1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2007-2008 Advanced Micro Devices, Inc.
4 * Author: Joerg Roedel <jroedel@suse.de>
5 */
6
7 #define pr_fmt(fmt) "iommu: " fmt
8
9 #include <linux/device.h>
10 #include <linux/kernel.h>
11 #include <linux/bug.h>
12 #include <linux/types.h>
13 #include <linux/init.h>
14 #include <linux/export.h>
15 #include <linux/slab.h>
16 #include <linux/errno.h>
17 #include <linux/iommu.h>
18 #include <linux/idr.h>
19 #include <linux/notifier.h>
20 #include <linux/err.h>
21 #include <linux/pci.h>
22 #include <linux/bitops.h>
23 #include <linux/property.h>
24 #include <linux/fsl/mc.h>
25 #include <linux/module.h>
26 #include <trace/events/iommu.h>
27
28 static struct kset *iommu_group_kset;
29 static DEFINE_IDA(iommu_group_ida);
30
31 static unsigned int iommu_def_domain_type __read_mostly;
32 static bool iommu_dma_strict __read_mostly = true;
33 static u32 iommu_cmd_line __read_mostly;
34
35 struct iommu_group {
36 struct kobject kobj;
37 struct kobject *devices_kobj;
38 struct list_head devices;
39 struct mutex mutex;
40 struct blocking_notifier_head notifier;
41 void *iommu_data;
42 void (*iommu_data_release)(void *iommu_data);
43 char *name;
44 int id;
45 struct iommu_domain *default_domain;
46 struct iommu_domain *domain;
47 struct list_head entry;
48 };
49
50 struct group_device {
51 struct list_head list;
52 struct device *dev;
53 char *name;
54 };
55
56 struct iommu_group_attribute {
57 struct attribute attr;
58 ssize_t (*show)(struct iommu_group *group, char *buf);
59 ssize_t (*store)(struct iommu_group *group,
60 const char *buf, size_t count);
61 };
62
63 static const char * const iommu_group_resv_type_string[] = {
64 [IOMMU_RESV_DIRECT] = "direct",
65 [IOMMU_RESV_DIRECT_RELAXABLE] = "direct-relaxable",
66 [IOMMU_RESV_RESERVED] = "reserved",
67 [IOMMU_RESV_MSI] = "msi",
68 [IOMMU_RESV_SW_MSI] = "msi",
69 };
70
71 #define IOMMU_CMD_LINE_DMA_API BIT(0)
72
iommu_set_cmd_line_dma_api(void)73 static void iommu_set_cmd_line_dma_api(void)
74 {
75 iommu_cmd_line |= IOMMU_CMD_LINE_DMA_API;
76 }
77
iommu_cmd_line_dma_api(void)78 static bool iommu_cmd_line_dma_api(void)
79 {
80 return !!(iommu_cmd_line & IOMMU_CMD_LINE_DMA_API);
81 }
82
83 static int iommu_alloc_default_domain(struct iommu_group *group,
84 struct device *dev);
85 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
86 unsigned type);
87 static int __iommu_attach_device(struct iommu_domain *domain,
88 struct device *dev);
89 static int __iommu_attach_group(struct iommu_domain *domain,
90 struct iommu_group *group);
91 static void __iommu_detach_group(struct iommu_domain *domain,
92 struct iommu_group *group);
93 static int iommu_create_device_direct_mappings(struct iommu_group *group,
94 struct device *dev);
95 static struct iommu_group *iommu_group_get_for_dev(struct device *dev);
96
97 #define IOMMU_GROUP_ATTR(_name, _mode, _show, _store) \
98 struct iommu_group_attribute iommu_group_attr_##_name = \
99 __ATTR(_name, _mode, _show, _store)
100
101 #define to_iommu_group_attr(_attr) \
102 container_of(_attr, struct iommu_group_attribute, attr)
103 #define to_iommu_group(_kobj) \
104 container_of(_kobj, struct iommu_group, kobj)
105
106 static LIST_HEAD(iommu_device_list);
107 static DEFINE_SPINLOCK(iommu_device_lock);
108
109 /*
110 * Use a function instead of an array here because the domain-type is a
111 * bit-field, so an array would waste memory.
112 */
iommu_domain_type_str(unsigned int t)113 static const char *iommu_domain_type_str(unsigned int t)
114 {
115 switch (t) {
116 case IOMMU_DOMAIN_BLOCKED:
117 return "Blocked";
118 case IOMMU_DOMAIN_IDENTITY:
119 return "Passthrough";
120 case IOMMU_DOMAIN_UNMANAGED:
121 return "Unmanaged";
122 case IOMMU_DOMAIN_DMA:
123 return "Translated";
124 default:
125 return "Unknown";
126 }
127 }
128
iommu_subsys_init(void)129 static int __init iommu_subsys_init(void)
130 {
131 bool cmd_line = iommu_cmd_line_dma_api();
132
133 if (!cmd_line) {
134 if (IS_ENABLED(CONFIG_IOMMU_DEFAULT_PASSTHROUGH))
135 iommu_set_default_passthrough(false);
136 else
137 iommu_set_default_translated(false);
138
139 if (iommu_default_passthrough() && mem_encrypt_active()) {
140 pr_info("Memory encryption detected - Disabling default IOMMU Passthrough\n");
141 iommu_set_default_translated(false);
142 }
143 }
144
145 pr_info("Default domain type: %s %s\n",
146 iommu_domain_type_str(iommu_def_domain_type),
147 cmd_line ? "(set via kernel command line)" : "");
148
149 return 0;
150 }
151 subsys_initcall(iommu_subsys_init);
152
iommu_device_register(struct iommu_device * iommu)153 int iommu_device_register(struct iommu_device *iommu)
154 {
155 spin_lock(&iommu_device_lock);
156 list_add_tail(&iommu->list, &iommu_device_list);
157 spin_unlock(&iommu_device_lock);
158 return 0;
159 }
160 EXPORT_SYMBOL_GPL(iommu_device_register);
161
iommu_device_unregister(struct iommu_device * iommu)162 void iommu_device_unregister(struct iommu_device *iommu)
163 {
164 spin_lock(&iommu_device_lock);
165 list_del(&iommu->list);
166 spin_unlock(&iommu_device_lock);
167 }
168 EXPORT_SYMBOL_GPL(iommu_device_unregister);
169
dev_iommu_get(struct device * dev)170 static struct dev_iommu *dev_iommu_get(struct device *dev)
171 {
172 struct dev_iommu *param = dev->iommu;
173
174 if (param)
175 return param;
176
177 param = kzalloc(sizeof(*param), GFP_KERNEL);
178 if (!param)
179 return NULL;
180
181 mutex_init(¶m->lock);
182 dev->iommu = param;
183 return param;
184 }
185
dev_iommu_free(struct device * dev)186 static void dev_iommu_free(struct device *dev)
187 {
188 iommu_fwspec_free(dev);
189 kfree(dev->iommu);
190 dev->iommu = NULL;
191 }
192
__iommu_probe_device(struct device * dev,struct list_head * group_list)193 static int __iommu_probe_device(struct device *dev, struct list_head *group_list)
194 {
195 const struct iommu_ops *ops = dev->bus->iommu_ops;
196 struct iommu_device *iommu_dev;
197 struct iommu_group *group;
198 int ret;
199
200 if (!ops)
201 return -ENODEV;
202
203 if (!dev_iommu_get(dev))
204 return -ENOMEM;
205
206 if (!try_module_get(ops->owner)) {
207 ret = -EINVAL;
208 goto err_free;
209 }
210
211 iommu_dev = ops->probe_device(dev);
212 if (IS_ERR(iommu_dev)) {
213 ret = PTR_ERR(iommu_dev);
214 goto out_module_put;
215 }
216
217 dev->iommu->iommu_dev = iommu_dev;
218
219 group = iommu_group_get_for_dev(dev);
220 if (IS_ERR(group)) {
221 ret = PTR_ERR(group);
222 goto out_release;
223 }
224 iommu_group_put(group);
225
226 if (group_list && !group->default_domain && list_empty(&group->entry))
227 list_add_tail(&group->entry, group_list);
228
229 iommu_device_link(iommu_dev, dev);
230
231 return 0;
232
233 out_release:
234 ops->release_device(dev);
235
236 out_module_put:
237 module_put(ops->owner);
238
239 err_free:
240 dev_iommu_free(dev);
241
242 return ret;
243 }
244
iommu_probe_device(struct device * dev)245 int iommu_probe_device(struct device *dev)
246 {
247 const struct iommu_ops *ops = dev->bus->iommu_ops;
248 struct iommu_group *group;
249 int ret;
250
251 ret = __iommu_probe_device(dev, NULL);
252 if (ret)
253 goto err_out;
254
255 group = iommu_group_get(dev);
256 if (!group)
257 goto err_release;
258
259 /*
260 * Try to allocate a default domain - needs support from the
261 * IOMMU driver. There are still some drivers which don't
262 * support default domains, so the return value is not yet
263 * checked.
264 */
265 iommu_alloc_default_domain(group, dev);
266
267 if (group->default_domain) {
268 ret = __iommu_attach_device(group->default_domain, dev);
269 if (ret) {
270 iommu_group_put(group);
271 goto err_release;
272 }
273 }
274
275 iommu_create_device_direct_mappings(group, dev);
276
277 iommu_group_put(group);
278
279 if (ops->probe_finalize)
280 ops->probe_finalize(dev);
281
282 return 0;
283
284 err_release:
285 iommu_release_device(dev);
286
287 err_out:
288 return ret;
289
290 }
291
iommu_release_device(struct device * dev)292 void iommu_release_device(struct device *dev)
293 {
294 const struct iommu_ops *ops = dev->bus->iommu_ops;
295
296 if (!dev->iommu)
297 return;
298
299 iommu_device_unlink(dev->iommu->iommu_dev, dev);
300
301 ops->release_device(dev);
302
303 iommu_group_remove_device(dev);
304 module_put(ops->owner);
305 dev_iommu_free(dev);
306 }
307
iommu_set_def_domain_type(char * str)308 static int __init iommu_set_def_domain_type(char *str)
309 {
310 bool pt;
311 int ret;
312
313 ret = kstrtobool(str, &pt);
314 if (ret)
315 return ret;
316
317 if (pt)
318 iommu_set_default_passthrough(true);
319 else
320 iommu_set_default_translated(true);
321
322 return 0;
323 }
324 early_param("iommu.passthrough", iommu_set_def_domain_type);
325
iommu_dma_setup(char * str)326 static int __init iommu_dma_setup(char *str)
327 {
328 return kstrtobool(str, &iommu_dma_strict);
329 }
330 early_param("iommu.strict", iommu_dma_setup);
331
iommu_group_attr_show(struct kobject * kobj,struct attribute * __attr,char * buf)332 static ssize_t iommu_group_attr_show(struct kobject *kobj,
333 struct attribute *__attr, char *buf)
334 {
335 struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
336 struct iommu_group *group = to_iommu_group(kobj);
337 ssize_t ret = -EIO;
338
339 if (attr->show)
340 ret = attr->show(group, buf);
341 return ret;
342 }
343
iommu_group_attr_store(struct kobject * kobj,struct attribute * __attr,const char * buf,size_t count)344 static ssize_t iommu_group_attr_store(struct kobject *kobj,
345 struct attribute *__attr,
346 const char *buf, size_t count)
347 {
348 struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
349 struct iommu_group *group = to_iommu_group(kobj);
350 ssize_t ret = -EIO;
351
352 if (attr->store)
353 ret = attr->store(group, buf, count);
354 return ret;
355 }
356
357 static const struct sysfs_ops iommu_group_sysfs_ops = {
358 .show = iommu_group_attr_show,
359 .store = iommu_group_attr_store,
360 };
361
iommu_group_create_file(struct iommu_group * group,struct iommu_group_attribute * attr)362 static int iommu_group_create_file(struct iommu_group *group,
363 struct iommu_group_attribute *attr)
364 {
365 return sysfs_create_file(&group->kobj, &attr->attr);
366 }
367
iommu_group_remove_file(struct iommu_group * group,struct iommu_group_attribute * attr)368 static void iommu_group_remove_file(struct iommu_group *group,
369 struct iommu_group_attribute *attr)
370 {
371 sysfs_remove_file(&group->kobj, &attr->attr);
372 }
373
iommu_group_show_name(struct iommu_group * group,char * buf)374 static ssize_t iommu_group_show_name(struct iommu_group *group, char *buf)
375 {
376 return sprintf(buf, "%s\n", group->name);
377 }
378
379 /**
380 * iommu_insert_resv_region - Insert a new region in the
381 * list of reserved regions.
382 * @new: new region to insert
383 * @regions: list of regions
384 *
385 * Elements are sorted by start address and overlapping segments
386 * of the same type are merged.
387 */
iommu_insert_resv_region(struct iommu_resv_region * new,struct list_head * regions)388 static int iommu_insert_resv_region(struct iommu_resv_region *new,
389 struct list_head *regions)
390 {
391 struct iommu_resv_region *iter, *tmp, *nr, *top;
392 LIST_HEAD(stack);
393
394 nr = iommu_alloc_resv_region(new->start, new->length,
395 new->prot, new->type);
396 if (!nr)
397 return -ENOMEM;
398
399 /* First add the new element based on start address sorting */
400 list_for_each_entry(iter, regions, list) {
401 if (nr->start < iter->start ||
402 (nr->start == iter->start && nr->type <= iter->type))
403 break;
404 }
405 list_add_tail(&nr->list, &iter->list);
406
407 /* Merge overlapping segments of type nr->type in @regions, if any */
408 list_for_each_entry_safe(iter, tmp, regions, list) {
409 phys_addr_t top_end, iter_end = iter->start + iter->length - 1;
410
411 /* no merge needed on elements of different types than @new */
412 if (iter->type != new->type) {
413 list_move_tail(&iter->list, &stack);
414 continue;
415 }
416
417 /* look for the last stack element of same type as @iter */
418 list_for_each_entry_reverse(top, &stack, list)
419 if (top->type == iter->type)
420 goto check_overlap;
421
422 list_move_tail(&iter->list, &stack);
423 continue;
424
425 check_overlap:
426 top_end = top->start + top->length - 1;
427
428 if (iter->start > top_end + 1) {
429 list_move_tail(&iter->list, &stack);
430 } else {
431 top->length = max(top_end, iter_end) - top->start + 1;
432 list_del(&iter->list);
433 kfree(iter);
434 }
435 }
436 list_splice(&stack, regions);
437 return 0;
438 }
439
440 static int
iommu_insert_device_resv_regions(struct list_head * dev_resv_regions,struct list_head * group_resv_regions)441 iommu_insert_device_resv_regions(struct list_head *dev_resv_regions,
442 struct list_head *group_resv_regions)
443 {
444 struct iommu_resv_region *entry;
445 int ret = 0;
446
447 list_for_each_entry(entry, dev_resv_regions, list) {
448 ret = iommu_insert_resv_region(entry, group_resv_regions);
449 if (ret)
450 break;
451 }
452 return ret;
453 }
454
iommu_get_group_resv_regions(struct iommu_group * group,struct list_head * head)455 int iommu_get_group_resv_regions(struct iommu_group *group,
456 struct list_head *head)
457 {
458 struct group_device *device;
459 int ret = 0;
460
461 mutex_lock(&group->mutex);
462 list_for_each_entry(device, &group->devices, list) {
463 struct list_head dev_resv_regions;
464
465 INIT_LIST_HEAD(&dev_resv_regions);
466 iommu_get_resv_regions(device->dev, &dev_resv_regions);
467 ret = iommu_insert_device_resv_regions(&dev_resv_regions, head);
468 iommu_put_resv_regions(device->dev, &dev_resv_regions);
469 if (ret)
470 break;
471 }
472 mutex_unlock(&group->mutex);
473 return ret;
474 }
475 EXPORT_SYMBOL_GPL(iommu_get_group_resv_regions);
476
iommu_group_show_resv_regions(struct iommu_group * group,char * buf)477 static ssize_t iommu_group_show_resv_regions(struct iommu_group *group,
478 char *buf)
479 {
480 struct iommu_resv_region *region, *next;
481 struct list_head group_resv_regions;
482 char *str = buf;
483
484 INIT_LIST_HEAD(&group_resv_regions);
485 iommu_get_group_resv_regions(group, &group_resv_regions);
486
487 list_for_each_entry_safe(region, next, &group_resv_regions, list) {
488 str += sprintf(str, "0x%016llx 0x%016llx %s\n",
489 (long long int)region->start,
490 (long long int)(region->start +
491 region->length - 1),
492 iommu_group_resv_type_string[region->type]);
493 kfree(region);
494 }
495
496 return (str - buf);
497 }
498
iommu_group_show_type(struct iommu_group * group,char * buf)499 static ssize_t iommu_group_show_type(struct iommu_group *group,
500 char *buf)
501 {
502 char *type = "unknown\n";
503
504 if (group->default_domain) {
505 switch (group->default_domain->type) {
506 case IOMMU_DOMAIN_BLOCKED:
507 type = "blocked\n";
508 break;
509 case IOMMU_DOMAIN_IDENTITY:
510 type = "identity\n";
511 break;
512 case IOMMU_DOMAIN_UNMANAGED:
513 type = "unmanaged\n";
514 break;
515 case IOMMU_DOMAIN_DMA:
516 type = "DMA\n";
517 break;
518 }
519 }
520 strcpy(buf, type);
521
522 return strlen(type);
523 }
524
525 static IOMMU_GROUP_ATTR(name, S_IRUGO, iommu_group_show_name, NULL);
526
527 static IOMMU_GROUP_ATTR(reserved_regions, 0444,
528 iommu_group_show_resv_regions, NULL);
529
530 static IOMMU_GROUP_ATTR(type, 0444, iommu_group_show_type, NULL);
531
iommu_group_release(struct kobject * kobj)532 static void iommu_group_release(struct kobject *kobj)
533 {
534 struct iommu_group *group = to_iommu_group(kobj);
535
536 pr_debug("Releasing group %d\n", group->id);
537
538 if (group->iommu_data_release)
539 group->iommu_data_release(group->iommu_data);
540
541 ida_simple_remove(&iommu_group_ida, group->id);
542
543 if (group->default_domain)
544 iommu_domain_free(group->default_domain);
545
546 kfree(group->name);
547 kfree(group);
548 }
549
550 static struct kobj_type iommu_group_ktype = {
551 .sysfs_ops = &iommu_group_sysfs_ops,
552 .release = iommu_group_release,
553 };
554
555 /**
556 * iommu_group_alloc - Allocate a new group
557 *
558 * This function is called by an iommu driver to allocate a new iommu
559 * group. The iommu group represents the minimum granularity of the iommu.
560 * Upon successful return, the caller holds a reference to the supplied
561 * group in order to hold the group until devices are added. Use
562 * iommu_group_put() to release this extra reference count, allowing the
563 * group to be automatically reclaimed once it has no devices or external
564 * references.
565 */
iommu_group_alloc(void)566 struct iommu_group *iommu_group_alloc(void)
567 {
568 struct iommu_group *group;
569 int ret;
570
571 group = kzalloc(sizeof(*group), GFP_KERNEL);
572 if (!group)
573 return ERR_PTR(-ENOMEM);
574
575 group->kobj.kset = iommu_group_kset;
576 mutex_init(&group->mutex);
577 INIT_LIST_HEAD(&group->devices);
578 INIT_LIST_HEAD(&group->entry);
579 BLOCKING_INIT_NOTIFIER_HEAD(&group->notifier);
580
581 ret = ida_simple_get(&iommu_group_ida, 0, 0, GFP_KERNEL);
582 if (ret < 0) {
583 kfree(group);
584 return ERR_PTR(ret);
585 }
586 group->id = ret;
587
588 ret = kobject_init_and_add(&group->kobj, &iommu_group_ktype,
589 NULL, "%d", group->id);
590 if (ret) {
591 ida_simple_remove(&iommu_group_ida, group->id);
592 kobject_put(&group->kobj);
593 return ERR_PTR(ret);
594 }
595
596 group->devices_kobj = kobject_create_and_add("devices", &group->kobj);
597 if (!group->devices_kobj) {
598 kobject_put(&group->kobj); /* triggers .release & free */
599 return ERR_PTR(-ENOMEM);
600 }
601
602 /*
603 * The devices_kobj holds a reference on the group kobject, so
604 * as long as that exists so will the group. We can therefore
605 * use the devices_kobj for reference counting.
606 */
607 kobject_put(&group->kobj);
608
609 ret = iommu_group_create_file(group,
610 &iommu_group_attr_reserved_regions);
611 if (ret)
612 return ERR_PTR(ret);
613
614 ret = iommu_group_create_file(group, &iommu_group_attr_type);
615 if (ret)
616 return ERR_PTR(ret);
617
618 pr_debug("Allocated group %d\n", group->id);
619
620 return group;
621 }
622 EXPORT_SYMBOL_GPL(iommu_group_alloc);
623
iommu_group_get_by_id(int id)624 struct iommu_group *iommu_group_get_by_id(int id)
625 {
626 struct kobject *group_kobj;
627 struct iommu_group *group;
628 const char *name;
629
630 if (!iommu_group_kset)
631 return NULL;
632
633 name = kasprintf(GFP_KERNEL, "%d", id);
634 if (!name)
635 return NULL;
636
637 group_kobj = kset_find_obj(iommu_group_kset, name);
638 kfree(name);
639
640 if (!group_kobj)
641 return NULL;
642
643 group = container_of(group_kobj, struct iommu_group, kobj);
644 BUG_ON(group->id != id);
645
646 kobject_get(group->devices_kobj);
647 kobject_put(&group->kobj);
648
649 return group;
650 }
651 EXPORT_SYMBOL_GPL(iommu_group_get_by_id);
652
653 /**
654 * iommu_group_get_iommudata - retrieve iommu_data registered for a group
655 * @group: the group
656 *
657 * iommu drivers can store data in the group for use when doing iommu
658 * operations. This function provides a way to retrieve it. Caller
659 * should hold a group reference.
660 */
iommu_group_get_iommudata(struct iommu_group * group)661 void *iommu_group_get_iommudata(struct iommu_group *group)
662 {
663 return group->iommu_data;
664 }
665 EXPORT_SYMBOL_GPL(iommu_group_get_iommudata);
666
667 /**
668 * iommu_group_set_iommudata - set iommu_data for a group
669 * @group: the group
670 * @iommu_data: new data
671 * @release: release function for iommu_data
672 *
673 * iommu drivers can store data in the group for use when doing iommu
674 * operations. This function provides a way to set the data after
675 * the group has been allocated. Caller should hold a group reference.
676 */
iommu_group_set_iommudata(struct iommu_group * group,void * iommu_data,void (* release)(void * iommu_data))677 void iommu_group_set_iommudata(struct iommu_group *group, void *iommu_data,
678 void (*release)(void *iommu_data))
679 {
680 group->iommu_data = iommu_data;
681 group->iommu_data_release = release;
682 }
683 EXPORT_SYMBOL_GPL(iommu_group_set_iommudata);
684
685 /**
686 * iommu_group_set_name - set name for a group
687 * @group: the group
688 * @name: name
689 *
690 * Allow iommu driver to set a name for a group. When set it will
691 * appear in a name attribute file under the group in sysfs.
692 */
iommu_group_set_name(struct iommu_group * group,const char * name)693 int iommu_group_set_name(struct iommu_group *group, const char *name)
694 {
695 int ret;
696
697 if (group->name) {
698 iommu_group_remove_file(group, &iommu_group_attr_name);
699 kfree(group->name);
700 group->name = NULL;
701 if (!name)
702 return 0;
703 }
704
705 group->name = kstrdup(name, GFP_KERNEL);
706 if (!group->name)
707 return -ENOMEM;
708
709 ret = iommu_group_create_file(group, &iommu_group_attr_name);
710 if (ret) {
711 kfree(group->name);
712 group->name = NULL;
713 return ret;
714 }
715
716 return 0;
717 }
718 EXPORT_SYMBOL_GPL(iommu_group_set_name);
719
iommu_create_device_direct_mappings(struct iommu_group * group,struct device * dev)720 static int iommu_create_device_direct_mappings(struct iommu_group *group,
721 struct device *dev)
722 {
723 struct iommu_domain *domain = group->default_domain;
724 struct iommu_resv_region *entry;
725 struct list_head mappings;
726 unsigned long pg_size;
727 int ret = 0;
728
729 if (!domain || domain->type != IOMMU_DOMAIN_DMA)
730 return 0;
731
732 BUG_ON(!domain->pgsize_bitmap);
733
734 pg_size = 1UL << __ffs(domain->pgsize_bitmap);
735 INIT_LIST_HEAD(&mappings);
736
737 iommu_get_resv_regions(dev, &mappings);
738
739 /* We need to consider overlapping regions for different devices */
740 list_for_each_entry(entry, &mappings, list) {
741 dma_addr_t start, end, addr;
742
743 if (domain->ops->apply_resv_region)
744 domain->ops->apply_resv_region(dev, domain, entry);
745
746 start = ALIGN(entry->start, pg_size);
747 end = ALIGN(entry->start + entry->length, pg_size);
748
749 if (entry->type != IOMMU_RESV_DIRECT &&
750 entry->type != IOMMU_RESV_DIRECT_RELAXABLE)
751 continue;
752
753 for (addr = start; addr < end; addr += pg_size) {
754 phys_addr_t phys_addr;
755
756 phys_addr = iommu_iova_to_phys(domain, addr);
757 if (phys_addr)
758 continue;
759
760 ret = iommu_map(domain, addr, addr, pg_size, entry->prot);
761 if (ret)
762 goto out;
763 }
764
765 }
766
767 iommu_flush_iotlb_all(domain);
768
769 out:
770 iommu_put_resv_regions(dev, &mappings);
771
772 return ret;
773 }
774
iommu_is_attach_deferred(struct iommu_domain * domain,struct device * dev)775 static bool iommu_is_attach_deferred(struct iommu_domain *domain,
776 struct device *dev)
777 {
778 if (domain->ops->is_attach_deferred)
779 return domain->ops->is_attach_deferred(domain, dev);
780
781 return false;
782 }
783
784 /**
785 * iommu_group_add_device - add a device to an iommu group
786 * @group: the group into which to add the device (reference should be held)
787 * @dev: the device
788 *
789 * This function is called by an iommu driver to add a device into a
790 * group. Adding a device increments the group reference count.
791 */
iommu_group_add_device(struct iommu_group * group,struct device * dev)792 int iommu_group_add_device(struct iommu_group *group, struct device *dev)
793 {
794 int ret, i = 0;
795 struct group_device *device;
796
797 device = kzalloc(sizeof(*device), GFP_KERNEL);
798 if (!device)
799 return -ENOMEM;
800
801 device->dev = dev;
802
803 ret = sysfs_create_link(&dev->kobj, &group->kobj, "iommu_group");
804 if (ret)
805 goto err_free_device;
806
807 device->name = kasprintf(GFP_KERNEL, "%s", kobject_name(&dev->kobj));
808 rename:
809 if (!device->name) {
810 ret = -ENOMEM;
811 goto err_remove_link;
812 }
813
814 ret = sysfs_create_link_nowarn(group->devices_kobj,
815 &dev->kobj, device->name);
816 if (ret) {
817 if (ret == -EEXIST && i >= 0) {
818 /*
819 * Account for the slim chance of collision
820 * and append an instance to the name.
821 */
822 kfree(device->name);
823 device->name = kasprintf(GFP_KERNEL, "%s.%d",
824 kobject_name(&dev->kobj), i++);
825 goto rename;
826 }
827 goto err_free_name;
828 }
829
830 kobject_get(group->devices_kobj);
831
832 dev->iommu_group = group;
833
834 mutex_lock(&group->mutex);
835 list_add_tail(&device->list, &group->devices);
836 if (group->domain && !iommu_is_attach_deferred(group->domain, dev))
837 ret = __iommu_attach_device(group->domain, dev);
838 mutex_unlock(&group->mutex);
839 if (ret)
840 goto err_put_group;
841
842 /* Notify any listeners about change to group. */
843 blocking_notifier_call_chain(&group->notifier,
844 IOMMU_GROUP_NOTIFY_ADD_DEVICE, dev);
845
846 trace_add_device_to_group(group->id, dev);
847
848 dev_info(dev, "Adding to iommu group %d\n", group->id);
849
850 return 0;
851
852 err_put_group:
853 mutex_lock(&group->mutex);
854 list_del(&device->list);
855 mutex_unlock(&group->mutex);
856 dev->iommu_group = NULL;
857 kobject_put(group->devices_kobj);
858 sysfs_remove_link(group->devices_kobj, device->name);
859 err_free_name:
860 kfree(device->name);
861 err_remove_link:
862 sysfs_remove_link(&dev->kobj, "iommu_group");
863 err_free_device:
864 kfree(device);
865 dev_err(dev, "Failed to add to iommu group %d: %d\n", group->id, ret);
866 return ret;
867 }
868 EXPORT_SYMBOL_GPL(iommu_group_add_device);
869
870 /**
871 * iommu_group_remove_device - remove a device from it's current group
872 * @dev: device to be removed
873 *
874 * This function is called by an iommu driver to remove the device from
875 * it's current group. This decrements the iommu group reference count.
876 */
iommu_group_remove_device(struct device * dev)877 void iommu_group_remove_device(struct device *dev)
878 {
879 struct iommu_group *group = dev->iommu_group;
880 struct group_device *tmp_device, *device = NULL;
881
882 dev_info(dev, "Removing from iommu group %d\n", group->id);
883
884 /* Pre-notify listeners that a device is being removed. */
885 blocking_notifier_call_chain(&group->notifier,
886 IOMMU_GROUP_NOTIFY_DEL_DEVICE, dev);
887
888 mutex_lock(&group->mutex);
889 list_for_each_entry(tmp_device, &group->devices, list) {
890 if (tmp_device->dev == dev) {
891 device = tmp_device;
892 list_del(&device->list);
893 break;
894 }
895 }
896 mutex_unlock(&group->mutex);
897
898 if (!device)
899 return;
900
901 sysfs_remove_link(group->devices_kobj, device->name);
902 sysfs_remove_link(&dev->kobj, "iommu_group");
903
904 trace_remove_device_from_group(group->id, dev);
905
906 kfree(device->name);
907 kfree(device);
908 dev->iommu_group = NULL;
909 kobject_put(group->devices_kobj);
910 }
911 EXPORT_SYMBOL_GPL(iommu_group_remove_device);
912
iommu_group_device_count(struct iommu_group * group)913 static int iommu_group_device_count(struct iommu_group *group)
914 {
915 struct group_device *entry;
916 int ret = 0;
917
918 list_for_each_entry(entry, &group->devices, list)
919 ret++;
920
921 return ret;
922 }
923
924 /**
925 * iommu_group_for_each_dev - iterate over each device in the group
926 * @group: the group
927 * @data: caller opaque data to be passed to callback function
928 * @fn: caller supplied callback function
929 *
930 * This function is called by group users to iterate over group devices.
931 * Callers should hold a reference count to the group during callback.
932 * The group->mutex is held across callbacks, which will block calls to
933 * iommu_group_add/remove_device.
934 */
__iommu_group_for_each_dev(struct iommu_group * group,void * data,int (* fn)(struct device *,void *))935 static int __iommu_group_for_each_dev(struct iommu_group *group, void *data,
936 int (*fn)(struct device *, void *))
937 {
938 struct group_device *device;
939 int ret = 0;
940
941 list_for_each_entry(device, &group->devices, list) {
942 ret = fn(device->dev, data);
943 if (ret)
944 break;
945 }
946 return ret;
947 }
948
949
iommu_group_for_each_dev(struct iommu_group * group,void * data,int (* fn)(struct device *,void *))950 int iommu_group_for_each_dev(struct iommu_group *group, void *data,
951 int (*fn)(struct device *, void *))
952 {
953 int ret;
954
955 mutex_lock(&group->mutex);
956 ret = __iommu_group_for_each_dev(group, data, fn);
957 mutex_unlock(&group->mutex);
958
959 return ret;
960 }
961 EXPORT_SYMBOL_GPL(iommu_group_for_each_dev);
962
963 /**
964 * iommu_group_get - Return the group for a device and increment reference
965 * @dev: get the group that this device belongs to
966 *
967 * This function is called by iommu drivers and users to get the group
968 * for the specified device. If found, the group is returned and the group
969 * reference in incremented, else NULL.
970 */
iommu_group_get(struct device * dev)971 struct iommu_group *iommu_group_get(struct device *dev)
972 {
973 struct iommu_group *group = dev->iommu_group;
974
975 if (group)
976 kobject_get(group->devices_kobj);
977
978 return group;
979 }
980 EXPORT_SYMBOL_GPL(iommu_group_get);
981
982 /**
983 * iommu_group_ref_get - Increment reference on a group
984 * @group: the group to use, must not be NULL
985 *
986 * This function is called by iommu drivers to take additional references on an
987 * existing group. Returns the given group for convenience.
988 */
iommu_group_ref_get(struct iommu_group * group)989 struct iommu_group *iommu_group_ref_get(struct iommu_group *group)
990 {
991 kobject_get(group->devices_kobj);
992 return group;
993 }
994 EXPORT_SYMBOL_GPL(iommu_group_ref_get);
995
996 /**
997 * iommu_group_put - Decrement group reference
998 * @group: the group to use
999 *
1000 * This function is called by iommu drivers and users to release the
1001 * iommu group. Once the reference count is zero, the group is released.
1002 */
iommu_group_put(struct iommu_group * group)1003 void iommu_group_put(struct iommu_group *group)
1004 {
1005 if (group)
1006 kobject_put(group->devices_kobj);
1007 }
1008 EXPORT_SYMBOL_GPL(iommu_group_put);
1009
1010 /**
1011 * iommu_group_register_notifier - Register a notifier for group changes
1012 * @group: the group to watch
1013 * @nb: notifier block to signal
1014 *
1015 * This function allows iommu group users to track changes in a group.
1016 * See include/linux/iommu.h for actions sent via this notifier. Caller
1017 * should hold a reference to the group throughout notifier registration.
1018 */
iommu_group_register_notifier(struct iommu_group * group,struct notifier_block * nb)1019 int iommu_group_register_notifier(struct iommu_group *group,
1020 struct notifier_block *nb)
1021 {
1022 return blocking_notifier_chain_register(&group->notifier, nb);
1023 }
1024 EXPORT_SYMBOL_GPL(iommu_group_register_notifier);
1025
1026 /**
1027 * iommu_group_unregister_notifier - Unregister a notifier
1028 * @group: the group to watch
1029 * @nb: notifier block to signal
1030 *
1031 * Unregister a previously registered group notifier block.
1032 */
iommu_group_unregister_notifier(struct iommu_group * group,struct notifier_block * nb)1033 int iommu_group_unregister_notifier(struct iommu_group *group,
1034 struct notifier_block *nb)
1035 {
1036 return blocking_notifier_chain_unregister(&group->notifier, nb);
1037 }
1038 EXPORT_SYMBOL_GPL(iommu_group_unregister_notifier);
1039
1040 /**
1041 * iommu_register_device_fault_handler() - Register a device fault handler
1042 * @dev: the device
1043 * @handler: the fault handler
1044 * @data: private data passed as argument to the handler
1045 *
1046 * When an IOMMU fault event is received, this handler gets called with the
1047 * fault event and data as argument. The handler should return 0 on success. If
1048 * the fault is recoverable (IOMMU_FAULT_PAGE_REQ), the consumer should also
1049 * complete the fault by calling iommu_page_response() with one of the following
1050 * response code:
1051 * - IOMMU_PAGE_RESP_SUCCESS: retry the translation
1052 * - IOMMU_PAGE_RESP_INVALID: terminate the fault
1053 * - IOMMU_PAGE_RESP_FAILURE: terminate the fault and stop reporting
1054 * page faults if possible.
1055 *
1056 * Return 0 if the fault handler was installed successfully, or an error.
1057 */
iommu_register_device_fault_handler(struct device * dev,iommu_dev_fault_handler_t handler,void * data)1058 int iommu_register_device_fault_handler(struct device *dev,
1059 iommu_dev_fault_handler_t handler,
1060 void *data)
1061 {
1062 struct dev_iommu *param = dev->iommu;
1063 int ret = 0;
1064
1065 if (!param)
1066 return -EINVAL;
1067
1068 mutex_lock(¶m->lock);
1069 /* Only allow one fault handler registered for each device */
1070 if (param->fault_param) {
1071 ret = -EBUSY;
1072 goto done_unlock;
1073 }
1074
1075 get_device(dev);
1076 param->fault_param = kzalloc(sizeof(*param->fault_param), GFP_KERNEL);
1077 if (!param->fault_param) {
1078 put_device(dev);
1079 ret = -ENOMEM;
1080 goto done_unlock;
1081 }
1082 param->fault_param->handler = handler;
1083 param->fault_param->data = data;
1084 mutex_init(¶m->fault_param->lock);
1085 INIT_LIST_HEAD(¶m->fault_param->faults);
1086
1087 done_unlock:
1088 mutex_unlock(¶m->lock);
1089
1090 return ret;
1091 }
1092 EXPORT_SYMBOL_GPL(iommu_register_device_fault_handler);
1093
1094 /**
1095 * iommu_unregister_device_fault_handler() - Unregister the device fault handler
1096 * @dev: the device
1097 *
1098 * Remove the device fault handler installed with
1099 * iommu_register_device_fault_handler().
1100 *
1101 * Return 0 on success, or an error.
1102 */
iommu_unregister_device_fault_handler(struct device * dev)1103 int iommu_unregister_device_fault_handler(struct device *dev)
1104 {
1105 struct dev_iommu *param = dev->iommu;
1106 int ret = 0;
1107
1108 if (!param)
1109 return -EINVAL;
1110
1111 mutex_lock(¶m->lock);
1112
1113 if (!param->fault_param)
1114 goto unlock;
1115
1116 /* we cannot unregister handler if there are pending faults */
1117 if (!list_empty(¶m->fault_param->faults)) {
1118 ret = -EBUSY;
1119 goto unlock;
1120 }
1121
1122 kfree(param->fault_param);
1123 param->fault_param = NULL;
1124 put_device(dev);
1125 unlock:
1126 mutex_unlock(¶m->lock);
1127
1128 return ret;
1129 }
1130 EXPORT_SYMBOL_GPL(iommu_unregister_device_fault_handler);
1131
1132 /**
1133 * iommu_report_device_fault() - Report fault event to device driver
1134 * @dev: the device
1135 * @evt: fault event data
1136 *
1137 * Called by IOMMU drivers when a fault is detected, typically in a threaded IRQ
1138 * handler. When this function fails and the fault is recoverable, it is the
1139 * caller's responsibility to complete the fault.
1140 *
1141 * Return 0 on success, or an error.
1142 */
iommu_report_device_fault(struct device * dev,struct iommu_fault_event * evt)1143 int iommu_report_device_fault(struct device *dev, struct iommu_fault_event *evt)
1144 {
1145 struct dev_iommu *param = dev->iommu;
1146 struct iommu_fault_event *evt_pending = NULL;
1147 struct iommu_fault_param *fparam;
1148 int ret = 0;
1149
1150 if (!param || !evt)
1151 return -EINVAL;
1152
1153 /* we only report device fault if there is a handler registered */
1154 mutex_lock(¶m->lock);
1155 fparam = param->fault_param;
1156 if (!fparam || !fparam->handler) {
1157 ret = -EINVAL;
1158 goto done_unlock;
1159 }
1160
1161 if (evt->fault.type == IOMMU_FAULT_PAGE_REQ &&
1162 (evt->fault.prm.flags & IOMMU_FAULT_PAGE_REQUEST_LAST_PAGE)) {
1163 evt_pending = kmemdup(evt, sizeof(struct iommu_fault_event),
1164 GFP_KERNEL);
1165 if (!evt_pending) {
1166 ret = -ENOMEM;
1167 goto done_unlock;
1168 }
1169 mutex_lock(&fparam->lock);
1170 list_add_tail(&evt_pending->list, &fparam->faults);
1171 mutex_unlock(&fparam->lock);
1172 }
1173
1174 ret = fparam->handler(&evt->fault, fparam->data);
1175 if (ret && evt_pending) {
1176 mutex_lock(&fparam->lock);
1177 list_del(&evt_pending->list);
1178 mutex_unlock(&fparam->lock);
1179 kfree(evt_pending);
1180 }
1181 done_unlock:
1182 mutex_unlock(¶m->lock);
1183 return ret;
1184 }
1185 EXPORT_SYMBOL_GPL(iommu_report_device_fault);
1186
iommu_page_response(struct device * dev,struct iommu_page_response * msg)1187 int iommu_page_response(struct device *dev,
1188 struct iommu_page_response *msg)
1189 {
1190 bool needs_pasid;
1191 int ret = -EINVAL;
1192 struct iommu_fault_event *evt;
1193 struct iommu_fault_page_request *prm;
1194 struct dev_iommu *param = dev->iommu;
1195 bool has_pasid = msg->flags & IOMMU_PAGE_RESP_PASID_VALID;
1196 struct iommu_domain *domain = iommu_get_domain_for_dev(dev);
1197
1198 if (!domain || !domain->ops->page_response)
1199 return -ENODEV;
1200
1201 if (!param || !param->fault_param)
1202 return -EINVAL;
1203
1204 if (msg->version != IOMMU_PAGE_RESP_VERSION_1 ||
1205 msg->flags & ~IOMMU_PAGE_RESP_PASID_VALID)
1206 return -EINVAL;
1207
1208 /* Only send response if there is a fault report pending */
1209 mutex_lock(¶m->fault_param->lock);
1210 if (list_empty(¶m->fault_param->faults)) {
1211 dev_warn_ratelimited(dev, "no pending PRQ, drop response\n");
1212 goto done_unlock;
1213 }
1214 /*
1215 * Check if we have a matching page request pending to respond,
1216 * otherwise return -EINVAL
1217 */
1218 list_for_each_entry(evt, ¶m->fault_param->faults, list) {
1219 prm = &evt->fault.prm;
1220 if (prm->grpid != msg->grpid)
1221 continue;
1222
1223 /*
1224 * If the PASID is required, the corresponding request is
1225 * matched using the group ID, the PASID valid bit and the PASID
1226 * value. Otherwise only the group ID matches request and
1227 * response.
1228 */
1229 needs_pasid = prm->flags & IOMMU_FAULT_PAGE_RESPONSE_NEEDS_PASID;
1230 if (needs_pasid && (!has_pasid || msg->pasid != prm->pasid))
1231 continue;
1232
1233 if (!needs_pasid && has_pasid) {
1234 /* No big deal, just clear it. */
1235 msg->flags &= ~IOMMU_PAGE_RESP_PASID_VALID;
1236 msg->pasid = 0;
1237 }
1238
1239 ret = domain->ops->page_response(dev, evt, msg);
1240 list_del(&evt->list);
1241 kfree(evt);
1242 break;
1243 }
1244
1245 done_unlock:
1246 mutex_unlock(¶m->fault_param->lock);
1247 return ret;
1248 }
1249 EXPORT_SYMBOL_GPL(iommu_page_response);
1250
1251 /**
1252 * iommu_group_id - Return ID for a group
1253 * @group: the group to ID
1254 *
1255 * Return the unique ID for the group matching the sysfs group number.
1256 */
iommu_group_id(struct iommu_group * group)1257 int iommu_group_id(struct iommu_group *group)
1258 {
1259 return group->id;
1260 }
1261 EXPORT_SYMBOL_GPL(iommu_group_id);
1262
1263 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
1264 unsigned long *devfns);
1265
1266 /*
1267 * To consider a PCI device isolated, we require ACS to support Source
1268 * Validation, Request Redirection, Completer Redirection, and Upstream
1269 * Forwarding. This effectively means that devices cannot spoof their
1270 * requester ID, requests and completions cannot be redirected, and all
1271 * transactions are forwarded upstream, even as it passes through a
1272 * bridge where the target device is downstream.
1273 */
1274 #define REQ_ACS_FLAGS (PCI_ACS_SV | PCI_ACS_RR | PCI_ACS_CR | PCI_ACS_UF)
1275
1276 /*
1277 * For multifunction devices which are not isolated from each other, find
1278 * all the other non-isolated functions and look for existing groups. For
1279 * each function, we also need to look for aliases to or from other devices
1280 * that may already have a group.
1281 */
get_pci_function_alias_group(struct pci_dev * pdev,unsigned long * devfns)1282 static struct iommu_group *get_pci_function_alias_group(struct pci_dev *pdev,
1283 unsigned long *devfns)
1284 {
1285 struct pci_dev *tmp = NULL;
1286 struct iommu_group *group;
1287
1288 if (!pdev->multifunction || pci_acs_enabled(pdev, REQ_ACS_FLAGS))
1289 return NULL;
1290
1291 for_each_pci_dev(tmp) {
1292 if (tmp == pdev || tmp->bus != pdev->bus ||
1293 PCI_SLOT(tmp->devfn) != PCI_SLOT(pdev->devfn) ||
1294 pci_acs_enabled(tmp, REQ_ACS_FLAGS))
1295 continue;
1296
1297 group = get_pci_alias_group(tmp, devfns);
1298 if (group) {
1299 pci_dev_put(tmp);
1300 return group;
1301 }
1302 }
1303
1304 return NULL;
1305 }
1306
1307 /*
1308 * Look for aliases to or from the given device for existing groups. DMA
1309 * aliases are only supported on the same bus, therefore the search
1310 * space is quite small (especially since we're really only looking at pcie
1311 * device, and therefore only expect multiple slots on the root complex or
1312 * downstream switch ports). It's conceivable though that a pair of
1313 * multifunction devices could have aliases between them that would cause a
1314 * loop. To prevent this, we use a bitmap to track where we've been.
1315 */
get_pci_alias_group(struct pci_dev * pdev,unsigned long * devfns)1316 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
1317 unsigned long *devfns)
1318 {
1319 struct pci_dev *tmp = NULL;
1320 struct iommu_group *group;
1321
1322 if (test_and_set_bit(pdev->devfn & 0xff, devfns))
1323 return NULL;
1324
1325 group = iommu_group_get(&pdev->dev);
1326 if (group)
1327 return group;
1328
1329 for_each_pci_dev(tmp) {
1330 if (tmp == pdev || tmp->bus != pdev->bus)
1331 continue;
1332
1333 /* We alias them or they alias us */
1334 if (pci_devs_are_dma_aliases(pdev, tmp)) {
1335 group = get_pci_alias_group(tmp, devfns);
1336 if (group) {
1337 pci_dev_put(tmp);
1338 return group;
1339 }
1340
1341 group = get_pci_function_alias_group(tmp, devfns);
1342 if (group) {
1343 pci_dev_put(tmp);
1344 return group;
1345 }
1346 }
1347 }
1348
1349 return NULL;
1350 }
1351
1352 struct group_for_pci_data {
1353 struct pci_dev *pdev;
1354 struct iommu_group *group;
1355 };
1356
1357 /*
1358 * DMA alias iterator callback, return the last seen device. Stop and return
1359 * the IOMMU group if we find one along the way.
1360 */
get_pci_alias_or_group(struct pci_dev * pdev,u16 alias,void * opaque)1361 static int get_pci_alias_or_group(struct pci_dev *pdev, u16 alias, void *opaque)
1362 {
1363 struct group_for_pci_data *data = opaque;
1364
1365 data->pdev = pdev;
1366 data->group = iommu_group_get(&pdev->dev);
1367
1368 return data->group != NULL;
1369 }
1370
1371 /*
1372 * Generic device_group call-back function. It just allocates one
1373 * iommu-group per device.
1374 */
generic_device_group(struct device * dev)1375 struct iommu_group *generic_device_group(struct device *dev)
1376 {
1377 return iommu_group_alloc();
1378 }
1379 EXPORT_SYMBOL_GPL(generic_device_group);
1380
1381 /*
1382 * Use standard PCI bus topology, isolation features, and DMA alias quirks
1383 * to find or create an IOMMU group for a device.
1384 */
pci_device_group(struct device * dev)1385 struct iommu_group *pci_device_group(struct device *dev)
1386 {
1387 struct pci_dev *pdev = to_pci_dev(dev);
1388 struct group_for_pci_data data;
1389 struct pci_bus *bus;
1390 struct iommu_group *group = NULL;
1391 u64 devfns[4] = { 0 };
1392
1393 if (WARN_ON(!dev_is_pci(dev)))
1394 return ERR_PTR(-EINVAL);
1395
1396 /*
1397 * Find the upstream DMA alias for the device. A device must not
1398 * be aliased due to topology in order to have its own IOMMU group.
1399 * If we find an alias along the way that already belongs to a
1400 * group, use it.
1401 */
1402 if (pci_for_each_dma_alias(pdev, get_pci_alias_or_group, &data))
1403 return data.group;
1404
1405 pdev = data.pdev;
1406
1407 /*
1408 * Continue upstream from the point of minimum IOMMU granularity
1409 * due to aliases to the point where devices are protected from
1410 * peer-to-peer DMA by PCI ACS. Again, if we find an existing
1411 * group, use it.
1412 */
1413 for (bus = pdev->bus; !pci_is_root_bus(bus); bus = bus->parent) {
1414 if (!bus->self)
1415 continue;
1416
1417 if (pci_acs_path_enabled(bus->self, NULL, REQ_ACS_FLAGS))
1418 break;
1419
1420 pdev = bus->self;
1421
1422 group = iommu_group_get(&pdev->dev);
1423 if (group)
1424 return group;
1425 }
1426
1427 /*
1428 * Look for existing groups on device aliases. If we alias another
1429 * device or another device aliases us, use the same group.
1430 */
1431 group = get_pci_alias_group(pdev, (unsigned long *)devfns);
1432 if (group)
1433 return group;
1434
1435 /*
1436 * Look for existing groups on non-isolated functions on the same
1437 * slot and aliases of those funcions, if any. No need to clear
1438 * the search bitmap, the tested devfns are still valid.
1439 */
1440 group = get_pci_function_alias_group(pdev, (unsigned long *)devfns);
1441 if (group)
1442 return group;
1443
1444 /* No shared group found, allocate new */
1445 return iommu_group_alloc();
1446 }
1447 EXPORT_SYMBOL_GPL(pci_device_group);
1448
1449 /* Get the IOMMU group for device on fsl-mc bus */
fsl_mc_device_group(struct device * dev)1450 struct iommu_group *fsl_mc_device_group(struct device *dev)
1451 {
1452 struct device *cont_dev = fsl_mc_cont_dev(dev);
1453 struct iommu_group *group;
1454
1455 group = iommu_group_get(cont_dev);
1456 if (!group)
1457 group = iommu_group_alloc();
1458 return group;
1459 }
1460 EXPORT_SYMBOL_GPL(fsl_mc_device_group);
1461
iommu_get_def_domain_type(struct device * dev)1462 static int iommu_get_def_domain_type(struct device *dev)
1463 {
1464 const struct iommu_ops *ops = dev->bus->iommu_ops;
1465 unsigned int type = 0;
1466
1467 if (ops->def_domain_type)
1468 type = ops->def_domain_type(dev);
1469
1470 return (type == 0) ? iommu_def_domain_type : type;
1471 }
1472
iommu_group_alloc_default_domain(struct bus_type * bus,struct iommu_group * group,unsigned int type)1473 static int iommu_group_alloc_default_domain(struct bus_type *bus,
1474 struct iommu_group *group,
1475 unsigned int type)
1476 {
1477 struct iommu_domain *dom;
1478
1479 dom = __iommu_domain_alloc(bus, type);
1480 if (!dom && type != IOMMU_DOMAIN_DMA) {
1481 dom = __iommu_domain_alloc(bus, IOMMU_DOMAIN_DMA);
1482 if (dom)
1483 pr_warn("Failed to allocate default IOMMU domain of type %u for group %s - Falling back to IOMMU_DOMAIN_DMA",
1484 type, group->name);
1485 }
1486
1487 if (!dom)
1488 return -ENOMEM;
1489
1490 group->default_domain = dom;
1491 if (!group->domain)
1492 group->domain = dom;
1493
1494 if (!iommu_dma_strict) {
1495 int attr = 1;
1496 iommu_domain_set_attr(dom,
1497 DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE,
1498 &attr);
1499 }
1500
1501 return 0;
1502 }
1503
iommu_alloc_default_domain(struct iommu_group * group,struct device * dev)1504 static int iommu_alloc_default_domain(struct iommu_group *group,
1505 struct device *dev)
1506 {
1507 unsigned int type;
1508
1509 if (group->default_domain)
1510 return 0;
1511
1512 type = iommu_get_def_domain_type(dev);
1513
1514 return iommu_group_alloc_default_domain(dev->bus, group, type);
1515 }
1516
1517 /**
1518 * iommu_group_get_for_dev - Find or create the IOMMU group for a device
1519 * @dev: target device
1520 *
1521 * This function is intended to be called by IOMMU drivers and extended to
1522 * support common, bus-defined algorithms when determining or creating the
1523 * IOMMU group for a device. On success, the caller will hold a reference
1524 * to the returned IOMMU group, which will already include the provided
1525 * device. The reference should be released with iommu_group_put().
1526 */
iommu_group_get_for_dev(struct device * dev)1527 static struct iommu_group *iommu_group_get_for_dev(struct device *dev)
1528 {
1529 const struct iommu_ops *ops = dev->bus->iommu_ops;
1530 struct iommu_group *group;
1531 int ret;
1532
1533 group = iommu_group_get(dev);
1534 if (group)
1535 return group;
1536
1537 if (!ops)
1538 return ERR_PTR(-EINVAL);
1539
1540 group = ops->device_group(dev);
1541 if (WARN_ON_ONCE(group == NULL))
1542 return ERR_PTR(-EINVAL);
1543
1544 if (IS_ERR(group))
1545 return group;
1546
1547 ret = iommu_group_add_device(group, dev);
1548 if (ret)
1549 goto out_put_group;
1550
1551 return group;
1552
1553 out_put_group:
1554 iommu_group_put(group);
1555
1556 return ERR_PTR(ret);
1557 }
1558
iommu_group_default_domain(struct iommu_group * group)1559 struct iommu_domain *iommu_group_default_domain(struct iommu_group *group)
1560 {
1561 return group->default_domain;
1562 }
1563
probe_iommu_group(struct device * dev,void * data)1564 static int probe_iommu_group(struct device *dev, void *data)
1565 {
1566 struct list_head *group_list = data;
1567 struct iommu_group *group;
1568 int ret;
1569
1570 /* Device is probed already if in a group */
1571 group = iommu_group_get(dev);
1572 if (group) {
1573 iommu_group_put(group);
1574 return 0;
1575 }
1576
1577 ret = __iommu_probe_device(dev, group_list);
1578 if (ret == -ENODEV)
1579 ret = 0;
1580
1581 return ret;
1582 }
1583
remove_iommu_group(struct device * dev,void * data)1584 static int remove_iommu_group(struct device *dev, void *data)
1585 {
1586 iommu_release_device(dev);
1587
1588 return 0;
1589 }
1590
iommu_bus_notifier(struct notifier_block * nb,unsigned long action,void * data)1591 static int iommu_bus_notifier(struct notifier_block *nb,
1592 unsigned long action, void *data)
1593 {
1594 unsigned long group_action = 0;
1595 struct device *dev = data;
1596 struct iommu_group *group;
1597
1598 /*
1599 * ADD/DEL call into iommu driver ops if provided, which may
1600 * result in ADD/DEL notifiers to group->notifier
1601 */
1602 if (action == BUS_NOTIFY_ADD_DEVICE) {
1603 int ret;
1604
1605 ret = iommu_probe_device(dev);
1606 return (ret) ? NOTIFY_DONE : NOTIFY_OK;
1607 } else if (action == BUS_NOTIFY_REMOVED_DEVICE) {
1608 iommu_release_device(dev);
1609 return NOTIFY_OK;
1610 }
1611
1612 /*
1613 * Remaining BUS_NOTIFYs get filtered and republished to the
1614 * group, if anyone is listening
1615 */
1616 group = iommu_group_get(dev);
1617 if (!group)
1618 return 0;
1619
1620 switch (action) {
1621 case BUS_NOTIFY_BIND_DRIVER:
1622 group_action = IOMMU_GROUP_NOTIFY_BIND_DRIVER;
1623 break;
1624 case BUS_NOTIFY_BOUND_DRIVER:
1625 group_action = IOMMU_GROUP_NOTIFY_BOUND_DRIVER;
1626 break;
1627 case BUS_NOTIFY_UNBIND_DRIVER:
1628 group_action = IOMMU_GROUP_NOTIFY_UNBIND_DRIVER;
1629 break;
1630 case BUS_NOTIFY_UNBOUND_DRIVER:
1631 group_action = IOMMU_GROUP_NOTIFY_UNBOUND_DRIVER;
1632 break;
1633 }
1634
1635 if (group_action)
1636 blocking_notifier_call_chain(&group->notifier,
1637 group_action, dev);
1638
1639 iommu_group_put(group);
1640 return 0;
1641 }
1642
1643 struct __group_domain_type {
1644 struct device *dev;
1645 unsigned int type;
1646 };
1647
probe_get_default_domain_type(struct device * dev,void * data)1648 static int probe_get_default_domain_type(struct device *dev, void *data)
1649 {
1650 const struct iommu_ops *ops = dev->bus->iommu_ops;
1651 struct __group_domain_type *gtype = data;
1652 unsigned int type = 0;
1653
1654 if (ops->def_domain_type)
1655 type = ops->def_domain_type(dev);
1656
1657 if (type) {
1658 if (gtype->type && gtype->type != type) {
1659 dev_warn(dev, "Device needs domain type %s, but device %s in the same iommu group requires type %s - using default\n",
1660 iommu_domain_type_str(type),
1661 dev_name(gtype->dev),
1662 iommu_domain_type_str(gtype->type));
1663 gtype->type = 0;
1664 }
1665
1666 if (!gtype->dev) {
1667 gtype->dev = dev;
1668 gtype->type = type;
1669 }
1670 }
1671
1672 return 0;
1673 }
1674
probe_alloc_default_domain(struct bus_type * bus,struct iommu_group * group)1675 static void probe_alloc_default_domain(struct bus_type *bus,
1676 struct iommu_group *group)
1677 {
1678 struct __group_domain_type gtype;
1679
1680 memset(>ype, 0, sizeof(gtype));
1681
1682 /* Ask for default domain requirements of all devices in the group */
1683 __iommu_group_for_each_dev(group, >ype,
1684 probe_get_default_domain_type);
1685
1686 if (!gtype.type)
1687 gtype.type = iommu_def_domain_type;
1688
1689 iommu_group_alloc_default_domain(bus, group, gtype.type);
1690
1691 }
1692
iommu_group_do_dma_attach(struct device * dev,void * data)1693 static int iommu_group_do_dma_attach(struct device *dev, void *data)
1694 {
1695 struct iommu_domain *domain = data;
1696 int ret = 0;
1697
1698 if (!iommu_is_attach_deferred(domain, dev))
1699 ret = __iommu_attach_device(domain, dev);
1700
1701 return ret;
1702 }
1703
__iommu_group_dma_attach(struct iommu_group * group)1704 static int __iommu_group_dma_attach(struct iommu_group *group)
1705 {
1706 return __iommu_group_for_each_dev(group, group->default_domain,
1707 iommu_group_do_dma_attach);
1708 }
1709
iommu_group_do_probe_finalize(struct device * dev,void * data)1710 static int iommu_group_do_probe_finalize(struct device *dev, void *data)
1711 {
1712 struct iommu_domain *domain = data;
1713
1714 if (domain->ops->probe_finalize)
1715 domain->ops->probe_finalize(dev);
1716
1717 return 0;
1718 }
1719
__iommu_group_dma_finalize(struct iommu_group * group)1720 static void __iommu_group_dma_finalize(struct iommu_group *group)
1721 {
1722 __iommu_group_for_each_dev(group, group->default_domain,
1723 iommu_group_do_probe_finalize);
1724 }
1725
iommu_do_create_direct_mappings(struct device * dev,void * data)1726 static int iommu_do_create_direct_mappings(struct device *dev, void *data)
1727 {
1728 struct iommu_group *group = data;
1729
1730 iommu_create_device_direct_mappings(group, dev);
1731
1732 return 0;
1733 }
1734
iommu_group_create_direct_mappings(struct iommu_group * group)1735 static int iommu_group_create_direct_mappings(struct iommu_group *group)
1736 {
1737 return __iommu_group_for_each_dev(group, group,
1738 iommu_do_create_direct_mappings);
1739 }
1740
bus_iommu_probe(struct bus_type * bus)1741 int bus_iommu_probe(struct bus_type *bus)
1742 {
1743 struct iommu_group *group, *next;
1744 LIST_HEAD(group_list);
1745 int ret;
1746
1747 /*
1748 * This code-path does not allocate the default domain when
1749 * creating the iommu group, so do it after the groups are
1750 * created.
1751 */
1752 ret = bus_for_each_dev(bus, NULL, &group_list, probe_iommu_group);
1753 if (ret)
1754 return ret;
1755
1756 list_for_each_entry_safe(group, next, &group_list, entry) {
1757 /* Remove item from the list */
1758 list_del_init(&group->entry);
1759
1760 mutex_lock(&group->mutex);
1761
1762 /* Try to allocate default domain */
1763 probe_alloc_default_domain(bus, group);
1764
1765 if (!group->default_domain) {
1766 mutex_unlock(&group->mutex);
1767 continue;
1768 }
1769
1770 iommu_group_create_direct_mappings(group);
1771
1772 ret = __iommu_group_dma_attach(group);
1773
1774 mutex_unlock(&group->mutex);
1775
1776 if (ret)
1777 break;
1778
1779 __iommu_group_dma_finalize(group);
1780 }
1781
1782 return ret;
1783 }
1784
iommu_bus_init(struct bus_type * bus,const struct iommu_ops * ops)1785 static int iommu_bus_init(struct bus_type *bus, const struct iommu_ops *ops)
1786 {
1787 struct notifier_block *nb;
1788 int err;
1789
1790 nb = kzalloc(sizeof(struct notifier_block), GFP_KERNEL);
1791 if (!nb)
1792 return -ENOMEM;
1793
1794 nb->notifier_call = iommu_bus_notifier;
1795
1796 err = bus_register_notifier(bus, nb);
1797 if (err)
1798 goto out_free;
1799
1800 err = bus_iommu_probe(bus);
1801 if (err)
1802 goto out_err;
1803
1804
1805 return 0;
1806
1807 out_err:
1808 /* Clean up */
1809 bus_for_each_dev(bus, NULL, NULL, remove_iommu_group);
1810 bus_unregister_notifier(bus, nb);
1811
1812 out_free:
1813 kfree(nb);
1814
1815 return err;
1816 }
1817
1818 /**
1819 * bus_set_iommu - set iommu-callbacks for the bus
1820 * @bus: bus.
1821 * @ops: the callbacks provided by the iommu-driver
1822 *
1823 * This function is called by an iommu driver to set the iommu methods
1824 * used for a particular bus. Drivers for devices on that bus can use
1825 * the iommu-api after these ops are registered.
1826 * This special function is needed because IOMMUs are usually devices on
1827 * the bus itself, so the iommu drivers are not initialized when the bus
1828 * is set up. With this function the iommu-driver can set the iommu-ops
1829 * afterwards.
1830 */
bus_set_iommu(struct bus_type * bus,const struct iommu_ops * ops)1831 int bus_set_iommu(struct bus_type *bus, const struct iommu_ops *ops)
1832 {
1833 int err;
1834
1835 if (ops == NULL) {
1836 bus->iommu_ops = NULL;
1837 return 0;
1838 }
1839
1840 if (bus->iommu_ops != NULL)
1841 return -EBUSY;
1842
1843 bus->iommu_ops = ops;
1844
1845 /* Do IOMMU specific setup for this bus-type */
1846 err = iommu_bus_init(bus, ops);
1847 if (err)
1848 bus->iommu_ops = NULL;
1849
1850 return err;
1851 }
1852 EXPORT_SYMBOL_GPL(bus_set_iommu);
1853
iommu_present(struct bus_type * bus)1854 bool iommu_present(struct bus_type *bus)
1855 {
1856 return bus->iommu_ops != NULL;
1857 }
1858 EXPORT_SYMBOL_GPL(iommu_present);
1859
iommu_capable(struct bus_type * bus,enum iommu_cap cap)1860 bool iommu_capable(struct bus_type *bus, enum iommu_cap cap)
1861 {
1862 if (!bus->iommu_ops || !bus->iommu_ops->capable)
1863 return false;
1864
1865 return bus->iommu_ops->capable(cap);
1866 }
1867 EXPORT_SYMBOL_GPL(iommu_capable);
1868
1869 /**
1870 * iommu_set_fault_handler() - set a fault handler for an iommu domain
1871 * @domain: iommu domain
1872 * @handler: fault handler
1873 * @token: user data, will be passed back to the fault handler
1874 *
1875 * This function should be used by IOMMU users which want to be notified
1876 * whenever an IOMMU fault happens.
1877 *
1878 * The fault handler itself should return 0 on success, and an appropriate
1879 * error code otherwise.
1880 */
iommu_set_fault_handler(struct iommu_domain * domain,iommu_fault_handler_t handler,void * token)1881 void iommu_set_fault_handler(struct iommu_domain *domain,
1882 iommu_fault_handler_t handler,
1883 void *token)
1884 {
1885 BUG_ON(!domain);
1886
1887 domain->handler = handler;
1888 domain->handler_token = token;
1889 }
1890 EXPORT_SYMBOL_GPL(iommu_set_fault_handler);
1891
__iommu_domain_alloc(struct bus_type * bus,unsigned type)1892 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
1893 unsigned type)
1894 {
1895 struct iommu_domain *domain;
1896
1897 if (bus == NULL || bus->iommu_ops == NULL)
1898 return NULL;
1899
1900 domain = bus->iommu_ops->domain_alloc(type);
1901 if (!domain)
1902 return NULL;
1903
1904 domain->ops = bus->iommu_ops;
1905 domain->type = type;
1906 /* Assume all sizes by default; the driver may override this later */
1907 domain->pgsize_bitmap = bus->iommu_ops->pgsize_bitmap;
1908
1909 return domain;
1910 }
1911
iommu_domain_alloc(struct bus_type * bus)1912 struct iommu_domain *iommu_domain_alloc(struct bus_type *bus)
1913 {
1914 return __iommu_domain_alloc(bus, IOMMU_DOMAIN_UNMANAGED);
1915 }
1916 EXPORT_SYMBOL_GPL(iommu_domain_alloc);
1917
iommu_domain_free(struct iommu_domain * domain)1918 void iommu_domain_free(struct iommu_domain *domain)
1919 {
1920 domain->ops->domain_free(domain);
1921 }
1922 EXPORT_SYMBOL_GPL(iommu_domain_free);
1923
__iommu_attach_device(struct iommu_domain * domain,struct device * dev)1924 static int __iommu_attach_device(struct iommu_domain *domain,
1925 struct device *dev)
1926 {
1927 int ret;
1928
1929 if (unlikely(domain->ops->attach_dev == NULL))
1930 return -ENODEV;
1931
1932 ret = domain->ops->attach_dev(domain, dev);
1933 if (!ret)
1934 trace_attach_device_to_domain(dev);
1935 return ret;
1936 }
1937
iommu_attach_device(struct iommu_domain * domain,struct device * dev)1938 int iommu_attach_device(struct iommu_domain *domain, struct device *dev)
1939 {
1940 struct iommu_group *group;
1941 int ret;
1942
1943 group = iommu_group_get(dev);
1944 if (!group)
1945 return -ENODEV;
1946
1947 /*
1948 * Lock the group to make sure the device-count doesn't
1949 * change while we are attaching
1950 */
1951 mutex_lock(&group->mutex);
1952 ret = -EINVAL;
1953 if (iommu_group_device_count(group) != 1)
1954 goto out_unlock;
1955
1956 ret = __iommu_attach_group(domain, group);
1957
1958 out_unlock:
1959 mutex_unlock(&group->mutex);
1960 iommu_group_put(group);
1961
1962 return ret;
1963 }
1964 EXPORT_SYMBOL_GPL(iommu_attach_device);
1965
1966 /*
1967 * Check flags and other user provided data for valid combinations. We also
1968 * make sure no reserved fields or unused flags are set. This is to ensure
1969 * not breaking userspace in the future when these fields or flags are used.
1970 */
iommu_check_cache_invl_data(struct iommu_cache_invalidate_info * info)1971 static int iommu_check_cache_invl_data(struct iommu_cache_invalidate_info *info)
1972 {
1973 u32 mask;
1974 int i;
1975
1976 if (info->version != IOMMU_CACHE_INVALIDATE_INFO_VERSION_1)
1977 return -EINVAL;
1978
1979 mask = (1 << IOMMU_CACHE_INV_TYPE_NR) - 1;
1980 if (info->cache & ~mask)
1981 return -EINVAL;
1982
1983 if (info->granularity >= IOMMU_INV_GRANU_NR)
1984 return -EINVAL;
1985
1986 switch (info->granularity) {
1987 case IOMMU_INV_GRANU_ADDR:
1988 if (info->cache & IOMMU_CACHE_INV_TYPE_PASID)
1989 return -EINVAL;
1990
1991 mask = IOMMU_INV_ADDR_FLAGS_PASID |
1992 IOMMU_INV_ADDR_FLAGS_ARCHID |
1993 IOMMU_INV_ADDR_FLAGS_LEAF;
1994
1995 if (info->granu.addr_info.flags & ~mask)
1996 return -EINVAL;
1997 break;
1998 case IOMMU_INV_GRANU_PASID:
1999 mask = IOMMU_INV_PASID_FLAGS_PASID |
2000 IOMMU_INV_PASID_FLAGS_ARCHID;
2001 if (info->granu.pasid_info.flags & ~mask)
2002 return -EINVAL;
2003
2004 break;
2005 case IOMMU_INV_GRANU_DOMAIN:
2006 if (info->cache & IOMMU_CACHE_INV_TYPE_DEV_IOTLB)
2007 return -EINVAL;
2008 break;
2009 default:
2010 return -EINVAL;
2011 }
2012
2013 /* Check reserved padding fields */
2014 for (i = 0; i < sizeof(info->padding); i++) {
2015 if (info->padding[i])
2016 return -EINVAL;
2017 }
2018
2019 return 0;
2020 }
2021
iommu_uapi_cache_invalidate(struct iommu_domain * domain,struct device * dev,void __user * uinfo)2022 int iommu_uapi_cache_invalidate(struct iommu_domain *domain, struct device *dev,
2023 void __user *uinfo)
2024 {
2025 struct iommu_cache_invalidate_info inv_info = { 0 };
2026 u32 minsz;
2027 int ret;
2028
2029 if (unlikely(!domain->ops->cache_invalidate))
2030 return -ENODEV;
2031
2032 /*
2033 * No new spaces can be added before the variable sized union, the
2034 * minimum size is the offset to the union.
2035 */
2036 minsz = offsetof(struct iommu_cache_invalidate_info, granu);
2037
2038 /* Copy minsz from user to get flags and argsz */
2039 if (copy_from_user(&inv_info, uinfo, minsz))
2040 return -EFAULT;
2041
2042 /* Fields before the variable size union are mandatory */
2043 if (inv_info.argsz < minsz)
2044 return -EINVAL;
2045
2046 /* PASID and address granu require additional info beyond minsz */
2047 if (inv_info.granularity == IOMMU_INV_GRANU_PASID &&
2048 inv_info.argsz < offsetofend(struct iommu_cache_invalidate_info, granu.pasid_info))
2049 return -EINVAL;
2050
2051 if (inv_info.granularity == IOMMU_INV_GRANU_ADDR &&
2052 inv_info.argsz < offsetofend(struct iommu_cache_invalidate_info, granu.addr_info))
2053 return -EINVAL;
2054
2055 /*
2056 * User might be using a newer UAPI header which has a larger data
2057 * size, we shall support the existing flags within the current
2058 * size. Copy the remaining user data _after_ minsz but not more
2059 * than the current kernel supported size.
2060 */
2061 if (copy_from_user((void *)&inv_info + minsz, uinfo + minsz,
2062 min_t(u32, inv_info.argsz, sizeof(inv_info)) - minsz))
2063 return -EFAULT;
2064
2065 /* Now the argsz is validated, check the content */
2066 ret = iommu_check_cache_invl_data(&inv_info);
2067 if (ret)
2068 return ret;
2069
2070 return domain->ops->cache_invalidate(domain, dev, &inv_info);
2071 }
2072 EXPORT_SYMBOL_GPL(iommu_uapi_cache_invalidate);
2073
iommu_check_bind_data(struct iommu_gpasid_bind_data * data)2074 static int iommu_check_bind_data(struct iommu_gpasid_bind_data *data)
2075 {
2076 u64 mask;
2077 int i;
2078
2079 if (data->version != IOMMU_GPASID_BIND_VERSION_1)
2080 return -EINVAL;
2081
2082 /* Check the range of supported formats */
2083 if (data->format >= IOMMU_PASID_FORMAT_LAST)
2084 return -EINVAL;
2085
2086 /* Check all flags */
2087 mask = IOMMU_SVA_GPASID_VAL;
2088 if (data->flags & ~mask)
2089 return -EINVAL;
2090
2091 /* Check reserved padding fields */
2092 for (i = 0; i < sizeof(data->padding); i++) {
2093 if (data->padding[i])
2094 return -EINVAL;
2095 }
2096
2097 return 0;
2098 }
2099
iommu_sva_prepare_bind_data(void __user * udata,struct iommu_gpasid_bind_data * data)2100 static int iommu_sva_prepare_bind_data(void __user *udata,
2101 struct iommu_gpasid_bind_data *data)
2102 {
2103 u32 minsz;
2104
2105 /*
2106 * No new spaces can be added before the variable sized union, the
2107 * minimum size is the offset to the union.
2108 */
2109 minsz = offsetof(struct iommu_gpasid_bind_data, vendor);
2110
2111 /* Copy minsz from user to get flags and argsz */
2112 if (copy_from_user(data, udata, minsz))
2113 return -EFAULT;
2114
2115 /* Fields before the variable size union are mandatory */
2116 if (data->argsz < minsz)
2117 return -EINVAL;
2118 /*
2119 * User might be using a newer UAPI header, we shall let IOMMU vendor
2120 * driver decide on what size it needs. Since the guest PASID bind data
2121 * can be vendor specific, larger argsz could be the result of extension
2122 * for one vendor but it should not affect another vendor.
2123 * Copy the remaining user data _after_ minsz
2124 */
2125 if (copy_from_user((void *)data + minsz, udata + minsz,
2126 min_t(u32, data->argsz, sizeof(*data)) - minsz))
2127 return -EFAULT;
2128
2129 return iommu_check_bind_data(data);
2130 }
2131
iommu_uapi_sva_bind_gpasid(struct iommu_domain * domain,struct device * dev,void __user * udata)2132 int iommu_uapi_sva_bind_gpasid(struct iommu_domain *domain, struct device *dev,
2133 void __user *udata)
2134 {
2135 struct iommu_gpasid_bind_data data = { 0 };
2136 int ret;
2137
2138 if (unlikely(!domain->ops->sva_bind_gpasid))
2139 return -ENODEV;
2140
2141 ret = iommu_sva_prepare_bind_data(udata, &data);
2142 if (ret)
2143 return ret;
2144
2145 return domain->ops->sva_bind_gpasid(domain, dev, &data);
2146 }
2147 EXPORT_SYMBOL_GPL(iommu_uapi_sva_bind_gpasid);
2148
iommu_sva_unbind_gpasid(struct iommu_domain * domain,struct device * dev,ioasid_t pasid)2149 int iommu_sva_unbind_gpasid(struct iommu_domain *domain, struct device *dev,
2150 ioasid_t pasid)
2151 {
2152 if (unlikely(!domain->ops->sva_unbind_gpasid))
2153 return -ENODEV;
2154
2155 return domain->ops->sva_unbind_gpasid(dev, pasid);
2156 }
2157 EXPORT_SYMBOL_GPL(iommu_sva_unbind_gpasid);
2158
iommu_uapi_sva_unbind_gpasid(struct iommu_domain * domain,struct device * dev,void __user * udata)2159 int iommu_uapi_sva_unbind_gpasid(struct iommu_domain *domain, struct device *dev,
2160 void __user *udata)
2161 {
2162 struct iommu_gpasid_bind_data data = { 0 };
2163 int ret;
2164
2165 if (unlikely(!domain->ops->sva_bind_gpasid))
2166 return -ENODEV;
2167
2168 ret = iommu_sva_prepare_bind_data(udata, &data);
2169 if (ret)
2170 return ret;
2171
2172 return iommu_sva_unbind_gpasid(domain, dev, data.hpasid);
2173 }
2174 EXPORT_SYMBOL_GPL(iommu_uapi_sva_unbind_gpasid);
2175
__iommu_detach_device(struct iommu_domain * domain,struct device * dev)2176 static void __iommu_detach_device(struct iommu_domain *domain,
2177 struct device *dev)
2178 {
2179 if (iommu_is_attach_deferred(domain, dev))
2180 return;
2181
2182 if (unlikely(domain->ops->detach_dev == NULL))
2183 return;
2184
2185 domain->ops->detach_dev(domain, dev);
2186 trace_detach_device_from_domain(dev);
2187 }
2188
iommu_detach_device(struct iommu_domain * domain,struct device * dev)2189 void iommu_detach_device(struct iommu_domain *domain, struct device *dev)
2190 {
2191 struct iommu_group *group;
2192
2193 group = iommu_group_get(dev);
2194 if (!group)
2195 return;
2196
2197 mutex_lock(&group->mutex);
2198 if (iommu_group_device_count(group) != 1) {
2199 WARN_ON(1);
2200 goto out_unlock;
2201 }
2202
2203 __iommu_detach_group(domain, group);
2204
2205 out_unlock:
2206 mutex_unlock(&group->mutex);
2207 iommu_group_put(group);
2208 }
2209 EXPORT_SYMBOL_GPL(iommu_detach_device);
2210
iommu_get_domain_for_dev(struct device * dev)2211 struct iommu_domain *iommu_get_domain_for_dev(struct device *dev)
2212 {
2213 struct iommu_domain *domain;
2214 struct iommu_group *group;
2215
2216 group = iommu_group_get(dev);
2217 if (!group)
2218 return NULL;
2219
2220 domain = group->domain;
2221
2222 iommu_group_put(group);
2223
2224 return domain;
2225 }
2226 EXPORT_SYMBOL_GPL(iommu_get_domain_for_dev);
2227
2228 /*
2229 * For IOMMU_DOMAIN_DMA implementations which already provide their own
2230 * guarantees that the group and its default domain are valid and correct.
2231 */
iommu_get_dma_domain(struct device * dev)2232 struct iommu_domain *iommu_get_dma_domain(struct device *dev)
2233 {
2234 return dev->iommu_group->default_domain;
2235 }
2236
2237 /*
2238 * IOMMU groups are really the natural working unit of the IOMMU, but
2239 * the IOMMU API works on domains and devices. Bridge that gap by
2240 * iterating over the devices in a group. Ideally we'd have a single
2241 * device which represents the requestor ID of the group, but we also
2242 * allow IOMMU drivers to create policy defined minimum sets, where
2243 * the physical hardware may be able to distiguish members, but we
2244 * wish to group them at a higher level (ex. untrusted multi-function
2245 * PCI devices). Thus we attach each device.
2246 */
iommu_group_do_attach_device(struct device * dev,void * data)2247 static int iommu_group_do_attach_device(struct device *dev, void *data)
2248 {
2249 struct iommu_domain *domain = data;
2250
2251 return __iommu_attach_device(domain, dev);
2252 }
2253
__iommu_attach_group(struct iommu_domain * domain,struct iommu_group * group)2254 static int __iommu_attach_group(struct iommu_domain *domain,
2255 struct iommu_group *group)
2256 {
2257 int ret;
2258
2259 if (group->default_domain && group->domain != group->default_domain)
2260 return -EBUSY;
2261
2262 ret = __iommu_group_for_each_dev(group, domain,
2263 iommu_group_do_attach_device);
2264 if (ret == 0)
2265 group->domain = domain;
2266
2267 return ret;
2268 }
2269
iommu_attach_group(struct iommu_domain * domain,struct iommu_group * group)2270 int iommu_attach_group(struct iommu_domain *domain, struct iommu_group *group)
2271 {
2272 int ret;
2273
2274 mutex_lock(&group->mutex);
2275 ret = __iommu_attach_group(domain, group);
2276 mutex_unlock(&group->mutex);
2277
2278 return ret;
2279 }
2280 EXPORT_SYMBOL_GPL(iommu_attach_group);
2281
iommu_group_do_detach_device(struct device * dev,void * data)2282 static int iommu_group_do_detach_device(struct device *dev, void *data)
2283 {
2284 struct iommu_domain *domain = data;
2285
2286 __iommu_detach_device(domain, dev);
2287
2288 return 0;
2289 }
2290
__iommu_detach_group(struct iommu_domain * domain,struct iommu_group * group)2291 static void __iommu_detach_group(struct iommu_domain *domain,
2292 struct iommu_group *group)
2293 {
2294 int ret;
2295
2296 if (!group->default_domain) {
2297 __iommu_group_for_each_dev(group, domain,
2298 iommu_group_do_detach_device);
2299 group->domain = NULL;
2300 return;
2301 }
2302
2303 if (group->domain == group->default_domain)
2304 return;
2305
2306 /* Detach by re-attaching to the default domain */
2307 ret = __iommu_group_for_each_dev(group, group->default_domain,
2308 iommu_group_do_attach_device);
2309 if (ret != 0)
2310 WARN_ON(1);
2311 else
2312 group->domain = group->default_domain;
2313 }
2314
iommu_detach_group(struct iommu_domain * domain,struct iommu_group * group)2315 void iommu_detach_group(struct iommu_domain *domain, struct iommu_group *group)
2316 {
2317 mutex_lock(&group->mutex);
2318 __iommu_detach_group(domain, group);
2319 mutex_unlock(&group->mutex);
2320 }
2321 EXPORT_SYMBOL_GPL(iommu_detach_group);
2322
iommu_iova_to_phys(struct iommu_domain * domain,dma_addr_t iova)2323 phys_addr_t iommu_iova_to_phys(struct iommu_domain *domain, dma_addr_t iova)
2324 {
2325 if (unlikely(domain->ops->iova_to_phys == NULL))
2326 return 0;
2327
2328 return domain->ops->iova_to_phys(domain, iova);
2329 }
2330 EXPORT_SYMBOL_GPL(iommu_iova_to_phys);
2331
iommu_pgsize(struct iommu_domain * domain,unsigned long addr_merge,size_t size)2332 static size_t iommu_pgsize(struct iommu_domain *domain,
2333 unsigned long addr_merge, size_t size)
2334 {
2335 unsigned int pgsize_idx;
2336 size_t pgsize;
2337
2338 /* Max page size that still fits into 'size' */
2339 pgsize_idx = __fls(size);
2340
2341 /* need to consider alignment requirements ? */
2342 if (likely(addr_merge)) {
2343 /* Max page size allowed by address */
2344 unsigned int align_pgsize_idx = __ffs(addr_merge);
2345 pgsize_idx = min(pgsize_idx, align_pgsize_idx);
2346 }
2347
2348 /* build a mask of acceptable page sizes */
2349 pgsize = (1UL << (pgsize_idx + 1)) - 1;
2350
2351 /* throw away page sizes not supported by the hardware */
2352 pgsize &= domain->pgsize_bitmap;
2353
2354 /* make sure we're still sane */
2355 BUG_ON(!pgsize);
2356
2357 /* pick the biggest page */
2358 pgsize_idx = __fls(pgsize);
2359 pgsize = 1UL << pgsize_idx;
2360
2361 return pgsize;
2362 }
2363
__iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot,gfp_t gfp)2364 static int __iommu_map(struct iommu_domain *domain, unsigned long iova,
2365 phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
2366 {
2367 const struct iommu_ops *ops = domain->ops;
2368 unsigned long orig_iova = iova;
2369 unsigned int min_pagesz;
2370 size_t orig_size = size;
2371 phys_addr_t orig_paddr = paddr;
2372 int ret = 0;
2373
2374 if (unlikely(ops->map == NULL ||
2375 domain->pgsize_bitmap == 0UL))
2376 return -ENODEV;
2377
2378 if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
2379 return -EINVAL;
2380
2381 /* find out the minimum page size supported */
2382 min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
2383
2384 /*
2385 * both the virtual address and the physical one, as well as
2386 * the size of the mapping, must be aligned (at least) to the
2387 * size of the smallest page supported by the hardware
2388 */
2389 if (!IS_ALIGNED(iova | paddr | size, min_pagesz)) {
2390 pr_err("unaligned: iova 0x%lx pa %pa size 0x%zx min_pagesz 0x%x\n",
2391 iova, &paddr, size, min_pagesz);
2392 return -EINVAL;
2393 }
2394
2395 pr_debug("map: iova 0x%lx pa %pa size 0x%zx\n", iova, &paddr, size);
2396
2397 while (size) {
2398 size_t pgsize = iommu_pgsize(domain, iova | paddr, size);
2399
2400 pr_debug("mapping: iova 0x%lx pa %pa pgsize 0x%zx\n",
2401 iova, &paddr, pgsize);
2402 ret = ops->map(domain, iova, paddr, pgsize, prot, gfp);
2403
2404 if (ret)
2405 break;
2406
2407 iova += pgsize;
2408 paddr += pgsize;
2409 size -= pgsize;
2410 }
2411
2412 if (ops->iotlb_sync_map)
2413 ops->iotlb_sync_map(domain);
2414
2415 /* unroll mapping in case something went wrong */
2416 if (ret)
2417 iommu_unmap(domain, orig_iova, orig_size - size);
2418 else
2419 trace_map(orig_iova, orig_paddr, orig_size);
2420
2421 return ret;
2422 }
2423
iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot)2424 int iommu_map(struct iommu_domain *domain, unsigned long iova,
2425 phys_addr_t paddr, size_t size, int prot)
2426 {
2427 might_sleep();
2428 return __iommu_map(domain, iova, paddr, size, prot, GFP_KERNEL);
2429 }
2430 EXPORT_SYMBOL_GPL(iommu_map);
2431
iommu_map_atomic(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot)2432 int iommu_map_atomic(struct iommu_domain *domain, unsigned long iova,
2433 phys_addr_t paddr, size_t size, int prot)
2434 {
2435 return __iommu_map(domain, iova, paddr, size, prot, GFP_ATOMIC);
2436 }
2437 EXPORT_SYMBOL_GPL(iommu_map_atomic);
2438
__iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2439 static size_t __iommu_unmap(struct iommu_domain *domain,
2440 unsigned long iova, size_t size,
2441 struct iommu_iotlb_gather *iotlb_gather)
2442 {
2443 const struct iommu_ops *ops = domain->ops;
2444 size_t unmapped_page, unmapped = 0;
2445 unsigned long orig_iova = iova;
2446 unsigned int min_pagesz;
2447
2448 if (unlikely(ops->unmap == NULL ||
2449 domain->pgsize_bitmap == 0UL))
2450 return 0;
2451
2452 if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
2453 return 0;
2454
2455 /* find out the minimum page size supported */
2456 min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
2457
2458 /*
2459 * The virtual address, as well as the size of the mapping, must be
2460 * aligned (at least) to the size of the smallest page supported
2461 * by the hardware
2462 */
2463 if (!IS_ALIGNED(iova | size, min_pagesz)) {
2464 pr_err("unaligned: iova 0x%lx size 0x%zx min_pagesz 0x%x\n",
2465 iova, size, min_pagesz);
2466 return 0;
2467 }
2468
2469 pr_debug("unmap this: iova 0x%lx size 0x%zx\n", iova, size);
2470
2471 /*
2472 * Keep iterating until we either unmap 'size' bytes (or more)
2473 * or we hit an area that isn't mapped.
2474 */
2475 while (unmapped < size) {
2476 size_t pgsize = iommu_pgsize(domain, iova, size - unmapped);
2477
2478 unmapped_page = ops->unmap(domain, iova, pgsize, iotlb_gather);
2479 if (!unmapped_page)
2480 break;
2481
2482 pr_debug("unmapped: iova 0x%lx size 0x%zx\n",
2483 iova, unmapped_page);
2484
2485 iova += unmapped_page;
2486 unmapped += unmapped_page;
2487 }
2488
2489 trace_unmap(orig_iova, size, unmapped);
2490 return unmapped;
2491 }
2492
iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t size)2493 size_t iommu_unmap(struct iommu_domain *domain,
2494 unsigned long iova, size_t size)
2495 {
2496 struct iommu_iotlb_gather iotlb_gather;
2497 size_t ret;
2498
2499 iommu_iotlb_gather_init(&iotlb_gather);
2500 ret = __iommu_unmap(domain, iova, size, &iotlb_gather);
2501 iommu_iotlb_sync(domain, &iotlb_gather);
2502
2503 return ret;
2504 }
2505 EXPORT_SYMBOL_GPL(iommu_unmap);
2506
iommu_unmap_fast(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2507 size_t iommu_unmap_fast(struct iommu_domain *domain,
2508 unsigned long iova, size_t size,
2509 struct iommu_iotlb_gather *iotlb_gather)
2510 {
2511 return __iommu_unmap(domain, iova, size, iotlb_gather);
2512 }
2513 EXPORT_SYMBOL_GPL(iommu_unmap_fast);
2514
__iommu_map_sg(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot,gfp_t gfp)2515 static size_t __iommu_map_sg(struct iommu_domain *domain, unsigned long iova,
2516 struct scatterlist *sg, unsigned int nents, int prot,
2517 gfp_t gfp)
2518 {
2519 size_t len = 0, mapped = 0;
2520 phys_addr_t start;
2521 unsigned int i = 0;
2522 int ret;
2523
2524 while (i <= nents) {
2525 phys_addr_t s_phys = sg_phys(sg);
2526
2527 if (len && s_phys != start + len) {
2528 ret = __iommu_map(domain, iova + mapped, start,
2529 len, prot, gfp);
2530
2531 if (ret)
2532 goto out_err;
2533
2534 mapped += len;
2535 len = 0;
2536 }
2537
2538 if (len) {
2539 len += sg->length;
2540 } else {
2541 len = sg->length;
2542 start = s_phys;
2543 }
2544
2545 if (++i < nents)
2546 sg = sg_next(sg);
2547 }
2548
2549 return mapped;
2550
2551 out_err:
2552 /* undo mappings already done */
2553 iommu_unmap(domain, iova, mapped);
2554
2555 return 0;
2556
2557 }
2558
iommu_map_sg(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot)2559 size_t iommu_map_sg(struct iommu_domain *domain, unsigned long iova,
2560 struct scatterlist *sg, unsigned int nents, int prot)
2561 {
2562 might_sleep();
2563 return __iommu_map_sg(domain, iova, sg, nents, prot, GFP_KERNEL);
2564 }
2565 EXPORT_SYMBOL_GPL(iommu_map_sg);
2566
iommu_map_sg_atomic(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot)2567 size_t iommu_map_sg_atomic(struct iommu_domain *domain, unsigned long iova,
2568 struct scatterlist *sg, unsigned int nents, int prot)
2569 {
2570 return __iommu_map_sg(domain, iova, sg, nents, prot, GFP_ATOMIC);
2571 }
2572 EXPORT_SYMBOL_GPL(iommu_map_sg_atomic);
2573
iommu_domain_window_enable(struct iommu_domain * domain,u32 wnd_nr,phys_addr_t paddr,u64 size,int prot)2574 int iommu_domain_window_enable(struct iommu_domain *domain, u32 wnd_nr,
2575 phys_addr_t paddr, u64 size, int prot)
2576 {
2577 if (unlikely(domain->ops->domain_window_enable == NULL))
2578 return -ENODEV;
2579
2580 return domain->ops->domain_window_enable(domain, wnd_nr, paddr, size,
2581 prot);
2582 }
2583 EXPORT_SYMBOL_GPL(iommu_domain_window_enable);
2584
iommu_domain_window_disable(struct iommu_domain * domain,u32 wnd_nr)2585 void iommu_domain_window_disable(struct iommu_domain *domain, u32 wnd_nr)
2586 {
2587 if (unlikely(domain->ops->domain_window_disable == NULL))
2588 return;
2589
2590 return domain->ops->domain_window_disable(domain, wnd_nr);
2591 }
2592 EXPORT_SYMBOL_GPL(iommu_domain_window_disable);
2593
2594 /**
2595 * report_iommu_fault() - report about an IOMMU fault to the IOMMU framework
2596 * @domain: the iommu domain where the fault has happened
2597 * @dev: the device where the fault has happened
2598 * @iova: the faulting address
2599 * @flags: mmu fault flags (e.g. IOMMU_FAULT_READ/IOMMU_FAULT_WRITE/...)
2600 *
2601 * This function should be called by the low-level IOMMU implementations
2602 * whenever IOMMU faults happen, to allow high-level users, that are
2603 * interested in such events, to know about them.
2604 *
2605 * This event may be useful for several possible use cases:
2606 * - mere logging of the event
2607 * - dynamic TLB/PTE loading
2608 * - if restarting of the faulting device is required
2609 *
2610 * Returns 0 on success and an appropriate error code otherwise (if dynamic
2611 * PTE/TLB loading will one day be supported, implementations will be able
2612 * to tell whether it succeeded or not according to this return value).
2613 *
2614 * Specifically, -ENOSYS is returned if a fault handler isn't installed
2615 * (though fault handlers can also return -ENOSYS, in case they want to
2616 * elicit the default behavior of the IOMMU drivers).
2617 */
report_iommu_fault(struct iommu_domain * domain,struct device * dev,unsigned long iova,int flags)2618 int report_iommu_fault(struct iommu_domain *domain, struct device *dev,
2619 unsigned long iova, int flags)
2620 {
2621 int ret = -ENOSYS;
2622
2623 /*
2624 * if upper layers showed interest and installed a fault handler,
2625 * invoke it.
2626 */
2627 if (domain->handler)
2628 ret = domain->handler(domain, dev, iova, flags,
2629 domain->handler_token);
2630
2631 trace_io_page_fault(dev, iova, flags);
2632 return ret;
2633 }
2634 EXPORT_SYMBOL_GPL(report_iommu_fault);
2635
iommu_init(void)2636 static int __init iommu_init(void)
2637 {
2638 iommu_group_kset = kset_create_and_add("iommu_groups",
2639 NULL, kernel_kobj);
2640 BUG_ON(!iommu_group_kset);
2641
2642 iommu_debugfs_setup();
2643
2644 return 0;
2645 }
2646 core_initcall(iommu_init);
2647
iommu_domain_get_attr(struct iommu_domain * domain,enum iommu_attr attr,void * data)2648 int iommu_domain_get_attr(struct iommu_domain *domain,
2649 enum iommu_attr attr, void *data)
2650 {
2651 struct iommu_domain_geometry *geometry;
2652 bool *paging;
2653 int ret = 0;
2654
2655 switch (attr) {
2656 case DOMAIN_ATTR_GEOMETRY:
2657 geometry = data;
2658 *geometry = domain->geometry;
2659
2660 break;
2661 case DOMAIN_ATTR_PAGING:
2662 paging = data;
2663 *paging = (domain->pgsize_bitmap != 0UL);
2664 break;
2665 default:
2666 if (!domain->ops->domain_get_attr)
2667 return -EINVAL;
2668
2669 ret = domain->ops->domain_get_attr(domain, attr, data);
2670 }
2671
2672 return ret;
2673 }
2674 EXPORT_SYMBOL_GPL(iommu_domain_get_attr);
2675
iommu_domain_set_attr(struct iommu_domain * domain,enum iommu_attr attr,void * data)2676 int iommu_domain_set_attr(struct iommu_domain *domain,
2677 enum iommu_attr attr, void *data)
2678 {
2679 int ret = 0;
2680
2681 switch (attr) {
2682 default:
2683 if (domain->ops->domain_set_attr == NULL)
2684 return -EINVAL;
2685
2686 ret = domain->ops->domain_set_attr(domain, attr, data);
2687 }
2688
2689 return ret;
2690 }
2691 EXPORT_SYMBOL_GPL(iommu_domain_set_attr);
2692
iommu_get_resv_regions(struct device * dev,struct list_head * list)2693 void iommu_get_resv_regions(struct device *dev, struct list_head *list)
2694 {
2695 const struct iommu_ops *ops = dev->bus->iommu_ops;
2696
2697 if (ops && ops->get_resv_regions)
2698 ops->get_resv_regions(dev, list);
2699 }
2700
iommu_put_resv_regions(struct device * dev,struct list_head * list)2701 void iommu_put_resv_regions(struct device *dev, struct list_head *list)
2702 {
2703 const struct iommu_ops *ops = dev->bus->iommu_ops;
2704
2705 if (ops && ops->put_resv_regions)
2706 ops->put_resv_regions(dev, list);
2707 }
2708
2709 /**
2710 * generic_iommu_put_resv_regions - Reserved region driver helper
2711 * @dev: device for which to free reserved regions
2712 * @list: reserved region list for device
2713 *
2714 * IOMMU drivers can use this to implement their .put_resv_regions() callback
2715 * for simple reservations. Memory allocated for each reserved region will be
2716 * freed. If an IOMMU driver allocates additional resources per region, it is
2717 * going to have to implement a custom callback.
2718 */
generic_iommu_put_resv_regions(struct device * dev,struct list_head * list)2719 void generic_iommu_put_resv_regions(struct device *dev, struct list_head *list)
2720 {
2721 struct iommu_resv_region *entry, *next;
2722
2723 list_for_each_entry_safe(entry, next, list, list)
2724 kfree(entry);
2725 }
2726 EXPORT_SYMBOL(generic_iommu_put_resv_regions);
2727
iommu_alloc_resv_region(phys_addr_t start,size_t length,int prot,enum iommu_resv_type type)2728 struct iommu_resv_region *iommu_alloc_resv_region(phys_addr_t start,
2729 size_t length, int prot,
2730 enum iommu_resv_type type)
2731 {
2732 struct iommu_resv_region *region;
2733
2734 region = kzalloc(sizeof(*region), GFP_KERNEL);
2735 if (!region)
2736 return NULL;
2737
2738 INIT_LIST_HEAD(®ion->list);
2739 region->start = start;
2740 region->length = length;
2741 region->prot = prot;
2742 region->type = type;
2743 return region;
2744 }
2745 EXPORT_SYMBOL_GPL(iommu_alloc_resv_region);
2746
iommu_set_default_passthrough(bool cmd_line)2747 void iommu_set_default_passthrough(bool cmd_line)
2748 {
2749 if (cmd_line)
2750 iommu_set_cmd_line_dma_api();
2751
2752 iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY;
2753 }
2754
iommu_set_default_translated(bool cmd_line)2755 void iommu_set_default_translated(bool cmd_line)
2756 {
2757 if (cmd_line)
2758 iommu_set_cmd_line_dma_api();
2759
2760 iommu_def_domain_type = IOMMU_DOMAIN_DMA;
2761 }
2762
iommu_default_passthrough(void)2763 bool iommu_default_passthrough(void)
2764 {
2765 return iommu_def_domain_type == IOMMU_DOMAIN_IDENTITY;
2766 }
2767 EXPORT_SYMBOL_GPL(iommu_default_passthrough);
2768
iommu_ops_from_fwnode(struct fwnode_handle * fwnode)2769 const struct iommu_ops *iommu_ops_from_fwnode(struct fwnode_handle *fwnode)
2770 {
2771 const struct iommu_ops *ops = NULL;
2772 struct iommu_device *iommu;
2773
2774 spin_lock(&iommu_device_lock);
2775 list_for_each_entry(iommu, &iommu_device_list, list)
2776 if (iommu->fwnode == fwnode) {
2777 ops = iommu->ops;
2778 break;
2779 }
2780 spin_unlock(&iommu_device_lock);
2781 return ops;
2782 }
2783
iommu_fwspec_init(struct device * dev,struct fwnode_handle * iommu_fwnode,const struct iommu_ops * ops)2784 int iommu_fwspec_init(struct device *dev, struct fwnode_handle *iommu_fwnode,
2785 const struct iommu_ops *ops)
2786 {
2787 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2788
2789 if (fwspec)
2790 return ops == fwspec->ops ? 0 : -EINVAL;
2791
2792 if (!dev_iommu_get(dev))
2793 return -ENOMEM;
2794
2795 /* Preallocate for the overwhelmingly common case of 1 ID */
2796 fwspec = kzalloc(struct_size(fwspec, ids, 1), GFP_KERNEL);
2797 if (!fwspec)
2798 return -ENOMEM;
2799
2800 of_node_get(to_of_node(iommu_fwnode));
2801 fwspec->iommu_fwnode = iommu_fwnode;
2802 fwspec->ops = ops;
2803 dev_iommu_fwspec_set(dev, fwspec);
2804 return 0;
2805 }
2806 EXPORT_SYMBOL_GPL(iommu_fwspec_init);
2807
iommu_fwspec_free(struct device * dev)2808 void iommu_fwspec_free(struct device *dev)
2809 {
2810 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2811
2812 if (fwspec) {
2813 fwnode_handle_put(fwspec->iommu_fwnode);
2814 kfree(fwspec);
2815 dev_iommu_fwspec_set(dev, NULL);
2816 }
2817 }
2818 EXPORT_SYMBOL_GPL(iommu_fwspec_free);
2819
iommu_fwspec_add_ids(struct device * dev,u32 * ids,int num_ids)2820 int iommu_fwspec_add_ids(struct device *dev, u32 *ids, int num_ids)
2821 {
2822 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2823 int i, new_num;
2824
2825 if (!fwspec)
2826 return -EINVAL;
2827
2828 new_num = fwspec->num_ids + num_ids;
2829 if (new_num > 1) {
2830 fwspec = krealloc(fwspec, struct_size(fwspec, ids, new_num),
2831 GFP_KERNEL);
2832 if (!fwspec)
2833 return -ENOMEM;
2834
2835 dev_iommu_fwspec_set(dev, fwspec);
2836 }
2837
2838 for (i = 0; i < num_ids; i++)
2839 fwspec->ids[fwspec->num_ids + i] = ids[i];
2840
2841 fwspec->num_ids = new_num;
2842 return 0;
2843 }
2844 EXPORT_SYMBOL_GPL(iommu_fwspec_add_ids);
2845
2846 /*
2847 * Per device IOMMU features.
2848 */
iommu_dev_has_feature(struct device * dev,enum iommu_dev_features feat)2849 bool iommu_dev_has_feature(struct device *dev, enum iommu_dev_features feat)
2850 {
2851 const struct iommu_ops *ops = dev->bus->iommu_ops;
2852
2853 if (ops && ops->dev_has_feat)
2854 return ops->dev_has_feat(dev, feat);
2855
2856 return false;
2857 }
2858 EXPORT_SYMBOL_GPL(iommu_dev_has_feature);
2859
iommu_dev_enable_feature(struct device * dev,enum iommu_dev_features feat)2860 int iommu_dev_enable_feature(struct device *dev, enum iommu_dev_features feat)
2861 {
2862 const struct iommu_ops *ops = dev->bus->iommu_ops;
2863
2864 if (ops && ops->dev_enable_feat)
2865 return ops->dev_enable_feat(dev, feat);
2866
2867 return -ENODEV;
2868 }
2869 EXPORT_SYMBOL_GPL(iommu_dev_enable_feature);
2870
2871 /*
2872 * The device drivers should do the necessary cleanups before calling this.
2873 * For example, before disabling the aux-domain feature, the device driver
2874 * should detach all aux-domains. Otherwise, this will return -EBUSY.
2875 */
iommu_dev_disable_feature(struct device * dev,enum iommu_dev_features feat)2876 int iommu_dev_disable_feature(struct device *dev, enum iommu_dev_features feat)
2877 {
2878 const struct iommu_ops *ops = dev->bus->iommu_ops;
2879
2880 if (ops && ops->dev_disable_feat)
2881 return ops->dev_disable_feat(dev, feat);
2882
2883 return -EBUSY;
2884 }
2885 EXPORT_SYMBOL_GPL(iommu_dev_disable_feature);
2886
iommu_dev_feature_enabled(struct device * dev,enum iommu_dev_features feat)2887 bool iommu_dev_feature_enabled(struct device *dev, enum iommu_dev_features feat)
2888 {
2889 const struct iommu_ops *ops = dev->bus->iommu_ops;
2890
2891 if (ops && ops->dev_feat_enabled)
2892 return ops->dev_feat_enabled(dev, feat);
2893
2894 return false;
2895 }
2896 EXPORT_SYMBOL_GPL(iommu_dev_feature_enabled);
2897
2898 /*
2899 * Aux-domain specific attach/detach.
2900 *
2901 * Only works if iommu_dev_feature_enabled(dev, IOMMU_DEV_FEAT_AUX) returns
2902 * true. Also, as long as domains are attached to a device through this
2903 * interface, any tries to call iommu_attach_device() should fail
2904 * (iommu_detach_device() can't fail, so we fail when trying to re-attach).
2905 * This should make us safe against a device being attached to a guest as a
2906 * whole while there are still pasid users on it (aux and sva).
2907 */
iommu_aux_attach_device(struct iommu_domain * domain,struct device * dev)2908 int iommu_aux_attach_device(struct iommu_domain *domain, struct device *dev)
2909 {
2910 int ret = -ENODEV;
2911
2912 if (domain->ops->aux_attach_dev)
2913 ret = domain->ops->aux_attach_dev(domain, dev);
2914
2915 if (!ret)
2916 trace_attach_device_to_domain(dev);
2917
2918 return ret;
2919 }
2920 EXPORT_SYMBOL_GPL(iommu_aux_attach_device);
2921
iommu_aux_detach_device(struct iommu_domain * domain,struct device * dev)2922 void iommu_aux_detach_device(struct iommu_domain *domain, struct device *dev)
2923 {
2924 if (domain->ops->aux_detach_dev) {
2925 domain->ops->aux_detach_dev(domain, dev);
2926 trace_detach_device_from_domain(dev);
2927 }
2928 }
2929 EXPORT_SYMBOL_GPL(iommu_aux_detach_device);
2930
iommu_aux_get_pasid(struct iommu_domain * domain,struct device * dev)2931 int iommu_aux_get_pasid(struct iommu_domain *domain, struct device *dev)
2932 {
2933 int ret = -ENODEV;
2934
2935 if (domain->ops->aux_get_pasid)
2936 ret = domain->ops->aux_get_pasid(domain, dev);
2937
2938 return ret;
2939 }
2940 EXPORT_SYMBOL_GPL(iommu_aux_get_pasid);
2941
2942 /**
2943 * iommu_sva_bind_device() - Bind a process address space to a device
2944 * @dev: the device
2945 * @mm: the mm to bind, caller must hold a reference to it
2946 *
2947 * Create a bond between device and address space, allowing the device to access
2948 * the mm using the returned PASID. If a bond already exists between @device and
2949 * @mm, it is returned and an additional reference is taken. Caller must call
2950 * iommu_sva_unbind_device() to release each reference.
2951 *
2952 * iommu_dev_enable_feature(dev, IOMMU_DEV_FEAT_SVA) must be called first, to
2953 * initialize the required SVA features.
2954 *
2955 * On error, returns an ERR_PTR value.
2956 */
2957 struct iommu_sva *
iommu_sva_bind_device(struct device * dev,struct mm_struct * mm,void * drvdata)2958 iommu_sva_bind_device(struct device *dev, struct mm_struct *mm, void *drvdata)
2959 {
2960 struct iommu_group *group;
2961 struct iommu_sva *handle = ERR_PTR(-EINVAL);
2962 const struct iommu_ops *ops = dev->bus->iommu_ops;
2963
2964 if (!ops || !ops->sva_bind)
2965 return ERR_PTR(-ENODEV);
2966
2967 group = iommu_group_get(dev);
2968 if (!group)
2969 return ERR_PTR(-ENODEV);
2970
2971 /* Ensure device count and domain don't change while we're binding */
2972 mutex_lock(&group->mutex);
2973
2974 /*
2975 * To keep things simple, SVA currently doesn't support IOMMU groups
2976 * with more than one device. Existing SVA-capable systems are not
2977 * affected by the problems that required IOMMU groups (lack of ACS
2978 * isolation, device ID aliasing and other hardware issues).
2979 */
2980 if (iommu_group_device_count(group) != 1)
2981 goto out_unlock;
2982
2983 handle = ops->sva_bind(dev, mm, drvdata);
2984
2985 out_unlock:
2986 mutex_unlock(&group->mutex);
2987 iommu_group_put(group);
2988
2989 return handle;
2990 }
2991 EXPORT_SYMBOL_GPL(iommu_sva_bind_device);
2992
2993 /**
2994 * iommu_sva_unbind_device() - Remove a bond created with iommu_sva_bind_device
2995 * @handle: the handle returned by iommu_sva_bind_device()
2996 *
2997 * Put reference to a bond between device and address space. The device should
2998 * not be issuing any more transaction for this PASID. All outstanding page
2999 * requests for this PASID must have been flushed to the IOMMU.
3000 *
3001 * Returns 0 on success, or an error value
3002 */
iommu_sva_unbind_device(struct iommu_sva * handle)3003 void iommu_sva_unbind_device(struct iommu_sva *handle)
3004 {
3005 struct iommu_group *group;
3006 struct device *dev = handle->dev;
3007 const struct iommu_ops *ops = dev->bus->iommu_ops;
3008
3009 if (!ops || !ops->sva_unbind)
3010 return;
3011
3012 group = iommu_group_get(dev);
3013 if (!group)
3014 return;
3015
3016 mutex_lock(&group->mutex);
3017 ops->sva_unbind(handle);
3018 mutex_unlock(&group->mutex);
3019
3020 iommu_group_put(group);
3021 }
3022 EXPORT_SYMBOL_GPL(iommu_sva_unbind_device);
3023
iommu_sva_get_pasid(struct iommu_sva * handle)3024 u32 iommu_sva_get_pasid(struct iommu_sva *handle)
3025 {
3026 const struct iommu_ops *ops = handle->dev->bus->iommu_ops;
3027
3028 if (!ops || !ops->sva_get_pasid)
3029 return IOMMU_PASID_INVALID;
3030
3031 return ops->sva_get_pasid(handle);
3032 }
3033 EXPORT_SYMBOL_GPL(iommu_sva_get_pasid);
3034
