1 // SPDX-License-Identifier: GPL-2.0
3 * Virtio driver for the paravirtualized IOMMU
5 * Copyright (C) 2019 Arm Limited
8 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
10 #include <linux/amba/bus.h>
11 #include <linux/delay.h>
12 #include <linux/dma-iommu.h>
13 #include <linux/dma-map-ops.h>
14 #include <linux/freezer.h>
15 #include <linux/interval_tree.h>
16 #include <linux/iommu.h>
17 #include <linux/module.h>
18 #include <linux/of_platform.h>
19 #include <linux/pci.h>
20 #include <linux/platform_device.h>
21 #include <linux/virtio.h>
22 #include <linux/virtio_config.h>
23 #include <linux/virtio_ids.h>
24 #include <linux/wait.h>
26 #include <uapi/linux/virtio_iommu.h>
28 #define MSI_IOVA_BASE 0x8000000
29 #define MSI_IOVA_LENGTH 0x100000
31 #define VIOMMU_REQUEST_VQ 0
32 #define VIOMMU_EVENT_VQ 1
33 #define VIOMMU_NR_VQS 2
36 struct iommu_device iommu;
38 struct virtio_device *vdev;
40 struct ida domain_ids;
42 struct virtqueue *vqs[VIOMMU_NR_VQS];
43 spinlock_t request_lock;
44 struct list_head requests;
47 /* Device configuration */
48 struct iommu_domain_geometry geometry;
52 /* Supported MAP flags */
57 struct viommu_mapping {
59 struct interval_tree_node iova;
63 struct viommu_domain {
64 struct iommu_domain domain;
65 struct viommu_dev *viommu;
66 struct mutex mutex; /* protects viommu pointer */
70 spinlock_t mappings_lock;
71 struct rb_root_cached mappings;
73 unsigned long nr_endpoints;
77 struct viommu_endpoint {
79 struct viommu_dev *viommu;
80 struct viommu_domain *vdomain;
81 struct list_head resv_regions;
84 struct viommu_request {
85 struct list_head list;
87 unsigned int write_offset;
92 #define VIOMMU_FAULT_RESV_MASK 0xffffff00
97 struct virtio_iommu_fault fault;
101 #define to_viommu_domain(domain) \
102 container_of(domain, struct viommu_domain, domain)
104 static int viommu_get_req_errno(void *buf, size_t len)
106 struct virtio_iommu_req_tail *tail = buf + len - sizeof(*tail);
108 switch (tail->status) {
109 case VIRTIO_IOMMU_S_OK:
111 case VIRTIO_IOMMU_S_UNSUPP:
113 case VIRTIO_IOMMU_S_INVAL:
115 case VIRTIO_IOMMU_S_RANGE:
117 case VIRTIO_IOMMU_S_NOENT:
119 case VIRTIO_IOMMU_S_FAULT:
121 case VIRTIO_IOMMU_S_NOMEM:
123 case VIRTIO_IOMMU_S_IOERR:
124 case VIRTIO_IOMMU_S_DEVERR:
130 static void viommu_set_req_status(void *buf, size_t len, int status)
132 struct virtio_iommu_req_tail *tail = buf + len - sizeof(*tail);
134 tail->status = status;
137 static off_t viommu_get_write_desc_offset(struct viommu_dev *viommu,
138 struct virtio_iommu_req_head *req,
141 size_t tail_size = sizeof(struct virtio_iommu_req_tail);
143 if (req->type == VIRTIO_IOMMU_T_PROBE)
144 return len - viommu->probe_size - tail_size;
146 return len - tail_size;
150 * __viommu_sync_req - Complete all in-flight requests
152 * Wait for all added requests to complete. When this function returns, all
153 * requests that were in-flight at the time of the call have completed.
155 static int __viommu_sync_req(struct viommu_dev *viommu)
159 struct viommu_request *req;
160 struct virtqueue *vq = viommu->vqs[VIOMMU_REQUEST_VQ];
162 assert_spin_locked(&viommu->request_lock);
166 while (!list_empty(&viommu->requests)) {
168 req = virtqueue_get_buf(vq, &len);
173 viommu_set_req_status(req->buf, req->len,
174 VIRTIO_IOMMU_S_IOERR);
176 write_len = req->len - req->write_offset;
177 if (req->writeback && len == write_len)
178 memcpy(req->writeback, req->buf + req->write_offset,
181 list_del(&req->list);
188 static int viommu_sync_req(struct viommu_dev *viommu)
193 spin_lock_irqsave(&viommu->request_lock, flags);
194 ret = __viommu_sync_req(viommu);
196 dev_dbg(viommu->dev, "could not sync requests (%d)\n", ret);
197 spin_unlock_irqrestore(&viommu->request_lock, flags);
203 * __viommu_add_request - Add one request to the queue
204 * @buf: pointer to the request buffer
205 * @len: length of the request buffer
206 * @writeback: copy data back to the buffer when the request completes.
208 * Add a request to the queue. Only synchronize the queue if it's already full.
209 * Otherwise don't kick the queue nor wait for requests to complete.
211 * When @writeback is true, data written by the device, including the request
212 * status, is copied into @buf after the request completes. This is unsafe if
213 * the caller allocates @buf on stack and drops the lock between add_req() and
216 * Return 0 if the request was successfully added to the queue.
218 static int __viommu_add_req(struct viommu_dev *viommu, void *buf, size_t len,
223 struct viommu_request *req;
224 struct scatterlist top_sg, bottom_sg;
225 struct scatterlist *sg[2] = { &top_sg, &bottom_sg };
226 struct virtqueue *vq = viommu->vqs[VIOMMU_REQUEST_VQ];
228 assert_spin_locked(&viommu->request_lock);
230 write_offset = viommu_get_write_desc_offset(viommu, buf, len);
231 if (write_offset <= 0)
234 req = kzalloc(sizeof(*req) + len, GFP_ATOMIC);
240 req->writeback = buf + write_offset;
241 req->write_offset = write_offset;
243 memcpy(&req->buf, buf, write_offset);
245 sg_init_one(&top_sg, req->buf, write_offset);
246 sg_init_one(&bottom_sg, req->buf + write_offset, len - write_offset);
248 ret = virtqueue_add_sgs(vq, sg, 1, 1, req, GFP_ATOMIC);
249 if (ret == -ENOSPC) {
250 /* If the queue is full, sync and retry */
251 if (!__viommu_sync_req(viommu))
252 ret = virtqueue_add_sgs(vq, sg, 1, 1, req, GFP_ATOMIC);
257 list_add_tail(&req->list, &viommu->requests);
265 static int viommu_add_req(struct viommu_dev *viommu, void *buf, size_t len)
270 spin_lock_irqsave(&viommu->request_lock, flags);
271 ret = __viommu_add_req(viommu, buf, len, false);
273 dev_dbg(viommu->dev, "could not add request: %d\n", ret);
274 spin_unlock_irqrestore(&viommu->request_lock, flags);
280 * Send a request and wait for it to complete. Return the request status (as an
283 static int viommu_send_req_sync(struct viommu_dev *viommu, void *buf,
289 spin_lock_irqsave(&viommu->request_lock, flags);
291 ret = __viommu_add_req(viommu, buf, len, true);
293 dev_dbg(viommu->dev, "could not add request (%d)\n", ret);
297 ret = __viommu_sync_req(viommu);
299 dev_dbg(viommu->dev, "could not sync requests (%d)\n", ret);
300 /* Fall-through (get the actual request status) */
303 ret = viommu_get_req_errno(buf, len);
305 spin_unlock_irqrestore(&viommu->request_lock, flags);
310 * viommu_add_mapping - add a mapping to the internal tree
312 * On success, return the new mapping. Otherwise return NULL.
314 static int viommu_add_mapping(struct viommu_domain *vdomain, u64 iova, u64 end,
315 phys_addr_t paddr, u32 flags)
317 unsigned long irqflags;
318 struct viommu_mapping *mapping;
320 mapping = kzalloc(sizeof(*mapping), GFP_ATOMIC);
324 mapping->paddr = paddr;
325 mapping->iova.start = iova;
326 mapping->iova.last = end;
327 mapping->flags = flags;
329 spin_lock_irqsave(&vdomain->mappings_lock, irqflags);
330 interval_tree_insert(&mapping->iova, &vdomain->mappings);
331 spin_unlock_irqrestore(&vdomain->mappings_lock, irqflags);
337 * viommu_del_mappings - remove mappings from the internal tree
339 * @vdomain: the domain
340 * @iova: start of the range
341 * @end: end of the range
343 * On success, returns the number of unmapped bytes
345 static size_t viommu_del_mappings(struct viommu_domain *vdomain,
350 struct viommu_mapping *mapping = NULL;
351 struct interval_tree_node *node, *next;
353 spin_lock_irqsave(&vdomain->mappings_lock, flags);
354 next = interval_tree_iter_first(&vdomain->mappings, iova, end);
357 mapping = container_of(node, struct viommu_mapping, iova);
358 next = interval_tree_iter_next(node, iova, end);
360 /* Trying to split a mapping? */
361 if (mapping->iova.start < iova)
365 * Virtio-iommu doesn't allow UNMAP to split a mapping created
366 * with a single MAP request, so remove the full mapping.
368 unmapped += mapping->iova.last - mapping->iova.start + 1;
370 interval_tree_remove(node, &vdomain->mappings);
373 spin_unlock_irqrestore(&vdomain->mappings_lock, flags);
379 * Fill the domain with identity mappings, skipping the device's reserved
382 static int viommu_domain_map_identity(struct viommu_endpoint *vdev,
383 struct viommu_domain *vdomain)
386 struct iommu_resv_region *resv;
387 u64 iova = vdomain->domain.geometry.aperture_start;
388 u64 limit = vdomain->domain.geometry.aperture_end;
389 u32 flags = VIRTIO_IOMMU_MAP_F_READ | VIRTIO_IOMMU_MAP_F_WRITE;
390 unsigned long granule = 1UL << __ffs(vdomain->domain.pgsize_bitmap);
392 iova = ALIGN(iova, granule);
393 limit = ALIGN_DOWN(limit + 1, granule) - 1;
395 list_for_each_entry(resv, &vdev->resv_regions, list) {
396 u64 resv_start = ALIGN_DOWN(resv->start, granule);
397 u64 resv_end = ALIGN(resv->start + resv->length, granule) - 1;
399 if (resv_end < iova || resv_start > limit)
403 if (resv_start > iova) {
404 ret = viommu_add_mapping(vdomain, iova, resv_start - 1,
405 (phys_addr_t)iova, flags);
410 if (resv_end >= limit)
416 ret = viommu_add_mapping(vdomain, iova, limit, (phys_addr_t)iova,
423 viommu_del_mappings(vdomain, 0, iova);
428 * viommu_replay_mappings - re-send MAP requests
430 * When reattaching a domain that was previously detached from all endpoints,
431 * mappings were deleted from the device. Re-create the mappings available in
434 static int viommu_replay_mappings(struct viommu_domain *vdomain)
438 struct viommu_mapping *mapping;
439 struct interval_tree_node *node;
440 struct virtio_iommu_req_map map;
442 spin_lock_irqsave(&vdomain->mappings_lock, flags);
443 node = interval_tree_iter_first(&vdomain->mappings, 0, -1UL);
445 mapping = container_of(node, struct viommu_mapping, iova);
446 map = (struct virtio_iommu_req_map) {
447 .head.type = VIRTIO_IOMMU_T_MAP,
448 .domain = cpu_to_le32(vdomain->id),
449 .virt_start = cpu_to_le64(mapping->iova.start),
450 .virt_end = cpu_to_le64(mapping->iova.last),
451 .phys_start = cpu_to_le64(mapping->paddr),
452 .flags = cpu_to_le32(mapping->flags),
455 ret = viommu_send_req_sync(vdomain->viommu, &map, sizeof(map));
459 node = interval_tree_iter_next(node, 0, -1UL);
461 spin_unlock_irqrestore(&vdomain->mappings_lock, flags);
466 static int viommu_add_resv_mem(struct viommu_endpoint *vdev,
467 struct virtio_iommu_probe_resv_mem *mem,
472 phys_addr_t start, end;
473 struct iommu_resv_region *region = NULL, *next;
474 unsigned long prot = IOMMU_WRITE | IOMMU_NOEXEC | IOMMU_MMIO;
476 start = start64 = le64_to_cpu(mem->start);
477 end = end64 = le64_to_cpu(mem->end);
478 size = end64 - start64 + 1;
480 /* Catch any overflow, including the unlikely end64 - start64 + 1 = 0 */
481 if (start != start64 || end != end64 || size < end64 - start64)
484 if (len < sizeof(*mem))
487 switch (mem->subtype) {
489 dev_warn(vdev->dev, "unknown resv mem subtype 0x%x\n",
492 case VIRTIO_IOMMU_RESV_MEM_T_RESERVED:
493 region = iommu_alloc_resv_region(start, size, 0,
494 IOMMU_RESV_RESERVED);
496 case VIRTIO_IOMMU_RESV_MEM_T_MSI:
497 region = iommu_alloc_resv_region(start, size, prot,
504 /* Keep the list sorted */
505 list_for_each_entry(next, &vdev->resv_regions, list) {
506 if (next->start > region->start)
509 list_add_tail(®ion->list, &next->list);
513 static int viommu_probe_endpoint(struct viommu_dev *viommu, struct device *dev)
519 struct virtio_iommu_req_probe *probe;
520 struct virtio_iommu_probe_property *prop;
521 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
522 struct viommu_endpoint *vdev = dev_iommu_priv_get(dev);
524 if (!fwspec->num_ids)
527 probe_len = sizeof(*probe) + viommu->probe_size +
528 sizeof(struct virtio_iommu_req_tail);
529 probe = kzalloc(probe_len, GFP_KERNEL);
533 probe->head.type = VIRTIO_IOMMU_T_PROBE;
535 * For now, assume that properties of an endpoint that outputs multiple
536 * IDs are consistent. Only probe the first one.
538 probe->endpoint = cpu_to_le32(fwspec->ids[0]);
540 ret = viommu_send_req_sync(viommu, probe, probe_len);
544 prop = (void *)probe->properties;
545 type = le16_to_cpu(prop->type) & VIRTIO_IOMMU_PROBE_T_MASK;
547 while (type != VIRTIO_IOMMU_PROBE_T_NONE &&
548 cur < viommu->probe_size) {
549 len = le16_to_cpu(prop->length) + sizeof(*prop);
552 case VIRTIO_IOMMU_PROBE_T_RESV_MEM:
553 ret = viommu_add_resv_mem(vdev, (void *)prop, len);
556 dev_err(dev, "unknown viommu prop 0x%x\n", type);
560 dev_err(dev, "failed to parse viommu prop 0x%x\n", type);
563 if (cur >= viommu->probe_size)
566 prop = (void *)probe->properties + cur;
567 type = le16_to_cpu(prop->type) & VIRTIO_IOMMU_PROBE_T_MASK;
575 static int viommu_fault_handler(struct viommu_dev *viommu,
576 struct virtio_iommu_fault *fault)
580 u8 reason = fault->reason;
581 u32 flags = le32_to_cpu(fault->flags);
582 u32 endpoint = le32_to_cpu(fault->endpoint);
583 u64 address = le64_to_cpu(fault->address);
586 case VIRTIO_IOMMU_FAULT_R_DOMAIN:
587 reason_str = "domain";
589 case VIRTIO_IOMMU_FAULT_R_MAPPING:
592 case VIRTIO_IOMMU_FAULT_R_UNKNOWN:
594 reason_str = "unknown";
598 /* TODO: find EP by ID and report_iommu_fault */
599 if (flags & VIRTIO_IOMMU_FAULT_F_ADDRESS)
600 dev_err_ratelimited(viommu->dev, "%s fault from EP %u at %#llx [%s%s%s]\n",
601 reason_str, endpoint, address,
602 flags & VIRTIO_IOMMU_FAULT_F_READ ? "R" : "",
603 flags & VIRTIO_IOMMU_FAULT_F_WRITE ? "W" : "",
604 flags & VIRTIO_IOMMU_FAULT_F_EXEC ? "X" : "");
606 dev_err_ratelimited(viommu->dev, "%s fault from EP %u\n",
607 reason_str, endpoint);
611 static void viommu_event_handler(struct virtqueue *vq)
615 struct scatterlist sg[1];
616 struct viommu_event *evt;
617 struct viommu_dev *viommu = vq->vdev->priv;
619 while ((evt = virtqueue_get_buf(vq, &len)) != NULL) {
620 if (len > sizeof(*evt)) {
622 "invalid event buffer (len %u != %zu)\n",
624 } else if (!(evt->head & VIOMMU_FAULT_RESV_MASK)) {
625 viommu_fault_handler(viommu, &evt->fault);
628 sg_init_one(sg, evt, sizeof(*evt));
629 ret = virtqueue_add_inbuf(vq, sg, 1, evt, GFP_ATOMIC);
631 dev_err(viommu->dev, "could not add event buffer\n");
639 static struct iommu_domain *viommu_domain_alloc(unsigned type)
641 struct viommu_domain *vdomain;
643 if (type != IOMMU_DOMAIN_UNMANAGED &&
644 type != IOMMU_DOMAIN_DMA &&
645 type != IOMMU_DOMAIN_IDENTITY)
648 vdomain = kzalloc(sizeof(*vdomain), GFP_KERNEL);
652 mutex_init(&vdomain->mutex);
653 spin_lock_init(&vdomain->mappings_lock);
654 vdomain->mappings = RB_ROOT_CACHED;
656 return &vdomain->domain;
659 static int viommu_domain_finalise(struct viommu_endpoint *vdev,
660 struct iommu_domain *domain)
663 unsigned long viommu_page_size;
664 struct viommu_dev *viommu = vdev->viommu;
665 struct viommu_domain *vdomain = to_viommu_domain(domain);
667 viommu_page_size = 1UL << __ffs(viommu->pgsize_bitmap);
668 if (viommu_page_size > PAGE_SIZE) {
670 "granule 0x%lx larger than system page size 0x%lx\n",
671 viommu_page_size, PAGE_SIZE);
675 ret = ida_alloc_range(&viommu->domain_ids, viommu->first_domain,
676 viommu->last_domain, GFP_KERNEL);
680 vdomain->id = (unsigned int)ret;
682 domain->pgsize_bitmap = viommu->pgsize_bitmap;
683 domain->geometry = viommu->geometry;
685 vdomain->map_flags = viommu->map_flags;
686 vdomain->viommu = viommu;
688 if (domain->type == IOMMU_DOMAIN_IDENTITY) {
689 if (virtio_has_feature(viommu->vdev,
690 VIRTIO_IOMMU_F_BYPASS_CONFIG)) {
691 vdomain->bypass = true;
695 ret = viommu_domain_map_identity(vdev, vdomain);
697 ida_free(&viommu->domain_ids, vdomain->id);
698 vdomain->viommu = NULL;
706 static void viommu_domain_free(struct iommu_domain *domain)
708 struct viommu_domain *vdomain = to_viommu_domain(domain);
710 /* Free all remaining mappings */
711 viommu_del_mappings(vdomain, 0, ULLONG_MAX);
714 ida_free(&vdomain->viommu->domain_ids, vdomain->id);
719 static int viommu_attach_dev(struct iommu_domain *domain, struct device *dev)
723 struct virtio_iommu_req_attach req;
724 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
725 struct viommu_endpoint *vdev = dev_iommu_priv_get(dev);
726 struct viommu_domain *vdomain = to_viommu_domain(domain);
728 mutex_lock(&vdomain->mutex);
729 if (!vdomain->viommu) {
731 * Properly initialize the domain now that we know which viommu
734 ret = viommu_domain_finalise(vdev, domain);
735 } else if (vdomain->viommu != vdev->viommu) {
736 dev_err(dev, "cannot attach to foreign vIOMMU\n");
739 mutex_unlock(&vdomain->mutex);
745 * In the virtio-iommu device, when attaching the endpoint to a new
746 * domain, it is detached from the old one and, if as a result the
747 * old domain isn't attached to any endpoint, all mappings are removed
748 * from the old domain and it is freed.
750 * In the driver the old domain still exists, and its mappings will be
751 * recreated if it gets reattached to an endpoint. Otherwise it will be
754 * vdev->vdomain is protected by group->mutex
757 vdev->vdomain->nr_endpoints--;
759 req = (struct virtio_iommu_req_attach) {
760 .head.type = VIRTIO_IOMMU_T_ATTACH,
761 .domain = cpu_to_le32(vdomain->id),
765 req.flags |= cpu_to_le32(VIRTIO_IOMMU_ATTACH_F_BYPASS);
767 for (i = 0; i < fwspec->num_ids; i++) {
768 req.endpoint = cpu_to_le32(fwspec->ids[i]);
770 ret = viommu_send_req_sync(vdomain->viommu, &req, sizeof(req));
775 if (!vdomain->nr_endpoints) {
777 * This endpoint is the first to be attached to the domain.
778 * Replay existing mappings (e.g. SW MSI).
780 ret = viommu_replay_mappings(vdomain);
785 vdomain->nr_endpoints++;
786 vdev->vdomain = vdomain;
791 static int viommu_map(struct iommu_domain *domain, unsigned long iova,
792 phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
796 u64 end = iova + size - 1;
797 struct virtio_iommu_req_map map;
798 struct viommu_domain *vdomain = to_viommu_domain(domain);
800 flags = (prot & IOMMU_READ ? VIRTIO_IOMMU_MAP_F_READ : 0) |
801 (prot & IOMMU_WRITE ? VIRTIO_IOMMU_MAP_F_WRITE : 0) |
802 (prot & IOMMU_MMIO ? VIRTIO_IOMMU_MAP_F_MMIO : 0);
804 if (flags & ~vdomain->map_flags)
807 ret = viommu_add_mapping(vdomain, iova, end, paddr, flags);
811 map = (struct virtio_iommu_req_map) {
812 .head.type = VIRTIO_IOMMU_T_MAP,
813 .domain = cpu_to_le32(vdomain->id),
814 .virt_start = cpu_to_le64(iova),
815 .phys_start = cpu_to_le64(paddr),
816 .virt_end = cpu_to_le64(end),
817 .flags = cpu_to_le32(flags),
820 if (!vdomain->nr_endpoints)
823 ret = viommu_send_req_sync(vdomain->viommu, &map, sizeof(map));
825 viommu_del_mappings(vdomain, iova, end);
830 static size_t viommu_unmap(struct iommu_domain *domain, unsigned long iova,
831 size_t size, struct iommu_iotlb_gather *gather)
835 struct virtio_iommu_req_unmap unmap;
836 struct viommu_domain *vdomain = to_viommu_domain(domain);
838 unmapped = viommu_del_mappings(vdomain, iova, iova + size - 1);
842 /* Device already removed all mappings after detach. */
843 if (!vdomain->nr_endpoints)
846 unmap = (struct virtio_iommu_req_unmap) {
847 .head.type = VIRTIO_IOMMU_T_UNMAP,
848 .domain = cpu_to_le32(vdomain->id),
849 .virt_start = cpu_to_le64(iova),
850 .virt_end = cpu_to_le64(iova + unmapped - 1),
853 ret = viommu_add_req(vdomain->viommu, &unmap, sizeof(unmap));
854 return ret ? 0 : unmapped;
857 static phys_addr_t viommu_iova_to_phys(struct iommu_domain *domain,
862 struct viommu_mapping *mapping;
863 struct interval_tree_node *node;
864 struct viommu_domain *vdomain = to_viommu_domain(domain);
866 spin_lock_irqsave(&vdomain->mappings_lock, flags);
867 node = interval_tree_iter_first(&vdomain->mappings, iova, iova);
869 mapping = container_of(node, struct viommu_mapping, iova);
870 paddr = mapping->paddr + (iova - mapping->iova.start);
872 spin_unlock_irqrestore(&vdomain->mappings_lock, flags);
877 static void viommu_iotlb_sync(struct iommu_domain *domain,
878 struct iommu_iotlb_gather *gather)
880 struct viommu_domain *vdomain = to_viommu_domain(domain);
882 viommu_sync_req(vdomain->viommu);
885 static void viommu_get_resv_regions(struct device *dev, struct list_head *head)
887 struct iommu_resv_region *entry, *new_entry, *msi = NULL;
888 struct viommu_endpoint *vdev = dev_iommu_priv_get(dev);
889 int prot = IOMMU_WRITE | IOMMU_NOEXEC | IOMMU_MMIO;
891 list_for_each_entry(entry, &vdev->resv_regions, list) {
892 if (entry->type == IOMMU_RESV_MSI)
895 new_entry = kmemdup(entry, sizeof(*entry), GFP_KERNEL);
898 list_add_tail(&new_entry->list, head);
902 * If the device didn't register any bypass MSI window, add a
903 * software-mapped region.
906 msi = iommu_alloc_resv_region(MSI_IOVA_BASE, MSI_IOVA_LENGTH,
907 prot, IOMMU_RESV_SW_MSI);
911 list_add_tail(&msi->list, head);
914 iommu_dma_get_resv_regions(dev, head);
917 static struct iommu_ops viommu_ops;
918 static struct virtio_driver virtio_iommu_drv;
920 static int viommu_match_node(struct device *dev, const void *data)
922 return dev->parent->fwnode == data;
925 static struct viommu_dev *viommu_get_by_fwnode(struct fwnode_handle *fwnode)
927 struct device *dev = driver_find_device(&virtio_iommu_drv.driver, NULL,
928 fwnode, viommu_match_node);
931 return dev ? dev_to_virtio(dev)->priv : NULL;
934 static struct iommu_device *viommu_probe_device(struct device *dev)
937 struct viommu_endpoint *vdev;
938 struct viommu_dev *viommu = NULL;
939 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
941 if (!fwspec || fwspec->ops != &viommu_ops)
942 return ERR_PTR(-ENODEV);
944 viommu = viommu_get_by_fwnode(fwspec->iommu_fwnode);
946 return ERR_PTR(-ENODEV);
948 vdev = kzalloc(sizeof(*vdev), GFP_KERNEL);
950 return ERR_PTR(-ENOMEM);
953 vdev->viommu = viommu;
954 INIT_LIST_HEAD(&vdev->resv_regions);
955 dev_iommu_priv_set(dev, vdev);
957 if (viommu->probe_size) {
958 /* Get additional information for this endpoint */
959 ret = viommu_probe_endpoint(viommu, dev);
964 return &viommu->iommu;
967 generic_iommu_put_resv_regions(dev, &vdev->resv_regions);
973 static void viommu_probe_finalize(struct device *dev)
975 #ifndef CONFIG_ARCH_HAS_SETUP_DMA_OPS
976 /* First clear the DMA ops in case we're switching from a DMA domain */
977 set_dma_ops(dev, NULL);
978 iommu_setup_dma_ops(dev, 0, U64_MAX);
982 static void viommu_release_device(struct device *dev)
984 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
985 struct viommu_endpoint *vdev;
987 if (!fwspec || fwspec->ops != &viommu_ops)
990 vdev = dev_iommu_priv_get(dev);
992 generic_iommu_put_resv_regions(dev, &vdev->resv_regions);
996 static struct iommu_group *viommu_device_group(struct device *dev)
999 return pci_device_group(dev);
1001 return generic_device_group(dev);
1004 static int viommu_of_xlate(struct device *dev, struct of_phandle_args *args)
1006 return iommu_fwspec_add_ids(dev, args->args, 1);
1009 static struct iommu_ops viommu_ops = {
1010 .domain_alloc = viommu_domain_alloc,
1011 .probe_device = viommu_probe_device,
1012 .probe_finalize = viommu_probe_finalize,
1013 .release_device = viommu_release_device,
1014 .device_group = viommu_device_group,
1015 .get_resv_regions = viommu_get_resv_regions,
1016 .put_resv_regions = generic_iommu_put_resv_regions,
1017 .of_xlate = viommu_of_xlate,
1018 .owner = THIS_MODULE,
1019 .default_domain_ops = &(const struct iommu_domain_ops) {
1020 .attach_dev = viommu_attach_dev,
1022 .unmap = viommu_unmap,
1023 .iova_to_phys = viommu_iova_to_phys,
1024 .iotlb_sync = viommu_iotlb_sync,
1025 .free = viommu_domain_free,
1029 static int viommu_init_vqs(struct viommu_dev *viommu)
1031 struct virtio_device *vdev = dev_to_virtio(viommu->dev);
1032 const char *names[] = { "request", "event" };
1033 vq_callback_t *callbacks[] = {
1034 NULL, /* No async requests */
1035 viommu_event_handler,
1038 return virtio_find_vqs(vdev, VIOMMU_NR_VQS, viommu->vqs, callbacks,
1042 static int viommu_fill_evtq(struct viommu_dev *viommu)
1045 struct scatterlist sg[1];
1046 struct viommu_event *evts;
1047 struct virtqueue *vq = viommu->vqs[VIOMMU_EVENT_VQ];
1048 size_t nr_evts = vq->num_free;
1050 viommu->evts = evts = devm_kmalloc_array(viommu->dev, nr_evts,
1051 sizeof(*evts), GFP_KERNEL);
1055 for (i = 0; i < nr_evts; i++) {
1056 sg_init_one(sg, &evts[i], sizeof(*evts));
1057 ret = virtqueue_add_inbuf(vq, sg, 1, &evts[i], GFP_KERNEL);
1065 static int viommu_probe(struct virtio_device *vdev)
1067 struct device *parent_dev = vdev->dev.parent;
1068 struct viommu_dev *viommu = NULL;
1069 struct device *dev = &vdev->dev;
1070 u64 input_start = 0;
1071 u64 input_end = -1UL;
1074 if (!virtio_has_feature(vdev, VIRTIO_F_VERSION_1) ||
1075 !virtio_has_feature(vdev, VIRTIO_IOMMU_F_MAP_UNMAP))
1078 viommu = devm_kzalloc(dev, sizeof(*viommu), GFP_KERNEL);
1082 spin_lock_init(&viommu->request_lock);
1083 ida_init(&viommu->domain_ids);
1085 viommu->vdev = vdev;
1086 INIT_LIST_HEAD(&viommu->requests);
1088 ret = viommu_init_vqs(viommu);
1092 virtio_cread_le(vdev, struct virtio_iommu_config, page_size_mask,
1093 &viommu->pgsize_bitmap);
1095 if (!viommu->pgsize_bitmap) {
1100 viommu->map_flags = VIRTIO_IOMMU_MAP_F_READ | VIRTIO_IOMMU_MAP_F_WRITE;
1101 viommu->last_domain = ~0U;
1103 /* Optional features */
1104 virtio_cread_le_feature(vdev, VIRTIO_IOMMU_F_INPUT_RANGE,
1105 struct virtio_iommu_config, input_range.start,
1108 virtio_cread_le_feature(vdev, VIRTIO_IOMMU_F_INPUT_RANGE,
1109 struct virtio_iommu_config, input_range.end,
1112 virtio_cread_le_feature(vdev, VIRTIO_IOMMU_F_DOMAIN_RANGE,
1113 struct virtio_iommu_config, domain_range.start,
1114 &viommu->first_domain);
1116 virtio_cread_le_feature(vdev, VIRTIO_IOMMU_F_DOMAIN_RANGE,
1117 struct virtio_iommu_config, domain_range.end,
1118 &viommu->last_domain);
1120 virtio_cread_le_feature(vdev, VIRTIO_IOMMU_F_PROBE,
1121 struct virtio_iommu_config, probe_size,
1122 &viommu->probe_size);
1124 viommu->geometry = (struct iommu_domain_geometry) {
1125 .aperture_start = input_start,
1126 .aperture_end = input_end,
1127 .force_aperture = true,
1130 if (virtio_has_feature(vdev, VIRTIO_IOMMU_F_MMIO))
1131 viommu->map_flags |= VIRTIO_IOMMU_MAP_F_MMIO;
1133 viommu_ops.pgsize_bitmap = viommu->pgsize_bitmap;
1135 virtio_device_ready(vdev);
1137 /* Populate the event queue with buffers */
1138 ret = viommu_fill_evtq(viommu);
1142 ret = iommu_device_sysfs_add(&viommu->iommu, dev, NULL, "%s",
1143 virtio_bus_name(vdev));
1147 iommu_device_register(&viommu->iommu, &viommu_ops, parent_dev);
1150 if (pci_bus_type.iommu_ops != &viommu_ops) {
1151 ret = bus_set_iommu(&pci_bus_type, &viommu_ops);
1153 goto err_unregister;
1156 #ifdef CONFIG_ARM_AMBA
1157 if (amba_bustype.iommu_ops != &viommu_ops) {
1158 ret = bus_set_iommu(&amba_bustype, &viommu_ops);
1160 goto err_unregister;
1163 if (platform_bus_type.iommu_ops != &viommu_ops) {
1164 ret = bus_set_iommu(&platform_bus_type, &viommu_ops);
1166 goto err_unregister;
1169 vdev->priv = viommu;
1171 dev_info(dev, "input address: %u bits\n",
1172 order_base_2(viommu->geometry.aperture_end));
1173 dev_info(dev, "page mask: %#llx\n", viommu->pgsize_bitmap);
1178 iommu_device_sysfs_remove(&viommu->iommu);
1179 iommu_device_unregister(&viommu->iommu);
1181 vdev->config->del_vqs(vdev);
1186 static void viommu_remove(struct virtio_device *vdev)
1188 struct viommu_dev *viommu = vdev->priv;
1190 iommu_device_sysfs_remove(&viommu->iommu);
1191 iommu_device_unregister(&viommu->iommu);
1193 /* Stop all virtqueues */
1194 virtio_reset_device(vdev);
1195 vdev->config->del_vqs(vdev);
1197 dev_info(&vdev->dev, "device removed\n");
1200 static void viommu_config_changed(struct virtio_device *vdev)
1202 dev_warn(&vdev->dev, "config changed\n");
1205 static unsigned int features[] = {
1206 VIRTIO_IOMMU_F_MAP_UNMAP,
1207 VIRTIO_IOMMU_F_INPUT_RANGE,
1208 VIRTIO_IOMMU_F_DOMAIN_RANGE,
1209 VIRTIO_IOMMU_F_PROBE,
1210 VIRTIO_IOMMU_F_MMIO,
1211 VIRTIO_IOMMU_F_BYPASS_CONFIG,
1214 static struct virtio_device_id id_table[] = {
1215 { VIRTIO_ID_IOMMU, VIRTIO_DEV_ANY_ID },
1218 MODULE_DEVICE_TABLE(virtio, id_table);
1220 static struct virtio_driver virtio_iommu_drv = {
1221 .driver.name = KBUILD_MODNAME,
1222 .driver.owner = THIS_MODULE,
1223 .id_table = id_table,
1224 .feature_table = features,
1225 .feature_table_size = ARRAY_SIZE(features),
1226 .probe = viommu_probe,
1227 .remove = viommu_remove,
1228 .config_changed = viommu_config_changed,
1231 module_virtio_driver(virtio_iommu_drv);
1233 MODULE_DESCRIPTION("Virtio IOMMU driver");
1234 MODULE_AUTHOR("Jean-Philippe Brucker <jean-philippe.brucker@arm.com>");
1235 MODULE_LICENSE("GPL v2");
projects / releases.git / blob