2 * Copyright © 2008,2010 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
25 * Chris Wilson <chris@chris-wilson.co.uk>
30 #include <drm/i915_drm.h>
32 #include "i915_trace.h"
33 #include "intel_drv.h"
34 #include <linux/dma_remapping.h>
35 #include <linux/uaccess.h>
37 #define __EXEC_OBJECT_HAS_PIN (1<<31)
38 #define __EXEC_OBJECT_HAS_FENCE (1<<30)
39 #define __EXEC_OBJECT_NEEDS_MAP (1<<29)
40 #define __EXEC_OBJECT_NEEDS_BIAS (1<<28)
42 #define BATCH_OFFSET_BIAS (256*1024)
45 struct list_head vmas;
48 struct i915_vma *lut[0];
49 struct hlist_head buckets[0];
53 static struct eb_vmas *
54 eb_create(struct drm_i915_gem_execbuffer2 *args)
56 struct eb_vmas *eb = NULL;
58 if (args->flags & I915_EXEC_HANDLE_LUT) {
59 unsigned size = args->buffer_count;
60 size *= sizeof(struct i915_vma *);
61 size += sizeof(struct eb_vmas);
62 eb = kmalloc(size, GFP_TEMPORARY | __GFP_NOWARN | __GFP_NORETRY);
66 unsigned size = args->buffer_count;
67 unsigned count = PAGE_SIZE / sizeof(struct hlist_head) / 2;
68 BUILD_BUG_ON_NOT_POWER_OF_2(PAGE_SIZE / sizeof(struct hlist_head));
69 while (count > 2*size)
71 eb = kzalloc(count*sizeof(struct hlist_head) +
72 sizeof(struct eb_vmas),
79 eb->and = -args->buffer_count;
81 INIT_LIST_HEAD(&eb->vmas);
86 eb_reset(struct eb_vmas *eb)
89 memset(eb->buckets, 0, (eb->and+1)*sizeof(struct hlist_head));
93 eb_lookup_vmas(struct eb_vmas *eb,
94 struct drm_i915_gem_exec_object2 *exec,
95 const struct drm_i915_gem_execbuffer2 *args,
96 struct i915_address_space *vm,
97 struct drm_file *file)
99 struct drm_i915_gem_object *obj;
100 struct list_head objects;
103 INIT_LIST_HEAD(&objects);
104 spin_lock(&file->table_lock);
105 /* Grab a reference to the object and release the lock so we can lookup
106 * or create the VMA without using GFP_ATOMIC */
107 for (i = 0; i < args->buffer_count; i++) {
108 obj = to_intel_bo(idr_find(&file->object_idr, exec[i].handle));
110 spin_unlock(&file->table_lock);
111 DRM_DEBUG("Invalid object handle %d at index %d\n",
117 if (!list_empty(&obj->obj_exec_link)) {
118 spin_unlock(&file->table_lock);
119 DRM_DEBUG("Object %p [handle %d, index %d] appears more than once in object list\n",
120 obj, exec[i].handle, i);
125 drm_gem_object_reference(&obj->base);
126 list_add_tail(&obj->obj_exec_link, &objects);
128 spin_unlock(&file->table_lock);
131 while (!list_empty(&objects)) {
132 struct i915_vma *vma;
134 obj = list_first_entry(&objects,
135 struct drm_i915_gem_object,
139 * NOTE: We can leak any vmas created here when something fails
140 * later on. But that's no issue since vma_unbind can deal with
141 * vmas which are not actually bound. And since only
142 * lookup_or_create exists as an interface to get at the vma
143 * from the (obj, vm) we don't run the risk of creating
144 * duplicated vmas for the same vm.
146 vma = i915_gem_obj_lookup_or_create_vma(obj, vm);
148 DRM_DEBUG("Failed to lookup VMA\n");
153 /* Transfer ownership from the objects list to the vmas list. */
154 list_add_tail(&vma->exec_list, &eb->vmas);
155 list_del_init(&obj->obj_exec_link);
157 vma->exec_entry = &exec[i];
161 uint32_t handle = args->flags & I915_EXEC_HANDLE_LUT ? i : exec[i].handle;
162 vma->exec_handle = handle;
163 hlist_add_head(&vma->exec_node,
164 &eb->buckets[handle & eb->and]);
173 while (!list_empty(&objects)) {
174 obj = list_first_entry(&objects,
175 struct drm_i915_gem_object,
177 list_del_init(&obj->obj_exec_link);
178 drm_gem_object_unreference(&obj->base);
181 * Objects already transfered to the vmas list will be unreferenced by
188 static struct i915_vma *eb_get_vma(struct eb_vmas *eb, unsigned long handle)
191 if (handle >= -eb->and)
193 return eb->lut[handle];
195 struct hlist_head *head;
196 struct hlist_node *node;
198 head = &eb->buckets[handle & eb->and];
199 hlist_for_each(node, head) {
200 struct i915_vma *vma;
202 vma = hlist_entry(node, struct i915_vma, exec_node);
203 if (vma->exec_handle == handle)
211 i915_gem_execbuffer_unreserve_vma(struct i915_vma *vma)
213 struct drm_i915_gem_exec_object2 *entry;
214 struct drm_i915_gem_object *obj = vma->obj;
216 if (!drm_mm_node_allocated(&vma->node))
219 entry = vma->exec_entry;
221 if (entry->flags & __EXEC_OBJECT_HAS_FENCE)
222 i915_gem_object_unpin_fence(obj);
224 if (entry->flags & __EXEC_OBJECT_HAS_PIN)
227 entry->flags &= ~(__EXEC_OBJECT_HAS_FENCE | __EXEC_OBJECT_HAS_PIN);
230 static void eb_destroy(struct eb_vmas *eb)
232 while (!list_empty(&eb->vmas)) {
233 struct i915_vma *vma;
235 vma = list_first_entry(&eb->vmas,
238 list_del_init(&vma->exec_list);
239 i915_gem_execbuffer_unreserve_vma(vma);
240 drm_gem_object_unreference(&vma->obj->base);
245 static inline int use_cpu_reloc(struct drm_i915_gem_object *obj)
247 return (HAS_LLC(obj->base.dev) ||
248 obj->base.write_domain == I915_GEM_DOMAIN_CPU ||
249 obj->cache_level != I915_CACHE_NONE);
253 relocate_entry_cpu(struct drm_i915_gem_object *obj,
254 struct drm_i915_gem_relocation_entry *reloc,
255 uint64_t target_offset)
257 struct drm_device *dev = obj->base.dev;
258 uint32_t page_offset = offset_in_page(reloc->offset);
259 uint64_t delta = reloc->delta + target_offset;
263 ret = i915_gem_object_set_to_cpu_domain(obj, true);
267 vaddr = kmap_atomic(i915_gem_object_get_page(obj,
268 reloc->offset >> PAGE_SHIFT));
269 *(uint32_t *)(vaddr + page_offset) = lower_32_bits(delta);
271 if (INTEL_INFO(dev)->gen >= 8) {
272 page_offset = offset_in_page(page_offset + sizeof(uint32_t));
274 if (page_offset == 0) {
275 kunmap_atomic(vaddr);
276 vaddr = kmap_atomic(i915_gem_object_get_page(obj,
277 (reloc->offset + sizeof(uint32_t)) >> PAGE_SHIFT));
280 *(uint32_t *)(vaddr + page_offset) = upper_32_bits(delta);
283 kunmap_atomic(vaddr);
289 relocate_entry_gtt(struct drm_i915_gem_object *obj,
290 struct drm_i915_gem_relocation_entry *reloc,
291 uint64_t target_offset)
293 struct drm_device *dev = obj->base.dev;
294 struct drm_i915_private *dev_priv = dev->dev_private;
295 uint64_t delta = reloc->delta + target_offset;
297 void __iomem *reloc_page;
300 ret = i915_gem_object_set_to_gtt_domain(obj, true);
304 ret = i915_gem_object_put_fence(obj);
308 /* Map the page containing the relocation we're going to perform. */
309 offset = i915_gem_obj_ggtt_offset(obj);
310 offset += reloc->offset;
311 reloc_page = io_mapping_map_atomic_wc(dev_priv->gtt.mappable,
313 iowrite32(lower_32_bits(delta), reloc_page + offset_in_page(offset));
315 if (INTEL_INFO(dev)->gen >= 8) {
316 offset += sizeof(uint32_t);
318 if (offset_in_page(offset) == 0) {
319 io_mapping_unmap_atomic(reloc_page);
321 io_mapping_map_atomic_wc(dev_priv->gtt.mappable,
325 iowrite32(upper_32_bits(delta),
326 reloc_page + offset_in_page(offset));
329 io_mapping_unmap_atomic(reloc_page);
335 clflush_write32(void *addr, uint32_t value)
337 /* This is not a fast path, so KISS. */
338 drm_clflush_virt_range(addr, sizeof(uint32_t));
339 *(uint32_t *)addr = value;
340 drm_clflush_virt_range(addr, sizeof(uint32_t));
344 relocate_entry_clflush(struct drm_i915_gem_object *obj,
345 struct drm_i915_gem_relocation_entry *reloc,
346 uint64_t target_offset)
348 struct drm_device *dev = obj->base.dev;
349 uint32_t page_offset = offset_in_page(reloc->offset);
350 uint64_t delta = (int)reloc->delta + target_offset;
354 ret = i915_gem_object_set_to_gtt_domain(obj, true);
358 vaddr = kmap_atomic(i915_gem_object_get_page(obj,
359 reloc->offset >> PAGE_SHIFT));
360 clflush_write32(vaddr + page_offset, lower_32_bits(delta));
362 if (INTEL_INFO(dev)->gen >= 8) {
363 page_offset = offset_in_page(page_offset + sizeof(uint32_t));
365 if (page_offset == 0) {
366 kunmap_atomic(vaddr);
367 vaddr = kmap_atomic(i915_gem_object_get_page(obj,
368 (reloc->offset + sizeof(uint32_t)) >> PAGE_SHIFT));
371 clflush_write32(vaddr + page_offset, upper_32_bits(delta));
374 kunmap_atomic(vaddr);
380 i915_gem_execbuffer_relocate_entry(struct drm_i915_gem_object *obj,
382 struct drm_i915_gem_relocation_entry *reloc)
384 struct drm_device *dev = obj->base.dev;
385 struct drm_gem_object *target_obj;
386 struct drm_i915_gem_object *target_i915_obj;
387 struct i915_vma *target_vma;
388 uint64_t target_offset;
391 /* we've already hold a reference to all valid objects */
392 target_vma = eb_get_vma(eb, reloc->target_handle);
393 if (unlikely(target_vma == NULL))
395 target_i915_obj = target_vma->obj;
396 target_obj = &target_vma->obj->base;
398 target_offset = target_vma->node.start;
400 /* Sandybridge PPGTT errata: We need a global gtt mapping for MI and
401 * pipe_control writes because the gpu doesn't properly redirect them
402 * through the ppgtt for non_secure batchbuffers. */
403 if (unlikely(IS_GEN6(dev) &&
404 reloc->write_domain == I915_GEM_DOMAIN_INSTRUCTION)) {
405 ret = i915_vma_bind(target_vma, target_i915_obj->cache_level,
407 if (WARN_ONCE(ret, "Unexpected failure to bind target VMA!"))
411 /* Validate that the target is in a valid r/w GPU domain */
412 if (unlikely(reloc->write_domain & (reloc->write_domain - 1))) {
413 DRM_DEBUG("reloc with multiple write domains: "
414 "obj %p target %d offset %d "
415 "read %08x write %08x",
416 obj, reloc->target_handle,
419 reloc->write_domain);
422 if (unlikely((reloc->write_domain | reloc->read_domains)
423 & ~I915_GEM_GPU_DOMAINS)) {
424 DRM_DEBUG("reloc with read/write non-GPU domains: "
425 "obj %p target %d offset %d "
426 "read %08x write %08x",
427 obj, reloc->target_handle,
430 reloc->write_domain);
434 target_obj->pending_read_domains |= reloc->read_domains;
435 target_obj->pending_write_domain |= reloc->write_domain;
437 /* If the relocation already has the right value in it, no
438 * more work needs to be done.
440 if (target_offset == reloc->presumed_offset)
443 /* Check that the relocation address is valid... */
444 if (unlikely(reloc->offset >
445 obj->base.size - (INTEL_INFO(dev)->gen >= 8 ? 8 : 4))) {
446 DRM_DEBUG("Relocation beyond object bounds: "
447 "obj %p target %d offset %d size %d.\n",
448 obj, reloc->target_handle,
450 (int) obj->base.size);
453 if (unlikely(reloc->offset & 3)) {
454 DRM_DEBUG("Relocation not 4-byte aligned: "
455 "obj %p target %d offset %d.\n",
456 obj, reloc->target_handle,
457 (int) reloc->offset);
461 /* We can't wait for rendering with pagefaults disabled */
462 if (obj->active && pagefault_disabled())
465 if (use_cpu_reloc(obj))
466 ret = relocate_entry_cpu(obj, reloc, target_offset);
467 else if (obj->map_and_fenceable)
468 ret = relocate_entry_gtt(obj, reloc, target_offset);
469 else if (cpu_has_clflush)
470 ret = relocate_entry_clflush(obj, reloc, target_offset);
472 WARN_ONCE(1, "Impossible case in relocation handling\n");
479 /* and update the user's relocation entry */
480 reloc->presumed_offset = target_offset;
486 i915_gem_execbuffer_relocate_vma(struct i915_vma *vma,
489 #define N_RELOC(x) ((x) / sizeof(struct drm_i915_gem_relocation_entry))
490 struct drm_i915_gem_relocation_entry stack_reloc[N_RELOC(512)];
491 struct drm_i915_gem_relocation_entry __user *user_relocs;
492 struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
495 user_relocs = to_user_ptr(entry->relocs_ptr);
497 remain = entry->relocation_count;
499 struct drm_i915_gem_relocation_entry *r = stack_reloc;
501 if (count > ARRAY_SIZE(stack_reloc))
502 count = ARRAY_SIZE(stack_reloc);
505 if (__copy_from_user_inatomic(r, user_relocs, count*sizeof(r[0])))
509 u64 offset = r->presumed_offset;
511 ret = i915_gem_execbuffer_relocate_entry(vma->obj, eb, r);
515 if (r->presumed_offset != offset &&
516 __copy_to_user_inatomic(&user_relocs->presumed_offset,
518 sizeof(r->presumed_offset))) {
532 i915_gem_execbuffer_relocate_vma_slow(struct i915_vma *vma,
534 struct drm_i915_gem_relocation_entry *relocs)
536 const struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
539 for (i = 0; i < entry->relocation_count; i++) {
540 ret = i915_gem_execbuffer_relocate_entry(vma->obj, eb, &relocs[i]);
549 i915_gem_execbuffer_relocate(struct eb_vmas *eb)
551 struct i915_vma *vma;
554 /* This is the fast path and we cannot handle a pagefault whilst
555 * holding the struct mutex lest the user pass in the relocations
556 * contained within a mmaped bo. For in such a case we, the page
557 * fault handler would call i915_gem_fault() and we would try to
558 * acquire the struct mutex again. Obviously this is bad and so
559 * lockdep complains vehemently.
562 list_for_each_entry(vma, &eb->vmas, exec_list) {
563 ret = i915_gem_execbuffer_relocate_vma(vma, eb);
572 static bool only_mappable_for_reloc(unsigned int flags)
574 return (flags & (EXEC_OBJECT_NEEDS_FENCE | __EXEC_OBJECT_NEEDS_MAP)) ==
575 __EXEC_OBJECT_NEEDS_MAP;
579 i915_gem_execbuffer_reserve_vma(struct i915_vma *vma,
580 struct intel_engine_cs *ring,
583 struct drm_i915_gem_object *obj = vma->obj;
584 struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
589 if (entry->flags & EXEC_OBJECT_NEEDS_GTT)
592 if (!drm_mm_node_allocated(&vma->node)) {
593 /* Wa32bitGeneralStateOffset & Wa32bitInstructionBaseOffset,
594 * limit address to the first 4GBs for unflagged objects.
596 if ((entry->flags & EXEC_OBJECT_SUPPORTS_48B_ADDRESS) == 0)
597 flags |= PIN_ZONE_4G;
598 if (entry->flags & __EXEC_OBJECT_NEEDS_MAP)
599 flags |= PIN_GLOBAL | PIN_MAPPABLE;
600 if (entry->flags & __EXEC_OBJECT_NEEDS_BIAS)
601 flags |= BATCH_OFFSET_BIAS | PIN_OFFSET_BIAS;
602 if ((flags & PIN_MAPPABLE) == 0)
606 ret = i915_gem_object_pin(obj, vma->vm, entry->alignment, flags);
607 if ((ret == -ENOSPC || ret == -E2BIG) &&
608 only_mappable_for_reloc(entry->flags))
609 ret = i915_gem_object_pin(obj, vma->vm,
611 flags & ~PIN_MAPPABLE);
615 entry->flags |= __EXEC_OBJECT_HAS_PIN;
617 if (entry->flags & EXEC_OBJECT_NEEDS_FENCE) {
618 ret = i915_gem_object_get_fence(obj);
622 if (i915_gem_object_pin_fence(obj))
623 entry->flags |= __EXEC_OBJECT_HAS_FENCE;
626 if (entry->offset != vma->node.start) {
627 entry->offset = vma->node.start;
631 if (entry->flags & EXEC_OBJECT_WRITE) {
632 obj->base.pending_read_domains = I915_GEM_DOMAIN_RENDER;
633 obj->base.pending_write_domain = I915_GEM_DOMAIN_RENDER;
640 need_reloc_mappable(struct i915_vma *vma)
642 struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
644 if (entry->relocation_count == 0)
647 if (!i915_is_ggtt(vma->vm))
650 /* See also use_cpu_reloc() */
651 if (HAS_LLC(vma->obj->base.dev))
654 if (vma->obj->base.write_domain == I915_GEM_DOMAIN_CPU)
661 eb_vma_misplaced(struct i915_vma *vma)
663 struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
664 struct drm_i915_gem_object *obj = vma->obj;
666 WARN_ON(entry->flags & __EXEC_OBJECT_NEEDS_MAP &&
667 !i915_is_ggtt(vma->vm));
669 if (entry->alignment &&
670 vma->node.start & (entry->alignment - 1))
673 if (entry->flags & __EXEC_OBJECT_NEEDS_BIAS &&
674 vma->node.start < BATCH_OFFSET_BIAS)
677 /* avoid costly ping-pong once a batch bo ended up non-mappable */
678 if (entry->flags & __EXEC_OBJECT_NEEDS_MAP && !obj->map_and_fenceable)
679 return !only_mappable_for_reloc(entry->flags);
681 if ((entry->flags & EXEC_OBJECT_SUPPORTS_48B_ADDRESS) == 0 &&
682 (vma->node.start + vma->node.size - 1) >> 32)
689 i915_gem_execbuffer_reserve(struct intel_engine_cs *ring,
690 struct list_head *vmas,
691 struct intel_context *ctx,
694 struct drm_i915_gem_object *obj;
695 struct i915_vma *vma;
696 struct i915_address_space *vm;
697 struct list_head ordered_vmas;
698 bool has_fenced_gpu_access = INTEL_INFO(ring->dev)->gen < 4;
701 i915_gem_retire_requests_ring(ring);
703 vm = list_first_entry(vmas, struct i915_vma, exec_list)->vm;
705 INIT_LIST_HEAD(&ordered_vmas);
706 while (!list_empty(vmas)) {
707 struct drm_i915_gem_exec_object2 *entry;
708 bool need_fence, need_mappable;
710 vma = list_first_entry(vmas, struct i915_vma, exec_list);
712 entry = vma->exec_entry;
714 if (ctx->flags & CONTEXT_NO_ZEROMAP)
715 entry->flags |= __EXEC_OBJECT_NEEDS_BIAS;
717 if (!has_fenced_gpu_access)
718 entry->flags &= ~EXEC_OBJECT_NEEDS_FENCE;
720 entry->flags & EXEC_OBJECT_NEEDS_FENCE &&
721 obj->tiling_mode != I915_TILING_NONE;
722 need_mappable = need_fence || need_reloc_mappable(vma);
725 entry->flags |= __EXEC_OBJECT_NEEDS_MAP;
726 list_move(&vma->exec_list, &ordered_vmas);
728 list_move_tail(&vma->exec_list, &ordered_vmas);
730 obj->base.pending_read_domains = I915_GEM_GPU_DOMAINS & ~I915_GEM_DOMAIN_COMMAND;
731 obj->base.pending_write_domain = 0;
733 list_splice(&ordered_vmas, vmas);
735 /* Attempt to pin all of the buffers into the GTT.
736 * This is done in 3 phases:
738 * 1a. Unbind all objects that do not match the GTT constraints for
739 * the execbuffer (fenceable, mappable, alignment etc).
740 * 1b. Increment pin count for already bound objects.
741 * 2. Bind new objects.
742 * 3. Decrement pin count.
744 * This avoid unnecessary unbinding of later objects in order to make
745 * room for the earlier objects *unless* we need to defragment.
751 /* Unbind any ill-fitting objects or pin. */
752 list_for_each_entry(vma, vmas, exec_list) {
753 if (!drm_mm_node_allocated(&vma->node))
756 if (eb_vma_misplaced(vma))
757 ret = i915_vma_unbind(vma);
759 ret = i915_gem_execbuffer_reserve_vma(vma, ring, need_relocs);
764 /* Bind fresh objects */
765 list_for_each_entry(vma, vmas, exec_list) {
766 if (drm_mm_node_allocated(&vma->node))
769 ret = i915_gem_execbuffer_reserve_vma(vma, ring, need_relocs);
775 if (ret != -ENOSPC || retry++)
778 /* Decrement pin count for bound objects */
779 list_for_each_entry(vma, vmas, exec_list)
780 i915_gem_execbuffer_unreserve_vma(vma);
782 ret = i915_gem_evict_vm(vm, true);
789 i915_gem_execbuffer_relocate_slow(struct drm_device *dev,
790 struct drm_i915_gem_execbuffer2 *args,
791 struct drm_file *file,
792 struct intel_engine_cs *ring,
794 struct drm_i915_gem_exec_object2 *exec,
795 struct intel_context *ctx)
797 struct drm_i915_gem_relocation_entry *reloc;
798 struct i915_address_space *vm;
799 struct i915_vma *vma;
803 unsigned count = args->buffer_count;
805 vm = list_first_entry(&eb->vmas, struct i915_vma, exec_list)->vm;
807 /* We may process another execbuffer during the unlock... */
808 while (!list_empty(&eb->vmas)) {
809 vma = list_first_entry(&eb->vmas, struct i915_vma, exec_list);
810 list_del_init(&vma->exec_list);
811 i915_gem_execbuffer_unreserve_vma(vma);
812 drm_gem_object_unreference(&vma->obj->base);
815 mutex_unlock(&dev->struct_mutex);
818 for (i = 0; i < count; i++)
819 total += exec[i].relocation_count;
821 reloc_offset = drm_malloc_ab(count, sizeof(*reloc_offset));
822 reloc = drm_malloc_ab(total, sizeof(*reloc));
823 if (reloc == NULL || reloc_offset == NULL) {
824 drm_free_large(reloc);
825 drm_free_large(reloc_offset);
826 mutex_lock(&dev->struct_mutex);
831 for (i = 0; i < count; i++) {
832 struct drm_i915_gem_relocation_entry __user *user_relocs;
833 u64 invalid_offset = (u64)-1;
836 user_relocs = to_user_ptr(exec[i].relocs_ptr);
838 if (copy_from_user(reloc+total, user_relocs,
839 exec[i].relocation_count * sizeof(*reloc))) {
841 mutex_lock(&dev->struct_mutex);
845 /* As we do not update the known relocation offsets after
846 * relocating (due to the complexities in lock handling),
847 * we need to mark them as invalid now so that we force the
848 * relocation processing next time. Just in case the target
849 * object is evicted and then rebound into its old
850 * presumed_offset before the next execbuffer - if that
851 * happened we would make the mistake of assuming that the
852 * relocations were valid.
854 for (j = 0; j < exec[i].relocation_count; j++) {
855 if (__copy_to_user(&user_relocs[j].presumed_offset,
857 sizeof(invalid_offset))) {
859 mutex_lock(&dev->struct_mutex);
864 reloc_offset[i] = total;
865 total += exec[i].relocation_count;
868 ret = i915_mutex_lock_interruptible(dev);
870 mutex_lock(&dev->struct_mutex);
874 /* reacquire the objects */
876 ret = eb_lookup_vmas(eb, exec, args, vm, file);
880 need_relocs = (args->flags & I915_EXEC_NO_RELOC) == 0;
881 ret = i915_gem_execbuffer_reserve(ring, &eb->vmas, ctx, &need_relocs);
885 list_for_each_entry(vma, &eb->vmas, exec_list) {
886 int offset = vma->exec_entry - exec;
887 ret = i915_gem_execbuffer_relocate_vma_slow(vma, eb,
888 reloc + reloc_offset[offset]);
893 /* Leave the user relocations as are, this is the painfully slow path,
894 * and we want to avoid the complication of dropping the lock whilst
895 * having buffers reserved in the aperture and so causing spurious
896 * ENOSPC for random operations.
900 drm_free_large(reloc);
901 drm_free_large(reloc_offset);
906 i915_gem_execbuffer_move_to_gpu(struct drm_i915_gem_request *req,
907 struct list_head *vmas)
909 const unsigned other_rings = ~intel_ring_flag(req->ring);
910 struct i915_vma *vma;
911 uint32_t flush_domains = 0;
912 bool flush_chipset = false;
915 list_for_each_entry(vma, vmas, exec_list) {
916 struct drm_i915_gem_object *obj = vma->obj;
918 if (obj->active & other_rings) {
919 ret = i915_gem_object_sync(obj, req->ring, &req);
924 if (obj->base.write_domain & I915_GEM_DOMAIN_CPU)
925 flush_chipset |= i915_gem_clflush_object(obj, false);
927 flush_domains |= obj->base.write_domain;
931 i915_gem_chipset_flush(req->ring->dev);
933 if (flush_domains & I915_GEM_DOMAIN_GTT)
936 /* Unconditionally invalidate gpu caches and ensure that we do flush
937 * any residual writes from the previous batch.
939 return intel_ring_invalidate_all_caches(req);
943 i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec)
945 if (exec->flags & __I915_EXEC_UNKNOWN_FLAGS)
948 /* Kernel clipping was a DRI1 misfeature */
949 if (exec->num_cliprects || exec->cliprects_ptr)
952 if (exec->DR4 == 0xffffffff) {
953 DRM_DEBUG("UXA submitting garbage DR4, fixing up\n");
956 if (exec->DR1 || exec->DR4)
959 if ((exec->batch_start_offset | exec->batch_len) & 0x7)
966 validate_exec_list(struct drm_device *dev,
967 struct drm_i915_gem_exec_object2 *exec,
970 unsigned relocs_total = 0;
971 unsigned relocs_max = UINT_MAX / sizeof(struct drm_i915_gem_relocation_entry);
972 unsigned invalid_flags;
975 invalid_flags = __EXEC_OBJECT_UNKNOWN_FLAGS;
976 if (USES_FULL_PPGTT(dev))
977 invalid_flags |= EXEC_OBJECT_NEEDS_GTT;
979 for (i = 0; i < count; i++) {
980 char __user *ptr = to_user_ptr(exec[i].relocs_ptr);
981 int length; /* limited by fault_in_pages_readable() */
983 if (exec[i].flags & invalid_flags)
986 if (exec[i].alignment && !is_power_of_2(exec[i].alignment))
989 /* First check for malicious input causing overflow in
990 * the worst case where we need to allocate the entire
991 * relocation tree as a single array.
993 if (exec[i].relocation_count > relocs_max - relocs_total)
995 relocs_total += exec[i].relocation_count;
997 length = exec[i].relocation_count *
998 sizeof(struct drm_i915_gem_relocation_entry);
1000 * We must check that the entire relocation array is safe
1001 * to read, but since we may need to update the presumed
1002 * offsets during execution, check for full write access.
1004 if (!access_ok(VERIFY_WRITE, ptr, length))
1007 if (likely(!i915.prefault_disable)) {
1008 if (fault_in_multipages_readable(ptr, length))
1016 static struct intel_context *
1017 i915_gem_validate_context(struct drm_device *dev, struct drm_file *file,
1018 struct intel_engine_cs *ring, const u32 ctx_id)
1020 struct intel_context *ctx = NULL;
1021 struct i915_ctx_hang_stats *hs;
1023 if (ring->id != RCS && ctx_id != DEFAULT_CONTEXT_HANDLE)
1024 return ERR_PTR(-EINVAL);
1026 ctx = i915_gem_context_get(file->driver_priv, ctx_id);
1030 hs = &ctx->hang_stats;
1032 DRM_DEBUG("Context %u tried to submit while banned\n", ctx_id);
1033 return ERR_PTR(-EIO);
1036 if (i915.enable_execlists && !ctx->engine[ring->id].state) {
1037 int ret = intel_lr_context_deferred_alloc(ctx, ring);
1039 DRM_DEBUG("Could not create LRC %u: %d\n", ctx_id, ret);
1040 return ERR_PTR(ret);
1048 i915_gem_execbuffer_move_to_active(struct list_head *vmas,
1049 struct drm_i915_gem_request *req)
1051 struct intel_engine_cs *ring = i915_gem_request_get_ring(req);
1052 struct i915_vma *vma;
1054 list_for_each_entry(vma, vmas, exec_list) {
1055 struct drm_i915_gem_exec_object2 *entry = vma->exec_entry;
1056 struct drm_i915_gem_object *obj = vma->obj;
1057 u32 old_read = obj->base.read_domains;
1058 u32 old_write = obj->base.write_domain;
1060 obj->dirty = 1; /* be paranoid */
1061 obj->base.write_domain = obj->base.pending_write_domain;
1062 if (obj->base.write_domain == 0)
1063 obj->base.pending_read_domains |= obj->base.read_domains;
1064 obj->base.read_domains = obj->base.pending_read_domains;
1066 i915_vma_move_to_active(vma, req);
1067 if (obj->base.write_domain) {
1068 i915_gem_request_assign(&obj->last_write_req, req);
1070 intel_fb_obj_invalidate(obj, ORIGIN_CS);
1072 /* update for the implicit flush after a batch */
1073 obj->base.write_domain &= ~I915_GEM_GPU_DOMAINS;
1075 if (entry->flags & EXEC_OBJECT_NEEDS_FENCE) {
1076 i915_gem_request_assign(&obj->last_fenced_req, req);
1077 if (entry->flags & __EXEC_OBJECT_HAS_FENCE) {
1078 struct drm_i915_private *dev_priv = to_i915(ring->dev);
1079 list_move_tail(&dev_priv->fence_regs[obj->fence_reg].lru_list,
1080 &dev_priv->mm.fence_list);
1084 trace_i915_gem_object_change_domain(obj, old_read, old_write);
1089 i915_gem_execbuffer_retire_commands(struct i915_execbuffer_params *params)
1091 /* Unconditionally force add_request to emit a full flush. */
1092 params->ring->gpu_caches_dirty = true;
1094 /* Add a breadcrumb for the completion of the batch buffer */
1095 __i915_add_request(params->request, params->batch_obj, true);
1099 i915_reset_gen7_sol_offsets(struct drm_device *dev,
1100 struct drm_i915_gem_request *req)
1102 struct intel_engine_cs *ring = req->ring;
1103 struct drm_i915_private *dev_priv = dev->dev_private;
1106 if (!IS_GEN7(dev) || ring != &dev_priv->ring[RCS]) {
1107 DRM_DEBUG("sol reset is gen7/rcs only\n");
1111 ret = intel_ring_begin(req, 4 * 3);
1115 for (i = 0; i < 4; i++) {
1116 intel_ring_emit(ring, MI_LOAD_REGISTER_IMM(1));
1117 intel_ring_emit(ring, GEN7_SO_WRITE_OFFSET(i));
1118 intel_ring_emit(ring, 0);
1121 intel_ring_advance(ring);
1126 static struct i915_vma*
1127 shadow_batch_pin(struct drm_i915_gem_object *obj, struct i915_address_space *vm)
1129 struct drm_i915_private *dev_priv = to_i915(obj->base.dev);
1130 struct i915_address_space *pin_vm = vm;
1135 * PPGTT backed shadow buffers must be mapped RO, to prevent
1136 * post-scan tampering
1138 if (CMDPARSER_USES_GGTT(dev_priv)) {
1140 pin_vm = &dev_priv->gtt.base;
1141 } else if (vm->has_read_only) {
1145 DRM_DEBUG("Cannot prevent post-scan tampering without RO capable vm\n");
1146 return ERR_PTR(-EINVAL);
1149 ret = i915_gem_object_pin(obj, pin_vm, 0, flags);
1151 return ERR_PTR(ret);
1153 return i915_gem_obj_to_vma(obj, pin_vm);
1156 static struct drm_i915_gem_object*
1157 i915_gem_execbuffer_parse(struct intel_context *ctx,
1158 struct intel_engine_cs *ring,
1159 struct drm_i915_gem_exec_object2 *shadow_exec_entry,
1161 struct i915_address_space *vm,
1162 struct drm_i915_gem_object *batch_obj,
1163 u32 batch_start_offset,
1166 struct drm_i915_gem_object *shadow_batch_obj;
1167 struct i915_vma *vma;
1168 struct i915_vma *user_vma = list_entry(eb->vmas.prev,
1169 typeof(*user_vma), exec_list);
1171 u64 shadow_batch_start;
1174 shadow_batch_obj = i915_gem_batch_pool_get(&ring->batch_pool,
1175 PAGE_ALIGN(batch_len));
1176 if (IS_ERR(shadow_batch_obj))
1177 return shadow_batch_obj;
1179 vma = shadow_batch_pin(shadow_batch_obj, vm);
1185 batch_start = user_vma->node.start + batch_start_offset;
1187 shadow_batch_start = vma->node.start;
1189 ret = i915_parse_cmds(ctx,
1196 shadow_batch_start);
1198 WARN_ON(vma->pin_count == 0);
1203 i915_gem_object_unpin_pages(shadow_batch_obj);
1205 memset(shadow_exec_entry, 0, sizeof(*shadow_exec_entry));
1207 vma->exec_entry = shadow_exec_entry;
1208 vma->exec_entry->flags = __EXEC_OBJECT_HAS_PIN;
1209 drm_gem_object_reference(&shadow_batch_obj->base);
1210 list_add_tail(&vma->exec_list, &eb->vmas);
1212 shadow_batch_obj->base.pending_read_domains = I915_GEM_DOMAIN_COMMAND;
1214 return shadow_batch_obj;
1217 i915_gem_object_unpin_pages(shadow_batch_obj);
1220 * Unsafe GGTT-backed buffers can still be submitted safely
1222 * For PPGTT backing however, we have no choice but to forcibly
1223 * reject unsafe buffers
1225 if (CMDPARSER_USES_GGTT(batch_obj->base.dev) && (ret == -EACCES))
1228 return ERR_PTR(ret);
1232 i915_gem_ringbuffer_submission(struct i915_execbuffer_params *params,
1233 struct drm_i915_gem_execbuffer2 *args,
1234 struct list_head *vmas)
1236 struct drm_device *dev = params->dev;
1237 struct intel_engine_cs *ring = params->ring;
1238 struct drm_i915_private *dev_priv = dev->dev_private;
1239 u64 exec_start, exec_len;
1244 ret = i915_gem_execbuffer_move_to_gpu(params->request, vmas);
1248 ret = i915_switch_context(params->request);
1252 WARN(params->ctx->ppgtt && params->ctx->ppgtt->pd_dirty_rings & (1<<ring->id),
1253 "%s didn't clear reload\n", ring->name);
1255 instp_mode = args->flags & I915_EXEC_CONSTANTS_MASK;
1256 instp_mask = I915_EXEC_CONSTANTS_MASK;
1257 switch (instp_mode) {
1258 case I915_EXEC_CONSTANTS_REL_GENERAL:
1259 case I915_EXEC_CONSTANTS_ABSOLUTE:
1260 case I915_EXEC_CONSTANTS_REL_SURFACE:
1261 if (instp_mode != 0 && ring != &dev_priv->ring[RCS]) {
1262 DRM_DEBUG("non-0 rel constants mode on non-RCS\n");
1266 if (instp_mode != dev_priv->relative_constants_mode) {
1267 if (INTEL_INFO(dev)->gen < 4) {
1268 DRM_DEBUG("no rel constants on pre-gen4\n");
1272 if (INTEL_INFO(dev)->gen > 5 &&
1273 instp_mode == I915_EXEC_CONSTANTS_REL_SURFACE) {
1274 DRM_DEBUG("rel surface constants mode invalid on gen5+\n");
1278 /* The HW changed the meaning on this bit on gen6 */
1279 if (INTEL_INFO(dev)->gen >= 6)
1280 instp_mask &= ~I915_EXEC_CONSTANTS_REL_SURFACE;
1284 DRM_DEBUG("execbuf with unknown constants: %d\n", instp_mode);
1288 if (ring == &dev_priv->ring[RCS] &&
1289 instp_mode != dev_priv->relative_constants_mode) {
1290 ret = intel_ring_begin(params->request, 4);
1294 intel_ring_emit(ring, MI_NOOP);
1295 intel_ring_emit(ring, MI_LOAD_REGISTER_IMM(1));
1296 intel_ring_emit(ring, INSTPM);
1297 intel_ring_emit(ring, instp_mask << 16 | instp_mode);
1298 intel_ring_advance(ring);
1300 dev_priv->relative_constants_mode = instp_mode;
1303 if (args->flags & I915_EXEC_GEN7_SOL_RESET) {
1304 ret = i915_reset_gen7_sol_offsets(dev, params->request);
1309 exec_len = args->batch_len;
1310 exec_start = params->batch_obj_vm_offset +
1311 params->args_batch_start_offset;
1313 ret = ring->dispatch_execbuffer(params->request,
1314 exec_start, exec_len,
1315 params->dispatch_flags);
1319 trace_i915_gem_ring_dispatch(params->request, params->dispatch_flags);
1321 i915_gem_execbuffer_move_to_active(vmas, params->request);
1322 i915_gem_execbuffer_retire_commands(params);
1328 * Find one BSD ring to dispatch the corresponding BSD command.
1329 * The Ring ID is returned.
1331 static int gen8_dispatch_bsd_ring(struct drm_device *dev,
1332 struct drm_file *file)
1334 struct drm_i915_private *dev_priv = dev->dev_private;
1335 struct drm_i915_file_private *file_priv = file->driver_priv;
1337 /* Check whether the file_priv is using one ring */
1338 if (file_priv->bsd_ring)
1339 return file_priv->bsd_ring->id;
1341 /* If no, use the ping-pong mechanism to select one ring */
1344 mutex_lock(&dev->struct_mutex);
1345 if (dev_priv->mm.bsd_ring_dispatch_index == 0) {
1347 dev_priv->mm.bsd_ring_dispatch_index = 1;
1350 dev_priv->mm.bsd_ring_dispatch_index = 0;
1352 file_priv->bsd_ring = &dev_priv->ring[ring_id];
1353 mutex_unlock(&dev->struct_mutex);
1358 static struct drm_i915_gem_object *
1359 eb_get_batch(struct eb_vmas *eb)
1361 struct i915_vma *vma = list_entry(eb->vmas.prev, typeof(*vma), exec_list);
1364 * SNA is doing fancy tricks with compressing batch buffers, which leads
1365 * to negative relocation deltas. Usually that works out ok since the
1366 * relocate address is still positive, except when the batch is placed
1367 * very low in the GTT. Ensure this doesn't happen.
1369 * Note that actual hangs have only been observed on gen7, but for
1370 * paranoia do it everywhere.
1372 vma->exec_entry->flags |= __EXEC_OBJECT_NEEDS_BIAS;
1377 static inline bool use_cmdparser(const struct intel_engine_cs *ring,
1380 return ring->requires_cmd_parser ||
1381 (ring->using_cmd_parser && batch_len && USES_PPGTT(ring->dev));
1385 i915_gem_do_execbuffer(struct drm_device *dev, void *data,
1386 struct drm_file *file,
1387 struct drm_i915_gem_execbuffer2 *args,
1388 struct drm_i915_gem_exec_object2 *exec)
1390 struct drm_i915_private *dev_priv = dev->dev_private;
1392 struct drm_i915_gem_object *batch_obj;
1393 struct drm_i915_gem_exec_object2 shadow_exec_entry;
1394 struct intel_engine_cs *ring;
1395 struct intel_context *ctx;
1396 struct i915_address_space *vm;
1397 struct i915_execbuffer_params params_master; /* XXX: will be removed later */
1398 struct i915_execbuffer_params *params = ¶ms_master;
1399 const u32 ctx_id = i915_execbuffer2_get_context_id(*args);
1404 if (!i915_gem_check_execbuffer(args))
1407 ret = validate_exec_list(dev, exec, args->buffer_count);
1412 if (args->flags & I915_EXEC_SECURE) {
1413 /* Return -EPERM to trigger fallback code on old binaries. */
1414 if (!HAS_SECURE_BATCHES(dev_priv))
1417 if (!file->is_master || !capable(CAP_SYS_ADMIN))
1420 dispatch_flags |= I915_DISPATCH_SECURE;
1422 if (args->flags & I915_EXEC_IS_PINNED)
1423 dispatch_flags |= I915_DISPATCH_PINNED;
1425 if ((args->flags & I915_EXEC_RING_MASK) > LAST_USER_RING) {
1426 DRM_DEBUG("execbuf with unknown ring: %d\n",
1427 (int)(args->flags & I915_EXEC_RING_MASK));
1431 if (((args->flags & I915_EXEC_RING_MASK) != I915_EXEC_BSD) &&
1432 ((args->flags & I915_EXEC_BSD_MASK) != 0)) {
1433 DRM_DEBUG("execbuf with non bsd ring but with invalid "
1434 "bsd dispatch flags: %d\n", (int)(args->flags));
1438 if ((args->flags & I915_EXEC_RING_MASK) == I915_EXEC_DEFAULT)
1439 ring = &dev_priv->ring[RCS];
1440 else if ((args->flags & I915_EXEC_RING_MASK) == I915_EXEC_BSD) {
1441 if (HAS_BSD2(dev)) {
1444 switch (args->flags & I915_EXEC_BSD_MASK) {
1445 case I915_EXEC_BSD_DEFAULT:
1446 ring_id = gen8_dispatch_bsd_ring(dev, file);
1447 ring = &dev_priv->ring[ring_id];
1449 case I915_EXEC_BSD_RING1:
1450 ring = &dev_priv->ring[VCS];
1452 case I915_EXEC_BSD_RING2:
1453 ring = &dev_priv->ring[VCS2];
1456 DRM_DEBUG("execbuf with unknown bsd ring: %d\n",
1457 (int)(args->flags & I915_EXEC_BSD_MASK));
1461 ring = &dev_priv->ring[VCS];
1463 ring = &dev_priv->ring[(args->flags & I915_EXEC_RING_MASK) - 1];
1465 if (!intel_ring_initialized(ring)) {
1466 DRM_DEBUG("execbuf with invalid ring: %d\n",
1467 (int)(args->flags & I915_EXEC_RING_MASK));
1471 if (args->buffer_count < 1) {
1472 DRM_DEBUG("execbuf with %d buffers\n", args->buffer_count);
1476 if (args->flags & I915_EXEC_RESOURCE_STREAMER) {
1477 if (!HAS_RESOURCE_STREAMER(dev)) {
1478 DRM_DEBUG("RS is only allowed for Haswell, Gen8 and above\n");
1481 if (ring->id != RCS) {
1482 DRM_DEBUG("RS is not available on %s\n",
1487 dispatch_flags |= I915_DISPATCH_RS;
1490 intel_runtime_pm_get(dev_priv);
1492 ret = i915_mutex_lock_interruptible(dev);
1496 ctx = i915_gem_validate_context(dev, file, ring, ctx_id);
1498 mutex_unlock(&dev->struct_mutex);
1503 i915_gem_context_reference(ctx);
1506 vm = &ctx->ppgtt->base;
1508 vm = &dev_priv->gtt.base;
1510 memset(¶ms_master, 0x00, sizeof(params_master));
1512 eb = eb_create(args);
1514 i915_gem_context_unreference(ctx);
1515 mutex_unlock(&dev->struct_mutex);
1520 /* Look up object handles */
1521 ret = eb_lookup_vmas(eb, exec, args, vm, file);
1525 /* take note of the batch buffer before we might reorder the lists */
1526 batch_obj = eb_get_batch(eb);
1528 /* Move the objects en-masse into the GTT, evicting if necessary. */
1529 need_relocs = (args->flags & I915_EXEC_NO_RELOC) == 0;
1530 ret = i915_gem_execbuffer_reserve(ring, &eb->vmas, ctx, &need_relocs);
1534 /* The objects are in their final locations, apply the relocations. */
1536 ret = i915_gem_execbuffer_relocate(eb);
1538 if (ret == -EFAULT) {
1539 ret = i915_gem_execbuffer_relocate_slow(dev, args, file, ring,
1541 BUG_ON(!mutex_is_locked(&dev->struct_mutex));
1547 /* Set the pending read domains for the batch buffer to COMMAND */
1548 if (batch_obj->base.pending_write_domain) {
1549 DRM_DEBUG("Attempting to use self-modifying batch buffer\n");
1554 params->args_batch_start_offset = args->batch_start_offset;
1555 if (use_cmdparser(ring, args->batch_len)) {
1556 struct drm_i915_gem_object *parsed_batch_obj;
1558 u32 batch_off = args->batch_start_offset;
1559 u32 batch_len = args->batch_len;
1561 batch_len = batch_obj->base.size - batch_off;
1563 parsed_batch_obj = i915_gem_execbuffer_parse(ctx, ring,
1569 if (IS_ERR(parsed_batch_obj)) {
1570 ret = PTR_ERR(parsed_batch_obj);
1575 * parsed_batch_obj == batch_obj means batch not fully parsed:
1576 * Accept, but don't promote to secure.
1578 if (parsed_batch_obj != batch_obj) {
1579 if (CMDPARSER_USES_GGTT(dev_priv))
1580 dispatch_flags |= I915_DISPATCH_SECURE;
1581 params->args_batch_start_offset = 0;
1582 batch_obj = parsed_batch_obj;
1586 batch_obj->base.pending_read_domains |= I915_GEM_DOMAIN_COMMAND;
1588 /* snb/ivb/vlv conflate the "batch in ppgtt" bit with the "non-secure
1589 * batch" bit. Hence we need to pin secure batches into the global gtt.
1590 * hsw should have this fixed, but bdw mucks it up again. */
1591 if (dispatch_flags & I915_DISPATCH_SECURE) {
1593 * So on first glance it looks freaky that we pin the batch here
1594 * outside of the reservation loop. But:
1595 * - The batch is already pinned into the relevant ppgtt, so we
1596 * already have the backing storage fully allocated.
1597 * - No other BO uses the global gtt (well contexts, but meh),
1598 * so we don't really have issues with multiple objects not
1599 * fitting due to fragmentation.
1600 * So this is actually safe.
1602 ret = i915_gem_obj_ggtt_pin(batch_obj, 0, 0);
1606 params->batch_obj_vm_offset = i915_gem_obj_ggtt_offset(batch_obj);
1608 params->batch_obj_vm_offset = i915_gem_obj_offset(batch_obj, vm);
1610 /* Allocate a request for this batch buffer nice and early. */
1611 ret = i915_gem_request_alloc(ring, ctx, ¶ms->request);
1613 goto err_batch_unpin;
1615 ret = i915_gem_request_add_to_client(params->request, file);
1617 goto err_batch_unpin;
1620 * Save assorted stuff away to pass through to *_submission().
1621 * NB: This data should be 'persistent' and not local as it will
1622 * kept around beyond the duration of the IOCTL once the GPU
1623 * scheduler arrives.
1626 params->file = file;
1627 params->ring = ring;
1628 params->dispatch_flags = dispatch_flags;
1629 params->batch_obj = batch_obj;
1632 ret = dev_priv->gt.execbuf_submit(params, args, &eb->vmas);
1636 * FIXME: We crucially rely upon the active tracking for the (ppgtt)
1637 * batch vma for correctness. For less ugly and less fragility this
1638 * needs to be adjusted to also track the ggtt batch vma properly as
1641 if (dispatch_flags & I915_DISPATCH_SECURE)
1642 i915_gem_object_ggtt_unpin(batch_obj);
1645 /* the request owns the ref now */
1646 i915_gem_context_unreference(ctx);
1650 * If the request was created but not successfully submitted then it
1651 * must be freed again. If it was submitted then it is being tracked
1652 * on the active request list and no clean up is required here.
1654 if (ret && params->request)
1655 i915_gem_request_cancel(params->request);
1657 mutex_unlock(&dev->struct_mutex);
1660 /* intel_gpu_busy should also get a ref, so it will free when the device
1661 * is really idle. */
1662 intel_runtime_pm_put(dev_priv);
1667 * Legacy execbuffer just creates an exec2 list from the original exec object
1668 * list array and passes it to the real function.
1671 i915_gem_execbuffer(struct drm_device *dev, void *data,
1672 struct drm_file *file)
1674 struct drm_i915_gem_execbuffer *args = data;
1675 struct drm_i915_gem_execbuffer2 exec2;
1676 struct drm_i915_gem_exec_object *exec_list = NULL;
1677 struct drm_i915_gem_exec_object2 *exec2_list = NULL;
1680 if (args->buffer_count < 1) {
1681 DRM_DEBUG("execbuf with %d buffers\n", args->buffer_count);
1685 /* Copy in the exec list from userland */
1686 exec_list = drm_malloc_ab(sizeof(*exec_list), args->buffer_count);
1687 exec2_list = drm_malloc_ab(sizeof(*exec2_list), args->buffer_count);
1688 if (exec_list == NULL || exec2_list == NULL) {
1689 DRM_DEBUG("Failed to allocate exec list for %d buffers\n",
1690 args->buffer_count);
1691 drm_free_large(exec_list);
1692 drm_free_large(exec2_list);
1695 ret = copy_from_user(exec_list,
1696 to_user_ptr(args->buffers_ptr),
1697 sizeof(*exec_list) * args->buffer_count);
1699 DRM_DEBUG("copy %d exec entries failed %d\n",
1700 args->buffer_count, ret);
1701 drm_free_large(exec_list);
1702 drm_free_large(exec2_list);
1706 for (i = 0; i < args->buffer_count; i++) {
1707 exec2_list[i].handle = exec_list[i].handle;
1708 exec2_list[i].relocation_count = exec_list[i].relocation_count;
1709 exec2_list[i].relocs_ptr = exec_list[i].relocs_ptr;
1710 exec2_list[i].alignment = exec_list[i].alignment;
1711 exec2_list[i].offset = exec_list[i].offset;
1712 if (INTEL_INFO(dev)->gen < 4)
1713 exec2_list[i].flags = EXEC_OBJECT_NEEDS_FENCE;
1715 exec2_list[i].flags = 0;
1718 exec2.buffers_ptr = args->buffers_ptr;
1719 exec2.buffer_count = args->buffer_count;
1720 exec2.batch_start_offset = args->batch_start_offset;
1721 exec2.batch_len = args->batch_len;
1722 exec2.DR1 = args->DR1;
1723 exec2.DR4 = args->DR4;
1724 exec2.num_cliprects = args->num_cliprects;
1725 exec2.cliprects_ptr = args->cliprects_ptr;
1726 exec2.flags = I915_EXEC_RENDER;
1727 i915_execbuffer2_set_context_id(exec2, 0);
1729 ret = i915_gem_do_execbuffer(dev, data, file, &exec2, exec2_list);
1731 struct drm_i915_gem_exec_object __user *user_exec_list =
1732 to_user_ptr(args->buffers_ptr);
1734 /* Copy the new buffer offsets back to the user's exec list. */
1735 for (i = 0; i < args->buffer_count; i++) {
1736 ret = __copy_to_user(&user_exec_list[i].offset,
1737 &exec2_list[i].offset,
1738 sizeof(user_exec_list[i].offset));
1741 DRM_DEBUG("failed to copy %d exec entries "
1742 "back to user (%d)\n",
1743 args->buffer_count, ret);
1749 drm_free_large(exec_list);
1750 drm_free_large(exec2_list);
1755 i915_gem_execbuffer2(struct drm_device *dev, void *data,
1756 struct drm_file *file)
1758 struct drm_i915_gem_execbuffer2 *args = data;
1759 struct drm_i915_gem_exec_object2 *exec2_list = NULL;
1762 if (args->buffer_count < 1 ||
1763 args->buffer_count > UINT_MAX / sizeof(*exec2_list)) {
1764 DRM_DEBUG("execbuf2 with %d buffers\n", args->buffer_count);
1768 if (args->rsvd2 != 0) {
1769 DRM_DEBUG("dirty rvsd2 field\n");
1773 exec2_list = kmalloc(sizeof(*exec2_list)*args->buffer_count,
1774 GFP_TEMPORARY | __GFP_NOWARN | __GFP_NORETRY);
1775 if (exec2_list == NULL)
1776 exec2_list = drm_malloc_ab(sizeof(*exec2_list),
1777 args->buffer_count);
1778 if (exec2_list == NULL) {
1779 DRM_DEBUG("Failed to allocate exec list for %d buffers\n",
1780 args->buffer_count);
1783 ret = copy_from_user(exec2_list,
1784 to_user_ptr(args->buffers_ptr),
1785 sizeof(*exec2_list) * args->buffer_count);
1787 DRM_DEBUG("copy %d exec entries failed %d\n",
1788 args->buffer_count, ret);
1789 drm_free_large(exec2_list);
1793 ret = i915_gem_do_execbuffer(dev, data, file, args, exec2_list);
1795 /* Copy the new buffer offsets back to the user's exec list. */
1796 struct drm_i915_gem_exec_object2 __user *user_exec_list =
1797 to_user_ptr(args->buffers_ptr);
1800 for (i = 0; i < args->buffer_count; i++) {
1801 ret = __copy_to_user(&user_exec_list[i].offset,
1802 &exec2_list[i].offset,
1803 sizeof(user_exec_list[i].offset));
1806 DRM_DEBUG("failed to copy %d exec entries "
1808 args->buffer_count);
1814 drm_free_large(exec2_list);
projects / releases.git / blob