2 * Copyright (C) 2007-2009 Advanced Micro Devices, Inc.
3 * Author: Joerg Roedel <joerg.roedel@amd.com>
4 * Leo Duran <leo.duran@amd.com>
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License version 2 as published
8 * by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include <linux/pci.h>
21 #include <linux/gfp.h>
22 #include <linux/bitops.h>
23 #include <linux/debugfs.h>
24 #include <linux/scatterlist.h>
25 #include <linux/dma-mapping.h>
26 #include <linux/iommu-helper.h>
27 #include <linux/iommu.h>
28 #include <asm/proto.h>
29 #include <asm/iommu.h>
31 #include <asm/amd_iommu_proto.h>
32 #include <asm/amd_iommu_types.h>
33 #include <asm/amd_iommu.h>
35 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
37 #define EXIT_LOOP_COUNT 10000000
39 static DEFINE_RWLOCK(amd_iommu_devtable_lock);
41 /* A list of preallocated protection domains */
42 static LIST_HEAD(iommu_pd_list);
43 static DEFINE_SPINLOCK(iommu_pd_list_lock);
46 * Domain for untranslated devices - only allocated
47 * if iommu=pt passed on kernel cmd line.
49 static struct protection_domain *pt_domain;
51 static struct iommu_ops amd_iommu_ops;
54 * general struct to manage commands send to an IOMMU
60 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
61 struct unity_map_entry *e);
62 static struct dma_ops_domain *find_protection_domain(u16 devid);
63 static u64 *alloc_pte(struct protection_domain *domain,
64 unsigned long address, int end_lvl,
65 u64 **pte_page, gfp_t gfp);
66 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
67 unsigned long start_page,
69 static void reset_iommu_command_buffer(struct amd_iommu *iommu);
70 static u64 *fetch_pte(struct protection_domain *domain,
71 unsigned long address, int map_size);
72 static void update_domain(struct protection_domain *domain);
74 #ifdef CONFIG_AMD_IOMMU_STATS
77 * Initialization code for statistics collection
80 DECLARE_STATS_COUNTER(compl_wait);
81 DECLARE_STATS_COUNTER(cnt_map_single);
82 DECLARE_STATS_COUNTER(cnt_unmap_single);
83 DECLARE_STATS_COUNTER(cnt_map_sg);
84 DECLARE_STATS_COUNTER(cnt_unmap_sg);
85 DECLARE_STATS_COUNTER(cnt_alloc_coherent);
86 DECLARE_STATS_COUNTER(cnt_free_coherent);
87 DECLARE_STATS_COUNTER(cross_page);
88 DECLARE_STATS_COUNTER(domain_flush_single);
89 DECLARE_STATS_COUNTER(domain_flush_all);
90 DECLARE_STATS_COUNTER(alloced_io_mem);
91 DECLARE_STATS_COUNTER(total_map_requests);
93 static struct dentry *stats_dir;
94 static struct dentry *de_isolate;
95 static struct dentry *de_fflush;
97 static void amd_iommu_stats_add(struct __iommu_counter *cnt)
99 if (stats_dir == NULL)
102 cnt->dent = debugfs_create_u64(cnt->name, 0444, stats_dir,
106 static void amd_iommu_stats_init(void)
108 stats_dir = debugfs_create_dir("amd-iommu", NULL);
109 if (stats_dir == NULL)
112 de_isolate = debugfs_create_bool("isolation", 0444, stats_dir,
113 (u32 *)&amd_iommu_isolate);
115 de_fflush = debugfs_create_bool("fullflush", 0444, stats_dir,
116 (u32 *)&amd_iommu_unmap_flush);
118 amd_iommu_stats_add(&compl_wait);
119 amd_iommu_stats_add(&cnt_map_single);
120 amd_iommu_stats_add(&cnt_unmap_single);
121 amd_iommu_stats_add(&cnt_map_sg);
122 amd_iommu_stats_add(&cnt_unmap_sg);
123 amd_iommu_stats_add(&cnt_alloc_coherent);
124 amd_iommu_stats_add(&cnt_free_coherent);
125 amd_iommu_stats_add(&cross_page);
126 amd_iommu_stats_add(&domain_flush_single);
127 amd_iommu_stats_add(&domain_flush_all);
128 amd_iommu_stats_add(&alloced_io_mem);
129 amd_iommu_stats_add(&total_map_requests);
134 /* returns !0 if the IOMMU is caching non-present entries in its TLB */
135 static int iommu_has_npcache(struct amd_iommu *iommu)
137 return iommu->cap & (1UL << IOMMU_CAP_NPCACHE);
140 /****************************************************************************
142 * Interrupt handling functions
144 ****************************************************************************/
146 static void dump_dte_entry(u16 devid)
150 for (i = 0; i < 8; ++i)
151 pr_err("AMD-Vi: DTE[%d]: %08x\n", i,
152 amd_iommu_dev_table[devid].data[i]);
155 static void dump_command(unsigned long phys_addr)
157 struct iommu_cmd *cmd = phys_to_virt(phys_addr);
160 for (i = 0; i < 4; ++i)
161 pr_err("AMD-Vi: CMD[%d]: %08x\n", i, cmd->data[i]);
164 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
167 int type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
168 int devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
169 int domid = (event[1] >> EVENT_DOMID_SHIFT) & EVENT_DOMID_MASK;
170 int flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
171 u64 address = (u64)(((u64)event[3]) << 32) | event[2];
173 printk(KERN_ERR "AMD-Vi: Event logged [");
176 case EVENT_TYPE_ILL_DEV:
177 printk("ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x "
178 "address=0x%016llx flags=0x%04x]\n",
179 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
181 dump_dte_entry(devid);
183 case EVENT_TYPE_IO_FAULT:
184 printk("IO_PAGE_FAULT device=%02x:%02x.%x "
185 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
186 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
187 domid, address, flags);
189 case EVENT_TYPE_DEV_TAB_ERR:
190 printk("DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
191 "address=0x%016llx flags=0x%04x]\n",
192 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
195 case EVENT_TYPE_PAGE_TAB_ERR:
196 printk("PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
197 "domain=0x%04x address=0x%016llx flags=0x%04x]\n",
198 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
199 domid, address, flags);
201 case EVENT_TYPE_ILL_CMD:
202 printk("ILLEGAL_COMMAND_ERROR address=0x%016llx]\n", address);
203 reset_iommu_command_buffer(iommu);
204 dump_command(address);
206 case EVENT_TYPE_CMD_HARD_ERR:
207 printk("COMMAND_HARDWARE_ERROR address=0x%016llx "
208 "flags=0x%04x]\n", address, flags);
210 case EVENT_TYPE_IOTLB_INV_TO:
211 printk("IOTLB_INV_TIMEOUT device=%02x:%02x.%x "
212 "address=0x%016llx]\n",
213 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
216 case EVENT_TYPE_INV_DEV_REQ:
217 printk("INVALID_DEVICE_REQUEST device=%02x:%02x.%x "
218 "address=0x%016llx flags=0x%04x]\n",
219 PCI_BUS(devid), PCI_SLOT(devid), PCI_FUNC(devid),
223 printk(KERN_ERR "UNKNOWN type=0x%02x]\n", type);
227 static void iommu_poll_events(struct amd_iommu *iommu)
232 spin_lock_irqsave(&iommu->lock, flags);
234 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
235 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
237 while (head != tail) {
238 iommu_print_event(iommu, iommu->evt_buf + head);
239 head = (head + EVENT_ENTRY_SIZE) % iommu->evt_buf_size;
242 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
244 spin_unlock_irqrestore(&iommu->lock, flags);
247 irqreturn_t amd_iommu_int_handler(int irq, void *data)
249 struct amd_iommu *iommu;
251 for_each_iommu(iommu)
252 iommu_poll_events(iommu);
257 /****************************************************************************
259 * IOMMU command queuing functions
261 ****************************************************************************/
264 * Writes the command to the IOMMUs command buffer and informs the
265 * hardware about the new command. Must be called with iommu->lock held.
267 static int __iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
272 tail = readl(iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
273 target = iommu->cmd_buf + tail;
274 memcpy_toio(target, cmd, sizeof(*cmd));
275 tail = (tail + sizeof(*cmd)) % iommu->cmd_buf_size;
276 head = readl(iommu->mmio_base + MMIO_CMD_HEAD_OFFSET);
279 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
285 * General queuing function for commands. Takes iommu->lock and calls
286 * __iommu_queue_command().
288 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
293 spin_lock_irqsave(&iommu->lock, flags);
294 ret = __iommu_queue_command(iommu, cmd);
296 iommu->need_sync = true;
297 spin_unlock_irqrestore(&iommu->lock, flags);
303 * This function waits until an IOMMU has completed a completion
306 static void __iommu_wait_for_completion(struct amd_iommu *iommu)
312 INC_STATS_COUNTER(compl_wait);
314 while (!ready && (i < EXIT_LOOP_COUNT)) {
316 /* wait for the bit to become one */
317 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
318 ready = status & MMIO_STATUS_COM_WAIT_INT_MASK;
321 /* set bit back to zero */
322 status &= ~MMIO_STATUS_COM_WAIT_INT_MASK;
323 writel(status, iommu->mmio_base + MMIO_STATUS_OFFSET);
325 if (unlikely(i == EXIT_LOOP_COUNT)) {
326 spin_unlock(&iommu->lock);
327 reset_iommu_command_buffer(iommu);
328 spin_lock(&iommu->lock);
333 * This function queues a completion wait command into the command
336 static int __iommu_completion_wait(struct amd_iommu *iommu)
338 struct iommu_cmd cmd;
340 memset(&cmd, 0, sizeof(cmd));
341 cmd.data[0] = CMD_COMPL_WAIT_INT_MASK;
342 CMD_SET_TYPE(&cmd, CMD_COMPL_WAIT);
344 return __iommu_queue_command(iommu, &cmd);
348 * This function is called whenever we need to ensure that the IOMMU has
349 * completed execution of all commands we sent. It sends a
350 * COMPLETION_WAIT command and waits for it to finish. The IOMMU informs
351 * us about that by writing a value to a physical address we pass with
354 static int iommu_completion_wait(struct amd_iommu *iommu)
359 spin_lock_irqsave(&iommu->lock, flags);
361 if (!iommu->need_sync)
364 ret = __iommu_completion_wait(iommu);
366 iommu->need_sync = false;
371 __iommu_wait_for_completion(iommu);
374 spin_unlock_irqrestore(&iommu->lock, flags);
379 static void iommu_flush_complete(struct protection_domain *domain)
383 for (i = 0; i < amd_iommus_present; ++i) {
384 if (!domain->dev_iommu[i])
388 * Devices of this domain are behind this IOMMU
389 * We need to wait for completion of all commands.
391 iommu_completion_wait(amd_iommus[i]);
396 * Command send function for invalidating a device table entry
398 static int iommu_queue_inv_dev_entry(struct amd_iommu *iommu, u16 devid)
400 struct iommu_cmd cmd;
403 BUG_ON(iommu == NULL);
405 memset(&cmd, 0, sizeof(cmd));
406 CMD_SET_TYPE(&cmd, CMD_INV_DEV_ENTRY);
409 ret = iommu_queue_command(iommu, &cmd);
414 static void __iommu_build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
415 u16 domid, int pde, int s)
417 memset(cmd, 0, sizeof(*cmd));
418 address &= PAGE_MASK;
419 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
420 cmd->data[1] |= domid;
421 cmd->data[2] = lower_32_bits(address);
422 cmd->data[3] = upper_32_bits(address);
423 if (s) /* size bit - we flush more than one 4kb page */
424 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
425 if (pde) /* PDE bit - we wan't flush everything not only the PTEs */
426 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
430 * Generic command send function for invalidaing TLB entries
432 static int iommu_queue_inv_iommu_pages(struct amd_iommu *iommu,
433 u64 address, u16 domid, int pde, int s)
435 struct iommu_cmd cmd;
438 __iommu_build_inv_iommu_pages(&cmd, address, domid, pde, s);
440 ret = iommu_queue_command(iommu, &cmd);
446 * TLB invalidation function which is called from the mapping functions.
447 * It invalidates a single PTE if the range to flush is within a single
448 * page. Otherwise it flushes the whole TLB of the IOMMU.
450 static void __iommu_flush_pages(struct protection_domain *domain,
451 u64 address, size_t size, int pde)
454 unsigned long pages = iommu_num_pages(address, size, PAGE_SIZE);
456 address &= PAGE_MASK;
460 * If we have to flush more than one page, flush all
461 * TLB entries for this domain
463 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
468 for (i = 0; i < amd_iommus_present; ++i) {
469 if (!domain->dev_iommu[i])
473 * Devices of this domain are behind this IOMMU
474 * We need a TLB flush
476 iommu_queue_inv_iommu_pages(amd_iommus[i], address,
483 static void iommu_flush_pages(struct protection_domain *domain,
484 u64 address, size_t size)
486 __iommu_flush_pages(domain, address, size, 0);
489 /* Flush the whole IO/TLB for a given protection domain */
490 static void iommu_flush_tlb(struct protection_domain *domain)
492 __iommu_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 0);
495 /* Flush the whole IO/TLB for a given protection domain - including PDE */
496 static void iommu_flush_tlb_pde(struct protection_domain *domain)
498 __iommu_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 1);
502 * This function flushes one domain on one IOMMU
504 static void flush_domain_on_iommu(struct amd_iommu *iommu, u16 domid)
506 struct iommu_cmd cmd;
509 __iommu_build_inv_iommu_pages(&cmd, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
512 spin_lock_irqsave(&iommu->lock, flags);
513 __iommu_queue_command(iommu, &cmd);
514 __iommu_completion_wait(iommu);
515 __iommu_wait_for_completion(iommu);
516 spin_unlock_irqrestore(&iommu->lock, flags);
519 static void flush_all_domains_on_iommu(struct amd_iommu *iommu)
523 for (i = 1; i < MAX_DOMAIN_ID; ++i) {
524 if (!test_bit(i, amd_iommu_pd_alloc_bitmap))
526 flush_domain_on_iommu(iommu, i);
532 * This function is used to flush the IO/TLB for a given protection domain
533 * on every IOMMU in the system
535 static void iommu_flush_domain(u16 domid)
537 struct amd_iommu *iommu;
539 INC_STATS_COUNTER(domain_flush_all);
541 for_each_iommu(iommu)
542 flush_domain_on_iommu(iommu, domid);
545 void amd_iommu_flush_all_domains(void)
547 struct amd_iommu *iommu;
549 for_each_iommu(iommu)
550 flush_all_domains_on_iommu(iommu);
553 static void flush_all_devices_for_iommu(struct amd_iommu *iommu)
557 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
558 if (iommu != amd_iommu_rlookup_table[i])
561 iommu_queue_inv_dev_entry(iommu, i);
562 iommu_completion_wait(iommu);
566 static void flush_devices_by_domain(struct protection_domain *domain)
568 struct amd_iommu *iommu;
571 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
572 if ((domain == NULL && amd_iommu_pd_table[i] == NULL) ||
573 (amd_iommu_pd_table[i] != domain))
576 iommu = amd_iommu_rlookup_table[i];
580 iommu_queue_inv_dev_entry(iommu, i);
581 iommu_completion_wait(iommu);
585 static void reset_iommu_command_buffer(struct amd_iommu *iommu)
587 pr_err("AMD-Vi: Resetting IOMMU command buffer\n");
589 if (iommu->reset_in_progress)
590 panic("AMD-Vi: ILLEGAL_COMMAND_ERROR while resetting command buffer\n");
592 iommu->reset_in_progress = true;
594 amd_iommu_reset_cmd_buffer(iommu);
595 flush_all_devices_for_iommu(iommu);
596 flush_all_domains_on_iommu(iommu);
598 iommu->reset_in_progress = false;
601 void amd_iommu_flush_all_devices(void)
603 flush_devices_by_domain(NULL);
606 /****************************************************************************
608 * The functions below are used the create the page table mappings for
609 * unity mapped regions.
611 ****************************************************************************/
614 * Generic mapping functions. It maps a physical address into a DMA
615 * address space. It allocates the page table pages if necessary.
616 * In the future it can be extended to a generic mapping function
617 * supporting all features of AMD IOMMU page tables like level skipping
618 * and full 64 bit address spaces.
620 static int iommu_map_page(struct protection_domain *dom,
621 unsigned long bus_addr,
622 unsigned long phys_addr,
628 bus_addr = PAGE_ALIGN(bus_addr);
629 phys_addr = PAGE_ALIGN(phys_addr);
631 BUG_ON(!PM_ALIGNED(map_size, bus_addr));
632 BUG_ON(!PM_ALIGNED(map_size, phys_addr));
634 if (!(prot & IOMMU_PROT_MASK))
637 pte = alloc_pte(dom, bus_addr, map_size, NULL, GFP_KERNEL);
639 if (IOMMU_PTE_PRESENT(*pte))
642 __pte = phys_addr | IOMMU_PTE_P;
643 if (prot & IOMMU_PROT_IR)
644 __pte |= IOMMU_PTE_IR;
645 if (prot & IOMMU_PROT_IW)
646 __pte |= IOMMU_PTE_IW;
655 static void iommu_unmap_page(struct protection_domain *dom,
656 unsigned long bus_addr, int map_size)
658 u64 *pte = fetch_pte(dom, bus_addr, map_size);
665 * This function checks if a specific unity mapping entry is needed for
666 * this specific IOMMU.
668 static int iommu_for_unity_map(struct amd_iommu *iommu,
669 struct unity_map_entry *entry)
673 for (i = entry->devid_start; i <= entry->devid_end; ++i) {
674 bdf = amd_iommu_alias_table[i];
675 if (amd_iommu_rlookup_table[bdf] == iommu)
683 * Init the unity mappings for a specific IOMMU in the system
685 * Basically iterates over all unity mapping entries and applies them to
686 * the default domain DMA of that IOMMU if necessary.
688 static int iommu_init_unity_mappings(struct amd_iommu *iommu)
690 struct unity_map_entry *entry;
693 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
694 if (!iommu_for_unity_map(iommu, entry))
696 ret = dma_ops_unity_map(iommu->default_dom, entry);
705 * This function actually applies the mapping to the page table of the
708 static int dma_ops_unity_map(struct dma_ops_domain *dma_dom,
709 struct unity_map_entry *e)
714 for (addr = e->address_start; addr < e->address_end;
716 ret = iommu_map_page(&dma_dom->domain, addr, addr, e->prot,
721 * if unity mapping is in aperture range mark the page
722 * as allocated in the aperture
724 if (addr < dma_dom->aperture_size)
725 __set_bit(addr >> PAGE_SHIFT,
726 dma_dom->aperture[0]->bitmap);
733 * Inits the unity mappings required for a specific device
735 static int init_unity_mappings_for_device(struct dma_ops_domain *dma_dom,
738 struct unity_map_entry *e;
741 list_for_each_entry(e, &amd_iommu_unity_map, list) {
742 if (!(devid >= e->devid_start && devid <= e->devid_end))
744 ret = dma_ops_unity_map(dma_dom, e);
752 /****************************************************************************
754 * The next functions belong to the address allocator for the dma_ops
755 * interface functions. They work like the allocators in the other IOMMU
756 * drivers. Its basically a bitmap which marks the allocated pages in
757 * the aperture. Maybe it could be enhanced in the future to a more
758 * efficient allocator.
760 ****************************************************************************/
763 * The address allocator core functions.
765 * called with domain->lock held
769 * This function checks if there is a PTE for a given dma address. If
770 * there is one, it returns the pointer to it.
772 static u64 *fetch_pte(struct protection_domain *domain,
773 unsigned long address, int map_size)
778 level = domain->mode - 1;
779 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
781 while (level > map_size) {
782 if (!IOMMU_PTE_PRESENT(*pte))
787 pte = IOMMU_PTE_PAGE(*pte);
788 pte = &pte[PM_LEVEL_INDEX(level, address)];
790 if ((PM_PTE_LEVEL(*pte) == 0) && level != map_size) {
800 * This function is used to add a new aperture range to an existing
801 * aperture in case of dma_ops domain allocation or address allocation
804 static int alloc_new_range(struct amd_iommu *iommu,
805 struct dma_ops_domain *dma_dom,
806 bool populate, gfp_t gfp)
808 int index = dma_dom->aperture_size >> APERTURE_RANGE_SHIFT;
811 #ifdef CONFIG_IOMMU_STRESS
815 if (index >= APERTURE_MAX_RANGES)
818 dma_dom->aperture[index] = kzalloc(sizeof(struct aperture_range), gfp);
819 if (!dma_dom->aperture[index])
822 dma_dom->aperture[index]->bitmap = (void *)get_zeroed_page(gfp);
823 if (!dma_dom->aperture[index]->bitmap)
826 dma_dom->aperture[index]->offset = dma_dom->aperture_size;
829 unsigned long address = dma_dom->aperture_size;
830 int i, num_ptes = APERTURE_RANGE_PAGES / 512;
833 for (i = 0; i < num_ptes; ++i) {
834 pte = alloc_pte(&dma_dom->domain, address, PM_MAP_4k,
839 dma_dom->aperture[index]->pte_pages[i] = pte_page;
841 address += APERTURE_RANGE_SIZE / 64;
845 dma_dom->aperture_size += APERTURE_RANGE_SIZE;
847 /* Intialize the exclusion range if necessary */
848 if (iommu->exclusion_start &&
849 iommu->exclusion_start >= dma_dom->aperture[index]->offset &&
850 iommu->exclusion_start < dma_dom->aperture_size) {
851 unsigned long startpage = iommu->exclusion_start >> PAGE_SHIFT;
852 int pages = iommu_num_pages(iommu->exclusion_start,
853 iommu->exclusion_length,
855 dma_ops_reserve_addresses(dma_dom, startpage, pages);
859 * Check for areas already mapped as present in the new aperture
860 * range and mark those pages as reserved in the allocator. Such
861 * mappings may already exist as a result of requested unity
862 * mappings for devices.
864 for (i = dma_dom->aperture[index]->offset;
865 i < dma_dom->aperture_size;
867 u64 *pte = fetch_pte(&dma_dom->domain, i, PM_MAP_4k);
868 if (!pte || !IOMMU_PTE_PRESENT(*pte))
871 dma_ops_reserve_addresses(dma_dom, i << PAGE_SHIFT, 1);
874 update_domain(&dma_dom->domain);
879 update_domain(&dma_dom->domain);
881 free_page((unsigned long)dma_dom->aperture[index]->bitmap);
883 kfree(dma_dom->aperture[index]);
884 dma_dom->aperture[index] = NULL;
889 static unsigned long dma_ops_area_alloc(struct device *dev,
890 struct dma_ops_domain *dom,
892 unsigned long align_mask,
896 unsigned long next_bit = dom->next_address % APERTURE_RANGE_SIZE;
897 int max_index = dom->aperture_size >> APERTURE_RANGE_SHIFT;
898 int i = start >> APERTURE_RANGE_SHIFT;
899 unsigned long boundary_size;
900 unsigned long address = -1;
903 next_bit >>= PAGE_SHIFT;
905 boundary_size = ALIGN(dma_get_seg_boundary(dev) + 1,
906 PAGE_SIZE) >> PAGE_SHIFT;
908 for (;i < max_index; ++i) {
909 unsigned long offset = dom->aperture[i]->offset >> PAGE_SHIFT;
911 if (dom->aperture[i]->offset >= dma_mask)
914 limit = iommu_device_max_index(APERTURE_RANGE_PAGES, offset,
915 dma_mask >> PAGE_SHIFT);
917 address = iommu_area_alloc(dom->aperture[i]->bitmap,
918 limit, next_bit, pages, 0,
919 boundary_size, align_mask);
921 address = dom->aperture[i]->offset +
922 (address << PAGE_SHIFT);
923 dom->next_address = address + (pages << PAGE_SHIFT);
933 static unsigned long dma_ops_alloc_addresses(struct device *dev,
934 struct dma_ops_domain *dom,
936 unsigned long align_mask,
939 unsigned long address;
941 #ifdef CONFIG_IOMMU_STRESS
942 dom->next_address = 0;
943 dom->need_flush = true;
946 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
947 dma_mask, dom->next_address);
950 dom->next_address = 0;
951 address = dma_ops_area_alloc(dev, dom, pages, align_mask,
953 dom->need_flush = true;
956 if (unlikely(address == -1))
957 address = DMA_ERROR_CODE;
959 WARN_ON((address + (PAGE_SIZE*pages)) > dom->aperture_size);
965 * The address free function.
967 * called with domain->lock held
969 static void dma_ops_free_addresses(struct dma_ops_domain *dom,
970 unsigned long address,
973 unsigned i = address >> APERTURE_RANGE_SHIFT;
974 struct aperture_range *range = dom->aperture[i];
976 BUG_ON(i >= APERTURE_MAX_RANGES || range == NULL);
978 #ifdef CONFIG_IOMMU_STRESS
983 if (address >= dom->next_address)
984 dom->need_flush = true;
986 address = (address % APERTURE_RANGE_SIZE) >> PAGE_SHIFT;
988 iommu_area_free(range->bitmap, address, pages);
992 /****************************************************************************
994 * The next functions belong to the domain allocation. A domain is
995 * allocated for every IOMMU as the default domain. If device isolation
996 * is enabled, every device get its own domain. The most important thing
997 * about domains is the page table mapping the DMA address space they
1000 ****************************************************************************/
1002 static u16 domain_id_alloc(void)
1004 unsigned long flags;
1007 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1008 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
1010 if (id > 0 && id < MAX_DOMAIN_ID)
1011 __set_bit(id, amd_iommu_pd_alloc_bitmap);
1014 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1019 static void domain_id_free(int id)
1021 unsigned long flags;
1023 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1024 if (id > 0 && id < MAX_DOMAIN_ID)
1025 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1026 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1030 * Used to reserve address ranges in the aperture (e.g. for exclusion
1033 static void dma_ops_reserve_addresses(struct dma_ops_domain *dom,
1034 unsigned long start_page,
1037 unsigned int i, last_page = dom->aperture_size >> PAGE_SHIFT;
1039 if (start_page + pages > last_page)
1040 pages = last_page - start_page;
1042 for (i = start_page; i < start_page + pages; ++i) {
1043 int index = i / APERTURE_RANGE_PAGES;
1044 int page = i % APERTURE_RANGE_PAGES;
1045 __set_bit(page, dom->aperture[index]->bitmap);
1049 static void free_pagetable(struct protection_domain *domain)
1054 p1 = domain->pt_root;
1059 for (i = 0; i < 512; ++i) {
1060 if (!IOMMU_PTE_PRESENT(p1[i]))
1063 p2 = IOMMU_PTE_PAGE(p1[i]);
1064 for (j = 0; j < 512; ++j) {
1065 if (!IOMMU_PTE_PRESENT(p2[j]))
1067 p3 = IOMMU_PTE_PAGE(p2[j]);
1068 free_page((unsigned long)p3);
1071 free_page((unsigned long)p2);
1074 free_page((unsigned long)p1);
1076 domain->pt_root = NULL;
1080 * Free a domain, only used if something went wrong in the
1081 * allocation path and we need to free an already allocated page table
1083 static void dma_ops_domain_free(struct dma_ops_domain *dom)
1090 free_pagetable(&dom->domain);
1092 for (i = 0; i < APERTURE_MAX_RANGES; ++i) {
1093 if (!dom->aperture[i])
1095 free_page((unsigned long)dom->aperture[i]->bitmap);
1096 kfree(dom->aperture[i]);
1103 * Allocates a new protection domain usable for the dma_ops functions.
1104 * It also intializes the page table and the address allocator data
1105 * structures required for the dma_ops interface
1107 static struct dma_ops_domain *dma_ops_domain_alloc(struct amd_iommu *iommu)
1109 struct dma_ops_domain *dma_dom;
1111 dma_dom = kzalloc(sizeof(struct dma_ops_domain), GFP_KERNEL);
1115 spin_lock_init(&dma_dom->domain.lock);
1117 dma_dom->domain.id = domain_id_alloc();
1118 if (dma_dom->domain.id == 0)
1120 dma_dom->domain.mode = PAGE_MODE_2_LEVEL;
1121 dma_dom->domain.pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1122 dma_dom->domain.flags = PD_DMA_OPS_MASK;
1123 dma_dom->domain.priv = dma_dom;
1124 if (!dma_dom->domain.pt_root)
1127 dma_dom->need_flush = false;
1128 dma_dom->target_dev = 0xffff;
1130 if (alloc_new_range(iommu, dma_dom, true, GFP_KERNEL))
1134 * mark the first page as allocated so we never return 0 as
1135 * a valid dma-address. So we can use 0 as error value
1137 dma_dom->aperture[0]->bitmap[0] = 1;
1138 dma_dom->next_address = 0;
1144 dma_ops_domain_free(dma_dom);
1150 * little helper function to check whether a given protection domain is a
1153 static bool dma_ops_domain(struct protection_domain *domain)
1155 return domain->flags & PD_DMA_OPS_MASK;
1159 * Find out the protection domain structure for a given PCI device. This
1160 * will give us the pointer to the page table root for example.
1162 static struct protection_domain *domain_for_device(u16 devid)
1164 struct protection_domain *dom;
1165 unsigned long flags;
1167 read_lock_irqsave(&amd_iommu_devtable_lock, flags);
1168 dom = amd_iommu_pd_table[devid];
1169 read_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1174 static void set_dte_entry(u16 devid, struct protection_domain *domain)
1176 u64 pte_root = virt_to_phys(domain->pt_root);
1178 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1179 << DEV_ENTRY_MODE_SHIFT;
1180 pte_root |= IOMMU_PTE_IR | IOMMU_PTE_IW | IOMMU_PTE_P | IOMMU_PTE_TV;
1182 amd_iommu_dev_table[devid].data[2] = domain->id;
1183 amd_iommu_dev_table[devid].data[1] = upper_32_bits(pte_root);
1184 amd_iommu_dev_table[devid].data[0] = lower_32_bits(pte_root);
1186 amd_iommu_pd_table[devid] = domain;
1190 * If a device is not yet associated with a domain, this function does
1191 * assigns it visible for the hardware
1193 static void __attach_device(struct amd_iommu *iommu,
1194 struct protection_domain *domain,
1198 spin_lock(&domain->lock);
1200 /* update DTE entry */
1201 set_dte_entry(devid, domain);
1203 /* Do reference counting */
1204 domain->dev_iommu[iommu->index] += 1;
1205 domain->dev_cnt += 1;
1208 spin_unlock(&domain->lock);
1212 * If a device is not yet associated with a domain, this function does
1213 * assigns it visible for the hardware
1215 static void attach_device(struct amd_iommu *iommu,
1216 struct protection_domain *domain,
1219 unsigned long flags;
1221 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1222 __attach_device(iommu, domain, devid);
1223 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1226 * We might boot into a crash-kernel here. The crashed kernel
1227 * left the caches in the IOMMU dirty. So we have to flush
1228 * here to evict all dirty stuff.
1230 iommu_queue_inv_dev_entry(iommu, devid);
1231 iommu_flush_tlb_pde(domain);
1235 * Removes a device from a protection domain (unlocked)
1237 static void __detach_device(struct protection_domain *domain, u16 devid)
1239 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1244 spin_lock(&domain->lock);
1246 /* remove domain from the lookup table */
1247 amd_iommu_pd_table[devid] = NULL;
1249 /* remove entry from the device table seen by the hardware */
1250 amd_iommu_dev_table[devid].data[0] = IOMMU_PTE_P | IOMMU_PTE_TV;
1251 amd_iommu_dev_table[devid].data[1] = 0;
1252 amd_iommu_dev_table[devid].data[2] = 0;
1254 amd_iommu_apply_erratum_63(devid);
1256 /* decrease reference counters */
1257 domain->dev_iommu[iommu->index] -= 1;
1258 domain->dev_cnt -= 1;
1261 spin_unlock(&domain->lock);
1264 * If we run in passthrough mode the device must be assigned to the
1265 * passthrough domain if it is detached from any other domain
1267 if (iommu_pass_through) {
1268 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1269 __attach_device(iommu, pt_domain, devid);
1274 * Removes a device from a protection domain (with devtable_lock held)
1276 static void detach_device(struct protection_domain *domain, u16 devid)
1278 unsigned long flags;
1280 /* lock device table */
1281 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1282 __detach_device(domain, devid);
1283 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1286 static int device_change_notifier(struct notifier_block *nb,
1287 unsigned long action, void *data)
1289 struct device *dev = data;
1290 struct pci_dev *pdev = to_pci_dev(dev);
1291 u16 devid = calc_devid(pdev->bus->number, pdev->devfn);
1292 struct protection_domain *domain;
1293 struct dma_ops_domain *dma_domain;
1294 struct amd_iommu *iommu;
1295 unsigned long flags;
1297 if (devid > amd_iommu_last_bdf)
1300 devid = amd_iommu_alias_table[devid];
1302 iommu = amd_iommu_rlookup_table[devid];
1306 domain = domain_for_device(devid);
1308 if (domain && !dma_ops_domain(domain))
1309 WARN_ONCE(1, "AMD IOMMU WARNING: device %s already bound "
1310 "to a non-dma-ops domain\n", dev_name(dev));
1313 case BUS_NOTIFY_UNBOUND_DRIVER:
1316 if (iommu_pass_through)
1318 detach_device(domain, devid);
1320 case BUS_NOTIFY_ADD_DEVICE:
1321 /* allocate a protection domain if a device is added */
1322 dma_domain = find_protection_domain(devid);
1325 dma_domain = dma_ops_domain_alloc(iommu);
1328 dma_domain->target_dev = devid;
1330 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1331 list_add_tail(&dma_domain->list, &iommu_pd_list);
1332 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1339 iommu_queue_inv_dev_entry(iommu, devid);
1340 iommu_completion_wait(iommu);
1346 static struct notifier_block device_nb = {
1347 .notifier_call = device_change_notifier,
1350 /*****************************************************************************
1352 * The next functions belong to the dma_ops mapping/unmapping code.
1354 *****************************************************************************/
1357 * This function checks if the driver got a valid device from the caller to
1358 * avoid dereferencing invalid pointers.
1360 static bool check_device(struct device *dev)
1362 if (!dev || !dev->dma_mask)
1369 * In this function the list of preallocated protection domains is traversed to
1370 * find the domain for a specific device
1372 static struct dma_ops_domain *find_protection_domain(u16 devid)
1374 struct dma_ops_domain *entry, *ret = NULL;
1375 unsigned long flags;
1377 if (list_empty(&iommu_pd_list))
1380 spin_lock_irqsave(&iommu_pd_list_lock, flags);
1382 list_for_each_entry(entry, &iommu_pd_list, list) {
1383 if (entry->target_dev == devid) {
1389 spin_unlock_irqrestore(&iommu_pd_list_lock, flags);
1395 * In the dma_ops path we only have the struct device. This function
1396 * finds the corresponding IOMMU, the protection domain and the
1397 * requestor id for a given device.
1398 * If the device is not yet associated with a domain this is also done
1401 static int get_device_resources(struct device *dev,
1402 struct amd_iommu **iommu,
1403 struct protection_domain **domain,
1406 struct dma_ops_domain *dma_dom;
1407 struct pci_dev *pcidev;
1414 if (dev->bus != &pci_bus_type)
1417 pcidev = to_pci_dev(dev);
1418 _bdf = calc_devid(pcidev->bus->number, pcidev->devfn);
1420 /* device not translated by any IOMMU in the system? */
1421 if (_bdf > amd_iommu_last_bdf)
1424 *bdf = amd_iommu_alias_table[_bdf];
1426 *iommu = amd_iommu_rlookup_table[*bdf];
1429 *domain = domain_for_device(*bdf);
1430 if (*domain == NULL) {
1431 dma_dom = find_protection_domain(*bdf);
1433 dma_dom = (*iommu)->default_dom;
1434 *domain = &dma_dom->domain;
1435 attach_device(*iommu, *domain, *bdf);
1436 DUMP_printk("Using protection domain %d for device %s\n",
1437 (*domain)->id, dev_name(dev));
1440 if (domain_for_device(_bdf) == NULL)
1441 attach_device(*iommu, *domain, _bdf);
1446 static void update_device_table(struct protection_domain *domain)
1448 unsigned long flags;
1451 for (i = 0; i <= amd_iommu_last_bdf; ++i) {
1452 if (amd_iommu_pd_table[i] != domain)
1454 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
1455 set_dte_entry(i, domain);
1456 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
1460 static void update_domain(struct protection_domain *domain)
1462 if (!domain->updated)
1465 update_device_table(domain);
1466 flush_devices_by_domain(domain);
1467 iommu_flush_domain(domain->id);
1469 domain->updated = false;
1473 * This function is used to add another level to an IO page table. Adding
1474 * another level increases the size of the address space by 9 bits to a size up
1477 static bool increase_address_space(struct protection_domain *domain,
1482 if (domain->mode == PAGE_MODE_6_LEVEL)
1483 /* address space already 64 bit large */
1486 pte = (void *)get_zeroed_page(gfp);
1490 *pte = PM_LEVEL_PDE(domain->mode,
1491 virt_to_phys(domain->pt_root));
1492 domain->pt_root = pte;
1494 domain->updated = true;
1499 static u64 *alloc_pte(struct protection_domain *domain,
1500 unsigned long address,
1508 while (address > PM_LEVEL_SIZE(domain->mode))
1509 increase_address_space(domain, gfp);
1511 level = domain->mode - 1;
1512 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
1514 while (level > end_lvl) {
1515 if (!IOMMU_PTE_PRESENT(*pte)) {
1516 page = (u64 *)get_zeroed_page(gfp);
1519 *pte = PM_LEVEL_PDE(level, virt_to_phys(page));
1524 pte = IOMMU_PTE_PAGE(*pte);
1526 if (pte_page && level == end_lvl)
1529 pte = &pte[PM_LEVEL_INDEX(level, address)];
1536 * This function fetches the PTE for a given address in the aperture
1538 static u64* dma_ops_get_pte(struct dma_ops_domain *dom,
1539 unsigned long address)
1541 struct aperture_range *aperture;
1542 u64 *pte, *pte_page;
1544 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1548 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1550 pte = alloc_pte(&dom->domain, address, PM_MAP_4k, &pte_page,
1552 aperture->pte_pages[APERTURE_PAGE_INDEX(address)] = pte_page;
1554 pte += PM_LEVEL_INDEX(0, address);
1556 update_domain(&dom->domain);
1562 * This is the generic map function. It maps one 4kb page at paddr to
1563 * the given address in the DMA address space for the domain.
