2 * Copyright © 2008 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
32 #include <linux/swap.h>
33 #include <linux/pci.h>
35 #define I915_GEM_GPU_DOMAINS (~(I915_GEM_DOMAIN_CPU | I915_GEM_DOMAIN_GTT))
37 static void i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj);
38 static void i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj);
39 static void i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj);
40 static int i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj,
42 static int i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
45 static void i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj);
46 static int i915_gem_object_get_pages(struct drm_gem_object *obj);
47 static void i915_gem_object_put_pages(struct drm_gem_object *obj);
48 static int i915_gem_object_wait_rendering(struct drm_gem_object *obj);
49 static int i915_gem_object_bind_to_gtt(struct drm_gem_object *obj,
51 static int i915_gem_object_get_fence_reg(struct drm_gem_object *obj, bool write);
52 static void i915_gem_clear_fence_reg(struct drm_gem_object *obj);
53 static int i915_gem_evict_something(struct drm_device *dev);
54 static int i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
55 struct drm_i915_gem_pwrite *args,
56 struct drm_file *file_priv);
58 int i915_gem_do_init(struct drm_device *dev, unsigned long start,
61 drm_i915_private_t *dev_priv = dev->dev_private;
64 (start & (PAGE_SIZE - 1)) != 0 ||
65 (end & (PAGE_SIZE - 1)) != 0) {
69 drm_mm_init(&dev_priv->mm.gtt_space, start,
72 dev->gtt_total = (uint32_t) (end - start);
78 i915_gem_init_ioctl(struct drm_device *dev, void *data,
79 struct drm_file *file_priv)
81 struct drm_i915_gem_init *args = data;
84 mutex_lock(&dev->struct_mutex);
85 ret = i915_gem_do_init(dev, args->gtt_start, args->gtt_end);
86 mutex_unlock(&dev->struct_mutex);
92 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data,
93 struct drm_file *file_priv)
95 struct drm_i915_gem_get_aperture *args = data;
97 if (!(dev->driver->driver_features & DRIVER_GEM))
100 args->aper_size = dev->gtt_total;
101 args->aper_available_size = (args->aper_size -
102 atomic_read(&dev->pin_memory));
109 * Creates a new mm object and returns a handle to it.
112 i915_gem_create_ioctl(struct drm_device *dev, void *data,
113 struct drm_file *file_priv)
115 struct drm_i915_gem_create *args = data;
116 struct drm_gem_object *obj;
119 args->size = roundup(args->size, PAGE_SIZE);
121 /* Allocate the new object */
122 obj = drm_gem_object_alloc(dev, args->size);
126 ret = drm_gem_handle_create(file_priv, obj, &handle);
127 mutex_lock(&dev->struct_mutex);
128 drm_gem_object_handle_unreference(obj);
129 mutex_unlock(&dev->struct_mutex);
134 args->handle = handle;
140 slow_shmem_copy(struct page *dst_page,
142 struct page *src_page,
146 char *dst_vaddr, *src_vaddr;
148 dst_vaddr = kmap_atomic(dst_page, KM_USER0);
149 if (dst_vaddr == NULL)
152 src_vaddr = kmap_atomic(src_page, KM_USER1);
153 if (src_vaddr == NULL) {
154 kunmap_atomic(dst_vaddr, KM_USER0);
158 memcpy(dst_vaddr + dst_offset, src_vaddr + src_offset, length);
160 kunmap_atomic(src_vaddr, KM_USER1);
161 kunmap_atomic(dst_vaddr, KM_USER0);
167 * Reads data from the object referenced by handle.
169 * On error, the contents of *data are undefined.
172 i915_gem_pread_ioctl(struct drm_device *dev, void *data,
173 struct drm_file *file_priv)
175 struct drm_i915_gem_pread *args = data;
176 struct drm_gem_object *obj;
177 struct drm_i915_gem_object *obj_priv;
182 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
185 obj_priv = obj->driver_private;
187 /* Bounds check source.
189 * XXX: This could use review for overflow issues...
191 if (args->offset > obj->size || args->size > obj->size ||
192 args->offset + args->size > obj->size) {
193 drm_gem_object_unreference(obj);
197 mutex_lock(&dev->struct_mutex);
199 ret = i915_gem_object_set_cpu_read_domain_range(obj, args->offset,
202 drm_gem_object_unreference(obj);
203 mutex_unlock(&dev->struct_mutex);
207 offset = args->offset;
209 read = vfs_read(obj->filp, (char __user *)(uintptr_t)args->data_ptr,
210 args->size, &offset);
211 if (read != args->size) {
212 drm_gem_object_unreference(obj);
213 mutex_unlock(&dev->struct_mutex);
220 drm_gem_object_unreference(obj);
221 mutex_unlock(&dev->struct_mutex);
226 /* This is the fast write path which cannot handle
227 * page faults in the source data
231 fast_user_write(struct io_mapping *mapping,
232 loff_t page_base, int page_offset,
233 char __user *user_data,
237 unsigned long unwritten;
239 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base);
240 unwritten = __copy_from_user_inatomic_nocache(vaddr_atomic + page_offset,
242 io_mapping_unmap_atomic(vaddr_atomic);
248 /* Here's the write path which can sleep for
253 slow_kernel_write(struct io_mapping *mapping,
254 loff_t gtt_base, int gtt_offset,
255 struct page *user_page, int user_offset,
258 char *src_vaddr, *dst_vaddr;
259 unsigned long unwritten;
261 dst_vaddr = io_mapping_map_atomic_wc(mapping, gtt_base);
262 src_vaddr = kmap_atomic(user_page, KM_USER1);
263 unwritten = __copy_from_user_inatomic_nocache(dst_vaddr + gtt_offset,
264 src_vaddr + user_offset,
266 kunmap_atomic(src_vaddr, KM_USER1);
267 io_mapping_unmap_atomic(dst_vaddr);
274 fast_shmem_write(struct page **pages,
275 loff_t page_base, int page_offset,
281 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT], KM_USER0);
284 __copy_from_user_inatomic(vaddr + page_offset, data, length);
285 kunmap_atomic(vaddr, KM_USER0);
291 * This is the fast pwrite path, where we copy the data directly from the
292 * user into the GTT, uncached.
295 i915_gem_gtt_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
296 struct drm_i915_gem_pwrite *args,
297 struct drm_file *file_priv)
299 struct drm_i915_gem_object *obj_priv = obj->driver_private;
300 drm_i915_private_t *dev_priv = dev->dev_private;
302 loff_t offset, page_base;
303 char __user *user_data;
304 int page_offset, page_length;
307 user_data = (char __user *) (uintptr_t) args->data_ptr;
309 if (!access_ok(VERIFY_READ, user_data, remain))
313 mutex_lock(&dev->struct_mutex);
314 ret = i915_gem_object_pin(obj, 0);
316 mutex_unlock(&dev->struct_mutex);
319 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
323 obj_priv = obj->driver_private;
324 offset = obj_priv->gtt_offset + args->offset;
327 /* Operation in this page
329 * page_base = page offset within aperture
330 * page_offset = offset within page
331 * page_length = bytes to copy for this page
333 page_base = (offset & ~(PAGE_SIZE-1));
334 page_offset = offset & (PAGE_SIZE-1);
335 page_length = remain;
336 if ((page_offset + remain) > PAGE_SIZE)
337 page_length = PAGE_SIZE - page_offset;
339 ret = fast_user_write (dev_priv->mm.gtt_mapping, page_base,
340 page_offset, user_data, page_length);
342 /* If we get a fault while copying data, then (presumably) our
343 * source page isn't available. Return the error and we'll
344 * retry in the slow path.
349 remain -= page_length;
350 user_data += page_length;
351 offset += page_length;
355 i915_gem_object_unpin(obj);
356 mutex_unlock(&dev->struct_mutex);
362 * This is the fallback GTT pwrite path, which uses get_user_pages to pin
363 * the memory and maps it using kmap_atomic for copying.
365 * This code resulted in x11perf -rgb10text consuming about 10% more CPU
366 * than using i915_gem_gtt_pwrite_fast on a G45 (32-bit).
369 i915_gem_gtt_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
370 struct drm_i915_gem_pwrite *args,
371 struct drm_file *file_priv)
373 struct drm_i915_gem_object *obj_priv = obj->driver_private;
374 drm_i915_private_t *dev_priv = dev->dev_private;
376 loff_t gtt_page_base, offset;
377 loff_t first_data_page, last_data_page, num_pages;
378 loff_t pinned_pages, i;
379 struct page **user_pages;
380 struct mm_struct *mm = current->mm;
381 int gtt_page_offset, data_page_offset, data_page_index, page_length;
383 uint64_t data_ptr = args->data_ptr;
387 /* Pin the user pages containing the data. We can't fault while
388 * holding the struct mutex, and all of the pwrite implementations
389 * want to hold it while dereferencing the user data.
391 first_data_page = data_ptr / PAGE_SIZE;
392 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
393 num_pages = last_data_page - first_data_page + 1;
395 user_pages = kcalloc(num_pages, sizeof(struct page *), GFP_KERNEL);
396 if (user_pages == NULL)
399 down_read(&mm->mmap_sem);
400 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
401 num_pages, 0, 0, user_pages, NULL);
402 up_read(&mm->mmap_sem);
403 if (pinned_pages < num_pages) {
405 goto out_unpin_pages;
408 mutex_lock(&dev->struct_mutex);
409 ret = i915_gem_object_pin(obj, 0);
413 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
415 goto out_unpin_object;
417 obj_priv = obj->driver_private;
418 offset = obj_priv->gtt_offset + args->offset;
421 /* Operation in this page
423 * gtt_page_base = page offset within aperture
424 * gtt_page_offset = offset within page in aperture
425 * data_page_index = page number in get_user_pages return
426 * data_page_offset = offset with data_page_index page.
427 * page_length = bytes to copy for this page
429 gtt_page_base = offset & PAGE_MASK;
430 gtt_page_offset = offset & ~PAGE_MASK;
431 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
432 data_page_offset = data_ptr & ~PAGE_MASK;
434 page_length = remain;
435 if ((gtt_page_offset + page_length) > PAGE_SIZE)
436 page_length = PAGE_SIZE - gtt_page_offset;
437 if ((data_page_offset + page_length) > PAGE_SIZE)
438 page_length = PAGE_SIZE - data_page_offset;
440 ret = slow_kernel_write(dev_priv->mm.gtt_mapping,
441 gtt_page_base, gtt_page_offset,
442 user_pages[data_page_index],
446 /* If we get a fault while copying data, then (presumably) our
447 * source page isn't available. Return the error and we'll
448 * retry in the slow path.
451 goto out_unpin_object;
453 remain -= page_length;
454 offset += page_length;
455 data_ptr += page_length;
459 i915_gem_object_unpin(obj);
461 mutex_unlock(&dev->struct_mutex);
463 for (i = 0; i < pinned_pages; i++)
464 page_cache_release(user_pages[i]);
471 * This is the fast shmem pwrite path, which attempts to directly
472 * copy_from_user into the kmapped pages backing the object.
475 i915_gem_shmem_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
476 struct drm_i915_gem_pwrite *args,
477 struct drm_file *file_priv)
479 struct drm_i915_gem_object *obj_priv = obj->driver_private;
481 loff_t offset, page_base;
482 char __user *user_data;
483 int page_offset, page_length;
486 user_data = (char __user *) (uintptr_t) args->data_ptr;
489 mutex_lock(&dev->struct_mutex);
491 ret = i915_gem_object_get_pages(obj);
495 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
499 obj_priv = obj->driver_private;
500 offset = args->offset;
504 /* Operation in this page
506 * page_base = page offset within aperture
507 * page_offset = offset within page
508 * page_length = bytes to copy for this page
510 page_base = (offset & ~(PAGE_SIZE-1));
511 page_offset = offset & (PAGE_SIZE-1);
512 page_length = remain;
513 if ((page_offset + remain) > PAGE_SIZE)
514 page_length = PAGE_SIZE - page_offset;
516 ret = fast_shmem_write(obj_priv->pages,
517 page_base, page_offset,
518 user_data, page_length);
522 remain -= page_length;
523 user_data += page_length;
524 offset += page_length;
528 i915_gem_object_put_pages(obj);
530 mutex_unlock(&dev->struct_mutex);
536 * This is the fallback shmem pwrite path, which uses get_user_pages to pin
537 * the memory and maps it using kmap_atomic for copying.
539 * This avoids taking mmap_sem for faulting on the user's address while the
540 * struct_mutex is held.
543 i915_gem_shmem_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
544 struct drm_i915_gem_pwrite *args,
545 struct drm_file *file_priv)
547 struct drm_i915_gem_object *obj_priv = obj->driver_private;
548 struct mm_struct *mm = current->mm;
549 struct page **user_pages;
551 loff_t offset, pinned_pages, i;
552 loff_t first_data_page, last_data_page, num_pages;
553 int shmem_page_index, shmem_page_offset;
554 int data_page_index, data_page_offset;
557 uint64_t data_ptr = args->data_ptr;
561 /* Pin the user pages containing the data. We can't fault while
562 * holding the struct mutex, and all of the pwrite implementations
563 * want to hold it while dereferencing the user data.
565 first_data_page = data_ptr / PAGE_SIZE;
566 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
567 num_pages = last_data_page - first_data_page + 1;
569 user_pages = kcalloc(num_pages, sizeof(struct page *), GFP_KERNEL);
570 if (user_pages == NULL)
573 down_read(&mm->mmap_sem);
574 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
575 num_pages, 0, 0, user_pages, NULL);
576 up_read(&mm->mmap_sem);
577 if (pinned_pages < num_pages) {
579 goto fail_put_user_pages;
582 mutex_lock(&dev->struct_mutex);
584 ret = i915_gem_object_get_pages(obj);
588 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
592 obj_priv = obj->driver_private;
593 offset = args->offset;
597 /* Operation in this page
599 * shmem_page_index = page number within shmem file
600 * shmem_page_offset = offset within page in shmem file
601 * data_page_index = page number in get_user_pages return
602 * data_page_offset = offset with data_page_index page.
603 * page_length = bytes to copy for this page
605 shmem_page_index = offset / PAGE_SIZE;
606 shmem_page_offset = offset & ~PAGE_MASK;
607 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
608 data_page_offset = data_ptr & ~PAGE_MASK;
610 page_length = remain;
611 if ((shmem_page_offset + page_length) > PAGE_SIZE)
612 page_length = PAGE_SIZE - shmem_page_offset;
613 if ((data_page_offset + page_length) > PAGE_SIZE)
614 page_length = PAGE_SIZE - data_page_offset;
616 ret = slow_shmem_copy(obj_priv->pages[shmem_page_index],
618 user_pages[data_page_index],
624 remain -= page_length;
625 data_ptr += page_length;
626 offset += page_length;
630 i915_gem_object_put_pages(obj);
632 mutex_unlock(&dev->struct_mutex);
634 for (i = 0; i < pinned_pages; i++)
635 page_cache_release(user_pages[i]);
642 * Writes data to the object referenced by handle.
644 * On error, the contents of the buffer that were to be modified are undefined.
647 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data,
648 struct drm_file *file_priv)
650 struct drm_i915_gem_pwrite *args = data;
651 struct drm_gem_object *obj;
652 struct drm_i915_gem_object *obj_priv;
655 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
658 obj_priv = obj->driver_private;
660 /* Bounds check destination.
662 * XXX: This could use review for overflow issues...
664 if (args->offset > obj->size || args->size > obj->size ||
665 args->offset + args->size > obj->size) {
666 drm_gem_object_unreference(obj);
670 /* We can only do the GTT pwrite on untiled buffers, as otherwise
671 * it would end up going through the fenced access, and we'll get
672 * different detiling behavior between reading and writing.
673 * pread/pwrite currently are reading and writing from the CPU
674 * perspective, requiring manual detiling by the client.
676 if (obj_priv->phys_obj)
677 ret = i915_gem_phys_pwrite(dev, obj, args, file_priv);
678 else if (obj_priv->tiling_mode == I915_TILING_NONE &&
679 dev->gtt_total != 0) {
680 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file_priv);
681 if (ret == -EFAULT) {
682 ret = i915_gem_gtt_pwrite_slow(dev, obj, args,
686 ret = i915_gem_shmem_pwrite_fast(dev, obj, args, file_priv);
687 if (ret == -EFAULT) {
688 ret = i915_gem_shmem_pwrite_slow(dev, obj, args,
695 DRM_INFO("pwrite failed %d\n", ret);
698 drm_gem_object_unreference(obj);
704 * Called when user space prepares to use an object with the CPU, either
705 * through the mmap ioctl's mapping or a GTT mapping.
708 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data,
709 struct drm_file *file_priv)
711 struct drm_i915_gem_set_domain *args = data;
712 struct drm_gem_object *obj;
713 uint32_t read_domains = args->read_domains;
714 uint32_t write_domain = args->write_domain;
717 if (!(dev->driver->driver_features & DRIVER_GEM))
720 /* Only handle setting domains to types used by the CPU. */
721 if (write_domain & ~(I915_GEM_DOMAIN_CPU | I915_GEM_DOMAIN_GTT))
724 if (read_domains & ~(I915_GEM_DOMAIN_CPU | I915_GEM_DOMAIN_GTT))
727 /* Having something in the write domain implies it's in the read
728 * domain, and only that read domain. Enforce that in the request.
730 if (write_domain != 0 && read_domains != write_domain)
733 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
737 mutex_lock(&dev->struct_mutex);
739 DRM_INFO("set_domain_ioctl %p(%d), %08x %08x\n",
740 obj, obj->size, read_domains, write_domain);
742 if (read_domains & I915_GEM_DOMAIN_GTT) {
743 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0);
745 /* Silently promote "you're not bound, there was nothing to do"
746 * to success, since the client was just asking us to
747 * make sure everything was done.
752 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0);
755 drm_gem_object_unreference(obj);
756 mutex_unlock(&dev->struct_mutex);
761 * Called when user space has done writes to this buffer
764 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data,
765 struct drm_file *file_priv)
767 struct drm_i915_gem_sw_finish *args = data;
768 struct drm_gem_object *obj;
769 struct drm_i915_gem_object *obj_priv;
772 if (!(dev->driver->driver_features & DRIVER_GEM))
775 mutex_lock(&dev->struct_mutex);
776 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
778 mutex_unlock(&dev->struct_mutex);
783 DRM_INFO("%s: sw_finish %d (%p %d)\n",
784 __func__, args->handle, obj, obj->size);
786 obj_priv = obj->driver_private;
788 /* Pinned buffers may be scanout, so flush the cache */
789 if (obj_priv->pin_count)
790 i915_gem_object_flush_cpu_write_domain(obj);
792 drm_gem_object_unreference(obj);
793 mutex_unlock(&dev->struct_mutex);
798 * Maps the contents of an object, returning the address it is mapped
801 * While the mapping holds a reference on the contents of the object, it doesn't
802 * imply a ref on the object itself.
805 i915_gem_mmap_ioctl(struct drm_device *dev, void *data,
806 struct drm_file *file_priv)
808 struct drm_i915_gem_mmap *args = data;
809 struct drm_gem_object *obj;
813 if (!(dev->driver->driver_features & DRIVER_GEM))
816 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
820 offset = args->offset;
822 down_write(¤t->mm->mmap_sem);
823 addr = do_mmap(obj->filp, 0, args->size,
824 PROT_READ | PROT_WRITE, MAP_SHARED,
826 up_write(¤t->mm->mmap_sem);
827 mutex_lock(&dev->struct_mutex);
828 drm_gem_object_unreference(obj);
829 mutex_unlock(&dev->struct_mutex);
830 if (IS_ERR((void *)addr))
833 args->addr_ptr = (uint64_t) addr;
839 * i915_gem_fault - fault a page into the GTT
840 * vma: VMA in question
843 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped
844 * from userspace. The fault handler takes care of binding the object to
845 * the GTT (if needed), allocating and programming a fence register (again,
846 * only if needed based on whether the old reg is still valid or the object
847 * is tiled) and inserting a new PTE into the faulting process.
849 * Note that the faulting process may involve evicting existing objects
850 * from the GTT and/or fence registers to make room. So performance may
851 * suffer if the GTT working set is large or there are few fence registers
854 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
856 struct drm_gem_object *obj = vma->vm_private_data;
857 struct drm_device *dev = obj->dev;
858 struct drm_i915_private *dev_priv = dev->dev_private;
859 struct drm_i915_gem_object *obj_priv = obj->driver_private;
863 bool write = !!(vmf->flags & FAULT_FLAG_WRITE);
865 /* We don't use vmf->pgoff since that has the fake offset */
866 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >>
869 /* Now bind it into the GTT if needed */
870 mutex_lock(&dev->struct_mutex);
871 if (!obj_priv->gtt_space) {
872 ret = i915_gem_object_bind_to_gtt(obj, obj_priv->gtt_alignment);
874 mutex_unlock(&dev->struct_mutex);
875 return VM_FAULT_SIGBUS;
877 list_add(&obj_priv->list, &dev_priv->mm.inactive_list);
880 /* Need a new fence register? */
881 if (obj_priv->fence_reg == I915_FENCE_REG_NONE &&
882 obj_priv->tiling_mode != I915_TILING_NONE) {
883 ret = i915_gem_object_get_fence_reg(obj, write);
885 mutex_unlock(&dev->struct_mutex);
886 return VM_FAULT_SIGBUS;
890 pfn = ((dev->agp->base + obj_priv->gtt_offset) >> PAGE_SHIFT) +
893 /* Finally, remap it using the new GTT offset */
894 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn);
896 mutex_unlock(&dev->struct_mutex);
903 return VM_FAULT_SIGBUS;
905 return VM_FAULT_NOPAGE;
910 * i915_gem_create_mmap_offset - create a fake mmap offset for an object
911 * @obj: obj in question
913 * GEM memory mapping works by handing back to userspace a fake mmap offset
914 * it can use in a subsequent mmap(2) call. The DRM core code then looks
915 * up the object based on the offset and sets up the various memory mapping
918 * This routine allocates and attaches a fake offset for @obj.
921 i915_gem_create_mmap_offset(struct drm_gem_object *obj)
923 struct drm_device *dev = obj->dev;
924 struct drm_gem_mm *mm = dev->mm_private;
925 struct drm_i915_gem_object *obj_priv = obj->driver_private;
926 struct drm_map_list *list;
930 /* Set the object up for mmap'ing */
931 list = &obj->map_list;
932 list->map = drm_calloc(1, sizeof(struct drm_map_list),
938 map->type = _DRM_GEM;
939 map->size = obj->size;
942 /* Get a DRM GEM mmap offset allocated... */
943 list->file_offset_node = drm_mm_search_free(&mm->offset_manager,
944 obj->size / PAGE_SIZE, 0, 0);
945 if (!list->file_offset_node) {
946 DRM_ERROR("failed to allocate offset for bo %d\n", obj->name);
951 list->file_offset_node = drm_mm_get_block(list->file_offset_node,
952 obj->size / PAGE_SIZE, 0);
953 if (!list->file_offset_node) {
958 list->hash.key = list->file_offset_node->start;
959 if (drm_ht_insert_item(&mm->offset_hash, &list->hash)) {
960 DRM_ERROR("failed to add to map hash\n");
964 /* By now we should be all set, any drm_mmap request on the offset
965 * below will get to our mmap & fault handler */
966 obj_priv->mmap_offset = ((uint64_t) list->hash.key) << PAGE_SHIFT;
971 drm_mm_put_block(list->file_offset_node);
973 drm_free(list->map, sizeof(struct drm_map_list), DRM_MEM_DRIVER);
979 i915_gem_free_mmap_offset(struct drm_gem_object *obj)
981 struct drm_device *dev = obj->dev;
982 struct drm_i915_gem_object *obj_priv = obj->driver_private;
983 struct drm_gem_mm *mm = dev->mm_private;
984 struct drm_map_list *list;
986 list = &obj->map_list;
987 drm_ht_remove_item(&mm->offset_hash, &list->hash);
989 if (list->file_offset_node) {
990 drm_mm_put_block(list->file_offset_node);
991 list->file_offset_node = NULL;
995 drm_free(list->map, sizeof(struct drm_map), DRM_MEM_DRIVER);
999 obj_priv->mmap_offset = 0;
1003 * i915_gem_get_gtt_alignment - return required GTT alignment for an object
1004 * @obj: object to check
1006 * Return the required GTT alignment for an object, taking into account
1007 * potential fence register mapping if needed.
1010 i915_gem_get_gtt_alignment(struct drm_gem_object *obj)
1012 struct drm_device *dev = obj->dev;
1013 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1017 * Minimum alignment is 4k (GTT page size), but might be greater
1018 * if a fence register is needed for the object.
1020 if (IS_I965G(dev) || obj_priv->tiling_mode == I915_TILING_NONE)
1024 * Previous chips need to be aligned to the size of the smallest
1025 * fence register that can contain the object.
1032 for (i = start; i < obj->size; i <<= 1)
1039 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing
1041 * @data: GTT mapping ioctl data
1042 * @file_priv: GEM object info
1044 * Simply returns the fake offset to userspace so it can mmap it.
1045 * The mmap call will end up in drm_gem_mmap(), which will set things
1046 * up so we can get faults in the handler above.
1048 * The fault handler will take care of binding the object into the GTT
1049 * (since it may have been evicted to make room for something), allocating
1050 * a fence register, and mapping the appropriate aperture address into
1054 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data,
1055 struct drm_file *file_priv)
1057 struct drm_i915_gem_mmap_gtt *args = data;
1058 struct drm_i915_private *dev_priv = dev->dev_private;
1059 struct drm_gem_object *obj;
1060 struct drm_i915_gem_object *obj_priv;
1063 if (!(dev->driver->driver_features & DRIVER_GEM))
1066 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1070 mutex_lock(&dev->struct_mutex);
1072 obj_priv = obj->driver_private;
1074 if (!obj_priv->mmap_offset) {
1075 ret = i915_gem_create_mmap_offset(obj);
1077 drm_gem_object_unreference(obj);
1078 mutex_unlock(&dev->struct_mutex);
1083 args->offset = obj_priv->mmap_offset;
1085 obj_priv->gtt_alignment = i915_gem_get_gtt_alignment(obj);
1087 /* Make sure the alignment is correct for fence regs etc */
1088 if (obj_priv->agp_mem &&
1089 (obj_priv->gtt_offset & (obj_priv->gtt_alignment - 1))) {
1090 drm_gem_object_unreference(obj);
1091 mutex_unlock(&dev->struct_mutex);
1096 * Pull it into the GTT so that we have a page list (makes the
1097 * initial fault faster and any subsequent flushing possible).
1099 if (!obj_priv->agp_mem) {
1100 ret = i915_gem_object_bind_to_gtt(obj, obj_priv->gtt_alignment);
1102 drm_gem_object_unreference(obj);
1103 mutex_unlock(&dev->struct_mutex);
1106 list_add(&obj_priv->list, &dev_priv->mm.inactive_list);
1109 drm_gem_object_unreference(obj);
1110 mutex_unlock(&dev->struct_mutex);
1116 i915_gem_object_put_pages(struct drm_gem_object *obj)
1118 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1119 int page_count = obj->size / PAGE_SIZE;
1122 BUG_ON(obj_priv->pages_refcount == 0);
1124 if (--obj_priv->pages_refcount != 0)
1127 for (i = 0; i < page_count; i++)
1128 if (obj_priv->pages[i] != NULL) {
1129 if (obj_priv->dirty)
1130 set_page_dirty(obj_priv->pages[i]);
1131 mark_page_accessed(obj_priv->pages[i]);
1132 page_cache_release(obj_priv->pages[i]);
1134 obj_priv->dirty = 0;
1136 drm_free(obj_priv->pages,
1137 page_count * sizeof(struct page *),
1139 obj_priv->pages = NULL;
1143 i915_gem_object_move_to_active(struct drm_gem_object *obj, uint32_t seqno)
1145 struct drm_device *dev = obj->dev;
1146 drm_i915_private_t *dev_priv = dev->dev_private;
1147 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1149 /* Add a reference if we're newly entering the active list. */
1150 if (!obj_priv->active) {
1151 drm_gem_object_reference(obj);
1152 obj_priv->active = 1;
1154 /* Move from whatever list we were on to the tail of execution. */
1155 list_move_tail(&obj_priv->list,
1156 &dev_priv->mm.active_list);
1157 obj_priv->last_rendering_seqno = seqno;
1161 i915_gem_object_move_to_flushing(struct drm_gem_object *obj)
1163 struct drm_device *dev = obj->dev;
1164 drm_i915_private_t *dev_priv = dev->dev_private;
1165 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1167 BUG_ON(!obj_priv->active);
1168 list_move_tail(&obj_priv->list, &dev_priv->mm.flushing_list);
1169 obj_priv->last_rendering_seqno = 0;
1173 i915_gem_object_move_to_inactive(struct drm_gem_object *obj)
1175 struct drm_device *dev = obj->dev;
1176 drm_i915_private_t *dev_priv = dev->dev_private;
1177 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1179 i915_verify_inactive(dev, __FILE__, __LINE__);
1180 if (obj_priv->pin_count != 0)
1181 list_del_init(&obj_priv->list);
1183 list_move_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1185 obj_priv->last_rendering_seqno = 0;
1186 if (obj_priv->active) {
1187 obj_priv->active = 0;
1188 drm_gem_object_unreference(obj);
1190 i915_verify_inactive(dev, __FILE__, __LINE__);
1194 * Creates a new sequence number, emitting a write of it to the status page
1195 * plus an interrupt, which will trigger i915_user_interrupt_handler.
1197 * Must be called with struct_lock held.
1199 * Returned sequence numbers are nonzero on success.
1202 i915_add_request(struct drm_device *dev, uint32_t flush_domains)
1204 drm_i915_private_t *dev_priv = dev->dev_private;
1205 struct drm_i915_gem_request *request;
1210 request = drm_calloc(1, sizeof(*request), DRM_MEM_DRIVER);
1211 if (request == NULL)
1214 /* Grab the seqno we're going to make this request be, and bump the
1215 * next (skipping 0 so it can be the reserved no-seqno value).
1217 seqno = dev_priv->mm.next_gem_seqno;
1218 dev_priv->mm.next_gem_seqno++;
1219 if (dev_priv->mm.next_gem_seqno == 0)
1220 dev_priv->mm.next_gem_seqno++;
1223 OUT_RING(MI_STORE_DWORD_INDEX);
1224 OUT_RING(I915_GEM_HWS_INDEX << MI_STORE_DWORD_INDEX_SHIFT);
1227 OUT_RING(MI_USER_INTERRUPT);
1230 DRM_DEBUG("%d\n", seqno);
1232 request->seqno = seqno;
1233 request->emitted_jiffies = jiffies;
1234 was_empty = list_empty(&dev_priv->mm.request_list);
1235 list_add_tail(&request->list, &dev_priv->mm.request_list);
1237 /* Associate any objects on the flushing list matching the write
1238 * domain we're flushing with our flush.
1240 if (flush_domains != 0) {
1241 struct drm_i915_gem_object *obj_priv, *next;
1243 list_for_each_entry_safe(obj_priv, next,
1244 &dev_priv->mm.flushing_list, list) {
1245 struct drm_gem_object *obj = obj_priv->obj;
1247 if ((obj->write_domain & flush_domains) ==
1248 obj->write_domain) {
1249 obj->write_domain = 0;
1250 i915_gem_object_move_to_active(obj, seqno);
1256 if (was_empty && !dev_priv->mm.suspended)
1257 schedule_delayed_work(&dev_priv->mm.retire_work, HZ);
1262 * Command execution barrier
1264 * Ensures that all commands in the ring are finished
1265 * before signalling the CPU
1268 i915_retire_commands(struct drm_device *dev)
1270 drm_i915_private_t *dev_priv = dev->dev_private;
1271 uint32_t cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1272 uint32_t flush_domains = 0;
1275 /* The sampler always gets flushed on i965 (sigh) */
1277 flush_domains |= I915_GEM_DOMAIN_SAMPLER;
1280 OUT_RING(0); /* noop */
1282 return flush_domains;
1286 * Moves buffers associated only with the given active seqno from the active
1287 * to inactive list, potentially freeing them.
1290 i915_gem_retire_request(struct drm_device *dev,
1291 struct drm_i915_gem_request *request)
1293 drm_i915_private_t *dev_priv = dev->dev_private;
1295 /* Move any buffers on the active list that are no longer referenced
1296 * by the ringbuffer to the flushing/inactive lists as appropriate.
1298 while (!list_empty(&dev_priv->mm.active_list)) {
1299 struct drm_gem_object *obj;
1300 struct drm_i915_gem_object *obj_priv;
1302 obj_priv = list_first_entry(&dev_priv->mm.active_list,
1303 struct drm_i915_gem_object,
1305 obj = obj_priv->obj;
1307 /* If the seqno being retired doesn't match the oldest in the
1308 * list, then the oldest in the list must still be newer than
1311 if (obj_priv->last_rendering_seqno != request->seqno)
1315 DRM_INFO("%s: retire %d moves to inactive list %p\n",
1316 __func__, request->seqno, obj);
1319 if (obj->write_domain != 0)
1320 i915_gem_object_move_to_flushing(obj);
1322 i915_gem_object_move_to_inactive(obj);
1327 * Returns true if seq1 is later than seq2.
1330 i915_seqno_passed(uint32_t seq1, uint32_t seq2)
1332 return (int32_t)(seq1 - seq2) >= 0;
1336 i915_get_gem_seqno(struct drm_device *dev)
1338 drm_i915_private_t *dev_priv = dev->dev_private;
1340 return READ_HWSP(dev_priv, I915_GEM_HWS_INDEX);
1344 * This function clears the request list as sequence numbers are passed.
1347 i915_gem_retire_requests(struct drm_device *dev)
1349 drm_i915_private_t *dev_priv = dev->dev_private;
1352 if (!dev_priv->hw_status_page)
1355 seqno = i915_get_gem_seqno(dev);
1357 while (!list_empty(&dev_priv->mm.request_list)) {
1358 struct drm_i915_gem_request *request;
1359 uint32_t retiring_seqno;
1361 request = list_first_entry(&dev_priv->mm.request_list,
1362 struct drm_i915_gem_request,
1364 retiring_seqno = request->seqno;
1366 if (i915_seqno_passed(seqno, retiring_seqno) ||
1367 dev_priv->mm.wedged) {
1368 i915_gem_retire_request(dev, request);
1370 list_del(&request->list);
1371 drm_free(request, sizeof(*request), DRM_MEM_DRIVER);
1378 i915_gem_retire_work_handler(struct work_struct *work)
1380 drm_i915_private_t *dev_priv;
1381 struct drm_device *dev;
1383 dev_priv = container_of(work, drm_i915_private_t,
1384 mm.retire_work.work);
1385 dev = dev_priv->dev;
1387 mutex_lock(&dev->struct_mutex);
1388 i915_gem_retire_requests(dev);
1389 if (!dev_priv->mm.suspended &&
1390 !list_empty(&dev_priv->mm.request_list))
1391 schedule_delayed_work(&dev_priv->mm.retire_work, HZ);
1392 mutex_unlock(&dev->struct_mutex);
1396 * Waits for a sequence number to be signaled, and cleans up the
1397 * request and object lists appropriately for that event.
1400 i915_wait_request(struct drm_device *dev, uint32_t seqno)
1402 drm_i915_private_t *dev_priv = dev->dev_private;
1407 if (!i915_seqno_passed(i915_get_gem_seqno(dev), seqno)) {
1408 dev_priv->mm.waiting_gem_seqno = seqno;
1409 i915_user_irq_get(dev);
1410 ret = wait_event_interruptible(dev_priv->irq_queue,
1411 i915_seqno_passed(i915_get_gem_seqno(dev),
1413 dev_priv->mm.wedged);
1414 i915_user_irq_put(dev);
1415 dev_priv->mm.waiting_gem_seqno = 0;
1417 if (dev_priv->mm.wedged)
1420 if (ret && ret != -ERESTARTSYS)
1421 DRM_ERROR("%s returns %d (awaiting %d at %d)\n",
1422 __func__, ret, seqno, i915_get_gem_seqno(dev));
1424 /* Directly dispatch request retiring. While we have the work queue
1425 * to handle this, the waiter on a request often wants an associated
1426 * buffer to have made it to the inactive list, and we would need
1427 * a separate wait queue to handle that.
1430 i915_gem_retire_requests(dev);
1436 i915_gem_flush(struct drm_device *dev,
1437 uint32_t invalidate_domains,
1438 uint32_t flush_domains)
1440 drm_i915_private_t *dev_priv = dev->dev_private;
1445 DRM_INFO("%s: invalidate %08x flush %08x\n", __func__,
1446 invalidate_domains, flush_domains);
1449 if (flush_domains & I915_GEM_DOMAIN_CPU)
1450 drm_agp_chipset_flush(dev);
1452 if ((invalidate_domains | flush_domains) & ~(I915_GEM_DOMAIN_CPU |
1453 I915_GEM_DOMAIN_GTT)) {
1455 * read/write caches:
1457 * I915_GEM_DOMAIN_RENDER is always invalidated, but is
1458 * only flushed if MI_NO_WRITE_FLUSH is unset. On 965, it is
1459 * also flushed at 2d versus 3d pipeline switches.
1463 * I915_GEM_DOMAIN_SAMPLER is flushed on pre-965 if
1464 * MI_READ_FLUSH is set, and is always flushed on 965.
1466 * I915_GEM_DOMAIN_COMMAND may not exist?
1468 * I915_GEM_DOMAIN_INSTRUCTION, which exists on 965, is
1469 * invalidated when MI_EXE_FLUSH is set.
1471 * I915_GEM_DOMAIN_VERTEX, which exists on 965, is
1472 * invalidated with every MI_FLUSH.
1476 * On 965, TLBs associated with I915_GEM_DOMAIN_COMMAND
1477 * and I915_GEM_DOMAIN_CPU in are invalidated at PTE write and
1478 * I915_GEM_DOMAIN_RENDER and I915_GEM_DOMAIN_SAMPLER
1479 * are flushed at any MI_FLUSH.
1482 cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1483 if ((invalidate_domains|flush_domains) &
1484 I915_GEM_DOMAIN_RENDER)
1485 cmd &= ~MI_NO_WRITE_FLUSH;
1486 if (!IS_I965G(dev)) {
1488 * On the 965, the sampler cache always gets flushed
1489 * and this bit is reserved.
1491 if (invalidate_domains & I915_GEM_DOMAIN_SAMPLER)
1492 cmd |= MI_READ_FLUSH;
1494 if (invalidate_domains & I915_GEM_DOMAIN_INSTRUCTION)
1495 cmd |= MI_EXE_FLUSH;
1498 DRM_INFO("%s: queue flush %08x to ring\n", __func__, cmd);
1502 OUT_RING(0); /* noop */
1508 * Ensures that all rendering to the object has completed and the object is
1509 * safe to unbind from the GTT or access from the CPU.
1512 i915_gem_object_wait_rendering(struct drm_gem_object *obj)
1514 struct drm_device *dev = obj->dev;
1515 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1518 /* This function only exists to support waiting for existing rendering,
1519 * not for emitting required flushes.
1521 BUG_ON((obj->write_domain & I915_GEM_GPU_DOMAINS) != 0);
1523 /* If there is rendering queued on the buffer being evicted, wait for
1526 if (obj_priv->active) {
1528 DRM_INFO("%s: object %p wait for seqno %08x\n",
1529 __func__, obj, obj_priv->last_rendering_seqno);
1531 ret = i915_wait_request(dev, obj_priv->last_rendering_seqno);
1540 * Unbinds an object from the GTT aperture.
1543 i915_gem_object_unbind(struct drm_gem_object *obj)
1545 struct drm_device *dev = obj->dev;
1546 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1551 DRM_INFO("%s:%d %p\n", __func__, __LINE__, obj);
1552 DRM_INFO("gtt_space %p\n", obj_priv->gtt_space);
1554 if (obj_priv->gtt_space == NULL)
1557 if (obj_priv->pin_count != 0) {
1558 DRM_ERROR("Attempting to unbind pinned buffer\n");
1562 /* Move the object to the CPU domain to ensure that
1563 * any possible CPU writes while it's not in the GTT
1564 * are flushed when we go to remap it. This will
1565 * also ensure that all pending GPU writes are finished
1568 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
1570 if (ret != -ERESTARTSYS)
1571 DRM_ERROR("set_domain failed: %d\n", ret);
1575 if (obj_priv->agp_mem != NULL) {
1576 drm_unbind_agp(obj_priv->agp_mem);
1577 drm_free_agp(obj_priv->agp_mem, obj->size / PAGE_SIZE);
1578 obj_priv->agp_mem = NULL;
1581 BUG_ON(obj_priv->active);
1583 /* blow away mappings if mapped through GTT */
1584 offset = ((loff_t) obj->map_list.hash.key) << PAGE_SHIFT;
1585 if (dev->dev_mapping)
1586 unmap_mapping_range(dev->dev_mapping, offset, obj->size, 1);
1588 if (obj_priv->fence_reg != I915_FENCE_REG_NONE)
1589 i915_gem_clear_fence_reg(obj);
1591 i915_gem_object_put_pages(obj);
1593 if (obj_priv->gtt_space) {
1594 atomic_dec(&dev->gtt_count);
1595 atomic_sub(obj->size, &dev->gtt_memory);
1597 drm_mm_put_block(obj_priv->gtt_space);
1598 obj_priv->gtt_space = NULL;
1601 /* Remove ourselves from the LRU list if present. */
1602 if (!list_empty(&obj_priv->list))
1603 list_del_init(&obj_priv->list);
1609 i915_gem_evict_something(struct drm_device *dev)
1611 drm_i915_private_t *dev_priv = dev->dev_private;
1612 struct drm_gem_object *obj;
1613 struct drm_i915_gem_object *obj_priv;
1617 /* If there's an inactive buffer available now, grab it
1620 if (!list_empty(&dev_priv->mm.inactive_list)) {
1621 obj_priv = list_first_entry(&dev_priv->mm.inactive_list,
1622 struct drm_i915_gem_object,
1624 obj = obj_priv->obj;
1625 BUG_ON(obj_priv->pin_count != 0);
1627 DRM_INFO("%s: evicting %p\n", __func__, obj);
1629 BUG_ON(obj_priv->active);
1631 /* Wait on the rendering and unbind the buffer. */
1632 ret = i915_gem_object_unbind(obj);
1636 /* If we didn't get anything, but the ring is still processing
1637 * things, wait for one of those things to finish and hopefully
1638 * leave us a buffer to evict.
1640 if (!list_empty(&dev_priv->mm.request_list)) {
1641 struct drm_i915_gem_request *request;
1643 request = list_first_entry(&dev_priv->mm.request_list,
1644 struct drm_i915_gem_request,
1647 ret = i915_wait_request(dev, request->seqno);
1651 /* if waiting caused an object to become inactive,
1652 * then loop around and wait for it. Otherwise, we
1653 * assume that waiting freed and unbound something,
1654 * so there should now be some space in the GTT
1656 if (!list_empty(&dev_priv->mm.inactive_list))
1661 /* If we didn't have anything on the request list but there
1662 * are buffers awaiting a flush, emit one and try again.
1663 * When we wait on it, those buffers waiting for that flush
1664 * will get moved to inactive.
1666 if (!list_empty(&dev_priv->mm.flushing_list)) {
1667 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
1668 struct drm_i915_gem_object,
1670 obj = obj_priv->obj;
1675 i915_add_request(dev, obj->write_domain);
1681 DRM_ERROR("inactive empty %d request empty %d "
1682 "flushing empty %d\n",
1683 list_empty(&dev_priv->mm.inactive_list),
1684 list_empty(&dev_priv->mm.request_list),
1685 list_empty(&dev_priv->mm.flushing_list));
1686 /* If we didn't do any of the above, there's nothing to be done
1687 * and we just can't fit it in.
1695 i915_gem_evict_everything(struct drm_device *dev)
1700 ret = i915_gem_evict_something(dev);
1710 i915_gem_object_get_pages(struct drm_gem_object *obj)
1712 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1714 struct address_space *mapping;
1715 struct inode *inode;
1719 if (obj_priv->pages_refcount++ != 0)
1722 /* Get the list of pages out of our struct file. They'll be pinned
1723 * at this point until we release them.
1725 page_count = obj->size / PAGE_SIZE;
1726 BUG_ON(obj_priv->pages != NULL);
1727 obj_priv->pages = drm_calloc(page_count, sizeof(struct page *),
1729 if (obj_priv->pages == NULL) {
1730 DRM_ERROR("Faled to allocate page list\n");
1731 obj_priv->pages_refcount--;
1735 inode = obj->filp->f_path.dentry->d_inode;
1736 mapping = inode->i_mapping;
1737 for (i = 0; i < page_count; i++) {
1738 page = read_mapping_page(mapping, i, NULL);
1740 ret = PTR_ERR(page);
1741 DRM_ERROR("read_mapping_page failed: %d\n", ret);
1742 i915_gem_object_put_pages(obj);
1745 obj_priv->pages[i] = page;
1750 static void i965_write_fence_reg(struct drm_i915_fence_reg *reg)
1752 struct drm_gem_object *obj = reg->obj;
1753 struct drm_device *dev = obj->dev;
1754 drm_i915_private_t *dev_priv = dev->dev_private;
1755 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1756 int regnum = obj_priv->fence_reg;
1759 val = (uint64_t)((obj_priv->gtt_offset + obj->size - 4096) &
1761 val |= obj_priv->gtt_offset & 0xfffff000;
1762 val |= ((obj_priv->stride / 128) - 1) << I965_FENCE_PITCH_SHIFT;
1763 if (obj_priv->tiling_mode == I915_TILING_Y)
1764 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
1765 val |= I965_FENCE_REG_VALID;
1767 I915_WRITE64(FENCE_REG_965_0 + (regnum * 8), val);
1770 static void i915_write_fence_reg(struct drm_i915_fence_reg *reg)
1772 struct drm_gem_object *obj = reg->obj;
1773 struct drm_device *dev = obj->dev;
1774 drm_i915_private_t *dev_priv = dev->dev_private;
1775 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1776 int regnum = obj_priv->fence_reg;
1778 uint32_t fence_reg, val;
1781 if ((obj_priv->gtt_offset & ~I915_FENCE_START_MASK) ||
1782 (obj_priv->gtt_offset & (obj->size - 1))) {
1783 WARN(1, "%s: object 0x%08x not 1M or size (0x%zx) aligned\n",
1784 __func__, obj_priv->gtt_offset, obj->size);
1788 if (obj_priv->tiling_mode == I915_TILING_Y &&
1789 HAS_128_BYTE_Y_TILING(dev))
1794 /* Note: pitch better be a power of two tile widths */
1795 pitch_val = obj_priv->stride / tile_width;
1796 pitch_val = ffs(pitch_val) - 1;
1798 val = obj_priv->gtt_offset;
1799 if (obj_priv->tiling_mode == I915_TILING_Y)
1800 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
1801 val |= I915_FENCE_SIZE_BITS(obj->size);
1802 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
1803 val |= I830_FENCE_REG_VALID;
1806 fence_reg = FENCE_REG_830_0 + (regnum * 4);
1808 fence_reg = FENCE_REG_945_8 + ((regnum - 8) * 4);
1809 I915_WRITE(fence_reg, val);
1812 static void i830_write_fence_reg(struct drm_i915_fence_reg *reg)
1814 struct drm_gem_object *obj = reg->obj;
1815 struct drm_device *dev = obj->dev;
1816 drm_i915_private_t *dev_priv = dev->dev_private;
1817 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1818 int regnum = obj_priv->fence_reg;
1822 if ((obj_priv->gtt_offset & ~I915_FENCE_START_MASK) ||
1823 (obj_priv->gtt_offset & (obj->size - 1))) {
1824 WARN(1, "%s: object 0x%08x not 1M or size aligned\n",
1825 __func__, obj_priv->gtt_offset);
1829 pitch_val = (obj_priv->stride / 128) - 1;
1831 val = obj_priv->gtt_offset;
1832 if (obj_priv->tiling_mode == I915_TILING_Y)
1833 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
1834 val |= I830_FENCE_SIZE_BITS(obj->size);
1835 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
1836 val |= I830_FENCE_REG_VALID;
1838 I915_WRITE(FENCE_REG_830_0 + (regnum * 4), val);
1843 * i915_gem_object_get_fence_reg - set up a fence reg for an object
1844 * @obj: object to map through a fence reg
1845 * @write: object is about to be written
1847 * When mapping objects through the GTT, userspace wants to be able to write
1848 * to them without having to worry about swizzling if the object is tiled.
1850 * This function walks the fence regs looking for a free one for @obj,
1851 * stealing one if it can't find any.
1853 * It then sets up the reg based on the object's properties: address, pitch
1854 * and tiling format.
1857 i915_gem_object_get_fence_reg(struct drm_gem_object *obj, bool write)
1859 struct drm_device *dev = obj->dev;
1860 struct drm_i915_private *dev_priv = dev->dev_private;
1861 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1862 struct drm_i915_fence_reg *reg = NULL;
1863 struct drm_i915_gem_object *old_obj_priv = NULL;
1866 switch (obj_priv->tiling_mode) {
1867 case I915_TILING_NONE:
1868 WARN(1, "allocating a fence for non-tiled object?\n");
1871 if (!obj_priv->stride)
1873 WARN((obj_priv->stride & (512 - 1)),
1874 "object 0x%08x is X tiled but has non-512B pitch\n",
1875 obj_priv->gtt_offset);
1878 if (!obj_priv->stride)
1880 WARN((obj_priv->stride & (128 - 1)),
1881 "object 0x%08x is Y tiled but has non-128B pitch\n",
1882 obj_priv->gtt_offset);
1886 /* First try to find a free reg */
1889 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) {
1890 reg = &dev_priv->fence_regs[i];
1894 old_obj_priv = reg->obj->driver_private;
1895 if (!old_obj_priv->pin_count)
1899 /* None available, try to steal one or wait for a user to finish */
1900 if (i == dev_priv->num_fence_regs) {
1901 uint32_t seqno = dev_priv->mm.next_gem_seqno;
1907 for (i = dev_priv->fence_reg_start;
1908 i < dev_priv->num_fence_regs; i++) {
1909 uint32_t this_seqno;
1911 reg = &dev_priv->fence_regs[i];
1912 old_obj_priv = reg->obj->driver_private;
1914 if (old_obj_priv->pin_count)
1917 /* i915 uses fences for GPU access to tiled buffers */
1918 if (IS_I965G(dev) || !old_obj_priv->active)
1921 /* find the seqno of the first available fence */
1922 this_seqno = old_obj_priv->last_rendering_seqno;
1923 if (this_seqno != 0 &&
1924 reg->obj->write_domain == 0 &&
1925 i915_seqno_passed(seqno, this_seqno))
1930 * Now things get ugly... we have to wait for one of the
1931 * objects to finish before trying again.
1933 if (i == dev_priv->num_fence_regs) {
1934 if (seqno == dev_priv->mm.next_gem_seqno) {
1936 I915_GEM_GPU_DOMAINS,
1937 I915_GEM_GPU_DOMAINS);
1938 seqno = i915_add_request(dev,
1939 I915_GEM_GPU_DOMAINS);
1944 ret = i915_wait_request(dev, seqno);
1950 BUG_ON(old_obj_priv->active ||
1951 (reg->obj->write_domain & I915_GEM_GPU_DOMAINS));
1954 * Zap this virtual mapping so we can set up a fence again
1955 * for this object next time we need it.
1957 offset = ((loff_t) reg->obj->map_list.hash.key) << PAGE_SHIFT;
1958 if (dev->dev_mapping)
1959 unmap_mapping_range(dev->dev_mapping, offset,
1961 old_obj_priv->fence_reg = I915_FENCE_REG_NONE;
1964 obj_priv->fence_reg = i;
1968 i965_write_fence_reg(reg);
1969 else if (IS_I9XX(dev))
1970 i915_write_fence_reg(reg);
1972 i830_write_fence_reg(reg);
1978 * i915_gem_clear_fence_reg - clear out fence register info
1979 * @obj: object to clear
1981 * Zeroes out the fence register itself and clears out the associated
1982 * data structures in dev_priv and obj_priv.
1985 i915_gem_clear_fence_reg(struct drm_gem_object *obj)
1987 struct drm_device *dev = obj->dev;
1988 drm_i915_private_t *dev_priv = dev->dev_private;
1989 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1992 I915_WRITE64(FENCE_REG_965_0 + (obj_priv->fence_reg * 8), 0);
1996 if (obj_priv->fence_reg < 8)
1997 fence_reg = FENCE_REG_830_0 + obj_priv->fence_reg * 4;
1999 fence_reg = FENCE_REG_945_8 + (obj_priv->fence_reg -
2002 I915_WRITE(fence_reg, 0);
2005 dev_priv->fence_regs[obj_priv->fence_reg].obj = NULL;
2006 obj_priv->fence_reg = I915_FENCE_REG_NONE;
2010 * Finds free space in the GTT aperture and binds the object there.
2013 i915_gem_object_bind_to_gtt(struct drm_gem_object *obj, unsigned alignment)
2015 struct drm_device *dev = obj->dev;
2016 drm_i915_private_t *dev_priv = dev->dev_private;
2017 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2018 struct drm_mm_node *free_space;
2019 int page_count, ret;
2021 if (dev_priv->mm.suspended)
2024 alignment = i915_gem_get_gtt_alignment(obj);
2025 if (alignment & (PAGE_SIZE - 1)) {
2026 DRM_ERROR("Invalid object alignment requested %u\n", alignment);
2031 free_space = drm_mm_search_free(&dev_priv->mm.gtt_space,
2032 obj->size, alignment, 0);
2033 if (free_space != NULL) {
2034 obj_priv->gtt_space = drm_mm_get_block(free_space, obj->size,
2036 if (obj_priv->gtt_space != NULL) {
2037 obj_priv->gtt_space->private = obj;
2038 obj_priv->gtt_offset = obj_priv->gtt_space->start;
2041 if (obj_priv->gtt_space == NULL) {
2042 /* If the gtt is empty and we're still having trouble
2043 * fitting our object in, we're out of memory.
2046 DRM_INFO("%s: GTT full, evicting something\n", __func__);
2048 if (list_empty(&dev_priv->mm.inactive_list) &&
2049 list_empty(&dev_priv->mm.flushing_list) &&
2050 list_empty(&dev_priv->mm.active_list)) {
2051 DRM_ERROR("GTT full, but LRU list empty\n");
2055 ret = i915_gem_evict_something(dev);
2057 if (ret != -ERESTARTSYS)
2058 DRM_ERROR("Failed to evict a buffer %d\n", ret);
2065 DRM_INFO("Binding object of size %d at 0x%08x\n",
2066 obj->size, obj_priv->gtt_offset);
2068 ret = i915_gem_object_get_pages(obj);
2070 drm_mm_put_block(obj_priv->gtt_space);
2071 obj_priv->gtt_space = NULL;
2075 page_count = obj->size / PAGE_SIZE;
2076 /* Create an AGP memory structure pointing at our pages, and bind it
2079 obj_priv->agp_mem = drm_agp_bind_pages(dev,
2082 obj_priv->gtt_offset,
2083 obj_priv->agp_type);
2084 if (obj_priv->agp_mem == NULL) {
2085 i915_gem_object_put_pages(obj);
2086 drm_mm_put_block(obj_priv->gtt_space);
2087 obj_priv->gtt_space = NULL;
2090 atomic_inc(&dev->gtt_count);
2091 atomic_add(obj->size, &dev->gtt_memory);
2093 /* Assert that the object is not currently in any GPU domain. As it
2094 * wasn't in the GTT, there shouldn't be any way it could have been in
2097 BUG_ON(obj->read_domains & ~(I915_GEM_DOMAIN_CPU|I915_GEM_DOMAIN_GTT));
2098 BUG_ON(obj->write_domain & ~(I915_GEM_DOMAIN_CPU|I915_GEM_DOMAIN_GTT));
2104 i915_gem_clflush_object(struct drm_gem_object *obj)
2106 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2108 /* If we don't have a page list set up, then we're not pinned
2109 * to GPU, and we can ignore the cache flush because it'll happen
2110 * again at bind time.
2112 if (obj_priv->pages == NULL)
2115 drm_clflush_pages(obj_priv->pages, obj->size / PAGE_SIZE);
2118 /** Flushes any GPU write domain for the object if it's dirty. */
2120 i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj)
2122 struct drm_device *dev = obj->dev;
2125 if ((obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
2128 /* Queue the GPU write cache flushing we need. */
2129 i915_gem_flush(dev, 0, obj->write_domain);
2130 seqno = i915_add_request(dev, obj->write_domain);
2131 obj->write_domain = 0;
2132 i915_gem_object_move_to_active(obj, seqno);
2135 /** Flushes the GTT write domain for the object if it's dirty. */
2137 i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj)
2139 if (obj->write_domain != I915_GEM_DOMAIN_GTT)
2142 /* No actual flushing is required for the GTT write domain. Writes
2143 * to it immediately go to main memory as far as we know, so there's
2144 * no chipset flush. It also doesn't land in render cache.
2146 obj->write_domain = 0;
2149 /** Flushes the CPU write domain for the object if it's dirty. */
2151 i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj)
2153 struct drm_device *dev = obj->dev;
2155 if (obj->write_domain != I915_GEM_DOMAIN_CPU)
2158 i915_gem_clflush_object(obj);
2159 drm_agp_chipset_flush(dev);
2160 obj->write_domain = 0;
2164 * Moves a single object to the GTT read, and possibly write domain.
2166 * This function returns when the move is complete, including waiting on
2170 i915_gem_object_set_to_gtt_domain(struct drm_gem_object *obj, int write)
2172 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2175 /* Not valid to be called on unbound objects. */
2176 if (obj_priv->gtt_space == NULL)
2179 i915_gem_object_flush_gpu_write_domain(obj);
2180 /* Wait on any GPU rendering and flushing to occur. */
2181 ret = i915_gem_object_wait_rendering(obj);
2185 /* If we're writing through the GTT domain, then CPU and GPU caches
2186 * will need to be invalidated at next use.
2189 obj->read_domains &= I915_GEM_DOMAIN_GTT;
2191 i915_gem_object_flush_cpu_write_domain(obj);
2193 /* It should now be out of any other write domains, and we can update
2194 * the domain values for our changes.
2196 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_GTT) != 0);
2197 obj->read_domains |= I915_GEM_DOMAIN_GTT;
2199 obj->write_domain = I915_GEM_DOMAIN_GTT;
2200 obj_priv->dirty = 1;
2207 * Moves a single object to the CPU read, and possibly write domain.
2209 * This function returns when the move is complete, including waiting on
2213 i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj, int write)
2215 struct drm_device *dev = obj->dev;
2218 i915_gem_object_flush_gpu_write_domain(obj);
2219 /* Wait on any GPU rendering and flushing to occur. */
2220 ret = i915_gem_object_wait_rendering(obj);
2224 i915_gem_object_flush_gtt_write_domain(obj);
2226 /* If we have a partially-valid cache of the object in the CPU,
2227 * finish invalidating it and free the per-page flags.
2229 i915_gem_object_set_to_full_cpu_read_domain(obj);
2231 /* Flush the CPU cache if it's still invalid. */
2232 if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0) {
2233 i915_gem_clflush_object(obj);
2234 drm_agp_chipset_flush(dev);
2236 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2239 /* It should now be out of any other write domains, and we can update
2240 * the domain values for our changes.
2242 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2244 /* If we're writing through the CPU, then the GPU read domains will
2245 * need to be invalidated at next use.
2248 obj->read_domains &= I915_GEM_DOMAIN_CPU;
2249 obj->write_domain = I915_GEM_DOMAIN_CPU;
2256 * Set the next domain for the specified object. This
2257 * may not actually perform the necessary flushing/invaliding though,
2258 * as that may want to be batched with other set_domain operations
2260 * This is (we hope) the only really tricky part of gem. The goal
2261 * is fairly simple -- track which caches hold bits of the object
2262 * and make sure they remain coherent. A few concrete examples may
2263 * help to explain how it works. For shorthand, we use the notation
2264 * (read_domains, write_domain), e.g. (CPU, CPU) to indicate the
2265 * a pair of read and write domain masks.
2267 * Case 1: the batch buffer
2273 * 5. Unmapped from GTT
2276 * Let's take these a step at a time
2279 * Pages allocated from the kernel may still have
2280 * cache contents, so we set them to (CPU, CPU) always.
2281 * 2. Written by CPU (using pwrite)
2282 * The pwrite function calls set_domain (CPU, CPU) and
2283 * this function does nothing (as nothing changes)
2285 * This function asserts that the object is not
2286 * currently in any GPU-based read or write domains
2288 * i915_gem_execbuffer calls set_domain (COMMAND, 0).
2289 * As write_domain is zero, this function adds in the
2290 * current read domains (CPU+COMMAND, 0).
2291 * flush_domains is set to CPU.
2292 * invalidate_domains is set to COMMAND
2293 * clflush is run to get data out of the CPU caches
2294 * then i915_dev_set_domain calls i915_gem_flush to
2295 * emit an MI_FLUSH and drm_agp_chipset_flush
2296 * 5. Unmapped from GTT
2297 * i915_gem_object_unbind calls set_domain (CPU, CPU)
2298 * flush_domains and invalidate_domains end up both zero
2299 * so no flushing/invalidating happens
2303 * Case 2: The shared render buffer
2307 * 3. Read/written by GPU
2308 * 4. set_domain to (CPU,CPU)
2309 * 5. Read/written by CPU
2310 * 6. Read/written by GPU
2313 * Same as last example, (CPU, CPU)
2315 * Nothing changes (assertions find that it is not in the GPU)
2316 * 3. Read/written by GPU
2317 * execbuffer calls set_domain (RENDER, RENDER)
2318 * flush_domains gets CPU
2319 * invalidate_domains gets GPU
2321 * MI_FLUSH and drm_agp_chipset_flush
2322 * 4. set_domain (CPU, CPU)
2323 * flush_domains gets GPU
2324 * invalidate_domains gets CPU
2325 * wait_rendering (obj) to make sure all drawing is complete.
2326 * This will include an MI_FLUSH to get the data from GPU
2328 * clflush (obj) to invalidate the CPU cache
2329 * Another MI_FLUSH in i915_gem_flush (eliminate this somehow?)
2330 * 5. Read/written by CPU
2331 * cache lines are loaded and dirtied
2332 * 6. Read written by GPU
2333 * Same as last GPU access
2335 * Case 3: The constant buffer
2340 * 4. Updated (written) by CPU again
2349 * flush_domains = CPU
2350 * invalidate_domains = RENDER
2353 * drm_agp_chipset_flush
2354 * 4. Updated (written) by CPU again
2356 * flush_domains = 0 (no previous write domain)
2357 * invalidate_domains = 0 (no new read domains)
2360 * flush_domains = CPU
2361 * invalidate_domains = RENDER
2364 * drm_agp_chipset_flush
2367 i915_gem_object_set_to_gpu_domain(struct drm_gem_object *obj)
2369 struct drm_device *dev = obj->dev;
2370 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2371 uint32_t invalidate_domains = 0;
2372 uint32_t flush_domains = 0;
2374 BUG_ON(obj->pending_read_domains & I915_GEM_DOMAIN_CPU);
2375 BUG_ON(obj->pending_write_domain == I915_GEM_DOMAIN_CPU);
2378 DRM_INFO("%s: object %p read %08x -> %08x write %08x -> %08x\n",
2380 obj->read_domains, obj->pending_read_domains,
2381 obj->write_domain, obj->pending_write_domain);
2384 * If the object isn't moving to a new write domain,
2385 * let the object stay in multiple read domains
2387 if (obj->pending_write_domain == 0)
2388 obj->pending_read_domains |= obj->read_domains;
2390 obj_priv->dirty = 1;
2393 * Flush the current write domain if
2394 * the new read domains don't match. Invalidate
2395 * any read domains which differ from the old
2398 if (obj->write_domain &&
2399 obj->write_domain != obj->pending_read_domains) {
2400 flush_domains |= obj->write_domain;
2401 invalidate_domains |=
2402 obj->pending_read_domains & ~obj->write_domain;
2405 * Invalidate any read caches which may have
2406 * stale data. That is, any new read domains.
2408 invalidate_domains |= obj->pending_read_domains & ~obj->read_domains;
2409 if ((flush_domains | invalidate_domains) & I915_GEM_DOMAIN_CPU) {
2411 DRM_INFO("%s: CPU domain flush %08x invalidate %08x\n",
2412 __func__, flush_domains, invalidate_domains);
2414 i915_gem_clflush_object(obj);
2417 /* The actual obj->write_domain will be updated with
2418 * pending_write_domain after we emit the accumulated flush for all
2419 * of our domain changes in execbuffers (which clears objects'
2420 * write_domains). So if we have a current write domain that we
2421 * aren't changing, set pending_write_domain to that.
2423 if (flush_domains == 0 && obj->pending_write_domain == 0)
2424 obj->pending_write_domain = obj->write_domain;
2425 obj->read_domains = obj->pending_read_domains;
2427 dev->invalidate_domains |= invalidate_domains;
2428 dev->flush_domains |= flush_domains;
2430 DRM_INFO("%s: read %08x write %08x invalidate %08x flush %08x\n",
2432 obj->read_domains, obj->write_domain,
2433 dev->invalidate_domains, dev->flush_domains);
2438 * Moves the object from a partially CPU read to a full one.
2440 * Note that this only resolves i915_gem_object_set_cpu_read_domain_range(),
2441 * and doesn't handle transitioning from !(read_domains & I915_GEM_DOMAIN_CPU).
2444 i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj)
2446 struct drm_device *dev = obj->dev;
2447 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2449 if (!obj_priv->page_cpu_valid)
2452 /* If we're partially in the CPU read domain, finish moving it in.
2454 if (obj->read_domains & I915_GEM_DOMAIN_CPU) {
2457 for (i = 0; i <= (obj->size - 1) / PAGE_SIZE; i++) {
2458 if (obj_priv->page_cpu_valid[i])
2460 drm_clflush_pages(obj_priv->pages + i, 1);
2462 drm_agp_chipset_flush(dev);
2465 /* Free the page_cpu_valid mappings which are now stale, whether
2466 * or not we've got I915_GEM_DOMAIN_CPU.
2468 drm_free(obj_priv->page_cpu_valid, obj->size / PAGE_SIZE,
2470 obj_priv->page_cpu_valid = NULL;
2474 * Set the CPU read domain on a range of the object.
2476 * The object ends up with I915_GEM_DOMAIN_CPU in its read flags although it's
2477 * not entirely valid. The page_cpu_valid member of the object flags which
2478 * pages have been flushed, and will be respected by
2479 * i915_gem_object_set_to_cpu_domain() if it's called on to get a valid mapping
2480 * of the whole object.
2482 * This function returns when the move is complete, including waiting on
2486 i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
2487 uint64_t offset, uint64_t size)
2489 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2492 if (offset == 0 && size == obj->size)
2493 return i915_gem_object_set_to_cpu_domain(obj, 0);
2495 i915_gem_object_flush_gpu_write_domain(obj);
2496 /* Wait on any GPU rendering and flushing to occur. */
2497 ret = i915_gem_object_wait_rendering(obj);
2500 i915_gem_object_flush_gtt_write_domain(obj);
2502 /* If we're already fully in the CPU read domain, we're done. */
2503 if (obj_priv->page_cpu_valid == NULL &&
2504 (obj->read_domains & I915_GEM_DOMAIN_CPU) != 0)
2507 /* Otherwise, create/clear the per-page CPU read domain flag if we're
2508 * newly adding I915_GEM_DOMAIN_CPU
2510 if (obj_priv->page_cpu_valid == NULL) {
2511 obj_priv->page_cpu_valid = drm_calloc(1, obj->size / PAGE_SIZE,
2513 if (obj_priv->page_cpu_valid == NULL)
2515 } else if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0)
2516 memset(obj_priv->page_cpu_valid, 0, obj->size / PAGE_SIZE);
2518 /* Flush the cache on any pages that are still invalid from the CPU's
2521 for (i = offset / PAGE_SIZE; i <= (offset + size - 1) / PAGE_SIZE;
2523 if (obj_priv->page_cpu_valid[i])
2526 drm_clflush_pages(obj_priv->pages + i, 1);
2528 obj_priv->page_cpu_valid[i] = 1;
2531 /* It should now be out of any other write domains, and we can update
2532 * the domain values for our changes.
2534 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2536 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2542 * Pin an object to the GTT and evaluate the relocations landing in it.
2545 i915_gem_object_pin_and_relocate(struct drm_gem_object *obj,
2546 struct drm_file *file_priv,
2547 struct drm_i915_gem_exec_object *entry)
2549 struct drm_device *dev = obj->dev;
2550 drm_i915_private_t *dev_priv = dev->dev_private;
2551 struct drm_i915_gem_relocation_entry reloc;
2552 struct drm_i915_gem_relocation_entry __user *relocs;
2553 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2555 void __iomem *reloc_page;
2557 /* Choose the GTT offset for our buffer and put it there. */
2558 ret = i915_gem_object_pin(obj, (uint32_t) entry->alignment);
2562 entry->offset = obj_priv->gtt_offset;
2564 relocs = (struct drm_i915_gem_relocation_entry __user *)
2565 (uintptr_t) entry->relocs_ptr;
2566 /* Apply the relocations, using the GTT aperture to avoid cache
2567 * flushing requirements.
2569 for (i = 0; i < entry->relocation_count; i++) {
2570 struct drm_gem_object *target_obj;
2571 struct drm_i915_gem_object *target_obj_priv;
2572 uint32_t reloc_val, reloc_offset;
2573 uint32_t __iomem *reloc_entry;
2575 ret = copy_from_user(&reloc, relocs + i, sizeof(reloc));
2577 i915_gem_object_unpin(obj);
2581 target_obj = drm_gem_object_lookup(obj->dev, file_priv,
2582 reloc.target_handle);
2583 if (target_obj == NULL) {
2584 i915_gem_object_unpin(obj);
2587 target_obj_priv = target_obj->driver_private;
2589 /* The target buffer should have appeared before us in the
2590 * exec_object list, so it should have a GTT space bound by now.
2592 if (target_obj_priv->gtt_space == NULL) {
2593 DRM_ERROR("No GTT space found for object %d\n",
2594 reloc.target_handle);
2595 drm_gem_object_unreference(target_obj);
2596 i915_gem_object_unpin(obj);
2600 if (reloc.offset > obj->size - 4) {
2601 DRM_ERROR("Relocation beyond object bounds: "
2602 "obj %p target %d offset %d size %d.\n",
2603 obj, reloc.target_handle,
2604 (int) reloc.offset, (int) obj->size);
2605 drm_gem_object_unreference(target_obj);
2606 i915_gem_object_unpin(obj);
2609 if (reloc.offset & 3) {
2610 DRM_ERROR("Relocation not 4-byte aligned: "
2611 "obj %p target %d offset %d.\n",
2612 obj, reloc.target_handle,
2613 (int) reloc.offset);
2614 drm_gem_object_unreference(target_obj);
2615 i915_gem_object_unpin(obj);
2619 if (reloc.write_domain & I915_GEM_DOMAIN_CPU ||
2620 reloc.read_domains & I915_GEM_DOMAIN_CPU) {
2621 DRM_ERROR("reloc with read/write CPU domains: "
2622 "obj %p target %d offset %d "
2623 "read %08x write %08x",
2624 obj, reloc.target_handle,
2627 reloc.write_domain);
2628 drm_gem_object_unreference(target_obj);
2629 i915_gem_object_unpin(obj);
2633 if (reloc.write_domain && target_obj->pending_write_domain &&
2634 reloc.write_domain != target_obj->pending_write_domain) {
2635 DRM_ERROR("Write domain conflict: "
2636 "obj %p target %d offset %d "
2637 "new %08x old %08x\n",
2638 obj, reloc.target_handle,
2641 target_obj->pending_write_domain);
2642 drm_gem_object_unreference(target_obj);
2643 i915_gem_object_unpin(obj);
2648 DRM_INFO("%s: obj %p offset %08x target %d "
2649 "read %08x write %08x gtt %08x "
2650 "presumed %08x delta %08x\n",
2654 (int) reloc.target_handle,
2655 (int) reloc.read_domains,
2656 (int) reloc.write_domain,
2657 (int) target_obj_priv->gtt_offset,
2658 (int) reloc.presumed_offset,
2662 target_obj->pending_read_domains |= reloc.read_domains;
2663 target_obj->pending_write_domain |= reloc.write_domain;
2665 /* If the relocation already has the right value in it, no
2666 * more work needs to be done.
2668 if (target_obj_priv->gtt_offset == reloc.presumed_offset) {
2669 drm_gem_object_unreference(target_obj);
2673 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
2675 drm_gem_object_unreference(target_obj);
2676 i915_gem_object_unpin(obj);
2680 /* Map the page containing the relocation we're going to
2683 reloc_offset = obj_priv->gtt_offset + reloc.offset;
2684 reloc_page = io_mapping_map_atomic_wc(dev_priv->mm.gtt_mapping,
2687 reloc_entry = (uint32_t __iomem *)(reloc_page +
2688 (reloc_offset & (PAGE_SIZE - 1)));
2689 reloc_val = target_obj_priv->gtt_offset + reloc.delta;
2692 DRM_INFO("Applied relocation: %p@0x%08x %08x -> %08x\n",
2693 obj, (unsigned int) reloc.offset,
2694 readl(reloc_entry), reloc_val);
2696 writel(reloc_val, reloc_entry);
2697 io_mapping_unmap_atomic(reloc_page);
2699 /* Write the updated presumed offset for this entry back out
2702 reloc.presumed_offset = target_obj_priv->gtt_offset;
2703 ret = copy_to_user(relocs + i, &reloc, sizeof(reloc));
2705 drm_gem_object_unreference(target_obj);
2706 i915_gem_object_unpin(obj);
2710 drm_gem_object_unreference(target_obj);
2715 i915_gem_dump_object(obj, 128, __func__, ~0);
2720 /** Dispatch a batchbuffer to the ring
2723 i915_dispatch_gem_execbuffer(struct drm_device *dev,
2724 struct drm_i915_gem_execbuffer *exec,
2725 uint64_t exec_offset)
2727 drm_i915_private_t *dev_priv = dev->dev_private;
2728 struct drm_clip_rect __user *boxes = (struct drm_clip_rect __user *)
2729 (uintptr_t) exec->cliprects_ptr;
2730 int nbox = exec->num_cliprects;
2732 uint32_t exec_start, exec_len;
2735 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
2736 exec_len = (uint32_t) exec->batch_len;
2738 if ((exec_start | exec_len) & 0x7) {
2739 DRM_ERROR("alignment\n");
2746 count = nbox ? nbox : 1;
2748 for (i = 0; i < count; i++) {
2750 int ret = i915_emit_box(dev, boxes, i,
2751 exec->DR1, exec->DR4);
2756 if (IS_I830(dev) || IS_845G(dev)) {
2758 OUT_RING(MI_BATCH_BUFFER);
2759 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
2760 OUT_RING(exec_start + exec_len - 4);
2765 if (IS_I965G(dev)) {
2766 OUT_RING(MI_BATCH_BUFFER_START |
2768 MI_BATCH_NON_SECURE_I965);
2769 OUT_RING(exec_start);
2771 OUT_RING(MI_BATCH_BUFFER_START |
2773 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
2779 /* XXX breadcrumb */
2783 /* Throttle our rendering by waiting until the ring has completed our requests
2784 * emitted over 20 msec ago.
2786 * This should get us reasonable parallelism between CPU and GPU but also
2787 * relatively low latency when blocking on a particular request to finish.
2790 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file_priv)
2792 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
2796 mutex_lock(&dev->struct_mutex);
2797 seqno = i915_file_priv->mm.last_gem_throttle_seqno;
2798 i915_file_priv->mm.last_gem_throttle_seqno =
2799 i915_file_priv->mm.last_gem_seqno;
2801 ret = i915_wait_request(dev, seqno);
2802 mutex_unlock(&dev->struct_mutex);
2807 i915_gem_execbuffer(struct drm_device *dev, void *data,
2808 struct drm_file *file_priv)
2810 drm_i915_private_t *dev_priv = dev->dev_private;
2811 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
2812 struct drm_i915_gem_execbuffer *args = data;
2813 struct drm_i915_gem_exec_object *exec_list = NULL;
2814 struct drm_gem_object **object_list = NULL;
2815 struct drm_gem_object *batch_obj;
2816 struct drm_i915_gem_object *obj_priv;
2817 int ret, i, pinned = 0;
2818 uint64_t exec_offset;
2819 uint32_t seqno, flush_domains;
2823 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
2824 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
2827 if (args->buffer_count < 1) {
2828 DRM_ERROR("execbuf with %d buffers\n", args->buffer_count);
2831 /* Copy in the exec list from userland */
2832 exec_list = drm_calloc(sizeof(*exec_list), args->buffer_count,
2834 object_list = drm_calloc(sizeof(*object_list), args->buffer_count,
2836 if (exec_list == NULL || object_list == NULL) {
2837 DRM_ERROR("Failed to allocate exec or object list "
2839 args->buffer_count);
2843 ret = copy_from_user(exec_list,
2844 (struct drm_i915_relocation_entry __user *)
2845 (uintptr_t) args->buffers_ptr,
2846 sizeof(*exec_list) * args->buffer_count);
2848 DRM_ERROR("copy %d exec entries failed %d\n",
2849 args->buffer_count, ret);
2853 mutex_lock(&dev->struct_mutex);
2855 i915_verify_inactive(dev, __FILE__, __LINE__);
2857 if (dev_priv->mm.wedged) {
2858 DRM_ERROR("Execbuf while wedged\n");
2859 mutex_unlock(&dev->struct_mutex);
2864 if (dev_priv->mm.suspended) {
2865 DRM_ERROR("Execbuf while VT-switched.\n");
2866 mutex_unlock(&dev->struct_mutex);
2871 /* Look up object handles */
2872 for (i = 0; i < args->buffer_count; i++) {
2873 object_list[i] = drm_gem_object_lookup(dev, file_priv,
2874 exec_list[i].handle);
2875 if (object_list[i] == NULL) {
2876 DRM_ERROR("Invalid object handle %d at index %d\n",
2877 exec_list[i].handle, i);
2882 obj_priv = object_list[i]->driver_private;
2883 if (obj_priv->in_execbuffer) {
2884 DRM_ERROR("Object %p appears more than once in object list\n",
2889 obj_priv->in_execbuffer = true;
2892 /* Pin and relocate */
2893 for (pin_tries = 0; ; pin_tries++) {
2895 for (i = 0; i < args->buffer_count; i++) {
2896 object_list[i]->pending_read_domains = 0;
2897 object_list[i]->pending_write_domain = 0;
2898 ret = i915_gem_object_pin_and_relocate(object_list[i],
2909 /* error other than GTT full, or we've already tried again */
2910 if (ret != -ENOMEM || pin_tries >= 1) {
2911 if (ret != -ERESTARTSYS)
2912 DRM_ERROR("Failed to pin buffers %d\n", ret);
2916 /* unpin all of our buffers */
2917 for (i = 0; i < pinned; i++)
2918 i915_gem_object_unpin(object_list[i]);
2921 /* evict everyone we can from the aperture */
2922 ret = i915_gem_evict_everything(dev);
2927 /* Set the pending read domains for the batch buffer to COMMAND */
2928 batch_obj = object_list[args->buffer_count-1];
2929 batch_obj->pending_read_domains = I915_GEM_DOMAIN_COMMAND;
2930 batch_obj->pending_write_domain = 0;
2932 i915_verify_inactive(dev, __FILE__, __LINE__);
2934 /* Zero the global flush/invalidate flags. These
2935 * will be modified as new domains are computed
2938 dev->invalidate_domains = 0;
2939 dev->flush_domains = 0;
2941 for (i = 0; i < args->buffer_count; i++) {
2942 struct drm_gem_object *obj = object_list[i];
2944 /* Compute new gpu domains and update invalidate/flush */
2945 i915_gem_object_set_to_gpu_domain(obj);
2948 i915_verify_inactive(dev, __FILE__, __LINE__);
2950 if (dev->invalidate_domains | dev->flush_domains) {
2952 DRM_INFO("%s: invalidate_domains %08x flush_domains %08x\n",
2954 dev->invalidate_domains,
2955 dev->flush_domains);
2958 dev->invalidate_domains,
2959 dev->flush_domains);
2960 if (dev->flush_domains)
2961 (void)i915_add_request(dev, dev->flush_domains);
2964 for (i = 0; i < args->buffer_count; i++) {
2965 struct drm_gem_object *obj = object_list[i];
2967 obj->write_domain = obj->pending_write_domain;
2970 i915_verify_inactive(dev, __FILE__, __LINE__);
2973 for (i = 0; i < args->buffer_count; i++) {
2974 i915_gem_object_check_coherency(object_list[i],
2975 exec_list[i].handle);
2979 exec_offset = exec_list[args->buffer_count - 1].offset;
2982 i915_gem_dump_object(object_list[args->buffer_count - 1],
2988 /* Exec the batchbuffer */
2989 ret = i915_dispatch_gem_execbuffer(dev, args, exec_offset);
2991 DRM_ERROR("dispatch failed %d\n", ret);
2996 * Ensure that the commands in the batch buffer are
2997 * finished before the interrupt fires
2999 flush_domains = i915_retire_commands(dev);
3001 i915_verify_inactive(dev, __FILE__, __LINE__);
3004 * Get a seqno representing the execution of the current buffer,
3005 * which we can wait on. We would like to mitigate these interrupts,
3006 * likely by only creating seqnos occasionally (so that we have
3007 * *some* interrupts representing completion of buffers that we can
3008 * wait on when trying to clear up gtt space).
3010 seqno = i915_add_request(dev, flush_domains);
3012 i915_file_priv->mm.last_gem_seqno = seqno;
3013 for (i = 0; i < args->buffer_count; i++) {
3014 struct drm_gem_object *obj = object_list[i];
3016 i915_gem_object_move_to_active(obj, seqno);
3018 DRM_INFO("%s: move to exec list %p\n", __func__, obj);
3022 i915_dump_lru(dev, __func__);
3025 i915_verify_inactive(dev, __FILE__, __LINE__);
3028 for (i = 0; i < pinned; i++)
3029 i915_gem_object_unpin(object_list[i]);
3031 for (i = 0; i < args->buffer_count; i++) {
3032 if (object_list[i]) {
3033 obj_priv = object_list[i]->driver_private;
3034 obj_priv->in_execbuffer = false;
3036 drm_gem_object_unreference(object_list[i]);
3039 mutex_unlock(&dev->struct_mutex);
3042 /* Copy the new buffer offsets back to the user's exec list. */
3043 ret = copy_to_user((struct drm_i915_relocation_entry __user *)
3044 (uintptr_t) args->buffers_ptr,
3046 sizeof(*exec_list) * args->buffer_count);
3048 DRM_ERROR("failed to copy %d exec entries "
3049 "back to user (%d)\n",
3050 args->buffer_count, ret);
3054 drm_free(object_list, sizeof(*object_list) * args->buffer_count,
3056 drm_free(exec_list, sizeof(*exec_list) * args->buffer_count,
3063 i915_gem_object_pin(struct drm_gem_object *obj, uint32_t alignment)
3065 struct drm_device *dev = obj->dev;
3066 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3069 i915_verify_inactive(dev, __FILE__, __LINE__);
3070 if (obj_priv->gtt_space == NULL) {
3071 ret = i915_gem_object_bind_to_gtt(obj, alignment);
3073 if (ret != -EBUSY && ret != -ERESTARTSYS)
3074 DRM_ERROR("Failure to bind: %d\n", ret);
3079 * Pre-965 chips need a fence register set up in order to
3080 * properly handle tiled surfaces.
3082 if (!IS_I965G(dev) &&
3083 obj_priv->fence_reg == I915_FENCE_REG_NONE &&
3084 obj_priv->tiling_mode != I915_TILING_NONE) {
3085 ret = i915_gem_object_get_fence_reg(obj, true);
3087 if (ret != -EBUSY && ret != -ERESTARTSYS)
3088 DRM_ERROR("Failure to install fence: %d\n",
3093 obj_priv->pin_count++;
3095 /* If the object is not active and not pending a flush,
3096 * remove it from the inactive list
3098 if (obj_priv->pin_count == 1) {
3099 atomic_inc(&dev->pin_count);
3100 atomic_add(obj->size, &dev->pin_memory);
3101 if (!obj_priv->active &&
3102 (obj->write_domain & ~(I915_GEM_DOMAIN_CPU |
3103 I915_GEM_DOMAIN_GTT)) == 0 &&
3104 !list_empty(&obj_priv->list))
3105 list_del_init(&obj_priv->list);
3107 i915_verify_inactive(dev, __FILE__, __LINE__);
3113 i915_gem_object_unpin(struct drm_gem_object *obj)
3115 struct drm_device *dev = obj->dev;
3116 drm_i915_private_t *dev_priv = dev->dev_private;
3117 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3119 i915_verify_inactive(dev, __FILE__, __LINE__);
3120 obj_priv->pin_count--;
3121 BUG_ON(obj_priv->pin_count < 0);
3122 BUG_ON(obj_priv->gtt_space == NULL);
3124 /* If the object is no longer pinned, and is
3125 * neither active nor being flushed, then stick it on
3128 if (obj_priv->pin_count == 0) {
3129 if (!obj_priv->active &&
3130 (obj->write_domain & ~(I915_GEM_DOMAIN_CPU |
3131 I915_GEM_DOMAIN_GTT)) == 0)
3132 list_move_tail(&obj_priv->list,
3133 &dev_priv->mm.inactive_list);
3134 atomic_dec(&dev->pin_count);
3135 atomic_sub(obj->size, &dev->pin_memory);
3137 i915_verify_inactive(dev, __FILE__, __LINE__);
3141 i915_gem_pin_ioctl(struct drm_device *dev, void *data,
3142 struct drm_file *file_priv)
3144 struct drm_i915_gem_pin *args = data;
3145 struct drm_gem_object *obj;
3146 struct drm_i915_gem_object *obj_priv;
3149 mutex_lock(&dev->struct_mutex);
3151 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3153 DRM_ERROR("Bad handle in i915_gem_pin_ioctl(): %d\n",
3155 mutex_unlock(&dev->struct_mutex);
3158 obj_priv = obj->driver_private;
3160 if (obj_priv->pin_filp != NULL && obj_priv->pin_filp != file_priv) {
3161 DRM_ERROR("Already pinned in i915_gem_pin_ioctl(): %d\n",
3163 drm_gem_object_unreference(obj);
3164 mutex_unlock(&dev->struct_mutex);
3168 obj_priv->user_pin_count++;
3169 obj_priv->pin_filp = file_priv;
3170 if (obj_priv->user_pin_count == 1) {
3171 ret = i915_gem_object_pin(obj, args->alignment);
3173 drm_gem_object_unreference(obj);
3174 mutex_unlock(&dev->struct_mutex);
3179 /* XXX - flush the CPU caches for pinned objects
3180 * as the X server doesn't manage domains yet
3182 i915_gem_object_flush_cpu_write_domain(obj);
3183 args->offset = obj_priv->gtt_offset;
3184 drm_gem_object_unreference(obj);
3185 mutex_unlock(&dev->struct_mutex);
3191 i915_gem_unpin_ioctl(struct drm_device *dev, void *data,
3192 struct drm_file *file_priv)
3194 struct drm_i915_gem_pin *args = data;
3195 struct drm_gem_object *obj;
3196 struct drm_i915_gem_object *obj_priv;
3198 mutex_lock(&dev->struct_mutex);
3200 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3202 DRM_ERROR("Bad handle in i915_gem_unpin_ioctl(): %d\n",
3204 mutex_unlock(&dev->struct_mutex);
3208 obj_priv = obj->driver_private;
3209 if (obj_priv->pin_filp != file_priv) {
3210 DRM_ERROR("Not pinned by caller in i915_gem_pin_ioctl(): %d\n",
3212 drm_gem_object_unreference(obj);
3213 mutex_unlock(&dev->struct_mutex);
3216 obj_priv->user_pin_count--;
3217 if (obj_priv->user_pin_count == 0) {
3218 obj_priv->pin_filp = NULL;
3219 i915_gem_object_unpin(obj);
3222 drm_gem_object_unreference(obj);
3223 mutex_unlock(&dev->struct_mutex);
3228 i915_gem_busy_ioctl(struct drm_device *dev, void *data,
3229 struct drm_file *file_priv)
3231 struct drm_i915_gem_busy *args = data;
3232 struct drm_gem_object *obj;
3233 struct drm_i915_gem_object *obj_priv;
3235 mutex_lock(&dev->struct_mutex);
3236 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3238 DRM_ERROR("Bad handle in i915_gem_busy_ioctl(): %d\n",
3240 mutex_unlock(&dev->struct_mutex);
3244 /* Update the active list for the hardware's current position.
3245 * Otherwise this only updates on a delayed timer or when irqs are
3246 * actually unmasked, and our working set ends up being larger than
3249 i915_gem_retire_requests(dev);
3251 obj_priv = obj->driver_private;
3252 /* Don't count being on the flushing list against the object being
3253 * done. Otherwise, a buffer left on the flushing list but not getting
3254 * flushed (because nobody's flushing that domain) won't ever return
3255 * unbusy and get reused by libdrm's bo cache. The other expected
3256 * consumer of this interface, OpenGL's occlusion queries, also specs
3257 * that the objects get unbusy "eventually" without any interference.
3259 args->busy = obj_priv->active && obj_priv->last_rendering_seqno != 0;
3261 drm_gem_object_unreference(obj);
3262 mutex_unlock(&dev->struct_mutex);
3267 i915_gem_throttle_ioctl(struct drm_device *dev, void *data,
3268 struct drm_file *file_priv)
3270 return i915_gem_ring_throttle(dev, file_priv);
3273 int i915_gem_init_object(struct drm_gem_object *obj)
3275 struct drm_i915_gem_object *obj_priv;
3277 obj_priv = drm_calloc(1, sizeof(*obj_priv), DRM_MEM_DRIVER);
3278 if (obj_priv == NULL)
3282 * We've just allocated pages from the kernel,
3283 * so they've just been written by the CPU with
3284 * zeros. They'll need to be clflushed before we
3285 * use them with the GPU.
3287 obj->write_domain = I915_GEM_DOMAIN_CPU;
3288 obj->read_domains = I915_GEM_DOMAIN_CPU;
3290 obj_priv->agp_type = AGP_USER_MEMORY;
3292 obj->driver_private = obj_priv;
3293 obj_priv->obj = obj;
3294 obj_priv->fence_reg = I915_FENCE_REG_NONE;
3295 INIT_LIST_HEAD(&obj_priv->list);
3300 void i915_gem_free_object(struct drm_gem_object *obj)
3302 struct drm_device *dev = obj->dev;
3303 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3305 while (obj_priv->pin_count > 0)
3306 i915_gem_object_unpin(obj);
3308 if (obj_priv->phys_obj)
3309 i915_gem_detach_phys_object(dev, obj);
3311 i915_gem_object_unbind(obj);
3313 i915_gem_free_mmap_offset(obj);
3315 drm_free(obj_priv->page_cpu_valid, 1, DRM_MEM_DRIVER);
3316 drm_free(obj->driver_private, 1, DRM_MEM_DRIVER);
3319 /** Unbinds all objects that are on the given buffer list. */
3321 i915_gem_evict_from_list(struct drm_device *dev, struct list_head *head)
3323 struct drm_gem_object *obj;
3324 struct drm_i915_gem_object *obj_priv;
3327 while (!list_empty(head)) {
3328 obj_priv = list_first_entry(head,
3329 struct drm_i915_gem_object,
3331 obj = obj_priv->obj;
3333 if (obj_priv->pin_count != 0) {
3334 DRM_ERROR("Pinned object in unbind list\n");
3335 mutex_unlock(&dev->struct_mutex);
3339 ret = i915_gem_object_unbind(obj);
3341 DRM_ERROR("Error unbinding object in LeaveVT: %d\n",
3343 mutex_unlock(&dev->struct_mutex);
3353 i915_gem_idle(struct drm_device *dev)
3355 drm_i915_private_t *dev_priv = dev->dev_private;
3356 uint32_t seqno, cur_seqno, last_seqno;
3359 mutex_lock(&dev->struct_mutex);
3361 if (dev_priv->mm.suspended || dev_priv->ring.ring_obj == NULL) {
3362 mutex_unlock(&dev->struct_mutex);
3366 /* Hack! Don't let anybody do execbuf while we don't control the chip.
3367 * We need to replace this with a semaphore, or something.
3369 dev_priv->mm.suspended = 1;
3371 /* Cancel the retire work handler, wait for it to finish if running
3373 mutex_unlock(&dev->struct_mutex);
3374 cancel_delayed_work_sync(&dev_priv->mm.retire_work);
3375 mutex_lock(&dev->struct_mutex);
3377 i915_kernel_lost_context(dev);
3379 /* Flush the GPU along with all non-CPU write domains
3381 i915_gem_flush(dev, ~(I915_GEM_DOMAIN_CPU|I915_GEM_DOMAIN_GTT),
3382 ~(I915_GEM_DOMAIN_CPU|I915_GEM_DOMAIN_GTT));
3383 seqno = i915_add_request(dev, ~I915_GEM_DOMAIN_CPU);
3386 mutex_unlock(&dev->struct_mutex);
3390 dev_priv->mm.waiting_gem_seqno = seqno;
3394 cur_seqno = i915_get_gem_seqno(dev);
3395 if (i915_seqno_passed(cur_seqno, seqno))
3397 if (last_seqno == cur_seqno) {
3398 if (stuck++ > 100) {
3399 DRM_ERROR("hardware wedged\n");
3400 dev_priv->mm.wedged = 1;
3401 DRM_WAKEUP(&dev_priv->irq_queue);
3406 last_seqno = cur_seqno;
3408 dev_priv->mm.waiting_gem_seqno = 0;
3410 i915_gem_retire_requests(dev);
3412 if (!dev_priv->mm.wedged) {
3413 /* Active and flushing should now be empty as we've
3414 * waited for a sequence higher than any pending execbuffer
3416 WARN_ON(!list_empty(&dev_priv->mm.active_list));
3417 WARN_ON(!list_empty(&dev_priv->mm.flushing_list));
3418 /* Request should now be empty as we've also waited
3419 * for the last request in the list
3421 WARN_ON(!list_empty(&dev_priv->mm.request_list));
3424 /* Empty the active and flushing lists to inactive. If there's
3425 * anything left at this point, it means that we're wedged and
3426 * nothing good's going to happen by leaving them there. So strip
3427 * the GPU domains and just stuff them onto inactive.
3429 while (!list_empty(&dev_priv->mm.active_list)) {
3430 struct drm_i915_gem_object *obj_priv;
3432 obj_priv = list_first_entry(&dev_priv->mm.active_list,
3433 struct drm_i915_gem_object,
3435 obj_priv->obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
3436 i915_gem_object_move_to_inactive(obj_priv->obj);
3439 while (!list_empty(&dev_priv->mm.flushing_list)) {
3440 struct drm_i915_gem_object *obj_priv;
3442 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
3443 struct drm_i915_gem_object,
3445 obj_priv->obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
3446 i915_gem_object_move_to_inactive(obj_priv->obj);
3450 /* Move all inactive buffers out of the GTT. */
3451 ret = i915_gem_evict_from_list(dev, &dev_priv->mm.inactive_list);
3452 WARN_ON(!list_empty(&dev_priv->mm.inactive_list));
3454 mutex_unlock(&dev->struct_mutex);
3458 i915_gem_cleanup_ringbuffer(dev);
3459 mutex_unlock(&dev->struct_mutex);
3465 i915_gem_init_hws(struct drm_device *dev)
3467 drm_i915_private_t *dev_priv = dev->dev_private;
3468 struct drm_gem_object *obj;
3469 struct drm_i915_gem_object *obj_priv;
3472 /* If we need a physical address for the status page, it's already
3473 * initialized at driver load time.
3475 if (!I915_NEED_GFX_HWS(dev))
3478 obj = drm_gem_object_alloc(dev, 4096);
3480 DRM_ERROR("Failed to allocate status page\n");
3483 obj_priv = obj->driver_private;
3484 obj_priv->agp_type = AGP_USER_CACHED_MEMORY;
3486 ret = i915_gem_object_pin(obj, 4096);
3488 drm_gem_object_unreference(obj);
3492 dev_priv->status_gfx_addr = obj_priv->gtt_offset;
3494 dev_priv->hw_status_page = kmap(obj_priv->pages[0]);
3495 if (dev_priv->hw_status_page == NULL) {
3496 DRM_ERROR("Failed to map status page.\n");
3497 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
3498 i915_gem_object_unpin(obj);
3499 drm_gem_object_unreference(obj);
3502 dev_priv->hws_obj = obj;
3503 memset(dev_priv->hw_status_page, 0, PAGE_SIZE);
3504 I915_WRITE(HWS_PGA, dev_priv->status_gfx_addr);
3505 I915_READ(HWS_PGA); /* posting read */
3506 DRM_DEBUG("hws offset: 0x%08x\n", dev_priv->status_gfx_addr);
3512 i915_gem_cleanup_hws(struct drm_device *dev)
3514 drm_i915_private_t *dev_priv = dev->dev_private;
3515 struct drm_gem_object *obj;
3516 struct drm_i915_gem_object *obj_priv;
3518 if (dev_priv->hws_obj == NULL)
3521 obj = dev_priv->hws_obj;
3522 obj_priv = obj->driver_private;
3524 kunmap(obj_priv->pages[0]);
3525 i915_gem_object_unpin(obj);
3526 drm_gem_object_unreference(obj);
3527 dev_priv->hws_obj = NULL;
3529 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
3530 dev_priv->hw_status_page = NULL;
3532 /* Write high address into HWS_PGA when disabling. */
3533 I915_WRITE(HWS_PGA, 0x1ffff000);
3537 i915_gem_init_ringbuffer(struct drm_device *dev)
3539 drm_i915_private_t *dev_priv = dev->dev_private;
3540 struct drm_gem_object *obj;
3541 struct drm_i915_gem_object *obj_priv;
3542 drm_i915_ring_buffer_t *ring = &dev_priv->ring;
3546 ret = i915_gem_init_hws(dev);
3550 obj = drm_gem_object_alloc(dev, 128 * 1024);
3552 DRM_ERROR("Failed to allocate ringbuffer\n");
3553 i915_gem_cleanup_hws(dev);
3556 obj_priv = obj->driver_private;
3558 ret = i915_gem_object_pin(obj, 4096);
3560 drm_gem_object_unreference(obj);
3561 i915_gem_cleanup_hws(dev);
3565 /* Set up the kernel mapping for the ring. */
3566 ring->Size = obj->size;
3567 ring->tail_mask = obj->size - 1;
3569 ring->map.offset = dev->agp->base + obj_priv->gtt_offset;
3570 ring->map.size = obj->size;
3572 ring->map.flags = 0;
3575 drm_core_ioremap_wc(&ring->map, dev);
3576 if (ring->map.handle == NULL) {
3577 DRM_ERROR("Failed to map ringbuffer.\n");
3578 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
3579 i915_gem_object_unpin(obj);
3580 drm_gem_object_unreference(obj);
3581 i915_gem_cleanup_hws(dev);
3584 ring->ring_obj = obj;
3585 ring->virtual_start = ring->map.handle;
3587 /* Stop the ring if it's running. */
3588 I915_WRITE(PRB0_CTL, 0);
3589 I915_WRITE(PRB0_TAIL, 0);
3590 I915_WRITE(PRB0_HEAD, 0);
3592 /* Initialize the ring. */
3593 I915_WRITE(PRB0_START, obj_priv->gtt_offset);
3594 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
3596 /* G45 ring initialization fails to reset head to zero */
3598 DRM_ERROR("Ring head not reset to zero "
3599 "ctl %08x head %08x tail %08x start %08x\n",
3600 I915_READ(PRB0_CTL),
3601 I915_READ(PRB0_HEAD),
3602 I915_READ(PRB0_TAIL),
3603 I915_READ(PRB0_START));
3604 I915_WRITE(PRB0_HEAD, 0);
3606 DRM_ERROR("Ring head forced to zero "
3607 "ctl %08x head %08x tail %08x start %08x\n",
3608 I915_READ(PRB0_CTL),
3609 I915_READ(PRB0_HEAD),
3610 I915_READ(PRB0_TAIL),
3611 I915_READ(PRB0_START));
3614 I915_WRITE(PRB0_CTL,
3615 ((obj->size - 4096) & RING_NR_PAGES) |
3619 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
3621 /* If the head is still not zero, the ring is dead */
3623 DRM_ERROR("Ring initialization failed "
3624 "ctl %08x head %08x tail %08x start %08x\n",
3625 I915_READ(PRB0_CTL),
3626 I915_READ(PRB0_HEAD),
3627 I915_READ(PRB0_TAIL),
3628 I915_READ(PRB0_START));
3632 /* Update our cache of the ring state */
3633 if (!drm_core_check_feature(dev, DRIVER_MODESET))
3634 i915_kernel_lost_context(dev);
3636 ring->head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
3637 ring->tail = I915_READ(PRB0_TAIL) & TAIL_ADDR;
3638 ring->space = ring->head - (ring->tail + 8);
3639 if (ring->space < 0)
3640 ring->space += ring->Size;
3647 i915_gem_cleanup_ringbuffer(struct drm_device *dev)
3649 drm_i915_private_t *dev_priv = dev->dev_private;
3651 if (dev_priv->ring.ring_obj == NULL)
3654 drm_core_ioremapfree(&dev_priv->ring.map, dev);
3656 i915_gem_object_unpin(dev_priv->ring.ring_obj);
3657 drm_gem_object_unreference(dev_priv->ring.ring_obj);
3658 dev_priv->ring.ring_obj = NULL;
3659 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
3661 i915_gem_cleanup_hws(dev);
3665 i915_gem_entervt_ioctl(struct drm_device *dev, void *data,
3666 struct drm_file *file_priv)
3668 drm_i915_private_t *dev_priv = dev->dev_private;
3671 if (drm_core_check_feature(dev, DRIVER_MODESET))
3674 if (dev_priv->mm.wedged) {
3675 DRM_ERROR("Reenabling wedged hardware, good luck\n");
3676 dev_priv->mm.wedged = 0;
3679 mutex_lock(&dev->struct_mutex);
3680 dev_priv->mm.suspended = 0;
3682 ret = i915_gem_init_ringbuffer(dev);
3686 BUG_ON(!list_empty(&dev_priv->mm.active_list));
3687 BUG_ON(!list_empty(&dev_priv->mm.flushing_list));
3688 BUG_ON(!list_empty(&dev_priv->mm.inactive_list));
3689 BUG_ON(!list_empty(&dev_priv->mm.request_list));
3690 mutex_unlock(&dev->struct_mutex);
3692 drm_irq_install(dev);
3698 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data,
3699 struct drm_file *file_priv)
3703 if (drm_core_check_feature(dev, DRIVER_MODESET))
3706 ret = i915_gem_idle(dev);
3707 drm_irq_uninstall(dev);
3713 i915_gem_lastclose(struct drm_device *dev)
3717 if (drm_core_check_feature(dev, DRIVER_MODESET))
3720 ret = i915_gem_idle(dev);
3722 DRM_ERROR("failed to idle hardware: %d\n", ret);
3726 i915_gem_load(struct drm_device *dev)
3728 drm_i915_private_t *dev_priv = dev->dev_private;
3730 INIT_LIST_HEAD(&dev_priv->mm.active_list);
3731 INIT_LIST_HEAD(&dev_priv->mm.flushing_list);
3732 INIT_LIST_HEAD(&dev_priv->mm.inactive_list);
3733 INIT_LIST_HEAD(&dev_priv->mm.request_list);
3734 INIT_DELAYED_WORK(&dev_priv->mm.retire_work,
3735 i915_gem_retire_work_handler);
3736 dev_priv->mm.next_gem_seqno = 1;
3738 /* Old X drivers will take 0-2 for front, back, depth buffers */
3739 dev_priv->fence_reg_start = 3;
3741 if (IS_I965G(dev) || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
3742 dev_priv->num_fence_regs = 16;
3744 dev_priv->num_fence_regs = 8;
3746 i915_gem_detect_bit_6_swizzle(dev);
3750 * Create a physically contiguous memory object for this object
3751 * e.g. for cursor + overlay regs
3753 int i915_gem_init_phys_object(struct drm_device *dev,
3756 drm_i915_private_t *dev_priv = dev->dev_private;
3757 struct drm_i915_gem_phys_object *phys_obj;
3760 if (dev_priv->mm.phys_objs[id - 1] || !size)
3763 phys_obj = drm_calloc(1, sizeof(struct drm_i915_gem_phys_object), DRM_MEM_DRIVER);
3769 phys_obj->handle = drm_pci_alloc(dev, size, 0, 0xffffffff);
3770 if (!phys_obj->handle) {
3775 set_memory_wc((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
3778 dev_priv->mm.phys_objs[id - 1] = phys_obj;
3782 drm_free(phys_obj, sizeof(struct drm_i915_gem_phys_object), DRM_MEM_DRIVER);
3786 void i915_gem_free_phys_object(struct drm_device *dev, int id)
3788 drm_i915_private_t *dev_priv = dev->dev_private;
3789 struct drm_i915_gem_phys_object *phys_obj;
3791 if (!dev_priv->mm.phys_objs[id - 1])
3794 phys_obj = dev_priv->mm.phys_objs[id - 1];
3795 if (phys_obj->cur_obj) {
3796 i915_gem_detach_phys_object(dev, phys_obj->cur_obj);
3800 set_memory_wb((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
3802 drm_pci_free(dev, phys_obj->handle);
3804 dev_priv->mm.phys_objs[id - 1] = NULL;
3807 void i915_gem_free_all_phys_object(struct drm_device *dev)
3811 for (i = I915_GEM_PHYS_CURSOR_0; i <= I915_MAX_PHYS_OBJECT; i++)
3812 i915_gem_free_phys_object(dev, i);
3815 void i915_gem_detach_phys_object(struct drm_device *dev,
3816 struct drm_gem_object *obj)
3818 struct drm_i915_gem_object *obj_priv;
3823 obj_priv = obj->driver_private;
3824 if (!obj_priv->phys_obj)
3827 ret = i915_gem_object_get_pages(obj);
3831 page_count = obj->size / PAGE_SIZE;
3833 for (i = 0; i < page_count; i++) {
3834 char *dst = kmap_atomic(obj_priv->pages[i], KM_USER0);
3835 char *src = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
3837 memcpy(dst, src, PAGE_SIZE);
3838 kunmap_atomic(dst, KM_USER0);
3840 drm_clflush_pages(obj_priv->pages, page_count);
3841 drm_agp_chipset_flush(dev);
3843 obj_priv->phys_obj->cur_obj = NULL;
3844 obj_priv->phys_obj = NULL;
3848 i915_gem_attach_phys_object(struct drm_device *dev,
3849 struct drm_gem_object *obj, int id)
3851 drm_i915_private_t *dev_priv = dev->dev_private;
3852 struct drm_i915_gem_object *obj_priv;
3857 if (id > I915_MAX_PHYS_OBJECT)
3860 obj_priv = obj->driver_private;
3862 if (obj_priv->phys_obj) {
3863 if (obj_priv->phys_obj->id == id)
3865 i915_gem_detach_phys_object(dev, obj);
3869 /* create a new object */
3870 if (!dev_priv->mm.phys_objs[id - 1]) {
3871 ret = i915_gem_init_phys_object(dev, id,
3874 DRM_ERROR("failed to init phys object %d size: %zu\n", id, obj->size);
3879 /* bind to the object */
3880 obj_priv->phys_obj = dev_priv->mm.phys_objs[id - 1];
3881 obj_priv->phys_obj->cur_obj = obj;
3883 ret = i915_gem_object_get_pages(obj);
3885 DRM_ERROR("failed to get page list\n");
3889 page_count = obj->size / PAGE_SIZE;
3891 for (i = 0; i < page_count; i++) {
3892 char *src = kmap_atomic(obj_priv->pages[i], KM_USER0);
3893 char *dst = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
3895 memcpy(dst, src, PAGE_SIZE);
3896 kunmap_atomic(src, KM_USER0);
3905 i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
3906 struct drm_i915_gem_pwrite *args,
3907 struct drm_file *file_priv)
3909 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3912 char __user *user_data;
3914 user_data = (char __user *) (uintptr_t) args->data_ptr;
3915 obj_addr = obj_priv->phys_obj->handle->vaddr + args->offset;
3917 DRM_DEBUG("obj_addr %p, %lld\n", obj_addr, args->size);
3918 ret = copy_from_user(obj_addr, user_data, args->size);
3922 drm_agp_chipset_flush(dev);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob