2 * VFIO: IOMMU DMA mapping support for TCE on POWER
4 * Copyright (C) 2013 IBM Corp. All rights reserved.
5 * Author: Alexey Kardashevskiy <aik@ozlabs.ru>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * Derived from original vfio_iommu_type1.c:
12 * Copyright (C) 2012 Red Hat, Inc. All rights reserved.
13 * Author: Alex Williamson <alex.williamson@redhat.com>
16 #include <linux/module.h>
17 #include <linux/pci.h>
18 #include <linux/slab.h>
19 #include <linux/uaccess.h>
20 #include <linux/err.h>
21 #include <linux/vfio.h>
22 #include <asm/iommu.h>
25 #define DRIVER_VERSION "0.1"
26 #define DRIVER_AUTHOR "aik@ozlabs.ru"
27 #define DRIVER_DESC "VFIO IOMMU SPAPR TCE"
29 static void tce_iommu_detach_group(void *iommu_data,
30 struct iommu_group *iommu_group);
32 static long try_increment_locked_vm(long npages)
34 long ret = 0, locked, lock_limit;
36 if (!current || !current->mm)
37 return -ESRCH; /* process exited */
42 down_write(¤t->mm->mmap_sem);
43 locked = current->mm->locked_vm + npages;
44 lock_limit = rlimit(RLIMIT_MEMLOCK) >> PAGE_SHIFT;
45 if (locked > lock_limit && !capable(CAP_IPC_LOCK))
48 current->mm->locked_vm += npages;
50 pr_debug("[%d] RLIMIT_MEMLOCK +%ld %ld/%ld%s\n", current->pid,
52 current->mm->locked_vm << PAGE_SHIFT,
53 rlimit(RLIMIT_MEMLOCK),
54 ret ? " - exceeded" : "");
56 up_write(¤t->mm->mmap_sem);
61 static void decrement_locked_vm(long npages)
63 if (!current || !current->mm || !npages)
64 return; /* process exited */
66 down_write(¤t->mm->mmap_sem);
67 if (WARN_ON_ONCE(npages > current->mm->locked_vm))
68 npages = current->mm->locked_vm;
69 current->mm->locked_vm -= npages;
70 pr_debug("[%d] RLIMIT_MEMLOCK -%ld %ld/%ld\n", current->pid,
72 current->mm->locked_vm << PAGE_SHIFT,
73 rlimit(RLIMIT_MEMLOCK));
74 up_write(¤t->mm->mmap_sem);
78 * VFIO IOMMU fd for SPAPR_TCE IOMMU implementation
80 * This code handles mapping and unmapping of user data buffers
81 * into DMA'ble space using the IOMMU
85 * The container descriptor supports only a single group per container.
86 * Required by the API as the container is not supplied with the IOMMU group
87 * at the moment of initialization.
89 struct tce_container {
91 struct iommu_group *grp;
93 unsigned long locked_pages;
96 static bool tce_page_is_contained(struct page *page, unsigned page_shift)
99 * Check that the TCE table granularity is not bigger than the size of
100 * a page we just found. Otherwise the hardware can get access to
101 * a bigger memory chunk that it should.
103 return (PAGE_SHIFT + compound_order(compound_head(page))) >= page_shift;
106 static long tce_iommu_find_table(struct tce_container *container,
107 phys_addr_t ioba, struct iommu_table **ptbl)
110 struct iommu_table_group *table_group;
112 table_group = iommu_group_get_iommudata(container->grp);
116 for (i = 0; i < IOMMU_TABLE_GROUP_MAX_TABLES; ++i) {
117 struct iommu_table *tbl = table_group->tables[i];
120 unsigned long entry = ioba >> tbl->it_page_shift;
121 unsigned long start = tbl->it_offset;
122 unsigned long end = start + tbl->it_size;
124 if ((start <= entry) && (entry < end)) {
134 static int tce_iommu_enable(struct tce_container *container)
137 unsigned long locked;
138 struct iommu_table *tbl;
139 struct iommu_table_group *table_group;
145 return -ESRCH; /* process exited */
147 if (container->enabled)
151 * When userspace pages are mapped into the IOMMU, they are effectively
152 * locked memory, so, theoretically, we need to update the accounting
153 * of locked pages on each map and unmap. For powerpc, the map unmap
154 * paths can be very hot, though, and the accounting would kill
155 * performance, especially since it would be difficult to impossible
156 * to handle the accounting in real mode only.
158 * To address that, rather than precisely accounting every page, we
159 * instead account for a worst case on locked memory when the iommu is
160 * enabled and disabled. The worst case upper bound on locked memory
161 * is the size of the whole iommu window, which is usually relatively
162 * small (compared to total memory sizes) on POWER hardware.
164 * Also we don't have a nice way to fail on H_PUT_TCE due to ulimits,
165 * that would effectively kill the guest at random points, much better
166 * enforcing the limit based on the max that the guest can map.
168 * Unfortunately at the moment it counts whole tables, no matter how
169 * much memory the guest has. I.e. for 4GB guest and 4 IOMMU groups
170 * each with 2GB DMA window, 8GB will be counted here. The reason for
171 * this is that we cannot tell here the amount of RAM used by the guest
172 * as this information is only available from KVM and VFIO is
175 table_group = iommu_group_get_iommudata(container->grp);
179 tbl = table_group->tables[0];
180 locked = (tbl->it_size << tbl->it_page_shift) >> PAGE_SHIFT;
181 ret = try_increment_locked_vm(locked);
185 container->locked_pages = locked;
187 container->enabled = true;
192 static void tce_iommu_disable(struct tce_container *container)
194 if (!container->enabled)
197 container->enabled = false;
202 decrement_locked_vm(container->locked_pages);
205 static void *tce_iommu_open(unsigned long arg)
207 struct tce_container *container;
209 if (arg != VFIO_SPAPR_TCE_IOMMU) {
210 pr_err("tce_vfio: Wrong IOMMU type\n");
211 return ERR_PTR(-EINVAL);
214 container = kzalloc(sizeof(*container), GFP_KERNEL);
216 return ERR_PTR(-ENOMEM);
218 mutex_init(&container->lock);
223 static void tce_iommu_release(void *iommu_data)
225 struct tce_container *container = iommu_data;
227 WARN_ON(container->grp);
230 tce_iommu_detach_group(iommu_data, container->grp);
232 tce_iommu_disable(container);
233 mutex_destroy(&container->lock);
238 static void tce_iommu_unuse_page(struct tce_container *container,
243 page = pfn_to_page(hpa >> PAGE_SHIFT);
247 static int tce_iommu_clear(struct tce_container *container,
248 struct iommu_table *tbl,
249 unsigned long entry, unsigned long pages)
251 unsigned long oldhpa;
253 enum dma_data_direction direction;
255 for ( ; pages; --pages, ++entry) {
256 direction = DMA_NONE;
258 ret = iommu_tce_xchg(tbl, entry, &oldhpa, &direction);
262 if (direction == DMA_NONE)
265 tce_iommu_unuse_page(container, oldhpa);
271 static int tce_iommu_use_page(unsigned long tce, unsigned long *hpa)
273 struct page *page = NULL;
274 enum dma_data_direction direction = iommu_tce_direction(tce);
276 if (get_user_pages_fast(tce & PAGE_MASK, 1,
277 direction != DMA_TO_DEVICE, &page) != 1)
280 *hpa = __pa((unsigned long) page_address(page));
285 static long tce_iommu_build(struct tce_container *container,
286 struct iommu_table *tbl,
287 unsigned long entry, unsigned long tce, unsigned long pages,
288 enum dma_data_direction direction)
293 enum dma_data_direction dirtmp;
295 for (i = 0; i < pages; ++i) {
296 unsigned long offset = tce & IOMMU_PAGE_MASK(tbl) & ~PAGE_MASK;
298 ret = tce_iommu_use_page(tce, &hpa);
302 page = pfn_to_page(hpa >> PAGE_SHIFT);
303 if (!tce_page_is_contained(page, tbl->it_page_shift)) {
310 ret = iommu_tce_xchg(tbl, entry + i, &hpa, &dirtmp);
312 tce_iommu_unuse_page(container, hpa);
313 pr_err("iommu_tce: %s failed ioba=%lx, tce=%lx, ret=%ld\n",
314 __func__, entry << tbl->it_page_shift,
319 if (dirtmp != DMA_NONE)
320 tce_iommu_unuse_page(container, hpa);
322 tce += IOMMU_PAGE_SIZE(tbl);
326 tce_iommu_clear(container, tbl, entry, i);
331 static long tce_iommu_ioctl(void *iommu_data,
332 unsigned int cmd, unsigned long arg)
334 struct tce_container *container = iommu_data;
339 case VFIO_CHECK_EXTENSION:
341 case VFIO_SPAPR_TCE_IOMMU:
345 ret = vfio_spapr_iommu_eeh_ioctl(NULL, cmd, arg);
349 return (ret < 0) ? 0 : ret;
351 case VFIO_IOMMU_SPAPR_TCE_GET_INFO: {
352 struct vfio_iommu_spapr_tce_info info;
353 struct iommu_table *tbl;
354 struct iommu_table_group *table_group;
356 if (WARN_ON(!container->grp))
359 table_group = iommu_group_get_iommudata(container->grp);
361 tbl = table_group->tables[0];
362 if (WARN_ON_ONCE(!tbl))
365 minsz = offsetofend(struct vfio_iommu_spapr_tce_info,
368 if (copy_from_user(&info, (void __user *)arg, minsz))
371 if (info.argsz < minsz)
374 info.dma32_window_start = tbl->it_offset << tbl->it_page_shift;
375 info.dma32_window_size = tbl->it_size << tbl->it_page_shift;
378 if (copy_to_user((void __user *)arg, &info, minsz))
383 case VFIO_IOMMU_MAP_DMA: {
384 struct vfio_iommu_type1_dma_map param;
385 struct iommu_table *tbl = NULL;
387 enum dma_data_direction direction;
389 if (!container->enabled)
392 minsz = offsetofend(struct vfio_iommu_type1_dma_map, size);
394 if (copy_from_user(¶m, (void __user *)arg, minsz))
397 if (param.argsz < minsz)
400 if (param.flags & ~(VFIO_DMA_MAP_FLAG_READ |
401 VFIO_DMA_MAP_FLAG_WRITE))
404 num = tce_iommu_find_table(container, param.iova, &tbl);
408 if ((param.size & ~IOMMU_PAGE_MASK(tbl)) ||
409 (param.vaddr & ~IOMMU_PAGE_MASK(tbl)))
412 /* iova is checked by the IOMMU API */
413 if (param.flags & VFIO_DMA_MAP_FLAG_READ) {
414 if (param.flags & VFIO_DMA_MAP_FLAG_WRITE)
415 direction = DMA_BIDIRECTIONAL;
417 direction = DMA_TO_DEVICE;
419 if (param.flags & VFIO_DMA_MAP_FLAG_WRITE)
420 direction = DMA_FROM_DEVICE;
425 ret = iommu_tce_put_param_check(tbl, param.iova, param.vaddr);
429 ret = tce_iommu_build(container, tbl,
430 param.iova >> tbl->it_page_shift,
432 param.size >> tbl->it_page_shift,
435 iommu_flush_tce(tbl);
439 case VFIO_IOMMU_UNMAP_DMA: {
440 struct vfio_iommu_type1_dma_unmap param;
441 struct iommu_table *tbl = NULL;
444 if (!container->enabled)
447 minsz = offsetofend(struct vfio_iommu_type1_dma_unmap,
450 if (copy_from_user(¶m, (void __user *)arg, minsz))
453 if (param.argsz < minsz)
456 /* No flag is supported now */
460 num = tce_iommu_find_table(container, param.iova, &tbl);
464 if (param.size & ~IOMMU_PAGE_MASK(tbl))
467 ret = iommu_tce_clear_param_check(tbl, param.iova, 0,
468 param.size >> tbl->it_page_shift);
472 ret = tce_iommu_clear(container, tbl,
473 param.iova >> tbl->it_page_shift,
474 param.size >> tbl->it_page_shift);
475 iommu_flush_tce(tbl);
479 case VFIO_IOMMU_ENABLE:
480 mutex_lock(&container->lock);
481 ret = tce_iommu_enable(container);
482 mutex_unlock(&container->lock);
486 case VFIO_IOMMU_DISABLE:
487 mutex_lock(&container->lock);
488 tce_iommu_disable(container);
489 mutex_unlock(&container->lock);
495 return vfio_spapr_iommu_eeh_ioctl(container->grp,
502 static void tce_iommu_release_ownership(struct tce_container *container,
503 struct iommu_table_group *table_group)
507 for (i = 0; i < IOMMU_TABLE_GROUP_MAX_TABLES; ++i) {
508 struct iommu_table *tbl = table_group->tables[i];
513 tce_iommu_clear(container, tbl, tbl->it_offset, tbl->it_size);
515 iommu_release_ownership(tbl);
519 static int tce_iommu_take_ownership(struct tce_container *container,
520 struct iommu_table_group *table_group)
524 for (i = 0; i < IOMMU_TABLE_GROUP_MAX_TABLES; ++i) {
525 struct iommu_table *tbl = table_group->tables[i];
527 if (!tbl || !tbl->it_map)
530 rc = iommu_take_ownership(tbl);
532 for (j = 0; j < i; ++j)
533 iommu_release_ownership(
534 table_group->tables[j]);
543 static void tce_iommu_release_ownership_ddw(struct tce_container *container,
544 struct iommu_table_group *table_group)
546 table_group->ops->release_ownership(table_group);
549 static long tce_iommu_take_ownership_ddw(struct tce_container *container,
550 struct iommu_table_group *table_group)
552 table_group->ops->take_ownership(table_group);
557 static int tce_iommu_attach_group(void *iommu_data,
558 struct iommu_group *iommu_group)
561 struct tce_container *container = iommu_data;
562 struct iommu_table_group *table_group;
564 mutex_lock(&container->lock);
566 /* pr_debug("tce_vfio: Attaching group #%u to iommu %p\n",
567 iommu_group_id(iommu_group), iommu_group); */
568 if (container->grp) {
569 pr_warn("tce_vfio: Only one group per IOMMU container is allowed, existing id=%d, attaching id=%d\n",
570 iommu_group_id(container->grp),
571 iommu_group_id(iommu_group));
576 if (container->enabled) {
577 pr_err("tce_vfio: attaching group #%u to enabled container\n",
578 iommu_group_id(iommu_group));
583 table_group = iommu_group_get_iommudata(iommu_group);
589 if (!table_group->ops || !table_group->ops->take_ownership ||
590 !table_group->ops->release_ownership)
591 ret = tce_iommu_take_ownership(container, table_group);
593 ret = tce_iommu_take_ownership_ddw(container, table_group);
596 container->grp = iommu_group;
599 mutex_unlock(&container->lock);
604 static void tce_iommu_detach_group(void *iommu_data,
605 struct iommu_group *iommu_group)
607 struct tce_container *container = iommu_data;
608 struct iommu_table_group *table_group;
610 mutex_lock(&container->lock);
611 if (iommu_group != container->grp) {
612 pr_warn("tce_vfio: detaching group #%u, expected group is #%u\n",
613 iommu_group_id(iommu_group),
614 iommu_group_id(container->grp));
618 if (container->enabled) {
619 pr_warn("tce_vfio: detaching group #%u from enabled container, forcing disable\n",
620 iommu_group_id(container->grp));
621 tce_iommu_disable(container);
624 /* pr_debug("tce_vfio: detaching group #%u from iommu %p\n",
625 iommu_group_id(iommu_group), iommu_group); */
626 container->grp = NULL;
628 table_group = iommu_group_get_iommudata(iommu_group);
629 BUG_ON(!table_group);
631 if (!table_group->ops || !table_group->ops->release_ownership)
632 tce_iommu_release_ownership(container, table_group);
634 tce_iommu_release_ownership_ddw(container, table_group);
637 mutex_unlock(&container->lock);
640 const struct vfio_iommu_driver_ops tce_iommu_driver_ops = {
641 .name = "iommu-vfio-powerpc",
642 .owner = THIS_MODULE,
643 .open = tce_iommu_open,
644 .release = tce_iommu_release,
645 .ioctl = tce_iommu_ioctl,
646 .attach_group = tce_iommu_attach_group,
647 .detach_group = tce_iommu_detach_group,
650 static int __init tce_iommu_init(void)
652 return vfio_register_iommu_driver(&tce_iommu_driver_ops);
655 static void __exit tce_iommu_cleanup(void)
657 vfio_unregister_iommu_driver(&tce_iommu_driver_ops);
660 module_init(tce_iommu_init);
661 module_exit(tce_iommu_cleanup);
663 MODULE_VERSION(DRIVER_VERSION);
664 MODULE_LICENSE("GPL v2");
665 MODULE_AUTHOR(DRIVER_AUTHOR);
666 MODULE_DESCRIPTION(DRIVER_DESC);
projects / cascardo / linux.git / blob