2 * Copyright © 2008 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
32 #include "i915_trace.h"
33 #include "intel_drv.h"
34 #include <linux/slab.h>
35 #include <linux/swap.h>
36 #include <linux/pci.h>
37 #include <linux/intel-gtt.h>
39 static uint32_t i915_gem_get_gtt_alignment(struct drm_gem_object *obj);
41 static int i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj,
43 static void i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj);
44 static void i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj);
45 static int i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj,
47 static int i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
50 static void i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj);
51 static int i915_gem_object_wait_rendering(struct drm_gem_object *obj,
53 static int i915_gem_object_bind_to_gtt(struct drm_gem_object *obj,
55 static void i915_gem_clear_fence_reg(struct drm_gem_object *obj);
56 static int i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
57 struct drm_i915_gem_pwrite *args,
58 struct drm_file *file_priv);
59 static void i915_gem_free_object_tail(struct drm_gem_object *obj);
62 i915_gem_object_get_pages(struct drm_gem_object *obj,
66 i915_gem_object_put_pages(struct drm_gem_object *obj);
68 static LIST_HEAD(shrink_list);
69 static DEFINE_SPINLOCK(shrink_list_lock);
71 /* some bookkeeping */
72 static void i915_gem_info_add_obj(struct drm_i915_private *dev_priv,
75 dev_priv->mm.object_count++;
76 dev_priv->mm.object_memory += size;
79 static void i915_gem_info_remove_obj(struct drm_i915_private *dev_priv,
82 dev_priv->mm.object_count--;
83 dev_priv->mm.object_memory -= size;
86 static void i915_gem_info_add_gtt(struct drm_i915_private *dev_priv,
89 dev_priv->mm.gtt_count++;
90 dev_priv->mm.gtt_memory += size;
93 static void i915_gem_info_remove_gtt(struct drm_i915_private *dev_priv,
96 dev_priv->mm.gtt_count--;
97 dev_priv->mm.gtt_memory -= size;
100 static void i915_gem_info_add_pin(struct drm_i915_private *dev_priv,
103 dev_priv->mm.pin_count++;
104 dev_priv->mm.pin_memory += size;
107 static void i915_gem_info_remove_pin(struct drm_i915_private *dev_priv,
110 dev_priv->mm.pin_count--;
111 dev_priv->mm.pin_memory -= size;
115 i915_gem_check_is_wedged(struct drm_device *dev)
117 struct drm_i915_private *dev_priv = dev->dev_private;
118 struct completion *x = &dev_priv->error_completion;
122 if (!atomic_read(&dev_priv->mm.wedged))
125 ret = wait_for_completion_interruptible(x);
129 /* Success, we reset the GPU! */
130 if (!atomic_read(&dev_priv->mm.wedged))
133 /* GPU is hung, bump the completion count to account for
134 * the token we just consumed so that we never hit zero and
135 * end up waiting upon a subsequent completion event that
138 spin_lock_irqsave(&x->wait.lock, flags);
140 spin_unlock_irqrestore(&x->wait.lock, flags);
144 static int i915_mutex_lock_interruptible(struct drm_device *dev)
146 struct drm_i915_private *dev_priv = dev->dev_private;
149 ret = i915_gem_check_is_wedged(dev);
153 ret = mutex_lock_interruptible(&dev->struct_mutex);
157 if (atomic_read(&dev_priv->mm.wedged)) {
158 mutex_unlock(&dev->struct_mutex);
162 WARN_ON(i915_verify_lists(dev));
167 i915_gem_object_is_inactive(struct drm_i915_gem_object *obj_priv)
169 return obj_priv->gtt_space &&
171 obj_priv->pin_count == 0;
174 int i915_gem_do_init(struct drm_device *dev,
178 drm_i915_private_t *dev_priv = dev->dev_private;
181 (start & (PAGE_SIZE - 1)) != 0 ||
182 (end & (PAGE_SIZE - 1)) != 0) {
186 drm_mm_init(&dev_priv->mm.gtt_space, start,
189 dev_priv->mm.gtt_total = end - start;
195 i915_gem_init_ioctl(struct drm_device *dev, void *data,
196 struct drm_file *file_priv)
198 struct drm_i915_gem_init *args = data;
201 mutex_lock(&dev->struct_mutex);
202 ret = i915_gem_do_init(dev, args->gtt_start, args->gtt_end);
203 mutex_unlock(&dev->struct_mutex);
209 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data,
210 struct drm_file *file_priv)
212 struct drm_i915_private *dev_priv = dev->dev_private;
213 struct drm_i915_gem_get_aperture *args = data;
215 if (!(dev->driver->driver_features & DRIVER_GEM))
218 mutex_lock(&dev->struct_mutex);
219 args->aper_size = dev_priv->mm.gtt_total;
220 args->aper_available_size = args->aper_size - dev_priv->mm.pin_memory;
221 mutex_unlock(&dev->struct_mutex);
228 * Creates a new mm object and returns a handle to it.
231 i915_gem_create_ioctl(struct drm_device *dev, void *data,
232 struct drm_file *file_priv)
234 struct drm_i915_gem_create *args = data;
235 struct drm_gem_object *obj;
239 args->size = roundup(args->size, PAGE_SIZE);
241 /* Allocate the new object */
242 obj = i915_gem_alloc_object(dev, args->size);
246 ret = drm_gem_handle_create(file_priv, obj, &handle);
248 drm_gem_object_release(obj);
249 i915_gem_info_remove_obj(dev->dev_private, obj->size);
254 /* drop reference from allocate - handle holds it now */
255 drm_gem_object_unreference(obj);
256 trace_i915_gem_object_create(obj);
258 args->handle = handle;
263 fast_shmem_read(struct page **pages,
264 loff_t page_base, int page_offset,
271 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT]);
272 ret = __copy_to_user_inatomic(data, vaddr + page_offset, length);
273 kunmap_atomic(vaddr);
278 static int i915_gem_object_needs_bit17_swizzle(struct drm_gem_object *obj)
280 drm_i915_private_t *dev_priv = obj->dev->dev_private;
281 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
283 return dev_priv->mm.bit_6_swizzle_x == I915_BIT_6_SWIZZLE_9_10_17 &&
284 obj_priv->tiling_mode != I915_TILING_NONE;
288 slow_shmem_copy(struct page *dst_page,
290 struct page *src_page,
294 char *dst_vaddr, *src_vaddr;
296 dst_vaddr = kmap(dst_page);
297 src_vaddr = kmap(src_page);
299 memcpy(dst_vaddr + dst_offset, src_vaddr + src_offset, length);
306 slow_shmem_bit17_copy(struct page *gpu_page,
308 struct page *cpu_page,
313 char *gpu_vaddr, *cpu_vaddr;
315 /* Use the unswizzled path if this page isn't affected. */
316 if ((page_to_phys(gpu_page) & (1 << 17)) == 0) {
318 return slow_shmem_copy(cpu_page, cpu_offset,
319 gpu_page, gpu_offset, length);
321 return slow_shmem_copy(gpu_page, gpu_offset,
322 cpu_page, cpu_offset, length);
325 gpu_vaddr = kmap(gpu_page);
326 cpu_vaddr = kmap(cpu_page);
328 /* Copy the data, XORing A6 with A17 (1). The user already knows he's
329 * XORing with the other bits (A9 for Y, A9 and A10 for X)
332 int cacheline_end = ALIGN(gpu_offset + 1, 64);
333 int this_length = min(cacheline_end - gpu_offset, length);
334 int swizzled_gpu_offset = gpu_offset ^ 64;
337 memcpy(cpu_vaddr + cpu_offset,
338 gpu_vaddr + swizzled_gpu_offset,
341 memcpy(gpu_vaddr + swizzled_gpu_offset,
342 cpu_vaddr + cpu_offset,
345 cpu_offset += this_length;
346 gpu_offset += this_length;
347 length -= this_length;
355 * This is the fast shmem pread path, which attempts to copy_from_user directly
356 * from the backing pages of the object to the user's address space. On a
357 * fault, it fails so we can fall back to i915_gem_shmem_pwrite_slow().
360 i915_gem_shmem_pread_fast(struct drm_device *dev, struct drm_gem_object *obj,
361 struct drm_i915_gem_pread *args,
362 struct drm_file *file_priv)
364 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
366 loff_t offset, page_base;
367 char __user *user_data;
368 int page_offset, page_length;
370 user_data = (char __user *) (uintptr_t) args->data_ptr;
373 obj_priv = to_intel_bo(obj);
374 offset = args->offset;
377 /* Operation in this page
379 * page_base = page offset within aperture
380 * page_offset = offset within page
381 * page_length = bytes to copy for this page
383 page_base = (offset & ~(PAGE_SIZE-1));
384 page_offset = offset & (PAGE_SIZE-1);
385 page_length = remain;
386 if ((page_offset + remain) > PAGE_SIZE)
387 page_length = PAGE_SIZE - page_offset;
389 if (fast_shmem_read(obj_priv->pages,
390 page_base, page_offset,
391 user_data, page_length))
394 remain -= page_length;
395 user_data += page_length;
396 offset += page_length;
403 i915_gem_object_get_pages_or_evict(struct drm_gem_object *obj)
407 ret = i915_gem_object_get_pages(obj, __GFP_NORETRY | __GFP_NOWARN);
409 /* If we've insufficient memory to map in the pages, attempt
410 * to make some space by throwing out some old buffers.
412 if (ret == -ENOMEM) {
413 struct drm_device *dev = obj->dev;
415 ret = i915_gem_evict_something(dev, obj->size,
416 i915_gem_get_gtt_alignment(obj));
420 ret = i915_gem_object_get_pages(obj, 0);
427 * This is the fallback shmem pread path, which allocates temporary storage
428 * in kernel space to copy_to_user into outside of the struct_mutex, so we
429 * can copy out of the object's backing pages while holding the struct mutex
430 * and not take page faults.
433 i915_gem_shmem_pread_slow(struct drm_device *dev, struct drm_gem_object *obj,
434 struct drm_i915_gem_pread *args,
435 struct drm_file *file_priv)
437 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
438 struct mm_struct *mm = current->mm;
439 struct page **user_pages;
441 loff_t offset, pinned_pages, i;
442 loff_t first_data_page, last_data_page, num_pages;
443 int shmem_page_index, shmem_page_offset;
444 int data_page_index, data_page_offset;
447 uint64_t data_ptr = args->data_ptr;
448 int do_bit17_swizzling;
452 /* Pin the user pages containing the data. We can't fault while
453 * holding the struct mutex, yet we want to hold it while
454 * dereferencing the user data.
456 first_data_page = data_ptr / PAGE_SIZE;
457 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
458 num_pages = last_data_page - first_data_page + 1;
460 user_pages = drm_malloc_ab(num_pages, sizeof(struct page *));
461 if (user_pages == NULL)
464 mutex_unlock(&dev->struct_mutex);
465 down_read(&mm->mmap_sem);
466 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
467 num_pages, 1, 0, user_pages, NULL);
468 up_read(&mm->mmap_sem);
469 mutex_lock(&dev->struct_mutex);
470 if (pinned_pages < num_pages) {
475 ret = i915_gem_object_set_cpu_read_domain_range(obj,
481 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
483 obj_priv = to_intel_bo(obj);
484 offset = args->offset;
487 /* Operation in this page
489 * shmem_page_index = page number within shmem file
490 * shmem_page_offset = offset within page in shmem file
491 * data_page_index = page number in get_user_pages return
492 * data_page_offset = offset with data_page_index page.
493 * page_length = bytes to copy for this page
495 shmem_page_index = offset / PAGE_SIZE;
496 shmem_page_offset = offset & ~PAGE_MASK;
497 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
498 data_page_offset = data_ptr & ~PAGE_MASK;
500 page_length = remain;
501 if ((shmem_page_offset + page_length) > PAGE_SIZE)
502 page_length = PAGE_SIZE - shmem_page_offset;
503 if ((data_page_offset + page_length) > PAGE_SIZE)
504 page_length = PAGE_SIZE - data_page_offset;
506 if (do_bit17_swizzling) {
507 slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
509 user_pages[data_page_index],
514 slow_shmem_copy(user_pages[data_page_index],
516 obj_priv->pages[shmem_page_index],
521 remain -= page_length;
522 data_ptr += page_length;
523 offset += page_length;
527 for (i = 0; i < pinned_pages; i++) {
528 SetPageDirty(user_pages[i]);
529 page_cache_release(user_pages[i]);
531 drm_free_large(user_pages);
537 * Reads data from the object referenced by handle.
539 * On error, the contents of *data are undefined.
542 i915_gem_pread_ioctl(struct drm_device *dev, void *data,
543 struct drm_file *file_priv)
545 struct drm_i915_gem_pread *args = data;
546 struct drm_gem_object *obj;
547 struct drm_i915_gem_object *obj_priv;
550 ret = i915_mutex_lock_interruptible(dev);
554 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
559 obj_priv = to_intel_bo(obj);
561 /* Bounds check source. */
562 if (args->offset > obj->size || args->size > obj->size - args->offset) {
570 if (!access_ok(VERIFY_WRITE,
571 (char __user *)(uintptr_t)args->data_ptr,
577 ret = fault_in_pages_writeable((char __user *)(uintptr_t)args->data_ptr,
584 ret = i915_gem_object_get_pages_or_evict(obj);
588 ret = i915_gem_object_set_cpu_read_domain_range(obj,
595 if (!i915_gem_object_needs_bit17_swizzle(obj))
596 ret = i915_gem_shmem_pread_fast(dev, obj, args, file_priv);
598 ret = i915_gem_shmem_pread_slow(dev, obj, args, file_priv);
601 i915_gem_object_put_pages(obj);
603 drm_gem_object_unreference(obj);
605 mutex_unlock(&dev->struct_mutex);
609 /* This is the fast write path which cannot handle
610 * page faults in the source data
614 fast_user_write(struct io_mapping *mapping,
615 loff_t page_base, int page_offset,
616 char __user *user_data,
620 unsigned long unwritten;
622 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base);
623 unwritten = __copy_from_user_inatomic_nocache(vaddr_atomic + page_offset,
625 io_mapping_unmap_atomic(vaddr_atomic);
629 /* Here's the write path which can sleep for
634 slow_kernel_write(struct io_mapping *mapping,
635 loff_t gtt_base, int gtt_offset,
636 struct page *user_page, int user_offset,
639 char __iomem *dst_vaddr;
642 dst_vaddr = io_mapping_map_wc(mapping, gtt_base);
643 src_vaddr = kmap(user_page);
645 memcpy_toio(dst_vaddr + gtt_offset,
646 src_vaddr + user_offset,
650 io_mapping_unmap(dst_vaddr);
654 fast_shmem_write(struct page **pages,
655 loff_t page_base, int page_offset,
662 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT]);
663 ret = __copy_from_user_inatomic(vaddr + page_offset, data, length);
664 kunmap_atomic(vaddr);
670 * This is the fast pwrite path, where we copy the data directly from the
671 * user into the GTT, uncached.
674 i915_gem_gtt_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
675 struct drm_i915_gem_pwrite *args,
676 struct drm_file *file_priv)
678 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
679 drm_i915_private_t *dev_priv = dev->dev_private;
681 loff_t offset, page_base;
682 char __user *user_data;
683 int page_offset, page_length;
685 user_data = (char __user *) (uintptr_t) args->data_ptr;
688 obj_priv = to_intel_bo(obj);
689 offset = obj_priv->gtt_offset + args->offset;
692 /* Operation in this page
694 * page_base = page offset within aperture
695 * page_offset = offset within page
696 * page_length = bytes to copy for this page
698 page_base = (offset & ~(PAGE_SIZE-1));
699 page_offset = offset & (PAGE_SIZE-1);
700 page_length = remain;
701 if ((page_offset + remain) > PAGE_SIZE)
702 page_length = PAGE_SIZE - page_offset;
704 /* If we get a fault while copying data, then (presumably) our
705 * source page isn't available. Return the error and we'll
706 * retry in the slow path.
708 if (fast_user_write(dev_priv->mm.gtt_mapping, page_base,
709 page_offset, user_data, page_length))
713 remain -= page_length;
714 user_data += page_length;
715 offset += page_length;
722 * This is the fallback GTT pwrite path, which uses get_user_pages to pin
723 * the memory and maps it using kmap_atomic for copying.
725 * This code resulted in x11perf -rgb10text consuming about 10% more CPU
726 * than using i915_gem_gtt_pwrite_fast on a G45 (32-bit).
729 i915_gem_gtt_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
730 struct drm_i915_gem_pwrite *args,
731 struct drm_file *file_priv)
733 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
734 drm_i915_private_t *dev_priv = dev->dev_private;
736 loff_t gtt_page_base, offset;
737 loff_t first_data_page, last_data_page, num_pages;
738 loff_t pinned_pages, i;
739 struct page **user_pages;
740 struct mm_struct *mm = current->mm;
741 int gtt_page_offset, data_page_offset, data_page_index, page_length;
743 uint64_t data_ptr = args->data_ptr;
747 /* Pin the user pages containing the data. We can't fault while
748 * holding the struct mutex, and all of the pwrite implementations
749 * want to hold it while dereferencing the user data.
751 first_data_page = data_ptr / PAGE_SIZE;
752 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
753 num_pages = last_data_page - first_data_page + 1;
755 user_pages = drm_malloc_ab(num_pages, sizeof(struct page *));
756 if (user_pages == NULL)
759 mutex_unlock(&dev->struct_mutex);
760 down_read(&mm->mmap_sem);
761 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
762 num_pages, 0, 0, user_pages, NULL);
763 up_read(&mm->mmap_sem);
764 mutex_lock(&dev->struct_mutex);
765 if (pinned_pages < num_pages) {
767 goto out_unpin_pages;
770 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
772 goto out_unpin_pages;
774 obj_priv = to_intel_bo(obj);
775 offset = obj_priv->gtt_offset + args->offset;
778 /* Operation in this page
780 * gtt_page_base = page offset within aperture
781 * gtt_page_offset = offset within page in aperture
782 * data_page_index = page number in get_user_pages return
783 * data_page_offset = offset with data_page_index page.
784 * page_length = bytes to copy for this page
786 gtt_page_base = offset & PAGE_MASK;
787 gtt_page_offset = offset & ~PAGE_MASK;
788 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
789 data_page_offset = data_ptr & ~PAGE_MASK;
791 page_length = remain;
792 if ((gtt_page_offset + page_length) > PAGE_SIZE)
793 page_length = PAGE_SIZE - gtt_page_offset;
794 if ((data_page_offset + page_length) > PAGE_SIZE)
795 page_length = PAGE_SIZE - data_page_offset;
797 slow_kernel_write(dev_priv->mm.gtt_mapping,
798 gtt_page_base, gtt_page_offset,
799 user_pages[data_page_index],
803 remain -= page_length;
804 offset += page_length;
805 data_ptr += page_length;
809 for (i = 0; i < pinned_pages; i++)
810 page_cache_release(user_pages[i]);
811 drm_free_large(user_pages);
817 * This is the fast shmem pwrite path, which attempts to directly
818 * copy_from_user into the kmapped pages backing the object.
821 i915_gem_shmem_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
822 struct drm_i915_gem_pwrite *args,
823 struct drm_file *file_priv)
825 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
827 loff_t offset, page_base;
828 char __user *user_data;
829 int page_offset, page_length;
831 user_data = (char __user *) (uintptr_t) args->data_ptr;
834 obj_priv = to_intel_bo(obj);
835 offset = args->offset;
839 /* Operation in this page
841 * page_base = page offset within aperture
842 * page_offset = offset within page
843 * page_length = bytes to copy for this page
845 page_base = (offset & ~(PAGE_SIZE-1));
846 page_offset = offset & (PAGE_SIZE-1);
847 page_length = remain;
848 if ((page_offset + remain) > PAGE_SIZE)
849 page_length = PAGE_SIZE - page_offset;
851 if (fast_shmem_write(obj_priv->pages,
852 page_base, page_offset,
853 user_data, page_length))
856 remain -= page_length;
857 user_data += page_length;
858 offset += page_length;
865 * This is the fallback shmem pwrite path, which uses get_user_pages to pin
866 * the memory and maps it using kmap_atomic for copying.
868 * This avoids taking mmap_sem for faulting on the user's address while the
869 * struct_mutex is held.
872 i915_gem_shmem_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
873 struct drm_i915_gem_pwrite *args,
874 struct drm_file *file_priv)
876 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
877 struct mm_struct *mm = current->mm;
878 struct page **user_pages;
880 loff_t offset, pinned_pages, i;
881 loff_t first_data_page, last_data_page, num_pages;
882 int shmem_page_index, shmem_page_offset;
883 int data_page_index, data_page_offset;
886 uint64_t data_ptr = args->data_ptr;
887 int do_bit17_swizzling;
891 /* Pin the user pages containing the data. We can't fault while
892 * holding the struct mutex, and all of the pwrite implementations
893 * want to hold it while dereferencing the user data.
895 first_data_page = data_ptr / PAGE_SIZE;
896 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
897 num_pages = last_data_page - first_data_page + 1;
899 user_pages = drm_malloc_ab(num_pages, sizeof(struct page *));
900 if (user_pages == NULL)
903 mutex_unlock(&dev->struct_mutex);
904 down_read(&mm->mmap_sem);
905 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
906 num_pages, 0, 0, user_pages, NULL);
907 up_read(&mm->mmap_sem);
908 mutex_lock(&dev->struct_mutex);
909 if (pinned_pages < num_pages) {
914 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
918 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
920 obj_priv = to_intel_bo(obj);
921 offset = args->offset;
925 /* Operation in this page
927 * shmem_page_index = page number within shmem file
928 * shmem_page_offset = offset within page in shmem file
929 * data_page_index = page number in get_user_pages return
930 * data_page_offset = offset with data_page_index page.
931 * page_length = bytes to copy for this page
933 shmem_page_index = offset / PAGE_SIZE;
934 shmem_page_offset = offset & ~PAGE_MASK;
935 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
936 data_page_offset = data_ptr & ~PAGE_MASK;
938 page_length = remain;
939 if ((shmem_page_offset + page_length) > PAGE_SIZE)
940 page_length = PAGE_SIZE - shmem_page_offset;
941 if ((data_page_offset + page_length) > PAGE_SIZE)
942 page_length = PAGE_SIZE - data_page_offset;
944 if (do_bit17_swizzling) {
945 slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
947 user_pages[data_page_index],
952 slow_shmem_copy(obj_priv->pages[shmem_page_index],
954 user_pages[data_page_index],
959 remain -= page_length;
960 data_ptr += page_length;
961 offset += page_length;
965 for (i = 0; i < pinned_pages; i++)
966 page_cache_release(user_pages[i]);
967 drm_free_large(user_pages);
973 * Writes data to the object referenced by handle.
975 * On error, the contents of the buffer that were to be modified are undefined.
978 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data,
979 struct drm_file *file)
981 struct drm_i915_gem_pwrite *args = data;
982 struct drm_gem_object *obj;
983 struct drm_i915_gem_object *obj_priv;
986 ret = i915_mutex_lock_interruptible(dev);
990 obj = drm_gem_object_lookup(dev, file, args->handle);
995 obj_priv = to_intel_bo(obj);
998 /* Bounds check destination. */
999 if (args->offset > obj->size || args->size > obj->size - args->offset) {
1004 if (args->size == 0)
1007 if (!access_ok(VERIFY_READ,
1008 (char __user *)(uintptr_t)args->data_ptr,
1014 ret = fault_in_pages_readable((char __user *)(uintptr_t)args->data_ptr,
1021 /* We can only do the GTT pwrite on untiled buffers, as otherwise
1022 * it would end up going through the fenced access, and we'll get
1023 * different detiling behavior between reading and writing.
1024 * pread/pwrite currently are reading and writing from the CPU
1025 * perspective, requiring manual detiling by the client.
1027 if (obj_priv->phys_obj)
1028 ret = i915_gem_phys_pwrite(dev, obj, args, file);
1029 else if (obj_priv->tiling_mode == I915_TILING_NONE &&
1030 obj_priv->gtt_space &&
1031 obj->write_domain != I915_GEM_DOMAIN_CPU) {
1032 ret = i915_gem_object_pin(obj, 0);
1036 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
1040 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file);
1042 ret = i915_gem_gtt_pwrite_slow(dev, obj, args, file);
1045 i915_gem_object_unpin(obj);
1047 ret = i915_gem_object_get_pages_or_evict(obj);
1051 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
1056 if (!i915_gem_object_needs_bit17_swizzle(obj))
1057 ret = i915_gem_shmem_pwrite_fast(dev, obj, args, file);
1059 ret = i915_gem_shmem_pwrite_slow(dev, obj, args, file);
1062 i915_gem_object_put_pages(obj);
1066 drm_gem_object_unreference(obj);
1068 mutex_unlock(&dev->struct_mutex);
1073 * Called when user space prepares to use an object with the CPU, either
1074 * through the mmap ioctl's mapping or a GTT mapping.
1077 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data,
1078 struct drm_file *file_priv)
1080 struct drm_i915_private *dev_priv = dev->dev_private;
1081 struct drm_i915_gem_set_domain *args = data;
1082 struct drm_gem_object *obj;
1083 struct drm_i915_gem_object *obj_priv;
1084 uint32_t read_domains = args->read_domains;
1085 uint32_t write_domain = args->write_domain;
1088 if (!(dev->driver->driver_features & DRIVER_GEM))
1091 /* Only handle setting domains to types used by the CPU. */
1092 if (write_domain & I915_GEM_GPU_DOMAINS)
1095 if (read_domains & I915_GEM_GPU_DOMAINS)
1098 /* Having something in the write domain implies it's in the read
1099 * domain, and only that read domain. Enforce that in the request.
1101 if (write_domain != 0 && read_domains != write_domain)
1104 ret = i915_mutex_lock_interruptible(dev);
1108 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1113 obj_priv = to_intel_bo(obj);
1115 intel_mark_busy(dev, obj);
1117 if (read_domains & I915_GEM_DOMAIN_GTT) {
1118 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0);
1120 /* Update the LRU on the fence for the CPU access that's
1123 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
1124 struct drm_i915_fence_reg *reg =
1125 &dev_priv->fence_regs[obj_priv->fence_reg];
1126 list_move_tail(®->lru_list,
1127 &dev_priv->mm.fence_list);
1130 /* Silently promote "you're not bound, there was nothing to do"
1131 * to success, since the client was just asking us to
1132 * make sure everything was done.
1137 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0);
1140 /* Maintain LRU order of "inactive" objects */
1141 if (ret == 0 && i915_gem_object_is_inactive(obj_priv))
1142 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.inactive_list);
1144 drm_gem_object_unreference(obj);
1146 mutex_unlock(&dev->struct_mutex);
1151 * Called when user space has done writes to this buffer
1154 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data,
1155 struct drm_file *file_priv)
1157 struct drm_i915_gem_sw_finish *args = data;
1158 struct drm_gem_object *obj;
1161 if (!(dev->driver->driver_features & DRIVER_GEM))
1164 ret = i915_mutex_lock_interruptible(dev);
1168 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1174 /* Pinned buffers may be scanout, so flush the cache */
1175 if (to_intel_bo(obj)->pin_count)
1176 i915_gem_object_flush_cpu_write_domain(obj);
1178 drm_gem_object_unreference(obj);
1180 mutex_unlock(&dev->struct_mutex);
1185 * Maps the contents of an object, returning the address it is mapped
1188 * While the mapping holds a reference on the contents of the object, it doesn't
1189 * imply a ref on the object itself.
1192 i915_gem_mmap_ioctl(struct drm_device *dev, void *data,
1193 struct drm_file *file_priv)
1195 struct drm_i915_gem_mmap *args = data;
1196 struct drm_gem_object *obj;
1200 if (!(dev->driver->driver_features & DRIVER_GEM))
1203 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1207 offset = args->offset;
1209 down_write(¤t->mm->mmap_sem);
1210 addr = do_mmap(obj->filp, 0, args->size,
1211 PROT_READ | PROT_WRITE, MAP_SHARED,
1213 up_write(¤t->mm->mmap_sem);
1214 drm_gem_object_unreference_unlocked(obj);
1215 if (IS_ERR((void *)addr))
1218 args->addr_ptr = (uint64_t) addr;
1224 * i915_gem_fault - fault a page into the GTT
1225 * vma: VMA in question
1228 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped
1229 * from userspace. The fault handler takes care of binding the object to
1230 * the GTT (if needed), allocating and programming a fence register (again,
1231 * only if needed based on whether the old reg is still valid or the object
1232 * is tiled) and inserting a new PTE into the faulting process.
1234 * Note that the faulting process may involve evicting existing objects
1235 * from the GTT and/or fence registers to make room. So performance may
1236 * suffer if the GTT working set is large or there are few fence registers
1239 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1241 struct drm_gem_object *obj = vma->vm_private_data;
1242 struct drm_device *dev = obj->dev;
1243 drm_i915_private_t *dev_priv = dev->dev_private;
1244 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1245 pgoff_t page_offset;
1248 bool write = !!(vmf->flags & FAULT_FLAG_WRITE);
1250 /* We don't use vmf->pgoff since that has the fake offset */
1251 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >>
1254 /* Now bind it into the GTT if needed */
1255 mutex_lock(&dev->struct_mutex);
1256 if (!obj_priv->gtt_space) {
1257 ret = i915_gem_object_bind_to_gtt(obj, 0);
1261 ret = i915_gem_object_set_to_gtt_domain(obj, write);
1266 /* Need a new fence register? */
1267 if (obj_priv->tiling_mode != I915_TILING_NONE) {
1268 ret = i915_gem_object_get_fence_reg(obj, true);
1273 if (i915_gem_object_is_inactive(obj_priv))
1274 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.inactive_list);
1276 pfn = ((dev->agp->base + obj_priv->gtt_offset) >> PAGE_SHIFT) +
1279 /* Finally, remap it using the new GTT offset */
1280 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn);
1282 mutex_unlock(&dev->struct_mutex);
1287 return VM_FAULT_NOPAGE;
1290 return VM_FAULT_OOM;
1292 return VM_FAULT_SIGBUS;
1297 * i915_gem_create_mmap_offset - create a fake mmap offset for an object
1298 * @obj: obj in question
1300 * GEM memory mapping works by handing back to userspace a fake mmap offset
1301 * it can use in a subsequent mmap(2) call. The DRM core code then looks
1302 * up the object based on the offset and sets up the various memory mapping
1305 * This routine allocates and attaches a fake offset for @obj.
1308 i915_gem_create_mmap_offset(struct drm_gem_object *obj)
1310 struct drm_device *dev = obj->dev;
1311 struct drm_gem_mm *mm = dev->mm_private;
1312 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1313 struct drm_map_list *list;
1314 struct drm_local_map *map;
1317 /* Set the object up for mmap'ing */
1318 list = &obj->map_list;
1319 list->map = kzalloc(sizeof(struct drm_map_list), GFP_KERNEL);
1324 map->type = _DRM_GEM;
1325 map->size = obj->size;
1328 /* Get a DRM GEM mmap offset allocated... */
1329 list->file_offset_node = drm_mm_search_free(&mm->offset_manager,
1330 obj->size / PAGE_SIZE, 0, 0);
1331 if (!list->file_offset_node) {
1332 DRM_ERROR("failed to allocate offset for bo %d\n", obj->name);
1337 list->file_offset_node = drm_mm_get_block(list->file_offset_node,
1338 obj->size / PAGE_SIZE, 0);
1339 if (!list->file_offset_node) {
1344 list->hash.key = list->file_offset_node->start;
1345 ret = drm_ht_insert_item(&mm->offset_hash, &list->hash);
1347 DRM_ERROR("failed to add to map hash\n");
1351 /* By now we should be all set, any drm_mmap request on the offset
1352 * below will get to our mmap & fault handler */
1353 obj_priv->mmap_offset = ((uint64_t) list->hash.key) << PAGE_SHIFT;
1358 drm_mm_put_block(list->file_offset_node);
1366 * i915_gem_release_mmap - remove physical page mappings
1367 * @obj: obj in question
1369 * Preserve the reservation of the mmapping with the DRM core code, but
1370 * relinquish ownership of the pages back to the system.
1372 * It is vital that we remove the page mapping if we have mapped a tiled
1373 * object through the GTT and then lose the fence register due to
1374 * resource pressure. Similarly if the object has been moved out of the
1375 * aperture, than pages mapped into userspace must be revoked. Removing the
1376 * mapping will then trigger a page fault on the next user access, allowing
1377 * fixup by i915_gem_fault().
1380 i915_gem_release_mmap(struct drm_gem_object *obj)
1382 struct drm_device *dev = obj->dev;
1383 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1385 if (dev->dev_mapping)
1386 unmap_mapping_range(dev->dev_mapping,
1387 obj_priv->mmap_offset, obj->size, 1);
1391 i915_gem_free_mmap_offset(struct drm_gem_object *obj)
1393 struct drm_device *dev = obj->dev;
1394 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1395 struct drm_gem_mm *mm = dev->mm_private;
1396 struct drm_map_list *list;
1398 list = &obj->map_list;
1399 drm_ht_remove_item(&mm->offset_hash, &list->hash);
1401 if (list->file_offset_node) {
1402 drm_mm_put_block(list->file_offset_node);
1403 list->file_offset_node = NULL;
1411 obj_priv->mmap_offset = 0;
1415 * i915_gem_get_gtt_alignment - return required GTT alignment for an object
1416 * @obj: object to check
1418 * Return the required GTT alignment for an object, taking into account
1419 * potential fence register mapping if needed.
1422 i915_gem_get_gtt_alignment(struct drm_gem_object *obj)
1424 struct drm_device *dev = obj->dev;
1425 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1429 * Minimum alignment is 4k (GTT page size), but might be greater
1430 * if a fence register is needed for the object.
1432 if (INTEL_INFO(dev)->gen >= 4 || obj_priv->tiling_mode == I915_TILING_NONE)
1436 * Previous chips need to be aligned to the size of the smallest
1437 * fence register that can contain the object.
1439 if (INTEL_INFO(dev)->gen == 3)
1444 for (i = start; i < obj->size; i <<= 1)
1451 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing
1453 * @data: GTT mapping ioctl data
1454 * @file_priv: GEM object info
1456 * Simply returns the fake offset to userspace so it can mmap it.
1457 * The mmap call will end up in drm_gem_mmap(), which will set things
1458 * up so we can get faults in the handler above.
1460 * The fault handler will take care of binding the object into the GTT
1461 * (since it may have been evicted to make room for something), allocating
1462 * a fence register, and mapping the appropriate aperture address into
1466 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data,
1467 struct drm_file *file_priv)
1469 struct drm_i915_gem_mmap_gtt *args = data;
1470 struct drm_gem_object *obj;
1471 struct drm_i915_gem_object *obj_priv;
1474 if (!(dev->driver->driver_features & DRIVER_GEM))
1477 ret = i915_mutex_lock_interruptible(dev);
1481 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1486 obj_priv = to_intel_bo(obj);
1488 if (obj_priv->madv != I915_MADV_WILLNEED) {
1489 DRM_ERROR("Attempting to mmap a purgeable buffer\n");
1494 if (!obj_priv->mmap_offset) {
1495 ret = i915_gem_create_mmap_offset(obj);
1500 args->offset = obj_priv->mmap_offset;
1503 * Pull it into the GTT so that we have a page list (makes the
1504 * initial fault faster and any subsequent flushing possible).
1506 if (!obj_priv->agp_mem) {
1507 ret = i915_gem_object_bind_to_gtt(obj, 0);
1513 drm_gem_object_unreference(obj);
1515 mutex_unlock(&dev->struct_mutex);
1520 i915_gem_object_put_pages(struct drm_gem_object *obj)
1522 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1523 int page_count = obj->size / PAGE_SIZE;
1526 BUG_ON(obj_priv->pages_refcount == 0);
1527 BUG_ON(obj_priv->madv == __I915_MADV_PURGED);
1529 if (--obj_priv->pages_refcount != 0)
1532 if (obj_priv->tiling_mode != I915_TILING_NONE)
1533 i915_gem_object_save_bit_17_swizzle(obj);
1535 if (obj_priv->madv == I915_MADV_DONTNEED)
1536 obj_priv->dirty = 0;
1538 for (i = 0; i < page_count; i++) {
1539 if (obj_priv->dirty)
1540 set_page_dirty(obj_priv->pages[i]);
1542 if (obj_priv->madv == I915_MADV_WILLNEED)
1543 mark_page_accessed(obj_priv->pages[i]);
1545 page_cache_release(obj_priv->pages[i]);
1547 obj_priv->dirty = 0;
1549 drm_free_large(obj_priv->pages);
1550 obj_priv->pages = NULL;
1554 i915_gem_next_request_seqno(struct drm_device *dev,
1555 struct intel_ring_buffer *ring)
1557 drm_i915_private_t *dev_priv = dev->dev_private;
1559 ring->outstanding_lazy_request = true;
1560 return dev_priv->next_seqno;
1564 i915_gem_object_move_to_active(struct drm_gem_object *obj,
1565 struct intel_ring_buffer *ring)
1567 struct drm_device *dev = obj->dev;
1568 struct drm_i915_private *dev_priv = dev->dev_private;
1569 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1570 uint32_t seqno = i915_gem_next_request_seqno(dev, ring);
1572 BUG_ON(ring == NULL);
1573 obj_priv->ring = ring;
1575 /* Add a reference if we're newly entering the active list. */
1576 if (!obj_priv->active) {
1577 drm_gem_object_reference(obj);
1578 obj_priv->active = 1;
1581 /* Move from whatever list we were on to the tail of execution. */
1582 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.active_list);
1583 list_move_tail(&obj_priv->ring_list, &ring->active_list);
1584 obj_priv->last_rendering_seqno = seqno;
1588 i915_gem_object_move_to_flushing(struct drm_gem_object *obj)
1590 struct drm_device *dev = obj->dev;
1591 drm_i915_private_t *dev_priv = dev->dev_private;
1592 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1594 BUG_ON(!obj_priv->active);
1595 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.flushing_list);
1596 list_del_init(&obj_priv->ring_list);
1597 obj_priv->last_rendering_seqno = 0;
1600 /* Immediately discard the backing storage */
1602 i915_gem_object_truncate(struct drm_gem_object *obj)
1604 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1605 struct inode *inode;
1607 /* Our goal here is to return as much of the memory as
1608 * is possible back to the system as we are called from OOM.
1609 * To do this we must instruct the shmfs to drop all of its
1610 * backing pages, *now*. Here we mirror the actions taken
1611 * when by shmem_delete_inode() to release the backing store.
1613 inode = obj->filp->f_path.dentry->d_inode;
1614 truncate_inode_pages(inode->i_mapping, 0);
1615 if (inode->i_op->truncate_range)
1616 inode->i_op->truncate_range(inode, 0, (loff_t)-1);
1618 obj_priv->madv = __I915_MADV_PURGED;
1622 i915_gem_object_is_purgeable(struct drm_i915_gem_object *obj_priv)
1624 return obj_priv->madv == I915_MADV_DONTNEED;
1628 i915_gem_object_move_to_inactive(struct drm_gem_object *obj)
1630 struct drm_device *dev = obj->dev;
1631 drm_i915_private_t *dev_priv = dev->dev_private;
1632 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1634 if (obj_priv->pin_count != 0)
1635 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.pinned_list);
1637 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.inactive_list);
1638 list_del_init(&obj_priv->ring_list);
1640 BUG_ON(!list_empty(&obj_priv->gpu_write_list));
1642 obj_priv->last_rendering_seqno = 0;
1643 obj_priv->ring = NULL;
1644 if (obj_priv->active) {
1645 obj_priv->active = 0;
1646 drm_gem_object_unreference(obj);
1648 WARN_ON(i915_verify_lists(dev));
1652 i915_gem_process_flushing_list(struct drm_device *dev,
1653 uint32_t flush_domains,
1654 struct intel_ring_buffer *ring)
1656 drm_i915_private_t *dev_priv = dev->dev_private;
1657 struct drm_i915_gem_object *obj_priv, *next;
1659 list_for_each_entry_safe(obj_priv, next,
1660 &ring->gpu_write_list,
1662 struct drm_gem_object *obj = &obj_priv->base;
1664 if (obj->write_domain & flush_domains) {
1665 uint32_t old_write_domain = obj->write_domain;
1667 obj->write_domain = 0;
1668 list_del_init(&obj_priv->gpu_write_list);
1669 i915_gem_object_move_to_active(obj, ring);
1671 /* update the fence lru list */
1672 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
1673 struct drm_i915_fence_reg *reg =
1674 &dev_priv->fence_regs[obj_priv->fence_reg];
1675 list_move_tail(®->lru_list,
1676 &dev_priv->mm.fence_list);
1679 trace_i915_gem_object_change_domain(obj,
1687 i915_add_request(struct drm_device *dev,
1688 struct drm_file *file,
1689 struct drm_i915_gem_request *request,
1690 struct intel_ring_buffer *ring)
1692 drm_i915_private_t *dev_priv = dev->dev_private;
1693 struct drm_i915_file_private *file_priv = NULL;
1698 file_priv = file->driver_priv;
1700 if (request == NULL) {
1701 request = kzalloc(sizeof(*request), GFP_KERNEL);
1702 if (request == NULL)
1706 seqno = ring->add_request(dev, ring, 0);
1707 ring->outstanding_lazy_request = false;
1709 request->seqno = seqno;
1710 request->ring = ring;
1711 request->emitted_jiffies = jiffies;
1712 was_empty = list_empty(&ring->request_list);
1713 list_add_tail(&request->list, &ring->request_list);
1716 spin_lock(&file_priv->mm.lock);
1717 request->file_priv = file_priv;
1718 list_add_tail(&request->client_list,
1719 &file_priv->mm.request_list);
1720 spin_unlock(&file_priv->mm.lock);
1723 if (!dev_priv->mm.suspended) {
1724 mod_timer(&dev_priv->hangcheck_timer,
1725 jiffies + msecs_to_jiffies(DRM_I915_HANGCHECK_PERIOD));
1727 queue_delayed_work(dev_priv->wq,
1728 &dev_priv->mm.retire_work, HZ);
1734 * Command execution barrier
1736 * Ensures that all commands in the ring are finished
1737 * before signalling the CPU
1740 i915_retire_commands(struct drm_device *dev, struct intel_ring_buffer *ring)
1742 uint32_t flush_domains = 0;
1744 /* The sampler always gets flushed on i965 (sigh) */
1745 if (INTEL_INFO(dev)->gen >= 4)
1746 flush_domains |= I915_GEM_DOMAIN_SAMPLER;
1748 ring->flush(dev, ring,
1749 I915_GEM_DOMAIN_COMMAND, flush_domains);
1753 i915_gem_request_remove_from_client(struct drm_i915_gem_request *request)
1755 struct drm_i915_file_private *file_priv = request->file_priv;
1760 spin_lock(&file_priv->mm.lock);
1761 list_del(&request->client_list);
1762 request->file_priv = NULL;
1763 spin_unlock(&file_priv->mm.lock);
1766 static void i915_gem_reset_ring_lists(struct drm_i915_private *dev_priv,
1767 struct intel_ring_buffer *ring)
1769 while (!list_empty(&ring->request_list)) {
1770 struct drm_i915_gem_request *request;
1772 request = list_first_entry(&ring->request_list,
1773 struct drm_i915_gem_request,
1776 list_del(&request->list);
1777 i915_gem_request_remove_from_client(request);
1781 while (!list_empty(&ring->active_list)) {
1782 struct drm_i915_gem_object *obj_priv;
1784 obj_priv = list_first_entry(&ring->active_list,
1785 struct drm_i915_gem_object,
1788 obj_priv->base.write_domain = 0;
1789 list_del_init(&obj_priv->gpu_write_list);
1790 i915_gem_object_move_to_inactive(&obj_priv->base);
1794 void i915_gem_reset(struct drm_device *dev)
1796 struct drm_i915_private *dev_priv = dev->dev_private;
1797 struct drm_i915_gem_object *obj_priv;
1800 i915_gem_reset_ring_lists(dev_priv, &dev_priv->render_ring);
1801 i915_gem_reset_ring_lists(dev_priv, &dev_priv->bsd_ring);
1802 i915_gem_reset_ring_lists(dev_priv, &dev_priv->blt_ring);
1804 /* Remove anything from the flushing lists. The GPU cache is likely
1805 * to be lost on reset along with the data, so simply move the
1806 * lost bo to the inactive list.
1808 while (!list_empty(&dev_priv->mm.flushing_list)) {
1809 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
1810 struct drm_i915_gem_object,
1813 obj_priv->base.write_domain = 0;
1814 list_del_init(&obj_priv->gpu_write_list);
1815 i915_gem_object_move_to_inactive(&obj_priv->base);
1818 /* Move everything out of the GPU domains to ensure we do any
1819 * necessary invalidation upon reuse.
1821 list_for_each_entry(obj_priv,
1822 &dev_priv->mm.inactive_list,
1825 obj_priv->base.read_domains &= ~I915_GEM_GPU_DOMAINS;
1828 /* The fence registers are invalidated so clear them out */
1829 for (i = 0; i < 16; i++) {
1830 struct drm_i915_fence_reg *reg;
1832 reg = &dev_priv->fence_regs[i];
1836 i915_gem_clear_fence_reg(reg->obj);
1841 * This function clears the request list as sequence numbers are passed.
1844 i915_gem_retire_requests_ring(struct drm_device *dev,
1845 struct intel_ring_buffer *ring)
1847 drm_i915_private_t *dev_priv = dev->dev_private;
1850 if (!ring->status_page.page_addr ||
1851 list_empty(&ring->request_list))
1854 WARN_ON(i915_verify_lists(dev));
1856 seqno = ring->get_seqno(dev, ring);
1857 while (!list_empty(&ring->request_list)) {
1858 struct drm_i915_gem_request *request;
1860 request = list_first_entry(&ring->request_list,
1861 struct drm_i915_gem_request,
1864 if (!i915_seqno_passed(seqno, request->seqno))
1867 trace_i915_gem_request_retire(dev, request->seqno);
1869 list_del(&request->list);
1870 i915_gem_request_remove_from_client(request);
1874 /* Move any buffers on the active list that are no longer referenced
1875 * by the ringbuffer to the flushing/inactive lists as appropriate.
1877 while (!list_empty(&ring->active_list)) {
1878 struct drm_gem_object *obj;
1879 struct drm_i915_gem_object *obj_priv;
1881 obj_priv = list_first_entry(&ring->active_list,
1882 struct drm_i915_gem_object,
1885 if (!i915_seqno_passed(seqno, obj_priv->last_rendering_seqno))
1888 obj = &obj_priv->base;
1889 if (obj->write_domain != 0)
1890 i915_gem_object_move_to_flushing(obj);
1892 i915_gem_object_move_to_inactive(obj);
1895 if (unlikely (dev_priv->trace_irq_seqno &&
1896 i915_seqno_passed(dev_priv->trace_irq_seqno, seqno))) {
1897 ring->user_irq_put(dev, ring);
1898 dev_priv->trace_irq_seqno = 0;
1901 WARN_ON(i915_verify_lists(dev));
1905 i915_gem_retire_requests(struct drm_device *dev)
1907 drm_i915_private_t *dev_priv = dev->dev_private;
1909 if (!list_empty(&dev_priv->mm.deferred_free_list)) {
1910 struct drm_i915_gem_object *obj_priv, *tmp;
1912 /* We must be careful that during unbind() we do not
1913 * accidentally infinitely recurse into retire requests.
1915 * retire -> free -> unbind -> wait -> retire_ring
1917 list_for_each_entry_safe(obj_priv, tmp,
1918 &dev_priv->mm.deferred_free_list,
1920 i915_gem_free_object_tail(&obj_priv->base);
1923 i915_gem_retire_requests_ring(dev, &dev_priv->render_ring);
1924 i915_gem_retire_requests_ring(dev, &dev_priv->bsd_ring);
1925 i915_gem_retire_requests_ring(dev, &dev_priv->blt_ring);
1929 i915_gem_retire_work_handler(struct work_struct *work)
1931 drm_i915_private_t *dev_priv;
1932 struct drm_device *dev;
1934 dev_priv = container_of(work, drm_i915_private_t,
1935 mm.retire_work.work);
1936 dev = dev_priv->dev;
1938 /* Come back later if the device is busy... */
1939 if (!mutex_trylock(&dev->struct_mutex)) {
1940 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1944 i915_gem_retire_requests(dev);
1946 if (!dev_priv->mm.suspended &&
1947 (!list_empty(&dev_priv->render_ring.request_list) ||
1948 !list_empty(&dev_priv->bsd_ring.request_list) ||
1949 !list_empty(&dev_priv->blt_ring.request_list)))
1950 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1951 mutex_unlock(&dev->struct_mutex);
1955 i915_do_wait_request(struct drm_device *dev, uint32_t seqno,
1956 bool interruptible, struct intel_ring_buffer *ring)
1958 drm_i915_private_t *dev_priv = dev->dev_private;
1964 if (atomic_read(&dev_priv->mm.wedged))
1967 if (ring->outstanding_lazy_request) {
1968 seqno = i915_add_request(dev, NULL, NULL, ring);
1972 BUG_ON(seqno == dev_priv->next_seqno);
1974 if (!i915_seqno_passed(ring->get_seqno(dev, ring), seqno)) {
1975 if (HAS_PCH_SPLIT(dev))
1976 ier = I915_READ(DEIER) | I915_READ(GTIER);
1978 ier = I915_READ(IER);
1980 DRM_ERROR("something (likely vbetool) disabled "
1981 "interrupts, re-enabling\n");
1982 i915_driver_irq_preinstall(dev);
1983 i915_driver_irq_postinstall(dev);
1986 trace_i915_gem_request_wait_begin(dev, seqno);
1988 ring->waiting_gem_seqno = seqno;
1989 ring->user_irq_get(dev, ring);
1991 ret = wait_event_interruptible(ring->irq_queue,
1993 ring->get_seqno(dev, ring), seqno)
1994 || atomic_read(&dev_priv->mm.wedged));
1996 wait_event(ring->irq_queue,
1998 ring->get_seqno(dev, ring), seqno)
1999 || atomic_read(&dev_priv->mm.wedged));
2001 ring->user_irq_put(dev, ring);
2002 ring->waiting_gem_seqno = 0;
2004 trace_i915_gem_request_wait_end(dev, seqno);
2006 if (atomic_read(&dev_priv->mm.wedged))
2009 if (ret && ret != -ERESTARTSYS)
2010 DRM_ERROR("%s returns %d (awaiting %d at %d, next %d)\n",
2011 __func__, ret, seqno, ring->get_seqno(dev, ring),
2012 dev_priv->next_seqno);
2014 /* Directly dispatch request retiring. While we have the work queue
2015 * to handle this, the waiter on a request often wants an associated
2016 * buffer to have made it to the inactive list, and we would need
2017 * a separate wait queue to handle that.
2020 i915_gem_retire_requests_ring(dev, ring);
2026 * Waits for a sequence number to be signaled, and cleans up the
2027 * request and object lists appropriately for that event.
2030 i915_wait_request(struct drm_device *dev, uint32_t seqno,
2031 struct intel_ring_buffer *ring)
2033 return i915_do_wait_request(dev, seqno, 1, ring);
2037 i915_gem_flush_ring(struct drm_device *dev,
2038 struct drm_file *file_priv,
2039 struct intel_ring_buffer *ring,
2040 uint32_t invalidate_domains,
2041 uint32_t flush_domains)
2043 ring->flush(dev, ring, invalidate_domains, flush_domains);
2044 i915_gem_process_flushing_list(dev, flush_domains, ring);
2048 i915_gem_flush(struct drm_device *dev,
2049 struct drm_file *file_priv,
2050 uint32_t invalidate_domains,
2051 uint32_t flush_domains,
2052 uint32_t flush_rings)
2054 drm_i915_private_t *dev_priv = dev->dev_private;
2056 if (flush_domains & I915_GEM_DOMAIN_CPU)
2057 drm_agp_chipset_flush(dev);
2059 if ((flush_domains | invalidate_domains) & I915_GEM_GPU_DOMAINS) {
2060 if (flush_rings & RING_RENDER)
2061 i915_gem_flush_ring(dev, file_priv,
2062 &dev_priv->render_ring,
2063 invalidate_domains, flush_domains);
2064 if (flush_rings & RING_BSD)
2065 i915_gem_flush_ring(dev, file_priv,
2066 &dev_priv->bsd_ring,
2067 invalidate_domains, flush_domains);
2068 if (flush_rings & RING_BLT)
2069 i915_gem_flush_ring(dev, file_priv,
2070 &dev_priv->blt_ring,
2071 invalidate_domains, flush_domains);
2076 * Ensures that all rendering to the object has completed and the object is
2077 * safe to unbind from the GTT or access from the CPU.
2080 i915_gem_object_wait_rendering(struct drm_gem_object *obj,
2083 struct drm_device *dev = obj->dev;
2084 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2087 /* This function only exists to support waiting for existing rendering,
2088 * not for emitting required flushes.
2090 BUG_ON((obj->write_domain & I915_GEM_GPU_DOMAINS) != 0);
2092 /* If there is rendering queued on the buffer being evicted, wait for
2095 if (obj_priv->active) {
2096 ret = i915_do_wait_request(dev,
2097 obj_priv->last_rendering_seqno,
2108 * Unbinds an object from the GTT aperture.
2111 i915_gem_object_unbind(struct drm_gem_object *obj)
2113 struct drm_device *dev = obj->dev;
2114 struct drm_i915_private *dev_priv = dev->dev_private;
2115 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2118 if (obj_priv->gtt_space == NULL)
2121 if (obj_priv->pin_count != 0) {
2122 DRM_ERROR("Attempting to unbind pinned buffer\n");
2126 /* blow away mappings if mapped through GTT */
2127 i915_gem_release_mmap(obj);
2129 /* Move the object to the CPU domain to ensure that
2130 * any possible CPU writes while it's not in the GTT
2131 * are flushed when we go to remap it. This will
2132 * also ensure that all pending GPU writes are finished
2135 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
2136 if (ret == -ERESTARTSYS)
2138 /* Continue on if we fail due to EIO, the GPU is hung so we
2139 * should be safe and we need to cleanup or else we might
2140 * cause memory corruption through use-after-free.
2143 i915_gem_clflush_object(obj);
2144 obj->read_domains = obj->write_domain = I915_GEM_DOMAIN_CPU;
2147 /* release the fence reg _after_ flushing */
2148 if (obj_priv->fence_reg != I915_FENCE_REG_NONE)
2149 i915_gem_clear_fence_reg(obj);
2151 drm_unbind_agp(obj_priv->agp_mem);
2152 drm_free_agp(obj_priv->agp_mem, obj->size / PAGE_SIZE);
2154 i915_gem_object_put_pages(obj);
2155 BUG_ON(obj_priv->pages_refcount);
2157 i915_gem_info_remove_gtt(dev_priv, obj->size);
2158 list_del_init(&obj_priv->mm_list);
2160 drm_mm_put_block(obj_priv->gtt_space);
2161 obj_priv->gtt_space = NULL;
2162 obj_priv->gtt_offset = 0;
2164 if (i915_gem_object_is_purgeable(obj_priv))
2165 i915_gem_object_truncate(obj);
2167 trace_i915_gem_object_unbind(obj);
2172 static int i915_ring_idle(struct drm_device *dev,
2173 struct intel_ring_buffer *ring)
2175 if (list_empty(&ring->gpu_write_list) && list_empty(&ring->active_list))
2178 i915_gem_flush_ring(dev, NULL, ring,
2179 I915_GEM_GPU_DOMAINS, I915_GEM_GPU_DOMAINS);
2180 return i915_wait_request(dev,
2181 i915_gem_next_request_seqno(dev, ring),
2186 i915_gpu_idle(struct drm_device *dev)
2188 drm_i915_private_t *dev_priv = dev->dev_private;
2192 lists_empty = (list_empty(&dev_priv->mm.flushing_list) &&
2193 list_empty(&dev_priv->mm.active_list));
2197 /* Flush everything onto the inactive list. */
2198 ret = i915_ring_idle(dev, &dev_priv->render_ring);
2202 ret = i915_ring_idle(dev, &dev_priv->bsd_ring);
2206 ret = i915_ring_idle(dev, &dev_priv->blt_ring);
2214 i915_gem_object_get_pages(struct drm_gem_object *obj,
2217 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2219 struct address_space *mapping;
2220 struct inode *inode;
2223 BUG_ON(obj_priv->pages_refcount
2224 == DRM_I915_GEM_OBJECT_MAX_PAGES_REFCOUNT);
2226 if (obj_priv->pages_refcount++ != 0)
2229 /* Get the list of pages out of our struct file. They'll be pinned
2230 * at this point until we release them.
2232 page_count = obj->size / PAGE_SIZE;
2233 BUG_ON(obj_priv->pages != NULL);
2234 obj_priv->pages = drm_calloc_large(page_count, sizeof(struct page *));
2235 if (obj_priv->pages == NULL) {
2236 obj_priv->pages_refcount--;
2240 inode = obj->filp->f_path.dentry->d_inode;
2241 mapping = inode->i_mapping;
2242 for (i = 0; i < page_count; i++) {
2243 page = read_cache_page_gfp(mapping, i,
2251 obj_priv->pages[i] = page;
2254 if (obj_priv->tiling_mode != I915_TILING_NONE)
2255 i915_gem_object_do_bit_17_swizzle(obj);
2261 page_cache_release(obj_priv->pages[i]);
2263 drm_free_large(obj_priv->pages);
2264 obj_priv->pages = NULL;
2265 obj_priv->pages_refcount--;
2266 return PTR_ERR(page);
2269 static void sandybridge_write_fence_reg(struct drm_i915_fence_reg *reg)
2271 struct drm_gem_object *obj = reg->obj;
2272 struct drm_device *dev = obj->dev;
2273 drm_i915_private_t *dev_priv = dev->dev_private;
2274 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2275 int regnum = obj_priv->fence_reg;
2278 val = (uint64_t)((obj_priv->gtt_offset + obj->size - 4096) &
2280 val |= obj_priv->gtt_offset & 0xfffff000;
2281 val |= (uint64_t)((obj_priv->stride / 128) - 1) <<
2282 SANDYBRIDGE_FENCE_PITCH_SHIFT;
2284 if (obj_priv->tiling_mode == I915_TILING_Y)
2285 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
2286 val |= I965_FENCE_REG_VALID;
2288 I915_WRITE64(FENCE_REG_SANDYBRIDGE_0 + (regnum * 8), val);
2291 static void i965_write_fence_reg(struct drm_i915_fence_reg *reg)
2293 struct drm_gem_object *obj = reg->obj;
2294 struct drm_device *dev = obj->dev;
2295 drm_i915_private_t *dev_priv = dev->dev_private;
2296 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2297 int regnum = obj_priv->fence_reg;
2300 val = (uint64_t)((obj_priv->gtt_offset + obj->size - 4096) &
2302 val |= obj_priv->gtt_offset & 0xfffff000;
2303 val |= ((obj_priv->stride / 128) - 1) << I965_FENCE_PITCH_SHIFT;
2304 if (obj_priv->tiling_mode == I915_TILING_Y)
2305 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
2306 val |= I965_FENCE_REG_VALID;
2308 I915_WRITE64(FENCE_REG_965_0 + (regnum * 8), val);
2311 static void i915_write_fence_reg(struct drm_i915_fence_reg *reg)
2313 struct drm_gem_object *obj = reg->obj;
2314 struct drm_device *dev = obj->dev;
2315 drm_i915_private_t *dev_priv = dev->dev_private;
2316 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2317 int regnum = obj_priv->fence_reg;
2319 uint32_t fence_reg, val;
2322 if ((obj_priv->gtt_offset & ~I915_FENCE_START_MASK) ||
2323 (obj_priv->gtt_offset & (obj->size - 1))) {
2324 WARN(1, "%s: object 0x%08x not 1M or size (0x%zx) aligned\n",
2325 __func__, obj_priv->gtt_offset, obj->size);
2329 if (obj_priv->tiling_mode == I915_TILING_Y &&
2330 HAS_128_BYTE_Y_TILING(dev))
2335 /* Note: pitch better be a power of two tile widths */
2336 pitch_val = obj_priv->stride / tile_width;
2337 pitch_val = ffs(pitch_val) - 1;
2339 if (obj_priv->tiling_mode == I915_TILING_Y &&
2340 HAS_128_BYTE_Y_TILING(dev))
2341 WARN_ON(pitch_val > I830_FENCE_MAX_PITCH_VAL);
2343 WARN_ON(pitch_val > I915_FENCE_MAX_PITCH_VAL);
2345 val = obj_priv->gtt_offset;
2346 if (obj_priv->tiling_mode == I915_TILING_Y)
2347 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2348 val |= I915_FENCE_SIZE_BITS(obj->size);
2349 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2350 val |= I830_FENCE_REG_VALID;
2353 fence_reg = FENCE_REG_830_0 + (regnum * 4);
2355 fence_reg = FENCE_REG_945_8 + ((regnum - 8) * 4);
2356 I915_WRITE(fence_reg, val);
2359 static void i830_write_fence_reg(struct drm_i915_fence_reg *reg)
2361 struct drm_gem_object *obj = reg->obj;
2362 struct drm_device *dev = obj->dev;
2363 drm_i915_private_t *dev_priv = dev->dev_private;
2364 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2365 int regnum = obj_priv->fence_reg;
2368 uint32_t fence_size_bits;
2370 if ((obj_priv->gtt_offset & ~I830_FENCE_START_MASK) ||
2371 (obj_priv->gtt_offset & (obj->size - 1))) {
2372 WARN(1, "%s: object 0x%08x not 512K or size aligned\n",
2373 __func__, obj_priv->gtt_offset);
2377 pitch_val = obj_priv->stride / 128;
2378 pitch_val = ffs(pitch_val) - 1;
2379 WARN_ON(pitch_val > I830_FENCE_MAX_PITCH_VAL);
2381 val = obj_priv->gtt_offset;
2382 if (obj_priv->tiling_mode == I915_TILING_Y)
2383 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2384 fence_size_bits = I830_FENCE_SIZE_BITS(obj->size);
2385 WARN_ON(fence_size_bits & ~0x00000f00);
2386 val |= fence_size_bits;
2387 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2388 val |= I830_FENCE_REG_VALID;
2390 I915_WRITE(FENCE_REG_830_0 + (regnum * 4), val);
2393 static int i915_find_fence_reg(struct drm_device *dev,
2396 struct drm_i915_fence_reg *reg = NULL;
2397 struct drm_i915_gem_object *obj_priv = NULL;
2398 struct drm_i915_private *dev_priv = dev->dev_private;
2399 struct drm_gem_object *obj = NULL;
2402 /* First try to find a free reg */
2404 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) {
2405 reg = &dev_priv->fence_regs[i];
2409 obj_priv = to_intel_bo(reg->obj);
2410 if (!obj_priv->pin_count)
2417 /* None available, try to steal one or wait for a user to finish */
2418 i = I915_FENCE_REG_NONE;
2419 list_for_each_entry(reg, &dev_priv->mm.fence_list,
2422 obj_priv = to_intel_bo(obj);
2424 if (obj_priv->pin_count)
2428 i = obj_priv->fence_reg;
2432 BUG_ON(i == I915_FENCE_REG_NONE);
2434 /* We only have a reference on obj from the active list. put_fence_reg
2435 * might drop that one, causing a use-after-free in it. So hold a
2436 * private reference to obj like the other callers of put_fence_reg
2437 * (set_tiling ioctl) do. */
2438 drm_gem_object_reference(obj);
2439 ret = i915_gem_object_put_fence_reg(obj, interruptible);
2440 drm_gem_object_unreference(obj);
2448 * i915_gem_object_get_fence_reg - set up a fence reg for an object
2449 * @obj: object to map through a fence reg
2451 * When mapping objects through the GTT, userspace wants to be able to write
2452 * to them without having to worry about swizzling if the object is tiled.
2454 * This function walks the fence regs looking for a free one for @obj,
2455 * stealing one if it can't find any.
2457 * It then sets up the reg based on the object's properties: address, pitch
2458 * and tiling format.
2461 i915_gem_object_get_fence_reg(struct drm_gem_object *obj,
2464 struct drm_device *dev = obj->dev;
2465 struct drm_i915_private *dev_priv = dev->dev_private;
2466 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2467 struct drm_i915_fence_reg *reg = NULL;
2470 /* Just update our place in the LRU if our fence is getting used. */
2471 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
2472 reg = &dev_priv->fence_regs[obj_priv->fence_reg];
2473 list_move_tail(®->lru_list, &dev_priv->mm.fence_list);
2477 switch (obj_priv->tiling_mode) {
2478 case I915_TILING_NONE:
2479 WARN(1, "allocating a fence for non-tiled object?\n");
2482 if (!obj_priv->stride)
2484 WARN((obj_priv->stride & (512 - 1)),
2485 "object 0x%08x is X tiled but has non-512B pitch\n",
2486 obj_priv->gtt_offset);
2489 if (!obj_priv->stride)
2491 WARN((obj_priv->stride & (128 - 1)),
2492 "object 0x%08x is Y tiled but has non-128B pitch\n",
2493 obj_priv->gtt_offset);
2497 ret = i915_find_fence_reg(dev, interruptible);
2501 obj_priv->fence_reg = ret;
2502 reg = &dev_priv->fence_regs[obj_priv->fence_reg];
2503 list_add_tail(®->lru_list, &dev_priv->mm.fence_list);
2507 switch (INTEL_INFO(dev)->gen) {
2509 sandybridge_write_fence_reg(reg);
2513 i965_write_fence_reg(reg);
2516 i915_write_fence_reg(reg);
2519 i830_write_fence_reg(reg);
2523 trace_i915_gem_object_get_fence(obj, obj_priv->fence_reg,
2524 obj_priv->tiling_mode);
2530 * i915_gem_clear_fence_reg - clear out fence register info
2531 * @obj: object to clear
2533 * Zeroes out the fence register itself and clears out the associated
2534 * data structures in dev_priv and obj_priv.
2537 i915_gem_clear_fence_reg(struct drm_gem_object *obj)
2539 struct drm_device *dev = obj->dev;
2540 drm_i915_private_t *dev_priv = dev->dev_private;
2541 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2542 struct drm_i915_fence_reg *reg =
2543 &dev_priv->fence_regs[obj_priv->fence_reg];
2546 switch (INTEL_INFO(dev)->gen) {
2548 I915_WRITE64(FENCE_REG_SANDYBRIDGE_0 +
2549 (obj_priv->fence_reg * 8), 0);
2553 I915_WRITE64(FENCE_REG_965_0 + (obj_priv->fence_reg * 8), 0);
2556 if (obj_priv->fence_reg >= 8)
2557 fence_reg = FENCE_REG_945_8 + (obj_priv->fence_reg - 8) * 4;
2560 fence_reg = FENCE_REG_830_0 + obj_priv->fence_reg * 4;
2562 I915_WRITE(fence_reg, 0);
2567 obj_priv->fence_reg = I915_FENCE_REG_NONE;
2568 list_del_init(®->lru_list);
2572 * i915_gem_object_put_fence_reg - waits on outstanding fenced access
2573 * to the buffer to finish, and then resets the fence register.
2574 * @obj: tiled object holding a fence register.
2575 * @bool: whether the wait upon the fence is interruptible
2577 * Zeroes out the fence register itself and clears out the associated
2578 * data structures in dev_priv and obj_priv.
2581 i915_gem_object_put_fence_reg(struct drm_gem_object *obj,
2584 struct drm_device *dev = obj->dev;
2585 struct drm_i915_private *dev_priv = dev->dev_private;
2586 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2587 struct drm_i915_fence_reg *reg;
2589 if (obj_priv->fence_reg == I915_FENCE_REG_NONE)
2592 /* If we've changed tiling, GTT-mappings of the object
2593 * need to re-fault to ensure that the correct fence register
2594 * setup is in place.
2596 i915_gem_release_mmap(obj);
2598 /* On the i915, GPU access to tiled buffers is via a fence,
2599 * therefore we must wait for any outstanding access to complete
2600 * before clearing the fence.
2602 reg = &dev_priv->fence_regs[obj_priv->fence_reg];
2606 ret = i915_gem_object_flush_gpu_write_domain(obj, true);
2610 ret = i915_gem_object_wait_rendering(obj, interruptible);
2617 i915_gem_object_flush_gtt_write_domain(obj);
2618 i915_gem_clear_fence_reg(obj);
2624 * Finds free space in the GTT aperture and binds the object there.
2627 i915_gem_object_bind_to_gtt(struct drm_gem_object *obj, unsigned alignment)
2629 struct drm_device *dev = obj->dev;
2630 drm_i915_private_t *dev_priv = dev->dev_private;
2631 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2632 struct drm_mm_node *free_space;
2633 gfp_t gfpmask = __GFP_NORETRY | __GFP_NOWARN;
2636 if (obj_priv->madv != I915_MADV_WILLNEED) {
2637 DRM_ERROR("Attempting to bind a purgeable object\n");
2642 alignment = i915_gem_get_gtt_alignment(obj);
2643 if (alignment & (i915_gem_get_gtt_alignment(obj) - 1)) {
2644 DRM_ERROR("Invalid object alignment requested %u\n", alignment);
2648 /* If the object is bigger than the entire aperture, reject it early
2649 * before evicting everything in a vain attempt to find space.
2651 if (obj->size > dev_priv->mm.gtt_total) {
2652 DRM_ERROR("Attempting to bind an object larger than the aperture\n");
2657 free_space = drm_mm_search_free(&dev_priv->mm.gtt_space,
2658 obj->size, alignment, 0);
2659 if (free_space != NULL)
2660 obj_priv->gtt_space = drm_mm_get_block(free_space, obj->size,
2662 if (obj_priv->gtt_space == NULL) {
2663 /* If the gtt is empty and we're still having trouble
2664 * fitting our object in, we're out of memory.
2666 ret = i915_gem_evict_something(dev, obj->size, alignment);
2673 ret = i915_gem_object_get_pages(obj, gfpmask);
2675 drm_mm_put_block(obj_priv->gtt_space);
2676 obj_priv->gtt_space = NULL;
2678 if (ret == -ENOMEM) {
2679 /* first try to clear up some space from the GTT */
2680 ret = i915_gem_evict_something(dev, obj->size,
2683 /* now try to shrink everyone else */
2698 /* Create an AGP memory structure pointing at our pages, and bind it
2701 obj_priv->agp_mem = drm_agp_bind_pages(dev,
2703 obj->size >> PAGE_SHIFT,
2704 obj_priv->gtt_space->start,
2705 obj_priv->agp_type);
2706 if (obj_priv->agp_mem == NULL) {
2707 i915_gem_object_put_pages(obj);
2708 drm_mm_put_block(obj_priv->gtt_space);
2709 obj_priv->gtt_space = NULL;
2711 ret = i915_gem_evict_something(dev, obj->size, alignment);
2718 /* keep track of bounds object by adding it to the inactive list */
2719 list_add_tail(&obj_priv->mm_list, &dev_priv->mm.inactive_list);
2720 i915_gem_info_add_gtt(dev_priv, obj->size);
2722 /* Assert that the object is not currently in any GPU domain. As it
2723 * wasn't in the GTT, there shouldn't be any way it could have been in
2726 BUG_ON(obj->read_domains & I915_GEM_GPU_DOMAINS);
2727 BUG_ON(obj->write_domain & I915_GEM_GPU_DOMAINS);
2729 obj_priv->gtt_offset = obj_priv->gtt_space->start;
2730 trace_i915_gem_object_bind(obj, obj_priv->gtt_offset);
2736 i915_gem_clflush_object(struct drm_gem_object *obj)
2738 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2740 /* If we don't have a page list set up, then we're not pinned
2741 * to GPU, and we can ignore the cache flush because it'll happen
2742 * again at bind time.
2744 if (obj_priv->pages == NULL)
2747 trace_i915_gem_object_clflush(obj);
2749 drm_clflush_pages(obj_priv->pages, obj->size / PAGE_SIZE);
2752 /** Flushes any GPU write domain for the object if it's dirty. */
2754 i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj,
2757 struct drm_device *dev = obj->dev;
2758 uint32_t old_write_domain;
2760 if ((obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
2763 /* Queue the GPU write cache flushing we need. */
2764 old_write_domain = obj->write_domain;
2765 i915_gem_flush_ring(dev, NULL,
2766 to_intel_bo(obj)->ring,
2767 0, obj->write_domain);
2768 BUG_ON(obj->write_domain);
2770 trace_i915_gem_object_change_domain(obj,
2777 return i915_gem_object_wait_rendering(obj, true);
2780 /** Flushes the GTT write domain for the object if it's dirty. */
2782 i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj)
2784 uint32_t old_write_domain;
2786 if (obj->write_domain != I915_GEM_DOMAIN_GTT)
2789 /* No actual flushing is required for the GTT write domain. Writes
2790 * to it immediately go to main memory as far as we know, so there's
2791 * no chipset flush. It also doesn't land in render cache.
2793 old_write_domain = obj->write_domain;
2794 obj->write_domain = 0;
2796 trace_i915_gem_object_change_domain(obj,
2801 /** Flushes the CPU write domain for the object if it's dirty. */
2803 i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj)
2805 struct drm_device *dev = obj->dev;
2806 uint32_t old_write_domain;
2808 if (obj->write_domain != I915_GEM_DOMAIN_CPU)
2811 i915_gem_clflush_object(obj);
2812 drm_agp_chipset_flush(dev);
2813 old_write_domain = obj->write_domain;
2814 obj->write_domain = 0;
2816 trace_i915_gem_object_change_domain(obj,
2822 * Moves a single object to the GTT read, and possibly write domain.
2824 * This function returns when the move is complete, including waiting on
2828 i915_gem_object_set_to_gtt_domain(struct drm_gem_object *obj, int write)
2830 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2831 uint32_t old_write_domain, old_read_domains;
2834 /* Not valid to be called on unbound objects. */
2835 if (obj_priv->gtt_space == NULL)
2838 ret = i915_gem_object_flush_gpu_write_domain(obj, false);
2842 i915_gem_object_flush_cpu_write_domain(obj);
2845 ret = i915_gem_object_wait_rendering(obj, true);
2850 old_write_domain = obj->write_domain;
2851 old_read_domains = obj->read_domains;
2853 /* It should now be out of any other write domains, and we can update
2854 * the domain values for our changes.
2856 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_GTT) != 0);
2857 obj->read_domains |= I915_GEM_DOMAIN_GTT;
2859 obj->read_domains = I915_GEM_DOMAIN_GTT;
2860 obj->write_domain = I915_GEM_DOMAIN_GTT;
2861 obj_priv->dirty = 1;
2864 trace_i915_gem_object_change_domain(obj,
2872 * Prepare buffer for display plane. Use uninterruptible for possible flush
2873 * wait, as in modesetting process we're not supposed to be interrupted.
2876 i915_gem_object_set_to_display_plane(struct drm_gem_object *obj,
2879 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2880 uint32_t old_read_domains;
2883 /* Not valid to be called on unbound objects. */
2884 if (obj_priv->gtt_space == NULL)
2887 ret = i915_gem_object_flush_gpu_write_domain(obj, true);
2891 /* Currently, we are always called from an non-interruptible context. */
2893 ret = i915_gem_object_wait_rendering(obj, false);
2898 i915_gem_object_flush_cpu_write_domain(obj);
2900 old_read_domains = obj->read_domains;
2901 obj->read_domains |= I915_GEM_DOMAIN_GTT;
2903 trace_i915_gem_object_change_domain(obj,
2911 i915_gem_object_flush_gpu(struct drm_i915_gem_object *obj,
2917 if (obj->base.write_domain & I915_GEM_GPU_DOMAINS)
2918 i915_gem_flush_ring(obj->base.dev, NULL, obj->ring,
2919 0, obj->base.write_domain);
2921 return i915_gem_object_wait_rendering(&obj->base, interruptible);
2925 * Moves a single object to the CPU read, and possibly write domain.
2927 * This function returns when the move is complete, including waiting on
2931 i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj, int write)
2933 uint32_t old_write_domain, old_read_domains;
2936 ret = i915_gem_object_flush_gpu_write_domain(obj, false);
2940 i915_gem_object_flush_gtt_write_domain(obj);
2942 /* If we have a partially-valid cache of the object in the CPU,
2943 * finish invalidating it and free the per-page flags.
2945 i915_gem_object_set_to_full_cpu_read_domain(obj);
2948 ret = i915_gem_object_wait_rendering(obj, true);
2953 old_write_domain = obj->write_domain;
2954 old_read_domains = obj->read_domains;
2956 /* Flush the CPU cache if it's still invalid. */
2957 if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0) {
2958 i915_gem_clflush_object(obj);
2960 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2963 /* It should now be out of any other write domains, and we can update
2964 * the domain values for our changes.
2966 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2968 /* If we're writing through the CPU, then the GPU read domains will
2969 * need to be invalidated at next use.
2972 obj->read_domains = I915_GEM_DOMAIN_CPU;
2973 obj->write_domain = I915_GEM_DOMAIN_CPU;
2976 trace_i915_gem_object_change_domain(obj,
2984 * Set the next domain for the specified object. This
2985 * may not actually perform the necessary flushing/invaliding though,
2986 * as that may want to be batched with other set_domain operations
2988 * This is (we hope) the only really tricky part of gem. The goal
2989 * is fairly simple -- track which caches hold bits of the object
2990 * and make sure they remain coherent. A few concrete examples may
2991 * help to explain how it works. For shorthand, we use the notation
2992 * (read_domains, write_domain), e.g. (CPU, CPU) to indicate the
2993 * a pair of read and write domain masks.
2995 * Case 1: the batch buffer
3001 * 5. Unmapped from GTT
3004 * Let's take these a step at a time
3007 * Pages allocated from the kernel may still have
3008 * cache contents, so we set them to (CPU, CPU) always.
3009 * 2. Written by CPU (using pwrite)
3010 * The pwrite function calls set_domain (CPU, CPU) and
3011 * this function does nothing (as nothing changes)
3013 * This function asserts that the object is not
3014 * currently in any GPU-based read or write domains
3016 * i915_gem_execbuffer calls set_domain (COMMAND, 0).
3017 * As write_domain is zero, this function adds in the
3018 * current read domains (CPU+COMMAND, 0).
3019 * flush_domains is set to CPU.
3020 * invalidate_domains is set to COMMAND
3021 * clflush is run to get data out of the CPU caches
3022 * then i915_dev_set_domain calls i915_gem_flush to
3023 * emit an MI_FLUSH and drm_agp_chipset_flush
3024 * 5. Unmapped from GTT
3025 * i915_gem_object_unbind calls set_domain (CPU, CPU)
3026 * flush_domains and invalidate_domains end up both zero
3027 * so no flushing/invalidating happens
3031 * Case 2: The shared render buffer
3035 * 3. Read/written by GPU
3036 * 4. set_domain to (CPU,CPU)
3037 * 5. Read/written by CPU
3038 * 6. Read/written by GPU
3041 * Same as last example, (CPU, CPU)
3043 * Nothing changes (assertions find that it is not in the GPU)
3044 * 3. Read/written by GPU
3045 * execbuffer calls set_domain (RENDER, RENDER)
3046 * flush_domains gets CPU
3047 * invalidate_domains gets GPU
3049 * MI_FLUSH and drm_agp_chipset_flush
3050 * 4. set_domain (CPU, CPU)
3051 * flush_domains gets GPU
3052 * invalidate_domains gets CPU
3053 * wait_rendering (obj) to make sure all drawing is complete.
3054 * This will include an MI_FLUSH to get the data from GPU
3056 * clflush (obj) to invalidate the CPU cache
3057 * Another MI_FLUSH in i915_gem_flush (eliminate this somehow?)
3058 * 5. Read/written by CPU
3059 * cache lines are loaded and dirtied
3060 * 6. Read written by GPU
3061 * Same as last GPU access
3063 * Case 3: The constant buffer
3068 * 4. Updated (written) by CPU again
3077 * flush_domains = CPU
3078 * invalidate_domains = RENDER
3081 * drm_agp_chipset_flush
3082 * 4. Updated (written) by CPU again
3084 * flush_domains = 0 (no previous write domain)
3085 * invalidate_domains = 0 (no new read domains)
3088 * flush_domains = CPU
3089 * invalidate_domains = RENDER
3092 * drm_agp_chipset_flush
3095 i915_gem_object_set_to_gpu_domain(struct drm_gem_object *obj,
3096 struct intel_ring_buffer *ring)
3098 struct drm_device *dev = obj->dev;
3099 struct drm_i915_private *dev_priv = dev->dev_private;
3100 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
3101 uint32_t invalidate_domains = 0;
3102 uint32_t flush_domains = 0;
3103 uint32_t old_read_domains;
3105 intel_mark_busy(dev, obj);
3108 * If the object isn't moving to a new write domain,
3109 * let the object stay in multiple read domains
3111 if (obj->pending_write_domain == 0)
3112 obj->pending_read_domains |= obj->read_domains;
3114 obj_priv->dirty = 1;
3117 * Flush the current write domain if
3118 * the new read domains don't match. Invalidate
3119 * any read domains which differ from the old
3122 if (obj->write_domain &&
3123 (obj->write_domain != obj->pending_read_domains ||
3124 obj_priv->ring != ring)) {
3125 flush_domains |= obj->write_domain;
3126 invalidate_domains |=
3127 obj->pending_read_domains & ~obj->write_domain;
3130 * Invalidate any read caches which may have
3131 * stale data. That is, any new read domains.
3133 invalidate_domains |= obj->pending_read_domains & ~obj->read_domains;
3134 if ((flush_domains | invalidate_domains) & I915_GEM_DOMAIN_CPU)
3135 i915_gem_clflush_object(obj);
3137 old_read_domains = obj->read_domains;
3139 /* The actual obj->write_domain will be updated with
3140 * pending_write_domain after we emit the accumulated flush for all
3141 * of our domain changes in execbuffers (which clears objects'
3142 * write_domains). So if we have a current write domain that we
3143 * aren't changing, set pending_write_domain to that.
3145 if (flush_domains == 0 && obj->pending_write_domain == 0)
3146 obj->pending_write_domain = obj->write_domain;
3147 obj->read_domains = obj->pending_read_domains;
3149 dev->invalidate_domains |= invalidate_domains;
3150 dev->flush_domains |= flush_domains;
3151 if (flush_domains & I915_GEM_GPU_DOMAINS)
3152 dev_priv->mm.flush_rings |= obj_priv->ring->id;
3153 if (invalidate_domains & I915_GEM_GPU_DOMAINS)
3154 dev_priv->mm.flush_rings |= ring->id;
3156 trace_i915_gem_object_change_domain(obj,
3162 * Moves the object from a partially CPU read to a full one.
3164 * Note that this only resolves i915_gem_object_set_cpu_read_domain_range(),
3165 * and doesn't handle transitioning from !(read_domains & I915_GEM_DOMAIN_CPU).
3168 i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj)
3170 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
3172 if (!obj_priv->page_cpu_valid)
3175 /* If we're partially in the CPU read domain, finish moving it in.
3177 if (obj->read_domains & I915_GEM_DOMAIN_CPU) {
3180 for (i = 0; i <= (obj->size - 1) / PAGE_SIZE; i++) {
3181 if (obj_priv->page_cpu_valid[i])
3183 drm_clflush_pages(obj_priv->pages + i, 1);
3187 /* Free the page_cpu_valid mappings which are now stale, whether
3188 * or not we've got I915_GEM_DOMAIN_CPU.
3190 kfree(obj_priv->page_cpu_valid);
3191 obj_priv->page_cpu_valid = NULL;
3195 * Set the CPU read domain on a range of the object.
3197 * The object ends up with I915_GEM_DOMAIN_CPU in its read flags although it's
3198 * not entirely valid. The page_cpu_valid member of the object flags which
3199 * pages have been flushed, and will be respected by
3200 * i915_gem_object_set_to_cpu_domain() if it's called on to get a valid mapping
3201 * of the whole object.
3203 * This function returns when the move is complete, including waiting on
3207 i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
3208 uint64_t offset, uint64_t size)
3210 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
3211 uint32_t old_read_domains;
3214 if (offset == 0 && size == obj->size)
3215 return i915_gem_object_set_to_cpu_domain(obj, 0);
3217 ret = i915_gem_object_flush_gpu_write_domain(obj, false);
3220 i915_gem_object_flush_gtt_write_domain(obj);
3222 /* If we're already fully in the CPU read domain, we're done. */
3223 if (obj_priv->page_cpu_valid == NULL &&
3224 (obj->read_domains & I915_GEM_DOMAIN_CPU) != 0)
3227 /* Otherwise, create/clear the per-page CPU read domain flag if we're
3228 * newly adding I915_GEM_DOMAIN_CPU
3230 if (obj_priv->page_cpu_valid == NULL) {
3231 obj_priv->page_cpu_valid = kzalloc(obj->size / PAGE_SIZE,
3233 if (obj_priv->page_cpu_valid == NULL)
3235 } else if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0)
3236 memset(obj_priv->page_cpu_valid, 0, obj->size / PAGE_SIZE);
3238 /* Flush the cache on any pages that are still invalid from the CPU's
3241 for (i = offset / PAGE_SIZE; i <= (offset + size - 1) / PAGE_SIZE;
3243 if (obj_priv->page_cpu_valid[i])
3246 drm_clflush_pages(obj_priv->pages + i, 1);
3248 obj_priv->page_cpu_valid[i] = 1;
3251 /* It should now be out of any other write domains, and we can update
3252 * the domain values for our changes.
3254 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
3256 old_read_domains = obj->read_domains;
3257 obj->read_domains |= I915_GEM_DOMAIN_CPU;
3259 trace_i915_gem_object_change_domain(obj,
3267 * Pin an object to the GTT and evaluate the relocations landing in it.
3270 i915_gem_execbuffer_relocate(struct drm_i915_gem_object *obj,
3271 struct drm_file *file_priv,
3272 struct drm_i915_gem_exec_object2 *entry)
3274 struct drm_device *dev = obj->base.dev;
3275 drm_i915_private_t *dev_priv = dev->dev_private;
3276 struct drm_i915_gem_relocation_entry __user *user_relocs;
3277 struct drm_gem_object *target_obj = NULL;
3278 uint32_t target_handle = 0;
3281 user_relocs = (void __user *)(uintptr_t)entry->relocs_ptr;
3282 for (i = 0; i < entry->relocation_count; i++) {
3283 struct drm_i915_gem_relocation_entry reloc;
3284 uint32_t target_offset;
3286 if (__copy_from_user_inatomic(&reloc,
3293 if (reloc.target_handle != target_handle) {
3294 drm_gem_object_unreference(target_obj);
3296 target_obj = drm_gem_object_lookup(dev, file_priv,
3297 reloc.target_handle);
3298 if (target_obj == NULL) {
3303 target_handle = reloc.target_handle;
3305 target_offset = to_intel_bo(target_obj)->gtt_offset;
3308 DRM_INFO("%s: obj %p offset %08x target %d "
3309 "read %08x write %08x gtt %08x "
3310 "presumed %08x delta %08x\n",
3314 (int) reloc.target_handle,
3315 (int) reloc.read_domains,
3316 (int) reloc.write_domain,
3317 (int) target_offset,
3318 (int) reloc.presumed_offset,
3322 /* The target buffer should have appeared before us in the
3323 * exec_object list, so it should have a GTT space bound by now.
3325 if (target_offset == 0) {
3326 DRM_ERROR("No GTT space found for object %d\n",
3327 reloc.target_handle);
3332 /* Validate that the target is in a valid r/w GPU domain */
3333 if (reloc.write_domain & (reloc.write_domain - 1)) {
3334 DRM_ERROR("reloc with multiple write domains: "
3335 "obj %p target %d offset %d "
3336 "read %08x write %08x",
3337 obj, reloc.target_handle,
3340 reloc.write_domain);
3344 if (reloc.write_domain & I915_GEM_DOMAIN_CPU ||
3345 reloc.read_domains & I915_GEM_DOMAIN_CPU) {
3346 DRM_ERROR("reloc with read/write CPU domains: "
3347 "obj %p target %d offset %d "
3348 "read %08x write %08x",
3349 obj, reloc.target_handle,
3352 reloc.write_domain);
3356 if (reloc.write_domain && target_obj->pending_write_domain &&
3357 reloc.write_domain != target_obj->pending_write_domain) {
3358 DRM_ERROR("Write domain conflict: "
3359 "obj %p target %d offset %d "
3360 "new %08x old %08x\n",
3361 obj, reloc.target_handle,
3364 target_obj->pending_write_domain);
3369 target_obj->pending_read_domains |= reloc.read_domains;
3370 target_obj->pending_write_domain |= reloc.write_domain;
3372 /* If the relocation already has the right value in it, no
3373 * more work needs to be done.
3375 if (target_offset == reloc.presumed_offset)
3378 /* Check that the relocation address is valid... */
3379 if (reloc.offset > obj->base.size - 4) {
3380 DRM_ERROR("Relocation beyond object bounds: "
3381 "obj %p target %d offset %d size %d.\n",
3382 obj, reloc.target_handle,
3383 (int) reloc.offset, (int) obj->base.size);
3387 if (reloc.offset & 3) {
3388 DRM_ERROR("Relocation not 4-byte aligned: "
3389 "obj %p target %d offset %d.\n",
3390 obj, reloc.target_handle,
3391 (int) reloc.offset);
3396 /* and points to somewhere within the target object. */
3397 if (reloc.delta >= target_obj->size) {
3398 DRM_ERROR("Relocation beyond target object bounds: "
3399 "obj %p target %d delta %d size %d.\n",
3400 obj, reloc.target_handle,
3401 (int) reloc.delta, (int) target_obj->size);
3406 reloc.delta += target_offset;
3407 if (obj->base.write_domain == I915_GEM_DOMAIN_CPU) {
3408 uint32_t page_offset = reloc.offset & ~PAGE_MASK;
3411 vaddr = kmap_atomic(obj->pages[reloc.offset >> PAGE_SHIFT]);
3412 *(uint32_t *)(vaddr + page_offset) = reloc.delta;
3413 kunmap_atomic(vaddr);
3415 uint32_t __iomem *reloc_entry;
3416 void __iomem *reloc_page;
3418 ret = i915_gem_object_set_to_gtt_domain(&obj->base, 1);
3422 /* Map the page containing the relocation we're going to perform. */
3423 reloc.offset += obj->gtt_offset;
3424 reloc_page = io_mapping_map_atomic_wc(dev_priv->mm.gtt_mapping,
3425 reloc.offset & PAGE_MASK);
3426 reloc_entry = (uint32_t __iomem *)
3427 (reloc_page + (reloc.offset & ~PAGE_MASK));
3428 iowrite32(reloc.delta, reloc_entry);
3429 io_mapping_unmap_atomic(reloc_page);
3432 /* and update the user's relocation entry */
3433 reloc.presumed_offset = target_offset;
3434 if (__copy_to_user_inatomic(&user_relocs[i].presumed_offset,
3435 &reloc.presumed_offset,
3436 sizeof(reloc.presumed_offset))) {
3442 drm_gem_object_unreference(target_obj);
3447 i915_gem_execbuffer_pin(struct drm_device *dev,
3448 struct drm_file *file,
3449 struct drm_gem_object **object_list,
3450 struct drm_i915_gem_exec_object2 *exec_list,
3453 struct drm_i915_private *dev_priv = dev->dev_private;
3456 /* attempt to pin all of the buffers into the GTT */
3457 for (retry = 0; retry < 2; retry++) {
3459 for (i = 0; i < count; i++) {
3460 struct drm_i915_gem_exec_object2 *entry = &exec_list[i];
3461 struct drm_i915_gem_object *obj= to_intel_bo(object_list[i]);
3463 entry->flags & EXEC_OBJECT_NEEDS_FENCE &&
3464 obj->tiling_mode != I915_TILING_NONE;
3466 /* Check fence reg constraints and rebind if necessary */
3468 !i915_gem_object_fence_offset_ok(&obj->base,
3469 obj->tiling_mode)) {
3470 ret = i915_gem_object_unbind(&obj->base);
3475 ret = i915_gem_object_pin(&obj->base, entry->alignment);
3480 * Pre-965 chips need a fence register set up in order
3481 * to properly handle blits to/from tiled surfaces.
3484 ret = i915_gem_object_get_fence_reg(&obj->base, true);
3486 i915_gem_object_unpin(&obj->base);
3490 dev_priv->fence_regs[obj->fence_reg].gpu = true;
3493 entry->offset = obj->gtt_offset;
3497 i915_gem_object_unpin(object_list[i]);
3502 if (ret != -ENOSPC || retry)
3505 ret = i915_gem_evict_everything(dev);
3514 i915_gem_execbuffer_move_to_gpu(struct drm_device *dev,
3515 struct drm_file *file,
3516 struct intel_ring_buffer *ring,
3517 struct drm_gem_object **objects,
3520 struct drm_i915_private *dev_priv = dev->dev_private;
3523 /* Zero the global flush/invalidate flags. These
3524 * will be modified as new domains are computed
3527 dev->invalidate_domains = 0;
3528 dev->flush_domains = 0;
3529 dev_priv->mm.flush_rings = 0;
3530 for (i = 0; i < count; i++)
3531 i915_gem_object_set_to_gpu_domain(objects[i], ring);
3533 if (dev->invalidate_domains | dev->flush_domains) {
3535 DRM_INFO("%s: invalidate_domains %08x flush_domains %08x\n",
3537 dev->invalidate_domains,
3538 dev->flush_domains);
3540 i915_gem_flush(dev, file,
3541 dev->invalidate_domains,
3543 dev_priv->mm.flush_rings);
3546 for (i = 0; i < count; i++) {
3547 struct drm_i915_gem_object *obj = to_intel_bo(objects[i]);
3548 /* XXX replace with semaphores */
3549 if (obj->ring && ring != obj->ring) {
3550 ret = i915_gem_object_wait_rendering(&obj->base, true);
3559 /* Throttle our rendering by waiting until the ring has completed our requests
3560 * emitted over 20 msec ago.
3562 * Note that if we were to use the current jiffies each time around the loop,
3563 * we wouldn't escape the function with any frames outstanding if the time to
3564 * render a frame was over 20ms.
3566 * This should get us reasonable parallelism between CPU and GPU but also
3567 * relatively low latency when blocking on a particular request to finish.
3570 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file)
3572 struct drm_i915_private *dev_priv = dev->dev_private;
3573 struct drm_i915_file_private *file_priv = file->driver_priv;
3574 unsigned long recent_enough = jiffies - msecs_to_jiffies(20);
3575 struct drm_i915_gem_request *request;
3576 struct intel_ring_buffer *ring = NULL;
3580 spin_lock(&file_priv->mm.lock);
3581 list_for_each_entry(request, &file_priv->mm.request_list, client_list) {
3582 if (time_after_eq(request->emitted_jiffies, recent_enough))
3585 ring = request->ring;
3586 seqno = request->seqno;
3588 spin_unlock(&file_priv->mm.lock);
3594 if (!i915_seqno_passed(ring->get_seqno(dev, ring), seqno)) {
3595 /* And wait for the seqno passing without holding any locks and
3596 * causing extra latency for others. This is safe as the irq
3597 * generation is designed to be run atomically and so is
3600 ring->user_irq_get(dev, ring);
3601 ret = wait_event_interruptible(ring->irq_queue,
3602 i915_seqno_passed(ring->get_seqno(dev, ring), seqno)
3603 || atomic_read(&dev_priv->mm.wedged));
3604 ring->user_irq_put(dev, ring);
3606 if (ret == 0 && atomic_read(&dev_priv->mm.wedged))
3611 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, 0);
3617 i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec,
3618 uint64_t exec_offset)
3620 uint32_t exec_start, exec_len;
3622 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3623 exec_len = (uint32_t) exec->batch_len;
3625 if ((exec_start | exec_len) & 0x7)
3635 validate_exec_list(struct drm_i915_gem_exec_object2 *exec,
3640 for (i = 0; i < count; i++) {
3641 char __user *ptr = (char __user *)(uintptr_t)exec[i].relocs_ptr;
3642 size_t length = exec[i].relocation_count * sizeof(struct drm_i915_gem_relocation_entry);
3644 if (!access_ok(VERIFY_READ, ptr, length))
3647 /* we may also need to update the presumed offsets */
3648 if (!access_ok(VERIFY_WRITE, ptr, length))
3651 if (fault_in_pages_readable(ptr, length))
3659 i915_gem_do_execbuffer(struct drm_device *dev, void *data,
3660 struct drm_file *file,
3661 struct drm_i915_gem_execbuffer2 *args,
3662 struct drm_i915_gem_exec_object2 *exec_list)
3664 drm_i915_private_t *dev_priv = dev->dev_private;
3665 struct drm_gem_object **object_list = NULL;
3666 struct drm_gem_object *batch_obj;
3667 struct drm_i915_gem_object *obj_priv;
3668 struct drm_clip_rect *cliprects = NULL;
3669 struct drm_i915_gem_request *request = NULL;
3671 uint64_t exec_offset;
3673 struct intel_ring_buffer *ring = NULL;
3675 ret = i915_gem_check_is_wedged(dev);
3679 ret = validate_exec_list(exec_list, args->buffer_count);
3684 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
3685 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
3687 switch (args->flags & I915_EXEC_RING_MASK) {
3688 case I915_EXEC_DEFAULT:
3689 case I915_EXEC_RENDER:
3690 ring = &dev_priv->render_ring;
3693 if (!HAS_BSD(dev)) {
3694 DRM_ERROR("execbuf with invalid ring (BSD)\n");
3697 ring = &dev_priv->bsd_ring;
3700 if (!HAS_BLT(dev)) {
3701 DRM_ERROR("execbuf with invalid ring (BLT)\n");
3704 ring = &dev_priv->blt_ring;
3707 DRM_ERROR("execbuf with unknown ring: %d\n",
3708 (int)(args->flags & I915_EXEC_RING_MASK));
3712 if (args->buffer_count < 1) {
3713 DRM_ERROR("execbuf with %d buffers\n", args->buffer_count);
3716 object_list = drm_malloc_ab(sizeof(*object_list), args->buffer_count);
3717 if (object_list == NULL) {
3718 DRM_ERROR("Failed to allocate object list for %d buffers\n",
3719 args->buffer_count);
3724 if (args->num_cliprects != 0) {
3725 cliprects = kcalloc(args->num_cliprects, sizeof(*cliprects),
3727 if (cliprects == NULL) {
3732 ret = copy_from_user(cliprects,
3733 (struct drm_clip_rect __user *)
3734 (uintptr_t) args->cliprects_ptr,
3735 sizeof(*cliprects) * args->num_cliprects);
3737 DRM_ERROR("copy %d cliprects failed: %d\n",
3738 args->num_cliprects, ret);
3744 request = kzalloc(sizeof(*request), GFP_KERNEL);
3745 if (request == NULL) {
3750 ret = i915_mutex_lock_interruptible(dev);
3754 if (dev_priv->mm.suspended) {
3755 mutex_unlock(&dev->struct_mutex);
3760 /* Look up object handles */
3761 for (i = 0; i < args->buffer_count; i++) {
3762 object_list[i] = drm_gem_object_lookup(dev, file,
3763 exec_list[i].handle);
3764 if (object_list[i] == NULL) {
3765 DRM_ERROR("Invalid object handle %d at index %d\n",
3766 exec_list[i].handle, i);
3767 /* prevent error path from reading uninitialized data */
3768 args->buffer_count = i + 1;
3773 obj_priv = to_intel_bo(object_list[i]);
3774 if (obj_priv->in_execbuffer) {
3775 DRM_ERROR("Object %p appears more than once in object list\n",
3777 /* prevent error path from reading uninitialized data */
3778 args->buffer_count = i + 1;
3782 obj_priv->in_execbuffer = true;
3785 /* Move the objects en-masse into the GTT, evicting if necessary. */
3786 ret = i915_gem_execbuffer_pin(dev, file,
3787 object_list, exec_list,
3788 args->buffer_count);
3792 /* The objects are in their final locations, apply the relocations. */
3793 for (i = 0; i < args->buffer_count; i++) {
3794 struct drm_i915_gem_object *obj = to_intel_bo(object_list[i]);
3795 obj->base.pending_read_domains = 0;
3796 obj->base.pending_write_domain = 0;
3797 ret = i915_gem_execbuffer_relocate(obj, file, &exec_list[i]);
3802 /* Set the pending read domains for the batch buffer to COMMAND */
3803 batch_obj = object_list[args->buffer_count-1];
3804 if (batch_obj->pending_write_domain) {
3805 DRM_ERROR("Attempting to use self-modifying batch buffer\n");
3809 batch_obj->pending_read_domains |= I915_GEM_DOMAIN_COMMAND;
3811 /* Sanity check the batch buffer */
3812 exec_offset = to_intel_bo(batch_obj)->gtt_offset;
3813 ret = i915_gem_check_execbuffer(args, exec_offset);
3815 DRM_ERROR("execbuf with invalid offset/length\n");
3819 ret = i915_gem_execbuffer_move_to_gpu(dev, file, ring,
3820 object_list, args->buffer_count);
3824 for (i = 0; i < args->buffer_count; i++) {
3825 struct drm_gem_object *obj = object_list[i];
3826 uint32_t old_write_domain = obj->write_domain;
3827 obj->write_domain = obj->pending_write_domain;
3828 trace_i915_gem_object_change_domain(obj,
3834 for (i = 0; i < args->buffer_count; i++) {
3835 i915_gem_object_check_coherency(object_list[i],
3836 exec_list[i].handle);
3841 i915_gem_dump_object(batch_obj,
3847 /* Check for any pending flips. As we only maintain a flip queue depth
3848 * of 1, we can simply insert a WAIT for the next display flip prior
3849 * to executing the batch and avoid stalling the CPU.
3852 for (i = 0; i < args->buffer_count; i++) {
3853 if (object_list[i]->write_domain)
3854 flips |= atomic_read(&to_intel_bo(object_list[i])->pending_flip);
3857 int plane, flip_mask;
3859 for (plane = 0; flips >> plane; plane++) {
3860 if (((flips >> plane) & 1) == 0)
3864 flip_mask = MI_WAIT_FOR_PLANE_B_FLIP;
3866 flip_mask = MI_WAIT_FOR_PLANE_A_FLIP;
3868 intel_ring_begin(dev, ring, 2);
3869 intel_ring_emit(dev, ring,
3870 MI_WAIT_FOR_EVENT | flip_mask);
3871 intel_ring_emit(dev, ring, MI_NOOP);
3872 intel_ring_advance(dev, ring);
3876 /* Exec the batchbuffer */
3877 ret = ring->dispatch_gem_execbuffer(dev, ring, args,
3878 cliprects, exec_offset);
3880 DRM_ERROR("dispatch failed %d\n", ret);
3885 * Ensure that the commands in the batch buffer are
3886 * finished before the interrupt fires
3888 i915_retire_commands(dev, ring);
3890 for (i = 0; i < args->buffer_count; i++) {
3891 struct drm_gem_object *obj = object_list[i];
3893 i915_gem_object_move_to_active(obj, ring);
3894 if (obj->write_domain)
3895 list_move_tail(&to_intel_bo(obj)->gpu_write_list,
3896 &ring->gpu_write_list);
3899 i915_add_request(dev, file, request, ring);
3903 for (i = 0; i < args->buffer_count; i++) {
3904 if (object_list[i]) {
3905 obj_priv = to_intel_bo(object_list[i]);
3906 obj_priv->in_execbuffer = false;
3908 drm_gem_object_unreference(object_list[i]);
3911 mutex_unlock(&dev->struct_mutex);
3914 drm_free_large(object_list);
3922 * Legacy execbuffer just creates an exec2 list from the original exec object
3923 * list array and passes it to the real function.
3926 i915_gem_execbuffer(struct drm_device *dev, void *data,
3927 struct drm_file *file_priv)
3929 struct drm_i915_gem_execbuffer *args = data;
3930 struct drm_i915_gem_execbuffer2 exec2;
3931 struct drm_i915_gem_exec_object *exec_list = NULL;
3932 struct drm_i915_gem_exec_object2 *exec2_list = NULL;
3936 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
3937 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
3940 if (args->buffer_count < 1) {
3941 DRM_ERROR("execbuf with %d buffers\n", args->buffer_count);
3945 /* Copy in the exec list from userland */
3946 exec_list = drm_malloc_ab(sizeof(*exec_list), args->buffer_count);
3947 exec2_list = drm_malloc_ab(sizeof(*exec2_list), args->buffer_count);
3948 if (exec_list == NULL || exec2_list == NULL) {
3949 DRM_ERROR("Failed to allocate exec list for %d buffers\n",
3950 args->buffer_count);
3951 drm_free_large(exec_list);
3952 drm_free_large(exec2_list);
3955 ret = copy_from_user(exec_list,
3956 (struct drm_i915_relocation_entry __user *)
3957 (uintptr_t) args->buffers_ptr,
3958 sizeof(*exec_list) * args->buffer_count);
3960 DRM_ERROR("copy %d exec entries failed %d\n",
3961 args->buffer_count, ret);
3962 drm_free_large(exec_list);
3963 drm_free_large(exec2_list);
3967 for (i = 0; i < args->buffer_count; i++) {
3968 exec2_list[i].handle = exec_list[i].handle;
3969 exec2_list[i].relocation_count = exec_list[i].relocation_count;
3970 exec2_list[i].relocs_ptr = exec_list[i].relocs_ptr;
3971 exec2_list[i].alignment = exec_list[i].alignment;
3972 exec2_list[i].offset = exec_list[i].offset;
3973 if (INTEL_INFO(dev)->gen < 4)
3974 exec2_list[i].flags = EXEC_OBJECT_NEEDS_FENCE;
3976 exec2_list[i].flags = 0;
3979 exec2.buffers_ptr = args->buffers_ptr;
3980 exec2.buffer_count = args->buffer_count;
3981 exec2.batch_start_offset = args->batch_start_offset;
3982 exec2.batch_len = args->batch_len;
3983 exec2.DR1 = args->DR1;
3984 exec2.DR4 = args->DR4;
3985 exec2.num_cliprects = args->num_cliprects;
3986 exec2.cliprects_ptr = args->cliprects_ptr;
3987 exec2.flags = I915_EXEC_RENDER;
3989 ret = i915_gem_do_execbuffer(dev, data, file_priv, &exec2, exec2_list);
3991 /* Copy the new buffer offsets back to the user's exec list. */
3992 for (i = 0; i < args->buffer_count; i++)
3993 exec_list[i].offset = exec2_list[i].offset;
3994 /* ... and back out to userspace */
3995 ret = copy_to_user((struct drm_i915_relocation_entry __user *)
3996 (uintptr_t) args->buffers_ptr,
3998 sizeof(*exec_list) * args->buffer_count);
4001 DRM_ERROR("failed to copy %d exec entries "
4002 "back to user (%d)\n",
4003 args->buffer_count, ret);
4007 drm_free_large(exec_list);
4008 drm_free_large(exec2_list);
4013 i915_gem_execbuffer2(struct drm_device *dev, void *data,
4014 struct drm_file *file_priv)
4016 struct drm_i915_gem_execbuffer2 *args = data;
4017 struct drm_i915_gem_exec_object2 *exec2_list = NULL;
4021 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
4022 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
4025 if (args->buffer_count < 1) {
4026 DRM_ERROR("execbuf2 with %d buffers\n", args->buffer_count);
4030 exec2_list = drm_malloc_ab(sizeof(*exec2_list), args->buffer_count);
4031 if (exec2_list == NULL) {
4032 DRM_ERROR("Failed to allocate exec list for %d buffers\n",
4033 args->buffer_count);
4036 ret = copy_from_user(exec2_list,
4037 (struct drm_i915_relocation_entry __user *)
4038 (uintptr_t) args->buffers_ptr,
4039 sizeof(*exec2_list) * args->buffer_count);
4041 DRM_ERROR("copy %d exec entries failed %d\n",
4042 args->buffer_count, ret);
4043 drm_free_large(exec2_list);
4047 ret = i915_gem_do_execbuffer(dev, data, file_priv, args, exec2_list);
4049 /* Copy the new buffer offsets back to the user's exec list. */
4050 ret = copy_to_user((struct drm_i915_relocation_entry __user *)
4051 (uintptr_t) args->buffers_ptr,
4053 sizeof(*exec2_list) * args->buffer_count);
4056 DRM_ERROR("failed to copy %d exec entries "
4057 "back to user (%d)\n",
4058 args->buffer_count, ret);
4062 drm_free_large(exec2_list);
4067 i915_gem_object_pin(struct drm_gem_object *obj, uint32_t alignment)
4069 struct drm_device *dev = obj->dev;
4070 struct drm_i915_private *dev_priv = dev->dev_private;
4071 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4074 BUG_ON(obj_priv->pin_count == DRM_I915_GEM_OBJECT_MAX_PIN_COUNT);
4075 WARN_ON(i915_verify_lists(dev));
4077 if (obj_priv->gtt_space != NULL) {
4079 alignment = i915_gem_get_gtt_alignment(obj);
4080 if (obj_priv->gtt_offset & (alignment - 1)) {
4081 WARN(obj_priv->pin_count,
4082 "bo is already pinned with incorrect alignment: offset=%x, req.alignment=%x\n",
4083 obj_priv->gtt_offset, alignment);
4084 ret = i915_gem_object_unbind(obj);
4090 if (obj_priv->gtt_space == NULL) {
4091 ret = i915_gem_object_bind_to_gtt(obj, alignment);
4096 obj_priv->pin_count++;
4098 /* If the object is not active and not pending a flush,
4099 * remove it from the inactive list
4101 if (obj_priv->pin_count == 1) {
4102 i915_gem_info_add_pin(dev_priv, obj->size);
4103 if (!obj_priv->active)
4104 list_move_tail(&obj_priv->mm_list,
4105 &dev_priv->mm.pinned_list);
4108 WARN_ON(i915_verify_lists(dev));
4113 i915_gem_object_unpin(struct drm_gem_object *obj)
4115 struct drm_device *dev = obj->dev;
4116 drm_i915_private_t *dev_priv = dev->dev_private;
4117 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4119 WARN_ON(i915_verify_lists(dev));
4120 obj_priv->pin_count--;
4121 BUG_ON(obj_priv->pin_count < 0);
4122 BUG_ON(obj_priv->gtt_space == NULL);
4124 /* If the object is no longer pinned, and is
4125 * neither active nor being flushed, then stick it on
4128 if (obj_priv->pin_count == 0) {
4129 if (!obj_priv->active)
4130 list_move_tail(&obj_priv->mm_list,
4131 &dev_priv->mm.inactive_list);
4132 i915_gem_info_remove_pin(dev_priv, obj->size);
4134 WARN_ON(i915_verify_lists(dev));
4138 i915_gem_pin_ioctl(struct drm_device *dev, void *data,
4139 struct drm_file *file_priv)
4141 struct drm_i915_gem_pin *args = data;
4142 struct drm_gem_object *obj;
4143 struct drm_i915_gem_object *obj_priv;
4146 ret = i915_mutex_lock_interruptible(dev);
4150 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4155 obj_priv = to_intel_bo(obj);
4157 if (obj_priv->madv != I915_MADV_WILLNEED) {
4158 DRM_ERROR("Attempting to pin a purgeable buffer\n");
4163 if (obj_priv->pin_filp != NULL && obj_priv->pin_filp != file_priv) {
4164 DRM_ERROR("Already pinned in i915_gem_pin_ioctl(): %d\n",
4170 obj_priv->user_pin_count++;
4171 obj_priv->pin_filp = file_priv;
4172 if (obj_priv->user_pin_count == 1) {
4173 ret = i915_gem_object_pin(obj, args->alignment);
4178 /* XXX - flush the CPU caches for pinned objects
4179 * as the X server doesn't manage domains yet
4181 i915_gem_object_flush_cpu_write_domain(obj);
4182 args->offset = obj_priv->gtt_offset;
4184 drm_gem_object_unreference(obj);
4186 mutex_unlock(&dev->struct_mutex);
4191 i915_gem_unpin_ioctl(struct drm_device *dev, void *data,
4192 struct drm_file *file_priv)
4194 struct drm_i915_gem_pin *args = data;
4195 struct drm_gem_object *obj;
4196 struct drm_i915_gem_object *obj_priv;
4199 ret = i915_mutex_lock_interruptible(dev);
4203 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4208 obj_priv = to_intel_bo(obj);
4210 if (obj_priv->pin_filp != file_priv) {
4211 DRM_ERROR("Not pinned by caller in i915_gem_pin_ioctl(): %d\n",
4216 obj_priv->user_pin_count--;
4217 if (obj_priv->user_pin_count == 0) {
4218 obj_priv->pin_filp = NULL;
4219 i915_gem_object_unpin(obj);
4223 drm_gem_object_unreference(obj);
4225 mutex_unlock(&dev->struct_mutex);
4230 i915_gem_busy_ioctl(struct drm_device *dev, void *data,
4231 struct drm_file *file_priv)
4233 struct drm_i915_gem_busy *args = data;
4234 struct drm_gem_object *obj;
4235 struct drm_i915_gem_object *obj_priv;
4238 ret = i915_mutex_lock_interruptible(dev);
4242 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4247 obj_priv = to_intel_bo(obj);
4249 /* Count all active objects as busy, even if they are currently not used
4250 * by the gpu. Users of this interface expect objects to eventually
4251 * become non-busy without any further actions, therefore emit any
4252 * necessary flushes here.
4254 args->busy = obj_priv->active;
4256 /* Unconditionally flush objects, even when the gpu still uses this
4257 * object. Userspace calling this function indicates that it wants to
4258 * use this buffer rather sooner than later, so issuing the required
4259 * flush earlier is beneficial.
4261 if (obj->write_domain & I915_GEM_GPU_DOMAINS)
4262 i915_gem_flush_ring(dev, file_priv,
4264 0, obj->write_domain);
4266 /* Update the active list for the hardware's current position.
4267 * Otherwise this only updates on a delayed timer or when irqs
4268 * are actually unmasked, and our working set ends up being
4269 * larger than required.
4271 i915_gem_retire_requests_ring(dev, obj_priv->ring);
4273 args->busy = obj_priv->active;
4276 drm_gem_object_unreference(obj);
4278 mutex_unlock(&dev->struct_mutex);
4283 i915_gem_throttle_ioctl(struct drm_device *dev, void *data,
4284 struct drm_file *file_priv)
4286 return i915_gem_ring_throttle(dev, file_priv);
4290 i915_gem_madvise_ioctl(struct drm_device *dev, void *data,
4291 struct drm_file *file_priv)
4293 struct drm_i915_gem_madvise *args = data;
4294 struct drm_gem_object *obj;
4295 struct drm_i915_gem_object *obj_priv;
4298 switch (args->madv) {
4299 case I915_MADV_DONTNEED:
4300 case I915_MADV_WILLNEED:
4306 ret = i915_mutex_lock_interruptible(dev);
4310 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4315 obj_priv = to_intel_bo(obj);
4317 if (obj_priv->pin_count) {
4322 if (obj_priv->madv != __I915_MADV_PURGED)
4323 obj_priv->madv = args->madv;
4325 /* if the object is no longer bound, discard its backing storage */
4326 if (i915_gem_object_is_purgeable(obj_priv) &&
4327 obj_priv->gtt_space == NULL)
4328 i915_gem_object_truncate(obj);
4330 args->retained = obj_priv->madv != __I915_MADV_PURGED;
4333 drm_gem_object_unreference(obj);
4335 mutex_unlock(&dev->struct_mutex);
4339 struct drm_gem_object * i915_gem_alloc_object(struct drm_device *dev,
4342 struct drm_i915_private *dev_priv = dev->dev_private;
4343 struct drm_i915_gem_object *obj;
4345 obj = kzalloc(sizeof(*obj), GFP_KERNEL);
4349 if (drm_gem_object_init(dev, &obj->base, size) != 0) {
4354 i915_gem_info_add_obj(dev_priv, size);
4356 obj->base.write_domain = I915_GEM_DOMAIN_CPU;
4357 obj->base.read_domains = I915_GEM_DOMAIN_CPU;
4359 obj->agp_type = AGP_USER_MEMORY;
4360 obj->base.driver_private = NULL;
4361 obj->fence_reg = I915_FENCE_REG_NONE;
4362 INIT_LIST_HEAD(&obj->mm_list);
4363 INIT_LIST_HEAD(&obj->ring_list);
4364 INIT_LIST_HEAD(&obj->gpu_write_list);
4365 obj->madv = I915_MADV_WILLNEED;
4370 int i915_gem_init_object(struct drm_gem_object *obj)
4377 static void i915_gem_free_object_tail(struct drm_gem_object *obj)
4379 struct drm_device *dev = obj->dev;
4380 drm_i915_private_t *dev_priv = dev->dev_private;
4381 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4384 ret = i915_gem_object_unbind(obj);
4385 if (ret == -ERESTARTSYS) {
4386 list_move(&obj_priv->mm_list,
4387 &dev_priv->mm.deferred_free_list);
4391 if (obj_priv->mmap_offset)
4392 i915_gem_free_mmap_offset(obj);
4394 drm_gem_object_release(obj);
4395 i915_gem_info_remove_obj(dev_priv, obj->size);
4397 kfree(obj_priv->page_cpu_valid);
4398 kfree(obj_priv->bit_17);
4402 void i915_gem_free_object(struct drm_gem_object *obj)
4404 struct drm_device *dev = obj->dev;
4405 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4407 trace_i915_gem_object_destroy(obj);
4409 while (obj_priv->pin_count > 0)
4410 i915_gem_object_unpin(obj);
4412 if (obj_priv->phys_obj)
4413 i915_gem_detach_phys_object(dev, obj);
4415 i915_gem_free_object_tail(obj);
4419 i915_gem_idle(struct drm_device *dev)
4421 drm_i915_private_t *dev_priv = dev->dev_private;
4424 mutex_lock(&dev->struct_mutex);
4426 if (dev_priv->mm.suspended) {
4427 mutex_unlock(&dev->struct_mutex);
4431 ret = i915_gpu_idle(dev);
4433 mutex_unlock(&dev->struct_mutex);
4437 /* Under UMS, be paranoid and evict. */
4438 if (!drm_core_check_feature(dev, DRIVER_MODESET)) {
4439 ret = i915_gem_evict_inactive(dev);
4441 mutex_unlock(&dev->struct_mutex);
4446 /* Hack! Don't let anybody do execbuf while we don't control the chip.
4447 * We need to replace this with a semaphore, or something.
4448 * And not confound mm.suspended!
4450 dev_priv->mm.suspended = 1;
4451 del_timer_sync(&dev_priv->hangcheck_timer);
4453 i915_kernel_lost_context(dev);
4454 i915_gem_cleanup_ringbuffer(dev);
4456 mutex_unlock(&dev->struct_mutex);
4458 /* Cancel the retire work handler, which should be idle now. */
4459 cancel_delayed_work_sync(&dev_priv->mm.retire_work);
4465 * 965+ support PIPE_CONTROL commands, which provide finer grained control
4466 * over cache flushing.
4469 i915_gem_init_pipe_control(struct drm_device *dev)
4471 drm_i915_private_t *dev_priv = dev->dev_private;
4472 struct drm_gem_object *obj;
4473 struct drm_i915_gem_object *obj_priv;
4476 obj = i915_gem_alloc_object(dev, 4096);
4478 DRM_ERROR("Failed to allocate seqno page\n");
4482 obj_priv = to_intel_bo(obj);
4483 obj_priv->agp_type = AGP_USER_CACHED_MEMORY;
4485 ret = i915_gem_object_pin(obj, 4096);
4489 dev_priv->seqno_gfx_addr = obj_priv->gtt_offset;
4490 dev_priv->seqno_page = kmap(obj_priv->pages[0]);
4491 if (dev_priv->seqno_page == NULL)
4494 dev_priv->seqno_obj = obj;
4495 memset(dev_priv->seqno_page, 0, PAGE_SIZE);
4500 i915_gem_object_unpin(obj);
4502 drm_gem_object_unreference(obj);
4509 i915_gem_cleanup_pipe_control(struct drm_device *dev)
4511 drm_i915_private_t *dev_priv = dev->dev_private;
4512 struct drm_gem_object *obj;
4513 struct drm_i915_gem_object *obj_priv;
4515 obj = dev_priv->seqno_obj;
4516 obj_priv = to_intel_bo(obj);
4517 kunmap(obj_priv->pages[0]);
4518 i915_gem_object_unpin(obj);
4519 drm_gem_object_unreference(obj);
4520 dev_priv->seqno_obj = NULL;
4522 dev_priv->seqno_page = NULL;
4526 i915_gem_init_ringbuffer(struct drm_device *dev)
4528 drm_i915_private_t *dev_priv = dev->dev_private;
4531 if (HAS_PIPE_CONTROL(dev)) {
4532 ret = i915_gem_init_pipe_control(dev);
4537 ret = intel_init_render_ring_buffer(dev);
4539 goto cleanup_pipe_control;
4542 ret = intel_init_bsd_ring_buffer(dev);
4544 goto cleanup_render_ring;
4548 ret = intel_init_blt_ring_buffer(dev);
4550 goto cleanup_bsd_ring;
4553 dev_priv->next_seqno = 1;
4558 intel_cleanup_ring_buffer(dev, &dev_priv->bsd_ring);
4559 cleanup_render_ring:
4560 intel_cleanup_ring_buffer(dev, &dev_priv->render_ring);
4561 cleanup_pipe_control:
4562 if (HAS_PIPE_CONTROL(dev))
4563 i915_gem_cleanup_pipe_control(dev);
4568 i915_gem_cleanup_ringbuffer(struct drm_device *dev)
4570 drm_i915_private_t *dev_priv = dev->dev_private;
4572 intel_cleanup_ring_buffer(dev, &dev_priv->render_ring);
4573 intel_cleanup_ring_buffer(dev, &dev_priv->bsd_ring);
4574 intel_cleanup_ring_buffer(dev, &dev_priv->blt_ring);
4575 if (HAS_PIPE_CONTROL(dev))
4576 i915_gem_cleanup_pipe_control(dev);
4580 i915_gem_entervt_ioctl(struct drm_device *dev, void *data,
4581 struct drm_file *file_priv)
4583 drm_i915_private_t *dev_priv = dev->dev_private;
4586 if (drm_core_check_feature(dev, DRIVER_MODESET))
4589 if (atomic_read(&dev_priv->mm.wedged)) {
4590 DRM_ERROR("Reenabling wedged hardware, good luck\n");
4591 atomic_set(&dev_priv->mm.wedged, 0);
4594 mutex_lock(&dev->struct_mutex);
4595 dev_priv->mm.suspended = 0;
4597 ret = i915_gem_init_ringbuffer(dev);
4599 mutex_unlock(&dev->struct_mutex);
4603 BUG_ON(!list_empty(&dev_priv->mm.active_list));
4604 BUG_ON(!list_empty(&dev_priv->render_ring.active_list));
4605 BUG_ON(!list_empty(&dev_priv->bsd_ring.active_list));
4606 BUG_ON(!list_empty(&dev_priv->blt_ring.active_list));
4607 BUG_ON(!list_empty(&dev_priv->mm.flushing_list));
4608 BUG_ON(!list_empty(&dev_priv->mm.inactive_list));
4609 BUG_ON(!list_empty(&dev_priv->render_ring.request_list));
4610 BUG_ON(!list_empty(&dev_priv->bsd_ring.request_list));
4611 BUG_ON(!list_empty(&dev_priv->blt_ring.request_list));
4612 mutex_unlock(&dev->struct_mutex);
4614 ret = drm_irq_install(dev);
4616 goto cleanup_ringbuffer;
4621 mutex_lock(&dev->struct_mutex);
4622 i915_gem_cleanup_ringbuffer(dev);
4623 dev_priv->mm.suspended = 1;
4624 mutex_unlock(&dev->struct_mutex);
4630 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data,
4631 struct drm_file *file_priv)
4633 if (drm_core_check_feature(dev, DRIVER_MODESET))
4636 drm_irq_uninstall(dev);
4637 return i915_gem_idle(dev);
4641 i915_gem_lastclose(struct drm_device *dev)
4645 if (drm_core_check_feature(dev, DRIVER_MODESET))
4648 ret = i915_gem_idle(dev);
4650 DRM_ERROR("failed to idle hardware: %d\n", ret);
4654 init_ring_lists(struct intel_ring_buffer *ring)
4656 INIT_LIST_HEAD(&ring->active_list);
4657 INIT_LIST_HEAD(&ring->request_list);
4658 INIT_LIST_HEAD(&ring->gpu_write_list);
4662 i915_gem_load(struct drm_device *dev)
4665 drm_i915_private_t *dev_priv = dev->dev_private;
4667 INIT_LIST_HEAD(&dev_priv->mm.active_list);
4668 INIT_LIST_HEAD(&dev_priv->mm.flushing_list);
4669 INIT_LIST_HEAD(&dev_priv->mm.inactive_list);
4670 INIT_LIST_HEAD(&dev_priv->mm.pinned_list);
4671 INIT_LIST_HEAD(&dev_priv->mm.fence_list);
4672 INIT_LIST_HEAD(&dev_priv->mm.deferred_free_list);
4673 init_ring_lists(&dev_priv->render_ring);
4674 init_ring_lists(&dev_priv->bsd_ring);
4675 init_ring_lists(&dev_priv->blt_ring);
4676 for (i = 0; i < 16; i++)
4677 INIT_LIST_HEAD(&dev_priv->fence_regs[i].lru_list);
4678 INIT_DELAYED_WORK(&dev_priv->mm.retire_work,
4679 i915_gem_retire_work_handler);
4680 init_completion(&dev_priv->error_completion);
4681 spin_lock(&shrink_list_lock);
4682 list_add(&dev_priv->mm.shrink_list, &shrink_list);
4683 spin_unlock(&shrink_list_lock);
4685 /* On GEN3 we really need to make sure the ARB C3 LP bit is set */
4687 u32 tmp = I915_READ(MI_ARB_STATE);
4688 if (!(tmp & MI_ARB_C3_LP_WRITE_ENABLE)) {
4689 /* arb state is a masked write, so set bit + bit in mask */
4690 tmp = MI_ARB_C3_LP_WRITE_ENABLE | (MI_ARB_C3_LP_WRITE_ENABLE << MI_ARB_MASK_SHIFT);
4691 I915_WRITE(MI_ARB_STATE, tmp);
4695 /* Old X drivers will take 0-2 for front, back, depth buffers */
4696 if (!drm_core_check_feature(dev, DRIVER_MODESET))
4697 dev_priv->fence_reg_start = 3;
4699 if (INTEL_INFO(dev)->gen >= 4 || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4700 dev_priv->num_fence_regs = 16;
4702 dev_priv->num_fence_regs = 8;
4704 /* Initialize fence registers to zero */
4705 switch (INTEL_INFO(dev)->gen) {
4707 for (i = 0; i < 16; i++)
4708 I915_WRITE64(FENCE_REG_SANDYBRIDGE_0 + (i * 8), 0);
4712 for (i = 0; i < 16; i++)
4713 I915_WRITE64(FENCE_REG_965_0 + (i * 8), 0);
4716 if (IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4717 for (i = 0; i < 8; i++)
4718 I915_WRITE(FENCE_REG_945_8 + (i * 4), 0);
4720 for (i = 0; i < 8; i++)
4721 I915_WRITE(FENCE_REG_830_0 + (i * 4), 0);
4724 i915_gem_detect_bit_6_swizzle(dev);
4725 init_waitqueue_head(&dev_priv->pending_flip_queue);
4729 * Create a physically contiguous memory object for this object
4730 * e.g. for cursor + overlay regs
4732 static int i915_gem_init_phys_object(struct drm_device *dev,
4733 int id, int size, int align)
4735 drm_i915_private_t *dev_priv = dev->dev_private;
4736 struct drm_i915_gem_phys_object *phys_obj;
4739 if (dev_priv->mm.phys_objs[id - 1] || !size)
4742 phys_obj = kzalloc(sizeof(struct drm_i915_gem_phys_object), GFP_KERNEL);
4748 phys_obj->handle = drm_pci_alloc(dev, size, align);
4749 if (!phys_obj->handle) {
4754 set_memory_wc((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4757 dev_priv->mm.phys_objs[id - 1] = phys_obj;
4765 static void i915_gem_free_phys_object(struct drm_device *dev, int id)
4767 drm_i915_private_t *dev_priv = dev->dev_private;
4768 struct drm_i915_gem_phys_object *phys_obj;
4770 if (!dev_priv->mm.phys_objs[id - 1])
4773 phys_obj = dev_priv->mm.phys_objs[id - 1];
4774 if (phys_obj->cur_obj) {
4775 i915_gem_detach_phys_object(dev, phys_obj->cur_obj);
4779 set_memory_wb((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4781 drm_pci_free(dev, phys_obj->handle);
4783 dev_priv->mm.phys_objs[id - 1] = NULL;
4786 void i915_gem_free_all_phys_object(struct drm_device *dev)
4790 for (i = I915_GEM_PHYS_CURSOR_0; i <= I915_MAX_PHYS_OBJECT; i++)
4791 i915_gem_free_phys_object(dev, i);
4794 void i915_gem_detach_phys_object(struct drm_device *dev,
4795 struct drm_gem_object *obj)
4797 struct drm_i915_gem_object *obj_priv;
4802 obj_priv = to_intel_bo(obj);
4803 if (!obj_priv->phys_obj)
4806 ret = i915_gem_object_get_pages(obj, 0);
4810 page_count = obj->size / PAGE_SIZE;
4812 for (i = 0; i < page_count; i++) {
4813 char *dst = kmap_atomic(obj_priv->pages[i]);
4814 char *src = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4816 memcpy(dst, src, PAGE_SIZE);
4819 drm_clflush_pages(obj_priv->pages, page_count);
4820 drm_agp_chipset_flush(dev);
4822 i915_gem_object_put_pages(obj);
4824 obj_priv->phys_obj->cur_obj = NULL;
4825 obj_priv->phys_obj = NULL;
4829 i915_gem_attach_phys_object(struct drm_device *dev,
4830 struct drm_gem_object *obj,
4834 drm_i915_private_t *dev_priv = dev->dev_private;
4835 struct drm_i915_gem_object *obj_priv;
4840 if (id > I915_MAX_PHYS_OBJECT)
4843 obj_priv = to_intel_bo(obj);
4845 if (obj_priv->phys_obj) {
4846 if (obj_priv->phys_obj->id == id)
4848 i915_gem_detach_phys_object(dev, obj);
4851 /* create a new object */
4852 if (!dev_priv->mm.phys_objs[id - 1]) {
4853 ret = i915_gem_init_phys_object(dev, id,
4856 DRM_ERROR("failed to init phys object %d size: %zu\n", id, obj->size);
4861 /* bind to the object */
4862 obj_priv->phys_obj = dev_priv->mm.phys_objs[id - 1];
4863 obj_priv->phys_obj->cur_obj = obj;
4865 ret = i915_gem_object_get_pages(obj, 0);
4867 DRM_ERROR("failed to get page list\n");
4871 page_count = obj->size / PAGE_SIZE;
4873 for (i = 0; i < page_count; i++) {
4874 char *src = kmap_atomic(obj_priv->pages[i]);
4875 char *dst = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4877 memcpy(dst, src, PAGE_SIZE);
4881 i915_gem_object_put_pages(obj);
4889 i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
4890 struct drm_i915_gem_pwrite *args,
4891 struct drm_file *file_priv)
4893 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4894 void *vaddr = obj_priv->phys_obj->handle->vaddr + args->offset;
4895 char __user *user_data = (char __user *) (uintptr_t) args->data_ptr;
4897 DRM_DEBUG_DRIVER("vaddr %p, %lld\n", vaddr, args->size);
4899 if (__copy_from_user_inatomic_nocache(vaddr, user_data, args->size)) {
4900 unsigned long unwritten;
4902 /* The physical object once assigned is fixed for the lifetime
4903 * of the obj, so we can safely drop the lock and continue
4906 mutex_unlock(&dev->struct_mutex);
4907 unwritten = copy_from_user(vaddr, user_data, args->size);
4908 mutex_lock(&dev->struct_mutex);
4913 drm_agp_chipset_flush(dev);
4917 void i915_gem_release(struct drm_device *dev, struct drm_file *file)
4919 struct drm_i915_file_private *file_priv = file->driver_priv;
4921 /* Clean up our request list when the client is going away, so that
4922 * later retire_requests won't dereference our soon-to-be-gone
4925 spin_lock(&file_priv->mm.lock);
4926 while (!list_empty(&file_priv->mm.request_list)) {
4927 struct drm_i915_gem_request *request;
4929 request = list_first_entry(&file_priv->mm.request_list,
4930 struct drm_i915_gem_request,
4932 list_del(&request->client_list);
4933 request->file_priv = NULL;
4935 spin_unlock(&file_priv->mm.lock);
4939 i915_gpu_is_active(struct drm_device *dev)
4941 drm_i915_private_t *dev_priv = dev->dev_private;
4944 lists_empty = list_empty(&dev_priv->mm.flushing_list) &&
4945 list_empty(&dev_priv->mm.active_list);
4947 return !lists_empty;
4951 i915_gem_shrink(struct shrinker *shrink, int nr_to_scan, gfp_t gfp_mask)
4953 drm_i915_private_t *dev_priv, *next_dev;
4954 struct drm_i915_gem_object *obj_priv, *next_obj;
4956 int would_deadlock = 1;
4958 /* "fast-path" to count number of available objects */
4959 if (nr_to_scan == 0) {
4960 spin_lock(&shrink_list_lock);
4961 list_for_each_entry(dev_priv, &shrink_list, mm.shrink_list) {
4962 struct drm_device *dev = dev_priv->dev;
4964 if (mutex_trylock(&dev->struct_mutex)) {
4965 list_for_each_entry(obj_priv,
4966 &dev_priv->mm.inactive_list,
4969 mutex_unlock(&dev->struct_mutex);
4972 spin_unlock(&shrink_list_lock);
4974 return (cnt / 100) * sysctl_vfs_cache_pressure;
4977 spin_lock(&shrink_list_lock);
4980 /* first scan for clean buffers */
4981 list_for_each_entry_safe(dev_priv, next_dev,
4982 &shrink_list, mm.shrink_list) {
4983 struct drm_device *dev = dev_priv->dev;
4985 if (! mutex_trylock(&dev->struct_mutex))
4988 spin_unlock(&shrink_list_lock);
4989 i915_gem_retire_requests(dev);
4991 list_for_each_entry_safe(obj_priv, next_obj,
4992 &dev_priv->mm.inactive_list,
4994 if (i915_gem_object_is_purgeable(obj_priv)) {
4995 i915_gem_object_unbind(&obj_priv->base);
4996 if (--nr_to_scan <= 0)
5001 spin_lock(&shrink_list_lock);
5002 mutex_unlock(&dev->struct_mutex);
5006 if (nr_to_scan <= 0)
5010 /* second pass, evict/count anything still on the inactive list */
5011 list_for_each_entry_safe(dev_priv, next_dev,
5012 &shrink_list, mm.shrink_list) {
5013 struct drm_device *dev = dev_priv->dev;
5015 if (! mutex_trylock(&dev->struct_mutex))
5018 spin_unlock(&shrink_list_lock);
5020 list_for_each_entry_safe(obj_priv, next_obj,
5021 &dev_priv->mm.inactive_list,
5023 if (nr_to_scan > 0) {
5024 i915_gem_object_unbind(&obj_priv->base);
5030 spin_lock(&shrink_list_lock);
5031 mutex_unlock(&dev->struct_mutex);
5040 * We are desperate for pages, so as a last resort, wait
5041 * for the GPU to finish and discard whatever we can.
5042 * This has a dramatic impact to reduce the number of
5043 * OOM-killer events whilst running the GPU aggressively.
5045 list_for_each_entry(dev_priv, &shrink_list, mm.shrink_list) {
5046 struct drm_device *dev = dev_priv->dev;
5048 if (!mutex_trylock(&dev->struct_mutex))
5051 spin_unlock(&shrink_list_lock);
5053 if (i915_gpu_is_active(dev)) {
5058 spin_lock(&shrink_list_lock);
5059 mutex_unlock(&dev->struct_mutex);
5066 spin_unlock(&shrink_list_lock);
5071 return (cnt / 100) * sysctl_vfs_cache_pressure;
5076 static struct shrinker shrinker = {
5077 .shrink = i915_gem_shrink,
5078 .seeks = DEFAULT_SEEKS,
5082 i915_gem_shrinker_init(void)
5084 register_shrinker(&shrinker);
5088 i915_gem_shrinker_exit(void)
5090 unregister_shrinker(&shrinker);
git.openpandora.org / pandora-kernel.git / blob