2 * Copyright © 2008 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
32 #include "intel_drv.h"
33 #include <linux/swap.h>
34 #include <linux/pci.h>
36 #define I915_GEM_GPU_DOMAINS (~(I915_GEM_DOMAIN_CPU | I915_GEM_DOMAIN_GTT))
38 static void i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj);
39 static void i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj);
40 static void i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj);
41 static int i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj,
43 static int i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
46 static void i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj);
47 static int i915_gem_object_wait_rendering(struct drm_gem_object *obj);
48 static int i915_gem_object_bind_to_gtt(struct drm_gem_object *obj,
50 static void i915_gem_clear_fence_reg(struct drm_gem_object *obj);
51 static int i915_gem_evict_something(struct drm_device *dev);
52 static int i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
53 struct drm_i915_gem_pwrite *args,
54 struct drm_file *file_priv);
56 int i915_gem_do_init(struct drm_device *dev, unsigned long start,
59 drm_i915_private_t *dev_priv = dev->dev_private;
62 (start & (PAGE_SIZE - 1)) != 0 ||
63 (end & (PAGE_SIZE - 1)) != 0) {
67 drm_mm_init(&dev_priv->mm.gtt_space, start,
70 dev->gtt_total = (uint32_t) (end - start);
76 i915_gem_init_ioctl(struct drm_device *dev, void *data,
77 struct drm_file *file_priv)
79 struct drm_i915_gem_init *args = data;
82 mutex_lock(&dev->struct_mutex);
83 ret = i915_gem_do_init(dev, args->gtt_start, args->gtt_end);
84 mutex_unlock(&dev->struct_mutex);
90 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data,
91 struct drm_file *file_priv)
93 struct drm_i915_gem_get_aperture *args = data;
95 if (!(dev->driver->driver_features & DRIVER_GEM))
98 args->aper_size = dev->gtt_total;
99 args->aper_available_size = (args->aper_size -
100 atomic_read(&dev->pin_memory));
107 * Creates a new mm object and returns a handle to it.
110 i915_gem_create_ioctl(struct drm_device *dev, void *data,
111 struct drm_file *file_priv)
113 struct drm_i915_gem_create *args = data;
114 struct drm_gem_object *obj;
117 args->size = roundup(args->size, PAGE_SIZE);
119 /* Allocate the new object */
120 obj = drm_gem_object_alloc(dev, args->size);
124 ret = drm_gem_handle_create(file_priv, obj, &handle);
125 mutex_lock(&dev->struct_mutex);
126 drm_gem_object_handle_unreference(obj);
127 mutex_unlock(&dev->struct_mutex);
132 args->handle = handle;
138 fast_shmem_read(struct page **pages,
139 loff_t page_base, int page_offset,
146 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT], KM_USER0);
149 unwritten = __copy_to_user_inatomic(data, vaddr + page_offset, length);
150 kunmap_atomic(vaddr, KM_USER0);
158 static int i915_gem_object_needs_bit17_swizzle(struct drm_gem_object *obj)
160 drm_i915_private_t *dev_priv = obj->dev->dev_private;
161 struct drm_i915_gem_object *obj_priv = obj->driver_private;
163 return dev_priv->mm.bit_6_swizzle_x == I915_BIT_6_SWIZZLE_9_10_17 &&
164 obj_priv->tiling_mode != I915_TILING_NONE;
168 slow_shmem_copy(struct page *dst_page,
170 struct page *src_page,
174 char *dst_vaddr, *src_vaddr;
176 dst_vaddr = kmap_atomic(dst_page, KM_USER0);
177 if (dst_vaddr == NULL)
180 src_vaddr = kmap_atomic(src_page, KM_USER1);
181 if (src_vaddr == NULL) {
182 kunmap_atomic(dst_vaddr, KM_USER0);
186 memcpy(dst_vaddr + dst_offset, src_vaddr + src_offset, length);
188 kunmap_atomic(src_vaddr, KM_USER1);
189 kunmap_atomic(dst_vaddr, KM_USER0);
195 slow_shmem_bit17_copy(struct page *gpu_page,
197 struct page *cpu_page,
202 char *gpu_vaddr, *cpu_vaddr;
204 /* Use the unswizzled path if this page isn't affected. */
205 if ((page_to_phys(gpu_page) & (1 << 17)) == 0) {
207 return slow_shmem_copy(cpu_page, cpu_offset,
208 gpu_page, gpu_offset, length);
210 return slow_shmem_copy(gpu_page, gpu_offset,
211 cpu_page, cpu_offset, length);
214 gpu_vaddr = kmap_atomic(gpu_page, KM_USER0);
215 if (gpu_vaddr == NULL)
218 cpu_vaddr = kmap_atomic(cpu_page, KM_USER1);
219 if (cpu_vaddr == NULL) {
220 kunmap_atomic(gpu_vaddr, KM_USER0);
224 /* Copy the data, XORing A6 with A17 (1). The user already knows he's
225 * XORing with the other bits (A9 for Y, A9 and A10 for X)
228 int cacheline_end = ALIGN(gpu_offset + 1, 64);
229 int this_length = min(cacheline_end - gpu_offset, length);
230 int swizzled_gpu_offset = gpu_offset ^ 64;
233 memcpy(cpu_vaddr + cpu_offset,
234 gpu_vaddr + swizzled_gpu_offset,
237 memcpy(gpu_vaddr + swizzled_gpu_offset,
238 cpu_vaddr + cpu_offset,
241 cpu_offset += this_length;
242 gpu_offset += this_length;
243 length -= this_length;
246 kunmap_atomic(cpu_vaddr, KM_USER1);
247 kunmap_atomic(gpu_vaddr, KM_USER0);
253 * This is the fast shmem pread path, which attempts to copy_from_user directly
254 * from the backing pages of the object to the user's address space. On a
255 * fault, it fails so we can fall back to i915_gem_shmem_pwrite_slow().
258 i915_gem_shmem_pread_fast(struct drm_device *dev, struct drm_gem_object *obj,
259 struct drm_i915_gem_pread *args,
260 struct drm_file *file_priv)
262 struct drm_i915_gem_object *obj_priv = obj->driver_private;
264 loff_t offset, page_base;
265 char __user *user_data;
266 int page_offset, page_length;
269 user_data = (char __user *) (uintptr_t) args->data_ptr;
272 mutex_lock(&dev->struct_mutex);
274 ret = i915_gem_object_get_pages(obj);
278 ret = i915_gem_object_set_cpu_read_domain_range(obj, args->offset,
283 obj_priv = obj->driver_private;
284 offset = args->offset;
287 /* Operation in this page
289 * page_base = page offset within aperture
290 * page_offset = offset within page
291 * page_length = bytes to copy for this page
293 page_base = (offset & ~(PAGE_SIZE-1));
294 page_offset = offset & (PAGE_SIZE-1);
295 page_length = remain;
296 if ((page_offset + remain) > PAGE_SIZE)
297 page_length = PAGE_SIZE - page_offset;
299 ret = fast_shmem_read(obj_priv->pages,
300 page_base, page_offset,
301 user_data, page_length);
305 remain -= page_length;
306 user_data += page_length;
307 offset += page_length;
311 i915_gem_object_put_pages(obj);
313 mutex_unlock(&dev->struct_mutex);
319 * This is the fallback shmem pread path, which allocates temporary storage
320 * in kernel space to copy_to_user into outside of the struct_mutex, so we
321 * can copy out of the object's backing pages while holding the struct mutex
322 * and not take page faults.
325 i915_gem_shmem_pread_slow(struct drm_device *dev, struct drm_gem_object *obj,
326 struct drm_i915_gem_pread *args,
327 struct drm_file *file_priv)
329 struct drm_i915_gem_object *obj_priv = obj->driver_private;
330 struct mm_struct *mm = current->mm;
331 struct page **user_pages;
333 loff_t offset, pinned_pages, i;
334 loff_t first_data_page, last_data_page, num_pages;
335 int shmem_page_index, shmem_page_offset;
336 int data_page_index, data_page_offset;
339 uint64_t data_ptr = args->data_ptr;
340 int do_bit17_swizzling;
344 /* Pin the user pages containing the data. We can't fault while
345 * holding the struct mutex, yet we want to hold it while
346 * dereferencing the user data.
348 first_data_page = data_ptr / PAGE_SIZE;
349 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
350 num_pages = last_data_page - first_data_page + 1;
352 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
353 if (user_pages == NULL)
356 down_read(&mm->mmap_sem);
357 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
358 num_pages, 1, 0, user_pages, NULL);
359 up_read(&mm->mmap_sem);
360 if (pinned_pages < num_pages) {
362 goto fail_put_user_pages;
365 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
367 mutex_lock(&dev->struct_mutex);
369 ret = i915_gem_object_get_pages(obj);
373 ret = i915_gem_object_set_cpu_read_domain_range(obj, args->offset,
378 obj_priv = obj->driver_private;
379 offset = args->offset;
382 /* Operation in this page
384 * shmem_page_index = page number within shmem file
385 * shmem_page_offset = offset within page in shmem file
386 * data_page_index = page number in get_user_pages return
387 * data_page_offset = offset with data_page_index page.
388 * page_length = bytes to copy for this page
390 shmem_page_index = offset / PAGE_SIZE;
391 shmem_page_offset = offset & ~PAGE_MASK;
392 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
393 data_page_offset = data_ptr & ~PAGE_MASK;
395 page_length = remain;
396 if ((shmem_page_offset + page_length) > PAGE_SIZE)
397 page_length = PAGE_SIZE - shmem_page_offset;
398 if ((data_page_offset + page_length) > PAGE_SIZE)
399 page_length = PAGE_SIZE - data_page_offset;
401 if (do_bit17_swizzling) {
402 ret = slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
404 user_pages[data_page_index],
409 ret = slow_shmem_copy(user_pages[data_page_index],
411 obj_priv->pages[shmem_page_index],
418 remain -= page_length;
419 data_ptr += page_length;
420 offset += page_length;
424 i915_gem_object_put_pages(obj);
426 mutex_unlock(&dev->struct_mutex);
428 for (i = 0; i < pinned_pages; i++) {
429 SetPageDirty(user_pages[i]);
430 page_cache_release(user_pages[i]);
432 drm_free_large(user_pages);
438 * Reads data from the object referenced by handle.
440 * On error, the contents of *data are undefined.
443 i915_gem_pread_ioctl(struct drm_device *dev, void *data,
444 struct drm_file *file_priv)
446 struct drm_i915_gem_pread *args = data;
447 struct drm_gem_object *obj;
448 struct drm_i915_gem_object *obj_priv;
451 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
454 obj_priv = obj->driver_private;
456 /* Bounds check source.
458 * XXX: This could use review for overflow issues...
460 if (args->offset > obj->size || args->size > obj->size ||
461 args->offset + args->size > obj->size) {
462 drm_gem_object_unreference(obj);
466 if (i915_gem_object_needs_bit17_swizzle(obj)) {
467 ret = i915_gem_shmem_pread_slow(dev, obj, args, file_priv);
469 ret = i915_gem_shmem_pread_fast(dev, obj, args, file_priv);
471 ret = i915_gem_shmem_pread_slow(dev, obj, args,
475 drm_gem_object_unreference(obj);
480 /* This is the fast write path which cannot handle
481 * page faults in the source data
485 fast_user_write(struct io_mapping *mapping,
486 loff_t page_base, int page_offset,
487 char __user *user_data,
491 unsigned long unwritten;
493 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base);
494 unwritten = __copy_from_user_inatomic_nocache(vaddr_atomic + page_offset,
496 io_mapping_unmap_atomic(vaddr_atomic);
502 /* Here's the write path which can sleep for
507 slow_kernel_write(struct io_mapping *mapping,
508 loff_t gtt_base, int gtt_offset,
509 struct page *user_page, int user_offset,
512 char *src_vaddr, *dst_vaddr;
513 unsigned long unwritten;
515 dst_vaddr = io_mapping_map_atomic_wc(mapping, gtt_base);
516 src_vaddr = kmap_atomic(user_page, KM_USER1);
517 unwritten = __copy_from_user_inatomic_nocache(dst_vaddr + gtt_offset,
518 src_vaddr + user_offset,
520 kunmap_atomic(src_vaddr, KM_USER1);
521 io_mapping_unmap_atomic(dst_vaddr);
528 fast_shmem_write(struct page **pages,
529 loff_t page_base, int page_offset,
534 unsigned long unwritten;
536 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT], KM_USER0);
539 unwritten = __copy_from_user_inatomic(vaddr + page_offset, data, length);
540 kunmap_atomic(vaddr, KM_USER0);
548 * This is the fast pwrite path, where we copy the data directly from the
549 * user into the GTT, uncached.
552 i915_gem_gtt_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
553 struct drm_i915_gem_pwrite *args,
554 struct drm_file *file_priv)
556 struct drm_i915_gem_object *obj_priv = obj->driver_private;
557 drm_i915_private_t *dev_priv = dev->dev_private;
559 loff_t offset, page_base;
560 char __user *user_data;
561 int page_offset, page_length;
564 user_data = (char __user *) (uintptr_t) args->data_ptr;
566 if (!access_ok(VERIFY_READ, user_data, remain))
570 mutex_lock(&dev->struct_mutex);
571 ret = i915_gem_object_pin(obj, 0);
573 mutex_unlock(&dev->struct_mutex);
576 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
580 obj_priv = obj->driver_private;
581 offset = obj_priv->gtt_offset + args->offset;
584 /* Operation in this page
586 * page_base = page offset within aperture
587 * page_offset = offset within page
588 * page_length = bytes to copy for this page
590 page_base = (offset & ~(PAGE_SIZE-1));
591 page_offset = offset & (PAGE_SIZE-1);
592 page_length = remain;
593 if ((page_offset + remain) > PAGE_SIZE)
594 page_length = PAGE_SIZE - page_offset;
596 ret = fast_user_write (dev_priv->mm.gtt_mapping, page_base,
597 page_offset, user_data, page_length);
599 /* If we get a fault while copying data, then (presumably) our
600 * source page isn't available. Return the error and we'll
601 * retry in the slow path.
606 remain -= page_length;
607 user_data += page_length;
608 offset += page_length;
612 i915_gem_object_unpin(obj);
613 mutex_unlock(&dev->struct_mutex);
619 * This is the fallback GTT pwrite path, which uses get_user_pages to pin
620 * the memory and maps it using kmap_atomic for copying.
622 * This code resulted in x11perf -rgb10text consuming about 10% more CPU
623 * than using i915_gem_gtt_pwrite_fast on a G45 (32-bit).
626 i915_gem_gtt_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
627 struct drm_i915_gem_pwrite *args,
628 struct drm_file *file_priv)
630 struct drm_i915_gem_object *obj_priv = obj->driver_private;
631 drm_i915_private_t *dev_priv = dev->dev_private;
633 loff_t gtt_page_base, offset;
634 loff_t first_data_page, last_data_page, num_pages;
635 loff_t pinned_pages, i;
636 struct page **user_pages;
637 struct mm_struct *mm = current->mm;
638 int gtt_page_offset, data_page_offset, data_page_index, page_length;
640 uint64_t data_ptr = args->data_ptr;
644 /* Pin the user pages containing the data. We can't fault while
645 * holding the struct mutex, and all of the pwrite implementations
646 * want to hold it while dereferencing the user data.
