1 // SPDX-License-Identifier: GPL-2.0
3 * IOMMU API for ARM architected SMMUv3 implementations.
5 * Copyright (C) 2015 ARM Limited
7 * Author: Will Deacon <will.deacon@arm.com>
9 * This driver is powered by bad coffee and bombay mix.
12 #include <linux/acpi.h>
13 #include <linux/acpi_iort.h>
14 #include <linux/bitfield.h>
15 #include <linux/bitops.h>
16 #include <linux/crash_dump.h>
17 #include <linux/delay.h>
18 #include <linux/dma-iommu.h>
19 #include <linux/err.h>
20 #include <linux/interrupt.h>
21 #include <linux/io-pgtable.h>
22 #include <linux/iommu.h>
23 #include <linux/iopoll.h>
24 #include <linux/module.h>
25 #include <linux/msi.h>
27 #include <linux/of_address.h>
28 #include <linux/of_iommu.h>
29 #include <linux/of_platform.h>
30 #include <linux/pci.h>
31 #include <linux/pci-ats.h>
32 #include <linux/platform_device.h>
34 #include <linux/amba/bus.h>
37 #define ARM_SMMU_IDR0 0x0
38 #define IDR0_ST_LVL GENMASK(28, 27)
39 #define IDR0_ST_LVL_2LVL 1
40 #define IDR0_STALL_MODEL GENMASK(25, 24)
41 #define IDR0_STALL_MODEL_STALL 0
42 #define IDR0_STALL_MODEL_FORCE 2
43 #define IDR0_TTENDIAN GENMASK(22, 21)
44 #define IDR0_TTENDIAN_MIXED 0
45 #define IDR0_TTENDIAN_LE 2
46 #define IDR0_TTENDIAN_BE 3
47 #define IDR0_CD2L (1 << 19)
48 #define IDR0_VMID16 (1 << 18)
49 #define IDR0_PRI (1 << 16)
50 #define IDR0_SEV (1 << 14)
51 #define IDR0_MSI (1 << 13)
52 #define IDR0_ASID16 (1 << 12)
53 #define IDR0_ATS (1 << 10)
54 #define IDR0_HYP (1 << 9)
55 #define IDR0_COHACC (1 << 4)
56 #define IDR0_TTF GENMASK(3, 2)
57 #define IDR0_TTF_AARCH64 2
58 #define IDR0_TTF_AARCH32_64 3
59 #define IDR0_S1P (1 << 1)
60 #define IDR0_S2P (1 << 0)
62 #define ARM_SMMU_IDR1 0x4
63 #define IDR1_TABLES_PRESET (1 << 30)
64 #define IDR1_QUEUES_PRESET (1 << 29)
65 #define IDR1_REL (1 << 28)
66 #define IDR1_CMDQS GENMASK(25, 21)
67 #define IDR1_EVTQS GENMASK(20, 16)
68 #define IDR1_PRIQS GENMASK(15, 11)
69 #define IDR1_SSIDSIZE GENMASK(10, 6)
70 #define IDR1_SIDSIZE GENMASK(5, 0)
72 #define ARM_SMMU_IDR3 0xc
73 #define IDR3_RIL (1 << 10)
75 #define ARM_SMMU_IDR5 0x14
76 #define IDR5_STALL_MAX GENMASK(31, 16)
77 #define IDR5_GRAN64K (1 << 6)
78 #define IDR5_GRAN16K (1 << 5)
79 #define IDR5_GRAN4K (1 << 4)
80 #define IDR5_OAS GENMASK(2, 0)
81 #define IDR5_OAS_32_BIT 0
82 #define IDR5_OAS_36_BIT 1
83 #define IDR5_OAS_40_BIT 2
84 #define IDR5_OAS_42_BIT 3
85 #define IDR5_OAS_44_BIT 4
86 #define IDR5_OAS_48_BIT 5
87 #define IDR5_OAS_52_BIT 6
88 #define IDR5_VAX GENMASK(11, 10)
89 #define IDR5_VAX_52_BIT 1
91 #define ARM_SMMU_CR0 0x20
92 #define CR0_ATSCHK (1 << 4)
93 #define CR0_CMDQEN (1 << 3)
94 #define CR0_EVTQEN (1 << 2)
95 #define CR0_PRIQEN (1 << 1)
96 #define CR0_SMMUEN (1 << 0)
98 #define ARM_SMMU_CR0ACK 0x24
100 #define ARM_SMMU_CR1 0x28
101 #define CR1_TABLE_SH GENMASK(11, 10)
102 #define CR1_TABLE_OC GENMASK(9, 8)
103 #define CR1_TABLE_IC GENMASK(7, 6)
104 #define CR1_QUEUE_SH GENMASK(5, 4)
105 #define CR1_QUEUE_OC GENMASK(3, 2)
106 #define CR1_QUEUE_IC GENMASK(1, 0)
107 /* CR1 cacheability fields don't quite follow the usual TCR-style encoding */
108 #define CR1_CACHE_NC 0
109 #define CR1_CACHE_WB 1
110 #define CR1_CACHE_WT 2
112 #define ARM_SMMU_CR2 0x2c
113 #define CR2_PTM (1 << 2)
114 #define CR2_RECINVSID (1 << 1)
115 #define CR2_E2H (1 << 0)
117 #define ARM_SMMU_GBPA 0x44
118 #define GBPA_UPDATE (1 << 31)
119 #define GBPA_ABORT (1 << 20)
121 #define ARM_SMMU_IRQ_CTRL 0x50
122 #define IRQ_CTRL_EVTQ_IRQEN (1 << 2)
123 #define IRQ_CTRL_PRIQ_IRQEN (1 << 1)
124 #define IRQ_CTRL_GERROR_IRQEN (1 << 0)
126 #define ARM_SMMU_IRQ_CTRLACK 0x54
128 #define ARM_SMMU_GERROR 0x60
129 #define GERROR_SFM_ERR (1 << 8)
130 #define GERROR_MSI_GERROR_ABT_ERR (1 << 7)
131 #define GERROR_MSI_PRIQ_ABT_ERR (1 << 6)
132 #define GERROR_MSI_EVTQ_ABT_ERR (1 << 5)
133 #define GERROR_MSI_CMDQ_ABT_ERR (1 << 4)
134 #define GERROR_PRIQ_ABT_ERR (1 << 3)
135 #define GERROR_EVTQ_ABT_ERR (1 << 2)
136 #define GERROR_CMDQ_ERR (1 << 0)
137 #define GERROR_ERR_MASK 0xfd
139 #define ARM_SMMU_GERRORN 0x64
141 #define ARM_SMMU_GERROR_IRQ_CFG0 0x68
142 #define ARM_SMMU_GERROR_IRQ_CFG1 0x70
143 #define ARM_SMMU_GERROR_IRQ_CFG2 0x74
145 #define ARM_SMMU_STRTAB_BASE 0x80
146 #define STRTAB_BASE_RA (1UL << 62)
147 #define STRTAB_BASE_ADDR_MASK GENMASK_ULL(51, 6)
149 #define ARM_SMMU_STRTAB_BASE_CFG 0x88
150 #define STRTAB_BASE_CFG_FMT GENMASK(17, 16)
151 #define STRTAB_BASE_CFG_FMT_LINEAR 0
152 #define STRTAB_BASE_CFG_FMT_2LVL 1
153 #define STRTAB_BASE_CFG_SPLIT GENMASK(10, 6)
154 #define STRTAB_BASE_CFG_LOG2SIZE GENMASK(5, 0)
156 #define ARM_SMMU_CMDQ_BASE 0x90
157 #define ARM_SMMU_CMDQ_PROD 0x98
158 #define ARM_SMMU_CMDQ_CONS 0x9c
160 #define ARM_SMMU_EVTQ_BASE 0xa0
161 #define ARM_SMMU_EVTQ_PROD 0x100a8
162 #define ARM_SMMU_EVTQ_CONS 0x100ac
163 #define ARM_SMMU_EVTQ_IRQ_CFG0 0xb0
164 #define ARM_SMMU_EVTQ_IRQ_CFG1 0xb8
165 #define ARM_SMMU_EVTQ_IRQ_CFG2 0xbc
167 #define ARM_SMMU_PRIQ_BASE 0xc0
168 #define ARM_SMMU_PRIQ_PROD 0x100c8
169 #define ARM_SMMU_PRIQ_CONS 0x100cc
170 #define ARM_SMMU_PRIQ_IRQ_CFG0 0xd0
171 #define ARM_SMMU_PRIQ_IRQ_CFG1 0xd8
172 #define ARM_SMMU_PRIQ_IRQ_CFG2 0xdc
174 #define ARM_SMMU_REG_SZ 0xe00
176 /* Common MSI config fields */
177 #define MSI_CFG0_ADDR_MASK GENMASK_ULL(51, 2)
178 #define MSI_CFG2_SH GENMASK(5, 4)
179 #define MSI_CFG2_MEMATTR GENMASK(3, 0)
181 /* Common memory attribute values */
182 #define ARM_SMMU_SH_NSH 0
183 #define ARM_SMMU_SH_OSH 2
184 #define ARM_SMMU_SH_ISH 3
185 #define ARM_SMMU_MEMATTR_DEVICE_nGnRE 0x1
186 #define ARM_SMMU_MEMATTR_OIWB 0xf
188 #define Q_IDX(llq, p) ((p) & ((1 << (llq)->max_n_shift) - 1))
189 #define Q_WRP(llq, p) ((p) & (1 << (llq)->max_n_shift))
190 #define Q_OVERFLOW_FLAG (1U << 31)
191 #define Q_OVF(p) ((p) & Q_OVERFLOW_FLAG)
192 #define Q_ENT(q, p) ((q)->base + \
193 Q_IDX(&((q)->llq), p) * \
196 #define Q_BASE_RWA (1UL << 62)
197 #define Q_BASE_ADDR_MASK GENMASK_ULL(51, 5)
198 #define Q_BASE_LOG2SIZE GENMASK(4, 0)
200 /* Ensure DMA allocations are naturally aligned */
201 #ifdef CONFIG_CMA_ALIGNMENT
202 #define Q_MAX_SZ_SHIFT (PAGE_SHIFT + CONFIG_CMA_ALIGNMENT)
204 #define Q_MAX_SZ_SHIFT (PAGE_SHIFT + MAX_ORDER - 1)
210 * Linear: Enough to cover 1 << IDR1.SIDSIZE entries
211 * 2lvl: 128k L1 entries,
212 * 256 lazy entries per table (each table covers a PCI bus)
214 #define STRTAB_L1_SZ_SHIFT 20
215 #define STRTAB_SPLIT 8
217 #define STRTAB_L1_DESC_DWORDS 1
218 #define STRTAB_L1_DESC_SPAN GENMASK_ULL(4, 0)
219 #define STRTAB_L1_DESC_L2PTR_MASK GENMASK_ULL(51, 6)
221 #define STRTAB_STE_DWORDS 8
222 #define STRTAB_STE_0_V (1UL << 0)
223 #define STRTAB_STE_0_CFG GENMASK_ULL(3, 1)
224 #define STRTAB_STE_0_CFG_ABORT 0
225 #define STRTAB_STE_0_CFG_BYPASS 4
226 #define STRTAB_STE_0_CFG_S1_TRANS 5
227 #define STRTAB_STE_0_CFG_S2_TRANS 6
229 #define STRTAB_STE_0_S1FMT GENMASK_ULL(5, 4)
230 #define STRTAB_STE_0_S1FMT_LINEAR 0
231 #define STRTAB_STE_0_S1FMT_64K_L2 2
232 #define STRTAB_STE_0_S1CTXPTR_MASK GENMASK_ULL(51, 6)
233 #define STRTAB_STE_0_S1CDMAX GENMASK_ULL(63, 59)
235 #define STRTAB_STE_1_S1DSS GENMASK_ULL(1, 0)
236 #define STRTAB_STE_1_S1DSS_TERMINATE 0x0
237 #define STRTAB_STE_1_S1DSS_BYPASS 0x1
238 #define STRTAB_STE_1_S1DSS_SSID0 0x2
240 #define STRTAB_STE_1_S1C_CACHE_NC 0UL
241 #define STRTAB_STE_1_S1C_CACHE_WBRA 1UL
242 #define STRTAB_STE_1_S1C_CACHE_WT 2UL
243 #define STRTAB_STE_1_S1C_CACHE_WB 3UL
244 #define STRTAB_STE_1_S1CIR GENMASK_ULL(3, 2)
245 #define STRTAB_STE_1_S1COR GENMASK_ULL(5, 4)
246 #define STRTAB_STE_1_S1CSH GENMASK_ULL(7, 6)
248 #define STRTAB_STE_1_S1STALLD (1UL << 27)
250 #define STRTAB_STE_1_EATS GENMASK_ULL(29, 28)
251 #define STRTAB_STE_1_EATS_ABT 0UL
252 #define STRTAB_STE_1_EATS_TRANS 1UL
253 #define STRTAB_STE_1_EATS_S1CHK 2UL
255 #define STRTAB_STE_1_STRW GENMASK_ULL(31, 30)
256 #define STRTAB_STE_1_STRW_NSEL1 0UL
257 #define STRTAB_STE_1_STRW_EL2 2UL
259 #define STRTAB_STE_1_SHCFG GENMASK_ULL(45, 44)
260 #define STRTAB_STE_1_SHCFG_INCOMING 1UL
262 #define STRTAB_STE_2_S2VMID GENMASK_ULL(15, 0)
263 #define STRTAB_STE_2_VTCR GENMASK_ULL(50, 32)
264 #define STRTAB_STE_2_VTCR_S2T0SZ GENMASK_ULL(5, 0)
265 #define STRTAB_STE_2_VTCR_S2SL0 GENMASK_ULL(7, 6)
266 #define STRTAB_STE_2_VTCR_S2IR0 GENMASK_ULL(9, 8)
267 #define STRTAB_STE_2_VTCR_S2OR0 GENMASK_ULL(11, 10)
268 #define STRTAB_STE_2_VTCR_S2SH0 GENMASK_ULL(13, 12)
269 #define STRTAB_STE_2_VTCR_S2TG GENMASK_ULL(15, 14)
270 #define STRTAB_STE_2_VTCR_S2PS GENMASK_ULL(18, 16)
271 #define STRTAB_STE_2_S2AA64 (1UL << 51)
272 #define STRTAB_STE_2_S2ENDI (1UL << 52)
273 #define STRTAB_STE_2_S2PTW (1UL << 54)
274 #define STRTAB_STE_2_S2R (1UL << 58)
276 #define STRTAB_STE_3_S2TTB_MASK GENMASK_ULL(51, 4)
279 * Context descriptors.
281 * Linear: when less than 1024 SSIDs are supported
282 * 2lvl: at most 1024 L1 entries,
283 * 1024 lazy entries per table.
285 #define CTXDESC_SPLIT 10
286 #define CTXDESC_L2_ENTRIES (1 << CTXDESC_SPLIT)
288 #define CTXDESC_L1_DESC_DWORDS 1
289 #define CTXDESC_L1_DESC_V (1UL << 0)
290 #define CTXDESC_L1_DESC_L2PTR_MASK GENMASK_ULL(51, 12)
292 #define CTXDESC_CD_DWORDS 8
293 #define CTXDESC_CD_0_TCR_T0SZ GENMASK_ULL(5, 0)
294 #define CTXDESC_CD_0_TCR_TG0 GENMASK_ULL(7, 6)
295 #define CTXDESC_CD_0_TCR_IRGN0 GENMASK_ULL(9, 8)
296 #define CTXDESC_CD_0_TCR_ORGN0 GENMASK_ULL(11, 10)
297 #define CTXDESC_CD_0_TCR_SH0 GENMASK_ULL(13, 12)
298 #define CTXDESC_CD_0_TCR_EPD0 (1ULL << 14)
299 #define CTXDESC_CD_0_TCR_EPD1 (1ULL << 30)
301 #define CTXDESC_CD_0_ENDI (1UL << 15)
302 #define CTXDESC_CD_0_V (1UL << 31)
304 #define CTXDESC_CD_0_TCR_IPS GENMASK_ULL(34, 32)
305 #define CTXDESC_CD_0_TCR_TBI0 (1ULL << 38)
307 #define CTXDESC_CD_0_AA64 (1UL << 41)
308 #define CTXDESC_CD_0_S (1UL << 44)
309 #define CTXDESC_CD_0_R (1UL << 45)
310 #define CTXDESC_CD_0_A (1UL << 46)
311 #define CTXDESC_CD_0_ASET (1UL << 47)
312 #define CTXDESC_CD_0_ASID GENMASK_ULL(63, 48)
314 #define CTXDESC_CD_1_TTB0_MASK GENMASK_ULL(51, 4)
317 * When the SMMU only supports linear context descriptor tables, pick a
318 * reasonable size limit (64kB).
320 #define CTXDESC_LINEAR_CDMAX ilog2(SZ_64K / (CTXDESC_CD_DWORDS << 3))
323 #define CMDQ_ENT_SZ_SHIFT 4
324 #define CMDQ_ENT_DWORDS ((1 << CMDQ_ENT_SZ_SHIFT) >> 3)
325 #define CMDQ_MAX_SZ_SHIFT (Q_MAX_SZ_SHIFT - CMDQ_ENT_SZ_SHIFT)
327 #define CMDQ_CONS_ERR GENMASK(30, 24)
328 #define CMDQ_ERR_CERROR_NONE_IDX 0
329 #define CMDQ_ERR_CERROR_ILL_IDX 1
330 #define CMDQ_ERR_CERROR_ABT_IDX 2
331 #define CMDQ_ERR_CERROR_ATC_INV_IDX 3
333 #define CMDQ_PROD_OWNED_FLAG Q_OVERFLOW_FLAG
336 * This is used to size the command queue and therefore must be at least
337 * BITS_PER_LONG so that the valid_map works correctly (it relies on the
338 * total number of queue entries being a multiple of BITS_PER_LONG).
340 #define CMDQ_BATCH_ENTRIES BITS_PER_LONG
342 #define CMDQ_0_OP GENMASK_ULL(7, 0)
343 #define CMDQ_0_SSV (1UL << 11)
345 #define CMDQ_PREFETCH_0_SID GENMASK_ULL(63, 32)
346 #define CMDQ_PREFETCH_1_SIZE GENMASK_ULL(4, 0)
347 #define CMDQ_PREFETCH_1_ADDR_MASK GENMASK_ULL(63, 12)
349 #define CMDQ_CFGI_0_SSID GENMASK_ULL(31, 12)
350 #define CMDQ_CFGI_0_SID GENMASK_ULL(63, 32)
351 #define CMDQ_CFGI_1_LEAF (1UL << 0)
352 #define CMDQ_CFGI_1_RANGE GENMASK_ULL(4, 0)
354 #define CMDQ_TLBI_0_NUM GENMASK_ULL(16, 12)
355 #define CMDQ_TLBI_RANGE_NUM_MAX 31
356 #define CMDQ_TLBI_0_SCALE GENMASK_ULL(24, 20)
357 #define CMDQ_TLBI_0_VMID GENMASK_ULL(47, 32)
358 #define CMDQ_TLBI_0_ASID GENMASK_ULL(63, 48)
359 #define CMDQ_TLBI_1_LEAF (1UL << 0)
360 #define CMDQ_TLBI_1_TTL GENMASK_ULL(9, 8)
361 #define CMDQ_TLBI_1_TG GENMASK_ULL(11, 10)
362 #define CMDQ_TLBI_1_VA_MASK GENMASK_ULL(63, 12)
363 #define CMDQ_TLBI_1_IPA_MASK GENMASK_ULL(51, 12)
365 #define CMDQ_ATC_0_SSID GENMASK_ULL(31, 12)
366 #define CMDQ_ATC_0_SID GENMASK_ULL(63, 32)
367 #define CMDQ_ATC_0_GLOBAL (1UL << 9)
368 #define CMDQ_ATC_1_SIZE GENMASK_ULL(5, 0)
369 #define CMDQ_ATC_1_ADDR_MASK GENMASK_ULL(63, 12)
371 #define CMDQ_PRI_0_SSID GENMASK_ULL(31, 12)
372 #define CMDQ_PRI_0_SID GENMASK_ULL(63, 32)
373 #define CMDQ_PRI_1_GRPID GENMASK_ULL(8, 0)
374 #define CMDQ_PRI_1_RESP GENMASK_ULL(13, 12)
376 #define CMDQ_SYNC_0_CS GENMASK_ULL(13, 12)
377 #define CMDQ_SYNC_0_CS_NONE 0
378 #define CMDQ_SYNC_0_CS_IRQ 1
379 #define CMDQ_SYNC_0_CS_SEV 2
380 #define CMDQ_SYNC_0_MSH GENMASK_ULL(23, 22)
381 #define CMDQ_SYNC_0_MSIATTR GENMASK_ULL(27, 24)
382 #define CMDQ_SYNC_0_MSIDATA GENMASK_ULL(63, 32)
383 #define CMDQ_SYNC_1_MSIADDR_MASK GENMASK_ULL(51, 2)
386 #define EVTQ_ENT_SZ_SHIFT 5
387 #define EVTQ_ENT_DWORDS ((1 << EVTQ_ENT_SZ_SHIFT) >> 3)
388 #define EVTQ_MAX_SZ_SHIFT (Q_MAX_SZ_SHIFT - EVTQ_ENT_SZ_SHIFT)
390 #define EVTQ_0_ID GENMASK_ULL(7, 0)
393 #define PRIQ_ENT_SZ_SHIFT 4
394 #define PRIQ_ENT_DWORDS ((1 << PRIQ_ENT_SZ_SHIFT) >> 3)
395 #define PRIQ_MAX_SZ_SHIFT (Q_MAX_SZ_SHIFT - PRIQ_ENT_SZ_SHIFT)
397 #define PRIQ_0_SID GENMASK_ULL(31, 0)
398 #define PRIQ_0_SSID GENMASK_ULL(51, 32)
399 #define PRIQ_0_PERM_PRIV (1UL << 58)
400 #define PRIQ_0_PERM_EXEC (1UL << 59)
401 #define PRIQ_0_PERM_READ (1UL << 60)
402 #define PRIQ_0_PERM_WRITE (1UL << 61)
403 #define PRIQ_0_PRG_LAST (1UL << 62)
404 #define PRIQ_0_SSID_V (1UL << 63)
406 #define PRIQ_1_PRG_IDX GENMASK_ULL(8, 0)
407 #define PRIQ_1_ADDR_MASK GENMASK_ULL(63, 12)
409 /* High-level queue structures */
410 #define ARM_SMMU_POLL_TIMEOUT_US 1000000 /* 1s! */
411 #define ARM_SMMU_POLL_SPIN_COUNT 10
413 #define MSI_IOVA_BASE 0x8000000
414 #define MSI_IOVA_LENGTH 0x100000
416 static bool disable_bypass = 1;
417 module_param_named(disable_bypass, disable_bypass, bool, S_IRUGO);
418 MODULE_PARM_DESC(disable_bypass,
419 "Disable bypass streams such that incoming transactions from devices that are not attached to an iommu domain will report an abort back to the device and will not be allowed to pass through the SMMU.");
427 enum arm_smmu_msi_index {
434 static phys_addr_t arm_smmu_msi_cfg[ARM_SMMU_MAX_MSIS][3] = {
436 ARM_SMMU_EVTQ_IRQ_CFG0,
437 ARM_SMMU_EVTQ_IRQ_CFG1,
438 ARM_SMMU_EVTQ_IRQ_CFG2,
440 [GERROR_MSI_INDEX] = {
441 ARM_SMMU_GERROR_IRQ_CFG0,
442 ARM_SMMU_GERROR_IRQ_CFG1,
443 ARM_SMMU_GERROR_IRQ_CFG2,
446 ARM_SMMU_PRIQ_IRQ_CFG0,
447 ARM_SMMU_PRIQ_IRQ_CFG1,
448 ARM_SMMU_PRIQ_IRQ_CFG2,
452 struct arm_smmu_cmdq_ent {
455 bool substream_valid;
457 /* Command-specific fields */
459 #define CMDQ_OP_PREFETCH_CFG 0x1
466 #define CMDQ_OP_CFGI_STE 0x3
467 #define CMDQ_OP_CFGI_ALL 0x4
468 #define CMDQ_OP_CFGI_CD 0x5
469 #define CMDQ_OP_CFGI_CD_ALL 0x6
479 #define CMDQ_OP_TLBI_NH_ASID 0x11
480 #define CMDQ_OP_TLBI_NH_VA 0x12
481 #define CMDQ_OP_TLBI_EL2_ALL 0x20
482 #define CMDQ_OP_TLBI_S12_VMALL 0x28
483 #define CMDQ_OP_TLBI_S2_IPA 0x2a
484 #define CMDQ_OP_TLBI_NSNH_ALL 0x30
496 #define CMDQ_OP_ATC_INV 0x40
497 #define ATC_INV_SIZE_ALL 52
506 #define CMDQ_OP_PRI_RESP 0x41
514 #define CMDQ_OP_CMD_SYNC 0x46
521 struct arm_smmu_ll_queue {
532 u8 __pad[SMP_CACHE_BYTES];
533 } ____cacheline_aligned_in_smp;
537 struct arm_smmu_queue {
538 struct arm_smmu_ll_queue llq;
539 int irq; /* Wired interrupt */
547 u32 __iomem *prod_reg;
548 u32 __iomem *cons_reg;
551 struct arm_smmu_queue_poll {
554 unsigned int spin_cnt;
558 struct arm_smmu_cmdq {
559 struct arm_smmu_queue q;
560 atomic_long_t *valid_map;
565 struct arm_smmu_cmdq_batch {
566 u64 cmds[CMDQ_BATCH_ENTRIES * CMDQ_ENT_DWORDS];
570 struct arm_smmu_evtq {
571 struct arm_smmu_queue q;
575 struct arm_smmu_priq {
576 struct arm_smmu_queue q;
579 /* High-level stream table and context descriptor structures */
580 struct arm_smmu_strtab_l1_desc {
584 dma_addr_t l2ptr_dma;
587 struct arm_smmu_ctx_desc {
594 struct arm_smmu_l1_ctx_desc {
596 dma_addr_t l2ptr_dma;
599 struct arm_smmu_ctx_desc_cfg {
601 dma_addr_t cdtab_dma;
602 struct arm_smmu_l1_ctx_desc *l1_desc;
603 unsigned int num_l1_ents;
606 struct arm_smmu_s1_cfg {
607 struct arm_smmu_ctx_desc_cfg cdcfg;
608 struct arm_smmu_ctx_desc cd;
613 struct arm_smmu_s2_cfg {
619 struct arm_smmu_strtab_cfg {
621 dma_addr_t strtab_dma;
622 struct arm_smmu_strtab_l1_desc *l1_desc;
623 unsigned int num_l1_ents;
629 /* An SMMUv3 instance */
630 struct arm_smmu_device {
635 #define ARM_SMMU_FEAT_2_LVL_STRTAB (1 << 0)
636 #define ARM_SMMU_FEAT_2_LVL_CDTAB (1 << 1)
637 #define ARM_SMMU_FEAT_TT_LE (1 << 2)
638 #define ARM_SMMU_FEAT_TT_BE (1 << 3)
639 #define ARM_SMMU_FEAT_PRI (1 << 4)
640 #define ARM_SMMU_FEAT_ATS (1 << 5)
641 #define ARM_SMMU_FEAT_SEV (1 << 6)
642 #define ARM_SMMU_FEAT_MSI (1 << 7)
643 #define ARM_SMMU_FEAT_COHERENCY (1 << 8)
644 #define ARM_SMMU_FEAT_TRANS_S1 (1 << 9)
645 #define ARM_SMMU_FEAT_TRANS_S2 (1 << 10)
646 #define ARM_SMMU_FEAT_STALLS (1 << 11)
647 #define ARM_SMMU_FEAT_HYP (1 << 12)
648 #define ARM_SMMU_FEAT_STALL_FORCE (1 << 13)
649 #define ARM_SMMU_FEAT_VAX (1 << 14)
650 #define ARM_SMMU_FEAT_RANGE_INV (1 << 15)
653 #define ARM_SMMU_OPT_SKIP_PREFETCH (1 << 0)
654 #define ARM_SMMU_OPT_PAGE0_REGS_ONLY (1 << 1)
657 struct arm_smmu_cmdq cmdq;
658 struct arm_smmu_evtq evtq;
659 struct arm_smmu_priq priq;
664 unsigned long ias; /* IPA */
665 unsigned long oas; /* PA */
666 unsigned long pgsize_bitmap;
668 #define ARM_SMMU_MAX_ASIDS (1 << 16)
669 unsigned int asid_bits;
671 #define ARM_SMMU_MAX_VMIDS (1 << 16)
672 unsigned int vmid_bits;
673 DECLARE_BITMAP(vmid_map, ARM_SMMU_MAX_VMIDS);
675 unsigned int ssid_bits;
676 unsigned int sid_bits;
678 struct arm_smmu_strtab_cfg strtab_cfg;
680 /* IOMMU core code handle */
681 struct iommu_device iommu;
684 /* SMMU private data for each master */
685 struct arm_smmu_master {
686 struct arm_smmu_device *smmu;
688 struct arm_smmu_domain *domain;
689 struct list_head domain_head;
691 unsigned int num_sids;
693 unsigned int ssid_bits;
696 /* SMMU private data for an IOMMU domain */
697 enum arm_smmu_domain_stage {
698 ARM_SMMU_DOMAIN_S1 = 0,
700 ARM_SMMU_DOMAIN_NESTED,
701 ARM_SMMU_DOMAIN_BYPASS,
704 struct arm_smmu_domain {
705 struct arm_smmu_device *smmu;
706 struct mutex init_mutex; /* Protects smmu pointer */
708 struct io_pgtable_ops *pgtbl_ops;
710 atomic_t nr_ats_masters;
712 enum arm_smmu_domain_stage stage;
714 struct arm_smmu_s1_cfg s1_cfg;
715 struct arm_smmu_s2_cfg s2_cfg;
718 struct iommu_domain domain;
720 struct list_head devices;
721 spinlock_t devices_lock;
724 struct arm_smmu_option_prop {
729 static DEFINE_XARRAY_ALLOC1(asid_xa);
731 static struct arm_smmu_option_prop arm_smmu_options[] = {
732 { ARM_SMMU_OPT_SKIP_PREFETCH, "hisilicon,broken-prefetch-cmd" },
733 { ARM_SMMU_OPT_PAGE0_REGS_ONLY, "cavium,cn9900-broken-page1-regspace"},
737 static inline void __iomem *arm_smmu_page1_fixup(unsigned long offset,
738 struct arm_smmu_device *smmu)
741 return smmu->page1 + offset - SZ_64K;
743 return smmu->base + offset;
746 static struct arm_smmu_domain *to_smmu_domain(struct iommu_domain *dom)
748 return container_of(dom, struct arm_smmu_domain, domain);
751 static void parse_driver_options(struct arm_smmu_device *smmu)
756 if (of_property_read_bool(smmu->dev->of_node,
757 arm_smmu_options[i].prop)) {
758 smmu->options |= arm_smmu_options[i].opt;
759 dev_notice(smmu->dev, "option %s\n",
760 arm_smmu_options[i].prop);
762 } while (arm_smmu_options[++i].opt);
765 /* Low-level queue manipulation functions */
766 static bool queue_has_space(struct arm_smmu_ll_queue *q, u32 n)
768 u32 space, prod, cons;
770 prod = Q_IDX(q, q->prod);
771 cons = Q_IDX(q, q->cons);
773 if (Q_WRP(q, q->prod) == Q_WRP(q, q->cons))
774 space = (1 << q->max_n_shift) - (prod - cons);
781 static bool queue_full(struct arm_smmu_ll_queue *q)
783 return Q_IDX(q, q->prod) == Q_IDX(q, q->cons) &&
784 Q_WRP(q, q->prod) != Q_WRP(q, q->cons);
787 static bool queue_empty(struct arm_smmu_ll_queue *q)
789 return Q_IDX(q, q->prod) == Q_IDX(q, q->cons) &&
790 Q_WRP(q, q->prod) == Q_WRP(q, q->cons);
793 static bool queue_consumed(struct arm_smmu_ll_queue *q, u32 prod)
795 return ((Q_WRP(q, q->cons) == Q_WRP(q, prod)) &&
796 (Q_IDX(q, q->cons) > Q_IDX(q, prod))) ||
797 ((Q_WRP(q, q->cons) != Q_WRP(q, prod)) &&
798 (Q_IDX(q, q->cons) <= Q_IDX(q, prod)));
801 static void queue_sync_cons_out(struct arm_smmu_queue *q)
804 * Ensure that all CPU accesses (reads and writes) to the queue
805 * are complete before we update the cons pointer.
808 writel_relaxed(q->llq.cons, q->cons_reg);
811 static void queue_inc_cons(struct arm_smmu_ll_queue *q)
813 u32 cons = (Q_WRP(q, q->cons) | Q_IDX(q, q->cons)) + 1;
814 q->cons = Q_OVF(q->cons) | Q_WRP(q, cons) | Q_IDX(q, cons);
817 static int queue_sync_prod_in(struct arm_smmu_queue *q)
820 u32 prod = readl_relaxed(q->prod_reg);
822 if (Q_OVF(prod) != Q_OVF(q->llq.prod))
829 static u32 queue_inc_prod_n(struct arm_smmu_ll_queue *q, int n)
831 u32 prod = (Q_WRP(q, q->prod) | Q_IDX(q, q->prod)) + n;
832 return Q_OVF(q->prod) | Q_WRP(q, prod) | Q_IDX(q, prod);
835 static void queue_poll_init(struct arm_smmu_device *smmu,
836 struct arm_smmu_queue_poll *qp)
840 qp->wfe = !!(smmu->features & ARM_SMMU_FEAT_SEV);
841 qp->timeout = ktime_add_us(ktime_get(), ARM_SMMU_POLL_TIMEOUT_US);
844 static int queue_poll(struct arm_smmu_queue_poll *qp)
846 if (ktime_compare(ktime_get(), qp->timeout) > 0)
851 } else if (++qp->spin_cnt < ARM_SMMU_POLL_SPIN_COUNT) {
862 static void queue_write(__le64 *dst, u64 *src, size_t n_dwords)
866 for (i = 0; i < n_dwords; ++i)
867 *dst++ = cpu_to_le64(*src++);
870 static void queue_read(__le64 *dst, u64 *src, size_t n_dwords)
874 for (i = 0; i < n_dwords; ++i)
875 *dst++ = le64_to_cpu(*src++);
878 static int queue_remove_raw(struct arm_smmu_queue *q, u64 *ent)
880 if (queue_empty(&q->llq))
883 queue_read(ent, Q_ENT(q, q->llq.cons), q->ent_dwords);
884 queue_inc_cons(&q->llq);
885 queue_sync_cons_out(q);
889 /* High-level queue accessors */
890 static int arm_smmu_cmdq_build_cmd(u64 *cmd, struct arm_smmu_cmdq_ent *ent)
892 memset(cmd, 0, 1 << CMDQ_ENT_SZ_SHIFT);
893 cmd[0] |= FIELD_PREP(CMDQ_0_OP, ent->opcode);
895 switch (ent->opcode) {
896 case CMDQ_OP_TLBI_EL2_ALL:
897 case CMDQ_OP_TLBI_NSNH_ALL:
899 case CMDQ_OP_PREFETCH_CFG:
900 cmd[0] |= FIELD_PREP(CMDQ_PREFETCH_0_SID, ent->prefetch.sid);
901 cmd[1] |= FIELD_PREP(CMDQ_PREFETCH_1_SIZE, ent->prefetch.size);
902 cmd[1] |= ent->prefetch.addr & CMDQ_PREFETCH_1_ADDR_MASK;
904 case CMDQ_OP_CFGI_CD:
905 cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SSID, ent->cfgi.ssid);
907 case CMDQ_OP_CFGI_STE:
908 cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SID, ent->cfgi.sid);
909 cmd[1] |= FIELD_PREP(CMDQ_CFGI_1_LEAF, ent->cfgi.leaf);
911 case CMDQ_OP_CFGI_CD_ALL:
912 cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SID, ent->cfgi.sid);
914 case CMDQ_OP_CFGI_ALL:
915 /* Cover the entire SID range */
916 cmd[1] |= FIELD_PREP(CMDQ_CFGI_1_RANGE, 31);
918 case CMDQ_OP_TLBI_NH_VA:
919 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_NUM, ent->tlbi.num);
920 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_SCALE, ent->tlbi.scale);
921 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid);
922 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_ASID, ent->tlbi.asid);
923 cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_LEAF, ent->tlbi.leaf);
924 cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TTL, ent->tlbi.ttl);
925 cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TG, ent->tlbi.tg);
926 cmd[1] |= ent->tlbi.addr & CMDQ_TLBI_1_VA_MASK;
928 case CMDQ_OP_TLBI_S2_IPA:
929 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_NUM, ent->tlbi.num);
930 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_SCALE, ent->tlbi.scale);
931 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid);
932 cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_LEAF, ent->tlbi.leaf);
933 cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TTL, ent->tlbi.ttl);
934 cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TG, ent->tlbi.tg);
935 cmd[1] |= ent->tlbi.addr & CMDQ_TLBI_1_IPA_MASK;
937 case CMDQ_OP_TLBI_NH_ASID:
938 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_ASID, ent->tlbi.asid);
940 case CMDQ_OP_TLBI_S12_VMALL:
941 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid);
943 case CMDQ_OP_ATC_INV:
944 cmd[0] |= FIELD_PREP(CMDQ_0_SSV, ent->substream_valid);
945 cmd[0] |= FIELD_PREP(CMDQ_ATC_0_GLOBAL, ent->atc.global);
946 cmd[0] |= FIELD_PREP(CMDQ_ATC_0_SSID, ent->atc.ssid);
947 cmd[0] |= FIELD_PREP(CMDQ_ATC_0_SID, ent->atc.sid);
948 cmd[1] |= FIELD_PREP(CMDQ_ATC_1_SIZE, ent->atc.size);
949 cmd[1] |= ent->atc.addr & CMDQ_ATC_1_ADDR_MASK;
951 case CMDQ_OP_PRI_RESP:
952 cmd[0] |= FIELD_PREP(CMDQ_0_SSV, ent->substream_valid);
953 cmd[0] |= FIELD_PREP(CMDQ_PRI_0_SSID, ent->pri.ssid);
954 cmd[0] |= FIELD_PREP(CMDQ_PRI_0_SID, ent->pri.sid);
955 cmd[1] |= FIELD_PREP(CMDQ_PRI_1_GRPID, ent->pri.grpid);
956 switch (ent->pri.resp) {
964 cmd[1] |= FIELD_PREP(CMDQ_PRI_1_RESP, ent->pri.resp);
966 case CMDQ_OP_CMD_SYNC:
967 if (ent->sync.msiaddr) {
968 cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_CS, CMDQ_SYNC_0_CS_IRQ);
969 cmd[1] |= ent->sync.msiaddr & CMDQ_SYNC_1_MSIADDR_MASK;
971 cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_CS, CMDQ_SYNC_0_CS_SEV);
973 cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_MSH, ARM_SMMU_SH_ISH);
974 cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_MSIATTR, ARM_SMMU_MEMATTR_OIWB);
983 static void arm_smmu_cmdq_build_sync_cmd(u64 *cmd, struct arm_smmu_device *smmu,
986 struct arm_smmu_queue *q = &smmu->cmdq.q;
987 struct arm_smmu_cmdq_ent ent = {
988 .opcode = CMDQ_OP_CMD_SYNC,
992 * Beware that Hi16xx adds an extra 32 bits of goodness to its MSI
993 * payload, so the write will zero the entire command on that platform.
995 if (smmu->features & ARM_SMMU_FEAT_MSI &&
996 smmu->features & ARM_SMMU_FEAT_COHERENCY) {
997 ent.sync.msiaddr = q->base_dma + Q_IDX(&q->llq, prod) *
1001 arm_smmu_cmdq_build_cmd(cmd, &ent);
1004 static void arm_smmu_cmdq_skip_err(struct arm_smmu_device *smmu)
1006 static const char *cerror_str[] = {
1007 [CMDQ_ERR_CERROR_NONE_IDX] = "No error",
1008 [CMDQ_ERR_CERROR_ILL_IDX] = "Illegal command",
1009 [CMDQ_ERR_CERROR_ABT_IDX] = "Abort on command fetch",
1010 [CMDQ_ERR_CERROR_ATC_INV_IDX] = "ATC invalidate timeout",
1014 u64 cmd[CMDQ_ENT_DWORDS];
1015 struct arm_smmu_queue *q = &smmu->cmdq.q;
1016 u32 cons = readl_relaxed(q->cons_reg);
1017 u32 idx = FIELD_GET(CMDQ_CONS_ERR, cons);
1018 struct arm_smmu_cmdq_ent cmd_sync = {
1019 .opcode = CMDQ_OP_CMD_SYNC,
1022 dev_err(smmu->dev, "CMDQ error (cons 0x%08x): %s\n", cons,
1023 idx < ARRAY_SIZE(cerror_str) ? cerror_str[idx] : "Unknown");
1026 case CMDQ_ERR_CERROR_ABT_IDX:
1027 dev_err(smmu->dev, "retrying command fetch\n");
1028 case CMDQ_ERR_CERROR_NONE_IDX:
1030 case CMDQ_ERR_CERROR_ATC_INV_IDX:
1032 * ATC Invalidation Completion timeout. CONS is still pointing
1033 * at the CMD_SYNC. Attempt to complete other pending commands
1034 * by repeating the CMD_SYNC, though we might well end up back
1035 * here since the ATC invalidation may still be pending.
1038 case CMDQ_ERR_CERROR_ILL_IDX:
1045 * We may have concurrent producers, so we need to be careful
1046 * not to touch any of the shadow cmdq state.
1048 queue_read(cmd, Q_ENT(q, cons), q->ent_dwords);
1049 dev_err(smmu->dev, "skipping command in error state:\n");
1050 for (i = 0; i < ARRAY_SIZE(cmd); ++i)
1051 dev_err(smmu->dev, "\t0x%016llx\n", (unsigned long long)cmd[i]);
1053 /* Convert the erroneous command into a CMD_SYNC */
1054 if (arm_smmu_cmdq_build_cmd(cmd, &cmd_sync)) {
1055 dev_err(smmu->dev, "failed to convert to CMD_SYNC\n");
1059 queue_write(Q_ENT(q, cons), cmd, q->ent_dwords);
1063 * Command queue locking.
1064 * This is a form of bastardised rwlock with the following major changes:
1066 * - The only LOCK routines are exclusive_trylock() and shared_lock().
1067 * Neither have barrier semantics, and instead provide only a control
1070 * - The UNLOCK routines are supplemented with shared_tryunlock(), which
1071 * fails if the caller appears to be the last lock holder (yes, this is
1072 * racy). All successful UNLOCK routines have RELEASE semantics.
1074 static void arm_smmu_cmdq_shared_lock(struct arm_smmu_cmdq *cmdq)
1079 * We can try to avoid the cmpxchg() loop by simply incrementing the
1080 * lock counter. When held in exclusive state, the lock counter is set
1081 * to INT_MIN so these increments won't hurt as the value will remain
1084 if (atomic_fetch_inc_relaxed(&cmdq->lock) >= 0)
1088 val = atomic_cond_read_relaxed(&cmdq->lock, VAL >= 0);
1089 } while (atomic_cmpxchg_relaxed(&cmdq->lock, val, val + 1) != val);
1092 static void arm_smmu_cmdq_shared_unlock(struct arm_smmu_cmdq *cmdq)
1094 (void)atomic_dec_return_release(&cmdq->lock);
1097 static bool arm_smmu_cmdq_shared_tryunlock(struct arm_smmu_cmdq *cmdq)
1099 if (atomic_read(&cmdq->lock) == 1)
1102 arm_smmu_cmdq_shared_unlock(cmdq);
1106 #define arm_smmu_cmdq_exclusive_trylock_irqsave(cmdq, flags) \
1109 local_irq_save(flags); \
1110 __ret = !atomic_cmpxchg_relaxed(&cmdq->lock, 0, INT_MIN); \
1112 local_irq_restore(flags); \
1116 #define arm_smmu_cmdq_exclusive_unlock_irqrestore(cmdq, flags) \
1118 atomic_set_release(&cmdq->lock, 0); \
1119 local_irq_restore(flags); \
1124 * Command queue insertion.
1125 * This is made fiddly by our attempts to achieve some sort of scalability
1126 * since there is one queue shared amongst all of the CPUs in the system. If
1127 * you like mixed-size concurrency, dependency ordering and relaxed atomics,
1128 * then you'll *love* this monstrosity.
1130 * The basic idea is to split the queue up into ranges of commands that are
1131 * owned by a given CPU; the owner may not have written all of the commands
1132 * itself, but is responsible for advancing the hardware prod pointer when
1133 * the time comes. The algorithm is roughly:
1135 * 1. Allocate some space in the queue. At this point we also discover
1136 * whether the head of the queue is currently owned by another CPU,
1137 * or whether we are the owner.
1139 * 2. Write our commands into our allocated slots in the queue.
1141 * 3. Mark our slots as valid in arm_smmu_cmdq.valid_map.
1143 * 4. If we are an owner:
1144 * a. Wait for the previous owner to finish.
1145 * b. Mark the queue head as unowned, which tells us the range
1146 * that we are responsible for publishing.
1147 * c. Wait for all commands in our owned range to become valid.
1148 * d. Advance the hardware prod pointer.
1149 * e. Tell the next owner we've finished.
1151 * 5. If we are inserting a CMD_SYNC (we may or may not have been an
1152 * owner), then we need to stick around until it has completed:
1153 * a. If we have MSIs, the SMMU can write back into the CMD_SYNC
1154 * to clear the first 4 bytes.
1155 * b. Otherwise, we spin waiting for the hardware cons pointer to
1156 * advance past our command.
1158 * The devil is in the details, particularly the use of locking for handling
1159 * SYNC completion and freeing up space in the queue before we think that it is
1162 static void __arm_smmu_cmdq_poll_set_valid_map(struct arm_smmu_cmdq *cmdq,
1163 u32 sprod, u32 eprod, bool set)
1165 u32 swidx, sbidx, ewidx, ebidx;
1166 struct arm_smmu_ll_queue llq = {
1167 .max_n_shift = cmdq->q.llq.max_n_shift,
1171 ewidx = BIT_WORD(Q_IDX(&llq, eprod));
1172 ebidx = Q_IDX(&llq, eprod) % BITS_PER_LONG;
1174 while (llq.prod != eprod) {
1177 u32 limit = BITS_PER_LONG;
1179 swidx = BIT_WORD(Q_IDX(&llq, llq.prod));
1180 sbidx = Q_IDX(&llq, llq.prod) % BITS_PER_LONG;
1182 ptr = &cmdq->valid_map[swidx];
1184 if ((swidx == ewidx) && (sbidx < ebidx))
1187 mask = GENMASK(limit - 1, sbidx);
1190 * The valid bit is the inverse of the wrap bit. This means
1191 * that a zero-initialised queue is invalid and, after marking
1192 * all entries as valid, they become invalid again when we
1196 atomic_long_xor(mask, ptr);
1198 unsigned long valid;
1200 valid = (ULONG_MAX + !!Q_WRP(&llq, llq.prod)) & mask;
1201 atomic_long_cond_read_relaxed(ptr, (VAL & mask) == valid);
1204 llq.prod = queue_inc_prod_n(&llq, limit - sbidx);
1208 /* Mark all entries in the range [sprod, eprod) as valid */
1209 static void arm_smmu_cmdq_set_valid_map(struct arm_smmu_cmdq *cmdq,
1210 u32 sprod, u32 eprod)
1212 __arm_smmu_cmdq_poll_set_valid_map(cmdq, sprod, eprod, true);
1215 /* Wait for all entries in the range [sprod, eprod) to become valid */
1216 static void arm_smmu_cmdq_poll_valid_map(struct arm_smmu_cmdq *cmdq,
1217 u32 sprod, u32 eprod)
1219 __arm_smmu_cmdq_poll_set_valid_map(cmdq, sprod, eprod, false);
1222 /* Wait for the command queue to become non-full */
1223 static int arm_smmu_cmdq_poll_until_not_full(struct arm_smmu_device *smmu,
1224 struct arm_smmu_ll_queue *llq)
1226 unsigned long flags;
1227 struct arm_smmu_queue_poll qp;
1228 struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
1232 * Try to update our copy of cons by grabbing exclusive cmdq access. If
1233 * that fails, spin until somebody else updates it for us.
1235 if (arm_smmu_cmdq_exclusive_trylock_irqsave(cmdq, flags)) {
1236 WRITE_ONCE(cmdq->q.llq.cons, readl_relaxed(cmdq->q.cons_reg));
1237 arm_smmu_cmdq_exclusive_unlock_irqrestore(cmdq, flags);
1238 llq->val = READ_ONCE(cmdq->q.llq.val);
1242 queue_poll_init(smmu, &qp);
1244 llq->val = READ_ONCE(smmu->cmdq.q.llq.val);
1245 if (!queue_full(llq))
1248 ret = queue_poll(&qp);
1255 * Wait until the SMMU signals a CMD_SYNC completion MSI.
1256 * Must be called with the cmdq lock held in some capacity.
1258 static int __arm_smmu_cmdq_poll_until_msi(struct arm_smmu_device *smmu,
1259 struct arm_smmu_ll_queue *llq)
1262 struct arm_smmu_queue_poll qp;
1263 struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
1264 u32 *cmd = (u32 *)(Q_ENT(&cmdq->q, llq->prod));
1266 queue_poll_init(smmu, &qp);
1269 * The MSI won't generate an event, since it's being written back
1270 * into the command queue.
1273 smp_cond_load_relaxed(cmd, !VAL || (ret = queue_poll(&qp)));
1274 llq->cons = ret ? llq->prod : queue_inc_prod_n(llq, 1);
1279 * Wait until the SMMU cons index passes llq->prod.
1280 * Must be called with the cmdq lock held in some capacity.
1282 static int __arm_smmu_cmdq_poll_until_consumed(struct arm_smmu_device *smmu,
1283 struct arm_smmu_ll_queue *llq)
1285 struct arm_smmu_queue_poll qp;
1286 struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
1287 u32 prod = llq->prod;
1290 queue_poll_init(smmu, &qp);
1291 llq->val = READ_ONCE(smmu->cmdq.q.llq.val);
1293 if (queue_consumed(llq, prod))
1296 ret = queue_poll(&qp);
1299 * This needs to be a readl() so that our subsequent call
1300 * to arm_smmu_cmdq_shared_tryunlock() can fail accurately.
1302 * Specifically, we need to ensure that we observe all
1303 * shared_lock()s by other CMD_SYNCs that share our owner,
1304 * so that a failing call to tryunlock() means that we're
1305 * the last one out and therefore we can safely advance
1306 * cmdq->q.llq.cons. Roughly speaking:
1308 * CPU 0 CPU1 CPU2 (us)
1318 * <control dependency>
1324 * Requires us to see CPU 0's shared_lock() acquisition.
1326 llq->cons = readl(cmdq->q.cons_reg);
1332 static int arm_smmu_cmdq_poll_until_sync(struct arm_smmu_device *smmu,
1333 struct arm_smmu_ll_queue *llq)
1335 if (smmu->features & ARM_SMMU_FEAT_MSI &&
1336 smmu->features & ARM_SMMU_FEAT_COHERENCY)
1337 return __arm_smmu_cmdq_poll_until_msi(smmu, llq);
1339 return __arm_smmu_cmdq_poll_until_consumed(smmu, llq);
1342 static void arm_smmu_cmdq_write_entries(struct arm_smmu_cmdq *cmdq, u64 *cmds,
1346 struct arm_smmu_ll_queue llq = {
1347 .max_n_shift = cmdq->q.llq.max_n_shift,
1351 for (i = 0; i < n; ++i) {
1352 u64 *cmd = &cmds[i * CMDQ_ENT_DWORDS];
1354 prod = queue_inc_prod_n(&llq, i);
1355 queue_write(Q_ENT(&cmdq->q, prod), cmd, CMDQ_ENT_DWORDS);
1360 * This is the actual insertion function, and provides the following
1361 * ordering guarantees to callers:
1363 * - There is a dma_wmb() before publishing any commands to the queue.
1364 * This can be relied upon to order prior writes to data structures
1365 * in memory (such as a CD or an STE) before the command.
1367 * - On completion of a CMD_SYNC, there is a control dependency.
1368 * This can be relied upon to order subsequent writes to memory (e.g.
1369 * freeing an IOVA) after completion of the CMD_SYNC.
1371 * - Command insertion is totally ordered, so if two CPUs each race to
1372 * insert their own list of commands then all of the commands from one
1373 * CPU will appear before any of the commands from the other CPU.
1375 static int arm_smmu_cmdq_issue_cmdlist(struct arm_smmu_device *smmu,
1376 u64 *cmds, int n, bool sync)
1378 u64 cmd_sync[CMDQ_ENT_DWORDS];
1380 unsigned long flags;
1382 struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
1383 struct arm_smmu_ll_queue llq = {
1384 .max_n_shift = cmdq->q.llq.max_n_shift,
1388 /* 1. Allocate some space in the queue */
1389 local_irq_save(flags);
1390 llq.val = READ_ONCE(cmdq->q.llq.val);
1394 while (!queue_has_space(&llq, n + sync)) {
1395 local_irq_restore(flags);
1396 if (arm_smmu_cmdq_poll_until_not_full(smmu, &llq))
1397 dev_err_ratelimited(smmu->dev, "CMDQ timeout\n");
1398 local_irq_save(flags);
1401 head.cons = llq.cons;
1402 head.prod = queue_inc_prod_n(&llq, n + sync) |
1403 CMDQ_PROD_OWNED_FLAG;
1405 old = cmpxchg_relaxed(&cmdq->q.llq.val, llq.val, head.val);
1411 owner = !(llq.prod & CMDQ_PROD_OWNED_FLAG);
1412 head.prod &= ~CMDQ_PROD_OWNED_FLAG;
1413 llq.prod &= ~CMDQ_PROD_OWNED_FLAG;
1416 * 2. Write our commands into the queue
1417 * Dependency ordering from the cmpxchg() loop above.
1419 arm_smmu_cmdq_write_entries(cmdq, cmds, llq.prod, n);
1421 prod = queue_inc_prod_n(&llq, n);
1422 arm_smmu_cmdq_build_sync_cmd(cmd_sync, smmu, prod);
1423 queue_write(Q_ENT(&cmdq->q, prod), cmd_sync, CMDQ_ENT_DWORDS);
1426 * In order to determine completion of our CMD_SYNC, we must
1427 * ensure that the queue can't wrap twice without us noticing.
1428 * We achieve that by taking the cmdq lock as shared before
1429 * marking our slot as valid.
1431 arm_smmu_cmdq_shared_lock(cmdq);
1434 /* 3. Mark our slots as valid, ensuring commands are visible first */
1436 arm_smmu_cmdq_set_valid_map(cmdq, llq.prod, head.prod);
1438 /* 4. If we are the owner, take control of the SMMU hardware */
1440 /* a. Wait for previous owner to finish */
1441 atomic_cond_read_relaxed(&cmdq->owner_prod, VAL == llq.prod);
1443 /* b. Stop gathering work by clearing the owned flag */
1444 prod = atomic_fetch_andnot_relaxed(CMDQ_PROD_OWNED_FLAG,
1445 &cmdq->q.llq.atomic.prod);
1446 prod &= ~CMDQ_PROD_OWNED_FLAG;
1449 * c. Wait for any gathered work to be written to the queue.
1450 * Note that we read our own entries so that we have the control
1451 * dependency required by (d).
1453 arm_smmu_cmdq_poll_valid_map(cmdq, llq.prod, prod);
1456 * d. Advance the hardware prod pointer
1457 * Control dependency ordering from the entries becoming valid.
1459 writel_relaxed(prod, cmdq->q.prod_reg);
1462 * e. Tell the next owner we're done
1463 * Make sure we've updated the hardware first, so that we don't
1464 * race to update prod and potentially move it backwards.
1466 atomic_set_release(&cmdq->owner_prod, prod);
1469 /* 5. If we are inserting a CMD_SYNC, we must wait for it to complete */
1471 llq.prod = queue_inc_prod_n(&llq, n);
1472 ret = arm_smmu_cmdq_poll_until_sync(smmu, &llq);
1474 dev_err_ratelimited(smmu->dev,
1475 "CMD_SYNC timeout at 0x%08x [hwprod 0x%08x, hwcons 0x%08x]\n",
1477 readl_relaxed(cmdq->q.prod_reg),
1478 readl_relaxed(cmdq->q.cons_reg));
1482 * Try to unlock the cmq lock. This will fail if we're the last
1483 * reader, in which case we can safely update cmdq->q.llq.cons
1485 if (!arm_smmu_cmdq_shared_tryunlock(cmdq)) {
1486 WRITE_ONCE(cmdq->q.llq.cons, llq.cons);
1487 arm_smmu_cmdq_shared_unlock(cmdq);
1491 local_irq_restore(flags);
1495 static int arm_smmu_cmdq_issue_cmd(struct arm_smmu_device *smmu,
1496 struct arm_smmu_cmdq_ent *ent)
1498 u64 cmd[CMDQ_ENT_DWORDS];
1500 if (arm_smmu_cmdq_build_cmd(cmd, ent)) {
1501 dev_warn(smmu->dev, "ignoring unknown CMDQ opcode 0x%x\n",
1506 return arm_smmu_cmdq_issue_cmdlist(smmu, cmd, 1, false);
1509 static int arm_smmu_cmdq_issue_sync(struct arm_smmu_device *smmu)
1511 return arm_smmu_cmdq_issue_cmdlist(smmu, NULL, 0, true);
1514 static void arm_smmu_cmdq_batch_add(struct arm_smmu_device *smmu,
1515 struct arm_smmu_cmdq_batch *cmds,
1516 struct arm_smmu_cmdq_ent *cmd)
1518 if (cmds->num == CMDQ_BATCH_ENTRIES) {
1519 arm_smmu_cmdq_issue_cmdlist(smmu, cmds->cmds, cmds->num, false);
1522 arm_smmu_cmdq_build_cmd(&cmds->cmds[cmds->num * CMDQ_ENT_DWORDS], cmd);
1526 static int arm_smmu_cmdq_batch_submit(struct arm_smmu_device *smmu,
1527 struct arm_smmu_cmdq_batch *cmds)
1529 return arm_smmu_cmdq_issue_cmdlist(smmu, cmds->cmds, cmds->num, true);
1532 /* Context descriptor manipulation functions */
1533 static void arm_smmu_sync_cd(struct arm_smmu_domain *smmu_domain,
1534 int ssid, bool leaf)
1537 unsigned long flags;
1538 struct arm_smmu_master *master;
1539 struct arm_smmu_cmdq_batch cmds = {};
1540 struct arm_smmu_device *smmu = smmu_domain->smmu;
1541 struct arm_smmu_cmdq_ent cmd = {
1542 .opcode = CMDQ_OP_CFGI_CD,
1549 spin_lock_irqsave(&smmu_domain->devices_lock, flags);
1550 list_for_each_entry(master, &smmu_domain->devices, domain_head) {
1551 for (i = 0; i < master->num_sids; i++) {
1552 cmd.cfgi.sid = master->sids[i];
1553 arm_smmu_cmdq_batch_add(smmu, &cmds, &cmd);
1556 spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);
1558 arm_smmu_cmdq_batch_submit(smmu, &cmds);
1561 static int arm_smmu_alloc_cd_leaf_table(struct arm_smmu_device *smmu,
1562 struct arm_smmu_l1_ctx_desc *l1_desc)
1564 size_t size = CTXDESC_L2_ENTRIES * (CTXDESC_CD_DWORDS << 3);
1566 l1_desc->l2ptr = dmam_alloc_coherent(smmu->dev, size,
1567 &l1_desc->l2ptr_dma, GFP_KERNEL);
1568 if (!l1_desc->l2ptr) {
1570 "failed to allocate context descriptor table\n");
1576 static void arm_smmu_write_cd_l1_desc(__le64 *dst,
1577 struct arm_smmu_l1_ctx_desc *l1_desc)
1579 u64 val = (l1_desc->l2ptr_dma & CTXDESC_L1_DESC_L2PTR_MASK) |
1582 /* See comment in arm_smmu_write_ctx_desc() */
1583 WRITE_ONCE(*dst, cpu_to_le64(val));
1586 static __le64 *arm_smmu_get_cd_ptr(struct arm_smmu_domain *smmu_domain,
1591 struct arm_smmu_l1_ctx_desc *l1_desc;
1592 struct arm_smmu_device *smmu = smmu_domain->smmu;
1593 struct arm_smmu_ctx_desc_cfg *cdcfg = &smmu_domain->s1_cfg.cdcfg;
1595 if (smmu_domain->s1_cfg.s1fmt == STRTAB_STE_0_S1FMT_LINEAR)
1596 return cdcfg->cdtab + ssid * CTXDESC_CD_DWORDS;
1598 idx = ssid >> CTXDESC_SPLIT;
1599 l1_desc = &cdcfg->l1_desc[idx];
1600 if (!l1_desc->l2ptr) {
1601 if (arm_smmu_alloc_cd_leaf_table(smmu, l1_desc))
1604 l1ptr = cdcfg->cdtab + idx * CTXDESC_L1_DESC_DWORDS;
1605 arm_smmu_write_cd_l1_desc(l1ptr, l1_desc);
1606 /* An invalid L1CD can be cached */
1607 arm_smmu_sync_cd(smmu_domain, ssid, false);
1609 idx = ssid & (CTXDESC_L2_ENTRIES - 1);
1610 return l1_desc->l2ptr + idx * CTXDESC_CD_DWORDS;
1613 static int arm_smmu_write_ctx_desc(struct arm_smmu_domain *smmu_domain,
1614 int ssid, struct arm_smmu_ctx_desc *cd)
1617 * This function handles the following cases:
1619 * (1) Install primary CD, for normal DMA traffic (SSID = 0).
1620 * (2) Install a secondary CD, for SID+SSID traffic.
1621 * (3) Update ASID of a CD. Atomically write the first 64 bits of the
1622 * CD, then invalidate the old entry and mappings.
1623 * (4) Remove a secondary CD.
1628 struct arm_smmu_device *smmu = smmu_domain->smmu;
1630 if (WARN_ON(ssid >= (1 << smmu_domain->s1_cfg.s1cdmax)))
1633 cdptr = arm_smmu_get_cd_ptr(smmu_domain, ssid);
1637 val = le64_to_cpu(cdptr[0]);
1638 cd_live = !!(val & CTXDESC_CD_0_V);
1640 if (!cd) { /* (4) */
1642 } else if (cd_live) { /* (3) */
1643 val &= ~CTXDESC_CD_0_ASID;
1644 val |= FIELD_PREP(CTXDESC_CD_0_ASID, cd->asid);
1646 * Until CD+TLB invalidation, both ASIDs may be used for tagging
1647 * this substream's traffic
1649 } else { /* (1) and (2) */
1650 cdptr[1] = cpu_to_le64(cd->ttbr & CTXDESC_CD_1_TTB0_MASK);
1652 cdptr[3] = cpu_to_le64(cd->mair);
1655 * STE is live, and the SMMU might read dwords of this CD in any
1656 * order. Ensure that it observes valid values before reading
1659 arm_smmu_sync_cd(smmu_domain, ssid, true);
1665 CTXDESC_CD_0_R | CTXDESC_CD_0_A | CTXDESC_CD_0_ASET |
1667 FIELD_PREP(CTXDESC_CD_0_ASID, cd->asid) |
1670 /* STALL_MODEL==0b10 && CD.S==0 is ILLEGAL */
1671 if (smmu->features & ARM_SMMU_FEAT_STALL_FORCE)
1672 val |= CTXDESC_CD_0_S;
1676 * The SMMU accesses 64-bit values atomically. See IHI0070Ca 3.21.3
1677 * "Configuration structures and configuration invalidation completion"
1679 * The size of single-copy atomic reads made by the SMMU is
1680 * IMPLEMENTATION DEFINED but must be at least 64 bits. Any single
1681 * field within an aligned 64-bit span of a structure can be altered
1682 * without first making the structure invalid.
1684 WRITE_ONCE(cdptr[0], cpu_to_le64(val));
1685 arm_smmu_sync_cd(smmu_domain, ssid, true);
1689 static int arm_smmu_alloc_cd_tables(struct arm_smmu_domain *smmu_domain)
1693 size_t max_contexts;
1694 struct arm_smmu_device *smmu = smmu_domain->smmu;
1695 struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;
1696 struct arm_smmu_ctx_desc_cfg *cdcfg = &cfg->cdcfg;
1698 max_contexts = 1 << cfg->s1cdmax;
1700 if (!(smmu->features & ARM_SMMU_FEAT_2_LVL_CDTAB) ||
1701 max_contexts <= CTXDESC_L2_ENTRIES) {
1702 cfg->s1fmt = STRTAB_STE_0_S1FMT_LINEAR;
1703 cdcfg->num_l1_ents = max_contexts;
1705 l1size = max_contexts * (CTXDESC_CD_DWORDS << 3);
1707 cfg->s1fmt = STRTAB_STE_0_S1FMT_64K_L2;
1708 cdcfg->num_l1_ents = DIV_ROUND_UP(max_contexts,
1709 CTXDESC_L2_ENTRIES);
1711 cdcfg->l1_desc = devm_kcalloc(smmu->dev, cdcfg->num_l1_ents,
1712 sizeof(*cdcfg->l1_desc),
1714 if (!cdcfg->l1_desc)
1717 l1size = cdcfg->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3);
1720 cdcfg->cdtab = dmam_alloc_coherent(smmu->dev, l1size, &cdcfg->cdtab_dma,
1722 if (!cdcfg->cdtab) {
1723 dev_warn(smmu->dev, "failed to allocate context descriptor\n");
1731 if (cdcfg->l1_desc) {
1732 devm_kfree(smmu->dev, cdcfg->l1_desc);
1733 cdcfg->l1_desc = NULL;
1738 static void arm_smmu_free_cd_tables(struct arm_smmu_domain *smmu_domain)
1741 size_t size, l1size;
1742 struct arm_smmu_device *smmu = smmu_domain->smmu;
1743 struct arm_smmu_ctx_desc_cfg *cdcfg = &smmu_domain->s1_cfg.cdcfg;
1745 if (cdcfg->l1_desc) {
1746 size = CTXDESC_L2_ENTRIES * (CTXDESC_CD_DWORDS << 3);
1748 for (i = 0; i < cdcfg->num_l1_ents; i++) {
1749 if (!cdcfg->l1_desc[i].l2ptr)
1752 dmam_free_coherent(smmu->dev, size,
1753 cdcfg->l1_desc[i].l2ptr,
1754 cdcfg->l1_desc[i].l2ptr_dma);
1756 devm_kfree(smmu->dev, cdcfg->l1_desc);
1757 cdcfg->l1_desc = NULL;
1759 l1size = cdcfg->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3);
1761 l1size = cdcfg->num_l1_ents * (CTXDESC_CD_DWORDS << 3);
1764 dmam_free_coherent(smmu->dev, l1size, cdcfg->cdtab, cdcfg->cdtab_dma);
1765 cdcfg->cdtab_dma = 0;
1766 cdcfg->cdtab = NULL;
1769 static void arm_smmu_free_asid(struct arm_smmu_ctx_desc *cd)
1774 xa_erase(&asid_xa, cd->asid);
1777 /* Stream table manipulation functions */
1779 arm_smmu_write_strtab_l1_desc(__le64 *dst, struct arm_smmu_strtab_l1_desc *desc)
1783 val |= FIELD_PREP(STRTAB_L1_DESC_SPAN, desc->span);
1784 val |= desc->l2ptr_dma & STRTAB_L1_DESC_L2PTR_MASK;
1786 /* See comment in arm_smmu_write_ctx_desc() */
1787 WRITE_ONCE(*dst, cpu_to_le64(val));
1790 static void arm_smmu_sync_ste_for_sid(struct arm_smmu_device *smmu, u32 sid)
1792 struct arm_smmu_cmdq_ent cmd = {
1793 .opcode = CMDQ_OP_CFGI_STE,
1800 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
1801 arm_smmu_cmdq_issue_sync(smmu);
1804 static void arm_smmu_write_strtab_ent(struct arm_smmu_master *master, u32 sid,
1808 * This is hideously complicated, but we only really care about
1809 * three cases at the moment:
1811 * 1. Invalid (all zero) -> bypass/fault (init)
1812 * 2. Bypass/fault -> translation/bypass (attach)
1813 * 3. Translation/bypass -> bypass/fault (detach)
1815 * Given that we can't update the STE atomically and the SMMU
1816 * doesn't read the thing in a defined order, that leaves us
1817 * with the following maintenance requirements:
1819 * 1. Update Config, return (init time STEs aren't live)
1820 * 2. Write everything apart from dword 0, sync, write dword 0, sync
1821 * 3. Update Config, sync
1823 u64 val = le64_to_cpu(dst[0]);
1824 bool ste_live = false;
1825 struct arm_smmu_device *smmu = NULL;
1826 struct arm_smmu_s1_cfg *s1_cfg = NULL;
1827 struct arm_smmu_s2_cfg *s2_cfg = NULL;
1828 struct arm_smmu_domain *smmu_domain = NULL;
1829 struct arm_smmu_cmdq_ent prefetch_cmd = {
1830 .opcode = CMDQ_OP_PREFETCH_CFG,
1837 smmu_domain = master->domain;
1838 smmu = master->smmu;
1842 switch (smmu_domain->stage) {
1843 case ARM_SMMU_DOMAIN_S1:
1844 s1_cfg = &smmu_domain->s1_cfg;
1846 case ARM_SMMU_DOMAIN_S2:
1847 case ARM_SMMU_DOMAIN_NESTED:
1848 s2_cfg = &smmu_domain->s2_cfg;
1855 if (val & STRTAB_STE_0_V) {
1856 switch (FIELD_GET(STRTAB_STE_0_CFG, val)) {
1857 case STRTAB_STE_0_CFG_BYPASS:
1859 case STRTAB_STE_0_CFG_S1_TRANS:
1860 case STRTAB_STE_0_CFG_S2_TRANS:
1863 case STRTAB_STE_0_CFG_ABORT:
1864 BUG_ON(!disable_bypass);
1867 BUG(); /* STE corruption */
1871 /* Nuke the existing STE_0 value, as we're going to rewrite it */
1872 val = STRTAB_STE_0_V;
1875 if (!smmu_domain || !(s1_cfg || s2_cfg)) {
1876 if (!smmu_domain && disable_bypass)
1877 val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_ABORT);
1879 val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_BYPASS);
1881 dst[0] = cpu_to_le64(val);
1882 dst[1] = cpu_to_le64(FIELD_PREP(STRTAB_STE_1_SHCFG,
1883 STRTAB_STE_1_SHCFG_INCOMING));
1884 dst[2] = 0; /* Nuke the VMID */
1886 * The SMMU can perform negative caching, so we must sync
1887 * the STE regardless of whether the old value was live.
1890 arm_smmu_sync_ste_for_sid(smmu, sid);
1896 dst[1] = cpu_to_le64(
1897 FIELD_PREP(STRTAB_STE_1_S1DSS, STRTAB_STE_1_S1DSS_SSID0) |
1898 FIELD_PREP(STRTAB_STE_1_S1CIR, STRTAB_STE_1_S1C_CACHE_WBRA) |
1899 FIELD_PREP(STRTAB_STE_1_S1COR, STRTAB_STE_1_S1C_CACHE_WBRA) |
1900 FIELD_PREP(STRTAB_STE_1_S1CSH, ARM_SMMU_SH_ISH) |
1901 FIELD_PREP(STRTAB_STE_1_STRW, STRTAB_STE_1_STRW_NSEL1));
1903 if (smmu->features & ARM_SMMU_FEAT_STALLS &&
1904 !(smmu->features & ARM_SMMU_FEAT_STALL_FORCE))
1905 dst[1] |= cpu_to_le64(STRTAB_STE_1_S1STALLD);
1907 val |= (s1_cfg->cdcfg.cdtab_dma & STRTAB_STE_0_S1CTXPTR_MASK) |
1908 FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_S1_TRANS) |
1909 FIELD_PREP(STRTAB_STE_0_S1CDMAX, s1_cfg->s1cdmax) |
1910 FIELD_PREP(STRTAB_STE_0_S1FMT, s1_cfg->s1fmt);
1915 dst[2] = cpu_to_le64(
1916 FIELD_PREP(STRTAB_STE_2_S2VMID, s2_cfg->vmid) |
1917 FIELD_PREP(STRTAB_STE_2_VTCR, s2_cfg->vtcr) |
1919 STRTAB_STE_2_S2ENDI |
1921 STRTAB_STE_2_S2PTW | STRTAB_STE_2_S2AA64 |
1924 dst[3] = cpu_to_le64(s2_cfg->vttbr & STRTAB_STE_3_S2TTB_MASK);
1926 val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_S2_TRANS);
1929 if (master->ats_enabled)
1930 dst[1] |= cpu_to_le64(FIELD_PREP(STRTAB_STE_1_EATS,
1931 STRTAB_STE_1_EATS_TRANS));
1933 arm_smmu_sync_ste_for_sid(smmu, sid);
1934 /* See comment in arm_smmu_write_ctx_desc() */
1935 WRITE_ONCE(dst[0], cpu_to_le64(val));
1936 arm_smmu_sync_ste_for_sid(smmu, sid);
1938 /* It's likely that we'll want to use the new STE soon */
1939 if (!(smmu->options & ARM_SMMU_OPT_SKIP_PREFETCH))
1940 arm_smmu_cmdq_issue_cmd(smmu, &prefetch_cmd);
1943 static void arm_smmu_init_bypass_stes(u64 *strtab, unsigned int nent)
1947 for (i = 0; i < nent; ++i) {
1948 arm_smmu_write_strtab_ent(NULL, -1, strtab);
1949 strtab += STRTAB_STE_DWORDS;
1953 static int arm_smmu_init_l2_strtab(struct arm_smmu_device *smmu, u32 sid)
1957 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
1958 struct arm_smmu_strtab_l1_desc *desc = &cfg->l1_desc[sid >> STRTAB_SPLIT];
1963 size = 1 << (STRTAB_SPLIT + ilog2(STRTAB_STE_DWORDS) + 3);
1964 strtab = &cfg->strtab[(sid >> STRTAB_SPLIT) * STRTAB_L1_DESC_DWORDS];
1966 desc->span = STRTAB_SPLIT + 1;
1967 desc->l2ptr = dmam_alloc_coherent(smmu->dev, size, &desc->l2ptr_dma,
1971 "failed to allocate l2 stream table for SID %u\n",
1976 arm_smmu_init_bypass_stes(desc->l2ptr, 1 << STRTAB_SPLIT);
1977 arm_smmu_write_strtab_l1_desc(strtab, desc);
1981 /* IRQ and event handlers */
1982 static irqreturn_t arm_smmu_evtq_thread(int irq, void *dev)
1985 struct arm_smmu_device *smmu = dev;
1986 struct arm_smmu_queue *q = &smmu->evtq.q;
1987 struct arm_smmu_ll_queue *llq = &q->llq;
1988 u64 evt[EVTQ_ENT_DWORDS];
1991 while (!queue_remove_raw(q, evt)) {
1992 u8 id = FIELD_GET(EVTQ_0_ID, evt[0]);
1994 dev_info(smmu->dev, "event 0x%02x received:\n", id);
1995 for (i = 0; i < ARRAY_SIZE(evt); ++i)
1996 dev_info(smmu->dev, "\t0x%016llx\n",
1997 (unsigned long long)evt[i]);
2002 * Not much we can do on overflow, so scream and pretend we're
2005 if (queue_sync_prod_in(q) == -EOVERFLOW)
2006 dev_err(smmu->dev, "EVTQ overflow detected -- events lost\n");
2007 } while (!queue_empty(llq));
2009 /* Sync our overflow flag, as we believe we're up to speed */
2010 llq->cons = Q_OVF(llq->prod) | Q_WRP(llq, llq->cons) |
2011 Q_IDX(llq, llq->cons);
2015 static void arm_smmu_handle_ppr(struct arm_smmu_device *smmu, u64 *evt)
2021 sid = FIELD_GET(PRIQ_0_SID, evt[0]);
2022 ssv = FIELD_GET(PRIQ_0_SSID_V, evt[0]);
2023 ssid = ssv ? FIELD_GET(PRIQ_0_SSID, evt[0]) : 0;
2024 last = FIELD_GET(PRIQ_0_PRG_LAST, evt[0]);
2025 grpid = FIELD_GET(PRIQ_1_PRG_IDX, evt[1]);
2027 dev_info(smmu->dev, "unexpected PRI request received:\n");
2029 "\tsid 0x%08x.0x%05x: [%u%s] %sprivileged %s%s%s access at iova 0x%016llx\n",
2030 sid, ssid, grpid, last ? "L" : "",
2031 evt[0] & PRIQ_0_PERM_PRIV ? "" : "un",
2032 evt[0] & PRIQ_0_PERM_READ ? "R" : "",
2033 evt[0] & PRIQ_0_PERM_WRITE ? "W" : "",
2034 evt[0] & PRIQ_0_PERM_EXEC ? "X" : "",
2035 evt[1] & PRIQ_1_ADDR_MASK);
2038 struct arm_smmu_cmdq_ent cmd = {
2039 .opcode = CMDQ_OP_PRI_RESP,
2040 .substream_valid = ssv,
2045 .resp = PRI_RESP_DENY,
2049 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
2053 static irqreturn_t arm_smmu_priq_thread(int irq, void *dev)
2055 struct arm_smmu_device *smmu = dev;
2056 struct arm_smmu_queue *q = &smmu->priq.q;
2057 struct arm_smmu_ll_queue *llq = &q->llq;
2058 u64 evt[PRIQ_ENT_DWORDS];
2061 while (!queue_remove_raw(q, evt))
2062 arm_smmu_handle_ppr(smmu, evt);
2064 if (queue_sync_prod_in(q) == -EOVERFLOW)
2065 dev_err(smmu->dev, "PRIQ overflow detected -- requests lost\n");
2066 } while (!queue_empty(llq));
2068 /* Sync our overflow flag, as we believe we're up to speed */
2069 llq->cons = Q_OVF(llq->prod) | Q_WRP(llq, llq->cons) |
2070 Q_IDX(llq, llq->cons);
2071 queue_sync_cons_out(q);
2075 static int arm_smmu_device_disable(struct arm_smmu_device *smmu);
2077 static irqreturn_t arm_smmu_gerror_handler(int irq, void *dev)
2079 u32 gerror, gerrorn, active;
2080 struct arm_smmu_device *smmu = dev;
2082 gerror = readl_relaxed(smmu->base + ARM_SMMU_GERROR);
2083 gerrorn = readl_relaxed(smmu->base + ARM_SMMU_GERRORN);
2085 active = gerror ^ gerrorn;
2086 if (!(active & GERROR_ERR_MASK))
2087 return IRQ_NONE; /* No errors pending */
2090 "unexpected global error reported (0x%08x), this could be serious\n",
2093 if (active & GERROR_SFM_ERR) {
2094 dev_err(smmu->dev, "device has entered Service Failure Mode!\n");
2095 arm_smmu_device_disable(smmu);
2098 if (active & GERROR_MSI_GERROR_ABT_ERR)
2099 dev_warn(smmu->dev, "GERROR MSI write aborted\n");
2101 if (active & GERROR_MSI_PRIQ_ABT_ERR)
2102 dev_warn(smmu->dev, "PRIQ MSI write aborted\n");
2104 if (active & GERROR_MSI_EVTQ_ABT_ERR)
2105 dev_warn(smmu->dev, "EVTQ MSI write aborted\n");
2107 if (active & GERROR_MSI_CMDQ_ABT_ERR)
2108 dev_warn(smmu->dev, "CMDQ MSI write aborted\n");
2110 if (active & GERROR_PRIQ_ABT_ERR)
2111 dev_err(smmu->dev, "PRIQ write aborted -- events may have been lost\n");
2113 if (active & GERROR_EVTQ_ABT_ERR)
2114 dev_err(smmu->dev, "EVTQ write aborted -- events may have been lost\n");
2116 if (active & GERROR_CMDQ_ERR)
2117 arm_smmu_cmdq_skip_err(smmu);
2119 writel(gerror, smmu->base + ARM_SMMU_GERRORN);
2123 static irqreturn_t arm_smmu_combined_irq_thread(int irq, void *dev)
2125 struct arm_smmu_device *smmu = dev;
2127 arm_smmu_evtq_thread(irq, dev);
2128 if (smmu->features & ARM_SMMU_FEAT_PRI)
2129 arm_smmu_priq_thread(irq, dev);
2134 static irqreturn_t arm_smmu_combined_irq_handler(int irq, void *dev)
2136 arm_smmu_gerror_handler(irq, dev);
2137 return IRQ_WAKE_THREAD;
2141 arm_smmu_atc_inv_to_cmd(int ssid, unsigned long iova, size_t size,
2142 struct arm_smmu_cmdq_ent *cmd)
2146 /* ATC invalidates are always on 4096-bytes pages */
2147 size_t inval_grain_shift = 12;
2148 unsigned long page_start, page_end;
2150 *cmd = (struct arm_smmu_cmdq_ent) {
2151 .opcode = CMDQ_OP_ATC_INV,
2152 .substream_valid = !!ssid,
2157 cmd->atc.size = ATC_INV_SIZE_ALL;
2161 page_start = iova >> inval_grain_shift;
2162 page_end = (iova + size - 1) >> inval_grain_shift;
2165 * In an ATS Invalidate Request, the address must be aligned on the
2166 * range size, which must be a power of two number of page sizes. We
2167 * thus have to choose between grossly over-invalidating the region, or
2168 * splitting the invalidation into multiple commands. For simplicity
2169 * we'll go with the first solution, but should refine it in the future
2170 * if multiple commands are shown to be more efficient.
2172 * Find the smallest power of two that covers the range. The most
2173 * significant differing bit between the start and end addresses,
2174 * fls(start ^ end), indicates the required span. For example:
2176 * We want to invalidate pages [8; 11]. This is already the ideal range:
2177 * x = 0b1000 ^ 0b1011 = 0b11
2178 * span = 1 << fls(x) = 4
2180 * To invalidate pages [7; 10], we need to invalidate [0; 15]:
2181 * x = 0b0111 ^ 0b1010 = 0b1101
2182 * span = 1 << fls(x) = 16
2184 log2_span = fls_long(page_start ^ page_end);
2185 span_mask = (1ULL << log2_span) - 1;
2187 page_start &= ~span_mask;
2189 cmd->atc.addr = page_start << inval_grain_shift;
2190 cmd->atc.size = log2_span;
2193 static int arm_smmu_atc_inv_master(struct arm_smmu_master *master)
2196 struct arm_smmu_cmdq_ent cmd;
2198 arm_smmu_atc_inv_to_cmd(0, 0, 0, &cmd);
2200 for (i = 0; i < master->num_sids; i++) {
2201 cmd.atc.sid = master->sids[i];
2202 arm_smmu_cmdq_issue_cmd(master->smmu, &cmd);
2205 return arm_smmu_cmdq_issue_sync(master->smmu);
2208 static int arm_smmu_atc_inv_domain(struct arm_smmu_domain *smmu_domain,
2209 int ssid, unsigned long iova, size_t size)
2212 unsigned long flags;
2213 struct arm_smmu_cmdq_ent cmd;
2214 struct arm_smmu_master *master;
2215 struct arm_smmu_cmdq_batch cmds = {};
2217 if (!(smmu_domain->smmu->features & ARM_SMMU_FEAT_ATS))
2221 * Ensure that we've completed prior invalidation of the main TLBs
2222 * before we read 'nr_ats_masters' in case of a concurrent call to
2223 * arm_smmu_enable_ats():
2225 * // unmap() // arm_smmu_enable_ats()
2226 * TLBI+SYNC atomic_inc(&nr_ats_masters);
2228 * atomic_read(&nr_ats_masters); pci_enable_ats() // writel()
2230 * Ensures that we always see the incremented 'nr_ats_masters' count if
2231 * ATS was enabled at the PCI device before completion of the TLBI.
2234 if (!atomic_read(&smmu_domain->nr_ats_masters))
2237 arm_smmu_atc_inv_to_cmd(ssid, iova, size, &cmd);
2239 spin_lock_irqsave(&smmu_domain->devices_lock, flags);
2240 list_for_each_entry(master, &smmu_domain->devices, domain_head) {
2241 if (!master->ats_enabled)
2244 for (i = 0; i < master->num_sids; i++) {
2245 cmd.atc.sid = master->sids[i];
2246 arm_smmu_cmdq_batch_add(smmu_domain->smmu, &cmds, &cmd);
2249 spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);
2251 return arm_smmu_cmdq_batch_submit(smmu_domain->smmu, &cmds);
2254 /* IO_PGTABLE API */
2255 static void arm_smmu_tlb_inv_context(void *cookie)
2257 struct arm_smmu_domain *smmu_domain = cookie;
2258 struct arm_smmu_device *smmu = smmu_domain->smmu;
2259 struct arm_smmu_cmdq_ent cmd;
2261 if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
2262 cmd.opcode = CMDQ_OP_TLBI_NH_ASID;
2263 cmd.tlbi.asid = smmu_domain->s1_cfg.cd.asid;
2266 cmd.opcode = CMDQ_OP_TLBI_S12_VMALL;
2267 cmd.tlbi.vmid = smmu_domain->s2_cfg.vmid;
2271 * NOTE: when io-pgtable is in non-strict mode, we may get here with
2272 * PTEs previously cleared by unmaps on the current CPU not yet visible
2273 * to the SMMU. We are relying on the dma_wmb() implicit during cmd
2274 * insertion to guarantee those are observed before the TLBI. Do be
2277 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
2278 arm_smmu_cmdq_issue_sync(smmu);
2279 arm_smmu_atc_inv_domain(smmu_domain, 0, 0, 0);
2282 static void arm_smmu_tlb_inv_range(unsigned long iova, size_t size,
2283 size_t granule, bool leaf,
2284 struct arm_smmu_domain *smmu_domain)
2286 struct arm_smmu_device *smmu = smmu_domain->smmu;
2287 unsigned long start = iova, end = iova + size, num_pages = 0, tg = 0;
2288 size_t inv_range = granule;
2289 struct arm_smmu_cmdq_batch cmds = {};
2290 struct arm_smmu_cmdq_ent cmd = {
2299 if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
2300 cmd.opcode = CMDQ_OP_TLBI_NH_VA;
2301 cmd.tlbi.asid = smmu_domain->s1_cfg.cd.asid;
2303 cmd.opcode = CMDQ_OP_TLBI_S2_IPA;
2304 cmd.tlbi.vmid = smmu_domain->s2_cfg.vmid;
2307 if (smmu->features & ARM_SMMU_FEAT_RANGE_INV) {
2308 /* Get the leaf page size */
2309 tg = __ffs(smmu_domain->domain.pgsize_bitmap);
2311 /* Convert page size of 12,14,16 (log2) to 1,2,3 */
2312 cmd.tlbi.tg = (tg - 10) / 2;
2314 /* Determine what level the granule is at */
2315 cmd.tlbi.ttl = 4 - ((ilog2(granule) - 3) / (tg - 3));
2317 num_pages = size >> tg;
2320 while (iova < end) {
2321 if (smmu->features & ARM_SMMU_FEAT_RANGE_INV) {
2323 * On each iteration of the loop, the range is 5 bits
2324 * worth of the aligned size remaining.
2325 * The range in pages is:
2327 * range = (num_pages & (0x1f << __ffs(num_pages)))
2329 unsigned long scale, num;
2331 /* Determine the power of 2 multiple number of pages */
2332 scale = __ffs(num_pages);
2333 cmd.tlbi.scale = scale;
2335 /* Determine how many chunks of 2^scale size we have */
2336 num = (num_pages >> scale) & CMDQ_TLBI_RANGE_NUM_MAX;
2337 cmd.tlbi.num = num - 1;
2339 /* range is num * 2^scale * pgsize */
2340 inv_range = num << (scale + tg);
2342 /* Clear out the lower order bits for the next iteration */
2343 num_pages -= num << scale;
2346 cmd.tlbi.addr = iova;
2347 arm_smmu_cmdq_batch_add(smmu, &cmds, &cmd);
2350 arm_smmu_cmdq_batch_submit(smmu, &cmds);
2353 * Unfortunately, this can't be leaf-only since we may have
2354 * zapped an entire table.
2356 arm_smmu_atc_inv_domain(smmu_domain, 0, start, size);
2359 static void arm_smmu_tlb_inv_page_nosync(struct iommu_iotlb_gather *gather,
2360 unsigned long iova, size_t granule,
2363 struct arm_smmu_domain *smmu_domain = cookie;
2364 struct iommu_domain *domain = &smmu_domain->domain;
2366 iommu_iotlb_gather_add_page(domain, gather, iova, granule);
2369 static void arm_smmu_tlb_inv_walk(unsigned long iova, size_t size,
2370 size_t granule, void *cookie)
2372 arm_smmu_tlb_inv_range(iova, size, granule, false, cookie);
2375 static void arm_smmu_tlb_inv_leaf(unsigned long iova, size_t size,
2376 size_t granule, void *cookie)
2378 arm_smmu_tlb_inv_range(iova, size, granule, true, cookie);
2381 static const struct iommu_flush_ops arm_smmu_flush_ops = {
2382 .tlb_flush_all = arm_smmu_tlb_inv_context,
2383 .tlb_flush_walk = arm_smmu_tlb_inv_walk,
2384 .tlb_flush_leaf = arm_smmu_tlb_inv_leaf,
2385 .tlb_add_page = arm_smmu_tlb_inv_page_nosync,
2389 static bool arm_smmu_capable(enum iommu_cap cap)
2392 case IOMMU_CAP_CACHE_COHERENCY:
2394 case IOMMU_CAP_NOEXEC:
2401 static struct iommu_domain *arm_smmu_domain_alloc(unsigned type)
2403 struct arm_smmu_domain *smmu_domain;
2405 if (type != IOMMU_DOMAIN_UNMANAGED &&
2406 type != IOMMU_DOMAIN_DMA &&
2407 type != IOMMU_DOMAIN_IDENTITY)
2411 * Allocate the domain and initialise some of its data structures.
2412 * We can't really do anything meaningful until we've added a
2415 smmu_domain = kzalloc(sizeof(*smmu_domain), GFP_KERNEL);
2419 if (type == IOMMU_DOMAIN_DMA &&
2420 iommu_get_dma_cookie(&smmu_domain->domain)) {
2425 mutex_init(&smmu_domain->init_mutex);
2426 INIT_LIST_HEAD(&smmu_domain->devices);
2427 spin_lock_init(&smmu_domain->devices_lock);
2429 return &smmu_domain->domain;
2432 static int arm_smmu_bitmap_alloc(unsigned long *map, int span)
2434 int idx, size = 1 << span;
2437 idx = find_first_zero_bit(map, size);
2440 } while (test_and_set_bit(idx, map));
2445 static void arm_smmu_bitmap_free(unsigned long *map, int idx)
2447 clear_bit(idx, map);
2450 static void arm_smmu_domain_free(struct iommu_domain *domain)
2452 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2453 struct arm_smmu_device *smmu = smmu_domain->smmu;
2455 iommu_put_dma_cookie(domain);
2456 free_io_pgtable_ops(smmu_domain->pgtbl_ops);
2458 /* Free the CD and ASID, if we allocated them */
2459 if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
2460 struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;
2462 if (cfg->cdcfg.cdtab)
2463 arm_smmu_free_cd_tables(smmu_domain);
2464 arm_smmu_free_asid(&cfg->cd);
2466 struct arm_smmu_s2_cfg *cfg = &smmu_domain->s2_cfg;
2468 arm_smmu_bitmap_free(smmu->vmid_map, cfg->vmid);
2474 static int arm_smmu_domain_finalise_s1(struct arm_smmu_domain *smmu_domain,
2475 struct arm_smmu_master *master,
2476 struct io_pgtable_cfg *pgtbl_cfg)
2480 struct arm_smmu_device *smmu = smmu_domain->smmu;
2481 struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;
2482 typeof(&pgtbl_cfg->arm_lpae_s1_cfg.tcr) tcr = &pgtbl_cfg->arm_lpae_s1_cfg.tcr;
2484 ret = xa_alloc(&asid_xa, &asid, &cfg->cd,
2485 XA_LIMIT(1, (1 << smmu->asid_bits) - 1), GFP_KERNEL);
2489 cfg->s1cdmax = master->ssid_bits;
2491 ret = arm_smmu_alloc_cd_tables(smmu_domain);
2495 cfg->cd.asid = (u16)asid;
2496 cfg->cd.ttbr = pgtbl_cfg->arm_lpae_s1_cfg.ttbr;
2497 cfg->cd.tcr = FIELD_PREP(CTXDESC_CD_0_TCR_T0SZ, tcr->tsz) |
2498 FIELD_PREP(CTXDESC_CD_0_TCR_TG0, tcr->tg) |
2499 FIELD_PREP(CTXDESC_CD_0_TCR_IRGN0, tcr->irgn) |
2500 FIELD_PREP(CTXDESC_CD_0_TCR_ORGN0, tcr->orgn) |
2501 FIELD_PREP(CTXDESC_CD_0_TCR_SH0, tcr->sh) |
2502 FIELD_PREP(CTXDESC_CD_0_TCR_IPS, tcr->ips) |
2503 CTXDESC_CD_0_TCR_EPD1 | CTXDESC_CD_0_AA64;
2504 cfg->cd.mair = pgtbl_cfg->arm_lpae_s1_cfg.mair;
2507 * Note that this will end up calling arm_smmu_sync_cd() before
2508 * the master has been added to the devices list for this domain.
2509 * This isn't an issue because the STE hasn't been installed yet.
2511 ret = arm_smmu_write_ctx_desc(smmu_domain, 0, &cfg->cd);
2513 goto out_free_cd_tables;
2518 arm_smmu_free_cd_tables(smmu_domain);
2520 arm_smmu_free_asid(&cfg->cd);
2524 static int arm_smmu_domain_finalise_s2(struct arm_smmu_domain *smmu_domain,
2525 struct arm_smmu_master *master,
2526 struct io_pgtable_cfg *pgtbl_cfg)
2529 struct arm_smmu_device *smmu = smmu_domain->smmu;
2530 struct arm_smmu_s2_cfg *cfg = &smmu_domain->s2_cfg;
2531 typeof(&pgtbl_cfg->arm_lpae_s2_cfg.vtcr) vtcr;
2533 vmid = arm_smmu_bitmap_alloc(smmu->vmid_map, smmu->vmid_bits);
2537 vtcr = &pgtbl_cfg->arm_lpae_s2_cfg.vtcr;
2538 cfg->vmid = (u16)vmid;
2539 cfg->vttbr = pgtbl_cfg->arm_lpae_s2_cfg.vttbr;
2540 cfg->vtcr = FIELD_PREP(STRTAB_STE_2_VTCR_S2T0SZ, vtcr->tsz) |
2541 FIELD_PREP(STRTAB_STE_2_VTCR_S2SL0, vtcr->sl) |
2542 FIELD_PREP(STRTAB_STE_2_VTCR_S2IR0, vtcr->irgn) |
2543 FIELD_PREP(STRTAB_STE_2_VTCR_S2OR0, vtcr->orgn) |
2544 FIELD_PREP(STRTAB_STE_2_VTCR_S2SH0, vtcr->sh) |
2545 FIELD_PREP(STRTAB_STE_2_VTCR_S2TG, vtcr->tg) |
2546 FIELD_PREP(STRTAB_STE_2_VTCR_S2PS, vtcr->ps);
2550 static int arm_smmu_domain_finalise(struct iommu_domain *domain,
2551 struct arm_smmu_master *master)
2554 unsigned long ias, oas;
2555 enum io_pgtable_fmt fmt;
2556 struct io_pgtable_cfg pgtbl_cfg;
2557 struct io_pgtable_ops *pgtbl_ops;
2558 int (*finalise_stage_fn)(struct arm_smmu_domain *,
2559 struct arm_smmu_master *,
2560 struct io_pgtable_cfg *);
2561 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2562 struct arm_smmu_device *smmu = smmu_domain->smmu;
2564 if (domain->type == IOMMU_DOMAIN_IDENTITY) {
2565 smmu_domain->stage = ARM_SMMU_DOMAIN_BYPASS;
2569 /* Restrict the stage to what we can actually support */
2570 if (!(smmu->features & ARM_SMMU_FEAT_TRANS_S1))
2571 smmu_domain->stage = ARM_SMMU_DOMAIN_S2;
2572 if (!(smmu->features & ARM_SMMU_FEAT_TRANS_S2))
2573 smmu_domain->stage = ARM_SMMU_DOMAIN_S1;
2575 switch (smmu_domain->stage) {
2576 case ARM_SMMU_DOMAIN_S1:
2577 ias = (smmu->features & ARM_SMMU_FEAT_VAX) ? 52 : 48;
2578 ias = min_t(unsigned long, ias, VA_BITS);
2580 fmt = ARM_64_LPAE_S1;
2581 finalise_stage_fn = arm_smmu_domain_finalise_s1;
2583 case ARM_SMMU_DOMAIN_NESTED:
2584 case ARM_SMMU_DOMAIN_S2:
2587 fmt = ARM_64_LPAE_S2;
2588 finalise_stage_fn = arm_smmu_domain_finalise_s2;
2594 pgtbl_cfg = (struct io_pgtable_cfg) {
2595 .pgsize_bitmap = smmu->pgsize_bitmap,
2598 .coherent_walk = smmu->features & ARM_SMMU_FEAT_COHERENCY,
2599 .tlb = &arm_smmu_flush_ops,
2600 .iommu_dev = smmu->dev,
2603 if (smmu_domain->non_strict)
2604 pgtbl_cfg.quirks |= IO_PGTABLE_QUIRK_NON_STRICT;
2606 pgtbl_ops = alloc_io_pgtable_ops(fmt, &pgtbl_cfg, smmu_domain);
2610 domain->pgsize_bitmap = pgtbl_cfg.pgsize_bitmap;
2611 domain->geometry.aperture_end = (1UL << pgtbl_cfg.ias) - 1;
2612 domain->geometry.force_aperture = true;
2614 ret = finalise_stage_fn(smmu_domain, master, &pgtbl_cfg);
2616 free_io_pgtable_ops(pgtbl_ops);
2620 smmu_domain->pgtbl_ops = pgtbl_ops;
2624 static __le64 *arm_smmu_get_step_for_sid(struct arm_smmu_device *smmu, u32 sid)
2627 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
2629 if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) {
2630 struct arm_smmu_strtab_l1_desc *l1_desc;
2633 /* Two-level walk */
2634 idx = (sid >> STRTAB_SPLIT) * STRTAB_L1_DESC_DWORDS;
2635 l1_desc = &cfg->l1_desc[idx];
2636 idx = (sid & ((1 << STRTAB_SPLIT) - 1)) * STRTAB_STE_DWORDS;
2637 step = &l1_desc->l2ptr[idx];
2639 /* Simple linear lookup */
2640 step = &cfg->strtab[sid * STRTAB_STE_DWORDS];
2646 static void arm_smmu_install_ste_for_dev(struct arm_smmu_master *master)
2649 struct arm_smmu_device *smmu = master->smmu;
2651 for (i = 0; i < master->num_sids; ++i) {
2652 u32 sid = master->sids[i];
2653 __le64 *step = arm_smmu_get_step_for_sid(smmu, sid);
2655 /* Bridged PCI devices may end up with duplicated IDs */
2656 for (j = 0; j < i; j++)
2657 if (master->sids[j] == sid)
2662 arm_smmu_write_strtab_ent(master, sid, step);
2666 static bool arm_smmu_ats_supported(struct arm_smmu_master *master)
2668 struct device *dev = master->dev;
2669 struct arm_smmu_device *smmu = master->smmu;
2670 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2672 if (!(smmu->features & ARM_SMMU_FEAT_ATS))
2675 if (!(fwspec->flags & IOMMU_FWSPEC_PCI_RC_ATS))
2678 return dev_is_pci(dev) && pci_ats_supported(to_pci_dev(dev));
2681 static void arm_smmu_enable_ats(struct arm_smmu_master *master)
2684 struct pci_dev *pdev;
2685 struct arm_smmu_device *smmu = master->smmu;
2686 struct arm_smmu_domain *smmu_domain = master->domain;
2688 /* Don't enable ATS at the endpoint if it's not enabled in the STE */
2689 if (!master->ats_enabled)
2692 /* Smallest Translation Unit: log2 of the smallest supported granule */
2693 stu = __ffs(smmu->pgsize_bitmap);
2694 pdev = to_pci_dev(master->dev);
2696 atomic_inc(&smmu_domain->nr_ats_masters);
2697 arm_smmu_atc_inv_domain(smmu_domain, 0, 0, 0);
2698 if (pci_enable_ats(pdev, stu))
2699 dev_err(master->dev, "Failed to enable ATS (STU %zu)\n", stu);
2702 static void arm_smmu_disable_ats(struct arm_smmu_master *master)
2704 struct arm_smmu_domain *smmu_domain = master->domain;
2706 if (!master->ats_enabled)
2709 pci_disable_ats(to_pci_dev(master->dev));
2711 * Ensure ATS is disabled at the endpoint before we issue the
2712 * ATC invalidation via the SMMU.
2715 arm_smmu_atc_inv_master(master);
2716 atomic_dec(&smmu_domain->nr_ats_masters);
2719 static int arm_smmu_enable_pasid(struct arm_smmu_master *master)
2724 struct pci_dev *pdev;
2726 if (!dev_is_pci(master->dev))
2729 pdev = to_pci_dev(master->dev);
2731 features = pci_pasid_features(pdev);
2735 num_pasids = pci_max_pasids(pdev);
2736 if (num_pasids <= 0)
2739 ret = pci_enable_pasid(pdev, features);
2741 dev_err(&pdev->dev, "Failed to enable PASID\n");
2745 master->ssid_bits = min_t(u8, ilog2(num_pasids),
2746 master->smmu->ssid_bits);
2750 static void arm_smmu_disable_pasid(struct arm_smmu_master *master)
2752 struct pci_dev *pdev;
2754 if (!dev_is_pci(master->dev))
2757 pdev = to_pci_dev(master->dev);
2759 if (!pdev->pasid_enabled)
2762 master->ssid_bits = 0;
2763 pci_disable_pasid(pdev);
2766 static void arm_smmu_detach_dev(struct arm_smmu_master *master)
2768 unsigned long flags;
2769 struct arm_smmu_domain *smmu_domain = master->domain;
2774 arm_smmu_disable_ats(master);
2776 spin_lock_irqsave(&smmu_domain->devices_lock, flags);
2777 list_del(&master->domain_head);
2778 spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);
2780 master->domain = NULL;
2781 master->ats_enabled = false;
2782 arm_smmu_install_ste_for_dev(master);
2785 static int arm_smmu_attach_dev(struct iommu_domain *domain, struct device *dev)
2788 unsigned long flags;
2789 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2790 struct arm_smmu_device *smmu;
2791 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2792 struct arm_smmu_master *master;
2797 master = dev_iommu_priv_get(dev);
2798 smmu = master->smmu;
2800 arm_smmu_detach_dev(master);
2802 mutex_lock(&smmu_domain->init_mutex);
2804 if (!smmu_domain->smmu) {
2805 smmu_domain->smmu = smmu;
2806 ret = arm_smmu_domain_finalise(domain, master);
2808 smmu_domain->smmu = NULL;
2811 } else if (smmu_domain->smmu != smmu) {
2813 "cannot attach to SMMU %s (upstream of %s)\n",
2814 dev_name(smmu_domain->smmu->dev),
2815 dev_name(smmu->dev));
2818 } else if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1 &&
2819 master->ssid_bits != smmu_domain->s1_cfg.s1cdmax) {
2821 "cannot attach to incompatible domain (%u SSID bits != %u)\n",
2822 smmu_domain->s1_cfg.s1cdmax, master->ssid_bits);
2827 master->domain = smmu_domain;
2829 if (smmu_domain->stage != ARM_SMMU_DOMAIN_BYPASS)
2830 master->ats_enabled = arm_smmu_ats_supported(master);
2832 arm_smmu_install_ste_for_dev(master);
2834 spin_lock_irqsave(&smmu_domain->devices_lock, flags);
2835 list_add(&master->domain_head, &smmu_domain->devices);
2836 spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);
2838 arm_smmu_enable_ats(master);
2841 mutex_unlock(&smmu_domain->init_mutex);
2845 static int arm_smmu_map(struct iommu_domain *domain, unsigned long iova,
2846 phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
2848 struct io_pgtable_ops *ops = to_smmu_domain(domain)->pgtbl_ops;
2853 return ops->map(ops, iova, paddr, size, prot);
2856 static size_t arm_smmu_unmap(struct iommu_domain *domain, unsigned long iova,
2857 size_t size, struct iommu_iotlb_gather *gather)
2859 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2860 struct io_pgtable_ops *ops = smmu_domain->pgtbl_ops;
2865 return ops->unmap(ops, iova, size, gather);
2868 static void arm_smmu_flush_iotlb_all(struct iommu_domain *domain)
2870 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2872 if (smmu_domain->smmu)
2873 arm_smmu_tlb_inv_context(smmu_domain);
2876 static void arm_smmu_iotlb_sync(struct iommu_domain *domain,
2877 struct iommu_iotlb_gather *gather)
2879 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2881 arm_smmu_tlb_inv_range(gather->start, gather->end - gather->start,
2882 gather->pgsize, true, smmu_domain);
2886 arm_smmu_iova_to_phys(struct iommu_domain *domain, dma_addr_t iova)
2888 struct io_pgtable_ops *ops = to_smmu_domain(domain)->pgtbl_ops;
2890 if (domain->type == IOMMU_DOMAIN_IDENTITY)
2896 return ops->iova_to_phys(ops, iova);
2899 static struct platform_driver arm_smmu_driver;
2902 struct arm_smmu_device *arm_smmu_get_by_fwnode(struct fwnode_handle *fwnode)
2904 struct device *dev = driver_find_device_by_fwnode(&arm_smmu_driver.driver,
2907 return dev ? dev_get_drvdata(dev) : NULL;
2910 static bool arm_smmu_sid_in_range(struct arm_smmu_device *smmu, u32 sid)
2912 unsigned long limit = smmu->strtab_cfg.num_l1_ents;
2914 if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB)
2915 limit *= 1UL << STRTAB_SPLIT;
2920 static struct iommu_ops arm_smmu_ops;
2922 static struct iommu_device *arm_smmu_probe_device(struct device *dev)
2925 struct arm_smmu_device *smmu;
2926 struct arm_smmu_master *master;
2927 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2929 if (!fwspec || fwspec->ops != &arm_smmu_ops)
2930 return ERR_PTR(-ENODEV);
2932 if (WARN_ON_ONCE(dev_iommu_priv_get(dev)))
2933 return ERR_PTR(-EBUSY);
2935 smmu = arm_smmu_get_by_fwnode(fwspec->iommu_fwnode);
2937 return ERR_PTR(-ENODEV);
2939 master = kzalloc(sizeof(*master), GFP_KERNEL);
2941 return ERR_PTR(-ENOMEM);
2944 master->smmu = smmu;
2945 master->sids = fwspec->ids;
2946 master->num_sids = fwspec->num_ids;
2947 dev_iommu_priv_set(dev, master);
2949 /* Check the SIDs are in range of the SMMU and our stream table */
2950 for (i = 0; i < master->num_sids; i++) {
2951 u32 sid = master->sids[i];
2953 if (!arm_smmu_sid_in_range(smmu, sid)) {
2955 goto err_free_master;
2958 /* Ensure l2 strtab is initialised */
2959 if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) {
2960 ret = arm_smmu_init_l2_strtab(smmu, sid);
2962 goto err_free_master;
2966 master->ssid_bits = min(smmu->ssid_bits, fwspec->num_pasid_bits);
2969 * Note that PASID must be enabled before, and disabled after ATS:
2970 * PCI Express Base 4.0r1.0 - 10.5.1.3 ATS Control Register
2972 * Behavior is undefined if this bit is Set and the value of the PASID
2973 * Enable, Execute Requested Enable, or Privileged Mode Requested bits
2976 arm_smmu_enable_pasid(master);
2978 if (!(smmu->features & ARM_SMMU_FEAT_2_LVL_CDTAB))
2979 master->ssid_bits = min_t(u8, master->ssid_bits,
2980 CTXDESC_LINEAR_CDMAX);
2982 return &smmu->iommu;
2986 dev_iommu_priv_set(dev, NULL);
2987 return ERR_PTR(ret);
2990 static void arm_smmu_release_device(struct device *dev)
2992 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2993 struct arm_smmu_master *master;
2995 if (!fwspec || fwspec->ops != &arm_smmu_ops)
2998 master = dev_iommu_priv_get(dev);
2999 arm_smmu_detach_dev(master);
3000 arm_smmu_disable_pasid(master);
3002 iommu_fwspec_free(dev);
3005 static struct iommu_group *arm_smmu_device_group(struct device *dev)
3007 struct iommu_group *group;
3010 * We don't support devices sharing stream IDs other than PCI RID
3011 * aliases, since the necessary ID-to-device lookup becomes rather
3012 * impractical given a potential sparse 32-bit stream ID space.
3014 if (dev_is_pci(dev))
3015 group = pci_device_group(dev);
3017 group = generic_device_group(dev);
3022 static int arm_smmu_domain_get_attr(struct iommu_domain *domain,
3023 enum iommu_attr attr, void *data)
3025 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
3027 switch (domain->type) {
3028 case IOMMU_DOMAIN_UNMANAGED:
3030 case DOMAIN_ATTR_NESTING:
3031 *(int *)data = (smmu_domain->stage == ARM_SMMU_DOMAIN_NESTED);
3037 case IOMMU_DOMAIN_DMA:
3039 case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE:
3040 *(int *)data = smmu_domain->non_strict;
3051 static int arm_smmu_domain_set_attr(struct iommu_domain *domain,
3052 enum iommu_attr attr, void *data)
3055 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
3057 mutex_lock(&smmu_domain->init_mutex);
3059 switch (domain->type) {
3060 case IOMMU_DOMAIN_UNMANAGED:
3062 case DOMAIN_ATTR_NESTING:
3063 if (smmu_domain->smmu) {
3069 smmu_domain->stage = ARM_SMMU_DOMAIN_NESTED;
3071 smmu_domain->stage = ARM_SMMU_DOMAIN_S1;
3077 case IOMMU_DOMAIN_DMA:
3079 case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE:
3080 smmu_domain->non_strict = *(int *)data;
3091 mutex_unlock(&smmu_domain->init_mutex);
3095 static int arm_smmu_of_xlate(struct device *dev, struct of_phandle_args *args)
3097 return iommu_fwspec_add_ids(dev, args->args, 1);
3100 static void arm_smmu_get_resv_regions(struct device *dev,
3101 struct list_head *head)
3103 struct iommu_resv_region *region;
3104 int prot = IOMMU_WRITE | IOMMU_NOEXEC | IOMMU_MMIO;
3106 region = iommu_alloc_resv_region(MSI_IOVA_BASE, MSI_IOVA_LENGTH,
3107 prot, IOMMU_RESV_SW_MSI);
3111 list_add_tail(®ion->list, head);
3113 iommu_dma_get_resv_regions(dev, head);
3116 static struct iommu_ops arm_smmu_ops = {
3117 .capable = arm_smmu_capable,
3118 .domain_alloc = arm_smmu_domain_alloc,
3119 .domain_free = arm_smmu_domain_free,
3120 .attach_dev = arm_smmu_attach_dev,
3121 .map = arm_smmu_map,
3122 .unmap = arm_smmu_unmap,
3123 .flush_iotlb_all = arm_smmu_flush_iotlb_all,
3124 .iotlb_sync = arm_smmu_iotlb_sync,
3125 .iova_to_phys = arm_smmu_iova_to_phys,
3126 .probe_device = arm_smmu_probe_device,
3127 .release_device = arm_smmu_release_device,
3128 .device_group = arm_smmu_device_group,
3129 .domain_get_attr = arm_smmu_domain_get_attr,
3130 .domain_set_attr = arm_smmu_domain_set_attr,
3131 .of_xlate = arm_smmu_of_xlate,
3132 .get_resv_regions = arm_smmu_get_resv_regions,
3133 .put_resv_regions = generic_iommu_put_resv_regions,
3134 .pgsize_bitmap = -1UL, /* Restricted during device attach */
3137 /* Probing and initialisation functions */
3138 static int arm_smmu_init_one_queue(struct arm_smmu_device *smmu,
3139 struct arm_smmu_queue *q,
3140 unsigned long prod_off,
3141 unsigned long cons_off,
3142 size_t dwords, const char *name)
3147 qsz = ((1 << q->llq.max_n_shift) * dwords) << 3;
3148 q->base = dmam_alloc_coherent(smmu->dev, qsz, &q->base_dma,
3150 if (q->base || qsz < PAGE_SIZE)
3153 q->llq.max_n_shift--;
3158 "failed to allocate queue (0x%zx bytes) for %s\n",
3163 if (!WARN_ON(q->base_dma & (qsz - 1))) {
3164 dev_info(smmu->dev, "allocated %u entries for %s\n",
3165 1 << q->llq.max_n_shift, name);
3168 q->prod_reg = arm_smmu_page1_fixup(prod_off, smmu);
3169 q->cons_reg = arm_smmu_page1_fixup(cons_off, smmu);
3170 q->ent_dwords = dwords;
3172 q->q_base = Q_BASE_RWA;
3173 q->q_base |= q->base_dma & Q_BASE_ADDR_MASK;
3174 q->q_base |= FIELD_PREP(Q_BASE_LOG2SIZE, q->llq.max_n_shift);
3176 q->llq.prod = q->llq.cons = 0;
3180 static void arm_smmu_cmdq_free_bitmap(void *data)
3182 unsigned long *bitmap = data;
3183 bitmap_free(bitmap);
3186 static int arm_smmu_cmdq_init(struct arm_smmu_device *smmu)
3189 struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
3190 unsigned int nents = 1 << cmdq->q.llq.max_n_shift;
3191 atomic_long_t *bitmap;
3193 atomic_set(&cmdq->owner_prod, 0);
3194 atomic_set(&cmdq->lock, 0);
3196 bitmap = (atomic_long_t *)bitmap_zalloc(nents, GFP_KERNEL);
3198 dev_err(smmu->dev, "failed to allocate cmdq bitmap\n");
3201 cmdq->valid_map = bitmap;
3202 devm_add_action(smmu->dev, arm_smmu_cmdq_free_bitmap, bitmap);
3208 static int arm_smmu_init_queues(struct arm_smmu_device *smmu)
3213 ret = arm_smmu_init_one_queue(smmu, &smmu->cmdq.q, ARM_SMMU_CMDQ_PROD,
3214 ARM_SMMU_CMDQ_CONS, CMDQ_ENT_DWORDS,
3219 ret = arm_smmu_cmdq_init(smmu);
3224 ret = arm_smmu_init_one_queue(smmu, &smmu->evtq.q, ARM_SMMU_EVTQ_PROD,
3225 ARM_SMMU_EVTQ_CONS, EVTQ_ENT_DWORDS,
3231 if (!(smmu->features & ARM_SMMU_FEAT_PRI))
3234 return arm_smmu_init_one_queue(smmu, &smmu->priq.q, ARM_SMMU_PRIQ_PROD,
3235 ARM_SMMU_PRIQ_CONS, PRIQ_ENT_DWORDS,
3239 static int arm_smmu_init_l1_strtab(struct arm_smmu_device *smmu)
3242 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
3243 size_t size = sizeof(*cfg->l1_desc) * cfg->num_l1_ents;
3244 void *strtab = smmu->strtab_cfg.strtab;
3246 cfg->l1_desc = devm_kzalloc(smmu->dev, size, GFP_KERNEL);
3247 if (!cfg->l1_desc) {
3248 dev_err(smmu->dev, "failed to allocate l1 stream table desc\n");
3252 for (i = 0; i < cfg->num_l1_ents; ++i) {
3253 arm_smmu_write_strtab_l1_desc(strtab, &cfg->l1_desc[i]);
3254 strtab += STRTAB_L1_DESC_DWORDS << 3;
3260 static int arm_smmu_init_strtab_2lvl(struct arm_smmu_device *smmu)
3265 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
3267 /* Calculate the L1 size, capped to the SIDSIZE. */
3268 size = STRTAB_L1_SZ_SHIFT - (ilog2(STRTAB_L1_DESC_DWORDS) + 3);
3269 size = min(size, smmu->sid_bits - STRTAB_SPLIT);
3270 cfg->num_l1_ents = 1 << size;
3272 size += STRTAB_SPLIT;
3273 if (size < smmu->sid_bits)
3275 "2-level strtab only covers %u/%u bits of SID\n",
3276 size, smmu->sid_bits);
3278 l1size = cfg->num_l1_ents * (STRTAB_L1_DESC_DWORDS << 3);
3279 strtab = dmam_alloc_coherent(smmu->dev, l1size, &cfg->strtab_dma,
3283 "failed to allocate l1 stream table (%u bytes)\n",
3287 cfg->strtab = strtab;
3289 /* Configure strtab_base_cfg for 2 levels */
3290 reg = FIELD_PREP(STRTAB_BASE_CFG_FMT, STRTAB_BASE_CFG_FMT_2LVL);
3291 reg |= FIELD_PREP(STRTAB_BASE_CFG_LOG2SIZE, size);
3292 reg |= FIELD_PREP(STRTAB_BASE_CFG_SPLIT, STRTAB_SPLIT);
3293 cfg->strtab_base_cfg = reg;
3295 return arm_smmu_init_l1_strtab(smmu);
3298 static int arm_smmu_init_strtab_linear(struct arm_smmu_device *smmu)
3303 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
3305 size = (1 << smmu->sid_bits) * (STRTAB_STE_DWORDS << 3);
3306 strtab = dmam_alloc_coherent(smmu->dev, size, &cfg->strtab_dma,
3310 "failed to allocate linear stream table (%u bytes)\n",
3314 cfg->strtab = strtab;
3315 cfg->num_l1_ents = 1 << smmu->sid_bits;
3317 /* Configure strtab_base_cfg for a linear table covering all SIDs */
3318 reg = FIELD_PREP(STRTAB_BASE_CFG_FMT, STRTAB_BASE_CFG_FMT_LINEAR);
3319 reg |= FIELD_PREP(STRTAB_BASE_CFG_LOG2SIZE, smmu->sid_bits);
3320 cfg->strtab_base_cfg = reg;
3322 arm_smmu_init_bypass_stes(strtab, cfg->num_l1_ents);
3326 static int arm_smmu_init_strtab(struct arm_smmu_device *smmu)
3331 if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB)
3332 ret = arm_smmu_init_strtab_2lvl(smmu);
3334 ret = arm_smmu_init_strtab_linear(smmu);
3339 /* Set the strtab base address */
3340 reg = smmu->strtab_cfg.strtab_dma & STRTAB_BASE_ADDR_MASK;
3341 reg |= STRTAB_BASE_RA;
3342 smmu->strtab_cfg.strtab_base = reg;
3344 /* Allocate the first VMID for stage-2 bypass STEs */
3345 set_bit(0, smmu->vmid_map);
3349 static int arm_smmu_init_structures(struct arm_smmu_device *smmu)
3353 ret = arm_smmu_init_queues(smmu);
3357 return arm_smmu_init_strtab(smmu);
3360 static int arm_smmu_write_reg_sync(struct arm_smmu_device *smmu, u32 val,
3361 unsigned int reg_off, unsigned int ack_off)
3365 writel_relaxed(val, smmu->base + reg_off);
3366 return readl_relaxed_poll_timeout(smmu->base + ack_off, reg, reg == val,
3367 1, ARM_SMMU_POLL_TIMEOUT_US);
3370 /* GBPA is "special" */
3371 static int arm_smmu_update_gbpa(struct arm_smmu_device *smmu, u32 set, u32 clr)
3374 u32 reg, __iomem *gbpa = smmu->base + ARM_SMMU_GBPA;
3376 ret = readl_relaxed_poll_timeout(gbpa, reg, !(reg & GBPA_UPDATE),
3377 1, ARM_SMMU_POLL_TIMEOUT_US);
3383 writel_relaxed(reg | GBPA_UPDATE, gbpa);
3384 ret = readl_relaxed_poll_timeout(gbpa, reg, !(reg & GBPA_UPDATE),
3385 1, ARM_SMMU_POLL_TIMEOUT_US);
3388 dev_err(smmu->dev, "GBPA not responding to update\n");
3392 static void arm_smmu_free_msis(void *data)
3394 struct device *dev = data;
3395 platform_msi_domain_free_irqs(dev);
3398 static void arm_smmu_write_msi_msg(struct msi_desc *desc, struct msi_msg *msg)
3400 phys_addr_t doorbell;
3401 struct device *dev = msi_desc_to_dev(desc);
3402 struct arm_smmu_device *smmu = dev_get_drvdata(dev);
3403 phys_addr_t *cfg = arm_smmu_msi_cfg[desc->platform.msi_index];
3405 doorbell = (((u64)msg->address_hi) << 32) | msg->address_lo;
3406 doorbell &= MSI_CFG0_ADDR_MASK;
3408 writeq_relaxed(doorbell, smmu->base + cfg[0]);
3409 writel_relaxed(msg->data, smmu->base + cfg[1]);
3410 writel_relaxed(ARM_SMMU_MEMATTR_DEVICE_nGnRE, smmu->base + cfg[2]);
3413 static void arm_smmu_setup_msis(struct arm_smmu_device *smmu)
3415 struct msi_desc *desc;
3416 int ret, nvec = ARM_SMMU_MAX_MSIS;
3417 struct device *dev = smmu->dev;
3419 /* Clear the MSI address regs */
3420 writeq_relaxed(0, smmu->base + ARM_SMMU_GERROR_IRQ_CFG0);
3421 writeq_relaxed(0, smmu->base + ARM_SMMU_EVTQ_IRQ_CFG0);
3423 if (smmu->features & ARM_SMMU_FEAT_PRI)
3424 writeq_relaxed(0, smmu->base + ARM_SMMU_PRIQ_IRQ_CFG0);
3428 if (!(smmu->features & ARM_SMMU_FEAT_MSI))
3431 if (!dev->msi_domain) {
3432 dev_info(smmu->dev, "msi_domain absent - falling back to wired irqs\n");
3436 /* Allocate MSIs for evtq, gerror and priq. Ignore cmdq */
3437 ret = platform_msi_domain_alloc_irqs(dev, nvec, arm_smmu_write_msi_msg);
3439 dev_warn(dev, "failed to allocate MSIs - falling back to wired irqs\n");
3443 for_each_msi_entry(desc, dev) {
3444 switch (desc->platform.msi_index) {
3445 case EVTQ_MSI_INDEX:
3446 smmu->evtq.q.irq = desc->irq;
3448 case GERROR_MSI_INDEX:
3449 smmu->gerr_irq = desc->irq;
3451 case PRIQ_MSI_INDEX:
3452 smmu->priq.q.irq = desc->irq;
3454 default: /* Unknown */
3459 /* Add callback to free MSIs on teardown */
3460 devm_add_action(dev, arm_smmu_free_msis, dev);
3463 static void arm_smmu_setup_unique_irqs(struct arm_smmu_device *smmu)
3467 arm_smmu_setup_msis(smmu);
3469 /* Request interrupt lines */
3470 irq = smmu->evtq.q.irq;
3472 ret = devm_request_threaded_irq(smmu->dev, irq, NULL,
3473 arm_smmu_evtq_thread,
3475 "arm-smmu-v3-evtq", smmu);
3477 dev_warn(smmu->dev, "failed to enable evtq irq\n");
3479 dev_warn(smmu->dev, "no evtq irq - events will not be reported!\n");
3482 irq = smmu->gerr_irq;
3484 ret = devm_request_irq(smmu->dev, irq, arm_smmu_gerror_handler,
3485 0, "arm-smmu-v3-gerror", smmu);
3487 dev_warn(smmu->dev, "failed to enable gerror irq\n");
3489 dev_warn(smmu->dev, "no gerr irq - errors will not be reported!\n");
3492 if (smmu->features & ARM_SMMU_FEAT_PRI) {
3493 irq = smmu->priq.q.irq;
3495 ret = devm_request_threaded_irq(smmu->dev, irq, NULL,
3496 arm_smmu_priq_thread,
3502 "failed to enable priq irq\n");
3504 dev_warn(smmu->dev, "no priq irq - PRI will be broken\n");
3509 static int arm_smmu_setup_irqs(struct arm_smmu_device *smmu)
3512 u32 irqen_flags = IRQ_CTRL_EVTQ_IRQEN | IRQ_CTRL_GERROR_IRQEN;
3514 /* Disable IRQs first */
3515 ret = arm_smmu_write_reg_sync(smmu, 0, ARM_SMMU_IRQ_CTRL,
3516 ARM_SMMU_IRQ_CTRLACK);
3518 dev_err(smmu->dev, "failed to disable irqs\n");
3522 irq = smmu->combined_irq;
3525 * Cavium ThunderX2 implementation doesn't support unique irq
3526 * lines. Use a single irq line for all the SMMUv3 interrupts.
3528 ret = devm_request_threaded_irq(smmu->dev, irq,
3529 arm_smmu_combined_irq_handler,
3530 arm_smmu_combined_irq_thread,
3532 "arm-smmu-v3-combined-irq", smmu);
3534 dev_warn(smmu->dev, "failed to enable combined irq\n");
3536 arm_smmu_setup_unique_irqs(smmu);
3538 if (smmu->features & ARM_SMMU_FEAT_PRI)
3539 irqen_flags |= IRQ_CTRL_PRIQ_IRQEN;
3541 /* Enable interrupt generation on the SMMU */
3542 ret = arm_smmu_write_reg_sync(smmu, irqen_flags,
3543 ARM_SMMU_IRQ_CTRL, ARM_SMMU_IRQ_CTRLACK);
3545 dev_warn(smmu->dev, "failed to enable irqs\n");
3550 static int arm_smmu_device_disable(struct arm_smmu_device *smmu)
3554 ret = arm_smmu_write_reg_sync(smmu, 0, ARM_SMMU_CR0, ARM_SMMU_CR0ACK);
3556 dev_err(smmu->dev, "failed to clear cr0\n");
3561 static int arm_smmu_device_reset(struct arm_smmu_device *smmu, bool bypass)
3565 struct arm_smmu_cmdq_ent cmd;
3567 /* Clear CR0 and sync (disables SMMU and queue processing) */
3568 reg = readl_relaxed(smmu->base + ARM_SMMU_CR0);
3569 if (reg & CR0_SMMUEN) {
3570 dev_warn(smmu->dev, "SMMU currently enabled! Resetting...\n");
3571 WARN_ON(is_kdump_kernel() && !disable_bypass);
3572 arm_smmu_update_gbpa(smmu, GBPA_ABORT, 0);
3575 ret = arm_smmu_device_disable(smmu);
3579 /* CR1 (table and queue memory attributes) */
3580 reg = FIELD_PREP(CR1_TABLE_SH, ARM_SMMU_SH_ISH) |
3581 FIELD_PREP(CR1_TABLE_OC, CR1_CACHE_WB) |
3582 FIELD_PREP(CR1_TABLE_IC, CR1_CACHE_WB) |
3583 FIELD_PREP(CR1_QUEUE_SH, ARM_SMMU_SH_ISH) |
3584 FIELD_PREP(CR1_QUEUE_OC, CR1_CACHE_WB) |
3585 FIELD_PREP(CR1_QUEUE_IC, CR1_CACHE_WB);
3586 writel_relaxed(reg, smmu->base + ARM_SMMU_CR1);
3588 /* CR2 (random crap) */
3589 reg = CR2_PTM | CR2_RECINVSID | CR2_E2H;
3590 writel_relaxed(reg, smmu->base + ARM_SMMU_CR2);
3593 writeq_relaxed(smmu->strtab_cfg.strtab_base,
3594 smmu->base + ARM_SMMU_STRTAB_BASE);
3595 writel_relaxed(smmu->strtab_cfg.strtab_base_cfg,
3596 smmu->base + ARM_SMMU_STRTAB_BASE_CFG);
3599 writeq_relaxed(smmu->cmdq.q.q_base, smmu->base + ARM_SMMU_CMDQ_BASE);
3600 writel_relaxed(smmu->cmdq.q.llq.prod, smmu->base + ARM_SMMU_CMDQ_PROD);
3601 writel_relaxed(smmu->cmdq.q.llq.cons, smmu->base + ARM_SMMU_CMDQ_CONS);
3603 enables = CR0_CMDQEN;
3604 ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3607 dev_err(smmu->dev, "failed to enable command queue\n");
3611 /* Invalidate any cached configuration */
3612 cmd.opcode = CMDQ_OP_CFGI_ALL;
3613 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
3614 arm_smmu_cmdq_issue_sync(smmu);
3616 /* Invalidate any stale TLB entries */
3617 if (smmu->features & ARM_SMMU_FEAT_HYP) {
3618 cmd.opcode = CMDQ_OP_TLBI_EL2_ALL;
3619 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
3622 cmd.opcode = CMDQ_OP_TLBI_NSNH_ALL;
3623 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
3624 arm_smmu_cmdq_issue_sync(smmu);
3627 writeq_relaxed(smmu->evtq.q.q_base, smmu->base + ARM_SMMU_EVTQ_BASE);
3628 writel_relaxed(smmu->evtq.q.llq.prod,
3629 arm_smmu_page1_fixup(ARM_SMMU_EVTQ_PROD, smmu));
3630 writel_relaxed(smmu->evtq.q.llq.cons,
3631 arm_smmu_page1_fixup(ARM_SMMU_EVTQ_CONS, smmu));
3633 enables |= CR0_EVTQEN;
3634 ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3637 dev_err(smmu->dev, "failed to enable event queue\n");
3642 if (smmu->features & ARM_SMMU_FEAT_PRI) {
3643 writeq_relaxed(smmu->priq.q.q_base,
3644 smmu->base + ARM_SMMU_PRIQ_BASE);
3645 writel_relaxed(smmu->priq.q.llq.prod,
3646 arm_smmu_page1_fixup(ARM_SMMU_PRIQ_PROD, smmu));
3647 writel_relaxed(smmu->priq.q.llq.cons,
3648 arm_smmu_page1_fixup(ARM_SMMU_PRIQ_CONS, smmu));
3650 enables |= CR0_PRIQEN;
3651 ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3654 dev_err(smmu->dev, "failed to enable PRI queue\n");
3659 if (smmu->features & ARM_SMMU_FEAT_ATS) {
3660 enables |= CR0_ATSCHK;
3661 ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3664 dev_err(smmu->dev, "failed to enable ATS check\n");
3669 ret = arm_smmu_setup_irqs(smmu);
3671 dev_err(smmu->dev, "failed to setup irqs\n");
3675 if (is_kdump_kernel())
3676 enables &= ~(CR0_EVTQEN | CR0_PRIQEN);
3678 /* Enable the SMMU interface, or ensure bypass */
3679 if (!bypass || disable_bypass) {
3680 enables |= CR0_SMMUEN;
3682 ret = arm_smmu_update_gbpa(smmu, 0, GBPA_ABORT);
3686 ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3689 dev_err(smmu->dev, "failed to enable SMMU interface\n");
3696 static int arm_smmu_device_hw_probe(struct arm_smmu_device *smmu)
3699 bool coherent = smmu->features & ARM_SMMU_FEAT_COHERENCY;
3702 reg = readl_relaxed(smmu->base + ARM_SMMU_IDR0);
3704 /* 2-level structures */
3705 if (FIELD_GET(IDR0_ST_LVL, reg) == IDR0_ST_LVL_2LVL)
3706 smmu->features |= ARM_SMMU_FEAT_2_LVL_STRTAB;
3708 if (reg & IDR0_CD2L)
3709 smmu->features |= ARM_SMMU_FEAT_2_LVL_CDTAB;
3712 * Translation table endianness.
3713 * We currently require the same endianness as the CPU, but this
3714 * could be changed later by adding a new IO_PGTABLE_QUIRK.
3716 switch (FIELD_GET(IDR0_TTENDIAN, reg)) {
3717 case IDR0_TTENDIAN_MIXED:
3718 smmu->features |= ARM_SMMU_FEAT_TT_LE | ARM_SMMU_FEAT_TT_BE;
3721 case IDR0_TTENDIAN_BE:
3722 smmu->features |= ARM_SMMU_FEAT_TT_BE;
3725 case IDR0_TTENDIAN_LE:
3726 smmu->features |= ARM_SMMU_FEAT_TT_LE;
3730 dev_err(smmu->dev, "unknown/unsupported TT endianness!\n");
3734 /* Boolean feature flags */
3735 if (IS_ENABLED(CONFIG_PCI_PRI) && reg & IDR0_PRI)
3736 smmu->features |= ARM_SMMU_FEAT_PRI;
3738 if (IS_ENABLED(CONFIG_PCI_ATS) && reg & IDR0_ATS)
3739 smmu->features |= ARM_SMMU_FEAT_ATS;
3742 smmu->features |= ARM_SMMU_FEAT_SEV;
3745 smmu->features |= ARM_SMMU_FEAT_MSI;
3748 smmu->features |= ARM_SMMU_FEAT_HYP;
3751 * The coherency feature as set by FW is used in preference to the ID
3752 * register, but warn on mismatch.
3754 if (!!(reg & IDR0_COHACC) != coherent)
3755 dev_warn(smmu->dev, "IDR0.COHACC overridden by FW configuration (%s)\n",
3756 coherent ? "true" : "false");
3758 switch (FIELD_GET(IDR0_STALL_MODEL, reg)) {
3759 case IDR0_STALL_MODEL_FORCE:
3760 smmu->features |= ARM_SMMU_FEAT_STALL_FORCE;
3762 case IDR0_STALL_MODEL_STALL:
3763 smmu->features |= ARM_SMMU_FEAT_STALLS;
3767 smmu->features |= ARM_SMMU_FEAT_TRANS_S1;
3770 smmu->features |= ARM_SMMU_FEAT_TRANS_S2;
3772 if (!(reg & (IDR0_S1P | IDR0_S2P))) {
3773 dev_err(smmu->dev, "no translation support!\n");
3777 /* We only support the AArch64 table format at present */
3778 switch (FIELD_GET(IDR0_TTF, reg)) {
3779 case IDR0_TTF_AARCH32_64:
3782 case IDR0_TTF_AARCH64:
3785 dev_err(smmu->dev, "AArch64 table format not supported!\n");
3789 /* ASID/VMID sizes */
3790 smmu->asid_bits = reg & IDR0_ASID16 ? 16 : 8;
3791 smmu->vmid_bits = reg & IDR0_VMID16 ? 16 : 8;
3794 reg = readl_relaxed(smmu->base + ARM_SMMU_IDR1);
3795 if (reg & (IDR1_TABLES_PRESET | IDR1_QUEUES_PRESET | IDR1_REL)) {
3796 dev_err(smmu->dev, "embedded implementation not supported\n");
3800 /* Queue sizes, capped to ensure natural alignment */
3801 smmu->cmdq.q.llq.max_n_shift = min_t(u32, CMDQ_MAX_SZ_SHIFT,
3802 FIELD_GET(IDR1_CMDQS, reg));
3803 if (smmu->cmdq.q.llq.max_n_shift <= ilog2(CMDQ_BATCH_ENTRIES)) {
3805 * We don't support splitting up batches, so one batch of
3806 * commands plus an extra sync needs to fit inside the command
3807 * queue. There's also no way we can handle the weird alignment
3808 * restrictions on the base pointer for a unit-length queue.
3810 dev_err(smmu->dev, "command queue size <= %d entries not supported\n",
3811 CMDQ_BATCH_ENTRIES);
3815 smmu->evtq.q.llq.max_n_shift = min_t(u32, EVTQ_MAX_SZ_SHIFT,
3816 FIELD_GET(IDR1_EVTQS, reg));
3817 smmu->priq.q.llq.max_n_shift = min_t(u32, PRIQ_MAX_SZ_SHIFT,
3818 FIELD_GET(IDR1_PRIQS, reg));
3820 /* SID/SSID sizes */
3821 smmu->ssid_bits = FIELD_GET(IDR1_SSIDSIZE, reg);
3822 smmu->sid_bits = FIELD_GET(IDR1_SIDSIZE, reg);
3825 * If the SMMU supports fewer bits than would fill a single L2 stream
3826 * table, use a linear table instead.
3828 if (smmu->sid_bits <= STRTAB_SPLIT)
3829 smmu->features &= ~ARM_SMMU_FEAT_2_LVL_STRTAB;
3832 reg = readl_relaxed(smmu->base + ARM_SMMU_IDR3);
3833 if (FIELD_GET(IDR3_RIL, reg))
3834 smmu->features |= ARM_SMMU_FEAT_RANGE_INV;
3837 reg = readl_relaxed(smmu->base + ARM_SMMU_IDR5);
3839 /* Maximum number of outstanding stalls */
3840 smmu->evtq.max_stalls = FIELD_GET(IDR5_STALL_MAX, reg);
3843 if (reg & IDR5_GRAN64K)
3844 smmu->pgsize_bitmap |= SZ_64K | SZ_512M;
3845 if (reg & IDR5_GRAN16K)
3846 smmu->pgsize_bitmap |= SZ_16K | SZ_32M;
3847 if (reg & IDR5_GRAN4K)
3848 smmu->pgsize_bitmap |= SZ_4K | SZ_2M | SZ_1G;
3850 /* Input address size */
3851 if (FIELD_GET(IDR5_VAX, reg) == IDR5_VAX_52_BIT)
3852 smmu->features |= ARM_SMMU_FEAT_VAX;
3854 /* Output address size */
3855 switch (FIELD_GET(IDR5_OAS, reg)) {
3856 case IDR5_OAS_32_BIT:
3859 case IDR5_OAS_36_BIT:
3862 case IDR5_OAS_40_BIT:
3865 case IDR5_OAS_42_BIT:
3868 case IDR5_OAS_44_BIT:
3871 case IDR5_OAS_52_BIT:
3873 smmu->pgsize_bitmap |= 1ULL << 42; /* 4TB */
3877 "unknown output address size. Truncating to 48-bit\n");
3879 case IDR5_OAS_48_BIT:
3883 if (arm_smmu_ops.pgsize_bitmap == -1UL)
3884 arm_smmu_ops.pgsize_bitmap = smmu->pgsize_bitmap;
3886 arm_smmu_ops.pgsize_bitmap |= smmu->pgsize_bitmap;
3888 /* Set the DMA mask for our table walker */
3889 if (dma_set_mask_and_coherent(smmu->dev, DMA_BIT_MASK(smmu->oas)))
3891 "failed to set DMA mask for table walker\n");
3893 smmu->ias = max(smmu->ias, smmu->oas);
3895 dev_info(smmu->dev, "ias %lu-bit, oas %lu-bit (features 0x%08x)\n",
3896 smmu->ias, smmu->oas, smmu->features);
3901 static void acpi_smmu_get_options(u32 model, struct arm_smmu_device *smmu)
3904 case ACPI_IORT_SMMU_V3_CAVIUM_CN99XX:
3905 smmu->options |= ARM_SMMU_OPT_PAGE0_REGS_ONLY;
3907 case ACPI_IORT_SMMU_V3_HISILICON_HI161X:
3908 smmu->options |= ARM_SMMU_OPT_SKIP_PREFETCH;
3912 dev_notice(smmu->dev, "option mask 0x%x\n", smmu->options);
3915 static int arm_smmu_device_acpi_probe(struct platform_device *pdev,
3916 struct arm_smmu_device *smmu)
3918 struct acpi_iort_smmu_v3 *iort_smmu;
3919 struct device *dev = smmu->dev;
3920 struct acpi_iort_node *node;
3922 node = *(struct acpi_iort_node **)dev_get_platdata(dev);
3924 /* Retrieve SMMUv3 specific data */
3925 iort_smmu = (struct acpi_iort_smmu_v3 *)node->node_data;
3927 acpi_smmu_get_options(iort_smmu->model, smmu);
3929 if (iort_smmu->flags & ACPI_IORT_SMMU_V3_COHACC_OVERRIDE)
3930 smmu->features |= ARM_SMMU_FEAT_COHERENCY;
3935 static inline int arm_smmu_device_acpi_probe(struct platform_device *pdev,
3936 struct arm_smmu_device *smmu)
3942 static int arm_smmu_device_dt_probe(struct platform_device *pdev,
3943 struct arm_smmu_device *smmu)
3945 struct device *dev = &pdev->dev;
3949 if (of_property_read_u32(dev->of_node, "#iommu-cells", &cells))
3950 dev_err(dev, "missing #iommu-cells property\n");
3951 else if (cells != 1)
3952 dev_err(dev, "invalid #iommu-cells value (%d)\n", cells);
3956 parse_driver_options(smmu);
3958 if (of_dma_is_coherent(dev->of_node))
3959 smmu->features |= ARM_SMMU_FEAT_COHERENCY;
3964 static unsigned long arm_smmu_resource_size(struct arm_smmu_device *smmu)
3966 if (smmu->options & ARM_SMMU_OPT_PAGE0_REGS_ONLY)
3972 static int arm_smmu_set_bus_ops(struct iommu_ops *ops)
3977 if (pci_bus_type.iommu_ops != ops) {
3978 err = bus_set_iommu(&pci_bus_type, ops);
3983 #ifdef CONFIG_ARM_AMBA
3984 if (amba_bustype.iommu_ops != ops) {
3985 err = bus_set_iommu(&amba_bustype, ops);
3987 goto err_reset_pci_ops;
3990 if (platform_bus_type.iommu_ops != ops) {
3991 err = bus_set_iommu(&platform_bus_type, ops);
3993 goto err_reset_amba_ops;
3999 #ifdef CONFIG_ARM_AMBA
4000 bus_set_iommu(&amba_bustype, NULL);
4002 err_reset_pci_ops: __maybe_unused;
4004 bus_set_iommu(&pci_bus_type, NULL);
4009 static void __iomem *arm_smmu_ioremap(struct device *dev, resource_size_t start,
4010 resource_size_t size)
4012 struct resource res = {
4013 .flags = IORESOURCE_MEM,
4015 .end = start + size - 1,
4018 return devm_ioremap_resource(dev, &res);
4021 static int arm_smmu_device_probe(struct platform_device *pdev)
4024 struct resource *res;
4025 resource_size_t ioaddr;
4026 struct arm_smmu_device *smmu;
4027 struct device *dev = &pdev->dev;
4030 smmu = devm_kzalloc(dev, sizeof(*smmu), GFP_KERNEL);
4032 dev_err(dev, "failed to allocate arm_smmu_device\n");
4038 ret = arm_smmu_device_dt_probe(pdev, smmu);
4040 ret = arm_smmu_device_acpi_probe(pdev, smmu);
4045 /* Set bypass mode according to firmware probing result */
4049 res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
4050 if (resource_size(res) < arm_smmu_resource_size(smmu)) {
4051 dev_err(dev, "MMIO region too small (%pr)\n", res);
4054 ioaddr = res->start;
4057 * Don't map the IMPLEMENTATION DEFINED regions, since they may contain
4058 * the PMCG registers which are reserved by the PMU driver.
4060 smmu->base = arm_smmu_ioremap(dev, ioaddr, ARM_SMMU_REG_SZ);
4061 if (IS_ERR(smmu->base))
4062 return PTR_ERR(smmu->base);
4064 if (arm_smmu_resource_size(smmu) > SZ_64K) {
4065 smmu->page1 = arm_smmu_ioremap(dev, ioaddr + SZ_64K,
4067 if (IS_ERR(smmu->page1))
4068 return PTR_ERR(smmu->page1);
4070 smmu->page1 = smmu->base;
4073 /* Interrupt lines */
4075 irq = platform_get_irq_byname_optional(pdev, "combined");
4077 smmu->combined_irq = irq;
4079 irq = platform_get_irq_byname_optional(pdev, "eventq");
4081 smmu->evtq.q.irq = irq;
4083 irq = platform_get_irq_byname_optional(pdev, "priq");
4085 smmu->priq.q.irq = irq;
4087 irq = platform_get_irq_byname_optional(pdev, "gerror");
4089 smmu->gerr_irq = irq;
4092 ret = arm_smmu_device_hw_probe(smmu);
4096 /* Initialise in-memory data structures */
4097 ret = arm_smmu_init_structures(smmu);
4101 /* Record our private device structure */
4102 platform_set_drvdata(pdev, smmu);
4104 /* Reset the device */
4105 ret = arm_smmu_device_reset(smmu, bypass);
4109 /* And we're up. Go go go! */
4110 ret = iommu_device_sysfs_add(&smmu->iommu, dev, NULL,
4111 "smmu3.%pa", &ioaddr);
4115 iommu_device_set_ops(&smmu->iommu, &arm_smmu_ops);
4116 iommu_device_set_fwnode(&smmu->iommu, dev->fwnode);
4118 ret = iommu_device_register(&smmu->iommu);
4120 dev_err(dev, "Failed to register iommu\n");
4124 return arm_smmu_set_bus_ops(&arm_smmu_ops);
4127 static int arm_smmu_device_remove(struct platform_device *pdev)
4129 struct arm_smmu_device *smmu = platform_get_drvdata(pdev);
4131 arm_smmu_set_bus_ops(NULL);
4132 iommu_device_unregister(&smmu->iommu);
4133 iommu_device_sysfs_remove(&smmu->iommu);
4134 arm_smmu_device_disable(smmu);
4139 static void arm_smmu_device_shutdown(struct platform_device *pdev)
4141 arm_smmu_device_remove(pdev);
4144 static const struct of_device_id arm_smmu_of_match[] = {
4145 { .compatible = "arm,smmu-v3", },
4148 MODULE_DEVICE_TABLE(of, arm_smmu_of_match);
4150 static struct platform_driver arm_smmu_driver = {
4152 .name = "arm-smmu-v3",
4153 .of_match_table = arm_smmu_of_match,
4154 .suppress_bind_attrs = true,
4156 .probe = arm_smmu_device_probe,
4157 .remove = arm_smmu_device_remove,
4158 .shutdown = arm_smmu_device_shutdown,
4160 module_platform_driver(arm_smmu_driver);
4162 MODULE_DESCRIPTION("IOMMU API for ARM architected SMMUv3 implementations");
4163 MODULE_AUTHOR("Will Deacon <will@kernel.org>");
4164 MODULE_ALIAS("platform:arm-smmu-v3");
4165 MODULE_LICENSE("GPL v2");
projects / linux-2.6-microblaze.git / blob