2 * Copyright © 2008 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
29 #include <drm/drm_vma_manager.h>
30 #include <drm/i915_drm.h>
32 #include "i915_trace.h"
33 #include "intel_drv.h"
34 #include <linux/oom.h>
35 #include <linux/shmem_fs.h>
36 #include <linux/slab.h>
37 #include <linux/swap.h>
38 #include <linux/pci.h>
39 #include <linux/dma-buf.h>
41 static void i915_gem_object_flush_gtt_write_domain(struct drm_i915_gem_object *obj);
42 static void i915_gem_object_flush_cpu_write_domain(struct drm_i915_gem_object *obj,
44 static __must_check int
45 i915_gem_object_wait_rendering(struct drm_i915_gem_object *obj,
48 i915_gem_object_retire(struct drm_i915_gem_object *obj);
50 static void i915_gem_write_fence(struct drm_device *dev, int reg,
51 struct drm_i915_gem_object *obj);
52 static void i915_gem_object_update_fence(struct drm_i915_gem_object *obj,
53 struct drm_i915_fence_reg *fence,
56 static unsigned long i915_gem_shrinker_count(struct shrinker *shrinker,
57 struct shrink_control *sc);
58 static unsigned long i915_gem_shrinker_scan(struct shrinker *shrinker,
59 struct shrink_control *sc);
60 static int i915_gem_shrinker_oom(struct notifier_block *nb,
63 static unsigned long i915_gem_purge(struct drm_i915_private *dev_priv, long target);
64 static unsigned long i915_gem_shrink_all(struct drm_i915_private *dev_priv);
66 static bool cpu_cache_is_coherent(struct drm_device *dev,
67 enum i915_cache_level level)
69 return HAS_LLC(dev) || level != I915_CACHE_NONE;
72 static bool cpu_write_needs_clflush(struct drm_i915_gem_object *obj)
74 if (!cpu_cache_is_coherent(obj->base.dev, obj->cache_level))
77 return obj->pin_display;
80 static inline void i915_gem_object_fence_lost(struct drm_i915_gem_object *obj)
83 i915_gem_release_mmap(obj);
85 /* As we do not have an associated fence register, we will force
86 * a tiling change if we ever need to acquire one.
88 obj->fence_dirty = false;
89 obj->fence_reg = I915_FENCE_REG_NONE;
92 /* some bookkeeping */
93 static void i915_gem_info_add_obj(struct drm_i915_private *dev_priv,
96 spin_lock(&dev_priv->mm.object_stat_lock);
97 dev_priv->mm.object_count++;
98 dev_priv->mm.object_memory += size;
99 spin_unlock(&dev_priv->mm.object_stat_lock);
102 static void i915_gem_info_remove_obj(struct drm_i915_private *dev_priv,
105 spin_lock(&dev_priv->mm.object_stat_lock);
106 dev_priv->mm.object_count--;
107 dev_priv->mm.object_memory -= size;
108 spin_unlock(&dev_priv->mm.object_stat_lock);
112 i915_gem_wait_for_error(struct i915_gpu_error *error)
116 #define EXIT_COND (!i915_reset_in_progress(error) || \
117 i915_terminally_wedged(error))
122 * Only wait 10 seconds for the gpu reset to complete to avoid hanging
123 * userspace. If it takes that long something really bad is going on and
124 * we should simply try to bail out and fail as gracefully as possible.
126 ret = wait_event_interruptible_timeout(error->reset_queue,
130 DRM_ERROR("Timed out waiting for the gpu reset to complete\n");
132 } else if (ret < 0) {
140 int i915_mutex_lock_interruptible(struct drm_device *dev)
142 struct drm_i915_private *dev_priv = dev->dev_private;
145 ret = i915_gem_wait_for_error(&dev_priv->gpu_error);
149 ret = mutex_lock_interruptible(&dev->struct_mutex);
153 WARN_ON(i915_verify_lists(dev));
158 i915_gem_object_is_inactive(struct drm_i915_gem_object *obj)
160 return i915_gem_obj_bound_any(obj) && !obj->active;
164 i915_gem_init_ioctl(struct drm_device *dev, void *data,
165 struct drm_file *file)
167 struct drm_i915_private *dev_priv = dev->dev_private;
168 struct drm_i915_gem_init *args = data;
170 if (drm_core_check_feature(dev, DRIVER_MODESET))
173 if (args->gtt_start >= args->gtt_end ||
174 (args->gtt_end | args->gtt_start) & (PAGE_SIZE - 1))
177 /* GEM with user mode setting was never supported on ilk and later. */
178 if (INTEL_INFO(dev)->gen >= 5)
181 mutex_lock(&dev->struct_mutex);
182 i915_gem_setup_global_gtt(dev, args->gtt_start, args->gtt_end,
184 dev_priv->gtt.mappable_end = args->gtt_end;
185 mutex_unlock(&dev->struct_mutex);
191 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data,
192 struct drm_file *file)
194 struct drm_i915_private *dev_priv = dev->dev_private;
195 struct drm_i915_gem_get_aperture *args = data;
196 struct drm_i915_gem_object *obj;
200 mutex_lock(&dev->struct_mutex);
201 list_for_each_entry(obj, &dev_priv->mm.bound_list, global_list)
202 if (i915_gem_obj_is_pinned(obj))
203 pinned += i915_gem_obj_ggtt_size(obj);
204 mutex_unlock(&dev->struct_mutex);
206 args->aper_size = dev_priv->gtt.base.total;
207 args->aper_available_size = args->aper_size - pinned;
212 static void i915_gem_object_detach_phys(struct drm_i915_gem_object *obj)
214 drm_dma_handle_t *phys = obj->phys_handle;
219 if (obj->madv == I915_MADV_WILLNEED) {
220 struct address_space *mapping = file_inode(obj->base.filp)->i_mapping;
221 char *vaddr = phys->vaddr;
224 for (i = 0; i < obj->base.size / PAGE_SIZE; i++) {
225 struct page *page = shmem_read_mapping_page(mapping, i);
227 char *dst = kmap_atomic(page);
228 memcpy(dst, vaddr, PAGE_SIZE);
229 drm_clflush_virt_range(dst, PAGE_SIZE);
232 set_page_dirty(page);
233 mark_page_accessed(page);
234 page_cache_release(page);
238 i915_gem_chipset_flush(obj->base.dev);
242 set_memory_wb((unsigned long)phys->vaddr, phys->size / PAGE_SIZE);
244 drm_pci_free(obj->base.dev, phys);
245 obj->phys_handle = NULL;
249 i915_gem_object_attach_phys(struct drm_i915_gem_object *obj,
252 drm_dma_handle_t *phys;
253 struct address_space *mapping;
257 if (obj->phys_handle) {
258 if ((unsigned long)obj->phys_handle->vaddr & (align -1))
264 if (obj->madv != I915_MADV_WILLNEED)
267 if (obj->base.filp == NULL)
270 /* create a new object */
271 phys = drm_pci_alloc(obj->base.dev, obj->base.size, align);
277 set_memory_wc((unsigned long)vaddr, phys->size / PAGE_SIZE);
279 mapping = file_inode(obj->base.filp)->i_mapping;
280 for (i = 0; i < obj->base.size / PAGE_SIZE; i++) {
284 page = shmem_read_mapping_page(mapping, i);
287 set_memory_wb((unsigned long)phys->vaddr, phys->size / PAGE_SIZE);
289 drm_pci_free(obj->base.dev, phys);
290 return PTR_ERR(page);
293 src = kmap_atomic(page);
294 memcpy(vaddr, src, PAGE_SIZE);
297 mark_page_accessed(page);
298 page_cache_release(page);
303 obj->phys_handle = phys;
308 i915_gem_phys_pwrite(struct drm_i915_gem_object *obj,
309 struct drm_i915_gem_pwrite *args,
310 struct drm_file *file_priv)
312 struct drm_device *dev = obj->base.dev;
313 void *vaddr = obj->phys_handle->vaddr + args->offset;
314 char __user *user_data = to_user_ptr(args->data_ptr);
316 if (__copy_from_user_inatomic_nocache(vaddr, user_data, args->size)) {
317 unsigned long unwritten;
319 /* The physical object once assigned is fixed for the lifetime
320 * of the obj, so we can safely drop the lock and continue
323 mutex_unlock(&dev->struct_mutex);
324 unwritten = copy_from_user(vaddr, user_data, args->size);
325 mutex_lock(&dev->struct_mutex);
330 i915_gem_chipset_flush(dev);
334 void *i915_gem_object_alloc(struct drm_device *dev)
336 struct drm_i915_private *dev_priv = dev->dev_private;
337 return kmem_cache_zalloc(dev_priv->slab, GFP_KERNEL);
340 void i915_gem_object_free(struct drm_i915_gem_object *obj)
342 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
343 kmem_cache_free(dev_priv->slab, obj);
347 i915_gem_create(struct drm_file *file,
348 struct drm_device *dev,
352 struct drm_i915_gem_object *obj;
356 size = roundup(size, PAGE_SIZE);
360 /* Allocate the new object */
361 obj = i915_gem_alloc_object(dev, size);
365 ret = drm_gem_handle_create(file, &obj->base, &handle);
366 /* drop reference from allocate - handle holds it now */
367 drm_gem_object_unreference_unlocked(&obj->base);
376 i915_gem_dumb_create(struct drm_file *file,
377 struct drm_device *dev,
378 struct drm_mode_create_dumb *args)
380 /* have to work out size/pitch and return them */
381 args->pitch = ALIGN(args->width * DIV_ROUND_UP(args->bpp, 8), 64);
382 args->size = args->pitch * args->height;
383 return i915_gem_create(file, dev,
384 args->size, &args->handle);
388 * Creates a new mm object and returns a handle to it.
391 i915_gem_create_ioctl(struct drm_device *dev, void *data,
392 struct drm_file *file)
394 struct drm_i915_gem_create *args = data;
396 return i915_gem_create(file, dev,
397 args->size, &args->handle);
401 __copy_to_user_swizzled(char __user *cpu_vaddr,
402 const char *gpu_vaddr, int gpu_offset,
405 int ret, cpu_offset = 0;
408 int cacheline_end = ALIGN(gpu_offset + 1, 64);
409 int this_length = min(cacheline_end - gpu_offset, length);
410 int swizzled_gpu_offset = gpu_offset ^ 64;
412 ret = __copy_to_user(cpu_vaddr + cpu_offset,
413 gpu_vaddr + swizzled_gpu_offset,
418 cpu_offset += this_length;
419 gpu_offset += this_length;
420 length -= this_length;
427 __copy_from_user_swizzled(char *gpu_vaddr, int gpu_offset,
428 const char __user *cpu_vaddr,
431 int ret, cpu_offset = 0;
434 int cacheline_end = ALIGN(gpu_offset + 1, 64);
435 int this_length = min(cacheline_end - gpu_offset, length);
436 int swizzled_gpu_offset = gpu_offset ^ 64;
438 ret = __copy_from_user(gpu_vaddr + swizzled_gpu_offset,
439 cpu_vaddr + cpu_offset,
444 cpu_offset += this_length;
445 gpu_offset += this_length;
446 length -= this_length;
453 * Pins the specified object's pages and synchronizes the object with
454 * GPU accesses. Sets needs_clflush to non-zero if the caller should
455 * flush the object from the CPU cache.
457 int i915_gem_obj_prepare_shmem_read(struct drm_i915_gem_object *obj,
467 if (!(obj->base.read_domains & I915_GEM_DOMAIN_CPU)) {
468 /* If we're not in the cpu read domain, set ourself into the gtt
469 * read domain and manually flush cachelines (if required). This
470 * optimizes for the case when the gpu will dirty the data
471 * anyway again before the next pread happens. */
472 *needs_clflush = !cpu_cache_is_coherent(obj->base.dev,
474 ret = i915_gem_object_wait_rendering(obj, true);
478 i915_gem_object_retire(obj);
481 ret = i915_gem_object_get_pages(obj);
485 i915_gem_object_pin_pages(obj);
490 /* Per-page copy function for the shmem pread fastpath.
491 * Flushes invalid cachelines before reading the target if
492 * needs_clflush is set. */
494 shmem_pread_fast(struct page *page, int shmem_page_offset, int page_length,
495 char __user *user_data,
496 bool page_do_bit17_swizzling, bool needs_clflush)
501 if (unlikely(page_do_bit17_swizzling))
504 vaddr = kmap_atomic(page);
506 drm_clflush_virt_range(vaddr + shmem_page_offset,
508 ret = __copy_to_user_inatomic(user_data,
509 vaddr + shmem_page_offset,
511 kunmap_atomic(vaddr);
513 return ret ? -EFAULT : 0;
517 shmem_clflush_swizzled_range(char *addr, unsigned long length,
520 if (unlikely(swizzled)) {
521 unsigned long start = (unsigned long) addr;
522 unsigned long end = (unsigned long) addr + length;
524 /* For swizzling simply ensure that we always flush both
525 * channels. Lame, but simple and it works. Swizzled
526 * pwrite/pread is far from a hotpath - current userspace
527 * doesn't use it at all. */
528 start = round_down(start, 128);
529 end = round_up(end, 128);
531 drm_clflush_virt_range((void *)start, end - start);
533 drm_clflush_virt_range(addr, length);
538 /* Only difference to the fast-path function is that this can handle bit17
539 * and uses non-atomic copy and kmap functions. */
541 shmem_pread_slow(struct page *page, int shmem_page_offset, int page_length,
542 char __user *user_data,
543 bool page_do_bit17_swizzling, bool needs_clflush)
550 shmem_clflush_swizzled_range(vaddr + shmem_page_offset,
552 page_do_bit17_swizzling);
554 if (page_do_bit17_swizzling)
555 ret = __copy_to_user_swizzled(user_data,
556 vaddr, shmem_page_offset,
559 ret = __copy_to_user(user_data,
560 vaddr + shmem_page_offset,
564 return ret ? - EFAULT : 0;
568 i915_gem_shmem_pread(struct drm_device *dev,
569 struct drm_i915_gem_object *obj,
570 struct drm_i915_gem_pread *args,
571 struct drm_file *file)
573 char __user *user_data;
576 int shmem_page_offset, page_length, ret = 0;
577 int obj_do_bit17_swizzling, page_do_bit17_swizzling;
579 int needs_clflush = 0;
580 struct sg_page_iter sg_iter;
582 user_data = to_user_ptr(args->data_ptr);
585 obj_do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
587 ret = i915_gem_obj_prepare_shmem_read(obj, &needs_clflush);
591 offset = args->offset;
593 for_each_sg_page(obj->pages->sgl, &sg_iter, obj->pages->nents,
594 offset >> PAGE_SHIFT) {
595 struct page *page = sg_page_iter_page(&sg_iter);
600 /* Operation in this page
602 * shmem_page_offset = offset within page in shmem file
603 * page_length = bytes to copy for this page
605 shmem_page_offset = offset_in_page(offset);
606 page_length = remain;
607 if ((shmem_page_offset + page_length) > PAGE_SIZE)
608 page_length = PAGE_SIZE - shmem_page_offset;
610 page_do_bit17_swizzling = obj_do_bit17_swizzling &&
611 (page_to_phys(page) & (1 << 17)) != 0;
613 ret = shmem_pread_fast(page, shmem_page_offset, page_length,
614 user_data, page_do_bit17_swizzling,
619 mutex_unlock(&dev->struct_mutex);
621 if (likely(!i915.prefault_disable) && !prefaulted) {
622 ret = fault_in_multipages_writeable(user_data, remain);
623 /* Userspace is tricking us, but we've already clobbered
624 * its pages with the prefault and promised to write the
625 * data up to the first fault. Hence ignore any errors
626 * and just continue. */
631 ret = shmem_pread_slow(page, shmem_page_offset, page_length,
632 user_data, page_do_bit17_swizzling,
635 mutex_lock(&dev->struct_mutex);
641 remain -= page_length;
642 user_data += page_length;
643 offset += page_length;
647 i915_gem_object_unpin_pages(obj);
653 * Reads data from the object referenced by handle.
655 * On error, the contents of *data are undefined.
658 i915_gem_pread_ioctl(struct drm_device *dev, void *data,
659 struct drm_file *file)
661 struct drm_i915_gem_pread *args = data;
662 struct drm_i915_gem_object *obj;
668 if (!access_ok(VERIFY_WRITE,
669 to_user_ptr(args->data_ptr),
673 ret = i915_mutex_lock_interruptible(dev);
677 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle));
678 if (&obj->base == NULL) {
683 /* Bounds check source. */
684 if (args->offset > obj->base.size ||
685 args->size > obj->base.size - args->offset) {
690 /* prime objects have no backing filp to GEM pread/pwrite
693 if (!obj->base.filp) {
698 trace_i915_gem_object_pread(obj, args->offset, args->size);
700 ret = i915_gem_shmem_pread(dev, obj, args, file);
703 drm_gem_object_unreference(&obj->base);
705 mutex_unlock(&dev->struct_mutex);
709 /* This is the fast write path which cannot handle
710 * page faults in the source data
714 fast_user_write(struct io_mapping *mapping,
715 loff_t page_base, int page_offset,
716 char __user *user_data,
719 void __iomem *vaddr_atomic;
721 unsigned long unwritten;
723 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base);
724 /* We can use the cpu mem copy function because this is X86. */
725 vaddr = (void __force*)vaddr_atomic + page_offset;
726 unwritten = __copy_from_user_inatomic_nocache(vaddr,
728 io_mapping_unmap_atomic(vaddr_atomic);
733 * This is the fast pwrite path, where we copy the data directly from the
734 * user into the GTT, uncached.
