
2205 domain = protection_domain_alloc();
2209 domain->mode = PAGE_MODE_3_LEVEL;
2210 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2211 if (!domain->pt_root)
2219 protection_domain_free(domain);
2224 static void amd_iommu_domain_destroy(struct iommu_domain *dom)
2226 struct protection_domain *domain = dom->priv;
2231 if (domain->dev_cnt > 0)
2232 cleanup_domain(domain);
2234 BUG_ON(domain->dev_cnt != 0);
2236 free_pagetable(domain);
2238 domain_id_free(domain->id);
2245 static void amd_iommu_detach_device(struct iommu_domain *dom,
2248 struct protection_domain *domain = dom->priv;
2249 struct amd_iommu *iommu;
2250 struct pci_dev *pdev;
2253 if (dev->bus != &pci_bus_type)
2256 pdev = to_pci_dev(dev);
2258 devid = calc_devid(pdev->bus->number, pdev->devfn);
2261 detach_device(domain, devid);
2263 iommu = amd_iommu_rlookup_table[devid];
2267 iommu_queue_inv_dev_entry(iommu, devid);
2268 iommu_completion_wait(iommu);
2271 static int amd_iommu_attach_device(struct iommu_domain *dom,
2274 struct protection_domain *domain = dom->priv;
2275 struct protection_domain *old_domain;
2276 struct amd_iommu *iommu;
2277 struct pci_dev *pdev;
2280 if (dev->bus != &pci_bus_type)
2283 pdev = to_pci_dev(dev);
2285 devid = calc_devid(pdev->bus->number, pdev->devfn);
2287 if (devid >= amd_iommu_last_bdf ||
2288 devid != amd_iommu_alias_table[devid])
2291 iommu = amd_iommu_rlookup_table[devid];
2295 old_domain = domain_for_device(devid);
2297 detach_device(old_domain, devid);
2299 attach_device(iommu, domain, devid);
2301 iommu_completion_wait(iommu);
2306 static int amd_iommu_map_range(struct iommu_domain *dom,
2307 unsigned long iova, phys_addr_t paddr,
2308 size_t size, int iommu_prot)
2310 struct protection_domain *domain = dom->priv;
2311 unsigned long i, npages = iommu_num_pages(paddr, size, PAGE_SIZE);
2315 if (iommu_prot & IOMMU_READ)
2316 prot |= IOMMU_PROT_IR;
2317 if (iommu_prot & IOMMU_WRITE)
2318 prot |= IOMMU_PROT_IW;
2323 for (i = 0; i < npages; ++i) {
2324 ret = iommu_map_page(domain, iova, paddr, prot, PM_MAP_4k);
2335 static void amd_iommu_unmap_range(struct iommu_domain *dom,
2336 unsigned long iova, size_t size)
2339 struct protection_domain *domain = dom->priv;
2340 unsigned long i, npages = iommu_num_pages(iova, size, PAGE_SIZE);
2344 for (i = 0; i < npages; ++i) {
2345 iommu_unmap_page(domain, iova, PM_MAP_4k);
2349 iommu_flush_domain(domain->id);
2352 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2355 struct protection_domain *domain = dom->priv;
2356 unsigned long offset = iova & ~PAGE_MASK;
2360 pte = fetch_pte(domain, iova, PM_MAP_4k);
2362 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2365 paddr = *pte & IOMMU_PAGE_MASK;
2371 static int amd_iommu_domain_has_cap(struct iommu_domain *domain,
2377 static struct iommu_ops amd_iommu_ops = {
2378 .domain_init = amd_iommu_domain_init,
2379 .domain_destroy = amd_iommu_domain_destroy,
2380 .attach_dev = amd_iommu_attach_device,
2381 .detach_dev = amd_iommu_detach_device,
2382 .map = amd_iommu_map_range,
2383 .unmap = amd_iommu_unmap_range,
2384 .iova_to_phys = amd_iommu_iova_to_phys,
2385 .domain_has_cap = amd_iommu_domain_has_cap,
2388 /*****************************************************************************
2390 * The next functions do a basic initialization of IOMMU for pass through
2393 * In passthrough mode the IOMMU is initialized and enabled but not used for
2394 * DMA-API translation.
2396 *****************************************************************************/
2398 int __init amd_iommu_init_passthrough(void)
2400 struct pci_dev *dev = NULL;
2403 /* allocate passthroug domain */
2404 pt_domain = protection_domain_alloc();
2408 pt_domain->mode |= PAGE_MODE_NONE;
2410 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2411 struct amd_iommu *iommu;
2413 devid = calc_devid(dev->bus->number, dev->devfn);
2414 if (devid > amd_iommu_last_bdf)
2417 devid2 = amd_iommu_alias_table[devid];
2419 iommu = amd_iommu_rlookup_table[devid2];
2423 __attach_device(iommu, pt_domain, devid);
2424 __attach_device(iommu, pt_domain, devid2);
2427 pr_info("AMD-Vi: Initialized for Passthrough Mode\n");
projects / mv-sheeva.git / blob