1 // SPDX-License-Identifier: GPL-2.0-only
3 * Copyright (C) 2007-2010 Advanced Micro Devices, Inc.
4 * Author: Joerg Roedel <jroedel@suse.de>
5 * Leo Duran <leo.duran@amd.com>
8 #define pr_fmt(fmt) "AMD-Vi: " fmt
9 #define dev_fmt(fmt) pr_fmt(fmt)
11 #include <linux/ratelimit.h>
12 #include <linux/pci.h>
13 #include <linux/acpi.h>
14 #include <linux/amba/bus.h>
15 #include <linux/platform_device.h>
16 #include <linux/pci-ats.h>
17 #include <linux/bitmap.h>
18 #include <linux/slab.h>
19 #include <linux/debugfs.h>
20 #include <linux/scatterlist.h>
21 #include <linux/dma-mapping.h>
22 #include <linux/dma-direct.h>
23 #include <linux/dma-iommu.h>
24 #include <linux/iommu-helper.h>
25 #include <linux/delay.h>
26 #include <linux/amd-iommu.h>
27 #include <linux/notifier.h>
28 #include <linux/export.h>
29 #include <linux/irq.h>
30 #include <linux/msi.h>
31 #include <linux/dma-contiguous.h>
32 #include <linux/irqdomain.h>
33 #include <linux/percpu.h>
34 #include <linux/iova.h>
35 #include <asm/irq_remapping.h>
36 #include <asm/io_apic.h>
38 #include <asm/hw_irq.h>
39 #include <asm/msidef.h>
40 #include <asm/proto.h>
41 #include <asm/iommu.h>
45 #include "amd_iommu.h"
46 #include "../irq_remapping.h"
48 #define CMD_SET_TYPE(cmd, t) ((cmd)->data[1] |= ((t) << 28))
50 #define LOOP_TIMEOUT 100000
52 /* IO virtual address start page frame number */
53 #define IOVA_START_PFN (1)
54 #define IOVA_PFN(addr) ((addr) >> PAGE_SHIFT)
56 /* Reserved IOVA ranges */
57 #define MSI_RANGE_START (0xfee00000)
58 #define MSI_RANGE_END (0xfeefffff)
59 #define HT_RANGE_START (0xfd00000000ULL)
60 #define HT_RANGE_END (0xffffffffffULL)
63 * This bitmap is used to advertise the page sizes our hardware support
64 * to the IOMMU core, which will then use this information to split
65 * physically contiguous memory regions it is mapping into page sizes
68 * 512GB Pages are not supported due to a hardware bug
70 #define AMD_IOMMU_PGSIZES ((~0xFFFUL) & ~(2ULL << 38))
72 #define DEFAULT_PGTABLE_LEVEL PAGE_MODE_3_LEVEL
74 static DEFINE_SPINLOCK(pd_bitmap_lock);
76 /* List of all available dev_data structures */
77 static LLIST_HEAD(dev_data_list);
79 LIST_HEAD(ioapic_map);
81 LIST_HEAD(acpihid_map);
84 * Domain for untranslated devices - only allocated
85 * if iommu=pt passed on kernel cmd line.
87 const struct iommu_ops amd_iommu_ops;
89 static ATOMIC_NOTIFIER_HEAD(ppr_notifier);
90 int amd_iommu_max_glx_val = -1;
93 * general struct to manage commands send to an IOMMU
99 struct kmem_cache *amd_iommu_irq_cache;
101 static void update_domain(struct protection_domain *domain);
102 static void detach_device(struct device *dev);
103 static void update_and_flush_device_table(struct protection_domain *domain,
104 struct domain_pgtable *pgtable);
106 /****************************************************************************
110 ****************************************************************************/
112 static inline u16 get_pci_device_id(struct device *dev)
114 struct pci_dev *pdev = to_pci_dev(dev);
116 return pci_dev_id(pdev);
119 static inline int get_acpihid_device_id(struct device *dev,
120 struct acpihid_map_entry **entry)
122 struct acpi_device *adev = ACPI_COMPANION(dev);
123 struct acpihid_map_entry *p;
128 list_for_each_entry(p, &acpihid_map, list) {
129 if (acpi_dev_hid_uid_match(adev, p->hid,
130 p->uid[0] ? p->uid : NULL)) {
139 static inline int get_device_id(struct device *dev)
144 devid = get_pci_device_id(dev);
146 devid = get_acpihid_device_id(dev, NULL);
151 static struct protection_domain *to_pdomain(struct iommu_domain *dom)
153 return container_of(dom, struct protection_domain, domain);
156 static void amd_iommu_domain_get_pgtable(struct protection_domain *domain,
157 struct domain_pgtable *pgtable)
159 u64 pt_root = atomic64_read(&domain->pt_root);
161 pgtable->root = (u64 *)(pt_root & PAGE_MASK);
162 pgtable->mode = pt_root & 7; /* lowest 3 bits encode pgtable mode */
165 static void amd_iommu_domain_set_pt_root(struct protection_domain *domain, u64 root)
167 atomic64_set(&domain->pt_root, root);
170 static void amd_iommu_domain_clr_pt_root(struct protection_domain *domain)
172 amd_iommu_domain_set_pt_root(domain, 0);
175 static void amd_iommu_domain_set_pgtable(struct protection_domain *domain,
180 /* lowest 3 bits encode pgtable mode */
182 pt_root |= (u64)root;
184 amd_iommu_domain_set_pt_root(domain, pt_root);
187 static struct iommu_dev_data *alloc_dev_data(u16 devid)
189 struct iommu_dev_data *dev_data;
191 dev_data = kzalloc(sizeof(*dev_data), GFP_KERNEL);
195 spin_lock_init(&dev_data->lock);
196 dev_data->devid = devid;
197 ratelimit_default_init(&dev_data->rs);
199 llist_add(&dev_data->dev_data_list, &dev_data_list);
203 static struct iommu_dev_data *search_dev_data(u16 devid)
205 struct iommu_dev_data *dev_data;
206 struct llist_node *node;
208 if (llist_empty(&dev_data_list))
211 node = dev_data_list.first;
212 llist_for_each_entry(dev_data, node, dev_data_list) {
213 if (dev_data->devid == devid)
220 static int clone_alias(struct pci_dev *pdev, u16 alias, void *data)
222 u16 devid = pci_dev_id(pdev);
227 amd_iommu_rlookup_table[alias] =
228 amd_iommu_rlookup_table[devid];
229 memcpy(amd_iommu_dev_table[alias].data,
230 amd_iommu_dev_table[devid].data,
231 sizeof(amd_iommu_dev_table[alias].data));
236 static void clone_aliases(struct pci_dev *pdev)
242 * The IVRS alias stored in the alias table may not be
243 * part of the PCI DMA aliases if it's bus differs
244 * from the original device.
246 clone_alias(pdev, amd_iommu_alias_table[pci_dev_id(pdev)], NULL);
248 pci_for_each_dma_alias(pdev, clone_alias, NULL);
251 static struct pci_dev *setup_aliases(struct device *dev)
253 struct pci_dev *pdev = to_pci_dev(dev);
256 /* For ACPI HID devices, there are no aliases */
257 if (!dev_is_pci(dev))
261 * Add the IVRS alias to the pci aliases if it is on the same
262 * bus. The IVRS table may know about a quirk that we don't.
264 ivrs_alias = amd_iommu_alias_table[pci_dev_id(pdev)];
265 if (ivrs_alias != pci_dev_id(pdev) &&
266 PCI_BUS_NUM(ivrs_alias) == pdev->bus->number)
267 pci_add_dma_alias(pdev, ivrs_alias & 0xff, 1);
274 static struct iommu_dev_data *find_dev_data(u16 devid)
276 struct iommu_dev_data *dev_data;
277 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
279 dev_data = search_dev_data(devid);
281 if (dev_data == NULL) {
282 dev_data = alloc_dev_data(devid);
286 if (translation_pre_enabled(iommu))
287 dev_data->defer_attach = true;
294 * Find or create an IOMMU group for a acpihid device.
296 static struct iommu_group *acpihid_device_group(struct device *dev)
298 struct acpihid_map_entry *p, *entry = NULL;
301 devid = get_acpihid_device_id(dev, &entry);
303 return ERR_PTR(devid);
305 list_for_each_entry(p, &acpihid_map, list) {
306 if ((devid == p->devid) && p->group)
307 entry->group = p->group;
311 entry->group = generic_device_group(dev);
313 iommu_group_ref_get(entry->group);
318 static bool pci_iommuv2_capable(struct pci_dev *pdev)
320 static const int caps[] = {
322 PCI_EXT_CAP_ID_PASID,
326 if (!pci_ats_supported(pdev))
329 for (i = 0; i < 2; ++i) {
330 pos = pci_find_ext_capability(pdev, caps[i]);
338 static bool pdev_pri_erratum(struct pci_dev *pdev, u32 erratum)
340 struct iommu_dev_data *dev_data;
342 dev_data = dev_iommu_priv_get(&pdev->dev);
344 return dev_data->errata & (1 << erratum) ? true : false;
348 * This function checks if the driver got a valid device from the caller to
349 * avoid dereferencing invalid pointers.
351 static bool check_device(struct device *dev)
358 devid = get_device_id(dev);
362 /* Out of our scope? */
363 if (devid > amd_iommu_last_bdf)
366 if (amd_iommu_rlookup_table[devid] == NULL)
372 static int iommu_init_device(struct device *dev)
374 struct iommu_dev_data *dev_data;
377 if (dev_iommu_priv_get(dev))
380 devid = get_device_id(dev);
384 dev_data = find_dev_data(devid);
388 dev_data->pdev = setup_aliases(dev);
391 * By default we use passthrough mode for IOMMUv2 capable device.
392 * But if amd_iommu=force_isolation is set (e.g. to debug DMA to
393 * invalid address), we ignore the capability for the device so
394 * it'll be forced to go into translation mode.
396 if ((iommu_default_passthrough() || !amd_iommu_force_isolation) &&
397 dev_is_pci(dev) && pci_iommuv2_capable(to_pci_dev(dev))) {
398 struct amd_iommu *iommu;
400 iommu = amd_iommu_rlookup_table[dev_data->devid];
401 dev_data->iommu_v2 = iommu->is_iommu_v2;
404 dev_iommu_priv_set(dev, dev_data);
409 static void iommu_ignore_device(struct device *dev)
413 devid = get_device_id(dev);
417 amd_iommu_rlookup_table[devid] = NULL;
418 memset(&amd_iommu_dev_table[devid], 0, sizeof(struct dev_table_entry));
423 static void amd_iommu_uninit_device(struct device *dev)
425 struct iommu_dev_data *dev_data;
427 dev_data = dev_iommu_priv_get(dev);
431 if (dev_data->domain)
434 dev_iommu_priv_set(dev, NULL);
437 * We keep dev_data around for unplugged devices and reuse it when the
438 * device is re-plugged - not doing so would introduce a ton of races.
443 * Helper function to get the first pte of a large mapping
445 static u64 *first_pte_l7(u64 *pte, unsigned long *page_size,
446 unsigned long *count)
448 unsigned long pte_mask, pg_size, cnt;
451 pg_size = PTE_PAGE_SIZE(*pte);
452 cnt = PAGE_SIZE_PTE_COUNT(pg_size);
453 pte_mask = ~((cnt << 3) - 1);
454 fpte = (u64 *)(((unsigned long)pte) & pte_mask);
457 *page_size = pg_size;
465 /****************************************************************************
467 * Interrupt handling functions
469 ****************************************************************************/
471 static void dump_dte_entry(u16 devid)
475 for (i = 0; i < 4; ++i)
476 pr_err("DTE[%d]: %016llx\n", i,
477 amd_iommu_dev_table[devid].data[i]);
480 static void dump_command(unsigned long phys_addr)
482 struct iommu_cmd *cmd = iommu_phys_to_virt(phys_addr);
485 for (i = 0; i < 4; ++i)
486 pr_err("CMD[%d]: %08x\n", i, cmd->data[i]);
489 static void amd_iommu_report_page_fault(u16 devid, u16 domain_id,
490 u64 address, int flags)
492 struct iommu_dev_data *dev_data = NULL;
493 struct pci_dev *pdev;
495 pdev = pci_get_domain_bus_and_slot(0, PCI_BUS_NUM(devid),
498 dev_data = dev_iommu_priv_get(&pdev->dev);
500 if (dev_data && __ratelimit(&dev_data->rs)) {
501 pci_err(pdev, "Event logged [IO_PAGE_FAULT domain=0x%04x address=0x%llx flags=0x%04x]\n",
502 domain_id, address, flags);
503 } else if (printk_ratelimit()) {
504 pr_err("Event logged [IO_PAGE_FAULT device=%02x:%02x.%x domain=0x%04x address=0x%llx flags=0x%04x]\n",
505 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
506 domain_id, address, flags);
513 static void iommu_print_event(struct amd_iommu *iommu, void *__evt)
515 struct device *dev = iommu->iommu.dev;
516 int type, devid, pasid, flags, tag;
517 volatile u32 *event = __evt;
522 type = (event[1] >> EVENT_TYPE_SHIFT) & EVENT_TYPE_MASK;
523 devid = (event[0] >> EVENT_DEVID_SHIFT) & EVENT_DEVID_MASK;
524 pasid = (event[0] & EVENT_DOMID_MASK_HI) |
525 (event[1] & EVENT_DOMID_MASK_LO);
526 flags = (event[1] >> EVENT_FLAGS_SHIFT) & EVENT_FLAGS_MASK;
527 address = (u64)(((u64)event[3]) << 32) | event[2];
530 /* Did we hit the erratum? */
531 if (++count == LOOP_TIMEOUT) {
532 pr_err("No event written to event log\n");
539 if (type == EVENT_TYPE_IO_FAULT) {
540 amd_iommu_report_page_fault(devid, pasid, address, flags);
545 case EVENT_TYPE_ILL_DEV:
546 dev_err(dev, "Event logged [ILLEGAL_DEV_TABLE_ENTRY device=%02x:%02x.%x pasid=0x%05x address=0x%llx flags=0x%04x]\n",
547 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
548 pasid, address, flags);
549 dump_dte_entry(devid);
551 case EVENT_TYPE_DEV_TAB_ERR:
552 dev_err(dev, "Event logged [DEV_TAB_HARDWARE_ERROR device=%02x:%02x.%x "
553 "address=0x%llx flags=0x%04x]\n",
554 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
557 case EVENT_TYPE_PAGE_TAB_ERR:
558 dev_err(dev, "Event logged [PAGE_TAB_HARDWARE_ERROR device=%02x:%02x.%x pasid=0x%04x address=0x%llx flags=0x%04x]\n",
559 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
560 pasid, address, flags);
562 case EVENT_TYPE_ILL_CMD:
563 dev_err(dev, "Event logged [ILLEGAL_COMMAND_ERROR address=0x%llx]\n", address);
564 dump_command(address);
566 case EVENT_TYPE_CMD_HARD_ERR:
567 dev_err(dev, "Event logged [COMMAND_HARDWARE_ERROR address=0x%llx flags=0x%04x]\n",
570 case EVENT_TYPE_IOTLB_INV_TO:
571 dev_err(dev, "Event logged [IOTLB_INV_TIMEOUT device=%02x:%02x.%x address=0x%llx]\n",
572 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
575 case EVENT_TYPE_INV_DEV_REQ:
576 dev_err(dev, "Event logged [INVALID_DEVICE_REQUEST device=%02x:%02x.%x pasid=0x%05x address=0x%llx flags=0x%04x]\n",
577 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
578 pasid, address, flags);
580 case EVENT_TYPE_INV_PPR_REQ:
581 pasid = PPR_PASID(*((u64 *)__evt));
582 tag = event[1] & 0x03FF;
583 dev_err(dev, "Event logged [INVALID_PPR_REQUEST device=%02x:%02x.%x pasid=0x%05x address=0x%llx flags=0x%04x tag=0x%03x]\n",
584 PCI_BUS_NUM(devid), PCI_SLOT(devid), PCI_FUNC(devid),
585 pasid, address, flags, tag);
588 dev_err(dev, "Event logged [UNKNOWN event[0]=0x%08x event[1]=0x%08x event[2]=0x%08x event[3]=0x%08x\n",
589 event[0], event[1], event[2], event[3]);
592 memset(__evt, 0, 4 * sizeof(u32));
595 static void iommu_poll_events(struct amd_iommu *iommu)
599 head = readl(iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
600 tail = readl(iommu->mmio_base + MMIO_EVT_TAIL_OFFSET);
602 while (head != tail) {
603 iommu_print_event(iommu, iommu->evt_buf + head);
604 head = (head + EVENT_ENTRY_SIZE) % EVT_BUFFER_SIZE;
607 writel(head, iommu->mmio_base + MMIO_EVT_HEAD_OFFSET);
610 static void iommu_handle_ppr_entry(struct amd_iommu *iommu, u64 *raw)
612 struct amd_iommu_fault fault;
614 if (PPR_REQ_TYPE(raw[0]) != PPR_REQ_FAULT) {
615 pr_err_ratelimited("Unknown PPR request received\n");
619 fault.address = raw[1];
620 fault.pasid = PPR_PASID(raw[0]);
621 fault.device_id = PPR_DEVID(raw[0]);
622 fault.tag = PPR_TAG(raw[0]);
623 fault.flags = PPR_FLAGS(raw[0]);
625 atomic_notifier_call_chain(&ppr_notifier, 0, &fault);
628 static void iommu_poll_ppr_log(struct amd_iommu *iommu)
632 if (iommu->ppr_log == NULL)
635 head = readl(iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
636 tail = readl(iommu->mmio_base + MMIO_PPR_TAIL_OFFSET);
638 while (head != tail) {
643 raw = (u64 *)(iommu->ppr_log + head);
646 * Hardware bug: Interrupt may arrive before the entry is
647 * written to memory. If this happens we need to wait for the
650 for (i = 0; i < LOOP_TIMEOUT; ++i) {
651 if (PPR_REQ_TYPE(raw[0]) != 0)
656 /* Avoid memcpy function-call overhead */
661 * To detect the hardware bug we need to clear the entry
664 raw[0] = raw[1] = 0UL;
666 /* Update head pointer of hardware ring-buffer */
667 head = (head + PPR_ENTRY_SIZE) % PPR_LOG_SIZE;
668 writel(head, iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
670 /* Handle PPR entry */
671 iommu_handle_ppr_entry(iommu, entry);
673 /* Refresh ring-buffer information */
674 head = readl(iommu->mmio_base + MMIO_PPR_HEAD_OFFSET);
675 tail = readl(iommu->mmio_base + MMIO_PPR_TAIL_OFFSET);
679 #ifdef CONFIG_IRQ_REMAP
680 static int (*iommu_ga_log_notifier)(u32);
682 int amd_iommu_register_ga_log_notifier(int (*notifier)(u32))
684 iommu_ga_log_notifier = notifier;
688 EXPORT_SYMBOL(amd_iommu_register_ga_log_notifier);
690 static void iommu_poll_ga_log(struct amd_iommu *iommu)
692 u32 head, tail, cnt = 0;
694 if (iommu->ga_log == NULL)
697 head = readl(iommu->mmio_base + MMIO_GA_HEAD_OFFSET);
698 tail = readl(iommu->mmio_base + MMIO_GA_TAIL_OFFSET);
700 while (head != tail) {
704 raw = (u64 *)(iommu->ga_log + head);
707 /* Avoid memcpy function-call overhead */
710 /* Update head pointer of hardware ring-buffer */
711 head = (head + GA_ENTRY_SIZE) % GA_LOG_SIZE;
712 writel(head, iommu->mmio_base + MMIO_GA_HEAD_OFFSET);
714 /* Handle GA entry */
715 switch (GA_REQ_TYPE(log_entry)) {
717 if (!iommu_ga_log_notifier)
720 pr_debug("%s: devid=%#x, ga_tag=%#x\n",
721 __func__, GA_DEVID(log_entry),
724 if (iommu_ga_log_notifier(GA_TAG(log_entry)) != 0)
725 pr_err("GA log notifier failed.\n");
732 #endif /* CONFIG_IRQ_REMAP */
734 #define AMD_IOMMU_INT_MASK \
735 (MMIO_STATUS_EVT_INT_MASK | \
736 MMIO_STATUS_PPR_INT_MASK | \
737 MMIO_STATUS_GALOG_INT_MASK)
739 irqreturn_t amd_iommu_int_thread(int irq, void *data)
741 struct amd_iommu *iommu = (struct amd_iommu *) data;
742 u32 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
744 while (status & AMD_IOMMU_INT_MASK) {
745 /* Enable EVT and PPR and GA interrupts again */
746 writel(AMD_IOMMU_INT_MASK,
747 iommu->mmio_base + MMIO_STATUS_OFFSET);
749 if (status & MMIO_STATUS_EVT_INT_MASK) {
750 pr_devel("Processing IOMMU Event Log\n");
751 iommu_poll_events(iommu);
754 if (status & MMIO_STATUS_PPR_INT_MASK) {
755 pr_devel("Processing IOMMU PPR Log\n");
756 iommu_poll_ppr_log(iommu);
759 #ifdef CONFIG_IRQ_REMAP
760 if (status & MMIO_STATUS_GALOG_INT_MASK) {
761 pr_devel("Processing IOMMU GA Log\n");
762 iommu_poll_ga_log(iommu);
767 * Hardware bug: ERBT1312
768 * When re-enabling interrupt (by writing 1
769 * to clear the bit), the hardware might also try to set
770 * the interrupt bit in the event status register.
771 * In this scenario, the bit will be set, and disable
772 * subsequent interrupts.
774 * Workaround: The IOMMU driver should read back the
775 * status register and check if the interrupt bits are cleared.
776 * If not, driver will need to go through the interrupt handler
777 * again and re-clear the bits
779 status = readl(iommu->mmio_base + MMIO_STATUS_OFFSET);
784 irqreturn_t amd_iommu_int_handler(int irq, void *data)
786 return IRQ_WAKE_THREAD;
789 /****************************************************************************
791 * IOMMU command queuing functions
793 ****************************************************************************/
795 static int wait_on_sem(volatile u64 *sem)
799 while (*sem == 0 && i < LOOP_TIMEOUT) {
804 if (i == LOOP_TIMEOUT) {
805 pr_alert("Completion-Wait loop timed out\n");
812 static void copy_cmd_to_buffer(struct amd_iommu *iommu,
813 struct iommu_cmd *cmd)
818 /* Copy command to buffer */
819 tail = iommu->cmd_buf_tail;
820 target = iommu->cmd_buf + tail;
821 memcpy(target, cmd, sizeof(*cmd));
823 tail = (tail + sizeof(*cmd)) % CMD_BUFFER_SIZE;
824 iommu->cmd_buf_tail = tail;
826 /* Tell the IOMMU about it */
827 writel(tail, iommu->mmio_base + MMIO_CMD_TAIL_OFFSET);
830 static void build_completion_wait(struct iommu_cmd *cmd, u64 address)
832 u64 paddr = iommu_virt_to_phys((void *)address);
834 WARN_ON(address & 0x7ULL);
836 memset(cmd, 0, sizeof(*cmd));
837 cmd->data[0] = lower_32_bits(paddr) | CMD_COMPL_WAIT_STORE_MASK;
838 cmd->data[1] = upper_32_bits(paddr);
840 CMD_SET_TYPE(cmd, CMD_COMPL_WAIT);
843 static void build_inv_dte(struct iommu_cmd *cmd, u16 devid)
845 memset(cmd, 0, sizeof(*cmd));
846 cmd->data[0] = devid;
847 CMD_SET_TYPE(cmd, CMD_INV_DEV_ENTRY);
850 static void build_inv_iommu_pages(struct iommu_cmd *cmd, u64 address,
851 size_t size, u16 domid, int pde)
856 pages = iommu_num_pages(address, size, PAGE_SIZE);
861 * If we have to flush more than one page, flush all
862 * TLB entries for this domain
864 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
868 address &= PAGE_MASK;
870 memset(cmd, 0, sizeof(*cmd));
871 cmd->data[1] |= domid;
872 cmd->data[2] = lower_32_bits(address);
873 cmd->data[3] = upper_32_bits(address);
874 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
875 if (s) /* size bit - we flush more than one 4kb page */
876 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
877 if (pde) /* PDE bit - we want to flush everything, not only the PTEs */
878 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
881 static void build_inv_iotlb_pages(struct iommu_cmd *cmd, u16 devid, int qdep,
882 u64 address, size_t size)
887 pages = iommu_num_pages(address, size, PAGE_SIZE);
892 * If we have to flush more than one page, flush all
893 * TLB entries for this domain
895 address = CMD_INV_IOMMU_ALL_PAGES_ADDRESS;
899 address &= PAGE_MASK;
901 memset(cmd, 0, sizeof(*cmd));
902 cmd->data[0] = devid;
903 cmd->data[0] |= (qdep & 0xff) << 24;
904 cmd->data[1] = devid;
905 cmd->data[2] = lower_32_bits(address);
906 cmd->data[3] = upper_32_bits(address);
907 CMD_SET_TYPE(cmd, CMD_INV_IOTLB_PAGES);
909 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
912 static void build_inv_iommu_pasid(struct iommu_cmd *cmd, u16 domid, int pasid,
913 u64 address, bool size)
915 memset(cmd, 0, sizeof(*cmd));
917 address &= ~(0xfffULL);
919 cmd->data[0] = pasid;
920 cmd->data[1] = domid;
921 cmd->data[2] = lower_32_bits(address);
922 cmd->data[3] = upper_32_bits(address);
923 cmd->data[2] |= CMD_INV_IOMMU_PAGES_PDE_MASK;
924 cmd->data[2] |= CMD_INV_IOMMU_PAGES_GN_MASK;
926 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
927 CMD_SET_TYPE(cmd, CMD_INV_IOMMU_PAGES);
930 static void build_inv_iotlb_pasid(struct iommu_cmd *cmd, u16 devid, int pasid,
931 int qdep, u64 address, bool size)
933 memset(cmd, 0, sizeof(*cmd));
935 address &= ~(0xfffULL);
937 cmd->data[0] = devid;
938 cmd->data[0] |= ((pasid >> 8) & 0xff) << 16;
939 cmd->data[0] |= (qdep & 0xff) << 24;
940 cmd->data[1] = devid;
941 cmd->data[1] |= (pasid & 0xff) << 16;
942 cmd->data[2] = lower_32_bits(address);
943 cmd->data[2] |= CMD_INV_IOMMU_PAGES_GN_MASK;
944 cmd->data[3] = upper_32_bits(address);
946 cmd->data[2] |= CMD_INV_IOMMU_PAGES_SIZE_MASK;
947 CMD_SET_TYPE(cmd, CMD_INV_IOTLB_PAGES);
950 static void build_complete_ppr(struct iommu_cmd *cmd, u16 devid, int pasid,
951 int status, int tag, bool gn)
953 memset(cmd, 0, sizeof(*cmd));
955 cmd->data[0] = devid;
957 cmd->data[1] = pasid;
958 cmd->data[2] = CMD_INV_IOMMU_PAGES_GN_MASK;
960 cmd->data[3] = tag & 0x1ff;
961 cmd->data[3] |= (status & PPR_STATUS_MASK) << PPR_STATUS_SHIFT;
963 CMD_SET_TYPE(cmd, CMD_COMPLETE_PPR);
966 static void build_inv_all(struct iommu_cmd *cmd)
968 memset(cmd, 0, sizeof(*cmd));
969 CMD_SET_TYPE(cmd, CMD_INV_ALL);
972 static void build_inv_irt(struct iommu_cmd *cmd, u16 devid)
974 memset(cmd, 0, sizeof(*cmd));
975 cmd->data[0] = devid;
976 CMD_SET_TYPE(cmd, CMD_INV_IRT);
980 * Writes the command to the IOMMUs command buffer and informs the
981 * hardware about the new command.
983 static int __iommu_queue_command_sync(struct amd_iommu *iommu,
984 struct iommu_cmd *cmd,
987 unsigned int count = 0;
990 next_tail = (iommu->cmd_buf_tail + sizeof(*cmd)) % CMD_BUFFER_SIZE;
992 left = (iommu->cmd_buf_head - next_tail) % CMD_BUFFER_SIZE;
995 /* Skip udelay() the first time around */
997 if (count == LOOP_TIMEOUT) {
998 pr_err("Command buffer timeout\n");
1005 /* Update head and recheck remaining space */
1006 iommu->cmd_buf_head = readl(iommu->mmio_base +
1007 MMIO_CMD_HEAD_OFFSET);
1012 copy_cmd_to_buffer(iommu, cmd);
1014 /* Do we need to make sure all commands are processed? */
1015 iommu->need_sync = sync;
1020 static int iommu_queue_command_sync(struct amd_iommu *iommu,
1021 struct iommu_cmd *cmd,
1024 unsigned long flags;
1027 raw_spin_lock_irqsave(&iommu->lock, flags);
1028 ret = __iommu_queue_command_sync(iommu, cmd, sync);
1029 raw_spin_unlock_irqrestore(&iommu->lock, flags);
1034 static int iommu_queue_command(struct amd_iommu *iommu, struct iommu_cmd *cmd)
1036 return iommu_queue_command_sync(iommu, cmd, true);
1040 * This function queues a completion wait command into the command
1041 * buffer of an IOMMU
1043 static int iommu_completion_wait(struct amd_iommu *iommu)
1045 struct iommu_cmd cmd;
1046 unsigned long flags;
1049 if (!iommu->need_sync)
1053 build_completion_wait(&cmd, (u64)&iommu->cmd_sem);
1055 raw_spin_lock_irqsave(&iommu->lock, flags);
1059 ret = __iommu_queue_command_sync(iommu, &cmd, false);
1063 ret = wait_on_sem(&iommu->cmd_sem);
1066 raw_spin_unlock_irqrestore(&iommu->lock, flags);
1071 static int iommu_flush_dte(struct amd_iommu *iommu, u16 devid)
1073 struct iommu_cmd cmd;
1075 build_inv_dte(&cmd, devid);
1077 return iommu_queue_command(iommu, &cmd);
1080 static void amd_iommu_flush_dte_all(struct amd_iommu *iommu)
1084 for (devid = 0; devid <= 0xffff; ++devid)
1085 iommu_flush_dte(iommu, devid);
1087 iommu_completion_wait(iommu);
1091 * This function uses heavy locking and may disable irqs for some time. But
1092 * this is no issue because it is only called during resume.
1094 static void amd_iommu_flush_tlb_all(struct amd_iommu *iommu)
1098 for (dom_id = 0; dom_id <= 0xffff; ++dom_id) {
1099 struct iommu_cmd cmd;
1100 build_inv_iommu_pages(&cmd, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
1102 iommu_queue_command(iommu, &cmd);
1105 iommu_completion_wait(iommu);
1108 static void amd_iommu_flush_tlb_domid(struct amd_iommu *iommu, u32 dom_id)
1110 struct iommu_cmd cmd;
1112 build_inv_iommu_pages(&cmd, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
1114 iommu_queue_command(iommu, &cmd);
1116 iommu_completion_wait(iommu);
1119 static void amd_iommu_flush_all(struct amd_iommu *iommu)
1121 struct iommu_cmd cmd;
1123 build_inv_all(&cmd);
1125 iommu_queue_command(iommu, &cmd);
1126 iommu_completion_wait(iommu);
1129 static void iommu_flush_irt(struct amd_iommu *iommu, u16 devid)
1131 struct iommu_cmd cmd;
1133 build_inv_irt(&cmd, devid);
1135 iommu_queue_command(iommu, &cmd);
1138 static void amd_iommu_flush_irt_all(struct amd_iommu *iommu)
1142 for (devid = 0; devid <= MAX_DEV_TABLE_ENTRIES; devid++)
1143 iommu_flush_irt(iommu, devid);
1145 iommu_completion_wait(iommu);
1148 void iommu_flush_all_caches(struct amd_iommu *iommu)
1150 if (iommu_feature(iommu, FEATURE_IA)) {
1151 amd_iommu_flush_all(iommu);
1153 amd_iommu_flush_dte_all(iommu);
1154 amd_iommu_flush_irt_all(iommu);
1155 amd_iommu_flush_tlb_all(iommu);
1160 * Command send function for flushing on-device TLB
1162 static int device_flush_iotlb(struct iommu_dev_data *dev_data,
1163 u64 address, size_t size)
1165 struct amd_iommu *iommu;
1166 struct iommu_cmd cmd;
1169 qdep = dev_data->ats.qdep;
1170 iommu = amd_iommu_rlookup_table[dev_data->devid];
1172 build_inv_iotlb_pages(&cmd, dev_data->devid, qdep, address, size);
1174 return iommu_queue_command(iommu, &cmd);
1177 static int device_flush_dte_alias(struct pci_dev *pdev, u16 alias, void *data)
1179 struct amd_iommu *iommu = data;
1181 return iommu_flush_dte(iommu, alias);
1185 * Command send function for invalidating a device table entry
1187 static int device_flush_dte(struct iommu_dev_data *dev_data)
1189 struct amd_iommu *iommu;
1193 iommu = amd_iommu_rlookup_table[dev_data->devid];
1196 ret = pci_for_each_dma_alias(dev_data->pdev,
1197 device_flush_dte_alias, iommu);
1199 ret = iommu_flush_dte(iommu, dev_data->devid);
1203 alias = amd_iommu_alias_table[dev_data->devid];
1204 if (alias != dev_data->devid) {
1205 ret = iommu_flush_dte(iommu, alias);
1210 if (dev_data->ats.enabled)
1211 ret = device_flush_iotlb(dev_data, 0, ~0UL);
1217 * TLB invalidation function which is called from the mapping functions.
1218 * It invalidates a single PTE if the range to flush is within a single
1219 * page. Otherwise it flushes the whole TLB of the IOMMU.
1221 static void __domain_flush_pages(struct protection_domain *domain,
1222 u64 address, size_t size, int pde)
1224 struct iommu_dev_data *dev_data;
1225 struct iommu_cmd cmd;
1228 build_inv_iommu_pages(&cmd, address, size, domain->id, pde);
1230 for (i = 0; i < amd_iommu_get_num_iommus(); ++i) {
1231 if (!domain->dev_iommu[i])
1235 * Devices of this domain are behind this IOMMU
1236 * We need a TLB flush
1238 ret |= iommu_queue_command(amd_iommus[i], &cmd);
1241 list_for_each_entry(dev_data, &domain->dev_list, list) {
1243 if (!dev_data->ats.enabled)
1246 ret |= device_flush_iotlb(dev_data, address, size);
1252 static void domain_flush_pages(struct protection_domain *domain,
1253 u64 address, size_t size)
1255 __domain_flush_pages(domain, address, size, 0);
1258 /* Flush the whole IO/TLB for a given protection domain - including PDE */
1259 static void domain_flush_tlb_pde(struct protection_domain *domain)
1261 __domain_flush_pages(domain, 0, CMD_INV_IOMMU_ALL_PAGES_ADDRESS, 1);
1264 static void domain_flush_complete(struct protection_domain *domain)
1268 for (i = 0; i < amd_iommu_get_num_iommus(); ++i) {
1269 if (domain && !domain->dev_iommu[i])
1273 * Devices of this domain are behind this IOMMU
1274 * We need to wait for completion of all commands.
1276 iommu_completion_wait(amd_iommus[i]);
1280 /* Flush the not present cache if it exists */
1281 static void domain_flush_np_cache(struct protection_domain *domain,
1282 dma_addr_t iova, size_t size)
1284 if (unlikely(amd_iommu_np_cache)) {
1285 unsigned long flags;
1287 spin_lock_irqsave(&domain->lock, flags);
1288 domain_flush_pages(domain, iova, size);
1289 domain_flush_complete(domain);
1290 spin_unlock_irqrestore(&domain->lock, flags);
1296 * This function flushes the DTEs for all devices in domain
1298 static void domain_flush_devices(struct protection_domain *domain)
1300 struct iommu_dev_data *dev_data;
1302 list_for_each_entry(dev_data, &domain->dev_list, list)
1303 device_flush_dte(dev_data);
1306 /****************************************************************************
1308 * The functions below are used the create the page table mappings for
1309 * unity mapped regions.
1311 ****************************************************************************/
1313 static void free_page_list(struct page *freelist)
1315 while (freelist != NULL) {
1316 unsigned long p = (unsigned long)page_address(freelist);
1317 freelist = freelist->freelist;
1322 static struct page *free_pt_page(unsigned long pt, struct page *freelist)
1324 struct page *p = virt_to_page((void *)pt);
1326 p->freelist = freelist;
1331 #define DEFINE_FREE_PT_FN(LVL, FN) \
1332 static struct page *free_pt_##LVL (unsigned long __pt, struct page *freelist) \
1340 for (i = 0; i < 512; ++i) { \
1341 /* PTE present? */ \
1342 if (!IOMMU_PTE_PRESENT(pt[i])) \
1346 if (PM_PTE_LEVEL(pt[i]) == 0 || \
1347 PM_PTE_LEVEL(pt[i]) == 7) \
1350 p = (unsigned long)IOMMU_PTE_PAGE(pt[i]); \
1351 freelist = FN(p, freelist); \
1354 return free_pt_page((unsigned long)pt, freelist); \
1357 DEFINE_FREE_PT_FN(l2, free_pt_page)
1358 DEFINE_FREE_PT_FN(l3, free_pt_l2)
1359 DEFINE_FREE_PT_FN(l4, free_pt_l3)
1360 DEFINE_FREE_PT_FN(l5, free_pt_l4)
1361 DEFINE_FREE_PT_FN(l6, free_pt_l5)
1363 static struct page *free_sub_pt(unsigned long root, int mode,
1364 struct page *freelist)
1367 case PAGE_MODE_NONE:
1368 case PAGE_MODE_7_LEVEL:
1370 case PAGE_MODE_1_LEVEL:
1371 freelist = free_pt_page(root, freelist);
1373 case PAGE_MODE_2_LEVEL:
1374 freelist = free_pt_l2(root, freelist);
1376 case PAGE_MODE_3_LEVEL:
1377 freelist = free_pt_l3(root, freelist);
1379 case PAGE_MODE_4_LEVEL:
1380 freelist = free_pt_l4(root, freelist);
1382 case PAGE_MODE_5_LEVEL:
1383 freelist = free_pt_l5(root, freelist);
1385 case PAGE_MODE_6_LEVEL:
1386 freelist = free_pt_l6(root, freelist);
1395 static void free_pagetable(struct domain_pgtable *pgtable)
1397 struct page *freelist = NULL;
1400 if (pgtable->mode == PAGE_MODE_NONE)
1403 BUG_ON(pgtable->mode < PAGE_MODE_NONE ||
1404 pgtable->mode > PAGE_MODE_6_LEVEL);
1406 root = (unsigned long)pgtable->root;
1407 freelist = free_sub_pt(root, pgtable->mode, freelist);
1409 free_page_list(freelist);
1413 * This function is used to add another level to an IO page table. Adding
1414 * another level increases the size of the address space by 9 bits to a size up
1417 static bool increase_address_space(struct protection_domain *domain,
1418 unsigned long address,
1421 struct domain_pgtable pgtable;
1422 unsigned long flags;
1426 spin_lock_irqsave(&domain->lock, flags);
1428 amd_iommu_domain_get_pgtable(domain, &pgtable);
1430 if (address <= PM_LEVEL_SIZE(pgtable.mode))
1434 if (WARN_ON_ONCE(pgtable.mode == PAGE_MODE_6_LEVEL))
1437 pte = (void *)get_zeroed_page(gfp);
1441 *pte = PM_LEVEL_PDE(pgtable.mode, iommu_virt_to_phys(pgtable.root));
1445 update_and_flush_device_table(domain, &pgtable);
1446 domain_flush_complete(domain);
1449 * Device Table needs to be updated and flushed before the new root can
1452 amd_iommu_domain_set_pgtable(domain, pte, pgtable.mode);
1457 spin_unlock_irqrestore(&domain->lock, flags);
1462 static u64 *alloc_pte(struct protection_domain *domain,
1463 unsigned long address,
1464 unsigned long page_size,
1469 struct domain_pgtable pgtable;
1473 BUG_ON(!is_power_of_2(page_size));
1475 amd_iommu_domain_get_pgtable(domain, &pgtable);
1477 while (address > PM_LEVEL_SIZE(pgtable.mode)) {
1479 * Return an error if there is no memory to update the
1482 if (!increase_address_space(domain, address, gfp))
1485 /* Read new values to check if update was successful */
1486 amd_iommu_domain_get_pgtable(domain, &pgtable);
1490 level = pgtable.mode - 1;
1491 pte = &pgtable.root[PM_LEVEL_INDEX(level, address)];
1492 address = PAGE_SIZE_ALIGN(address, page_size);
1493 end_lvl = PAGE_SIZE_LEVEL(page_size);
1495 while (level > end_lvl) {
1500 pte_level = PM_PTE_LEVEL(__pte);
1503 * If we replace a series of large PTEs, we need
1504 * to tear down all of them.
1506 if (IOMMU_PTE_PRESENT(__pte) &&
1507 pte_level == PAGE_MODE_7_LEVEL) {
1508 unsigned long count, i;
1511 lpte = first_pte_l7(pte, NULL, &count);
1514 * Unmap the replicated PTEs that still match the
1515 * original large mapping
1517 for (i = 0; i < count; ++i)
1518 cmpxchg64(&lpte[i], __pte, 0ULL);
1524 if (!IOMMU_PTE_PRESENT(__pte) ||
1525 pte_level == PAGE_MODE_NONE) {
1526 page = (u64 *)get_zeroed_page(gfp);
1531 __npte = PM_LEVEL_PDE(level, iommu_virt_to_phys(page));
1533 /* pte could have been changed somewhere. */
1534 if (cmpxchg64(pte, __pte, __npte) != __pte)
1535 free_page((unsigned long)page);
1536 else if (IOMMU_PTE_PRESENT(__pte))
1542 /* No level skipping support yet */
1543 if (pte_level != level)
1548 pte = IOMMU_PTE_PAGE(__pte);
1550 if (pte_page && level == end_lvl)
1553 pte = &pte[PM_LEVEL_INDEX(level, address)];
1560 * This function checks if there is a PTE for a given dma address. If
1561 * there is one, it returns the pointer to it.
1563 static u64 *fetch_pte(struct protection_domain *domain,
1564 unsigned long address,
1565 unsigned long *page_size)
1567 struct domain_pgtable pgtable;
1573 amd_iommu_domain_get_pgtable(domain, &pgtable);
1575 if (address > PM_LEVEL_SIZE(pgtable.mode))
1578 level = pgtable.mode - 1;
1579 pte = &pgtable.root[PM_LEVEL_INDEX(level, address)];
1580 *page_size = PTE_LEVEL_PAGE_SIZE(level);
1585 if (!IOMMU_PTE_PRESENT(*pte))
1589 if (PM_PTE_LEVEL(*pte) == 7 ||
1590 PM_PTE_LEVEL(*pte) == 0)
1593 /* No level skipping support yet */
1594 if (PM_PTE_LEVEL(*pte) != level)
1599 /* Walk to the next level */
1600 pte = IOMMU_PTE_PAGE(*pte);
1601 pte = &pte[PM_LEVEL_INDEX(level, address)];
1602 *page_size = PTE_LEVEL_PAGE_SIZE(level);
1606 * If we have a series of large PTEs, make
1607 * sure to return a pointer to the first one.
1609 if (PM_PTE_LEVEL(*pte) == PAGE_MODE_7_LEVEL)
1610 pte = first_pte_l7(pte, page_size, NULL);
1615 static struct page *free_clear_pte(u64 *pte, u64 pteval, struct page *freelist)
1620 while (cmpxchg64(pte, pteval, 0) != pteval) {
1621 pr_warn("AMD-Vi: IOMMU pte changed since we read it\n");
1625 if (!IOMMU_PTE_PRESENT(pteval))
1628 pt = (unsigned long)IOMMU_PTE_PAGE(pteval);
1629 mode = IOMMU_PTE_MODE(pteval);
1631 return free_sub_pt(pt, mode, freelist);
1635 * Generic mapping functions. It maps a physical address into a DMA
1636 * address space. It allocates the page table pages if necessary.
1637 * In the future it can be extended to a generic mapping function
1638 * supporting all features of AMD IOMMU page tables like level skipping
1639 * and full 64 bit address spaces.
1641 static int iommu_map_page(struct protection_domain *dom,
1642 unsigned long bus_addr,
1643 unsigned long phys_addr,
1644 unsigned long page_size,
1648 struct page *freelist = NULL;
1649 bool updated = false;
1653 BUG_ON(!IS_ALIGNED(bus_addr, page_size));
1654 BUG_ON(!IS_ALIGNED(phys_addr, page_size));
1657 if (!(prot & IOMMU_PROT_MASK))
1660 count = PAGE_SIZE_PTE_COUNT(page_size);
1661 pte = alloc_pte(dom, bus_addr, page_size, NULL, gfp, &updated);
1667 for (i = 0; i < count; ++i)
1668 freelist = free_clear_pte(&pte[i], pte[i], freelist);
1670 if (freelist != NULL)
1674 __pte = PAGE_SIZE_PTE(__sme_set(phys_addr), page_size);
1675 __pte |= PM_LEVEL_ENC(7) | IOMMU_PTE_PR | IOMMU_PTE_FC;
1677 __pte = __sme_set(phys_addr) | IOMMU_PTE_PR | IOMMU_PTE_FC;
1679 if (prot & IOMMU_PROT_IR)
1680 __pte |= IOMMU_PTE_IR;
1681 if (prot & IOMMU_PROT_IW)
1682 __pte |= IOMMU_PTE_IW;
1684 for (i = 0; i < count; ++i)
1691 unsigned long flags;
1693 spin_lock_irqsave(&dom->lock, flags);
1695 * Flush domain TLB(s) and wait for completion. Any Device-Table
1696 * Updates and flushing already happened in
1697 * increase_address_space().
1699 domain_flush_tlb_pde(dom);
1700 domain_flush_complete(dom);
1701 spin_unlock_irqrestore(&dom->lock, flags);
1704 /* Everything flushed out, free pages now */
1705 free_page_list(freelist);
1710 static unsigned long iommu_unmap_page(struct protection_domain *dom,
1711 unsigned long bus_addr,
1712 unsigned long page_size)
1714 unsigned long long unmapped;
1715 unsigned long unmap_size;
1718 BUG_ON(!is_power_of_2(page_size));
1722 while (unmapped < page_size) {
1724 pte = fetch_pte(dom, bus_addr, &unmap_size);
1729 count = PAGE_SIZE_PTE_COUNT(unmap_size);
1730 for (i = 0; i < count; i++)
1734 bus_addr = (bus_addr & ~(unmap_size - 1)) + unmap_size;
1735 unmapped += unmap_size;
1738 BUG_ON(unmapped && !is_power_of_2(unmapped));
1743 /****************************************************************************
1745 * The next functions belong to the domain allocation. A domain is
1746 * allocated for every IOMMU as the default domain. If device isolation
1747 * is enabled, every device get its own domain. The most important thing
1748 * about domains is the page table mapping the DMA address space they
1751 ****************************************************************************/
1753 static u16 domain_id_alloc(void)
1757 spin_lock(&pd_bitmap_lock);
1758 id = find_first_zero_bit(amd_iommu_pd_alloc_bitmap, MAX_DOMAIN_ID);
1760 if (id > 0 && id < MAX_DOMAIN_ID)
1761 __set_bit(id, amd_iommu_pd_alloc_bitmap);
1764 spin_unlock(&pd_bitmap_lock);
1769 static void domain_id_free(int id)
1771 spin_lock(&pd_bitmap_lock);
1772 if (id > 0 && id < MAX_DOMAIN_ID)
1773 __clear_bit(id, amd_iommu_pd_alloc_bitmap);
1774 spin_unlock(&pd_bitmap_lock);
1777 static void free_gcr3_tbl_level1(u64 *tbl)
1782 for (i = 0; i < 512; ++i) {
1783 if (!(tbl[i] & GCR3_VALID))
1786 ptr = iommu_phys_to_virt(tbl[i] & PAGE_MASK);
1788 free_page((unsigned long)ptr);
1792 static void free_gcr3_tbl_level2(u64 *tbl)
1797 for (i = 0; i < 512; ++i) {
1798 if (!(tbl[i] & GCR3_VALID))
1801 ptr = iommu_phys_to_virt(tbl[i] & PAGE_MASK);
1803 free_gcr3_tbl_level1(ptr);
1807 static void free_gcr3_table(struct protection_domain *domain)
1809 if (domain->glx == 2)
1810 free_gcr3_tbl_level2(domain->gcr3_tbl);
1811 else if (domain->glx == 1)
1812 free_gcr3_tbl_level1(domain->gcr3_tbl);
1814 BUG_ON(domain->glx != 0);
1816 free_page((unsigned long)domain->gcr3_tbl);
1819 static void set_dte_entry(u16 devid, struct protection_domain *domain,
1820 struct domain_pgtable *pgtable,
1827 if (pgtable->mode != PAGE_MODE_NONE)
1828 pte_root = iommu_virt_to_phys(pgtable->root);
1830 pte_root |= (pgtable->mode & DEV_ENTRY_MODE_MASK)
1831 << DEV_ENTRY_MODE_SHIFT;
1832 pte_root |= DTE_FLAG_IR | DTE_FLAG_IW | DTE_FLAG_V | DTE_FLAG_TV;
1834 flags = amd_iommu_dev_table[devid].data[1];
1837 flags |= DTE_FLAG_IOTLB;
1840 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1842 if (iommu_feature(iommu, FEATURE_EPHSUP))
1843 pte_root |= 1ULL << DEV_ENTRY_PPR;
1846 if (domain->flags & PD_IOMMUV2_MASK) {
1847 u64 gcr3 = iommu_virt_to_phys(domain->gcr3_tbl);
1848 u64 glx = domain->glx;
1851 pte_root |= DTE_FLAG_GV;
1852 pte_root |= (glx & DTE_GLX_MASK) << DTE_GLX_SHIFT;
1854 /* First mask out possible old values for GCR3 table */
1855 tmp = DTE_GCR3_VAL_B(~0ULL) << DTE_GCR3_SHIFT_B;
1858 tmp = DTE_GCR3_VAL_C(~0ULL) << DTE_GCR3_SHIFT_C;
1861 /* Encode GCR3 table into DTE */
1862 tmp = DTE_GCR3_VAL_A(gcr3) << DTE_GCR3_SHIFT_A;
1865 tmp = DTE_GCR3_VAL_B(gcr3) << DTE_GCR3_SHIFT_B;
1868 tmp = DTE_GCR3_VAL_C(gcr3) << DTE_GCR3_SHIFT_C;
1872 flags &= ~DEV_DOMID_MASK;
1873 flags |= domain->id;
1875 old_domid = amd_iommu_dev_table[devid].data[1] & DEV_DOMID_MASK;
1876 amd_iommu_dev_table[devid].data[1] = flags;
1877 amd_iommu_dev_table[devid].data[0] = pte_root;
1880 * A kdump kernel might be replacing a domain ID that was copied from
1881 * the previous kernel--if so, it needs to flush the translation cache
1882 * entries for the old domain ID that is being overwritten
1885 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
1887 amd_iommu_flush_tlb_domid(iommu, old_domid);
1891 static void clear_dte_entry(u16 devid)
1893 /* remove entry from the device table seen by the hardware */
1894 amd_iommu_dev_table[devid].data[0] = DTE_FLAG_V | DTE_FLAG_TV;
1895 amd_iommu_dev_table[devid].data[1] &= DTE_FLAG_MASK;
1897 amd_iommu_apply_erratum_63(devid);
1900 static void do_attach(struct iommu_dev_data *dev_data,
1901 struct protection_domain *domain)
1903 struct domain_pgtable pgtable;
1904 struct amd_iommu *iommu;
1907 iommu = amd_iommu_rlookup_table[dev_data->devid];
1908 ats = dev_data->ats.enabled;
1910 /* Update data structures */
1911 dev_data->domain = domain;
1912 list_add(&dev_data->list, &domain->dev_list);
1914 /* Do reference counting */
1915 domain->dev_iommu[iommu->index] += 1;
1916 domain->dev_cnt += 1;
1918 /* Update device table */
1919 amd_iommu_domain_get_pgtable(domain, &pgtable);
1920 set_dte_entry(dev_data->devid, domain, &pgtable,
1921 ats, dev_data->iommu_v2);
1922 clone_aliases(dev_data->pdev);
1924 device_flush_dte(dev_data);
1927 static void do_detach(struct iommu_dev_data *dev_data)
1929 struct protection_domain *domain = dev_data->domain;
1930 struct amd_iommu *iommu;
1932 iommu = amd_iommu_rlookup_table[dev_data->devid];
1934 /* Update data structures */
1935 dev_data->domain = NULL;
1936 list_del(&dev_data->list);
1937 clear_dte_entry(dev_data->devid);
1938 clone_aliases(dev_data->pdev);
1940 /* Flush the DTE entry */
1941 device_flush_dte(dev_data);
1944 domain_flush_tlb_pde(domain);
1946 /* Wait for the flushes to finish */
1947 domain_flush_complete(domain);
1949 /* decrease reference counters - needs to happen after the flushes */
1950 domain->dev_iommu[iommu->index] -= 1;
1951 domain->dev_cnt -= 1;
1954 static void pdev_iommuv2_disable(struct pci_dev *pdev)
1956 pci_disable_ats(pdev);
1957 pci_disable_pri(pdev);
1958 pci_disable_pasid(pdev);
1961 /* FIXME: Change generic reset-function to do the same */
1962 static int pri_reset_while_enabled(struct pci_dev *pdev)
1967 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PRI);
1971 pci_read_config_word(pdev, pos + PCI_PRI_CTRL, &control);
1972 control |= PCI_PRI_CTRL_RESET;
1973 pci_write_config_word(pdev, pos + PCI_PRI_CTRL, control);
1978 static int pdev_iommuv2_enable(struct pci_dev *pdev)
1983 /* FIXME: Hardcode number of outstanding requests for now */
1985 if (pdev_pri_erratum(pdev, AMD_PRI_DEV_ERRATUM_LIMIT_REQ_ONE))
1987 reset_enable = pdev_pri_erratum(pdev, AMD_PRI_DEV_ERRATUM_ENABLE_RESET);
1989 /* Only allow access to user-accessible pages */
1990 ret = pci_enable_pasid(pdev, 0);
1994 /* First reset the PRI state of the device */
1995 ret = pci_reset_pri(pdev);
2000 ret = pci_enable_pri(pdev, reqs);
2005 ret = pri_reset_while_enabled(pdev);
2010 ret = pci_enable_ats(pdev, PAGE_SHIFT);
2017 pci_disable_pri(pdev);
2018 pci_disable_pasid(pdev);
2024 * If a device is not yet associated with a domain, this function makes the
2025 * device visible in the domain
2027 static int attach_device(struct device *dev,
2028 struct protection_domain *domain)
2030 struct iommu_dev_data *dev_data;
2031 struct pci_dev *pdev;
2032 unsigned long flags;
2035 spin_lock_irqsave(&domain->lock, flags);
2037 dev_data = dev_iommu_priv_get(dev);
2039 spin_lock(&dev_data->lock);
2042 if (dev_data->domain != NULL)
2045 if (!dev_is_pci(dev))
2046 goto skip_ats_check;
2048 pdev = to_pci_dev(dev);
2049 if (domain->flags & PD_IOMMUV2_MASK) {
2050 struct iommu_domain *def_domain = iommu_get_dma_domain(dev);
2053 if (def_domain->type != IOMMU_DOMAIN_IDENTITY)
2056 if (dev_data->iommu_v2) {
2057 if (pdev_iommuv2_enable(pdev) != 0)
2060 dev_data->ats.enabled = true;
2061 dev_data->ats.qdep = pci_ats_queue_depth(pdev);
2062 dev_data->pri_tlp = pci_prg_resp_pasid_required(pdev);
2064 } else if (amd_iommu_iotlb_sup &&
2065 pci_enable_ats(pdev, PAGE_SHIFT) == 0) {
2066 dev_data->ats.enabled = true;
2067 dev_data->ats.qdep = pci_ats_queue_depth(pdev);
2073 do_attach(dev_data, domain);
2076 * We might boot into a crash-kernel here. The crashed kernel
2077 * left the caches in the IOMMU dirty. So we have to flush
2078 * here to evict all dirty stuff.
2080 domain_flush_tlb_pde(domain);
2082 domain_flush_complete(domain);
2085 spin_unlock(&dev_data->lock);
2087 spin_unlock_irqrestore(&domain->lock, flags);
2093 * Removes a device from a protection domain (with devtable_lock held)
2095 static void detach_device(struct device *dev)
2097 struct protection_domain *domain;
2098 struct iommu_dev_data *dev_data;
2099 unsigned long flags;
2101 dev_data = dev_iommu_priv_get(dev);
2102 domain = dev_data->domain;
2104 spin_lock_irqsave(&domain->lock, flags);
2106 spin_lock(&dev_data->lock);
2109 * First check if the device is still attached. It might already
2110 * be detached from its domain because the generic
2111 * iommu_detach_group code detached it and we try again here in
2112 * our alias handling.
2114 if (WARN_ON(!dev_data->domain))
2117 do_detach(dev_data);
2119 if (!dev_is_pci(dev))
2122 if (domain->flags & PD_IOMMUV2_MASK && dev_data->iommu_v2)
2123 pdev_iommuv2_disable(to_pci_dev(dev));
2124 else if (dev_data->ats.enabled)
2125 pci_disable_ats(to_pci_dev(dev));
2127 dev_data->ats.enabled = false;
2130 spin_unlock(&dev_data->lock);
2132 spin_unlock_irqrestore(&domain->lock, flags);
2135 static struct iommu_device *amd_iommu_probe_device(struct device *dev)
2137 struct iommu_device *iommu_dev;
2138 struct amd_iommu *iommu;
2141 if (!check_device(dev))
2142 return ERR_PTR(-ENODEV);
2144 devid = get_device_id(dev);
2146 return ERR_PTR(devid);
2148 iommu = amd_iommu_rlookup_table[devid];
2150 if (dev_iommu_priv_get(dev))
2151 return &iommu->iommu;
2153 ret = iommu_init_device(dev);
2155 if (ret != -ENOTSUPP)
2156 dev_err(dev, "Failed to initialize - trying to proceed anyway\n");
2157 iommu_dev = ERR_PTR(ret);
2158 iommu_ignore_device(dev);
2160 iommu_dev = &iommu->iommu;
2163 iommu_completion_wait(iommu);
2168 static void amd_iommu_probe_finalize(struct device *dev)
2170 struct iommu_domain *domain;
2172 /* Domains are initialized for this device - have a look what we ended up with */
2173 domain = iommu_get_domain_for_dev(dev);
2174 if (domain->type == IOMMU_DOMAIN_DMA)
2175 iommu_setup_dma_ops(dev, IOVA_START_PFN << PAGE_SHIFT, 0);
2178 static void amd_iommu_release_device(struct device *dev)
2180 int devid = get_device_id(dev);
2181 struct amd_iommu *iommu;
2183 if (!check_device(dev))
2186 iommu = amd_iommu_rlookup_table[devid];
2188 amd_iommu_uninit_device(dev);
2189 iommu_completion_wait(iommu);
2192 static struct iommu_group *amd_iommu_device_group(struct device *dev)
2194 if (dev_is_pci(dev))
2195 return pci_device_group(dev);
2197 return acpihid_device_group(dev);
2200 static int amd_iommu_domain_get_attr(struct iommu_domain *domain,
2201 enum iommu_attr attr, void *data)
2203 switch (domain->type) {
2204 case IOMMU_DOMAIN_UNMANAGED:
2206 case IOMMU_DOMAIN_DMA:
2208 case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE:
2209 *(int *)data = !amd_iommu_unmap_flush;
2220 /*****************************************************************************
2222 * The next functions belong to the dma_ops mapping/unmapping code.
2224 *****************************************************************************/
2226 static void update_device_table(struct protection_domain *domain,
2227 struct domain_pgtable *pgtable)
2229 struct iommu_dev_data *dev_data;
2231 list_for_each_entry(dev_data, &domain->dev_list, list) {
2232 set_dte_entry(dev_data->devid, domain, pgtable,
2233 dev_data->ats.enabled, dev_data->iommu_v2);
2234 clone_aliases(dev_data->pdev);
2238 static void update_and_flush_device_table(struct protection_domain *domain,
2239 struct domain_pgtable *pgtable)
2241 update_device_table(domain, pgtable);
2242 domain_flush_devices(domain);
2245 static void update_domain(struct protection_domain *domain)
2247 struct domain_pgtable pgtable;
2249 /* Update device table */
2250 amd_iommu_domain_get_pgtable(domain, &pgtable);
2251 update_and_flush_device_table(domain, &pgtable);
2253 /* Flush domain TLB(s) and wait for completion */
2254 domain_flush_tlb_pde(domain);
2255 domain_flush_complete(domain);
2258 int __init amd_iommu_init_api(void)
2262 ret = iova_cache_get();
2266 err = bus_set_iommu(&pci_bus_type, &amd_iommu_ops);
2269 #ifdef CONFIG_ARM_AMBA
2270 err = bus_set_iommu(&amba_bustype, &amd_iommu_ops);
2274 err = bus_set_iommu(&platform_bus_type, &amd_iommu_ops);
2281 int __init amd_iommu_init_dma_ops(void)
2283 swiotlb = (iommu_default_passthrough() || sme_me_mask) ? 1 : 0;
2285 if (amd_iommu_unmap_flush)
2286 pr_info("IO/TLB flush on unmap enabled\n");
2288 pr_info("Lazy IO/TLB flushing enabled\n");
2294 /*****************************************************************************
2296 * The following functions belong to the exported interface of AMD IOMMU
2298 * This interface allows access to lower level functions of the IOMMU
2299 * like protection domain handling and assignement of devices to domains
2300 * which is not possible with the dma_ops interface.
2302 *****************************************************************************/
2304 static void cleanup_domain(struct protection_domain *domain)
2306 struct iommu_dev_data *entry;
2307 unsigned long flags;
2309 spin_lock_irqsave(&domain->lock, flags);
2311 while (!list_empty(&domain->dev_list)) {
2312 entry = list_first_entry(&domain->dev_list,
2313 struct iommu_dev_data, list);
2314 BUG_ON(!entry->domain);
2318 spin_unlock_irqrestore(&domain->lock, flags);
2321 static void protection_domain_free(struct protection_domain *domain)
2323 struct domain_pgtable pgtable;
2329 domain_id_free(domain->id);
2331 amd_iommu_domain_get_pgtable(domain, &pgtable);
2332 amd_iommu_domain_clr_pt_root(domain);
2333 free_pagetable(&pgtable);
2338 static int protection_domain_init(struct protection_domain *domain, int mode)
2340 u64 *pt_root = NULL;
2342 BUG_ON(mode < PAGE_MODE_NONE || mode > PAGE_MODE_6_LEVEL);
2344 spin_lock_init(&domain->lock);
2345 domain->id = domain_id_alloc();
2348 INIT_LIST_HEAD(&domain->dev_list);
2350 if (mode != PAGE_MODE_NONE) {
2351 pt_root = (void *)get_zeroed_page(GFP_KERNEL);
2356 amd_iommu_domain_set_pgtable(domain, pt_root, mode);
2361 static struct protection_domain *protection_domain_alloc(int mode)
2363 struct protection_domain *domain;
2365 domain = kzalloc(sizeof(*domain), GFP_KERNEL);
2369 if (protection_domain_init(domain, mode))
2380 static struct iommu_domain *amd_iommu_domain_alloc(unsigned type)
2382 struct protection_domain *domain;
2383 int mode = DEFAULT_PGTABLE_LEVEL;
2385 if (type == IOMMU_DOMAIN_IDENTITY)
2386 mode = PAGE_MODE_NONE;
2388 domain = protection_domain_alloc(mode);
2392 domain->domain.geometry.aperture_start = 0;
2393 domain->domain.geometry.aperture_end = ~0ULL;
2394 domain->domain.geometry.force_aperture = true;
2396 if (type == IOMMU_DOMAIN_DMA &&
2397 iommu_get_dma_cookie(&domain->domain) == -ENOMEM)
2400 return &domain->domain;
2403 protection_domain_free(domain);
2408 static void amd_iommu_domain_free(struct iommu_domain *dom)
2410 struct protection_domain *domain;
2412 domain = to_pdomain(dom);
2414 if (domain->dev_cnt > 0)
2415 cleanup_domain(domain);
2417 BUG_ON(domain->dev_cnt != 0);
2422 if (dom->type == IOMMU_DOMAIN_DMA)
2423 iommu_put_dma_cookie(&domain->domain);
2425 if (domain->flags & PD_IOMMUV2_MASK)
2426 free_gcr3_table(domain);
2428 protection_domain_free(domain);
2431 static void amd_iommu_detach_device(struct iommu_domain *dom,
2434 struct iommu_dev_data *dev_data = dev_iommu_priv_get(dev);
2435 struct amd_iommu *iommu;
2438 if (!check_device(dev))
2441 devid = get_device_id(dev);
2445 if (dev_data->domain != NULL)
2448 iommu = amd_iommu_rlookup_table[devid];
2452 #ifdef CONFIG_IRQ_REMAP
2453 if (AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) &&
2454 (dom->type == IOMMU_DOMAIN_UNMANAGED))
2455 dev_data->use_vapic = 0;
2458 iommu_completion_wait(iommu);
2461 static int amd_iommu_attach_device(struct iommu_domain *dom,
2464 struct protection_domain *domain = to_pdomain(dom);
2465 struct iommu_dev_data *dev_data;
2466 struct amd_iommu *iommu;
2469 if (!check_device(dev))
2472 dev_data = dev_iommu_priv_get(dev);
2473 dev_data->defer_attach = false;
2475 iommu = amd_iommu_rlookup_table[dev_data->devid];
2479 if (dev_data->domain)
2482 ret = attach_device(dev, domain);
2484 #ifdef CONFIG_IRQ_REMAP
2485 if (AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir)) {
2486 if (dom->type == IOMMU_DOMAIN_UNMANAGED)
2487 dev_data->use_vapic = 1;
2489 dev_data->use_vapic = 0;
2493 iommu_completion_wait(iommu);
2498 static int amd_iommu_map(struct iommu_domain *dom, unsigned long iova,
2499 phys_addr_t paddr, size_t page_size, int iommu_prot,
2502 struct protection_domain *domain = to_pdomain(dom);
2503 struct domain_pgtable pgtable;
2507 amd_iommu_domain_get_pgtable(domain, &pgtable);
2508 if (pgtable.mode == PAGE_MODE_NONE)
2511 if (iommu_prot & IOMMU_READ)
2512 prot |= IOMMU_PROT_IR;
2513 if (iommu_prot & IOMMU_WRITE)
2514 prot |= IOMMU_PROT_IW;
2516 ret = iommu_map_page(domain, iova, paddr, page_size, prot, gfp);
2518 domain_flush_np_cache(domain, iova, page_size);
2523 static size_t amd_iommu_unmap(struct iommu_domain *dom, unsigned long iova,
2525 struct iommu_iotlb_gather *gather)
2527 struct protection_domain *domain = to_pdomain(dom);
2528 struct domain_pgtable pgtable;
2530 amd_iommu_domain_get_pgtable(domain, &pgtable);
2531 if (pgtable.mode == PAGE_MODE_NONE)
2534 return iommu_unmap_page(domain, iova, page_size);
2537 static phys_addr_t amd_iommu_iova_to_phys(struct iommu_domain *dom,
2540 struct protection_domain *domain = to_pdomain(dom);
2541 unsigned long offset_mask, pte_pgsize;
2542 struct domain_pgtable pgtable;
2545 amd_iommu_domain_get_pgtable(domain, &pgtable);
2546 if (pgtable.mode == PAGE_MODE_NONE)
2549 pte = fetch_pte(domain, iova, &pte_pgsize);
2551 if (!pte || !IOMMU_PTE_PRESENT(*pte))
2554 offset_mask = pte_pgsize - 1;
2555 __pte = __sme_clr(*pte & PM_ADDR_MASK);
2557 return (__pte & ~offset_mask) | (iova & offset_mask);
2560 static bool amd_iommu_capable(enum iommu_cap cap)
2563 case IOMMU_CAP_CACHE_COHERENCY:
2565 case IOMMU_CAP_INTR_REMAP:
2566 return (irq_remapping_enabled == 1);
2567 case IOMMU_CAP_NOEXEC:
2576 static void amd_iommu_get_resv_regions(struct device *dev,
2577 struct list_head *head)
2579 struct iommu_resv_region *region;
2580 struct unity_map_entry *entry;
2583 devid = get_device_id(dev);
2587 list_for_each_entry(entry, &amd_iommu_unity_map, list) {
2591 if (devid < entry->devid_start || devid > entry->devid_end)
2594 type = IOMMU_RESV_DIRECT;
2595 length = entry->address_end - entry->address_start;
2596 if (entry->prot & IOMMU_PROT_IR)
2598 if (entry->prot & IOMMU_PROT_IW)
2599 prot |= IOMMU_WRITE;
2600 if (entry->prot & IOMMU_UNITY_MAP_FLAG_EXCL_RANGE)
2601 /* Exclusion range */
2602 type = IOMMU_RESV_RESERVED;
2604 region = iommu_alloc_resv_region(entry->address_start,
2605 length, prot, type);
2607 dev_err(dev, "Out of memory allocating dm-regions\n");
2610 list_add_tail(®ion->list, head);
2613 region = iommu_alloc_resv_region(MSI_RANGE_START,
2614 MSI_RANGE_END - MSI_RANGE_START + 1,
2618 list_add_tail(®ion->list, head);
2620 region = iommu_alloc_resv_region(HT_RANGE_START,
2621 HT_RANGE_END - HT_RANGE_START + 1,
2622 0, IOMMU_RESV_RESERVED);
2625 list_add_tail(®ion->list, head);
2628 bool amd_iommu_is_attach_deferred(struct iommu_domain *domain,
2631 struct iommu_dev_data *dev_data = dev_iommu_priv_get(dev);
2633 return dev_data->defer_attach;
2635 EXPORT_SYMBOL_GPL(amd_iommu_is_attach_deferred);
2637 static void amd_iommu_flush_iotlb_all(struct iommu_domain *domain)
2639 struct protection_domain *dom = to_pdomain(domain);
2640 unsigned long flags;
2642 spin_lock_irqsave(&dom->lock, flags);
2643 domain_flush_tlb_pde(dom);
2644 domain_flush_complete(dom);
2645 spin_unlock_irqrestore(&dom->lock, flags);
2648 static void amd_iommu_iotlb_sync(struct iommu_domain *domain,
2649 struct iommu_iotlb_gather *gather)
2651 amd_iommu_flush_iotlb_all(domain);
2654 static int amd_iommu_def_domain_type(struct device *dev)
2656 struct iommu_dev_data *dev_data;
2658 dev_data = dev_iommu_priv_get(dev);
2662 if (dev_data->iommu_v2)
2663 return IOMMU_DOMAIN_IDENTITY;
2668 const struct iommu_ops amd_iommu_ops = {
2669 .capable = amd_iommu_capable,
2670 .domain_alloc = amd_iommu_domain_alloc,
2671 .domain_free = amd_iommu_domain_free,
2672 .attach_dev = amd_iommu_attach_device,
2673 .detach_dev = amd_iommu_detach_device,
2674 .map = amd_iommu_map,
2675 .unmap = amd_iommu_unmap,
2676 .iova_to_phys = amd_iommu_iova_to_phys,
2677 .probe_device = amd_iommu_probe_device,
2678 .release_device = amd_iommu_release_device,
2679 .probe_finalize = amd_iommu_probe_finalize,
2680 .device_group = amd_iommu_device_group,
2681 .domain_get_attr = amd_iommu_domain_get_attr,
2682 .get_resv_regions = amd_iommu_get_resv_regions,
2683 .put_resv_regions = generic_iommu_put_resv_regions,
2684 .is_attach_deferred = amd_iommu_is_attach_deferred,
2685 .pgsize_bitmap = AMD_IOMMU_PGSIZES,
2686 .flush_iotlb_all = amd_iommu_flush_iotlb_all,
2687 .iotlb_sync = amd_iommu_iotlb_sync,
2688 .def_domain_type = amd_iommu_def_domain_type,
2691 /*****************************************************************************
2693 * The next functions do a basic initialization of IOMMU for pass through
2696 * In passthrough mode the IOMMU is initialized and enabled but not used for
2697 * DMA-API translation.
2699 *****************************************************************************/
2701 /* IOMMUv2 specific functions */
2702 int amd_iommu_register_ppr_notifier(struct notifier_block *nb)
2704 return atomic_notifier_chain_register(&ppr_notifier, nb);
2706 EXPORT_SYMBOL(amd_iommu_register_ppr_notifier);
2708 int amd_iommu_unregister_ppr_notifier(struct notifier_block *nb)
2710 return atomic_notifier_chain_unregister(&ppr_notifier, nb);
2712 EXPORT_SYMBOL(amd_iommu_unregister_ppr_notifier);
2714 void amd_iommu_domain_direct_map(struct iommu_domain *dom)
2716 struct protection_domain *domain = to_pdomain(dom);
2717 struct domain_pgtable pgtable;
2718 unsigned long flags;
2720 spin_lock_irqsave(&domain->lock, flags);
2722 /* First save pgtable configuration*/
2723 amd_iommu_domain_get_pgtable(domain, &pgtable);
2725 /* Remove page-table from domain */
2726 amd_iommu_domain_clr_pt_root(domain);
2728 /* Make changes visible to IOMMUs */
2729 update_domain(domain);
2731 /* Page-table is not visible to IOMMU anymore, so free it */
2732 free_pagetable(&pgtable);
2734 spin_unlock_irqrestore(&domain->lock, flags);
2736 EXPORT_SYMBOL(amd_iommu_domain_direct_map);
2738 int amd_iommu_domain_enable_v2(struct iommu_domain *dom, int pasids)
2740 struct protection_domain *domain = to_pdomain(dom);
2741 unsigned long flags;
2744 if (pasids <= 0 || pasids > (PASID_MASK + 1))
2747 /* Number of GCR3 table levels required */
2748 for (levels = 0; (pasids - 1) & ~0x1ff; pasids >>= 9)
2751 if (levels > amd_iommu_max_glx_val)
2754 spin_lock_irqsave(&domain->lock, flags);
2757 * Save us all sanity checks whether devices already in the
2758 * domain support IOMMUv2. Just force that the domain has no
2759 * devices attached when it is switched into IOMMUv2 mode.
2762 if (domain->dev_cnt > 0 || domain->flags & PD_IOMMUV2_MASK)
2766 domain->gcr3_tbl = (void *)get_zeroed_page(GFP_ATOMIC);
2767 if (domain->gcr3_tbl == NULL)
2770 domain->glx = levels;
2771 domain->flags |= PD_IOMMUV2_MASK;
2773 update_domain(domain);
2778 spin_unlock_irqrestore(&domain->lock, flags);
2782 EXPORT_SYMBOL(amd_iommu_domain_enable_v2);
2784 static int __flush_pasid(struct protection_domain *domain, int pasid,
2785 u64 address, bool size)
2787 struct iommu_dev_data *dev_data;
2788 struct iommu_cmd cmd;
2791 if (!(domain->flags & PD_IOMMUV2_MASK))
2794 build_inv_iommu_pasid(&cmd, domain->id, pasid, address, size);
2797 * IOMMU TLB needs to be flushed before Device TLB to
2798 * prevent device TLB refill from IOMMU TLB
2800 for (i = 0; i < amd_iommu_get_num_iommus(); ++i) {
2801 if (domain->dev_iommu[i] == 0)
2804 ret = iommu_queue_command(amd_iommus[i], &cmd);
2809 /* Wait until IOMMU TLB flushes are complete */
2810 domain_flush_complete(domain);
2812 /* Now flush device TLBs */
2813 list_for_each_entry(dev_data, &domain->dev_list, list) {
2814 struct amd_iommu *iommu;
2818 There might be non-IOMMUv2 capable devices in an IOMMUv2
2821 if (!dev_data->ats.enabled)
2824 qdep = dev_data->ats.qdep;
2825 iommu = amd_iommu_rlookup_table[dev_data->devid];
2827 build_inv_iotlb_pasid(&cmd, dev_data->devid, pasid,
2828 qdep, address, size);
2830 ret = iommu_queue_command(iommu, &cmd);
2835 /* Wait until all device TLBs are flushed */
2836 domain_flush_complete(domain);
2845 static int __amd_iommu_flush_page(struct protection_domain *domain, int pasid,
2848 return __flush_pasid(domain, pasid, address, false);
2851 int amd_iommu_flush_page(struct iommu_domain *dom, int pasid,
2854 struct protection_domain *domain = to_pdomain(dom);
2855 unsigned long flags;
2858 spin_lock_irqsave(&domain->lock, flags);
2859 ret = __amd_iommu_flush_page(domain, pasid, address);
2860 spin_unlock_irqrestore(&domain->lock, flags);
2864 EXPORT_SYMBOL(amd_iommu_flush_page);
2866 static int __amd_iommu_flush_tlb(struct protection_domain *domain, int pasid)
2868 return __flush_pasid(domain, pasid, CMD_INV_IOMMU_ALL_PAGES_ADDRESS,
2872 int amd_iommu_flush_tlb(struct iommu_domain *dom, int pasid)
2874 struct protection_domain *domain = to_pdomain(dom);
2875 unsigned long flags;
2878 spin_lock_irqsave(&domain->lock, flags);
2879 ret = __amd_iommu_flush_tlb(domain, pasid);
2880 spin_unlock_irqrestore(&domain->lock, flags);
2884 EXPORT_SYMBOL(amd_iommu_flush_tlb);
2886 static u64 *__get_gcr3_pte(u64 *root, int level, int pasid, bool alloc)
2893 index = (pasid >> (9 * level)) & 0x1ff;
2899 if (!(*pte & GCR3_VALID)) {
2903 root = (void *)get_zeroed_page(GFP_ATOMIC);
2907 *pte = iommu_virt_to_phys(root) | GCR3_VALID;
2910 root = iommu_phys_to_virt(*pte & PAGE_MASK);
2918 static int __set_gcr3(struct protection_domain *domain, int pasid,
2921 struct domain_pgtable pgtable;
2924 amd_iommu_domain_get_pgtable(domain, &pgtable);
2925 if (pgtable.mode != PAGE_MODE_NONE)
2928 pte = __get_gcr3_pte(domain->gcr3_tbl, domain->glx, pasid, true);
2932 *pte = (cr3 & PAGE_MASK) | GCR3_VALID;
2934 return __amd_iommu_flush_tlb(domain, pasid);
2937 static int __clear_gcr3(struct protection_domain *domain, int pasid)
2939 struct domain_pgtable pgtable;
2942 amd_iommu_domain_get_pgtable(domain, &pgtable);
2943 if (pgtable.mode != PAGE_MODE_NONE)
2946 pte = __get_gcr3_pte(domain->gcr3_tbl, domain->glx, pasid, false);
2952 return __amd_iommu_flush_tlb(domain, pasid);
2955 int amd_iommu_domain_set_gcr3(struct iommu_domain *dom, int pasid,
2958 struct protection_domain *domain = to_pdomain(dom);
2959 unsigned long flags;
2962 spin_lock_irqsave(&domain->lock, flags);
2963 ret = __set_gcr3(domain, pasid, cr3);
2964 spin_unlock_irqrestore(&domain->lock, flags);
2968 EXPORT_SYMBOL(amd_iommu_domain_set_gcr3);
2970 int amd_iommu_domain_clear_gcr3(struct iommu_domain *dom, int pasid)
2972 struct protection_domain *domain = to_pdomain(dom);
2973 unsigned long flags;
2976 spin_lock_irqsave(&domain->lock, flags);
2977 ret = __clear_gcr3(domain, pasid);
2978 spin_unlock_irqrestore(&domain->lock, flags);
2982 EXPORT_SYMBOL(amd_iommu_domain_clear_gcr3);
2984 int amd_iommu_complete_ppr(struct pci_dev *pdev, int pasid,
2985 int status, int tag)
2987 struct iommu_dev_data *dev_data;
2988 struct amd_iommu *iommu;
2989 struct iommu_cmd cmd;
2991 dev_data = dev_iommu_priv_get(&pdev->dev);
2992 iommu = amd_iommu_rlookup_table[dev_data->devid];
2994 build_complete_ppr(&cmd, dev_data->devid, pasid, status,
2995 tag, dev_data->pri_tlp);
2997 return iommu_queue_command(iommu, &cmd);
2999 EXPORT_SYMBOL(amd_iommu_complete_ppr);
3001 struct iommu_domain *amd_iommu_get_v2_domain(struct pci_dev *pdev)
3003 struct protection_domain *pdomain;
3004 struct iommu_dev_data *dev_data;
3005 struct device *dev = &pdev->dev;
3006 struct iommu_domain *io_domain;
3008 if (!check_device(dev))
3011 dev_data = dev_iommu_priv_get(&pdev->dev);
3012 pdomain = dev_data->domain;
3013 io_domain = iommu_get_domain_for_dev(dev);
3015 if (pdomain == NULL && dev_data->defer_attach) {
3016 dev_data->defer_attach = false;
3017 pdomain = to_pdomain(io_domain);
3018 attach_device(dev, pdomain);
3021 if (pdomain == NULL)
3024 if (io_domain->type != IOMMU_DOMAIN_DMA)
3027 /* Only return IOMMUv2 domains */
3028 if (!(pdomain->flags & PD_IOMMUV2_MASK))
3031 return &pdomain->domain;
3033 EXPORT_SYMBOL(amd_iommu_get_v2_domain);
3035 void amd_iommu_enable_device_erratum(struct pci_dev *pdev, u32 erratum)
3037 struct iommu_dev_data *dev_data;
3039 if (!amd_iommu_v2_supported())
3042 dev_data = dev_iommu_priv_get(&pdev->dev);
3043 dev_data->errata |= (1 << erratum);
3045 EXPORT_SYMBOL(amd_iommu_enable_device_erratum);
3047 int amd_iommu_device_info(struct pci_dev *pdev,
3048 struct amd_iommu_device_info *info)
3053 if (pdev == NULL || info == NULL)
3056 if (!amd_iommu_v2_supported())
3059 memset(info, 0, sizeof(*info));
3061 if (pci_ats_supported(pdev))
3062 info->flags |= AMD_IOMMU_DEVICE_FLAG_ATS_SUP;
3064 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PRI);
3066 info->flags |= AMD_IOMMU_DEVICE_FLAG_PRI_SUP;
3068 pos = pci_find_ext_capability(pdev, PCI_EXT_CAP_ID_PASID);
3072 max_pasids = 1 << (9 * (amd_iommu_max_glx_val + 1));
3073 max_pasids = min(max_pasids, (1 << 20));
3075 info->flags |= AMD_IOMMU_DEVICE_FLAG_PASID_SUP;
3076 info->max_pasids = min(pci_max_pasids(pdev), max_pasids);
3078 features = pci_pasid_features(pdev);
3079 if (features & PCI_PASID_CAP_EXEC)
3080 info->flags |= AMD_IOMMU_DEVICE_FLAG_EXEC_SUP;
3081 if (features & PCI_PASID_CAP_PRIV)
3082 info->flags |= AMD_IOMMU_DEVICE_FLAG_PRIV_SUP;
3087 EXPORT_SYMBOL(amd_iommu_device_info);
3089 #ifdef CONFIG_IRQ_REMAP
3091 /*****************************************************************************
3093 * Interrupt Remapping Implementation
3095 *****************************************************************************/
3097 static struct irq_chip amd_ir_chip;
3098 static DEFINE_SPINLOCK(iommu_table_lock);
3100 static void set_dte_irq_entry(u16 devid, struct irq_remap_table *table)
3104 dte = amd_iommu_dev_table[devid].data[2];
3105 dte &= ~DTE_IRQ_PHYS_ADDR_MASK;
3106 dte |= iommu_virt_to_phys(table->table);
3107 dte |= DTE_IRQ_REMAP_INTCTL;
3108 dte |= DTE_IRQ_TABLE_LEN;
3109 dte |= DTE_IRQ_REMAP_ENABLE;
3111 amd_iommu_dev_table[devid].data[2] = dte;
3114 static struct irq_remap_table *get_irq_table(u16 devid)
3116 struct irq_remap_table *table;
3118 if (WARN_ONCE(!amd_iommu_rlookup_table[devid],
3119 "%s: no iommu for devid %x\n", __func__, devid))
3122 table = irq_lookup_table[devid];
3123 if (WARN_ONCE(!table, "%s: no table for devid %x\n", __func__, devid))
3129 static struct irq_remap_table *__alloc_irq_table(void)
3131 struct irq_remap_table *table;
3133 table = kzalloc(sizeof(*table), GFP_KERNEL);
3137 table->table = kmem_cache_alloc(amd_iommu_irq_cache, GFP_KERNEL);
3138 if (!table->table) {
3142 raw_spin_lock_init(&table->lock);
3144 if (!AMD_IOMMU_GUEST_IR_GA(amd_iommu_guest_ir))
3145 memset(table->table, 0,
3146 MAX_IRQS_PER_TABLE * sizeof(u32));
3148 memset(table->table, 0,
3149 (MAX_IRQS_PER_TABLE * (sizeof(u64) * 2)));
3153 static void set_remap_table_entry(struct amd_iommu *iommu, u16 devid,
3154 struct irq_remap_table *table)
3156 irq_lookup_table[devid] = table;
3157 set_dte_irq_entry(devid, table);
3158 iommu_flush_dte(iommu, devid);
3161 static int set_remap_table_entry_alias(struct pci_dev *pdev, u16 alias,
3164 struct irq_remap_table *table = data;
3166 irq_lookup_table[alias] = table;
3167 set_dte_irq_entry(alias, table);
3169 iommu_flush_dte(amd_iommu_rlookup_table[alias], alias);
3174 static struct irq_remap_table *alloc_irq_table(u16 devid, struct pci_dev *pdev)
3176 struct irq_remap_table *table = NULL;
3177 struct irq_remap_table *new_table = NULL;
3178 struct amd_iommu *iommu;
3179 unsigned long flags;
3182 spin_lock_irqsave(&iommu_table_lock, flags);
3184 iommu = amd_iommu_rlookup_table[devid];
3188 table = irq_lookup_table[devid];
3192 alias = amd_iommu_alias_table[devid];
3193 table = irq_lookup_table[alias];
3195 set_remap_table_entry(iommu, devid, table);
3198 spin_unlock_irqrestore(&iommu_table_lock, flags);
3200 /* Nothing there yet, allocate new irq remapping table */
3201 new_table = __alloc_irq_table();
3205 spin_lock_irqsave(&iommu_table_lock, flags);
3207 table = irq_lookup_table[devid];
3211 table = irq_lookup_table[alias];
3213 set_remap_table_entry(iommu, devid, table);
3221 pci_for_each_dma_alias(pdev, set_remap_table_entry_alias,
3224 set_remap_table_entry(iommu, devid, table);
3227 set_remap_table_entry(iommu, alias, table);
3230 iommu_completion_wait(iommu);
3233 spin_unlock_irqrestore(&iommu_table_lock, flags);
3236 kmem_cache_free(amd_iommu_irq_cache, new_table->table);
3242 static int alloc_irq_index(u16 devid, int count, bool align,
3243 struct pci_dev *pdev)
3245 struct irq_remap_table *table;
3246 int index, c, alignment = 1;
3247 unsigned long flags;
3248 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
3253 table = alloc_irq_table(devid, pdev);
3258 alignment = roundup_pow_of_two(count);
3260 raw_spin_lock_irqsave(&table->lock, flags);
3262 /* Scan table for free entries */
3263 for (index = ALIGN(table->min_index, alignment), c = 0;
3264 index < MAX_IRQS_PER_TABLE;) {
3265 if (!iommu->irte_ops->is_allocated(table, index)) {
3269 index = ALIGN(index + 1, alignment);
3275 iommu->irte_ops->set_allocated(table, index - c + 1);
3287 raw_spin_unlock_irqrestore(&table->lock, flags);
3292 static int modify_irte_ga(u16 devid, int index, struct irte_ga *irte,
3293 struct amd_ir_data *data)
3295 struct irq_remap_table *table;
3296 struct amd_iommu *iommu;
3297 unsigned long flags;
3298 struct irte_ga *entry;
3300 iommu = amd_iommu_rlookup_table[devid];
3304 table = get_irq_table(devid);
3308 raw_spin_lock_irqsave(&table->lock, flags);
3310 entry = (struct irte_ga *)table->table;
3311 entry = &entry[index];
3312 entry->lo.fields_remap.valid = 0;
3313 entry->hi.val = irte->hi.val;
3314 entry->lo.val = irte->lo.val;
3315 entry->lo.fields_remap.valid = 1;
3319 raw_spin_unlock_irqrestore(&table->lock, flags);
3321 iommu_flush_irt(iommu, devid);
3322 iommu_completion_wait(iommu);
3327 static int modify_irte(u16 devid, int index, union irte *irte)
3329 struct irq_remap_table *table;
3330 struct amd_iommu *iommu;
3331 unsigned long flags;
3333 iommu = amd_iommu_rlookup_table[devid];
3337 table = get_irq_table(devid);
3341 raw_spin_lock_irqsave(&table->lock, flags);
3342 table->table[index] = irte->val;
3343 raw_spin_unlock_irqrestore(&table->lock, flags);
3345 iommu_flush_irt(iommu, devid);
3346 iommu_completion_wait(iommu);
3351 static void free_irte(u16 devid, int index)
3353 struct irq_remap_table *table;
3354 struct amd_iommu *iommu;
3355 unsigned long flags;
3357 iommu = amd_iommu_rlookup_table[devid];
3361 table = get_irq_table(devid);
3365 raw_spin_lock_irqsave(&table->lock, flags);
3366 iommu->irte_ops->clear_allocated(table, index);
3367 raw_spin_unlock_irqrestore(&table->lock, flags);
3369 iommu_flush_irt(iommu, devid);
3370 iommu_completion_wait(iommu);
3373 static void irte_prepare(void *entry,
3374 u32 delivery_mode, u32 dest_mode,
3375 u8 vector, u32 dest_apicid, int devid)
3377 union irte *irte = (union irte *) entry;
3380 irte->fields.vector = vector;
3381 irte->fields.int_type = delivery_mode;
3382 irte->fields.destination = dest_apicid;
3383 irte->fields.dm = dest_mode;
3384 irte->fields.valid = 1;
3387 static void irte_ga_prepare(void *entry,
3388 u32 delivery_mode, u32 dest_mode,
3389 u8 vector, u32 dest_apicid, int devid)
3391 struct irte_ga *irte = (struct irte_ga *) entry;
3395 irte->lo.fields_remap.int_type = delivery_mode;
3396 irte->lo.fields_remap.dm = dest_mode;
3397 irte->hi.fields.vector = vector;
3398 irte->lo.fields_remap.destination = APICID_TO_IRTE_DEST_LO(dest_apicid);
3399 irte->hi.fields.destination = APICID_TO_IRTE_DEST_HI(dest_apicid);
3400 irte->lo.fields_remap.valid = 1;
3403 static void irte_activate(void *entry, u16 devid, u16 index)
3405 union irte *irte = (union irte *) entry;
3407 irte->fields.valid = 1;
3408 modify_irte(devid, index, irte);
3411 static void irte_ga_activate(void *entry, u16 devid, u16 index)
3413 struct irte_ga *irte = (struct irte_ga *) entry;
3415 irte->lo.fields_remap.valid = 1;
3416 modify_irte_ga(devid, index, irte, NULL);
3419 static void irte_deactivate(void *entry, u16 devid, u16 index)
3421 union irte *irte = (union irte *) entry;
3423 irte->fields.valid = 0;
3424 modify_irte(devid, index, irte);
3427 static void irte_ga_deactivate(void *entry, u16 devid, u16 index)
3429 struct irte_ga *irte = (struct irte_ga *) entry;
3431 irte->lo.fields_remap.valid = 0;
3432 modify_irte_ga(devid, index, irte, NULL);
3435 static void irte_set_affinity(void *entry, u16 devid, u16 index,
3436 u8 vector, u32 dest_apicid)
3438 union irte *irte = (union irte *) entry;
3440 irte->fields.vector = vector;
3441 irte->fields.destination = dest_apicid;
3442 modify_irte(devid, index, irte);
3445 static void irte_ga_set_affinity(void *entry, u16 devid, u16 index,
3446 u8 vector, u32 dest_apicid)
3448 struct irte_ga *irte = (struct irte_ga *) entry;
3450 if (!irte->lo.fields_remap.guest_mode) {
3451 irte->hi.fields.vector = vector;
3452 irte->lo.fields_remap.destination =
3453 APICID_TO_IRTE_DEST_LO(dest_apicid);
3454 irte->hi.fields.destination =
3455 APICID_TO_IRTE_DEST_HI(dest_apicid);
3456 modify_irte_ga(devid, index, irte, NULL);
3460 #define IRTE_ALLOCATED (~1U)
3461 static void irte_set_allocated(struct irq_remap_table *table, int index)
3463 table->table[index] = IRTE_ALLOCATED;
3466 static void irte_ga_set_allocated(struct irq_remap_table *table, int index)
3468 struct irte_ga *ptr = (struct irte_ga *)table->table;
3469 struct irte_ga *irte = &ptr[index];
3471 memset(&irte->lo.val, 0, sizeof(u64));
3472 memset(&irte->hi.val, 0, sizeof(u64));
3473 irte->hi.fields.vector = 0xff;
3476 static bool irte_is_allocated(struct irq_remap_table *table, int index)
3478 union irte *ptr = (union irte *)table->table;
3479 union irte *irte = &ptr[index];
3481 return irte->val != 0;
3484 static bool irte_ga_is_allocated(struct irq_remap_table *table, int index)
3486 struct irte_ga *ptr = (struct irte_ga *)table->table;
3487 struct irte_ga *irte = &ptr[index];
3489 return irte->hi.fields.vector != 0;
3492 static void irte_clear_allocated(struct irq_remap_table *table, int index)
3494 table->table[index] = 0;
3497 static void irte_ga_clear_allocated(struct irq_remap_table *table, int index)
3499 struct irte_ga *ptr = (struct irte_ga *)table->table;
3500 struct irte_ga *irte = &ptr[index];
3502 memset(&irte->lo.val, 0, sizeof(u64));
3503 memset(&irte->hi.val, 0, sizeof(u64));
3506 static int get_devid(struct irq_alloc_info *info)
3510 switch (info->type) {
3511 case X86_IRQ_ALLOC_TYPE_IOAPIC:
3512 devid = get_ioapic_devid(info->ioapic_id);
3514 case X86_IRQ_ALLOC_TYPE_HPET:
3515 devid = get_hpet_devid(info->hpet_id);
3517 case X86_IRQ_ALLOC_TYPE_MSI:
3518 case X86_IRQ_ALLOC_TYPE_MSIX:
3519 devid = get_device_id(&info->msi_dev->dev);
3529 static struct irq_domain *get_ir_irq_domain(struct irq_alloc_info *info)
3531 struct amd_iommu *iommu;
3537 devid = get_devid(info);
3539 iommu = amd_iommu_rlookup_table[devid];
3541 return iommu->ir_domain;
3547 static struct irq_domain *get_irq_domain(struct irq_alloc_info *info)
3549 struct amd_iommu *iommu;
3555 switch (info->type) {
3556 case X86_IRQ_ALLOC_TYPE_MSI:
3557 case X86_IRQ_ALLOC_TYPE_MSIX:
3558 devid = get_device_id(&info->msi_dev->dev);
3562 iommu = amd_iommu_rlookup_table[devid];
3564 return iommu->msi_domain;
3573 struct irq_remap_ops amd_iommu_irq_ops = {
3574 .prepare = amd_iommu_prepare,
3575 .enable = amd_iommu_enable,
3576 .disable = amd_iommu_disable,
3577 .reenable = amd_iommu_reenable,
3578 .enable_faulting = amd_iommu_enable_faulting,
3579 .get_ir_irq_domain = get_ir_irq_domain,
3580 .get_irq_domain = get_irq_domain,
3583 static void irq_remapping_prepare_irte(struct amd_ir_data *data,
3584 struct irq_cfg *irq_cfg,
3585 struct irq_alloc_info *info,
3586 int devid, int index, int sub_handle)
3588 struct irq_2_irte *irte_info = &data->irq_2_irte;
3589 struct msi_msg *msg = &data->msi_entry;
3590 struct IO_APIC_route_entry *entry;
3591 struct amd_iommu *iommu = amd_iommu_rlookup_table[devid];
3596 data->irq_2_irte.devid = devid;
3597 data->irq_2_irte.index = index + sub_handle;
3598 iommu->irte_ops->prepare(data->entry, apic->irq_delivery_mode,
3599 apic->irq_dest_mode, irq_cfg->vector,
3600 irq_cfg->dest_apicid, devid);
3602 switch (info->type) {
3603 case X86_IRQ_ALLOC_TYPE_IOAPIC:
3604 /* Setup IOAPIC entry */
3605 entry = info->ioapic_entry;
3606 info->ioapic_entry = NULL;
3607 memset(entry, 0, sizeof(*entry));
3608 entry->vector = index;
3610 entry->trigger = info->ioapic_trigger;
3611 entry->polarity = info->ioapic_polarity;
3612 /* Mask level triggered irqs. */
3613 if (info->ioapic_trigger)
3617 case X86_IRQ_ALLOC_TYPE_HPET:
3618 case X86_IRQ_ALLOC_TYPE_MSI:
3619 case X86_IRQ_ALLOC_TYPE_MSIX:
3620 msg->address_hi = MSI_ADDR_BASE_HI;
3621 msg->address_lo = MSI_ADDR_BASE_LO;
3622 msg->data = irte_info->index;
3631 struct amd_irte_ops irte_32_ops = {
3632 .prepare = irte_prepare,
3633 .activate = irte_activate,
3634 .deactivate = irte_deactivate,
3635 .set_affinity = irte_set_affinity,
3636 .set_allocated = irte_set_allocated,
3637 .is_allocated = irte_is_allocated,
3638 .clear_allocated = irte_clear_allocated,
3641 struct amd_irte_ops irte_128_ops = {
3642 .prepare = irte_ga_prepare,
3643 .activate = irte_ga_activate,
3644 .deactivate = irte_ga_deactivate,
3645 .set_affinity = irte_ga_set_affinity,
3646 .set_allocated = irte_ga_set_allocated,
3647 .is_allocated = irte_ga_is_allocated,
3648 .clear_allocated = irte_ga_clear_allocated,
3651 static int irq_remapping_alloc(struct irq_domain *domain, unsigned int virq,
3652 unsigned int nr_irqs, void *arg)
3654 struct irq_alloc_info *info = arg;
3655 struct irq_data *irq_data;
3656 struct amd_ir_data *data = NULL;
3657 struct irq_cfg *cfg;
3663 if (nr_irqs > 1 && info->type != X86_IRQ_ALLOC_TYPE_MSI &&
3664 info->type != X86_IRQ_ALLOC_TYPE_MSIX)
3668 * With IRQ remapping enabled, don't need contiguous CPU vectors
3669 * to support multiple MSI interrupts.
3671 if (info->type == X86_IRQ_ALLOC_TYPE_MSI)
3672 info->flags &= ~X86_IRQ_ALLOC_CONTIGUOUS_VECTORS;
3674 devid = get_devid(info);
3678 ret = irq_domain_alloc_irqs_parent(domain, virq, nr_irqs, arg);
3682 if (info->type == X86_IRQ_ALLOC_TYPE_IOAPIC) {
3683 struct irq_remap_table *table;
3684 struct amd_iommu *iommu;
3686 table = alloc_irq_table(devid, NULL);
3688 if (!table->min_index) {
3690 * Keep the first 32 indexes free for IOAPIC
3693 table->min_index = 32;
3694 iommu = amd_iommu_rlookup_table[devid];
3695 for (i = 0; i < 32; ++i)
3696 iommu->irte_ops->set_allocated(table, i);
3698 WARN_ON(table->min_index != 32);
3699 index = info->ioapic_pin;
3703 } else if (info->type == X86_IRQ_ALLOC_TYPE_MSI ||
3704 info->type == X86_IRQ_ALLOC_TYPE_MSIX) {
3705 bool align = (info->type == X86_IRQ_ALLOC_TYPE_MSI);
3707 index = alloc_irq_index(devid, nr_irqs, align, info->msi_dev);
3709 index = alloc_irq_index(devid, nr_irqs, false, NULL);
3713 pr_warn("Failed to allocate IRTE\n");
3715 goto out_free_parent;
3718 for (i = 0; i < nr_irqs; i++) {
3719 irq_data = irq_domain_get_irq_data(domain, virq + i);
3720 cfg = irqd_cfg(irq_data);
3721 if (!irq_data || !cfg) {
3727 data = kzalloc(sizeof(*data), GFP_KERNEL);
3731 if (!AMD_IOMMU_GUEST_IR_GA(amd_iommu_guest_ir))
3732 data->entry = kzalloc(sizeof(union irte), GFP_KERNEL);
3734 data->entry = kzalloc(sizeof(struct irte_ga),
3741 irq_data->hwirq = (devid << 16) + i;
3742 irq_data->chip_data = data;
3743 irq_data->chip = &amd_ir_chip;
3744 irq_remapping_prepare_irte(data, cfg, info, devid, index, i);
3745 irq_set_status_flags(virq + i, IRQ_MOVE_PCNTXT);
3751 for (i--; i >= 0; i--) {
3752 irq_data = irq_domain_get_irq_data(domain, virq + i);
3754 kfree(irq_data->chip_data);
3756 for (i = 0; i < nr_irqs; i++)
3757 free_irte(devid, index + i);
3759 irq_domain_free_irqs_common(domain, virq, nr_irqs);
3763 static void irq_remapping_free(struct irq_domain *domain, unsigned int virq,
3764 unsigned int nr_irqs)
3766 struct irq_2_irte *irte_info;
3767 struct irq_data *irq_data;
3768 struct amd_ir_data *data;
3771 for (i = 0; i < nr_irqs; i++) {
3772 irq_data = irq_domain_get_irq_data(domain, virq + i);
3773 if (irq_data && irq_data->chip_data) {
3774 data = irq_data->chip_data;
3775 irte_info = &data->irq_2_irte;
3776 free_irte(irte_info->devid, irte_info->index);
3781 irq_domain_free_irqs_common(domain, virq, nr_irqs);
3784 static void amd_ir_update_irte(struct irq_data *irqd, struct amd_iommu *iommu,
3785 struct amd_ir_data *ir_data,
3786 struct irq_2_irte *irte_info,
3787 struct irq_cfg *cfg);
3789 static int irq_remapping_activate(struct irq_domain *domain,
3790 struct irq_data *irq_data, bool reserve)
3792 struct amd_ir_data *data = irq_data->chip_data;
3793 struct irq_2_irte *irte_info = &data->irq_2_irte;
3794 struct amd_iommu *iommu = amd_iommu_rlookup_table[irte_info->devid];
3795 struct irq_cfg *cfg = irqd_cfg(irq_data);
3800 iommu->irte_ops->activate(data->entry, irte_info->devid,
3802 amd_ir_update_irte(irq_data, iommu, data, irte_info, cfg);
3806 static void irq_remapping_deactivate(struct irq_domain *domain,
3807 struct irq_data *irq_data)
3809 struct amd_ir_data *data = irq_data->chip_data;
3810 struct irq_2_irte *irte_info = &data->irq_2_irte;
3811 struct amd_iommu *iommu = amd_iommu_rlookup_table[irte_info->devid];
3814 iommu->irte_ops->deactivate(data->entry, irte_info->devid,
3818 static const struct irq_domain_ops amd_ir_domain_ops = {
3819 .alloc = irq_remapping_alloc,
3820 .free = irq_remapping_free,
3821 .activate = irq_remapping_activate,
3822 .deactivate = irq_remapping_deactivate,
3825 int amd_iommu_activate_guest_mode(void *data)
3827 struct amd_ir_data *ir_data = (struct amd_ir_data *)data;
3828 struct irte_ga *entry = (struct irte_ga *) ir_data->entry;
3830 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) ||
3831 !entry || entry->lo.fields_vapic.guest_mode)
3837 entry->lo.fields_vapic.guest_mode = 1;
3838 entry->lo.fields_vapic.ga_log_intr = 1;
3839 entry->hi.fields.ga_root_ptr = ir_data->ga_root_ptr;
3840 entry->hi.fields.vector = ir_data->ga_vector;
3841 entry->lo.fields_vapic.ga_tag = ir_data->ga_tag;
3843 return modify_irte_ga(ir_data->irq_2_irte.devid,
3844 ir_data->irq_2_irte.index, entry, ir_data);
3846 EXPORT_SYMBOL(amd_iommu_activate_guest_mode);
3848 int amd_iommu_deactivate_guest_mode(void *data)
3850 struct amd_ir_data *ir_data = (struct amd_ir_data *)data;
3851 struct irte_ga *entry = (struct irte_ga *) ir_data->entry;
3852 struct irq_cfg *cfg = ir_data->cfg;
3853 u64 valid = entry->lo.fields_remap.valid;
3855 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) ||
3856 !entry || !entry->lo.fields_vapic.guest_mode)
3862 entry->lo.fields_remap.valid = valid;
3863 entry->lo.fields_remap.dm = apic->irq_dest_mode;
3864 entry->lo.fields_remap.int_type = apic->irq_delivery_mode;
3865 entry->hi.fields.vector = cfg->vector;
3866 entry->lo.fields_remap.destination =
3867 APICID_TO_IRTE_DEST_LO(cfg->dest_apicid);
3868 entry->hi.fields.destination =
3869 APICID_TO_IRTE_DEST_HI(cfg->dest_apicid);
3871 return modify_irte_ga(ir_data->irq_2_irte.devid,
3872 ir_data->irq_2_irte.index, entry, ir_data);
3874 EXPORT_SYMBOL(amd_iommu_deactivate_guest_mode);
3876 static int amd_ir_set_vcpu_affinity(struct irq_data *data, void *vcpu_info)
3879 struct amd_iommu *iommu;
3880 struct amd_iommu_pi_data *pi_data = vcpu_info;
3881 struct vcpu_data *vcpu_pi_info = pi_data->vcpu_data;
3882 struct amd_ir_data *ir_data = data->chip_data;
3883 struct irq_2_irte *irte_info = &ir_data->irq_2_irte;
3884 struct iommu_dev_data *dev_data = search_dev_data(irte_info->devid);
3887 * This device has never been set up for guest mode.
3888 * we should not modify the IRTE
3890 if (!dev_data || !dev_data->use_vapic)
3893 ir_data->cfg = irqd_cfg(data);
3894 pi_data->ir_data = ir_data;
3897 * SVM tries to set up for VAPIC mode, but we are in
3898 * legacy mode. So, we force legacy mode instead.
3900 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir)) {
3901 pr_debug("%s: Fall back to using intr legacy remap\n",
3903 pi_data->is_guest_mode = false;
3906 iommu = amd_iommu_rlookup_table[irte_info->devid];
3910 pi_data->prev_ga_tag = ir_data->cached_ga_tag;
3911 if (pi_data->is_guest_mode) {
3912 ir_data->ga_root_ptr = (pi_data->base >> 12);
3913 ir_data->ga_vector = vcpu_pi_info->vector;
3914 ir_data->ga_tag = pi_data->ga_tag;
3915 ret = amd_iommu_activate_guest_mode(ir_data);
3917 ir_data->cached_ga_tag = pi_data->ga_tag;
3919 ret = amd_iommu_deactivate_guest_mode(ir_data);
3922 * This communicates the ga_tag back to the caller
3923 * so that it can do all the necessary clean up.
3926 ir_data->cached_ga_tag = 0;
3933 static void amd_ir_update_irte(struct irq_data *irqd, struct amd_iommu *iommu,
3934 struct amd_ir_data *ir_data,
3935 struct irq_2_irte *irte_info,
3936 struct irq_cfg *cfg)
3940 * Atomically updates the IRTE with the new destination, vector
3941 * and flushes the interrupt entry cache.
3943 iommu->irte_ops->set_affinity(ir_data->entry, irte_info->devid,
3944 irte_info->index, cfg->vector,
3948 static int amd_ir_set_affinity(struct irq_data *data,
3949 const struct cpumask *mask, bool force)
3951 struct amd_ir_data *ir_data = data->chip_data;
3952 struct irq_2_irte *irte_info = &ir_data->irq_2_irte;
3953 struct irq_cfg *cfg = irqd_cfg(data);
3954 struct irq_data *parent = data->parent_data;
3955 struct amd_iommu *iommu = amd_iommu_rlookup_table[irte_info->devid];
3961 ret = parent->chip->irq_set_affinity(parent, mask, force);
3962 if (ret < 0 || ret == IRQ_SET_MASK_OK_DONE)
3965 amd_ir_update_irte(data, iommu, ir_data, irte_info, cfg);
3967 * After this point, all the interrupts will start arriving
3968 * at the new destination. So, time to cleanup the previous
3969 * vector allocation.
3971 send_cleanup_vector(cfg);
3973 return IRQ_SET_MASK_OK_DONE;
3976 static void ir_compose_msi_msg(struct irq_data *irq_data, struct msi_msg *msg)
3978 struct amd_ir_data *ir_data = irq_data->chip_data;
3980 *msg = ir_data->msi_entry;
3983 static struct irq_chip amd_ir_chip = {
3985 .irq_ack = apic_ack_irq,
3986 .irq_set_affinity = amd_ir_set_affinity,
3987 .irq_set_vcpu_affinity = amd_ir_set_vcpu_affinity,
3988 .irq_compose_msi_msg = ir_compose_msi_msg,
3991 int amd_iommu_create_irq_domain(struct amd_iommu *iommu)
3993 struct fwnode_handle *fn;
3995 fn = irq_domain_alloc_named_id_fwnode("AMD-IR", iommu->index);
3998 iommu->ir_domain = irq_domain_create_tree(fn, &amd_ir_domain_ops, iommu);
3999 if (!iommu->ir_domain) {
4000 irq_domain_free_fwnode(fn);
4004 iommu->ir_domain->parent = arch_get_ir_parent_domain();
4005 iommu->msi_domain = arch_create_remap_msi_irq_domain(iommu->ir_domain,
4011 int amd_iommu_update_ga(int cpu, bool is_run, void *data)
4013 unsigned long flags;
4014 struct amd_iommu *iommu;
4015 struct irq_remap_table *table;
4016 struct amd_ir_data *ir_data = (struct amd_ir_data *)data;
4017 int devid = ir_data->irq_2_irte.devid;
4018 struct irte_ga *entry = (struct irte_ga *) ir_data->entry;
4019 struct irte_ga *ref = (struct irte_ga *) ir_data->ref;
4021 if (!AMD_IOMMU_GUEST_IR_VAPIC(amd_iommu_guest_ir) ||
4022 !ref || !entry || !entry->lo.fields_vapic.guest_mode)
4025 iommu = amd_iommu_rlookup_table[devid];
4029 table = get_irq_table(devid);
4033 raw_spin_lock_irqsave(&table->lock, flags);
4035 if (ref->lo.fields_vapic.guest_mode) {
4037 ref->lo.fields_vapic.destination =
4038 APICID_TO_IRTE_DEST_LO(cpu);
4039 ref->hi.fields.destination =
4040 APICID_TO_IRTE_DEST_HI(cpu);
4042 ref->lo.fields_vapic.is_run = is_run;
4046 raw_spin_unlock_irqrestore(&table->lock, flags);
4048 iommu_flush_irt(iommu, devid);
4049 iommu_completion_wait(iommu);
4052 EXPORT_SYMBOL(amd_iommu_update_ga);
projects / linux-2.6-microblaze.git / blob