1 // SPDX-License-Identifier: GPL-2.0-only
3 * Copyright (C) 2007-2010 Advanced Micro Devices, Inc.
4 * Author: Joerg Roedel <jroedel@suse.de>
5 * Leo Duran <leo.duran@amd.com>
8 #define pr_fmt(fmt) "AMD-Vi: " fmt
9 #define dev_fmt(fmt) pr_fmt(fmt)
11 #include <linux/ratelimit.h>
12 #include <linux/pci.h>
13 #include <linux/acpi.h>
14 #include <linux/amba/bus.h>
15 #include <linux/platform_device.h>
16 #include <linux/pci-ats.h>
17 #include <linux/bitmap.h>
18 #include <linux/slab.h>
19 #include <linux/debugfs.h>
20 #include <linux/scatterlist.h>
21 #include <linux/dma-mapping.h>
22 #include <linux/dma-direct.h>
23 #include <linux/dma-iommu.h>
24 #include <linux/iommu-helper.h>
25 #include <linux/iommu.h>
26 #include <linux/delay.h>
27 #include <linux/amd-iommu.h>
28 #include <linux/notifier.h>
29 #include <linux/export.h>
30 #include <linux/irq.h>
31 #include <linux/msi.h>
32 #include <linux/dma-contiguous.h>
33 #include <linux/irqdomain.h>
34 #include <linux/percpu.h>
35 #include <linux/iova.h>
36 #include <asm/irq_remapping.h>
37 #include <asm/io_apic.h>
39 #include <asm/hw_irq.h>
40 #include <asm/msidef.h>
41 #include <asm/proto.h>
42 #include <asm/iommu.h>
46 #include "amd_iommu_proto.h"
47 #include "amd_iommu_types.h"
48 #include "irq_remapping.h"
50 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
52 #define LOOP_TIMEOUT 100000
54 /* IO virtual address start page frame number */
55 #define IOVA_START_PFN (1)
56 #define IOVA_PFN(addr) ((addr) >> PAGE_SHIFT)
58 /* Reserved IOVA ranges */
59 #define MSI_RANGE_START (0xfee00000)
60 #define MSI_RANGE_END (0xfeefffff)
61 #define HT_RANGE_START (0xfd00000000ULL)
62 #define HT_RANGE_END (0xffffffffffULL)
65 * This bitmap is used to advertise the page sizes our hardware support
66 * to the IOMMU core, which will then use this information to split
67 * physically contiguous memory regions it is mapping into page sizes
70 * 512GB Pages are not supported due to a hardware bug
72 #define AMD_IOMMU_PGSIZES ((~0xFFFUL) & ~(2ULL << 38))
74 static DEFINE_SPINLOCK(pd_bitmap_lock);
76 /* List of all available dev_data structures */
77 static LLIST_HEAD(dev_data_list);
79 LIST_HEAD(ioapic_map);
81 LIST_HEAD(acpihid_map);
84 * Domain for untranslated devices - only allocated
85 * if iommu=pt passed on kernel cmd line.
87 const struct iommu_ops amd_iommu_ops;
89 static ATOMIC_NOTIFIER_HEAD(ppr_notifier);
90 int amd_iommu_max_glx_val = -1;
93 * general struct to manage commands send to an IOMMU
99 struct kmem_cache *amd_iommu_irq_cache;
101 static void update_domain(struct protection_domain *domain);
102 static int protection_domain_init(struct protection_domain *domain);
103 static void detach_device(struct device *dev);
104 static void update_and_flush_device_table(struct protection_domain *domain,
105 struct domain_pgtable *pgtable);
107 /****************************************************************************
111 ****************************************************************************/
113 static inline u16 get_pci_device_id(struct device *dev)
115 struct pci_dev *pdev = to_pci_dev(dev);
117 return pci_dev_id(pdev);
120 static inline int get_acpihid_device_id(struct device *dev,
121 struct acpihid_map_entry **entry)
123 struct acpi_device *adev = ACPI_COMPANION(dev);
124 struct acpihid_map_entry *p;
129 list_for_each_entry(p, &acpihid_map, list) {
130 if (acpi_dev_hid_uid_match(adev, p->hid,
131 p->uid[0] ? p->uid : NULL)) {
140 static inline int get_device_id(struct device *dev)
145 devid = get_pci_device_id(dev);
147 devid = get_acpihid_device_id(dev, NULL);
152 static struct protection_domain *to_pdomain(struct iommu_domain *dom)
154 return container_of(dom, struct protection_domain, domain);
157 static void amd_iommu_domain_get_pgtable(struct protection_domain *domain,
158 struct domain_pgtable *pgtable)
160 u64 pt_root = atomic64_read(&domain->pt_root);
162 pgtable->root = (u64 *)(pt_root & PAGE_MASK);
163 pgtable->mode = pt_root & 7; /* lowest 3 bits encode pgtable mode */
166 static u64 amd_iommu_domain_encode_pgtable(u64 *root, int mode)
170 /* lowest 3 bits encode pgtable mode */
172 pt_root |= (u64)root;
177 static struct iommu_dev_data *alloc_dev_data(u16 devid)
179 struct iommu_dev_data *dev_data;
181 dev_data = kzalloc(sizeof(*dev_data), GFP_KERNEL);
185 spin_lock_init(&dev_data->lock);
186 dev_data->devid = devid;
187 ratelimit_default_init(&dev_data->rs);
189 llist_add(&dev_data->dev_data_list, &dev_data_list);
193 static struct iommu_dev_data *search_dev_data(u16 devid)
195 struct iommu_dev_data *dev_data;
196 struct llist_node *node;
198 if (llist_empty(&dev_data_list))
201 node = dev_data_list.first;
202 llist_for_each_entry(dev_data, node, dev_data_list) {
203 if (dev_data->devid == devid)
210 static int clone_alias(struct pci_dev *pdev, u16 alias, void *data)
212 u16 devid = pci_dev_id(pdev);
217 amd_iommu_rlookup_table[alias] =
218 amd_iommu_rlookup_table[devid];
219 memcpy(amd_iommu_dev_table[alias].data,
220 amd_iommu_dev_table[devid].data,
221 sizeof(amd_iommu_dev_table[alias].data));
226 static void clone_aliases(struct pci_dev *pdev)
232 * The IVRS alias stored in the alias table may not be
233 * part of the PCI DMA aliases if it's bus differs
234 * from the original device.
236 clone_alias(pdev, amd_iommu_alias_table[pci_dev_id(pdev)], NULL);
238 pci_for_each_dma_alias(pdev, clone_alias, NULL);
241 static struct pci_dev *setup_aliases(struct device *dev)
243 struct pci_dev *pdev = to_pci_dev(dev);
246 /* For ACPI HID devices, there are no aliases */
247 if (!dev_is_pci(dev))
251 * Add the IVRS alias to the pci aliases if it is on the same
252 * bus. The IVRS table may know about a quirk that we don't.
254 ivrs_alias = amd_iommu_alias_table[pci_dev_id(pdev)];
255 if (ivrs_alias != pci_dev_id(pdev) &&
256 PCI_BUS_NUM(ivrs_alias) == pdev->bus->number)
257 pci_add_dma_alias(pdev, ivrs_alias & 0xff, 1);
264 static struct iommu_dev_data *find_dev_data(u16 devid)
266 struct iommu_dev_data *dev_data;
267 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
269 dev_data = search_dev_data(devid);
271 if (dev_data == NULL) {
272 dev_data = alloc_dev_data(devid);
276 if (translation_pre_enabled(iommu))
277 dev_data->defer_attach = true;
283 static struct iommu_dev_data *get_dev_data(struct device *dev)
285 return dev->archdata.iommu;
289 * Find or create an IOMMU group for a acpihid device.
291 static struct iommu_group *acpihid_device_group(struct device *dev)
293 struct acpihid_map_entry *p, *entry = NULL;
296 devid = get_acpihid_device_id(dev, &entry);
298 return ERR_PTR(devid);
300 list_for_each_entry(p, &acpihid_map, list) {
301 if ((devid == p->devid) && p->group)
302 entry->group = p->group;
306 entry->group = generic_device_group(dev);
308 iommu_group_ref_get(entry->group);
313 static bool pci_iommuv2_capable(struct pci_dev *pdev)
315 static const int caps[] = {
318 PCI_EXT_CAP_ID_PASID,
322 if (pci_ats_disabled())
325 for (i = 0; i < 3; ++i) {
326 pos = pci_find_ext_capability(pdev, caps[i]);
334 static bool pdev_pri_erratum(struct pci_dev *pdev, u32 erratum)
336 struct iommu_dev_data *dev_data;
338 dev_data = get_dev_data(&pdev->dev);
340 return dev_data->errata & (1 << erratum) ? true : false;
344 * This function checks if the driver got a valid device from the caller to
345 * avoid dereferencing invalid pointers.
347 static bool check_device(struct device *dev)
354 devid = get_device_id(dev);
358 /* Out of our scope? */
359 if (devid > amd_iommu_last_bdf)
362 if (amd_iommu_rlookup_table[devid] == NULL)
368 static int iommu_init_device(struct device *dev)
370 struct iommu_dev_data *dev_data;
373 if (dev->archdata.iommu)
376 devid = get_device_id(dev);
380 dev_data = find_dev_data(devid);
384 dev_data->pdev = setup_aliases(dev);
387 * By default we use passthrough mode for IOMMUv2 capable device.
388 * But if amd_iommu=force_isolation is set (e.g. to debug DMA to
389 * invalid address), we ignore the capability for the device so
390 * it'll be forced to go into translation mode.
392 if ((iommu_default_passthrough() || !amd_iommu_force_isolation) &&
393 dev_is_pci(dev) && pci_iommuv2_capable(to_pci_dev(dev))) {
394 struct amd_iommu *iommu;
396 iommu = amd_iommu_rlookup_table[dev_data->devid];
397 dev_data->iommu_v2 = iommu->is_iommu_v2;
400 dev->archdata.iommu = dev_data;
405 static void iommu_ignore_device(struct device *dev)
409 devid = get_device_id(dev);
413 amd_iommu_rlookup_table[devid] = NULL;
414 memset(&amd_iommu_dev_table[devid], 0, sizeof(struct dev_table_entry));
419 static void amd_iommu_uninit_device(struct device *dev)
421 struct iommu_dev_data *dev_data;
424 devid = get_device_id(dev);
428 dev_data = search_dev_data(devid);
432 if (dev_data->domain)
436 * We keep dev_data around for unplugged devices and reuse it when the
437 * device is re-plugged - not doing so would introduce a ton of races.
442 * Helper function to get the first pte of a large mapping
444 static u64 *first_pte_l7(u64 *pte, unsigned long *page_size,
445 unsigned long *count)
447 unsigned long pte_mask, pg_size, cnt;
450 pg_size = PTE_PAGE_SIZE(*pte);
451 cnt = PAGE_SIZE_PTE_COUNT(pg_size);
452 pte_mask = ~((cnt << 3) - 1);
453 fpte = (u64 *)(((unsigned long)pte) & pte_mask);
456 *page_size = pg_size;
464 /****************************************************************************
466 * Interrupt handling functions
468 ****************************************************************************/
470 static void dump_dte_entry(u16 devid)
474 for (i = 0; i < 4; ++i)
475 pr_err("DTE[%d]: %016llx\n", i,
476 amd_iommu_dev_table[devid].data[i]);
479 static void dump_command(unsigned long phys_addr)
481 struct iommu_cmd *cmd = iommu_phys_to_virt(phys_addr);
484 for (i = 0; i < 4; ++i)
485 pr_err("CMD[%d]: %08x\n", i, cmd->data[i]);
488 static void amd_iommu_report_page_fault(u16 devid, u16 domain_id,
489 u64 address, int flags)
491 struct iommu_dev_data *dev_data = NULL;
492 struct pci_dev *pdev;
494 pdev = pci_get_domain_bus_and_slot(0, PCI_BUS_NUM(devid),
497 dev_data = get_dev_data(&pdev->dev);
499 if (dev_data && __ratelimit(&dev_data->rs)) {
500 pci_err(pdev, "Event logged [IO_PAGE_FAULT domain=0x%04x address=0x%llx flags=0x%04x]\n",
501 domain_id, address, flags);
502 } else if (printk_ratelimit()) {
503 pr_err("Event logged [IO_PAGE_FAULT device=%02x:%02x.%x domain=0x%04x address=0x%llx flags=0x%04x]\n",
504 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
505 domain_id, address, flags);
512 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
514 struct device *dev = iommu->iommu.dev;
515 int type, devid, pasid, flags, tag;
516 volatile u32 *event = __evt;
521 type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
522 devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
523 pasid = (event[0] & EVENT_DOMID_MASK_HI) |
524 (event[1] & EVENT_DOMID_MASK_LO);
525 flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
526 address = (u64)(((u64)event[3]) << 32) | event[2];
529 /* Did we hit the erratum? */
530 if (++count == LOOP_TIMEOUT) {
531 pr_err("No event written to event log\n");
538 if (type == EVENT_TYPE_IO_FAULT) {
539 amd_iommu_report_page_fault(devid, pasid, address, flags);
544 case EVENT_TYPE_ILL_DEV:
545 dev_err(dev, "Event logged [ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x pasid=0x%05x address=0x%llx flags=0x%04x]\n",
546 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
547 pasid, address, flags);
548 dump_dte_entry(devid);
550 case EVENT_TYPE_DEV_TAB_ERR:
551 dev_err(dev, "Event logged [DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
552 "address=0x%llx flags=0x%04x]\n",
553 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
556 case EVENT_TYPE_PAGE_TAB_ERR:
557 dev_err(dev, "Event logged [PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x pasid=0x%04x address=0x%llx flags=0x%04x]\n",
558 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
559 pasid, address, flags);
561 case EVENT_TYPE_ILL_CMD:
562 dev_err(dev, "Event logged [ILLEGAL_COMMAND_ERROR address=0x%llx]\n", address);
563 dump_command(address);
565 case EVENT_TYPE_CMD_HARD_ERR:
566 dev_err(dev, "Event logged [COMMAND_HARDWARE_ERROR address=0x%llx flags=0x%04x]\n",
569 case EVENT_TYPE_IOTLB_INV_TO:
570 dev_err(dev, "Event logged [IOTLB_INV_TIMEOUT device=%02x:%02x.%x address=0x%llx]\n",
571 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
574 case EVENT_TYPE_INV_DEV_REQ:
575 dev_err(dev, "Event logged [INVALID_DEVICE_REQUEST device=%02x:%02x.%x pasid=0x%05x address=0x%llx flags=0x%04x]\n",
576 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
577 pasid, address, flags);
579 case EVENT_TYPE_INV_PPR_REQ:
580 pasid = PPR_PASID(*((u64 *)__evt));
581 tag = event[1] & 0x03FF;
582 dev_err(dev, "Event logged [INVALID_PPR_REQUEST device=%02x:%02x.%x pasid=0x%05x address=0x%llx flags=0x%04x tag=0x%03x]\n",
583 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
584 pasid, address, flags, tag);
587 dev_err(dev, "Event logged [UNKNOWN event[0]=0x%08x event[1]=0x%08x event[2]=0x%08x event[3]=0x%08x\n",
588 event[0], event[1], event[2], event[3]);
591 memset(__evt, 0, 4 * sizeof(u32));
594 static void iommu_poll_events(struct amd_iommu *iommu)
598 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
599 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
601 while (head != tail) {
602 iommu_print_event(iommu, iommu->evt_buf + head);
603 head = (head + EVENT_ENTRY_SIZE) % EVT_BUFFER_SIZE;
606 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
609 static void iommu_handle_ppr_entry(struct amd_iommu *iommu, u64 *raw)
611 struct amd_iommu_fault fault;
613 if (PPR_REQ_TYPE(raw[0]) != PPR_REQ_FAULT) {
614 pr_err_ratelimited("Unknown PPR request received\n");
618 fault.address = raw[1];
619 fault.pasid = PPR_PASID(raw[0]);
620 fault.device_id = PPR_DEVID(raw[0]);
621 fault.tag = PPR_TAG(raw[0]);
622 fault.flags = PPR_FLAGS(raw[0]);
624 atomic_notifier_call_chain(&ppr_notifier, 0, &fault);
627 static void iommu_poll_ppr_log(struct amd_iommu *iommu)
631 if (iommu->ppr_log == NULL)
634 head = readl(iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
635 tail = readl(iommu->mmio_base + MMIO_PPR_TAIL_OFFSET);
637 while (head != tail) {
642 raw = (u64 *)(iommu->ppr_log + head);
645 * Hardware bug: Interrupt may arrive before the entry is
646 * written to memory. If this happens we need to wait for the
649 for (i = 0; i < LOOP_TIMEOUT; ++i) {
650 if (PPR_REQ_TYPE(raw[0]) != 0)
655 /* Avoid memcpy function-call overhead */
660 * To detect the hardware bug we need to clear the entry
663 raw[0] = raw[1] = 0UL;
665 /* Update head pointer of hardware ring-buffer */
666 head = (head + PPR_ENTRY_SIZE) % PPR_LOG_SIZE;
667 writel(head, iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
669 /* Handle PPR entry */
670 iommu_handle_ppr_entry(iommu, entry);
672 /* Refresh ring-buffer information */
673 head = readl(iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
674 tail = readl(iommu->mmio_base + MMIO_PPR_TAIL_OFFSET);
678 #ifdef CONFIG_IRQ_REMAP
679 static int (*iommu_ga_log_notifier)(u32);
681 int amd_iommu_register_ga_log_notifier(int (*notifier)(u32))
683 iommu_ga_log_notifier = notifier;
687 EXPORT_SYMBOL(amd_iommu_register_ga_log_notifier);
689 static void iommu_poll_ga_log(struct amd_iommu *iommu)
691 u32 head, tail, cnt = 0;
693 if (iommu->ga_log == NULL)
696 head = readl(iommu->mmio_base + MMIO_GA_HEAD_OFFSET);
697 tail = readl(iommu->mmio_base + MMIO_GA_TAIL_OFFSET);
699 while (head != tail) {
703 raw = (u64 *)(iommu->ga_log + head);
706 /* Avoid memcpy function-call overhead */
709 /* Update head pointer of hardware ring-buffer */
710 head = (head + GA_ENTRY_SIZE) % GA_LOG_SIZE;
711 writel(head, iommu->mmio_base + MMIO_GA_HEAD_OFFSET);
713 /* Handle GA entry */
714 switch (GA_REQ_TYPE(log_entry)) {
716 if (!iommu_ga_log_notifier)
719 pr_debug("%s: devid=%#x, ga_tag=%#x\n",
720 __func__, GA_DEVID(log_entry),
723 if (iommu_ga_log_notifier(GA_TAG(log_entry)) != 0)
724 pr_err("GA log notifier failed.\n");
731 #endif /* CONFIG_IRQ_REMAP */
733 #define AMD_IOMMU_INT_MASK \
734 (MMIO_STATUS_EVT_INT_MASK | \
735 MMIO_STATUS_PPR_INT_MASK | \
736 MMIO_STATUS_GALOG_INT_MASK)
738 irqreturn_t amd_iommu_int_thread(int irq, void *data)
740 struct amd_iommu *iommu = (struct amd_iommu *) data;
741 u32 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
743 while (status & AMD_IOMMU_INT_MASK) {
744 /* Enable EVT and PPR and GA interrupts again */
745 writel(AMD_IOMMU_INT_MASK,
746 iommu->mmio_base + MMIO_STATUS_OFFSET);
748 if (status & MMIO_STATUS_EVT_INT_MASK) {
749 pr_devel("Processing IOMMU Event Log\n");
750 iommu_poll_events(iommu);
753 if (status & MMIO_STATUS_PPR_INT_MASK) {
754 pr_devel("Processing IOMMU PPR Log\n");
755 iommu_poll_ppr_log(iommu);
758 #ifdef CONFIG_IRQ_REMAP
759 if (status & MMIO_STATUS_GALOG_INT_MASK) {
760 pr_devel("Processing IOMMU GA Log\n");
761 iommu_poll_ga_log(iommu);
766 * Hardware bug: ERBT1312
767 * When re-enabling interrupt (by writing 1
768 * to clear the bit), the hardware might also try to set
769 * the interrupt bit in the event status register.
770 * In this scenario, the bit will be set, and disable
771 * subsequent interrupts.
773 * Workaround: The IOMMU driver should read back the
774 * status register and check if the interrupt bits are cleared.
775 * If not, driver will need to go through the interrupt handler
776 * again and re-clear the bits
778 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
783 irqreturn_t amd_iommu_int_handler(int irq, void *data)
785 return IRQ_WAKE_THREAD;
788 /****************************************************************************
790 * IOMMU command queuing functions
792 ****************************************************************************/
794 static int wait_on_sem(volatile u64 *sem)
798 while (*sem == 0 && i < LOOP_TIMEOUT) {
803 if (i == LOOP_TIMEOUT) {
804 pr_alert("Completion-Wait loop timed out\n");
811 static void copy_cmd_to_buffer(struct amd_iommu *iommu,
812 struct iommu_cmd *cmd)
817 /* Copy command to buffer */
818 tail = iommu->cmd_buf_tail;
819 target = iommu->cmd_buf + tail;
820 memcpy(target, cmd, sizeof(*cmd));
822 tail = (tail + sizeof(*cmd)) % CMD_BUFFER_SIZE;
823 iommu->cmd_buf_tail = tail;
825 /* Tell the IOMMU about it */
826 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
829 static void build_completion_wait(struct iommu_cmd *cmd, u64 address)
831 u64 paddr = iommu_virt_to_phys((void *)address);
833 WARN_ON(address & 0x7ULL);
835 memset(cmd, 0, sizeof(*cmd));
836 cmd->data[0] = lower_32_bits(paddr) | CMD_COMPL_WAIT_STORE_MASK;
837 cmd->data[1] = upper_32_bits(paddr);
839 CMD_SET_TYPE(cmd, CMD_COMPL_WAIT);
842 static void build_inv_dte(struct iommu_cmd *cmd, u16 devid)
844 memset(cmd, 0, sizeof(*cmd));
845 cmd->data[0] = devid;
846 CMD_SET_TYPE(cmd, CMD_INV_DEV_ENTRY);
849 static void build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
850 size_t size, u16 domid, int pde)
855 pages = iommu_num_pages(address, size, PAGE_SIZE);
860 * If we have to flush more than one page, flush all
861 * TLB entries for this domain
863 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
867 address &= PAGE_MASK;
869 memset(cmd, 0, sizeof(*cmd));
870 cmd->data[1] |= domid;
871 cmd->data[2] = lower_32_bits(address);
872 cmd->data[3] = upper_32_bits(address);
873 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
874 if (s) /* size bit - we flush more than one 4kb page */
875 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
876 if (pde) /* PDE bit - we want to flush everything, not only the PTEs */
877 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
880 static void build_inv_iotlb_pages(struct iommu_cmd *cmd, u16 devid, int qdep,
881 u64 address, size_t size)
886 pages = iommu_num_pages(address, size, PAGE_SIZE);
891 * If we have to flush more than one page, flush all
892 * TLB entries for this domain
894 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
898 address &= PAGE_MASK;
900 memset(cmd, 0, sizeof(*cmd));
901 cmd->data[0] = devid;
902 cmd->data[0] |= (qdep & 0xff) << 24;
903 cmd->data[1] = devid;
904 cmd->data[2] = lower_32_bits(address);
905 cmd->data[3] = upper_32_bits(address);
906 CMD_SET_TYPE(cmd, CMD_INV_IOTLB_PAGES);
908 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
911 static void build_inv_iommu_pasid(struct iommu_cmd *cmd, u16 domid, int pasid,
912 u64 address, bool size)
914 memset(cmd, 0, sizeof(*cmd));
916 address &= ~(0xfffULL);
918 cmd->data[0] = pasid;
919 cmd->data[1] = domid;
920 cmd->data[2] = lower_32_bits(address);
921 cmd->data[3] = upper_32_bits(address);
922 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
923 cmd->data[2] |= CMD_INV_IOMMU_PAGES_GN_MASK;
925 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
926 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
929 static void build_inv_iotlb_pasid(struct iommu_cmd *cmd, u16 devid, int pasid,
930 int qdep, u64 address, bool size)
932 memset(cmd, 0, sizeof(*cmd));
934 address &= ~(0xfffULL);
936 cmd->data[0] = devid;
937 cmd->data[0] |= ((pasid >> 8) & 0xff) << 16;
938 cmd->data[0] |= (qdep & 0xff) << 24;
939 cmd->data[1] = devid;
940 cmd->data[1] |= (pasid & 0xff) << 16;
941 cmd->data[2] = lower_32_bits(address);
942 cmd->data[2] |= CMD_INV_IOMMU_PAGES_GN_MASK;
943 cmd->data[3] = upper_32_bits(address);
945 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
946 CMD_SET_TYPE(cmd, CMD_INV_IOTLB_PAGES);
949 static void build_complete_ppr(struct iommu_cmd *cmd, u16 devid, int pasid,
950 int status, int tag, bool gn)
952 memset(cmd, 0, sizeof(*cmd));
954 cmd->data[0] = devid;
956 cmd->data[1] = pasid;
957 cmd->data[2] = CMD_INV_IOMMU_PAGES_GN_MASK;
959 cmd->data[3] = tag & 0x1ff;
960 cmd->data[3] |= (status & PPR_STATUS_MASK) << PPR_STATUS_SHIFT;
962 CMD_SET_TYPE(cmd, CMD_COMPLETE_PPR);
965 static void build_inv_all(struct iommu_cmd *cmd)
967 memset(cmd, 0, sizeof(*cmd));
968 CMD_SET_TYPE(cmd, CMD_INV_ALL);
971 static void build_inv_irt(struct iommu_cmd *cmd, u16 devid)
973 memset(cmd, 0, sizeof(*cmd));
974 cmd->data[0] = devid;
975 CMD_SET_TYPE(cmd, CMD_INV_IRT);
979 * Writes the command to the IOMMUs command buffer and informs the
980 * hardware about the new command.
982 static int __iommu_queue_command_sync(struct amd_iommu *iommu,
983 struct iommu_cmd *cmd,
986 unsigned int count = 0;
989 next_tail = (iommu->cmd_buf_tail + sizeof(*cmd)) % CMD_BUFFER_SIZE;
991 left = (iommu->cmd_buf_head - next_tail) % CMD_BUFFER_SIZE;
994 /* Skip udelay() the first time around */
996 if (count == LOOP_TIMEOUT) {
997 pr_err("Command buffer timeout\n");
1004 /* Update head and recheck remaining space */
1005 iommu->cmd_buf_head = readl(iommu->mmio_base +
1006 MMIO_CMD_HEAD_OFFSET);
1011 copy_cmd_to_buffer(iommu, cmd);
1013 /* Do we need to make sure all commands are processed? */
1014 iommu->need_sync = sync;
1019 static int iommu_queue_command_sync(struct amd_iommu *iommu,
1020 struct iommu_cmd *cmd,
1023 unsigned long flags;
1026 raw_spin_lock_irqsave(&iommu->lock, flags);
1027 ret = __iommu_queue_command_sync(iommu, cmd, sync);
1028 raw_spin_unlock_irqrestore(&iommu->lock, flags);
1033 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
1035 return iommu_queue_command_sync(iommu, cmd, true);
1039 * This function queues a completion wait command into the command
1040 * buffer of an IOMMU
1042 static int iommu_completion_wait(struct amd_iommu *iommu)
1044 struct iommu_cmd cmd;
1045 unsigned long flags;
1048 if (!iommu->need_sync)
1052 build_completion_wait(&cmd, (u64)&iommu->cmd_sem);
1054 raw_spin_lock_irqsave(&iommu->lock, flags);
1058 ret = __iommu_queue_command_sync(iommu, &cmd, false);
1062 ret = wait_on_sem(&iommu->cmd_sem);
1065 raw_spin_unlock_irqrestore(&iommu->lock, flags);
1070 static int iommu_flush_dte(struct amd_iommu *iommu, u16 devid)
1072 struct iommu_cmd cmd;
1074 build_inv_dte(&cmd, devid);
1076 return iommu_queue_command(iommu, &cmd);
1079 static void amd_iommu_flush_dte_all(struct amd_iommu *iommu)
1083 for (devid = 0; devid <= 0xffff; ++devid)
1084 iommu_flush_dte(iommu, devid);
1086 iommu_completion_wait(iommu);
1090 * This function uses heavy locking and may disable irqs for some time. But
1091 * this is no issue because it is only called during resume.
1093 static void amd_iommu_flush_tlb_all(struct amd_iommu *iommu)
1097 for (dom_id = 0; dom_id <= 0xffff; ++dom_id) {
1098 struct iommu_cmd cmd;
1099 build_inv_iommu_pages(&cmd, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
1101 iommu_queue_command(iommu, &cmd);
1104 iommu_completion_wait(iommu);
1107 static void amd_iommu_flush_tlb_domid(struct amd_iommu *iommu, u32 dom_id)
1109 struct iommu_cmd cmd;
1111 build_inv_iommu_pages(&cmd, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
1113 iommu_queue_command(iommu, &cmd);
1115 iommu_completion_wait(iommu);
1118 static void amd_iommu_flush_all(struct amd_iommu *iommu)
1120 struct iommu_cmd cmd;
1122 build_inv_all(&cmd);
1124 iommu_queue_command(iommu, &cmd);
1125 iommu_completion_wait(iommu);
1128 static void iommu_flush_irt(struct amd_iommu *iommu, u16 devid)
1130 struct iommu_cmd cmd;
1132 build_inv_irt(&cmd, devid);
1134 iommu_queue_command(iommu, &cmd);
1137 static void amd_iommu_flush_irt_all(struct amd_iommu *iommu)
1141 for (devid = 0; devid <= MAX_DEV_TABLE_ENTRIES; devid++)
1142 iommu_flush_irt(iommu, devid);
1144 iommu_completion_wait(iommu);
1147 void iommu_flush_all_caches(struct amd_iommu *iommu)
1149 if (iommu_feature(iommu, FEATURE_IA)) {
1150 amd_iommu_flush_all(iommu);
1152 amd_iommu_flush_dte_all(iommu);
1153 amd_iommu_flush_irt_all(iommu);
1154 amd_iommu_flush_tlb_all(iommu);
1159 * Command send function for flushing on-device TLB
1161 static int device_flush_iotlb(struct iommu_dev_data *dev_data,
1162 u64 address, size_t size)
1164 struct amd_iommu *iommu;
1165 struct iommu_cmd cmd;
1168 qdep = dev_data->ats.qdep;
1169 iommu = amd_iommu_rlookup_table[dev_data->devid];
1171 build_inv_iotlb_pages(&cmd, dev_data->devid, qdep, address, size);
1173 return iommu_queue_command(iommu, &cmd);
1176 static int device_flush_dte_alias(struct pci_dev *pdev, u16 alias, void *data)
1178 struct amd_iommu *iommu = data;
1180 return iommu_flush_dte(iommu, alias);
1184 * Command send function for invalidating a device table entry
1186 static int device_flush_dte(struct iommu_dev_data *dev_data)
1188 struct amd_iommu *iommu;
1192 iommu = amd_iommu_rlookup_table[dev_data->devid];
1195 ret = pci_for_each_dma_alias(dev_data->pdev,
1196 device_flush_dte_alias, iommu);
1198 ret = iommu_flush_dte(iommu, dev_data->devid);
1202 alias = amd_iommu_alias_table[dev_data->devid];
1203 if (alias != dev_data->devid) {
1204 ret = iommu_flush_dte(iommu, alias);
1209 if (dev_data->ats.enabled)
1210 ret = device_flush_iotlb(dev_data, 0, ~0UL);
1216 * TLB invalidation function which is called from the mapping functions.
1217 * It invalidates a single PTE if the range to flush is within a single
1218 * page. Otherwise it flushes the whole TLB of the IOMMU.
1220 static void __domain_flush_pages(struct protection_domain *domain,
1221 u64 address, size_t size, int pde)
1223 struct iommu_dev_data *dev_data;
1224 struct iommu_cmd cmd;
1227 build_inv_iommu_pages(&cmd, address, size, domain->id, pde);
1229 for (i = 0; i < amd_iommu_get_num_iommus(); ++i) {
1230 if (!domain->dev_iommu[i])
1234 * Devices of this domain are behind this IOMMU
1235 * We need a TLB flush
1237 ret |= iommu_queue_command(amd_iommus[i], &cmd);
1240 list_for_each_entry(dev_data, &domain->dev_list, list) {
1242 if (!dev_data->ats.enabled)
1245 ret |= device_flush_iotlb(dev_data, address, size);
1251 static void domain_flush_pages(struct protection_domain *domain,
1252 u64 address, size_t size)
1254 __domain_flush_pages(domain, address, size, 0);
1257 /* Flush the whole IO/TLB for a given protection domain - including PDE */
1258 static void domain_flush_tlb_pde(struct protection_domain *domain)
1260 __domain_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 1);
1263 static void domain_flush_complete(struct protection_domain *domain)
1267 for (i = 0; i < amd_iommu_get_num_iommus(); ++i) {
1268 if (domain && !domain->dev_iommu[i])
1272 * Devices of this domain are behind this IOMMU
1273 * We need to wait for completion of all commands.
1275 iommu_completion_wait(amd_iommus[i]);
1279 /* Flush the not present cache if it exists */
1280 static void domain_flush_np_cache(struct protection_domain *domain,
1281 dma_addr_t iova, size_t size)
1283 if (unlikely(amd_iommu_np_cache)) {
1284 unsigned long flags;
1286 spin_lock_irqsave(&domain->lock, flags);
1287 domain_flush_pages(domain, iova, size);
1288 domain_flush_complete(domain);
1289 spin_unlock_irqrestore(&domain->lock, flags);
1295 * This function flushes the DTEs for all devices in domain
1297 static void domain_flush_devices(struct protection_domain *domain)
1299 struct iommu_dev_data *dev_data;
1301 list_for_each_entry(dev_data, &domain->dev_list, list)
1302 device_flush_dte(dev_data);
1305 /****************************************************************************
1307 * The functions below are used the create the page table mappings for
1308 * unity mapped regions.
1310 ****************************************************************************/
1312 static void free_page_list(struct page *freelist)
1314 while (freelist != NULL) {
1315 unsigned long p = (unsigned long)page_address(freelist);
1316 freelist = freelist->freelist;
1321 static struct page *free_pt_page(unsigned long pt, struct page *freelist)
1323 struct page *p = virt_to_page((void *)pt);
1325 p->freelist = freelist;
1330 #define DEFINE_FREE_PT_FN(LVL, FN) \
1331 static struct page *free_pt_##LVL (unsigned long __pt, struct page *freelist) \
1339 for (i = 0; i < 512; ++i) { \
1340 /* PTE present? */ \
1341 if (!IOMMU_PTE_PRESENT(pt[i])) \
1345 if (PM_PTE_LEVEL(pt[i]) == 0 || \
1346 PM_PTE_LEVEL(pt[i]) == 7) \
1349 p = (unsigned long)IOMMU_PTE_PAGE(pt[i]); \
1350 freelist = FN(p, freelist); \
1353 return free_pt_page((unsigned long)pt, freelist); \
1356 DEFINE_FREE_PT_FN(l2, free_pt_page)
1357 DEFINE_FREE_PT_FN(l3, free_pt_l2)
1358 DEFINE_FREE_PT_FN(l4, free_pt_l3)
1359 DEFINE_FREE_PT_FN(l5, free_pt_l4)
1360 DEFINE_FREE_PT_FN(l6, free_pt_l5)
1362 static struct page *free_sub_pt(unsigned long root, int mode,
1363 struct page *freelist)
1366 case PAGE_MODE_NONE:
1367 case PAGE_MODE_7_LEVEL:
1369 case PAGE_MODE_1_LEVEL:
1370 freelist = free_pt_page(root, freelist);
1372 case PAGE_MODE_2_LEVEL:
1373 freelist = free_pt_l2(root, freelist);
1375 case PAGE_MODE_3_LEVEL:
1376 freelist = free_pt_l3(root, freelist);
1378 case PAGE_MODE_4_LEVEL:
1379 freelist = free_pt_l4(root, freelist);
1381 case PAGE_MODE_5_LEVEL:
1382 freelist = free_pt_l5(root, freelist);
1384 case PAGE_MODE_6_LEVEL:
1385 freelist = free_pt_l6(root, freelist);
1394 static void free_pagetable(struct protection_domain *domain)
1396 struct domain_pgtable pgtable;
1397 struct page *freelist = NULL;
1400 amd_iommu_domain_get_pgtable(domain, &pgtable);
1401 atomic64_set(&domain->pt_root, 0);
1403 BUG_ON(pgtable.mode < PAGE_MODE_NONE ||
1404 pgtable.mode > PAGE_MODE_6_LEVEL);
1406 root = (unsigned long)pgtable.root;
1407 freelist = free_sub_pt(root, pgtable.mode, freelist);
1409 free_page_list(freelist);
1413 * This function is used to add another level to an IO page table. Adding
1414 * another level increases the size of the address space by 9 bits to a size up
1417 static bool increase_address_space(struct protection_domain *domain,
1418 unsigned long address,
1421 struct domain_pgtable pgtable;
1422 unsigned long flags;
1426 spin_lock_irqsave(&domain->lock, flags);
1428 amd_iommu_domain_get_pgtable(domain, &pgtable);
1430 if (address <= PM_LEVEL_SIZE(pgtable.mode))
1434 if (WARN_ON_ONCE(pgtable.mode == PAGE_MODE_6_LEVEL))
1437 pte = (void *)get_zeroed_page(gfp);
1441 *pte = PM_LEVEL_PDE(pgtable.mode, iommu_virt_to_phys(pgtable.root));
1445 update_and_flush_device_table(domain, &pgtable);
1446 domain_flush_complete(domain);
1449 * Device Table needs to be updated and flushed before the new root can
1452 root = amd_iommu_domain_encode_pgtable(pte, pgtable.mode);
1453 atomic64_set(&domain->pt_root, root);
1458 spin_unlock_irqrestore(&domain->lock, flags);
1463 static u64 *alloc_pte(struct protection_domain *domain,
1464 unsigned long address,
1465 unsigned long page_size,
1470 struct domain_pgtable pgtable;
1474 BUG_ON(!is_power_of_2(page_size));
1476 amd_iommu_domain_get_pgtable(domain, &pgtable);
1478 while (address > PM_LEVEL_SIZE(pgtable.mode)) {
1480 * Return an error if there is no memory to update the
1483 if (!increase_address_space(domain, address, gfp))
1486 /* Read new values to check if update was successful */
1487 amd_iommu_domain_get_pgtable(domain, &pgtable);
1491 level = pgtable.mode - 1;
1492 pte = &pgtable.root[PM_LEVEL_INDEX(level, address)];
1493 address = PAGE_SIZE_ALIGN(address, page_size);
1494 end_lvl = PAGE_SIZE_LEVEL(page_size);
1496 while (level > end_lvl) {
1501 pte_level = PM_PTE_LEVEL(__pte);
1504 * If we replace a series of large PTEs, we need
1505 * to tear down all of them.
1507 if (IOMMU_PTE_PRESENT(__pte) &&
1508 pte_level == PAGE_MODE_7_LEVEL) {
1509 unsigned long count, i;
1512 lpte = first_pte_l7(pte, NULL, &count);
1515 * Unmap the replicated PTEs that still match the
1516 * original large mapping
1518 for (i = 0; i < count; ++i)
1519 cmpxchg64(&lpte[i], __pte, 0ULL);
1525 if (!IOMMU_PTE_PRESENT(__pte) ||
1526 pte_level == PAGE_MODE_NONE) {
1527 page = (u64 *)get_zeroed_page(gfp);
1532 __npte = PM_LEVEL_PDE(level, iommu_virt_to_phys(page));
1534 /* pte could have been changed somewhere. */
1535 if (cmpxchg64(pte, __pte, __npte) != __pte)
1536 free_page((unsigned long)page);
1537 else if (IOMMU_PTE_PRESENT(__pte))
1543 /* No level skipping support yet */
1544 if (pte_level != level)
1549 pte = IOMMU_PTE_PAGE(__pte);
1551 if (pte_page && level == end_lvl)
1554 pte = &pte[PM_LEVEL_INDEX(level, address)];
1561 * This function checks if there is a PTE for a given dma address. If
1562 * there is one, it returns the pointer to it.
1564 static u64 *fetch_pte(struct protection_domain *domain,
1565 unsigned long address,
1566 unsigned long *page_size)
1568 struct domain_pgtable pgtable;
1574 amd_iommu_domain_get_pgtable(domain, &pgtable);
1576 if (address > PM_LEVEL_SIZE(pgtable.mode))
1579 level = pgtable.mode - 1;
1580 pte = &pgtable.root[PM_LEVEL_INDEX(level, address)];
1581 *page_size = PTE_LEVEL_PAGE_SIZE(level);
1586 if (!IOMMU_PTE_PRESENT(*pte))
1590 if (PM_PTE_LEVEL(*pte) == 7 ||
1591 PM_PTE_LEVEL(*pte) == 0)
1594 /* No level skipping support yet */
1595 if (PM_PTE_LEVEL(*pte) != level)
1600 /* Walk to the next level */
1601 pte = IOMMU_PTE_PAGE(*pte);
1602 pte = &pte[PM_LEVEL_INDEX(level, address)];
1603 *page_size = PTE_LEVEL_PAGE_SIZE(level);
1607 * If we have a series of large PTEs, make
1608 * sure to return a pointer to the first one.
1610 if (PM_PTE_LEVEL(*pte) == PAGE_MODE_7_LEVEL)
1611 pte = first_pte_l7(pte, page_size, NULL);
1616 static struct page *free_clear_pte(u64 *pte, u64 pteval, struct page *freelist)
1621 while (cmpxchg64(pte, pteval, 0) != pteval) {
1622 pr_warn("AMD-Vi: IOMMU pte changed since we read it\n");
1626 if (!IOMMU_PTE_PRESENT(pteval))
1629 pt = (unsigned long)IOMMU_PTE_PAGE(pteval);
1630 mode = IOMMU_PTE_MODE(pteval);
1632 return free_sub_pt(pt, mode, freelist);
1636 * Generic mapping functions. It maps a physical address into a DMA
1637 * address space. It allocates the page table pages if necessary.
1638 * In the future it can be extended to a generic mapping function
1639 * supporting all features of AMD IOMMU page tables like level skipping
1640 * and full 64 bit address spaces.
1642 static int iommu_map_page(struct protection_domain *dom,
1643 unsigned long bus_addr,
1644 unsigned long phys_addr,
1645 unsigned long page_size,
1649 struct page *freelist = NULL;
1650 bool updated = false;
1654 BUG_ON(!IS_ALIGNED(bus_addr, page_size));
1655 BUG_ON(!IS_ALIGNED(phys_addr, page_size));
1658 if (!(prot & IOMMU_PROT_MASK))
1661 count = PAGE_SIZE_PTE_COUNT(page_size);
1662 pte = alloc_pte(dom, bus_addr, page_size, NULL, gfp, &updated);
1668 for (i = 0; i < count; ++i)
1669 freelist = free_clear_pte(&pte[i], pte[i], freelist);
1671 if (freelist != NULL)
1675 __pte = PAGE_SIZE_PTE(__sme_set(phys_addr), page_size);
1676 __pte |= PM_LEVEL_ENC(7) | IOMMU_PTE_PR | IOMMU_PTE_FC;
1678 __pte = __sme_set(phys_addr) | IOMMU_PTE_PR | IOMMU_PTE_FC;
1680 if (prot & IOMMU_PROT_IR)
1681 __pte |= IOMMU_PTE_IR;
1682 if (prot & IOMMU_PROT_IW)
1683 __pte |= IOMMU_PTE_IW;
1685 for (i = 0; i < count; ++i)
1692 unsigned long flags;
1694 spin_lock_irqsave(&dom->lock, flags);
1696 * Flush domain TLB(s) and wait for completion. Any Device-Table
1697 * Updates and flushing already happened in
1698 * increase_address_space().
1700 domain_flush_tlb_pde(dom);
1701 domain_flush_complete(dom);
1702 spin_unlock_irqrestore(&dom->lock, flags);
1705 /* Everything flushed out, free pages now */
1706 free_page_list(freelist);
1711 static unsigned long iommu_unmap_page(struct protection_domain *dom,
1712 unsigned long bus_addr,
1713 unsigned long page_size)
1715 unsigned long long unmapped;
1716 unsigned long unmap_size;
1719 BUG_ON(!is_power_of_2(page_size));
1723 while (unmapped < page_size) {
1725 pte = fetch_pte(dom, bus_addr, &unmap_size);
1730 count = PAGE_SIZE_PTE_COUNT(unmap_size);
1731 for (i = 0; i < count; i++)
1735 bus_addr = (bus_addr & ~(unmap_size - 1)) + unmap_size;
1736 unmapped += unmap_size;
1739 BUG_ON(unmapped && !is_power_of_2(unmapped));
1744 /****************************************************************************
1746 * The next functions belong to the domain allocation. A domain is
1747 * allocated for every IOMMU as the default domain. If device isolation
1748 * is enabled, every device get its own domain. The most important thing
1749 * about domains is the page table mapping the DMA address space they
1752 ****************************************************************************/
1754 static u16 domain_id_alloc(void)
1758 spin_lock(&pd_bitmap_lock);
1759 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
1761 if (id > 0 && id < MAX_DOMAIN_ID)
1762 __set_bit(id, amd_iommu_pd_alloc_bitmap);
1765 spin_unlock(&pd_bitmap_lock);
1770 static void domain_id_free(int id)
1772 spin_lock(&pd_bitmap_lock);
1773 if (id > 0 && id < MAX_DOMAIN_ID)
1774 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1775 spin_unlock(&pd_bitmap_lock);
1778 static void free_gcr3_tbl_level1(u64 *tbl)
1783 for (i = 0; i < 512; ++i) {
1784 if (!(tbl[i] & GCR3_VALID))
1787 ptr = iommu_phys_to_virt(tbl[i] & PAGE_MASK);
1789 free_page((unsigned long)ptr);
1793 static void free_gcr3_tbl_level2(u64 *tbl)
1798 for (i = 0; i < 512; ++i) {
1799 if (!(tbl[i] & GCR3_VALID))
1802 ptr = iommu_phys_to_virt(tbl[i] & PAGE_MASK);
1804 free_gcr3_tbl_level1(ptr);
1808 static void free_gcr3_table(struct protection_domain *domain)
1810 if (domain->glx == 2)
1811 free_gcr3_tbl_level2(domain->gcr3_tbl);
1812 else if (domain->glx == 1)
1813 free_gcr3_tbl_level1(domain->gcr3_tbl);
1815 BUG_ON(domain->glx != 0);
1817 free_page((unsigned long)domain->gcr3_tbl);
1821 * Free a domain, only used if something went wrong in the
1822 * allocation path and we need to free an already allocated page table
1824 static void dma_ops_domain_free(struct protection_domain *domain)
1829 iommu_put_dma_cookie(&domain->domain);
1831 free_pagetable(domain);
1834 domain_id_free(domain->id);
1840 * Allocates a new protection domain usable for the dma_ops functions.
1841 * It also initializes the page table and the address allocator data
1842 * structures required for the dma_ops interface
1844 static struct protection_domain *dma_ops_domain_alloc(void)
1846 struct protection_domain *domain;
1849 domain = kzalloc(sizeof(struct protection_domain), GFP_KERNEL);
1853 if (protection_domain_init(domain))
1856 pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1860 root = amd_iommu_domain_encode_pgtable(pt_root, PAGE_MODE_3_LEVEL);
1861 atomic64_set(&domain->pt_root, root);
1862 domain->flags = PD_DMA_OPS_MASK;
1864 if (iommu_get_dma_cookie(&domain->domain) == -ENOMEM)
1870 dma_ops_domain_free(domain);
1876 * little helper function to check whether a given protection domain is a
1879 static bool dma_ops_domain(struct protection_domain *domain)
1881 return domain->flags & PD_DMA_OPS_MASK;
1884 static void set_dte_entry(u16 devid, struct protection_domain *domain,
1885 struct domain_pgtable *pgtable,
1892 if (pgtable->mode != PAGE_MODE_NONE)
1893 pte_root = iommu_virt_to_phys(pgtable->root);
1895 pte_root |= (pgtable->mode & DEV_ENTRY_MODE_MASK)
1896 << DEV_ENTRY_MODE_SHIFT;
1897 pte_root |= DTE_FLAG_IR | DTE_FLAG_IW | DTE_FLAG_V | DTE_FLAG_TV;
1899 flags = amd_iommu_dev_table[devid].data[1];
1902 flags |= DTE_FLAG_IOTLB;
1905 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1907 if (iommu_feature(iommu, FEATURE_EPHSUP))
1908 pte_root |= 1ULL << DEV_ENTRY_PPR;
1911 if (domain->flags & PD_IOMMUV2_MASK) {
1912 u64 gcr3 = iommu_virt_to_phys(domain->gcr3_tbl);
1913 u64 glx = domain->glx;
1916 pte_root |= DTE_FLAG_GV;
1917 pte_root |= (glx & DTE_GLX_MASK) << DTE_GLX_SHIFT;
1919 /* First mask out possible old values for GCR3 table */
1920 tmp = DTE_GCR3_VAL_B(~0ULL) << DTE_GCR3_SHIFT_B;
1923 tmp = DTE_GCR3_VAL_C(~0ULL) << DTE_GCR3_SHIFT_C;
1926 /* Encode GCR3 table into DTE */
1927 tmp = DTE_GCR3_VAL_A(gcr3) << DTE_GCR3_SHIFT_A;
1930 tmp = DTE_GCR3_VAL_B(gcr3) << DTE_GCR3_SHIFT_B;
1933 tmp = DTE_GCR3_VAL_C(gcr3) << DTE_GCR3_SHIFT_C;
1937 flags &= ~DEV_DOMID_MASK;
1938 flags |= domain->id;
1940 old_domid = amd_iommu_dev_table[devid].data[1] & DEV_DOMID_MASK;
1941 amd_iommu_dev_table[devid].data[1] = flags;
1942 amd_iommu_dev_table[devid].data[0] = pte_root;
1945 * A kdump kernel might be replacing a domain ID that was copied from
1946 * the previous kernel--if so, it needs to flush the translation cache
1947 * entries for the old domain ID that is being overwritten
1950 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1952 amd_iommu_flush_tlb_domid(iommu, old_domid);
1956 static void clear_dte_entry(u16 devid)
1958 /* remove entry from the device table seen by the hardware */
1959 amd_iommu_dev_table[devid].data[0] = DTE_FLAG_V | DTE_FLAG_TV;
1960 amd_iommu_dev_table[devid].data[1] &= DTE_FLAG_MASK;
1962 amd_iommu_apply_erratum_63(devid);
1965 static void do_attach(struct iommu_dev_data *dev_data,
1966 struct protection_domain *domain)
1968 struct domain_pgtable pgtable;
1969 struct amd_iommu *iommu;
1972 iommu = amd_iommu_rlookup_table[dev_data->devid];
1973 ats = dev_data->ats.enabled;
1975 /* Update data structures */
1976 dev_data->domain = domain;
1977 list_add(&dev_data->list, &domain->dev_list);
1979 /* Do reference counting */
1980 domain->dev_iommu[iommu->index] += 1;
1981 domain->dev_cnt += 1;
1983 /* Update device table */
1984 amd_iommu_domain_get_pgtable(domain, &pgtable);
1985 set_dte_entry(dev_data->devid, domain, &pgtable,
1986 ats, dev_data->iommu_v2);
1987 clone_aliases(dev_data->pdev);
1989 device_flush_dte(dev_data);
1992 static void do_detach(struct iommu_dev_data *dev_data)
1994 struct protection_domain *domain = dev_data->domain;
1995 struct amd_iommu *iommu;
1997 iommu = amd_iommu_rlookup_table[dev_data->devid];
1999 /* Update data structures */
2000 dev_data->domain = NULL;
2001 list_del(&dev_data->list);
2002 clear_dte_entry(dev_data->devid);
2003 clone_aliases(dev_data->pdev);
2005 /* Flush the DTE entry */
2006 device_flush_dte(dev_data);
2009 domain_flush_tlb_pde(domain);
2011 /* Wait for the flushes to finish */
2012 domain_flush_complete(domain);
2014 /* decrease reference counters - needs to happen after the flushes */
2015 domain->dev_iommu[iommu->index] -= 1;
2016 domain->dev_cnt -= 1;
2019 static void pdev_iommuv2_disable(struct pci_dev *pdev)
2021 pci_disable_ats(pdev);
2022 pci_disable_pri(pdev);
2023 pci_disable_pasid(pdev);
2026 /* FIXME: Change generic reset-function to do the same */
2027 static int pri_reset_while_enabled(struct pci_dev *pdev)
2032 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PRI);
2036 pci_read_config_word(pdev, pos + PCI_PRI_CTRL, &control);
2037 control |= PCI_PRI_CTRL_RESET;
2038 pci_write_config_word(pdev, pos + PCI_PRI_CTRL, control);
2043 static int pdev_iommuv2_enable(struct pci_dev *pdev)
2048 /* FIXME: Hardcode number of outstanding requests for now */
2050 if (pdev_pri_erratum(pdev, AMD_PRI_DEV_ERRATUM_LIMIT_REQ_ONE))
2052 reset_enable = pdev_pri_erratum(pdev, AMD_PRI_DEV_ERRATUM_ENABLE_RESET);
2054 /* Only allow access to user-accessible pages */
2055 ret = pci_enable_pasid(pdev, 0);
2059 /* First reset the PRI state of the device */
2060 ret = pci_reset_pri(pdev);
2065 ret = pci_enable_pri(pdev, reqs);
2070 ret = pri_reset_while_enabled(pdev);
2075 ret = pci_enable_ats(pdev, PAGE_SHIFT);
2082 pci_disable_pri(pdev);
2083 pci_disable_pasid(pdev);
2089 * If a device is not yet associated with a domain, this function makes the
2090 * device visible in the domain
2092 static int attach_device(struct device *dev,
2093 struct protection_domain *domain)
2095 struct iommu_dev_data *dev_data;
2096 struct pci_dev *pdev;
2097 unsigned long flags;
2100 spin_lock_irqsave(&domain->lock, flags);
2102 dev_data = get_dev_data(dev);
2104 spin_lock(&dev_data->lock);
2107 if (dev_data->domain != NULL)
2110 if (!dev_is_pci(dev))
2111 goto skip_ats_check;
2113 pdev = to_pci_dev(dev);
2114 if (domain->flags & PD_IOMMUV2_MASK) {
2115 struct iommu_domain *def_domain = iommu_get_dma_domain(dev);
2118 if (def_domain->type != IOMMU_DOMAIN_IDENTITY)
2121 if (dev_data->iommu_v2) {
2122 if (pdev_iommuv2_enable(pdev) != 0)
2125 dev_data->ats.enabled = true;
2126 dev_data->ats.qdep = pci_ats_queue_depth(pdev);
2127 dev_data->pri_tlp = pci_prg_resp_pasid_required(pdev);
2129 } else if (amd_iommu_iotlb_sup &&
2130 pci_enable_ats(pdev, PAGE_SHIFT) == 0) {
2131 dev_data->ats.enabled = true;
2132 dev_data->ats.qdep = pci_ats_queue_depth(pdev);
2138 do_attach(dev_data, domain);
2141 * We might boot into a crash-kernel here. The crashed kernel
2142 * left the caches in the IOMMU dirty. So we have to flush
2143 * here to evict all dirty stuff.
2145 domain_flush_tlb_pde(domain);
2147 domain_flush_complete(domain);
2150 spin_unlock(&dev_data->lock);
2152 spin_unlock_irqrestore(&domain->lock, flags);
2158 * Removes a device from a protection domain (with devtable_lock held)
2160 static void detach_device(struct device *dev)
2162 struct protection_domain *domain;
2163 struct iommu_dev_data *dev_data;
2164 unsigned long flags;
2166 dev_data = get_dev_data(dev);
2167 domain = dev_data->domain;
2169 spin_lock_irqsave(&domain->lock, flags);
2171 spin_lock(&dev_data->lock);
2174 * First check if the device is still attached. It might already
2175 * be detached from its domain because the generic
2176 * iommu_detach_group code detached it and we try again here in
2177 * our alias handling.
2179 if (WARN_ON(!dev_data->domain))
2182 do_detach(dev_data);
2184 if (!dev_is_pci(dev))
2187 if (domain->flags & PD_IOMMUV2_MASK && dev_data->iommu_v2)
2188 pdev_iommuv2_disable(to_pci_dev(dev));
2189 else if (dev_data->ats.enabled)
2190 pci_disable_ats(to_pci_dev(dev));
2192 dev_data->ats.enabled = false;
2195 spin_unlock(&dev_data->lock);
2197 spin_unlock_irqrestore(&domain->lock, flags);
2200 static struct iommu_device *amd_iommu_probe_device(struct device *dev)
2202 struct iommu_device *iommu_dev;
2203 struct amd_iommu *iommu;
2206 if (!check_device(dev))
2207 return ERR_PTR(-ENODEV);
2209 devid = get_device_id(dev);
2211 return ERR_PTR(devid);
2213 iommu = amd_iommu_rlookup_table[devid];
2215 if (get_dev_data(dev))
2216 return &iommu->iommu;
2218 ret = iommu_init_device(dev);
2220 if (ret != -ENOTSUPP)
2221 dev_err(dev, "Failed to initialize - trying to proceed anyway\n");
2222 iommu_dev = ERR_PTR(ret);
2223 iommu_ignore_device(dev);
2225 iommu_dev = &iommu->iommu;
2228 iommu_completion_wait(iommu);
2233 static void amd_iommu_probe_finalize(struct device *dev)
2235 struct iommu_domain *domain;
2237 /* Domains are initialized for this device - have a look what we ended up with */
2238 domain = iommu_get_domain_for_dev(dev);
2239 if (domain->type == IOMMU_DOMAIN_DMA)
2240 iommu_setup_dma_ops(dev, IOVA_START_PFN << PAGE_SHIFT, 0);
2243 static void amd_iommu_release_device(struct device *dev)
2245 struct amd_iommu *iommu;
2248 if (!check_device(dev))
2251 devid = get_device_id(dev);
2255 iommu = amd_iommu_rlookup_table[devid];
2257 amd_iommu_uninit_device(dev);
2258 iommu_completion_wait(iommu);
2261 static struct iommu_group *amd_iommu_device_group(struct device *dev)
2263 if (dev_is_pci(dev))
2264 return pci_device_group(dev);
2266 return acpihid_device_group(dev);
2269 static int amd_iommu_domain_get_attr(struct iommu_domain *domain,
2270 enum iommu_attr attr, void *data)
2272 switch (domain->type) {
2273 case IOMMU_DOMAIN_UNMANAGED:
2275 case IOMMU_DOMAIN_DMA:
2277 case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE:
2278 *(int *)data = !amd_iommu_unmap_flush;
2289 /*****************************************************************************
2291 * The next functions belong to the dma_ops mapping/unmapping code.
2293 *****************************************************************************/
2295 static void update_device_table(struct protection_domain *domain,
2296 struct domain_pgtable *pgtable)
2298 struct iommu_dev_data *dev_data;
2300 list_for_each_entry(dev_data, &domain->dev_list, list) {
2301 set_dte_entry(dev_data->devid, domain, pgtable,
2302 dev_data->ats.enabled, dev_data->iommu_v2);
2303 clone_aliases(dev_data->pdev);
2307 static void update_and_flush_device_table(struct protection_domain *domain,
2308 struct domain_pgtable *pgtable)
2310 update_device_table(domain, pgtable);
2311 domain_flush_devices(domain);
2314 static void update_domain(struct protection_domain *domain)
2316 struct domain_pgtable pgtable;
2318 /* Update device table */
2319 amd_iommu_domain_get_pgtable(domain, &pgtable);
2320 update_and_flush_device_table(domain, &pgtable);
2322 /* Flush domain TLB(s) and wait for completion */
2323 domain_flush_tlb_pde(domain);
2324 domain_flush_complete(domain);
2327 int __init amd_iommu_init_api(void)
2331 ret = iova_cache_get();
2335 err = bus_set_iommu(&pci_bus_type, &amd_iommu_ops);
2338 #ifdef CONFIG_ARM_AMBA
2339 err = bus_set_iommu(&amba_bustype, &amd_iommu_ops);
2343 err = bus_set_iommu(&platform_bus_type, &amd_iommu_ops);
2350 int __init amd_iommu_init_dma_ops(void)
2352 swiotlb = (iommu_default_passthrough() || sme_me_mask) ? 1 : 0;
2354 if (amd_iommu_unmap_flush)
2355 pr_info("IO/TLB flush on unmap enabled\n");
2357 pr_info("Lazy IO/TLB flushing enabled\n");
2363 /*****************************************************************************
2365 * The following functions belong to the exported interface of AMD IOMMU
2367 * This interface allows access to lower level functions of the IOMMU
2368 * like protection domain handling and assignement of devices to domains
2369 * which is not possible with the dma_ops interface.
2371 *****************************************************************************/
2373 static void cleanup_domain(struct protection_domain *domain)
2375 struct iommu_dev_data *entry;
2376 unsigned long flags;
2378 spin_lock_irqsave(&domain->lock, flags);
2380 while (!list_empty(&domain->dev_list)) {
2381 entry = list_first_entry(&domain->dev_list,
2382 struct iommu_dev_data, list);
2383 BUG_ON(!entry->domain);
2387 spin_unlock_irqrestore(&domain->lock, flags);
2390 static void protection_domain_free(struct protection_domain *domain)
2396 domain_id_free(domain->id);
2401 static int protection_domain_init(struct protection_domain *domain)
2403 spin_lock_init(&domain->lock);
2404 domain->id = domain_id_alloc();
2407 INIT_LIST_HEAD(&domain->dev_list);
2412 static struct protection_domain *protection_domain_alloc(void)
2414 struct protection_domain *domain;
2416 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2420 if (protection_domain_init(domain))
2431 static struct iommu_domain *amd_iommu_domain_alloc(unsigned type)
2433 struct protection_domain *pdomain;
2437 case IOMMU_DOMAIN_UNMANAGED:
2438 pdomain = protection_domain_alloc();
2442 pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2444 protection_domain_free(pdomain);
2448 root = amd_iommu_domain_encode_pgtable(pt_root, PAGE_MODE_3_LEVEL);
2449 atomic64_set(&pdomain->pt_root, root);
2451 pdomain->domain.geometry.aperture_start = 0;
2452 pdomain->domain.geometry.aperture_end = ~0ULL;
2453 pdomain->domain.geometry.force_aperture = true;
2456 case IOMMU_DOMAIN_DMA:
2457 pdomain = dma_ops_domain_alloc();
2459 pr_err("Failed to allocate\n");
2463 case IOMMU_DOMAIN_IDENTITY:
2464 pdomain = protection_domain_alloc();
2468 atomic64_set(&pdomain->pt_root, PAGE_MODE_NONE);
2474 return &pdomain->domain;
2477 static void amd_iommu_domain_free(struct iommu_domain *dom)
2479 struct protection_domain *domain;
2480 struct domain_pgtable pgtable;
2482 domain = to_pdomain(dom);
2484 if (domain->dev_cnt > 0)
2485 cleanup_domain(domain);
2487 BUG_ON(domain->dev_cnt != 0);
2492 switch (dom->type) {
2493 case IOMMU_DOMAIN_DMA:
2494 /* Now release the domain */
2495 dma_ops_domain_free(domain);
2498 amd_iommu_domain_get_pgtable(domain, &pgtable);
2500 if (pgtable.mode != PAGE_MODE_NONE)
2501 free_pagetable(domain);
2503 if (domain->flags & PD_IOMMUV2_MASK)
2504 free_gcr3_table(domain);
2506 protection_domain_free(domain);
2511 static void amd_iommu_detach_device(struct iommu_domain *dom,
2514 struct iommu_dev_data *dev_data = dev->archdata.iommu;
2515 struct amd_iommu *iommu;
2518 if (!check_device(dev))
2521 devid = get_device_id(dev);
2525 if (dev_data->domain != NULL)
2528 iommu = amd_iommu_rlookup_table[devid];
2532 #ifdef CONFIG_IRQ_REMAP
2533 if (AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) &&
2534 (dom->type == IOMMU_DOMAIN_UNMANAGED))
2535 dev_data->use_vapic = 0;
2538 iommu_completion_wait(iommu);
2541 static int amd_iommu_attach_device(struct iommu_domain *dom,
2544 struct protection_domain *domain = to_pdomain(dom);
2545 struct iommu_dev_data *dev_data;
2546 struct amd_iommu *iommu;
2549 if (!check_device(dev))
2552 dev_data = dev->archdata.iommu;
2553 dev_data->defer_attach = false;
2555 iommu = amd_iommu_rlookup_table[dev_data->devid];
2559 if (dev_data->domain)
2562 ret = attach_device(dev, domain);
2564 #ifdef CONFIG_IRQ_REMAP
2565 if (AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir)) {
2566 if (dom->type == IOMMU_DOMAIN_UNMANAGED)
2567 dev_data->use_vapic = 1;
2569 dev_data->use_vapic = 0;
2573 iommu_completion_wait(iommu);
2578 static int amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
2579 phys_addr_t paddr, size_t page_size, int iommu_prot,
2582 struct protection_domain *domain = to_pdomain(dom);
2583 struct domain_pgtable pgtable;
2587 amd_iommu_domain_get_pgtable(domain, &pgtable);
2588 if (pgtable.mode == PAGE_MODE_NONE)
2591 if (iommu_prot & IOMMU_READ)
2592 prot |= IOMMU_PROT_IR;
2593 if (iommu_prot & IOMMU_WRITE)
2594 prot |= IOMMU_PROT_IW;
2596 ret = iommu_map_page(domain, iova, paddr, page_size, prot, gfp);
2598 domain_flush_np_cache(domain, iova, page_size);
2603 static size_t amd_iommu_unmap(struct iommu_domain *dom, unsigned long iova,
2605 struct iommu_iotlb_gather *gather)
2607 struct protection_domain *domain = to_pdomain(dom);
2608 struct domain_pgtable pgtable;
2610 amd_iommu_domain_get_pgtable(domain, &pgtable);
2611 if (pgtable.mode == PAGE_MODE_NONE)
2614 return iommu_unmap_page(domain, iova, page_size);
2617 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2620 struct protection_domain *domain = to_pdomain(dom);
2621 unsigned long offset_mask, pte_pgsize;
2622 struct domain_pgtable pgtable;
2625 amd_iommu_domain_get_pgtable(domain, &pgtable);
2626 if (pgtable.mode == PAGE_MODE_NONE)
2629 pte = fetch_pte(domain, iova, &pte_pgsize);
2631 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2634 offset_mask = pte_pgsize - 1;
2635 __pte = __sme_clr(*pte & PM_ADDR_MASK);
2637 return (__pte & ~offset_mask) | (iova & offset_mask);
2640 static bool amd_iommu_capable(enum iommu_cap cap)
2643 case IOMMU_CAP_CACHE_COHERENCY:
2645 case IOMMU_CAP_INTR_REMAP:
2646 return (irq_remapping_enabled == 1);
2647 case IOMMU_CAP_NOEXEC:
2656 static void amd_iommu_get_resv_regions(struct device *dev,
2657 struct list_head *head)
2659 struct iommu_resv_region *region;
2660 struct unity_map_entry *entry;
2663 devid = get_device_id(dev);
2667 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
2671 if (devid < entry->devid_start || devid > entry->devid_end)
2674 type = IOMMU_RESV_DIRECT;
2675 length = entry->address_end - entry->address_start;
2676 if (entry->prot & IOMMU_PROT_IR)
2678 if (entry->prot & IOMMU_PROT_IW)
2679 prot |= IOMMU_WRITE;
2680 if (entry->prot & IOMMU_UNITY_MAP_FLAG_EXCL_RANGE)
2681 /* Exclusion range */
2682 type = IOMMU_RESV_RESERVED;
2684 region = iommu_alloc_resv_region(entry->address_start,
2685 length, prot, type);
2687 dev_err(dev, "Out of memory allocating dm-regions\n");
2690 list_add_tail(®ion->list, head);
2693 region = iommu_alloc_resv_region(MSI_RANGE_START,
2694 MSI_RANGE_END - MSI_RANGE_START + 1,
2698 list_add_tail(®ion->list, head);
2700 region = iommu_alloc_resv_region(HT_RANGE_START,
2701 HT_RANGE_END - HT_RANGE_START + 1,
2702 0, IOMMU_RESV_RESERVED);
2705 list_add_tail(®ion->list, head);
2708 bool amd_iommu_is_attach_deferred(struct iommu_domain *domain,
2711 struct iommu_dev_data *dev_data = dev->archdata.iommu;
2713 return dev_data->defer_attach;
2715 EXPORT_SYMBOL_GPL(amd_iommu_is_attach_deferred);
2717 static void amd_iommu_flush_iotlb_all(struct iommu_domain *domain)
2719 struct protection_domain *dom = to_pdomain(domain);
2720 unsigned long flags;
2722 spin_lock_irqsave(&dom->lock, flags);
2723 domain_flush_tlb_pde(dom);
2724 domain_flush_complete(dom);
2725 spin_unlock_irqrestore(&dom->lock, flags);
2728 static void amd_iommu_iotlb_sync(struct iommu_domain *domain,
2729 struct iommu_iotlb_gather *gather)
2731 amd_iommu_flush_iotlb_all(domain);
2734 static int amd_iommu_def_domain_type(struct device *dev)
2736 struct iommu_dev_data *dev_data;
2738 dev_data = get_dev_data(dev);
2742 if (dev_data->iommu_v2)
2743 return IOMMU_DOMAIN_IDENTITY;
2748 const struct iommu_ops amd_iommu_ops = {
2749 .capable = amd_iommu_capable,
2750 .domain_alloc = amd_iommu_domain_alloc,
2751 .domain_free = amd_iommu_domain_free,
2752 .attach_dev = amd_iommu_attach_device,
2753 .detach_dev = amd_iommu_detach_device,
2754 .map = amd_iommu_map,
2755 .unmap = amd_iommu_unmap,
2756 .iova_to_phys = amd_iommu_iova_to_phys,
2757 .probe_device = amd_iommu_probe_device,
2758 .release_device = amd_iommu_release_device,
2759 .probe_finalize = amd_iommu_probe_finalize,
2760 .device_group = amd_iommu_device_group,
2761 .domain_get_attr = amd_iommu_domain_get_attr,
2762 .get_resv_regions = amd_iommu_get_resv_regions,
2763 .put_resv_regions = generic_iommu_put_resv_regions,
2764 .is_attach_deferred = amd_iommu_is_attach_deferred,
2765 .pgsize_bitmap = AMD_IOMMU_PGSIZES,
2766 .flush_iotlb_all = amd_iommu_flush_iotlb_all,
2767 .iotlb_sync = amd_iommu_iotlb_sync,
2768 .def_domain_type = amd_iommu_def_domain_type,
2771 /*****************************************************************************
2773 * The next functions do a basic initialization of IOMMU for pass through
2776 * In passthrough mode the IOMMU is initialized and enabled but not used for
2777 * DMA-API translation.
2779 *****************************************************************************/
2781 /* IOMMUv2 specific functions */
2782 int amd_iommu_register_ppr_notifier(struct notifier_block *nb)
2784 return atomic_notifier_chain_register(&ppr_notifier, nb);
2786 EXPORT_SYMBOL(amd_iommu_register_ppr_notifier);
2788 int amd_iommu_unregister_ppr_notifier(struct notifier_block *nb)
2790 return atomic_notifier_chain_unregister(&ppr_notifier, nb);
2792 EXPORT_SYMBOL(amd_iommu_unregister_ppr_notifier);
2794 void amd_iommu_domain_direct_map(struct iommu_domain *dom)
2796 struct protection_domain *domain = to_pdomain(dom);
2797 struct domain_pgtable pgtable;
2798 unsigned long flags;
2801 spin_lock_irqsave(&domain->lock, flags);
2803 /* First save pgtable configuration*/
2804 amd_iommu_domain_get_pgtable(domain, &pgtable);
2806 /* Update data structure */
2807 pt_root = amd_iommu_domain_encode_pgtable(NULL, PAGE_MODE_NONE);
2808 atomic64_set(&domain->pt_root, pt_root);
2810 /* Make changes visible to IOMMUs */
2811 update_domain(domain);
2813 /* Restore old pgtable in domain->ptroot to free page-table */
2814 pt_root = amd_iommu_domain_encode_pgtable(pgtable.root, pgtable.mode);
2815 atomic64_set(&domain->pt_root, pt_root);
2817 /* Page-table is not visible to IOMMU anymore, so free it */
2818 free_pagetable(domain);
2820 spin_unlock_irqrestore(&domain->lock, flags);
2822 EXPORT_SYMBOL(amd_iommu_domain_direct_map);
2824 int amd_iommu_domain_enable_v2(struct iommu_domain *dom, int pasids)
2826 struct protection_domain *domain = to_pdomain(dom);
2827 unsigned long flags;
2830 if (pasids <= 0 || pasids > (PASID_MASK + 1))
2833 /* Number of GCR3 table levels required */
2834 for (levels = 0; (pasids - 1) & ~0x1ff; pasids >>= 9)
2837 if (levels > amd_iommu_max_glx_val)
2840 spin_lock_irqsave(&domain->lock, flags);
2843 * Save us all sanity checks whether devices already in the
2844 * domain support IOMMUv2. Just force that the domain has no
2845 * devices attached when it is switched into IOMMUv2 mode.
2848 if (domain->dev_cnt > 0 || domain->flags & PD_IOMMUV2_MASK)
2852 domain->gcr3_tbl = (void *)get_zeroed_page(GFP_ATOMIC);
2853 if (domain->gcr3_tbl == NULL)
2856 domain->glx = levels;
2857 domain->flags |= PD_IOMMUV2_MASK;
2859 update_domain(domain);
2864 spin_unlock_irqrestore(&domain->lock, flags);
2868 EXPORT_SYMBOL(amd_iommu_domain_enable_v2);
2870 static int __flush_pasid(struct protection_domain *domain, int pasid,
2871 u64 address, bool size)
2873 struct iommu_dev_data *dev_data;
2874 struct iommu_cmd cmd;
2877 if (!(domain->flags & PD_IOMMUV2_MASK))
2880 build_inv_iommu_pasid(&cmd, domain->id, pasid, address, size);
2883 * IOMMU TLB needs to be flushed before Device TLB to
2884 * prevent device TLB refill from IOMMU TLB
2886 for (i = 0; i < amd_iommu_get_num_iommus(); ++i) {
2887 if (domain->dev_iommu[i] == 0)
2890 ret = iommu_queue_command(amd_iommus[i], &cmd);
2895 /* Wait until IOMMU TLB flushes are complete */
2896 domain_flush_complete(domain);
2898 /* Now flush device TLBs */
2899 list_for_each_entry(dev_data, &domain->dev_list, list) {
2900 struct amd_iommu *iommu;
2904 There might be non-IOMMUv2 capable devices in an IOMMUv2
2907 if (!dev_data->ats.enabled)
2910 qdep = dev_data->ats.qdep;
2911 iommu = amd_iommu_rlookup_table[dev_data->devid];
2913 build_inv_iotlb_pasid(&cmd, dev_data->devid, pasid,
2914 qdep, address, size);
2916 ret = iommu_queue_command(iommu, &cmd);
2921 /* Wait until all device TLBs are flushed */
2922 domain_flush_complete(domain);
2931 static int __amd_iommu_flush_page(struct protection_domain *domain, int pasid,
2934 return __flush_pasid(domain, pasid, address, false);
2937 int amd_iommu_flush_page(struct iommu_domain *dom, int pasid,
2940 struct protection_domain *domain = to_pdomain(dom);
2941 unsigned long flags;
2944 spin_lock_irqsave(&domain->lock, flags);
2945 ret = __amd_iommu_flush_page(domain, pasid, address);
2946 spin_unlock_irqrestore(&domain->lock, flags);
2950 EXPORT_SYMBOL(amd_iommu_flush_page);
2952 static int __amd_iommu_flush_tlb(struct protection_domain *domain, int pasid)
2954 return __flush_pasid(domain, pasid, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
2958 int amd_iommu_flush_tlb(struct iommu_domain *dom, int pasid)
2960 struct protection_domain *domain = to_pdomain(dom);
2961 unsigned long flags;
2964 spin_lock_irqsave(&domain->lock, flags);
2965 ret = __amd_iommu_flush_tlb(domain, pasid);
2966 spin_unlock_irqrestore(&domain->lock, flags);
2970 EXPORT_SYMBOL(amd_iommu_flush_tlb);
2972 static u64 *__get_gcr3_pte(u64 *root, int level, int pasid, bool alloc)
2979 index = (pasid >> (9 * level)) & 0x1ff;
2985 if (!(*pte & GCR3_VALID)) {
2989 root = (void *)get_zeroed_page(GFP_ATOMIC);
2993 *pte = iommu_virt_to_phys(root) | GCR3_VALID;
2996 root = iommu_phys_to_virt(*pte & PAGE_MASK);
3004 static int __set_gcr3(struct protection_domain *domain, int pasid,
3007 struct domain_pgtable pgtable;
3010 amd_iommu_domain_get_pgtable(domain, &pgtable);
3011 if (pgtable.mode != PAGE_MODE_NONE)
3014 pte = __get_gcr3_pte(domain->gcr3_tbl, domain->glx, pasid, true);
3018 *pte = (cr3 & PAGE_MASK) | GCR3_VALID;
3020 return __amd_iommu_flush_tlb(domain, pasid);
3023 static int __clear_gcr3(struct protection_domain *domain, int pasid)
3025 struct domain_pgtable pgtable;
3028 amd_iommu_domain_get_pgtable(domain, &pgtable);
3029 if (pgtable.mode != PAGE_MODE_NONE)
3032 pte = __get_gcr3_pte(domain->gcr3_tbl, domain->glx, pasid, false);
3038 return __amd_iommu_flush_tlb(domain, pasid);
3041 int amd_iommu_domain_set_gcr3(struct iommu_domain *dom, int pasid,
3044 struct protection_domain *domain = to_pdomain(dom);
3045 unsigned long flags;
3048 spin_lock_irqsave(&domain->lock, flags);
3049 ret = __set_gcr3(domain, pasid, cr3);
3050 spin_unlock_irqrestore(&domain->lock, flags);
3054 EXPORT_SYMBOL(amd_iommu_domain_set_gcr3);
3056 int amd_iommu_domain_clear_gcr3(struct iommu_domain *dom, int pasid)
3058 struct protection_domain *domain = to_pdomain(dom);
3059 unsigned long flags;
3062 spin_lock_irqsave(&domain->lock, flags);
3063 ret = __clear_gcr3(domain, pasid);
3064 spin_unlock_irqrestore(&domain->lock, flags);
3068 EXPORT_SYMBOL(amd_iommu_domain_clear_gcr3);
3070 int amd_iommu_complete_ppr(struct pci_dev *pdev, int pasid,
3071 int status, int tag)
3073 struct iommu_dev_data *dev_data;
3074 struct amd_iommu *iommu;
3075 struct iommu_cmd cmd;
3077 dev_data = get_dev_data(&pdev->dev);
3078 iommu = amd_iommu_rlookup_table[dev_data->devid];
3080 build_complete_ppr(&cmd, dev_data->devid, pasid, status,
3081 tag, dev_data->pri_tlp);
3083 return iommu_queue_command(iommu, &cmd);
3085 EXPORT_SYMBOL(amd_iommu_complete_ppr);
3087 struct iommu_domain *amd_iommu_get_v2_domain(struct pci_dev *pdev)
3089 struct protection_domain *pdomain;
3090 struct iommu_domain *io_domain;
3091 struct device *dev = &pdev->dev;
3093 if (!check_device(dev))
3096 pdomain = get_dev_data(dev)->domain;
3097 if (pdomain == NULL && get_dev_data(dev)->defer_attach) {
3098 get_dev_data(dev)->defer_attach = false;
3099 io_domain = iommu_get_domain_for_dev(dev);
3100 pdomain = to_pdomain(io_domain);
3101 attach_device(dev, pdomain);
3103 if (pdomain == NULL)
3106 if (!dma_ops_domain(pdomain))
3109 /* Only return IOMMUv2 domains */
3110 if (!(pdomain->flags & PD_IOMMUV2_MASK))
3113 return &pdomain->domain;
3115 EXPORT_SYMBOL(amd_iommu_get_v2_domain);
3117 void amd_iommu_enable_device_erratum(struct pci_dev *pdev, u32 erratum)
3119 struct iommu_dev_data *dev_data;
3121 if (!amd_iommu_v2_supported())
3124 dev_data = get_dev_data(&pdev->dev);
3125 dev_data->errata |= (1 << erratum);
3127 EXPORT_SYMBOL(amd_iommu_enable_device_erratum);
3129 int amd_iommu_device_info(struct pci_dev *pdev,
3130 struct amd_iommu_device_info *info)
3135 if (pdev == NULL || info == NULL)
3138 if (!amd_iommu_v2_supported())
3141 memset(info, 0, sizeof(*info));
3143 if (!pci_ats_disabled()) {
3144 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_ATS);
3146 info->flags |= AMD_IOMMU_DEVICE_FLAG_ATS_SUP;
3149 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PRI);
3151 info->flags |= AMD_IOMMU_DEVICE_FLAG_PRI_SUP;
3153 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PASID);
3157 max_pasids = 1 << (9 * (amd_iommu_max_glx_val + 1));
3158 max_pasids = min(max_pasids, (1 << 20));
3160 info->flags |= AMD_IOMMU_DEVICE_FLAG_PASID_SUP;
3161 info->max_pasids = min(pci_max_pasids(pdev), max_pasids);
3163 features = pci_pasid_features(pdev);
3164 if (features & PCI_PASID_CAP_EXEC)
3165 info->flags |= AMD_IOMMU_DEVICE_FLAG_EXEC_SUP;
3166 if (features & PCI_PASID_CAP_PRIV)
3167 info->flags |= AMD_IOMMU_DEVICE_FLAG_PRIV_SUP;
3172 EXPORT_SYMBOL(amd_iommu_device_info);
3174 #ifdef CONFIG_IRQ_REMAP
3176 /*****************************************************************************
3178 * Interrupt Remapping Implementation
3180 *****************************************************************************/
3182 static struct irq_chip amd_ir_chip;
3183 static DEFINE_SPINLOCK(iommu_table_lock);
3185 static void set_dte_irq_entry(u16 devid, struct irq_remap_table *table)
3189 dte = amd_iommu_dev_table[devid].data[2];
3190 dte &= ~DTE_IRQ_PHYS_ADDR_MASK;
3191 dte |= iommu_virt_to_phys(table->table);
3192 dte |= DTE_IRQ_REMAP_INTCTL;
3193 dte |= DTE_IRQ_TABLE_LEN;
3194 dte |= DTE_IRQ_REMAP_ENABLE;
3196 amd_iommu_dev_table[devid].data[2] = dte;
3199 static struct irq_remap_table *get_irq_table(u16 devid)
3201 struct irq_remap_table *table;
3203 if (WARN_ONCE(!amd_iommu_rlookup_table[devid],
3204 "%s: no iommu for devid %x\n", __func__, devid))
3207 table = irq_lookup_table[devid];
3208 if (WARN_ONCE(!table, "%s: no table for devid %x\n", __func__, devid))
3214 static struct irq_remap_table *__alloc_irq_table(void)
3216 struct irq_remap_table *table;
3218 table = kzalloc(sizeof(*table), GFP_KERNEL);
3222 table->table = kmem_cache_alloc(amd_iommu_irq_cache, GFP_KERNEL);
3223 if (!table->table) {
3227 raw_spin_lock_init(&table->lock);
3229 if (!AMD_IOMMU_GUEST_IR_GA(amd_iommu_guest_ir))
3230 memset(table->table, 0,
3231 MAX_IRQS_PER_TABLE * sizeof(u32));
3233 memset(table->table, 0,
3234 (MAX_IRQS_PER_TABLE * (sizeof(u64) * 2)));
3238 static void set_remap_table_entry(struct amd_iommu *iommu, u16 devid,
3239 struct irq_remap_table *table)
3241 irq_lookup_table[devid] = table;
3242 set_dte_irq_entry(devid, table);
3243 iommu_flush_dte(iommu, devid);
3246 static int set_remap_table_entry_alias(struct pci_dev *pdev, u16 alias,
3249 struct irq_remap_table *table = data;
3251 irq_lookup_table[alias] = table;
3252 set_dte_irq_entry(alias, table);
3254 iommu_flush_dte(amd_iommu_rlookup_table[alias], alias);
3259 static struct irq_remap_table *alloc_irq_table(u16 devid, struct pci_dev *pdev)
3261 struct irq_remap_table *table = NULL;
3262 struct irq_remap_table *new_table = NULL;
3263 struct amd_iommu *iommu;
3264 unsigned long flags;
3267 spin_lock_irqsave(&iommu_table_lock, flags);
3269 iommu = amd_iommu_rlookup_table[devid];
3273 table = irq_lookup_table[devid];
3277 alias = amd_iommu_alias_table[devid];
3278 table = irq_lookup_table[alias];
3280 set_remap_table_entry(iommu, devid, table);
3283 spin_unlock_irqrestore(&iommu_table_lock, flags);
3285 /* Nothing there yet, allocate new irq remapping table */
3286 new_table = __alloc_irq_table();
3290 spin_lock_irqsave(&iommu_table_lock, flags);
3292 table = irq_lookup_table[devid];
3296 table = irq_lookup_table[alias];
3298 set_remap_table_entry(iommu, devid, table);
3306 pci_for_each_dma_alias(pdev, set_remap_table_entry_alias,
3309 set_remap_table_entry(iommu, devid, table);
3312 set_remap_table_entry(iommu, alias, table);
3315 iommu_completion_wait(iommu);
3318 spin_unlock_irqrestore(&iommu_table_lock, flags);
3321 kmem_cache_free(amd_iommu_irq_cache, new_table->table);
3327 static int alloc_irq_index(u16 devid, int count, bool align,
3328 struct pci_dev *pdev)
3330 struct irq_remap_table *table;
3331 int index, c, alignment = 1;
3332 unsigned long flags;
3333 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
3338 table = alloc_irq_table(devid, pdev);
3343 alignment = roundup_pow_of_two(count);
3345 raw_spin_lock_irqsave(&table->lock, flags);
3347 /* Scan table for free entries */
3348 for (index = ALIGN(table->min_index, alignment), c = 0;
3349 index < MAX_IRQS_PER_TABLE;) {
3350 if (!iommu->irte_ops->is_allocated(table, index)) {
3354 index = ALIGN(index + 1, alignment);
3360 iommu->irte_ops->set_allocated(table, index - c + 1);
3372 raw_spin_unlock_irqrestore(&table->lock, flags);
3377 static int modify_irte_ga(u16 devid, int index, struct irte_ga *irte,
3378 struct amd_ir_data *data)
3380 struct irq_remap_table *table;
3381 struct amd_iommu *iommu;
3382 unsigned long flags;
3383 struct irte_ga *entry;
3385 iommu = amd_iommu_rlookup_table[devid];
3389 table = get_irq_table(devid);
3393 raw_spin_lock_irqsave(&table->lock, flags);
3395 entry = (struct irte_ga *)table->table;
3396 entry = &entry[index];
3397 entry->lo.fields_remap.valid = 0;
3398 entry->hi.val = irte->hi.val;
3399 entry->lo.val = irte->lo.val;
3400 entry->lo.fields_remap.valid = 1;
3404 raw_spin_unlock_irqrestore(&table->lock, flags);
3406 iommu_flush_irt(iommu, devid);
3407 iommu_completion_wait(iommu);
3412 static int modify_irte(u16 devid, int index, union irte *irte)
3414 struct irq_remap_table *table;
3415 struct amd_iommu *iommu;
3416 unsigned long flags;
3418 iommu = amd_iommu_rlookup_table[devid];
3422 table = get_irq_table(devid);
3426 raw_spin_lock_irqsave(&table->lock, flags);
3427 table->table[index] = irte->val;
3428 raw_spin_unlock_irqrestore(&table->lock, flags);
3430 iommu_flush_irt(iommu, devid);
3431 iommu_completion_wait(iommu);
3436 static void free_irte(u16 devid, int index)
3438 struct irq_remap_table *table;
3439 struct amd_iommu *iommu;
3440 unsigned long flags;
3442 iommu = amd_iommu_rlookup_table[devid];
3446 table = get_irq_table(devid);
3450 raw_spin_lock_irqsave(&table->lock, flags);
3451 iommu->irte_ops->clear_allocated(table, index);
3452 raw_spin_unlock_irqrestore(&table->lock, flags);
3454 iommu_flush_irt(iommu, devid);
3455 iommu_completion_wait(iommu);
3458 static void irte_prepare(void *entry,
3459 u32 delivery_mode, u32 dest_mode,
3460 u8 vector, u32 dest_apicid, int devid)
3462 union irte *irte = (union irte *) entry;
3465 irte->fields.vector = vector;
3466 irte->fields.int_type = delivery_mode;
3467 irte->fields.destination = dest_apicid;
3468 irte->fields.dm = dest_mode;
3469 irte->fields.valid = 1;
3472 static void irte_ga_prepare(void *entry,
3473 u32 delivery_mode, u32 dest_mode,
3474 u8 vector, u32 dest_apicid, int devid)
3476 struct irte_ga *irte = (struct irte_ga *) entry;
3480 irte->lo.fields_remap.int_type = delivery_mode;
3481 irte->lo.fields_remap.dm = dest_mode;
3482 irte->hi.fields.vector = vector;
3483 irte->lo.fields_remap.destination = APICID_TO_IRTE_DEST_LO(dest_apicid);
3484 irte->hi.fields.destination = APICID_TO_IRTE_DEST_HI(dest_apicid);
3485 irte->lo.fields_remap.valid = 1;
3488 static void irte_activate(void *entry, u16 devid, u16 index)
3490 union irte *irte = (union irte *) entry;
3492 irte->fields.valid = 1;
3493 modify_irte(devid, index, irte);
3496 static void irte_ga_activate(void *entry, u16 devid, u16 index)
3498 struct irte_ga *irte = (struct irte_ga *) entry;
3500 irte->lo.fields_remap.valid = 1;
3501 modify_irte_ga(devid, index, irte, NULL);
3504 static void irte_deactivate(void *entry, u16 devid, u16 index)
3506 union irte *irte = (union irte *) entry;
3508 irte->fields.valid = 0;
3509 modify_irte(devid, index, irte);
3512 static void irte_ga_deactivate(void *entry, u16 devid, u16 index)
3514 struct irte_ga *irte = (struct irte_ga *) entry;
3516 irte->lo.fields_remap.valid = 0;
3517 modify_irte_ga(devid, index, irte, NULL);
3520 static void irte_set_affinity(void *entry, u16 devid, u16 index,
3521 u8 vector, u32 dest_apicid)
3523 union irte *irte = (union irte *) entry;
3525 irte->fields.vector = vector;
3526 irte->fields.destination = dest_apicid;
3527 modify_irte(devid, index, irte);
3530 static void irte_ga_set_affinity(void *entry, u16 devid, u16 index,
3531 u8 vector, u32 dest_apicid)
3533 struct irte_ga *irte = (struct irte_ga *) entry;
3535 if (!irte->lo.fields_remap.guest_mode) {
3536 irte->hi.fields.vector = vector;
3537 irte->lo.fields_remap.destination =
3538 APICID_TO_IRTE_DEST_LO(dest_apicid);
3539 irte->hi.fields.destination =
3540 APICID_TO_IRTE_DEST_HI(dest_apicid);
3541 modify_irte_ga(devid, index, irte, NULL);
3545 #define IRTE_ALLOCATED (~1U)
3546 static void irte_set_allocated(struct irq_remap_table *table, int index)
3548 table->table[index] = IRTE_ALLOCATED;
3551 static void irte_ga_set_allocated(struct irq_remap_table *table, int index)
3553 struct irte_ga *ptr = (struct irte_ga *)table->table;
3554 struct irte_ga *irte = &ptr[index];
3556 memset(&irte->lo.val, 0, sizeof(u64));
3557 memset(&irte->hi.val, 0, sizeof(u64));
3558 irte->hi.fields.vector = 0xff;
3561 static bool irte_is_allocated(struct irq_remap_table *table, int index)
3563 union irte *ptr = (union irte *)table->table;
3564 union irte *irte = &ptr[index];
3566 return irte->val != 0;
3569 static bool irte_ga_is_allocated(struct irq_remap_table *table, int index)
3571 struct irte_ga *ptr = (struct irte_ga *)table->table;
3572 struct irte_ga *irte = &ptr[index];
3574 return irte->hi.fields.vector != 0;
3577 static void irte_clear_allocated(struct irq_remap_table *table, int index)
3579 table->table[index] = 0;
3582 static void irte_ga_clear_allocated(struct irq_remap_table *table, int index)
3584 struct irte_ga *ptr = (struct irte_ga *)table->table;
3585 struct irte_ga *irte = &ptr[index];
3587 memset(&irte->lo.val, 0, sizeof(u64));
3588 memset(&irte->hi.val, 0, sizeof(u64));
3591 static int get_devid(struct irq_alloc_info *info)
3595 switch (info->type) {
3596 case X86_IRQ_ALLOC_TYPE_IOAPIC:
3597 devid = get_ioapic_devid(info->ioapic_id);
3599 case X86_IRQ_ALLOC_TYPE_HPET:
3600 devid = get_hpet_devid(info->hpet_id);
3602 case X86_IRQ_ALLOC_TYPE_MSI:
3603 case X86_IRQ_ALLOC_TYPE_MSIX:
3604 devid = get_device_id(&info->msi_dev->dev);
3614 static struct irq_domain *get_ir_irq_domain(struct irq_alloc_info *info)
3616 struct amd_iommu *iommu;
3622 devid = get_devid(info);
3624 iommu = amd_iommu_rlookup_table[devid];
3626 return iommu->ir_domain;
3632 static struct irq_domain *get_irq_domain(struct irq_alloc_info *info)
3634 struct amd_iommu *iommu;
3640 switch (info->type) {
3641 case X86_IRQ_ALLOC_TYPE_MSI:
3642 case X86_IRQ_ALLOC_TYPE_MSIX:
3643 devid = get_device_id(&info->msi_dev->dev);
3647 iommu = amd_iommu_rlookup_table[devid];
3649 return iommu->msi_domain;
3658 struct irq_remap_ops amd_iommu_irq_ops = {
3659 .prepare = amd_iommu_prepare,
3660 .enable = amd_iommu_enable,
3661 .disable = amd_iommu_disable,
3662 .reenable = amd_iommu_reenable,
3663 .enable_faulting = amd_iommu_enable_faulting,
3664 .get_ir_irq_domain = get_ir_irq_domain,
3665 .get_irq_domain = get_irq_domain,
3668 static void irq_remapping_prepare_irte(struct amd_ir_data *data,
3669 struct irq_cfg *irq_cfg,
3670 struct irq_alloc_info *info,
3671 int devid, int index, int sub_handle)
3673 struct irq_2_irte *irte_info = &data->irq_2_irte;
3674 struct msi_msg *msg = &data->msi_entry;
3675 struct IO_APIC_route_entry *entry;
3676 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
3681 data->irq_2_irte.devid = devid;
3682 data->irq_2_irte.index = index + sub_handle;
3683 iommu->irte_ops->prepare(data->entry, apic->irq_delivery_mode,
3684 apic->irq_dest_mode, irq_cfg->vector,
3685 irq_cfg->dest_apicid, devid);
3687 switch (info->type) {
3688 case X86_IRQ_ALLOC_TYPE_IOAPIC:
3689 /* Setup IOAPIC entry */
3690 entry = info->ioapic_entry;
3691 info->ioapic_entry = NULL;
3692 memset(entry, 0, sizeof(*entry));
3693 entry->vector = index;
3695 entry->trigger = info->ioapic_trigger;
3696 entry->polarity = info->ioapic_polarity;
3697 /* Mask level triggered irqs. */
3698 if (info->ioapic_trigger)
3702 case X86_IRQ_ALLOC_TYPE_HPET:
3703 case X86_IRQ_ALLOC_TYPE_MSI:
3704 case X86_IRQ_ALLOC_TYPE_MSIX:
3705 msg->address_hi = MSI_ADDR_BASE_HI;
3706 msg->address_lo = MSI_ADDR_BASE_LO;
3707 msg->data = irte_info->index;
3716 struct amd_irte_ops irte_32_ops = {
3717 .prepare = irte_prepare,
3718 .activate = irte_activate,
3719 .deactivate = irte_deactivate,
3720 .set_affinity = irte_set_affinity,
3721 .set_allocated = irte_set_allocated,
3722 .is_allocated = irte_is_allocated,
3723 .clear_allocated = irte_clear_allocated,
3726 struct amd_irte_ops irte_128_ops = {
3727 .prepare = irte_ga_prepare,
3728 .activate = irte_ga_activate,
3729 .deactivate = irte_ga_deactivate,
3730 .set_affinity = irte_ga_set_affinity,
3731 .set_allocated = irte_ga_set_allocated,
3732 .is_allocated = irte_ga_is_allocated,
3733 .clear_allocated = irte_ga_clear_allocated,
3736 static int irq_remapping_alloc(struct irq_domain *domain, unsigned int virq,
3737 unsigned int nr_irqs, void *arg)
3739 struct irq_alloc_info *info = arg;
3740 struct irq_data *irq_data;
3741 struct amd_ir_data *data = NULL;
3742 struct irq_cfg *cfg;
3748 if (nr_irqs > 1 && info->type != X86_IRQ_ALLOC_TYPE_MSI &&
3749 info->type != X86_IRQ_ALLOC_TYPE_MSIX)
3753 * With IRQ remapping enabled, don't need contiguous CPU vectors
3754 * to support multiple MSI interrupts.
3756 if (info->type == X86_IRQ_ALLOC_TYPE_MSI)
3757 info->flags &= ~X86_IRQ_ALLOC_CONTIGUOUS_VECTORS;
3759 devid = get_devid(info);
3763 ret = irq_domain_alloc_irqs_parent(domain, virq, nr_irqs, arg);
3767 if (info->type == X86_IRQ_ALLOC_TYPE_IOAPIC) {
3768 struct irq_remap_table *table;
3769 struct amd_iommu *iommu;
3771 table = alloc_irq_table(devid, NULL);
3773 if (!table->min_index) {
3775 * Keep the first 32 indexes free for IOAPIC
3778 table->min_index = 32;
3779 iommu = amd_iommu_rlookup_table[devid];
3780 for (i = 0; i < 32; ++i)
3781 iommu->irte_ops->set_allocated(table, i);
3783 WARN_ON(table->min_index != 32);
3784 index = info->ioapic_pin;
3788 } else if (info->type == X86_IRQ_ALLOC_TYPE_MSI ||
3789 info->type == X86_IRQ_ALLOC_TYPE_MSIX) {
3790 bool align = (info->type == X86_IRQ_ALLOC_TYPE_MSI);
3792 index = alloc_irq_index(devid, nr_irqs, align, info->msi_dev);
3794 index = alloc_irq_index(devid, nr_irqs, false, NULL);
3798 pr_warn("Failed to allocate IRTE\n");
3800 goto out_free_parent;
3803 for (i = 0; i < nr_irqs; i++) {
3804 irq_data = irq_domain_get_irq_data(domain, virq + i);
3805 cfg = irqd_cfg(irq_data);
3806 if (!irq_data || !cfg) {
3812 data = kzalloc(sizeof(*data), GFP_KERNEL);
3816 if (!AMD_IOMMU_GUEST_IR_GA(amd_iommu_guest_ir))
3817 data->entry = kzalloc(sizeof(union irte), GFP_KERNEL);
3819 data->entry = kzalloc(sizeof(struct irte_ga),
3826 irq_data->hwirq = (devid << 16) + i;
3827 irq_data->chip_data = data;
3828 irq_data->chip = &amd_ir_chip;
3829 irq_remapping_prepare_irte(data, cfg, info, devid, index, i);
3830 irq_set_status_flags(virq + i, IRQ_MOVE_PCNTXT);
3836 for (i--; i >= 0; i--) {
3837 irq_data = irq_domain_get_irq_data(domain, virq + i);
3839 kfree(irq_data->chip_data);
3841 for (i = 0; i < nr_irqs; i++)
3842 free_irte(devid, index + i);
3844 irq_domain_free_irqs_common(domain, virq, nr_irqs);
3848 static void irq_remapping_free(struct irq_domain *domain, unsigned int virq,
3849 unsigned int nr_irqs)
3851 struct irq_2_irte *irte_info;
3852 struct irq_data *irq_data;
3853 struct amd_ir_data *data;
3856 for (i = 0; i < nr_irqs; i++) {
3857 irq_data = irq_domain_get_irq_data(domain, virq + i);
3858 if (irq_data && irq_data->chip_data) {
3859 data = irq_data->chip_data;
3860 irte_info = &data->irq_2_irte;
3861 free_irte(irte_info->devid, irte_info->index);
3866 irq_domain_free_irqs_common(domain, virq, nr_irqs);
3869 static void amd_ir_update_irte(struct irq_data *irqd, struct amd_iommu *iommu,
3870 struct amd_ir_data *ir_data,
3871 struct irq_2_irte *irte_info,
3872 struct irq_cfg *cfg);
3874 static int irq_remapping_activate(struct irq_domain *domain,
3875 struct irq_data *irq_data, bool reserve)
3877 struct amd_ir_data *data = irq_data->chip_data;
3878 struct irq_2_irte *irte_info = &data->irq_2_irte;
3879 struct amd_iommu *iommu = amd_iommu_rlookup_table[irte_info->devid];
3880 struct irq_cfg *cfg = irqd_cfg(irq_data);
3885 iommu->irte_ops->activate(data->entry, irte_info->devid,
3887 amd_ir_update_irte(irq_data, iommu, data, irte_info, cfg);
3891 static void irq_remapping_deactivate(struct irq_domain *domain,
3892 struct irq_data *irq_data)
3894 struct amd_ir_data *data = irq_data->chip_data;
3895 struct irq_2_irte *irte_info = &data->irq_2_irte;
3896 struct amd_iommu *iommu = amd_iommu_rlookup_table[irte_info->devid];
3899 iommu->irte_ops->deactivate(data->entry, irte_info->devid,
3903 static const struct irq_domain_ops amd_ir_domain_ops = {
3904 .alloc = irq_remapping_alloc,
3905 .free = irq_remapping_free,
3906 .activate = irq_remapping_activate,
3907 .deactivate = irq_remapping_deactivate,
3910 int amd_iommu_activate_guest_mode(void *data)
3912 struct amd_ir_data *ir_data = (struct amd_ir_data *)data;
3913 struct irte_ga *entry = (struct irte_ga *) ir_data->entry;
3915 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) ||
3916 !entry || entry->lo.fields_vapic.guest_mode)
3922 entry->lo.fields_vapic.guest_mode = 1;
3923 entry->lo.fields_vapic.ga_log_intr = 1;
3924 entry->hi.fields.ga_root_ptr = ir_data->ga_root_ptr;
3925 entry->hi.fields.vector = ir_data->ga_vector;
3926 entry->lo.fields_vapic.ga_tag = ir_data->ga_tag;
3928 return modify_irte_ga(ir_data->irq_2_irte.devid,
3929 ir_data->irq_2_irte.index, entry, ir_data);
3931 EXPORT_SYMBOL(amd_iommu_activate_guest_mode);
3933 int amd_iommu_deactivate_guest_mode(void *data)
3935 struct amd_ir_data *ir_data = (struct amd_ir_data *)data;
3936 struct irte_ga *entry = (struct irte_ga *) ir_data->entry;
3937 struct irq_cfg *cfg = ir_data->cfg;
3939 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) ||
3940 !entry || !entry->lo.fields_vapic.guest_mode)
3946 entry->lo.fields_remap.dm = apic->irq_dest_mode;
3947 entry->lo.fields_remap.int_type = apic->irq_delivery_mode;
3948 entry->hi.fields.vector = cfg->vector;
3949 entry->lo.fields_remap.destination =
3950 APICID_TO_IRTE_DEST_LO(cfg->dest_apicid);
3951 entry->hi.fields.destination =
3952 APICID_TO_IRTE_DEST_HI(cfg->dest_apicid);
3954 return modify_irte_ga(ir_data->irq_2_irte.devid,
3955 ir_data->irq_2_irte.index, entry, ir_data);
3957 EXPORT_SYMBOL(amd_iommu_deactivate_guest_mode);
3959 static int amd_ir_set_vcpu_affinity(struct irq_data *data, void *vcpu_info)
3962 struct amd_iommu *iommu;
3963 struct amd_iommu_pi_data *pi_data = vcpu_info;
3964 struct vcpu_data *vcpu_pi_info = pi_data->vcpu_data;
3965 struct amd_ir_data *ir_data = data->chip_data;
3966 struct irq_2_irte *irte_info = &ir_data->irq_2_irte;
3967 struct iommu_dev_data *dev_data = search_dev_data(irte_info->devid);
3970 * This device has never been set up for guest mode.
3971 * we should not modify the IRTE
3973 if (!dev_data || !dev_data->use_vapic)
3976 ir_data->cfg = irqd_cfg(data);
3977 pi_data->ir_data = ir_data;
3980 * SVM tries to set up for VAPIC mode, but we are in
3981 * legacy mode. So, we force legacy mode instead.
3983 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir)) {
3984 pr_debug("%s: Fall back to using intr legacy remap\n",
3986 pi_data->is_guest_mode = false;
3989 iommu = amd_iommu_rlookup_table[irte_info->devid];
3993 pi_data->prev_ga_tag = ir_data->cached_ga_tag;
3994 if (pi_data->is_guest_mode) {
3995 ir_data->ga_root_ptr = (pi_data->base >> 12);
3996 ir_data->ga_vector = vcpu_pi_info->vector;
3997 ir_data->ga_tag = pi_data->ga_tag;
3998 ret = amd_iommu_activate_guest_mode(ir_data);
4000 ir_data->cached_ga_tag = pi_data->ga_tag;
4002 ret = amd_iommu_deactivate_guest_mode(ir_data);
4005 * This communicates the ga_tag back to the caller
4006 * so that it can do all the necessary clean up.
4009 ir_data->cached_ga_tag = 0;
4016 static void amd_ir_update_irte(struct irq_data *irqd, struct amd_iommu *iommu,
4017 struct amd_ir_data *ir_data,
4018 struct irq_2_irte *irte_info,
4019 struct irq_cfg *cfg)
4023 * Atomically updates the IRTE with the new destination, vector
4024 * and flushes the interrupt entry cache.
4026 iommu->irte_ops->set_affinity(ir_data->entry, irte_info->devid,
4027 irte_info->index, cfg->vector,
4031 static int amd_ir_set_affinity(struct irq_data *data,
4032 const struct cpumask *mask, bool force)
4034 struct amd_ir_data *ir_data = data->chip_data;
4035 struct irq_2_irte *irte_info = &ir_data->irq_2_irte;
4036 struct irq_cfg *cfg = irqd_cfg(data);
4037 struct irq_data *parent = data->parent_data;
4038 struct amd_iommu *iommu = amd_iommu_rlookup_table[irte_info->devid];
4044 ret = parent->chip->irq_set_affinity(parent, mask, force);
4045 if (ret < 0 || ret == IRQ_SET_MASK_OK_DONE)
4048 amd_ir_update_irte(data, iommu, ir_data, irte_info, cfg);
4050 * After this point, all the interrupts will start arriving
4051 * at the new destination. So, time to cleanup the previous
4052 * vector allocation.
4054 send_cleanup_vector(cfg);
4056 return IRQ_SET_MASK_OK_DONE;
4059 static void ir_compose_msi_msg(struct irq_data *irq_data, struct msi_msg *msg)
4061 struct amd_ir_data *ir_data = irq_data->chip_data;
4063 *msg = ir_data->msi_entry;
4066 static struct irq_chip amd_ir_chip = {
4068 .irq_ack = apic_ack_irq,
4069 .irq_set_affinity = amd_ir_set_affinity,
4070 .irq_set_vcpu_affinity = amd_ir_set_vcpu_affinity,
4071 .irq_compose_msi_msg = ir_compose_msi_msg,
4074 int amd_iommu_create_irq_domain(struct amd_iommu *iommu)
4076 struct fwnode_handle *fn;
4078 fn = irq_domain_alloc_named_id_fwnode("AMD-IR", iommu->index);
4081 iommu->ir_domain = irq_domain_create_tree(fn, &amd_ir_domain_ops, iommu);
4082 irq_domain_free_fwnode(fn);
4083 if (!iommu->ir_domain)
4086 iommu->ir_domain->parent = arch_get_ir_parent_domain();
4087 iommu->msi_domain = arch_create_remap_msi_irq_domain(iommu->ir_domain,
4093 int amd_iommu_update_ga(int cpu, bool is_run, void *data)
4095 unsigned long flags;
4096 struct amd_iommu *iommu;
4097 struct irq_remap_table *table;
4098 struct amd_ir_data *ir_data = (struct amd_ir_data *)data;
4099 int devid = ir_data->irq_2_irte.devid;
4100 struct irte_ga *entry = (struct irte_ga *) ir_data->entry;
4101 struct irte_ga *ref = (struct irte_ga *) ir_data->ref;
4103 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) ||
4104 !ref || !entry || !entry->lo.fields_vapic.guest_mode)
4107 iommu = amd_iommu_rlookup_table[devid];
4111 table = get_irq_table(devid);
4115 raw_spin_lock_irqsave(&table->lock, flags);
4117 if (ref->lo.fields_vapic.guest_mode) {
4119 ref->lo.fields_vapic.destination =
4120 APICID_TO_IRTE_DEST_LO(cpu);
4121 ref->hi.fields.destination =
4122 APICID_TO_IRTE_DEST_HI(cpu);
4124 ref->lo.fields_vapic.is_run = is_run;
4128 raw_spin_unlock_irqrestore(&table->lock, flags);
4130 iommu_flush_irt(iommu, devid);
4131 iommu_completion_wait(iommu);
4134 EXPORT_SYMBOL(amd_iommu_update_ga);
git.samba.org / sfrench / cifs-2.6.git / blob