2 * Copyright (C) 2010-2012 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <jroedel@suse.de>
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published
7 * by the Free Software Foundation.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 #define pr_fmt(fmt) "AMD-Vi: " fmt
21 #include <linux/mmu_notifier.h>
22 #include <linux/amd-iommu.h>
23 #include <linux/mm_types.h>
24 #include <linux/profile.h>
25 #include <linux/module.h>
26 #include <linux/sched.h>
27 #include <linux/sched/mm.h>
28 #include <linux/iommu.h>
29 #include <linux/wait.h>
30 #include <linux/pci.h>
31 #include <linux/gfp.h>
33 #include "amd_iommu_types.h"
34 #include "amd_iommu_proto.h"
36 MODULE_LICENSE("GPL v2");
37 MODULE_AUTHOR("Joerg Roedel <jroedel@suse.de>");
39 #define MAX_DEVICES 0x10000
40 #define PRI_QUEUE_SIZE 512
49 struct list_head list; /* For global state-list */
50 atomic_t count; /* Reference count */
51 unsigned mmu_notifier_count; /* Counting nested mmu_notifier
53 struct mm_struct *mm; /* mm_struct for the faults */
54 struct mmu_notifier mn; /* mmu_notifier handle */
55 struct pri_queue pri[PRI_QUEUE_SIZE]; /* PRI tag states */
56 struct device_state *device_state; /* Link to our device_state */
57 int pasid; /* PASID index */
58 bool invalid; /* Used during setup and
59 teardown of the pasid */
60 spinlock_t lock; /* Protect pri_queues and
62 wait_queue_head_t wq; /* To wait for count == 0 */
66 struct list_head list;
70 struct pasid_state **states;
71 struct iommu_domain *domain;
74 amd_iommu_invalid_ppr_cb inv_ppr_cb;
75 amd_iommu_invalidate_ctx inv_ctx_cb;
81 struct work_struct work;
82 struct device_state *dev_state;
83 struct pasid_state *state;
93 static LIST_HEAD(state_list);
94 static spinlock_t state_lock;
96 static struct workqueue_struct *iommu_wq;
98 static void free_pasid_states(struct device_state *dev_state);
100 static u16 device_id(struct pci_dev *pdev)
104 devid = pdev->bus->number;
105 devid = (devid << 8) | pdev->devfn;
110 static struct device_state *__get_device_state(u16 devid)
112 struct device_state *dev_state;
114 list_for_each_entry(dev_state, &state_list, list) {
115 if (dev_state->devid == devid)
122 static struct device_state *get_device_state(u16 devid)
124 struct device_state *dev_state;
127 spin_lock_irqsave(&state_lock, flags);
128 dev_state = __get_device_state(devid);
129 if (dev_state != NULL)
130 atomic_inc(&dev_state->count);
131 spin_unlock_irqrestore(&state_lock, flags);
136 static void free_device_state(struct device_state *dev_state)
138 struct iommu_group *group;
141 * First detach device from domain - No more PRI requests will arrive
142 * from that device after it is unbound from the IOMMUv2 domain.
144 group = iommu_group_get(&dev_state->pdev->dev);
148 iommu_detach_group(dev_state->domain, group);
150 iommu_group_put(group);
152 /* Everything is down now, free the IOMMUv2 domain */
153 iommu_domain_free(dev_state->domain);
155 /* Finally get rid of the device-state */
159 static void put_device_state(struct device_state *dev_state)
161 if (atomic_dec_and_test(&dev_state->count))
162 wake_up(&dev_state->wq);
165 /* Must be called under dev_state->lock */
166 static struct pasid_state **__get_pasid_state_ptr(struct device_state *dev_state,
167 int pasid, bool alloc)
169 struct pasid_state **root, **ptr;
172 level = dev_state->pasid_levels;
173 root = dev_state->states;
177 index = (pasid >> (9 * level)) & 0x1ff;
187 *ptr = (void *)get_zeroed_page(GFP_ATOMIC);
192 root = (struct pasid_state **)*ptr;
199 static int set_pasid_state(struct device_state *dev_state,
200 struct pasid_state *pasid_state,
203 struct pasid_state **ptr;
207 spin_lock_irqsave(&dev_state->lock, flags);
208 ptr = __get_pasid_state_ptr(dev_state, pasid, true);
223 spin_unlock_irqrestore(&dev_state->lock, flags);
228 static void clear_pasid_state(struct device_state *dev_state, int pasid)
230 struct pasid_state **ptr;
233 spin_lock_irqsave(&dev_state->lock, flags);
234 ptr = __get_pasid_state_ptr(dev_state, pasid, true);
242 spin_unlock_irqrestore(&dev_state->lock, flags);
245 static struct pasid_state *get_pasid_state(struct device_state *dev_state,
248 struct pasid_state **ptr, *ret = NULL;
251 spin_lock_irqsave(&dev_state->lock, flags);
252 ptr = __get_pasid_state_ptr(dev_state, pasid, false);
259 atomic_inc(&ret->count);
262 spin_unlock_irqrestore(&dev_state->lock, flags);
267 static void free_pasid_state(struct pasid_state *pasid_state)
272 static void put_pasid_state(struct pasid_state *pasid_state)
274 if (atomic_dec_and_test(&pasid_state->count))
275 wake_up(&pasid_state->wq);
278 static void put_pasid_state_wait(struct pasid_state *pasid_state)
280 atomic_dec(&pasid_state->count);
281 wait_event(pasid_state->wq, !atomic_read(&pasid_state->count));
282 free_pasid_state(pasid_state);
285 static void unbind_pasid(struct pasid_state *pasid_state)
287 struct iommu_domain *domain;
289 domain = pasid_state->device_state->domain;
292 * Mark pasid_state as invalid, no more faults will we added to the
293 * work queue after this is visible everywhere.
295 pasid_state->invalid = true;
297 /* Make sure this is visible */
300 /* After this the device/pasid can't access the mm anymore */
301 amd_iommu_domain_clear_gcr3(domain, pasid_state->pasid);
303 /* Make sure no more pending faults are in the queue */
304 flush_workqueue(iommu_wq);
307 static void free_pasid_states_level1(struct pasid_state **tbl)
311 for (i = 0; i < 512; ++i) {
315 free_page((unsigned long)tbl[i]);
319 static void free_pasid_states_level2(struct pasid_state **tbl)
321 struct pasid_state **ptr;
324 for (i = 0; i < 512; ++i) {
328 ptr = (struct pasid_state **)tbl[i];
329 free_pasid_states_level1(ptr);
333 static void free_pasid_states(struct device_state *dev_state)
335 struct pasid_state *pasid_state;
338 for (i = 0; i < dev_state->max_pasids; ++i) {
339 pasid_state = get_pasid_state(dev_state, i);
340 if (pasid_state == NULL)
343 put_pasid_state(pasid_state);
346 * This will call the mn_release function and
349 mmu_notifier_unregister(&pasid_state->mn, pasid_state->mm);
351 put_pasid_state_wait(pasid_state); /* Reference taken in
352 amd_iommu_bind_pasid */
354 /* Drop reference taken in amd_iommu_bind_pasid */
355 put_device_state(dev_state);
358 if (dev_state->pasid_levels == 2)
359 free_pasid_states_level2(dev_state->states);
360 else if (dev_state->pasid_levels == 1)
361 free_pasid_states_level1(dev_state->states);
363 BUG_ON(dev_state->pasid_levels != 0);
365 free_page((unsigned long)dev_state->states);
368 static struct pasid_state *mn_to_state(struct mmu_notifier *mn)
370 return container_of(mn, struct pasid_state, mn);
373 static void mn_invalidate_range(struct mmu_notifier *mn,
374 struct mm_struct *mm,
375 unsigned long start, unsigned long end)
377 struct pasid_state *pasid_state;
378 struct device_state *dev_state;
380 pasid_state = mn_to_state(mn);
381 dev_state = pasid_state->device_state;
383 if ((start ^ (end - 1)) < PAGE_SIZE)
384 amd_iommu_flush_page(dev_state->domain, pasid_state->pasid,
387 amd_iommu_flush_tlb(dev_state->domain, pasid_state->pasid);
390 static void mn_release(struct mmu_notifier *mn, struct mm_struct *mm)
392 struct pasid_state *pasid_state;
393 struct device_state *dev_state;
398 pasid_state = mn_to_state(mn);
399 dev_state = pasid_state->device_state;
400 run_inv_ctx_cb = !pasid_state->invalid;
402 if (run_inv_ctx_cb && dev_state->inv_ctx_cb)
403 dev_state->inv_ctx_cb(dev_state->pdev, pasid_state->pasid);
405 unbind_pasid(pasid_state);
408 static const struct mmu_notifier_ops iommu_mn = {
409 .release = mn_release,
410 .invalidate_range = mn_invalidate_range,
413 static void set_pri_tag_status(struct pasid_state *pasid_state,
418 spin_lock_irqsave(&pasid_state->lock, flags);
419 pasid_state->pri[tag].status = status;
420 spin_unlock_irqrestore(&pasid_state->lock, flags);
423 static void finish_pri_tag(struct device_state *dev_state,
424 struct pasid_state *pasid_state,
429 spin_lock_irqsave(&pasid_state->lock, flags);
430 if (atomic_dec_and_test(&pasid_state->pri[tag].inflight) &&
431 pasid_state->pri[tag].finish) {
432 amd_iommu_complete_ppr(dev_state->pdev, pasid_state->pasid,
433 pasid_state->pri[tag].status, tag);
434 pasid_state->pri[tag].finish = false;
435 pasid_state->pri[tag].status = PPR_SUCCESS;
437 spin_unlock_irqrestore(&pasid_state->lock, flags);
440 static void handle_fault_error(struct fault *fault)
444 if (!fault->dev_state->inv_ppr_cb) {
445 set_pri_tag_status(fault->state, fault->tag, PPR_INVALID);
449 status = fault->dev_state->inv_ppr_cb(fault->dev_state->pdev,
454 case AMD_IOMMU_INV_PRI_RSP_SUCCESS:
455 set_pri_tag_status(fault->state, fault->tag, PPR_SUCCESS);
457 case AMD_IOMMU_INV_PRI_RSP_INVALID:
458 set_pri_tag_status(fault->state, fault->tag, PPR_INVALID);
460 case AMD_IOMMU_INV_PRI_RSP_FAIL:
461 set_pri_tag_status(fault->state, fault->tag, PPR_FAILURE);
468 static bool access_error(struct vm_area_struct *vma, struct fault *fault)
470 unsigned long requested = 0;
472 if (fault->flags & PPR_FAULT_EXEC)
473 requested |= VM_EXEC;
475 if (fault->flags & PPR_FAULT_READ)
476 requested |= VM_READ;
478 if (fault->flags & PPR_FAULT_WRITE)
479 requested |= VM_WRITE;
481 return (requested & ~vma->vm_flags) != 0;
484 static void do_fault(struct work_struct *work)
486 struct fault *fault = container_of(work, struct fault, work);
487 struct vm_area_struct *vma;
488 vm_fault_t ret = VM_FAULT_ERROR;
489 unsigned int flags = 0;
490 struct mm_struct *mm;
493 mm = fault->state->mm;
494 address = fault->address;
496 if (fault->flags & PPR_FAULT_USER)
497 flags |= FAULT_FLAG_USER;
498 if (fault->flags & PPR_FAULT_WRITE)
499 flags |= FAULT_FLAG_WRITE;
500 flags |= FAULT_FLAG_REMOTE;
502 down_read(&mm->mmap_sem);
503 vma = find_extend_vma(mm, address);
504 if (!vma || address < vma->vm_start)
505 /* failed to get a vma in the right range */
508 /* Check if we have the right permissions on the vma */
509 if (access_error(vma, fault))
512 ret = handle_mm_fault(vma, address, flags);
514 up_read(&mm->mmap_sem);
516 if (ret & VM_FAULT_ERROR)
517 /* failed to service fault */
518 handle_fault_error(fault);
520 finish_pri_tag(fault->dev_state, fault->state, fault->tag);
522 put_pasid_state(fault->state);
527 static int ppr_notifier(struct notifier_block *nb, unsigned long e, void *data)
529 struct amd_iommu_fault *iommu_fault;
530 struct pasid_state *pasid_state;
531 struct device_state *dev_state;
537 struct iommu_dev_data *dev_data;
538 struct pci_dev *pdev = NULL;
541 tag = iommu_fault->tag & 0x1ff;
542 finish = (iommu_fault->tag >> 9) & 1;
544 devid = iommu_fault->device_id;
545 pdev = pci_get_domain_bus_and_slot(0, PCI_BUS_NUM(devid),
549 dev_data = get_dev_data(&pdev->dev);
551 /* In kdump kernel pci dev is not initialized yet -> send INVALID */
553 if (translation_pre_enabled(amd_iommu_rlookup_table[devid])
554 && dev_data->defer_attach) {
555 amd_iommu_complete_ppr(pdev, iommu_fault->pasid,
560 dev_state = get_device_state(iommu_fault->device_id);
561 if (dev_state == NULL)
564 pasid_state = get_pasid_state(dev_state, iommu_fault->pasid);
565 if (pasid_state == NULL || pasid_state->invalid) {
566 /* We know the device but not the PASID -> send INVALID */
567 amd_iommu_complete_ppr(dev_state->pdev, iommu_fault->pasid,
572 spin_lock_irqsave(&pasid_state->lock, flags);
573 atomic_inc(&pasid_state->pri[tag].inflight);
575 pasid_state->pri[tag].finish = true;
576 spin_unlock_irqrestore(&pasid_state->lock, flags);
578 fault = kzalloc(sizeof(*fault), GFP_ATOMIC);
580 /* We are OOM - send success and let the device re-fault */
581 finish_pri_tag(dev_state, pasid_state, tag);
585 fault->dev_state = dev_state;
586 fault->address = iommu_fault->address;
587 fault->state = pasid_state;
589 fault->finish = finish;
590 fault->pasid = iommu_fault->pasid;
591 fault->flags = iommu_fault->flags;
592 INIT_WORK(&fault->work, do_fault);
594 queue_work(iommu_wq, &fault->work);
600 if (ret != NOTIFY_OK && pasid_state)
601 put_pasid_state(pasid_state);
603 put_device_state(dev_state);
609 static struct notifier_block ppr_nb = {
610 .notifier_call = ppr_notifier,
613 int amd_iommu_bind_pasid(struct pci_dev *pdev, int pasid,
614 struct task_struct *task)
616 struct pasid_state *pasid_state;
617 struct device_state *dev_state;
618 struct mm_struct *mm;
624 if (!amd_iommu_v2_supported())
627 devid = device_id(pdev);
628 dev_state = get_device_state(devid);
630 if (dev_state == NULL)
634 if (pasid < 0 || pasid >= dev_state->max_pasids)
638 pasid_state = kzalloc(sizeof(*pasid_state), GFP_KERNEL);
639 if (pasid_state == NULL)
643 atomic_set(&pasid_state->count, 1);
644 init_waitqueue_head(&pasid_state->wq);
645 spin_lock_init(&pasid_state->lock);
647 mm = get_task_mm(task);
648 pasid_state->mm = mm;
649 pasid_state->device_state = dev_state;
650 pasid_state->pasid = pasid;
651 pasid_state->invalid = true; /* Mark as valid only if we are
652 done with setting up the pasid */
653 pasid_state->mn.ops = &iommu_mn;
655 if (pasid_state->mm == NULL)
658 mmu_notifier_register(&pasid_state->mn, mm);
660 ret = set_pasid_state(dev_state, pasid_state, pasid);
664 ret = amd_iommu_domain_set_gcr3(dev_state->domain, pasid,
665 __pa(pasid_state->mm->pgd));
667 goto out_clear_state;
669 /* Now we are ready to handle faults */
670 pasid_state->invalid = false;
673 * Drop the reference to the mm_struct here. We rely on the
674 * mmu_notifier release call-back to inform us when the mm
682 clear_pasid_state(dev_state, pasid);
685 mmu_notifier_unregister(&pasid_state->mn, mm);
689 free_pasid_state(pasid_state);
692 put_device_state(dev_state);
696 EXPORT_SYMBOL(amd_iommu_bind_pasid);
698 void amd_iommu_unbind_pasid(struct pci_dev *pdev, int pasid)
700 struct pasid_state *pasid_state;
701 struct device_state *dev_state;
706 if (!amd_iommu_v2_supported())
709 devid = device_id(pdev);
710 dev_state = get_device_state(devid);
711 if (dev_state == NULL)
714 if (pasid < 0 || pasid >= dev_state->max_pasids)
717 pasid_state = get_pasid_state(dev_state, pasid);
718 if (pasid_state == NULL)
721 * Drop reference taken here. We are safe because we still hold
722 * the reference taken in the amd_iommu_bind_pasid function.
724 put_pasid_state(pasid_state);
726 /* Clear the pasid state so that the pasid can be re-used */
727 clear_pasid_state(dev_state, pasid_state->pasid);
730 * Call mmu_notifier_unregister to drop our reference
733 mmu_notifier_unregister(&pasid_state->mn, pasid_state->mm);
735 put_pasid_state_wait(pasid_state); /* Reference taken in
736 amd_iommu_bind_pasid */
738 /* Drop reference taken in this function */
739 put_device_state(dev_state);
741 /* Drop reference taken in amd_iommu_bind_pasid */
742 put_device_state(dev_state);
744 EXPORT_SYMBOL(amd_iommu_unbind_pasid);
746 int amd_iommu_init_device(struct pci_dev *pdev, int pasids)
748 struct device_state *dev_state;
749 struct iommu_group *group;
756 if (!amd_iommu_v2_supported())
759 if (pasids <= 0 || pasids > (PASID_MASK + 1))
762 devid = device_id(pdev);
764 dev_state = kzalloc(sizeof(*dev_state), GFP_KERNEL);
765 if (dev_state == NULL)
768 spin_lock_init(&dev_state->lock);
769 init_waitqueue_head(&dev_state->wq);
770 dev_state->pdev = pdev;
771 dev_state->devid = devid;
774 for (dev_state->pasid_levels = 0; (tmp - 1) & ~0x1ff; tmp >>= 9)
775 dev_state->pasid_levels += 1;
777 atomic_set(&dev_state->count, 1);
778 dev_state->max_pasids = pasids;
781 dev_state->states = (void *)get_zeroed_page(GFP_KERNEL);
782 if (dev_state->states == NULL)
783 goto out_free_dev_state;
785 dev_state->domain = iommu_domain_alloc(&pci_bus_type);
786 if (dev_state->domain == NULL)
787 goto out_free_states;
789 amd_iommu_domain_direct_map(dev_state->domain);
791 ret = amd_iommu_domain_enable_v2(dev_state->domain, pasids);
793 goto out_free_domain;
795 group = iommu_group_get(&pdev->dev);
798 goto out_free_domain;
801 ret = iommu_attach_group(dev_state->domain, group);
805 iommu_group_put(group);
807 spin_lock_irqsave(&state_lock, flags);
809 if (__get_device_state(devid) != NULL) {
810 spin_unlock_irqrestore(&state_lock, flags);
812 goto out_free_domain;
815 list_add_tail(&dev_state->list, &state_list);
817 spin_unlock_irqrestore(&state_lock, flags);
822 iommu_group_put(group);
825 iommu_domain_free(dev_state->domain);
828 free_page((unsigned long)dev_state->states);
835 EXPORT_SYMBOL(amd_iommu_init_device);
837 void amd_iommu_free_device(struct pci_dev *pdev)
839 struct device_state *dev_state;
843 if (!amd_iommu_v2_supported())
846 devid = device_id(pdev);
848 spin_lock_irqsave(&state_lock, flags);
850 dev_state = __get_device_state(devid);
851 if (dev_state == NULL) {
852 spin_unlock_irqrestore(&state_lock, flags);
856 list_del(&dev_state->list);
858 spin_unlock_irqrestore(&state_lock, flags);
860 /* Get rid of any remaining pasid states */
861 free_pasid_states(dev_state);
863 put_device_state(dev_state);
865 * Wait until the last reference is dropped before freeing
868 wait_event(dev_state->wq, !atomic_read(&dev_state->count));
869 free_device_state(dev_state);
871 EXPORT_SYMBOL(amd_iommu_free_device);
873 int amd_iommu_set_invalid_ppr_cb(struct pci_dev *pdev,
874 amd_iommu_invalid_ppr_cb cb)
876 struct device_state *dev_state;
881 if (!amd_iommu_v2_supported())
884 devid = device_id(pdev);
886 spin_lock_irqsave(&state_lock, flags);
889 dev_state = __get_device_state(devid);
890 if (dev_state == NULL)
893 dev_state->inv_ppr_cb = cb;
898 spin_unlock_irqrestore(&state_lock, flags);
902 EXPORT_SYMBOL(amd_iommu_set_invalid_ppr_cb);
904 int amd_iommu_set_invalidate_ctx_cb(struct pci_dev *pdev,
905 amd_iommu_invalidate_ctx cb)
907 struct device_state *dev_state;
912 if (!amd_iommu_v2_supported())
915 devid = device_id(pdev);
917 spin_lock_irqsave(&state_lock, flags);
920 dev_state = __get_device_state(devid);
921 if (dev_state == NULL)
924 dev_state->inv_ctx_cb = cb;
929 spin_unlock_irqrestore(&state_lock, flags);
933 EXPORT_SYMBOL(amd_iommu_set_invalidate_ctx_cb);
935 static int __init amd_iommu_v2_init(void)
939 pr_info("AMD IOMMUv2 driver by Joerg Roedel <jroedel@suse.de>\n");
941 if (!amd_iommu_v2_supported()) {
942 pr_info("AMD IOMMUv2 functionality not available on this system\n");
944 * Load anyway to provide the symbols to other modules
945 * which may use AMD IOMMUv2 optionally.
950 spin_lock_init(&state_lock);
953 iommu_wq = alloc_workqueue("amd_iommu_v2", WQ_MEM_RECLAIM, 0);
954 if (iommu_wq == NULL)
957 amd_iommu_register_ppr_notifier(&ppr_nb);
965 static void __exit amd_iommu_v2_exit(void)
967 struct device_state *dev_state;
970 if (!amd_iommu_v2_supported())
973 amd_iommu_unregister_ppr_notifier(&ppr_nb);
975 flush_workqueue(iommu_wq);
978 * The loop below might call flush_workqueue(), so call
979 * destroy_workqueue() after it
981 for (i = 0; i < MAX_DEVICES; ++i) {
982 dev_state = get_device_state(i);
984 if (dev_state == NULL)
989 put_device_state(dev_state);
990 amd_iommu_free_device(dev_state->pdev);
993 destroy_workqueue(iommu_wq);
996 module_init(amd_iommu_v2_init);
997 module_exit(amd_iommu_v2_exit);
git.samba.org / sfrench / cifs-2.6.git / blob