737 i915_gem_gtt_pwrite_fast(struct drm_device *dev,
738 struct drm_i915_gem_object *obj,
739 struct drm_i915_gem_pwrite *args,
740 struct drm_file *file)
742 struct drm_i915_private *dev_priv = dev->dev_private;
744 loff_t offset, page_base;
745 char __user *user_data;
746 int page_offset, page_length, ret;
748 ret = i915_gem_obj_ggtt_pin(obj, 0, PIN_MAPPABLE | PIN_NONBLOCK);
752 ret = i915_gem_object_set_to_gtt_domain(obj, true);
756 ret = i915_gem_object_put_fence(obj);
760 user_data = to_user_ptr(args->data_ptr);
763 offset = i915_gem_obj_ggtt_offset(obj) + args->offset;
766 /* Operation in this page
768 * page_base = page offset within aperture
769 * page_offset = offset within page
770 * page_length = bytes to copy for this page
772 page_base = offset & PAGE_MASK;
773 page_offset = offset_in_page(offset);
774 page_length = remain;
775 if ((page_offset + remain) > PAGE_SIZE)
776 page_length = PAGE_SIZE - page_offset;
778 /* If we get a fault while copying data, then (presumably) our
779 * source page isn't available. Return the error and we'll
780 * retry in the slow path.
782 if (fast_user_write(dev_priv->gtt.mappable, page_base,
783 page_offset, user_data, page_length)) {
788 remain -= page_length;
789 user_data += page_length;
790 offset += page_length;
794 i915_gem_object_ggtt_unpin(obj);
799 /* Per-page copy function for the shmem pwrite fastpath.
800 * Flushes invalid cachelines before writing to the target if
801 * needs_clflush_before is set and flushes out any written cachelines after
802 * writing if needs_clflush is set. */
804 shmem_pwrite_fast(struct page *page, int shmem_page_offset, int page_length,
805 char __user *user_data,
806 bool page_do_bit17_swizzling,
807 bool needs_clflush_before,
808 bool needs_clflush_after)
813 if (unlikely(page_do_bit17_swizzling))
816 vaddr = kmap_atomic(page);
817 if (needs_clflush_before)
818 drm_clflush_virt_range(vaddr + shmem_page_offset,
820 ret = __copy_from_user_inatomic(vaddr + shmem_page_offset,
821 user_data, page_length);
822 if (needs_clflush_after)
823 drm_clflush_virt_range(vaddr + shmem_page_offset,
825 kunmap_atomic(vaddr);
827 return ret ? -EFAULT : 0;
830 /* Only difference to the fast-path function is that this can handle bit17
831 * and uses non-atomic copy and kmap functions. */
833 shmem_pwrite_slow(struct page *page, int shmem_page_offset, int page_length,
834 char __user *user_data,
835 bool page_do_bit17_swizzling,
836 bool needs_clflush_before,
837 bool needs_clflush_after)
843 if (unlikely(needs_clflush_before || page_do_bit17_swizzling))
844 shmem_clflush_swizzled_range(vaddr + shmem_page_offset,
846 page_do_bit17_swizzling);
847 if (page_do_bit17_swizzling)
848 ret = __copy_from_user_swizzled(vaddr, shmem_page_offset,
852 ret = __copy_from_user(vaddr + shmem_page_offset,
855 if (needs_clflush_after)
856 shmem_clflush_swizzled_range(vaddr + shmem_page_offset,
858 page_do_bit17_swizzling);
861 return ret ? -EFAULT : 0;
865 i915_gem_shmem_pwrite(struct drm_device *dev,
866 struct drm_i915_gem_object *obj,
867 struct drm_i915_gem_pwrite *args,
868 struct drm_file *file)
872 char __user *user_data;
873 int shmem_page_offset, page_length, ret = 0;
874 int obj_do_bit17_swizzling, page_do_bit17_swizzling;
875 int hit_slowpath = 0;
876 int needs_clflush_after = 0;
877 int needs_clflush_before = 0;
878 struct sg_page_iter sg_iter;
880 user_data = to_user_ptr(args->data_ptr);
883 obj_do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
885 if (obj->base.write_domain != I915_GEM_DOMAIN_CPU) {
886 /* If we're not in the cpu write domain, set ourself into the gtt
887 * write domain and manually flush cachelines (if required). This
888 * optimizes for the case when the gpu will use the data
889 * right away and we therefore have to clflush anyway. */
890 needs_clflush_after = cpu_write_needs_clflush(obj);
891 ret = i915_gem_object_wait_rendering(obj, false);
895 i915_gem_object_retire(obj);
897 /* Same trick applies to invalidate partially written cachelines read
899 if ((obj->base.read_domains & I915_GEM_DOMAIN_CPU) == 0)
900 needs_clflush_before =
901 !cpu_cache_is_coherent(dev, obj->cache_level);
903 ret = i915_gem_object_get_pages(obj);
907 i915_gem_object_pin_pages(obj);
909 offset = args->offset;
912 for_each_sg_page(obj->pages->sgl, &sg_iter, obj->pages->nents,
913 offset >> PAGE_SHIFT) {
914 struct page *page = sg_page_iter_page(&sg_iter);
915 int partial_cacheline_write;
920 /* Operation in this page
922 * shmem_page_offset = offset within page in shmem file
923 * page_length = bytes to copy for this page
925 shmem_page_offset = offset_in_page(offset);
927 page_length = remain;
928 if ((shmem_page_offset + page_length) > PAGE_SIZE)
929 page_length = PAGE_SIZE - shmem_page_offset;
931 /* If we don't overwrite a cacheline completely we need to be
932 * careful to have up-to-date data by first clflushing. Don't
933 * overcomplicate things and flush the entire patch. */
934 partial_cacheline_write = needs_clflush_before &&
935 ((shmem_page_offset | page_length)
936 & (boot_cpu_data.x86_clflush_size - 1));
938 page_do_bit17_swizzling = obj_do_bit17_swizzling &&
939 (page_to_phys(page) & (1 << 17)) != 0;
941 ret = shmem_pwrite_fast(page, shmem_page_offset, page_length,
942 user_data, page_do_bit17_swizzling,
943 partial_cacheline_write,
944 needs_clflush_after);
949 mutex_unlock(&dev->struct_mutex);
950 ret = shmem_pwrite_slow(page, shmem_page_offset, page_length,
951 user_data, page_do_bit17_swizzling,
952 partial_cacheline_write,
953 needs_clflush_after);
955 mutex_lock(&dev->struct_mutex);
961 remain -= page_length;
962 user_data += page_length;
963 offset += page_length;
967 i915_gem_object_unpin_pages(obj);
971 * Fixup: Flush cpu caches in case we didn't flush the dirty
972 * cachelines in-line while writing and the object moved
973 * out of the cpu write domain while we've dropped the lock.
975 if (!needs_clflush_after &&
976 obj->base.write_domain != I915_GEM_DOMAIN_CPU) {
977 if (i915_gem_clflush_object(obj, obj->pin_display))
978 i915_gem_chipset_flush(dev);
982 if (needs_clflush_after)
983 i915_gem_chipset_flush(dev);
989 * Writes data to the object referenced by handle.
991 * On error, the contents of the buffer that were to be modified are undefined.
994 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data,
995 struct drm_file *file)
997 struct drm_i915_gem_pwrite *args = data;
998 struct drm_i915_gem_object *obj;
1001 if (args->size == 0)
1004 if (!access_ok(VERIFY_READ,
1005 to_user_ptr(args->data_ptr),
1009 if (likely(!i915.prefault_disable)) {
1010 ret = fault_in_multipages_readable(to_user_ptr(args->data_ptr),
1016 ret = i915_mutex_lock_interruptible(dev);
1020 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle));
1021 if (&obj->base == NULL) {
1026 /* Bounds check destination. */
1027 if (args->offset > obj->base.size ||
1028 args->size > obj->base.size - args->offset) {
1033 /* prime objects have no backing filp to GEM pread/pwrite
1036 if (!obj->base.filp) {
1041 trace_i915_gem_object_pwrite(obj, args->offset, args->size);
1044 /* We can only do the GTT pwrite on untiled buffers, as otherwise
1045 * it would end up going through the fenced access, and we'll get
1046 * different detiling behavior between reading and writing.
1047 * pread/pwrite currently are reading and writing from the CPU
1048 * perspective, requiring manual detiling by the client.
1050 if (obj->phys_handle) {
1051 ret = i915_gem_phys_pwrite(obj, args, file);
1055 if (obj->tiling_mode == I915_TILING_NONE &&
1056 obj->base.write_domain != I915_GEM_DOMAIN_CPU &&
1057 cpu_write_needs_clflush(obj)) {
1058 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file);
1059 /* Note that the gtt paths might fail with non-page-backed user
1060 * pointers (e.g. gtt mappings when moving data between
1061 * textures). Fallback to the shmem path in that case. */
1064 if (ret == -EFAULT || ret == -ENOSPC)
1065 ret = i915_gem_shmem_pwrite(dev, obj, args, file);
1068 drm_gem_object_unreference(&obj->base);
1070 mutex_unlock(&dev->struct_mutex);
1075 i915_gem_check_wedge(struct i915_gpu_error *error,
1078 if (i915_reset_in_progress(error)) {
1079 /* Non-interruptible callers can't handle -EAGAIN, hence return
1080 * -EIO unconditionally for these. */
1084 /* Recovery complete, but the reset failed ... */
1085 if (i915_terminally_wedged(error))
1095 * Compare seqno against outstanding lazy request. Emit a request if they are
1099 i915_gem_check_olr(struct intel_engine_cs *ring, u32 seqno)
1103 BUG_ON(!mutex_is_locked(&ring->dev->struct_mutex));
1106 if (seqno == ring->outstanding_lazy_seqno)
1107 ret = i915_add_request(ring, NULL);
1112 static void fake_irq(unsigned long data)
1114 wake_up_process((struct task_struct *)data);
1117 static bool missed_irq(struct drm_i915_private *dev_priv,
1118 struct intel_engine_cs *ring)
1120 return test_bit(ring->id, &dev_priv->gpu_error.missed_irq_rings);
1123 static bool can_wait_boost(struct drm_i915_file_private *file_priv)
1125 if (file_priv == NULL)
1128 return !atomic_xchg(&file_priv->rps_wait_boost, true);
1132 * __wait_seqno - wait until execution of seqno has finished
1133 * @ring: the ring expected to report seqno
1135 * @reset_counter: reset sequence associated with the given seqno
1136 * @interruptible: do an interruptible wait (normally yes)
1137 * @timeout: in - how long to wait (NULL forever); out - how much time remaining
1139 * Note: It is of utmost importance that the passed in seqno and reset_counter
1140 * values have been read by the caller in an smp safe manner. Where read-side
1141 * locks are involved, it is sufficient to read the reset_counter before
1142 * unlocking the lock that protects the seqno. For lockless tricks, the
1143 * reset_counter _must_ be read before, and an appropriate smp_rmb must be
1146 * Returns 0 if the seqno was found within the alloted time. Else returns the
1147 * errno with remaining time filled in timeout argument.
1149 static int __wait_seqno(struct intel_engine_cs *ring, u32 seqno,
1150 unsigned reset_counter,
1152 struct timespec *timeout,
1153 struct drm_i915_file_private *file_priv)
1155 struct drm_device *dev = ring->dev;
1156 struct drm_i915_private *dev_priv = dev->dev_private;
1157 const bool irq_test_in_progress =
1158 ACCESS_ONCE(dev_priv->gpu_error.test_irq_rings) & intel_ring_flag(ring);
1159 struct timespec before, now;
1161 unsigned long timeout_expire;
1164 WARN(dev_priv->pm.irqs_disabled, "IRQs disabled\n");
1166 if (i915_seqno_passed(ring->get_seqno(ring, true), seqno))
1169 timeout_expire = timeout ? jiffies + timespec_to_jiffies_timeout(timeout) : 0;
1171 if (INTEL_INFO(dev)->gen >= 6 && can_wait_boost(file_priv)) {
1172 gen6_rps_boost(dev_priv);
1174 mod_delayed_work(dev_priv->wq,
1175 &file_priv->mm.idle_work,
1176 msecs_to_jiffies(100));
1179 if (!irq_test_in_progress && WARN_ON(!ring->irq_get(ring)))
1182 /* Record current time in case interrupted by signal, or wedged */
1183 trace_i915_gem_request_wait_begin(ring, seqno);
1184 getrawmonotonic(&before);
1186 struct timer_list timer;
1188 prepare_to_wait(&ring->irq_queue, &wait,
1189 interruptible ? TASK_INTERRUPTIBLE : TASK_UNINTERRUPTIBLE);
1191 /* We need to check whether any gpu reset happened in between
1192 * the caller grabbing the seqno and now ... */
1193 if (reset_counter != atomic_read(&dev_priv->gpu_error.reset_counter)) {
1194 /* ... but upgrade the -EAGAIN to an -EIO if the gpu
1195 * is truely gone. */
1196 ret = i915_gem_check_wedge(&dev_priv->gpu_error, interruptible);
1202 if (i915_seqno_passed(ring->get_seqno(ring, false), seqno)) {
1207 if (interruptible && signal_pending(current)) {
1212 if (timeout && time_after_eq(jiffies, timeout_expire)) {
1217 timer.function = NULL;
1218 if (timeout || missed_irq(dev_priv, ring)) {
1219 unsigned long expire;
1221 setup_timer_on_stack(&timer, fake_irq, (unsigned long)current);
1222 expire = missed_irq(dev_priv, ring) ? jiffies + 1 : timeout_expire;
1223 mod_timer(&timer, expire);
1228 if (timer.function) {
1229 del_singleshot_timer_sync(&timer);
1230 destroy_timer_on_stack(&timer);
1233 getrawmonotonic(&now);
1234 trace_i915_gem_request_wait_end(ring, seqno);
1236 if (!irq_test_in_progress)
1237 ring->irq_put(ring);
1239 finish_wait(&ring->irq_queue, &wait);
1242 struct timespec sleep_time = timespec_sub(now, before);
1243 *timeout = timespec_sub(*timeout, sleep_time);
1244 if (!timespec_valid(timeout)) /* i.e. negative time remains */
1245 set_normalized_timespec(timeout, 0, 0);
1252 * Waits for a sequence number to be signaled, and cleans up the
1253 * request and object lists appropriately for that event.
1256 i915_wait_seqno(struct intel_engine_cs *ring, uint32_t seqno)
1258 struct drm_device *dev = ring->dev;
1259 struct drm_i915_private *dev_priv = dev->dev_private;
1260 bool interruptible = dev_priv->mm.interruptible;
1263 BUG_ON(!mutex_is_locked(&dev->struct_mutex));
1266 ret = i915_gem_check_wedge(&dev_priv->gpu_error, interruptible);
1270 ret = i915_gem_check_olr(ring, seqno);
1274 return __wait_seqno(ring, seqno,
1275 atomic_read(&dev_priv->gpu_error.reset_counter),
1276 interruptible, NULL, NULL);
1280 i915_gem_object_wait_rendering__tail(struct drm_i915_gem_object *obj,
1281 struct intel_engine_cs *ring)
1286 /* Manually manage the write flush as we may have not yet
1287 * retired the buffer.
1289 * Note that the last_write_seqno is always the earlier of
1290 * the two (read/write) seqno, so if we haved successfully waited,
1291 * we know we have passed the last write.
1293 obj->last_write_seqno = 0;
1299 * Ensures that all rendering to the object has completed and the object is
1300 * safe to unbind from the GTT or access from the CPU.
1302 static __must_check int
1303 i915_gem_object_wait_rendering(struct drm_i915_gem_object *obj,
1306 struct intel_engine_cs *ring = obj->ring;
1310 seqno = readonly ? obj->last_write_seqno : obj->last_read_seqno;
1314 ret = i915_wait_seqno(ring, seqno);
1318 return i915_gem_object_wait_rendering__tail(obj, ring);
1321 /* A nonblocking variant of the above wait. This is a highly dangerous routine
1322 * as the object state may change during this call.
1324 static __must_check int
1325 i915_gem_object_wait_rendering__nonblocking(struct drm_i915_gem_object *obj,
1326 struct drm_i915_file_private *file_priv,
1329 struct drm_device *dev = obj->base.dev;
1330 struct drm_i915_private *dev_priv = dev->dev_private;
1331 struct intel_engine_cs *ring = obj->ring;
1332 unsigned reset_counter;
1336 BUG_ON(!mutex_is_locked(&dev->struct_mutex));
1337 BUG_ON(!dev_priv->mm.interruptible);
1339 seqno = readonly ? obj->last_write_seqno : obj->last_read_seqno;
1343 ret = i915_gem_check_wedge(&dev_priv->gpu_error, true);
1347 ret = i915_gem_check_olr(ring, seqno);
1351 reset_counter = atomic_read(&dev_priv->gpu_error.reset_counter);
1352 mutex_unlock(&dev->struct_mutex);
1353 ret = __wait_seqno(ring, seqno, reset_counter, true, NULL, file_priv);
1354 mutex_lock(&dev->struct_mutex);
1358 return i915_gem_object_wait_rendering__tail(obj, ring);
1362 * Called when user space prepares to use an object with the CPU, either
1363 * through the mmap ioctl's mapping or a GTT mapping.
1366 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data,
1367 struct drm_file *file)
1369 struct drm_i915_gem_set_domain *args = data;
1370 struct drm_i915_gem_object *obj;
1371 uint32_t read_domains = args->read_domains;
1372 uint32_t write_domain = args->write_domain;
1375 /* Only handle setting domains to types used by the CPU. */
1376 if (write_domain & I915_GEM_GPU_DOMAINS)
1379 if (read_domains & I915_GEM_GPU_DOMAINS)
1382 /* Having something in the write domain implies it's in the read
1383 * domain, and only that read domain. Enforce that in the request.
1385 if (write_domain != 0 && read_domains != write_domain)
1388 ret = i915_mutex_lock_interruptible(dev);
1392 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle));
1393 if (&obj->base == NULL) {
1398 /* Try to flush the object off the GPU without holding the lock.
1399 * We will repeat the flush holding the lock in the normal manner
1400 * to catch cases where we are gazumped.
1402 ret = i915_gem_object_wait_rendering__nonblocking(obj,
1408 if (read_domains & I915_GEM_DOMAIN_GTT) {
1409 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0);
1411 /* Silently promote "you're not bound, there was nothing to do"
1412 * to success, since the client was just asking us to
1413 * make sure everything was done.
1418 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0);
1422 drm_gem_object_unreference(&obj->base);
1424 mutex_unlock(&dev->struct_mutex);
1429 * Called when user space has done writes to this buffer
1432 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data,
1433 struct drm_file *file)
1435 struct drm_i915_gem_sw_finish *args = data;
1436 struct drm_i915_gem_object *obj;
1439 ret = i915_mutex_lock_interruptible(dev);
1443 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle));
1444 if (&obj->base == NULL) {
1449 /* Pinned buffers may be scanout, so flush the cache */
1450 if (obj->pin_display)
1451 i915_gem_object_flush_cpu_write_domain(obj, true);
1453 drm_gem_object_unreference(&obj->base);
1455 mutex_unlock(&dev->struct_mutex);
1460 * Maps the contents of an object, returning the address it is mapped
1463 * While the mapping holds a reference on the contents of the object, it doesn't
1464 * imply a ref on the object itself.
1467 i915_gem_mmap_ioctl(struct drm_device *dev, void *data,
1468 struct drm_file *file)
1470 struct drm_i915_gem_mmap *args = data;
1471 struct drm_gem_object *obj;
1474 obj = drm_gem_object_lookup(dev, file, args->handle);
1478 /* prime objects have no backing filp to GEM mmap
1482 drm_gem_object_unreference_unlocked(obj);
1486 addr = vm_mmap(obj->filp, 0, args->size,
1487 PROT_READ | PROT_WRITE, MAP_SHARED,
1489 drm_gem_object_unreference_unlocked(obj);
1490 if (IS_ERR((void *)addr))
1493 args->addr_ptr = (uint64_t) addr;
1499 * i915_gem_fault - fault a page into the GTT
1500 * vma: VMA in question
1503 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped
1504 * from userspace. The fault handler takes care of binding the object to
1505 * the GTT (if needed), allocating and programming a fence register (again,
1506 * only if needed based on whether the old reg is still valid or the object
1507 * is tiled) and inserting a new PTE into the faulting process.
1509 * Note that the faulting process may involve evicting existing objects
1510 * from the GTT and/or fence registers to make room. So performance may
1511 * suffer if the GTT working set is large or there are few fence registers
1514 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1516 struct drm_i915_gem_object *obj = to_intel_bo(vma->vm_private_data);
1517 struct drm_device *dev = obj->base.dev;
1518 struct drm_i915_private *dev_priv = dev->dev_private;
1519 pgoff_t page_offset;
1522 bool write = !!(vmf->flags & FAULT_FLAG_WRITE);
1524 intel_runtime_pm_get(dev_priv);
1526 /* We don't use vmf->pgoff since that has the fake offset */
1527 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >>
1530 ret = i915_mutex_lock_interruptible(dev);
1534 trace_i915_gem_object_fault(obj, page_offset, true, write);
1536 /* Try to flush the object off the GPU first without holding the lock.
1537 * Upon reacquiring the lock, we will perform our sanity checks and then
1538 * repeat the flush holding the lock in the normal manner to catch cases
1539 * where we are gazumped.
1541 ret = i915_gem_object_wait_rendering__nonblocking(obj, NULL, !write);
1545 /* Access to snoopable pages through the GTT is incoherent. */
1546 if (obj->cache_level != I915_CACHE_NONE && !HAS_LLC(dev)) {
1551 /* Now bind it into the GTT if needed */
1552 ret = i915_gem_obj_ggtt_pin(obj, 0, PIN_MAPPABLE);
1556 ret = i915_gem_object_set_to_gtt_domain(obj, write);
1560 ret = i915_gem_object_get_fence(obj);
1564 obj->fault_mappable = true;
1566 pfn = dev_priv->gtt.mappable_base + i915_gem_obj_ggtt_offset(obj);
1570 /* Finally, remap it using the new GTT offset */
1571 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn);
1573 i915_gem_object_ggtt_unpin(obj);
1575 mutex_unlock(&dev->struct_mutex);
1579 /* If this -EIO is due to a gpu hang, give the reset code a
1580 * chance to clean up the mess. Otherwise return the proper
1582 if (i915_terminally_wedged(&dev_priv->gpu_error)) {
1583 ret = VM_FAULT_SIGBUS;
1588 * EAGAIN means the gpu is hung and we'll wait for the error
1589 * handler to reset everything when re-faulting in
1590 * i915_mutex_lock_interruptible.
1597 * EBUSY is ok: this just means that another thread
1598 * already did the job.
1600 ret = VM_FAULT_NOPAGE;
1607 ret = VM_FAULT_SIGBUS;
1610 WARN_ONCE(ret, "unhandled error in i915_gem_fault: %i\n", ret);
1611 ret = VM_FAULT_SIGBUS;
1615 intel_runtime_pm_put(dev_priv);
1619 void i915_gem_release_all_mmaps(struct drm_i915_private *dev_priv)
1621 struct i915_vma *vma;
1624 * Only the global gtt is relevant for gtt memory mappings, so restrict
1625 * list traversal to objects bound into the global address space. Note
1626 * that the active list should be empty, but better safe than sorry.
1628 WARN_ON(!list_empty(&dev_priv->gtt.base.active_list));
1629 list_for_each_entry(vma, &dev_priv->gtt.base.active_list, mm_list)
1630 i915_gem_release_mmap(vma->obj);
1631 list_for_each_entry(vma, &dev_priv->gtt.base.inactive_list, mm_list)
1632 i915_gem_release_mmap(vma->obj);
1636 * i915_gem_release_mmap - remove physical page mappings
1637 * @obj: obj in question
1639 * Preserve the reservation of the mmapping with the DRM core code, but
1640 * relinquish ownership of the pages back to the system.
1642 * It is vital that we remove the page mapping if we have mapped a tiled
1643 * object through the GTT and then lose the fence register due to
1644 * resource pressure. Similarly if the object has been moved out of the
1645 * aperture, than pages mapped into userspace must be revoked. Removing the
1646 * mapping will then trigger a page fault on the next user access, allowing
1647 * fixup by i915_gem_fault().
1650 i915_gem_release_mmap(struct drm_i915_gem_object *obj)
1652 if (!obj->fault_mappable)
1655 drm_vma_node_unmap(&obj->base.vma_node,
1656 obj->base.dev->anon_inode->i_mapping);
1657 obj->fault_mappable = false;
1661 i915_gem_get_gtt_size(struct drm_device *dev, uint32_t size, int tiling_mode)
1665 if (INTEL_INFO(dev)->gen >= 4 ||
1666 tiling_mode == I915_TILING_NONE)
1669 /* Previous chips need a power-of-two fence region when tiling */
1670 if (INTEL_INFO(dev)->gen == 3)
1671 gtt_size = 1024*1024;
1673 gtt_size = 512*1024;
1675 while (gtt_size < size)
1682 * i915_gem_get_gtt_alignment - return required GTT alignment for an object
1683 * @obj: object to check
1685 * Return the required GTT alignment for an object, taking into account
1686 * potential fence register mapping.
1689 i915_gem_get_gtt_alignment(struct drm_device *dev, uint32_t size,
1690 int tiling_mode, bool fenced)
1693 * Minimum alignment is 4k (GTT page size), but might be greater
1694 * if a fence register is needed for the object.
1696 if (INTEL_INFO(dev)->gen >= 4 || (!fenced && IS_G33(dev)) ||
1697 tiling_mode == I915_TILING_NONE)
1701 * Previous chips need to be aligned to the size of the smallest
1702 * fence register that can contain the object.
1704 return i915_gem_get_gtt_size(dev, size, tiling_mode);
1707 static int i915_gem_object_create_mmap_offset(struct drm_i915_gem_object *obj)
1709 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
1712 if (drm_vma_node_has_offset(&obj->base.vma_node))
1715 dev_priv->mm.shrinker_no_lock_stealing = true;
1717 ret = drm_gem_create_mmap_offset(&obj->base);
1721 /* Badly fragmented mmap space? The only way we can recover
1722 * space is by destroying unwanted objects. We can't randomly release
1723 * mmap_offsets as userspace expects them to be persistent for the
1724 * lifetime of the objects. The closest we can is to release the
1725 * offsets on purgeable objects by truncating it and marking it purged,
1726 * which prevents userspace from ever using that object again.
1728 i915_gem_purge(dev_priv, obj->base.size >> PAGE_SHIFT);
1729 ret = drm_gem_create_mmap_offset(&obj->base);
1733 i915_gem_shrink_all(dev_priv);
1734 ret = drm_gem_create_mmap_offset(&obj->base);
1736 dev_priv->mm.shrinker_no_lock_stealing = false;
1741 static void i915_gem_object_free_mmap_offset(struct drm_i915_gem_object *obj)
1743 drm_gem_free_mmap_offset(&obj->base);
1747 i915_gem_mmap_gtt(struct drm_file *file,
1748 struct drm_device *dev,
1752 struct drm_i915_private *dev_priv = dev->dev_private;
1753 struct drm_i915_gem_object *obj;
1756 ret = i915_mutex_lock_interruptible(dev);
1760 obj = to_intel_bo(drm_gem_object_lookup(dev, file, handle));
1761 if (&obj->base == NULL) {
1766 if (obj->base.size > dev_priv->gtt.mappable_end) {
1771 if (obj->madv != I915_MADV_WILLNEED) {
1772 DRM_DEBUG("Attempting to mmap a purgeable buffer\n");
1777 ret = i915_gem_object_create_mmap_offset(obj);
1781 *offset = drm_vma_node_offset_addr(&obj->base.vma_node);
1784 drm_gem_object_unreference(&obj->base);
1786 mutex_unlock(&dev->struct_mutex);
1791 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing
1793 * @data: GTT mapping ioctl data
1794 * @file: GEM object info
1796 * Simply returns the fake offset to userspace so it can mmap it.
1797 * The mmap call will end up in drm_gem_mmap(), which will set things
1798 * up so we can get faults in the handler above.
1800 * The fault handler will take care of binding the object into the GTT
1801 * (since it may have been evicted to make room for something), allocating
1802 * a fence register, and mapping the appropriate aperture address into
1806 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data,
1807 struct drm_file *file)
1809 struct drm_i915_gem_mmap_gtt *args = data;
1811 return i915_gem_mmap_gtt(file, dev, args->handle, &args->offset);
1815 i915_gem_object_is_purgeable(struct drm_i915_gem_object *obj)
1817 return obj->madv == I915_MADV_DONTNEED;
1820 /* Immediately discard the backing storage */
1822 i915_gem_object_truncate(struct drm_i915_gem_object *obj)
1824 i915_gem_object_free_mmap_offset(obj);
1826 if (obj->base.filp == NULL)
1829 /* Our goal here is to return as much of the memory as
1830 * is possible back to the system as we are called from OOM.
1831 * To do this we must instruct the shmfs to drop all of its
1832 * backing pages, *now*.
1834 shmem_truncate_range(file_inode(obj->base.filp), 0, (loff_t)-1);
1835 obj->madv = __I915_MADV_PURGED;
1838 /* Try to discard unwanted pages */
1840 i915_gem_object_invalidate(struct drm_i915_gem_object *obj)
1842 struct address_space *mapping;
1844 switch (obj->madv) {
1845 case I915_MADV_DONTNEED:
1846 i915_gem_object_truncate(obj);
1847 case __I915_MADV_PURGED:
1851 if (obj->base.filp == NULL)
1854 mapping = file_inode(obj->base.filp)->i_mapping,
1855 invalidate_mapping_pages(mapping, 0, (loff_t)-1);
1859 i915_gem_object_put_pages_gtt(struct drm_i915_gem_object *obj)
1861 struct sg_page_iter sg_iter;
1864 BUG_ON(obj->madv == __I915_MADV_PURGED);
1866 ret = i915_gem_object_set_to_cpu_domain(obj, true);
1868 /* In the event of a disaster, abandon all caches and
1869 * hope for the best.
1871 WARN_ON(ret != -EIO);
1872 i915_gem_clflush_object(obj, true);
1873 obj->base.read_domains = obj->base.write_domain = I915_GEM_DOMAIN_CPU;
1876 if (i915_gem_object_needs_bit17_swizzle(obj))
1877 i915_gem_object_save_bit_17_swizzle(obj);
1879 if (obj->madv == I915_MADV_DONTNEED)
1882 for_each_sg_page(obj->pages->sgl, &sg_iter, obj->pages->nents, 0) {
1883 struct page *page = sg_page_iter_page(&sg_iter);
1886 set_page_dirty(page);
1888 if (obj->madv == I915_MADV_WILLNEED)
1889 mark_page_accessed(page);
1891 page_cache_release(page);
1895 sg_free_table(obj->pages);
1900 i915_gem_object_put_pages(struct drm_i915_gem_object *obj)
1902 const struct drm_i915_gem_object_ops *ops = obj->ops;
1904 if (obj->pages == NULL)
1907 if (obj->pages_pin_count)
1910 BUG_ON(i915_gem_obj_bound_any(obj));
1912 /* ->put_pages might need to allocate memory for the bit17 swizzle
1913 * array, hence protect them from being reaped by removing them from gtt
1915 list_del(&obj->global_list);
1917 ops->put_pages(obj);
1920 i915_gem_object_invalidate(obj);
1925 static unsigned long
1926 __i915_gem_shrink(struct drm_i915_private *dev_priv, long target,
1927 bool purgeable_only)
1929 struct list_head still_in_list;
1930 struct drm_i915_gem_object *obj;
1931 unsigned long count = 0;
1934 * As we may completely rewrite the (un)bound list whilst unbinding
1935 * (due to retiring requests) we have to strictly process only
1936 * one element of the list at the time, and recheck the list
1937 * on every iteration.
1939 * In particular, we must hold a reference whilst removing the
1940 * object as we may end up waiting for and/or retiring the objects.
1941 * This might release the final reference (held by the active list)
1942 * and result in the object being freed from under us. This is
1943 * similar to the precautions the eviction code must take whilst
1946 * Also note that although these lists do not hold a reference to
1947 * the object we can safely grab one here: The final object
1948 * unreferencing and the bound_list are both protected by the
1949 * dev->struct_mutex and so we won't ever be able to observe an
1950 * object on the bound_list with a reference count equals 0.
1952 INIT_LIST_HEAD(&still_in_list);
1953 while (count < target && !list_empty(&dev_priv->mm.unbound_list)) {
1954 obj = list_first_entry(&dev_priv->mm.unbound_list,
1955 typeof(*obj), global_list);
1956 list_move_tail(&obj->global_list, &still_in_list);
1958 if (!i915_gem_object_is_purgeable(obj) && purgeable_only)
1961 drm_gem_object_reference(&obj->base);
1963 if (i915_gem_object_put_pages(obj) == 0)
1964 count += obj->base.size >> PAGE_SHIFT;
1966 drm_gem_object_unreference(&obj->base);
1968 list_splice(&still_in_list, &dev_priv->mm.unbound_list);
1970 INIT_LIST_HEAD(&still_in_list);
1971 while (count < target && !list_empty(&dev_priv->mm.bound_list)) {
1972 struct i915_vma *vma, *v;
1974 obj = list_first_entry(&dev_priv->mm.bound_list,
1975 typeof(*obj), global_list);
1976 list_move_tail(&obj->global_list, &still_in_list);
1978 if (!i915_gem_object_is_purgeable(obj) && purgeable_only)
1981 drm_gem_object_reference(&obj->base);
1983 list_for_each_entry_safe(vma, v, &obj->vma_list, vma_link)
1984 if (i915_vma_unbind(vma))
1987 if (i915_gem_object_put_pages(obj) == 0)
1988 count += obj->base.size >> PAGE_SHIFT;
1990 drm_gem_object_unreference(&obj->base);
1992 list_splice(&still_in_list, &dev_priv->mm.bound_list);
1997 static unsigned long
1998 i915_gem_purge(struct drm_i915_private *dev_priv, long target)
2000 return __i915_gem_shrink(dev_priv, target, true);
2003 static unsigned long
2004 i915_gem_shrink_all(struct drm_i915_private *dev_priv)
2006 i915_gem_evict_everything(dev_priv->dev);
2007 return __i915_gem_shrink(dev_priv, LONG_MAX, false);
2011 i915_gem_object_get_pages_gtt(struct drm_i915_gem_object *obj)
2013 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
2015 struct address_space *mapping;
2016 struct sg_table *st;
2017 struct scatterlist *sg;
2018 struct sg_page_iter sg_iter;
2020 unsigned long last_pfn = 0; /* suppress gcc warning */
2023 /* Assert that the object is not currently in any GPU domain. As it
2024 * wasn't in the GTT, there shouldn't be any way it could have been in
2027 BUG_ON(obj->base.read_domains & I915_GEM_GPU_DOMAINS);
2028 BUG_ON(obj->base.write_domain & I915_GEM_GPU_DOMAINS);
2030 st = kmalloc(sizeof(*st), GFP_KERNEL);
2034 page_count = obj->base.size / PAGE_SIZE;
2035 if (sg_alloc_table(st, page_count, GFP_KERNEL)) {
2040 /* Get the list of pages out of our struct file. They'll be pinned
2041 * at this point until we release them.
2043 * Fail silently without starting the shrinker
2045 mapping = file_inode(obj->base.filp)->i_mapping;
2046 gfp = mapping_gfp_mask(mapping);
2047 gfp |= __GFP_NORETRY | __GFP_NOWARN | __GFP_NO_KSWAPD;
2048 gfp &= ~(__GFP_IO | __GFP_WAIT);
2051 for (i = 0; i < page_count; i++) {
2052 page = shmem_read_mapping_page_gfp(mapping, i, gfp);
2054 i915_gem_purge(dev_priv, page_count);
2055 page = shmem_read_mapping_page_gfp(mapping, i, gfp);
2058 /* We've tried hard to allocate the memory by reaping
2059 * our own buffer, now let the real VM do its job and
2060 * go down in flames if truly OOM.
2062 gfp &= ~(__GFP_NORETRY | __GFP_NOWARN | __GFP_NO_KSWAPD);
2063 gfp |= __GFP_IO | __GFP_WAIT;
2065 i915_gem_shrink_all(dev_priv);
2066 page = shmem_read_mapping_page_gfp(mapping, i, gfp);
2070 gfp |= __GFP_NORETRY | __GFP_NOWARN | __GFP_NO_KSWAPD;
2071 gfp &= ~(__GFP_IO | __GFP_WAIT);
2073 #ifdef CONFIG_SWIOTLB
2074 if (swiotlb_nr_tbl()) {
2076 sg_set_page(sg, page, PAGE_SIZE, 0);
2081 if (!i || page_to_pfn(page) != last_pfn + 1) {
2085 sg_set_page(sg, page, PAGE_SIZE, 0);
2087 sg->length += PAGE_SIZE;
2089 last_pfn = page_to_pfn(page);
2091 /* Check that the i965g/gm workaround works. */
2092 WARN_ON((gfp & __GFP_DMA32) && (last_pfn >= 0x00100000UL));
2094 #ifdef CONFIG_SWIOTLB
2095 if (!swiotlb_nr_tbl())
2100 if (i915_gem_object_needs_bit17_swizzle(obj))
2101 i915_gem_object_do_bit_17_swizzle(obj);
2107 for_each_sg_page(st->sgl, &sg_iter, st->nents, 0)
2108 page_cache_release(sg_page_iter_page(&sg_iter));
2112 /* shmemfs first checks if there is enough memory to allocate the page
2113 * and reports ENOSPC should there be insufficient, along with the usual
2114 * ENOMEM for a genuine allocation failure.
2116 * We use ENOSPC in our driver to mean that we have run out of aperture
2117 * space and so want to translate the error from shmemfs back to our
2118 * usual understanding of ENOMEM.
2120 if (PTR_ERR(page) == -ENOSPC)
2123 return PTR_ERR(page);
2126 /* Ensure that the associated pages are gathered from the backing storage
2127 * and pinned into our object. i915_gem_object_get_pages() may be called
2128 * multiple times before they are released by a single call to
2129 * i915_gem_object_put_pages() - once the pages are no longer referenced
2130 * either as a result of memory pressure (reaping pages under the shrinker)
2131 * or as the object is itself released.
2134 i915_gem_object_get_pages(struct drm_i915_gem_object *obj)
2136 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
2137 const struct drm_i915_gem_object_ops *ops = obj->ops;
2143 if (obj->madv != I915_MADV_WILLNEED) {
2144 DRM_DEBUG("Attempting to obtain a purgeable object\n");
2148 BUG_ON(obj->pages_pin_count);
2150 ret = ops->get_pages(obj);
2154 list_add_tail(&obj->global_list, &dev_priv->mm.unbound_list);
2159 i915_gem_object_move_to_active(struct drm_i915_gem_object *obj,
2160 struct intel_engine_cs *ring)
2162 struct drm_device *dev = obj->base.dev;
2163 struct drm_i915_private *dev_priv = dev->dev_private;
2164 u32 seqno = intel_ring_get_seqno(ring);
2166 BUG_ON(ring == NULL);
2167 if (obj->ring != ring && obj->last_write_seqno) {
2168 /* Keep the seqno relative to the current ring */
2169 obj->last_write_seqno = seqno;
2173 /* Add a reference if we're newly entering the active list. */
2175 drm_gem_object_reference(&obj->base);
2179 list_move_tail(&obj->ring_list, &ring->active_list);
2181 obj->last_read_seqno = seqno;
2183 if (obj->fenced_gpu_access) {
2184 obj->last_fenced_seqno = seqno;
2186 /* Bump MRU to take account of the delayed flush */
2187 if (obj->fence_reg != I915_FENCE_REG_NONE) {
2188 struct drm_i915_fence_reg *reg;
2190 reg = &dev_priv->fence_regs[obj->fence_reg];
2191 list_move_tail(®->lru_list,
2192 &dev_priv->mm.fence_list);
2197 void i915_vma_move_to_active(struct i915_vma *vma,
2198 struct intel_engine_cs *ring)
2200 list_move_tail(&vma->mm_list, &vma->vm->active_list);
2201 return i915_gem_object_move_to_active(vma->obj, ring);
2205 i915_gem_object_move_to_inactive(struct drm_i915_gem_object *obj)
2207 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
2208 struct i915_address_space *vm;
2209 struct i915_vma *vma;
2211 BUG_ON(obj->base.write_domain & ~I915_GEM_GPU_DOMAINS);
2212 BUG_ON(!obj->active);
2214 list_for_each_entry(vm, &dev_priv->vm_list, global_link) {
2215 vma = i915_gem_obj_to_vma(obj, vm);
2216 if (vma && !list_empty(&vma->mm_list))
2217 list_move_tail(&vma->mm_list, &vm->inactive_list);
2220 list_del_init(&obj->ring_list);
2223 obj->last_read_seqno = 0;
2224 obj->last_write_seqno = 0;
2225 obj->base.write_domain = 0;
2227 obj->last_fenced_seqno = 0;
2228 obj->fenced_gpu_access = false;
2231 drm_gem_object_unreference(&obj->base);
2233 WARN_ON(i915_verify_lists(dev));
2237 i915_gem_object_retire(struct drm_i915_gem_object *obj)
2239 struct intel_engine_cs *ring = obj->ring;
2244 if (i915_seqno_passed(ring->get_seqno(ring, true),
2245 obj->last_read_seqno))
2246 i915_gem_object_move_to_inactive(obj);
2250 i915_gem_init_seqno(struct drm_device *dev, u32 seqno)
2252 struct drm_i915_private *dev_priv = dev->dev_private;
2253 struct intel_engine_cs *ring;
2256 /* Carefully retire all requests without writing to the rings */
2257 for_each_ring(ring, dev_priv, i) {
2258 ret = intel_ring_idle(ring);
2262 i915_gem_retire_requests(dev);
2264 /* Finally reset hw state */
2265 for_each_ring(ring, dev_priv, i) {
2266 intel_ring_init_seqno(ring, seqno);
2268 for (j = 0; j < ARRAY_SIZE(ring->semaphore.sync_seqno); j++)
2269 ring->semaphore.sync_seqno[j] = 0;
2275 int i915_gem_set_seqno(struct drm_device *dev, u32 seqno)
2277 struct drm_i915_private *dev_priv = dev->dev_private;
2283 /* HWS page needs to be set less than what we
2284 * will inject to ring
2286 ret = i915_gem_init_seqno(dev, seqno - 1);
2290 /* Carefully set the last_seqno value so that wrap
2291 * detection still works
2293 dev_priv->next_seqno = seqno;
2294 dev_priv->last_seqno = seqno - 1;
2295 if (dev_priv->last_seqno == 0)
2296 dev_priv->last_seqno--;
2302 i915_gem_get_seqno(struct drm_device *dev, u32 *seqno)
2304 struct drm_i915_private *dev_priv = dev->dev_private;
2306 /* reserve 0 for non-seqno */
2307 if (dev_priv->next_seqno == 0) {
2308 int ret = i915_gem_init_seqno(dev, 0);
2312 dev_priv->next_seqno = 1;
2315 *seqno = dev_priv->last_seqno = dev_priv->next_seqno++;
2319 int __i915_add_request(struct intel_engine_cs *ring,
2320 struct drm_file *file,
2321 struct drm_i915_gem_object *obj,
2324 struct drm_i915_private *dev_priv = ring->dev->dev_private;
2325 struct drm_i915_gem_request *request;
2326 u32 request_ring_position, request_start;
2329 request_start = intel_ring_get_tail(ring);
2331 * Emit any outstanding flushes - execbuf can fail to emit the flush
2332 * after having emitted the batchbuffer command. Hence we need to fix
2333 * things up similar to emitting the lazy request. The difference here
2334 * is that the flush _must_ happen before the next request, no matter
2337 ret = intel_ring_flush_all_caches(ring);
2341 request = ring->preallocated_lazy_request;
2342 if (WARN_ON(request == NULL))
2345 /* Record the position of the start of the request so that
2346 * should we detect the updated seqno part-way through the
2347 * GPU processing the request, we never over-estimate the
2348 * position of the head.
2350 request_ring_position = intel_ring_get_tail(ring);
2352 ret = ring->add_request(ring);
2356 request->seqno = intel_ring_get_seqno(ring);
2357 request->ring = ring;
2358 request->head = request_start;
2359 request->tail = request_ring_position;
2361 /* Whilst this request exists, batch_obj will be on the
2362 * active_list, and so will hold the active reference. Only when this
2363 * request is retired will the the batch_obj be moved onto the
2364 * inactive_list and lose its active reference. Hence we do not need
2365 * to explicitly hold another reference here.
2367 request->batch_obj = obj;
2369 /* Hold a reference to the current context so that we can inspect
2370 * it later in case a hangcheck error event fires.
2372 request->ctx = ring->last_context;
2374 i915_gem_context_reference(request->ctx);
2376 request->emitted_jiffies = jiffies;
2377 list_add_tail(&request->list, &ring->request_list);
2378 request->file_priv = NULL;
2381 struct drm_i915_file_private *file_priv = file->driver_priv;
2383 spin_lock(&file_priv->mm.lock);
2384 request->file_priv = file_priv;
2385 list_add_tail(&request->client_list,
2386 &file_priv->mm.request_list);
2387 spin_unlock(&file_priv->mm.lock);
2390 trace_i915_gem_request_add(ring, request->seqno);
2391 ring->outstanding_lazy_seqno = 0;
2392 ring->preallocated_lazy_request = NULL;
2394 if (!dev_priv->ums.mm_suspended) {
2395 i915_queue_hangcheck(ring->dev);
2397 cancel_delayed_work_sync(&dev_priv->mm.idle_work);
2398 queue_delayed_work(dev_priv->wq,
2399 &dev_priv->mm.retire_work,
2400 round_jiffies_up_relative(HZ));
2401 intel_mark_busy(dev_priv->dev);
2405 *out_seqno = request->seqno;
2410 i915_gem_request_remove_from_client(struct drm_i915_gem_request *request)
2412 struct drm_i915_file_private *file_priv = request->file_priv;
2417 spin_lock(&file_priv->mm.lock);
2418 list_del(&request->client_list);
2419 request->file_priv = NULL;
2420 spin_unlock(&file_priv->mm.lock);
2423 static bool i915_context_is_banned(struct drm_i915_private *dev_priv,
2424 const struct intel_context *ctx)
2426 unsigned long elapsed;
2428 elapsed = get_seconds() - ctx->hang_stats.guilty_ts;
2430 if (ctx->hang_stats.banned)
2433 if (elapsed <= DRM_I915_CTX_BAN_PERIOD) {
2434 if (!i915_gem_context_is_default(ctx)) {
2435 DRM_DEBUG("context hanging too fast, banning!\n");
2437 } else if (i915_stop_ring_allow_ban(dev_priv)) {
2438 if (i915_stop_ring_allow_warn(dev_priv))
2439 DRM_ERROR("gpu hanging too fast, banning!\n");
2447 static void i915_set_reset_status(struct drm_i915_private *dev_priv,
2448 struct intel_context *ctx,
2451 struct i915_ctx_hang_stats *hs;
2456 hs = &ctx->hang_stats;
2459 hs->banned = i915_context_is_banned(dev_priv, ctx);
2461 hs->guilty_ts = get_seconds();
2463 hs->batch_pending++;
2467 static void i915_gem_free_request(struct drm_i915_gem_request *request)
2469 list_del(&request->list);
2470 i915_gem_request_remove_from_client(request);
2473 i915_gem_context_unreference(request->ctx);
2478 struct drm_i915_gem_request *
2479 i915_gem_find_active_request(struct intel_engine_cs *ring)
2481 struct drm_i915_gem_request *request;
2482 u32 completed_seqno;
2484 completed_seqno = ring->get_seqno(ring, false);
2486 list_for_each_entry(request, &ring->request_list, list) {
2487 if (i915_seqno_passed(completed_seqno, request->seqno))
2496 static void i915_gem_reset_ring_status(struct drm_i915_private *dev_priv,
2497 struct intel_engine_cs *ring)
2499 struct drm_i915_gem_request *request;
2502 request = i915_gem_find_active_request(ring);
2504 if (request == NULL)
2507 ring_hung = ring->hangcheck.score >= HANGCHECK_SCORE_RING_HUNG;
2509 i915_set_reset_status(dev_priv, request->ctx, ring_hung);
2511 list_for_each_entry_continue(request, &ring->request_list, list)
2512 i915_set_reset_status(dev_priv, request->ctx, false);
2515 static void i915_gem_reset_ring_cleanup(struct drm_i915_private *dev_priv,
2516 struct intel_engine_cs *ring)
2518 while (!list_empty(&ring->active_list)) {
2519 struct drm_i915_gem_object *obj;
2521 obj = list_first_entry(&ring->active_list,
2522 struct drm_i915_gem_object,
2525 i915_gem_object_move_to_inactive(obj);
2529 * We must free the requests after all the corresponding objects have
2530 * been moved off active lists. Which is the same order as the normal
2531 * retire_requests function does. This is important if object hold
2532 * implicit references on things like e.g. ppgtt address spaces through
2535 while (!list_empty(&ring->request_list)) {
2536 struct drm_i915_gem_request *request;
2538 request = list_first_entry(&ring->request_list,
2539 struct drm_i915_gem_request,
2542 i915_gem_free_request(request);
2545 /* These may not have been flush before the reset, do so now */
2546 kfree(ring->preallocated_lazy_request);
2547 ring->preallocated_lazy_request = NULL;
2548 ring->outstanding_lazy_seqno = 0;
2551 void i915_gem_restore_fences(struct drm_device *dev)
2553 struct drm_i915_private *dev_priv = dev->dev_private;
2556 for (i = 0; i < dev_priv->num_fence_regs; i++) {
2557 struct drm_i915_fence_reg *reg = &dev_priv->fence_regs[i];
2560 * Commit delayed tiling changes if we have an object still
2561 * attached to the fence, otherwise just clear the fence.
2564 i915_gem_object_update_fence(reg->obj, reg,
2565 reg->obj->tiling_mode);
2567 i915_gem_write_fence(dev, i, NULL);
2572 void i915_gem_reset(struct drm_device *dev)
2574 struct drm_i915_private *dev_priv = dev->dev_private;
2575 struct intel_engine_cs *ring;
2579 * Before we free the objects from the requests, we need to inspect
2580 * them for finding the guilty party. As the requests only borrow
2581 * their reference to the objects, the inspection must be done first.
2583 for_each_ring(ring, dev_priv, i)
2584 i915_gem_reset_ring_status(dev_priv, ring);
2586 for_each_ring(ring, dev_priv, i)
2587 i915_gem_reset_ring_cleanup(dev_priv, ring);
2589 i915_gem_context_reset(dev);
2591 i915_gem_restore_fences(dev);
2595 * This function clears the request list as sequence numbers are passed.
2598 i915_gem_retire_requests_ring(struct intel_engine_cs *ring)
2602 if (list_empty(&ring->request_list))
2605 WARN_ON(i915_verify_lists(ring->dev));
2607 seqno = ring->get_seqno(ring, true);
2609 /* Move any buffers on the active list that are no longer referenced
2610 * by the ringbuffer to the flushing/inactive lists as appropriate,
2611 * before we free the context associated with the requests.
2613 while (!list_empty(&ring->active_list)) {
2614 struct drm_i915_gem_object *obj;
2616 obj = list_first_entry(&ring->active_list,
2617 struct drm_i915_gem_object,
2620 if (!i915_seqno_passed(seqno, obj->last_read_seqno))
2623 i915_gem_object_move_to_inactive(obj);
2627 while (!list_empty(&ring->request_list)) {
2628 struct drm_i915_gem_request *request;
2630 request = list_first_entry(&ring->request_list,
2631 struct drm_i915_gem_request,
2634 if (!i915_seqno_passed(seqno, request->seqno))
2637 trace_i915_gem_request_retire(ring, request->seqno);
2638 /* We know the GPU must have read the request to have
2639 * sent us the seqno + interrupt, so use the position
2640 * of tail of the request to update the last known position
2643 ring->buffer->last_retired_head = request->tail;
2645 i915_gem_free_request(request);
2648 if (unlikely(ring->trace_irq_seqno &&
2649 i915_seqno_passed(seqno, ring->trace_irq_seqno))) {
2650 ring->irq_put(ring);
2651 ring->trace_irq_seqno = 0;
2654 WARN_ON(i915_verify_lists(ring->dev));
2658 i915_gem_retire_requests(struct drm_device *dev)
2660 struct drm_i915_private *dev_priv = dev->dev_private;
2661 struct intel_engine_cs *ring;
2665 for_each_ring(ring, dev_priv, i) {
2666 i915_gem_retire_requests_ring(ring);
2667 idle &= list_empty(&ring->request_list);
2671 mod_delayed_work(dev_priv->wq,
2672 &dev_priv->mm.idle_work,
2673 msecs_to_jiffies(100));
2679 i915_gem_retire_work_handler(struct work_struct *work)
2681 struct drm_i915_private *dev_priv =
2682 container_of(work, typeof(*dev_priv), mm.retire_work.work);
2683 struct drm_device *dev = dev_priv->dev;
2686 /* Come back later if the device is busy... */
2688 if (mutex_trylock(&dev->struct_mutex)) {
2689 idle = i915_gem_retire_requests(dev);
2690 mutex_unlock(&dev->struct_mutex);
2693 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work,
2694 round_jiffies_up_relative(HZ));
2698 i915_gem_idle_work_handler(struct work_struct *work)
2700 struct drm_i915_private *dev_priv =
2701 container_of(work, typeof(*dev_priv), mm.idle_work.work);
2703 intel_mark_idle(dev_priv->dev);
2707 * Ensures that an object will eventually get non-busy by flushing any required
2708 * write domains, emitting any outstanding lazy request and retiring and
2709 * completed requests.
2712 i915_gem_object_flush_active(struct drm_i915_gem_object *obj)
2717 ret = i915_gem_check_olr(obj->ring, obj->last_read_seqno);
2721 i915_gem_retire_requests_ring(obj->ring);
2728 * i915_gem_wait_ioctl - implements DRM_IOCTL_I915_GEM_WAIT
2729 * @DRM_IOCTL_ARGS: standard ioctl arguments
2731 * Returns 0 if successful, else an error is returned with the remaining time in
2732 * the timeout parameter.
