2 * Copyright © 2008 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
32 #include "intel_drv.h"
33 #include <linux/swap.h>
34 #include <linux/pci.h>
36 #define I915_GEM_GPU_DOMAINS (~(I915_GEM_DOMAIN_CPU | I915_GEM_DOMAIN_GTT))
38 static void i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj);
39 static void i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj);
40 static void i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj);
41 static int i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj,
43 static int i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
46 static void i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj);
47 static int i915_gem_object_wait_rendering(struct drm_gem_object *obj);
48 static int i915_gem_object_bind_to_gtt(struct drm_gem_object *obj,
50 static void i915_gem_clear_fence_reg(struct drm_gem_object *obj);
51 static int i915_gem_evict_something(struct drm_device *dev);
52 static int i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
53 struct drm_i915_gem_pwrite *args,
54 struct drm_file *file_priv);
56 static LIST_HEAD(shrink_list);
57 static DEFINE_SPINLOCK(shrink_list_lock);
59 int i915_gem_do_init(struct drm_device *dev, unsigned long start,
62 drm_i915_private_t *dev_priv = dev->dev_private;
65 (start & (PAGE_SIZE - 1)) != 0 ||
66 (end & (PAGE_SIZE - 1)) != 0) {
70 drm_mm_init(&dev_priv->mm.gtt_space, start,
73 dev->gtt_total = (uint32_t) (end - start);
79 i915_gem_init_ioctl(struct drm_device *dev, void *data,
80 struct drm_file *file_priv)
82 struct drm_i915_gem_init *args = data;
85 mutex_lock(&dev->struct_mutex);
86 ret = i915_gem_do_init(dev, args->gtt_start, args->gtt_end);
87 mutex_unlock(&dev->struct_mutex);
93 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data,
94 struct drm_file *file_priv)
96 struct drm_i915_gem_get_aperture *args = data;
98 if (!(dev->driver->driver_features & DRIVER_GEM))
101 args->aper_size = dev->gtt_total;
102 args->aper_available_size = (args->aper_size -
103 atomic_read(&dev->pin_memory));
110 * Creates a new mm object and returns a handle to it.
113 i915_gem_create_ioctl(struct drm_device *dev, void *data,
114 struct drm_file *file_priv)
116 struct drm_i915_gem_create *args = data;
117 struct drm_gem_object *obj;
121 args->size = roundup(args->size, PAGE_SIZE);
123 /* Allocate the new object */
124 obj = drm_gem_object_alloc(dev, args->size);
128 ret = drm_gem_handle_create(file_priv, obj, &handle);
129 mutex_lock(&dev->struct_mutex);
130 drm_gem_object_handle_unreference(obj);
131 mutex_unlock(&dev->struct_mutex);
136 args->handle = handle;
142 fast_shmem_read(struct page **pages,
143 loff_t page_base, int page_offset,
150 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT], KM_USER0);
153 unwritten = __copy_to_user_inatomic(data, vaddr + page_offset, length);
154 kunmap_atomic(vaddr, KM_USER0);
162 static int i915_gem_object_needs_bit17_swizzle(struct drm_gem_object *obj)
164 drm_i915_private_t *dev_priv = obj->dev->dev_private;
165 struct drm_i915_gem_object *obj_priv = obj->driver_private;
167 return dev_priv->mm.bit_6_swizzle_x == I915_BIT_6_SWIZZLE_9_10_17 &&
168 obj_priv->tiling_mode != I915_TILING_NONE;
172 slow_shmem_copy(struct page *dst_page,
174 struct page *src_page,
178 char *dst_vaddr, *src_vaddr;
180 dst_vaddr = kmap_atomic(dst_page, KM_USER0);
181 if (dst_vaddr == NULL)
184 src_vaddr = kmap_atomic(src_page, KM_USER1);
185 if (src_vaddr == NULL) {
186 kunmap_atomic(dst_vaddr, KM_USER0);
190 memcpy(dst_vaddr + dst_offset, src_vaddr + src_offset, length);
192 kunmap_atomic(src_vaddr, KM_USER1);
193 kunmap_atomic(dst_vaddr, KM_USER0);
199 slow_shmem_bit17_copy(struct page *gpu_page,
201 struct page *cpu_page,
206 char *gpu_vaddr, *cpu_vaddr;
208 /* Use the unswizzled path if this page isn't affected. */
209 if ((page_to_phys(gpu_page) & (1 << 17)) == 0) {
211 return slow_shmem_copy(cpu_page, cpu_offset,
212 gpu_page, gpu_offset, length);
214 return slow_shmem_copy(gpu_page, gpu_offset,
215 cpu_page, cpu_offset, length);
218 gpu_vaddr = kmap_atomic(gpu_page, KM_USER0);
219 if (gpu_vaddr == NULL)
222 cpu_vaddr = kmap_atomic(cpu_page, KM_USER1);
223 if (cpu_vaddr == NULL) {
224 kunmap_atomic(gpu_vaddr, KM_USER0);
228 /* Copy the data, XORing A6 with A17 (1). The user already knows he's
229 * XORing with the other bits (A9 for Y, A9 and A10 for X)
232 int cacheline_end = ALIGN(gpu_offset + 1, 64);
233 int this_length = min(cacheline_end - gpu_offset, length);
234 int swizzled_gpu_offset = gpu_offset ^ 64;
237 memcpy(cpu_vaddr + cpu_offset,
238 gpu_vaddr + swizzled_gpu_offset,
241 memcpy(gpu_vaddr + swizzled_gpu_offset,
242 cpu_vaddr + cpu_offset,
245 cpu_offset += this_length;
246 gpu_offset += this_length;
247 length -= this_length;
250 kunmap_atomic(cpu_vaddr, KM_USER1);
251 kunmap_atomic(gpu_vaddr, KM_USER0);
257 * This is the fast shmem pread path, which attempts to copy_from_user directly
258 * from the backing pages of the object to the user's address space. On a
259 * fault, it fails so we can fall back to i915_gem_shmem_pwrite_slow().
262 i915_gem_shmem_pread_fast(struct drm_device *dev, struct drm_gem_object *obj,
263 struct drm_i915_gem_pread *args,
264 struct drm_file *file_priv)
266 struct drm_i915_gem_object *obj_priv = obj->driver_private;
268 loff_t offset, page_base;
269 char __user *user_data;
270 int page_offset, page_length;
273 user_data = (char __user *) (uintptr_t) args->data_ptr;
276 mutex_lock(&dev->struct_mutex);
278 ret = i915_gem_object_get_pages(obj);
282 ret = i915_gem_object_set_cpu_read_domain_range(obj, args->offset,
287 obj_priv = obj->driver_private;
288 offset = args->offset;
291 /* Operation in this page
293 * page_base = page offset within aperture
294 * page_offset = offset within page
295 * page_length = bytes to copy for this page
297 page_base = (offset & ~(PAGE_SIZE-1));
298 page_offset = offset & (PAGE_SIZE-1);
299 page_length = remain;
300 if ((page_offset + remain) > PAGE_SIZE)
301 page_length = PAGE_SIZE - page_offset;
303 ret = fast_shmem_read(obj_priv->pages,
304 page_base, page_offset,
305 user_data, page_length);
309 remain -= page_length;
310 user_data += page_length;
311 offset += page_length;
315 i915_gem_object_put_pages(obj);
317 mutex_unlock(&dev->struct_mutex);
323 * This is the fallback shmem pread path, which allocates temporary storage
324 * in kernel space to copy_to_user into outside of the struct_mutex, so we
325 * can copy out of the object's backing pages while holding the struct mutex
326 * and not take page faults.
329 i915_gem_shmem_pread_slow(struct drm_device *dev, struct drm_gem_object *obj,
330 struct drm_i915_gem_pread *args,
331 struct drm_file *file_priv)
333 struct drm_i915_gem_object *obj_priv = obj->driver_private;
334 struct mm_struct *mm = current->mm;
335 struct page **user_pages;
337 loff_t offset, pinned_pages, i;
338 loff_t first_data_page, last_data_page, num_pages;
339 int shmem_page_index, shmem_page_offset;
340 int data_page_index, data_page_offset;
343 uint64_t data_ptr = args->data_ptr;
344 int do_bit17_swizzling;
348 /* Pin the user pages containing the data. We can't fault while
349 * holding the struct mutex, yet we want to hold it while
350 * dereferencing the user data.
352 first_data_page = data_ptr / PAGE_SIZE;
353 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
354 num_pages = last_data_page - first_data_page + 1;
356 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
357 if (user_pages == NULL)
360 down_read(&mm->mmap_sem);
361 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
362 num_pages, 1, 0, user_pages, NULL);
363 up_read(&mm->mmap_sem);
364 if (pinned_pages < num_pages) {
366 goto fail_put_user_pages;
369 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
371 mutex_lock(&dev->struct_mutex);
373 ret = i915_gem_object_get_pages(obj);
377 ret = i915_gem_object_set_cpu_read_domain_range(obj, args->offset,
382 obj_priv = obj->driver_private;
383 offset = args->offset;
386 /* Operation in this page
388 * shmem_page_index = page number within shmem file
389 * shmem_page_offset = offset within page in shmem file
390 * data_page_index = page number in get_user_pages return
391 * data_page_offset = offset with data_page_index page.
392 * page_length = bytes to copy for this page
394 shmem_page_index = offset / PAGE_SIZE;
395 shmem_page_offset = offset & ~PAGE_MASK;
396 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
397 data_page_offset = data_ptr & ~PAGE_MASK;
399 page_length = remain;
400 if ((shmem_page_offset + page_length) > PAGE_SIZE)
401 page_length = PAGE_SIZE - shmem_page_offset;
402 if ((data_page_offset + page_length) > PAGE_SIZE)
403 page_length = PAGE_SIZE - data_page_offset;
405 if (do_bit17_swizzling) {
406 ret = slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
408 user_pages[data_page_index],
413 ret = slow_shmem_copy(user_pages[data_page_index],
415 obj_priv->pages[shmem_page_index],
422 remain -= page_length;
423 data_ptr += page_length;
424 offset += page_length;
428 i915_gem_object_put_pages(obj);
430 mutex_unlock(&dev->struct_mutex);
432 for (i = 0; i < pinned_pages; i++) {
433 SetPageDirty(user_pages[i]);
434 page_cache_release(user_pages[i]);
436 drm_free_large(user_pages);
442 * Reads data from the object referenced by handle.
444 * On error, the contents of *data are undefined.
447 i915_gem_pread_ioctl(struct drm_device *dev, void *data,
448 struct drm_file *file_priv)
450 struct drm_i915_gem_pread *args = data;
451 struct drm_gem_object *obj;
452 struct drm_i915_gem_object *obj_priv;
455 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
458 obj_priv = obj->driver_private;
460 /* Bounds check source.
462 * XXX: This could use review for overflow issues...
464 if (args->offset > obj->size || args->size > obj->size ||
465 args->offset + args->size > obj->size) {
466 drm_gem_object_unreference(obj);
470 if (i915_gem_object_needs_bit17_swizzle(obj)) {
471 ret = i915_gem_shmem_pread_slow(dev, obj, args, file_priv);
473 ret = i915_gem_shmem_pread_fast(dev, obj, args, file_priv);
475 ret = i915_gem_shmem_pread_slow(dev, obj, args,
479 drm_gem_object_unreference(obj);
484 /* This is the fast write path which cannot handle
485 * page faults in the source data
489 fast_user_write(struct io_mapping *mapping,
490 loff_t page_base, int page_offset,
491 char __user *user_data,
495 unsigned long unwritten;
497 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base);
498 unwritten = __copy_from_user_inatomic_nocache(vaddr_atomic + page_offset,
500 io_mapping_unmap_atomic(vaddr_atomic);
506 /* Here's the write path which can sleep for
511 slow_kernel_write(struct io_mapping *mapping,
512 loff_t gtt_base, int gtt_offset,
513 struct page *user_page, int user_offset,
516 char *src_vaddr, *dst_vaddr;
517 unsigned long unwritten;
519 dst_vaddr = io_mapping_map_atomic_wc(mapping, gtt_base);
520 src_vaddr = kmap_atomic(user_page, KM_USER1);
521 unwritten = __copy_from_user_inatomic_nocache(dst_vaddr + gtt_offset,
522 src_vaddr + user_offset,
524 kunmap_atomic(src_vaddr, KM_USER1);
525 io_mapping_unmap_atomic(dst_vaddr);
532 fast_shmem_write(struct page **pages,
533 loff_t page_base, int page_offset,
538 unsigned long unwritten;
540 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT], KM_USER0);
543 unwritten = __copy_from_user_inatomic(vaddr + page_offset, data, length);
544 kunmap_atomic(vaddr, KM_USER0);
552 * This is the fast pwrite path, where we copy the data directly from the
553 * user into the GTT, uncached.
556 i915_gem_gtt_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
557 struct drm_i915_gem_pwrite *args,
558 struct drm_file *file_priv)
560 struct drm_i915_gem_object *obj_priv = obj->driver_private;
561 drm_i915_private_t *dev_priv = dev->dev_private;
563 loff_t offset, page_base;
564 char __user *user_data;
565 int page_offset, page_length;
568 user_data = (char __user *) (uintptr_t) args->data_ptr;
570 if (!access_ok(VERIFY_READ, user_data, remain))
574 mutex_lock(&dev->struct_mutex);
575 ret = i915_gem_object_pin(obj, 0);
577 mutex_unlock(&dev->struct_mutex);
580 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
584 obj_priv = obj->driver_private;
585 offset = obj_priv->gtt_offset + args->offset;
588 /* Operation in this page
590 * page_base = page offset within aperture
591 * page_offset = offset within page
592 * page_length = bytes to copy for this page
594 page_base = (offset & ~(PAGE_SIZE-1));
595 page_offset = offset & (PAGE_SIZE-1);
596 page_length = remain;
597 if ((page_offset + remain) > PAGE_SIZE)
598 page_length = PAGE_SIZE - page_offset;
600 ret = fast_user_write (dev_priv->mm.gtt_mapping, page_base,
601 page_offset, user_data, page_length);
603 /* If we get a fault while copying data, then (presumably) our
604 * source page isn't available. Return the error and we'll
605 * retry in the slow path.
610 remain -= page_length;
611 user_data += page_length;
612 offset += page_length;
616 i915_gem_object_unpin(obj);
617 mutex_unlock(&dev->struct_mutex);
623 * This is the fallback GTT pwrite path, which uses get_user_pages to pin
624 * the memory and maps it using kmap_atomic for copying.
626 * This code resulted in x11perf -rgb10text consuming about 10% more CPU
627 * than using i915_gem_gtt_pwrite_fast on a G45 (32-bit).
630 i915_gem_gtt_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
631 struct drm_i915_gem_pwrite *args,
632 struct drm_file *file_priv)
634 struct drm_i915_gem_object *obj_priv = obj->driver_private;
635 drm_i915_private_t *dev_priv = dev->dev_private;
637 loff_t gtt_page_base, offset;
638 loff_t first_data_page, last_data_page, num_pages;
639 loff_t pinned_pages, i;
640 struct page **user_pages;
641 struct mm_struct *mm = current->mm;
642 int gtt_page_offset, data_page_offset, data_page_index, page_length;
644 uint64_t data_ptr = args->data_ptr;
648 /* Pin the user pages containing the data. We can't fault while
649 * holding the struct mutex, and all of the pwrite implementations
650 * want to hold it while dereferencing the user data.
652 first_data_page = data_ptr / PAGE_SIZE;
653 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
654 num_pages = last_data_page - first_data_page + 1;
656 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
657 if (user_pages == NULL)
660 down_read(&mm->mmap_sem);
661 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
662 num_pages, 0, 0, user_pages, NULL);
663 up_read(&mm->mmap_sem);
664 if (pinned_pages < num_pages) {
666 goto out_unpin_pages;
669 mutex_lock(&dev->struct_mutex);
670 ret = i915_gem_object_pin(obj, 0);
674 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
676 goto out_unpin_object;
678 obj_priv = obj->driver_private;
679 offset = obj_priv->gtt_offset + args->offset;
682 /* Operation in this page
684 * gtt_page_base = page offset within aperture
685 * gtt_page_offset = offset within page in aperture
686 * data_page_index = page number in get_user_pages return
687 * data_page_offset = offset with data_page_index page.
688 * page_length = bytes to copy for this page
690 gtt_page_base = offset & PAGE_MASK;
691 gtt_page_offset = offset & ~PAGE_MASK;
692 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
693 data_page_offset = data_ptr & ~PAGE_MASK;
695 page_length = remain;
696 if ((gtt_page_offset + page_length) > PAGE_SIZE)
697 page_length = PAGE_SIZE - gtt_page_offset;
698 if ((data_page_offset + page_length) > PAGE_SIZE)
699 page_length = PAGE_SIZE - data_page_offset;
701 ret = slow_kernel_write(dev_priv->mm.gtt_mapping,
702 gtt_page_base, gtt_page_offset,
703 user_pages[data_page_index],
707 /* If we get a fault while copying data, then (presumably) our
708 * source page isn't available. Return the error and we'll
709 * retry in the slow path.
712 goto out_unpin_object;
714 remain -= page_length;
715 offset += page_length;
716 data_ptr += page_length;
720 i915_gem_object_unpin(obj);
722 mutex_unlock(&dev->struct_mutex);
724 for (i = 0; i < pinned_pages; i++)
725 page_cache_release(user_pages[i]);
726 drm_free_large(user_pages);
732 * This is the fast shmem pwrite path, which attempts to directly
733 * copy_from_user into the kmapped pages backing the object.
736 i915_gem_shmem_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
737 struct drm_i915_gem_pwrite *args,
738 struct drm_file *file_priv)
740 struct drm_i915_gem_object *obj_priv = obj->driver_private;
742 loff_t offset, page_base;
743 char __user *user_data;
744 int page_offset, page_length;
747 user_data = (char __user *) (uintptr_t) args->data_ptr;
750 mutex_lock(&dev->struct_mutex);
752 ret = i915_gem_object_get_pages(obj);
756 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
760 obj_priv = obj->driver_private;
761 offset = args->offset;
765 /* Operation in this page
767 * page_base = page offset within aperture
768 * page_offset = offset within page
769 * page_length = bytes to copy for this page
771 page_base = (offset & ~(PAGE_SIZE-1));
772 page_offset = offset & (PAGE_SIZE-1);
773 page_length = remain;
774 if ((page_offset + remain) > PAGE_SIZE)
775 page_length = PAGE_SIZE - page_offset;
777 ret = fast_shmem_write(obj_priv->pages,
778 page_base, page_offset,
779 user_data, page_length);
783 remain -= page_length;
784 user_data += page_length;
785 offset += page_length;
789 i915_gem_object_put_pages(obj);
791 mutex_unlock(&dev->struct_mutex);
797 * This is the fallback shmem pwrite path, which uses get_user_pages to pin
798 * the memory and maps it using kmap_atomic for copying.
800 * This avoids taking mmap_sem for faulting on the user's address while the
801 * struct_mutex is held.
804 i915_gem_shmem_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
805 struct drm_i915_gem_pwrite *args,
806 struct drm_file *file_priv)
808 struct drm_i915_gem_object *obj_priv = obj->driver_private;
809 struct mm_struct *mm = current->mm;
810 struct page **user_pages;
812 loff_t offset, pinned_pages, i;
813 loff_t first_data_page, last_data_page, num_pages;
814 int shmem_page_index, shmem_page_offset;
815 int data_page_index, data_page_offset;
818 uint64_t data_ptr = args->data_ptr;
819 int do_bit17_swizzling;
823 /* Pin the user pages containing the data. We can't fault while
824 * holding the struct mutex, and all of the pwrite implementations
825 * want to hold it while dereferencing the user data.
827 first_data_page = data_ptr / PAGE_SIZE;
828 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
829 num_pages = last_data_page - first_data_page + 1;
831 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
832 if (user_pages == NULL)
835 down_read(&mm->mmap_sem);
836 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
837 num_pages, 0, 0, user_pages, NULL);
838 up_read(&mm->mmap_sem);
839 if (pinned_pages < num_pages) {
841 goto fail_put_user_pages;
844 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
846 mutex_lock(&dev->struct_mutex);
848 ret = i915_gem_object_get_pages(obj);
852 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
856 obj_priv = obj->driver_private;
857 offset = args->offset;
861 /* Operation in this page
863 * shmem_page_index = page number within shmem file
864 * shmem_page_offset = offset within page in shmem file
865 * data_page_index = page number in get_user_pages return
866 * data_page_offset = offset with data_page_index page.
867 * page_length = bytes to copy for this page
869 shmem_page_index = offset / PAGE_SIZE;
870 shmem_page_offset = offset & ~PAGE_MASK;
871 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
872 data_page_offset = data_ptr & ~PAGE_MASK;
874 page_length = remain;
875 if ((shmem_page_offset + page_length) > PAGE_SIZE)
876 page_length = PAGE_SIZE - shmem_page_offset;
877 if ((data_page_offset + page_length) > PAGE_SIZE)
878 page_length = PAGE_SIZE - data_page_offset;
880 if (do_bit17_swizzling) {
881 ret = slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
883 user_pages[data_page_index],
888 ret = slow_shmem_copy(obj_priv->pages[shmem_page_index],
890 user_pages[data_page_index],
897 remain -= page_length;
898 data_ptr += page_length;
899 offset += page_length;
903 i915_gem_object_put_pages(obj);
905 mutex_unlock(&dev->struct_mutex);
907 for (i = 0; i < pinned_pages; i++)
908 page_cache_release(user_pages[i]);
909 drm_free_large(user_pages);
915 * Writes data to the object referenced by handle.
917 * On error, the contents of the buffer that were to be modified are undefined.
920 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data,
921 struct drm_file *file_priv)
923 struct drm_i915_gem_pwrite *args = data;
924 struct drm_gem_object *obj;
925 struct drm_i915_gem_object *obj_priv;
928 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
931 obj_priv = obj->driver_private;
933 /* Bounds check destination.
935 * XXX: This could use review for overflow issues...
937 if (args->offset > obj->size || args->size > obj->size ||
938 args->offset + args->size > obj->size) {
939 drm_gem_object_unreference(obj);
943 /* We can only do the GTT pwrite on untiled buffers, as otherwise
944 * it would end up going through the fenced access, and we'll get
945 * different detiling behavior between reading and writing.
946 * pread/pwrite currently are reading and writing from the CPU
947 * perspective, requiring manual detiling by the client.
949 if (obj_priv->phys_obj)
950 ret = i915_gem_phys_pwrite(dev, obj, args, file_priv);
951 else if (obj_priv->tiling_mode == I915_TILING_NONE &&
952 dev->gtt_total != 0) {
953 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file_priv);
954 if (ret == -EFAULT) {
955 ret = i915_gem_gtt_pwrite_slow(dev, obj, args,
958 } else if (i915_gem_object_needs_bit17_swizzle(obj)) {
959 ret = i915_gem_shmem_pwrite_slow(dev, obj, args, file_priv);
961 ret = i915_gem_shmem_pwrite_fast(dev, obj, args, file_priv);
962 if (ret == -EFAULT) {
963 ret = i915_gem_shmem_pwrite_slow(dev, obj, args,
970 DRM_INFO("pwrite failed %d\n", ret);
973 drm_gem_object_unreference(obj);
979 * Called when user space prepares to use an object with the CPU, either
980 * through the mmap ioctl's mapping or a GTT mapping.
983 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data,
984 struct drm_file *file_priv)
986 struct drm_i915_private *dev_priv = dev->dev_private;
987 struct drm_i915_gem_set_domain *args = data;
988 struct drm_gem_object *obj;
989 struct drm_i915_gem_object *obj_priv;
990 uint32_t read_domains = args->read_domains;
991 uint32_t write_domain = args->write_domain;
994 if (!(dev->driver->driver_features & DRIVER_GEM))
997 /* Only handle setting domains to types used by the CPU. */
998 if (write_domain & I915_GEM_GPU_DOMAINS)
1001 if (read_domains & I915_GEM_GPU_DOMAINS)
1004 /* Having something in the write domain implies it's in the read
1005 * domain, and only that read domain. Enforce that in the request.
1007 if (write_domain != 0 && read_domains != write_domain)
1010 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1013 obj_priv = obj->driver_private;
1015 mutex_lock(&dev->struct_mutex);
1017 intel_mark_busy(dev, obj);
1020 DRM_INFO("set_domain_ioctl %p(%zd), %08x %08x\n",
1021 obj, obj->size, read_domains, write_domain);
1023 if (read_domains & I915_GEM_DOMAIN_GTT) {
1024 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0);
1026 /* Update the LRU on the fence for the CPU access that's
1029 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
1030 list_move_tail(&obj_priv->fence_list,
1031 &dev_priv->mm.fence_list);
1034 /* Silently promote "you're not bound, there was nothing to do"
1035 * to success, since the client was just asking us to
1036 * make sure everything was done.
1041 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0);
1044 drm_gem_object_unreference(obj);
1045 mutex_unlock(&dev->struct_mutex);
1050 * Called when user space has done writes to this buffer
1053 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data,
1054 struct drm_file *file_priv)
1056 struct drm_i915_gem_sw_finish *args = data;
1057 struct drm_gem_object *obj;
1058 struct drm_i915_gem_object *obj_priv;
1061 if (!(dev->driver->driver_features & DRIVER_GEM))
1064 mutex_lock(&dev->struct_mutex);
1065 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1067 mutex_unlock(&dev->struct_mutex);
1072 DRM_INFO("%s: sw_finish %d (%p %zd)\n",
1073 __func__, args->handle, obj, obj->size);
1075 obj_priv = obj->driver_private;
1077 /* Pinned buffers may be scanout, so flush the cache */
1078 if (obj_priv->pin_count)
1079 i915_gem_object_flush_cpu_write_domain(obj);
1081 drm_gem_object_unreference(obj);
1082 mutex_unlock(&dev->struct_mutex);
1087 * Maps the contents of an object, returning the address it is mapped
1090 * While the mapping holds a reference on the contents of the object, it doesn't
1091 * imply a ref on the object itself.
1094 i915_gem_mmap_ioctl(struct drm_device *dev, void *data,
1095 struct drm_file *file_priv)
1097 struct drm_i915_gem_mmap *args = data;
1098 struct drm_gem_object *obj;
1102 if (!(dev->driver->driver_features & DRIVER_GEM))
1105 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1109 offset = args->offset;
1111 down_write(¤t->mm->mmap_sem);
1112 addr = do_mmap(obj->filp, 0, args->size,
1113 PROT_READ | PROT_WRITE, MAP_SHARED,
1115 up_write(¤t->mm->mmap_sem);
1116 mutex_lock(&dev->struct_mutex);
1117 drm_gem_object_unreference(obj);
1118 mutex_unlock(&dev->struct_mutex);
1119 if (IS_ERR((void *)addr))
1122 args->addr_ptr = (uint64_t) addr;
1128 * i915_gem_fault - fault a page into the GTT
1129 * vma: VMA in question
1132 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped
1133 * from userspace. The fault handler takes care of binding the object to
1134 * the GTT (if needed), allocating and programming a fence register (again,
1135 * only if needed based on whether the old reg is still valid or the object
1136 * is tiled) and inserting a new PTE into the faulting process.
1138 * Note that the faulting process may involve evicting existing objects
1139 * from the GTT and/or fence registers to make room. So performance may
1140 * suffer if the GTT working set is large or there are few fence registers
1143 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1145 struct drm_gem_object *obj = vma->vm_private_data;
1146 struct drm_device *dev = obj->dev;
1147 struct drm_i915_private *dev_priv = dev->dev_private;
1148 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1149 pgoff_t page_offset;
1152 bool write = !!(vmf->flags & FAULT_FLAG_WRITE);
1154 /* We don't use vmf->pgoff since that has the fake offset */
1155 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >>
1158 /* Now bind it into the GTT if needed */
1159 mutex_lock(&dev->struct_mutex);
1160 if (!obj_priv->gtt_space) {
1161 ret = i915_gem_object_bind_to_gtt(obj, 0);
1163 mutex_unlock(&dev->struct_mutex);
1164 return VM_FAULT_SIGBUS;
1166 list_add_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1168 ret = i915_gem_object_set_to_gtt_domain(obj, write);
1170 mutex_unlock(&dev->struct_mutex);
1171 return VM_FAULT_SIGBUS;
1175 /* Need a new fence register? */
1176 if (obj_priv->tiling_mode != I915_TILING_NONE) {
1177 ret = i915_gem_object_get_fence_reg(obj);
1179 mutex_unlock(&dev->struct_mutex);
1180 return VM_FAULT_SIGBUS;
1184 pfn = ((dev->agp->base + obj_priv->gtt_offset) >> PAGE_SHIFT) +
1187 /* Finally, remap it using the new GTT offset */
1188 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn);
1190 mutex_unlock(&dev->struct_mutex);
1195 return VM_FAULT_OOM;
1198 return VM_FAULT_SIGBUS;
1200 return VM_FAULT_NOPAGE;
1205 * i915_gem_create_mmap_offset - create a fake mmap offset for an object
1206 * @obj: obj in question
1208 * GEM memory mapping works by handing back to userspace a fake mmap offset
1209 * it can use in a subsequent mmap(2) call. The DRM core code then looks
1210 * up the object based on the offset and sets up the various memory mapping
1213 * This routine allocates and attaches a fake offset for @obj.
1216 i915_gem_create_mmap_offset(struct drm_gem_object *obj)
1218 struct drm_device *dev = obj->dev;
1219 struct drm_gem_mm *mm = dev->mm_private;
1220 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1221 struct drm_map_list *list;
1222 struct drm_local_map *map;
1225 /* Set the object up for mmap'ing */
1226 list = &obj->map_list;
1227 list->map = kzalloc(sizeof(struct drm_map_list), GFP_KERNEL);
1232 map->type = _DRM_GEM;
1233 map->size = obj->size;
1236 /* Get a DRM GEM mmap offset allocated... */
1237 list->file_offset_node = drm_mm_search_free(&mm->offset_manager,
1238 obj->size / PAGE_SIZE, 0, 0);
1239 if (!list->file_offset_node) {
1240 DRM_ERROR("failed to allocate offset for bo %d\n", obj->name);
1245 list->file_offset_node = drm_mm_get_block(list->file_offset_node,
1246 obj->size / PAGE_SIZE, 0);
1247 if (!list->file_offset_node) {
1252 list->hash.key = list->file_offset_node->start;
1253 if (drm_ht_insert_item(&mm->offset_hash, &list->hash)) {
1254 DRM_ERROR("failed to add to map hash\n");
1258 /* By now we should be all set, any drm_mmap request on the offset
1259 * below will get to our mmap & fault handler */
1260 obj_priv->mmap_offset = ((uint64_t) list->hash.key) << PAGE_SHIFT;
1265 drm_mm_put_block(list->file_offset_node);
1273 * i915_gem_release_mmap - remove physical page mappings
1274 * @obj: obj in question
1276 * Preserve the reservation of the mmaping with the DRM core code, but
1277 * relinquish ownership of the pages back to the system.
1279 * It is vital that we remove the page mapping if we have mapped a tiled
1280 * object through the GTT and then lose the fence register due to
1281 * resource pressure. Similarly if the object has been moved out of the
1282 * aperture, than pages mapped into userspace must be revoked. Removing the
1283 * mapping will then trigger a page fault on the next user access, allowing
1284 * fixup by i915_gem_fault().
1287 i915_gem_release_mmap(struct drm_gem_object *obj)
1289 struct drm_device *dev = obj->dev;
1290 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1292 if (dev->dev_mapping)
1293 unmap_mapping_range(dev->dev_mapping,
1294 obj_priv->mmap_offset, obj->size, 1);
1298 i915_gem_free_mmap_offset(struct drm_gem_object *obj)
1300 struct drm_device *dev = obj->dev;
1301 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1302 struct drm_gem_mm *mm = dev->mm_private;
1303 struct drm_map_list *list;
1305 list = &obj->map_list;
1306 drm_ht_remove_item(&mm->offset_hash, &list->hash);
1308 if (list->file_offset_node) {
1309 drm_mm_put_block(list->file_offset_node);
1310 list->file_offset_node = NULL;
1318 obj_priv->mmap_offset = 0;
1322 * i915_gem_get_gtt_alignment - return required GTT alignment for an object
1323 * @obj: object to check
1325 * Return the required GTT alignment for an object, taking into account
1326 * potential fence register mapping if needed.
1329 i915_gem_get_gtt_alignment(struct drm_gem_object *obj)
1331 struct drm_device *dev = obj->dev;
1332 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1336 * Minimum alignment is 4k (GTT page size), but might be greater
1337 * if a fence register is needed for the object.
1339 if (IS_I965G(dev) || obj_priv->tiling_mode == I915_TILING_NONE)
1343 * Previous chips need to be aligned to the size of the smallest
1344 * fence register that can contain the object.
1351 for (i = start; i < obj->size; i <<= 1)
1358 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing
1360 * @data: GTT mapping ioctl data
1361 * @file_priv: GEM object info
1363 * Simply returns the fake offset to userspace so it can mmap it.
1364 * The mmap call will end up in drm_gem_mmap(), which will set things
1365 * up so we can get faults in the handler above.
1367 * The fault handler will take care of binding the object into the GTT
1368 * (since it may have been evicted to make room for something), allocating
1369 * a fence register, and mapping the appropriate aperture address into
1373 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data,
1374 struct drm_file *file_priv)
1376 struct drm_i915_gem_mmap_gtt *args = data;
1377 struct drm_i915_private *dev_priv = dev->dev_private;
1378 struct drm_gem_object *obj;
1379 struct drm_i915_gem_object *obj_priv;
1382 if (!(dev->driver->driver_features & DRIVER_GEM))
1385 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1389 mutex_lock(&dev->struct_mutex);
1391 obj_priv = obj->driver_private;
1393 if (!obj_priv->mmap_offset) {
1394 ret = i915_gem_create_mmap_offset(obj);
1396 drm_gem_object_unreference(obj);
1397 mutex_unlock(&dev->struct_mutex);
1402 args->offset = obj_priv->mmap_offset;
1405 * Pull it into the GTT so that we have a page list (makes the
1406 * initial fault faster and any subsequent flushing possible).
1408 if (!obj_priv->agp_mem) {
1409 ret = i915_gem_object_bind_to_gtt(obj, 0);
1411 drm_gem_object_unreference(obj);
1412 mutex_unlock(&dev->struct_mutex);
1415 list_add_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1418 drm_gem_object_unreference(obj);
1419 mutex_unlock(&dev->struct_mutex);
1425 i915_gem_object_put_pages(struct drm_gem_object *obj)
1427 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1428 int page_count = obj->size / PAGE_SIZE;
1431 BUG_ON(obj_priv->pages_refcount == 0);
1433 if (--obj_priv->pages_refcount != 0)
1436 if (obj_priv->tiling_mode != I915_TILING_NONE)
1437 i915_gem_object_save_bit_17_swizzle(obj);
1439 if (obj_priv->madv == I915_MADV_DONTNEED)
1440 obj_priv->dirty = 0;
1442 for (i = 0; i < page_count; i++) {
1443 if (obj_priv->pages[i] == NULL)
1446 if (obj_priv->dirty)
1447 set_page_dirty(obj_priv->pages[i]);
1449 if (obj_priv->madv == I915_MADV_WILLNEED)
1450 mark_page_accessed(obj_priv->pages[i]);
1452 page_cache_release(obj_priv->pages[i]);
1454 obj_priv->dirty = 0;
1456 drm_free_large(obj_priv->pages);
1457 obj_priv->pages = NULL;
1461 i915_gem_object_move_to_active(struct drm_gem_object *obj, uint32_t seqno)
1463 struct drm_device *dev = obj->dev;
1464 drm_i915_private_t *dev_priv = dev->dev_private;
1465 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1467 /* Add a reference if we're newly entering the active list. */
1468 if (!obj_priv->active) {
1469 drm_gem_object_reference(obj);
1470 obj_priv->active = 1;
1472 /* Move from whatever list we were on to the tail of execution. */
1473 spin_lock(&dev_priv->mm.active_list_lock);
1474 list_move_tail(&obj_priv->list,
1475 &dev_priv->mm.active_list);
1476 spin_unlock(&dev_priv->mm.active_list_lock);
1477 obj_priv->last_rendering_seqno = seqno;
1481 i915_gem_object_move_to_flushing(struct drm_gem_object *obj)
1483 struct drm_device *dev = obj->dev;
1484 drm_i915_private_t *dev_priv = dev->dev_private;
1485 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1487 BUG_ON(!obj_priv->active);
1488 list_move_tail(&obj_priv->list, &dev_priv->mm.flushing_list);
1489 obj_priv->last_rendering_seqno = 0;
1493 i915_gem_object_move_to_inactive(struct drm_gem_object *obj)
1495 struct drm_device *dev = obj->dev;
1496 drm_i915_private_t *dev_priv = dev->dev_private;
1497 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1499 i915_verify_inactive(dev, __FILE__, __LINE__);
1500 if (obj_priv->pin_count != 0)
1501 list_del_init(&obj_priv->list);
1503 list_move_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1505 obj_priv->last_rendering_seqno = 0;
1506 if (obj_priv->active) {
1507 obj_priv->active = 0;
1508 drm_gem_object_unreference(obj);
1510 i915_verify_inactive(dev, __FILE__, __LINE__);
1514 * Creates a new sequence number, emitting a write of it to the status page
1515 * plus an interrupt, which will trigger i915_user_interrupt_handler.
1517 * Must be called with struct_lock held.
1519 * Returned sequence numbers are nonzero on success.
1522 i915_add_request(struct drm_device *dev, struct drm_file *file_priv,
1523 uint32_t flush_domains)
1525 drm_i915_private_t *dev_priv = dev->dev_private;
1526 struct drm_i915_file_private *i915_file_priv = NULL;
1527 struct drm_i915_gem_request *request;
1532 if (file_priv != NULL)
1533 i915_file_priv = file_priv->driver_priv;
1535 request = kzalloc(sizeof(*request), GFP_KERNEL);
1536 if (request == NULL)
1539 /* Grab the seqno we're going to make this request be, and bump the
1540 * next (skipping 0 so it can be the reserved no-seqno value).
1542 seqno = dev_priv->mm.next_gem_seqno;
1543 dev_priv->mm.next_gem_seqno++;
1544 if (dev_priv->mm.next_gem_seqno == 0)
1545 dev_priv->mm.next_gem_seqno++;
1548 OUT_RING(MI_STORE_DWORD_INDEX);
1549 OUT_RING(I915_GEM_HWS_INDEX << MI_STORE_DWORD_INDEX_SHIFT);
1552 OUT_RING(MI_USER_INTERRUPT);
1555 DRM_DEBUG("%d\n", seqno);
1557 request->seqno = seqno;
1558 request->emitted_jiffies = jiffies;
1559 was_empty = list_empty(&dev_priv->mm.request_list);
1560 list_add_tail(&request->list, &dev_priv->mm.request_list);
1561 if (i915_file_priv) {
1562 list_add_tail(&request->client_list,
1563 &i915_file_priv->mm.request_list);
1565 INIT_LIST_HEAD(&request->client_list);
1568 /* Associate any objects on the flushing list matching the write
1569 * domain we're flushing with our flush.
1571 if (flush_domains != 0) {
1572 struct drm_i915_gem_object *obj_priv, *next;
1574 list_for_each_entry_safe(obj_priv, next,
1575 &dev_priv->mm.flushing_list, list) {
1576 struct drm_gem_object *obj = obj_priv->obj;
1578 if ((obj->write_domain & flush_domains) ==
1579 obj->write_domain) {
1580 obj->write_domain = 0;
1581 i915_gem_object_move_to_active(obj, seqno);
1587 if (!dev_priv->mm.suspended) {
1588 mod_timer(&dev_priv->hangcheck_timer, jiffies + DRM_I915_HANGCHECK_PERIOD);
1590 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1596 * Command execution barrier
1598 * Ensures that all commands in the ring are finished
1599 * before signalling the CPU
1602 i915_retire_commands(struct drm_device *dev)
1604 drm_i915_private_t *dev_priv = dev->dev_private;
1605 uint32_t cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1606 uint32_t flush_domains = 0;
1609 /* The sampler always gets flushed on i965 (sigh) */
1611 flush_domains |= I915_GEM_DOMAIN_SAMPLER;
1614 OUT_RING(0); /* noop */
1616 return flush_domains;
1620 * Moves buffers associated only with the given active seqno from the active
1621 * to inactive list, potentially freeing them.
1624 i915_gem_retire_request(struct drm_device *dev,
1625 struct drm_i915_gem_request *request)
1627 drm_i915_private_t *dev_priv = dev->dev_private;
1629 /* Move any buffers on the active list that are no longer referenced
1630 * by the ringbuffer to the flushing/inactive lists as appropriate.
1632 spin_lock(&dev_priv->mm.active_list_lock);
1633 while (!list_empty(&dev_priv->mm.active_list)) {
1634 struct drm_gem_object *obj;
1635 struct drm_i915_gem_object *obj_priv;
1637 obj_priv = list_first_entry(&dev_priv->mm.active_list,
1638 struct drm_i915_gem_object,
1640 obj = obj_priv->obj;
1642 /* If the seqno being retired doesn't match the oldest in the
1643 * list, then the oldest in the list must still be newer than
1646 if (obj_priv->last_rendering_seqno != request->seqno)
1650 DRM_INFO("%s: retire %d moves to inactive list %p\n",
1651 __func__, request->seqno, obj);
1654 if (obj->write_domain != 0)
1655 i915_gem_object_move_to_flushing(obj);
1657 /* Take a reference on the object so it won't be
1658 * freed while the spinlock is held. The list
1659 * protection for this spinlock is safe when breaking
1660 * the lock like this since the next thing we do
1661 * is just get the head of the list again.
1663 drm_gem_object_reference(obj);
1664 i915_gem_object_move_to_inactive(obj);
1665 spin_unlock(&dev_priv->mm.active_list_lock);
1666 drm_gem_object_unreference(obj);
1667 spin_lock(&dev_priv->mm.active_list_lock);
1671 spin_unlock(&dev_priv->mm.active_list_lock);
1675 * Returns true if seq1 is later than seq2.
1678 i915_seqno_passed(uint32_t seq1, uint32_t seq2)
1680 return (int32_t)(seq1 - seq2) >= 0;
1684 i915_get_gem_seqno(struct drm_device *dev)
1686 drm_i915_private_t *dev_priv = dev->dev_private;
1688 return READ_HWSP(dev_priv, I915_GEM_HWS_INDEX);
1692 * This function clears the request list as sequence numbers are passed.
1695 i915_gem_retire_requests(struct drm_device *dev)
1697 drm_i915_private_t *dev_priv = dev->dev_private;
1700 if (!dev_priv->hw_status_page)
1703 seqno = i915_get_gem_seqno(dev);
1705 while (!list_empty(&dev_priv->mm.request_list)) {
1706 struct drm_i915_gem_request *request;
1707 uint32_t retiring_seqno;
1709 request = list_first_entry(&dev_priv->mm.request_list,
1710 struct drm_i915_gem_request,
1712 retiring_seqno = request->seqno;
1714 if (i915_seqno_passed(seqno, retiring_seqno) ||
1715 atomic_read(&dev_priv->mm.wedged)) {
1716 i915_gem_retire_request(dev, request);
1718 list_del(&request->list);
1719 list_del(&request->client_list);
1727 i915_gem_retire_work_handler(struct work_struct *work)
1729 drm_i915_private_t *dev_priv;
1730 struct drm_device *dev;
1732 dev_priv = container_of(work, drm_i915_private_t,
1733 mm.retire_work.work);
1734 dev = dev_priv->dev;
1736 mutex_lock(&dev->struct_mutex);
1737 i915_gem_retire_requests(dev);
1738 if (!dev_priv->mm.suspended &&
1739 !list_empty(&dev_priv->mm.request_list))
1740 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1741 mutex_unlock(&dev->struct_mutex);
1745 * Waits for a sequence number to be signaled, and cleans up the
1746 * request and object lists appropriately for that event.
1749 i915_wait_request(struct drm_device *dev, uint32_t seqno)
1751 drm_i915_private_t *dev_priv = dev->dev_private;
1757 if (atomic_read(&dev_priv->mm.wedged))
1760 if (!i915_seqno_passed(i915_get_gem_seqno(dev), seqno)) {
1762 ier = I915_READ(DEIER) | I915_READ(GTIER);
1764 ier = I915_READ(IER);
1766 DRM_ERROR("something (likely vbetool) disabled "
1767 "interrupts, re-enabling\n");
1768 i915_driver_irq_preinstall(dev);
1769 i915_driver_irq_postinstall(dev);
1772 dev_priv->mm.waiting_gem_seqno = seqno;
1773 i915_user_irq_get(dev);
1774 ret = wait_event_interruptible(dev_priv->irq_queue,
1775 i915_seqno_passed(i915_get_gem_seqno(dev),
1777 atomic_read(&dev_priv->mm.wedged));
1778 i915_user_irq_put(dev);
1779 dev_priv->mm.waiting_gem_seqno = 0;
1781 if (atomic_read(&dev_priv->mm.wedged))
1784 if (ret && ret != -ERESTARTSYS)
1785 DRM_ERROR("%s returns %d (awaiting %d at %d)\n",
1786 __func__, ret, seqno, i915_get_gem_seqno(dev));
1788 /* Directly dispatch request retiring. While we have the work queue
1789 * to handle this, the waiter on a request often wants an associated
1790 * buffer to have made it to the inactive list, and we would need
1791 * a separate wait queue to handle that.
1794 i915_gem_retire_requests(dev);
1800 i915_gem_flush(struct drm_device *dev,
1801 uint32_t invalidate_domains,
1802 uint32_t flush_domains)
1804 drm_i915_private_t *dev_priv = dev->dev_private;
1809 DRM_INFO("%s: invalidate %08x flush %08x\n", __func__,
1810 invalidate_domains, flush_domains);
1813 if (flush_domains & I915_GEM_DOMAIN_CPU)
1814 drm_agp_chipset_flush(dev);
1816 if ((invalidate_domains | flush_domains) & I915_GEM_GPU_DOMAINS) {
1818 * read/write caches:
1820 * I915_GEM_DOMAIN_RENDER is always invalidated, but is
1821 * only flushed if MI_NO_WRITE_FLUSH is unset. On 965, it is
1822 * also flushed at 2d versus 3d pipeline switches.
1826 * I915_GEM_DOMAIN_SAMPLER is flushed on pre-965 if
1827 * MI_READ_FLUSH is set, and is always flushed on 965.
1829 * I915_GEM_DOMAIN_COMMAND may not exist?
1831 * I915_GEM_DOMAIN_INSTRUCTION, which exists on 965, is
1832 * invalidated when MI_EXE_FLUSH is set.
1834 * I915_GEM_DOMAIN_VERTEX, which exists on 965, is
1835 * invalidated with every MI_FLUSH.
1839 * On 965, TLBs associated with I915_GEM_DOMAIN_COMMAND
1840 * and I915_GEM_DOMAIN_CPU in are invalidated at PTE write and
1841 * I915_GEM_DOMAIN_RENDER and I915_GEM_DOMAIN_SAMPLER
1842 * are flushed at any MI_FLUSH.
1845 cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1846 if ((invalidate_domains|flush_domains) &
1847 I915_GEM_DOMAIN_RENDER)
1848 cmd &= ~MI_NO_WRITE_FLUSH;
1849 if (!IS_I965G(dev)) {
1851 * On the 965, the sampler cache always gets flushed
1852 * and this bit is reserved.
1854 if (invalidate_domains & I915_GEM_DOMAIN_SAMPLER)
1855 cmd |= MI_READ_FLUSH;
1857 if (invalidate_domains & I915_GEM_DOMAIN_INSTRUCTION)
1858 cmd |= MI_EXE_FLUSH;
1861 DRM_INFO("%s: queue flush %08x to ring\n", __func__, cmd);
1865 OUT_RING(0); /* noop */
1871 * Ensures that all rendering to the object has completed and the object is
1872 * safe to unbind from the GTT or access from the CPU.
1875 i915_gem_object_wait_rendering(struct drm_gem_object *obj)
1877 struct drm_device *dev = obj->dev;
1878 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1881 /* This function only exists to support waiting for existing rendering,
1882 * not for emitting required flushes.
1884 BUG_ON((obj->write_domain & I915_GEM_GPU_DOMAINS) != 0);
1886 /* If there is rendering queued on the buffer being evicted, wait for
1889 if (obj_priv->active) {
1891 DRM_INFO("%s: object %p wait for seqno %08x\n",
1892 __func__, obj, obj_priv->last_rendering_seqno);
1894 ret = i915_wait_request(dev, obj_priv->last_rendering_seqno);
1903 * Unbinds an object from the GTT aperture.
1906 i915_gem_object_unbind(struct drm_gem_object *obj)
1908 struct drm_device *dev = obj->dev;
1909 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1913 DRM_INFO("%s:%d %p\n", __func__, __LINE__, obj);
1914 DRM_INFO("gtt_space %p\n", obj_priv->gtt_space);
1916 if (obj_priv->gtt_space == NULL)
1919 if (obj_priv->pin_count != 0) {
1920 DRM_ERROR("Attempting to unbind pinned buffer\n");
1924 /* blow away mappings if mapped through GTT */
1925 i915_gem_release_mmap(obj);
1927 if (obj_priv->fence_reg != I915_FENCE_REG_NONE)
1928 i915_gem_clear_fence_reg(obj);
1930 /* Move the object to the CPU domain to ensure that
1931 * any possible CPU writes while it's not in the GTT
1932 * are flushed when we go to remap it. This will
1933 * also ensure that all pending GPU writes are finished
1936 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
1938 if (ret != -ERESTARTSYS)
1939 DRM_ERROR("set_domain failed: %d\n", ret);
1943 BUG_ON(obj_priv->active);
1945 if (obj_priv->agp_mem != NULL) {
1946 drm_unbind_agp(obj_priv->agp_mem);
1947 drm_free_agp(obj_priv->agp_mem, obj->size / PAGE_SIZE);
1948 obj_priv->agp_mem = NULL;
1951 i915_gem_object_put_pages(obj);
1953 if (obj_priv->gtt_space) {
1954 atomic_dec(&dev->gtt_count);
1955 atomic_sub(obj->size, &dev->gtt_memory);
1957 drm_mm_put_block(obj_priv->gtt_space);
1958 obj_priv->gtt_space = NULL;
1961 /* Remove ourselves from the LRU list if present. */
1962 if (!list_empty(&obj_priv->list))
1963 list_del_init(&obj_priv->list);
1969 i915_gem_evict_something(struct drm_device *dev)
1971 drm_i915_private_t *dev_priv = dev->dev_private;
1972 struct drm_gem_object *obj;
1973 struct drm_i915_gem_object *obj_priv;
1977 /* If there's an inactive buffer available now, grab it
1980 if (!list_empty(&dev_priv->mm.inactive_list)) {
1981 obj_priv = list_first_entry(&dev_priv->mm.inactive_list,
1982 struct drm_i915_gem_object,
1984 obj = obj_priv->obj;
1985 BUG_ON(obj_priv->pin_count != 0);
1987 DRM_INFO("%s: evicting %p\n", __func__, obj);
1989 BUG_ON(obj_priv->active);
1991 /* Wait on the rendering and unbind the buffer. */
1992 ret = i915_gem_object_unbind(obj);
1996 /* If we didn't get anything, but the ring is still processing
1997 * things, wait for one of those things to finish and hopefully
1998 * leave us a buffer to evict.
2000 if (!list_empty(&dev_priv->mm.request_list)) {
2001 struct drm_i915_gem_request *request;
2003 request = list_first_entry(&dev_priv->mm.request_list,
2004 struct drm_i915_gem_request,
2007 ret = i915_wait_request(dev, request->seqno);
2011 /* if waiting caused an object to become inactive,
2012 * then loop around and wait for it. Otherwise, we
2013 * assume that waiting freed and unbound something,
2014 * so there should now be some space in the GTT
2016 if (!list_empty(&dev_priv->mm.inactive_list))
2021 /* If we didn't have anything on the request list but there
2022 * are buffers awaiting a flush, emit one and try again.
2023 * When we wait on it, those buffers waiting for that flush
2024 * will get moved to inactive.
2026 if (!list_empty(&dev_priv->mm.flushing_list)) {
2027 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
2028 struct drm_i915_gem_object,
2030 obj = obj_priv->obj;
2035 i915_add_request(dev, NULL, obj->write_domain);
2041 DRM_ERROR("inactive empty %d request empty %d "
2042 "flushing empty %d\n",
2043 list_empty(&dev_priv->mm.inactive_list),
2044 list_empty(&dev_priv->mm.request_list),
2045 list_empty(&dev_priv->mm.flushing_list));
2046 /* If we didn't do any of the above, there's nothing to be done
2047 * and we just can't fit it in.
2055 i915_gem_evict_everything(struct drm_device *dev)
2060 ret = i915_gem_evict_something(dev);
2070 i915_gem_object_get_pages(struct drm_gem_object *obj)
2072 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2074 struct address_space *mapping;
2075 struct inode *inode;
2079 if (obj_priv->pages_refcount++ != 0)
2082 /* Get the list of pages out of our struct file. They'll be pinned
2083 * at this point until we release them.
2085 page_count = obj->size / PAGE_SIZE;
2086 BUG_ON(obj_priv->pages != NULL);
2087 obj_priv->pages = drm_calloc_large(page_count, sizeof(struct page *));
2088 if (obj_priv->pages == NULL) {
2089 DRM_ERROR("Faled to allocate page list\n");
2090 obj_priv->pages_refcount--;
2094 inode = obj->filp->f_path.dentry->d_inode;
2095 mapping = inode->i_mapping;
2096 for (i = 0; i < page_count; i++) {
2097 page = read_mapping_page(mapping, i, NULL);
2099 ret = PTR_ERR(page);
2100 DRM_ERROR("read_mapping_page failed: %d\n", ret);
2101 i915_gem_object_put_pages(obj);
2104 obj_priv->pages[i] = page;
2107 if (obj_priv->tiling_mode != I915_TILING_NONE)
2108 i915_gem_object_do_bit_17_swizzle(obj);
2113 static void i965_write_fence_reg(struct drm_i915_fence_reg *reg)
2115 struct drm_gem_object *obj = reg->obj;
2116 struct drm_device *dev = obj->dev;
2117 drm_i915_private_t *dev_priv = dev->dev_private;
2118 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2119 int regnum = obj_priv->fence_reg;
2122 val = (uint64_t)((obj_priv->gtt_offset + obj->size - 4096) &
2124 val |= obj_priv->gtt_offset & 0xfffff000;
2125 val |= ((obj_priv->stride / 128) - 1) << I965_FENCE_PITCH_SHIFT;
2126 if (obj_priv->tiling_mode == I915_TILING_Y)
2127 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
2128 val |= I965_FENCE_REG_VALID;
2130 I915_WRITE64(FENCE_REG_965_0 + (regnum * 8), val);
2133 static void i915_write_fence_reg(struct drm_i915_fence_reg *reg)
2135 struct drm_gem_object *obj = reg->obj;
2136 struct drm_device *dev = obj->dev;
2137 drm_i915_private_t *dev_priv = dev->dev_private;
2138 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2139 int regnum = obj_priv->fence_reg;
2141 uint32_t fence_reg, val;
2144 if ((obj_priv->gtt_offset & ~I915_FENCE_START_MASK) ||
2145 (obj_priv->gtt_offset & (obj->size - 1))) {
2146 WARN(1, "%s: object 0x%08x not 1M or size (0x%zx) aligned\n",
2147 __func__, obj_priv->gtt_offset, obj->size);
2151 if (obj_priv->tiling_mode == I915_TILING_Y &&
2152 HAS_128_BYTE_Y_TILING(dev))
2157 /* Note: pitch better be a power of two tile widths */
2158 pitch_val = obj_priv->stride / tile_width;
2159 pitch_val = ffs(pitch_val) - 1;
2161 val = obj_priv->gtt_offset;
2162 if (obj_priv->tiling_mode == I915_TILING_Y)
2163 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2164 val |= I915_FENCE_SIZE_BITS(obj->size);
2165 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2166 val |= I830_FENCE_REG_VALID;
2169 fence_reg = FENCE_REG_830_0 + (regnum * 4);
2171 fence_reg = FENCE_REG_945_8 + ((regnum - 8) * 4);
2172 I915_WRITE(fence_reg, val);
2175 static void i830_write_fence_reg(struct drm_i915_fence_reg *reg)
2177 struct drm_gem_object *obj = reg->obj;
2178 struct drm_device *dev = obj->dev;
2179 drm_i915_private_t *dev_priv = dev->dev_private;
2180 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2181 int regnum = obj_priv->fence_reg;
2184 uint32_t fence_size_bits;
2186 if ((obj_priv->gtt_offset & ~I830_FENCE_START_MASK) ||
2187 (obj_priv->gtt_offset & (obj->size - 1))) {
2188 WARN(1, "%s: object 0x%08x not 512K or size aligned\n",
2189 __func__, obj_priv->gtt_offset);
2193 pitch_val = obj_priv->stride / 128;
2194 pitch_val = ffs(pitch_val) - 1;
2195 WARN_ON(pitch_val > I830_FENCE_MAX_PITCH_VAL);
2197 val = obj_priv->gtt_offset;
2198 if (obj_priv->tiling_mode == I915_TILING_Y)
2199 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2200 fence_size_bits = I830_FENCE_SIZE_BITS(obj->size);
2201 WARN_ON(fence_size_bits & ~0x00000f00);
2202 val |= fence_size_bits;
2203 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2204 val |= I830_FENCE_REG_VALID;
2206 I915_WRITE(FENCE_REG_830_0 + (regnum * 4), val);
2210 * i915_gem_object_get_fence_reg - set up a fence reg for an object
2211 * @obj: object to map through a fence reg
2213 * When mapping objects through the GTT, userspace wants to be able to write
2214 * to them without having to worry about swizzling if the object is tiled.
2216 * This function walks the fence regs looking for a free one for @obj,
2217 * stealing one if it can't find any.
2219 * It then sets up the reg based on the object's properties: address, pitch
2220 * and tiling format.
2223 i915_gem_object_get_fence_reg(struct drm_gem_object *obj)
2225 struct drm_device *dev = obj->dev;
2226 struct drm_i915_private *dev_priv = dev->dev_private;
2227 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2228 struct drm_i915_fence_reg *reg = NULL;
2229 struct drm_i915_gem_object *old_obj_priv = NULL;
2232 /* Just update our place in the LRU if our fence is getting used. */
2233 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
2234 list_move_tail(&obj_priv->fence_list, &dev_priv->mm.fence_list);
2238 switch (obj_priv->tiling_mode) {
2239 case I915_TILING_NONE:
2240 WARN(1, "allocating a fence for non-tiled object?\n");
2243 if (!obj_priv->stride)
2245 WARN((obj_priv->stride & (512 - 1)),
2246 "object 0x%08x is X tiled but has non-512B pitch\n",
2247 obj_priv->gtt_offset);
2250 if (!obj_priv->stride)
2252 WARN((obj_priv->stride & (128 - 1)),
2253 "object 0x%08x is Y tiled but has non-128B pitch\n",
2254 obj_priv->gtt_offset);
2258 /* First try to find a free reg */
2260 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) {
2261 reg = &dev_priv->fence_regs[i];
2265 old_obj_priv = reg->obj->driver_private;
2266 if (!old_obj_priv->pin_count)
2270 /* None available, try to steal one or wait for a user to finish */
2271 if (i == dev_priv->num_fence_regs) {
2272 struct drm_gem_object *old_obj = NULL;
2277 list_for_each_entry(old_obj_priv, &dev_priv->mm.fence_list,
2279 old_obj = old_obj_priv->obj;
2281 if (old_obj_priv->pin_count)
2284 /* Take a reference, as otherwise the wait_rendering
2285 * below may cause the object to get freed out from
2288 drm_gem_object_reference(old_obj);
2290 /* i915 uses fences for GPU access to tiled buffers */
2291 if (IS_I965G(dev) || !old_obj_priv->active)
2294 /* This brings the object to the head of the LRU if it
2295 * had been written to. The only way this should
2296 * result in us waiting longer than the expected
2297 * optimal amount of time is if there was a
2298 * fence-using buffer later that was read-only.
2300 i915_gem_object_flush_gpu_write_domain(old_obj);
2301 ret = i915_gem_object_wait_rendering(old_obj);
2303 drm_gem_object_unreference(old_obj);
2311 * Zap this virtual mapping so we can set up a fence again
2312 * for this object next time we need it.
2314 i915_gem_release_mmap(old_obj);
2316 i = old_obj_priv->fence_reg;
2317 reg = &dev_priv->fence_regs[i];
2319 old_obj_priv->fence_reg = I915_FENCE_REG_NONE;
2320 list_del_init(&old_obj_priv->fence_list);
2322 drm_gem_object_unreference(old_obj);
2325 obj_priv->fence_reg = i;
2326 list_add_tail(&obj_priv->fence_list, &dev_priv->mm.fence_list);
2331 i965_write_fence_reg(reg);
2332 else if (IS_I9XX(dev))
2333 i915_write_fence_reg(reg);
2335 i830_write_fence_reg(reg);
2341 * i915_gem_clear_fence_reg - clear out fence register info
2342 * @obj: object to clear
2344 * Zeroes out the fence register itself and clears out the associated
2345 * data structures in dev_priv and obj_priv.
2348 i915_gem_clear_fence_reg(struct drm_gem_object *obj)
2350 struct drm_device *dev = obj->dev;
2351 drm_i915_private_t *dev_priv = dev->dev_private;
2352 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2355 I915_WRITE64(FENCE_REG_965_0 + (obj_priv->fence_reg * 8), 0);
2359 if (obj_priv->fence_reg < 8)
2360 fence_reg = FENCE_REG_830_0 + obj_priv->fence_reg * 4;
2362 fence_reg = FENCE_REG_945_8 + (obj_priv->fence_reg -
2365 I915_WRITE(fence_reg, 0);
2368 dev_priv->fence_regs[obj_priv->fence_reg].obj = NULL;
2369 obj_priv->fence_reg = I915_FENCE_REG_NONE;
2370 list_del_init(&obj_priv->fence_list);
2374 * i915_gem_object_put_fence_reg - waits on outstanding fenced access
2375 * to the buffer to finish, and then resets the fence register.
2376 * @obj: tiled object holding a fence register.
2378 * Zeroes out the fence register itself and clears out the associated
2379 * data structures in dev_priv and obj_priv.
2382 i915_gem_object_put_fence_reg(struct drm_gem_object *obj)
2384 struct drm_device *dev = obj->dev;
2385 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2387 if (obj_priv->fence_reg == I915_FENCE_REG_NONE)
2390 /* On the i915, GPU access to tiled buffers is via a fence,
2391 * therefore we must wait for any outstanding access to complete
2392 * before clearing the fence.
2394 if (!IS_I965G(dev)) {
2397 i915_gem_object_flush_gpu_write_domain(obj);
2398 i915_gem_object_flush_gtt_write_domain(obj);
2399 ret = i915_gem_object_wait_rendering(obj);
2404 i915_gem_clear_fence_reg (obj);
2410 * Finds free space in the GTT aperture and binds the object there.
2413 i915_gem_object_bind_to_gtt(struct drm_gem_object *obj, unsigned alignment)
2415 struct drm_device *dev = obj->dev;
2416 drm_i915_private_t *dev_priv = dev->dev_private;
2417 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2418 struct drm_mm_node *free_space;
2419 int page_count, ret;
2421 if (dev_priv->mm.suspended)
2424 if (obj_priv->madv == I915_MADV_DONTNEED) {
2425 DRM_ERROR("Attempting to bind a purgeable object\n");
2430 alignment = i915_gem_get_gtt_alignment(obj);
2431 if (alignment & (i915_gem_get_gtt_alignment(obj) - 1)) {
2432 DRM_ERROR("Invalid object alignment requested %u\n", alignment);
2437 free_space = drm_mm_search_free(&dev_priv->mm.gtt_space,
2438 obj->size, alignment, 0);
2439 if (free_space != NULL) {
2440 obj_priv->gtt_space = drm_mm_get_block(free_space, obj->size,
2442 if (obj_priv->gtt_space != NULL) {
2443 obj_priv->gtt_space->private = obj;
2444 obj_priv->gtt_offset = obj_priv->gtt_space->start;
2447 if (obj_priv->gtt_space == NULL) {
2450 /* If the gtt is empty and we're still having trouble
2451 * fitting our object in, we're out of memory.
2454 DRM_INFO("%s: GTT full, evicting something\n", __func__);
2456 spin_lock(&dev_priv->mm.active_list_lock);
2457 lists_empty = (list_empty(&dev_priv->mm.inactive_list) &&
2458 list_empty(&dev_priv->mm.flushing_list) &&
2459 list_empty(&dev_priv->mm.active_list));
2460 spin_unlock(&dev_priv->mm.active_list_lock);
2462 DRM_ERROR("GTT full, but LRU list empty\n");
2466 ret = i915_gem_evict_something(dev);
2468 if (ret != -ERESTARTSYS)
2469 DRM_ERROR("Failed to evict a buffer %d\n", ret);
2476 DRM_INFO("Binding object of size %zd at 0x%08x\n",
2477 obj->size, obj_priv->gtt_offset);
2479 ret = i915_gem_object_get_pages(obj);
2481 drm_mm_put_block(obj_priv->gtt_space);
2482 obj_priv->gtt_space = NULL;
2486 page_count = obj->size / PAGE_SIZE;
2487 /* Create an AGP memory structure pointing at our pages, and bind it
2490 obj_priv->agp_mem = drm_agp_bind_pages(dev,
2493 obj_priv->gtt_offset,
2494 obj_priv->agp_type);
2495 if (obj_priv->agp_mem == NULL) {
2496 i915_gem_object_put_pages(obj);
2497 drm_mm_put_block(obj_priv->gtt_space);
2498 obj_priv->gtt_space = NULL;
2501 atomic_inc(&dev->gtt_count);
2502 atomic_add(obj->size, &dev->gtt_memory);
2504 /* Assert that the object is not currently in any GPU domain. As it
2505 * wasn't in the GTT, there shouldn't be any way it could have been in
2508 BUG_ON(obj->read_domains & I915_GEM_GPU_DOMAINS);
2509 BUG_ON(obj->write_domain & I915_GEM_GPU_DOMAINS);
2515 i915_gem_clflush_object(struct drm_gem_object *obj)
2517 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2519 /* If we don't have a page list set up, then we're not pinned
2520 * to GPU, and we can ignore the cache flush because it'll happen
2521 * again at bind time.
2523 if (obj_priv->pages == NULL)
2526 drm_clflush_pages(obj_priv->pages, obj->size / PAGE_SIZE);
2529 /** Flushes any GPU write domain for the object if it's dirty. */
2531 i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj)
2533 struct drm_device *dev = obj->dev;
2536 if ((obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
2539 /* Queue the GPU write cache flushing we need. */
2540 i915_gem_flush(dev, 0, obj->write_domain);
2541 seqno = i915_add_request(dev, NULL, obj->write_domain);
2542 obj->write_domain = 0;
2543 i915_gem_object_move_to_active(obj, seqno);
2546 /** Flushes the GTT write domain for the object if it's dirty. */
2548 i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj)
2550 if (obj->write_domain != I915_GEM_DOMAIN_GTT)
2553 /* No actual flushing is required for the GTT write domain. Writes
2554 * to it immediately go to main memory as far as we know, so there's
2555 * no chipset flush. It also doesn't land in render cache.
2557 obj->write_domain = 0;
2560 /** Flushes the CPU write domain for the object if it's dirty. */
2562 i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj)
2564 struct drm_device *dev = obj->dev;
2566 if (obj->write_domain != I915_GEM_DOMAIN_CPU)
2569 i915_gem_clflush_object(obj);
2570 drm_agp_chipset_flush(dev);
2571 obj->write_domain = 0;
2575 * Moves a single object to the GTT read, and possibly write domain.
2577 * This function returns when the move is complete, including waiting on
2581 i915_gem_object_set_to_gtt_domain(struct drm_gem_object *obj, int write)
2583 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2586 /* Not valid to be called on unbound objects. */
2587 if (obj_priv->gtt_space == NULL)
2590 i915_gem_object_flush_gpu_write_domain(obj);
2591 /* Wait on any GPU rendering and flushing to occur. */
2592 ret = i915_gem_object_wait_rendering(obj);
2596 /* If we're writing through the GTT domain, then CPU and GPU caches
2597 * will need to be invalidated at next use.
2600 obj->read_domains &= I915_GEM_DOMAIN_GTT;
2602 i915_gem_object_flush_cpu_write_domain(obj);
2604 /* It should now be out of any other write domains, and we can update
2605 * the domain values for our changes.
2607 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_GTT) != 0);
2608 obj->read_domains |= I915_GEM_DOMAIN_GTT;
2610 obj->write_domain = I915_GEM_DOMAIN_GTT;
2611 obj_priv->dirty = 1;
2618 * Moves a single object to the CPU read, and possibly write domain.
2620 * This function returns when the move is complete, including waiting on
2624 i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj, int write)
2628 i915_gem_object_flush_gpu_write_domain(obj);
2629 /* Wait on any GPU rendering and flushing to occur. */
2630 ret = i915_gem_object_wait_rendering(obj);
2634 i915_gem_object_flush_gtt_write_domain(obj);
2636 /* If we have a partially-valid cache of the object in the CPU,
2637 * finish invalidating it and free the per-page flags.
2639 i915_gem_object_set_to_full_cpu_read_domain(obj);
2641 /* Flush the CPU cache if it's still invalid. */
2642 if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0) {
2643 i915_gem_clflush_object(obj);
2645 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2648 /* It should now be out of any other write domains, and we can update
2649 * the domain values for our changes.
2651 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2653 /* If we're writing through the CPU, then the GPU read domains will
2654 * need to be invalidated at next use.
2657 obj->read_domains &= I915_GEM_DOMAIN_CPU;
2658 obj->write_domain = I915_GEM_DOMAIN_CPU;
2665 * Set the next domain for the specified object. This
2666 * may not actually perform the necessary flushing/invaliding though,
2667 * as that may want to be batched with other set_domain operations
2669 * This is (we hope) the only really tricky part of gem. The goal
2670 * is fairly simple -- track which caches hold bits of the object
2671 * and make sure they remain coherent. A few concrete examples may
2672 * help to explain how it works. For shorthand, we use the notation
2673 * (read_domains, write_domain), e.g. (CPU, CPU) to indicate the
2674 * a pair of read and write domain masks.
2676 * Case 1: the batch buffer
2682 * 5. Unmapped from GTT
2685 * Let's take these a step at a time
2688 * Pages allocated from the kernel may still have
2689 * cache contents, so we set them to (CPU, CPU) always.
2690 * 2. Written by CPU (using pwrite)
2691 * The pwrite function calls set_domain (CPU, CPU) and
2692 * this function does nothing (as nothing changes)
2694 * This function asserts that the object is not
2695 * currently in any GPU-based read or write domains
2697 * i915_gem_execbuffer calls set_domain (COMMAND, 0).
2698 * As write_domain is zero, this function adds in the
2699 * current read domains (CPU+COMMAND, 0).
2700 * flush_domains is set to CPU.
2701 * invalidate_domains is set to COMMAND
2702 * clflush is run to get data out of the CPU caches
2703 * then i915_dev_set_domain calls i915_gem_flush to
2704 * emit an MI_FLUSH and drm_agp_chipset_flush
2705 * 5. Unmapped from GTT
2706 * i915_gem_object_unbind calls set_domain (CPU, CPU)
2707 * flush_domains and invalidate_domains end up both zero
2708 * so no flushing/invalidating happens
2712 * Case 2: The shared render buffer
2716 * 3. Read/written by GPU
2717 * 4. set_domain to (CPU,CPU)
2718 * 5. Read/written by CPU
2719 * 6. Read/written by GPU
2722 * Same as last example, (CPU, CPU)
2724 * Nothing changes (assertions find that it is not in the GPU)
2725 * 3. Read/written by GPU
2726 * execbuffer calls set_domain (RENDER, RENDER)
2727 * flush_domains gets CPU
2728 * invalidate_domains gets GPU
2730 * MI_FLUSH and drm_agp_chipset_flush
2731 * 4. set_domain (CPU, CPU)
2732 * flush_domains gets GPU
2733 * invalidate_domains gets CPU
2734 * wait_rendering (obj) to make sure all drawing is complete.
2735 * This will include an MI_FLUSH to get the data from GPU
2737 * clflush (obj) to invalidate the CPU cache
2738 * Another MI_FLUSH in i915_gem_flush (eliminate this somehow?)
2739 * 5. Read/written by CPU
2740 * cache lines are loaded and dirtied
2741 * 6. Read written by GPU
2742 * Same as last GPU access
2744 * Case 3: The constant buffer
2749 * 4. Updated (written) by CPU again
2758 * flush_domains = CPU
2759 * invalidate_domains = RENDER
2762 * drm_agp_chipset_flush
2763 * 4. Updated (written) by CPU again
2765 * flush_domains = 0 (no previous write domain)
2766 * invalidate_domains = 0 (no new read domains)
2769 * flush_domains = CPU
2770 * invalidate_domains = RENDER
2773 * drm_agp_chipset_flush
2776 i915_gem_object_set_to_gpu_domain(struct drm_gem_object *obj)
2778 struct drm_device *dev = obj->dev;
2779 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2780 uint32_t invalidate_domains = 0;
2781 uint32_t flush_domains = 0;
2783 BUG_ON(obj->pending_read_domains & I915_GEM_DOMAIN_CPU);
2784 BUG_ON(obj->pending_write_domain == I915_GEM_DOMAIN_CPU);
2786 intel_mark_busy(dev, obj);
2789 DRM_INFO("%s: object %p read %08x -> %08x write %08x -> %08x\n",
2791 obj->read_domains, obj->pending_read_domains,
2792 obj->write_domain, obj->pending_write_domain);
2795 * If the object isn't moving to a new write domain,
2796 * let the object stay in multiple read domains
2798 if (obj->pending_write_domain == 0)
2799 obj->pending_read_domains |= obj->read_domains;
2801 obj_priv->dirty = 1;
2804 * Flush the current write domain if
2805 * the new read domains don't match. Invalidate
2806 * any read domains which differ from the old
2809 if (obj->write_domain &&
2810 obj->write_domain != obj->pending_read_domains) {
2811 flush_domains |= obj->write_domain;
2812 invalidate_domains |=
2813 obj->pending_read_domains & ~obj->write_domain;
2816 * Invalidate any read caches which may have
2817 * stale data. That is, any new read domains.
2819 invalidate_domains |= obj->pending_read_domains & ~obj->read_domains;
2820 if ((flush_domains | invalidate_domains) & I915_GEM_DOMAIN_CPU) {
2822 DRM_INFO("%s: CPU domain flush %08x invalidate %08x\n",
2823 __func__, flush_domains, invalidate_domains);
2825 i915_gem_clflush_object(obj);
2828 /* The actual obj->write_domain will be updated with
2829 * pending_write_domain after we emit the accumulated flush for all
2830 * of our domain changes in execbuffers (which clears objects'
2831 * write_domains). So if we have a current write domain that we
2832 * aren't changing, set pending_write_domain to that.
2834 if (flush_domains == 0 && obj->pending_write_domain == 0)
2835 obj->pending_write_domain = obj->write_domain;
2836 obj->read_domains = obj->pending_read_domains;
2838 dev->invalidate_domains |= invalidate_domains;
2839 dev->flush_domains |= flush_domains;
2841 DRM_INFO("%s: read %08x write %08x invalidate %08x flush %08x\n",
2843 obj->read_domains, obj->write_domain,
2844 dev->invalidate_domains, dev->flush_domains);
2849 * Moves the object from a partially CPU read to a full one.
2851 * Note that this only resolves i915_gem_object_set_cpu_read_domain_range(),
2852 * and doesn't handle transitioning from !(read_domains & I915_GEM_DOMAIN_CPU).
2855 i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj)
2857 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2859 if (!obj_priv->page_cpu_valid)
2862 /* If we're partially in the CPU read domain, finish moving it in.
2864 if (obj->read_domains & I915_GEM_DOMAIN_CPU) {
2867 for (i = 0; i <= (obj->size - 1) / PAGE_SIZE; i++) {
2868 if (obj_priv->page_cpu_valid[i])
2870 drm_clflush_pages(obj_priv->pages + i, 1);
2874 /* Free the page_cpu_valid mappings which are now stale, whether
2875 * or not we've got I915_GEM_DOMAIN_CPU.
2877 kfree(obj_priv->page_cpu_valid);
2878 obj_priv->page_cpu_valid = NULL;
2882 * Set the CPU read domain on a range of the object.
2884 * The object ends up with I915_GEM_DOMAIN_CPU in its read flags although it's
2885 * not entirely valid. The page_cpu_valid member of the object flags which
2886 * pages have been flushed, and will be respected by
2887 * i915_gem_object_set_to_cpu_domain() if it's called on to get a valid mapping
2888 * of the whole object.
2890 * This function returns when the move is complete, including waiting on
2894 i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
2895 uint64_t offset, uint64_t size)
2897 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2900 if (offset == 0 && size == obj->size)
2901 return i915_gem_object_set_to_cpu_domain(obj, 0);
2903 i915_gem_object_flush_gpu_write_domain(obj);
2904 /* Wait on any GPU rendering and flushing to occur. */
2905 ret = i915_gem_object_wait_rendering(obj);
2908 i915_gem_object_flush_gtt_write_domain(obj);
2910 /* If we're already fully in the CPU read domain, we're done. */
2911 if (obj_priv->page_cpu_valid == NULL &&
2912 (obj->read_domains & I915_GEM_DOMAIN_CPU) != 0)
2915 /* Otherwise, create/clear the per-page CPU read domain flag if we're
2916 * newly adding I915_GEM_DOMAIN_CPU
2918 if (obj_priv->page_cpu_valid == NULL) {
2919 obj_priv->page_cpu_valid = kzalloc(obj->size / PAGE_SIZE,
2921 if (obj_priv->page_cpu_valid == NULL)
2923 } else if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0)
2924 memset(obj_priv->page_cpu_valid, 0, obj->size / PAGE_SIZE);
2926 /* Flush the cache on any pages that are still invalid from the CPU's
2929 for (i = offset / PAGE_SIZE; i <= (offset + size - 1) / PAGE_SIZE;
2931 if (obj_priv->page_cpu_valid[i])
2934 drm_clflush_pages(obj_priv->pages + i, 1);
2936 obj_priv->page_cpu_valid[i] = 1;
2939 /* It should now be out of any other write domains, and we can update
2940 * the domain values for our changes.
2942 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2944 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2950 * Pin an object to the GTT and evaluate the relocations landing in it.
2953 i915_gem_object_pin_and_relocate(struct drm_gem_object *obj,
2954 struct drm_file *file_priv,
2955 struct drm_i915_gem_exec_object *entry,
2956 struct drm_i915_gem_relocation_entry *relocs)
2958 struct drm_device *dev = obj->dev;
2959 drm_i915_private_t *dev_priv = dev->dev_private;
2960 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2962 void __iomem *reloc_page;
2964 /* Choose the GTT offset for our buffer and put it there. */
2965 ret = i915_gem_object_pin(obj, (uint32_t) entry->alignment);
2969 entry->offset = obj_priv->gtt_offset;
2971 /* Apply the relocations, using the GTT aperture to avoid cache
2972 * flushing requirements.
2974 for (i = 0; i < entry->relocation_count; i++) {
2975 struct drm_i915_gem_relocation_entry *reloc= &relocs[i];
2976 struct drm_gem_object *target_obj;
2977 struct drm_i915_gem_object *target_obj_priv;
2978 uint32_t reloc_val, reloc_offset;
2979 uint32_t __iomem *reloc_entry;
2981 target_obj = drm_gem_object_lookup(obj->dev, file_priv,
2982 reloc->target_handle);
2983 if (target_obj == NULL) {
2984 i915_gem_object_unpin(obj);
2987 target_obj_priv = target_obj->driver_private;
2989 /* The target buffer should have appeared before us in the
2990 * exec_object list, so it should have a GTT space bound by now.
2992 if (target_obj_priv->gtt_space == NULL) {
2993 DRM_ERROR("No GTT space found for object %d\n",
2994 reloc->target_handle);
2995 drm_gem_object_unreference(target_obj);
2996 i915_gem_object_unpin(obj);
3000 if (reloc->offset > obj->size - 4) {
3001 DRM_ERROR("Relocation beyond object bounds: "
3002 "obj %p target %d offset %d size %d.\n",
3003 obj, reloc->target_handle,
3004 (int) reloc->offset, (int) obj->size);
3005 drm_gem_object_unreference(target_obj);
3006 i915_gem_object_unpin(obj);
3009 if (reloc->offset & 3) {
3010 DRM_ERROR("Relocation not 4-byte aligned: "
3011 "obj %p target %d offset %d.\n",
3012 obj, reloc->target_handle,
3013 (int) reloc->offset);
3014 drm_gem_object_unreference(target_obj);
3015 i915_gem_object_unpin(obj);
3019 if (reloc->write_domain & I915_GEM_DOMAIN_CPU ||
3020 reloc->read_domains & I915_GEM_DOMAIN_CPU) {
3021 DRM_ERROR("reloc with read/write CPU domains: "
3022 "obj %p target %d offset %d "
3023 "read %08x write %08x",
3024 obj, reloc->target_handle,
3025 (int) reloc->offset,
3026 reloc->read_domains,
3027 reloc->write_domain);
3028 drm_gem_object_unreference(target_obj);
3029 i915_gem_object_unpin(obj);
3033 if (reloc->write_domain && target_obj->pending_write_domain &&
3034 reloc->write_domain != target_obj->pending_write_domain) {
3035 DRM_ERROR("Write domain conflict: "
3036 "obj %p target %d offset %d "
3037 "new %08x old %08x\n",
3038 obj, reloc->target_handle,
3039 (int) reloc->offset,
3040 reloc->write_domain,
3041 target_obj->pending_write_domain);
3042 drm_gem_object_unreference(target_obj);
3043 i915_gem_object_unpin(obj);
3048 DRM_INFO("%s: obj %p offset %08x target %d "
3049 "read %08x write %08x gtt %08x "
3050 "presumed %08x delta %08x\n",
3053 (int) reloc->offset,
3054 (int) reloc->target_handle,
3055 (int) reloc->read_domains,
3056 (int) reloc->write_domain,
3057 (int) target_obj_priv->gtt_offset,
3058 (int) reloc->presumed_offset,
3062 target_obj->pending_read_domains |= reloc->read_domains;
3063 target_obj->pending_write_domain |= reloc->write_domain;
3065 /* If the relocation already has the right value in it, no
3066 * more work needs to be done.
3068 if (target_obj_priv->gtt_offset == reloc->presumed_offset) {
3069 drm_gem_object_unreference(target_obj);
3073 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
3075 drm_gem_object_unreference(target_obj);
3076 i915_gem_object_unpin(obj);
3080 /* Map the page containing the relocation we're going to
3083 reloc_offset = obj_priv->gtt_offset + reloc->offset;
3084 reloc_page = io_mapping_map_atomic_wc(dev_priv->mm.gtt_mapping,
3087 reloc_entry = (uint32_t __iomem *)(reloc_page +
3088 (reloc_offset & (PAGE_SIZE - 1)));
3089 reloc_val = target_obj_priv->gtt_offset + reloc->delta;
3092 DRM_INFO("Applied relocation: %p@0x%08x %08x -> %08x\n",
3093 obj, (unsigned int) reloc->offset,
3094 readl(reloc_entry), reloc_val);
3096 writel(reloc_val, reloc_entry);
3097 io_mapping_unmap_atomic(reloc_page);
3099 /* The updated presumed offset for this entry will be
3100 * copied back out to the user.
3102 reloc->presumed_offset = target_obj_priv->gtt_offset;
3104 drm_gem_object_unreference(target_obj);
3109 i915_gem_dump_object(obj, 128, __func__, ~0);
3114 /** Dispatch a batchbuffer to the ring
3117 i915_dispatch_gem_execbuffer(struct drm_device *dev,
3118 struct drm_i915_gem_execbuffer *exec,
3119 struct drm_clip_rect *cliprects,
3120 uint64_t exec_offset)
3122 drm_i915_private_t *dev_priv = dev->dev_private;
3123 int nbox = exec->num_cliprects;
3125 uint32_t exec_start, exec_len;
3128 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3129 exec_len = (uint32_t) exec->batch_len;
3131 count = nbox ? nbox : 1;
3133 for (i = 0; i < count; i++) {
3135 int ret = i915_emit_box(dev, cliprects, i,
3136 exec->DR1, exec->DR4);
3141 if (IS_I830(dev) || IS_845G(dev)) {
3143 OUT_RING(MI_BATCH_BUFFER);
3144 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
3145 OUT_RING(exec_start + exec_len - 4);
3150 if (IS_I965G(dev)) {
3151 OUT_RING(MI_BATCH_BUFFER_START |
3153 MI_BATCH_NON_SECURE_I965);
3154 OUT_RING(exec_start);
3156 OUT_RING(MI_BATCH_BUFFER_START |
3158 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
3164 /* XXX breadcrumb */
3168 /* Throttle our rendering by waiting until the ring has completed our requests
3169 * emitted over 20 msec ago.
3171 * Note that if we were to use the current jiffies each time around the loop,
3172 * we wouldn't escape the function with any frames outstanding if the time to
3173 * render a frame was over 20ms.
3175 * This should get us reasonable parallelism between CPU and GPU but also
3176 * relatively low latency when blocking on a particular request to finish.
3179 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file_priv)
3181 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
3183 unsigned long recent_enough = jiffies - msecs_to_jiffies(20);
3185 mutex_lock(&dev->struct_mutex);
3186 while (!list_empty(&i915_file_priv->mm.request_list)) {
3187 struct drm_i915_gem_request *request;
3189 request = list_first_entry(&i915_file_priv->mm.request_list,
3190 struct drm_i915_gem_request,
3193 if (time_after_eq(request->emitted_jiffies, recent_enough))
3196 ret = i915_wait_request(dev, request->seqno);
3200 mutex_unlock(&dev->struct_mutex);
3206 i915_gem_get_relocs_from_user(struct drm_i915_gem_exec_object *exec_list,
3207 uint32_t buffer_count,
3208 struct drm_i915_gem_relocation_entry **relocs)
3210 uint32_t reloc_count = 0, reloc_index = 0, i;
3214 for (i = 0; i < buffer_count; i++) {
3215 if (reloc_count + exec_list[i].relocation_count < reloc_count)
3217 reloc_count += exec_list[i].relocation_count;
3220 *relocs = drm_calloc_large(reloc_count, sizeof(**relocs));
3221 if (*relocs == NULL)
3224 for (i = 0; i < buffer_count; i++) {
3225 struct drm_i915_gem_relocation_entry __user *user_relocs;
3227 user_relocs = (void __user *)(uintptr_t)exec_list[i].relocs_ptr;
3229 ret = copy_from_user(&(*relocs)[reloc_index],
3231 exec_list[i].relocation_count *
3234 drm_free_large(*relocs);
3239 reloc_index += exec_list[i].relocation_count;
3246 i915_gem_put_relocs_to_user(struct drm_i915_gem_exec_object *exec_list,
3247 uint32_t buffer_count,
3248 struct drm_i915_gem_relocation_entry *relocs)
3250 uint32_t reloc_count = 0, i;
3253 for (i = 0; i < buffer_count; i++) {
3254 struct drm_i915_gem_relocation_entry __user *user_relocs;
3257 user_relocs = (void __user *)(uintptr_t)exec_list[i].relocs_ptr;
3259 unwritten = copy_to_user(user_relocs,
3260 &relocs[reloc_count],
3261 exec_list[i].relocation_count *
3269 reloc_count += exec_list[i].relocation_count;
3273 drm_free_large(relocs);
3279 i915_gem_check_execbuffer (struct drm_i915_gem_execbuffer *exec,
3280 uint64_t exec_offset)
3282 uint32_t exec_start, exec_len;
3284 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3285 exec_len = (uint32_t) exec->batch_len;
3287 if ((exec_start | exec_len) & 0x7)
3297 i915_gem_execbuffer(struct drm_device *dev, void *data,
3298 struct drm_file *file_priv)
3300 drm_i915_private_t *dev_priv = dev->dev_private;
3301 struct drm_i915_gem_execbuffer *args = data;
3302 struct drm_i915_gem_exec_object *exec_list = NULL;
3303 struct drm_gem_object **object_list = NULL;
3304 struct drm_gem_object *batch_obj;
3305 struct drm_i915_gem_object *obj_priv;
3306 struct drm_clip_rect *cliprects = NULL;
3307 struct drm_i915_gem_relocation_entry *relocs;
3308 int ret, ret2, i, pinned = 0;
3309 uint64_t exec_offset;
3310 uint32_t seqno, flush_domains, reloc_index;
3314 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
3315 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
3318 if (args->buffer_count < 1) {
3319 DRM_ERROR("execbuf with %d buffers\n", args->buffer_count);
3322 /* Copy in the exec list from userland */
3323 exec_list = drm_calloc_large(sizeof(*exec_list), args->buffer_count);
3324 object_list = drm_calloc_large(sizeof(*object_list), args->buffer_count);
3325 if (exec_list == NULL || object_list == NULL) {
3326 DRM_ERROR("Failed to allocate exec or object list "
3328 args->buffer_count);
3332 ret = copy_from_user(exec_list,
3333 (struct drm_i915_relocation_entry __user *)
3334 (uintptr_t) args->buffers_ptr,
3335 sizeof(*exec_list) * args->buffer_count);
3337 DRM_ERROR("copy %d exec entries failed %d\n",
3338 args->buffer_count, ret);
3342 if (args->num_cliprects != 0) {
3343 cliprects = kcalloc(args->num_cliprects, sizeof(*cliprects),
3345 if (cliprects == NULL)
3348 ret = copy_from_user(cliprects,
3349 (struct drm_clip_rect __user *)
3350 (uintptr_t) args->cliprects_ptr,
3351 sizeof(*cliprects) * args->num_cliprects);
3353 DRM_ERROR("copy %d cliprects failed: %d\n",
3354 args->num_cliprects, ret);
3359 ret = i915_gem_get_relocs_from_user(exec_list, args->buffer_count,
3364 mutex_lock(&dev->struct_mutex);
3366 i915_verify_inactive(dev, __FILE__, __LINE__);
3368 if (atomic_read(&dev_priv->mm.wedged)) {
3369 DRM_ERROR("Execbuf while wedged\n");
3370 mutex_unlock(&dev->struct_mutex);
3375 if (dev_priv->mm.suspended) {
3376 DRM_ERROR("Execbuf while VT-switched.\n");
3377 mutex_unlock(&dev->struct_mutex);
3382 /* Look up object handles */
3383 for (i = 0; i < args->buffer_count; i++) {
3384 object_list[i] = drm_gem_object_lookup(dev, file_priv,
3385 exec_list[i].handle);
3386 if (object_list[i] == NULL) {
3387 DRM_ERROR("Invalid object handle %d at index %d\n",
3388 exec_list[i].handle, i);
3393 obj_priv = object_list[i]->driver_private;
3394 if (obj_priv->in_execbuffer) {
3395 DRM_ERROR("Object %p appears more than once in object list\n",
3400 obj_priv->in_execbuffer = true;
3403 /* Pin and relocate */
3404 for (pin_tries = 0; ; pin_tries++) {
3408 for (i = 0; i < args->buffer_count; i++) {
3409 object_list[i]->pending_read_domains = 0;
3410 object_list[i]->pending_write_domain = 0;
3411 ret = i915_gem_object_pin_and_relocate(object_list[i],
3414 &relocs[reloc_index]);
3418 reloc_index += exec_list[i].relocation_count;
3424 /* error other than GTT full, or we've already tried again */
3425 if (ret != -ENOSPC || pin_tries >= 1) {
3426 if (ret != -ERESTARTSYS)
3427 DRM_ERROR("Failed to pin buffers %d\n", ret);
3431 /* unpin all of our buffers */
3432 for (i = 0; i < pinned; i++)
3433 i915_gem_object_unpin(object_list[i]);
3436 /* evict everyone we can from the aperture */
3437 ret = i915_gem_evict_everything(dev);
3442 /* Set the pending read domains for the batch buffer to COMMAND */
3443 batch_obj = object_list[args->buffer_count-1];
3444 if (batch_obj->pending_write_domain) {
3445 DRM_ERROR("Attempting to use self-modifying batch buffer\n");
3449 batch_obj->pending_read_domains |= I915_GEM_DOMAIN_COMMAND;
3451 /* Sanity check the batch buffer, prior to moving objects */
3452 exec_offset = exec_list[args->buffer_count - 1].offset;
3453 ret = i915_gem_check_execbuffer (args, exec_offset);
3455 DRM_ERROR("execbuf with invalid offset/length\n");
3459 i915_verify_inactive(dev, __FILE__, __LINE__);
3461 /* Zero the global flush/invalidate flags. These
3462 * will be modified as new domains are computed
3465 dev->invalidate_domains = 0;
3466 dev->flush_domains = 0;
3468 for (i = 0; i < args->buffer_count; i++) {
3469 struct drm_gem_object *obj = object_list[i];
3471 /* Compute new gpu domains and update invalidate/flush */
3472 i915_gem_object_set_to_gpu_domain(obj);
3475 i915_verify_inactive(dev, __FILE__, __LINE__);
3477 if (dev->invalidate_domains | dev->flush_domains) {
3479 DRM_INFO("%s: invalidate_domains %08x flush_domains %08x\n",
3481 dev->invalidate_domains,
3482 dev->flush_domains);
3485 dev->invalidate_domains,
3486 dev->flush_domains);
3487 if (dev->flush_domains)
3488 (void)i915_add_request(dev, file_priv,
3489 dev->flush_domains);
3492 for (i = 0; i < args->buffer_count; i++) {
3493 struct drm_gem_object *obj = object_list[i];
3495 obj->write_domain = obj->pending_write_domain;
3498 i915_verify_inactive(dev, __FILE__, __LINE__);
3501 for (i = 0; i < args->buffer_count; i++) {
3502 i915_gem_object_check_coherency(object_list[i],
3503 exec_list[i].handle);
3508 i915_gem_dump_object(batch_obj,
3514 /* Exec the batchbuffer */
3515 ret = i915_dispatch_gem_execbuffer(dev, args, cliprects, exec_offset);
3517 DRM_ERROR("dispatch failed %d\n", ret);
3522 * Ensure that the commands in the batch buffer are
3523 * finished before the interrupt fires
3525 flush_domains = i915_retire_commands(dev);
3527 i915_verify_inactive(dev, __FILE__, __LINE__);
3530 * Get a seqno representing the execution of the current buffer,
3531 * which we can wait on. We would like to mitigate these interrupts,
3532 * likely by only creating seqnos occasionally (so that we have
3533 * *some* interrupts representing completion of buffers that we can
3534 * wait on when trying to clear up gtt space).
3536 seqno = i915_add_request(dev, file_priv, flush_domains);
3538 for (i = 0; i < args->buffer_count; i++) {
3539 struct drm_gem_object *obj = object_list[i];
3541 i915_gem_object_move_to_active(obj, seqno);
3543 DRM_INFO("%s: move to exec list %p\n", __func__, obj);
3547 i915_dump_lru(dev, __func__);
3550 i915_verify_inactive(dev, __FILE__, __LINE__);
3553 for (i = 0; i < pinned; i++)
3554 i915_gem_object_unpin(object_list[i]);
3556 for (i = 0; i < args->buffer_count; i++) {
3557 if (object_list[i]) {
3558 obj_priv = object_list[i]->driver_private;
3559 obj_priv->in_execbuffer = false;
3561 drm_gem_object_unreference(object_list[i]);
3564 mutex_unlock(&dev->struct_mutex);
3567 /* Copy the new buffer offsets back to the user's exec list. */
3568 ret = copy_to_user((struct drm_i915_relocation_entry __user *)
3569 (uintptr_t) args->buffers_ptr,
3571 sizeof(*exec_list) * args->buffer_count);
3574 DRM_ERROR("failed to copy %d exec entries "
3575 "back to user (%d)\n",
3576 args->buffer_count, ret);
3580 /* Copy the updated relocations out regardless of current error
3581 * state. Failure to update the relocs would mean that the next
3582 * time userland calls execbuf, it would do so with presumed offset
3583 * state that didn't match the actual object state.
3585 ret2 = i915_gem_put_relocs_to_user(exec_list, args->buffer_count,
3588 DRM_ERROR("Failed to copy relocations back out: %d\n", ret2);
3595 drm_free_large(object_list);
3596 drm_free_large(exec_list);
3603 i915_gem_object_pin(struct drm_gem_object *obj, uint32_t alignment)
3605 struct drm_device *dev = obj->dev;
3606 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3609 i915_verify_inactive(dev, __FILE__, __LINE__);
3610 if (obj_priv->gtt_space == NULL) {
3611 ret = i915_gem_object_bind_to_gtt(obj, alignment);
3613 if (ret != -EBUSY && ret != -ERESTARTSYS)
3614 DRM_ERROR("Failure to bind: %d\n", ret);
3619 * Pre-965 chips need a fence register set up in order to
3620 * properly handle tiled surfaces.
3622 if (!IS_I965G(dev) && obj_priv->tiling_mode != I915_TILING_NONE) {
3623 ret = i915_gem_object_get_fence_reg(obj);
3625 if (ret != -EBUSY && ret != -ERESTARTSYS)
3626 DRM_ERROR("Failure to install fence: %d\n",
3631 obj_priv->pin_count++;
3633 /* If the object is not active and not pending a flush,
3634 * remove it from the inactive list
3636 if (obj_priv->pin_count == 1) {
3637 atomic_inc(&dev->pin_count);
3638 atomic_add(obj->size, &dev->pin_memory);
3639 if (!obj_priv->active &&
3640 (obj->write_domain & I915_GEM_GPU_DOMAINS) == 0 &&
3641 !list_empty(&obj_priv->list))
3642 list_del_init(&obj_priv->list);
3644 i915_verify_inactive(dev, __FILE__, __LINE__);
3650 i915_gem_object_unpin(struct drm_gem_object *obj)
3652 struct drm_device *dev = obj->dev;
3653 drm_i915_private_t *dev_priv = dev->dev_private;
3654 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3656 i915_verify_inactive(dev, __FILE__, __LINE__);
3657 obj_priv->pin_count--;
3658 BUG_ON(obj_priv->pin_count < 0);
3659 BUG_ON(obj_priv->gtt_space == NULL);
3661 /* If the object is no longer pinned, and is
3662 * neither active nor being flushed, then stick it on
3665 if (obj_priv->pin_count == 0) {
3666 if (!obj_priv->active &&
3667 (obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
3668 list_move_tail(&obj_priv->list,
3669 &dev_priv->mm.inactive_list);
3670 atomic_dec(&dev->pin_count);
3671 atomic_sub(obj->size, &dev->pin_memory);
3673 i915_verify_inactive(dev, __FILE__, __LINE__);
3677 i915_gem_pin_ioctl(struct drm_device *dev, void *data,
3678 struct drm_file *file_priv)
3680 struct drm_i915_gem_pin *args = data;
3681 struct drm_gem_object *obj;
3682 struct drm_i915_gem_object *obj_priv;
3685 mutex_lock(&dev->struct_mutex);
3687 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3689 DRM_ERROR("Bad handle in i915_gem_pin_ioctl(): %d\n",
3691 mutex_unlock(&dev->struct_mutex);
3694 obj_priv = obj->driver_private;
3696 if (obj_priv->madv == I915_MADV_DONTNEED) {
3697 DRM_ERROR("Attempting to pin a I915_MADV_DONTNEED buffer\n");
3698 drm_gem_object_unreference(obj);
3699 mutex_unlock(&dev->struct_mutex);
3703 if (obj_priv->pin_filp != NULL && obj_priv->pin_filp != file_priv) {
3704 DRM_ERROR("Already pinned in i915_gem_pin_ioctl(): %d\n",
3706 drm_gem_object_unreference(obj);
3707 mutex_unlock(&dev->struct_mutex);
3711 obj_priv->user_pin_count++;
3712 obj_priv->pin_filp = file_priv;
3713 if (obj_priv->user_pin_count == 1) {
3714 ret = i915_gem_object_pin(obj, args->alignment);
3716 drm_gem_object_unreference(obj);
3717 mutex_unlock(&dev->struct_mutex);
3722 /* XXX - flush the CPU caches for pinned objects
3723 * as the X server doesn't manage domains yet
3725 i915_gem_object_flush_cpu_write_domain(obj);
3726 args->offset = obj_priv->gtt_offset;
3727 drm_gem_object_unreference(obj);
3728 mutex_unlock(&dev->struct_mutex);
3734 i915_gem_unpin_ioctl(struct drm_device *dev, void *data,
3735 struct drm_file *file_priv)
3737 struct drm_i915_gem_pin *args = data;
3738 struct drm_gem_object *obj;
3739 struct drm_i915_gem_object *obj_priv;
3741 mutex_lock(&dev->struct_mutex);
3743 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3745 DRM_ERROR("Bad handle in i915_gem_unpin_ioctl(): %d\n",
3747 mutex_unlock(&dev->struct_mutex);
3751 obj_priv = obj->driver_private;
3752 if (obj_priv->pin_filp != file_priv) {
3753 DRM_ERROR("Not pinned by caller in i915_gem_pin_ioctl(): %d\n",
3755 drm_gem_object_unreference(obj);
3756 mutex_unlock(&dev->struct_mutex);
3759 obj_priv->user_pin_count--;
3760 if (obj_priv->user_pin_count == 0) {
3761 obj_priv->pin_filp = NULL;
3762 i915_gem_object_unpin(obj);
3765 drm_gem_object_unreference(obj);
3766 mutex_unlock(&dev->struct_mutex);
3771 i915_gem_busy_ioctl(struct drm_device *dev, void *data,
3772 struct drm_file *file_priv)
3774 struct drm_i915_gem_busy *args = data;
3775 struct drm_gem_object *obj;
3776 struct drm_i915_gem_object *obj_priv;
3778 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3780 DRM_ERROR("Bad handle in i915_gem_busy_ioctl(): %d\n",
3785 mutex_lock(&dev->struct_mutex);
3786 /* Update the active list for the hardware's current position.
3787 * Otherwise this only updates on a delayed timer or when irqs are
3788 * actually unmasked, and our working set ends up being larger than
3791 i915_gem_retire_requests(dev);
3793 obj_priv = obj->driver_private;
3794 /* Don't count being on the flushing list against the object being
3795 * done. Otherwise, a buffer left on the flushing list but not getting
3796 * flushed (because nobody's flushing that domain) won't ever return
3797 * unbusy and get reused by libdrm's bo cache. The other expected
3798 * consumer of this interface, OpenGL's occlusion queries, also specs
3799 * that the objects get unbusy "eventually" without any interference.
3801 args->busy = obj_priv->active && obj_priv->last_rendering_seqno != 0;
3803 drm_gem_object_unreference(obj);
3804 mutex_unlock(&dev->struct_mutex);
3809 i915_gem_throttle_ioctl(struct drm_device *dev, void *data,
3810 struct drm_file *file_priv)
3812 return i915_gem_ring_throttle(dev, file_priv);
3816 i915_gem_madvise_ioctl(struct drm_device *dev, void *data,
3817 struct drm_file *file_priv)
3819 struct drm_i915_gem_madvise *args = data;
3820 struct drm_gem_object *obj;
3821 struct drm_i915_gem_object *obj_priv;
3823 switch (args->madv) {
3824 case I915_MADV_DONTNEED:
3825 case I915_MADV_WILLNEED:
3831 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3833 DRM_ERROR("Bad handle in i915_gem_madvise_ioctl(): %d\n",
3838 mutex_lock(&dev->struct_mutex);
3839 obj_priv = obj->driver_private;
3841 if (obj_priv->pin_count) {
3842 drm_gem_object_unreference(obj);
3843 mutex_unlock(&dev->struct_mutex);
3845 DRM_ERROR("Attempted i915_gem_madvise_ioctl() on a pinned object\n");
3849 obj_priv->madv = args->madv;
3850 args->retained = obj_priv->gtt_space != NULL;
3852 drm_gem_object_unreference(obj);
3853 mutex_unlock(&dev->struct_mutex);
3858 int i915_gem_init_object(struct drm_gem_object *obj)
3860 struct drm_i915_gem_object *obj_priv;
3862 obj_priv = kzalloc(sizeof(*obj_priv), GFP_KERNEL);
3863 if (obj_priv == NULL)
3867 * We've just allocated pages from the kernel,
3868 * so they've just been written by the CPU with
3869 * zeros. They'll need to be clflushed before we
3870 * use them with the GPU.
3872 obj->write_domain = I915_GEM_DOMAIN_CPU;
3873 obj->read_domains = I915_GEM_DOMAIN_CPU;
3875 obj_priv->agp_type = AGP_USER_MEMORY;
3877 obj->driver_private = obj_priv;
3878 obj_priv->obj = obj;
3879 obj_priv->fence_reg = I915_FENCE_REG_NONE;
3880 INIT_LIST_HEAD(&obj_priv->list);
3881 INIT_LIST_HEAD(&obj_priv->fence_list);
3882 obj_priv->madv = I915_MADV_WILLNEED;
3887 void i915_gem_free_object(struct drm_gem_object *obj)
3889 struct drm_device *dev = obj->dev;
3890 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3892 while (obj_priv->pin_count > 0)
3893 i915_gem_object_unpin(obj);
3895 if (obj_priv->phys_obj)
3896 i915_gem_detach_phys_object(dev, obj);
3898 i915_gem_object_unbind(obj);
3900 if (obj_priv->mmap_offset)
3901 i915_gem_free_mmap_offset(obj);
3903 kfree(obj_priv->page_cpu_valid);
3904 kfree(obj_priv->bit_17);
3905 kfree(obj->driver_private);
3908 /** Unbinds all objects that are on the given buffer list. */
3910 i915_gem_evict_from_list(struct drm_device *dev, struct list_head *head)
3912 struct drm_gem_object *obj;
3913 struct drm_i915_gem_object *obj_priv;
3916 while (!list_empty(head)) {
3917 obj_priv = list_first_entry(head,
3918 struct drm_i915_gem_object,
3920 obj = obj_priv->obj;
3922 if (obj_priv->pin_count != 0) {
3923 DRM_ERROR("Pinned object in unbind list\n");
3924 mutex_unlock(&dev->struct_mutex);
3928 ret = i915_gem_object_unbind(obj);
3930 DRM_ERROR("Error unbinding object in LeaveVT: %d\n",
3932 mutex_unlock(&dev->struct_mutex);
3942 i915_gem_idle(struct drm_device *dev)
3944 drm_i915_private_t *dev_priv = dev->dev_private;
3945 uint32_t seqno, cur_seqno, last_seqno;
3948 mutex_lock(&dev->struct_mutex);
3950 if (dev_priv->mm.suspended || dev_priv->ring.ring_obj == NULL) {
3951 mutex_unlock(&dev->struct_mutex);
3955 /* Hack! Don't let anybody do execbuf while we don't control the chip.
3956 * We need to replace this with a semaphore, or something.
3958 dev_priv->mm.suspended = 1;
3959 del_timer(&dev_priv->hangcheck_timer);
3961 /* Cancel the retire work handler, wait for it to finish if running
3963 mutex_unlock(&dev->struct_mutex);
3964 cancel_delayed_work_sync(&dev_priv->mm.retire_work);
3965 mutex_lock(&dev->struct_mutex);
3967 i915_kernel_lost_context(dev);
3969 /* Flush the GPU along with all non-CPU write domains
3971 i915_gem_flush(dev, I915_GEM_GPU_DOMAINS, I915_GEM_GPU_DOMAINS);
3972 seqno = i915_add_request(dev, NULL, I915_GEM_GPU_DOMAINS);
3975 mutex_unlock(&dev->struct_mutex);
3979 dev_priv->mm.waiting_gem_seqno = seqno;
3983 cur_seqno = i915_get_gem_seqno(dev);
3984 if (i915_seqno_passed(cur_seqno, seqno))
3986 if (last_seqno == cur_seqno) {
3987 if (stuck++ > 100) {
3988 DRM_ERROR("hardware wedged\n");
3989 atomic_set(&dev_priv->mm.wedged, 1);
3990 DRM_WAKEUP(&dev_priv->irq_queue);
3995 last_seqno = cur_seqno;
3997 dev_priv->mm.waiting_gem_seqno = 0;
3999 i915_gem_retire_requests(dev);
4001 spin_lock(&dev_priv->mm.active_list_lock);
4002 if (!atomic_read(&dev_priv->mm.wedged)) {
4003 /* Active and flushing should now be empty as we've
4004 * waited for a sequence higher than any pending execbuffer
4006 WARN_ON(!list_empty(&dev_priv->mm.active_list));
4007 WARN_ON(!list_empty(&dev_priv->mm.flushing_list));
4008 /* Request should now be empty as we've also waited
4009 * for the last request in the list
4011 WARN_ON(!list_empty(&dev_priv->mm.request_list));
4014 /* Empty the active and flushing lists to inactive. If there's
4015 * anything left at this point, it means that we're wedged and
4016 * nothing good's going to happen by leaving them there. So strip
4017 * the GPU domains and just stuff them onto inactive.
4019 while (!list_empty(&dev_priv->mm.active_list)) {
4020 struct drm_i915_gem_object *obj_priv;
4022 obj_priv = list_first_entry(&dev_priv->mm.active_list,
4023 struct drm_i915_gem_object,
4025 obj_priv->obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
4026 i915_gem_object_move_to_inactive(obj_priv->obj);
4028 spin_unlock(&dev_priv->mm.active_list_lock);
4030 while (!list_empty(&dev_priv->mm.flushing_list)) {
4031 struct drm_i915_gem_object *obj_priv;
4033 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
4034 struct drm_i915_gem_object,
4036 obj_priv->obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
4037 i915_gem_object_move_to_inactive(obj_priv->obj);
4041 /* Move all inactive buffers out of the GTT. */
4042 ret = i915_gem_evict_from_list(dev, &dev_priv->mm.inactive_list);
4043 WARN_ON(!list_empty(&dev_priv->mm.inactive_list));
4045 mutex_unlock(&dev->struct_mutex);
4049 i915_gem_cleanup_ringbuffer(dev);
4050 mutex_unlock(&dev->struct_mutex);
4056 i915_gem_init_hws(struct drm_device *dev)
4058 drm_i915_private_t *dev_priv = dev->dev_private;
4059 struct drm_gem_object *obj;
4060 struct drm_i915_gem_object *obj_priv;
4063 /* If we need a physical address for the status page, it's already
4064 * initialized at driver load time.
4066 if (!I915_NEED_GFX_HWS(dev))
4069 obj = drm_gem_object_alloc(dev, 4096);
4071 DRM_ERROR("Failed to allocate status page\n");
4074 obj_priv = obj->driver_private;
4075 obj_priv->agp_type = AGP_USER_CACHED_MEMORY;
4077 ret = i915_gem_object_pin(obj, 4096);
4079 drm_gem_object_unreference(obj);
4083 dev_priv->status_gfx_addr = obj_priv->gtt_offset;
4085 dev_priv->hw_status_page = kmap(obj_priv->pages[0]);
4086 if (dev_priv->hw_status_page == NULL) {
4087 DRM_ERROR("Failed to map status page.\n");
4088 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
4089 i915_gem_object_unpin(obj);
4090 drm_gem_object_unreference(obj);
4093 dev_priv->hws_obj = obj;
4094 memset(dev_priv->hw_status_page, 0, PAGE_SIZE);
4095 I915_WRITE(HWS_PGA, dev_priv->status_gfx_addr);
4096 I915_READ(HWS_PGA); /* posting read */
4097 DRM_DEBUG("hws offset: 0x%08x\n", dev_priv->status_gfx_addr);
4103 i915_gem_cleanup_hws(struct drm_device *dev)
4105 drm_i915_private_t *dev_priv = dev->dev_private;
4106 struct drm_gem_object *obj;
4107 struct drm_i915_gem_object *obj_priv;
4109 if (dev_priv->hws_obj == NULL)
4112 obj = dev_priv->hws_obj;
4113 obj_priv = obj->driver_private;
4115 kunmap(obj_priv->pages[0]);
4116 i915_gem_object_unpin(obj);
4117 drm_gem_object_unreference(obj);
4118 dev_priv->hws_obj = NULL;
4120 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
4121 dev_priv->hw_status_page = NULL;
4123 /* Write high address into HWS_PGA when disabling. */
4124 I915_WRITE(HWS_PGA, 0x1ffff000);
4128 i915_gem_init_ringbuffer(struct drm_device *dev)
4130 drm_i915_private_t *dev_priv = dev->dev_private;
4131 struct drm_gem_object *obj;
4132 struct drm_i915_gem_object *obj_priv;
4133 drm_i915_ring_buffer_t *ring = &dev_priv->ring;
4137 ret = i915_gem_init_hws(dev);
4141 obj = drm_gem_object_alloc(dev, 128 * 1024);
4143 DRM_ERROR("Failed to allocate ringbuffer\n");
4144 i915_gem_cleanup_hws(dev);
4147 obj_priv = obj->driver_private;
4149 ret = i915_gem_object_pin(obj, 4096);
4151 drm_gem_object_unreference(obj);
4152 i915_gem_cleanup_hws(dev);
4156 /* Set up the kernel mapping for the ring. */
4157 ring->Size = obj->size;
4159 ring->map.offset = dev->agp->base + obj_priv->gtt_offset;
4160 ring->map.size = obj->size;
4162 ring->map.flags = 0;
4165 drm_core_ioremap_wc(&ring->map, dev);
4166 if (ring->map.handle == NULL) {
4167 DRM_ERROR("Failed to map ringbuffer.\n");
4168 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
4169 i915_gem_object_unpin(obj);
4170 drm_gem_object_unreference(obj);
4171 i915_gem_cleanup_hws(dev);
4174 ring->ring_obj = obj;
4175 ring->virtual_start = ring->map.handle;
4177 /* Stop the ring if it's running. */
4178 I915_WRITE(PRB0_CTL, 0);
4179 I915_WRITE(PRB0_TAIL, 0);
4180 I915_WRITE(PRB0_HEAD, 0);
4182 /* Initialize the ring. */
4183 I915_WRITE(PRB0_START, obj_priv->gtt_offset);
4184 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4186 /* G45 ring initialization fails to reset head to zero */
4188 DRM_ERROR("Ring head not reset to zero "
4189 "ctl %08x head %08x tail %08x start %08x\n",
4190 I915_READ(PRB0_CTL),
4191 I915_READ(PRB0_HEAD),
4192 I915_READ(PRB0_TAIL),
4193 I915_READ(PRB0_START));
4194 I915_WRITE(PRB0_HEAD, 0);
4196 DRM_ERROR("Ring head forced to zero "
4197 "ctl %08x head %08x tail %08x start %08x\n",
4198 I915_READ(PRB0_CTL),
4199 I915_READ(PRB0_HEAD),
4200 I915_READ(PRB0_TAIL),
4201 I915_READ(PRB0_START));
4204 I915_WRITE(PRB0_CTL,
4205 ((obj->size - 4096) & RING_NR_PAGES) |
4209 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4211 /* If the head is still not zero, the ring is dead */
4213 DRM_ERROR("Ring initialization failed "
4214 "ctl %08x head %08x tail %08x start %08x\n",
4215 I915_READ(PRB0_CTL),
4216 I915_READ(PRB0_HEAD),
4217 I915_READ(PRB0_TAIL),
4218 I915_READ(PRB0_START));
4222 /* Update our cache of the ring state */
4223 if (!drm_core_check_feature(dev, DRIVER_MODESET))
4224 i915_kernel_lost_context(dev);
4226 ring->head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4227 ring->tail = I915_READ(PRB0_TAIL) & TAIL_ADDR;
4228 ring->space = ring->head - (ring->tail + 8);
4229 if (ring->space < 0)
4230 ring->space += ring->Size;
4237 i915_gem_cleanup_ringbuffer(struct drm_device *dev)
4239 drm_i915_private_t *dev_priv = dev->dev_private;
4241 if (dev_priv->ring.ring_obj == NULL)
4244 drm_core_ioremapfree(&dev_priv->ring.map, dev);
4246 i915_gem_object_unpin(dev_priv->ring.ring_obj);
4247 drm_gem_object_unreference(dev_priv->ring.ring_obj);
4248 dev_priv->ring.ring_obj = NULL;
4249 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
4251 i915_gem_cleanup_hws(dev);
4255 i915_gem_entervt_ioctl(struct drm_device *dev, void *data,
4256 struct drm_file *file_priv)
4258 drm_i915_private_t *dev_priv = dev->dev_private;
4261 if (drm_core_check_feature(dev, DRIVER_MODESET))
4264 if (atomic_read(&dev_priv->mm.wedged)) {
4265 DRM_ERROR("Reenabling wedged hardware, good luck\n");
4266 atomic_set(&dev_priv->mm.wedged, 0);
4269 mutex_lock(&dev->struct_mutex);
4270 dev_priv->mm.suspended = 0;
4272 ret = i915_gem_init_ringbuffer(dev);
4274 mutex_unlock(&dev->struct_mutex);
4278 spin_lock(&dev_priv->mm.active_list_lock);
4279 BUG_ON(!list_empty(&dev_priv->mm.active_list));
4280 spin_unlock(&dev_priv->mm.active_list_lock);
4282 BUG_ON(!list_empty(&dev_priv->mm.flushing_list));
4283 BUG_ON(!list_empty(&dev_priv->mm.inactive_list));
4284 BUG_ON(!list_empty(&dev_priv->mm.request_list));
4285 mutex_unlock(&dev->struct_mutex);
4287 drm_irq_install(dev);
4293 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data,
4294 struct drm_file *file_priv)
4298 if (drm_core_check_feature(dev, DRIVER_MODESET))
4301 ret = i915_gem_idle(dev);
4302 drm_irq_uninstall(dev);
4308 i915_gem_lastclose(struct drm_device *dev)
4312 if (drm_core_check_feature(dev, DRIVER_MODESET))
4315 ret = i915_gem_idle(dev);
4317 DRM_ERROR("failed to idle hardware: %d\n", ret);
4321 i915_gem_load(struct drm_device *dev)
4324 drm_i915_private_t *dev_priv = dev->dev_private;
4326 spin_lock_init(&dev_priv->mm.active_list_lock);
4327 INIT_LIST_HEAD(&dev_priv->mm.active_list);
4328 INIT_LIST_HEAD(&dev_priv->mm.flushing_list);
4329 INIT_LIST_HEAD(&dev_priv->mm.inactive_list);
4330 INIT_LIST_HEAD(&dev_priv->mm.request_list);
4331 INIT_LIST_HEAD(&dev_priv->mm.fence_list);
4332 INIT_DELAYED_WORK(&dev_priv->mm.retire_work,
4333 i915_gem_retire_work_handler);
4334 dev_priv->mm.next_gem_seqno = 1;
4336 spin_lock(&shrink_list_lock);
4337 list_add(&dev_priv->mm.shrink_list, &shrink_list);
4338 spin_unlock(&shrink_list_lock);
4340 /* Old X drivers will take 0-2 for front, back, depth buffers */
4341 dev_priv->fence_reg_start = 3;
4343 if (IS_I965G(dev) || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4344 dev_priv->num_fence_regs = 16;
4346 dev_priv->num_fence_regs = 8;
4348 /* Initialize fence registers to zero */
4349 if (IS_I965G(dev)) {
4350 for (i = 0; i < 16; i++)
4351 I915_WRITE64(FENCE_REG_965_0 + (i * 8), 0);
4353 for (i = 0; i < 8; i++)
4354 I915_WRITE(FENCE_REG_830_0 + (i * 4), 0);
4355 if (IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4356 for (i = 0; i < 8; i++)
4357 I915_WRITE(FENCE_REG_945_8 + (i * 4), 0);
4360 i915_gem_detect_bit_6_swizzle(dev);
4364 * Create a physically contiguous memory object for this object
4365 * e.g. for cursor + overlay regs
4367 int i915_gem_init_phys_object(struct drm_device *dev,
4370 drm_i915_private_t *dev_priv = dev->dev_private;
4371 struct drm_i915_gem_phys_object *phys_obj;
4374 if (dev_priv->mm.phys_objs[id - 1] || !size)
4377 phys_obj = kzalloc(sizeof(struct drm_i915_gem_phys_object), GFP_KERNEL);
4383 phys_obj->handle = drm_pci_alloc(dev, size, 0, 0xffffffff);
4384 if (!phys_obj->handle) {
4389 set_memory_wc((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4392 dev_priv->mm.phys_objs[id - 1] = phys_obj;
4400 void i915_gem_free_phys_object(struct drm_device *dev, int id)
4402 drm_i915_private_t *dev_priv = dev->dev_private;
4403 struct drm_i915_gem_phys_object *phys_obj;
4405 if (!dev_priv->mm.phys_objs[id - 1])
4408 phys_obj = dev_priv->mm.phys_objs[id - 1];
4409 if (phys_obj->cur_obj) {
4410 i915_gem_detach_phys_object(dev, phys_obj->cur_obj);
4414 set_memory_wb((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4416 drm_pci_free(dev, phys_obj->handle);
4418 dev_priv->mm.phys_objs[id - 1] = NULL;
4421 void i915_gem_free_all_phys_object(struct drm_device *dev)
4425 for (i = I915_GEM_PHYS_CURSOR_0; i <= I915_MAX_PHYS_OBJECT; i++)
4426 i915_gem_free_phys_object(dev, i);
4429 void i915_gem_detach_phys_object(struct drm_device *dev,
4430 struct drm_gem_object *obj)
4432 struct drm_i915_gem_object *obj_priv;
4437 obj_priv = obj->driver_private;
4438 if (!obj_priv->phys_obj)
4441 ret = i915_gem_object_get_pages(obj);
4445 page_count = obj->size / PAGE_SIZE;
4447 for (i = 0; i < page_count; i++) {
4448 char *dst = kmap_atomic(obj_priv->pages[i], KM_USER0);
4449 char *src = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4451 memcpy(dst, src, PAGE_SIZE);
4452 kunmap_atomic(dst, KM_USER0);
4454 drm_clflush_pages(obj_priv->pages, page_count);
4455 drm_agp_chipset_flush(dev);
4457 i915_gem_object_put_pages(obj);
4459 obj_priv->phys_obj->cur_obj = NULL;
4460 obj_priv->phys_obj = NULL;
4464 i915_gem_attach_phys_object(struct drm_device *dev,
4465 struct drm_gem_object *obj, int id)
4467 drm_i915_private_t *dev_priv = dev->dev_private;
4468 struct drm_i915_gem_object *obj_priv;
4473 if (id > I915_MAX_PHYS_OBJECT)
4476 obj_priv = obj->driver_private;
4478 if (obj_priv->phys_obj) {
4479 if (obj_priv->phys_obj->id == id)
4481 i915_gem_detach_phys_object(dev, obj);
4485 /* create a new object */
4486 if (!dev_priv->mm.phys_objs[id - 1]) {
4487 ret = i915_gem_init_phys_object(dev, id,
4490 DRM_ERROR("failed to init phys object %d size: %zu\n", id, obj->size);
4495 /* bind to the object */
4496 obj_priv->phys_obj = dev_priv->mm.phys_objs[id - 1];
4497 obj_priv->phys_obj->cur_obj = obj;
4499 ret = i915_gem_object_get_pages(obj);
4501 DRM_ERROR("failed to get page list\n");
4505 page_count = obj->size / PAGE_SIZE;
4507 for (i = 0; i < page_count; i++) {
4508 char *src = kmap_atomic(obj_priv->pages[i], KM_USER0);
4509 char *dst = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4511 memcpy(dst, src, PAGE_SIZE);
4512 kunmap_atomic(src, KM_USER0);
4515 i915_gem_object_put_pages(obj);
4523 i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
4524 struct drm_i915_gem_pwrite *args,
4525 struct drm_file *file_priv)
4527 struct drm_i915_gem_object *obj_priv = obj->driver_private;
4530 char __user *user_data;
4532 user_data = (char __user *) (uintptr_t) args->data_ptr;
4533 obj_addr = obj_priv->phys_obj->handle->vaddr + args->offset;
4535 DRM_DEBUG("obj_addr %p, %lld\n", obj_addr, args->size);
4536 ret = copy_from_user(obj_addr, user_data, args->size);
4540 drm_agp_chipset_flush(dev);
4544 void i915_gem_release(struct drm_device * dev, struct drm_file *file_priv)
4546 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
4548 /* Clean up our request list when the client is going away, so that
4549 * later retire_requests won't dereference our soon-to-be-gone
4552 mutex_lock(&dev->struct_mutex);
4553 while (!list_empty(&i915_file_priv->mm.request_list))
4554 list_del_init(i915_file_priv->mm.request_list.next);
4555 mutex_unlock(&dev->struct_mutex);
4558 /* Immediately discard the backing storage */
4560 i915_gem_object_truncate(struct drm_gem_object *obj)
4562 struct inode *inode;
4564 inode = obj->filp->f_path.dentry->d_inode;
4566 mutex_lock(&inode->i_mutex);
4567 truncate_inode_pages(inode->i_mapping, 0);
4568 mutex_unlock(&inode->i_mutex);
4572 i915_gem_object_is_purgeable(struct drm_i915_gem_object *obj_priv)
4574 return !obj_priv->dirty || obj_priv->madv == I915_MADV_DONTNEED;
4578 i915_gem_shrink(int nr_to_scan, gfp_t gfp_mask)
4580 drm_i915_private_t *dev_priv, *next_dev;
4581 struct drm_i915_gem_object *obj_priv, *next_obj;
4583 int would_deadlock = 1;
4585 /* "fast-path" to count number of available objects */
4586 if (nr_to_scan == 0) {
4587 spin_lock(&shrink_list_lock);
4588 list_for_each_entry(dev_priv, &shrink_list, mm.shrink_list) {
4589 struct drm_device *dev = dev_priv->dev;
4591 if (mutex_trylock(&dev->struct_mutex)) {
4592 list_for_each_entry(obj_priv,
4593 &dev_priv->mm.inactive_list,
4596 mutex_unlock(&dev->struct_mutex);
4599 spin_unlock(&shrink_list_lock);
4601 return (cnt / 100) * sysctl_vfs_cache_pressure;
4604 spin_lock(&shrink_list_lock);
4606 /* first scan for clean buffers */
4607 list_for_each_entry_safe(dev_priv, next_dev,
4608 &shrink_list, mm.shrink_list) {
4609 struct drm_device *dev = dev_priv->dev;
4611 if (! mutex_trylock(&dev->struct_mutex))
4614 spin_unlock(&shrink_list_lock);
4616 i915_gem_retire_requests(dev);
4618 list_for_each_entry_safe(obj_priv, next_obj,
4619 &dev_priv->mm.inactive_list,
4621 if (i915_gem_object_is_purgeable(obj_priv)) {
4622 struct drm_gem_object *obj = obj_priv->obj;
4623 i915_gem_object_unbind(obj);
4624 i915_gem_object_truncate(obj);
4626 if (--nr_to_scan <= 0)
4631 spin_lock(&shrink_list_lock);
4632 mutex_unlock(&dev->struct_mutex);
4634 if (nr_to_scan <= 0)
4638 /* second pass, evict/count anything still on the inactive list */
4639 list_for_each_entry_safe(dev_priv, next_dev,
4640 &shrink_list, mm.shrink_list) {
4641 struct drm_device *dev = dev_priv->dev;
4643 if (! mutex_trylock(&dev->struct_mutex))
4646 spin_unlock(&shrink_list_lock);
4648 list_for_each_entry_safe(obj_priv, next_obj,
4649 &dev_priv->mm.inactive_list,
4651 if (nr_to_scan > 0) {
4652 struct drm_gem_object *obj = obj_priv->obj;
4653 i915_gem_object_unbind(obj);
4654 if (i915_gem_object_is_purgeable(obj_priv))
4655 i915_gem_object_truncate(obj);
4662 spin_lock(&shrink_list_lock);
4663 mutex_unlock(&dev->struct_mutex);
4668 spin_unlock(&shrink_list_lock);
4673 return (cnt / 100) * sysctl_vfs_cache_pressure;
4678 static struct shrinker shrinker = {
4679 .shrink = i915_gem_shrink,
4680 .seeks = DEFAULT_SEEKS,
4684 i915_gem_shrinker_init(void)
4686 register_shrinker(&shrinker);
4690 i915_gem_shrinker_exit(void)
4692 unregister_shrinker(&shrinker);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob