2 * Copyright © 2008 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
32 #include "intel_drv.h"
33 #include <linux/swap.h>
34 #include <linux/pci.h>
36 #define I915_GEM_GPU_DOMAINS (~(I915_GEM_DOMAIN_CPU | I915_GEM_DOMAIN_GTT))
38 static void i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj);
39 static void i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj);
40 static void i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj);
41 static int i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj,
43 static int i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
46 static void i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj);
47 static int i915_gem_object_wait_rendering(struct drm_gem_object *obj);
48 static int i915_gem_object_bind_to_gtt(struct drm_gem_object *obj,
50 static void i915_gem_clear_fence_reg(struct drm_gem_object *obj);
51 static int i915_gem_evict_something(struct drm_device *dev);
52 static int i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
53 struct drm_i915_gem_pwrite *args,
54 struct drm_file *file_priv);
56 int i915_gem_do_init(struct drm_device *dev, unsigned long start,
59 drm_i915_private_t *dev_priv = dev->dev_private;
62 (start & (PAGE_SIZE - 1)) != 0 ||
63 (end & (PAGE_SIZE - 1)) != 0) {
67 drm_mm_init(&dev_priv->mm.gtt_space, start,
70 dev->gtt_total = (uint32_t) (end - start);
76 i915_gem_init_ioctl(struct drm_device *dev, void *data,
77 struct drm_file *file_priv)
79 struct drm_i915_gem_init *args = data;
82 mutex_lock(&dev->struct_mutex);
83 ret = i915_gem_do_init(dev, args->gtt_start, args->gtt_end);
84 mutex_unlock(&dev->struct_mutex);
90 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data,
91 struct drm_file *file_priv)
93 struct drm_i915_gem_get_aperture *args = data;
95 if (!(dev->driver->driver_features & DRIVER_GEM))
98 args->aper_size = dev->gtt_total;
99 args->aper_available_size = (args->aper_size -
100 atomic_read(&dev->pin_memory));
107 * Creates a new mm object and returns a handle to it.
110 i915_gem_create_ioctl(struct drm_device *dev, void *data,
111 struct drm_file *file_priv)
113 struct drm_i915_gem_create *args = data;
114 struct drm_gem_object *obj;
118 args->size = roundup(args->size, PAGE_SIZE);
120 /* Allocate the new object */
121 obj = drm_gem_object_alloc(dev, args->size);
125 ret = drm_gem_handle_create(file_priv, obj, &handle);
126 mutex_lock(&dev->struct_mutex);
127 drm_gem_object_handle_unreference(obj);
128 mutex_unlock(&dev->struct_mutex);
133 args->handle = handle;
139 fast_shmem_read(struct page **pages,
140 loff_t page_base, int page_offset,
147 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT], KM_USER0);
150 unwritten = __copy_to_user_inatomic(data, vaddr + page_offset, length);
151 kunmap_atomic(vaddr, KM_USER0);
159 static int i915_gem_object_needs_bit17_swizzle(struct drm_gem_object *obj)
161 drm_i915_private_t *dev_priv = obj->dev->dev_private;
162 struct drm_i915_gem_object *obj_priv = obj->driver_private;
164 return dev_priv->mm.bit_6_swizzle_x == I915_BIT_6_SWIZZLE_9_10_17 &&
165 obj_priv->tiling_mode != I915_TILING_NONE;
169 slow_shmem_copy(struct page *dst_page,
171 struct page *src_page,
175 char *dst_vaddr, *src_vaddr;
177 dst_vaddr = kmap_atomic(dst_page, KM_USER0);
178 if (dst_vaddr == NULL)
181 src_vaddr = kmap_atomic(src_page, KM_USER1);
182 if (src_vaddr == NULL) {
183 kunmap_atomic(dst_vaddr, KM_USER0);
187 memcpy(dst_vaddr + dst_offset, src_vaddr + src_offset, length);
189 kunmap_atomic(src_vaddr, KM_USER1);
190 kunmap_atomic(dst_vaddr, KM_USER0);
196 slow_shmem_bit17_copy(struct page *gpu_page,
198 struct page *cpu_page,
203 char *gpu_vaddr, *cpu_vaddr;
205 /* Use the unswizzled path if this page isn't affected. */
206 if ((page_to_phys(gpu_page) & (1 << 17)) == 0) {
208 return slow_shmem_copy(cpu_page, cpu_offset,
209 gpu_page, gpu_offset, length);
211 return slow_shmem_copy(gpu_page, gpu_offset,
212 cpu_page, cpu_offset, length);
215 gpu_vaddr = kmap_atomic(gpu_page, KM_USER0);
216 if (gpu_vaddr == NULL)
219 cpu_vaddr = kmap_atomic(cpu_page, KM_USER1);
220 if (cpu_vaddr == NULL) {
221 kunmap_atomic(gpu_vaddr, KM_USER0);
225 /* Copy the data, XORing A6 with A17 (1). The user already knows he's
226 * XORing with the other bits (A9 for Y, A9 and A10 for X)
229 int cacheline_end = ALIGN(gpu_offset + 1, 64);
230 int this_length = min(cacheline_end - gpu_offset, length);
231 int swizzled_gpu_offset = gpu_offset ^ 64;
234 memcpy(cpu_vaddr + cpu_offset,
235 gpu_vaddr + swizzled_gpu_offset,
238 memcpy(gpu_vaddr + swizzled_gpu_offset,
239 cpu_vaddr + cpu_offset,
242 cpu_offset += this_length;
243 gpu_offset += this_length;
244 length -= this_length;
247 kunmap_atomic(cpu_vaddr, KM_USER1);
248 kunmap_atomic(gpu_vaddr, KM_USER0);
254 * This is the fast shmem pread path, which attempts to copy_from_user directly
255 * from the backing pages of the object to the user's address space. On a
256 * fault, it fails so we can fall back to i915_gem_shmem_pwrite_slow().
259 i915_gem_shmem_pread_fast(struct drm_device *dev, struct drm_gem_object *obj,
260 struct drm_i915_gem_pread *args,
261 struct drm_file *file_priv)
263 struct drm_i915_gem_object *obj_priv = obj->driver_private;
265 loff_t offset, page_base;
266 char __user *user_data;
267 int page_offset, page_length;
270 user_data = (char __user *) (uintptr_t) args->data_ptr;
273 mutex_lock(&dev->struct_mutex);
275 ret = i915_gem_object_get_pages(obj);
279 ret = i915_gem_object_set_cpu_read_domain_range(obj, args->offset,
284 obj_priv = obj->driver_private;
285 offset = args->offset;
288 /* Operation in this page
290 * page_base = page offset within aperture
291 * page_offset = offset within page
292 * page_length = bytes to copy for this page
294 page_base = (offset & ~(PAGE_SIZE-1));
295 page_offset = offset & (PAGE_SIZE-1);
296 page_length = remain;
297 if ((page_offset + remain) > PAGE_SIZE)
298 page_length = PAGE_SIZE - page_offset;
300 ret = fast_shmem_read(obj_priv->pages,
301 page_base, page_offset,
302 user_data, page_length);
306 remain -= page_length;
307 user_data += page_length;
308 offset += page_length;
312 i915_gem_object_put_pages(obj);
314 mutex_unlock(&dev->struct_mutex);
320 * This is the fallback shmem pread path, which allocates temporary storage
321 * in kernel space to copy_to_user into outside of the struct_mutex, so we
322 * can copy out of the object's backing pages while holding the struct mutex
323 * and not take page faults.
326 i915_gem_shmem_pread_slow(struct drm_device *dev, struct drm_gem_object *obj,
327 struct drm_i915_gem_pread *args,
328 struct drm_file *file_priv)
330 struct drm_i915_gem_object *obj_priv = obj->driver_private;
331 struct mm_struct *mm = current->mm;
332 struct page **user_pages;
334 loff_t offset, pinned_pages, i;
335 loff_t first_data_page, last_data_page, num_pages;
336 int shmem_page_index, shmem_page_offset;
337 int data_page_index, data_page_offset;
340 uint64_t data_ptr = args->data_ptr;
341 int do_bit17_swizzling;
345 /* Pin the user pages containing the data. We can't fault while
346 * holding the struct mutex, yet we want to hold it while
347 * dereferencing the user data.
349 first_data_page = data_ptr / PAGE_SIZE;
350 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
351 num_pages = last_data_page - first_data_page + 1;
353 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
354 if (user_pages == NULL)
357 down_read(&mm->mmap_sem);
358 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
359 num_pages, 1, 0, user_pages, NULL);
360 up_read(&mm->mmap_sem);
361 if (pinned_pages < num_pages) {
363 goto fail_put_user_pages;
366 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
368 mutex_lock(&dev->struct_mutex);
370 ret = i915_gem_object_get_pages(obj);
374 ret = i915_gem_object_set_cpu_read_domain_range(obj, args->offset,
379 obj_priv = obj->driver_private;
380 offset = args->offset;
383 /* Operation in this page
385 * shmem_page_index = page number within shmem file
386 * shmem_page_offset = offset within page in shmem file
387 * data_page_index = page number in get_user_pages return
388 * data_page_offset = offset with data_page_index page.
389 * page_length = bytes to copy for this page
391 shmem_page_index = offset / PAGE_SIZE;
392 shmem_page_offset = offset & ~PAGE_MASK;
393 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
394 data_page_offset = data_ptr & ~PAGE_MASK;
396 page_length = remain;
397 if ((shmem_page_offset + page_length) > PAGE_SIZE)
398 page_length = PAGE_SIZE - shmem_page_offset;
399 if ((data_page_offset + page_length) > PAGE_SIZE)
400 page_length = PAGE_SIZE - data_page_offset;
402 if (do_bit17_swizzling) {
403 ret = slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
405 user_pages[data_page_index],
410 ret = slow_shmem_copy(user_pages[data_page_index],
412 obj_priv->pages[shmem_page_index],
419 remain -= page_length;
420 data_ptr += page_length;
421 offset += page_length;
425 i915_gem_object_put_pages(obj);
427 mutex_unlock(&dev->struct_mutex);
429 for (i = 0; i < pinned_pages; i++) {
430 SetPageDirty(user_pages[i]);
431 page_cache_release(user_pages[i]);
433 drm_free_large(user_pages);
439 * Reads data from the object referenced by handle.
441 * On error, the contents of *data are undefined.
444 i915_gem_pread_ioctl(struct drm_device *dev, void *data,
445 struct drm_file *file_priv)
447 struct drm_i915_gem_pread *args = data;
448 struct drm_gem_object *obj;
449 struct drm_i915_gem_object *obj_priv;
452 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
455 obj_priv = obj->driver_private;
457 /* Bounds check source.
459 * XXX: This could use review for overflow issues...
461 if (args->offset > obj->size || args->size > obj->size ||
462 args->offset + args->size > obj->size) {
463 drm_gem_object_unreference(obj);
467 if (i915_gem_object_needs_bit17_swizzle(obj)) {
468 ret = i915_gem_shmem_pread_slow(dev, obj, args, file_priv);
470 ret = i915_gem_shmem_pread_fast(dev, obj, args, file_priv);
472 ret = i915_gem_shmem_pread_slow(dev, obj, args,
476 drm_gem_object_unreference(obj);
481 /* This is the fast write path which cannot handle
482 * page faults in the source data
486 fast_user_write(struct io_mapping *mapping,
487 loff_t page_base, int page_offset,
488 char __user *user_data,
492 unsigned long unwritten;
494 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base);
495 unwritten = __copy_from_user_inatomic_nocache(vaddr_atomic + page_offset,
497 io_mapping_unmap_atomic(vaddr_atomic);
503 /* Here's the write path which can sleep for
508 slow_kernel_write(struct io_mapping *mapping,
509 loff_t gtt_base, int gtt_offset,
510 struct page *user_page, int user_offset,
513 char *src_vaddr, *dst_vaddr;
514 unsigned long unwritten;
516 dst_vaddr = io_mapping_map_atomic_wc(mapping, gtt_base);
517 src_vaddr = kmap_atomic(user_page, KM_USER1);
518 unwritten = __copy_from_user_inatomic_nocache(dst_vaddr + gtt_offset,
519 src_vaddr + user_offset,
521 kunmap_atomic(src_vaddr, KM_USER1);
522 io_mapping_unmap_atomic(dst_vaddr);
529 fast_shmem_write(struct page **pages,
530 loff_t page_base, int page_offset,
535 unsigned long unwritten;
537 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT], KM_USER0);
540 unwritten = __copy_from_user_inatomic(vaddr + page_offset, data, length);
541 kunmap_atomic(vaddr, KM_USER0);
549 * This is the fast pwrite path, where we copy the data directly from the
550 * user into the GTT, uncached.
553 i915_gem_gtt_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
554 struct drm_i915_gem_pwrite *args,
555 struct drm_file *file_priv)
557 struct drm_i915_gem_object *obj_priv = obj->driver_private;
558 drm_i915_private_t *dev_priv = dev->dev_private;
560 loff_t offset, page_base;
561 char __user *user_data;
562 int page_offset, page_length;
565 user_data = (char __user *) (uintptr_t) args->data_ptr;
567 if (!access_ok(VERIFY_READ, user_data, remain))
571 mutex_lock(&dev->struct_mutex);
572 ret = i915_gem_object_pin(obj, 0);
574 mutex_unlock(&dev->struct_mutex);
577 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
581 obj_priv = obj->driver_private;
582 offset = obj_priv->gtt_offset + args->offset;
585 /* Operation in this page
587 * page_base = page offset within aperture
588 * page_offset = offset within page
589 * page_length = bytes to copy for this page
591 page_base = (offset & ~(PAGE_SIZE-1));
592 page_offset = offset & (PAGE_SIZE-1);
593 page_length = remain;
594 if ((page_offset + remain) > PAGE_SIZE)
595 page_length = PAGE_SIZE - page_offset;
597 ret = fast_user_write (dev_priv->mm.gtt_mapping, page_base,
598 page_offset, user_data, page_length);
600 /* If we get a fault while copying data, then (presumably) our
601 * source page isn't available. Return the error and we'll
602 * retry in the slow path.
607 remain -= page_length;
608 user_data += page_length;
609 offset += page_length;
613 i915_gem_object_unpin(obj);
614 mutex_unlock(&dev->struct_mutex);
620 * This is the fallback GTT pwrite path, which uses get_user_pages to pin
621 * the memory and maps it using kmap_atomic for copying.
623 * This code resulted in x11perf -rgb10text consuming about 10% more CPU
624 * than using i915_gem_gtt_pwrite_fast on a G45 (32-bit).
627 i915_gem_gtt_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
628 struct drm_i915_gem_pwrite *args,
629 struct drm_file *file_priv)
631 struct drm_i915_gem_object *obj_priv = obj->driver_private;
632 drm_i915_private_t *dev_priv = dev->dev_private;
634 loff_t gtt_page_base, offset;
635 loff_t first_data_page, last_data_page, num_pages;
636 loff_t pinned_pages, i;
637 struct page **user_pages;
638 struct mm_struct *mm = current->mm;
639 int gtt_page_offset, data_page_offset, data_page_index, page_length;
641 uint64_t data_ptr = args->data_ptr;
645 /* Pin the user pages containing the data. We can't fault while
646 * holding the struct mutex, and all of the pwrite implementations
647 * want to hold it while dereferencing the user data.
649 first_data_page = data_ptr / PAGE_SIZE;
650 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
651 num_pages = last_data_page - first_data_page + 1;
653 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
654 if (user_pages == NULL)
657 down_read(&mm->mmap_sem);
658 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
659 num_pages, 0, 0, user_pages, NULL);
660 up_read(&mm->mmap_sem);
661 if (pinned_pages < num_pages) {
663 goto out_unpin_pages;
666 mutex_lock(&dev->struct_mutex);
667 ret = i915_gem_object_pin(obj, 0);
671 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
673 goto out_unpin_object;
675 obj_priv = obj->driver_private;
676 offset = obj_priv->gtt_offset + args->offset;
679 /* Operation in this page
681 * gtt_page_base = page offset within aperture
682 * gtt_page_offset = offset within page in aperture
683 * data_page_index = page number in get_user_pages return
684 * data_page_offset = offset with data_page_index page.
685 * page_length = bytes to copy for this page
687 gtt_page_base = offset & PAGE_MASK;
688 gtt_page_offset = offset & ~PAGE_MASK;
689 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
690 data_page_offset = data_ptr & ~PAGE_MASK;
692 page_length = remain;
693 if ((gtt_page_offset + page_length) > PAGE_SIZE)
694 page_length = PAGE_SIZE - gtt_page_offset;
695 if ((data_page_offset + page_length) > PAGE_SIZE)
696 page_length = PAGE_SIZE - data_page_offset;
698 ret = slow_kernel_write(dev_priv->mm.gtt_mapping,
699 gtt_page_base, gtt_page_offset,
700 user_pages[data_page_index],
704 /* If we get a fault while copying data, then (presumably) our
705 * source page isn't available. Return the error and we'll
706 * retry in the slow path.
709 goto out_unpin_object;
711 remain -= page_length;
712 offset += page_length;
713 data_ptr += page_length;
717 i915_gem_object_unpin(obj);
719 mutex_unlock(&dev->struct_mutex);
721 for (i = 0; i < pinned_pages; i++)
722 page_cache_release(user_pages[i]);
723 drm_free_large(user_pages);
729 * This is the fast shmem pwrite path, which attempts to directly
730 * copy_from_user into the kmapped pages backing the object.
733 i915_gem_shmem_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
734 struct drm_i915_gem_pwrite *args,
735 struct drm_file *file_priv)
737 struct drm_i915_gem_object *obj_priv = obj->driver_private;
739 loff_t offset, page_base;
740 char __user *user_data;
741 int page_offset, page_length;
744 user_data = (char __user *) (uintptr_t) args->data_ptr;
747 mutex_lock(&dev->struct_mutex);
749 ret = i915_gem_object_get_pages(obj);
753 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
757 obj_priv = obj->driver_private;
758 offset = args->offset;
762 /* Operation in this page
764 * page_base = page offset within aperture
765 * page_offset = offset within page
766 * page_length = bytes to copy for this page
768 page_base = (offset & ~(PAGE_SIZE-1));
769 page_offset = offset & (PAGE_SIZE-1);
770 page_length = remain;
771 if ((page_offset + remain) > PAGE_SIZE)
772 page_length = PAGE_SIZE - page_offset;
774 ret = fast_shmem_write(obj_priv->pages,
775 page_base, page_offset,
776 user_data, page_length);
780 remain -= page_length;
781 user_data += page_length;
782 offset += page_length;
786 i915_gem_object_put_pages(obj);
788 mutex_unlock(&dev->struct_mutex);
794 * This is the fallback shmem pwrite path, which uses get_user_pages to pin
795 * the memory and maps it using kmap_atomic for copying.
797 * This avoids taking mmap_sem for faulting on the user's address while the
798 * struct_mutex is held.
801 i915_gem_shmem_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
802 struct drm_i915_gem_pwrite *args,
803 struct drm_file *file_priv)
805 struct drm_i915_gem_object *obj_priv = obj->driver_private;
806 struct mm_struct *mm = current->mm;
807 struct page **user_pages;
809 loff_t offset, pinned_pages, i;
810 loff_t first_data_page, last_data_page, num_pages;
811 int shmem_page_index, shmem_page_offset;
812 int data_page_index, data_page_offset;
815 uint64_t data_ptr = args->data_ptr;
816 int do_bit17_swizzling;
820 /* Pin the user pages containing the data. We can't fault while
821 * holding the struct mutex, and all of the pwrite implementations
822 * want to hold it while dereferencing the user data.
824 first_data_page = data_ptr / PAGE_SIZE;
825 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
826 num_pages = last_data_page - first_data_page + 1;
828 user_pages = drm_calloc_large(num_pages, sizeof(struct page *));
829 if (user_pages == NULL)
832 down_read(&mm->mmap_sem);
833 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
834 num_pages, 0, 0, user_pages, NULL);
835 up_read(&mm->mmap_sem);
836 if (pinned_pages < num_pages) {
838 goto fail_put_user_pages;
841 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
843 mutex_lock(&dev->struct_mutex);
845 ret = i915_gem_object_get_pages(obj);
849 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
853 obj_priv = obj->driver_private;
854 offset = args->offset;
858 /* Operation in this page
860 * shmem_page_index = page number within shmem file
861 * shmem_page_offset = offset within page in shmem file
862 * data_page_index = page number in get_user_pages return
863 * data_page_offset = offset with data_page_index page.
864 * page_length = bytes to copy for this page
866 shmem_page_index = offset / PAGE_SIZE;
867 shmem_page_offset = offset & ~PAGE_MASK;
868 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
869 data_page_offset = data_ptr & ~PAGE_MASK;
871 page_length = remain;
872 if ((shmem_page_offset + page_length) > PAGE_SIZE)
873 page_length = PAGE_SIZE - shmem_page_offset;
874 if ((data_page_offset + page_length) > PAGE_SIZE)
875 page_length = PAGE_SIZE - data_page_offset;
877 if (do_bit17_swizzling) {
878 ret = slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
880 user_pages[data_page_index],
885 ret = slow_shmem_copy(obj_priv->pages[shmem_page_index],
887 user_pages[data_page_index],
894 remain -= page_length;
895 data_ptr += page_length;
896 offset += page_length;
900 i915_gem_object_put_pages(obj);
902 mutex_unlock(&dev->struct_mutex);
904 for (i = 0; i < pinned_pages; i++)
905 page_cache_release(user_pages[i]);
906 drm_free_large(user_pages);
912 * Writes data to the object referenced by handle.
914 * On error, the contents of the buffer that were to be modified are undefined.
917 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data,
918 struct drm_file *file_priv)
920 struct drm_i915_gem_pwrite *args = data;
921 struct drm_gem_object *obj;
922 struct drm_i915_gem_object *obj_priv;
925 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
928 obj_priv = obj->driver_private;
930 /* Bounds check destination.
932 * XXX: This could use review for overflow issues...
934 if (args->offset > obj->size || args->size > obj->size ||
935 args->offset + args->size > obj->size) {
936 drm_gem_object_unreference(obj);
940 /* We can only do the GTT pwrite on untiled buffers, as otherwise
941 * it would end up going through the fenced access, and we'll get
942 * different detiling behavior between reading and writing.
943 * pread/pwrite currently are reading and writing from the CPU
944 * perspective, requiring manual detiling by the client.
946 if (obj_priv->phys_obj)
947 ret = i915_gem_phys_pwrite(dev, obj, args, file_priv);
948 else if (obj_priv->tiling_mode == I915_TILING_NONE &&
949 dev->gtt_total != 0) {
950 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file_priv);
951 if (ret == -EFAULT) {
952 ret = i915_gem_gtt_pwrite_slow(dev, obj, args,
955 } else if (i915_gem_object_needs_bit17_swizzle(obj)) {
956 ret = i915_gem_shmem_pwrite_slow(dev, obj, args, file_priv);
958 ret = i915_gem_shmem_pwrite_fast(dev, obj, args, file_priv);
959 if (ret == -EFAULT) {
960 ret = i915_gem_shmem_pwrite_slow(dev, obj, args,
967 DRM_INFO("pwrite failed %d\n", ret);
970 drm_gem_object_unreference(obj);
976 * Called when user space prepares to use an object with the CPU, either
977 * through the mmap ioctl's mapping or a GTT mapping.
980 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data,
981 struct drm_file *file_priv)
983 struct drm_i915_private *dev_priv = dev->dev_private;
984 struct drm_i915_gem_set_domain *args = data;
985 struct drm_gem_object *obj;
986 struct drm_i915_gem_object *obj_priv;
987 uint32_t read_domains = args->read_domains;
988 uint32_t write_domain = args->write_domain;
991 if (!(dev->driver->driver_features & DRIVER_GEM))
994 /* Only handle setting domains to types used by the CPU. */
995 if (write_domain & I915_GEM_GPU_DOMAINS)
998 if (read_domains & I915_GEM_GPU_DOMAINS)
1001 /* Having something in the write domain implies it's in the read
1002 * domain, and only that read domain. Enforce that in the request.
1004 if (write_domain != 0 && read_domains != write_domain)
1007 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1010 obj_priv = obj->driver_private;
1012 mutex_lock(&dev->struct_mutex);
1014 intel_mark_busy(dev, obj);
1017 DRM_INFO("set_domain_ioctl %p(%zd), %08x %08x\n",
1018 obj, obj->size, read_domains, write_domain);
1020 if (read_domains & I915_GEM_DOMAIN_GTT) {
1021 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0);
1023 /* Update the LRU on the fence for the CPU access that's
1026 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
1027 list_move_tail(&obj_priv->fence_list,
1028 &dev_priv->mm.fence_list);
1031 /* Silently promote "you're not bound, there was nothing to do"
1032 * to success, since the client was just asking us to
1033 * make sure everything was done.
1038 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0);
1041 drm_gem_object_unreference(obj);
1042 mutex_unlock(&dev->struct_mutex);
1047 * Called when user space has done writes to this buffer
1050 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data,
1051 struct drm_file *file_priv)
1053 struct drm_i915_gem_sw_finish *args = data;
1054 struct drm_gem_object *obj;
1055 struct drm_i915_gem_object *obj_priv;
1058 if (!(dev->driver->driver_features & DRIVER_GEM))
1061 mutex_lock(&dev->struct_mutex);
1062 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1064 mutex_unlock(&dev->struct_mutex);
1069 DRM_INFO("%s: sw_finish %d (%p %zd)\n",
1070 __func__, args->handle, obj, obj->size);
1072 obj_priv = obj->driver_private;
1074 /* Pinned buffers may be scanout, so flush the cache */
1075 if (obj_priv->pin_count)
1076 i915_gem_object_flush_cpu_write_domain(obj);
1078 drm_gem_object_unreference(obj);
1079 mutex_unlock(&dev->struct_mutex);
1084 * Maps the contents of an object, returning the address it is mapped
1087 * While the mapping holds a reference on the contents of the object, it doesn't
1088 * imply a ref on the object itself.
1091 i915_gem_mmap_ioctl(struct drm_device *dev, void *data,
1092 struct drm_file *file_priv)
1094 struct drm_i915_gem_mmap *args = data;
1095 struct drm_gem_object *obj;
1099 if (!(dev->driver->driver_features & DRIVER_GEM))
1102 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1106 offset = args->offset;
1108 down_write(¤t->mm->mmap_sem);
1109 addr = do_mmap(obj->filp, 0, args->size,
1110 PROT_READ | PROT_WRITE, MAP_SHARED,
1112 up_write(¤t->mm->mmap_sem);
1113 mutex_lock(&dev->struct_mutex);
1114 drm_gem_object_unreference(obj);
1115 mutex_unlock(&dev->struct_mutex);
1116 if (IS_ERR((void *)addr))
1119 args->addr_ptr = (uint64_t) addr;
1125 * i915_gem_fault - fault a page into the GTT
1126 * vma: VMA in question
1129 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped
1130 * from userspace. The fault handler takes care of binding the object to
1131 * the GTT (if needed), allocating and programming a fence register (again,
1132 * only if needed based on whether the old reg is still valid or the object
1133 * is tiled) and inserting a new PTE into the faulting process.
1135 * Note that the faulting process may involve evicting existing objects
1136 * from the GTT and/or fence registers to make room. So performance may
1137 * suffer if the GTT working set is large or there are few fence registers
1140 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1142 struct drm_gem_object *obj = vma->vm_private_data;
1143 struct drm_device *dev = obj->dev;
1144 struct drm_i915_private *dev_priv = dev->dev_private;
1145 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1146 pgoff_t page_offset;
1149 bool write = !!(vmf->flags & FAULT_FLAG_WRITE);
1151 /* We don't use vmf->pgoff since that has the fake offset */
1152 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >>
1155 /* Now bind it into the GTT if needed */
1156 mutex_lock(&dev->struct_mutex);
1157 if (!obj_priv->gtt_space) {
1158 ret = i915_gem_object_bind_to_gtt(obj, obj_priv->gtt_alignment);
1160 mutex_unlock(&dev->struct_mutex);
1161 return VM_FAULT_SIGBUS;
1164 ret = i915_gem_object_set_to_gtt_domain(obj, write);
1166 mutex_unlock(&dev->struct_mutex);
1167 return VM_FAULT_SIGBUS;
1170 list_add_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1173 /* Need a new fence register? */
1174 if (obj_priv->tiling_mode != I915_TILING_NONE) {
1175 ret = i915_gem_object_get_fence_reg(obj);
1177 mutex_unlock(&dev->struct_mutex);
1178 return VM_FAULT_SIGBUS;
1182 pfn = ((dev->agp->base + obj_priv->gtt_offset) >> PAGE_SHIFT) +
1185 /* Finally, remap it using the new GTT offset */
1186 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn);
1188 mutex_unlock(&dev->struct_mutex);
1193 return VM_FAULT_OOM;
1196 return VM_FAULT_SIGBUS;
1198 return VM_FAULT_NOPAGE;
1203 * i915_gem_create_mmap_offset - create a fake mmap offset for an object
1204 * @obj: obj in question
1206 * GEM memory mapping works by handing back to userspace a fake mmap offset
1207 * it can use in a subsequent mmap(2) call. The DRM core code then looks
1208 * up the object based on the offset and sets up the various memory mapping
1211 * This routine allocates and attaches a fake offset for @obj.
1214 i915_gem_create_mmap_offset(struct drm_gem_object *obj)
1216 struct drm_device *dev = obj->dev;
1217 struct drm_gem_mm *mm = dev->mm_private;
1218 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1219 struct drm_map_list *list;
1220 struct drm_local_map *map;
1223 /* Set the object up for mmap'ing */
1224 list = &obj->map_list;
1225 list->map = kzalloc(sizeof(struct drm_map_list), GFP_KERNEL);
1230 map->type = _DRM_GEM;
1231 map->size = obj->size;
1234 /* Get a DRM GEM mmap offset allocated... */
1235 list->file_offset_node = drm_mm_search_free(&mm->offset_manager,
1236 obj->size / PAGE_SIZE, 0, 0);
1237 if (!list->file_offset_node) {
1238 DRM_ERROR("failed to allocate offset for bo %d\n", obj->name);
1243 list->file_offset_node = drm_mm_get_block(list->file_offset_node,
1244 obj->size / PAGE_SIZE, 0);
1245 if (!list->file_offset_node) {
1250 list->hash.key = list->file_offset_node->start;
1251 if (drm_ht_insert_item(&mm->offset_hash, &list->hash)) {
1252 DRM_ERROR("failed to add to map hash\n");
1256 /* By now we should be all set, any drm_mmap request on the offset
1257 * below will get to our mmap & fault handler */
1258 obj_priv->mmap_offset = ((uint64_t) list->hash.key) << PAGE_SHIFT;
1263 drm_mm_put_block(list->file_offset_node);
1271 * i915_gem_release_mmap - remove physical page mappings
1272 * @obj: obj in question
1274 * Preserve the reservation of the mmaping with the DRM core code, but
1275 * relinquish ownership of the pages back to the system.
1277 * It is vital that we remove the page mapping if we have mapped a tiled
1278 * object through the GTT and then lose the fence register due to
1279 * resource pressure. Similarly if the object has been moved out of the
1280 * aperture, than pages mapped into userspace must be revoked. Removing the
1281 * mapping will then trigger a page fault on the next user access, allowing
1282 * fixup by i915_gem_fault().
1285 i915_gem_release_mmap(struct drm_gem_object *obj)
1287 struct drm_device *dev = obj->dev;
1288 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1290 if (dev->dev_mapping)
1291 unmap_mapping_range(dev->dev_mapping,
1292 obj_priv->mmap_offset, obj->size, 1);
1296 i915_gem_free_mmap_offset(struct drm_gem_object *obj)
1298 struct drm_device *dev = obj->dev;
1299 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1300 struct drm_gem_mm *mm = dev->mm_private;
1301 struct drm_map_list *list;
1303 list = &obj->map_list;
1304 drm_ht_remove_item(&mm->offset_hash, &list->hash);
1306 if (list->file_offset_node) {
1307 drm_mm_put_block(list->file_offset_node);
1308 list->file_offset_node = NULL;
1316 obj_priv->mmap_offset = 0;
1320 * i915_gem_get_gtt_alignment - return required GTT alignment for an object
1321 * @obj: object to check
1323 * Return the required GTT alignment for an object, taking into account
1324 * potential fence register mapping if needed.
1327 i915_gem_get_gtt_alignment(struct drm_gem_object *obj)
1329 struct drm_device *dev = obj->dev;
1330 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1334 * Minimum alignment is 4k (GTT page size), but might be greater
1335 * if a fence register is needed for the object.
1337 if (IS_I965G(dev) || obj_priv->tiling_mode == I915_TILING_NONE)
1341 * Previous chips need to be aligned to the size of the smallest
1342 * fence register that can contain the object.
1349 for (i = start; i < obj->size; i <<= 1)
1356 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing
1358 * @data: GTT mapping ioctl data
1359 * @file_priv: GEM object info
1361 * Simply returns the fake offset to userspace so it can mmap it.
1362 * The mmap call will end up in drm_gem_mmap(), which will set things
1363 * up so we can get faults in the handler above.
1365 * The fault handler will take care of binding the object into the GTT
1366 * (since it may have been evicted to make room for something), allocating
1367 * a fence register, and mapping the appropriate aperture address into
1371 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data,
1372 struct drm_file *file_priv)
1374 struct drm_i915_gem_mmap_gtt *args = data;
1375 struct drm_i915_private *dev_priv = dev->dev_private;
1376 struct drm_gem_object *obj;
1377 struct drm_i915_gem_object *obj_priv;
1380 if (!(dev->driver->driver_features & DRIVER_GEM))
1383 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1387 mutex_lock(&dev->struct_mutex);
1389 obj_priv = obj->driver_private;
1391 if (!obj_priv->mmap_offset) {
1392 ret = i915_gem_create_mmap_offset(obj);
1394 drm_gem_object_unreference(obj);
1395 mutex_unlock(&dev->struct_mutex);
1400 args->offset = obj_priv->mmap_offset;
1402 obj_priv->gtt_alignment = i915_gem_get_gtt_alignment(obj);
1404 /* Make sure the alignment is correct for fence regs etc */
1405 if (obj_priv->agp_mem &&
1406 (obj_priv->gtt_offset & (obj_priv->gtt_alignment - 1))) {
1407 drm_gem_object_unreference(obj);
1408 mutex_unlock(&dev->struct_mutex);
1413 * Pull it into the GTT so that we have a page list (makes the
1414 * initial fault faster and any subsequent flushing possible).
1416 if (!obj_priv->agp_mem) {
1417 ret = i915_gem_object_bind_to_gtt(obj, obj_priv->gtt_alignment);
1419 drm_gem_object_unreference(obj);
1420 mutex_unlock(&dev->struct_mutex);
1423 list_add_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1426 drm_gem_object_unreference(obj);
1427 mutex_unlock(&dev->struct_mutex);
1433 i915_gem_object_put_pages(struct drm_gem_object *obj)
1435 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1436 int page_count = obj->size / PAGE_SIZE;
1439 BUG_ON(obj_priv->pages_refcount == 0);
1441 if (--obj_priv->pages_refcount != 0)
1444 if (obj_priv->tiling_mode != I915_TILING_NONE)
1445 i915_gem_object_save_bit_17_swizzle(obj);
1447 for (i = 0; i < page_count; i++)
1448 if (obj_priv->pages[i] != NULL) {
1449 if (obj_priv->dirty)
1450 set_page_dirty(obj_priv->pages[i]);
1451 mark_page_accessed(obj_priv->pages[i]);
1452 page_cache_release(obj_priv->pages[i]);
1454 obj_priv->dirty = 0;
1456 drm_free_large(obj_priv->pages);
1457 obj_priv->pages = NULL;
1461 i915_gem_object_move_to_active(struct drm_gem_object *obj, uint32_t seqno)
1463 struct drm_device *dev = obj->dev;
1464 drm_i915_private_t *dev_priv = dev->dev_private;
1465 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1467 /* Add a reference if we're newly entering the active list. */
1468 if (!obj_priv->active) {
1469 drm_gem_object_reference(obj);
1470 obj_priv->active = 1;
1472 /* Move from whatever list we were on to the tail of execution. */
1473 spin_lock(&dev_priv->mm.active_list_lock);
1474 list_move_tail(&obj_priv->list,
1475 &dev_priv->mm.active_list);
1476 spin_unlock(&dev_priv->mm.active_list_lock);
1477 obj_priv->last_rendering_seqno = seqno;
1481 i915_gem_object_move_to_flushing(struct drm_gem_object *obj)
1483 struct drm_device *dev = obj->dev;
1484 drm_i915_private_t *dev_priv = dev->dev_private;
1485 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1487 BUG_ON(!obj_priv->active);
1488 list_move_tail(&obj_priv->list, &dev_priv->mm.flushing_list);
1489 obj_priv->last_rendering_seqno = 0;
1493 i915_gem_object_move_to_inactive(struct drm_gem_object *obj)
1495 struct drm_device *dev = obj->dev;
1496 drm_i915_private_t *dev_priv = dev->dev_private;
1497 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1499 i915_verify_inactive(dev, __FILE__, __LINE__);
1500 if (obj_priv->pin_count != 0)
1501 list_del_init(&obj_priv->list);
1503 list_move_tail(&obj_priv->list, &dev_priv->mm.inactive_list);
1505 obj_priv->last_rendering_seqno = 0;
1506 if (obj_priv->active) {
1507 obj_priv->active = 0;
1508 drm_gem_object_unreference(obj);
1510 i915_verify_inactive(dev, __FILE__, __LINE__);
1514 * Creates a new sequence number, emitting a write of it to the status page
1515 * plus an interrupt, which will trigger i915_user_interrupt_handler.
1517 * Must be called with struct_lock held.
1519 * Returned sequence numbers are nonzero on success.
1522 i915_add_request(struct drm_device *dev, struct drm_file *file_priv,
1523 uint32_t flush_domains)
1525 drm_i915_private_t *dev_priv = dev->dev_private;
1526 struct drm_i915_file_private *i915_file_priv = NULL;
1527 struct drm_i915_gem_request *request;
1532 if (file_priv != NULL)
1533 i915_file_priv = file_priv->driver_priv;
1535 request = kzalloc(sizeof(*request), GFP_KERNEL);
1536 if (request == NULL)
1539 /* Grab the seqno we're going to make this request be, and bump the
1540 * next (skipping 0 so it can be the reserved no-seqno value).
1542 seqno = dev_priv->mm.next_gem_seqno;
1543 dev_priv->mm.next_gem_seqno++;
1544 if (dev_priv->mm.next_gem_seqno == 0)
1545 dev_priv->mm.next_gem_seqno++;
1548 OUT_RING(MI_STORE_DWORD_INDEX);
1549 OUT_RING(I915_GEM_HWS_INDEX << MI_STORE_DWORD_INDEX_SHIFT);
1552 OUT_RING(MI_USER_INTERRUPT);
1555 DRM_DEBUG("%d\n", seqno);
1557 request->seqno = seqno;
1558 request->emitted_jiffies = jiffies;
1559 was_empty = list_empty(&dev_priv->mm.request_list);
1560 list_add_tail(&request->list, &dev_priv->mm.request_list);
1561 if (i915_file_priv) {
1562 list_add_tail(&request->client_list,
1563 &i915_file_priv->mm.request_list);
1565 INIT_LIST_HEAD(&request->client_list);
1568 /* Associate any objects on the flushing list matching the write
1569 * domain we're flushing with our flush.
1571 if (flush_domains != 0) {
1572 struct drm_i915_gem_object *obj_priv, *next;
1574 list_for_each_entry_safe(obj_priv, next,
1575 &dev_priv->mm.flushing_list, list) {
1576 struct drm_gem_object *obj = obj_priv->obj;
1578 if ((obj->write_domain & flush_domains) ==
1579 obj->write_domain) {
1580 obj->write_domain = 0;
1581 i915_gem_object_move_to_active(obj, seqno);
1587 if (!dev_priv->mm.suspended) {
1588 mod_timer(&dev_priv->hangcheck_timer, jiffies + DRM_I915_HANGCHECK_PERIOD);
1590 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1596 * Command execution barrier
1598 * Ensures that all commands in the ring are finished
1599 * before signalling the CPU
1602 i915_retire_commands(struct drm_device *dev)
1604 drm_i915_private_t *dev_priv = dev->dev_private;
1605 uint32_t cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1606 uint32_t flush_domains = 0;
1609 /* The sampler always gets flushed on i965 (sigh) */
1611 flush_domains |= I915_GEM_DOMAIN_SAMPLER;
1614 OUT_RING(0); /* noop */
1616 return flush_domains;
1620 * Moves buffers associated only with the given active seqno from the active
1621 * to inactive list, potentially freeing them.
1624 i915_gem_retire_request(struct drm_device *dev,
1625 struct drm_i915_gem_request *request)
1627 drm_i915_private_t *dev_priv = dev->dev_private;
1629 /* Move any buffers on the active list that are no longer referenced
1630 * by the ringbuffer to the flushing/inactive lists as appropriate.
1632 spin_lock(&dev_priv->mm.active_list_lock);
1633 while (!list_empty(&dev_priv->mm.active_list)) {
1634 struct drm_gem_object *obj;
1635 struct drm_i915_gem_object *obj_priv;
1637 obj_priv = list_first_entry(&dev_priv->mm.active_list,
1638 struct drm_i915_gem_object,
1640 obj = obj_priv->obj;
1642 /* If the seqno being retired doesn't match the oldest in the
1643 * list, then the oldest in the list must still be newer than
1646 if (obj_priv->last_rendering_seqno != request->seqno)
1650 DRM_INFO("%s: retire %d moves to inactive list %p\n",
1651 __func__, request->seqno, obj);
1654 if (obj->write_domain != 0)
1655 i915_gem_object_move_to_flushing(obj);
1657 /* Take a reference on the object so it won't be
1658 * freed while the spinlock is held. The list
1659 * protection for this spinlock is safe when breaking
1660 * the lock like this since the next thing we do
1661 * is just get the head of the list again.
1663 drm_gem_object_reference(obj);
1664 i915_gem_object_move_to_inactive(obj);
1665 spin_unlock(&dev_priv->mm.active_list_lock);
1666 drm_gem_object_unreference(obj);
1667 spin_lock(&dev_priv->mm.active_list_lock);
1671 spin_unlock(&dev_priv->mm.active_list_lock);
1675 * Returns true if seq1 is later than seq2.
1678 i915_seqno_passed(uint32_t seq1, uint32_t seq2)
1680 return (int32_t)(seq1 - seq2) >= 0;
1684 i915_get_gem_seqno(struct drm_device *dev)
1686 drm_i915_private_t *dev_priv = dev->dev_private;
1688 return READ_HWSP(dev_priv, I915_GEM_HWS_INDEX);
1692 * This function clears the request list as sequence numbers are passed.
1695 i915_gem_retire_requests(struct drm_device *dev)
1697 drm_i915_private_t *dev_priv = dev->dev_private;
1700 if (!dev_priv->hw_status_page)
1703 seqno = i915_get_gem_seqno(dev);
1705 while (!list_empty(&dev_priv->mm.request_list)) {
1706 struct drm_i915_gem_request *request;
1707 uint32_t retiring_seqno;
1709 request = list_first_entry(&dev_priv->mm.request_list,
1710 struct drm_i915_gem_request,
1712 retiring_seqno = request->seqno;
1714 if (i915_seqno_passed(seqno, retiring_seqno) ||
1715 atomic_read(&dev_priv->mm.wedged)) {
1716 i915_gem_retire_request(dev, request);
1718 list_del(&request->list);
1719 list_del(&request->client_list);
1727 i915_gem_retire_work_handler(struct work_struct *work)
1729 drm_i915_private_t *dev_priv;
1730 struct drm_device *dev;
1732 dev_priv = container_of(work, drm_i915_private_t,
1733 mm.retire_work.work);
1734 dev = dev_priv->dev;
1736 mutex_lock(&dev->struct_mutex);
1737 i915_gem_retire_requests(dev);
1738 if (!dev_priv->mm.suspended &&
1739 !list_empty(&dev_priv->mm.request_list))
1740 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1741 mutex_unlock(&dev->struct_mutex);
1745 * Waits for a sequence number to be signaled, and cleans up the
1746 * request and object lists appropriately for that event.
1749 i915_wait_request(struct drm_device *dev, uint32_t seqno)
1751 drm_i915_private_t *dev_priv = dev->dev_private;
1757 if (atomic_read(&dev_priv->mm.wedged))
1760 if (!i915_seqno_passed(i915_get_gem_seqno(dev), seqno)) {
1762 ier = I915_READ(DEIER) | I915_READ(GTIER);
1764 ier = I915_READ(IER);
1766 DRM_ERROR("something (likely vbetool) disabled "
1767 "interrupts, re-enabling\n");
1768 i915_driver_irq_preinstall(dev);
1769 i915_driver_irq_postinstall(dev);
1772 dev_priv->mm.waiting_gem_seqno = seqno;
1773 i915_user_irq_get(dev);
1774 ret = wait_event_interruptible(dev_priv->irq_queue,
1775 i915_seqno_passed(i915_get_gem_seqno(dev),
1777 atomic_read(&dev_priv->mm.wedged));
1778 i915_user_irq_put(dev);
1779 dev_priv->mm.waiting_gem_seqno = 0;
1781 if (atomic_read(&dev_priv->mm.wedged))
1784 if (ret && ret != -ERESTARTSYS)
1785 DRM_ERROR("%s returns %d (awaiting %d at %d)\n",
1786 __func__, ret, seqno, i915_get_gem_seqno(dev));
1788 /* Directly dispatch request retiring. While we have the work queue
1789 * to handle this, the waiter on a request often wants an associated
1790 * buffer to have made it to the inactive list, and we would need
1791 * a separate wait queue to handle that.
1794 i915_gem_retire_requests(dev);
1800 i915_gem_flush(struct drm_device *dev,
1801 uint32_t invalidate_domains,
1802 uint32_t flush_domains)
1804 drm_i915_private_t *dev_priv = dev->dev_private;
1809 DRM_INFO("%s: invalidate %08x flush %08x\n", __func__,
1810 invalidate_domains, flush_domains);
1813 if (flush_domains & I915_GEM_DOMAIN_CPU)
1814 drm_agp_chipset_flush(dev);
1816 if ((invalidate_domains | flush_domains) & I915_GEM_GPU_DOMAINS) {
1818 * read/write caches:
1820 * I915_GEM_DOMAIN_RENDER is always invalidated, but is
1821 * only flushed if MI_NO_WRITE_FLUSH is unset. On 965, it is
1822 * also flushed at 2d versus 3d pipeline switches.
1826 * I915_GEM_DOMAIN_SAMPLER is flushed on pre-965 if
1827 * MI_READ_FLUSH is set, and is always flushed on 965.
1829 * I915_GEM_DOMAIN_COMMAND may not exist?
1831 * I915_GEM_DOMAIN_INSTRUCTION, which exists on 965, is
1832 * invalidated when MI_EXE_FLUSH is set.
1834 * I915_GEM_DOMAIN_VERTEX, which exists on 965, is
1835 * invalidated with every MI_FLUSH.
1839 * On 965, TLBs associated with I915_GEM_DOMAIN_COMMAND
1840 * and I915_GEM_DOMAIN_CPU in are invalidated at PTE write and
1841 * I915_GEM_DOMAIN_RENDER and I915_GEM_DOMAIN_SAMPLER
1842 * are flushed at any MI_FLUSH.
1845 cmd = MI_FLUSH | MI_NO_WRITE_FLUSH;
1846 if ((invalidate_domains|flush_domains) &
1847 I915_GEM_DOMAIN_RENDER)
1848 cmd &= ~MI_NO_WRITE_FLUSH;
1849 if (!IS_I965G(dev)) {
1851 * On the 965, the sampler cache always gets flushed
1852 * and this bit is reserved.
1854 if (invalidate_domains & I915_GEM_DOMAIN_SAMPLER)
1855 cmd |= MI_READ_FLUSH;
1857 if (invalidate_domains & I915_GEM_DOMAIN_INSTRUCTION)
1858 cmd |= MI_EXE_FLUSH;
1861 DRM_INFO("%s: queue flush %08x to ring\n", __func__, cmd);
1865 OUT_RING(0); /* noop */
1871 * Ensures that all rendering to the object has completed and the object is
1872 * safe to unbind from the GTT or access from the CPU.
1875 i915_gem_object_wait_rendering(struct drm_gem_object *obj)
1877 struct drm_device *dev = obj->dev;
1878 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1881 /* This function only exists to support waiting for existing rendering,
1882 * not for emitting required flushes.
1884 BUG_ON((obj->write_domain & I915_GEM_GPU_DOMAINS) != 0);
1886 /* If there is rendering queued on the buffer being evicted, wait for
1889 if (obj_priv->active) {
1891 DRM_INFO("%s: object %p wait for seqno %08x\n",
1892 __func__, obj, obj_priv->last_rendering_seqno);
1894 ret = i915_wait_request(dev, obj_priv->last_rendering_seqno);
1903 * Unbinds an object from the GTT aperture.
1906 i915_gem_object_unbind(struct drm_gem_object *obj)
1908 struct drm_device *dev = obj->dev;
1909 struct drm_i915_gem_object *obj_priv = obj->driver_private;
1913 DRM_INFO("%s:%d %p\n", __func__, __LINE__, obj);
1914 DRM_INFO("gtt_space %p\n", obj_priv->gtt_space);
1916 if (obj_priv->gtt_space == NULL)
1919 if (obj_priv->pin_count != 0) {
1920 DRM_ERROR("Attempting to unbind pinned buffer\n");
1924 /* blow away mappings if mapped through GTT */
1925 i915_gem_release_mmap(obj);
1927 if (obj_priv->fence_reg != I915_FENCE_REG_NONE)
1928 i915_gem_clear_fence_reg(obj);
1930 /* Move the object to the CPU domain to ensure that
1931 * any possible CPU writes while it's not in the GTT
1932 * are flushed when we go to remap it. This will
1933 * also ensure that all pending GPU writes are finished
1936 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
1938 if (ret != -ERESTARTSYS)
1939 DRM_ERROR("set_domain failed: %d\n", ret);
1943 BUG_ON(obj_priv->active);
1945 if (obj_priv->agp_mem != NULL) {
1946 drm_unbind_agp(obj_priv->agp_mem);
1947 drm_free_agp(obj_priv->agp_mem, obj->size / PAGE_SIZE);
1948 obj_priv->agp_mem = NULL;
1951 i915_gem_object_put_pages(obj);
1953 if (obj_priv->gtt_space) {
1954 atomic_dec(&dev->gtt_count);
1955 atomic_sub(obj->size, &dev->gtt_memory);
1957 drm_mm_put_block(obj_priv->gtt_space);
1958 obj_priv->gtt_space = NULL;
1961 /* Remove ourselves from the LRU list if present. */
1962 if (!list_empty(&obj_priv->list))
1963 list_del_init(&obj_priv->list);
1969 i915_gem_evict_something(struct drm_device *dev)
1971 drm_i915_private_t *dev_priv = dev->dev_private;
1972 struct drm_gem_object *obj;
1973 struct drm_i915_gem_object *obj_priv;
1977 /* If there's an inactive buffer available now, grab it
1980 if (!list_empty(&dev_priv->mm.inactive_list)) {
1981 obj_priv = list_first_entry(&dev_priv->mm.inactive_list,
1982 struct drm_i915_gem_object,
1984 obj = obj_priv->obj;
1985 BUG_ON(obj_priv->pin_count != 0);
1987 DRM_INFO("%s: evicting %p\n", __func__, obj);
1989 BUG_ON(obj_priv->active);
1991 /* Wait on the rendering and unbind the buffer. */
1992 ret = i915_gem_object_unbind(obj);
1996 /* If we didn't get anything, but the ring is still processing
1997 * things, wait for one of those things to finish and hopefully
1998 * leave us a buffer to evict.
2000 if (!list_empty(&dev_priv->mm.request_list)) {
2001 struct drm_i915_gem_request *request;
2003 request = list_first_entry(&dev_priv->mm.request_list,
2004 struct drm_i915_gem_request,
2007 ret = i915_wait_request(dev, request->seqno);
2011 /* if waiting caused an object to become inactive,
2012 * then loop around and wait for it. Otherwise, we
2013 * assume that waiting freed and unbound something,
2014 * so there should now be some space in the GTT
2016 if (!list_empty(&dev_priv->mm.inactive_list))
2021 /* If we didn't have anything on the request list but there
2022 * are buffers awaiting a flush, emit one and try again.
2023 * When we wait on it, those buffers waiting for that flush
2024 * will get moved to inactive.
2026 if (!list_empty(&dev_priv->mm.flushing_list)) {
2027 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
2028 struct drm_i915_gem_object,
2030 obj = obj_priv->obj;
2035 i915_add_request(dev, NULL, obj->write_domain);
2041 DRM_ERROR("inactive empty %d request empty %d "
2042 "flushing empty %d\n",
2043 list_empty(&dev_priv->mm.inactive_list),
2044 list_empty(&dev_priv->mm.request_list),
2045 list_empty(&dev_priv->mm.flushing_list));
2046 /* If we didn't do any of the above, there's nothing to be done
2047 * and we just can't fit it in.
2055 i915_gem_evict_everything(struct drm_device *dev)
2060 ret = i915_gem_evict_something(dev);
2070 i915_gem_object_get_pages(struct drm_gem_object *obj)
2072 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2074 struct address_space *mapping;
2075 struct inode *inode;
2079 if (obj_priv->pages_refcount++ != 0)
2082 /* Get the list of pages out of our struct file. They'll be pinned
2083 * at this point until we release them.
2085 page_count = obj->size / PAGE_SIZE;
2086 BUG_ON(obj_priv->pages != NULL);
2087 obj_priv->pages = drm_calloc_large(page_count, sizeof(struct page *));
2088 if (obj_priv->pages == NULL) {
2089 DRM_ERROR("Faled to allocate page list\n");
2090 obj_priv->pages_refcount--;
2094 inode = obj->filp->f_path.dentry->d_inode;
2095 mapping = inode->i_mapping;
2096 for (i = 0; i < page_count; i++) {
2097 page = read_mapping_page(mapping, i, NULL);
2099 ret = PTR_ERR(page);
2100 DRM_ERROR("read_mapping_page failed: %d\n", ret);
2101 i915_gem_object_put_pages(obj);
2104 obj_priv->pages[i] = page;
2107 if (obj_priv->tiling_mode != I915_TILING_NONE)
2108 i915_gem_object_do_bit_17_swizzle(obj);
2113 static void i965_write_fence_reg(struct drm_i915_fence_reg *reg)
2115 struct drm_gem_object *obj = reg->obj;
2116 struct drm_device *dev = obj->dev;
2117 drm_i915_private_t *dev_priv = dev->dev_private;
2118 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2119 int regnum = obj_priv->fence_reg;
2122 val = (uint64_t)((obj_priv->gtt_offset + obj->size - 4096) &
2124 val |= obj_priv->gtt_offset & 0xfffff000;
2125 val |= ((obj_priv->stride / 128) - 1) << I965_FENCE_PITCH_SHIFT;
2126 if (obj_priv->tiling_mode == I915_TILING_Y)
2127 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
2128 val |= I965_FENCE_REG_VALID;
2130 I915_WRITE64(FENCE_REG_965_0 + (regnum * 8), val);
2133 static void i915_write_fence_reg(struct drm_i915_fence_reg *reg)
2135 struct drm_gem_object *obj = reg->obj;
2136 struct drm_device *dev = obj->dev;
2137 drm_i915_private_t *dev_priv = dev->dev_private;
2138 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2139 int regnum = obj_priv->fence_reg;
2141 uint32_t fence_reg, val;
2144 if ((obj_priv->gtt_offset & ~I915_FENCE_START_MASK) ||
2145 (obj_priv->gtt_offset & (obj->size - 1))) {
2146 WARN(1, "%s: object 0x%08x not 1M or size (0x%zx) aligned\n",
2147 __func__, obj_priv->gtt_offset, obj->size);
2151 if (obj_priv->tiling_mode == I915_TILING_Y &&
2152 HAS_128_BYTE_Y_TILING(dev))
2157 /* Note: pitch better be a power of two tile widths */
2158 pitch_val = obj_priv->stride / tile_width;
2159 pitch_val = ffs(pitch_val) - 1;
2161 val = obj_priv->gtt_offset;
2162 if (obj_priv->tiling_mode == I915_TILING_Y)
2163 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2164 val |= I915_FENCE_SIZE_BITS(obj->size);
2165 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2166 val |= I830_FENCE_REG_VALID;
2169 fence_reg = FENCE_REG_830_0 + (regnum * 4);
2171 fence_reg = FENCE_REG_945_8 + ((regnum - 8) * 4);
2172 I915_WRITE(fence_reg, val);
2175 static void i830_write_fence_reg(struct drm_i915_fence_reg *reg)
2177 struct drm_gem_object *obj = reg->obj;
2178 struct drm_device *dev = obj->dev;
2179 drm_i915_private_t *dev_priv = dev->dev_private;
2180 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2181 int regnum = obj_priv->fence_reg;
2184 uint32_t fence_size_bits;
2186 if ((obj_priv->gtt_offset & ~I830_FENCE_START_MASK) ||
2187 (obj_priv->gtt_offset & (obj->size - 1))) {
2188 WARN(1, "%s: object 0x%08x not 512K or size aligned\n",
2189 __func__, obj_priv->gtt_offset);
2193 pitch_val = obj_priv->stride / 128;
2194 pitch_val = ffs(pitch_val) - 1;
2195 WARN_ON(pitch_val > I830_FENCE_MAX_PITCH_VAL);
2197 val = obj_priv->gtt_offset;
2198 if (obj_priv->tiling_mode == I915_TILING_Y)
2199 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2200 fence_size_bits = I830_FENCE_SIZE_BITS(obj->size);
2201 WARN_ON(fence_size_bits & ~0x00000f00);
2202 val |= fence_size_bits;
2203 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2204 val |= I830_FENCE_REG_VALID;
2206 I915_WRITE(FENCE_REG_830_0 + (regnum * 4), val);
2210 * i915_gem_object_get_fence_reg - set up a fence reg for an object
2211 * @obj: object to map through a fence reg
2213 * When mapping objects through the GTT, userspace wants to be able to write
2214 * to them without having to worry about swizzling if the object is tiled.
2216 * This function walks the fence regs looking for a free one for @obj,
2217 * stealing one if it can't find any.
2219 * It then sets up the reg based on the object's properties: address, pitch
2220 * and tiling format.
2223 i915_gem_object_get_fence_reg(struct drm_gem_object *obj)
2225 struct drm_device *dev = obj->dev;
2226 struct drm_i915_private *dev_priv = dev->dev_private;
2227 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2228 struct drm_i915_fence_reg *reg = NULL;
2229 struct drm_i915_gem_object *old_obj_priv = NULL;
2232 /* Just update our place in the LRU if our fence is getting used. */
2233 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
2234 list_move_tail(&obj_priv->fence_list, &dev_priv->mm.fence_list);
2238 switch (obj_priv->tiling_mode) {
2239 case I915_TILING_NONE:
2240 WARN(1, "allocating a fence for non-tiled object?\n");
2243 if (!obj_priv->stride)
2245 WARN((obj_priv->stride & (512 - 1)),
2246 "object 0x%08x is X tiled but has non-512B pitch\n",
2247 obj_priv->gtt_offset);
2250 if (!obj_priv->stride)
2252 WARN((obj_priv->stride & (128 - 1)),
2253 "object 0x%08x is Y tiled but has non-128B pitch\n",
2254 obj_priv->gtt_offset);
2258 /* First try to find a free reg */
2260 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) {
2261 reg = &dev_priv->fence_regs[i];
2265 old_obj_priv = reg->obj->driver_private;
2266 if (!old_obj_priv->pin_count)
2270 /* None available, try to steal one or wait for a user to finish */
2271 if (i == dev_priv->num_fence_regs) {
2272 struct drm_gem_object *old_obj = NULL;
2277 list_for_each_entry(old_obj_priv, &dev_priv->mm.fence_list,
2279 old_obj = old_obj_priv->obj;
2281 if (old_obj_priv->pin_count)
2284 /* Take a reference, as otherwise the wait_rendering
2285 * below may cause the object to get freed out from
2288 drm_gem_object_reference(old_obj);
2290 /* i915 uses fences for GPU access to tiled buffers */
2291 if (IS_I965G(dev) || !old_obj_priv->active)
2294 /* This brings the object to the head of the LRU if it
2295 * had been written to. The only way this should
2296 * result in us waiting longer than the expected
2297 * optimal amount of time is if there was a
2298 * fence-using buffer later that was read-only.
2300 i915_gem_object_flush_gpu_write_domain(old_obj);
2301 ret = i915_gem_object_wait_rendering(old_obj);
2303 drm_gem_object_unreference(old_obj);
2311 * Zap this virtual mapping so we can set up a fence again
2312 * for this object next time we need it.
2314 i915_gem_release_mmap(old_obj);
2316 i = old_obj_priv->fence_reg;
2317 reg = &dev_priv->fence_regs[i];
2319 old_obj_priv->fence_reg = I915_FENCE_REG_NONE;
2320 list_del_init(&old_obj_priv->fence_list);
2322 drm_gem_object_unreference(old_obj);
2325 obj_priv->fence_reg = i;
2326 list_add_tail(&obj_priv->fence_list, &dev_priv->mm.fence_list);
2331 i965_write_fence_reg(reg);
2332 else if (IS_I9XX(dev))
2333 i915_write_fence_reg(reg);
2335 i830_write_fence_reg(reg);
2341 * i915_gem_clear_fence_reg - clear out fence register info
2342 * @obj: object to clear
2344 * Zeroes out the fence register itself and clears out the associated
2345 * data structures in dev_priv and obj_priv.
2348 i915_gem_clear_fence_reg(struct drm_gem_object *obj)
2350 struct drm_device *dev = obj->dev;
2351 drm_i915_private_t *dev_priv = dev->dev_private;
2352 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2355 I915_WRITE64(FENCE_REG_965_0 + (obj_priv->fence_reg * 8), 0);
2359 if (obj_priv->fence_reg < 8)
2360 fence_reg = FENCE_REG_830_0 + obj_priv->fence_reg * 4;
2362 fence_reg = FENCE_REG_945_8 + (obj_priv->fence_reg -
2365 I915_WRITE(fence_reg, 0);
2368 dev_priv->fence_regs[obj_priv->fence_reg].obj = NULL;
2369 obj_priv->fence_reg = I915_FENCE_REG_NONE;
2370 list_del_init(&obj_priv->fence_list);
2374 * i915_gem_object_put_fence_reg - waits on outstanding fenced access
2375 * to the buffer to finish, and then resets the fence register.
2376 * @obj: tiled object holding a fence register.
2378 * Zeroes out the fence register itself and clears out the associated
2379 * data structures in dev_priv and obj_priv.
2382 i915_gem_object_put_fence_reg(struct drm_gem_object *obj)
2384 struct drm_device *dev = obj->dev;
2385 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2387 if (obj_priv->fence_reg == I915_FENCE_REG_NONE)
2390 /* On the i915, GPU access to tiled buffers is via a fence,
2391 * therefore we must wait for any outstanding access to complete
2392 * before clearing the fence.
2394 if (!IS_I965G(dev)) {
2397 i915_gem_object_flush_gpu_write_domain(obj);
2398 i915_gem_object_flush_gtt_write_domain(obj);
2399 ret = i915_gem_object_wait_rendering(obj);
2404 i915_gem_clear_fence_reg (obj);
2410 * Finds free space in the GTT aperture and binds the object there.
2413 i915_gem_object_bind_to_gtt(struct drm_gem_object *obj, unsigned alignment)
2415 struct drm_device *dev = obj->dev;
2416 drm_i915_private_t *dev_priv = dev->dev_private;
2417 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2418 struct drm_mm_node *free_space;
2419 int page_count, ret;
2421 if (dev_priv->mm.suspended)
2424 alignment = i915_gem_get_gtt_alignment(obj);
2425 if (alignment & (i915_gem_get_gtt_alignment(obj) - 1)) {
2426 DRM_ERROR("Invalid object alignment requested %u\n", alignment);
2431 free_space = drm_mm_search_free(&dev_priv->mm.gtt_space,
2432 obj->size, alignment, 0);
2433 if (free_space != NULL) {
2434 obj_priv->gtt_space = drm_mm_get_block(free_space, obj->size,
2436 if (obj_priv->gtt_space != NULL) {
2437 obj_priv->gtt_space->private = obj;
2438 obj_priv->gtt_offset = obj_priv->gtt_space->start;
2441 if (obj_priv->gtt_space == NULL) {
2444 /* If the gtt is empty and we're still having trouble
2445 * fitting our object in, we're out of memory.
2448 DRM_INFO("%s: GTT full, evicting something\n", __func__);
2450 spin_lock(&dev_priv->mm.active_list_lock);
2451 lists_empty = (list_empty(&dev_priv->mm.inactive_list) &&
2452 list_empty(&dev_priv->mm.flushing_list) &&
2453 list_empty(&dev_priv->mm.active_list));
2454 spin_unlock(&dev_priv->mm.active_list_lock);
2456 DRM_ERROR("GTT full, but LRU list empty\n");
2460 ret = i915_gem_evict_something(dev);
2462 if (ret != -ERESTARTSYS)
2463 DRM_ERROR("Failed to evict a buffer %d\n", ret);
2470 DRM_INFO("Binding object of size %zd at 0x%08x\n",
2471 obj->size, obj_priv->gtt_offset);
2473 ret = i915_gem_object_get_pages(obj);
2475 drm_mm_put_block(obj_priv->gtt_space);
2476 obj_priv->gtt_space = NULL;
2480 page_count = obj->size / PAGE_SIZE;
2481 /* Create an AGP memory structure pointing at our pages, and bind it
2484 obj_priv->agp_mem = drm_agp_bind_pages(dev,
2487 obj_priv->gtt_offset,
2488 obj_priv->agp_type);
2489 if (obj_priv->agp_mem == NULL) {
2490 i915_gem_object_put_pages(obj);
2491 drm_mm_put_block(obj_priv->gtt_space);
2492 obj_priv->gtt_space = NULL;
2495 atomic_inc(&dev->gtt_count);
2496 atomic_add(obj->size, &dev->gtt_memory);
2498 /* Assert that the object is not currently in any GPU domain. As it
2499 * wasn't in the GTT, there shouldn't be any way it could have been in
2502 BUG_ON(obj->read_domains & I915_GEM_GPU_DOMAINS);
2503 BUG_ON(obj->write_domain & I915_GEM_GPU_DOMAINS);
2509 i915_gem_clflush_object(struct drm_gem_object *obj)
2511 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2513 /* If we don't have a page list set up, then we're not pinned
2514 * to GPU, and we can ignore the cache flush because it'll happen
2515 * again at bind time.
2517 if (obj_priv->pages == NULL)
2520 drm_clflush_pages(obj_priv->pages, obj->size / PAGE_SIZE);
2523 /** Flushes any GPU write domain for the object if it's dirty. */
2525 i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj)
2527 struct drm_device *dev = obj->dev;
2530 if ((obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
2533 /* Queue the GPU write cache flushing we need. */
2534 i915_gem_flush(dev, 0, obj->write_domain);
2535 seqno = i915_add_request(dev, NULL, obj->write_domain);
2536 obj->write_domain = 0;
2537 i915_gem_object_move_to_active(obj, seqno);
2540 /** Flushes the GTT write domain for the object if it's dirty. */
2542 i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj)
2544 if (obj->write_domain != I915_GEM_DOMAIN_GTT)
2547 /* No actual flushing is required for the GTT write domain. Writes
2548 * to it immediately go to main memory as far as we know, so there's
2549 * no chipset flush. It also doesn't land in render cache.
2551 obj->write_domain = 0;
2554 /** Flushes the CPU write domain for the object if it's dirty. */
2556 i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj)
2558 struct drm_device *dev = obj->dev;
2560 if (obj->write_domain != I915_GEM_DOMAIN_CPU)
2563 i915_gem_clflush_object(obj);
2564 drm_agp_chipset_flush(dev);
2565 obj->write_domain = 0;
2569 * Moves a single object to the GTT read, and possibly write domain.
2571 * This function returns when the move is complete, including waiting on
2575 i915_gem_object_set_to_gtt_domain(struct drm_gem_object *obj, int write)
2577 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2580 /* Not valid to be called on unbound objects. */
2581 if (obj_priv->gtt_space == NULL)
2584 i915_gem_object_flush_gpu_write_domain(obj);
2585 /* Wait on any GPU rendering and flushing to occur. */
2586 ret = i915_gem_object_wait_rendering(obj);
2590 /* If we're writing through the GTT domain, then CPU and GPU caches
2591 * will need to be invalidated at next use.
2594 obj->read_domains &= I915_GEM_DOMAIN_GTT;
2596 i915_gem_object_flush_cpu_write_domain(obj);
2598 /* It should now be out of any other write domains, and we can update
2599 * the domain values for our changes.
2601 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_GTT) != 0);
2602 obj->read_domains |= I915_GEM_DOMAIN_GTT;
2604 obj->write_domain = I915_GEM_DOMAIN_GTT;
2605 obj_priv->dirty = 1;
2612 * Moves a single object to the CPU read, and possibly write domain.
2614 * This function returns when the move is complete, including waiting on
2618 i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj, int write)
2622 i915_gem_object_flush_gpu_write_domain(obj);
2623 /* Wait on any GPU rendering and flushing to occur. */
2624 ret = i915_gem_object_wait_rendering(obj);
2628 i915_gem_object_flush_gtt_write_domain(obj);
2630 /* If we have a partially-valid cache of the object in the CPU,
2631 * finish invalidating it and free the per-page flags.
2633 i915_gem_object_set_to_full_cpu_read_domain(obj);
2635 /* Flush the CPU cache if it's still invalid. */
2636 if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0) {
2637 i915_gem_clflush_object(obj);
2639 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2642 /* It should now be out of any other write domains, and we can update
2643 * the domain values for our changes.
2645 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2647 /* If we're writing through the CPU, then the GPU read domains will
2648 * need to be invalidated at next use.
2651 obj->read_domains &= I915_GEM_DOMAIN_CPU;
2652 obj->write_domain = I915_GEM_DOMAIN_CPU;
2659 * Set the next domain for the specified object. This
2660 * may not actually perform the necessary flushing/invaliding though,
2661 * as that may want to be batched with other set_domain operations
2663 * This is (we hope) the only really tricky part of gem. The goal
2664 * is fairly simple -- track which caches hold bits of the object
2665 * and make sure they remain coherent. A few concrete examples may
2666 * help to explain how it works. For shorthand, we use the notation
2667 * (read_domains, write_domain), e.g. (CPU, CPU) to indicate the
2668 * a pair of read and write domain masks.
2670 * Case 1: the batch buffer
2676 * 5. Unmapped from GTT
2679 * Let's take these a step at a time
2682 * Pages allocated from the kernel may still have
2683 * cache contents, so we set them to (CPU, CPU) always.
2684 * 2. Written by CPU (using pwrite)
2685 * The pwrite function calls set_domain (CPU, CPU) and
2686 * this function does nothing (as nothing changes)
2688 * This function asserts that the object is not
2689 * currently in any GPU-based read or write domains
2691 * i915_gem_execbuffer calls set_domain (COMMAND, 0).
2692 * As write_domain is zero, this function adds in the
2693 * current read domains (CPU+COMMAND, 0).
2694 * flush_domains is set to CPU.
2695 * invalidate_domains is set to COMMAND
2696 * clflush is run to get data out of the CPU caches
2697 * then i915_dev_set_domain calls i915_gem_flush to
2698 * emit an MI_FLUSH and drm_agp_chipset_flush
2699 * 5. Unmapped from GTT
2700 * i915_gem_object_unbind calls set_domain (CPU, CPU)
2701 * flush_domains and invalidate_domains end up both zero
2702 * so no flushing/invalidating happens
2706 * Case 2: The shared render buffer
2710 * 3. Read/written by GPU
2711 * 4. set_domain to (CPU,CPU)
2712 * 5. Read/written by CPU
2713 * 6. Read/written by GPU
2716 * Same as last example, (CPU, CPU)
2718 * Nothing changes (assertions find that it is not in the GPU)
2719 * 3. Read/written by GPU
2720 * execbuffer calls set_domain (RENDER, RENDER)
2721 * flush_domains gets CPU
2722 * invalidate_domains gets GPU
2724 * MI_FLUSH and drm_agp_chipset_flush
2725 * 4. set_domain (CPU, CPU)
2726 * flush_domains gets GPU
2727 * invalidate_domains gets CPU
2728 * wait_rendering (obj) to make sure all drawing is complete.
2729 * This will include an MI_FLUSH to get the data from GPU
2731 * clflush (obj) to invalidate the CPU cache
2732 * Another MI_FLUSH in i915_gem_flush (eliminate this somehow?)
2733 * 5. Read/written by CPU
2734 * cache lines are loaded and dirtied
2735 * 6. Read written by GPU
2736 * Same as last GPU access
2738 * Case 3: The constant buffer
2743 * 4. Updated (written) by CPU again
2752 * flush_domains = CPU
2753 * invalidate_domains = RENDER
2756 * drm_agp_chipset_flush
2757 * 4. Updated (written) by CPU again
2759 * flush_domains = 0 (no previous write domain)
2760 * invalidate_domains = 0 (no new read domains)
2763 * flush_domains = CPU
2764 * invalidate_domains = RENDER
2767 * drm_agp_chipset_flush
2770 i915_gem_object_set_to_gpu_domain(struct drm_gem_object *obj)
2772 struct drm_device *dev = obj->dev;
2773 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2774 uint32_t invalidate_domains = 0;
2775 uint32_t flush_domains = 0;
2777 BUG_ON(obj->pending_read_domains & I915_GEM_DOMAIN_CPU);
2778 BUG_ON(obj->pending_write_domain == I915_GEM_DOMAIN_CPU);
2780 intel_mark_busy(dev, obj);
2783 DRM_INFO("%s: object %p read %08x -> %08x write %08x -> %08x\n",
2785 obj->read_domains, obj->pending_read_domains,
2786 obj->write_domain, obj->pending_write_domain);
2789 * If the object isn't moving to a new write domain,
2790 * let the object stay in multiple read domains
2792 if (obj->pending_write_domain == 0)
2793 obj->pending_read_domains |= obj->read_domains;
2795 obj_priv->dirty = 1;
2798 * Flush the current write domain if
2799 * the new read domains don't match. Invalidate
2800 * any read domains which differ from the old
2803 if (obj->write_domain &&
2804 obj->write_domain != obj->pending_read_domains) {
2805 flush_domains |= obj->write_domain;
2806 invalidate_domains |=
2807 obj->pending_read_domains & ~obj->write_domain;
2810 * Invalidate any read caches which may have
2811 * stale data. That is, any new read domains.
2813 invalidate_domains |= obj->pending_read_domains & ~obj->read_domains;
2814 if ((flush_domains | invalidate_domains) & I915_GEM_DOMAIN_CPU) {
2816 DRM_INFO("%s: CPU domain flush %08x invalidate %08x\n",
2817 __func__, flush_domains, invalidate_domains);
2819 i915_gem_clflush_object(obj);
2822 /* The actual obj->write_domain will be updated with
2823 * pending_write_domain after we emit the accumulated flush for all
2824 * of our domain changes in execbuffers (which clears objects'
2825 * write_domains). So if we have a current write domain that we
2826 * aren't changing, set pending_write_domain to that.
2828 if (flush_domains == 0 && obj->pending_write_domain == 0)
2829 obj->pending_write_domain = obj->write_domain;
2830 obj->read_domains = obj->pending_read_domains;
2832 dev->invalidate_domains |= invalidate_domains;
2833 dev->flush_domains |= flush_domains;
2835 DRM_INFO("%s: read %08x write %08x invalidate %08x flush %08x\n",
2837 obj->read_domains, obj->write_domain,
2838 dev->invalidate_domains, dev->flush_domains);
2843 * Moves the object from a partially CPU read to a full one.
2845 * Note that this only resolves i915_gem_object_set_cpu_read_domain_range(),
2846 * and doesn't handle transitioning from !(read_domains & I915_GEM_DOMAIN_CPU).
2849 i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj)
2851 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2853 if (!obj_priv->page_cpu_valid)
2856 /* If we're partially in the CPU read domain, finish moving it in.
2858 if (obj->read_domains & I915_GEM_DOMAIN_CPU) {
2861 for (i = 0; i <= (obj->size - 1) / PAGE_SIZE; i++) {
2862 if (obj_priv->page_cpu_valid[i])
2864 drm_clflush_pages(obj_priv->pages + i, 1);
2868 /* Free the page_cpu_valid mappings which are now stale, whether
2869 * or not we've got I915_GEM_DOMAIN_CPU.
2871 kfree(obj_priv->page_cpu_valid);
2872 obj_priv->page_cpu_valid = NULL;
2876 * Set the CPU read domain on a range of the object.
2878 * The object ends up with I915_GEM_DOMAIN_CPU in its read flags although it's
2879 * not entirely valid. The page_cpu_valid member of the object flags which
2880 * pages have been flushed, and will be respected by
2881 * i915_gem_object_set_to_cpu_domain() if it's called on to get a valid mapping
2882 * of the whole object.
2884 * This function returns when the move is complete, including waiting on
2888 i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
2889 uint64_t offset, uint64_t size)
2891 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2894 if (offset == 0 && size == obj->size)
2895 return i915_gem_object_set_to_cpu_domain(obj, 0);
2897 i915_gem_object_flush_gpu_write_domain(obj);
2898 /* Wait on any GPU rendering and flushing to occur. */
2899 ret = i915_gem_object_wait_rendering(obj);
2902 i915_gem_object_flush_gtt_write_domain(obj);
2904 /* If we're already fully in the CPU read domain, we're done. */
2905 if (obj_priv->page_cpu_valid == NULL &&
2906 (obj->read_domains & I915_GEM_DOMAIN_CPU) != 0)
2909 /* Otherwise, create/clear the per-page CPU read domain flag if we're
2910 * newly adding I915_GEM_DOMAIN_CPU
2912 if (obj_priv->page_cpu_valid == NULL) {
2913 obj_priv->page_cpu_valid = kzalloc(obj->size / PAGE_SIZE,
2915 if (obj_priv->page_cpu_valid == NULL)
2917 } else if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0)
2918 memset(obj_priv->page_cpu_valid, 0, obj->size / PAGE_SIZE);
2920 /* Flush the cache on any pages that are still invalid from the CPU's
2923 for (i = offset / PAGE_SIZE; i <= (offset + size - 1) / PAGE_SIZE;
2925 if (obj_priv->page_cpu_valid[i])
2928 drm_clflush_pages(obj_priv->pages + i, 1);
2930 obj_priv->page_cpu_valid[i] = 1;
2933 /* It should now be out of any other write domains, and we can update
2934 * the domain values for our changes.
2936 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2938 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2944 * Pin an object to the GTT and evaluate the relocations landing in it.
2947 i915_gem_object_pin_and_relocate(struct drm_gem_object *obj,
2948 struct drm_file *file_priv,
2949 struct drm_i915_gem_exec_object *entry,
2950 struct drm_i915_gem_relocation_entry *relocs)
2952 struct drm_device *dev = obj->dev;
2953 drm_i915_private_t *dev_priv = dev->dev_private;
2954 struct drm_i915_gem_object *obj_priv = obj->driver_private;
2956 void __iomem *reloc_page;
2958 /* Choose the GTT offset for our buffer and put it there. */
2959 ret = i915_gem_object_pin(obj, (uint32_t) entry->alignment);
2963 entry->offset = obj_priv->gtt_offset;
2965 /* Apply the relocations, using the GTT aperture to avoid cache
2966 * flushing requirements.
2968 for (i = 0; i < entry->relocation_count; i++) {
2969 struct drm_i915_gem_relocation_entry *reloc= &relocs[i];
2970 struct drm_gem_object *target_obj;
2971 struct drm_i915_gem_object *target_obj_priv;
2972 uint32_t reloc_val, reloc_offset;
2973 uint32_t __iomem *reloc_entry;
2975 target_obj = drm_gem_object_lookup(obj->dev, file_priv,
2976 reloc->target_handle);
2977 if (target_obj == NULL) {
2978 i915_gem_object_unpin(obj);
2981 target_obj_priv = target_obj->driver_private;
2983 /* The target buffer should have appeared before us in the
2984 * exec_object list, so it should have a GTT space bound by now.
2986 if (target_obj_priv->gtt_space == NULL) {
2987 DRM_ERROR("No GTT space found for object %d\n",
2988 reloc->target_handle);
2989 drm_gem_object_unreference(target_obj);
2990 i915_gem_object_unpin(obj);
2994 if (reloc->offset > obj->size - 4) {
2995 DRM_ERROR("Relocation beyond object bounds: "
2996 "obj %p target %d offset %d size %d.\n",
2997 obj, reloc->target_handle,
2998 (int) reloc->offset, (int) obj->size);
2999 drm_gem_object_unreference(target_obj);
3000 i915_gem_object_unpin(obj);
3003 if (reloc->offset & 3) {
3004 DRM_ERROR("Relocation not 4-byte aligned: "
3005 "obj %p target %d offset %d.\n",
3006 obj, reloc->target_handle,
3007 (int) reloc->offset);
3008 drm_gem_object_unreference(target_obj);
3009 i915_gem_object_unpin(obj);
3013 if (reloc->write_domain & I915_GEM_DOMAIN_CPU ||
3014 reloc->read_domains & I915_GEM_DOMAIN_CPU) {
3015 DRM_ERROR("reloc with read/write CPU domains: "
3016 "obj %p target %d offset %d "
3017 "read %08x write %08x",
3018 obj, reloc->target_handle,
3019 (int) reloc->offset,
3020 reloc->read_domains,
3021 reloc->write_domain);
3022 drm_gem_object_unreference(target_obj);
3023 i915_gem_object_unpin(obj);
3027 if (reloc->write_domain && target_obj->pending_write_domain &&
3028 reloc->write_domain != target_obj->pending_write_domain) {
3029 DRM_ERROR("Write domain conflict: "
3030 "obj %p target %d offset %d "
3031 "new %08x old %08x\n",
3032 obj, reloc->target_handle,
3033 (int) reloc->offset,
3034 reloc->write_domain,
3035 target_obj->pending_write_domain);
3036 drm_gem_object_unreference(target_obj);
3037 i915_gem_object_unpin(obj);
3042 DRM_INFO("%s: obj %p offset %08x target %d "
3043 "read %08x write %08x gtt %08x "
3044 "presumed %08x delta %08x\n",
3047 (int) reloc->offset,
3048 (int) reloc->target_handle,
3049 (int) reloc->read_domains,
3050 (int) reloc->write_domain,
3051 (int) target_obj_priv->gtt_offset,
3052 (int) reloc->presumed_offset,
3056 target_obj->pending_read_domains |= reloc->read_domains;
3057 target_obj->pending_write_domain |= reloc->write_domain;
3059 /* If the relocation already has the right value in it, no
3060 * more work needs to be done.
3062 if (target_obj_priv->gtt_offset == reloc->presumed_offset) {
3063 drm_gem_object_unreference(target_obj);
3067 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
3069 drm_gem_object_unreference(target_obj);
3070 i915_gem_object_unpin(obj);
3074 /* Map the page containing the relocation we're going to
3077 reloc_offset = obj_priv->gtt_offset + reloc->offset;
3078 reloc_page = io_mapping_map_atomic_wc(dev_priv->mm.gtt_mapping,
3081 reloc_entry = (uint32_t __iomem *)(reloc_page +
3082 (reloc_offset & (PAGE_SIZE - 1)));
3083 reloc_val = target_obj_priv->gtt_offset + reloc->delta;
3086 DRM_INFO("Applied relocation: %p@0x%08x %08x -> %08x\n",
3087 obj, (unsigned int) reloc->offset,
3088 readl(reloc_entry), reloc_val);
3090 writel(reloc_val, reloc_entry);
3091 io_mapping_unmap_atomic(reloc_page);
3093 /* The updated presumed offset for this entry will be
3094 * copied back out to the user.
3096 reloc->presumed_offset = target_obj_priv->gtt_offset;
3098 drm_gem_object_unreference(target_obj);
3103 i915_gem_dump_object(obj, 128, __func__, ~0);
3108 /** Dispatch a batchbuffer to the ring
3111 i915_dispatch_gem_execbuffer(struct drm_device *dev,
3112 struct drm_i915_gem_execbuffer *exec,
3113 struct drm_clip_rect *cliprects,
3114 uint64_t exec_offset)
3116 drm_i915_private_t *dev_priv = dev->dev_private;
3117 int nbox = exec->num_cliprects;
3119 uint32_t exec_start, exec_len;
3122 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3123 exec_len = (uint32_t) exec->batch_len;
3125 count = nbox ? nbox : 1;
3127 for (i = 0; i < count; i++) {
3129 int ret = i915_emit_box(dev, cliprects, i,
3130 exec->DR1, exec->DR4);
3135 if (IS_I830(dev) || IS_845G(dev)) {
3137 OUT_RING(MI_BATCH_BUFFER);
3138 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
3139 OUT_RING(exec_start + exec_len - 4);
3144 if (IS_I965G(dev)) {
3145 OUT_RING(MI_BATCH_BUFFER_START |
3147 MI_BATCH_NON_SECURE_I965);
3148 OUT_RING(exec_start);
3150 OUT_RING(MI_BATCH_BUFFER_START |
3152 OUT_RING(exec_start | MI_BATCH_NON_SECURE);
3158 /* XXX breadcrumb */
3162 /* Throttle our rendering by waiting until the ring has completed our requests
3163 * emitted over 20 msec ago.
3165 * Note that if we were to use the current jiffies each time around the loop,
3166 * we wouldn't escape the function with any frames outstanding if the time to
3167 * render a frame was over 20ms.
3169 * This should get us reasonable parallelism between CPU and GPU but also
3170 * relatively low latency when blocking on a particular request to finish.
3173 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file_priv)
3175 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
3177 unsigned long recent_enough = jiffies - msecs_to_jiffies(20);
3179 mutex_lock(&dev->struct_mutex);
3180 while (!list_empty(&i915_file_priv->mm.request_list)) {
3181 struct drm_i915_gem_request *request;
3183 request = list_first_entry(&i915_file_priv->mm.request_list,
3184 struct drm_i915_gem_request,
3187 if (time_after_eq(request->emitted_jiffies, recent_enough))
3190 ret = i915_wait_request(dev, request->seqno);
3194 mutex_unlock(&dev->struct_mutex);
3200 i915_gem_get_relocs_from_user(struct drm_i915_gem_exec_object *exec_list,
3201 uint32_t buffer_count,
3202 struct drm_i915_gem_relocation_entry **relocs)
3204 uint32_t reloc_count = 0, reloc_index = 0, i;
3208 for (i = 0; i < buffer_count; i++) {
3209 if (reloc_count + exec_list[i].relocation_count < reloc_count)
3211 reloc_count += exec_list[i].relocation_count;
3214 *relocs = drm_calloc_large(reloc_count, sizeof(**relocs));
3215 if (*relocs == NULL)
3218 for (i = 0; i < buffer_count; i++) {
3219 struct drm_i915_gem_relocation_entry __user *user_relocs;
3221 user_relocs = (void __user *)(uintptr_t)exec_list[i].relocs_ptr;
3223 ret = copy_from_user(&(*relocs)[reloc_index],
3225 exec_list[i].relocation_count *
3228 drm_free_large(*relocs);
3233 reloc_index += exec_list[i].relocation_count;
3240 i915_gem_put_relocs_to_user(struct drm_i915_gem_exec_object *exec_list,
3241 uint32_t buffer_count,
3242 struct drm_i915_gem_relocation_entry *relocs)
3244 uint32_t reloc_count = 0, i;
3247 for (i = 0; i < buffer_count; i++) {
3248 struct drm_i915_gem_relocation_entry __user *user_relocs;
3251 user_relocs = (void __user *)(uintptr_t)exec_list[i].relocs_ptr;
3253 unwritten = copy_to_user(user_relocs,
3254 &relocs[reloc_count],
3255 exec_list[i].relocation_count *
3263 reloc_count += exec_list[i].relocation_count;
3267 drm_free_large(relocs);
3273 i915_gem_check_execbuffer (struct drm_i915_gem_execbuffer *exec,
3274 uint64_t exec_offset)
3276 uint32_t exec_start, exec_len;
3278 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3279 exec_len = (uint32_t) exec->batch_len;
3281 if ((exec_start | exec_len) & 0x7)
3291 i915_gem_execbuffer(struct drm_device *dev, void *data,
3292 struct drm_file *file_priv)
3294 drm_i915_private_t *dev_priv = dev->dev_private;
3295 struct drm_i915_gem_execbuffer *args = data;
3296 struct drm_i915_gem_exec_object *exec_list = NULL;
3297 struct drm_gem_object **object_list = NULL;
3298 struct drm_gem_object *batch_obj;
3299 struct drm_i915_gem_object *obj_priv;
3300 struct drm_clip_rect *cliprects = NULL;
3301 struct drm_i915_gem_relocation_entry *relocs;
3302 int ret, ret2, i, pinned = 0;
3303 uint64_t exec_offset;
3304 uint32_t seqno, flush_domains, reloc_index;
3308 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
3309 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
3312 if (args->buffer_count < 1) {
3313 DRM_ERROR("execbuf with %d buffers\n", args->buffer_count);
3316 /* Copy in the exec list from userland */
3317 exec_list = drm_calloc_large(sizeof(*exec_list), args->buffer_count);
3318 object_list = drm_calloc_large(sizeof(*object_list), args->buffer_count);
3319 if (exec_list == NULL || object_list == NULL) {
3320 DRM_ERROR("Failed to allocate exec or object list "
3322 args->buffer_count);
3326 ret = copy_from_user(exec_list,
3327 (struct drm_i915_relocation_entry __user *)
3328 (uintptr_t) args->buffers_ptr,
3329 sizeof(*exec_list) * args->buffer_count);
3331 DRM_ERROR("copy %d exec entries failed %d\n",
3332 args->buffer_count, ret);
3336 if (args->num_cliprects != 0) {
3337 cliprects = kcalloc(args->num_cliprects, sizeof(*cliprects),
3339 if (cliprects == NULL)
3342 ret = copy_from_user(cliprects,
3343 (struct drm_clip_rect __user *)
3344 (uintptr_t) args->cliprects_ptr,
3345 sizeof(*cliprects) * args->num_cliprects);
3347 DRM_ERROR("copy %d cliprects failed: %d\n",
3348 args->num_cliprects, ret);
3353 ret = i915_gem_get_relocs_from_user(exec_list, args->buffer_count,
3358 mutex_lock(&dev->struct_mutex);
3360 i915_verify_inactive(dev, __FILE__, __LINE__);
3362 if (atomic_read(&dev_priv->mm.wedged)) {
3363 DRM_ERROR("Execbuf while wedged\n");
3364 mutex_unlock(&dev->struct_mutex);
3369 if (dev_priv->mm.suspended) {
3370 DRM_ERROR("Execbuf while VT-switched.\n");
3371 mutex_unlock(&dev->struct_mutex);
3376 /* Look up object handles */
3377 for (i = 0; i < args->buffer_count; i++) {
3378 object_list[i] = drm_gem_object_lookup(dev, file_priv,
3379 exec_list[i].handle);
3380 if (object_list[i] == NULL) {
3381 DRM_ERROR("Invalid object handle %d at index %d\n",
3382 exec_list[i].handle, i);
3387 obj_priv = object_list[i]->driver_private;
3388 if (obj_priv->in_execbuffer) {
3389 DRM_ERROR("Object %p appears more than once in object list\n",
3394 obj_priv->in_execbuffer = true;
3397 /* Pin and relocate */
3398 for (pin_tries = 0; ; pin_tries++) {
3402 for (i = 0; i < args->buffer_count; i++) {
3403 object_list[i]->pending_read_domains = 0;
3404 object_list[i]->pending_write_domain = 0;
3405 ret = i915_gem_object_pin_and_relocate(object_list[i],
3408 &relocs[reloc_index]);
3412 reloc_index += exec_list[i].relocation_count;
3418 /* error other than GTT full, or we've already tried again */
3419 if (ret != -ENOSPC || pin_tries >= 1) {
3420 if (ret != -ERESTARTSYS)
3421 DRM_ERROR("Failed to pin buffers %d\n", ret);
3425 /* unpin all of our buffers */
3426 for (i = 0; i < pinned; i++)
3427 i915_gem_object_unpin(object_list[i]);
3430 /* evict everyone we can from the aperture */
3431 ret = i915_gem_evict_everything(dev);
3436 /* Set the pending read domains for the batch buffer to COMMAND */
3437 batch_obj = object_list[args->buffer_count-1];
3438 if (batch_obj->pending_write_domain) {
3439 DRM_ERROR("Attempting to use self-modifying batch buffer\n");
3443 batch_obj->pending_read_domains |= I915_GEM_DOMAIN_COMMAND;
3445 /* Sanity check the batch buffer, prior to moving objects */
3446 exec_offset = exec_list[args->buffer_count - 1].offset;
3447 ret = i915_gem_check_execbuffer (args, exec_offset);
3449 DRM_ERROR("execbuf with invalid offset/length\n");
3453 i915_verify_inactive(dev, __FILE__, __LINE__);
3455 /* Zero the global flush/invalidate flags. These
3456 * will be modified as new domains are computed
3459 dev->invalidate_domains = 0;
3460 dev->flush_domains = 0;
3462 for (i = 0; i < args->buffer_count; i++) {
3463 struct drm_gem_object *obj = object_list[i];
3465 /* Compute new gpu domains and update invalidate/flush */
3466 i915_gem_object_set_to_gpu_domain(obj);
3469 i915_verify_inactive(dev, __FILE__, __LINE__);
3471 if (dev->invalidate_domains | dev->flush_domains) {
3473 DRM_INFO("%s: invalidate_domains %08x flush_domains %08x\n",
3475 dev->invalidate_domains,
3476 dev->flush_domains);
3479 dev->invalidate_domains,
3480 dev->flush_domains);
3481 if (dev->flush_domains)
3482 (void)i915_add_request(dev, file_priv,
3483 dev->flush_domains);
3486 for (i = 0; i < args->buffer_count; i++) {
3487 struct drm_gem_object *obj = object_list[i];
3489 obj->write_domain = obj->pending_write_domain;
3492 i915_verify_inactive(dev, __FILE__, __LINE__);
3495 for (i = 0; i < args->buffer_count; i++) {
3496 i915_gem_object_check_coherency(object_list[i],
3497 exec_list[i].handle);
3502 i915_gem_dump_object(batch_obj,
3508 /* Exec the batchbuffer */
3509 ret = i915_dispatch_gem_execbuffer(dev, args, cliprects, exec_offset);
3511 DRM_ERROR("dispatch failed %d\n", ret);
3516 * Ensure that the commands in the batch buffer are
3517 * finished before the interrupt fires
3519 flush_domains = i915_retire_commands(dev);
3521 i915_verify_inactive(dev, __FILE__, __LINE__);
3524 * Get a seqno representing the execution of the current buffer,
3525 * which we can wait on. We would like to mitigate these interrupts,
3526 * likely by only creating seqnos occasionally (so that we have
3527 * *some* interrupts representing completion of buffers that we can
3528 * wait on when trying to clear up gtt space).
3530 seqno = i915_add_request(dev, file_priv, flush_domains);
3532 for (i = 0; i < args->buffer_count; i++) {
3533 struct drm_gem_object *obj = object_list[i];
3535 i915_gem_object_move_to_active(obj, seqno);
3537 DRM_INFO("%s: move to exec list %p\n", __func__, obj);
3541 i915_dump_lru(dev, __func__);
3544 i915_verify_inactive(dev, __FILE__, __LINE__);
3547 for (i = 0; i < pinned; i++)
3548 i915_gem_object_unpin(object_list[i]);
3550 for (i = 0; i < args->buffer_count; i++) {
3551 if (object_list[i]) {
3552 obj_priv = object_list[i]->driver_private;
3553 obj_priv->in_execbuffer = false;
3555 drm_gem_object_unreference(object_list[i]);
3558 mutex_unlock(&dev->struct_mutex);
3561 /* Copy the new buffer offsets back to the user's exec list. */
3562 ret = copy_to_user((struct drm_i915_relocation_entry __user *)
3563 (uintptr_t) args->buffers_ptr,
3565 sizeof(*exec_list) * args->buffer_count);
3568 DRM_ERROR("failed to copy %d exec entries "
3569 "back to user (%d)\n",
3570 args->buffer_count, ret);
3574 /* Copy the updated relocations out regardless of current error
3575 * state. Failure to update the relocs would mean that the next
3576 * time userland calls execbuf, it would do so with presumed offset
3577 * state that didn't match the actual object state.
3579 ret2 = i915_gem_put_relocs_to_user(exec_list, args->buffer_count,
3582 DRM_ERROR("Failed to copy relocations back out: %d\n", ret2);
3589 drm_free_large(object_list);
3590 drm_free_large(exec_list);
3597 i915_gem_object_pin(struct drm_gem_object *obj, uint32_t alignment)
3599 struct drm_device *dev = obj->dev;
3600 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3603 i915_verify_inactive(dev, __FILE__, __LINE__);
3604 if (obj_priv->gtt_space == NULL) {
3605 ret = i915_gem_object_bind_to_gtt(obj, alignment);
3607 if (ret != -EBUSY && ret != -ERESTARTSYS)
3608 DRM_ERROR("Failure to bind: %d\n", ret);
3613 * Pre-965 chips need a fence register set up in order to
3614 * properly handle tiled surfaces.
3616 if (!IS_I965G(dev) && obj_priv->tiling_mode != I915_TILING_NONE) {
3617 ret = i915_gem_object_get_fence_reg(obj);
3619 if (ret != -EBUSY && ret != -ERESTARTSYS)
3620 DRM_ERROR("Failure to install fence: %d\n",
3625 obj_priv->pin_count++;
3627 /* If the object is not active and not pending a flush,
3628 * remove it from the inactive list
3630 if (obj_priv->pin_count == 1) {
3631 atomic_inc(&dev->pin_count);
3632 atomic_add(obj->size, &dev->pin_memory);
3633 if (!obj_priv->active &&
3634 (obj->write_domain & I915_GEM_GPU_DOMAINS) == 0 &&
3635 !list_empty(&obj_priv->list))
3636 list_del_init(&obj_priv->list);
3638 i915_verify_inactive(dev, __FILE__, __LINE__);
3644 i915_gem_object_unpin(struct drm_gem_object *obj)
3646 struct drm_device *dev = obj->dev;
3647 drm_i915_private_t *dev_priv = dev->dev_private;
3648 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3650 i915_verify_inactive(dev, __FILE__, __LINE__);
3651 obj_priv->pin_count--;
3652 BUG_ON(obj_priv->pin_count < 0);
3653 BUG_ON(obj_priv->gtt_space == NULL);
3655 /* If the object is no longer pinned, and is
3656 * neither active nor being flushed, then stick it on
3659 if (obj_priv->pin_count == 0) {
3660 if (!obj_priv->active &&
3661 (obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
3662 list_move_tail(&obj_priv->list,
3663 &dev_priv->mm.inactive_list);
3664 atomic_dec(&dev->pin_count);
3665 atomic_sub(obj->size, &dev->pin_memory);
3667 i915_verify_inactive(dev, __FILE__, __LINE__);
3671 i915_gem_pin_ioctl(struct drm_device *dev, void *data,
3672 struct drm_file *file_priv)
3674 struct drm_i915_gem_pin *args = data;
3675 struct drm_gem_object *obj;
3676 struct drm_i915_gem_object *obj_priv;
3679 mutex_lock(&dev->struct_mutex);
3681 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3683 DRM_ERROR("Bad handle in i915_gem_pin_ioctl(): %d\n",
3685 mutex_unlock(&dev->struct_mutex);
3688 obj_priv = obj->driver_private;
3690 if (obj_priv->pin_filp != NULL && obj_priv->pin_filp != file_priv) {
3691 DRM_ERROR("Already pinned in i915_gem_pin_ioctl(): %d\n",
3693 drm_gem_object_unreference(obj);
3694 mutex_unlock(&dev->struct_mutex);
3698 obj_priv->user_pin_count++;
3699 obj_priv->pin_filp = file_priv;
3700 if (obj_priv->user_pin_count == 1) {
3701 ret = i915_gem_object_pin(obj, args->alignment);
3703 drm_gem_object_unreference(obj);
3704 mutex_unlock(&dev->struct_mutex);
3709 /* XXX - flush the CPU caches for pinned objects
3710 * as the X server doesn't manage domains yet
3712 i915_gem_object_flush_cpu_write_domain(obj);
3713 args->offset = obj_priv->gtt_offset;
3714 drm_gem_object_unreference(obj);
3715 mutex_unlock(&dev->struct_mutex);
3721 i915_gem_unpin_ioctl(struct drm_device *dev, void *data,
3722 struct drm_file *file_priv)
3724 struct drm_i915_gem_pin *args = data;
3725 struct drm_gem_object *obj;
3726 struct drm_i915_gem_object *obj_priv;
3728 mutex_lock(&dev->struct_mutex);
3730 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3732 DRM_ERROR("Bad handle in i915_gem_unpin_ioctl(): %d\n",
3734 mutex_unlock(&dev->struct_mutex);
3738 obj_priv = obj->driver_private;
3739 if (obj_priv->pin_filp != file_priv) {
3740 DRM_ERROR("Not pinned by caller in i915_gem_pin_ioctl(): %d\n",
3742 drm_gem_object_unreference(obj);
3743 mutex_unlock(&dev->struct_mutex);
3746 obj_priv->user_pin_count--;
3747 if (obj_priv->user_pin_count == 0) {
3748 obj_priv->pin_filp = NULL;
3749 i915_gem_object_unpin(obj);
3752 drm_gem_object_unreference(obj);
3753 mutex_unlock(&dev->struct_mutex);
3758 i915_gem_busy_ioctl(struct drm_device *dev, void *data,
3759 struct drm_file *file_priv)
3761 struct drm_i915_gem_busy *args = data;
3762 struct drm_gem_object *obj;
3763 struct drm_i915_gem_object *obj_priv;
3765 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
3767 DRM_ERROR("Bad handle in i915_gem_busy_ioctl(): %d\n",
3772 mutex_lock(&dev->struct_mutex);
3773 /* Update the active list for the hardware's current position.
3774 * Otherwise this only updates on a delayed timer or when irqs are
3775 * actually unmasked, and our working set ends up being larger than
3778 i915_gem_retire_requests(dev);
3780 obj_priv = obj->driver_private;
3781 /* Don't count being on the flushing list against the object being
3782 * done. Otherwise, a buffer left on the flushing list but not getting
3783 * flushed (because nobody's flushing that domain) won't ever return
3784 * unbusy and get reused by libdrm's bo cache. The other expected
3785 * consumer of this interface, OpenGL's occlusion queries, also specs
3786 * that the objects get unbusy "eventually" without any interference.
3788 args->busy = obj_priv->active && obj_priv->last_rendering_seqno != 0;
3790 drm_gem_object_unreference(obj);
3791 mutex_unlock(&dev->struct_mutex);
3796 i915_gem_throttle_ioctl(struct drm_device *dev, void *data,
3797 struct drm_file *file_priv)
3799 return i915_gem_ring_throttle(dev, file_priv);
3802 int i915_gem_init_object(struct drm_gem_object *obj)
3804 struct drm_i915_gem_object *obj_priv;
3806 obj_priv = kzalloc(sizeof(*obj_priv), GFP_KERNEL);
3807 if (obj_priv == NULL)
3811 * We've just allocated pages from the kernel,
3812 * so they've just been written by the CPU with
3813 * zeros. They'll need to be clflushed before we
3814 * use them with the GPU.
3816 obj->write_domain = I915_GEM_DOMAIN_CPU;
3817 obj->read_domains = I915_GEM_DOMAIN_CPU;
3819 obj_priv->agp_type = AGP_USER_MEMORY;
3821 obj->driver_private = obj_priv;
3822 obj_priv->obj = obj;
3823 obj_priv->fence_reg = I915_FENCE_REG_NONE;
3824 INIT_LIST_HEAD(&obj_priv->list);
3825 INIT_LIST_HEAD(&obj_priv->fence_list);
3830 void i915_gem_free_object(struct drm_gem_object *obj)
3832 struct drm_device *dev = obj->dev;
3833 struct drm_i915_gem_object *obj_priv = obj->driver_private;
3835 while (obj_priv->pin_count > 0)
3836 i915_gem_object_unpin(obj);
3838 if (obj_priv->phys_obj)
3839 i915_gem_detach_phys_object(dev, obj);
3841 i915_gem_object_unbind(obj);
3843 if (obj_priv->mmap_offset)
3844 i915_gem_free_mmap_offset(obj);
3846 kfree(obj_priv->page_cpu_valid);
3847 kfree(obj_priv->bit_17);
3848 kfree(obj->driver_private);
3851 /** Unbinds all objects that are on the given buffer list. */
3853 i915_gem_evict_from_list(struct drm_device *dev, struct list_head *head)
3855 struct drm_gem_object *obj;
3856 struct drm_i915_gem_object *obj_priv;
3859 while (!list_empty(head)) {
3860 obj_priv = list_first_entry(head,
3861 struct drm_i915_gem_object,
3863 obj = obj_priv->obj;
3865 if (obj_priv->pin_count != 0) {
3866 DRM_ERROR("Pinned object in unbind list\n");
3867 mutex_unlock(&dev->struct_mutex);
3871 ret = i915_gem_object_unbind(obj);
3873 DRM_ERROR("Error unbinding object in LeaveVT: %d\n",
3875 mutex_unlock(&dev->struct_mutex);
3885 i915_gem_idle(struct drm_device *dev)
3887 drm_i915_private_t *dev_priv = dev->dev_private;
3888 uint32_t seqno, cur_seqno, last_seqno;
3891 mutex_lock(&dev->struct_mutex);
3893 if (dev_priv->mm.suspended || dev_priv->ring.ring_obj == NULL) {
3894 mutex_unlock(&dev->struct_mutex);
3898 /* Hack! Don't let anybody do execbuf while we don't control the chip.
3899 * We need to replace this with a semaphore, or something.
3901 dev_priv->mm.suspended = 1;
3902 del_timer(&dev_priv->hangcheck_timer);
3904 /* Cancel the retire work handler, wait for it to finish if running
3906 mutex_unlock(&dev->struct_mutex);
3907 cancel_delayed_work_sync(&dev_priv->mm.retire_work);
3908 mutex_lock(&dev->struct_mutex);
3910 i915_kernel_lost_context(dev);
3912 /* Flush the GPU along with all non-CPU write domains
3914 i915_gem_flush(dev, I915_GEM_GPU_DOMAINS, I915_GEM_GPU_DOMAINS);
3915 seqno = i915_add_request(dev, NULL, I915_GEM_GPU_DOMAINS);
3918 mutex_unlock(&dev->struct_mutex);
3922 dev_priv->mm.waiting_gem_seqno = seqno;
3926 cur_seqno = i915_get_gem_seqno(dev);
3927 if (i915_seqno_passed(cur_seqno, seqno))
3929 if (last_seqno == cur_seqno) {
3930 if (stuck++ > 100) {
3931 DRM_ERROR("hardware wedged\n");
3932 atomic_set(&dev_priv->mm.wedged, 1);
3933 DRM_WAKEUP(&dev_priv->irq_queue);
3938 last_seqno = cur_seqno;
3940 dev_priv->mm.waiting_gem_seqno = 0;
3942 i915_gem_retire_requests(dev);
3944 spin_lock(&dev_priv->mm.active_list_lock);
3945 if (!atomic_read(&dev_priv->mm.wedged)) {
3946 /* Active and flushing should now be empty as we've
3947 * waited for a sequence higher than any pending execbuffer
3949 WARN_ON(!list_empty(&dev_priv->mm.active_list));
3950 WARN_ON(!list_empty(&dev_priv->mm.flushing_list));
3951 /* Request should now be empty as we've also waited
3952 * for the last request in the list
3954 WARN_ON(!list_empty(&dev_priv->mm.request_list));
3957 /* Empty the active and flushing lists to inactive. If there's
3958 * anything left at this point, it means that we're wedged and
3959 * nothing good's going to happen by leaving them there. So strip
3960 * the GPU domains and just stuff them onto inactive.
3962 while (!list_empty(&dev_priv->mm.active_list)) {
3963 struct drm_i915_gem_object *obj_priv;
3965 obj_priv = list_first_entry(&dev_priv->mm.active_list,
3966 struct drm_i915_gem_object,
3968 obj_priv->obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
3969 i915_gem_object_move_to_inactive(obj_priv->obj);
3971 spin_unlock(&dev_priv->mm.active_list_lock);
3973 while (!list_empty(&dev_priv->mm.flushing_list)) {
3974 struct drm_i915_gem_object *obj_priv;
3976 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
3977 struct drm_i915_gem_object,
3979 obj_priv->obj->write_domain &= ~I915_GEM_GPU_DOMAINS;
3980 i915_gem_object_move_to_inactive(obj_priv->obj);
3984 /* Move all inactive buffers out of the GTT. */
3985 ret = i915_gem_evict_from_list(dev, &dev_priv->mm.inactive_list);
3986 WARN_ON(!list_empty(&dev_priv->mm.inactive_list));
3988 mutex_unlock(&dev->struct_mutex);
3992 i915_gem_cleanup_ringbuffer(dev);
3993 mutex_unlock(&dev->struct_mutex);
3999 i915_gem_init_hws(struct drm_device *dev)
4001 drm_i915_private_t *dev_priv = dev->dev_private;
4002 struct drm_gem_object *obj;
4003 struct drm_i915_gem_object *obj_priv;
4006 /* If we need a physical address for the status page, it's already
4007 * initialized at driver load time.
4009 if (!I915_NEED_GFX_HWS(dev))
4012 obj = drm_gem_object_alloc(dev, 4096);
4014 DRM_ERROR("Failed to allocate status page\n");
4017 obj_priv = obj->driver_private;
4018 obj_priv->agp_type = AGP_USER_CACHED_MEMORY;
4020 ret = i915_gem_object_pin(obj, 4096);
4022 drm_gem_object_unreference(obj);
4026 dev_priv->status_gfx_addr = obj_priv->gtt_offset;
4028 dev_priv->hw_status_page = kmap(obj_priv->pages[0]);
4029 if (dev_priv->hw_status_page == NULL) {
4030 DRM_ERROR("Failed to map status page.\n");
4031 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
4032 i915_gem_object_unpin(obj);
4033 drm_gem_object_unreference(obj);
4036 dev_priv->hws_obj = obj;
4037 memset(dev_priv->hw_status_page, 0, PAGE_SIZE);
4038 I915_WRITE(HWS_PGA, dev_priv->status_gfx_addr);
4039 I915_READ(HWS_PGA); /* posting read */
4040 DRM_DEBUG("hws offset: 0x%08x\n", dev_priv->status_gfx_addr);
4046 i915_gem_cleanup_hws(struct drm_device *dev)
4048 drm_i915_private_t *dev_priv = dev->dev_private;
4049 struct drm_gem_object *obj;
4050 struct drm_i915_gem_object *obj_priv;
4052 if (dev_priv->hws_obj == NULL)
4055 obj = dev_priv->hws_obj;
4056 obj_priv = obj->driver_private;
4058 kunmap(obj_priv->pages[0]);
4059 i915_gem_object_unpin(obj);
4060 drm_gem_object_unreference(obj);
4061 dev_priv->hws_obj = NULL;
4063 memset(&dev_priv->hws_map, 0, sizeof(dev_priv->hws_map));
4064 dev_priv->hw_status_page = NULL;
4066 /* Write high address into HWS_PGA when disabling. */
4067 I915_WRITE(HWS_PGA, 0x1ffff000);
4071 i915_gem_init_ringbuffer(struct drm_device *dev)
4073 drm_i915_private_t *dev_priv = dev->dev_private;
4074 struct drm_gem_object *obj;
4075 struct drm_i915_gem_object *obj_priv;
4076 drm_i915_ring_buffer_t *ring = &dev_priv->ring;
4080 ret = i915_gem_init_hws(dev);
4084 obj = drm_gem_object_alloc(dev, 128 * 1024);
4086 DRM_ERROR("Failed to allocate ringbuffer\n");
4087 i915_gem_cleanup_hws(dev);
4090 obj_priv = obj->driver_private;
4092 ret = i915_gem_object_pin(obj, 4096);
4094 drm_gem_object_unreference(obj);
4095 i915_gem_cleanup_hws(dev);
4099 /* Set up the kernel mapping for the ring. */
4100 ring->Size = obj->size;
4102 ring->map.offset = dev->agp->base + obj_priv->gtt_offset;
4103 ring->map.size = obj->size;
4105 ring->map.flags = 0;
4108 drm_core_ioremap_wc(&ring->map, dev);
4109 if (ring->map.handle == NULL) {
4110 DRM_ERROR("Failed to map ringbuffer.\n");
4111 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
4112 i915_gem_object_unpin(obj);
4113 drm_gem_object_unreference(obj);
4114 i915_gem_cleanup_hws(dev);
4117 ring->ring_obj = obj;
4118 ring->virtual_start = ring->map.handle;
4120 /* Stop the ring if it's running. */
4121 I915_WRITE(PRB0_CTL, 0);
4122 I915_WRITE(PRB0_TAIL, 0);
4123 I915_WRITE(PRB0_HEAD, 0);
4125 /* Initialize the ring. */
4126 I915_WRITE(PRB0_START, obj_priv->gtt_offset);
4127 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4129 /* G45 ring initialization fails to reset head to zero */
4131 DRM_ERROR("Ring head not reset to zero "
4132 "ctl %08x head %08x tail %08x start %08x\n",
4133 I915_READ(PRB0_CTL),
4134 I915_READ(PRB0_HEAD),
4135 I915_READ(PRB0_TAIL),
4136 I915_READ(PRB0_START));
4137 I915_WRITE(PRB0_HEAD, 0);
4139 DRM_ERROR("Ring head forced to zero "
4140 "ctl %08x head %08x tail %08x start %08x\n",
4141 I915_READ(PRB0_CTL),
4142 I915_READ(PRB0_HEAD),
4143 I915_READ(PRB0_TAIL),
4144 I915_READ(PRB0_START));
4147 I915_WRITE(PRB0_CTL,
4148 ((obj->size - 4096) & RING_NR_PAGES) |
4152 head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4154 /* If the head is still not zero, the ring is dead */
4156 DRM_ERROR("Ring initialization failed "
4157 "ctl %08x head %08x tail %08x start %08x\n",
4158 I915_READ(PRB0_CTL),
4159 I915_READ(PRB0_HEAD),
4160 I915_READ(PRB0_TAIL),
4161 I915_READ(PRB0_START));
4165 /* Update our cache of the ring state */
4166 if (!drm_core_check_feature(dev, DRIVER_MODESET))
4167 i915_kernel_lost_context(dev);
4169 ring->head = I915_READ(PRB0_HEAD) & HEAD_ADDR;
4170 ring->tail = I915_READ(PRB0_TAIL) & TAIL_ADDR;
4171 ring->space = ring->head - (ring->tail + 8);
4172 if (ring->space < 0)
4173 ring->space += ring->Size;
4180 i915_gem_cleanup_ringbuffer(struct drm_device *dev)
4182 drm_i915_private_t *dev_priv = dev->dev_private;
4184 if (dev_priv->ring.ring_obj == NULL)
4187 drm_core_ioremapfree(&dev_priv->ring.map, dev);
4189 i915_gem_object_unpin(dev_priv->ring.ring_obj);
4190 drm_gem_object_unreference(dev_priv->ring.ring_obj);
4191 dev_priv->ring.ring_obj = NULL;
4192 memset(&dev_priv->ring, 0, sizeof(dev_priv->ring));
4194 i915_gem_cleanup_hws(dev);
4198 i915_gem_entervt_ioctl(struct drm_device *dev, void *data,
4199 struct drm_file *file_priv)
4201 drm_i915_private_t *dev_priv = dev->dev_private;
4204 if (drm_core_check_feature(dev, DRIVER_MODESET))
4207 if (atomic_read(&dev_priv->mm.wedged)) {
4208 DRM_ERROR("Reenabling wedged hardware, good luck\n");
4209 atomic_set(&dev_priv->mm.wedged, 0);
4212 mutex_lock(&dev->struct_mutex);
4213 dev_priv->mm.suspended = 0;
4215 ret = i915_gem_init_ringbuffer(dev);
4217 mutex_unlock(&dev->struct_mutex);
4221 spin_lock(&dev_priv->mm.active_list_lock);
4222 BUG_ON(!list_empty(&dev_priv->mm.active_list));
4223 spin_unlock(&dev_priv->mm.active_list_lock);
4225 BUG_ON(!list_empty(&dev_priv->mm.flushing_list));
4226 BUG_ON(!list_empty(&dev_priv->mm.inactive_list));
4227 BUG_ON(!list_empty(&dev_priv->mm.request_list));
4228 mutex_unlock(&dev->struct_mutex);
4230 drm_irq_install(dev);
4236 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data,
4237 struct drm_file *file_priv)
4241 if (drm_core_check_feature(dev, DRIVER_MODESET))
4244 ret = i915_gem_idle(dev);
4245 drm_irq_uninstall(dev);
4251 i915_gem_lastclose(struct drm_device *dev)
4255 if (drm_core_check_feature(dev, DRIVER_MODESET))
4258 ret = i915_gem_idle(dev);
4260 DRM_ERROR("failed to idle hardware: %d\n", ret);
4264 i915_gem_load(struct drm_device *dev)
4267 drm_i915_private_t *dev_priv = dev->dev_private;
4269 spin_lock_init(&dev_priv->mm.active_list_lock);
4270 INIT_LIST_HEAD(&dev_priv->mm.active_list);
4271 INIT_LIST_HEAD(&dev_priv->mm.flushing_list);
4272 INIT_LIST_HEAD(&dev_priv->mm.inactive_list);
4273 INIT_LIST_HEAD(&dev_priv->mm.request_list);
4274 INIT_LIST_HEAD(&dev_priv->mm.fence_list);
4275 INIT_DELAYED_WORK(&dev_priv->mm.retire_work,
4276 i915_gem_retire_work_handler);
4277 dev_priv->mm.next_gem_seqno = 1;
4279 /* Old X drivers will take 0-2 for front, back, depth buffers */
4280 dev_priv->fence_reg_start = 3;
4282 if (IS_I965G(dev) || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4283 dev_priv->num_fence_regs = 16;
4285 dev_priv->num_fence_regs = 8;
4287 /* Initialize fence registers to zero */
4288 if (IS_I965G(dev)) {
4289 for (i = 0; i < 16; i++)
4290 I915_WRITE64(FENCE_REG_965_0 + (i * 8), 0);
4292 for (i = 0; i < 8; i++)
4293 I915_WRITE(FENCE_REG_830_0 + (i * 4), 0);
4294 if (IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4295 for (i = 0; i < 8; i++)
4296 I915_WRITE(FENCE_REG_945_8 + (i * 4), 0);
4299 i915_gem_detect_bit_6_swizzle(dev);
4303 * Create a physically contiguous memory object for this object
4304 * e.g. for cursor + overlay regs
4306 int i915_gem_init_phys_object(struct drm_device *dev,
4309 drm_i915_private_t *dev_priv = dev->dev_private;
4310 struct drm_i915_gem_phys_object *phys_obj;
4313 if (dev_priv->mm.phys_objs[id - 1] || !size)
4316 phys_obj = kzalloc(sizeof(struct drm_i915_gem_phys_object), GFP_KERNEL);
4322 phys_obj->handle = drm_pci_alloc(dev, size, 0, 0xffffffff);
4323 if (!phys_obj->handle) {
4328 set_memory_wc((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4331 dev_priv->mm.phys_objs[id - 1] = phys_obj;
4339 void i915_gem_free_phys_object(struct drm_device *dev, int id)
4341 drm_i915_private_t *dev_priv = dev->dev_private;
4342 struct drm_i915_gem_phys_object *phys_obj;
4344 if (!dev_priv->mm.phys_objs[id - 1])
4347 phys_obj = dev_priv->mm.phys_objs[id - 1];
4348 if (phys_obj->cur_obj) {
4349 i915_gem_detach_phys_object(dev, phys_obj->cur_obj);
4353 set_memory_wb((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4355 drm_pci_free(dev, phys_obj->handle);
4357 dev_priv->mm.phys_objs[id - 1] = NULL;
4360 void i915_gem_free_all_phys_object(struct drm_device *dev)
4364 for (i = I915_GEM_PHYS_CURSOR_0; i <= I915_MAX_PHYS_OBJECT; i++)
4365 i915_gem_free_phys_object(dev, i);
4368 void i915_gem_detach_phys_object(struct drm_device *dev,
4369 struct drm_gem_object *obj)
4371 struct drm_i915_gem_object *obj_priv;
4376 obj_priv = obj->driver_private;
4377 if (!obj_priv->phys_obj)
4380 ret = i915_gem_object_get_pages(obj);
4384 page_count = obj->size / PAGE_SIZE;
4386 for (i = 0; i < page_count; i++) {
4387 char *dst = kmap_atomic(obj_priv->pages[i], KM_USER0);
4388 char *src = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4390 memcpy(dst, src, PAGE_SIZE);
4391 kunmap_atomic(dst, KM_USER0);
4393 drm_clflush_pages(obj_priv->pages, page_count);
4394 drm_agp_chipset_flush(dev);
4396 i915_gem_object_put_pages(obj);
4398 obj_priv->phys_obj->cur_obj = NULL;
4399 obj_priv->phys_obj = NULL;
4403 i915_gem_attach_phys_object(struct drm_device *dev,
4404 struct drm_gem_object *obj, int id)
4406 drm_i915_private_t *dev_priv = dev->dev_private;
4407 struct drm_i915_gem_object *obj_priv;
4412 if (id > I915_MAX_PHYS_OBJECT)
4415 obj_priv = obj->driver_private;
4417 if (obj_priv->phys_obj) {
4418 if (obj_priv->phys_obj->id == id)
4420 i915_gem_detach_phys_object(dev, obj);
4424 /* create a new object */
4425 if (!dev_priv->mm.phys_objs[id - 1]) {
4426 ret = i915_gem_init_phys_object(dev, id,
4429 DRM_ERROR("failed to init phys object %d size: %zu\n", id, obj->size);
4434 /* bind to the object */
4435 obj_priv->phys_obj = dev_priv->mm.phys_objs[id - 1];
4436 obj_priv->phys_obj->cur_obj = obj;
4438 ret = i915_gem_object_get_pages(obj);
4440 DRM_ERROR("failed to get page list\n");
4444 page_count = obj->size / PAGE_SIZE;
4446 for (i = 0; i < page_count; i++) {
4447 char *src = kmap_atomic(obj_priv->pages[i], KM_USER0);
4448 char *dst = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4450 memcpy(dst, src, PAGE_SIZE);
4451 kunmap_atomic(src, KM_USER0);
4454 i915_gem_object_put_pages(obj);
4462 i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
4463 struct drm_i915_gem_pwrite *args,
4464 struct drm_file *file_priv)
4466 struct drm_i915_gem_object *obj_priv = obj->driver_private;
4469 char __user *user_data;
4471 user_data = (char __user *) (uintptr_t) args->data_ptr;
4472 obj_addr = obj_priv->phys_obj->handle->vaddr + args->offset;
4474 DRM_DEBUG("obj_addr %p, %lld\n", obj_addr, args->size);
4475 ret = copy_from_user(obj_addr, user_data, args->size);
4479 drm_agp_chipset_flush(dev);
4483 void i915_gem_release(struct drm_device * dev, struct drm_file *file_priv)
4485 struct drm_i915_file_private *i915_file_priv = file_priv->driver_priv;
4487 /* Clean up our request list when the client is going away, so that
4488 * later retire_requests won't dereference our soon-to-be-gone
4491 mutex_lock(&dev->struct_mutex);
4492 while (!list_empty(&i915_file_priv->mm.request_list))
4493 list_del_init(i915_file_priv->mm.request_list.next);
4494 mutex_unlock(&dev->struct_mutex);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob