2 * Copyright © 2008,2010 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
25 * Chris Wilson <chris@chris-wilson.co.uk>
29 #include <linux/dma_remapping.h>
30 #include <linux/reservation.h>
31 #include <linux/uaccess.h>
34 #include <drm/i915_drm.h>
37 #include "i915_gem_dmabuf.h"
38 #include "i915_trace.h"
39 #include "intel_drv.h"
40 #include "intel_frontbuffer.h"
42 #define __EXEC_OBJECT_HAS_PIN (1<<31)
43 #define __EXEC_OBJECT_HAS_FENCE (1<<30)
44 #define __EXEC_OBJECT_NEEDS_MAP (1<<29)
45 #define __EXEC_OBJECT_NEEDS_BIAS (1<<28)
46 #define __EXEC_OBJECT_INTERNAL_FLAGS (0xf<<28) /* all of the above */
48 #define BATCH_OFFSET_BIAS (256*1024)
50 struct i915_execbuffer_params {
51 struct drm_device *dev;
52 struct drm_file *file;
53 struct i915_vma *batch;
55 u32 args_batch_start_offset;
56 struct intel_engine_cs *engine;
57 struct i915_gem_context *ctx;
58 struct drm_i915_gem_request *request;
62 struct list_head vmas;
65 struct i915_vma *lut[0];
66 struct hlist_head buckets[0];
70 static struct eb_vmas *
71 eb_create(struct drm_i915_gem_execbuffer2 *args)
73 struct eb_vmas *eb = NULL;
75 if (args->flags & I915_EXEC_HANDLE_LUT) {
76 unsigned size = args->buffer_count;
77 size *= sizeof(struct i915_vma *);
78 size += sizeof(struct eb_vmas);
79 eb = kmalloc(size, GFP_TEMPORARY | __GFP_NOWARN | __GFP_NORETRY);
83 unsigned size = args->buffer_count;
84 unsigned count = PAGE_SIZE / sizeof(struct hlist_head) / 2;
85 BUILD_BUG_ON_NOT_POWER_OF_2(PAGE_SIZE / sizeof(struct hlist_head));
86 while (count > 2*size)
88 eb = kzalloc(count*sizeof(struct hlist_head) +
89 sizeof(struct eb_vmas),
96 eb->and = -args->buffer_count;
98 INIT_LIST_HEAD(&eb->vmas);
103 eb_reset(struct eb_vmas *eb)
106 memset(eb->buckets, 0, (eb->and+1)*sizeof(struct hlist_head));
109 static struct i915_vma *
110 eb_get_batch(struct eb_vmas *eb)
112 struct i915_vma *vma = list_entry(eb->vmas.prev, typeof(*vma), exec_list);
115 * SNA is doing fancy tricks with compressing batch buffers, which leads
116 * to negative relocation deltas. Usually that works out ok since the
117 * relocate address is still positive, except when the batch is placed
118 * very low in the GTT. Ensure this doesn't happen.
120 * Note that actual hangs have only been observed on gen7, but for
121 * paranoia do it everywhere.
123 if ((vma->exec_entry->flags & EXEC_OBJECT_PINNED) == 0)
124 vma->exec_entry->flags |= __EXEC_OBJECT_NEEDS_BIAS;
130 eb_lookup_vmas(struct eb_vmas *eb,
131 struct drm_i915_gem_exec_object2 *exec,
132 const struct drm_i915_gem_execbuffer2 *args,
133 struct i915_address_space *vm,
134 struct drm_file *file)
136 struct drm_i915_gem_object *obj;
137 struct list_head objects;
140 INIT_LIST_HEAD(&objects);
141 spin_lock(&file->table_lock);
142 /* Grab a reference to the object and release the lock so we can lookup
143 * or create the VMA without using GFP_ATOMIC */
144 for (i = 0; i < args->buffer_count; i++) {
145 obj = to_intel_bo(idr_find(&file->object_idr, exec[i].handle));
147 spin_unlock(&file->table_lock);
148 DRM_DEBUG("Invalid object handle %d at index %d\n",
154 if (!list_empty(&obj->obj_exec_link)) {
155 spin_unlock(&file->table_lock);
156 DRM_DEBUG("Object %p [handle %d, index %d] appears more than once in object list\n",
157 obj, exec[i].handle, i);
162 i915_gem_object_get(obj);
163 list_add_tail(&obj->obj_exec_link, &objects);
165 spin_unlock(&file->table_lock);
168 while (!list_empty(&objects)) {
169 struct i915_vma *vma;
171 obj = list_first_entry(&objects,
172 struct drm_i915_gem_object,
176 * NOTE: We can leak any vmas created here when something fails
177 * later on. But that's no issue since vma_unbind can deal with
178 * vmas which are not actually bound. And since only
179 * lookup_or_create exists as an interface to get at the vma
180 * from the (obj, vm) we don't run the risk of creating
181 * duplicated vmas for the same vm.
183 vma = i915_gem_obj_lookup_or_create_vma(obj, vm);
185 DRM_DEBUG("Failed to lookup VMA\n");
190 /* Transfer ownership from the objects list to the vmas list. */
191 list_add_tail(&vma->exec_list, &eb->vmas);
192 list_del_init(&obj->obj_exec_link);
194 vma->exec_entry = &exec[i];
198 uint32_t handle = args->flags & I915_EXEC_HANDLE_LUT ? i : exec[i].handle;
199 vma->exec_handle = handle;
200 hlist_add_head(&vma->exec_node,
201 &eb->buckets[handle & eb->and]);
210 while (!list_empty(&objects)) {
211 obj = list_first_entry(&objects,
212 struct drm_i915_gem_object,
214 list_del_init(&obj->obj_exec_link);
215 i915_gem_object_put(obj);
218 * Objects already transfered to the vmas list will be unreferenced by
225 static struct i915_vma *eb_get_vma(struct eb_vmas *eb, unsigned long handle)
228 if (handle >= -eb->and)
230 return eb->lut[handle];
232 struct hlist_head *head;
233 struct i915_vma *vma;
235 head = &eb->buckets[handle & eb->and];
236 hlist_for_each_entry(vma, head, exec_node) {
237 if (vma->exec_handle == handle)
245 i915_gem_execbuffer_unreserve_vma(struct i915_vma *vma)
247 struct drm_i915_gem_exec_object2 *entry;
248 struct drm_i915_gem_object *obj = vma->obj;
250 if (!drm_mm_node_allocated(&vma->node))
253 entry = vma->exec_entry;
255 if (entry->flags & __EXEC_OBJECT_HAS_FENCE)
256 i915_gem_object_unpin_fence(obj);
258 if (entry->flags & __EXEC_OBJECT_HAS_PIN)
259 __i915_vma_unpin(vma);
261 entry->flags &= ~(__EXEC_OBJECT_HAS_FENCE | __EXEC_OBJECT_HAS_PIN);
264 static void eb_destroy(struct eb_vmas *eb)
266 while (!list_empty(&eb->vmas)) {
267 struct i915_vma *vma;
269 vma = list_first_entry(&eb->vmas,
272 list_del_init(&vma->exec_list);
273 i915_gem_execbuffer_unreserve_vma(vma);
274 i915_gem_object_put(vma->obj);
279 static inline int use_cpu_reloc(struct drm_i915_gem_object *obj)
281 return (HAS_LLC(obj->base.dev) ||
282 obj->base.write_domain == I915_GEM_DOMAIN_CPU ||
283 obj->cache_level != I915_CACHE_NONE);
286 /* Used to convert any address to canonical form.
287 * Starting from gen8, some commands (e.g. STATE_BASE_ADDRESS,
288 * MI_LOAD_REGISTER_MEM and others, see Broadwell PRM Vol2a) require the
289 * addresses to be in a canonical form:
290 * "GraphicsAddress[63:48] are ignored by the HW and assumed to be in correct
291 * canonical form [63:48] == [47]."
293 #define GEN8_HIGH_ADDRESS_BIT 47
294 static inline uint64_t gen8_canonical_addr(uint64_t address)
296 return sign_extend64(address, GEN8_HIGH_ADDRESS_BIT);
299 static inline uint64_t gen8_noncanonical_addr(uint64_t address)
301 return address & ((1ULL << (GEN8_HIGH_ADDRESS_BIT + 1)) - 1);
304 static inline uint64_t
305 relocation_target(struct drm_i915_gem_relocation_entry *reloc,
306 uint64_t target_offset)
308 return gen8_canonical_addr((int)reloc->delta + target_offset);
312 relocate_entry_cpu(struct drm_i915_gem_object *obj,
313 struct drm_i915_gem_relocation_entry *reloc,
314 uint64_t target_offset)
316 struct drm_device *dev = obj->base.dev;
317 uint32_t page_offset = offset_in_page(reloc->offset);
318 uint64_t delta = relocation_target(reloc, target_offset);
322 ret = i915_gem_object_set_to_cpu_domain(obj, true);
326 vaddr = kmap_atomic(i915_gem_object_get_dirty_page(obj,
327 reloc->offset >> PAGE_SHIFT));
328 *(uint32_t *)(vaddr + page_offset) = lower_32_bits(delta);
330 if (INTEL_INFO(dev)->gen >= 8) {
331 page_offset = offset_in_page(page_offset + sizeof(uint32_t));
333 if (page_offset == 0) {
334 kunmap_atomic(vaddr);
335 vaddr = kmap_atomic(i915_gem_object_get_dirty_page(obj,
336 (reloc->offset + sizeof(uint32_t)) >> PAGE_SHIFT));
339 *(uint32_t *)(vaddr + page_offset) = upper_32_bits(delta);
342 kunmap_atomic(vaddr);
348 relocate_entry_gtt(struct drm_i915_gem_object *obj,
349 struct drm_i915_gem_relocation_entry *reloc,
350 uint64_t target_offset)
352 struct drm_device *dev = obj->base.dev;
353 struct drm_i915_private *dev_priv = to_i915(dev);
354 struct i915_ggtt *ggtt = &dev_priv->ggtt;
355 uint64_t delta = relocation_target(reloc, target_offset);
357 void __iomem *reloc_page;
360 ret = i915_gem_object_set_to_gtt_domain(obj, true);
364 ret = i915_gem_object_put_fence(obj);
368 /* Map the page containing the relocation we're going to perform. */
369 offset = i915_gem_obj_ggtt_offset(obj);
370 offset += reloc->offset;
371 reloc_page = io_mapping_map_atomic_wc(ggtt->mappable,
373 iowrite32(lower_32_bits(delta), reloc_page + offset_in_page(offset));
375 if (INTEL_INFO(dev)->gen >= 8) {
376 offset += sizeof(uint32_t);
378 if (offset_in_page(offset) == 0) {
379 io_mapping_unmap_atomic(reloc_page);
381 io_mapping_map_atomic_wc(ggtt->mappable,
385 iowrite32(upper_32_bits(delta),
386 reloc_page + offset_in_page(offset));
389 io_mapping_unmap_atomic(reloc_page);
395 clflush_write32(void *addr, uint32_t value)
397 /* This is not a fast path, so KISS. */
398 drm_clflush_virt_range(addr, sizeof(uint32_t));
399 *(uint32_t *)addr = value;
400 drm_clflush_virt_range(addr, sizeof(uint32_t));
404 relocate_entry_clflush(struct drm_i915_gem_object *obj,
405 struct drm_i915_gem_relocation_entry *reloc,
406 uint64_t target_offset)
408 struct drm_device *dev = obj->base.dev;
409 uint32_t page_offset = offset_in_page(reloc->offset);
410 uint64_t delta = relocation_target(reloc, target_offset);
414 ret = i915_gem_object_set_to_gtt_domain(obj, true);
418 vaddr = kmap_atomic(i915_gem_object_get_dirty_page(obj,
419 reloc->offset >> PAGE_SHIFT));
420 clflush_write32(vaddr + page_offset, lower_32_bits(delta));
422 if (INTEL_INFO(dev)->gen >= 8) {
423 page_offset = offset_in_page(page_offset + sizeof(uint32_t));
425 if (page_offset == 0) {
426 kunmap_atomic(vaddr);
427 vaddr = kmap_atomic(i915_gem_object_get_dirty_page(obj,
428 (reloc->offset + sizeof(uint32_t)) >> PAGE_SHIFT));
431 clflush_write32(vaddr + page_offset, upper_32_bits(delta));
434 kunmap_atomic(vaddr);
439 static bool object_is_idle(struct drm_i915_gem_object *obj)
441 unsigned long active = i915_gem_object_get_active(obj);
444 for_each_active(active, idx) {
445 if (!i915_gem_active_is_idle(&obj->last_read[idx],
446 &obj->base.dev->struct_mutex))
454 i915_gem_execbuffer_relocate_entry(struct drm_i915_gem_object *obj,
456 struct drm_i915_gem_relocation_entry *reloc)
458 struct drm_device *dev = obj->base.dev;
459 struct drm_gem_object *target_obj;
460 struct drm_i915_gem_object *target_i915_obj;
461 struct i915_vma *target_vma;
462 uint64_t target_offset;
465 /* we've already hold a reference to all valid objects */
466 target_vma = eb_get_vma(eb, reloc->target_handle);
467 if (unlikely(target_vma == NULL))
469 target_i915_obj = target_vma->obj;
470 target_obj = &target_vma->obj->base;
472 target_offset = gen8_canonical_addr(target_vma->node.start);
474 /* Sandybridge PPGTT errata: We need a global gtt mapping for MI and
475 * pipe_control writes because the gpu doesn't properly redirect them
476 * through the ppgtt for non_secure batchbuffers. */
477 if (unlikely(IS_GEN6(dev) &&
478 reloc->write_domain == I915_GEM_DOMAIN_INSTRUCTION)) {
479 ret = i915_vma_bind(target_vma, target_i915_obj->cache_level,
481 if (WARN_ONCE(ret, "Unexpected failure to bind target VMA!"))
485 /* Validate that the target is in a valid r/w GPU domain */
486 if (unlikely(reloc->write_domain & (reloc->write_domain - 1))) {
487 DRM_DEBUG("reloc with multiple write domains: "
488 "obj %p target %d offset %d "
489 "read %08x write %08x",
490 obj, reloc->target_handle,
493 reloc->write_domain);
496 if (unlikely((reloc->write_domain | reloc->read_domains)
497 & ~I915_GEM_GPU_DOMAINS)) {
498 DRM_DEBUG("reloc with read/write non-GPU domains: "
499 "obj %p target %d offset %d "
500 "read %08x write %08x",
501 obj, reloc->target_handle,
504 reloc->write_domain);
508 target_obj->pending_read_domains |= reloc->read_domains;
509 target_obj->pending_write_domain |= reloc->write_domain;
511 /* If the relocation already has the right value in it, no
512 * more work needs to be done.
