1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2007-2008 Advanced Micro Devices, Inc.
4 * Author: Joerg Roedel <jroedel@suse.de>
5 */
6
7 #define pr_fmt(fmt) "iommu: " fmt
8
9 #include <linux/device.h>
10 #include <linux/kernel.h>
11 #include <linux/bits.h>
12 #include <linux/bug.h>
13 #include <linux/types.h>
14 #include <linux/init.h>
15 #include <linux/export.h>
16 #include <linux/slab.h>
17 #include <linux/errno.h>
18 #include <linux/iommu.h>
19 #include <linux/idr.h>
20 #include <linux/notifier.h>
21 #include <linux/err.h>
22 #include <linux/pci.h>
23 #include <linux/bitops.h>
24 #include <linux/property.h>
25 #include <linux/fsl/mc.h>
26 #include <linux/module.h>
27 #include <trace/events/iommu.h>
28
29 static struct kset *iommu_group_kset;
30 static DEFINE_IDA(iommu_group_ida);
31
32 static unsigned int iommu_def_domain_type __read_mostly;
33 static bool iommu_dma_strict __read_mostly = true;
34 static u32 iommu_cmd_line __read_mostly;
35
36 struct iommu_group {
37 struct kobject kobj;
38 struct kobject *devices_kobj;
39 struct list_head devices;
40 struct mutex mutex;
41 struct blocking_notifier_head notifier;
42 void *iommu_data;
43 void (*iommu_data_release)(void *iommu_data);
44 char *name;
45 int id;
46 struct iommu_domain *default_domain;
47 struct iommu_domain *domain;
48 struct list_head entry;
49 };
50
51 struct group_device {
52 struct list_head list;
53 struct device *dev;
54 char *name;
55 };
56
57 struct iommu_group_attribute {
58 struct attribute attr;
59 ssize_t (*show)(struct iommu_group *group, char *buf);
60 ssize_t (*store)(struct iommu_group *group,
61 const char *buf, size_t count);
62 };
63
64 static const char * const iommu_group_resv_type_string[] = {
65 [IOMMU_RESV_DIRECT] = "direct",
66 [IOMMU_RESV_DIRECT_RELAXABLE] = "direct-relaxable",
67 [IOMMU_RESV_RESERVED] = "reserved",
68 [IOMMU_RESV_MSI] = "msi",
69 [IOMMU_RESV_SW_MSI] = "msi",
70 };
71
72 #define IOMMU_CMD_LINE_DMA_API BIT(0)
73
iommu_set_cmd_line_dma_api(void)74 static void iommu_set_cmd_line_dma_api(void)
75 {
76 iommu_cmd_line |= IOMMU_CMD_LINE_DMA_API;
77 }
78
iommu_cmd_line_dma_api(void)79 static bool iommu_cmd_line_dma_api(void)
80 {
81 return !!(iommu_cmd_line & IOMMU_CMD_LINE_DMA_API);
82 }
83
84 static int iommu_alloc_default_domain(struct iommu_group *group,
85 struct device *dev);
86 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
87 unsigned type);
88 static int __iommu_attach_device(struct iommu_domain *domain,
89 struct device *dev);
90 static int __iommu_attach_group(struct iommu_domain *domain,
91 struct iommu_group *group);
92 static void __iommu_detach_group(struct iommu_domain *domain,
93 struct iommu_group *group);
94 static int iommu_create_device_direct_mappings(struct iommu_group *group,
95 struct device *dev);
96 static struct iommu_group *iommu_group_get_for_dev(struct device *dev);
97
98 #define IOMMU_GROUP_ATTR(_name, _mode, _show, _store) \
99 struct iommu_group_attribute iommu_group_attr_##_name = \
100 __ATTR(_name, _mode, _show, _store)
101
102 #define to_iommu_group_attr(_attr) \
103 container_of(_attr, struct iommu_group_attribute, attr)
104 #define to_iommu_group(_kobj) \
105 container_of(_kobj, struct iommu_group, kobj)
106
107 static LIST_HEAD(iommu_device_list);
108 static DEFINE_SPINLOCK(iommu_device_lock);
109
110 /*
111 * Use a function instead of an array here because the domain-type is a
112 * bit-field, so an array would waste memory.
113 */
iommu_domain_type_str(unsigned int t)114 static const char *iommu_domain_type_str(unsigned int t)
115 {
116 switch (t) {
117 case IOMMU_DOMAIN_BLOCKED:
118 return "Blocked";
119 case IOMMU_DOMAIN_IDENTITY:
120 return "Passthrough";
121 case IOMMU_DOMAIN_UNMANAGED:
122 return "Unmanaged";
123 case IOMMU_DOMAIN_DMA:
124 return "Translated";
125 default:
126 return "Unknown";
127 }
128 }
129
iommu_subsys_init(void)130 static int __init iommu_subsys_init(void)
131 {
132 bool cmd_line = iommu_cmd_line_dma_api();
133
134 if (!cmd_line) {
135 if (IS_ENABLED(CONFIG_IOMMU_DEFAULT_PASSTHROUGH))
136 iommu_set_default_passthrough(false);
137 else
138 iommu_set_default_translated(false);
139
140 if (iommu_default_passthrough() && mem_encrypt_active()) {
141 pr_info("Memory encryption detected - Disabling default IOMMU Passthrough\n");
142 iommu_set_default_translated(false);
143 }
144 }
145
146 pr_info("Default domain type: %s %s\n",
147 iommu_domain_type_str(iommu_def_domain_type),
148 cmd_line ? "(set via kernel command line)" : "");
149
150 return 0;
151 }
152 subsys_initcall(iommu_subsys_init);
153
iommu_device_register(struct iommu_device * iommu)154 int iommu_device_register(struct iommu_device *iommu)
155 {
156 spin_lock(&iommu_device_lock);
157 list_add_tail(&iommu->list, &iommu_device_list);
158 spin_unlock(&iommu_device_lock);
159 return 0;
160 }
161 EXPORT_SYMBOL_GPL(iommu_device_register);
162
iommu_device_unregister(struct iommu_device * iommu)163 void iommu_device_unregister(struct iommu_device *iommu)
164 {
165 spin_lock(&iommu_device_lock);
166 list_del(&iommu->list);
167 spin_unlock(&iommu_device_lock);
168 }
169 EXPORT_SYMBOL_GPL(iommu_device_unregister);
170
dev_iommu_get(struct device * dev)171 static struct dev_iommu *dev_iommu_get(struct device *dev)
172 {
173 struct dev_iommu *param = dev->iommu;
174
175 if (param)
176 return param;
177
178 param = kzalloc(sizeof(*param), GFP_KERNEL);
179 if (!param)
180 return NULL;
181
182 mutex_init(¶m->lock);
183 dev->iommu = param;
184 return param;
185 }
186
dev_iommu_free(struct device * dev)187 static void dev_iommu_free(struct device *dev)
188 {
189 struct dev_iommu *param = dev->iommu;
190
191 dev->iommu = NULL;
192 if (param->fwspec) {
193 fwnode_handle_put(param->fwspec->iommu_fwnode);
194 kfree(param->fwspec);
195 }
196 kfree(param);
197 }
198
__iommu_probe_device(struct device * dev,struct list_head * group_list)199 static int __iommu_probe_device(struct device *dev, struct list_head *group_list)
200 {
201 const struct iommu_ops *ops = dev->bus->iommu_ops;
202 struct iommu_device *iommu_dev;
203 struct iommu_group *group;
204 int ret;
205
206 if (!ops)
207 return -ENODEV;
208
209 if (!dev_iommu_get(dev))
210 return -ENOMEM;
211
212 if (!try_module_get(ops->owner)) {
213 ret = -EINVAL;
214 goto err_free;
215 }
216
217 iommu_dev = ops->probe_device(dev);
218 if (IS_ERR(iommu_dev)) {
219 ret = PTR_ERR(iommu_dev);
220 goto out_module_put;
221 }
222
223 dev->iommu->iommu_dev = iommu_dev;
224
225 group = iommu_group_get_for_dev(dev);
226 if (IS_ERR(group)) {
227 ret = PTR_ERR(group);
228 goto out_release;
229 }
230 iommu_group_put(group);
231
232 if (group_list && !group->default_domain && list_empty(&group->entry))
233 list_add_tail(&group->entry, group_list);
234
235 iommu_device_link(iommu_dev, dev);
236
237 return 0;
238
239 out_release:
240 ops->release_device(dev);
241
242 out_module_put:
243 module_put(ops->owner);
244
245 err_free:
246 dev_iommu_free(dev);
247
248 return ret;
249 }
250
iommu_probe_device(struct device * dev)251 int iommu_probe_device(struct device *dev)
252 {
253 const struct iommu_ops *ops = dev->bus->iommu_ops;
254 struct iommu_group *group;
255 int ret;
256
257 ret = __iommu_probe_device(dev, NULL);
258 if (ret)
259 goto err_out;
260
261 group = iommu_group_get(dev);
262 if (!group)
263 goto err_release;
264
265 /*
266 * Try to allocate a default domain - needs support from the
267 * IOMMU driver. There are still some drivers which don't
268 * support default domains, so the return value is not yet
269 * checked.
270 */
271 mutex_lock(&group->mutex);
272 iommu_alloc_default_domain(group, dev);
273
274 if (group->default_domain) {
275 ret = __iommu_attach_device(group->default_domain, dev);
276 if (ret) {
277 mutex_unlock(&group->mutex);
278 iommu_group_put(group);
279 goto err_release;
280 }
281 }
282
283 iommu_create_device_direct_mappings(group, dev);
284
285 mutex_unlock(&group->mutex);
286 iommu_group_put(group);
287
288 if (ops->probe_finalize)
289 ops->probe_finalize(dev);
290
291 return 0;
292
293 err_release:
294 iommu_release_device(dev);
295
296 err_out:
297 return ret;
298
299 }
300
iommu_release_device(struct device * dev)301 void iommu_release_device(struct device *dev)
302 {
303 const struct iommu_ops *ops = dev->bus->iommu_ops;
304
305 if (!dev->iommu)
306 return;
307
308 iommu_device_unlink(dev->iommu->iommu_dev, dev);
309
310 ops->release_device(dev);
311
312 iommu_group_remove_device(dev);
313 module_put(ops->owner);
314 dev_iommu_free(dev);
315 }
316
iommu_set_def_domain_type(char * str)317 static int __init iommu_set_def_domain_type(char *str)
318 {
319 bool pt;
320 int ret;
321
322 ret = kstrtobool(str, &pt);
323 if (ret)
324 return ret;
325
326 if (pt)
327 iommu_set_default_passthrough(true);
328 else
329 iommu_set_default_translated(true);
330
331 return 0;
332 }
333 early_param("iommu.passthrough", iommu_set_def_domain_type);
334
iommu_dma_setup(char * str)335 static int __init iommu_dma_setup(char *str)
336 {
337 return kstrtobool(str, &iommu_dma_strict);
338 }
339 early_param("iommu.strict", iommu_dma_setup);
340
iommu_group_attr_show(struct kobject * kobj,struct attribute * __attr,char * buf)341 static ssize_t iommu_group_attr_show(struct kobject *kobj,
342 struct attribute *__attr, char *buf)
343 {
344 struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
345 struct iommu_group *group = to_iommu_group(kobj);
346 ssize_t ret = -EIO;
347
348 if (attr->show)
349 ret = attr->show(group, buf);
350 return ret;
351 }
352
iommu_group_attr_store(struct kobject * kobj,struct attribute * __attr,const char * buf,size_t count)353 static ssize_t iommu_group_attr_store(struct kobject *kobj,
354 struct attribute *__attr,
355 const char *buf, size_t count)
356 {
357 struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
358 struct iommu_group *group = to_iommu_group(kobj);
359 ssize_t ret = -EIO;
360
361 if (attr->store)
362 ret = attr->store(group, buf, count);
363 return ret;
364 }
365
366 static const struct sysfs_ops iommu_group_sysfs_ops = {
367 .show = iommu_group_attr_show,
368 .store = iommu_group_attr_store,
369 };
370
iommu_group_create_file(struct iommu_group * group,struct iommu_group_attribute * attr)371 static int iommu_group_create_file(struct iommu_group *group,
372 struct iommu_group_attribute *attr)
373 {
374 return sysfs_create_file(&group->kobj, &attr->attr);
375 }
376
iommu_group_remove_file(struct iommu_group * group,struct iommu_group_attribute * attr)377 static void iommu_group_remove_file(struct iommu_group *group,
378 struct iommu_group_attribute *attr)
379 {
380 sysfs_remove_file(&group->kobj, &attr->attr);
381 }
382
iommu_group_show_name(struct iommu_group * group,char * buf)383 static ssize_t iommu_group_show_name(struct iommu_group *group, char *buf)
384 {
385 return sprintf(buf, "%s\n", group->name);
386 }
387
388 /**
389 * iommu_insert_resv_region - Insert a new region in the
390 * list of reserved regions.
391 * @new: new region to insert
392 * @regions: list of regions
393 *
394 * Elements are sorted by start address and overlapping segments
395 * of the same type are merged.
396 */
iommu_insert_resv_region(struct iommu_resv_region * new,struct list_head * regions)397 static int iommu_insert_resv_region(struct iommu_resv_region *new,
398 struct list_head *regions)
399 {
400 struct iommu_resv_region *iter, *tmp, *nr, *top;
401 LIST_HEAD(stack);
402
403 nr = iommu_alloc_resv_region(new->start, new->length,
404 new->prot, new->type);
405 if (!nr)
406 return -ENOMEM;
407
408 /* First add the new element based on start address sorting */
409 list_for_each_entry(iter, regions, list) {
410 if (nr->start < iter->start ||
411 (nr->start == iter->start && nr->type <= iter->type))
412 break;
413 }
414 list_add_tail(&nr->list, &iter->list);
415
416 /* Merge overlapping segments of type nr->type in @regions, if any */
417 list_for_each_entry_safe(iter, tmp, regions, list) {
418 phys_addr_t top_end, iter_end = iter->start + iter->length - 1;
419
420 /* no merge needed on elements of different types than @new */
421 if (iter->type != new->type) {
422 list_move_tail(&iter->list, &stack);
423 continue;
424 }
425
426 /* look for the last stack element of same type as @iter */
427 list_for_each_entry_reverse(top, &stack, list)
428 if (top->type == iter->type)
429 goto check_overlap;
430
431 list_move_tail(&iter->list, &stack);
432 continue;
433
434 check_overlap:
435 top_end = top->start + top->length - 1;
436
437 if (iter->start > top_end + 1) {
438 list_move_tail(&iter->list, &stack);
439 } else {
440 top->length = max(top_end, iter_end) - top->start + 1;
441 list_del(&iter->list);
442 kfree(iter);
443 }
444 }
445 list_splice(&stack, regions);
446 return 0;
447 }
448
449 static int
iommu_insert_device_resv_regions(struct list_head * dev_resv_regions,struct list_head * group_resv_regions)450 iommu_insert_device_resv_regions(struct list_head *dev_resv_regions,
451 struct list_head *group_resv_regions)
452 {
453 struct iommu_resv_region *entry;
454 int ret = 0;
455
456 list_for_each_entry(entry, dev_resv_regions, list) {
457 ret = iommu_insert_resv_region(entry, group_resv_regions);
458 if (ret)
459 break;
460 }
461 return ret;
462 }
463
iommu_get_group_resv_regions(struct iommu_group * group,struct list_head * head)464 int iommu_get_group_resv_regions(struct iommu_group *group,
465 struct list_head *head)
466 {
467 struct group_device *device;
468 int ret = 0;
469
470 mutex_lock(&group->mutex);
471 list_for_each_entry(device, &group->devices, list) {
472 struct list_head dev_resv_regions;
473
474 INIT_LIST_HEAD(&dev_resv_regions);
475 iommu_get_resv_regions(device->dev, &dev_resv_regions);
476 ret = iommu_insert_device_resv_regions(&dev_resv_regions, head);
477 iommu_put_resv_regions(device->dev, &dev_resv_regions);
478 if (ret)
479 break;
480 }
481 mutex_unlock(&group->mutex);
482 return ret;
483 }
484 EXPORT_SYMBOL_GPL(iommu_get_group_resv_regions);
485
iommu_group_show_resv_regions(struct iommu_group * group,char * buf)486 static ssize_t iommu_group_show_resv_regions(struct iommu_group *group,
487 char *buf)
488 {
489 struct iommu_resv_region *region, *next;
490 struct list_head group_resv_regions;
491 char *str = buf;
492
493 INIT_LIST_HEAD(&group_resv_regions);
494 iommu_get_group_resv_regions(group, &group_resv_regions);
495
496 list_for_each_entry_safe(region, next, &group_resv_regions, list) {
497 str += sprintf(str, "0x%016llx 0x%016llx %s\n",
498 (long long int)region->start,
499 (long long int)(region->start +
500 region->length - 1),
501 iommu_group_resv_type_string[region->type]);
502 kfree(region);
503 }
504
505 return (str - buf);
506 }
507
iommu_group_show_type(struct iommu_group * group,char * buf)508 static ssize_t iommu_group_show_type(struct iommu_group *group,
509 char *buf)
510 {
511 char *type = "unknown\n";
512
513 if (group->default_domain) {
514 switch (group->default_domain->type) {
515 case IOMMU_DOMAIN_BLOCKED:
516 type = "blocked\n";
517 break;
518 case IOMMU_DOMAIN_IDENTITY:
519 type = "identity\n";
520 break;
521 case IOMMU_DOMAIN_UNMANAGED:
522 type = "unmanaged\n";
523 break;
524 case IOMMU_DOMAIN_DMA:
525 type = "DMA\n";
526 break;
527 }
528 }
529 strcpy(buf, type);
530
531 return strlen(type);
532 }
533
534 static IOMMU_GROUP_ATTR(name, S_IRUGO, iommu_group_show_name, NULL);
535
536 static IOMMU_GROUP_ATTR(reserved_regions, 0444,
537 iommu_group_show_resv_regions, NULL);
538
539 static IOMMU_GROUP_ATTR(type, 0444, iommu_group_show_type, NULL);
540
iommu_group_release(struct kobject * kobj)541 static void iommu_group_release(struct kobject *kobj)
542 {
543 struct iommu_group *group = to_iommu_group(kobj);
544
545 pr_debug("Releasing group %d\n", group->id);
546
547 if (group->iommu_data_release)
548 group->iommu_data_release(group->iommu_data);
549
550 ida_simple_remove(&iommu_group_ida, group->id);
551
552 if (group->default_domain)
553 iommu_domain_free(group->default_domain);
554
555 kfree(group->name);
556 kfree(group);
557 }
558
559 static struct kobj_type iommu_group_ktype = {
560 .sysfs_ops = &iommu_group_sysfs_ops,
561 .release = iommu_group_release,
562 };
563
564 /**
565 * iommu_group_alloc - Allocate a new group
566 *
567 * This function is called by an iommu driver to allocate a new iommu
568 * group. The iommu group represents the minimum granularity of the iommu.
569 * Upon successful return, the caller holds a reference to the supplied
570 * group in order to hold the group until devices are added. Use
571 * iommu_group_put() to release this extra reference count, allowing the
572 * group to be automatically reclaimed once it has no devices or external
573 * references.
574 */
iommu_group_alloc(void)575 struct iommu_group *iommu_group_alloc(void)
576 {
577 struct iommu_group *group;
578 int ret;
579
580 group = kzalloc(sizeof(*group), GFP_KERNEL);
581 if (!group)
582 return ERR_PTR(-ENOMEM);
583
584 group->kobj.kset = iommu_group_kset;
585 mutex_init(&group->mutex);
586 INIT_LIST_HEAD(&group->devices);
587 INIT_LIST_HEAD(&group->entry);
588 BLOCKING_INIT_NOTIFIER_HEAD(&group->notifier);
589
590 ret = ida_simple_get(&iommu_group_ida, 0, 0, GFP_KERNEL);
591 if (ret < 0) {
592 kfree(group);
593 return ERR_PTR(ret);
594 }
595 group->id = ret;
596
597 ret = kobject_init_and_add(&group->kobj, &iommu_group_ktype,
598 NULL, "%d", group->id);
599 if (ret) {
600 ida_simple_remove(&iommu_group_ida, group->id);
601 kobject_put(&group->kobj);
602 return ERR_PTR(ret);
603 }
604
605 group->devices_kobj = kobject_create_and_add("devices", &group->kobj);
606 if (!group->devices_kobj) {
607 kobject_put(&group->kobj); /* triggers .release & free */
608 return ERR_PTR(-ENOMEM);
609 }
610
611 /*
612 * The devices_kobj holds a reference on the group kobject, so
613 * as long as that exists so will the group. We can therefore
614 * use the devices_kobj for reference counting.
615 */
616 kobject_put(&group->kobj);
617
618 ret = iommu_group_create_file(group,
619 &iommu_group_attr_reserved_regions);
620 if (ret)
621 return ERR_PTR(ret);
622
623 ret = iommu_group_create_file(group, &iommu_group_attr_type);
624 if (ret)
625 return ERR_PTR(ret);
626
627 pr_debug("Allocated group %d\n", group->id);
628
629 return group;
630 }
631 EXPORT_SYMBOL_GPL(iommu_group_alloc);
632
iommu_group_get_by_id(int id)633 struct iommu_group *iommu_group_get_by_id(int id)
634 {
635 struct kobject *group_kobj;
636 struct iommu_group *group;
637 const char *name;
638
639 if (!iommu_group_kset)
640 return NULL;
641
642 name = kasprintf(GFP_KERNEL, "%d", id);
643 if (!name)
644 return NULL;
645
646 group_kobj = kset_find_obj(iommu_group_kset, name);
647 kfree(name);
648
649 if (!group_kobj)
650 return NULL;
651
652 group = container_of(group_kobj, struct iommu_group, kobj);
653 BUG_ON(group->id != id);
654
655 kobject_get(group->devices_kobj);
656 kobject_put(&group->kobj);
657
658 return group;
659 }
660 EXPORT_SYMBOL_GPL(iommu_group_get_by_id);
661
662 /**
663 * iommu_group_get_iommudata - retrieve iommu_data registered for a group
664 * @group: the group
665 *
666 * iommu drivers can store data in the group for use when doing iommu
667 * operations. This function provides a way to retrieve it. Caller
668 * should hold a group reference.
669 */
iommu_group_get_iommudata(struct iommu_group * group)670 void *iommu_group_get_iommudata(struct iommu_group *group)
671 {
672 return group->iommu_data;
673 }
674 EXPORT_SYMBOL_GPL(iommu_group_get_iommudata);
675
676 /**
677 * iommu_group_set_iommudata - set iommu_data for a group
678 * @group: the group
679 * @iommu_data: new data
680 * @release: release function for iommu_data
681 *
682 * iommu drivers can store data in the group for use when doing iommu
683 * operations. This function provides a way to set the data after
684 * the group has been allocated. Caller should hold a group reference.
685 */
iommu_group_set_iommudata(struct iommu_group * group,void * iommu_data,void (* release)(void * iommu_data))686 void iommu_group_set_iommudata(struct iommu_group *group, void *iommu_data,
687 void (*release)(void *iommu_data))
688 {
689 group->iommu_data = iommu_data;
690 group->iommu_data_release = release;
691 }
692 EXPORT_SYMBOL_GPL(iommu_group_set_iommudata);
693
694 /**
695 * iommu_group_set_name - set name for a group
696 * @group: the group
697 * @name: name
698 *
699 * Allow iommu driver to set a name for a group. When set it will
700 * appear in a name attribute file under the group in sysfs.
701 */
iommu_group_set_name(struct iommu_group * group,const char * name)702 int iommu_group_set_name(struct iommu_group *group, const char *name)
703 {
704 int ret;
705
706 if (group->name) {
707 iommu_group_remove_file(group, &iommu_group_attr_name);
708 kfree(group->name);
709 group->name = NULL;
710 if (!name)
711 return 0;
712 }
713
714 group->name = kstrdup(name, GFP_KERNEL);
715 if (!group->name)
716 return -ENOMEM;
717
718 ret = iommu_group_create_file(group, &iommu_group_attr_name);
719 if (ret) {
720 kfree(group->name);
721 group->name = NULL;
722 return ret;
723 }
724
725 return 0;
726 }
727 EXPORT_SYMBOL_GPL(iommu_group_set_name);
728
iommu_create_device_direct_mappings(struct iommu_group * group,struct device * dev)729 static int iommu_create_device_direct_mappings(struct iommu_group *group,
730 struct device *dev)
731 {
732 struct iommu_domain *domain = group->default_domain;
733 struct iommu_resv_region *entry;
734 struct list_head mappings;
735 unsigned long pg_size;
736 int ret = 0;
737
738 if (!domain || domain->type != IOMMU_DOMAIN_DMA)
739 return 0;
740
741 BUG_ON(!domain->pgsize_bitmap);
742
743 pg_size = 1UL << __ffs(domain->pgsize_bitmap);
744 INIT_LIST_HEAD(&mappings);
745
746 iommu_get_resv_regions(dev, &mappings);
747
748 /* We need to consider overlapping regions for different devices */
749 list_for_each_entry(entry, &mappings, list) {
750 dma_addr_t start, end, addr;
751
752 if (domain->ops->apply_resv_region)
753 domain->ops->apply_resv_region(dev, domain, entry);
754
755 start = ALIGN(entry->start, pg_size);
756 end = ALIGN(entry->start + entry->length, pg_size);
757
758 if (entry->type != IOMMU_RESV_DIRECT &&
759 entry->type != IOMMU_RESV_DIRECT_RELAXABLE)
760 continue;
761
762 for (addr = start; addr < end; addr += pg_size) {
763 phys_addr_t phys_addr;
764
765 phys_addr = iommu_iova_to_phys(domain, addr);
766 if (phys_addr)
767 continue;
768
769 ret = iommu_map(domain, addr, addr, pg_size, entry->prot);
770 if (ret)
771 goto out;
772 }
773
774 }
775
776 iommu_flush_iotlb_all(domain);
777
778 out:
779 iommu_put_resv_regions(dev, &mappings);
780
781 return ret;
782 }
783
iommu_is_attach_deferred(struct iommu_domain * domain,struct device * dev)784 static bool iommu_is_attach_deferred(struct iommu_domain *domain,
785 struct device *dev)
786 {
787 if (domain->ops->is_attach_deferred)
788 return domain->ops->is_attach_deferred(domain, dev);
789
790 return false;
791 }
792
793 /**
794 * iommu_group_add_device - add a device to an iommu group
795 * @group: the group into which to add the device (reference should be held)
796 * @dev: the device
797 *
798 * This function is called by an iommu driver to add a device into a
799 * group. Adding a device increments the group reference count.
800 */
iommu_group_add_device(struct iommu_group * group,struct device * dev)801 int iommu_group_add_device(struct iommu_group *group, struct device *dev)
802 {
803 int ret, i = 0;
804 struct group_device *device;
805
806 device = kzalloc(sizeof(*device), GFP_KERNEL);
807 if (!device)
808 return -ENOMEM;
809
810 device->dev = dev;
811
812 ret = sysfs_create_link(&dev->kobj, &group->kobj, "iommu_group");
813 if (ret)
814 goto err_free_device;
815
816 device->name = kasprintf(GFP_KERNEL, "%s", kobject_name(&dev->kobj));
817 rename:
818 if (!device->name) {
819 ret = -ENOMEM;
820 goto err_remove_link;
821 }
822
823 ret = sysfs_create_link_nowarn(group->devices_kobj,
824 &dev->kobj, device->name);
825 if (ret) {
826 if (ret == -EEXIST && i >= 0) {
827 /*
828 * Account for the slim chance of collision
829 * and append an instance to the name.
830 */
831 kfree(device->name);
832 device->name = kasprintf(GFP_KERNEL, "%s.%d",
833 kobject_name(&dev->kobj), i++);
834 goto rename;
835 }
836 goto err_free_name;
837 }
838
839 kobject_get(group->devices_kobj);
840
841 dev->iommu_group = group;
842
843 mutex_lock(&group->mutex);
844 list_add_tail(&device->list, &group->devices);
845 if (group->domain && !iommu_is_attach_deferred(group->domain, dev))
846 ret = __iommu_attach_device(group->domain, dev);
847 mutex_unlock(&group->mutex);
848 if (ret)
849 goto err_put_group;
850
851 /* Notify any listeners about change to group. */
852 blocking_notifier_call_chain(&group->notifier,
853 IOMMU_GROUP_NOTIFY_ADD_DEVICE, dev);
854
855 trace_add_device_to_group(group->id, dev);
856
857 dev_info(dev, "Adding to iommu group %d\n", group->id);
858
859 return 0;
860
861 err_put_group:
862 mutex_lock(&group->mutex);
863 list_del(&device->list);
864 mutex_unlock(&group->mutex);
865 dev->iommu_group = NULL;
866 kobject_put(group->devices_kobj);
867 sysfs_remove_link(group->devices_kobj, device->name);
868 err_free_name:
869 kfree(device->name);
870 err_remove_link:
871 sysfs_remove_link(&dev->kobj, "iommu_group");
872 err_free_device:
873 kfree(device);
874 dev_err(dev, "Failed to add to iommu group %d: %d\n", group->id, ret);
875 return ret;
876 }
877 EXPORT_SYMBOL_GPL(iommu_group_add_device);
878
879 /**
880 * iommu_group_remove_device - remove a device from it's current group
881 * @dev: device to be removed
882 *
883 * This function is called by an iommu driver to remove the device from
884 * it's current group. This decrements the iommu group reference count.
885 */
iommu_group_remove_device(struct device * dev)886 void iommu_group_remove_device(struct device *dev)
887 {
888 struct iommu_group *group = dev->iommu_group;
889 struct group_device *tmp_device, *device = NULL;
890
891 if (!group)
892 return;
893
894 dev_info(dev, "Removing from iommu group %d\n", group->id);
895
896 /* Pre-notify listeners that a device is being removed. */
897 blocking_notifier_call_chain(&group->notifier,
898 IOMMU_GROUP_NOTIFY_DEL_DEVICE, dev);
899
900 mutex_lock(&group->mutex);
901 list_for_each_entry(tmp_device, &group->devices, list) {
902 if (tmp_device->dev == dev) {
903 device = tmp_device;
904 list_del(&device->list);
905 break;
906 }
907 }
908 mutex_unlock(&group->mutex);
909
910 if (!device)
911 return;
912
913 sysfs_remove_link(group->devices_kobj, device->name);
914 sysfs_remove_link(&dev->kobj, "iommu_group");
915
916 trace_remove_device_from_group(group->id, dev);
917
918 kfree(device->name);
919 kfree(device);
920 dev->iommu_group = NULL;
921 kobject_put(group->devices_kobj);
922 }
923 EXPORT_SYMBOL_GPL(iommu_group_remove_device);
924
iommu_group_device_count(struct iommu_group * group)925 static int iommu_group_device_count(struct iommu_group *group)
926 {
927 struct group_device *entry;
928 int ret = 0;
929
930 list_for_each_entry(entry, &group->devices, list)
931 ret++;
932
933 return ret;
934 }
935
936 /**
937 * iommu_group_for_each_dev - iterate over each device in the group
938 * @group: the group
939 * @data: caller opaque data to be passed to callback function
940 * @fn: caller supplied callback function
941 *
942 * This function is called by group users to iterate over group devices.
943 * Callers should hold a reference count to the group during callback.
944 * The group->mutex is held across callbacks, which will block calls to
945 * iommu_group_add/remove_device.
946 */
__iommu_group_for_each_dev(struct iommu_group * group,void * data,int (* fn)(struct device *,void *))947 static int __iommu_group_for_each_dev(struct iommu_group *group, void *data,
948 int (*fn)(struct device *, void *))
949 {
950 struct group_device *device;
951 int ret = 0;
952
953 list_for_each_entry(device, &group->devices, list) {
954 ret = fn(device->dev, data);
955 if (ret)
956 break;
957 }
958 return ret;
959 }
960
961
iommu_group_for_each_dev(struct iommu_group * group,void * data,int (* fn)(struct device *,void *))962 int iommu_group_for_each_dev(struct iommu_group *group, void *data,
963 int (*fn)(struct device *, void *))
964 {
965 int ret;
966
967 mutex_lock(&group->mutex);
968 ret = __iommu_group_for_each_dev(group, data, fn);
969 mutex_unlock(&group->mutex);
970
971 return ret;
972 }
973 EXPORT_SYMBOL_GPL(iommu_group_for_each_dev);
974
975 /**
976 * iommu_group_get - Return the group for a device and increment reference
977 * @dev: get the group that this device belongs to
978 *
979 * This function is called by iommu drivers and users to get the group
980 * for the specified device. If found, the group is returned and the group
981 * reference in incremented, else NULL.
982 */
iommu_group_get(struct device * dev)983 struct iommu_group *iommu_group_get(struct device *dev)
984 {
985 struct iommu_group *group = dev->iommu_group;
986
987 if (group)
988 kobject_get(group->devices_kobj);
989
990 return group;
991 }
992 EXPORT_SYMBOL_GPL(iommu_group_get);
993
994 /**
995 * iommu_group_ref_get - Increment reference on a group
996 * @group: the group to use, must not be NULL
997 *
998 * This function is called by iommu drivers to take additional references on an
999 * existing group. Returns the given group for convenience.
1000 */
iommu_group_ref_get(struct iommu_group * group)1001 struct iommu_group *iommu_group_ref_get(struct iommu_group *group)
1002 {
1003 kobject_get(group->devices_kobj);
1004 return group;
1005 }
1006 EXPORT_SYMBOL_GPL(iommu_group_ref_get);
1007
1008 /**
1009 * iommu_group_put - Decrement group reference
1010 * @group: the group to use
1011 *
1012 * This function is called by iommu drivers and users to release the
1013 * iommu group. Once the reference count is zero, the group is released.
1014 */
iommu_group_put(struct iommu_group * group)1015 void iommu_group_put(struct iommu_group *group)
1016 {
1017 if (group)
1018 kobject_put(group->devices_kobj);
1019 }
1020 EXPORT_SYMBOL_GPL(iommu_group_put);
1021
1022 /**
1023 * iommu_group_register_notifier - Register a notifier for group changes
1024 * @group: the group to watch
1025 * @nb: notifier block to signal
1026 *
1027 * This function allows iommu group users to track changes in a group.
1028 * See include/linux/iommu.h for actions sent via this notifier. Caller
1029 * should hold a reference to the group throughout notifier registration.
1030 */
iommu_group_register_notifier(struct iommu_group * group,struct notifier_block * nb)1031 int iommu_group_register_notifier(struct iommu_group *group,
1032 struct notifier_block *nb)
1033 {
1034 return blocking_notifier_chain_register(&group->notifier, nb);
1035 }
1036 EXPORT_SYMBOL_GPL(iommu_group_register_notifier);
1037
1038 /**
1039 * iommu_group_unregister_notifier - Unregister a notifier
1040 * @group: the group to watch
1041 * @nb: notifier block to signal
1042 *
1043 * Unregister a previously registered group notifier block.
1044 */
iommu_group_unregister_notifier(struct iommu_group * group,struct notifier_block * nb)1045 int iommu_group_unregister_notifier(struct iommu_group *group,
1046 struct notifier_block *nb)
1047 {
1048 return blocking_notifier_chain_unregister(&group->notifier, nb);
1049 }
1050 EXPORT_SYMBOL_GPL(iommu_group_unregister_notifier);
1051
1052 /**
1053 * iommu_register_device_fault_handler() - Register a device fault handler
1054 * @dev: the device
1055 * @handler: the fault handler
1056 * @data: private data passed as argument to the handler
1057 *
1058 * When an IOMMU fault event is received, this handler gets called with the
1059 * fault event and data as argument. The handler should return 0 on success. If
1060 * the fault is recoverable (IOMMU_FAULT_PAGE_REQ), the consumer should also
1061 * complete the fault by calling iommu_page_response() with one of the following
1062 * response code:
1063 * - IOMMU_PAGE_RESP_SUCCESS: retry the translation
1064 * - IOMMU_PAGE_RESP_INVALID: terminate the fault
1065 * - IOMMU_PAGE_RESP_FAILURE: terminate the fault and stop reporting
1066 * page faults if possible.
1067 *
1068 * Return 0 if the fault handler was installed successfully, or an error.
1069 */
iommu_register_device_fault_handler(struct device * dev,iommu_dev_fault_handler_t handler,void * data)1070 int iommu_register_device_fault_handler(struct device *dev,
1071 iommu_dev_fault_handler_t handler,
1072 void *data)
1073 {
1074 struct dev_iommu *param = dev->iommu;
1075 int ret = 0;
1076
1077 if (!param)
1078 return -EINVAL;
1079
1080 mutex_lock(¶m->lock);
1081 /* Only allow one fault handler registered for each device */
1082 if (param->fault_param) {
1083 ret = -EBUSY;
1084 goto done_unlock;
1085 }
1086
1087 get_device(dev);
1088 param->fault_param = kzalloc(sizeof(*param->fault_param), GFP_KERNEL);
1089 if (!param->fault_param) {
1090 put_device(dev);
1091 ret = -ENOMEM;
1092 goto done_unlock;
1093 }
1094 param->fault_param->handler = handler;
1095 param->fault_param->data = data;
1096 mutex_init(¶m->fault_param->lock);
1097 INIT_LIST_HEAD(¶m->fault_param->faults);
1098
1099 done_unlock:
1100 mutex_unlock(¶m->lock);
1101
1102 return ret;
1103 }
1104 EXPORT_SYMBOL_GPL(iommu_register_device_fault_handler);
1105
1106 /**
1107 * iommu_unregister_device_fault_handler() - Unregister the device fault handler
1108 * @dev: the device
1109 *
1110 * Remove the device fault handler installed with
1111 * iommu_register_device_fault_handler().
1112 *
1113 * Return 0 on success, or an error.
1114 */
iommu_unregister_device_fault_handler(struct device * dev)1115 int iommu_unregister_device_fault_handler(struct device *dev)
1116 {
1117 struct dev_iommu *param = dev->iommu;
1118 int ret = 0;
1119
1120 if (!param)
1121 return -EINVAL;
1122
1123 mutex_lock(¶m->lock);
1124
1125 if (!param->fault_param)
1126 goto unlock;
1127
1128 /* we cannot unregister handler if there are pending faults */
1129 if (!list_empty(¶m->fault_param->faults)) {
1130 ret = -EBUSY;
1131 goto unlock;
1132 }
1133
1134 kfree(param->fault_param);
1135 param->fault_param = NULL;
1136 put_device(dev);
1137 unlock:
1138 mutex_unlock(¶m->lock);
1139
1140 return ret;
1141 }
1142 EXPORT_SYMBOL_GPL(iommu_unregister_device_fault_handler);
1143
1144 /**
1145 * iommu_report_device_fault() - Report fault event to device driver
1146 * @dev: the device
1147 * @evt: fault event data
1148 *
1149 * Called by IOMMU drivers when a fault is detected, typically in a threaded IRQ
1150 * handler. When this function fails and the fault is recoverable, it is the
1151 * caller's responsibility to complete the fault.
1152 *
1153 * Return 0 on success, or an error.
1154 */
iommu_report_device_fault(struct device * dev,struct iommu_fault_event * evt)1155 int iommu_report_device_fault(struct device *dev, struct iommu_fault_event *evt)
1156 {
1157 struct dev_iommu *param = dev->iommu;
1158 struct iommu_fault_event *evt_pending = NULL;
1159 struct iommu_fault_param *fparam;
1160 int ret = 0;
1161
1162 if (!param || !evt)
1163 return -EINVAL;
1164
1165 /* we only report device fault if there is a handler registered */
1166 mutex_lock(¶m->lock);
1167 fparam = param->fault_param;
1168 if (!fparam || !fparam->handler) {
1169 ret = -EINVAL;
1170 goto done_unlock;
1171 }
1172
1173 if (evt->fault.type == IOMMU_FAULT_PAGE_REQ &&
1174 (evt->fault.prm.flags & IOMMU_FAULT_PAGE_REQUEST_LAST_PAGE)) {
1175 evt_pending = kmemdup(evt, sizeof(struct iommu_fault_event),
1176 GFP_KERNEL);
1177 if (!evt_pending) {
1178 ret = -ENOMEM;
1179 goto done_unlock;
1180 }
1181 mutex_lock(&fparam->lock);
1182 list_add_tail(&evt_pending->list, &fparam->faults);
1183 mutex_unlock(&fparam->lock);
1184 }
1185
1186 ret = fparam->handler(&evt->fault, fparam->data);
1187 if (ret && evt_pending) {
1188 mutex_lock(&fparam->lock);
1189 list_del(&evt_pending->list);
1190 mutex_unlock(&fparam->lock);
1191 kfree(evt_pending);
1192 }
1193 done_unlock:
1194 mutex_unlock(¶m->lock);
1195 return ret;
1196 }
1197 EXPORT_SYMBOL_GPL(iommu_report_device_fault);
1198
iommu_page_response(struct device * dev,struct iommu_page_response * msg)1199 int iommu_page_response(struct device *dev,
1200 struct iommu_page_response *msg)
1201 {
1202 bool needs_pasid;
1203 int ret = -EINVAL;
1204 struct iommu_fault_event *evt;
1205 struct iommu_fault_page_request *prm;
1206 struct dev_iommu *param = dev->iommu;
1207 bool has_pasid = msg->flags & IOMMU_PAGE_RESP_PASID_VALID;
1208 struct iommu_domain *domain = iommu_get_domain_for_dev(dev);
1209
1210 if (!domain || !domain->ops->page_response)
1211 return -ENODEV;
1212
1213 if (!param || !param->fault_param)
1214 return -EINVAL;
1215
1216 if (msg->version != IOMMU_PAGE_RESP_VERSION_1 ||
1217 msg->flags & ~IOMMU_PAGE_RESP_PASID_VALID)
1218 return -EINVAL;
1219
1220 /* Only send response if there is a fault report pending */
1221 mutex_lock(¶m->fault_param->lock);
1222 if (list_empty(¶m->fault_param->faults)) {
1223 dev_warn_ratelimited(dev, "no pending PRQ, drop response\n");
1224 goto done_unlock;
1225 }
1226 /*
1227 * Check if we have a matching page request pending to respond,
1228 * otherwise return -EINVAL
1229 */
1230 list_for_each_entry(evt, ¶m->fault_param->faults, list) {
1231 prm = &evt->fault.prm;
1232 if (prm->grpid != msg->grpid)
1233 continue;
1234
1235 /*
1236 * If the PASID is required, the corresponding request is
1237 * matched using the group ID, the PASID valid bit and the PASID
1238 * value. Otherwise only the group ID matches request and
1239 * response.
1240 */
1241 needs_pasid = prm->flags & IOMMU_FAULT_PAGE_RESPONSE_NEEDS_PASID;
1242 if (needs_pasid && (!has_pasid || msg->pasid != prm->pasid))
1243 continue;
1244
1245 if (!needs_pasid && has_pasid) {
1246 /* No big deal, just clear it. */
1247 msg->flags &= ~IOMMU_PAGE_RESP_PASID_VALID;
1248 msg->pasid = 0;
1249 }
1250
1251 ret = domain->ops->page_response(dev, evt, msg);
1252 list_del(&evt->list);
1253 kfree(evt);
1254 break;
1255 }
1256
1257 done_unlock:
1258 mutex_unlock(¶m->fault_param->lock);
1259 return ret;
1260 }
1261 EXPORT_SYMBOL_GPL(iommu_page_response);
1262
1263 /**
1264 * iommu_group_id - Return ID for a group
1265 * @group: the group to ID
1266 *
1267 * Return the unique ID for the group matching the sysfs group number.
1268 */
iommu_group_id(struct iommu_group * group)1269 int iommu_group_id(struct iommu_group *group)
1270 {
1271 return group->id;
1272 }
1273 EXPORT_SYMBOL_GPL(iommu_group_id);
1274
1275 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
1276 unsigned long *devfns);
1277
1278 /*
1279 * To consider a PCI device isolated, we require ACS to support Source
1280 * Validation, Request Redirection, Completer Redirection, and Upstream
1281 * Forwarding. This effectively means that devices cannot spoof their
1282 * requester ID, requests and completions cannot be redirected, and all
1283 * transactions are forwarded upstream, even as it passes through a
1284 * bridge where the target device is downstream.
1285 */
1286 #define REQ_ACS_FLAGS (PCI_ACS_SV | PCI_ACS_RR | PCI_ACS_CR | PCI_ACS_UF)
1287
1288 /*
1289 * For multifunction devices which are not isolated from each other, find
1290 * all the other non-isolated functions and look for existing groups. For
1291 * each function, we also need to look for aliases to or from other devices
1292 * that may already have a group.
1293 */
get_pci_function_alias_group(struct pci_dev * pdev,unsigned long * devfns)1294 static struct iommu_group *get_pci_function_alias_group(struct pci_dev *pdev,
1295 unsigned long *devfns)
1296 {
1297 struct pci_dev *tmp = NULL;
1298 struct iommu_group *group;
1299
1300 if (!pdev->multifunction || pci_acs_enabled(pdev, REQ_ACS_FLAGS))
1301 return NULL;
1302
1303 for_each_pci_dev(tmp) {
1304 if (tmp == pdev || tmp->bus != pdev->bus ||
1305 PCI_SLOT(tmp->devfn) != PCI_SLOT(pdev->devfn) ||
1306 pci_acs_enabled(tmp, REQ_ACS_FLAGS))
1307 continue;
1308
1309 group = get_pci_alias_group(tmp, devfns);
1310 if (group) {
1311 pci_dev_put(tmp);
1312 return group;
1313 }
1314 }
1315
1316 return NULL;
1317 }
1318
1319 /*
1320 * Look for aliases to or from the given device for existing groups. DMA
1321 * aliases are only supported on the same bus, therefore the search
1322 * space is quite small (especially since we're really only looking at pcie
1323 * device, and therefore only expect multiple slots on the root complex or
1324 * downstream switch ports). It's conceivable though that a pair of
1325 * multifunction devices could have aliases between them that would cause a
1326 * loop. To prevent this, we use a bitmap to track where we've been.
1327 */
get_pci_alias_group(struct pci_dev * pdev,unsigned long * devfns)1328 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
1329 unsigned long *devfns)
1330 {
1331 struct pci_dev *tmp = NULL;
1332 struct iommu_group *group;
1333
1334 if (test_and_set_bit(pdev->devfn & 0xff, devfns))
1335 return NULL;
1336
1337 group = iommu_group_get(&pdev->dev);
1338 if (group)
1339 return group;
1340
1341 for_each_pci_dev(tmp) {
1342 if (tmp == pdev || tmp->bus != pdev->bus)
1343 continue;
1344
1345 /* We alias them or they alias us */
1346 if (pci_devs_are_dma_aliases(pdev, tmp)) {
1347 group = get_pci_alias_group(tmp, devfns);
1348 if (group) {
1349 pci_dev_put(tmp);
1350 return group;
1351 }
1352
1353 group = get_pci_function_alias_group(tmp, devfns);
1354 if (group) {
1355 pci_dev_put(tmp);
1356 return group;
1357 }
1358 }
1359 }
1360
1361 return NULL;
1362 }
1363
1364 struct group_for_pci_data {
1365 struct pci_dev *pdev;
1366 struct iommu_group *group;
1367 };
1368
1369 /*
1370 * DMA alias iterator callback, return the last seen device. Stop and return
1371 * the IOMMU group if we find one along the way.
1372 */
get_pci_alias_or_group(struct pci_dev * pdev,u16 alias,void * opaque)1373 static int get_pci_alias_or_group(struct pci_dev *pdev, u16 alias, void *opaque)
1374 {
1375 struct group_for_pci_data *data = opaque;
1376
1377 data->pdev = pdev;
1378 data->group = iommu_group_get(&pdev->dev);
1379
1380 return data->group != NULL;
1381 }
1382
1383 /*
1384 * Generic device_group call-back function. It just allocates one
1385 * iommu-group per device.
1386 */
generic_device_group(struct device * dev)1387 struct iommu_group *generic_device_group(struct device *dev)
1388 {
1389 return iommu_group_alloc();
1390 }
1391 EXPORT_SYMBOL_GPL(generic_device_group);
1392
1393 /*
1394 * Use standard PCI bus topology, isolation features, and DMA alias quirks
1395 * to find or create an IOMMU group for a device.
1396 */
pci_device_group(struct device * dev)1397 struct iommu_group *pci_device_group(struct device *dev)
1398 {
1399 struct pci_dev *pdev = to_pci_dev(dev);
1400 struct group_for_pci_data data;
1401 struct pci_bus *bus;
1402 struct iommu_group *group = NULL;
1403 u64 devfns[4] = { 0 };
1404
1405 if (WARN_ON(!dev_is_pci(dev)))
1406 return ERR_PTR(-EINVAL);
1407
1408 /*
1409 * Find the upstream DMA alias for the device. A device must not
1410 * be aliased due to topology in order to have its own IOMMU group.
1411 * If we find an alias along the way that already belongs to a
1412 * group, use it.
1413 */
1414 if (pci_for_each_dma_alias(pdev, get_pci_alias_or_group, &data))
1415 return data.group;
1416
1417 pdev = data.pdev;
1418
1419 /*
1420 * Continue upstream from the point of minimum IOMMU granularity
1421 * due to aliases to the point where devices are protected from
1422 * peer-to-peer DMA by PCI ACS. Again, if we find an existing
1423 * group, use it.
1424 */
1425 for (bus = pdev->bus; !pci_is_root_bus(bus); bus = bus->parent) {
1426 if (!bus->self)
1427 continue;
1428
1429 if (pci_acs_path_enabled(bus->self, NULL, REQ_ACS_FLAGS))
1430 break;
1431
1432 pdev = bus->self;
1433
1434 group = iommu_group_get(&pdev->dev);
1435 if (group)
1436 return group;
1437 }
1438
1439 /*
1440 * Look for existing groups on device aliases. If we alias another
1441 * device or another device aliases us, use the same group.
1442 */
1443 group = get_pci_alias_group(pdev, (unsigned long *)devfns);
1444 if (group)
1445 return group;
1446
1447 /*
1448 * Look for existing groups on non-isolated functions on the same
1449 * slot and aliases of those funcions, if any. No need to clear
1450 * the search bitmap, the tested devfns are still valid.
1451 */
1452 group = get_pci_function_alias_group(pdev, (unsigned long *)devfns);
1453 if (group)
1454 return group;
1455
1456 /* No shared group found, allocate new */
1457 return iommu_group_alloc();
1458 }
1459 EXPORT_SYMBOL_GPL(pci_device_group);
1460
1461 /* Get the IOMMU group for device on fsl-mc bus */
fsl_mc_device_group(struct device * dev)1462 struct iommu_group *fsl_mc_device_group(struct device *dev)
1463 {
1464 struct device *cont_dev = fsl_mc_cont_dev(dev);
1465 struct iommu_group *group;
1466
1467 group = iommu_group_get(cont_dev);
1468 if (!group)
1469 group = iommu_group_alloc();
1470 return group;
1471 }
1472 EXPORT_SYMBOL_GPL(fsl_mc_device_group);
1473
iommu_get_def_domain_type(struct device * dev)1474 static int iommu_get_def_domain_type(struct device *dev)
1475 {
1476 const struct iommu_ops *ops = dev->bus->iommu_ops;
1477 unsigned int type = 0;
1478
1479 if (ops->def_domain_type)
1480 type = ops->def_domain_type(dev);
1481
1482 return (type == 0) ? iommu_def_domain_type : type;
1483 }
1484
iommu_group_alloc_default_domain(struct bus_type * bus,struct iommu_group * group,unsigned int type)1485 static int iommu_group_alloc_default_domain(struct bus_type *bus,
1486 struct iommu_group *group,
1487 unsigned int type)
1488 {
1489 struct iommu_domain *dom;
1490
1491 dom = __iommu_domain_alloc(bus, type);
1492 if (!dom && type != IOMMU_DOMAIN_DMA) {
1493 dom = __iommu_domain_alloc(bus, IOMMU_DOMAIN_DMA);
1494 if (dom)
1495 pr_warn("Failed to allocate default IOMMU domain of type %u for group %s - Falling back to IOMMU_DOMAIN_DMA",
1496 type, group->name);
1497 }
1498
1499 if (!dom)
1500 return -ENOMEM;
1501
1502 group->default_domain = dom;
1503 if (!group->domain)
1504 group->domain = dom;
1505
1506 if (!iommu_dma_strict) {
1507 int attr = 1;
1508 iommu_domain_set_attr(dom,
1509 DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE,
1510 &attr);
1511 }
1512
1513 return 0;
1514 }
1515
iommu_alloc_default_domain(struct iommu_group * group,struct device * dev)1516 static int iommu_alloc_default_domain(struct iommu_group *group,
1517 struct device *dev)
1518 {
1519 unsigned int type;
1520
1521 if (group->default_domain)
1522 return 0;
1523
1524 type = iommu_get_def_domain_type(dev);
1525
1526 return iommu_group_alloc_default_domain(dev->bus, group, type);
1527 }
1528
1529 /**
1530 * iommu_group_get_for_dev - Find or create the IOMMU group for a device
1531 * @dev: target device
1532 *
1533 * This function is intended to be called by IOMMU drivers and extended to
1534 * support common, bus-defined algorithms when determining or creating the
1535 * IOMMU group for a device. On success, the caller will hold a reference
1536 * to the returned IOMMU group, which will already include the provided
1537 * device. The reference should be released with iommu_group_put().
1538 */
iommu_group_get_for_dev(struct device * dev)1539 static struct iommu_group *iommu_group_get_for_dev(struct device *dev)
1540 {
1541 const struct iommu_ops *ops = dev->bus->iommu_ops;
1542 struct iommu_group *group;
1543 int ret;
1544
1545 group = iommu_group_get(dev);
1546 if (group)
1547 return group;
1548
1549 if (!ops)
1550 return ERR_PTR(-EINVAL);
1551
1552 group = ops->device_group(dev);
1553 if (WARN_ON_ONCE(group == NULL))
1554 return ERR_PTR(-EINVAL);
1555
1556 if (IS_ERR(group))
1557 return group;
1558
1559 ret = iommu_group_add_device(group, dev);
1560 if (ret)
1561 goto out_put_group;
1562
1563 return group;
1564
1565 out_put_group:
1566 iommu_group_put(group);
1567
1568 return ERR_PTR(ret);
1569 }
1570
iommu_group_default_domain(struct iommu_group * group)1571 struct iommu_domain *iommu_group_default_domain(struct iommu_group *group)
1572 {
1573 return group->default_domain;
1574 }
1575
probe_iommu_group(struct device * dev,void * data)1576 static int probe_iommu_group(struct device *dev, void *data)
1577 {
1578 struct list_head *group_list = data;
1579 struct iommu_group *group;
1580 int ret;
1581
1582 /* Device is probed already if in a group */
1583 group = iommu_group_get(dev);
1584 if (group) {
1585 iommu_group_put(group);
1586 return 0;
1587 }
1588
1589 ret = __iommu_probe_device(dev, group_list);
1590 if (ret == -ENODEV)
1591 ret = 0;
1592
1593 return ret;
1594 }
1595
remove_iommu_group(struct device * dev,void * data)1596 static int remove_iommu_group(struct device *dev, void *data)
1597 {
1598 iommu_release_device(dev);
1599
1600 return 0;
1601 }
1602
iommu_bus_notifier(struct notifier_block * nb,unsigned long action,void * data)1603 static int iommu_bus_notifier(struct notifier_block *nb,
1604 unsigned long action, void *data)
1605 {
1606 unsigned long group_action = 0;
1607 struct device *dev = data;
1608 struct iommu_group *group;
1609
1610 /*
1611 * ADD/DEL call into iommu driver ops if provided, which may
1612 * result in ADD/DEL notifiers to group->notifier
1613 */
1614 if (action == BUS_NOTIFY_ADD_DEVICE) {
1615 int ret;
1616
1617 ret = iommu_probe_device(dev);
1618 return (ret) ? NOTIFY_DONE : NOTIFY_OK;
1619 } else if (action == BUS_NOTIFY_REMOVED_DEVICE) {
1620 iommu_release_device(dev);
1621 return NOTIFY_OK;
1622 }
1623
1624 /*
1625 * Remaining BUS_NOTIFYs get filtered and republished to the
1626 * group, if anyone is listening
1627 */
1628 group = iommu_group_get(dev);
1629 if (!group)
1630 return 0;
1631
1632 switch (action) {
1633 case BUS_NOTIFY_BIND_DRIVER:
1634 group_action = IOMMU_GROUP_NOTIFY_BIND_DRIVER;
1635 break;
1636 case BUS_NOTIFY_BOUND_DRIVER:
1637 group_action = IOMMU_GROUP_NOTIFY_BOUND_DRIVER;
1638 break;
1639 case BUS_NOTIFY_UNBIND_DRIVER:
1640 group_action = IOMMU_GROUP_NOTIFY_UNBIND_DRIVER;
1641 break;
1642 case BUS_NOTIFY_UNBOUND_DRIVER:
1643 group_action = IOMMU_GROUP_NOTIFY_UNBOUND_DRIVER;
1644 break;
1645 }
1646
1647 if (group_action)
1648 blocking_notifier_call_chain(&group->notifier,
1649 group_action, dev);
1650
1651 iommu_group_put(group);
1652 return 0;
1653 }
1654
1655 struct __group_domain_type {
1656 struct device *dev;
1657 unsigned int type;
1658 };
1659
probe_get_default_domain_type(struct device * dev,void * data)1660 static int probe_get_default_domain_type(struct device *dev, void *data)
1661 {
1662 const struct iommu_ops *ops = dev->bus->iommu_ops;
1663 struct __group_domain_type *gtype = data;
1664 unsigned int type = 0;
1665
1666 if (ops->def_domain_type)
1667 type = ops->def_domain_type(dev);
1668
1669 if (type) {
1670 if (gtype->type && gtype->type != type) {
1671 dev_warn(dev, "Device needs domain type %s, but device %s in the same iommu group requires type %s - using default\n",
1672 iommu_domain_type_str(type),
1673 dev_name(gtype->dev),
1674 iommu_domain_type_str(gtype->type));
1675 gtype->type = 0;
1676 }
1677
1678 if (!gtype->dev) {
1679 gtype->dev = dev;
1680 gtype->type = type;
1681 }
1682 }
1683
1684 return 0;
1685 }
1686
probe_alloc_default_domain(struct bus_type * bus,struct iommu_group * group)1687 static void probe_alloc_default_domain(struct bus_type *bus,
1688 struct iommu_group *group)
1689 {
1690 struct __group_domain_type gtype;
1691
1692 memset(>ype, 0, sizeof(gtype));
1693
1694 /* Ask for default domain requirements of all devices in the group */
1695 __iommu_group_for_each_dev(group, >ype,
1696 probe_get_default_domain_type);
1697
1698 if (!gtype.type)
1699 gtype.type = iommu_def_domain_type;
1700
1701 iommu_group_alloc_default_domain(bus, group, gtype.type);
1702
1703 }
1704
iommu_group_do_dma_attach(struct device * dev,void * data)1705 static int iommu_group_do_dma_attach(struct device *dev, void *data)
1706 {
1707 struct iommu_domain *domain = data;
1708 int ret = 0;
1709
1710 if (!iommu_is_attach_deferred(domain, dev))
1711 ret = __iommu_attach_device(domain, dev);
1712
1713 return ret;
1714 }
1715
__iommu_group_dma_attach(struct iommu_group * group)1716 static int __iommu_group_dma_attach(struct iommu_group *group)
1717 {
1718 return __iommu_group_for_each_dev(group, group->default_domain,
1719 iommu_group_do_dma_attach);
1720 }
1721
iommu_group_do_probe_finalize(struct device * dev,void * data)1722 static int iommu_group_do_probe_finalize(struct device *dev, void *data)
1723 {
1724 struct iommu_domain *domain = data;
1725
1726 if (domain->ops->probe_finalize)
1727 domain->ops->probe_finalize(dev);
1728
1729 return 0;
1730 }
1731
__iommu_group_dma_finalize(struct iommu_group * group)1732 static void __iommu_group_dma_finalize(struct iommu_group *group)
1733 {
1734 __iommu_group_for_each_dev(group, group->default_domain,
1735 iommu_group_do_probe_finalize);
1736 }
1737
iommu_do_create_direct_mappings(struct device * dev,void * data)1738 static int iommu_do_create_direct_mappings(struct device *dev, void *data)
1739 {
1740 struct iommu_group *group = data;
1741
1742 iommu_create_device_direct_mappings(group, dev);
1743
1744 return 0;
1745 }
1746
iommu_group_create_direct_mappings(struct iommu_group * group)1747 static int iommu_group_create_direct_mappings(struct iommu_group *group)
1748 {
1749 return __iommu_group_for_each_dev(group, group,
1750 iommu_do_create_direct_mappings);
1751 }
1752
bus_iommu_probe(struct bus_type * bus)1753 int bus_iommu_probe(struct bus_type *bus)
1754 {
1755 struct iommu_group *group, *next;
1756 LIST_HEAD(group_list);
1757 int ret;
1758
1759 /*
1760 * This code-path does not allocate the default domain when
1761 * creating the iommu group, so do it after the groups are
1762 * created.
1763 */
1764 ret = bus_for_each_dev(bus, NULL, &group_list, probe_iommu_group);
1765 if (ret)
1766 return ret;
1767
1768 list_for_each_entry_safe(group, next, &group_list, entry) {
1769 /* Remove item from the list */
1770 list_del_init(&group->entry);
1771
1772 mutex_lock(&group->mutex);
1773
1774 /* Try to allocate default domain */
1775 probe_alloc_default_domain(bus, group);
1776
1777 if (!group->default_domain) {
1778 mutex_unlock(&group->mutex);
1779 continue;
1780 }
1781
1782 iommu_group_create_direct_mappings(group);
1783
1784 ret = __iommu_group_dma_attach(group);
1785
1786 mutex_unlock(&group->mutex);
1787
1788 if (ret)
1789 break;
1790
1791 __iommu_group_dma_finalize(group);
1792 }
1793
1794 return ret;
1795 }
1796
iommu_bus_init(struct bus_type * bus,const struct iommu_ops * ops)1797 static int iommu_bus_init(struct bus_type *bus, const struct iommu_ops *ops)
1798 {
1799 struct notifier_block *nb;
1800 int err;
1801
1802 nb = kzalloc(sizeof(struct notifier_block), GFP_KERNEL);
1803 if (!nb)
1804 return -ENOMEM;
1805
1806 nb->notifier_call = iommu_bus_notifier;
1807
1808 err = bus_register_notifier(bus, nb);
1809 if (err)
1810 goto out_free;
1811
1812 err = bus_iommu_probe(bus);
1813 if (err)
1814 goto out_err;
1815
1816
1817 return 0;
1818
1819 out_err:
1820 /* Clean up */
1821 bus_for_each_dev(bus, NULL, NULL, remove_iommu_group);
1822 bus_unregister_notifier(bus, nb);
1823
1824 out_free:
1825 kfree(nb);
1826
1827 return err;
1828 }
1829
1830 /**
1831 * bus_set_iommu - set iommu-callbacks for the bus
1832 * @bus: bus.
1833 * @ops: the callbacks provided by the iommu-driver
1834 *
1835 * This function is called by an iommu driver to set the iommu methods
1836 * used for a particular bus. Drivers for devices on that bus can use
1837 * the iommu-api after these ops are registered.
1838 * This special function is needed because IOMMUs are usually devices on
1839 * the bus itself, so the iommu drivers are not initialized when the bus
1840 * is set up. With this function the iommu-driver can set the iommu-ops
1841 * afterwards.
1842 */
bus_set_iommu(struct bus_type * bus,const struct iommu_ops * ops)1843 int bus_set_iommu(struct bus_type *bus, const struct iommu_ops *ops)
1844 {
1845 int err;
1846
1847 if (ops == NULL) {
1848 bus->iommu_ops = NULL;
1849 return 0;
1850 }
1851
1852 if (bus->iommu_ops != NULL)
1853 return -EBUSY;
1854
1855 bus->iommu_ops = ops;
1856
1857 /* Do IOMMU specific setup for this bus-type */
1858 err = iommu_bus_init(bus, ops);
1859 if (err)
1860 bus->iommu_ops = NULL;
1861
1862 return err;
1863 }
1864 EXPORT_SYMBOL_GPL(bus_set_iommu);
1865
iommu_present(struct bus_type * bus)1866 bool iommu_present(struct bus_type *bus)
1867 {
1868 return bus->iommu_ops != NULL;
1869 }
1870 EXPORT_SYMBOL_GPL(iommu_present);
1871
iommu_capable(struct bus_type * bus,enum iommu_cap cap)1872 bool iommu_capable(struct bus_type *bus, enum iommu_cap cap)
1873 {
1874 if (!bus->iommu_ops || !bus->iommu_ops->capable)
1875 return false;
1876
1877 return bus->iommu_ops->capable(cap);
1878 }
1879 EXPORT_SYMBOL_GPL(iommu_capable);
1880
1881 /**
1882 * iommu_set_fault_handler() - set a fault handler for an iommu domain
1883 * @domain: iommu domain
1884 * @handler: fault handler
1885 * @token: user data, will be passed back to the fault handler
1886 *
1887 * This function should be used by IOMMU users which want to be notified
1888 * whenever an IOMMU fault happens.
1889 *
1890 * The fault handler itself should return 0 on success, and an appropriate
1891 * error code otherwise.
1892 */
iommu_set_fault_handler(struct iommu_domain * domain,iommu_fault_handler_t handler,void * token)1893 void iommu_set_fault_handler(struct iommu_domain *domain,
1894 iommu_fault_handler_t handler,
1895 void *token)
1896 {
1897 BUG_ON(!domain);
1898
1899 domain->handler = handler;
1900 domain->handler_token = token;
1901 }
1902 EXPORT_SYMBOL_GPL(iommu_set_fault_handler);
1903
__iommu_domain_alloc(struct bus_type * bus,unsigned type)1904 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
1905 unsigned type)
1906 {
1907 struct iommu_domain *domain;
1908
1909 if (bus == NULL || bus->iommu_ops == NULL)
1910 return NULL;
1911
1912 domain = bus->iommu_ops->domain_alloc(type);
1913 if (!domain)
1914 return NULL;
1915
1916 domain->ops = bus->iommu_ops;
1917 domain->type = type;
1918 /* Assume all sizes by default; the driver may override this later */
1919 domain->pgsize_bitmap = bus->iommu_ops->pgsize_bitmap;
1920
1921 return domain;
1922 }
1923
iommu_domain_alloc(struct bus_type * bus)1924 struct iommu_domain *iommu_domain_alloc(struct bus_type *bus)
1925 {
1926 return __iommu_domain_alloc(bus, IOMMU_DOMAIN_UNMANAGED);
1927 }
1928 EXPORT_SYMBOL_GPL(iommu_domain_alloc);
1929
iommu_domain_free(struct iommu_domain * domain)1930 void iommu_domain_free(struct iommu_domain *domain)
1931 {
1932 domain->ops->domain_free(domain);
1933 }
1934 EXPORT_SYMBOL_GPL(iommu_domain_free);
1935
__iommu_attach_device(struct iommu_domain * domain,struct device * dev)1936 static int __iommu_attach_device(struct iommu_domain *domain,
1937 struct device *dev)
1938 {
1939 int ret;
1940
1941 if (unlikely(domain->ops->attach_dev == NULL))
1942 return -ENODEV;
1943
1944 ret = domain->ops->attach_dev(domain, dev);
1945 if (!ret)
1946 trace_attach_device_to_domain(dev);
1947 return ret;
1948 }
1949
iommu_attach_device(struct iommu_domain * domain,struct device * dev)1950 int iommu_attach_device(struct iommu_domain *domain, struct device *dev)
1951 {
1952 struct iommu_group *group;
1953 int ret;
1954
1955 group = iommu_group_get(dev);
1956 if (!group)
1957 return -ENODEV;
1958
1959 /*
1960 * Lock the group to make sure the device-count doesn't
1961 * change while we are attaching
1962 */
1963 mutex_lock(&group->mutex);
1964 ret = -EINVAL;
1965
1966 /* don't break attach if iommu shared by more than one master */
1967 if (iommu_group_device_count(group) < 1)
1968 goto out_unlock;
1969
1970 ret = __iommu_attach_group(domain, group);
1971
1972 out_unlock:
1973 mutex_unlock(&group->mutex);
1974 iommu_group_put(group);
1975
1976 return ret;
1977 }
1978 EXPORT_SYMBOL_GPL(iommu_attach_device);
1979
1980 /*
1981 * Check flags and other user provided data for valid combinations. We also
1982 * make sure no reserved fields or unused flags are set. This is to ensure
1983 * not breaking userspace in the future when these fields or flags are used.
1984 */
iommu_check_cache_invl_data(struct iommu_cache_invalidate_info * info)1985 static int iommu_check_cache_invl_data(struct iommu_cache_invalidate_info *info)
1986 {
1987 u32 mask;
1988 int i;
1989
1990 if (info->version != IOMMU_CACHE_INVALIDATE_INFO_VERSION_1)
1991 return -EINVAL;
1992
1993 mask = (1 << IOMMU_CACHE_INV_TYPE_NR) - 1;
1994 if (info->cache & ~mask)
1995 return -EINVAL;
1996
1997 if (info->granularity >= IOMMU_INV_GRANU_NR)
1998 return -EINVAL;
1999
2000 switch (info->granularity) {
2001 case IOMMU_INV_GRANU_ADDR:
2002 if (info->cache & IOMMU_CACHE_INV_TYPE_PASID)
2003 return -EINVAL;
2004
2005 mask = IOMMU_INV_ADDR_FLAGS_PASID |
2006 IOMMU_INV_ADDR_FLAGS_ARCHID |
2007 IOMMU_INV_ADDR_FLAGS_LEAF;
2008
2009 if (info->granu.addr_info.flags & ~mask)
2010 return -EINVAL;
2011 break;
2012 case IOMMU_INV_GRANU_PASID:
2013 mask = IOMMU_INV_PASID_FLAGS_PASID |
2014 IOMMU_INV_PASID_FLAGS_ARCHID;
2015 if (info->granu.pasid_info.flags & ~mask)
2016 return -EINVAL;
2017
2018 break;
2019 case IOMMU_INV_GRANU_DOMAIN:
2020 if (info->cache & IOMMU_CACHE_INV_TYPE_DEV_IOTLB)
2021 return -EINVAL;
2022 break;
2023 default:
2024 return -EINVAL;
2025 }
2026
2027 /* Check reserved padding fields */
2028 for (i = 0; i < sizeof(info->padding); i++) {
2029 if (info->padding[i])
2030 return -EINVAL;
2031 }
2032
2033 return 0;
2034 }
2035
iommu_uapi_cache_invalidate(struct iommu_domain * domain,struct device * dev,void __user * uinfo)2036 int iommu_uapi_cache_invalidate(struct iommu_domain *domain, struct device *dev,
2037 void __user *uinfo)
2038 {
2039 struct iommu_cache_invalidate_info inv_info = { 0 };
2040 u32 minsz;
2041 int ret;
2042
2043 if (unlikely(!domain->ops->cache_invalidate))
2044 return -ENODEV;
2045
2046 /*
2047 * No new spaces can be added before the variable sized union, the
2048 * minimum size is the offset to the union.
2049 */
2050 minsz = offsetof(struct iommu_cache_invalidate_info, granu);
2051
2052 /* Copy minsz from user to get flags and argsz */
2053 if (copy_from_user(&inv_info, uinfo, minsz))
2054 return -EFAULT;
2055
2056 /* Fields before the variable size union are mandatory */
2057 if (inv_info.argsz < minsz)
2058 return -EINVAL;
2059
2060 /* PASID and address granu require additional info beyond minsz */
2061 if (inv_info.granularity == IOMMU_INV_GRANU_PASID &&
2062 inv_info.argsz < offsetofend(struct iommu_cache_invalidate_info, granu.pasid_info))
2063 return -EINVAL;
2064
2065 if (inv_info.granularity == IOMMU_INV_GRANU_ADDR &&
2066 inv_info.argsz < offsetofend(struct iommu_cache_invalidate_info, granu.addr_info))
2067 return -EINVAL;
2068
2069 /*
2070 * User might be using a newer UAPI header which has a larger data
2071 * size, we shall support the existing flags within the current
2072 * size. Copy the remaining user data _after_ minsz but not more
2073 * than the current kernel supported size.
2074 */
2075 if (copy_from_user((void *)&inv_info + minsz, uinfo + minsz,
2076 min_t(u32, inv_info.argsz, sizeof(inv_info)) - minsz))
2077 return -EFAULT;
2078
2079 /* Now the argsz is validated, check the content */
2080 ret = iommu_check_cache_invl_data(&inv_info);
2081 if (ret)
2082 return ret;
2083
2084 return domain->ops->cache_invalidate(domain, dev, &inv_info);
2085 }
2086 EXPORT_SYMBOL_GPL(iommu_uapi_cache_invalidate);
2087
iommu_check_bind_data(struct iommu_gpasid_bind_data * data)2088 static int iommu_check_bind_data(struct iommu_gpasid_bind_data *data)
2089 {
2090 u64 mask;
2091 int i;
2092
2093 if (data->version != IOMMU_GPASID_BIND_VERSION_1)
2094 return -EINVAL;
2095
2096 /* Check the range of supported formats */
2097 if (data->format >= IOMMU_PASID_FORMAT_LAST)
2098 return -EINVAL;
2099
2100 /* Check all flags */
2101 mask = IOMMU_SVA_GPASID_VAL;
2102 if (data->flags & ~mask)
2103 return -EINVAL;
2104
2105 /* Check reserved padding fields */
2106 for (i = 0; i < sizeof(data->padding); i++) {
2107 if (data->padding[i])
2108 return -EINVAL;
2109 }
2110
2111 return 0;
2112 }
2113
iommu_sva_prepare_bind_data(void __user * udata,struct iommu_gpasid_bind_data * data)2114 static int iommu_sva_prepare_bind_data(void __user *udata,
2115 struct iommu_gpasid_bind_data *data)
2116 {
2117 u32 minsz;
2118
2119 /*
2120 * No new spaces can be added before the variable sized union, the
2121 * minimum size is the offset to the union.
2122 */
2123 minsz = offsetof(struct iommu_gpasid_bind_data, vendor);
2124
2125 /* Copy minsz from user to get flags and argsz */
2126 if (copy_from_user(data, udata, minsz))
2127 return -EFAULT;
2128
2129 /* Fields before the variable size union are mandatory */
2130 if (data->argsz < minsz)
2131 return -EINVAL;
2132 /*
2133 * User might be using a newer UAPI header, we shall let IOMMU vendor
2134 * driver decide on what size it needs. Since the guest PASID bind data
2135 * can be vendor specific, larger argsz could be the result of extension
2136 * for one vendor but it should not affect another vendor.
2137 * Copy the remaining user data _after_ minsz
2138 */
2139 if (copy_from_user((void *)data + minsz, udata + minsz,
2140 min_t(u32, data->argsz, sizeof(*data)) - minsz))
2141 return -EFAULT;
2142
2143 return iommu_check_bind_data(data);
2144 }
2145
iommu_uapi_sva_bind_gpasid(struct iommu_domain * domain,struct device * dev,void __user * udata)2146 int iommu_uapi_sva_bind_gpasid(struct iommu_domain *domain, struct device *dev,
2147 void __user *udata)
2148 {
2149 struct iommu_gpasid_bind_data data = { 0 };
2150 int ret;
2151
2152 if (unlikely(!domain->ops->sva_bind_gpasid))
2153 return -ENODEV;
2154
2155 ret = iommu_sva_prepare_bind_data(udata, &data);
2156 if (ret)
2157 return ret;
2158
2159 return domain->ops->sva_bind_gpasid(domain, dev, &data);
2160 }
2161 EXPORT_SYMBOL_GPL(iommu_uapi_sva_bind_gpasid);
2162
iommu_sva_unbind_gpasid(struct iommu_domain * domain,struct device * dev,ioasid_t pasid)2163 int iommu_sva_unbind_gpasid(struct iommu_domain *domain, struct device *dev,
2164 ioasid_t pasid)
2165 {
2166 if (unlikely(!domain->ops->sva_unbind_gpasid))
2167 return -ENODEV;
2168
2169 return domain->ops->sva_unbind_gpasid(dev, pasid);
2170 }
2171 EXPORT_SYMBOL_GPL(iommu_sva_unbind_gpasid);
2172
iommu_uapi_sva_unbind_gpasid(struct iommu_domain * domain,struct device * dev,void __user * udata)2173 int iommu_uapi_sva_unbind_gpasid(struct iommu_domain *domain, struct device *dev,
2174 void __user *udata)
2175 {
2176 struct iommu_gpasid_bind_data data = { 0 };
2177 int ret;
2178
2179 if (unlikely(!domain->ops->sva_bind_gpasid))
2180 return -ENODEV;
2181
2182 ret = iommu_sva_prepare_bind_data(udata, &data);
2183 if (ret)
2184 return ret;
2185
2186 return iommu_sva_unbind_gpasid(domain, dev, data.hpasid);
2187 }
2188 EXPORT_SYMBOL_GPL(iommu_uapi_sva_unbind_gpasid);
2189
__iommu_detach_device(struct iommu_domain * domain,struct device * dev)2190 static void __iommu_detach_device(struct iommu_domain *domain,
2191 struct device *dev)
2192 {
2193 if (iommu_is_attach_deferred(domain, dev))
2194 return;
2195
2196 if (unlikely(domain->ops->detach_dev == NULL))
2197 return;
2198
2199 domain->ops->detach_dev(domain, dev);
2200 trace_detach_device_from_domain(dev);
2201 }
2202
iommu_detach_device(struct iommu_domain * domain,struct device * dev)2203 void iommu_detach_device(struct iommu_domain *domain, struct device *dev)
2204 {
2205 struct iommu_group *group;
2206
2207 group = iommu_group_get(dev);
2208 if (!group)
2209 return;
2210
2211 mutex_lock(&group->mutex);
2212 /* Don't break detach if iommu shared by more than one master */
2213 if (iommu_group_device_count(group) < 1) {
2214 WARN_ON(1);
2215 goto out_unlock;
2216 }
2217
2218 __iommu_detach_group(domain, group);
2219
2220 out_unlock:
2221 mutex_unlock(&group->mutex);
2222 iommu_group_put(group);
2223 }
2224 EXPORT_SYMBOL_GPL(iommu_detach_device);
2225
iommu_get_domain_for_dev(struct device * dev)2226 struct iommu_domain *iommu_get_domain_for_dev(struct device *dev)
2227 {
2228 struct iommu_domain *domain;
2229 struct iommu_group *group;
2230
2231 group = iommu_group_get(dev);
2232 if (!group)
2233 return NULL;
2234
2235 domain = group->domain;
2236
2237 iommu_group_put(group);
2238
2239 return domain;
2240 }
2241 EXPORT_SYMBOL_GPL(iommu_get_domain_for_dev);
2242
2243 /*
2244 * For IOMMU_DOMAIN_DMA implementations which already provide their own
2245 * guarantees that the group and its default domain are valid and correct.
2246 */
iommu_get_dma_domain(struct device * dev)2247 struct iommu_domain *iommu_get_dma_domain(struct device *dev)
2248 {
2249 return dev->iommu_group->default_domain;
2250 }
2251
2252 /*
2253 * IOMMU groups are really the natural working unit of the IOMMU, but
2254 * the IOMMU API works on domains and devices. Bridge that gap by
2255 * iterating over the devices in a group. Ideally we'd have a single
2256 * device which represents the requestor ID of the group, but we also
2257 * allow IOMMU drivers to create policy defined minimum sets, where
2258 * the physical hardware may be able to distiguish members, but we
2259 * wish to group them at a higher level (ex. untrusted multi-function
2260 * PCI devices). Thus we attach each device.
2261 */
iommu_group_do_attach_device(struct device * dev,void * data)2262 static int iommu_group_do_attach_device(struct device *dev, void *data)
2263 {
2264 struct iommu_domain *domain = data;
2265
2266 return __iommu_attach_device(domain, dev);
2267 }
2268
__iommu_attach_group(struct iommu_domain * domain,struct iommu_group * group)2269 static int __iommu_attach_group(struct iommu_domain *domain,
2270 struct iommu_group *group)
2271 {
2272 int ret;
2273
2274 if (group->default_domain && group->domain != group->default_domain)
2275 return -EBUSY;
2276
2277 ret = __iommu_group_for_each_dev(group, domain,
2278 iommu_group_do_attach_device);
2279 if (ret == 0)
2280 group->domain = domain;
2281
2282 return ret;
2283 }
2284
iommu_attach_group(struct iommu_domain * domain,struct iommu_group * group)2285 int iommu_attach_group(struct iommu_domain *domain, struct iommu_group *group)
2286 {
2287 int ret;
2288
2289 mutex_lock(&group->mutex);
2290 ret = __iommu_attach_group(domain, group);
2291 mutex_unlock(&group->mutex);
2292
2293 return ret;
2294 }
2295 EXPORT_SYMBOL_GPL(iommu_attach_group);
2296
iommu_group_do_detach_device(struct device * dev,void * data)2297 static int iommu_group_do_detach_device(struct device *dev, void *data)
2298 {
2299 struct iommu_domain *domain = data;
2300
2301 __iommu_detach_device(domain, dev);
2302
2303 return 0;
2304 }
2305
__iommu_detach_group(struct iommu_domain * domain,struct iommu_group * group)2306 static void __iommu_detach_group(struct iommu_domain *domain,
2307 struct iommu_group *group)
2308 {
2309 int ret;
2310
2311 if (!group->default_domain) {
2312 __iommu_group_for_each_dev(group, domain,
2313 iommu_group_do_detach_device);
2314 group->domain = NULL;
2315 return;
2316 }
2317
2318 if (group->domain == group->default_domain)
2319 return;
2320
2321 /* Detach by re-attaching to the default domain */
2322 ret = __iommu_group_for_each_dev(group, group->default_domain,
2323 iommu_group_do_attach_device);
2324 if (ret != 0)
2325 WARN_ON(1);
2326 else
2327 group->domain = group->default_domain;
2328 }
2329
iommu_detach_group(struct iommu_domain * domain,struct iommu_group * group)2330 void iommu_detach_group(struct iommu_domain *domain, struct iommu_group *group)
2331 {
2332 mutex_lock(&group->mutex);
2333 __iommu_detach_group(domain, group);
2334 mutex_unlock(&group->mutex);
2335 }
2336 EXPORT_SYMBOL_GPL(iommu_detach_group);
2337
iommu_iova_to_phys(struct iommu_domain * domain,dma_addr_t iova)2338 phys_addr_t iommu_iova_to_phys(struct iommu_domain *domain, dma_addr_t iova)
2339 {
2340 if (unlikely(domain->ops->iova_to_phys == NULL))
2341 return 0;
2342
2343 return domain->ops->iova_to_phys(domain, iova);
2344 }
2345 EXPORT_SYMBOL_GPL(iommu_iova_to_phys);
2346
iommu_pgsize(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,size_t * count)2347 static size_t iommu_pgsize(struct iommu_domain *domain, unsigned long iova,
2348 phys_addr_t paddr, size_t size, size_t *count)
2349 {
2350 unsigned int pgsize_idx, pgsize_idx_next;
2351 unsigned long pgsizes;
2352 size_t offset, pgsize, pgsize_next;
2353 unsigned long addr_merge = paddr | iova;
2354
2355 /* Page sizes supported by the hardware and small enough for @size */
2356 pgsizes = domain->pgsize_bitmap & GENMASK(__fls(size), 0);
2357
2358 /* Constrain the page sizes further based on the maximum alignment */
2359 if (likely(addr_merge))
2360 pgsizes &= GENMASK(__ffs(addr_merge), 0);
2361
2362 /* Make sure we have at least one suitable page size */
2363 BUG_ON(!pgsizes);
2364
2365 /* Pick the biggest page size remaining */
2366 pgsize_idx = __fls(pgsizes);
2367 pgsize = BIT(pgsize_idx);
2368 if (!count)
2369 return pgsize;
2370
2371
2372 /* Find the next biggest support page size, if it exists */
2373 pgsizes = domain->pgsize_bitmap & ~GENMASK(pgsize_idx, 0);
2374 if (!pgsizes)
2375 goto out_set_count;
2376
2377 pgsize_idx_next = __ffs(pgsizes);
2378 pgsize_next = BIT(pgsize_idx_next);
2379
2380 /*
2381 * There's no point trying a bigger page size unless the virtual
2382 * and physical addresses are similarly offset within the larger page.
2383 */
2384 if ((iova ^ paddr) & (pgsize_next - 1))
2385 goto out_set_count;
2386
2387 /* Calculate the offset to the next page size alignment boundary */
2388 offset = pgsize_next - (addr_merge & (pgsize_next - 1));
2389
2390 /*
2391 * If size is big enough to accommodate the larger page, reduce
2392 * the number of smaller pages.
2393 */
2394 if (offset + pgsize_next <= size)
2395 size = offset;
2396
2397 out_set_count:
2398 *count = size >> pgsize_idx;
2399 return pgsize;
2400 }
2401
__iommu_map_pages(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot,gfp_t gfp,size_t * mapped)2402 static int __iommu_map_pages(struct iommu_domain *domain, unsigned long iova,
2403 phys_addr_t paddr, size_t size, int prot,
2404 gfp_t gfp, size_t *mapped)
2405 {
2406 const struct iommu_ops *ops = domain->ops;
2407 size_t pgsize, count;
2408 int ret;
2409
2410 pgsize = iommu_pgsize(domain, iova, paddr, size, &count);
2411
2412 pr_debug("mapping: iova 0x%lx pa %pa pgsize 0x%zx count %zu\n",
2413 iova, &paddr, pgsize, count);
2414
2415 if (ops->map_pages) {
2416 ret = ops->map_pages(domain, iova, paddr, pgsize, count, prot,
2417 gfp, mapped);
2418 } else {
2419 ret = ops->map(domain, iova, paddr, pgsize, prot, gfp);
2420 *mapped = ret ? 0 : pgsize;
2421 }
2422
2423 return ret;
2424 }
2425
__iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot,gfp_t gfp)2426 static int __iommu_map(struct iommu_domain *domain, unsigned long iova,
2427 phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
2428 {
2429 const struct iommu_ops *ops = domain->ops;
2430 unsigned long orig_iova = iova;
2431 unsigned int min_pagesz;
2432 size_t orig_size = size;
2433 phys_addr_t orig_paddr = paddr;
2434 int ret = 0;
2435
2436 if (unlikely(!(ops->map || ops->map_pages) ||
2437 domain->pgsize_bitmap == 0UL))
2438 return -ENODEV;
2439
2440 if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
2441 return -EINVAL;
2442
2443 /* find out the minimum page size supported */
2444 min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
2445
2446 /*
2447 * both the virtual address and the physical one, as well as
2448 * the size of the mapping, must be aligned (at least) to the
2449 * size of the smallest page supported by the hardware
2450 */
2451 if (!IS_ALIGNED(iova | paddr | size, min_pagesz)) {
2452 pr_err("unaligned: iova 0x%lx pa %pa size 0x%zx min_pagesz 0x%x\n",
2453 iova, &paddr, size, min_pagesz);
2454 return -EINVAL;
2455 }
2456
2457 pr_debug("map: iova 0x%lx pa %pa size 0x%zx\n", iova, &paddr, size);
2458
2459 while (size) {
2460 size_t mapped = 0;
2461
2462 ret = __iommu_map_pages(domain, iova, paddr, size, prot, gfp,
2463 &mapped);
2464 /*
2465 * Some pages may have been mapped, even if an error occurred,
2466 * so we should account for those so they can be unmapped.
2467 */
2468 size -= mapped;
2469
2470 if (ret)
2471 break;
2472
2473 iova += mapped;
2474 paddr += mapped;
2475 }
2476
2477 /* unroll mapping in case something went wrong */
2478 if (ret)
2479 iommu_unmap(domain, orig_iova, orig_size - size);
2480 else
2481 trace_map(orig_iova, orig_paddr, orig_size);
2482
2483 return ret;
2484 }
2485
_iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot,gfp_t gfp)2486 static int _iommu_map(struct iommu_domain *domain, unsigned long iova,
2487 phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
2488 {
2489 const struct iommu_ops *ops = domain->ops;
2490 int ret;
2491
2492 ret = __iommu_map(domain, iova, paddr, size, prot, gfp);
2493 if (ret == 0 && ops->iotlb_sync_map)
2494 ops->iotlb_sync_map(domain, iova, size);
2495
2496 return ret;
2497 }
2498
iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot)2499 int iommu_map(struct iommu_domain *domain, unsigned long iova,
2500 phys_addr_t paddr, size_t size, int prot)
2501 {
2502 might_sleep();
2503 return _iommu_map(domain, iova, paddr, size, prot, GFP_KERNEL);
2504 }
2505 EXPORT_SYMBOL_GPL(iommu_map);
2506
iommu_map_atomic(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot)2507 int iommu_map_atomic(struct iommu_domain *domain, unsigned long iova,
2508 phys_addr_t paddr, size_t size, int prot)
2509 {
2510 return _iommu_map(domain, iova, paddr, size, prot, GFP_ATOMIC);
2511 }
2512 EXPORT_SYMBOL_GPL(iommu_map_atomic);
2513
__iommu_unmap_pages(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2514 static size_t __iommu_unmap_pages(struct iommu_domain *domain,
2515 unsigned long iova, size_t size,
2516 struct iommu_iotlb_gather *iotlb_gather)
2517 {
2518 const struct iommu_ops *ops = domain->ops;
2519 size_t pgsize, count;
2520
2521 pgsize = iommu_pgsize(domain, iova, iova, size, &count);
2522 return ops->unmap_pages ?
2523 ops->unmap_pages(domain, iova, pgsize, count, iotlb_gather) :
2524 ops->unmap(domain, iova, pgsize, iotlb_gather);
2525 }
2526
__iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2527 static size_t __iommu_unmap(struct iommu_domain *domain,
2528 unsigned long iova, size_t size,
2529 struct iommu_iotlb_gather *iotlb_gather)
2530 {
2531 const struct iommu_ops *ops = domain->ops;
2532 size_t unmapped_page, unmapped = 0;
2533 unsigned long orig_iova = iova;
2534 unsigned int min_pagesz;
2535
2536 if (unlikely(!(ops->unmap || ops->unmap_pages) ||
2537 domain->pgsize_bitmap == 0UL))
2538 return 0;
2539
2540 if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
2541 return 0;
2542
2543 /* find out the minimum page size supported */
2544 min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
2545
2546 /*
2547 * The virtual address, as well as the size of the mapping, must be
2548 * aligned (at least) to the size of the smallest page supported
2549 * by the hardware
2550 */
2551 if (!IS_ALIGNED(iova | size, min_pagesz)) {
2552 pr_err("unaligned: iova 0x%lx size 0x%zx min_pagesz 0x%x\n",
2553 iova, size, min_pagesz);
2554 return 0;
2555 }
2556
2557 pr_debug("unmap this: iova 0x%lx size 0x%zx\n", iova, size);
2558
2559 /*
2560 * Keep iterating until we either unmap 'size' bytes (or more)
2561 * or we hit an area that isn't mapped.
2562 */
2563 while (unmapped < size) {
2564 unmapped_page = __iommu_unmap_pages(domain, iova,
2565 size - unmapped,
2566 iotlb_gather);
2567 if (!unmapped_page)
2568 break;
2569
2570 pr_debug("unmapped: iova 0x%lx size 0x%zx\n",
2571 iova, unmapped_page);
2572
2573 iova += unmapped_page;
2574 unmapped += unmapped_page;
2575 }
2576
2577 trace_unmap(orig_iova, size, unmapped);
2578 return unmapped;
2579 }
2580
iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t size)2581 size_t iommu_unmap(struct iommu_domain *domain,
2582 unsigned long iova, size_t size)
2583 {
2584 struct iommu_iotlb_gather iotlb_gather;
2585 size_t ret;
2586
2587 iommu_iotlb_gather_init(&iotlb_gather);
2588 ret = __iommu_unmap(domain, iova, size, &iotlb_gather);
2589 iommu_iotlb_sync(domain, &iotlb_gather);
2590
2591 return ret;
2592 }
2593 EXPORT_SYMBOL_GPL(iommu_unmap);
2594
iommu_unmap_fast(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2595 size_t iommu_unmap_fast(struct iommu_domain *domain,
2596 unsigned long iova, size_t size,
2597 struct iommu_iotlb_gather *iotlb_gather)
2598 {
2599 return __iommu_unmap(domain, iova, size, iotlb_gather);
2600 }
2601 EXPORT_SYMBOL_GPL(iommu_unmap_fast);
2602
__iommu_map_sg(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot,gfp_t gfp)2603 static size_t __iommu_map_sg(struct iommu_domain *domain, unsigned long iova,
2604 struct scatterlist *sg, unsigned int nents, int prot,
2605 gfp_t gfp)
2606 {
2607 const struct iommu_ops *ops = domain->ops;
2608 size_t len = 0, mapped = 0;
2609 phys_addr_t start;
2610 unsigned int i = 0;
2611 int ret;
2612
2613 if (ops->map_sg) {
2614 ret = ops->map_sg(domain, iova, sg, nents, prot, gfp, &mapped);
2615
2616 if (ops->iotlb_sync_map)
2617 ops->iotlb_sync_map(domain, iova, mapped);
2618
2619 if (ret)
2620 goto out_err;
2621
2622 return mapped;
2623 }
2624
2625 while (i <= nents) {
2626 phys_addr_t s_phys = sg_phys(sg);
2627
2628 if (len && s_phys != start + len) {
2629 ret = __iommu_map(domain, iova + mapped, start,
2630 len, prot, gfp);
2631
2632 if (ret)
2633 goto out_err;
2634
2635 mapped += len;
2636 len = 0;
2637 }
2638
2639 if (len) {
2640 len += sg->length;
2641 } else {
2642 len = sg->length;
2643 start = s_phys;
2644 }
2645
2646 if (++i < nents)
2647 sg = sg_next(sg);
2648 }
2649
2650 if (ops->iotlb_sync_map)
2651 ops->iotlb_sync_map(domain, iova, mapped);
2652 return mapped;
2653
2654 out_err:
2655 /* undo mappings already done */
2656 iommu_unmap(domain, iova, mapped);
2657
2658 return 0;
2659
2660 }
2661
iommu_map_sg(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot)2662 size_t iommu_map_sg(struct iommu_domain *domain, unsigned long iova,
2663 struct scatterlist *sg, unsigned int nents, int prot)
2664 {
2665 might_sleep();
2666 return __iommu_map_sg(domain, iova, sg, nents, prot, GFP_KERNEL);
2667 }
2668 EXPORT_SYMBOL_GPL(iommu_map_sg);
2669
iommu_map_sg_atomic(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot)2670 size_t iommu_map_sg_atomic(struct iommu_domain *domain, unsigned long iova,
2671 struct scatterlist *sg, unsigned int nents, int prot)
2672 {
2673 return __iommu_map_sg(domain, iova, sg, nents, prot, GFP_ATOMIC);
2674 }
2675 EXPORT_SYMBOL_GPL(iommu_map_sg_atomic);
2676
iommu_domain_window_enable(struct iommu_domain * domain,u32 wnd_nr,phys_addr_t paddr,u64 size,int prot)2677 int iommu_domain_window_enable(struct iommu_domain *domain, u32 wnd_nr,
2678 phys_addr_t paddr, u64 size, int prot)
2679 {
2680 if (unlikely(domain->ops->domain_window_enable == NULL))
2681 return -ENODEV;
2682
2683 return domain->ops->domain_window_enable(domain, wnd_nr, paddr, size,
2684 prot);
2685 }
2686 EXPORT_SYMBOL_GPL(iommu_domain_window_enable);
2687
iommu_domain_window_disable(struct iommu_domain * domain,u32 wnd_nr)2688 void iommu_domain_window_disable(struct iommu_domain *domain, u32 wnd_nr)
2689 {
2690 if (unlikely(domain->ops->domain_window_disable == NULL))
2691 return;
2692
2693 return domain->ops->domain_window_disable(domain, wnd_nr);
2694 }
2695 EXPORT_SYMBOL_GPL(iommu_domain_window_disable);
2696
2697 /**
2698 * report_iommu_fault() - report about an IOMMU fault to the IOMMU framework
2699 * @domain: the iommu domain where the fault has happened
2700 * @dev: the device where the fault has happened
2701 * @iova: the faulting address
2702 * @flags: mmu fault flags (e.g. IOMMU_FAULT_READ/IOMMU_FAULT_WRITE/...)
2703 *
2704 * This function should be called by the low-level IOMMU implementations
2705 * whenever IOMMU faults happen, to allow high-level users, that are
2706 * interested in such events, to know about them.
2707 *
2708 * This event may be useful for several possible use cases:
2709 * - mere logging of the event
2710 * - dynamic TLB/PTE loading
2711 * - if restarting of the faulting device is required
2712 *
2713 * Returns 0 on success and an appropriate error code otherwise (if dynamic
2714 * PTE/TLB loading will one day be supported, implementations will be able
2715 * to tell whether it succeeded or not according to this return value).
2716 *
2717 * Specifically, -ENOSYS is returned if a fault handler isn't installed
2718 * (though fault handlers can also return -ENOSYS, in case they want to
2719 * elicit the default behavior of the IOMMU drivers).
2720 */
report_iommu_fault(struct iommu_domain * domain,struct device * dev,unsigned long iova,int flags)2721 int report_iommu_fault(struct iommu_domain *domain, struct device *dev,
2722 unsigned long iova, int flags)
2723 {
2724 int ret = -ENOSYS;
2725
2726 /*
2727 * if upper layers showed interest and installed a fault handler,
2728 * invoke it.
2729 */
2730 if (domain->handler)
2731 ret = domain->handler(domain, dev, iova, flags,
2732 domain->handler_token);
2733
2734 trace_io_page_fault(dev, iova, flags);
2735 return ret;
2736 }
2737 EXPORT_SYMBOL_GPL(report_iommu_fault);
2738
iommu_init(void)2739 static int __init iommu_init(void)
2740 {
2741 iommu_group_kset = kset_create_and_add("iommu_groups",
2742 NULL, kernel_kobj);
2743 BUG_ON(!iommu_group_kset);
2744
2745 iommu_debugfs_setup();
2746
2747 return 0;
2748 }
2749 core_initcall(iommu_init);
2750
iommu_domain_get_attr(struct iommu_domain * domain,enum iommu_attr attr,void * data)2751 int iommu_domain_get_attr(struct iommu_domain *domain,
2752 enum iommu_attr attr, void *data)
2753 {
2754 struct iommu_domain_geometry *geometry;
2755 bool *paging;
2756 int ret = 0;
2757
2758 switch (attr) {
2759 case DOMAIN_ATTR_GEOMETRY:
2760 geometry = data;
2761 *geometry = domain->geometry;
2762
2763 break;
2764 case DOMAIN_ATTR_PAGING:
2765 paging = data;
2766 *paging = (domain->pgsize_bitmap != 0UL);
2767 break;
2768 default:
2769 if (!domain->ops->domain_get_attr)
2770 return -EINVAL;
2771
2772 ret = domain->ops->domain_get_attr(domain, attr, data);
2773 }
2774
2775 return ret;
2776 }
2777 EXPORT_SYMBOL_GPL(iommu_domain_get_attr);
2778
iommu_domain_set_attr(struct iommu_domain * domain,enum iommu_attr attr,void * data)2779 int iommu_domain_set_attr(struct iommu_domain *domain,
2780 enum iommu_attr attr, void *data)
2781 {
2782 int ret = 0;
2783
2784 switch (attr) {
2785 default:
2786 if (domain->ops->domain_set_attr == NULL)
2787 return -EINVAL;
2788
2789 ret = domain->ops->domain_set_attr(domain, attr, data);
2790 }
2791
2792 return ret;
2793 }
2794 EXPORT_SYMBOL_GPL(iommu_domain_set_attr);
2795
iommu_get_resv_regions(struct device * dev,struct list_head * list)2796 void iommu_get_resv_regions(struct device *dev, struct list_head *list)
2797 {
2798 const struct iommu_ops *ops = dev->bus->iommu_ops;
2799
2800 if (ops && ops->get_resv_regions)
2801 ops->get_resv_regions(dev, list);
2802 }
2803
iommu_put_resv_regions(struct device * dev,struct list_head * list)2804 void iommu_put_resv_regions(struct device *dev, struct list_head *list)
2805 {
2806 const struct iommu_ops *ops = dev->bus->iommu_ops;
2807
2808 if (ops && ops->put_resv_regions)
2809 ops->put_resv_regions(dev, list);
2810 }
2811
2812 /**
2813 * generic_iommu_put_resv_regions - Reserved region driver helper
2814 * @dev: device for which to free reserved regions
2815 * @list: reserved region list for device
2816 *
2817 * IOMMU drivers can use this to implement their .put_resv_regions() callback
2818 * for simple reservations. Memory allocated for each reserved region will be
2819 * freed. If an IOMMU driver allocates additional resources per region, it is
2820 * going to have to implement a custom callback.
2821 */
generic_iommu_put_resv_regions(struct device * dev,struct list_head * list)2822 void generic_iommu_put_resv_regions(struct device *dev, struct list_head *list)
2823 {
2824 struct iommu_resv_region *entry, *next;
2825
2826 list_for_each_entry_safe(entry, next, list, list)
2827 kfree(entry);
2828 }
2829 EXPORT_SYMBOL(generic_iommu_put_resv_regions);
2830
iommu_alloc_resv_region(phys_addr_t start,size_t length,int prot,enum iommu_resv_type type)2831 struct iommu_resv_region *iommu_alloc_resv_region(phys_addr_t start,
2832 size_t length, int prot,
2833 enum iommu_resv_type type)
2834 {
2835 struct iommu_resv_region *region;
2836
2837 region = kzalloc(sizeof(*region), GFP_KERNEL);
2838 if (!region)
2839 return NULL;
2840
2841 INIT_LIST_HEAD(®ion->list);
2842 region->start = start;
2843 region->length = length;
2844 region->prot = prot;
2845 region->type = type;
2846 return region;
2847 }
2848 EXPORT_SYMBOL_GPL(iommu_alloc_resv_region);
2849
iommu_set_default_passthrough(bool cmd_line)2850 void iommu_set_default_passthrough(bool cmd_line)
2851 {
2852 if (cmd_line)
2853 iommu_set_cmd_line_dma_api();
2854
2855 iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY;
2856 }
2857
iommu_set_default_translated(bool cmd_line)2858 void iommu_set_default_translated(bool cmd_line)
2859 {
2860 if (cmd_line)
2861 iommu_set_cmd_line_dma_api();
2862
2863 iommu_def_domain_type = IOMMU_DOMAIN_DMA;
2864 }
2865
iommu_default_passthrough(void)2866 bool iommu_default_passthrough(void)
2867 {
2868 return iommu_def_domain_type == IOMMU_DOMAIN_IDENTITY;
2869 }
2870 EXPORT_SYMBOL_GPL(iommu_default_passthrough);
2871
iommu_ops_from_fwnode(struct fwnode_handle * fwnode)2872 const struct iommu_ops *iommu_ops_from_fwnode(struct fwnode_handle *fwnode)
2873 {
2874 const struct iommu_ops *ops = NULL;
2875 struct iommu_device *iommu;
2876
2877 spin_lock(&iommu_device_lock);
2878 list_for_each_entry(iommu, &iommu_device_list, list)
2879 if (iommu->fwnode == fwnode) {
2880 ops = iommu->ops;
2881 break;
2882 }
2883 spin_unlock(&iommu_device_lock);
2884 return ops;
2885 }
2886
iommu_fwspec_init(struct device * dev,struct fwnode_handle * iommu_fwnode,const struct iommu_ops * ops)2887 int iommu_fwspec_init(struct device *dev, struct fwnode_handle *iommu_fwnode,
2888 const struct iommu_ops *ops)
2889 {
2890 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2891
2892 if (fwspec)
2893 return ops == fwspec->ops ? 0 : -EINVAL;
2894
2895 if (!dev_iommu_get(dev))
2896 return -ENOMEM;
2897
2898 /* Preallocate for the overwhelmingly common case of 1 ID */
2899 fwspec = kzalloc(struct_size(fwspec, ids, 1), GFP_KERNEL);
2900 if (!fwspec)
2901 return -ENOMEM;
2902
2903 of_node_get(to_of_node(iommu_fwnode));
2904 fwspec->iommu_fwnode = iommu_fwnode;
2905 fwspec->ops = ops;
2906 dev_iommu_fwspec_set(dev, fwspec);
2907 return 0;
2908 }
2909 EXPORT_SYMBOL_GPL(iommu_fwspec_init);
2910
iommu_fwspec_free(struct device * dev)2911 void iommu_fwspec_free(struct device *dev)
2912 {
2913 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2914
2915 if (fwspec) {
2916 fwnode_handle_put(fwspec->iommu_fwnode);
2917 kfree(fwspec);
2918 dev_iommu_fwspec_set(dev, NULL);
2919 }
2920 }
2921 EXPORT_SYMBOL_GPL(iommu_fwspec_free);
2922
iommu_fwspec_add_ids(struct device * dev,u32 * ids,int num_ids)2923 int iommu_fwspec_add_ids(struct device *dev, u32 *ids, int num_ids)
2924 {
2925 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2926 int i, new_num;
2927
2928 if (!fwspec)
2929 return -EINVAL;
2930
2931 new_num = fwspec->num_ids + num_ids;
2932 if (new_num > 1) {
2933 fwspec = krealloc(fwspec, struct_size(fwspec, ids, new_num),
2934 GFP_KERNEL);
2935 if (!fwspec)
2936 return -ENOMEM;
2937
2938 dev_iommu_fwspec_set(dev, fwspec);
2939 }
2940
2941 for (i = 0; i < num_ids; i++)
2942 fwspec->ids[fwspec->num_ids + i] = ids[i];
2943
2944 fwspec->num_ids = new_num;
2945 return 0;
2946 }
2947 EXPORT_SYMBOL_GPL(iommu_fwspec_add_ids);
2948
2949 /*
2950 * Per device IOMMU features.
2951 */
iommu_dev_has_feature(struct device * dev,enum iommu_dev_features feat)2952 bool iommu_dev_has_feature(struct device *dev, enum iommu_dev_features feat)
2953 {
2954 const struct iommu_ops *ops = dev->bus->iommu_ops;
2955
2956 if (ops && ops->dev_has_feat)
2957 return ops->dev_has_feat(dev, feat);
2958
2959 return false;
2960 }
2961 EXPORT_SYMBOL_GPL(iommu_dev_has_feature);
2962
iommu_dev_enable_feature(struct device * dev,enum iommu_dev_features feat)2963 int iommu_dev_enable_feature(struct device *dev, enum iommu_dev_features feat)
2964 {
2965 if (dev->iommu && dev->iommu->iommu_dev) {
2966 const struct iommu_ops *ops = dev->iommu->iommu_dev->ops;
2967
2968 if (ops->dev_enable_feat)
2969 return ops->dev_enable_feat(dev, feat);
2970 }
2971
2972 return -ENODEV;
2973 }
2974 EXPORT_SYMBOL_GPL(iommu_dev_enable_feature);
2975
2976 /*
2977 * The device drivers should do the necessary cleanups before calling this.
2978 * For example, before disabling the aux-domain feature, the device driver
2979 * should detach all aux-domains. Otherwise, this will return -EBUSY.
2980 */
iommu_dev_disable_feature(struct device * dev,enum iommu_dev_features feat)2981 int iommu_dev_disable_feature(struct device *dev, enum iommu_dev_features feat)
2982 {
2983 if (dev->iommu && dev->iommu->iommu_dev) {
2984 const struct iommu_ops *ops = dev->iommu->iommu_dev->ops;
2985
2986 if (ops->dev_disable_feat)
2987 return ops->dev_disable_feat(dev, feat);
2988 }
2989
2990 return -EBUSY;
2991 }
2992 EXPORT_SYMBOL_GPL(iommu_dev_disable_feature);
2993
iommu_dev_feature_enabled(struct device * dev,enum iommu_dev_features feat)2994 bool iommu_dev_feature_enabled(struct device *dev, enum iommu_dev_features feat)
2995 {
2996 if (dev->iommu && dev->iommu->iommu_dev) {
2997 const struct iommu_ops *ops = dev->iommu->iommu_dev->ops;
2998
2999 if (ops->dev_feat_enabled)
3000 return ops->dev_feat_enabled(dev, feat);
3001 }
3002
3003 return false;
3004 }
3005 EXPORT_SYMBOL_GPL(iommu_dev_feature_enabled);
3006
3007 /*
3008 * Aux-domain specific attach/detach.
3009 *
3010 * Only works if iommu_dev_feature_enabled(dev, IOMMU_DEV_FEAT_AUX) returns
3011 * true. Also, as long as domains are attached to a device through this
3012 * interface, any tries to call iommu_attach_device() should fail
3013 * (iommu_detach_device() can't fail, so we fail when trying to re-attach).
3014 * This should make us safe against a device being attached to a guest as a
3015 * whole while there are still pasid users on it (aux and sva).
3016 */
iommu_aux_attach_device(struct iommu_domain * domain,struct device * dev)3017 int iommu_aux_attach_device(struct iommu_domain *domain, struct device *dev)
3018 {
3019 int ret = -ENODEV;
3020
3021 if (domain->ops->aux_attach_dev)
3022 ret = domain->ops->aux_attach_dev(domain, dev);
3023
3024 if (!ret)
3025 trace_attach_device_to_domain(dev);
3026
3027 return ret;
3028 }
3029 EXPORT_SYMBOL_GPL(iommu_aux_attach_device);
3030
iommu_aux_detach_device(struct iommu_domain * domain,struct device * dev)3031 void iommu_aux_detach_device(struct iommu_domain *domain, struct device *dev)
3032 {
3033 if (domain->ops->aux_detach_dev) {
3034 domain->ops->aux_detach_dev(domain, dev);
3035 trace_detach_device_from_domain(dev);
3036 }
3037 }
3038 EXPORT_SYMBOL_GPL(iommu_aux_detach_device);
3039
iommu_aux_get_pasid(struct iommu_domain * domain,struct device * dev)3040 int iommu_aux_get_pasid(struct iommu_domain *domain, struct device *dev)
3041 {
3042 int ret = -ENODEV;
3043
3044 if (domain->ops->aux_get_pasid)
3045 ret = domain->ops->aux_get_pasid(domain, dev);
3046
3047 return ret;
3048 }
3049 EXPORT_SYMBOL_GPL(iommu_aux_get_pasid);
3050
3051 /**
3052 * iommu_sva_bind_device() - Bind a process address space to a device
3053 * @dev: the device
3054 * @mm: the mm to bind, caller must hold a reference to it
3055 *
3056 * Create a bond between device and address space, allowing the device to access
3057 * the mm using the returned PASID. If a bond already exists between @device and
3058 * @mm, it is returned and an additional reference is taken. Caller must call
3059 * iommu_sva_unbind_device() to release each reference.
3060 *
3061 * iommu_dev_enable_feature(dev, IOMMU_DEV_FEAT_SVA) must be called first, to
3062 * initialize the required SVA features.
3063 *
3064 * On error, returns an ERR_PTR value.
3065 */
3066 struct iommu_sva *
iommu_sva_bind_device(struct device * dev,struct mm_struct * mm,void * drvdata)3067 iommu_sva_bind_device(struct device *dev, struct mm_struct *mm, void *drvdata)
3068 {
3069 struct iommu_group *group;
3070 struct iommu_sva *handle = ERR_PTR(-EINVAL);
3071 const struct iommu_ops *ops = dev->bus->iommu_ops;
3072
3073 if (!ops || !ops->sva_bind)
3074 return ERR_PTR(-ENODEV);
3075
3076 group = iommu_group_get(dev);
3077 if (!group)
3078 return ERR_PTR(-ENODEV);
3079
3080 /* Ensure device count and domain don't change while we're binding */
3081 mutex_lock(&group->mutex);
3082
3083 /*
3084 * To keep things simple, SVA currently doesn't support IOMMU groups
3085 * with more than one device. Existing SVA-capable systems are not
3086 * affected by the problems that required IOMMU groups (lack of ACS
3087 * isolation, device ID aliasing and other hardware issues).
3088 */
3089 if (iommu_group_device_count(group) != 1)
3090 goto out_unlock;
3091
3092 handle = ops->sva_bind(dev, mm, drvdata);
3093
3094 out_unlock:
3095 mutex_unlock(&group->mutex);
3096 iommu_group_put(group);
3097
3098 return handle;
3099 }
3100 EXPORT_SYMBOL_GPL(iommu_sva_bind_device);
3101
3102 /**
3103 * iommu_sva_unbind_device() - Remove a bond created with iommu_sva_bind_device
3104 * @handle: the handle returned by iommu_sva_bind_device()
3105 *
3106 * Put reference to a bond between device and address space. The device should
3107 * not be issuing any more transaction for this PASID. All outstanding page
3108 * requests for this PASID must have been flushed to the IOMMU.
3109 *
3110 * Returns 0 on success, or an error value
3111 */
iommu_sva_unbind_device(struct iommu_sva * handle)3112 void iommu_sva_unbind_device(struct iommu_sva *handle)
3113 {
3114 struct iommu_group *group;
3115 struct device *dev = handle->dev;
3116 const struct iommu_ops *ops = dev->bus->iommu_ops;
3117
3118 if (!ops || !ops->sva_unbind)
3119 return;
3120
3121 group = iommu_group_get(dev);
3122 if (!group)
3123 return;
3124
3125 mutex_lock(&group->mutex);
3126 ops->sva_unbind(handle);
3127 mutex_unlock(&group->mutex);
3128
3129 iommu_group_put(group);
3130 }
3131 EXPORT_SYMBOL_GPL(iommu_sva_unbind_device);
3132
iommu_sva_get_pasid(struct iommu_sva * handle)3133 u32 iommu_sva_get_pasid(struct iommu_sva *handle)
3134 {
3135 const struct iommu_ops *ops = handle->dev->bus->iommu_ops;
3136
3137 if (!ops || !ops->sva_get_pasid)
3138 return IOMMU_PASID_INVALID;
3139
3140 return ops->sva_get_pasid(handle);
3141 }
3142 EXPORT_SYMBOL_GPL(iommu_sva_get_pasid);
3143