2 * Copyright (C) 2007-2008 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
4 * Leo Duran <leo.duran@amd.com>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published
8 * by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/pci.h>
21 #include <linux/gfp.h>
22 #include <linux/bitops.h>
23 #include <linux/debugfs.h>
24 #include <linux/scatterlist.h>
25 #include <linux/dma-mapping.h>
26 #include <linux/iommu-helper.h>
27 #include <linux/iommu.h>
28 #include <asm/proto.h>
29 #include <asm/iommu.h>
31 #include <asm/amd_iommu_types.h>
32 #include <asm/amd_iommu.h>
34 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
36 #define EXIT_LOOP_COUNT 10000000
38 static DEFINE_RWLOCK(amd_iommu_devtable_lock);
40 /* A list of preallocated protection domains */
41 static LIST_HEAD(iommu_pd_list);
42 static DEFINE_SPINLOCK(iommu_pd_list_lock);
45 * Domain for untranslated devices - only allocated
46 * if iommu=pt passed on kernel cmd line.
48 static struct protection_domain *pt_domain;
50 static struct iommu_ops amd_iommu_ops;
53 * general struct to manage commands send to an IOMMU
59 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
60 struct unity_map_entry *e);
61 static struct dma_ops_domain *find_protection_domain(u16 devid);
62 static u64 *alloc_pte(struct protection_domain *domain,
63 unsigned long address, int end_lvl,
64 u64 **pte_page, gfp_t gfp);
65 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
66 unsigned long start_page,
68 static void reset_iommu_command_buffer(struct amd_iommu *iommu);
69 static u64 *fetch_pte(struct protection_domain *domain,
70 unsigned long address, int map_size);
71 static void update_domain(struct protection_domain *domain);
73 #ifdef CONFIG_AMD_IOMMU_STATS
76 * Initialization code for statistics collection
79 DECLARE_STATS_COUNTER(compl_wait);
80 DECLARE_STATS_COUNTER(cnt_map_single);
81 DECLARE_STATS_COUNTER(cnt_unmap_single);
82 DECLARE_STATS_COUNTER(cnt_map_sg);
83 DECLARE_STATS_COUNTER(cnt_unmap_sg);
84 DECLARE_STATS_COUNTER(cnt_alloc_coherent);
85 DECLARE_STATS_COUNTER(cnt_free_coherent);
86 DECLARE_STATS_COUNTER(cross_page);
87 DECLARE_STATS_COUNTER(domain_flush_single);
88 DECLARE_STATS_COUNTER(domain_flush_all);
89 DECLARE_STATS_COUNTER(alloced_io_mem);
90 DECLARE_STATS_COUNTER(total_map_requests);
92 static struct dentry *stats_dir;
93 static struct dentry *de_isolate;
94 static struct dentry *de_fflush;
96 static void amd_iommu_stats_add(struct __iommu_counter *cnt)
98 if (stats_dir == NULL)
101 cnt->dent = debugfs_create_u64(cnt->name, 0444, stats_dir,
105 static void amd_iommu_stats_init(void)
107 stats_dir = debugfs_create_dir("amd-iommu", NULL);
108 if (stats_dir == NULL)
111 de_isolate = debugfs_create_bool("isolation", 0444, stats_dir,
112 (u32 *)&amd_iommu_isolate);
114 de_fflush = debugfs_create_bool("fullflush", 0444, stats_dir,
115 (u32 *)&amd_iommu_unmap_flush);
117 amd_iommu_stats_add(&compl_wait);
118 amd_iommu_stats_add(&cnt_map_single);
119 amd_iommu_stats_add(&cnt_unmap_single);
120 amd_iommu_stats_add(&cnt_map_sg);
121 amd_iommu_stats_add(&cnt_unmap_sg);
122 amd_iommu_stats_add(&cnt_alloc_coherent);
123 amd_iommu_stats_add(&cnt_free_coherent);
124 amd_iommu_stats_add(&cross_page);
125 amd_iommu_stats_add(&domain_flush_single);
126 amd_iommu_stats_add(&domain_flush_all);
127 amd_iommu_stats_add(&alloced_io_mem);
128 amd_iommu_stats_add(&total_map_requests);
133 /* returns !0 if the IOMMU is caching non-present entries in its TLB */
134 static int iommu_has_npcache(struct amd_iommu *iommu)
136 return iommu->cap & (1UL << IOMMU_CAP_NPCACHE);
139 /****************************************************************************
141 * Interrupt handling functions
143 ****************************************************************************/
145 static void dump_dte_entry(u16 devid)
149 for (i = 0; i < 8; ++i)
150 pr_err("AMD-Vi: DTE[%d]: %08x\n", i,
151 amd_iommu_dev_table[devid].data[i]);
154 static void dump_command(unsigned long phys_addr)
156 struct iommu_cmd *cmd = phys_to_virt(phys_addr);
159 for (i = 0; i < 4; ++i)
160 pr_err("AMD-Vi: CMD[%d]: %08x\n", i, cmd->data[i]);
163 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
166 int type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
167 int devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
168 int domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
169 int flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
170 u64 address = (u64)(((u64)event[3]) << 32) | event[2];
172 printk(KERN_ERR "AMD-Vi: Event logged [");
175 case EVENT_TYPE_ILL_DEV:
176 printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
177 "address=0x%016llx flags=0x%04x]\n",
178 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
180 dump_dte_entry(devid);
182 case EVENT_TYPE_IO_FAULT:
183 printk("IO_PAGE_FAULT device=%02x:%02x.%x "
184 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
185 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
186 domid, address, flags);
188 case EVENT_TYPE_DEV_TAB_ERR:
189 printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
190 "address=0x%016llx flags=0x%04x]\n",
191 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
194 case EVENT_TYPE_PAGE_TAB_ERR:
195 printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
196 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
197 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
198 domid, address, flags);
200 case EVENT_TYPE_ILL_CMD:
201 printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
202 reset_iommu_command_buffer(iommu);
203 dump_command(address);
205 case EVENT_TYPE_CMD_HARD_ERR:
206 printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
207 "flags=0x%04x]\n", address, flags);
209 case EVENT_TYPE_IOTLB_INV_TO:
210 printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
211 "address=0x%016llx]\n",
212 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
215 case EVENT_TYPE_INV_DEV_REQ:
216 printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
217 "address=0x%016llx flags=0x%04x]\n",
218 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
222 printk(KERN_ERR "UNKNOWN type=0x%02x]\n", type);
226 static void iommu_poll_events(struct amd_iommu *iommu)
231 spin_lock_irqsave(&iommu->lock, flags);
233 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
234 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
236 while (head != tail) {
237 iommu_print_event(iommu, iommu->evt_buf + head);
238 head = (head + EVENT_ENTRY_SIZE) % iommu->evt_buf_size;
241 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
243 spin_unlock_irqrestore(&iommu->lock, flags);
246 irqreturn_t amd_iommu_int_handler(int irq, void *data)
248 struct amd_iommu *iommu;
250 for_each_iommu(iommu)
251 iommu_poll_events(iommu);
256 /****************************************************************************
258 * IOMMU command queuing functions
260 ****************************************************************************/
263 * Writes the command to the IOMMUs command buffer and informs the
264 * hardware about the new command. Must be called with iommu->lock held.
266 static int __iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
271 tail = readl(iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
272 target = iommu->cmd_buf + tail;
273 memcpy_toio(target, cmd, sizeof(*cmd));
274 tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
275 head = readl(iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
278 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
284 * General queuing function for commands. Takes iommu->lock and calls
285 * __iommu_queue_command().
287 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
292 spin_lock_irqsave(&iommu->lock, flags);
293 ret = __iommu_queue_command(iommu, cmd);
295 iommu->need_sync = true;
296 spin_unlock_irqrestore(&iommu->lock, flags);
302 * This function waits until an IOMMU has completed a completion
305 static void __iommu_wait_for_completion(struct amd_iommu *iommu)
311 INC_STATS_COUNTER(compl_wait);
313 while (!ready && (i < EXIT_LOOP_COUNT)) {
315 /* wait for the bit to become one */
316 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
317 ready = status & MMIO_STATUS_COM_WAIT_INT_MASK;
320 /* set bit back to zero */
321 status &= ~MMIO_STATUS_COM_WAIT_INT_MASK;
322 writel(status, iommu->mmio_base + MMIO_STATUS_OFFSET);
324 if (unlikely(i == EXIT_LOOP_COUNT)) {
325 spin_unlock(&iommu->lock);
326 reset_iommu_command_buffer(iommu);
327 spin_lock(&iommu->lock);
332 * This function queues a completion wait command into the command
335 static int __iommu_completion_wait(struct amd_iommu *iommu)
337 struct iommu_cmd cmd;
339 memset(&cmd, 0, sizeof(cmd));
340 cmd.data[0] = CMD_COMPL_WAIT_INT_MASK;
341 CMD_SET_TYPE(&cmd, CMD_COMPL_WAIT);
343 return __iommu_queue_command(iommu, &cmd);
347 * This function is called whenever we need to ensure that the IOMMU has
348 * completed execution of all commands we sent. It sends a
349 * COMPLETION_WAIT command and waits for it to finish. The IOMMU informs
350 * us about that by writing a value to a physical address we pass with
353 static int iommu_completion_wait(struct amd_iommu *iommu)
358 spin_lock_irqsave(&iommu->lock, flags);
360 if (!iommu->need_sync)
363 ret = __iommu_completion_wait(iommu);
365 iommu->need_sync = false;
370 __iommu_wait_for_completion(iommu);
373 spin_unlock_irqrestore(&iommu->lock, flags);
379 * Command send function for invalidating a device table entry
381 static int iommu_queue_inv_dev_entry(struct amd_iommu *iommu, u16 devid)
383 struct iommu_cmd cmd;
386 BUG_ON(iommu == NULL);
388 memset(&cmd, 0, sizeof(cmd));
389 CMD_SET_TYPE(&cmd, CMD_INV_DEV_ENTRY);
392 ret = iommu_queue_command(iommu, &cmd);
397 static void __iommu_build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
398 u16 domid, int pde, int s)
400 memset(cmd, 0, sizeof(*cmd));
401 address &= PAGE_MASK;
402 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
403 cmd->data[1] |= domid;
404 cmd->data[2] = lower_32_bits(address);
405 cmd->data[3] = upper_32_bits(address);
406 if (s) /* size bit - we flush more than one 4kb page */
407 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
408 if (pde) /* PDE bit - we wan't flush everything not only the PTEs */
409 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
413 * Generic command send function for invalidaing TLB entries
415 static int iommu_queue_inv_iommu_pages(struct amd_iommu *iommu,
416 u64 address, u16 domid, int pde, int s)
418 struct iommu_cmd cmd;
421 __iommu_build_inv_iommu_pages(&cmd, address, domid, pde, s);
423 ret = iommu_queue_command(iommu, &cmd);
429 * TLB invalidation function which is called from the mapping functions.
430 * It invalidates a single PTE if the range to flush is within a single
431 * page. Otherwise it flushes the whole TLB of the IOMMU.
433 static int iommu_flush_pages(struct amd_iommu *iommu, u16 domid,
434 u64 address, size_t size)
437 unsigned pages = iommu_num_pages(address, size, PAGE_SIZE);
439 address &= PAGE_MASK;
443 * If we have to flush more than one page, flush all
444 * TLB entries for this domain
446 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
450 iommu_queue_inv_iommu_pages(iommu, address, domid, 0, s);
455 /* Flush the whole IO/TLB for a given protection domain */
456 static void iommu_flush_tlb(struct amd_iommu *iommu, u16 domid)
458 u64 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
460 INC_STATS_COUNTER(domain_flush_single);
462 iommu_queue_inv_iommu_pages(iommu, address, domid, 0, 1);
465 /* Flush the whole IO/TLB for a given protection domain - including PDE */
466 static void iommu_flush_tlb_pde(struct amd_iommu *iommu, u16 domid)
468 u64 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
470 INC_STATS_COUNTER(domain_flush_single);
472 iommu_queue_inv_iommu_pages(iommu, address, domid, 1, 1);
476 * This function flushes one domain on one IOMMU
478 static void flush_domain_on_iommu(struct amd_iommu *iommu, u16 domid)
480 struct iommu_cmd cmd;
483 __iommu_build_inv_iommu_pages(&cmd, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
486 spin_lock_irqsave(&iommu->lock, flags);
487 __iommu_queue_command(iommu, &cmd);
488 __iommu_completion_wait(iommu);
489 __iommu_wait_for_completion(iommu);
490 spin_unlock_irqrestore(&iommu->lock, flags);
493 static void flush_all_domains_on_iommu(struct amd_iommu *iommu)
497 for (i = 1; i < MAX_DOMAIN_ID; ++i) {
498 if (!test_bit(i, amd_iommu_pd_alloc_bitmap))
500 flush_domain_on_iommu(iommu, i);
506 * This function is used to flush the IO/TLB for a given protection domain
507 * on every IOMMU in the system
509 static void iommu_flush_domain(u16 domid)
511 struct amd_iommu *iommu;
513 INC_STATS_COUNTER(domain_flush_all);
515 for_each_iommu(iommu)
516 flush_domain_on_iommu(iommu, domid);
519 void amd_iommu_flush_all_domains(void)
521 struct amd_iommu *iommu;
523 for_each_iommu(iommu)
524 flush_all_domains_on_iommu(iommu);
527 static void flush_all_devices_for_iommu(struct amd_iommu *iommu)
531 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
532 if (iommu != amd_iommu_rlookup_table[i])
535 iommu_queue_inv_dev_entry(iommu, i);
536 iommu_completion_wait(iommu);
540 static void flush_devices_by_domain(struct protection_domain *domain)
542 struct amd_iommu *iommu;
545 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
546 if ((domain == NULL && amd_iommu_pd_table[i] == NULL) ||
547 (amd_iommu_pd_table[i] != domain))
550 iommu = amd_iommu_rlookup_table[i];
554 iommu_queue_inv_dev_entry(iommu, i);
555 iommu_completion_wait(iommu);
559 static void reset_iommu_command_buffer(struct amd_iommu *iommu)
561 pr_err("AMD-Vi: Resetting IOMMU command buffer\n");
563 if (iommu->reset_in_progress)
564 panic("AMD-Vi: ILLEGAL_COMMAND_ERROR while resetting command buffer\n");
566 iommu->reset_in_progress = true;
568 amd_iommu_reset_cmd_buffer(iommu);
569 flush_all_devices_for_iommu(iommu);
570 flush_all_domains_on_iommu(iommu);
572 iommu->reset_in_progress = false;
575 void amd_iommu_flush_all_devices(void)
577 flush_devices_by_domain(NULL);
580 /****************************************************************************
582 * The functions below are used the create the page table mappings for
583 * unity mapped regions.
585 ****************************************************************************/
588 * Generic mapping functions. It maps a physical address into a DMA
589 * address space. It allocates the page table pages if necessary.
590 * In the future it can be extended to a generic mapping function
591 * supporting all features of AMD IOMMU page tables like level skipping
592 * and full 64 bit address spaces.
594 static int iommu_map_page(struct protection_domain *dom,
595 unsigned long bus_addr,
596 unsigned long phys_addr,
602 bus_addr = PAGE_ALIGN(bus_addr);
603 phys_addr = PAGE_ALIGN(phys_addr);
605 BUG_ON(!PM_ALIGNED(map_size, bus_addr));
606 BUG_ON(!PM_ALIGNED(map_size, phys_addr));
608 if (!(prot & IOMMU_PROT_MASK))
611 pte = alloc_pte(dom, bus_addr, map_size, NULL, GFP_KERNEL);
613 if (IOMMU_PTE_PRESENT(*pte))
616 __pte = phys_addr | IOMMU_PTE_P;
617 if (prot & IOMMU_PROT_IR)
618 __pte |= IOMMU_PTE_IR;
619 if (prot & IOMMU_PROT_IW)
620 __pte |= IOMMU_PTE_IW;
629 static void iommu_unmap_page(struct protection_domain *dom,
630 unsigned long bus_addr, int map_size)
632 u64 *pte = fetch_pte(dom, bus_addr, map_size);
639 * This function checks if a specific unity mapping entry is needed for
640 * this specific IOMMU.
642 static int iommu_for_unity_map(struct amd_iommu *iommu,
643 struct unity_map_entry *entry)
647 for (i = entry->devid_start; i <= entry->devid_end; ++i) {
648 bdf = amd_iommu_alias_table[i];
649 if (amd_iommu_rlookup_table[bdf] == iommu)
657 * Init the unity mappings for a specific IOMMU in the system
659 * Basically iterates over all unity mapping entries and applies them to
660 * the default domain DMA of that IOMMU if necessary.
662 static int iommu_init_unity_mappings(struct amd_iommu *iommu)
664 struct unity_map_entry *entry;
667 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
668 if (!iommu_for_unity_map(iommu, entry))
670 ret = dma_ops_unity_map(iommu->default_dom, entry);
679 * This function actually applies the mapping to the page table of the
682 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
683 struct unity_map_entry *e)
688 for (addr = e->address_start; addr < e->address_end;
690 ret = iommu_map_page(&dma_dom->domain, addr, addr, e->prot,
695 * if unity mapping is in aperture range mark the page
696 * as allocated in the aperture
698 if (addr < dma_dom->aperture_size)
699 __set_bit(addr >> PAGE_SHIFT,
700 dma_dom->aperture[0]->bitmap);
707 * Inits the unity mappings required for a specific device
709 static int init_unity_mappings_for_device(struct dma_ops_domain *dma_dom,
712 struct unity_map_entry *e;
715 list_for_each_entry(e, &amd_iommu_unity_map, list) {
716 if (!(devid >= e->devid_start && devid <= e->devid_end))
718 ret = dma_ops_unity_map(dma_dom, e);
726 /****************************************************************************
728 * The next functions belong to the address allocator for the dma_ops
729 * interface functions. They work like the allocators in the other IOMMU
730 * drivers. Its basically a bitmap which marks the allocated pages in
731 * the aperture. Maybe it could be enhanced in the future to a more
732 * efficient allocator.
734 ****************************************************************************/
737 * The address allocator core functions.
739 * called with domain->lock held
743 * This function checks if there is a PTE for a given dma address. If
744 * there is one, it returns the pointer to it.
746 static u64 *fetch_pte(struct protection_domain *domain,
747 unsigned long address, int map_size)
752 level = domain->mode - 1;
753 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
755 while (level > map_size) {
756 if (!IOMMU_PTE_PRESENT(*pte))
761 pte = IOMMU_PTE_PAGE(*pte);
762 pte = &pte[PM_LEVEL_INDEX(level, address)];
764 if ((PM_PTE_LEVEL(*pte) == 0) && level != map_size) {
774 * This function is used to add a new aperture range to an existing
775 * aperture in case of dma_ops domain allocation or address allocation
778 static int alloc_new_range(struct amd_iommu *iommu,
779 struct dma_ops_domain *dma_dom,
780 bool populate, gfp_t gfp)
782 int index = dma_dom->aperture_size >> APERTURE_RANGE_SHIFT;
785 #ifdef CONFIG_IOMMU_STRESS
789 if (index >= APERTURE_MAX_RANGES)
792 dma_dom->aperture[index] = kzalloc(sizeof(struct aperture_range), gfp);
793 if (!dma_dom->aperture[index])
796 dma_dom->aperture[index]->bitmap = (void *)get_zeroed_page(gfp);
797 if (!dma_dom->aperture[index]->bitmap)
800 dma_dom->aperture[index]->offset = dma_dom->aperture_size;
803 unsigned long address = dma_dom->aperture_size;
804 int i, num_ptes = APERTURE_RANGE_PAGES / 512;
807 for (i = 0; i < num_ptes; ++i) {
808 pte = alloc_pte(&dma_dom->domain, address, PM_MAP_4k,
813 dma_dom->aperture[index]->pte_pages[i] = pte_page;
815 address += APERTURE_RANGE_SIZE / 64;
819 dma_dom->aperture_size += APERTURE_RANGE_SIZE;
821 /* Intialize the exclusion range if necessary */
822 if (iommu->exclusion_start &&
823 iommu->exclusion_start >= dma_dom->aperture[index]->offset &&
824 iommu->exclusion_start < dma_dom->aperture_size) {
825 unsigned long startpage = iommu->exclusion_start >> PAGE_SHIFT;
826 int pages = iommu_num_pages(iommu->exclusion_start,
827 iommu->exclusion_length,
829 dma_ops_reserve_addresses(dma_dom, startpage, pages);
833 * Check for areas already mapped as present in the new aperture
834 * range and mark those pages as reserved in the allocator. Such
835 * mappings may already exist as a result of requested unity
836 * mappings for devices.
838 for (i = dma_dom->aperture[index]->offset;
839 i < dma_dom->aperture_size;
841 u64 *pte = fetch_pte(&dma_dom->domain, i, PM_MAP_4k);
842 if (!pte || !IOMMU_PTE_PRESENT(*pte))
845 dma_ops_reserve_addresses(dma_dom, i << PAGE_SHIFT, 1);
848 update_domain(&dma_dom->domain);
853 update_domain(&dma_dom->domain);
855 free_page((unsigned long)dma_dom->aperture[index]->bitmap);
857 kfree(dma_dom->aperture[index]);
858 dma_dom->aperture[index] = NULL;
863 static unsigned long dma_ops_area_alloc(struct device *dev,
864 struct dma_ops_domain *dom,
866 unsigned long align_mask,
870 unsigned long next_bit = dom->next_address % APERTURE_RANGE_SIZE;
871 int max_index = dom->aperture_size >> APERTURE_RANGE_SHIFT;
872 int i = start >> APERTURE_RANGE_SHIFT;
873 unsigned long boundary_size;
874 unsigned long address = -1;
877 next_bit >>= PAGE_SHIFT;
879 boundary_size = ALIGN(dma_get_seg_boundary(dev) + 1,
880 PAGE_SIZE) >> PAGE_SHIFT;
882 for (;i < max_index; ++i) {
883 unsigned long offset = dom->aperture[i]->offset >> PAGE_SHIFT;
885 if (dom->aperture[i]->offset >= dma_mask)
888 limit = iommu_device_max_index(APERTURE_RANGE_PAGES, offset,
889 dma_mask >> PAGE_SHIFT);
891 address = iommu_area_alloc(dom->aperture[i]->bitmap,
892 limit, next_bit, pages, 0,
893 boundary_size, align_mask);
895 address = dom->aperture[i]->offset +
896 (address << PAGE_SHIFT);
897 dom->next_address = address + (pages << PAGE_SHIFT);
907 static unsigned long dma_ops_alloc_addresses(struct device *dev,
908 struct dma_ops_domain *dom,
910 unsigned long align_mask,
913 unsigned long address;
915 #ifdef CONFIG_IOMMU_STRESS
916 dom->next_address = 0;
917 dom->need_flush = true;
920 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
921 dma_mask, dom->next_address);
924 dom->next_address = 0;
925 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
927 dom->need_flush = true;
930 if (unlikely(address == -1))
931 address = DMA_ERROR_CODE;
933 WARN_ON((address + (PAGE_SIZE*pages)) > dom->aperture_size);
939 * The address free function.
941 * called with domain->lock held
943 static void dma_ops_free_addresses(struct dma_ops_domain *dom,
944 unsigned long address,
947 unsigned i = address >> APERTURE_RANGE_SHIFT;
948 struct aperture_range *range = dom->aperture[i];
950 BUG_ON(i >= APERTURE_MAX_RANGES || range == NULL);
952 #ifdef CONFIG_IOMMU_STRESS
957 if (address >= dom->next_address)
958 dom->need_flush = true;
960 address = (address % APERTURE_RANGE_SIZE) >> PAGE_SHIFT;
962 iommu_area_free(range->bitmap, address, pages);
966 /****************************************************************************
968 * The next functions belong to the domain allocation. A domain is
969 * allocated for every IOMMU as the default domain. If device isolation
970 * is enabled, every device get its own domain. The most important thing
971 * about domains is the page table mapping the DMA address space they
974 ****************************************************************************/
976 static u16 domain_id_alloc(void)
981 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
982 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
984 if (id > 0 && id < MAX_DOMAIN_ID)
985 __set_bit(id, amd_iommu_pd_alloc_bitmap);
988 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
993 static void domain_id_free(int id)
997 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
998 if (id > 0 && id < MAX_DOMAIN_ID)
999 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1000 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1004 * Used to reserve address ranges in the aperture (e.g. for exclusion
1007 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
1008 unsigned long start_page,
1011 unsigned int i, last_page = dom->aperture_size >> PAGE_SHIFT;
1013 if (start_page + pages > last_page)
1014 pages = last_page - start_page;
1016 for (i = start_page; i < start_page + pages; ++i) {
1017 int index = i / APERTURE_RANGE_PAGES;
1018 int page = i % APERTURE_RANGE_PAGES;
1019 __set_bit(page, dom->aperture[index]->bitmap);
1023 static void free_pagetable(struct protection_domain *domain)
1028 p1 = domain->pt_root;
1033 for (i = 0; i < 512; ++i) {
1034 if (!IOMMU_PTE_PRESENT(p1[i]))
1037 p2 = IOMMU_PTE_PAGE(p1[i]);
1038 for (j = 0; j < 512; ++j) {
1039 if (!IOMMU_PTE_PRESENT(p2[j]))
1041 p3 = IOMMU_PTE_PAGE(p2[j]);
1042 free_page((unsigned long)p3);
1045 free_page((unsigned long)p2);
1048 free_page((unsigned long)p1);
1050 domain->pt_root = NULL;
1054 * Free a domain, only used if something went wrong in the
1055 * allocation path and we need to free an already allocated page table
1057 static void dma_ops_domain_free(struct dma_ops_domain *dom)
1064 free_pagetable(&dom->domain);
1066 for (i = 0; i < APERTURE_MAX_RANGES; ++i) {
1067 if (!dom->aperture[i])
1069 free_page((unsigned long)dom->aperture[i]->bitmap);
1070 kfree(dom->aperture[i]);
1077 * Allocates a new protection domain usable for the dma_ops functions.
1078 * It also intializes the page table and the address allocator data
1079 * structures required for the dma_ops interface
1081 static struct dma_ops_domain *dma_ops_domain_alloc(struct amd_iommu *iommu)
1083 struct dma_ops_domain *dma_dom;
1085 dma_dom = kzalloc(sizeof(struct dma_ops_domain), GFP_KERNEL);
1089 spin_lock_init(&dma_dom->domain.lock);
1091 dma_dom->domain.id = domain_id_alloc();
1092 if (dma_dom->domain.id == 0)
1094 dma_dom->domain.mode = PAGE_MODE_2_LEVEL;
1095 dma_dom->domain.pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1096 dma_dom->domain.flags = PD_DMA_OPS_MASK;
1097 dma_dom->domain.priv = dma_dom;
1098 if (!dma_dom->domain.pt_root)
1101 dma_dom->need_flush = false;
1102 dma_dom->target_dev = 0xffff;
1104 if (alloc_new_range(iommu, dma_dom, true, GFP_KERNEL))
1108 * mark the first page as allocated so we never return 0 as
1109 * a valid dma-address. So we can use 0 as error value
1111 dma_dom->aperture[0]->bitmap[0] = 1;
1112 dma_dom->next_address = 0;
1118 dma_ops_domain_free(dma_dom);
1124 * little helper function to check whether a given protection domain is a
1127 static bool dma_ops_domain(struct protection_domain *domain)
1129 return domain->flags & PD_DMA_OPS_MASK;
1133 * Find out the protection domain structure for a given PCI device. This
1134 * will give us the pointer to the page table root for example.
1136 static struct protection_domain *domain_for_device(u16 devid)
1138 struct protection_domain *dom;
1139 unsigned long flags;
1141 read_lock_irqsave(&amd_iommu_devtable_lock, flags);
1142 dom = amd_iommu_pd_table[devid];
1143 read_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1148 static void set_dte_entry(u16 devid, struct protection_domain *domain)
1150 u64 pte_root = virt_to_phys(domain->pt_root);
1152 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1153 << DEV_ENTRY_MODE_SHIFT;
1154 pte_root |= IOMMU_PTE_IR | IOMMU_PTE_IW | IOMMU_PTE_P | IOMMU_PTE_TV;
1156 amd_iommu_dev_table[devid].data[2] = domain->id;
1157 amd_iommu_dev_table[devid].data[1] = upper_32_bits(pte_root);
1158 amd_iommu_dev_table[devid].data[0] = lower_32_bits(pte_root);
1160 amd_iommu_pd_table[devid] = domain;
1164 * If a device is not yet associated with a domain, this function does
1165 * assigns it visible for the hardware
1167 static void __attach_device(struct amd_iommu *iommu,
1168 struct protection_domain *domain,
1172 spin_lock(&domain->lock);
1174 /* update DTE entry */
1175 set_dte_entry(devid, domain);
1177 domain->dev_cnt += 1;
1180 spin_unlock(&domain->lock);
1184 * If a device is not yet associated with a domain, this function does
1185 * assigns it visible for the hardware
1187 static void attach_device(struct amd_iommu *iommu,
1188 struct protection_domain *domain,
1191 unsigned long flags;
1193 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1194 __attach_device(iommu, domain, devid);
1195 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1198 * We might boot into a crash-kernel here. The crashed kernel
1199 * left the caches in the IOMMU dirty. So we have to flush
1200 * here to evict all dirty stuff.
1202 iommu_queue_inv_dev_entry(iommu, devid);
1203 iommu_flush_tlb_pde(iommu, domain->id);
1207 * Removes a device from a protection domain (unlocked)
1209 static void __detach_device(struct protection_domain *domain, u16 devid)
1213 spin_lock(&domain->lock);
1215 /* remove domain from the lookup table */
1216 amd_iommu_pd_table[devid] = NULL;
1218 /* remove entry from the device table seen by the hardware */
1219 amd_iommu_dev_table[devid].data[0] = IOMMU_PTE_P | IOMMU_PTE_TV;
1220 amd_iommu_dev_table[devid].data[1] = 0;
1221 amd_iommu_dev_table[devid].data[2] = 0;
1223 amd_iommu_apply_erratum_63(devid);
1225 /* decrease reference counter */
1226 domain->dev_cnt -= 1;
1229 spin_unlock(&domain->lock);
1232 * If we run in passthrough mode the device must be assigned to the
1233 * passthrough domain if it is detached from any other domain
1235 if (iommu_pass_through) {
1236 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1237 __attach_device(iommu, pt_domain, devid);
1242 * Removes a device from a protection domain (with devtable_lock held)
1244 static void detach_device(struct protection_domain *domain, u16 devid)
1246 unsigned long flags;
1248 /* lock device table */
1249 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1250 __detach_device(domain, devid);
1251 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1254 static int device_change_notifier(struct notifier_block *nb,
1255 unsigned long action, void *data)
1257 struct device *dev = data;
1258 struct pci_dev *pdev = to_pci_dev(dev);
1259 u16 devid = calc_devid(pdev->bus->number, pdev->devfn);
1260 struct protection_domain *domain;
1261 struct dma_ops_domain *dma_domain;
1262 struct amd_iommu *iommu;
1263 unsigned long flags;
1265 if (devid > amd_iommu_last_bdf)
1268 devid = amd_iommu_alias_table[devid];
1270 iommu = amd_iommu_rlookup_table[devid];
1274 domain = domain_for_device(devid);
1276 if (domain && !dma_ops_domain(domain))
1277 WARN_ONCE(1, "AMD IOMMU WARNING: device %s already bound "
1278 "to a non-dma-ops domain\n", dev_name(dev));
1281 case BUS_NOTIFY_UNBOUND_DRIVER:
1284 if (iommu_pass_through)
1286 detach_device(domain, devid);
1288 case BUS_NOTIFY_ADD_DEVICE:
1289 /* allocate a protection domain if a device is added */
1290 dma_domain = find_protection_domain(devid);
1293 dma_domain = dma_ops_domain_alloc(iommu);
1296 dma_domain->target_dev = devid;
1298 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1299 list_add_tail(&dma_domain->list, &iommu_pd_list);
1300 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1307 iommu_queue_inv_dev_entry(iommu, devid);
1308 iommu_completion_wait(iommu);
1314 static struct notifier_block device_nb = {
1315 .notifier_call = device_change_notifier,
1318 /*****************************************************************************
1320 * The next functions belong to the dma_ops mapping/unmapping code.
1322 *****************************************************************************/
1325 * This function checks if the driver got a valid device from the caller to
1326 * avoid dereferencing invalid pointers.
1328 static bool check_device(struct device *dev)
1330 if (!dev || !dev->dma_mask)
1337 * In this function the list of preallocated protection domains is traversed to
1338 * find the domain for a specific device
1340 static struct dma_ops_domain *find_protection_domain(u16 devid)
1342 struct dma_ops_domain *entry, *ret = NULL;
1343 unsigned long flags;
1345 if (list_empty(&iommu_pd_list))
1348 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1350 list_for_each_entry(entry, &iommu_pd_list, list) {
1351 if (entry->target_dev == devid) {
1357 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1363 * In the dma_ops path we only have the struct device. This function
1364 * finds the corresponding IOMMU, the protection domain and the
1365 * requestor id for a given device.
1366 * If the device is not yet associated with a domain this is also done
1369 static int get_device_resources(struct device *dev,
1370 struct amd_iommu **iommu,
1371 struct protection_domain **domain,
1374 struct dma_ops_domain *dma_dom;
1375 struct pci_dev *pcidev;
1382 if (dev->bus != &pci_bus_type)
1385 pcidev = to_pci_dev(dev);
1386 _bdf = calc_devid(pcidev->bus->number, pcidev->devfn);
1388 /* device not translated by any IOMMU in the system? */
1389 if (_bdf > amd_iommu_last_bdf)
1392 *bdf = amd_iommu_alias_table[_bdf];
1394 *iommu = amd_iommu_rlookup_table[*bdf];
1397 *domain = domain_for_device(*bdf);
1398 if (*domain == NULL) {
1399 dma_dom = find_protection_domain(*bdf);
1401 dma_dom = (*iommu)->default_dom;
1402 *domain = &dma_dom->domain;
1403 attach_device(*iommu, *domain, *bdf);
1404 DUMP_printk("Using protection domain %d for device %s\n",
1405 (*domain)->id, dev_name(dev));
1408 if (domain_for_device(_bdf) == NULL)
1409 attach_device(*iommu, *domain, _bdf);
1414 static void update_device_table(struct protection_domain *domain)
1416 unsigned long flags;
1419 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
1420 if (amd_iommu_pd_table[i] != domain)
1422 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1423 set_dte_entry(i, domain);
1424 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1428 static void update_domain(struct protection_domain *domain)
1430 if (!domain->updated)
1433 update_device_table(domain);
1434 flush_devices_by_domain(domain);
1435 iommu_flush_domain(domain->id);
1437 domain->updated = false;
1441 * This function is used to add another level to an IO page table. Adding
1442 * another level increases the size of the address space by 9 bits to a size up
1445 static bool increase_address_space(struct protection_domain *domain,
1450 if (domain->mode == PAGE_MODE_6_LEVEL)
1451 /* address space already 64 bit large */
1454 pte = (void *)get_zeroed_page(gfp);
1458 *pte = PM_LEVEL_PDE(domain->mode,
1459 virt_to_phys(domain->pt_root));
1460 domain->pt_root = pte;
1462 domain->updated = true;
1467 static u64 *alloc_pte(struct protection_domain *domain,
1468 unsigned long address,
1476 while (address > PM_LEVEL_SIZE(domain->mode))
1477 increase_address_space(domain, gfp);
1479 level = domain->mode - 1;
1480 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
1482 while (level > end_lvl) {
1483 if (!IOMMU_PTE_PRESENT(*pte)) {
1484 page = (u64 *)get_zeroed_page(gfp);
1487 *pte = PM_LEVEL_PDE(level, virt_to_phys(page));
1492 pte = IOMMU_PTE_PAGE(*pte);
1494 if (pte_page && level == end_lvl)
1497 pte = &pte[PM_LEVEL_INDEX(level, address)];
1504 * This function fetches the PTE for a given address in the aperture
1506 static u64* dma_ops_get_pte(struct dma_ops_domain *dom,
1507 unsigned long address)
1509 struct aperture_range *aperture;
1510 u64 *pte, *pte_page;
1512 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1516 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1518 pte = alloc_pte(&dom->domain, address, PM_MAP_4k, &pte_page,
1520 aperture->pte_pages[APERTURE_PAGE_INDEX(address)] = pte_page;
1522 pte += PM_LEVEL_INDEX(0, address);
1524 update_domain(&dom->domain);
1530 * This is the generic map function. It maps one 4kb page at paddr to
1531 * the given address in the DMA address space for the domain.
1533 static dma_addr_t dma_ops_domain_map(struct amd_iommu *iommu,
1534 struct dma_ops_domain *dom,
1535 unsigned long address,
1541 WARN_ON(address > dom->aperture_size);
1545 pte = dma_ops_get_pte(dom, address);
1547 return DMA_ERROR_CODE;
1549 __pte = paddr | IOMMU_PTE_P | IOMMU_PTE_FC;
1551 if (direction == DMA_TO_DEVICE)
1552 __pte |= IOMMU_PTE_IR;
1553 else if (direction == DMA_FROM_DEVICE)
1554 __pte |= IOMMU_PTE_IW;
1555 else if (direction == DMA_BIDIRECTIONAL)
1556 __pte |= IOMMU_PTE_IR | IOMMU_PTE_IW;
1562 return (dma_addr_t)address;
1566 * The generic unmapping function for on page in the DMA address space.
1568 static void dma_ops_domain_unmap(struct amd_iommu *iommu,
1569 struct dma_ops_domain *dom,
1570 unsigned long address)
1572 struct aperture_range *aperture;
1575 if (address >= dom->aperture_size)
1578 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1582 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1586 pte += PM_LEVEL_INDEX(0, address);
1594 * This function contains common code for mapping of a physically
1595 * contiguous memory region into DMA address space. It is used by all
1596 * mapping functions provided with this IOMMU driver.
1597 * Must be called with the domain lock held.
1599 static dma_addr_t __map_single(struct device *dev,
1600 struct amd_iommu *iommu,
1601 struct dma_ops_domain *dma_dom,
1608 dma_addr_t offset = paddr & ~PAGE_MASK;
1609 dma_addr_t address, start, ret;
1611 unsigned long align_mask = 0;
1614 pages = iommu_num_pages(paddr, size, PAGE_SIZE);
1617 INC_STATS_COUNTER(total_map_requests);
1620 INC_STATS_COUNTER(cross_page);
1623 align_mask = (1UL << get_order(size)) - 1;
1626 address = dma_ops_alloc_addresses(dev, dma_dom, pages, align_mask,
1628 if (unlikely(address == DMA_ERROR_CODE)) {
1630 * setting next_address here will let the address
1631 * allocator only scan the new allocated range in the
1632 * first run. This is a small optimization.
1634 dma_dom->next_address = dma_dom->aperture_size;
1636 if (alloc_new_range(iommu, dma_dom, false, GFP_ATOMIC))
1640 * aperture was sucessfully enlarged by 128 MB, try
1647 for (i = 0; i < pages; ++i) {
1648 ret = dma_ops_domain_map(iommu, dma_dom, start, paddr, dir);
1649 if (ret == DMA_ERROR_CODE)
1657 ADD_STATS_COUNTER(alloced_io_mem, size);
1659 if (unlikely(dma_dom->need_flush && !amd_iommu_unmap_flush)) {
1660 iommu_flush_tlb(iommu, dma_dom->domain.id);
1661 dma_dom->need_flush = false;
1662 } else if (unlikely(iommu_has_npcache(iommu)))
1663 iommu_flush_pages(iommu, dma_dom->domain.id, address, size);
1670 for (--i; i >= 0; --i) {
1672 dma_ops_domain_unmap(iommu, dma_dom, start);
1675 dma_ops_free_addresses(dma_dom, address, pages);
1677 return DMA_ERROR_CODE;
1681 * Does the reverse of the __map_single function. Must be called with
1682 * the domain lock held too
1684 static void __unmap_single(struct amd_iommu *iommu,
1685 struct dma_ops_domain *dma_dom,
1686 dma_addr_t dma_addr,
1690 dma_addr_t i, start;
1693 if ((dma_addr == DMA_ERROR_CODE) ||
1694 (dma_addr + size > dma_dom->aperture_size))
1697 pages = iommu_num_pages(dma_addr, size, PAGE_SIZE);
1698 dma_addr &= PAGE_MASK;
1701 for (i = 0; i < pages; ++i) {
1702 dma_ops_domain_unmap(iommu, dma_dom, start);
1706 SUB_STATS_COUNTER(alloced_io_mem, size);
1708 dma_ops_free_addresses(dma_dom, dma_addr, pages);
1710 if (amd_iommu_unmap_flush || dma_dom->need_flush) {
1711 iommu_flush_pages(iommu, dma_dom->domain.id, dma_addr, size);
1712 dma_dom->need_flush = false;
1717 * The exported map_single function for dma_ops.
1719 static dma_addr_t map_page(struct device *dev, struct page *page,
1720 unsigned long offset, size_t size,
1721 enum dma_data_direction dir,
1722 struct dma_attrs *attrs)
1724 unsigned long flags;
1725 struct amd_iommu *iommu;
1726 struct protection_domain *domain;
1730 phys_addr_t paddr = page_to_phys(page) + offset;
1732 INC_STATS_COUNTER(cnt_map_single);
1734 if (!check_device(dev))
1735 return DMA_ERROR_CODE;
1737 dma_mask = *dev->dma_mask;
1739 get_device_resources(dev, &iommu, &domain, &devid);
1741 if (iommu == NULL || domain == NULL)
1742 /* device not handled by any AMD IOMMU */
1743 return (dma_addr_t)paddr;
1745 if (!dma_ops_domain(domain))
1746 return DMA_ERROR_CODE;
1748 spin_lock_irqsave(&domain->lock, flags);
1749 addr = __map_single(dev, iommu, domain->priv, paddr, size, dir, false,
1751 if (addr == DMA_ERROR_CODE)
1754 iommu_completion_wait(iommu);
1757 spin_unlock_irqrestore(&domain->lock, flags);
1763 * The exported unmap_single function for dma_ops.
1765 static void unmap_page(struct device *dev, dma_addr_t dma_addr, size_t size,
1766 enum dma_data_direction dir, struct dma_attrs *attrs)
1768 unsigned long flags;
1769 struct amd_iommu *iommu;
1770 struct protection_domain *domain;
1773 INC_STATS_COUNTER(cnt_unmap_single);
1775 if (!check_device(dev) ||
1776 !get_device_resources(dev, &iommu, &domain, &devid))
1777 /* device not handled by any AMD IOMMU */
1780 if (!dma_ops_domain(domain))
1783 spin_lock_irqsave(&domain->lock, flags);
1785 __unmap_single(iommu, domain->priv, dma_addr, size, dir);
1787 iommu_completion_wait(iommu);
1789 spin_unlock_irqrestore(&domain->lock, flags);
1793 * This is a special map_sg function which is used if we should map a
1794 * device which is not handled by an AMD IOMMU in the system.
1796 static int map_sg_no_iommu(struct device *dev, struct scatterlist *sglist,
1797 int nelems, int dir)
1799 struct scatterlist *s;
1802 for_each_sg(sglist, s, nelems, i) {
1803 s->dma_address = (dma_addr_t)sg_phys(s);
1804 s->dma_length = s->length;
1811 * The exported map_sg function for dma_ops (handles scatter-gather
1814 static int map_sg(struct device *dev, struct scatterlist *sglist,
1815 int nelems, enum dma_data_direction dir,
1816 struct dma_attrs *attrs)
1818 unsigned long flags;
1819 struct amd_iommu *iommu;
1820 struct protection_domain *domain;
1823 struct scatterlist *s;
1825 int mapped_elems = 0;
1828 INC_STATS_COUNTER(cnt_map_sg);
1830 if (!check_device(dev))
1833 dma_mask = *dev->dma_mask;
1835 get_device_resources(dev, &iommu, &domain, &devid);
1837 if (!iommu || !domain)
1838 return map_sg_no_iommu(dev, sglist, nelems, dir);
1840 if (!dma_ops_domain(domain))
1843 spin_lock_irqsave(&domain->lock, flags);
1845 for_each_sg(sglist, s, nelems, i) {
1848 s->dma_address = __map_single(dev, iommu, domain->priv,
1849 paddr, s->length, dir, false,
1852 if (s->dma_address) {
1853 s->dma_length = s->length;
1859 iommu_completion_wait(iommu);
1862 spin_unlock_irqrestore(&domain->lock, flags);
1864 return mapped_elems;
1866 for_each_sg(sglist, s, mapped_elems, i) {
1868 __unmap_single(iommu, domain->priv, s->dma_address,
1869 s->dma_length, dir);
1870 s->dma_address = s->dma_length = 0;
1879 * The exported map_sg function for dma_ops (handles scatter-gather
1882 static void unmap_sg(struct device *dev, struct scatterlist *sglist,
1883 int nelems, enum dma_data_direction dir,
1884 struct dma_attrs *attrs)
1886 unsigned long flags;
1887 struct amd_iommu *iommu;
1888 struct protection_domain *domain;
1889 struct scatterlist *s;
1893 INC_STATS_COUNTER(cnt_unmap_sg);
1895 if (!check_device(dev) ||
1896 !get_device_resources(dev, &iommu, &domain, &devid))
1899 if (!dma_ops_domain(domain))
1902 spin_lock_irqsave(&domain->lock, flags);
1904 for_each_sg(sglist, s, nelems, i) {
1905 __unmap_single(iommu, domain->priv, s->dma_address,
1906 s->dma_length, dir);
1907 s->dma_address = s->dma_length = 0;
1910 iommu_completion_wait(iommu);
1912 spin_unlock_irqrestore(&domain->lock, flags);
1916 * The exported alloc_coherent function for dma_ops.
1918 static void *alloc_coherent(struct device *dev, size_t size,
1919 dma_addr_t *dma_addr, gfp_t flag)
1921 unsigned long flags;
1923 struct amd_iommu *iommu;
1924 struct protection_domain *domain;
1927 u64 dma_mask = dev->coherent_dma_mask;
1929 INC_STATS_COUNTER(cnt_alloc_coherent);
1931 if (!check_device(dev))
1934 if (!get_device_resources(dev, &iommu, &domain, &devid))
1935 flag &= ~(__GFP_DMA | __GFP_HIGHMEM | __GFP_DMA32);
1938 virt_addr = (void *)__get_free_pages(flag, get_order(size));
1942 paddr = virt_to_phys(virt_addr);
1944 if (!iommu || !domain) {
1945 *dma_addr = (dma_addr_t)paddr;
1949 if (!dma_ops_domain(domain))
1953 dma_mask = *dev->dma_mask;
1955 spin_lock_irqsave(&domain->lock, flags);
1957 *dma_addr = __map_single(dev, iommu, domain->priv, paddr,
1958 size, DMA_BIDIRECTIONAL, true, dma_mask);
1960 if (*dma_addr == DMA_ERROR_CODE) {
1961 spin_unlock_irqrestore(&domain->lock, flags);
1965 iommu_completion_wait(iommu);
1967 spin_unlock_irqrestore(&domain->lock, flags);
1973 free_pages((unsigned long)virt_addr, get_order(size));
1979 * The exported free_coherent function for dma_ops.
1981 static void free_coherent(struct device *dev, size_t size,
1982 void *virt_addr, dma_addr_t dma_addr)
1984 unsigned long flags;
1985 struct amd_iommu *iommu;
1986 struct protection_domain *domain;
1989 INC_STATS_COUNTER(cnt_free_coherent);
1991 if (!check_device(dev))
1994 get_device_resources(dev, &iommu, &domain, &devid);
1996 if (!iommu || !domain)
1999 if (!dma_ops_domain(domain))
2002 spin_lock_irqsave(&domain->lock, flags);
2004 __unmap_single(iommu, domain->priv, dma_addr, size, DMA_BIDIRECTIONAL);
2006 iommu_completion_wait(iommu);
2008 spin_unlock_irqrestore(&domain->lock, flags);
2011 free_pages((unsigned long)virt_addr, get_order(size));
2015 * This function is called by the DMA layer to find out if we can handle a
2016 * particular device. It is part of the dma_ops.
2018 static int amd_iommu_dma_supported(struct device *dev, u64 mask)
2021 struct pci_dev *pcidev;
2023 /* No device or no PCI device */
2024 if (!dev || dev->bus != &pci_bus_type)
2027 pcidev = to_pci_dev(dev);
2029 bdf = calc_devid(pcidev->bus->number, pcidev->devfn);
2031 /* Out of our scope? */
2032 if (bdf > amd_iommu_last_bdf)
2039 * The function for pre-allocating protection domains.
2041 * If the driver core informs the DMA layer if a driver grabs a device
2042 * we don't need to preallocate the protection domains anymore.
2043 * For now we have to.
2045 static void prealloc_protection_domains(void)
2047 struct pci_dev *dev = NULL;
2048 struct dma_ops_domain *dma_dom;
2049 struct amd_iommu *iommu;
2052 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2053 devid = calc_devid(dev->bus->number, dev->devfn);
2054 if (devid > amd_iommu_last_bdf)
2056 devid = amd_iommu_alias_table[devid];
2057 if (domain_for_device(devid))
2059 iommu = amd_iommu_rlookup_table[devid];
2062 dma_dom = dma_ops_domain_alloc(iommu);
2065 init_unity_mappings_for_device(dma_dom, devid);
2066 dma_dom->target_dev = devid;
2068 list_add_tail(&dma_dom->list, &iommu_pd_list);
2072 static struct dma_map_ops amd_iommu_dma_ops = {
2073 .alloc_coherent = alloc_coherent,
2074 .free_coherent = free_coherent,
2075 .map_page = map_page,
2076 .unmap_page = unmap_page,
2078 .unmap_sg = unmap_sg,
2079 .dma_supported = amd_iommu_dma_supported,
2083 * The function which clues the AMD IOMMU driver into dma_ops.
2085 int __init amd_iommu_init_dma_ops(void)
2087 struct amd_iommu *iommu;
2091 * first allocate a default protection domain for every IOMMU we
2092 * found in the system. Devices not assigned to any other
2093 * protection domain will be assigned to the default one.
2095 for_each_iommu(iommu) {
2096 iommu->default_dom = dma_ops_domain_alloc(iommu);
2097 if (iommu->default_dom == NULL)
2099 iommu->default_dom->domain.flags |= PD_DEFAULT_MASK;
2100 ret = iommu_init_unity_mappings(iommu);
2106 * If device isolation is enabled, pre-allocate the protection
2107 * domains for each device.
2109 if (amd_iommu_isolate)
2110 prealloc_protection_domains();
2114 #ifdef CONFIG_GART_IOMMU
2115 gart_iommu_aperture_disabled = 1;
2116 gart_iommu_aperture = 0;
2119 /* Make the driver finally visible to the drivers */
2120 dma_ops = &amd_iommu_dma_ops;
2122 register_iommu(&amd_iommu_ops);
2124 bus_register_notifier(&pci_bus_type, &device_nb);
2126 amd_iommu_stats_init();
2132 for_each_iommu(iommu) {
2133 if (iommu->default_dom)
2134 dma_ops_domain_free(iommu->default_dom);
2140 /*****************************************************************************
2142 * The following functions belong to the exported interface of AMD IOMMU
2144 * This interface allows access to lower level functions of the IOMMU
2145 * like protection domain handling and assignement of devices to domains
2146 * which is not possible with the dma_ops interface.
2148 *****************************************************************************/
2150 static void cleanup_domain(struct protection_domain *domain)
2152 unsigned long flags;
2155 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
2157 for (devid = 0; devid <= amd_iommu_last_bdf; ++devid)
2158 if (amd_iommu_pd_table[devid] == domain)
2159 __detach_device(domain, devid);
2161 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
2164 static void protection_domain_free(struct protection_domain *domain)
2170 domain_id_free(domain->id);
2175 static struct protection_domain *protection_domain_alloc(void)
2177 struct protection_domain *domain;
2179 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2183 spin_lock_init(&domain->lock);
2184 domain->id = domain_id_alloc();
2196 static int amd_iommu_domain_init(struct iommu_domain *dom)
2198 struct protection_domain *domain;
2200 domain = protection_domain_alloc();
2204 domain->mode = PAGE_MODE_3_LEVEL;
2205 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2206 if (!domain->pt_root)
2214 protection_domain_free(domain);
2219 static void amd_iommu_domain_destroy(struct iommu_domain *dom)
2221 struct protection_domain *domain = dom->priv;
2226 if (domain->dev_cnt > 0)
2227 cleanup_domain(domain);
2229 BUG_ON(domain->dev_cnt != 0);
2231 free_pagetable(domain);
2233 domain_id_free(domain->id);
2240 static void amd_iommu_detach_device(struct iommu_domain *dom,
2243 struct protection_domain *domain = dom->priv;
2244 struct amd_iommu *iommu;
2245 struct pci_dev *pdev;
2248 if (dev->bus != &pci_bus_type)
2251 pdev = to_pci_dev(dev);
2253 devid = calc_devid(pdev->bus->number, pdev->devfn);
2256 detach_device(domain, devid);
2258 iommu = amd_iommu_rlookup_table[devid];
2262 iommu_queue_inv_dev_entry(iommu, devid);
2263 iommu_completion_wait(iommu);
2266 static int amd_iommu_attach_device(struct iommu_domain *dom,
2269 struct protection_domain *domain = dom->priv;
2270 struct protection_domain *old_domain;
2271 struct amd_iommu *iommu;
2272 struct pci_dev *pdev;
2275 if (dev->bus != &pci_bus_type)
2278 pdev = to_pci_dev(dev);
2280 devid = calc_devid(pdev->bus->number, pdev->devfn);
2282 if (devid >= amd_iommu_last_bdf ||
2283 devid != amd_iommu_alias_table[devid])
2286 iommu = amd_iommu_rlookup_table[devid];
2290 old_domain = domain_for_device(devid);
2292 detach_device(old_domain, devid);
2294 attach_device(iommu, domain, devid);
2296 iommu_completion_wait(iommu);
2301 static int amd_iommu_map_range(struct iommu_domain *dom,
2302 unsigned long iova, phys_addr_t paddr,
2303 size_t size, int iommu_prot)
2305 struct protection_domain *domain = dom->priv;
2306 unsigned long i, npages = iommu_num_pages(paddr, size, PAGE_SIZE);
2310 if (iommu_prot & IOMMU_READ)
2311 prot |= IOMMU_PROT_IR;
2312 if (iommu_prot & IOMMU_WRITE)
2313 prot |= IOMMU_PROT_IW;
2318 for (i = 0; i < npages; ++i) {
2319 ret = iommu_map_page(domain, iova, paddr, prot, PM_MAP_4k);
2330 static void amd_iommu_unmap_range(struct iommu_domain *dom,
2331 unsigned long iova, size_t size)
2334 struct protection_domain *domain = dom->priv;
2335 unsigned long i, npages = iommu_num_pages(iova, size, PAGE_SIZE);
2339 for (i = 0; i < npages; ++i) {
2340 iommu_unmap_page(domain, iova, PM_MAP_4k);
2344 iommu_flush_domain(domain->id);
2347 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2350 struct protection_domain *domain = dom->priv;
2351 unsigned long offset = iova & ~PAGE_MASK;
2355 pte = fetch_pte(domain, iova, PM_MAP_4k);
2357 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2360 paddr = *pte & IOMMU_PAGE_MASK;
2366 static int amd_iommu_domain_has_cap(struct iommu_domain *domain,
2372 static struct iommu_ops amd_iommu_ops = {
2373 .domain_init = amd_iommu_domain_init,
2374 .domain_destroy = amd_iommu_domain_destroy,
2375 .attach_dev = amd_iommu_attach_device,
2376 .detach_dev = amd_iommu_detach_device,
2377 .map = amd_iommu_map_range,
2378 .unmap = amd_iommu_unmap_range,
2379 .iova_to_phys = amd_iommu_iova_to_phys,
2380 .domain_has_cap = amd_iommu_domain_has_cap,
2383 /*****************************************************************************
2385 * The next functions do a basic initialization of IOMMU for pass through
2388 * In passthrough mode the IOMMU is initialized and enabled but not used for
2389 * DMA-API translation.
2391 *****************************************************************************/
2393 int __init amd_iommu_init_passthrough(void)
2395 struct pci_dev *dev = NULL;
2398 /* allocate passthroug domain */
2399 pt_domain = protection_domain_alloc();
2403 pt_domain->mode |= PAGE_MODE_NONE;
2405 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2406 struct amd_iommu *iommu;
2408 devid = calc_devid(dev->bus->number, dev->devfn);
2409 if (devid > amd_iommu_last_bdf)
2412 devid2 = amd_iommu_alias_table[devid];
2414 iommu = amd_iommu_rlookup_table[devid2];
2418 __attach_device(iommu, pt_domain, devid);
2419 __attach_device(iommu, pt_domain, devid2);
2422 pr_info("AMD-Vi: Initialized for Passthrough Mode\n");
git.openpandora.org / pandora-kernel.git / blob