2 * Copyright (C) 2010-2012 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published
7 * by the Free Software Foundation.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 #include <linux/mmu_notifier.h>
20 #include <linux/amd-iommu.h>
21 #include <linux/mm_types.h>
22 #include <linux/profile.h>
23 #include <linux/module.h>
24 #include <linux/sched.h>
25 #include <linux/iommu.h>
26 #include <linux/wait.h>
27 #include <linux/pci.h>
28 #include <linux/gfp.h>
30 #include "amd_iommu_types.h"
31 #include "amd_iommu_proto.h"
33 MODULE_LICENSE("GPL v2");
34 MODULE_AUTHOR("Joerg Roedel <joerg.roedel@amd.com>");
36 #define MAX_DEVICES 0x10000
37 #define PRI_QUEUE_SIZE 512
46 struct list_head list; /* For global state-list */
47 atomic_t count; /* Reference count */
48 unsigned mmu_notifier_count; /* Counting nested mmu_notifier
50 struct mm_struct *mm; /* mm_struct for the faults */
51 struct mmu_notifier mn; /* mmu_notifier handle */
52 struct pri_queue pri[PRI_QUEUE_SIZE]; /* PRI tag states */
53 struct device_state *device_state; /* Link to our device_state */
54 int pasid; /* PASID index */
55 bool invalid; /* Used during setup and
56 teardown of the pasid */
57 spinlock_t lock; /* Protect pri_queues and
59 wait_queue_head_t wq; /* To wait for count == 0 */
63 struct list_head list;
67 struct pasid_state **states;
68 struct iommu_domain *domain;
71 amd_iommu_invalid_ppr_cb inv_ppr_cb;
72 amd_iommu_invalidate_ctx inv_ctx_cb;
78 struct work_struct work;
79 struct device_state *dev_state;
80 struct pasid_state *state;
90 static LIST_HEAD(state_list);
91 static spinlock_t state_lock;
93 static struct workqueue_struct *iommu_wq;
96 * Empty page table - Used between
97 * mmu_notifier_invalidate_range_start and
98 * mmu_notifier_invalidate_range_end
100 static u64 *empty_page_table;
102 static void free_pasid_states(struct device_state *dev_state);
104 static u16 device_id(struct pci_dev *pdev)
108 devid = pdev->bus->number;
109 devid = (devid << 8) | pdev->devfn;
114 static struct device_state *__get_device_state(u16 devid)
116 struct device_state *dev_state;
118 list_for_each_entry(dev_state, &state_list, list) {
119 if (dev_state->devid == devid)
126 static struct device_state *get_device_state(u16 devid)
128 struct device_state *dev_state;
131 spin_lock_irqsave(&state_lock, flags);
132 dev_state = __get_device_state(devid);
133 if (dev_state != NULL)
134 atomic_inc(&dev_state->count);
135 spin_unlock_irqrestore(&state_lock, flags);
140 static void free_device_state(struct device_state *dev_state)
143 * First detach device from domain - No more PRI requests will arrive
144 * from that device after it is unbound from the IOMMUv2 domain.
146 iommu_detach_device(dev_state->domain, &dev_state->pdev->dev);
148 /* Everything is down now, free the IOMMUv2 domain */
149 iommu_domain_free(dev_state->domain);
151 /* Finally get rid of the device-state */
155 static void put_device_state(struct device_state *dev_state)
157 if (atomic_dec_and_test(&dev_state->count))
158 wake_up(&dev_state->wq);
161 static void put_device_state_wait(struct device_state *dev_state)
165 prepare_to_wait(&dev_state->wq, &wait, TASK_UNINTERRUPTIBLE);
166 if (!atomic_dec_and_test(&dev_state->count))
168 finish_wait(&dev_state->wq, &wait);
170 free_device_state(dev_state);
173 /* Must be called under dev_state->lock */
174 static struct pasid_state **__get_pasid_state_ptr(struct device_state *dev_state,
175 int pasid, bool alloc)
177 struct pasid_state **root, **ptr;
180 level = dev_state->pasid_levels;
181 root = dev_state->states;
185 index = (pasid >> (9 * level)) & 0x1ff;
195 *ptr = (void *)get_zeroed_page(GFP_ATOMIC);
200 root = (struct pasid_state **)*ptr;
207 static int set_pasid_state(struct device_state *dev_state,
208 struct pasid_state *pasid_state,
211 struct pasid_state **ptr;
215 spin_lock_irqsave(&dev_state->lock, flags);
216 ptr = __get_pasid_state_ptr(dev_state, pasid, true);
231 spin_unlock_irqrestore(&dev_state->lock, flags);
236 static void clear_pasid_state(struct device_state *dev_state, int pasid)
238 struct pasid_state **ptr;
241 spin_lock_irqsave(&dev_state->lock, flags);
242 ptr = __get_pasid_state_ptr(dev_state, pasid, true);
250 spin_unlock_irqrestore(&dev_state->lock, flags);
253 static struct pasid_state *get_pasid_state(struct device_state *dev_state,
256 struct pasid_state **ptr, *ret = NULL;
259 spin_lock_irqsave(&dev_state->lock, flags);
260 ptr = __get_pasid_state_ptr(dev_state, pasid, false);
267 atomic_inc(&ret->count);
270 spin_unlock_irqrestore(&dev_state->lock, flags);
275 static void free_pasid_state(struct pasid_state *pasid_state)
280 static void put_pasid_state(struct pasid_state *pasid_state)
282 if (atomic_dec_and_test(&pasid_state->count)) {
283 put_device_state(pasid_state->device_state);
284 wake_up(&pasid_state->wq);
288 static void put_pasid_state_wait(struct pasid_state *pasid_state)
292 prepare_to_wait(&pasid_state->wq, &wait, TASK_UNINTERRUPTIBLE);
294 if (atomic_dec_and_test(&pasid_state->count))
295 put_device_state(pasid_state->device_state);
299 finish_wait(&pasid_state->wq, &wait);
300 free_pasid_state(pasid_state);
303 static void unbind_pasid(struct pasid_state *pasid_state)
305 struct iommu_domain *domain;
307 domain = pasid_state->device_state->domain;
310 * Mark pasid_state as invalid, no more faults will we added to the
311 * work queue after this is visible everywhere.
313 pasid_state->invalid = true;
315 /* Make sure this is visible */
318 /* After this the device/pasid can't access the mm anymore */
319 amd_iommu_domain_clear_gcr3(domain, pasid_state->pasid);
321 /* Make sure no more pending faults are in the queue */
322 flush_workqueue(iommu_wq);
325 static void free_pasid_states_level1(struct pasid_state **tbl)
329 for (i = 0; i < 512; ++i) {
333 free_page((unsigned long)tbl[i]);
337 static void free_pasid_states_level2(struct pasid_state **tbl)
339 struct pasid_state **ptr;
342 for (i = 0; i < 512; ++i) {
346 ptr = (struct pasid_state **)tbl[i];
347 free_pasid_states_level1(ptr);
351 static void free_pasid_states(struct device_state *dev_state)
353 struct pasid_state *pasid_state;
356 for (i = 0; i < dev_state->max_pasids; ++i) {
357 pasid_state = get_pasid_state(dev_state, i);
358 if (pasid_state == NULL)
361 put_pasid_state(pasid_state);
364 * This will call the mn_release function and
367 mmu_notifier_unregister(&pasid_state->mn, pasid_state->mm);
369 put_pasid_state_wait(pasid_state); /* Reference taken in
370 amd_iommu_bind_pasid */
372 /* Drop reference taken in amd_iommu_bind_pasid */
373 put_device_state(dev_state);
376 if (dev_state->pasid_levels == 2)
377 free_pasid_states_level2(dev_state->states);
378 else if (dev_state->pasid_levels == 1)
379 free_pasid_states_level1(dev_state->states);
380 else if (dev_state->pasid_levels != 0)
383 free_page((unsigned long)dev_state->states);
386 static struct pasid_state *mn_to_state(struct mmu_notifier *mn)
388 return container_of(mn, struct pasid_state, mn);
391 static void __mn_flush_page(struct mmu_notifier *mn,
392 unsigned long address)
394 struct pasid_state *pasid_state;
395 struct device_state *dev_state;
397 pasid_state = mn_to_state(mn);
398 dev_state = pasid_state->device_state;
400 amd_iommu_flush_page(dev_state->domain, pasid_state->pasid, address);
403 static int mn_clear_flush_young(struct mmu_notifier *mn,
404 struct mm_struct *mm,
408 for (; start < end; start += PAGE_SIZE)
409 __mn_flush_page(mn, start);
414 static void mn_invalidate_page(struct mmu_notifier *mn,
415 struct mm_struct *mm,
416 unsigned long address)
418 __mn_flush_page(mn, address);
421 static void mn_invalidate_range_start(struct mmu_notifier *mn,
422 struct mm_struct *mm,
423 unsigned long start, unsigned long end)
425 struct pasid_state *pasid_state;
426 struct device_state *dev_state;
429 pasid_state = mn_to_state(mn);
430 dev_state = pasid_state->device_state;
432 spin_lock_irqsave(&pasid_state->lock, flags);
433 if (pasid_state->mmu_notifier_count == 0) {
434 amd_iommu_domain_set_gcr3(dev_state->domain,
436 __pa(empty_page_table));
438 pasid_state->mmu_notifier_count += 1;
439 spin_unlock_irqrestore(&pasid_state->lock, flags);
442 static void mn_invalidate_range_end(struct mmu_notifier *mn,
443 struct mm_struct *mm,
444 unsigned long start, unsigned long end)
446 struct pasid_state *pasid_state;
447 struct device_state *dev_state;
450 pasid_state = mn_to_state(mn);
451 dev_state = pasid_state->device_state;
453 spin_lock_irqsave(&pasid_state->lock, flags);
454 pasid_state->mmu_notifier_count -= 1;
455 if (pasid_state->mmu_notifier_count == 0) {
456 amd_iommu_domain_set_gcr3(dev_state->domain,
458 __pa(pasid_state->mm->pgd));
460 spin_unlock_irqrestore(&pasid_state->lock, flags);
463 static void mn_release(struct mmu_notifier *mn, struct mm_struct *mm)
465 struct pasid_state *pasid_state;
466 struct device_state *dev_state;
471 pasid_state = mn_to_state(mn);
472 dev_state = pasid_state->device_state;
473 run_inv_ctx_cb = !pasid_state->invalid;
475 if (run_inv_ctx_cb && pasid_state->device_state->inv_ctx_cb)
476 dev_state->inv_ctx_cb(dev_state->pdev, pasid_state->pasid);
478 unbind_pasid(pasid_state);
481 static struct mmu_notifier_ops iommu_mn = {
482 .release = mn_release,
483 .clear_flush_young = mn_clear_flush_young,
484 .invalidate_page = mn_invalidate_page,
485 .invalidate_range_start = mn_invalidate_range_start,
486 .invalidate_range_end = mn_invalidate_range_end,
489 static void set_pri_tag_status(struct pasid_state *pasid_state,
494 spin_lock_irqsave(&pasid_state->lock, flags);
495 pasid_state->pri[tag].status = status;
496 spin_unlock_irqrestore(&pasid_state->lock, flags);
499 static void finish_pri_tag(struct device_state *dev_state,
500 struct pasid_state *pasid_state,
505 spin_lock_irqsave(&pasid_state->lock, flags);
506 if (atomic_dec_and_test(&pasid_state->pri[tag].inflight) &&
507 pasid_state->pri[tag].finish) {
508 amd_iommu_complete_ppr(dev_state->pdev, pasid_state->pasid,
509 pasid_state->pri[tag].status, tag);
510 pasid_state->pri[tag].finish = false;
511 pasid_state->pri[tag].status = PPR_SUCCESS;
513 spin_unlock_irqrestore(&pasid_state->lock, flags);
516 static void do_fault(struct work_struct *work)
518 struct fault *fault = container_of(work, struct fault, work);
522 write = !!(fault->flags & PPR_FAULT_WRITE);
524 down_read(&fault->state->mm->mmap_sem);
525 npages = get_user_pages(NULL, fault->state->mm,
526 fault->address, 1, write, 0, &page, NULL);
527 up_read(&fault->state->mm->mmap_sem);
531 } else if (fault->dev_state->inv_ppr_cb) {
534 status = fault->dev_state->inv_ppr_cb(fault->dev_state->pdev,
539 case AMD_IOMMU_INV_PRI_RSP_SUCCESS:
540 set_pri_tag_status(fault->state, fault->tag, PPR_SUCCESS);
542 case AMD_IOMMU_INV_PRI_RSP_INVALID:
543 set_pri_tag_status(fault->state, fault->tag, PPR_INVALID);
545 case AMD_IOMMU_INV_PRI_RSP_FAIL:
546 set_pri_tag_status(fault->state, fault->tag, PPR_FAILURE);
552 set_pri_tag_status(fault->state, fault->tag, PPR_INVALID);
555 finish_pri_tag(fault->dev_state, fault->state, fault->tag);
557 put_pasid_state(fault->state);
562 static int ppr_notifier(struct notifier_block *nb, unsigned long e, void *data)
564 struct amd_iommu_fault *iommu_fault;
565 struct pasid_state *pasid_state;
566 struct device_state *dev_state;
574 tag = iommu_fault->tag & 0x1ff;
575 finish = (iommu_fault->tag >> 9) & 1;
578 dev_state = get_device_state(iommu_fault->device_id);
579 if (dev_state == NULL)
582 pasid_state = get_pasid_state(dev_state, iommu_fault->pasid);
583 if (pasid_state == NULL || pasid_state->invalid) {
584 /* We know the device but not the PASID -> send INVALID */
585 amd_iommu_complete_ppr(dev_state->pdev, iommu_fault->pasid,
590 spin_lock_irqsave(&pasid_state->lock, flags);
591 atomic_inc(&pasid_state->pri[tag].inflight);
593 pasid_state->pri[tag].finish = true;
594 spin_unlock_irqrestore(&pasid_state->lock, flags);
596 fault = kzalloc(sizeof(*fault), GFP_ATOMIC);
598 /* We are OOM - send success and let the device re-fault */
599 finish_pri_tag(dev_state, pasid_state, tag);
603 fault->dev_state = dev_state;
604 fault->address = iommu_fault->address;
605 fault->state = pasid_state;
607 fault->finish = finish;
608 fault->pasid = iommu_fault->pasid;
609 fault->flags = iommu_fault->flags;
610 INIT_WORK(&fault->work, do_fault);
612 queue_work(iommu_wq, &fault->work);
618 if (ret != NOTIFY_OK && pasid_state)
619 put_pasid_state(pasid_state);
621 put_device_state(dev_state);
627 static struct notifier_block ppr_nb = {
628 .notifier_call = ppr_notifier,
631 int amd_iommu_bind_pasid(struct pci_dev *pdev, int pasid,
632 struct task_struct *task)
634 struct pasid_state *pasid_state;
635 struct device_state *dev_state;
636 struct mm_struct *mm;
642 if (!amd_iommu_v2_supported())
645 devid = device_id(pdev);
646 dev_state = get_device_state(devid);
648 if (dev_state == NULL)
652 if (pasid < 0 || pasid >= dev_state->max_pasids)
656 pasid_state = kzalloc(sizeof(*pasid_state), GFP_KERNEL);
657 if (pasid_state == NULL)
661 atomic_set(&pasid_state->count, 1);
662 init_waitqueue_head(&pasid_state->wq);
663 spin_lock_init(&pasid_state->lock);
665 mm = get_task_mm(task);
666 pasid_state->mm = mm;
667 pasid_state->device_state = dev_state;
668 pasid_state->pasid = pasid;
669 pasid_state->invalid = true; /* Mark as valid only if we are
670 done with setting up the pasid */
671 pasid_state->mn.ops = &iommu_mn;
673 if (pasid_state->mm == NULL)
676 mmu_notifier_register(&pasid_state->mn, mm);
678 ret = set_pasid_state(dev_state, pasid_state, pasid);
682 ret = amd_iommu_domain_set_gcr3(dev_state->domain, pasid,
683 __pa(pasid_state->mm->pgd));
685 goto out_clear_state;
687 /* Now we are ready to handle faults */
688 pasid_state->invalid = false;
691 * Drop the reference to the mm_struct here. We rely on the
692 * mmu_notifier release call-back to inform us when the mm
700 clear_pasid_state(dev_state, pasid);
703 mmu_notifier_unregister(&pasid_state->mn, mm);
707 free_pasid_state(pasid_state);
710 put_device_state(dev_state);
714 EXPORT_SYMBOL(amd_iommu_bind_pasid);
716 void amd_iommu_unbind_pasid(struct pci_dev *pdev, int pasid)
718 struct pasid_state *pasid_state;
719 struct device_state *dev_state;
724 if (!amd_iommu_v2_supported())
727 devid = device_id(pdev);
728 dev_state = get_device_state(devid);
729 if (dev_state == NULL)
732 if (pasid < 0 || pasid >= dev_state->max_pasids)
735 pasid_state = get_pasid_state(dev_state, pasid);
736 if (pasid_state == NULL)
739 * Drop reference taken here. We are safe because we still hold
740 * the reference taken in the amd_iommu_bind_pasid function.
742 put_pasid_state(pasid_state);
744 /* Clear the pasid state so that the pasid can be re-used */
745 clear_pasid_state(dev_state, pasid_state->pasid);
748 * Call mmu_notifier_unregister to drop our reference
751 mmu_notifier_unregister(&pasid_state->mn, pasid_state->mm);
753 put_pasid_state_wait(pasid_state); /* Reference taken in
754 amd_iommu_bind_pasid */
756 /* Drop reference taken in this function */
757 put_device_state(dev_state);
759 /* Drop reference taken in amd_iommu_bind_pasid */
760 put_device_state(dev_state);
762 EXPORT_SYMBOL(amd_iommu_unbind_pasid);
764 int amd_iommu_init_device(struct pci_dev *pdev, int pasids)
766 struct device_state *dev_state;
773 if (!amd_iommu_v2_supported())
776 if (pasids <= 0 || pasids > (PASID_MASK + 1))
779 devid = device_id(pdev);
781 dev_state = kzalloc(sizeof(*dev_state), GFP_KERNEL);
782 if (dev_state == NULL)
785 spin_lock_init(&dev_state->lock);
786 init_waitqueue_head(&dev_state->wq);
787 dev_state->pdev = pdev;
788 dev_state->devid = devid;
791 for (dev_state->pasid_levels = 0; (tmp - 1) & ~0x1ff; tmp >>= 9)
792 dev_state->pasid_levels += 1;
794 atomic_set(&dev_state->count, 1);
795 dev_state->max_pasids = pasids;
798 dev_state->states = (void *)get_zeroed_page(GFP_KERNEL);
799 if (dev_state->states == NULL)
800 goto out_free_dev_state;
802 dev_state->domain = iommu_domain_alloc(&pci_bus_type);
803 if (dev_state->domain == NULL)
804 goto out_free_states;
806 amd_iommu_domain_direct_map(dev_state->domain);
808 ret = amd_iommu_domain_enable_v2(dev_state->domain, pasids);
810 goto out_free_domain;
812 ret = iommu_attach_device(dev_state->domain, &pdev->dev);
814 goto out_free_domain;
816 spin_lock_irqsave(&state_lock, flags);
818 if (__get_device_state(devid) != NULL) {
819 spin_unlock_irqrestore(&state_lock, flags);
821 goto out_free_domain;
824 list_add_tail(&dev_state->list, &state_list);
826 spin_unlock_irqrestore(&state_lock, flags);
831 iommu_domain_free(dev_state->domain);
834 free_page((unsigned long)dev_state->states);
841 EXPORT_SYMBOL(amd_iommu_init_device);
843 void amd_iommu_free_device(struct pci_dev *pdev)
845 struct device_state *dev_state;
849 if (!amd_iommu_v2_supported())
852 devid = device_id(pdev);
854 spin_lock_irqsave(&state_lock, flags);
856 dev_state = __get_device_state(devid);
857 if (dev_state == NULL) {
858 spin_unlock_irqrestore(&state_lock, flags);
862 list_del(&dev_state->list);
864 spin_unlock_irqrestore(&state_lock, flags);
866 /* Get rid of any remaining pasid states */
867 free_pasid_states(dev_state);
869 put_device_state_wait(dev_state);
871 EXPORT_SYMBOL(amd_iommu_free_device);
873 int amd_iommu_set_invalid_ppr_cb(struct pci_dev *pdev,
874 amd_iommu_invalid_ppr_cb cb)
876 struct device_state *dev_state;
881 if (!amd_iommu_v2_supported())
884 devid = device_id(pdev);
886 spin_lock_irqsave(&state_lock, flags);
889 dev_state = __get_device_state(devid);
890 if (dev_state == NULL)
893 dev_state->inv_ppr_cb = cb;
898 spin_unlock_irqrestore(&state_lock, flags);
902 EXPORT_SYMBOL(amd_iommu_set_invalid_ppr_cb);
904 int amd_iommu_set_invalidate_ctx_cb(struct pci_dev *pdev,
905 amd_iommu_invalidate_ctx cb)
907 struct device_state *dev_state;
912 if (!amd_iommu_v2_supported())
915 devid = device_id(pdev);
917 spin_lock_irqsave(&state_lock, flags);
920 dev_state = __get_device_state(devid);
921 if (dev_state == NULL)
924 dev_state->inv_ctx_cb = cb;
929 spin_unlock_irqrestore(&state_lock, flags);
933 EXPORT_SYMBOL(amd_iommu_set_invalidate_ctx_cb);
935 static int __init amd_iommu_v2_init(void)
939 pr_info("AMD IOMMUv2 driver by Joerg Roedel <joerg.roedel@amd.com>\n");
941 if (!amd_iommu_v2_supported()) {
942 pr_info("AMD IOMMUv2 functionality not available on this system\n");
944 * Load anyway to provide the symbols to other modules
945 * which may use AMD IOMMUv2 optionally.
950 spin_lock_init(&state_lock);
953 iommu_wq = create_workqueue("amd_iommu_v2");
954 if (iommu_wq == NULL)
958 empty_page_table = (u64 *)get_zeroed_page(GFP_KERNEL);
959 if (empty_page_table == NULL)
962 amd_iommu_register_ppr_notifier(&ppr_nb);
967 destroy_workqueue(iommu_wq);
973 static void __exit amd_iommu_v2_exit(void)
975 struct device_state *dev_state;
978 if (!amd_iommu_v2_supported())
981 amd_iommu_unregister_ppr_notifier(&ppr_nb);
983 flush_workqueue(iommu_wq);
986 * The loop below might call flush_workqueue(), so call
987 * destroy_workqueue() after it
989 for (i = 0; i < MAX_DEVICES; ++i) {
990 dev_state = get_device_state(i);
992 if (dev_state == NULL)
997 put_device_state(dev_state);
998 amd_iommu_free_device(dev_state->pdev);
1001 destroy_workqueue(iommu_wq);
1003 free_page((unsigned long)empty_page_table);
1006 module_init(amd_iommu_v2_init);
1007 module_exit(amd_iommu_v2_exit);
projects / cascardo / linux.git / blob