3 * (C) COPYRIGHT 2010-2015 ARM Limited. All rights reserved.
5 * This program is free software and is provided to you under the terms of the
6 * GNU General Public License version 2 as published by the Free Software
7 * Foundation, and any use by you of this program is subject to the terms
10 * A copy of the licence is included with the program, and can also be obtained
11 * from Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
12 * Boston, MA 02110-1301, USA.
21 * @file mali_kbase_mmu.c
22 * Base kernel MMU management.
26 #include <linux/kernel.h>
27 #include <linux/dma-mapping.h>
28 #include <mali_kbase.h>
29 #include <mali_midg_regmap.h>
30 #if defined(CONFIG_MALI_GATOR_SUPPORT)
31 #include <mali_kbase_gator.h>
33 #if defined(CONFIG_MALI_MIPE_ENABLED)
34 #include <mali_kbase_tlstream.h>
36 #include <mali_kbase_debug.h>
38 #define beenthere(kctx, f, a...) dev_dbg(kctx->kbdev->dev, "%s:" f, __func__, ##a)
40 #include <mali_kbase_defs.h>
41 #include <mali_kbase_hw.h>
42 #include <mali_kbase_mmu_hw.h>
43 #include <mali_kbase_hwaccess_jm.h>
45 #define KBASE_MMU_PAGE_ENTRIES 512
48 * kbase_mmu_sync_pgd - sync page directory to memory
49 * @kbdev: Device pointer.
50 * @handle: Address of DMA region.
51 * @size: Size of the region to sync.
53 * This should be called after each page directory update.
56 static void kbase_mmu_sync_pgd(struct kbase_device *kbdev,
57 dma_addr_t handle, size_t size)
60 dma_sync_single_for_device(kbdev->dev, handle, size, DMA_TO_DEVICE);
65 * - PGD: Page Directory.
66 * - PTE: Page Table Entry. A 64bit value pointing to the next
67 * level of translation
68 * - ATE: Address Transation Entry. A 64bit value pointing to
69 * a 4kB physical page.
72 static void kbase_mmu_report_fault_and_kill(struct kbase_context *kctx,
73 struct kbase_as *as, const char *reason_str);
76 static size_t make_multiple(size_t minimum, size_t multiple)
78 size_t remainder = minimum % multiple;
83 return minimum + multiple - remainder;
86 void page_fault_worker(struct work_struct *data)
92 struct kbase_as *faulting_as;
94 struct kbase_context *kctx;
95 struct kbase_device *kbdev;
96 struct kbase_va_region *region;
100 faulting_as = container_of(data, struct kbase_as, work_pagefault);
101 fault_pfn = faulting_as->fault_addr >> PAGE_SHIFT;
102 as_no = faulting_as->number;
104 kbdev = container_of(faulting_as, struct kbase_device, as[as_no]);
106 /* Grab the context that was already refcounted in kbase_mmu_interrupt().
107 * Therefore, it cannot be scheduled out of this AS until we explicitly release it
109 kctx = kbasep_js_runpool_lookup_ctx_noretain(kbdev, as_no);
110 if (WARN_ON(!kctx)) {
111 atomic_dec(&kbdev->faults_pending);
115 KBASE_DEBUG_ASSERT(kctx->kbdev == kbdev);
117 fault_status = faulting_as->fault_status;
118 switch (fault_status & AS_FAULTSTATUS_EXCEPTION_CODE_MASK) {
120 case AS_FAULTSTATUS_EXCEPTION_CODE_TRANSLATION_FAULT:
121 /* need to check against the region to handle this one */
124 case AS_FAULTSTATUS_EXCEPTION_CODE_PERMISSION_FAULT:
125 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
126 "Permission failure");
129 case AS_FAULTSTATUS_EXCEPTION_CODE_TRANSTAB_BUS_FAULT:
130 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
131 "Tranlation table bus fault");
134 case AS_FAULTSTATUS_EXCEPTION_CODE_ACCESS_FLAG:
135 /* nothing to do, but we don't expect this fault currently */
136 dev_warn(kbdev->dev, "Access flag unexpectedly set");
141 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
142 "Unknown fault code");
146 /* so we have a translation fault, let's see if it is for growable
148 kbase_gpu_vm_lock(kctx);
150 region = kbase_region_tracker_find_region_enclosing_address(kctx,
151 faulting_as->fault_addr);
152 if (!region || region->flags & KBASE_REG_FREE) {
153 kbase_gpu_vm_unlock(kctx);
154 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
155 "Memory is not mapped on the GPU");
159 if ((region->flags & GROWABLE_FLAGS_REQUIRED)
160 != GROWABLE_FLAGS_REQUIRED) {
161 kbase_gpu_vm_unlock(kctx);
162 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
163 "Memory is not growable");
167 /* find the size we need to grow it by */
168 /* we know the result fit in a size_t due to kbase_region_tracker_find_region_enclosing_address
169 * validating the fault_adress to be within a size_t from the start_pfn */
170 fault_rel_pfn = fault_pfn - region->start_pfn;
172 if (fault_rel_pfn < kbase_reg_current_backed_size(region)) {
173 dev_dbg(kbdev->dev, "Page fault @ 0x%llx in allocated region 0x%llx-0x%llx of growable TMEM: Ignoring",
174 faulting_as->fault_addr, region->start_pfn,
176 kbase_reg_current_backed_size(region));
178 kbase_mmu_hw_clear_fault(kbdev, faulting_as, kctx,
179 KBASE_MMU_FAULT_TYPE_PAGE);
180 /* [1] in case another page fault occurred while we were
181 * handling the (duplicate) page fault we need to ensure we
182 * don't loose the other page fault as result of us clearing
183 * the MMU IRQ. Therefore, after we clear the MMU IRQ we send
184 * an UNLOCK command that will retry any stalled memory
185 * transaction (which should cause the other page fault to be
188 kbase_mmu_hw_do_operation(kbdev, faulting_as, NULL, 0, 0,
189 AS_COMMAND_UNLOCK, 1);
190 kbase_mmu_hw_enable_fault(kbdev, faulting_as, kctx,
191 KBASE_MMU_FAULT_TYPE_PAGE);
192 kbase_gpu_vm_unlock(kctx);
197 new_pages = make_multiple(fault_rel_pfn -
198 kbase_reg_current_backed_size(region) + 1,
201 /* cap to max vsize */
202 if (new_pages + kbase_reg_current_backed_size(region) >
204 new_pages = region->nr_pages -
205 kbase_reg_current_backed_size(region);
207 if (0 == new_pages) {
208 /* Duplicate of a fault we've already handled, nothing to do */
209 kbase_mmu_hw_clear_fault(kbdev, faulting_as, kctx,
210 KBASE_MMU_FAULT_TYPE_PAGE);
211 /* See comment [1] about UNLOCK usage */
212 kbase_mmu_hw_do_operation(kbdev, faulting_as, NULL, 0, 0,
213 AS_COMMAND_UNLOCK, 1);
214 kbase_mmu_hw_enable_fault(kbdev, faulting_as, kctx,
215 KBASE_MMU_FAULT_TYPE_PAGE);
216 kbase_gpu_vm_unlock(kctx);
220 if (kbase_alloc_phy_pages_helper(region->gpu_alloc, new_pages) == 0) {
221 if (region->gpu_alloc != region->cpu_alloc) {
222 if (kbase_alloc_phy_pages_helper(
223 region->cpu_alloc, new_pages) == 0) {
226 kbase_free_phy_pages_helper(region->gpu_alloc,
239 KBASE_DEBUG_ASSERT(kbase_reg_current_backed_size(region) <= region->nr_pages);
241 /* AS transaction begin */
242 mutex_lock(&faulting_as->transaction_mutex);
244 /* set up the new pages */
245 err = kbase_mmu_insert_pages(kctx, region->start_pfn + kbase_reg_current_backed_size(region) - new_pages, &kbase_get_gpu_phy_pages(region)[kbase_reg_current_backed_size(region) - new_pages], new_pages, region->flags);
247 /* failed to insert pages, handle as a normal PF */
248 mutex_unlock(&faulting_as->transaction_mutex);
249 kbase_free_phy_pages_helper(region->gpu_alloc, new_pages);
250 if (region->gpu_alloc != region->cpu_alloc)
251 kbase_free_phy_pages_helper(region->cpu_alloc,
253 kbase_gpu_vm_unlock(kctx);
254 /* The locked VA region will be unlocked and the cache invalidated in here */
255 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
256 "Page table update failure");
259 #if defined(CONFIG_MALI_GATOR_SUPPORT)
260 kbase_trace_mali_page_fault_insert_pages(as_no, new_pages);
262 #if defined(CONFIG_MALI_MIPE_ENABLED)
263 kbase_tlstream_aux_pagefault(kctx->id, (u64)new_pages);
266 /* flush L2 and unlock the VA (resumes the MMU) */
267 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_6367))
268 op = AS_COMMAND_FLUSH;
270 op = AS_COMMAND_FLUSH_PT;
272 /* clear MMU interrupt - this needs to be done after updating
273 * the page tables but before issuing a FLUSH command. The
274 * FLUSH cmd has a side effect that it restarts stalled memory
275 * transactions in other address spaces which may cause
276 * another fault to occur. If we didn't clear the interrupt at
277 * this stage a new IRQ might not be raised when the GPU finds
278 * a MMU IRQ is already pending.
280 kbase_mmu_hw_clear_fault(kbdev, faulting_as, kctx,
281 KBASE_MMU_FAULT_TYPE_PAGE);
283 kbase_mmu_hw_do_operation(kbdev, faulting_as, kctx,
284 faulting_as->fault_addr >> PAGE_SHIFT,
288 mutex_unlock(&faulting_as->transaction_mutex);
289 /* AS transaction end */
291 /* reenable this in the mask */
292 kbase_mmu_hw_enable_fault(kbdev, faulting_as, kctx,
293 KBASE_MMU_FAULT_TYPE_PAGE);
294 kbase_gpu_vm_unlock(kctx);
296 /* failed to extend, handle as a normal PF */
297 kbase_gpu_vm_unlock(kctx);
298 kbase_mmu_report_fault_and_kill(kctx, faulting_as,
299 "Page allocation failure");
304 * By this point, the fault was handled in some way,
305 * so release the ctx refcount
307 kbasep_js_runpool_release_ctx(kbdev, kctx);
309 atomic_dec(&kbdev->faults_pending);
312 phys_addr_t kbase_mmu_alloc_pgd(struct kbase_context *kctx)
317 int new_page_count __maybe_unused;
319 KBASE_DEBUG_ASSERT(NULL != kctx);
320 new_page_count = kbase_atomic_add_pages(1, &kctx->used_pages);
321 kbase_atomic_add_pages(1, &kctx->kbdev->memdev.used_pages);
323 p = kbase_mem_pool_alloc(&kctx->mem_pool);
327 #if defined(CONFIG_MALI_MIPE_ENABLED)
328 kbase_tlstream_aux_pagesalloc(
330 (u64)new_page_count);
337 kbase_process_page_usage_inc(kctx, 1);
339 for (i = 0; i < KBASE_MMU_PAGE_ENTRIES; i++)
340 kctx->kbdev->mmu_mode->entry_invalidate(&page[i]);
342 kbase_mmu_sync_pgd(kctx->kbdev, kbase_dma_addr(p), PAGE_SIZE);
345 return page_to_phys(p);
348 kbase_mem_pool_free(&kctx->mem_pool, p, false);
350 kbase_atomic_sub_pages(1, &kctx->used_pages);
351 kbase_atomic_sub_pages(1, &kctx->kbdev->memdev.used_pages);
356 KBASE_EXPORT_TEST_API(kbase_mmu_alloc_pgd);
358 /* Given PGD PFN for level N, return PGD PFN for level N+1 */
359 static phys_addr_t mmu_get_next_pgd(struct kbase_context *kctx, phys_addr_t pgd, u64 vpfn, int level)
362 phys_addr_t target_pgd;
365 KBASE_DEBUG_ASSERT(pgd);
366 KBASE_DEBUG_ASSERT(NULL != kctx);
368 lockdep_assert_held(&kctx->reg_lock);
371 * Architecture spec defines level-0 as being the top-most.
372 * This is a bit unfortunate here, but we keep the same convention.
374 vpfn >>= (3 - level) * 9;
377 p = pfn_to_page(PFN_DOWN(pgd));
380 dev_warn(kctx->kbdev->dev, "mmu_get_next_pgd: kmap failure\n");
384 target_pgd = kctx->kbdev->mmu_mode->pte_to_phy_addr(page[vpfn]);
387 target_pgd = kbase_mmu_alloc_pgd(kctx);
389 dev_warn(kctx->kbdev->dev, "mmu_get_next_pgd: kbase_mmu_alloc_pgd failure\n");
394 kctx->kbdev->mmu_mode->entry_set_pte(&page[vpfn], target_pgd);
396 kbase_mmu_sync_pgd(kctx->kbdev, kbase_dma_addr(p), PAGE_SIZE);
397 /* Rely on the caller to update the address space flags. */
404 static phys_addr_t mmu_get_bottom_pgd(struct kbase_context *kctx, u64 vpfn)
411 for (l = MIDGARD_MMU_TOPLEVEL; l < MIDGARD_MMU_BOTTOMLEVEL; l++) {
412 pgd = mmu_get_next_pgd(kctx, pgd, vpfn, l);
413 /* Handle failure condition */
415 dev_warn(kctx->kbdev->dev, "mmu_get_bottom_pgd: mmu_get_next_pgd failure\n");
423 static phys_addr_t mmu_insert_pages_recover_get_next_pgd(struct kbase_context *kctx, phys_addr_t pgd, u64 vpfn, int level)
426 phys_addr_t target_pgd;
428 KBASE_DEBUG_ASSERT(pgd);
429 KBASE_DEBUG_ASSERT(NULL != kctx);
431 lockdep_assert_held(&kctx->reg_lock);
434 * Architecture spec defines level-0 as being the top-most.
435 * This is a bit unfortunate here, but we keep the same convention.
437 vpfn >>= (3 - level) * 9;
440 page = kmap_atomic(pfn_to_page(PFN_DOWN(pgd)));
441 /* kmap_atomic should NEVER fail */
442 KBASE_DEBUG_ASSERT(NULL != page);
444 target_pgd = kctx->kbdev->mmu_mode->pte_to_phy_addr(page[vpfn]);
445 /* As we are recovering from what has already been set up, we should have a target_pgd */
446 KBASE_DEBUG_ASSERT(0 != target_pgd);
451 static phys_addr_t mmu_insert_pages_recover_get_bottom_pgd(struct kbase_context *kctx, u64 vpfn)
458 for (l = MIDGARD_MMU_TOPLEVEL; l < MIDGARD_MMU_BOTTOMLEVEL; l++) {
459 pgd = mmu_insert_pages_recover_get_next_pgd(kctx, pgd, vpfn, l);
460 /* Should never fail */
461 KBASE_DEBUG_ASSERT(0 != pgd);
467 static void mmu_insert_pages_failure_recovery(struct kbase_context *kctx, u64 vpfn,
472 struct kbase_mmu_mode const *mmu_mode;
474 KBASE_DEBUG_ASSERT(NULL != kctx);
475 KBASE_DEBUG_ASSERT(0 != vpfn);
476 /* 64-bit address range is the max */
477 KBASE_DEBUG_ASSERT(vpfn <= (U64_MAX / PAGE_SIZE));
479 lockdep_assert_held(&kctx->reg_lock);
481 mmu_mode = kctx->kbdev->mmu_mode;
485 unsigned int index = vpfn & 0x1FF;
486 unsigned int count = KBASE_MMU_PAGE_ENTRIES - index;
492 pgd = mmu_insert_pages_recover_get_bottom_pgd(kctx, vpfn);
493 KBASE_DEBUG_ASSERT(0 != pgd);
495 p = pfn_to_page(PFN_DOWN(pgd));
497 pgd_page = kmap_atomic(p);
498 KBASE_DEBUG_ASSERT(NULL != pgd_page);
500 /* Invalidate the entries we added */
501 for (i = 0; i < count; i++)
502 mmu_mode->entry_invalidate(&pgd_page[index + i]);
507 kbase_mmu_sync_pgd(kctx->kbdev, kbase_dma_addr(p), PAGE_SIZE);
509 kunmap_atomic(pgd_page);
514 * Map the single page 'phys' 'nr' of times, starting at GPU PFN 'vpfn'
516 int kbase_mmu_insert_single_page(struct kbase_context *kctx, u64 vpfn,
517 phys_addr_t phys, size_t nr,
522 /* In case the insert_single_page only partially completes we need to be
524 bool recover_required = false;
525 u64 recover_vpfn = vpfn;
526 size_t recover_count = 0;
528 KBASE_DEBUG_ASSERT(NULL != kctx);
529 KBASE_DEBUG_ASSERT(0 != vpfn);
530 /* 64-bit address range is the max */
531 KBASE_DEBUG_ASSERT(vpfn <= (U64_MAX / PAGE_SIZE));
533 lockdep_assert_held(&kctx->reg_lock);
537 unsigned int index = vpfn & 0x1FF;
538 unsigned int count = KBASE_MMU_PAGE_ENTRIES - index;
545 * Repeatedly calling mmu_get_bottom_pte() is clearly
546 * suboptimal. We don't have to re-parse the whole tree
547 * each time (just cache the l0-l2 sequence).
548 * On the other hand, it's only a gain when we map more than
549 * 256 pages at once (on average). Do we really care?
551 pgd = mmu_get_bottom_pgd(kctx, vpfn);
553 dev_warn(kctx->kbdev->dev, "kbase_mmu_insert_pages: mmu_get_bottom_pgd failure\n");
554 if (recover_required) {
555 /* Invalidate the pages we have partially
557 mmu_insert_pages_failure_recovery(kctx,
564 p = pfn_to_page(PFN_DOWN(pgd));
567 dev_warn(kctx->kbdev->dev, "kbase_mmu_insert_pages: kmap failure\n");
568 if (recover_required) {
569 /* Invalidate the pages we have partially
571 mmu_insert_pages_failure_recovery(kctx,
578 for (i = 0; i < count; i++) {
579 unsigned int ofs = index + i;
581 KBASE_DEBUG_ASSERT(0 == (pgd_page[ofs] & 1UL));
582 kctx->kbdev->mmu_mode->entry_set_ate(&pgd_page[ofs],
589 kbase_mmu_sync_pgd(kctx->kbdev,
590 kbase_dma_addr(p) + (index * sizeof(u64)),
591 count * sizeof(u64));
594 /* We have started modifying the page table.
595 * If further pages need inserting and fail we need to undo what
596 * has already taken place */
597 recover_required = true;
598 recover_count += count;
604 * Map 'nr' pages pointed to by 'phys' at GPU PFN 'vpfn'
606 int kbase_mmu_insert_pages(struct kbase_context *kctx, u64 vpfn,
607 phys_addr_t *phys, size_t nr,
612 /* In case the insert_pages only partially completes we need to be able
614 bool recover_required = false;
615 u64 recover_vpfn = vpfn;
616 size_t recover_count = 0;
618 KBASE_DEBUG_ASSERT(NULL != kctx);
619 KBASE_DEBUG_ASSERT(0 != vpfn);
620 /* 64-bit address range is the max */
621 KBASE_DEBUG_ASSERT(vpfn <= (U64_MAX / PAGE_SIZE));
623 lockdep_assert_held(&kctx->reg_lock);
627 unsigned int index = vpfn & 0x1FF;
628 unsigned int count = KBASE_MMU_PAGE_ENTRIES - index;
635 * Repeatedly calling mmu_get_bottom_pte() is clearly
636 * suboptimal. We don't have to re-parse the whole tree
637 * each time (just cache the l0-l2 sequence).
638 * On the other hand, it's only a gain when we map more than
639 * 256 pages at once (on average). Do we really care?
641 pgd = mmu_get_bottom_pgd(kctx, vpfn);
643 dev_warn(kctx->kbdev->dev, "kbase_mmu_insert_pages: mmu_get_bottom_pgd failure\n");
644 if (recover_required) {
645 /* Invalidate the pages we have partially
647 mmu_insert_pages_failure_recovery(kctx,
654 p = pfn_to_page(PFN_DOWN(pgd));
657 dev_warn(kctx->kbdev->dev, "kbase_mmu_insert_pages: kmap failure\n");
658 if (recover_required) {
659 /* Invalidate the pages we have partially
661 mmu_insert_pages_failure_recovery(kctx,
668 for (i = 0; i < count; i++) {
669 unsigned int ofs = index + i;
671 KBASE_DEBUG_ASSERT(0 == (pgd_page[ofs] & 1UL));
672 kctx->kbdev->mmu_mode->entry_set_ate(&pgd_page[ofs],
680 kbase_mmu_sync_pgd(kctx->kbdev,
681 kbase_dma_addr(p) + (index * sizeof(u64)),
682 count * sizeof(u64));
685 /* We have started modifying the page table. If further pages
686 * need inserting and fail we need to undo what has already
688 recover_required = true;
689 recover_count += count;
694 KBASE_EXPORT_TEST_API(kbase_mmu_insert_pages);
697 * This function is responsible for validating the MMU PTs
698 * triggering reguired flushes.
700 * * IMPORTANT: This uses kbasep_js_runpool_release_ctx() when the context is
701 * currently scheduled into the runpool, and so potentially uses a lot of locks.
702 * These locks must be taken in the correct order with respect to others
703 * already held by the caller. Refer to kbasep_js_runpool_release_ctx() for more
706 static void kbase_mmu_flush(struct kbase_context *kctx, u64 vpfn, size_t nr)
708 struct kbase_device *kbdev;
709 bool ctx_is_in_runpool;
711 KBASE_DEBUG_ASSERT(NULL != kctx);
715 /* We must flush if we're currently running jobs. At the very least, we need to retain the
716 * context to ensure it doesn't schedule out whilst we're trying to flush it */
717 ctx_is_in_runpool = kbasep_js_runpool_retain_ctx(kbdev, kctx);
719 if (ctx_is_in_runpool) {
720 KBASE_DEBUG_ASSERT(kctx->as_nr != KBASEP_AS_NR_INVALID);
722 /* Second level check is to try to only do this when jobs are running. The refcount is
723 * a heuristic for this. */
724 if (kbdev->js_data.runpool_irq.per_as_data[kctx->as_nr].as_busy_refcount >= 2) {
725 if (!kbase_pm_context_active_handle_suspend(kbdev,
726 KBASE_PM_SUSPEND_HANDLER_DONT_REACTIVATE)) {
730 /* AS transaction begin */
731 mutex_lock(&kbdev->as[
732 kctx->as_nr].transaction_mutex);
734 if (kbase_hw_has_issue(kbdev,
736 op = AS_COMMAND_FLUSH;
738 op = AS_COMMAND_FLUSH_MEM;
740 ret = kbase_mmu_hw_do_operation(kbdev,
741 &kbdev->as[kctx->as_nr],
744 #if KBASE_GPU_RESET_EN
746 /* Flush failed to complete, assume the
747 * GPU has hung and perform a reset to
749 dev_err(kbdev->dev, "Flush for GPU page table update did not complete. Issueing GPU soft-reset to recover\n");
750 if (kbase_prepare_to_reset_gpu(kbdev))
751 kbase_reset_gpu(kbdev);
753 #endif /* KBASE_GPU_RESET_EN */
755 mutex_unlock(&kbdev->as[
756 kctx->as_nr].transaction_mutex);
757 /* AS transaction end */
759 kbase_pm_context_idle(kbdev);
762 kbasep_js_runpool_release_ctx(kbdev, kctx);
767 * We actually only discard the ATE, and not the page table
768 * pages. There is a potential DoS here, as we'll leak memory by
769 * having PTEs that are potentially unused. Will require physical
770 * page accounting, so MMU pages are part of the process allocation.
772 * IMPORTANT: This uses kbasep_js_runpool_release_ctx() when the context is
773 * currently scheduled into the runpool, and so potentially uses a lot of locks.
774 * These locks must be taken in the correct order with respect to others
775 * already held by the caller. Refer to kbasep_js_runpool_release_ctx() for more
778 int kbase_mmu_teardown_pages(struct kbase_context *kctx, u64 vpfn, size_t nr)
782 struct kbase_device *kbdev;
783 size_t requested_nr = nr;
784 struct kbase_mmu_mode const *mmu_mode;
786 KBASE_DEBUG_ASSERT(NULL != kctx);
787 beenthere(kctx, "kctx %p vpfn %lx nr %zd", (void *)kctx, (unsigned long)vpfn, nr);
789 lockdep_assert_held(&kctx->reg_lock);
792 /* early out if nothing to do */
797 mmu_mode = kbdev->mmu_mode;
801 unsigned int index = vpfn & 0x1FF;
802 unsigned int count = KBASE_MMU_PAGE_ENTRIES - index;
808 pgd = mmu_get_bottom_pgd(kctx, vpfn);
810 dev_warn(kbdev->dev, "kbase_mmu_teardown_pages: mmu_get_bottom_pgd failure\n");
814 p = pfn_to_page(PFN_DOWN(pgd));
817 dev_warn(kbdev->dev, "kbase_mmu_teardown_pages: kmap failure\n");
821 for (i = 0; i < count; i++)
822 mmu_mode->entry_invalidate(&pgd_page[index + i]);
827 kbase_mmu_sync_pgd(kctx->kbdev,
828 kbase_dma_addr(p) + (index * sizeof(u64)),
829 count * sizeof(u64));
834 kbase_mmu_flush(kctx, vpfn, requested_nr);
838 KBASE_EXPORT_TEST_API(kbase_mmu_teardown_pages);
841 * Update the entries for specified number of pages pointed to by 'phys' at GPU PFN 'vpfn'.
842 * This call is being triggered as a response to the changes of the mem attributes
844 * @pre : The caller is responsible for validating the memory attributes
846 * IMPORTANT: This uses kbasep_js_runpool_release_ctx() when the context is
847 * currently scheduled into the runpool, and so potentially uses a lot of locks.
848 * These locks must be taken in the correct order with respect to others
849 * already held by the caller. Refer to kbasep_js_runpool_release_ctx() for more
852 int kbase_mmu_update_pages(struct kbase_context *kctx, u64 vpfn, phys_addr_t *phys, size_t nr, unsigned long flags)
856 size_t requested_nr = nr;
857 struct kbase_mmu_mode const *mmu_mode;
859 KBASE_DEBUG_ASSERT(NULL != kctx);
860 KBASE_DEBUG_ASSERT(0 != vpfn);
861 KBASE_DEBUG_ASSERT(vpfn <= (U64_MAX / PAGE_SIZE));
863 lockdep_assert_held(&kctx->reg_lock);
865 mmu_mode = kctx->kbdev->mmu_mode;
867 dev_warn(kctx->kbdev->dev, "kbase_mmu_update_pages(): updating page share flags on GPU PFN 0x%llx from phys %p, %zu pages",
872 unsigned int index = vpfn & 0x1FF;
873 size_t count = KBASE_MMU_PAGE_ENTRIES - index;
879 pgd = mmu_get_bottom_pgd(kctx, vpfn);
881 dev_warn(kctx->kbdev->dev, "mmu_get_bottom_pgd failure\n");
885 p = pfn_to_page(PFN_DOWN(pgd));
888 dev_warn(kctx->kbdev->dev, "kmap failure\n");
892 for (i = 0; i < count; i++)
893 mmu_mode->entry_set_ate(&pgd_page[index + i], phys[i],
900 kbase_mmu_sync_pgd(kctx->kbdev,
901 kbase_dma_addr(p) + (index * sizeof(u64)),
902 count * sizeof(u64));
904 kunmap(pfn_to_page(PFN_DOWN(pgd)));
907 kbase_mmu_flush(kctx, vpfn, requested_nr);
912 /* This is a debug feature only */
913 static void mmu_check_unused(struct kbase_context *kctx, phys_addr_t pgd)
918 page = kmap_atomic(pfn_to_page(PFN_DOWN(pgd)));
919 /* kmap_atomic should NEVER fail. */
920 KBASE_DEBUG_ASSERT(NULL != page);
922 for (i = 0; i < KBASE_MMU_PAGE_ENTRIES; i++) {
923 if (kctx->kbdev->mmu_mode->ate_is_valid(page[i]))
924 beenthere(kctx, "live pte %016lx", (unsigned long)page[i]);
929 static void mmu_teardown_level(struct kbase_context *kctx, phys_addr_t pgd, int level, int zap, u64 *pgd_page_buffer)
931 phys_addr_t target_pgd;
934 struct kbase_mmu_mode const *mmu_mode;
936 KBASE_DEBUG_ASSERT(NULL != kctx);
937 lockdep_assert_held(&kctx->reg_lock);
939 pgd_page = kmap_atomic(pfn_to_page(PFN_DOWN(pgd)));
940 /* kmap_atomic should NEVER fail. */
941 KBASE_DEBUG_ASSERT(NULL != pgd_page);
942 /* Copy the page to our preallocated buffer so that we can minimize kmap_atomic usage */
943 memcpy(pgd_page_buffer, pgd_page, PAGE_SIZE);
944 kunmap_atomic(pgd_page);
945 pgd_page = pgd_page_buffer;
947 mmu_mode = kctx->kbdev->mmu_mode;
949 for (i = 0; i < KBASE_MMU_PAGE_ENTRIES; i++) {
950 target_pgd = mmu_mode->pte_to_phy_addr(pgd_page[i]);
953 if (level < (MIDGARD_MMU_BOTTOMLEVEL - 1)) {
954 mmu_teardown_level(kctx, target_pgd, level + 1, zap, pgd_page_buffer + (PAGE_SIZE / sizeof(u64)));
957 * So target_pte is a level-3 page.
958 * As a leaf, it is safe to free it.
959 * Unless we have live pages attached to it!
961 mmu_check_unused(kctx, target_pgd);
964 beenthere(kctx, "pte %lx level %d", (unsigned long)target_pgd, level + 1);
966 struct page *p = phys_to_page(target_pgd);
968 kbase_mem_pool_free(&kctx->mem_pool, p, true);
969 kbase_process_page_usage_dec(kctx, 1);
970 kbase_atomic_sub_pages(1, &kctx->used_pages);
971 kbase_atomic_sub_pages(1, &kctx->kbdev->memdev.used_pages);
977 int kbase_mmu_init(struct kbase_context *kctx)
979 KBASE_DEBUG_ASSERT(NULL != kctx);
980 KBASE_DEBUG_ASSERT(NULL == kctx->mmu_teardown_pages);
982 /* Preallocate MMU depth of four pages for mmu_teardown_level to use */
983 kctx->mmu_teardown_pages = kmalloc(PAGE_SIZE * 4, GFP_KERNEL);
985 if (NULL == kctx->mmu_teardown_pages)
991 void kbase_mmu_term(struct kbase_context *kctx)
993 KBASE_DEBUG_ASSERT(NULL != kctx);
994 KBASE_DEBUG_ASSERT(NULL != kctx->mmu_teardown_pages);
996 kfree(kctx->mmu_teardown_pages);
997 kctx->mmu_teardown_pages = NULL;
1000 void kbase_mmu_free_pgd(struct kbase_context *kctx)
1002 int new_page_count __maybe_unused;
1004 KBASE_DEBUG_ASSERT(NULL != kctx);
1005 KBASE_DEBUG_ASSERT(NULL != kctx->mmu_teardown_pages);
1007 lockdep_assert_held(&kctx->reg_lock);
1009 mmu_teardown_level(kctx, kctx->pgd, MIDGARD_MMU_TOPLEVEL, 1, kctx->mmu_teardown_pages);
1011 beenthere(kctx, "pgd %lx", (unsigned long)kctx->pgd);
1012 kbase_mem_pool_free(&kctx->mem_pool, phys_to_page(kctx->pgd), true);
1013 kbase_process_page_usage_dec(kctx, 1);
1014 new_page_count = kbase_atomic_sub_pages(1, &kctx->used_pages);
1015 kbase_atomic_sub_pages(1, &kctx->kbdev->memdev.used_pages);
1017 #if defined(CONFIG_MALI_MIPE_ENABLED)
1018 kbase_tlstream_aux_pagesalloc(
1020 (u64)new_page_count);
1024 KBASE_EXPORT_TEST_API(kbase_mmu_free_pgd);
1026 static size_t kbasep_mmu_dump_level(struct kbase_context *kctx, phys_addr_t pgd, int level, char ** const buffer, size_t *size_left)
1028 phys_addr_t target_pgd;
1031 size_t size = KBASE_MMU_PAGE_ENTRIES * sizeof(u64) + sizeof(u64);
1033 struct kbase_mmu_mode const *mmu_mode;
1035 KBASE_DEBUG_ASSERT(NULL != kctx);
1036 lockdep_assert_held(&kctx->reg_lock);
1038 mmu_mode = kctx->kbdev->mmu_mode;
1040 pgd_page = kmap(pfn_to_page(PFN_DOWN(pgd)));
1042 dev_warn(kctx->kbdev->dev, "kbasep_mmu_dump_level: kmap failure\n");
1046 if (*size_left >= size) {
1047 /* A modified physical address that contains the page table level */
1048 u64 m_pgd = pgd | level;
1050 /* Put the modified physical address in the output buffer */
1051 memcpy(*buffer, &m_pgd, sizeof(m_pgd));
1052 *buffer += sizeof(m_pgd);
1054 /* Followed by the page table itself */
1055 memcpy(*buffer, pgd_page, sizeof(u64) * KBASE_MMU_PAGE_ENTRIES);
1056 *buffer += sizeof(u64) * KBASE_MMU_PAGE_ENTRIES;
1061 if (level < MIDGARD_MMU_BOTTOMLEVEL) {
1062 for (i = 0; i < KBASE_MMU_PAGE_ENTRIES; i++) {
1063 if (mmu_mode->pte_is_valid(pgd_page[i])) {
1064 target_pgd = mmu_mode->pte_to_phy_addr(
1067 dump_size = kbasep_mmu_dump_level(kctx,
1068 target_pgd, level + 1,
1071 kunmap(pfn_to_page(PFN_DOWN(pgd)));
1079 kunmap(pfn_to_page(PFN_DOWN(pgd)));
1084 void *kbase_mmu_dump(struct kbase_context *kctx, int nr_pages)
1089 KBASE_DEBUG_ASSERT(kctx);
1091 lockdep_assert_held(&kctx->reg_lock);
1093 if (0 == nr_pages) {
1094 /* can't dump in a 0 sized buffer, early out */
1098 size_left = nr_pages * PAGE_SIZE;
1100 KBASE_DEBUG_ASSERT(0 != size_left);
1101 kaddr = vmalloc_user(size_left);
1104 u64 end_marker = 0xFFULL;
1106 char *mmu_dump_buffer;
1110 buffer = (char *)kaddr;
1111 mmu_dump_buffer = buffer;
1113 if (kctx->api_version >= KBASE_API_VERSION(8, 4)) {
1114 struct kbase_mmu_setup as_setup;
1116 kctx->kbdev->mmu_mode->get_as_setup(kctx, &as_setup);
1117 config[0] = as_setup.transtab;
1118 config[1] = as_setup.memattr;
1120 memcpy(buffer, &config, sizeof(config));
1121 mmu_dump_buffer += sizeof(config);
1122 size_left -= sizeof(config);
1127 size = kbasep_mmu_dump_level(kctx,
1129 MIDGARD_MMU_TOPLEVEL,
1138 /* Add on the size for the end marker */
1139 size += sizeof(u64);
1140 /* Add on the size for the config */
1141 if (kctx->api_version >= KBASE_API_VERSION(8, 4))
1142 size += sizeof(config);
1145 if (size > nr_pages * PAGE_SIZE || size_left < sizeof(u64)) {
1146 /* The buffer isn't big enough - free the memory and return failure */
1151 /* Add the end marker */
1152 memcpy(mmu_dump_buffer, &end_marker, sizeof(u64));
1157 KBASE_EXPORT_TEST_API(kbase_mmu_dump);
1159 void bus_fault_worker(struct work_struct *data)
1161 struct kbase_as *faulting_as;
1163 struct kbase_context *kctx;
1164 struct kbase_device *kbdev;
1165 #if KBASE_GPU_RESET_EN
1166 bool reset_status = false;
1167 #endif /* KBASE_GPU_RESET_EN */
1169 faulting_as = container_of(data, struct kbase_as, work_busfault);
1171 as_no = faulting_as->number;
1173 kbdev = container_of(faulting_as, struct kbase_device, as[as_no]);
1175 /* Grab the context that was already refcounted in kbase_mmu_interrupt().
1176 * Therefore, it cannot be scheduled out of this AS until we explicitly release it
1178 kctx = kbasep_js_runpool_lookup_ctx_noretain(kbdev, as_no);
1179 if (WARN_ON(!kctx)) {
1180 atomic_dec(&kbdev->faults_pending);
1184 #if KBASE_GPU_RESET_EN
1185 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_8245)) {
1186 /* Due to H/W issue 8245 we need to reset the GPU after using UNMAPPED mode.
1187 * We start the reset before switching to UNMAPPED to ensure that unrelated jobs
1188 * are evicted from the GPU before the switch.
1190 dev_err(kbdev->dev, "GPU bus error occurred. For this GPU version we now soft-reset as part of bus error recovery\n");
1191 reset_status = kbase_prepare_to_reset_gpu(kbdev);
1193 #endif /* KBASE_GPU_RESET_EN */
1194 /* NOTE: If GPU already powered off for suspend, we don't need to switch to unmapped */
1195 if (!kbase_pm_context_active_handle_suspend(kbdev, KBASE_PM_SUSPEND_HANDLER_DONT_REACTIVATE)) {
1197 /* switch to UNMAPPED mode, will abort all jobs and stop any hw counter dumping */
1198 /* AS transaction begin */
1199 mutex_lock(&kbdev->as[as_no].transaction_mutex);
1201 /* Set the MMU into unmapped mode */
1202 kbase_mmu_disable_as(kbdev, as_no);
1204 mutex_unlock(&kbdev->as[as_no].transaction_mutex);
1205 /* AS transaction end */
1207 kbase_mmu_hw_clear_fault(kbdev, faulting_as, kctx,
1208 KBASE_MMU_FAULT_TYPE_BUS_UNEXPECTED);
1209 kbase_mmu_hw_enable_fault(kbdev, faulting_as, kctx,
1210 KBASE_MMU_FAULT_TYPE_BUS_UNEXPECTED);
1212 kbase_pm_context_idle(kbdev);
1215 #if KBASE_GPU_RESET_EN
1216 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_8245) && reset_status)
1217 kbase_reset_gpu(kbdev);
1218 #endif /* KBASE_GPU_RESET_EN */
1220 kbasep_js_runpool_release_ctx(kbdev, kctx);
1222 atomic_dec(&kbdev->faults_pending);
1225 const char *kbase_exception_name(struct kbase_device *kbdev, u32 exception_code)
1229 switch (exception_code) {
1230 /* Non-Fault Status code */
1232 e = "NOT_STARTED/IDLE/OK";
1249 /* Job exceptions */
1251 e = "JOB_CONFIG_FAULT";
1254 e = "JOB_POWER_FAULT";
1257 e = "JOB_READ_FAULT";
1260 e = "JOB_WRITE_FAULT";
1263 e = "JOB_AFFINITY_FAULT";
1266 e = "JOB_BUS_FAULT";
1269 e = "INSTR_INVALID_PC";
1272 e = "INSTR_INVALID_ENC";
1275 e = "INSTR_TYPE_MISMATCH";
1278 e = "INSTR_OPERAND_FAULT";
1281 e = "INSTR_TLS_FAULT";
1284 e = "INSTR_BARRIER_FAULT";
1287 e = "INSTR_ALIGN_FAULT";
1290 e = "DATA_INVALID_FAULT";
1293 e = "TILE_RANGE_FAULT";
1296 e = "ADDR_RANGE_FAULT";
1299 e = "OUT_OF_MEMORY";
1301 /* GPU exceptions */
1303 e = "DELAYED_BUS_FAULT";
1306 e = "SHAREABILITY_FAULT";
1308 /* MMU exceptions */
1317 e = "TRANSLATION_FAULT";
1320 e = "PERMISSION_FAULT";
1330 e = "TRANSTAB_BUS_FAULT";
1344 static const char *access_type_name(struct kbase_device *kbdev,
1347 switch (fault_status & AS_FAULTSTATUS_ACCESS_TYPE_MASK) {
1349 case AS_FAULTSTATUS_ACCESS_TYPE_READ:
1351 case AS_FAULTSTATUS_ACCESS_TYPE_WRITE:
1353 case AS_FAULTSTATUS_ACCESS_TYPE_EX:
1362 * The caller must ensure it's retained the ctx to prevent it from being scheduled out whilst it's being worked on.
1364 static void kbase_mmu_report_fault_and_kill(struct kbase_context *kctx,
1365 struct kbase_as *as, const char *reason_str)
1367 unsigned long flags;
1372 struct kbase_device *kbdev;
1373 struct kbasep_js_device_data *js_devdata;
1375 #if KBASE_GPU_RESET_EN
1376 bool reset_status = false;
1380 kbdev = kctx->kbdev;
1381 js_devdata = &kbdev->js_data;
1383 /* ASSERT that the context won't leave the runpool */
1384 KBASE_DEBUG_ASSERT(kbasep_js_debug_check_ctx_refcount(kbdev, kctx) > 0);
1386 /* decode the fault status */
1387 exception_type = as->fault_status & 0xFF;
1388 access_type = (as->fault_status >> 8) & 0x3;
1389 source_id = (as->fault_status >> 16);
1391 /* terminal fault, print info about the fault */
1393 "Unhandled Page fault in AS%d at VA 0x%016llX\n"
1395 "raw fault status 0x%X\n"
1396 "decoded fault status: %s\n"
1397 "exception type 0x%X: %s\n"
1398 "access type 0x%X: %s\n"
1401 as_no, as->fault_addr,
1404 (as->fault_status & (1 << 10) ? "DECODER FAULT" : "SLAVE FAULT"),
1405 exception_type, kbase_exception_name(kbdev, exception_type),
1406 access_type, access_type_name(kbdev, as->fault_status),
1410 /* hardware counters dump fault handling */
1411 if ((kbdev->hwcnt.kctx) && (kbdev->hwcnt.kctx->as_nr == as_no) &&
1412 (kbdev->hwcnt.backend.state ==
1413 KBASE_INSTR_STATE_DUMPING)) {
1414 unsigned int num_core_groups = kbdev->gpu_props.num_core_groups;
1416 if ((as->fault_addr >= kbdev->hwcnt.addr) &&
1417 (as->fault_addr < (kbdev->hwcnt.addr +
1418 (num_core_groups * 2048))))
1419 kbdev->hwcnt.backend.state = KBASE_INSTR_STATE_FAULT;
1422 /* Stop the kctx from submitting more jobs and cause it to be scheduled
1423 * out/rescheduled - this will occur on releasing the context's refcount */
1424 spin_lock_irqsave(&js_devdata->runpool_irq.lock, flags);
1425 kbasep_js_clear_submit_allowed(js_devdata, kctx);
1426 spin_unlock_irqrestore(&js_devdata->runpool_irq.lock, flags);
1428 /* Kill any running jobs from the context. Submit is disallowed, so no more jobs from this
1429 * context can appear in the job slots from this point on */
1430 kbase_backend_jm_kill_jobs_from_kctx(kctx);
1431 /* AS transaction begin */
1432 mutex_lock(&as->transaction_mutex);
1433 #if KBASE_GPU_RESET_EN
1434 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_8245)) {
1435 /* Due to H/W issue 8245 we need to reset the GPU after using UNMAPPED mode.
1436 * We start the reset before switching to UNMAPPED to ensure that unrelated jobs
1437 * are evicted from the GPU before the switch.
1439 dev_err(kbdev->dev, "Unhandled page fault. For this GPU version we now soft-reset the GPU as part of page fault recovery.");
1440 reset_status = kbase_prepare_to_reset_gpu(kbdev);
1442 #endif /* KBASE_GPU_RESET_EN */
1443 /* switch to UNMAPPED mode, will abort all jobs and stop any hw counter dumping */
1444 kbase_mmu_disable_as(kbdev, as_no);
1446 mutex_unlock(&as->transaction_mutex);
1447 /* AS transaction end */
1448 /* Clear down the fault */
1449 kbase_mmu_hw_clear_fault(kbdev, as, kctx,
1450 KBASE_MMU_FAULT_TYPE_PAGE_UNEXPECTED);
1451 kbase_mmu_hw_enable_fault(kbdev, as, kctx,
1452 KBASE_MMU_FAULT_TYPE_PAGE_UNEXPECTED);
1454 #if KBASE_GPU_RESET_EN
1455 if (kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_8245) && reset_status)
1456 kbase_reset_gpu(kbdev);
1457 #endif /* KBASE_GPU_RESET_EN */
1460 void kbasep_as_do_poke(struct work_struct *work)
1462 struct kbase_as *as;
1463 struct kbase_device *kbdev;
1464 struct kbase_context *kctx;
1465 unsigned long flags;
1467 KBASE_DEBUG_ASSERT(work);
1468 as = container_of(work, struct kbase_as, poke_work);
1469 kbdev = container_of(as, struct kbase_device, as[as->number]);
1470 KBASE_DEBUG_ASSERT(as->poke_state & KBASE_AS_POKE_STATE_IN_FLIGHT);
1472 /* GPU power will already be active by virtue of the caller holding a JS
1473 * reference on the address space, and will not release it until this worker
1476 /* Further to the comment above, we know that while this function is running
1477 * the AS will not be released as before the atom is released this workqueue
1478 * is flushed (in kbase_as_poking_timer_release_atom)
1480 kctx = kbasep_js_runpool_lookup_ctx_noretain(kbdev, as->number);
1482 /* AS transaction begin */
1483 mutex_lock(&as->transaction_mutex);
1484 /* Force a uTLB invalidate */
1485 kbase_mmu_hw_do_operation(kbdev, as, kctx, 0, 0,
1486 AS_COMMAND_UNLOCK, 0);
1487 mutex_unlock(&as->transaction_mutex);
1488 /* AS transaction end */
1490 spin_lock_irqsave(&kbdev->js_data.runpool_irq.lock, flags);
1491 if (as->poke_refcount &&
1492 !(as->poke_state & KBASE_AS_POKE_STATE_KILLING_POKE)) {
1493 /* Only queue up the timer if we need it, and we're not trying to kill it */
1494 hrtimer_start(&as->poke_timer, HR_TIMER_DELAY_MSEC(5), HRTIMER_MODE_REL);
1496 spin_unlock_irqrestore(&kbdev->js_data.runpool_irq.lock, flags);
1499 enum hrtimer_restart kbasep_as_poke_timer_callback(struct hrtimer *timer)
1501 struct kbase_as *as;
1504 KBASE_DEBUG_ASSERT(NULL != timer);
1505 as = container_of(timer, struct kbase_as, poke_timer);
1506 KBASE_DEBUG_ASSERT(as->poke_state & KBASE_AS_POKE_STATE_IN_FLIGHT);
1508 queue_work_ret = queue_work(as->poke_wq, &as->poke_work);
1509 KBASE_DEBUG_ASSERT(queue_work_ret);
1510 return HRTIMER_NORESTART;
1514 * Retain the poking timer on an atom's context (if the atom hasn't already
1515 * done so), and start the timer (if it's not already started).
1517 * This must only be called on a context that's scheduled in, and an atom
1518 * that's running on the GPU.
1520 * The caller must hold kbasep_js_device_data::runpool_irq::lock
1522 * This can be called safely from atomic context
1524 void kbase_as_poking_timer_retain_atom(struct kbase_device *kbdev, struct kbase_context *kctx, struct kbase_jd_atom *katom)
1526 struct kbase_as *as;
1528 KBASE_DEBUG_ASSERT(kbdev);
1529 KBASE_DEBUG_ASSERT(kctx);
1530 KBASE_DEBUG_ASSERT(katom);
1531 KBASE_DEBUG_ASSERT(kctx->as_nr != KBASEP_AS_NR_INVALID);
1532 lockdep_assert_held(&kbdev->js_data.runpool_irq.lock);
1539 /* It's safe to work on the as/as_nr without an explicit reference,
1540 * because the caller holds the runpool_irq lock, and the atom itself
1541 * was also running and had already taken a reference */
1542 as = &kbdev->as[kctx->as_nr];
1544 if (++(as->poke_refcount) == 1) {
1545 /* First refcount for poke needed: check if not already in flight */
1546 if (!as->poke_state) {
1547 /* need to start poking */
1548 as->poke_state |= KBASE_AS_POKE_STATE_IN_FLIGHT;
1549 queue_work(as->poke_wq, &as->poke_work);
1555 * If an atom holds a poking timer, release it and wait for it to finish
1557 * This must only be called on a context that's scheduled in, and an atom
1558 * that still has a JS reference on the context
1560 * This must \b not be called from atomic context, since it can sleep.
1562 void kbase_as_poking_timer_release_atom(struct kbase_device *kbdev, struct kbase_context *kctx, struct kbase_jd_atom *katom)
1564 struct kbase_as *as;
1565 unsigned long flags;
1567 KBASE_DEBUG_ASSERT(kbdev);
1568 KBASE_DEBUG_ASSERT(kctx);
1569 KBASE_DEBUG_ASSERT(katom);
1570 KBASE_DEBUG_ASSERT(kctx->as_nr != KBASEP_AS_NR_INVALID);
1575 as = &kbdev->as[kctx->as_nr];
1577 spin_lock_irqsave(&kbdev->js_data.runpool_irq.lock, flags);
1578 KBASE_DEBUG_ASSERT(as->poke_refcount > 0);
1579 KBASE_DEBUG_ASSERT(as->poke_state & KBASE_AS_POKE_STATE_IN_FLIGHT);
1581 if (--(as->poke_refcount) == 0) {
1582 as->poke_state |= KBASE_AS_POKE_STATE_KILLING_POKE;
1583 spin_unlock_irqrestore(&kbdev->js_data.runpool_irq.lock, flags);
1585 hrtimer_cancel(&as->poke_timer);
1586 flush_workqueue(as->poke_wq);
1588 spin_lock_irqsave(&kbdev->js_data.runpool_irq.lock, flags);
1590 /* Re-check whether it's still needed */
1591 if (as->poke_refcount) {
1593 /* Poking still needed:
1594 * - Another retain will not be starting the timer or queueing work,
1595 * because it's still marked as in-flight
1596 * - The hrtimer has finished, and has not started a new timer or
1597 * queued work because it's been marked as killing
1599 * So whatever happens now, just queue the work again */
1600 as->poke_state &= ~((kbase_as_poke_state)KBASE_AS_POKE_STATE_KILLING_POKE);
1601 queue_work_ret = queue_work(as->poke_wq, &as->poke_work);
1602 KBASE_DEBUG_ASSERT(queue_work_ret);
1604 /* It isn't - so mark it as not in flight, and not killing */
1605 as->poke_state = 0u;
1607 /* The poke associated with the atom has now finished. If this is
1608 * also the last atom on the context, then we can guarentee no more
1609 * pokes (and thus no more poking register accesses) will occur on
1610 * the context until new atoms are run */
1613 spin_unlock_irqrestore(&kbdev->js_data.runpool_irq.lock, flags);
1618 void kbase_mmu_interrupt_process(struct kbase_device *kbdev, struct kbase_context *kctx, struct kbase_as *as)
1620 struct kbasep_js_device_data *js_devdata = &kbdev->js_data;
1622 lockdep_assert_held(&kbdev->js_data.runpool_irq.lock);
1625 dev_warn(kbdev->dev, "%s in AS%d at 0x%016llx with no context present! Suprious IRQ or SW Design Error?\n",
1626 kbase_as_has_bus_fault(as) ? "Bus error" : "Page fault",
1627 as->number, as->fault_addr);
1629 /* Since no ctx was found, the MMU must be disabled. */
1630 WARN_ON(as->current_setup.transtab);
1632 if (kbase_as_has_bus_fault(as)) {
1633 kbase_mmu_hw_clear_fault(kbdev, as, kctx,
1634 KBASE_MMU_FAULT_TYPE_BUS_UNEXPECTED);
1635 kbase_mmu_hw_enable_fault(kbdev, as, kctx,
1636 KBASE_MMU_FAULT_TYPE_BUS_UNEXPECTED);
1637 } else if (kbase_as_has_page_fault(as)) {
1638 kbase_mmu_hw_clear_fault(kbdev, as, kctx,
1639 KBASE_MMU_FAULT_TYPE_PAGE_UNEXPECTED);
1640 kbase_mmu_hw_enable_fault(kbdev, as, kctx,
1641 KBASE_MMU_FAULT_TYPE_PAGE_UNEXPECTED);
1644 #if KBASE_GPU_RESET_EN
1645 if (kbase_as_has_bus_fault(as) &&
1646 kbase_hw_has_issue(kbdev, BASE_HW_ISSUE_8245)) {
1649 * Reset the GPU, like in bus_fault_worker, in case an
1650 * earlier error hasn't been properly cleared by this
1653 dev_err(kbdev->dev, "GPU bus error occurred. For this GPU version we now soft-reset as part of bus error recovery\n");
1654 reset_status = kbase_prepare_to_reset_gpu_locked(kbdev);
1656 kbase_reset_gpu_locked(kbdev);
1658 #endif /* KBASE_GPU_RESET_EN */
1663 if (kbase_as_has_bus_fault(as)) {
1665 * hw counters dumping in progress, signal the
1666 * other thread that it failed
1668 if ((kbdev->hwcnt.kctx == kctx) &&
1669 (kbdev->hwcnt.backend.state ==
1670 KBASE_INSTR_STATE_DUMPING))
1671 kbdev->hwcnt.backend.state =
1672 KBASE_INSTR_STATE_FAULT;
1675 * Stop the kctx from submitting more jobs and cause it
1676 * to be scheduled out/rescheduled when all references
1677 * to it are released
1679 kbasep_js_clear_submit_allowed(js_devdata, kctx);
1681 dev_warn(kbdev->dev, "Bus error in AS%d at 0x%016llx\n",
1682 as->number, as->fault_addr);
1685 * We need to switch to UNMAPPED mode - but we do this in a
1686 * worker so that we can sleep
1688 kbdev->kbase_group_error++;
1689 KBASE_DEBUG_ASSERT(0 == object_is_on_stack(&as->work_busfault));
1690 WARN_ON(work_pending(&as->work_busfault));
1691 queue_work(as->pf_wq, &as->work_busfault);
1692 atomic_inc(&kbdev->faults_pending);
1694 kbdev->kbase_group_error++;
1695 KBASE_DEBUG_ASSERT(0 == object_is_on_stack(&as->work_pagefault));
1696 WARN_ON(work_pending(&as->work_pagefault));
1697 queue_work(as->pf_wq, &as->work_pagefault);
1698 atomic_inc(&kbdev->faults_pending);
1702 void kbase_flush_mmu_wqs(struct kbase_device *kbdev)
1706 for (i = 0; i < kbdev->nr_hw_address_spaces; i++) {
1707 struct kbase_as *as = &kbdev->as[i];
1709 flush_workqueue(as->pf_wq);
projects / firefly-linux-kernel-4.4.55.git / blob