2733 * -ETIME: object is still busy after timeout
2734 * -ERESTARTSYS: signal interrupted the wait
2735 * -ENONENT: object doesn't exist
2736 * Also possible, but rare:
2737 * -EAGAIN: GPU wedged
2739 * -ENODEV: Internal IRQ fail
2740 * -E?: The add request failed
2742 * The wait ioctl with a timeout of 0 reimplements the busy ioctl. With any
2743 * non-zero timeout parameter the wait ioctl will wait for the given number of
2744 * nanoseconds on an object becoming unbusy. Since the wait itself does so
2745 * without holding struct_mutex the object may become re-busied before this
2746 * function completes. A similar but shorter * race condition exists in the busy
2750 i915_gem_wait_ioctl(struct drm_device *dev, void *data, struct drm_file *file)
2752 struct drm_i915_private *dev_priv = dev->dev_private;
2753 struct drm_i915_gem_wait *args = data;
2754 struct drm_i915_gem_object *obj;
2755 struct intel_engine_cs *ring = NULL;
2756 struct timespec timeout_stack, *timeout = NULL;
2757 unsigned reset_counter;
2761 if (args->timeout_ns >= 0) {
2762 timeout_stack = ns_to_timespec(args->timeout_ns);
2763 timeout = &timeout_stack;
2766 ret = i915_mutex_lock_interruptible(dev);
2770 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->bo_handle));
2771 if (&obj->base == NULL) {
2772 mutex_unlock(&dev->struct_mutex);
2776 /* Need to make sure the object gets inactive eventually. */
2777 ret = i915_gem_object_flush_active(obj);
2782 seqno = obj->last_read_seqno;
2789 /* Do this after OLR check to make sure we make forward progress polling
2790 * on this IOCTL with a 0 timeout (like busy ioctl)
2792 if (!args->timeout_ns) {
2797 drm_gem_object_unreference(&obj->base);
2798 reset_counter = atomic_read(&dev_priv->gpu_error.reset_counter);
2799 mutex_unlock(&dev->struct_mutex);
2801 ret = __wait_seqno(ring, seqno, reset_counter, true, timeout, file->driver_priv);
2803 args->timeout_ns = timespec_to_ns(timeout);
2807 drm_gem_object_unreference(&obj->base);
2808 mutex_unlock(&dev->struct_mutex);
2813 * i915_gem_object_sync - sync an object to a ring.
2815 * @obj: object which may be in use on another ring.
2816 * @to: ring we wish to use the object on. May be NULL.
2818 * This code is meant to abstract object synchronization with the GPU.
2819 * Calling with NULL implies synchronizing the object with the CPU
2820 * rather than a particular GPU ring.
2822 * Returns 0 if successful, else propagates up the lower layer error.
2825 i915_gem_object_sync(struct drm_i915_gem_object *obj,
2826 struct intel_engine_cs *to)
2828 struct intel_engine_cs *from = obj->ring;
2832 if (from == NULL || to == from)
2835 if (to == NULL || !i915_semaphore_is_enabled(obj->base.dev))
2836 return i915_gem_object_wait_rendering(obj, false);
2838 idx = intel_ring_sync_index(from, to);
2840 seqno = obj->last_read_seqno;
2841 if (seqno <= from->semaphore.sync_seqno[idx])
2844 ret = i915_gem_check_olr(obj->ring, seqno);
2848 trace_i915_gem_ring_sync_to(from, to, seqno);
2849 ret = to->semaphore.sync_to(to, from, seqno);
2851 /* We use last_read_seqno because sync_to()
2852 * might have just caused seqno wrap under
2855 from->semaphore.sync_seqno[idx] = obj->last_read_seqno;
2860 static void i915_gem_object_finish_gtt(struct drm_i915_gem_object *obj)
2862 u32 old_write_domain, old_read_domains;
2864 /* Force a pagefault for domain tracking on next user access */
2865 i915_gem_release_mmap(obj);
2867 if ((obj->base.read_domains & I915_GEM_DOMAIN_GTT) == 0)
2870 /* Wait for any direct GTT access to complete */
2873 old_read_domains = obj->base.read_domains;
2874 old_write_domain = obj->base.write_domain;
2876 obj->base.read_domains &= ~I915_GEM_DOMAIN_GTT;
2877 obj->base.write_domain &= ~I915_GEM_DOMAIN_GTT;
2879 trace_i915_gem_object_change_domain(obj,
2884 int i915_vma_unbind(struct i915_vma *vma)
2886 struct drm_i915_gem_object *obj = vma->obj;
2887 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
2890 if (list_empty(&vma->vma_link))
2893 if (!drm_mm_node_allocated(&vma->node)) {
2894 i915_gem_vma_destroy(vma);
2901 BUG_ON(obj->pages == NULL);
2903 ret = i915_gem_object_finish_gpu(obj);
2906 /* Continue on if we fail due to EIO, the GPU is hung so we
2907 * should be safe and we need to cleanup or else we might
2908 * cause memory corruption through use-after-free.
2911 if (i915_is_ggtt(vma->vm)) {
2912 i915_gem_object_finish_gtt(obj);
2914 /* release the fence reg _after_ flushing */
2915 ret = i915_gem_object_put_fence(obj);
2920 trace_i915_vma_unbind(vma);
2922 vma->unbind_vma(vma);
2924 i915_gem_gtt_finish_object(obj);
2926 list_del_init(&vma->mm_list);
2927 /* Avoid an unnecessary call to unbind on rebind. */
2928 if (i915_is_ggtt(vma->vm))
2929 obj->map_and_fenceable = true;
2931 drm_mm_remove_node(&vma->node);
2932 i915_gem_vma_destroy(vma);
2934 /* Since the unbound list is global, only move to that list if
2935 * no more VMAs exist. */
2936 if (list_empty(&obj->vma_list))
2937 list_move_tail(&obj->global_list, &dev_priv->mm.unbound_list);
2939 /* And finally now the object is completely decoupled from this vma,
2940 * we can drop its hold on the backing storage and allow it to be
2941 * reaped by the shrinker.
2943 i915_gem_object_unpin_pages(obj);
2948 int i915_gpu_idle(struct drm_device *dev)
2950 struct drm_i915_private *dev_priv = dev->dev_private;
2951 struct intel_engine_cs *ring;
2954 /* Flush everything onto the inactive list. */
2955 for_each_ring(ring, dev_priv, i) {
2956 ret = i915_switch_context(ring, ring->default_context);
2960 ret = intel_ring_idle(ring);
2968 static void i965_write_fence_reg(struct drm_device *dev, int reg,
2969 struct drm_i915_gem_object *obj)
2971 struct drm_i915_private *dev_priv = dev->dev_private;
2973 int fence_pitch_shift;
2975 if (INTEL_INFO(dev)->gen >= 6) {
2976 fence_reg = FENCE_REG_SANDYBRIDGE_0;
2977 fence_pitch_shift = SANDYBRIDGE_FENCE_PITCH_SHIFT;
2979 fence_reg = FENCE_REG_965_0;
2980 fence_pitch_shift = I965_FENCE_PITCH_SHIFT;
2983 fence_reg += reg * 8;
2985 /* To w/a incoherency with non-atomic 64-bit register updates,
2986 * we split the 64-bit update into two 32-bit writes. In order
2987 * for a partial fence not to be evaluated between writes, we
2988 * precede the update with write to turn off the fence register,
2989 * and only enable the fence as the last step.
2991 * For extra levels of paranoia, we make sure each step lands
2992 * before applying the next step.
2994 I915_WRITE(fence_reg, 0);
2995 POSTING_READ(fence_reg);
2998 u32 size = i915_gem_obj_ggtt_size(obj);
3001 val = (uint64_t)((i915_gem_obj_ggtt_offset(obj) + size - 4096) &
3003 val |= i915_gem_obj_ggtt_offset(obj) & 0xfffff000;
3004 val |= (uint64_t)((obj->stride / 128) - 1) << fence_pitch_shift;
3005 if (obj->tiling_mode == I915_TILING_Y)
3006 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
3007 val |= I965_FENCE_REG_VALID;
3009 I915_WRITE(fence_reg + 4, val >> 32);
3010 POSTING_READ(fence_reg + 4);
3012 I915_WRITE(fence_reg + 0, val);
3013 POSTING_READ(fence_reg);
3015 I915_WRITE(fence_reg + 4, 0);
3016 POSTING_READ(fence_reg + 4);
3020 static void i915_write_fence_reg(struct drm_device *dev, int reg,
3021 struct drm_i915_gem_object *obj)
3023 struct drm_i915_private *dev_priv = dev->dev_private;
3027 u32 size = i915_gem_obj_ggtt_size(obj);
3031 WARN((i915_gem_obj_ggtt_offset(obj) & ~I915_FENCE_START_MASK) ||
3032 (size & -size) != size ||
3033 (i915_gem_obj_ggtt_offset(obj) & (size - 1)),
3034 "object 0x%08lx [fenceable? %d] not 1M or pot-size (0x%08x) aligned\n",
3035 i915_gem_obj_ggtt_offset(obj), obj->map_and_fenceable, size);
3037 if (obj->tiling_mode == I915_TILING_Y && HAS_128_BYTE_Y_TILING(dev))
3042 /* Note: pitch better be a power of two tile widths */
3043 pitch_val = obj->stride / tile_width;
3044 pitch_val = ffs(pitch_val) - 1;
3046 val = i915_gem_obj_ggtt_offset(obj);
3047 if (obj->tiling_mode == I915_TILING_Y)
3048 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
3049 val |= I915_FENCE_SIZE_BITS(size);
3050 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
3051 val |= I830_FENCE_REG_VALID;
3056 reg = FENCE_REG_830_0 + reg * 4;
3058 reg = FENCE_REG_945_8 + (reg - 8) * 4;
3060 I915_WRITE(reg, val);
3064 static void i830_write_fence_reg(struct drm_device *dev, int reg,
3065 struct drm_i915_gem_object *obj)
3067 struct drm_i915_private *dev_priv = dev->dev_private;
3071 u32 size = i915_gem_obj_ggtt_size(obj);
3074 WARN((i915_gem_obj_ggtt_offset(obj) & ~I830_FENCE_START_MASK) ||
3075 (size & -size) != size ||
3076 (i915_gem_obj_ggtt_offset(obj) & (size - 1)),
3077 "object 0x%08lx not 512K or pot-size 0x%08x aligned\n",
3078 i915_gem_obj_ggtt_offset(obj), size);
3080 pitch_val = obj->stride / 128;
3081 pitch_val = ffs(pitch_val) - 1;
3083 val = i915_gem_obj_ggtt_offset(obj);
3084 if (obj->tiling_mode == I915_TILING_Y)
3085 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
3086 val |= I830_FENCE_SIZE_BITS(size);
3087 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
3088 val |= I830_FENCE_REG_VALID;
3092 I915_WRITE(FENCE_REG_830_0 + reg * 4, val);
3093 POSTING_READ(FENCE_REG_830_0 + reg * 4);
3096 inline static bool i915_gem_object_needs_mb(struct drm_i915_gem_object *obj)
3098 return obj && obj->base.read_domains & I915_GEM_DOMAIN_GTT;
3101 static void i915_gem_write_fence(struct drm_device *dev, int reg,
3102 struct drm_i915_gem_object *obj)
3104 struct drm_i915_private *dev_priv = dev->dev_private;
3106 /* Ensure that all CPU reads are completed before installing a fence
3107 * and all writes before removing the fence.
3109 if (i915_gem_object_needs_mb(dev_priv->fence_regs[reg].obj))
3112 WARN(obj && (!obj->stride || !obj->tiling_mode),
3113 "bogus fence setup with stride: 0x%x, tiling mode: %i\n",
3114 obj->stride, obj->tiling_mode);
3116 switch (INTEL_INFO(dev)->gen) {
3121 case 4: i965_write_fence_reg(dev, reg, obj); break;
3122 case 3: i915_write_fence_reg(dev, reg, obj); break;
3123 case 2: i830_write_fence_reg(dev, reg, obj); break;
3127 /* And similarly be paranoid that no direct access to this region
3128 * is reordered to before the fence is installed.
3130 if (i915_gem_object_needs_mb(obj))
3134 static inline int fence_number(struct drm_i915_private *dev_priv,
3135 struct drm_i915_fence_reg *fence)
3137 return fence - dev_priv->fence_regs;
3140 static void i915_gem_object_update_fence(struct drm_i915_gem_object *obj,
3141 struct drm_i915_fence_reg *fence,
3144 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
3145 int reg = fence_number(dev_priv, fence);
3147 i915_gem_write_fence(obj->base.dev, reg, enable ? obj : NULL);
3150 obj->fence_reg = reg;
3152 list_move_tail(&fence->lru_list, &dev_priv->mm.fence_list);
3154 obj->fence_reg = I915_FENCE_REG_NONE;
3156 list_del_init(&fence->lru_list);
3158 obj->fence_dirty = false;
3162 i915_gem_object_wait_fence(struct drm_i915_gem_object *obj)
3164 if (obj->last_fenced_seqno) {
3165 int ret = i915_wait_seqno(obj->ring, obj->last_fenced_seqno);
3169 obj->last_fenced_seqno = 0;
3172 obj->fenced_gpu_access = false;
3177 i915_gem_object_put_fence(struct drm_i915_gem_object *obj)
3179 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
3180 struct drm_i915_fence_reg *fence;
3183 ret = i915_gem_object_wait_fence(obj);
3187 if (obj->fence_reg == I915_FENCE_REG_NONE)
3190 fence = &dev_priv->fence_regs[obj->fence_reg];
3192 if (WARN_ON(fence->pin_count))
3195 i915_gem_object_fence_lost(obj);
3196 i915_gem_object_update_fence(obj, fence, false);
3201 static struct drm_i915_fence_reg *
3202 i915_find_fence_reg(struct drm_device *dev)
3204 struct drm_i915_private *dev_priv = dev->dev_private;
3205 struct drm_i915_fence_reg *reg, *avail;
3208 /* First try to find a free reg */
3210 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) {
3211 reg = &dev_priv->fence_regs[i];
3215 if (!reg->pin_count)
3222 /* None available, try to steal one or wait for a user to finish */
3223 list_for_each_entry(reg, &dev_priv->mm.fence_list, lru_list) {
3231 /* Wait for completion of pending flips which consume fences */
3232 if (intel_has_pending_fb_unpin(dev))
3233 return ERR_PTR(-EAGAIN);
3235 return ERR_PTR(-EDEADLK);
3239 * i915_gem_object_get_fence - set up fencing for an object
3240 * @obj: object to map through a fence reg
3242 * When mapping objects through the GTT, userspace wants to be able to write
3243 * to them without having to worry about swizzling if the object is tiled.
3244 * This function walks the fence regs looking for a free one for @obj,
3245 * stealing one if it can't find any.
3247 * It then sets up the reg based on the object's properties: address, pitch
3248 * and tiling format.
3250 * For an untiled surface, this removes any existing fence.
3253 i915_gem_object_get_fence(struct drm_i915_gem_object *obj)
3255 struct drm_device *dev = obj->base.dev;
3256 struct drm_i915_private *dev_priv = dev->dev_private;
3257 bool enable = obj->tiling_mode != I915_TILING_NONE;
3258 struct drm_i915_fence_reg *reg;
3261 /* Have we updated the tiling parameters upon the object and so
3262 * will need to serialise the write to the associated fence register?
3264 if (obj->fence_dirty) {
3265 ret = i915_gem_object_wait_fence(obj);
3270 /* Just update our place in the LRU if our fence is getting reused. */
3271 if (obj->fence_reg != I915_FENCE_REG_NONE) {
3272 reg = &dev_priv->fence_regs[obj->fence_reg];
3273 if (!obj->fence_dirty) {
3274 list_move_tail(®->lru_list,
3275 &dev_priv->mm.fence_list);
3278 } else if (enable) {
3279 reg = i915_find_fence_reg(dev);
3281 return PTR_ERR(reg);
3284 struct drm_i915_gem_object *old = reg->obj;
3286 ret = i915_gem_object_wait_fence(old);
3290 i915_gem_object_fence_lost(old);
3295 i915_gem_object_update_fence(obj, reg, enable);
3300 static bool i915_gem_valid_gtt_space(struct drm_device *dev,
3301 struct drm_mm_node *gtt_space,
3302 unsigned long cache_level)
3304 struct drm_mm_node *other;
3306 /* On non-LLC machines we have to be careful when putting differing
3307 * types of snoopable memory together to avoid the prefetcher
3308 * crossing memory domains and dying.
3313 if (!drm_mm_node_allocated(gtt_space))
3316 if (list_empty(>t_space->node_list))
3319 other = list_entry(gtt_space->node_list.prev, struct drm_mm_node, node_list);
3320 if (other->allocated && !other->hole_follows && other->color != cache_level)
3323 other = list_entry(gtt_space->node_list.next, struct drm_mm_node, node_list);
3324 if (other->allocated && !gtt_space->hole_follows && other->color != cache_level)
3330 static void i915_gem_verify_gtt(struct drm_device *dev)
3333 struct drm_i915_private *dev_priv = dev->dev_private;
3334 struct drm_i915_gem_object *obj;
3337 list_for_each_entry(obj, &dev_priv->mm.gtt_list, global_list) {
3338 if (obj->gtt_space == NULL) {
3339 printk(KERN_ERR "object found on GTT list with no space reserved\n");
3344 if (obj->cache_level != obj->gtt_space->color) {
3345 printk(KERN_ERR "object reserved space [%08lx, %08lx] with wrong color, cache_level=%x, color=%lx\n",
3346 i915_gem_obj_ggtt_offset(obj),
3347 i915_gem_obj_ggtt_offset(obj) + i915_gem_obj_ggtt_size(obj),
3349 obj->gtt_space->color);
3354 if (!i915_gem_valid_gtt_space(dev,
3356 obj->cache_level)) {
3357 printk(KERN_ERR "invalid GTT space found at [%08lx, %08lx] - color=%x\n",
3358 i915_gem_obj_ggtt_offset(obj),
3359 i915_gem_obj_ggtt_offset(obj) + i915_gem_obj_ggtt_size(obj),
3371 * Finds free space in the GTT aperture and binds the object there.
3373 static struct i915_vma *
3374 i915_gem_object_bind_to_vm(struct drm_i915_gem_object *obj,
3375 struct i915_address_space *vm,
3379 struct drm_device *dev = obj->base.dev;
3380 struct drm_i915_private *dev_priv = dev->dev_private;
3381 u32 size, fence_size, fence_alignment, unfenced_alignment;
3382 unsigned long start =
3383 flags & PIN_OFFSET_BIAS ? flags & PIN_OFFSET_MASK : 0;
3385 flags & PIN_MAPPABLE ? dev_priv->gtt.mappable_end : vm->total;
3386 struct i915_vma *vma;
3389 fence_size = i915_gem_get_gtt_size(dev,
3392 fence_alignment = i915_gem_get_gtt_alignment(dev,
3394 obj->tiling_mode, true);
3395 unfenced_alignment =
3396 i915_gem_get_gtt_alignment(dev,
3398 obj->tiling_mode, false);
3401 alignment = flags & PIN_MAPPABLE ? fence_alignment :
3403 if (flags & PIN_MAPPABLE && alignment & (fence_alignment - 1)) {
3404 DRM_DEBUG("Invalid object alignment requested %u\n", alignment);
3405 return ERR_PTR(-EINVAL);
3408 size = flags & PIN_MAPPABLE ? fence_size : obj->base.size;
3410 /* If the object is bigger than the entire aperture, reject it early
3411 * before evicting everything in a vain attempt to find space.
3413 if (obj->base.size > end) {
3414 DRM_DEBUG("Attempting to bind an object larger than the aperture: object=%zd > %s aperture=%lu\n",
3416 flags & PIN_MAPPABLE ? "mappable" : "total",
3418 return ERR_PTR(-E2BIG);
3421 ret = i915_gem_object_get_pages(obj);
3423 return ERR_PTR(ret);
3425 i915_gem_object_pin_pages(obj);
3427 vma = i915_gem_obj_lookup_or_create_vma(obj, vm);
3432 ret = drm_mm_insert_node_in_range_generic(&vm->mm, &vma->node,
3436 DRM_MM_SEARCH_DEFAULT,
3437 DRM_MM_CREATE_DEFAULT);
3439 ret = i915_gem_evict_something(dev, vm, size, alignment,
3448 if (WARN_ON(!i915_gem_valid_gtt_space(dev, &vma->node,
3449 obj->cache_level))) {
3451 goto err_remove_node;
3454 ret = i915_gem_gtt_prepare_object(obj);
3456 goto err_remove_node;
3458 list_move_tail(&obj->global_list, &dev_priv->mm.bound_list);
3459 list_add_tail(&vma->mm_list, &vm->inactive_list);
3461 if (i915_is_ggtt(vm)) {
3462 bool mappable, fenceable;
3464 fenceable = (vma->node.size == fence_size &&
3465 (vma->node.start & (fence_alignment - 1)) == 0);
3467 mappable = (vma->node.start + obj->base.size <=
3468 dev_priv->gtt.mappable_end);
3470 obj->map_and_fenceable = mappable && fenceable;
3473 WARN_ON(flags & PIN_MAPPABLE && !obj->map_and_fenceable);
3475 trace_i915_vma_bind(vma, flags);
3476 vma->bind_vma(vma, obj->cache_level,
3477 flags & (PIN_MAPPABLE | PIN_GLOBAL) ? GLOBAL_BIND : 0);
3479 i915_gem_verify_gtt(dev);
3483 drm_mm_remove_node(&vma->node);
3485 i915_gem_vma_destroy(vma);
3488 i915_gem_object_unpin_pages(obj);
3493 i915_gem_clflush_object(struct drm_i915_gem_object *obj,
3496 /* If we don't have a page list set up, then we're not pinned
3497 * to GPU, and we can ignore the cache flush because it'll happen
3498 * again at bind time.
3500 if (obj->pages == NULL)
3504 * Stolen memory is always coherent with the GPU as it is explicitly
3505 * marked as wc by the system, or the system is cache-coherent.
3510 /* If the GPU is snooping the contents of the CPU cache,
3511 * we do not need to manually clear the CPU cache lines. However,
3512 * the caches are only snooped when the render cache is
3513 * flushed/invalidated. As we always have to emit invalidations
3514 * and flushes when moving into and out of the RENDER domain, correct
3515 * snooping behaviour occurs naturally as the result of our domain
3518 if (!force && cpu_cache_is_coherent(obj->base.dev, obj->cache_level))
3521 trace_i915_gem_object_clflush(obj);
3522 drm_clflush_sg(obj->pages);
3527 /** Flushes the GTT write domain for the object if it's dirty. */
3529 i915_gem_object_flush_gtt_write_domain(struct drm_i915_gem_object *obj)
3531 uint32_t old_write_domain;
3533 if (obj->base.write_domain != I915_GEM_DOMAIN_GTT)
3536 /* No actual flushing is required for the GTT write domain. Writes
3537 * to it immediately go to main memory as far as we know, so there's
3538 * no chipset flush. It also doesn't land in render cache.
3540 * However, we do have to enforce the order so that all writes through
3541 * the GTT land before any writes to the device, such as updates to
3546 old_write_domain = obj->base.write_domain;
3547 obj->base.write_domain = 0;
3549 trace_i915_gem_object_change_domain(obj,
3550 obj->base.read_domains,
3554 /** Flushes the CPU write domain for the object if it's dirty. */
3556 i915_gem_object_flush_cpu_write_domain(struct drm_i915_gem_object *obj,
3559 uint32_t old_write_domain;
3561 if (obj->base.write_domain != I915_GEM_DOMAIN_CPU)
3564 if (i915_gem_clflush_object(obj, force))
3565 i915_gem_chipset_flush(obj->base.dev);
3567 old_write_domain = obj->base.write_domain;
3568 obj->base.write_domain = 0;
3570 trace_i915_gem_object_change_domain(obj,
3571 obj->base.read_domains,
3576 * Moves a single object to the GTT read, and possibly write domain.
3578 * This function returns when the move is complete, including waiting on
3582 i915_gem_object_set_to_gtt_domain(struct drm_i915_gem_object *obj, bool write)
3584 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
3585 uint32_t old_write_domain, old_read_domains;
3588 /* Not valid to be called on unbound objects. */
3589 if (!i915_gem_obj_bound_any(obj))
3592 if (obj->base.write_domain == I915_GEM_DOMAIN_GTT)
3595 ret = i915_gem_object_wait_rendering(obj, !write);
3599 i915_gem_object_retire(obj);
3600 i915_gem_object_flush_cpu_write_domain(obj, false);
3602 /* Serialise direct access to this object with the barriers for
3603 * coherent writes from the GPU, by effectively invalidating the
3604 * GTT domain upon first access.
3606 if ((obj->base.read_domains & I915_GEM_DOMAIN_GTT) == 0)
3609 old_write_domain = obj->base.write_domain;
3610 old_read_domains = obj->base.read_domains;
3612 /* It should now be out of any other write domains, and we can update
3613 * the domain values for our changes.
3615 BUG_ON((obj->base.write_domain & ~I915_GEM_DOMAIN_GTT) != 0);
3616 obj->base.read_domains |= I915_GEM_DOMAIN_GTT;
3618 obj->base.read_domains = I915_GEM_DOMAIN_GTT;
3619 obj->base.write_domain = I915_GEM_DOMAIN_GTT;
3623 trace_i915_gem_object_change_domain(obj,
3627 /* And bump the LRU for this access */
3628 if (i915_gem_object_is_inactive(obj)) {
3629 struct i915_vma *vma = i915_gem_obj_to_ggtt(obj);
3631 list_move_tail(&vma->mm_list,
3632 &dev_priv->gtt.base.inactive_list);
3639 int i915_gem_object_set_cache_level(struct drm_i915_gem_object *obj,
3640 enum i915_cache_level cache_level)
3642 struct drm_device *dev = obj->base.dev;
3643 struct i915_vma *vma, *next;
3646 if (obj->cache_level == cache_level)
3649 if (i915_gem_obj_is_pinned(obj)) {
3650 DRM_DEBUG("can not change the cache level of pinned objects\n");
3654 list_for_each_entry_safe(vma, next, &obj->vma_list, vma_link) {
3655 if (!i915_gem_valid_gtt_space(dev, &vma->node, cache_level)) {
3656 ret = i915_vma_unbind(vma);
3662 if (i915_gem_obj_bound_any(obj)) {
3663 ret = i915_gem_object_finish_gpu(obj);
3667 i915_gem_object_finish_gtt(obj);
3669 /* Before SandyBridge, you could not use tiling or fence
3670 * registers with snooped memory, so relinquish any fences
3671 * currently pointing to our region in the aperture.
3673 if (INTEL_INFO(dev)->gen < 6) {
3674 ret = i915_gem_object_put_fence(obj);
3679 list_for_each_entry(vma, &obj->vma_list, vma_link)
3680 if (drm_mm_node_allocated(&vma->node))
3681 vma->bind_vma(vma, cache_level,
3682 obj->has_global_gtt_mapping ? GLOBAL_BIND : 0);
3685 list_for_each_entry(vma, &obj->vma_list, vma_link)
3686 vma->node.color = cache_level;
3687 obj->cache_level = cache_level;
3689 if (cpu_write_needs_clflush(obj)) {
3690 u32 old_read_domains, old_write_domain;
3692 /* If we're coming from LLC cached, then we haven't
3693 * actually been tracking whether the data is in the
3694 * CPU cache or not, since we only allow one bit set
3695 * in obj->write_domain and have been skipping the clflushes.
3696 * Just set it to the CPU cache for now.
3698 i915_gem_object_retire(obj);
3699 WARN_ON(obj->base.write_domain & ~I915_GEM_DOMAIN_CPU);
3701 old_read_domains = obj->base.read_domains;
3702 old_write_domain = obj->base.write_domain;
3704 obj->base.read_domains = I915_GEM_DOMAIN_CPU;
3705 obj->base.write_domain = I915_GEM_DOMAIN_CPU;
3707 trace_i915_gem_object_change_domain(obj,
3712 i915_gem_verify_gtt(dev);
3716 int i915_gem_get_caching_ioctl(struct drm_device *dev, void *data,
3717 struct drm_file *file)
3719 struct drm_i915_gem_caching *args = data;
3720 struct drm_i915_gem_object *obj;
3723 ret = i915_mutex_lock_interruptible(dev);
3727 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle));
3728 if (&obj->base == NULL) {
3733 switch (obj->cache_level) {
3734 case I915_CACHE_LLC:
3735 case I915_CACHE_L3_LLC:
3736 args->caching = I915_CACHING_CACHED;
3740 args->caching = I915_CACHING_DISPLAY;
3744 args->caching = I915_CACHING_NONE;
3748 drm_gem_object_unreference(&obj->base);
3750 mutex_unlock(&dev->struct_mutex);
3754 int i915_gem_set_caching_ioctl(struct drm_device *dev, void *data,
3755 struct drm_file *file)
3757 struct drm_i915_gem_caching *args = data;
3758 struct drm_i915_gem_object *obj;
3759 enum i915_cache_level level;
3762 switch (args->caching) {
3763 case I915_CACHING_NONE:
3764 level = I915_CACHE_NONE;
3766 case I915_CACHING_CACHED:
3767 level = I915_CACHE_LLC;
3769 case I915_CACHING_DISPLAY:
3770 level = HAS_WT(dev) ? I915_CACHE_WT : I915_CACHE_NONE;
3776 ret = i915_mutex_lock_interruptible(dev);
3780 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle));
3781 if (&obj->base == NULL) {
3786 ret = i915_gem_object_set_cache_level(obj, level);
3788 drm_gem_object_unreference(&obj->base);
3790 mutex_unlock(&dev->struct_mutex);
3794 static bool is_pin_display(struct drm_i915_gem_object *obj)
3796 struct i915_vma *vma;
3798 if (list_empty(&obj->vma_list))
3801 vma = i915_gem_obj_to_ggtt(obj);
3805 /* There are 3 sources that pin objects:
3806 * 1. The display engine (scanouts, sprites, cursors);
3807 * 2. Reservations for execbuffer;
3810 * We can ignore reservations as we hold the struct_mutex and
3811 * are only called outside of the reservation path. The user
3812 * can only increment pin_count once, and so if after
3813 * subtracting the potential reference by the user, any pin_count
3814 * remains, it must be due to another use by the display engine.
3816 return vma->pin_count - !!obj->user_pin_count;
3820 * Prepare buffer for display plane (scanout, cursors, etc).
3821 * Can be called from an uninterruptible phase (modesetting) and allows
3822 * any flushes to be pipelined (for pageflips).
3825 i915_gem_object_pin_to_display_plane(struct drm_i915_gem_object *obj,
3827 struct intel_engine_cs *pipelined)
3829 u32 old_read_domains, old_write_domain;
3830 bool was_pin_display;
3833 if (pipelined != obj->ring) {
3834 ret = i915_gem_object_sync(obj, pipelined);
3839 /* Mark the pin_display early so that we account for the
3840 * display coherency whilst setting up the cache domains.
3842 was_pin_display = obj->pin_display;
3843 obj->pin_display = true;
3845 /* The display engine is not coherent with the LLC cache on gen6. As
3846 * a result, we make sure that the pinning that is about to occur is
3847 * done with uncached PTEs. This is lowest common denominator for all
3850 * However for gen6+, we could do better by using the GFDT bit instead
3851 * of uncaching, which would allow us to flush all the LLC-cached data
3852 * with that bit in the PTE to main memory with just one PIPE_CONTROL.
3854 ret = i915_gem_object_set_cache_level(obj,
3855 HAS_WT(obj->base.dev) ? I915_CACHE_WT : I915_CACHE_NONE);
3857 goto err_unpin_display;
3859 /* As the user may map the buffer once pinned in the display plane
3860 * (e.g. libkms for the bootup splash), we have to ensure that we
3861 * always use map_and_fenceable for all scanout buffers.
3863 ret = i915_gem_obj_ggtt_pin(obj, alignment, PIN_MAPPABLE);
3865 goto err_unpin_display;
3867 i915_gem_object_flush_cpu_write_domain(obj, true);
3869 old_write_domain = obj->base.write_domain;
3870 old_read_domains = obj->base.read_domains;
3872 /* It should now be out of any other write domains, and we can update
3873 * the domain values for our changes.
3875 obj->base.write_domain = 0;
3876 obj->base.read_domains |= I915_GEM_DOMAIN_GTT;
3878 trace_i915_gem_object_change_domain(obj,
3885 WARN_ON(was_pin_display != is_pin_display(obj));
3886 obj->pin_display = was_pin_display;
3891 i915_gem_object_unpin_from_display_plane(struct drm_i915_gem_object *obj)
3893 i915_gem_object_ggtt_unpin(obj);
3894 obj->pin_display = is_pin_display(obj);
3898 i915_gem_object_finish_gpu(struct drm_i915_gem_object *obj)
3902 if ((obj->base.read_domains & I915_GEM_GPU_DOMAINS) == 0)
3905 ret = i915_gem_object_wait_rendering(obj, false);
3909 /* Ensure that we invalidate the GPU's caches and TLBs. */
3910 obj->base.read_domains &= ~I915_GEM_GPU_DOMAINS;
3915 * Moves a single object to the CPU read, and possibly write domain.
3917 * This function returns when the move is complete, including waiting on
3921 i915_gem_object_set_to_cpu_domain(struct drm_i915_gem_object *obj, bool write)
3923 uint32_t old_write_domain, old_read_domains;
3926 if (obj->base.write_domain == I915_GEM_DOMAIN_CPU)
3929 ret = i915_gem_object_wait_rendering(obj, !write);
3933 i915_gem_object_retire(obj);
3934 i915_gem_object_flush_gtt_write_domain(obj);
3936 old_write_domain = obj->base.write_domain;
3937 old_read_domains = obj->base.read_domains;
3939 /* Flush the CPU cache if it's still invalid. */
3940 if ((obj->base.read_domains & I915_GEM_DOMAIN_CPU) == 0) {
3941 i915_gem_clflush_object(obj, false);
3943 obj->base.read_domains |= I915_GEM_DOMAIN_CPU;
3946 /* It should now be out of any other write domains, and we can update
3947 * the domain values for our changes.
3949 BUG_ON((obj->base.write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
3951 /* If we're writing through the CPU, then the GPU read domains will
3952 * need to be invalidated at next use.
3955 obj->base.read_domains = I915_GEM_DOMAIN_CPU;
3956 obj->base.write_domain = I915_GEM_DOMAIN_CPU;
3959 trace_i915_gem_object_change_domain(obj,
3966 /* Throttle our rendering by waiting until the ring has completed our requests
3967 * emitted over 20 msec ago.
3969 * Note that if we were to use the current jiffies each time around the loop,
3970 * we wouldn't escape the function with any frames outstanding if the time to
3971 * render a frame was over 20ms.
3973 * This should get us reasonable parallelism between CPU and GPU but also
3974 * relatively low latency when blocking on a particular request to finish.
3977 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file)
3979 struct drm_i915_private *dev_priv = dev->dev_private;
3980 struct drm_i915_file_private *file_priv = file->driver_priv;
3981 unsigned long recent_enough = jiffies - msecs_to_jiffies(20);
3982 struct drm_i915_gem_request *request;
3983 struct intel_engine_cs *ring = NULL;
3984 unsigned reset_counter;
3988 ret = i915_gem_wait_for_error(&dev_priv->gpu_error);
3992 ret = i915_gem_check_wedge(&dev_priv->gpu_error, false);
3996 spin_lock(&file_priv->mm.lock);
3997 list_for_each_entry(request, &file_priv->mm.request_list, client_list) {
3998 if (time_after_eq(request->emitted_jiffies, recent_enough))
4001 ring = request->ring;
4002 seqno = request->seqno;
4004 reset_counter = atomic_read(&dev_priv->gpu_error.reset_counter);
4005 spin_unlock(&file_priv->mm.lock);
4010 ret = __wait_seqno(ring, seqno, reset_counter, true, NULL, NULL);
4012 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, 0);
4018 i915_vma_misplaced(struct i915_vma *vma, uint32_t alignment, uint64_t flags)
4020 struct drm_i915_gem_object *obj = vma->obj;
4023 vma->node.start & (alignment - 1))
4026 if (flags & PIN_MAPPABLE && !obj->map_and_fenceable)
4029 if (flags & PIN_OFFSET_BIAS &&
4030 vma->node.start < (flags & PIN_OFFSET_MASK))
4037 i915_gem_object_pin(struct drm_i915_gem_object *obj,
4038 struct i915_address_space *vm,
4042 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
4043 struct i915_vma *vma;
4046 if (WARN_ON(vm == &dev_priv->mm.aliasing_ppgtt->base))
4049 if (WARN_ON(flags & (PIN_GLOBAL | PIN_MAPPABLE) && !i915_is_ggtt(vm)))
4052 vma = i915_gem_obj_to_vma(obj, vm);
4054 if (WARN_ON(vma->pin_count == DRM_I915_GEM_OBJECT_MAX_PIN_COUNT))
4057 if (i915_vma_misplaced(vma, alignment, flags)) {
4058 WARN(vma->pin_count,
4059 "bo is already pinned with incorrect alignment:"
4060 " offset=%lx, req.alignment=%x, req.map_and_fenceable=%d,"
4061 " obj->map_and_fenceable=%d\n",
4062 i915_gem_obj_offset(obj, vm), alignment,
4063 !!(flags & PIN_MAPPABLE),
4064 obj->map_and_fenceable);
4065 ret = i915_vma_unbind(vma);
4073 if (vma == NULL || !drm_mm_node_allocated(&vma->node)) {
4074 vma = i915_gem_object_bind_to_vm(obj, vm, alignment, flags);
4076 return PTR_ERR(vma);
4079 if (flags & PIN_GLOBAL && !obj->has_global_gtt_mapping)
4080 vma->bind_vma(vma, obj->cache_level, GLOBAL_BIND);
4083 if (flags & PIN_MAPPABLE)
4084 obj->pin_mappable |= true;
4090 i915_gem_object_ggtt_unpin(struct drm_i915_gem_object *obj)
4092 struct i915_vma *vma = i915_gem_obj_to_ggtt(obj);
4095 BUG_ON(vma->pin_count == 0);
4096 BUG_ON(!i915_gem_obj_ggtt_bound(obj));
4098 if (--vma->pin_count == 0)
4099 obj->pin_mappable = false;
4103 i915_gem_object_pin_fence(struct drm_i915_gem_object *obj)
4105 if (obj->fence_reg != I915_FENCE_REG_NONE) {
4106 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
4107 struct i915_vma *ggtt_vma = i915_gem_obj_to_ggtt(obj);
4109 WARN_ON(!ggtt_vma ||
4110 dev_priv->fence_regs[obj->fence_reg].pin_count >
4111 ggtt_vma->pin_count);
4112 dev_priv->fence_regs[obj->fence_reg].pin_count++;
4119 i915_gem_object_unpin_fence(struct drm_i915_gem_object *obj)
4121 if (obj->fence_reg != I915_FENCE_REG_NONE) {
4122 struct drm_i915_private *dev_priv = obj->base.dev->dev_private;
4123 WARN_ON(dev_priv->fence_regs[obj->fence_reg].pin_count <= 0);
4124 dev_priv->fence_regs[obj->fence_reg].pin_count--;
4129 i915_gem_pin_ioctl(struct drm_device *dev, void *data,
4130 struct drm_file *file)
4132 struct drm_i915_gem_pin *args = data;
4133 struct drm_i915_gem_object *obj;
4136 if (INTEL_INFO(dev)->gen >= 6)
4139 ret = i915_mutex_lock_interruptible(dev);
4143 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle));
4144 if (&obj->base == NULL) {
4149 if (obj->madv != I915_MADV_WILLNEED) {
4150 DRM_DEBUG("Attempting to pin a purgeable buffer\n");
4155 if (obj->pin_filp != NULL && obj->pin_filp != file) {
4156 DRM_DEBUG("Already pinned in i915_gem_pin_ioctl(): %d\n",
4162 if (obj->user_pin_count == ULONG_MAX) {
4167 if (obj->user_pin_count == 0) {
4168 ret = i915_gem_obj_ggtt_pin(obj, args->alignment, PIN_MAPPABLE);
4173 obj->user_pin_count++;
4174 obj->pin_filp = file;
4176 args->offset = i915_gem_obj_ggtt_offset(obj);
4178 drm_gem_object_unreference(&obj->base);
4180 mutex_unlock(&dev->struct_mutex);
4185 i915_gem_unpin_ioctl(struct drm_device *dev, void *data,
4186 struct drm_file *file)
4188 struct drm_i915_gem_pin *args = data;
4189 struct drm_i915_gem_object *obj;
4192 ret = i915_mutex_lock_interruptible(dev);
4196 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle));
4197 if (&obj->base == NULL) {
4202 if (obj->pin_filp != file) {
4203 DRM_DEBUG("Not pinned by caller in i915_gem_pin_ioctl(): %d\n",
4208 obj->user_pin_count--;
4209 if (obj->user_pin_count == 0) {
4210 obj->pin_filp = NULL;
4211 i915_gem_object_ggtt_unpin(obj);
4215 drm_gem_object_unreference(&obj->base);
4217 mutex_unlock(&dev->struct_mutex);
4222 i915_gem_busy_ioctl(struct drm_device *dev, void *data,
4223 struct drm_file *file)
4225 struct drm_i915_gem_busy *args = data;
4226 struct drm_i915_gem_object *obj;
4229 ret = i915_mutex_lock_interruptible(dev);
4233 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle));
4234 if (&obj->base == NULL) {
4239 /* Count all active objects as busy, even if they are currently not used
4240 * by the gpu. Users of this interface expect objects to eventually
4241 * become non-busy without any further actions, therefore emit any
4242 * necessary flushes here.
4244 ret = i915_gem_object_flush_active(obj);
4246 args->busy = obj->active;
4248 BUILD_BUG_ON(I915_NUM_RINGS > 16);
4249 args->busy |= intel_ring_flag(obj->ring) << 16;
4252 drm_gem_object_unreference(&obj->base);
4254 mutex_unlock(&dev->struct_mutex);
4259 i915_gem_throttle_ioctl(struct drm_device *dev, void *data,
4260 struct drm_file *file_priv)
4262 return i915_gem_ring_throttle(dev, file_priv);
4266 i915_gem_madvise_ioctl(struct drm_device *dev, void *data,
4267 struct drm_file *file_priv)
4269 struct drm_i915_gem_madvise *args = data;
4270 struct drm_i915_gem_object *obj;
4273 switch (args->madv) {
4274 case I915_MADV_DONTNEED:
4275 case I915_MADV_WILLNEED:
4281 ret = i915_mutex_lock_interruptible(dev);
4285 obj = to_intel_bo(drm_gem_object_lookup(dev, file_priv, args->handle));
4286 if (&obj->base == NULL) {
4291 if (i915_gem_obj_is_pinned(obj)) {
4296 if (obj->madv != __I915_MADV_PURGED)
4297 obj->madv = args->madv;
4299 /* if the object is no longer attached, discard its backing storage */
4300 if (i915_gem_object_is_purgeable(obj) && obj->pages == NULL)
4301 i915_gem_object_truncate(obj);
4303 args->retained = obj->madv != __I915_MADV_PURGED;
4306 drm_gem_object_unreference(&obj->base);
4308 mutex_unlock(&dev->struct_mutex);
4312 void i915_gem_object_init(struct drm_i915_gem_object *obj,
4313 const struct drm_i915_gem_object_ops *ops)
4315 INIT_LIST_HEAD(&obj->global_list);
4316 INIT_LIST_HEAD(&obj->ring_list);
4317 INIT_LIST_HEAD(&obj->obj_exec_link);
4318 INIT_LIST_HEAD(&obj->vma_list);
4322 obj->fence_reg = I915_FENCE_REG_NONE;
4323 obj->madv = I915_MADV_WILLNEED;
4324 /* Avoid an unnecessary call to unbind on the first bind. */
4325 obj->map_and_fenceable = true;
4327 i915_gem_info_add_obj(obj->base.dev->dev_private, obj->base.size);
4330 static const struct drm_i915_gem_object_ops i915_gem_object_ops = {
4331 .get_pages = i915_gem_object_get_pages_gtt,
4332 .put_pages = i915_gem_object_put_pages_gtt,
4335 struct drm_i915_gem_object *i915_gem_alloc_object(struct drm_device *dev,
4338 struct drm_i915_gem_object *obj;
4339 struct address_space *mapping;
4342 obj = i915_gem_object_alloc(dev);
4346 if (drm_gem_object_init(dev, &obj->base, size) != 0) {
4347 i915_gem_object_free(obj);
4351 mask = GFP_HIGHUSER | __GFP_RECLAIMABLE;
4352 if (IS_CRESTLINE(dev) || IS_BROADWATER(dev)) {
4353 /* 965gm cannot relocate objects above 4GiB. */
4354 mask &= ~__GFP_HIGHMEM;
4355 mask |= __GFP_DMA32;
4358 mapping = file_inode(obj->base.filp)->i_mapping;
4359 mapping_set_gfp_mask(mapping, mask);
4361 i915_gem_object_init(obj, &i915_gem_object_ops);
4363 obj->base.write_domain = I915_GEM_DOMAIN_CPU;
4364 obj->base.read_domains = I915_GEM_DOMAIN_CPU;
4367 /* On some devices, we can have the GPU use the LLC (the CPU
4368 * cache) for about a 10% performance improvement
4369 * compared to uncached. Graphics requests other than
4370 * display scanout are coherent with the CPU in
4371 * accessing this cache. This means in this mode we
4372 * don't need to clflush on the CPU side, and on the
4373 * GPU side we only need to flush internal caches to
4374 * get data visible to the CPU.
4376 * However, we maintain the display planes as UC, and so
4377 * need to rebind when first used as such.
4379 obj->cache_level = I915_CACHE_LLC;
4381 obj->cache_level = I915_CACHE_NONE;
4383 trace_i915_gem_object_create(obj);
4388 static bool discard_backing_storage(struct drm_i915_gem_object *obj)
4390 /* If we are the last user of the backing storage (be it shmemfs
4391 * pages or stolen etc), we know that the pages are going to be
4392 * immediately released. In this case, we can then skip copying
4393 * back the contents from the GPU.
4396 if (obj->madv != I915_MADV_WILLNEED)
4399 if (obj->base.filp == NULL)
4402 /* At first glance, this looks racy, but then again so would be
4403 * userspace racing mmap against close. However, the first external
4404 * reference to the filp can only be obtained through the
4405 * i915_gem_mmap_ioctl() which safeguards us against the user
4406 * acquiring such a reference whilst we are in the middle of
4407 * freeing the object.
4409 return atomic_long_read(&obj->base.filp->f_count) == 1;
4412 void i915_gem_free_object(struct drm_gem_object *gem_obj)
4414 struct drm_i915_gem_object *obj = to_intel_bo(gem_obj);
4415 struct drm_device *dev = obj->base.dev;
4416 struct drm_i915_private *dev_priv = dev->dev_private;
4417 struct i915_vma *vma, *next;
4419 intel_runtime_pm_get(dev_priv);
4421 trace_i915_gem_object_destroy(obj);
4423 list_for_each_entry_safe(vma, next, &obj->vma_list, vma_link) {
4427 ret = i915_vma_unbind(vma);
4428 if (WARN_ON(ret == -ERESTARTSYS)) {
4429 bool was_interruptible;
4431 was_interruptible = dev_priv->mm.interruptible;
4432 dev_priv->mm.interruptible = false;
4434 WARN_ON(i915_vma_unbind(vma));
4436 dev_priv->mm.interruptible = was_interruptible;
4440 i915_gem_object_detach_phys(obj);
4442 /* Stolen objects don't hold a ref, but do hold pin count. Fix that up
4443 * before progressing. */
4445 i915_gem_object_unpin_pages(obj);
4447 if (WARN_ON(obj->pages_pin_count))
4448 obj->pages_pin_count = 0;
4449 if (discard_backing_storage(obj))
4450 obj->madv = I915_MADV_DONTNEED;
4451 i915_gem_object_put_pages(obj);
4452 i915_gem_object_free_mmap_offset(obj);
4453 i915_gem_object_release_stolen(obj);
4457 if (obj->base.import_attach)
4458 drm_prime_gem_destroy(&obj->base, NULL);
4460 if (obj->ops->release)
4461 obj->ops->release(obj);
4463 drm_gem_object_release(&obj->base);
4464 i915_gem_info_remove_obj(dev_priv, obj->base.size);
4467 i915_gem_object_free(obj);
4469 intel_runtime_pm_put(dev_priv);
4472 struct i915_vma *i915_gem_obj_to_vma(struct drm_i915_gem_object *obj,
4473 struct i915_address_space *vm)
4475 struct i915_vma *vma;
4476 list_for_each_entry(vma, &obj->vma_list, vma_link)
4483 void i915_gem_vma_destroy(struct i915_vma *vma)
4485 WARN_ON(vma->node.allocated);
4487 /* Keep the vma as a placeholder in the execbuffer reservation lists */
4488 if (!list_empty(&vma->exec_list))
4491 list_del(&vma->vma_link);
4497 i915_gem_stop_ringbuffers(struct drm_device *dev)
4499 struct drm_i915_private *dev_priv = dev->dev_private;
4500 struct intel_engine_cs *ring;
4503 for_each_ring(ring, dev_priv, i)
4504 intel_stop_ring_buffer(ring);
4508 i915_gem_suspend(struct drm_device *dev)
4510 struct drm_i915_private *dev_priv = dev->dev_private;
4513 mutex_lock(&dev->struct_mutex);
4514 if (dev_priv->ums.mm_suspended)
4517 ret = i915_gpu_idle(dev);
4521 i915_gem_retire_requests(dev);
4523 /* Under UMS, be paranoid and evict. */
4524 if (!drm_core_check_feature(dev, DRIVER_MODESET))
4525 i915_gem_evict_everything(dev);
4527 i915_kernel_lost_context(dev);
4528 i915_gem_stop_ringbuffers(dev);
4530 /* Hack! Don't let anybody do execbuf while we don't control the chip.
4531 * We need to replace this with a semaphore, or something.
4532 * And not confound ums.mm_suspended!
4534 dev_priv->ums.mm_suspended = !drm_core_check_feature(dev,
4536 mutex_unlock(&dev->struct_mutex);
4538 del_timer_sync(&dev_priv->gpu_error.hangcheck_timer);
4539 cancel_delayed_work_sync(&dev_priv->mm.retire_work);
4540 cancel_delayed_work_sync(&dev_priv->mm.idle_work);
4545 mutex_unlock(&dev->struct_mutex);
4549 int i915_gem_l3_remap(struct intel_engine_cs *ring, int slice)
4551 struct drm_device *dev = ring->dev;
4552 struct drm_i915_private *dev_priv = dev->dev_private;
4553 u32 reg_base = GEN7_L3LOG_BASE + (slice * 0x200);
4554 u32 *remap_info = dev_priv->l3_parity.remap_info[slice];
4557 if (!HAS_L3_DPF(dev) || !remap_info)
4560 ret = intel_ring_begin(ring, GEN7_L3LOG_SIZE / 4 * 3);
4565 * Note: We do not worry about the concurrent register cacheline hang
4566 * here because no other code should access these registers other than
4567 * at initialization time.
4569 for (i = 0; i < GEN7_L3LOG_SIZE; i += 4) {
4570 intel_ring_emit(ring, MI_LOAD_REGISTER_IMM(1));
4571 intel_ring_emit(ring, reg_base + i);
4572 intel_ring_emit(ring, remap_info[i/4]);
4575 intel_ring_advance(ring);
4580 void i915_gem_init_swizzling(struct drm_device *dev)
4582 struct drm_i915_private *dev_priv = dev->dev_private;
4584 if (INTEL_INFO(dev)->gen < 5 ||
4585 dev_priv->mm.bit_6_swizzle_x == I915_BIT_6_SWIZZLE_NONE)
4588 I915_WRITE(DISP_ARB_CTL, I915_READ(DISP_ARB_CTL) |
4589 DISP_TILE_SURFACE_SWIZZLING);
4594 I915_WRITE(TILECTL, I915_READ(TILECTL) | TILECTL_SWZCTL);
4596 I915_WRITE(ARB_MODE, _MASKED_BIT_ENABLE(ARB_MODE_SWIZZLE_SNB));
4597 else if (IS_GEN7(dev))
4598 I915_WRITE(ARB_MODE, _MASKED_BIT_ENABLE(ARB_MODE_SWIZZLE_IVB));
4599 else if (IS_GEN8(dev))
4600 I915_WRITE(GAMTARBMODE, _MASKED_BIT_ENABLE(ARB_MODE_SWIZZLE_BDW));
4606 intel_enable_blt(struct drm_device *dev)
4611 /* The blitter was dysfunctional on early prototypes */
4612 if (IS_GEN6(dev) && dev->pdev->revision < 8) {
4613 DRM_INFO("BLT not supported on this pre-production hardware;"
4614 " graphics performance will be degraded.\n");
4621 static int i915_gem_init_rings(struct drm_device *dev)
4623 struct drm_i915_private *dev_priv = dev->dev_private;
4626 ret = intel_init_render_ring_buffer(dev);
4631 ret = intel_init_bsd_ring_buffer(dev);
4633 goto cleanup_render_ring;
4636 if (intel_enable_blt(dev)) {
4637 ret = intel_init_blt_ring_buffer(dev);
4639 goto cleanup_bsd_ring;
4642 if (HAS_VEBOX(dev)) {
4643 ret = intel_init_vebox_ring_buffer(dev);
4645 goto cleanup_blt_ring;
4648 if (HAS_BSD2(dev)) {
4649 ret = intel_init_bsd2_ring_buffer(dev);
4651 goto cleanup_vebox_ring;
4654 ret = i915_gem_set_seqno(dev, ((u32)~0 - 0x1000));
4656 goto cleanup_bsd2_ring;
4661 intel_cleanup_ring_buffer(&dev_priv->ring[VCS2]);
4663 intel_cleanup_ring_buffer(&dev_priv->ring[VECS]);
4665 intel_cleanup_ring_buffer(&dev_priv->ring[BCS]);
4667 intel_cleanup_ring_buffer(&dev_priv->ring[VCS]);
4668 cleanup_render_ring:
4669 intel_cleanup_ring_buffer(&dev_priv->ring[RCS]);
4675 i915_gem_init_hw(struct drm_device *dev)
4677 struct drm_i915_private *dev_priv = dev->dev_private;
4680 if (INTEL_INFO(dev)->gen < 6 && !intel_enable_gtt())
4683 if (dev_priv->ellc_size)
4684 I915_WRITE(HSW_IDICR, I915_READ(HSW_IDICR) | IDIHASHMSK(0xf));
4686 if (IS_HASWELL(dev))
4687 I915_WRITE(MI_PREDICATE_RESULT_2, IS_HSW_GT3(dev) ?
4688 LOWER_SLICE_ENABLED : LOWER_SLICE_DISABLED);
4690 if (HAS_PCH_NOP(dev)) {
4691 if (IS_IVYBRIDGE(dev)) {
4692 u32 temp = I915_READ(GEN7_MSG_CTL);
4693 temp &= ~(WAIT_FOR_PCH_FLR_ACK | WAIT_FOR_PCH_RESET_ACK);
4694 I915_WRITE(GEN7_MSG_CTL, temp);
4695 } else if (INTEL_INFO(dev)->gen >= 7) {
4696 u32 temp = I915_READ(HSW_NDE_RSTWRN_OPT);
4697 temp &= ~RESET_PCH_HANDSHAKE_ENABLE;
4698 I915_WRITE(HSW_NDE_RSTWRN_OPT, temp);
4702 i915_gem_init_swizzling(dev);
4704 ret = i915_gem_init_rings(dev);
4708 for (i = 0; i < NUM_L3_SLICES(dev); i++)
4709 i915_gem_l3_remap(&dev_priv->ring[RCS], i);
4712 * XXX: Contexts should only be initialized once. Doing a switch to the
4713 * default context switch however is something we'd like to do after
4714 * reset or thaw (the latter may not actually be necessary for HW, but
4715 * goes with our code better). Context switching requires rings (for
4716 * the do_switch), but before enabling PPGTT. So don't move this.
4718 ret = i915_gem_context_enable(dev_priv);
4719 if (ret && ret != -EIO) {
4720 DRM_ERROR("Context enable failed %d\n", ret);
4721 i915_gem_cleanup_ringbuffer(dev);
4727 int i915_gem_init(struct drm_device *dev)
4729 struct drm_i915_private *dev_priv = dev->dev_private;
4732 mutex_lock(&dev->struct_mutex);
4734 if (IS_VALLEYVIEW(dev)) {
4735 /* VLVA0 (potential hack), BIOS isn't actually waking us */
4736 I915_WRITE(VLV_GTLC_WAKE_CTRL, VLV_GTLC_ALLOWWAKEREQ);
4737 if (wait_for((I915_READ(VLV_GTLC_PW_STATUS) &
4738 VLV_GTLC_ALLOWWAKEACK), 10))
4739 DRM_DEBUG_DRIVER("allow wake ack timed out\n");
4742 i915_gem_init_userptr(dev);
4743 i915_gem_init_global_gtt(dev);
4745 ret = i915_gem_context_init(dev);
4747 mutex_unlock(&dev->struct_mutex);
4751 ret = i915_gem_init_hw(dev);
4753 /* Allow ring initialisation to fail by marking the GPU as
4754 * wedged. But we only want to do this where the GPU is angry,
4755 * for all other failure, such as an allocation failure, bail.
4757 DRM_ERROR("Failed to initialize GPU, declaring it wedged\n");
4758 atomic_set_mask(I915_WEDGED, &dev_priv->gpu_error.reset_counter);
4761 mutex_unlock(&dev->struct_mutex);
4763 /* Allow hardware batchbuffers unless told otherwise, but not for KMS. */
4764 if (!drm_core_check_feature(dev, DRIVER_MODESET))
4765 dev_priv->dri1.allow_batchbuffer = 1;
4770 i915_gem_cleanup_ringbuffer(struct drm_device *dev)
4772 struct drm_i915_private *dev_priv = dev->dev_private;
4773 struct intel_engine_cs *ring;
4776 for_each_ring(ring, dev_priv, i)
4777 intel_cleanup_ring_buffer(ring);
4781 i915_gem_entervt_ioctl(struct drm_device *dev, void *data,
4782 struct drm_file *file_priv)
4784 struct drm_i915_private *dev_priv = dev->dev_private;
4787 if (drm_core_check_feature(dev, DRIVER_MODESET))
4790 if (i915_reset_in_progress(&dev_priv->gpu_error)) {
4791 DRM_ERROR("Reenabling wedged hardware, good luck\n");
4792 atomic_set(&dev_priv->gpu_error.reset_counter, 0);
4795 mutex_lock(&dev->struct_mutex);
4796 dev_priv->ums.mm_suspended = 0;
4798 ret = i915_gem_init_hw(dev);
4800 mutex_unlock(&dev->struct_mutex);
4804 BUG_ON(!list_empty(&dev_priv->gtt.base.active_list));
4806 ret = drm_irq_install(dev, dev->pdev->irq);
4808 goto cleanup_ringbuffer;
4809 mutex_unlock(&dev->struct_mutex);
4814 i915_gem_cleanup_ringbuffer(dev);
4815 dev_priv->ums.mm_suspended = 1;
4816 mutex_unlock(&dev->struct_mutex);
4822 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data,
4823 struct drm_file *file_priv)
4825 if (drm_core_check_feature(dev, DRIVER_MODESET))
4828 mutex_lock(&dev->struct_mutex);
4829 drm_irq_uninstall(dev);
4830 mutex_unlock(&dev->struct_mutex);
4832 return i915_gem_suspend(dev);
4836 i915_gem_lastclose(struct drm_device *dev)
4840 if (drm_core_check_feature(dev, DRIVER_MODESET))
4843 ret = i915_gem_suspend(dev);
4845 DRM_ERROR("failed to idle hardware: %d\n", ret);
4849 init_ring_lists(struct intel_engine_cs *ring)
4851 INIT_LIST_HEAD(&ring->active_list);
4852 INIT_LIST_HEAD(&ring->request_list);
4855 void i915_init_vm(struct drm_i915_private *dev_priv,
4856 struct i915_address_space *vm)
4858 if (!i915_is_ggtt(vm))
4859 drm_mm_init(&vm->mm, vm->start, vm->total);
4860 vm->dev = dev_priv->dev;
4861 INIT_LIST_HEAD(&vm->active_list);
4862 INIT_LIST_HEAD(&vm->inactive_list);
4863 INIT_LIST_HEAD(&vm->global_link);
4864 list_add_tail(&vm->global_link, &dev_priv->vm_list);
4868 i915_gem_load(struct drm_device *dev)
4870 struct drm_i915_private *dev_priv = dev->dev_private;
4874 kmem_cache_create("i915_gem_object",
4875 sizeof(struct drm_i915_gem_object), 0,
4879 INIT_LIST_HEAD(&dev_priv->vm_list);
4880 i915_init_vm(dev_priv, &dev_priv->gtt.base);
4882 INIT_LIST_HEAD(&dev_priv->context_list);
4883 INIT_LIST_HEAD(&dev_priv->mm.unbound_list);
4884 INIT_LIST_HEAD(&dev_priv->mm.bound_list);
4885 INIT_LIST_HEAD(&dev_priv->mm.fence_list);
4886 for (i = 0; i < I915_NUM_RINGS; i++)
4887 init_ring_lists(&dev_priv->ring[i]);
4888 for (i = 0; i < I915_MAX_NUM_FENCES; i++)
4889 INIT_LIST_HEAD(&dev_priv->fence_regs[i].lru_list);
4890 INIT_DELAYED_WORK(&dev_priv->mm.retire_work,
4891 i915_gem_retire_work_handler);
4892 INIT_DELAYED_WORK(&dev_priv->mm.idle_work,
4893 i915_gem_idle_work_handler);
4894 init_waitqueue_head(&dev_priv->gpu_error.reset_queue);
4896 /* On GEN3 we really need to make sure the ARB C3 LP bit is set */
4897 if (!drm_core_check_feature(dev, DRIVER_MODESET) && IS_GEN3(dev)) {
4898 I915_WRITE(MI_ARB_STATE,
4899 _MASKED_BIT_ENABLE(MI_ARB_C3_LP_WRITE_ENABLE));
4902 dev_priv->relative_constants_mode = I915_EXEC_CONSTANTS_REL_GENERAL;
4904 /* Old X drivers will take 0-2 for front, back, depth buffers */
4905 if (!drm_core_check_feature(dev, DRIVER_MODESET))
4906 dev_priv->fence_reg_start = 3;
4908 if (INTEL_INFO(dev)->gen >= 7 && !IS_VALLEYVIEW(dev))
4909 dev_priv->num_fence_regs = 32;
4910 else if (INTEL_INFO(dev)->gen >= 4 || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4911 dev_priv->num_fence_regs = 16;
4913 dev_priv->num_fence_regs = 8;
4915 /* Initialize fence registers to zero */
4916 INIT_LIST_HEAD(&dev_priv->mm.fence_list);
4917 i915_gem_restore_fences(dev);
4919 i915_gem_detect_bit_6_swizzle(dev);
4920 init_waitqueue_head(&dev_priv->pending_flip_queue);
4922 dev_priv->mm.interruptible = true;
4924 dev_priv->mm.shrinker.scan_objects = i915_gem_shrinker_scan;
4925 dev_priv->mm.shrinker.count_objects = i915_gem_shrinker_count;
4926 dev_priv->mm.shrinker.seeks = DEFAULT_SEEKS;
4927 register_shrinker(&dev_priv->mm.shrinker);
4929 dev_priv->mm.oom_notifier.notifier_call = i915_gem_shrinker_oom;
4930 register_oom_notifier(&dev_priv->mm.oom_notifier);
4933 void i915_gem_release(struct drm_device *dev, struct drm_file *file)
4935 struct drm_i915_file_private *file_priv = file->driver_priv;
4937 cancel_delayed_work_sync(&file_priv->mm.idle_work);
4939 /* Clean up our request list when the client is going away, so that
4940 * later retire_requests won't dereference our soon-to-be-gone
4943 spin_lock(&file_priv->mm.lock);
4944 while (!list_empty(&file_priv->mm.request_list)) {
4945 struct drm_i915_gem_request *request;
4947 request = list_first_entry(&file_priv->mm.request_list,
4948 struct drm_i915_gem_request,
4950 list_del(&request->client_list);
4951 request->file_priv = NULL;
4953 spin_unlock(&file_priv->mm.lock);
4957 i915_gem_file_idle_work_handler(struct work_struct *work)
4959 struct drm_i915_file_private *file_priv =
4960 container_of(work, typeof(*file_priv), mm.idle_work.work);
4962 atomic_set(&file_priv->rps_wait_boost, false);
4965 int i915_gem_open(struct drm_device *dev, struct drm_file *file)
4967 struct drm_i915_file_private *file_priv;
4970 DRM_DEBUG_DRIVER("\n");
4972 file_priv = kzalloc(sizeof(*file_priv), GFP_KERNEL);
4976 file->driver_priv = file_priv;
4977 file_priv->dev_priv = dev->dev_private;
4978 file_priv->file = file;
4980 spin_lock_init(&file_priv->mm.lock);
4981 INIT_LIST_HEAD(&file_priv->mm.request_list);
4982 INIT_DELAYED_WORK(&file_priv->mm.idle_work,
4983 i915_gem_file_idle_work_handler);
4985 ret = i915_gem_context_open(dev, file);
4992 static bool mutex_is_locked_by(struct mutex *mutex, struct task_struct *task)
4994 if (!mutex_is_locked(mutex))
4997 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_MUTEXES)
4998 return mutex->owner == task;
5000 /* Since UP may be pre-empted, we cannot assume that we own the lock */
5005 static bool i915_gem_shrinker_lock(struct drm_device *dev, bool *unlock)
5007 if (!mutex_trylock(&dev->struct_mutex)) {
5008 if (!mutex_is_locked_by(&dev->struct_mutex, current))
5011 if (to_i915(dev)->mm.shrinker_no_lock_stealing)
5021 static int num_vma_bound(struct drm_i915_gem_object *obj)
5023 struct i915_vma *vma;
5026 list_for_each_entry(vma, &obj->vma_list, vma_link)
5027 if (drm_mm_node_allocated(&vma->node))
5033 static unsigned long
5034 i915_gem_shrinker_count(struct shrinker *shrinker, struct shrink_control *sc)
5036 struct drm_i915_private *dev_priv =
5037 container_of(shrinker, struct drm_i915_private, mm.shrinker);
5038 struct drm_device *dev = dev_priv->dev;
5039 struct drm_i915_gem_object *obj;
5040 unsigned long count;
5043 if (!i915_gem_shrinker_lock(dev, &unlock))
5047 list_for_each_entry(obj, &dev_priv->mm.unbound_list, global_list)
5048 if (obj->pages_pin_count == 0)
5049 count += obj->base.size >> PAGE_SHIFT;
5051 list_for_each_entry(obj, &dev_priv->mm.bound_list, global_list) {
5052 if (!i915_gem_obj_is_pinned(obj) &&
5053 obj->pages_pin_count == num_vma_bound(obj))
5054 count += obj->base.size >> PAGE_SHIFT;
5058 mutex_unlock(&dev->struct_mutex);
5063 /* All the new VM stuff */
5064 unsigned long i915_gem_obj_offset(struct drm_i915_gem_object *o,
5065 struct i915_address_space *vm)
5067 struct drm_i915_private *dev_priv = o->base.dev->dev_private;
5068 struct i915_vma *vma;
5070 if (!dev_priv->mm.aliasing_ppgtt ||
5071 vm == &dev_priv->mm.aliasing_ppgtt->base)
5072 vm = &dev_priv->gtt.base;
5074 BUG_ON(list_empty(&o->vma_list));
5075 list_for_each_entry(vma, &o->vma_list, vma_link) {
5077 return vma->node.start;
5083 bool i915_gem_obj_bound(struct drm_i915_gem_object *o,
5084 struct i915_address_space *vm)
5086 struct i915_vma *vma;
5088 list_for_each_entry(vma, &o->vma_list, vma_link)
5089 if (vma->vm == vm && drm_mm_node_allocated(&vma->node))
5095 bool i915_gem_obj_bound_any(struct drm_i915_gem_object *o)
5097 struct i915_vma *vma;
5099 list_for_each_entry(vma, &o->vma_list, vma_link)
5100 if (drm_mm_node_allocated(&vma->node))
5106 unsigned long i915_gem_obj_size(struct drm_i915_gem_object *o,
5107 struct i915_address_space *vm)
5109 struct drm_i915_private *dev_priv = o->base.dev->dev_private;
5110 struct i915_vma *vma;
5112 if (!dev_priv->mm.aliasing_ppgtt ||
5113 vm == &dev_priv->mm.aliasing_ppgtt->base)
5114 vm = &dev_priv->gtt.base;
5116 BUG_ON(list_empty(&o->vma_list));
5118 list_for_each_entry(vma, &o->vma_list, vma_link)
5120 return vma->node.size;
5125 static unsigned long
5126 i915_gem_shrinker_scan(struct shrinker *shrinker, struct shrink_control *sc)
5128 struct drm_i915_private *dev_priv =
5129 container_of(shrinker, struct drm_i915_private, mm.shrinker);
5130 struct drm_device *dev = dev_priv->dev;
5131 unsigned long freed;
5134 if (!i915_gem_shrinker_lock(dev, &unlock))
5137 freed = i915_gem_purge(dev_priv, sc->nr_to_scan);
5138 if (freed < sc->nr_to_scan)
5139 freed += __i915_gem_shrink(dev_priv,
5140 sc->nr_to_scan - freed,
5143 mutex_unlock(&dev->struct_mutex);
5149 i915_gem_shrinker_oom(struct notifier_block *nb, unsigned long event, void *ptr)
5151 struct drm_i915_private *dev_priv =
5152 container_of(nb, struct drm_i915_private, mm.oom_notifier);
5153 struct drm_device *dev = dev_priv->dev;
5154 struct drm_i915_gem_object *obj;
5155 unsigned long timeout = msecs_to_jiffies(5000) + 1;
5156 unsigned long pinned, bound, unbound, freed;
5157 bool was_interruptible;
5160 while (!i915_gem_shrinker_lock(dev, &unlock) && --timeout)
5161 schedule_timeout_killable(1);
5163 pr_err("Unable to purge GPU memory due lock contention.\n");
5167 was_interruptible = dev_priv->mm.interruptible;
5168 dev_priv->mm.interruptible = false;
5170 freed = i915_gem_shrink_all(dev_priv);
5172 dev_priv->mm.interruptible = was_interruptible;
5174 /* Because we may be allocating inside our own driver, we cannot
5175 * assert that there are no objects with pinned pages that are not
5176 * being pointed to by hardware.
5178 unbound = bound = pinned = 0;
5179 list_for_each_entry(obj, &dev_priv->mm.unbound_list, global_list) {
5180 if (!obj->base.filp) /* not backed by a freeable object */
5183 if (obj->pages_pin_count)
5184 pinned += obj->base.size;
5186 unbound += obj->base.size;
5188 list_for_each_entry(obj, &dev_priv->mm.bound_list, global_list) {
5189 if (!obj->base.filp)
5192 if (obj->pages_pin_count)
5193 pinned += obj->base.size;
5195 bound += obj->base.size;
5199 mutex_unlock(&dev->struct_mutex);
5201 pr_info("Purging GPU memory, %lu bytes freed, %lu bytes still pinned.\n",
5203 if (unbound || bound)
5204 pr_err("%lu and %lu bytes still available in the "
5205 "bound and unbound GPU page lists.\n",
5208 *(unsigned long *)ptr += freed;
5212 struct i915_vma *i915_gem_obj_to_ggtt(struct drm_i915_gem_object *obj)
5214 struct i915_vma *vma;
5216 /* This WARN has probably outlived its usefulness (callers already
5217 * WARN if they don't find the GGTT vma they expect). When removing,
5218 * remember to remove the pre-check in is_pin_display() as well */
5219 if (WARN_ON(list_empty(&obj->vma_list)))
5222 vma = list_first_entry(&obj->vma_list, typeof(*vma), vma_link);
5223 if (vma->vm != obj_to_ggtt(obj))
git.samba.org / sfrench / cifs-2.6.git / blob