2 * Copyright (c) 2006, Intel Corporation.
4 * This program is free software; you can redistribute it and/or modify it
5 * under the terms and conditions of the GNU General Public License,
6 * version 2, as published by the Free Software Foundation.
8 * This program is distributed in the hope it will be useful, but WITHOUT
9 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
10 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * You should have received a copy of the GNU General Public License along with
14 * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
15 * Place - Suite 330, Boston, MA 02111-1307 USA.
17 * Copyright (C) 2006-2008 Intel Corporation
18 * Author: Ashok Raj <ashok.raj@intel.com>
19 * Author: Shaohua Li <shaohua.li@intel.com>
20 * Author: Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>
21 * Author: Fenghua Yu <fenghua.yu@intel.com>
24 #include <linux/init.h>
25 #include <linux/bitmap.h>
26 #include <linux/debugfs.h>
27 #include <linux/slab.h>
28 #include <linux/irq.h>
29 #include <linux/interrupt.h>
30 #include <linux/spinlock.h>
31 #include <linux/pci.h>
32 #include <linux/dmar.h>
33 #include <linux/dma-mapping.h>
34 #include <linux/mempool.h>
35 #include <linux/timer.h>
36 #include <linux/iova.h>
37 #include <linux/iommu.h>
38 #include <linux/intel-iommu.h>
39 #include <linux/sysdev.h>
40 #include <linux/tboot.h>
41 #include <linux/dmi.h>
42 #include <asm/cacheflush.h>
43 #include <asm/iommu.h>
46 #define ROOT_SIZE VTD_PAGE_SIZE
47 #define CONTEXT_SIZE VTD_PAGE_SIZE
49 #define IS_GFX_DEVICE(pdev) ((pdev->class >> 16) == PCI_BASE_CLASS_DISPLAY)
50 #define IS_ISA_DEVICE(pdev) ((pdev->class >> 8) == PCI_CLASS_BRIDGE_ISA)
51 #define IS_AZALIA(pdev) ((pdev)->vendor == 0x8086 && (pdev)->device == 0x3a3e)
53 #define IOAPIC_RANGE_START (0xfee00000)
54 #define IOAPIC_RANGE_END (0xfeefffff)
55 #define IOVA_START_ADDR (0x1000)
57 #define DEFAULT_DOMAIN_ADDRESS_WIDTH 48
59 #define MAX_AGAW_WIDTH 64
61 #define __DOMAIN_MAX_PFN(gaw) ((((uint64_t)1) << (gaw-VTD_PAGE_SHIFT)) - 1)
62 #define __DOMAIN_MAX_ADDR(gaw) ((((uint64_t)1) << gaw) - 1)
64 /* We limit DOMAIN_MAX_PFN to fit in an unsigned long, and DOMAIN_MAX_ADDR
65 to match. That way, we can use 'unsigned long' for PFNs with impunity. */
66 #define DOMAIN_MAX_PFN(gaw) ((unsigned long) min_t(uint64_t, \
67 __DOMAIN_MAX_PFN(gaw), (unsigned long)-1))
68 #define DOMAIN_MAX_ADDR(gaw) (((uint64_t)__DOMAIN_MAX_PFN(gaw)) << VTD_PAGE_SHIFT)
70 #define IOVA_PFN(addr) ((addr) >> PAGE_SHIFT)
71 #define DMA_32BIT_PFN IOVA_PFN(DMA_BIT_MASK(32))
72 #define DMA_64BIT_PFN IOVA_PFN(DMA_BIT_MASK(64))
74 /* page table handling */
75 #define LEVEL_STRIDE (9)
76 #define LEVEL_MASK (((u64)1 << LEVEL_STRIDE) - 1)
78 static inline int agaw_to_level(int agaw)
83 static inline int agaw_to_width(int agaw)
85 return 30 + agaw * LEVEL_STRIDE;
88 static inline int width_to_agaw(int width)
90 return (width - 30) / LEVEL_STRIDE;
93 static inline unsigned int level_to_offset_bits(int level)
95 return (level - 1) * LEVEL_STRIDE;
98 static inline int pfn_level_offset(unsigned long pfn, int level)
100 return (pfn >> level_to_offset_bits(level)) & LEVEL_MASK;
103 static inline unsigned long level_mask(int level)
105 return -1UL << level_to_offset_bits(level);
108 static inline unsigned long level_size(int level)
110 return 1UL << level_to_offset_bits(level);
113 static inline unsigned long align_to_level(unsigned long pfn, int level)
115 return (pfn + level_size(level) - 1) & level_mask(level);
118 /* VT-d pages must always be _smaller_ than MM pages. Otherwise things
119 are never going to work. */
120 static inline unsigned long dma_to_mm_pfn(unsigned long dma_pfn)
122 return dma_pfn >> (PAGE_SHIFT - VTD_PAGE_SHIFT);
125 static inline unsigned long mm_to_dma_pfn(unsigned long mm_pfn)
127 return mm_pfn << (PAGE_SHIFT - VTD_PAGE_SHIFT);
129 static inline unsigned long page_to_dma_pfn(struct page *pg)
131 return mm_to_dma_pfn(page_to_pfn(pg));
133 static inline unsigned long virt_to_dma_pfn(void *p)
135 return page_to_dma_pfn(virt_to_page(p));
138 /* global iommu list, set NULL for ignored DMAR units */
139 static struct intel_iommu **g_iommus;
141 static void __init check_tylersburg_isoch(void);
142 static int rwbf_quirk;
147 * 12-63: Context Ptr (12 - (haw-1))
154 #define ROOT_ENTRY_NR (VTD_PAGE_SIZE/sizeof(struct root_entry))
155 static inline bool root_present(struct root_entry *root)
157 return (root->val & 1);
159 static inline void set_root_present(struct root_entry *root)
163 static inline void set_root_value(struct root_entry *root, unsigned long value)
165 root->val |= value & VTD_PAGE_MASK;
168 static inline struct context_entry *
169 get_context_addr_from_root(struct root_entry *root)
171 return (struct context_entry *)
172 (root_present(root)?phys_to_virt(
173 root->val & VTD_PAGE_MASK) :
180 * 1: fault processing disable
181 * 2-3: translation type
182 * 12-63: address space root
188 struct context_entry {
193 static inline bool context_present(struct context_entry *context)
195 return (context->lo & 1);
197 static inline void context_set_present(struct context_entry *context)
202 static inline void context_set_fault_enable(struct context_entry *context)
204 context->lo &= (((u64)-1) << 2) | 1;
207 static inline void context_set_translation_type(struct context_entry *context,
210 context->lo &= (((u64)-1) << 4) | 3;
211 context->lo |= (value & 3) << 2;
214 static inline void context_set_address_root(struct context_entry *context,
217 context->lo |= value & VTD_PAGE_MASK;
220 static inline void context_set_address_width(struct context_entry *context,
223 context->hi |= value & 7;
226 static inline void context_set_domain_id(struct context_entry *context,
229 context->hi |= (value & ((1 << 16) - 1)) << 8;
232 static inline void context_clear_entry(struct context_entry *context)
245 * 12-63: Host physcial address
251 static inline void dma_clear_pte(struct dma_pte *pte)
256 static inline void dma_set_pte_readable(struct dma_pte *pte)
258 pte->val |= DMA_PTE_READ;
261 static inline void dma_set_pte_writable(struct dma_pte *pte)
263 pte->val |= DMA_PTE_WRITE;
266 static inline void dma_set_pte_snp(struct dma_pte *pte)
268 pte->val |= DMA_PTE_SNP;
271 static inline void dma_set_pte_prot(struct dma_pte *pte, unsigned long prot)
273 pte->val = (pte->val & ~3) | (prot & 3);
276 static inline u64 dma_pte_addr(struct dma_pte *pte)
279 return pte->val & VTD_PAGE_MASK;
281 /* Must have a full atomic 64-bit read */
282 return __cmpxchg64(pte, 0ULL, 0ULL) & VTD_PAGE_MASK;
286 static inline void dma_set_pte_pfn(struct dma_pte *pte, unsigned long pfn)
288 pte->val |= (uint64_t)pfn << VTD_PAGE_SHIFT;
291 static inline bool dma_pte_present(struct dma_pte *pte)
293 return (pte->val & 3) != 0;
296 static inline int first_pte_in_page(struct dma_pte *pte)
298 return !((unsigned long)pte & ~VTD_PAGE_MASK);
302 * This domain is a statically identity mapping domain.
303 * 1. This domain creats a static 1:1 mapping to all usable memory.
304 * 2. It maps to each iommu if successful.
305 * 3. Each iommu mapps to this domain if successful.
307 static struct dmar_domain *si_domain;
308 static int hw_pass_through = 1;
310 /* devices under the same p2p bridge are owned in one domain */
311 #define DOMAIN_FLAG_P2P_MULTIPLE_DEVICES (1 << 0)
313 /* domain represents a virtual machine, more than one devices
314 * across iommus may be owned in one domain, e.g. kvm guest.
316 #define DOMAIN_FLAG_VIRTUAL_MACHINE (1 << 1)
318 /* si_domain contains mulitple devices */
319 #define DOMAIN_FLAG_STATIC_IDENTITY (1 << 2)
322 int id; /* domain id */
323 unsigned long iommu_bmp; /* bitmap of iommus this domain uses*/
325 struct list_head devices; /* all devices' list */
326 struct iova_domain iovad; /* iova's that belong to this domain */
328 struct dma_pte *pgd; /* virtual address */
329 int gaw; /* max guest address width */
331 /* adjusted guest address width, 0 is level 2 30-bit */
334 int flags; /* flags to find out type of domain */
336 int iommu_coherency;/* indicate coherency of iommu access */
337 int iommu_snooping; /* indicate snooping control feature*/
338 int iommu_count; /* reference count of iommu */
339 spinlock_t iommu_lock; /* protect iommu set in domain */
340 u64 max_addr; /* maximum mapped address */
343 /* PCI domain-device relationship */
344 struct device_domain_info {
345 struct list_head link; /* link to domain siblings */
346 struct list_head global; /* link to global list */
347 int segment; /* PCI domain */
348 u8 bus; /* PCI bus number */
349 u8 devfn; /* PCI devfn number */
350 struct pci_dev *dev; /* it's NULL for PCIE-to-PCI bridge */
351 struct intel_iommu *iommu; /* IOMMU used by this device */
352 struct dmar_domain *domain; /* pointer to domain */
355 static void flush_unmaps_timeout(unsigned long data);
357 DEFINE_TIMER(unmap_timer, flush_unmaps_timeout, 0, 0);
359 #define HIGH_WATER_MARK 250
360 struct deferred_flush_tables {
362 struct iova *iova[HIGH_WATER_MARK];
363 struct dmar_domain *domain[HIGH_WATER_MARK];
366 static struct deferred_flush_tables *deferred_flush;
368 /* bitmap for indexing intel_iommus */
369 static int g_num_of_iommus;
371 static DEFINE_SPINLOCK(async_umap_flush_lock);
372 static LIST_HEAD(unmaps_to_do);
375 static long list_size;
377 static void domain_remove_dev_info(struct dmar_domain *domain);
379 #ifdef CONFIG_DMAR_DEFAULT_ON
380 int dmar_disabled = 0;
382 int dmar_disabled = 1;
383 #endif /*CONFIG_DMAR_DEFAULT_ON*/
385 static int __initdata dmar_map_gfx = 1;
386 static int dmar_forcedac;
387 static int intel_iommu_strict;
389 #define DUMMY_DEVICE_DOMAIN_INFO ((struct device_domain_info *)(-1))
390 static DEFINE_SPINLOCK(device_domain_lock);
391 static LIST_HEAD(device_domain_list);
393 static struct iommu_ops intel_iommu_ops;
395 static int __init intel_iommu_setup(char *str)
400 if (!strncmp(str, "on", 2)) {
402 printk(KERN_INFO "Intel-IOMMU: enabled\n");
403 } else if (!strncmp(str, "off", 3)) {
405 printk(KERN_INFO "Intel-IOMMU: disabled\n");
406 } else if (!strncmp(str, "igfx_off", 8)) {
409 "Intel-IOMMU: disable GFX device mapping\n");
410 } else if (!strncmp(str, "forcedac", 8)) {
412 "Intel-IOMMU: Forcing DAC for PCI devices\n");
414 } else if (!strncmp(str, "strict", 6)) {
416 "Intel-IOMMU: disable batched IOTLB flush\n");
417 intel_iommu_strict = 1;
420 str += strcspn(str, ",");
426 __setup("intel_iommu=", intel_iommu_setup);
428 static struct kmem_cache *iommu_domain_cache;
429 static struct kmem_cache *iommu_devinfo_cache;
430 static struct kmem_cache *iommu_iova_cache;
432 static inline void *iommu_kmem_cache_alloc(struct kmem_cache *cachep)
437 /* trying to avoid low memory issues */
438 flags = current->flags & PF_MEMALLOC;
439 current->flags |= PF_MEMALLOC;
440 vaddr = kmem_cache_alloc(cachep, GFP_ATOMIC);
441 current->flags &= (~PF_MEMALLOC | flags);
446 static inline void *alloc_pgtable_page(void)
451 /* trying to avoid low memory issues */
452 flags = current->flags & PF_MEMALLOC;
453 current->flags |= PF_MEMALLOC;
454 vaddr = (void *)get_zeroed_page(GFP_ATOMIC);
455 current->flags &= (~PF_MEMALLOC | flags);
459 static inline void free_pgtable_page(void *vaddr)
461 free_page((unsigned long)vaddr);
464 static inline void *alloc_domain_mem(void)
466 return iommu_kmem_cache_alloc(iommu_domain_cache);
469 static void free_domain_mem(void *vaddr)
471 kmem_cache_free(iommu_domain_cache, vaddr);
474 static inline void * alloc_devinfo_mem(void)
476 return iommu_kmem_cache_alloc(iommu_devinfo_cache);
479 static inline void free_devinfo_mem(void *vaddr)
481 kmem_cache_free(iommu_devinfo_cache, vaddr);
484 struct iova *alloc_iova_mem(void)
486 return iommu_kmem_cache_alloc(iommu_iova_cache);
489 void free_iova_mem(struct iova *iova)
491 kmem_cache_free(iommu_iova_cache, iova);
495 static int __iommu_calculate_agaw(struct intel_iommu *iommu, int max_gaw)
500 sagaw = cap_sagaw(iommu->cap);
501 for (agaw = width_to_agaw(max_gaw);
503 if (test_bit(agaw, &sagaw))
511 * Calculate max SAGAW for each iommu.
513 int iommu_calculate_max_sagaw(struct intel_iommu *iommu)
515 return __iommu_calculate_agaw(iommu, MAX_AGAW_WIDTH);
519 * calculate agaw for each iommu.
520 * "SAGAW" may be different across iommus, use a default agaw, and
521 * get a supported less agaw for iommus that don't support the default agaw.
523 int iommu_calculate_agaw(struct intel_iommu *iommu)
525 return __iommu_calculate_agaw(iommu, DEFAULT_DOMAIN_ADDRESS_WIDTH);
528 /* This functionin only returns single iommu in a domain */
529 static struct intel_iommu *domain_get_iommu(struct dmar_domain *domain)
533 /* si_domain and vm domain should not get here. */
534 BUG_ON(domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE);
535 BUG_ON(domain->flags & DOMAIN_FLAG_STATIC_IDENTITY);
537 iommu_id = find_first_bit(&domain->iommu_bmp, g_num_of_iommus);
538 if (iommu_id < 0 || iommu_id >= g_num_of_iommus)
541 return g_iommus[iommu_id];
544 static void domain_update_iommu_coherency(struct dmar_domain *domain)
548 domain->iommu_coherency = 1;
550 i = find_first_bit(&domain->iommu_bmp, g_num_of_iommus);
551 for (; i < g_num_of_iommus; ) {
552 if (!ecap_coherent(g_iommus[i]->ecap)) {
553 domain->iommu_coherency = 0;
556 i = find_next_bit(&domain->iommu_bmp, g_num_of_iommus, i+1);
560 static void domain_update_iommu_snooping(struct dmar_domain *domain)
564 domain->iommu_snooping = 1;
566 i = find_first_bit(&domain->iommu_bmp, g_num_of_iommus);
567 for (; i < g_num_of_iommus; ) {
568 if (!ecap_sc_support(g_iommus[i]->ecap)) {
569 domain->iommu_snooping = 0;
572 i = find_next_bit(&domain->iommu_bmp, g_num_of_iommus, i+1);
576 /* Some capabilities may be different across iommus */
577 static void domain_update_iommu_cap(struct dmar_domain *domain)
579 domain_update_iommu_coherency(domain);
580 domain_update_iommu_snooping(domain);
583 static struct intel_iommu *device_to_iommu(int segment, u8 bus, u8 devfn)
585 struct dmar_drhd_unit *drhd = NULL;
588 for_each_drhd_unit(drhd) {
591 if (segment != drhd->segment)
594 for (i = 0; i < drhd->devices_cnt; i++) {
595 if (drhd->devices[i] &&
596 drhd->devices[i]->bus->number == bus &&
597 drhd->devices[i]->devfn == devfn)
599 if (drhd->devices[i] &&
600 drhd->devices[i]->subordinate &&
601 drhd->devices[i]->subordinate->number <= bus &&
602 drhd->devices[i]->subordinate->subordinate >= bus)
606 if (drhd->include_all)
613 static void domain_flush_cache(struct dmar_domain *domain,
614 void *addr, int size)
616 if (!domain->iommu_coherency)
617 clflush_cache_range(addr, size);
620 /* Gets context entry for a given bus and devfn */
621 static struct context_entry * device_to_context_entry(struct intel_iommu *iommu,
624 struct root_entry *root;
625 struct context_entry *context;
626 unsigned long phy_addr;
629 spin_lock_irqsave(&iommu->lock, flags);
630 root = &iommu->root_entry[bus];
631 context = get_context_addr_from_root(root);
633 context = (struct context_entry *)alloc_pgtable_page();
635 spin_unlock_irqrestore(&iommu->lock, flags);
638 __iommu_flush_cache(iommu, (void *)context, CONTEXT_SIZE);
639 phy_addr = virt_to_phys((void *)context);
640 set_root_value(root, phy_addr);
641 set_root_present(root);
642 __iommu_flush_cache(iommu, root, sizeof(*root));
644 spin_unlock_irqrestore(&iommu->lock, flags);
645 return &context[devfn];
648 static int device_context_mapped(struct intel_iommu *iommu, u8 bus, u8 devfn)
650 struct root_entry *root;
651 struct context_entry *context;
655 spin_lock_irqsave(&iommu->lock, flags);
656 root = &iommu->root_entry[bus];
657 context = get_context_addr_from_root(root);
662 ret = context_present(&context[devfn]);
664 spin_unlock_irqrestore(&iommu->lock, flags);
668 static void clear_context_table(struct intel_iommu *iommu, u8 bus, u8 devfn)
670 struct root_entry *root;
671 struct context_entry *context;
674 spin_lock_irqsave(&iommu->lock, flags);
675 root = &iommu->root_entry[bus];
676 context = get_context_addr_from_root(root);
678 context_clear_entry(&context[devfn]);
679 __iommu_flush_cache(iommu, &context[devfn], \
682 spin_unlock_irqrestore(&iommu->lock, flags);
685 static void free_context_table(struct intel_iommu *iommu)
687 struct root_entry *root;
690 struct context_entry *context;
692 spin_lock_irqsave(&iommu->lock, flags);
693 if (!iommu->root_entry) {
696 for (i = 0; i < ROOT_ENTRY_NR; i++) {
697 root = &iommu->root_entry[i];
698 context = get_context_addr_from_root(root);
700 free_pgtable_page(context);
702 free_pgtable_page(iommu->root_entry);
703 iommu->root_entry = NULL;
705 spin_unlock_irqrestore(&iommu->lock, flags);
708 static struct dma_pte *pfn_to_dma_pte(struct dmar_domain *domain,
711 int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
712 struct dma_pte *parent, *pte = NULL;
713 int level = agaw_to_level(domain->agaw);
716 BUG_ON(!domain->pgd);
717 BUG_ON(addr_width < BITS_PER_LONG && pfn >> addr_width);
718 parent = domain->pgd;
723 offset = pfn_level_offset(pfn, level);
724 pte = &parent[offset];
728 if (!dma_pte_present(pte)) {
731 tmp_page = alloc_pgtable_page();
736 domain_flush_cache(domain, tmp_page, VTD_PAGE_SIZE);
737 pteval = ((uint64_t)virt_to_dma_pfn(tmp_page) << VTD_PAGE_SHIFT) | DMA_PTE_READ | DMA_PTE_WRITE;
738 if (cmpxchg64(&pte->val, 0ULL, pteval)) {
739 /* Someone else set it while we were thinking; use theirs. */
740 free_pgtable_page(tmp_page);
743 domain_flush_cache(domain, pte, sizeof(*pte));
746 parent = phys_to_virt(dma_pte_addr(pte));
753 /* return address's pte at specific level */
754 static struct dma_pte *dma_pfn_level_pte(struct dmar_domain *domain,
758 struct dma_pte *parent, *pte = NULL;
759 int total = agaw_to_level(domain->agaw);
762 parent = domain->pgd;
763 while (level <= total) {
764 offset = pfn_level_offset(pfn, total);
765 pte = &parent[offset];
769 if (!dma_pte_present(pte))
771 parent = phys_to_virt(dma_pte_addr(pte));
777 /* clear last level pte, a tlb flush should be followed */
778 static void dma_pte_clear_range(struct dmar_domain *domain,
779 unsigned long start_pfn,
780 unsigned long last_pfn)
782 int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
783 struct dma_pte *first_pte, *pte;
785 BUG_ON(addr_width < BITS_PER_LONG && start_pfn >> addr_width);
786 BUG_ON(addr_width < BITS_PER_LONG && last_pfn >> addr_width);
787 BUG_ON(start_pfn > last_pfn);
789 /* we don't need lock here; nobody else touches the iova range */
791 first_pte = pte = dma_pfn_level_pte(domain, start_pfn, 1);
793 start_pfn = align_to_level(start_pfn + 1, 2);
800 } while (start_pfn <= last_pfn && !first_pte_in_page(pte));
802 domain_flush_cache(domain, first_pte,
803 (void *)pte - (void *)first_pte);
805 } while (start_pfn && start_pfn <= last_pfn);
808 /* free page table pages. last level pte should already be cleared */
809 static void dma_pte_free_pagetable(struct dmar_domain *domain,
810 unsigned long start_pfn,
811 unsigned long last_pfn)
813 int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
814 struct dma_pte *first_pte, *pte;
815 int total = agaw_to_level(domain->agaw);
819 BUG_ON(addr_width < BITS_PER_LONG && start_pfn >> addr_width);
820 BUG_ON(addr_width < BITS_PER_LONG && last_pfn >> addr_width);
821 BUG_ON(start_pfn > last_pfn);
823 /* We don't need lock here; nobody else touches the iova range */
825 while (level <= total) {
826 tmp = align_to_level(start_pfn, level);
828 /* If we can't even clear one PTE at this level, we're done */
829 if (tmp + level_size(level) - 1 > last_pfn)
833 first_pte = pte = dma_pfn_level_pte(domain, tmp, level);
835 tmp = align_to_level(tmp + 1, level + 1);
839 if (dma_pte_present(pte)) {
840 free_pgtable_page(phys_to_virt(dma_pte_addr(pte)));
844 tmp += level_size(level);
845 } while (!first_pte_in_page(pte) &&
846 tmp + level_size(level) - 1 <= last_pfn);
848 domain_flush_cache(domain, first_pte,
849 (void *)pte - (void *)first_pte);
851 } while (tmp && tmp + level_size(level) - 1 <= last_pfn);
855 if (start_pfn == 0 && last_pfn == DOMAIN_MAX_PFN(domain->gaw)) {
856 free_pgtable_page(domain->pgd);
862 static int iommu_alloc_root_entry(struct intel_iommu *iommu)
864 struct root_entry *root;
867 root = (struct root_entry *)alloc_pgtable_page();
871 __iommu_flush_cache(iommu, root, ROOT_SIZE);
873 spin_lock_irqsave(&iommu->lock, flags);
874 iommu->root_entry = root;
875 spin_unlock_irqrestore(&iommu->lock, flags);
880 static void iommu_set_root_entry(struct intel_iommu *iommu)
886 addr = iommu->root_entry;
888 spin_lock_irqsave(&iommu->register_lock, flag);
889 dmar_writeq(iommu->reg + DMAR_RTADDR_REG, virt_to_phys(addr));
891 writel(iommu->gcmd | DMA_GCMD_SRTP, iommu->reg + DMAR_GCMD_REG);
893 /* Make sure hardware complete it */
894 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
895 readl, (sts & DMA_GSTS_RTPS), sts);
897 spin_unlock_irqrestore(&iommu->register_lock, flag);
900 static void iommu_flush_write_buffer(struct intel_iommu *iommu)
905 if (!rwbf_quirk && !cap_rwbf(iommu->cap))
908 spin_lock_irqsave(&iommu->register_lock, flag);
909 writel(iommu->gcmd | DMA_GCMD_WBF, iommu->reg + DMAR_GCMD_REG);
911 /* Make sure hardware complete it */
912 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
913 readl, (!(val & DMA_GSTS_WBFS)), val);
915 spin_unlock_irqrestore(&iommu->register_lock, flag);
918 /* return value determine if we need a write buffer flush */
919 static void __iommu_flush_context(struct intel_iommu *iommu,
920 u16 did, u16 source_id, u8 function_mask,
927 case DMA_CCMD_GLOBAL_INVL:
928 val = DMA_CCMD_GLOBAL_INVL;
930 case DMA_CCMD_DOMAIN_INVL:
931 val = DMA_CCMD_DOMAIN_INVL|DMA_CCMD_DID(did);
933 case DMA_CCMD_DEVICE_INVL:
934 val = DMA_CCMD_DEVICE_INVL|DMA_CCMD_DID(did)
935 | DMA_CCMD_SID(source_id) | DMA_CCMD_FM(function_mask);
942 spin_lock_irqsave(&iommu->register_lock, flag);
943 dmar_writeq(iommu->reg + DMAR_CCMD_REG, val);
945 /* Make sure hardware complete it */
946 IOMMU_WAIT_OP(iommu, DMAR_CCMD_REG,
947 dmar_readq, (!(val & DMA_CCMD_ICC)), val);
949 spin_unlock_irqrestore(&iommu->register_lock, flag);
952 /* return value determine if we need a write buffer flush */
953 static void __iommu_flush_iotlb(struct intel_iommu *iommu, u16 did,
954 u64 addr, unsigned int size_order, u64 type)
956 int tlb_offset = ecap_iotlb_offset(iommu->ecap);
957 u64 val = 0, val_iva = 0;
961 case DMA_TLB_GLOBAL_FLUSH:
962 /* global flush doesn't need set IVA_REG */
963 val = DMA_TLB_GLOBAL_FLUSH|DMA_TLB_IVT;
965 case DMA_TLB_DSI_FLUSH:
966 val = DMA_TLB_DSI_FLUSH|DMA_TLB_IVT|DMA_TLB_DID(did);
968 case DMA_TLB_PSI_FLUSH:
969 val = DMA_TLB_PSI_FLUSH|DMA_TLB_IVT|DMA_TLB_DID(did);
970 /* Note: always flush non-leaf currently */
971 val_iva = size_order | addr;
976 /* Note: set drain read/write */
979 * This is probably to be super secure.. Looks like we can
980 * ignore it without any impact.
982 if (cap_read_drain(iommu->cap))
983 val |= DMA_TLB_READ_DRAIN;
985 if (cap_write_drain(iommu->cap))
986 val |= DMA_TLB_WRITE_DRAIN;
988 spin_lock_irqsave(&iommu->register_lock, flag);
989 /* Note: Only uses first TLB reg currently */
991 dmar_writeq(iommu->reg + tlb_offset, val_iva);
992 dmar_writeq(iommu->reg + tlb_offset + 8, val);
994 /* Make sure hardware complete it */
995 IOMMU_WAIT_OP(iommu, tlb_offset + 8,
996 dmar_readq, (!(val & DMA_TLB_IVT)), val);
998 spin_unlock_irqrestore(&iommu->register_lock, flag);
1000 /* check IOTLB invalidation granularity */
1001 if (DMA_TLB_IAIG(val) == 0)
1002 printk(KERN_ERR"IOMMU: flush IOTLB failed\n");
1003 if (DMA_TLB_IAIG(val) != DMA_TLB_IIRG(type))
1004 pr_debug("IOMMU: tlb flush request %Lx, actual %Lx\n",
1005 (unsigned long long)DMA_TLB_IIRG(type),
1006 (unsigned long long)DMA_TLB_IAIG(val));
1009 static struct device_domain_info *iommu_support_dev_iotlb(
1010 struct dmar_domain *domain, int segment, u8 bus, u8 devfn)
1013 unsigned long flags;
1014 struct device_domain_info *info;
1015 struct intel_iommu *iommu = device_to_iommu(segment, bus, devfn);
1017 if (!ecap_dev_iotlb_support(iommu->ecap))
1023 spin_lock_irqsave(&device_domain_lock, flags);
1024 list_for_each_entry(info, &domain->devices, link)
1025 if (info->bus == bus && info->devfn == devfn) {
1029 spin_unlock_irqrestore(&device_domain_lock, flags);
1031 if (!found || !info->dev)
1034 if (!pci_find_ext_capability(info->dev, PCI_EXT_CAP_ID_ATS))
1037 if (!dmar_find_matched_atsr_unit(info->dev))
1040 info->iommu = iommu;
1045 static void iommu_enable_dev_iotlb(struct device_domain_info *info)
1050 pci_enable_ats(info->dev, VTD_PAGE_SHIFT);
1053 static void iommu_disable_dev_iotlb(struct device_domain_info *info)
1055 if (!info->dev || !pci_ats_enabled(info->dev))
1058 pci_disable_ats(info->dev);
1061 static void iommu_flush_dev_iotlb(struct dmar_domain *domain,
1062 u64 addr, unsigned mask)
1065 unsigned long flags;
1066 struct device_domain_info *info;
1068 spin_lock_irqsave(&device_domain_lock, flags);
1069 list_for_each_entry(info, &domain->devices, link) {
1070 if (!info->dev || !pci_ats_enabled(info->dev))
1073 sid = info->bus << 8 | info->devfn;
1074 qdep = pci_ats_queue_depth(info->dev);
1075 qi_flush_dev_iotlb(info->iommu, sid, qdep, addr, mask);
1077 spin_unlock_irqrestore(&device_domain_lock, flags);
1080 static void iommu_flush_iotlb_psi(struct intel_iommu *iommu, u16 did,
1081 unsigned long pfn, unsigned int pages)
1083 unsigned int mask = ilog2(__roundup_pow_of_two(pages));
1084 uint64_t addr = (uint64_t)pfn << VTD_PAGE_SHIFT;
1089 * Fallback to domain selective flush if no PSI support or the size is
1091 * PSI requires page size to be 2 ^ x, and the base address is naturally
1092 * aligned to the size
1094 if (!cap_pgsel_inv(iommu->cap) || mask > cap_max_amask_val(iommu->cap))
1095 iommu->flush.flush_iotlb(iommu, did, 0, 0,
1098 iommu->flush.flush_iotlb(iommu, did, addr, mask,
1102 * In caching mode, domain ID 0 is reserved for non-present to present
1103 * mapping flush. Device IOTLB doesn't need to be flushed in this case.
1105 if (!cap_caching_mode(iommu->cap) || did)
1106 iommu_flush_dev_iotlb(iommu->domains[did], addr, mask);
1109 static void iommu_disable_protect_mem_regions(struct intel_iommu *iommu)
1112 unsigned long flags;
1114 spin_lock_irqsave(&iommu->register_lock, flags);
1115 pmen = readl(iommu->reg + DMAR_PMEN_REG);
1116 pmen &= ~DMA_PMEN_EPM;
1117 writel(pmen, iommu->reg + DMAR_PMEN_REG);
1119 /* wait for the protected region status bit to clear */
1120 IOMMU_WAIT_OP(iommu, DMAR_PMEN_REG,
1121 readl, !(pmen & DMA_PMEN_PRS), pmen);
1123 spin_unlock_irqrestore(&iommu->register_lock, flags);
1126 static int iommu_enable_translation(struct intel_iommu *iommu)
1129 unsigned long flags;
1131 spin_lock_irqsave(&iommu->register_lock, flags);
1132 iommu->gcmd |= DMA_GCMD_TE;
1133 writel(iommu->gcmd, iommu->reg + DMAR_GCMD_REG);
1135 /* Make sure hardware complete it */
1136 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1137 readl, (sts & DMA_GSTS_TES), sts);
1139 spin_unlock_irqrestore(&iommu->register_lock, flags);
1143 static int iommu_disable_translation(struct intel_iommu *iommu)
1148 spin_lock_irqsave(&iommu->register_lock, flag);
1149 iommu->gcmd &= ~DMA_GCMD_TE;
1150 writel(iommu->gcmd, iommu->reg + DMAR_GCMD_REG);
1152 /* Make sure hardware complete it */
1153 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1154 readl, (!(sts & DMA_GSTS_TES)), sts);
1156 spin_unlock_irqrestore(&iommu->register_lock, flag);
1161 static int iommu_init_domains(struct intel_iommu *iommu)
1163 unsigned long ndomains;
1164 unsigned long nlongs;
1166 ndomains = cap_ndoms(iommu->cap);
1167 pr_debug("Number of Domains supportd <%ld>\n", ndomains);
1168 nlongs = BITS_TO_LONGS(ndomains);
1170 spin_lock_init(&iommu->lock);
1172 /* TBD: there might be 64K domains,
1173 * consider other allocation for future chip
1175 iommu->domain_ids = kcalloc(nlongs, sizeof(unsigned long), GFP_KERNEL);
1176 if (!iommu->domain_ids) {
1177 printk(KERN_ERR "Allocating domain id array failed\n");
1180 iommu->domains = kcalloc(ndomains, sizeof(struct dmar_domain *),
1182 if (!iommu->domains) {
1183 printk(KERN_ERR "Allocating domain array failed\n");
1188 * if Caching mode is set, then invalid translations are tagged
1189 * with domainid 0. Hence we need to pre-allocate it.
1191 if (cap_caching_mode(iommu->cap))
1192 set_bit(0, iommu->domain_ids);
1197 static void domain_exit(struct dmar_domain *domain);
1198 static void vm_domain_exit(struct dmar_domain *domain);
1200 void free_dmar_iommu(struct intel_iommu *iommu)
1202 struct dmar_domain *domain;
1204 unsigned long flags;
1206 if ((iommu->domains) && (iommu->domain_ids)) {
1207 i = find_first_bit(iommu->domain_ids, cap_ndoms(iommu->cap));
1208 for (; i < cap_ndoms(iommu->cap); ) {
1209 domain = iommu->domains[i];
1210 clear_bit(i, iommu->domain_ids);
1212 spin_lock_irqsave(&domain->iommu_lock, flags);
1213 if (--domain->iommu_count == 0) {
1214 if (domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE)
1215 vm_domain_exit(domain);
1217 domain_exit(domain);
1219 spin_unlock_irqrestore(&domain->iommu_lock, flags);
1221 i = find_next_bit(iommu->domain_ids,
1222 cap_ndoms(iommu->cap), i+1);
1226 if (iommu->gcmd & DMA_GCMD_TE)
1227 iommu_disable_translation(iommu);
1230 set_irq_data(iommu->irq, NULL);
1231 /* This will mask the irq */
1232 free_irq(iommu->irq, iommu);
1233 destroy_irq(iommu->irq);
1236 kfree(iommu->domains);
1237 kfree(iommu->domain_ids);
1239 g_iommus[iommu->seq_id] = NULL;
1241 /* if all iommus are freed, free g_iommus */
1242 for (i = 0; i < g_num_of_iommus; i++) {
1247 if (i == g_num_of_iommus)
1250 /* free context mapping */
1251 free_context_table(iommu);
1254 static struct dmar_domain *alloc_domain(void)
1256 struct dmar_domain *domain;
1258 domain = alloc_domain_mem();
1262 memset(&domain->iommu_bmp, 0, sizeof(unsigned long));
1268 static int iommu_attach_domain(struct dmar_domain *domain,
1269 struct intel_iommu *iommu)
1272 unsigned long ndomains;
1273 unsigned long flags;
1275 ndomains = cap_ndoms(iommu->cap);
1277 spin_lock_irqsave(&iommu->lock, flags);
1279 num = find_first_zero_bit(iommu->domain_ids, ndomains);
1280 if (num >= ndomains) {
1281 spin_unlock_irqrestore(&iommu->lock, flags);
1282 printk(KERN_ERR "IOMMU: no free domain ids\n");
1287 set_bit(num, iommu->domain_ids);
1288 set_bit(iommu->seq_id, &domain->iommu_bmp);
1289 iommu->domains[num] = domain;
1290 spin_unlock_irqrestore(&iommu->lock, flags);
1295 static void iommu_detach_domain(struct dmar_domain *domain,
1296 struct intel_iommu *iommu)
1298 unsigned long flags;
1302 spin_lock_irqsave(&iommu->lock, flags);
1303 ndomains = cap_ndoms(iommu->cap);
1304 num = find_first_bit(iommu->domain_ids, ndomains);
1305 for (; num < ndomains; ) {
1306 if (iommu->domains[num] == domain) {
1310 num = find_next_bit(iommu->domain_ids,
1311 cap_ndoms(iommu->cap), num+1);
1315 clear_bit(num, iommu->domain_ids);
1316 clear_bit(iommu->seq_id, &domain->iommu_bmp);
1317 iommu->domains[num] = NULL;
1319 spin_unlock_irqrestore(&iommu->lock, flags);
1322 static struct iova_domain reserved_iova_list;
1323 static struct lock_class_key reserved_rbtree_key;
1325 static void dmar_init_reserved_ranges(void)
1327 struct pci_dev *pdev = NULL;
1331 init_iova_domain(&reserved_iova_list, DMA_32BIT_PFN);
1333 lockdep_set_class(&reserved_iova_list.iova_rbtree_lock,
1334 &reserved_rbtree_key);
1336 /* IOAPIC ranges shouldn't be accessed by DMA */
1337 iova = reserve_iova(&reserved_iova_list, IOVA_PFN(IOAPIC_RANGE_START),
1338 IOVA_PFN(IOAPIC_RANGE_END));
1340 printk(KERN_ERR "Reserve IOAPIC range failed\n");
1342 /* Reserve all PCI MMIO to avoid peer-to-peer access */
1343 for_each_pci_dev(pdev) {
1346 for (i = 0; i < PCI_NUM_RESOURCES; i++) {
1347 r = &pdev->resource[i];
1348 if (!r->flags || !(r->flags & IORESOURCE_MEM))
1350 iova = reserve_iova(&reserved_iova_list,
1354 printk(KERN_ERR "Reserve iova failed\n");
1360 static void domain_reserve_special_ranges(struct dmar_domain *domain)
1362 copy_reserved_iova(&reserved_iova_list, &domain->iovad);
1365 static inline int guestwidth_to_adjustwidth(int gaw)
1368 int r = (gaw - 12) % 9;
1379 static int domain_init(struct dmar_domain *domain, int guest_width)
1381 struct intel_iommu *iommu;
1382 int adjust_width, agaw;
1383 unsigned long sagaw;
1385 init_iova_domain(&domain->iovad, DMA_32BIT_PFN);
1386 spin_lock_init(&domain->iommu_lock);
1388 domain_reserve_special_ranges(domain);
1390 /* calculate AGAW */
1391 iommu = domain_get_iommu(domain);
1392 if (guest_width > cap_mgaw(iommu->cap))
1393 guest_width = cap_mgaw(iommu->cap);
1394 domain->gaw = guest_width;
1395 adjust_width = guestwidth_to_adjustwidth(guest_width);
1396 agaw = width_to_agaw(adjust_width);
1397 sagaw = cap_sagaw(iommu->cap);
1398 if (!test_bit(agaw, &sagaw)) {
1399 /* hardware doesn't support it, choose a bigger one */
1400 pr_debug("IOMMU: hardware doesn't support agaw %d\n", agaw);
1401 agaw = find_next_bit(&sagaw, 5, agaw);
1405 domain->agaw = agaw;
1406 INIT_LIST_HEAD(&domain->devices);
1408 if (ecap_coherent(iommu->ecap))
1409 domain->iommu_coherency = 1;
1411 domain->iommu_coherency = 0;
1413 if (ecap_sc_support(iommu->ecap))
1414 domain->iommu_snooping = 1;
1416 domain->iommu_snooping = 0;
1418 domain->iommu_count = 1;
1420 /* always allocate the top pgd */
1421 domain->pgd = (struct dma_pte *)alloc_pgtable_page();
1424 __iommu_flush_cache(iommu, domain->pgd, PAGE_SIZE);
1428 static void domain_exit(struct dmar_domain *domain)
1430 struct dmar_drhd_unit *drhd;
1431 struct intel_iommu *iommu;
1433 /* Domain 0 is reserved, so dont process it */
1437 domain_remove_dev_info(domain);
1439 put_iova_domain(&domain->iovad);
1442 dma_pte_clear_range(domain, 0, DOMAIN_MAX_PFN(domain->gaw));
1444 /* free page tables */
1445 dma_pte_free_pagetable(domain, 0, DOMAIN_MAX_PFN(domain->gaw));
1447 for_each_active_iommu(iommu, drhd)
1448 if (test_bit(iommu->seq_id, &domain->iommu_bmp))
1449 iommu_detach_domain(domain, iommu);
1451 free_domain_mem(domain);
1454 static int domain_context_mapping_one(struct dmar_domain *domain, int segment,
1455 u8 bus, u8 devfn, int translation)
1457 struct context_entry *context;
1458 unsigned long flags;
1459 struct intel_iommu *iommu;
1460 struct dma_pte *pgd;
1462 unsigned long ndomains;
1465 struct device_domain_info *info = NULL;
1467 pr_debug("Set context mapping for %02x:%02x.%d\n",
1468 bus, PCI_SLOT(devfn), PCI_FUNC(devfn));
1470 BUG_ON(!domain->pgd);
1471 BUG_ON(translation != CONTEXT_TT_PASS_THROUGH &&
1472 translation != CONTEXT_TT_MULTI_LEVEL);
1474 iommu = device_to_iommu(segment, bus, devfn);
1478 context = device_to_context_entry(iommu, bus, devfn);
1481 spin_lock_irqsave(&iommu->lock, flags);
1482 if (context_present(context)) {
1483 spin_unlock_irqrestore(&iommu->lock, flags);
1490 if (domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE ||
1491 domain->flags & DOMAIN_FLAG_STATIC_IDENTITY) {
1494 /* find an available domain id for this device in iommu */
1495 ndomains = cap_ndoms(iommu->cap);
1496 num = find_first_bit(iommu->domain_ids, ndomains);
1497 for (; num < ndomains; ) {
1498 if (iommu->domains[num] == domain) {
1503 num = find_next_bit(iommu->domain_ids,
1504 cap_ndoms(iommu->cap), num+1);
1508 num = find_first_zero_bit(iommu->domain_ids, ndomains);
1509 if (num >= ndomains) {
1510 spin_unlock_irqrestore(&iommu->lock, flags);
1511 printk(KERN_ERR "IOMMU: no free domain ids\n");
1515 set_bit(num, iommu->domain_ids);
1516 iommu->domains[num] = domain;
1520 /* Skip top levels of page tables for
1521 * iommu which has less agaw than default.
1522 * Unnecessary for PT mode.
1524 if (translation != CONTEXT_TT_PASS_THROUGH) {
1525 for (agaw = domain->agaw; agaw != iommu->agaw; agaw--) {
1526 pgd = phys_to_virt(dma_pte_addr(pgd));
1527 if (!dma_pte_present(pgd)) {
1528 spin_unlock_irqrestore(&iommu->lock, flags);
1535 context_set_domain_id(context, id);
1537 if (translation != CONTEXT_TT_PASS_THROUGH) {
1538 info = iommu_support_dev_iotlb(domain, segment, bus, devfn);
1539 translation = info ? CONTEXT_TT_DEV_IOTLB :
1540 CONTEXT_TT_MULTI_LEVEL;
1543 * In pass through mode, AW must be programmed to indicate the largest
1544 * AGAW value supported by hardware. And ASR is ignored by hardware.
1546 if (unlikely(translation == CONTEXT_TT_PASS_THROUGH))
1547 context_set_address_width(context, iommu->msagaw);
1549 context_set_address_root(context, virt_to_phys(pgd));
1550 context_set_address_width(context, iommu->agaw);
1553 context_set_translation_type(context, translation);
1554 context_set_fault_enable(context);
1555 context_set_present(context);
1556 domain_flush_cache(domain, context, sizeof(*context));
1559 * It's a non-present to present mapping. If hardware doesn't cache
1560 * non-present entry we only need to flush the write-buffer. If the
1561 * _does_ cache non-present entries, then it does so in the special
1562 * domain #0, which we have to flush:
1564 if (cap_caching_mode(iommu->cap)) {
1565 iommu->flush.flush_context(iommu, 0,
1566 (((u16)bus) << 8) | devfn,
1567 DMA_CCMD_MASK_NOBIT,
1568 DMA_CCMD_DEVICE_INVL);
1569 iommu->flush.flush_iotlb(iommu, 0, 0, 0, DMA_TLB_DSI_FLUSH);
1571 iommu_flush_write_buffer(iommu);
1573 iommu_enable_dev_iotlb(info);
1574 spin_unlock_irqrestore(&iommu->lock, flags);
1576 spin_lock_irqsave(&domain->iommu_lock, flags);
1577 if (!test_and_set_bit(iommu->seq_id, &domain->iommu_bmp)) {
1578 domain->iommu_count++;
1579 domain_update_iommu_cap(domain);
1581 spin_unlock_irqrestore(&domain->iommu_lock, flags);
1586 domain_context_mapping(struct dmar_domain *domain, struct pci_dev *pdev,
1590 struct pci_dev *tmp, *parent;
1592 ret = domain_context_mapping_one(domain, pci_domain_nr(pdev->bus),
1593 pdev->bus->number, pdev->devfn,
1598 /* dependent device mapping */
1599 tmp = pci_find_upstream_pcie_bridge(pdev);
1602 /* Secondary interface's bus number and devfn 0 */
1603 parent = pdev->bus->self;
1604 while (parent != tmp) {
1605 ret = domain_context_mapping_one(domain,
1606 pci_domain_nr(parent->bus),
1607 parent->bus->number,
1608 parent->devfn, translation);
1611 parent = parent->bus->self;
1613 if (tmp->is_pcie) /* this is a PCIE-to-PCI bridge */
1614 return domain_context_mapping_one(domain,
1615 pci_domain_nr(tmp->subordinate),
1616 tmp->subordinate->number, 0,
1618 else /* this is a legacy PCI bridge */
1619 return domain_context_mapping_one(domain,
1620 pci_domain_nr(tmp->bus),
1626 static int domain_context_mapped(struct pci_dev *pdev)
1629 struct pci_dev *tmp, *parent;
1630 struct intel_iommu *iommu;
1632 iommu = device_to_iommu(pci_domain_nr(pdev->bus), pdev->bus->number,
1637 ret = device_context_mapped(iommu, pdev->bus->number, pdev->devfn);
1640 /* dependent device mapping */
1641 tmp = pci_find_upstream_pcie_bridge(pdev);
1644 /* Secondary interface's bus number and devfn 0 */
1645 parent = pdev->bus->self;
1646 while (parent != tmp) {
1647 ret = device_context_mapped(iommu, parent->bus->number,
1651 parent = parent->bus->self;
1654 return device_context_mapped(iommu, tmp->subordinate->number,
1657 return device_context_mapped(iommu, tmp->bus->number,
1661 /* Returns a number of VTD pages, but aligned to MM page size */
1662 static inline unsigned long aligned_nrpages(unsigned long host_addr,
1665 host_addr &= ~PAGE_MASK;
1666 return PAGE_ALIGN(host_addr + size) >> VTD_PAGE_SHIFT;
1669 static int __domain_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
1670 struct scatterlist *sg, unsigned long phys_pfn,
1671 unsigned long nr_pages, int prot)
1673 struct dma_pte *first_pte = NULL, *pte = NULL;
1674 phys_addr_t uninitialized_var(pteval);
1675 int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
1676 unsigned long sg_res;
1678 BUG_ON(addr_width < BITS_PER_LONG && (iov_pfn + nr_pages - 1) >> addr_width);
1680 if ((prot & (DMA_PTE_READ|DMA_PTE_WRITE)) == 0)
1683 prot &= DMA_PTE_READ | DMA_PTE_WRITE | DMA_PTE_SNP;
1688 sg_res = nr_pages + 1;
1689 pteval = ((phys_addr_t)phys_pfn << VTD_PAGE_SHIFT) | prot;
1692 while (nr_pages--) {
1696 sg_res = aligned_nrpages(sg->offset, sg->length);
1697 sg->dma_address = ((dma_addr_t)iov_pfn << VTD_PAGE_SHIFT) + sg->offset;
1698 sg->dma_length = sg->length;
1699 pteval = page_to_phys(sg_page(sg)) | prot;
1702 first_pte = pte = pfn_to_dma_pte(domain, iov_pfn);
1706 /* We don't need lock here, nobody else
1707 * touches the iova range
1709 tmp = cmpxchg64_local(&pte->val, 0ULL, pteval);
1711 static int dumps = 5;
1712 printk(KERN_CRIT "ERROR: DMA PTE for vPFN 0x%lx already set (to %llx not %llx)\n",
1713 iov_pfn, tmp, (unsigned long long)pteval);
1716 debug_dma_dump_mappings(NULL);
1721 if (!nr_pages || first_pte_in_page(pte)) {
1722 domain_flush_cache(domain, first_pte,
1723 (void *)pte - (void *)first_pte);
1727 pteval += VTD_PAGE_SIZE;
1735 static inline int domain_sg_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
1736 struct scatterlist *sg, unsigned long nr_pages,
1739 return __domain_mapping(domain, iov_pfn, sg, 0, nr_pages, prot);
1742 static inline int domain_pfn_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
1743 unsigned long phys_pfn, unsigned long nr_pages,
1746 return __domain_mapping(domain, iov_pfn, NULL, phys_pfn, nr_pages, prot);
1749 static void iommu_detach_dev(struct intel_iommu *iommu, u8 bus, u8 devfn)
1754 clear_context_table(iommu, bus, devfn);
1755 iommu->flush.flush_context(iommu, 0, 0, 0,
1756 DMA_CCMD_GLOBAL_INVL);
1757 iommu->flush.flush_iotlb(iommu, 0, 0, 0, DMA_TLB_GLOBAL_FLUSH);
1760 static void domain_remove_dev_info(struct dmar_domain *domain)
1762 struct device_domain_info *info;
1763 unsigned long flags;
1764 struct intel_iommu *iommu;
1766 spin_lock_irqsave(&device_domain_lock, flags);
1767 while (!list_empty(&domain->devices)) {
1768 info = list_entry(domain->devices.next,
1769 struct device_domain_info, link);
1770 list_del(&info->link);
1771 list_del(&info->global);
1773 info->dev->dev.archdata.iommu = NULL;
1774 spin_unlock_irqrestore(&device_domain_lock, flags);
1776 iommu_disable_dev_iotlb(info);
1777 iommu = device_to_iommu(info->segment, info->bus, info->devfn);
1778 iommu_detach_dev(iommu, info->bus, info->devfn);
1779 free_devinfo_mem(info);
1781 spin_lock_irqsave(&device_domain_lock, flags);
1783 spin_unlock_irqrestore(&device_domain_lock, flags);
1788 * Note: we use struct pci_dev->dev.archdata.iommu stores the info
1790 static struct dmar_domain *
1791 find_domain(struct pci_dev *pdev)
1793 struct device_domain_info *info;
1795 /* No lock here, assumes no domain exit in normal case */
1796 info = pdev->dev.archdata.iommu;
1798 return info->domain;
1802 /* domain is initialized */
1803 static struct dmar_domain *get_domain_for_dev(struct pci_dev *pdev, int gaw)
1805 struct dmar_domain *domain, *found = NULL;
1806 struct intel_iommu *iommu;
1807 struct dmar_drhd_unit *drhd;
1808 struct device_domain_info *info, *tmp;
1809 struct pci_dev *dev_tmp;
1810 unsigned long flags;
1811 int bus = 0, devfn = 0;
1815 domain = find_domain(pdev);
1819 segment = pci_domain_nr(pdev->bus);
1821 dev_tmp = pci_find_upstream_pcie_bridge(pdev);
1823 if (dev_tmp->is_pcie) {
1824 bus = dev_tmp->subordinate->number;
1827 bus = dev_tmp->bus->number;
1828 devfn = dev_tmp->devfn;
1830 spin_lock_irqsave(&device_domain_lock, flags);
1831 list_for_each_entry(info, &device_domain_list, global) {
1832 if (info->segment == segment &&
1833 info->bus == bus && info->devfn == devfn) {
1834 found = info->domain;
1838 spin_unlock_irqrestore(&device_domain_lock, flags);
1839 /* pcie-pci bridge already has a domain, uses it */
1846 domain = alloc_domain();
1850 /* Allocate new domain for the device */
1851 drhd = dmar_find_matched_drhd_unit(pdev);
1853 printk(KERN_ERR "IOMMU: can't find DMAR for device %s\n",
1857 iommu = drhd->iommu;
1859 ret = iommu_attach_domain(domain, iommu);
1861 domain_exit(domain);
1865 if (domain_init(domain, gaw)) {
1866 domain_exit(domain);
1870 /* register pcie-to-pci device */
1872 info = alloc_devinfo_mem();
1874 domain_exit(domain);
1877 info->segment = segment;
1879 info->devfn = devfn;
1881 info->domain = domain;
1882 /* This domain is shared by devices under p2p bridge */
1883 domain->flags |= DOMAIN_FLAG_P2P_MULTIPLE_DEVICES;
1885 /* pcie-to-pci bridge already has a domain, uses it */
1887 spin_lock_irqsave(&device_domain_lock, flags);
1888 list_for_each_entry(tmp, &device_domain_list, global) {
1889 if (tmp->segment == segment &&
1890 tmp->bus == bus && tmp->devfn == devfn) {
1891 found = tmp->domain;
1896 free_devinfo_mem(info);
1897 domain_exit(domain);
1900 list_add(&info->link, &domain->devices);
1901 list_add(&info->global, &device_domain_list);
1903 spin_unlock_irqrestore(&device_domain_lock, flags);
1907 info = alloc_devinfo_mem();
1910 info->segment = segment;
1911 info->bus = pdev->bus->number;
1912 info->devfn = pdev->devfn;
1914 info->domain = domain;
1915 spin_lock_irqsave(&device_domain_lock, flags);
1916 /* somebody is fast */
1917 found = find_domain(pdev);
1918 if (found != NULL) {
1919 spin_unlock_irqrestore(&device_domain_lock, flags);
1920 if (found != domain) {
1921 domain_exit(domain);
1924 free_devinfo_mem(info);
1927 list_add(&info->link, &domain->devices);
1928 list_add(&info->global, &device_domain_list);
1929 pdev->dev.archdata.iommu = info;
1930 spin_unlock_irqrestore(&device_domain_lock, flags);
1933 /* recheck it here, maybe others set it */
1934 return find_domain(pdev);
1937 static int iommu_identity_mapping;
1938 #define IDENTMAP_ALL 1
1939 #define IDENTMAP_GFX 2
1940 #define IDENTMAP_AZALIA 4
1942 static int iommu_domain_identity_map(struct dmar_domain *domain,
1943 unsigned long long start,
1944 unsigned long long end)
1946 unsigned long first_vpfn = start >> VTD_PAGE_SHIFT;
1947 unsigned long last_vpfn = end >> VTD_PAGE_SHIFT;
1949 if (!reserve_iova(&domain->iovad, dma_to_mm_pfn(first_vpfn),
1950 dma_to_mm_pfn(last_vpfn))) {
1951 printk(KERN_ERR "IOMMU: reserve iova failed\n");
1955 pr_debug("Mapping reserved region %llx-%llx for domain %d\n",
1956 start, end, domain->id);
1958 * RMRR range might have overlap with physical memory range,
1961 dma_pte_clear_range(domain, first_vpfn, last_vpfn);
1963 return domain_pfn_mapping(domain, first_vpfn, first_vpfn,
1964 last_vpfn - first_vpfn + 1,
1965 DMA_PTE_READ|DMA_PTE_WRITE);
1968 static int iommu_prepare_identity_map(struct pci_dev *pdev,
1969 unsigned long long start,
1970 unsigned long long end)
1972 struct dmar_domain *domain;
1975 domain = get_domain_for_dev(pdev, DEFAULT_DOMAIN_ADDRESS_WIDTH);
1979 /* For _hardware_ passthrough, don't bother. But for software
1980 passthrough, we do it anyway -- it may indicate a memory
1981 range which is reserved in E820, so which didn't get set
1982 up to start with in si_domain */
1983 if (domain == si_domain && hw_pass_through) {
1984 printk("Ignoring identity map for HW passthrough device %s [0x%Lx - 0x%Lx]\n",
1985 pci_name(pdev), start, end);
1990 "IOMMU: Setting identity map for device %s [0x%Lx - 0x%Lx]\n",
1991 pci_name(pdev), start, end);
1994 WARN(1, "Your BIOS is broken; RMRR ends before it starts!\n"
1995 "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
1996 dmi_get_system_info(DMI_BIOS_VENDOR),
1997 dmi_get_system_info(DMI_BIOS_VERSION),
1998 dmi_get_system_info(DMI_PRODUCT_VERSION));
2003 if (end >> agaw_to_width(domain->agaw)) {
2004 WARN(1, "Your BIOS is broken; RMRR exceeds permitted address width (%d bits)\n"
2005 "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
2006 agaw_to_width(domain->agaw),
2007 dmi_get_system_info(DMI_BIOS_VENDOR),
2008 dmi_get_system_info(DMI_BIOS_VERSION),
2009 dmi_get_system_info(DMI_PRODUCT_VERSION));
2014 ret = iommu_domain_identity_map(domain, start, end);
2018 /* context entry init */
2019 ret = domain_context_mapping(domain, pdev, CONTEXT_TT_MULTI_LEVEL);
2026 domain_exit(domain);
2030 static inline int iommu_prepare_rmrr_dev(struct dmar_rmrr_unit *rmrr,
2031 struct pci_dev *pdev)
2033 if (pdev->dev.archdata.iommu == DUMMY_DEVICE_DOMAIN_INFO)
2035 return iommu_prepare_identity_map(pdev, rmrr->base_address,
2036 rmrr->end_address + 1);
2039 #ifdef CONFIG_DMAR_FLOPPY_WA
2040 static inline void iommu_prepare_isa(void)
2042 struct pci_dev *pdev;
2045 pdev = pci_get_class(PCI_CLASS_BRIDGE_ISA << 8, NULL);
2049 printk(KERN_INFO "IOMMU: Prepare 0-16MiB unity mapping for LPC\n");
2050 ret = iommu_prepare_identity_map(pdev, 0, 16*1024*1024);
2053 printk(KERN_ERR "IOMMU: Failed to create 0-16MiB identity map; "
2054 "floppy might not work\n");
2058 static inline void iommu_prepare_isa(void)
2062 #endif /* !CONFIG_DMAR_FLPY_WA */
2064 static int md_domain_init(struct dmar_domain *domain, int guest_width);
2066 static int __init si_domain_work_fn(unsigned long start_pfn,
2067 unsigned long end_pfn, void *datax)
2071 *ret = iommu_domain_identity_map(si_domain,
2072 (uint64_t)start_pfn << PAGE_SHIFT,
2073 (uint64_t)end_pfn << PAGE_SHIFT);
2078 static int __init si_domain_init(int hw)
2080 struct dmar_drhd_unit *drhd;
2081 struct intel_iommu *iommu;
2084 si_domain = alloc_domain();
2088 pr_debug("Identity mapping domain is domain %d\n", si_domain->id);
2090 for_each_active_iommu(iommu, drhd) {
2091 ret = iommu_attach_domain(si_domain, iommu);
2093 domain_exit(si_domain);
2098 if (md_domain_init(si_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
2099 domain_exit(si_domain);
2103 si_domain->flags = DOMAIN_FLAG_STATIC_IDENTITY;
2108 for_each_online_node(nid) {
2109 work_with_active_regions(nid, si_domain_work_fn, &ret);
2117 static void domain_remove_one_dev_info(struct dmar_domain *domain,
2118 struct pci_dev *pdev);
2119 static int identity_mapping(struct pci_dev *pdev)
2121 struct device_domain_info *info;
2123 if (likely(!iommu_identity_mapping))
2127 list_for_each_entry(info, &si_domain->devices, link)
2128 if (info->dev == pdev)
2133 static int domain_add_dev_info(struct dmar_domain *domain,
2134 struct pci_dev *pdev,
2137 struct device_domain_info *info;
2138 unsigned long flags;
2141 info = alloc_devinfo_mem();
2145 ret = domain_context_mapping(domain, pdev, translation);
2147 free_devinfo_mem(info);
2151 info->segment = pci_domain_nr(pdev->bus);
2152 info->bus = pdev->bus->number;
2153 info->devfn = pdev->devfn;
2155 info->domain = domain;
2157 spin_lock_irqsave(&device_domain_lock, flags);
2158 list_add(&info->link, &domain->devices);
2159 list_add(&info->global, &device_domain_list);
2160 pdev->dev.archdata.iommu = info;
2161 spin_unlock_irqrestore(&device_domain_lock, flags);
2166 static int iommu_should_identity_map(struct pci_dev *pdev, int startup)
2168 if ((iommu_identity_mapping & IDENTMAP_AZALIA) && IS_AZALIA(pdev))
2171 if ((iommu_identity_mapping & IDENTMAP_GFX) && IS_GFX_DEVICE(pdev))
2174 if (!(iommu_identity_mapping & IDENTMAP_ALL))
2178 * We want to start off with all devices in the 1:1 domain, and
2179 * take them out later if we find they can't access all of memory.
2181 * However, we can't do this for PCI devices behind bridges,
2182 * because all PCI devices behind the same bridge will end up
2183 * with the same source-id on their transactions.
2185 * Practically speaking, we can't change things around for these
2186 * devices at run-time, because we can't be sure there'll be no
2187 * DMA transactions in flight for any of their siblings.
2189 * So PCI devices (unless they're on the root bus) as well as
2190 * their parent PCI-PCI or PCIe-PCI bridges must be left _out_ of
2191 * the 1:1 domain, just in _case_ one of their siblings turns out
2192 * not to be able to map all of memory.
2194 if (!pdev->is_pcie) {
2195 if (!pci_is_root_bus(pdev->bus))
2197 if (pdev->class >> 8 == PCI_CLASS_BRIDGE_PCI)
2199 } else if (pdev->pcie_type == PCI_EXP_TYPE_PCI_BRIDGE)
2203 * At boot time, we don't yet know if devices will be 64-bit capable.
2204 * Assume that they will -- if they turn out not to be, then we can
2205 * take them out of the 1:1 domain later.
2208 return pdev->dma_mask > DMA_BIT_MASK(32);
2213 static int __init iommu_prepare_static_identity_mapping(int hw)
2215 struct pci_dev *pdev = NULL;
2218 ret = si_domain_init(hw);
2222 for_each_pci_dev(pdev) {
2223 if (iommu_should_identity_map(pdev, 1)) {
2224 printk(KERN_INFO "IOMMU: %s identity mapping for device %s\n",
2225 hw ? "hardware" : "software", pci_name(pdev));
2227 ret = domain_add_dev_info(si_domain, pdev,
2228 hw ? CONTEXT_TT_PASS_THROUGH :
2229 CONTEXT_TT_MULTI_LEVEL);
2238 int __init init_dmars(void)
2240 struct dmar_drhd_unit *drhd;
2241 struct dmar_rmrr_unit *rmrr;
2242 struct pci_dev *pdev;
2243 struct intel_iommu *iommu;
2249 * initialize and program root entry to not present
2252 for_each_drhd_unit(drhd) {
2255 * lock not needed as this is only incremented in the single
2256 * threaded kernel __init code path all other access are read
2261 g_iommus = kcalloc(g_num_of_iommus, sizeof(struct intel_iommu *),
2264 printk(KERN_ERR "Allocating global iommu array failed\n");
2269 deferred_flush = kzalloc(g_num_of_iommus *
2270 sizeof(struct deferred_flush_tables), GFP_KERNEL);
2271 if (!deferred_flush) {
2276 for_each_drhd_unit(drhd) {
2280 iommu = drhd->iommu;
2281 g_iommus[iommu->seq_id] = iommu;
2283 ret = iommu_init_domains(iommu);
2289 * we could share the same root & context tables
2290 * amoung all IOMMU's. Need to Split it later.
2292 ret = iommu_alloc_root_entry(iommu);
2294 printk(KERN_ERR "IOMMU: allocate root entry failed\n");
2297 if (!ecap_pass_through(iommu->ecap))
2298 hw_pass_through = 0;
2302 * Start from the sane iommu hardware state.
2304 for_each_drhd_unit(drhd) {
2308 iommu = drhd->iommu;
2311 * If the queued invalidation is already initialized by us
2312 * (for example, while enabling interrupt-remapping) then
2313 * we got the things already rolling from a sane state.
2319 * Clear any previous faults.
2321 dmar_fault(-1, iommu);
2323 * Disable queued invalidation if supported and already enabled
2324 * before OS handover.
2326 dmar_disable_qi(iommu);
2329 for_each_drhd_unit(drhd) {
2333 iommu = drhd->iommu;
2335 if (dmar_enable_qi(iommu)) {
2337 * Queued Invalidate not enabled, use Register Based
2340 iommu->flush.flush_context = __iommu_flush_context;
2341 iommu->flush.flush_iotlb = __iommu_flush_iotlb;
2342 printk(KERN_INFO "IOMMU 0x%Lx: using Register based "
2344 (unsigned long long)drhd->reg_base_addr);
2346 iommu->flush.flush_context = qi_flush_context;
2347 iommu->flush.flush_iotlb = qi_flush_iotlb;
2348 printk(KERN_INFO "IOMMU 0x%Lx: using Queued "
2350 (unsigned long long)drhd->reg_base_addr);
2354 if (iommu_pass_through)
2355 iommu_identity_mapping |= IDENTMAP_ALL;
2357 #ifdef CONFIG_DMAR_BROKEN_GFX_WA
2358 iommu_identity_mapping |= IDENTMAP_GFX;
2361 check_tylersburg_isoch();
2364 * If pass through is not set or not enabled, setup context entries for
2365 * identity mappings for rmrr, gfx, and isa and may fall back to static
2366 * identity mapping if iommu_identity_mapping is set.
2368 if (iommu_identity_mapping) {
2369 ret = iommu_prepare_static_identity_mapping(hw_pass_through);
2371 printk(KERN_CRIT "Failed to setup IOMMU pass-through\n");
2377 * for each dev attached to rmrr
2379 * locate drhd for dev, alloc domain for dev
2380 * allocate free domain
2381 * allocate page table entries for rmrr
2382 * if context not allocated for bus
2383 * allocate and init context
2384 * set present in root table for this bus
2385 * init context with domain, translation etc
2389 printk(KERN_INFO "IOMMU: Setting RMRR:\n");
2390 for_each_rmrr_units(rmrr) {
2391 for (i = 0; i < rmrr->devices_cnt; i++) {
2392 pdev = rmrr->devices[i];
2394 * some BIOS lists non-exist devices in DMAR
2399 ret = iommu_prepare_rmrr_dev(rmrr, pdev);
2402 "IOMMU: mapping reserved region failed\n");
2406 iommu_prepare_isa();
2411 * global invalidate context cache
2412 * global invalidate iotlb
2413 * enable translation
2415 for_each_drhd_unit(drhd) {
2418 iommu = drhd->iommu;
2420 iommu_flush_write_buffer(iommu);
2422 ret = dmar_set_interrupt(iommu);
2426 iommu_set_root_entry(iommu);
2428 iommu->flush.flush_context(iommu, 0, 0, 0, DMA_CCMD_GLOBAL_INVL);
2429 iommu->flush.flush_iotlb(iommu, 0, 0, 0, DMA_TLB_GLOBAL_FLUSH);
2431 ret = iommu_enable_translation(iommu);
2435 iommu_disable_protect_mem_regions(iommu);
2440 for_each_drhd_unit(drhd) {
2443 iommu = drhd->iommu;
2450 /* This takes a number of _MM_ pages, not VTD pages */
2451 static struct iova *intel_alloc_iova(struct device *dev,
2452 struct dmar_domain *domain,
2453 unsigned long nrpages, uint64_t dma_mask)
2455 struct pci_dev *pdev = to_pci_dev(dev);
2456 struct iova *iova = NULL;
2458 /* Restrict dma_mask to the width that the iommu can handle */
2459 dma_mask = min_t(uint64_t, DOMAIN_MAX_ADDR(domain->gaw), dma_mask);
2461 if (!dmar_forcedac && dma_mask > DMA_BIT_MASK(32)) {
2463 * First try to allocate an io virtual address in
2464 * DMA_BIT_MASK(32) and if that fails then try allocating
2467 iova = alloc_iova(&domain->iovad, nrpages,
2468 IOVA_PFN(DMA_BIT_MASK(32)), 1);
2472 iova = alloc_iova(&domain->iovad, nrpages, IOVA_PFN(dma_mask), 1);
2473 if (unlikely(!iova)) {
2474 printk(KERN_ERR "Allocating %ld-page iova for %s failed",
2475 nrpages, pci_name(pdev));
2482 static struct dmar_domain *__get_valid_domain_for_dev(struct pci_dev *pdev)
2484 struct dmar_domain *domain;
2487 domain = get_domain_for_dev(pdev,
2488 DEFAULT_DOMAIN_ADDRESS_WIDTH);
2491 "Allocating domain for %s failed", pci_name(pdev));
2495 /* make sure context mapping is ok */
2496 if (unlikely(!domain_context_mapped(pdev))) {
2497 ret = domain_context_mapping(domain, pdev,
2498 CONTEXT_TT_MULTI_LEVEL);
2501 "Domain context map for %s failed",
2510 static inline struct dmar_domain *get_valid_domain_for_dev(struct pci_dev *dev)
2512 struct device_domain_info *info;
2514 /* No lock here, assumes no domain exit in normal case */
2515 info = dev->dev.archdata.iommu;
2517 return info->domain;
2519 return __get_valid_domain_for_dev(dev);
2522 static int iommu_dummy(struct pci_dev *pdev)
2524 return pdev->dev.archdata.iommu == DUMMY_DEVICE_DOMAIN_INFO;
2527 /* Check if the pdev needs to go through non-identity map and unmap process.*/
2528 static int iommu_no_mapping(struct device *dev)
2530 struct pci_dev *pdev;
2533 if (unlikely(dev->bus != &pci_bus_type))
2536 pdev = to_pci_dev(dev);
2537 if (iommu_dummy(pdev))
2540 if (!iommu_identity_mapping)
2543 found = identity_mapping(pdev);
2545 if (iommu_should_identity_map(pdev, 0))
2549 * 32 bit DMA is removed from si_domain and fall back
2550 * to non-identity mapping.
2552 domain_remove_one_dev_info(si_domain, pdev);
2553 printk(KERN_INFO "32bit %s uses non-identity mapping\n",
2559 * In case of a detached 64 bit DMA device from vm, the device
2560 * is put into si_domain for identity mapping.
2562 if (iommu_should_identity_map(pdev, 0)) {
2564 ret = domain_add_dev_info(si_domain, pdev,
2566 CONTEXT_TT_PASS_THROUGH :
2567 CONTEXT_TT_MULTI_LEVEL);
2569 printk(KERN_INFO "64bit %s uses identity mapping\n",
2579 static dma_addr_t __intel_map_single(struct device *hwdev, phys_addr_t paddr,
2580 size_t size, int dir, u64 dma_mask)
2582 struct pci_dev *pdev = to_pci_dev(hwdev);
2583 struct dmar_domain *domain;
2584 phys_addr_t start_paddr;
2588 struct intel_iommu *iommu;
2589 unsigned long paddr_pfn = paddr >> PAGE_SHIFT;
2591 BUG_ON(dir == DMA_NONE);
2593 if (iommu_no_mapping(hwdev))
2596 domain = get_valid_domain_for_dev(pdev);
2600 iommu = domain_get_iommu(domain);
2601 size = aligned_nrpages(paddr, size);
2603 iova = intel_alloc_iova(hwdev, domain, dma_to_mm_pfn(size),
2609 * Check if DMAR supports zero-length reads on write only
2612 if (dir == DMA_TO_DEVICE || dir == DMA_BIDIRECTIONAL || \
2613 !cap_zlr(iommu->cap))
2614 prot |= DMA_PTE_READ;
2615 if (dir == DMA_FROM_DEVICE || dir == DMA_BIDIRECTIONAL)
2616 prot |= DMA_PTE_WRITE;
2618 * paddr - (paddr + size) might be partial page, we should map the whole
2619 * page. Note: if two part of one page are separately mapped, we
2620 * might have two guest_addr mapping to the same host paddr, but this
2621 * is not a big problem
2623 ret = domain_pfn_mapping(domain, mm_to_dma_pfn(iova->pfn_lo),
2624 mm_to_dma_pfn(paddr_pfn), size, prot);
2628 /* it's a non-present to present mapping. Only flush if caching mode */
2629 if (cap_caching_mode(iommu->cap))
2630 iommu_flush_iotlb_psi(iommu, 0, mm_to_dma_pfn(iova->pfn_lo), size);
2632 iommu_flush_write_buffer(iommu);
2634 start_paddr = (phys_addr_t)iova->pfn_lo << PAGE_SHIFT;
2635 start_paddr += paddr & ~PAGE_MASK;
2640 __free_iova(&domain->iovad, iova);
2641 printk(KERN_ERR"Device %s request: %zx@%llx dir %d --- failed\n",
2642 pci_name(pdev), size, (unsigned long long)paddr, dir);
2646 static dma_addr_t intel_map_page(struct device *dev, struct page *page,
2647 unsigned long offset, size_t size,
2648 enum dma_data_direction dir,
2649 struct dma_attrs *attrs)
2651 return __intel_map_single(dev, page_to_phys(page) + offset, size,
2652 dir, to_pci_dev(dev)->dma_mask);
2655 static void flush_unmaps(void)
2661 /* just flush them all */
2662 for (i = 0; i < g_num_of_iommus; i++) {
2663 struct intel_iommu *iommu = g_iommus[i];
2667 if (!deferred_flush[i].next)
2670 iommu->flush.flush_iotlb(iommu, 0, 0, 0,
2671 DMA_TLB_GLOBAL_FLUSH);
2672 for (j = 0; j < deferred_flush[i].next; j++) {
2674 struct iova *iova = deferred_flush[i].iova[j];
2676 mask = ilog2(mm_to_dma_pfn(iova->pfn_hi - iova->pfn_lo + 1));
2677 iommu_flush_dev_iotlb(deferred_flush[i].domain[j],
2678 (uint64_t)iova->pfn_lo << PAGE_SHIFT, mask);
2679 __free_iova(&deferred_flush[i].domain[j]->iovad, iova);
2681 deferred_flush[i].next = 0;
2687 static void flush_unmaps_timeout(unsigned long data)
2689 unsigned long flags;
2691 spin_lock_irqsave(&async_umap_flush_lock, flags);
2693 spin_unlock_irqrestore(&async_umap_flush_lock, flags);
2696 static void add_unmap(struct dmar_domain *dom, struct iova *iova)
2698 unsigned long flags;
2700 struct intel_iommu *iommu;
2702 spin_lock_irqsave(&async_umap_flush_lock, flags);
2703 if (list_size == HIGH_WATER_MARK)
2706 iommu = domain_get_iommu(dom);
2707 iommu_id = iommu->seq_id;
2709 next = deferred_flush[iommu_id].next;
2710 deferred_flush[iommu_id].domain[next] = dom;
2711 deferred_flush[iommu_id].iova[next] = iova;
2712 deferred_flush[iommu_id].next++;
2715 mod_timer(&unmap_timer, jiffies + msecs_to_jiffies(10));
2719 spin_unlock_irqrestore(&async_umap_flush_lock, flags);
2722 static void intel_unmap_page(struct device *dev, dma_addr_t dev_addr,
2723 size_t size, enum dma_data_direction dir,
2724 struct dma_attrs *attrs)
2726 struct pci_dev *pdev = to_pci_dev(dev);
2727 struct dmar_domain *domain;
2728 unsigned long start_pfn, last_pfn;
2730 struct intel_iommu *iommu;
2732 if (iommu_no_mapping(dev))
2735 domain = find_domain(pdev);
2738 iommu = domain_get_iommu(domain);
2740 iova = find_iova(&domain->iovad, IOVA_PFN(dev_addr));
2741 if (WARN_ONCE(!iova, "Driver unmaps unmatched page at PFN %llx\n",
2742 (unsigned long long)dev_addr))
2745 start_pfn = mm_to_dma_pfn(iova->pfn_lo);
2746 last_pfn = mm_to_dma_pfn(iova->pfn_hi + 1) - 1;
2748 pr_debug("Device %s unmapping: pfn %lx-%lx\n",
2749 pci_name(pdev), start_pfn, last_pfn);
2751 /* clear the whole page */
2752 dma_pte_clear_range(domain, start_pfn, last_pfn);
2754 /* free page tables */
2755 dma_pte_free_pagetable(domain, start_pfn, last_pfn);
2757 if (intel_iommu_strict) {
2758 iommu_flush_iotlb_psi(iommu, domain->id, start_pfn,
2759 last_pfn - start_pfn + 1);
2761 __free_iova(&domain->iovad, iova);
2763 add_unmap(domain, iova);
2765 * queue up the release of the unmap to save the 1/6th of the
2766 * cpu used up by the iotlb flush operation...
2771 static void *intel_alloc_coherent(struct device *hwdev, size_t size,
2772 dma_addr_t *dma_handle, gfp_t flags)
2777 size = PAGE_ALIGN(size);
2778 order = get_order(size);
2780 if (!iommu_no_mapping(hwdev))
2781 flags &= ~(GFP_DMA | GFP_DMA32);
2782 else if (hwdev->coherent_dma_mask < dma_get_required_mask(hwdev)) {
2783 if (hwdev->coherent_dma_mask < DMA_BIT_MASK(32))
2789 vaddr = (void *)__get_free_pages(flags, order);
2792 memset(vaddr, 0, size);
2794 *dma_handle = __intel_map_single(hwdev, virt_to_bus(vaddr), size,
2796 hwdev->coherent_dma_mask);
2799 free_pages((unsigned long)vaddr, order);
2803 static void intel_free_coherent(struct device *hwdev, size_t size, void *vaddr,
2804 dma_addr_t dma_handle)
2808 size = PAGE_ALIGN(size);
2809 order = get_order(size);
2811 intel_unmap_page(hwdev, dma_handle, size, DMA_BIDIRECTIONAL, NULL);
2812 free_pages((unsigned long)vaddr, order);
2815 static void intel_unmap_sg(struct device *hwdev, struct scatterlist *sglist,
2816 int nelems, enum dma_data_direction dir,
2817 struct dma_attrs *attrs)
2819 struct pci_dev *pdev = to_pci_dev(hwdev);
2820 struct dmar_domain *domain;
2821 unsigned long start_pfn, last_pfn;
2823 struct intel_iommu *iommu;
2825 if (iommu_no_mapping(hwdev))
2828 domain = find_domain(pdev);
2831 iommu = domain_get_iommu(domain);
2833 iova = find_iova(&domain->iovad, IOVA_PFN(sglist[0].dma_address));
2834 if (WARN_ONCE(!iova, "Driver unmaps unmatched sglist at PFN %llx\n",
2835 (unsigned long long)sglist[0].dma_address))
2838 start_pfn = mm_to_dma_pfn(iova->pfn_lo);
2839 last_pfn = mm_to_dma_pfn(iova->pfn_hi + 1) - 1;
2841 /* clear the whole page */
2842 dma_pte_clear_range(domain, start_pfn, last_pfn);
2844 /* free page tables */
2845 dma_pte_free_pagetable(domain, start_pfn, last_pfn);
2847 if (intel_iommu_strict) {
2848 iommu_flush_iotlb_psi(iommu, domain->id, start_pfn,
2849 last_pfn - start_pfn + 1);
2851 __free_iova(&domain->iovad, iova);
2853 add_unmap(domain, iova);
2855 * queue up the release of the unmap to save the 1/6th of the
2856 * cpu used up by the iotlb flush operation...
2861 static int intel_nontranslate_map_sg(struct device *hddev,
2862 struct scatterlist *sglist, int nelems, int dir)
2865 struct scatterlist *sg;
2867 for_each_sg(sglist, sg, nelems, i) {
2868 BUG_ON(!sg_page(sg));
2869 sg->dma_address = page_to_phys(sg_page(sg)) + sg->offset;
2870 sg->dma_length = sg->length;
2875 static int intel_map_sg(struct device *hwdev, struct scatterlist *sglist, int nelems,
2876 enum dma_data_direction dir, struct dma_attrs *attrs)
2879 struct pci_dev *pdev = to_pci_dev(hwdev);
2880 struct dmar_domain *domain;
2883 size_t offset_pfn = 0;
2884 struct iova *iova = NULL;
2886 struct scatterlist *sg;
2887 unsigned long start_vpfn;
2888 struct intel_iommu *iommu;
2890 BUG_ON(dir == DMA_NONE);
2891 if (iommu_no_mapping(hwdev))
2892 return intel_nontranslate_map_sg(hwdev, sglist, nelems, dir);
2894 domain = get_valid_domain_for_dev(pdev);
2898 iommu = domain_get_iommu(domain);
2900 for_each_sg(sglist, sg, nelems, i)
2901 size += aligned_nrpages(sg->offset, sg->length);
2903 iova = intel_alloc_iova(hwdev, domain, dma_to_mm_pfn(size),
2906 sglist->dma_length = 0;
2911 * Check if DMAR supports zero-length reads on write only
2914 if (dir == DMA_TO_DEVICE || dir == DMA_BIDIRECTIONAL || \
2915 !cap_zlr(iommu->cap))
2916 prot |= DMA_PTE_READ;
2917 if (dir == DMA_FROM_DEVICE || dir == DMA_BIDIRECTIONAL)
2918 prot |= DMA_PTE_WRITE;
2920 start_vpfn = mm_to_dma_pfn(iova->pfn_lo);
2922 ret = domain_sg_mapping(domain, start_vpfn, sglist, size, prot);
2923 if (unlikely(ret)) {
2924 /* clear the page */
2925 dma_pte_clear_range(domain, start_vpfn,
2926 start_vpfn + size - 1);
2927 /* free page tables */
2928 dma_pte_free_pagetable(domain, start_vpfn,
2929 start_vpfn + size - 1);
2931 __free_iova(&domain->iovad, iova);
2935 /* it's a non-present to present mapping. Only flush if caching mode */
2936 if (cap_caching_mode(iommu->cap))
2937 iommu_flush_iotlb_psi(iommu, 0, start_vpfn, offset_pfn);
2939 iommu_flush_write_buffer(iommu);
2944 static int intel_mapping_error(struct device *dev, dma_addr_t dma_addr)
2949 struct dma_map_ops intel_dma_ops = {
2950 .alloc_coherent = intel_alloc_coherent,
2951 .free_coherent = intel_free_coherent,
2952 .map_sg = intel_map_sg,
2953 .unmap_sg = intel_unmap_sg,
2954 .map_page = intel_map_page,
2955 .unmap_page = intel_unmap_page,
2956 .mapping_error = intel_mapping_error,
2959 static inline int iommu_domain_cache_init(void)
2963 iommu_domain_cache = kmem_cache_create("iommu_domain",
2964 sizeof(struct dmar_domain),
2969 if (!iommu_domain_cache) {
2970 printk(KERN_ERR "Couldn't create iommu_domain cache\n");
2977 static inline int iommu_devinfo_cache_init(void)
2981 iommu_devinfo_cache = kmem_cache_create("iommu_devinfo",
2982 sizeof(struct device_domain_info),
2986 if (!iommu_devinfo_cache) {
2987 printk(KERN_ERR "Couldn't create devinfo cache\n");
2994 static inline int iommu_iova_cache_init(void)
2998 iommu_iova_cache = kmem_cache_create("iommu_iova",
2999 sizeof(struct iova),
3003 if (!iommu_iova_cache) {
3004 printk(KERN_ERR "Couldn't create iova cache\n");
3011 static int __init iommu_init_mempool(void)
3014 ret = iommu_iova_cache_init();
3018 ret = iommu_domain_cache_init();
3022 ret = iommu_devinfo_cache_init();
3026 kmem_cache_destroy(iommu_domain_cache);
3028 kmem_cache_destroy(iommu_iova_cache);
3033 static void __init iommu_exit_mempool(void)
3035 kmem_cache_destroy(iommu_devinfo_cache);
3036 kmem_cache_destroy(iommu_domain_cache);
3037 kmem_cache_destroy(iommu_iova_cache);
3041 static void __init init_no_remapping_devices(void)
3043 struct dmar_drhd_unit *drhd;
3045 for_each_drhd_unit(drhd) {
3046 if (!drhd->include_all) {
3048 for (i = 0; i < drhd->devices_cnt; i++)
3049 if (drhd->devices[i] != NULL)
3051 /* ignore DMAR unit if no pci devices exist */
3052 if (i == drhd->devices_cnt)
3060 for_each_drhd_unit(drhd) {
3062 if (drhd->ignored || drhd->include_all)
3065 for (i = 0; i < drhd->devices_cnt; i++)
3066 if (drhd->devices[i] &&
3067 !IS_GFX_DEVICE(drhd->devices[i]))
3070 if (i < drhd->devices_cnt)
3073 /* bypass IOMMU if it is just for gfx devices */
3075 for (i = 0; i < drhd->devices_cnt; i++) {
3076 if (!drhd->devices[i])
3078 drhd->devices[i]->dev.archdata.iommu = DUMMY_DEVICE_DOMAIN_INFO;
3083 #ifdef CONFIG_SUSPEND
3084 static int init_iommu_hw(void)
3086 struct dmar_drhd_unit *drhd;
3087 struct intel_iommu *iommu = NULL;
3089 for_each_active_iommu(iommu, drhd)
3091 dmar_reenable_qi(iommu);
3093 for_each_active_iommu(iommu, drhd) {
3094 iommu_flush_write_buffer(iommu);
3096 iommu_set_root_entry(iommu);
3098 iommu->flush.flush_context(iommu, 0, 0, 0,
3099 DMA_CCMD_GLOBAL_INVL);
3100 iommu->flush.flush_iotlb(iommu, 0, 0, 0,
3101 DMA_TLB_GLOBAL_FLUSH);
3102 iommu_enable_translation(iommu);
3103 iommu_disable_protect_mem_regions(iommu);
3109 static void iommu_flush_all(void)
3111 struct dmar_drhd_unit *drhd;
3112 struct intel_iommu *iommu;
3114 for_each_active_iommu(iommu, drhd) {
3115 iommu->flush.flush_context(iommu, 0, 0, 0,
3116 DMA_CCMD_GLOBAL_INVL);
3117 iommu->flush.flush_iotlb(iommu, 0, 0, 0,
3118 DMA_TLB_GLOBAL_FLUSH);
3122 static int iommu_suspend(struct sys_device *dev, pm_message_t state)
3124 struct dmar_drhd_unit *drhd;
3125 struct intel_iommu *iommu = NULL;
3128 for_each_active_iommu(iommu, drhd) {
3129 iommu->iommu_state = kzalloc(sizeof(u32) * MAX_SR_DMAR_REGS,
3131 if (!iommu->iommu_state)
3137 for_each_active_iommu(iommu, drhd) {
3138 iommu_disable_translation(iommu);
3140 spin_lock_irqsave(&iommu->register_lock, flag);
3142 iommu->iommu_state[SR_DMAR_FECTL_REG] =
3143 readl(iommu->reg + DMAR_FECTL_REG);
3144 iommu->iommu_state[SR_DMAR_FEDATA_REG] =
3145 readl(iommu->reg + DMAR_FEDATA_REG);
3146 iommu->iommu_state[SR_DMAR_FEADDR_REG] =
3147 readl(iommu->reg + DMAR_FEADDR_REG);
3148 iommu->iommu_state[SR_DMAR_FEUADDR_REG] =
3149 readl(iommu->reg + DMAR_FEUADDR_REG);
3151 spin_unlock_irqrestore(&iommu->register_lock, flag);
3156 for_each_active_iommu(iommu, drhd)
3157 kfree(iommu->iommu_state);
3162 static int iommu_resume(struct sys_device *dev)
3164 struct dmar_drhd_unit *drhd;
3165 struct intel_iommu *iommu = NULL;
3168 if (init_iommu_hw()) {
3169 WARN(1, "IOMMU setup failed, DMAR can not resume!\n");
3173 for_each_active_iommu(iommu, drhd) {
3175 spin_lock_irqsave(&iommu->register_lock, flag);
3177 writel(iommu->iommu_state[SR_DMAR_FECTL_REG],
3178 iommu->reg + DMAR_FECTL_REG);
3179 writel(iommu->iommu_state[SR_DMAR_FEDATA_REG],
3180 iommu->reg + DMAR_FEDATA_REG);
3181 writel(iommu->iommu_state[SR_DMAR_FEADDR_REG],
3182 iommu->reg + DMAR_FEADDR_REG);
3183 writel(iommu->iommu_state[SR_DMAR_FEUADDR_REG],
3184 iommu->reg + DMAR_FEUADDR_REG);
3186 spin_unlock_irqrestore(&iommu->register_lock, flag);
3189 for_each_active_iommu(iommu, drhd)
3190 kfree(iommu->iommu_state);
3195 static struct sysdev_class iommu_sysclass = {
3197 .resume = iommu_resume,
3198 .suspend = iommu_suspend,
3201 static struct sys_device device_iommu = {
3202 .cls = &iommu_sysclass,
3205 static int __init init_iommu_sysfs(void)
3209 error = sysdev_class_register(&iommu_sysclass);
3213 error = sysdev_register(&device_iommu);
3215 sysdev_class_unregister(&iommu_sysclass);
3221 static int __init init_iommu_sysfs(void)
3225 #endif /* CONFIG_PM */
3228 * Here we only respond to action of unbound device from driver.
3230 * Added device is not attached to its DMAR domain here yet. That will happen
3231 * when mapping the device to iova.
3233 static int device_notifier(struct notifier_block *nb,
3234 unsigned long action, void *data)
3236 struct device *dev = data;
3237 struct pci_dev *pdev = to_pci_dev(dev);
3238 struct dmar_domain *domain;
3240 if (iommu_no_mapping(dev))
3243 domain = find_domain(pdev);
3247 if (action == BUS_NOTIFY_UNBOUND_DRIVER && !iommu_pass_through)
3248 domain_remove_one_dev_info(domain, pdev);
3253 static struct notifier_block device_nb = {
3254 .notifier_call = device_notifier,
3257 int __init intel_iommu_init(void)
3262 /* VT-d is required for a TXT/tboot launch, so enforce that */
3263 force_on = tboot_force_iommu();
3265 if (dmar_table_init()) {
3267 panic("tboot: Failed to initialize DMAR table\n");
3271 if (dmar_dev_scope_init()) {
3273 panic("tboot: Failed to initialize DMAR device scope\n");
3278 * Check the need for DMA-remapping initialization now.
3279 * Above initialization will also be used by Interrupt-remapping.
3281 if (no_iommu || swiotlb || dmar_disabled)
3284 iommu_init_mempool();
3285 dmar_init_reserved_ranges();
3287 init_no_remapping_devices();
3292 panic("tboot: Failed to initialize DMARs\n");
3293 printk(KERN_ERR "IOMMU: dmar init failed\n");
3294 put_iova_domain(&reserved_iova_list);
3295 iommu_exit_mempool();
3299 "PCI-DMA: Intel(R) Virtualization Technology for Directed I/O\n");
3301 init_timer(&unmap_timer);
3303 dma_ops = &intel_dma_ops;
3307 register_iommu(&intel_iommu_ops);
3309 bus_register_notifier(&pci_bus_type, &device_nb);
3314 static void iommu_detach_dependent_devices(struct intel_iommu *iommu,
3315 struct pci_dev *pdev)
3317 struct pci_dev *tmp, *parent;
3319 if (!iommu || !pdev)
3322 /* dependent device detach */
3323 tmp = pci_find_upstream_pcie_bridge(pdev);
3324 /* Secondary interface's bus number and devfn 0 */
3326 parent = pdev->bus->self;
3327 while (parent != tmp) {
3328 iommu_detach_dev(iommu, parent->bus->number,
3330 parent = parent->bus->self;
3332 if (tmp->is_pcie) /* this is a PCIE-to-PCI bridge */
3333 iommu_detach_dev(iommu,
3334 tmp->subordinate->number, 0);
3335 else /* this is a legacy PCI bridge */
3336 iommu_detach_dev(iommu, tmp->bus->number,
3341 static void domain_remove_one_dev_info(struct dmar_domain *domain,
3342 struct pci_dev *pdev)
3344 struct device_domain_info *info;
3345 struct intel_iommu *iommu;
3346 unsigned long flags;
3348 struct list_head *entry, *tmp;
3350 iommu = device_to_iommu(pci_domain_nr(pdev->bus), pdev->bus->number,
3355 spin_lock_irqsave(&device_domain_lock, flags);
3356 list_for_each_safe(entry, tmp, &domain->devices) {
3357 info = list_entry(entry, struct device_domain_info, link);
3358 /* No need to compare PCI domain; it has to be the same */
3359 if (info->bus == pdev->bus->number &&
3360 info->devfn == pdev->devfn) {
3361 list_del(&info->link);
3362 list_del(&info->global);
3364 info->dev->dev.archdata.iommu = NULL;
3365 spin_unlock_irqrestore(&device_domain_lock, flags);
3367 iommu_disable_dev_iotlb(info);
3368 iommu_detach_dev(iommu, info->bus, info->devfn);
3369 iommu_detach_dependent_devices(iommu, pdev);
3370 free_devinfo_mem(info);
3372 spin_lock_irqsave(&device_domain_lock, flags);
3380 /* if there is no other devices under the same iommu
3381 * owned by this domain, clear this iommu in iommu_bmp
3382 * update iommu count and coherency
3384 if (iommu == device_to_iommu(info->segment, info->bus,
3390 unsigned long tmp_flags;
3391 spin_lock_irqsave(&domain->iommu_lock, tmp_flags);
3392 clear_bit(iommu->seq_id, &domain->iommu_bmp);
3393 domain->iommu_count--;
3394 domain_update_iommu_cap(domain);
3395 spin_unlock_irqrestore(&domain->iommu_lock, tmp_flags);
3398 spin_unlock_irqrestore(&device_domain_lock, flags);
3401 static void vm_domain_remove_all_dev_info(struct dmar_domain *domain)
3403 struct device_domain_info *info;
3404 struct intel_iommu *iommu;
3405 unsigned long flags1, flags2;
3407 spin_lock_irqsave(&device_domain_lock, flags1);
3408 while (!list_empty(&domain->devices)) {
3409 info = list_entry(domain->devices.next,
3410 struct device_domain_info, link);
3411 list_del(&info->link);
3412 list_del(&info->global);
3414 info->dev->dev.archdata.iommu = NULL;
3416 spin_unlock_irqrestore(&device_domain_lock, flags1);
3418 iommu_disable_dev_iotlb(info);
3419 iommu = device_to_iommu(info->segment, info->bus, info->devfn);
3420 iommu_detach_dev(iommu, info->bus, info->devfn);
3421 iommu_detach_dependent_devices(iommu, info->dev);
3423 /* clear this iommu in iommu_bmp, update iommu count
3426 spin_lock_irqsave(&domain->iommu_lock, flags2);
3427 if (test_and_clear_bit(iommu->seq_id,
3428 &domain->iommu_bmp)) {
3429 domain->iommu_count--;
3430 domain_update_iommu_cap(domain);
3432 spin_unlock_irqrestore(&domain->iommu_lock, flags2);
3434 free_devinfo_mem(info);
3435 spin_lock_irqsave(&device_domain_lock, flags1);
3437 spin_unlock_irqrestore(&device_domain_lock, flags1);
3440 /* domain id for virtual machine, it won't be set in context */
3441 static unsigned long vm_domid;
3443 static int vm_domain_min_agaw(struct dmar_domain *domain)
3446 int min_agaw = domain->agaw;
3448 i = find_first_bit(&domain->iommu_bmp, g_num_of_iommus);
3449 for (; i < g_num_of_iommus; ) {
3450 if (min_agaw > g_iommus[i]->agaw)
3451 min_agaw = g_iommus[i]->agaw;
3453 i = find_next_bit(&domain->iommu_bmp, g_num_of_iommus, i+1);
3459 static struct dmar_domain *iommu_alloc_vm_domain(void)
3461 struct dmar_domain *domain;
3463 domain = alloc_domain_mem();
3467 domain->id = vm_domid++;
3468 memset(&domain->iommu_bmp, 0, sizeof(unsigned long));
3469 domain->flags = DOMAIN_FLAG_VIRTUAL_MACHINE;
3474 static int md_domain_init(struct dmar_domain *domain, int guest_width)
3478 init_iova_domain(&domain->iovad, DMA_32BIT_PFN);
3479 spin_lock_init(&domain->iommu_lock);
3481 domain_reserve_special_ranges(domain);
3483 /* calculate AGAW */
3484 domain->gaw = guest_width;
3485 adjust_width = guestwidth_to_adjustwidth(guest_width);
3486 domain->agaw = width_to_agaw(adjust_width);
3488 INIT_LIST_HEAD(&domain->devices);
3490 domain->iommu_count = 0;
3491 domain->iommu_coherency = 0;
3492 domain->iommu_snooping = 0;
3493 domain->max_addr = 0;
3495 /* always allocate the top pgd */
3496 domain->pgd = (struct dma_pte *)alloc_pgtable_page();
3499 domain_flush_cache(domain, domain->pgd, PAGE_SIZE);
3503 static void iommu_free_vm_domain(struct dmar_domain *domain)
3505 unsigned long flags;
3506 struct dmar_drhd_unit *drhd;
3507 struct intel_iommu *iommu;
3509 unsigned long ndomains;
3511 for_each_drhd_unit(drhd) {
3514 iommu = drhd->iommu;
3516 ndomains = cap_ndoms(iommu->cap);
3517 i = find_first_bit(iommu->domain_ids, ndomains);
3518 for (; i < ndomains; ) {
3519 if (iommu->domains[i] == domain) {
3520 spin_lock_irqsave(&iommu->lock, flags);
3521 clear_bit(i, iommu->domain_ids);
3522 iommu->domains[i] = NULL;
3523 spin_unlock_irqrestore(&iommu->lock, flags);
3526 i = find_next_bit(iommu->domain_ids, ndomains, i+1);
3531 static void vm_domain_exit(struct dmar_domain *domain)
3533 /* Domain 0 is reserved, so dont process it */
3537 vm_domain_remove_all_dev_info(domain);
3539 put_iova_domain(&domain->iovad);
3542 dma_pte_clear_range(domain, 0, DOMAIN_MAX_PFN(domain->gaw));
3544 /* free page tables */
3545 dma_pte_free_pagetable(domain, 0, DOMAIN_MAX_PFN(domain->gaw));
3547 iommu_free_vm_domain(domain);
3548 free_domain_mem(domain);
3551 static int intel_iommu_domain_init(struct iommu_domain *domain)
3553 struct dmar_domain *dmar_domain;
3555 dmar_domain = iommu_alloc_vm_domain();
3558 "intel_iommu_domain_init: dmar_domain == NULL\n");
3561 if (md_domain_init(dmar_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
3563 "intel_iommu_domain_init() failed\n");
3564 vm_domain_exit(dmar_domain);
3567 domain->priv = dmar_domain;
3572 static void intel_iommu_domain_destroy(struct iommu_domain *domain)
3574 struct dmar_domain *dmar_domain = domain->priv;
3576 domain->priv = NULL;
3577 vm_domain_exit(dmar_domain);
3580 static int intel_iommu_attach_device(struct iommu_domain *domain,
3583 struct dmar_domain *dmar_domain = domain->priv;
3584 struct pci_dev *pdev = to_pci_dev(dev);
3585 struct intel_iommu *iommu;
3589 /* normally pdev is not mapped */
3590 if (unlikely(domain_context_mapped(pdev))) {
3591 struct dmar_domain *old_domain;
3593 old_domain = find_domain(pdev);
3595 if (dmar_domain->flags & DOMAIN_FLAG_VIRTUAL_MACHINE ||
3596 dmar_domain->flags & DOMAIN_FLAG_STATIC_IDENTITY)
3597 domain_remove_one_dev_info(old_domain, pdev);
3599 domain_remove_dev_info(old_domain);
3603 iommu = device_to_iommu(pci_domain_nr(pdev->bus), pdev->bus->number,
3608 /* check if this iommu agaw is sufficient for max mapped address */
3609 addr_width = agaw_to_width(iommu->agaw);
3610 end = DOMAIN_MAX_ADDR(addr_width);
3611 end = end & VTD_PAGE_MASK;
3612 if (end < dmar_domain->max_addr) {
3613 printk(KERN_ERR "%s: iommu agaw (%d) is not "
3614 "sufficient for the mapped address (%llx)\n",
3615 __func__, iommu->agaw, dmar_domain->max_addr);
3619 return domain_add_dev_info(dmar_domain, pdev, CONTEXT_TT_MULTI_LEVEL);
3622 static void intel_iommu_detach_device(struct iommu_domain *domain,
3625 struct dmar_domain *dmar_domain = domain->priv;
3626 struct pci_dev *pdev = to_pci_dev(dev);
3628 domain_remove_one_dev_info(dmar_domain, pdev);
3631 static int intel_iommu_map_range(struct iommu_domain *domain,
3632 unsigned long iova, phys_addr_t hpa,
3633 size_t size, int iommu_prot)
3635 struct dmar_domain *dmar_domain = domain->priv;
3641 if (iommu_prot & IOMMU_READ)
3642 prot |= DMA_PTE_READ;
3643 if (iommu_prot & IOMMU_WRITE)
3644 prot |= DMA_PTE_WRITE;
3645 if ((iommu_prot & IOMMU_CACHE) && dmar_domain->iommu_snooping)
3646 prot |= DMA_PTE_SNP;
3648 max_addr = iova + size;
3649 if (dmar_domain->max_addr < max_addr) {
3653 /* check if minimum agaw is sufficient for mapped address */
3654 min_agaw = vm_domain_min_agaw(dmar_domain);
3655 addr_width = agaw_to_width(min_agaw);
3656 end = DOMAIN_MAX_ADDR(addr_width);
3657 end = end & VTD_PAGE_MASK;
3658 if (end < max_addr) {
3659 printk(KERN_ERR "%s: iommu agaw (%d) is not "
3660 "sufficient for the mapped address (%llx)\n",
3661 __func__, min_agaw, max_addr);
3664 dmar_domain->max_addr = max_addr;
3666 /* Round up size to next multiple of PAGE_SIZE, if it and
3667 the low bits of hpa would take us onto the next page */
3668 size = aligned_nrpages(hpa, size);
3669 ret = domain_pfn_mapping(dmar_domain, iova >> VTD_PAGE_SHIFT,
3670 hpa >> VTD_PAGE_SHIFT, size, prot);
3674 static void intel_iommu_unmap_range(struct iommu_domain *domain,
3675 unsigned long iova, size_t size)
3677 struct dmar_domain *dmar_domain = domain->priv;
3682 dma_pte_clear_range(dmar_domain, iova >> VTD_PAGE_SHIFT,
3683 (iova + size - 1) >> VTD_PAGE_SHIFT);
3685 if (dmar_domain->max_addr == iova + size)
3686 dmar_domain->max_addr = iova;
3689 static phys_addr_t intel_iommu_iova_to_phys(struct iommu_domain *domain,
3692 struct dmar_domain *dmar_domain = domain->priv;
3693 struct dma_pte *pte;
3696 pte = pfn_to_dma_pte(dmar_domain, iova >> VTD_PAGE_SHIFT);
3698 phys = dma_pte_addr(pte);
3703 static int intel_iommu_domain_has_cap(struct iommu_domain *domain,
3706 struct dmar_domain *dmar_domain = domain->priv;
3708 if (cap == IOMMU_CAP_CACHE_COHERENCY)
3709 return dmar_domain->iommu_snooping;
3714 static struct iommu_ops intel_iommu_ops = {
3715 .domain_init = intel_iommu_domain_init,
3716 .domain_destroy = intel_iommu_domain_destroy,
3717 .attach_dev = intel_iommu_attach_device,
3718 .detach_dev = intel_iommu_detach_device,
3719 .map = intel_iommu_map_range,
3720 .unmap = intel_iommu_unmap_range,
3721 .iova_to_phys = intel_iommu_iova_to_phys,
3722 .domain_has_cap = intel_iommu_domain_has_cap,
3725 static void __devinit quirk_iommu_rwbf(struct pci_dev *dev)
3728 * Mobile 4 Series Chipset neglects to set RWBF capability,
3731 printk(KERN_INFO "DMAR: Forcing write-buffer flush capability\n");
3735 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2a40, quirk_iommu_rwbf);
3737 /* On Tylersburg chipsets, some BIOSes have been known to enable the
3738 ISOCH DMAR unit for the Azalia sound device, but not give it any
3739 TLB entries, which causes it to deadlock. Check for that. We do
3740 this in a function called from init_dmars(), instead of in a PCI
3741 quirk, because we don't want to print the obnoxious "BIOS broken"
3742 message if VT-d is actually disabled.
3744 static void __init check_tylersburg_isoch(void)
3746 struct pci_dev *pdev;
3747 uint32_t vtisochctrl;
3749 /* If there's no Azalia in the system anyway, forget it. */
3750 pdev = pci_get_device(PCI_VENDOR_ID_INTEL, 0x3a3e, NULL);
3755 /* System Management Registers. Might be hidden, in which case
3756 we can't do the sanity check. But that's OK, because the
3757 known-broken BIOSes _don't_ actually hide it, so far. */
3758 pdev = pci_get_device(PCI_VENDOR_ID_INTEL, 0x342e, NULL);
3762 if (pci_read_config_dword(pdev, 0x188, &vtisochctrl)) {
3769 /* If Azalia DMA is routed to the non-isoch DMAR unit, fine. */
3770 if (vtisochctrl & 1)
3773 /* Drop all bits other than the number of TLB entries */
3774 vtisochctrl &= 0x1c;
3776 /* If we have the recommended number of TLB entries (16), fine. */
3777 if (vtisochctrl == 0x10)
3780 /* Zero TLB entries? You get to ride the short bus to school. */
3782 WARN(1, "Your BIOS is broken; DMA routed to ISOCH DMAR unit but no TLB space.\n"
3783 "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
3784 dmi_get_system_info(DMI_BIOS_VENDOR),
3785 dmi_get_system_info(DMI_BIOS_VERSION),
3786 dmi_get_system_info(DMI_PRODUCT_VERSION));
3787 iommu_identity_mapping |= IDENTMAP_AZALIA;
3791 printk(KERN_WARNING "DMAR: Recommended TLB entries for ISOCH unit is 16; your BIOS set %d\n",
projects / firefly-linux-kernel-4.4.55.git / blob