2 * Copyright (C) 2007-2008 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
4 * Leo Duran <leo.duran@amd.com>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published
8 * by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/pci.h>
21 #include <linux/gfp.h>
22 #include <linux/bitops.h>
23 #include <linux/debugfs.h>
24 #include <linux/scatterlist.h>
25 #include <linux/dma-mapping.h>
26 #include <linux/iommu-helper.h>
27 #include <linux/iommu.h>
28 #include <asm/proto.h>
29 #include <asm/iommu.h>
31 #include <asm/amd_iommu_types.h>
32 #include <asm/amd_iommu.h>
34 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
36 #define EXIT_LOOP_COUNT 10000000
38 static DEFINE_RWLOCK(amd_iommu_devtable_lock);
40 /* A list of preallocated protection domains */
41 static LIST_HEAD(iommu_pd_list);
42 static DEFINE_SPINLOCK(iommu_pd_list_lock);
45 * Domain for untranslated devices - only allocated
46 * if iommu=pt passed on kernel cmd line.
48 static struct protection_domain *pt_domain;
50 static struct iommu_ops amd_iommu_ops;
53 * general struct to manage commands send to an IOMMU
59 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
60 struct unity_map_entry *e);
61 static struct dma_ops_domain *find_protection_domain(u16 devid);
62 static u64 *alloc_pte(struct protection_domain *domain,
63 unsigned long address, int end_lvl,
64 u64 **pte_page, gfp_t gfp);
65 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
66 unsigned long start_page,
68 static void reset_iommu_command_buffer(struct amd_iommu *iommu);
69 static u64 *fetch_pte(struct protection_domain *domain,
70 unsigned long address, int map_size);
71 static void update_domain(struct protection_domain *domain);
73 #ifdef CONFIG_AMD_IOMMU_STATS
76 * Initialization code for statistics collection
79 DECLARE_STATS_COUNTER(compl_wait);
80 DECLARE_STATS_COUNTER(cnt_map_single);
81 DECLARE_STATS_COUNTER(cnt_unmap_single);
82 DECLARE_STATS_COUNTER(cnt_map_sg);
83 DECLARE_STATS_COUNTER(cnt_unmap_sg);
84 DECLARE_STATS_COUNTER(cnt_alloc_coherent);
85 DECLARE_STATS_COUNTER(cnt_free_coherent);
86 DECLARE_STATS_COUNTER(cross_page);
87 DECLARE_STATS_COUNTER(domain_flush_single);
88 DECLARE_STATS_COUNTER(domain_flush_all);
89 DECLARE_STATS_COUNTER(alloced_io_mem);
90 DECLARE_STATS_COUNTER(total_map_requests);
92 static struct dentry *stats_dir;
93 static struct dentry *de_isolate;
94 static struct dentry *de_fflush;
96 static void amd_iommu_stats_add(struct __iommu_counter *cnt)
98 if (stats_dir == NULL)
101 cnt->dent = debugfs_create_u64(cnt->name, 0444, stats_dir,
105 static void amd_iommu_stats_init(void)
107 stats_dir = debugfs_create_dir("amd-iommu", NULL);
108 if (stats_dir == NULL)
111 de_isolate = debugfs_create_bool("isolation", 0444, stats_dir,
112 (u32 *)&amd_iommu_isolate);
114 de_fflush = debugfs_create_bool("fullflush", 0444, stats_dir,
115 (u32 *)&amd_iommu_unmap_flush);
117 amd_iommu_stats_add(&compl_wait);
118 amd_iommu_stats_add(&cnt_map_single);
119 amd_iommu_stats_add(&cnt_unmap_single);
120 amd_iommu_stats_add(&cnt_map_sg);
121 amd_iommu_stats_add(&cnt_unmap_sg);
122 amd_iommu_stats_add(&cnt_alloc_coherent);
123 amd_iommu_stats_add(&cnt_free_coherent);
124 amd_iommu_stats_add(&cross_page);
125 amd_iommu_stats_add(&domain_flush_single);
126 amd_iommu_stats_add(&domain_flush_all);
127 amd_iommu_stats_add(&alloced_io_mem);
128 amd_iommu_stats_add(&total_map_requests);
133 /* returns !0 if the IOMMU is caching non-present entries in its TLB */
134 static int iommu_has_npcache(struct amd_iommu *iommu)
136 return iommu->cap & (1UL << IOMMU_CAP_NPCACHE);
139 /****************************************************************************
141 * Interrupt handling functions
143 ****************************************************************************/
145 static void dump_dte_entry(u16 devid)
149 for (i = 0; i < 8; ++i)
150 pr_err("AMD-Vi: DTE[%d]: %08x\n", i,
151 amd_iommu_dev_table[devid].data[i]);
154 static void dump_command(unsigned long phys_addr)
156 struct iommu_cmd *cmd = phys_to_virt(phys_addr);
159 for (i = 0; i < 4; ++i)
160 pr_err("AMD-Vi: CMD[%d]: %08x\n", i, cmd->data[i]);
163 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
166 int type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
167 int devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
168 int domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
169 int flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
170 u64 address = (u64)(((u64)event[3]) << 32) | event[2];
172 printk(KERN_ERR "AMD-Vi: Event logged [");
175 case EVENT_TYPE_ILL_DEV:
176 printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
177 "address=0x%016llx flags=0x%04x]\n",
178 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
180 dump_dte_entry(devid);
182 case EVENT_TYPE_IO_FAULT:
183 printk("IO_PAGE_FAULT device=%02x:%02x.%x "
184 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
185 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
186 domid, address, flags);
188 case EVENT_TYPE_DEV_TAB_ERR:
189 printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
190 "address=0x%016llx flags=0x%04x]\n",
191 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
194 case EVENT_TYPE_PAGE_TAB_ERR:
195 printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
196 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
197 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
198 domid, address, flags);
200 case EVENT_TYPE_ILL_CMD:
201 printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
202 reset_iommu_command_buffer(iommu);
203 dump_command(address);
205 case EVENT_TYPE_CMD_HARD_ERR:
206 printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
207 "flags=0x%04x]\n", address, flags);
209 case EVENT_TYPE_IOTLB_INV_TO:
210 printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
211 "address=0x%016llx]\n",
212 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
215 case EVENT_TYPE_INV_DEV_REQ:
216 printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
217 "address=0x%016llx flags=0x%04x]\n",
218 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
222 printk(KERN_ERR "UNKNOWN type=0x%02x]\n", type);
226 static void iommu_poll_events(struct amd_iommu *iommu)
231 spin_lock_irqsave(&iommu->lock, flags);
233 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
234 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
236 while (head != tail) {
237 iommu_print_event(iommu, iommu->evt_buf + head);
238 head = (head + EVENT_ENTRY_SIZE) % iommu->evt_buf_size;
241 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
243 spin_unlock_irqrestore(&iommu->lock, flags);
246 irqreturn_t amd_iommu_int_handler(int irq, void *data)
248 struct amd_iommu *iommu;
250 for_each_iommu(iommu)
251 iommu_poll_events(iommu);
256 /****************************************************************************
258 * IOMMU command queuing functions
260 ****************************************************************************/
263 * Writes the command to the IOMMUs command buffer and informs the
264 * hardware about the new command. Must be called with iommu->lock held.
266 static int __iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
271 tail = readl(iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
272 target = iommu->cmd_buf + tail;
273 memcpy_toio(target, cmd, sizeof(*cmd));
274 tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
275 head = readl(iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
278 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
284 * General queuing function for commands. Takes iommu->lock and calls
285 * __iommu_queue_command().
287 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
292 spin_lock_irqsave(&iommu->lock, flags);
293 ret = __iommu_queue_command(iommu, cmd);
295 iommu->need_sync = true;
296 spin_unlock_irqrestore(&iommu->lock, flags);
302 * This function waits until an IOMMU has completed a completion
305 static void __iommu_wait_for_completion(struct amd_iommu *iommu)
311 INC_STATS_COUNTER(compl_wait);
313 while (!ready && (i < EXIT_LOOP_COUNT)) {
315 /* wait for the bit to become one */
316 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
317 ready = status & MMIO_STATUS_COM_WAIT_INT_MASK;
320 /* set bit back to zero */
321 status &= ~MMIO_STATUS_COM_WAIT_INT_MASK;
322 writel(status, iommu->mmio_base + MMIO_STATUS_OFFSET);
324 if (unlikely(i == EXIT_LOOP_COUNT)) {
325 spin_unlock(&iommu->lock);
326 reset_iommu_command_buffer(iommu);
327 spin_lock(&iommu->lock);
332 * This function queues a completion wait command into the command
335 static int __iommu_completion_wait(struct amd_iommu *iommu)
337 struct iommu_cmd cmd;
339 memset(&cmd, 0, sizeof(cmd));
340 cmd.data[0] = CMD_COMPL_WAIT_INT_MASK;
341 CMD_SET_TYPE(&cmd, CMD_COMPL_WAIT);
343 return __iommu_queue_command(iommu, &cmd);
347 * This function is called whenever we need to ensure that the IOMMU has
348 * completed execution of all commands we sent. It sends a
349 * COMPLETION_WAIT command and waits for it to finish. The IOMMU informs
350 * us about that by writing a value to a physical address we pass with
353 static int iommu_completion_wait(struct amd_iommu *iommu)
358 spin_lock_irqsave(&iommu->lock, flags);
360 if (!iommu->need_sync)
363 ret = __iommu_completion_wait(iommu);
365 iommu->need_sync = false;
370 __iommu_wait_for_completion(iommu);
373 spin_unlock_irqrestore(&iommu->lock, flags);
379 * Command send function for invalidating a device table entry
381 static int iommu_queue_inv_dev_entry(struct amd_iommu *iommu, u16 devid)
383 struct iommu_cmd cmd;
386 BUG_ON(iommu == NULL);
388 memset(&cmd, 0, sizeof(cmd));
389 CMD_SET_TYPE(&cmd, CMD_INV_DEV_ENTRY);
392 ret = iommu_queue_command(iommu, &cmd);
397 static void __iommu_build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
398 u16 domid, int pde, int s)
400 memset(cmd, 0, sizeof(*cmd));
401 address &= PAGE_MASK;
402 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
403 cmd->data[1] |= domid;
404 cmd->data[2] = lower_32_bits(address);
405 cmd->data[3] = upper_32_bits(address);
406 if (s) /* size bit - we flush more than one 4kb page */
407 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
408 if (pde) /* PDE bit - we wan't flush everything not only the PTEs */
409 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
413 * Generic command send function for invalidaing TLB entries
415 static int iommu_queue_inv_iommu_pages(struct amd_iommu *iommu,
416 u64 address, u16 domid, int pde, int s)
418 struct iommu_cmd cmd;
421 __iommu_build_inv_iommu_pages(&cmd, address, domid, pde, s);
423 ret = iommu_queue_command(iommu, &cmd);
429 * TLB invalidation function which is called from the mapping functions.
430 * It invalidates a single PTE if the range to flush is within a single
431 * page. Otherwise it flushes the whole TLB of the IOMMU.
433 static int iommu_flush_pages(struct amd_iommu *iommu, u16 domid,
434 u64 address, size_t size)
437 unsigned pages = iommu_num_pages(address, size, PAGE_SIZE);
439 address &= PAGE_MASK;
443 * If we have to flush more than one page, flush all
444 * TLB entries for this domain
446 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
450 iommu_queue_inv_iommu_pages(iommu, address, domid, 0, s);
455 /* Flush the whole IO/TLB for a given protection domain */
456 static void iommu_flush_tlb(struct amd_iommu *iommu, u16 domid)
458 u64 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
460 INC_STATS_COUNTER(domain_flush_single);
462 iommu_queue_inv_iommu_pages(iommu, address, domid, 0, 1);
465 /* Flush the whole IO/TLB for a given protection domain - including PDE */
466 static void iommu_flush_tlb_pde(struct amd_iommu *iommu, u16 domid)
468 u64 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
470 INC_STATS_COUNTER(domain_flush_single);
472 iommu_queue_inv_iommu_pages(iommu, address, domid, 1, 1);
476 * This function flushes one domain on one IOMMU
478 static void flush_domain_on_iommu(struct amd_iommu *iommu, u16 domid)
480 struct iommu_cmd cmd;
483 __iommu_build_inv_iommu_pages(&cmd, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
486 spin_lock_irqsave(&iommu->lock, flags);
487 __iommu_queue_command(iommu, &cmd);
488 __iommu_completion_wait(iommu);
489 __iommu_wait_for_completion(iommu);
490 spin_unlock_irqrestore(&iommu->lock, flags);
493 static void flush_all_domains_on_iommu(struct amd_iommu *iommu)
497 for (i = 1; i < MAX_DOMAIN_ID; ++i) {
498 if (!test_bit(i, amd_iommu_pd_alloc_bitmap))
500 flush_domain_on_iommu(iommu, i);
506 * This function is used to flush the IO/TLB for a given protection domain
507 * on every IOMMU in the system
509 static void iommu_flush_domain(u16 domid)
511 struct amd_iommu *iommu;
513 INC_STATS_COUNTER(domain_flush_all);
515 for_each_iommu(iommu)
516 flush_domain_on_iommu(iommu, domid);
519 void amd_iommu_flush_all_domains(void)
521 struct amd_iommu *iommu;
523 for_each_iommu(iommu)
524 flush_all_domains_on_iommu(iommu);
527 static void flush_all_devices_for_iommu(struct amd_iommu *iommu)
531 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
532 if (iommu != amd_iommu_rlookup_table[i])
535 iommu_queue_inv_dev_entry(iommu, i);
536 iommu_completion_wait(iommu);
540 static void flush_devices_by_domain(struct protection_domain *domain)
542 struct amd_iommu *iommu;
545 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
546 if ((domain == NULL && amd_iommu_pd_table[i] == NULL) ||
547 (amd_iommu_pd_table[i] != domain))
550 iommu = amd_iommu_rlookup_table[i];
554 iommu_queue_inv_dev_entry(iommu, i);
555 iommu_completion_wait(iommu);
559 static void reset_iommu_command_buffer(struct amd_iommu *iommu)
561 pr_err("AMD-Vi: Resetting IOMMU command buffer\n");
563 if (iommu->reset_in_progress)
564 panic("AMD-Vi: ILLEGAL_COMMAND_ERROR while resetting command buffer\n");
566 iommu->reset_in_progress = true;
568 amd_iommu_reset_cmd_buffer(iommu);
569 flush_all_devices_for_iommu(iommu);
570 flush_all_domains_on_iommu(iommu);
572 iommu->reset_in_progress = false;
575 void amd_iommu_flush_all_devices(void)
577 flush_devices_by_domain(NULL);
580 /****************************************************************************
582 * The functions below are used the create the page table mappings for
583 * unity mapped regions.
585 ****************************************************************************/
588 * Generic mapping functions. It maps a physical address into a DMA
589 * address space. It allocates the page table pages if necessary.
590 * In the future it can be extended to a generic mapping function
591 * supporting all features of AMD IOMMU page tables like level skipping
592 * and full 64 bit address spaces.
594 static int iommu_map_page(struct protection_domain *dom,
595 unsigned long bus_addr,
596 unsigned long phys_addr,
602 bus_addr = PAGE_ALIGN(bus_addr);
603 phys_addr = PAGE_ALIGN(phys_addr);
605 BUG_ON(!PM_ALIGNED(map_size, bus_addr));
606 BUG_ON(!PM_ALIGNED(map_size, phys_addr));
608 if (!(prot & IOMMU_PROT_MASK))
611 pte = alloc_pte(dom, bus_addr, map_size, NULL, GFP_KERNEL);
613 if (IOMMU_PTE_PRESENT(*pte))
616 __pte = phys_addr | IOMMU_PTE_P;
617 if (prot & IOMMU_PROT_IR)
618 __pte |= IOMMU_PTE_IR;
619 if (prot & IOMMU_PROT_IW)
620 __pte |= IOMMU_PTE_IW;
629 static void iommu_unmap_page(struct protection_domain *dom,
630 unsigned long bus_addr, int map_size)
632 u64 *pte = fetch_pte(dom, bus_addr, map_size);
639 * This function checks if a specific unity mapping entry is needed for
640 * this specific IOMMU.
642 static int iommu_for_unity_map(struct amd_iommu *iommu,
643 struct unity_map_entry *entry)
647 for (i = entry->devid_start; i <= entry->devid_end; ++i) {
648 bdf = amd_iommu_alias_table[i];
649 if (amd_iommu_rlookup_table[bdf] == iommu)
657 * Init the unity mappings for a specific IOMMU in the system
659 * Basically iterates over all unity mapping entries and applies them to
660 * the default domain DMA of that IOMMU if necessary.
662 static int iommu_init_unity_mappings(struct amd_iommu *iommu)
664 struct unity_map_entry *entry;
667 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
668 if (!iommu_for_unity_map(iommu, entry))
670 ret = dma_ops_unity_map(iommu->default_dom, entry);
679 * This function actually applies the mapping to the page table of the
682 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
683 struct unity_map_entry *e)
688 for (addr = e->address_start; addr < e->address_end;
690 ret = iommu_map_page(&dma_dom->domain, addr, addr, e->prot,
695 * if unity mapping is in aperture range mark the page
696 * as allocated in the aperture
698 if (addr < dma_dom->aperture_size)
699 __set_bit(addr >> PAGE_SHIFT,
700 dma_dom->aperture[0]->bitmap);
707 * Inits the unity mappings required for a specific device
709 static int init_unity_mappings_for_device(struct dma_ops_domain *dma_dom,
712 struct unity_map_entry *e;
715 list_for_each_entry(e, &amd_iommu_unity_map, list) {
716 if (!(devid >= e->devid_start && devid <= e->devid_end))
718 ret = dma_ops_unity_map(dma_dom, e);
726 /****************************************************************************
728 * The next functions belong to the address allocator for the dma_ops
729 * interface functions. They work like the allocators in the other IOMMU
730 * drivers. Its basically a bitmap which marks the allocated pages in
731 * the aperture. Maybe it could be enhanced in the future to a more
732 * efficient allocator.
734 ****************************************************************************/
737 * The address allocator core functions.
739 * called with domain->lock held
743 * This function checks if there is a PTE for a given dma address. If
744 * there is one, it returns the pointer to it.
746 static u64 *fetch_pte(struct protection_domain *domain,
747 unsigned long address, int map_size)
752 level = domain->mode - 1;
753 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
755 while (level > map_size) {
756 if (!IOMMU_PTE_PRESENT(*pte))
761 pte = IOMMU_PTE_PAGE(*pte);
762 pte = &pte[PM_LEVEL_INDEX(level, address)];
764 if ((PM_PTE_LEVEL(*pte) == 0) && level != map_size) {
774 * This function is used to add a new aperture range to an existing
775 * aperture in case of dma_ops domain allocation or address allocation
778 static int alloc_new_range(struct amd_iommu *iommu,
779 struct dma_ops_domain *dma_dom,
780 bool populate, gfp_t gfp)
782 int index = dma_dom->aperture_size >> APERTURE_RANGE_SHIFT;
785 #ifdef CONFIG_IOMMU_STRESS
789 if (index >= APERTURE_MAX_RANGES)
792 dma_dom->aperture[index] = kzalloc(sizeof(struct aperture_range), gfp);
793 if (!dma_dom->aperture[index])
796 dma_dom->aperture[index]->bitmap = (void *)get_zeroed_page(gfp);
797 if (!dma_dom->aperture[index]->bitmap)
800 dma_dom->aperture[index]->offset = dma_dom->aperture_size;
803 unsigned long address = dma_dom->aperture_size;
804 int i, num_ptes = APERTURE_RANGE_PAGES / 512;
807 for (i = 0; i < num_ptes; ++i) {
808 pte = alloc_pte(&dma_dom->domain, address, PM_MAP_4k,
813 dma_dom->aperture[index]->pte_pages[i] = pte_page;
815 address += APERTURE_RANGE_SIZE / 64;
819 dma_dom->aperture_size += APERTURE_RANGE_SIZE;
821 /* Intialize the exclusion range if necessary */
822 if (iommu->exclusion_start &&
823 iommu->exclusion_start >= dma_dom->aperture[index]->offset &&
824 iommu->exclusion_start < dma_dom->aperture_size) {
825 unsigned long startpage = iommu->exclusion_start >> PAGE_SHIFT;
826 int pages = iommu_num_pages(iommu->exclusion_start,
827 iommu->exclusion_length,
829 dma_ops_reserve_addresses(dma_dom, startpage, pages);
833 * Check for areas already mapped as present in the new aperture
834 * range and mark those pages as reserved in the allocator. Such
835 * mappings may already exist as a result of requested unity
836 * mappings for devices.
838 for (i = dma_dom->aperture[index]->offset;
839 i < dma_dom->aperture_size;
841 u64 *pte = fetch_pte(&dma_dom->domain, i, PM_MAP_4k);
842 if (!pte || !IOMMU_PTE_PRESENT(*pte))
845 dma_ops_reserve_addresses(dma_dom, i << PAGE_SHIFT, 1);
848 update_domain(&dma_dom->domain);
853 update_domain(&dma_dom->domain);
855 free_page((unsigned long)dma_dom->aperture[index]->bitmap);
857 kfree(dma_dom->aperture[index]);
858 dma_dom->aperture[index] = NULL;
863 static unsigned long dma_ops_area_alloc(struct device *dev,
864 struct dma_ops_domain *dom,
866 unsigned long align_mask,
870 unsigned long next_bit = dom->next_address % APERTURE_RANGE_SIZE;
871 int max_index = dom->aperture_size >> APERTURE_RANGE_SHIFT;
872 int i = start >> APERTURE_RANGE_SHIFT;
873 unsigned long boundary_size;
874 unsigned long address = -1;
877 next_bit >>= PAGE_SHIFT;
879 boundary_size = ALIGN(dma_get_seg_boundary(dev) + 1,
880 PAGE_SIZE) >> PAGE_SHIFT;
882 for (;i < max_index; ++i) {
883 unsigned long offset = dom->aperture[i]->offset >> PAGE_SHIFT;
885 if (dom->aperture[i]->offset >= dma_mask)
888 limit = iommu_device_max_index(APERTURE_RANGE_PAGES, offset,
889 dma_mask >> PAGE_SHIFT);
891 address = iommu_area_alloc(dom->aperture[i]->bitmap,
892 limit, next_bit, pages, 0,
893 boundary_size, align_mask);
895 address = dom->aperture[i]->offset +
896 (address << PAGE_SHIFT);
897 dom->next_address = address + (pages << PAGE_SHIFT);
907 static unsigned long dma_ops_alloc_addresses(struct device *dev,
908 struct dma_ops_domain *dom,
910 unsigned long align_mask,
913 unsigned long address;
915 #ifdef CONFIG_IOMMU_STRESS
916 dom->next_address = 0;
917 dom->need_flush = true;
920 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
921 dma_mask, dom->next_address);
924 dom->next_address = 0;
925 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
927 dom->need_flush = true;
930 if (unlikely(address == -1))
931 address = bad_dma_address;
933 WARN_ON((address + (PAGE_SIZE*pages)) > dom->aperture_size);
939 * The address free function.
941 * called with domain->lock held
943 static void dma_ops_free_addresses(struct dma_ops_domain *dom,
944 unsigned long address,
947 unsigned i = address >> APERTURE_RANGE_SHIFT;
948 struct aperture_range *range = dom->aperture[i];
950 BUG_ON(i >= APERTURE_MAX_RANGES || range == NULL);
952 #ifdef CONFIG_IOMMU_STRESS
957 if (address >= dom->next_address)
958 dom->need_flush = true;
960 address = (address % APERTURE_RANGE_SIZE) >> PAGE_SHIFT;
962 iommu_area_free(range->bitmap, address, pages);
966 /****************************************************************************
968 * The next functions belong to the domain allocation. A domain is
969 * allocated for every IOMMU as the default domain. If device isolation
970 * is enabled, every device get its own domain. The most important thing
971 * about domains is the page table mapping the DMA address space they
974 ****************************************************************************/
976 static u16 domain_id_alloc(void)
981 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
982 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
984 if (id > 0 && id < MAX_DOMAIN_ID)
985 __set_bit(id, amd_iommu_pd_alloc_bitmap);
988 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
993 static void domain_id_free(int id)
997 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
998 if (id > 0 && id < MAX_DOMAIN_ID)
999 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1000 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1004 * Used to reserve address ranges in the aperture (e.g. for exclusion
1007 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
1008 unsigned long start_page,
1011 unsigned int i, last_page = dom->aperture_size >> PAGE_SHIFT;
1013 if (start_page + pages > last_page)
1014 pages = last_page - start_page;
1016 for (i = start_page; i < start_page + pages; ++i) {
1017 int index = i / APERTURE_RANGE_PAGES;
1018 int page = i % APERTURE_RANGE_PAGES;
1019 __set_bit(page, dom->aperture[index]->bitmap);
1023 static void free_pagetable(struct protection_domain *domain)
1028 p1 = domain->pt_root;
1033 for (i = 0; i < 512; ++i) {
1034 if (!IOMMU_PTE_PRESENT(p1[i]))
1037 p2 = IOMMU_PTE_PAGE(p1[i]);
1038 for (j = 0; j < 512; ++j) {
1039 if (!IOMMU_PTE_PRESENT(p2[j]))
1041 p3 = IOMMU_PTE_PAGE(p2[j]);
1042 free_page((unsigned long)p3);
1045 free_page((unsigned long)p2);
1048 free_page((unsigned long)p1);
1050 domain->pt_root = NULL;
1054 * Free a domain, only used if something went wrong in the
1055 * allocation path and we need to free an already allocated page table
1057 static void dma_ops_domain_free(struct dma_ops_domain *dom)
1064 free_pagetable(&dom->domain);
1066 for (i = 0; i < APERTURE_MAX_RANGES; ++i) {
1067 if (!dom->aperture[i])
1069 free_page((unsigned long)dom->aperture[i]->bitmap);
1070 kfree(dom->aperture[i]);
1077 * Allocates a new protection domain usable for the dma_ops functions.
1078 * It also intializes the page table and the address allocator data
1079 * structures required for the dma_ops interface
1081 static struct dma_ops_domain *dma_ops_domain_alloc(struct amd_iommu *iommu)
1083 struct dma_ops_domain *dma_dom;
1085 dma_dom = kzalloc(sizeof(struct dma_ops_domain), GFP_KERNEL);
1089 spin_lock_init(&dma_dom->domain.lock);
1091 dma_dom->domain.id = domain_id_alloc();
1092 if (dma_dom->domain.id == 0)
1094 dma_dom->domain.mode = PAGE_MODE_2_LEVEL;
1095 dma_dom->domain.pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1096 dma_dom->domain.flags = PD_DMA_OPS_MASK;
1097 dma_dom->domain.priv = dma_dom;
1098 if (!dma_dom->domain.pt_root)
1101 dma_dom->need_flush = false;
1102 dma_dom->target_dev = 0xffff;
1104 if (alloc_new_range(iommu, dma_dom, true, GFP_KERNEL))
1108 * mark the first page as allocated so we never return 0 as
1109 * a valid dma-address. So we can use 0 as error value
1111 dma_dom->aperture[0]->bitmap[0] = 1;
1112 dma_dom->next_address = 0;
1118 dma_ops_domain_free(dma_dom);
1124 * little helper function to check whether a given protection domain is a
1127 static bool dma_ops_domain(struct protection_domain *domain)
1129 return domain->flags & PD_DMA_OPS_MASK;
1133 * Find out the protection domain structure for a given PCI device. This
1134 * will give us the pointer to the page table root for example.
1136 static struct protection_domain *domain_for_device(u16 devid)
1138 struct protection_domain *dom;
1139 unsigned long flags;
1141 read_lock_irqsave(&amd_iommu_devtable_lock, flags);
1142 dom = amd_iommu_pd_table[devid];
1143 read_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1148 static void set_dte_entry(u16 devid, struct protection_domain *domain)
1150 u64 pte_root = virt_to_phys(domain->pt_root);
1152 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1153 << DEV_ENTRY_MODE_SHIFT;
1154 pte_root |= IOMMU_PTE_IR | IOMMU_PTE_IW | IOMMU_PTE_P | IOMMU_PTE_TV;
1156 amd_iommu_dev_table[devid].data[2] = domain->id;
1157 amd_iommu_dev_table[devid].data[1] = upper_32_bits(pte_root);
1158 amd_iommu_dev_table[devid].data[0] = lower_32_bits(pte_root);
1160 amd_iommu_pd_table[devid] = domain;
1164 * If a device is not yet associated with a domain, this function does
1165 * assigns it visible for the hardware
1167 static void __attach_device(struct amd_iommu *iommu,
1168 struct protection_domain *domain,
1172 spin_lock(&domain->lock);
1174 /* update DTE entry */
1175 set_dte_entry(devid, domain);
1177 domain->dev_cnt += 1;
1180 spin_unlock(&domain->lock);
1184 * If a device is not yet associated with a domain, this function does
1185 * assigns it visible for the hardware
1187 static void attach_device(struct amd_iommu *iommu,
1188 struct protection_domain *domain,
1191 unsigned long flags;
1193 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1194 __attach_device(iommu, domain, devid);
1195 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1198 * We might boot into a crash-kernel here. The crashed kernel
1199 * left the caches in the IOMMU dirty. So we have to flush
1200 * here to evict all dirty stuff.
1202 iommu_queue_inv_dev_entry(iommu, devid);
1203 iommu_flush_tlb_pde(iommu, domain->id);
1207 * Removes a device from a protection domain (unlocked)
1209 static void __detach_device(struct protection_domain *domain, u16 devid)
1213 spin_lock(&domain->lock);
1215 /* remove domain from the lookup table */
1216 amd_iommu_pd_table[devid] = NULL;
1218 /* remove entry from the device table seen by the hardware */
1219 amd_iommu_dev_table[devid].data[0] = IOMMU_PTE_P | IOMMU_PTE_TV;
1220 amd_iommu_dev_table[devid].data[1] = 0;
1221 amd_iommu_dev_table[devid].data[2] = 0;
1223 /* decrease reference counter */
1224 domain->dev_cnt -= 1;
1227 spin_unlock(&domain->lock);
1230 * If we run in passthrough mode the device must be assigned to the
1231 * passthrough domain if it is detached from any other domain
1233 if (iommu_pass_through) {
1234 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1235 __attach_device(iommu, pt_domain, devid);
1240 * Removes a device from a protection domain (with devtable_lock held)
1242 static void detach_device(struct protection_domain *domain, u16 devid)
1244 unsigned long flags;
1246 /* lock device table */
1247 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1248 __detach_device(domain, devid);
1249 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1252 static int device_change_notifier(struct notifier_block *nb,
1253 unsigned long action, void *data)
1255 struct device *dev = data;
1256 struct pci_dev *pdev = to_pci_dev(dev);
1257 u16 devid = calc_devid(pdev->bus->number, pdev->devfn);
1258 struct protection_domain *domain;
1259 struct dma_ops_domain *dma_domain;
1260 struct amd_iommu *iommu;
1261 unsigned long flags;
1263 if (devid > amd_iommu_last_bdf)
1266 devid = amd_iommu_alias_table[devid];
1268 iommu = amd_iommu_rlookup_table[devid];
1272 domain = domain_for_device(devid);
1274 if (domain && !dma_ops_domain(domain))
1275 WARN_ONCE(1, "AMD IOMMU WARNING: device %s already bound "
1276 "to a non-dma-ops domain\n", dev_name(dev));
1279 case BUS_NOTIFY_UNBOUND_DRIVER:
1282 if (iommu_pass_through)
1284 detach_device(domain, devid);
1286 case BUS_NOTIFY_ADD_DEVICE:
1287 /* allocate a protection domain if a device is added */
1288 dma_domain = find_protection_domain(devid);
1291 dma_domain = dma_ops_domain_alloc(iommu);
1294 dma_domain->target_dev = devid;
1296 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1297 list_add_tail(&dma_domain->list, &iommu_pd_list);
1298 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1305 iommu_queue_inv_dev_entry(iommu, devid);
1306 iommu_completion_wait(iommu);
1312 static struct notifier_block device_nb = {
1313 .notifier_call = device_change_notifier,
1316 /*****************************************************************************
1318 * The next functions belong to the dma_ops mapping/unmapping code.
1320 *****************************************************************************/
1323 * This function checks if the driver got a valid device from the caller to
1324 * avoid dereferencing invalid pointers.
1326 static bool check_device(struct device *dev)
1328 if (!dev || !dev->dma_mask)
1335 * In this function the list of preallocated protection domains is traversed to
1336 * find the domain for a specific device
1338 static struct dma_ops_domain *find_protection_domain(u16 devid)
1340 struct dma_ops_domain *entry, *ret = NULL;
1341 unsigned long flags;
1343 if (list_empty(&iommu_pd_list))
1346 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1348 list_for_each_entry(entry, &iommu_pd_list, list) {
1349 if (entry->target_dev == devid) {
1355 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1361 * In the dma_ops path we only have the struct device. This function
1362 * finds the corresponding IOMMU, the protection domain and the
1363 * requestor id for a given device.
1364 * If the device is not yet associated with a domain this is also done
1367 static int get_device_resources(struct device *dev,
1368 struct amd_iommu **iommu,
1369 struct protection_domain **domain,
1372 struct dma_ops_domain *dma_dom;
1373 struct pci_dev *pcidev;
1380 if (dev->bus != &pci_bus_type)
1383 pcidev = to_pci_dev(dev);
1384 _bdf = calc_devid(pcidev->bus->number, pcidev->devfn);
1386 /* device not translated by any IOMMU in the system? */
1387 if (_bdf > amd_iommu_last_bdf)
1390 *bdf = amd_iommu_alias_table[_bdf];
1392 *iommu = amd_iommu_rlookup_table[*bdf];
1395 *domain = domain_for_device(*bdf);
1396 if (*domain == NULL) {
1397 dma_dom = find_protection_domain(*bdf);
1399 dma_dom = (*iommu)->default_dom;
1400 *domain = &dma_dom->domain;
1401 attach_device(*iommu, *domain, *bdf);
1402 DUMP_printk("Using protection domain %d for device %s\n",
1403 (*domain)->id, dev_name(dev));
1406 if (domain_for_device(_bdf) == NULL)
1407 attach_device(*iommu, *domain, _bdf);
1412 static void update_device_table(struct protection_domain *domain)
1414 unsigned long flags;
1417 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
1418 if (amd_iommu_pd_table[i] != domain)
1420 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1421 set_dte_entry(i, domain);
1422 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1426 static void update_domain(struct protection_domain *domain)
1428 if (!domain->updated)
1431 update_device_table(domain);
1432 flush_devices_by_domain(domain);
1433 iommu_flush_domain(domain->id);
1435 domain->updated = false;
1439 * This function is used to add another level to an IO page table. Adding
1440 * another level increases the size of the address space by 9 bits to a size up
1443 static bool increase_address_space(struct protection_domain *domain,
1448 if (domain->mode == PAGE_MODE_6_LEVEL)
1449 /* address space already 64 bit large */
1452 pte = (void *)get_zeroed_page(gfp);
1456 *pte = PM_LEVEL_PDE(domain->mode,
1457 virt_to_phys(domain->pt_root));
1458 domain->pt_root = pte;
1460 domain->updated = true;
1465 static u64 *alloc_pte(struct protection_domain *domain,
1466 unsigned long address,
1474 while (address > PM_LEVEL_SIZE(domain->mode))
1475 increase_address_space(domain, gfp);
1477 level = domain->mode - 1;
1478 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
1480 while (level > end_lvl) {
1481 if (!IOMMU_PTE_PRESENT(*pte)) {
1482 page = (u64 *)get_zeroed_page(gfp);
1485 *pte = PM_LEVEL_PDE(level, virt_to_phys(page));
1490 pte = IOMMU_PTE_PAGE(*pte);
1492 if (pte_page && level == end_lvl)
1495 pte = &pte[PM_LEVEL_INDEX(level, address)];
1502 * This function fetches the PTE for a given address in the aperture
1504 static u64* dma_ops_get_pte(struct dma_ops_domain *dom,
1505 unsigned long address)
1507 struct aperture_range *aperture;
1508 u64 *pte, *pte_page;
1510 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1514 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1516 pte = alloc_pte(&dom->domain, address, PM_MAP_4k, &pte_page,
1518 aperture->pte_pages[APERTURE_PAGE_INDEX(address)] = pte_page;
1520 pte += PM_LEVEL_INDEX(0, address);
1522 update_domain(&dom->domain);
1528 * This is the generic map function. It maps one 4kb page at paddr to
1529 * the given address in the DMA address space for the domain.
1531 static dma_addr_t dma_ops_domain_map(struct amd_iommu *iommu,
1532 struct dma_ops_domain *dom,
1533 unsigned long address,
1539 WARN_ON(address > dom->aperture_size);
1543 pte = dma_ops_get_pte(dom, address);
1545 return bad_dma_address;
1547 __pte = paddr | IOMMU_PTE_P | IOMMU_PTE_FC;
1549 if (direction == DMA_TO_DEVICE)
1550 __pte |= IOMMU_PTE_IR;
1551 else if (direction == DMA_FROM_DEVICE)
1552 __pte |= IOMMU_PTE_IW;
1553 else if (direction == DMA_BIDIRECTIONAL)
1554 __pte |= IOMMU_PTE_IR | IOMMU_PTE_IW;
1560 return (dma_addr_t)address;
1564 * The generic unmapping function for on page in the DMA address space.
1566 static void dma_ops_domain_unmap(struct amd_iommu *iommu,
1567 struct dma_ops_domain *dom,
1568 unsigned long address)
1570 struct aperture_range *aperture;
1573 if (address >= dom->aperture_size)
1576 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1580 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1584 pte += PM_LEVEL_INDEX(0, address);
1592 * This function contains common code for mapping of a physically
1593 * contiguous memory region into DMA address space. It is used by all
1594 * mapping functions provided with this IOMMU driver.
1595 * Must be called with the domain lock held.
1597 static dma_addr_t __map_single(struct device *dev,
1598 struct amd_iommu *iommu,
1599 struct dma_ops_domain *dma_dom,
1606 dma_addr_t offset = paddr & ~PAGE_MASK;
1607 dma_addr_t address, start, ret;
1609 unsigned long align_mask = 0;
1612 pages = iommu_num_pages(paddr, size, PAGE_SIZE);
1615 INC_STATS_COUNTER(total_map_requests);
1618 INC_STATS_COUNTER(cross_page);
1621 align_mask = (1UL << get_order(size)) - 1;
1624 address = dma_ops_alloc_addresses(dev, dma_dom, pages, align_mask,
1626 if (unlikely(address == bad_dma_address)) {
1628 * setting next_address here will let the address
1629 * allocator only scan the new allocated range in the
1630 * first run. This is a small optimization.
1632 dma_dom->next_address = dma_dom->aperture_size;
1634 if (alloc_new_range(iommu, dma_dom, false, GFP_ATOMIC))
1638 * aperture was sucessfully enlarged by 128 MB, try
1645 for (i = 0; i < pages; ++i) {
1646 ret = dma_ops_domain_map(iommu, dma_dom, start, paddr, dir);
1647 if (ret == bad_dma_address)
1655 ADD_STATS_COUNTER(alloced_io_mem, size);
1657 if (unlikely(dma_dom->need_flush && !amd_iommu_unmap_flush)) {
1658 iommu_flush_tlb(iommu, dma_dom->domain.id);
1659 dma_dom->need_flush = false;
1660 } else if (unlikely(iommu_has_npcache(iommu)))
1661 iommu_flush_pages(iommu, dma_dom->domain.id, address, size);
1668 for (--i; i >= 0; --i) {
1670 dma_ops_domain_unmap(iommu, dma_dom, start);
1673 dma_ops_free_addresses(dma_dom, address, pages);
1675 return bad_dma_address;
1679 * Does the reverse of the __map_single function. Must be called with
1680 * the domain lock held too
1682 static void __unmap_single(struct amd_iommu *iommu,
1683 struct dma_ops_domain *dma_dom,
1684 dma_addr_t dma_addr,
1688 dma_addr_t i, start;
1691 if ((dma_addr == bad_dma_address) ||
1692 (dma_addr + size > dma_dom->aperture_size))
1695 pages = iommu_num_pages(dma_addr, size, PAGE_SIZE);
1696 dma_addr &= PAGE_MASK;
1699 for (i = 0; i < pages; ++i) {
1700 dma_ops_domain_unmap(iommu, dma_dom, start);
1704 SUB_STATS_COUNTER(alloced_io_mem, size);
1706 dma_ops_free_addresses(dma_dom, dma_addr, pages);
1708 if (amd_iommu_unmap_flush || dma_dom->need_flush) {
1709 iommu_flush_pages(iommu, dma_dom->domain.id, dma_addr, size);
1710 dma_dom->need_flush = false;
1715 * The exported map_single function for dma_ops.
1717 static dma_addr_t map_page(struct device *dev, struct page *page,
1718 unsigned long offset, size_t size,
1719 enum dma_data_direction dir,
1720 struct dma_attrs *attrs)
1722 unsigned long flags;
1723 struct amd_iommu *iommu;
1724 struct protection_domain *domain;
1728 phys_addr_t paddr = page_to_phys(page) + offset;
1730 INC_STATS_COUNTER(cnt_map_single);
1732 if (!check_device(dev))
1733 return bad_dma_address;
1735 dma_mask = *dev->dma_mask;
1737 get_device_resources(dev, &iommu, &domain, &devid);
1739 if (iommu == NULL || domain == NULL)
1740 /* device not handled by any AMD IOMMU */
1741 return (dma_addr_t)paddr;
1743 if (!dma_ops_domain(domain))
1744 return bad_dma_address;
1746 spin_lock_irqsave(&domain->lock, flags);
1747 addr = __map_single(dev, iommu, domain->priv, paddr, size, dir, false,
1749 if (addr == bad_dma_address)
1752 iommu_completion_wait(iommu);
1755 spin_unlock_irqrestore(&domain->lock, flags);
1761 * The exported unmap_single function for dma_ops.
1763 static void unmap_page(struct device *dev, dma_addr_t dma_addr, size_t size,
1764 enum dma_data_direction dir, struct dma_attrs *attrs)
1766 unsigned long flags;
1767 struct amd_iommu *iommu;
1768 struct protection_domain *domain;
1771 INC_STATS_COUNTER(cnt_unmap_single);
1773 if (!check_device(dev) ||
1774 !get_device_resources(dev, &iommu, &domain, &devid))
1775 /* device not handled by any AMD IOMMU */
1778 if (!dma_ops_domain(domain))
1781 spin_lock_irqsave(&domain->lock, flags);
1783 __unmap_single(iommu, domain->priv, dma_addr, size, dir);
1785 iommu_completion_wait(iommu);
1787 spin_unlock_irqrestore(&domain->lock, flags);
1791 * This is a special map_sg function which is used if we should map a
1792 * device which is not handled by an AMD IOMMU in the system.
1794 static int map_sg_no_iommu(struct device *dev, struct scatterlist *sglist,
1795 int nelems, int dir)
1797 struct scatterlist *s;
1800 for_each_sg(sglist, s, nelems, i) {
1801 s->dma_address = (dma_addr_t)sg_phys(s);
1802 s->dma_length = s->length;
1809 * The exported map_sg function for dma_ops (handles scatter-gather
1812 static int map_sg(struct device *dev, struct scatterlist *sglist,
1813 int nelems, enum dma_data_direction dir,
1814 struct dma_attrs *attrs)
1816 unsigned long flags;
1817 struct amd_iommu *iommu;
1818 struct protection_domain *domain;
1821 struct scatterlist *s;
1823 int mapped_elems = 0;
1826 INC_STATS_COUNTER(cnt_map_sg);
1828 if (!check_device(dev))
1831 dma_mask = *dev->dma_mask;
1833 get_device_resources(dev, &iommu, &domain, &devid);
1835 if (!iommu || !domain)
1836 return map_sg_no_iommu(dev, sglist, nelems, dir);
1838 if (!dma_ops_domain(domain))
1841 spin_lock_irqsave(&domain->lock, flags);
1843 for_each_sg(sglist, s, nelems, i) {
1846 s->dma_address = __map_single(dev, iommu, domain->priv,
1847 paddr, s->length, dir, false,
1850 if (s->dma_address) {
1851 s->dma_length = s->length;
1857 iommu_completion_wait(iommu);
1860 spin_unlock_irqrestore(&domain->lock, flags);
1862 return mapped_elems;
1864 for_each_sg(sglist, s, mapped_elems, i) {
1866 __unmap_single(iommu, domain->priv, s->dma_address,
1867 s->dma_length, dir);
1868 s->dma_address = s->dma_length = 0;
1877 * The exported map_sg function for dma_ops (handles scatter-gather
1880 static void unmap_sg(struct device *dev, struct scatterlist *sglist,
1881 int nelems, enum dma_data_direction dir,
1882 struct dma_attrs *attrs)
1884 unsigned long flags;
1885 struct amd_iommu *iommu;
1886 struct protection_domain *domain;
1887 struct scatterlist *s;
1891 INC_STATS_COUNTER(cnt_unmap_sg);
1893 if (!check_device(dev) ||
1894 !get_device_resources(dev, &iommu, &domain, &devid))
1897 if (!dma_ops_domain(domain))
1900 spin_lock_irqsave(&domain->lock, flags);
1902 for_each_sg(sglist, s, nelems, i) {
1903 __unmap_single(iommu, domain->priv, s->dma_address,
1904 s->dma_length, dir);
1905 s->dma_address = s->dma_length = 0;
1908 iommu_completion_wait(iommu);
1910 spin_unlock_irqrestore(&domain->lock, flags);
1914 * The exported alloc_coherent function for dma_ops.
1916 static void *alloc_coherent(struct device *dev, size_t size,
1917 dma_addr_t *dma_addr, gfp_t flag)
1919 unsigned long flags;
1921 struct amd_iommu *iommu;
1922 struct protection_domain *domain;
1925 u64 dma_mask = dev->coherent_dma_mask;
1927 INC_STATS_COUNTER(cnt_alloc_coherent);
1929 if (!check_device(dev))
1932 if (!get_device_resources(dev, &iommu, &domain, &devid))
1933 flag &= ~(__GFP_DMA | __GFP_HIGHMEM | __GFP_DMA32);
1936 virt_addr = (void *)__get_free_pages(flag, get_order(size));
1940 paddr = virt_to_phys(virt_addr);
1942 if (!iommu || !domain) {
1943 *dma_addr = (dma_addr_t)paddr;
1947 if (!dma_ops_domain(domain))
1951 dma_mask = *dev->dma_mask;
1953 spin_lock_irqsave(&domain->lock, flags);
1955 *dma_addr = __map_single(dev, iommu, domain->priv, paddr,
1956 size, DMA_BIDIRECTIONAL, true, dma_mask);
1958 if (*dma_addr == bad_dma_address) {
1959 spin_unlock_irqrestore(&domain->lock, flags);
1963 iommu_completion_wait(iommu);
1965 spin_unlock_irqrestore(&domain->lock, flags);
1971 free_pages((unsigned long)virt_addr, get_order(size));
1977 * The exported free_coherent function for dma_ops.
1979 static void free_coherent(struct device *dev, size_t size,
1980 void *virt_addr, dma_addr_t dma_addr)
1982 unsigned long flags;
1983 struct amd_iommu *iommu;
1984 struct protection_domain *domain;
1987 INC_STATS_COUNTER(cnt_free_coherent);
1989 if (!check_device(dev))
1992 get_device_resources(dev, &iommu, &domain, &devid);
1994 if (!iommu || !domain)
1997 if (!dma_ops_domain(domain))
2000 spin_lock_irqsave(&domain->lock, flags);
2002 __unmap_single(iommu, domain->priv, dma_addr, size, DMA_BIDIRECTIONAL);
2004 iommu_completion_wait(iommu);
2006 spin_unlock_irqrestore(&domain->lock, flags);
2009 free_pages((unsigned long)virt_addr, get_order(size));
2013 * This function is called by the DMA layer to find out if we can handle a
2014 * particular device. It is part of the dma_ops.
2016 static int amd_iommu_dma_supported(struct device *dev, u64 mask)
2019 struct pci_dev *pcidev;
2021 /* No device or no PCI device */
2022 if (!dev || dev->bus != &pci_bus_type)
2025 pcidev = to_pci_dev(dev);
2027 bdf = calc_devid(pcidev->bus->number, pcidev->devfn);
2029 /* Out of our scope? */
2030 if (bdf > amd_iommu_last_bdf)
2037 * The function for pre-allocating protection domains.
2039 * If the driver core informs the DMA layer if a driver grabs a device
2040 * we don't need to preallocate the protection domains anymore.
2041 * For now we have to.
2043 static void prealloc_protection_domains(void)
2045 struct pci_dev *dev = NULL;
2046 struct dma_ops_domain *dma_dom;
2047 struct amd_iommu *iommu;
2050 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2051 devid = calc_devid(dev->bus->number, dev->devfn);
2052 if (devid > amd_iommu_last_bdf)
2054 devid = amd_iommu_alias_table[devid];
2055 if (domain_for_device(devid))
2057 iommu = amd_iommu_rlookup_table[devid];
2060 dma_dom = dma_ops_domain_alloc(iommu);
2063 init_unity_mappings_for_device(dma_dom, devid);
2064 dma_dom->target_dev = devid;
2066 list_add_tail(&dma_dom->list, &iommu_pd_list);
2070 static struct dma_map_ops amd_iommu_dma_ops = {
2071 .alloc_coherent = alloc_coherent,
2072 .free_coherent = free_coherent,
2073 .map_page = map_page,
2074 .unmap_page = unmap_page,
2076 .unmap_sg = unmap_sg,
2077 .dma_supported = amd_iommu_dma_supported,
2081 * The function which clues the AMD IOMMU driver into dma_ops.
2083 int __init amd_iommu_init_dma_ops(void)
2085 struct amd_iommu *iommu;
2089 * first allocate a default protection domain for every IOMMU we
2090 * found in the system. Devices not assigned to any other
2091 * protection domain will be assigned to the default one.
2093 for_each_iommu(iommu) {
2094 iommu->default_dom = dma_ops_domain_alloc(iommu);
2095 if (iommu->default_dom == NULL)
2097 iommu->default_dom->domain.flags |= PD_DEFAULT_MASK;
2098 ret = iommu_init_unity_mappings(iommu);
2104 * If device isolation is enabled, pre-allocate the protection
2105 * domains for each device.
2107 if (amd_iommu_isolate)
2108 prealloc_protection_domains();
2112 bad_dma_address = 0;
2113 #ifdef CONFIG_GART_IOMMU
2114 gart_iommu_aperture_disabled = 1;
2115 gart_iommu_aperture = 0;
2118 /* Make the driver finally visible to the drivers */
2119 dma_ops = &amd_iommu_dma_ops;
2121 register_iommu(&amd_iommu_ops);
2123 bus_register_notifier(&pci_bus_type, &device_nb);
2125 amd_iommu_stats_init();
2131 for_each_iommu(iommu) {
2132 if (iommu->default_dom)
2133 dma_ops_domain_free(iommu->default_dom);
2139 /*****************************************************************************
2141 * The following functions belong to the exported interface of AMD IOMMU
2143 * This interface allows access to lower level functions of the IOMMU
2144 * like protection domain handling and assignement of devices to domains
2145 * which is not possible with the dma_ops interface.
2147 *****************************************************************************/
2149 static void cleanup_domain(struct protection_domain *domain)
2151 unsigned long flags;
2154 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
2156 for (devid = 0; devid <= amd_iommu_last_bdf; ++devid)
2157 if (amd_iommu_pd_table[devid] == domain)
2158 __detach_device(domain, devid);
2160 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
2163 static void protection_domain_free(struct protection_domain *domain)
2169 domain_id_free(domain->id);
2174 static struct protection_domain *protection_domain_alloc(void)
2176 struct protection_domain *domain;
2178 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2182 spin_lock_init(&domain->lock);
2183 domain->id = domain_id_alloc();
2195 static int amd_iommu_domain_init(struct iommu_domain *dom)
2197 struct protection_domain *domain;
2199 domain = protection_domain_alloc();
2203 domain->mode = PAGE_MODE_3_LEVEL;
2204 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2205 if (!domain->pt_root)
2213 protection_domain_free(domain);
2218 static void amd_iommu_domain_destroy(struct iommu_domain *dom)
2220 struct protection_domain *domain = dom->priv;
2225 if (domain->dev_cnt > 0)
2226 cleanup_domain(domain);
2228 BUG_ON(domain->dev_cnt != 0);
2230 free_pagetable(domain);
2232 domain_id_free(domain->id);
2239 static void amd_iommu_detach_device(struct iommu_domain *dom,
2242 struct protection_domain *domain = dom->priv;
2243 struct amd_iommu *iommu;
2244 struct pci_dev *pdev;
2247 if (dev->bus != &pci_bus_type)
2250 pdev = to_pci_dev(dev);
2252 devid = calc_devid(pdev->bus->number, pdev->devfn);
2255 detach_device(domain, devid);
2257 iommu = amd_iommu_rlookup_table[devid];
2261 iommu_queue_inv_dev_entry(iommu, devid);
2262 iommu_completion_wait(iommu);
2265 static int amd_iommu_attach_device(struct iommu_domain *dom,
2268 struct protection_domain *domain = dom->priv;
2269 struct protection_domain *old_domain;
2270 struct amd_iommu *iommu;
2271 struct pci_dev *pdev;
2274 if (dev->bus != &pci_bus_type)
2277 pdev = to_pci_dev(dev);
2279 devid = calc_devid(pdev->bus->number, pdev->devfn);
2281 if (devid >= amd_iommu_last_bdf ||
2282 devid != amd_iommu_alias_table[devid])
2285 iommu = amd_iommu_rlookup_table[devid];
2289 old_domain = domain_for_device(devid);
2291 detach_device(old_domain, devid);
2293 attach_device(iommu, domain, devid);
2295 iommu_completion_wait(iommu);
2300 static int amd_iommu_map_range(struct iommu_domain *dom,
2301 unsigned long iova, phys_addr_t paddr,
2302 size_t size, int iommu_prot)
2304 struct protection_domain *domain = dom->priv;
2305 unsigned long i, npages = iommu_num_pages(paddr, size, PAGE_SIZE);
2309 if (iommu_prot & IOMMU_READ)
2310 prot |= IOMMU_PROT_IR;
2311 if (iommu_prot & IOMMU_WRITE)
2312 prot |= IOMMU_PROT_IW;
2317 for (i = 0; i < npages; ++i) {
2318 ret = iommu_map_page(domain, iova, paddr, prot, PM_MAP_4k);
2329 static void amd_iommu_unmap_range(struct iommu_domain *dom,
2330 unsigned long iova, size_t size)
2333 struct protection_domain *domain = dom->priv;
2334 unsigned long i, npages = iommu_num_pages(iova, size, PAGE_SIZE);
2338 for (i = 0; i < npages; ++i) {
2339 iommu_unmap_page(domain, iova, PM_MAP_4k);
2343 iommu_flush_domain(domain->id);
2346 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2349 struct protection_domain *domain = dom->priv;
2350 unsigned long offset = iova & ~PAGE_MASK;
2354 pte = fetch_pte(domain, iova, PM_MAP_4k);
2356 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2359 paddr = *pte & IOMMU_PAGE_MASK;
2365 static int amd_iommu_domain_has_cap(struct iommu_domain *domain,
2371 static struct iommu_ops amd_iommu_ops = {
2372 .domain_init = amd_iommu_domain_init,
2373 .domain_destroy = amd_iommu_domain_destroy,
2374 .attach_dev = amd_iommu_attach_device,
2375 .detach_dev = amd_iommu_detach_device,
2376 .map = amd_iommu_map_range,
2377 .unmap = amd_iommu_unmap_range,
2378 .iova_to_phys = amd_iommu_iova_to_phys,
2379 .domain_has_cap = amd_iommu_domain_has_cap,
2382 /*****************************************************************************
2384 * The next functions do a basic initialization of IOMMU for pass through
2387 * In passthrough mode the IOMMU is initialized and enabled but not used for
2388 * DMA-API translation.
2390 *****************************************************************************/
2392 int __init amd_iommu_init_passthrough(void)
2394 struct pci_dev *dev = NULL;
2397 /* allocate passthroug domain */
2398 pt_domain = protection_domain_alloc();
2402 pt_domain->mode |= PAGE_MODE_NONE;
2404 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2405 struct amd_iommu *iommu;
2407 devid = calc_devid(dev->bus->number, dev->devfn);
2408 if (devid > amd_iommu_last_bdf)
2411 devid2 = amd_iommu_alias_table[devid];
2413 iommu = amd_iommu_rlookup_table[devid2];
2417 __attach_device(iommu, pt_domain, devid);
2418 __attach_device(iommu, pt_domain, devid2);
2421 pr_info("AMD-Vi: Initialized for Passthrough Mode\n");
git.openpandora.org / pandora-kernel.git / blob