On Thu, 10 Dec 2020, Rahul Singh wrote: > Based on tag Linux 5.8.18 commit ab435ce49bd1d02e33dfec24f76955dc1196970b > > Directory structure change for the SMMUv3 driver starting from > Linux 5.9, to revert the patches smoothly using the "git revert" command > we decided to choose Linux 5.8.18. > > Only difference between latest stable Linux 5.9.12 and Linux 5.8.18 > SMMUv3 driver is the use of the "fallthrough" keyword. This patch will > be merged once "fallthrough" keyword implementation is available in XEN. > > It's a copy of the Linux SMMUv3 driver. Xen specific code has not > been added yet and code has not been compiled. > > Signed-off-by: Rahul Singh <rahul.si...@arm.com>
Acked-by: Stefano Stabellini <sstabell...@kernel.org> > --- > Changes in v3: > - Import the driver from Linux 5.8.18 as compared to the previous > version where Linux 5.9.8 is used. Linux 5.8.18 has been chosen to > smoothly revert the changes required as directory structure changes > for the SMMUv3 driver starting from 5.9. The only difference between > Linux 5.8.18 and Linux 5.9.8 is the use of fallthrough keyword. > > --- > xen/drivers/passthrough/arm/smmu-v3.c | 4165 +++++++++++++++++++++++++ > 1 file changed, 4165 insertions(+) > create mode 100644 xen/drivers/passthrough/arm/smmu-v3.c > > diff --git a/xen/drivers/passthrough/arm/smmu-v3.c > b/xen/drivers/passthrough/arm/smmu-v3.c > new file mode 100644 > index 0000000000..f578677a5c > --- /dev/null > +++ b/xen/drivers/passthrough/arm/smmu-v3.c > @@ -0,0 +1,4165 @@ > +// SPDX-License-Identifier: GPL-2.0 > +/* > + * IOMMU API for ARM architected SMMUv3 implementations. > + * > + * Copyright (C) 2015 ARM Limited > + * > + * Author: Will Deacon <will.dea...@arm.com> > + * > + * This driver is powered by bad coffee and bombay mix. > + */ > + > +#include <linux/acpi.h> > +#include <linux/acpi_iort.h> > +#include <linux/bitfield.h> > +#include <linux/bitops.h> > +#include <linux/crash_dump.h> > +#include <linux/delay.h> > +#include <linux/dma-iommu.h> > +#include <linux/err.h> > +#include <linux/interrupt.h> > +#include <linux/io-pgtable.h> > +#include <linux/iommu.h> > +#include <linux/iopoll.h> > +#include <linux/module.h> > +#include <linux/msi.h> > +#include <linux/of.h> > +#include <linux/of_address.h> > +#include <linux/of_iommu.h> > +#include <linux/of_platform.h> > +#include <linux/pci.h> > +#include <linux/pci-ats.h> > +#include <linux/platform_device.h> > + > +#include <linux/amba/bus.h> > + > +/* MMIO registers */ > +#define ARM_SMMU_IDR0 0x0 > +#define IDR0_ST_LVL GENMASK(28, 27) > +#define IDR0_ST_LVL_2LVL 1 > +#define IDR0_STALL_MODEL GENMASK(25, 24) > +#define IDR0_STALL_MODEL_STALL 0 > +#define IDR0_STALL_MODEL_FORCE 2 > +#define IDR0_TTENDIAN GENMASK(22, 21) > +#define IDR0_TTENDIAN_MIXED 0 > +#define IDR0_TTENDIAN_LE 2 > +#define IDR0_TTENDIAN_BE 3 > +#define IDR0_CD2L (1 << 19) > +#define IDR0_VMID16 (1 << 18) > +#define IDR0_PRI (1 << 16) > +#define IDR0_SEV (1 << 14) > +#define IDR0_MSI (1 << 13) > +#define IDR0_ASID16 (1 << 12) > +#define IDR0_ATS (1 << 10) > +#define IDR0_HYP (1 << 9) > +#define IDR0_COHACC (1 << 4) > +#define IDR0_TTF GENMASK(3, 2) > +#define IDR0_TTF_AARCH64 2 > +#define IDR0_TTF_AARCH32_64 3 > +#define IDR0_S1P (1 << 1) > +#define IDR0_S2P (1 << 0) > + > +#define ARM_SMMU_IDR1 0x4 > +#define IDR1_TABLES_PRESET (1 << 30) > +#define IDR1_QUEUES_PRESET (1 << 29) > +#define IDR1_REL (1 << 28) > +#define IDR1_CMDQS GENMASK(25, 21) > +#define IDR1_EVTQS GENMASK(20, 16) > +#define IDR1_PRIQS GENMASK(15, 11) > +#define IDR1_SSIDSIZE GENMASK(10, 6) > +#define IDR1_SIDSIZE GENMASK(5, 0) > + > +#define ARM_SMMU_IDR3 0xc > +#define IDR3_RIL (1 << 10) > + > +#define ARM_SMMU_IDR5 0x14 > +#define IDR5_STALL_MAX GENMASK(31, 16) > +#define IDR5_GRAN64K (1 << 6) > +#define IDR5_GRAN16K (1 << 5) > +#define IDR5_GRAN4K (1 << 4) > +#define IDR5_OAS GENMASK(2, 0) > +#define IDR5_OAS_32_BIT 0 > +#define IDR5_OAS_36_BIT 1 > +#define IDR5_OAS_40_BIT 2 > +#define IDR5_OAS_42_BIT 3 > +#define IDR5_OAS_44_BIT 4 > +#define IDR5_OAS_48_BIT 5 > +#define IDR5_OAS_52_BIT 6 > +#define IDR5_VAX GENMASK(11, 10) > +#define IDR5_VAX_52_BIT 1 > + > +#define ARM_SMMU_CR0 0x20 > +#define CR0_ATSCHK (1 << 4) > +#define CR0_CMDQEN (1 << 3) > +#define CR0_EVTQEN (1 << 2) > +#define CR0_PRIQEN (1 << 1) > +#define CR0_SMMUEN (1 << 0) > + > +#define ARM_SMMU_CR0ACK 0x24 > + > +#define ARM_SMMU_CR1 0x28 > +#define CR1_TABLE_SH GENMASK(11, 10) > +#define CR1_TABLE_OC GENMASK(9, 8) > +#define CR1_TABLE_IC GENMASK(7, 6) > +#define CR1_QUEUE_SH GENMASK(5, 4) > +#define CR1_QUEUE_OC GENMASK(3, 2) > +#define CR1_QUEUE_IC GENMASK(1, 0) > +/* CR1 cacheability fields don't quite follow the usual TCR-style encoding */ > +#define CR1_CACHE_NC 0 > +#define CR1_CACHE_WB 1 > +#define CR1_CACHE_WT 2 > + > +#define ARM_SMMU_CR2 0x2c > +#define CR2_PTM (1 << 2) > +#define CR2_RECINVSID (1 << 1) > +#define CR2_E2H (1 << 0) > + > +#define ARM_SMMU_GBPA 0x44 > +#define GBPA_UPDATE (1 << 31) > +#define GBPA_ABORT (1 << 20) > + > +#define ARM_SMMU_IRQ_CTRL 0x50 > +#define IRQ_CTRL_EVTQ_IRQEN (1 << 2) > +#define IRQ_CTRL_PRIQ_IRQEN (1 << 1) > +#define IRQ_CTRL_GERROR_IRQEN (1 << 0) > + > +#define ARM_SMMU_IRQ_CTRLACK 0x54 > + > +#define ARM_SMMU_GERROR 0x60 > +#define GERROR_SFM_ERR (1 << 8) > +#define GERROR_MSI_GERROR_ABT_ERR (1 << 7) > +#define GERROR_MSI_PRIQ_ABT_ERR (1 << 6) > +#define GERROR_MSI_EVTQ_ABT_ERR (1 << 5) > +#define GERROR_MSI_CMDQ_ABT_ERR (1 << 4) > +#define GERROR_PRIQ_ABT_ERR (1 << 3) > +#define GERROR_EVTQ_ABT_ERR (1 << 2) > +#define GERROR_CMDQ_ERR (1 << 0) > +#define GERROR_ERR_MASK 0xfd > + > +#define ARM_SMMU_GERRORN 0x64 > + > +#define ARM_SMMU_GERROR_IRQ_CFG0 0x68 > +#define ARM_SMMU_GERROR_IRQ_CFG1 0x70 > +#define ARM_SMMU_GERROR_IRQ_CFG2 0x74 > + > +#define ARM_SMMU_STRTAB_BASE 0x80 > +#define STRTAB_BASE_RA (1UL << 62) > +#define STRTAB_BASE_ADDR_MASK GENMASK_ULL(51, 6) > + > +#define ARM_SMMU_STRTAB_BASE_CFG 0x88 > +#define STRTAB_BASE_CFG_FMT GENMASK(17, 16) > +#define STRTAB_BASE_CFG_FMT_LINEAR 0 > +#define STRTAB_BASE_CFG_FMT_2LVL 1 > +#define STRTAB_BASE_CFG_SPLIT GENMASK(10, 6) > +#define STRTAB_BASE_CFG_LOG2SIZE GENMASK(5, 0) > + > +#define ARM_SMMU_CMDQ_BASE 0x90 > +#define ARM_SMMU_CMDQ_PROD 0x98 > +#define ARM_SMMU_CMDQ_CONS 0x9c > + > +#define ARM_SMMU_EVTQ_BASE 0xa0 > +#define ARM_SMMU_EVTQ_PROD 0x100a8 > +#define ARM_SMMU_EVTQ_CONS 0x100ac > +#define ARM_SMMU_EVTQ_IRQ_CFG0 0xb0 > +#define ARM_SMMU_EVTQ_IRQ_CFG1 0xb8 > +#define ARM_SMMU_EVTQ_IRQ_CFG2 0xbc > + > +#define ARM_SMMU_PRIQ_BASE 0xc0 > +#define ARM_SMMU_PRIQ_PROD 0x100c8 > +#define ARM_SMMU_PRIQ_CONS 0x100cc > +#define ARM_SMMU_PRIQ_IRQ_CFG0 0xd0 > +#define ARM_SMMU_PRIQ_IRQ_CFG1 0xd8 > +#define ARM_SMMU_PRIQ_IRQ_CFG2 0xdc > + > +#define ARM_SMMU_REG_SZ 0xe00 > + > +/* Common MSI config fields */ > +#define MSI_CFG0_ADDR_MASK GENMASK_ULL(51, 2) > +#define MSI_CFG2_SH GENMASK(5, 4) > +#define MSI_CFG2_MEMATTR GENMASK(3, 0) > + > +/* Common memory attribute values */ > +#define ARM_SMMU_SH_NSH 0 > +#define ARM_SMMU_SH_OSH 2 > +#define ARM_SMMU_SH_ISH 3 > +#define ARM_SMMU_MEMATTR_DEVICE_nGnRE 0x1 > +#define ARM_SMMU_MEMATTR_OIWB 0xf > + > +#define Q_IDX(llq, p) ((p) & ((1 << > (llq)->max_n_shift) - 1)) > +#define Q_WRP(llq, p) ((p) & (1 << > (llq)->max_n_shift)) > +#define Q_OVERFLOW_FLAG (1U << 31) > +#define Q_OVF(p) ((p) & Q_OVERFLOW_FLAG) > +#define Q_ENT(q, p) ((q)->base + \ > + Q_IDX(&((q)->llq), p) * \ > + (q)->ent_dwords) > + > +#define Q_BASE_RWA (1UL << 62) > +#define Q_BASE_ADDR_MASK GENMASK_ULL(51, 5) > +#define Q_BASE_LOG2SIZE GENMASK(4, 0) > + > +/* Ensure DMA allocations are naturally aligned */ > +#ifdef CONFIG_CMA_ALIGNMENT > +#define Q_MAX_SZ_SHIFT (PAGE_SHIFT + > CONFIG_CMA_ALIGNMENT) > +#else > +#define Q_MAX_SZ_SHIFT (PAGE_SHIFT + MAX_ORDER - 1) > +#endif > + > +/* > + * Stream table. > + * > + * Linear: Enough to cover 1 << IDR1.SIDSIZE entries > + * 2lvl: 128k L1 entries, > + * 256 lazy entries per table (each table covers a PCI bus) > + */ > +#define STRTAB_L1_SZ_SHIFT 20 > +#define STRTAB_SPLIT 8 > + > +#define STRTAB_L1_DESC_DWORDS 1 > +#define STRTAB_L1_DESC_SPAN GENMASK_ULL(4, 0) > +#define STRTAB_L1_DESC_L2PTR_MASK GENMASK_ULL(51, 6) > + > +#define STRTAB_STE_DWORDS 8 > +#define STRTAB_STE_0_V (1UL << 0) > +#define STRTAB_STE_0_CFG GENMASK_ULL(3, 1) > +#define STRTAB_STE_0_CFG_ABORT 0 > +#define STRTAB_STE_0_CFG_BYPASS 4 > +#define STRTAB_STE_0_CFG_S1_TRANS 5 > +#define STRTAB_STE_0_CFG_S2_TRANS 6 > + > +#define STRTAB_STE_0_S1FMT GENMASK_ULL(5, 4) > +#define STRTAB_STE_0_S1FMT_LINEAR 0 > +#define STRTAB_STE_0_S1FMT_64K_L2 2 > +#define STRTAB_STE_0_S1CTXPTR_MASK GENMASK_ULL(51, 6) > +#define STRTAB_STE_0_S1CDMAX GENMASK_ULL(63, 59) > + > +#define STRTAB_STE_1_S1DSS GENMASK_ULL(1, 0) > +#define STRTAB_STE_1_S1DSS_TERMINATE 0x0 > +#define STRTAB_STE_1_S1DSS_BYPASS 0x1 > +#define STRTAB_STE_1_S1DSS_SSID0 0x2 > + > +#define STRTAB_STE_1_S1C_CACHE_NC 0UL > +#define STRTAB_STE_1_S1C_CACHE_WBRA 1UL > +#define STRTAB_STE_1_S1C_CACHE_WT 2UL > +#define STRTAB_STE_1_S1C_CACHE_WB 3UL > +#define STRTAB_STE_1_S1CIR GENMASK_ULL(3, 2) > +#define STRTAB_STE_1_S1COR GENMASK_ULL(5, 4) > +#define STRTAB_STE_1_S1CSH GENMASK_ULL(7, 6) > + > +#define STRTAB_STE_1_S1STALLD (1UL << 27) > + > +#define STRTAB_STE_1_EATS GENMASK_ULL(29, 28) > +#define STRTAB_STE_1_EATS_ABT 0UL > +#define STRTAB_STE_1_EATS_TRANS 1UL > +#define STRTAB_STE_1_EATS_S1CHK 2UL > + > +#define STRTAB_STE_1_STRW GENMASK_ULL(31, 30) > +#define STRTAB_STE_1_STRW_NSEL1 0UL > +#define STRTAB_STE_1_STRW_EL2 2UL > + > +#define STRTAB_STE_1_SHCFG GENMASK_ULL(45, 44) > +#define STRTAB_STE_1_SHCFG_INCOMING 1UL > + > +#define STRTAB_STE_2_S2VMID GENMASK_ULL(15, 0) > +#define STRTAB_STE_2_VTCR GENMASK_ULL(50, 32) > +#define STRTAB_STE_2_VTCR_S2T0SZ GENMASK_ULL(5, 0) > +#define STRTAB_STE_2_VTCR_S2SL0 GENMASK_ULL(7, 6) > +#define STRTAB_STE_2_VTCR_S2IR0 GENMASK_ULL(9, 8) > +#define STRTAB_STE_2_VTCR_S2OR0 GENMASK_ULL(11, 10) > +#define STRTAB_STE_2_VTCR_S2SH0 GENMASK_ULL(13, 12) > +#define STRTAB_STE_2_VTCR_S2TG GENMASK_ULL(15, 14) > +#define STRTAB_STE_2_VTCR_S2PS GENMASK_ULL(18, 16) > +#define STRTAB_STE_2_S2AA64 (1UL << 51) > +#define STRTAB_STE_2_S2ENDI (1UL << 52) > +#define STRTAB_STE_2_S2PTW (1UL << 54) > +#define STRTAB_STE_2_S2R (1UL << 58) > + > +#define STRTAB_STE_3_S2TTB_MASK GENMASK_ULL(51, 4) > + > +/* > + * Context descriptors. > + * > + * Linear: when less than 1024 SSIDs are supported > + * 2lvl: at most 1024 L1 entries, > + * 1024 lazy entries per table. > + */ > +#define CTXDESC_SPLIT 10 > +#define CTXDESC_L2_ENTRIES (1 << CTXDESC_SPLIT) > + > +#define CTXDESC_L1_DESC_DWORDS 1 > +#define CTXDESC_L1_DESC_V (1UL << 0) > +#define CTXDESC_L1_DESC_L2PTR_MASK GENMASK_ULL(51, 12) > + > +#define CTXDESC_CD_DWORDS 8 > +#define CTXDESC_CD_0_TCR_T0SZ GENMASK_ULL(5, 0) > +#define CTXDESC_CD_0_TCR_TG0 GENMASK_ULL(7, 6) > +#define CTXDESC_CD_0_TCR_IRGN0 GENMASK_ULL(9, 8) > +#define CTXDESC_CD_0_TCR_ORGN0 GENMASK_ULL(11, 10) > +#define CTXDESC_CD_0_TCR_SH0 GENMASK_ULL(13, 12) > +#define CTXDESC_CD_0_TCR_EPD0 (1ULL << 14) > +#define CTXDESC_CD_0_TCR_EPD1 (1ULL << 30) > + > +#define CTXDESC_CD_0_ENDI (1UL << 15) > +#define CTXDESC_CD_0_V (1UL << 31) > + > +#define CTXDESC_CD_0_TCR_IPS GENMASK_ULL(34, 32) > +#define CTXDESC_CD_0_TCR_TBI0 (1ULL << 38) > + > +#define CTXDESC_CD_0_AA64 (1UL << 41) > +#define CTXDESC_CD_0_S (1UL << 44) > +#define CTXDESC_CD_0_R (1UL << 45) > +#define CTXDESC_CD_0_A (1UL << 46) > +#define CTXDESC_CD_0_ASET (1UL << 47) > +#define CTXDESC_CD_0_ASID GENMASK_ULL(63, 48) > + > +#define CTXDESC_CD_1_TTB0_MASK GENMASK_ULL(51, 4) > + > +/* > + * When the SMMU only supports linear context descriptor tables, pick a > + * reasonable size limit (64kB). > + */ > +#define CTXDESC_LINEAR_CDMAX ilog2(SZ_64K / (CTXDESC_CD_DWORDS << 3)) > + > +/* Command queue */ > +#define CMDQ_ENT_SZ_SHIFT 4 > +#define CMDQ_ENT_DWORDS ((1 << CMDQ_ENT_SZ_SHIFT) >> 3) > +#define CMDQ_MAX_SZ_SHIFT (Q_MAX_SZ_SHIFT - CMDQ_ENT_SZ_SHIFT) > + > +#define CMDQ_CONS_ERR GENMASK(30, 24) > +#define CMDQ_ERR_CERROR_NONE_IDX 0 > +#define CMDQ_ERR_CERROR_ILL_IDX 1 > +#define CMDQ_ERR_CERROR_ABT_IDX 2 > +#define CMDQ_ERR_CERROR_ATC_INV_IDX 3 > + > +#define CMDQ_PROD_OWNED_FLAG Q_OVERFLOW_FLAG > + > +/* > + * This is used to size the command queue and therefore must be at least > + * BITS_PER_LONG so that the valid_map works correctly (it relies on the > + * total number of queue entries being a multiple of BITS_PER_LONG). > + */ > +#define CMDQ_BATCH_ENTRIES BITS_PER_LONG > + > +#define CMDQ_0_OP GENMASK_ULL(7, 0) > +#define CMDQ_0_SSV (1UL << 11) > + > +#define CMDQ_PREFETCH_0_SID GENMASK_ULL(63, 32) > +#define CMDQ_PREFETCH_1_SIZE GENMASK_ULL(4, 0) > +#define CMDQ_PREFETCH_1_ADDR_MASK GENMASK_ULL(63, 12) > + > +#define CMDQ_CFGI_0_SSID GENMASK_ULL(31, 12) > +#define CMDQ_CFGI_0_SID GENMASK_ULL(63, 32) > +#define CMDQ_CFGI_1_LEAF (1UL << 0) > +#define CMDQ_CFGI_1_RANGE GENMASK_ULL(4, 0) > + > +#define CMDQ_TLBI_0_NUM GENMASK_ULL(16, 12) > +#define CMDQ_TLBI_RANGE_NUM_MAX 31 > +#define CMDQ_TLBI_0_SCALE GENMASK_ULL(24, 20) > +#define CMDQ_TLBI_0_VMID GENMASK_ULL(47, 32) > +#define CMDQ_TLBI_0_ASID GENMASK_ULL(63, 48) > +#define CMDQ_TLBI_1_LEAF (1UL << 0) > +#define CMDQ_TLBI_1_TTL GENMASK_ULL(9, 8) > +#define CMDQ_TLBI_1_TG GENMASK_ULL(11, 10) > +#define CMDQ_TLBI_1_VA_MASK GENMASK_ULL(63, 12) > +#define CMDQ_TLBI_1_IPA_MASK GENMASK_ULL(51, 12) > + > +#define CMDQ_ATC_0_SSID GENMASK_ULL(31, 12) > +#define CMDQ_ATC_0_SID GENMASK_ULL(63, 32) > +#define CMDQ_ATC_0_GLOBAL (1UL << 9) > +#define CMDQ_ATC_1_SIZE GENMASK_ULL(5, 0) > +#define CMDQ_ATC_1_ADDR_MASK GENMASK_ULL(63, 12) > + > +#define CMDQ_PRI_0_SSID GENMASK_ULL(31, 12) > +#define CMDQ_PRI_0_SID GENMASK_ULL(63, 32) > +#define CMDQ_PRI_1_GRPID GENMASK_ULL(8, 0) > +#define CMDQ_PRI_1_RESP GENMASK_ULL(13, 12) > + > +#define CMDQ_SYNC_0_CS GENMASK_ULL(13, 12) > +#define CMDQ_SYNC_0_CS_NONE 0 > +#define CMDQ_SYNC_0_CS_IRQ 1 > +#define CMDQ_SYNC_0_CS_SEV 2 > +#define CMDQ_SYNC_0_MSH GENMASK_ULL(23, 22) > +#define CMDQ_SYNC_0_MSIATTR GENMASK_ULL(27, 24) > +#define CMDQ_SYNC_0_MSIDATA GENMASK_ULL(63, 32) > +#define CMDQ_SYNC_1_MSIADDR_MASK GENMASK_ULL(51, 2) > + > +/* Event queue */ > +#define EVTQ_ENT_SZ_SHIFT 5 > +#define EVTQ_ENT_DWORDS ((1 << EVTQ_ENT_SZ_SHIFT) >> 3) > +#define EVTQ_MAX_SZ_SHIFT (Q_MAX_SZ_SHIFT - EVTQ_ENT_SZ_SHIFT) > + > +#define EVTQ_0_ID GENMASK_ULL(7, 0) > + > +/* PRI queue */ > +#define PRIQ_ENT_SZ_SHIFT 4 > +#define PRIQ_ENT_DWORDS ((1 << PRIQ_ENT_SZ_SHIFT) >> 3) > +#define PRIQ_MAX_SZ_SHIFT (Q_MAX_SZ_SHIFT - PRIQ_ENT_SZ_SHIFT) > + > +#define PRIQ_0_SID GENMASK_ULL(31, 0) > +#define PRIQ_0_SSID GENMASK_ULL(51, 32) > +#define PRIQ_0_PERM_PRIV (1UL << 58) > +#define PRIQ_0_PERM_EXEC (1UL << 59) > +#define PRIQ_0_PERM_READ (1UL << 60) > +#define PRIQ_0_PERM_WRITE (1UL << 61) > +#define PRIQ_0_PRG_LAST (1UL << 62) > +#define PRIQ_0_SSID_V (1UL << 63) > + > +#define PRIQ_1_PRG_IDX GENMASK_ULL(8, 0) > +#define PRIQ_1_ADDR_MASK GENMASK_ULL(63, 12) > + > +/* High-level queue structures */ > +#define ARM_SMMU_POLL_TIMEOUT_US 1000000 /* 1s! */ > +#define ARM_SMMU_POLL_SPIN_COUNT 10 > + > +#define MSI_IOVA_BASE 0x8000000 > +#define MSI_IOVA_LENGTH 0x100000 > + > +static bool disable_bypass = 1; > +module_param_named(disable_bypass, disable_bypass, bool, S_IRUGO); > +MODULE_PARM_DESC(disable_bypass, > + "Disable bypass streams such that incoming transactions from devices > that are not attached to an iommu domain will report an abort back to the > device and will not be allowed to pass through the SMMU."); > + > +enum pri_resp { > + PRI_RESP_DENY = 0, > + PRI_RESP_FAIL = 1, > + PRI_RESP_SUCC = 2, > +}; > + > +enum arm_smmu_msi_index { > + EVTQ_MSI_INDEX, > + GERROR_MSI_INDEX, > + PRIQ_MSI_INDEX, > + ARM_SMMU_MAX_MSIS, > +}; > + > +static phys_addr_t arm_smmu_msi_cfg[ARM_SMMU_MAX_MSIS][3] = { > + [EVTQ_MSI_INDEX] = { > + ARM_SMMU_EVTQ_IRQ_CFG0, > + ARM_SMMU_EVTQ_IRQ_CFG1, > + ARM_SMMU_EVTQ_IRQ_CFG2, > + }, > + [GERROR_MSI_INDEX] = { > + ARM_SMMU_GERROR_IRQ_CFG0, > + ARM_SMMU_GERROR_IRQ_CFG1, > + ARM_SMMU_GERROR_IRQ_CFG2, > + }, > + [PRIQ_MSI_INDEX] = { > + ARM_SMMU_PRIQ_IRQ_CFG0, > + ARM_SMMU_PRIQ_IRQ_CFG1, > + ARM_SMMU_PRIQ_IRQ_CFG2, > + }, > +}; > + > +struct arm_smmu_cmdq_ent { > + /* Common fields */ > + u8 opcode; > + bool substream_valid; > + > + /* Command-specific fields */ > + union { > + #define CMDQ_OP_PREFETCH_CFG 0x1 > + struct { > + u32 sid; > + u8 size; > + u64 addr; > + } prefetch; > + > + #define CMDQ_OP_CFGI_STE 0x3 > + #define CMDQ_OP_CFGI_ALL 0x4 > + #define CMDQ_OP_CFGI_CD 0x5 > + #define CMDQ_OP_CFGI_CD_ALL 0x6 > + struct { > + u32 sid; > + u32 ssid; > + union { > + bool leaf; > + u8 span; > + }; > + } cfgi; > + > + #define CMDQ_OP_TLBI_NH_ASID 0x11 > + #define CMDQ_OP_TLBI_NH_VA 0x12 > + #define CMDQ_OP_TLBI_EL2_ALL 0x20 > + #define CMDQ_OP_TLBI_S12_VMALL 0x28 > + #define CMDQ_OP_TLBI_S2_IPA 0x2a > + #define CMDQ_OP_TLBI_NSNH_ALL 0x30 > + struct { > + u8 num; > + u8 scale; > + u16 asid; > + u16 vmid; > + bool leaf; > + u8 ttl; > + u8 tg; > + u64 addr; > + } tlbi; > + > + #define CMDQ_OP_ATC_INV 0x40 > + #define ATC_INV_SIZE_ALL 52 > + struct { > + u32 sid; > + u32 ssid; > + u64 addr; > + u8 size; > + bool global; > + } atc; > + > + #define CMDQ_OP_PRI_RESP 0x41 > + struct { > + u32 sid; > + u32 ssid; > + u16 grpid; > + enum pri_resp resp; > + } pri; > + > + #define CMDQ_OP_CMD_SYNC 0x46 > + struct { > + u64 msiaddr; > + } sync; > + }; > +}; > + > +struct arm_smmu_ll_queue { > + union { > + u64 val; > + struct { > + u32 prod; > + u32 cons; > + }; > + struct { > + atomic_t prod; > + atomic_t cons; > + } atomic; > + u8 __pad[SMP_CACHE_BYTES]; > + } ____cacheline_aligned_in_smp; > + u32 max_n_shift; > +}; > + > +struct arm_smmu_queue { > + struct arm_smmu_ll_queue llq; > + int irq; /* Wired interrupt */ > + > + __le64 *base; > + dma_addr_t base_dma; > + u64 q_base; > + > + size_t ent_dwords; > + > + u32 __iomem *prod_reg; > + u32 __iomem *cons_reg; > +}; > + > +struct arm_smmu_queue_poll { > + ktime_t timeout; > + unsigned int delay; > + unsigned int spin_cnt; > + bool wfe; > +}; > + > +struct arm_smmu_cmdq { > + struct arm_smmu_queue q; > + atomic_long_t *valid_map; > + atomic_t owner_prod; > + atomic_t lock; > +}; > + > +struct arm_smmu_cmdq_batch { > + u64 cmds[CMDQ_BATCH_ENTRIES * > CMDQ_ENT_DWORDS]; > + int num; > +}; > + > +struct arm_smmu_evtq { > + struct arm_smmu_queue q; > + u32 max_stalls; > +}; > + > +struct arm_smmu_priq { > + struct arm_smmu_queue q; > +}; > + > +/* High-level stream table and context descriptor structures */ > +struct arm_smmu_strtab_l1_desc { > + u8 span; > + > + __le64 *l2ptr; > + dma_addr_t l2ptr_dma; > +}; > + > +struct arm_smmu_ctx_desc { > + u16 asid; > + u64 ttbr; > + u64 tcr; > + u64 mair; > +}; > + > +struct arm_smmu_l1_ctx_desc { > + __le64 *l2ptr; > + dma_addr_t l2ptr_dma; > +}; > + > +struct arm_smmu_ctx_desc_cfg { > + __le64 *cdtab; > + dma_addr_t cdtab_dma; > + struct arm_smmu_l1_ctx_desc *l1_desc; > + unsigned int num_l1_ents; > +}; > + > +struct arm_smmu_s1_cfg { > + struct arm_smmu_ctx_desc_cfg cdcfg; > + struct arm_smmu_ctx_desc cd; > + u8 s1fmt; > + u8 s1cdmax; > +}; > + > +struct arm_smmu_s2_cfg { > + u16 vmid; > + u64 vttbr; > + u64 vtcr; > +}; > + > +struct arm_smmu_strtab_cfg { > + __le64 *strtab; > + dma_addr_t strtab_dma; > + struct arm_smmu_strtab_l1_desc *l1_desc; > + unsigned int num_l1_ents; > + > + u64 strtab_base; > + u32 strtab_base_cfg; > +}; > + > +/* An SMMUv3 instance */ > +struct arm_smmu_device { > + struct device *dev; > + void __iomem *base; > + void __iomem *page1; > + > +#define ARM_SMMU_FEAT_2_LVL_STRTAB (1 << 0) > +#define ARM_SMMU_FEAT_2_LVL_CDTAB (1 << 1) > +#define ARM_SMMU_FEAT_TT_LE (1 << 2) > +#define ARM_SMMU_FEAT_TT_BE (1 << 3) > +#define ARM_SMMU_FEAT_PRI (1 << 4) > +#define ARM_SMMU_FEAT_ATS (1 << 5) > +#define ARM_SMMU_FEAT_SEV (1 << 6) > +#define ARM_SMMU_FEAT_MSI (1 << 7) > +#define ARM_SMMU_FEAT_COHERENCY (1 << 8) > +#define ARM_SMMU_FEAT_TRANS_S1 (1 << 9) > +#define ARM_SMMU_FEAT_TRANS_S2 (1 << 10) > +#define ARM_SMMU_FEAT_STALLS (1 << 11) > +#define ARM_SMMU_FEAT_HYP (1 << 12) > +#define ARM_SMMU_FEAT_STALL_FORCE (1 << 13) > +#define ARM_SMMU_FEAT_VAX (1 << 14) > +#define ARM_SMMU_FEAT_RANGE_INV (1 << 15) > + u32 features; > + > +#define ARM_SMMU_OPT_SKIP_PREFETCH (1 << 0) > +#define ARM_SMMU_OPT_PAGE0_REGS_ONLY (1 << 1) > + u32 options; > + > + struct arm_smmu_cmdq cmdq; > + struct arm_smmu_evtq evtq; > + struct arm_smmu_priq priq; > + > + int gerr_irq; > + int combined_irq; > + > + unsigned long ias; /* IPA */ > + unsigned long oas; /* PA */ > + unsigned long pgsize_bitmap; > + > +#define ARM_SMMU_MAX_ASIDS (1 << 16) > + unsigned int asid_bits; > + > +#define ARM_SMMU_MAX_VMIDS (1 << 16) > + unsigned int vmid_bits; > + DECLARE_BITMAP(vmid_map, ARM_SMMU_MAX_VMIDS); > + > + unsigned int ssid_bits; > + unsigned int sid_bits; > + > + struct arm_smmu_strtab_cfg strtab_cfg; > + > + /* IOMMU core code handle */ > + struct iommu_device iommu; > +}; > + > +/* SMMU private data for each master */ > +struct arm_smmu_master { > + struct arm_smmu_device *smmu; > + struct device *dev; > + struct arm_smmu_domain *domain; > + struct list_head domain_head; > + u32 *sids; > + unsigned int num_sids; > + bool ats_enabled; > + unsigned int ssid_bits; > +}; > + > +/* SMMU private data for an IOMMU domain */ > +enum arm_smmu_domain_stage { > + ARM_SMMU_DOMAIN_S1 = 0, > + ARM_SMMU_DOMAIN_S2, > + ARM_SMMU_DOMAIN_NESTED, > + ARM_SMMU_DOMAIN_BYPASS, > +}; > + > +struct arm_smmu_domain { > + struct arm_smmu_device *smmu; > + struct mutex init_mutex; /* Protects smmu pointer */ > + > + struct io_pgtable_ops *pgtbl_ops; > + bool non_strict; > + atomic_t nr_ats_masters; > + > + enum arm_smmu_domain_stage stage; > + union { > + struct arm_smmu_s1_cfg s1_cfg; > + struct arm_smmu_s2_cfg s2_cfg; > + }; > + > + struct iommu_domain domain; > + > + struct list_head devices; > + spinlock_t devices_lock; > +}; > + > +struct arm_smmu_option_prop { > + u32 opt; > + const char *prop; > +}; > + > +static DEFINE_XARRAY_ALLOC1(asid_xa); > + > +static struct arm_smmu_option_prop arm_smmu_options[] = { > + { ARM_SMMU_OPT_SKIP_PREFETCH, "hisilicon,broken-prefetch-cmd" }, > + { ARM_SMMU_OPT_PAGE0_REGS_ONLY, "cavium,cn9900-broken-page1-regspace"}, > + { 0, NULL}, > +}; > + > +static inline void __iomem *arm_smmu_page1_fixup(unsigned long offset, > + struct arm_smmu_device *smmu) > +{ > + if (offset > SZ_64K) > + return smmu->page1 + offset - SZ_64K; > + > + return smmu->base + offset; > +} > + > +static struct arm_smmu_domain *to_smmu_domain(struct iommu_domain *dom) > +{ > + return container_of(dom, struct arm_smmu_domain, domain); > +} > + > +static void parse_driver_options(struct arm_smmu_device *smmu) > +{ > + int i = 0; > + > + do { > + if (of_property_read_bool(smmu->dev->of_node, > + arm_smmu_options[i].prop)) { > + smmu->options |= arm_smmu_options[i].opt; > + dev_notice(smmu->dev, "option %s\n", > + arm_smmu_options[i].prop); > + } > + } while (arm_smmu_options[++i].opt); > +} > + > +/* Low-level queue manipulation functions */ > +static bool queue_has_space(struct arm_smmu_ll_queue *q, u32 n) > +{ > + u32 space, prod, cons; > + > + prod = Q_IDX(q, q->prod); > + cons = Q_IDX(q, q->cons); > + > + if (Q_WRP(q, q->prod) == Q_WRP(q, q->cons)) > + space = (1 << q->max_n_shift) - (prod - cons); > + else > + space = cons - prod; > + > + return space >= n; > +} > + > +static bool queue_full(struct arm_smmu_ll_queue *q) > +{ > + return Q_IDX(q, q->prod) == Q_IDX(q, q->cons) && > + Q_WRP(q, q->prod) != Q_WRP(q, q->cons); > +} > + > +static bool queue_empty(struct arm_smmu_ll_queue *q) > +{ > + return Q_IDX(q, q->prod) == Q_IDX(q, q->cons) && > + Q_WRP(q, q->prod) == Q_WRP(q, q->cons); > +} > + > +static bool queue_consumed(struct arm_smmu_ll_queue *q, u32 prod) > +{ > + return ((Q_WRP(q, q->cons) == Q_WRP(q, prod)) && > + (Q_IDX(q, q->cons) > Q_IDX(q, prod))) || > + ((Q_WRP(q, q->cons) != Q_WRP(q, prod)) && > + (Q_IDX(q, q->cons) <= Q_IDX(q, prod))); > +} > + > +static void queue_sync_cons_out(struct arm_smmu_queue *q) > +{ > + /* > + * Ensure that all CPU accesses (reads and writes) to the queue > + * are complete before we update the cons pointer. > + */ > + mb(); > + writel_relaxed(q->llq.cons, q->cons_reg); > +} > + > +static void queue_inc_cons(struct arm_smmu_ll_queue *q) > +{ > + u32 cons = (Q_WRP(q, q->cons) | Q_IDX(q, q->cons)) + 1; > + q->cons = Q_OVF(q->cons) | Q_WRP(q, cons) | Q_IDX(q, cons); > +} > + > +static int queue_sync_prod_in(struct arm_smmu_queue *q) > +{ > + int ret = 0; > + u32 prod = readl_relaxed(q->prod_reg); > + > + if (Q_OVF(prod) != Q_OVF(q->llq.prod)) > + ret = -EOVERFLOW; > + > + q->llq.prod = prod; > + return ret; > +} > + > +static u32 queue_inc_prod_n(struct arm_smmu_ll_queue *q, int n) > +{ > + u32 prod = (Q_WRP(q, q->prod) | Q_IDX(q, q->prod)) + n; > + return Q_OVF(q->prod) | Q_WRP(q, prod) | Q_IDX(q, prod); > +} > + > +static void queue_poll_init(struct arm_smmu_device *smmu, > + struct arm_smmu_queue_poll *qp) > +{ > + qp->delay = 1; > + qp->spin_cnt = 0; > + qp->wfe = !!(smmu->features & ARM_SMMU_FEAT_SEV); > + qp->timeout = ktime_add_us(ktime_get(), ARM_SMMU_POLL_TIMEOUT_US); > +} > + > +static int queue_poll(struct arm_smmu_queue_poll *qp) > +{ > + if (ktime_compare(ktime_get(), qp->timeout) > 0) > + return -ETIMEDOUT; > + > + if (qp->wfe) { > + wfe(); > + } else if (++qp->spin_cnt < ARM_SMMU_POLL_SPIN_COUNT) { > + cpu_relax(); > + } else { > + udelay(qp->delay); > + qp->delay *= 2; > + qp->spin_cnt = 0; > + } > + > + return 0; > +} > + > +static void queue_write(__le64 *dst, u64 *src, size_t n_dwords) > +{ > + int i; > + > + for (i = 0; i < n_dwords; ++i) > + *dst++ = cpu_to_le64(*src++); > +} > + > +static void queue_read(__le64 *dst, u64 *src, size_t n_dwords) > +{ > + int i; > + > + for (i = 0; i < n_dwords; ++i) > + *dst++ = le64_to_cpu(*src++); > +} > + > +static int queue_remove_raw(struct arm_smmu_queue *q, u64 *ent) > +{ > + if (queue_empty(&q->llq)) > + return -EAGAIN; > + > + queue_read(ent, Q_ENT(q, q->llq.cons), q->ent_dwords); > + queue_inc_cons(&q->llq); > + queue_sync_cons_out(q); > + return 0; > +} > + > +/* High-level queue accessors */ > +static int arm_smmu_cmdq_build_cmd(u64 *cmd, struct arm_smmu_cmdq_ent *ent) > +{ > + memset(cmd, 0, 1 << CMDQ_ENT_SZ_SHIFT); > + cmd[0] |= FIELD_PREP(CMDQ_0_OP, ent->opcode); > + > + switch (ent->opcode) { > + case CMDQ_OP_TLBI_EL2_ALL: > + case CMDQ_OP_TLBI_NSNH_ALL: > + break; > + case CMDQ_OP_PREFETCH_CFG: > + cmd[0] |= FIELD_PREP(CMDQ_PREFETCH_0_SID, ent->prefetch.sid); > + cmd[1] |= FIELD_PREP(CMDQ_PREFETCH_1_SIZE, ent->prefetch.size); > + cmd[1] |= ent->prefetch.addr & CMDQ_PREFETCH_1_ADDR_MASK; > + break; > + case CMDQ_OP_CFGI_CD: > + cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SSID, ent->cfgi.ssid); > + /* Fallthrough */ > + case CMDQ_OP_CFGI_STE: > + cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SID, ent->cfgi.sid); > + cmd[1] |= FIELD_PREP(CMDQ_CFGI_1_LEAF, ent->cfgi.leaf); > + break; > + case CMDQ_OP_CFGI_CD_ALL: > + cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SID, ent->cfgi.sid); > + break; > + case CMDQ_OP_CFGI_ALL: > + /* Cover the entire SID range */ > + cmd[1] |= FIELD_PREP(CMDQ_CFGI_1_RANGE, 31); > + break; > + case CMDQ_OP_TLBI_NH_VA: > + cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_NUM, ent->tlbi.num); > + cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_SCALE, ent->tlbi.scale); > + cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid); > + cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_ASID, ent->tlbi.asid); > + cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_LEAF, ent->tlbi.leaf); > + cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TTL, ent->tlbi.ttl); > + cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TG, ent->tlbi.tg); > + cmd[1] |= ent->tlbi.addr & CMDQ_TLBI_1_VA_MASK; > + break; > + case CMDQ_OP_TLBI_S2_IPA: > + cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_NUM, ent->tlbi.num); > + cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_SCALE, ent->tlbi.scale); > + cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid); > + cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_LEAF, ent->tlbi.leaf); > + cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TTL, ent->tlbi.ttl); > + cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TG, ent->tlbi.tg); > + cmd[1] |= ent->tlbi.addr & CMDQ_TLBI_1_IPA_MASK; > + break; > + case CMDQ_OP_TLBI_NH_ASID: > + cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_ASID, ent->tlbi.asid); > + /* Fallthrough */ > + case CMDQ_OP_TLBI_S12_VMALL: > + cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid); > + break; > + case CMDQ_OP_ATC_INV: > + cmd[0] |= FIELD_PREP(CMDQ_0_SSV, ent->substream_valid); > + cmd[0] |= FIELD_PREP(CMDQ_ATC_0_GLOBAL, ent->atc.global); > + cmd[0] |= FIELD_PREP(CMDQ_ATC_0_SSID, ent->atc.ssid); > + cmd[0] |= FIELD_PREP(CMDQ_ATC_0_SID, ent->atc.sid); > + cmd[1] |= FIELD_PREP(CMDQ_ATC_1_SIZE, ent->atc.size); > + cmd[1] |= ent->atc.addr & CMDQ_ATC_1_ADDR_MASK; > + break; > + case CMDQ_OP_PRI_RESP: > + cmd[0] |= FIELD_PREP(CMDQ_0_SSV, ent->substream_valid); > + cmd[0] |= FIELD_PREP(CMDQ_PRI_0_SSID, ent->pri.ssid); > + cmd[0] |= FIELD_PREP(CMDQ_PRI_0_SID, ent->pri.sid); > + cmd[1] |= FIELD_PREP(CMDQ_PRI_1_GRPID, ent->pri.grpid); > + switch (ent->pri.resp) { > + case PRI_RESP_DENY: > + case PRI_RESP_FAIL: > + case PRI_RESP_SUCC: > + break; > + default: > + return -EINVAL; > + } > + cmd[1] |= FIELD_PREP(CMDQ_PRI_1_RESP, ent->pri.resp); > + break; > + case CMDQ_OP_CMD_SYNC: > + if (ent->sync.msiaddr) { > + cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_CS, > CMDQ_SYNC_0_CS_IRQ); > + cmd[1] |= ent->sync.msiaddr & CMDQ_SYNC_1_MSIADDR_MASK; > + } else { > + cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_CS, > CMDQ_SYNC_0_CS_SEV); > + } > + cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_MSH, ARM_SMMU_SH_ISH); > + cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_MSIATTR, > ARM_SMMU_MEMATTR_OIWB); > + break; > + default: > + return -ENOENT; > + } > + > + return 0; > +} > + > +static void arm_smmu_cmdq_build_sync_cmd(u64 *cmd, struct arm_smmu_device > *smmu, > + u32 prod) > +{ > + struct arm_smmu_queue *q = &smmu->cmdq.q; > + struct arm_smmu_cmdq_ent ent = { > + .opcode = CMDQ_OP_CMD_SYNC, > + }; > + > + /* > + * Beware that Hi16xx adds an extra 32 bits of goodness to its MSI > + * payload, so the write will zero the entire command on that platform. > + */ > + if (smmu->features & ARM_SMMU_FEAT_MSI && > + smmu->features & ARM_SMMU_FEAT_COHERENCY) { > + ent.sync.msiaddr = q->base_dma + Q_IDX(&q->llq, prod) * > + q->ent_dwords * 8; > + } > + > + arm_smmu_cmdq_build_cmd(cmd, &ent); > +} > + > +static void arm_smmu_cmdq_skip_err(struct arm_smmu_device *smmu) > +{ > + static const char *cerror_str[] = { > + [CMDQ_ERR_CERROR_NONE_IDX] = "No error", > + [CMDQ_ERR_CERROR_ILL_IDX] = "Illegal command", > + [CMDQ_ERR_CERROR_ABT_IDX] = "Abort on command fetch", > + [CMDQ_ERR_CERROR_ATC_INV_IDX] = "ATC invalidate timeout", > + }; > + > + int i; > + u64 cmd[CMDQ_ENT_DWORDS]; > + struct arm_smmu_queue *q = &smmu->cmdq.q; > + u32 cons = readl_relaxed(q->cons_reg); > + u32 idx = FIELD_GET(CMDQ_CONS_ERR, cons); > + struct arm_smmu_cmdq_ent cmd_sync = { > + .opcode = CMDQ_OP_CMD_SYNC, > + }; > + > + dev_err(smmu->dev, "CMDQ error (cons 0x%08x): %s\n", cons, > + idx < ARRAY_SIZE(cerror_str) ? cerror_str[idx] : "Unknown"); > + > + switch (idx) { > + case CMDQ_ERR_CERROR_ABT_IDX: > + dev_err(smmu->dev, "retrying command fetch\n"); > + case CMDQ_ERR_CERROR_NONE_IDX: > + return; > + case CMDQ_ERR_CERROR_ATC_INV_IDX: > + /* > + * ATC Invalidation Completion timeout. CONS is still pointing > + * at the CMD_SYNC. Attempt to complete other pending commands > + * by repeating the CMD_SYNC, though we might well end up back > + * here since the ATC invalidation may still be pending. > + */ > + return; > + case CMDQ_ERR_CERROR_ILL_IDX: > + /* Fallthrough */ > + default: > + break; > + } > + > + /* > + * We may have concurrent producers, so we need to be careful > + * not to touch any of the shadow cmdq state. > + */ > + queue_read(cmd, Q_ENT(q, cons), q->ent_dwords); > + dev_err(smmu->dev, "skipping command in error state:\n"); > + for (i = 0; i < ARRAY_SIZE(cmd); ++i) > + dev_err(smmu->dev, "\t0x%016llx\n", (unsigned long long)cmd[i]); > + > + /* Convert the erroneous command into a CMD_SYNC */ > + if (arm_smmu_cmdq_build_cmd(cmd, &cmd_sync)) { > + dev_err(smmu->dev, "failed to convert to CMD_SYNC\n"); > + return; > + } > + > + queue_write(Q_ENT(q, cons), cmd, q->ent_dwords); > +} > + > +/* > + * Command queue locking. > + * This is a form of bastardised rwlock with the following major changes: > + * > + * - The only LOCK routines are exclusive_trylock() and shared_lock(). > + * Neither have barrier semantics, and instead provide only a control > + * dependency. > + * > + * - The UNLOCK routines are supplemented with shared_tryunlock(), which > + * fails if the caller appears to be the last lock holder (yes, this is > + * racy). All successful UNLOCK routines have RELEASE semantics. > + */ > +static void arm_smmu_cmdq_shared_lock(struct arm_smmu_cmdq *cmdq) > +{ > + int val; > + > + /* > + * We can try to avoid the cmpxchg() loop by simply incrementing the > + * lock counter. When held in exclusive state, the lock counter is set > + * to INT_MIN so these increments won't hurt as the value will remain > + * negative. > + */ > + if (atomic_fetch_inc_relaxed(&cmdq->lock) >= 0) > + return; > + > + do { > + val = atomic_cond_read_relaxed(&cmdq->lock, VAL >= 0); > + } while (atomic_cmpxchg_relaxed(&cmdq->lock, val, val + 1) != val); > +} > + > +static void arm_smmu_cmdq_shared_unlock(struct arm_smmu_cmdq *cmdq) > +{ > + (void)atomic_dec_return_release(&cmdq->lock); > +} > + > +static bool arm_smmu_cmdq_shared_tryunlock(struct arm_smmu_cmdq *cmdq) > +{ > + if (atomic_read(&cmdq->lock) == 1) > + return false; > + > + arm_smmu_cmdq_shared_unlock(cmdq); > + return true; > +} > + > +#define arm_smmu_cmdq_exclusive_trylock_irqsave(cmdq, flags) \ > +({ \ > + bool __ret; \ > + local_irq_save(flags); \ > + __ret = !atomic_cmpxchg_relaxed(&cmdq->lock, 0, INT_MIN); \ > + if (!__ret) \ > + local_irq_restore(flags); \ > + __ret; \ > +}) > + > +#define arm_smmu_cmdq_exclusive_unlock_irqrestore(cmdq, flags) > \ > +({ \ > + atomic_set_release(&cmdq->lock, 0); \ > + local_irq_restore(flags); \ > +}) > + > + > +/* > + * Command queue insertion. > + * This is made fiddly by our attempts to achieve some sort of scalability > + * since there is one queue shared amongst all of the CPUs in the system. If > + * you like mixed-size concurrency, dependency ordering and relaxed atomics, > + * then you'll *love* this monstrosity. > + * > + * The basic idea is to split the queue up into ranges of commands that are > + * owned by a given CPU; the owner may not have written all of the commands > + * itself, but is responsible for advancing the hardware prod pointer when > + * the time comes. The algorithm is roughly: > + * > + * 1. Allocate some space in the queue. At this point we also discover > + * whether the head of the queue is currently owned by another CPU, > + * or whether we are the owner. > + * > + * 2. Write our commands into our allocated slots in the queue. > + * > + * 3. Mark our slots as valid in arm_smmu_cmdq.valid_map. > + * > + * 4. If we are an owner: > + * a. Wait for the previous owner to finish. > + * b. Mark the queue head as unowned, which tells us the range > + * that we are responsible for publishing. > + * c. Wait for all commands in our owned range to become valid. > + * d. Advance the hardware prod pointer. > + * e. Tell the next owner we've finished. > + * > + * 5. If we are inserting a CMD_SYNC (we may or may not have been an > + * owner), then we need to stick around until it has completed: > + * a. If we have MSIs, the SMMU can write back into the CMD_SYNC > + * to clear the first 4 bytes. > + * b. Otherwise, we spin waiting for the hardware cons pointer to > + * advance past our command. > + * > + * The devil is in the details, particularly the use of locking for handling > + * SYNC completion and freeing up space in the queue before we think that it > is > + * full. > + */ > +static void __arm_smmu_cmdq_poll_set_valid_map(struct arm_smmu_cmdq *cmdq, > + u32 sprod, u32 eprod, bool set) > +{ > + u32 swidx, sbidx, ewidx, ebidx; > + struct arm_smmu_ll_queue llq = { > + .max_n_shift = cmdq->q.llq.max_n_shift, > + .prod = sprod, > + }; > + > + ewidx = BIT_WORD(Q_IDX(&llq, eprod)); > + ebidx = Q_IDX(&llq, eprod) % BITS_PER_LONG; > + > + while (llq.prod != eprod) { > + unsigned long mask; > + atomic_long_t *ptr; > + u32 limit = BITS_PER_LONG; > + > + swidx = BIT_WORD(Q_IDX(&llq, llq.prod)); > + sbidx = Q_IDX(&llq, llq.prod) % BITS_PER_LONG; > + > + ptr = &cmdq->valid_map[swidx]; > + > + if ((swidx == ewidx) && (sbidx < ebidx)) > + limit = ebidx; > + > + mask = GENMASK(limit - 1, sbidx); > + > + /* > + * The valid bit is the inverse of the wrap bit. This means > + * that a zero-initialised queue is invalid and, after marking > + * all entries as valid, they become invalid again when we > + * wrap. > + */ > + if (set) { > + atomic_long_xor(mask, ptr); > + } else { /* Poll */ > + unsigned long valid; > + > + valid = (ULONG_MAX + !!Q_WRP(&llq, llq.prod)) & mask; > + atomic_long_cond_read_relaxed(ptr, (VAL & mask) == > valid); > + } > + > + llq.prod = queue_inc_prod_n(&llq, limit - sbidx); > + } > +} > + > +/* Mark all entries in the range [sprod, eprod) as valid */ > +static void arm_smmu_cmdq_set_valid_map(struct arm_smmu_cmdq *cmdq, > + u32 sprod, u32 eprod) > +{ > + __arm_smmu_cmdq_poll_set_valid_map(cmdq, sprod, eprod, true); > +} > + > +/* Wait for all entries in the range [sprod, eprod) to become valid */ > +static void arm_smmu_cmdq_poll_valid_map(struct arm_smmu_cmdq *cmdq, > + u32 sprod, u32 eprod) > +{ > + __arm_smmu_cmdq_poll_set_valid_map(cmdq, sprod, eprod, false); > +} > + > +/* Wait for the command queue to become non-full */ > +static int arm_smmu_cmdq_poll_until_not_full(struct arm_smmu_device *smmu, > + struct arm_smmu_ll_queue *llq) > +{ > + unsigned long flags; > + struct arm_smmu_queue_poll qp; > + struct arm_smmu_cmdq *cmdq = &smmu->cmdq; > + int ret = 0; > + > + /* > + * Try to update our copy of cons by grabbing exclusive cmdq access. If > + * that fails, spin until somebody else updates it for us. > + */ > + if (arm_smmu_cmdq_exclusive_trylock_irqsave(cmdq, flags)) { > + WRITE_ONCE(cmdq->q.llq.cons, readl_relaxed(cmdq->q.cons_reg)); > + arm_smmu_cmdq_exclusive_unlock_irqrestore(cmdq, flags); > + llq->val = READ_ONCE(cmdq->q.llq.val); > + return 0; > + } > + > + queue_poll_init(smmu, &qp); > + do { > + llq->val = READ_ONCE(smmu->cmdq.q.llq.val); > + if (!queue_full(llq)) > + break; > + > + ret = queue_poll(&qp); > + } while (!ret); > + > + return ret; > +} > + > +/* > + * Wait until the SMMU signals a CMD_SYNC completion MSI. > + * Must be called with the cmdq lock held in some capacity. > + */ > +static int __arm_smmu_cmdq_poll_until_msi(struct arm_smmu_device *smmu, > + struct arm_smmu_ll_queue *llq) > +{ > + int ret = 0; > + struct arm_smmu_queue_poll qp; > + struct arm_smmu_cmdq *cmdq = &smmu->cmdq; > + u32 *cmd = (u32 *)(Q_ENT(&cmdq->q, llq->prod)); > + > + queue_poll_init(smmu, &qp); > + > + /* > + * The MSI won't generate an event, since it's being written back > + * into the command queue. > + */ > + qp.wfe = false; > + smp_cond_load_relaxed(cmd, !VAL || (ret = queue_poll(&qp))); > + llq->cons = ret ? llq->prod : queue_inc_prod_n(llq, 1); > + return ret; > +} > + > +/* > + * Wait until the SMMU cons index passes llq->prod. > + * Must be called with the cmdq lock held in some capacity. > + */ > +static int __arm_smmu_cmdq_poll_until_consumed(struct arm_smmu_device *smmu, > + struct arm_smmu_ll_queue *llq) > +{ > + struct arm_smmu_queue_poll qp; > + struct arm_smmu_cmdq *cmdq = &smmu->cmdq; > + u32 prod = llq->prod; > + int ret = 0; > + > + queue_poll_init(smmu, &qp); > + llq->val = READ_ONCE(smmu->cmdq.q.llq.val); > + do { > + if (queue_consumed(llq, prod)) > + break; > + > + ret = queue_poll(&qp); > + > + /* > + * This needs to be a readl() so that our subsequent call > + * to arm_smmu_cmdq_shared_tryunlock() can fail accurately. > + * > + * Specifically, we need to ensure that we observe all > + * shared_lock()s by other CMD_SYNCs that share our owner, > + * so that a failing call to tryunlock() means that we're > + * the last one out and therefore we can safely advance > + * cmdq->q.llq.cons. Roughly speaking: > + * > + * CPU 0 CPU1 CPU2 (us) > + * > + * if (sync) > + * shared_lock(); > + * > + * dma_wmb(); > + * set_valid_map(); > + * > + * if (owner) { > + * poll_valid_map(); > + * <control dependency> > + * writel(prod_reg); > + * > + * readl(cons_reg); > + * tryunlock(); > + * > + * Requires us to see CPU 0's shared_lock() acquisition. > + */ > + llq->cons = readl(cmdq->q.cons_reg); > + } while (!ret); > + > + return ret; > +} > + > +static int arm_smmu_cmdq_poll_until_sync(struct arm_smmu_device *smmu, > + struct arm_smmu_ll_queue *llq) > +{ > + if (smmu->features & ARM_SMMU_FEAT_MSI && > + smmu->features & ARM_SMMU_FEAT_COHERENCY) > + return __arm_smmu_cmdq_poll_until_msi(smmu, llq); > + > + return __arm_smmu_cmdq_poll_until_consumed(smmu, llq); > +} > + > +static void arm_smmu_cmdq_write_entries(struct arm_smmu_cmdq *cmdq, u64 > *cmds, > + u32 prod, int n) > +{ > + int i; > + struct arm_smmu_ll_queue llq = { > + .max_n_shift = cmdq->q.llq.max_n_shift, > + .prod = prod, > + }; > + > + for (i = 0; i < n; ++i) { > + u64 *cmd = &cmds[i * CMDQ_ENT_DWORDS]; > + > + prod = queue_inc_prod_n(&llq, i); > + queue_write(Q_ENT(&cmdq->q, prod), cmd, CMDQ_ENT_DWORDS); > + } > +} > + > +/* > + * This is the actual insertion function, and provides the following > + * ordering guarantees to callers: > + * > + * - There is a dma_wmb() before publishing any commands to the queue. > + * This can be relied upon to order prior writes to data structures > + * in memory (such as a CD or an STE) before the command. > + * > + * - On completion of a CMD_SYNC, there is a control dependency. > + * This can be relied upon to order subsequent writes to memory (e.g. > + * freeing an IOVA) after completion of the CMD_SYNC. > + * > + * - Command insertion is totally ordered, so if two CPUs each race to > + * insert their own list of commands then all of the commands from one > + * CPU will appear before any of the commands from the other CPU. > + */ > +static int arm_smmu_cmdq_issue_cmdlist(struct arm_smmu_device *smmu, > + u64 *cmds, int n, bool sync) > +{ > + u64 cmd_sync[CMDQ_ENT_DWORDS]; > + u32 prod; > + unsigned long flags; > + bool owner; > + struct arm_smmu_cmdq *cmdq = &smmu->cmdq; > + struct arm_smmu_ll_queue llq = { > + .max_n_shift = cmdq->q.llq.max_n_shift, > + }, head = llq; > + int ret = 0; > + > + /* 1. Allocate some space in the queue */ > + local_irq_save(flags); > + llq.val = READ_ONCE(cmdq->q.llq.val); > + do { > + u64 old; > + > + while (!queue_has_space(&llq, n + sync)) { > + local_irq_restore(flags); > + if (arm_smmu_cmdq_poll_until_not_full(smmu, &llq)) > + dev_err_ratelimited(smmu->dev, "CMDQ > timeout\n"); > + local_irq_save(flags); > + } > + > + head.cons = llq.cons; > + head.prod = queue_inc_prod_n(&llq, n + sync) | > + CMDQ_PROD_OWNED_FLAG; > + > + old = cmpxchg_relaxed(&cmdq->q.llq.val, llq.val, head.val); > + if (old == llq.val) > + break; > + > + llq.val = old; > + } while (1); > + owner = !(llq.prod & CMDQ_PROD_OWNED_FLAG); > + head.prod &= ~CMDQ_PROD_OWNED_FLAG; > + llq.prod &= ~CMDQ_PROD_OWNED_FLAG; > + > + /* > + * 2. Write our commands into the queue > + * Dependency ordering from the cmpxchg() loop above. > + */ > + arm_smmu_cmdq_write_entries(cmdq, cmds, llq.prod, n); > + if (sync) { > + prod = queue_inc_prod_n(&llq, n); > + arm_smmu_cmdq_build_sync_cmd(cmd_sync, smmu, prod); > + queue_write(Q_ENT(&cmdq->q, prod), cmd_sync, CMDQ_ENT_DWORDS); > + > + /* > + * In order to determine completion of our CMD_SYNC, we must > + * ensure that the queue can't wrap twice without us noticing. > + * We achieve that by taking the cmdq lock as shared before > + * marking our slot as valid. > + */ > + arm_smmu_cmdq_shared_lock(cmdq); > + } > + > + /* 3. Mark our slots as valid, ensuring commands are visible first */ > + dma_wmb(); > + arm_smmu_cmdq_set_valid_map(cmdq, llq.prod, head.prod); > + > + /* 4. If we are the owner, take control of the SMMU hardware */ > + if (owner) { > + /* a. Wait for previous owner to finish */ > + atomic_cond_read_relaxed(&cmdq->owner_prod, VAL == llq.prod); > + > + /* b. Stop gathering work by clearing the owned flag */ > + prod = atomic_fetch_andnot_relaxed(CMDQ_PROD_OWNED_FLAG, > + &cmdq->q.llq.atomic.prod); > + prod &= ~CMDQ_PROD_OWNED_FLAG; > + > + /* > + * c. Wait for any gathered work to be written to the queue. > + * Note that we read our own entries so that we have the control > + * dependency required by (d). > + */ > + arm_smmu_cmdq_poll_valid_map(cmdq, llq.prod, prod); > + > + /* > + * d. Advance the hardware prod pointer > + * Control dependency ordering from the entries becoming valid. > + */ > + writel_relaxed(prod, cmdq->q.prod_reg); > + > + /* > + * e. Tell the next owner we're done > + * Make sure we've updated the hardware first, so that we don't > + * race to update prod and potentially move it backwards. > + */ > + atomic_set_release(&cmdq->owner_prod, prod); > + } > + > + /* 5. If we are inserting a CMD_SYNC, we must wait for it to complete */ > + if (sync) { > + llq.prod = queue_inc_prod_n(&llq, n); > + ret = arm_smmu_cmdq_poll_until_sync(smmu, &llq); > + if (ret) { > + dev_err_ratelimited(smmu->dev, > + "CMD_SYNC timeout at 0x%08x [hwprod > 0x%08x, hwcons 0x%08x]\n", > + llq.prod, > + readl_relaxed(cmdq->q.prod_reg), > + readl_relaxed(cmdq->q.cons_reg)); > + } > + > + /* > + * Try to unlock the cmq lock. This will fail if we're the last > + * reader, in which case we can safely update cmdq->q.llq.cons > + */ > + if (!arm_smmu_cmdq_shared_tryunlock(cmdq)) { > + WRITE_ONCE(cmdq->q.llq.cons, llq.cons); > + arm_smmu_cmdq_shared_unlock(cmdq); > + } > + } > + > + local_irq_restore(flags); > + return ret; > +} > + > +static int arm_smmu_cmdq_issue_cmd(struct arm_smmu_device *smmu, > + struct arm_smmu_cmdq_ent *ent) > +{ > + u64 cmd[CMDQ_ENT_DWORDS]; > + > + if (arm_smmu_cmdq_build_cmd(cmd, ent)) { > + dev_warn(smmu->dev, "ignoring unknown CMDQ opcode 0x%x\n", > + ent->opcode); > + return -EINVAL; > + } > + > + return arm_smmu_cmdq_issue_cmdlist(smmu, cmd, 1, false); > +} > + > +static int arm_smmu_cmdq_issue_sync(struct arm_smmu_device *smmu) > +{ > + return arm_smmu_cmdq_issue_cmdlist(smmu, NULL, 0, true); > +} > + > +static void arm_smmu_cmdq_batch_add(struct arm_smmu_device *smmu, > + struct arm_smmu_cmdq_batch *cmds, > + struct arm_smmu_cmdq_ent *cmd) > +{ > + if (cmds->num == CMDQ_BATCH_ENTRIES) { > + arm_smmu_cmdq_issue_cmdlist(smmu, cmds->cmds, cmds->num, false); > + cmds->num = 0; > + } > + arm_smmu_cmdq_build_cmd(&cmds->cmds[cmds->num * CMDQ_ENT_DWORDS], cmd); > + cmds->num++; > +} > + > +static int arm_smmu_cmdq_batch_submit(struct arm_smmu_device *smmu, > + struct arm_smmu_cmdq_batch *cmds) > +{ > + return arm_smmu_cmdq_issue_cmdlist(smmu, cmds->cmds, cmds->num, true); > +} > + > +/* Context descriptor manipulation functions */ > +static void arm_smmu_sync_cd(struct arm_smmu_domain *smmu_domain, > + int ssid, bool leaf) > +{ > + size_t i; > + unsigned long flags; > + struct arm_smmu_master *master; > + struct arm_smmu_cmdq_batch cmds = {}; > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + struct arm_smmu_cmdq_ent cmd = { > + .opcode = CMDQ_OP_CFGI_CD, > + .cfgi = { > + .ssid = ssid, > + .leaf = leaf, > + }, > + }; > + > + spin_lock_irqsave(&smmu_domain->devices_lock, flags); > + list_for_each_entry(master, &smmu_domain->devices, domain_head) { > + for (i = 0; i < master->num_sids; i++) { > + cmd.cfgi.sid = master->sids[i]; > + arm_smmu_cmdq_batch_add(smmu, &cmds, &cmd); > + } > + } > + spin_unlock_irqrestore(&smmu_domain->devices_lock, flags); > + > + arm_smmu_cmdq_batch_submit(smmu, &cmds); > +} > + > +static int arm_smmu_alloc_cd_leaf_table(struct arm_smmu_device *smmu, > + struct arm_smmu_l1_ctx_desc *l1_desc) > +{ > + size_t size = CTXDESC_L2_ENTRIES * (CTXDESC_CD_DWORDS << 3); > + > + l1_desc->l2ptr = dmam_alloc_coherent(smmu->dev, size, > + &l1_desc->l2ptr_dma, GFP_KERNEL); > + if (!l1_desc->l2ptr) { > + dev_warn(smmu->dev, > + "failed to allocate context descriptor table\n"); > + return -ENOMEM; > + } > + return 0; > +} > + > +static void arm_smmu_write_cd_l1_desc(__le64 *dst, > + struct arm_smmu_l1_ctx_desc *l1_desc) > +{ > + u64 val = (l1_desc->l2ptr_dma & CTXDESC_L1_DESC_L2PTR_MASK) | > + CTXDESC_L1_DESC_V; > + > + /* See comment in arm_smmu_write_ctx_desc() */ > + WRITE_ONCE(*dst, cpu_to_le64(val)); > +} > + > +static __le64 *arm_smmu_get_cd_ptr(struct arm_smmu_domain *smmu_domain, > + u32 ssid) > +{ > + __le64 *l1ptr; > + unsigned int idx; > + struct arm_smmu_l1_ctx_desc *l1_desc; > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + struct arm_smmu_ctx_desc_cfg *cdcfg = &smmu_domain->s1_cfg.cdcfg; > + > + if (smmu_domain->s1_cfg.s1fmt == STRTAB_STE_0_S1FMT_LINEAR) > + return cdcfg->cdtab + ssid * CTXDESC_CD_DWORDS; > + > + idx = ssid >> CTXDESC_SPLIT; > + l1_desc = &cdcfg->l1_desc[idx]; > + if (!l1_desc->l2ptr) { > + if (arm_smmu_alloc_cd_leaf_table(smmu, l1_desc)) > + return NULL; > + > + l1ptr = cdcfg->cdtab + idx * CTXDESC_L1_DESC_DWORDS; > + arm_smmu_write_cd_l1_desc(l1ptr, l1_desc); > + /* An invalid L1CD can be cached */ > + arm_smmu_sync_cd(smmu_domain, ssid, false); > + } > + idx = ssid & (CTXDESC_L2_ENTRIES - 1); > + return l1_desc->l2ptr + idx * CTXDESC_CD_DWORDS; > +} > + > +static int arm_smmu_write_ctx_desc(struct arm_smmu_domain *smmu_domain, > + int ssid, struct arm_smmu_ctx_desc *cd) > +{ > + /* > + * This function handles the following cases: > + * > + * (1) Install primary CD, for normal DMA traffic (SSID = 0). > + * (2) Install a secondary CD, for SID+SSID traffic. > + * (3) Update ASID of a CD. Atomically write the first 64 bits of the > + * CD, then invalidate the old entry and mappings. > + * (4) Remove a secondary CD. > + */ > + u64 val; > + bool cd_live; > + __le64 *cdptr; > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + > + if (WARN_ON(ssid >= (1 << smmu_domain->s1_cfg.s1cdmax))) > + return -E2BIG; > + > + cdptr = arm_smmu_get_cd_ptr(smmu_domain, ssid); > + if (!cdptr) > + return -ENOMEM; > + > + val = le64_to_cpu(cdptr[0]); > + cd_live = !!(val & CTXDESC_CD_0_V); > + > + if (!cd) { /* (4) */ > + val = 0; > + } else if (cd_live) { /* (3) */ > + val &= ~CTXDESC_CD_0_ASID; > + val |= FIELD_PREP(CTXDESC_CD_0_ASID, cd->asid); > + /* > + * Until CD+TLB invalidation, both ASIDs may be used for tagging > + * this substream's traffic > + */ > + } else { /* (1) and (2) */ > + cdptr[1] = cpu_to_le64(cd->ttbr & CTXDESC_CD_1_TTB0_MASK); > + cdptr[2] = 0; > + cdptr[3] = cpu_to_le64(cd->mair); > + > + /* > + * STE is live, and the SMMU might read dwords of this CD in any > + * order. Ensure that it observes valid values before reading > + * V=1. > + */ > + arm_smmu_sync_cd(smmu_domain, ssid, true); > + > + val = cd->tcr | > +#ifdef __BIG_ENDIAN > + CTXDESC_CD_0_ENDI | > +#endif > + CTXDESC_CD_0_R | CTXDESC_CD_0_A | CTXDESC_CD_0_ASET | > + CTXDESC_CD_0_AA64 | > + FIELD_PREP(CTXDESC_CD_0_ASID, cd->asid) | > + CTXDESC_CD_0_V; > + > + /* STALL_MODEL==0b10 && CD.S==0 is ILLEGAL */ > + if (smmu->features & ARM_SMMU_FEAT_STALL_FORCE) > + val |= CTXDESC_CD_0_S; > + } > + > + /* > + * The SMMU accesses 64-bit values atomically. See IHI0070Ca 3.21.3 > + * "Configuration structures and configuration invalidation completion" > + * > + * The size of single-copy atomic reads made by the SMMU is > + * IMPLEMENTATION DEFINED but must be at least 64 bits. Any single > + * field within an aligned 64-bit span of a structure can be altered > + * without first making the structure invalid. > + */ > + WRITE_ONCE(cdptr[0], cpu_to_le64(val)); > + arm_smmu_sync_cd(smmu_domain, ssid, true); > + return 0; > +} > + > +static int arm_smmu_alloc_cd_tables(struct arm_smmu_domain *smmu_domain) > +{ > + int ret; > + size_t l1size; > + size_t max_contexts; > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg; > + struct arm_smmu_ctx_desc_cfg *cdcfg = &cfg->cdcfg; > + > + max_contexts = 1 << cfg->s1cdmax; > + > + if (!(smmu->features & ARM_SMMU_FEAT_2_LVL_CDTAB) || > + max_contexts <= CTXDESC_L2_ENTRIES) { > + cfg->s1fmt = STRTAB_STE_0_S1FMT_LINEAR; > + cdcfg->num_l1_ents = max_contexts; > + > + l1size = max_contexts * (CTXDESC_CD_DWORDS << 3); > + } else { > + cfg->s1fmt = STRTAB_STE_0_S1FMT_64K_L2; > + cdcfg->num_l1_ents = DIV_ROUND_UP(max_contexts, > + CTXDESC_L2_ENTRIES); > + > + cdcfg->l1_desc = devm_kcalloc(smmu->dev, cdcfg->num_l1_ents, > + sizeof(*cdcfg->l1_desc), > + GFP_KERNEL); > + if (!cdcfg->l1_desc) > + return -ENOMEM; > + > + l1size = cdcfg->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3); > + } > + > + cdcfg->cdtab = dmam_alloc_coherent(smmu->dev, l1size, &cdcfg->cdtab_dma, > + GFP_KERNEL); > + if (!cdcfg->cdtab) { > + dev_warn(smmu->dev, "failed to allocate context descriptor\n"); > + ret = -ENOMEM; > + goto err_free_l1; > + } > + > + return 0; > + > +err_free_l1: > + if (cdcfg->l1_desc) { > + devm_kfree(smmu->dev, cdcfg->l1_desc); > + cdcfg->l1_desc = NULL; > + } > + return ret; > +} > + > +static void arm_smmu_free_cd_tables(struct arm_smmu_domain *smmu_domain) > +{ > + int i; > + size_t size, l1size; > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + struct arm_smmu_ctx_desc_cfg *cdcfg = &smmu_domain->s1_cfg.cdcfg; > + > + if (cdcfg->l1_desc) { > + size = CTXDESC_L2_ENTRIES * (CTXDESC_CD_DWORDS << 3); > + > + for (i = 0; i < cdcfg->num_l1_ents; i++) { > + if (!cdcfg->l1_desc[i].l2ptr) > + continue; > + > + dmam_free_coherent(smmu->dev, size, > + cdcfg->l1_desc[i].l2ptr, > + cdcfg->l1_desc[i].l2ptr_dma); > + } > + devm_kfree(smmu->dev, cdcfg->l1_desc); > + cdcfg->l1_desc = NULL; > + > + l1size = cdcfg->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3); > + } else { > + l1size = cdcfg->num_l1_ents * (CTXDESC_CD_DWORDS << 3); > + } > + > + dmam_free_coherent(smmu->dev, l1size, cdcfg->cdtab, cdcfg->cdtab_dma); > + cdcfg->cdtab_dma = 0; > + cdcfg->cdtab = NULL; > +} > + > +static void arm_smmu_free_asid(struct arm_smmu_ctx_desc *cd) > +{ > + if (!cd->asid) > + return; > + > + xa_erase(&asid_xa, cd->asid); > +} > + > +/* Stream table manipulation functions */ > +static void > +arm_smmu_write_strtab_l1_desc(__le64 *dst, struct arm_smmu_strtab_l1_desc > *desc) > +{ > + u64 val = 0; > + > + val |= FIELD_PREP(STRTAB_L1_DESC_SPAN, desc->span); > + val |= desc->l2ptr_dma & STRTAB_L1_DESC_L2PTR_MASK; > + > + /* See comment in arm_smmu_write_ctx_desc() */ > + WRITE_ONCE(*dst, cpu_to_le64(val)); > +} > + > +static void arm_smmu_sync_ste_for_sid(struct arm_smmu_device *smmu, u32 sid) > +{ > + struct arm_smmu_cmdq_ent cmd = { > + .opcode = CMDQ_OP_CFGI_STE, > + .cfgi = { > + .sid = sid, > + .leaf = true, > + }, > + }; > + > + arm_smmu_cmdq_issue_cmd(smmu, &cmd); > + arm_smmu_cmdq_issue_sync(smmu); > +} > + > +static void arm_smmu_write_strtab_ent(struct arm_smmu_master *master, u32 > sid, > + __le64 *dst) > +{ > + /* > + * This is hideously complicated, but we only really care about > + * three cases at the moment: > + * > + * 1. Invalid (all zero) -> bypass/fault (init) > + * 2. Bypass/fault -> translation/bypass (attach) > + * 3. Translation/bypass -> bypass/fault (detach) > + * > + * Given that we can't update the STE atomically and the SMMU > + * doesn't read the thing in a defined order, that leaves us > + * with the following maintenance requirements: > + * > + * 1. Update Config, return (init time STEs aren't live) > + * 2. Write everything apart from dword 0, sync, write dword 0, sync > + * 3. Update Config, sync > + */ > + u64 val = le64_to_cpu(dst[0]); > + bool ste_live = false; > + struct arm_smmu_device *smmu = NULL; > + struct arm_smmu_s1_cfg *s1_cfg = NULL; > + struct arm_smmu_s2_cfg *s2_cfg = NULL; > + struct arm_smmu_domain *smmu_domain = NULL; > + struct arm_smmu_cmdq_ent prefetch_cmd = { > + .opcode = CMDQ_OP_PREFETCH_CFG, > + .prefetch = { > + .sid = sid, > + }, > + }; > + > + if (master) { > + smmu_domain = master->domain; > + smmu = master->smmu; > + } > + > + if (smmu_domain) { > + switch (smmu_domain->stage) { > + case ARM_SMMU_DOMAIN_S1: > + s1_cfg = &smmu_domain->s1_cfg; > + break; > + case ARM_SMMU_DOMAIN_S2: > + case ARM_SMMU_DOMAIN_NESTED: > + s2_cfg = &smmu_domain->s2_cfg; > + break; > + default: > + break; > + } > + } > + > + if (val & STRTAB_STE_0_V) { > + switch (FIELD_GET(STRTAB_STE_0_CFG, val)) { > + case STRTAB_STE_0_CFG_BYPASS: > + break; > + case STRTAB_STE_0_CFG_S1_TRANS: > + case STRTAB_STE_0_CFG_S2_TRANS: > + ste_live = true; > + break; > + case STRTAB_STE_0_CFG_ABORT: > + BUG_ON(!disable_bypass); > + break; > + default: > + BUG(); /* STE corruption */ > + } > + } > + > + /* Nuke the existing STE_0 value, as we're going to rewrite it */ > + val = STRTAB_STE_0_V; > + > + /* Bypass/fault */ > + if (!smmu_domain || !(s1_cfg || s2_cfg)) { > + if (!smmu_domain && disable_bypass) > + val |= FIELD_PREP(STRTAB_STE_0_CFG, > STRTAB_STE_0_CFG_ABORT); > + else > + val |= FIELD_PREP(STRTAB_STE_0_CFG, > STRTAB_STE_0_CFG_BYPASS); > + > + dst[0] = cpu_to_le64(val); > + dst[1] = cpu_to_le64(FIELD_PREP(STRTAB_STE_1_SHCFG, > + STRTAB_STE_1_SHCFG_INCOMING)); > + dst[2] = 0; /* Nuke the VMID */ > + /* > + * The SMMU can perform negative caching, so we must sync > + * the STE regardless of whether the old value was live. > + */ > + if (smmu) > + arm_smmu_sync_ste_for_sid(smmu, sid); > + return; > + } > + > + if (s1_cfg) { > + BUG_ON(ste_live); > + dst[1] = cpu_to_le64( > + FIELD_PREP(STRTAB_STE_1_S1DSS, > STRTAB_STE_1_S1DSS_SSID0) | > + FIELD_PREP(STRTAB_STE_1_S1CIR, > STRTAB_STE_1_S1C_CACHE_WBRA) | > + FIELD_PREP(STRTAB_STE_1_S1COR, > STRTAB_STE_1_S1C_CACHE_WBRA) | > + FIELD_PREP(STRTAB_STE_1_S1CSH, ARM_SMMU_SH_ISH) | > + FIELD_PREP(STRTAB_STE_1_STRW, > STRTAB_STE_1_STRW_NSEL1)); > + > + if (smmu->features & ARM_SMMU_FEAT_STALLS && > + !(smmu->features & ARM_SMMU_FEAT_STALL_FORCE)) > + dst[1] |= cpu_to_le64(STRTAB_STE_1_S1STALLD); > + > + val |= (s1_cfg->cdcfg.cdtab_dma & STRTAB_STE_0_S1CTXPTR_MASK) | > + FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_S1_TRANS) > | > + FIELD_PREP(STRTAB_STE_0_S1CDMAX, s1_cfg->s1cdmax) | > + FIELD_PREP(STRTAB_STE_0_S1FMT, s1_cfg->s1fmt); > + } > + > + if (s2_cfg) { > + BUG_ON(ste_live); > + dst[2] = cpu_to_le64( > + FIELD_PREP(STRTAB_STE_2_S2VMID, s2_cfg->vmid) | > + FIELD_PREP(STRTAB_STE_2_VTCR, s2_cfg->vtcr) | > +#ifdef __BIG_ENDIAN > + STRTAB_STE_2_S2ENDI | > +#endif > + STRTAB_STE_2_S2PTW | STRTAB_STE_2_S2AA64 | > + STRTAB_STE_2_S2R); > + > + dst[3] = cpu_to_le64(s2_cfg->vttbr & STRTAB_STE_3_S2TTB_MASK); > + > + val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_S2_TRANS); > + } > + > + if (master->ats_enabled) > + dst[1] |= cpu_to_le64(FIELD_PREP(STRTAB_STE_1_EATS, > + STRTAB_STE_1_EATS_TRANS)); > + > + arm_smmu_sync_ste_for_sid(smmu, sid); > + /* See comment in arm_smmu_write_ctx_desc() */ > + WRITE_ONCE(dst[0], cpu_to_le64(val)); > + arm_smmu_sync_ste_for_sid(smmu, sid); > + > + /* It's likely that we'll want to use the new STE soon */ > + if (!(smmu->options & ARM_SMMU_OPT_SKIP_PREFETCH)) > + arm_smmu_cmdq_issue_cmd(smmu, &prefetch_cmd); > +} > + > +static void arm_smmu_init_bypass_stes(u64 *strtab, unsigned int nent) > +{ > + unsigned int i; > + > + for (i = 0; i < nent; ++i) { > + arm_smmu_write_strtab_ent(NULL, -1, strtab); > + strtab += STRTAB_STE_DWORDS; > + } > +} > + > +static int arm_smmu_init_l2_strtab(struct arm_smmu_device *smmu, u32 sid) > +{ > + size_t size; > + void *strtab; > + struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg; > + struct arm_smmu_strtab_l1_desc *desc = &cfg->l1_desc[sid >> > STRTAB_SPLIT]; > + > + if (desc->l2ptr) > + return 0; > + > + size = 1 << (STRTAB_SPLIT + ilog2(STRTAB_STE_DWORDS) + 3); > + strtab = &cfg->strtab[(sid >> STRTAB_SPLIT) * STRTAB_L1_DESC_DWORDS]; > + > + desc->span = STRTAB_SPLIT + 1; > + desc->l2ptr = dmam_alloc_coherent(smmu->dev, size, &desc->l2ptr_dma, > + GFP_KERNEL); > + if (!desc->l2ptr) { > + dev_err(smmu->dev, > + "failed to allocate l2 stream table for SID %u\n", > + sid); > + return -ENOMEM; > + } > + > + arm_smmu_init_bypass_stes(desc->l2ptr, 1 << STRTAB_SPLIT); > + arm_smmu_write_strtab_l1_desc(strtab, desc); > + return 0; > +} > + > +/* IRQ and event handlers */ > +static irqreturn_t arm_smmu_evtq_thread(int irq, void *dev) > +{ > + int i; > + struct arm_smmu_device *smmu = dev; > + struct arm_smmu_queue *q = &smmu->evtq.q; > + struct arm_smmu_ll_queue *llq = &q->llq; > + u64 evt[EVTQ_ENT_DWORDS]; > + > + do { > + while (!queue_remove_raw(q, evt)) { > + u8 id = FIELD_GET(EVTQ_0_ID, evt[0]); > + > + dev_info(smmu->dev, "event 0x%02x received:\n", id); > + for (i = 0; i < ARRAY_SIZE(evt); ++i) > + dev_info(smmu->dev, "\t0x%016llx\n", > + (unsigned long long)evt[i]); > + > + } > + > + /* > + * Not much we can do on overflow, so scream and pretend we're > + * trying harder. > + */ > + if (queue_sync_prod_in(q) == -EOVERFLOW) > + dev_err(smmu->dev, "EVTQ overflow detected -- events > lost\n"); > + } while (!queue_empty(llq)); > + > + /* Sync our overflow flag, as we believe we're up to speed */ > + llq->cons = Q_OVF(llq->prod) | Q_WRP(llq, llq->cons) | > + Q_IDX(llq, llq->cons); > + return IRQ_HANDLED; > +} > + > +static void arm_smmu_handle_ppr(struct arm_smmu_device *smmu, u64 *evt) > +{ > + u32 sid, ssid; > + u16 grpid; > + bool ssv, last; > + > + sid = FIELD_GET(PRIQ_0_SID, evt[0]); > + ssv = FIELD_GET(PRIQ_0_SSID_V, evt[0]); > + ssid = ssv ? FIELD_GET(PRIQ_0_SSID, evt[0]) : 0; > + last = FIELD_GET(PRIQ_0_PRG_LAST, evt[0]); > + grpid = FIELD_GET(PRIQ_1_PRG_IDX, evt[1]); > + > + dev_info(smmu->dev, "unexpected PRI request received:\n"); > + dev_info(smmu->dev, > + "\tsid 0x%08x.0x%05x: [%u%s] %sprivileged %s%s%s access at > iova 0x%016llx\n", > + sid, ssid, grpid, last ? "L" : "", > + evt[0] & PRIQ_0_PERM_PRIV ? "" : "un", > + evt[0] & PRIQ_0_PERM_READ ? "R" : "", > + evt[0] & PRIQ_0_PERM_WRITE ? "W" : "", > + evt[0] & PRIQ_0_PERM_EXEC ? "X" : "", > + evt[1] & PRIQ_1_ADDR_MASK); > + > + if (last) { > + struct arm_smmu_cmdq_ent cmd = { > + .opcode = CMDQ_OP_PRI_RESP, > + .substream_valid = ssv, > + .pri = { > + .sid = sid, > + .ssid = ssid, > + .grpid = grpid, > + .resp = PRI_RESP_DENY, > + }, > + }; > + > + arm_smmu_cmdq_issue_cmd(smmu, &cmd); > + } > +} > + > +static irqreturn_t arm_smmu_priq_thread(int irq, void *dev) > +{ > + struct arm_smmu_device *smmu = dev; > + struct arm_smmu_queue *q = &smmu->priq.q; > + struct arm_smmu_ll_queue *llq = &q->llq; > + u64 evt[PRIQ_ENT_DWORDS]; > + > + do { > + while (!queue_remove_raw(q, evt)) > + arm_smmu_handle_ppr(smmu, evt); > + > + if (queue_sync_prod_in(q) == -EOVERFLOW) > + dev_err(smmu->dev, "PRIQ overflow detected -- requests > lost\n"); > + } while (!queue_empty(llq)); > + > + /* Sync our overflow flag, as we believe we're up to speed */ > + llq->cons = Q_OVF(llq->prod) | Q_WRP(llq, llq->cons) | > + Q_IDX(llq, llq->cons); > + queue_sync_cons_out(q); > + return IRQ_HANDLED; > +} > + > +static int arm_smmu_device_disable(struct arm_smmu_device *smmu); > + > +static irqreturn_t arm_smmu_gerror_handler(int irq, void *dev) > +{ > + u32 gerror, gerrorn, active; > + struct arm_smmu_device *smmu = dev; > + > + gerror = readl_relaxed(smmu->base + ARM_SMMU_GERROR); > + gerrorn = readl_relaxed(smmu->base + ARM_SMMU_GERRORN); > + > + active = gerror ^ gerrorn; > + if (!(active & GERROR_ERR_MASK)) > + return IRQ_NONE; /* No errors pending */ > + > + dev_warn(smmu->dev, > + "unexpected global error reported (0x%08x), this could be > serious\n", > + active); > + > + if (active & GERROR_SFM_ERR) { > + dev_err(smmu->dev, "device has entered Service Failure > Mode!\n"); > + arm_smmu_device_disable(smmu); > + } > + > + if (active & GERROR_MSI_GERROR_ABT_ERR) > + dev_warn(smmu->dev, "GERROR MSI write aborted\n"); > + > + if (active & GERROR_MSI_PRIQ_ABT_ERR) > + dev_warn(smmu->dev, "PRIQ MSI write aborted\n"); > + > + if (active & GERROR_MSI_EVTQ_ABT_ERR) > + dev_warn(smmu->dev, "EVTQ MSI write aborted\n"); > + > + if (active & GERROR_MSI_CMDQ_ABT_ERR) > + dev_warn(smmu->dev, "CMDQ MSI write aborted\n"); > + > + if (active & GERROR_PRIQ_ABT_ERR) > + dev_err(smmu->dev, "PRIQ write aborted -- events may have been > lost\n"); > + > + if (active & GERROR_EVTQ_ABT_ERR) > + dev_err(smmu->dev, "EVTQ write aborted -- events may have been > lost\n"); > + > + if (active & GERROR_CMDQ_ERR) > + arm_smmu_cmdq_skip_err(smmu); > + > + writel(gerror, smmu->base + ARM_SMMU_GERRORN); > + return IRQ_HANDLED; > +} > + > +static irqreturn_t arm_smmu_combined_irq_thread(int irq, void *dev) > +{ > + struct arm_smmu_device *smmu = dev; > + > + arm_smmu_evtq_thread(irq, dev); > + if (smmu->features & ARM_SMMU_FEAT_PRI) > + arm_smmu_priq_thread(irq, dev); > + > + return IRQ_HANDLED; > +} > + > +static irqreturn_t arm_smmu_combined_irq_handler(int irq, void *dev) > +{ > + arm_smmu_gerror_handler(irq, dev); > + return IRQ_WAKE_THREAD; > +} > + > +static void > +arm_smmu_atc_inv_to_cmd(int ssid, unsigned long iova, size_t size, > + struct arm_smmu_cmdq_ent *cmd) > +{ > + size_t log2_span; > + size_t span_mask; > + /* ATC invalidates are always on 4096-bytes pages */ > + size_t inval_grain_shift = 12; > + unsigned long page_start, page_end; > + > + *cmd = (struct arm_smmu_cmdq_ent) { > + .opcode = CMDQ_OP_ATC_INV, > + .substream_valid = !!ssid, > + .atc.ssid = ssid, > + }; > + > + if (!size) { > + cmd->atc.size = ATC_INV_SIZE_ALL; > + return; > + } > + > + page_start = iova >> inval_grain_shift; > + page_end = (iova + size - 1) >> inval_grain_shift; > + > + /* > + * In an ATS Invalidate Request, the address must be aligned on the > + * range size, which must be a power of two number of page sizes. We > + * thus have to choose between grossly over-invalidating the region, or > + * splitting the invalidation into multiple commands. For simplicity > + * we'll go with the first solution, but should refine it in the future > + * if multiple commands are shown to be more efficient. > + * > + * Find the smallest power of two that covers the range. The most > + * significant differing bit between the start and end addresses, > + * fls(start ^ end), indicates the required span. For example: > + * > + * We want to invalidate pages [8; 11]. This is already the ideal range: > + * x = 0b1000 ^ 0b1011 = 0b11 > + * span = 1 << fls(x) = 4 > + * > + * To invalidate pages [7; 10], we need to invalidate [0; 15]: > + * x = 0b0111 ^ 0b1010 = 0b1101 > + * span = 1 << fls(x) = 16 > + */ > + log2_span = fls_long(page_start ^ page_end); > + span_mask = (1ULL << log2_span) - 1; > + > + page_start &= ~span_mask; > + > + cmd->atc.addr = page_start << inval_grain_shift; > + cmd->atc.size = log2_span; > +} > + > +static int arm_smmu_atc_inv_master(struct arm_smmu_master *master) > +{ > + int i; > + struct arm_smmu_cmdq_ent cmd; > + > + arm_smmu_atc_inv_to_cmd(0, 0, 0, &cmd); > + > + for (i = 0; i < master->num_sids; i++) { > + cmd.atc.sid = master->sids[i]; > + arm_smmu_cmdq_issue_cmd(master->smmu, &cmd); > + } > + > + return arm_smmu_cmdq_issue_sync(master->smmu); > +} > + > +static int arm_smmu_atc_inv_domain(struct arm_smmu_domain *smmu_domain, > + int ssid, unsigned long iova, size_t size) > +{ > + int i; > + unsigned long flags; > + struct arm_smmu_cmdq_ent cmd; > + struct arm_smmu_master *master; > + struct arm_smmu_cmdq_batch cmds = {}; > + > + if (!(smmu_domain->smmu->features & ARM_SMMU_FEAT_ATS)) > + return 0; > + > + /* > + * Ensure that we've completed prior invalidation of the main TLBs > + * before we read 'nr_ats_masters' in case of a concurrent call to > + * arm_smmu_enable_ats(): > + * > + * // unmap() // arm_smmu_enable_ats() > + * TLBI+SYNC atomic_inc(&nr_ats_masters); > + * smp_mb(); [...] > + * atomic_read(&nr_ats_masters); pci_enable_ats() // writel() > + * > + * Ensures that we always see the incremented 'nr_ats_masters' count if > + * ATS was enabled at the PCI device before completion of the TLBI. > + */ > + smp_mb(); > + if (!atomic_read(&smmu_domain->nr_ats_masters)) > + return 0; > + > + arm_smmu_atc_inv_to_cmd(ssid, iova, size, &cmd); > + > + spin_lock_irqsave(&smmu_domain->devices_lock, flags); > + list_for_each_entry(master, &smmu_domain->devices, domain_head) { > + if (!master->ats_enabled) > + continue; > + > + for (i = 0; i < master->num_sids; i++) { > + cmd.atc.sid = master->sids[i]; > + arm_smmu_cmdq_batch_add(smmu_domain->smmu, &cmds, &cmd); > + } > + } > + spin_unlock_irqrestore(&smmu_domain->devices_lock, flags); > + > + return arm_smmu_cmdq_batch_submit(smmu_domain->smmu, &cmds); > +} > + > +/* IO_PGTABLE API */ > +static void arm_smmu_tlb_inv_context(void *cookie) > +{ > + struct arm_smmu_domain *smmu_domain = cookie; > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + struct arm_smmu_cmdq_ent cmd; > + > + if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) { > + cmd.opcode = CMDQ_OP_TLBI_NH_ASID; > + cmd.tlbi.asid = smmu_domain->s1_cfg.cd.asid; > + cmd.tlbi.vmid = 0; > + } else { > + cmd.opcode = CMDQ_OP_TLBI_S12_VMALL; > + cmd.tlbi.vmid = smmu_domain->s2_cfg.vmid; > + } > + > + /* > + * NOTE: when io-pgtable is in non-strict mode, we may get here with > + * PTEs previously cleared by unmaps on the current CPU not yet visible > + * to the SMMU. We are relying on the dma_wmb() implicit during cmd > + * insertion to guarantee those are observed before the TLBI. Do be > + * careful, 007. > + */ > + arm_smmu_cmdq_issue_cmd(smmu, &cmd); > + arm_smmu_cmdq_issue_sync(smmu); > + arm_smmu_atc_inv_domain(smmu_domain, 0, 0, 0); > +} > + > +static void arm_smmu_tlb_inv_range(unsigned long iova, size_t size, > + size_t granule, bool leaf, > + struct arm_smmu_domain *smmu_domain) > +{ > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + unsigned long start = iova, end = iova + size, num_pages = 0, tg = 0; > + size_t inv_range = granule; > + struct arm_smmu_cmdq_batch cmds = {}; > + struct arm_smmu_cmdq_ent cmd = { > + .tlbi = { > + .leaf = leaf, > + }, > + }; > + > + if (!size) > + return; > + > + if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) { > + cmd.opcode = CMDQ_OP_TLBI_NH_VA; > + cmd.tlbi.asid = smmu_domain->s1_cfg.cd.asid; > + } else { > + cmd.opcode = CMDQ_OP_TLBI_S2_IPA; > + cmd.tlbi.vmid = smmu_domain->s2_cfg.vmid; > + } > + > + if (smmu->features & ARM_SMMU_FEAT_RANGE_INV) { > + /* Get the leaf page size */ > + tg = __ffs(smmu_domain->domain.pgsize_bitmap); > + > + /* Convert page size of 12,14,16 (log2) to 1,2,3 */ > + cmd.tlbi.tg = (tg - 10) / 2; > + > + /* Determine what level the granule is at */ > + cmd.tlbi.ttl = 4 - ((ilog2(granule) - 3) / (tg - 3)); > + > + num_pages = size >> tg; > + } > + > + while (iova < end) { > + if (smmu->features & ARM_SMMU_FEAT_RANGE_INV) { > + /* > + * On each iteration of the loop, the range is 5 bits > + * worth of the aligned size remaining. > + * The range in pages is: > + * > + * range = (num_pages & (0x1f << __ffs(num_pages))) > + */ > + unsigned long scale, num; > + > + /* Determine the power of 2 multiple number of pages */ > + scale = __ffs(num_pages); > + cmd.tlbi.scale = scale; > + > + /* Determine how many chunks of 2^scale size we have */ > + num = (num_pages >> scale) & CMDQ_TLBI_RANGE_NUM_MAX; > + cmd.tlbi.num = num - 1; > + > + /* range is num * 2^scale * pgsize */ > + inv_range = num << (scale + tg); > + > + /* Clear out the lower order bits for the next > iteration */ > + num_pages -= num << scale; > + } > + > + cmd.tlbi.addr = iova; > + arm_smmu_cmdq_batch_add(smmu, &cmds, &cmd); > + iova += inv_range; > + } > + arm_smmu_cmdq_batch_submit(smmu, &cmds); > + > + /* > + * Unfortunately, this can't be leaf-only since we may have > + * zapped an entire table. > + */ > + arm_smmu_atc_inv_domain(smmu_domain, 0, start, size); > +} > + > +static void arm_smmu_tlb_inv_page_nosync(struct iommu_iotlb_gather *gather, > + unsigned long iova, size_t granule, > + void *cookie) > +{ > + struct arm_smmu_domain *smmu_domain = cookie; > + struct iommu_domain *domain = &smmu_domain->domain; > + > + iommu_iotlb_gather_add_page(domain, gather, iova, granule); > +} > + > +static void arm_smmu_tlb_inv_walk(unsigned long iova, size_t size, > + size_t granule, void *cookie) > +{ > + arm_smmu_tlb_inv_range(iova, size, granule, false, cookie); > +} > + > +static void arm_smmu_tlb_inv_leaf(unsigned long iova, size_t size, > + size_t granule, void *cookie) > +{ > + arm_smmu_tlb_inv_range(iova, size, granule, true, cookie); > +} > + > +static const struct iommu_flush_ops arm_smmu_flush_ops = { > + .tlb_flush_all = arm_smmu_tlb_inv_context, > + .tlb_flush_walk = arm_smmu_tlb_inv_walk, > + .tlb_flush_leaf = arm_smmu_tlb_inv_leaf, > + .tlb_add_page = arm_smmu_tlb_inv_page_nosync, > +}; > + > +/* IOMMU API */ > +static bool arm_smmu_capable(enum iommu_cap cap) > +{ > + switch (cap) { > + case IOMMU_CAP_CACHE_COHERENCY: > + return true; > + case IOMMU_CAP_NOEXEC: > + return true; > + default: > + return false; > + } > +} > + > +static struct iommu_domain *arm_smmu_domain_alloc(unsigned type) > +{ > + struct arm_smmu_domain *smmu_domain; > + > + if (type != IOMMU_DOMAIN_UNMANAGED && > + type != IOMMU_DOMAIN_DMA && > + type != IOMMU_DOMAIN_IDENTITY) > + return NULL; > + > + /* > + * Allocate the domain and initialise some of its data structures. > + * We can't really do anything meaningful until we've added a > + * master. > + */ > + smmu_domain = kzalloc(sizeof(*smmu_domain), GFP_KERNEL); > + if (!smmu_domain) > + return NULL; > + > + if (type == IOMMU_DOMAIN_DMA && > + iommu_get_dma_cookie(&smmu_domain->domain)) { > + kfree(smmu_domain); > + return NULL; > + } > + > + mutex_init(&smmu_domain->init_mutex); > + INIT_LIST_HEAD(&smmu_domain->devices); > + spin_lock_init(&smmu_domain->devices_lock); > + > + return &smmu_domain->domain; > +} > + > +static int arm_smmu_bitmap_alloc(unsigned long *map, int span) > +{ > + int idx, size = 1 << span; > + > + do { > + idx = find_first_zero_bit(map, size); > + if (idx == size) > + return -ENOSPC; > + } while (test_and_set_bit(idx, map)); > + > + return idx; > +} > + > +static void arm_smmu_bitmap_free(unsigned long *map, int idx) > +{ > + clear_bit(idx, map); > +} > + > +static void arm_smmu_domain_free(struct iommu_domain *domain) > +{ > + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + > + iommu_put_dma_cookie(domain); > + free_io_pgtable_ops(smmu_domain->pgtbl_ops); > + > + /* Free the CD and ASID, if we allocated them */ > + if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) { > + struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg; > + > + if (cfg->cdcfg.cdtab) > + arm_smmu_free_cd_tables(smmu_domain); > + arm_smmu_free_asid(&cfg->cd); > + } else { > + struct arm_smmu_s2_cfg *cfg = &smmu_domain->s2_cfg; > + if (cfg->vmid) > + arm_smmu_bitmap_free(smmu->vmid_map, cfg->vmid); > + } > + > + kfree(smmu_domain); > +} > + > +static int arm_smmu_domain_finalise_s1(struct arm_smmu_domain *smmu_domain, > + struct arm_smmu_master *master, > + struct io_pgtable_cfg *pgtbl_cfg) > +{ > + int ret; > + u32 asid; > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg; > + typeof(&pgtbl_cfg->arm_lpae_s1_cfg.tcr) tcr = > &pgtbl_cfg->arm_lpae_s1_cfg.tcr; > + > + ret = xa_alloc(&asid_xa, &asid, &cfg->cd, > + XA_LIMIT(1, (1 << smmu->asid_bits) - 1), GFP_KERNEL); > + if (ret) > + return ret; > + > + cfg->s1cdmax = master->ssid_bits; > + > + ret = arm_smmu_alloc_cd_tables(smmu_domain); > + if (ret) > + goto out_free_asid; > + > + cfg->cd.asid = (u16)asid; > + cfg->cd.ttbr = pgtbl_cfg->arm_lpae_s1_cfg.ttbr; > + cfg->cd.tcr = FIELD_PREP(CTXDESC_CD_0_TCR_T0SZ, tcr->tsz) | > + FIELD_PREP(CTXDESC_CD_0_TCR_TG0, tcr->tg) | > + FIELD_PREP(CTXDESC_CD_0_TCR_IRGN0, tcr->irgn) | > + FIELD_PREP(CTXDESC_CD_0_TCR_ORGN0, tcr->orgn) | > + FIELD_PREP(CTXDESC_CD_0_TCR_SH0, tcr->sh) | > + FIELD_PREP(CTXDESC_CD_0_TCR_IPS, tcr->ips) | > + CTXDESC_CD_0_TCR_EPD1 | CTXDESC_CD_0_AA64; > + cfg->cd.mair = pgtbl_cfg->arm_lpae_s1_cfg.mair; > + > + /* > + * Note that this will end up calling arm_smmu_sync_cd() before > + * the master has been added to the devices list for this domain. > + * This isn't an issue because the STE hasn't been installed yet. > + */ > + ret = arm_smmu_write_ctx_desc(smmu_domain, 0, &cfg->cd); > + if (ret) > + goto out_free_cd_tables; > + > + return 0; > + > +out_free_cd_tables: > + arm_smmu_free_cd_tables(smmu_domain); > +out_free_asid: > + arm_smmu_free_asid(&cfg->cd); > + return ret; > +} > + > +static int arm_smmu_domain_finalise_s2(struct arm_smmu_domain *smmu_domain, > + struct arm_smmu_master *master, > + struct io_pgtable_cfg *pgtbl_cfg) > +{ > + int vmid; > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + struct arm_smmu_s2_cfg *cfg = &smmu_domain->s2_cfg; > + typeof(&pgtbl_cfg->arm_lpae_s2_cfg.vtcr) vtcr; > + > + vmid = arm_smmu_bitmap_alloc(smmu->vmid_map, smmu->vmid_bits); > + if (vmid < 0) > + return vmid; > + > + vtcr = &pgtbl_cfg->arm_lpae_s2_cfg.vtcr; > + cfg->vmid = (u16)vmid; > + cfg->vttbr = pgtbl_cfg->arm_lpae_s2_cfg.vttbr; > + cfg->vtcr = FIELD_PREP(STRTAB_STE_2_VTCR_S2T0SZ, vtcr->tsz) | > + FIELD_PREP(STRTAB_STE_2_VTCR_S2SL0, vtcr->sl) | > + FIELD_PREP(STRTAB_STE_2_VTCR_S2IR0, vtcr->irgn) | > + FIELD_PREP(STRTAB_STE_2_VTCR_S2OR0, vtcr->orgn) | > + FIELD_PREP(STRTAB_STE_2_VTCR_S2SH0, vtcr->sh) | > + FIELD_PREP(STRTAB_STE_2_VTCR_S2TG, vtcr->tg) | > + FIELD_PREP(STRTAB_STE_2_VTCR_S2PS, vtcr->ps); > + return 0; > +} > + > +static int arm_smmu_domain_finalise(struct iommu_domain *domain, > + struct arm_smmu_master *master) > +{ > + int ret; > + unsigned long ias, oas; > + enum io_pgtable_fmt fmt; > + struct io_pgtable_cfg pgtbl_cfg; > + struct io_pgtable_ops *pgtbl_ops; > + int (*finalise_stage_fn)(struct arm_smmu_domain *, > + struct arm_smmu_master *, > + struct io_pgtable_cfg *); > + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); > + struct arm_smmu_device *smmu = smmu_domain->smmu; > + > + if (domain->type == IOMMU_DOMAIN_IDENTITY) { > + smmu_domain->stage = ARM_SMMU_DOMAIN_BYPASS; > + return 0; > + } > + > + /* Restrict the stage to what we can actually support */ > + if (!(smmu->features & ARM_SMMU_FEAT_TRANS_S1)) > + smmu_domain->stage = ARM_SMMU_DOMAIN_S2; > + if (!(smmu->features & ARM_SMMU_FEAT_TRANS_S2)) > + smmu_domain->stage = ARM_SMMU_DOMAIN_S1; > + > + switch (smmu_domain->stage) { > + case ARM_SMMU_DOMAIN_S1: > + ias = (smmu->features & ARM_SMMU_FEAT_VAX) ? 52 : 48; > + ias = min_t(unsigned long, ias, VA_BITS); > + oas = smmu->ias; > + fmt = ARM_64_LPAE_S1; > + finalise_stage_fn = arm_smmu_domain_finalise_s1; > + break; > + case ARM_SMMU_DOMAIN_NESTED: > + case ARM_SMMU_DOMAIN_S2: > + ias = smmu->ias; > + oas = smmu->oas; > + fmt = ARM_64_LPAE_S2; > + finalise_stage_fn = arm_smmu_domain_finalise_s2; > + break; > + default: > + return -EINVAL; > + } > + > + pgtbl_cfg = (struct io_pgtable_cfg) { > + .pgsize_bitmap = smmu->pgsize_bitmap, > + .ias = ias, > + .oas = oas, > + .coherent_walk = smmu->features & ARM_SMMU_FEAT_COHERENCY, > + .tlb = &arm_smmu_flush_ops, > + .iommu_dev = smmu->dev, > + }; > + > + if (smmu_domain->non_strict) > + pgtbl_cfg.quirks |= IO_PGTABLE_QUIRK_NON_STRICT; > + > + pgtbl_ops = alloc_io_pgtable_ops(fmt, &pgtbl_cfg, smmu_domain); > + if (!pgtbl_ops) > + return -ENOMEM; > + > + domain->pgsize_bitmap = pgtbl_cfg.pgsize_bitmap; > + domain->geometry.aperture_end = (1UL << pgtbl_cfg.ias) - 1; > + domain->geometry.force_aperture = true; > + > + ret = finalise_stage_fn(smmu_domain, master, &pgtbl_cfg); > + if (ret < 0) { > + free_io_pgtable_ops(pgtbl_ops); > + return ret; > + } > + > + smmu_domain->pgtbl_ops = pgtbl_ops; > + return 0; > +} > + > +static __le64 *arm_smmu_get_step_for_sid(struct arm_smmu_device *smmu, u32 > sid) > +{ > + __le64 *step; > + struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg; > + > + if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) { > + struct arm_smmu_strtab_l1_desc *l1_desc; > + int idx; > + > + /* Two-level walk */ > + idx = (sid >> STRTAB_SPLIT) * STRTAB_L1_DESC_DWORDS; > + l1_desc = &cfg->l1_desc[idx]; > + idx = (sid & ((1 << STRTAB_SPLIT) - 1)) * STRTAB_STE_DWORDS; > + step = &l1_desc->l2ptr[idx]; > + } else { > + /* Simple linear lookup */ > + step = &cfg->strtab[sid * STRTAB_STE_DWORDS]; > + } > + > + return step; > +} > + > +static void arm_smmu_install_ste_for_dev(struct arm_smmu_master *master) > +{ > + int i, j; > + struct arm_smmu_device *smmu = master->smmu; > + > + for (i = 0; i < master->num_sids; ++i) { > + u32 sid = master->sids[i]; > + __le64 *step = arm_smmu_get_step_for_sid(smmu, sid); > + > + /* Bridged PCI devices may end up with duplicated IDs */ > + for (j = 0; j < i; j++) > + if (master->sids[j] == sid) > + break; > + if (j < i) > + continue; > + > + arm_smmu_write_strtab_ent(master, sid, step); > + } > +} > + > +static bool arm_smmu_ats_supported(struct arm_smmu_master *master) > +{ > + struct device *dev = master->dev; > + struct arm_smmu_device *smmu = master->smmu; > + struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev); > + > + if (!(smmu->features & ARM_SMMU_FEAT_ATS)) > + return false; > + > + if (!(fwspec->flags & IOMMU_FWSPEC_PCI_RC_ATS)) > + return false; > + > + return dev_is_pci(dev) && pci_ats_supported(to_pci_dev(dev)); > +} > + > +static void arm_smmu_enable_ats(struct arm_smmu_master *master) > +{ > + size_t stu; > + struct pci_dev *pdev; > + struct arm_smmu_device *smmu = master->smmu; > + struct arm_smmu_domain *smmu_domain = master->domain; > + > + /* Don't enable ATS at the endpoint if it's not enabled in the STE */ > + if (!master->ats_enabled) > + return; > + > + /* Smallest Translation Unit: log2 of the smallest supported granule */ > + stu = __ffs(smmu->pgsize_bitmap); > + pdev = to_pci_dev(master->dev); > + > + atomic_inc(&smmu_domain->nr_ats_masters); > + arm_smmu_atc_inv_domain(smmu_domain, 0, 0, 0); > + if (pci_enable_ats(pdev, stu)) > + dev_err(master->dev, "Failed to enable ATS (STU %zu)\n", stu); > +} > + > +static void arm_smmu_disable_ats(struct arm_smmu_master *master) > +{ > + struct arm_smmu_domain *smmu_domain = master->domain; > + > + if (!master->ats_enabled) > + return; > + > + pci_disable_ats(to_pci_dev(master->dev)); > + /* > + * Ensure ATS is disabled at the endpoint before we issue the > + * ATC invalidation via the SMMU. > + */ > + wmb(); > + arm_smmu_atc_inv_master(master); > + atomic_dec(&smmu_domain->nr_ats_masters); > +} > + > +static int arm_smmu_enable_pasid(struct arm_smmu_master *master) > +{ > + int ret; > + int features; > + int num_pasids; > + struct pci_dev *pdev; > + > + if (!dev_is_pci(master->dev)) > + return -ENODEV; > + > + pdev = to_pci_dev(master->dev); > + > + features = pci_pasid_features(pdev); > + if (features < 0) > + return features; > + > + num_pasids = pci_max_pasids(pdev); > + if (num_pasids <= 0) > + return num_pasids; > + > + ret = pci_enable_pasid(pdev, features); > + if (ret) { > + dev_err(&pdev->dev, "Failed to enable PASID\n"); > + return ret; > + } > + > + master->ssid_bits = min_t(u8, ilog2(num_pasids), > + master->smmu->ssid_bits); > + return 0; > +} > + > +static void arm_smmu_disable_pasid(struct arm_smmu_master *master) > +{ > + struct pci_dev *pdev; > + > + if (!dev_is_pci(master->dev)) > + return; > + > + pdev = to_pci_dev(master->dev); > + > + if (!pdev->pasid_enabled) > + return; > + > + master->ssid_bits = 0; > + pci_disable_pasid(pdev); > +} > + > +static void arm_smmu_detach_dev(struct arm_smmu_master *master) > +{ > + unsigned long flags; > + struct arm_smmu_domain *smmu_domain = master->domain; > + > + if (!smmu_domain) > + return; > + > + arm_smmu_disable_ats(master); > + > + spin_lock_irqsave(&smmu_domain->devices_lock, flags); > + list_del(&master->domain_head); > + spin_unlock_irqrestore(&smmu_domain->devices_lock, flags); > + > + master->domain = NULL; > + master->ats_enabled = false; > + arm_smmu_install_ste_for_dev(master); > +} > + > +static int arm_smmu_attach_dev(struct iommu_domain *domain, struct device > *dev) > +{ > + int ret = 0; > + unsigned long flags; > + struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev); > + struct arm_smmu_device *smmu; > + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); > + struct arm_smmu_master *master; > + > + if (!fwspec) > + return -ENOENT; > + > + master = dev_iommu_priv_get(dev); > + smmu = master->smmu; > + > + arm_smmu_detach_dev(master); > + > + mutex_lock(&smmu_domain->init_mutex); > + > + if (!smmu_domain->smmu) { > + smmu_domain->smmu = smmu; > + ret = arm_smmu_domain_finalise(domain, master); > + if (ret) { > + smmu_domain->smmu = NULL; > + goto out_unlock; > + } > + } else if (smmu_domain->smmu != smmu) { > + dev_err(dev, > + "cannot attach to SMMU %s (upstream of %s)\n", > + dev_name(smmu_domain->smmu->dev), > + dev_name(smmu->dev)); > + ret = -ENXIO; > + goto out_unlock; > + } else if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1 && > + master->ssid_bits != smmu_domain->s1_cfg.s1cdmax) { > + dev_err(dev, > + "cannot attach to incompatible domain (%u SSID bits != > %u)\n", > + smmu_domain->s1_cfg.s1cdmax, master->ssid_bits); > + ret = -EINVAL; > + goto out_unlock; > + } > + > + master->domain = smmu_domain; > + > + if (smmu_domain->stage != ARM_SMMU_DOMAIN_BYPASS) > + master->ats_enabled = arm_smmu_ats_supported(master); > + > + arm_smmu_install_ste_for_dev(master); > + > + spin_lock_irqsave(&smmu_domain->devices_lock, flags); > + list_add(&master->domain_head, &smmu_domain->devices); > + spin_unlock_irqrestore(&smmu_domain->devices_lock, flags); > + > + arm_smmu_enable_ats(master); > + > +out_unlock: > + mutex_unlock(&smmu_domain->init_mutex); > + return ret; > +} > + > +static int arm_smmu_map(struct iommu_domain *domain, unsigned long iova, > + phys_addr_t paddr, size_t size, int prot, gfp_t gfp) > +{ > + struct io_pgtable_ops *ops = to_smmu_domain(domain)->pgtbl_ops; > + > + if (!ops) > + return -ENODEV; > + > + return ops->map(ops, iova, paddr, size, prot); > +} > + > +static size_t arm_smmu_unmap(struct iommu_domain *domain, unsigned long iova, > + size_t size, struct iommu_iotlb_gather *gather) > +{ > + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); > + struct io_pgtable_ops *ops = smmu_domain->pgtbl_ops; > + > + if (!ops) > + return 0; > + > + return ops->unmap(ops, iova, size, gather); > +} > + > +static void arm_smmu_flush_iotlb_all(struct iommu_domain *domain) > +{ > + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); > + > + if (smmu_domain->smmu) > + arm_smmu_tlb_inv_context(smmu_domain); > +} > + > +static void arm_smmu_iotlb_sync(struct iommu_domain *domain, > + struct iommu_iotlb_gather *gather) > +{ > + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); > + > + arm_smmu_tlb_inv_range(gather->start, gather->end - gather->start, > + gather->pgsize, true, smmu_domain); > +} > + > +static phys_addr_t > +arm_smmu_iova_to_phys(struct iommu_domain *domain, dma_addr_t iova) > +{ > + struct io_pgtable_ops *ops = to_smmu_domain(domain)->pgtbl_ops; > + > + if (domain->type == IOMMU_DOMAIN_IDENTITY) > + return iova; > + > + if (!ops) > + return 0; > + > + return ops->iova_to_phys(ops, iova); > +} > + > +static struct platform_driver arm_smmu_driver; > + > +static > +struct arm_smmu_device *arm_smmu_get_by_fwnode(struct fwnode_handle *fwnode) > +{ > + struct device *dev = > driver_find_device_by_fwnode(&arm_smmu_driver.driver, > + fwnode); > + put_device(dev); > + return dev ? dev_get_drvdata(dev) : NULL; > +} > + > +static bool arm_smmu_sid_in_range(struct arm_smmu_device *smmu, u32 sid) > +{ > + unsigned long limit = smmu->strtab_cfg.num_l1_ents; > + > + if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) > + limit *= 1UL << STRTAB_SPLIT; > + > + return sid < limit; > +} > + > +static struct iommu_ops arm_smmu_ops; > + > +static struct iommu_device *arm_smmu_probe_device(struct device *dev) > +{ > + int i, ret; > + struct arm_smmu_device *smmu; > + struct arm_smmu_master *master; > + struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev); > + > + if (!fwspec || fwspec->ops != &arm_smmu_ops) > + return ERR_PTR(-ENODEV); > + > + if (WARN_ON_ONCE(dev_iommu_priv_get(dev))) > + return ERR_PTR(-EBUSY); > + > + smmu = arm_smmu_get_by_fwnode(fwspec->iommu_fwnode); > + if (!smmu) > + return ERR_PTR(-ENODEV); > + > + master = kzalloc(sizeof(*master), GFP_KERNEL); > + if (!master) > + return ERR_PTR(-ENOMEM); > + > + master->dev = dev; > + master->smmu = smmu; > + master->sids = fwspec->ids; > + master->num_sids = fwspec->num_ids; > + dev_iommu_priv_set(dev, master); > + > + /* Check the SIDs are in range of the SMMU and our stream table */ > + for (i = 0; i < master->num_sids; i++) { > + u32 sid = master->sids[i]; > + > + if (!arm_smmu_sid_in_range(smmu, sid)) { > + ret = -ERANGE; > + goto err_free_master; > + } > + > + /* Ensure l2 strtab is initialised */ > + if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) { > + ret = arm_smmu_init_l2_strtab(smmu, sid); > + if (ret) > + goto err_free_master; > + } > + } > + > + master->ssid_bits = min(smmu->ssid_bits, fwspec->num_pasid_bits); > + > + /* > + * Note that PASID must be enabled before, and disabled after ATS: > + * PCI Express Base 4.0r1.0 - 10.5.1.3 ATS Control Register > + * > + * Behavior is undefined if this bit is Set and the value of the PASID > + * Enable, Execute Requested Enable, or Privileged Mode Requested bits > + * are changed. > + */ > + arm_smmu_enable_pasid(master); > + > + if (!(smmu->features & ARM_SMMU_FEAT_2_LVL_CDTAB)) > + master->ssid_bits = min_t(u8, master->ssid_bits, > + CTXDESC_LINEAR_CDMAX); > + > + return &smmu->iommu; > + > +err_free_master: > + kfree(master); > + dev_iommu_priv_set(dev, NULL); > + return ERR_PTR(ret); > +} > + > +static void arm_smmu_release_device(struct device *dev) > +{ > + struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev); > + struct arm_smmu_master *master; > + > + if (!fwspec || fwspec->ops != &arm_smmu_ops) > + return; > + > + master = dev_iommu_priv_get(dev); > + arm_smmu_detach_dev(master); > + arm_smmu_disable_pasid(master); > + kfree(master); > + iommu_fwspec_free(dev); > +} > + > +static struct iommu_group *arm_smmu_device_group(struct device *dev) > +{ > + struct iommu_group *group; > + > + /* > + * We don't support devices sharing stream IDs other than PCI RID > + * aliases, since the necessary ID-to-device lookup becomes rather > + * impractical given a potential sparse 32-bit stream ID space. > + */ > + if (dev_is_pci(dev)) > + group = pci_device_group(dev); > + else > + group = generic_device_group(dev); > + > + return group; > +} > + > +static int arm_smmu_domain_get_attr(struct iommu_domain *domain, > + enum iommu_attr attr, void *data) > +{ > + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); > + > + switch (domain->type) { > + case IOMMU_DOMAIN_UNMANAGED: > + switch (attr) { > + case DOMAIN_ATTR_NESTING: > + *(int *)data = (smmu_domain->stage == > ARM_SMMU_DOMAIN_NESTED); > + return 0; > + default: > + return -ENODEV; > + } > + break; > + case IOMMU_DOMAIN_DMA: > + switch (attr) { > + case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE: > + *(int *)data = smmu_domain->non_strict; > + return 0; > + default: > + return -ENODEV; > + } > + break; > + default: > + return -EINVAL; > + } > +} > + > +static int arm_smmu_domain_set_attr(struct iommu_domain *domain, > + enum iommu_attr attr, void *data) > +{ > + int ret = 0; > + struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain); > + > + mutex_lock(&smmu_domain->init_mutex); > + > + switch (domain->type) { > + case IOMMU_DOMAIN_UNMANAGED: > + switch (attr) { > + case DOMAIN_ATTR_NESTING: > + if (smmu_domain->smmu) { > + ret = -EPERM; > + goto out_unlock; > + } > + > + if (*(int *)data) > + smmu_domain->stage = ARM_SMMU_DOMAIN_NESTED; > + else > + smmu_domain->stage = ARM_SMMU_DOMAIN_S1; > + break; > + default: > + ret = -ENODEV; > + } > + break; > + case IOMMU_DOMAIN_DMA: > + switch(attr) { > + case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE: > + smmu_domain->non_strict = *(int *)data; > + break; > + default: > + ret = -ENODEV; > + } > + break; > + default: > + ret = -EINVAL; > + } > + > +out_unlock: > + mutex_unlock(&smmu_domain->init_mutex); > + return ret; > +} > + > +static int arm_smmu_of_xlate(struct device *dev, struct of_phandle_args > *args) > +{ > + return iommu_fwspec_add_ids(dev, args->args, 1); > +} > + > +static void arm_smmu_get_resv_regions(struct device *dev, > + struct list_head *head) > +{ > + struct iommu_resv_region *region; > + int prot = IOMMU_WRITE | IOMMU_NOEXEC | IOMMU_MMIO; > + > + region = iommu_alloc_resv_region(MSI_IOVA_BASE, MSI_IOVA_LENGTH, > + prot, IOMMU_RESV_SW_MSI); > + if (!region) > + return; > + > + list_add_tail(®ion->list, head); > + > + iommu_dma_get_resv_regions(dev, head); > +} > + > +static struct iommu_ops arm_smmu_ops = { > + .capable = arm_smmu_capable, > + .domain_alloc = arm_smmu_domain_alloc, > + .domain_free = arm_smmu_domain_free, > + .attach_dev = arm_smmu_attach_dev, > + .map = arm_smmu_map, > + .unmap = arm_smmu_unmap, > + .flush_iotlb_all = arm_smmu_flush_iotlb_all, > + .iotlb_sync = arm_smmu_iotlb_sync, > + .iova_to_phys = arm_smmu_iova_to_phys, > + .probe_device = arm_smmu_probe_device, > + .release_device = arm_smmu_release_device, > + .device_group = arm_smmu_device_group, > + .domain_get_attr = arm_smmu_domain_get_attr, > + .domain_set_attr = arm_smmu_domain_set_attr, > + .of_xlate = arm_smmu_of_xlate, > + .get_resv_regions = arm_smmu_get_resv_regions, > + .put_resv_regions = generic_iommu_put_resv_regions, > + .pgsize_bitmap = -1UL, /* Restricted during device attach */ > +}; > + > +/* Probing and initialisation functions */ > +static int arm_smmu_init_one_queue(struct arm_smmu_device *smmu, > + struct arm_smmu_queue *q, > + unsigned long prod_off, > + unsigned long cons_off, > + size_t dwords, const char *name) > +{ > + size_t qsz; > + > + do { > + qsz = ((1 << q->llq.max_n_shift) * dwords) << 3; > + q->base = dmam_alloc_coherent(smmu->dev, qsz, &q->base_dma, > + GFP_KERNEL); > + if (q->base || qsz < PAGE_SIZE) > + break; > + > + q->llq.max_n_shift--; > + } while (1); > + > + if (!q->base) { > + dev_err(smmu->dev, > + "failed to allocate queue (0x%zx bytes) for %s\n", > + qsz, name); > + return -ENOMEM; > + } > + > + if (!WARN_ON(q->base_dma & (qsz - 1))) { > + dev_info(smmu->dev, "allocated %u entries for %s\n", > + 1 << q->llq.max_n_shift, name); > + } > + > + q->prod_reg = arm_smmu_page1_fixup(prod_off, smmu); > + q->cons_reg = arm_smmu_page1_fixup(cons_off, smmu); > + q->ent_dwords = dwords; > + > + q->q_base = Q_BASE_RWA; > + q->q_base |= q->base_dma & Q_BASE_ADDR_MASK; > + q->q_base |= FIELD_PREP(Q_BASE_LOG2SIZE, q->llq.max_n_shift); > + > + q->llq.prod = q->llq.cons = 0; > + return 0; > +} > + > +static void arm_smmu_cmdq_free_bitmap(void *data) > +{ > + unsigned long *bitmap = data; > + bitmap_free(bitmap); > +} > + > +static int arm_smmu_cmdq_init(struct arm_smmu_device *smmu) > +{ > + int ret = 0; > + struct arm_smmu_cmdq *cmdq = &smmu->cmdq; > + unsigned int nents = 1 << cmdq->q.llq.max_n_shift; > + atomic_long_t *bitmap; > + > + atomic_set(&cmdq->owner_prod, 0); > + atomic_set(&cmdq->lock, 0); > + > + bitmap = (atomic_long_t *)bitmap_zalloc(nents, GFP_KERNEL); > + if (!bitmap) { > + dev_err(smmu->dev, "failed to allocate cmdq bitmap\n"); > + ret = -ENOMEM; > + } else { > + cmdq->valid_map = bitmap; > + devm_add_action(smmu->dev, arm_smmu_cmdq_free_bitmap, bitmap); > + } > + > + return ret; > +} > + > +static int arm_smmu_init_queues(struct arm_smmu_device *smmu) > +{ > + int ret; > + > + /* cmdq */ > + ret = arm_smmu_init_one_queue(smmu, &smmu->cmdq.q, ARM_SMMU_CMDQ_PROD, > + ARM_SMMU_CMDQ_CONS, CMDQ_ENT_DWORDS, > + "cmdq"); > + if (ret) > + return ret; > + > + ret = arm_smmu_cmdq_init(smmu); > + if (ret) > + return ret; > + > + /* evtq */ > + ret = arm_smmu_init_one_queue(smmu, &smmu->evtq.q, ARM_SMMU_EVTQ_PROD, > + ARM_SMMU_EVTQ_CONS, EVTQ_ENT_DWORDS, > + "evtq"); > + if (ret) > + return ret; > + > + /* priq */ > + if (!(smmu->features & ARM_SMMU_FEAT_PRI)) > + return 0; > + > + return arm_smmu_init_one_queue(smmu, &smmu->priq.q, ARM_SMMU_PRIQ_PROD, > + ARM_SMMU_PRIQ_CONS, PRIQ_ENT_DWORDS, > + "priq"); > +} > + > +static int arm_smmu_init_l1_strtab(struct arm_smmu_device *smmu) > +{ > + unsigned int i; > + struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg; > + size_t size = sizeof(*cfg->l1_desc) * cfg->num_l1_ents; > + void *strtab = smmu->strtab_cfg.strtab; > + > + cfg->l1_desc = devm_kzalloc(smmu->dev, size, GFP_KERNEL); > + if (!cfg->l1_desc) { > + dev_err(smmu->dev, "failed to allocate l1 stream table desc\n"); > + return -ENOMEM; > + } > + > + for (i = 0; i < cfg->num_l1_ents; ++i) { > + arm_smmu_write_strtab_l1_desc(strtab, &cfg->l1_desc[i]); > + strtab += STRTAB_L1_DESC_DWORDS << 3; > + } > + > + return 0; > +} > + > +static int arm_smmu_init_strtab_2lvl(struct arm_smmu_device *smmu) > +{ > + void *strtab; > + u64 reg; > + u32 size, l1size; > + struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg; > + > + /* Calculate the L1 size, capped to the SIDSIZE. */ > + size = STRTAB_L1_SZ_SHIFT - (ilog2(STRTAB_L1_DESC_DWORDS) + 3); > + size = min(size, smmu->sid_bits - STRTAB_SPLIT); > + cfg->num_l1_ents = 1 << size; > + > + size += STRTAB_SPLIT; > + if (size < smmu->sid_bits) > + dev_warn(smmu->dev, > + "2-level strtab only covers %u/%u bits of SID\n", > + size, smmu->sid_bits); > + > + l1size = cfg->num_l1_ents * (STRTAB_L1_DESC_DWORDS << 3); > + strtab = dmam_alloc_coherent(smmu->dev, l1size, &cfg->strtab_dma, > + GFP_KERNEL); > + if (!strtab) { > + dev_err(smmu->dev, > + "failed to allocate l1 stream table (%u bytes)\n", > + size); > + return -ENOMEM; > + } > + cfg->strtab = strtab; > + > + /* Configure strtab_base_cfg for 2 levels */ > + reg = FIELD_PREP(STRTAB_BASE_CFG_FMT, STRTAB_BASE_CFG_FMT_2LVL); > + reg |= FIELD_PREP(STRTAB_BASE_CFG_LOG2SIZE, size); > + reg |= FIELD_PREP(STRTAB_BASE_CFG_SPLIT, STRTAB_SPLIT); > + cfg->strtab_base_cfg = reg; > + > + return arm_smmu_init_l1_strtab(smmu); > +} > + > +static int arm_smmu_init_strtab_linear(struct arm_smmu_device *smmu) > +{ > + void *strtab; > + u64 reg; > + u32 size; > + struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg; > + > + size = (1 << smmu->sid_bits) * (STRTAB_STE_DWORDS << 3); > + strtab = dmam_alloc_coherent(smmu->dev, size, &cfg->strtab_dma, > + GFP_KERNEL); > + if (!strtab) { > + dev_err(smmu->dev, > + "failed to allocate linear stream table (%u bytes)\n", > + size); > + return -ENOMEM; > + } > + cfg->strtab = strtab; > + cfg->num_l1_ents = 1 << smmu->sid_bits; > + > + /* Configure strtab_base_cfg for a linear table covering all SIDs */ > + reg = FIELD_PREP(STRTAB_BASE_CFG_FMT, STRTAB_BASE_CFG_FMT_LINEAR); > + reg |= FIELD_PREP(STRTAB_BASE_CFG_LOG2SIZE, smmu->sid_bits); > + cfg->strtab_base_cfg = reg; > + > + arm_smmu_init_bypass_stes(strtab, cfg->num_l1_ents); > + return 0; > +} > + > +static int arm_smmu_init_strtab(struct arm_smmu_device *smmu) > +{ > + u64 reg; > + int ret; > + > + if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) > + ret = arm_smmu_init_strtab_2lvl(smmu); > + else > + ret = arm_smmu_init_strtab_linear(smmu); > + > + if (ret) > + return ret; > + > + /* Set the strtab base address */ > + reg = smmu->strtab_cfg.strtab_dma & STRTAB_BASE_ADDR_MASK; > + reg |= STRTAB_BASE_RA; > + smmu->strtab_cfg.strtab_base = reg; > + > + /* Allocate the first VMID for stage-2 bypass STEs */ > + set_bit(0, smmu->vmid_map); > + return 0; > +} > + > +static int arm_smmu_init_structures(struct arm_smmu_device *smmu) > +{ > + int ret; > + > + ret = arm_smmu_init_queues(smmu); > + if (ret) > + return ret; > + > + return arm_smmu_init_strtab(smmu); > +} > + > +static int arm_smmu_write_reg_sync(struct arm_smmu_device *smmu, u32 val, > + unsigned int reg_off, unsigned int ack_off) > +{ > + u32 reg; > + > + writel_relaxed(val, smmu->base + reg_off); > + return readl_relaxed_poll_timeout(smmu->base + ack_off, reg, reg == val, > + 1, ARM_SMMU_POLL_TIMEOUT_US); > +} > + > +/* GBPA is "special" */ > +static int arm_smmu_update_gbpa(struct arm_smmu_device *smmu, u32 set, u32 > clr) > +{ > + int ret; > + u32 reg, __iomem *gbpa = smmu->base + ARM_SMMU_GBPA; > + > + ret = readl_relaxed_poll_timeout(gbpa, reg, !(reg & GBPA_UPDATE), > + 1, ARM_SMMU_POLL_TIMEOUT_US); > + if (ret) > + return ret; > + > + reg &= ~clr; > + reg |= set; > + writel_relaxed(reg | GBPA_UPDATE, gbpa); > + ret = readl_relaxed_poll_timeout(gbpa, reg, !(reg & GBPA_UPDATE), > + 1, ARM_SMMU_POLL_TIMEOUT_US); > + > + if (ret) > + dev_err(smmu->dev, "GBPA not responding to update\n"); > + return ret; > +} > + > +static void arm_smmu_free_msis(void *data) > +{ > + struct device *dev = data; > + platform_msi_domain_free_irqs(dev); > +} > + > +static void arm_smmu_write_msi_msg(struct msi_desc *desc, struct msi_msg > *msg) > +{ > + phys_addr_t doorbell; > + struct device *dev = msi_desc_to_dev(desc); > + struct arm_smmu_device *smmu = dev_get_drvdata(dev); > + phys_addr_t *cfg = arm_smmu_msi_cfg[desc->platform.msi_index]; > + > + doorbell = (((u64)msg->address_hi) << 32) | msg->address_lo; > + doorbell &= MSI_CFG0_ADDR_MASK; > + > + writeq_relaxed(doorbell, smmu->base + cfg[0]); > + writel_relaxed(msg->data, smmu->base + cfg[1]); > + writel_relaxed(ARM_SMMU_MEMATTR_DEVICE_nGnRE, smmu->base + cfg[2]); > +} > + > +static void arm_smmu_setup_msis(struct arm_smmu_device *smmu) > +{ > + struct msi_desc *desc; > + int ret, nvec = ARM_SMMU_MAX_MSIS; > + struct device *dev = smmu->dev; > + > + /* Clear the MSI address regs */ > + writeq_relaxed(0, smmu->base + ARM_SMMU_GERROR_IRQ_CFG0); > + writeq_relaxed(0, smmu->base + ARM_SMMU_EVTQ_IRQ_CFG0); > + > + if (smmu->features & ARM_SMMU_FEAT_PRI) > + writeq_relaxed(0, smmu->base + ARM_SMMU_PRIQ_IRQ_CFG0); > + else > + nvec--; > + > + if (!(smmu->features & ARM_SMMU_FEAT_MSI)) > + return; > + > + if (!dev->msi_domain) { > + dev_info(smmu->dev, "msi_domain absent - falling back to wired > irqs\n"); > + return; > + } > + > + /* Allocate MSIs for evtq, gerror and priq. Ignore cmdq */ > + ret = platform_msi_domain_alloc_irqs(dev, nvec, arm_smmu_write_msi_msg); > + if (ret) { > + dev_warn(dev, "failed to allocate MSIs - falling back to wired > irqs\n"); > + return; > + } > + > + for_each_msi_entry(desc, dev) { > + switch (desc->platform.msi_index) { > + case EVTQ_MSI_INDEX: > + smmu->evtq.q.irq = desc->irq; > + break; > + case GERROR_MSI_INDEX: > + smmu->gerr_irq = desc->irq; > + break; > + case PRIQ_MSI_INDEX: > + smmu->priq.q.irq = desc->irq; > + break; > + default: /* Unknown */ > + continue; > + } > + } > + > + /* Add callback to free MSIs on teardown */ > + devm_add_action(dev, arm_smmu_free_msis, dev); > +} > + > +static void arm_smmu_setup_unique_irqs(struct arm_smmu_device *smmu) > +{ > + int irq, ret; > + > + arm_smmu_setup_msis(smmu); > + > + /* Request interrupt lines */ > + irq = smmu->evtq.q.irq; > + if (irq) { > + ret = devm_request_threaded_irq(smmu->dev, irq, NULL, > + arm_smmu_evtq_thread, > + IRQF_ONESHOT, > + "arm-smmu-v3-evtq", smmu); > + if (ret < 0) > + dev_warn(smmu->dev, "failed to enable evtq irq\n"); > + } else { > + dev_warn(smmu->dev, "no evtq irq - events will not be > reported!\n"); > + } > + > + irq = smmu->gerr_irq; > + if (irq) { > + ret = devm_request_irq(smmu->dev, irq, arm_smmu_gerror_handler, > + 0, "arm-smmu-v3-gerror", smmu); > + if (ret < 0) > + dev_warn(smmu->dev, "failed to enable gerror irq\n"); > + } else { > + dev_warn(smmu->dev, "no gerr irq - errors will not be > reported!\n"); > + } > + > + if (smmu->features & ARM_SMMU_FEAT_PRI) { > + irq = smmu->priq.q.irq; > + if (irq) { > + ret = devm_request_threaded_irq(smmu->dev, irq, NULL, > + arm_smmu_priq_thread, > + IRQF_ONESHOT, > + "arm-smmu-v3-priq", > + smmu); > + if (ret < 0) > + dev_warn(smmu->dev, > + "failed to enable priq irq\n"); > + } else { > + dev_warn(smmu->dev, "no priq irq - PRI will be > broken\n"); > + } > + } > +} > + > +static int arm_smmu_setup_irqs(struct arm_smmu_device *smmu) > +{ > + int ret, irq; > + u32 irqen_flags = IRQ_CTRL_EVTQ_IRQEN | IRQ_CTRL_GERROR_IRQEN; > + > + /* Disable IRQs first */ > + ret = arm_smmu_write_reg_sync(smmu, 0, ARM_SMMU_IRQ_CTRL, > + ARM_SMMU_IRQ_CTRLACK); > + if (ret) { > + dev_err(smmu->dev, "failed to disable irqs\n"); > + return ret; > + } > + > + irq = smmu->combined_irq; > + if (irq) { > + /* > + * Cavium ThunderX2 implementation doesn't support unique irq > + * lines. Use a single irq line for all the SMMUv3 interrupts. > + */ > + ret = devm_request_threaded_irq(smmu->dev, irq, > + arm_smmu_combined_irq_handler, > + arm_smmu_combined_irq_thread, > + IRQF_ONESHOT, > + "arm-smmu-v3-combined-irq", smmu); > + if (ret < 0) > + dev_warn(smmu->dev, "failed to enable combined irq\n"); > + } else > + arm_smmu_setup_unique_irqs(smmu); > + > + if (smmu->features & ARM_SMMU_FEAT_PRI) > + irqen_flags |= IRQ_CTRL_PRIQ_IRQEN; > + > + /* Enable interrupt generation on the SMMU */ > + ret = arm_smmu_write_reg_sync(smmu, irqen_flags, > + ARM_SMMU_IRQ_CTRL, ARM_SMMU_IRQ_CTRLACK); > + if (ret) > + dev_warn(smmu->dev, "failed to enable irqs\n"); > + > + return 0; > +} > + > +static int arm_smmu_device_disable(struct arm_smmu_device *smmu) > +{ > + int ret; > + > + ret = arm_smmu_write_reg_sync(smmu, 0, ARM_SMMU_CR0, ARM_SMMU_CR0ACK); > + if (ret) > + dev_err(smmu->dev, "failed to clear cr0\n"); > + > + return ret; > +} > + > +static int arm_smmu_device_reset(struct arm_smmu_device *smmu, bool bypass) > +{ > + int ret; > + u32 reg, enables; > + struct arm_smmu_cmdq_ent cmd; > + > + /* Clear CR0 and sync (disables SMMU and queue processing) */ > + reg = readl_relaxed(smmu->base + ARM_SMMU_CR0); > + if (reg & CR0_SMMUEN) { > + dev_warn(smmu->dev, "SMMU currently enabled! Resetting...\n"); > + WARN_ON(is_kdump_kernel() && !disable_bypass); > + arm_smmu_update_gbpa(smmu, GBPA_ABORT, 0); > + } > + > + ret = arm_smmu_device_disable(smmu); > + if (ret) > + return ret; > + > + /* CR1 (table and queue memory attributes) */ > + reg = FIELD_PREP(CR1_TABLE_SH, ARM_SMMU_SH_ISH) | > + FIELD_PREP(CR1_TABLE_OC, CR1_CACHE_WB) | > + FIELD_PREP(CR1_TABLE_IC, CR1_CACHE_WB) | > + FIELD_PREP(CR1_QUEUE_SH, ARM_SMMU_SH_ISH) | > + FIELD_PREP(CR1_QUEUE_OC, CR1_CACHE_WB) | > + FIELD_PREP(CR1_QUEUE_IC, CR1_CACHE_WB); > + writel_relaxed(reg, smmu->base + ARM_SMMU_CR1); > + > + /* CR2 (random crap) */ > + reg = CR2_PTM | CR2_RECINVSID | CR2_E2H; > + writel_relaxed(reg, smmu->base + ARM_SMMU_CR2); > + > + /* Stream table */ > + writeq_relaxed(smmu->strtab_cfg.strtab_base, > + smmu->base + ARM_SMMU_STRTAB_BASE); > + writel_relaxed(smmu->strtab_cfg.strtab_base_cfg, > + smmu->base + ARM_SMMU_STRTAB_BASE_CFG); > + > + /* Command queue */ > + writeq_relaxed(smmu->cmdq.q.q_base, smmu->base + ARM_SMMU_CMDQ_BASE); > + writel_relaxed(smmu->cmdq.q.llq.prod, smmu->base + ARM_SMMU_CMDQ_PROD); > + writel_relaxed(smmu->cmdq.q.llq.cons, smmu->base + ARM_SMMU_CMDQ_CONS); > + > + enables = CR0_CMDQEN; > + ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0, > + ARM_SMMU_CR0ACK); > + if (ret) { > + dev_err(smmu->dev, "failed to enable command queue\n"); > + return ret; > + } > + > + /* Invalidate any cached configuration */ > + cmd.opcode = CMDQ_OP_CFGI_ALL; > + arm_smmu_cmdq_issue_cmd(smmu, &cmd); > + arm_smmu_cmdq_issue_sync(smmu); > + > + /* Invalidate any stale TLB entries */ > + if (smmu->features & ARM_SMMU_FEAT_HYP) { > + cmd.opcode = CMDQ_OP_TLBI_EL2_ALL; > + arm_smmu_cmdq_issue_cmd(smmu, &cmd); > + } > + > + cmd.opcode = CMDQ_OP_TLBI_NSNH_ALL; > + arm_smmu_cmdq_issue_cmd(smmu, &cmd); > + arm_smmu_cmdq_issue_sync(smmu); > + > + /* Event queue */ > + writeq_relaxed(smmu->evtq.q.q_base, smmu->base + ARM_SMMU_EVTQ_BASE); > + writel_relaxed(smmu->evtq.q.llq.prod, > + arm_smmu_page1_fixup(ARM_SMMU_EVTQ_PROD, smmu)); > + writel_relaxed(smmu->evtq.q.llq.cons, > + arm_smmu_page1_fixup(ARM_SMMU_EVTQ_CONS, smmu)); > + > + enables |= CR0_EVTQEN; > + ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0, > + ARM_SMMU_CR0ACK); > + if (ret) { > + dev_err(smmu->dev, "failed to enable event queue\n"); > + return ret; > + } > + > + /* PRI queue */ > + if (smmu->features & ARM_SMMU_FEAT_PRI) { > + writeq_relaxed(smmu->priq.q.q_base, > + smmu->base + ARM_SMMU_PRIQ_BASE); > + writel_relaxed(smmu->priq.q.llq.prod, > + arm_smmu_page1_fixup(ARM_SMMU_PRIQ_PROD, smmu)); > + writel_relaxed(smmu->priq.q.llq.cons, > + arm_smmu_page1_fixup(ARM_SMMU_PRIQ_CONS, smmu)); > + > + enables |= CR0_PRIQEN; > + ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0, > + ARM_SMMU_CR0ACK); > + if (ret) { > + dev_err(smmu->dev, "failed to enable PRI queue\n"); > + return ret; > + } > + } > + > + if (smmu->features & ARM_SMMU_FEAT_ATS) { > + enables |= CR0_ATSCHK; > + ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0, > + ARM_SMMU_CR0ACK); > + if (ret) { > + dev_err(smmu->dev, "failed to enable ATS check\n"); > + return ret; > + } > + } > + > + ret = arm_smmu_setup_irqs(smmu); > + if (ret) { > + dev_err(smmu->dev, "failed to setup irqs\n"); > + return ret; > + } > + > + if (is_kdump_kernel()) > + enables &= ~(CR0_EVTQEN | CR0_PRIQEN); > + > + /* Enable the SMMU interface, or ensure bypass */ > + if (!bypass || disable_bypass) { > + enables |= CR0_SMMUEN; > + } else { > + ret = arm_smmu_update_gbpa(smmu, 0, GBPA_ABORT); > + if (ret) > + return ret; > + } > + ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0, > + ARM_SMMU_CR0ACK); > + if (ret) { > + dev_err(smmu->dev, "failed to enable SMMU interface\n"); > + return ret; > + } > + > + return 0; > +} > + > +static int arm_smmu_device_hw_probe(struct arm_smmu_device *smmu) > +{ > + u32 reg; > + bool coherent = smmu->features & ARM_SMMU_FEAT_COHERENCY; > + > + /* IDR0 */ > + reg = readl_relaxed(smmu->base + ARM_SMMU_IDR0); > + > + /* 2-level structures */ > + if (FIELD_GET(IDR0_ST_LVL, reg) == IDR0_ST_LVL_2LVL) > + smmu->features |= ARM_SMMU_FEAT_2_LVL_STRTAB; > + > + if (reg & IDR0_CD2L) > + smmu->features |= ARM_SMMU_FEAT_2_LVL_CDTAB; > + > + /* > + * Translation table endianness. > + * We currently require the same endianness as the CPU, but this > + * could be changed later by adding a new IO_PGTABLE_QUIRK. > + */ > + switch (FIELD_GET(IDR0_TTENDIAN, reg)) { > + case IDR0_TTENDIAN_MIXED: > + smmu->features |= ARM_SMMU_FEAT_TT_LE | ARM_SMMU_FEAT_TT_BE; > + break; > +#ifdef __BIG_ENDIAN > + case IDR0_TTENDIAN_BE: > + smmu->features |= ARM_SMMU_FEAT_TT_BE; > + break; > +#else > + case IDR0_TTENDIAN_LE: > + smmu->features |= ARM_SMMU_FEAT_TT_LE; > + break; > +#endif > + default: > + dev_err(smmu->dev, "unknown/unsupported TT endianness!\n"); > + return -ENXIO; > + } > + > + /* Boolean feature flags */ > + if (IS_ENABLED(CONFIG_PCI_PRI) && reg & IDR0_PRI) > + smmu->features |= ARM_SMMU_FEAT_PRI; > + > + if (IS_ENABLED(CONFIG_PCI_ATS) && reg & IDR0_ATS) > + smmu->features |= ARM_SMMU_FEAT_ATS; > + > + if (reg & IDR0_SEV) > + smmu->features |= ARM_SMMU_FEAT_SEV; > + > + if (reg & IDR0_MSI) > + smmu->features |= ARM_SMMU_FEAT_MSI; > + > + if (reg & IDR0_HYP) > + smmu->features |= ARM_SMMU_FEAT_HYP; > + > + /* > + * The coherency feature as set by FW is used in preference to the ID > + * register, but warn on mismatch. > + */ > + if (!!(reg & IDR0_COHACC) != coherent) > + dev_warn(smmu->dev, "IDR0.COHACC overridden by FW configuration > (%s)\n", > + coherent ? "true" : "false"); > + > + switch (FIELD_GET(IDR0_STALL_MODEL, reg)) { > + case IDR0_STALL_MODEL_FORCE: > + smmu->features |= ARM_SMMU_FEAT_STALL_FORCE; > + /* Fallthrough */ > + case IDR0_STALL_MODEL_STALL: > + smmu->features |= ARM_SMMU_FEAT_STALLS; > + } > + > + if (reg & IDR0_S1P) > + smmu->features |= ARM_SMMU_FEAT_TRANS_S1; > + > + if (reg & IDR0_S2P) > + smmu->features |= ARM_SMMU_FEAT_TRANS_S2; > + > + if (!(reg & (IDR0_S1P | IDR0_S2P))) { > + dev_err(smmu->dev, "no translation support!\n"); > + return -ENXIO; > + } > + > + /* We only support the AArch64 table format at present */ > + switch (FIELD_GET(IDR0_TTF, reg)) { > + case IDR0_TTF_AARCH32_64: > + smmu->ias = 40; > + /* Fallthrough */ > + case IDR0_TTF_AARCH64: > + break; > + default: > + dev_err(smmu->dev, "AArch64 table format not supported!\n"); > + return -ENXIO; > + } > + > + /* ASID/VMID sizes */ > + smmu->asid_bits = reg & IDR0_ASID16 ? 16 : 8; > + smmu->vmid_bits = reg & IDR0_VMID16 ? 16 : 8; > + > + /* IDR1 */ > + reg = readl_relaxed(smmu->base + ARM_SMMU_IDR1); > + if (reg & (IDR1_TABLES_PRESET | IDR1_QUEUES_PRESET | IDR1_REL)) { > + dev_err(smmu->dev, "embedded implementation not supported\n"); > + return -ENXIO; > + } > + > + /* Queue sizes, capped to ensure natural alignment */ > + smmu->cmdq.q.llq.max_n_shift = min_t(u32, CMDQ_MAX_SZ_SHIFT, > + FIELD_GET(IDR1_CMDQS, reg)); > + if (smmu->cmdq.q.llq.max_n_shift <= ilog2(CMDQ_BATCH_ENTRIES)) { > + /* > + * We don't support splitting up batches, so one batch of > + * commands plus an extra sync needs to fit inside the command > + * queue. There's also no way we can handle the weird alignment > + * restrictions on the base pointer for a unit-length queue. > + */ > + dev_err(smmu->dev, "command queue size <= %d entries not > supported\n", > + CMDQ_BATCH_ENTRIES); > + return -ENXIO; > + } > + > + smmu->evtq.q.llq.max_n_shift = min_t(u32, EVTQ_MAX_SZ_SHIFT, > + FIELD_GET(IDR1_EVTQS, reg)); > + smmu->priq.q.llq.max_n_shift = min_t(u32, PRIQ_MAX_SZ_SHIFT, > + FIELD_GET(IDR1_PRIQS, reg)); > + > + /* SID/SSID sizes */ > + smmu->ssid_bits = FIELD_GET(IDR1_SSIDSIZE, reg); > + smmu->sid_bits = FIELD_GET(IDR1_SIDSIZE, reg); > + > + /* > + * If the SMMU supports fewer bits than would fill a single L2 stream > + * table, use a linear table instead. > + */ > + if (smmu->sid_bits <= STRTAB_SPLIT) > + smmu->features &= ~ARM_SMMU_FEAT_2_LVL_STRTAB; > + > + /* IDR3 */ > + reg = readl_relaxed(smmu->base + ARM_SMMU_IDR3); > + if (FIELD_GET(IDR3_RIL, reg)) > + smmu->features |= ARM_SMMU_FEAT_RANGE_INV; > + > + /* IDR5 */ > + reg = readl_relaxed(smmu->base + ARM_SMMU_IDR5); > + > + /* Maximum number of outstanding stalls */ > + smmu->evtq.max_stalls = FIELD_GET(IDR5_STALL_MAX, reg); > + > + /* Page sizes */ > + if (reg & IDR5_GRAN64K) > + smmu->pgsize_bitmap |= SZ_64K | SZ_512M; > + if (reg & IDR5_GRAN16K) > + smmu->pgsize_bitmap |= SZ_16K | SZ_32M; > + if (reg & IDR5_GRAN4K) > + smmu->pgsize_bitmap |= SZ_4K | SZ_2M | SZ_1G; > + > + /* Input address size */ > + if (FIELD_GET(IDR5_VAX, reg) == IDR5_VAX_52_BIT) > + smmu->features |= ARM_SMMU_FEAT_VAX; > + > + /* Output address size */ > + switch (FIELD_GET(IDR5_OAS, reg)) { > + case IDR5_OAS_32_BIT: > + smmu->oas = 32; > + break; > + case IDR5_OAS_36_BIT: > + smmu->oas = 36; > + break; > + case IDR5_OAS_40_BIT: > + smmu->oas = 40; > + break; > + case IDR5_OAS_42_BIT: > + smmu->oas = 42; > + break; > + case IDR5_OAS_44_BIT: > + smmu->oas = 44; > + break; > + case IDR5_OAS_52_BIT: > + smmu->oas = 52; > + smmu->pgsize_bitmap |= 1ULL << 42; /* 4TB */ > + break; > + default: > + dev_info(smmu->dev, > + "unknown output address size. Truncating to 48-bit\n"); > + /* Fallthrough */ > + case IDR5_OAS_48_BIT: > + smmu->oas = 48; > + } > + > + if (arm_smmu_ops.pgsize_bitmap == -1UL) > + arm_smmu_ops.pgsize_bitmap = smmu->pgsize_bitmap; > + else > + arm_smmu_ops.pgsize_bitmap |= smmu->pgsize_bitmap; > + > + /* Set the DMA mask for our table walker */ > + if (dma_set_mask_and_coherent(smmu->dev, DMA_BIT_MASK(smmu->oas))) > + dev_warn(smmu->dev, > + "failed to set DMA mask for table walker\n"); > + > + smmu->ias = max(smmu->ias, smmu->oas); > + > + dev_info(smmu->dev, "ias %lu-bit, oas %lu-bit (features 0x%08x)\n", > + smmu->ias, smmu->oas, smmu->features); > + return 0; > +} > + > +#ifdef CONFIG_ACPI > +static void acpi_smmu_get_options(u32 model, struct arm_smmu_device *smmu) > +{ > + switch (model) { > + case ACPI_IORT_SMMU_V3_CAVIUM_CN99XX: > + smmu->options |= ARM_SMMU_OPT_PAGE0_REGS_ONLY; > + break; > + case ACPI_IORT_SMMU_V3_HISILICON_HI161X: > + smmu->options |= ARM_SMMU_OPT_SKIP_PREFETCH; > + break; > + } > + > + dev_notice(smmu->dev, "option mask 0x%x\n", smmu->options); > +} > + > +static int arm_smmu_device_acpi_probe(struct platform_device *pdev, > + struct arm_smmu_device *smmu) > +{ > + struct acpi_iort_smmu_v3 *iort_smmu; > + struct device *dev = smmu->dev; > + struct acpi_iort_node *node; > + > + node = *(struct acpi_iort_node **)dev_get_platdata(dev); > + > + /* Retrieve SMMUv3 specific data */ > + iort_smmu = (struct acpi_iort_smmu_v3 *)node->node_data; > + > + acpi_smmu_get_options(iort_smmu->model, smmu); > + > + if (iort_smmu->flags & ACPI_IORT_SMMU_V3_COHACC_OVERRIDE) > + smmu->features |= ARM_SMMU_FEAT_COHERENCY; > + > + return 0; > +} > +#else > +static inline int arm_smmu_device_acpi_probe(struct platform_device *pdev, > + struct arm_smmu_device *smmu) > +{ > + return -ENODEV; > +} > +#endif > + > +static int arm_smmu_device_dt_probe(struct platform_device *pdev, > + struct arm_smmu_device *smmu) > +{ > + struct device *dev = &pdev->dev; > + u32 cells; > + int ret = -EINVAL; > + > + if (of_property_read_u32(dev->of_node, "#iommu-cells", &cells)) > + dev_err(dev, "missing #iommu-cells property\n"); > + else if (cells != 1) > + dev_err(dev, "invalid #iommu-cells value (%d)\n", cells); > + else > + ret = 0; > + > + parse_driver_options(smmu); > + > + if (of_dma_is_coherent(dev->of_node)) > + smmu->features |= ARM_SMMU_FEAT_COHERENCY; > + > + return ret; > +} > + > +static unsigned long arm_smmu_resource_size(struct arm_smmu_device *smmu) > +{ > + if (smmu->options & ARM_SMMU_OPT_PAGE0_REGS_ONLY) > + return SZ_64K; > + else > + return SZ_128K; > +} > + > +static int arm_smmu_set_bus_ops(struct iommu_ops *ops) > +{ > + int err; > + > +#ifdef CONFIG_PCI > + if (pci_bus_type.iommu_ops != ops) { > + err = bus_set_iommu(&pci_bus_type, ops); > + if (err) > + return err; > + } > +#endif > +#ifdef CONFIG_ARM_AMBA > + if (amba_bustype.iommu_ops != ops) { > + err = bus_set_iommu(&amba_bustype, ops); > + if (err) > + goto err_reset_pci_ops; > + } > +#endif > + if (platform_bus_type.iommu_ops != ops) { > + err = bus_set_iommu(&platform_bus_type, ops); > + if (err) > + goto err_reset_amba_ops; > + } > + > + return 0; > + > +err_reset_amba_ops: > +#ifdef CONFIG_ARM_AMBA > + bus_set_iommu(&amba_bustype, NULL); > +#endif > +err_reset_pci_ops: __maybe_unused; > +#ifdef CONFIG_PCI > + bus_set_iommu(&pci_bus_type, NULL); > +#endif > + return err; > +} > + > +static void __iomem *arm_smmu_ioremap(struct device *dev, resource_size_t > start, > + resource_size_t size) > +{ > + struct resource res = { > + .flags = IORESOURCE_MEM, > + .start = start, > + .end = start + size - 1, > + }; > + > + return devm_ioremap_resource(dev, &res); > +} > + > +static int arm_smmu_device_probe(struct platform_device *pdev) > +{ > + int irq, ret; > + struct resource *res; > + resource_size_t ioaddr; > + struct arm_smmu_device *smmu; > + struct device *dev = &pdev->dev; > + bool bypass; > + > + smmu = devm_kzalloc(dev, sizeof(*smmu), GFP_KERNEL); > + if (!smmu) { > + dev_err(dev, "failed to allocate arm_smmu_device\n"); > + return -ENOMEM; > + } > + smmu->dev = dev; > + > + if (dev->of_node) { > + ret = arm_smmu_device_dt_probe(pdev, smmu); > + } else { > + ret = arm_smmu_device_acpi_probe(pdev, smmu); > + if (ret == -ENODEV) > + return ret; > + } > + > + /* Set bypass mode according to firmware probing result */ > + bypass = !!ret; > + > + /* Base address */ > + res = platform_get_resource(pdev, IORESOURCE_MEM, 0); > + if (resource_size(res) < arm_smmu_resource_size(smmu)) { > + dev_err(dev, "MMIO region too small (%pr)\n", res); > + return -EINVAL; > + } > + ioaddr = res->start; > + > + /* > + * Don't map the IMPLEMENTATION DEFINED regions, since they may contain > + * the PMCG registers which are reserved by the PMU driver. > + */ > + smmu->base = arm_smmu_ioremap(dev, ioaddr, ARM_SMMU_REG_SZ); > + if (IS_ERR(smmu->base)) > + return PTR_ERR(smmu->base); > + > + if (arm_smmu_resource_size(smmu) > SZ_64K) { > + smmu->page1 = arm_smmu_ioremap(dev, ioaddr + SZ_64K, > + ARM_SMMU_REG_SZ); > + if (IS_ERR(smmu->page1)) > + return PTR_ERR(smmu->page1); > + } else { > + smmu->page1 = smmu->base; > + } > + > + /* Interrupt lines */ > + > + irq = platform_get_irq_byname_optional(pdev, "combined"); > + if (irq > 0) > + smmu->combined_irq = irq; > + else { > + irq = platform_get_irq_byname_optional(pdev, "eventq"); > + if (irq > 0) > + smmu->evtq.q.irq = irq; > + > + irq = platform_get_irq_byname_optional(pdev, "priq"); > + if (irq > 0) > + smmu->priq.q.irq = irq; > + > + irq = platform_get_irq_byname_optional(pdev, "gerror"); > + if (irq > 0) > + smmu->gerr_irq = irq; > + } > + /* Probe the h/w */ > + ret = arm_smmu_device_hw_probe(smmu); > + if (ret) > + return ret; > + > + /* Initialise in-memory data structures */ > + ret = arm_smmu_init_structures(smmu); > + if (ret) > + return ret; > + > + /* Record our private device structure */ > + platform_set_drvdata(pdev, smmu); > + > + /* Reset the device */ > + ret = arm_smmu_device_reset(smmu, bypass); > + if (ret) > + return ret; > + > + /* And we're up. Go go go! */ > + ret = iommu_device_sysfs_add(&smmu->iommu, dev, NULL, > + "smmu3.%pa", &ioaddr); > + if (ret) > + return ret; > + > + iommu_device_set_ops(&smmu->iommu, &arm_smmu_ops); > + iommu_device_set_fwnode(&smmu->iommu, dev->fwnode); > + > + ret = iommu_device_register(&smmu->iommu); > + if (ret) { > + dev_err(dev, "Failed to register iommu\n"); > + return ret; > + } > + > + return arm_smmu_set_bus_ops(&arm_smmu_ops); > +} > + > +static int arm_smmu_device_remove(struct platform_device *pdev) > +{ > + struct arm_smmu_device *smmu = platform_get_drvdata(pdev); > + > + arm_smmu_set_bus_ops(NULL); > + iommu_device_unregister(&smmu->iommu); > + iommu_device_sysfs_remove(&smmu->iommu); > + arm_smmu_device_disable(smmu); > + > + return 0; > +} > + > +static void arm_smmu_device_shutdown(struct platform_device *pdev) > +{ > + arm_smmu_device_remove(pdev); > +} > + > +static const struct of_device_id arm_smmu_of_match[] = { > + { .compatible = "arm,smmu-v3", }, > + { }, > +}; > +MODULE_DEVICE_TABLE(of, arm_smmu_of_match); > + > +static struct platform_driver arm_smmu_driver = { > + .driver = { > + .name = "arm-smmu-v3", > + .of_match_table = arm_smmu_of_match, > + .suppress_bind_attrs = true, > + }, > + .probe = arm_smmu_device_probe, > + .remove = arm_smmu_device_remove, > + .shutdown = arm_smmu_device_shutdown, > +}; > +module_platform_driver(arm_smmu_driver); > + > +MODULE_DESCRIPTION("IOMMU API for ARM architected SMMUv3 implementations"); > +MODULE_AUTHOR("Will Deacon <w...@kernel.org>"); > +MODULE_ALIAS("platform:arm-smmu-v3"); > +MODULE_LICENSE("GPL v2"); > -- > 2.17.1 >