514 if (target_offset == reloc->presumed_offset)
517 /* Check that the relocation address is valid... */
518 if (unlikely(reloc->offset >
519 obj->base.size - (INTEL_INFO(dev)->gen >= 8 ? 8 : 4))) {
520 DRM_DEBUG("Relocation beyond object bounds: "
521 "obj %p target %d offset %d size %d.\n",
522 obj, reloc->target_handle,
524 (int) obj->base.size);
527 if (unlikely(reloc->offset & 3)) {
528 DRM_DEBUG("Relocation not 4-byte aligned: "
529 "obj %p target %d offset %d.\n",
530 obj, reloc->target_handle,
531 (int) reloc->offset);
535 /* We can't wait for rendering with pagefaults disabled */
536 if (pagefault_disabled() && !object_is_idle(obj))
539 if (use_cpu_reloc(obj))
540 ret = relocate_entry_cpu(obj, reloc, target_offset);
541 else if (obj->map_and_fenceable)
542 ret = relocate_entry_gtt(obj, reloc, target_offset);
543 else if (static_cpu_has(X86_FEATURE_CLFLUSH))
544 ret = relocate_entry_clflush(obj, reloc, target_offset);
546 WARN_ONCE(1, "Impossible case in relocation handling\n");
553 /* and update the user's relocation entry */
554 reloc->presumed_offset = target_offset;
560 i915_gem_execbuffer_relocate_vma(struct i915_vma *vma,
563 #define N_RELOC(x) ((x) / sizeof(struct drm_i915_gem_relocation_entry))
564 struct drm_i915_gem_relocation_entry stack_reloc[N_RELOC(512)];
565 struct drm_i915_gem_relocation_entry __user *user_relocs;
566 struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
569 user_relocs = u64_to_user_ptr(entry->relocs_ptr);
571 remain = entry->relocation_count;
573 struct drm_i915_gem_relocation_entry *r = stack_reloc;
575 if (count > ARRAY_SIZE(stack_reloc))
576 count = ARRAY_SIZE(stack_reloc);
579 if (__copy_from_user_inatomic(r, user_relocs, count*sizeof(r[0])))
583 u64 offset = r->presumed_offset;
585 ret = i915_gem_execbuffer_relocate_entry(vma->obj, eb, r);
589 if (r->presumed_offset != offset &&
590 __put_user(r->presumed_offset, &user_relocs->presumed_offset)) {
604 i915_gem_execbuffer_relocate_vma_slow(struct i915_vma *vma,
606 struct drm_i915_gem_relocation_entry *relocs)
608 const struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
611 for (i = 0; i < entry->relocation_count; i++) {
612 ret = i915_gem_execbuffer_relocate_entry(vma->obj, eb, &relocs[i]);
621 i915_gem_execbuffer_relocate(struct eb_vmas *eb)
623 struct i915_vma *vma;
626 /* This is the fast path and we cannot handle a pagefault whilst
627 * holding the struct mutex lest the user pass in the relocations
628 * contained within a mmaped bo. For in such a case we, the page
629 * fault handler would call i915_gem_fault() and we would try to
630 * acquire the struct mutex again. Obviously this is bad and so
631 * lockdep complains vehemently.
634 list_for_each_entry(vma, &eb->vmas, exec_list) {
635 ret = i915_gem_execbuffer_relocate_vma(vma, eb);
644 static bool only_mappable_for_reloc(unsigned int flags)
646 return (flags & (EXEC_OBJECT_NEEDS_FENCE | __EXEC_OBJECT_NEEDS_MAP)) ==
647 __EXEC_OBJECT_NEEDS_MAP;
651 i915_gem_execbuffer_reserve_vma(struct i915_vma *vma,
652 struct intel_engine_cs *engine,
655 struct drm_i915_gem_object *obj = vma->obj;
656 struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
661 if (entry->flags & EXEC_OBJECT_NEEDS_GTT)
664 if (!drm_mm_node_allocated(&vma->node)) {
665 /* Wa32bitGeneralStateOffset & Wa32bitInstructionBaseOffset,
666 * limit address to the first 4GBs for unflagged objects.
668 if ((entry->flags & EXEC_OBJECT_SUPPORTS_48B_ADDRESS) == 0)
669 flags |= PIN_ZONE_4G;
670 if (entry->flags & __EXEC_OBJECT_NEEDS_MAP)
671 flags |= PIN_GLOBAL | PIN_MAPPABLE;
672 if (entry->flags & __EXEC_OBJECT_NEEDS_BIAS)
673 flags |= BATCH_OFFSET_BIAS | PIN_OFFSET_BIAS;
674 if (entry->flags & EXEC_OBJECT_PINNED)
675 flags |= entry->offset | PIN_OFFSET_FIXED;
676 if ((flags & PIN_MAPPABLE) == 0)
680 ret = i915_vma_pin(vma,
684 if ((ret == -ENOSPC || ret == -E2BIG) &&
685 only_mappable_for_reloc(entry->flags))
686 ret = i915_vma_pin(vma,
689 flags & ~PIN_MAPPABLE);
693 entry->flags |= __EXEC_OBJECT_HAS_PIN;
695 if (entry->flags & EXEC_OBJECT_NEEDS_FENCE) {
696 ret = i915_gem_object_get_fence(obj);
700 if (i915_gem_object_pin_fence(obj))
701 entry->flags |= __EXEC_OBJECT_HAS_FENCE;
704 if (entry->offset != vma->node.start) {
705 entry->offset = vma->node.start;
709 if (entry->flags & EXEC_OBJECT_WRITE) {
710 obj->base.pending_read_domains = I915_GEM_DOMAIN_RENDER;
711 obj->base.pending_write_domain = I915_GEM_DOMAIN_RENDER;
718 need_reloc_mappable(struct i915_vma *vma)
720 struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
722 if (entry->relocation_count == 0)
725 if (!i915_vma_is_ggtt(vma))
728 /* See also use_cpu_reloc() */
729 if (HAS_LLC(vma->obj->base.dev))
732 if (vma->obj->base.write_domain == I915_GEM_DOMAIN_CPU)
739 eb_vma_misplaced(struct i915_vma *vma)
741 struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
742 struct drm_i915_gem_object *obj = vma->obj;
744 WARN_ON(entry->flags & __EXEC_OBJECT_NEEDS_MAP &&
745 !i915_vma_is_ggtt(vma));
747 if (entry->alignment &&
748 vma->node.start & (entry->alignment - 1))
751 if (vma->node.size < entry->pad_to_size)
754 if (entry->flags & EXEC_OBJECT_PINNED &&
755 vma->node.start != entry->offset)
758 if (entry->flags & __EXEC_OBJECT_NEEDS_BIAS &&
759 vma->node.start < BATCH_OFFSET_BIAS)
762 /* avoid costly ping-pong once a batch bo ended up non-mappable */
763 if (entry->flags & __EXEC_OBJECT_NEEDS_MAP && !obj->map_and_fenceable)
764 return !only_mappable_for_reloc(entry->flags);
766 if ((entry->flags & EXEC_OBJECT_SUPPORTS_48B_ADDRESS) == 0 &&
767 (vma->node.start + vma->node.size - 1) >> 32)
774 i915_gem_execbuffer_reserve(struct intel_engine_cs *engine,
775 struct list_head *vmas,
776 struct i915_gem_context *ctx,
779 struct drm_i915_gem_object *obj;
780 struct i915_vma *vma;
781 struct i915_address_space *vm;
782 struct list_head ordered_vmas;
783 struct list_head pinned_vmas;
784 bool has_fenced_gpu_access = INTEL_GEN(engine->i915) < 4;
787 vm = list_first_entry(vmas, struct i915_vma, exec_list)->vm;
789 INIT_LIST_HEAD(&ordered_vmas);
790 INIT_LIST_HEAD(&pinned_vmas);
791 while (!list_empty(vmas)) {
792 struct drm_i915_gem_exec_object2 *entry;
793 bool need_fence, need_mappable;
795 vma = list_first_entry(vmas, struct i915_vma, exec_list);
797 entry = vma->exec_entry;
799 if (ctx->flags & CONTEXT_NO_ZEROMAP)
800 entry->flags |= __EXEC_OBJECT_NEEDS_BIAS;
802 if (!has_fenced_gpu_access)
803 entry->flags &= ~EXEC_OBJECT_NEEDS_FENCE;
805 entry->flags & EXEC_OBJECT_NEEDS_FENCE &&
806 obj->tiling_mode != I915_TILING_NONE;
807 need_mappable = need_fence || need_reloc_mappable(vma);
809 if (entry->flags & EXEC_OBJECT_PINNED)
810 list_move_tail(&vma->exec_list, &pinned_vmas);
811 else if (need_mappable) {
812 entry->flags |= __EXEC_OBJECT_NEEDS_MAP;
813 list_move(&vma->exec_list, &ordered_vmas);
815 list_move_tail(&vma->exec_list, &ordered_vmas);
817 obj->base.pending_read_domains = I915_GEM_GPU_DOMAINS & ~I915_GEM_DOMAIN_COMMAND;
818 obj->base.pending_write_domain = 0;
820 list_splice(&ordered_vmas, vmas);
821 list_splice(&pinned_vmas, vmas);
823 /* Attempt to pin all of the buffers into the GTT.
824 * This is done in 3 phases:
826 * 1a. Unbind all objects that do not match the GTT constraints for
827 * the execbuffer (fenceable, mappable, alignment etc).
828 * 1b. Increment pin count for already bound objects.
829 * 2. Bind new objects.
830 * 3. Decrement pin count.
832 * This avoid unnecessary unbinding of later objects in order to make
833 * room for the earlier objects *unless* we need to defragment.
839 /* Unbind any ill-fitting objects or pin. */
840 list_for_each_entry(vma, vmas, exec_list) {
841 if (!drm_mm_node_allocated(&vma->node))
844 if (eb_vma_misplaced(vma))
845 ret = i915_vma_unbind(vma);
847 ret = i915_gem_execbuffer_reserve_vma(vma,
854 /* Bind fresh objects */
855 list_for_each_entry(vma, vmas, exec_list) {
856 if (drm_mm_node_allocated(&vma->node))
859 ret = i915_gem_execbuffer_reserve_vma(vma, engine,
866 if (ret != -ENOSPC || retry++)
869 /* Decrement pin count for bound objects */
870 list_for_each_entry(vma, vmas, exec_list)
871 i915_gem_execbuffer_unreserve_vma(vma);
873 ret = i915_gem_evict_vm(vm, true);
880 i915_gem_execbuffer_relocate_slow(struct drm_device *dev,
881 struct drm_i915_gem_execbuffer2 *args,
882 struct drm_file *file,
883 struct intel_engine_cs *engine,
885 struct drm_i915_gem_exec_object2 *exec,
886 struct i915_gem_context *ctx)
888 struct drm_i915_gem_relocation_entry *reloc;
889 struct i915_address_space *vm;
890 struct i915_vma *vma;
894 unsigned count = args->buffer_count;
896 vm = list_first_entry(&eb->vmas, struct i915_vma, exec_list)->vm;
898 /* We may process another execbuffer during the unlock... */
899 while (!list_empty(&eb->vmas)) {
900 vma = list_first_entry(&eb->vmas, struct i915_vma, exec_list);
901 list_del_init(&vma->exec_list);
902 i915_gem_execbuffer_unreserve_vma(vma);
903 i915_gem_object_put(vma->obj);
906 mutex_unlock(&dev->struct_mutex);
909 for (i = 0; i < count; i++)
910 total += exec[i].relocation_count;
912 reloc_offset = drm_malloc_ab(count, sizeof(*reloc_offset));
913 reloc = drm_malloc_ab(total, sizeof(*reloc));
914 if (reloc == NULL || reloc_offset == NULL) {
915 drm_free_large(reloc);
916 drm_free_large(reloc_offset);
917 mutex_lock(&dev->struct_mutex);
922 for (i = 0; i < count; i++) {
923 struct drm_i915_gem_relocation_entry __user *user_relocs;
924 u64 invalid_offset = (u64)-1;
927 user_relocs = u64_to_user_ptr(exec[i].relocs_ptr);
929 if (copy_from_user(reloc+total, user_relocs,
930 exec[i].relocation_count * sizeof(*reloc))) {
932 mutex_lock(&dev->struct_mutex);
936 /* As we do not update the known relocation offsets after
937 * relocating (due to the complexities in lock handling),
938 * we need to mark them as invalid now so that we force the
939 * relocation processing next time. Just in case the target
940 * object is evicted and then rebound into its old
941 * presumed_offset before the next execbuffer - if that
942 * happened we would make the mistake of assuming that the
943 * relocations were valid.
945 for (j = 0; j < exec[i].relocation_count; j++) {
946 if (__copy_to_user(&user_relocs[j].presumed_offset,
948 sizeof(invalid_offset))) {
950 mutex_lock(&dev->struct_mutex);
955 reloc_offset[i] = total;
956 total += exec[i].relocation_count;
959 ret = i915_mutex_lock_interruptible(dev);
961 mutex_lock(&dev->struct_mutex);
965 /* reacquire the objects */
967 ret = eb_lookup_vmas(eb, exec, args, vm, file);
971 need_relocs = (args->flags & I915_EXEC_NO_RELOC) == 0;
972 ret = i915_gem_execbuffer_reserve(engine, &eb->vmas, ctx,
977 list_for_each_entry(vma, &eb->vmas, exec_list) {
978 int offset = vma->exec_entry - exec;
979 ret = i915_gem_execbuffer_relocate_vma_slow(vma, eb,
980 reloc + reloc_offset[offset]);
985 /* Leave the user relocations as are, this is the painfully slow path,
986 * and we want to avoid the complication of dropping the lock whilst
987 * having buffers reserved in the aperture and so causing spurious
988 * ENOSPC for random operations.
992 drm_free_large(reloc);
993 drm_free_large(reloc_offset);
997 static unsigned int eb_other_engines(struct drm_i915_gem_request *req)
1001 mask = ~intel_engine_flag(req->engine) & I915_BO_ACTIVE_MASK;
1002 mask <<= I915_BO_ACTIVE_SHIFT;
1008 i915_gem_execbuffer_move_to_gpu(struct drm_i915_gem_request *req,
1009 struct list_head *vmas)
1011 const unsigned int other_rings = eb_other_engines(req);
1012 struct i915_vma *vma;
1013 uint32_t flush_domains = 0;
1014 bool flush_chipset = false;
1017 list_for_each_entry(vma, vmas, exec_list) {
1018 struct drm_i915_gem_object *obj = vma->obj;
1020 if (obj->flags & other_rings) {
1021 ret = i915_gem_object_sync(obj, req);
1026 if (obj->base.write_domain & I915_GEM_DOMAIN_CPU)
1027 flush_chipset |= i915_gem_clflush_object(obj, false);
1029 flush_domains |= obj->base.write_domain;
1033 i915_gem_chipset_flush(req->engine->i915);
1035 if (flush_domains & I915_GEM_DOMAIN_GTT)
1038 /* Unconditionally invalidate GPU caches and TLBs. */
1039 return req->engine->emit_flush(req, EMIT_INVALIDATE);
1043 i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec)
1045 if (exec->flags & __I915_EXEC_UNKNOWN_FLAGS)
1048 /* Kernel clipping was a DRI1 misfeature */
1049 if (exec->num_cliprects || exec->cliprects_ptr)
1052 if (exec->DR4 == 0xffffffff) {
1053 DRM_DEBUG("UXA submitting garbage DR4, fixing up\n");
1056 if (exec->DR1 || exec->DR4)
1059 if ((exec->batch_start_offset | exec->batch_len) & 0x7)
1066 validate_exec_list(struct drm_device *dev,
1067 struct drm_i915_gem_exec_object2 *exec,
1070 unsigned relocs_total = 0;
1071 unsigned relocs_max = UINT_MAX / sizeof(struct drm_i915_gem_relocation_entry);
1072 unsigned invalid_flags;
1075 /* INTERNAL flags must not overlap with external ones */
1076 BUILD_BUG_ON(__EXEC_OBJECT_INTERNAL_FLAGS & ~__EXEC_OBJECT_UNKNOWN_FLAGS);
1078 invalid_flags = __EXEC_OBJECT_UNKNOWN_FLAGS;
1079 if (USES_FULL_PPGTT(dev))
1080 invalid_flags |= EXEC_OBJECT_NEEDS_GTT;
1082 for (i = 0; i < count; i++) {
1083 char __user *ptr = u64_to_user_ptr(exec[i].relocs_ptr);
1084 int length; /* limited by fault_in_pages_readable() */
1086 if (exec[i].flags & invalid_flags)
1089 /* Offset can be used as input (EXEC_OBJECT_PINNED), reject
1090 * any non-page-aligned or non-canonical addresses.
1092 if (exec[i].flags & EXEC_OBJECT_PINNED) {
1093 if (exec[i].offset !=
1094 gen8_canonical_addr(exec[i].offset & PAGE_MASK))
1097 /* From drm_mm perspective address space is continuous,
1098 * so from this point we're always using non-canonical
1101 exec[i].offset = gen8_noncanonical_addr(exec[i].offset);
1104 if (exec[i].alignment && !is_power_of_2(exec[i].alignment))
1107 /* pad_to_size was once a reserved field, so sanitize it */
1108 if (exec[i].flags & EXEC_OBJECT_PAD_TO_SIZE) {
1109 if (offset_in_page(exec[i].pad_to_size))
1112 exec[i].pad_to_size = 0;
1115 /* First check for malicious input causing overflow in
1116 * the worst case where we need to allocate the entire
1117 * relocation tree as a single array.
1119 if (exec[i].relocation_count > relocs_max - relocs_total)
1121 relocs_total += exec[i].relocation_count;
1123 length = exec[i].relocation_count *
1124 sizeof(struct drm_i915_gem_relocation_entry);
1126 * We must check that the entire relocation array is safe
1127 * to read, but since we may need to update the presumed
1128 * offsets during execution, check for full write access.
1130 if (!access_ok(VERIFY_WRITE, ptr, length))
1133 if (likely(!i915.prefault_disable)) {
1134 if (fault_in_multipages_readable(ptr, length))
1142 static struct i915_gem_context *
1143 i915_gem_validate_context(struct drm_device *dev, struct drm_file *file,
1144 struct intel_engine_cs *engine, const u32 ctx_id)
1146 struct i915_gem_context *ctx = NULL;
1147 struct i915_ctx_hang_stats *hs;
1149 if (engine->id != RCS && ctx_id != DEFAULT_CONTEXT_HANDLE)
1150 return ERR_PTR(-EINVAL);
1152 ctx = i915_gem_context_lookup(file->driver_priv, ctx_id);
1156 hs = &ctx->hang_stats;
1158 DRM_DEBUG("Context %u tried to submit while banned\n", ctx_id);
1159 return ERR_PTR(-EIO);
1165 void i915_vma_move_to_active(struct i915_vma *vma,
1166 struct drm_i915_gem_request *req,
1169 struct drm_i915_gem_object *obj = vma->obj;
1170 const unsigned int idx = req->engine->id;
1172 GEM_BUG_ON(!drm_mm_node_allocated(&vma->node));
1174 obj->dirty = 1; /* be paranoid */
1176 /* Add a reference if we're newly entering the active list.
1177 * The order in which we add operations to the retirement queue is
1178 * vital here: mark_active adds to the start of the callback list,
1179 * such that subsequent callbacks are called first. Therefore we
1180 * add the active reference first and queue for it to be dropped
1183 if (!i915_gem_object_is_active(obj))
1184 i915_gem_object_get(obj);
1185 i915_gem_object_set_active(obj, idx);
1186 i915_gem_active_set(&obj->last_read[idx], req);
1188 if (flags & EXEC_OBJECT_WRITE) {
1189 i915_gem_active_set(&obj->last_write, req);
1191 intel_fb_obj_invalidate(obj, ORIGIN_CS);
1193 /* update for the implicit flush after a batch */
1194 obj->base.write_domain &= ~I915_GEM_GPU_DOMAINS;
1197 if (flags & EXEC_OBJECT_NEEDS_FENCE) {
1198 i915_gem_active_set(&obj->last_fence, req);
1199 if (flags & __EXEC_OBJECT_HAS_FENCE) {
1200 struct drm_i915_private *dev_priv = req->i915;
1202 list_move_tail(&dev_priv->fence_regs[obj->fence_reg].lru_list,
1203 &dev_priv->mm.fence_list);
1207 i915_vma_set_active(vma, idx);
1208 i915_gem_active_set(&vma->last_read[idx], req);
1209 list_move_tail(&vma->vm_link, &vma->vm->active_list);
1212 static void eb_export_fence(struct drm_i915_gem_object *obj,
1213 struct drm_i915_gem_request *req,
1216 struct reservation_object *resv;
1218 resv = i915_gem_object_get_dmabuf_resv(obj);
1222 /* Ignore errors from failing to allocate the new fence, we can't
1223 * handle an error right now. Worst case should be missed
1224 * synchronisation leading to rendering corruption.
1226 ww_mutex_lock(&resv->lock, NULL);
1227 if (flags & EXEC_OBJECT_WRITE)
1228 reservation_object_add_excl_fence(resv, &req->fence);
1229 else if (reservation_object_reserve_shared(resv) == 0)
1230 reservation_object_add_shared_fence(resv, &req->fence);
1231 ww_mutex_unlock(&resv->lock);
1235 i915_gem_execbuffer_move_to_active(struct list_head *vmas,
1236 struct drm_i915_gem_request *req)
1238 struct i915_vma *vma;
1240 list_for_each_entry(vma, vmas, exec_list) {
1241 struct drm_i915_gem_object *obj = vma->obj;
1242 u32 old_read = obj->base.read_domains;
1243 u32 old_write = obj->base.write_domain;
1245 obj->base.write_domain = obj->base.pending_write_domain;
1246 if (obj->base.write_domain)
1247 vma->exec_entry->flags |= EXEC_OBJECT_WRITE;
1249 obj->base.pending_read_domains |= obj->base.read_domains;
1250 obj->base.read_domains = obj->base.pending_read_domains;
1252 i915_vma_move_to_active(vma, req, vma->exec_entry->flags);
1253 eb_export_fence(obj, req, vma->exec_entry->flags);
1254 trace_i915_gem_object_change_domain(obj, old_read, old_write);
1259 i915_reset_gen7_sol_offsets(struct drm_i915_gem_request *req)
1261 struct intel_ring *ring = req->ring;
1264 if (!IS_GEN7(req->i915) || req->engine->id != RCS) {
1265 DRM_DEBUG("sol reset is gen7/rcs only\n");
1269 ret = intel_ring_begin(req, 4 * 3);
1273 for (i = 0; i < 4; i++) {
1274 intel_ring_emit(ring, MI_LOAD_REGISTER_IMM(1));
1275 intel_ring_emit_reg(ring, GEN7_SO_WRITE_OFFSET(i));
1276 intel_ring_emit(ring, 0);
1279 intel_ring_advance(ring);
1284 static struct i915_vma*
1285 i915_gem_execbuffer_parse(struct intel_engine_cs *engine,
1286 struct drm_i915_gem_exec_object2 *shadow_exec_entry,
1287 struct drm_i915_gem_object *batch_obj,
1289 u32 batch_start_offset,
1293 struct drm_i915_gem_object *shadow_batch_obj;
1294 struct i915_vma *vma;
1297 shadow_batch_obj = i915_gem_batch_pool_get(&engine->batch_pool,
1298 PAGE_ALIGN(batch_len));
1299 if (IS_ERR(shadow_batch_obj))
1300 return ERR_CAST(shadow_batch_obj);
1302 ret = intel_engine_cmd_parser(engine,
1311 ret = i915_gem_object_ggtt_pin(shadow_batch_obj, NULL, 0, 0, 0);
1315 i915_gem_object_unpin_pages(shadow_batch_obj);
1317 memset(shadow_exec_entry, 0, sizeof(*shadow_exec_entry));
1319 vma = i915_gem_obj_to_ggtt(shadow_batch_obj);
1320 vma->exec_entry = shadow_exec_entry;
1321 vma->exec_entry->flags = __EXEC_OBJECT_HAS_PIN;
1322 i915_gem_object_get(shadow_batch_obj);
1323 list_add_tail(&vma->exec_list, &eb->vmas);
1328 i915_gem_object_unpin_pages(shadow_batch_obj);
1329 if (ret == -EACCES) /* unhandled chained batch */
1332 return ERR_PTR(ret);
1336 execbuf_submit(struct i915_execbuffer_params *params,
1337 struct drm_i915_gem_execbuffer2 *args,
1338 struct list_head *vmas)
1340 struct drm_i915_private *dev_priv = params->request->i915;
1341 u64 exec_start, exec_len;
1346 ret = i915_gem_execbuffer_move_to_gpu(params->request, vmas);
1350 ret = i915_switch_context(params->request);
1354 instp_mode = args->flags & I915_EXEC_CONSTANTS_MASK;
1355 instp_mask = I915_EXEC_CONSTANTS_MASK;
1356 switch (instp_mode) {
1357 case I915_EXEC_CONSTANTS_REL_GENERAL:
1358 case I915_EXEC_CONSTANTS_ABSOLUTE:
1359 case I915_EXEC_CONSTANTS_REL_SURFACE:
1360 if (instp_mode != 0 && params->engine->id != RCS) {
1361 DRM_DEBUG("non-0 rel constants mode on non-RCS\n");
1365 if (instp_mode != dev_priv->relative_constants_mode) {
1366 if (INTEL_INFO(dev_priv)->gen < 4) {
1367 DRM_DEBUG("no rel constants on pre-gen4\n");
1371 if (INTEL_INFO(dev_priv)->gen > 5 &&
1372 instp_mode == I915_EXEC_CONSTANTS_REL_SURFACE) {
1373 DRM_DEBUG("rel surface constants mode invalid on gen5+\n");
1377 /* The HW changed the meaning on this bit on gen6 */
1378 if (INTEL_INFO(dev_priv)->gen >= 6)
1379 instp_mask &= ~I915_EXEC_CONSTANTS_REL_SURFACE;
1383 DRM_DEBUG("execbuf with unknown constants: %d\n", instp_mode);
1387 if (params->engine->id == RCS &&
1388 instp_mode != dev_priv->relative_constants_mode) {
1389 struct intel_ring *ring = params->request->ring;
1391 ret = intel_ring_begin(params->request, 4);
1395 intel_ring_emit(ring, MI_NOOP);
1396 intel_ring_emit(ring, MI_LOAD_REGISTER_IMM(1));
1397 intel_ring_emit_reg(ring, INSTPM);
1398 intel_ring_emit(ring, instp_mask << 16 | instp_mode);
1399 intel_ring_advance(ring);
1401 dev_priv->relative_constants_mode = instp_mode;
1404 if (args->flags & I915_EXEC_GEN7_SOL_RESET) {
1405 ret = i915_reset_gen7_sol_offsets(params->request);
1410 exec_len = args->batch_len;
1411 exec_start = params->batch->node.start +
1412 params->args_batch_start_offset;
1415 exec_len = params->batch->size;
1417 ret = params->engine->emit_bb_start(params->request,
1418 exec_start, exec_len,
1419 params->dispatch_flags);
1423 trace_i915_gem_ring_dispatch(params->request, params->dispatch_flags);
1425 i915_gem_execbuffer_move_to_active(vmas, params->request);
1431 * Find one BSD ring to dispatch the corresponding BSD command.
1432 * The engine index is returned.
1435 gen8_dispatch_bsd_engine(struct drm_i915_private *dev_priv,
1436 struct drm_file *file)
1438 struct drm_i915_file_private *file_priv = file->driver_priv;
1440 /* Check whether the file_priv has already selected one ring. */
1441 if ((int)file_priv->bsd_engine < 0) {
1442 /* If not, use the ping-pong mechanism to select one. */
1443 mutex_lock(&dev_priv->drm.struct_mutex);
1444 file_priv->bsd_engine = dev_priv->mm.bsd_engine_dispatch_index;
1445 dev_priv->mm.bsd_engine_dispatch_index ^= 1;
1446 mutex_unlock(&dev_priv->drm.struct_mutex);
1449 return file_priv->bsd_engine;
1452 #define I915_USER_RINGS (4)
1454 static const enum intel_engine_id user_ring_map[I915_USER_RINGS + 1] = {
1455 [I915_EXEC_DEFAULT] = RCS,
1456 [I915_EXEC_RENDER] = RCS,
1457 [I915_EXEC_BLT] = BCS,
1458 [I915_EXEC_BSD] = VCS,
1459 [I915_EXEC_VEBOX] = VECS
1462 static struct intel_engine_cs *
1463 eb_select_engine(struct drm_i915_private *dev_priv,
1464 struct drm_file *file,
1465 struct drm_i915_gem_execbuffer2 *args)
1467 unsigned int user_ring_id = args->flags & I915_EXEC_RING_MASK;
1468 struct intel_engine_cs *engine;
1470 if (user_ring_id > I915_USER_RINGS) {
1471 DRM_DEBUG("execbuf with unknown ring: %u\n", user_ring_id);
1475 if ((user_ring_id != I915_EXEC_BSD) &&
1476 ((args->flags & I915_EXEC_BSD_MASK) != 0)) {
1477 DRM_DEBUG("execbuf with non bsd ring but with invalid "
1478 "bsd dispatch flags: %d\n", (int)(args->flags));
1482 if (user_ring_id == I915_EXEC_BSD && HAS_BSD2(dev_priv)) {
1483 unsigned int bsd_idx = args->flags & I915_EXEC_BSD_MASK;
1485 if (bsd_idx == I915_EXEC_BSD_DEFAULT) {
1486 bsd_idx = gen8_dispatch_bsd_engine(dev_priv, file);
1487 } else if (bsd_idx >= I915_EXEC_BSD_RING1 &&
1488 bsd_idx <= I915_EXEC_BSD_RING2) {
1489 bsd_idx >>= I915_EXEC_BSD_SHIFT;
1492 DRM_DEBUG("execbuf with unknown bsd ring: %u\n",
1497 engine = &dev_priv->engine[_VCS(bsd_idx)];
1499 engine = &dev_priv->engine[user_ring_map[user_ring_id]];
1502 if (!intel_engine_initialized(engine)) {
1503 DRM_DEBUG("execbuf with invalid ring: %u\n", user_ring_id);
1511 i915_gem_do_execbuffer(struct drm_device *dev, void *data,
1512 struct drm_file *file,
1513 struct drm_i915_gem_execbuffer2 *args,
1514 struct drm_i915_gem_exec_object2 *exec)
1516 struct drm_i915_private *dev_priv = to_i915(dev);
1517 struct i915_ggtt *ggtt = &dev_priv->ggtt;
1519 struct drm_i915_gem_exec_object2 shadow_exec_entry;
1520 struct intel_engine_cs *engine;
1521 struct i915_gem_context *ctx;
1522 struct i915_address_space *vm;
1523 struct i915_execbuffer_params params_master; /* XXX: will be removed later */
1524 struct i915_execbuffer_params *params = ¶ms_master;
1525 const u32 ctx_id = i915_execbuffer2_get_context_id(*args);
1530 if (!i915_gem_check_execbuffer(args))
1533 ret = validate_exec_list(dev, exec, args->buffer_count);
1538 if (args->flags & I915_EXEC_SECURE) {
1539 if (!drm_is_current_master(file) || !capable(CAP_SYS_ADMIN))
1542 dispatch_flags |= I915_DISPATCH_SECURE;
1544 if (args->flags & I915_EXEC_IS_PINNED)
1545 dispatch_flags |= I915_DISPATCH_PINNED;
1547 engine = eb_select_engine(dev_priv, file, args);
1551 if (args->buffer_count < 1) {
1552 DRM_DEBUG("execbuf with %d buffers\n", args->buffer_count);
1556 if (args->flags & I915_EXEC_RESOURCE_STREAMER) {
1557 if (!HAS_RESOURCE_STREAMER(dev)) {
1558 DRM_DEBUG("RS is only allowed for Haswell, Gen8 and above\n");
1561 if (engine->id != RCS) {
1562 DRM_DEBUG("RS is not available on %s\n",
1567 dispatch_flags |= I915_DISPATCH_RS;
1570 /* Take a local wakeref for preparing to dispatch the execbuf as
1571 * we expect to access the hardware fairly frequently in the
1572 * process. Upon first dispatch, we acquire another prolonged
1573 * wakeref that we hold until the GPU has been idle for at least
1576 intel_runtime_pm_get(dev_priv);
1578 ret = i915_mutex_lock_interruptible(dev);
1582 ctx = i915_gem_validate_context(dev, file, engine, ctx_id);
1584 mutex_unlock(&dev->struct_mutex);
1589 i915_gem_context_get(ctx);
1592 vm = &ctx->ppgtt->base;
1596 memset(¶ms_master, 0x00, sizeof(params_master));
1598 eb = eb_create(args);
1600 i915_gem_context_put(ctx);
1601 mutex_unlock(&dev->struct_mutex);
1606 /* Look up object handles */
1607 ret = eb_lookup_vmas(eb, exec, args, vm, file);
1611 /* take note of the batch buffer before we might reorder the lists */
1612 params->batch = eb_get_batch(eb);
1614 /* Move the objects en-masse into the GTT, evicting if necessary. */
1615 need_relocs = (args->flags & I915_EXEC_NO_RELOC) == 0;
1616 ret = i915_gem_execbuffer_reserve(engine, &eb->vmas, ctx,
1621 /* The objects are in their final locations, apply the relocations. */
1623 ret = i915_gem_execbuffer_relocate(eb);
1625 if (ret == -EFAULT) {
1626 ret = i915_gem_execbuffer_relocate_slow(dev, args, file,
1629 BUG_ON(!mutex_is_locked(&dev->struct_mutex));
1635 /* Set the pending read domains for the batch buffer to COMMAND */
1636 if (params->batch->obj->base.pending_write_domain) {
1637 DRM_DEBUG("Attempting to use self-modifying batch buffer\n");
1642 params->args_batch_start_offset = args->batch_start_offset;
1643 if (intel_engine_needs_cmd_parser(engine) && args->batch_len) {
1644 struct i915_vma *vma;
1646 vma = i915_gem_execbuffer_parse(engine, &shadow_exec_entry,
1649 args->batch_start_offset,
1651 drm_is_current_master(file));
1659 * Batch parsed and accepted:
1661 * Set the DISPATCH_SECURE bit to remove the NON_SECURE
1662 * bit from MI_BATCH_BUFFER_START commands issued in
1663 * the dispatch_execbuffer implementations. We
1664 * specifically don't want that set on batches the
1665 * command parser has accepted.
1667 dispatch_flags |= I915_DISPATCH_SECURE;
1668 params->args_batch_start_offset = 0;
1669 params->batch = vma;
1673 params->batch->obj->base.pending_read_domains |= I915_GEM_DOMAIN_COMMAND;
1675 /* snb/ivb/vlv conflate the "batch in ppgtt" bit with the "non-secure
1676 * batch" bit. Hence we need to pin secure batches into the global gtt.
1677 * hsw should have this fixed, but bdw mucks it up again. */
1678 if (dispatch_flags & I915_DISPATCH_SECURE) {
1679 struct drm_i915_gem_object *obj = params->batch->obj;
1682 * So on first glance it looks freaky that we pin the batch here
1683 * outside of the reservation loop. But:
1684 * - The batch is already pinned into the relevant ppgtt, so we
1685 * already have the backing storage fully allocated.
1686 * - No other BO uses the global gtt (well contexts, but meh),
1687 * so we don't really have issues with multiple objects not
1688 * fitting due to fragmentation.
1689 * So this is actually safe.
1691 ret = i915_gem_object_ggtt_pin(obj, NULL, 0, 0, 0);
1695 params->batch = i915_gem_obj_to_ggtt(obj);
1698 /* Allocate a request for this batch buffer nice and early. */
1699 params->request = i915_gem_request_alloc(engine, ctx);
1700 if (IS_ERR(params->request)) {
1701 ret = PTR_ERR(params->request);
1702 goto err_batch_unpin;
1705 ret = i915_gem_request_add_to_client(params->request, file);
1710 * Save assorted stuff away to pass through to *_submission().
1711 * NB: This data should be 'persistent' and not local as it will
1712 * kept around beyond the duration of the IOCTL once the GPU
1713 * scheduler arrives.
1716 params->file = file;
1717 params->engine = engine;
1718 params->dispatch_flags = dispatch_flags;
1721 ret = execbuf_submit(params, args, &eb->vmas);
1723 __i915_add_request(params->request, params->batch->obj, ret == 0);
1727 * FIXME: We crucially rely upon the active tracking for the (ppgtt)
1728 * batch vma for correctness. For less ugly and less fragility this
1729 * needs to be adjusted to also track the ggtt batch vma properly as
1732 if (dispatch_flags & I915_DISPATCH_SECURE)
1733 i915_vma_unpin(params->batch);
1735 /* the request owns the ref now */
1736 i915_gem_context_put(ctx);
1739 mutex_unlock(&dev->struct_mutex);
1742 /* intel_gpu_busy should also get a ref, so it will free when the device
1743 * is really idle. */
1744 intel_runtime_pm_put(dev_priv);
1749 * Legacy execbuffer just creates an exec2 list from the original exec object
1750 * list array and passes it to the real function.
1753 i915_gem_execbuffer(struct drm_device *dev, void *data,
1754 struct drm_file *file)
1756 struct drm_i915_gem_execbuffer *args = data;
1757 struct drm_i915_gem_execbuffer2 exec2;
1758 struct drm_i915_gem_exec_object *exec_list = NULL;
1759 struct drm_i915_gem_exec_object2 *exec2_list = NULL;
1762 if (args->buffer_count < 1) {
1763 DRM_DEBUG("execbuf with %d buffers\n", args->buffer_count);
1767 /* Copy in the exec list from userland */
1768 exec_list = drm_malloc_ab(sizeof(*exec_list), args->buffer_count);
1769 exec2_list = drm_malloc_ab(sizeof(*exec2_list), args->buffer_count);
1770 if (exec_list == NULL || exec2_list == NULL) {
1771 DRM_DEBUG("Failed to allocate exec list for %d buffers\n",
1772 args->buffer_count);
1773 drm_free_large(exec_list);
1774 drm_free_large(exec2_list);
1777 ret = copy_from_user(exec_list,
1778 u64_to_user_ptr(args->buffers_ptr),
1779 sizeof(*exec_list) * args->buffer_count);
1781 DRM_DEBUG("copy %d exec entries failed %d\n",
1782 args->buffer_count, ret);
1783 drm_free_large(exec_list);
1784 drm_free_large(exec2_list);
1788 for (i = 0; i < args->buffer_count; i++) {
1789 exec2_list[i].handle = exec_list[i].handle;
1790 exec2_list[i].relocation_count = exec_list[i].relocation_count;
1791 exec2_list[i].relocs_ptr = exec_list[i].relocs_ptr;
1792 exec2_list[i].alignment = exec_list[i].alignment;
1793 exec2_list[i].offset = exec_list[i].offset;
1794 if (INTEL_INFO(dev)->gen < 4)
1795 exec2_list[i].flags = EXEC_OBJECT_NEEDS_FENCE;
1797 exec2_list[i].flags = 0;
1800 exec2.buffers_ptr = args->buffers_ptr;
1801 exec2.buffer_count = args->buffer_count;
1802 exec2.batch_start_offset = args->batch_start_offset;
1803 exec2.batch_len = args->batch_len;
1804 exec2.DR1 = args->DR1;
1805 exec2.DR4 = args->DR4;
1806 exec2.num_cliprects = args->num_cliprects;
1807 exec2.cliprects_ptr = args->cliprects_ptr;
1808 exec2.flags = I915_EXEC_RENDER;
1809 i915_execbuffer2_set_context_id(exec2, 0);
1811 ret = i915_gem_do_execbuffer(dev, data, file, &exec2, exec2_list);
1813 struct drm_i915_gem_exec_object __user *user_exec_list =
1814 u64_to_user_ptr(args->buffers_ptr);
1816 /* Copy the new buffer offsets back to the user's exec list. */
1817 for (i = 0; i < args->buffer_count; i++) {
1818 exec2_list[i].offset =
1819 gen8_canonical_addr(exec2_list[i].offset);
1820 ret = __copy_to_user(&user_exec_list[i].offset,
1821 &exec2_list[i].offset,
1822 sizeof(user_exec_list[i].offset));
1825 DRM_DEBUG("failed to copy %d exec entries "
1826 "back to user (%d)\n",
1827 args->buffer_count, ret);
1833 drm_free_large(exec_list);
1834 drm_free_large(exec2_list);
1839 i915_gem_execbuffer2(struct drm_device *dev, void *data,
1840 struct drm_file *file)
1842 struct drm_i915_gem_execbuffer2 *args = data;
1843 struct drm_i915_gem_exec_object2 *exec2_list = NULL;
1846 if (args->buffer_count < 1 ||
1847 args->buffer_count > UINT_MAX / sizeof(*exec2_list)) {
1848 DRM_DEBUG("execbuf2 with %d buffers\n", args->buffer_count);
1852 if (args->rsvd2 != 0) {
1853 DRM_DEBUG("dirty rvsd2 field\n");
1857 exec2_list = drm_malloc_gfp(args->buffer_count,
1858 sizeof(*exec2_list),
1860 if (exec2_list == NULL) {
1861 DRM_DEBUG("Failed to allocate exec list for %d buffers\n",
1862 args->buffer_count);
1865 ret = copy_from_user(exec2_list,
1866 u64_to_user_ptr(args->buffers_ptr),
1867 sizeof(*exec2_list) * args->buffer_count);
1869 DRM_DEBUG("copy %d exec entries failed %d\n",
1870 args->buffer_count, ret);
1871 drm_free_large(exec2_list);
1875 ret = i915_gem_do_execbuffer(dev, data, file, args, exec2_list);
1877 /* Copy the new buffer offsets back to the user's exec list. */
1878 struct drm_i915_gem_exec_object2 __user *user_exec_list =
1879 u64_to_user_ptr(args->buffers_ptr);
1882 for (i = 0; i < args->buffer_count; i++) {
1883 exec2_list[i].offset =
1884 gen8_canonical_addr(exec2_list[i].offset);
1885 ret = __copy_to_user(&user_exec_list[i].offset,
1886 &exec2_list[i].offset,
1887 sizeof(user_exec_list[i].offset));
1890 DRM_DEBUG("failed to copy %d exec entries "
1892 args->buffer_count);
1898 drm_free_large(exec2_list);
projects / cascardo / linux.git / blob