2 * Copyright (C) 2007-2009 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
4 * Leo Duran <leo.duran@amd.com>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published
8 * by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/pci.h>
21 #include <linux/gfp.h>
22 #include <linux/bitops.h>
23 #include <linux/debugfs.h>
24 #include <linux/scatterlist.h>
25 #include <linux/dma-mapping.h>
26 #include <linux/iommu-helper.h>
27 #include <linux/iommu.h>
28 #include <asm/proto.h>
29 #include <asm/iommu.h>
31 #include <asm/amd_iommu_proto.h>
32 #include <asm/amd_iommu_types.h>
33 #include <asm/amd_iommu.h>
35 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
37 #define EXIT_LOOP_COUNT 10000000
39 static DEFINE_RWLOCK(amd_iommu_devtable_lock);
41 /* A list of preallocated protection domains */
42 static LIST_HEAD(iommu_pd_list);
43 static DEFINE_SPINLOCK(iommu_pd_list_lock);
46 * Domain for untranslated devices - only allocated
47 * if iommu=pt passed on kernel cmd line.
49 static struct protection_domain *pt_domain;
51 static struct iommu_ops amd_iommu_ops;
54 * general struct to manage commands send to an IOMMU
60 static void reset_iommu_command_buffer(struct amd_iommu *iommu);
61 static void update_domain(struct protection_domain *domain);
63 /****************************************************************************
67 ****************************************************************************/
69 static inline u16 get_device_id(struct device *dev)
71 struct pci_dev *pdev = to_pci_dev(dev);
73 return calc_devid(pdev->bus->number, pdev->devfn);
77 * In this function the list of preallocated protection domains is traversed to
78 * find the domain for a specific device
80 static struct dma_ops_domain *find_protection_domain(u16 devid)
82 struct dma_ops_domain *entry, *ret = NULL;
84 u16 alias = amd_iommu_alias_table[devid];
86 if (list_empty(&iommu_pd_list))
89 spin_lock_irqsave(&iommu_pd_list_lock, flags);
91 list_for_each_entry(entry, &iommu_pd_list, list) {
92 if (entry->target_dev == devid ||
93 entry->target_dev == alias) {
99 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
105 * This function checks if the driver got a valid device from the caller to
106 * avoid dereferencing invalid pointers.
108 static bool check_device(struct device *dev)
112 if (!dev || !dev->dma_mask)
115 /* No device or no PCI device */
116 if (!dev || dev->bus != &pci_bus_type)
119 devid = get_device_id(dev);
121 /* Out of our scope? */
122 if (devid > amd_iommu_last_bdf)
125 if (amd_iommu_rlookup_table[devid] == NULL)
131 #ifdef CONFIG_AMD_IOMMU_STATS
134 * Initialization code for statistics collection
137 DECLARE_STATS_COUNTER(compl_wait);
138 DECLARE_STATS_COUNTER(cnt_map_single);
139 DECLARE_STATS_COUNTER(cnt_unmap_single);
140 DECLARE_STATS_COUNTER(cnt_map_sg);
141 DECLARE_STATS_COUNTER(cnt_unmap_sg);
142 DECLARE_STATS_COUNTER(cnt_alloc_coherent);
143 DECLARE_STATS_COUNTER(cnt_free_coherent);
144 DECLARE_STATS_COUNTER(cross_page);
145 DECLARE_STATS_COUNTER(domain_flush_single);
146 DECLARE_STATS_COUNTER(domain_flush_all);
147 DECLARE_STATS_COUNTER(alloced_io_mem);
148 DECLARE_STATS_COUNTER(total_map_requests);
150 static struct dentry *stats_dir;
151 static struct dentry *de_fflush;
153 static void amd_iommu_stats_add(struct __iommu_counter *cnt)
155 if (stats_dir == NULL)
158 cnt->dent = debugfs_create_u64(cnt->name, 0444, stats_dir,
162 static void amd_iommu_stats_init(void)
164 stats_dir = debugfs_create_dir("amd-iommu", NULL);
165 if (stats_dir == NULL)
168 de_fflush = debugfs_create_bool("fullflush", 0444, stats_dir,
169 (u32 *)&amd_iommu_unmap_flush);
171 amd_iommu_stats_add(&compl_wait);
172 amd_iommu_stats_add(&cnt_map_single);
173 amd_iommu_stats_add(&cnt_unmap_single);
174 amd_iommu_stats_add(&cnt_map_sg);
175 amd_iommu_stats_add(&cnt_unmap_sg);
176 amd_iommu_stats_add(&cnt_alloc_coherent);
177 amd_iommu_stats_add(&cnt_free_coherent);
178 amd_iommu_stats_add(&cross_page);
179 amd_iommu_stats_add(&domain_flush_single);
180 amd_iommu_stats_add(&domain_flush_all);
181 amd_iommu_stats_add(&alloced_io_mem);
182 amd_iommu_stats_add(&total_map_requests);
187 /****************************************************************************
189 * Interrupt handling functions
191 ****************************************************************************/
193 static void dump_dte_entry(u16 devid)
197 for (i = 0; i < 8; ++i)
198 pr_err("AMD-Vi: DTE[%d]: %08x\n", i,
199 amd_iommu_dev_table[devid].data[i]);
202 static void dump_command(unsigned long phys_addr)
204 struct iommu_cmd *cmd = phys_to_virt(phys_addr);
207 for (i = 0; i < 4; ++i)
208 pr_err("AMD-Vi: CMD[%d]: %08x\n", i, cmd->data[i]);
211 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
214 int type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
215 int devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
216 int domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
217 int flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
218 u64 address = (u64)(((u64)event[3]) << 32) | event[2];
220 printk(KERN_ERR "AMD-Vi: Event logged [");
223 case EVENT_TYPE_ILL_DEV:
224 printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
225 "address=0x%016llx flags=0x%04x]\n",
226 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
228 dump_dte_entry(devid);
230 case EVENT_TYPE_IO_FAULT:
231 printk("IO_PAGE_FAULT device=%02x:%02x.%x "
232 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
233 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
234 domid, address, flags);
236 case EVENT_TYPE_DEV_TAB_ERR:
237 printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
238 "address=0x%016llx flags=0x%04x]\n",
239 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
242 case EVENT_TYPE_PAGE_TAB_ERR:
243 printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
244 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
245 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
246 domid, address, flags);
248 case EVENT_TYPE_ILL_CMD:
249 printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
250 reset_iommu_command_buffer(iommu);
251 dump_command(address);
253 case EVENT_TYPE_CMD_HARD_ERR:
254 printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
255 "flags=0x%04x]\n", address, flags);
257 case EVENT_TYPE_IOTLB_INV_TO:
258 printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
259 "address=0x%016llx]\n",
260 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
263 case EVENT_TYPE_INV_DEV_REQ:
264 printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
265 "address=0x%016llx flags=0x%04x]\n",
266 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
270 printk(KERN_ERR "UNKNOWN type=0x%02x]\n", type);
274 static void iommu_poll_events(struct amd_iommu *iommu)
279 spin_lock_irqsave(&iommu->lock, flags);
281 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
282 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
284 while (head != tail) {
285 iommu_print_event(iommu, iommu->evt_buf + head);
286 head = (head + EVENT_ENTRY_SIZE) % iommu->evt_buf_size;
289 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
291 spin_unlock_irqrestore(&iommu->lock, flags);
294 irqreturn_t amd_iommu_int_handler(int irq, void *data)
296 struct amd_iommu *iommu;
298 for_each_iommu(iommu)
299 iommu_poll_events(iommu);
304 /****************************************************************************
306 * IOMMU command queuing functions
308 ****************************************************************************/
311 * Writes the command to the IOMMUs command buffer and informs the
312 * hardware about the new command. Must be called with iommu->lock held.
314 static int __iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
319 tail = readl(iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
320 target = iommu->cmd_buf + tail;
321 memcpy_toio(target, cmd, sizeof(*cmd));
322 tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
323 head = readl(iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
326 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
332 * General queuing function for commands. Takes iommu->lock and calls
333 * __iommu_queue_command().
335 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
340 spin_lock_irqsave(&iommu->lock, flags);
341 ret = __iommu_queue_command(iommu, cmd);
343 iommu->need_sync = true;
344 spin_unlock_irqrestore(&iommu->lock, flags);
350 * This function waits until an IOMMU has completed a completion
353 static void __iommu_wait_for_completion(struct amd_iommu *iommu)
359 INC_STATS_COUNTER(compl_wait);
361 while (!ready && (i < EXIT_LOOP_COUNT)) {
363 /* wait for the bit to become one */
364 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
365 ready = status & MMIO_STATUS_COM_WAIT_INT_MASK;
368 /* set bit back to zero */
369 status &= ~MMIO_STATUS_COM_WAIT_INT_MASK;
370 writel(status, iommu->mmio_base + MMIO_STATUS_OFFSET);
372 if (unlikely(i == EXIT_LOOP_COUNT)) {
373 spin_unlock(&iommu->lock);
374 reset_iommu_command_buffer(iommu);
375 spin_lock(&iommu->lock);
380 * This function queues a completion wait command into the command
383 static int __iommu_completion_wait(struct amd_iommu *iommu)
385 struct iommu_cmd cmd;
387 memset(&cmd, 0, sizeof(cmd));
388 cmd.data[0] = CMD_COMPL_WAIT_INT_MASK;
389 CMD_SET_TYPE(&cmd, CMD_COMPL_WAIT);
391 return __iommu_queue_command(iommu, &cmd);
395 * This function is called whenever we need to ensure that the IOMMU has
396 * completed execution of all commands we sent. It sends a
397 * COMPLETION_WAIT command and waits for it to finish. The IOMMU informs
398 * us about that by writing a value to a physical address we pass with
401 static int iommu_completion_wait(struct amd_iommu *iommu)
406 spin_lock_irqsave(&iommu->lock, flags);
408 if (!iommu->need_sync)
411 ret = __iommu_completion_wait(iommu);
413 iommu->need_sync = false;
418 __iommu_wait_for_completion(iommu);
421 spin_unlock_irqrestore(&iommu->lock, flags);
426 static void iommu_flush_complete(struct protection_domain *domain)
430 for (i = 0; i < amd_iommus_present; ++i) {
431 if (!domain->dev_iommu[i])
435 * Devices of this domain are behind this IOMMU
436 * We need to wait for completion of all commands.
438 iommu_completion_wait(amd_iommus[i]);
443 * Command send function for invalidating a device table entry
445 static int iommu_queue_inv_dev_entry(struct amd_iommu *iommu, u16 devid)
447 struct iommu_cmd cmd;
450 BUG_ON(iommu == NULL);
452 memset(&cmd, 0, sizeof(cmd));
453 CMD_SET_TYPE(&cmd, CMD_INV_DEV_ENTRY);
456 ret = iommu_queue_command(iommu, &cmd);
461 static void __iommu_build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
462 u16 domid, int pde, int s)
464 memset(cmd, 0, sizeof(*cmd));
465 address &= PAGE_MASK;
466 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
467 cmd->data[1] |= domid;
468 cmd->data[2] = lower_32_bits(address);
469 cmd->data[3] = upper_32_bits(address);
470 if (s) /* size bit - we flush more than one 4kb page */
471 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
472 if (pde) /* PDE bit - we wan't flush everything not only the PTEs */
473 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
477 * Generic command send function for invalidaing TLB entries
479 static int iommu_queue_inv_iommu_pages(struct amd_iommu *iommu,
480 u64 address, u16 domid, int pde, int s)
482 struct iommu_cmd cmd;
485 __iommu_build_inv_iommu_pages(&cmd, address, domid, pde, s);
487 ret = iommu_queue_command(iommu, &cmd);
493 * TLB invalidation function which is called from the mapping functions.
494 * It invalidates a single PTE if the range to flush is within a single
495 * page. Otherwise it flushes the whole TLB of the IOMMU.
497 static void __iommu_flush_pages(struct protection_domain *domain,
498 u64 address, size_t size, int pde)
501 unsigned long pages = iommu_num_pages(address, size, PAGE_SIZE);
503 address &= PAGE_MASK;
507 * If we have to flush more than one page, flush all
508 * TLB entries for this domain
510 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
515 for (i = 0; i < amd_iommus_present; ++i) {
516 if (!domain->dev_iommu[i])
520 * Devices of this domain are behind this IOMMU
521 * We need a TLB flush
523 iommu_queue_inv_iommu_pages(amd_iommus[i], address,
530 static void iommu_flush_pages(struct protection_domain *domain,
531 u64 address, size_t size)
533 __iommu_flush_pages(domain, address, size, 0);
536 /* Flush the whole IO/TLB for a given protection domain */
537 static void iommu_flush_tlb(struct protection_domain *domain)
539 __iommu_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 0);
542 /* Flush the whole IO/TLB for a given protection domain - including PDE */
543 static void iommu_flush_tlb_pde(struct protection_domain *domain)
545 __iommu_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 1);
549 * This function flushes all domains that have devices on the given IOMMU
551 static void flush_all_domains_on_iommu(struct amd_iommu *iommu)
553 u64 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
554 struct protection_domain *domain;
557 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
559 list_for_each_entry(domain, &amd_iommu_pd_list, list) {
560 if (domain->dev_iommu[iommu->index] == 0)
563 spin_lock(&domain->lock);
564 iommu_queue_inv_iommu_pages(iommu, address, domain->id, 1, 1);
565 iommu_flush_complete(domain);
566 spin_unlock(&domain->lock);
569 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
573 * This function uses heavy locking and may disable irqs for some time. But
574 * this is no issue because it is only called during resume.
576 void amd_iommu_flush_all_domains(void)
578 struct protection_domain *domain;
581 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
583 list_for_each_entry(domain, &amd_iommu_pd_list, list) {
584 spin_lock(&domain->lock);
585 iommu_flush_tlb_pde(domain);
586 iommu_flush_complete(domain);
587 spin_unlock(&domain->lock);
590 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
593 static void flush_all_devices_for_iommu(struct amd_iommu *iommu)
597 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
598 if (iommu != amd_iommu_rlookup_table[i])
601 iommu_queue_inv_dev_entry(iommu, i);
602 iommu_completion_wait(iommu);
606 static void flush_devices_by_domain(struct protection_domain *domain)
608 struct amd_iommu *iommu;
611 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
612 if ((domain == NULL && amd_iommu_pd_table[i] == NULL) ||
613 (amd_iommu_pd_table[i] != domain))
616 iommu = amd_iommu_rlookup_table[i];
620 iommu_queue_inv_dev_entry(iommu, i);
621 iommu_completion_wait(iommu);
625 static void reset_iommu_command_buffer(struct amd_iommu *iommu)
627 pr_err("AMD-Vi: Resetting IOMMU command buffer\n");
629 if (iommu->reset_in_progress)
630 panic("AMD-Vi: ILLEGAL_COMMAND_ERROR while resetting command buffer\n");
632 iommu->reset_in_progress = true;
634 amd_iommu_reset_cmd_buffer(iommu);
635 flush_all_devices_for_iommu(iommu);
636 flush_all_domains_on_iommu(iommu);
638 iommu->reset_in_progress = false;
641 void amd_iommu_flush_all_devices(void)
643 flush_devices_by_domain(NULL);
646 /****************************************************************************
648 * The functions below are used the create the page table mappings for
649 * unity mapped regions.
651 ****************************************************************************/
654 * This function is used to add another level to an IO page table. Adding
655 * another level increases the size of the address space by 9 bits to a size up
658 static bool increase_address_space(struct protection_domain *domain,
663 if (domain->mode == PAGE_MODE_6_LEVEL)
664 /* address space already 64 bit large */
667 pte = (void *)get_zeroed_page(gfp);
671 *pte = PM_LEVEL_PDE(domain->mode,
672 virt_to_phys(domain->pt_root));
673 domain->pt_root = pte;
675 domain->updated = true;
680 static u64 *alloc_pte(struct protection_domain *domain,
681 unsigned long address,
689 while (address > PM_LEVEL_SIZE(domain->mode))
690 increase_address_space(domain, gfp);
692 level = domain->mode - 1;
693 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
695 while (level > end_lvl) {
696 if (!IOMMU_PTE_PRESENT(*pte)) {
697 page = (u64 *)get_zeroed_page(gfp);
700 *pte = PM_LEVEL_PDE(level, virt_to_phys(page));
705 pte = IOMMU_PTE_PAGE(*pte);
707 if (pte_page && level == end_lvl)
710 pte = &pte[PM_LEVEL_INDEX(level, address)];
717 * This function checks if there is a PTE for a given dma address. If
718 * there is one, it returns the pointer to it.
720 static u64 *fetch_pte(struct protection_domain *domain,
721 unsigned long address, int map_size)
726 level = domain->mode - 1;
727 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
729 while (level > map_size) {
730 if (!IOMMU_PTE_PRESENT(*pte))
735 pte = IOMMU_PTE_PAGE(*pte);
736 pte = &pte[PM_LEVEL_INDEX(level, address)];
738 if ((PM_PTE_LEVEL(*pte) == 0) && level != map_size) {
748 * Generic mapping functions. It maps a physical address into a DMA
749 * address space. It allocates the page table pages if necessary.
750 * In the future it can be extended to a generic mapping function
751 * supporting all features of AMD IOMMU page tables like level skipping
752 * and full 64 bit address spaces.
754 static int iommu_map_page(struct protection_domain *dom,
755 unsigned long bus_addr,
756 unsigned long phys_addr,
762 bus_addr = PAGE_ALIGN(bus_addr);
763 phys_addr = PAGE_ALIGN(phys_addr);
765 BUG_ON(!PM_ALIGNED(map_size, bus_addr));
766 BUG_ON(!PM_ALIGNED(map_size, phys_addr));
768 if (!(prot & IOMMU_PROT_MASK))
771 pte = alloc_pte(dom, bus_addr, map_size, NULL, GFP_KERNEL);
773 if (IOMMU_PTE_PRESENT(*pte))
776 __pte = phys_addr | IOMMU_PTE_P;
777 if (prot & IOMMU_PROT_IR)
778 __pte |= IOMMU_PTE_IR;
779 if (prot & IOMMU_PROT_IW)
780 __pte |= IOMMU_PTE_IW;
789 static void iommu_unmap_page(struct protection_domain *dom,
790 unsigned long bus_addr, int map_size)
792 u64 *pte = fetch_pte(dom, bus_addr, map_size);
799 * This function checks if a specific unity mapping entry is needed for
800 * this specific IOMMU.
802 static int iommu_for_unity_map(struct amd_iommu *iommu,
803 struct unity_map_entry *entry)
807 for (i = entry->devid_start; i <= entry->devid_end; ++i) {
808 bdf = amd_iommu_alias_table[i];
809 if (amd_iommu_rlookup_table[bdf] == iommu)
817 * This function actually applies the mapping to the page table of the
820 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
821 struct unity_map_entry *e)
826 for (addr = e->address_start; addr < e->address_end;
828 ret = iommu_map_page(&dma_dom->domain, addr, addr, e->prot,
833 * if unity mapping is in aperture range mark the page
834 * as allocated in the aperture
836 if (addr < dma_dom->aperture_size)
837 __set_bit(addr >> PAGE_SHIFT,
838 dma_dom->aperture[0]->bitmap);
845 * Init the unity mappings for a specific IOMMU in the system
847 * Basically iterates over all unity mapping entries and applies them to
848 * the default domain DMA of that IOMMU if necessary.
850 static int iommu_init_unity_mappings(struct amd_iommu *iommu)
852 struct unity_map_entry *entry;
855 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
856 if (!iommu_for_unity_map(iommu, entry))
858 ret = dma_ops_unity_map(iommu->default_dom, entry);
867 * Inits the unity mappings required for a specific device
869 static int init_unity_mappings_for_device(struct dma_ops_domain *dma_dom,
872 struct unity_map_entry *e;
875 list_for_each_entry(e, &amd_iommu_unity_map, list) {
876 if (!(devid >= e->devid_start && devid <= e->devid_end))
878 ret = dma_ops_unity_map(dma_dom, e);
886 /****************************************************************************
888 * The next functions belong to the address allocator for the dma_ops
889 * interface functions. They work like the allocators in the other IOMMU
890 * drivers. Its basically a bitmap which marks the allocated pages in
891 * the aperture. Maybe it could be enhanced in the future to a more
892 * efficient allocator.
894 ****************************************************************************/
897 * The address allocator core functions.
899 * called with domain->lock held
903 * Used to reserve address ranges in the aperture (e.g. for exclusion
906 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
907 unsigned long start_page,
910 unsigned int i, last_page = dom->aperture_size >> PAGE_SHIFT;
912 if (start_page + pages > last_page)
913 pages = last_page - start_page;
915 for (i = start_page; i < start_page + pages; ++i) {
916 int index = i / APERTURE_RANGE_PAGES;
917 int page = i % APERTURE_RANGE_PAGES;
918 __set_bit(page, dom->aperture[index]->bitmap);
923 * This function is used to add a new aperture range to an existing
924 * aperture in case of dma_ops domain allocation or address allocation
927 static int alloc_new_range(struct dma_ops_domain *dma_dom,
928 bool populate, gfp_t gfp)
930 int index = dma_dom->aperture_size >> APERTURE_RANGE_SHIFT;
931 struct amd_iommu *iommu;
934 #ifdef CONFIG_IOMMU_STRESS
938 if (index >= APERTURE_MAX_RANGES)
941 dma_dom->aperture[index] = kzalloc(sizeof(struct aperture_range), gfp);
942 if (!dma_dom->aperture[index])
945 dma_dom->aperture[index]->bitmap = (void *)get_zeroed_page(gfp);
946 if (!dma_dom->aperture[index]->bitmap)
949 dma_dom->aperture[index]->offset = dma_dom->aperture_size;
952 unsigned long address = dma_dom->aperture_size;
953 int i, num_ptes = APERTURE_RANGE_PAGES / 512;
956 for (i = 0; i < num_ptes; ++i) {
957 pte = alloc_pte(&dma_dom->domain, address, PM_MAP_4k,
962 dma_dom->aperture[index]->pte_pages[i] = pte_page;
964 address += APERTURE_RANGE_SIZE / 64;
968 dma_dom->aperture_size += APERTURE_RANGE_SIZE;
970 /* Intialize the exclusion range if necessary */
971 for_each_iommu(iommu) {
972 if (iommu->exclusion_start &&
973 iommu->exclusion_start >= dma_dom->aperture[index]->offset
974 && iommu->exclusion_start < dma_dom->aperture_size) {
975 unsigned long startpage;
976 int pages = iommu_num_pages(iommu->exclusion_start,
977 iommu->exclusion_length,
979 startpage = iommu->exclusion_start >> PAGE_SHIFT;
980 dma_ops_reserve_addresses(dma_dom, startpage, pages);
985 * Check for areas already mapped as present in the new aperture
986 * range and mark those pages as reserved in the allocator. Such
987 * mappings may already exist as a result of requested unity
988 * mappings for devices.
990 for (i = dma_dom->aperture[index]->offset;
991 i < dma_dom->aperture_size;
993 u64 *pte = fetch_pte(&dma_dom->domain, i, PM_MAP_4k);
994 if (!pte || !IOMMU_PTE_PRESENT(*pte))
997 dma_ops_reserve_addresses(dma_dom, i << PAGE_SHIFT, 1);
1000 update_domain(&dma_dom->domain);
1005 update_domain(&dma_dom->domain);
1007 free_page((unsigned long)dma_dom->aperture[index]->bitmap);
1009 kfree(dma_dom->aperture[index]);
1010 dma_dom->aperture[index] = NULL;
1015 static unsigned long dma_ops_area_alloc(struct device *dev,
1016 struct dma_ops_domain *dom,
1018 unsigned long align_mask,
1020 unsigned long start)
1022 unsigned long next_bit = dom->next_address % APERTURE_RANGE_SIZE;
1023 int max_index = dom->aperture_size >> APERTURE_RANGE_SHIFT;
1024 int i = start >> APERTURE_RANGE_SHIFT;
1025 unsigned long boundary_size;
1026 unsigned long address = -1;
1027 unsigned long limit;
1029 next_bit >>= PAGE_SHIFT;
1031 boundary_size = ALIGN(dma_get_seg_boundary(dev) + 1,
1032 PAGE_SIZE) >> PAGE_SHIFT;
1034 for (;i < max_index; ++i) {
1035 unsigned long offset = dom->aperture[i]->offset >> PAGE_SHIFT;
1037 if (dom->aperture[i]->offset >= dma_mask)
1040 limit = iommu_device_max_index(APERTURE_RANGE_PAGES, offset,
1041 dma_mask >> PAGE_SHIFT);
1043 address = iommu_area_alloc(dom->aperture[i]->bitmap,
1044 limit, next_bit, pages, 0,
1045 boundary_size, align_mask);
1046 if (address != -1) {
1047 address = dom->aperture[i]->offset +
1048 (address << PAGE_SHIFT);
1049 dom->next_address = address + (pages << PAGE_SHIFT);
1059 static unsigned long dma_ops_alloc_addresses(struct device *dev,
1060 struct dma_ops_domain *dom,
1062 unsigned long align_mask,
1065 unsigned long address;
1067 #ifdef CONFIG_IOMMU_STRESS
1068 dom->next_address = 0;
1069 dom->need_flush = true;
1072 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1073 dma_mask, dom->next_address);
1075 if (address == -1) {
1076 dom->next_address = 0;
1077 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1079 dom->need_flush = true;
1082 if (unlikely(address == -1))
1083 address = DMA_ERROR_CODE;
1085 WARN_ON((address + (PAGE_SIZE*pages)) > dom->aperture_size);
1091 * The address free function.
1093 * called with domain->lock held
1095 static void dma_ops_free_addresses(struct dma_ops_domain *dom,
1096 unsigned long address,
1099 unsigned i = address >> APERTURE_RANGE_SHIFT;
1100 struct aperture_range *range = dom->aperture[i];
1102 BUG_ON(i >= APERTURE_MAX_RANGES || range == NULL);
1104 #ifdef CONFIG_IOMMU_STRESS
1109 if (address >= dom->next_address)
1110 dom->need_flush = true;
1112 address = (address % APERTURE_RANGE_SIZE) >> PAGE_SHIFT;
1114 iommu_area_free(range->bitmap, address, pages);
1118 /****************************************************************************
1120 * The next functions belong to the domain allocation. A domain is
1121 * allocated for every IOMMU as the default domain. If device isolation
1122 * is enabled, every device get its own domain. The most important thing
1123 * about domains is the page table mapping the DMA address space they
1126 ****************************************************************************/
1129 * This function adds a protection domain to the global protection domain list
1131 static void add_domain_to_list(struct protection_domain *domain)
1133 unsigned long flags;
1135 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1136 list_add(&domain->list, &amd_iommu_pd_list);
1137 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1141 * This function removes a protection domain to the global
1142 * protection domain list
1144 static void del_domain_from_list(struct protection_domain *domain)
1146 unsigned long flags;
1148 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1149 list_del(&domain->list);
1150 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1153 static u16 domain_id_alloc(void)
1155 unsigned long flags;
1158 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1159 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
1161 if (id > 0 && id < MAX_DOMAIN_ID)
1162 __set_bit(id, amd_iommu_pd_alloc_bitmap);
1165 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1170 static void domain_id_free(int id)
1172 unsigned long flags;
1174 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1175 if (id > 0 && id < MAX_DOMAIN_ID)
1176 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1177 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1180 static void free_pagetable(struct protection_domain *domain)
1185 p1 = domain->pt_root;
1190 for (i = 0; i < 512; ++i) {
1191 if (!IOMMU_PTE_PRESENT(p1[i]))
1194 p2 = IOMMU_PTE_PAGE(p1[i]);
1195 for (j = 0; j < 512; ++j) {
1196 if (!IOMMU_PTE_PRESENT(p2[j]))
1198 p3 = IOMMU_PTE_PAGE(p2[j]);
1199 free_page((unsigned long)p3);
1202 free_page((unsigned long)p2);
1205 free_page((unsigned long)p1);
1207 domain->pt_root = NULL;
1211 * Free a domain, only used if something went wrong in the
1212 * allocation path and we need to free an already allocated page table
1214 static void dma_ops_domain_free(struct dma_ops_domain *dom)
1221 del_domain_from_list(&dom->domain);
1223 free_pagetable(&dom->domain);
1225 for (i = 0; i < APERTURE_MAX_RANGES; ++i) {
1226 if (!dom->aperture[i])
1228 free_page((unsigned long)dom->aperture[i]->bitmap);
1229 kfree(dom->aperture[i]);
1236 * Allocates a new protection domain usable for the dma_ops functions.
1237 * It also intializes the page table and the address allocator data
1238 * structures required for the dma_ops interface
1240 static struct dma_ops_domain *dma_ops_domain_alloc(void)
1242 struct dma_ops_domain *dma_dom;
1244 dma_dom = kzalloc(sizeof(struct dma_ops_domain), GFP_KERNEL);
1248 spin_lock_init(&dma_dom->domain.lock);
1250 dma_dom->domain.id = domain_id_alloc();
1251 if (dma_dom->domain.id == 0)
1253 dma_dom->domain.mode = PAGE_MODE_2_LEVEL;
1254 dma_dom->domain.pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1255 dma_dom->domain.flags = PD_DMA_OPS_MASK;
1256 dma_dom->domain.priv = dma_dom;
1257 if (!dma_dom->domain.pt_root)
1260 dma_dom->need_flush = false;
1261 dma_dom->target_dev = 0xffff;
1263 add_domain_to_list(&dma_dom->domain);
1265 if (alloc_new_range(dma_dom, true, GFP_KERNEL))
1269 * mark the first page as allocated so we never return 0 as
1270 * a valid dma-address. So we can use 0 as error value
1272 dma_dom->aperture[0]->bitmap[0] = 1;
1273 dma_dom->next_address = 0;
1279 dma_ops_domain_free(dma_dom);
1285 * little helper function to check whether a given protection domain is a
1288 static bool dma_ops_domain(struct protection_domain *domain)
1290 return domain->flags & PD_DMA_OPS_MASK;
1293 static void set_dte_entry(u16 devid, struct protection_domain *domain)
1295 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1296 u64 pte_root = virt_to_phys(domain->pt_root);
1298 BUG_ON(amd_iommu_pd_table[devid] != NULL);
1300 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1301 << DEV_ENTRY_MODE_SHIFT;
1302 pte_root |= IOMMU_PTE_IR | IOMMU_PTE_IW | IOMMU_PTE_P | IOMMU_PTE_TV;
1304 amd_iommu_dev_table[devid].data[2] = domain->id;
1305 amd_iommu_dev_table[devid].data[1] = upper_32_bits(pte_root);
1306 amd_iommu_dev_table[devid].data[0] = lower_32_bits(pte_root);
1308 amd_iommu_pd_table[devid] = domain;
1310 /* Do reference counting */
1311 domain->dev_iommu[iommu->index] += 1;
1312 domain->dev_cnt += 1;
1314 /* Flush the changes DTE entry */
1315 iommu_queue_inv_dev_entry(iommu, devid);
1318 static void clear_dte_entry(u16 devid)
1320 struct protection_domain *domain = amd_iommu_pd_table[devid];
1321 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1323 BUG_ON(domain == NULL);
1325 /* remove domain from the lookup table */
1326 amd_iommu_pd_table[devid] = NULL;
1328 /* remove entry from the device table seen by the hardware */
1329 amd_iommu_dev_table[devid].data[0] = IOMMU_PTE_P | IOMMU_PTE_TV;
1330 amd_iommu_dev_table[devid].data[1] = 0;
1331 amd_iommu_dev_table[devid].data[2] = 0;
1333 amd_iommu_apply_erratum_63(devid);
1335 /* decrease reference counters */
1336 domain->dev_iommu[iommu->index] -= 1;
1337 domain->dev_cnt -= 1;
1339 iommu_queue_inv_dev_entry(iommu, devid);
1343 * If a device is not yet associated with a domain, this function does
1344 * assigns it visible for the hardware
1346 static int __attach_device(struct device *dev,
1347 struct protection_domain *domain)
1349 u16 devid = get_device_id(dev);
1350 u16 alias = amd_iommu_alias_table[devid];
1353 spin_lock(&domain->lock);
1355 /* Some sanity checks */
1356 if (amd_iommu_pd_table[alias] != NULL &&
1357 amd_iommu_pd_table[alias] != domain)
1360 if (amd_iommu_pd_table[devid] != NULL &&
1361 amd_iommu_pd_table[devid] != domain)
1364 /* Do real assignment */
1365 if (alias != devid &&
1366 amd_iommu_pd_table[alias] == NULL)
1367 set_dte_entry(alias, domain);
1369 if (amd_iommu_pd_table[devid] == NULL)
1370 set_dte_entry(devid, domain);
1373 spin_unlock(&domain->lock);
1379 * If a device is not yet associated with a domain, this function does
1380 * assigns it visible for the hardware
1382 static int attach_device(struct device *dev,
1383 struct protection_domain *domain)
1385 unsigned long flags;
1388 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1389 ret = __attach_device(dev, domain);
1390 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1393 * We might boot into a crash-kernel here. The crashed kernel
1394 * left the caches in the IOMMU dirty. So we have to flush
1395 * here to evict all dirty stuff.
1397 iommu_flush_tlb_pde(domain);
1403 * Removes a device from a protection domain (unlocked)
1405 static void __detach_device(struct device *dev)
1407 u16 devid = get_device_id(dev);
1408 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1412 clear_dte_entry(devid);
1415 * If we run in passthrough mode the device must be assigned to the
1416 * passthrough domain if it is detached from any other domain
1418 if (iommu_pass_through)
1419 __attach_device(dev, pt_domain);
1423 * Removes a device from a protection domain (with devtable_lock held)
1425 static void detach_device(struct device *dev)
1427 unsigned long flags;
1429 /* lock device table */
1430 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1431 __detach_device(dev);
1432 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1436 * Find out the protection domain structure for a given PCI device. This
1437 * will give us the pointer to the page table root for example.
1439 static struct protection_domain *domain_for_device(struct device *dev)
1441 struct protection_domain *dom;
1442 unsigned long flags;
1445 devid = get_device_id(dev);
1446 alias = amd_iommu_alias_table[devid];
1448 read_lock_irqsave(&amd_iommu_devtable_lock, flags);
1449 dom = amd_iommu_pd_table[devid];
1451 amd_iommu_pd_table[alias] != NULL) {
1452 __attach_device(dev, amd_iommu_pd_table[alias]);
1453 dom = amd_iommu_pd_table[devid];
1456 read_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1461 static int device_change_notifier(struct notifier_block *nb,
1462 unsigned long action, void *data)
1464 struct device *dev = data;
1466 struct protection_domain *domain;
1467 struct dma_ops_domain *dma_domain;
1468 struct amd_iommu *iommu;
1469 unsigned long flags;
1471 if (!check_device(dev))
1474 devid = get_device_id(dev);
1475 iommu = amd_iommu_rlookup_table[devid];
1476 domain = domain_for_device(dev);
1478 if (domain && !dma_ops_domain(domain))
1479 WARN_ONCE(1, "AMD IOMMU WARNING: device %s already bound "
1480 "to a non-dma-ops domain\n", dev_name(dev));
1483 case BUS_NOTIFY_UNBOUND_DRIVER:
1486 if (iommu_pass_through)
1490 case BUS_NOTIFY_ADD_DEVICE:
1491 /* allocate a protection domain if a device is added */
1492 dma_domain = find_protection_domain(devid);
1495 dma_domain = dma_ops_domain_alloc();
1498 dma_domain->target_dev = devid;
1500 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1501 list_add_tail(&dma_domain->list, &iommu_pd_list);
1502 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1509 iommu_queue_inv_dev_entry(iommu, devid);
1510 iommu_completion_wait(iommu);
1516 static struct notifier_block device_nb = {
1517 .notifier_call = device_change_notifier,
1520 /*****************************************************************************
1522 * The next functions belong to the dma_ops mapping/unmapping code.
1524 *****************************************************************************/
1527 * In the dma_ops path we only have the struct device. This function
1528 * finds the corresponding IOMMU, the protection domain and the
1529 * requestor id for a given device.
1530 * If the device is not yet associated with a domain this is also done
1533 static struct protection_domain *get_domain(struct device *dev)
1535 struct protection_domain *domain;
1536 struct dma_ops_domain *dma_dom;
1537 u16 devid = get_device_id(dev);
1539 if (!check_device(dev))
1540 return ERR_PTR(-EINVAL);
1542 domain = domain_for_device(dev);
1543 if (domain != NULL && !dma_ops_domain(domain))
1544 return ERR_PTR(-EBUSY);
1549 /* Device not bount yet - bind it */
1550 dma_dom = find_protection_domain(devid);
1552 dma_dom = amd_iommu_rlookup_table[devid]->default_dom;
1553 attach_device(dev, &dma_dom->domain);
1554 DUMP_printk("Using protection domain %d for device %s\n",
1555 dma_dom->domain.id, dev_name(dev));
1557 return &dma_dom->domain;
1560 static void update_device_table(struct protection_domain *domain)
1562 unsigned long flags;
1565 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
1566 if (amd_iommu_pd_table[i] != domain)
1568 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1569 set_dte_entry(i, domain);
1570 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1574 static void update_domain(struct protection_domain *domain)
1576 if (!domain->updated)
1579 update_device_table(domain);
1580 flush_devices_by_domain(domain);
1581 iommu_flush_tlb_pde(domain);
1583 domain->updated = false;
1587 * This function fetches the PTE for a given address in the aperture
1589 static u64* dma_ops_get_pte(struct dma_ops_domain *dom,
1590 unsigned long address)
1592 struct aperture_range *aperture;
1593 u64 *pte, *pte_page;
1595 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1599 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1601 pte = alloc_pte(&dom->domain, address, PM_MAP_4k, &pte_page,
1603 aperture->pte_pages[APERTURE_PAGE_INDEX(address)] = pte_page;
1605 pte += PM_LEVEL_INDEX(0, address);
1607 update_domain(&dom->domain);
1613 * This is the generic map function. It maps one 4kb page at paddr to
1614 * the given address in the DMA address space for the domain.
1616 static dma_addr_t dma_ops_domain_map(struct dma_ops_domain *dom,
1617 unsigned long address,
1623 WARN_ON(address > dom->aperture_size);
1627 pte = dma_ops_get_pte(dom, address);
1629 return DMA_ERROR_CODE;
1631 __pte = paddr | IOMMU_PTE_P | IOMMU_PTE_FC;
1633 if (direction == DMA_TO_DEVICE)
1634 __pte |= IOMMU_PTE_IR;
1635 else if (direction == DMA_FROM_DEVICE)
1636 __pte |= IOMMU_PTE_IW;
1637 else if (direction == DMA_BIDIRECTIONAL)
1638 __pte |= IOMMU_PTE_IR | IOMMU_PTE_IW;
1644 return (dma_addr_t)address;
1648 * The generic unmapping function for on page in the DMA address space.
1650 static void dma_ops_domain_unmap(struct dma_ops_domain *dom,
1651 unsigned long address)
1653 struct aperture_range *aperture;
1656 if (address >= dom->aperture_size)
1659 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1663 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1667 pte += PM_LEVEL_INDEX(0, address);
1675 * This function contains common code for mapping of a physically
1676 * contiguous memory region into DMA address space. It is used by all
1677 * mapping functions provided with this IOMMU driver.
1678 * Must be called with the domain lock held.
1680 static dma_addr_t __map_single(struct device *dev,
1681 struct dma_ops_domain *dma_dom,
1688 dma_addr_t offset = paddr & ~PAGE_MASK;
1689 dma_addr_t address, start, ret;
1691 unsigned long align_mask = 0;
1694 pages = iommu_num_pages(paddr, size, PAGE_SIZE);
1697 INC_STATS_COUNTER(total_map_requests);
1700 INC_STATS_COUNTER(cross_page);
1703 align_mask = (1UL << get_order(size)) - 1;
1706 address = dma_ops_alloc_addresses(dev, dma_dom, pages, align_mask,
1708 if (unlikely(address == DMA_ERROR_CODE)) {
1710 * setting next_address here will let the address
1711 * allocator only scan the new allocated range in the
1712 * first run. This is a small optimization.
1714 dma_dom->next_address = dma_dom->aperture_size;
1716 if (alloc_new_range(dma_dom, false, GFP_ATOMIC))
1720 * aperture was sucessfully enlarged by 128 MB, try
1727 for (i = 0; i < pages; ++i) {
1728 ret = dma_ops_domain_map(dma_dom, start, paddr, dir);
1729 if (ret == DMA_ERROR_CODE)
1737 ADD_STATS_COUNTER(alloced_io_mem, size);
1739 if (unlikely(dma_dom->need_flush && !amd_iommu_unmap_flush)) {
1740 iommu_flush_tlb(&dma_dom->domain);
1741 dma_dom->need_flush = false;
1742 } else if (unlikely(amd_iommu_np_cache))
1743 iommu_flush_pages(&dma_dom->domain, address, size);
1750 for (--i; i >= 0; --i) {
1752 dma_ops_domain_unmap(dma_dom, start);
1755 dma_ops_free_addresses(dma_dom, address, pages);
1757 return DMA_ERROR_CODE;
1761 * Does the reverse of the __map_single function. Must be called with
1762 * the domain lock held too
1764 static void __unmap_single(struct dma_ops_domain *dma_dom,
1765 dma_addr_t dma_addr,
1769 dma_addr_t i, start;
1772 if ((dma_addr == DMA_ERROR_CODE) ||
1773 (dma_addr + size > dma_dom->aperture_size))
1776 pages = iommu_num_pages(dma_addr, size, PAGE_SIZE);
1777 dma_addr &= PAGE_MASK;
1780 for (i = 0; i < pages; ++i) {
1781 dma_ops_domain_unmap(dma_dom, start);
1785 SUB_STATS_COUNTER(alloced_io_mem, size);
1787 dma_ops_free_addresses(dma_dom, dma_addr, pages);
1789 if (amd_iommu_unmap_flush || dma_dom->need_flush) {
1790 iommu_flush_pages(&dma_dom->domain, dma_addr, size);
1791 dma_dom->need_flush = false;
1796 * The exported map_single function for dma_ops.
1798 static dma_addr_t map_page(struct device *dev, struct page *page,
1799 unsigned long offset, size_t size,
1800 enum dma_data_direction dir,
1801 struct dma_attrs *attrs)
1803 unsigned long flags;
1804 struct protection_domain *domain;
1807 phys_addr_t paddr = page_to_phys(page) + offset;
1809 INC_STATS_COUNTER(cnt_map_single);
1811 domain = get_domain(dev);
1812 if (PTR_ERR(domain) == -EINVAL)
1813 return (dma_addr_t)paddr;
1814 else if (IS_ERR(domain))
1815 return DMA_ERROR_CODE;
1817 dma_mask = *dev->dma_mask;
1819 spin_lock_irqsave(&domain->lock, flags);
1821 addr = __map_single(dev, domain->priv, paddr, size, dir, false,
1823 if (addr == DMA_ERROR_CODE)
1826 iommu_flush_complete(domain);
1829 spin_unlock_irqrestore(&domain->lock, flags);
1835 * The exported unmap_single function for dma_ops.
1837 static void unmap_page(struct device *dev, dma_addr_t dma_addr, size_t size,
1838 enum dma_data_direction dir, struct dma_attrs *attrs)
1840 unsigned long flags;
1841 struct protection_domain *domain;
1843 INC_STATS_COUNTER(cnt_unmap_single);
1845 domain = get_domain(dev);
1849 spin_lock_irqsave(&domain->lock, flags);
1851 __unmap_single(domain->priv, dma_addr, size, dir);
1853 iommu_flush_complete(domain);
1855 spin_unlock_irqrestore(&domain->lock, flags);
1859 * This is a special map_sg function which is used if we should map a
1860 * device which is not handled by an AMD IOMMU in the system.
1862 static int map_sg_no_iommu(struct device *dev, struct scatterlist *sglist,
1863 int nelems, int dir)
1865 struct scatterlist *s;
1868 for_each_sg(sglist, s, nelems, i) {
1869 s->dma_address = (dma_addr_t)sg_phys(s);
1870 s->dma_length = s->length;
1877 * The exported map_sg function for dma_ops (handles scatter-gather
1880 static int map_sg(struct device *dev, struct scatterlist *sglist,
1881 int nelems, enum dma_data_direction dir,
1882 struct dma_attrs *attrs)
1884 unsigned long flags;
1885 struct protection_domain *domain;
1887 struct scatterlist *s;
1889 int mapped_elems = 0;
1892 INC_STATS_COUNTER(cnt_map_sg);
1894 domain = get_domain(dev);
1895 if (PTR_ERR(domain) == -EINVAL)
1896 return map_sg_no_iommu(dev, sglist, nelems, dir);
1897 else if (IS_ERR(domain))
1900 dma_mask = *dev->dma_mask;
1902 spin_lock_irqsave(&domain->lock, flags);
1904 for_each_sg(sglist, s, nelems, i) {
1907 s->dma_address = __map_single(dev, domain->priv,
1908 paddr, s->length, dir, false,
1911 if (s->dma_address) {
1912 s->dma_length = s->length;
1918 iommu_flush_complete(domain);
1921 spin_unlock_irqrestore(&domain->lock, flags);
1923 return mapped_elems;
1925 for_each_sg(sglist, s, mapped_elems, i) {
1927 __unmap_single(domain->priv, s->dma_address,
1928 s->dma_length, dir);
1929 s->dma_address = s->dma_length = 0;
1938 * The exported map_sg function for dma_ops (handles scatter-gather
1941 static void unmap_sg(struct device *dev, struct scatterlist *sglist,
1942 int nelems, enum dma_data_direction dir,
1943 struct dma_attrs *attrs)
1945 unsigned long flags;
1946 struct protection_domain *domain;
1947 struct scatterlist *s;
1950 INC_STATS_COUNTER(cnt_unmap_sg);
1952 domain = get_domain(dev);
1956 spin_lock_irqsave(&domain->lock, flags);
1958 for_each_sg(sglist, s, nelems, i) {
1959 __unmap_single(domain->priv, s->dma_address,
1960 s->dma_length, dir);
1961 s->dma_address = s->dma_length = 0;
1964 iommu_flush_complete(domain);
1966 spin_unlock_irqrestore(&domain->lock, flags);
1970 * The exported alloc_coherent function for dma_ops.
1972 static void *alloc_coherent(struct device *dev, size_t size,
1973 dma_addr_t *dma_addr, gfp_t flag)
1975 unsigned long flags;
1977 struct protection_domain *domain;
1979 u64 dma_mask = dev->coherent_dma_mask;
1981 INC_STATS_COUNTER(cnt_alloc_coherent);
1983 domain = get_domain(dev);
1984 if (PTR_ERR(domain) == -EINVAL) {
1985 virt_addr = (void *)__get_free_pages(flag, get_order(size));
1986 *dma_addr = __pa(virt_addr);
1988 } else if (IS_ERR(domain))
1991 dma_mask = dev->coherent_dma_mask;
1992 flag &= ~(__GFP_DMA | __GFP_HIGHMEM | __GFP_DMA32);
1995 virt_addr = (void *)__get_free_pages(flag, get_order(size));
1999 paddr = virt_to_phys(virt_addr);
2002 dma_mask = *dev->dma_mask;
2004 spin_lock_irqsave(&domain->lock, flags);
2006 *dma_addr = __map_single(dev, domain->priv, paddr,
2007 size, DMA_BIDIRECTIONAL, true, dma_mask);
2009 if (*dma_addr == DMA_ERROR_CODE) {
2010 spin_unlock_irqrestore(&domain->lock, flags);
2014 iommu_flush_complete(domain);
2016 spin_unlock_irqrestore(&domain->lock, flags);
2022 free_pages((unsigned long)virt_addr, get_order(size));
2028 * The exported free_coherent function for dma_ops.
2030 static void free_coherent(struct device *dev, size_t size,
2031 void *virt_addr, dma_addr_t dma_addr)
2033 unsigned long flags;
2034 struct protection_domain *domain;
2036 INC_STATS_COUNTER(cnt_free_coherent);
2038 domain = get_domain(dev);
2042 spin_lock_irqsave(&domain->lock, flags);
2044 __unmap_single(domain->priv, dma_addr, size, DMA_BIDIRECTIONAL);
2046 iommu_flush_complete(domain);
2048 spin_unlock_irqrestore(&domain->lock, flags);
2051 free_pages((unsigned long)virt_addr, get_order(size));
2055 * This function is called by the DMA layer to find out if we can handle a
2056 * particular device. It is part of the dma_ops.
2058 static int amd_iommu_dma_supported(struct device *dev, u64 mask)
2060 return check_device(dev);
2064 * The function for pre-allocating protection domains.
2066 * If the driver core informs the DMA layer if a driver grabs a device
2067 * we don't need to preallocate the protection domains anymore.
2068 * For now we have to.
2070 static void prealloc_protection_domains(void)
2072 struct pci_dev *dev = NULL;
2073 struct dma_ops_domain *dma_dom;
2076 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2078 /* Do we handle this device? */
2079 if (!check_device(&dev->dev))
2082 /* Is there already any domain for it? */
2083 if (domain_for_device(&dev->dev))
2086 devid = get_device_id(&dev->dev);
2088 dma_dom = dma_ops_domain_alloc();
2091 init_unity_mappings_for_device(dma_dom, devid);
2092 dma_dom->target_dev = devid;
2094 attach_device(&dev->dev, &dma_dom->domain);
2096 list_add_tail(&dma_dom->list, &iommu_pd_list);
2100 static struct dma_map_ops amd_iommu_dma_ops = {
2101 .alloc_coherent = alloc_coherent,
2102 .free_coherent = free_coherent,
2103 .map_page = map_page,
2104 .unmap_page = unmap_page,
2106 .unmap_sg = unmap_sg,
2107 .dma_supported = amd_iommu_dma_supported,
2111 * The function which clues the AMD IOMMU driver into dma_ops.
2113 int __init amd_iommu_init_dma_ops(void)
2115 struct amd_iommu *iommu;
2119 * first allocate a default protection domain for every IOMMU we
2120 * found in the system. Devices not assigned to any other
2121 * protection domain will be assigned to the default one.
2123 for_each_iommu(iommu) {
2124 iommu->default_dom = dma_ops_domain_alloc();
2125 if (iommu->default_dom == NULL)
2127 iommu->default_dom->domain.flags |= PD_DEFAULT_MASK;
2128 ret = iommu_init_unity_mappings(iommu);
2134 * Pre-allocate the protection domains for each device.
2136 prealloc_protection_domains();
2140 #ifdef CONFIG_GART_IOMMU
2141 gart_iommu_aperture_disabled = 1;
2142 gart_iommu_aperture = 0;
2145 /* Make the driver finally visible to the drivers */
2146 dma_ops = &amd_iommu_dma_ops;
2148 register_iommu(&amd_iommu_ops);
2150 bus_register_notifier(&pci_bus_type, &device_nb);
2152 amd_iommu_stats_init();
2158 for_each_iommu(iommu) {
2159 if (iommu->default_dom)
2160 dma_ops_domain_free(iommu->default_dom);
2166 /*****************************************************************************
2168 * The following functions belong to the exported interface of AMD IOMMU
2170 * This interface allows access to lower level functions of the IOMMU
2171 * like protection domain handling and assignement of devices to domains
2172 * which is not possible with the dma_ops interface.
2174 *****************************************************************************/
2176 static void cleanup_domain(struct protection_domain *domain)
2178 unsigned long flags;
2181 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
2183 for (devid = 0; devid <= amd_iommu_last_bdf; ++devid)
2184 if (amd_iommu_pd_table[devid] == domain)
2185 clear_dte_entry(devid);
2187 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
2190 static void protection_domain_free(struct protection_domain *domain)
2195 del_domain_from_list(domain);
2198 domain_id_free(domain->id);
2203 static struct protection_domain *protection_domain_alloc(void)
2205 struct protection_domain *domain;
2207 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2211 spin_lock_init(&domain->lock);
2212 domain->id = domain_id_alloc();
2216 add_domain_to_list(domain);
2226 static int amd_iommu_domain_init(struct iommu_domain *dom)
2228 struct protection_domain *domain;
2230 domain = protection_domain_alloc();
2234 domain->mode = PAGE_MODE_3_LEVEL;
2235 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2236 if (!domain->pt_root)
2244 protection_domain_free(domain);
2249 static void amd_iommu_domain_destroy(struct iommu_domain *dom)
2251 struct protection_domain *domain = dom->priv;
2256 if (domain->dev_cnt > 0)
2257 cleanup_domain(domain);
2259 BUG_ON(domain->dev_cnt != 0);
2261 free_pagetable(domain);
2263 domain_id_free(domain->id);
2270 static void amd_iommu_detach_device(struct iommu_domain *dom,
2273 struct amd_iommu *iommu;
2276 if (!check_device(dev))
2279 devid = get_device_id(dev);
2281 if (amd_iommu_pd_table[devid] != NULL)
2284 iommu = amd_iommu_rlookup_table[devid];
2288 iommu_queue_inv_dev_entry(iommu, devid);
2289 iommu_completion_wait(iommu);
2292 static int amd_iommu_attach_device(struct iommu_domain *dom,
2295 struct protection_domain *domain = dom->priv;
2296 struct protection_domain *old_domain;
2297 struct amd_iommu *iommu;
2301 if (!check_device(dev))
2304 devid = get_device_id(dev);
2306 iommu = amd_iommu_rlookup_table[devid];
2310 old_domain = amd_iommu_pd_table[devid];
2314 ret = attach_device(dev, domain);
2316 iommu_completion_wait(iommu);
2321 static int amd_iommu_map_range(struct iommu_domain *dom,
2322 unsigned long iova, phys_addr_t paddr,
2323 size_t size, int iommu_prot)
2325 struct protection_domain *domain = dom->priv;
2326 unsigned long i, npages = iommu_num_pages(paddr, size, PAGE_SIZE);
2330 if (iommu_prot & IOMMU_READ)
2331 prot |= IOMMU_PROT_IR;
2332 if (iommu_prot & IOMMU_WRITE)
2333 prot |= IOMMU_PROT_IW;
2338 for (i = 0; i < npages; ++i) {
2339 ret = iommu_map_page(domain, iova, paddr, prot, PM_MAP_4k);
2350 static void amd_iommu_unmap_range(struct iommu_domain *dom,
2351 unsigned long iova, size_t size)
2354 struct protection_domain *domain = dom->priv;
2355 unsigned long i, npages = iommu_num_pages(iova, size, PAGE_SIZE);
2359 for (i = 0; i < npages; ++i) {
2360 iommu_unmap_page(domain, iova, PM_MAP_4k);
2364 iommu_flush_tlb_pde(domain);
2367 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2370 struct protection_domain *domain = dom->priv;
2371 unsigned long offset = iova & ~PAGE_MASK;
2375 pte = fetch_pte(domain, iova, PM_MAP_4k);
2377 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2380 paddr = *pte & IOMMU_PAGE_MASK;
2386 static int amd_iommu_domain_has_cap(struct iommu_domain *domain,
2392 static struct iommu_ops amd_iommu_ops = {
2393 .domain_init = amd_iommu_domain_init,
2394 .domain_destroy = amd_iommu_domain_destroy,
2395 .attach_dev = amd_iommu_attach_device,
2396 .detach_dev = amd_iommu_detach_device,
2397 .map = amd_iommu_map_range,
2398 .unmap = amd_iommu_unmap_range,
2399 .iova_to_phys = amd_iommu_iova_to_phys,
2400 .domain_has_cap = amd_iommu_domain_has_cap,
2403 /*****************************************************************************
2405 * The next functions do a basic initialization of IOMMU for pass through
2408 * In passthrough mode the IOMMU is initialized and enabled but not used for
2409 * DMA-API translation.
2411 *****************************************************************************/
2413 int __init amd_iommu_init_passthrough(void)
2415 struct amd_iommu *iommu;
2416 struct pci_dev *dev = NULL;
2419 /* allocate passthroug domain */
2420 pt_domain = protection_domain_alloc();
2424 pt_domain->mode |= PAGE_MODE_NONE;
2426 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2428 if (!check_device(&dev->dev))
2431 devid = get_device_id(&dev->dev);
2433 iommu = amd_iommu_rlookup_table[devid];
2437 attach_device(&dev->dev, pt_domain);
2440 pr_info("AMD-Vi: Initialized for Passthrough Mode\n");
git.openpandora.org / pandora-kernel.git / blob