648 first_data_page = data_ptr / PAGE_SIZE;
649 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
650 num_pages = last_data_page - first_data_page + 1;
652 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
653 if (user_pages == NULL)
656 down_read(&mm->mmap_sem);
657 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
658 num_pages, 0, 0, user_pages, NULL);
659 up_read(&mm->mmap_sem);
660 if (pinned_pages < num_pages) {
662 goto out_unpin_pages;
665 mutex_lock(&dev->struct_mutex);
666 ret = i915_gem_object_pin(obj, 0);
670 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
672 goto out_unpin_object;
674 obj_priv = obj->driver_private;
675 offset = obj_priv->gtt_offset + args->offset;
678 /* Operation in this page
680 * gtt_page_base = page offset within aperture
681 * gtt_page_offset = offset within page in aperture
682 * data_page_index = page number in get_user_pages return
683 * data_page_offset = offset with data_page_index page.
684 * page_length = bytes to copy for this page
686 gtt_page_base = offset & PAGE_MASK;
687 gtt_page_offset = offset & ~PAGE_MASK;
688 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
689 data_page_offset = data_ptr & ~PAGE_MASK;
691 page_length = remain;
692 if ((gtt_page_offset + page_length) > PAGE_SIZE)
693 page_length = PAGE_SIZE - gtt_page_offset;
694 if ((data_page_offset + page_length) > PAGE_SIZE)
695 page_length = PAGE_SIZE - data_page_offset;
697 ret = slow_kernel_write(dev_priv->mm.gtt_mapping,
698 gtt_page_base, gtt_page_offset,
699 user_pages[data_page_index],
703 /* If we get a fault while copying data, then (presumably) our
704 * source page isn't available. Return the error and we'll
705 * retry in the slow path.
708 goto out_unpin_object;
710 remain -= page_length;
711 offset += page_length;
712 data_ptr += page_length;
716 i915_gem_object_unpin(obj);
718 mutex_unlock(&dev->struct_mutex);
720 for (i = 0; i < pinned_pages; i++)
721 page_cache_release(user_pages[i]);
722 drm_free_large(user_pages);
728 * This is the fast shmem pwrite path, which attempts to directly
729 * copy_from_user into the kmapped pages backing the object.
732 i915_gem_shmem_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
733 struct drm_i915_gem_pwrite *args,
734 struct drm_file *file_priv)
736 struct drm_i915_gem_object *obj_priv = obj->driver_private;
738 loff_t offset, page_base;
739 char __user *user_data;
740 int page_offset, page_length;
743 user_data = (char __user *) (uintptr_t) args->data_ptr;
746 mutex_lock(&dev->struct_mutex);
748 ret = i915_gem_object_get_pages(obj);
752 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
756 obj_priv = obj->driver_private;
757 offset = args->offset;
761 /* Operation in this page
763 * page_base = page offset within aperture
764 * page_offset = offset within page
765 * page_length = bytes to copy for this page
767 page_base = (offset & ~(PAGE_SIZE-1));
768 page_offset = offset & (PAGE_SIZE-1);
769 page_length = remain;
770 if ((page_offset + remain) > PAGE_SIZE)
771 page_length = PAGE_SIZE - page_offset;
773 ret = fast_shmem_write(obj_priv->pages,
774 page_base, page_offset,
775 user_data, page_length);
779 remain -= page_length;
780 user_data += page_length;
781 offset += page_length;
785 i915_gem_object_put_pages(obj);
787 mutex_unlock(&dev->struct_mutex);
793 * This is the fallback shmem pwrite path, which uses get_user_pages to pin
794 * the memory and maps it using kmap_atomic for copying.
796 * This avoids taking mmap_sem for faulting on the user's address while the
797 * struct_mutex is held.
800 i915_gem_shmem_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
801 struct drm_i915_gem_pwrite *args,
802 struct drm_file *file_priv)
804 struct drm_i915_gem_object *obj_priv = obj->driver_private;
805 struct mm_struct *mm = current->mm;
806 struct page **user_pages;
808 loff_t offset, pinned_pages, i;
809 loff_t first_data_page, last_data_page, num_pages;
810 int shmem_page_index, shmem_page_offset;
811 int data_page_index, data_page_offset;
814 uint64_t data_ptr = args->data_ptr;
815 int do_bit17_swizzling;
819 /* Pin the user pages containing the data. We can't fault while
820 * holding the struct mutex, and all of the pwrite implementations
821 * want to hold it while dereferencing the user data.
823 first_data_page = data_ptr / PAGE_SIZE;
824 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
825 num_pages = last_data_page - first_data_page + 1;
827 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
828 if (user_pages == NULL)
831 down_read(&mm->mmap_sem);
832 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
833 num_pages, 0, 0, user_pages, NULL);
834 up_read(&mm->mmap_sem);
835 if (pinned_pages < num_pages) {
837 goto fail_put_user_pages;
840 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
842 mutex_lock(&dev->struct_mutex);
844 ret = i915_gem_object_get_pages(obj);
848 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
852 obj_priv = obj->driver_private;
853 offset = args->offset;
857 /* Operation in this page
859 * shmem_page_index = page number within shmem file
860 * shmem_page_offset = offset within page in shmem file
861 * data_page_index = page number in get_user_pages return
862 * data_page_offset = offset with data_page_index page.
863 * page_length = bytes to copy for this page
865 shmem_page_index = offset / PAGE_SIZE;
866 shmem_page_offset = offset & ~PAGE_MASK;
867 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
868 data_page_offset = data_ptr & ~PAGE_MASK;
870 page_length = remain;
871 if ((shmem_page_offset + page_length) > PAGE_SIZE)
872 page_length = PAGE_SIZE - shmem_page_offset;
873 if ((data_page_offset + page_length) > PAGE_SIZE)
874 page_length = PAGE_SIZE - data_page_offset;
876 if (do_bit17_swizzling) {
877 ret = slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
879 user_pages[data_page_index],
884 ret = slow_shmem_copy(obj_priv->pages[shmem_page_index],
886 user_pages[data_page_index],
893 remain -= page_length;
894 data_ptr += page_length;
895 offset += page_length;
899 i915_gem_object_put_pages(obj);
901 mutex_unlock(&dev->struct_mutex);
903 for (i = 0; i < pinned_pages; i++)
904 page_cache_release(user_pages[i]);
905 drm_free_large(user_pages);
911 * Writes data to the object referenced by handle.
913 * On error, the contents of the buffer that were to be modified are undefined.
916 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data,
917 struct drm_file *file_priv)
919 struct drm_i915_gem_pwrite *args = data;
920 struct drm_gem_object *obj;
921 struct drm_i915_gem_object *obj_priv;
924 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
927 obj_priv = obj->driver_private;
929 /* Bounds check destination.
931 * XXX: This could use review for overflow issues...
933 if (args->offset > obj->size || args->size > obj->size ||
934 args->offset + args->size > obj->size) {
935 drm_gem_object_unreference(obj);
939 /* We can only do the GTT pwrite on untiled buffers, as otherwise
940 * it would end up going through the fenced access, and we'll get
941 * different detiling behavior between reading and writing.
942 * pread/pwrite currently are reading and writing from the CPU
943 * perspective, requiring manual detiling by the client.
945 if (obj_priv->phys_obj)
946 ret = i915_gem_phys_pwrite(dev, obj, args, file_priv);
947 else if (obj_priv->tiling_mode == I915_TILING_NONE &&
948 dev->gtt_total != 0) {
949 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file_priv);
950 if (ret == -EFAULT) {
951 ret = i915_gem_gtt_pwrite_slow(dev, obj, args,
954 } else if (i915_gem_object_needs_bit17_swizzle(obj)) {
955 ret = i915_gem_shmem_pwrite_slow(dev, obj, args, file_priv);
957 ret = i915_gem_shmem_pwrite_fast(dev, obj, args, file_priv);
958 if (ret == -EFAULT) {
959 ret = i915_gem_shmem_pwrite_slow(dev, obj, args,
966 DRM_INFO("pwrite failed %d\n", ret);
969 drm_gem_object_unreference(obj);
975 * Called when user space prepares to use an object with the CPU, either
976 * through the mmap ioctl's mapping or a GTT mapping.
979 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data,
980 struct drm_file *file_priv)
982 struct drm_i915_private *dev_priv = dev->dev_private;
983 struct drm_i915_gem_set_domain *args = data;
984 struct drm_gem_object *obj;
985 struct drm_i915_gem_object *obj_priv;
986 uint32_t read_domains = args->read_domains;
987 uint32_t write_domain = args->write_domain;
990 if (!(dev->driver->driver_features & DRIVER_GEM))
993 /* Only handle setting domains to types used by the CPU. */
994 if (write_domain & I915_GEM_GPU_DOMAINS)
997 if (read_domains & I915_GEM_GPU_DOMAINS)
1000 /* Having something in the write domain implies it's in the read
1001 * domain, and only that read domain. Enforce that in the request.
1003 if (write_domain != 0 && read_domains != write_domain)
1006 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1009 obj_priv = obj->driver_private;
1011 mutex_lock(&dev->struct_mutex);
1013 intel_mark_busy(dev, obj);
1016 DRM_INFO("set_domain_ioctl %p(%zd), %08x %08x\n",
1017 obj, obj->size, read_domains, write_domain);
1019 if (read_domains & I915_GEM_DOMAIN_GTT) {
1020 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0);
1022 /* Update the LRU on the fence for the CPU access that's
1025 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
1026 list_move_tail(&obj_priv->fence_list,
1027 &dev_priv->mm.fence_list);
1030 /* Silently promote "you're not bound, there was nothing to do"
1031 * to success, since the client was just asking us to
1032 * make sure everything was done.
1037 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0);
1040 drm_gem_object_unreference(obj);
1041 mutex_unlock(&dev->struct_mutex);
1046 * Called when user space has done writes to this buffer
1049 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data,
1050 struct drm_file *file_priv)
1052 struct drm_i915_gem_sw_finish *args = data;
1053 struct drm_gem_object *obj;
1054 struct drm_i915_gem_object *obj_priv;
1057 if (!(dev->driver->driver_features & DRIVER_GEM))
1060 mutex_lock(&dev->struct_mutex);
1061 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1063 mutex_unlock(&dev->struct_mutex);
1068 DRM_INFO("%s: sw_finish %d (%p %zd)\n",
1069 __func__, args->handle, obj, obj->size);
1071 obj_priv = obj->driver_private;
1073 /* Pinned buffers may be scanout, so flush the cache */
1074 if (obj_priv->pin_count)
1075 i915_gem_object_flush_cpu_write_domain(obj);
1077 drm_gem_object_unreference(obj);
1078 mutex_unlock(&dev->struct_mutex);
1083 * Maps the contents of an object, returning the address it is mapped
1086 * While the mapping holds a reference on the contents of the object, it doesn't
1087 * imply a ref on the object itself.
1090 i915_gem_mmap_ioctl(struct drm_device *dev, void *data,
1091 struct drm_file *file_priv)
1093 struct drm_i915_gem_mmap *args = data;
1094 struct drm_gem_object *obj;
1098 if (!(dev->driver->driver_features & DRIVER_GEM))
1101 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1105 offset = args->offset;
1107 down_write(¤t->mm->mmap_sem);
1108 addr = do_mmap(obj->filp, 0, args->size,
1109 PROT_READ | PROT_WRITE, MAP_SHARED,
1111 up_write(¤t->mm->mmap_sem);
1112 mutex_lock(&dev->struct_mutex);
1113 drm_gem_object_unreference(obj);
1114 mutex_unlock(&dev->struct_mutex);
1115 if (IS_ERR((void *)addr))
1118 args->addr_ptr = (uint64_t) addr;
1124 * i915_gem_fault - fault a page into the GTT
1125 * vma: VMA in question
1128 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped
1129 * from userspace. The fault handler takes care of binding the object to
1130 * the GTT (if needed), allocating and programming a fence register (again,
1131 * only if needed based on whether the old reg is still valid or the object
1132 * is tiled) and inserting a new PTE into the faulting process.
1134 * Note that the faulting process may involve evicting existing objects
1135 * from the GTT and/or fence registers to make room. So performance may
1136 * suffer if the GTT working set is large or there are few fence registers
1139 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1141 struct drm_gem_object *obj = vma->vm_private_data;
1142 struct drm_device *dev = obj->dev;
1143 struct drm_i915_private *dev_priv = dev->dev_private;
1144 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1145 pgoff_t page_offset;
1148 bool write = !!(vmf->flags & FAULT_FLAG_WRITE);
1150 /* We don't use vmf->pgoff since that has the fake offset */
1151 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >>
1154 /* Now bind it into the GTT if needed */
1155 mutex_lock(&dev->struct_mutex);
1156 if (!obj_priv->gtt_space) {
1157 ret = i915_gem_object_bind_to_gtt(obj, obj_priv->gtt_alignment);
1159 mutex_unlock(&dev->struct_mutex);
1160 return VM_FAULT_SIGBUS;
1163 ret = i915_gem_object_set_to_gtt_domain(obj, write);
1165 mutex_unlock(&dev->struct_mutex);
1166 return VM_FAULT_SIGBUS;
1169 list_add_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1172 /* Need a new fence register? */
1173 if (obj_priv->tiling_mode != I915_TILING_NONE) {
1174 ret = i915_gem_object_get_fence_reg(obj);
1176 mutex_unlock(&dev->struct_mutex);
1177 return VM_FAULT_SIGBUS;
1181 pfn = ((dev->agp->base + obj_priv->gtt_offset) >> PAGE_SHIFT) +
1184 /* Finally, remap it using the new GTT offset */
1185 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn);
1187 mutex_unlock(&dev->struct_mutex);
1192 return VM_FAULT_OOM;
1195 return VM_FAULT_SIGBUS;
1197 return VM_FAULT_NOPAGE;
1202 * i915_gem_create_mmap_offset - create a fake mmap offset for an object
1203 * @obj: obj in question
1205 * GEM memory mapping works by handing back to userspace a fake mmap offset
1206 * it can use in a subsequent mmap(2) call. The DRM core code then looks
1207 * up the object based on the offset and sets up the various memory mapping
1210 * This routine allocates and attaches a fake offset for @obj.
1213 i915_gem_create_mmap_offset(struct drm_gem_object *obj)
1215 struct drm_device *dev = obj->dev;
1216 struct drm_gem_mm *mm = dev->mm_private;
1217 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1218 struct drm_map_list *list;
1219 struct drm_local_map *map;
1222 /* Set the object up for mmap'ing */
1223 list = &obj->map_list;
1224 list->map = kzalloc(sizeof(struct drm_map_list), GFP_KERNEL);
1229 map->type = _DRM_GEM;
1230 map->size = obj->size;
1233 /* Get a DRM GEM mmap offset allocated... */
1234 list->file_offset_node = drm_mm_search_free(&mm->offset_manager,
1235 obj->size / PAGE_SIZE, 0, 0);
1236 if (!list->file_offset_node) {
1237 DRM_ERROR("failed to allocate offset for bo %d\n", obj->name);
1242 list->file_offset_node = drm_mm_get_block(list->file_offset_node,
1243 obj->size / PAGE_SIZE, 0);
1244 if (!list->file_offset_node) {
1249 list->hash.key = list->file_offset_node->start;
1250 if (drm_ht_insert_item(&mm->offset_hash, &list->hash)) {
1251 DRM_ERROR("failed to add to map hash\n");
1255 /* By now we should be all set, any drm_mmap request on the offset
1256 * below will get to our mmap & fault handler */
1257 obj_priv->mmap_offset = ((uint64_t) list->hash.key) << PAGE_SHIFT;
1262 drm_mm_put_block(list->file_offset_node);
1270 * i915_gem_release_mmap - remove physical page mappings
1271 * @obj: obj in question
1273 * Preserve the reservation of the mmaping with the DRM core code, but
1274 * relinquish ownership of the pages back to the system.
1276 * It is vital that we remove the page mapping if we have mapped a tiled
1277 * object through the GTT and then lose the fence register due to
1278 * resource pressure. Similarly if the object has been moved out of the
1279 * aperture, than pages mapped into userspace must be revoked. Removing the
1280 * mapping will then trigger a page fault on the next user access, allowing
1281 * fixup by i915_gem_fault().
1284 i915_gem_release_mmap(struct drm_gem_object *obj)
1286 struct drm_device *dev = obj->dev;
1287 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1289 if (dev->dev_mapping)
1290 unmap_mapping_range(dev->dev_mapping,
1291 obj_priv->mmap_offset, obj->size, 1);
1295 i915_gem_free_mmap_offset(struct drm_gem_object *obj)
1297 struct drm_device *dev = obj->dev;
1298 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1299 struct drm_gem_mm *mm = dev->mm_private;
1300 struct drm_map_list *list;
1302 list = &obj->map_list;
1303 drm_ht_remove_item(&mm->offset_hash, &list->hash);
1305 if (list->file_offset_node) {
1306 drm_mm_put_block(list->file_offset_node);
1307 list->file_offset_node = NULL;
1315 obj_priv->mmap_offset = 0;
1319 * i915_gem_get_gtt_alignment - return required GTT alignment for an object
1320 * @obj: object to check
1322 * Return the required GTT alignment for an object, taking into account
1323 * potential fence register mapping if needed.
1326 i915_gem_get_gtt_alignment(struct drm_gem_object *obj)
1328 struct drm_device *dev = obj->dev;
1329 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1333 * Minimum alignment is 4k (GTT page size), but might be greater
1334 * if a fence register is needed for the object.
1336 if (IS_I965G(dev) || obj_priv->tiling_mode == I915_TILING_NONE)
1340 * Previous chips need to be aligned to the size of the smallest
1341 * fence register that can contain the object.
1348 for (i = start; i < obj->size; i <<= 1)
1355 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing
1357 * @data: GTT mapping ioctl data
1358 * @file_priv: GEM object info
1360 * Simply returns the fake offset to userspace so it can mmap it.
1361 * The mmap call will end up in drm_gem_mmap(), which will set things
1362 * up so we can get faults in the handler above.
1364 * The fault handler will take care of binding the object into the GTT
1365 * (since it may have been evicted to make room for something), allocating
1366 * a fence register, and mapping the appropriate aperture address into
1370 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data,
1371 struct drm_file *file_priv)
1373 struct drm_i915_gem_mmap_gtt *args = data;
1374 struct drm_i915_private *dev_priv = dev->dev_private;
1375 struct drm_gem_object *obj;
1376 struct drm_i915_gem_object *obj_priv;
1379 if (!(dev->driver->driver_features & DRIVER_GEM))
1382 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1386 mutex_lock(&dev->struct_mutex);
1388 obj_priv = obj->driver_private;
1390 if (!obj_priv->mmap_offset) {
1391 ret = i915_gem_create_mmap_offset(obj);
1393 drm_gem_object_unreference(obj);
1394 mutex_unlock(&dev->struct_mutex);
1399 args->offset = obj_priv->mmap_offset;
1401 obj_priv->gtt_alignment = i915_gem_get_gtt_alignment(obj);
1403 /* Make sure the alignment is correct for fence regs etc */
1404 if (obj_priv->agp_mem &&
1405 (obj_priv->gtt_offset & (obj_priv->gtt_alignment - 1))) {
1406 drm_gem_object_unreference(obj);
1407 mutex_unlock(&dev->struct_mutex);
1412 * Pull it into the GTT so that we have a page list (makes the
1413 * initial fault faster and any subsequent flushing possible).
1415 if (!obj_priv->agp_mem) {
1416 ret = i915_gem_object_bind_to_gtt(obj, obj_priv->gtt_alignment);
1418 drm_gem_object_unreference(obj);
1419 mutex_unlock(&dev->struct_mutex);
1422 list_add_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1425 drm_gem_object_unreference(obj);
1426 mutex_unlock(&dev->struct_mutex);
1432 i915_gem_object_put_pages(struct drm_gem_object *obj)
1434 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1435 int page_count = obj->size / PAGE_SIZE;
1438 BUG_ON(obj_priv->pages_refcount == 0);
1440 if (--obj_priv->pages_refcount != 0)
1443 if (obj_priv->tiling_mode != I915_TILING_NONE)
1444 i915_gem_object_save_bit_17_swizzle(obj);
1446 for (i = 0; i < page_count; i++)
1447 if (obj_priv->pages[i] != NULL) {
1448 if (obj_priv->dirty)
1449 set_page_dirty(obj_priv->pages[i]);
1450 mark_page_accessed(obj_priv->pages[i]);
1451 page_cache_release(obj_priv->pages[i]);
1453 obj_priv->dirty = 0;
1455 drm_free_large(obj_priv->pages);
1456 obj_priv->pages = NULL;
1460 i915_gem_object_move_to_active(struct drm_gem_object *obj, uint32_t seqno)
1462 struct drm_device *dev = obj->dev;
1463 drm_i915_private_t *dev_priv = dev->dev_private;
1464 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1466 /* Add a reference if we're newly entering the active list. */
1467 if (!obj_priv->active) {
1468 drm_gem_object_reference(obj);
1469 obj_priv->active = 1;
1471 /* Move from whatever list we were on to the tail of execution. */
1472 spin_lock(&dev_priv->mm.active_list_lock);
1473 list_move_tail(&obj_priv->list,
1474 &dev_priv->mm.active_list);
1475 spin_unlock(&dev_priv->mm.active_list_lock);
1476 obj_priv->last_rendering_seqno = seqno;
1480 i915_gem_object_move_to_flushing(struct drm_gem_object *obj)
1482 struct drm_device *dev = obj->dev;
1483 drm_i915_private_t *dev_priv = dev->dev_private;
1484 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1486 BUG_ON(!obj_priv->active);
1487 list_move_tail(&obj_priv->list, &dev_priv->mm.flushing_list);
1488 obj_priv->last_rendering_seqno = 0;
1492 i915_gem_object_move_to_inactive(struct drm_gem_object *obj)
1494 struct drm_device *dev = obj->dev;
1495 drm_i915_private_t *dev_priv = dev->dev_private;
1496 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1498 i915_verify_inactive(dev, __FILE__, __LINE__);
1499 if (obj_priv->pin_count != 0)
1500 list_del_init(&obj_priv->list);
1502 list_move_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1504 obj_priv->last_rendering_seqno = 0;
1505 if (obj_priv->active) {
1506 obj_priv->active = 0;
1507 drm_gem_object_unreference(obj);
1509 i915_verify_inactive(dev, __FILE__, __LINE__);
1513 * Creates a new sequence number, emitting a write of it to the status page
1514 * plus an interrupt, which will trigger i915_user_interrupt_handler.
1516 * Must be called with struct_lock held.
1518 * Returned sequence numbers are nonzero on success.
1521 i915_add_request(struct drm_device *dev, struct drm_file *file_priv,
1522 uint32_t flush_domains)
1524 drm_i915_private_t *dev_priv = dev->dev_private;
1525 struct drm_i915_file_private *i915_file_priv = NULL;
1526 struct drm_i915_gem_request *request;
1531 if (file_priv != NULL)
1532 i915_file_priv = file_priv->driver_priv;
1534 request = kzalloc(sizeof(*request), GFP_KERNEL);
1535 if (request == NULL)
1538 /* Grab the seqno we're going to make this request be, and bump the
1539 * next (skipping 0 so it can be the reserved no-seqno value).
1541 seqno = dev_priv->mm.next_gem_seqno;
1542 dev_priv->mm.next_gem_seqno++;
1543 if (dev_priv->mm.next_gem_seqno == 0)
1544 dev_priv->mm.next_gem_seqno++;
1547 OUT_RING(MI_STORE_DWORD_INDEX);
1548 OUT_RING(I915_GEM_HWS_INDEX << MI_STORE_DWORD_INDEX_SHIFT);
1551 OUT_RING(MI_USER_INTERRUPT);
1554 DRM_DEBUG("%d\n", seqno);
1556 request->seqno = seqno;
1557 request->emitted_jiffies = jiffies;
1558 was_empty = list_empty(&dev_priv->mm.request_list);
1559 list_add_tail(&request->list, &dev_priv->mm.request_list);
1560 if (i915_file_priv) {
1561 list_add_tail(&request->client_list,
1562 &i915_file_priv->mm.request_list);
1564 INIT_LIST_HEAD(&request->client_list);
1567 /* Associate any objects on the flushing list matching the write
1568 * domain we're flushing with our flush.
1570 if (flush_domains != 0) {
1571 struct drm_i915_gem_object *obj_priv, *next;
1573 list_for_each_entry_safe(obj_priv, next,
1574 &dev_priv->mm.flushing_list, list) {
1575 struct drm_gem_object *obj = obj_priv->obj;
1577 if ((obj->write_domain & flush_domains) ==
1578 obj->write_domain) {
1579 obj->write_domain = 0;
1580 i915_gem_object_move_to_active(obj, seqno);
1586 if (was_empty && !dev_priv->mm.suspended)
1587 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1592 * Command execution barrier
1594 * Ensures that all commands in the ring are finished
1595 * before signalling the CPU
1598 i915_retire_commands(struct drm_device *dev)
1600 drm_i915_private_t *dev_priv = dev->dev_private;
1601 uint32_t cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1602 uint32_t flush_domains = 0;
1605 /* The sampler always gets flushed on i965 (sigh) */
1607 flush_domains |= I915_GEM_DOMAIN_SAMPLER;
1610 OUT_RING(0); /* noop */
1612 return flush_domains;
1616 * Moves buffers associated only with the given active seqno from the active
1617 * to inactive list, potentially freeing them.
1620 i915_gem_retire_request(struct drm_device *dev,
1621 struct drm_i915_gem_request *request)
1623 drm_i915_private_t *dev_priv = dev->dev_private;
1625 /* Move any buffers on the active list that are no longer referenced
1626 * by the ringbuffer to the flushing/inactive lists as appropriate.
1628 spin_lock(&dev_priv->mm.active_list_lock);
1629 while (!list_empty(&dev_priv->mm.active_list)) {
1630 struct drm_gem_object *obj;
1631 struct drm_i915_gem_object *obj_priv;
1633 obj_priv = list_first_entry(&dev_priv->mm.active_list,
1634 struct drm_i915_gem_object,
1636 obj = obj_priv->obj;
1638 /* If the seqno being retired doesn't match the oldest in the
1639 * list, then the oldest in the list must still be newer than
1642 if (obj_priv->last_rendering_seqno != request->seqno)
1646 DRM_INFO("%s: retire %d moves to inactive list %p\n",
1647 __func__, request->seqno, obj);
1650 if (obj->write_domain != 0)
1651 i915_gem_object_move_to_flushing(obj);
1653 /* Take a reference on the object so it won't be
1654 * freed while the spinlock is held. The list
1655 * protection for this spinlock is safe when breaking
1656 * the lock like this since the next thing we do
1657 * is just get the head of the list again.
1659 drm_gem_object_reference(obj);
1660 i915_gem_object_move_to_inactive(obj);
1661 spin_unlock(&dev_priv->mm.active_list_lock);
1662 drm_gem_object_unreference(obj);
1663 spin_lock(&dev_priv->mm.active_list_lock);
1667 spin_unlock(&dev_priv->mm.active_list_lock);
1671 * Returns true if seq1 is later than seq2.
1674 i915_seqno_passed(uint32_t seq1, uint32_t seq2)
1676 return (int32_t)(seq1 - seq2) >= 0;
1680 i915_get_gem_seqno(struct drm_device *dev)
1682 drm_i915_private_t *dev_priv = dev->dev_private;
1684 return READ_HWSP(dev_priv, I915_GEM_HWS_INDEX);
1688 * This function clears the request list as sequence numbers are passed.
1691 i915_gem_retire_requests(struct drm_device *dev)
1693 drm_i915_private_t *dev_priv = dev->dev_private;
1696 if (!dev_priv->hw_status_page)
1699 seqno = i915_get_gem_seqno(dev);
1701 while (!list_empty(&dev_priv->mm.request_list)) {
1702 struct drm_i915_gem_request *request;
1703 uint32_t retiring_seqno;
1705 request = list_first_entry(&dev_priv->mm.request_list,
1706 struct drm_i915_gem_request,
1708 retiring_seqno = request->seqno;
1710 if (i915_seqno_passed(seqno, retiring_seqno) ||
1711 dev_priv->mm.wedged) {
1712 i915_gem_retire_request(dev, request);
1714 list_del(&request->list);
1715 list_del(&request->client_list);
1723 i915_gem_retire_work_handler(struct work_struct *work)
1725 drm_i915_private_t *dev_priv;
1726 struct drm_device *dev;
1728 dev_priv = container_of(work, drm_i915_private_t,
1729 mm.retire_work.work);
1730 dev = dev_priv->dev;
1732 mutex_lock(&dev->struct_mutex);
1733 i915_gem_retire_requests(dev);
1734 if (!dev_priv->mm.suspended &&
1735 !list_empty(&dev_priv->mm.request_list))
1736 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1737 mutex_unlock(&dev->struct_mutex);
1741 * Waits for a sequence number to be signaled, and cleans up the
1742 * request and object lists appropriately for that event.
1745 i915_wait_request(struct drm_device *dev, uint32_t seqno)
1747 drm_i915_private_t *dev_priv = dev->dev_private;
1753 if (!i915_seqno_passed(i915_get_gem_seqno(dev), seqno)) {
1755 ier = I915_READ(DEIER) | I915_READ(GTIER);
1757 ier = I915_READ(IER);
1759 DRM_ERROR("something (likely vbetool) disabled "
1760 "interrupts, re-enabling\n");
1761 i915_driver_irq_preinstall(dev);
1762 i915_driver_irq_postinstall(dev);
1765 dev_priv->mm.waiting_gem_seqno = seqno;
1766 i915_user_irq_get(dev);
1767 ret = wait_event_interruptible(dev_priv->irq_queue,
1768 i915_seqno_passed(i915_get_gem_seqno(dev),
1770 dev_priv->mm.wedged);
1771 i915_user_irq_put(dev);
1772 dev_priv->mm.waiting_gem_seqno = 0;
1774 if (dev_priv->mm.wedged)
1777 if (ret && ret != -ERESTARTSYS)
1778 DRM_ERROR("%s returns %d (awaiting %d at %d)\n",
1779 __func__, ret, seqno, i915_get_gem_seqno(dev));
1781 /* Directly dispatch request retiring. While we have the work queue
1782 * to handle this, the waiter on a request often wants an associated
1783 * buffer to have made it to the inactive list, and we would need
1784 * a separate wait queue to handle that.
1787 i915_gem_retire_requests(dev);
1793 i915_gem_flush(struct drm_device *dev,
1794 uint32_t invalidate_domains,
1795 uint32_t flush_domains)
1797 drm_i915_private_t *dev_priv = dev->dev_private;
1802 DRM_INFO("%s: invalidate %08x flush %08x\n", __func__,
1803 invalidate_domains, flush_domains);
1806 if (flush_domains & I915_GEM_DOMAIN_CPU)
1807 drm_agp_chipset_flush(dev);
1809 if ((invalidate_domains | flush_domains) & I915_GEM_GPU_DOMAINS) {
1811 * read/write caches:
1813 * I915_GEM_DOMAIN_RENDER is always invalidated, but is
1814 * only flushed if MI_NO_WRITE_FLUSH is unset. On 965, it is
1815 * also flushed at 2d versus 3d pipeline switches.
1819 * I915_GEM_DOMAIN_SAMPLER is flushed on pre-965 if
1820 * MI_READ_FLUSH is set, and is always flushed on 965.
1822 * I915_GEM_DOMAIN_COMMAND may not exist?
1824 * I915_GEM_DOMAIN_INSTRUCTION, which exists on 965, is
1825 * invalidated when MI_EXE_FLUSH is set.
1827 * I915_GEM_DOMAIN_VERTEX, which exists on 965, is
1828 * invalidated with every MI_FLUSH.
1832 * On 965, TLBs associated with I915_GEM_DOMAIN_COMMAND
1833 * and I915_GEM_DOMAIN_CPU in are invalidated at PTE write and
1834 * I915_GEM_DOMAIN_RENDER and I915_GEM_DOMAIN_SAMPLER
1835 * are flushed at any MI_FLUSH.
1838 cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1839 if ((invalidate_domains|flush_domains) &
1840 I915_GEM_DOMAIN_RENDER)
1841 cmd &= ~MI_NO_WRITE_FLUSH;
1842 if (!IS_I965G(dev)) {
1844 * On the 965, the sampler cache always gets flushed
1845 * and this bit is reserved.
1847 if (invalidate_domains & I915_GEM_DOMAIN_SAMPLER)
1848 cmd |= MI_READ_FLUSH;
1850 if (invalidate_domains & I915_GEM_DOMAIN_INSTRUCTION)
1851 cmd |= MI_EXE_FLUSH;
1854 DRM_INFO("%s: queue flush %08x to ring\n", __func__, cmd);
1858 OUT_RING(0); /* noop */
1864 * Ensures that all rendering to the object has completed and the object is
1865 * safe to unbind from the GTT or access from the CPU.
1868 i915_gem_object_wait_rendering(struct drm_gem_object *obj)
1870 struct drm_device *dev = obj->dev;
1871 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1874 /* This function only exists to support waiting for existing rendering,
1875 * not for emitting required flushes.
1877 BUG_ON((obj->write_domain & I915_GEM_GPU_DOMAINS) != 0);
1879 /* If there is rendering queued on the buffer being evicted, wait for
1882 if (obj_priv->active) {
1884 DRM_INFO("%s: object %p wait for seqno %08x\n",
1885 __func__, obj, obj_priv->last_rendering_seqno);
1887 ret = i915_wait_request(dev, obj_priv->last_rendering_seqno);
1896 * Unbinds an object from the GTT aperture.
1899 i915_gem_object_unbind(struct drm_gem_object *obj)
1901 struct drm_device *dev = obj->dev;
1902 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1906 DRM_INFO("%s:%d %p\n", __func__, __LINE__, obj);
1907 DRM_INFO("gtt_space %p\n", obj_priv->gtt_space);
1909 if (obj_priv->gtt_space == NULL)
1912 if (obj_priv->pin_count != 0) {
1913 DRM_ERROR("Attempting to unbind pinned buffer\n");
1917 /* Move the object to the CPU domain to ensure that
1918 * any possible CPU writes while it's not in the GTT
1919 * are flushed when we go to remap it. This will
1920 * also ensure that all pending GPU writes are finished
1923 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
1925 if (ret != -ERESTARTSYS)
1926 DRM_ERROR("set_domain failed: %d\n", ret);
1930 if (obj_priv->agp_mem != NULL) {
1931 drm_unbind_agp(obj_priv->agp_mem);
1932 drm_free_agp(obj_priv->agp_mem, obj->size / PAGE_SIZE);
1933 obj_priv->agp_mem = NULL;
1936 BUG_ON(obj_priv->active);
1938 /* blow away mappings if mapped through GTT */
1939 i915_gem_release_mmap(obj);
1941 if (obj_priv->fence_reg != I915_FENCE_REG_NONE)
1942 i915_gem_clear_fence_reg(obj);
1944 i915_gem_object_put_pages(obj);
1946 if (obj_priv->gtt_space) {
1947 atomic_dec(&dev->gtt_count);
1948 atomic_sub(obj->size, &dev->gtt_memory);
1950 drm_mm_put_block(obj_priv->gtt_space);
1951 obj_priv->gtt_space = NULL;
1954 /* Remove ourselves from the LRU list if present. */
1955 if (!list_empty(&obj_priv->list))
1956 list_del_init(&obj_priv->list);
1962 i915_gem_evict_something(struct drm_device *dev)
1964 drm_i915_private_t *dev_priv = dev->dev_private;
1965 struct drm_gem_object *obj;
1966 struct drm_i915_gem_object *obj_priv;
1970 /* If there's an inactive buffer available now, grab it
1973 if (!list_empty(&dev_priv->mm.inactive_list)) {
1974 obj_priv = list_first_entry(&dev_priv->mm.inactive_list,
1975 struct drm_i915_gem_object,
1977 obj = obj_priv->obj;
1978 BUG_ON(obj_priv->pin_count != 0);
1980 DRM_INFO("%s: evicting %p\n", __func__, obj);
1982 BUG_ON(obj_priv->active);
1984 /* Wait on the rendering and unbind the buffer. */
1985 ret = i915_gem_object_unbind(obj);
1989 /* If we didn't get anything, but the ring is still processing
1990 * things, wait for one of those things to finish and hopefully
1991 * leave us a buffer to evict.
1993 if (!list_empty(&dev_priv->mm.request_list)) {
1994 struct drm_i915_gem_request *request;
1996 request = list_first_entry(&dev_priv->mm.request_list,
1997 struct drm_i915_gem_request,
2000 ret = i915_wait_request(dev, request->seqno);
2004 /* if waiting caused an object to become inactive,
2005 * then loop around and wait for it. Otherwise, we
2006 * assume that waiting freed and unbound something,
2007 * so there should now be some space in the GTT
2009 if (!list_empty(&dev_priv->mm.inactive_list))
2014 /* If we didn't have anything on the request list but there
2015 * are buffers awaiting a flush, emit one and try again.
2016 * When we wait on it, those buffers waiting for that flush
2017 * will get moved to inactive.
2019 if (!list_empty(&dev_priv->mm.flushing_list)) {
2020 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
2021 struct drm_i915_gem_object,
2023 obj = obj_priv->obj;
2028 i915_add_request(dev, NULL, obj->write_domain);
2034 DRM_ERROR("inactive empty %d request empty %d "
2035 "flushing empty %d\n",
2036 list_empty(&dev_priv->mm.inactive_list),
2037 list_empty(&dev_priv->mm.request_list),
2038 list_empty(&dev_priv->mm.flushing_list));
2039 /* If we didn't do any of the above, there's nothing to be done
2040 * and we just can't fit it in.
2048 i915_gem_evict_everything(struct drm_device *dev)
2053 ret = i915_gem_evict_something(dev);
2063 i915_gem_object_get_pages(struct drm_gem_object *obj)
2065 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2067 struct address_space *mapping;
2068 struct inode *inode;
2072 if (obj_priv->pages_refcount++ != 0)
2075 /* Get the list of pages out of our struct file. They'll be pinned
2076 * at this point until we release them.
2078 page_count = obj->size / PAGE_SIZE;
2079 BUG_ON(obj_priv->pages != NULL);
2080 obj_priv->pages = drm_calloc_large(page_count, sizeof(struct page *));
2081 if (obj_priv->pages == NULL) {
2082 DRM_ERROR("Faled to allocate page list\n");
2083 obj_priv->pages_refcount--;
2087 inode = obj->filp->f_path.dentry->d_inode;
2088 mapping = inode->i_mapping;
2089 for (i = 0; i < page_count; i++) {
2090 page = read_mapping_page(mapping, i, NULL);
2092 ret = PTR_ERR(page);
2093 DRM_ERROR("read_mapping_page failed: %d\n", ret);
2094 i915_gem_object_put_pages(obj);
2097 obj_priv->pages[i] = page;
2100 if (obj_priv->tiling_mode != I915_TILING_NONE)
2101 i915_gem_object_do_bit_17_swizzle(obj);
2106 static void i965_write_fence_reg(struct drm_i915_fence_reg *reg)
2108 struct drm_gem_object *obj = reg->obj;
2109 struct drm_device *dev = obj->dev;
2110 drm_i915_private_t *dev_priv = dev->dev_private;
2111 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2112 int regnum = obj_priv->fence_reg;
2115 val = (uint64_t)((obj_priv->gtt_offset + obj->size - 4096) &
2117 val |= obj_priv->gtt_offset & 0xfffff000;
2118 val |= ((obj_priv->stride / 128) - 1) << I965_FENCE_PITCH_SHIFT;
2119 if (obj_priv->tiling_mode == I915_TILING_Y)
2120 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
2121 val |= I965_FENCE_REG_VALID;
2123 I915_WRITE64(FENCE_REG_965_0 + (regnum * 8), val);
2126 static void i915_write_fence_reg(struct drm_i915_fence_reg *reg)
2128 struct drm_gem_object *obj = reg->obj;
2129 struct drm_device *dev = obj->dev;
2130 drm_i915_private_t *dev_priv = dev->dev_private;
2131 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2132 int regnum = obj_priv->fence_reg;
2134 uint32_t fence_reg, val;
2137 if ((obj_priv->gtt_offset & ~I915_FENCE_START_MASK) ||
2138 (obj_priv->gtt_offset & (obj->size - 1))) {
2139 WARN(1, "%s: object 0x%08x not 1M or size (0x%zx) aligned\n",
2140 __func__, obj_priv->gtt_offset, obj->size);
2144 if (obj_priv->tiling_mode == I915_TILING_Y &&
2145 HAS_128_BYTE_Y_TILING(dev))
2150 /* Note: pitch better be a power of two tile widths */
2151 pitch_val = obj_priv->stride / tile_width;
2152 pitch_val = ffs(pitch_val) - 1;
2154 val = obj_priv->gtt_offset;
2155 if (obj_priv->tiling_mode == I915_TILING_Y)
2156 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2157 val |= I915_FENCE_SIZE_BITS(obj->size);
2158 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2159 val |= I830_FENCE_REG_VALID;
2162 fence_reg = FENCE_REG_830_0 + (regnum * 4);
2164 fence_reg = FENCE_REG_945_8 + ((regnum - 8) * 4);
2165 I915_WRITE(fence_reg, val);
2168 static void i830_write_fence_reg(struct drm_i915_fence_reg *reg)
2170 struct drm_gem_object *obj = reg->obj;
2171 struct drm_device *dev = obj->dev;
2172 drm_i915_private_t *dev_priv = dev->dev_private;
2173 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2174 int regnum = obj_priv->fence_reg;
2177 uint32_t fence_size_bits;
2179 if ((obj_priv->gtt_offset & ~I830_FENCE_START_MASK) ||
2180 (obj_priv->gtt_offset & (obj->size - 1))) {
2181 WARN(1, "%s: object 0x%08x not 512K or size aligned\n",
2182 __func__, obj_priv->gtt_offset);
2186 pitch_val = obj_priv->stride / 128;
2187 pitch_val = ffs(pitch_val) - 1;
2188 WARN_ON(pitch_val > I830_FENCE_MAX_PITCH_VAL);
2190 val = obj_priv->gtt_offset;
2191 if (obj_priv->tiling_mode == I915_TILING_Y)
2192 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2193 fence_size_bits = I830_FENCE_SIZE_BITS(obj->size);
2194 WARN_ON(fence_size_bits & ~0x00000f00);
2195 val |= fence_size_bits;
2196 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2197 val |= I830_FENCE_REG_VALID;
2199 I915_WRITE(FENCE_REG_830_0 + (regnum * 4), val);
2203 * i915_gem_object_get_fence_reg - set up a fence reg for an object
2204 * @obj: object to map through a fence reg
2206 * When mapping objects through the GTT, userspace wants to be able to write
2207 * to them without having to worry about swizzling if the object is tiled.
2209 * This function walks the fence regs looking for a free one for @obj,
2210 * stealing one if it can't find any.
2212 * It then sets up the reg based on the object's properties: address, pitch
2213 * and tiling format.
2216 i915_gem_object_get_fence_reg(struct drm_gem_object *obj)
2218 struct drm_device *dev = obj->dev;
2219 struct drm_i915_private *dev_priv = dev->dev_private;
2220 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2221 struct drm_i915_fence_reg *reg = NULL;
2222 struct drm_i915_gem_object *old_obj_priv = NULL;
2225 /* Just update our place in the LRU if our fence is getting used. */
2226 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
2227 list_move_tail(&obj_priv->fence_list, &dev_priv->mm.fence_list);
2231 switch (obj_priv->tiling_mode) {
2232 case I915_TILING_NONE:
2233 WARN(1, "allocating a fence for non-tiled object?\n");
2236 if (!obj_priv->stride)
2238 WARN((obj_priv->stride & (512 - 1)),
2239 "object 0x%08x is X tiled but has non-512B pitch\n",
2240 obj_priv->gtt_offset);
2243 if (!obj_priv->stride)
2245 WARN((obj_priv->stride & (128 - 1)),
2246 "object 0x%08x is Y tiled but has non-128B pitch\n",
2247 obj_priv->gtt_offset);
2251 /* First try to find a free reg */
2253 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) {
2254 reg = &dev_priv->fence_regs[i];
2258 old_obj_priv = reg->obj->driver_private;
2259 if (!old_obj_priv->pin_count)
2263 /* None available, try to steal one or wait for a user to finish */
2264 if (i == dev_priv->num_fence_regs) {
2265 struct drm_gem_object *old_obj = NULL;
2270 list_for_each_entry(old_obj_priv, &dev_priv->mm.fence_list,
2272 old_obj = old_obj_priv->obj;
2274 if (old_obj_priv->pin_count)
2277 /* Take a reference, as otherwise the wait_rendering
2278 * below may cause the object to get freed out from
2281 drm_gem_object_reference(old_obj);
2283 /* i915 uses fences for GPU access to tiled buffers */
2284 if (IS_I965G(dev) || !old_obj_priv->active)
2287 /* This brings the object to the head of the LRU if it
2288 * had been written to. The only way this should
2289 * result in us waiting longer than the expected
2290 * optimal amount of time is if there was a
2291 * fence-using buffer later that was read-only.
2293 i915_gem_object_flush_gpu_write_domain(old_obj);
2294 ret = i915_gem_object_wait_rendering(old_obj);
2296 drm_gem_object_unreference(old_obj);
2304 * Zap this virtual mapping so we can set up a fence again
2305 * for this object next time we need it.
2307 i915_gem_release_mmap(old_obj);
2309 i = old_obj_priv->fence_reg;
2310 reg = &dev_priv->fence_regs[i];
2312 old_obj_priv->fence_reg = I915_FENCE_REG_NONE;
2313 list_del_init(&old_obj_priv->fence_list);
2315 drm_gem_object_unreference(old_obj);
2318 obj_priv->fence_reg = i;
2319 list_add_tail(&obj_priv->fence_list, &dev_priv->mm.fence_list);
2324 i965_write_fence_reg(reg);
2325 else if (IS_I9XX(dev))
2326 i915_write_fence_reg(reg);
2328 i830_write_fence_reg(reg);
2334 * i915_gem_clear_fence_reg - clear out fence register info
2335 * @obj: object to clear
2337 * Zeroes out the fence register itself and clears out the associated
2338 * data structures in dev_priv and obj_priv.
2341 i915_gem_clear_fence_reg(struct drm_gem_object *obj)
2343 struct drm_device *dev = obj->dev;
2344 drm_i915_private_t *dev_priv = dev->dev_private;
2345 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2348 I915_WRITE64(FENCE_REG_965_0 + (obj_priv->fence_reg * 8), 0);
2352 if (obj_priv->fence_reg < 8)
2353 fence_reg = FENCE_REG_830_0 + obj_priv->fence_reg * 4;
2355 fence_reg = FENCE_REG_945_8 + (obj_priv->fence_reg -
2358 I915_WRITE(fence_reg, 0);
2361 dev_priv->fence_regs[obj_priv->fence_reg].obj = NULL;
2362 obj_priv->fence_reg = I915_FENCE_REG_NONE;
2363 list_del_init(&obj_priv->fence_list);
2367 * i915_gem_object_put_fence_reg - waits on outstanding fenced access
2368 * to the buffer to finish, and then resets the fence register.
2369 * @obj: tiled object holding a fence register.
2371 * Zeroes out the fence register itself and clears out the associated
2372 * data structures in dev_priv and obj_priv.
2375 i915_gem_object_put_fence_reg(struct drm_gem_object *obj)
2377 struct drm_device *dev = obj->dev;
2378 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2380 if (obj_priv->fence_reg == I915_FENCE_REG_NONE)
2383 /* On the i915, GPU access to tiled buffers is via a fence,
2384 * therefore we must wait for any outstanding access to complete
2385 * before clearing the fence.
2387 if (!IS_I965G(dev)) {
2390 i915_gem_object_flush_gpu_write_domain(obj);
2391 i915_gem_object_flush_gtt_write_domain(obj);
2392 ret = i915_gem_object_wait_rendering(obj);
2397 i915_gem_clear_fence_reg (obj);
2403 * Finds free space in the GTT aperture and binds the object there.
2406 i915_gem_object_bind_to_gtt(struct drm_gem_object *obj, unsigned alignment)
2408 struct drm_device *dev = obj->dev;
2409 drm_i915_private_t *dev_priv = dev->dev_private;
2410 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2411 struct drm_mm_node *free_space;
2412 int page_count, ret;
2414 if (dev_priv->mm.suspended)
2417 alignment = i915_gem_get_gtt_alignment(obj);
2418 if (alignment & (i915_gem_get_gtt_alignment(obj) - 1)) {
2419 DRM_ERROR("Invalid object alignment requested %u\n", alignment);
2424 free_space = drm_mm_search_free(&dev_priv->mm.gtt_space,
2425 obj->size, alignment, 0);
2426 if (free_space != NULL) {
2427 obj_priv->gtt_space = drm_mm_get_block(free_space, obj->size,
2429 if (obj_priv->gtt_space != NULL) {
2430 obj_priv->gtt_space->private = obj;
2431 obj_priv->gtt_offset = obj_priv->gtt_space->start;
2434 if (obj_priv->gtt_space == NULL) {
2437 /* If the gtt is empty and we're still having trouble
2438 * fitting our object in, we're out of memory.
2441 DRM_INFO("%s: GTT full, evicting something\n", __func__);
2443 spin_lock(&dev_priv->mm.active_list_lock);
2444 lists_empty = (list_empty(&dev_priv->mm.inactive_list) &&
2445 list_empty(&dev_priv->mm.flushing_list) &&
2446 list_empty(&dev_priv->mm.active_list));
2447 spin_unlock(&dev_priv->mm.active_list_lock);
2449 DRM_ERROR("GTT full, but LRU list empty\n");
2453 ret = i915_gem_evict_something(dev);
2455 if (ret != -ERESTARTSYS)
2456 DRM_ERROR("Failed to evict a buffer %d\n", ret);
2463 DRM_INFO("Binding object of size %zd at 0x%08x\n",
2464 obj->size, obj_priv->gtt_offset);
2466 ret = i915_gem_object_get_pages(obj);
2468 drm_mm_put_block(obj_priv->gtt_space);
2469 obj_priv->gtt_space = NULL;
2473 page_count = obj->size / PAGE_SIZE;
2474 /* Create an AGP memory structure pointing at our pages, and bind it
2477 obj_priv->agp_mem = drm_agp_bind_pages(dev,
2480 obj_priv->gtt_offset,
2481 obj_priv->agp_type);
2482 if (obj_priv->agp_mem == NULL) {
2483 i915_gem_object_put_pages(obj);
2484 drm_mm_put_block(obj_priv->gtt_space);
2485 obj_priv->gtt_space = NULL;
2488 atomic_inc(&dev->gtt_count);
2489 atomic_add(obj->size, &dev->gtt_memory);
2491 /* Assert that the object is not currently in any GPU domain. As it
2492 * wasn't in the GTT, there shouldn't be any way it could have been in
2495 BUG_ON(obj->read_domains & I915_GEM_GPU_DOMAINS);
2496 BUG_ON(obj->write_domain & I915_GEM_GPU_DOMAINS);
2502 i915_gem_clflush_object(struct drm_gem_object *obj)
2504 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2506 /* If we don't have a page list set up, then we're not pinned
2507 * to GPU, and we can ignore the cache flush because it'll happen
2508 * again at bind time.
2510 if (obj_priv->pages == NULL)
2513 /* XXX: The 865 in particular appears to be weird in how it handles
2514 * cache flushing. We haven't figured it out, but the
2515 * clflush+agp_chipset_flush doesn't appear to successfully get the
2516 * data visible to the PGU, while wbinvd + agp_chipset_flush does.
2518 if (IS_I865G(obj->dev)) {
2523 drm_clflush_pages(obj_priv->pages, obj->size / PAGE_SIZE);
2526 /** Flushes any GPU write domain for the object if it's dirty. */
2528 i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj)
2530 struct drm_device *dev = obj->dev;
2533 if ((obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
2536 /* Queue the GPU write cache flushing we need. */
2537 i915_gem_flush(dev, 0, obj->write_domain);
2538 seqno = i915_add_request(dev, NULL, obj->write_domain);
2539 obj->write_domain = 0;
2540 i915_gem_object_move_to_active(obj, seqno);
2543 /** Flushes the GTT write domain for the object if it's dirty. */
2545 i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj)
2547 if (obj->write_domain != I915_GEM_DOMAIN_GTT)
2550 /* No actual flushing is required for the GTT write domain. Writes
2551 * to it immediately go to main memory as far as we know, so there's
2552 * no chipset flush. It also doesn't land in render cache.
2554 obj->write_domain = 0;
2557 /** Flushes the CPU write domain for the object if it's dirty. */
2559 i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj)
2561 struct drm_device *dev = obj->dev;
2563 if (obj->write_domain != I915_GEM_DOMAIN_CPU)
2566 i915_gem_clflush_object(obj);
2567 drm_agp_chipset_flush(dev);
2568 obj->write_domain = 0;
2572 * Moves a single object to the GTT read, and possibly write domain.
2574 * This function returns when the move is complete, including waiting on
2578 i915_gem_object_set_to_gtt_domain(struct drm_gem_object *obj, int write)
2580 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2583 /* Not valid to be called on unbound objects. */
2584 if (obj_priv->gtt_space == NULL)
2587 i915_gem_object_flush_gpu_write_domain(obj);
2588 /* Wait on any GPU rendering and flushing to occur. */
2589 ret = i915_gem_object_wait_rendering(obj);
2593 /* If we're writing through the GTT domain, then CPU and GPU caches
2594 * will need to be invalidated at next use.
2597 obj->read_domains &= I915_GEM_DOMAIN_GTT;
2599 i915_gem_object_flush_cpu_write_domain(obj);
2601 /* It should now be out of any other write domains, and we can update
2602 * the domain values for our changes.
2604 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_GTT) != 0);
2605 obj->read_domains |= I915_GEM_DOMAIN_GTT;
2607 obj->write_domain = I915_GEM_DOMAIN_GTT;
2608 obj_priv->dirty = 1;
2615 * Moves a single object to the CPU read, and possibly write domain.
2617 * This function returns when the move is complete, including waiting on
2621 i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj, int write)
2625 i915_gem_object_flush_gpu_write_domain(obj);
2626 /* Wait on any GPU rendering and flushing to occur. */
2627 ret = i915_gem_object_wait_rendering(obj);
2631 i915_gem_object_flush_gtt_write_domain(obj);
2633 /* If we have a partially-valid cache of the object in the CPU,
2634 * finish invalidating it and free the per-page flags.
2636 i915_gem_object_set_to_full_cpu_read_domain(obj);
2638 /* Flush the CPU cache if it's still invalid. */
2639 if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0) {
2640 i915_gem_clflush_object(obj);
2642 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2645 /* It should now be out of any other write domains, and we can update
2646 * the domain values for our changes.
2648 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2650 /* If we're writing through the CPU, then the GPU read domains will
2651 * need to be invalidated at next use.
2654 obj->read_domains &= I915_GEM_DOMAIN_CPU;
2655 obj->write_domain = I915_GEM_DOMAIN_CPU;
2662 * Set the next domain for the specified object. This
2663 * may not actually perform the necessary flushing/invaliding though,
2664 * as that may want to be batched with other set_domain operations
2666 * This is (we hope) the only really tricky part of gem. The goal
2667 * is fairly simple -- track which caches hold bits of the object
2668 * and make sure they remain coherent. A few concrete examples may
2669 * help to explain how it works. For shorthand, we use the notation
2670 * (read_domains, write_domain), e.g. (CPU, CPU) to indicate the
2671 * a pair of read and write domain masks.
2673 * Case 1: the batch buffer
2679 * 5. Unmapped from GTT
2682 * Let's take these a step at a time
2685 * Pages allocated from the kernel may still have
2686 * cache contents, so we set them to (CPU, CPU) always.
2687 * 2. Written by CPU (using pwrite)
2688 * The pwrite function calls set_domain (CPU, CPU) and
2689 * this function does nothing (as nothing changes)
2691 * This function asserts that the object is not
2692 * currently in any GPU-based read or write domains
2694 * i915_gem_execbuffer calls set_domain (COMMAND, 0).
2695 * As write_domain is zero, this function adds in the
2696 * current read domains (CPU+COMMAND, 0).
2697 * flush_domains is set to CPU.
2698 * invalidate_domains is set to COMMAND
2699 * clflush is run to get data out of the CPU caches
2700 * then i915_dev_set_domain calls i915_gem_flush to
2701 * emit an MI_FLUSH and drm_agp_chipset_flush
2702 * 5. Unmapped from GTT
2703 * i915_gem_object_unbind calls set_domain (CPU, CPU)
2704 * flush_domains and invalidate_domains end up both zero
2705 * so no flushing/invalidating happens
2709 * Case 2: The shared render buffer
2713 * 3. Read/written by GPU
2714 * 4. set_domain to (CPU,CPU)
2715 * 5. Read/written by CPU
2716 * 6. Read/written by GPU
2719 * Same as last example, (CPU, CPU)
2721 * Nothing changes (assertions find that it is not in the GPU)
2722 * 3. Read/written by GPU
2723 * execbuffer calls set_domain (RENDER, RENDER)
2724 * flush_domains gets CPU
2725 * invalidate_domains gets GPU
2727 * MI_FLUSH and drm_agp_chipset_flush
2728 * 4. set_domain (CPU, CPU)
2729 * flush_domains gets GPU
2730 * invalidate_domains gets CPU
2731 * wait_rendering (obj) to make sure all drawing is complete.
2732 * This will include an MI_FLUSH to get the data from GPU
2734 * clflush (obj) to invalidate the CPU cache
2735 * Another MI_FLUSH in i915_gem_flush (eliminate this somehow?)
2736 * 5. Read/written by CPU
2737 * cache lines are loaded and dirtied
2738 * 6. Read written by GPU
2739 * Same as last GPU access
2741 * Case 3: The constant buffer
2746 * 4. Updated (written) by CPU again
2755 * flush_domains = CPU
2756 * invalidate_domains = RENDER
2759 * drm_agp_chipset_flush
2760 * 4. Updated (written) by CPU again
2762 * flush_domains = 0 (no previous write domain)
2763 * invalidate_domains = 0 (no new read domains)
2766 * flush_domains = CPU
2767 * invalidate_domains = RENDER
2770 * drm_agp_chipset_flush
2773 i915_gem_object_set_to_gpu_domain(struct drm_gem_object *obj)
2775 struct drm_device *dev = obj->dev;
2776 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2777 uint32_t invalidate_domains = 0;
2778 uint32_t flush_domains = 0;
2780 BUG_ON(obj->pending_read_domains & I915_GEM_DOMAIN_CPU);
2781 BUG_ON(obj->pending_write_domain == I915_GEM_DOMAIN_CPU);
2783 intel_mark_busy(dev, obj);
2786 DRM_INFO("%s: object %p read %08x -> %08x write %08x -> %08x\n",
2788 obj->read_domains, obj->pending_read_domains,
2789 obj->write_domain, obj->pending_write_domain);
2792 * If the object isn't moving to a new write domain,
2793 * let the object stay in multiple read domains
2795 if (obj->pending_write_domain == 0)
2796 obj->pending_read_domains |= obj->read_domains;
2798 obj_priv->dirty = 1;
2801 * Flush the current write domain if
2802 * the new read domains don't match. Invalidate
2803 * any read domains which differ from the old
2806 if (obj->write_domain &&
2807 obj->write_domain != obj->pending_read_domains) {
2808 flush_domains |= obj->write_domain;
2809 invalidate_domains |=
2810 obj->pending_read_domains & ~obj->write_domain;
2813 * Invalidate any read caches which may have
2814 * stale data. That is, any new read domains.
2816 invalidate_domains |= obj->pending_read_domains & ~obj->read_domains;
2817 if ((flush_domains | invalidate_domains) & I915_GEM_DOMAIN_CPU) {
2819 DRM_INFO("%s: CPU domain flush %08x invalidate %08x\n",
2820 __func__, flush_domains, invalidate_domains);
2822 i915_gem_clflush_object(obj);
2825 /* The actual obj->write_domain will be updated with
2826 * pending_write_domain after we emit the accumulated flush for all
2827 * of our domain changes in execbuffers (which clears objects'
2828 * write_domains). So if we have a current write domain that we
2829 * aren't changing, set pending_write_domain to that.
2831 if (flush_domains == 0 && obj->pending_write_domain == 0)
2832 obj->pending_write_domain = obj->write_domain;
2833 obj->read_domains = obj->pending_read_domains;
2835 dev->invalidate_domains |= invalidate_domains;
2836 dev->flush_domains |= flush_domains;
2838 DRM_INFO("%s: read %08x write %08x invalidate %08x flush %08x\n",
2840 obj->read_domains, obj->write_domain,
2841 dev->invalidate_domains, dev->flush_domains);
2846 * Moves the object from a partially CPU read to a full one.
2848 * Note that this only resolves i915_gem_object_set_cpu_read_domain_range(),
2849 * and doesn't handle transitioning from !(read_domains & I915_GEM_DOMAIN_CPU).
2852 i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj)
2854 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2856 if (!obj_priv->page_cpu_valid)
2859 /* If we're partially in the CPU read domain, finish moving it in.
2861 if (obj->read_domains & I915_GEM_DOMAIN_CPU) {
2864 for (i = 0; i <= (obj->size - 1) / PAGE_SIZE; i++) {
2865 if (obj_priv->page_cpu_valid[i])
2867 drm_clflush_pages(obj_priv->pages + i, 1);
2871 /* Free the page_cpu_valid mappings which are now stale, whether
2872 * or not we've got I915_GEM_DOMAIN_CPU.
2874 kfree(obj_priv->page_cpu_valid);
2875 obj_priv->page_cpu_valid = NULL;
2879 * Set the CPU read domain on a range of the object.
2881 * The object ends up with I915_GEM_DOMAIN_CPU in its read flags although it's
2882 * not entirely valid. The page_cpu_valid member of the object flags which
2883 * pages have been flushed, and will be respected by
2884 * i915_gem_object_set_to_cpu_domain() if it's called on to get a valid mapping
2885 * of the whole object.
2887 * This function returns when the move is complete, including waiting on
2891 i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
2892 uint64_t offset, uint64_t size)
2894 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2897 if (offset == 0 && size == obj->size)
2898 return i915_gem_object_set_to_cpu_domain(obj, 0);
2900 i915_gem_object_flush_gpu_write_domain(obj);
2901 /* Wait on any GPU rendering and flushing to occur. */
2902 ret = i915_gem_object_wait_rendering(obj);
2905 i915_gem_object_flush_gtt_write_domain(obj);
2907 /* If we're already fully in the CPU read domain, we're done. */
2908 if (obj_priv->page_cpu_valid == NULL &&
2909 (obj->read_domains & I915_GEM_DOMAIN_CPU) != 0)
2912 /* Otherwise, create/clear the per-page CPU read domain flag if we're
2913 * newly adding I915_GEM_DOMAIN_CPU
2915 if (obj_priv->page_cpu_valid == NULL) {
2916 obj_priv->page_cpu_valid = kzalloc(obj->size / PAGE_SIZE,
2918 if (obj_priv->page_cpu_valid == NULL)
2920 } else if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0)
2921 memset(obj_priv->page_cpu_valid, 0, obj->size / PAGE_SIZE);
2923 /* Flush the cache on any pages that are still invalid from the CPU's
2926 for (i = offset / PAGE_SIZE; i <= (offset + size - 1) / PAGE_SIZE;
2928 if (obj_priv->page_cpu_valid[i])
2931 drm_clflush_pages(obj_priv->pages + i, 1);
2933 obj_priv->page_cpu_valid[i] = 1;
2936 /* It should now be out of any other write domains, and we can update
2937 * the domain values for our changes.
2939 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2941 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2947 * Pin an object to the GTT and evaluate the relocations landing in it.
2950 i915_gem_object_pin_and_relocate(struct drm_gem_object *obj,
2951 struct drm_file *file_priv,
2952 struct drm_i915_gem_exec_object *entry,
2953 struct drm_i915_gem_relocation_entry *relocs)
2955 struct drm_device *dev = obj->dev;
2956 drm_i915_private_t *dev_priv = dev->dev_private;
2957 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2959 void __iomem *reloc_page;
2961 /* Choose the GTT offset for our buffer and put it there. */
2962 ret = i915_gem_object_pin(obj, (uint32_t) entry->alignment);
2966 entry->offset = obj_priv->gtt_offset;
2968 /* Apply the relocations, using the GTT aperture to avoid cache
2969 * flushing requirements.
2971 for (i = 0; i < entry->relocation_count; i++) {
2972 struct drm_i915_gem_relocation_entry *reloc= &relocs[i];
2973 struct drm_gem_object *target_obj;
2974 struct drm_i915_gem_object *target_obj_priv;
2975 uint32_t reloc_val, reloc_offset;
2976 uint32_t __iomem *reloc_entry;
2978 target_obj = drm_gem_object_lookup(obj->dev, file_priv,
2979 reloc->target_handle);
2980 if (target_obj == NULL) {
2981 i915_gem_object_unpin(obj);
2984 target_obj_priv = target_obj->driver_private;
2986 /* The target buffer should have appeared before us in the
2987 * exec_object list, so it should have a GTT space bound by now.
2989 if (target_obj_priv->gtt_space == NULL) {
2990 DRM_ERROR("No GTT space found for object %d\n",
2991 reloc->target_handle);
2992 drm_gem_object_unreference(target_obj);
2993 i915_gem_object_unpin(obj);
2997 if (reloc->offset > obj->size - 4) {
2998 DRM_ERROR("Relocation beyond object bounds: "
2999 "obj %p target %d offset %d size %d.\n",
3000 obj, reloc->target_handle,
3001 (int) reloc->offset, (int) obj->size);
3002 drm_gem_object_unreference(target_obj);
3003 i915_gem_object_unpin(obj);
3006 if (reloc->offset & 3) {
3007 DRM_ERROR("Relocation not 4-byte aligned: "
3008 "obj %p target %d offset %d.\n",
3009 obj, reloc->target_handle,
3010 (int) reloc->offset);
3011 drm_gem_object_unreference(target_obj);
3012 i915_gem_object_unpin(obj);
3016 if (reloc->write_domain & I915_GEM_DOMAIN_CPU ||
3017 reloc->read_domains & I915_GEM_DOMAIN_CPU) {
3018 DRM_ERROR("reloc with read/write CPU domains: "
3019 "obj %p target %d offset %d "
3020 "read %08x write %08x",
3021 obj, reloc->target_handle,
3022 (int) reloc->offset,
3023 reloc->read_domains,
3024 reloc->write_domain);
3025 drm_gem_object_unreference(target_obj);
3026 i915_gem_object_unpin(obj);
3030 if (reloc->write_domain && target_obj->pending_write_domain &&
3031 reloc->write_domain != target_obj->pending_write_domain) {
3032 DRM_ERROR("Write domain conflict: "
3033 "obj %p target %d offset %d "
3034 "new %08x old %08x\n",
3035 obj, reloc->target_handle,
3036 (int) reloc->offset,
3037 reloc->write_domain,
3038 target_obj->pending_write_domain);
3039 drm_gem_object_unreference(target_obj);
3040 i915_gem_object_unpin(obj);
3045 DRM_INFO("%s: obj %p offset %08x target %d "
3046 "read %08x write %08x gtt %08x "
3047 "presumed %08x delta %08x\n",
3050 (int) reloc->offset,
3051 (int) reloc->target_handle,
3052 (int) reloc->read_domains,
3053 (int) reloc->write_domain,
3054 (int) target_obj_priv->gtt_offset,
3055 (int) reloc->presumed_offset,
3059 target_obj->pending_read_domains |= reloc->read_domains;
3060 target_obj->pending_write_domain |= reloc->write_domain;
3062 /* If the relocation already has the right value in it, no
3063 * more work needs to be done.
3065 if (target_obj_priv->gtt_offset == reloc->presumed_offset) {
3066 drm_gem_object_unreference(target_obj);
3070 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
3072 drm_gem_object_unreference(target_obj);
3073 i915_gem_object_unpin(obj);
3077 /* Map the page containing the relocation we're going to
3080 reloc_offset = obj_priv->gtt_offset + reloc->offset;
3081 reloc_page = io_mapping_map_atomic_wc(dev_priv->mm.gtt_mapping,
3084 reloc_entry = (uint32_t __iomem *)(reloc_page +
3085 (reloc_offset & (PAGE_SIZE - 1)));
3086 reloc_val = target_obj_priv->gtt_offset + reloc->delta;
3089 DRM_INFO("Applied relocation: %p@0x%08x %08x -> %08x\n",
3090 obj, (unsigned int) reloc->offset,
3091 readl(reloc_entry), reloc_val);
3093 writel(reloc_val, reloc_entry);
3094 io_mapping_unmap_atomic(reloc_page);
3096 /* The updated presumed offset for this entry will be
3097 * copied back out to the user.
3099 reloc->presumed_offset = target_obj_priv->gtt_offset;
3101 drm_gem_object_unreference(target_obj);
3106 i915_gem_dump_object(obj, 128, __func__, ~0);
3111 /** Dispatch a batchbuffer to the ring
3114 i915_dispatch_gem_execbuffer(struct drm_device *dev,
3115 struct drm_i915_gem_execbuffer *exec,
3116 struct drm_clip_rect *cliprects,
3117 uint64_t exec_offset)
3119 drm_i915_private_t *dev_priv = dev->dev_private;
3120 int nbox = exec->num_cliprects;
3122 uint32_t exec_start, exec_len;
3125 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3126 exec_len = (uint32_t) exec->batch_len;
3128 count = nbox ? nbox : 1;
3130 for (i = 0; i < count; i++) {
3132 int ret = i915_emit_box(dev, cliprects, i,
3133 exec->DR1, exec->DR4);
3138 if (IS_I830(dev) || IS_845G(dev)) {
3140 OUT_RING(MI_BATCH_BUFFER);
3141 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
3142 OUT_RING(exec_start + exec_len - 4);
3147 if (IS_I965G(dev)) {
3148 OUT_RING(MI_BATCH_BUFFER_START |
3150 MI_BATCH_NON_SECURE_I965);
3151 OUT_RING(exec_start);
3153 OUT_RING(MI_BATCH_BUFFER_START |
3155 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
3161 /* XXX breadcrumb */
3165 /* Throttle our rendering by waiting until the ring has completed our requests
3166 * emitted over 20 msec ago.
3168 * Note that if we were to use the current jiffies each time around the loop,
3169 * we wouldn't escape the function with any frames outstanding if the time to
3170 * render a frame was over 20ms.
3172 * This should get us reasonable parallelism between CPU and GPU but also
3173 * relatively low latency when blocking on a particular request to finish.
3176 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file_priv)
3178 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
3180 unsigned long recent_enough = jiffies - msecs_to_jiffies(20);
3182 mutex_lock(&dev->struct_mutex);
3183 while (!list_empty(&i915_file_priv->mm.request_list)) {
3184 struct drm_i915_gem_request *request;
3186 request = list_first_entry(&i915_file_priv->mm.request_list,
3187 struct drm_i915_gem_request,
3190 if (time_after_eq(request->emitted_jiffies, recent_enough))
3193 ret = i915_wait_request(dev, request->seqno);
3197 mutex_unlock(&dev->struct_mutex);
3203 i915_gem_get_relocs_from_user(struct drm_i915_gem_exec_object *exec_list,
3204 uint32_t buffer_count,
3205 struct drm_i915_gem_relocation_entry **relocs)
3207 uint32_t reloc_count = 0, reloc_index = 0, i;
3211 for (i = 0; i < buffer_count; i++) {
3212 if (reloc_count + exec_list[i].relocation_count < reloc_count)
3214 reloc_count += exec_list[i].relocation_count;
3217 *relocs = drm_calloc_large(reloc_count, sizeof(**relocs));
3218 if (*relocs == NULL)
3221 for (i = 0; i < buffer_count; i++) {
3222 struct drm_i915_gem_relocation_entry __user *user_relocs;
3224 user_relocs = (void __user *)(uintptr_t)exec_list[i].relocs_ptr;
3226 ret = copy_from_user(&(*relocs)[reloc_index],
3228 exec_list[i].relocation_count *
3231 drm_free_large(*relocs);
3236 reloc_index += exec_list[i].relocation_count;
3243 i915_gem_put_relocs_to_user(struct drm_i915_gem_exec_object *exec_list,
3244 uint32_t buffer_count,
3245 struct drm_i915_gem_relocation_entry *relocs)
3247 uint32_t reloc_count = 0, i;
3250 for (i = 0; i < buffer_count; i++) {
3251 struct drm_i915_gem_relocation_entry __user *user_relocs;
3254 user_relocs = (void __user *)(uintptr_t)exec_list[i].relocs_ptr;
3256 unwritten = copy_to_user(user_relocs,
3257 &relocs[reloc_count],
3258 exec_list[i].relocation_count *
3266 reloc_count += exec_list[i].relocation_count;
3270 drm_free_large(relocs);
3276 i915_gem_check_execbuffer (struct drm_i915_gem_execbuffer *exec,
3277 uint64_t exec_offset)
3279 uint32_t exec_start, exec_len;
3281 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3282 exec_len = (uint32_t) exec->batch_len;
3284 if ((exec_start | exec_len) & 0x7)
3294 i915_gem_execbuffer(struct drm_device *dev, void *data,
3295 struct drm_file *file_priv)
3297 drm_i915_private_t *dev_priv = dev->dev_private;
3298 struct drm_i915_gem_execbuffer *args = data;
3299 struct drm_i915_gem_exec_object *exec_list = NULL;
3300 struct drm_gem_object **object_list = NULL;
3301 struct drm_gem_object *batch_obj;
3302 struct drm_i915_gem_object *obj_priv;
3303 struct drm_clip_rect *cliprects = NULL;
3304 struct drm_i915_gem_relocation_entry *relocs;
3305 int ret, ret2, i, pinned = 0;
3306 uint64_t exec_offset;
3307 uint32_t seqno, flush_domains, reloc_index;
3311 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
3312 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
3315 if (args->buffer_count < 1) {
3316 DRM_ERROR("execbuf with %d buffers\n", args->buffer_count);
3319 /* Copy in the exec list from userland */
3320 exec_list = drm_calloc_large(sizeof(*exec_list), args->buffer_count);
3321 object_list = drm_calloc_large(sizeof(*object_list), args->buffer_count);
3322 if (exec_list == NULL || object_list == NULL) {
3323 DRM_ERROR("Failed to allocate exec or object list "
3325 args->buffer_count);
3329 ret = copy_from_user(exec_list,
3330 (struct drm_i915_relocation_entry __user *)
3331 (uintptr_t) args->buffers_ptr,
3332 sizeof(*exec_list) * args->buffer_count);
3334 DRM_ERROR("copy %d exec entries failed %d\n",
3335 args->buffer_count, ret);
3339 if (args->num_cliprects != 0) {
3340 cliprects = kcalloc(args->num_cliprects, sizeof(*cliprects),
3342 if (cliprects == NULL)
3345 ret = copy_from_user(cliprects,
3346 (struct drm_clip_rect __user *)
3347 (uintptr_t) args->cliprects_ptr,
3348 sizeof(*cliprects) * args->num_cliprects);
3350 DRM_ERROR("copy %d cliprects failed: %d\n",
3351 args->num_cliprects, ret);
3356 ret = i915_gem_get_relocs_from_user(exec_list, args->buffer_count,
3361 mutex_lock(&dev->struct_mutex);
3363 i915_verify_inactive(dev, __FILE__, __LINE__);
3365 if (dev_priv->mm.wedged) {
3366 DRM_ERROR("Execbuf while wedged\n");
3367 mutex_unlock(&dev->struct_mutex);
3372 if (dev_priv->mm.suspended) {
3373 DRM_ERROR("Execbuf while VT-switched.\n");
3374 mutex_unlock(&dev->struct_mutex);
3379 /* Look up object handles */
3380 for (i = 0; i < args->buffer_count; i++) {
3381 object_list[i] = drm_gem_object_lookup(dev, file_priv,
3382 exec_list[i].handle);
3383 if (object_list[i] == NULL) {
3384 DRM_ERROR("Invalid object handle %d at index %d\n",
3385 exec_list[i].handle, i);
3390 obj_priv = object_list[i]->driver_private;
3391 if (obj_priv->in_execbuffer) {
3392 DRM_ERROR("Object %p appears more than once in object list\n",
3397 obj_priv->in_execbuffer = true;
3400 /* Pin and relocate */
3401 for (pin_tries = 0; ; pin_tries++) {
3405 for (i = 0; i < args->buffer_count; i++) {
3406 object_list[i]->pending_read_domains = 0;
3407 object_list[i]->pending_write_domain = 0;
3408 ret = i915_gem_object_pin_and_relocate(object_list[i],
3411 &relocs[reloc_index]);
3415 reloc_index += exec_list[i].relocation_count;
3421 /* error other than GTT full, or we've already tried again */
3422 if (ret != -ENOSPC || pin_tries >= 1) {
3423 if (ret != -ERESTARTSYS)
3424 DRM_ERROR("Failed to pin buffers %d\n", ret);
3428 /* unpin all of our buffers */
3429 for (i = 0; i < pinned; i++)
3430 i915_gem_object_unpin(object_list[i]);
3433 /* evict everyone we can from the aperture */
3434 ret = i915_gem_evict_everything(dev);
3439 /* Set the pending read domains for the batch buffer to COMMAND */
3440 batch_obj = object_list[args->buffer_count-1];
3441 if (batch_obj->pending_write_domain) {
3442 DRM_ERROR("Attempting to use self-modifying batch buffer\n");
3446 batch_obj->pending_read_domains |= I915_GEM_DOMAIN_COMMAND;
3448 /* Sanity check the batch buffer, prior to moving objects */
3449 exec_offset = exec_list[args->buffer_count - 1].offset;
3450 ret = i915_gem_check_execbuffer (args, exec_offset);
3452 DRM_ERROR("execbuf with invalid offset/length\n");
3456 i915_verify_inactive(dev, __FILE__, __LINE__);
3458 /* Zero the global flush/invalidate flags. These
3459 * will be modified as new domains are computed
3462 dev->invalidate_domains = 0;
3463 dev->flush_domains = 0;
3465 for (i = 0; i < args->buffer_count; i++) {
3466 struct drm_gem_object *obj = object_list[i];
3468 /* Compute new gpu domains and update invalidate/flush */
3469 i915_gem_object_set_to_gpu_domain(obj);
3472 i915_verify_inactive(dev, __FILE__, __LINE__);
3474 if (dev->invalidate_domains | dev->flush_domains) {
3476 DRM_INFO("%s: invalidate_domains %08x flush_domains %08x\n",
3478 dev->invalidate_domains,
3479 dev->flush_domains);
3482 dev->invalidate_domains,
3483 dev->flush_domains);
3484 if (dev->flush_domains)
3485 (void)i915_add_request(dev, file_priv,
3486 dev->flush_domains);
3489 for (i = 0; i < args->buffer_count; i++) {
3490 struct drm_gem_object *obj = object_list[i];
3492 obj->write_domain = obj->pending_write_domain;
3495 i915_verify_inactive(dev, __FILE__, __LINE__);
3498 for (i = 0; i < args->buffer_count; i++) {
3499 i915_gem_object_check_coherency(object_list[i],
3500 exec_list[i].handle);
3505 i915_gem_dump_object(batch_obj,
3511 /* Exec the batchbuffer */
3512 ret = i915_dispatch_gem_execbuffer(dev, args, cliprects, exec_offset);
3514 DRM_ERROR("dispatch failed %d\n", ret);
3519 * Ensure that the commands in the batch buffer are
3520 * finished before the interrupt fires
3522 flush_domains = i915_retire_commands(dev);
3524 i915_verify_inactive(dev, __FILE__, __LINE__);
3527 * Get a seqno representing the execution of the current buffer,
3528 * which we can wait on. We would like to mitigate these interrupts,
3529 * likely by only creating seqnos occasionally (so that we have
3530 * *some* interrupts representing completion of buffers that we can
3531 * wait on when trying to clear up gtt space).
3533 seqno = i915_add_request(dev, file_priv, flush_domains);
3535 for (i = 0; i < args->buffer_count; i++) {
3536 struct drm_gem_object *obj = object_list[i];
3538 i915_gem_object_move_to_active(obj, seqno);
3540 DRM_INFO("%s: move to exec list %p\n", __func__, obj);
3544 i915_dump_lru(dev, __func__);
3547 i915_verify_inactive(dev, __FILE__, __LINE__);
3550 for (i = 0; i < pinned; i++)
3551 i915_gem_object_unpin(object_list[i]);
3553 for (i = 0; i < args->buffer_count; i++) {
3554 if (object_list[i]) {
3555 obj_priv = object_list[i]->driver_private;
3556 obj_priv->in_execbuffer = false;
3558 drm_gem_object_unreference(object_list[i]);
3561 mutex_unlock(&dev->struct_mutex);
3564 /* Copy the new buffer offsets back to the user's exec list. */
3565 ret = copy_to_user((struct drm_i915_relocation_entry __user *)
3566 (uintptr_t) args->buffers_ptr,
3568 sizeof(*exec_list) * args->buffer_count);
3571 DRM_ERROR("failed to copy %d exec entries "
3572 "back to user (%d)\n",
3573 args->buffer_count, ret);
3577 /* Copy the updated relocations out regardless of current error
3578 * state. Failure to update the relocs would mean that the next
3579 * time userland calls execbuf, it would do so with presumed offset
3580 * state that didn't match the actual object state.
3582 ret2 = i915_gem_put_relocs_to_user(exec_list, args->buffer_count,
3585 DRM_ERROR("Failed to copy relocations back out: %d\n", ret2);
3592 drm_free_large(object_list);
3593 drm_free_large(exec_list);
3600 i915_gem_object_pin(struct drm_gem_object *obj, uint32_t alignment)
3602 struct drm_device *dev = obj->dev;
3603 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3606 i915_verify_inactive(dev, __FILE__, __LINE__);
3607 if (obj_priv->gtt_space == NULL) {
3608 ret = i915_gem_object_bind_to_gtt(obj, alignment);
3610 if (ret != -EBUSY && ret != -ERESTARTSYS)
3611 DRM_ERROR("Failure to bind: %d\n", ret);
3616 * Pre-965 chips need a fence register set up in order to
3617 * properly handle tiled surfaces.
3619 if (!IS_I965G(dev) && obj_priv->tiling_mode != I915_TILING_NONE) {
3620 ret = i915_gem_object_get_fence_reg(obj);
3622 if (ret != -EBUSY && ret != -ERESTARTSYS)
3623 DRM_ERROR("Failure to install fence: %d\n",
3628 obj_priv->pin_count++;
3630 /* If the object is not active and not pending a flush,
3631 * remove it from the inactive list
3633 if (obj_priv->pin_count == 1) {
3634 atomic_inc(&dev->pin_count);
3635 atomic_add(obj->size, &dev->pin_memory);
3636 if (!obj_priv->active &&
3637 (obj->write_domain & I915_GEM_GPU_DOMAINS) == 0 &&
3638 !list_empty(&obj_priv->list))
3639 list_del_init(&obj_priv->list);
3641 i915_verify_inactive(dev, __FILE__, __LINE__);
3647 i915_gem_object_unpin(struct drm_gem_object *obj)
3649 struct drm_device *dev = obj->dev;
3650 drm_i915_private_t *dev_priv = dev->dev_private;
3651 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3653 i915_verify_inactive(dev, __FILE__, __LINE__);
3654 obj_priv->pin_count--;
3655 BUG_ON(obj_priv->pin_count < 0);
3656 BUG_ON(obj_priv->gtt_space == NULL);
3658 /* If the object is no longer pinned, and is
3659 * neither active nor being flushed, then stick it on
3662 if (obj_priv->pin_count == 0) {
3663 if (!obj_priv->active &&
3664 (obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
3665 list_move_tail(&obj_priv->list,
3666 &dev_priv->mm.inactive_list);
3667 atomic_dec(&dev->pin_count);
3668 atomic_sub(obj->size, &dev->pin_memory);
3670 i915_verify_inactive(dev, __FILE__, __LINE__);
3674 i915_gem_pin_ioctl(struct drm_device *dev, void *data,
3675 struct drm_file *file_priv)
3677 struct drm_i915_gem_pin *args = data;
3678 struct drm_gem_object *obj;
3679 struct drm_i915_gem_object *obj_priv;
3682 mutex_lock(&dev->struct_mutex);
3684 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3686 DRM_ERROR("Bad handle in i915_gem_pin_ioctl(): %d\n",
3688 mutex_unlock(&dev->struct_mutex);
3691 obj_priv = obj->driver_private;
3693 if (obj_priv->pin_filp != NULL && obj_priv->pin_filp != file_priv) {
3694 DRM_ERROR("Already pinned in i915_gem_pin_ioctl(): %d\n",
3696 drm_gem_object_unreference(obj);
3697 mutex_unlock(&dev->struct_mutex);
3701 obj_priv->user_pin_count++;
3702 obj_priv->pin_filp = file_priv;
3703 if (obj_priv->user_pin_count == 1) {
3704 ret = i915_gem_object_pin(obj, args->alignment);
3706 drm_gem_object_unreference(obj);
3707 mutex_unlock(&dev->struct_mutex);
3712 /* XXX - flush the CPU caches for pinned objects
3713 * as the X server doesn't manage domains yet
3715 i915_gem_object_flush_cpu_write_domain(obj);
3716 args->offset = obj_priv->gtt_offset;
3717 drm_gem_object_unreference(obj);
3718 mutex_unlock(&dev->struct_mutex);
3724 i915_gem_unpin_ioctl(struct drm_device *dev, void *data,
3725 struct drm_file *file_priv)
3727 struct drm_i915_gem_pin *args = data;
3728 struct drm_gem_object *obj;
3729 struct drm_i915_gem_object *obj_priv;
3731 mutex_lock(&dev->struct_mutex);
3733 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3735 DRM_ERROR("Bad handle in i915_gem_unpin_ioctl(): %d\n",
3737 mutex_unlock(&dev->struct_mutex);
3741 obj_priv = obj->driver_private;
3742 if (obj_priv->pin_filp != file_priv) {
3743 DRM_ERROR("Not pinned by caller in i915_gem_pin_ioctl(): %d\n",
3745 drm_gem_object_unreference(obj);
3746 mutex_unlock(&dev->struct_mutex);
3749 obj_priv->user_pin_count--;
3750 if (obj_priv->user_pin_count == 0) {
3751 obj_priv->pin_filp = NULL;
3752 i915_gem_object_unpin(obj);
3755 drm_gem_object_unreference(obj);
3756 mutex_unlock(&dev->struct_mutex);
3761 i915_gem_busy_ioctl(struct drm_device *dev, void *data,
3762 struct drm_file *file_priv)
3764 struct drm_i915_gem_busy *args = data;
3765 struct drm_gem_object *obj;
3766 struct drm_i915_gem_object *obj_priv;
3768 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3770 DRM_ERROR("Bad handle in i915_gem_busy_ioctl(): %d\n",
3775 mutex_lock(&dev->struct_mutex);
3776 /* Update the active list for the hardware's current position.
3777 * Otherwise this only updates on a delayed timer or when irqs are
3778 * actually unmasked, and our working set ends up being larger than
3781 i915_gem_retire_requests(dev);
3783 obj_priv = obj->driver_private;
3784 /* Don't count being on the flushing list against the object being
3785 * done. Otherwise, a buffer left on the flushing list but not getting
3786 * flushed (because nobody's flushing that domain) won't ever return
3787 * unbusy and get reused by libdrm's bo cache. The other expected
3788 * consumer of this interface, OpenGL's occlusion queries, also specs
3789 * that the objects get unbusy "eventually" without any interference.
3791 args->busy = obj_priv->active && obj_priv->last_rendering_seqno != 0;
3793 drm_gem_object_unreference(obj);
3794 mutex_unlock(&dev->struct_mutex);
3799 i915_gem_throttle_ioctl(struct drm_device *dev, void *data,
3800 struct drm_file *file_priv)
3802 return i915_gem_ring_throttle(dev, file_priv);
3805 int i915_gem_init_object(struct drm_gem_object *obj)
3807 struct drm_i915_gem_object *obj_priv;
3809 obj_priv = kzalloc(sizeof(*obj_priv), GFP_KERNEL);
3810 if (obj_priv == NULL)
3814 * We've just allocated pages from the kernel,
3815 * so they've just been written by the CPU with
3816 * zeros. They'll need to be clflushed before we
3817 * use them with the GPU.
3819 obj->write_domain = I915_GEM_DOMAIN_CPU;
3820 obj->read_domains = I915_GEM_DOMAIN_CPU;
3822 obj_priv->agp_type = AGP_USER_MEMORY;
3824 obj->driver_private = obj_priv;
3825 obj_priv->obj = obj;
3826 obj_priv->fence_reg = I915_FENCE_REG_NONE;
3827 INIT_LIST_HEAD(&obj_priv->list);
3828 INIT_LIST_HEAD(&obj_priv->fence_list);
3833 void i915_gem_free_object(struct drm_gem_object *obj)
3835 struct drm_device *dev = obj->dev;
3836 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3838 while (obj_priv->pin_count > 0)
3839 i915_gem_object_unpin(obj);
3841 if (obj_priv->phys_obj)
3842 i915_gem_detach_phys_object(dev, obj);
3844 i915_gem_object_unbind(obj);
3846 i915_gem_free_mmap_offset(obj);
3848 kfree(obj_priv->page_cpu_valid);
3849 kfree(obj_priv->bit_17);
3850 kfree(obj->driver_private);
3853 /** Unbinds all objects that are on the given buffer list. */
3855 i915_gem_evict_from_list(struct drm_device *dev, struct list_head *head)
3857 struct drm_gem_object *obj;
3858 struct drm_i915_gem_object *obj_priv;
3861 while (!list_empty(head)) {
3862 obj_priv = list_first_entry(head,
3863 struct drm_i915_gem_object,
3865 obj = obj_priv->obj;
3867 if (obj_priv->pin_count != 0) {
3868 DRM_ERROR("Pinned object in unbind list\n");
3869 mutex_unlock(&dev->struct_mutex);
3873 ret = i915_gem_object_unbind(obj);
3875 DRM_ERROR("Error unbinding object in LeaveVT: %d\n",
3877 mutex_unlock(&dev->struct_mutex);
3887 i915_gem_idle(struct drm_device *dev)
3889 drm_i915_private_t *dev_priv = dev->dev_private;
3890 uint32_t seqno, cur_seqno, last_seqno;
3893 mutex_lock(&dev->struct_mutex);
3895 if (dev_priv->mm.suspended || dev_priv->ring.ring_obj == NULL) {
3896 mutex_unlock(&dev->struct_mutex);
3900 /* Hack! Don't let anybody do execbuf while we don't control the chip.
3901 * We need to replace this with a semaphore, or something.
3903 dev_priv->mm.suspended = 1;
3905 /* Cancel the retire work handler, wait for it to finish if running
3907 mutex_unlock(&dev->struct_mutex);
3908 cancel_delayed_work_sync(&dev_priv->mm.retire_work);
3909 mutex_lock(&dev->struct_mutex);
3911 i915_kernel_lost_context(dev);
3913 /* Flush the GPU along with all non-CPU write domains
3915 i915_gem_flush(dev, I915_GEM_GPU_DOMAINS, I915_GEM_GPU_DOMAINS);
3916 seqno = i915_add_request(dev, NULL, I915_GEM_GPU_DOMAINS);
3919 mutex_unlock(&dev->struct_mutex);
3923 dev_priv->mm.waiting_gem_seqno = seqno;
3927 cur_seqno = i915_get_gem_seqno(dev);
3928 if (i915_seqno_passed(cur_seqno, seqno))
3930 if (last_seqno == cur_seqno) {
3931 if (stuck++ > 100) {
3932 DRM_ERROR("hardware wedged\n");
3933 dev_priv->mm.wedged = 1;
3934 DRM_WAKEUP(&dev_priv->irq_queue);
3939 last_seqno = cur_seqno;
3941 dev_priv->mm.waiting_gem_seqno = 0;
3943 i915_gem_retire_requests(dev);
3945 spin_lock(&dev_priv->mm.active_list_lock);
3946 if (!dev_priv->mm.wedged) {
3947 /* Active and flushing should now be empty as we've
3948 * waited for a sequence higher than any pending execbuffer
3950 WARN_ON(!list_empty(&dev_priv->mm.active_list));
3951 WARN_ON(!list_empty(&dev_priv->mm.flushing_list));
3952 /* Request should now be empty as we've also waited
3953 * for the last request in the list
3955 WARN_ON(!list_empty(&dev_priv->mm.request_list));
3958 /* Empty the active and flushing lists to inactive. If there's
3959 * anything left at this point, it means that we're wedged and
3960 * nothing good's going to happen by leaving them there. So strip
3961 * the GPU domains and just stuff them onto inactive.
3963 while (!list_empty(&dev_priv->mm.active_list)) {
3964 struct drm_i915_gem_object *obj_priv;
3966 obj_priv = list_first_entry(&dev_priv->mm.active_list,
3967 struct drm_i915_gem_object,
3969 obj_priv->obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
3970 i915_gem_object_move_to_inactive(obj_priv->obj);
3972 spin_unlock(&dev_priv->mm.active_list_lock);
3974 while (!list_empty(&dev_priv->mm.flushing_list)) {
3975 struct drm_i915_gem_object *obj_priv;
3977 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
3978 struct drm_i915_gem_object,
3980 obj_priv->obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
3981 i915_gem_object_move_to_inactive(obj_priv->obj);
3985 /* Move all inactive buffers out of the GTT. */
3986 ret = i915_gem_evict_from_list(dev, &dev_priv->mm.inactive_list);
3987 WARN_ON(!list_empty(&dev_priv->mm.inactive_list));
3989 mutex_unlock(&dev->struct_mutex);
3993 i915_gem_cleanup_ringbuffer(dev);
3994 mutex_unlock(&dev->struct_mutex);
4000 i915_gem_init_hws(struct drm_device *dev)
4002 drm_i915_private_t *dev_priv = dev->dev_private;
4003 struct drm_gem_object *obj;
4004 struct drm_i915_gem_object *obj_priv;
4007 /* If we need a physical address for the status page, it's already
4008 * initialized at driver load time.
4010 if (!I915_NEED_GFX_HWS(dev))
4013 obj = drm_gem_object_alloc(dev, 4096);
4015 DRM_ERROR("Failed to allocate status page\n");
4018 obj_priv = obj->driver_private;
4019 obj_priv->agp_type = AGP_USER_CACHED_MEMORY;
4021 ret = i915_gem_object_pin(obj, 4096);
4023 drm_gem_object_unreference(obj);
4027 dev_priv->status_gfx_addr = obj_priv->gtt_offset;
4029 dev_priv->hw_status_page = kmap(obj_priv->pages[0]);
4030 if (dev_priv->hw_status_page == NULL) {
4031 DRM_ERROR("Failed to map status page.\n");
4032 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
4033 i915_gem_object_unpin(obj);
4034 drm_gem_object_unreference(obj);
4037 dev_priv->hws_obj = obj;
4038 memset(dev_priv->hw_status_page, 0, PAGE_SIZE);
4039 I915_WRITE(HWS_PGA, dev_priv->status_gfx_addr);
4040 I915_READ(HWS_PGA); /* posting read */
4041 DRM_DEBUG("hws offset: 0x%08x\n", dev_priv->status_gfx_addr);
4047 i915_gem_cleanup_hws(struct drm_device *dev)
4049 drm_i915_private_t *dev_priv = dev->dev_private;
4050 struct drm_gem_object *obj;
4051 struct drm_i915_gem_object *obj_priv;
4053 if (dev_priv->hws_obj == NULL)
4056 obj = dev_priv->hws_obj;
4057 obj_priv = obj->driver_private;
4059 kunmap(obj_priv->pages[0]);
4060 i915_gem_object_unpin(obj);
4061 drm_gem_object_unreference(obj);
4062 dev_priv->hws_obj = NULL;
4064 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
4065 dev_priv->hw_status_page = NULL;
4067 /* Write high address into HWS_PGA when disabling. */
4068 I915_WRITE(HWS_PGA, 0x1ffff000);
4072 i915_gem_init_ringbuffer(struct drm_device *dev)
4074 drm_i915_private_t *dev_priv = dev->dev_private;
4075 struct drm_gem_object *obj;
4076 struct drm_i915_gem_object *obj_priv;
4077 drm_i915_ring_buffer_t *ring = &dev_priv->ring;
4081 ret = i915_gem_init_hws(dev);
4085 obj = drm_gem_object_alloc(dev, 128 * 1024);
4087 DRM_ERROR("Failed to allocate ringbuffer\n");
4088 i915_gem_cleanup_hws(dev);
4091 obj_priv = obj->driver_private;
4093 ret = i915_gem_object_pin(obj, 4096);
4095 drm_gem_object_unreference(obj);
4096 i915_gem_cleanup_hws(dev);
4100 /* Set up the kernel mapping for the ring. */
4101 ring->Size = obj->size;
4102 ring->tail_mask = obj->size - 1;
4104 ring->map.offset = dev->agp->base + obj_priv->gtt_offset;
4105 ring->map.size = obj->size;
4107 ring->map.flags = 0;
4110 drm_core_ioremap_wc(&ring->map, dev);
4111 if (ring->map.handle == NULL) {
4112 DRM_ERROR("Failed to map ringbuffer.\n");
4113 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
4114 i915_gem_object_unpin(obj);
4115 drm_gem_object_unreference(obj);
4116 i915_gem_cleanup_hws(dev);
4119 ring->ring_obj = obj;
4120 ring->virtual_start = ring->map.handle;
4122 /* Stop the ring if it's running. */
4123 I915_WRITE(PRB0_CTL, 0);
4124 I915_WRITE(PRB0_TAIL, 0);
4125 I915_WRITE(PRB0_HEAD, 0);
4127 /* Initialize the ring. */
4128 I915_WRITE(PRB0_START, obj_priv->gtt_offset);
4129 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4131 /* G45 ring initialization fails to reset head to zero */
4133 DRM_ERROR("Ring head not reset to zero "
4134 "ctl %08x head %08x tail %08x start %08x\n",
4135 I915_READ(PRB0_CTL),
4136 I915_READ(PRB0_HEAD),
4137 I915_READ(PRB0_TAIL),
4138 I915_READ(PRB0_START));
4139 I915_WRITE(PRB0_HEAD, 0);
4141 DRM_ERROR("Ring head forced to zero "
4142 "ctl %08x head %08x tail %08x start %08x\n",
4143 I915_READ(PRB0_CTL),
4144 I915_READ(PRB0_HEAD),
4145 I915_READ(PRB0_TAIL),
4146 I915_READ(PRB0_START));
4149 I915_WRITE(PRB0_CTL,
4150 ((obj->size - 4096) & RING_NR_PAGES) |
4154 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4156 /* If the head is still not zero, the ring is dead */
4158 DRM_ERROR("Ring initialization failed "
4159 "ctl %08x head %08x tail %08x start %08x\n",
4160 I915_READ(PRB0_CTL),
4161 I915_READ(PRB0_HEAD),
4162 I915_READ(PRB0_TAIL),
4163 I915_READ(PRB0_START));
4167 /* Update our cache of the ring state */
4168 if (!drm_core_check_feature(dev, DRIVER_MODESET))
4169 i915_kernel_lost_context(dev);
4171 ring->head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4172 ring->tail = I915_READ(PRB0_TAIL) & TAIL_ADDR;
4173 ring->space = ring->head - (ring->tail + 8);
4174 if (ring->space < 0)
4175 ring->space += ring->Size;
4182 i915_gem_cleanup_ringbuffer(struct drm_device *dev)
4184 drm_i915_private_t *dev_priv = dev->dev_private;
4186 if (dev_priv->ring.ring_obj == NULL)
4189 drm_core_ioremapfree(&dev_priv->ring.map, dev);
4191 i915_gem_object_unpin(dev_priv->ring.ring_obj);
4192 drm_gem_object_unreference(dev_priv->ring.ring_obj);
4193 dev_priv->ring.ring_obj = NULL;
4194 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
4196 i915_gem_cleanup_hws(dev);
4200 i915_gem_entervt_ioctl(struct drm_device *dev, void *data,
4201 struct drm_file *file_priv)
4203 drm_i915_private_t *dev_priv = dev->dev_private;
4206 if (drm_core_check_feature(dev, DRIVER_MODESET))
4209 if (dev_priv->mm.wedged) {
4210 DRM_ERROR("Reenabling wedged hardware, good luck\n");
4211 dev_priv->mm.wedged = 0;
4214 mutex_lock(&dev->struct_mutex);
4215 dev_priv->mm.suspended = 0;
4217 ret = i915_gem_init_ringbuffer(dev);
4219 mutex_unlock(&dev->struct_mutex);
4223 spin_lock(&dev_priv->mm.active_list_lock);
4224 BUG_ON(!list_empty(&dev_priv->mm.active_list));
4225 spin_unlock(&dev_priv->mm.active_list_lock);
4227 BUG_ON(!list_empty(&dev_priv->mm.flushing_list));
4228 BUG_ON(!list_empty(&dev_priv->mm.inactive_list));
4229 BUG_ON(!list_empty(&dev_priv->mm.request_list));
4230 mutex_unlock(&dev->struct_mutex);
4232 drm_irq_install(dev);
4238 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data,
4239 struct drm_file *file_priv)
4243 if (drm_core_check_feature(dev, DRIVER_MODESET))
4246 ret = i915_gem_idle(dev);
4247 drm_irq_uninstall(dev);
4253 i915_gem_lastclose(struct drm_device *dev)
4257 if (drm_core_check_feature(dev, DRIVER_MODESET))
4260 ret = i915_gem_idle(dev);
4262 DRM_ERROR("failed to idle hardware: %d\n", ret);
4266 i915_gem_load(struct drm_device *dev)
4269 drm_i915_private_t *dev_priv = dev->dev_private;
4271 spin_lock_init(&dev_priv->mm.active_list_lock);
4272 INIT_LIST_HEAD(&dev_priv->mm.active_list);
4273 INIT_LIST_HEAD(&dev_priv->mm.flushing_list);
4274 INIT_LIST_HEAD(&dev_priv->mm.inactive_list);
4275 INIT_LIST_HEAD(&dev_priv->mm.request_list);
4276 INIT_LIST_HEAD(&dev_priv->mm.fence_list);
4277 INIT_DELAYED_WORK(&dev_priv->mm.retire_work,
4278 i915_gem_retire_work_handler);
4279 dev_priv->mm.next_gem_seqno = 1;
4281 /* Old X drivers will take 0-2 for front, back, depth buffers */
4282 dev_priv->fence_reg_start = 3;
4284 if (IS_I965G(dev) || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4285 dev_priv->num_fence_regs = 16;
4287 dev_priv->num_fence_regs = 8;
4289 /* Initialize fence registers to zero */
4290 if (IS_I965G(dev)) {
4291 for (i = 0; i < 16; i++)
4292 I915_WRITE64(FENCE_REG_965_0 + (i * 8), 0);
4294 for (i = 0; i < 8; i++)
4295 I915_WRITE(FENCE_REG_830_0 + (i * 4), 0);
4296 if (IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4297 for (i = 0; i < 8; i++)
4298 I915_WRITE(FENCE_REG_945_8 + (i * 4), 0);
4301 i915_gem_detect_bit_6_swizzle(dev);
4305 * Create a physically contiguous memory object for this object
4306 * e.g. for cursor + overlay regs
4308 int i915_gem_init_phys_object(struct drm_device *dev,
4311 drm_i915_private_t *dev_priv = dev->dev_private;
4312 struct drm_i915_gem_phys_object *phys_obj;
4315 if (dev_priv->mm.phys_objs[id - 1] || !size)
4318 phys_obj = kzalloc(sizeof(struct drm_i915_gem_phys_object), GFP_KERNEL);
4324 phys_obj->handle = drm_pci_alloc(dev, size, 0, 0xffffffff);
4325 if (!phys_obj->handle) {
4330 set_memory_wc((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4333 dev_priv->mm.phys_objs[id - 1] = phys_obj;
4341 void i915_gem_free_phys_object(struct drm_device *dev, int id)
4343 drm_i915_private_t *dev_priv = dev->dev_private;
4344 struct drm_i915_gem_phys_object *phys_obj;
4346 if (!dev_priv->mm.phys_objs[id - 1])
4349 phys_obj = dev_priv->mm.phys_objs[id - 1];
4350 if (phys_obj->cur_obj) {
4351 i915_gem_detach_phys_object(dev, phys_obj->cur_obj);
4355 set_memory_wb((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4357 drm_pci_free(dev, phys_obj->handle);
4359 dev_priv->mm.phys_objs[id - 1] = NULL;
4362 void i915_gem_free_all_phys_object(struct drm_device *dev)
4366 for (i = I915_GEM_PHYS_CURSOR_0; i <= I915_MAX_PHYS_OBJECT; i++)
4367 i915_gem_free_phys_object(dev, i);
4370 void i915_gem_detach_phys_object(struct drm_device *dev,
4371 struct drm_gem_object *obj)
4373 struct drm_i915_gem_object *obj_priv;
4378 obj_priv = obj->driver_private;
4379 if (!obj_priv->phys_obj)
4382 ret = i915_gem_object_get_pages(obj);
4386 page_count = obj->size / PAGE_SIZE;
4388 for (i = 0; i < page_count; i++) {
4389 char *dst = kmap_atomic(obj_priv->pages[i], KM_USER0);
4390 char *src = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4392 memcpy(dst, src, PAGE_SIZE);
4393 kunmap_atomic(dst, KM_USER0);
4395 drm_clflush_pages(obj_priv->pages, page_count);
4396 drm_agp_chipset_flush(dev);
4398 i915_gem_object_put_pages(obj);
4400 obj_priv->phys_obj->cur_obj = NULL;
4401 obj_priv->phys_obj = NULL;
4405 i915_gem_attach_phys_object(struct drm_device *dev,
4406 struct drm_gem_object *obj, int id)
4408 drm_i915_private_t *dev_priv = dev->dev_private;
4409 struct drm_i915_gem_object *obj_priv;
4414 if (id > I915_MAX_PHYS_OBJECT)
4417 obj_priv = obj->driver_private;
4419 if (obj_priv->phys_obj) {
4420 if (obj_priv->phys_obj->id == id)
4422 i915_gem_detach_phys_object(dev, obj);
4426 /* create a new object */
4427 if (!dev_priv->mm.phys_objs[id - 1]) {
4428 ret = i915_gem_init_phys_object(dev, id,
4431 DRM_ERROR("failed to init phys object %d size: %zu\n", id, obj->size);
4436 /* bind to the object */
4437 obj_priv->phys_obj = dev_priv->mm.phys_objs[id - 1];
4438 obj_priv->phys_obj->cur_obj = obj;
4440 ret = i915_gem_object_get_pages(obj);
4442 DRM_ERROR("failed to get page list\n");
4446 page_count = obj->size / PAGE_SIZE;
4448 for (i = 0; i < page_count; i++) {
4449 char *src = kmap_atomic(obj_priv->pages[i], KM_USER0);
4450 char *dst = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4452 memcpy(dst, src, PAGE_SIZE);
4453 kunmap_atomic(src, KM_USER0);
4456 i915_gem_object_put_pages(obj);
4464 i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
4465 struct drm_i915_gem_pwrite *args,
4466 struct drm_file *file_priv)
4468 struct drm_i915_gem_object *obj_priv = obj->driver_private;
4471 char __user *user_data;
4473 user_data = (char __user *) (uintptr_t) args->data_ptr;
4474 obj_addr = obj_priv->phys_obj->handle->vaddr + args->offset;
4476 DRM_DEBUG("obj_addr %p, %lld\n", obj_addr, args->size);
4477 ret = copy_from_user(obj_addr, user_data, args->size);
4481 drm_agp_chipset_flush(dev);
4485 void i915_gem_release(struct drm_device * dev, struct drm_file *file_priv)
4487 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
4489 /* Clean up our request list when the client is going away, so that
4490 * later retire_requests won't dereference our soon-to-be-gone
4493 mutex_lock(&dev->struct_mutex);
4494 while (!list_empty(&i915_file_priv->mm.request_list))
4495 list_del_init(i915_file_priv->mm.request_list.next);
4496 mutex_unlock(&dev->struct_mutex);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob