2 * Copyright (C) 2007-2009 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
4 * Leo Duran <leo.duran@amd.com>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published
8 * by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/pci.h>
21 #include <linux/gfp.h>
22 #include <linux/bitops.h>
23 #include <linux/debugfs.h>
24 #include <linux/scatterlist.h>
25 #include <linux/dma-mapping.h>
26 #include <linux/iommu-helper.h>
27 #include <linux/iommu.h>
28 #include <asm/proto.h>
29 #include <asm/iommu.h>
31 #include <asm/amd_iommu_proto.h>
32 #include <asm/amd_iommu_types.h>
33 #include <asm/amd_iommu.h>
35 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
37 #define EXIT_LOOP_COUNT 10000000
39 static DEFINE_RWLOCK(amd_iommu_devtable_lock);
41 /* A list of preallocated protection domains */
42 static LIST_HEAD(iommu_pd_list);
43 static DEFINE_SPINLOCK(iommu_pd_list_lock);
46 * Domain for untranslated devices - only allocated
47 * if iommu=pt passed on kernel cmd line.
49 static struct protection_domain *pt_domain;
51 static struct iommu_ops amd_iommu_ops;
54 * general struct to manage commands send to an IOMMU
60 static void reset_iommu_command_buffer(struct amd_iommu *iommu);
61 static void update_domain(struct protection_domain *domain);
63 /****************************************************************************
67 ****************************************************************************/
69 static inline u16 get_device_id(struct device *dev)
71 struct pci_dev *pdev = to_pci_dev(dev);
73 return calc_devid(pdev->bus->number, pdev->devfn);
76 static struct iommu_dev_data *get_dev_data(struct device *dev)
78 return dev->archdata.iommu;
82 * In this function the list of preallocated protection domains is traversed to
83 * find the domain for a specific device
85 static struct dma_ops_domain *find_protection_domain(u16 devid)
87 struct dma_ops_domain *entry, *ret = NULL;
89 u16 alias = amd_iommu_alias_table[devid];
91 if (list_empty(&iommu_pd_list))
94 spin_lock_irqsave(&iommu_pd_list_lock, flags);
96 list_for_each_entry(entry, &iommu_pd_list, list) {
97 if (entry->target_dev == devid ||
98 entry->target_dev == alias) {
104 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
110 * This function checks if the driver got a valid device from the caller to
111 * avoid dereferencing invalid pointers.
113 static bool check_device(struct device *dev)
117 if (!dev || !dev->dma_mask)
120 /* No device or no PCI device */
121 if (!dev || dev->bus != &pci_bus_type)
124 devid = get_device_id(dev);
126 /* Out of our scope? */
127 if (devid > amd_iommu_last_bdf)
130 if (amd_iommu_rlookup_table[devid] == NULL)
136 static int iommu_init_device(struct device *dev)
138 struct iommu_dev_data *dev_data;
139 struct pci_dev *pdev;
142 if (dev->archdata.iommu)
145 dev_data = kzalloc(sizeof(*dev_data), GFP_KERNEL);
149 devid = get_device_id(dev);
150 alias = amd_iommu_alias_table[devid];
151 pdev = pci_get_bus_and_slot(PCI_BUS(alias), alias & 0xff);
153 dev_data->alias = &pdev->dev;
155 atomic_set(&dev_data->bind, 0);
157 dev->archdata.iommu = dev_data;
163 static void iommu_uninit_device(struct device *dev)
165 kfree(dev->archdata.iommu);
167 #ifdef CONFIG_AMD_IOMMU_STATS
170 * Initialization code for statistics collection
173 DECLARE_STATS_COUNTER(compl_wait);
174 DECLARE_STATS_COUNTER(cnt_map_single);
175 DECLARE_STATS_COUNTER(cnt_unmap_single);
176 DECLARE_STATS_COUNTER(cnt_map_sg);
177 DECLARE_STATS_COUNTER(cnt_unmap_sg);
178 DECLARE_STATS_COUNTER(cnt_alloc_coherent);
179 DECLARE_STATS_COUNTER(cnt_free_coherent);
180 DECLARE_STATS_COUNTER(cross_page);
181 DECLARE_STATS_COUNTER(domain_flush_single);
182 DECLARE_STATS_COUNTER(domain_flush_all);
183 DECLARE_STATS_COUNTER(alloced_io_mem);
184 DECLARE_STATS_COUNTER(total_map_requests);
186 static struct dentry *stats_dir;
187 static struct dentry *de_fflush;
189 static void amd_iommu_stats_add(struct __iommu_counter *cnt)
191 if (stats_dir == NULL)
194 cnt->dent = debugfs_create_u64(cnt->name, 0444, stats_dir,
198 static void amd_iommu_stats_init(void)
200 stats_dir = debugfs_create_dir("amd-iommu", NULL);
201 if (stats_dir == NULL)
204 de_fflush = debugfs_create_bool("fullflush", 0444, stats_dir,
205 (u32 *)&amd_iommu_unmap_flush);
207 amd_iommu_stats_add(&compl_wait);
208 amd_iommu_stats_add(&cnt_map_single);
209 amd_iommu_stats_add(&cnt_unmap_single);
210 amd_iommu_stats_add(&cnt_map_sg);
211 amd_iommu_stats_add(&cnt_unmap_sg);
212 amd_iommu_stats_add(&cnt_alloc_coherent);
213 amd_iommu_stats_add(&cnt_free_coherent);
214 amd_iommu_stats_add(&cross_page);
215 amd_iommu_stats_add(&domain_flush_single);
216 amd_iommu_stats_add(&domain_flush_all);
217 amd_iommu_stats_add(&alloced_io_mem);
218 amd_iommu_stats_add(&total_map_requests);
223 /****************************************************************************
225 * Interrupt handling functions
227 ****************************************************************************/
229 static void dump_dte_entry(u16 devid)
233 for (i = 0; i < 8; ++i)
234 pr_err("AMD-Vi: DTE[%d]: %08x\n", i,
235 amd_iommu_dev_table[devid].data[i]);
238 static void dump_command(unsigned long phys_addr)
240 struct iommu_cmd *cmd = phys_to_virt(phys_addr);
243 for (i = 0; i < 4; ++i)
244 pr_err("AMD-Vi: CMD[%d]: %08x\n", i, cmd->data[i]);
247 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
250 int type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
251 int devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
252 int domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
253 int flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
254 u64 address = (u64)(((u64)event[3]) << 32) | event[2];
256 printk(KERN_ERR "AMD-Vi: Event logged [");
259 case EVENT_TYPE_ILL_DEV:
260 printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
261 "address=0x%016llx flags=0x%04x]\n",
262 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
264 dump_dte_entry(devid);
266 case EVENT_TYPE_IO_FAULT:
267 printk("IO_PAGE_FAULT device=%02x:%02x.%x "
268 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
269 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
270 domid, address, flags);
272 case EVENT_TYPE_DEV_TAB_ERR:
273 printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
274 "address=0x%016llx flags=0x%04x]\n",
275 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
278 case EVENT_TYPE_PAGE_TAB_ERR:
279 printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
280 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
281 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
282 domid, address, flags);
284 case EVENT_TYPE_ILL_CMD:
285 printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
286 reset_iommu_command_buffer(iommu);
287 dump_command(address);
289 case EVENT_TYPE_CMD_HARD_ERR:
290 printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
291 "flags=0x%04x]\n", address, flags);
293 case EVENT_TYPE_IOTLB_INV_TO:
294 printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
295 "address=0x%016llx]\n",
296 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
299 case EVENT_TYPE_INV_DEV_REQ:
300 printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
301 "address=0x%016llx flags=0x%04x]\n",
302 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
306 printk(KERN_ERR "UNKNOWN type=0x%02x]\n", type);
310 static void iommu_poll_events(struct amd_iommu *iommu)
315 spin_lock_irqsave(&iommu->lock, flags);
317 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
318 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
320 while (head != tail) {
321 iommu_print_event(iommu, iommu->evt_buf + head);
322 head = (head + EVENT_ENTRY_SIZE) % iommu->evt_buf_size;
325 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
327 spin_unlock_irqrestore(&iommu->lock, flags);
330 irqreturn_t amd_iommu_int_handler(int irq, void *data)
332 struct amd_iommu *iommu;
334 for_each_iommu(iommu)
335 iommu_poll_events(iommu);
340 /****************************************************************************
342 * IOMMU command queuing functions
344 ****************************************************************************/
347 * Writes the command to the IOMMUs command buffer and informs the
348 * hardware about the new command. Must be called with iommu->lock held.
350 static int __iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
355 tail = readl(iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
356 target = iommu->cmd_buf + tail;
357 memcpy_toio(target, cmd, sizeof(*cmd));
358 tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
359 head = readl(iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
362 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
368 * General queuing function for commands. Takes iommu->lock and calls
369 * __iommu_queue_command().
371 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
376 spin_lock_irqsave(&iommu->lock, flags);
377 ret = __iommu_queue_command(iommu, cmd);
379 iommu->need_sync = true;
380 spin_unlock_irqrestore(&iommu->lock, flags);
386 * This function waits until an IOMMU has completed a completion
389 static void __iommu_wait_for_completion(struct amd_iommu *iommu)
395 INC_STATS_COUNTER(compl_wait);
397 while (!ready && (i < EXIT_LOOP_COUNT)) {
399 /* wait for the bit to become one */
400 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
401 ready = status & MMIO_STATUS_COM_WAIT_INT_MASK;
404 /* set bit back to zero */
405 status &= ~MMIO_STATUS_COM_WAIT_INT_MASK;
406 writel(status, iommu->mmio_base + MMIO_STATUS_OFFSET);
408 if (unlikely(i == EXIT_LOOP_COUNT)) {
409 spin_unlock(&iommu->lock);
410 reset_iommu_command_buffer(iommu);
411 spin_lock(&iommu->lock);
416 * This function queues a completion wait command into the command
419 static int __iommu_completion_wait(struct amd_iommu *iommu)
421 struct iommu_cmd cmd;
423 memset(&cmd, 0, sizeof(cmd));
424 cmd.data[0] = CMD_COMPL_WAIT_INT_MASK;
425 CMD_SET_TYPE(&cmd, CMD_COMPL_WAIT);
427 return __iommu_queue_command(iommu, &cmd);
431 * This function is called whenever we need to ensure that the IOMMU has
432 * completed execution of all commands we sent. It sends a
433 * COMPLETION_WAIT command and waits for it to finish. The IOMMU informs
434 * us about that by writing a value to a physical address we pass with
437 static int iommu_completion_wait(struct amd_iommu *iommu)
442 spin_lock_irqsave(&iommu->lock, flags);
444 if (!iommu->need_sync)
447 ret = __iommu_completion_wait(iommu);
449 iommu->need_sync = false;
454 __iommu_wait_for_completion(iommu);
457 spin_unlock_irqrestore(&iommu->lock, flags);
462 static void iommu_flush_complete(struct protection_domain *domain)
466 for (i = 0; i < amd_iommus_present; ++i) {
467 if (!domain->dev_iommu[i])
471 * Devices of this domain are behind this IOMMU
472 * We need to wait for completion of all commands.
474 iommu_completion_wait(amd_iommus[i]);
479 * Command send function for invalidating a device table entry
481 static int iommu_queue_inv_dev_entry(struct amd_iommu *iommu, u16 devid)
483 struct iommu_cmd cmd;
486 BUG_ON(iommu == NULL);
488 memset(&cmd, 0, sizeof(cmd));
489 CMD_SET_TYPE(&cmd, CMD_INV_DEV_ENTRY);
492 ret = iommu_queue_command(iommu, &cmd);
497 static int iommu_flush_device(struct device *dev)
499 struct amd_iommu *iommu;
502 devid = get_device_id(dev);
503 iommu = amd_iommu_rlookup_table[devid];
505 return iommu_queue_inv_dev_entry(iommu, devid);
508 static void __iommu_build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
509 u16 domid, int pde, int s)
511 memset(cmd, 0, sizeof(*cmd));
512 address &= PAGE_MASK;
513 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
514 cmd->data[1] |= domid;
515 cmd->data[2] = lower_32_bits(address);
516 cmd->data[3] = upper_32_bits(address);
517 if (s) /* size bit - we flush more than one 4kb page */
518 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
519 if (pde) /* PDE bit - we wan't flush everything not only the PTEs */
520 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
524 * Generic command send function for invalidaing TLB entries
526 static int iommu_queue_inv_iommu_pages(struct amd_iommu *iommu,
527 u64 address, u16 domid, int pde, int s)
529 struct iommu_cmd cmd;
532 __iommu_build_inv_iommu_pages(&cmd, address, domid, pde, s);
534 ret = iommu_queue_command(iommu, &cmd);
540 * TLB invalidation function which is called from the mapping functions.
541 * It invalidates a single PTE if the range to flush is within a single
542 * page. Otherwise it flushes the whole TLB of the IOMMU.
544 static void __iommu_flush_pages(struct protection_domain *domain,
545 u64 address, size_t size, int pde)
548 unsigned long pages = iommu_num_pages(address, size, PAGE_SIZE);
550 address &= PAGE_MASK;
554 * If we have to flush more than one page, flush all
555 * TLB entries for this domain
557 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
562 for (i = 0; i < amd_iommus_present; ++i) {
563 if (!domain->dev_iommu[i])
567 * Devices of this domain are behind this IOMMU
568 * We need a TLB flush
570 iommu_queue_inv_iommu_pages(amd_iommus[i], address,
577 static void iommu_flush_pages(struct protection_domain *domain,
578 u64 address, size_t size)
580 __iommu_flush_pages(domain, address, size, 0);
583 /* Flush the whole IO/TLB for a given protection domain */
584 static void iommu_flush_tlb(struct protection_domain *domain)
586 __iommu_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 0);
589 /* Flush the whole IO/TLB for a given protection domain - including PDE */
590 static void iommu_flush_tlb_pde(struct protection_domain *domain)
592 __iommu_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 1);
596 * This function flushes all domains that have devices on the given IOMMU
598 static void flush_all_domains_on_iommu(struct amd_iommu *iommu)
600 u64 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
601 struct protection_domain *domain;
604 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
606 list_for_each_entry(domain, &amd_iommu_pd_list, list) {
607 if (domain->dev_iommu[iommu->index] == 0)
610 spin_lock(&domain->lock);
611 iommu_queue_inv_iommu_pages(iommu, address, domain->id, 1, 1);
612 iommu_flush_complete(domain);
613 spin_unlock(&domain->lock);
616 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
620 * This function uses heavy locking and may disable irqs for some time. But
621 * this is no issue because it is only called during resume.
623 void amd_iommu_flush_all_domains(void)
625 struct protection_domain *domain;
628 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
630 list_for_each_entry(domain, &amd_iommu_pd_list, list) {
631 spin_lock(&domain->lock);
632 iommu_flush_tlb_pde(domain);
633 iommu_flush_complete(domain);
634 spin_unlock(&domain->lock);
637 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
640 static void flush_all_devices_for_iommu(struct amd_iommu *iommu)
644 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
645 if (iommu != amd_iommu_rlookup_table[i])
648 iommu_queue_inv_dev_entry(iommu, i);
649 iommu_completion_wait(iommu);
653 static void flush_devices_by_domain(struct protection_domain *domain)
655 struct amd_iommu *iommu;
658 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
659 if ((domain == NULL && amd_iommu_pd_table[i] == NULL) ||
660 (amd_iommu_pd_table[i] != domain))
663 iommu = amd_iommu_rlookup_table[i];
667 iommu_queue_inv_dev_entry(iommu, i);
668 iommu_completion_wait(iommu);
672 static void reset_iommu_command_buffer(struct amd_iommu *iommu)
674 pr_err("AMD-Vi: Resetting IOMMU command buffer\n");
676 if (iommu->reset_in_progress)
677 panic("AMD-Vi: ILLEGAL_COMMAND_ERROR while resetting command buffer\n");
679 iommu->reset_in_progress = true;
681 amd_iommu_reset_cmd_buffer(iommu);
682 flush_all_devices_for_iommu(iommu);
683 flush_all_domains_on_iommu(iommu);
685 iommu->reset_in_progress = false;
688 void amd_iommu_flush_all_devices(void)
690 flush_devices_by_domain(NULL);
693 /****************************************************************************
695 * The functions below are used the create the page table mappings for
696 * unity mapped regions.
698 ****************************************************************************/
701 * This function is used to add another level to an IO page table. Adding
702 * another level increases the size of the address space by 9 bits to a size up
705 static bool increase_address_space(struct protection_domain *domain,
710 if (domain->mode == PAGE_MODE_6_LEVEL)
711 /* address space already 64 bit large */
714 pte = (void *)get_zeroed_page(gfp);
718 *pte = PM_LEVEL_PDE(domain->mode,
719 virt_to_phys(domain->pt_root));
720 domain->pt_root = pte;
722 domain->updated = true;
727 static u64 *alloc_pte(struct protection_domain *domain,
728 unsigned long address,
736 while (address > PM_LEVEL_SIZE(domain->mode))
737 increase_address_space(domain, gfp);
739 level = domain->mode - 1;
740 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
742 while (level > end_lvl) {
743 if (!IOMMU_PTE_PRESENT(*pte)) {
744 page = (u64 *)get_zeroed_page(gfp);
747 *pte = PM_LEVEL_PDE(level, virt_to_phys(page));
752 pte = IOMMU_PTE_PAGE(*pte);
754 if (pte_page && level == end_lvl)
757 pte = &pte[PM_LEVEL_INDEX(level, address)];
764 * This function checks if there is a PTE for a given dma address. If
765 * there is one, it returns the pointer to it.
767 static u64 *fetch_pte(struct protection_domain *domain,
768 unsigned long address, int map_size)
773 level = domain->mode - 1;
774 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
776 while (level > map_size) {
777 if (!IOMMU_PTE_PRESENT(*pte))
782 pte = IOMMU_PTE_PAGE(*pte);
783 pte = &pte[PM_LEVEL_INDEX(level, address)];
785 if ((PM_PTE_LEVEL(*pte) == 0) && level != map_size) {
795 * Generic mapping functions. It maps a physical address into a DMA
796 * address space. It allocates the page table pages if necessary.
797 * In the future it can be extended to a generic mapping function
798 * supporting all features of AMD IOMMU page tables like level skipping
799 * and full 64 bit address spaces.
801 static int iommu_map_page(struct protection_domain *dom,
802 unsigned long bus_addr,
803 unsigned long phys_addr,
809 bus_addr = PAGE_ALIGN(bus_addr);
810 phys_addr = PAGE_ALIGN(phys_addr);
812 BUG_ON(!PM_ALIGNED(map_size, bus_addr));
813 BUG_ON(!PM_ALIGNED(map_size, phys_addr));
815 if (!(prot & IOMMU_PROT_MASK))
818 pte = alloc_pte(dom, bus_addr, map_size, NULL, GFP_KERNEL);
820 if (IOMMU_PTE_PRESENT(*pte))
823 __pte = phys_addr | IOMMU_PTE_P;
824 if (prot & IOMMU_PROT_IR)
825 __pte |= IOMMU_PTE_IR;
826 if (prot & IOMMU_PROT_IW)
827 __pte |= IOMMU_PTE_IW;
836 static void iommu_unmap_page(struct protection_domain *dom,
837 unsigned long bus_addr, int map_size)
839 u64 *pte = fetch_pte(dom, bus_addr, map_size);
846 * This function checks if a specific unity mapping entry is needed for
847 * this specific IOMMU.
849 static int iommu_for_unity_map(struct amd_iommu *iommu,
850 struct unity_map_entry *entry)
854 for (i = entry->devid_start; i <= entry->devid_end; ++i) {
855 bdf = amd_iommu_alias_table[i];
856 if (amd_iommu_rlookup_table[bdf] == iommu)
864 * This function actually applies the mapping to the page table of the
867 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
868 struct unity_map_entry *e)
873 for (addr = e->address_start; addr < e->address_end;
875 ret = iommu_map_page(&dma_dom->domain, addr, addr, e->prot,
880 * if unity mapping is in aperture range mark the page
881 * as allocated in the aperture
883 if (addr < dma_dom->aperture_size)
884 __set_bit(addr >> PAGE_SHIFT,
885 dma_dom->aperture[0]->bitmap);
892 * Init the unity mappings for a specific IOMMU in the system
894 * Basically iterates over all unity mapping entries and applies them to
895 * the default domain DMA of that IOMMU if necessary.
897 static int iommu_init_unity_mappings(struct amd_iommu *iommu)
899 struct unity_map_entry *entry;
902 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
903 if (!iommu_for_unity_map(iommu, entry))
905 ret = dma_ops_unity_map(iommu->default_dom, entry);
914 * Inits the unity mappings required for a specific device
916 static int init_unity_mappings_for_device(struct dma_ops_domain *dma_dom,
919 struct unity_map_entry *e;
922 list_for_each_entry(e, &amd_iommu_unity_map, list) {
923 if (!(devid >= e->devid_start && devid <= e->devid_end))
925 ret = dma_ops_unity_map(dma_dom, e);
933 /****************************************************************************
935 * The next functions belong to the address allocator for the dma_ops
936 * interface functions. They work like the allocators in the other IOMMU
937 * drivers. Its basically a bitmap which marks the allocated pages in
938 * the aperture. Maybe it could be enhanced in the future to a more
939 * efficient allocator.
941 ****************************************************************************/
944 * The address allocator core functions.
946 * called with domain->lock held
950 * Used to reserve address ranges in the aperture (e.g. for exclusion
953 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
954 unsigned long start_page,
957 unsigned int i, last_page = dom->aperture_size >> PAGE_SHIFT;
959 if (start_page + pages > last_page)
960 pages = last_page - start_page;
962 for (i = start_page; i < start_page + pages; ++i) {
963 int index = i / APERTURE_RANGE_PAGES;
964 int page = i % APERTURE_RANGE_PAGES;
965 __set_bit(page, dom->aperture[index]->bitmap);
970 * This function is used to add a new aperture range to an existing
971 * aperture in case of dma_ops domain allocation or address allocation
974 static int alloc_new_range(struct dma_ops_domain *dma_dom,
975 bool populate, gfp_t gfp)
977 int index = dma_dom->aperture_size >> APERTURE_RANGE_SHIFT;
978 struct amd_iommu *iommu;
981 #ifdef CONFIG_IOMMU_STRESS
985 if (index >= APERTURE_MAX_RANGES)
988 dma_dom->aperture[index] = kzalloc(sizeof(struct aperture_range), gfp);
989 if (!dma_dom->aperture[index])
992 dma_dom->aperture[index]->bitmap = (void *)get_zeroed_page(gfp);
993 if (!dma_dom->aperture[index]->bitmap)
996 dma_dom->aperture[index]->offset = dma_dom->aperture_size;
999 unsigned long address = dma_dom->aperture_size;
1000 int i, num_ptes = APERTURE_RANGE_PAGES / 512;
1001 u64 *pte, *pte_page;
1003 for (i = 0; i < num_ptes; ++i) {
1004 pte = alloc_pte(&dma_dom->domain, address, PM_MAP_4k,
1009 dma_dom->aperture[index]->pte_pages[i] = pte_page;
1011 address += APERTURE_RANGE_SIZE / 64;
1015 dma_dom->aperture_size += APERTURE_RANGE_SIZE;
1017 /* Intialize the exclusion range if necessary */
1018 for_each_iommu(iommu) {
1019 if (iommu->exclusion_start &&
1020 iommu->exclusion_start >= dma_dom->aperture[index]->offset
1021 && iommu->exclusion_start < dma_dom->aperture_size) {
1022 unsigned long startpage;
1023 int pages = iommu_num_pages(iommu->exclusion_start,
1024 iommu->exclusion_length,
1026 startpage = iommu->exclusion_start >> PAGE_SHIFT;
1027 dma_ops_reserve_addresses(dma_dom, startpage, pages);
1032 * Check for areas already mapped as present in the new aperture
1033 * range and mark those pages as reserved in the allocator. Such
1034 * mappings may already exist as a result of requested unity
1035 * mappings for devices.
1037 for (i = dma_dom->aperture[index]->offset;
1038 i < dma_dom->aperture_size;
1040 u64 *pte = fetch_pte(&dma_dom->domain, i, PM_MAP_4k);
1041 if (!pte || !IOMMU_PTE_PRESENT(*pte))
1044 dma_ops_reserve_addresses(dma_dom, i << PAGE_SHIFT, 1);
1047 update_domain(&dma_dom->domain);
1052 update_domain(&dma_dom->domain);
1054 free_page((unsigned long)dma_dom->aperture[index]->bitmap);
1056 kfree(dma_dom->aperture[index]);
1057 dma_dom->aperture[index] = NULL;
1062 static unsigned long dma_ops_area_alloc(struct device *dev,
1063 struct dma_ops_domain *dom,
1065 unsigned long align_mask,
1067 unsigned long start)
1069 unsigned long next_bit = dom->next_address % APERTURE_RANGE_SIZE;
1070 int max_index = dom->aperture_size >> APERTURE_RANGE_SHIFT;
1071 int i = start >> APERTURE_RANGE_SHIFT;
1072 unsigned long boundary_size;
1073 unsigned long address = -1;
1074 unsigned long limit;
1076 next_bit >>= PAGE_SHIFT;
1078 boundary_size = ALIGN(dma_get_seg_boundary(dev) + 1,
1079 PAGE_SIZE) >> PAGE_SHIFT;
1081 for (;i < max_index; ++i) {
1082 unsigned long offset = dom->aperture[i]->offset >> PAGE_SHIFT;
1084 if (dom->aperture[i]->offset >= dma_mask)
1087 limit = iommu_device_max_index(APERTURE_RANGE_PAGES, offset,
1088 dma_mask >> PAGE_SHIFT);
1090 address = iommu_area_alloc(dom->aperture[i]->bitmap,
1091 limit, next_bit, pages, 0,
1092 boundary_size, align_mask);
1093 if (address != -1) {
1094 address = dom->aperture[i]->offset +
1095 (address << PAGE_SHIFT);
1096 dom->next_address = address + (pages << PAGE_SHIFT);
1106 static unsigned long dma_ops_alloc_addresses(struct device *dev,
1107 struct dma_ops_domain *dom,
1109 unsigned long align_mask,
1112 unsigned long address;
1114 #ifdef CONFIG_IOMMU_STRESS
1115 dom->next_address = 0;
1116 dom->need_flush = true;
1119 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1120 dma_mask, dom->next_address);
1122 if (address == -1) {
1123 dom->next_address = 0;
1124 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
1126 dom->need_flush = true;
1129 if (unlikely(address == -1))
1130 address = DMA_ERROR_CODE;
1132 WARN_ON((address + (PAGE_SIZE*pages)) > dom->aperture_size);
1138 * The address free function.
1140 * called with domain->lock held
1142 static void dma_ops_free_addresses(struct dma_ops_domain *dom,
1143 unsigned long address,
1146 unsigned i = address >> APERTURE_RANGE_SHIFT;
1147 struct aperture_range *range = dom->aperture[i];
1149 BUG_ON(i >= APERTURE_MAX_RANGES || range == NULL);
1151 #ifdef CONFIG_IOMMU_STRESS
1156 if (address >= dom->next_address)
1157 dom->need_flush = true;
1159 address = (address % APERTURE_RANGE_SIZE) >> PAGE_SHIFT;
1161 iommu_area_free(range->bitmap, address, pages);
1165 /****************************************************************************
1167 * The next functions belong to the domain allocation. A domain is
1168 * allocated for every IOMMU as the default domain. If device isolation
1169 * is enabled, every device get its own domain. The most important thing
1170 * about domains is the page table mapping the DMA address space they
1173 ****************************************************************************/
1176 * This function adds a protection domain to the global protection domain list
1178 static void add_domain_to_list(struct protection_domain *domain)
1180 unsigned long flags;
1182 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1183 list_add(&domain->list, &amd_iommu_pd_list);
1184 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1188 * This function removes a protection domain to the global
1189 * protection domain list
1191 static void del_domain_from_list(struct protection_domain *domain)
1193 unsigned long flags;
1195 spin_lock_irqsave(&amd_iommu_pd_lock, flags);
1196 list_del(&domain->list);
1197 spin_unlock_irqrestore(&amd_iommu_pd_lock, flags);
1200 static u16 domain_id_alloc(void)
1202 unsigned long flags;
1205 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1206 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
1208 if (id > 0 && id < MAX_DOMAIN_ID)
1209 __set_bit(id, amd_iommu_pd_alloc_bitmap);
1212 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1217 static void domain_id_free(int id)
1219 unsigned long flags;
1221 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1222 if (id > 0 && id < MAX_DOMAIN_ID)
1223 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1224 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1227 static void free_pagetable(struct protection_domain *domain)
1232 p1 = domain->pt_root;
1237 for (i = 0; i < 512; ++i) {
1238 if (!IOMMU_PTE_PRESENT(p1[i]))
1241 p2 = IOMMU_PTE_PAGE(p1[i]);
1242 for (j = 0; j < 512; ++j) {
1243 if (!IOMMU_PTE_PRESENT(p2[j]))
1245 p3 = IOMMU_PTE_PAGE(p2[j]);
1246 free_page((unsigned long)p3);
1249 free_page((unsigned long)p2);
1252 free_page((unsigned long)p1);
1254 domain->pt_root = NULL;
1258 * Free a domain, only used if something went wrong in the
1259 * allocation path and we need to free an already allocated page table
1261 static void dma_ops_domain_free(struct dma_ops_domain *dom)
1268 del_domain_from_list(&dom->domain);
1270 free_pagetable(&dom->domain);
1272 for (i = 0; i < APERTURE_MAX_RANGES; ++i) {
1273 if (!dom->aperture[i])
1275 free_page((unsigned long)dom->aperture[i]->bitmap);
1276 kfree(dom->aperture[i]);
1283 * Allocates a new protection domain usable for the dma_ops functions.
1284 * It also intializes the page table and the address allocator data
1285 * structures required for the dma_ops interface
1287 static struct dma_ops_domain *dma_ops_domain_alloc(void)
1289 struct dma_ops_domain *dma_dom;
1291 dma_dom = kzalloc(sizeof(struct dma_ops_domain), GFP_KERNEL);
1295 spin_lock_init(&dma_dom->domain.lock);
1297 dma_dom->domain.id = domain_id_alloc();
1298 if (dma_dom->domain.id == 0)
1300 INIT_LIST_HEAD(&dma_dom->domain.dev_list);
1301 dma_dom->domain.mode = PAGE_MODE_2_LEVEL;
1302 dma_dom->domain.pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1303 dma_dom->domain.flags = PD_DMA_OPS_MASK;
1304 dma_dom->domain.priv = dma_dom;
1305 if (!dma_dom->domain.pt_root)
1308 dma_dom->need_flush = false;
1309 dma_dom->target_dev = 0xffff;
1311 add_domain_to_list(&dma_dom->domain);
1313 if (alloc_new_range(dma_dom, true, GFP_KERNEL))
1317 * mark the first page as allocated so we never return 0 as
1318 * a valid dma-address. So we can use 0 as error value
1320 dma_dom->aperture[0]->bitmap[0] = 1;
1321 dma_dom->next_address = 0;
1327 dma_ops_domain_free(dma_dom);
1333 * little helper function to check whether a given protection domain is a
1336 static bool dma_ops_domain(struct protection_domain *domain)
1338 return domain->flags & PD_DMA_OPS_MASK;
1341 static void set_dte_entry(u16 devid, struct protection_domain *domain)
1343 u64 pte_root = virt_to_phys(domain->pt_root);
1345 BUG_ON(amd_iommu_pd_table[devid] != NULL);
1347 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1348 << DEV_ENTRY_MODE_SHIFT;
1349 pte_root |= IOMMU_PTE_IR | IOMMU_PTE_IW | IOMMU_PTE_P | IOMMU_PTE_TV;
1351 amd_iommu_dev_table[devid].data[2] = domain->id;
1352 amd_iommu_dev_table[devid].data[1] = upper_32_bits(pte_root);
1353 amd_iommu_dev_table[devid].data[0] = lower_32_bits(pte_root);
1355 amd_iommu_pd_table[devid] = domain;
1359 static void clear_dte_entry(u16 devid)
1361 struct protection_domain *domain = amd_iommu_pd_table[devid];
1363 BUG_ON(domain == NULL);
1365 /* remove domain from the lookup table */
1366 amd_iommu_pd_table[devid] = NULL;
1368 /* remove entry from the device table seen by the hardware */
1369 amd_iommu_dev_table[devid].data[0] = IOMMU_PTE_P | IOMMU_PTE_TV;
1370 amd_iommu_dev_table[devid].data[1] = 0;
1371 amd_iommu_dev_table[devid].data[2] = 0;
1373 amd_iommu_apply_erratum_63(devid);
1376 static void do_attach(struct device *dev, struct protection_domain *domain)
1378 struct iommu_dev_data *dev_data;
1379 struct amd_iommu *iommu;
1382 devid = get_device_id(dev);
1383 iommu = amd_iommu_rlookup_table[devid];
1384 dev_data = get_dev_data(dev);
1386 /* Update data structures */
1387 dev_data->domain = domain;
1388 list_add(&dev_data->list, &domain->dev_list);
1389 set_dte_entry(devid, domain);
1391 /* Do reference counting */
1392 domain->dev_iommu[iommu->index] += 1;
1393 domain->dev_cnt += 1;
1395 /* Flush the DTE entry */
1396 iommu_flush_device(dev);
1399 static void do_detach(struct device *dev)
1401 struct iommu_dev_data *dev_data;
1402 struct amd_iommu *iommu;
1405 devid = get_device_id(dev);
1406 iommu = amd_iommu_rlookup_table[devid];
1407 dev_data = get_dev_data(dev);
1409 /* decrease reference counters */
1410 dev_data->domain->dev_iommu[iommu->index] -= 1;
1411 dev_data->domain->dev_cnt -= 1;
1413 /* Update data structures */
1414 dev_data->domain = NULL;
1415 list_del(&dev_data->list);
1416 clear_dte_entry(devid);
1418 /* Flush the DTE entry */
1419 iommu_flush_device(dev);
1423 * If a device is not yet associated with a domain, this function does
1424 * assigns it visible for the hardware
1426 static int __attach_device(struct device *dev,
1427 struct protection_domain *domain)
1429 struct iommu_dev_data *dev_data, *alias_data;
1431 dev_data = get_dev_data(dev);
1432 alias_data = get_dev_data(dev_data->alias);
1438 spin_lock(&domain->lock);
1440 /* Some sanity checks */
1441 if (alias_data->domain != NULL &&
1442 alias_data->domain != domain)
1445 if (dev_data->domain != NULL &&
1446 dev_data->domain != domain)
1449 /* Do real assignment */
1450 if (dev_data->alias != dev) {
1451 alias_data = get_dev_data(dev_data->alias);
1452 if (alias_data->domain == NULL)
1453 do_attach(dev_data->alias, domain);
1455 atomic_inc(&alias_data->bind);
1458 if (dev_data->domain == NULL)
1459 do_attach(dev, domain);
1461 atomic_inc(&dev_data->bind);
1464 spin_unlock(&domain->lock);
1470 * If a device is not yet associated with a domain, this function does
1471 * assigns it visible for the hardware
1473 static int attach_device(struct device *dev,
1474 struct protection_domain *domain)
1476 unsigned long flags;
1479 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1480 ret = __attach_device(dev, domain);
1481 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1484 * We might boot into a crash-kernel here. The crashed kernel
1485 * left the caches in the IOMMU dirty. So we have to flush
1486 * here to evict all dirty stuff.
1488 iommu_flush_tlb_pde(domain);
1494 * Removes a device from a protection domain (unlocked)
1496 static void __detach_device(struct device *dev)
1498 struct iommu_dev_data *dev_data = get_dev_data(dev);
1499 struct iommu_dev_data *alias_data;
1500 unsigned long flags;
1502 BUG_ON(!dev_data->domain);
1504 spin_lock_irqsave(&dev_data->domain->lock, flags);
1506 if (dev_data->alias != dev) {
1507 alias_data = get_dev_data(dev_data->alias);
1508 if (atomic_dec_and_test(&alias_data->bind))
1509 do_detach(dev_data->alias);
1512 if (atomic_dec_and_test(&dev_data->bind))
1515 spin_unlock_irqrestore(&dev_data->domain->lock, flags);
1518 * If we run in passthrough mode the device must be assigned to the
1519 * passthrough domain if it is detached from any other domain
1521 if (iommu_pass_through && dev_data->domain == NULL)
1522 __attach_device(dev, pt_domain);
1526 * Removes a device from a protection domain (with devtable_lock held)
1528 static void detach_device(struct device *dev)
1530 unsigned long flags;
1532 /* lock device table */
1533 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1534 __detach_device(dev);
1535 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1539 * Find out the protection domain structure for a given PCI device. This
1540 * will give us the pointer to the page table root for example.
1542 static struct protection_domain *domain_for_device(struct device *dev)
1544 struct protection_domain *dom;
1545 struct iommu_dev_data *dev_data, *alias_data;
1546 unsigned long flags;
1549 devid = get_device_id(dev);
1550 alias = amd_iommu_alias_table[devid];
1551 dev_data = get_dev_data(dev);
1552 alias_data = get_dev_data(dev_data->alias);
1556 read_lock_irqsave(&amd_iommu_devtable_lock, flags);
1557 dom = dev_data->domain;
1559 alias_data->domain != NULL) {
1560 __attach_device(dev, alias_data->domain);
1561 dom = alias_data->domain;
1564 read_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1569 static int device_change_notifier(struct notifier_block *nb,
1570 unsigned long action, void *data)
1572 struct device *dev = data;
1574 struct protection_domain *domain;
1575 struct dma_ops_domain *dma_domain;
1576 struct amd_iommu *iommu;
1577 unsigned long flags;
1579 if (!check_device(dev))
1582 devid = get_device_id(dev);
1583 iommu = amd_iommu_rlookup_table[devid];
1586 case BUS_NOTIFY_UNBOUND_DRIVER:
1588 domain = domain_for_device(dev);
1592 if (iommu_pass_through)
1596 case BUS_NOTIFY_ADD_DEVICE:
1598 iommu_init_device(dev);
1600 domain = domain_for_device(dev);
1602 /* allocate a protection domain if a device is added */
1603 dma_domain = find_protection_domain(devid);
1606 dma_domain = dma_ops_domain_alloc();
1609 dma_domain->target_dev = devid;
1611 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1612 list_add_tail(&dma_domain->list, &iommu_pd_list);
1613 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1616 case BUS_NOTIFY_DEL_DEVICE:
1618 iommu_uninit_device(dev);
1624 iommu_flush_device(dev);
1625 iommu_completion_wait(iommu);
1631 static struct notifier_block device_nb = {
1632 .notifier_call = device_change_notifier,
1635 /*****************************************************************************
1637 * The next functions belong to the dma_ops mapping/unmapping code.
1639 *****************************************************************************/
1642 * In the dma_ops path we only have the struct device. This function
1643 * finds the corresponding IOMMU, the protection domain and the
1644 * requestor id for a given device.
1645 * If the device is not yet associated with a domain this is also done
1648 static struct protection_domain *get_domain(struct device *dev)
1650 struct protection_domain *domain;
1651 struct dma_ops_domain *dma_dom;
1652 u16 devid = get_device_id(dev);
1654 if (!check_device(dev))
1655 return ERR_PTR(-EINVAL);
1657 domain = domain_for_device(dev);
1658 if (domain != NULL && !dma_ops_domain(domain))
1659 return ERR_PTR(-EBUSY);
1664 /* Device not bount yet - bind it */
1665 dma_dom = find_protection_domain(devid);
1667 dma_dom = amd_iommu_rlookup_table[devid]->default_dom;
1668 attach_device(dev, &dma_dom->domain);
1669 DUMP_printk("Using protection domain %d for device %s\n",
1670 dma_dom->domain.id, dev_name(dev));
1672 return &dma_dom->domain;
1675 static void update_device_table(struct protection_domain *domain)
1677 unsigned long flags;
1680 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
1681 if (amd_iommu_pd_table[i] != domain)
1683 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1684 set_dte_entry(i, domain);
1685 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1689 static void update_domain(struct protection_domain *domain)
1691 if (!domain->updated)
1694 update_device_table(domain);
1695 flush_devices_by_domain(domain);
1696 iommu_flush_tlb_pde(domain);
1698 domain->updated = false;
1702 * This function fetches the PTE for a given address in the aperture
1704 static u64* dma_ops_get_pte(struct dma_ops_domain *dom,
1705 unsigned long address)
1707 struct aperture_range *aperture;
1708 u64 *pte, *pte_page;
1710 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1714 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1716 pte = alloc_pte(&dom->domain, address, PM_MAP_4k, &pte_page,
1718 aperture->pte_pages[APERTURE_PAGE_INDEX(address)] = pte_page;
1720 pte += PM_LEVEL_INDEX(0, address);
1722 update_domain(&dom->domain);
1728 * This is the generic map function. It maps one 4kb page at paddr to
1729 * the given address in the DMA address space for the domain.
1731 static dma_addr_t dma_ops_domain_map(struct dma_ops_domain *dom,
1732 unsigned long address,
1738 WARN_ON(address > dom->aperture_size);
1742 pte = dma_ops_get_pte(dom, address);
1744 return DMA_ERROR_CODE;
1746 __pte = paddr | IOMMU_PTE_P | IOMMU_PTE_FC;
1748 if (direction == DMA_TO_DEVICE)
1749 __pte |= IOMMU_PTE_IR;
1750 else if (direction == DMA_FROM_DEVICE)
1751 __pte |= IOMMU_PTE_IW;
1752 else if (direction == DMA_BIDIRECTIONAL)
1753 __pte |= IOMMU_PTE_IR | IOMMU_PTE_IW;
1759 return (dma_addr_t)address;
1763 * The generic unmapping function for on page in the DMA address space.
1765 static void dma_ops_domain_unmap(struct dma_ops_domain *dom,
1766 unsigned long address)
1768 struct aperture_range *aperture;
1771 if (address >= dom->aperture_size)
1774 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1778 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1782 pte += PM_LEVEL_INDEX(0, address);
1790 * This function contains common code for mapping of a physically
1791 * contiguous memory region into DMA address space. It is used by all
1792 * mapping functions provided with this IOMMU driver.
1793 * Must be called with the domain lock held.
1795 static dma_addr_t __map_single(struct device *dev,
1796 struct dma_ops_domain *dma_dom,
1803 dma_addr_t offset = paddr & ~PAGE_MASK;
1804 dma_addr_t address, start, ret;
1806 unsigned long align_mask = 0;
1809 pages = iommu_num_pages(paddr, size, PAGE_SIZE);
1812 INC_STATS_COUNTER(total_map_requests);
1815 INC_STATS_COUNTER(cross_page);
1818 align_mask = (1UL << get_order(size)) - 1;
1821 address = dma_ops_alloc_addresses(dev, dma_dom, pages, align_mask,
1823 if (unlikely(address == DMA_ERROR_CODE)) {
1825 * setting next_address here will let the address
1826 * allocator only scan the new allocated range in the
1827 * first run. This is a small optimization.
1829 dma_dom->next_address = dma_dom->aperture_size;
1831 if (alloc_new_range(dma_dom, false, GFP_ATOMIC))
1835 * aperture was sucessfully enlarged by 128 MB, try
1842 for (i = 0; i < pages; ++i) {
1843 ret = dma_ops_domain_map(dma_dom, start, paddr, dir);
1844 if (ret == DMA_ERROR_CODE)
1852 ADD_STATS_COUNTER(alloced_io_mem, size);
1854 if (unlikely(dma_dom->need_flush && !amd_iommu_unmap_flush)) {
1855 iommu_flush_tlb(&dma_dom->domain);
1856 dma_dom->need_flush = false;
1857 } else if (unlikely(amd_iommu_np_cache))
1858 iommu_flush_pages(&dma_dom->domain, address, size);
1865 for (--i; i >= 0; --i) {
1867 dma_ops_domain_unmap(dma_dom, start);
1870 dma_ops_free_addresses(dma_dom, address, pages);
1872 return DMA_ERROR_CODE;
1876 * Does the reverse of the __map_single function. Must be called with
1877 * the domain lock held too
1879 static void __unmap_single(struct dma_ops_domain *dma_dom,
1880 dma_addr_t dma_addr,
1884 dma_addr_t i, start;
1887 if ((dma_addr == DMA_ERROR_CODE) ||
1888 (dma_addr + size > dma_dom->aperture_size))
1891 pages = iommu_num_pages(dma_addr, size, PAGE_SIZE);
1892 dma_addr &= PAGE_MASK;
1895 for (i = 0; i < pages; ++i) {
1896 dma_ops_domain_unmap(dma_dom, start);
1900 SUB_STATS_COUNTER(alloced_io_mem, size);
1902 dma_ops_free_addresses(dma_dom, dma_addr, pages);
1904 if (amd_iommu_unmap_flush || dma_dom->need_flush) {
1905 iommu_flush_pages(&dma_dom->domain, dma_addr, size);
1906 dma_dom->need_flush = false;
1911 * The exported map_single function for dma_ops.
1913 static dma_addr_t map_page(struct device *dev, struct page *page,
1914 unsigned long offset, size_t size,
1915 enum dma_data_direction dir,
1916 struct dma_attrs *attrs)
1918 unsigned long flags;
1919 struct protection_domain *domain;
1922 phys_addr_t paddr = page_to_phys(page) + offset;
1924 INC_STATS_COUNTER(cnt_map_single);
1926 domain = get_domain(dev);
1927 if (PTR_ERR(domain) == -EINVAL)
1928 return (dma_addr_t)paddr;
1929 else if (IS_ERR(domain))
1930 return DMA_ERROR_CODE;
1932 dma_mask = *dev->dma_mask;
1934 spin_lock_irqsave(&domain->lock, flags);
1936 addr = __map_single(dev, domain->priv, paddr, size, dir, false,
1938 if (addr == DMA_ERROR_CODE)
1941 iommu_flush_complete(domain);
1944 spin_unlock_irqrestore(&domain->lock, flags);
1950 * The exported unmap_single function for dma_ops.
1952 static void unmap_page(struct device *dev, dma_addr_t dma_addr, size_t size,
1953 enum dma_data_direction dir, struct dma_attrs *attrs)
1955 unsigned long flags;
1956 struct protection_domain *domain;
1958 INC_STATS_COUNTER(cnt_unmap_single);
1960 domain = get_domain(dev);
1964 spin_lock_irqsave(&domain->lock, flags);
1966 __unmap_single(domain->priv, dma_addr, size, dir);
1968 iommu_flush_complete(domain);
1970 spin_unlock_irqrestore(&domain->lock, flags);
1974 * This is a special map_sg function which is used if we should map a
1975 * device which is not handled by an AMD IOMMU in the system.
1977 static int map_sg_no_iommu(struct device *dev, struct scatterlist *sglist,
1978 int nelems, int dir)
1980 struct scatterlist *s;
1983 for_each_sg(sglist, s, nelems, i) {
1984 s->dma_address = (dma_addr_t)sg_phys(s);
1985 s->dma_length = s->length;
1992 * The exported map_sg function for dma_ops (handles scatter-gather
1995 static int map_sg(struct device *dev, struct scatterlist *sglist,
1996 int nelems, enum dma_data_direction dir,
1997 struct dma_attrs *attrs)
1999 unsigned long flags;
2000 struct protection_domain *domain;
2002 struct scatterlist *s;
2004 int mapped_elems = 0;
2007 INC_STATS_COUNTER(cnt_map_sg);
2009 domain = get_domain(dev);
2010 if (PTR_ERR(domain) == -EINVAL)
2011 return map_sg_no_iommu(dev, sglist, nelems, dir);
2012 else if (IS_ERR(domain))
2015 dma_mask = *dev->dma_mask;
2017 spin_lock_irqsave(&domain->lock, flags);
2019 for_each_sg(sglist, s, nelems, i) {
2022 s->dma_address = __map_single(dev, domain->priv,
2023 paddr, s->length, dir, false,
2026 if (s->dma_address) {
2027 s->dma_length = s->length;
2033 iommu_flush_complete(domain);
2036 spin_unlock_irqrestore(&domain->lock, flags);
2038 return mapped_elems;
2040 for_each_sg(sglist, s, mapped_elems, i) {
2042 __unmap_single(domain->priv, s->dma_address,
2043 s->dma_length, dir);
2044 s->dma_address = s->dma_length = 0;
2053 * The exported map_sg function for dma_ops (handles scatter-gather
2056 static void unmap_sg(struct device *dev, struct scatterlist *sglist,
2057 int nelems, enum dma_data_direction dir,
2058 struct dma_attrs *attrs)
2060 unsigned long flags;
2061 struct protection_domain *domain;
2062 struct scatterlist *s;
2065 INC_STATS_COUNTER(cnt_unmap_sg);
2067 domain = get_domain(dev);
2071 spin_lock_irqsave(&domain->lock, flags);
2073 for_each_sg(sglist, s, nelems, i) {
2074 __unmap_single(domain->priv, s->dma_address,
2075 s->dma_length, dir);
2076 s->dma_address = s->dma_length = 0;
2079 iommu_flush_complete(domain);
2081 spin_unlock_irqrestore(&domain->lock, flags);
2085 * The exported alloc_coherent function for dma_ops.
2087 static void *alloc_coherent(struct device *dev, size_t size,
2088 dma_addr_t *dma_addr, gfp_t flag)
2090 unsigned long flags;
2092 struct protection_domain *domain;
2094 u64 dma_mask = dev->coherent_dma_mask;
2096 INC_STATS_COUNTER(cnt_alloc_coherent);
2098 domain = get_domain(dev);
2099 if (PTR_ERR(domain) == -EINVAL) {
2100 virt_addr = (void *)__get_free_pages(flag, get_order(size));
2101 *dma_addr = __pa(virt_addr);
2103 } else if (IS_ERR(domain))
2106 dma_mask = dev->coherent_dma_mask;
2107 flag &= ~(__GFP_DMA | __GFP_HIGHMEM | __GFP_DMA32);
2110 virt_addr = (void *)__get_free_pages(flag, get_order(size));
2114 paddr = virt_to_phys(virt_addr);
2117 dma_mask = *dev->dma_mask;
2119 spin_lock_irqsave(&domain->lock, flags);
2121 *dma_addr = __map_single(dev, domain->priv, paddr,
2122 size, DMA_BIDIRECTIONAL, true, dma_mask);
2124 if (*dma_addr == DMA_ERROR_CODE) {
2125 spin_unlock_irqrestore(&domain->lock, flags);
2129 iommu_flush_complete(domain);
2131 spin_unlock_irqrestore(&domain->lock, flags);
2137 free_pages((unsigned long)virt_addr, get_order(size));
2143 * The exported free_coherent function for dma_ops.
2145 static void free_coherent(struct device *dev, size_t size,
2146 void *virt_addr, dma_addr_t dma_addr)
2148 unsigned long flags;
2149 struct protection_domain *domain;
2151 INC_STATS_COUNTER(cnt_free_coherent);
2153 domain = get_domain(dev);
2157 spin_lock_irqsave(&domain->lock, flags);
2159 __unmap_single(domain->priv, dma_addr, size, DMA_BIDIRECTIONAL);
2161 iommu_flush_complete(domain);
2163 spin_unlock_irqrestore(&domain->lock, flags);
2166 free_pages((unsigned long)virt_addr, get_order(size));
2170 * This function is called by the DMA layer to find out if we can handle a
2171 * particular device. It is part of the dma_ops.
2173 static int amd_iommu_dma_supported(struct device *dev, u64 mask)
2175 return check_device(dev);
2179 * The function for pre-allocating protection domains.
2181 * If the driver core informs the DMA layer if a driver grabs a device
2182 * we don't need to preallocate the protection domains anymore.
2183 * For now we have to.
2185 static void prealloc_protection_domains(void)
2187 struct pci_dev *dev = NULL;
2188 struct dma_ops_domain *dma_dom;
2191 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2193 /* Do we handle this device? */
2194 if (!check_device(&dev->dev))
2197 iommu_init_device(&dev->dev);
2199 /* Is there already any domain for it? */
2200 if (domain_for_device(&dev->dev))
2203 devid = get_device_id(&dev->dev);
2205 dma_dom = dma_ops_domain_alloc();
2208 init_unity_mappings_for_device(dma_dom, devid);
2209 dma_dom->target_dev = devid;
2211 attach_device(&dev->dev, &dma_dom->domain);
2213 list_add_tail(&dma_dom->list, &iommu_pd_list);
2217 static struct dma_map_ops amd_iommu_dma_ops = {
2218 .alloc_coherent = alloc_coherent,
2219 .free_coherent = free_coherent,
2220 .map_page = map_page,
2221 .unmap_page = unmap_page,
2223 .unmap_sg = unmap_sg,
2224 .dma_supported = amd_iommu_dma_supported,
2228 * The function which clues the AMD IOMMU driver into dma_ops.
2230 int __init amd_iommu_init_dma_ops(void)
2232 struct amd_iommu *iommu;
2236 * first allocate a default protection domain for every IOMMU we
2237 * found in the system. Devices not assigned to any other
2238 * protection domain will be assigned to the default one.
2240 for_each_iommu(iommu) {
2241 iommu->default_dom = dma_ops_domain_alloc();
2242 if (iommu->default_dom == NULL)
2244 iommu->default_dom->domain.flags |= PD_DEFAULT_MASK;
2245 ret = iommu_init_unity_mappings(iommu);
2251 * Pre-allocate the protection domains for each device.
2253 prealloc_protection_domains();
2257 #ifdef CONFIG_GART_IOMMU
2258 gart_iommu_aperture_disabled = 1;
2259 gart_iommu_aperture = 0;
2262 /* Make the driver finally visible to the drivers */
2263 dma_ops = &amd_iommu_dma_ops;
2265 register_iommu(&amd_iommu_ops);
2267 bus_register_notifier(&pci_bus_type, &device_nb);
2269 amd_iommu_stats_init();
2275 for_each_iommu(iommu) {
2276 if (iommu->default_dom)
2277 dma_ops_domain_free(iommu->default_dom);
2283 /*****************************************************************************
2285 * The following functions belong to the exported interface of AMD IOMMU
2287 * This interface allows access to lower level functions of the IOMMU
2288 * like protection domain handling and assignement of devices to domains
2289 * which is not possible with the dma_ops interface.
2291 *****************************************************************************/
2293 static void cleanup_domain(struct protection_domain *domain)
2295 unsigned long flags;
2298 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
2300 for (devid = 0; devid <= amd_iommu_last_bdf; ++devid)
2301 if (amd_iommu_pd_table[devid] == domain)
2302 clear_dte_entry(devid);
2304 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
2307 static void protection_domain_free(struct protection_domain *domain)
2312 del_domain_from_list(domain);
2315 domain_id_free(domain->id);
2320 static struct protection_domain *protection_domain_alloc(void)
2322 struct protection_domain *domain;
2324 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2328 spin_lock_init(&domain->lock);
2329 domain->id = domain_id_alloc();
2332 INIT_LIST_HEAD(&domain->dev_list);
2334 add_domain_to_list(domain);
2344 static int amd_iommu_domain_init(struct iommu_domain *dom)
2346 struct protection_domain *domain;
2348 domain = protection_domain_alloc();
2352 domain->mode = PAGE_MODE_3_LEVEL;
2353 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2354 if (!domain->pt_root)
2362 protection_domain_free(domain);
2367 static void amd_iommu_domain_destroy(struct iommu_domain *dom)
2369 struct protection_domain *domain = dom->priv;
2374 if (domain->dev_cnt > 0)
2375 cleanup_domain(domain);
2377 BUG_ON(domain->dev_cnt != 0);
2379 free_pagetable(domain);
2381 domain_id_free(domain->id);
2388 static void amd_iommu_detach_device(struct iommu_domain *dom,
2391 struct iommu_dev_data *dev_data = dev->archdata.iommu;
2392 struct amd_iommu *iommu;
2395 if (!check_device(dev))
2398 devid = get_device_id(dev);
2400 if (dev_data->domain != NULL)
2403 iommu = amd_iommu_rlookup_table[devid];
2407 iommu_flush_device(dev);
2408 iommu_completion_wait(iommu);
2411 static int amd_iommu_attach_device(struct iommu_domain *dom,
2414 struct protection_domain *domain = dom->priv;
2415 struct iommu_dev_data *dev_data;
2416 struct amd_iommu *iommu;
2420 if (!check_device(dev))
2423 dev_data = dev->archdata.iommu;
2425 devid = get_device_id(dev);
2427 iommu = amd_iommu_rlookup_table[devid];
2431 if (dev_data->domain)
2434 ret = attach_device(dev, domain);
2436 iommu_completion_wait(iommu);
2441 static int amd_iommu_map_range(struct iommu_domain *dom,
2442 unsigned long iova, phys_addr_t paddr,
2443 size_t size, int iommu_prot)
2445 struct protection_domain *domain = dom->priv;
2446 unsigned long i, npages = iommu_num_pages(paddr, size, PAGE_SIZE);
2450 if (iommu_prot & IOMMU_READ)
2451 prot |= IOMMU_PROT_IR;
2452 if (iommu_prot & IOMMU_WRITE)
2453 prot |= IOMMU_PROT_IW;
2458 for (i = 0; i < npages; ++i) {
2459 ret = iommu_map_page(domain, iova, paddr, prot, PM_MAP_4k);
2470 static void amd_iommu_unmap_range(struct iommu_domain *dom,
2471 unsigned long iova, size_t size)
2474 struct protection_domain *domain = dom->priv;
2475 unsigned long i, npages = iommu_num_pages(iova, size, PAGE_SIZE);
2479 for (i = 0; i < npages; ++i) {
2480 iommu_unmap_page(domain, iova, PM_MAP_4k);
2484 iommu_flush_tlb_pde(domain);
2487 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2490 struct protection_domain *domain = dom->priv;
2491 unsigned long offset = iova & ~PAGE_MASK;
2495 pte = fetch_pte(domain, iova, PM_MAP_4k);
2497 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2500 paddr = *pte & IOMMU_PAGE_MASK;
2506 static int amd_iommu_domain_has_cap(struct iommu_domain *domain,
2512 static struct iommu_ops amd_iommu_ops = {
2513 .domain_init = amd_iommu_domain_init,
2514 .domain_destroy = amd_iommu_domain_destroy,
2515 .attach_dev = amd_iommu_attach_device,
2516 .detach_dev = amd_iommu_detach_device,
2517 .map = amd_iommu_map_range,
2518 .unmap = amd_iommu_unmap_range,
2519 .iova_to_phys = amd_iommu_iova_to_phys,
2520 .domain_has_cap = amd_iommu_domain_has_cap,
2523 /*****************************************************************************
2525 * The next functions do a basic initialization of IOMMU for pass through
2528 * In passthrough mode the IOMMU is initialized and enabled but not used for
2529 * DMA-API translation.
2531 *****************************************************************************/
2533 int __init amd_iommu_init_passthrough(void)
2535 struct amd_iommu *iommu;
2536 struct pci_dev *dev = NULL;
2539 /* allocate passthroug domain */
2540 pt_domain = protection_domain_alloc();
2544 pt_domain->mode |= PAGE_MODE_NONE;
2546 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2548 if (!check_device(&dev->dev))
2551 devid = get_device_id(&dev->dev);
2553 iommu = amd_iommu_rlookup_table[devid];
2557 attach_device(&dev->dev, pt_domain);
2560 pr_info("AMD-Vi: Initialized for Passthrough Mode\n");
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob