1 // SPDX-License-Identifier: GPL-2.0-only
3 * Copyright (C) 2007-2010 Advanced Micro Devices, Inc.
4 * Author: Joerg Roedel <jroedel@suse.de>
5 * Leo Duran <leo.duran@amd.com>
8 #define pr_fmt(fmt) "AMD-Vi: " fmt
9 #define dev_fmt(fmt) pr_fmt(fmt)
11 #include <linux/ratelimit.h>
12 #include <linux/pci.h>
13 #include <linux/acpi.h>
14 #include <linux/amba/bus.h>
15 #include <linux/platform_device.h>
16 #include <linux/pci-ats.h>
17 #include <linux/bitmap.h>
18 #include <linux/slab.h>
19 #include <linux/debugfs.h>
20 #include <linux/scatterlist.h>
21 #include <linux/dma-mapping.h>
22 #include <linux/dma-direct.h>
23 #include <linux/dma-iommu.h>
24 #include <linux/iommu-helper.h>
25 #include <linux/iommu.h>
26 #include <linux/delay.h>
27 #include <linux/amd-iommu.h>
28 #include <linux/notifier.h>
29 #include <linux/export.h>
30 #include <linux/irq.h>
31 #include <linux/msi.h>
32 #include <linux/dma-contiguous.h>
33 #include <linux/irqdomain.h>
34 #include <linux/percpu.h>
35 #include <linux/iova.h>
36 #include <asm/irq_remapping.h>
37 #include <asm/io_apic.h>
39 #include <asm/hw_irq.h>
40 #include <asm/msidef.h>
41 #include <asm/proto.h>
42 #include <asm/iommu.h>
46 #include "amd_iommu_proto.h"
47 #include "amd_iommu_types.h"
48 #include "irq_remapping.h"
50 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
52 #define LOOP_TIMEOUT 100000
54 /* IO virtual address start page frame number */
55 #define IOVA_START_PFN (1)
56 #define IOVA_PFN(addr) ((addr) >> PAGE_SHIFT)
58 /* Reserved IOVA ranges */
59 #define MSI_RANGE_START (0xfee00000)
60 #define MSI_RANGE_END (0xfeefffff)
61 #define HT_RANGE_START (0xfd00000000ULL)
62 #define HT_RANGE_END (0xffffffffffULL)
65 * This bitmap is used to advertise the page sizes our hardware support
66 * to the IOMMU core, which will then use this information to split
67 * physically contiguous memory regions it is mapping into page sizes
70 * 512GB Pages are not supported due to a hardware bug
72 #define AMD_IOMMU_PGSIZES ((~0xFFFUL) & ~(2ULL << 38))
74 static DEFINE_SPINLOCK(pd_bitmap_lock);
76 /* List of all available dev_data structures */
77 static LLIST_HEAD(dev_data_list);
79 LIST_HEAD(ioapic_map);
81 LIST_HEAD(acpihid_map);
84 * Domain for untranslated devices - only allocated
85 * if iommu=pt passed on kernel cmd line.
87 const struct iommu_ops amd_iommu_ops;
89 static ATOMIC_NOTIFIER_HEAD(ppr_notifier);
90 int amd_iommu_max_glx_val = -1;
93 * general struct to manage commands send to an IOMMU
99 struct kmem_cache *amd_iommu_irq_cache;
101 static void update_domain(struct protection_domain *domain);
102 static int protection_domain_init(struct protection_domain *domain);
103 static void detach_device(struct device *dev);
105 /****************************************************************************
109 ****************************************************************************/
111 static inline u16 get_pci_device_id(struct device *dev)
113 struct pci_dev *pdev = to_pci_dev(dev);
115 return pci_dev_id(pdev);
118 static inline int get_acpihid_device_id(struct device *dev,
119 struct acpihid_map_entry **entry)
121 struct acpi_device *adev = ACPI_COMPANION(dev);
122 struct acpihid_map_entry *p;
127 list_for_each_entry(p, &acpihid_map, list) {
128 if (acpi_dev_hid_uid_match(adev, p->hid, p->uid)) {
137 static inline int get_device_id(struct device *dev)
142 devid = get_pci_device_id(dev);
144 devid = get_acpihid_device_id(dev, NULL);
149 static struct protection_domain *to_pdomain(struct iommu_domain *dom)
151 return container_of(dom, struct protection_domain, domain);
154 static struct iommu_dev_data *alloc_dev_data(u16 devid)
156 struct iommu_dev_data *dev_data;
158 dev_data = kzalloc(sizeof(*dev_data), GFP_KERNEL);
162 spin_lock_init(&dev_data->lock);
163 dev_data->devid = devid;
164 ratelimit_default_init(&dev_data->rs);
166 llist_add(&dev_data->dev_data_list, &dev_data_list);
170 static struct iommu_dev_data *search_dev_data(u16 devid)
172 struct iommu_dev_data *dev_data;
173 struct llist_node *node;
175 if (llist_empty(&dev_data_list))
178 node = dev_data_list.first;
179 llist_for_each_entry(dev_data, node, dev_data_list) {
180 if (dev_data->devid == devid)
187 static int clone_alias(struct pci_dev *pdev, u16 alias, void *data)
189 u16 devid = pci_dev_id(pdev);
194 amd_iommu_rlookup_table[alias] =
195 amd_iommu_rlookup_table[devid];
196 memcpy(amd_iommu_dev_table[alias].data,
197 amd_iommu_dev_table[devid].data,
198 sizeof(amd_iommu_dev_table[alias].data));
203 static void clone_aliases(struct pci_dev *pdev)
209 * The IVRS alias stored in the alias table may not be
210 * part of the PCI DMA aliases if it's bus differs
211 * from the original device.
213 clone_alias(pdev, amd_iommu_alias_table[pci_dev_id(pdev)], NULL);
215 pci_for_each_dma_alias(pdev, clone_alias, NULL);
218 static struct pci_dev *setup_aliases(struct device *dev)
220 struct pci_dev *pdev = to_pci_dev(dev);
223 /* For ACPI HID devices, there are no aliases */
224 if (!dev_is_pci(dev))
228 * Add the IVRS alias to the pci aliases if it is on the same
229 * bus. The IVRS table may know about a quirk that we don't.
231 ivrs_alias = amd_iommu_alias_table[pci_dev_id(pdev)];
232 if (ivrs_alias != pci_dev_id(pdev) &&
233 PCI_BUS_NUM(ivrs_alias) == pdev->bus->number) {
234 pci_add_dma_alias(pdev, ivrs_alias & 0xff);
235 pci_info(pdev, "Added PCI DMA alias %02x.%d\n",
236 PCI_SLOT(ivrs_alias), PCI_FUNC(ivrs_alias));
244 static struct iommu_dev_data *find_dev_data(u16 devid)
246 struct iommu_dev_data *dev_data;
247 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
249 dev_data = search_dev_data(devid);
251 if (dev_data == NULL) {
252 dev_data = alloc_dev_data(devid);
256 if (translation_pre_enabled(iommu))
257 dev_data->defer_attach = true;
263 struct iommu_dev_data *get_dev_data(struct device *dev)
265 return dev->archdata.iommu;
267 EXPORT_SYMBOL(get_dev_data);
270 * Find or create an IOMMU group for a acpihid device.
272 static struct iommu_group *acpihid_device_group(struct device *dev)
274 struct acpihid_map_entry *p, *entry = NULL;
277 devid = get_acpihid_device_id(dev, &entry);
279 return ERR_PTR(devid);
281 list_for_each_entry(p, &acpihid_map, list) {
282 if ((devid == p->devid) && p->group)
283 entry->group = p->group;
287 entry->group = generic_device_group(dev);
289 iommu_group_ref_get(entry->group);
294 static bool pci_iommuv2_capable(struct pci_dev *pdev)
296 static const int caps[] = {
299 PCI_EXT_CAP_ID_PASID,
303 if (pci_ats_disabled())
306 for (i = 0; i < 3; ++i) {
307 pos = pci_find_ext_capability(pdev, caps[i]);
315 static bool pdev_pri_erratum(struct pci_dev *pdev, u32 erratum)
317 struct iommu_dev_data *dev_data;
319 dev_data = get_dev_data(&pdev->dev);
321 return dev_data->errata & (1 << erratum) ? true : false;
325 * This function checks if the driver got a valid device from the caller to
326 * avoid dereferencing invalid pointers.
328 static bool check_device(struct device *dev)
332 if (!dev || !dev->dma_mask)
335 devid = get_device_id(dev);
339 /* Out of our scope? */
340 if (devid > amd_iommu_last_bdf)
343 if (amd_iommu_rlookup_table[devid] == NULL)
349 static void init_iommu_group(struct device *dev)
351 struct iommu_group *group;
353 group = iommu_group_get_for_dev(dev);
357 iommu_group_put(group);
360 static int iommu_init_device(struct device *dev)
362 struct iommu_dev_data *dev_data;
363 struct amd_iommu *iommu;
366 if (dev->archdata.iommu)
369 devid = get_device_id(dev);
373 iommu = amd_iommu_rlookup_table[devid];
375 dev_data = find_dev_data(devid);
379 dev_data->pdev = setup_aliases(dev);
382 * By default we use passthrough mode for IOMMUv2 capable device.
383 * But if amd_iommu=force_isolation is set (e.g. to debug DMA to
384 * invalid address), we ignore the capability for the device so
385 * it'll be forced to go into translation mode.
387 if ((iommu_default_passthrough() || !amd_iommu_force_isolation) &&
388 dev_is_pci(dev) && pci_iommuv2_capable(to_pci_dev(dev))) {
389 struct amd_iommu *iommu;
391 iommu = amd_iommu_rlookup_table[dev_data->devid];
392 dev_data->iommu_v2 = iommu->is_iommu_v2;
395 dev->archdata.iommu = dev_data;
397 iommu_device_link(&iommu->iommu, dev);
402 static void iommu_ignore_device(struct device *dev)
406 devid = get_device_id(dev);
410 amd_iommu_rlookup_table[devid] = NULL;
411 memset(&amd_iommu_dev_table[devid], 0, sizeof(struct dev_table_entry));
416 static void iommu_uninit_device(struct device *dev)
418 struct iommu_dev_data *dev_data;
419 struct amd_iommu *iommu;
422 devid = get_device_id(dev);
426 iommu = amd_iommu_rlookup_table[devid];
428 dev_data = search_dev_data(devid);
432 if (dev_data->domain)
435 iommu_device_unlink(&iommu->iommu, dev);
437 iommu_group_remove_device(dev);
443 * We keep dev_data around for unplugged devices and reuse it when the
444 * device is re-plugged - not doing so would introduce a ton of races.
449 * Helper function to get the first pte of a large mapping
451 static u64 *first_pte_l7(u64 *pte, unsigned long *page_size,
452 unsigned long *count)
454 unsigned long pte_mask, pg_size, cnt;
457 pg_size = PTE_PAGE_SIZE(*pte);
458 cnt = PAGE_SIZE_PTE_COUNT(pg_size);
459 pte_mask = ~((cnt << 3) - 1);
460 fpte = (u64 *)(((unsigned long)pte) & pte_mask);
463 *page_size = pg_size;
471 /****************************************************************************
473 * Interrupt handling functions
475 ****************************************************************************/
477 static void dump_dte_entry(u16 devid)
481 for (i = 0; i < 4; ++i)
482 pr_err("DTE[%d]: %016llx\n", i,
483 amd_iommu_dev_table[devid].data[i]);
486 static void dump_command(unsigned long phys_addr)
488 struct iommu_cmd *cmd = iommu_phys_to_virt(phys_addr);
491 for (i = 0; i < 4; ++i)
492 pr_err("CMD[%d]: %08x\n", i, cmd->data[i]);
495 static void amd_iommu_report_page_fault(u16 devid, u16 domain_id,
496 u64 address, int flags)
498 struct iommu_dev_data *dev_data = NULL;
499 struct pci_dev *pdev;
501 pdev = pci_get_domain_bus_and_slot(0, PCI_BUS_NUM(devid),
504 dev_data = get_dev_data(&pdev->dev);
506 if (dev_data && __ratelimit(&dev_data->rs)) {
507 pci_err(pdev, "Event logged [IO_PAGE_FAULT domain=0x%04x address=0x%llx flags=0x%04x]\n",
508 domain_id, address, flags);
509 } else if (printk_ratelimit()) {
510 pr_err("Event logged [IO_PAGE_FAULT device=%02x:%02x.%x domain=0x%04x address=0x%llx flags=0x%04x]\n",
511 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
512 domain_id, address, flags);
519 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
521 struct device *dev = iommu->iommu.dev;
522 int type, devid, pasid, flags, tag;
523 volatile u32 *event = __evt;
528 type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
529 devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
530 pasid = (event[0] & EVENT_DOMID_MASK_HI) |
531 (event[1] & EVENT_DOMID_MASK_LO);
532 flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
533 address = (u64)(((u64)event[3]) << 32) | event[2];
536 /* Did we hit the erratum? */
537 if (++count == LOOP_TIMEOUT) {
538 pr_err("No event written to event log\n");
545 if (type == EVENT_TYPE_IO_FAULT) {
546 amd_iommu_report_page_fault(devid, pasid, address, flags);
551 case EVENT_TYPE_ILL_DEV:
552 dev_err(dev, "Event logged [ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x pasid=0x%05x address=0x%llx flags=0x%04x]\n",
553 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
554 pasid, address, flags);
555 dump_dte_entry(devid);
557 case EVENT_TYPE_DEV_TAB_ERR:
558 dev_err(dev, "Event logged [DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
559 "address=0x%llx flags=0x%04x]\n",
560 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
563 case EVENT_TYPE_PAGE_TAB_ERR:
564 dev_err(dev, "Event logged [PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x pasid=0x%04x address=0x%llx flags=0x%04x]\n",
565 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
566 pasid, address, flags);
568 case EVENT_TYPE_ILL_CMD:
569 dev_err(dev, "Event logged [ILLEGAL_COMMAND_ERROR address=0x%llx]\n", address);
570 dump_command(address);
572 case EVENT_TYPE_CMD_HARD_ERR:
573 dev_err(dev, "Event logged [COMMAND_HARDWARE_ERROR address=0x%llx flags=0x%04x]\n",
576 case EVENT_TYPE_IOTLB_INV_TO:
577 dev_err(dev, "Event logged [IOTLB_INV_TIMEOUT device=%02x:%02x.%x address=0x%llx]\n",
578 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
581 case EVENT_TYPE_INV_DEV_REQ:
582 dev_err(dev, "Event logged [INVALID_DEVICE_REQUEST device=%02x:%02x.%x pasid=0x%05x address=0x%llx flags=0x%04x]\n",
583 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
584 pasid, address, flags);
586 case EVENT_TYPE_INV_PPR_REQ:
587 pasid = PPR_PASID(*((u64 *)__evt));
588 tag = event[1] & 0x03FF;
589 dev_err(dev, "Event logged [INVALID_PPR_REQUEST device=%02x:%02x.%x pasid=0x%05x address=0x%llx flags=0x%04x tag=0x%03x]\n",
590 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
591 pasid, address, flags, tag);
594 dev_err(dev, "Event logged [UNKNOWN event[0]=0x%08x event[1]=0x%08x event[2]=0x%08x event[3]=0x%08x\n",
595 event[0], event[1], event[2], event[3]);
598 memset(__evt, 0, 4 * sizeof(u32));
601 static void iommu_poll_events(struct amd_iommu *iommu)
605 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
606 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
608 while (head != tail) {
609 iommu_print_event(iommu, iommu->evt_buf + head);
610 head = (head + EVENT_ENTRY_SIZE) % EVT_BUFFER_SIZE;
613 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
616 static void iommu_handle_ppr_entry(struct amd_iommu *iommu, u64 *raw)
618 struct amd_iommu_fault fault;
620 if (PPR_REQ_TYPE(raw[0]) != PPR_REQ_FAULT) {
621 pr_err_ratelimited("Unknown PPR request received\n");
625 fault.address = raw[1];
626 fault.pasid = PPR_PASID(raw[0]);
627 fault.device_id = PPR_DEVID(raw[0]);
628 fault.tag = PPR_TAG(raw[0]);
629 fault.flags = PPR_FLAGS(raw[0]);
631 atomic_notifier_call_chain(&ppr_notifier, 0, &fault);
634 static void iommu_poll_ppr_log(struct amd_iommu *iommu)
638 if (iommu->ppr_log == NULL)
641 head = readl(iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
642 tail = readl(iommu->mmio_base + MMIO_PPR_TAIL_OFFSET);
644 while (head != tail) {
649 raw = (u64 *)(iommu->ppr_log + head);
652 * Hardware bug: Interrupt may arrive before the entry is
653 * written to memory. If this happens we need to wait for the
656 for (i = 0; i < LOOP_TIMEOUT; ++i) {
657 if (PPR_REQ_TYPE(raw[0]) != 0)
662 /* Avoid memcpy function-call overhead */
667 * To detect the hardware bug we need to clear the entry
670 raw[0] = raw[1] = 0UL;
672 /* Update head pointer of hardware ring-buffer */
673 head = (head + PPR_ENTRY_SIZE) % PPR_LOG_SIZE;
674 writel(head, iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
676 /* Handle PPR entry */
677 iommu_handle_ppr_entry(iommu, entry);
679 /* Refresh ring-buffer information */
680 head = readl(iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
681 tail = readl(iommu->mmio_base + MMIO_PPR_TAIL_OFFSET);
685 #ifdef CONFIG_IRQ_REMAP
686 static int (*iommu_ga_log_notifier)(u32);
688 int amd_iommu_register_ga_log_notifier(int (*notifier)(u32))
690 iommu_ga_log_notifier = notifier;
694 EXPORT_SYMBOL(amd_iommu_register_ga_log_notifier);
696 static void iommu_poll_ga_log(struct amd_iommu *iommu)
698 u32 head, tail, cnt = 0;
700 if (iommu->ga_log == NULL)
703 head = readl(iommu->mmio_base + MMIO_GA_HEAD_OFFSET);
704 tail = readl(iommu->mmio_base + MMIO_GA_TAIL_OFFSET);
706 while (head != tail) {
710 raw = (u64 *)(iommu->ga_log + head);
713 /* Avoid memcpy function-call overhead */
716 /* Update head pointer of hardware ring-buffer */
717 head = (head + GA_ENTRY_SIZE) % GA_LOG_SIZE;
718 writel(head, iommu->mmio_base + MMIO_GA_HEAD_OFFSET);
720 /* Handle GA entry */
721 switch (GA_REQ_TYPE(log_entry)) {
723 if (!iommu_ga_log_notifier)
726 pr_debug("%s: devid=%#x, ga_tag=%#x\n",
727 __func__, GA_DEVID(log_entry),
730 if (iommu_ga_log_notifier(GA_TAG(log_entry)) != 0)
731 pr_err("GA log notifier failed.\n");
738 #endif /* CONFIG_IRQ_REMAP */
740 #define AMD_IOMMU_INT_MASK \
741 (MMIO_STATUS_EVT_INT_MASK | \
742 MMIO_STATUS_PPR_INT_MASK | \
743 MMIO_STATUS_GALOG_INT_MASK)
745 irqreturn_t amd_iommu_int_thread(int irq, void *data)
747 struct amd_iommu *iommu = (struct amd_iommu *) data;
748 u32 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
750 while (status & AMD_IOMMU_INT_MASK) {
751 /* Enable EVT and PPR and GA interrupts again */
752 writel(AMD_IOMMU_INT_MASK,
753 iommu->mmio_base + MMIO_STATUS_OFFSET);
755 if (status & MMIO_STATUS_EVT_INT_MASK) {
756 pr_devel("Processing IOMMU Event Log\n");
757 iommu_poll_events(iommu);
760 if (status & MMIO_STATUS_PPR_INT_MASK) {
761 pr_devel("Processing IOMMU PPR Log\n");
762 iommu_poll_ppr_log(iommu);
765 #ifdef CONFIG_IRQ_REMAP
766 if (status & MMIO_STATUS_GALOG_INT_MASK) {
767 pr_devel("Processing IOMMU GA Log\n");
768 iommu_poll_ga_log(iommu);
773 * Hardware bug: ERBT1312
774 * When re-enabling interrupt (by writing 1
775 * to clear the bit), the hardware might also try to set
776 * the interrupt bit in the event status register.
777 * In this scenario, the bit will be set, and disable
778 * subsequent interrupts.
780 * Workaround: The IOMMU driver should read back the
781 * status register and check if the interrupt bits are cleared.
782 * If not, driver will need to go through the interrupt handler
783 * again and re-clear the bits
785 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
790 irqreturn_t amd_iommu_int_handler(int irq, void *data)
792 return IRQ_WAKE_THREAD;
795 /****************************************************************************
797 * IOMMU command queuing functions
799 ****************************************************************************/
801 static int wait_on_sem(volatile u64 *sem)
805 while (*sem == 0 && i < LOOP_TIMEOUT) {
810 if (i == LOOP_TIMEOUT) {
811 pr_alert("Completion-Wait loop timed out\n");
818 static void copy_cmd_to_buffer(struct amd_iommu *iommu,
819 struct iommu_cmd *cmd)
824 /* Copy command to buffer */
825 tail = iommu->cmd_buf_tail;
826 target = iommu->cmd_buf + tail;
827 memcpy(target, cmd, sizeof(*cmd));
829 tail = (tail + sizeof(*cmd)) % CMD_BUFFER_SIZE;
830 iommu->cmd_buf_tail = tail;
832 /* Tell the IOMMU about it */
833 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
836 static void build_completion_wait(struct iommu_cmd *cmd, u64 address)
838 u64 paddr = iommu_virt_to_phys((void *)address);
840 WARN_ON(address & 0x7ULL);
842 memset(cmd, 0, sizeof(*cmd));
843 cmd->data[0] = lower_32_bits(paddr) | CMD_COMPL_WAIT_STORE_MASK;
844 cmd->data[1] = upper_32_bits(paddr);
846 CMD_SET_TYPE(cmd, CMD_COMPL_WAIT);
849 static void build_inv_dte(struct iommu_cmd *cmd, u16 devid)
851 memset(cmd, 0, sizeof(*cmd));
852 cmd->data[0] = devid;
853 CMD_SET_TYPE(cmd, CMD_INV_DEV_ENTRY);
856 static void build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
857 size_t size, u16 domid, int pde)
862 pages = iommu_num_pages(address, size, PAGE_SIZE);
867 * If we have to flush more than one page, flush all
868 * TLB entries for this domain
870 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
874 address &= PAGE_MASK;
876 memset(cmd, 0, sizeof(*cmd));
877 cmd->data[1] |= domid;
878 cmd->data[2] = lower_32_bits(address);
879 cmd->data[3] = upper_32_bits(address);
880 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
881 if (s) /* size bit - we flush more than one 4kb page */
882 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
883 if (pde) /* PDE bit - we want to flush everything, not only the PTEs */
884 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
887 static void build_inv_iotlb_pages(struct iommu_cmd *cmd, u16 devid, int qdep,
888 u64 address, size_t size)
893 pages = iommu_num_pages(address, size, PAGE_SIZE);
898 * If we have to flush more than one page, flush all
899 * TLB entries for this domain
901 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
905 address &= PAGE_MASK;
907 memset(cmd, 0, sizeof(*cmd));
908 cmd->data[0] = devid;
909 cmd->data[0] |= (qdep & 0xff) << 24;
910 cmd->data[1] = devid;
911 cmd->data[2] = lower_32_bits(address);
912 cmd->data[3] = upper_32_bits(address);
913 CMD_SET_TYPE(cmd, CMD_INV_IOTLB_PAGES);
915 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
918 static void build_inv_iommu_pasid(struct iommu_cmd *cmd, u16 domid, int pasid,
919 u64 address, bool size)
921 memset(cmd, 0, sizeof(*cmd));
923 address &= ~(0xfffULL);
925 cmd->data[0] = pasid;
926 cmd->data[1] = domid;
927 cmd->data[2] = lower_32_bits(address);
928 cmd->data[3] = upper_32_bits(address);
929 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
930 cmd->data[2] |= CMD_INV_IOMMU_PAGES_GN_MASK;
932 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
933 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
936 static void build_inv_iotlb_pasid(struct iommu_cmd *cmd, u16 devid, int pasid,
937 int qdep, u64 address, bool size)
939 memset(cmd, 0, sizeof(*cmd));
941 address &= ~(0xfffULL);
943 cmd->data[0] = devid;
944 cmd->data[0] |= ((pasid >> 8) & 0xff) << 16;
945 cmd->data[0] |= (qdep & 0xff) << 24;
946 cmd->data[1] = devid;
947 cmd->data[1] |= (pasid & 0xff) << 16;
948 cmd->data[2] = lower_32_bits(address);
949 cmd->data[2] |= CMD_INV_IOMMU_PAGES_GN_MASK;
950 cmd->data[3] = upper_32_bits(address);
952 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
953 CMD_SET_TYPE(cmd, CMD_INV_IOTLB_PAGES);
956 static void build_complete_ppr(struct iommu_cmd *cmd, u16 devid, int pasid,
957 int status, int tag, bool gn)
959 memset(cmd, 0, sizeof(*cmd));
961 cmd->data[0] = devid;
963 cmd->data[1] = pasid;
964 cmd->data[2] = CMD_INV_IOMMU_PAGES_GN_MASK;
966 cmd->data[3] = tag & 0x1ff;
967 cmd->data[3] |= (status & PPR_STATUS_MASK) << PPR_STATUS_SHIFT;
969 CMD_SET_TYPE(cmd, CMD_COMPLETE_PPR);
972 static void build_inv_all(struct iommu_cmd *cmd)
974 memset(cmd, 0, sizeof(*cmd));
975 CMD_SET_TYPE(cmd, CMD_INV_ALL);
978 static void build_inv_irt(struct iommu_cmd *cmd, u16 devid)
980 memset(cmd, 0, sizeof(*cmd));
981 cmd->data[0] = devid;
982 CMD_SET_TYPE(cmd, CMD_INV_IRT);
986 * Writes the command to the IOMMUs command buffer and informs the
987 * hardware about the new command.
989 static int __iommu_queue_command_sync(struct amd_iommu *iommu,
990 struct iommu_cmd *cmd,
993 unsigned int count = 0;
996 next_tail = (iommu->cmd_buf_tail + sizeof(*cmd)) % CMD_BUFFER_SIZE;
998 left = (iommu->cmd_buf_head - next_tail) % CMD_BUFFER_SIZE;
1001 /* Skip udelay() the first time around */
1003 if (count == LOOP_TIMEOUT) {
1004 pr_err("Command buffer timeout\n");
1011 /* Update head and recheck remaining space */
1012 iommu->cmd_buf_head = readl(iommu->mmio_base +
1013 MMIO_CMD_HEAD_OFFSET);
1018 copy_cmd_to_buffer(iommu, cmd);
1020 /* Do we need to make sure all commands are processed? */
1021 iommu->need_sync = sync;
1026 static int iommu_queue_command_sync(struct amd_iommu *iommu,
1027 struct iommu_cmd *cmd,
1030 unsigned long flags;
1033 raw_spin_lock_irqsave(&iommu->lock, flags);
1034 ret = __iommu_queue_command_sync(iommu, cmd, sync);
1035 raw_spin_unlock_irqrestore(&iommu->lock, flags);
1040 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
1042 return iommu_queue_command_sync(iommu, cmd, true);
1046 * This function queues a completion wait command into the command
1047 * buffer of an IOMMU
1049 static int iommu_completion_wait(struct amd_iommu *iommu)
1051 struct iommu_cmd cmd;
1052 unsigned long flags;
1055 if (!iommu->need_sync)
1059 build_completion_wait(&cmd, (u64)&iommu->cmd_sem);
1061 raw_spin_lock_irqsave(&iommu->lock, flags);
1065 ret = __iommu_queue_command_sync(iommu, &cmd, false);
1069 ret = wait_on_sem(&iommu->cmd_sem);
1072 raw_spin_unlock_irqrestore(&iommu->lock, flags);
1077 static int iommu_flush_dte(struct amd_iommu *iommu, u16 devid)
1079 struct iommu_cmd cmd;
1081 build_inv_dte(&cmd, devid);
1083 return iommu_queue_command(iommu, &cmd);
1086 static void amd_iommu_flush_dte_all(struct amd_iommu *iommu)
1090 for (devid = 0; devid <= 0xffff; ++devid)
1091 iommu_flush_dte(iommu, devid);
1093 iommu_completion_wait(iommu);
1097 * This function uses heavy locking and may disable irqs for some time. But
1098 * this is no issue because it is only called during resume.
1100 static void amd_iommu_flush_tlb_all(struct amd_iommu *iommu)
1104 for (dom_id = 0; dom_id <= 0xffff; ++dom_id) {
1105 struct iommu_cmd cmd;
1106 build_inv_iommu_pages(&cmd, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
1108 iommu_queue_command(iommu, &cmd);
1111 iommu_completion_wait(iommu);
1114 static void amd_iommu_flush_tlb_domid(struct amd_iommu *iommu, u32 dom_id)
1116 struct iommu_cmd cmd;
1118 build_inv_iommu_pages(&cmd, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
1120 iommu_queue_command(iommu, &cmd);
1122 iommu_completion_wait(iommu);
1125 static void amd_iommu_flush_all(struct amd_iommu *iommu)
1127 struct iommu_cmd cmd;
1129 build_inv_all(&cmd);
1131 iommu_queue_command(iommu, &cmd);
1132 iommu_completion_wait(iommu);
1135 static void iommu_flush_irt(struct amd_iommu *iommu, u16 devid)
1137 struct iommu_cmd cmd;
1139 build_inv_irt(&cmd, devid);
1141 iommu_queue_command(iommu, &cmd);
1144 static void amd_iommu_flush_irt_all(struct amd_iommu *iommu)
1148 for (devid = 0; devid <= MAX_DEV_TABLE_ENTRIES; devid++)
1149 iommu_flush_irt(iommu, devid);
1151 iommu_completion_wait(iommu);
1154 void iommu_flush_all_caches(struct amd_iommu *iommu)
1156 if (iommu_feature(iommu, FEATURE_IA)) {
1157 amd_iommu_flush_all(iommu);
1159 amd_iommu_flush_dte_all(iommu);
1160 amd_iommu_flush_irt_all(iommu);
1161 amd_iommu_flush_tlb_all(iommu);
1166 * Command send function for flushing on-device TLB
1168 static int device_flush_iotlb(struct iommu_dev_data *dev_data,
1169 u64 address, size_t size)
1171 struct amd_iommu *iommu;
1172 struct iommu_cmd cmd;
1175 qdep = dev_data->ats.qdep;
1176 iommu = amd_iommu_rlookup_table[dev_data->devid];
1178 build_inv_iotlb_pages(&cmd, dev_data->devid, qdep, address, size);
1180 return iommu_queue_command(iommu, &cmd);
1183 static int device_flush_dte_alias(struct pci_dev *pdev, u16 alias, void *data)
1185 struct amd_iommu *iommu = data;
1187 return iommu_flush_dte(iommu, alias);
1191 * Command send function for invalidating a device table entry
1193 static int device_flush_dte(struct iommu_dev_data *dev_data)
1195 struct amd_iommu *iommu;
1199 iommu = amd_iommu_rlookup_table[dev_data->devid];
1202 ret = pci_for_each_dma_alias(dev_data->pdev,
1203 device_flush_dte_alias, iommu);
1205 ret = iommu_flush_dte(iommu, dev_data->devid);
1209 alias = amd_iommu_alias_table[dev_data->devid];
1210 if (alias != dev_data->devid) {
1211 ret = iommu_flush_dte(iommu, alias);
1216 if (dev_data->ats.enabled)
1217 ret = device_flush_iotlb(dev_data, 0, ~0UL);
1223 * TLB invalidation function which is called from the mapping functions.
1224 * It invalidates a single PTE if the range to flush is within a single
1225 * page. Otherwise it flushes the whole TLB of the IOMMU.
1227 static void __domain_flush_pages(struct protection_domain *domain,
1228 u64 address, size_t size, int pde)
1230 struct iommu_dev_data *dev_data;
1231 struct iommu_cmd cmd;
1234 build_inv_iommu_pages(&cmd, address, size, domain->id, pde);
1236 for (i = 0; i < amd_iommu_get_num_iommus(); ++i) {
1237 if (!domain->dev_iommu[i])
1241 * Devices of this domain are behind this IOMMU
1242 * We need a TLB flush
1244 ret |= iommu_queue_command(amd_iommus[i], &cmd);
1247 list_for_each_entry(dev_data, &domain->dev_list, list) {
1249 if (!dev_data->ats.enabled)
1252 ret |= device_flush_iotlb(dev_data, address, size);
1258 static void domain_flush_pages(struct protection_domain *domain,
1259 u64 address, size_t size)
1261 __domain_flush_pages(domain, address, size, 0);
1264 /* Flush the whole IO/TLB for a given protection domain - including PDE */
1265 static void domain_flush_tlb_pde(struct protection_domain *domain)
1267 __domain_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 1);
1270 static void domain_flush_complete(struct protection_domain *domain)
1274 for (i = 0; i < amd_iommu_get_num_iommus(); ++i) {
1275 if (domain && !domain->dev_iommu[i])
1279 * Devices of this domain are behind this IOMMU
1280 * We need to wait for completion of all commands.
1282 iommu_completion_wait(amd_iommus[i]);
1286 /* Flush the not present cache if it exists */
1287 static void domain_flush_np_cache(struct protection_domain *domain,
1288 dma_addr_t iova, size_t size)
1290 if (unlikely(amd_iommu_np_cache)) {
1291 unsigned long flags;
1293 spin_lock_irqsave(&domain->lock, flags);
1294 domain_flush_pages(domain, iova, size);
1295 domain_flush_complete(domain);
1296 spin_unlock_irqrestore(&domain->lock, flags);
1302 * This function flushes the DTEs for all devices in domain
1304 static void domain_flush_devices(struct protection_domain *domain)
1306 struct iommu_dev_data *dev_data;
1308 list_for_each_entry(dev_data, &domain->dev_list, list)
1309 device_flush_dte(dev_data);
1312 /****************************************************************************
1314 * The functions below are used the create the page table mappings for
1315 * unity mapped regions.
1317 ****************************************************************************/
1319 static void free_page_list(struct page *freelist)
1321 while (freelist != NULL) {
1322 unsigned long p = (unsigned long)page_address(freelist);
1323 freelist = freelist->freelist;
1328 static struct page *free_pt_page(unsigned long pt, struct page *freelist)
1330 struct page *p = virt_to_page((void *)pt);
1332 p->freelist = freelist;
1337 #define DEFINE_FREE_PT_FN(LVL, FN) \
1338 static struct page *free_pt_##LVL (unsigned long __pt, struct page *freelist) \
1346 for (i = 0; i < 512; ++i) { \
1347 /* PTE present? */ \
1348 if (!IOMMU_PTE_PRESENT(pt[i])) \
1352 if (PM_PTE_LEVEL(pt[i]) == 0 || \
1353 PM_PTE_LEVEL(pt[i]) == 7) \
1356 p = (unsigned long)IOMMU_PTE_PAGE(pt[i]); \
1357 freelist = FN(p, freelist); \
1360 return free_pt_page((unsigned long)pt, freelist); \
1363 DEFINE_FREE_PT_FN(l2, free_pt_page)
1364 DEFINE_FREE_PT_FN(l3, free_pt_l2)
1365 DEFINE_FREE_PT_FN(l4, free_pt_l3)
1366 DEFINE_FREE_PT_FN(l5, free_pt_l4)
1367 DEFINE_FREE_PT_FN(l6, free_pt_l5)
1369 static struct page *free_sub_pt(unsigned long root, int mode,
1370 struct page *freelist)
1373 case PAGE_MODE_NONE:
1374 case PAGE_MODE_7_LEVEL:
1376 case PAGE_MODE_1_LEVEL:
1377 freelist = free_pt_page(root, freelist);
1379 case PAGE_MODE_2_LEVEL:
1380 freelist = free_pt_l2(root, freelist);
1382 case PAGE_MODE_3_LEVEL:
1383 freelist = free_pt_l3(root, freelist);
1385 case PAGE_MODE_4_LEVEL:
1386 freelist = free_pt_l4(root, freelist);
1388 case PAGE_MODE_5_LEVEL:
1389 freelist = free_pt_l5(root, freelist);
1391 case PAGE_MODE_6_LEVEL:
1392 freelist = free_pt_l6(root, freelist);
1401 static void free_pagetable(struct protection_domain *domain)
1403 unsigned long root = (unsigned long)domain->pt_root;
1404 struct page *freelist = NULL;
1406 BUG_ON(domain->mode < PAGE_MODE_NONE ||
1407 domain->mode > PAGE_MODE_6_LEVEL);
1409 freelist = free_sub_pt(root, domain->mode, freelist);
1411 free_page_list(freelist);
1415 * This function is used to add another level to an IO page table. Adding
1416 * another level increases the size of the address space by 9 bits to a size up
1419 static bool increase_address_space(struct protection_domain *domain,
1420 unsigned long address,
1423 unsigned long flags;
1427 spin_lock_irqsave(&domain->lock, flags);
1429 if (address <= PM_LEVEL_SIZE(domain->mode) ||
1430 WARN_ON_ONCE(domain->mode == PAGE_MODE_6_LEVEL))
1433 pte = (void *)get_zeroed_page(gfp);
1437 *pte = PM_LEVEL_PDE(domain->mode,
1438 iommu_virt_to_phys(domain->pt_root));
1439 domain->pt_root = pte;
1445 spin_unlock_irqrestore(&domain->lock, flags);
1450 static u64 *alloc_pte(struct protection_domain *domain,
1451 unsigned long address,
1452 unsigned long page_size,
1460 BUG_ON(!is_power_of_2(page_size));
1462 while (address > PM_LEVEL_SIZE(domain->mode))
1463 *updated = increase_address_space(domain, address, gfp) || *updated;
1465 level = domain->mode - 1;
1466 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
1467 address = PAGE_SIZE_ALIGN(address, page_size);
1468 end_lvl = PAGE_SIZE_LEVEL(page_size);
1470 while (level > end_lvl) {
1475 pte_level = PM_PTE_LEVEL(__pte);
1478 * If we replace a series of large PTEs, we need
1479 * to tear down all of them.
1481 if (IOMMU_PTE_PRESENT(__pte) &&
1482 pte_level == PAGE_MODE_7_LEVEL) {
1483 unsigned long count, i;
1486 lpte = first_pte_l7(pte, NULL, &count);
1489 * Unmap the replicated PTEs that still match the
1490 * original large mapping
1492 for (i = 0; i < count; ++i)
1493 cmpxchg64(&lpte[i], __pte, 0ULL);
1499 if (!IOMMU_PTE_PRESENT(__pte) ||
1500 pte_level == PAGE_MODE_NONE) {
1501 page = (u64 *)get_zeroed_page(gfp);
1506 __npte = PM_LEVEL_PDE(level, iommu_virt_to_phys(page));
1508 /* pte could have been changed somewhere. */
1509 if (cmpxchg64(pte, __pte, __npte) != __pte)
1510 free_page((unsigned long)page);
1511 else if (IOMMU_PTE_PRESENT(__pte))
1517 /* No level skipping support yet */
1518 if (pte_level != level)
1523 pte = IOMMU_PTE_PAGE(__pte);
1525 if (pte_page && level == end_lvl)
1528 pte = &pte[PM_LEVEL_INDEX(level, address)];
1535 * This function checks if there is a PTE for a given dma address. If
1536 * there is one, it returns the pointer to it.
1538 static u64 *fetch_pte(struct protection_domain *domain,
1539 unsigned long address,
1540 unsigned long *page_size)
1547 if (address > PM_LEVEL_SIZE(domain->mode))
1550 level = domain->mode - 1;
1551 pte = &domain->pt_root[PM_LEVEL_INDEX(level, address)];
1552 *page_size = PTE_LEVEL_PAGE_SIZE(level);
1557 if (!IOMMU_PTE_PRESENT(*pte))
1561 if (PM_PTE_LEVEL(*pte) == 7 ||
1562 PM_PTE_LEVEL(*pte) == 0)
1565 /* No level skipping support yet */
1566 if (PM_PTE_LEVEL(*pte) != level)
1571 /* Walk to the next level */
1572 pte = IOMMU_PTE_PAGE(*pte);
1573 pte = &pte[PM_LEVEL_INDEX(level, address)];
1574 *page_size = PTE_LEVEL_PAGE_SIZE(level);
1578 * If we have a series of large PTEs, make
1579 * sure to return a pointer to the first one.
1581 if (PM_PTE_LEVEL(*pte) == PAGE_MODE_7_LEVEL)
1582 pte = first_pte_l7(pte, page_size, NULL);
1587 static struct page *free_clear_pte(u64 *pte, u64 pteval, struct page *freelist)
1592 while (cmpxchg64(pte, pteval, 0) != pteval) {
1593 pr_warn("AMD-Vi: IOMMU pte changed since we read it\n");
1597 if (!IOMMU_PTE_PRESENT(pteval))
1600 pt = (unsigned long)IOMMU_PTE_PAGE(pteval);
1601 mode = IOMMU_PTE_MODE(pteval);
1603 return free_sub_pt(pt, mode, freelist);
1607 * Generic mapping functions. It maps a physical address into a DMA
1608 * address space. It allocates the page table pages if necessary.
1609 * In the future it can be extended to a generic mapping function
1610 * supporting all features of AMD IOMMU page tables like level skipping
1611 * and full 64 bit address spaces.
1613 static int iommu_map_page(struct protection_domain *dom,
1614 unsigned long bus_addr,
1615 unsigned long phys_addr,
1616 unsigned long page_size,
1620 struct page *freelist = NULL;
1621 bool updated = false;
1625 BUG_ON(!IS_ALIGNED(bus_addr, page_size));
1626 BUG_ON(!IS_ALIGNED(phys_addr, page_size));
1629 if (!(prot & IOMMU_PROT_MASK))
1632 count = PAGE_SIZE_PTE_COUNT(page_size);
1633 pte = alloc_pte(dom, bus_addr, page_size, NULL, gfp, &updated);
1639 for (i = 0; i < count; ++i)
1640 freelist = free_clear_pte(&pte[i], pte[i], freelist);
1642 if (freelist != NULL)
1646 __pte = PAGE_SIZE_PTE(__sme_set(phys_addr), page_size);
1647 __pte |= PM_LEVEL_ENC(7) | IOMMU_PTE_PR | IOMMU_PTE_FC;
1649 __pte = __sme_set(phys_addr) | IOMMU_PTE_PR | IOMMU_PTE_FC;
1651 if (prot & IOMMU_PROT_IR)
1652 __pte |= IOMMU_PTE_IR;
1653 if (prot & IOMMU_PROT_IW)
1654 __pte |= IOMMU_PTE_IW;
1656 for (i = 0; i < count; ++i)
1663 unsigned long flags;
1665 spin_lock_irqsave(&dom->lock, flags);
1667 spin_unlock_irqrestore(&dom->lock, flags);
1670 /* Everything flushed out, free pages now */
1671 free_page_list(freelist);
1676 static unsigned long iommu_unmap_page(struct protection_domain *dom,
1677 unsigned long bus_addr,
1678 unsigned long page_size)
1680 unsigned long long unmapped;
1681 unsigned long unmap_size;
1684 BUG_ON(!is_power_of_2(page_size));
1688 while (unmapped < page_size) {
1690 pte = fetch_pte(dom, bus_addr, &unmap_size);
1695 count = PAGE_SIZE_PTE_COUNT(unmap_size);
1696 for (i = 0; i < count; i++)
1700 bus_addr = (bus_addr & ~(unmap_size - 1)) + unmap_size;
1701 unmapped += unmap_size;
1704 BUG_ON(unmapped && !is_power_of_2(unmapped));
1709 /****************************************************************************
1711 * The next functions belong to the domain allocation. A domain is
1712 * allocated for every IOMMU as the default domain. If device isolation
1713 * is enabled, every device get its own domain. The most important thing
1714 * about domains is the page table mapping the DMA address space they
1717 ****************************************************************************/
1719 static u16 domain_id_alloc(void)
1723 spin_lock(&pd_bitmap_lock);
1724 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
1726 if (id > 0 && id < MAX_DOMAIN_ID)
1727 __set_bit(id, amd_iommu_pd_alloc_bitmap);
1730 spin_unlock(&pd_bitmap_lock);
1735 static void domain_id_free(int id)
1737 spin_lock(&pd_bitmap_lock);
1738 if (id > 0 && id < MAX_DOMAIN_ID)
1739 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1740 spin_unlock(&pd_bitmap_lock);
1743 static void free_gcr3_tbl_level1(u64 *tbl)
1748 for (i = 0; i < 512; ++i) {
1749 if (!(tbl[i] & GCR3_VALID))
1752 ptr = iommu_phys_to_virt(tbl[i] & PAGE_MASK);
1754 free_page((unsigned long)ptr);
1758 static void free_gcr3_tbl_level2(u64 *tbl)
1763 for (i = 0; i < 512; ++i) {
1764 if (!(tbl[i] & GCR3_VALID))
1767 ptr = iommu_phys_to_virt(tbl[i] & PAGE_MASK);
1769 free_gcr3_tbl_level1(ptr);
1773 static void free_gcr3_table(struct protection_domain *domain)
1775 if (domain->glx == 2)
1776 free_gcr3_tbl_level2(domain->gcr3_tbl);
1777 else if (domain->glx == 1)
1778 free_gcr3_tbl_level1(domain->gcr3_tbl);
1780 BUG_ON(domain->glx != 0);
1782 free_page((unsigned long)domain->gcr3_tbl);
1786 * Free a domain, only used if something went wrong in the
1787 * allocation path and we need to free an already allocated page table
1789 static void dma_ops_domain_free(struct protection_domain *domain)
1794 iommu_put_dma_cookie(&domain->domain);
1796 free_pagetable(domain);
1799 domain_id_free(domain->id);
1805 * Allocates a new protection domain usable for the dma_ops functions.
1806 * It also initializes the page table and the address allocator data
1807 * structures required for the dma_ops interface
1809 static struct protection_domain *dma_ops_domain_alloc(void)
1811 struct protection_domain *domain;
1813 domain = kzalloc(sizeof(struct protection_domain), GFP_KERNEL);
1817 if (protection_domain_init(domain))
1820 domain->mode = PAGE_MODE_3_LEVEL;
1821 domain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
1822 domain->flags = PD_DMA_OPS_MASK;
1823 if (!domain->pt_root)
1826 if (iommu_get_dma_cookie(&domain->domain) == -ENOMEM)
1832 dma_ops_domain_free(domain);
1838 * little helper function to check whether a given protection domain is a
1841 static bool dma_ops_domain(struct protection_domain *domain)
1843 return domain->flags & PD_DMA_OPS_MASK;
1846 static void set_dte_entry(u16 devid, struct protection_domain *domain,
1853 if (domain->mode != PAGE_MODE_NONE)
1854 pte_root = iommu_virt_to_phys(domain->pt_root);
1856 pte_root |= (domain->mode & DEV_ENTRY_MODE_MASK)
1857 << DEV_ENTRY_MODE_SHIFT;
1858 pte_root |= DTE_FLAG_IR | DTE_FLAG_IW | DTE_FLAG_V | DTE_FLAG_TV;
1860 flags = amd_iommu_dev_table[devid].data[1];
1863 flags |= DTE_FLAG_IOTLB;
1866 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1868 if (iommu_feature(iommu, FEATURE_EPHSUP))
1869 pte_root |= 1ULL << DEV_ENTRY_PPR;
1872 if (domain->flags & PD_IOMMUV2_MASK) {
1873 u64 gcr3 = iommu_virt_to_phys(domain->gcr3_tbl);
1874 u64 glx = domain->glx;
1877 pte_root |= DTE_FLAG_GV;
1878 pte_root |= (glx & DTE_GLX_MASK) << DTE_GLX_SHIFT;
1880 /* First mask out possible old values for GCR3 table */
1881 tmp = DTE_GCR3_VAL_B(~0ULL) << DTE_GCR3_SHIFT_B;
1884 tmp = DTE_GCR3_VAL_C(~0ULL) << DTE_GCR3_SHIFT_C;
1887 /* Encode GCR3 table into DTE */
1888 tmp = DTE_GCR3_VAL_A(gcr3) << DTE_GCR3_SHIFT_A;
1891 tmp = DTE_GCR3_VAL_B(gcr3) << DTE_GCR3_SHIFT_B;
1894 tmp = DTE_GCR3_VAL_C(gcr3) << DTE_GCR3_SHIFT_C;
1898 flags &= ~DEV_DOMID_MASK;
1899 flags |= domain->id;
1901 old_domid = amd_iommu_dev_table[devid].data[1] & DEV_DOMID_MASK;
1902 amd_iommu_dev_table[devid].data[1] = flags;
1903 amd_iommu_dev_table[devid].data[0] = pte_root;
1906 * A kdump kernel might be replacing a domain ID that was copied from
1907 * the previous kernel--if so, it needs to flush the translation cache
1908 * entries for the old domain ID that is being overwritten
1911 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1913 amd_iommu_flush_tlb_domid(iommu, old_domid);
1917 static void clear_dte_entry(u16 devid)
1919 /* remove entry from the device table seen by the hardware */
1920 amd_iommu_dev_table[devid].data[0] = DTE_FLAG_V | DTE_FLAG_TV;
1921 amd_iommu_dev_table[devid].data[1] &= DTE_FLAG_MASK;
1923 amd_iommu_apply_erratum_63(devid);
1926 static void do_attach(struct iommu_dev_data *dev_data,
1927 struct protection_domain *domain)
1929 struct amd_iommu *iommu;
1932 iommu = amd_iommu_rlookup_table[dev_data->devid];
1933 ats = dev_data->ats.enabled;
1935 /* Update data structures */
1936 dev_data->domain = domain;
1937 list_add(&dev_data->list, &domain->dev_list);
1939 /* Do reference counting */
1940 domain->dev_iommu[iommu->index] += 1;
1941 domain->dev_cnt += 1;
1943 /* Update device table */
1944 set_dte_entry(dev_data->devid, domain, ats, dev_data->iommu_v2);
1945 clone_aliases(dev_data->pdev);
1947 device_flush_dte(dev_data);
1950 static void do_detach(struct iommu_dev_data *dev_data)
1952 struct protection_domain *domain = dev_data->domain;
1953 struct amd_iommu *iommu;
1955 iommu = amd_iommu_rlookup_table[dev_data->devid];
1957 /* Update data structures */
1958 dev_data->domain = NULL;
1959 list_del(&dev_data->list);
1960 clear_dte_entry(dev_data->devid);
1961 clone_aliases(dev_data->pdev);
1963 /* Flush the DTE entry */
1964 device_flush_dte(dev_data);
1967 domain_flush_tlb_pde(domain);
1969 /* Wait for the flushes to finish */
1970 domain_flush_complete(domain);
1972 /* decrease reference counters - needs to happen after the flushes */
1973 domain->dev_iommu[iommu->index] -= 1;
1974 domain->dev_cnt -= 1;
1977 static void pdev_iommuv2_disable(struct pci_dev *pdev)
1979 pci_disable_ats(pdev);
1980 pci_disable_pri(pdev);
1981 pci_disable_pasid(pdev);
1984 /* FIXME: Change generic reset-function to do the same */
1985 static int pri_reset_while_enabled(struct pci_dev *pdev)
1990 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PRI);
1994 pci_read_config_word(pdev, pos + PCI_PRI_CTRL, &control);
1995 control |= PCI_PRI_CTRL_RESET;
1996 pci_write_config_word(pdev, pos + PCI_PRI_CTRL, control);
2001 static int pdev_iommuv2_enable(struct pci_dev *pdev)
2006 /* FIXME: Hardcode number of outstanding requests for now */
2008 if (pdev_pri_erratum(pdev, AMD_PRI_DEV_ERRATUM_LIMIT_REQ_ONE))
2010 reset_enable = pdev_pri_erratum(pdev, AMD_PRI_DEV_ERRATUM_ENABLE_RESET);
2012 /* Only allow access to user-accessible pages */
2013 ret = pci_enable_pasid(pdev, 0);
2017 /* First reset the PRI state of the device */
2018 ret = pci_reset_pri(pdev);
2023 ret = pci_enable_pri(pdev, reqs);
2028 ret = pri_reset_while_enabled(pdev);
2033 ret = pci_enable_ats(pdev, PAGE_SHIFT);
2040 pci_disable_pri(pdev);
2041 pci_disable_pasid(pdev);
2047 * If a device is not yet associated with a domain, this function makes the
2048 * device visible in the domain
2050 static int attach_device(struct device *dev,
2051 struct protection_domain *domain)
2053 struct pci_dev *pdev;
2054 struct iommu_dev_data *dev_data;
2055 unsigned long flags;
2058 spin_lock_irqsave(&domain->lock, flags);
2060 dev_data = get_dev_data(dev);
2062 spin_lock(&dev_data->lock);
2065 if (dev_data->domain != NULL)
2068 if (!dev_is_pci(dev))
2069 goto skip_ats_check;
2071 pdev = to_pci_dev(dev);
2072 if (domain->flags & PD_IOMMUV2_MASK) {
2074 if (!dev_data->passthrough)
2077 if (dev_data->iommu_v2) {
2078 if (pdev_iommuv2_enable(pdev) != 0)
2081 dev_data->ats.enabled = true;
2082 dev_data->ats.qdep = pci_ats_queue_depth(pdev);
2083 dev_data->pri_tlp = pci_prg_resp_pasid_required(pdev);
2085 } else if (amd_iommu_iotlb_sup &&
2086 pci_enable_ats(pdev, PAGE_SHIFT) == 0) {
2087 dev_data->ats.enabled = true;
2088 dev_data->ats.qdep = pci_ats_queue_depth(pdev);
2094 do_attach(dev_data, domain);
2097 * We might boot into a crash-kernel here. The crashed kernel
2098 * left the caches in the IOMMU dirty. So we have to flush
2099 * here to evict all dirty stuff.
2101 domain_flush_tlb_pde(domain);
2103 domain_flush_complete(domain);
2106 spin_unlock(&dev_data->lock);
2108 spin_unlock_irqrestore(&domain->lock, flags);
2114 * Removes a device from a protection domain (with devtable_lock held)
2116 static void detach_device(struct device *dev)
2118 struct protection_domain *domain;
2119 struct iommu_dev_data *dev_data;
2120 unsigned long flags;
2122 dev_data = get_dev_data(dev);
2123 domain = dev_data->domain;
2125 spin_lock_irqsave(&domain->lock, flags);
2127 spin_lock(&dev_data->lock);
2130 * First check if the device is still attached. It might already
2131 * be detached from its domain because the generic
2132 * iommu_detach_group code detached it and we try again here in
2133 * our alias handling.
2135 if (WARN_ON(!dev_data->domain))
2138 do_detach(dev_data);
2140 if (!dev_is_pci(dev))
2143 if (domain->flags & PD_IOMMUV2_MASK && dev_data->iommu_v2)
2144 pdev_iommuv2_disable(to_pci_dev(dev));
2145 else if (dev_data->ats.enabled)
2146 pci_disable_ats(to_pci_dev(dev));
2148 dev_data->ats.enabled = false;
2151 spin_unlock(&dev_data->lock);
2153 spin_unlock_irqrestore(&domain->lock, flags);
2156 static int amd_iommu_add_device(struct device *dev)
2158 struct iommu_dev_data *dev_data;
2159 struct iommu_domain *domain;
2160 struct amd_iommu *iommu;
2163 if (!check_device(dev) || get_dev_data(dev))
2166 devid = get_device_id(dev);
2170 iommu = amd_iommu_rlookup_table[devid];
2172 ret = iommu_init_device(dev);
2174 if (ret != -ENOTSUPP)
2175 dev_err(dev, "Failed to initialize - trying to proceed anyway\n");
2177 iommu_ignore_device(dev);
2178 dev->dma_ops = NULL;
2181 init_iommu_group(dev);
2183 dev_data = get_dev_data(dev);
2187 if (dev_data->iommu_v2)
2188 iommu_request_dm_for_dev(dev);
2190 /* Domains are initialized for this device - have a look what we ended up with */
2191 domain = iommu_get_domain_for_dev(dev);
2192 if (domain->type == IOMMU_DOMAIN_IDENTITY)
2193 dev_data->passthrough = true;
2194 else if (domain->type == IOMMU_DOMAIN_DMA)
2195 iommu_setup_dma_ops(dev, IOVA_START_PFN << PAGE_SHIFT, 0);
2198 iommu_completion_wait(iommu);
2203 static void amd_iommu_remove_device(struct device *dev)
2205 struct amd_iommu *iommu;
2208 if (!check_device(dev))
2211 devid = get_device_id(dev);
2215 iommu = amd_iommu_rlookup_table[devid];
2217 iommu_uninit_device(dev);
2218 iommu_completion_wait(iommu);
2221 static struct iommu_group *amd_iommu_device_group(struct device *dev)
2223 if (dev_is_pci(dev))
2224 return pci_device_group(dev);
2226 return acpihid_device_group(dev);
2229 static int amd_iommu_domain_get_attr(struct iommu_domain *domain,
2230 enum iommu_attr attr, void *data)
2232 switch (domain->type) {
2233 case IOMMU_DOMAIN_UNMANAGED:
2235 case IOMMU_DOMAIN_DMA:
2237 case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE:
2238 *(int *)data = !amd_iommu_unmap_flush;
2249 /*****************************************************************************
2251 * The next functions belong to the dma_ops mapping/unmapping code.
2253 *****************************************************************************/
2255 static void update_device_table(struct protection_domain *domain)
2257 struct iommu_dev_data *dev_data;
2259 list_for_each_entry(dev_data, &domain->dev_list, list) {
2260 set_dte_entry(dev_data->devid, domain, dev_data->ats.enabled,
2261 dev_data->iommu_v2);
2262 clone_aliases(dev_data->pdev);
2266 static void update_domain(struct protection_domain *domain)
2268 update_device_table(domain);
2270 domain_flush_devices(domain);
2271 domain_flush_tlb_pde(domain);
2274 int __init amd_iommu_init_api(void)
2278 ret = iova_cache_get();
2282 err = bus_set_iommu(&pci_bus_type, &amd_iommu_ops);
2285 #ifdef CONFIG_ARM_AMBA
2286 err = bus_set_iommu(&amba_bustype, &amd_iommu_ops);
2290 err = bus_set_iommu(&platform_bus_type, &amd_iommu_ops);
2297 int __init amd_iommu_init_dma_ops(void)
2299 swiotlb = (iommu_default_passthrough() || sme_me_mask) ? 1 : 0;
2302 if (amd_iommu_unmap_flush)
2303 pr_info("IO/TLB flush on unmap enabled\n");
2305 pr_info("Lazy IO/TLB flushing enabled\n");
2311 /*****************************************************************************
2313 * The following functions belong to the exported interface of AMD IOMMU
2315 * This interface allows access to lower level functions of the IOMMU
2316 * like protection domain handling and assignement of devices to domains
2317 * which is not possible with the dma_ops interface.
2319 *****************************************************************************/
2321 static void cleanup_domain(struct protection_domain *domain)
2323 struct iommu_dev_data *entry;
2324 unsigned long flags;
2326 spin_lock_irqsave(&domain->lock, flags);
2328 while (!list_empty(&domain->dev_list)) {
2329 entry = list_first_entry(&domain->dev_list,
2330 struct iommu_dev_data, list);
2331 BUG_ON(!entry->domain);
2335 spin_unlock_irqrestore(&domain->lock, flags);
2338 static void protection_domain_free(struct protection_domain *domain)
2344 domain_id_free(domain->id);
2349 static int protection_domain_init(struct protection_domain *domain)
2351 spin_lock_init(&domain->lock);
2352 domain->id = domain_id_alloc();
2355 INIT_LIST_HEAD(&domain->dev_list);
2360 static struct protection_domain *protection_domain_alloc(void)
2362 struct protection_domain *domain;
2364 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2368 if (protection_domain_init(domain))
2379 static struct iommu_domain *amd_iommu_domain_alloc(unsigned type)
2381 struct protection_domain *pdomain;
2384 case IOMMU_DOMAIN_UNMANAGED:
2385 pdomain = protection_domain_alloc();
2389 pdomain->mode = PAGE_MODE_3_LEVEL;
2390 pdomain->pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2391 if (!pdomain->pt_root) {
2392 protection_domain_free(pdomain);
2396 pdomain->domain.geometry.aperture_start = 0;
2397 pdomain->domain.geometry.aperture_end = ~0ULL;
2398 pdomain->domain.geometry.force_aperture = true;
2401 case IOMMU_DOMAIN_DMA:
2402 pdomain = dma_ops_domain_alloc();
2404 pr_err("Failed to allocate\n");
2408 case IOMMU_DOMAIN_IDENTITY:
2409 pdomain = protection_domain_alloc();
2413 pdomain->mode = PAGE_MODE_NONE;
2419 return &pdomain->domain;
2422 static void amd_iommu_domain_free(struct iommu_domain *dom)
2424 struct protection_domain *domain;
2426 domain = to_pdomain(dom);
2428 if (domain->dev_cnt > 0)
2429 cleanup_domain(domain);
2431 BUG_ON(domain->dev_cnt != 0);
2436 switch (dom->type) {
2437 case IOMMU_DOMAIN_DMA:
2438 /* Now release the domain */
2439 dma_ops_domain_free(domain);
2442 if (domain->mode != PAGE_MODE_NONE)
2443 free_pagetable(domain);
2445 if (domain->flags & PD_IOMMUV2_MASK)
2446 free_gcr3_table(domain);
2448 protection_domain_free(domain);
2453 static void amd_iommu_detach_device(struct iommu_domain *dom,
2456 struct iommu_dev_data *dev_data = dev->archdata.iommu;
2457 struct amd_iommu *iommu;
2460 if (!check_device(dev))
2463 devid = get_device_id(dev);
2467 if (dev_data->domain != NULL)
2470 iommu = amd_iommu_rlookup_table[devid];
2474 #ifdef CONFIG_IRQ_REMAP
2475 if (AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) &&
2476 (dom->type == IOMMU_DOMAIN_UNMANAGED))
2477 dev_data->use_vapic = 0;
2480 iommu_completion_wait(iommu);
2483 static int amd_iommu_attach_device(struct iommu_domain *dom,
2486 struct protection_domain *domain = to_pdomain(dom);
2487 struct iommu_dev_data *dev_data;
2488 struct amd_iommu *iommu;
2491 if (!check_device(dev))
2494 dev_data = dev->archdata.iommu;
2495 dev_data->defer_attach = false;
2497 iommu = amd_iommu_rlookup_table[dev_data->devid];
2501 if (dev_data->domain)
2504 ret = attach_device(dev, domain);
2506 #ifdef CONFIG_IRQ_REMAP
2507 if (AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir)) {
2508 if (dom->type == IOMMU_DOMAIN_UNMANAGED)
2509 dev_data->use_vapic = 1;
2511 dev_data->use_vapic = 0;
2515 iommu_completion_wait(iommu);
2520 static int amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
2521 phys_addr_t paddr, size_t page_size, int iommu_prot,
2524 struct protection_domain *domain = to_pdomain(dom);
2528 if (domain->mode == PAGE_MODE_NONE)
2531 if (iommu_prot & IOMMU_READ)
2532 prot |= IOMMU_PROT_IR;
2533 if (iommu_prot & IOMMU_WRITE)
2534 prot |= IOMMU_PROT_IW;
2536 ret = iommu_map_page(domain, iova, paddr, page_size, prot, gfp);
2538 domain_flush_np_cache(domain, iova, page_size);
2543 static size_t amd_iommu_unmap(struct iommu_domain *dom, unsigned long iova,
2545 struct iommu_iotlb_gather *gather)
2547 struct protection_domain *domain = to_pdomain(dom);
2549 if (domain->mode == PAGE_MODE_NONE)
2552 return iommu_unmap_page(domain, iova, page_size);
2555 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2558 struct protection_domain *domain = to_pdomain(dom);
2559 unsigned long offset_mask, pte_pgsize;
2562 if (domain->mode == PAGE_MODE_NONE)
2565 pte = fetch_pte(domain, iova, &pte_pgsize);
2567 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2570 offset_mask = pte_pgsize - 1;
2571 __pte = __sme_clr(*pte & PM_ADDR_MASK);
2573 return (__pte & ~offset_mask) | (iova & offset_mask);
2576 static bool amd_iommu_capable(enum iommu_cap cap)
2579 case IOMMU_CAP_CACHE_COHERENCY:
2581 case IOMMU_CAP_INTR_REMAP:
2582 return (irq_remapping_enabled == 1);
2583 case IOMMU_CAP_NOEXEC:
2592 static void amd_iommu_get_resv_regions(struct device *dev,
2593 struct list_head *head)
2595 struct iommu_resv_region *region;
2596 struct unity_map_entry *entry;
2599 devid = get_device_id(dev);
2603 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
2607 if (devid < entry->devid_start || devid > entry->devid_end)
2610 type = IOMMU_RESV_DIRECT;
2611 length = entry->address_end - entry->address_start;
2612 if (entry->prot & IOMMU_PROT_IR)
2614 if (entry->prot & IOMMU_PROT_IW)
2615 prot |= IOMMU_WRITE;
2616 if (entry->prot & IOMMU_UNITY_MAP_FLAG_EXCL_RANGE)
2617 /* Exclusion range */
2618 type = IOMMU_RESV_RESERVED;
2620 region = iommu_alloc_resv_region(entry->address_start,
2621 length, prot, type);
2623 dev_err(dev, "Out of memory allocating dm-regions\n");
2626 list_add_tail(®ion->list, head);
2629 region = iommu_alloc_resv_region(MSI_RANGE_START,
2630 MSI_RANGE_END - MSI_RANGE_START + 1,
2634 list_add_tail(®ion->list, head);
2636 region = iommu_alloc_resv_region(HT_RANGE_START,
2637 HT_RANGE_END - HT_RANGE_START + 1,
2638 0, IOMMU_RESV_RESERVED);
2641 list_add_tail(®ion->list, head);
2644 static void amd_iommu_put_resv_regions(struct device *dev,
2645 struct list_head *head)
2647 struct iommu_resv_region *entry, *next;
2649 list_for_each_entry_safe(entry, next, head, list)
2653 static bool amd_iommu_is_attach_deferred(struct iommu_domain *domain,
2656 struct iommu_dev_data *dev_data = dev->archdata.iommu;
2657 return dev_data->defer_attach;
2660 static void amd_iommu_flush_iotlb_all(struct iommu_domain *domain)
2662 struct protection_domain *dom = to_pdomain(domain);
2663 unsigned long flags;
2665 spin_lock_irqsave(&dom->lock, flags);
2666 domain_flush_tlb_pde(dom);
2667 domain_flush_complete(dom);
2668 spin_unlock_irqrestore(&dom->lock, flags);
2671 static void amd_iommu_iotlb_sync(struct iommu_domain *domain,
2672 struct iommu_iotlb_gather *gather)
2674 amd_iommu_flush_iotlb_all(domain);
2677 const struct iommu_ops amd_iommu_ops = {
2678 .capable = amd_iommu_capable,
2679 .domain_alloc = amd_iommu_domain_alloc,
2680 .domain_free = amd_iommu_domain_free,
2681 .attach_dev = amd_iommu_attach_device,
2682 .detach_dev = amd_iommu_detach_device,
2683 .map = amd_iommu_map,
2684 .unmap = amd_iommu_unmap,
2685 .iova_to_phys = amd_iommu_iova_to_phys,
2686 .add_device = amd_iommu_add_device,
2687 .remove_device = amd_iommu_remove_device,
2688 .device_group = amd_iommu_device_group,
2689 .domain_get_attr = amd_iommu_domain_get_attr,
2690 .get_resv_regions = amd_iommu_get_resv_regions,
2691 .put_resv_regions = amd_iommu_put_resv_regions,
2692 .is_attach_deferred = amd_iommu_is_attach_deferred,
2693 .pgsize_bitmap = AMD_IOMMU_PGSIZES,
2694 .flush_iotlb_all = amd_iommu_flush_iotlb_all,
2695 .iotlb_sync = amd_iommu_iotlb_sync,
2698 /*****************************************************************************
2700 * The next functions do a basic initialization of IOMMU for pass through
2703 * In passthrough mode the IOMMU is initialized and enabled but not used for
2704 * DMA-API translation.
2706 *****************************************************************************/
2708 /* IOMMUv2 specific functions */
2709 int amd_iommu_register_ppr_notifier(struct notifier_block *nb)
2711 return atomic_notifier_chain_register(&ppr_notifier, nb);
2713 EXPORT_SYMBOL(amd_iommu_register_ppr_notifier);
2715 int amd_iommu_unregister_ppr_notifier(struct notifier_block *nb)
2717 return atomic_notifier_chain_unregister(&ppr_notifier, nb);
2719 EXPORT_SYMBOL(amd_iommu_unregister_ppr_notifier);
2721 void amd_iommu_domain_direct_map(struct iommu_domain *dom)
2723 struct protection_domain *domain = to_pdomain(dom);
2724 unsigned long flags;
2726 spin_lock_irqsave(&domain->lock, flags);
2728 /* Update data structure */
2729 domain->mode = PAGE_MODE_NONE;
2731 /* Make changes visible to IOMMUs */
2732 update_domain(domain);
2734 /* Page-table is not visible to IOMMU anymore, so free it */
2735 free_pagetable(domain);
2737 spin_unlock_irqrestore(&domain->lock, flags);
2739 EXPORT_SYMBOL(amd_iommu_domain_direct_map);
2741 int amd_iommu_domain_enable_v2(struct iommu_domain *dom, int pasids)
2743 struct protection_domain *domain = to_pdomain(dom);
2744 unsigned long flags;
2747 if (pasids <= 0 || pasids > (PASID_MASK + 1))
2750 /* Number of GCR3 table levels required */
2751 for (levels = 0; (pasids - 1) & ~0x1ff; pasids >>= 9)
2754 if (levels > amd_iommu_max_glx_val)
2757 spin_lock_irqsave(&domain->lock, flags);
2760 * Save us all sanity checks whether devices already in the
2761 * domain support IOMMUv2. Just force that the domain has no
2762 * devices attached when it is switched into IOMMUv2 mode.
2765 if (domain->dev_cnt > 0 || domain->flags & PD_IOMMUV2_MASK)
2769 domain->gcr3_tbl = (void *)get_zeroed_page(GFP_ATOMIC);
2770 if (domain->gcr3_tbl == NULL)
2773 domain->glx = levels;
2774 domain->flags |= PD_IOMMUV2_MASK;
2776 update_domain(domain);
2781 spin_unlock_irqrestore(&domain->lock, flags);
2785 EXPORT_SYMBOL(amd_iommu_domain_enable_v2);
2787 static int __flush_pasid(struct protection_domain *domain, int pasid,
2788 u64 address, bool size)
2790 struct iommu_dev_data *dev_data;
2791 struct iommu_cmd cmd;
2794 if (!(domain->flags & PD_IOMMUV2_MASK))
2797 build_inv_iommu_pasid(&cmd, domain->id, pasid, address, size);
2800 * IOMMU TLB needs to be flushed before Device TLB to
2801 * prevent device TLB refill from IOMMU TLB
2803 for (i = 0; i < amd_iommu_get_num_iommus(); ++i) {
2804 if (domain->dev_iommu[i] == 0)
2807 ret = iommu_queue_command(amd_iommus[i], &cmd);
2812 /* Wait until IOMMU TLB flushes are complete */
2813 domain_flush_complete(domain);
2815 /* Now flush device TLBs */
2816 list_for_each_entry(dev_data, &domain->dev_list, list) {
2817 struct amd_iommu *iommu;
2821 There might be non-IOMMUv2 capable devices in an IOMMUv2
2824 if (!dev_data->ats.enabled)
2827 qdep = dev_data->ats.qdep;
2828 iommu = amd_iommu_rlookup_table[dev_data->devid];
2830 build_inv_iotlb_pasid(&cmd, dev_data->devid, pasid,
2831 qdep, address, size);
2833 ret = iommu_queue_command(iommu, &cmd);
2838 /* Wait until all device TLBs are flushed */
2839 domain_flush_complete(domain);
2848 static int __amd_iommu_flush_page(struct protection_domain *domain, int pasid,
2851 return __flush_pasid(domain, pasid, address, false);
2854 int amd_iommu_flush_page(struct iommu_domain *dom, int pasid,
2857 struct protection_domain *domain = to_pdomain(dom);
2858 unsigned long flags;
2861 spin_lock_irqsave(&domain->lock, flags);
2862 ret = __amd_iommu_flush_page(domain, pasid, address);
2863 spin_unlock_irqrestore(&domain->lock, flags);
2867 EXPORT_SYMBOL(amd_iommu_flush_page);
2869 static int __amd_iommu_flush_tlb(struct protection_domain *domain, int pasid)
2871 return __flush_pasid(domain, pasid, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
2875 int amd_iommu_flush_tlb(struct iommu_domain *dom, int pasid)
2877 struct protection_domain *domain = to_pdomain(dom);
2878 unsigned long flags;
2881 spin_lock_irqsave(&domain->lock, flags);
2882 ret = __amd_iommu_flush_tlb(domain, pasid);
2883 spin_unlock_irqrestore(&domain->lock, flags);
2887 EXPORT_SYMBOL(amd_iommu_flush_tlb);
2889 static u64 *__get_gcr3_pte(u64 *root, int level, int pasid, bool alloc)
2896 index = (pasid >> (9 * level)) & 0x1ff;
2902 if (!(*pte & GCR3_VALID)) {
2906 root = (void *)get_zeroed_page(GFP_ATOMIC);
2910 *pte = iommu_virt_to_phys(root) | GCR3_VALID;
2913 root = iommu_phys_to_virt(*pte & PAGE_MASK);
2921 static int __set_gcr3(struct protection_domain *domain, int pasid,
2926 if (domain->mode != PAGE_MODE_NONE)
2929 pte = __get_gcr3_pte(domain->gcr3_tbl, domain->glx, pasid, true);
2933 *pte = (cr3 & PAGE_MASK) | GCR3_VALID;
2935 return __amd_iommu_flush_tlb(domain, pasid);
2938 static int __clear_gcr3(struct protection_domain *domain, int pasid)
2942 if (domain->mode != PAGE_MODE_NONE)
2945 pte = __get_gcr3_pte(domain->gcr3_tbl, domain->glx, pasid, false);
2951 return __amd_iommu_flush_tlb(domain, pasid);
2954 int amd_iommu_domain_set_gcr3(struct iommu_domain *dom, int pasid,
2957 struct protection_domain *domain = to_pdomain(dom);
2958 unsigned long flags;
2961 spin_lock_irqsave(&domain->lock, flags);
2962 ret = __set_gcr3(domain, pasid, cr3);
2963 spin_unlock_irqrestore(&domain->lock, flags);
2967 EXPORT_SYMBOL(amd_iommu_domain_set_gcr3);
2969 int amd_iommu_domain_clear_gcr3(struct iommu_domain *dom, int pasid)
2971 struct protection_domain *domain = to_pdomain(dom);
2972 unsigned long flags;
2975 spin_lock_irqsave(&domain->lock, flags);
2976 ret = __clear_gcr3(domain, pasid);
2977 spin_unlock_irqrestore(&domain->lock, flags);
2981 EXPORT_SYMBOL(amd_iommu_domain_clear_gcr3);
2983 int amd_iommu_complete_ppr(struct pci_dev *pdev, int pasid,
2984 int status, int tag)
2986 struct iommu_dev_data *dev_data;
2987 struct amd_iommu *iommu;
2988 struct iommu_cmd cmd;
2990 dev_data = get_dev_data(&pdev->dev);
2991 iommu = amd_iommu_rlookup_table[dev_data->devid];
2993 build_complete_ppr(&cmd, dev_data->devid, pasid, status,
2994 tag, dev_data->pri_tlp);
2996 return iommu_queue_command(iommu, &cmd);
2998 EXPORT_SYMBOL(amd_iommu_complete_ppr);
3000 struct iommu_domain *amd_iommu_get_v2_domain(struct pci_dev *pdev)
3002 struct protection_domain *pdomain;
3003 struct iommu_domain *io_domain;
3004 struct device *dev = &pdev->dev;
3006 if (!check_device(dev))
3009 pdomain = get_dev_data(dev)->domain;
3010 if (pdomain == NULL && get_dev_data(dev)->defer_attach) {
3011 get_dev_data(dev)->defer_attach = false;
3012 io_domain = iommu_get_domain_for_dev(dev);
3013 pdomain = to_pdomain(io_domain);
3014 attach_device(dev, pdomain);
3016 if (pdomain == NULL)
3019 if (!dma_ops_domain(pdomain))
3022 /* Only return IOMMUv2 domains */
3023 if (!(pdomain->flags & PD_IOMMUV2_MASK))
3026 return &pdomain->domain;
3028 EXPORT_SYMBOL(amd_iommu_get_v2_domain);
3030 void amd_iommu_enable_device_erratum(struct pci_dev *pdev, u32 erratum)
3032 struct iommu_dev_data *dev_data;
3034 if (!amd_iommu_v2_supported())
3037 dev_data = get_dev_data(&pdev->dev);
3038 dev_data->errata |= (1 << erratum);
3040 EXPORT_SYMBOL(amd_iommu_enable_device_erratum);
3042 int amd_iommu_device_info(struct pci_dev *pdev,
3043 struct amd_iommu_device_info *info)
3048 if (pdev == NULL || info == NULL)
3051 if (!amd_iommu_v2_supported())
3054 memset(info, 0, sizeof(*info));
3056 if (!pci_ats_disabled()) {
3057 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_ATS);
3059 info->flags |= AMD_IOMMU_DEVICE_FLAG_ATS_SUP;
3062 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PRI);
3064 info->flags |= AMD_IOMMU_DEVICE_FLAG_PRI_SUP;
3066 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PASID);
3070 max_pasids = 1 << (9 * (amd_iommu_max_glx_val + 1));
3071 max_pasids = min(max_pasids, (1 << 20));
3073 info->flags |= AMD_IOMMU_DEVICE_FLAG_PASID_SUP;
3074 info->max_pasids = min(pci_max_pasids(pdev), max_pasids);
3076 features = pci_pasid_features(pdev);
3077 if (features & PCI_PASID_CAP_EXEC)
3078 info->flags |= AMD_IOMMU_DEVICE_FLAG_EXEC_SUP;
3079 if (features & PCI_PASID_CAP_PRIV)
3080 info->flags |= AMD_IOMMU_DEVICE_FLAG_PRIV_SUP;
3085 EXPORT_SYMBOL(amd_iommu_device_info);
3087 #ifdef CONFIG_IRQ_REMAP
3089 /*****************************************************************************
3091 * Interrupt Remapping Implementation
3093 *****************************************************************************/
3095 static struct irq_chip amd_ir_chip;
3096 static DEFINE_SPINLOCK(iommu_table_lock);
3098 static void set_dte_irq_entry(u16 devid, struct irq_remap_table *table)
3102 dte = amd_iommu_dev_table[devid].data[2];
3103 dte &= ~DTE_IRQ_PHYS_ADDR_MASK;
3104 dte |= iommu_virt_to_phys(table->table);
3105 dte |= DTE_IRQ_REMAP_INTCTL;
3106 dte |= DTE_IRQ_TABLE_LEN;
3107 dte |= DTE_IRQ_REMAP_ENABLE;
3109 amd_iommu_dev_table[devid].data[2] = dte;
3112 static struct irq_remap_table *get_irq_table(u16 devid)
3114 struct irq_remap_table *table;
3116 if (WARN_ONCE(!amd_iommu_rlookup_table[devid],
3117 "%s: no iommu for devid %x\n", __func__, devid))
3120 table = irq_lookup_table[devid];
3121 if (WARN_ONCE(!table, "%s: no table for devid %x\n", __func__, devid))
3127 static struct irq_remap_table *__alloc_irq_table(void)
3129 struct irq_remap_table *table;
3131 table = kzalloc(sizeof(*table), GFP_KERNEL);
3135 table->table = kmem_cache_alloc(amd_iommu_irq_cache, GFP_KERNEL);
3136 if (!table->table) {
3140 raw_spin_lock_init(&table->lock);
3142 if (!AMD_IOMMU_GUEST_IR_GA(amd_iommu_guest_ir))
3143 memset(table->table, 0,
3144 MAX_IRQS_PER_TABLE * sizeof(u32));
3146 memset(table->table, 0,
3147 (MAX_IRQS_PER_TABLE * (sizeof(u64) * 2)));
3151 static void set_remap_table_entry(struct amd_iommu *iommu, u16 devid,
3152 struct irq_remap_table *table)
3154 irq_lookup_table[devid] = table;
3155 set_dte_irq_entry(devid, table);
3156 iommu_flush_dte(iommu, devid);
3159 static int set_remap_table_entry_alias(struct pci_dev *pdev, u16 alias,
3162 struct irq_remap_table *table = data;
3164 irq_lookup_table[alias] = table;
3165 set_dte_irq_entry(alias, table);
3167 iommu_flush_dte(amd_iommu_rlookup_table[alias], alias);
3172 static struct irq_remap_table *alloc_irq_table(u16 devid, struct pci_dev *pdev)
3174 struct irq_remap_table *table = NULL;
3175 struct irq_remap_table *new_table = NULL;
3176 struct amd_iommu *iommu;
3177 unsigned long flags;
3180 spin_lock_irqsave(&iommu_table_lock, flags);
3182 iommu = amd_iommu_rlookup_table[devid];
3186 table = irq_lookup_table[devid];
3190 alias = amd_iommu_alias_table[devid];
3191 table = irq_lookup_table[alias];
3193 set_remap_table_entry(iommu, devid, table);
3196 spin_unlock_irqrestore(&iommu_table_lock, flags);
3198 /* Nothing there yet, allocate new irq remapping table */
3199 new_table = __alloc_irq_table();
3203 spin_lock_irqsave(&iommu_table_lock, flags);
3205 table = irq_lookup_table[devid];
3209 table = irq_lookup_table[alias];
3211 set_remap_table_entry(iommu, devid, table);
3219 pci_for_each_dma_alias(pdev, set_remap_table_entry_alias,
3222 set_remap_table_entry(iommu, devid, table);
3225 set_remap_table_entry(iommu, alias, table);
3228 iommu_completion_wait(iommu);
3231 spin_unlock_irqrestore(&iommu_table_lock, flags);
3234 kmem_cache_free(amd_iommu_irq_cache, new_table->table);
3240 static int alloc_irq_index(u16 devid, int count, bool align,
3241 struct pci_dev *pdev)
3243 struct irq_remap_table *table;
3244 int index, c, alignment = 1;
3245 unsigned long flags;
3246 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
3251 table = alloc_irq_table(devid, pdev);
3256 alignment = roundup_pow_of_two(count);
3258 raw_spin_lock_irqsave(&table->lock, flags);
3260 /* Scan table for free entries */
3261 for (index = ALIGN(table->min_index, alignment), c = 0;
3262 index < MAX_IRQS_PER_TABLE;) {
3263 if (!iommu->irte_ops->is_allocated(table, index)) {
3267 index = ALIGN(index + 1, alignment);
3273 iommu->irte_ops->set_allocated(table, index - c + 1);
3285 raw_spin_unlock_irqrestore(&table->lock, flags);
3290 static int modify_irte_ga(u16 devid, int index, struct irte_ga *irte,
3291 struct amd_ir_data *data)
3293 struct irq_remap_table *table;
3294 struct amd_iommu *iommu;
3295 unsigned long flags;
3296 struct irte_ga *entry;
3298 iommu = amd_iommu_rlookup_table[devid];
3302 table = get_irq_table(devid);
3306 raw_spin_lock_irqsave(&table->lock, flags);
3308 entry = (struct irte_ga *)table->table;
3309 entry = &entry[index];
3310 entry->lo.fields_remap.valid = 0;
3311 entry->hi.val = irte->hi.val;
3312 entry->lo.val = irte->lo.val;
3313 entry->lo.fields_remap.valid = 1;
3317 raw_spin_unlock_irqrestore(&table->lock, flags);
3319 iommu_flush_irt(iommu, devid);
3320 iommu_completion_wait(iommu);
3325 static int modify_irte(u16 devid, int index, union irte *irte)
3327 struct irq_remap_table *table;
3328 struct amd_iommu *iommu;
3329 unsigned long flags;
3331 iommu = amd_iommu_rlookup_table[devid];
3335 table = get_irq_table(devid);
3339 raw_spin_lock_irqsave(&table->lock, flags);
3340 table->table[index] = irte->val;
3341 raw_spin_unlock_irqrestore(&table->lock, flags);
3343 iommu_flush_irt(iommu, devid);
3344 iommu_completion_wait(iommu);
3349 static void free_irte(u16 devid, int index)
3351 struct irq_remap_table *table;
3352 struct amd_iommu *iommu;
3353 unsigned long flags;
3355 iommu = amd_iommu_rlookup_table[devid];
3359 table = get_irq_table(devid);
3363 raw_spin_lock_irqsave(&table->lock, flags);
3364 iommu->irte_ops->clear_allocated(table, index);
3365 raw_spin_unlock_irqrestore(&table->lock, flags);
3367 iommu_flush_irt(iommu, devid);
3368 iommu_completion_wait(iommu);
3371 static void irte_prepare(void *entry,
3372 u32 delivery_mode, u32 dest_mode,
3373 u8 vector, u32 dest_apicid, int devid)
3375 union irte *irte = (union irte *) entry;
3378 irte->fields.vector = vector;
3379 irte->fields.int_type = delivery_mode;
3380 irte->fields.destination = dest_apicid;
3381 irte->fields.dm = dest_mode;
3382 irte->fields.valid = 1;
3385 static void irte_ga_prepare(void *entry,
3386 u32 delivery_mode, u32 dest_mode,
3387 u8 vector, u32 dest_apicid, int devid)
3389 struct irte_ga *irte = (struct irte_ga *) entry;
3393 irte->lo.fields_remap.int_type = delivery_mode;
3394 irte->lo.fields_remap.dm = dest_mode;
3395 irte->hi.fields.vector = vector;
3396 irte->lo.fields_remap.destination = APICID_TO_IRTE_DEST_LO(dest_apicid);
3397 irte->hi.fields.destination = APICID_TO_IRTE_DEST_HI(dest_apicid);
3398 irte->lo.fields_remap.valid = 1;
3401 static void irte_activate(void *entry, u16 devid, u16 index)
3403 union irte *irte = (union irte *) entry;
3405 irte->fields.valid = 1;
3406 modify_irte(devid, index, irte);
3409 static void irte_ga_activate(void *entry, u16 devid, u16 index)
3411 struct irte_ga *irte = (struct irte_ga *) entry;
3413 irte->lo.fields_remap.valid = 1;
3414 modify_irte_ga(devid, index, irte, NULL);
3417 static void irte_deactivate(void *entry, u16 devid, u16 index)
3419 union irte *irte = (union irte *) entry;
3421 irte->fields.valid = 0;
3422 modify_irte(devid, index, irte);
3425 static void irte_ga_deactivate(void *entry, u16 devid, u16 index)
3427 struct irte_ga *irte = (struct irte_ga *) entry;
3429 irte->lo.fields_remap.valid = 0;
3430 modify_irte_ga(devid, index, irte, NULL);
3433 static void irte_set_affinity(void *entry, u16 devid, u16 index,
3434 u8 vector, u32 dest_apicid)
3436 union irte *irte = (union irte *) entry;
3438 irte->fields.vector = vector;
3439 irte->fields.destination = dest_apicid;
3440 modify_irte(devid, index, irte);
3443 static void irte_ga_set_affinity(void *entry, u16 devid, u16 index,
3444 u8 vector, u32 dest_apicid)
3446 struct irte_ga *irte = (struct irte_ga *) entry;
3448 if (!irte->lo.fields_remap.guest_mode) {
3449 irte->hi.fields.vector = vector;
3450 irte->lo.fields_remap.destination =
3451 APICID_TO_IRTE_DEST_LO(dest_apicid);
3452 irte->hi.fields.destination =
3453 APICID_TO_IRTE_DEST_HI(dest_apicid);
3454 modify_irte_ga(devid, index, irte, NULL);
3458 #define IRTE_ALLOCATED (~1U)
3459 static void irte_set_allocated(struct irq_remap_table *table, int index)
3461 table->table[index] = IRTE_ALLOCATED;
3464 static void irte_ga_set_allocated(struct irq_remap_table *table, int index)
3466 struct irte_ga *ptr = (struct irte_ga *)table->table;
3467 struct irte_ga *irte = &ptr[index];
3469 memset(&irte->lo.val, 0, sizeof(u64));
3470 memset(&irte->hi.val, 0, sizeof(u64));
3471 irte->hi.fields.vector = 0xff;
3474 static bool irte_is_allocated(struct irq_remap_table *table, int index)
3476 union irte *ptr = (union irte *)table->table;
3477 union irte *irte = &ptr[index];
3479 return irte->val != 0;
3482 static bool irte_ga_is_allocated(struct irq_remap_table *table, int index)
3484 struct irte_ga *ptr = (struct irte_ga *)table->table;
3485 struct irte_ga *irte = &ptr[index];
3487 return irte->hi.fields.vector != 0;
3490 static void irte_clear_allocated(struct irq_remap_table *table, int index)
3492 table->table[index] = 0;
3495 static void irte_ga_clear_allocated(struct irq_remap_table *table, int index)
3497 struct irte_ga *ptr = (struct irte_ga *)table->table;
3498 struct irte_ga *irte = &ptr[index];
3500 memset(&irte->lo.val, 0, sizeof(u64));
3501 memset(&irte->hi.val, 0, sizeof(u64));
3504 static int get_devid(struct irq_alloc_info *info)
3508 switch (info->type) {
3509 case X86_IRQ_ALLOC_TYPE_IOAPIC:
3510 devid = get_ioapic_devid(info->ioapic_id);
3512 case X86_IRQ_ALLOC_TYPE_HPET:
3513 devid = get_hpet_devid(info->hpet_id);
3515 case X86_IRQ_ALLOC_TYPE_MSI:
3516 case X86_IRQ_ALLOC_TYPE_MSIX:
3517 devid = get_device_id(&info->msi_dev->dev);
3527 static struct irq_domain *get_ir_irq_domain(struct irq_alloc_info *info)
3529 struct amd_iommu *iommu;
3535 devid = get_devid(info);
3537 iommu = amd_iommu_rlookup_table[devid];
3539 return iommu->ir_domain;
3545 static struct irq_domain *get_irq_domain(struct irq_alloc_info *info)
3547 struct amd_iommu *iommu;
3553 switch (info->type) {
3554 case X86_IRQ_ALLOC_TYPE_MSI:
3555 case X86_IRQ_ALLOC_TYPE_MSIX:
3556 devid = get_device_id(&info->msi_dev->dev);
3560 iommu = amd_iommu_rlookup_table[devid];
3562 return iommu->msi_domain;
3571 struct irq_remap_ops amd_iommu_irq_ops = {
3572 .prepare = amd_iommu_prepare,
3573 .enable = amd_iommu_enable,
3574 .disable = amd_iommu_disable,
3575 .reenable = amd_iommu_reenable,
3576 .enable_faulting = amd_iommu_enable_faulting,
3577 .get_ir_irq_domain = get_ir_irq_domain,
3578 .get_irq_domain = get_irq_domain,
3581 static void irq_remapping_prepare_irte(struct amd_ir_data *data,
3582 struct irq_cfg *irq_cfg,
3583 struct irq_alloc_info *info,
3584 int devid, int index, int sub_handle)
3586 struct irq_2_irte *irte_info = &data->irq_2_irte;
3587 struct msi_msg *msg = &data->msi_entry;
3588 struct IO_APIC_route_entry *entry;
3589 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
3594 data->irq_2_irte.devid = devid;
3595 data->irq_2_irte.index = index + sub_handle;
3596 iommu->irte_ops->prepare(data->entry, apic->irq_delivery_mode,
3597 apic->irq_dest_mode, irq_cfg->vector,
3598 irq_cfg->dest_apicid, devid);
3600 switch (info->type) {
3601 case X86_IRQ_ALLOC_TYPE_IOAPIC:
3602 /* Setup IOAPIC entry */
3603 entry = info->ioapic_entry;
3604 info->ioapic_entry = NULL;
3605 memset(entry, 0, sizeof(*entry));
3606 entry->vector = index;
3608 entry->trigger = info->ioapic_trigger;
3609 entry->polarity = info->ioapic_polarity;
3610 /* Mask level triggered irqs. */
3611 if (info->ioapic_trigger)
3615 case X86_IRQ_ALLOC_TYPE_HPET:
3616 case X86_IRQ_ALLOC_TYPE_MSI:
3617 case X86_IRQ_ALLOC_TYPE_MSIX:
3618 msg->address_hi = MSI_ADDR_BASE_HI;
3619 msg->address_lo = MSI_ADDR_BASE_LO;
3620 msg->data = irte_info->index;
3629 struct amd_irte_ops irte_32_ops = {
3630 .prepare = irte_prepare,
3631 .activate = irte_activate,
3632 .deactivate = irte_deactivate,
3633 .set_affinity = irte_set_affinity,
3634 .set_allocated = irte_set_allocated,
3635 .is_allocated = irte_is_allocated,
3636 .clear_allocated = irte_clear_allocated,
3639 struct amd_irte_ops irte_128_ops = {
3640 .prepare = irte_ga_prepare,
3641 .activate = irte_ga_activate,
3642 .deactivate = irte_ga_deactivate,
3643 .set_affinity = irte_ga_set_affinity,
3644 .set_allocated = irte_ga_set_allocated,
3645 .is_allocated = irte_ga_is_allocated,
3646 .clear_allocated = irte_ga_clear_allocated,
3649 static int irq_remapping_alloc(struct irq_domain *domain, unsigned int virq,
3650 unsigned int nr_irqs, void *arg)
3652 struct irq_alloc_info *info = arg;
3653 struct irq_data *irq_data;
3654 struct amd_ir_data *data = NULL;
3655 struct irq_cfg *cfg;
3661 if (nr_irqs > 1 && info->type != X86_IRQ_ALLOC_TYPE_MSI &&
3662 info->type != X86_IRQ_ALLOC_TYPE_MSIX)
3666 * With IRQ remapping enabled, don't need contiguous CPU vectors
3667 * to support multiple MSI interrupts.
3669 if (info->type == X86_IRQ_ALLOC_TYPE_MSI)
3670 info->flags &= ~X86_IRQ_ALLOC_CONTIGUOUS_VECTORS;
3672 devid = get_devid(info);
3676 ret = irq_domain_alloc_irqs_parent(domain, virq, nr_irqs, arg);
3680 if (info->type == X86_IRQ_ALLOC_TYPE_IOAPIC) {
3681 struct irq_remap_table *table;
3682 struct amd_iommu *iommu;
3684 table = alloc_irq_table(devid, NULL);
3686 if (!table->min_index) {
3688 * Keep the first 32 indexes free for IOAPIC
3691 table->min_index = 32;
3692 iommu = amd_iommu_rlookup_table[devid];
3693 for (i = 0; i < 32; ++i)
3694 iommu->irte_ops->set_allocated(table, i);
3696 WARN_ON(table->min_index != 32);
3697 index = info->ioapic_pin;
3701 } else if (info->type == X86_IRQ_ALLOC_TYPE_MSI ||
3702 info->type == X86_IRQ_ALLOC_TYPE_MSIX) {
3703 bool align = (info->type == X86_IRQ_ALLOC_TYPE_MSI);
3705 index = alloc_irq_index(devid, nr_irqs, align, info->msi_dev);
3707 index = alloc_irq_index(devid, nr_irqs, false, NULL);
3711 pr_warn("Failed to allocate IRTE\n");
3713 goto out_free_parent;
3716 for (i = 0; i < nr_irqs; i++) {
3717 irq_data = irq_domain_get_irq_data(domain, virq + i);
3718 cfg = irqd_cfg(irq_data);
3719 if (!irq_data || !cfg) {
3725 data = kzalloc(sizeof(*data), GFP_KERNEL);
3729 if (!AMD_IOMMU_GUEST_IR_GA(amd_iommu_guest_ir))
3730 data->entry = kzalloc(sizeof(union irte), GFP_KERNEL);
3732 data->entry = kzalloc(sizeof(struct irte_ga),
3739 irq_data->hwirq = (devid << 16) + i;
3740 irq_data->chip_data = data;
3741 irq_data->chip = &amd_ir_chip;
3742 irq_remapping_prepare_irte(data, cfg, info, devid, index, i);
3743 irq_set_status_flags(virq + i, IRQ_MOVE_PCNTXT);
3749 for (i--; i >= 0; i--) {
3750 irq_data = irq_domain_get_irq_data(domain, virq + i);
3752 kfree(irq_data->chip_data);
3754 for (i = 0; i < nr_irqs; i++)
3755 free_irte(devid, index + i);
3757 irq_domain_free_irqs_common(domain, virq, nr_irqs);
3761 static void irq_remapping_free(struct irq_domain *domain, unsigned int virq,
3762 unsigned int nr_irqs)
3764 struct irq_2_irte *irte_info;
3765 struct irq_data *irq_data;
3766 struct amd_ir_data *data;
3769 for (i = 0; i < nr_irqs; i++) {
3770 irq_data = irq_domain_get_irq_data(domain, virq + i);
3771 if (irq_data && irq_data->chip_data) {
3772 data = irq_data->chip_data;
3773 irte_info = &data->irq_2_irte;
3774 free_irte(irte_info->devid, irte_info->index);
3779 irq_domain_free_irqs_common(domain, virq, nr_irqs);
3782 static void amd_ir_update_irte(struct irq_data *irqd, struct amd_iommu *iommu,
3783 struct amd_ir_data *ir_data,
3784 struct irq_2_irte *irte_info,
3785 struct irq_cfg *cfg);
3787 static int irq_remapping_activate(struct irq_domain *domain,
3788 struct irq_data *irq_data, bool reserve)
3790 struct amd_ir_data *data = irq_data->chip_data;
3791 struct irq_2_irte *irte_info = &data->irq_2_irte;
3792 struct amd_iommu *iommu = amd_iommu_rlookup_table[irte_info->devid];
3793 struct irq_cfg *cfg = irqd_cfg(irq_data);
3798 iommu->irte_ops->activate(data->entry, irte_info->devid,
3800 amd_ir_update_irte(irq_data, iommu, data, irte_info, cfg);
3804 static void irq_remapping_deactivate(struct irq_domain *domain,
3805 struct irq_data *irq_data)
3807 struct amd_ir_data *data = irq_data->chip_data;
3808 struct irq_2_irte *irte_info = &data->irq_2_irte;
3809 struct amd_iommu *iommu = amd_iommu_rlookup_table[irte_info->devid];
3812 iommu->irte_ops->deactivate(data->entry, irte_info->devid,
3816 static const struct irq_domain_ops amd_ir_domain_ops = {
3817 .alloc = irq_remapping_alloc,
3818 .free = irq_remapping_free,
3819 .activate = irq_remapping_activate,
3820 .deactivate = irq_remapping_deactivate,
3823 int amd_iommu_activate_guest_mode(void *data)
3825 struct amd_ir_data *ir_data = (struct amd_ir_data *)data;
3826 struct irte_ga *entry = (struct irte_ga *) ir_data->entry;
3828 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) ||
3829 !entry || entry->lo.fields_vapic.guest_mode)
3835 entry->lo.fields_vapic.guest_mode = 1;
3836 entry->lo.fields_vapic.ga_log_intr = 1;
3837 entry->hi.fields.ga_root_ptr = ir_data->ga_root_ptr;
3838 entry->hi.fields.vector = ir_data->ga_vector;
3839 entry->lo.fields_vapic.ga_tag = ir_data->ga_tag;
3841 return modify_irte_ga(ir_data->irq_2_irte.devid,
3842 ir_data->irq_2_irte.index, entry, NULL);
3844 EXPORT_SYMBOL(amd_iommu_activate_guest_mode);
3846 int amd_iommu_deactivate_guest_mode(void *data)
3848 struct amd_ir_data *ir_data = (struct amd_ir_data *)data;
3849 struct irte_ga *entry = (struct irte_ga *) ir_data->entry;
3850 struct irq_cfg *cfg = ir_data->cfg;
3852 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) ||
3853 !entry || !entry->lo.fields_vapic.guest_mode)
3859 entry->lo.fields_remap.dm = apic->irq_dest_mode;
3860 entry->lo.fields_remap.int_type = apic->irq_delivery_mode;
3861 entry->hi.fields.vector = cfg->vector;
3862 entry->lo.fields_remap.destination =
3863 APICID_TO_IRTE_DEST_LO(cfg->dest_apicid);
3864 entry->hi.fields.destination =
3865 APICID_TO_IRTE_DEST_HI(cfg->dest_apicid);
3867 return modify_irte_ga(ir_data->irq_2_irte.devid,
3868 ir_data->irq_2_irte.index, entry, NULL);
3870 EXPORT_SYMBOL(amd_iommu_deactivate_guest_mode);
3872 static int amd_ir_set_vcpu_affinity(struct irq_data *data, void *vcpu_info)
3875 struct amd_iommu *iommu;
3876 struct amd_iommu_pi_data *pi_data = vcpu_info;
3877 struct vcpu_data *vcpu_pi_info = pi_data->vcpu_data;
3878 struct amd_ir_data *ir_data = data->chip_data;
3879 struct irq_2_irte *irte_info = &ir_data->irq_2_irte;
3880 struct iommu_dev_data *dev_data = search_dev_data(irte_info->devid);
3883 * This device has never been set up for guest mode.
3884 * we should not modify the IRTE
3886 if (!dev_data || !dev_data->use_vapic)
3889 ir_data->cfg = irqd_cfg(data);
3890 pi_data->ir_data = ir_data;
3893 * SVM tries to set up for VAPIC mode, but we are in
3894 * legacy mode. So, we force legacy mode instead.
3896 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir)) {
3897 pr_debug("%s: Fall back to using intr legacy remap\n",
3899 pi_data->is_guest_mode = false;
3902 iommu = amd_iommu_rlookup_table[irte_info->devid];
3906 pi_data->prev_ga_tag = ir_data->cached_ga_tag;
3907 if (pi_data->is_guest_mode) {
3908 ir_data->ga_root_ptr = (pi_data->base >> 12);
3909 ir_data->ga_vector = vcpu_pi_info->vector;
3910 ir_data->ga_tag = pi_data->ga_tag;
3911 ret = amd_iommu_activate_guest_mode(ir_data);
3913 ir_data->cached_ga_tag = pi_data->ga_tag;
3915 ret = amd_iommu_deactivate_guest_mode(ir_data);
3918 * This communicates the ga_tag back to the caller
3919 * so that it can do all the necessary clean up.
3922 ir_data->cached_ga_tag = 0;
3929 static void amd_ir_update_irte(struct irq_data *irqd, struct amd_iommu *iommu,
3930 struct amd_ir_data *ir_data,
3931 struct irq_2_irte *irte_info,
3932 struct irq_cfg *cfg)
3936 * Atomically updates the IRTE with the new destination, vector
3937 * and flushes the interrupt entry cache.
3939 iommu->irte_ops->set_affinity(ir_data->entry, irte_info->devid,
3940 irte_info->index, cfg->vector,
3944 static int amd_ir_set_affinity(struct irq_data *data,
3945 const struct cpumask *mask, bool force)
3947 struct amd_ir_data *ir_data = data->chip_data;
3948 struct irq_2_irte *irte_info = &ir_data->irq_2_irte;
3949 struct irq_cfg *cfg = irqd_cfg(data);
3950 struct irq_data *parent = data->parent_data;
3951 struct amd_iommu *iommu = amd_iommu_rlookup_table[irte_info->devid];
3957 ret = parent->chip->irq_set_affinity(parent, mask, force);
3958 if (ret < 0 || ret == IRQ_SET_MASK_OK_DONE)
3961 amd_ir_update_irte(data, iommu, ir_data, irte_info, cfg);
3963 * After this point, all the interrupts will start arriving
3964 * at the new destination. So, time to cleanup the previous
3965 * vector allocation.
3967 send_cleanup_vector(cfg);
3969 return IRQ_SET_MASK_OK_DONE;
3972 static void ir_compose_msi_msg(struct irq_data *irq_data, struct msi_msg *msg)
3974 struct amd_ir_data *ir_data = irq_data->chip_data;
3976 *msg = ir_data->msi_entry;
3979 static struct irq_chip amd_ir_chip = {
3981 .irq_ack = apic_ack_irq,
3982 .irq_set_affinity = amd_ir_set_affinity,
3983 .irq_set_vcpu_affinity = amd_ir_set_vcpu_affinity,
3984 .irq_compose_msi_msg = ir_compose_msi_msg,
3987 int amd_iommu_create_irq_domain(struct amd_iommu *iommu)
3989 struct fwnode_handle *fn;
3991 fn = irq_domain_alloc_named_id_fwnode("AMD-IR", iommu->index);
3994 iommu->ir_domain = irq_domain_create_tree(fn, &amd_ir_domain_ops, iommu);
3995 irq_domain_free_fwnode(fn);
3996 if (!iommu->ir_domain)
3999 iommu->ir_domain->parent = arch_get_ir_parent_domain();
4000 iommu->msi_domain = arch_create_remap_msi_irq_domain(iommu->ir_domain,
4006 int amd_iommu_update_ga(int cpu, bool is_run, void *data)
4008 unsigned long flags;
4009 struct amd_iommu *iommu;
4010 struct irq_remap_table *table;
4011 struct amd_ir_data *ir_data = (struct amd_ir_data *)data;
4012 int devid = ir_data->irq_2_irte.devid;
4013 struct irte_ga *entry = (struct irte_ga *) ir_data->entry;
4014 struct irte_ga *ref = (struct irte_ga *) ir_data->ref;
4016 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) ||
4017 !ref || !entry || !entry->lo.fields_vapic.guest_mode)
4020 iommu = amd_iommu_rlookup_table[devid];
4024 table = get_irq_table(devid);
4028 raw_spin_lock_irqsave(&table->lock, flags);
4030 if (ref->lo.fields_vapic.guest_mode) {
4032 ref->lo.fields_vapic.destination =
4033 APICID_TO_IRTE_DEST_LO(cpu);
4034 ref->hi.fields.destination =
4035 APICID_TO_IRTE_DEST_HI(cpu);
4037 ref->lo.fields_vapic.is_run = is_run;
4041 raw_spin_unlock_irqrestore(&table->lock, flags);
4043 iommu_flush_irt(iommu, devid);
4044 iommu_completion_wait(iommu);
4047 EXPORT_SYMBOL(amd_iommu_update_ga);
projects / linux.git / blob