2 * Copyright © 2008 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
32 #include "i915_trace.h"
33 #include "intel_drv.h"
34 #include <linux/swap.h>
35 #include <linux/pci.h>
37 #define I915_GEM_GPU_DOMAINS (~(I915_GEM_DOMAIN_CPU | I915_GEM_DOMAIN_GTT))
39 static void i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj);
40 static void i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj);
41 static void i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj);
42 static int i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj,
44 static int i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
47 static void i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj);
48 static int i915_gem_object_wait_rendering(struct drm_gem_object *obj);
49 static int i915_gem_object_bind_to_gtt(struct drm_gem_object *obj,
51 static void i915_gem_clear_fence_reg(struct drm_gem_object *obj);
52 static int i915_gem_evict_something(struct drm_device *dev, int min_size);
53 static int i915_gem_evict_from_list(struct drm_device *dev,
54 struct list_head *head);
55 static int i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
56 struct drm_i915_gem_pwrite *args,
57 struct drm_file *file_priv);
59 static LIST_HEAD(shrink_list);
60 static DEFINE_SPINLOCK(shrink_list_lock);
62 int i915_gem_do_init(struct drm_device *dev, unsigned long start,
65 drm_i915_private_t *dev_priv = dev->dev_private;
68 (start & (PAGE_SIZE - 1)) != 0 ||
69 (end & (PAGE_SIZE - 1)) != 0) {
73 drm_mm_init(&dev_priv->mm.gtt_space, start,
76 dev->gtt_total = (uint32_t) (end - start);
82 i915_gem_init_ioctl(struct drm_device *dev, void *data,
83 struct drm_file *file_priv)
85 struct drm_i915_gem_init *args = data;
88 mutex_lock(&dev->struct_mutex);
89 ret = i915_gem_do_init(dev, args->gtt_start, args->gtt_end);
90 mutex_unlock(&dev->struct_mutex);
96 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data,
97 struct drm_file *file_priv)
99 struct drm_i915_gem_get_aperture *args = data;
101 if (!(dev->driver->driver_features & DRIVER_GEM))
104 args->aper_size = dev->gtt_total;
105 args->aper_available_size = (args->aper_size -
106 atomic_read(&dev->pin_memory));
113 * Creates a new mm object and returns a handle to it.
116 i915_gem_create_ioctl(struct drm_device *dev, void *data,
117 struct drm_file *file_priv)
119 struct drm_i915_gem_create *args = data;
120 struct drm_gem_object *obj;
124 args->size = roundup(args->size, PAGE_SIZE);
126 /* Allocate the new object */
127 obj = drm_gem_object_alloc(dev, args->size);
131 ret = drm_gem_handle_create(file_priv, obj, &handle);
132 mutex_lock(&dev->struct_mutex);
133 drm_gem_object_handle_unreference(obj);
134 mutex_unlock(&dev->struct_mutex);
139 args->handle = handle;
145 fast_shmem_read(struct page **pages,
146 loff_t page_base, int page_offset,
153 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT], KM_USER0);
156 unwritten = __copy_to_user_inatomic(data, vaddr + page_offset, length);
157 kunmap_atomic(vaddr, KM_USER0);
165 static int i915_gem_object_needs_bit17_swizzle(struct drm_gem_object *obj)
167 drm_i915_private_t *dev_priv = obj->dev->dev_private;
168 struct drm_i915_gem_object *obj_priv = obj->driver_private;
170 return dev_priv->mm.bit_6_swizzle_x == I915_BIT_6_SWIZZLE_9_10_17 &&
171 obj_priv->tiling_mode != I915_TILING_NONE;
175 slow_shmem_copy(struct page *dst_page,
177 struct page *src_page,
181 char *dst_vaddr, *src_vaddr;
183 dst_vaddr = kmap_atomic(dst_page, KM_USER0);
184 if (dst_vaddr == NULL)
187 src_vaddr = kmap_atomic(src_page, KM_USER1);
188 if (src_vaddr == NULL) {
189 kunmap_atomic(dst_vaddr, KM_USER0);
193 memcpy(dst_vaddr + dst_offset, src_vaddr + src_offset, length);
195 kunmap_atomic(src_vaddr, KM_USER1);
196 kunmap_atomic(dst_vaddr, KM_USER0);
202 slow_shmem_bit17_copy(struct page *gpu_page,
204 struct page *cpu_page,
209 char *gpu_vaddr, *cpu_vaddr;
211 /* Use the unswizzled path if this page isn't affected. */
212 if ((page_to_phys(gpu_page) & (1 << 17)) == 0) {
214 return slow_shmem_copy(cpu_page, cpu_offset,
215 gpu_page, gpu_offset, length);
217 return slow_shmem_copy(gpu_page, gpu_offset,
218 cpu_page, cpu_offset, length);
221 gpu_vaddr = kmap_atomic(gpu_page, KM_USER0);
222 if (gpu_vaddr == NULL)
225 cpu_vaddr = kmap_atomic(cpu_page, KM_USER1);
226 if (cpu_vaddr == NULL) {
227 kunmap_atomic(gpu_vaddr, KM_USER0);
231 /* Copy the data, XORing A6 with A17 (1). The user already knows he's
232 * XORing with the other bits (A9 for Y, A9 and A10 for X)
235 int cacheline_end = ALIGN(gpu_offset + 1, 64);
236 int this_length = min(cacheline_end - gpu_offset, length);
237 int swizzled_gpu_offset = gpu_offset ^ 64;
240 memcpy(cpu_vaddr + cpu_offset,
241 gpu_vaddr + swizzled_gpu_offset,
244 memcpy(gpu_vaddr + swizzled_gpu_offset,
245 cpu_vaddr + cpu_offset,
248 cpu_offset += this_length;
249 gpu_offset += this_length;
250 length -= this_length;
253 kunmap_atomic(cpu_vaddr, KM_USER1);
254 kunmap_atomic(gpu_vaddr, KM_USER0);
260 * This is the fast shmem pread path, which attempts to copy_from_user directly
261 * from the backing pages of the object to the user's address space. On a
262 * fault, it fails so we can fall back to i915_gem_shmem_pwrite_slow().
265 i915_gem_shmem_pread_fast(struct drm_device *dev, struct drm_gem_object *obj,
266 struct drm_i915_gem_pread *args,
267 struct drm_file *file_priv)
269 struct drm_i915_gem_object *obj_priv = obj->driver_private;
271 loff_t offset, page_base;
272 char __user *user_data;
273 int page_offset, page_length;
276 user_data = (char __user *) (uintptr_t) args->data_ptr;
279 mutex_lock(&dev->struct_mutex);
281 ret = i915_gem_object_get_pages(obj);
285 ret = i915_gem_object_set_cpu_read_domain_range(obj, args->offset,
290 obj_priv = obj->driver_private;
291 offset = args->offset;
294 /* Operation in this page
296 * page_base = page offset within aperture
297 * page_offset = offset within page
298 * page_length = bytes to copy for this page
300 page_base = (offset & ~(PAGE_SIZE-1));
301 page_offset = offset & (PAGE_SIZE-1);
302 page_length = remain;
303 if ((page_offset + remain) > PAGE_SIZE)
304 page_length = PAGE_SIZE - page_offset;
306 ret = fast_shmem_read(obj_priv->pages,
307 page_base, page_offset,
308 user_data, page_length);
312 remain -= page_length;
313 user_data += page_length;
314 offset += page_length;
318 i915_gem_object_put_pages(obj);
320 mutex_unlock(&dev->struct_mutex);
326 i915_gem_object_get_page_gfp_mask (struct drm_gem_object *obj)
328 return mapping_gfp_mask(obj->filp->f_path.dentry->d_inode->i_mapping);
332 i915_gem_object_set_page_gfp_mask (struct drm_gem_object *obj, gfp_t gfp)
334 mapping_set_gfp_mask(obj->filp->f_path.dentry->d_inode->i_mapping, gfp);
338 i915_gem_object_get_pages_or_evict(struct drm_gem_object *obj)
342 ret = i915_gem_object_get_pages(obj);
344 /* If we've insufficient memory to map in the pages, attempt
345 * to make some space by throwing out some old buffers.
347 if (ret == -ENOMEM) {
348 struct drm_device *dev = obj->dev;
351 ret = i915_gem_evict_something(dev, obj->size);
355 gfp = i915_gem_object_get_page_gfp_mask(obj);
356 i915_gem_object_set_page_gfp_mask(obj, gfp & ~__GFP_NORETRY);
357 ret = i915_gem_object_get_pages(obj);
358 i915_gem_object_set_page_gfp_mask (obj, gfp);
365 * This is the fallback shmem pread path, which allocates temporary storage
366 * in kernel space to copy_to_user into outside of the struct_mutex, so we
367 * can copy out of the object's backing pages while holding the struct mutex
368 * and not take page faults.
371 i915_gem_shmem_pread_slow(struct drm_device *dev, struct drm_gem_object *obj,
372 struct drm_i915_gem_pread *args,
373 struct drm_file *file_priv)
375 struct drm_i915_gem_object *obj_priv = obj->driver_private;
376 struct mm_struct *mm = current->mm;
377 struct page **user_pages;
379 loff_t offset, pinned_pages, i;
380 loff_t first_data_page, last_data_page, num_pages;
381 int shmem_page_index, shmem_page_offset;
382 int data_page_index, data_page_offset;
385 uint64_t data_ptr = args->data_ptr;
386 int do_bit17_swizzling;
390 /* Pin the user pages containing the data. We can't fault while
391 * holding the struct mutex, yet we want to hold it while
392 * dereferencing the user data.
394 first_data_page = data_ptr / PAGE_SIZE;
395 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
396 num_pages = last_data_page - first_data_page + 1;
398 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
399 if (user_pages == NULL)
402 down_read(&mm->mmap_sem);
403 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
404 num_pages, 1, 0, user_pages, NULL);
405 up_read(&mm->mmap_sem);
406 if (pinned_pages < num_pages) {
408 goto fail_put_user_pages;
411 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
413 mutex_lock(&dev->struct_mutex);
415 ret = i915_gem_object_get_pages_or_evict(obj);
419 ret = i915_gem_object_set_cpu_read_domain_range(obj, args->offset,
424 obj_priv = obj->driver_private;
425 offset = args->offset;
428 /* Operation in this page
430 * shmem_page_index = page number within shmem file
431 * shmem_page_offset = offset within page in shmem file
432 * data_page_index = page number in get_user_pages return
433 * data_page_offset = offset with data_page_index page.
434 * page_length = bytes to copy for this page
436 shmem_page_index = offset / PAGE_SIZE;
437 shmem_page_offset = offset & ~PAGE_MASK;
438 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
439 data_page_offset = data_ptr & ~PAGE_MASK;
441 page_length = remain;
442 if ((shmem_page_offset + page_length) > PAGE_SIZE)
443 page_length = PAGE_SIZE - shmem_page_offset;
444 if ((data_page_offset + page_length) > PAGE_SIZE)
445 page_length = PAGE_SIZE - data_page_offset;
447 if (do_bit17_swizzling) {
448 ret = slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
450 user_pages[data_page_index],
455 ret = slow_shmem_copy(user_pages[data_page_index],
457 obj_priv->pages[shmem_page_index],
464 remain -= page_length;
465 data_ptr += page_length;
466 offset += page_length;
470 i915_gem_object_put_pages(obj);
472 mutex_unlock(&dev->struct_mutex);
474 for (i = 0; i < pinned_pages; i++) {
475 SetPageDirty(user_pages[i]);
476 page_cache_release(user_pages[i]);
478 drm_free_large(user_pages);
484 * Reads data from the object referenced by handle.
486 * On error, the contents of *data are undefined.
489 i915_gem_pread_ioctl(struct drm_device *dev, void *data,
490 struct drm_file *file_priv)
492 struct drm_i915_gem_pread *args = data;
493 struct drm_gem_object *obj;
494 struct drm_i915_gem_object *obj_priv;
497 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
500 obj_priv = obj->driver_private;
502 /* Bounds check source.
504 * XXX: This could use review for overflow issues...
506 if (args->offset > obj->size || args->size > obj->size ||
507 args->offset + args->size > obj->size) {
508 drm_gem_object_unreference(obj);
512 if (i915_gem_object_needs_bit17_swizzle(obj)) {
513 ret = i915_gem_shmem_pread_slow(dev, obj, args, file_priv);
515 ret = i915_gem_shmem_pread_fast(dev, obj, args, file_priv);
517 ret = i915_gem_shmem_pread_slow(dev, obj, args,
521 drm_gem_object_unreference(obj);
526 /* This is the fast write path which cannot handle
527 * page faults in the source data
531 fast_user_write(struct io_mapping *mapping,
532 loff_t page_base, int page_offset,
533 char __user *user_data,
537 unsigned long unwritten;
539 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base);
540 unwritten = __copy_from_user_inatomic_nocache(vaddr_atomic + page_offset,
542 io_mapping_unmap_atomic(vaddr_atomic);
548 /* Here's the write path which can sleep for
553 slow_kernel_write(struct io_mapping *mapping,
554 loff_t gtt_base, int gtt_offset,
555 struct page *user_page, int user_offset,
558 char *src_vaddr, *dst_vaddr;
559 unsigned long unwritten;
561 dst_vaddr = io_mapping_map_atomic_wc(mapping, gtt_base);
562 src_vaddr = kmap_atomic(user_page, KM_USER1);
563 unwritten = __copy_from_user_inatomic_nocache(dst_vaddr + gtt_offset,
564 src_vaddr + user_offset,
566 kunmap_atomic(src_vaddr, KM_USER1);
567 io_mapping_unmap_atomic(dst_vaddr);
574 fast_shmem_write(struct page **pages,
575 loff_t page_base, int page_offset,
580 unsigned long unwritten;
582 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT], KM_USER0);
585 unwritten = __copy_from_user_inatomic(vaddr + page_offset, data, length);
586 kunmap_atomic(vaddr, KM_USER0);
594 * This is the fast pwrite path, where we copy the data directly from the
595 * user into the GTT, uncached.
598 i915_gem_gtt_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
599 struct drm_i915_gem_pwrite *args,
600 struct drm_file *file_priv)
602 struct drm_i915_gem_object *obj_priv = obj->driver_private;
603 drm_i915_private_t *dev_priv = dev->dev_private;
605 loff_t offset, page_base;
606 char __user *user_data;
607 int page_offset, page_length;
610 user_data = (char __user *) (uintptr_t) args->data_ptr;
612 if (!access_ok(VERIFY_READ, user_data, remain))
616 mutex_lock(&dev->struct_mutex);
617 ret = i915_gem_object_pin(obj, 0);
619 mutex_unlock(&dev->struct_mutex);
622 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
626 obj_priv = obj->driver_private;
627 offset = obj_priv->gtt_offset + args->offset;
630 /* Operation in this page
632 * page_base = page offset within aperture
633 * page_offset = offset within page
634 * page_length = bytes to copy for this page
636 page_base = (offset & ~(PAGE_SIZE-1));
637 page_offset = offset & (PAGE_SIZE-1);
638 page_length = remain;
639 if ((page_offset + remain) > PAGE_SIZE)
640 page_length = PAGE_SIZE - page_offset;
642 ret = fast_user_write (dev_priv->mm.gtt_mapping, page_base,
643 page_offset, user_data, page_length);
645 /* If we get a fault while copying data, then (presumably) our
646 * source page isn't available. Return the error and we'll
647 * retry in the slow path.
652 remain -= page_length;
653 user_data += page_length;
654 offset += page_length;
658 i915_gem_object_unpin(obj);
659 mutex_unlock(&dev->struct_mutex);
665 * This is the fallback GTT pwrite path, which uses get_user_pages to pin
666 * the memory and maps it using kmap_atomic for copying.
668 * This code resulted in x11perf -rgb10text consuming about 10% more CPU
669 * than using i915_gem_gtt_pwrite_fast on a G45 (32-bit).
672 i915_gem_gtt_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
673 struct drm_i915_gem_pwrite *args,
674 struct drm_file *file_priv)
676 struct drm_i915_gem_object *obj_priv = obj->driver_private;
677 drm_i915_private_t *dev_priv = dev->dev_private;
679 loff_t gtt_page_base, offset;
680 loff_t first_data_page, last_data_page, num_pages;
681 loff_t pinned_pages, i;
682 struct page **user_pages;
683 struct mm_struct *mm = current->mm;
684 int gtt_page_offset, data_page_offset, data_page_index, page_length;
686 uint64_t data_ptr = args->data_ptr;
690 /* Pin the user pages containing the data. We can't fault while
691 * holding the struct mutex, and all of the pwrite implementations
692 * want to hold it while dereferencing the user data.
694 first_data_page = data_ptr / PAGE_SIZE;
695 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
696 num_pages = last_data_page - first_data_page + 1;
698 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
699 if (user_pages == NULL)
702 down_read(&mm->mmap_sem);
703 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
704 num_pages, 0, 0, user_pages, NULL);
705 up_read(&mm->mmap_sem);
706 if (pinned_pages < num_pages) {
708 goto out_unpin_pages;
711 mutex_lock(&dev->struct_mutex);
712 ret = i915_gem_object_pin(obj, 0);
716 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
718 goto out_unpin_object;
720 obj_priv = obj->driver_private;
721 offset = obj_priv->gtt_offset + args->offset;
724 /* Operation in this page
726 * gtt_page_base = page offset within aperture
727 * gtt_page_offset = offset within page in aperture
728 * data_page_index = page number in get_user_pages return
729 * data_page_offset = offset with data_page_index page.
730 * page_length = bytes to copy for this page
732 gtt_page_base = offset & PAGE_MASK;
733 gtt_page_offset = offset & ~PAGE_MASK;
734 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
735 data_page_offset = data_ptr & ~PAGE_MASK;
737 page_length = remain;
738 if ((gtt_page_offset + page_length) > PAGE_SIZE)
739 page_length = PAGE_SIZE - gtt_page_offset;
740 if ((data_page_offset + page_length) > PAGE_SIZE)
741 page_length = PAGE_SIZE - data_page_offset;
743 ret = slow_kernel_write(dev_priv->mm.gtt_mapping,
744 gtt_page_base, gtt_page_offset,
745 user_pages[data_page_index],
749 /* If we get a fault while copying data, then (presumably) our
750 * source page isn't available. Return the error and we'll
751 * retry in the slow path.
754 goto out_unpin_object;
756 remain -= page_length;
757 offset += page_length;
758 data_ptr += page_length;
762 i915_gem_object_unpin(obj);
764 mutex_unlock(&dev->struct_mutex);
766 for (i = 0; i < pinned_pages; i++)
767 page_cache_release(user_pages[i]);
768 drm_free_large(user_pages);
774 * This is the fast shmem pwrite path, which attempts to directly
775 * copy_from_user into the kmapped pages backing the object.
778 i915_gem_shmem_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
779 struct drm_i915_gem_pwrite *args,
780 struct drm_file *file_priv)
782 struct drm_i915_gem_object *obj_priv = obj->driver_private;
784 loff_t offset, page_base;
785 char __user *user_data;
786 int page_offset, page_length;
789 user_data = (char __user *) (uintptr_t) args->data_ptr;
792 mutex_lock(&dev->struct_mutex);
794 ret = i915_gem_object_get_pages(obj);
798 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
802 obj_priv = obj->driver_private;
803 offset = args->offset;
807 /* Operation in this page
809 * page_base = page offset within aperture
810 * page_offset = offset within page
811 * page_length = bytes to copy for this page
813 page_base = (offset & ~(PAGE_SIZE-1));
814 page_offset = offset & (PAGE_SIZE-1);
815 page_length = remain;
816 if ((page_offset + remain) > PAGE_SIZE)
817 page_length = PAGE_SIZE - page_offset;
819 ret = fast_shmem_write(obj_priv->pages,
820 page_base, page_offset,
821 user_data, page_length);
825 remain -= page_length;
826 user_data += page_length;
827 offset += page_length;
831 i915_gem_object_put_pages(obj);
833 mutex_unlock(&dev->struct_mutex);
839 * This is the fallback shmem pwrite path, which uses get_user_pages to pin
840 * the memory and maps it using kmap_atomic for copying.
842 * This avoids taking mmap_sem for faulting on the user's address while the
843 * struct_mutex is held.
846 i915_gem_shmem_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
847 struct drm_i915_gem_pwrite *args,
848 struct drm_file *file_priv)
850 struct drm_i915_gem_object *obj_priv = obj->driver_private;
851 struct mm_struct *mm = current->mm;
852 struct page **user_pages;
854 loff_t offset, pinned_pages, i;
855 loff_t first_data_page, last_data_page, num_pages;
856 int shmem_page_index, shmem_page_offset;
857 int data_page_index, data_page_offset;
860 uint64_t data_ptr = args->data_ptr;
861 int do_bit17_swizzling;
865 /* Pin the user pages containing the data. We can't fault while
866 * holding the struct mutex, and all of the pwrite implementations
867 * want to hold it while dereferencing the user data.
869 first_data_page = data_ptr / PAGE_SIZE;
870 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
871 num_pages = last_data_page - first_data_page + 1;
873 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
874 if (user_pages == NULL)
877 down_read(&mm->mmap_sem);
878 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
879 num_pages, 0, 0, user_pages, NULL);
880 up_read(&mm->mmap_sem);
881 if (pinned_pages < num_pages) {
883 goto fail_put_user_pages;
886 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
888 mutex_lock(&dev->struct_mutex);
890 ret = i915_gem_object_get_pages_or_evict(obj);
894 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
898 obj_priv = obj->driver_private;
899 offset = args->offset;
903 /* Operation in this page
905 * shmem_page_index = page number within shmem file
906 * shmem_page_offset = offset within page in shmem file
907 * data_page_index = page number in get_user_pages return
908 * data_page_offset = offset with data_page_index page.
909 * page_length = bytes to copy for this page
911 shmem_page_index = offset / PAGE_SIZE;
912 shmem_page_offset = offset & ~PAGE_MASK;
913 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
914 data_page_offset = data_ptr & ~PAGE_MASK;
916 page_length = remain;
917 if ((shmem_page_offset + page_length) > PAGE_SIZE)
918 page_length = PAGE_SIZE - shmem_page_offset;
919 if ((data_page_offset + page_length) > PAGE_SIZE)
920 page_length = PAGE_SIZE - data_page_offset;
922 if (do_bit17_swizzling) {
923 ret = slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
925 user_pages[data_page_index],
930 ret = slow_shmem_copy(obj_priv->pages[shmem_page_index],
932 user_pages[data_page_index],
939 remain -= page_length;
940 data_ptr += page_length;
941 offset += page_length;
945 i915_gem_object_put_pages(obj);
947 mutex_unlock(&dev->struct_mutex);
949 for (i = 0; i < pinned_pages; i++)
950 page_cache_release(user_pages[i]);
951 drm_free_large(user_pages);
957 * Writes data to the object referenced by handle.
959 * On error, the contents of the buffer that were to be modified are undefined.
962 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data,
963 struct drm_file *file_priv)
965 struct drm_i915_gem_pwrite *args = data;
966 struct drm_gem_object *obj;
967 struct drm_i915_gem_object *obj_priv;
970 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
973 obj_priv = obj->driver_private;
975 /* Bounds check destination.
977 * XXX: This could use review for overflow issues...
979 if (args->offset > obj->size || args->size > obj->size ||
980 args->offset + args->size > obj->size) {
981 drm_gem_object_unreference(obj);
985 /* We can only do the GTT pwrite on untiled buffers, as otherwise
986 * it would end up going through the fenced access, and we'll get
987 * different detiling behavior between reading and writing.
988 * pread/pwrite currently are reading and writing from the CPU
989 * perspective, requiring manual detiling by the client.
991 if (obj_priv->phys_obj)
992 ret = i915_gem_phys_pwrite(dev, obj, args, file_priv);
993 else if (obj_priv->tiling_mode == I915_TILING_NONE &&
994 dev->gtt_total != 0) {
995 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file_priv);
996 if (ret == -EFAULT) {
997 ret = i915_gem_gtt_pwrite_slow(dev, obj, args,
1000 } else if (i915_gem_object_needs_bit17_swizzle(obj)) {
1001 ret = i915_gem_shmem_pwrite_slow(dev, obj, args, file_priv);
1003 ret = i915_gem_shmem_pwrite_fast(dev, obj, args, file_priv);
1004 if (ret == -EFAULT) {
1005 ret = i915_gem_shmem_pwrite_slow(dev, obj, args,
1012 DRM_INFO("pwrite failed %d\n", ret);
1015 drm_gem_object_unreference(obj);
1021 * Called when user space prepares to use an object with the CPU, either
1022 * through the mmap ioctl's mapping or a GTT mapping.
1025 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data,
1026 struct drm_file *file_priv)
1028 struct drm_i915_private *dev_priv = dev->dev_private;
1029 struct drm_i915_gem_set_domain *args = data;
1030 struct drm_gem_object *obj;
1031 struct drm_i915_gem_object *obj_priv;
1032 uint32_t read_domains = args->read_domains;
1033 uint32_t write_domain = args->write_domain;
1036 if (!(dev->driver->driver_features & DRIVER_GEM))
1039 /* Only handle setting domains to types used by the CPU. */
1040 if (write_domain & I915_GEM_GPU_DOMAINS)
1043 if (read_domains & I915_GEM_GPU_DOMAINS)
1046 /* Having something in the write domain implies it's in the read
1047 * domain, and only that read domain. Enforce that in the request.
1049 if (write_domain != 0 && read_domains != write_domain)
1052 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1055 obj_priv = obj->driver_private;
1057 mutex_lock(&dev->struct_mutex);
1059 intel_mark_busy(dev, obj);
1062 DRM_INFO("set_domain_ioctl %p(%zd), %08x %08x\n",
1063 obj, obj->size, read_domains, write_domain);
1065 if (read_domains & I915_GEM_DOMAIN_GTT) {
1066 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0);
1068 /* Update the LRU on the fence for the CPU access that's
1071 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
1072 list_move_tail(&obj_priv->fence_list,
1073 &dev_priv->mm.fence_list);
1076 /* Silently promote "you're not bound, there was nothing to do"
1077 * to success, since the client was just asking us to
1078 * make sure everything was done.
1083 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0);
1086 drm_gem_object_unreference(obj);
1087 mutex_unlock(&dev->struct_mutex);
1092 * Called when user space has done writes to this buffer
1095 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data,
1096 struct drm_file *file_priv)
1098 struct drm_i915_gem_sw_finish *args = data;
1099 struct drm_gem_object *obj;
1100 struct drm_i915_gem_object *obj_priv;
1103 if (!(dev->driver->driver_features & DRIVER_GEM))
1106 mutex_lock(&dev->struct_mutex);
1107 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1109 mutex_unlock(&dev->struct_mutex);
1114 DRM_INFO("%s: sw_finish %d (%p %zd)\n",
1115 __func__, args->handle, obj, obj->size);
1117 obj_priv = obj->driver_private;
1119 /* Pinned buffers may be scanout, so flush the cache */
1120 if (obj_priv->pin_count)
1121 i915_gem_object_flush_cpu_write_domain(obj);
1123 drm_gem_object_unreference(obj);
1124 mutex_unlock(&dev->struct_mutex);
1129 * Maps the contents of an object, returning the address it is mapped
1132 * While the mapping holds a reference on the contents of the object, it doesn't
1133 * imply a ref on the object itself.
1136 i915_gem_mmap_ioctl(struct drm_device *dev, void *data,
1137 struct drm_file *file_priv)
1139 struct drm_i915_gem_mmap *args = data;
1140 struct drm_gem_object *obj;
1144 if (!(dev->driver->driver_features & DRIVER_GEM))
1147 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1151 offset = args->offset;
1153 down_write(¤t->mm->mmap_sem);
1154 addr = do_mmap(obj->filp, 0, args->size,
1155 PROT_READ | PROT_WRITE, MAP_SHARED,
1157 up_write(¤t->mm->mmap_sem);
1158 mutex_lock(&dev->struct_mutex);
1159 drm_gem_object_unreference(obj);
1160 mutex_unlock(&dev->struct_mutex);
1161 if (IS_ERR((void *)addr))
1164 args->addr_ptr = (uint64_t) addr;
1170 * i915_gem_fault - fault a page into the GTT
1171 * vma: VMA in question
1174 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped
1175 * from userspace. The fault handler takes care of binding the object to
1176 * the GTT (if needed), allocating and programming a fence register (again,
1177 * only if needed based on whether the old reg is still valid or the object
1178 * is tiled) and inserting a new PTE into the faulting process.
1180 * Note that the faulting process may involve evicting existing objects
1181 * from the GTT and/or fence registers to make room. So performance may
1182 * suffer if the GTT working set is large or there are few fence registers
1185 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1187 struct drm_gem_object *obj = vma->vm_private_data;
1188 struct drm_device *dev = obj->dev;
1189 struct drm_i915_private *dev_priv = dev->dev_private;
1190 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1191 pgoff_t page_offset;
1194 bool write = !!(vmf->flags & FAULT_FLAG_WRITE);
1196 /* We don't use vmf->pgoff since that has the fake offset */
1197 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >>
1200 /* Now bind it into the GTT if needed */
1201 mutex_lock(&dev->struct_mutex);
1202 if (!obj_priv->gtt_space) {
1203 ret = i915_gem_object_bind_to_gtt(obj, 0);
1205 mutex_unlock(&dev->struct_mutex);
1206 return VM_FAULT_SIGBUS;
1208 list_add_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1210 ret = i915_gem_object_set_to_gtt_domain(obj, write);
1212 mutex_unlock(&dev->struct_mutex);
1213 return VM_FAULT_SIGBUS;
1217 /* Need a new fence register? */
1218 if (obj_priv->tiling_mode != I915_TILING_NONE) {
1219 ret = i915_gem_object_get_fence_reg(obj);
1221 mutex_unlock(&dev->struct_mutex);
1222 return VM_FAULT_SIGBUS;
1226 pfn = ((dev->agp->base + obj_priv->gtt_offset) >> PAGE_SHIFT) +
1229 /* Finally, remap it using the new GTT offset */
1230 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn);
1232 mutex_unlock(&dev->struct_mutex);
1237 return VM_FAULT_OOM;
1240 return VM_FAULT_SIGBUS;
1242 return VM_FAULT_NOPAGE;
1247 * i915_gem_create_mmap_offset - create a fake mmap offset for an object
1248 * @obj: obj in question
1250 * GEM memory mapping works by handing back to userspace a fake mmap offset
1251 * it can use in a subsequent mmap(2) call. The DRM core code then looks
1252 * up the object based on the offset and sets up the various memory mapping
1255 * This routine allocates and attaches a fake offset for @obj.
1258 i915_gem_create_mmap_offset(struct drm_gem_object *obj)
1260 struct drm_device *dev = obj->dev;
1261 struct drm_gem_mm *mm = dev->mm_private;
1262 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1263 struct drm_map_list *list;
1264 struct drm_local_map *map;
1267 /* Set the object up for mmap'ing */
1268 list = &obj->map_list;
1269 list->map = kzalloc(sizeof(struct drm_map_list), GFP_KERNEL);
1274 map->type = _DRM_GEM;
1275 map->size = obj->size;
1278 /* Get a DRM GEM mmap offset allocated... */
1279 list->file_offset_node = drm_mm_search_free(&mm->offset_manager,
1280 obj->size / PAGE_SIZE, 0, 0);
1281 if (!list->file_offset_node) {
1282 DRM_ERROR("failed to allocate offset for bo %d\n", obj->name);
1287 list->file_offset_node = drm_mm_get_block(list->file_offset_node,
1288 obj->size / PAGE_SIZE, 0);
1289 if (!list->file_offset_node) {
1294 list->hash.key = list->file_offset_node->start;
1295 if (drm_ht_insert_item(&mm->offset_hash, &list->hash)) {
1296 DRM_ERROR("failed to add to map hash\n");
1300 /* By now we should be all set, any drm_mmap request on the offset
1301 * below will get to our mmap & fault handler */
1302 obj_priv->mmap_offset = ((uint64_t) list->hash.key) << PAGE_SHIFT;
1307 drm_mm_put_block(list->file_offset_node);
1315 * i915_gem_release_mmap - remove physical page mappings
1316 * @obj: obj in question
1318 * Preserve the reservation of the mmaping with the DRM core code, but
1319 * relinquish ownership of the pages back to the system.
1321 * It is vital that we remove the page mapping if we have mapped a tiled
1322 * object through the GTT and then lose the fence register due to
1323 * resource pressure. Similarly if the object has been moved out of the
1324 * aperture, than pages mapped into userspace must be revoked. Removing the
1325 * mapping will then trigger a page fault on the next user access, allowing
1326 * fixup by i915_gem_fault().
1329 i915_gem_release_mmap(struct drm_gem_object *obj)
1331 struct drm_device *dev = obj->dev;
1332 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1334 if (dev->dev_mapping)
1335 unmap_mapping_range(dev->dev_mapping,
1336 obj_priv->mmap_offset, obj->size, 1);
1340 i915_gem_free_mmap_offset(struct drm_gem_object *obj)
1342 struct drm_device *dev = obj->dev;
1343 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1344 struct drm_gem_mm *mm = dev->mm_private;
1345 struct drm_map_list *list;
1347 list = &obj->map_list;
1348 drm_ht_remove_item(&mm->offset_hash, &list->hash);
1350 if (list->file_offset_node) {
1351 drm_mm_put_block(list->file_offset_node);
1352 list->file_offset_node = NULL;
1360 obj_priv->mmap_offset = 0;
1364 * i915_gem_get_gtt_alignment - return required GTT alignment for an object
1365 * @obj: object to check
1367 * Return the required GTT alignment for an object, taking into account
1368 * potential fence register mapping if needed.
1371 i915_gem_get_gtt_alignment(struct drm_gem_object *obj)
1373 struct drm_device *dev = obj->dev;
1374 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1378 * Minimum alignment is 4k (GTT page size), but might be greater
1379 * if a fence register is needed for the object.
1381 if (IS_I965G(dev) || obj_priv->tiling_mode == I915_TILING_NONE)
1385 * Previous chips need to be aligned to the size of the smallest
1386 * fence register that can contain the object.
1393 for (i = start; i < obj->size; i <<= 1)
1400 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing
1402 * @data: GTT mapping ioctl data
1403 * @file_priv: GEM object info
1405 * Simply returns the fake offset to userspace so it can mmap it.
1406 * The mmap call will end up in drm_gem_mmap(), which will set things
1407 * up so we can get faults in the handler above.
1409 * The fault handler will take care of binding the object into the GTT
1410 * (since it may have been evicted to make room for something), allocating
1411 * a fence register, and mapping the appropriate aperture address into
1415 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data,
1416 struct drm_file *file_priv)
1418 struct drm_i915_gem_mmap_gtt *args = data;
1419 struct drm_i915_private *dev_priv = dev->dev_private;
1420 struct drm_gem_object *obj;
1421 struct drm_i915_gem_object *obj_priv;
1424 if (!(dev->driver->driver_features & DRIVER_GEM))
1427 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1431 mutex_lock(&dev->struct_mutex);
1433 obj_priv = obj->driver_private;
1435 if (!obj_priv->mmap_offset) {
1436 ret = i915_gem_create_mmap_offset(obj);
1438 drm_gem_object_unreference(obj);
1439 mutex_unlock(&dev->struct_mutex);
1444 args->offset = obj_priv->mmap_offset;
1447 * Pull it into the GTT so that we have a page list (makes the
1448 * initial fault faster and any subsequent flushing possible).
1450 if (!obj_priv->agp_mem) {
1451 ret = i915_gem_object_bind_to_gtt(obj, 0);
1453 drm_gem_object_unreference(obj);
1454 mutex_unlock(&dev->struct_mutex);
1457 list_add_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1460 drm_gem_object_unreference(obj);
1461 mutex_unlock(&dev->struct_mutex);
1467 i915_gem_object_put_pages(struct drm_gem_object *obj)
1469 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1470 int page_count = obj->size / PAGE_SIZE;
1473 BUG_ON(obj_priv->pages_refcount == 0);
1475 if (--obj_priv->pages_refcount != 0)
1478 if (obj_priv->tiling_mode != I915_TILING_NONE)
1479 i915_gem_object_save_bit_17_swizzle(obj);
1481 if (obj_priv->madv == I915_MADV_DONTNEED)
1482 obj_priv->dirty = 0;
1484 for (i = 0; i < page_count; i++) {
1485 if (obj_priv->pages[i] == NULL)
1488 if (obj_priv->dirty)
1489 set_page_dirty(obj_priv->pages[i]);
1491 if (obj_priv->madv == I915_MADV_WILLNEED)
1492 mark_page_accessed(obj_priv->pages[i]);
1494 page_cache_release(obj_priv->pages[i]);
1496 obj_priv->dirty = 0;
1498 drm_free_large(obj_priv->pages);
1499 obj_priv->pages = NULL;
1503 i915_gem_object_move_to_active(struct drm_gem_object *obj, uint32_t seqno)
1505 struct drm_device *dev = obj->dev;
1506 drm_i915_private_t *dev_priv = dev->dev_private;
1507 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1509 /* Add a reference if we're newly entering the active list. */
1510 if (!obj_priv->active) {
1511 drm_gem_object_reference(obj);
1512 obj_priv->active = 1;
1514 /* Move from whatever list we were on to the tail of execution. */
1515 spin_lock(&dev_priv->mm.active_list_lock);
1516 list_move_tail(&obj_priv->list,
1517 &dev_priv->mm.active_list);
1518 spin_unlock(&dev_priv->mm.active_list_lock);
1519 obj_priv->last_rendering_seqno = seqno;
1523 i915_gem_object_move_to_flushing(struct drm_gem_object *obj)
1525 struct drm_device *dev = obj->dev;
1526 drm_i915_private_t *dev_priv = dev->dev_private;
1527 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1529 BUG_ON(!obj_priv->active);
1530 list_move_tail(&obj_priv->list, &dev_priv->mm.flushing_list);
1531 obj_priv->last_rendering_seqno = 0;
1535 i915_gem_object_move_to_inactive(struct drm_gem_object *obj)
1537 struct drm_device *dev = obj->dev;
1538 drm_i915_private_t *dev_priv = dev->dev_private;
1539 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1541 i915_verify_inactive(dev, __FILE__, __LINE__);
1542 if (obj_priv->pin_count != 0)
1543 list_del_init(&obj_priv->list);
1545 list_move_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1547 obj_priv->last_rendering_seqno = 0;
1548 if (obj_priv->active) {
1549 obj_priv->active = 0;
1550 drm_gem_object_unreference(obj);
1552 i915_verify_inactive(dev, __FILE__, __LINE__);
1556 * Creates a new sequence number, emitting a write of it to the status page
1557 * plus an interrupt, which will trigger i915_user_interrupt_handler.
1559 * Must be called with struct_lock held.
1561 * Returned sequence numbers are nonzero on success.
1564 i915_add_request(struct drm_device *dev, struct drm_file *file_priv,
1565 uint32_t flush_domains)
1567 drm_i915_private_t *dev_priv = dev->dev_private;
1568 struct drm_i915_file_private *i915_file_priv = NULL;
1569 struct drm_i915_gem_request *request;
1574 if (file_priv != NULL)
1575 i915_file_priv = file_priv->driver_priv;
1577 request = kzalloc(sizeof(*request), GFP_KERNEL);
1578 if (request == NULL)
1581 /* Grab the seqno we're going to make this request be, and bump the
1582 * next (skipping 0 so it can be the reserved no-seqno value).
1584 seqno = dev_priv->mm.next_gem_seqno;
1585 dev_priv->mm.next_gem_seqno++;
1586 if (dev_priv->mm.next_gem_seqno == 0)
1587 dev_priv->mm.next_gem_seqno++;
1590 OUT_RING(MI_STORE_DWORD_INDEX);
1591 OUT_RING(I915_GEM_HWS_INDEX << MI_STORE_DWORD_INDEX_SHIFT);
1594 OUT_RING(MI_USER_INTERRUPT);
1597 DRM_DEBUG("%d\n", seqno);
1599 request->seqno = seqno;
1600 request->emitted_jiffies = jiffies;
1601 was_empty = list_empty(&dev_priv->mm.request_list);
1602 list_add_tail(&request->list, &dev_priv->mm.request_list);
1603 if (i915_file_priv) {
1604 list_add_tail(&request->client_list,
1605 &i915_file_priv->mm.request_list);
1607 INIT_LIST_HEAD(&request->client_list);
1610 /* Associate any objects on the flushing list matching the write
1611 * domain we're flushing with our flush.
1613 if (flush_domains != 0) {
1614 struct drm_i915_gem_object *obj_priv, *next;
1616 list_for_each_entry_safe(obj_priv, next,
1617 &dev_priv->mm.flushing_list, list) {
1618 struct drm_gem_object *obj = obj_priv->obj;
1620 if ((obj->write_domain & flush_domains) ==
1621 obj->write_domain) {
1622 uint32_t old_write_domain = obj->write_domain;
1624 obj->write_domain = 0;
1625 i915_gem_object_move_to_active(obj, seqno);
1627 trace_i915_gem_object_change_domain(obj,
1635 if (!dev_priv->mm.suspended) {
1636 mod_timer(&dev_priv->hangcheck_timer, jiffies + DRM_I915_HANGCHECK_PERIOD);
1638 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1644 * Command execution barrier
1646 * Ensures that all commands in the ring are finished
1647 * before signalling the CPU
1650 i915_retire_commands(struct drm_device *dev)
1652 drm_i915_private_t *dev_priv = dev->dev_private;
1653 uint32_t cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1654 uint32_t flush_domains = 0;
1657 /* The sampler always gets flushed on i965 (sigh) */
1659 flush_domains |= I915_GEM_DOMAIN_SAMPLER;
1662 OUT_RING(0); /* noop */
1664 return flush_domains;
1668 * Moves buffers associated only with the given active seqno from the active
1669 * to inactive list, potentially freeing them.
1672 i915_gem_retire_request(struct drm_device *dev,
1673 struct drm_i915_gem_request *request)
1675 drm_i915_private_t *dev_priv = dev->dev_private;
1677 trace_i915_gem_request_retire(dev, request->seqno);
1679 /* Move any buffers on the active list that are no longer referenced
1680 * by the ringbuffer to the flushing/inactive lists as appropriate.
1682 spin_lock(&dev_priv->mm.active_list_lock);
1683 while (!list_empty(&dev_priv->mm.active_list)) {
1684 struct drm_gem_object *obj;
1685 struct drm_i915_gem_object *obj_priv;
1687 obj_priv = list_first_entry(&dev_priv->mm.active_list,
1688 struct drm_i915_gem_object,
1690 obj = obj_priv->obj;
1692 /* If the seqno being retired doesn't match the oldest in the
1693 * list, then the oldest in the list must still be newer than
1696 if (obj_priv->last_rendering_seqno != request->seqno)
1700 DRM_INFO("%s: retire %d moves to inactive list %p\n",
1701 __func__, request->seqno, obj);
1704 if (obj->write_domain != 0)
1705 i915_gem_object_move_to_flushing(obj);
1707 /* Take a reference on the object so it won't be
1708 * freed while the spinlock is held. The list
1709 * protection for this spinlock is safe when breaking
1710 * the lock like this since the next thing we do
1711 * is just get the head of the list again.
1713 drm_gem_object_reference(obj);
1714 i915_gem_object_move_to_inactive(obj);
1715 spin_unlock(&dev_priv->mm.active_list_lock);
1716 drm_gem_object_unreference(obj);
1717 spin_lock(&dev_priv->mm.active_list_lock);
1721 spin_unlock(&dev_priv->mm.active_list_lock);
1725 * Returns true if seq1 is later than seq2.
1728 i915_seqno_passed(uint32_t seq1, uint32_t seq2)
1730 return (int32_t)(seq1 - seq2) >= 0;
1734 i915_get_gem_seqno(struct drm_device *dev)
1736 drm_i915_private_t *dev_priv = dev->dev_private;
1738 return READ_HWSP(dev_priv, I915_GEM_HWS_INDEX);
1742 * This function clears the request list as sequence numbers are passed.
1745 i915_gem_retire_requests(struct drm_device *dev)
1747 drm_i915_private_t *dev_priv = dev->dev_private;
1750 if (!dev_priv->hw_status_page)
1753 seqno = i915_get_gem_seqno(dev);
1755 while (!list_empty(&dev_priv->mm.request_list)) {
1756 struct drm_i915_gem_request *request;
1757 uint32_t retiring_seqno;
1759 request = list_first_entry(&dev_priv->mm.request_list,
1760 struct drm_i915_gem_request,
1762 retiring_seqno = request->seqno;
1764 if (i915_seqno_passed(seqno, retiring_seqno) ||
1765 atomic_read(&dev_priv->mm.wedged)) {
1766 i915_gem_retire_request(dev, request);
1768 list_del(&request->list);
1769 list_del(&request->client_list);
1777 i915_gem_retire_work_handler(struct work_struct *work)
1779 drm_i915_private_t *dev_priv;
1780 struct drm_device *dev;
1782 dev_priv = container_of(work, drm_i915_private_t,
1783 mm.retire_work.work);
1784 dev = dev_priv->dev;
1786 mutex_lock(&dev->struct_mutex);
1787 i915_gem_retire_requests(dev);
1788 if (!dev_priv->mm.suspended &&
1789 !list_empty(&dev_priv->mm.request_list))
1790 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1791 mutex_unlock(&dev->struct_mutex);
1795 * Waits for a sequence number to be signaled, and cleans up the
1796 * request and object lists appropriately for that event.
1799 i915_wait_request(struct drm_device *dev, uint32_t seqno)
1801 drm_i915_private_t *dev_priv = dev->dev_private;
1807 if (atomic_read(&dev_priv->mm.wedged))
1810 if (!i915_seqno_passed(i915_get_gem_seqno(dev), seqno)) {
1812 ier = I915_READ(DEIER) | I915_READ(GTIER);
1814 ier = I915_READ(IER);
1816 DRM_ERROR("something (likely vbetool) disabled "
1817 "interrupts, re-enabling\n");
1818 i915_driver_irq_preinstall(dev);
1819 i915_driver_irq_postinstall(dev);
1822 trace_i915_gem_request_wait_begin(dev, seqno);
1824 dev_priv->mm.waiting_gem_seqno = seqno;
1825 i915_user_irq_get(dev);
1826 ret = wait_event_interruptible(dev_priv->irq_queue,
1827 i915_seqno_passed(i915_get_gem_seqno(dev),
1829 atomic_read(&dev_priv->mm.wedged));
1830 i915_user_irq_put(dev);
1831 dev_priv->mm.waiting_gem_seqno = 0;
1833 trace_i915_gem_request_wait_end(dev, seqno);
1835 if (atomic_read(&dev_priv->mm.wedged))
1838 if (ret && ret != -ERESTARTSYS)
1839 DRM_ERROR("%s returns %d (awaiting %d at %d)\n",
1840 __func__, ret, seqno, i915_get_gem_seqno(dev));
1842 /* Directly dispatch request retiring. While we have the work queue
1843 * to handle this, the waiter on a request often wants an associated
1844 * buffer to have made it to the inactive list, and we would need
1845 * a separate wait queue to handle that.
1848 i915_gem_retire_requests(dev);
1854 i915_gem_flush(struct drm_device *dev,
1855 uint32_t invalidate_domains,
1856 uint32_t flush_domains)
1858 drm_i915_private_t *dev_priv = dev->dev_private;
1863 DRM_INFO("%s: invalidate %08x flush %08x\n", __func__,
1864 invalidate_domains, flush_domains);
1866 trace_i915_gem_request_flush(dev, dev_priv->mm.next_gem_seqno,
1867 invalidate_domains, flush_domains);
1869 if (flush_domains & I915_GEM_DOMAIN_CPU)
1870 drm_agp_chipset_flush(dev);
1872 if ((invalidate_domains | flush_domains) & I915_GEM_GPU_DOMAINS) {
1874 * read/write caches:
1876 * I915_GEM_DOMAIN_RENDER is always invalidated, but is
1877 * only flushed if MI_NO_WRITE_FLUSH is unset. On 965, it is
1878 * also flushed at 2d versus 3d pipeline switches.
1882 * I915_GEM_DOMAIN_SAMPLER is flushed on pre-965 if
1883 * MI_READ_FLUSH is set, and is always flushed on 965.
1885 * I915_GEM_DOMAIN_COMMAND may not exist?
1887 * I915_GEM_DOMAIN_INSTRUCTION, which exists on 965, is
1888 * invalidated when MI_EXE_FLUSH is set.
1890 * I915_GEM_DOMAIN_VERTEX, which exists on 965, is
1891 * invalidated with every MI_FLUSH.
1895 * On 965, TLBs associated with I915_GEM_DOMAIN_COMMAND
1896 * and I915_GEM_DOMAIN_CPU in are invalidated at PTE write and
1897 * I915_GEM_DOMAIN_RENDER and I915_GEM_DOMAIN_SAMPLER
1898 * are flushed at any MI_FLUSH.
1901 cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1902 if ((invalidate_domains|flush_domains) &
1903 I915_GEM_DOMAIN_RENDER)
1904 cmd &= ~MI_NO_WRITE_FLUSH;
1905 if (!IS_I965G(dev)) {
1907 * On the 965, the sampler cache always gets flushed
1908 * and this bit is reserved.
1910 if (invalidate_domains & I915_GEM_DOMAIN_SAMPLER)
1911 cmd |= MI_READ_FLUSH;
1913 if (invalidate_domains & I915_GEM_DOMAIN_INSTRUCTION)
1914 cmd |= MI_EXE_FLUSH;
1917 DRM_INFO("%s: queue flush %08x to ring\n", __func__, cmd);
1921 OUT_RING(0); /* noop */
1927 * Ensures that all rendering to the object has completed and the object is
1928 * safe to unbind from the GTT or access from the CPU.
1931 i915_gem_object_wait_rendering(struct drm_gem_object *obj)
1933 struct drm_device *dev = obj->dev;
1934 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1937 /* This function only exists to support waiting for existing rendering,
1938 * not for emitting required flushes.
1940 BUG_ON((obj->write_domain & I915_GEM_GPU_DOMAINS) != 0);
1942 /* If there is rendering queued on the buffer being evicted, wait for
1945 if (obj_priv->active) {
1947 DRM_INFO("%s: object %p wait for seqno %08x\n",
1948 __func__, obj, obj_priv->last_rendering_seqno);
1950 ret = i915_wait_request(dev, obj_priv->last_rendering_seqno);
1959 * Unbinds an object from the GTT aperture.
1962 i915_gem_object_unbind(struct drm_gem_object *obj)
1964 struct drm_device *dev = obj->dev;
1965 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1969 DRM_INFO("%s:%d %p\n", __func__, __LINE__, obj);
1970 DRM_INFO("gtt_space %p\n", obj_priv->gtt_space);
1972 if (obj_priv->gtt_space == NULL)
1975 if (obj_priv->pin_count != 0) {
1976 DRM_ERROR("Attempting to unbind pinned buffer\n");
1980 /* blow away mappings if mapped through GTT */
1981 i915_gem_release_mmap(obj);
1983 if (obj_priv->fence_reg != I915_FENCE_REG_NONE)
1984 i915_gem_clear_fence_reg(obj);
1986 /* Move the object to the CPU domain to ensure that
1987 * any possible CPU writes while it's not in the GTT
1988 * are flushed when we go to remap it. This will
1989 * also ensure that all pending GPU writes are finished
1992 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
1994 if (ret != -ERESTARTSYS)
1995 DRM_ERROR("set_domain failed: %d\n", ret);
1999 BUG_ON(obj_priv->active);
2001 if (obj_priv->agp_mem != NULL) {
2002 drm_unbind_agp(obj_priv->agp_mem);
2003 drm_free_agp(obj_priv->agp_mem, obj->size / PAGE_SIZE);
2004 obj_priv->agp_mem = NULL;
2007 i915_gem_object_put_pages(obj);
2009 if (obj_priv->gtt_space) {
2010 atomic_dec(&dev->gtt_count);
2011 atomic_sub(obj->size, &dev->gtt_memory);
2013 drm_mm_put_block(obj_priv->gtt_space);
2014 obj_priv->gtt_space = NULL;
2017 /* Remove ourselves from the LRU list if present. */
2018 if (!list_empty(&obj_priv->list))
2019 list_del_init(&obj_priv->list);
2021 trace_i915_gem_object_unbind(obj);
2027 i915_gem_object_is_purgeable(struct drm_i915_gem_object *obj_priv)
2029 return !obj_priv->dirty || obj_priv->madv == I915_MADV_DONTNEED;
2032 static struct drm_gem_object *
2033 i915_gem_find_inactive_object(struct drm_device *dev, int min_size)
2035 drm_i915_private_t *dev_priv = dev->dev_private;
2036 struct drm_i915_gem_object *obj_priv;
2037 struct drm_gem_object *best = NULL;
2038 struct drm_gem_object *first = NULL;
2040 /* Try to find the smallest clean object */
2041 list_for_each_entry(obj_priv, &dev_priv->mm.inactive_list, list) {
2042 struct drm_gem_object *obj = obj_priv->obj;
2043 if (obj->size >= min_size) {
2044 if (i915_gem_object_is_purgeable(obj_priv) &&
2045 (!best || obj->size < best->size)) {
2047 if (best->size == min_size)
2055 return best ? best : first;
2059 i915_gem_evict_everything(struct drm_device *dev)
2061 drm_i915_private_t *dev_priv = dev->dev_private;
2066 DRM_INFO("GTT full, evicting everything: "
2067 "%d objects [%d pinned], "
2068 "%d object bytes [%d pinned], "
2069 "%d/%d gtt bytes\n",
2070 atomic_read(&dev->object_count),
2071 atomic_read(&dev->pin_count),
2072 atomic_read(&dev->object_memory),
2073 atomic_read(&dev->pin_memory),
2074 atomic_read(&dev->gtt_memory),
2077 spin_lock(&dev_priv->mm.active_list_lock);
2078 lists_empty = (list_empty(&dev_priv->mm.inactive_list) &&
2079 list_empty(&dev_priv->mm.flushing_list) &&
2080 list_empty(&dev_priv->mm.active_list));
2081 spin_unlock(&dev_priv->mm.active_list_lock);
2084 DRM_ERROR("GTT full, but lists empty!\n");
2088 /* Flush everything (on to the inactive lists) and evict */
2089 i915_gem_flush(dev, I915_GEM_GPU_DOMAINS, I915_GEM_GPU_DOMAINS);
2090 seqno = i915_add_request(dev, NULL, I915_GEM_GPU_DOMAINS);
2094 ret = i915_wait_request(dev, seqno);
2098 ret = i915_gem_evict_from_list(dev, &dev_priv->mm.inactive_list);
2102 spin_lock(&dev_priv->mm.active_list_lock);
2103 lists_empty = (list_empty(&dev_priv->mm.inactive_list) &&
2104 list_empty(&dev_priv->mm.flushing_list) &&
2105 list_empty(&dev_priv->mm.active_list));
2106 spin_unlock(&dev_priv->mm.active_list_lock);
2107 BUG_ON(!lists_empty);
2113 i915_gem_evict_something(struct drm_device *dev, int min_size)
2115 drm_i915_private_t *dev_priv = dev->dev_private;
2116 struct drm_gem_object *obj;
2117 int have_waited = 0;
2121 i915_gem_retire_requests(dev);
2123 /* If there's an inactive buffer available now, grab it
2126 obj = i915_gem_find_inactive_object(dev, min_size);
2128 struct drm_i915_gem_object *obj_priv;
2131 DRM_INFO("%s: evicting %p\n", __func__, obj);
2133 obj_priv = obj->driver_private;
2134 BUG_ON(obj_priv->pin_count != 0);
2135 BUG_ON(obj_priv->active);
2137 /* Wait on the rendering and unbind the buffer. */
2138 return i915_gem_object_unbind(obj);
2144 /* If we didn't get anything, but the ring is still processing
2145 * things, wait for the next to finish and hopefully leave us
2146 * a buffer to evict.
2148 if (!list_empty(&dev_priv->mm.request_list)) {
2149 struct drm_i915_gem_request *request;
2151 request = list_first_entry(&dev_priv->mm.request_list,
2152 struct drm_i915_gem_request,
2155 ret = i915_wait_request(dev, request->seqno);
2163 /* If we didn't have anything on the request list but there
2164 * are buffers awaiting a flush, emit one and try again.
2165 * When we wait on it, those buffers waiting for that flush
2166 * will get moved to inactive.
2168 if (!list_empty(&dev_priv->mm.flushing_list)) {
2169 struct drm_i915_gem_object *obj_priv;
2172 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
2173 struct drm_i915_gem_object,
2175 obj = obj_priv->obj;
2180 seqno = i915_add_request(dev, NULL, obj->write_domain);
2184 ret = i915_wait_request(dev, seqno);
2192 /* If we didn't do any of the above, there's no single buffer
2193 * large enough to swap out for the new one, so just evict
2194 * everything and start again. (This should be rare.)
2196 if (!list_empty (&dev_priv->mm.inactive_list)) {
2197 DRM_INFO("GTT full, evicting inactive buffers\n");
2198 return i915_gem_evict_from_list(dev,
2199 &dev_priv->mm.inactive_list);
2201 return i915_gem_evict_everything(dev);
2206 i915_gem_object_get_pages(struct drm_gem_object *obj)
2208 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2210 struct address_space *mapping;
2211 struct inode *inode;
2215 if (obj_priv->pages_refcount++ != 0)
2218 /* Get the list of pages out of our struct file. They'll be pinned
2219 * at this point until we release them.
2221 page_count = obj->size / PAGE_SIZE;
2222 BUG_ON(obj_priv->pages != NULL);
2223 obj_priv->pages = drm_calloc_large(page_count, sizeof(struct page *));
2224 if (obj_priv->pages == NULL) {
2225 DRM_ERROR("Failed to allocate page list\n");
2226 obj_priv->pages_refcount--;
2230 inode = obj->filp->f_path.dentry->d_inode;
2231 mapping = inode->i_mapping;
2232 for (i = 0; i < page_count; i++) {
2233 page = read_mapping_page(mapping, i, NULL);
2235 ret = PTR_ERR(page);
2236 i915_gem_object_put_pages(obj);
2239 obj_priv->pages[i] = page;
2242 if (obj_priv->tiling_mode != I915_TILING_NONE)
2243 i915_gem_object_do_bit_17_swizzle(obj);
2248 static void i965_write_fence_reg(struct drm_i915_fence_reg *reg)
2250 struct drm_gem_object *obj = reg->obj;
2251 struct drm_device *dev = obj->dev;
2252 drm_i915_private_t *dev_priv = dev->dev_private;
2253 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2254 int regnum = obj_priv->fence_reg;
2257 val = (uint64_t)((obj_priv->gtt_offset + obj->size - 4096) &
2259 val |= obj_priv->gtt_offset & 0xfffff000;
2260 val |= ((obj_priv->stride / 128) - 1) << I965_FENCE_PITCH_SHIFT;
2261 if (obj_priv->tiling_mode == I915_TILING_Y)
2262 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
2263 val |= I965_FENCE_REG_VALID;
2265 I915_WRITE64(FENCE_REG_965_0 + (regnum * 8), val);
2268 static void i915_write_fence_reg(struct drm_i915_fence_reg *reg)
2270 struct drm_gem_object *obj = reg->obj;
2271 struct drm_device *dev = obj->dev;
2272 drm_i915_private_t *dev_priv = dev->dev_private;
2273 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2274 int regnum = obj_priv->fence_reg;
2276 uint32_t fence_reg, val;
2279 if ((obj_priv->gtt_offset & ~I915_FENCE_START_MASK) ||
2280 (obj_priv->gtt_offset & (obj->size - 1))) {
2281 WARN(1, "%s: object 0x%08x not 1M or size (0x%zx) aligned\n",
2282 __func__, obj_priv->gtt_offset, obj->size);
2286 if (obj_priv->tiling_mode == I915_TILING_Y &&
2287 HAS_128_BYTE_Y_TILING(dev))
2292 /* Note: pitch better be a power of two tile widths */
2293 pitch_val = obj_priv->stride / tile_width;
2294 pitch_val = ffs(pitch_val) - 1;
2296 val = obj_priv->gtt_offset;
2297 if (obj_priv->tiling_mode == I915_TILING_Y)
2298 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2299 val |= I915_FENCE_SIZE_BITS(obj->size);
2300 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2301 val |= I830_FENCE_REG_VALID;
2304 fence_reg = FENCE_REG_830_0 + (regnum * 4);
2306 fence_reg = FENCE_REG_945_8 + ((regnum - 8) * 4);
2307 I915_WRITE(fence_reg, val);
2310 static void i830_write_fence_reg(struct drm_i915_fence_reg *reg)
2312 struct drm_gem_object *obj = reg->obj;
2313 struct drm_device *dev = obj->dev;
2314 drm_i915_private_t *dev_priv = dev->dev_private;
2315 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2316 int regnum = obj_priv->fence_reg;
2319 uint32_t fence_size_bits;
2321 if ((obj_priv->gtt_offset & ~I830_FENCE_START_MASK) ||
2322 (obj_priv->gtt_offset & (obj->size - 1))) {
2323 WARN(1, "%s: object 0x%08x not 512K or size aligned\n",
2324 __func__, obj_priv->gtt_offset);
2328 pitch_val = obj_priv->stride / 128;
2329 pitch_val = ffs(pitch_val) - 1;
2330 WARN_ON(pitch_val > I830_FENCE_MAX_PITCH_VAL);
2332 val = obj_priv->gtt_offset;
2333 if (obj_priv->tiling_mode == I915_TILING_Y)
2334 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2335 fence_size_bits = I830_FENCE_SIZE_BITS(obj->size);
2336 WARN_ON(fence_size_bits & ~0x00000f00);
2337 val |= fence_size_bits;
2338 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2339 val |= I830_FENCE_REG_VALID;
2341 I915_WRITE(FENCE_REG_830_0 + (regnum * 4), val);
2345 * i915_gem_object_get_fence_reg - set up a fence reg for an object
2346 * @obj: object to map through a fence reg
2348 * When mapping objects through the GTT, userspace wants to be able to write
2349 * to them without having to worry about swizzling if the object is tiled.
2351 * This function walks the fence regs looking for a free one for @obj,
2352 * stealing one if it can't find any.
2354 * It then sets up the reg based on the object's properties: address, pitch
2355 * and tiling format.
2358 i915_gem_object_get_fence_reg(struct drm_gem_object *obj)
2360 struct drm_device *dev = obj->dev;
2361 struct drm_i915_private *dev_priv = dev->dev_private;
2362 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2363 struct drm_i915_fence_reg *reg = NULL;
2364 struct drm_i915_gem_object *old_obj_priv = NULL;
2367 /* Just update our place in the LRU if our fence is getting used. */
2368 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
2369 list_move_tail(&obj_priv->fence_list, &dev_priv->mm.fence_list);
2373 switch (obj_priv->tiling_mode) {
2374 case I915_TILING_NONE:
2375 WARN(1, "allocating a fence for non-tiled object?\n");
2378 if (!obj_priv->stride)
2380 WARN((obj_priv->stride & (512 - 1)),
2381 "object 0x%08x is X tiled but has non-512B pitch\n",
2382 obj_priv->gtt_offset);
2385 if (!obj_priv->stride)
2387 WARN((obj_priv->stride & (128 - 1)),
2388 "object 0x%08x is Y tiled but has non-128B pitch\n",
2389 obj_priv->gtt_offset);
2393 /* First try to find a free reg */
2395 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) {
2396 reg = &dev_priv->fence_regs[i];
2400 old_obj_priv = reg->obj->driver_private;
2401 if (!old_obj_priv->pin_count)
2405 /* None available, try to steal one or wait for a user to finish */
2406 if (i == dev_priv->num_fence_regs) {
2407 struct drm_gem_object *old_obj = NULL;
2412 list_for_each_entry(old_obj_priv, &dev_priv->mm.fence_list,
2414 old_obj = old_obj_priv->obj;
2416 if (old_obj_priv->pin_count)
2419 /* Take a reference, as otherwise the wait_rendering
2420 * below may cause the object to get freed out from
2423 drm_gem_object_reference(old_obj);
2425 /* i915 uses fences for GPU access to tiled buffers */
2426 if (IS_I965G(dev) || !old_obj_priv->active)
2429 /* This brings the object to the head of the LRU if it
2430 * had been written to. The only way this should
2431 * result in us waiting longer than the expected
2432 * optimal amount of time is if there was a
2433 * fence-using buffer later that was read-only.
2435 i915_gem_object_flush_gpu_write_domain(old_obj);
2436 ret = i915_gem_object_wait_rendering(old_obj);
2438 drm_gem_object_unreference(old_obj);
2446 * Zap this virtual mapping so we can set up a fence again
2447 * for this object next time we need it.
2449 i915_gem_release_mmap(old_obj);
2451 i = old_obj_priv->fence_reg;
2452 reg = &dev_priv->fence_regs[i];
2454 old_obj_priv->fence_reg = I915_FENCE_REG_NONE;
2455 list_del_init(&old_obj_priv->fence_list);
2457 drm_gem_object_unreference(old_obj);
2460 obj_priv->fence_reg = i;
2461 list_add_tail(&obj_priv->fence_list, &dev_priv->mm.fence_list);
2466 i965_write_fence_reg(reg);
2467 else if (IS_I9XX(dev))
2468 i915_write_fence_reg(reg);
2470 i830_write_fence_reg(reg);
2472 trace_i915_gem_object_get_fence(obj, i, obj_priv->tiling_mode);
2478 * i915_gem_clear_fence_reg - clear out fence register info
2479 * @obj: object to clear
2481 * Zeroes out the fence register itself and clears out the associated
2482 * data structures in dev_priv and obj_priv.
2485 i915_gem_clear_fence_reg(struct drm_gem_object *obj)
2487 struct drm_device *dev = obj->dev;
2488 drm_i915_private_t *dev_priv = dev->dev_private;
2489 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2492 I915_WRITE64(FENCE_REG_965_0 + (obj_priv->fence_reg * 8), 0);
2496 if (obj_priv->fence_reg < 8)
2497 fence_reg = FENCE_REG_830_0 + obj_priv->fence_reg * 4;
2499 fence_reg = FENCE_REG_945_8 + (obj_priv->fence_reg -
2502 I915_WRITE(fence_reg, 0);
2505 dev_priv->fence_regs[obj_priv->fence_reg].obj = NULL;
2506 obj_priv->fence_reg = I915_FENCE_REG_NONE;
2507 list_del_init(&obj_priv->fence_list);
2511 * i915_gem_object_put_fence_reg - waits on outstanding fenced access
2512 * to the buffer to finish, and then resets the fence register.
2513 * @obj: tiled object holding a fence register.
2515 * Zeroes out the fence register itself and clears out the associated
2516 * data structures in dev_priv and obj_priv.
2519 i915_gem_object_put_fence_reg(struct drm_gem_object *obj)
2521 struct drm_device *dev = obj->dev;
2522 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2524 if (obj_priv->fence_reg == I915_FENCE_REG_NONE)
2527 /* On the i915, GPU access to tiled buffers is via a fence,
2528 * therefore we must wait for any outstanding access to complete
2529 * before clearing the fence.
2531 if (!IS_I965G(dev)) {
2534 i915_gem_object_flush_gpu_write_domain(obj);
2535 i915_gem_object_flush_gtt_write_domain(obj);
2536 ret = i915_gem_object_wait_rendering(obj);
2541 i915_gem_clear_fence_reg (obj);
2547 * Finds free space in the GTT aperture and binds the object there.
2550 i915_gem_object_bind_to_gtt(struct drm_gem_object *obj, unsigned alignment)
2552 struct drm_device *dev = obj->dev;
2553 drm_i915_private_t *dev_priv = dev->dev_private;
2554 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2555 struct drm_mm_node *free_space;
2556 bool retry_alloc = false;
2559 if (dev_priv->mm.suspended)
2562 if (obj_priv->madv == I915_MADV_DONTNEED) {
2563 DRM_ERROR("Attempting to bind a purgeable object\n");
2568 alignment = i915_gem_get_gtt_alignment(obj);
2569 if (alignment & (i915_gem_get_gtt_alignment(obj) - 1)) {
2570 DRM_ERROR("Invalid object alignment requested %u\n", alignment);
2575 free_space = drm_mm_search_free(&dev_priv->mm.gtt_space,
2576 obj->size, alignment, 0);
2577 if (free_space != NULL) {
2578 obj_priv->gtt_space = drm_mm_get_block(free_space, obj->size,
2580 if (obj_priv->gtt_space != NULL) {
2581 obj_priv->gtt_space->private = obj;
2582 obj_priv->gtt_offset = obj_priv->gtt_space->start;
2585 if (obj_priv->gtt_space == NULL) {
2586 /* If the gtt is empty and we're still having trouble
2587 * fitting our object in, we're out of memory.
2590 DRM_INFO("%s: GTT full, evicting something\n", __func__);
2592 ret = i915_gem_evict_something(dev, obj->size);
2594 if (ret != -ERESTARTSYS)
2595 DRM_ERROR("Failed to evict a buffer %d\n", ret);
2602 DRM_INFO("Binding object of size %zd at 0x%08x\n",
2603 obj->size, obj_priv->gtt_offset);
2606 i915_gem_object_set_page_gfp_mask (obj,
2607 i915_gem_object_get_page_gfp_mask (obj) & ~__GFP_NORETRY);
2609 ret = i915_gem_object_get_pages(obj);
2611 i915_gem_object_set_page_gfp_mask (obj,
2612 i915_gem_object_get_page_gfp_mask (obj) | __GFP_NORETRY);
2615 drm_mm_put_block(obj_priv->gtt_space);
2616 obj_priv->gtt_space = NULL;
2618 if (ret == -ENOMEM) {
2619 /* first try to clear up some space from the GTT */
2620 ret = i915_gem_evict_something(dev, obj->size);
2622 if (ret != -ERESTARTSYS)
2623 DRM_ERROR("Failed to allocate space for backing pages %d\n", ret);
2625 /* now try to shrink everyone else */
2626 if (! retry_alloc) {
2640 /* Create an AGP memory structure pointing at our pages, and bind it
2643 obj_priv->agp_mem = drm_agp_bind_pages(dev,
2645 obj->size >> PAGE_SHIFT,
2646 obj_priv->gtt_offset,
2647 obj_priv->agp_type);
2648 if (obj_priv->agp_mem == NULL) {
2649 i915_gem_object_put_pages(obj);
2650 drm_mm_put_block(obj_priv->gtt_space);
2651 obj_priv->gtt_space = NULL;
2653 ret = i915_gem_evict_something(dev, obj->size);
2655 if (ret != -ERESTARTSYS)
2656 DRM_ERROR("Failed to allocate space to bind AGP: %d\n", ret);
2662 atomic_inc(&dev->gtt_count);
2663 atomic_add(obj->size, &dev->gtt_memory);
2665 /* Assert that the object is not currently in any GPU domain. As it
2666 * wasn't in the GTT, there shouldn't be any way it could have been in
2669 BUG_ON(obj->read_domains & I915_GEM_GPU_DOMAINS);
2670 BUG_ON(obj->write_domain & I915_GEM_GPU_DOMAINS);
2672 trace_i915_gem_object_bind(obj, obj_priv->gtt_offset);
2678 i915_gem_clflush_object(struct drm_gem_object *obj)
2680 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2682 /* If we don't have a page list set up, then we're not pinned
2683 * to GPU, and we can ignore the cache flush because it'll happen
2684 * again at bind time.
2686 if (obj_priv->pages == NULL)
2689 trace_i915_gem_object_clflush(obj);
2691 drm_clflush_pages(obj_priv->pages, obj->size / PAGE_SIZE);
2694 /** Flushes any GPU write domain for the object if it's dirty. */
2696 i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj)
2698 struct drm_device *dev = obj->dev;
2700 uint32_t old_write_domain;
2702 if ((obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
2705 /* Queue the GPU write cache flushing we need. */
2706 old_write_domain = obj->write_domain;
2707 i915_gem_flush(dev, 0, obj->write_domain);
2708 seqno = i915_add_request(dev, NULL, obj->write_domain);
2709 obj->write_domain = 0;
2710 i915_gem_object_move_to_active(obj, seqno);
2712 trace_i915_gem_object_change_domain(obj,
2717 /** Flushes the GTT write domain for the object if it's dirty. */
2719 i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj)
2721 uint32_t old_write_domain;
2723 if (obj->write_domain != I915_GEM_DOMAIN_GTT)
2726 /* No actual flushing is required for the GTT write domain. Writes
2727 * to it immediately go to main memory as far as we know, so there's
2728 * no chipset flush. It also doesn't land in render cache.
2730 old_write_domain = obj->write_domain;
2731 obj->write_domain = 0;
2733 trace_i915_gem_object_change_domain(obj,
2738 /** Flushes the CPU write domain for the object if it's dirty. */
2740 i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj)
2742 struct drm_device *dev = obj->dev;
2743 uint32_t old_write_domain;
2745 if (obj->write_domain != I915_GEM_DOMAIN_CPU)
2748 i915_gem_clflush_object(obj);
2749 drm_agp_chipset_flush(dev);
2750 old_write_domain = obj->write_domain;
2751 obj->write_domain = 0;
2753 trace_i915_gem_object_change_domain(obj,
2759 * Moves a single object to the GTT read, and possibly write domain.
2761 * This function returns when the move is complete, including waiting on
2765 i915_gem_object_set_to_gtt_domain(struct drm_gem_object *obj, int write)
2767 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2768 uint32_t old_write_domain, old_read_domains;
2771 /* Not valid to be called on unbound objects. */
2772 if (obj_priv->gtt_space == NULL)
2775 i915_gem_object_flush_gpu_write_domain(obj);
2776 /* Wait on any GPU rendering and flushing to occur. */
2777 ret = i915_gem_object_wait_rendering(obj);
2781 old_write_domain = obj->write_domain;
2782 old_read_domains = obj->read_domains;
2784 /* If we're writing through the GTT domain, then CPU and GPU caches
2785 * will need to be invalidated at next use.
2788 obj->read_domains &= I915_GEM_DOMAIN_GTT;
2790 i915_gem_object_flush_cpu_write_domain(obj);
2792 /* It should now be out of any other write domains, and we can update
2793 * the domain values for our changes.
2795 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_GTT) != 0);
2796 obj->read_domains |= I915_GEM_DOMAIN_GTT;
2798 obj->write_domain = I915_GEM_DOMAIN_GTT;
2799 obj_priv->dirty = 1;
2802 trace_i915_gem_object_change_domain(obj,
2810 * Moves a single object to the CPU read, and possibly write domain.
2812 * This function returns when the move is complete, including waiting on
2816 i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj, int write)
2818 uint32_t old_write_domain, old_read_domains;
2821 i915_gem_object_flush_gpu_write_domain(obj);
2822 /* Wait on any GPU rendering and flushing to occur. */
2823 ret = i915_gem_object_wait_rendering(obj);
2827 i915_gem_object_flush_gtt_write_domain(obj);
2829 /* If we have a partially-valid cache of the object in the CPU,
2830 * finish invalidating it and free the per-page flags.
2832 i915_gem_object_set_to_full_cpu_read_domain(obj);
2834 old_write_domain = obj->write_domain;
2835 old_read_domains = obj->read_domains;
2837 /* Flush the CPU cache if it's still invalid. */
2838 if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0) {
2839 i915_gem_clflush_object(obj);
2841 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2844 /* It should now be out of any other write domains, and we can update
2845 * the domain values for our changes.
2847 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2849 /* If we're writing through the CPU, then the GPU read domains will
2850 * need to be invalidated at next use.
2853 obj->read_domains &= I915_GEM_DOMAIN_CPU;
2854 obj->write_domain = I915_GEM_DOMAIN_CPU;
2857 trace_i915_gem_object_change_domain(obj,
2865 * Set the next domain for the specified object. This
2866 * may not actually perform the necessary flushing/invaliding though,
2867 * as that may want to be batched with other set_domain operations
2869 * This is (we hope) the only really tricky part of gem. The goal
2870 * is fairly simple -- track which caches hold bits of the object
2871 * and make sure they remain coherent. A few concrete examples may
2872 * help to explain how it works. For shorthand, we use the notation
2873 * (read_domains, write_domain), e.g. (CPU, CPU) to indicate the
2874 * a pair of read and write domain masks.
2876 * Case 1: the batch buffer
2882 * 5. Unmapped from GTT
2885 * Let's take these a step at a time
2888 * Pages allocated from the kernel may still have
2889 * cache contents, so we set them to (CPU, CPU) always.
2890 * 2. Written by CPU (using pwrite)
2891 * The pwrite function calls set_domain (CPU, CPU) and
2892 * this function does nothing (as nothing changes)
2894 * This function asserts that the object is not
2895 * currently in any GPU-based read or write domains
2897 * i915_gem_execbuffer calls set_domain (COMMAND, 0).
2898 * As write_domain is zero, this function adds in the
2899 * current read domains (CPU+COMMAND, 0).
2900 * flush_domains is set to CPU.
2901 * invalidate_domains is set to COMMAND
2902 * clflush is run to get data out of the CPU caches
2903 * then i915_dev_set_domain calls i915_gem_flush to
2904 * emit an MI_FLUSH and drm_agp_chipset_flush
2905 * 5. Unmapped from GTT
2906 * i915_gem_object_unbind calls set_domain (CPU, CPU)
2907 * flush_domains and invalidate_domains end up both zero
2908 * so no flushing/invalidating happens
2912 * Case 2: The shared render buffer
2916 * 3. Read/written by GPU
2917 * 4. set_domain to (CPU,CPU)
2918 * 5. Read/written by CPU
2919 * 6. Read/written by GPU
2922 * Same as last example, (CPU, CPU)
2924 * Nothing changes (assertions find that it is not in the GPU)
2925 * 3. Read/written by GPU
2926 * execbuffer calls set_domain (RENDER, RENDER)
2927 * flush_domains gets CPU
2928 * invalidate_domains gets GPU
2930 * MI_FLUSH and drm_agp_chipset_flush
2931 * 4. set_domain (CPU, CPU)
2932 * flush_domains gets GPU
2933 * invalidate_domains gets CPU
2934 * wait_rendering (obj) to make sure all drawing is complete.
2935 * This will include an MI_FLUSH to get the data from GPU
2937 * clflush (obj) to invalidate the CPU cache
2938 * Another MI_FLUSH in i915_gem_flush (eliminate this somehow?)
2939 * 5. Read/written by CPU
2940 * cache lines are loaded and dirtied
2941 * 6. Read written by GPU
2942 * Same as last GPU access
2944 * Case 3: The constant buffer
2949 * 4. Updated (written) by CPU again
2958 * flush_domains = CPU
2959 * invalidate_domains = RENDER
2962 * drm_agp_chipset_flush
2963 * 4. Updated (written) by CPU again
2965 * flush_domains = 0 (no previous write domain)
2966 * invalidate_domains = 0 (no new read domains)
2969 * flush_domains = CPU
2970 * invalidate_domains = RENDER
2973 * drm_agp_chipset_flush
2976 i915_gem_object_set_to_gpu_domain(struct drm_gem_object *obj)
2978 struct drm_device *dev = obj->dev;
2979 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2980 uint32_t invalidate_domains = 0;
2981 uint32_t flush_domains = 0;
2982 uint32_t old_read_domains;
2984 BUG_ON(obj->pending_read_domains & I915_GEM_DOMAIN_CPU);
2985 BUG_ON(obj->pending_write_domain == I915_GEM_DOMAIN_CPU);
2987 intel_mark_busy(dev, obj);
2990 DRM_INFO("%s: object %p read %08x -> %08x write %08x -> %08x\n",
2992 obj->read_domains, obj->pending_read_domains,
2993 obj->write_domain, obj->pending_write_domain);
2996 * If the object isn't moving to a new write domain,
2997 * let the object stay in multiple read domains
2999 if (obj->pending_write_domain == 0)
3000 obj->pending_read_domains |= obj->read_domains;
3002 obj_priv->dirty = 1;
3005 * Flush the current write domain if
3006 * the new read domains don't match. Invalidate
3007 * any read domains which differ from the old
3010 if (obj->write_domain &&
3011 obj->write_domain != obj->pending_read_domains) {
3012 flush_domains |= obj->write_domain;
3013 invalidate_domains |=
3014 obj->pending_read_domains & ~obj->write_domain;
3017 * Invalidate any read caches which may have
3018 * stale data. That is, any new read domains.
3020 invalidate_domains |= obj->pending_read_domains & ~obj->read_domains;
3021 if ((flush_domains | invalidate_domains) & I915_GEM_DOMAIN_CPU) {
3023 DRM_INFO("%s: CPU domain flush %08x invalidate %08x\n",
3024 __func__, flush_domains, invalidate_domains);
3026 i915_gem_clflush_object(obj);
3029 old_read_domains = obj->read_domains;
3031 /* The actual obj->write_domain will be updated with
3032 * pending_write_domain after we emit the accumulated flush for all
3033 * of our domain changes in execbuffers (which clears objects'
3034 * write_domains). So if we have a current write domain that we
3035 * aren't changing, set pending_write_domain to that.
3037 if (flush_domains == 0 && obj->pending_write_domain == 0)
3038 obj->pending_write_domain = obj->write_domain;
3039 obj->read_domains = obj->pending_read_domains;
3041 dev->invalidate_domains |= invalidate_domains;
3042 dev->flush_domains |= flush_domains;
3044 DRM_INFO("%s: read %08x write %08x invalidate %08x flush %08x\n",
3046 obj->read_domains, obj->write_domain,
3047 dev->invalidate_domains, dev->flush_domains);
3050 trace_i915_gem_object_change_domain(obj,
3056 * Moves the object from a partially CPU read to a full one.
3058 * Note that this only resolves i915_gem_object_set_cpu_read_domain_range(),
3059 * and doesn't handle transitioning from !(read_domains & I915_GEM_DOMAIN_CPU).
3062 i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj)
3064 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3066 if (!obj_priv->page_cpu_valid)
3069 /* If we're partially in the CPU read domain, finish moving it in.
3071 if (obj->read_domains & I915_GEM_DOMAIN_CPU) {
3074 for (i = 0; i <= (obj->size - 1) / PAGE_SIZE; i++) {
3075 if (obj_priv->page_cpu_valid[i])
3077 drm_clflush_pages(obj_priv->pages + i, 1);
3081 /* Free the page_cpu_valid mappings which are now stale, whether
3082 * or not we've got I915_GEM_DOMAIN_CPU.
3084 kfree(obj_priv->page_cpu_valid);
3085 obj_priv->page_cpu_valid = NULL;
3089 * Set the CPU read domain on a range of the object.
3091 * The object ends up with I915_GEM_DOMAIN_CPU in its read flags although it's
3092 * not entirely valid. The page_cpu_valid member of the object flags which
3093 * pages have been flushed, and will be respected by
3094 * i915_gem_object_set_to_cpu_domain() if it's called on to get a valid mapping
3095 * of the whole object.
3097 * This function returns when the move is complete, including waiting on
3101 i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
3102 uint64_t offset, uint64_t size)
3104 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3105 uint32_t old_read_domains;
3108 if (offset == 0 && size == obj->size)
3109 return i915_gem_object_set_to_cpu_domain(obj, 0);
3111 i915_gem_object_flush_gpu_write_domain(obj);
3112 /* Wait on any GPU rendering and flushing to occur. */
3113 ret = i915_gem_object_wait_rendering(obj);
3116 i915_gem_object_flush_gtt_write_domain(obj);
3118 /* If we're already fully in the CPU read domain, we're done. */
3119 if (obj_priv->page_cpu_valid == NULL &&
3120 (obj->read_domains & I915_GEM_DOMAIN_CPU) != 0)
3123 /* Otherwise, create/clear the per-page CPU read domain flag if we're
3124 * newly adding I915_GEM_DOMAIN_CPU
3126 if (obj_priv->page_cpu_valid == NULL) {
3127 obj_priv->page_cpu_valid = kzalloc(obj->size / PAGE_SIZE,
3129 if (obj_priv->page_cpu_valid == NULL)
3131 } else if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0)
3132 memset(obj_priv->page_cpu_valid, 0, obj->size / PAGE_SIZE);
3134 /* Flush the cache on any pages that are still invalid from the CPU's
3137 for (i = offset / PAGE_SIZE; i <= (offset + size - 1) / PAGE_SIZE;
3139 if (obj_priv->page_cpu_valid[i])
3142 drm_clflush_pages(obj_priv->pages + i, 1);
3144 obj_priv->page_cpu_valid[i] = 1;
3147 /* It should now be out of any other write domains, and we can update
3148 * the domain values for our changes.
3150 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
3152 old_read_domains = obj->read_domains;
3153 obj->read_domains |= I915_GEM_DOMAIN_CPU;
3155 trace_i915_gem_object_change_domain(obj,
3163 * Pin an object to the GTT and evaluate the relocations landing in it.
3166 i915_gem_object_pin_and_relocate(struct drm_gem_object *obj,
3167 struct drm_file *file_priv,
3168 struct drm_i915_gem_exec_object *entry,
3169 struct drm_i915_gem_relocation_entry *relocs)
3171 struct drm_device *dev = obj->dev;
3172 drm_i915_private_t *dev_priv = dev->dev_private;
3173 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3175 void __iomem *reloc_page;
3177 /* Choose the GTT offset for our buffer and put it there. */
3178 ret = i915_gem_object_pin(obj, (uint32_t) entry->alignment);
3182 entry->offset = obj_priv->gtt_offset;
3184 /* Apply the relocations, using the GTT aperture to avoid cache
3185 * flushing requirements.
3187 for (i = 0; i < entry->relocation_count; i++) {
3188 struct drm_i915_gem_relocation_entry *reloc= &relocs[i];
3189 struct drm_gem_object *target_obj;
3190 struct drm_i915_gem_object *target_obj_priv;
3191 uint32_t reloc_val, reloc_offset;
3192 uint32_t __iomem *reloc_entry;
3194 target_obj = drm_gem_object_lookup(obj->dev, file_priv,
3195 reloc->target_handle);
3196 if (target_obj == NULL) {
3197 i915_gem_object_unpin(obj);
3200 target_obj_priv = target_obj->driver_private;
3203 DRM_INFO("%s: obj %p offset %08x target %d "
3204 "read %08x write %08x gtt %08x "
3205 "presumed %08x delta %08x\n",
3208 (int) reloc->offset,
3209 (int) reloc->target_handle,
3210 (int) reloc->read_domains,
3211 (int) reloc->write_domain,
3212 (int) target_obj_priv->gtt_offset,
3213 (int) reloc->presumed_offset,
3217 /* The target buffer should have appeared before us in the
3218 * exec_object list, so it should have a GTT space bound by now.
3220 if (target_obj_priv->gtt_space == NULL) {
3221 DRM_ERROR("No GTT space found for object %d\n",
3222 reloc->target_handle);
3223 drm_gem_object_unreference(target_obj);
3224 i915_gem_object_unpin(obj);
3228 /* Validate that the target is in a valid r/w GPU domain */
3229 if (reloc->write_domain & I915_GEM_DOMAIN_CPU ||
3230 reloc->read_domains & I915_GEM_DOMAIN_CPU) {
3231 DRM_ERROR("reloc with read/write CPU domains: "
3232 "obj %p target %d offset %d "
3233 "read %08x write %08x",
3234 obj, reloc->target_handle,
3235 (int) reloc->offset,
3236 reloc->read_domains,
3237 reloc->write_domain);
3238 drm_gem_object_unreference(target_obj);
3239 i915_gem_object_unpin(obj);
3242 if (reloc->write_domain && target_obj->pending_write_domain &&
3243 reloc->write_domain != target_obj->pending_write_domain) {
3244 DRM_ERROR("Write domain conflict: "
3245 "obj %p target %d offset %d "
3246 "new %08x old %08x\n",
3247 obj, reloc->target_handle,
3248 (int) reloc->offset,
3249 reloc->write_domain,
3250 target_obj->pending_write_domain);
3251 drm_gem_object_unreference(target_obj);
3252 i915_gem_object_unpin(obj);
3256 target_obj->pending_read_domains |= reloc->read_domains;
3257 target_obj->pending_write_domain |= reloc->write_domain;
3259 /* If the relocation already has the right value in it, no
3260 * more work needs to be done.
3262 if (target_obj_priv->gtt_offset == reloc->presumed_offset) {
3263 drm_gem_object_unreference(target_obj);
3267 /* Check that the relocation address is valid... */
3268 if (reloc->offset > obj->size - 4) {
3269 DRM_ERROR("Relocation beyond object bounds: "
3270 "obj %p target %d offset %d size %d.\n",
3271 obj, reloc->target_handle,
3272 (int) reloc->offset, (int) obj->size);
3273 drm_gem_object_unreference(target_obj);
3274 i915_gem_object_unpin(obj);
3277 if (reloc->offset & 3) {
3278 DRM_ERROR("Relocation not 4-byte aligned: "
3279 "obj %p target %d offset %d.\n",
3280 obj, reloc->target_handle,
3281 (int) reloc->offset);
3282 drm_gem_object_unreference(target_obj);
3283 i915_gem_object_unpin(obj);
3287 /* and points to somewhere within the target object. */
3288 if (reloc->delta >= target_obj->size) {
3289 DRM_ERROR("Relocation beyond target object bounds: "
3290 "obj %p target %d delta %d size %d.\n",
3291 obj, reloc->target_handle,
3292 (int) reloc->delta, (int) target_obj->size);
3293 drm_gem_object_unreference(target_obj);
3294 i915_gem_object_unpin(obj);
3298 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
3300 drm_gem_object_unreference(target_obj);
3301 i915_gem_object_unpin(obj);
3305 /* Map the page containing the relocation we're going to
3308 reloc_offset = obj_priv->gtt_offset + reloc->offset;
3309 reloc_page = io_mapping_map_atomic_wc(dev_priv->mm.gtt_mapping,
3312 reloc_entry = (uint32_t __iomem *)(reloc_page +
3313 (reloc_offset & (PAGE_SIZE - 1)));
3314 reloc_val = target_obj_priv->gtt_offset + reloc->delta;
3317 DRM_INFO("Applied relocation: %p@0x%08x %08x -> %08x\n",
3318 obj, (unsigned int) reloc->offset,
3319 readl(reloc_entry), reloc_val);
3321 writel(reloc_val, reloc_entry);
3322 io_mapping_unmap_atomic(reloc_page);
3324 /* The updated presumed offset for this entry will be
3325 * copied back out to the user.
3327 reloc->presumed_offset = target_obj_priv->gtt_offset;
3329 drm_gem_object_unreference(target_obj);
3334 i915_gem_dump_object(obj, 128, __func__, ~0);
3339 /** Dispatch a batchbuffer to the ring
3342 i915_dispatch_gem_execbuffer(struct drm_device *dev,
3343 struct drm_i915_gem_execbuffer *exec,
3344 struct drm_clip_rect *cliprects,
3345 uint64_t exec_offset)
3347 drm_i915_private_t *dev_priv = dev->dev_private;
3348 int nbox = exec->num_cliprects;
3350 uint32_t exec_start, exec_len;
3353 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3354 exec_len = (uint32_t) exec->batch_len;
3356 trace_i915_gem_request_submit(dev, dev_priv->mm.next_gem_seqno);
3358 count = nbox ? nbox : 1;
3360 for (i = 0; i < count; i++) {
3362 int ret = i915_emit_box(dev, cliprects, i,
3363 exec->DR1, exec->DR4);
3368 if (IS_I830(dev) || IS_845G(dev)) {
3370 OUT_RING(MI_BATCH_BUFFER);
3371 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
3372 OUT_RING(exec_start + exec_len - 4);
3377 if (IS_I965G(dev)) {
3378 OUT_RING(MI_BATCH_BUFFER_START |
3380 MI_BATCH_NON_SECURE_I965);
3381 OUT_RING(exec_start);
3383 OUT_RING(MI_BATCH_BUFFER_START |
3385 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
3391 /* XXX breadcrumb */
3395 /* Throttle our rendering by waiting until the ring has completed our requests
3396 * emitted over 20 msec ago.
3398 * Note that if we were to use the current jiffies each time around the loop,
3399 * we wouldn't escape the function with any frames outstanding if the time to
3400 * render a frame was over 20ms.
3402 * This should get us reasonable parallelism between CPU and GPU but also
3403 * relatively low latency when blocking on a particular request to finish.
3406 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file_priv)
3408 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
3410 unsigned long recent_enough = jiffies - msecs_to_jiffies(20);
3412 mutex_lock(&dev->struct_mutex);
3413 while (!list_empty(&i915_file_priv->mm.request_list)) {
3414 struct drm_i915_gem_request *request;
3416 request = list_first_entry(&i915_file_priv->mm.request_list,
3417 struct drm_i915_gem_request,
3420 if (time_after_eq(request->emitted_jiffies, recent_enough))
3423 ret = i915_wait_request(dev, request->seqno);
3427 mutex_unlock(&dev->struct_mutex);
3433 i915_gem_get_relocs_from_user(struct drm_i915_gem_exec_object *exec_list,
3434 uint32_t buffer_count,
3435 struct drm_i915_gem_relocation_entry **relocs)
3437 uint32_t reloc_count = 0, reloc_index = 0, i;
3441 for (i = 0; i < buffer_count; i++) {
3442 if (reloc_count + exec_list[i].relocation_count < reloc_count)
3444 reloc_count += exec_list[i].relocation_count;
3447 *relocs = drm_calloc_large(reloc_count, sizeof(**relocs));
3448 if (*relocs == NULL)
3451 for (i = 0; i < buffer_count; i++) {
3452 struct drm_i915_gem_relocation_entry __user *user_relocs;
3454 user_relocs = (void __user *)(uintptr_t)exec_list[i].relocs_ptr;
3456 ret = copy_from_user(&(*relocs)[reloc_index],
3458 exec_list[i].relocation_count *
3461 drm_free_large(*relocs);
3466 reloc_index += exec_list[i].relocation_count;
3473 i915_gem_put_relocs_to_user(struct drm_i915_gem_exec_object *exec_list,
3474 uint32_t buffer_count,
3475 struct drm_i915_gem_relocation_entry *relocs)
3477 uint32_t reloc_count = 0, i;
3480 for (i = 0; i < buffer_count; i++) {
3481 struct drm_i915_gem_relocation_entry __user *user_relocs;
3484 user_relocs = (void __user *)(uintptr_t)exec_list[i].relocs_ptr;
3486 unwritten = copy_to_user(user_relocs,
3487 &relocs[reloc_count],
3488 exec_list[i].relocation_count *
3496 reloc_count += exec_list[i].relocation_count;
3500 drm_free_large(relocs);
3506 i915_gem_check_execbuffer (struct drm_i915_gem_execbuffer *exec,
3507 uint64_t exec_offset)
3509 uint32_t exec_start, exec_len;
3511 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3512 exec_len = (uint32_t) exec->batch_len;
3514 if ((exec_start | exec_len) & 0x7)
3524 i915_gem_execbuffer(struct drm_device *dev, void *data,
3525 struct drm_file *file_priv)
3527 drm_i915_private_t *dev_priv = dev->dev_private;
3528 struct drm_i915_gem_execbuffer *args = data;
3529 struct drm_i915_gem_exec_object *exec_list = NULL;
3530 struct drm_gem_object **object_list = NULL;
3531 struct drm_gem_object *batch_obj;
3532 struct drm_i915_gem_object *obj_priv;
3533 struct drm_clip_rect *cliprects = NULL;
3534 struct drm_i915_gem_relocation_entry *relocs;
3535 int ret, ret2, i, pinned = 0;
3536 uint64_t exec_offset;
3537 uint32_t seqno, flush_domains, reloc_index;
3541 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
3542 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
3545 if (args->buffer_count < 1) {
3546 DRM_ERROR("execbuf with %d buffers\n", args->buffer_count);
3549 /* Copy in the exec list from userland */
3550 exec_list = drm_calloc_large(sizeof(*exec_list), args->buffer_count);
3551 object_list = drm_calloc_large(sizeof(*object_list), args->buffer_count);
3552 if (exec_list == NULL || object_list == NULL) {
3553 DRM_ERROR("Failed to allocate exec or object list "
3555 args->buffer_count);
3559 ret = copy_from_user(exec_list,
3560 (struct drm_i915_relocation_entry __user *)
3561 (uintptr_t) args->buffers_ptr,
3562 sizeof(*exec_list) * args->buffer_count);
3564 DRM_ERROR("copy %d exec entries failed %d\n",
3565 args->buffer_count, ret);
3569 if (args->num_cliprects != 0) {
3570 cliprects = kcalloc(args->num_cliprects, sizeof(*cliprects),
3572 if (cliprects == NULL)
3575 ret = copy_from_user(cliprects,
3576 (struct drm_clip_rect __user *)
3577 (uintptr_t) args->cliprects_ptr,
3578 sizeof(*cliprects) * args->num_cliprects);
3580 DRM_ERROR("copy %d cliprects failed: %d\n",
3581 args->num_cliprects, ret);
3586 ret = i915_gem_get_relocs_from_user(exec_list, args->buffer_count,
3591 mutex_lock(&dev->struct_mutex);
3593 i915_verify_inactive(dev, __FILE__, __LINE__);
3595 if (atomic_read(&dev_priv->mm.wedged)) {
3596 DRM_ERROR("Execbuf while wedged\n");
3597 mutex_unlock(&dev->struct_mutex);
3602 if (dev_priv->mm.suspended) {
3603 DRM_ERROR("Execbuf while VT-switched.\n");
3604 mutex_unlock(&dev->struct_mutex);
3609 /* Look up object handles */
3610 for (i = 0; i < args->buffer_count; i++) {
3611 object_list[i] = drm_gem_object_lookup(dev, file_priv,
3612 exec_list[i].handle);
3613 if (object_list[i] == NULL) {
3614 DRM_ERROR("Invalid object handle %d at index %d\n",
3615 exec_list[i].handle, i);
3620 obj_priv = object_list[i]->driver_private;
3621 if (obj_priv->in_execbuffer) {
3622 DRM_ERROR("Object %p appears more than once in object list\n",
3627 obj_priv->in_execbuffer = true;
3630 /* Pin and relocate */
3631 for (pin_tries = 0; ; pin_tries++) {
3635 for (i = 0; i < args->buffer_count; i++) {
3636 object_list[i]->pending_read_domains = 0;
3637 object_list[i]->pending_write_domain = 0;
3638 ret = i915_gem_object_pin_and_relocate(object_list[i],
3641 &relocs[reloc_index]);
3645 reloc_index += exec_list[i].relocation_count;
3651 /* error other than GTT full, or we've already tried again */
3652 if (ret != -ENOSPC || pin_tries >= 1) {
3653 if (ret != -ERESTARTSYS) {
3654 unsigned long long total_size = 0;
3655 for (i = 0; i < args->buffer_count; i++)
3656 total_size += object_list[i]->size;
3657 DRM_ERROR("Failed to pin buffer %d of %d, total %llu bytes: %d\n",
3658 pinned+1, args->buffer_count,
3660 DRM_ERROR("%d objects [%d pinned], "
3661 "%d object bytes [%d pinned], "
3662 "%d/%d gtt bytes\n",
3663 atomic_read(&dev->object_count),
3664 atomic_read(&dev->pin_count),
3665 atomic_read(&dev->object_memory),
3666 atomic_read(&dev->pin_memory),
3667 atomic_read(&dev->gtt_memory),
3673 /* unpin all of our buffers */
3674 for (i = 0; i < pinned; i++)
3675 i915_gem_object_unpin(object_list[i]);
3678 /* evict everyone we can from the aperture */
3679 ret = i915_gem_evict_everything(dev);
3680 if (ret && ret != -ENOSPC)
3684 /* Set the pending read domains for the batch buffer to COMMAND */
3685 batch_obj = object_list[args->buffer_count-1];
3686 if (batch_obj->pending_write_domain) {
3687 DRM_ERROR("Attempting to use self-modifying batch buffer\n");
3691 batch_obj->pending_read_domains |= I915_GEM_DOMAIN_COMMAND;
3693 /* Sanity check the batch buffer, prior to moving objects */
3694 exec_offset = exec_list[args->buffer_count - 1].offset;
3695 ret = i915_gem_check_execbuffer (args, exec_offset);
3697 DRM_ERROR("execbuf with invalid offset/length\n");
3701 i915_verify_inactive(dev, __FILE__, __LINE__);
3703 /* Zero the global flush/invalidate flags. These
3704 * will be modified as new domains are computed
3707 dev->invalidate_domains = 0;
3708 dev->flush_domains = 0;
3710 for (i = 0; i < args->buffer_count; i++) {
3711 struct drm_gem_object *obj = object_list[i];
3713 /* Compute new gpu domains and update invalidate/flush */
3714 i915_gem_object_set_to_gpu_domain(obj);
3717 i915_verify_inactive(dev, __FILE__, __LINE__);
3719 if (dev->invalidate_domains | dev->flush_domains) {
3721 DRM_INFO("%s: invalidate_domains %08x flush_domains %08x\n",
3723 dev->invalidate_domains,
3724 dev->flush_domains);
3727 dev->invalidate_domains,
3728 dev->flush_domains);
3729 if (dev->flush_domains)
3730 (void)i915_add_request(dev, file_priv,
3731 dev->flush_domains);
3734 for (i = 0; i < args->buffer_count; i++) {
3735 struct drm_gem_object *obj = object_list[i];
3736 uint32_t old_write_domain = obj->write_domain;
3738 obj->write_domain = obj->pending_write_domain;
3739 trace_i915_gem_object_change_domain(obj,
3744 i915_verify_inactive(dev, __FILE__, __LINE__);
3747 for (i = 0; i < args->buffer_count; i++) {
3748 i915_gem_object_check_coherency(object_list[i],
3749 exec_list[i].handle);
3754 i915_gem_dump_object(batch_obj,
3760 /* Exec the batchbuffer */
3761 ret = i915_dispatch_gem_execbuffer(dev, args, cliprects, exec_offset);
3763 DRM_ERROR("dispatch failed %d\n", ret);
3768 * Ensure that the commands in the batch buffer are
3769 * finished before the interrupt fires
3771 flush_domains = i915_retire_commands(dev);
3773 i915_verify_inactive(dev, __FILE__, __LINE__);
3776 * Get a seqno representing the execution of the current buffer,
3777 * which we can wait on. We would like to mitigate these interrupts,
3778 * likely by only creating seqnos occasionally (so that we have
3779 * *some* interrupts representing completion of buffers that we can
3780 * wait on when trying to clear up gtt space).
3782 seqno = i915_add_request(dev, file_priv, flush_domains);
3784 for (i = 0; i < args->buffer_count; i++) {
3785 struct drm_gem_object *obj = object_list[i];
3787 i915_gem_object_move_to_active(obj, seqno);
3789 DRM_INFO("%s: move to exec list %p\n", __func__, obj);
3793 i915_dump_lru(dev, __func__);
3796 i915_verify_inactive(dev, __FILE__, __LINE__);
3799 for (i = 0; i < pinned; i++)
3800 i915_gem_object_unpin(object_list[i]);
3802 for (i = 0; i < args->buffer_count; i++) {
3803 if (object_list[i]) {
3804 obj_priv = object_list[i]->driver_private;
3805 obj_priv->in_execbuffer = false;
3807 drm_gem_object_unreference(object_list[i]);
3810 mutex_unlock(&dev->struct_mutex);
3813 /* Copy the new buffer offsets back to the user's exec list. */
3814 ret = copy_to_user((struct drm_i915_relocation_entry __user *)
3815 (uintptr_t) args->buffers_ptr,
3817 sizeof(*exec_list) * args->buffer_count);
3820 DRM_ERROR("failed to copy %d exec entries "
3821 "back to user (%d)\n",
3822 args->buffer_count, ret);
3826 /* Copy the updated relocations out regardless of current error
3827 * state. Failure to update the relocs would mean that the next
3828 * time userland calls execbuf, it would do so with presumed offset
3829 * state that didn't match the actual object state.
3831 ret2 = i915_gem_put_relocs_to_user(exec_list, args->buffer_count,
3834 DRM_ERROR("Failed to copy relocations back out: %d\n", ret2);
3841 drm_free_large(object_list);
3842 drm_free_large(exec_list);
3849 i915_gem_object_pin(struct drm_gem_object *obj, uint32_t alignment)
3851 struct drm_device *dev = obj->dev;
3852 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3855 i915_verify_inactive(dev, __FILE__, __LINE__);
3856 if (obj_priv->gtt_space == NULL) {
3857 ret = i915_gem_object_bind_to_gtt(obj, alignment);
3859 if (ret != -EBUSY && ret != -ERESTARTSYS)
3860 DRM_ERROR("Failure to bind: %d\n", ret);
3865 * Pre-965 chips need a fence register set up in order to
3866 * properly handle tiled surfaces.
3868 if (!IS_I965G(dev) && obj_priv->tiling_mode != I915_TILING_NONE) {
3869 ret = i915_gem_object_get_fence_reg(obj);
3871 if (ret != -EBUSY && ret != -ERESTARTSYS)
3872 DRM_ERROR("Failure to install fence: %d\n",
3877 obj_priv->pin_count++;
3879 /* If the object is not active and not pending a flush,
3880 * remove it from the inactive list
3882 if (obj_priv->pin_count == 1) {
3883 atomic_inc(&dev->pin_count);
3884 atomic_add(obj->size, &dev->pin_memory);
3885 if (!obj_priv->active &&
3886 (obj->write_domain & I915_GEM_GPU_DOMAINS) == 0 &&
3887 !list_empty(&obj_priv->list))
3888 list_del_init(&obj_priv->list);
3890 i915_verify_inactive(dev, __FILE__, __LINE__);
3896 i915_gem_object_unpin(struct drm_gem_object *obj)
3898 struct drm_device *dev = obj->dev;
3899 drm_i915_private_t *dev_priv = dev->dev_private;
3900 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3902 i915_verify_inactive(dev, __FILE__, __LINE__);
3903 obj_priv->pin_count--;
3904 BUG_ON(obj_priv->pin_count < 0);
3905 BUG_ON(obj_priv->gtt_space == NULL);
3907 /* If the object is no longer pinned, and is
3908 * neither active nor being flushed, then stick it on
3911 if (obj_priv->pin_count == 0) {
3912 if (!obj_priv->active &&
3913 (obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
3914 list_move_tail(&obj_priv->list,
3915 &dev_priv->mm.inactive_list);
3916 atomic_dec(&dev->pin_count);
3917 atomic_sub(obj->size, &dev->pin_memory);
3919 i915_verify_inactive(dev, __FILE__, __LINE__);
3923 i915_gem_pin_ioctl(struct drm_device *dev, void *data,
3924 struct drm_file *file_priv)
3926 struct drm_i915_gem_pin *args = data;
3927 struct drm_gem_object *obj;
3928 struct drm_i915_gem_object *obj_priv;
3931 mutex_lock(&dev->struct_mutex);
3933 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3935 DRM_ERROR("Bad handle in i915_gem_pin_ioctl(): %d\n",
3937 mutex_unlock(&dev->struct_mutex);
3940 obj_priv = obj->driver_private;
3942 if (obj_priv->madv == I915_MADV_DONTNEED) {
3943 DRM_ERROR("Attempting to pin a I915_MADV_DONTNEED buffer\n");
3944 drm_gem_object_unreference(obj);
3945 mutex_unlock(&dev->struct_mutex);
3949 if (obj_priv->pin_filp != NULL && obj_priv->pin_filp != file_priv) {
3950 DRM_ERROR("Already pinned in i915_gem_pin_ioctl(): %d\n",
3952 drm_gem_object_unreference(obj);
3953 mutex_unlock(&dev->struct_mutex);
3957 obj_priv->user_pin_count++;
3958 obj_priv->pin_filp = file_priv;
3959 if (obj_priv->user_pin_count == 1) {
3960 ret = i915_gem_object_pin(obj, args->alignment);
3962 drm_gem_object_unreference(obj);
3963 mutex_unlock(&dev->struct_mutex);
3968 /* XXX - flush the CPU caches for pinned objects
3969 * as the X server doesn't manage domains yet
3971 i915_gem_object_flush_cpu_write_domain(obj);
3972 args->offset = obj_priv->gtt_offset;
3973 drm_gem_object_unreference(obj);
3974 mutex_unlock(&dev->struct_mutex);
3980 i915_gem_unpin_ioctl(struct drm_device *dev, void *data,
3981 struct drm_file *file_priv)
3983 struct drm_i915_gem_pin *args = data;
3984 struct drm_gem_object *obj;
3985 struct drm_i915_gem_object *obj_priv;
3987 mutex_lock(&dev->struct_mutex);
3989 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3991 DRM_ERROR("Bad handle in i915_gem_unpin_ioctl(): %d\n",
3993 mutex_unlock(&dev->struct_mutex);
3997 obj_priv = obj->driver_private;
3998 if (obj_priv->pin_filp != file_priv) {
3999 DRM_ERROR("Not pinned by caller in i915_gem_pin_ioctl(): %d\n",
4001 drm_gem_object_unreference(obj);
4002 mutex_unlock(&dev->struct_mutex);
4005 obj_priv->user_pin_count--;
4006 if (obj_priv->user_pin_count == 0) {
4007 obj_priv->pin_filp = NULL;
4008 i915_gem_object_unpin(obj);
4011 drm_gem_object_unreference(obj);
4012 mutex_unlock(&dev->struct_mutex);
4017 i915_gem_busy_ioctl(struct drm_device *dev, void *data,
4018 struct drm_file *file_priv)
4020 struct drm_i915_gem_busy *args = data;
4021 struct drm_gem_object *obj;
4022 struct drm_i915_gem_object *obj_priv;
4024 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4026 DRM_ERROR("Bad handle in i915_gem_busy_ioctl(): %d\n",
4031 mutex_lock(&dev->struct_mutex);
4032 /* Update the active list for the hardware's current position.
4033 * Otherwise this only updates on a delayed timer or when irqs are
4034 * actually unmasked, and our working set ends up being larger than
4037 i915_gem_retire_requests(dev);
4039 obj_priv = obj->driver_private;
4040 /* Don't count being on the flushing list against the object being
4041 * done. Otherwise, a buffer left on the flushing list but not getting
4042 * flushed (because nobody's flushing that domain) won't ever return
4043 * unbusy and get reused by libdrm's bo cache. The other expected
4044 * consumer of this interface, OpenGL's occlusion queries, also specs
4045 * that the objects get unbusy "eventually" without any interference.
4047 args->busy = obj_priv->active && obj_priv->last_rendering_seqno != 0;
4049 drm_gem_object_unreference(obj);
4050 mutex_unlock(&dev->struct_mutex);
4055 i915_gem_throttle_ioctl(struct drm_device *dev, void *data,
4056 struct drm_file *file_priv)
4058 return i915_gem_ring_throttle(dev, file_priv);
4062 i915_gem_madvise_ioctl(struct drm_device *dev, void *data,
4063 struct drm_file *file_priv)
4065 struct drm_i915_gem_madvise *args = data;
4066 struct drm_gem_object *obj;
4067 struct drm_i915_gem_object *obj_priv;
4069 switch (args->madv) {
4070 case I915_MADV_DONTNEED:
4071 case I915_MADV_WILLNEED:
4077 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4079 DRM_ERROR("Bad handle in i915_gem_madvise_ioctl(): %d\n",
4084 mutex_lock(&dev->struct_mutex);
4085 obj_priv = obj->driver_private;
4087 if (obj_priv->pin_count) {
4088 drm_gem_object_unreference(obj);
4089 mutex_unlock(&dev->struct_mutex);
4091 DRM_ERROR("Attempted i915_gem_madvise_ioctl() on a pinned object\n");
4095 obj_priv->madv = args->madv;
4096 args->retained = obj_priv->gtt_space != NULL;
4098 drm_gem_object_unreference(obj);
4099 mutex_unlock(&dev->struct_mutex);
4104 int i915_gem_init_object(struct drm_gem_object *obj)
4106 struct drm_i915_gem_object *obj_priv;
4108 obj_priv = kzalloc(sizeof(*obj_priv), GFP_KERNEL);
4109 if (obj_priv == NULL)
4113 * We've just allocated pages from the kernel,
4114 * so they've just been written by the CPU with
4115 * zeros. They'll need to be clflushed before we
4116 * use them with the GPU.
4118 obj->write_domain = I915_GEM_DOMAIN_CPU;
4119 obj->read_domains = I915_GEM_DOMAIN_CPU;
4121 obj_priv->agp_type = AGP_USER_MEMORY;
4123 obj->driver_private = obj_priv;
4124 obj_priv->obj = obj;
4125 obj_priv->fence_reg = I915_FENCE_REG_NONE;
4126 INIT_LIST_HEAD(&obj_priv->list);
4127 INIT_LIST_HEAD(&obj_priv->fence_list);
4128 obj_priv->madv = I915_MADV_WILLNEED;
4130 trace_i915_gem_object_create(obj);
4135 void i915_gem_free_object(struct drm_gem_object *obj)
4137 struct drm_device *dev = obj->dev;
4138 struct drm_i915_gem_object *obj_priv = obj->driver_private;
4140 trace_i915_gem_object_destroy(obj);
4142 while (obj_priv->pin_count > 0)
4143 i915_gem_object_unpin(obj);
4145 if (obj_priv->phys_obj)
4146 i915_gem_detach_phys_object(dev, obj);
4148 i915_gem_object_unbind(obj);
4150 if (obj_priv->mmap_offset)
4151 i915_gem_free_mmap_offset(obj);
4153 kfree(obj_priv->page_cpu_valid);
4154 kfree(obj_priv->bit_17);
4155 kfree(obj->driver_private);
4158 /** Unbinds all objects that are on the given buffer list. */
4160 i915_gem_evict_from_list(struct drm_device *dev, struct list_head *head)
4162 struct drm_gem_object *obj;
4163 struct drm_i915_gem_object *obj_priv;
4166 while (!list_empty(head)) {
4167 obj_priv = list_first_entry(head,
4168 struct drm_i915_gem_object,
4170 obj = obj_priv->obj;
4172 if (obj_priv->pin_count != 0) {
4173 DRM_ERROR("Pinned object in unbind list\n");
4174 mutex_unlock(&dev->struct_mutex);
4178 ret = i915_gem_object_unbind(obj);
4180 DRM_ERROR("Error unbinding object in LeaveVT: %d\n",
4182 mutex_unlock(&dev->struct_mutex);
4192 i915_gem_idle(struct drm_device *dev)
4194 drm_i915_private_t *dev_priv = dev->dev_private;
4195 uint32_t seqno, cur_seqno, last_seqno;
4198 mutex_lock(&dev->struct_mutex);
4200 if (dev_priv->mm.suspended || dev_priv->ring.ring_obj == NULL) {
4201 mutex_unlock(&dev->struct_mutex);
4205 /* Hack! Don't let anybody do execbuf while we don't control the chip.
4206 * We need to replace this with a semaphore, or something.
4208 dev_priv->mm.suspended = 1;
4209 del_timer(&dev_priv->hangcheck_timer);
4211 /* Cancel the retire work handler, wait for it to finish if running
4213 mutex_unlock(&dev->struct_mutex);
4214 cancel_delayed_work_sync(&dev_priv->mm.retire_work);
4215 mutex_lock(&dev->struct_mutex);
4217 i915_kernel_lost_context(dev);
4219 /* Flush the GPU along with all non-CPU write domains
4221 i915_gem_flush(dev, I915_GEM_GPU_DOMAINS, I915_GEM_GPU_DOMAINS);
4222 seqno = i915_add_request(dev, NULL, I915_GEM_GPU_DOMAINS);
4225 mutex_unlock(&dev->struct_mutex);
4229 dev_priv->mm.waiting_gem_seqno = seqno;
4233 cur_seqno = i915_get_gem_seqno(dev);
4234 if (i915_seqno_passed(cur_seqno, seqno))
4236 if (last_seqno == cur_seqno) {
4237 if (stuck++ > 100) {
4238 DRM_ERROR("hardware wedged\n");
4239 atomic_set(&dev_priv->mm.wedged, 1);
4240 DRM_WAKEUP(&dev_priv->irq_queue);
4245 last_seqno = cur_seqno;
4247 dev_priv->mm.waiting_gem_seqno = 0;
4249 i915_gem_retire_requests(dev);
4251 spin_lock(&dev_priv->mm.active_list_lock);
4252 if (!atomic_read(&dev_priv->mm.wedged)) {
4253 /* Active and flushing should now be empty as we've
4254 * waited for a sequence higher than any pending execbuffer
4256 WARN_ON(!list_empty(&dev_priv->mm.active_list));
4257 WARN_ON(!list_empty(&dev_priv->mm.flushing_list));
4258 /* Request should now be empty as we've also waited
4259 * for the last request in the list
4261 WARN_ON(!list_empty(&dev_priv->mm.request_list));
4264 /* Empty the active and flushing lists to inactive. If there's
4265 * anything left at this point, it means that we're wedged and
4266 * nothing good's going to happen by leaving them there. So strip
4267 * the GPU domains and just stuff them onto inactive.
4269 while (!list_empty(&dev_priv->mm.active_list)) {
4270 struct drm_gem_object *obj;
4271 uint32_t old_write_domain;
4273 obj = list_first_entry(&dev_priv->mm.active_list,
4274 struct drm_i915_gem_object,
4276 old_write_domain = obj->write_domain;
4277 obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
4278 i915_gem_object_move_to_inactive(obj);
4280 trace_i915_gem_object_change_domain(obj,
4284 spin_unlock(&dev_priv->mm.active_list_lock);
4286 while (!list_empty(&dev_priv->mm.flushing_list)) {
4287 struct drm_gem_object *obj;
4288 uint32_t old_write_domain;
4290 obj = list_first_entry(&dev_priv->mm.flushing_list,
4291 struct drm_i915_gem_object,
4293 old_write_domain = obj->write_domain;
4294 obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
4295 i915_gem_object_move_to_inactive(obj);
4297 trace_i915_gem_object_change_domain(obj,
4303 /* Move all inactive buffers out of the GTT. */
4304 ret = i915_gem_evict_from_list(dev, &dev_priv->mm.inactive_list);
4305 WARN_ON(!list_empty(&dev_priv->mm.inactive_list));
4307 mutex_unlock(&dev->struct_mutex);
4311 i915_gem_cleanup_ringbuffer(dev);
4312 mutex_unlock(&dev->struct_mutex);
4318 i915_gem_init_hws(struct drm_device *dev)
4320 drm_i915_private_t *dev_priv = dev->dev_private;
4321 struct drm_gem_object *obj;
4322 struct drm_i915_gem_object *obj_priv;
4325 /* If we need a physical address for the status page, it's already
4326 * initialized at driver load time.
4328 if (!I915_NEED_GFX_HWS(dev))
4331 obj = drm_gem_object_alloc(dev, 4096);
4333 DRM_ERROR("Failed to allocate status page\n");
4336 obj_priv = obj->driver_private;
4337 obj_priv->agp_type = AGP_USER_CACHED_MEMORY;
4339 ret = i915_gem_object_pin(obj, 4096);
4341 drm_gem_object_unreference(obj);
4345 dev_priv->status_gfx_addr = obj_priv->gtt_offset;
4347 dev_priv->hw_status_page = kmap(obj_priv->pages[0]);
4348 if (dev_priv->hw_status_page == NULL) {
4349 DRM_ERROR("Failed to map status page.\n");
4350 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
4351 i915_gem_object_unpin(obj);
4352 drm_gem_object_unreference(obj);
4355 dev_priv->hws_obj = obj;
4356 memset(dev_priv->hw_status_page, 0, PAGE_SIZE);
4357 I915_WRITE(HWS_PGA, dev_priv->status_gfx_addr);
4358 I915_READ(HWS_PGA); /* posting read */
4359 DRM_DEBUG("hws offset: 0x%08x\n", dev_priv->status_gfx_addr);
4365 i915_gem_cleanup_hws(struct drm_device *dev)
4367 drm_i915_private_t *dev_priv = dev->dev_private;
4368 struct drm_gem_object *obj;
4369 struct drm_i915_gem_object *obj_priv;
4371 if (dev_priv->hws_obj == NULL)
4374 obj = dev_priv->hws_obj;
4375 obj_priv = obj->driver_private;
4377 kunmap(obj_priv->pages[0]);
4378 i915_gem_object_unpin(obj);
4379 drm_gem_object_unreference(obj);
4380 dev_priv->hws_obj = NULL;
4382 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
4383 dev_priv->hw_status_page = NULL;
4385 /* Write high address into HWS_PGA when disabling. */
4386 I915_WRITE(HWS_PGA, 0x1ffff000);
4390 i915_gem_init_ringbuffer(struct drm_device *dev)
4392 drm_i915_private_t *dev_priv = dev->dev_private;
4393 struct drm_gem_object *obj;
4394 struct drm_i915_gem_object *obj_priv;
4395 drm_i915_ring_buffer_t *ring = &dev_priv->ring;
4399 ret = i915_gem_init_hws(dev);
4403 obj = drm_gem_object_alloc(dev, 128 * 1024);
4405 DRM_ERROR("Failed to allocate ringbuffer\n");
4406 i915_gem_cleanup_hws(dev);
4409 obj_priv = obj->driver_private;
4411 ret = i915_gem_object_pin(obj, 4096);
4413 drm_gem_object_unreference(obj);
4414 i915_gem_cleanup_hws(dev);
4418 /* Set up the kernel mapping for the ring. */
4419 ring->Size = obj->size;
4421 ring->map.offset = dev->agp->base + obj_priv->gtt_offset;
4422 ring->map.size = obj->size;
4424 ring->map.flags = 0;
4427 drm_core_ioremap_wc(&ring->map, dev);
4428 if (ring->map.handle == NULL) {
4429 DRM_ERROR("Failed to map ringbuffer.\n");
4430 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
4431 i915_gem_object_unpin(obj);
4432 drm_gem_object_unreference(obj);
4433 i915_gem_cleanup_hws(dev);
4436 ring->ring_obj = obj;
4437 ring->virtual_start = ring->map.handle;
4439 /* Stop the ring if it's running. */
4440 I915_WRITE(PRB0_CTL, 0);
4441 I915_WRITE(PRB0_TAIL, 0);
4442 I915_WRITE(PRB0_HEAD, 0);
4444 /* Initialize the ring. */
4445 I915_WRITE(PRB0_START, obj_priv->gtt_offset);
4446 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4448 /* G45 ring initialization fails to reset head to zero */
4450 DRM_ERROR("Ring head not reset to zero "
4451 "ctl %08x head %08x tail %08x start %08x\n",
4452 I915_READ(PRB0_CTL),
4453 I915_READ(PRB0_HEAD),
4454 I915_READ(PRB0_TAIL),
4455 I915_READ(PRB0_START));
4456 I915_WRITE(PRB0_HEAD, 0);
4458 DRM_ERROR("Ring head forced to zero "
4459 "ctl %08x head %08x tail %08x start %08x\n",
4460 I915_READ(PRB0_CTL),
4461 I915_READ(PRB0_HEAD),
4462 I915_READ(PRB0_TAIL),
4463 I915_READ(PRB0_START));
4466 I915_WRITE(PRB0_CTL,
4467 ((obj->size - 4096) & RING_NR_PAGES) |
4471 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4473 /* If the head is still not zero, the ring is dead */
4475 DRM_ERROR("Ring initialization failed "
4476 "ctl %08x head %08x tail %08x start %08x\n",
4477 I915_READ(PRB0_CTL),
4478 I915_READ(PRB0_HEAD),
4479 I915_READ(PRB0_TAIL),
4480 I915_READ(PRB0_START));
4484 /* Update our cache of the ring state */
4485 if (!drm_core_check_feature(dev, DRIVER_MODESET))
4486 i915_kernel_lost_context(dev);
4488 ring->head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4489 ring->tail = I915_READ(PRB0_TAIL) & TAIL_ADDR;
4490 ring->space = ring->head - (ring->tail + 8);
4491 if (ring->space < 0)
4492 ring->space += ring->Size;
4499 i915_gem_cleanup_ringbuffer(struct drm_device *dev)
4501 drm_i915_private_t *dev_priv = dev->dev_private;
4503 if (dev_priv->ring.ring_obj == NULL)
4506 drm_core_ioremapfree(&dev_priv->ring.map, dev);
4508 i915_gem_object_unpin(dev_priv->ring.ring_obj);
4509 drm_gem_object_unreference(dev_priv->ring.ring_obj);
4510 dev_priv->ring.ring_obj = NULL;
4511 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
4513 i915_gem_cleanup_hws(dev);
4517 i915_gem_entervt_ioctl(struct drm_device *dev, void *data,
4518 struct drm_file *file_priv)
4520 drm_i915_private_t *dev_priv = dev->dev_private;
4523 if (drm_core_check_feature(dev, DRIVER_MODESET))
4526 if (atomic_read(&dev_priv->mm.wedged)) {
4527 DRM_ERROR("Reenabling wedged hardware, good luck\n");
4528 atomic_set(&dev_priv->mm.wedged, 0);
4531 mutex_lock(&dev->struct_mutex);
4532 dev_priv->mm.suspended = 0;
4534 ret = i915_gem_init_ringbuffer(dev);
4536 mutex_unlock(&dev->struct_mutex);
4540 spin_lock(&dev_priv->mm.active_list_lock);
4541 BUG_ON(!list_empty(&dev_priv->mm.active_list));
4542 spin_unlock(&dev_priv->mm.active_list_lock);
4544 BUG_ON(!list_empty(&dev_priv->mm.flushing_list));
4545 BUG_ON(!list_empty(&dev_priv->mm.inactive_list));
4546 BUG_ON(!list_empty(&dev_priv->mm.request_list));
4547 mutex_unlock(&dev->struct_mutex);
4549 drm_irq_install(dev);
4555 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data,
4556 struct drm_file *file_priv)
4560 if (drm_core_check_feature(dev, DRIVER_MODESET))
4563 ret = i915_gem_idle(dev);
4564 drm_irq_uninstall(dev);
4570 i915_gem_lastclose(struct drm_device *dev)
4574 if (drm_core_check_feature(dev, DRIVER_MODESET))
4577 ret = i915_gem_idle(dev);
4579 DRM_ERROR("failed to idle hardware: %d\n", ret);
4583 i915_gem_load(struct drm_device *dev)
4586 drm_i915_private_t *dev_priv = dev->dev_private;
4588 spin_lock_init(&dev_priv->mm.active_list_lock);
4589 INIT_LIST_HEAD(&dev_priv->mm.active_list);
4590 INIT_LIST_HEAD(&dev_priv->mm.flushing_list);
4591 INIT_LIST_HEAD(&dev_priv->mm.inactive_list);
4592 INIT_LIST_HEAD(&dev_priv->mm.request_list);
4593 INIT_LIST_HEAD(&dev_priv->mm.fence_list);
4594 INIT_DELAYED_WORK(&dev_priv->mm.retire_work,
4595 i915_gem_retire_work_handler);
4596 dev_priv->mm.next_gem_seqno = 1;
4598 spin_lock(&shrink_list_lock);
4599 list_add(&dev_priv->mm.shrink_list, &shrink_list);
4600 spin_unlock(&shrink_list_lock);
4602 /* Old X drivers will take 0-2 for front, back, depth buffers */
4603 dev_priv->fence_reg_start = 3;
4605 if (IS_I965G(dev) || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4606 dev_priv->num_fence_regs = 16;
4608 dev_priv->num_fence_regs = 8;
4610 /* Initialize fence registers to zero */
4611 if (IS_I965G(dev)) {
4612 for (i = 0; i < 16; i++)
4613 I915_WRITE64(FENCE_REG_965_0 + (i * 8), 0);
4615 for (i = 0; i < 8; i++)
4616 I915_WRITE(FENCE_REG_830_0 + (i * 4), 0);
4617 if (IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4618 for (i = 0; i < 8; i++)
4619 I915_WRITE(FENCE_REG_945_8 + (i * 4), 0);
4622 i915_gem_detect_bit_6_swizzle(dev);
4626 * Create a physically contiguous memory object for this object
4627 * e.g. for cursor + overlay regs
4629 int i915_gem_init_phys_object(struct drm_device *dev,
4632 drm_i915_private_t *dev_priv = dev->dev_private;
4633 struct drm_i915_gem_phys_object *phys_obj;
4636 if (dev_priv->mm.phys_objs[id - 1] || !size)
4639 phys_obj = kzalloc(sizeof(struct drm_i915_gem_phys_object), GFP_KERNEL);
4645 phys_obj->handle = drm_pci_alloc(dev, size, 0, 0xffffffff);
4646 if (!phys_obj->handle) {
4651 set_memory_wc((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4654 dev_priv->mm.phys_objs[id - 1] = phys_obj;
4662 void i915_gem_free_phys_object(struct drm_device *dev, int id)
4664 drm_i915_private_t *dev_priv = dev->dev_private;
4665 struct drm_i915_gem_phys_object *phys_obj;
4667 if (!dev_priv->mm.phys_objs[id - 1])
4670 phys_obj = dev_priv->mm.phys_objs[id - 1];
4671 if (phys_obj->cur_obj) {
4672 i915_gem_detach_phys_object(dev, phys_obj->cur_obj);
4676 set_memory_wb((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4678 drm_pci_free(dev, phys_obj->handle);
4680 dev_priv->mm.phys_objs[id - 1] = NULL;
4683 void i915_gem_free_all_phys_object(struct drm_device *dev)
4687 for (i = I915_GEM_PHYS_CURSOR_0; i <= I915_MAX_PHYS_OBJECT; i++)
4688 i915_gem_free_phys_object(dev, i);
4691 void i915_gem_detach_phys_object(struct drm_device *dev,
4692 struct drm_gem_object *obj)
4694 struct drm_i915_gem_object *obj_priv;
4699 obj_priv = obj->driver_private;
4700 if (!obj_priv->phys_obj)
4703 ret = i915_gem_object_get_pages(obj);
4707 page_count = obj->size / PAGE_SIZE;
4709 for (i = 0; i < page_count; i++) {
4710 char *dst = kmap_atomic(obj_priv->pages[i], KM_USER0);
4711 char *src = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4713 memcpy(dst, src, PAGE_SIZE);
4714 kunmap_atomic(dst, KM_USER0);
4716 drm_clflush_pages(obj_priv->pages, page_count);
4717 drm_agp_chipset_flush(dev);
4719 i915_gem_object_put_pages(obj);
4721 obj_priv->phys_obj->cur_obj = NULL;
4722 obj_priv->phys_obj = NULL;
4726 i915_gem_attach_phys_object(struct drm_device *dev,
4727 struct drm_gem_object *obj, int id)
4729 drm_i915_private_t *dev_priv = dev->dev_private;
4730 struct drm_i915_gem_object *obj_priv;
4735 if (id > I915_MAX_PHYS_OBJECT)
4738 obj_priv = obj->driver_private;
4740 if (obj_priv->phys_obj) {
4741 if (obj_priv->phys_obj->id == id)
4743 i915_gem_detach_phys_object(dev, obj);
4747 /* create a new object */
4748 if (!dev_priv->mm.phys_objs[id - 1]) {
4749 ret = i915_gem_init_phys_object(dev, id,
4752 DRM_ERROR("failed to init phys object %d size: %zu\n", id, obj->size);
4757 /* bind to the object */
4758 obj_priv->phys_obj = dev_priv->mm.phys_objs[id - 1];
4759 obj_priv->phys_obj->cur_obj = obj;
4761 ret = i915_gem_object_get_pages(obj);
4763 DRM_ERROR("failed to get page list\n");
4767 page_count = obj->size / PAGE_SIZE;
4769 for (i = 0; i < page_count; i++) {
4770 char *src = kmap_atomic(obj_priv->pages[i], KM_USER0);
4771 char *dst = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4773 memcpy(dst, src, PAGE_SIZE);
4774 kunmap_atomic(src, KM_USER0);
4777 i915_gem_object_put_pages(obj);
4785 i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
4786 struct drm_i915_gem_pwrite *args,
4787 struct drm_file *file_priv)
4789 struct drm_i915_gem_object *obj_priv = obj->driver_private;
4792 char __user *user_data;
4794 user_data = (char __user *) (uintptr_t) args->data_ptr;
4795 obj_addr = obj_priv->phys_obj->handle->vaddr + args->offset;
4797 DRM_DEBUG("obj_addr %p, %lld\n", obj_addr, args->size);
4798 ret = copy_from_user(obj_addr, user_data, args->size);
4802 drm_agp_chipset_flush(dev);
4806 void i915_gem_release(struct drm_device * dev, struct drm_file *file_priv)
4808 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
4810 /* Clean up our request list when the client is going away, so that
4811 * later retire_requests won't dereference our soon-to-be-gone
4814 mutex_lock(&dev->struct_mutex);
4815 while (!list_empty(&i915_file_priv->mm.request_list))
4816 list_del_init(i915_file_priv->mm.request_list.next);
4817 mutex_unlock(&dev->struct_mutex);
4820 /* Immediately discard the backing storage */
4822 i915_gem_object_truncate(struct drm_gem_object *obj)
4824 struct inode *inode;
4826 inode = obj->filp->f_path.dentry->d_inode;
4828 mutex_lock(&inode->i_mutex);
4829 truncate_inode_pages(inode->i_mapping, 0);
4830 mutex_unlock(&inode->i_mutex);
4834 i915_gem_shrink(int nr_to_scan, gfp_t gfp_mask)
4836 drm_i915_private_t *dev_priv, *next_dev;
4837 struct drm_i915_gem_object *obj_priv, *next_obj;
4839 int would_deadlock = 1;
4841 /* "fast-path" to count number of available objects */
4842 if (nr_to_scan == 0) {
4843 spin_lock(&shrink_list_lock);
4844 list_for_each_entry(dev_priv, &shrink_list, mm.shrink_list) {
4845 struct drm_device *dev = dev_priv->dev;
4847 if (mutex_trylock(&dev->struct_mutex)) {
4848 list_for_each_entry(obj_priv,
4849 &dev_priv->mm.inactive_list,
4852 mutex_unlock(&dev->struct_mutex);
4855 spin_unlock(&shrink_list_lock);
4857 return (cnt / 100) * sysctl_vfs_cache_pressure;
4860 spin_lock(&shrink_list_lock);
4862 /* first scan for clean buffers */
4863 list_for_each_entry_safe(dev_priv, next_dev,
4864 &shrink_list, mm.shrink_list) {
4865 struct drm_device *dev = dev_priv->dev;
4867 if (! mutex_trylock(&dev->struct_mutex))
4870 spin_unlock(&shrink_list_lock);
4872 i915_gem_retire_requests(dev);
4874 list_for_each_entry_safe(obj_priv, next_obj,
4875 &dev_priv->mm.inactive_list,
4877 if (i915_gem_object_is_purgeable(obj_priv)) {
4878 struct drm_gem_object *obj = obj_priv->obj;
4879 i915_gem_object_unbind(obj);
4880 i915_gem_object_truncate(obj);
4882 if (--nr_to_scan <= 0)
4887 spin_lock(&shrink_list_lock);
4888 mutex_unlock(&dev->struct_mutex);
4890 if (nr_to_scan <= 0)
4894 /* second pass, evict/count anything still on the inactive list */
4895 list_for_each_entry_safe(dev_priv, next_dev,
4896 &shrink_list, mm.shrink_list) {
4897 struct drm_device *dev = dev_priv->dev;
4899 if (! mutex_trylock(&dev->struct_mutex))
4902 spin_unlock(&shrink_list_lock);
4904 list_for_each_entry_safe(obj_priv, next_obj,
4905 &dev_priv->mm.inactive_list,
4907 if (nr_to_scan > 0) {
4908 struct drm_gem_object *obj = obj_priv->obj;
4909 i915_gem_object_unbind(obj);
4910 if (i915_gem_object_is_purgeable(obj_priv))
4911 i915_gem_object_truncate(obj);
4918 spin_lock(&shrink_list_lock);
4919 mutex_unlock(&dev->struct_mutex);
4924 spin_unlock(&shrink_list_lock);
4929 return (cnt / 100) * sysctl_vfs_cache_pressure;
4934 static struct shrinker shrinker = {
4935 .shrink = i915_gem_shrink,
4936 .seeks = DEFAULT_SEEKS,
4940 i915_gem_shrinker_init(void)
4942 register_shrinker(&shrinker);
4946 i915_gem_shrinker_exit(void)
4948 unregister_shrinker(&shrinker);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob