3 * (C) COPYRIGHT 2010-2015 ARM Limited. All rights reserved.
5 * This program is free software and is provided to you under the terms of the
6 * GNU General Public License version 2 as published by the Free Software
7 * Foundation, and any use by you of this program is subject to the terms
10 * A copy of the licence is included with the program, and can also be obtained
11 * from Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
12 * Boston, MA 02110-1301, USA.
21 * @file mali_kbase_mmu.c
22 * Base kernel MMU management.
26 #include <linux/kernel.h>
27 #include <linux/dma-mapping.h>
28 #include <mali_kbase.h>
29 #include <mali_midg_regmap.h>
30 #if defined(CONFIG_MALI_GATOR_SUPPORT)
31 #include <mali_kbase_gator.h>
33 #if defined(CONFIG_MALI_MIPE_ENABLED)
34 #include <mali_kbase_tlstream.h>
36 #include <mali_kbase_debug.h>
38 #define beenthere(kctx, f, a...) dev_dbg(kctx->kbdev->dev, "%s:" f, __func__, ##a)
40 #include <mali_kbase_defs.h>
41 #include <mali_kbase_hw.h>
42 #include <mali_kbase_mmu_hw.h>
43 #include <mali_kbase_hwaccess_jm.h>
45 #define KBASE_MMU_PAGE_ENTRIES 512
48 * kbase_mmu_sync_pgd - sync page directory to memory
49 * @dev: Device pointer.
50 * @handle: Address of DMA region.
51 * @size: Size of the region to sync.
53 * This should be called after each page directory update.
56 static void kbase_mmu_sync_pgd(struct device *dev,
57 dma_addr_t handle, size_t size)
59 dma_sync_single_for_device(dev, handle, size, DMA_TO_DEVICE);
64 * - PGD: Page Directory.
65 * - PTE: Page Table Entry. A 64bit value pointing to the next
66 * level of translation
67 * - ATE: Address Transation Entry. A 64bit value pointing to
68 * a 4kB physical page.
71 static void kbase_mmu_report_fault_and_kill(struct kbase_context *kctx,
72 struct kbase_as *as, const char *reason_str);
75 static size_t make_multiple(size_t minimum, size_t multiple)
77 size_t remainder = minimum % multiple;
82 return minimum + multiple - remainder;
85 void page_fault_worker(struct work_struct *data)
91 struct kbase_as *faulting_as;
93 struct kbase_context *kctx;
94 struct kbase_device *kbdev;
95 struct kbase_va_region *region;
99 faulting_as = container_of(data, struct kbase_as, work_pagefault);
100 fault_pfn = faulting_as->fault_addr >> PAGE_SHIFT;
101 as_no = faulting_as->number;
103 kbdev = container_of(faulting_as, struct kbase_device, as[as_no]);
105 /* Grab the context that was already refcounted in kbase_mmu_interrupt().
106 * Therefore, it cannot be scheduled out of this AS until we explicitly release it
108 * NOTE: NULL can be returned here if we're gracefully handling a spurious interrupt */
109 kctx = kbasep_js_runpool_lookup_ctx_noretain(kbdev, as_no);
112 /* Only handle this if not already suspended */
113 if (!kbase_pm_context_active_handle_suspend(kbdev, KBASE_PM_SUSPEND_HANDLER_DONT_REACTIVATE)) {
114 /* Address space has no context, terminate the work */
116 /* AS transaction begin */
117 mutex_lock(&faulting_as->transaction_mutex);
119 kbase_mmu_disable_as(kbdev, as_no);
121 mutex_unlock(&faulting_as->transaction_mutex);
122 /* AS transaction end */
124 kbase_mmu_hw_clear_fault(kbdev, faulting_as, kctx,
125 KBASE_MMU_FAULT_TYPE_PAGE);
126 kbase_mmu_hw_enable_fault(kbdev, faulting_as, kctx,
127 KBASE_MMU_FAULT_TYPE_PAGE);
128 kbase_pm_context_idle(kbdev);
130 atomic_dec(&kbdev->faults_pending);
134 KBASE_DEBUG_ASSERT(kctx->kbdev == kbdev);
136 fault_status = faulting_as->fault_status;
137 switch (fault_status & AS_FAULTSTATUS_EXCEPTION_CODE_MASK) {
139 case AS_FAULTSTATUS_EXCEPTION_CODE_TRANSLATION_FAULT:
140 /* need to check against the region to handle this one */
143 case AS_FAULTSTATUS_EXCEPTION_CODE_PERMISSION_FAULT:
144 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
145 "Permission failure");
148 case AS_FAULTSTATUS_EXCEPTION_CODE_TRANSTAB_BUS_FAULT:
149 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
150 "Tranlation table bus fault");
153 case AS_FAULTSTATUS_EXCEPTION_CODE_ACCESS_FLAG:
154 /* nothing to do, but we don't expect this fault currently */
155 dev_warn(kbdev->dev, "Access flag unexpectedly set");
160 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
161 "Unknown fault code");
165 /* so we have a translation fault, let's see if it is for growable
167 kbase_gpu_vm_lock(kctx);
169 region = kbase_region_tracker_find_region_enclosing_address(kctx,
170 faulting_as->fault_addr);
171 if (!region || region->flags & KBASE_REG_FREE) {
172 kbase_gpu_vm_unlock(kctx);
173 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
174 "Memory is not mapped on the GPU");
178 if ((region->flags & GROWABLE_FLAGS_REQUIRED)
179 != GROWABLE_FLAGS_REQUIRED) {
180 kbase_gpu_vm_unlock(kctx);
181 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
182 "Memory is not growable");
186 /* find the size we need to grow it by */
187 /* we know the result fit in a size_t due to kbase_region_tracker_find_region_enclosing_address
188 * validating the fault_adress to be within a size_t from the start_pfn */
189 fault_rel_pfn = fault_pfn - region->start_pfn;
191 if (fault_rel_pfn < kbase_reg_current_backed_size(region)) {
192 dev_dbg(kbdev->dev, "Page fault @ 0x%llx in allocated region 0x%llx-0x%llx of growable TMEM: Ignoring",
193 faulting_as->fault_addr, region->start_pfn,
195 kbase_reg_current_backed_size(region));
197 kbase_mmu_hw_clear_fault(kbdev, faulting_as, kctx,
198 KBASE_MMU_FAULT_TYPE_PAGE);
199 /* [1] in case another page fault occurred while we were
200 * handling the (duplicate) page fault we need to ensure we
201 * don't loose the other page fault as result of us clearing
202 * the MMU IRQ. Therefore, after we clear the MMU IRQ we send
203 * an UNLOCK command that will retry any stalled memory
204 * transaction (which should cause the other page fault to be
207 kbase_mmu_hw_do_operation(kbdev, faulting_as, NULL, 0, 0,
208 AS_COMMAND_UNLOCK, 1);
209 kbase_mmu_hw_enable_fault(kbdev, faulting_as, kctx,
210 KBASE_MMU_FAULT_TYPE_PAGE);
211 kbase_gpu_vm_unlock(kctx);
216 new_pages = make_multiple(fault_rel_pfn -
217 kbase_reg_current_backed_size(region) + 1,
220 /* cap to max vsize */
221 if (new_pages + kbase_reg_current_backed_size(region) >
223 new_pages = region->nr_pages -
224 kbase_reg_current_backed_size(region);
226 if (0 == new_pages) {
227 /* Duplicate of a fault we've already handled, nothing to do */
228 kbase_mmu_hw_clear_fault(kbdev, faulting_as, kctx,
229 KBASE_MMU_FAULT_TYPE_PAGE);
230 /* See comment [1] about UNLOCK usage */
231 kbase_mmu_hw_do_operation(kbdev, faulting_as, NULL, 0, 0,
232 AS_COMMAND_UNLOCK, 1);
233 kbase_mmu_hw_enable_fault(kbdev, faulting_as, kctx,
234 KBASE_MMU_FAULT_TYPE_PAGE);
235 kbase_gpu_vm_unlock(kctx);
239 if (kbase_alloc_phy_pages_helper(region->gpu_alloc, new_pages) == 0) {
240 if (region->gpu_alloc != region->cpu_alloc) {
241 if (kbase_alloc_phy_pages_helper(
242 region->cpu_alloc, new_pages) == 0) {
245 kbase_free_phy_pages_helper(region->gpu_alloc,
258 KBASE_DEBUG_ASSERT(kbase_reg_current_backed_size(region) <= region->nr_pages);
260 /* AS transaction begin */
261 mutex_lock(&faulting_as->transaction_mutex);
263 /* set up the new pages */
264 err = kbase_mmu_insert_pages(kctx, region->start_pfn + kbase_reg_current_backed_size(region) - new_pages, &kbase_get_gpu_phy_pages(region)[kbase_reg_current_backed_size(region) - new_pages], new_pages, region->flags);
266 /* failed to insert pages, handle as a normal PF */
267 mutex_unlock(&faulting_as->transaction_mutex);
268 kbase_free_phy_pages_helper(region->gpu_alloc, new_pages);
269 if (region->gpu_alloc != region->cpu_alloc)
270 kbase_free_phy_pages_helper(region->cpu_alloc,
272 kbase_gpu_vm_unlock(kctx);
273 /* The locked VA region will be unlocked and the cache invalidated in here */
274 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
275 "Page table update failure");
278 #if defined(CONFIG_MALI_GATOR_SUPPORT)
279 kbase_trace_mali_page_fault_insert_pages(as_no, new_pages);
281 #if defined(CONFIG_MALI_MIPE_ENABLED)
282 kbase_tlstream_aux_pagefault(
284 atomic_read(&kctx->used_pages));
287 /* flush L2 and unlock the VA (resumes the MMU) */
288 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_6367))
289 op = AS_COMMAND_FLUSH;
291 op = AS_COMMAND_FLUSH_PT;
293 /* clear MMU interrupt - this needs to be done after updating
294 * the page tables but before issuing a FLUSH command. The
295 * FLUSH cmd has a side effect that it restarts stalled memory
296 * transactions in other address spaces which may cause
297 * another fault to occur. If we didn't clear the interrupt at
298 * this stage a new IRQ might not be raised when the GPU finds
299 * a MMU IRQ is already pending.
301 kbase_mmu_hw_clear_fault(kbdev, faulting_as, kctx,
302 KBASE_MMU_FAULT_TYPE_PAGE);
304 kbase_mmu_hw_do_operation(kbdev, faulting_as, kctx,
305 faulting_as->fault_addr >> PAGE_SHIFT,
309 mutex_unlock(&faulting_as->transaction_mutex);
310 /* AS transaction end */
312 /* reenable this in the mask */
313 kbase_mmu_hw_enable_fault(kbdev, faulting_as, kctx,
314 KBASE_MMU_FAULT_TYPE_PAGE);
315 kbase_gpu_vm_unlock(kctx);
317 /* failed to extend, handle as a normal PF */
318 kbase_gpu_vm_unlock(kctx);
319 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
320 "Page allocation failure");
325 * By this point, the fault was handled in some way,
326 * so release the ctx refcount
328 kbasep_js_runpool_release_ctx(kbdev, kctx);
330 atomic_dec(&kbdev->faults_pending);
333 phys_addr_t kbase_mmu_alloc_pgd(struct kbase_context *kctx)
340 KBASE_DEBUG_ASSERT(NULL != kctx);
341 kbase_atomic_add_pages(1, &kctx->used_pages);
342 kbase_atomic_add_pages(1, &kctx->kbdev->memdev.used_pages);
344 if (kbase_mem_allocator_alloc(kctx->pgd_allocator, 1, &pgd) != 0)
347 p = pfn_to_page(PFN_DOWN(pgd));
352 kbase_process_page_usage_inc(kctx, 1);
354 for (i = 0; i < KBASE_MMU_PAGE_ENTRIES; i++)
355 kctx->kbdev->mmu_mode->entry_invalidate(&page[i]);
357 kbase_mmu_sync_pgd(kctx->kbdev->dev, kbase_dma_addr(p), PAGE_SIZE);
359 kunmap(pfn_to_page(PFN_DOWN(pgd)));
363 kbase_mem_allocator_free(kctx->pgd_allocator, 1, &pgd, false);
365 kbase_atomic_sub_pages(1, &kctx->used_pages);
366 kbase_atomic_sub_pages(1, &kctx->kbdev->memdev.used_pages);
371 KBASE_EXPORT_TEST_API(kbase_mmu_alloc_pgd);
373 /* Given PGD PFN for level N, return PGD PFN for level N+1 */
374 static phys_addr_t mmu_get_next_pgd(struct kbase_context *kctx, phys_addr_t pgd, u64 vpfn, int level)
377 phys_addr_t target_pgd;
380 KBASE_DEBUG_ASSERT(pgd);
381 KBASE_DEBUG_ASSERT(NULL != kctx);
383 lockdep_assert_held(&kctx->reg_lock);
386 * Architecture spec defines level-0 as being the top-most.
387 * This is a bit unfortunate here, but we keep the same convention.
389 vpfn >>= (3 - level) * 9;
392 p = pfn_to_page(PFN_DOWN(pgd));
395 dev_warn(kctx->kbdev->dev, "mmu_get_next_pgd: kmap failure\n");
399 target_pgd = kctx->kbdev->mmu_mode->pte_to_phy_addr(page[vpfn]);
402 target_pgd = kbase_mmu_alloc_pgd(kctx);
404 dev_warn(kctx->kbdev->dev, "mmu_get_next_pgd: kbase_mmu_alloc_pgd failure\n");
409 kctx->kbdev->mmu_mode->entry_set_pte(&page[vpfn], target_pgd);
411 kbase_mmu_sync_pgd(kctx->kbdev->dev,
412 kbase_dma_addr(p), PAGE_SIZE);
413 /* Rely on the caller to update the address space flags. */
420 static phys_addr_t mmu_get_bottom_pgd(struct kbase_context *kctx, u64 vpfn)
427 for (l = MIDGARD_MMU_TOPLEVEL; l < 3; l++) {
428 pgd = mmu_get_next_pgd(kctx, pgd, vpfn, l);
429 /* Handle failure condition */
431 dev_warn(kctx->kbdev->dev, "mmu_get_bottom_pgd: mmu_get_next_pgd failure\n");
439 static phys_addr_t mmu_insert_pages_recover_get_next_pgd(struct kbase_context *kctx, phys_addr_t pgd, u64 vpfn, int level)
442 phys_addr_t target_pgd;
444 KBASE_DEBUG_ASSERT(pgd);
445 KBASE_DEBUG_ASSERT(NULL != kctx);
447 lockdep_assert_held(&kctx->reg_lock);
450 * Architecture spec defines level-0 as being the top-most.
451 * This is a bit unfortunate here, but we keep the same convention.
453 vpfn >>= (3 - level) * 9;
456 page = kmap_atomic(pfn_to_page(PFN_DOWN(pgd)));
457 /* kmap_atomic should NEVER fail */
458 KBASE_DEBUG_ASSERT(NULL != page);
460 target_pgd = kctx->kbdev->mmu_mode->pte_to_phy_addr(page[vpfn]);
461 /* As we are recovering from what has already been set up, we should have a target_pgd */
462 KBASE_DEBUG_ASSERT(0 != target_pgd);
467 static phys_addr_t mmu_insert_pages_recover_get_bottom_pgd(struct kbase_context *kctx, u64 vpfn)
474 for (l = MIDGARD_MMU_TOPLEVEL; l < 3; l++) {
475 pgd = mmu_insert_pages_recover_get_next_pgd(kctx, pgd, vpfn, l);
476 /* Should never fail */
477 KBASE_DEBUG_ASSERT(0 != pgd);
483 static void mmu_insert_pages_failure_recovery(struct kbase_context *kctx, u64 vpfn,
488 struct kbase_mmu_mode const *mmu_mode;
490 KBASE_DEBUG_ASSERT(NULL != kctx);
491 KBASE_DEBUG_ASSERT(0 != vpfn);
492 /* 64-bit address range is the max */
493 KBASE_DEBUG_ASSERT(vpfn <= (U64_MAX / PAGE_SIZE));
495 lockdep_assert_held(&kctx->reg_lock);
497 mmu_mode = kctx->kbdev->mmu_mode;
501 unsigned int index = vpfn & 0x1FF;
502 unsigned int count = KBASE_MMU_PAGE_ENTRIES - index;
508 pgd = mmu_insert_pages_recover_get_bottom_pgd(kctx, vpfn);
509 KBASE_DEBUG_ASSERT(0 != pgd);
511 p = pfn_to_page(PFN_DOWN(pgd));
513 pgd_page = kmap_atomic(p);
514 KBASE_DEBUG_ASSERT(NULL != pgd_page);
516 /* Invalidate the entries we added */
517 for (i = 0; i < count; i++)
518 mmu_mode->entry_invalidate(&pgd_page[index + i]);
523 kbase_mmu_sync_pgd(kctx->kbdev->dev,
527 kunmap_atomic(pgd_page);
532 * Map the single page 'phys' 'nr' of times, starting at GPU PFN 'vpfn'
534 int kbase_mmu_insert_single_page(struct kbase_context *kctx, u64 vpfn,
535 phys_addr_t phys, size_t nr,
540 /* In case the insert_single_page only partially completes we need to be
542 bool recover_required = false;
543 u64 recover_vpfn = vpfn;
544 size_t recover_count = 0;
546 KBASE_DEBUG_ASSERT(NULL != kctx);
547 KBASE_DEBUG_ASSERT(0 != vpfn);
548 /* 64-bit address range is the max */
549 KBASE_DEBUG_ASSERT(vpfn <= (U64_MAX / PAGE_SIZE));
551 lockdep_assert_held(&kctx->reg_lock);
555 unsigned int index = vpfn & 0x1FF;
556 unsigned int count = KBASE_MMU_PAGE_ENTRIES - index;
563 * Repeatedly calling mmu_get_bottom_pte() is clearly
564 * suboptimal. We don't have to re-parse the whole tree
565 * each time (just cache the l0-l2 sequence).
566 * On the other hand, it's only a gain when we map more than
567 * 256 pages at once (on average). Do we really care?
569 pgd = mmu_get_bottom_pgd(kctx, vpfn);
571 dev_warn(kctx->kbdev->dev, "kbase_mmu_insert_pages: mmu_get_bottom_pgd failure\n");
572 if (recover_required) {
573 /* Invalidate the pages we have partially
575 mmu_insert_pages_failure_recovery(kctx,
582 p = pfn_to_page(PFN_DOWN(pgd));
585 dev_warn(kctx->kbdev->dev, "kbase_mmu_insert_pages: kmap failure\n");
586 if (recover_required) {
587 /* Invalidate the pages we have partially
589 mmu_insert_pages_failure_recovery(kctx,
596 for (i = 0; i < count; i++) {
597 unsigned int ofs = index + i;
599 KBASE_DEBUG_ASSERT(0 == (pgd_page[ofs] & 1UL));
600 kctx->kbdev->mmu_mode->entry_set_ate(&pgd_page[ofs],
607 kbase_mmu_sync_pgd(kctx->kbdev->dev,
609 (index * sizeof(u64)),
610 count * sizeof(u64));
613 /* We have started modifying the page table.
614 * If further pages need inserting and fail we need to undo what
615 * has already taken place */
616 recover_required = true;
617 recover_count += count;
623 * Map 'nr' pages pointed to by 'phys' at GPU PFN 'vpfn'
625 int kbase_mmu_insert_pages(struct kbase_context *kctx, u64 vpfn,
626 phys_addr_t *phys, size_t nr,
631 /* In case the insert_pages only partially completes we need to be able
633 bool recover_required = false;
634 u64 recover_vpfn = vpfn;
635 size_t recover_count = 0;
637 KBASE_DEBUG_ASSERT(NULL != kctx);
638 KBASE_DEBUG_ASSERT(0 != vpfn);
639 /* 64-bit address range is the max */
640 KBASE_DEBUG_ASSERT(vpfn <= (U64_MAX / PAGE_SIZE));
642 lockdep_assert_held(&kctx->reg_lock);
646 unsigned int index = vpfn & 0x1FF;
647 unsigned int count = KBASE_MMU_PAGE_ENTRIES - index;
654 * Repeatedly calling mmu_get_bottom_pte() is clearly
655 * suboptimal. We don't have to re-parse the whole tree
656 * each time (just cache the l0-l2 sequence).
657 * On the other hand, it's only a gain when we map more than
658 * 256 pages at once (on average). Do we really care?
660 pgd = mmu_get_bottom_pgd(kctx, vpfn);
662 dev_warn(kctx->kbdev->dev, "kbase_mmu_insert_pages: mmu_get_bottom_pgd failure\n");
663 if (recover_required) {
664 /* Invalidate the pages we have partially
666 mmu_insert_pages_failure_recovery(kctx,
673 p = pfn_to_page(PFN_DOWN(pgd));
676 dev_warn(kctx->kbdev->dev, "kbase_mmu_insert_pages: kmap failure\n");
677 if (recover_required) {
678 /* Invalidate the pages we have partially
680 mmu_insert_pages_failure_recovery(kctx,
687 for (i = 0; i < count; i++) {
688 unsigned int ofs = index + i;
690 KBASE_DEBUG_ASSERT(0 == (pgd_page[ofs] & 1UL));
691 kctx->kbdev->mmu_mode->entry_set_ate(&pgd_page[ofs],
699 kbase_mmu_sync_pgd(kctx->kbdev->dev,
701 (index * sizeof(u64)),
702 count * sizeof(u64));
705 /* We have started modifying the page table. If further pages
706 * need inserting and fail we need to undo what has already
708 recover_required = true;
709 recover_count += count;
714 KBASE_EXPORT_TEST_API(kbase_mmu_insert_pages);
717 * This function is responsible for validating the MMU PTs
718 * triggering reguired flushes.
720 * * IMPORTANT: This uses kbasep_js_runpool_release_ctx() when the context is
721 * currently scheduled into the runpool, and so potentially uses a lot of locks.
722 * These locks must be taken in the correct order with respect to others
723 * already held by the caller. Refer to kbasep_js_runpool_release_ctx() for more
726 static void kbase_mmu_flush(struct kbase_context *kctx, u64 vpfn, size_t nr)
728 struct kbase_device *kbdev;
729 bool ctx_is_in_runpool;
731 KBASE_DEBUG_ASSERT(NULL != kctx);
735 /* We must flush if we're currently running jobs. At the very least, we need to retain the
736 * context to ensure it doesn't schedule out whilst we're trying to flush it */
737 ctx_is_in_runpool = kbasep_js_runpool_retain_ctx(kbdev, kctx);
739 if (ctx_is_in_runpool) {
740 KBASE_DEBUG_ASSERT(kctx->as_nr != KBASEP_AS_NR_INVALID);
742 /* Second level check is to try to only do this when jobs are running. The refcount is
743 * a heuristic for this. */
744 if (kbdev->js_data.runpool_irq.per_as_data[kctx->as_nr].as_busy_refcount >= 2) {
745 if (!kbase_pm_context_active_handle_suspend(kbdev,
746 KBASE_PM_SUSPEND_HANDLER_DONT_REACTIVATE)) {
750 /* AS transaction begin */
751 mutex_lock(&kbdev->as[
752 kctx->as_nr].transaction_mutex);
754 if (kbase_hw_has_issue(kbdev,
756 op = AS_COMMAND_FLUSH;
758 op = AS_COMMAND_FLUSH_MEM;
760 ret = kbase_mmu_hw_do_operation(kbdev,
761 &kbdev->as[kctx->as_nr],
764 #if KBASE_GPU_RESET_EN
766 /* Flush failed to complete, assume the
767 * GPU has hung and perform a reset to
769 dev_err(kbdev->dev, "Flush for GPU page table update did not complete. Issueing GPU soft-reset to recover\n");
770 if (kbase_prepare_to_reset_gpu(kbdev))
771 kbase_reset_gpu(kbdev);
773 #endif /* KBASE_GPU_RESET_EN */
775 mutex_unlock(&kbdev->as[
776 kctx->as_nr].transaction_mutex);
777 /* AS transaction end */
779 kbase_pm_context_idle(kbdev);
782 kbasep_js_runpool_release_ctx(kbdev, kctx);
787 * We actually only discard the ATE, and not the page table
788 * pages. There is a potential DoS here, as we'll leak memory by
789 * having PTEs that are potentially unused. Will require physical
790 * page accounting, so MMU pages are part of the process allocation.
792 * IMPORTANT: This uses kbasep_js_runpool_release_ctx() when the context is
793 * currently scheduled into the runpool, and so potentially uses a lot of locks.
794 * These locks must be taken in the correct order with respect to others
795 * already held by the caller. Refer to kbasep_js_runpool_release_ctx() for more
798 int kbase_mmu_teardown_pages(struct kbase_context *kctx, u64 vpfn, size_t nr)
802 struct kbase_device *kbdev;
803 size_t requested_nr = nr;
804 struct kbase_mmu_mode const *mmu_mode;
806 KBASE_DEBUG_ASSERT(NULL != kctx);
807 beenthere(kctx, "kctx %p vpfn %lx nr %zd", (void *)kctx, (unsigned long)vpfn, nr);
809 lockdep_assert_held(&kctx->reg_lock);
812 /* early out if nothing to do */
817 mmu_mode = kbdev->mmu_mode;
821 unsigned int index = vpfn & 0x1FF;
822 unsigned int count = KBASE_MMU_PAGE_ENTRIES - index;
828 pgd = mmu_get_bottom_pgd(kctx, vpfn);
830 dev_warn(kbdev->dev, "kbase_mmu_teardown_pages: mmu_get_bottom_pgd failure\n");
834 p = pfn_to_page(PFN_DOWN(pgd));
837 dev_warn(kbdev->dev, "kbase_mmu_teardown_pages: kmap failure\n");
841 for (i = 0; i < count; i++)
842 mmu_mode->entry_invalidate(&pgd_page[index + i]);
847 kbase_mmu_sync_pgd(kctx->kbdev->dev,
849 (index * sizeof(u64)),
850 count * sizeof(u64));
855 kbase_mmu_flush(kctx, vpfn, requested_nr);
859 KBASE_EXPORT_TEST_API(kbase_mmu_teardown_pages);
862 * Update the entries for specified number of pages pointed to by 'phys' at GPU PFN 'vpfn'.
863 * This call is being triggered as a response to the changes of the mem attributes
865 * @pre : The caller is responsible for validating the memory attributes
867 * IMPORTANT: This uses kbasep_js_runpool_release_ctx() when the context is
868 * currently scheduled into the runpool, and so potentially uses a lot of locks.
869 * These locks must be taken in the correct order with respect to others
870 * already held by the caller. Refer to kbasep_js_runpool_release_ctx() for more
873 int kbase_mmu_update_pages(struct kbase_context *kctx, u64 vpfn, phys_addr_t *phys, size_t nr, unsigned long flags)
877 size_t requested_nr = nr;
878 struct kbase_mmu_mode const *mmu_mode;
880 KBASE_DEBUG_ASSERT(NULL != kctx);
881 KBASE_DEBUG_ASSERT(0 != vpfn);
882 KBASE_DEBUG_ASSERT(vpfn <= (U64_MAX / PAGE_SIZE));
884 lockdep_assert_held(&kctx->reg_lock);
886 mmu_mode = kctx->kbdev->mmu_mode;
888 dev_warn(kctx->kbdev->dev, "kbase_mmu_update_pages(): updating page share flags on GPU PFN 0x%llx from phys %p, %zu pages",
893 unsigned int index = vpfn & 0x1FF;
894 size_t count = KBASE_MMU_PAGE_ENTRIES - index;
900 pgd = mmu_get_bottom_pgd(kctx, vpfn);
902 dev_warn(kctx->kbdev->dev, "mmu_get_bottom_pgd failure\n");
906 p = pfn_to_page(PFN_DOWN(pgd));
909 dev_warn(kctx->kbdev->dev, "kmap failure\n");
913 for (i = 0; i < count; i++)
914 mmu_mode->entry_set_ate(&pgd_page[index + i], phys[i],
921 kbase_mmu_sync_pgd(kctx->kbdev->dev,
923 (index * sizeof(u64)),
924 count * sizeof(u64));
926 kunmap(pfn_to_page(PFN_DOWN(pgd)));
929 kbase_mmu_flush(kctx, vpfn, requested_nr);
934 /* This is a debug feature only */
935 static void mmu_check_unused(struct kbase_context *kctx, phys_addr_t pgd)
940 page = kmap_atomic(pfn_to_page(PFN_DOWN(pgd)));
941 /* kmap_atomic should NEVER fail. */
942 KBASE_DEBUG_ASSERT(NULL != page);
944 for (i = 0; i < KBASE_MMU_PAGE_ENTRIES; i++) {
945 if (kctx->kbdev->mmu_mode->ate_is_valid(page[i]))
946 beenthere(kctx, "live pte %016lx", (unsigned long)page[i]);
951 static void mmu_teardown_level(struct kbase_context *kctx, phys_addr_t pgd, int level, int zap, u64 *pgd_page_buffer)
953 phys_addr_t target_pgd;
956 struct kbase_mmu_mode const *mmu_mode;
958 KBASE_DEBUG_ASSERT(NULL != kctx);
959 lockdep_assert_held(&kctx->reg_lock);
961 pgd_page = kmap_atomic(pfn_to_page(PFN_DOWN(pgd)));
962 /* kmap_atomic should NEVER fail. */
963 KBASE_DEBUG_ASSERT(NULL != pgd_page);
964 /* Copy the page to our preallocated buffer so that we can minimize kmap_atomic usage */
965 memcpy(pgd_page_buffer, pgd_page, PAGE_SIZE);
966 kunmap_atomic(pgd_page);
967 pgd_page = pgd_page_buffer;
969 mmu_mode = kctx->kbdev->mmu_mode;
971 for (i = 0; i < KBASE_MMU_PAGE_ENTRIES; i++) {
972 target_pgd = mmu_mode->pte_to_phy_addr(pgd_page[i]);
976 mmu_teardown_level(kctx, target_pgd, level + 1, zap, pgd_page_buffer + (PAGE_SIZE / sizeof(u64)));
979 * So target_pte is a level-3 page.
980 * As a leaf, it is safe to free it.
981 * Unless we have live pages attached to it!
983 mmu_check_unused(kctx, target_pgd);
986 beenthere(kctx, "pte %lx level %d", (unsigned long)target_pgd, level + 1);
988 kbase_mem_allocator_free(kctx->pgd_allocator, 1, &target_pgd, true);
989 kbase_process_page_usage_dec(kctx, 1);
990 kbase_atomic_sub_pages(1, &kctx->used_pages);
991 kbase_atomic_sub_pages(1, &kctx->kbdev->memdev.used_pages);
997 int kbase_mmu_init(struct kbase_context *kctx)
999 KBASE_DEBUG_ASSERT(NULL != kctx);
1000 KBASE_DEBUG_ASSERT(NULL == kctx->mmu_teardown_pages);
1002 /* Preallocate MMU depth of four pages for mmu_teardown_level to use */
1003 kctx->mmu_teardown_pages = kmalloc(PAGE_SIZE * 4, GFP_KERNEL);
1005 if (NULL == kctx->mmu_teardown_pages)
1011 void kbase_mmu_term(struct kbase_context *kctx)
1013 KBASE_DEBUG_ASSERT(NULL != kctx);
1014 KBASE_DEBUG_ASSERT(NULL != kctx->mmu_teardown_pages);
1016 kfree(kctx->mmu_teardown_pages);
1017 kctx->mmu_teardown_pages = NULL;
1020 void kbase_mmu_free_pgd(struct kbase_context *kctx)
1022 KBASE_DEBUG_ASSERT(NULL != kctx);
1023 KBASE_DEBUG_ASSERT(NULL != kctx->mmu_teardown_pages);
1025 lockdep_assert_held(&kctx->reg_lock);
1027 mmu_teardown_level(kctx, kctx->pgd, MIDGARD_MMU_TOPLEVEL, 1, kctx->mmu_teardown_pages);
1029 beenthere(kctx, "pgd %lx", (unsigned long)kctx->pgd);
1030 kbase_mem_allocator_free(kctx->pgd_allocator, 1, &kctx->pgd, true);
1031 kbase_process_page_usage_dec(kctx, 1);
1032 kbase_atomic_sub_pages(1, &kctx->used_pages);
1033 kbase_atomic_sub_pages(1, &kctx->kbdev->memdev.used_pages);
1036 KBASE_EXPORT_TEST_API(kbase_mmu_free_pgd);
1038 static size_t kbasep_mmu_dump_level(struct kbase_context *kctx, phys_addr_t pgd, int level, char ** const buffer, size_t *size_left)
1040 phys_addr_t target_pgd;
1043 size_t size = KBASE_MMU_PAGE_ENTRIES * sizeof(u64) + sizeof(u64);
1045 struct kbase_mmu_mode const *mmu_mode;
1047 KBASE_DEBUG_ASSERT(NULL != kctx);
1048 lockdep_assert_held(&kctx->reg_lock);
1050 mmu_mode = kctx->kbdev->mmu_mode;
1052 pgd_page = kmap(pfn_to_page(PFN_DOWN(pgd)));
1054 dev_warn(kctx->kbdev->dev, "kbasep_mmu_dump_level: kmap failure\n");
1058 if (*size_left >= size) {
1059 /* A modified physical address that contains the page table level */
1060 u64 m_pgd = pgd | level;
1062 /* Put the modified physical address in the output buffer */
1063 memcpy(*buffer, &m_pgd, sizeof(m_pgd));
1064 *buffer += sizeof(m_pgd);
1066 /* Followed by the page table itself */
1067 memcpy(*buffer, pgd_page, sizeof(u64) * KBASE_MMU_PAGE_ENTRIES);
1068 *buffer += sizeof(u64) * KBASE_MMU_PAGE_ENTRIES;
1073 for (i = 0; i < KBASE_MMU_PAGE_ENTRIES; i++) {
1074 if (mmu_mode->pte_is_valid(pgd_page[i])) {
1075 target_pgd = mmu_mode->pte_to_phy_addr(pgd_page[i]);
1077 dump_size = kbasep_mmu_dump_level(kctx, target_pgd, level + 1, buffer, size_left);
1079 kunmap(pfn_to_page(PFN_DOWN(pgd)));
1086 kunmap(pfn_to_page(PFN_DOWN(pgd)));
1091 void *kbase_mmu_dump(struct kbase_context *kctx, int nr_pages)
1096 KBASE_DEBUG_ASSERT(kctx);
1098 lockdep_assert_held(&kctx->reg_lock);
1100 if (0 == nr_pages) {
1101 /* can't find in a 0 sized buffer, early out */
1105 size_left = nr_pages * PAGE_SIZE;
1107 KBASE_DEBUG_ASSERT(0 != size_left);
1108 kaddr = vmalloc_user(size_left);
1111 u64 end_marker = 0xFFULL;
1112 char *buffer = (char *)kaddr;
1113 size_t size = kbasep_mmu_dump_level(kctx, kctx->pgd, MIDGARD_MMU_TOPLEVEL, &buffer, &size_left);
1120 /* Add on the size for the end marker */
1121 size += sizeof(u64);
1123 if (size > nr_pages * PAGE_SIZE || size_left < sizeof(u64)) {
1124 /* The buffer isn't big enough - free the memory and return failure */
1129 /* Add the end marker */
1130 memcpy(buffer, &end_marker, sizeof(u64));
1135 KBASE_EXPORT_TEST_API(kbase_mmu_dump);
1137 void bus_fault_worker(struct work_struct *data)
1139 struct kbase_as *faulting_as;
1141 struct kbase_context *kctx;
1142 struct kbase_device *kbdev;
1143 #if KBASE_GPU_RESET_EN
1144 bool reset_status = false;
1145 #endif /* KBASE_GPU_RESET_EN */
1147 faulting_as = container_of(data, struct kbase_as, work_busfault);
1149 as_no = faulting_as->number;
1151 kbdev = container_of(faulting_as, struct kbase_device, as[as_no]);
1153 /* Grab the context that was already refcounted in kbase_mmu_interrupt().
1154 * Therefore, it cannot be scheduled out of this AS until we explicitly release it
1156 * NOTE: NULL can be returned here if we're gracefully handling a spurious interrupt */
1157 kctx = kbasep_js_runpool_lookup_ctx_noretain(kbdev, as_no);
1158 #if KBASE_GPU_RESET_EN
1159 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_8245)) {
1160 /* Due to H/W issue 8245 we need to reset the GPU after using UNMAPPED mode.
1161 * We start the reset before switching to UNMAPPED to ensure that unrelated jobs
1162 * are evicted from the GPU before the switch.
1164 dev_err(kbdev->dev, "GPU bus error occurred. For this GPU version we now soft-reset as part of bus error recovery\n");
1165 reset_status = kbase_prepare_to_reset_gpu(kbdev);
1167 #endif /* KBASE_GPU_RESET_EN */
1168 /* NOTE: If GPU already powered off for suspend, we don't need to switch to unmapped */
1169 if (!kbase_pm_context_active_handle_suspend(kbdev, KBASE_PM_SUSPEND_HANDLER_DONT_REACTIVATE)) {
1171 /* switch to UNMAPPED mode, will abort all jobs and stop any hw counter dumping */
1172 /* AS transaction begin */
1173 mutex_lock(&kbdev->as[as_no].transaction_mutex);
1175 /* Set the MMU into unmapped mode */
1176 kbase_mmu_disable_as(kbdev, as_no);
1178 mutex_unlock(&kbdev->as[as_no].transaction_mutex);
1179 /* AS transaction end */
1181 kbase_mmu_hw_clear_fault(kbdev, faulting_as, kctx,
1182 KBASE_MMU_FAULT_TYPE_BUS);
1183 kbase_mmu_hw_enable_fault(kbdev, faulting_as, kctx,
1184 KBASE_MMU_FAULT_TYPE_BUS);
1186 kbase_pm_context_idle(kbdev);
1188 #if KBASE_GPU_RESET_EN
1189 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_8245) && reset_status)
1190 kbase_reset_gpu(kbdev);
1191 #endif /* KBASE_GPU_RESET_EN */
1192 /* By this point, the fault was handled in some way, so release the ctx refcount */
1194 kbasep_js_runpool_release_ctx(kbdev, kctx);
1196 atomic_dec(&kbdev->faults_pending);
1199 const char *kbase_exception_name(struct kbase_device *kbdev, u32 exception_code)
1203 switch (exception_code) {
1204 /* Non-Fault Status code */
1206 e = "NOT_STARTED/IDLE/OK";
1223 /* Job exceptions */
1225 e = "JOB_CONFIG_FAULT";
1228 e = "JOB_POWER_FAULT";
1231 e = "JOB_READ_FAULT";
1234 e = "JOB_WRITE_FAULT";
1237 e = "JOB_AFFINITY_FAULT";
1240 e = "JOB_BUS_FAULT";
1243 e = "INSTR_INVALID_PC";
1246 e = "INSTR_INVALID_ENC";
1249 e = "INSTR_TYPE_MISMATCH";
1252 e = "INSTR_OPERAND_FAULT";
1255 e = "INSTR_TLS_FAULT";
1258 e = "INSTR_BARRIER_FAULT";
1261 e = "INSTR_ALIGN_FAULT";
1264 e = "DATA_INVALID_FAULT";
1267 e = "TILE_RANGE_FAULT";
1270 e = "ADDR_RANGE_FAULT";
1273 e = "OUT_OF_MEMORY";
1275 /* GPU exceptions */
1277 e = "DELAYED_BUS_FAULT";
1280 e = "SHAREABILITY_FAULT";
1282 /* MMU exceptions */
1291 e = "TRANSLATION_FAULT";
1294 e = "PERMISSION_FAULT";
1304 e = "TRANSTAB_BUS_FAULT";
1318 static const char *access_type_name(struct kbase_device *kbdev,
1321 switch (fault_status & AS_FAULTSTATUS_ACCESS_TYPE_MASK) {
1323 case AS_FAULTSTATUS_ACCESS_TYPE_READ:
1325 case AS_FAULTSTATUS_ACCESS_TYPE_WRITE:
1327 case AS_FAULTSTATUS_ACCESS_TYPE_EX:
1330 KBASE_DEBUG_ASSERT(0);
1336 * The caller must ensure it's retained the ctx to prevent it from being scheduled out whilst it's being worked on.
1338 static void kbase_mmu_report_fault_and_kill(struct kbase_context *kctx,
1339 struct kbase_as *as, const char *reason_str)
1341 unsigned long flags;
1346 struct kbase_device *kbdev;
1347 struct kbasep_js_device_data *js_devdata;
1349 #if KBASE_GPU_RESET_EN
1350 bool reset_status = false;
1354 kbdev = kctx->kbdev;
1355 js_devdata = &kbdev->js_data;
1357 /* ASSERT that the context won't leave the runpool */
1358 KBASE_DEBUG_ASSERT(kbasep_js_debug_check_ctx_refcount(kbdev, kctx) > 0);
1360 /* decode the fault status */
1361 exception_type = as->fault_status & 0xFF;
1362 access_type = (as->fault_status >> 8) & 0x3;
1363 source_id = (as->fault_status >> 16);
1365 /* terminal fault, print info about the fault */
1367 "Unhandled Page fault in AS%d at VA 0x%016llX\n"
1369 "raw fault status 0x%X\n"
1370 "decoded fault status: %s\n"
1371 "exception type 0x%X: %s\n"
1372 "access type 0x%X: %s\n"
1375 as_no, as->fault_addr,
1378 (as->fault_status & (1 << 10) ? "DECODER FAULT" : "SLAVE FAULT"),
1379 exception_type, kbase_exception_name(kbdev, exception_type),
1380 access_type, access_type_name(kbdev, as->fault_status),
1384 /* hardware counters dump fault handling */
1385 if ((kbdev->hwcnt.kctx) && (kbdev->hwcnt.kctx->as_nr == as_no) &&
1386 (kbdev->hwcnt.backend.state ==
1387 KBASE_INSTR_STATE_DUMPING)) {
1388 unsigned int num_core_groups = kbdev->gpu_props.num_core_groups;
1390 if ((as->fault_addr >= kbdev->hwcnt.addr) &&
1391 (as->fault_addr < (kbdev->hwcnt.addr +
1392 (num_core_groups * 2048))))
1393 kbdev->hwcnt.backend.state = KBASE_INSTR_STATE_FAULT;
1396 /* Stop the kctx from submitting more jobs and cause it to be scheduled
1397 * out/rescheduled - this will occur on releasing the context's refcount */
1398 spin_lock_irqsave(&js_devdata->runpool_irq.lock, flags);
1399 kbasep_js_clear_submit_allowed(js_devdata, kctx);
1400 spin_unlock_irqrestore(&js_devdata->runpool_irq.lock, flags);
1402 /* Kill any running jobs from the context. Submit is disallowed, so no more jobs from this
1403 * context can appear in the job slots from this point on */
1404 kbase_backend_jm_kill_jobs_from_kctx(kctx);
1405 /* AS transaction begin */
1406 mutex_lock(&as->transaction_mutex);
1407 #if KBASE_GPU_RESET_EN
1408 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_8245)) {
1409 /* Due to H/W issue 8245 we need to reset the GPU after using UNMAPPED mode.
1410 * We start the reset before switching to UNMAPPED to ensure that unrelated jobs
1411 * are evicted from the GPU before the switch.
1413 dev_err(kbdev->dev, "Unhandled page fault. For this GPU version we now soft-reset the GPU as part of page fault recovery.");
1414 reset_status = kbase_prepare_to_reset_gpu(kbdev);
1416 #endif /* KBASE_GPU_RESET_EN */
1417 /* switch to UNMAPPED mode, will abort all jobs and stop any hw counter dumping */
1418 kbase_mmu_disable_as(kbdev, as_no);
1420 mutex_unlock(&as->transaction_mutex);
1421 /* AS transaction end */
1422 /* Clear down the fault */
1423 kbase_mmu_hw_clear_fault(kbdev, as, kctx, KBASE_MMU_FAULT_TYPE_PAGE);
1424 kbase_mmu_hw_enable_fault(kbdev, as, kctx, KBASE_MMU_FAULT_TYPE_PAGE);
1426 #if KBASE_GPU_RESET_EN
1427 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_8245) && reset_status)
1428 kbase_reset_gpu(kbdev);
1429 #endif /* KBASE_GPU_RESET_EN */
1432 void kbasep_as_do_poke(struct work_struct *work)
1434 struct kbase_as *as;
1435 struct kbase_device *kbdev;
1436 struct kbase_context *kctx;
1437 unsigned long flags;
1439 KBASE_DEBUG_ASSERT(work);
1440 as = container_of(work, struct kbase_as, poke_work);
1441 kbdev = container_of(as, struct kbase_device, as[as->number]);
1442 KBASE_DEBUG_ASSERT(as->poke_state & KBASE_AS_POKE_STATE_IN_FLIGHT);
1444 /* GPU power will already be active by virtue of the caller holding a JS
1445 * reference on the address space, and will not release it until this worker
1448 /* Further to the comment above, we know that while this function is running
1449 * the AS will not be released as before the atom is released this workqueue
1450 * is flushed (in kbase_as_poking_timer_release_atom)
1452 kctx = kbasep_js_runpool_lookup_ctx_noretain(kbdev, as->number);
1454 /* AS transaction begin */
1455 mutex_lock(&as->transaction_mutex);
1456 /* Force a uTLB invalidate */
1457 kbase_mmu_hw_do_operation(kbdev, as, kctx, 0, 0,
1458 AS_COMMAND_UNLOCK, 0);
1459 mutex_unlock(&as->transaction_mutex);
1460 /* AS transaction end */
1462 spin_lock_irqsave(&kbdev->js_data.runpool_irq.lock, flags);
1463 if (as->poke_refcount &&
1464 !(as->poke_state & KBASE_AS_POKE_STATE_KILLING_POKE)) {
1465 /* Only queue up the timer if we need it, and we're not trying to kill it */
1466 hrtimer_start(&as->poke_timer, HR_TIMER_DELAY_MSEC(5), HRTIMER_MODE_REL);
1468 spin_unlock_irqrestore(&kbdev->js_data.runpool_irq.lock, flags);
1471 enum hrtimer_restart kbasep_as_poke_timer_callback(struct hrtimer *timer)
1473 struct kbase_as *as;
1476 KBASE_DEBUG_ASSERT(NULL != timer);
1477 as = container_of(timer, struct kbase_as, poke_timer);
1478 KBASE_DEBUG_ASSERT(as->poke_state & KBASE_AS_POKE_STATE_IN_FLIGHT);
1480 queue_work_ret = queue_work(as->poke_wq, &as->poke_work);
1481 KBASE_DEBUG_ASSERT(queue_work_ret);
1482 return HRTIMER_NORESTART;
1486 * Retain the poking timer on an atom's context (if the atom hasn't already
1487 * done so), and start the timer (if it's not already started).
1489 * This must only be called on a context that's scheduled in, and an atom
1490 * that's running on the GPU.
1492 * The caller must hold kbasep_js_device_data::runpool_irq::lock
1494 * This can be called safely from atomic context
1496 void kbase_as_poking_timer_retain_atom(struct kbase_device *kbdev, struct kbase_context *kctx, struct kbase_jd_atom *katom)
1498 struct kbase_as *as;
1500 KBASE_DEBUG_ASSERT(kbdev);
1501 KBASE_DEBUG_ASSERT(kctx);
1502 KBASE_DEBUG_ASSERT(katom);
1503 KBASE_DEBUG_ASSERT(kctx->as_nr != KBASEP_AS_NR_INVALID);
1504 lockdep_assert_held(&kbdev->js_data.runpool_irq.lock);
1511 /* It's safe to work on the as/as_nr without an explicit reference,
1512 * because the caller holds the runpool_irq lock, and the atom itself
1513 * was also running and had already taken a reference */
1514 as = &kbdev->as[kctx->as_nr];
1516 if (++(as->poke_refcount) == 1) {
1517 /* First refcount for poke needed: check if not already in flight */
1518 if (!as->poke_state) {
1519 /* need to start poking */
1520 as->poke_state |= KBASE_AS_POKE_STATE_IN_FLIGHT;
1521 queue_work(as->poke_wq, &as->poke_work);
1527 * If an atom holds a poking timer, release it and wait for it to finish
1529 * This must only be called on a context that's scheduled in, and an atom
1530 * that still has a JS reference on the context
1532 * This must \b not be called from atomic context, since it can sleep.
1534 void kbase_as_poking_timer_release_atom(struct kbase_device *kbdev, struct kbase_context *kctx, struct kbase_jd_atom *katom)
1536 struct kbase_as *as;
1537 unsigned long flags;
1539 KBASE_DEBUG_ASSERT(kbdev);
1540 KBASE_DEBUG_ASSERT(kctx);
1541 KBASE_DEBUG_ASSERT(katom);
1542 KBASE_DEBUG_ASSERT(kctx->as_nr != KBASEP_AS_NR_INVALID);
1547 as = &kbdev->as[kctx->as_nr];
1549 spin_lock_irqsave(&kbdev->js_data.runpool_irq.lock, flags);
1550 KBASE_DEBUG_ASSERT(as->poke_refcount > 0);
1551 KBASE_DEBUG_ASSERT(as->poke_state & KBASE_AS_POKE_STATE_IN_FLIGHT);
1553 if (--(as->poke_refcount) == 0) {
1554 as->poke_state |= KBASE_AS_POKE_STATE_KILLING_POKE;
1555 spin_unlock_irqrestore(&kbdev->js_data.runpool_irq.lock, flags);
1557 hrtimer_cancel(&as->poke_timer);
1558 flush_workqueue(as->poke_wq);
1560 spin_lock_irqsave(&kbdev->js_data.runpool_irq.lock, flags);
1562 /* Re-check whether it's still needed */
1563 if (as->poke_refcount) {
1565 /* Poking still needed:
1566 * - Another retain will not be starting the timer or queueing work,
1567 * because it's still marked as in-flight
1568 * - The hrtimer has finished, and has not started a new timer or
1569 * queued work because it's been marked as killing
1571 * So whatever happens now, just queue the work again */
1572 as->poke_state &= ~((kbase_as_poke_state)KBASE_AS_POKE_STATE_KILLING_POKE);
1573 queue_work_ret = queue_work(as->poke_wq, &as->poke_work);
1574 KBASE_DEBUG_ASSERT(queue_work_ret);
1576 /* It isn't - so mark it as not in flight, and not killing */
1577 as->poke_state = 0u;
1579 /* The poke associated with the atom has now finished. If this is
1580 * also the last atom on the context, then we can guarentee no more
1581 * pokes (and thus no more poking register accesses) will occur on
1582 * the context until new atoms are run */
1585 spin_unlock_irqrestore(&kbdev->js_data.runpool_irq.lock, flags);
1590 void kbase_mmu_interrupt_process(struct kbase_device *kbdev, struct kbase_context *kctx, struct kbase_as *as)
1592 struct kbasep_js_device_data *js_devdata = &kbdev->js_data;
1594 lockdep_assert_held(&kbdev->js_data.runpool_irq.lock);
1597 dev_warn(kbdev->dev, "%s in AS%d at 0x%016llx with no context present! Suprious IRQ or SW Design Error?\n",
1598 kbase_as_has_bus_fault(as) ? "Bus error" : "Page fault",
1599 as->number, as->fault_addr);
1602 if (kbase_as_has_bus_fault(as)) {
1605 * hw counters dumping in progress, signal the
1606 * other thread that it failed
1608 if ((kbdev->hwcnt.kctx == kctx) &&
1609 (kbdev->hwcnt.backend.state ==
1610 KBASE_INSTR_STATE_DUMPING))
1611 kbdev->hwcnt.backend.state =
1612 KBASE_INSTR_STATE_FAULT;
1615 * Stop the kctx from submitting more jobs and cause it
1616 * to be scheduled out/rescheduled when all references
1617 * to it are released
1619 kbasep_js_clear_submit_allowed(js_devdata, kctx);
1621 dev_warn(kbdev->dev, "Bus error in AS%d at 0x%016llx\n",
1622 as->number, as->fault_addr);
1627 * We need to switch to UNMAPPED mode - but we do this in a
1628 * worker so that we can sleep
1630 kbdev->kbase_group_error++;
1631 KBASE_DEBUG_ASSERT(0 == object_is_on_stack(&as->work_busfault));
1632 WARN_ON(work_pending(&as->work_busfault));
1633 INIT_WORK(&as->work_busfault, bus_fault_worker);
1634 queue_work(as->pf_wq, &as->work_busfault);
1635 atomic_inc(&kbdev->faults_pending);
1637 kbdev->kbase_group_error++;
1638 KBASE_DEBUG_ASSERT(0 == object_is_on_stack(&as->work_pagefault));
1639 WARN_ON(work_pending(&as->work_pagefault));
1640 INIT_WORK(&as->work_pagefault, page_fault_worker);
1641 queue_work(as->pf_wq, &as->work_pagefault);
1642 atomic_inc(&kbdev->faults_pending);
1646 void kbase_flush_mmu_wqs(struct kbase_device *kbdev)
1650 for (i = 0; i < kbdev->nr_hw_address_spaces; i++) {
1651 struct kbase_as *as = &kbdev->as[i];
1653 flush_workqueue(as->pf_wq);
projects / firefly-linux-kernel-4.4.55.git / blob