2 * Copyright (c) 2006, Intel Corporation.
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms and conditions of the GNU General Public License,
6 * version 2, as published by the Free Software Foundation.
8 * This program is distributed in the hope it will be useful, but WITHOUT
9 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
10 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * You should have received a copy of the GNU General Public License along with
14 * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
15 * Place - Suite 330, Boston, MA 02111-1307 USA.
17 * Copyright (C) 2006-2008 Intel Corporation
18 * Author: Ashok Raj <ashok.raj@intel.com>
19 * Author: Shaohua Li <shaohua.li@intel.com>
20 * Author: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
21 * Author: Fenghua Yu <fenghua.yu@intel.com>
24 #include <linux/init.h>
25 #include <linux/bitmap.h>
26 #include <linux/debugfs.h>
27 #include <linux/slab.h>
28 #include <linux/irq.h>
29 #include <linux/interrupt.h>
30 #include <linux/spinlock.h>
31 #include <linux/pci.h>
32 #include <linux/dmar.h>
33 #include <linux/dma-mapping.h>
34 #include <linux/mempool.h>
35 #include <linux/timer.h>
36 #include <linux/iova.h>
37 #include <linux/iommu.h>
38 #include <linux/intel-iommu.h>
39 #include <linux/syscore_ops.h>
40 #include <linux/tboot.h>
41 #include <linux/dmi.h>
42 #include <linux/pci-ats.h>
43 #include <asm/cacheflush.h>
44 #include <asm/iommu.h>
47 #define ROOT_SIZE VTD_PAGE_SIZE
48 #define CONTEXT_SIZE VTD_PAGE_SIZE
50 #define IS_BRIDGE_HOST_DEVICE(pdev) \
51 ((pdev->class >> 8) == PCI_CLASS_BRIDGE_HOST)
52 #define IS_GFX_DEVICE(pdev) ((pdev->class >> 16) == PCI_BASE_CLASS_DISPLAY)
53 #define IS_ISA_DEVICE(pdev) ((pdev->class >> 8) == PCI_CLASS_BRIDGE_ISA)
54 #define IS_AZALIA(pdev) ((pdev)->vendor == 0x8086 && (pdev)->device == 0x3a3e)
56 #define IOAPIC_RANGE_START (0xfee00000)
57 #define IOAPIC_RANGE_END (0xfeefffff)
58 #define IOVA_START_ADDR (0x1000)
60 #define DEFAULT_DOMAIN_ADDRESS_WIDTH 48
62 #define MAX_AGAW_WIDTH 64
64 #define __DOMAIN_MAX_PFN(gaw) ((((uint64_t)1) << (gaw-VTD_PAGE_SHIFT)) - 1)
65 #define __DOMAIN_MAX_ADDR(gaw) ((((uint64_t)1) << gaw) - 1)
67 /* We limit DOMAIN_MAX_PFN to fit in an unsigned long, and DOMAIN_MAX_ADDR
68 to match. That way, we can use 'unsigned long' for PFNs with impunity. */
69 #define DOMAIN_MAX_PFN(gaw) ((unsigned long) min_t(uint64_t, \
70 __DOMAIN_MAX_PFN(gaw), (unsigned long)-1))
71 #define DOMAIN_MAX_ADDR(gaw) (((uint64_t)__DOMAIN_MAX_PFN(gaw)) << VTD_PAGE_SHIFT)
73 #define IOVA_PFN(addr) ((addr) >> PAGE_SHIFT)
74 #define DMA_32BIT_PFN IOVA_PFN(DMA_BIT_MASK(32))
75 #define DMA_64BIT_PFN IOVA_PFN(DMA_BIT_MASK(64))
77 /* page table handling */
78 #define LEVEL_STRIDE (9)
79 #define LEVEL_MASK (((u64)1 << LEVEL_STRIDE) - 1)
81 static inline int agaw_to_level(int agaw)
86 static inline int agaw_to_width(int agaw)
88 return 30 + agaw * LEVEL_STRIDE;
91 static inline int width_to_agaw(int width)
93 return (width - 30) / LEVEL_STRIDE;
96 static inline unsigned int level_to_offset_bits(int level)
98 return (level - 1) * LEVEL_STRIDE;
101 static inline int pfn_level_offset(unsigned long pfn, int level)
103 return (pfn >> level_to_offset_bits(level)) & LEVEL_MASK;
106 static inline unsigned long level_mask(int level)
108 return -1UL << level_to_offset_bits(level);
111 static inline unsigned long level_size(int level)
113 return 1UL << level_to_offset_bits(level);
116 static inline unsigned long align_to_level(unsigned long pfn, int level)
118 return (pfn + level_size(level) - 1) & level_mask(level);
121 static inline unsigned long lvl_to_nr_pages(unsigned int lvl)
123 return 1 << ((lvl - 1) * LEVEL_STRIDE);
126 /* VT-d pages must always be _smaller_ than MM pages. Otherwise things
127 are never going to work. */
128 static inline unsigned long dma_to_mm_pfn(unsigned long dma_pfn)
130 return dma_pfn >> (PAGE_SHIFT - VTD_PAGE_SHIFT);
133 static inline unsigned long mm_to_dma_pfn(unsigned long mm_pfn)
135 return mm_pfn << (PAGE_SHIFT - VTD_PAGE_SHIFT);
137 static inline unsigned long page_to_dma_pfn(struct page *pg)
139 return mm_to_dma_pfn(page_to_pfn(pg));
141 static inline unsigned long virt_to_dma_pfn(void *p)
143 return page_to_dma_pfn(virt_to_page(p));
146 /* global iommu list, set NULL for ignored DMAR units */
147 static struct intel_iommu **g_iommus;
149 static void __init check_tylersburg_isoch(void);
150 static int rwbf_quirk;
153 * set to 1 to panic kernel if can't successfully enable VT-d
154 * (used when kernel is launched w/ TXT)
156 static int force_on = 0;
161 * 12-63: Context Ptr (12 - (haw-1))
168 #define ROOT_ENTRY_NR (VTD_PAGE_SIZE/sizeof(struct root_entry))
169 static inline bool root_present(struct root_entry *root)
171 return (root->val & 1);
173 static inline void set_root_present(struct root_entry *root)
177 static inline void set_root_value(struct root_entry *root, unsigned long value)
179 root->val |= value & VTD_PAGE_MASK;
182 static inline struct context_entry *
183 get_context_addr_from_root(struct root_entry *root)
185 return (struct context_entry *)
186 (root_present(root)?phys_to_virt(
187 root->val & VTD_PAGE_MASK) :
194 * 1: fault processing disable
195 * 2-3: translation type
196 * 12-63: address space root
202 struct context_entry {
207 static inline bool context_present(struct context_entry *context)
209 return (context->lo & 1);
211 static inline void context_set_present(struct context_entry *context)
216 static inline void context_set_fault_enable(struct context_entry *context)
218 context->lo &= (((u64)-1) << 2) | 1;
221 static inline void context_set_translation_type(struct context_entry *context,
224 context->lo &= (((u64)-1) << 4) | 3;
225 context->lo |= (value & 3) << 2;
228 static inline void context_set_address_root(struct context_entry *context,
231 context->lo |= value & VTD_PAGE_MASK;
234 static inline void context_set_address_width(struct context_entry *context,
237 context->hi |= value & 7;
240 static inline void context_set_domain_id(struct context_entry *context,
243 context->hi |= (value & ((1 << 16) - 1)) << 8;
246 static inline void context_clear_entry(struct context_entry *context)
259 * 12-63: Host physcial address
265 static inline void dma_clear_pte(struct dma_pte *pte)
270 static inline void dma_set_pte_readable(struct dma_pte *pte)
272 pte->val |= DMA_PTE_READ;
275 static inline void dma_set_pte_writable(struct dma_pte *pte)
277 pte->val |= DMA_PTE_WRITE;
280 static inline void dma_set_pte_snp(struct dma_pte *pte)
282 pte->val |= DMA_PTE_SNP;
285 static inline void dma_set_pte_prot(struct dma_pte *pte, unsigned long prot)
287 pte->val = (pte->val & ~3) | (prot & 3);
290 static inline u64 dma_pte_addr(struct dma_pte *pte)
293 return pte->val & VTD_PAGE_MASK;
295 /* Must have a full atomic 64-bit read */
296 return __cmpxchg64(&pte->val, 0ULL, 0ULL) & VTD_PAGE_MASK;
300 static inline void dma_set_pte_pfn(struct dma_pte *pte, unsigned long pfn)
302 pte->val |= (uint64_t)pfn << VTD_PAGE_SHIFT;
305 static inline bool dma_pte_present(struct dma_pte *pte)
307 return (pte->val & 3) != 0;
310 static inline int first_pte_in_page(struct dma_pte *pte)
312 return !((unsigned long)pte & ~VTD_PAGE_MASK);
316 * This domain is a statically identity mapping domain.
317 * 1. This domain creats a static 1:1 mapping to all usable memory.
318 * 2. It maps to each iommu if successful.
319 * 3. Each iommu mapps to this domain if successful.
321 static struct dmar_domain *si_domain;
322 static int hw_pass_through = 1;
324 /* devices under the same p2p bridge are owned in one domain */
325 #define DOMAIN_FLAG_P2P_MULTIPLE_DEVICES (1 << 0)
327 /* domain represents a virtual machine, more than one devices
328 * across iommus may be owned in one domain, e.g. kvm guest.
330 #define DOMAIN_FLAG_VIRTUAL_MACHINE (1 << 1)
332 /* si_domain contains mulitple devices */
333 #define DOMAIN_FLAG_STATIC_IDENTITY (1 << 2)
336 int id; /* domain id */
337 int nid; /* node id */
338 unsigned long iommu_bmp; /* bitmap of iommus this domain uses*/
340 struct list_head devices; /* all devices' list */
341 struct iova_domain iovad; /* iova's that belong to this domain */
343 struct dma_pte *pgd; /* virtual address */
344 int gaw; /* max guest address width */
346 /* adjusted guest address width, 0 is level 2 30-bit */
349 int flags; /* flags to find out type of domain */
351 int iommu_coherency;/* indicate coherency of iommu access */
352 int iommu_snooping; /* indicate snooping control feature*/
353 int iommu_count; /* reference count of iommu */
354 int iommu_superpage;/* Level of superpages supported:
355 0 == 4KiB (no superpages), 1 == 2MiB,
356 2 == 1GiB, 3 == 512GiB, 4 == 1TiB */
357 spinlock_t iommu_lock; /* protect iommu set in domain */
358 u64 max_addr; /* maximum mapped address */
361 /* PCI domain-device relationship */
362 struct device_domain_info {
363 struct list_head link; /* link to domain siblings */
364 struct list_head global; /* link to global list */
365 int segment; /* PCI domain */
366 u8 bus; /* PCI bus number */
367 u8 devfn; /* PCI devfn number */
368 struct pci_dev *dev; /* it's NULL for PCIe-to-PCI bridge */
369 struct intel_iommu *iommu; /* IOMMU used by this device */
370 struct dmar_domain *domain; /* pointer to domain */
373 static void flush_unmaps_timeout(unsigned long data);
375 DEFINE_TIMER(unmap_timer, flush_unmaps_timeout, 0, 0);
377 #define HIGH_WATER_MARK 250
378 struct deferred_flush_tables {
380 struct iova *iova[HIGH_WATER_MARK];
381 struct dmar_domain *domain[HIGH_WATER_MARK];
384 static struct deferred_flush_tables *deferred_flush;
386 /* bitmap for indexing intel_iommus */
387 static int g_num_of_iommus;
389 static DEFINE_SPINLOCK(async_umap_flush_lock);
390 static LIST_HEAD(unmaps_to_do);
393 static long list_size;
395 static void domain_remove_dev_info(struct dmar_domain *domain);
397 #ifdef CONFIG_DMAR_DEFAULT_ON
398 int dmar_disabled = 0;
400 int dmar_disabled = 1;
401 #endif /*CONFIG_DMAR_DEFAULT_ON*/
403 static int dmar_map_gfx = 1;
404 static int dmar_forcedac;
405 static int intel_iommu_strict;
406 static int intel_iommu_superpage = 1;
408 #define DUMMY_DEVICE_DOMAIN_INFO ((struct device_domain_info *)(-1))
409 static DEFINE_SPINLOCK(device_domain_lock);
410 static LIST_HEAD(device_domain_list);
412 static struct iommu_ops intel_iommu_ops;
414 static int __init intel_iommu_setup(char *str)
419 if (!strncmp(str, "on", 2)) {
421 printk(KERN_INFO "Intel-IOMMU: enabled\n");
422 } else if (!strncmp(str, "off", 3)) {
424 printk(KERN_INFO "Intel-IOMMU: disabled\n");
425 } else if (!strncmp(str, "igfx_off", 8)) {
428 "Intel-IOMMU: disable GFX device mapping\n");
429 } else if (!strncmp(str, "forcedac", 8)) {
431 "Intel-IOMMU: Forcing DAC for PCI devices\n");
433 } else if (!strncmp(str, "strict", 6)) {
435 "Intel-IOMMU: disable batched IOTLB flush\n");
436 intel_iommu_strict = 1;
437 } else if (!strncmp(str, "sp_off", 6)) {
439 "Intel-IOMMU: disable supported super page\n");
440 intel_iommu_superpage = 0;
443 str += strcspn(str, ",");
449 __setup("intel_iommu=", intel_iommu_setup);
451 static struct kmem_cache *iommu_domain_cache;
452 static struct kmem_cache *iommu_devinfo_cache;
453 static struct kmem_cache *iommu_iova_cache;
455 static inline void *alloc_pgtable_page(int node)
460 page = alloc_pages_node(node, GFP_ATOMIC | __GFP_ZERO, 0);
462 vaddr = page_address(page);
466 static inline void free_pgtable_page(void *vaddr)
468 free_page((unsigned long)vaddr);
471 static inline void *alloc_domain_mem(void)
473 return kmem_cache_alloc(iommu_domain_cache, GFP_ATOMIC);
476 static void free_domain_mem(void *vaddr)
478 kmem_cache_free(iommu_domain_cache, vaddr);
481 static inline void * alloc_devinfo_mem(void)
483 return kmem_cache_alloc(iommu_devinfo_cache, GFP_ATOMIC);
486 static inline void free_devinfo_mem(void *vaddr)
488 kmem_cache_free(iommu_devinfo_cache, vaddr);
491 struct iova *alloc_iova_mem(void)
493 return kmem_cache_alloc(iommu_iova_cache, GFP_ATOMIC);
496 void free_iova_mem(struct iova *iova)
498 kmem_cache_free(iommu_iova_cache, iova);
502 static int __iommu_calculate_agaw(struct intel_iommu *iommu, int max_gaw)
507 sagaw = cap_sagaw(iommu->cap);
508 for (agaw = width_to_agaw(max_gaw);
510 if (test_bit(agaw, &sagaw))
518 * Calculate max SAGAW for each iommu.
520 int iommu_calculate_max_sagaw(struct intel_iommu *iommu)
522 return __iommu_calculate_agaw(iommu, MAX_AGAW_WIDTH);
526 * calculate agaw for each iommu.
527 * "SAGAW" may be different across iommus, use a default agaw, and
528 * get a supported less agaw for iommus that don't support the default agaw.
530 int iommu_calculate_agaw(struct intel_iommu *iommu)
532 return __iommu_calculate_agaw(iommu, DEFAULT_DOMAIN_ADDRESS_WIDTH);
535 /* This functionin only returns single iommu in a domain */
536 static struct intel_iommu *domain_get_iommu(struct dmar_domain *domain)
540 /* si_domain and vm domain should not get here. */
541 BUG_ON(domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE);
542 BUG_ON(domain->flags & DOMAIN_FLAG_STATIC_IDENTITY);
544 iommu_id = find_first_bit(&domain->iommu_bmp, g_num_of_iommus);
545 if (iommu_id < 0 || iommu_id >= g_num_of_iommus)
548 return g_iommus[iommu_id];
551 static void domain_update_iommu_coherency(struct dmar_domain *domain)
555 domain->iommu_coherency = 1;
557 for_each_set_bit(i, &domain->iommu_bmp, g_num_of_iommus) {
558 if (!ecap_coherent(g_iommus[i]->ecap)) {
559 domain->iommu_coherency = 0;
565 static void domain_update_iommu_snooping(struct dmar_domain *domain)
569 domain->iommu_snooping = 1;
571 for_each_set_bit(i, &domain->iommu_bmp, g_num_of_iommus) {
572 if (!ecap_sc_support(g_iommus[i]->ecap)) {
573 domain->iommu_snooping = 0;
579 static void domain_update_iommu_superpage(struct dmar_domain *domain)
583 if (!intel_iommu_superpage) {
584 domain->iommu_superpage = 0;
588 domain->iommu_superpage = 4; /* 1TiB */
590 for_each_set_bit(i, &domain->iommu_bmp, g_num_of_iommus) {
591 mask |= cap_super_page_val(g_iommus[i]->cap);
596 domain->iommu_superpage = fls(mask);
599 /* Some capabilities may be different across iommus */
600 static void domain_update_iommu_cap(struct dmar_domain *domain)
602 domain_update_iommu_coherency(domain);
603 domain_update_iommu_snooping(domain);
604 domain_update_iommu_superpage(domain);
607 static struct intel_iommu *device_to_iommu(int segment, u8 bus, u8 devfn)
609 struct dmar_drhd_unit *drhd = NULL;
612 for_each_drhd_unit(drhd) {
615 if (segment != drhd->segment)
618 for (i = 0; i < drhd->devices_cnt; i++) {
619 if (drhd->devices[i] &&
620 drhd->devices[i]->bus->number == bus &&
621 drhd->devices[i]->devfn == devfn)
623 if (drhd->devices[i] &&
624 drhd->devices[i]->subordinate &&
625 drhd->devices[i]->subordinate->number <= bus &&
626 drhd->devices[i]->subordinate->subordinate >= bus)
630 if (drhd->include_all)
637 static void domain_flush_cache(struct dmar_domain *domain,
638 void *addr, int size)
640 if (!domain->iommu_coherency)
641 clflush_cache_range(addr, size);
644 /* Gets context entry for a given bus and devfn */
645 static struct context_entry * device_to_context_entry(struct intel_iommu *iommu,
648 struct root_entry *root;
649 struct context_entry *context;
650 unsigned long phy_addr;
653 spin_lock_irqsave(&iommu->lock, flags);
654 root = &iommu->root_entry[bus];
655 context = get_context_addr_from_root(root);
657 context = (struct context_entry *)
658 alloc_pgtable_page(iommu->node);
660 spin_unlock_irqrestore(&iommu->lock, flags);
663 __iommu_flush_cache(iommu, (void *)context, CONTEXT_SIZE);
664 phy_addr = virt_to_phys((void *)context);
665 set_root_value(root, phy_addr);
666 set_root_present(root);
667 __iommu_flush_cache(iommu, root, sizeof(*root));
669 spin_unlock_irqrestore(&iommu->lock, flags);
670 return &context[devfn];
673 static int device_context_mapped(struct intel_iommu *iommu, u8 bus, u8 devfn)
675 struct root_entry *root;
676 struct context_entry *context;
680 spin_lock_irqsave(&iommu->lock, flags);
681 root = &iommu->root_entry[bus];
682 context = get_context_addr_from_root(root);
687 ret = context_present(&context[devfn]);
689 spin_unlock_irqrestore(&iommu->lock, flags);
693 static void clear_context_table(struct intel_iommu *iommu, u8 bus, u8 devfn)
695 struct root_entry *root;
696 struct context_entry *context;
699 spin_lock_irqsave(&iommu->lock, flags);
700 root = &iommu->root_entry[bus];
701 context = get_context_addr_from_root(root);
703 context_clear_entry(&context[devfn]);
704 __iommu_flush_cache(iommu, &context[devfn], \
707 spin_unlock_irqrestore(&iommu->lock, flags);
710 static void free_context_table(struct intel_iommu *iommu)
712 struct root_entry *root;
715 struct context_entry *context;
717 spin_lock_irqsave(&iommu->lock, flags);
718 if (!iommu->root_entry) {
721 for (i = 0; i < ROOT_ENTRY_NR; i++) {
722 root = &iommu->root_entry[i];
723 context = get_context_addr_from_root(root);
725 free_pgtable_page(context);
727 free_pgtable_page(iommu->root_entry);
728 iommu->root_entry = NULL;
730 spin_unlock_irqrestore(&iommu->lock, flags);
733 static struct dma_pte *pfn_to_dma_pte(struct dmar_domain *domain,
734 unsigned long pfn, int large_level)
736 int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
737 struct dma_pte *parent, *pte = NULL;
738 int level = agaw_to_level(domain->agaw);
739 int offset, target_level;
741 BUG_ON(!domain->pgd);
742 BUG_ON(addr_width < BITS_PER_LONG && pfn >> addr_width);
743 parent = domain->pgd;
749 target_level = large_level;
754 offset = pfn_level_offset(pfn, level);
755 pte = &parent[offset];
756 if (!large_level && (pte->val & DMA_PTE_LARGE_PAGE))
758 if (level == target_level)
761 if (!dma_pte_present(pte)) {
764 tmp_page = alloc_pgtable_page(domain->nid);
769 domain_flush_cache(domain, tmp_page, VTD_PAGE_SIZE);
770 pteval = ((uint64_t)virt_to_dma_pfn(tmp_page) << VTD_PAGE_SHIFT) | DMA_PTE_READ | DMA_PTE_WRITE;
771 if (cmpxchg64(&pte->val, 0ULL, pteval)) {
772 /* Someone else set it while we were thinking; use theirs. */
773 free_pgtable_page(tmp_page);
776 domain_flush_cache(domain, pte, sizeof(*pte));
779 parent = phys_to_virt(dma_pte_addr(pte));
787 /* return address's pte at specific level */
788 static struct dma_pte *dma_pfn_level_pte(struct dmar_domain *domain,
790 int level, int *large_page)
792 struct dma_pte *parent, *pte = NULL;
793 int total = agaw_to_level(domain->agaw);
796 parent = domain->pgd;
797 while (level <= total) {
798 offset = pfn_level_offset(pfn, total);
799 pte = &parent[offset];
803 if (!dma_pte_present(pte)) {
808 if (pte->val & DMA_PTE_LARGE_PAGE) {
813 parent = phys_to_virt(dma_pte_addr(pte));
819 /* clear last level pte, a tlb flush should be followed */
820 static void dma_pte_clear_range(struct dmar_domain *domain,
821 unsigned long start_pfn,
822 unsigned long last_pfn)
824 int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
825 unsigned int large_page = 1;
826 struct dma_pte *first_pte, *pte;
828 BUG_ON(addr_width < BITS_PER_LONG && start_pfn >> addr_width);
829 BUG_ON(addr_width < BITS_PER_LONG && last_pfn >> addr_width);
830 BUG_ON(start_pfn > last_pfn);
832 /* we don't need lock here; nobody else touches the iova range */
835 first_pte = pte = dma_pfn_level_pte(domain, start_pfn, 1, &large_page);
837 start_pfn = align_to_level(start_pfn + 1, large_page + 1);
842 start_pfn += lvl_to_nr_pages(large_page);
844 } while (start_pfn <= last_pfn && !first_pte_in_page(pte));
846 domain_flush_cache(domain, first_pte,
847 (void *)pte - (void *)first_pte);
849 } while (start_pfn && start_pfn <= last_pfn);
852 /* free page table pages. last level pte should already be cleared */
853 static void dma_pte_free_pagetable(struct dmar_domain *domain,
854 unsigned long start_pfn,
855 unsigned long last_pfn)
857 int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
858 struct dma_pte *first_pte, *pte;
859 int total = agaw_to_level(domain->agaw);
864 BUG_ON(addr_width < BITS_PER_LONG && start_pfn >> addr_width);
865 BUG_ON(addr_width < BITS_PER_LONG && last_pfn >> addr_width);
866 BUG_ON(start_pfn > last_pfn);
868 /* We don't need lock here; nobody else touches the iova range */
870 while (level <= total) {
871 tmp = align_to_level(start_pfn, level);
873 /* If we can't even clear one PTE at this level, we're done */
874 if (tmp + level_size(level) - 1 > last_pfn)
879 first_pte = pte = dma_pfn_level_pte(domain, tmp, level, &large_page);
880 if (large_page > level)
881 level = large_page + 1;
883 tmp = align_to_level(tmp + 1, level + 1);
887 if (dma_pte_present(pte)) {
888 free_pgtable_page(phys_to_virt(dma_pte_addr(pte)));
892 tmp += level_size(level);
893 } while (!first_pte_in_page(pte) &&
894 tmp + level_size(level) - 1 <= last_pfn);
896 domain_flush_cache(domain, first_pte,
897 (void *)pte - (void *)first_pte);
899 } while (tmp && tmp + level_size(level) - 1 <= last_pfn);
903 if (start_pfn == 0 && last_pfn == DOMAIN_MAX_PFN(domain->gaw)) {
904 free_pgtable_page(domain->pgd);
910 static int iommu_alloc_root_entry(struct intel_iommu *iommu)
912 struct root_entry *root;
915 root = (struct root_entry *)alloc_pgtable_page(iommu->node);
919 __iommu_flush_cache(iommu, root, ROOT_SIZE);
921 spin_lock_irqsave(&iommu->lock, flags);
922 iommu->root_entry = root;
923 spin_unlock_irqrestore(&iommu->lock, flags);
928 static void iommu_set_root_entry(struct intel_iommu *iommu)
934 addr = iommu->root_entry;
936 spin_lock_irqsave(&iommu->register_lock, flag);
937 dmar_writeq(iommu->reg + DMAR_RTADDR_REG, virt_to_phys(addr));
939 writel(iommu->gcmd | DMA_GCMD_SRTP, iommu->reg + DMAR_GCMD_REG);
941 /* Make sure hardware complete it */
942 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
943 readl, (sts & DMA_GSTS_RTPS), sts);
945 spin_unlock_irqrestore(&iommu->register_lock, flag);
948 static void iommu_flush_write_buffer(struct intel_iommu *iommu)
953 if (!rwbf_quirk && !cap_rwbf(iommu->cap))
956 spin_lock_irqsave(&iommu->register_lock, flag);
957 writel(iommu->gcmd | DMA_GCMD_WBF, iommu->reg + DMAR_GCMD_REG);
959 /* Make sure hardware complete it */
960 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
961 readl, (!(val & DMA_GSTS_WBFS)), val);
963 spin_unlock_irqrestore(&iommu->register_lock, flag);
966 /* return value determine if we need a write buffer flush */
967 static void __iommu_flush_context(struct intel_iommu *iommu,
968 u16 did, u16 source_id, u8 function_mask,
975 case DMA_CCMD_GLOBAL_INVL:
976 val = DMA_CCMD_GLOBAL_INVL;
978 case DMA_CCMD_DOMAIN_INVL:
979 val = DMA_CCMD_DOMAIN_INVL|DMA_CCMD_DID(did);
981 case DMA_CCMD_DEVICE_INVL:
982 val = DMA_CCMD_DEVICE_INVL|DMA_CCMD_DID(did)
983 | DMA_CCMD_SID(source_id) | DMA_CCMD_FM(function_mask);
990 spin_lock_irqsave(&iommu->register_lock, flag);
991 dmar_writeq(iommu->reg + DMAR_CCMD_REG, val);
993 /* Make sure hardware complete it */
994 IOMMU_WAIT_OP(iommu, DMAR_CCMD_REG,
995 dmar_readq, (!(val & DMA_CCMD_ICC)), val);
997 spin_unlock_irqrestore(&iommu->register_lock, flag);
1000 /* return value determine if we need a write buffer flush */
1001 static void __iommu_flush_iotlb(struct intel_iommu *iommu, u16 did,
1002 u64 addr, unsigned int size_order, u64 type)
1004 int tlb_offset = ecap_iotlb_offset(iommu->ecap);
1005 u64 val = 0, val_iva = 0;
1009 case DMA_TLB_GLOBAL_FLUSH:
1010 /* global flush doesn't need set IVA_REG */
1011 val = DMA_TLB_GLOBAL_FLUSH|DMA_TLB_IVT;
1013 case DMA_TLB_DSI_FLUSH:
1014 val = DMA_TLB_DSI_FLUSH|DMA_TLB_IVT|DMA_TLB_DID(did);
1016 case DMA_TLB_PSI_FLUSH:
1017 val = DMA_TLB_PSI_FLUSH|DMA_TLB_IVT|DMA_TLB_DID(did);
1018 /* Note: always flush non-leaf currently */
1019 val_iva = size_order | addr;
1024 /* Note: set drain read/write */
1027 * This is probably to be super secure.. Looks like we can
1028 * ignore it without any impact.
1030 if (cap_read_drain(iommu->cap))
1031 val |= DMA_TLB_READ_DRAIN;
1033 if (cap_write_drain(iommu->cap))
1034 val |= DMA_TLB_WRITE_DRAIN;
1036 spin_lock_irqsave(&iommu->register_lock, flag);
1037 /* Note: Only uses first TLB reg currently */
1039 dmar_writeq(iommu->reg + tlb_offset, val_iva);
1040 dmar_writeq(iommu->reg + tlb_offset + 8, val);
1042 /* Make sure hardware complete it */
1043 IOMMU_WAIT_OP(iommu, tlb_offset + 8,
1044 dmar_readq, (!(val & DMA_TLB_IVT)), val);
1046 spin_unlock_irqrestore(&iommu->register_lock, flag);
1048 /* check IOTLB invalidation granularity */
1049 if (DMA_TLB_IAIG(val) == 0)
1050 printk(KERN_ERR"IOMMU: flush IOTLB failed\n");
1051 if (DMA_TLB_IAIG(val) != DMA_TLB_IIRG(type))
1052 pr_debug("IOMMU: tlb flush request %Lx, actual %Lx\n",
1053 (unsigned long long)DMA_TLB_IIRG(type),
1054 (unsigned long long)DMA_TLB_IAIG(val));
1057 static struct device_domain_info *iommu_support_dev_iotlb(
1058 struct dmar_domain *domain, int segment, u8 bus, u8 devfn)
1061 unsigned long flags;
1062 struct device_domain_info *info;
1063 struct intel_iommu *iommu = device_to_iommu(segment, bus, devfn);
1065 if (!ecap_dev_iotlb_support(iommu->ecap))
1071 spin_lock_irqsave(&device_domain_lock, flags);
1072 list_for_each_entry(info, &domain->devices, link)
1073 if (info->bus == bus && info->devfn == devfn) {
1077 spin_unlock_irqrestore(&device_domain_lock, flags);
1079 if (!found || !info->dev)
1082 if (!pci_find_ext_capability(info->dev, PCI_EXT_CAP_ID_ATS))
1085 if (!dmar_find_matched_atsr_unit(info->dev))
1088 info->iommu = iommu;
1093 static void iommu_enable_dev_iotlb(struct device_domain_info *info)
1098 pci_enable_ats(info->dev, VTD_PAGE_SHIFT);
1101 static void iommu_disable_dev_iotlb(struct device_domain_info *info)
1103 if (!info->dev || !pci_ats_enabled(info->dev))
1106 pci_disable_ats(info->dev);
1109 static void iommu_flush_dev_iotlb(struct dmar_domain *domain,
1110 u64 addr, unsigned mask)
1113 unsigned long flags;
1114 struct device_domain_info *info;
1116 spin_lock_irqsave(&device_domain_lock, flags);
1117 list_for_each_entry(info, &domain->devices, link) {
1118 if (!info->dev || !pci_ats_enabled(info->dev))
1121 sid = info->bus << 8 | info->devfn;
1122 qdep = pci_ats_queue_depth(info->dev);
1123 qi_flush_dev_iotlb(info->iommu, sid, qdep, addr, mask);
1125 spin_unlock_irqrestore(&device_domain_lock, flags);
1128 static void iommu_flush_iotlb_psi(struct intel_iommu *iommu, u16 did,
1129 unsigned long pfn, unsigned int pages, int map)
1131 unsigned int mask = ilog2(__roundup_pow_of_two(pages));
1132 uint64_t addr = (uint64_t)pfn << VTD_PAGE_SHIFT;
1137 * Fallback to domain selective flush if no PSI support or the size is
1139 * PSI requires page size to be 2 ^ x, and the base address is naturally
1140 * aligned to the size
1142 if (!cap_pgsel_inv(iommu->cap) || mask > cap_max_amask_val(iommu->cap))
1143 iommu->flush.flush_iotlb(iommu, did, 0, 0,
1146 iommu->flush.flush_iotlb(iommu, did, addr, mask,
1150 * In caching mode, changes of pages from non-present to present require
1151 * flush. However, device IOTLB doesn't need to be flushed in this case.
1153 if (!cap_caching_mode(iommu->cap) || !map)
1154 iommu_flush_dev_iotlb(iommu->domains[did], addr, mask);
1157 static void iommu_disable_protect_mem_regions(struct intel_iommu *iommu)
1160 unsigned long flags;
1162 spin_lock_irqsave(&iommu->register_lock, flags);
1163 pmen = readl(iommu->reg + DMAR_PMEN_REG);
1164 pmen &= ~DMA_PMEN_EPM;
1165 writel(pmen, iommu->reg + DMAR_PMEN_REG);
1167 /* wait for the protected region status bit to clear */
1168 IOMMU_WAIT_OP(iommu, DMAR_PMEN_REG,
1169 readl, !(pmen & DMA_PMEN_PRS), pmen);
1171 spin_unlock_irqrestore(&iommu->register_lock, flags);
1174 static int iommu_enable_translation(struct intel_iommu *iommu)
1177 unsigned long flags;
1179 spin_lock_irqsave(&iommu->register_lock, flags);
1180 iommu->gcmd |= DMA_GCMD_TE;
1181 writel(iommu->gcmd, iommu->reg + DMAR_GCMD_REG);
1183 /* Make sure hardware complete it */
1184 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1185 readl, (sts & DMA_GSTS_TES), sts);
1187 spin_unlock_irqrestore(&iommu->register_lock, flags);
1191 static int iommu_disable_translation(struct intel_iommu *iommu)
1196 spin_lock_irqsave(&iommu->register_lock, flag);
1197 iommu->gcmd &= ~DMA_GCMD_TE;
1198 writel(iommu->gcmd, iommu->reg + DMAR_GCMD_REG);
1200 /* Make sure hardware complete it */
1201 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1202 readl, (!(sts & DMA_GSTS_TES)), sts);
1204 spin_unlock_irqrestore(&iommu->register_lock, flag);
1209 static int iommu_init_domains(struct intel_iommu *iommu)
1211 unsigned long ndomains;
1212 unsigned long nlongs;
1214 ndomains = cap_ndoms(iommu->cap);
1215 pr_debug("IOMMU %d: Number of Domains supportd <%ld>\n", iommu->seq_id,
1217 nlongs = BITS_TO_LONGS(ndomains);
1219 spin_lock_init(&iommu->lock);
1221 /* TBD: there might be 64K domains,
1222 * consider other allocation for future chip
1224 iommu->domain_ids = kcalloc(nlongs, sizeof(unsigned long), GFP_KERNEL);
1225 if (!iommu->domain_ids) {
1226 printk(KERN_ERR "Allocating domain id array failed\n");
1229 iommu->domains = kcalloc(ndomains, sizeof(struct dmar_domain *),
1231 if (!iommu->domains) {
1232 printk(KERN_ERR "Allocating domain array failed\n");
1237 * if Caching mode is set, then invalid translations are tagged
1238 * with domainid 0. Hence we need to pre-allocate it.
1240 if (cap_caching_mode(iommu->cap))
1241 set_bit(0, iommu->domain_ids);
1246 static void domain_exit(struct dmar_domain *domain);
1247 static void vm_domain_exit(struct dmar_domain *domain);
1249 void free_dmar_iommu(struct intel_iommu *iommu)
1251 struct dmar_domain *domain;
1253 unsigned long flags;
1255 if ((iommu->domains) && (iommu->domain_ids)) {
1256 for_each_set_bit(i, iommu->domain_ids, cap_ndoms(iommu->cap)) {
1257 domain = iommu->domains[i];
1258 clear_bit(i, iommu->domain_ids);
1260 spin_lock_irqsave(&domain->iommu_lock, flags);
1261 if (--domain->iommu_count == 0) {
1262 if (domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE)
1263 vm_domain_exit(domain);
1265 domain_exit(domain);
1267 spin_unlock_irqrestore(&domain->iommu_lock, flags);
1271 if (iommu->gcmd & DMA_GCMD_TE)
1272 iommu_disable_translation(iommu);
1275 irq_set_handler_data(iommu->irq, NULL);
1276 /* This will mask the irq */
1277 free_irq(iommu->irq, iommu);
1278 destroy_irq(iommu->irq);
1281 kfree(iommu->domains);
1282 kfree(iommu->domain_ids);
1284 g_iommus[iommu->seq_id] = NULL;
1286 /* if all iommus are freed, free g_iommus */
1287 for (i = 0; i < g_num_of_iommus; i++) {
1292 if (i == g_num_of_iommus)
1295 /* free context mapping */
1296 free_context_table(iommu);
1299 static struct dmar_domain *alloc_domain(void)
1301 struct dmar_domain *domain;
1303 domain = alloc_domain_mem();
1308 memset(&domain->iommu_bmp, 0, sizeof(unsigned long));
1314 static int iommu_attach_domain(struct dmar_domain *domain,
1315 struct intel_iommu *iommu)
1318 unsigned long ndomains;
1319 unsigned long flags;
1321 ndomains = cap_ndoms(iommu->cap);
1323 spin_lock_irqsave(&iommu->lock, flags);
1325 num = find_first_zero_bit(iommu->domain_ids, ndomains);
1326 if (num >= ndomains) {
1327 spin_unlock_irqrestore(&iommu->lock, flags);
1328 printk(KERN_ERR "IOMMU: no free domain ids\n");
1333 set_bit(num, iommu->domain_ids);
1334 set_bit(iommu->seq_id, &domain->iommu_bmp);
1335 iommu->domains[num] = domain;
1336 spin_unlock_irqrestore(&iommu->lock, flags);
1341 static void iommu_detach_domain(struct dmar_domain *domain,
1342 struct intel_iommu *iommu)
1344 unsigned long flags;
1348 spin_lock_irqsave(&iommu->lock, flags);
1349 ndomains = cap_ndoms(iommu->cap);
1350 for_each_set_bit(num, iommu->domain_ids, ndomains) {
1351 if (iommu->domains[num] == domain) {
1358 clear_bit(num, iommu->domain_ids);
1359 clear_bit(iommu->seq_id, &domain->iommu_bmp);
1360 iommu->domains[num] = NULL;
1362 spin_unlock_irqrestore(&iommu->lock, flags);
1365 static struct iova_domain reserved_iova_list;
1366 static struct lock_class_key reserved_rbtree_key;
1368 static int dmar_init_reserved_ranges(void)
1370 struct pci_dev *pdev = NULL;
1374 init_iova_domain(&reserved_iova_list, DMA_32BIT_PFN);
1376 lockdep_set_class(&reserved_iova_list.iova_rbtree_lock,
1377 &reserved_rbtree_key);
1379 /* IOAPIC ranges shouldn't be accessed by DMA */
1380 iova = reserve_iova(&reserved_iova_list, IOVA_PFN(IOAPIC_RANGE_START),
1381 IOVA_PFN(IOAPIC_RANGE_END));
1383 printk(KERN_ERR "Reserve IOAPIC range failed\n");
1387 /* Reserve all PCI MMIO to avoid peer-to-peer access */
1388 for_each_pci_dev(pdev) {
1391 for (i = 0; i < PCI_NUM_RESOURCES; i++) {
1392 r = &pdev->resource[i];
1393 if (!r->flags || !(r->flags & IORESOURCE_MEM))
1395 iova = reserve_iova(&reserved_iova_list,
1399 printk(KERN_ERR "Reserve iova failed\n");
1407 static void domain_reserve_special_ranges(struct dmar_domain *domain)
1409 copy_reserved_iova(&reserved_iova_list, &domain->iovad);
1412 static inline int guestwidth_to_adjustwidth(int gaw)
1415 int r = (gaw - 12) % 9;
1426 static int domain_init(struct dmar_domain *domain, int guest_width)
1428 struct intel_iommu *iommu;
1429 int adjust_width, agaw;
1430 unsigned long sagaw;
1432 init_iova_domain(&domain->iovad, DMA_32BIT_PFN);
1433 spin_lock_init(&domain->iommu_lock);
1435 domain_reserve_special_ranges(domain);
1437 /* calculate AGAW */
1438 iommu = domain_get_iommu(domain);
1439 if (guest_width > cap_mgaw(iommu->cap))
1440 guest_width = cap_mgaw(iommu->cap);
1441 domain->gaw = guest_width;
1442 adjust_width = guestwidth_to_adjustwidth(guest_width);
1443 agaw = width_to_agaw(adjust_width);
1444 sagaw = cap_sagaw(iommu->cap);
1445 if (!test_bit(agaw, &sagaw)) {
1446 /* hardware doesn't support it, choose a bigger one */
1447 pr_debug("IOMMU: hardware doesn't support agaw %d\n", agaw);
1448 agaw = find_next_bit(&sagaw, 5, agaw);
1452 domain->agaw = agaw;
1453 INIT_LIST_HEAD(&domain->devices);
1455 if (ecap_coherent(iommu->ecap))
1456 domain->iommu_coherency = 1;
1458 domain->iommu_coherency = 0;
1460 if (ecap_sc_support(iommu->ecap))
1461 domain->iommu_snooping = 1;
1463 domain->iommu_snooping = 0;
1465 domain->iommu_superpage = fls(cap_super_page_val(iommu->cap));
1466 domain->iommu_count = 1;
1467 domain->nid = iommu->node;
1469 /* always allocate the top pgd */
1470 domain->pgd = (struct dma_pte *)alloc_pgtable_page(domain->nid);
1473 __iommu_flush_cache(iommu, domain->pgd, PAGE_SIZE);
1477 static void domain_exit(struct dmar_domain *domain)
1479 struct dmar_drhd_unit *drhd;
1480 struct intel_iommu *iommu;
1482 /* Domain 0 is reserved, so dont process it */
1486 /* Flush any lazy unmaps that may reference this domain */
1487 if (!intel_iommu_strict)
1488 flush_unmaps_timeout(0);
1490 domain_remove_dev_info(domain);
1492 put_iova_domain(&domain->iovad);
1495 dma_pte_clear_range(domain, 0, DOMAIN_MAX_PFN(domain->gaw));
1497 /* free page tables */
1498 dma_pte_free_pagetable(domain, 0, DOMAIN_MAX_PFN(domain->gaw));
1500 for_each_active_iommu(iommu, drhd)
1501 if (test_bit(iommu->seq_id, &domain->iommu_bmp))
1502 iommu_detach_domain(domain, iommu);
1504 free_domain_mem(domain);
1507 static int domain_context_mapping_one(struct dmar_domain *domain, int segment,
1508 u8 bus, u8 devfn, int translation)
1510 struct context_entry *context;
1511 unsigned long flags;
1512 struct intel_iommu *iommu;
1513 struct dma_pte *pgd;
1515 unsigned long ndomains;
1518 struct device_domain_info *info = NULL;
1520 pr_debug("Set context mapping for %02x:%02x.%d\n",
1521 bus, PCI_SLOT(devfn), PCI_FUNC(devfn));
1523 BUG_ON(!domain->pgd);
1524 BUG_ON(translation != CONTEXT_TT_PASS_THROUGH &&
1525 translation != CONTEXT_TT_MULTI_LEVEL);
1527 iommu = device_to_iommu(segment, bus, devfn);
1531 context = device_to_context_entry(iommu, bus, devfn);
1534 spin_lock_irqsave(&iommu->lock, flags);
1535 if (context_present(context)) {
1536 spin_unlock_irqrestore(&iommu->lock, flags);
1543 if (domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE ||
1544 domain->flags & DOMAIN_FLAG_STATIC_IDENTITY) {
1547 /* find an available domain id for this device in iommu */
1548 ndomains = cap_ndoms(iommu->cap);
1549 for_each_set_bit(num, iommu->domain_ids, ndomains) {
1550 if (iommu->domains[num] == domain) {
1558 num = find_first_zero_bit(iommu->domain_ids, ndomains);
1559 if (num >= ndomains) {
1560 spin_unlock_irqrestore(&iommu->lock, flags);
1561 printk(KERN_ERR "IOMMU: no free domain ids\n");
1565 set_bit(num, iommu->domain_ids);
1566 iommu->domains[num] = domain;
1570 /* Skip top levels of page tables for
1571 * iommu which has less agaw than default.
1572 * Unnecessary for PT mode.
1574 if (translation != CONTEXT_TT_PASS_THROUGH) {
1575 for (agaw = domain->agaw; agaw != iommu->agaw; agaw--) {
1576 pgd = phys_to_virt(dma_pte_addr(pgd));
1577 if (!dma_pte_present(pgd)) {
1578 spin_unlock_irqrestore(&iommu->lock, flags);
1585 context_set_domain_id(context, id);
1587 if (translation != CONTEXT_TT_PASS_THROUGH) {
1588 info = iommu_support_dev_iotlb(domain, segment, bus, devfn);
1589 translation = info ? CONTEXT_TT_DEV_IOTLB :
1590 CONTEXT_TT_MULTI_LEVEL;
1593 * In pass through mode, AW must be programmed to indicate the largest
1594 * AGAW value supported by hardware. And ASR is ignored by hardware.
1596 if (unlikely(translation == CONTEXT_TT_PASS_THROUGH))
1597 context_set_address_width(context, iommu->msagaw);
1599 context_set_address_root(context, virt_to_phys(pgd));
1600 context_set_address_width(context, iommu->agaw);
1603 context_set_translation_type(context, translation);
1604 context_set_fault_enable(context);
1605 context_set_present(context);
1606 domain_flush_cache(domain, context, sizeof(*context));
1609 * It's a non-present to present mapping. If hardware doesn't cache
1610 * non-present entry we only need to flush the write-buffer. If the
1611 * _does_ cache non-present entries, then it does so in the special
1612 * domain #0, which we have to flush:
1614 if (cap_caching_mode(iommu->cap)) {
1615 iommu->flush.flush_context(iommu, 0,
1616 (((u16)bus) << 8) | devfn,
1617 DMA_CCMD_MASK_NOBIT,
1618 DMA_CCMD_DEVICE_INVL);
1619 iommu->flush.flush_iotlb(iommu, domain->id, 0, 0, DMA_TLB_DSI_FLUSH);
1621 iommu_flush_write_buffer(iommu);
1623 iommu_enable_dev_iotlb(info);
1624 spin_unlock_irqrestore(&iommu->lock, flags);
1626 spin_lock_irqsave(&domain->iommu_lock, flags);
1627 if (!test_and_set_bit(iommu->seq_id, &domain->iommu_bmp)) {
1628 domain->iommu_count++;
1629 if (domain->iommu_count == 1)
1630 domain->nid = iommu->node;
1631 domain_update_iommu_cap(domain);
1633 spin_unlock_irqrestore(&domain->iommu_lock, flags);
1638 domain_context_mapping(struct dmar_domain *domain, struct pci_dev *pdev,
1642 struct pci_dev *tmp, *parent;
1644 ret = domain_context_mapping_one(domain, pci_domain_nr(pdev->bus),
1645 pdev->bus->number, pdev->devfn,
1650 /* dependent device mapping */
1651 tmp = pci_find_upstream_pcie_bridge(pdev);
1654 /* Secondary interface's bus number and devfn 0 */
1655 parent = pdev->bus->self;
1656 while (parent != tmp) {
1657 ret = domain_context_mapping_one(domain,
1658 pci_domain_nr(parent->bus),
1659 parent->bus->number,
1660 parent->devfn, translation);
1663 parent = parent->bus->self;
1665 if (pci_is_pcie(tmp)) /* this is a PCIe-to-PCI bridge */
1666 return domain_context_mapping_one(domain,
1667 pci_domain_nr(tmp->subordinate),
1668 tmp->subordinate->number, 0,
1670 else /* this is a legacy PCI bridge */
1671 return domain_context_mapping_one(domain,
1672 pci_domain_nr(tmp->bus),
1678 static int domain_context_mapped(struct pci_dev *pdev)
1681 struct pci_dev *tmp, *parent;
1682 struct intel_iommu *iommu;
1684 iommu = device_to_iommu(pci_domain_nr(pdev->bus), pdev->bus->number,
1689 ret = device_context_mapped(iommu, pdev->bus->number, pdev->devfn);
1692 /* dependent device mapping */
1693 tmp = pci_find_upstream_pcie_bridge(pdev);
1696 /* Secondary interface's bus number and devfn 0 */
1697 parent = pdev->bus->self;
1698 while (parent != tmp) {
1699 ret = device_context_mapped(iommu, parent->bus->number,
1703 parent = parent->bus->self;
1705 if (pci_is_pcie(tmp))
1706 return device_context_mapped(iommu, tmp->subordinate->number,
1709 return device_context_mapped(iommu, tmp->bus->number,
1713 /* Returns a number of VTD pages, but aligned to MM page size */
1714 static inline unsigned long aligned_nrpages(unsigned long host_addr,
1717 host_addr &= ~PAGE_MASK;
1718 return PAGE_ALIGN(host_addr + size) >> VTD_PAGE_SHIFT;
1721 /* Return largest possible superpage level for a given mapping */
1722 static inline int hardware_largepage_caps(struct dmar_domain *domain,
1723 unsigned long iov_pfn,
1724 unsigned long phy_pfn,
1725 unsigned long pages)
1727 int support, level = 1;
1728 unsigned long pfnmerge;
1730 support = domain->iommu_superpage;
1732 /* To use a large page, the virtual *and* physical addresses
1733 must be aligned to 2MiB/1GiB/etc. Lower bits set in either
1734 of them will mean we have to use smaller pages. So just
1735 merge them and check both at once. */
1736 pfnmerge = iov_pfn | phy_pfn;
1738 while (support && !(pfnmerge & ~VTD_STRIDE_MASK)) {
1739 pages >>= VTD_STRIDE_SHIFT;
1742 pfnmerge >>= VTD_STRIDE_SHIFT;
1749 static int __domain_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
1750 struct scatterlist *sg, unsigned long phys_pfn,
1751 unsigned long nr_pages, int prot)
1753 struct dma_pte *first_pte = NULL, *pte = NULL;
1754 phys_addr_t uninitialized_var(pteval);
1755 int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
1756 unsigned long sg_res;
1757 unsigned int largepage_lvl = 0;
1758 unsigned long lvl_pages = 0;
1760 BUG_ON(addr_width < BITS_PER_LONG && (iov_pfn + nr_pages - 1) >> addr_width);
1762 if ((prot & (DMA_PTE_READ|DMA_PTE_WRITE)) == 0)
1765 prot &= DMA_PTE_READ | DMA_PTE_WRITE | DMA_PTE_SNP;
1770 sg_res = nr_pages + 1;
1771 pteval = ((phys_addr_t)phys_pfn << VTD_PAGE_SHIFT) | prot;
1774 while (nr_pages > 0) {
1778 sg_res = aligned_nrpages(sg->offset, sg->length);
1779 sg->dma_address = ((dma_addr_t)iov_pfn << VTD_PAGE_SHIFT) + sg->offset;
1780 sg->dma_length = sg->length;
1781 pteval = page_to_phys(sg_page(sg)) | prot;
1782 phys_pfn = pteval >> VTD_PAGE_SHIFT;
1786 largepage_lvl = hardware_largepage_caps(domain, iov_pfn, phys_pfn, sg_res);
1788 first_pte = pte = pfn_to_dma_pte(domain, iov_pfn, largepage_lvl);
1791 /* It is large page*/
1792 if (largepage_lvl > 1)
1793 pteval |= DMA_PTE_LARGE_PAGE;
1795 pteval &= ~(uint64_t)DMA_PTE_LARGE_PAGE;
1798 /* We don't need lock here, nobody else
1799 * touches the iova range
1801 tmp = cmpxchg64_local(&pte->val, 0ULL, pteval);
1803 static int dumps = 5;
1804 printk(KERN_CRIT "ERROR: DMA PTE for vPFN 0x%lx already set (to %llx not %llx)\n",
1805 iov_pfn, tmp, (unsigned long long)pteval);
1808 debug_dma_dump_mappings(NULL);
1813 lvl_pages = lvl_to_nr_pages(largepage_lvl);
1815 BUG_ON(nr_pages < lvl_pages);
1816 BUG_ON(sg_res < lvl_pages);
1818 nr_pages -= lvl_pages;
1819 iov_pfn += lvl_pages;
1820 phys_pfn += lvl_pages;
1821 pteval += lvl_pages * VTD_PAGE_SIZE;
1822 sg_res -= lvl_pages;
1824 /* If the next PTE would be the first in a new page, then we
1825 need to flush the cache on the entries we've just written.
1826 And then we'll need to recalculate 'pte', so clear it and
1827 let it get set again in the if (!pte) block above.
1829 If we're done (!nr_pages) we need to flush the cache too.
1831 Also if we've been setting superpages, we may need to
1832 recalculate 'pte' and switch back to smaller pages for the
1833 end of the mapping, if the trailing size is not enough to
1834 use another superpage (i.e. sg_res < lvl_pages). */
1836 if (!nr_pages || first_pte_in_page(pte) ||
1837 (largepage_lvl > 1 && sg_res < lvl_pages)) {
1838 domain_flush_cache(domain, first_pte,
1839 (void *)pte - (void *)first_pte);
1843 if (!sg_res && nr_pages)
1849 static inline int domain_sg_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
1850 struct scatterlist *sg, unsigned long nr_pages,
1853 return __domain_mapping(domain, iov_pfn, sg, 0, nr_pages, prot);
1856 static inline int domain_pfn_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
1857 unsigned long phys_pfn, unsigned long nr_pages,
1860 return __domain_mapping(domain, iov_pfn, NULL, phys_pfn, nr_pages, prot);
1863 static void iommu_detach_dev(struct intel_iommu *iommu, u8 bus, u8 devfn)
1868 clear_context_table(iommu, bus, devfn);
1869 iommu->flush.flush_context(iommu, 0, 0, 0,
1870 DMA_CCMD_GLOBAL_INVL);
1871 iommu->flush.flush_iotlb(iommu, 0, 0, 0, DMA_TLB_GLOBAL_FLUSH);
1874 static void domain_remove_dev_info(struct dmar_domain *domain)
1876 struct device_domain_info *info;
1877 unsigned long flags;
1878 struct intel_iommu *iommu;
1880 spin_lock_irqsave(&device_domain_lock, flags);
1881 while (!list_empty(&domain->devices)) {
1882 info = list_entry(domain->devices.next,
1883 struct device_domain_info, link);
1884 list_del(&info->link);
1885 list_del(&info->global);
1887 info->dev->dev.archdata.iommu = NULL;
1888 spin_unlock_irqrestore(&device_domain_lock, flags);
1890 iommu_disable_dev_iotlb(info);
1891 iommu = device_to_iommu(info->segment, info->bus, info->devfn);
1892 iommu_detach_dev(iommu, info->bus, info->devfn);
1893 free_devinfo_mem(info);
1895 spin_lock_irqsave(&device_domain_lock, flags);
1897 spin_unlock_irqrestore(&device_domain_lock, flags);
1902 * Note: we use struct pci_dev->dev.archdata.iommu stores the info
1904 static struct dmar_domain *
1905 find_domain(struct pci_dev *pdev)
1907 struct device_domain_info *info;
1909 /* No lock here, assumes no domain exit in normal case */
1910 info = pdev->dev.archdata.iommu;
1912 return info->domain;
1916 /* domain is initialized */
1917 static struct dmar_domain *get_domain_for_dev(struct pci_dev *pdev, int gaw)
1919 struct dmar_domain *domain, *found = NULL;
1920 struct intel_iommu *iommu;
1921 struct dmar_drhd_unit *drhd;
1922 struct device_domain_info *info, *tmp;
1923 struct pci_dev *dev_tmp;
1924 unsigned long flags;
1925 int bus = 0, devfn = 0;
1929 domain = find_domain(pdev);
1933 segment = pci_domain_nr(pdev->bus);
1935 dev_tmp = pci_find_upstream_pcie_bridge(pdev);
1937 if (pci_is_pcie(dev_tmp)) {
1938 bus = dev_tmp->subordinate->number;
1941 bus = dev_tmp->bus->number;
1942 devfn = dev_tmp->devfn;
1944 spin_lock_irqsave(&device_domain_lock, flags);
1945 list_for_each_entry(info, &device_domain_list, global) {
1946 if (info->segment == segment &&
1947 info->bus == bus && info->devfn == devfn) {
1948 found = info->domain;
1952 spin_unlock_irqrestore(&device_domain_lock, flags);
1953 /* pcie-pci bridge already has a domain, uses it */
1960 domain = alloc_domain();
1964 /* Allocate new domain for the device */
1965 drhd = dmar_find_matched_drhd_unit(pdev);
1967 printk(KERN_ERR "IOMMU: can't find DMAR for device %s\n",
1971 iommu = drhd->iommu;
1973 ret = iommu_attach_domain(domain, iommu);
1975 free_domain_mem(domain);
1979 if (domain_init(domain, gaw)) {
1980 domain_exit(domain);
1984 /* register pcie-to-pci device */
1986 info = alloc_devinfo_mem();
1988 domain_exit(domain);
1991 info->segment = segment;
1993 info->devfn = devfn;
1995 info->domain = domain;
1996 /* This domain is shared by devices under p2p bridge */
1997 domain->flags |= DOMAIN_FLAG_P2P_MULTIPLE_DEVICES;
1999 /* pcie-to-pci bridge already has a domain, uses it */
2001 spin_lock_irqsave(&device_domain_lock, flags);
2002 list_for_each_entry(tmp, &device_domain_list, global) {
2003 if (tmp->segment == segment &&
2004 tmp->bus == bus && tmp->devfn == devfn) {
2005 found = tmp->domain;
2010 spin_unlock_irqrestore(&device_domain_lock, flags);
2011 free_devinfo_mem(info);
2012 domain_exit(domain);
2015 list_add(&info->link, &domain->devices);
2016 list_add(&info->global, &device_domain_list);
2017 spin_unlock_irqrestore(&device_domain_lock, flags);
2022 info = alloc_devinfo_mem();
2025 info->segment = segment;
2026 info->bus = pdev->bus->number;
2027 info->devfn = pdev->devfn;
2029 info->domain = domain;
2030 spin_lock_irqsave(&device_domain_lock, flags);
2031 /* somebody is fast */
2032 found = find_domain(pdev);
2033 if (found != NULL) {
2034 spin_unlock_irqrestore(&device_domain_lock, flags);
2035 if (found != domain) {
2036 domain_exit(domain);
2039 free_devinfo_mem(info);
2042 list_add(&info->link, &domain->devices);
2043 list_add(&info->global, &device_domain_list);
2044 pdev->dev.archdata.iommu = info;
2045 spin_unlock_irqrestore(&device_domain_lock, flags);
2048 /* recheck it here, maybe others set it */
2049 return find_domain(pdev);
2052 static int iommu_identity_mapping;
2053 #define IDENTMAP_ALL 1
2054 #define IDENTMAP_GFX 2
2055 #define IDENTMAP_AZALIA 4
2057 static int iommu_domain_identity_map(struct dmar_domain *domain,
2058 unsigned long long start,
2059 unsigned long long end)
2061 unsigned long first_vpfn = start >> VTD_PAGE_SHIFT;
2062 unsigned long last_vpfn = end >> VTD_PAGE_SHIFT;
2064 if (!reserve_iova(&domain->iovad, dma_to_mm_pfn(first_vpfn),
2065 dma_to_mm_pfn(last_vpfn))) {
2066 printk(KERN_ERR "IOMMU: reserve iova failed\n");
2070 pr_debug("Mapping reserved region %llx-%llx for domain %d\n",
2071 start, end, domain->id);
2073 * RMRR range might have overlap with physical memory range,
2076 dma_pte_clear_range(domain, first_vpfn, last_vpfn);
2078 return domain_pfn_mapping(domain, first_vpfn, first_vpfn,
2079 last_vpfn - first_vpfn + 1,
2080 DMA_PTE_READ|DMA_PTE_WRITE);
2083 static int iommu_prepare_identity_map(struct pci_dev *pdev,
2084 unsigned long long start,
2085 unsigned long long end)
2087 struct dmar_domain *domain;
2090 domain = get_domain_for_dev(pdev, DEFAULT_DOMAIN_ADDRESS_WIDTH);
2094 /* For _hardware_ passthrough, don't bother. But for software
2095 passthrough, we do it anyway -- it may indicate a memory
2096 range which is reserved in E820, so which didn't get set
2097 up to start with in si_domain */
2098 if (domain == si_domain && hw_pass_through) {
2099 printk("Ignoring identity map for HW passthrough device %s [0x%Lx - 0x%Lx]\n",
2100 pci_name(pdev), start, end);
2105 "IOMMU: Setting identity map for device %s [0x%Lx - 0x%Lx]\n",
2106 pci_name(pdev), start, end);
2109 WARN(1, "Your BIOS is broken; RMRR ends before it starts!\n"
2110 "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
2111 dmi_get_system_info(DMI_BIOS_VENDOR),
2112 dmi_get_system_info(DMI_BIOS_VERSION),
2113 dmi_get_system_info(DMI_PRODUCT_VERSION));
2118 if (end >> agaw_to_width(domain->agaw)) {
2119 WARN(1, "Your BIOS is broken; RMRR exceeds permitted address width (%d bits)\n"
2120 "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
2121 agaw_to_width(domain->agaw),
2122 dmi_get_system_info(DMI_BIOS_VENDOR),
2123 dmi_get_system_info(DMI_BIOS_VERSION),
2124 dmi_get_system_info(DMI_PRODUCT_VERSION));
2129 ret = iommu_domain_identity_map(domain, start, end);
2133 /* context entry init */
2134 ret = domain_context_mapping(domain, pdev, CONTEXT_TT_MULTI_LEVEL);
2141 domain_exit(domain);
2145 static inline int iommu_prepare_rmrr_dev(struct dmar_rmrr_unit *rmrr,
2146 struct pci_dev *pdev)
2148 if (pdev->dev.archdata.iommu == DUMMY_DEVICE_DOMAIN_INFO)
2150 return iommu_prepare_identity_map(pdev, rmrr->base_address,
2154 #ifdef CONFIG_DMAR_FLOPPY_WA
2155 static inline void iommu_prepare_isa(void)
2157 struct pci_dev *pdev;
2160 pdev = pci_get_class(PCI_CLASS_BRIDGE_ISA << 8, NULL);
2164 printk(KERN_INFO "IOMMU: Prepare 0-16MiB unity mapping for LPC\n");
2165 ret = iommu_prepare_identity_map(pdev, 0, 16*1024*1024 - 1);
2168 printk(KERN_ERR "IOMMU: Failed to create 0-16MiB identity map; "
2169 "floppy might not work\n");
2173 static inline void iommu_prepare_isa(void)
2177 #endif /* !CONFIG_DMAR_FLPY_WA */
2179 static int md_domain_init(struct dmar_domain *domain, int guest_width);
2181 static int __init si_domain_work_fn(unsigned long start_pfn,
2182 unsigned long end_pfn, void *datax)
2186 *ret = iommu_domain_identity_map(si_domain,
2187 (uint64_t)start_pfn << PAGE_SHIFT,
2188 (uint64_t)end_pfn << PAGE_SHIFT);
2193 static int __init si_domain_init(int hw)
2195 struct dmar_drhd_unit *drhd;
2196 struct intel_iommu *iommu;
2199 si_domain = alloc_domain();
2203 pr_debug("Identity mapping domain is domain %d\n", si_domain->id);
2205 for_each_active_iommu(iommu, drhd) {
2206 ret = iommu_attach_domain(si_domain, iommu);
2208 domain_exit(si_domain);
2213 if (md_domain_init(si_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
2214 domain_exit(si_domain);
2218 si_domain->flags = DOMAIN_FLAG_STATIC_IDENTITY;
2223 for_each_online_node(nid) {
2224 work_with_active_regions(nid, si_domain_work_fn, &ret);
2232 static void domain_remove_one_dev_info(struct dmar_domain *domain,
2233 struct pci_dev *pdev);
2234 static int identity_mapping(struct pci_dev *pdev)
2236 struct device_domain_info *info;
2238 if (likely(!iommu_identity_mapping))
2241 info = pdev->dev.archdata.iommu;
2242 if (info && info != DUMMY_DEVICE_DOMAIN_INFO)
2243 return (info->domain == si_domain);
2248 static int domain_add_dev_info(struct dmar_domain *domain,
2249 struct pci_dev *pdev,
2252 struct device_domain_info *info;
2253 unsigned long flags;
2256 info = alloc_devinfo_mem();
2260 ret = domain_context_mapping(domain, pdev, translation);
2262 free_devinfo_mem(info);
2266 info->segment = pci_domain_nr(pdev->bus);
2267 info->bus = pdev->bus->number;
2268 info->devfn = pdev->devfn;
2270 info->domain = domain;
2272 spin_lock_irqsave(&device_domain_lock, flags);
2273 list_add(&info->link, &domain->devices);
2274 list_add(&info->global, &device_domain_list);
2275 pdev->dev.archdata.iommu = info;
2276 spin_unlock_irqrestore(&device_domain_lock, flags);
2281 static int iommu_should_identity_map(struct pci_dev *pdev, int startup)
2283 if ((iommu_identity_mapping & IDENTMAP_AZALIA) && IS_AZALIA(pdev))
2286 if ((iommu_identity_mapping & IDENTMAP_GFX) && IS_GFX_DEVICE(pdev))
2289 if (!(iommu_identity_mapping & IDENTMAP_ALL))
2293 * We want to start off with all devices in the 1:1 domain, and
2294 * take them out later if we find they can't access all of memory.
2296 * However, we can't do this for PCI devices behind bridges,
2297 * because all PCI devices behind the same bridge will end up
2298 * with the same source-id on their transactions.
2300 * Practically speaking, we can't change things around for these
2301 * devices at run-time, because we can't be sure there'll be no
2302 * DMA transactions in flight for any of their siblings.
2304 * So PCI devices (unless they're on the root bus) as well as
2305 * their parent PCI-PCI or PCIe-PCI bridges must be left _out_ of
2306 * the 1:1 domain, just in _case_ one of their siblings turns out
2307 * not to be able to map all of memory.
2309 if (!pci_is_pcie(pdev)) {
2310 if (!pci_is_root_bus(pdev->bus))
2312 if (pdev->class >> 8 == PCI_CLASS_BRIDGE_PCI)
2314 } else if (pdev->pcie_type == PCI_EXP_TYPE_PCI_BRIDGE)
2318 * At boot time, we don't yet know if devices will be 64-bit capable.
2319 * Assume that they will -- if they turn out not to be, then we can
2320 * take them out of the 1:1 domain later.
2324 * If the device's dma_mask is less than the system's memory
2325 * size then this is not a candidate for identity mapping.
2327 u64 dma_mask = pdev->dma_mask;
2329 if (pdev->dev.coherent_dma_mask &&
2330 pdev->dev.coherent_dma_mask < dma_mask)
2331 dma_mask = pdev->dev.coherent_dma_mask;
2333 return dma_mask >= dma_get_required_mask(&pdev->dev);
2339 static int __init iommu_prepare_static_identity_mapping(int hw)
2341 struct pci_dev *pdev = NULL;
2344 ret = si_domain_init(hw);
2348 for_each_pci_dev(pdev) {
2349 /* Skip Host/PCI Bridge devices */
2350 if (IS_BRIDGE_HOST_DEVICE(pdev))
2352 if (iommu_should_identity_map(pdev, 1)) {
2353 printk(KERN_INFO "IOMMU: %s identity mapping for device %s\n",
2354 hw ? "hardware" : "software", pci_name(pdev));
2356 ret = domain_add_dev_info(si_domain, pdev,
2357 hw ? CONTEXT_TT_PASS_THROUGH :
2358 CONTEXT_TT_MULTI_LEVEL);
2367 static int __init init_dmars(void)
2369 struct dmar_drhd_unit *drhd;
2370 struct dmar_rmrr_unit *rmrr;
2371 struct pci_dev *pdev;
2372 struct intel_iommu *iommu;
2378 * initialize and program root entry to not present
2381 for_each_drhd_unit(drhd) {
2384 * lock not needed as this is only incremented in the single
2385 * threaded kernel __init code path all other access are read
2390 g_iommus = kcalloc(g_num_of_iommus, sizeof(struct intel_iommu *),
2393 printk(KERN_ERR "Allocating global iommu array failed\n");
2398 deferred_flush = kzalloc(g_num_of_iommus *
2399 sizeof(struct deferred_flush_tables), GFP_KERNEL);
2400 if (!deferred_flush) {
2405 for_each_drhd_unit(drhd) {
2409 iommu = drhd->iommu;
2410 g_iommus[iommu->seq_id] = iommu;
2412 ret = iommu_init_domains(iommu);
2418 * we could share the same root & context tables
2419 * among all IOMMU's. Need to Split it later.
2421 ret = iommu_alloc_root_entry(iommu);
2423 printk(KERN_ERR "IOMMU: allocate root entry failed\n");
2426 if (!ecap_pass_through(iommu->ecap))
2427 hw_pass_through = 0;
2431 * Start from the sane iommu hardware state.
2433 for_each_drhd_unit(drhd) {
2437 iommu = drhd->iommu;
2440 * If the queued invalidation is already initialized by us
2441 * (for example, while enabling interrupt-remapping) then
2442 * we got the things already rolling from a sane state.
2448 * Clear any previous faults.
2450 dmar_fault(-1, iommu);
2452 * Disable queued invalidation if supported and already enabled
2453 * before OS handover.
2455 dmar_disable_qi(iommu);
2458 for_each_drhd_unit(drhd) {
2462 iommu = drhd->iommu;
2464 if (dmar_enable_qi(iommu)) {
2466 * Queued Invalidate not enabled, use Register Based
2469 iommu->flush.flush_context = __iommu_flush_context;
2470 iommu->flush.flush_iotlb = __iommu_flush_iotlb;
2471 printk(KERN_INFO "IOMMU %d 0x%Lx: using Register based "
2474 (unsigned long long)drhd->reg_base_addr);
2476 iommu->flush.flush_context = qi_flush_context;
2477 iommu->flush.flush_iotlb = qi_flush_iotlb;
2478 printk(KERN_INFO "IOMMU %d 0x%Lx: using Queued "
2481 (unsigned long long)drhd->reg_base_addr);
2485 if (iommu_pass_through)
2486 iommu_identity_mapping |= IDENTMAP_ALL;
2488 #ifdef CONFIG_DMAR_BROKEN_GFX_WA
2489 iommu_identity_mapping |= IDENTMAP_GFX;
2492 check_tylersburg_isoch();
2495 * If pass through is not set or not enabled, setup context entries for
2496 * identity mappings for rmrr, gfx, and isa and may fall back to static
2497 * identity mapping if iommu_identity_mapping is set.
2499 if (iommu_identity_mapping) {
2500 ret = iommu_prepare_static_identity_mapping(hw_pass_through);
2502 printk(KERN_CRIT "Failed to setup IOMMU pass-through\n");
2508 * for each dev attached to rmrr
2510 * locate drhd for dev, alloc domain for dev
2511 * allocate free domain
2512 * allocate page table entries for rmrr
2513 * if context not allocated for bus
2514 * allocate and init context
2515 * set present in root table for this bus
2516 * init context with domain, translation etc
2520 printk(KERN_INFO "IOMMU: Setting RMRR:\n");
2521 for_each_rmrr_units(rmrr) {
2522 for (i = 0; i < rmrr->devices_cnt; i++) {
2523 pdev = rmrr->devices[i];
2525 * some BIOS lists non-exist devices in DMAR
2530 ret = iommu_prepare_rmrr_dev(rmrr, pdev);
2533 "IOMMU: mapping reserved region failed\n");
2537 iommu_prepare_isa();
2542 * global invalidate context cache
2543 * global invalidate iotlb
2544 * enable translation
2546 for_each_drhd_unit(drhd) {
2547 if (drhd->ignored) {
2549 * we always have to disable PMRs or DMA may fail on
2553 iommu_disable_protect_mem_regions(drhd->iommu);
2556 iommu = drhd->iommu;
2558 iommu_flush_write_buffer(iommu);
2560 ret = dmar_set_interrupt(iommu);
2564 iommu_set_root_entry(iommu);
2566 iommu->flush.flush_context(iommu, 0, 0, 0, DMA_CCMD_GLOBAL_INVL);
2567 iommu->flush.flush_iotlb(iommu, 0, 0, 0, DMA_TLB_GLOBAL_FLUSH);
2569 ret = iommu_enable_translation(iommu);
2573 iommu_disable_protect_mem_regions(iommu);
2578 for_each_drhd_unit(drhd) {
2581 iommu = drhd->iommu;
2588 /* This takes a number of _MM_ pages, not VTD pages */
2589 static struct iova *intel_alloc_iova(struct device *dev,
2590 struct dmar_domain *domain,
2591 unsigned long nrpages, uint64_t dma_mask)
2593 struct pci_dev *pdev = to_pci_dev(dev);
2594 struct iova *iova = NULL;
2596 /* Restrict dma_mask to the width that the iommu can handle */
2597 dma_mask = min_t(uint64_t, DOMAIN_MAX_ADDR(domain->gaw), dma_mask);
2599 if (!dmar_forcedac && dma_mask > DMA_BIT_MASK(32)) {
2601 * First try to allocate an io virtual address in
2602 * DMA_BIT_MASK(32) and if that fails then try allocating
2605 iova = alloc_iova(&domain->iovad, nrpages,
2606 IOVA_PFN(DMA_BIT_MASK(32)), 1);
2610 iova = alloc_iova(&domain->iovad, nrpages, IOVA_PFN(dma_mask), 1);
2611 if (unlikely(!iova)) {
2612 printk(KERN_ERR "Allocating %ld-page iova for %s failed",
2613 nrpages, pci_name(pdev));
2620 static struct dmar_domain *__get_valid_domain_for_dev(struct pci_dev *pdev)
2622 struct dmar_domain *domain;
2625 domain = get_domain_for_dev(pdev,
2626 DEFAULT_DOMAIN_ADDRESS_WIDTH);
2629 "Allocating domain for %s failed", pci_name(pdev));
2633 /* make sure context mapping is ok */
2634 if (unlikely(!domain_context_mapped(pdev))) {
2635 ret = domain_context_mapping(domain, pdev,
2636 CONTEXT_TT_MULTI_LEVEL);
2639 "Domain context map for %s failed",
2648 static inline struct dmar_domain *get_valid_domain_for_dev(struct pci_dev *dev)
2650 struct device_domain_info *info;
2652 /* No lock here, assumes no domain exit in normal case */
2653 info = dev->dev.archdata.iommu;
2655 return info->domain;
2657 return __get_valid_domain_for_dev(dev);
2660 static int iommu_dummy(struct pci_dev *pdev)
2662 return pdev->dev.archdata.iommu == DUMMY_DEVICE_DOMAIN_INFO;
2665 /* Check if the pdev needs to go through non-identity map and unmap process.*/
2666 static int iommu_no_mapping(struct device *dev)
2668 struct pci_dev *pdev;
2671 if (unlikely(dev->bus != &pci_bus_type))
2674 pdev = to_pci_dev(dev);
2675 if (iommu_dummy(pdev))
2678 if (!iommu_identity_mapping)
2681 found = identity_mapping(pdev);
2683 if (iommu_should_identity_map(pdev, 0))
2687 * 32 bit DMA is removed from si_domain and fall back
2688 * to non-identity mapping.
2690 domain_remove_one_dev_info(si_domain, pdev);
2691 printk(KERN_INFO "32bit %s uses non-identity mapping\n",
2697 * In case of a detached 64 bit DMA device from vm, the device
2698 * is put into si_domain for identity mapping.
2700 if (iommu_should_identity_map(pdev, 0)) {
2702 ret = domain_add_dev_info(si_domain, pdev,
2704 CONTEXT_TT_PASS_THROUGH :
2705 CONTEXT_TT_MULTI_LEVEL);
2707 printk(KERN_INFO "64bit %s uses identity mapping\n",
2717 static dma_addr_t __intel_map_single(struct device *hwdev, phys_addr_t paddr,
2718 size_t size, int dir, u64 dma_mask)
2720 struct pci_dev *pdev = to_pci_dev(hwdev);
2721 struct dmar_domain *domain;
2722 phys_addr_t start_paddr;
2726 struct intel_iommu *iommu;
2727 unsigned long paddr_pfn = paddr >> PAGE_SHIFT;
2729 BUG_ON(dir == DMA_NONE);
2731 if (iommu_no_mapping(hwdev))
2734 domain = get_valid_domain_for_dev(pdev);
2738 iommu = domain_get_iommu(domain);
2739 size = aligned_nrpages(paddr, size);
2741 iova = intel_alloc_iova(hwdev, domain, dma_to_mm_pfn(size), dma_mask);
2746 * Check if DMAR supports zero-length reads on write only
2749 if (dir == DMA_TO_DEVICE || dir == DMA_BIDIRECTIONAL || \
2750 !cap_zlr(iommu->cap))
2751 prot |= DMA_PTE_READ;
2752 if (dir == DMA_FROM_DEVICE || dir == DMA_BIDIRECTIONAL)
2753 prot |= DMA_PTE_WRITE;
2755 * paddr - (paddr + size) might be partial page, we should map the whole
2756 * page. Note: if two part of one page are separately mapped, we
2757 * might have two guest_addr mapping to the same host paddr, but this
2758 * is not a big problem
2760 ret = domain_pfn_mapping(domain, mm_to_dma_pfn(iova->pfn_lo),
2761 mm_to_dma_pfn(paddr_pfn), size, prot);
2765 /* it's a non-present to present mapping. Only flush if caching mode */
2766 if (cap_caching_mode(iommu->cap))
2767 iommu_flush_iotlb_psi(iommu, domain->id, mm_to_dma_pfn(iova->pfn_lo), size, 1);
2769 iommu_flush_write_buffer(iommu);
2771 start_paddr = (phys_addr_t)iova->pfn_lo << PAGE_SHIFT;
2772 start_paddr += paddr & ~PAGE_MASK;
2777 __free_iova(&domain->iovad, iova);
2778 printk(KERN_ERR"Device %s request: %zx@%llx dir %d --- failed\n",
2779 pci_name(pdev), size, (unsigned long long)paddr, dir);
2783 static dma_addr_t intel_map_page(struct device *dev, struct page *page,
2784 unsigned long offset, size_t size,
2785 enum dma_data_direction dir,
2786 struct dma_attrs *attrs)
2788 return __intel_map_single(dev, page_to_phys(page) + offset, size,
2789 dir, to_pci_dev(dev)->dma_mask);
2792 static void flush_unmaps(void)
2798 /* just flush them all */
2799 for (i = 0; i < g_num_of_iommus; i++) {
2800 struct intel_iommu *iommu = g_iommus[i];
2804 if (!deferred_flush[i].next)
2807 /* In caching mode, global flushes turn emulation expensive */
2808 if (!cap_caching_mode(iommu->cap))
2809 iommu->flush.flush_iotlb(iommu, 0, 0, 0,
2810 DMA_TLB_GLOBAL_FLUSH);
2811 for (j = 0; j < deferred_flush[i].next; j++) {
2813 struct iova *iova = deferred_flush[i].iova[j];
2814 struct dmar_domain *domain = deferred_flush[i].domain[j];
2816 /* On real hardware multiple invalidations are expensive */
2817 if (cap_caching_mode(iommu->cap))
2818 iommu_flush_iotlb_psi(iommu, domain->id,
2819 iova->pfn_lo, iova->pfn_hi - iova->pfn_lo + 1, 0);
2821 mask = ilog2(mm_to_dma_pfn(iova->pfn_hi - iova->pfn_lo + 1));
2822 iommu_flush_dev_iotlb(deferred_flush[i].domain[j],
2823 (uint64_t)iova->pfn_lo << PAGE_SHIFT, mask);
2825 __free_iova(&deferred_flush[i].domain[j]->iovad, iova);
2827 deferred_flush[i].next = 0;
2833 static void flush_unmaps_timeout(unsigned long data)
2835 unsigned long flags;
2837 spin_lock_irqsave(&async_umap_flush_lock, flags);
2839 spin_unlock_irqrestore(&async_umap_flush_lock, flags);
2842 static void add_unmap(struct dmar_domain *dom, struct iova *iova)
2844 unsigned long flags;
2846 struct intel_iommu *iommu;
2848 spin_lock_irqsave(&async_umap_flush_lock, flags);
2849 if (list_size == HIGH_WATER_MARK)
2852 iommu = domain_get_iommu(dom);
2853 iommu_id = iommu->seq_id;
2855 next = deferred_flush[iommu_id].next;
2856 deferred_flush[iommu_id].domain[next] = dom;
2857 deferred_flush[iommu_id].iova[next] = iova;
2858 deferred_flush[iommu_id].next++;
2861 mod_timer(&unmap_timer, jiffies + msecs_to_jiffies(10));
2865 spin_unlock_irqrestore(&async_umap_flush_lock, flags);
2868 static void intel_unmap_page(struct device *dev, dma_addr_t dev_addr,
2869 size_t size, enum dma_data_direction dir,
2870 struct dma_attrs *attrs)
2872 struct pci_dev *pdev = to_pci_dev(dev);
2873 struct dmar_domain *domain;
2874 unsigned long start_pfn, last_pfn;
2876 struct intel_iommu *iommu;
2878 if (iommu_no_mapping(dev))
2881 domain = find_domain(pdev);
2884 iommu = domain_get_iommu(domain);
2886 iova = find_iova(&domain->iovad, IOVA_PFN(dev_addr));
2887 if (WARN_ONCE(!iova, "Driver unmaps unmatched page at PFN %llx\n",
2888 (unsigned long long)dev_addr))
2891 start_pfn = mm_to_dma_pfn(iova->pfn_lo);
2892 last_pfn = mm_to_dma_pfn(iova->pfn_hi + 1) - 1;
2894 pr_debug("Device %s unmapping: pfn %lx-%lx\n",
2895 pci_name(pdev), start_pfn, last_pfn);
2897 /* clear the whole page */
2898 dma_pte_clear_range(domain, start_pfn, last_pfn);
2900 /* free page tables */
2901 dma_pte_free_pagetable(domain, start_pfn, last_pfn);
2903 if (intel_iommu_strict) {
2904 iommu_flush_iotlb_psi(iommu, domain->id, start_pfn,
2905 last_pfn - start_pfn + 1, 0);
2907 __free_iova(&domain->iovad, iova);
2909 add_unmap(domain, iova);
2911 * queue up the release of the unmap to save the 1/6th of the
2912 * cpu used up by the iotlb flush operation...
2917 static void *intel_alloc_coherent(struct device *hwdev, size_t size,
2918 dma_addr_t *dma_handle, gfp_t flags)
2923 size = PAGE_ALIGN(size);
2924 order = get_order(size);
2926 if (!iommu_no_mapping(hwdev))
2927 flags &= ~(GFP_DMA | GFP_DMA32);
2928 else if (hwdev->coherent_dma_mask < dma_get_required_mask(hwdev)) {
2929 if (hwdev->coherent_dma_mask < DMA_BIT_MASK(32))
2935 vaddr = (void *)__get_free_pages(flags, order);
2938 memset(vaddr, 0, size);
2940 *dma_handle = __intel_map_single(hwdev, virt_to_bus(vaddr), size,
2942 hwdev->coherent_dma_mask);
2945 free_pages((unsigned long)vaddr, order);
2949 static void intel_free_coherent(struct device *hwdev, size_t size, void *vaddr,
2950 dma_addr_t dma_handle)
2954 size = PAGE_ALIGN(size);
2955 order = get_order(size);
2957 intel_unmap_page(hwdev, dma_handle, size, DMA_BIDIRECTIONAL, NULL);
2958 free_pages((unsigned long)vaddr, order);
2961 static void intel_unmap_sg(struct device *hwdev, struct scatterlist *sglist,
2962 int nelems, enum dma_data_direction dir,
2963 struct dma_attrs *attrs)
2965 struct pci_dev *pdev = to_pci_dev(hwdev);
2966 struct dmar_domain *domain;
2967 unsigned long start_pfn, last_pfn;
2969 struct intel_iommu *iommu;
2971 if (iommu_no_mapping(hwdev))
2974 domain = find_domain(pdev);
2977 iommu = domain_get_iommu(domain);
2979 iova = find_iova(&domain->iovad, IOVA_PFN(sglist[0].dma_address));
2980 if (WARN_ONCE(!iova, "Driver unmaps unmatched sglist at PFN %llx\n",
2981 (unsigned long long)sglist[0].dma_address))
2984 start_pfn = mm_to_dma_pfn(iova->pfn_lo);
2985 last_pfn = mm_to_dma_pfn(iova->pfn_hi + 1) - 1;
2987 /* clear the whole page */
2988 dma_pte_clear_range(domain, start_pfn, last_pfn);
2990 /* free page tables */
2991 dma_pte_free_pagetable(domain, start_pfn, last_pfn);
2993 if (intel_iommu_strict) {
2994 iommu_flush_iotlb_psi(iommu, domain->id, start_pfn,
2995 last_pfn - start_pfn + 1, 0);
2997 __free_iova(&domain->iovad, iova);
2999 add_unmap(domain, iova);
3001 * queue up the release of the unmap to save the 1/6th of the
3002 * cpu used up by the iotlb flush operation...
3007 static int intel_nontranslate_map_sg(struct device *hddev,
3008 struct scatterlist *sglist, int nelems, int dir)
3011 struct scatterlist *sg;
3013 for_each_sg(sglist, sg, nelems, i) {
3014 BUG_ON(!sg_page(sg));
3015 sg->dma_address = page_to_phys(sg_page(sg)) + sg->offset;
3016 sg->dma_length = sg->length;
3021 static int intel_map_sg(struct device *hwdev, struct scatterlist *sglist, int nelems,
3022 enum dma_data_direction dir, struct dma_attrs *attrs)
3025 struct pci_dev *pdev = to_pci_dev(hwdev);
3026 struct dmar_domain *domain;
3029 struct iova *iova = NULL;
3031 struct scatterlist *sg;
3032 unsigned long start_vpfn;
3033 struct intel_iommu *iommu;
3035 BUG_ON(dir == DMA_NONE);
3036 if (iommu_no_mapping(hwdev))
3037 return intel_nontranslate_map_sg(hwdev, sglist, nelems, dir);
3039 domain = get_valid_domain_for_dev(pdev);
3043 iommu = domain_get_iommu(domain);
3045 for_each_sg(sglist, sg, nelems, i)
3046 size += aligned_nrpages(sg->offset, sg->length);
3048 iova = intel_alloc_iova(hwdev, domain, dma_to_mm_pfn(size),
3051 sglist->dma_length = 0;
3056 * Check if DMAR supports zero-length reads on write only
3059 if (dir == DMA_TO_DEVICE || dir == DMA_BIDIRECTIONAL || \
3060 !cap_zlr(iommu->cap))
3061 prot |= DMA_PTE_READ;
3062 if (dir == DMA_FROM_DEVICE || dir == DMA_BIDIRECTIONAL)
3063 prot |= DMA_PTE_WRITE;
3065 start_vpfn = mm_to_dma_pfn(iova->pfn_lo);
3067 ret = domain_sg_mapping(domain, start_vpfn, sglist, size, prot);
3068 if (unlikely(ret)) {
3069 /* clear the page */
3070 dma_pte_clear_range(domain, start_vpfn,
3071 start_vpfn + size - 1);
3072 /* free page tables */
3073 dma_pte_free_pagetable(domain, start_vpfn,
3074 start_vpfn + size - 1);
3076 __free_iova(&domain->iovad, iova);
3080 /* it's a non-present to present mapping. Only flush if caching mode */
3081 if (cap_caching_mode(iommu->cap))
3082 iommu_flush_iotlb_psi(iommu, domain->id, start_vpfn, size, 1);
3084 iommu_flush_write_buffer(iommu);
3089 static int intel_mapping_error(struct device *dev, dma_addr_t dma_addr)
3094 struct dma_map_ops intel_dma_ops = {
3095 .alloc_coherent = intel_alloc_coherent,
3096 .free_coherent = intel_free_coherent,
3097 .map_sg = intel_map_sg,
3098 .unmap_sg = intel_unmap_sg,
3099 .map_page = intel_map_page,
3100 .unmap_page = intel_unmap_page,
3101 .mapping_error = intel_mapping_error,
3104 static inline int iommu_domain_cache_init(void)
3108 iommu_domain_cache = kmem_cache_create("iommu_domain",
3109 sizeof(struct dmar_domain),
3114 if (!iommu_domain_cache) {
3115 printk(KERN_ERR "Couldn't create iommu_domain cache\n");
3122 static inline int iommu_devinfo_cache_init(void)
3126 iommu_devinfo_cache = kmem_cache_create("iommu_devinfo",
3127 sizeof(struct device_domain_info),
3131 if (!iommu_devinfo_cache) {
3132 printk(KERN_ERR "Couldn't create devinfo cache\n");
3139 static inline int iommu_iova_cache_init(void)
3143 iommu_iova_cache = kmem_cache_create("iommu_iova",
3144 sizeof(struct iova),
3148 if (!iommu_iova_cache) {
3149 printk(KERN_ERR "Couldn't create iova cache\n");
3156 static int __init iommu_init_mempool(void)
3159 ret = iommu_iova_cache_init();
3163 ret = iommu_domain_cache_init();
3167 ret = iommu_devinfo_cache_init();
3171 kmem_cache_destroy(iommu_domain_cache);
3173 kmem_cache_destroy(iommu_iova_cache);
3178 static void __init iommu_exit_mempool(void)
3180 kmem_cache_destroy(iommu_devinfo_cache);
3181 kmem_cache_destroy(iommu_domain_cache);
3182 kmem_cache_destroy(iommu_iova_cache);
3186 static void quirk_ioat_snb_local_iommu(struct pci_dev *pdev)
3188 struct dmar_drhd_unit *drhd;
3192 /* We know that this device on this chipset has its own IOMMU.
3193 * If we find it under a different IOMMU, then the BIOS is lying
3194 * to us. Hope that the IOMMU for this device is actually
3195 * disabled, and it needs no translation...
3197 rc = pci_bus_read_config_dword(pdev->bus, PCI_DEVFN(0, 0), 0xb0, &vtbar);
3199 /* "can't" happen */
3200 dev_info(&pdev->dev, "failed to run vt-d quirk\n");
3203 vtbar &= 0xffff0000;
3205 /* we know that the this iommu should be at offset 0xa000 from vtbar */
3206 drhd = dmar_find_matched_drhd_unit(pdev);
3207 if (WARN_TAINT_ONCE(!drhd || drhd->reg_base_addr - vtbar != 0xa000,
3208 TAINT_FIRMWARE_WORKAROUND,
3209 "BIOS assigned incorrect VT-d unit for Intel(R) QuickData Technology device\n"))
3210 pdev->dev.archdata.iommu = DUMMY_DEVICE_DOMAIN_INFO;
3212 DECLARE_PCI_FIXUP_ENABLE(PCI_VENDOR_ID_INTEL, PCI_DEVICE_ID_INTEL_IOAT_SNB, quirk_ioat_snb_local_iommu);
3214 static void __init init_no_remapping_devices(void)
3216 struct dmar_drhd_unit *drhd;
3218 for_each_drhd_unit(drhd) {
3219 if (!drhd->include_all) {
3221 for (i = 0; i < drhd->devices_cnt; i++)
3222 if (drhd->devices[i] != NULL)
3224 /* ignore DMAR unit if no pci devices exist */
3225 if (i == drhd->devices_cnt)
3233 for_each_drhd_unit(drhd) {
3235 if (drhd->ignored || drhd->include_all)
3238 for (i = 0; i < drhd->devices_cnt; i++)
3239 if (drhd->devices[i] &&
3240 !IS_GFX_DEVICE(drhd->devices[i]))
3243 if (i < drhd->devices_cnt)
3246 /* bypass IOMMU if it is just for gfx devices */
3248 for (i = 0; i < drhd->devices_cnt; i++) {
3249 if (!drhd->devices[i])
3251 drhd->devices[i]->dev.archdata.iommu = DUMMY_DEVICE_DOMAIN_INFO;
3256 #ifdef CONFIG_SUSPEND
3257 static int init_iommu_hw(void)
3259 struct dmar_drhd_unit *drhd;
3260 struct intel_iommu *iommu = NULL;
3262 for_each_active_iommu(iommu, drhd)
3264 dmar_reenable_qi(iommu);
3266 for_each_iommu(iommu, drhd) {
3267 if (drhd->ignored) {
3269 * we always have to disable PMRs or DMA may fail on
3273 iommu_disable_protect_mem_regions(iommu);
3277 iommu_flush_write_buffer(iommu);
3279 iommu_set_root_entry(iommu);
3281 iommu->flush.flush_context(iommu, 0, 0, 0,
3282 DMA_CCMD_GLOBAL_INVL);
3283 iommu->flush.flush_iotlb(iommu, 0, 0, 0,
3284 DMA_TLB_GLOBAL_FLUSH);
3285 if (iommu_enable_translation(iommu))
3287 iommu_disable_protect_mem_regions(iommu);
3293 static void iommu_flush_all(void)
3295 struct dmar_drhd_unit *drhd;
3296 struct intel_iommu *iommu;
3298 for_each_active_iommu(iommu, drhd) {
3299 iommu->flush.flush_context(iommu, 0, 0, 0,
3300 DMA_CCMD_GLOBAL_INVL);
3301 iommu->flush.flush_iotlb(iommu, 0, 0, 0,
3302 DMA_TLB_GLOBAL_FLUSH);
3306 static int iommu_suspend(void)
3308 struct dmar_drhd_unit *drhd;
3309 struct intel_iommu *iommu = NULL;
3312 for_each_active_iommu(iommu, drhd) {
3313 iommu->iommu_state = kzalloc(sizeof(u32) * MAX_SR_DMAR_REGS,
3315 if (!iommu->iommu_state)
3321 for_each_active_iommu(iommu, drhd) {
3322 iommu_disable_translation(iommu);
3324 spin_lock_irqsave(&iommu->register_lock, flag);
3326 iommu->iommu_state[SR_DMAR_FECTL_REG] =
3327 readl(iommu->reg + DMAR_FECTL_REG);
3328 iommu->iommu_state[SR_DMAR_FEDATA_REG] =
3329 readl(iommu->reg + DMAR_FEDATA_REG);
3330 iommu->iommu_state[SR_DMAR_FEADDR_REG] =
3331 readl(iommu->reg + DMAR_FEADDR_REG);
3332 iommu->iommu_state[SR_DMAR_FEUADDR_REG] =
3333 readl(iommu->reg + DMAR_FEUADDR_REG);
3335 spin_unlock_irqrestore(&iommu->register_lock, flag);
3340 for_each_active_iommu(iommu, drhd)
3341 kfree(iommu->iommu_state);
3346 static void iommu_resume(void)
3348 struct dmar_drhd_unit *drhd;
3349 struct intel_iommu *iommu = NULL;
3352 if (init_iommu_hw()) {
3354 panic("tboot: IOMMU setup failed, DMAR can not resume!\n");
3356 WARN(1, "IOMMU setup failed, DMAR can not resume!\n");
3360 for_each_active_iommu(iommu, drhd) {
3362 spin_lock_irqsave(&iommu->register_lock, flag);
3364 writel(iommu->iommu_state[SR_DMAR_FECTL_REG],
3365 iommu->reg + DMAR_FECTL_REG);
3366 writel(iommu->iommu_state[SR_DMAR_FEDATA_REG],
3367 iommu->reg + DMAR_FEDATA_REG);
3368 writel(iommu->iommu_state[SR_DMAR_FEADDR_REG],
3369 iommu->reg + DMAR_FEADDR_REG);
3370 writel(iommu->iommu_state[SR_DMAR_FEUADDR_REG],
3371 iommu->reg + DMAR_FEUADDR_REG);
3373 spin_unlock_irqrestore(&iommu->register_lock, flag);
3376 for_each_active_iommu(iommu, drhd)
3377 kfree(iommu->iommu_state);
3380 static struct syscore_ops iommu_syscore_ops = {
3381 .resume = iommu_resume,
3382 .suspend = iommu_suspend,
3385 static void __init init_iommu_pm_ops(void)
3387 register_syscore_ops(&iommu_syscore_ops);
3391 static inline int init_iommu_pm_ops(void) { }
3392 #endif /* CONFIG_PM */
3395 * Here we only respond to action of unbound device from driver.
3397 * Added device is not attached to its DMAR domain here yet. That will happen
3398 * when mapping the device to iova.
3400 static int device_notifier(struct notifier_block *nb,
3401 unsigned long action, void *data)
3403 struct device *dev = data;
3404 struct pci_dev *pdev = to_pci_dev(dev);
3405 struct dmar_domain *domain;
3407 if (iommu_no_mapping(dev))
3410 domain = find_domain(pdev);
3414 if (action == BUS_NOTIFY_UNBOUND_DRIVER && !iommu_pass_through) {
3415 domain_remove_one_dev_info(domain, pdev);
3417 if (!(domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE) &&
3418 !(domain->flags & DOMAIN_FLAG_STATIC_IDENTITY) &&
3419 list_empty(&domain->devices))
3420 domain_exit(domain);
3426 static struct notifier_block device_nb = {
3427 .notifier_call = device_notifier,
3430 int __init intel_iommu_init(void)
3434 /* VT-d is required for a TXT/tboot launch, so enforce that */
3435 force_on = tboot_force_iommu();
3437 if (dmar_table_init()) {
3439 panic("tboot: Failed to initialize DMAR table\n");
3443 if (dmar_dev_scope_init()) {
3445 panic("tboot: Failed to initialize DMAR device scope\n");
3450 * Check the need for DMA-remapping initialization now.
3451 * Above initialization will also be used by Interrupt-remapping.
3453 if (no_iommu || dmar_disabled)
3456 if (iommu_init_mempool()) {
3458 panic("tboot: Failed to initialize iommu memory\n");
3462 if (dmar_init_reserved_ranges()) {
3464 panic("tboot: Failed to reserve iommu ranges\n");
3468 init_no_remapping_devices();
3473 panic("tboot: Failed to initialize DMARs\n");
3474 printk(KERN_ERR "IOMMU: dmar init failed\n");
3475 put_iova_domain(&reserved_iova_list);
3476 iommu_exit_mempool();
3480 "PCI-DMA: Intel(R) Virtualization Technology for Directed I/O\n");
3482 init_timer(&unmap_timer);
3483 #ifdef CONFIG_SWIOTLB
3486 dma_ops = &intel_dma_ops;
3488 init_iommu_pm_ops();
3490 register_iommu(&intel_iommu_ops);
3492 bus_register_notifier(&pci_bus_type, &device_nb);
3497 static void iommu_detach_dependent_devices(struct intel_iommu *iommu,
3498 struct pci_dev *pdev)
3500 struct pci_dev *tmp, *parent;
3502 if (!iommu || !pdev)
3505 /* dependent device detach */
3506 tmp = pci_find_upstream_pcie_bridge(pdev);
3507 /* Secondary interface's bus number and devfn 0 */
3509 parent = pdev->bus->self;
3510 while (parent != tmp) {
3511 iommu_detach_dev(iommu, parent->bus->number,
3513 parent = parent->bus->self;
3515 if (pci_is_pcie(tmp)) /* this is a PCIe-to-PCI bridge */
3516 iommu_detach_dev(iommu,
3517 tmp->subordinate->number, 0);
3518 else /* this is a legacy PCI bridge */
3519 iommu_detach_dev(iommu, tmp->bus->number,
3524 static void domain_remove_one_dev_info(struct dmar_domain *domain,
3525 struct pci_dev *pdev)
3527 struct device_domain_info *info;
3528 struct intel_iommu *iommu;
3529 unsigned long flags;
3531 struct list_head *entry, *tmp;
3533 iommu = device_to_iommu(pci_domain_nr(pdev->bus), pdev->bus->number,
3538 spin_lock_irqsave(&device_domain_lock, flags);
3539 list_for_each_safe(entry, tmp, &domain->devices) {
3540 info = list_entry(entry, struct device_domain_info, link);
3541 if (info->segment == pci_domain_nr(pdev->bus) &&
3542 info->bus == pdev->bus->number &&
3543 info->devfn == pdev->devfn) {
3544 list_del(&info->link);
3545 list_del(&info->global);
3547 info->dev->dev.archdata.iommu = NULL;
3548 spin_unlock_irqrestore(&device_domain_lock, flags);
3550 iommu_disable_dev_iotlb(info);
3551 iommu_detach_dev(iommu, info->bus, info->devfn);
3552 iommu_detach_dependent_devices(iommu, pdev);
3553 free_devinfo_mem(info);
3555 spin_lock_irqsave(&device_domain_lock, flags);
3563 /* if there is no other devices under the same iommu
3564 * owned by this domain, clear this iommu in iommu_bmp
3565 * update iommu count and coherency
3567 if (iommu == device_to_iommu(info->segment, info->bus,
3573 unsigned long tmp_flags;
3574 spin_lock_irqsave(&domain->iommu_lock, tmp_flags);
3575 clear_bit(iommu->seq_id, &domain->iommu_bmp);
3576 domain->iommu_count--;
3577 domain_update_iommu_cap(domain);
3578 spin_unlock_irqrestore(&domain->iommu_lock, tmp_flags);
3580 if (!(domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE) &&
3581 !(domain->flags & DOMAIN_FLAG_STATIC_IDENTITY)) {
3582 spin_lock_irqsave(&iommu->lock, tmp_flags);
3583 clear_bit(domain->id, iommu->domain_ids);
3584 iommu->domains[domain->id] = NULL;
3585 spin_unlock_irqrestore(&iommu->lock, tmp_flags);
3589 spin_unlock_irqrestore(&device_domain_lock, flags);
3592 static void vm_domain_remove_all_dev_info(struct dmar_domain *domain)
3594 struct device_domain_info *info;
3595 struct intel_iommu *iommu;
3596 unsigned long flags1, flags2;
3598 spin_lock_irqsave(&device_domain_lock, flags1);
3599 while (!list_empty(&domain->devices)) {
3600 info = list_entry(domain->devices.next,
3601 struct device_domain_info, link);
3602 list_del(&info->link);
3603 list_del(&info->global);
3605 info->dev->dev.archdata.iommu = NULL;
3607 spin_unlock_irqrestore(&device_domain_lock, flags1);
3609 iommu_disable_dev_iotlb(info);
3610 iommu = device_to_iommu(info->segment, info->bus, info->devfn);
3611 iommu_detach_dev(iommu, info->bus, info->devfn);
3612 iommu_detach_dependent_devices(iommu, info->dev);
3614 /* clear this iommu in iommu_bmp, update iommu count
3617 spin_lock_irqsave(&domain->iommu_lock, flags2);
3618 if (test_and_clear_bit(iommu->seq_id,
3619 &domain->iommu_bmp)) {
3620 domain->iommu_count--;
3621 domain_update_iommu_cap(domain);
3623 spin_unlock_irqrestore(&domain->iommu_lock, flags2);
3625 free_devinfo_mem(info);
3626 spin_lock_irqsave(&device_domain_lock, flags1);
3628 spin_unlock_irqrestore(&device_domain_lock, flags1);
3631 /* domain id for virtual machine, it won't be set in context */
3632 static unsigned long vm_domid;
3634 static struct dmar_domain *iommu_alloc_vm_domain(void)
3636 struct dmar_domain *domain;
3638 domain = alloc_domain_mem();
3642 domain->id = vm_domid++;
3644 memset(&domain->iommu_bmp, 0, sizeof(unsigned long));
3645 domain->flags = DOMAIN_FLAG_VIRTUAL_MACHINE;
3650 static int md_domain_init(struct dmar_domain *domain, int guest_width)
3654 init_iova_domain(&domain->iovad, DMA_32BIT_PFN);
3655 spin_lock_init(&domain->iommu_lock);
3657 domain_reserve_special_ranges(domain);
3659 /* calculate AGAW */
3660 domain->gaw = guest_width;
3661 adjust_width = guestwidth_to_adjustwidth(guest_width);
3662 domain->agaw = width_to_agaw(adjust_width);
3664 INIT_LIST_HEAD(&domain->devices);
3666 domain->iommu_count = 0;
3667 domain->iommu_coherency = 0;
3668 domain->iommu_snooping = 0;
3669 domain->iommu_superpage = 0;
3670 domain->max_addr = 0;
3673 /* always allocate the top pgd */
3674 domain->pgd = (struct dma_pte *)alloc_pgtable_page(domain->nid);
3677 domain_flush_cache(domain, domain->pgd, PAGE_SIZE);
3681 static void iommu_free_vm_domain(struct dmar_domain *domain)
3683 unsigned long flags;
3684 struct dmar_drhd_unit *drhd;
3685 struct intel_iommu *iommu;
3687 unsigned long ndomains;
3689 for_each_drhd_unit(drhd) {
3692 iommu = drhd->iommu;
3694 ndomains = cap_ndoms(iommu->cap);
3695 for_each_set_bit(i, iommu->domain_ids, ndomains) {
3696 if (iommu->domains[i] == domain) {
3697 spin_lock_irqsave(&iommu->lock, flags);
3698 clear_bit(i, iommu->domain_ids);
3699 iommu->domains[i] = NULL;
3700 spin_unlock_irqrestore(&iommu->lock, flags);
3707 static void vm_domain_exit(struct dmar_domain *domain)
3709 /* Domain 0 is reserved, so dont process it */
3713 vm_domain_remove_all_dev_info(domain);
3715 put_iova_domain(&domain->iovad);
3718 dma_pte_clear_range(domain, 0, DOMAIN_MAX_PFN(domain->gaw));
3720 /* free page tables */
3721 dma_pte_free_pagetable(domain, 0, DOMAIN_MAX_PFN(domain->gaw));
3723 iommu_free_vm_domain(domain);
3724 free_domain_mem(domain);
3727 static int intel_iommu_domain_init(struct iommu_domain *domain)
3729 struct dmar_domain *dmar_domain;
3731 dmar_domain = iommu_alloc_vm_domain();
3734 "intel_iommu_domain_init: dmar_domain == NULL\n");
3737 if (md_domain_init(dmar_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
3739 "intel_iommu_domain_init() failed\n");
3740 vm_domain_exit(dmar_domain);
3743 domain->priv = dmar_domain;
3748 static void intel_iommu_domain_destroy(struct iommu_domain *domain)
3750 struct dmar_domain *dmar_domain = domain->priv;
3752 domain->priv = NULL;
3753 vm_domain_exit(dmar_domain);
3756 static int intel_iommu_attach_device(struct iommu_domain *domain,
3759 struct dmar_domain *dmar_domain = domain->priv;
3760 struct pci_dev *pdev = to_pci_dev(dev);
3761 struct intel_iommu *iommu;
3764 /* normally pdev is not mapped */
3765 if (unlikely(domain_context_mapped(pdev))) {
3766 struct dmar_domain *old_domain;
3768 old_domain = find_domain(pdev);
3770 if (dmar_domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE ||
3771 dmar_domain->flags & DOMAIN_FLAG_STATIC_IDENTITY)
3772 domain_remove_one_dev_info(old_domain, pdev);
3774 domain_remove_dev_info(old_domain);
3778 iommu = device_to_iommu(pci_domain_nr(pdev->bus), pdev->bus->number,
3783 /* check if this iommu agaw is sufficient for max mapped address */
3784 addr_width = agaw_to_width(iommu->agaw);
3785 if (addr_width > cap_mgaw(iommu->cap))
3786 addr_width = cap_mgaw(iommu->cap);
3788 if (dmar_domain->max_addr > (1LL << addr_width)) {
3789 printk(KERN_ERR "%s: iommu width (%d) is not "
3790 "sufficient for the mapped address (%llx)\n",
3791 __func__, addr_width, dmar_domain->max_addr);
3794 dmar_domain->gaw = addr_width;
3797 * Knock out extra levels of page tables if necessary
3799 while (iommu->agaw < dmar_domain->agaw) {
3800 struct dma_pte *pte;
3802 pte = dmar_domain->pgd;
3803 if (dma_pte_present(pte)) {
3804 dmar_domain->pgd = (struct dma_pte *)
3805 phys_to_virt(dma_pte_addr(pte));
3806 free_pgtable_page(pte);
3808 dmar_domain->agaw--;
3811 return domain_add_dev_info(dmar_domain, pdev, CONTEXT_TT_MULTI_LEVEL);
3814 static void intel_iommu_detach_device(struct iommu_domain *domain,
3817 struct dmar_domain *dmar_domain = domain->priv;
3818 struct pci_dev *pdev = to_pci_dev(dev);
3820 domain_remove_one_dev_info(dmar_domain, pdev);
3823 static int intel_iommu_map(struct iommu_domain *domain,
3824 unsigned long iova, phys_addr_t hpa,
3825 int gfp_order, int iommu_prot)
3827 struct dmar_domain *dmar_domain = domain->priv;
3833 if (iommu_prot & IOMMU_READ)
3834 prot |= DMA_PTE_READ;
3835 if (iommu_prot & IOMMU_WRITE)
3836 prot |= DMA_PTE_WRITE;
3837 if ((iommu_prot & IOMMU_CACHE) && dmar_domain->iommu_snooping)
3838 prot |= DMA_PTE_SNP;
3840 size = PAGE_SIZE << gfp_order;
3841 max_addr = iova + size;
3842 if (dmar_domain->max_addr < max_addr) {
3845 /* check if minimum agaw is sufficient for mapped address */
3846 end = __DOMAIN_MAX_ADDR(dmar_domain->gaw) + 1;
3847 if (end < max_addr) {
3848 printk(KERN_ERR "%s: iommu width (%d) is not "
3849 "sufficient for the mapped address (%llx)\n",
3850 __func__, dmar_domain->gaw, max_addr);
3853 dmar_domain->max_addr = max_addr;
3855 /* Round up size to next multiple of PAGE_SIZE, if it and
3856 the low bits of hpa would take us onto the next page */
3857 size = aligned_nrpages(hpa, size);
3858 ret = domain_pfn_mapping(dmar_domain, iova >> VTD_PAGE_SHIFT,
3859 hpa >> VTD_PAGE_SHIFT, size, prot);
3863 static int intel_iommu_unmap(struct iommu_domain *domain,
3864 unsigned long iova, int gfp_order)
3866 struct dmar_domain *dmar_domain = domain->priv;
3867 size_t size = PAGE_SIZE << gfp_order;
3869 dma_pte_clear_range(dmar_domain, iova >> VTD_PAGE_SHIFT,
3870 (iova + size - 1) >> VTD_PAGE_SHIFT);
3872 if (dmar_domain->max_addr == iova + size)
3873 dmar_domain->max_addr = iova;
3878 static phys_addr_t intel_iommu_iova_to_phys(struct iommu_domain *domain,
3881 struct dmar_domain *dmar_domain = domain->priv;
3882 struct dma_pte *pte;
3885 pte = pfn_to_dma_pte(dmar_domain, iova >> VTD_PAGE_SHIFT, 0);
3887 phys = dma_pte_addr(pte);
3892 static int intel_iommu_domain_has_cap(struct iommu_domain *domain,
3895 struct dmar_domain *dmar_domain = domain->priv;
3897 if (cap == IOMMU_CAP_CACHE_COHERENCY)
3898 return dmar_domain->iommu_snooping;
3899 if (cap == IOMMU_CAP_INTR_REMAP)
3900 return intr_remapping_enabled;
3905 static struct iommu_ops intel_iommu_ops = {
3906 .domain_init = intel_iommu_domain_init,
3907 .domain_destroy = intel_iommu_domain_destroy,
3908 .attach_dev = intel_iommu_attach_device,
3909 .detach_dev = intel_iommu_detach_device,
3910 .map = intel_iommu_map,
3911 .unmap = intel_iommu_unmap,
3912 .iova_to_phys = intel_iommu_iova_to_phys,
3913 .domain_has_cap = intel_iommu_domain_has_cap,
3916 static void __devinit quirk_iommu_rwbf(struct pci_dev *dev)
3919 * Mobile 4 Series Chipset neglects to set RWBF capability,
3922 printk(KERN_INFO "DMAR: Forcing write-buffer flush capability\n");
3925 /* https://bugzilla.redhat.com/show_bug.cgi?id=538163 */
3926 if (dev->revision == 0x07) {
3927 printk(KERN_INFO "DMAR: Disabling IOMMU for graphics on this chipset\n");
3932 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2a40, quirk_iommu_rwbf);
3935 #define GGC_MEMORY_SIZE_MASK (0xf << 8)
3936 #define GGC_MEMORY_SIZE_NONE (0x0 << 8)
3937 #define GGC_MEMORY_SIZE_1M (0x1 << 8)
3938 #define GGC_MEMORY_SIZE_2M (0x3 << 8)
3939 #define GGC_MEMORY_VT_ENABLED (0x8 << 8)
3940 #define GGC_MEMORY_SIZE_2M_VT (0x9 << 8)
3941 #define GGC_MEMORY_SIZE_3M_VT (0xa << 8)
3942 #define GGC_MEMORY_SIZE_4M_VT (0xb << 8)
3944 static void __devinit quirk_calpella_no_shadow_gtt(struct pci_dev *dev)
3948 if (pci_read_config_word(dev, GGC, &ggc))
3951 if (!(ggc & GGC_MEMORY_VT_ENABLED)) {
3952 printk(KERN_INFO "DMAR: BIOS has allocated no shadow GTT; disabling IOMMU for graphics\n");
3956 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0040, quirk_calpella_no_shadow_gtt);
3957 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0044, quirk_calpella_no_shadow_gtt);
3958 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0062, quirk_calpella_no_shadow_gtt);
3959 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x006a, quirk_calpella_no_shadow_gtt);
3961 /* On Tylersburg chipsets, some BIOSes have been known to enable the
3962 ISOCH DMAR unit for the Azalia sound device, but not give it any
3963 TLB entries, which causes it to deadlock. Check for that. We do
3964 this in a function called from init_dmars(), instead of in a PCI
3965 quirk, because we don't want to print the obnoxious "BIOS broken"
3966 message if VT-d is actually disabled.
3968 static void __init check_tylersburg_isoch(void)
3970 struct pci_dev *pdev;
3971 uint32_t vtisochctrl;
3973 /* If there's no Azalia in the system anyway, forget it. */
3974 pdev = pci_get_device(PCI_VENDOR_ID_INTEL, 0x3a3e, NULL);
3979 /* System Management Registers. Might be hidden, in which case
3980 we can't do the sanity check. But that's OK, because the
3981 known-broken BIOSes _don't_ actually hide it, so far. */
3982 pdev = pci_get_device(PCI_VENDOR_ID_INTEL, 0x342e, NULL);
3986 if (pci_read_config_dword(pdev, 0x188, &vtisochctrl)) {
3993 /* If Azalia DMA is routed to the non-isoch DMAR unit, fine. */
3994 if (vtisochctrl & 1)
3997 /* Drop all bits other than the number of TLB entries */
3998 vtisochctrl &= 0x1c;
4000 /* If we have the recommended number of TLB entries (16), fine. */
4001 if (vtisochctrl == 0x10)
4004 /* Zero TLB entries? You get to ride the short bus to school. */
4006 WARN(1, "Your BIOS is broken; DMA routed to ISOCH DMAR unit but no TLB space.\n"
4007 "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
4008 dmi_get_system_info(DMI_BIOS_VENDOR),
4009 dmi_get_system_info(DMI_BIOS_VERSION),
4010 dmi_get_system_info(DMI_PRODUCT_VERSION));
4011 iommu_identity_mapping |= IDENTMAP_AZALIA;
4015 printk(KERN_WARNING "DMAR: Recommended TLB entries for ISOCH unit is 16; your BIOS set %d\n",
git.openpandora.org / pandora-kernel.git / blob