1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright © 2006-2014 Intel Corporation.
4 *
5 * Authors: David Woodhouse <dwmw2@infradead.org>,
6 * Ashok Raj <ashok.raj@intel.com>,
7 * Shaohua Li <shaohua.li@intel.com>,
8 * Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>,
9 * Fenghua Yu <fenghua.yu@intel.com>
10 * Joerg Roedel <jroedel@suse.de>
11 */
12
13 #define pr_fmt(fmt) "DMAR: " fmt
14 #define dev_fmt(fmt) pr_fmt(fmt)
15
16 #include <linux/init.h>
17 #include <linux/bitmap.h>
18 #include <linux/debugfs.h>
19 #include <linux/export.h>
20 #include <linux/slab.h>
21 #include <linux/irq.h>
22 #include <linux/interrupt.h>
23 #include <linux/spinlock.h>
24 #include <linux/pci.h>
25 #include <linux/dmar.h>
26 #include <linux/dma-map-ops.h>
27 #include <linux/mempool.h>
28 #include <linux/memory.h>
29 #include <linux/cpu.h>
30 #include <linux/timer.h>
31 #include <linux/io.h>
32 #include <linux/iova.h>
33 #include <linux/iommu.h>
34 #include <linux/intel-iommu.h>
35 #include <linux/syscore_ops.h>
36 #include <linux/tboot.h>
37 #include <linux/dmi.h>
38 #include <linux/pci-ats.h>
39 #include <linux/memblock.h>
40 #include <linux/dma-map-ops.h>
41 #include <linux/dma-direct.h>
42 #include <linux/crash_dump.h>
43 #include <linux/numa.h>
44 #include <linux/swiotlb.h>
45 #include <asm/irq_remapping.h>
46 #include <asm/cacheflush.h>
47 #include <asm/iommu.h>
48 #include <trace/events/intel_iommu.h>
49
50 #include "../irq_remapping.h"
51 #include "pasid.h"
52
53 #define ROOT_SIZE VTD_PAGE_SIZE
54 #define CONTEXT_SIZE VTD_PAGE_SIZE
55
56 #define IS_GFX_DEVICE(pdev) ((pdev->class >> 16) == PCI_BASE_CLASS_DISPLAY)
57 #define IS_USB_DEVICE(pdev) ((pdev->class >> 8) == PCI_CLASS_SERIAL_USB)
58 #define IS_ISA_DEVICE(pdev) ((pdev->class >> 8) == PCI_CLASS_BRIDGE_ISA)
59 #define IS_AZALIA(pdev) ((pdev)->vendor == 0x8086 && (pdev)->device == 0x3a3e)
60
61 #define IOAPIC_RANGE_START (0xfee00000)
62 #define IOAPIC_RANGE_END (0xfeefffff)
63 #define IOVA_START_ADDR (0x1000)
64
65 #define DEFAULT_DOMAIN_ADDRESS_WIDTH 57
66
67 #define MAX_AGAW_WIDTH 64
68 #define MAX_AGAW_PFN_WIDTH (MAX_AGAW_WIDTH - VTD_PAGE_SHIFT)
69
70 #define __DOMAIN_MAX_PFN(gaw) ((((uint64_t)1) << (gaw-VTD_PAGE_SHIFT)) - 1)
71 #define __DOMAIN_MAX_ADDR(gaw) ((((uint64_t)1) << gaw) - 1)
72
73 /* We limit DOMAIN_MAX_PFN to fit in an unsigned long, and DOMAIN_MAX_ADDR
74 to match. That way, we can use 'unsigned long' for PFNs with impunity. */
75 #define DOMAIN_MAX_PFN(gaw) ((unsigned long) min_t(uint64_t, \
76 __DOMAIN_MAX_PFN(gaw), (unsigned long)-1))
77 #define DOMAIN_MAX_ADDR(gaw) (((uint64_t)__DOMAIN_MAX_PFN(gaw)) << VTD_PAGE_SHIFT)
78
79 /* IO virtual address start page frame number */
80 #define IOVA_START_PFN (1)
81
82 #define IOVA_PFN(addr) ((addr) >> PAGE_SHIFT)
83
84 /* page table handling */
85 #define LEVEL_STRIDE (9)
86 #define LEVEL_MASK (((u64)1 << LEVEL_STRIDE) - 1)
87
88 /*
89 * This bitmap is used to advertise the page sizes our hardware support
90 * to the IOMMU core, which will then use this information to split
91 * physically contiguous memory regions it is mapping into page sizes
92 * that we support.
93 *
94 * Traditionally the IOMMU core just handed us the mappings directly,
95 * after making sure the size is an order of a 4KiB page and that the
96 * mapping has natural alignment.
97 *
98 * To retain this behavior, we currently advertise that we support
99 * all page sizes that are an order of 4KiB.
100 *
101 * If at some point we'd like to utilize the IOMMU core's new behavior,
102 * we could change this to advertise the real page sizes we support.
103 */
104 #define INTEL_IOMMU_PGSIZES (~0xFFFUL)
105
agaw_to_level(int agaw)106 static inline int agaw_to_level(int agaw)
107 {
108 return agaw + 2;
109 }
110
agaw_to_width(int agaw)111 static inline int agaw_to_width(int agaw)
112 {
113 return min_t(int, 30 + agaw * LEVEL_STRIDE, MAX_AGAW_WIDTH);
114 }
115
width_to_agaw(int width)116 static inline int width_to_agaw(int width)
117 {
118 return DIV_ROUND_UP(width - 30, LEVEL_STRIDE);
119 }
120
level_to_offset_bits(int level)121 static inline unsigned int level_to_offset_bits(int level)
122 {
123 return (level - 1) * LEVEL_STRIDE;
124 }
125
pfn_level_offset(u64 pfn,int level)126 static inline int pfn_level_offset(u64 pfn, int level)
127 {
128 return (pfn >> level_to_offset_bits(level)) & LEVEL_MASK;
129 }
130
level_mask(int level)131 static inline u64 level_mask(int level)
132 {
133 return -1ULL << level_to_offset_bits(level);
134 }
135
level_size(int level)136 static inline u64 level_size(int level)
137 {
138 return 1ULL << level_to_offset_bits(level);
139 }
140
align_to_level(u64 pfn,int level)141 static inline u64 align_to_level(u64 pfn, int level)
142 {
143 return (pfn + level_size(level) - 1) & level_mask(level);
144 }
145
lvl_to_nr_pages(unsigned int lvl)146 static inline unsigned long lvl_to_nr_pages(unsigned int lvl)
147 {
148 return 1UL << min_t(int, (lvl - 1) * LEVEL_STRIDE, MAX_AGAW_PFN_WIDTH);
149 }
150
151 /* VT-d pages must always be _smaller_ than MM pages. Otherwise things
152 are never going to work. */
dma_to_mm_pfn(unsigned long dma_pfn)153 static inline unsigned long dma_to_mm_pfn(unsigned long dma_pfn)
154 {
155 return dma_pfn >> (PAGE_SHIFT - VTD_PAGE_SHIFT);
156 }
157
mm_to_dma_pfn(unsigned long mm_pfn)158 static inline unsigned long mm_to_dma_pfn(unsigned long mm_pfn)
159 {
160 return mm_pfn << (PAGE_SHIFT - VTD_PAGE_SHIFT);
161 }
page_to_dma_pfn(struct page * pg)162 static inline unsigned long page_to_dma_pfn(struct page *pg)
163 {
164 return mm_to_dma_pfn(page_to_pfn(pg));
165 }
virt_to_dma_pfn(void * p)166 static inline unsigned long virt_to_dma_pfn(void *p)
167 {
168 return page_to_dma_pfn(virt_to_page(p));
169 }
170
171 /* global iommu list, set NULL for ignored DMAR units */
172 static struct intel_iommu **g_iommus;
173
174 static void __init check_tylersburg_isoch(void);
175 static int rwbf_quirk;
176
177 /*
178 * set to 1 to panic kernel if can't successfully enable VT-d
179 * (used when kernel is launched w/ TXT)
180 */
181 static int force_on = 0;
182 static int intel_iommu_tboot_noforce;
183 static int no_platform_optin;
184
185 #define ROOT_ENTRY_NR (VTD_PAGE_SIZE/sizeof(struct root_entry))
186
187 /*
188 * Take a root_entry and return the Lower Context Table Pointer (LCTP)
189 * if marked present.
190 */
root_entry_lctp(struct root_entry * re)191 static phys_addr_t root_entry_lctp(struct root_entry *re)
192 {
193 if (!(re->lo & 1))
194 return 0;
195
196 return re->lo & VTD_PAGE_MASK;
197 }
198
199 /*
200 * Take a root_entry and return the Upper Context Table Pointer (UCTP)
201 * if marked present.
202 */
root_entry_uctp(struct root_entry * re)203 static phys_addr_t root_entry_uctp(struct root_entry *re)
204 {
205 if (!(re->hi & 1))
206 return 0;
207
208 return re->hi & VTD_PAGE_MASK;
209 }
210
context_clear_pasid_enable(struct context_entry * context)211 static inline void context_clear_pasid_enable(struct context_entry *context)
212 {
213 context->lo &= ~(1ULL << 11);
214 }
215
context_pasid_enabled(struct context_entry * context)216 static inline bool context_pasid_enabled(struct context_entry *context)
217 {
218 return !!(context->lo & (1ULL << 11));
219 }
220
context_set_copied(struct context_entry * context)221 static inline void context_set_copied(struct context_entry *context)
222 {
223 context->hi |= (1ull << 3);
224 }
225
context_copied(struct context_entry * context)226 static inline bool context_copied(struct context_entry *context)
227 {
228 return !!(context->hi & (1ULL << 3));
229 }
230
__context_present(struct context_entry * context)231 static inline bool __context_present(struct context_entry *context)
232 {
233 return (context->lo & 1);
234 }
235
context_present(struct context_entry * context)236 bool context_present(struct context_entry *context)
237 {
238 return context_pasid_enabled(context) ?
239 __context_present(context) :
240 __context_present(context) && !context_copied(context);
241 }
242
context_set_present(struct context_entry * context)243 static inline void context_set_present(struct context_entry *context)
244 {
245 context->lo |= 1;
246 }
247
context_set_fault_enable(struct context_entry * context)248 static inline void context_set_fault_enable(struct context_entry *context)
249 {
250 context->lo &= (((u64)-1) << 2) | 1;
251 }
252
context_set_translation_type(struct context_entry * context,unsigned long value)253 static inline void context_set_translation_type(struct context_entry *context,
254 unsigned long value)
255 {
256 context->lo &= (((u64)-1) << 4) | 3;
257 context->lo |= (value & 3) << 2;
258 }
259
context_set_address_root(struct context_entry * context,unsigned long value)260 static inline void context_set_address_root(struct context_entry *context,
261 unsigned long value)
262 {
263 context->lo &= ~VTD_PAGE_MASK;
264 context->lo |= value & VTD_PAGE_MASK;
265 }
266
context_set_address_width(struct context_entry * context,unsigned long value)267 static inline void context_set_address_width(struct context_entry *context,
268 unsigned long value)
269 {
270 context->hi |= value & 7;
271 }
272
context_set_domain_id(struct context_entry * context,unsigned long value)273 static inline void context_set_domain_id(struct context_entry *context,
274 unsigned long value)
275 {
276 context->hi |= (value & ((1 << 16) - 1)) << 8;
277 }
278
context_domain_id(struct context_entry * c)279 static inline int context_domain_id(struct context_entry *c)
280 {
281 return((c->hi >> 8) & 0xffff);
282 }
283
context_clear_entry(struct context_entry * context)284 static inline void context_clear_entry(struct context_entry *context)
285 {
286 context->lo = 0;
287 context->hi = 0;
288 }
289
290 /*
291 * This domain is a statically identity mapping domain.
292 * 1. This domain creats a static 1:1 mapping to all usable memory.
293 * 2. It maps to each iommu if successful.
294 * 3. Each iommu mapps to this domain if successful.
295 */
296 static struct dmar_domain *si_domain;
297 static int hw_pass_through = 1;
298
299 #define for_each_domain_iommu(idx, domain) \
300 for (idx = 0; idx < g_num_of_iommus; idx++) \
301 if (domain->iommu_refcnt[idx])
302
303 struct dmar_rmrr_unit {
304 struct list_head list; /* list of rmrr units */
305 struct acpi_dmar_header *hdr; /* ACPI header */
306 u64 base_address; /* reserved base address*/
307 u64 end_address; /* reserved end address */
308 struct dmar_dev_scope *devices; /* target devices */
309 int devices_cnt; /* target device count */
310 };
311
312 struct dmar_atsr_unit {
313 struct list_head list; /* list of ATSR units */
314 struct acpi_dmar_header *hdr; /* ACPI header */
315 struct dmar_dev_scope *devices; /* target devices */
316 int devices_cnt; /* target device count */
317 u8 include_all:1; /* include all ports */
318 };
319
320 static LIST_HEAD(dmar_atsr_units);
321 static LIST_HEAD(dmar_rmrr_units);
322
323 #define for_each_rmrr_units(rmrr) \
324 list_for_each_entry(rmrr, &dmar_rmrr_units, list)
325
326 /* bitmap for indexing intel_iommus */
327 static int g_num_of_iommus;
328
329 static void domain_exit(struct dmar_domain *domain);
330 static void domain_remove_dev_info(struct dmar_domain *domain);
331 static void dmar_remove_one_dev_info(struct device *dev);
332 static void __dmar_remove_one_dev_info(struct device_domain_info *info);
333 static int intel_iommu_attach_device(struct iommu_domain *domain,
334 struct device *dev);
335 static phys_addr_t intel_iommu_iova_to_phys(struct iommu_domain *domain,
336 dma_addr_t iova);
337
338 #ifdef CONFIG_INTEL_IOMMU_DEFAULT_ON
339 int dmar_disabled = 0;
340 #else
341 int dmar_disabled = 1;
342 #endif /* CONFIG_INTEL_IOMMU_DEFAULT_ON */
343
344 #ifdef CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON
345 int intel_iommu_sm = 1;
346 #else
347 int intel_iommu_sm;
348 #endif /* CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON */
349
350 int intel_iommu_enabled = 0;
351 EXPORT_SYMBOL_GPL(intel_iommu_enabled);
352
353 static int dmar_map_gfx = 1;
354 static int dmar_forcedac;
355 static int intel_iommu_strict;
356 static int intel_iommu_superpage = 1;
357 static int iommu_identity_mapping;
358 static int intel_no_bounce;
359 static int iommu_skip_te_disable;
360
361 #define IDENTMAP_GFX 2
362 #define IDENTMAP_AZALIA 4
363
364 int intel_iommu_gfx_mapped;
365 EXPORT_SYMBOL_GPL(intel_iommu_gfx_mapped);
366
367 #define DEFER_DEVICE_DOMAIN_INFO ((struct device_domain_info *)(-2))
get_domain_info(struct device * dev)368 struct device_domain_info *get_domain_info(struct device *dev)
369 {
370 struct device_domain_info *info;
371
372 if (!dev)
373 return NULL;
374
375 info = dev_iommu_priv_get(dev);
376 if (unlikely(info == DEFER_DEVICE_DOMAIN_INFO))
377 return NULL;
378
379 return info;
380 }
381
382 DEFINE_SPINLOCK(device_domain_lock);
383 static LIST_HEAD(device_domain_list);
384
385 #define device_needs_bounce(d) (!intel_no_bounce && dev_is_pci(d) && \
386 to_pci_dev(d)->untrusted)
387
388 /*
389 * Iterate over elements in device_domain_list and call the specified
390 * callback @fn against each element.
391 */
for_each_device_domain(int (* fn)(struct device_domain_info * info,void * data),void * data)392 int for_each_device_domain(int (*fn)(struct device_domain_info *info,
393 void *data), void *data)
394 {
395 int ret = 0;
396 unsigned long flags;
397 struct device_domain_info *info;
398
399 spin_lock_irqsave(&device_domain_lock, flags);
400 list_for_each_entry(info, &device_domain_list, global) {
401 ret = fn(info, data);
402 if (ret) {
403 spin_unlock_irqrestore(&device_domain_lock, flags);
404 return ret;
405 }
406 }
407 spin_unlock_irqrestore(&device_domain_lock, flags);
408
409 return 0;
410 }
411
412 const struct iommu_ops intel_iommu_ops;
413
translation_pre_enabled(struct intel_iommu * iommu)414 static bool translation_pre_enabled(struct intel_iommu *iommu)
415 {
416 return (iommu->flags & VTD_FLAG_TRANS_PRE_ENABLED);
417 }
418
clear_translation_pre_enabled(struct intel_iommu * iommu)419 static void clear_translation_pre_enabled(struct intel_iommu *iommu)
420 {
421 iommu->flags &= ~VTD_FLAG_TRANS_PRE_ENABLED;
422 }
423
init_translation_status(struct intel_iommu * iommu)424 static void init_translation_status(struct intel_iommu *iommu)
425 {
426 u32 gsts;
427
428 gsts = readl(iommu->reg + DMAR_GSTS_REG);
429 if (gsts & DMA_GSTS_TES)
430 iommu->flags |= VTD_FLAG_TRANS_PRE_ENABLED;
431 }
432
intel_iommu_setup(char * str)433 static int __init intel_iommu_setup(char *str)
434 {
435 if (!str)
436 return -EINVAL;
437 while (*str) {
438 if (!strncmp(str, "on", 2)) {
439 dmar_disabled = 0;
440 pr_info("IOMMU enabled\n");
441 } else if (!strncmp(str, "off", 3)) {
442 dmar_disabled = 1;
443 no_platform_optin = 1;
444 pr_info("IOMMU disabled\n");
445 } else if (!strncmp(str, "igfx_off", 8)) {
446 dmar_map_gfx = 0;
447 pr_info("Disable GFX device mapping\n");
448 } else if (!strncmp(str, "forcedac", 8)) {
449 pr_info("Forcing DAC for PCI devices\n");
450 dmar_forcedac = 1;
451 } else if (!strncmp(str, "strict", 6)) {
452 pr_info("Disable batched IOTLB flush\n");
453 intel_iommu_strict = 1;
454 } else if (!strncmp(str, "sp_off", 6)) {
455 pr_info("Disable supported super page\n");
456 intel_iommu_superpage = 0;
457 } else if (!strncmp(str, "sm_on", 5)) {
458 pr_info("Intel-IOMMU: scalable mode supported\n");
459 intel_iommu_sm = 1;
460 } else if (!strncmp(str, "tboot_noforce", 13)) {
461 pr_info("Intel-IOMMU: not forcing on after tboot. This could expose security risk for tboot\n");
462 intel_iommu_tboot_noforce = 1;
463 } else if (!strncmp(str, "nobounce", 8)) {
464 pr_info("Intel-IOMMU: No bounce buffer. This could expose security risks of DMA attacks\n");
465 intel_no_bounce = 1;
466 }
467
468 str += strcspn(str, ",");
469 while (*str == ',')
470 str++;
471 }
472 return 0;
473 }
474 __setup("intel_iommu=", intel_iommu_setup);
475
476 static struct kmem_cache *iommu_domain_cache;
477 static struct kmem_cache *iommu_devinfo_cache;
478
get_iommu_domain(struct intel_iommu * iommu,u16 did)479 static struct dmar_domain* get_iommu_domain(struct intel_iommu *iommu, u16 did)
480 {
481 struct dmar_domain **domains;
482 int idx = did >> 8;
483
484 domains = iommu->domains[idx];
485 if (!domains)
486 return NULL;
487
488 return domains[did & 0xff];
489 }
490
set_iommu_domain(struct intel_iommu * iommu,u16 did,struct dmar_domain * domain)491 static void set_iommu_domain(struct intel_iommu *iommu, u16 did,
492 struct dmar_domain *domain)
493 {
494 struct dmar_domain **domains;
495 int idx = did >> 8;
496
497 if (!iommu->domains[idx]) {
498 size_t size = 256 * sizeof(struct dmar_domain *);
499 iommu->domains[idx] = kzalloc(size, GFP_ATOMIC);
500 }
501
502 domains = iommu->domains[idx];
503 if (WARN_ON(!domains))
504 return;
505 else
506 domains[did & 0xff] = domain;
507 }
508
alloc_pgtable_page(int node)509 void *alloc_pgtable_page(int node)
510 {
511 struct page *page;
512 void *vaddr = NULL;
513
514 page = alloc_pages_node(node, GFP_ATOMIC | __GFP_ZERO, 0);
515 if (page)
516 vaddr = page_address(page);
517 return vaddr;
518 }
519
free_pgtable_page(void * vaddr)520 void free_pgtable_page(void *vaddr)
521 {
522 free_page((unsigned long)vaddr);
523 }
524
alloc_domain_mem(void)525 static inline void *alloc_domain_mem(void)
526 {
527 return kmem_cache_alloc(iommu_domain_cache, GFP_ATOMIC);
528 }
529
free_domain_mem(void * vaddr)530 static void free_domain_mem(void *vaddr)
531 {
532 kmem_cache_free(iommu_domain_cache, vaddr);
533 }
534
alloc_devinfo_mem(void)535 static inline void * alloc_devinfo_mem(void)
536 {
537 return kmem_cache_alloc(iommu_devinfo_cache, GFP_ATOMIC);
538 }
539
free_devinfo_mem(void * vaddr)540 static inline void free_devinfo_mem(void *vaddr)
541 {
542 kmem_cache_free(iommu_devinfo_cache, vaddr);
543 }
544
domain_type_is_si(struct dmar_domain * domain)545 static inline int domain_type_is_si(struct dmar_domain *domain)
546 {
547 return domain->flags & DOMAIN_FLAG_STATIC_IDENTITY;
548 }
549
domain_use_first_level(struct dmar_domain * domain)550 static inline bool domain_use_first_level(struct dmar_domain *domain)
551 {
552 return domain->flags & DOMAIN_FLAG_USE_FIRST_LEVEL;
553 }
554
domain_pfn_supported(struct dmar_domain * domain,unsigned long pfn)555 static inline int domain_pfn_supported(struct dmar_domain *domain,
556 unsigned long pfn)
557 {
558 int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
559
560 return !(addr_width < BITS_PER_LONG && pfn >> addr_width);
561 }
562
__iommu_calculate_agaw(struct intel_iommu * iommu,int max_gaw)563 static int __iommu_calculate_agaw(struct intel_iommu *iommu, int max_gaw)
564 {
565 unsigned long sagaw;
566 int agaw = -1;
567
568 sagaw = cap_sagaw(iommu->cap);
569 for (agaw = width_to_agaw(max_gaw);
570 agaw >= 0; agaw--) {
571 if (test_bit(agaw, &sagaw))
572 break;
573 }
574
575 return agaw;
576 }
577
578 /*
579 * Calculate max SAGAW for each iommu.
580 */
iommu_calculate_max_sagaw(struct intel_iommu * iommu)581 int iommu_calculate_max_sagaw(struct intel_iommu *iommu)
582 {
583 return __iommu_calculate_agaw(iommu, MAX_AGAW_WIDTH);
584 }
585
586 /*
587 * calculate agaw for each iommu.
588 * "SAGAW" may be different across iommus, use a default agaw, and
589 * get a supported less agaw for iommus that don't support the default agaw.
590 */
iommu_calculate_agaw(struct intel_iommu * iommu)591 int iommu_calculate_agaw(struct intel_iommu *iommu)
592 {
593 return __iommu_calculate_agaw(iommu, DEFAULT_DOMAIN_ADDRESS_WIDTH);
594 }
595
596 /* This functionin only returns single iommu in a domain */
domain_get_iommu(struct dmar_domain * domain)597 struct intel_iommu *domain_get_iommu(struct dmar_domain *domain)
598 {
599 int iommu_id;
600
601 /* si_domain and vm domain should not get here. */
602 if (WARN_ON(domain->domain.type != IOMMU_DOMAIN_DMA))
603 return NULL;
604
605 for_each_domain_iommu(iommu_id, domain)
606 break;
607
608 if (iommu_id < 0 || iommu_id >= g_num_of_iommus)
609 return NULL;
610
611 return g_iommus[iommu_id];
612 }
613
iommu_paging_structure_coherency(struct intel_iommu * iommu)614 static inline bool iommu_paging_structure_coherency(struct intel_iommu *iommu)
615 {
616 return sm_supported(iommu) ?
617 ecap_smpwc(iommu->ecap) : ecap_coherent(iommu->ecap);
618 }
619
domain_update_iommu_coherency(struct dmar_domain * domain)620 static void domain_update_iommu_coherency(struct dmar_domain *domain)
621 {
622 struct dmar_drhd_unit *drhd;
623 struct intel_iommu *iommu;
624 bool found = false;
625 int i;
626
627 domain->iommu_coherency = 1;
628
629 for_each_domain_iommu(i, domain) {
630 found = true;
631 if (!iommu_paging_structure_coherency(g_iommus[i])) {
632 domain->iommu_coherency = 0;
633 break;
634 }
635 }
636 if (found)
637 return;
638
639 /* No hardware attached; use lowest common denominator */
640 rcu_read_lock();
641 for_each_active_iommu(iommu, drhd) {
642 if (!iommu_paging_structure_coherency(iommu)) {
643 domain->iommu_coherency = 0;
644 break;
645 }
646 }
647 rcu_read_unlock();
648 }
649
domain_update_iommu_snooping(struct intel_iommu * skip)650 static int domain_update_iommu_snooping(struct intel_iommu *skip)
651 {
652 struct dmar_drhd_unit *drhd;
653 struct intel_iommu *iommu;
654 int ret = 1;
655
656 rcu_read_lock();
657 for_each_active_iommu(iommu, drhd) {
658 if (iommu != skip) {
659 if (!ecap_sc_support(iommu->ecap)) {
660 ret = 0;
661 break;
662 }
663 }
664 }
665 rcu_read_unlock();
666
667 return ret;
668 }
669
domain_update_iommu_superpage(struct dmar_domain * domain,struct intel_iommu * skip)670 static int domain_update_iommu_superpage(struct dmar_domain *domain,
671 struct intel_iommu *skip)
672 {
673 struct dmar_drhd_unit *drhd;
674 struct intel_iommu *iommu;
675 int mask = 0x3;
676
677 if (!intel_iommu_superpage) {
678 return 0;
679 }
680
681 /* set iommu_superpage to the smallest common denominator */
682 rcu_read_lock();
683 for_each_active_iommu(iommu, drhd) {
684 if (iommu != skip) {
685 if (domain && domain_use_first_level(domain)) {
686 if (!cap_fl1gp_support(iommu->cap))
687 mask = 0x1;
688 } else {
689 mask &= cap_super_page_val(iommu->cap);
690 }
691
692 if (!mask)
693 break;
694 }
695 }
696 rcu_read_unlock();
697
698 return fls(mask);
699 }
700
domain_update_device_node(struct dmar_domain * domain)701 static int domain_update_device_node(struct dmar_domain *domain)
702 {
703 struct device_domain_info *info;
704 int nid = NUMA_NO_NODE;
705
706 assert_spin_locked(&device_domain_lock);
707
708 if (list_empty(&domain->devices))
709 return NUMA_NO_NODE;
710
711 list_for_each_entry(info, &domain->devices, link) {
712 if (!info->dev)
713 continue;
714
715 /*
716 * There could possibly be multiple device numa nodes as devices
717 * within the same domain may sit behind different IOMMUs. There
718 * isn't perfect answer in such situation, so we select first
719 * come first served policy.
720 */
721 nid = dev_to_node(info->dev);
722 if (nid != NUMA_NO_NODE)
723 break;
724 }
725
726 return nid;
727 }
728
729 /* Some capabilities may be different across iommus */
domain_update_iommu_cap(struct dmar_domain * domain)730 static void domain_update_iommu_cap(struct dmar_domain *domain)
731 {
732 domain_update_iommu_coherency(domain);
733 domain->iommu_snooping = domain_update_iommu_snooping(NULL);
734 domain->iommu_superpage = domain_update_iommu_superpage(domain, NULL);
735
736 /*
737 * If RHSA is missing, we should default to the device numa domain
738 * as fall back.
739 */
740 if (domain->nid == NUMA_NO_NODE)
741 domain->nid = domain_update_device_node(domain);
742 }
743
iommu_context_addr(struct intel_iommu * iommu,u8 bus,u8 devfn,int alloc)744 struct context_entry *iommu_context_addr(struct intel_iommu *iommu, u8 bus,
745 u8 devfn, int alloc)
746 {
747 struct root_entry *root = &iommu->root_entry[bus];
748 struct context_entry *context;
749 u64 *entry;
750
751 entry = &root->lo;
752 if (sm_supported(iommu)) {
753 if (devfn >= 0x80) {
754 devfn -= 0x80;
755 entry = &root->hi;
756 }
757 devfn *= 2;
758 }
759 if (*entry & 1)
760 context = phys_to_virt(*entry & VTD_PAGE_MASK);
761 else {
762 unsigned long phy_addr;
763 if (!alloc)
764 return NULL;
765
766 context = alloc_pgtable_page(iommu->node);
767 if (!context)
768 return NULL;
769
770 __iommu_flush_cache(iommu, (void *)context, CONTEXT_SIZE);
771 phy_addr = virt_to_phys((void *)context);
772 *entry = phy_addr | 1;
773 __iommu_flush_cache(iommu, entry, sizeof(*entry));
774 }
775 return &context[devfn];
776 }
777
attach_deferred(struct device * dev)778 static bool attach_deferred(struct device *dev)
779 {
780 return dev_iommu_priv_get(dev) == DEFER_DEVICE_DOMAIN_INFO;
781 }
782
783 /**
784 * is_downstream_to_pci_bridge - test if a device belongs to the PCI
785 * sub-hierarchy of a candidate PCI-PCI bridge
786 * @dev: candidate PCI device belonging to @bridge PCI sub-hierarchy
787 * @bridge: the candidate PCI-PCI bridge
788 *
789 * Return: true if @dev belongs to @bridge PCI sub-hierarchy, else false.
790 */
791 static bool
is_downstream_to_pci_bridge(struct device * dev,struct device * bridge)792 is_downstream_to_pci_bridge(struct device *dev, struct device *bridge)
793 {
794 struct pci_dev *pdev, *pbridge;
795
796 if (!dev_is_pci(dev) || !dev_is_pci(bridge))
797 return false;
798
799 pdev = to_pci_dev(dev);
800 pbridge = to_pci_dev(bridge);
801
802 if (pbridge->subordinate &&
803 pbridge->subordinate->number <= pdev->bus->number &&
804 pbridge->subordinate->busn_res.end >= pdev->bus->number)
805 return true;
806
807 return false;
808 }
809
quirk_ioat_snb_local_iommu(struct pci_dev * pdev)810 static bool quirk_ioat_snb_local_iommu(struct pci_dev *pdev)
811 {
812 struct dmar_drhd_unit *drhd;
813 u32 vtbar;
814 int rc;
815
816 /* We know that this device on this chipset has its own IOMMU.
817 * If we find it under a different IOMMU, then the BIOS is lying
818 * to us. Hope that the IOMMU for this device is actually
819 * disabled, and it needs no translation...
820 */
821 rc = pci_bus_read_config_dword(pdev->bus, PCI_DEVFN(0, 0), 0xb0, &vtbar);
822 if (rc) {
823 /* "can't" happen */
824 dev_info(&pdev->dev, "failed to run vt-d quirk\n");
825 return false;
826 }
827 vtbar &= 0xffff0000;
828
829 /* we know that the this iommu should be at offset 0xa000 from vtbar */
830 drhd = dmar_find_matched_drhd_unit(pdev);
831 if (!drhd || drhd->reg_base_addr - vtbar != 0xa000) {
832 pr_warn_once(FW_BUG "BIOS assigned incorrect VT-d unit for Intel(R) QuickData Technology device\n");
833 add_taint(TAINT_FIRMWARE_WORKAROUND, LOCKDEP_STILL_OK);
834 return true;
835 }
836
837 return false;
838 }
839
iommu_is_dummy(struct intel_iommu * iommu,struct device * dev)840 static bool iommu_is_dummy(struct intel_iommu *iommu, struct device *dev)
841 {
842 if (!iommu || iommu->drhd->ignored)
843 return true;
844
845 if (dev_is_pci(dev)) {
846 struct pci_dev *pdev = to_pci_dev(dev);
847
848 if (pdev->vendor == PCI_VENDOR_ID_INTEL &&
849 pdev->device == PCI_DEVICE_ID_INTEL_IOAT_SNB &&
850 quirk_ioat_snb_local_iommu(pdev))
851 return true;
852 }
853
854 return false;
855 }
856
device_to_iommu(struct device * dev,u8 * bus,u8 * devfn)857 struct intel_iommu *device_to_iommu(struct device *dev, u8 *bus, u8 *devfn)
858 {
859 struct dmar_drhd_unit *drhd = NULL;
860 struct pci_dev *pdev = NULL;
861 struct intel_iommu *iommu;
862 struct device *tmp;
863 u16 segment = 0;
864 int i;
865
866 if (!dev)
867 return NULL;
868
869 if (dev_is_pci(dev)) {
870 struct pci_dev *pf_pdev;
871
872 pdev = pci_real_dma_dev(to_pci_dev(dev));
873
874 /* VFs aren't listed in scope tables; we need to look up
875 * the PF instead to find the IOMMU. */
876 pf_pdev = pci_physfn(pdev);
877 dev = &pf_pdev->dev;
878 segment = pci_domain_nr(pdev->bus);
879 } else if (has_acpi_companion(dev))
880 dev = &ACPI_COMPANION(dev)->dev;
881
882 rcu_read_lock();
883 for_each_iommu(iommu, drhd) {
884 if (pdev && segment != drhd->segment)
885 continue;
886
887 for_each_active_dev_scope(drhd->devices,
888 drhd->devices_cnt, i, tmp) {
889 if (tmp == dev) {
890 /* For a VF use its original BDF# not that of the PF
891 * which we used for the IOMMU lookup. Strictly speaking
892 * we could do this for all PCI devices; we only need to
893 * get the BDF# from the scope table for ACPI matches. */
894 if (pdev && pdev->is_virtfn)
895 goto got_pdev;
896
897 if (bus && devfn) {
898 *bus = drhd->devices[i].bus;
899 *devfn = drhd->devices[i].devfn;
900 }
901 goto out;
902 }
903
904 if (is_downstream_to_pci_bridge(dev, tmp))
905 goto got_pdev;
906 }
907
908 if (pdev && drhd->include_all) {
909 got_pdev:
910 if (bus && devfn) {
911 *bus = pdev->bus->number;
912 *devfn = pdev->devfn;
913 }
914 goto out;
915 }
916 }
917 iommu = NULL;
918 out:
919 if (iommu_is_dummy(iommu, dev))
920 iommu = NULL;
921
922 rcu_read_unlock();
923
924 return iommu;
925 }
926
domain_flush_cache(struct dmar_domain * domain,void * addr,int size)927 static void domain_flush_cache(struct dmar_domain *domain,
928 void *addr, int size)
929 {
930 if (!domain->iommu_coherency)
931 clflush_cache_range(addr, size);
932 }
933
device_context_mapped(struct intel_iommu * iommu,u8 bus,u8 devfn)934 static int device_context_mapped(struct intel_iommu *iommu, u8 bus, u8 devfn)
935 {
936 struct context_entry *context;
937 int ret = 0;
938 unsigned long flags;
939
940 spin_lock_irqsave(&iommu->lock, flags);
941 context = iommu_context_addr(iommu, bus, devfn, 0);
942 if (context)
943 ret = context_present(context);
944 spin_unlock_irqrestore(&iommu->lock, flags);
945 return ret;
946 }
947
free_context_table(struct intel_iommu * iommu)948 static void free_context_table(struct intel_iommu *iommu)
949 {
950 int i;
951 unsigned long flags;
952 struct context_entry *context;
953
954 spin_lock_irqsave(&iommu->lock, flags);
955 if (!iommu->root_entry) {
956 goto out;
957 }
958 for (i = 0; i < ROOT_ENTRY_NR; i++) {
959 context = iommu_context_addr(iommu, i, 0, 0);
960 if (context)
961 free_pgtable_page(context);
962
963 if (!sm_supported(iommu))
964 continue;
965
966 context = iommu_context_addr(iommu, i, 0x80, 0);
967 if (context)
968 free_pgtable_page(context);
969
970 }
971 free_pgtable_page(iommu->root_entry);
972 iommu->root_entry = NULL;
973 out:
974 spin_unlock_irqrestore(&iommu->lock, flags);
975 }
976
pfn_to_dma_pte(struct dmar_domain * domain,unsigned long pfn,int * target_level)977 static struct dma_pte *pfn_to_dma_pte(struct dmar_domain *domain,
978 unsigned long pfn, int *target_level)
979 {
980 struct dma_pte *parent, *pte;
981 int level = agaw_to_level(domain->agaw);
982 int offset;
983
984 BUG_ON(!domain->pgd);
985
986 if (!domain_pfn_supported(domain, pfn))
987 /* Address beyond IOMMU's addressing capabilities. */
988 return NULL;
989
990 parent = domain->pgd;
991
992 while (1) {
993 void *tmp_page;
994
995 offset = pfn_level_offset(pfn, level);
996 pte = &parent[offset];
997 if (!*target_level && (dma_pte_superpage(pte) || !dma_pte_present(pte)))
998 break;
999 if (level == *target_level)
1000 break;
1001
1002 if (!dma_pte_present(pte)) {
1003 uint64_t pteval;
1004
1005 tmp_page = alloc_pgtable_page(domain->nid);
1006
1007 if (!tmp_page)
1008 return NULL;
1009
1010 domain_flush_cache(domain, tmp_page, VTD_PAGE_SIZE);
1011 pteval = ((uint64_t)virt_to_dma_pfn(tmp_page) << VTD_PAGE_SHIFT) | DMA_PTE_READ | DMA_PTE_WRITE;
1012 if (domain_use_first_level(domain))
1013 pteval |= DMA_FL_PTE_XD | DMA_FL_PTE_US;
1014 if (cmpxchg64(&pte->val, 0ULL, pteval))
1015 /* Someone else set it while we were thinking; use theirs. */
1016 free_pgtable_page(tmp_page);
1017 else
1018 domain_flush_cache(domain, pte, sizeof(*pte));
1019 }
1020 if (level == 1)
1021 break;
1022
1023 parent = phys_to_virt(dma_pte_addr(pte));
1024 level--;
1025 }
1026
1027 if (!*target_level)
1028 *target_level = level;
1029
1030 return pte;
1031 }
1032
1033 /* return address's pte at specific level */
dma_pfn_level_pte(struct dmar_domain * domain,unsigned long pfn,int level,int * large_page)1034 static struct dma_pte *dma_pfn_level_pte(struct dmar_domain *domain,
1035 unsigned long pfn,
1036 int level, int *large_page)
1037 {
1038 struct dma_pte *parent, *pte;
1039 int total = agaw_to_level(domain->agaw);
1040 int offset;
1041
1042 parent = domain->pgd;
1043 while (level <= total) {
1044 offset = pfn_level_offset(pfn, total);
1045 pte = &parent[offset];
1046 if (level == total)
1047 return pte;
1048
1049 if (!dma_pte_present(pte)) {
1050 *large_page = total;
1051 break;
1052 }
1053
1054 if (dma_pte_superpage(pte)) {
1055 *large_page = total;
1056 return pte;
1057 }
1058
1059 parent = phys_to_virt(dma_pte_addr(pte));
1060 total--;
1061 }
1062 return NULL;
1063 }
1064
1065 /* clear last level pte, a tlb flush should be followed */
dma_pte_clear_range(struct dmar_domain * domain,unsigned long start_pfn,unsigned long last_pfn)1066 static void dma_pte_clear_range(struct dmar_domain *domain,
1067 unsigned long start_pfn,
1068 unsigned long last_pfn)
1069 {
1070 unsigned int large_page;
1071 struct dma_pte *first_pte, *pte;
1072
1073 BUG_ON(!domain_pfn_supported(domain, start_pfn));
1074 BUG_ON(!domain_pfn_supported(domain, last_pfn));
1075 BUG_ON(start_pfn > last_pfn);
1076
1077 /* we don't need lock here; nobody else touches the iova range */
1078 do {
1079 large_page = 1;
1080 first_pte = pte = dma_pfn_level_pte(domain, start_pfn, 1, &large_page);
1081 if (!pte) {
1082 start_pfn = align_to_level(start_pfn + 1, large_page + 1);
1083 continue;
1084 }
1085 do {
1086 dma_clear_pte(pte);
1087 start_pfn += lvl_to_nr_pages(large_page);
1088 pte++;
1089 } while (start_pfn <= last_pfn && !first_pte_in_page(pte));
1090
1091 domain_flush_cache(domain, first_pte,
1092 (void *)pte - (void *)first_pte);
1093
1094 } while (start_pfn && start_pfn <= last_pfn);
1095 }
1096
dma_pte_free_level(struct dmar_domain * domain,int level,int retain_level,struct dma_pte * pte,unsigned long pfn,unsigned long start_pfn,unsigned long last_pfn)1097 static void dma_pte_free_level(struct dmar_domain *domain, int level,
1098 int retain_level, struct dma_pte *pte,
1099 unsigned long pfn, unsigned long start_pfn,
1100 unsigned long last_pfn)
1101 {
1102 pfn = max(start_pfn, pfn);
1103 pte = &pte[pfn_level_offset(pfn, level)];
1104
1105 do {
1106 unsigned long level_pfn;
1107 struct dma_pte *level_pte;
1108
1109 if (!dma_pte_present(pte) || dma_pte_superpage(pte))
1110 goto next;
1111
1112 level_pfn = pfn & level_mask(level);
1113 level_pte = phys_to_virt(dma_pte_addr(pte));
1114
1115 if (level > 2) {
1116 dma_pte_free_level(domain, level - 1, retain_level,
1117 level_pte, level_pfn, start_pfn,
1118 last_pfn);
1119 }
1120
1121 /*
1122 * Free the page table if we're below the level we want to
1123 * retain and the range covers the entire table.
1124 */
1125 if (level < retain_level && !(start_pfn > level_pfn ||
1126 last_pfn < level_pfn + level_size(level) - 1)) {
1127 dma_clear_pte(pte);
1128 domain_flush_cache(domain, pte, sizeof(*pte));
1129 free_pgtable_page(level_pte);
1130 }
1131 next:
1132 pfn += level_size(level);
1133 } while (!first_pte_in_page(++pte) && pfn <= last_pfn);
1134 }
1135
1136 /*
1137 * clear last level (leaf) ptes and free page table pages below the
1138 * level we wish to keep intact.
1139 */
dma_pte_free_pagetable(struct dmar_domain * domain,unsigned long start_pfn,unsigned long last_pfn,int retain_level)1140 static void dma_pte_free_pagetable(struct dmar_domain *domain,
1141 unsigned long start_pfn,
1142 unsigned long last_pfn,
1143 int retain_level)
1144 {
1145 BUG_ON(!domain_pfn_supported(domain, start_pfn));
1146 BUG_ON(!domain_pfn_supported(domain, last_pfn));
1147 BUG_ON(start_pfn > last_pfn);
1148
1149 dma_pte_clear_range(domain, start_pfn, last_pfn);
1150
1151 /* We don't need lock here; nobody else touches the iova range */
1152 dma_pte_free_level(domain, agaw_to_level(domain->agaw), retain_level,
1153 domain->pgd, 0, start_pfn, last_pfn);
1154
1155 /* free pgd */
1156 if (start_pfn == 0 && last_pfn == DOMAIN_MAX_PFN(domain->gaw)) {
1157 free_pgtable_page(domain->pgd);
1158 domain->pgd = NULL;
1159 }
1160 }
1161
1162 /* When a page at a given level is being unlinked from its parent, we don't
1163 need to *modify* it at all. All we need to do is make a list of all the
1164 pages which can be freed just as soon as we've flushed the IOTLB and we
1165 know the hardware page-walk will no longer touch them.
1166 The 'pte' argument is the *parent* PTE, pointing to the page that is to
1167 be freed. */
dma_pte_list_pagetables(struct dmar_domain * domain,int level,struct dma_pte * pte,struct page * freelist)1168 static struct page *dma_pte_list_pagetables(struct dmar_domain *domain,
1169 int level, struct dma_pte *pte,
1170 struct page *freelist)
1171 {
1172 struct page *pg;
1173
1174 pg = pfn_to_page(dma_pte_addr(pte) >> PAGE_SHIFT);
1175 pg->freelist = freelist;
1176 freelist = pg;
1177
1178 if (level == 1)
1179 return freelist;
1180
1181 pte = page_address(pg);
1182 do {
1183 if (dma_pte_present(pte) && !dma_pte_superpage(pte))
1184 freelist = dma_pte_list_pagetables(domain, level - 1,
1185 pte, freelist);
1186 pte++;
1187 } while (!first_pte_in_page(pte));
1188
1189 return freelist;
1190 }
1191
dma_pte_clear_level(struct dmar_domain * domain,int level,struct dma_pte * pte,unsigned long pfn,unsigned long start_pfn,unsigned long last_pfn,struct page * freelist)1192 static struct page *dma_pte_clear_level(struct dmar_domain *domain, int level,
1193 struct dma_pte *pte, unsigned long pfn,
1194 unsigned long start_pfn,
1195 unsigned long last_pfn,
1196 struct page *freelist)
1197 {
1198 struct dma_pte *first_pte = NULL, *last_pte = NULL;
1199
1200 pfn = max(start_pfn, pfn);
1201 pte = &pte[pfn_level_offset(pfn, level)];
1202
1203 do {
1204 unsigned long level_pfn;
1205
1206 if (!dma_pte_present(pte))
1207 goto next;
1208
1209 level_pfn = pfn & level_mask(level);
1210
1211 /* If range covers entire pagetable, free it */
1212 if (start_pfn <= level_pfn &&
1213 last_pfn >= level_pfn + level_size(level) - 1) {
1214 /* These suborbinate page tables are going away entirely. Don't
1215 bother to clear them; we're just going to *free* them. */
1216 if (level > 1 && !dma_pte_superpage(pte))
1217 freelist = dma_pte_list_pagetables(domain, level - 1, pte, freelist);
1218
1219 dma_clear_pte(pte);
1220 if (!first_pte)
1221 first_pte = pte;
1222 last_pte = pte;
1223 } else if (level > 1) {
1224 /* Recurse down into a level that isn't *entirely* obsolete */
1225 freelist = dma_pte_clear_level(domain, level - 1,
1226 phys_to_virt(dma_pte_addr(pte)),
1227 level_pfn, start_pfn, last_pfn,
1228 freelist);
1229 }
1230 next:
1231 pfn += level_size(level);
1232 } while (!first_pte_in_page(++pte) && pfn <= last_pfn);
1233
1234 if (first_pte)
1235 domain_flush_cache(domain, first_pte,
1236 (void *)++last_pte - (void *)first_pte);
1237
1238 return freelist;
1239 }
1240
1241 /* We can't just free the pages because the IOMMU may still be walking
1242 the page tables, and may have cached the intermediate levels. The
1243 pages can only be freed after the IOTLB flush has been done. */
domain_unmap(struct dmar_domain * domain,unsigned long start_pfn,unsigned long last_pfn)1244 static struct page *domain_unmap(struct dmar_domain *domain,
1245 unsigned long start_pfn,
1246 unsigned long last_pfn)
1247 {
1248 struct page *freelist;
1249
1250 BUG_ON(!domain_pfn_supported(domain, start_pfn));
1251 BUG_ON(!domain_pfn_supported(domain, last_pfn));
1252 BUG_ON(start_pfn > last_pfn);
1253
1254 /* we don't need lock here; nobody else touches the iova range */
1255 freelist = dma_pte_clear_level(domain, agaw_to_level(domain->agaw),
1256 domain->pgd, 0, start_pfn, last_pfn, NULL);
1257
1258 /* free pgd */
1259 if (start_pfn == 0 && last_pfn == DOMAIN_MAX_PFN(domain->gaw)) {
1260 struct page *pgd_page = virt_to_page(domain->pgd);
1261 pgd_page->freelist = freelist;
1262 freelist = pgd_page;
1263
1264 domain->pgd = NULL;
1265 }
1266
1267 return freelist;
1268 }
1269
dma_free_pagelist(struct page * freelist)1270 static void dma_free_pagelist(struct page *freelist)
1271 {
1272 struct page *pg;
1273
1274 while ((pg = freelist)) {
1275 freelist = pg->freelist;
1276 free_pgtable_page(page_address(pg));
1277 }
1278 }
1279
iova_entry_free(unsigned long data)1280 static void iova_entry_free(unsigned long data)
1281 {
1282 struct page *freelist = (struct page *)data;
1283
1284 dma_free_pagelist(freelist);
1285 }
1286
1287 /* iommu handling */
iommu_alloc_root_entry(struct intel_iommu * iommu)1288 static int iommu_alloc_root_entry(struct intel_iommu *iommu)
1289 {
1290 struct root_entry *root;
1291 unsigned long flags;
1292
1293 root = (struct root_entry *)alloc_pgtable_page(iommu->node);
1294 if (!root) {
1295 pr_err("Allocating root entry for %s failed\n",
1296 iommu->name);
1297 return -ENOMEM;
1298 }
1299
1300 __iommu_flush_cache(iommu, root, ROOT_SIZE);
1301
1302 spin_lock_irqsave(&iommu->lock, flags);
1303 iommu->root_entry = root;
1304 spin_unlock_irqrestore(&iommu->lock, flags);
1305
1306 return 0;
1307 }
1308
iommu_set_root_entry(struct intel_iommu * iommu)1309 static void iommu_set_root_entry(struct intel_iommu *iommu)
1310 {
1311 u64 addr;
1312 u32 sts;
1313 unsigned long flag;
1314
1315 addr = virt_to_phys(iommu->root_entry);
1316 if (sm_supported(iommu))
1317 addr |= DMA_RTADDR_SMT;
1318
1319 raw_spin_lock_irqsave(&iommu->register_lock, flag);
1320 dmar_writeq(iommu->reg + DMAR_RTADDR_REG, addr);
1321
1322 writel(iommu->gcmd | DMA_GCMD_SRTP, iommu->reg + DMAR_GCMD_REG);
1323
1324 /* Make sure hardware complete it */
1325 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1326 readl, (sts & DMA_GSTS_RTPS), sts);
1327
1328 raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1329 }
1330
iommu_flush_write_buffer(struct intel_iommu * iommu)1331 void iommu_flush_write_buffer(struct intel_iommu *iommu)
1332 {
1333 u32 val;
1334 unsigned long flag;
1335
1336 if (!rwbf_quirk && !cap_rwbf(iommu->cap))
1337 return;
1338
1339 raw_spin_lock_irqsave(&iommu->register_lock, flag);
1340 writel(iommu->gcmd | DMA_GCMD_WBF, iommu->reg + DMAR_GCMD_REG);
1341
1342 /* Make sure hardware complete it */
1343 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1344 readl, (!(val & DMA_GSTS_WBFS)), val);
1345
1346 raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1347 }
1348
1349 /* return value determine if we need a write buffer flush */
__iommu_flush_context(struct intel_iommu * iommu,u16 did,u16 source_id,u8 function_mask,u64 type)1350 static void __iommu_flush_context(struct intel_iommu *iommu,
1351 u16 did, u16 source_id, u8 function_mask,
1352 u64 type)
1353 {
1354 u64 val = 0;
1355 unsigned long flag;
1356
1357 switch (type) {
1358 case DMA_CCMD_GLOBAL_INVL:
1359 val = DMA_CCMD_GLOBAL_INVL;
1360 break;
1361 case DMA_CCMD_DOMAIN_INVL:
1362 val = DMA_CCMD_DOMAIN_INVL|DMA_CCMD_DID(did);
1363 break;
1364 case DMA_CCMD_DEVICE_INVL:
1365 val = DMA_CCMD_DEVICE_INVL|DMA_CCMD_DID(did)
1366 | DMA_CCMD_SID(source_id) | DMA_CCMD_FM(function_mask);
1367 break;
1368 default:
1369 BUG();
1370 }
1371 val |= DMA_CCMD_ICC;
1372
1373 raw_spin_lock_irqsave(&iommu->register_lock, flag);
1374 dmar_writeq(iommu->reg + DMAR_CCMD_REG, val);
1375
1376 /* Make sure hardware complete it */
1377 IOMMU_WAIT_OP(iommu, DMAR_CCMD_REG,
1378 dmar_readq, (!(val & DMA_CCMD_ICC)), val);
1379
1380 raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1381 }
1382
1383 /* return value determine if we need a write buffer flush */
__iommu_flush_iotlb(struct intel_iommu * iommu,u16 did,u64 addr,unsigned int size_order,u64 type)1384 static void __iommu_flush_iotlb(struct intel_iommu *iommu, u16 did,
1385 u64 addr, unsigned int size_order, u64 type)
1386 {
1387 int tlb_offset = ecap_iotlb_offset(iommu->ecap);
1388 u64 val = 0, val_iva = 0;
1389 unsigned long flag;
1390
1391 switch (type) {
1392 case DMA_TLB_GLOBAL_FLUSH:
1393 /* global flush doesn't need set IVA_REG */
1394 val = DMA_TLB_GLOBAL_FLUSH|DMA_TLB_IVT;
1395 break;
1396 case DMA_TLB_DSI_FLUSH:
1397 val = DMA_TLB_DSI_FLUSH|DMA_TLB_IVT|DMA_TLB_DID(did);
1398 break;
1399 case DMA_TLB_PSI_FLUSH:
1400 val = DMA_TLB_PSI_FLUSH|DMA_TLB_IVT|DMA_TLB_DID(did);
1401 /* IH bit is passed in as part of address */
1402 val_iva = size_order | addr;
1403 break;
1404 default:
1405 BUG();
1406 }
1407 /* Note: set drain read/write */
1408 #if 0
1409 /*
1410 * This is probably to be super secure.. Looks like we can
1411 * ignore it without any impact.
1412 */
1413 if (cap_read_drain(iommu->cap))
1414 val |= DMA_TLB_READ_DRAIN;
1415 #endif
1416 if (cap_write_drain(iommu->cap))
1417 val |= DMA_TLB_WRITE_DRAIN;
1418
1419 raw_spin_lock_irqsave(&iommu->register_lock, flag);
1420 /* Note: Only uses first TLB reg currently */
1421 if (val_iva)
1422 dmar_writeq(iommu->reg + tlb_offset, val_iva);
1423 dmar_writeq(iommu->reg + tlb_offset + 8, val);
1424
1425 /* Make sure hardware complete it */
1426 IOMMU_WAIT_OP(iommu, tlb_offset + 8,
1427 dmar_readq, (!(val & DMA_TLB_IVT)), val);
1428
1429 raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1430
1431 /* check IOTLB invalidation granularity */
1432 if (DMA_TLB_IAIG(val) == 0)
1433 pr_err("Flush IOTLB failed\n");
1434 if (DMA_TLB_IAIG(val) != DMA_TLB_IIRG(type))
1435 pr_debug("TLB flush request %Lx, actual %Lx\n",
1436 (unsigned long long)DMA_TLB_IIRG(type),
1437 (unsigned long long)DMA_TLB_IAIG(val));
1438 }
1439
1440 static struct device_domain_info *
iommu_support_dev_iotlb(struct dmar_domain * domain,struct intel_iommu * iommu,u8 bus,u8 devfn)1441 iommu_support_dev_iotlb (struct dmar_domain *domain, struct intel_iommu *iommu,
1442 u8 bus, u8 devfn)
1443 {
1444 struct device_domain_info *info;
1445
1446 assert_spin_locked(&device_domain_lock);
1447
1448 if (!iommu->qi)
1449 return NULL;
1450
1451 list_for_each_entry(info, &domain->devices, link)
1452 if (info->iommu == iommu && info->bus == bus &&
1453 info->devfn == devfn) {
1454 if (info->ats_supported && info->dev)
1455 return info;
1456 break;
1457 }
1458
1459 return NULL;
1460 }
1461
domain_update_iotlb(struct dmar_domain * domain)1462 static void domain_update_iotlb(struct dmar_domain *domain)
1463 {
1464 struct device_domain_info *info;
1465 bool has_iotlb_device = false;
1466
1467 assert_spin_locked(&device_domain_lock);
1468
1469 list_for_each_entry(info, &domain->devices, link) {
1470 struct pci_dev *pdev;
1471
1472 if (!info->dev || !dev_is_pci(info->dev))
1473 continue;
1474
1475 pdev = to_pci_dev(info->dev);
1476 if (pdev->ats_enabled) {
1477 has_iotlb_device = true;
1478 break;
1479 }
1480 }
1481
1482 domain->has_iotlb_device = has_iotlb_device;
1483 }
1484
iommu_enable_dev_iotlb(struct device_domain_info * info)1485 static void iommu_enable_dev_iotlb(struct device_domain_info *info)
1486 {
1487 struct pci_dev *pdev;
1488
1489 assert_spin_locked(&device_domain_lock);
1490
1491 if (!info || !dev_is_pci(info->dev))
1492 return;
1493
1494 pdev = to_pci_dev(info->dev);
1495 /* For IOMMU that supports device IOTLB throttling (DIT), we assign
1496 * PFSID to the invalidation desc of a VF such that IOMMU HW can gauge
1497 * queue depth at PF level. If DIT is not set, PFSID will be treated as
1498 * reserved, which should be set to 0.
1499 */
1500 if (!ecap_dit(info->iommu->ecap))
1501 info->pfsid = 0;
1502 else {
1503 struct pci_dev *pf_pdev;
1504
1505 /* pdev will be returned if device is not a vf */
1506 pf_pdev = pci_physfn(pdev);
1507 info->pfsid = pci_dev_id(pf_pdev);
1508 }
1509
1510 #ifdef CONFIG_INTEL_IOMMU_SVM
1511 /* The PCIe spec, in its wisdom, declares that the behaviour of
1512 the device if you enable PASID support after ATS support is
1513 undefined. So always enable PASID support on devices which
1514 have it, even if we can't yet know if we're ever going to
1515 use it. */
1516 if (info->pasid_supported && !pci_enable_pasid(pdev, info->pasid_supported & ~1))
1517 info->pasid_enabled = 1;
1518
1519 if (info->pri_supported &&
1520 (info->pasid_enabled ? pci_prg_resp_pasid_required(pdev) : 1) &&
1521 !pci_reset_pri(pdev) && !pci_enable_pri(pdev, 32))
1522 info->pri_enabled = 1;
1523 #endif
1524 if (info->ats_supported && pci_ats_page_aligned(pdev) &&
1525 !pci_enable_ats(pdev, VTD_PAGE_SHIFT)) {
1526 info->ats_enabled = 1;
1527 domain_update_iotlb(info->domain);
1528 info->ats_qdep = pci_ats_queue_depth(pdev);
1529 }
1530 }
1531
iommu_disable_dev_iotlb(struct device_domain_info * info)1532 static void iommu_disable_dev_iotlb(struct device_domain_info *info)
1533 {
1534 struct pci_dev *pdev;
1535
1536 assert_spin_locked(&device_domain_lock);
1537
1538 if (!dev_is_pci(info->dev))
1539 return;
1540
1541 pdev = to_pci_dev(info->dev);
1542
1543 if (info->ats_enabled) {
1544 pci_disable_ats(pdev);
1545 info->ats_enabled = 0;
1546 domain_update_iotlb(info->domain);
1547 }
1548 #ifdef CONFIG_INTEL_IOMMU_SVM
1549 if (info->pri_enabled) {
1550 pci_disable_pri(pdev);
1551 info->pri_enabled = 0;
1552 }
1553 if (info->pasid_enabled) {
1554 pci_disable_pasid(pdev);
1555 info->pasid_enabled = 0;
1556 }
1557 #endif
1558 }
1559
iommu_flush_dev_iotlb(struct dmar_domain * domain,u64 addr,unsigned mask)1560 static void iommu_flush_dev_iotlb(struct dmar_domain *domain,
1561 u64 addr, unsigned mask)
1562 {
1563 u16 sid, qdep;
1564 unsigned long flags;
1565 struct device_domain_info *info;
1566
1567 if (!domain->has_iotlb_device)
1568 return;
1569
1570 spin_lock_irqsave(&device_domain_lock, flags);
1571 list_for_each_entry(info, &domain->devices, link) {
1572 if (!info->ats_enabled)
1573 continue;
1574
1575 sid = info->bus << 8 | info->devfn;
1576 qdep = info->ats_qdep;
1577 qi_flush_dev_iotlb(info->iommu, sid, info->pfsid,
1578 qdep, addr, mask);
1579 }
1580 spin_unlock_irqrestore(&device_domain_lock, flags);
1581 }
1582
domain_flush_piotlb(struct intel_iommu * iommu,struct dmar_domain * domain,u64 addr,unsigned long npages,bool ih)1583 static void domain_flush_piotlb(struct intel_iommu *iommu,
1584 struct dmar_domain *domain,
1585 u64 addr, unsigned long npages, bool ih)
1586 {
1587 u16 did = domain->iommu_did[iommu->seq_id];
1588
1589 if (domain->default_pasid)
1590 qi_flush_piotlb(iommu, did, domain->default_pasid,
1591 addr, npages, ih);
1592
1593 if (!list_empty(&domain->devices))
1594 qi_flush_piotlb(iommu, did, PASID_RID2PASID, addr, npages, ih);
1595 }
1596
iommu_flush_iotlb_psi(struct intel_iommu * iommu,struct dmar_domain * domain,unsigned long pfn,unsigned int pages,int ih,int map)1597 static void iommu_flush_iotlb_psi(struct intel_iommu *iommu,
1598 struct dmar_domain *domain,
1599 unsigned long pfn, unsigned int pages,
1600 int ih, int map)
1601 {
1602 unsigned int mask = ilog2(__roundup_pow_of_two(pages));
1603 uint64_t addr = (uint64_t)pfn << VTD_PAGE_SHIFT;
1604 u16 did = domain->iommu_did[iommu->seq_id];
1605
1606 BUG_ON(pages == 0);
1607
1608 if (ih)
1609 ih = 1 << 6;
1610
1611 if (domain_use_first_level(domain)) {
1612 domain_flush_piotlb(iommu, domain, addr, pages, ih);
1613 } else {
1614 /*
1615 * Fallback to domain selective flush if no PSI support or
1616 * the size is too big. PSI requires page size to be 2 ^ x,
1617 * and the base address is naturally aligned to the size.
1618 */
1619 if (!cap_pgsel_inv(iommu->cap) ||
1620 mask > cap_max_amask_val(iommu->cap))
1621 iommu->flush.flush_iotlb(iommu, did, 0, 0,
1622 DMA_TLB_DSI_FLUSH);
1623 else
1624 iommu->flush.flush_iotlb(iommu, did, addr | ih, mask,
1625 DMA_TLB_PSI_FLUSH);
1626 }
1627
1628 /*
1629 * In caching mode, changes of pages from non-present to present require
1630 * flush. However, device IOTLB doesn't need to be flushed in this case.
1631 */
1632 if (!cap_caching_mode(iommu->cap) || !map)
1633 iommu_flush_dev_iotlb(domain, addr, mask);
1634 }
1635
1636 /* Notification for newly created mappings */
__mapping_notify_one(struct intel_iommu * iommu,struct dmar_domain * domain,unsigned long pfn,unsigned int pages)1637 static inline void __mapping_notify_one(struct intel_iommu *iommu,
1638 struct dmar_domain *domain,
1639 unsigned long pfn, unsigned int pages)
1640 {
1641 /*
1642 * It's a non-present to present mapping. Only flush if caching mode
1643 * and second level.
1644 */
1645 if (cap_caching_mode(iommu->cap) && !domain_use_first_level(domain))
1646 iommu_flush_iotlb_psi(iommu, domain, pfn, pages, 0, 1);
1647 else
1648 iommu_flush_write_buffer(iommu);
1649 }
1650
iommu_flush_iova(struct iova_domain * iovad)1651 static void iommu_flush_iova(struct iova_domain *iovad)
1652 {
1653 struct dmar_domain *domain;
1654 int idx;
1655
1656 domain = container_of(iovad, struct dmar_domain, iovad);
1657
1658 for_each_domain_iommu(idx, domain) {
1659 struct intel_iommu *iommu = g_iommus[idx];
1660 u16 did = domain->iommu_did[iommu->seq_id];
1661
1662 if (domain_use_first_level(domain))
1663 domain_flush_piotlb(iommu, domain, 0, -1, 0);
1664 else
1665 iommu->flush.flush_iotlb(iommu, did, 0, 0,
1666 DMA_TLB_DSI_FLUSH);
1667
1668 if (!cap_caching_mode(iommu->cap))
1669 iommu_flush_dev_iotlb(get_iommu_domain(iommu, did),
1670 0, MAX_AGAW_PFN_WIDTH);
1671 }
1672 }
1673
iommu_disable_protect_mem_regions(struct intel_iommu * iommu)1674 static void iommu_disable_protect_mem_regions(struct intel_iommu *iommu)
1675 {
1676 u32 pmen;
1677 unsigned long flags;
1678
1679 if (!cap_plmr(iommu->cap) && !cap_phmr(iommu->cap))
1680 return;
1681
1682 raw_spin_lock_irqsave(&iommu->register_lock, flags);
1683 pmen = readl(iommu->reg + DMAR_PMEN_REG);
1684 pmen &= ~DMA_PMEN_EPM;
1685 writel(pmen, iommu->reg + DMAR_PMEN_REG);
1686
1687 /* wait for the protected region status bit to clear */
1688 IOMMU_WAIT_OP(iommu, DMAR_PMEN_REG,
1689 readl, !(pmen & DMA_PMEN_PRS), pmen);
1690
1691 raw_spin_unlock_irqrestore(&iommu->register_lock, flags);
1692 }
1693
iommu_enable_translation(struct intel_iommu * iommu)1694 static void iommu_enable_translation(struct intel_iommu *iommu)
1695 {
1696 u32 sts;
1697 unsigned long flags;
1698
1699 raw_spin_lock_irqsave(&iommu->register_lock, flags);
1700 iommu->gcmd |= DMA_GCMD_TE;
1701 writel(iommu->gcmd, iommu->reg + DMAR_GCMD_REG);
1702
1703 /* Make sure hardware complete it */
1704 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1705 readl, (sts & DMA_GSTS_TES), sts);
1706
1707 raw_spin_unlock_irqrestore(&iommu->register_lock, flags);
1708 }
1709
iommu_disable_translation(struct intel_iommu * iommu)1710 static void iommu_disable_translation(struct intel_iommu *iommu)
1711 {
1712 u32 sts;
1713 unsigned long flag;
1714
1715 if (iommu_skip_te_disable && iommu->drhd->gfx_dedicated &&
1716 (cap_read_drain(iommu->cap) || cap_write_drain(iommu->cap)))
1717 return;
1718
1719 raw_spin_lock_irqsave(&iommu->register_lock, flag);
1720 iommu->gcmd &= ~DMA_GCMD_TE;
1721 writel(iommu->gcmd, iommu->reg + DMAR_GCMD_REG);
1722
1723 /* Make sure hardware complete it */
1724 IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1725 readl, (!(sts & DMA_GSTS_TES)), sts);
1726
1727 raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1728 }
1729
iommu_init_domains(struct intel_iommu * iommu)1730 static int iommu_init_domains(struct intel_iommu *iommu)
1731 {
1732 u32 ndomains, nlongs;
1733 size_t size;
1734
1735 ndomains = cap_ndoms(iommu->cap);
1736 pr_debug("%s: Number of Domains supported <%d>\n",
1737 iommu->name, ndomains);
1738 nlongs = BITS_TO_LONGS(ndomains);
1739
1740 spin_lock_init(&iommu->lock);
1741
1742 iommu->domain_ids = kcalloc(nlongs, sizeof(unsigned long), GFP_KERNEL);
1743 if (!iommu->domain_ids) {
1744 pr_err("%s: Allocating domain id array failed\n",
1745 iommu->name);
1746 return -ENOMEM;
1747 }
1748
1749 size = (ALIGN(ndomains, 256) >> 8) * sizeof(struct dmar_domain **);
1750 iommu->domains = kzalloc(size, GFP_KERNEL);
1751
1752 if (iommu->domains) {
1753 size = 256 * sizeof(struct dmar_domain *);
1754 iommu->domains[0] = kzalloc(size, GFP_KERNEL);
1755 }
1756
1757 if (!iommu->domains || !iommu->domains[0]) {
1758 pr_err("%s: Allocating domain array failed\n",
1759 iommu->name);
1760 kfree(iommu->domain_ids);
1761 kfree(iommu->domains);
1762 iommu->domain_ids = NULL;
1763 iommu->domains = NULL;
1764 return -ENOMEM;
1765 }
1766
1767 /*
1768 * If Caching mode is set, then invalid translations are tagged
1769 * with domain-id 0, hence we need to pre-allocate it. We also
1770 * use domain-id 0 as a marker for non-allocated domain-id, so
1771 * make sure it is not used for a real domain.
1772 */
1773 set_bit(0, iommu->domain_ids);
1774
1775 /*
1776 * Vt-d spec rev3.0 (section 6.2.3.1) requires that each pasid
1777 * entry for first-level or pass-through translation modes should
1778 * be programmed with a domain id different from those used for
1779 * second-level or nested translation. We reserve a domain id for
1780 * this purpose.
1781 */
1782 if (sm_supported(iommu))
1783 set_bit(FLPT_DEFAULT_DID, iommu->domain_ids);
1784
1785 return 0;
1786 }
1787
disable_dmar_iommu(struct intel_iommu * iommu)1788 static void disable_dmar_iommu(struct intel_iommu *iommu)
1789 {
1790 struct device_domain_info *info, *tmp;
1791 unsigned long flags;
1792
1793 if (!iommu->domains || !iommu->domain_ids)
1794 return;
1795
1796 spin_lock_irqsave(&device_domain_lock, flags);
1797 list_for_each_entry_safe(info, tmp, &device_domain_list, global) {
1798 if (info->iommu != iommu)
1799 continue;
1800
1801 if (!info->dev || !info->domain)
1802 continue;
1803
1804 __dmar_remove_one_dev_info(info);
1805 }
1806 spin_unlock_irqrestore(&device_domain_lock, flags);
1807
1808 if (iommu->gcmd & DMA_GCMD_TE)
1809 iommu_disable_translation(iommu);
1810 }
1811
free_dmar_iommu(struct intel_iommu * iommu)1812 static void free_dmar_iommu(struct intel_iommu *iommu)
1813 {
1814 if ((iommu->domains) && (iommu->domain_ids)) {
1815 int elems = ALIGN(cap_ndoms(iommu->cap), 256) >> 8;
1816 int i;
1817
1818 for (i = 0; i < elems; i++)
1819 kfree(iommu->domains[i]);
1820 kfree(iommu->domains);
1821 kfree(iommu->domain_ids);
1822 iommu->domains = NULL;
1823 iommu->domain_ids = NULL;
1824 }
1825
1826 g_iommus[iommu->seq_id] = NULL;
1827
1828 /* free context mapping */
1829 free_context_table(iommu);
1830
1831 #ifdef CONFIG_INTEL_IOMMU_SVM
1832 if (pasid_supported(iommu)) {
1833 if (ecap_prs(iommu->ecap))
1834 intel_svm_finish_prq(iommu);
1835 }
1836 if (vccap_pasid(iommu->vccap))
1837 ioasid_unregister_allocator(&iommu->pasid_allocator);
1838
1839 #endif
1840 }
1841
1842 /*
1843 * Check and return whether first level is used by default for
1844 * DMA translation.
1845 */
first_level_by_default(void)1846 static bool first_level_by_default(void)
1847 {
1848 struct dmar_drhd_unit *drhd;
1849 struct intel_iommu *iommu;
1850 static int first_level_support = -1;
1851
1852 if (likely(first_level_support != -1))
1853 return first_level_support;
1854
1855 first_level_support = 1;
1856
1857 rcu_read_lock();
1858 for_each_active_iommu(iommu, drhd) {
1859 if (!sm_supported(iommu) || !ecap_flts(iommu->ecap)) {
1860 first_level_support = 0;
1861 break;
1862 }
1863 }
1864 rcu_read_unlock();
1865
1866 return first_level_support;
1867 }
1868
alloc_domain(int flags)1869 static struct dmar_domain *alloc_domain(int flags)
1870 {
1871 struct dmar_domain *domain;
1872
1873 domain = alloc_domain_mem();
1874 if (!domain)
1875 return NULL;
1876
1877 memset(domain, 0, sizeof(*domain));
1878 domain->nid = NUMA_NO_NODE;
1879 domain->flags = flags;
1880 if (first_level_by_default())
1881 domain->flags |= DOMAIN_FLAG_USE_FIRST_LEVEL;
1882 domain->has_iotlb_device = false;
1883 INIT_LIST_HEAD(&domain->devices);
1884
1885 return domain;
1886 }
1887
1888 /* Must be called with iommu->lock */
domain_attach_iommu(struct dmar_domain * domain,struct intel_iommu * iommu)1889 static int domain_attach_iommu(struct dmar_domain *domain,
1890 struct intel_iommu *iommu)
1891 {
1892 unsigned long ndomains;
1893 int num;
1894
1895 assert_spin_locked(&device_domain_lock);
1896 assert_spin_locked(&iommu->lock);
1897
1898 domain->iommu_refcnt[iommu->seq_id] += 1;
1899 domain->iommu_count += 1;
1900 if (domain->iommu_refcnt[iommu->seq_id] == 1) {
1901 ndomains = cap_ndoms(iommu->cap);
1902 num = find_first_zero_bit(iommu->domain_ids, ndomains);
1903
1904 if (num >= ndomains) {
1905 pr_err("%s: No free domain ids\n", iommu->name);
1906 domain->iommu_refcnt[iommu->seq_id] -= 1;
1907 domain->iommu_count -= 1;
1908 return -ENOSPC;
1909 }
1910
1911 set_bit(num, iommu->domain_ids);
1912 set_iommu_domain(iommu, num, domain);
1913
1914 domain->iommu_did[iommu->seq_id] = num;
1915 domain->nid = iommu->node;
1916
1917 domain_update_iommu_cap(domain);
1918 }
1919
1920 return 0;
1921 }
1922
domain_detach_iommu(struct dmar_domain * domain,struct intel_iommu * iommu)1923 static int domain_detach_iommu(struct dmar_domain *domain,
1924 struct intel_iommu *iommu)
1925 {
1926 int num, count;
1927
1928 assert_spin_locked(&device_domain_lock);
1929 assert_spin_locked(&iommu->lock);
1930
1931 domain->iommu_refcnt[iommu->seq_id] -= 1;
1932 count = --domain->iommu_count;
1933 if (domain->iommu_refcnt[iommu->seq_id] == 0) {
1934 num = domain->iommu_did[iommu->seq_id];
1935 clear_bit(num, iommu->domain_ids);
1936 set_iommu_domain(iommu, num, NULL);
1937
1938 domain_update_iommu_cap(domain);
1939 domain->iommu_did[iommu->seq_id] = 0;
1940 }
1941
1942 return count;
1943 }
1944
1945 static struct iova_domain reserved_iova_list;
1946 static struct lock_class_key reserved_rbtree_key;
1947
dmar_init_reserved_ranges(void)1948 static int dmar_init_reserved_ranges(void)
1949 {
1950 struct pci_dev *pdev = NULL;
1951 struct iova *iova;
1952 int i;
1953
1954 init_iova_domain(&reserved_iova_list, VTD_PAGE_SIZE, IOVA_START_PFN);
1955
1956 lockdep_set_class(&reserved_iova_list.iova_rbtree_lock,
1957 &reserved_rbtree_key);
1958
1959 /* IOAPIC ranges shouldn't be accessed by DMA */
1960 iova = reserve_iova(&reserved_iova_list, IOVA_PFN(IOAPIC_RANGE_START),
1961 IOVA_PFN(IOAPIC_RANGE_END));
1962 if (!iova) {
1963 pr_err("Reserve IOAPIC range failed\n");
1964 return -ENODEV;
1965 }
1966
1967 /* Reserve all PCI MMIO to avoid peer-to-peer access */
1968 for_each_pci_dev(pdev) {
1969 struct resource *r;
1970
1971 for (i = 0; i < PCI_NUM_RESOURCES; i++) {
1972 r = &pdev->resource[i];
1973 if (!r->flags || !(r->flags & IORESOURCE_MEM))
1974 continue;
1975 iova = reserve_iova(&reserved_iova_list,
1976 IOVA_PFN(r->start),
1977 IOVA_PFN(r->end));
1978 if (!iova) {
1979 pci_err(pdev, "Reserve iova for %pR failed\n", r);
1980 return -ENODEV;
1981 }
1982 }
1983 }
1984 return 0;
1985 }
1986
guestwidth_to_adjustwidth(int gaw)1987 static inline int guestwidth_to_adjustwidth(int gaw)
1988 {
1989 int agaw;
1990 int r = (gaw - 12) % 9;
1991
1992 if (r == 0)
1993 agaw = gaw;
1994 else
1995 agaw = gaw + 9 - r;
1996 if (agaw > 64)
1997 agaw = 64;
1998 return agaw;
1999 }
2000
domain_exit(struct dmar_domain * domain)2001 static void domain_exit(struct dmar_domain *domain)
2002 {
2003
2004 /* Remove associated devices and clear attached or cached domains */
2005 domain_remove_dev_info(domain);
2006
2007 /* destroy iovas */
2008 if (domain->domain.type == IOMMU_DOMAIN_DMA)
2009 put_iova_domain(&domain->iovad);
2010
2011 if (domain->pgd) {
2012 struct page *freelist;
2013
2014 freelist = domain_unmap(domain, 0, DOMAIN_MAX_PFN(domain->gaw));
2015 dma_free_pagelist(freelist);
2016 }
2017
2018 free_domain_mem(domain);
2019 }
2020
2021 /*
2022 * Get the PASID directory size for scalable mode context entry.
2023 * Value of X in the PDTS field of a scalable mode context entry
2024 * indicates PASID directory with 2^(X + 7) entries.
2025 */
context_get_sm_pds(struct pasid_table * table)2026 static inline unsigned long context_get_sm_pds(struct pasid_table *table)
2027 {
2028 int pds, max_pde;
2029
2030 max_pde = table->max_pasid >> PASID_PDE_SHIFT;
2031 pds = find_first_bit((unsigned long *)&max_pde, MAX_NR_PASID_BITS);
2032 if (pds < 7)
2033 return 0;
2034
2035 return pds - 7;
2036 }
2037
2038 /*
2039 * Set the RID_PASID field of a scalable mode context entry. The
2040 * IOMMU hardware will use the PASID value set in this field for
2041 * DMA translations of DMA requests without PASID.
2042 */
2043 static inline void
context_set_sm_rid2pasid(struct context_entry * context,unsigned long pasid)2044 context_set_sm_rid2pasid(struct context_entry *context, unsigned long pasid)
2045 {
2046 context->hi |= pasid & ((1 << 20) - 1);
2047 }
2048
2049 /*
2050 * Set the DTE(Device-TLB Enable) field of a scalable mode context
2051 * entry.
2052 */
context_set_sm_dte(struct context_entry * context)2053 static inline void context_set_sm_dte(struct context_entry *context)
2054 {
2055 context->lo |= (1 << 2);
2056 }
2057
2058 /*
2059 * Set the PRE(Page Request Enable) field of a scalable mode context
2060 * entry.
2061 */
context_set_sm_pre(struct context_entry * context)2062 static inline void context_set_sm_pre(struct context_entry *context)
2063 {
2064 context->lo |= (1 << 4);
2065 }
2066
2067 /* Convert value to context PASID directory size field coding. */
2068 #define context_pdts(pds) (((pds) & 0x7) << 9)
2069
domain_context_mapping_one(struct dmar_domain * domain,struct intel_iommu * iommu,struct pasid_table * table,u8 bus,u8 devfn)2070 static int domain_context_mapping_one(struct dmar_domain *domain,
2071 struct intel_iommu *iommu,
2072 struct pasid_table *table,
2073 u8 bus, u8 devfn)
2074 {
2075 u16 did = domain->iommu_did[iommu->seq_id];
2076 int translation = CONTEXT_TT_MULTI_LEVEL;
2077 struct device_domain_info *info = NULL;
2078 struct context_entry *context;
2079 unsigned long flags;
2080 int ret;
2081
2082 WARN_ON(did == 0);
2083
2084 if (hw_pass_through && domain_type_is_si(domain))
2085 translation = CONTEXT_TT_PASS_THROUGH;
2086
2087 pr_debug("Set context mapping for %02x:%02x.%d\n",
2088 bus, PCI_SLOT(devfn), PCI_FUNC(devfn));
2089
2090 BUG_ON(!domain->pgd);
2091
2092 spin_lock_irqsave(&device_domain_lock, flags);
2093 spin_lock(&iommu->lock);
2094
2095 ret = -ENOMEM;
2096 context = iommu_context_addr(iommu, bus, devfn, 1);
2097 if (!context)
2098 goto out_unlock;
2099
2100 ret = 0;
2101 if (context_present(context))
2102 goto out_unlock;
2103
2104 /*
2105 * For kdump cases, old valid entries may be cached due to the
2106 * in-flight DMA and copied pgtable, but there is no unmapping
2107 * behaviour for them, thus we need an explicit cache flush for
2108 * the newly-mapped device. For kdump, at this point, the device
2109 * is supposed to finish reset at its driver probe stage, so no
2110 * in-flight DMA will exist, and we don't need to worry anymore
2111 * hereafter.
2112 */
2113 if (context_copied(context)) {
2114 u16 did_old = context_domain_id(context);
2115
2116 if (did_old < cap_ndoms(iommu->cap)) {
2117 iommu->flush.flush_context(iommu, did_old,
2118 (((u16)bus) << 8) | devfn,
2119 DMA_CCMD_MASK_NOBIT,
2120 DMA_CCMD_DEVICE_INVL);
2121 iommu->flush.flush_iotlb(iommu, did_old, 0, 0,
2122 DMA_TLB_DSI_FLUSH);
2123 }
2124 }
2125
2126 context_clear_entry(context);
2127
2128 if (sm_supported(iommu)) {
2129 unsigned long pds;
2130
2131 WARN_ON(!table);
2132
2133 /* Setup the PASID DIR pointer: */
2134 pds = context_get_sm_pds(table);
2135 context->lo = (u64)virt_to_phys(table->table) |
2136 context_pdts(pds);
2137
2138 /* Setup the RID_PASID field: */
2139 context_set_sm_rid2pasid(context, PASID_RID2PASID);
2140
2141 /*
2142 * Setup the Device-TLB enable bit and Page request
2143 * Enable bit:
2144 */
2145 info = iommu_support_dev_iotlb(domain, iommu, bus, devfn);
2146 if (info && info->ats_supported)
2147 context_set_sm_dte(context);
2148 if (info && info->pri_supported)
2149 context_set_sm_pre(context);
2150 } else {
2151 struct dma_pte *pgd = domain->pgd;
2152 int agaw;
2153
2154 context_set_domain_id(context, did);
2155
2156 if (translation != CONTEXT_TT_PASS_THROUGH) {
2157 /*
2158 * Skip top levels of page tables for iommu which has
2159 * less agaw than default. Unnecessary for PT mode.
2160 */
2161 for (agaw = domain->agaw; agaw > iommu->agaw; agaw--) {
2162 ret = -ENOMEM;
2163 pgd = phys_to_virt(dma_pte_addr(pgd));
2164 if (!dma_pte_present(pgd))
2165 goto out_unlock;
2166 }
2167
2168 info = iommu_support_dev_iotlb(domain, iommu, bus, devfn);
2169 if (info && info->ats_supported)
2170 translation = CONTEXT_TT_DEV_IOTLB;
2171 else
2172 translation = CONTEXT_TT_MULTI_LEVEL;
2173
2174 context_set_address_root(context, virt_to_phys(pgd));
2175 context_set_address_width(context, agaw);
2176 } else {
2177 /*
2178 * In pass through mode, AW must be programmed to
2179 * indicate the largest AGAW value supported by
2180 * hardware. And ASR is ignored by hardware.
2181 */
2182 context_set_address_width(context, iommu->msagaw);
2183 }
2184
2185 context_set_translation_type(context, translation);
2186 }
2187
2188 context_set_fault_enable(context);
2189 context_set_present(context);
2190 if (!ecap_coherent(iommu->ecap))
2191 clflush_cache_range(context, sizeof(*context));
2192
2193 /*
2194 * It's a non-present to present mapping. If hardware doesn't cache
2195 * non-present entry we only need to flush the write-buffer. If the
2196 * _does_ cache non-present entries, then it does so in the special
2197 * domain #0, which we have to flush:
2198 */
2199 if (cap_caching_mode(iommu->cap)) {
2200 iommu->flush.flush_context(iommu, 0,
2201 (((u16)bus) << 8) | devfn,
2202 DMA_CCMD_MASK_NOBIT,
2203 DMA_CCMD_DEVICE_INVL);
2204 iommu->flush.flush_iotlb(iommu, did, 0, 0, DMA_TLB_DSI_FLUSH);
2205 } else {
2206 iommu_flush_write_buffer(iommu);
2207 }
2208 iommu_enable_dev_iotlb(info);
2209
2210 ret = 0;
2211
2212 out_unlock:
2213 spin_unlock(&iommu->lock);
2214 spin_unlock_irqrestore(&device_domain_lock, flags);
2215
2216 return ret;
2217 }
2218
2219 struct domain_context_mapping_data {
2220 struct dmar_domain *domain;
2221 struct intel_iommu *iommu;
2222 struct pasid_table *table;
2223 };
2224
domain_context_mapping_cb(struct pci_dev * pdev,u16 alias,void * opaque)2225 static int domain_context_mapping_cb(struct pci_dev *pdev,
2226 u16 alias, void *opaque)
2227 {
2228 struct domain_context_mapping_data *data = opaque;
2229
2230 return domain_context_mapping_one(data->domain, data->iommu,
2231 data->table, PCI_BUS_NUM(alias),
2232 alias & 0xff);
2233 }
2234
2235 static int
domain_context_mapping(struct dmar_domain * domain,struct device * dev)2236 domain_context_mapping(struct dmar_domain *domain, struct device *dev)
2237 {
2238 struct domain_context_mapping_data data;
2239 struct pasid_table *table;
2240 struct intel_iommu *iommu;
2241 u8 bus, devfn;
2242
2243 iommu = device_to_iommu(dev, &bus, &devfn);
2244 if (!iommu)
2245 return -ENODEV;
2246
2247 table = intel_pasid_get_table(dev);
2248
2249 if (!dev_is_pci(dev))
2250 return domain_context_mapping_one(domain, iommu, table,
2251 bus, devfn);
2252
2253 data.domain = domain;
2254 data.iommu = iommu;
2255 data.table = table;
2256
2257 return pci_for_each_dma_alias(to_pci_dev(dev),
2258 &domain_context_mapping_cb, &data);
2259 }
2260
domain_context_mapped_cb(struct pci_dev * pdev,u16 alias,void * opaque)2261 static int domain_context_mapped_cb(struct pci_dev *pdev,
2262 u16 alias, void *opaque)
2263 {
2264 struct intel_iommu *iommu = opaque;
2265
2266 return !device_context_mapped(iommu, PCI_BUS_NUM(alias), alias & 0xff);
2267 }
2268
domain_context_mapped(struct device * dev)2269 static int domain_context_mapped(struct device *dev)
2270 {
2271 struct intel_iommu *iommu;
2272 u8 bus, devfn;
2273
2274 iommu = device_to_iommu(dev, &bus, &devfn);
2275 if (!iommu)
2276 return -ENODEV;
2277
2278 if (!dev_is_pci(dev))
2279 return device_context_mapped(iommu, bus, devfn);
2280
2281 return !pci_for_each_dma_alias(to_pci_dev(dev),
2282 domain_context_mapped_cb, iommu);
2283 }
2284
2285 /* Returns a number of VTD pages, but aligned to MM page size */
aligned_nrpages(unsigned long host_addr,size_t size)2286 static inline unsigned long aligned_nrpages(unsigned long host_addr,
2287 size_t size)
2288 {
2289 host_addr &= ~PAGE_MASK;
2290 return PAGE_ALIGN(host_addr + size) >> VTD_PAGE_SHIFT;
2291 }
2292
2293 /* Return largest possible superpage level for a given mapping */
hardware_largepage_caps(struct dmar_domain * domain,unsigned long iov_pfn,unsigned long phy_pfn,unsigned long pages)2294 static inline int hardware_largepage_caps(struct dmar_domain *domain,
2295 unsigned long iov_pfn,
2296 unsigned long phy_pfn,
2297 unsigned long pages)
2298 {
2299 int support, level = 1;
2300 unsigned long pfnmerge;
2301
2302 support = domain->iommu_superpage;
2303
2304 /* To use a large page, the virtual *and* physical addresses
2305 must be aligned to 2MiB/1GiB/etc. Lower bits set in either
2306 of them will mean we have to use smaller pages. So just
2307 merge them and check both at once. */
2308 pfnmerge = iov_pfn | phy_pfn;
2309
2310 while (support && !(pfnmerge & ~VTD_STRIDE_MASK)) {
2311 pages >>= VTD_STRIDE_SHIFT;
2312 if (!pages)
2313 break;
2314 pfnmerge >>= VTD_STRIDE_SHIFT;
2315 level++;
2316 support--;
2317 }
2318 return level;
2319 }
2320
__domain_mapping(struct dmar_domain * domain,unsigned long iov_pfn,struct scatterlist * sg,unsigned long phys_pfn,unsigned long nr_pages,int prot)2321 static int __domain_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
2322 struct scatterlist *sg, unsigned long phys_pfn,
2323 unsigned long nr_pages, int prot)
2324 {
2325 struct dma_pte *first_pte = NULL, *pte = NULL;
2326 phys_addr_t pteval;
2327 unsigned long sg_res = 0;
2328 unsigned int largepage_lvl = 0;
2329 unsigned long lvl_pages = 0;
2330 u64 attr;
2331
2332 BUG_ON(!domain_pfn_supported(domain, iov_pfn + nr_pages - 1));
2333
2334 if ((prot & (DMA_PTE_READ|DMA_PTE_WRITE)) == 0)
2335 return -EINVAL;
2336
2337 attr = prot & (DMA_PTE_READ | DMA_PTE_WRITE | DMA_PTE_SNP);
2338 if (domain_use_first_level(domain))
2339 attr |= DMA_FL_PTE_PRESENT | DMA_FL_PTE_XD | DMA_FL_PTE_US;
2340
2341 if (!sg) {
2342 sg_res = nr_pages;
2343 pteval = ((phys_addr_t)phys_pfn << VTD_PAGE_SHIFT) | attr;
2344 }
2345
2346 while (nr_pages > 0) {
2347 uint64_t tmp;
2348
2349 if (!sg_res) {
2350 unsigned int pgoff = sg->offset & ~PAGE_MASK;
2351
2352 sg_res = aligned_nrpages(sg->offset, sg->length);
2353 sg->dma_address = ((dma_addr_t)iov_pfn << VTD_PAGE_SHIFT) + pgoff;
2354 sg->dma_length = sg->length;
2355 pteval = (sg_phys(sg) - pgoff) | attr;
2356 phys_pfn = pteval >> VTD_PAGE_SHIFT;
2357 }
2358
2359 if (!pte) {
2360 largepage_lvl = hardware_largepage_caps(domain, iov_pfn, phys_pfn, sg_res);
2361
2362 first_pte = pte = pfn_to_dma_pte(domain, iov_pfn, &largepage_lvl);
2363 if (!pte)
2364 return -ENOMEM;
2365 /* It is large page*/
2366 if (largepage_lvl > 1) {
2367 unsigned long nr_superpages, end_pfn;
2368
2369 pteval |= DMA_PTE_LARGE_PAGE;
2370 lvl_pages = lvl_to_nr_pages(largepage_lvl);
2371
2372 nr_superpages = sg_res / lvl_pages;
2373 end_pfn = iov_pfn + nr_superpages * lvl_pages - 1;
2374
2375 /*
2376 * Ensure that old small page tables are
2377 * removed to make room for superpage(s).
2378 * We're adding new large pages, so make sure
2379 * we don't remove their parent tables.
2380 */
2381 dma_pte_free_pagetable(domain, iov_pfn, end_pfn,
2382 largepage_lvl + 1);
2383 } else {
2384 pteval &= ~(uint64_t)DMA_PTE_LARGE_PAGE;
2385 }
2386
2387 }
2388 /* We don't need lock here, nobody else
2389 * touches the iova range
2390 */
2391 tmp = cmpxchg64_local(&pte->val, 0ULL, pteval);
2392 if (tmp) {
2393 static int dumps = 5;
2394 pr_crit("ERROR: DMA PTE for vPFN 0x%lx already set (to %llx not %llx)\n",
2395 iov_pfn, tmp, (unsigned long long)pteval);
2396 if (dumps) {
2397 dumps--;
2398 debug_dma_dump_mappings(NULL);
2399 }
2400 WARN_ON(1);
2401 }
2402
2403 lvl_pages = lvl_to_nr_pages(largepage_lvl);
2404
2405 BUG_ON(nr_pages < lvl_pages);
2406 BUG_ON(sg_res < lvl_pages);
2407
2408 nr_pages -= lvl_pages;
2409 iov_pfn += lvl_pages;
2410 phys_pfn += lvl_pages;
2411 pteval += lvl_pages * VTD_PAGE_SIZE;
2412 sg_res -= lvl_pages;
2413
2414 /* If the next PTE would be the first in a new page, then we
2415 need to flush the cache on the entries we've just written.
2416 And then we'll need to recalculate 'pte', so clear it and
2417 let it get set again in the if (!pte) block above.
2418
2419 If we're done (!nr_pages) we need to flush the cache too.
2420
2421 Also if we've been setting superpages, we may need to
2422 recalculate 'pte' and switch back to smaller pages for the
2423 end of the mapping, if the trailing size is not enough to
2424 use another superpage (i.e. sg_res < lvl_pages). */
2425 pte++;
2426 if (!nr_pages || first_pte_in_page(pte) ||
2427 (largepage_lvl > 1 && sg_res < lvl_pages)) {
2428 domain_flush_cache(domain, first_pte,
2429 (void *)pte - (void *)first_pte);
2430 pte = NULL;
2431 }
2432
2433 if (!sg_res && nr_pages)
2434 sg = sg_next(sg);
2435 }
2436 return 0;
2437 }
2438
domain_mapping(struct dmar_domain * domain,unsigned long iov_pfn,struct scatterlist * sg,unsigned long phys_pfn,unsigned long nr_pages,int prot)2439 static int domain_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
2440 struct scatterlist *sg, unsigned long phys_pfn,
2441 unsigned long nr_pages, int prot)
2442 {
2443 int iommu_id, ret;
2444 struct intel_iommu *iommu;
2445
2446 /* Do the real mapping first */
2447 ret = __domain_mapping(domain, iov_pfn, sg, phys_pfn, nr_pages, prot);
2448 if (ret)
2449 return ret;
2450
2451 for_each_domain_iommu(iommu_id, domain) {
2452 iommu = g_iommus[iommu_id];
2453 __mapping_notify_one(iommu, domain, iov_pfn, nr_pages);
2454 }
2455
2456 return 0;
2457 }
2458
domain_sg_mapping(struct dmar_domain * domain,unsigned long iov_pfn,struct scatterlist * sg,unsigned long nr_pages,int prot)2459 static inline int domain_sg_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
2460 struct scatterlist *sg, unsigned long nr_pages,
2461 int prot)
2462 {
2463 return domain_mapping(domain, iov_pfn, sg, 0, nr_pages, prot);
2464 }
2465
domain_pfn_mapping(struct dmar_domain * domain,unsigned long iov_pfn,unsigned long phys_pfn,unsigned long nr_pages,int prot)2466 static inline int domain_pfn_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
2467 unsigned long phys_pfn, unsigned long nr_pages,
2468 int prot)
2469 {
2470 return domain_mapping(domain, iov_pfn, NULL, phys_pfn, nr_pages, prot);
2471 }
2472
domain_context_clear_one(struct intel_iommu * iommu,u8 bus,u8 devfn)2473 static void domain_context_clear_one(struct intel_iommu *iommu, u8 bus, u8 devfn)
2474 {
2475 unsigned long flags;
2476 struct context_entry *context;
2477 u16 did_old;
2478
2479 if (!iommu)
2480 return;
2481
2482 spin_lock_irqsave(&iommu->lock, flags);
2483 context = iommu_context_addr(iommu, bus, devfn, 0);
2484 if (!context) {
2485 spin_unlock_irqrestore(&iommu->lock, flags);
2486 return;
2487 }
2488 did_old = context_domain_id(context);
2489 context_clear_entry(context);
2490 __iommu_flush_cache(iommu, context, sizeof(*context));
2491 spin_unlock_irqrestore(&iommu->lock, flags);
2492 iommu->flush.flush_context(iommu,
2493 did_old,
2494 (((u16)bus) << 8) | devfn,
2495 DMA_CCMD_MASK_NOBIT,
2496 DMA_CCMD_DEVICE_INVL);
2497 iommu->flush.flush_iotlb(iommu,
2498 did_old,
2499 0,
2500 0,
2501 DMA_TLB_DSI_FLUSH);
2502 }
2503
unlink_domain_info(struct device_domain_info * info)2504 static inline void unlink_domain_info(struct device_domain_info *info)
2505 {
2506 assert_spin_locked(&device_domain_lock);
2507 list_del(&info->link);
2508 list_del(&info->global);
2509 if (info->dev)
2510 dev_iommu_priv_set(info->dev, NULL);
2511 }
2512
domain_remove_dev_info(struct dmar_domain * domain)2513 static void domain_remove_dev_info(struct dmar_domain *domain)
2514 {
2515 struct device_domain_info *info, *tmp;
2516 unsigned long flags;
2517
2518 spin_lock_irqsave(&device_domain_lock, flags);
2519 list_for_each_entry_safe(info, tmp, &domain->devices, link)
2520 __dmar_remove_one_dev_info(info);
2521 spin_unlock_irqrestore(&device_domain_lock, flags);
2522 }
2523
find_domain(struct device * dev)2524 struct dmar_domain *find_domain(struct device *dev)
2525 {
2526 struct device_domain_info *info;
2527
2528 if (unlikely(!dev || !dev->iommu))
2529 return NULL;
2530
2531 if (unlikely(attach_deferred(dev)))
2532 return NULL;
2533
2534 /* No lock here, assumes no domain exit in normal case */
2535 info = get_domain_info(dev);
2536 if (likely(info))
2537 return info->domain;
2538
2539 return NULL;
2540 }
2541
do_deferred_attach(struct device * dev)2542 static void do_deferred_attach(struct device *dev)
2543 {
2544 struct iommu_domain *domain;
2545
2546 dev_iommu_priv_set(dev, NULL);
2547 domain = iommu_get_domain_for_dev(dev);
2548 if (domain)
2549 intel_iommu_attach_device(domain, dev);
2550 }
2551
2552 static inline struct device_domain_info *
dmar_search_domain_by_dev_info(int segment,int bus,int devfn)2553 dmar_search_domain_by_dev_info(int segment, int bus, int devfn)
2554 {
2555 struct device_domain_info *info;
2556
2557 list_for_each_entry(info, &device_domain_list, global)
2558 if (info->segment == segment && info->bus == bus &&
2559 info->devfn == devfn)
2560 return info;
2561
2562 return NULL;
2563 }
2564
domain_setup_first_level(struct intel_iommu * iommu,struct dmar_domain * domain,struct device * dev,u32 pasid)2565 static int domain_setup_first_level(struct intel_iommu *iommu,
2566 struct dmar_domain *domain,
2567 struct device *dev,
2568 u32 pasid)
2569 {
2570 int flags = PASID_FLAG_SUPERVISOR_MODE;
2571 struct dma_pte *pgd = domain->pgd;
2572 int agaw, level;
2573
2574 /*
2575 * Skip top levels of page tables for iommu which has
2576 * less agaw than default. Unnecessary for PT mode.
2577 */
2578 for (agaw = domain->agaw; agaw > iommu->agaw; agaw--) {
2579 pgd = phys_to_virt(dma_pte_addr(pgd));
2580 if (!dma_pte_present(pgd))
2581 return -ENOMEM;
2582 }
2583
2584 level = agaw_to_level(agaw);
2585 if (level != 4 && level != 5)
2586 return -EINVAL;
2587
2588 flags |= (level == 5) ? PASID_FLAG_FL5LP : 0;
2589
2590 return intel_pasid_setup_first_level(iommu, dev, (pgd_t *)pgd, pasid,
2591 domain->iommu_did[iommu->seq_id],
2592 flags);
2593 }
2594
dev_is_real_dma_subdevice(struct device * dev)2595 static bool dev_is_real_dma_subdevice(struct device *dev)
2596 {
2597 return dev && dev_is_pci(dev) &&
2598 pci_real_dma_dev(to_pci_dev(dev)) != to_pci_dev(dev);
2599 }
2600
dmar_insert_one_dev_info(struct intel_iommu * iommu,int bus,int devfn,struct device * dev,struct dmar_domain * domain)2601 static struct dmar_domain *dmar_insert_one_dev_info(struct intel_iommu *iommu,
2602 int bus, int devfn,
2603 struct device *dev,
2604 struct dmar_domain *domain)
2605 {
2606 struct dmar_domain *found = NULL;
2607 struct device_domain_info *info;
2608 unsigned long flags;
2609 int ret;
2610
2611 info = alloc_devinfo_mem();
2612 if (!info)
2613 return NULL;
2614
2615 if (!dev_is_real_dma_subdevice(dev)) {
2616 info->bus = bus;
2617 info->devfn = devfn;
2618 info->segment = iommu->segment;
2619 } else {
2620 struct pci_dev *pdev = to_pci_dev(dev);
2621
2622 info->bus = pdev->bus->number;
2623 info->devfn = pdev->devfn;
2624 info->segment = pci_domain_nr(pdev->bus);
2625 }
2626
2627 info->ats_supported = info->pasid_supported = info->pri_supported = 0;
2628 info->ats_enabled = info->pasid_enabled = info->pri_enabled = 0;
2629 info->ats_qdep = 0;
2630 info->dev = dev;
2631 info->domain = domain;
2632 info->iommu = iommu;
2633 info->pasid_table = NULL;
2634 info->auxd_enabled = 0;
2635 INIT_LIST_HEAD(&info->auxiliary_domains);
2636
2637 if (dev && dev_is_pci(dev)) {
2638 struct pci_dev *pdev = to_pci_dev(info->dev);
2639
2640 if (ecap_dev_iotlb_support(iommu->ecap) &&
2641 pci_ats_supported(pdev) &&
2642 dmar_find_matched_atsr_unit(pdev))
2643 info->ats_supported = 1;
2644
2645 if (sm_supported(iommu)) {
2646 if (pasid_supported(iommu)) {
2647 int features = pci_pasid_features(pdev);
2648 if (features >= 0)
2649 info->pasid_supported = features | 1;
2650 }
2651
2652 if (info->ats_supported && ecap_prs(iommu->ecap) &&
2653 pci_pri_supported(pdev))
2654 info->pri_supported = 1;
2655 }
2656 }
2657
2658 spin_lock_irqsave(&device_domain_lock, flags);
2659 if (dev)
2660 found = find_domain(dev);
2661
2662 if (!found) {
2663 struct device_domain_info *info2;
2664 info2 = dmar_search_domain_by_dev_info(info->segment, info->bus,
2665 info->devfn);
2666 if (info2) {
2667 found = info2->domain;
2668 info2->dev = dev;
2669 }
2670 }
2671
2672 if (found) {
2673 spin_unlock_irqrestore(&device_domain_lock, flags);
2674 free_devinfo_mem(info);
2675 /* Caller must free the original domain */
2676 return found;
2677 }
2678
2679 spin_lock(&iommu->lock);
2680 ret = domain_attach_iommu(domain, iommu);
2681 spin_unlock(&iommu->lock);
2682
2683 if (ret) {
2684 spin_unlock_irqrestore(&device_domain_lock, flags);
2685 free_devinfo_mem(info);
2686 return NULL;
2687 }
2688
2689 list_add(&info->link, &domain->devices);
2690 list_add(&info->global, &device_domain_list);
2691 if (dev)
2692 dev_iommu_priv_set(dev, info);
2693 spin_unlock_irqrestore(&device_domain_lock, flags);
2694
2695 /* PASID table is mandatory for a PCI device in scalable mode. */
2696 if (dev && dev_is_pci(dev) && sm_supported(iommu)) {
2697 ret = intel_pasid_alloc_table(dev);
2698 if (ret) {
2699 dev_err(dev, "PASID table allocation failed\n");
2700 dmar_remove_one_dev_info(dev);
2701 return NULL;
2702 }
2703
2704 /* Setup the PASID entry for requests without PASID: */
2705 spin_lock_irqsave(&iommu->lock, flags);
2706 if (hw_pass_through && domain_type_is_si(domain))
2707 ret = intel_pasid_setup_pass_through(iommu, domain,
2708 dev, PASID_RID2PASID);
2709 else if (domain_use_first_level(domain))
2710 ret = domain_setup_first_level(iommu, domain, dev,
2711 PASID_RID2PASID);
2712 else
2713 ret = intel_pasid_setup_second_level(iommu, domain,
2714 dev, PASID_RID2PASID);
2715 spin_unlock_irqrestore(&iommu->lock, flags);
2716 if (ret) {
2717 dev_err(dev, "Setup RID2PASID failed\n");
2718 dmar_remove_one_dev_info(dev);
2719 return NULL;
2720 }
2721 }
2722
2723 if (dev && domain_context_mapping(domain, dev)) {
2724 dev_err(dev, "Domain context map failed\n");
2725 dmar_remove_one_dev_info(dev);
2726 return NULL;
2727 }
2728
2729 return domain;
2730 }
2731
iommu_domain_identity_map(struct dmar_domain * domain,unsigned long first_vpfn,unsigned long last_vpfn)2732 static int iommu_domain_identity_map(struct dmar_domain *domain,
2733 unsigned long first_vpfn,
2734 unsigned long last_vpfn)
2735 {
2736 /*
2737 * RMRR range might have overlap with physical memory range,
2738 * clear it first
2739 */
2740 dma_pte_clear_range(domain, first_vpfn, last_vpfn);
2741
2742 return __domain_mapping(domain, first_vpfn, NULL,
2743 first_vpfn, last_vpfn - first_vpfn + 1,
2744 DMA_PTE_READ|DMA_PTE_WRITE);
2745 }
2746
2747 static int md_domain_init(struct dmar_domain *domain, int guest_width);
2748
si_domain_init(int hw)2749 static int __init si_domain_init(int hw)
2750 {
2751 struct dmar_rmrr_unit *rmrr;
2752 struct device *dev;
2753 int i, nid, ret;
2754
2755 si_domain = alloc_domain(DOMAIN_FLAG_STATIC_IDENTITY);
2756 if (!si_domain)
2757 return -EFAULT;
2758
2759 if (md_domain_init(si_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
2760 domain_exit(si_domain);
2761 return -EFAULT;
2762 }
2763
2764 if (hw)
2765 return 0;
2766
2767 for_each_online_node(nid) {
2768 unsigned long start_pfn, end_pfn;
2769 int i;
2770
2771 for_each_mem_pfn_range(i, nid, &start_pfn, &end_pfn, NULL) {
2772 ret = iommu_domain_identity_map(si_domain,
2773 mm_to_dma_pfn(start_pfn),
2774 mm_to_dma_pfn(end_pfn));
2775 if (ret)
2776 return ret;
2777 }
2778 }
2779
2780 /*
2781 * Identity map the RMRRs so that devices with RMRRs could also use
2782 * the si_domain.
2783 */
2784 for_each_rmrr_units(rmrr) {
2785 for_each_active_dev_scope(rmrr->devices, rmrr->devices_cnt,
2786 i, dev) {
2787 unsigned long long start = rmrr->base_address;
2788 unsigned long long end = rmrr->end_address;
2789
2790 if (WARN_ON(end < start ||
2791 end >> agaw_to_width(si_domain->agaw)))
2792 continue;
2793
2794 ret = iommu_domain_identity_map(si_domain,
2795 mm_to_dma_pfn(start >> PAGE_SHIFT),
2796 mm_to_dma_pfn(end >> PAGE_SHIFT));
2797 if (ret)
2798 return ret;
2799 }
2800 }
2801
2802 return 0;
2803 }
2804
domain_add_dev_info(struct dmar_domain * domain,struct device * dev)2805 static int domain_add_dev_info(struct dmar_domain *domain, struct device *dev)
2806 {
2807 struct dmar_domain *ndomain;
2808 struct intel_iommu *iommu;
2809 u8 bus, devfn;
2810
2811 iommu = device_to_iommu(dev, &bus, &devfn);
2812 if (!iommu)
2813 return -ENODEV;
2814
2815 ndomain = dmar_insert_one_dev_info(iommu, bus, devfn, dev, domain);
2816 if (ndomain != domain)
2817 return -EBUSY;
2818
2819 return 0;
2820 }
2821
device_has_rmrr(struct device * dev)2822 static bool device_has_rmrr(struct device *dev)
2823 {
2824 struct dmar_rmrr_unit *rmrr;
2825 struct device *tmp;
2826 int i;
2827
2828 rcu_read_lock();
2829 for_each_rmrr_units(rmrr) {
2830 /*
2831 * Return TRUE if this RMRR contains the device that
2832 * is passed in.
2833 */
2834 for_each_active_dev_scope(rmrr->devices,
2835 rmrr->devices_cnt, i, tmp)
2836 if (tmp == dev ||
2837 is_downstream_to_pci_bridge(dev, tmp)) {
2838 rcu_read_unlock();
2839 return true;
2840 }
2841 }
2842 rcu_read_unlock();
2843 return false;
2844 }
2845
2846 /**
2847 * device_rmrr_is_relaxable - Test whether the RMRR of this device
2848 * is relaxable (ie. is allowed to be not enforced under some conditions)
2849 * @dev: device handle
2850 *
2851 * We assume that PCI USB devices with RMRRs have them largely
2852 * for historical reasons and that the RMRR space is not actively used post
2853 * boot. This exclusion may change if vendors begin to abuse it.
2854 *
2855 * The same exception is made for graphics devices, with the requirement that
2856 * any use of the RMRR regions will be torn down before assigning the device
2857 * to a guest.
2858 *
2859 * Return: true if the RMRR is relaxable, false otherwise
2860 */
device_rmrr_is_relaxable(struct device * dev)2861 static bool device_rmrr_is_relaxable(struct device *dev)
2862 {
2863 struct pci_dev *pdev;
2864
2865 if (!dev_is_pci(dev))
2866 return false;
2867
2868 pdev = to_pci_dev(dev);
2869 if (IS_USB_DEVICE(pdev) || IS_GFX_DEVICE(pdev))
2870 return true;
2871 else
2872 return false;
2873 }
2874
2875 /*
2876 * There are a couple cases where we need to restrict the functionality of
2877 * devices associated with RMRRs. The first is when evaluating a device for
2878 * identity mapping because problems exist when devices are moved in and out
2879 * of domains and their respective RMRR information is lost. This means that
2880 * a device with associated RMRRs will never be in a "passthrough" domain.
2881 * The second is use of the device through the IOMMU API. This interface
2882 * expects to have full control of the IOVA space for the device. We cannot
2883 * satisfy both the requirement that RMRR access is maintained and have an
2884 * unencumbered IOVA space. We also have no ability to quiesce the device's
2885 * use of the RMRR space or even inform the IOMMU API user of the restriction.
2886 * We therefore prevent devices associated with an RMRR from participating in
2887 * the IOMMU API, which eliminates them from device assignment.
2888 *
2889 * In both cases, devices which have relaxable RMRRs are not concerned by this
2890 * restriction. See device_rmrr_is_relaxable comment.
2891 */
device_is_rmrr_locked(struct device * dev)2892 static bool device_is_rmrr_locked(struct device *dev)
2893 {
2894 if (!device_has_rmrr(dev))
2895 return false;
2896
2897 if (device_rmrr_is_relaxable(dev))
2898 return false;
2899
2900 return true;
2901 }
2902
2903 /*
2904 * Return the required default domain type for a specific device.
2905 *
2906 * @dev: the device in query
2907 * @startup: true if this is during early boot
2908 *
2909 * Returns:
2910 * - IOMMU_DOMAIN_DMA: device requires a dynamic mapping domain
2911 * - IOMMU_DOMAIN_IDENTITY: device requires an identical mapping domain
2912 * - 0: both identity and dynamic domains work for this device
2913 */
device_def_domain_type(struct device * dev)2914 static int device_def_domain_type(struct device *dev)
2915 {
2916 if (dev_is_pci(dev)) {
2917 struct pci_dev *pdev = to_pci_dev(dev);
2918
2919 /*
2920 * Prevent any device marked as untrusted from getting
2921 * placed into the statically identity mapping domain.
2922 */
2923 if (pdev->untrusted)
2924 return IOMMU_DOMAIN_DMA;
2925
2926 if ((iommu_identity_mapping & IDENTMAP_AZALIA) && IS_AZALIA(pdev))
2927 return IOMMU_DOMAIN_IDENTITY;
2928
2929 if ((iommu_identity_mapping & IDENTMAP_GFX) && IS_GFX_DEVICE(pdev))
2930 return IOMMU_DOMAIN_IDENTITY;
2931 }
2932
2933 return 0;
2934 }
2935
intel_iommu_init_qi(struct intel_iommu * iommu)2936 static void intel_iommu_init_qi(struct intel_iommu *iommu)
2937 {
2938 /*
2939 * Start from the sane iommu hardware state.
2940 * If the queued invalidation is already initialized by us
2941 * (for example, while enabling interrupt-remapping) then
2942 * we got the things already rolling from a sane state.
2943 */
2944 if (!iommu->qi) {
2945 /*
2946 * Clear any previous faults.
2947 */
2948 dmar_fault(-1, iommu);
2949 /*
2950 * Disable queued invalidation if supported and already enabled
2951 * before OS handover.
2952 */
2953 dmar_disable_qi(iommu);
2954 }
2955
2956 if (dmar_enable_qi(iommu)) {
2957 /*
2958 * Queued Invalidate not enabled, use Register Based Invalidate
2959 */
2960 iommu->flush.flush_context = __iommu_flush_context;
2961 iommu->flush.flush_iotlb = __iommu_flush_iotlb;
2962 pr_info("%s: Using Register based invalidation\n",
2963 iommu->name);
2964 } else {
2965 iommu->flush.flush_context = qi_flush_context;
2966 iommu->flush.flush_iotlb = qi_flush_iotlb;
2967 pr_info("%s: Using Queued invalidation\n", iommu->name);
2968 }
2969 }
2970
copy_context_table(struct intel_iommu * iommu,struct root_entry * old_re,struct context_entry ** tbl,int bus,bool ext)2971 static int copy_context_table(struct intel_iommu *iommu,
2972 struct root_entry *old_re,
2973 struct context_entry **tbl,
2974 int bus, bool ext)
2975 {
2976 int tbl_idx, pos = 0, idx, devfn, ret = 0, did;
2977 struct context_entry *new_ce = NULL, ce;
2978 struct context_entry *old_ce = NULL;
2979 struct root_entry re;
2980 phys_addr_t old_ce_phys;
2981
2982 tbl_idx = ext ? bus * 2 : bus;
2983 memcpy(&re, old_re, sizeof(re));
2984
2985 for (devfn = 0; devfn < 256; devfn++) {
2986 /* First calculate the correct index */
2987 idx = (ext ? devfn * 2 : devfn) % 256;
2988
2989 if (idx == 0) {
2990 /* First save what we may have and clean up */
2991 if (new_ce) {
2992 tbl[tbl_idx] = new_ce;
2993 __iommu_flush_cache(iommu, new_ce,
2994 VTD_PAGE_SIZE);
2995 pos = 1;
2996 }
2997
2998 if (old_ce)
2999 memunmap(old_ce);
3000
3001 ret = 0;
3002 if (devfn < 0x80)
3003 old_ce_phys = root_entry_lctp(&re);
3004 else
3005 old_ce_phys = root_entry_uctp(&re);
3006
3007 if (!old_ce_phys) {
3008 if (ext && devfn == 0) {
3009 /* No LCTP, try UCTP */
3010 devfn = 0x7f;
3011 continue;
3012 } else {
3013 goto out;
3014 }
3015 }
3016
3017 ret = -ENOMEM;
3018 old_ce = memremap(old_ce_phys, PAGE_SIZE,
3019 MEMREMAP_WB);
3020 if (!old_ce)
3021 goto out;
3022
3023 new_ce = alloc_pgtable_page(iommu->node);
3024 if (!new_ce)
3025 goto out_unmap;
3026
3027 ret = 0;
3028 }
3029
3030 /* Now copy the context entry */
3031 memcpy(&ce, old_ce + idx, sizeof(ce));
3032
3033 if (!__context_present(&ce))
3034 continue;
3035
3036 did = context_domain_id(&ce);
3037 if (did >= 0 && did < cap_ndoms(iommu->cap))
3038 set_bit(did, iommu->domain_ids);
3039
3040 /*
3041 * We need a marker for copied context entries. This
3042 * marker needs to work for the old format as well as
3043 * for extended context entries.
3044 *
3045 * Bit 67 of the context entry is used. In the old
3046 * format this bit is available to software, in the
3047 * extended format it is the PGE bit, but PGE is ignored
3048 * by HW if PASIDs are disabled (and thus still
3049 * available).
3050 *
3051 * So disable PASIDs first and then mark the entry
3052 * copied. This means that we don't copy PASID
3053 * translations from the old kernel, but this is fine as
3054 * faults there are not fatal.
3055 */
3056 context_clear_pasid_enable(&ce);
3057 context_set_copied(&ce);
3058
3059 new_ce[idx] = ce;
3060 }
3061
3062 tbl[tbl_idx + pos] = new_ce;
3063
3064 __iommu_flush_cache(iommu, new_ce, VTD_PAGE_SIZE);
3065
3066 out_unmap:
3067 memunmap(old_ce);
3068
3069 out:
3070 return ret;
3071 }
3072
copy_translation_tables(struct intel_iommu * iommu)3073 static int copy_translation_tables(struct intel_iommu *iommu)
3074 {
3075 struct context_entry **ctxt_tbls;
3076 struct root_entry *old_rt;
3077 phys_addr_t old_rt_phys;
3078 int ctxt_table_entries;
3079 unsigned long flags;
3080 u64 rtaddr_reg;
3081 int bus, ret;
3082 bool new_ext, ext;
3083
3084 rtaddr_reg = dmar_readq(iommu->reg + DMAR_RTADDR_REG);
3085 ext = !!(rtaddr_reg & DMA_RTADDR_RTT);
3086 new_ext = !!ecap_ecs(iommu->ecap);
3087
3088 /*
3089 * The RTT bit can only be changed when translation is disabled,
3090 * but disabling translation means to open a window for data
3091 * corruption. So bail out and don't copy anything if we would
3092 * have to change the bit.
3093 */
3094 if (new_ext != ext)
3095 return -EINVAL;
3096
3097 old_rt_phys = rtaddr_reg & VTD_PAGE_MASK;
3098 if (!old_rt_phys)
3099 return -EINVAL;
3100
3101 old_rt = memremap(old_rt_phys, PAGE_SIZE, MEMREMAP_WB);
3102 if (!old_rt)
3103 return -ENOMEM;
3104
3105 /* This is too big for the stack - allocate it from slab */
3106 ctxt_table_entries = ext ? 512 : 256;
3107 ret = -ENOMEM;
3108 ctxt_tbls = kcalloc(ctxt_table_entries, sizeof(void *), GFP_KERNEL);
3109 if (!ctxt_tbls)
3110 goto out_unmap;
3111
3112 for (bus = 0; bus < 256; bus++) {
3113 ret = copy_context_table(iommu, &old_rt[bus],
3114 ctxt_tbls, bus, ext);
3115 if (ret) {
3116 pr_err("%s: Failed to copy context table for bus %d\n",
3117 iommu->name, bus);
3118 continue;
3119 }
3120 }
3121
3122 spin_lock_irqsave(&iommu->lock, flags);
3123
3124 /* Context tables are copied, now write them to the root_entry table */
3125 for (bus = 0; bus < 256; bus++) {
3126 int idx = ext ? bus * 2 : bus;
3127 u64 val;
3128
3129 if (ctxt_tbls[idx]) {
3130 val = virt_to_phys(ctxt_tbls[idx]) | 1;
3131 iommu->root_entry[bus].lo = val;
3132 }
3133
3134 if (!ext || !ctxt_tbls[idx + 1])
3135 continue;
3136
3137 val = virt_to_phys(ctxt_tbls[idx + 1]) | 1;
3138 iommu->root_entry[bus].hi = val;
3139 }
3140
3141 spin_unlock_irqrestore(&iommu->lock, flags);
3142
3143 kfree(ctxt_tbls);
3144
3145 __iommu_flush_cache(iommu, iommu->root_entry, PAGE_SIZE);
3146
3147 ret = 0;
3148
3149 out_unmap:
3150 memunmap(old_rt);
3151
3152 return ret;
3153 }
3154
3155 #ifdef CONFIG_INTEL_IOMMU_SVM
intel_vcmd_ioasid_alloc(ioasid_t min,ioasid_t max,void * data)3156 static ioasid_t intel_vcmd_ioasid_alloc(ioasid_t min, ioasid_t max, void *data)
3157 {
3158 struct intel_iommu *iommu = data;
3159 ioasid_t ioasid;
3160
3161 if (!iommu)
3162 return INVALID_IOASID;
3163 /*
3164 * VT-d virtual command interface always uses the full 20 bit
3165 * PASID range. Host can partition guest PASID range based on
3166 * policies but it is out of guest's control.
3167 */
3168 if (min < PASID_MIN || max > intel_pasid_max_id)
3169 return INVALID_IOASID;
3170
3171 if (vcmd_alloc_pasid(iommu, &ioasid))
3172 return INVALID_IOASID;
3173
3174 return ioasid;
3175 }
3176
intel_vcmd_ioasid_free(ioasid_t ioasid,void * data)3177 static void intel_vcmd_ioasid_free(ioasid_t ioasid, void *data)
3178 {
3179 struct intel_iommu *iommu = data;
3180
3181 if (!iommu)
3182 return;
3183 /*
3184 * Sanity check the ioasid owner is done at upper layer, e.g. VFIO
3185 * We can only free the PASID when all the devices are unbound.
3186 */
3187 if (ioasid_find(NULL, ioasid, NULL)) {
3188 pr_alert("Cannot free active IOASID %d\n", ioasid);
3189 return;
3190 }
3191 vcmd_free_pasid(iommu, ioasid);
3192 }
3193
register_pasid_allocator(struct intel_iommu * iommu)3194 static void register_pasid_allocator(struct intel_iommu *iommu)
3195 {
3196 /*
3197 * If we are running in the host, no need for custom allocator
3198 * in that PASIDs are allocated from the host system-wide.
3199 */
3200 if (!cap_caching_mode(iommu->cap))
3201 return;
3202
3203 if (!sm_supported(iommu)) {
3204 pr_warn("VT-d Scalable Mode not enabled, no PASID allocation\n");
3205 return;
3206 }
3207
3208 /*
3209 * Register a custom PASID allocator if we are running in a guest,
3210 * guest PASID must be obtained via virtual command interface.
3211 * There can be multiple vIOMMUs in each guest but only one allocator
3212 * is active. All vIOMMU allocators will eventually be calling the same
3213 * host allocator.
3214 */
3215 if (!vccap_pasid(iommu->vccap))
3216 return;
3217
3218 pr_info("Register custom PASID allocator\n");
3219 iommu->pasid_allocator.alloc = intel_vcmd_ioasid_alloc;
3220 iommu->pasid_allocator.free = intel_vcmd_ioasid_free;
3221 iommu->pasid_allocator.pdata = (void *)iommu;
3222 if (ioasid_register_allocator(&iommu->pasid_allocator)) {
3223 pr_warn("Custom PASID allocator failed, scalable mode disabled\n");
3224 /*
3225 * Disable scalable mode on this IOMMU if there
3226 * is no custom allocator. Mixing SM capable vIOMMU
3227 * and non-SM vIOMMU are not supported.
3228 */
3229 intel_iommu_sm = 0;
3230 }
3231 }
3232 #endif
3233
init_dmars(void)3234 static int __init init_dmars(void)
3235 {
3236 struct dmar_drhd_unit *drhd;
3237 struct intel_iommu *iommu;
3238 int ret;
3239
3240 /*
3241 * for each drhd
3242 * allocate root
3243 * initialize and program root entry to not present
3244 * endfor
3245 */
3246 for_each_drhd_unit(drhd) {
3247 /*
3248 * lock not needed as this is only incremented in the single
3249 * threaded kernel __init code path all other access are read
3250 * only
3251 */
3252 if (g_num_of_iommus < DMAR_UNITS_SUPPORTED) {
3253 g_num_of_iommus++;
3254 continue;
3255 }
3256 pr_err_once("Exceeded %d IOMMUs\n", DMAR_UNITS_SUPPORTED);
3257 }
3258
3259 /* Preallocate enough resources for IOMMU hot-addition */
3260 if (g_num_of_iommus < DMAR_UNITS_SUPPORTED)
3261 g_num_of_iommus = DMAR_UNITS_SUPPORTED;
3262
3263 g_iommus = kcalloc(g_num_of_iommus, sizeof(struct intel_iommu *),
3264 GFP_KERNEL);
3265 if (!g_iommus) {
3266 pr_err("Allocating global iommu array failed\n");
3267 ret = -ENOMEM;
3268 goto error;
3269 }
3270
3271 for_each_iommu(iommu, drhd) {
3272 if (drhd->ignored) {
3273 iommu_disable_translation(iommu);
3274 continue;
3275 }
3276
3277 /*
3278 * Find the max pasid size of all IOMMU's in the system.
3279 * We need to ensure the system pasid table is no bigger
3280 * than the smallest supported.
3281 */
3282 if (pasid_supported(iommu)) {
3283 u32 temp = 2 << ecap_pss(iommu->ecap);
3284
3285 intel_pasid_max_id = min_t(u32, temp,
3286 intel_pasid_max_id);
3287 }
3288
3289 g_iommus[iommu->seq_id] = iommu;
3290
3291 intel_iommu_init_qi(iommu);
3292
3293 ret = iommu_init_domains(iommu);
3294 if (ret)
3295 goto free_iommu;
3296
3297 init_translation_status(iommu);
3298
3299 if (translation_pre_enabled(iommu) && !is_kdump_kernel()) {
3300 iommu_disable_translation(iommu);
3301 clear_translation_pre_enabled(iommu);
3302 pr_warn("Translation was enabled for %s but we are not in kdump mode\n",
3303 iommu->name);
3304 }
3305
3306 /*
3307 * TBD:
3308 * we could share the same root & context tables
3309 * among all IOMMU's. Need to Split it later.
3310 */
3311 ret = iommu_alloc_root_entry(iommu);
3312 if (ret)
3313 goto free_iommu;
3314
3315 if (translation_pre_enabled(iommu)) {
3316 pr_info("Translation already enabled - trying to copy translation structures\n");
3317
3318 ret = copy_translation_tables(iommu);
3319 if (ret) {
3320 /*
3321 * We found the IOMMU with translation
3322 * enabled - but failed to copy over the
3323 * old root-entry table. Try to proceed
3324 * by disabling translation now and
3325 * allocating a clean root-entry table.
3326 * This might cause DMAR faults, but
3327 * probably the dump will still succeed.
3328 */
3329 pr_err("Failed to copy translation tables from previous kernel for %s\n",
3330 iommu->name);
3331 iommu_disable_translation(iommu);
3332 clear_translation_pre_enabled(iommu);
3333 } else {
3334 pr_info("Copied translation tables from previous kernel for %s\n",
3335 iommu->name);
3336 }
3337 }
3338
3339 if (!ecap_pass_through(iommu->ecap))
3340 hw_pass_through = 0;
3341 intel_svm_check(iommu);
3342 }
3343
3344 /*
3345 * Now that qi is enabled on all iommus, set the root entry and flush
3346 * caches. This is required on some Intel X58 chipsets, otherwise the
3347 * flush_context function will loop forever and the boot hangs.
3348 */
3349 for_each_active_iommu(iommu, drhd) {
3350 iommu_flush_write_buffer(iommu);
3351 #ifdef CONFIG_INTEL_IOMMU_SVM
3352 register_pasid_allocator(iommu);
3353 #endif
3354 iommu_set_root_entry(iommu);
3355 iommu->flush.flush_context(iommu, 0, 0, 0, DMA_CCMD_GLOBAL_INVL);
3356 iommu->flush.flush_iotlb(iommu, 0, 0, 0, DMA_TLB_GLOBAL_FLUSH);
3357 }
3358
3359 #ifdef CONFIG_INTEL_IOMMU_BROKEN_GFX_WA
3360 dmar_map_gfx = 0;
3361 #endif
3362
3363 if (!dmar_map_gfx)
3364 iommu_identity_mapping |= IDENTMAP_GFX;
3365
3366 check_tylersburg_isoch();
3367
3368 ret = si_domain_init(hw_pass_through);
3369 if (ret)
3370 goto free_iommu;
3371
3372 /*
3373 * for each drhd
3374 * enable fault log
3375 * global invalidate context cache
3376 * global invalidate iotlb
3377 * enable translation
3378 */
3379 for_each_iommu(iommu, drhd) {
3380 if (drhd->ignored) {
3381 /*
3382 * we always have to disable PMRs or DMA may fail on
3383 * this device
3384 */
3385 if (force_on)
3386 iommu_disable_protect_mem_regions(iommu);
3387 continue;
3388 }
3389
3390 iommu_flush_write_buffer(iommu);
3391
3392 #ifdef CONFIG_INTEL_IOMMU_SVM
3393 if (pasid_supported(iommu) && ecap_prs(iommu->ecap)) {
3394 /*
3395 * Call dmar_alloc_hwirq() with dmar_global_lock held,
3396 * could cause possible lock race condition.
3397 */
3398 up_write(&dmar_global_lock);
3399 ret = intel_svm_enable_prq(iommu);
3400 down_write(&dmar_global_lock);
3401 if (ret)
3402 goto free_iommu;
3403 }
3404 #endif
3405 ret = dmar_set_interrupt(iommu);
3406 if (ret)
3407 goto free_iommu;
3408 }
3409
3410 return 0;
3411
3412 free_iommu:
3413 for_each_active_iommu(iommu, drhd) {
3414 disable_dmar_iommu(iommu);
3415 free_dmar_iommu(iommu);
3416 }
3417
3418 kfree(g_iommus);
3419
3420 error:
3421 return ret;
3422 }
3423
3424 /* This takes a number of _MM_ pages, not VTD pages */
intel_alloc_iova(struct device * dev,struct dmar_domain * domain,unsigned long nrpages,uint64_t dma_mask)3425 static unsigned long intel_alloc_iova(struct device *dev,
3426 struct dmar_domain *domain,
3427 unsigned long nrpages, uint64_t dma_mask)
3428 {
3429 unsigned long iova_pfn;
3430
3431 /*
3432 * Restrict dma_mask to the width that the iommu can handle.
3433 * First-level translation restricts the input-address to a
3434 * canonical address (i.e., address bits 63:N have the same
3435 * value as address bit [N-1], where N is 48-bits with 4-level
3436 * paging and 57-bits with 5-level paging). Hence, skip bit
3437 * [N-1].
3438 */
3439 if (domain_use_first_level(domain))
3440 dma_mask = min_t(uint64_t, DOMAIN_MAX_ADDR(domain->gaw - 1),
3441 dma_mask);
3442 else
3443 dma_mask = min_t(uint64_t, DOMAIN_MAX_ADDR(domain->gaw),
3444 dma_mask);
3445
3446 /* Ensure we reserve the whole size-aligned region */
3447 nrpages = __roundup_pow_of_two(nrpages);
3448
3449 if (!dmar_forcedac && dma_mask > DMA_BIT_MASK(32)) {
3450 /*
3451 * First try to allocate an io virtual address in
3452 * DMA_BIT_MASK(32) and if that fails then try allocating
3453 * from higher range
3454 */
3455 iova_pfn = alloc_iova_fast(&domain->iovad, nrpages,
3456 IOVA_PFN(DMA_BIT_MASK(32)), false);
3457 if (iova_pfn)
3458 return iova_pfn;
3459 }
3460 iova_pfn = alloc_iova_fast(&domain->iovad, nrpages,
3461 IOVA_PFN(dma_mask), true);
3462 if (unlikely(!iova_pfn)) {
3463 dev_err_once(dev, "Allocating %ld-page iova failed\n",
3464 nrpages);
3465 return 0;
3466 }
3467
3468 return iova_pfn;
3469 }
3470
__intel_map_single(struct device * dev,phys_addr_t paddr,size_t size,int dir,u64 dma_mask)3471 static dma_addr_t __intel_map_single(struct device *dev, phys_addr_t paddr,
3472 size_t size, int dir, u64 dma_mask)
3473 {
3474 struct dmar_domain *domain;
3475 phys_addr_t start_paddr;
3476 unsigned long iova_pfn;
3477 int prot = 0;
3478 int ret;
3479 struct intel_iommu *iommu;
3480 unsigned long paddr_pfn = paddr >> PAGE_SHIFT;
3481
3482 BUG_ON(dir == DMA_NONE);
3483
3484 if (unlikely(attach_deferred(dev)))
3485 do_deferred_attach(dev);
3486
3487 domain = find_domain(dev);
3488 if (!domain)
3489 return DMA_MAPPING_ERROR;
3490
3491 iommu = domain_get_iommu(domain);
3492 size = aligned_nrpages(paddr, size);
3493
3494 iova_pfn = intel_alloc_iova(dev, domain, dma_to_mm_pfn(size), dma_mask);
3495 if (!iova_pfn)
3496 goto error;
3497
3498 /*
3499 * Check if DMAR supports zero-length reads on write only
3500 * mappings..
3501 */
3502 if (dir == DMA_TO_DEVICE || dir == DMA_BIDIRECTIONAL || \
3503 !cap_zlr(iommu->cap))
3504 prot |= DMA_PTE_READ;
3505 if (dir == DMA_FROM_DEVICE || dir == DMA_BIDIRECTIONAL)
3506 prot |= DMA_PTE_WRITE;
3507 /*
3508 * paddr - (paddr + size) might be partial page, we should map the whole
3509 * page. Note: if two part of one page are separately mapped, we
3510 * might have two guest_addr mapping to the same host paddr, but this
3511 * is not a big problem
3512 */
3513 ret = domain_pfn_mapping(domain, mm_to_dma_pfn(iova_pfn),
3514 mm_to_dma_pfn(paddr_pfn), size, prot);
3515 if (ret)
3516 goto error;
3517
3518 start_paddr = (phys_addr_t)iova_pfn << PAGE_SHIFT;
3519 start_paddr += paddr & ~PAGE_MASK;
3520
3521 trace_map_single(dev, start_paddr, paddr, size << VTD_PAGE_SHIFT);
3522
3523 return start_paddr;
3524
3525 error:
3526 if (iova_pfn)
3527 free_iova_fast(&domain->iovad, iova_pfn, dma_to_mm_pfn(size));
3528 dev_err(dev, "Device request: %zx@%llx dir %d --- failed\n",
3529 size, (unsigned long long)paddr, dir);
3530 return DMA_MAPPING_ERROR;
3531 }
3532
intel_map_page(struct device * dev,struct page * page,unsigned long offset,size_t size,enum dma_data_direction dir,unsigned long attrs)3533 static dma_addr_t intel_map_page(struct device *dev, struct page *page,
3534 unsigned long offset, size_t size,
3535 enum dma_data_direction dir,
3536 unsigned long attrs)
3537 {
3538 return __intel_map_single(dev, page_to_phys(page) + offset,
3539 size, dir, *dev->dma_mask);
3540 }
3541
intel_map_resource(struct device * dev,phys_addr_t phys_addr,size_t size,enum dma_data_direction dir,unsigned long attrs)3542 static dma_addr_t intel_map_resource(struct device *dev, phys_addr_t phys_addr,
3543 size_t size, enum dma_data_direction dir,
3544 unsigned long attrs)
3545 {
3546 return __intel_map_single(dev, phys_addr, size, dir, *dev->dma_mask);
3547 }
3548
intel_unmap(struct device * dev,dma_addr_t dev_addr,size_t size)3549 static void intel_unmap(struct device *dev, dma_addr_t dev_addr, size_t size)
3550 {
3551 struct dmar_domain *domain;
3552 unsigned long start_pfn, last_pfn;
3553 unsigned long nrpages;
3554 unsigned long iova_pfn;
3555 struct intel_iommu *iommu;
3556 struct page *freelist;
3557 struct pci_dev *pdev = NULL;
3558
3559 domain = find_domain(dev);
3560 BUG_ON(!domain);
3561
3562 iommu = domain_get_iommu(domain);
3563
3564 iova_pfn = IOVA_PFN(dev_addr);
3565
3566 nrpages = aligned_nrpages(dev_addr, size);
3567 start_pfn = mm_to_dma_pfn(iova_pfn);
3568 last_pfn = start_pfn + nrpages - 1;
3569
3570 if (dev_is_pci(dev))
3571 pdev = to_pci_dev(dev);
3572
3573 freelist = domain_unmap(domain, start_pfn, last_pfn);
3574 if (intel_iommu_strict || (pdev && pdev->untrusted) ||
3575 !has_iova_flush_queue(&domain->iovad)) {
3576 iommu_flush_iotlb_psi(iommu, domain, start_pfn,
3577 nrpages, !freelist, 0);
3578 /* free iova */
3579 free_iova_fast(&domain->iovad, iova_pfn, dma_to_mm_pfn(nrpages));
3580 dma_free_pagelist(freelist);
3581 } else {
3582 queue_iova(&domain->iovad, iova_pfn, nrpages,
3583 (unsigned long)freelist);
3584 /*
3585 * queue up the release of the unmap to save the 1/6th of the
3586 * cpu used up by the iotlb flush operation...
3587 */
3588 }
3589
3590 trace_unmap_single(dev, dev_addr, size);
3591 }
3592
intel_unmap_page(struct device * dev,dma_addr_t dev_addr,size_t size,enum dma_data_direction dir,unsigned long attrs)3593 static void intel_unmap_page(struct device *dev, dma_addr_t dev_addr,
3594 size_t size, enum dma_data_direction dir,
3595 unsigned long attrs)
3596 {
3597 intel_unmap(dev, dev_addr, size);
3598 }
3599
intel_unmap_resource(struct device * dev,dma_addr_t dev_addr,size_t size,enum dma_data_direction dir,unsigned long attrs)3600 static void intel_unmap_resource(struct device *dev, dma_addr_t dev_addr,
3601 size_t size, enum dma_data_direction dir, unsigned long attrs)
3602 {
3603 intel_unmap(dev, dev_addr, size);
3604 }
3605
intel_alloc_coherent(struct device * dev,size_t size,dma_addr_t * dma_handle,gfp_t flags,unsigned long attrs)3606 static void *intel_alloc_coherent(struct device *dev, size_t size,
3607 dma_addr_t *dma_handle, gfp_t flags,
3608 unsigned long attrs)
3609 {
3610 struct page *page = NULL;
3611 int order;
3612
3613 if (unlikely(attach_deferred(dev)))
3614 do_deferred_attach(dev);
3615
3616 size = PAGE_ALIGN(size);
3617 order = get_order(size);
3618
3619 if (gfpflags_allow_blocking(flags)) {
3620 unsigned int count = size >> PAGE_SHIFT;
3621
3622 page = dma_alloc_from_contiguous(dev, count, order,
3623 flags & __GFP_NOWARN);
3624 }
3625
3626 if (!page)
3627 page = alloc_pages(flags, order);
3628 if (!page)
3629 return NULL;
3630 memset(page_address(page), 0, size);
3631
3632 *dma_handle = __intel_map_single(dev, page_to_phys(page), size,
3633 DMA_BIDIRECTIONAL,
3634 dev->coherent_dma_mask);
3635 if (*dma_handle != DMA_MAPPING_ERROR)
3636 return page_address(page);
3637 if (!dma_release_from_contiguous(dev, page, size >> PAGE_SHIFT))
3638 __free_pages(page, order);
3639
3640 return NULL;
3641 }
3642
intel_free_coherent(struct device * dev,size_t size,void * vaddr,dma_addr_t dma_handle,unsigned long attrs)3643 static void intel_free_coherent(struct device *dev, size_t size, void *vaddr,
3644 dma_addr_t dma_handle, unsigned long attrs)
3645 {
3646 int order;
3647 struct page *page = virt_to_page(vaddr);
3648
3649 size = PAGE_ALIGN(size);
3650 order = get_order(size);
3651
3652 intel_unmap(dev, dma_handle, size);
3653 if (!dma_release_from_contiguous(dev, page, size >> PAGE_SHIFT))
3654 __free_pages(page, order);
3655 }
3656
intel_unmap_sg(struct device * dev,struct scatterlist * sglist,int nelems,enum dma_data_direction dir,unsigned long attrs)3657 static void intel_unmap_sg(struct device *dev, struct scatterlist *sglist,
3658 int nelems, enum dma_data_direction dir,
3659 unsigned long attrs)
3660 {
3661 dma_addr_t startaddr = sg_dma_address(sglist) & PAGE_MASK;
3662 unsigned long nrpages = 0;
3663 struct scatterlist *sg;
3664 int i;
3665
3666 for_each_sg(sglist, sg, nelems, i) {
3667 nrpages += aligned_nrpages(sg_dma_address(sg), sg_dma_len(sg));
3668 }
3669
3670 intel_unmap(dev, startaddr, nrpages << VTD_PAGE_SHIFT);
3671
3672 trace_unmap_sg(dev, startaddr, nrpages << VTD_PAGE_SHIFT);
3673 }
3674
intel_map_sg(struct device * dev,struct scatterlist * sglist,int nelems,enum dma_data_direction dir,unsigned long attrs)3675 static int intel_map_sg(struct device *dev, struct scatterlist *sglist, int nelems,
3676 enum dma_data_direction dir, unsigned long attrs)
3677 {
3678 int i;
3679 struct dmar_domain *domain;
3680 size_t size = 0;
3681 int prot = 0;
3682 unsigned long iova_pfn;
3683 int ret;
3684 struct scatterlist *sg;
3685 unsigned long start_vpfn;
3686 struct intel_iommu *iommu;
3687
3688 BUG_ON(dir == DMA_NONE);
3689
3690 if (unlikely(attach_deferred(dev)))
3691 do_deferred_attach(dev);
3692
3693 domain = find_domain(dev);
3694 if (!domain)
3695 return 0;
3696
3697 iommu = domain_get_iommu(domain);
3698
3699 for_each_sg(sglist, sg, nelems, i)
3700 size += aligned_nrpages(sg->offset, sg->length);
3701
3702 iova_pfn = intel_alloc_iova(dev, domain, dma_to_mm_pfn(size),
3703 *dev->dma_mask);
3704 if (!iova_pfn) {
3705 sglist->dma_length = 0;
3706 return 0;
3707 }
3708
3709 /*
3710 * Check if DMAR supports zero-length reads on write only
3711 * mappings..
3712 */
3713 if (dir == DMA_TO_DEVICE || dir == DMA_BIDIRECTIONAL || \
3714 !cap_zlr(iommu->cap))
3715 prot |= DMA_PTE_READ;
3716 if (dir == DMA_FROM_DEVICE || dir == DMA_BIDIRECTIONAL)
3717 prot |= DMA_PTE_WRITE;
3718
3719 start_vpfn = mm_to_dma_pfn(iova_pfn);
3720
3721 ret = domain_sg_mapping(domain, start_vpfn, sglist, size, prot);
3722 if (unlikely(ret)) {
3723 dma_pte_free_pagetable(domain, start_vpfn,
3724 start_vpfn + size - 1,
3725 agaw_to_level(domain->agaw) + 1);
3726 free_iova_fast(&domain->iovad, iova_pfn, dma_to_mm_pfn(size));
3727 return 0;
3728 }
3729
3730 for_each_sg(sglist, sg, nelems, i)
3731 trace_map_sg(dev, i + 1, nelems, sg);
3732
3733 return nelems;
3734 }
3735
intel_get_required_mask(struct device * dev)3736 static u64 intel_get_required_mask(struct device *dev)
3737 {
3738 return DMA_BIT_MASK(32);
3739 }
3740
3741 static const struct dma_map_ops intel_dma_ops = {
3742 .alloc = intel_alloc_coherent,
3743 .free = intel_free_coherent,
3744 .map_sg = intel_map_sg,
3745 .unmap_sg = intel_unmap_sg,
3746 .map_page = intel_map_page,
3747 .unmap_page = intel_unmap_page,
3748 .map_resource = intel_map_resource,
3749 .unmap_resource = intel_unmap_resource,
3750 .dma_supported = dma_direct_supported,
3751 .mmap = dma_common_mmap,
3752 .get_sgtable = dma_common_get_sgtable,
3753 .alloc_pages = dma_common_alloc_pages,
3754 .free_pages = dma_common_free_pages,
3755 .get_required_mask = intel_get_required_mask,
3756 };
3757
3758 static void
bounce_sync_single(struct device * dev,dma_addr_t addr,size_t size,enum dma_data_direction dir,enum dma_sync_target target)3759 bounce_sync_single(struct device *dev, dma_addr_t addr, size_t size,
3760 enum dma_data_direction dir, enum dma_sync_target target)
3761 {
3762 struct dmar_domain *domain;
3763 phys_addr_t tlb_addr;
3764
3765 domain = find_domain(dev);
3766 if (WARN_ON(!domain))
3767 return;
3768
3769 tlb_addr = intel_iommu_iova_to_phys(&domain->domain, addr);
3770 if (is_swiotlb_buffer(tlb_addr))
3771 swiotlb_tbl_sync_single(dev, tlb_addr, size, dir, target);
3772 }
3773
3774 static dma_addr_t
bounce_map_single(struct device * dev,phys_addr_t paddr,size_t size,enum dma_data_direction dir,unsigned long attrs,u64 dma_mask)3775 bounce_map_single(struct device *dev, phys_addr_t paddr, size_t size,
3776 enum dma_data_direction dir, unsigned long attrs,
3777 u64 dma_mask)
3778 {
3779 size_t aligned_size = ALIGN(size, VTD_PAGE_SIZE);
3780 struct dmar_domain *domain;
3781 struct intel_iommu *iommu;
3782 unsigned long iova_pfn;
3783 unsigned long nrpages;
3784 phys_addr_t tlb_addr;
3785 int prot = 0;
3786 int ret;
3787
3788 if (unlikely(attach_deferred(dev)))
3789 do_deferred_attach(dev);
3790
3791 domain = find_domain(dev);
3792
3793 if (WARN_ON(dir == DMA_NONE || !domain))
3794 return DMA_MAPPING_ERROR;
3795
3796 iommu = domain_get_iommu(domain);
3797 if (WARN_ON(!iommu))
3798 return DMA_MAPPING_ERROR;
3799
3800 nrpages = aligned_nrpages(0, size);
3801 iova_pfn = intel_alloc_iova(dev, domain,
3802 dma_to_mm_pfn(nrpages), dma_mask);
3803 if (!iova_pfn)
3804 return DMA_MAPPING_ERROR;
3805
3806 /*
3807 * Check if DMAR supports zero-length reads on write only
3808 * mappings..
3809 */
3810 if (dir == DMA_TO_DEVICE || dir == DMA_BIDIRECTIONAL ||
3811 !cap_zlr(iommu->cap))
3812 prot |= DMA_PTE_READ;
3813 if (dir == DMA_FROM_DEVICE || dir == DMA_BIDIRECTIONAL)
3814 prot |= DMA_PTE_WRITE;
3815
3816 /*
3817 * If both the physical buffer start address and size are
3818 * page aligned, we don't need to use a bounce page.
3819 */
3820 if (!IS_ALIGNED(paddr | size, VTD_PAGE_SIZE)) {
3821 tlb_addr = swiotlb_tbl_map_single(dev, paddr, size,
3822 aligned_size, dir, attrs);
3823 if (tlb_addr == DMA_MAPPING_ERROR) {
3824 goto swiotlb_error;
3825 } else {
3826 /* Cleanup the padding area. */
3827 void *padding_start = phys_to_virt(tlb_addr);
3828 size_t padding_size = aligned_size;
3829
3830 if (!(attrs & DMA_ATTR_SKIP_CPU_SYNC) &&
3831 (dir == DMA_TO_DEVICE ||
3832 dir == DMA_BIDIRECTIONAL)) {
3833 padding_start += size;
3834 padding_size -= size;
3835 }
3836
3837 memset(padding_start, 0, padding_size);
3838 }
3839 } else {
3840 tlb_addr = paddr;
3841 }
3842
3843 ret = domain_pfn_mapping(domain, mm_to_dma_pfn(iova_pfn),
3844 tlb_addr >> VTD_PAGE_SHIFT, nrpages, prot);
3845 if (ret)
3846 goto mapping_error;
3847
3848 trace_bounce_map_single(dev, iova_pfn << PAGE_SHIFT, paddr, size);
3849
3850 return (phys_addr_t)iova_pfn << PAGE_SHIFT;
3851
3852 mapping_error:
3853 if (is_swiotlb_buffer(tlb_addr))
3854 swiotlb_tbl_unmap_single(dev, tlb_addr, size,
3855 aligned_size, dir, attrs);
3856 swiotlb_error:
3857 free_iova_fast(&domain->iovad, iova_pfn, dma_to_mm_pfn(nrpages));
3858 dev_err(dev, "Device bounce map: %zx@%llx dir %d --- failed\n",
3859 size, (unsigned long long)paddr, dir);
3860
3861 return DMA_MAPPING_ERROR;
3862 }
3863
3864 static void
bounce_unmap_single(struct device * dev,dma_addr_t dev_addr,size_t size,enum dma_data_direction dir,unsigned long attrs)3865 bounce_unmap_single(struct device *dev, dma_addr_t dev_addr, size_t size,
3866 enum dma_data_direction dir, unsigned long attrs)
3867 {
3868 size_t aligned_size = ALIGN(size, VTD_PAGE_SIZE);
3869 struct dmar_domain *domain;
3870 phys_addr_t tlb_addr;
3871
3872 domain = find_domain(dev);
3873 if (WARN_ON(!domain))
3874 return;
3875
3876 tlb_addr = intel_iommu_iova_to_phys(&domain->domain, dev_addr);
3877 if (WARN_ON(!tlb_addr))
3878 return;
3879
3880 intel_unmap(dev, dev_addr, size);
3881 if (is_swiotlb_buffer(tlb_addr))
3882 swiotlb_tbl_unmap_single(dev, tlb_addr, size,
3883 aligned_size, dir, attrs);
3884
3885 trace_bounce_unmap_single(dev, dev_addr, size);
3886 }
3887
3888 static dma_addr_t
bounce_map_page(struct device * dev,struct page * page,unsigned long offset,size_t size,enum dma_data_direction dir,unsigned long attrs)3889 bounce_map_page(struct device *dev, struct page *page, unsigned long offset,
3890 size_t size, enum dma_data_direction dir, unsigned long attrs)
3891 {
3892 return bounce_map_single(dev, page_to_phys(page) + offset,
3893 size, dir, attrs, *dev->dma_mask);
3894 }
3895
3896 static dma_addr_t
bounce_map_resource(struct device * dev,phys_addr_t phys_addr,size_t size,enum dma_data_direction dir,unsigned long attrs)3897 bounce_map_resource(struct device *dev, phys_addr_t phys_addr, size_t size,
3898 enum dma_data_direction dir, unsigned long attrs)
3899 {
3900 return bounce_map_single(dev, phys_addr, size,
3901 dir, attrs, *dev->dma_mask);
3902 }
3903
3904 static void
bounce_unmap_page(struct device * dev,dma_addr_t dev_addr,size_t size,enum dma_data_direction dir,unsigned long attrs)3905 bounce_unmap_page(struct device *dev, dma_addr_t dev_addr, size_t size,
3906 enum dma_data_direction dir, unsigned long attrs)
3907 {
3908 bounce_unmap_single(dev, dev_addr, size, dir, attrs);
3909 }
3910
3911 static void
bounce_unmap_resource(struct device * dev,dma_addr_t dev_addr,size_t size,enum dma_data_direction dir,unsigned long attrs)3912 bounce_unmap_resource(struct device *dev, dma_addr_t dev_addr, size_t size,
3913 enum dma_data_direction dir, unsigned long attrs)
3914 {
3915 bounce_unmap_single(dev, dev_addr, size, dir, attrs);
3916 }
3917
3918 static void
bounce_unmap_sg(struct device * dev,struct scatterlist * sglist,int nelems,enum dma_data_direction dir,unsigned long attrs)3919 bounce_unmap_sg(struct device *dev, struct scatterlist *sglist, int nelems,
3920 enum dma_data_direction dir, unsigned long attrs)
3921 {
3922 struct scatterlist *sg;
3923 int i;
3924
3925 for_each_sg(sglist, sg, nelems, i)
3926 bounce_unmap_page(dev, sg->dma_address,
3927 sg_dma_len(sg), dir, attrs);
3928 }
3929
3930 static int
bounce_map_sg(struct device * dev,struct scatterlist * sglist,int nelems,enum dma_data_direction dir,unsigned long attrs)3931 bounce_map_sg(struct device *dev, struct scatterlist *sglist, int nelems,
3932 enum dma_data_direction dir, unsigned long attrs)
3933 {
3934 int i;
3935 struct scatterlist *sg;
3936
3937 for_each_sg(sglist, sg, nelems, i) {
3938 sg->dma_address = bounce_map_page(dev, sg_page(sg),
3939 sg->offset, sg->length,
3940 dir, attrs);
3941 if (sg->dma_address == DMA_MAPPING_ERROR)
3942 goto out_unmap;
3943 sg_dma_len(sg) = sg->length;
3944 }
3945
3946 for_each_sg(sglist, sg, nelems, i)
3947 trace_bounce_map_sg(dev, i + 1, nelems, sg);
3948
3949 return nelems;
3950
3951 out_unmap:
3952 bounce_unmap_sg(dev, sglist, i, dir, attrs | DMA_ATTR_SKIP_CPU_SYNC);
3953 return 0;
3954 }
3955
3956 static void
bounce_sync_single_for_cpu(struct device * dev,dma_addr_t addr,size_t size,enum dma_data_direction dir)3957 bounce_sync_single_for_cpu(struct device *dev, dma_addr_t addr,
3958 size_t size, enum dma_data_direction dir)
3959 {
3960 bounce_sync_single(dev, addr, size, dir, SYNC_FOR_CPU);
3961 }
3962
3963 static void
bounce_sync_single_for_device(struct device * dev,dma_addr_t addr,size_t size,enum dma_data_direction dir)3964 bounce_sync_single_for_device(struct device *dev, dma_addr_t addr,
3965 size_t size, enum dma_data_direction dir)
3966 {
3967 bounce_sync_single(dev, addr, size, dir, SYNC_FOR_DEVICE);
3968 }
3969
3970 static void
bounce_sync_sg_for_cpu(struct device * dev,struct scatterlist * sglist,int nelems,enum dma_data_direction dir)3971 bounce_sync_sg_for_cpu(struct device *dev, struct scatterlist *sglist,
3972 int nelems, enum dma_data_direction dir)
3973 {
3974 struct scatterlist *sg;
3975 int i;
3976
3977 for_each_sg(sglist, sg, nelems, i)
3978 bounce_sync_single(dev, sg_dma_address(sg),
3979 sg_dma_len(sg), dir, SYNC_FOR_CPU);
3980 }
3981
3982 static void
bounce_sync_sg_for_device(struct device * dev,struct scatterlist * sglist,int nelems,enum dma_data_direction dir)3983 bounce_sync_sg_for_device(struct device *dev, struct scatterlist *sglist,
3984 int nelems, enum dma_data_direction dir)
3985 {
3986 struct scatterlist *sg;
3987 int i;
3988
3989 for_each_sg(sglist, sg, nelems, i)
3990 bounce_sync_single(dev, sg_dma_address(sg),
3991 sg_dma_len(sg), dir, SYNC_FOR_DEVICE);
3992 }
3993
3994 static const struct dma_map_ops bounce_dma_ops = {
3995 .alloc = intel_alloc_coherent,
3996 .free = intel_free_coherent,
3997 .map_sg = bounce_map_sg,
3998 .unmap_sg = bounce_unmap_sg,
3999 .map_page = bounce_map_page,
4000 .unmap_page = bounce_unmap_page,
4001 .sync_single_for_cpu = bounce_sync_single_for_cpu,
4002 .sync_single_for_device = bounce_sync_single_for_device,
4003 .sync_sg_for_cpu = bounce_sync_sg_for_cpu,
4004 .sync_sg_for_device = bounce_sync_sg_for_device,
4005 .map_resource = bounce_map_resource,
4006 .unmap_resource = bounce_unmap_resource,
4007 .alloc_pages = dma_common_alloc_pages,
4008 .free_pages = dma_common_free_pages,
4009 .dma_supported = dma_direct_supported,
4010 };
4011
iommu_domain_cache_init(void)4012 static inline int iommu_domain_cache_init(void)
4013 {
4014 int ret = 0;
4015
4016 iommu_domain_cache = kmem_cache_create("iommu_domain",
4017 sizeof(struct dmar_domain),
4018 0,
4019 SLAB_HWCACHE_ALIGN,
4020
4021 NULL);
4022 if (!iommu_domain_cache) {
4023 pr_err("Couldn't create iommu_domain cache\n");
4024 ret = -ENOMEM;
4025 }
4026
4027 return ret;
4028 }
4029
iommu_devinfo_cache_init(void)4030 static inline int iommu_devinfo_cache_init(void)
4031 {
4032 int ret = 0;
4033
4034 iommu_devinfo_cache = kmem_cache_create("iommu_devinfo",
4035 sizeof(struct device_domain_info),
4036 0,
4037 SLAB_HWCACHE_ALIGN,
4038 NULL);
4039 if (!iommu_devinfo_cache) {
4040 pr_err("Couldn't create devinfo cache\n");
4041 ret = -ENOMEM;
4042 }
4043
4044 return ret;
4045 }
4046
iommu_init_mempool(void)4047 static int __init iommu_init_mempool(void)
4048 {
4049 int ret;
4050 ret = iova_cache_get();
4051 if (ret)
4052 return ret;
4053
4054 ret = iommu_domain_cache_init();
4055 if (ret)
4056 goto domain_error;
4057
4058 ret = iommu_devinfo_cache_init();
4059 if (!ret)
4060 return ret;
4061
4062 kmem_cache_destroy(iommu_domain_cache);
4063 domain_error:
4064 iova_cache_put();
4065
4066 return -ENOMEM;
4067 }
4068
iommu_exit_mempool(void)4069 static void __init iommu_exit_mempool(void)
4070 {
4071 kmem_cache_destroy(iommu_devinfo_cache);
4072 kmem_cache_destroy(iommu_domain_cache);
4073 iova_cache_put();
4074 }
4075
init_no_remapping_devices(void)4076 static void __init init_no_remapping_devices(void)
4077 {
4078 struct dmar_drhd_unit *drhd;
4079 struct device *dev;
4080 int i;
4081
4082 for_each_drhd_unit(drhd) {
4083 if (!drhd->include_all) {
4084 for_each_active_dev_scope(drhd->devices,
4085 drhd->devices_cnt, i, dev)
4086 break;
4087 /* ignore DMAR unit if no devices exist */
4088 if (i == drhd->devices_cnt)
4089 drhd->ignored = 1;
4090 }
4091 }
4092
4093 for_each_active_drhd_unit(drhd) {
4094 if (drhd->include_all)
4095 continue;
4096
4097 for_each_active_dev_scope(drhd->devices,
4098 drhd->devices_cnt, i, dev)
4099 if (!dev_is_pci(dev) || !IS_GFX_DEVICE(to_pci_dev(dev)))
4100 break;
4101 if (i < drhd->devices_cnt)
4102 continue;
4103
4104 /* This IOMMU has *only* gfx devices. Either bypass it or
4105 set the gfx_mapped flag, as appropriate */
4106 drhd->gfx_dedicated = 1;
4107 if (!dmar_map_gfx)
4108 drhd->ignored = 1;
4109 }
4110 }
4111
4112 #ifdef CONFIG_SUSPEND
init_iommu_hw(void)4113 static int init_iommu_hw(void)
4114 {
4115 struct dmar_drhd_unit *drhd;
4116 struct intel_iommu *iommu = NULL;
4117
4118 for_each_active_iommu(iommu, drhd)
4119 if (iommu->qi)
4120 dmar_reenable_qi(iommu);
4121
4122 for_each_iommu(iommu, drhd) {
4123 if (drhd->ignored) {
4124 /*
4125 * we always have to disable PMRs or DMA may fail on
4126 * this device
4127 */
4128 if (force_on)
4129 iommu_disable_protect_mem_regions(iommu);
4130 continue;
4131 }
4132
4133 iommu_flush_write_buffer(iommu);
4134
4135 iommu_set_root_entry(iommu);
4136
4137 iommu->flush.flush_context(iommu, 0, 0, 0,
4138 DMA_CCMD_GLOBAL_INVL);
4139 iommu->flush.flush_iotlb(iommu, 0, 0, 0, DMA_TLB_GLOBAL_FLUSH);
4140 iommu_enable_translation(iommu);
4141 iommu_disable_protect_mem_regions(iommu);
4142 }
4143
4144 return 0;
4145 }
4146
iommu_flush_all(void)4147 static void iommu_flush_all(void)
4148 {
4149 struct dmar_drhd_unit *drhd;
4150 struct intel_iommu *iommu;
4151
4152 for_each_active_iommu(iommu, drhd) {
4153 iommu->flush.flush_context(iommu, 0, 0, 0,
4154 DMA_CCMD_GLOBAL_INVL);
4155 iommu->flush.flush_iotlb(iommu, 0, 0, 0,
4156 DMA_TLB_GLOBAL_FLUSH);
4157 }
4158 }
4159
iommu_suspend(void)4160 static int iommu_suspend(void)
4161 {
4162 struct dmar_drhd_unit *drhd;
4163 struct intel_iommu *iommu = NULL;
4164 unsigned long flag;
4165
4166 for_each_active_iommu(iommu, drhd) {
4167 iommu->iommu_state = kcalloc(MAX_SR_DMAR_REGS, sizeof(u32),
4168 GFP_ATOMIC);
4169 if (!iommu->iommu_state)
4170 goto nomem;
4171 }
4172
4173 iommu_flush_all();
4174
4175 for_each_active_iommu(iommu, drhd) {
4176 iommu_disable_translation(iommu);
4177
4178 raw_spin_lock_irqsave(&iommu->register_lock, flag);
4179
4180 iommu->iommu_state[SR_DMAR_FECTL_REG] =
4181 readl(iommu->reg + DMAR_FECTL_REG);
4182 iommu->iommu_state[SR_DMAR_FEDATA_REG] =
4183 readl(iommu->reg + DMAR_FEDATA_REG);
4184 iommu->iommu_state[SR_DMAR_FEADDR_REG] =
4185 readl(iommu->reg + DMAR_FEADDR_REG);
4186 iommu->iommu_state[SR_DMAR_FEUADDR_REG] =
4187 readl(iommu->reg + DMAR_FEUADDR_REG);
4188
4189 raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
4190 }
4191 return 0;
4192
4193 nomem:
4194 for_each_active_iommu(iommu, drhd)
4195 kfree(iommu->iommu_state);
4196
4197 return -ENOMEM;
4198 }
4199
iommu_resume(void)4200 static void iommu_resume(void)
4201 {
4202 struct dmar_drhd_unit *drhd;
4203 struct intel_iommu *iommu = NULL;
4204 unsigned long flag;
4205
4206 if (init_iommu_hw()) {
4207 if (force_on)
4208 panic("tboot: IOMMU setup failed, DMAR can not resume!\n");
4209 else
4210 WARN(1, "IOMMU setup failed, DMAR can not resume!\n");
4211 return;
4212 }
4213
4214 for_each_active_iommu(iommu, drhd) {
4215
4216 raw_spin_lock_irqsave(&iommu->register_lock, flag);
4217
4218 writel(iommu->iommu_state[SR_DMAR_FECTL_REG],
4219 iommu->reg + DMAR_FECTL_REG);
4220 writel(iommu->iommu_state[SR_DMAR_FEDATA_REG],
4221 iommu->reg + DMAR_FEDATA_REG);
4222 writel(iommu->iommu_state[SR_DMAR_FEADDR_REG],
4223 iommu->reg + DMAR_FEADDR_REG);
4224 writel(iommu->iommu_state[SR_DMAR_FEUADDR_REG],
4225 iommu->reg + DMAR_FEUADDR_REG);
4226
4227 raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
4228 }
4229
4230 for_each_active_iommu(iommu, drhd)
4231 kfree(iommu->iommu_state);
4232 }
4233
4234 static struct syscore_ops iommu_syscore_ops = {
4235 .resume = iommu_resume,
4236 .suspend = iommu_suspend,
4237 };
4238
init_iommu_pm_ops(void)4239 static void __init init_iommu_pm_ops(void)
4240 {
4241 register_syscore_ops(&iommu_syscore_ops);
4242 }
4243
4244 #else
init_iommu_pm_ops(void)4245 static inline void init_iommu_pm_ops(void) {}
4246 #endif /* CONFIG_PM */
4247
rmrr_sanity_check(struct acpi_dmar_reserved_memory * rmrr)4248 static int rmrr_sanity_check(struct acpi_dmar_reserved_memory *rmrr)
4249 {
4250 if (!IS_ALIGNED(rmrr->base_address, PAGE_SIZE) ||
4251 !IS_ALIGNED(rmrr->end_address + 1, PAGE_SIZE) ||
4252 rmrr->end_address <= rmrr->base_address ||
4253 arch_rmrr_sanity_check(rmrr))
4254 return -EINVAL;
4255
4256 return 0;
4257 }
4258
dmar_parse_one_rmrr(struct acpi_dmar_header * header,void * arg)4259 int __init dmar_parse_one_rmrr(struct acpi_dmar_header *header, void *arg)
4260 {
4261 struct acpi_dmar_reserved_memory *rmrr;
4262 struct dmar_rmrr_unit *rmrru;
4263
4264 rmrr = (struct acpi_dmar_reserved_memory *)header;
4265 if (rmrr_sanity_check(rmrr)) {
4266 pr_warn(FW_BUG
4267 "Your BIOS is broken; bad RMRR [%#018Lx-%#018Lx]\n"
4268 "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
4269 rmrr->base_address, rmrr->end_address,
4270 dmi_get_system_info(DMI_BIOS_VENDOR),
4271 dmi_get_system_info(DMI_BIOS_VERSION),
4272 dmi_get_system_info(DMI_PRODUCT_VERSION));
4273 add_taint(TAINT_FIRMWARE_WORKAROUND, LOCKDEP_STILL_OK);
4274 }
4275
4276 rmrru = kzalloc(sizeof(*rmrru), GFP_KERNEL);
4277 if (!rmrru)
4278 goto out;
4279
4280 rmrru->hdr = header;
4281
4282 rmrru->base_address = rmrr->base_address;
4283 rmrru->end_address = rmrr->end_address;
4284
4285 rmrru->devices = dmar_alloc_dev_scope((void *)(rmrr + 1),
4286 ((void *)rmrr) + rmrr->header.length,
4287 &rmrru->devices_cnt);
4288 if (rmrru->devices_cnt && rmrru->devices == NULL)
4289 goto free_rmrru;
4290
4291 list_add(&rmrru->list, &dmar_rmrr_units);
4292
4293 return 0;
4294 free_rmrru:
4295 kfree(rmrru);
4296 out:
4297 return -ENOMEM;
4298 }
4299
dmar_find_atsr(struct acpi_dmar_atsr * atsr)4300 static struct dmar_atsr_unit *dmar_find_atsr(struct acpi_dmar_atsr *atsr)
4301 {
4302 struct dmar_atsr_unit *atsru;
4303 struct acpi_dmar_atsr *tmp;
4304
4305 list_for_each_entry_rcu(atsru, &dmar_atsr_units, list,
4306 dmar_rcu_check()) {
4307 tmp = (struct acpi_dmar_atsr *)atsru->hdr;
4308 if (atsr->segment != tmp->segment)
4309 continue;
4310 if (atsr->header.length != tmp->header.length)
4311 continue;
4312 if (memcmp(atsr, tmp, atsr->header.length) == 0)
4313 return atsru;
4314 }
4315
4316 return NULL;
4317 }
4318
dmar_parse_one_atsr(struct acpi_dmar_header * hdr,void * arg)4319 int dmar_parse_one_atsr(struct acpi_dmar_header *hdr, void *arg)
4320 {
4321 struct acpi_dmar_atsr *atsr;
4322 struct dmar_atsr_unit *atsru;
4323
4324 if (system_state >= SYSTEM_RUNNING && !intel_iommu_enabled)
4325 return 0;
4326
4327 atsr = container_of(hdr, struct acpi_dmar_atsr, header);
4328 atsru = dmar_find_atsr(atsr);
4329 if (atsru)
4330 return 0;
4331
4332 atsru = kzalloc(sizeof(*atsru) + hdr->length, GFP_KERNEL);
4333 if (!atsru)
4334 return -ENOMEM;
4335
4336 /*
4337 * If memory is allocated from slab by ACPI _DSM method, we need to
4338 * copy the memory content because the memory buffer will be freed
4339 * on return.
4340 */
4341 atsru->hdr = (void *)(atsru + 1);
4342 memcpy(atsru->hdr, hdr, hdr->length);
4343 atsru->include_all = atsr->flags & 0x1;
4344 if (!atsru->include_all) {
4345 atsru->devices = dmar_alloc_dev_scope((void *)(atsr + 1),
4346 (void *)atsr + atsr->header.length,
4347 &atsru->devices_cnt);
4348 if (atsru->devices_cnt && atsru->devices == NULL) {
4349 kfree(atsru);
4350 return -ENOMEM;
4351 }
4352 }
4353
4354 list_add_rcu(&atsru->list, &dmar_atsr_units);
4355
4356 return 0;
4357 }
4358
intel_iommu_free_atsr(struct dmar_atsr_unit * atsru)4359 static void intel_iommu_free_atsr(struct dmar_atsr_unit *atsru)
4360 {
4361 dmar_free_dev_scope(&atsru->devices, &atsru->devices_cnt);
4362 kfree(atsru);
4363 }
4364
dmar_release_one_atsr(struct acpi_dmar_header * hdr,void * arg)4365 int dmar_release_one_atsr(struct acpi_dmar_header *hdr, void *arg)
4366 {
4367 struct acpi_dmar_atsr *atsr;
4368 struct dmar_atsr_unit *atsru;
4369
4370 atsr = container_of(hdr, struct acpi_dmar_atsr, header);
4371 atsru = dmar_find_atsr(atsr);
4372 if (atsru) {
4373 list_del_rcu(&atsru->list);
4374 synchronize_rcu();
4375 intel_iommu_free_atsr(atsru);
4376 }
4377
4378 return 0;
4379 }
4380
dmar_check_one_atsr(struct acpi_dmar_header * hdr,void * arg)4381 int dmar_check_one_atsr(struct acpi_dmar_header *hdr, void *arg)
4382 {
4383 int i;
4384 struct device *dev;
4385 struct acpi_dmar_atsr *atsr;
4386 struct dmar_atsr_unit *atsru;
4387
4388 atsr = container_of(hdr, struct acpi_dmar_atsr, header);
4389 atsru = dmar_find_atsr(atsr);
4390 if (!atsru)
4391 return 0;
4392
4393 if (!atsru->include_all && atsru->devices && atsru->devices_cnt) {
4394 for_each_active_dev_scope(atsru->devices, atsru->devices_cnt,
4395 i, dev)
4396 return -EBUSY;
4397 }
4398
4399 return 0;
4400 }
4401
intel_iommu_add(struct dmar_drhd_unit * dmaru)4402 static int intel_iommu_add(struct dmar_drhd_unit *dmaru)
4403 {
4404 int sp, ret;
4405 struct intel_iommu *iommu = dmaru->iommu;
4406
4407 if (g_iommus[iommu->seq_id])
4408 return 0;
4409
4410 if (hw_pass_through && !ecap_pass_through(iommu->ecap)) {
4411 pr_warn("%s: Doesn't support hardware pass through.\n",
4412 iommu->name);
4413 return -ENXIO;
4414 }
4415 if (!ecap_sc_support(iommu->ecap) &&
4416 domain_update_iommu_snooping(iommu)) {
4417 pr_warn("%s: Doesn't support snooping.\n",
4418 iommu->name);
4419 return -ENXIO;
4420 }
4421 sp = domain_update_iommu_superpage(NULL, iommu) - 1;
4422 if (sp >= 0 && !(cap_super_page_val(iommu->cap) & (1 << sp))) {
4423 pr_warn("%s: Doesn't support large page.\n",
4424 iommu->name);
4425 return -ENXIO;
4426 }
4427
4428 /*
4429 * Disable translation if already enabled prior to OS handover.
4430 */
4431 if (iommu->gcmd & DMA_GCMD_TE)
4432 iommu_disable_translation(iommu);
4433
4434 g_iommus[iommu->seq_id] = iommu;
4435 ret = iommu_init_domains(iommu);
4436 if (ret == 0)
4437 ret = iommu_alloc_root_entry(iommu);
4438 if (ret)
4439 goto out;
4440
4441 intel_svm_check(iommu);
4442
4443 if (dmaru->ignored) {
4444 /*
4445 * we always have to disable PMRs or DMA may fail on this device
4446 */
4447 if (force_on)
4448 iommu_disable_protect_mem_regions(iommu);
4449 return 0;
4450 }
4451
4452 intel_iommu_init_qi(iommu);
4453 iommu_flush_write_buffer(iommu);
4454
4455 #ifdef CONFIG_INTEL_IOMMU_SVM
4456 if (pasid_supported(iommu) && ecap_prs(iommu->ecap)) {
4457 ret = intel_svm_enable_prq(iommu);
4458 if (ret)
4459 goto disable_iommu;
4460 }
4461 #endif
4462 ret = dmar_set_interrupt(iommu);
4463 if (ret)
4464 goto disable_iommu;
4465
4466 iommu_set_root_entry(iommu);
4467 iommu->flush.flush_context(iommu, 0, 0, 0, DMA_CCMD_GLOBAL_INVL);
4468 iommu->flush.flush_iotlb(iommu, 0, 0, 0, DMA_TLB_GLOBAL_FLUSH);
4469 iommu_enable_translation(iommu);
4470
4471 iommu_disable_protect_mem_regions(iommu);
4472 return 0;
4473
4474 disable_iommu:
4475 disable_dmar_iommu(iommu);
4476 out:
4477 free_dmar_iommu(iommu);
4478 return ret;
4479 }
4480
dmar_iommu_hotplug(struct dmar_drhd_unit * dmaru,bool insert)4481 int dmar_iommu_hotplug(struct dmar_drhd_unit *dmaru, bool insert)
4482 {
4483 int ret = 0;
4484 struct intel_iommu *iommu = dmaru->iommu;
4485
4486 if (!intel_iommu_enabled)
4487 return 0;
4488 if (iommu == NULL)
4489 return -EINVAL;
4490
4491 if (insert) {
4492 ret = intel_iommu_add(dmaru);
4493 } else {
4494 disable_dmar_iommu(iommu);
4495 free_dmar_iommu(iommu);
4496 }
4497
4498 return ret;
4499 }
4500
intel_iommu_free_dmars(void)4501 static void intel_iommu_free_dmars(void)
4502 {
4503 struct dmar_rmrr_unit *rmrru, *rmrr_n;
4504 struct dmar_atsr_unit *atsru, *atsr_n;
4505
4506 list_for_each_entry_safe(rmrru, rmrr_n, &dmar_rmrr_units, list) {
4507 list_del(&rmrru->list);
4508 dmar_free_dev_scope(&rmrru->devices, &rmrru->devices_cnt);
4509 kfree(rmrru);
4510 }
4511
4512 list_for_each_entry_safe(atsru, atsr_n, &dmar_atsr_units, list) {
4513 list_del(&atsru->list);
4514 intel_iommu_free_atsr(atsru);
4515 }
4516 }
4517
dmar_find_matched_atsr_unit(struct pci_dev * dev)4518 int dmar_find_matched_atsr_unit(struct pci_dev *dev)
4519 {
4520 int i, ret = 1;
4521 struct pci_bus *bus;
4522 struct pci_dev *bridge = NULL;
4523 struct device *tmp;
4524 struct acpi_dmar_atsr *atsr;
4525 struct dmar_atsr_unit *atsru;
4526
4527 dev = pci_physfn(dev);
4528 for (bus = dev->bus; bus; bus = bus->parent) {
4529 bridge = bus->self;
4530 /* If it's an integrated device, allow ATS */
4531 if (!bridge)
4532 return 1;
4533 /* Connected via non-PCIe: no ATS */
4534 if (!pci_is_pcie(bridge) ||
4535 pci_pcie_type(bridge) == PCI_EXP_TYPE_PCI_BRIDGE)
4536 return 0;
4537 /* If we found the root port, look it up in the ATSR */
4538 if (pci_pcie_type(bridge) == PCI_EXP_TYPE_ROOT_PORT)
4539 break;
4540 }
4541
4542 rcu_read_lock();
4543 list_for_each_entry_rcu(atsru, &dmar_atsr_units, list) {
4544 atsr = container_of(atsru->hdr, struct acpi_dmar_atsr, header);
4545 if (atsr->segment != pci_domain_nr(dev->bus))
4546 continue;
4547
4548 for_each_dev_scope(atsru->devices, atsru->devices_cnt, i, tmp)
4549 if (tmp == &bridge->dev)
4550 goto out;
4551
4552 if (atsru->include_all)
4553 goto out;
4554 }
4555 ret = 0;
4556 out:
4557 rcu_read_unlock();
4558
4559 return ret;
4560 }
4561
dmar_iommu_notify_scope_dev(struct dmar_pci_notify_info * info)4562 int dmar_iommu_notify_scope_dev(struct dmar_pci_notify_info *info)
4563 {
4564 int ret;
4565 struct dmar_rmrr_unit *rmrru;
4566 struct dmar_atsr_unit *atsru;
4567 struct acpi_dmar_atsr *atsr;
4568 struct acpi_dmar_reserved_memory *rmrr;
4569
4570 if (!intel_iommu_enabled && system_state >= SYSTEM_RUNNING)
4571 return 0;
4572
4573 list_for_each_entry(rmrru, &dmar_rmrr_units, list) {
4574 rmrr = container_of(rmrru->hdr,
4575 struct acpi_dmar_reserved_memory, header);
4576 if (info->event == BUS_NOTIFY_ADD_DEVICE) {
4577 ret = dmar_insert_dev_scope(info, (void *)(rmrr + 1),
4578 ((void *)rmrr) + rmrr->header.length,
4579 rmrr->segment, rmrru->devices,
4580 rmrru->devices_cnt);
4581 if (ret < 0)
4582 return ret;
4583 } else if (info->event == BUS_NOTIFY_REMOVED_DEVICE) {
4584 dmar_remove_dev_scope(info, rmrr->segment,
4585 rmrru->devices, rmrru->devices_cnt);
4586 }
4587 }
4588
4589 list_for_each_entry(atsru, &dmar_atsr_units, list) {
4590 if (atsru->include_all)
4591 continue;
4592
4593 atsr = container_of(atsru->hdr, struct acpi_dmar_atsr, header);
4594 if (info->event == BUS_NOTIFY_ADD_DEVICE) {
4595 ret = dmar_insert_dev_scope(info, (void *)(atsr + 1),
4596 (void *)atsr + atsr->header.length,
4597 atsr->segment, atsru->devices,
4598 atsru->devices_cnt);
4599 if (ret > 0)
4600 break;
4601 else if (ret < 0)
4602 return ret;
4603 } else if (info->event == BUS_NOTIFY_REMOVED_DEVICE) {
4604 if (dmar_remove_dev_scope(info, atsr->segment,
4605 atsru->devices, atsru->devices_cnt))
4606 break;
4607 }
4608 }
4609
4610 return 0;
4611 }
4612
intel_iommu_memory_notifier(struct notifier_block * nb,unsigned long val,void * v)4613 static int intel_iommu_memory_notifier(struct notifier_block *nb,
4614 unsigned long val, void *v)
4615 {
4616 struct memory_notify *mhp = v;
4617 unsigned long start_vpfn = mm_to_dma_pfn(mhp->start_pfn);
4618 unsigned long last_vpfn = mm_to_dma_pfn(mhp->start_pfn +
4619 mhp->nr_pages - 1);
4620
4621 switch (val) {
4622 case MEM_GOING_ONLINE:
4623 if (iommu_domain_identity_map(si_domain,
4624 start_vpfn, last_vpfn)) {
4625 pr_warn("Failed to build identity map for [%lx-%lx]\n",
4626 start_vpfn, last_vpfn);
4627 return NOTIFY_BAD;
4628 }
4629 break;
4630
4631 case MEM_OFFLINE:
4632 case MEM_CANCEL_ONLINE:
4633 {
4634 struct dmar_drhd_unit *drhd;
4635 struct intel_iommu *iommu;
4636 struct page *freelist;
4637
4638 freelist = domain_unmap(si_domain,
4639 start_vpfn, last_vpfn);
4640
4641 rcu_read_lock();
4642 for_each_active_iommu(iommu, drhd)
4643 iommu_flush_iotlb_psi(iommu, si_domain,
4644 start_vpfn, mhp->nr_pages,
4645 !freelist, 0);
4646 rcu_read_unlock();
4647 dma_free_pagelist(freelist);
4648 }
4649 break;
4650 }
4651
4652 return NOTIFY_OK;
4653 }
4654
4655 static struct notifier_block intel_iommu_memory_nb = {
4656 .notifier_call = intel_iommu_memory_notifier,
4657 .priority = 0
4658 };
4659
free_all_cpu_cached_iovas(unsigned int cpu)4660 static void free_all_cpu_cached_iovas(unsigned int cpu)
4661 {
4662 int i;
4663
4664 for (i = 0; i < g_num_of_iommus; i++) {
4665 struct intel_iommu *iommu = g_iommus[i];
4666 struct dmar_domain *domain;
4667 int did;
4668
4669 if (!iommu)
4670 continue;
4671
4672 for (did = 0; did < cap_ndoms(iommu->cap); did++) {
4673 domain = get_iommu_domain(iommu, (u16)did);
4674
4675 if (!domain || domain->domain.type != IOMMU_DOMAIN_DMA)
4676 continue;
4677
4678 free_cpu_cached_iovas(cpu, &domain->iovad);
4679 }
4680 }
4681 }
4682
intel_iommu_cpu_dead(unsigned int cpu)4683 static int intel_iommu_cpu_dead(unsigned int cpu)
4684 {
4685 free_all_cpu_cached_iovas(cpu);
4686 return 0;
4687 }
4688
intel_disable_iommus(void)4689 static void intel_disable_iommus(void)
4690 {
4691 struct intel_iommu *iommu = NULL;
4692 struct dmar_drhd_unit *drhd;
4693
4694 for_each_iommu(iommu, drhd)
4695 iommu_disable_translation(iommu);
4696 }
4697
intel_iommu_shutdown(void)4698 void intel_iommu_shutdown(void)
4699 {
4700 struct dmar_drhd_unit *drhd;
4701 struct intel_iommu *iommu = NULL;
4702
4703 if (no_iommu || dmar_disabled)
4704 return;
4705
4706 down_write(&dmar_global_lock);
4707
4708 /* Disable PMRs explicitly here. */
4709 for_each_iommu(iommu, drhd)
4710 iommu_disable_protect_mem_regions(iommu);
4711
4712 /* Make sure the IOMMUs are switched off */
4713 intel_disable_iommus();
4714
4715 up_write(&dmar_global_lock);
4716 }
4717
dev_to_intel_iommu(struct device * dev)4718 static inline struct intel_iommu *dev_to_intel_iommu(struct device *dev)
4719 {
4720 struct iommu_device *iommu_dev = dev_to_iommu_device(dev);
4721
4722 return container_of(iommu_dev, struct intel_iommu, iommu);
4723 }
4724
intel_iommu_show_version(struct device * dev,struct device_attribute * attr,char * buf)4725 static ssize_t intel_iommu_show_version(struct device *dev,
4726 struct device_attribute *attr,
4727 char *buf)
4728 {
4729 struct intel_iommu *iommu = dev_to_intel_iommu(dev);
4730 u32 ver = readl(iommu->reg + DMAR_VER_REG);
4731 return sprintf(buf, "%d:%d\n",
4732 DMAR_VER_MAJOR(ver), DMAR_VER_MINOR(ver));
4733 }
4734 static DEVICE_ATTR(version, S_IRUGO, intel_iommu_show_version, NULL);
4735
intel_iommu_show_address(struct device * dev,struct device_attribute * attr,char * buf)4736 static ssize_t intel_iommu_show_address(struct device *dev,
4737 struct device_attribute *attr,
4738 char *buf)
4739 {
4740 struct intel_iommu *iommu = dev_to_intel_iommu(dev);
4741 return sprintf(buf, "%llx\n", iommu->reg_phys);
4742 }
4743 static DEVICE_ATTR(address, S_IRUGO, intel_iommu_show_address, NULL);
4744
intel_iommu_show_cap(struct device * dev,struct device_attribute * attr,char * buf)4745 static ssize_t intel_iommu_show_cap(struct device *dev,
4746 struct device_attribute *attr,
4747 char *buf)
4748 {
4749 struct intel_iommu *iommu = dev_to_intel_iommu(dev);
4750 return sprintf(buf, "%llx\n", iommu->cap);
4751 }
4752 static DEVICE_ATTR(cap, S_IRUGO, intel_iommu_show_cap, NULL);
4753
intel_iommu_show_ecap(struct device * dev,struct device_attribute * attr,char * buf)4754 static ssize_t intel_iommu_show_ecap(struct device *dev,
4755 struct device_attribute *attr,
4756 char *buf)
4757 {
4758 struct intel_iommu *iommu = dev_to_intel_iommu(dev);
4759 return sprintf(buf, "%llx\n", iommu->ecap);
4760 }
4761 static DEVICE_ATTR(ecap, S_IRUGO, intel_iommu_show_ecap, NULL);
4762
intel_iommu_show_ndoms(struct device * dev,struct device_attribute * attr,char * buf)4763 static ssize_t intel_iommu_show_ndoms(struct device *dev,
4764 struct device_attribute *attr,
4765 char *buf)
4766 {
4767 struct intel_iommu *iommu = dev_to_intel_iommu(dev);
4768 return sprintf(buf, "%ld\n", cap_ndoms(iommu->cap));
4769 }
4770 static DEVICE_ATTR(domains_supported, S_IRUGO, intel_iommu_show_ndoms, NULL);
4771
intel_iommu_show_ndoms_used(struct device * dev,struct device_attribute * attr,char * buf)4772 static ssize_t intel_iommu_show_ndoms_used(struct device *dev,
4773 struct device_attribute *attr,
4774 char *buf)
4775 {
4776 struct intel_iommu *iommu = dev_to_intel_iommu(dev);
4777 return sprintf(buf, "%d\n", bitmap_weight(iommu->domain_ids,
4778 cap_ndoms(iommu->cap)));
4779 }
4780 static DEVICE_ATTR(domains_used, S_IRUGO, intel_iommu_show_ndoms_used, NULL);
4781
4782 static struct attribute *intel_iommu_attrs[] = {
4783 &dev_attr_version.attr,
4784 &dev_attr_address.attr,
4785 &dev_attr_cap.attr,
4786 &dev_attr_ecap.attr,
4787 &dev_attr_domains_supported.attr,
4788 &dev_attr_domains_used.attr,
4789 NULL,
4790 };
4791
4792 static struct attribute_group intel_iommu_group = {
4793 .name = "intel-iommu",
4794 .attrs = intel_iommu_attrs,
4795 };
4796
4797 const struct attribute_group *intel_iommu_groups[] = {
4798 &intel_iommu_group,
4799 NULL,
4800 };
4801
has_external_pci(void)4802 static inline bool has_external_pci(void)
4803 {
4804 struct pci_dev *pdev = NULL;
4805
4806 for_each_pci_dev(pdev)
4807 if (pdev->external_facing)
4808 return true;
4809
4810 return false;
4811 }
4812
platform_optin_force_iommu(void)4813 static int __init platform_optin_force_iommu(void)
4814 {
4815 if (!dmar_platform_optin() || no_platform_optin || !has_external_pci())
4816 return 0;
4817
4818 if (no_iommu || dmar_disabled)
4819 pr_info("Intel-IOMMU force enabled due to platform opt in\n");
4820
4821 /*
4822 * If Intel-IOMMU is disabled by default, we will apply identity
4823 * map for all devices except those marked as being untrusted.
4824 */
4825 if (dmar_disabled)
4826 iommu_set_default_passthrough(false);
4827
4828 dmar_disabled = 0;
4829 no_iommu = 0;
4830
4831 return 1;
4832 }
4833
probe_acpi_namespace_devices(void)4834 static int __init probe_acpi_namespace_devices(void)
4835 {
4836 struct dmar_drhd_unit *drhd;
4837 /* To avoid a -Wunused-but-set-variable warning. */
4838 struct intel_iommu *iommu __maybe_unused;
4839 struct device *dev;
4840 int i, ret = 0;
4841
4842 for_each_active_iommu(iommu, drhd) {
4843 for_each_active_dev_scope(drhd->devices,
4844 drhd->devices_cnt, i, dev) {
4845 struct acpi_device_physical_node *pn;
4846 struct iommu_group *group;
4847 struct acpi_device *adev;
4848
4849 if (dev->bus != &acpi_bus_type)
4850 continue;
4851
4852 adev = to_acpi_device(dev);
4853 mutex_lock(&adev->physical_node_lock);
4854 list_for_each_entry(pn,
4855 &adev->physical_node_list, node) {
4856 group = iommu_group_get(pn->dev);
4857 if (group) {
4858 iommu_group_put(group);
4859 continue;
4860 }
4861
4862 pn->dev->bus->iommu_ops = &intel_iommu_ops;
4863 ret = iommu_probe_device(pn->dev);
4864 if (ret)
4865 break;
4866 }
4867 mutex_unlock(&adev->physical_node_lock);
4868
4869 if (ret)
4870 return ret;
4871 }
4872 }
4873
4874 return 0;
4875 }
4876
intel_iommu_init(void)4877 int __init intel_iommu_init(void)
4878 {
4879 int ret = -ENODEV;
4880 struct dmar_drhd_unit *drhd;
4881 struct intel_iommu *iommu;
4882
4883 /*
4884 * Intel IOMMU is required for a TXT/tboot launch or platform
4885 * opt in, so enforce that.
4886 */
4887 force_on = (!intel_iommu_tboot_noforce && tboot_force_iommu()) ||
4888 platform_optin_force_iommu();
4889
4890 if (iommu_init_mempool()) {
4891 if (force_on)
4892 panic("tboot: Failed to initialize iommu memory\n");
4893 return -ENOMEM;
4894 }
4895
4896 down_write(&dmar_global_lock);
4897 if (dmar_table_init()) {
4898 if (force_on)
4899 panic("tboot: Failed to initialize DMAR table\n");
4900 goto out_free_dmar;
4901 }
4902
4903 if (dmar_dev_scope_init() < 0) {
4904 if (force_on)
4905 panic("tboot: Failed to initialize DMAR device scope\n");
4906 goto out_free_dmar;
4907 }
4908
4909 up_write(&dmar_global_lock);
4910
4911 /*
4912 * The bus notifier takes the dmar_global_lock, so lockdep will
4913 * complain later when we register it under the lock.
4914 */
4915 dmar_register_bus_notifier();
4916
4917 down_write(&dmar_global_lock);
4918
4919 if (!no_iommu)
4920 intel_iommu_debugfs_init();
4921
4922 if (no_iommu || dmar_disabled) {
4923 /*
4924 * We exit the function here to ensure IOMMU's remapping and
4925 * mempool aren't setup, which means that the IOMMU's PMRs
4926 * won't be disabled via the call to init_dmars(). So disable
4927 * it explicitly here. The PMRs were setup by tboot prior to
4928 * calling SENTER, but the kernel is expected to reset/tear
4929 * down the PMRs.
4930 */
4931 if (intel_iommu_tboot_noforce) {
4932 for_each_iommu(iommu, drhd)
4933 iommu_disable_protect_mem_regions(iommu);
4934 }
4935
4936 /*
4937 * Make sure the IOMMUs are switched off, even when we
4938 * boot into a kexec kernel and the previous kernel left
4939 * them enabled
4940 */
4941 intel_disable_iommus();
4942 goto out_free_dmar;
4943 }
4944
4945 if (list_empty(&dmar_rmrr_units))
4946 pr_info("No RMRR found\n");
4947
4948 if (list_empty(&dmar_atsr_units))
4949 pr_info("No ATSR found\n");
4950
4951 if (dmar_init_reserved_ranges()) {
4952 if (force_on)
4953 panic("tboot: Failed to reserve iommu ranges\n");
4954 goto out_free_reserved_range;
4955 }
4956
4957 if (dmar_map_gfx)
4958 intel_iommu_gfx_mapped = 1;
4959
4960 init_no_remapping_devices();
4961
4962 ret = init_dmars();
4963 if (ret) {
4964 if (force_on)
4965 panic("tboot: Failed to initialize DMARs\n");
4966 pr_err("Initialization failed\n");
4967 goto out_free_reserved_range;
4968 }
4969 up_write(&dmar_global_lock);
4970
4971 init_iommu_pm_ops();
4972
4973 down_read(&dmar_global_lock);
4974 for_each_active_iommu(iommu, drhd) {
4975 iommu_device_sysfs_add(&iommu->iommu, NULL,
4976 intel_iommu_groups,
4977 "%s", iommu->name);
4978 iommu_device_set_ops(&iommu->iommu, &intel_iommu_ops);
4979 iommu_device_register(&iommu->iommu);
4980 }
4981 up_read(&dmar_global_lock);
4982
4983 bus_set_iommu(&pci_bus_type, &intel_iommu_ops);
4984 if (si_domain && !hw_pass_through)
4985 register_memory_notifier(&intel_iommu_memory_nb);
4986 cpuhp_setup_state(CPUHP_IOMMU_INTEL_DEAD, "iommu/intel:dead", NULL,
4987 intel_iommu_cpu_dead);
4988
4989 down_read(&dmar_global_lock);
4990 if (probe_acpi_namespace_devices())
4991 pr_warn("ACPI name space devices didn't probe correctly\n");
4992
4993 /* Finally, we enable the DMA remapping hardware. */
4994 for_each_iommu(iommu, drhd) {
4995 if (!drhd->ignored && !translation_pre_enabled(iommu))
4996 iommu_enable_translation(iommu);
4997
4998 iommu_disable_protect_mem_regions(iommu);
4999 }
5000 up_read(&dmar_global_lock);
5001
5002 pr_info("Intel(R) Virtualization Technology for Directed I/O\n");
5003
5004 intel_iommu_enabled = 1;
5005
5006 return 0;
5007
5008 out_free_reserved_range:
5009 put_iova_domain(&reserved_iova_list);
5010 out_free_dmar:
5011 intel_iommu_free_dmars();
5012 up_write(&dmar_global_lock);
5013 iommu_exit_mempool();
5014 return ret;
5015 }
5016
domain_context_clear_one_cb(struct pci_dev * pdev,u16 alias,void * opaque)5017 static int domain_context_clear_one_cb(struct pci_dev *pdev, u16 alias, void *opaque)
5018 {
5019 struct intel_iommu *iommu = opaque;
5020
5021 domain_context_clear_one(iommu, PCI_BUS_NUM(alias), alias & 0xff);
5022 return 0;
5023 }
5024
5025 /*
5026 * NB - intel-iommu lacks any sort of reference counting for the users of
5027 * dependent devices. If multiple endpoints have intersecting dependent
5028 * devices, unbinding the driver from any one of them will possibly leave
5029 * the others unable to operate.
5030 */
domain_context_clear(struct intel_iommu * iommu,struct device * dev)5031 static void domain_context_clear(struct intel_iommu *iommu, struct device *dev)
5032 {
5033 if (!iommu || !dev || !dev_is_pci(dev))
5034 return;
5035
5036 pci_for_each_dma_alias(to_pci_dev(dev), &domain_context_clear_one_cb, iommu);
5037 }
5038
__dmar_remove_one_dev_info(struct device_domain_info * info)5039 static void __dmar_remove_one_dev_info(struct device_domain_info *info)
5040 {
5041 struct dmar_domain *domain;
5042 struct intel_iommu *iommu;
5043 unsigned long flags;
5044
5045 assert_spin_locked(&device_domain_lock);
5046
5047 if (WARN_ON(!info))
5048 return;
5049
5050 iommu = info->iommu;
5051 domain = info->domain;
5052
5053 if (info->dev) {
5054 if (dev_is_pci(info->dev) && sm_supported(iommu))
5055 intel_pasid_tear_down_entry(iommu, info->dev,
5056 PASID_RID2PASID, false);
5057
5058 iommu_disable_dev_iotlb(info);
5059 if (!dev_is_real_dma_subdevice(info->dev))
5060 domain_context_clear(iommu, info->dev);
5061 intel_pasid_free_table(info->dev);
5062 }
5063
5064 unlink_domain_info(info);
5065
5066 spin_lock_irqsave(&iommu->lock, flags);
5067 domain_detach_iommu(domain, iommu);
5068 spin_unlock_irqrestore(&iommu->lock, flags);
5069
5070 free_devinfo_mem(info);
5071 }
5072
dmar_remove_one_dev_info(struct device * dev)5073 static void dmar_remove_one_dev_info(struct device *dev)
5074 {
5075 struct device_domain_info *info;
5076 unsigned long flags;
5077
5078 spin_lock_irqsave(&device_domain_lock, flags);
5079 info = get_domain_info(dev);
5080 if (info)
5081 __dmar_remove_one_dev_info(info);
5082 spin_unlock_irqrestore(&device_domain_lock, flags);
5083 }
5084
md_domain_init(struct dmar_domain * domain,int guest_width)5085 static int md_domain_init(struct dmar_domain *domain, int guest_width)
5086 {
5087 int adjust_width;
5088
5089 /* calculate AGAW */
5090 domain->gaw = guest_width;
5091 adjust_width = guestwidth_to_adjustwidth(guest_width);
5092 domain->agaw = width_to_agaw(adjust_width);
5093
5094 domain->iommu_coherency = 0;
5095 domain->iommu_snooping = 0;
5096 domain->iommu_superpage = 0;
5097 domain->max_addr = 0;
5098
5099 /* always allocate the top pgd */
5100 domain->pgd = (struct dma_pte *)alloc_pgtable_page(domain->nid);
5101 if (!domain->pgd)
5102 return -ENOMEM;
5103 domain_flush_cache(domain, domain->pgd, PAGE_SIZE);
5104 return 0;
5105 }
5106
intel_init_iova_domain(struct dmar_domain * dmar_domain)5107 static void intel_init_iova_domain(struct dmar_domain *dmar_domain)
5108 {
5109 init_iova_domain(&dmar_domain->iovad, VTD_PAGE_SIZE, IOVA_START_PFN);
5110 copy_reserved_iova(&reserved_iova_list, &dmar_domain->iovad);
5111
5112 if (!intel_iommu_strict &&
5113 init_iova_flush_queue(&dmar_domain->iovad,
5114 iommu_flush_iova, iova_entry_free))
5115 pr_info("iova flush queue initialization failed\n");
5116 }
5117
intel_iommu_domain_alloc(unsigned type)5118 static struct iommu_domain *intel_iommu_domain_alloc(unsigned type)
5119 {
5120 struct dmar_domain *dmar_domain;
5121 struct iommu_domain *domain;
5122
5123 switch (type) {
5124 case IOMMU_DOMAIN_DMA:
5125 case IOMMU_DOMAIN_UNMANAGED:
5126 dmar_domain = alloc_domain(0);
5127 if (!dmar_domain) {
5128 pr_err("Can't allocate dmar_domain\n");
5129 return NULL;
5130 }
5131 if (md_domain_init(dmar_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
5132 pr_err("Domain initialization failed\n");
5133 domain_exit(dmar_domain);
5134 return NULL;
5135 }
5136
5137 if (type == IOMMU_DOMAIN_DMA)
5138 intel_init_iova_domain(dmar_domain);
5139
5140 domain = &dmar_domain->domain;
5141 domain->geometry.aperture_start = 0;
5142 domain->geometry.aperture_end =
5143 __DOMAIN_MAX_ADDR(dmar_domain->gaw);
5144 domain->geometry.force_aperture = true;
5145
5146 return domain;
5147 case IOMMU_DOMAIN_IDENTITY:
5148 return &si_domain->domain;
5149 default:
5150 return NULL;
5151 }
5152
5153 return NULL;
5154 }
5155
intel_iommu_domain_free(struct iommu_domain * domain)5156 static void intel_iommu_domain_free(struct iommu_domain *domain)
5157 {
5158 if (domain != &si_domain->domain)
5159 domain_exit(to_dmar_domain(domain));
5160 }
5161
5162 /*
5163 * Check whether a @domain could be attached to the @dev through the
5164 * aux-domain attach/detach APIs.
5165 */
5166 static inline bool
is_aux_domain(struct device * dev,struct iommu_domain * domain)5167 is_aux_domain(struct device *dev, struct iommu_domain *domain)
5168 {
5169 struct device_domain_info *info = get_domain_info(dev);
5170
5171 return info && info->auxd_enabled &&
5172 domain->type == IOMMU_DOMAIN_UNMANAGED;
5173 }
5174
auxiliary_link_device(struct dmar_domain * domain,struct device * dev)5175 static void auxiliary_link_device(struct dmar_domain *domain,
5176 struct device *dev)
5177 {
5178 struct device_domain_info *info = get_domain_info(dev);
5179
5180 assert_spin_locked(&device_domain_lock);
5181 if (WARN_ON(!info))
5182 return;
5183
5184 domain->auxd_refcnt++;
5185 list_add(&domain->auxd, &info->auxiliary_domains);
5186 }
5187
auxiliary_unlink_device(struct dmar_domain * domain,struct device * dev)5188 static void auxiliary_unlink_device(struct dmar_domain *domain,
5189 struct device *dev)
5190 {
5191 struct device_domain_info *info = get_domain_info(dev);
5192
5193 assert_spin_locked(&device_domain_lock);
5194 if (WARN_ON(!info))
5195 return;
5196
5197 list_del(&domain->auxd);
5198 domain->auxd_refcnt--;
5199
5200 if (!domain->auxd_refcnt && domain->default_pasid > 0)
5201 ioasid_free(domain->default_pasid);
5202 }
5203
aux_domain_add_dev(struct dmar_domain * domain,struct device * dev)5204 static int aux_domain_add_dev(struct dmar_domain *domain,
5205 struct device *dev)
5206 {
5207 int ret;
5208 unsigned long flags;
5209 struct intel_iommu *iommu;
5210
5211 iommu = device_to_iommu(dev, NULL, NULL);
5212 if (!iommu)
5213 return -ENODEV;
5214
5215 if (domain->default_pasid <= 0) {
5216 u32 pasid;
5217
5218 /* No private data needed for the default pasid */
5219 pasid = ioasid_alloc(NULL, PASID_MIN,
5220 pci_max_pasids(to_pci_dev(dev)) - 1,
5221 NULL);
5222 if (pasid == INVALID_IOASID) {
5223 pr_err("Can't allocate default pasid\n");
5224 return -ENODEV;
5225 }
5226 domain->default_pasid = pasid;
5227 }
5228
5229 spin_lock_irqsave(&device_domain_lock, flags);
5230 /*
5231 * iommu->lock must be held to attach domain to iommu and setup the
5232 * pasid entry for second level translation.
5233 */
5234 spin_lock(&iommu->lock);
5235 ret = domain_attach_iommu(domain, iommu);
5236 if (ret)
5237 goto attach_failed;
5238
5239 /* Setup the PASID entry for mediated devices: */
5240 if (domain_use_first_level(domain))
5241 ret = domain_setup_first_level(iommu, domain, dev,
5242 domain->default_pasid);
5243 else
5244 ret = intel_pasid_setup_second_level(iommu, domain, dev,
5245 domain->default_pasid);
5246 if (ret)
5247 goto table_failed;
5248 spin_unlock(&iommu->lock);
5249
5250 auxiliary_link_device(domain, dev);
5251
5252 spin_unlock_irqrestore(&device_domain_lock, flags);
5253
5254 return 0;
5255
5256 table_failed:
5257 domain_detach_iommu(domain, iommu);
5258 attach_failed:
5259 spin_unlock(&iommu->lock);
5260 spin_unlock_irqrestore(&device_domain_lock, flags);
5261 if (!domain->auxd_refcnt && domain->default_pasid > 0)
5262 ioasid_free(domain->default_pasid);
5263
5264 return ret;
5265 }
5266
aux_domain_remove_dev(struct dmar_domain * domain,struct device * dev)5267 static void aux_domain_remove_dev(struct dmar_domain *domain,
5268 struct device *dev)
5269 {
5270 struct device_domain_info *info;
5271 struct intel_iommu *iommu;
5272 unsigned long flags;
5273
5274 if (!is_aux_domain(dev, &domain->domain))
5275 return;
5276
5277 spin_lock_irqsave(&device_domain_lock, flags);
5278 info = get_domain_info(dev);
5279 iommu = info->iommu;
5280
5281 auxiliary_unlink_device(domain, dev);
5282
5283 spin_lock(&iommu->lock);
5284 intel_pasid_tear_down_entry(iommu, dev, domain->default_pasid, false);
5285 domain_detach_iommu(domain, iommu);
5286 spin_unlock(&iommu->lock);
5287
5288 spin_unlock_irqrestore(&device_domain_lock, flags);
5289 }
5290
prepare_domain_attach_device(struct iommu_domain * domain,struct device * dev)5291 static int prepare_domain_attach_device(struct iommu_domain *domain,
5292 struct device *dev)
5293 {
5294 struct dmar_domain *dmar_domain = to_dmar_domain(domain);
5295 struct intel_iommu *iommu;
5296 int addr_width;
5297
5298 iommu = device_to_iommu(dev, NULL, NULL);
5299 if (!iommu)
5300 return -ENODEV;
5301
5302 /* check if this iommu agaw is sufficient for max mapped address */
5303 addr_width = agaw_to_width(iommu->agaw);
5304 if (addr_width > cap_mgaw(iommu->cap))
5305 addr_width = cap_mgaw(iommu->cap);
5306
5307 if (dmar_domain->max_addr > (1LL << addr_width)) {
5308 dev_err(dev, "%s: iommu width (%d) is not "
5309 "sufficient for the mapped address (%llx)\n",
5310 __func__, addr_width, dmar_domain->max_addr);
5311 return -EFAULT;
5312 }
5313 dmar_domain->gaw = addr_width;
5314
5315 /*
5316 * Knock out extra levels of page tables if necessary
5317 */
5318 while (iommu->agaw < dmar_domain->agaw) {
5319 struct dma_pte *pte;
5320
5321 pte = dmar_domain->pgd;
5322 if (dma_pte_present(pte)) {
5323 dmar_domain->pgd = (struct dma_pte *)
5324 phys_to_virt(dma_pte_addr(pte));
5325 free_pgtable_page(pte);
5326 }
5327 dmar_domain->agaw--;
5328 }
5329
5330 return 0;
5331 }
5332
intel_iommu_attach_device(struct iommu_domain * domain,struct device * dev)5333 static int intel_iommu_attach_device(struct iommu_domain *domain,
5334 struct device *dev)
5335 {
5336 int ret;
5337
5338 if (domain->type == IOMMU_DOMAIN_UNMANAGED &&
5339 device_is_rmrr_locked(dev)) {
5340 dev_warn(dev, "Device is ineligible for IOMMU domain attach due to platform RMRR requirement. Contact your platform vendor.\n");
5341 return -EPERM;
5342 }
5343
5344 if (is_aux_domain(dev, domain))
5345 return -EPERM;
5346
5347 /* normally dev is not mapped */
5348 if (unlikely(domain_context_mapped(dev))) {
5349 struct dmar_domain *old_domain;
5350
5351 old_domain = find_domain(dev);
5352 if (old_domain)
5353 dmar_remove_one_dev_info(dev);
5354 }
5355
5356 ret = prepare_domain_attach_device(domain, dev);
5357 if (ret)
5358 return ret;
5359
5360 return domain_add_dev_info(to_dmar_domain(domain), dev);
5361 }
5362
intel_iommu_aux_attach_device(struct iommu_domain * domain,struct device * dev)5363 static int intel_iommu_aux_attach_device(struct iommu_domain *domain,
5364 struct device *dev)
5365 {
5366 int ret;
5367
5368 if (!is_aux_domain(dev, domain))
5369 return -EPERM;
5370
5371 ret = prepare_domain_attach_device(domain, dev);
5372 if (ret)
5373 return ret;
5374
5375 return aux_domain_add_dev(to_dmar_domain(domain), dev);
5376 }
5377
intel_iommu_detach_device(struct iommu_domain * domain,struct device * dev)5378 static void intel_iommu_detach_device(struct iommu_domain *domain,
5379 struct device *dev)
5380 {
5381 dmar_remove_one_dev_info(dev);
5382 }
5383
intel_iommu_aux_detach_device(struct iommu_domain * domain,struct device * dev)5384 static void intel_iommu_aux_detach_device(struct iommu_domain *domain,
5385 struct device *dev)
5386 {
5387 aux_domain_remove_dev(to_dmar_domain(domain), dev);
5388 }
5389
5390 /*
5391 * 2D array for converting and sanitizing IOMMU generic TLB granularity to
5392 * VT-d granularity. Invalidation is typically included in the unmap operation
5393 * as a result of DMA or VFIO unmap. However, for assigned devices guest
5394 * owns the first level page tables. Invalidations of translation caches in the
5395 * guest are trapped and passed down to the host.
5396 *
5397 * vIOMMU in the guest will only expose first level page tables, therefore
5398 * we do not support IOTLB granularity for request without PASID (second level).
5399 *
5400 * For example, to find the VT-d granularity encoding for IOTLB
5401 * type and page selective granularity within PASID:
5402 * X: indexed by iommu cache type
5403 * Y: indexed by enum iommu_inv_granularity
5404 * [IOMMU_CACHE_INV_TYPE_IOTLB][IOMMU_INV_GRANU_ADDR]
5405 */
5406
5407 static const int
5408 inv_type_granu_table[IOMMU_CACHE_INV_TYPE_NR][IOMMU_INV_GRANU_NR] = {
5409 /*
5410 * PASID based IOTLB invalidation: PASID selective (per PASID),
5411 * page selective (address granularity)
5412 */
5413 {-EINVAL, QI_GRAN_NONG_PASID, QI_GRAN_PSI_PASID},
5414 /* PASID based dev TLBs */
5415 {-EINVAL, -EINVAL, QI_DEV_IOTLB_GRAN_PASID_SEL},
5416 /* PASID cache */
5417 {-EINVAL, -EINVAL, -EINVAL}
5418 };
5419
to_vtd_granularity(int type,int granu)5420 static inline int to_vtd_granularity(int type, int granu)
5421 {
5422 return inv_type_granu_table[type][granu];
5423 }
5424
to_vtd_size(u64 granu_size,u64 nr_granules)5425 static inline u64 to_vtd_size(u64 granu_size, u64 nr_granules)
5426 {
5427 u64 nr_pages = (granu_size * nr_granules) >> VTD_PAGE_SHIFT;
5428
5429 /* VT-d size is encoded as 2^size of 4K pages, 0 for 4k, 9 for 2MB, etc.
5430 * IOMMU cache invalidate API passes granu_size in bytes, and number of
5431 * granu size in contiguous memory.
5432 */
5433 return order_base_2(nr_pages);
5434 }
5435
5436 #ifdef CONFIG_INTEL_IOMMU_SVM
5437 static int
intel_iommu_sva_invalidate(struct iommu_domain * domain,struct device * dev,struct iommu_cache_invalidate_info * inv_info)5438 intel_iommu_sva_invalidate(struct iommu_domain *domain, struct device *dev,
5439 struct iommu_cache_invalidate_info *inv_info)
5440 {
5441 struct dmar_domain *dmar_domain = to_dmar_domain(domain);
5442 struct device_domain_info *info;
5443 struct intel_iommu *iommu;
5444 unsigned long flags;
5445 int cache_type;
5446 u8 bus, devfn;
5447 u16 did, sid;
5448 int ret = 0;
5449 u64 size = 0;
5450
5451 if (!inv_info || !dmar_domain)
5452 return -EINVAL;
5453
5454 if (!dev || !dev_is_pci(dev))
5455 return -ENODEV;
5456
5457 iommu = device_to_iommu(dev, &bus, &devfn);
5458 if (!iommu)
5459 return -ENODEV;
5460
5461 if (!(dmar_domain->flags & DOMAIN_FLAG_NESTING_MODE))
5462 return -EINVAL;
5463
5464 spin_lock_irqsave(&device_domain_lock, flags);
5465 spin_lock(&iommu->lock);
5466 info = get_domain_info(dev);
5467 if (!info) {
5468 ret = -EINVAL;
5469 goto out_unlock;
5470 }
5471 did = dmar_domain->iommu_did[iommu->seq_id];
5472 sid = PCI_DEVID(bus, devfn);
5473
5474 /* Size is only valid in address selective invalidation */
5475 if (inv_info->granularity == IOMMU_INV_GRANU_ADDR)
5476 size = to_vtd_size(inv_info->granu.addr_info.granule_size,
5477 inv_info->granu.addr_info.nb_granules);
5478
5479 for_each_set_bit(cache_type,
5480 (unsigned long *)&inv_info->cache,
5481 IOMMU_CACHE_INV_TYPE_NR) {
5482 int granu = 0;
5483 u64 pasid = 0;
5484 u64 addr = 0;
5485
5486 granu = to_vtd_granularity(cache_type, inv_info->granularity);
5487 if (granu == -EINVAL) {
5488 pr_err_ratelimited("Invalid cache type and granu combination %d/%d\n",
5489 cache_type, inv_info->granularity);
5490 break;
5491 }
5492
5493 /*
5494 * PASID is stored in different locations based on the
5495 * granularity.
5496 */
5497 if (inv_info->granularity == IOMMU_INV_GRANU_PASID &&
5498 (inv_info->granu.pasid_info.flags & IOMMU_INV_PASID_FLAGS_PASID))
5499 pasid = inv_info->granu.pasid_info.pasid;
5500 else if (inv_info->granularity == IOMMU_INV_GRANU_ADDR &&
5501 (inv_info->granu.addr_info.flags & IOMMU_INV_ADDR_FLAGS_PASID))
5502 pasid = inv_info->granu.addr_info.pasid;
5503
5504 switch (BIT(cache_type)) {
5505 case IOMMU_CACHE_INV_TYPE_IOTLB:
5506 /* HW will ignore LSB bits based on address mask */
5507 if (inv_info->granularity == IOMMU_INV_GRANU_ADDR &&
5508 size &&
5509 (inv_info->granu.addr_info.addr & ((BIT(VTD_PAGE_SHIFT + size)) - 1))) {
5510 pr_err_ratelimited("User address not aligned, 0x%llx, size order %llu\n",
5511 inv_info->granu.addr_info.addr, size);
5512 }
5513
5514 /*
5515 * If granu is PASID-selective, address is ignored.
5516 * We use npages = -1 to indicate that.
5517 */
5518 qi_flush_piotlb(iommu, did, pasid,
5519 mm_to_dma_pfn(inv_info->granu.addr_info.addr),
5520 (granu == QI_GRAN_NONG_PASID) ? -1 : 1 << size,
5521 inv_info->granu.addr_info.flags & IOMMU_INV_ADDR_FLAGS_LEAF);
5522
5523 if (!info->ats_enabled)
5524 break;
5525 /*
5526 * Always flush device IOTLB if ATS is enabled. vIOMMU
5527 * in the guest may assume IOTLB flush is inclusive,
5528 * which is more efficient.
5529 */
5530 fallthrough;
5531 case IOMMU_CACHE_INV_TYPE_DEV_IOTLB:
5532 /*
5533 * PASID based device TLB invalidation does not support
5534 * IOMMU_INV_GRANU_PASID granularity but only supports
5535 * IOMMU_INV_GRANU_ADDR.
5536 * The equivalent of that is we set the size to be the
5537 * entire range of 64 bit. User only provides PASID info
5538 * without address info. So we set addr to 0.
5539 */
5540 if (inv_info->granularity == IOMMU_INV_GRANU_PASID) {
5541 size = 64 - VTD_PAGE_SHIFT;
5542 addr = 0;
5543 } else if (inv_info->granularity == IOMMU_INV_GRANU_ADDR) {
5544 addr = inv_info->granu.addr_info.addr;
5545 }
5546
5547 if (info->ats_enabled)
5548 qi_flush_dev_iotlb_pasid(iommu, sid,
5549 info->pfsid, pasid,
5550 info->ats_qdep, addr,
5551 size);
5552 else
5553 pr_warn_ratelimited("Passdown device IOTLB flush w/o ATS!\n");
5554 break;
5555 default:
5556 dev_err_ratelimited(dev, "Unsupported IOMMU invalidation type %d\n",
5557 cache_type);
5558 ret = -EINVAL;
5559 }
5560 }
5561 out_unlock:
5562 spin_unlock(&iommu->lock);
5563 spin_unlock_irqrestore(&device_domain_lock, flags);
5564
5565 return ret;
5566 }
5567 #endif
5568
intel_iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t hpa,size_t size,int iommu_prot,gfp_t gfp)5569 static int intel_iommu_map(struct iommu_domain *domain,
5570 unsigned long iova, phys_addr_t hpa,
5571 size_t size, int iommu_prot, gfp_t gfp)
5572 {
5573 struct dmar_domain *dmar_domain = to_dmar_domain(domain);
5574 u64 max_addr;
5575 int prot = 0;
5576 int ret;
5577
5578 if (iommu_prot & IOMMU_READ)
5579 prot |= DMA_PTE_READ;
5580 if (iommu_prot & IOMMU_WRITE)
5581 prot |= DMA_PTE_WRITE;
5582 if ((iommu_prot & IOMMU_CACHE) && dmar_domain->iommu_snooping)
5583 prot |= DMA_PTE_SNP;
5584
5585 max_addr = iova + size;
5586 if (dmar_domain->max_addr < max_addr) {
5587 u64 end;
5588
5589 /* check if minimum agaw is sufficient for mapped address */
5590 end = __DOMAIN_MAX_ADDR(dmar_domain->gaw) + 1;
5591 if (end < max_addr) {
5592 pr_err("%s: iommu width (%d) is not "
5593 "sufficient for the mapped address (%llx)\n",
5594 __func__, dmar_domain->gaw, max_addr);
5595 return -EFAULT;
5596 }
5597 dmar_domain->max_addr = max_addr;
5598 }
5599 /* Round up size to next multiple of PAGE_SIZE, if it and
5600 the low bits of hpa would take us onto the next page */
5601 size = aligned_nrpages(hpa, size);
5602 ret = domain_pfn_mapping(dmar_domain, iova >> VTD_PAGE_SHIFT,
5603 hpa >> VTD_PAGE_SHIFT, size, prot);
5604 return ret;
5605 }
5606
intel_iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * gather)5607 static size_t intel_iommu_unmap(struct iommu_domain *domain,
5608 unsigned long iova, size_t size,
5609 struct iommu_iotlb_gather *gather)
5610 {
5611 struct dmar_domain *dmar_domain = to_dmar_domain(domain);
5612 struct page *freelist = NULL;
5613 unsigned long start_pfn, last_pfn;
5614 unsigned int npages;
5615 int iommu_id, level = 0;
5616
5617 /* Cope with horrid API which requires us to unmap more than the
5618 size argument if it happens to be a large-page mapping. */
5619 BUG_ON(!pfn_to_dma_pte(dmar_domain, iova >> VTD_PAGE_SHIFT, &level));
5620
5621 if (size < VTD_PAGE_SIZE << level_to_offset_bits(level))
5622 size = VTD_PAGE_SIZE << level_to_offset_bits(level);
5623
5624 start_pfn = iova >> VTD_PAGE_SHIFT;
5625 last_pfn = (iova + size - 1) >> VTD_PAGE_SHIFT;
5626
5627 freelist = domain_unmap(dmar_domain, start_pfn, last_pfn);
5628
5629 npages = last_pfn - start_pfn + 1;
5630
5631 for_each_domain_iommu(iommu_id, dmar_domain)
5632 iommu_flush_iotlb_psi(g_iommus[iommu_id], dmar_domain,
5633 start_pfn, npages, !freelist, 0);
5634
5635 dma_free_pagelist(freelist);
5636
5637 if (dmar_domain->max_addr == iova + size)
5638 dmar_domain->max_addr = iova;
5639
5640 return size;
5641 }
5642
intel_iommu_iova_to_phys(struct iommu_domain * domain,dma_addr_t iova)5643 static phys_addr_t intel_iommu_iova_to_phys(struct iommu_domain *domain,
5644 dma_addr_t iova)
5645 {
5646 struct dmar_domain *dmar_domain = to_dmar_domain(domain);
5647 struct dma_pte *pte;
5648 int level = 0;
5649 u64 phys = 0;
5650
5651 pte = pfn_to_dma_pte(dmar_domain, iova >> VTD_PAGE_SHIFT, &level);
5652 if (pte && dma_pte_present(pte))
5653 phys = dma_pte_addr(pte) +
5654 (iova & (BIT_MASK(level_to_offset_bits(level) +
5655 VTD_PAGE_SHIFT) - 1));
5656
5657 return phys;
5658 }
5659
scalable_mode_support(void)5660 static inline bool scalable_mode_support(void)
5661 {
5662 struct dmar_drhd_unit *drhd;
5663 struct intel_iommu *iommu;
5664 bool ret = true;
5665
5666 rcu_read_lock();
5667 for_each_active_iommu(iommu, drhd) {
5668 if (!sm_supported(iommu)) {
5669 ret = false;
5670 break;
5671 }
5672 }
5673 rcu_read_unlock();
5674
5675 return ret;
5676 }
5677
iommu_pasid_support(void)5678 static inline bool iommu_pasid_support(void)
5679 {
5680 struct dmar_drhd_unit *drhd;
5681 struct intel_iommu *iommu;
5682 bool ret = true;
5683
5684 rcu_read_lock();
5685 for_each_active_iommu(iommu, drhd) {
5686 if (!pasid_supported(iommu)) {
5687 ret = false;
5688 break;
5689 }
5690 }
5691 rcu_read_unlock();
5692
5693 return ret;
5694 }
5695
nested_mode_support(void)5696 static inline bool nested_mode_support(void)
5697 {
5698 struct dmar_drhd_unit *drhd;
5699 struct intel_iommu *iommu;
5700 bool ret = true;
5701
5702 rcu_read_lock();
5703 for_each_active_iommu(iommu, drhd) {
5704 if (!sm_supported(iommu) || !ecap_nest(iommu->ecap)) {
5705 ret = false;
5706 break;
5707 }
5708 }
5709 rcu_read_unlock();
5710
5711 return ret;
5712 }
5713
intel_iommu_capable(enum iommu_cap cap)5714 static bool intel_iommu_capable(enum iommu_cap cap)
5715 {
5716 if (cap == IOMMU_CAP_CACHE_COHERENCY)
5717 return domain_update_iommu_snooping(NULL) == 1;
5718 if (cap == IOMMU_CAP_INTR_REMAP)
5719 return irq_remapping_enabled == 1;
5720
5721 return false;
5722 }
5723
intel_iommu_probe_device(struct device * dev)5724 static struct iommu_device *intel_iommu_probe_device(struct device *dev)
5725 {
5726 struct intel_iommu *iommu;
5727
5728 iommu = device_to_iommu(dev, NULL, NULL);
5729 if (!iommu)
5730 return ERR_PTR(-ENODEV);
5731
5732 if (translation_pre_enabled(iommu))
5733 dev_iommu_priv_set(dev, DEFER_DEVICE_DOMAIN_INFO);
5734
5735 return &iommu->iommu;
5736 }
5737
intel_iommu_release_device(struct device * dev)5738 static void intel_iommu_release_device(struct device *dev)
5739 {
5740 struct intel_iommu *iommu;
5741
5742 iommu = device_to_iommu(dev, NULL, NULL);
5743 if (!iommu)
5744 return;
5745
5746 dmar_remove_one_dev_info(dev);
5747
5748 set_dma_ops(dev, NULL);
5749 }
5750
intel_iommu_probe_finalize(struct device * dev)5751 static void intel_iommu_probe_finalize(struct device *dev)
5752 {
5753 struct iommu_domain *domain;
5754
5755 domain = iommu_get_domain_for_dev(dev);
5756 if (device_needs_bounce(dev))
5757 set_dma_ops(dev, &bounce_dma_ops);
5758 else if (domain && domain->type == IOMMU_DOMAIN_DMA)
5759 set_dma_ops(dev, &intel_dma_ops);
5760 else
5761 set_dma_ops(dev, NULL);
5762 }
5763
intel_iommu_get_resv_regions(struct device * device,struct list_head * head)5764 static void intel_iommu_get_resv_regions(struct device *device,
5765 struct list_head *head)
5766 {
5767 int prot = DMA_PTE_READ | DMA_PTE_WRITE;
5768 struct iommu_resv_region *reg;
5769 struct dmar_rmrr_unit *rmrr;
5770 struct device *i_dev;
5771 int i;
5772
5773 down_read(&dmar_global_lock);
5774 for_each_rmrr_units(rmrr) {
5775 for_each_active_dev_scope(rmrr->devices, rmrr->devices_cnt,
5776 i, i_dev) {
5777 struct iommu_resv_region *resv;
5778 enum iommu_resv_type type;
5779 size_t length;
5780
5781 if (i_dev != device &&
5782 !is_downstream_to_pci_bridge(device, i_dev))
5783 continue;
5784
5785 length = rmrr->end_address - rmrr->base_address + 1;
5786
5787 type = device_rmrr_is_relaxable(device) ?
5788 IOMMU_RESV_DIRECT_RELAXABLE : IOMMU_RESV_DIRECT;
5789
5790 resv = iommu_alloc_resv_region(rmrr->base_address,
5791 length, prot, type);
5792 if (!resv)
5793 break;
5794
5795 list_add_tail(&resv->list, head);
5796 }
5797 }
5798 up_read(&dmar_global_lock);
5799
5800 #ifdef CONFIG_INTEL_IOMMU_FLOPPY_WA
5801 if (dev_is_pci(device)) {
5802 struct pci_dev *pdev = to_pci_dev(device);
5803
5804 if ((pdev->class >> 8) == PCI_CLASS_BRIDGE_ISA) {
5805 reg = iommu_alloc_resv_region(0, 1UL << 24, prot,
5806 IOMMU_RESV_DIRECT_RELAXABLE);
5807 if (reg)
5808 list_add_tail(®->list, head);
5809 }
5810 }
5811 #endif /* CONFIG_INTEL_IOMMU_FLOPPY_WA */
5812
5813 reg = iommu_alloc_resv_region(IOAPIC_RANGE_START,
5814 IOAPIC_RANGE_END - IOAPIC_RANGE_START + 1,
5815 0, IOMMU_RESV_MSI);
5816 if (!reg)
5817 return;
5818 list_add_tail(®->list, head);
5819 }
5820
intel_iommu_enable_pasid(struct intel_iommu * iommu,struct device * dev)5821 int intel_iommu_enable_pasid(struct intel_iommu *iommu, struct device *dev)
5822 {
5823 struct device_domain_info *info;
5824 struct context_entry *context;
5825 struct dmar_domain *domain;
5826 unsigned long flags;
5827 u64 ctx_lo;
5828 int ret;
5829
5830 domain = find_domain(dev);
5831 if (!domain)
5832 return -EINVAL;
5833
5834 spin_lock_irqsave(&device_domain_lock, flags);
5835 spin_lock(&iommu->lock);
5836
5837 ret = -EINVAL;
5838 info = get_domain_info(dev);
5839 if (!info || !info->pasid_supported)
5840 goto out;
5841
5842 context = iommu_context_addr(iommu, info->bus, info->devfn, 0);
5843 if (WARN_ON(!context))
5844 goto out;
5845
5846 ctx_lo = context[0].lo;
5847
5848 if (!(ctx_lo & CONTEXT_PASIDE)) {
5849 ctx_lo |= CONTEXT_PASIDE;
5850 context[0].lo = ctx_lo;
5851 wmb();
5852 iommu->flush.flush_context(iommu,
5853 domain->iommu_did[iommu->seq_id],
5854 PCI_DEVID(info->bus, info->devfn),
5855 DMA_CCMD_MASK_NOBIT,
5856 DMA_CCMD_DEVICE_INVL);
5857 }
5858
5859 /* Enable PASID support in the device, if it wasn't already */
5860 if (!info->pasid_enabled)
5861 iommu_enable_dev_iotlb(info);
5862
5863 ret = 0;
5864
5865 out:
5866 spin_unlock(&iommu->lock);
5867 spin_unlock_irqrestore(&device_domain_lock, flags);
5868
5869 return ret;
5870 }
5871
intel_iommu_apply_resv_region(struct device * dev,struct iommu_domain * domain,struct iommu_resv_region * region)5872 static void intel_iommu_apply_resv_region(struct device *dev,
5873 struct iommu_domain *domain,
5874 struct iommu_resv_region *region)
5875 {
5876 struct dmar_domain *dmar_domain = to_dmar_domain(domain);
5877 unsigned long start, end;
5878
5879 start = IOVA_PFN(region->start);
5880 end = IOVA_PFN(region->start + region->length - 1);
5881
5882 WARN_ON_ONCE(!reserve_iova(&dmar_domain->iovad, start, end));
5883 }
5884
intel_iommu_device_group(struct device * dev)5885 static struct iommu_group *intel_iommu_device_group(struct device *dev)
5886 {
5887 if (dev_is_pci(dev))
5888 return pci_device_group(dev);
5889 return generic_device_group(dev);
5890 }
5891
intel_iommu_enable_auxd(struct device * dev)5892 static int intel_iommu_enable_auxd(struct device *dev)
5893 {
5894 struct device_domain_info *info;
5895 struct intel_iommu *iommu;
5896 unsigned long flags;
5897 int ret;
5898
5899 iommu = device_to_iommu(dev, NULL, NULL);
5900 if (!iommu || dmar_disabled)
5901 return -EINVAL;
5902
5903 if (!sm_supported(iommu) || !pasid_supported(iommu))
5904 return -EINVAL;
5905
5906 ret = intel_iommu_enable_pasid(iommu, dev);
5907 if (ret)
5908 return -ENODEV;
5909
5910 spin_lock_irqsave(&device_domain_lock, flags);
5911 info = get_domain_info(dev);
5912 info->auxd_enabled = 1;
5913 spin_unlock_irqrestore(&device_domain_lock, flags);
5914
5915 return 0;
5916 }
5917
intel_iommu_disable_auxd(struct device * dev)5918 static int intel_iommu_disable_auxd(struct device *dev)
5919 {
5920 struct device_domain_info *info;
5921 unsigned long flags;
5922
5923 spin_lock_irqsave(&device_domain_lock, flags);
5924 info = get_domain_info(dev);
5925 if (!WARN_ON(!info))
5926 info->auxd_enabled = 0;
5927 spin_unlock_irqrestore(&device_domain_lock, flags);
5928
5929 return 0;
5930 }
5931
5932 /*
5933 * A PCI express designated vendor specific extended capability is defined
5934 * in the section 3.7 of Intel scalable I/O virtualization technical spec
5935 * for system software and tools to detect endpoint devices supporting the
5936 * Intel scalable IO virtualization without host driver dependency.
5937 *
5938 * Returns the address of the matching extended capability structure within
5939 * the device's PCI configuration space or 0 if the device does not support
5940 * it.
5941 */
siov_find_pci_dvsec(struct pci_dev * pdev)5942 static int siov_find_pci_dvsec(struct pci_dev *pdev)
5943 {
5944 int pos;
5945 u16 vendor, id;
5946
5947 pos = pci_find_next_ext_capability(pdev, 0, 0x23);
5948 while (pos) {
5949 pci_read_config_word(pdev, pos + 4, &vendor);
5950 pci_read_config_word(pdev, pos + 8, &id);
5951 if (vendor == PCI_VENDOR_ID_INTEL && id == 5)
5952 return pos;
5953
5954 pos = pci_find_next_ext_capability(pdev, pos, 0x23);
5955 }
5956
5957 return 0;
5958 }
5959
5960 static bool
intel_iommu_dev_has_feat(struct device * dev,enum iommu_dev_features feat)5961 intel_iommu_dev_has_feat(struct device *dev, enum iommu_dev_features feat)
5962 {
5963 if (feat == IOMMU_DEV_FEAT_AUX) {
5964 int ret;
5965
5966 if (!dev_is_pci(dev) || dmar_disabled ||
5967 !scalable_mode_support() || !iommu_pasid_support())
5968 return false;
5969
5970 ret = pci_pasid_features(to_pci_dev(dev));
5971 if (ret < 0)
5972 return false;
5973
5974 return !!siov_find_pci_dvsec(to_pci_dev(dev));
5975 }
5976
5977 if (feat == IOMMU_DEV_FEAT_SVA) {
5978 struct device_domain_info *info = get_domain_info(dev);
5979
5980 return info && (info->iommu->flags & VTD_FLAG_SVM_CAPABLE) &&
5981 info->pasid_supported && info->pri_supported &&
5982 info->ats_supported;
5983 }
5984
5985 return false;
5986 }
5987
5988 static int
intel_iommu_dev_enable_feat(struct device * dev,enum iommu_dev_features feat)5989 intel_iommu_dev_enable_feat(struct device *dev, enum iommu_dev_features feat)
5990 {
5991 if (feat == IOMMU_DEV_FEAT_AUX)
5992 return intel_iommu_enable_auxd(dev);
5993
5994 if (feat == IOMMU_DEV_FEAT_SVA) {
5995 struct device_domain_info *info = get_domain_info(dev);
5996
5997 if (!info)
5998 return -EINVAL;
5999
6000 if (info->iommu->flags & VTD_FLAG_SVM_CAPABLE)
6001 return 0;
6002 }
6003
6004 return -ENODEV;
6005 }
6006
6007 static int
intel_iommu_dev_disable_feat(struct device * dev,enum iommu_dev_features feat)6008 intel_iommu_dev_disable_feat(struct device *dev, enum iommu_dev_features feat)
6009 {
6010 if (feat == IOMMU_DEV_FEAT_AUX)
6011 return intel_iommu_disable_auxd(dev);
6012
6013 return -ENODEV;
6014 }
6015
6016 static bool
intel_iommu_dev_feat_enabled(struct device * dev,enum iommu_dev_features feat)6017 intel_iommu_dev_feat_enabled(struct device *dev, enum iommu_dev_features feat)
6018 {
6019 struct device_domain_info *info = get_domain_info(dev);
6020
6021 if (feat == IOMMU_DEV_FEAT_AUX)
6022 return scalable_mode_support() && info && info->auxd_enabled;
6023
6024 return false;
6025 }
6026
6027 static int
intel_iommu_aux_get_pasid(struct iommu_domain * domain,struct device * dev)6028 intel_iommu_aux_get_pasid(struct iommu_domain *domain, struct device *dev)
6029 {
6030 struct dmar_domain *dmar_domain = to_dmar_domain(domain);
6031
6032 return dmar_domain->default_pasid > 0 ?
6033 dmar_domain->default_pasid : -EINVAL;
6034 }
6035
intel_iommu_is_attach_deferred(struct iommu_domain * domain,struct device * dev)6036 static bool intel_iommu_is_attach_deferred(struct iommu_domain *domain,
6037 struct device *dev)
6038 {
6039 return attach_deferred(dev);
6040 }
6041
6042 static int
intel_iommu_domain_set_attr(struct iommu_domain * domain,enum iommu_attr attr,void * data)6043 intel_iommu_domain_set_attr(struct iommu_domain *domain,
6044 enum iommu_attr attr, void *data)
6045 {
6046 struct dmar_domain *dmar_domain = to_dmar_domain(domain);
6047 unsigned long flags;
6048 int ret = 0;
6049
6050 if (domain->type != IOMMU_DOMAIN_UNMANAGED)
6051 return -EINVAL;
6052
6053 switch (attr) {
6054 case DOMAIN_ATTR_NESTING:
6055 spin_lock_irqsave(&device_domain_lock, flags);
6056 if (nested_mode_support() &&
6057 list_empty(&dmar_domain->devices)) {
6058 dmar_domain->flags |= DOMAIN_FLAG_NESTING_MODE;
6059 dmar_domain->flags &= ~DOMAIN_FLAG_USE_FIRST_LEVEL;
6060 } else {
6061 ret = -ENODEV;
6062 }
6063 spin_unlock_irqrestore(&device_domain_lock, flags);
6064 break;
6065 default:
6066 ret = -EINVAL;
6067 break;
6068 }
6069
6070 return ret;
6071 }
6072
6073 /*
6074 * Check that the device does not live on an external facing PCI port that is
6075 * marked as untrusted. Such devices should not be able to apply quirks and
6076 * thus not be able to bypass the IOMMU restrictions.
6077 */
risky_device(struct pci_dev * pdev)6078 static bool risky_device(struct pci_dev *pdev)
6079 {
6080 if (pdev->untrusted) {
6081 pci_info(pdev,
6082 "Skipping IOMMU quirk for dev [%04X:%04X] on untrusted PCI link\n",
6083 pdev->vendor, pdev->device);
6084 pci_info(pdev, "Please check with your BIOS/Platform vendor about this\n");
6085 return true;
6086 }
6087 return false;
6088 }
6089
6090 const struct iommu_ops intel_iommu_ops = {
6091 .capable = intel_iommu_capable,
6092 .domain_alloc = intel_iommu_domain_alloc,
6093 .domain_free = intel_iommu_domain_free,
6094 .domain_set_attr = intel_iommu_domain_set_attr,
6095 .attach_dev = intel_iommu_attach_device,
6096 .detach_dev = intel_iommu_detach_device,
6097 .aux_attach_dev = intel_iommu_aux_attach_device,
6098 .aux_detach_dev = intel_iommu_aux_detach_device,
6099 .aux_get_pasid = intel_iommu_aux_get_pasid,
6100 .map = intel_iommu_map,
6101 .unmap = intel_iommu_unmap,
6102 .iova_to_phys = intel_iommu_iova_to_phys,
6103 .probe_device = intel_iommu_probe_device,
6104 .probe_finalize = intel_iommu_probe_finalize,
6105 .release_device = intel_iommu_release_device,
6106 .get_resv_regions = intel_iommu_get_resv_regions,
6107 .put_resv_regions = generic_iommu_put_resv_regions,
6108 .apply_resv_region = intel_iommu_apply_resv_region,
6109 .device_group = intel_iommu_device_group,
6110 .dev_has_feat = intel_iommu_dev_has_feat,
6111 .dev_feat_enabled = intel_iommu_dev_feat_enabled,
6112 .dev_enable_feat = intel_iommu_dev_enable_feat,
6113 .dev_disable_feat = intel_iommu_dev_disable_feat,
6114 .is_attach_deferred = intel_iommu_is_attach_deferred,
6115 .def_domain_type = device_def_domain_type,
6116 .pgsize_bitmap = INTEL_IOMMU_PGSIZES,
6117 #ifdef CONFIG_INTEL_IOMMU_SVM
6118 .cache_invalidate = intel_iommu_sva_invalidate,
6119 .sva_bind_gpasid = intel_svm_bind_gpasid,
6120 .sva_unbind_gpasid = intel_svm_unbind_gpasid,
6121 .sva_bind = intel_svm_bind,
6122 .sva_unbind = intel_svm_unbind,
6123 .sva_get_pasid = intel_svm_get_pasid,
6124 .page_response = intel_svm_page_response,
6125 #endif
6126 };
6127
quirk_iommu_igfx(struct pci_dev * dev)6128 static void quirk_iommu_igfx(struct pci_dev *dev)
6129 {
6130 if (risky_device(dev))
6131 return;
6132
6133 pci_info(dev, "Disabling IOMMU for graphics on this chipset\n");
6134 dmar_map_gfx = 0;
6135 }
6136
6137 /* G4x/GM45 integrated gfx dmar support is totally busted. */
6138 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2a40, quirk_iommu_igfx);
6139 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e00, quirk_iommu_igfx);
6140 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e10, quirk_iommu_igfx);
6141 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e20, quirk_iommu_igfx);
6142 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e30, quirk_iommu_igfx);
6143 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e40, quirk_iommu_igfx);
6144 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e90, quirk_iommu_igfx);
6145
6146 /* Broadwell igfx malfunctions with dmar */
6147 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1606, quirk_iommu_igfx);
6148 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x160B, quirk_iommu_igfx);
6149 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x160E, quirk_iommu_igfx);
6150 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1602, quirk_iommu_igfx);
6151 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x160A, quirk_iommu_igfx);
6152 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x160D, quirk_iommu_igfx);
6153 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1616, quirk_iommu_igfx);
6154 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x161B, quirk_iommu_igfx);
6155 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x161E, quirk_iommu_igfx);
6156 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1612, quirk_iommu_igfx);
6157 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x161A, quirk_iommu_igfx);
6158 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x161D, quirk_iommu_igfx);
6159 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1626, quirk_iommu_igfx);
6160 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x162B, quirk_iommu_igfx);
6161 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x162E, quirk_iommu_igfx);
6162 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1622, quirk_iommu_igfx);
6163 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x162A, quirk_iommu_igfx);
6164 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x162D, quirk_iommu_igfx);
6165 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1636, quirk_iommu_igfx);
6166 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163B, quirk_iommu_igfx);
6167 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163E, quirk_iommu_igfx);
6168 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1632, quirk_iommu_igfx);
6169 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163A, quirk_iommu_igfx);
6170 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163D, quirk_iommu_igfx);
6171
quirk_iommu_rwbf(struct pci_dev * dev)6172 static void quirk_iommu_rwbf(struct pci_dev *dev)
6173 {
6174 if (risky_device(dev))
6175 return;
6176
6177 /*
6178 * Mobile 4 Series Chipset neglects to set RWBF capability,
6179 * but needs it. Same seems to hold for the desktop versions.
6180 */
6181 pci_info(dev, "Forcing write-buffer flush capability\n");
6182 rwbf_quirk = 1;
6183 }
6184
6185 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2a40, quirk_iommu_rwbf);
6186 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e00, quirk_iommu_rwbf);
6187 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e10, quirk_iommu_rwbf);
6188 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e20, quirk_iommu_rwbf);
6189 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e30, quirk_iommu_rwbf);
6190 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e40, quirk_iommu_rwbf);
6191 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e90, quirk_iommu_rwbf);
6192
6193 #define GGC 0x52
6194 #define GGC_MEMORY_SIZE_MASK (0xf << 8)
6195 #define GGC_MEMORY_SIZE_NONE (0x0 << 8)
6196 #define GGC_MEMORY_SIZE_1M (0x1 << 8)
6197 #define GGC_MEMORY_SIZE_2M (0x3 << 8)
6198 #define GGC_MEMORY_VT_ENABLED (0x8 << 8)
6199 #define GGC_MEMORY_SIZE_2M_VT (0x9 << 8)
6200 #define GGC_MEMORY_SIZE_3M_VT (0xa << 8)
6201 #define GGC_MEMORY_SIZE_4M_VT (0xb << 8)
6202
quirk_calpella_no_shadow_gtt(struct pci_dev * dev)6203 static void quirk_calpella_no_shadow_gtt(struct pci_dev *dev)
6204 {
6205 unsigned short ggc;
6206
6207 if (risky_device(dev))
6208 return;
6209
6210 if (pci_read_config_word(dev, GGC, &ggc))
6211 return;
6212
6213 if (!(ggc & GGC_MEMORY_VT_ENABLED)) {
6214 pci_info(dev, "BIOS has allocated no shadow GTT; disabling IOMMU for graphics\n");
6215 dmar_map_gfx = 0;
6216 } else if (dmar_map_gfx) {
6217 /* we have to ensure the gfx device is idle before we flush */
6218 pci_info(dev, "Disabling batched IOTLB flush on Ironlake\n");
6219 intel_iommu_strict = 1;
6220 }
6221 }
6222 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0040, quirk_calpella_no_shadow_gtt);
6223 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0044, quirk_calpella_no_shadow_gtt);
6224 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0062, quirk_calpella_no_shadow_gtt);
6225 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x006a, quirk_calpella_no_shadow_gtt);
6226
quirk_igfx_skip_te_disable(struct pci_dev * dev)6227 static void quirk_igfx_skip_te_disable(struct pci_dev *dev)
6228 {
6229 unsigned short ver;
6230
6231 if (!IS_GFX_DEVICE(dev))
6232 return;
6233
6234 ver = (dev->device >> 8) & 0xff;
6235 if (ver != 0x45 && ver != 0x46 && ver != 0x4c &&
6236 ver != 0x4e && ver != 0x8a && ver != 0x98 &&
6237 ver != 0x9a)
6238 return;
6239
6240 if (risky_device(dev))
6241 return;
6242
6243 pci_info(dev, "Skip IOMMU disabling for graphics\n");
6244 iommu_skip_te_disable = 1;
6245 }
6246 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, PCI_ANY_ID, quirk_igfx_skip_te_disable);
6247
6248 /* On Tylersburg chipsets, some BIOSes have been known to enable the
6249 ISOCH DMAR unit for the Azalia sound device, but not give it any
6250 TLB entries, which causes it to deadlock. Check for that. We do
6251 this in a function called from init_dmars(), instead of in a PCI
6252 quirk, because we don't want to print the obnoxious "BIOS broken"
6253 message if VT-d is actually disabled.
6254 */
check_tylersburg_isoch(void)6255 static void __init check_tylersburg_isoch(void)
6256 {
6257 struct pci_dev *pdev;
6258 uint32_t vtisochctrl;
6259
6260 /* If there's no Azalia in the system anyway, forget it. */
6261 pdev = pci_get_device(PCI_VENDOR_ID_INTEL, 0x3a3e, NULL);
6262 if (!pdev)
6263 return;
6264
6265 if (risky_device(pdev)) {
6266 pci_dev_put(pdev);
6267 return;
6268 }
6269
6270 pci_dev_put(pdev);
6271
6272 /* System Management Registers. Might be hidden, in which case
6273 we can't do the sanity check. But that's OK, because the
6274 known-broken BIOSes _don't_ actually hide it, so far. */
6275 pdev = pci_get_device(PCI_VENDOR_ID_INTEL, 0x342e, NULL);
6276 if (!pdev)
6277 return;
6278
6279 if (risky_device(pdev)) {
6280 pci_dev_put(pdev);
6281 return;
6282 }
6283
6284 if (pci_read_config_dword(pdev, 0x188, &vtisochctrl)) {
6285 pci_dev_put(pdev);
6286 return;
6287 }
6288
6289 pci_dev_put(pdev);
6290
6291 /* If Azalia DMA is routed to the non-isoch DMAR unit, fine. */
6292 if (vtisochctrl & 1)
6293 return;
6294
6295 /* Drop all bits other than the number of TLB entries */
6296 vtisochctrl &= 0x1c;
6297
6298 /* If we have the recommended number of TLB entries (16), fine. */
6299 if (vtisochctrl == 0x10)
6300 return;
6301
6302 /* Zero TLB entries? You get to ride the short bus to school. */
6303 if (!vtisochctrl) {
6304 WARN(1, "Your BIOS is broken; DMA routed to ISOCH DMAR unit but no TLB space.\n"
6305 "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
6306 dmi_get_system_info(DMI_BIOS_VENDOR),
6307 dmi_get_system_info(DMI_BIOS_VERSION),
6308 dmi_get_system_info(DMI_PRODUCT_VERSION));
6309 iommu_identity_mapping |= IDENTMAP_AZALIA;
6310 return;
6311 }
6312
6313 pr_warn("Recommended TLB entries for ISOCH unit is 16; your BIOS set %d\n",
6314 vtisochctrl);
6315 }
6316