1565 static dma_addr_t dma_ops_domain_map(struct amd_iommu *iommu,
1566 struct dma_ops_domain *dom,
1567 unsigned long address,
1573 WARN_ON(address > dom->aperture_size);
1577 pte = dma_ops_get_pte(dom, address);
1579 return DMA_ERROR_CODE;
1581 __pte = paddr | IOMMU_PTE_P | IOMMU_PTE_FC;
1583 if (direction == DMA_TO_DEVICE)
1584 __pte |= IOMMU_PTE_IR;
1585 else if (direction == DMA_FROM_DEVICE)
1586 __pte |= IOMMU_PTE_IW;
1587 else if (direction == DMA_BIDIRECTIONAL)
1588 __pte |= IOMMU_PTE_IR | IOMMU_PTE_IW;
1594 return (dma_addr_t)address;
1598 * The generic unmapping function for on page in the DMA address space.
1600 static void dma_ops_domain_unmap(struct amd_iommu *iommu,
1601 struct dma_ops_domain *dom,
1602 unsigned long address)
1604 struct aperture_range *aperture;
1607 if (address >= dom->aperture_size)
1610 aperture = dom->aperture[APERTURE_RANGE_INDEX(address)];
1614 pte = aperture->pte_pages[APERTURE_PAGE_INDEX(address)];
1618 pte += PM_LEVEL_INDEX(0, address);
1626 * This function contains common code for mapping of a physically
1627 * contiguous memory region into DMA address space. It is used by all
1628 * mapping functions provided with this IOMMU driver.
1629 * Must be called with the domain lock held.
1631 static dma_addr_t __map_single(struct device *dev,
1632 struct amd_iommu *iommu,
1633 struct dma_ops_domain *dma_dom,
1640 dma_addr_t offset = paddr & ~PAGE_MASK;
1641 dma_addr_t address, start, ret;
1643 unsigned long align_mask = 0;
1646 pages = iommu_num_pages(paddr, size, PAGE_SIZE);
1649 INC_STATS_COUNTER(total_map_requests);
1652 INC_STATS_COUNTER(cross_page);
1655 align_mask = (1UL << get_order(size)) - 1;
1658 address = dma_ops_alloc_addresses(dev, dma_dom, pages, align_mask,
1660 if (unlikely(address == DMA_ERROR_CODE)) {
1662 * setting next_address here will let the address
1663 * allocator only scan the new allocated range in the
1664 * first run. This is a small optimization.
1666 dma_dom->next_address = dma_dom->aperture_size;
1668 if (alloc_new_range(iommu, dma_dom, false, GFP_ATOMIC))
1672 * aperture was sucessfully enlarged by 128 MB, try
1679 for (i = 0; i < pages; ++i) {
1680 ret = dma_ops_domain_map(iommu, dma_dom, start, paddr, dir);
1681 if (ret == DMA_ERROR_CODE)
1689 ADD_STATS_COUNTER(alloced_io_mem, size);
1691 if (unlikely(dma_dom->need_flush && !amd_iommu_unmap_flush)) {
1692 iommu_flush_tlb(&dma_dom->domain);
1693 dma_dom->need_flush = false;
1694 } else if (unlikely(iommu_has_npcache(iommu)))
1695 iommu_flush_pages(&dma_dom->domain, address, size);
1702 for (--i; i >= 0; --i) {
1704 dma_ops_domain_unmap(iommu, dma_dom, start);
1707 dma_ops_free_addresses(dma_dom, address, pages);
1709 return DMA_ERROR_CODE;
1713 * Does the reverse of the __map_single function. Must be called with
1714 * the domain lock held too
1716 static void __unmap_single(struct amd_iommu *iommu,
1717 struct dma_ops_domain *dma_dom,
1718 dma_addr_t dma_addr,
1722 dma_addr_t i, start;
1725 if ((dma_addr == DMA_ERROR_CODE) ||
1726 (dma_addr + size > dma_dom->aperture_size))
1729 pages = iommu_num_pages(dma_addr, size, PAGE_SIZE);
1730 dma_addr &= PAGE_MASK;
1733 for (i = 0; i < pages; ++i) {
1734 dma_ops_domain_unmap(iommu, dma_dom, start);
1738 SUB_STATS_COUNTER(alloced_io_mem, size);
1740 dma_ops_free_addresses(dma_dom, dma_addr, pages);
1742 if (amd_iommu_unmap_flush || dma_dom->need_flush) {
1743 iommu_flush_pages(&dma_dom->domain, dma_addr, size);
1744 dma_dom->need_flush = false;
1749 * The exported map_single function for dma_ops.
1751 static dma_addr_t map_page(struct device *dev, struct page *page,
1752 unsigned long offset, size_t size,
1753 enum dma_data_direction dir,
1754 struct dma_attrs *attrs)
1756 unsigned long flags;
1757 struct amd_iommu *iommu;
1758 struct protection_domain *domain;
1762 phys_addr_t paddr = page_to_phys(page) + offset;
1764 INC_STATS_COUNTER(cnt_map_single);
1766 if (!check_device(dev))
1767 return DMA_ERROR_CODE;
1769 dma_mask = *dev->dma_mask;
1771 get_device_resources(dev, &iommu, &domain, &devid);
1773 if (iommu == NULL || domain == NULL)
1774 /* device not handled by any AMD IOMMU */
1775 return (dma_addr_t)paddr;
1777 if (!dma_ops_domain(domain))
1778 return DMA_ERROR_CODE;
1780 spin_lock_irqsave(&domain->lock, flags);
1781 addr = __map_single(dev, iommu, domain->priv, paddr, size, dir, false,
1783 if (addr == DMA_ERROR_CODE)
1786 iommu_flush_complete(domain);
1789 spin_unlock_irqrestore(&domain->lock, flags);
1795 * The exported unmap_single function for dma_ops.
1797 static void unmap_page(struct device *dev, dma_addr_t dma_addr, size_t size,
1798 enum dma_data_direction dir, struct dma_attrs *attrs)
1800 unsigned long flags;
1801 struct amd_iommu *iommu;
1802 struct protection_domain *domain;
1805 INC_STATS_COUNTER(cnt_unmap_single);
1807 if (!check_device(dev) ||
1808 !get_device_resources(dev, &iommu, &domain, &devid))
1809 /* device not handled by any AMD IOMMU */
1812 if (!dma_ops_domain(domain))
1815 spin_lock_irqsave(&domain->lock, flags);
1817 __unmap_single(iommu, domain->priv, dma_addr, size, dir);
1819 iommu_flush_complete(domain);
1821 spin_unlock_irqrestore(&domain->lock, flags);
1825 * This is a special map_sg function which is used if we should map a
1826 * device which is not handled by an AMD IOMMU in the system.
1828 static int map_sg_no_iommu(struct device *dev, struct scatterlist *sglist,
1829 int nelems, int dir)
1831 struct scatterlist *s;
1834 for_each_sg(sglist, s, nelems, i) {
1835 s->dma_address = (dma_addr_t)sg_phys(s);
1836 s->dma_length = s->length;
1843 * The exported map_sg function for dma_ops (handles scatter-gather
1846 static int map_sg(struct device *dev, struct scatterlist *sglist,
1847 int nelems, enum dma_data_direction dir,
1848 struct dma_attrs *attrs)
1850 unsigned long flags;
1851 struct amd_iommu *iommu;
1852 struct protection_domain *domain;
1855 struct scatterlist *s;
1857 int mapped_elems = 0;
1860 INC_STATS_COUNTER(cnt_map_sg);
1862 if (!check_device(dev))
1865 dma_mask = *dev->dma_mask;
1867 get_device_resources(dev, &iommu, &domain, &devid);
1869 if (!iommu || !domain)
1870 return map_sg_no_iommu(dev, sglist, nelems, dir);
1872 if (!dma_ops_domain(domain))
1875 spin_lock_irqsave(&domain->lock, flags);
1877 for_each_sg(sglist, s, nelems, i) {
1880 s->dma_address = __map_single(dev, iommu, domain->priv,
1881 paddr, s->length, dir, false,
1884 if (s->dma_address) {
1885 s->dma_length = s->length;
1891 iommu_flush_complete(domain);
1894 spin_unlock_irqrestore(&domain->lock, flags);
1896 return mapped_elems;
1898 for_each_sg(sglist, s, mapped_elems, i) {
1900 __unmap_single(iommu, domain->priv, s->dma_address,
1901 s->dma_length, dir);
1902 s->dma_address = s->dma_length = 0;
1911 * The exported map_sg function for dma_ops (handles scatter-gather
1914 static void unmap_sg(struct device *dev, struct scatterlist *sglist,
1915 int nelems, enum dma_data_direction dir,
1916 struct dma_attrs *attrs)
1918 unsigned long flags;
1919 struct amd_iommu *iommu;
1920 struct protection_domain *domain;
1921 struct scatterlist *s;
1925 INC_STATS_COUNTER(cnt_unmap_sg);
1927 if (!check_device(dev) ||
1928 !get_device_resources(dev, &iommu, &domain, &devid))
1931 if (!dma_ops_domain(domain))
1934 spin_lock_irqsave(&domain->lock, flags);
1936 for_each_sg(sglist, s, nelems, i) {
1937 __unmap_single(iommu, domain->priv, s->dma_address,
1938 s->dma_length, dir);
1939 s->dma_address = s->dma_length = 0;
1942 iommu_flush_complete(domain);
1944 spin_unlock_irqrestore(&domain->lock, flags);
1948 * The exported alloc_coherent function for dma_ops.
1950 static void *alloc_coherent(struct device *dev, size_t size,
1951 dma_addr_t *dma_addr, gfp_t flag)
1953 unsigned long flags;
1955 struct amd_iommu *iommu;
1956 struct protection_domain *domain;
1959 u64 dma_mask = dev->coherent_dma_mask;
1961 INC_STATS_COUNTER(cnt_alloc_coherent);
1963 if (!check_device(dev))
1966 if (!get_device_resources(dev, &iommu, &domain, &devid))
1967 flag &= ~(__GFP_DMA | __GFP_HIGHMEM | __GFP_DMA32);
1970 virt_addr = (void *)__get_free_pages(flag, get_order(size));
1974 paddr = virt_to_phys(virt_addr);
1976 if (!iommu || !domain) {
1977 *dma_addr = (dma_addr_t)paddr;
1981 if (!dma_ops_domain(domain))
1985 dma_mask = *dev->dma_mask;
1987 spin_lock_irqsave(&domain->lock, flags);
1989 *dma_addr = __map_single(dev, iommu, domain->priv, paddr,
1990 size, DMA_BIDIRECTIONAL, true, dma_mask);
1992 if (*dma_addr == DMA_ERROR_CODE) {
1993 spin_unlock_irqrestore(&domain->lock, flags);
1997 iommu_flush_complete(domain);
1999 spin_unlock_irqrestore(&domain->lock, flags);
2005 free_pages((unsigned long)virt_addr, get_order(size));
2011 * The exported free_coherent function for dma_ops.
2013 static void free_coherent(struct device *dev, size_t size,
2014 void *virt_addr, dma_addr_t dma_addr)
2016 unsigned long flags;
2017 struct amd_iommu *iommu;
2018 struct protection_domain *domain;
2021 INC_STATS_COUNTER(cnt_free_coherent);
2023 if (!check_device(dev))
2026 get_device_resources(dev, &iommu, &domain, &devid);
2028 if (!iommu || !domain)
2031 if (!dma_ops_domain(domain))
2034 spin_lock_irqsave(&domain->lock, flags);
2036 __unmap_single(iommu, domain->priv, dma_addr, size, DMA_BIDIRECTIONAL);
2038 iommu_flush_complete(domain);
2040 spin_unlock_irqrestore(&domain->lock, flags);
2043 free_pages((unsigned long)virt_addr, get_order(size));
2047 * This function is called by the DMA layer to find out if we can handle a
2048 * particular device. It is part of the dma_ops.
2050 static int amd_iommu_dma_supported(struct device *dev, u64 mask)
2053 struct pci_dev *pcidev;
2055 /* No device or no PCI device */
2056 if (!dev || dev->bus != &pci_bus_type)
2059 pcidev = to_pci_dev(dev);
2061 bdf = calc_devid(pcidev->bus->number, pcidev->devfn);
2063 /* Out of our scope? */
2064 if (bdf > amd_iommu_last_bdf)
2071 * The function for pre-allocating protection domains.
2073 * If the driver core informs the DMA layer if a driver grabs a device
2074 * we don't need to preallocate the protection domains anymore.
2075 * For now we have to.
2077 static void prealloc_protection_domains(void)
2079 struct pci_dev *dev = NULL;
2080 struct dma_ops_domain *dma_dom;
2081 struct amd_iommu *iommu;
2084 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2085 __devid = devid = calc_devid(dev->bus->number, dev->devfn);
2086 if (devid > amd_iommu_last_bdf)
2088 devid = amd_iommu_alias_table[devid];
2089 if (domain_for_device(devid))
2091 iommu = amd_iommu_rlookup_table[devid];
2094 dma_dom = dma_ops_domain_alloc(iommu);
2097 init_unity_mappings_for_device(dma_dom, devid);
2098 dma_dom->target_dev = devid;
2100 attach_device(iommu, &dma_dom->domain, devid);
2101 if (__devid != devid)
2102 attach_device(iommu, &dma_dom->domain, __devid);
2104 list_add_tail(&dma_dom->list, &iommu_pd_list);
2108 static struct dma_map_ops amd_iommu_dma_ops = {
2109 .alloc_coherent = alloc_coherent,
2110 .free_coherent = free_coherent,
2111 .map_page = map_page,
2112 .unmap_page = unmap_page,
2114 .unmap_sg = unmap_sg,
2115 .dma_supported = amd_iommu_dma_supported,
2119 * The function which clues the AMD IOMMU driver into dma_ops.
2121 int __init amd_iommu_init_dma_ops(void)
2123 struct amd_iommu *iommu;
2127 * first allocate a default protection domain for every IOMMU we
2128 * found in the system. Devices not assigned to any other
2129 * protection domain will be assigned to the default one.
2131 for_each_iommu(iommu) {
2132 iommu->default_dom = dma_ops_domain_alloc(iommu);
2133 if (iommu->default_dom == NULL)
2135 iommu->default_dom->domain.flags |= PD_DEFAULT_MASK;
2136 ret = iommu_init_unity_mappings(iommu);
2142 * If device isolation is enabled, pre-allocate the protection
2143 * domains for each device.
2145 if (amd_iommu_isolate)
2146 prealloc_protection_domains();
2150 #ifdef CONFIG_GART_IOMMU
2151 gart_iommu_aperture_disabled = 1;
2152 gart_iommu_aperture = 0;
2155 /* Make the driver finally visible to the drivers */
2156 dma_ops = &amd_iommu_dma_ops;
2158 register_iommu(&amd_iommu_ops);
2160 bus_register_notifier(&pci_bus_type, &device_nb);
2162 amd_iommu_stats_init();
2168 for_each_iommu(iommu) {
2169 if (iommu->default_dom)
2170 dma_ops_domain_free(iommu->default_dom);
2176 /*****************************************************************************
2178 * The following functions belong to the exported interface of AMD IOMMU
2180 * This interface allows access to lower level functions of the IOMMU
2181 * like protection domain handling and assignement of devices to domains
2182 * which is not possible with the dma_ops interface.
2184 *****************************************************************************/
2186 static void cleanup_domain(struct protection_domain *domain)
2188 unsigned long flags;
2191 write_lock_irqsave(&amd_iommu_devtable_lock, flags);
2193 for (devid = 0; devid <= amd_iommu_last_bdf; ++devid)
2194 if (amd_iommu_pd_table[devid] == domain)
2195 __detach_device(domain, devid);
2197 write_unlock_irqrestore(&amd_iommu_devtable_lock, flags);
2200 static void protection_domain_free(struct protection_domain *domain)
2206 domain_id_free(domain->id);
2211 static struct protection_domain *protection_domain_alloc(void)
2213 struct protection_domain *domain;
2215 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2219 spin_lock_init(&domain->lock);
2220 domain->id = domain_id_alloc();
2232 static int amd_iommu_domain_init(struct iommu_domain *dom)
2234 struct protection_domain *domain;
2236 domain = protection_domain_alloc();
2240 domain->mode = PAGE_MODE_3_LEVEL;
2241 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2242 if (!domain->pt_root)
2250 protection_domain_free(domain);
2255 static void amd_iommu_domain_destroy(struct iommu_domain *dom)
2257 struct protection_domain *domain = dom->priv;
2262 if (domain->dev_cnt > 0)
2263 cleanup_domain(domain);
2265 BUG_ON(domain->dev_cnt != 0);
2267 free_pagetable(domain);
2269 domain_id_free(domain->id);
2276 static void amd_iommu_detach_device(struct iommu_domain *dom,
2279 struct protection_domain *domain = dom->priv;
2280 struct amd_iommu *iommu;
2281 struct pci_dev *pdev;
2284 if (dev->bus != &pci_bus_type)
2287 pdev = to_pci_dev(dev);
2289 devid = calc_devid(pdev->bus->number, pdev->devfn);
2292 detach_device(domain, devid);
2294 iommu = amd_iommu_rlookup_table[devid];
2298 iommu_queue_inv_dev_entry(iommu, devid);
2299 iommu_completion_wait(iommu);
2302 static int amd_iommu_attach_device(struct iommu_domain *dom,
2305 struct protection_domain *domain = dom->priv;
2306 struct protection_domain *old_domain;
2307 struct amd_iommu *iommu;
2308 struct pci_dev *pdev;
2311 if (dev->bus != &pci_bus_type)
2314 pdev = to_pci_dev(dev);
2316 devid = calc_devid(pdev->bus->number, pdev->devfn);
2318 if (devid >= amd_iommu_last_bdf ||
2319 devid != amd_iommu_alias_table[devid])
2322 iommu = amd_iommu_rlookup_table[devid];
2326 old_domain = domain_for_device(devid);
2328 detach_device(old_domain, devid);
2330 attach_device(iommu, domain, devid);
2332 iommu_completion_wait(iommu);
2337 static int amd_iommu_map_range(struct iommu_domain *dom,
2338 unsigned long iova, phys_addr_t paddr,
2339 size_t size, int iommu_prot)
2341 struct protection_domain *domain = dom->priv;
2342 unsigned long i, npages = iommu_num_pages(paddr, size, PAGE_SIZE);
2346 if (iommu_prot & IOMMU_READ)
2347 prot |= IOMMU_PROT_IR;
2348 if (iommu_prot & IOMMU_WRITE)
2349 prot |= IOMMU_PROT_IW;
2354 for (i = 0; i < npages; ++i) {
2355 ret = iommu_map_page(domain, iova, paddr, prot, PM_MAP_4k);
2366 static void amd_iommu_unmap_range(struct iommu_domain *dom,
2367 unsigned long iova, size_t size)
2370 struct protection_domain *domain = dom->priv;
2371 unsigned long i, npages = iommu_num_pages(iova, size, PAGE_SIZE);
2375 for (i = 0; i < npages; ++i) {
2376 iommu_unmap_page(domain, iova, PM_MAP_4k);
2380 iommu_flush_domain(domain->id);
2383 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2386 struct protection_domain *domain = dom->priv;
2387 unsigned long offset = iova & ~PAGE_MASK;
2391 pte = fetch_pte(domain, iova, PM_MAP_4k);
2393 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2396 paddr = *pte & IOMMU_PAGE_MASK;
2402 static int amd_iommu_domain_has_cap(struct iommu_domain *domain,
2408 static struct iommu_ops amd_iommu_ops = {
2409 .domain_init = amd_iommu_domain_init,
2410 .domain_destroy = amd_iommu_domain_destroy,
2411 .attach_dev = amd_iommu_attach_device,
2412 .detach_dev = amd_iommu_detach_device,
2413 .map = amd_iommu_map_range,
2414 .unmap = amd_iommu_unmap_range,
2415 .iova_to_phys = amd_iommu_iova_to_phys,
2416 .domain_has_cap = amd_iommu_domain_has_cap,
2419 /*****************************************************************************
2421 * The next functions do a basic initialization of IOMMU for pass through
2424 * In passthrough mode the IOMMU is initialized and enabled but not used for
2425 * DMA-API translation.
2427 *****************************************************************************/
2429 int __init amd_iommu_init_passthrough(void)
2431 struct pci_dev *dev = NULL;
2434 /* allocate passthroug domain */
2435 pt_domain = protection_domain_alloc();
2439 pt_domain->mode |= PAGE_MODE_NONE;
2441 while ((dev = pci_get_device(PCI_ANY_ID, PCI_ANY_ID, dev)) != NULL) {
2442 struct amd_iommu *iommu;
2444 devid = calc_devid(dev->bus->number, dev->devfn);
2445 if (devid > amd_iommu_last_bdf)
2448 devid2 = amd_iommu_alias_table[devid];
2450 iommu = amd_iommu_rlookup_table[devid2];
2454 __attach_device(iommu, pt_domain, devid);
2455 __attach_device(iommu, pt_domain, devid2);
2458 pr_info("AMD-Vi: Initialized for Passthrough Mode\n");
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob