1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2007-2008 Advanced Micro Devices, Inc.
4 * Author: Joerg Roedel <jroedel@suse.de>
5 */
6
7 #define pr_fmt(fmt) "iommu: " fmt
8
9 #include <linux/device.h>
10 #include <linux/kernel.h>
11 #include <linux/bug.h>
12 #include <linux/types.h>
13 #include <linux/init.h>
14 #include <linux/export.h>
15 #include <linux/slab.h>
16 #include <linux/errno.h>
17 #include <linux/iommu.h>
18 #include <linux/idr.h>
19 #include <linux/notifier.h>
20 #include <linux/err.h>
21 #include <linux/pci.h>
22 #include <linux/bitops.h>
23 #include <linux/property.h>
24 #include <linux/fsl/mc.h>
25 #include <linux/module.h>
26 #include <trace/events/iommu.h>
27
28 static struct kset *iommu_group_kset;
29 static DEFINE_IDA(iommu_group_ida);
30
31 static unsigned int iommu_def_domain_type __read_mostly;
32 static bool iommu_dma_strict __read_mostly = true;
33 static u32 iommu_cmd_line __read_mostly;
34
35 struct iommu_group {
36 struct kobject kobj;
37 struct kobject *devices_kobj;
38 struct list_head devices;
39 struct mutex mutex;
40 struct blocking_notifier_head notifier;
41 void *iommu_data;
42 void (*iommu_data_release)(void *iommu_data);
43 char *name;
44 int id;
45 struct iommu_domain *default_domain;
46 struct iommu_domain *domain;
47 struct list_head entry;
48 };
49
50 struct group_device {
51 struct list_head list;
52 struct device *dev;
53 char *name;
54 };
55
56 struct iommu_group_attribute {
57 struct attribute attr;
58 ssize_t (*show)(struct iommu_group *group, char *buf);
59 ssize_t (*store)(struct iommu_group *group,
60 const char *buf, size_t count);
61 };
62
63 static const char * const iommu_group_resv_type_string[] = {
64 [IOMMU_RESV_DIRECT] = "direct",
65 [IOMMU_RESV_DIRECT_RELAXABLE] = "direct-relaxable",
66 [IOMMU_RESV_RESERVED] = "reserved",
67 [IOMMU_RESV_MSI] = "msi",
68 [IOMMU_RESV_SW_MSI] = "msi",
69 };
70
71 #define IOMMU_CMD_LINE_DMA_API BIT(0)
72
iommu_set_cmd_line_dma_api(void)73 static void iommu_set_cmd_line_dma_api(void)
74 {
75 iommu_cmd_line |= IOMMU_CMD_LINE_DMA_API;
76 }
77
iommu_cmd_line_dma_api(void)78 static bool iommu_cmd_line_dma_api(void)
79 {
80 return !!(iommu_cmd_line & IOMMU_CMD_LINE_DMA_API);
81 }
82
83 static int iommu_alloc_default_domain(struct iommu_group *group,
84 struct device *dev);
85 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
86 unsigned type);
87 static int __iommu_attach_device(struct iommu_domain *domain,
88 struct device *dev);
89 static int __iommu_attach_group(struct iommu_domain *domain,
90 struct iommu_group *group);
91 static void __iommu_detach_group(struct iommu_domain *domain,
92 struct iommu_group *group);
93 static int iommu_create_device_direct_mappings(struct iommu_group *group,
94 struct device *dev);
95 static struct iommu_group *iommu_group_get_for_dev(struct device *dev);
96
97 #define IOMMU_GROUP_ATTR(_name, _mode, _show, _store) \
98 struct iommu_group_attribute iommu_group_attr_##_name = \
99 __ATTR(_name, _mode, _show, _store)
100
101 #define to_iommu_group_attr(_attr) \
102 container_of(_attr, struct iommu_group_attribute, attr)
103 #define to_iommu_group(_kobj) \
104 container_of(_kobj, struct iommu_group, kobj)
105
106 static LIST_HEAD(iommu_device_list);
107 static DEFINE_SPINLOCK(iommu_device_lock);
108
109 /*
110 * Use a function instead of an array here because the domain-type is a
111 * bit-field, so an array would waste memory.
112 */
iommu_domain_type_str(unsigned int t)113 static const char *iommu_domain_type_str(unsigned int t)
114 {
115 switch (t) {
116 case IOMMU_DOMAIN_BLOCKED:
117 return "Blocked";
118 case IOMMU_DOMAIN_IDENTITY:
119 return "Passthrough";
120 case IOMMU_DOMAIN_UNMANAGED:
121 return "Unmanaged";
122 case IOMMU_DOMAIN_DMA:
123 return "Translated";
124 default:
125 return "Unknown";
126 }
127 }
128
iommu_subsys_init(void)129 static int __init iommu_subsys_init(void)
130 {
131 bool cmd_line = iommu_cmd_line_dma_api();
132
133 if (!cmd_line) {
134 if (IS_ENABLED(CONFIG_IOMMU_DEFAULT_PASSTHROUGH))
135 iommu_set_default_passthrough(false);
136 else
137 iommu_set_default_translated(false);
138
139 if (iommu_default_passthrough() && mem_encrypt_active()) {
140 pr_info("Memory encryption detected - Disabling default IOMMU Passthrough\n");
141 iommu_set_default_translated(false);
142 }
143 }
144
145 pr_info("Default domain type: %s %s\n",
146 iommu_domain_type_str(iommu_def_domain_type),
147 cmd_line ? "(set via kernel command line)" : "");
148
149 return 0;
150 }
151 subsys_initcall(iommu_subsys_init);
152
iommu_device_register(struct iommu_device * iommu)153 int iommu_device_register(struct iommu_device *iommu)
154 {
155 spin_lock(&iommu_device_lock);
156 list_add_tail(&iommu->list, &iommu_device_list);
157 spin_unlock(&iommu_device_lock);
158 return 0;
159 }
160 EXPORT_SYMBOL_GPL(iommu_device_register);
161
iommu_device_unregister(struct iommu_device * iommu)162 void iommu_device_unregister(struct iommu_device *iommu)
163 {
164 spin_lock(&iommu_device_lock);
165 list_del(&iommu->list);
166 spin_unlock(&iommu_device_lock);
167 }
168 EXPORT_SYMBOL_GPL(iommu_device_unregister);
169
dev_iommu_get(struct device * dev)170 static struct dev_iommu *dev_iommu_get(struct device *dev)
171 {
172 struct dev_iommu *param = dev->iommu;
173
174 if (param)
175 return param;
176
177 param = kzalloc(sizeof(*param), GFP_KERNEL);
178 if (!param)
179 return NULL;
180
181 mutex_init(¶m->lock);
182 dev->iommu = param;
183 return param;
184 }
185
dev_iommu_free(struct device * dev)186 static void dev_iommu_free(struct device *dev)
187 {
188 iommu_fwspec_free(dev);
189 kfree(dev->iommu);
190 dev->iommu = NULL;
191 }
192
__iommu_probe_device(struct device * dev,struct list_head * group_list)193 static int __iommu_probe_device(struct device *dev, struct list_head *group_list)
194 {
195 const struct iommu_ops *ops = dev->bus->iommu_ops;
196 struct iommu_device *iommu_dev;
197 struct iommu_group *group;
198 int ret;
199
200 if (!ops)
201 return -ENODEV;
202
203 if (!dev_iommu_get(dev))
204 return -ENOMEM;
205
206 if (!try_module_get(ops->owner)) {
207 ret = -EINVAL;
208 goto err_free;
209 }
210
211 iommu_dev = ops->probe_device(dev);
212 if (IS_ERR(iommu_dev)) {
213 ret = PTR_ERR(iommu_dev);
214 goto out_module_put;
215 }
216
217 dev->iommu->iommu_dev = iommu_dev;
218
219 group = iommu_group_get_for_dev(dev);
220 if (IS_ERR(group)) {
221 ret = PTR_ERR(group);
222 goto out_release;
223 }
224 iommu_group_put(group);
225
226 if (group_list && !group->default_domain && list_empty(&group->entry))
227 list_add_tail(&group->entry, group_list);
228
229 iommu_device_link(iommu_dev, dev);
230
231 return 0;
232
233 out_release:
234 ops->release_device(dev);
235
236 out_module_put:
237 module_put(ops->owner);
238
239 err_free:
240 dev_iommu_free(dev);
241
242 return ret;
243 }
244
iommu_probe_device(struct device * dev)245 int iommu_probe_device(struct device *dev)
246 {
247 const struct iommu_ops *ops = dev->bus->iommu_ops;
248 struct iommu_group *group;
249 int ret;
250
251 ret = __iommu_probe_device(dev, NULL);
252 if (ret)
253 goto err_out;
254
255 group = iommu_group_get(dev);
256 if (!group)
257 goto err_release;
258
259 /*
260 * Try to allocate a default domain - needs support from the
261 * IOMMU driver. There are still some drivers which don't
262 * support default domains, so the return value is not yet
263 * checked.
264 */
265 iommu_alloc_default_domain(group, dev);
266
267 if (group->default_domain) {
268 ret = __iommu_attach_device(group->default_domain, dev);
269 if (ret) {
270 iommu_group_put(group);
271 goto err_release;
272 }
273 }
274
275 iommu_create_device_direct_mappings(group, dev);
276
277 iommu_group_put(group);
278
279 if (ops->probe_finalize)
280 ops->probe_finalize(dev);
281
282 return 0;
283
284 err_release:
285 iommu_release_device(dev);
286
287 err_out:
288 return ret;
289
290 }
291
iommu_release_device(struct device * dev)292 void iommu_release_device(struct device *dev)
293 {
294 const struct iommu_ops *ops = dev->bus->iommu_ops;
295
296 if (!dev->iommu)
297 return;
298
299 iommu_device_unlink(dev->iommu->iommu_dev, dev);
300
301 ops->release_device(dev);
302
303 iommu_group_remove_device(dev);
304 module_put(ops->owner);
305 dev_iommu_free(dev);
306 }
307
iommu_set_def_domain_type(char * str)308 static int __init iommu_set_def_domain_type(char *str)
309 {
310 bool pt;
311 int ret;
312
313 ret = kstrtobool(str, &pt);
314 if (ret)
315 return ret;
316
317 if (pt)
318 iommu_set_default_passthrough(true);
319 else
320 iommu_set_default_translated(true);
321
322 return 0;
323 }
324 early_param("iommu.passthrough", iommu_set_def_domain_type);
325
iommu_dma_setup(char * str)326 static int __init iommu_dma_setup(char *str)
327 {
328 return kstrtobool(str, &iommu_dma_strict);
329 }
330 early_param("iommu.strict", iommu_dma_setup);
331
iommu_group_attr_show(struct kobject * kobj,struct attribute * __attr,char * buf)332 static ssize_t iommu_group_attr_show(struct kobject *kobj,
333 struct attribute *__attr, char *buf)
334 {
335 struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
336 struct iommu_group *group = to_iommu_group(kobj);
337 ssize_t ret = -EIO;
338
339 if (attr->show)
340 ret = attr->show(group, buf);
341 return ret;
342 }
343
iommu_group_attr_store(struct kobject * kobj,struct attribute * __attr,const char * buf,size_t count)344 static ssize_t iommu_group_attr_store(struct kobject *kobj,
345 struct attribute *__attr,
346 const char *buf, size_t count)
347 {
348 struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
349 struct iommu_group *group = to_iommu_group(kobj);
350 ssize_t ret = -EIO;
351
352 if (attr->store)
353 ret = attr->store(group, buf, count);
354 return ret;
355 }
356
357 static const struct sysfs_ops iommu_group_sysfs_ops = {
358 .show = iommu_group_attr_show,
359 .store = iommu_group_attr_store,
360 };
361
iommu_group_create_file(struct iommu_group * group,struct iommu_group_attribute * attr)362 static int iommu_group_create_file(struct iommu_group *group,
363 struct iommu_group_attribute *attr)
364 {
365 return sysfs_create_file(&group->kobj, &attr->attr);
366 }
367
iommu_group_remove_file(struct iommu_group * group,struct iommu_group_attribute * attr)368 static void iommu_group_remove_file(struct iommu_group *group,
369 struct iommu_group_attribute *attr)
370 {
371 sysfs_remove_file(&group->kobj, &attr->attr);
372 }
373
iommu_group_show_name(struct iommu_group * group,char * buf)374 static ssize_t iommu_group_show_name(struct iommu_group *group, char *buf)
375 {
376 return sprintf(buf, "%s\n", group->name);
377 }
378
379 /**
380 * iommu_insert_resv_region - Insert a new region in the
381 * list of reserved regions.
382 * @new: new region to insert
383 * @regions: list of regions
384 *
385 * Elements are sorted by start address and overlapping segments
386 * of the same type are merged.
387 */
iommu_insert_resv_region(struct iommu_resv_region * new,struct list_head * regions)388 static int iommu_insert_resv_region(struct iommu_resv_region *new,
389 struct list_head *regions)
390 {
391 struct iommu_resv_region *iter, *tmp, *nr, *top;
392 LIST_HEAD(stack);
393
394 nr = iommu_alloc_resv_region(new->start, new->length,
395 new->prot, new->type);
396 if (!nr)
397 return -ENOMEM;
398
399 /* First add the new element based on start address sorting */
400 list_for_each_entry(iter, regions, list) {
401 if (nr->start < iter->start ||
402 (nr->start == iter->start && nr->type <= iter->type))
403 break;
404 }
405 list_add_tail(&nr->list, &iter->list);
406
407 /* Merge overlapping segments of type nr->type in @regions, if any */
408 list_for_each_entry_safe(iter, tmp, regions, list) {
409 phys_addr_t top_end, iter_end = iter->start + iter->length - 1;
410
411 /* no merge needed on elements of different types than @new */
412 if (iter->type != new->type) {
413 list_move_tail(&iter->list, &stack);
414 continue;
415 }
416
417 /* look for the last stack element of same type as @iter */
418 list_for_each_entry_reverse(top, &stack, list)
419 if (top->type == iter->type)
420 goto check_overlap;
421
422 list_move_tail(&iter->list, &stack);
423 continue;
424
425 check_overlap:
426 top_end = top->start + top->length - 1;
427
428 if (iter->start > top_end + 1) {
429 list_move_tail(&iter->list, &stack);
430 } else {
431 top->length = max(top_end, iter_end) - top->start + 1;
432 list_del(&iter->list);
433 kfree(iter);
434 }
435 }
436 list_splice(&stack, regions);
437 return 0;
438 }
439
440 static int
iommu_insert_device_resv_regions(struct list_head * dev_resv_regions,struct list_head * group_resv_regions)441 iommu_insert_device_resv_regions(struct list_head *dev_resv_regions,
442 struct list_head *group_resv_regions)
443 {
444 struct iommu_resv_region *entry;
445 int ret = 0;
446
447 list_for_each_entry(entry, dev_resv_regions, list) {
448 ret = iommu_insert_resv_region(entry, group_resv_regions);
449 if (ret)
450 break;
451 }
452 return ret;
453 }
454
iommu_get_group_resv_regions(struct iommu_group * group,struct list_head * head)455 int iommu_get_group_resv_regions(struct iommu_group *group,
456 struct list_head *head)
457 {
458 struct group_device *device;
459 int ret = 0;
460
461 mutex_lock(&group->mutex);
462 list_for_each_entry(device, &group->devices, list) {
463 struct list_head dev_resv_regions;
464
465 INIT_LIST_HEAD(&dev_resv_regions);
466 iommu_get_resv_regions(device->dev, &dev_resv_regions);
467 ret = iommu_insert_device_resv_regions(&dev_resv_regions, head);
468 iommu_put_resv_regions(device->dev, &dev_resv_regions);
469 if (ret)
470 break;
471 }
472 mutex_unlock(&group->mutex);
473 return ret;
474 }
475 EXPORT_SYMBOL_GPL(iommu_get_group_resv_regions);
476
iommu_group_show_resv_regions(struct iommu_group * group,char * buf)477 static ssize_t iommu_group_show_resv_regions(struct iommu_group *group,
478 char *buf)
479 {
480 struct iommu_resv_region *region, *next;
481 struct list_head group_resv_regions;
482 char *str = buf;
483
484 INIT_LIST_HEAD(&group_resv_regions);
485 iommu_get_group_resv_regions(group, &group_resv_regions);
486
487 list_for_each_entry_safe(region, next, &group_resv_regions, list) {
488 str += sprintf(str, "0x%016llx 0x%016llx %s\n",
489 (long long int)region->start,
490 (long long int)(region->start +
491 region->length - 1),
492 iommu_group_resv_type_string[region->type]);
493 kfree(region);
494 }
495
496 return (str - buf);
497 }
498
iommu_group_show_type(struct iommu_group * group,char * buf)499 static ssize_t iommu_group_show_type(struct iommu_group *group,
500 char *buf)
501 {
502 char *type = "unknown\n";
503
504 if (group->default_domain) {
505 switch (group->default_domain->type) {
506 case IOMMU_DOMAIN_BLOCKED:
507 type = "blocked\n";
508 break;
509 case IOMMU_DOMAIN_IDENTITY:
510 type = "identity\n";
511 break;
512 case IOMMU_DOMAIN_UNMANAGED:
513 type = "unmanaged\n";
514 break;
515 case IOMMU_DOMAIN_DMA:
516 type = "DMA\n";
517 break;
518 }
519 }
520 strcpy(buf, type);
521
522 return strlen(type);
523 }
524
525 static IOMMU_GROUP_ATTR(name, S_IRUGO, iommu_group_show_name, NULL);
526
527 static IOMMU_GROUP_ATTR(reserved_regions, 0444,
528 iommu_group_show_resv_regions, NULL);
529
530 static IOMMU_GROUP_ATTR(type, 0444, iommu_group_show_type, NULL);
531
iommu_group_release(struct kobject * kobj)532 static void iommu_group_release(struct kobject *kobj)
533 {
534 struct iommu_group *group = to_iommu_group(kobj);
535
536 pr_debug("Releasing group %d\n", group->id);
537
538 if (group->iommu_data_release)
539 group->iommu_data_release(group->iommu_data);
540
541 ida_simple_remove(&iommu_group_ida, group->id);
542
543 if (group->default_domain)
544 iommu_domain_free(group->default_domain);
545
546 kfree(group->name);
547 kfree(group);
548 }
549
550 static struct kobj_type iommu_group_ktype = {
551 .sysfs_ops = &iommu_group_sysfs_ops,
552 .release = iommu_group_release,
553 };
554
555 /**
556 * iommu_group_alloc - Allocate a new group
557 *
558 * This function is called by an iommu driver to allocate a new iommu
559 * group. The iommu group represents the minimum granularity of the iommu.
560 * Upon successful return, the caller holds a reference to the supplied
561 * group in order to hold the group until devices are added. Use
562 * iommu_group_put() to release this extra reference count, allowing the
563 * group to be automatically reclaimed once it has no devices or external
564 * references.
565 */
iommu_group_alloc(void)566 struct iommu_group *iommu_group_alloc(void)
567 {
568 struct iommu_group *group;
569 int ret;
570
571 group = kzalloc(sizeof(*group), GFP_KERNEL);
572 if (!group)
573 return ERR_PTR(-ENOMEM);
574
575 group->kobj.kset = iommu_group_kset;
576 mutex_init(&group->mutex);
577 INIT_LIST_HEAD(&group->devices);
578 INIT_LIST_HEAD(&group->entry);
579 BLOCKING_INIT_NOTIFIER_HEAD(&group->notifier);
580
581 ret = ida_simple_get(&iommu_group_ida, 0, 0, GFP_KERNEL);
582 if (ret < 0) {
583 kfree(group);
584 return ERR_PTR(ret);
585 }
586 group->id = ret;
587
588 ret = kobject_init_and_add(&group->kobj, &iommu_group_ktype,
589 NULL, "%d", group->id);
590 if (ret) {
591 ida_simple_remove(&iommu_group_ida, group->id);
592 kobject_put(&group->kobj);
593 return ERR_PTR(ret);
594 }
595
596 group->devices_kobj = kobject_create_and_add("devices", &group->kobj);
597 if (!group->devices_kobj) {
598 kobject_put(&group->kobj); /* triggers .release & free */
599 return ERR_PTR(-ENOMEM);
600 }
601
602 /*
603 * The devices_kobj holds a reference on the group kobject, so
604 * as long as that exists so will the group. We can therefore
605 * use the devices_kobj for reference counting.
606 */
607 kobject_put(&group->kobj);
608
609 ret = iommu_group_create_file(group,
610 &iommu_group_attr_reserved_regions);
611 if (ret)
612 return ERR_PTR(ret);
613
614 ret = iommu_group_create_file(group, &iommu_group_attr_type);
615 if (ret)
616 return ERR_PTR(ret);
617
618 pr_debug("Allocated group %d\n", group->id);
619
620 return group;
621 }
622 EXPORT_SYMBOL_GPL(iommu_group_alloc);
623
iommu_group_get_by_id(int id)624 struct iommu_group *iommu_group_get_by_id(int id)
625 {
626 struct kobject *group_kobj;
627 struct iommu_group *group;
628 const char *name;
629
630 if (!iommu_group_kset)
631 return NULL;
632
633 name = kasprintf(GFP_KERNEL, "%d", id);
634 if (!name)
635 return NULL;
636
637 group_kobj = kset_find_obj(iommu_group_kset, name);
638 kfree(name);
639
640 if (!group_kobj)
641 return NULL;
642
643 group = container_of(group_kobj, struct iommu_group, kobj);
644 BUG_ON(group->id != id);
645
646 kobject_get(group->devices_kobj);
647 kobject_put(&group->kobj);
648
649 return group;
650 }
651 EXPORT_SYMBOL_GPL(iommu_group_get_by_id);
652
653 /**
654 * iommu_group_get_iommudata - retrieve iommu_data registered for a group
655 * @group: the group
656 *
657 * iommu drivers can store data in the group for use when doing iommu
658 * operations. This function provides a way to retrieve it. Caller
659 * should hold a group reference.
660 */
iommu_group_get_iommudata(struct iommu_group * group)661 void *iommu_group_get_iommudata(struct iommu_group *group)
662 {
663 return group->iommu_data;
664 }
665 EXPORT_SYMBOL_GPL(iommu_group_get_iommudata);
666
667 /**
668 * iommu_group_set_iommudata - set iommu_data for a group
669 * @group: the group
670 * @iommu_data: new data
671 * @release: release function for iommu_data
672 *
673 * iommu drivers can store data in the group for use when doing iommu
674 * operations. This function provides a way to set the data after
675 * the group has been allocated. Caller should hold a group reference.
676 */
iommu_group_set_iommudata(struct iommu_group * group,void * iommu_data,void (* release)(void * iommu_data))677 void iommu_group_set_iommudata(struct iommu_group *group, void *iommu_data,
678 void (*release)(void *iommu_data))
679 {
680 group->iommu_data = iommu_data;
681 group->iommu_data_release = release;
682 }
683 EXPORT_SYMBOL_GPL(iommu_group_set_iommudata);
684
685 /**
686 * iommu_group_set_name - set name for a group
687 * @group: the group
688 * @name: name
689 *
690 * Allow iommu driver to set a name for a group. When set it will
691 * appear in a name attribute file under the group in sysfs.
692 */
iommu_group_set_name(struct iommu_group * group,const char * name)693 int iommu_group_set_name(struct iommu_group *group, const char *name)
694 {
695 int ret;
696
697 if (group->name) {
698 iommu_group_remove_file(group, &iommu_group_attr_name);
699 kfree(group->name);
700 group->name = NULL;
701 if (!name)
702 return 0;
703 }
704
705 group->name = kstrdup(name, GFP_KERNEL);
706 if (!group->name)
707 return -ENOMEM;
708
709 ret = iommu_group_create_file(group, &iommu_group_attr_name);
710 if (ret) {
711 kfree(group->name);
712 group->name = NULL;
713 return ret;
714 }
715
716 return 0;
717 }
718 EXPORT_SYMBOL_GPL(iommu_group_set_name);
719
iommu_create_device_direct_mappings(struct iommu_group * group,struct device * dev)720 static int iommu_create_device_direct_mappings(struct iommu_group *group,
721 struct device *dev)
722 {
723 struct iommu_domain *domain = group->default_domain;
724 struct iommu_resv_region *entry;
725 struct list_head mappings;
726 unsigned long pg_size;
727 int ret = 0;
728
729 if (!domain || domain->type != IOMMU_DOMAIN_DMA)
730 return 0;
731
732 BUG_ON(!domain->pgsize_bitmap);
733
734 pg_size = 1UL << __ffs(domain->pgsize_bitmap);
735 INIT_LIST_HEAD(&mappings);
736
737 iommu_get_resv_regions(dev, &mappings);
738
739 /* We need to consider overlapping regions for different devices */
740 list_for_each_entry(entry, &mappings, list) {
741 dma_addr_t start, end, addr;
742
743 if (domain->ops->apply_resv_region)
744 domain->ops->apply_resv_region(dev, domain, entry);
745
746 start = ALIGN(entry->start, pg_size);
747 end = ALIGN(entry->start + entry->length, pg_size);
748
749 if (entry->type != IOMMU_RESV_DIRECT &&
750 entry->type != IOMMU_RESV_DIRECT_RELAXABLE)
751 continue;
752
753 for (addr = start; addr < end; addr += pg_size) {
754 phys_addr_t phys_addr;
755
756 phys_addr = iommu_iova_to_phys(domain, addr);
757 if (phys_addr)
758 continue;
759
760 ret = iommu_map(domain, addr, addr, pg_size, entry->prot);
761 if (ret)
762 goto out;
763 }
764
765 }
766
767 iommu_flush_iotlb_all(domain);
768
769 out:
770 iommu_put_resv_regions(dev, &mappings);
771
772 return ret;
773 }
774
iommu_is_attach_deferred(struct iommu_domain * domain,struct device * dev)775 static bool iommu_is_attach_deferred(struct iommu_domain *domain,
776 struct device *dev)
777 {
778 if (domain->ops->is_attach_deferred)
779 return domain->ops->is_attach_deferred(domain, dev);
780
781 return false;
782 }
783
784 /**
785 * iommu_group_add_device - add a device to an iommu group
786 * @group: the group into which to add the device (reference should be held)
787 * @dev: the device
788 *
789 * This function is called by an iommu driver to add a device into a
790 * group. Adding a device increments the group reference count.
791 */
iommu_group_add_device(struct iommu_group * group,struct device * dev)792 int iommu_group_add_device(struct iommu_group *group, struct device *dev)
793 {
794 int ret, i = 0;
795 struct group_device *device;
796
797 device = kzalloc(sizeof(*device), GFP_KERNEL);
798 if (!device)
799 return -ENOMEM;
800
801 device->dev = dev;
802
803 ret = sysfs_create_link(&dev->kobj, &group->kobj, "iommu_group");
804 if (ret)
805 goto err_free_device;
806
807 device->name = kasprintf(GFP_KERNEL, "%s", kobject_name(&dev->kobj));
808 rename:
809 if (!device->name) {
810 ret = -ENOMEM;
811 goto err_remove_link;
812 }
813
814 ret = sysfs_create_link_nowarn(group->devices_kobj,
815 &dev->kobj, device->name);
816 if (ret) {
817 if (ret == -EEXIST && i >= 0) {
818 /*
819 * Account for the slim chance of collision
820 * and append an instance to the name.
821 */
822 kfree(device->name);
823 device->name = kasprintf(GFP_KERNEL, "%s.%d",
824 kobject_name(&dev->kobj), i++);
825 goto rename;
826 }
827 goto err_free_name;
828 }
829
830 kobject_get(group->devices_kobj);
831
832 dev->iommu_group = group;
833
834 mutex_lock(&group->mutex);
835 list_add_tail(&device->list, &group->devices);
836 if (group->domain && !iommu_is_attach_deferred(group->domain, dev))
837 ret = __iommu_attach_device(group->domain, dev);
838 mutex_unlock(&group->mutex);
839 if (ret)
840 goto err_put_group;
841
842 /* Notify any listeners about change to group. */
843 blocking_notifier_call_chain(&group->notifier,
844 IOMMU_GROUP_NOTIFY_ADD_DEVICE, dev);
845
846 trace_add_device_to_group(group->id, dev);
847
848 dev_info(dev, "Adding to iommu group %d\n", group->id);
849
850 return 0;
851
852 err_put_group:
853 mutex_lock(&group->mutex);
854 list_del(&device->list);
855 mutex_unlock(&group->mutex);
856 dev->iommu_group = NULL;
857 kobject_put(group->devices_kobj);
858 sysfs_remove_link(group->devices_kobj, device->name);
859 err_free_name:
860 kfree(device->name);
861 err_remove_link:
862 sysfs_remove_link(&dev->kobj, "iommu_group");
863 err_free_device:
864 kfree(device);
865 dev_err(dev, "Failed to add to iommu group %d: %d\n", group->id, ret);
866 return ret;
867 }
868 EXPORT_SYMBOL_GPL(iommu_group_add_device);
869
870 /**
871 * iommu_group_remove_device - remove a device from it's current group
872 * @dev: device to be removed
873 *
874 * This function is called by an iommu driver to remove the device from
875 * it's current group. This decrements the iommu group reference count.
876 */
iommu_group_remove_device(struct device * dev)877 void iommu_group_remove_device(struct device *dev)
878 {
879 struct iommu_group *group = dev->iommu_group;
880 struct group_device *tmp_device, *device = NULL;
881
882 if (!group)
883 return;
884
885 dev_info(dev, "Removing from iommu group %d\n", group->id);
886
887 /* Pre-notify listeners that a device is being removed. */
888 blocking_notifier_call_chain(&group->notifier,
889 IOMMU_GROUP_NOTIFY_DEL_DEVICE, dev);
890
891 mutex_lock(&group->mutex);
892 list_for_each_entry(tmp_device, &group->devices, list) {
893 if (tmp_device->dev == dev) {
894 device = tmp_device;
895 list_del(&device->list);
896 break;
897 }
898 }
899 mutex_unlock(&group->mutex);
900
901 if (!device)
902 return;
903
904 sysfs_remove_link(group->devices_kobj, device->name);
905 sysfs_remove_link(&dev->kobj, "iommu_group");
906
907 trace_remove_device_from_group(group->id, dev);
908
909 kfree(device->name);
910 kfree(device);
911 dev->iommu_group = NULL;
912 kobject_put(group->devices_kobj);
913 }
914 EXPORT_SYMBOL_GPL(iommu_group_remove_device);
915
iommu_group_device_count(struct iommu_group * group)916 static int iommu_group_device_count(struct iommu_group *group)
917 {
918 struct group_device *entry;
919 int ret = 0;
920
921 list_for_each_entry(entry, &group->devices, list)
922 ret++;
923
924 return ret;
925 }
926
927 /**
928 * iommu_group_for_each_dev - iterate over each device in the group
929 * @group: the group
930 * @data: caller opaque data to be passed to callback function
931 * @fn: caller supplied callback function
932 *
933 * This function is called by group users to iterate over group devices.
934 * Callers should hold a reference count to the group during callback.
935 * The group->mutex is held across callbacks, which will block calls to
936 * iommu_group_add/remove_device.
937 */
__iommu_group_for_each_dev(struct iommu_group * group,void * data,int (* fn)(struct device *,void *))938 static int __iommu_group_for_each_dev(struct iommu_group *group, void *data,
939 int (*fn)(struct device *, void *))
940 {
941 struct group_device *device;
942 int ret = 0;
943
944 list_for_each_entry(device, &group->devices, list) {
945 ret = fn(device->dev, data);
946 if (ret)
947 break;
948 }
949 return ret;
950 }
951
952
iommu_group_for_each_dev(struct iommu_group * group,void * data,int (* fn)(struct device *,void *))953 int iommu_group_for_each_dev(struct iommu_group *group, void *data,
954 int (*fn)(struct device *, void *))
955 {
956 int ret;
957
958 mutex_lock(&group->mutex);
959 ret = __iommu_group_for_each_dev(group, data, fn);
960 mutex_unlock(&group->mutex);
961
962 return ret;
963 }
964 EXPORT_SYMBOL_GPL(iommu_group_for_each_dev);
965
966 /**
967 * iommu_group_get - Return the group for a device and increment reference
968 * @dev: get the group that this device belongs to
969 *
970 * This function is called by iommu drivers and users to get the group
971 * for the specified device. If found, the group is returned and the group
972 * reference in incremented, else NULL.
973 */
iommu_group_get(struct device * dev)974 struct iommu_group *iommu_group_get(struct device *dev)
975 {
976 struct iommu_group *group = dev->iommu_group;
977
978 if (group)
979 kobject_get(group->devices_kobj);
980
981 return group;
982 }
983 EXPORT_SYMBOL_GPL(iommu_group_get);
984
985 /**
986 * iommu_group_ref_get - Increment reference on a group
987 * @group: the group to use, must not be NULL
988 *
989 * This function is called by iommu drivers to take additional references on an
990 * existing group. Returns the given group for convenience.
991 */
iommu_group_ref_get(struct iommu_group * group)992 struct iommu_group *iommu_group_ref_get(struct iommu_group *group)
993 {
994 kobject_get(group->devices_kobj);
995 return group;
996 }
997 EXPORT_SYMBOL_GPL(iommu_group_ref_get);
998
999 /**
1000 * iommu_group_put - Decrement group reference
1001 * @group: the group to use
1002 *
1003 * This function is called by iommu drivers and users to release the
1004 * iommu group. Once the reference count is zero, the group is released.
1005 */
iommu_group_put(struct iommu_group * group)1006 void iommu_group_put(struct iommu_group *group)
1007 {
1008 if (group)
1009 kobject_put(group->devices_kobj);
1010 }
1011 EXPORT_SYMBOL_GPL(iommu_group_put);
1012
1013 /**
1014 * iommu_group_register_notifier - Register a notifier for group changes
1015 * @group: the group to watch
1016 * @nb: notifier block to signal
1017 *
1018 * This function allows iommu group users to track changes in a group.
1019 * See include/linux/iommu.h for actions sent via this notifier. Caller
1020 * should hold a reference to the group throughout notifier registration.
1021 */
iommu_group_register_notifier(struct iommu_group * group,struct notifier_block * nb)1022 int iommu_group_register_notifier(struct iommu_group *group,
1023 struct notifier_block *nb)
1024 {
1025 return blocking_notifier_chain_register(&group->notifier, nb);
1026 }
1027 EXPORT_SYMBOL_GPL(iommu_group_register_notifier);
1028
1029 /**
1030 * iommu_group_unregister_notifier - Unregister a notifier
1031 * @group: the group to watch
1032 * @nb: notifier block to signal
1033 *
1034 * Unregister a previously registered group notifier block.
1035 */
iommu_group_unregister_notifier(struct iommu_group * group,struct notifier_block * nb)1036 int iommu_group_unregister_notifier(struct iommu_group *group,
1037 struct notifier_block *nb)
1038 {
1039 return blocking_notifier_chain_unregister(&group->notifier, nb);
1040 }
1041 EXPORT_SYMBOL_GPL(iommu_group_unregister_notifier);
1042
1043 /**
1044 * iommu_register_device_fault_handler() - Register a device fault handler
1045 * @dev: the device
1046 * @handler: the fault handler
1047 * @data: private data passed as argument to the handler
1048 *
1049 * When an IOMMU fault event is received, this handler gets called with the
1050 * fault event and data as argument. The handler should return 0 on success. If
1051 * the fault is recoverable (IOMMU_FAULT_PAGE_REQ), the consumer should also
1052 * complete the fault by calling iommu_page_response() with one of the following
1053 * response code:
1054 * - IOMMU_PAGE_RESP_SUCCESS: retry the translation
1055 * - IOMMU_PAGE_RESP_INVALID: terminate the fault
1056 * - IOMMU_PAGE_RESP_FAILURE: terminate the fault and stop reporting
1057 * page faults if possible.
1058 *
1059 * Return 0 if the fault handler was installed successfully, or an error.
1060 */
iommu_register_device_fault_handler(struct device * dev,iommu_dev_fault_handler_t handler,void * data)1061 int iommu_register_device_fault_handler(struct device *dev,
1062 iommu_dev_fault_handler_t handler,
1063 void *data)
1064 {
1065 struct dev_iommu *param = dev->iommu;
1066 int ret = 0;
1067
1068 if (!param)
1069 return -EINVAL;
1070
1071 mutex_lock(¶m->lock);
1072 /* Only allow one fault handler registered for each device */
1073 if (param->fault_param) {
1074 ret = -EBUSY;
1075 goto done_unlock;
1076 }
1077
1078 get_device(dev);
1079 param->fault_param = kzalloc(sizeof(*param->fault_param), GFP_KERNEL);
1080 if (!param->fault_param) {
1081 put_device(dev);
1082 ret = -ENOMEM;
1083 goto done_unlock;
1084 }
1085 param->fault_param->handler = handler;
1086 param->fault_param->data = data;
1087 mutex_init(¶m->fault_param->lock);
1088 INIT_LIST_HEAD(¶m->fault_param->faults);
1089
1090 done_unlock:
1091 mutex_unlock(¶m->lock);
1092
1093 return ret;
1094 }
1095 EXPORT_SYMBOL_GPL(iommu_register_device_fault_handler);
1096
1097 /**
1098 * iommu_unregister_device_fault_handler() - Unregister the device fault handler
1099 * @dev: the device
1100 *
1101 * Remove the device fault handler installed with
1102 * iommu_register_device_fault_handler().
1103 *
1104 * Return 0 on success, or an error.
1105 */
iommu_unregister_device_fault_handler(struct device * dev)1106 int iommu_unregister_device_fault_handler(struct device *dev)
1107 {
1108 struct dev_iommu *param = dev->iommu;
1109 int ret = 0;
1110
1111 if (!param)
1112 return -EINVAL;
1113
1114 mutex_lock(¶m->lock);
1115
1116 if (!param->fault_param)
1117 goto unlock;
1118
1119 /* we cannot unregister handler if there are pending faults */
1120 if (!list_empty(¶m->fault_param->faults)) {
1121 ret = -EBUSY;
1122 goto unlock;
1123 }
1124
1125 kfree(param->fault_param);
1126 param->fault_param = NULL;
1127 put_device(dev);
1128 unlock:
1129 mutex_unlock(¶m->lock);
1130
1131 return ret;
1132 }
1133 EXPORT_SYMBOL_GPL(iommu_unregister_device_fault_handler);
1134
1135 /**
1136 * iommu_report_device_fault() - Report fault event to device driver
1137 * @dev: the device
1138 * @evt: fault event data
1139 *
1140 * Called by IOMMU drivers when a fault is detected, typically in a threaded IRQ
1141 * handler. When this function fails and the fault is recoverable, it is the
1142 * caller's responsibility to complete the fault.
1143 *
1144 * Return 0 on success, or an error.
1145 */
iommu_report_device_fault(struct device * dev,struct iommu_fault_event * evt)1146 int iommu_report_device_fault(struct device *dev, struct iommu_fault_event *evt)
1147 {
1148 struct dev_iommu *param = dev->iommu;
1149 struct iommu_fault_event *evt_pending = NULL;
1150 struct iommu_fault_param *fparam;
1151 int ret = 0;
1152
1153 if (!param || !evt)
1154 return -EINVAL;
1155
1156 /* we only report device fault if there is a handler registered */
1157 mutex_lock(¶m->lock);
1158 fparam = param->fault_param;
1159 if (!fparam || !fparam->handler) {
1160 ret = -EINVAL;
1161 goto done_unlock;
1162 }
1163
1164 if (evt->fault.type == IOMMU_FAULT_PAGE_REQ &&
1165 (evt->fault.prm.flags & IOMMU_FAULT_PAGE_REQUEST_LAST_PAGE)) {
1166 evt_pending = kmemdup(evt, sizeof(struct iommu_fault_event),
1167 GFP_KERNEL);
1168 if (!evt_pending) {
1169 ret = -ENOMEM;
1170 goto done_unlock;
1171 }
1172 mutex_lock(&fparam->lock);
1173 list_add_tail(&evt_pending->list, &fparam->faults);
1174 mutex_unlock(&fparam->lock);
1175 }
1176
1177 ret = fparam->handler(&evt->fault, fparam->data);
1178 if (ret && evt_pending) {
1179 mutex_lock(&fparam->lock);
1180 list_del(&evt_pending->list);
1181 mutex_unlock(&fparam->lock);
1182 kfree(evt_pending);
1183 }
1184 done_unlock:
1185 mutex_unlock(¶m->lock);
1186 return ret;
1187 }
1188 EXPORT_SYMBOL_GPL(iommu_report_device_fault);
1189
iommu_page_response(struct device * dev,struct iommu_page_response * msg)1190 int iommu_page_response(struct device *dev,
1191 struct iommu_page_response *msg)
1192 {
1193 bool needs_pasid;
1194 int ret = -EINVAL;
1195 struct iommu_fault_event *evt;
1196 struct iommu_fault_page_request *prm;
1197 struct dev_iommu *param = dev->iommu;
1198 bool has_pasid = msg->flags & IOMMU_PAGE_RESP_PASID_VALID;
1199 struct iommu_domain *domain = iommu_get_domain_for_dev(dev);
1200
1201 if (!domain || !domain->ops->page_response)
1202 return -ENODEV;
1203
1204 if (!param || !param->fault_param)
1205 return -EINVAL;
1206
1207 if (msg->version != IOMMU_PAGE_RESP_VERSION_1 ||
1208 msg->flags & ~IOMMU_PAGE_RESP_PASID_VALID)
1209 return -EINVAL;
1210
1211 /* Only send response if there is a fault report pending */
1212 mutex_lock(¶m->fault_param->lock);
1213 if (list_empty(¶m->fault_param->faults)) {
1214 dev_warn_ratelimited(dev, "no pending PRQ, drop response\n");
1215 goto done_unlock;
1216 }
1217 /*
1218 * Check if we have a matching page request pending to respond,
1219 * otherwise return -EINVAL
1220 */
1221 list_for_each_entry(evt, ¶m->fault_param->faults, list) {
1222 prm = &evt->fault.prm;
1223 if (prm->grpid != msg->grpid)
1224 continue;
1225
1226 /*
1227 * If the PASID is required, the corresponding request is
1228 * matched using the group ID, the PASID valid bit and the PASID
1229 * value. Otherwise only the group ID matches request and
1230 * response.
1231 */
1232 needs_pasid = prm->flags & IOMMU_FAULT_PAGE_RESPONSE_NEEDS_PASID;
1233 if (needs_pasid && (!has_pasid || msg->pasid != prm->pasid))
1234 continue;
1235
1236 if (!needs_pasid && has_pasid) {
1237 /* No big deal, just clear it. */
1238 msg->flags &= ~IOMMU_PAGE_RESP_PASID_VALID;
1239 msg->pasid = 0;
1240 }
1241
1242 ret = domain->ops->page_response(dev, evt, msg);
1243 list_del(&evt->list);
1244 kfree(evt);
1245 break;
1246 }
1247
1248 done_unlock:
1249 mutex_unlock(¶m->fault_param->lock);
1250 return ret;
1251 }
1252 EXPORT_SYMBOL_GPL(iommu_page_response);
1253
1254 /**
1255 * iommu_group_id - Return ID for a group
1256 * @group: the group to ID
1257 *
1258 * Return the unique ID for the group matching the sysfs group number.
1259 */
iommu_group_id(struct iommu_group * group)1260 int iommu_group_id(struct iommu_group *group)
1261 {
1262 return group->id;
1263 }
1264 EXPORT_SYMBOL_GPL(iommu_group_id);
1265
1266 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
1267 unsigned long *devfns);
1268
1269 /*
1270 * To consider a PCI device isolated, we require ACS to support Source
1271 * Validation, Request Redirection, Completer Redirection, and Upstream
1272 * Forwarding. This effectively means that devices cannot spoof their
1273 * requester ID, requests and completions cannot be redirected, and all
1274 * transactions are forwarded upstream, even as it passes through a
1275 * bridge where the target device is downstream.
1276 */
1277 #define REQ_ACS_FLAGS (PCI_ACS_SV | PCI_ACS_RR | PCI_ACS_CR | PCI_ACS_UF)
1278
1279 /*
1280 * For multifunction devices which are not isolated from each other, find
1281 * all the other non-isolated functions and look for existing groups. For
1282 * each function, we also need to look for aliases to or from other devices
1283 * that may already have a group.
1284 */
get_pci_function_alias_group(struct pci_dev * pdev,unsigned long * devfns)1285 static struct iommu_group *get_pci_function_alias_group(struct pci_dev *pdev,
1286 unsigned long *devfns)
1287 {
1288 struct pci_dev *tmp = NULL;
1289 struct iommu_group *group;
1290
1291 if (!pdev->multifunction || pci_acs_enabled(pdev, REQ_ACS_FLAGS))
1292 return NULL;
1293
1294 for_each_pci_dev(tmp) {
1295 if (tmp == pdev || tmp->bus != pdev->bus ||
1296 PCI_SLOT(tmp->devfn) != PCI_SLOT(pdev->devfn) ||
1297 pci_acs_enabled(tmp, REQ_ACS_FLAGS))
1298 continue;
1299
1300 group = get_pci_alias_group(tmp, devfns);
1301 if (group) {
1302 pci_dev_put(tmp);
1303 return group;
1304 }
1305 }
1306
1307 return NULL;
1308 }
1309
1310 /*
1311 * Look for aliases to or from the given device for existing groups. DMA
1312 * aliases are only supported on the same bus, therefore the search
1313 * space is quite small (especially since we're really only looking at pcie
1314 * device, and therefore only expect multiple slots on the root complex or
1315 * downstream switch ports). It's conceivable though that a pair of
1316 * multifunction devices could have aliases between them that would cause a
1317 * loop. To prevent this, we use a bitmap to track where we've been.
1318 */
get_pci_alias_group(struct pci_dev * pdev,unsigned long * devfns)1319 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
1320 unsigned long *devfns)
1321 {
1322 struct pci_dev *tmp = NULL;
1323 struct iommu_group *group;
1324
1325 if (test_and_set_bit(pdev->devfn & 0xff, devfns))
1326 return NULL;
1327
1328 group = iommu_group_get(&pdev->dev);
1329 if (group)
1330 return group;
1331
1332 for_each_pci_dev(tmp) {
1333 if (tmp == pdev || tmp->bus != pdev->bus)
1334 continue;
1335
1336 /* We alias them or they alias us */
1337 if (pci_devs_are_dma_aliases(pdev, tmp)) {
1338 group = get_pci_alias_group(tmp, devfns);
1339 if (group) {
1340 pci_dev_put(tmp);
1341 return group;
1342 }
1343
1344 group = get_pci_function_alias_group(tmp, devfns);
1345 if (group) {
1346 pci_dev_put(tmp);
1347 return group;
1348 }
1349 }
1350 }
1351
1352 return NULL;
1353 }
1354
1355 struct group_for_pci_data {
1356 struct pci_dev *pdev;
1357 struct iommu_group *group;
1358 };
1359
1360 /*
1361 * DMA alias iterator callback, return the last seen device. Stop and return
1362 * the IOMMU group if we find one along the way.
1363 */
get_pci_alias_or_group(struct pci_dev * pdev,u16 alias,void * opaque)1364 static int get_pci_alias_or_group(struct pci_dev *pdev, u16 alias, void *opaque)
1365 {
1366 struct group_for_pci_data *data = opaque;
1367
1368 data->pdev = pdev;
1369 data->group = iommu_group_get(&pdev->dev);
1370
1371 return data->group != NULL;
1372 }
1373
1374 /*
1375 * Generic device_group call-back function. It just allocates one
1376 * iommu-group per device.
1377 */
generic_device_group(struct device * dev)1378 struct iommu_group *generic_device_group(struct device *dev)
1379 {
1380 return iommu_group_alloc();
1381 }
1382 EXPORT_SYMBOL_GPL(generic_device_group);
1383
1384 /*
1385 * Use standard PCI bus topology, isolation features, and DMA alias quirks
1386 * to find or create an IOMMU group for a device.
1387 */
pci_device_group(struct device * dev)1388 struct iommu_group *pci_device_group(struct device *dev)
1389 {
1390 struct pci_dev *pdev = to_pci_dev(dev);
1391 struct group_for_pci_data data;
1392 struct pci_bus *bus;
1393 struct iommu_group *group = NULL;
1394 u64 devfns[4] = { 0 };
1395
1396 if (WARN_ON(!dev_is_pci(dev)))
1397 return ERR_PTR(-EINVAL);
1398
1399 /*
1400 * Find the upstream DMA alias for the device. A device must not
1401 * be aliased due to topology in order to have its own IOMMU group.
1402 * If we find an alias along the way that already belongs to a
1403 * group, use it.
1404 */
1405 if (pci_for_each_dma_alias(pdev, get_pci_alias_or_group, &data))
1406 return data.group;
1407
1408 pdev = data.pdev;
1409
1410 /*
1411 * Continue upstream from the point of minimum IOMMU granularity
1412 * due to aliases to the point where devices are protected from
1413 * peer-to-peer DMA by PCI ACS. Again, if we find an existing
1414 * group, use it.
1415 */
1416 for (bus = pdev->bus; !pci_is_root_bus(bus); bus = bus->parent) {
1417 if (!bus->self)
1418 continue;
1419
1420 if (pci_acs_path_enabled(bus->self, NULL, REQ_ACS_FLAGS))
1421 break;
1422
1423 pdev = bus->self;
1424
1425 group = iommu_group_get(&pdev->dev);
1426 if (group)
1427 return group;
1428 }
1429
1430 /*
1431 * Look for existing groups on device aliases. If we alias another
1432 * device or another device aliases us, use the same group.
1433 */
1434 group = get_pci_alias_group(pdev, (unsigned long *)devfns);
1435 if (group)
1436 return group;
1437
1438 /*
1439 * Look for existing groups on non-isolated functions on the same
1440 * slot and aliases of those funcions, if any. No need to clear
1441 * the search bitmap, the tested devfns are still valid.
1442 */
1443 group = get_pci_function_alias_group(pdev, (unsigned long *)devfns);
1444 if (group)
1445 return group;
1446
1447 /* No shared group found, allocate new */
1448 return iommu_group_alloc();
1449 }
1450 EXPORT_SYMBOL_GPL(pci_device_group);
1451
1452 /* Get the IOMMU group for device on fsl-mc bus */
fsl_mc_device_group(struct device * dev)1453 struct iommu_group *fsl_mc_device_group(struct device *dev)
1454 {
1455 struct device *cont_dev = fsl_mc_cont_dev(dev);
1456 struct iommu_group *group;
1457
1458 group = iommu_group_get(cont_dev);
1459 if (!group)
1460 group = iommu_group_alloc();
1461 return group;
1462 }
1463 EXPORT_SYMBOL_GPL(fsl_mc_device_group);
1464
iommu_get_def_domain_type(struct device * dev)1465 static int iommu_get_def_domain_type(struct device *dev)
1466 {
1467 const struct iommu_ops *ops = dev->bus->iommu_ops;
1468 unsigned int type = 0;
1469
1470 if (ops->def_domain_type)
1471 type = ops->def_domain_type(dev);
1472
1473 return (type == 0) ? iommu_def_domain_type : type;
1474 }
1475
iommu_group_alloc_default_domain(struct bus_type * bus,struct iommu_group * group,unsigned int type)1476 static int iommu_group_alloc_default_domain(struct bus_type *bus,
1477 struct iommu_group *group,
1478 unsigned int type)
1479 {
1480 struct iommu_domain *dom;
1481
1482 dom = __iommu_domain_alloc(bus, type);
1483 if (!dom && type != IOMMU_DOMAIN_DMA) {
1484 dom = __iommu_domain_alloc(bus, IOMMU_DOMAIN_DMA);
1485 if (dom)
1486 pr_warn("Failed to allocate default IOMMU domain of type %u for group %s - Falling back to IOMMU_DOMAIN_DMA",
1487 type, group->name);
1488 }
1489
1490 if (!dom)
1491 return -ENOMEM;
1492
1493 group->default_domain = dom;
1494 if (!group->domain)
1495 group->domain = dom;
1496
1497 if (!iommu_dma_strict) {
1498 int attr = 1;
1499 iommu_domain_set_attr(dom,
1500 DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE,
1501 &attr);
1502 }
1503
1504 return 0;
1505 }
1506
iommu_alloc_default_domain(struct iommu_group * group,struct device * dev)1507 static int iommu_alloc_default_domain(struct iommu_group *group,
1508 struct device *dev)
1509 {
1510 unsigned int type;
1511
1512 if (group->default_domain)
1513 return 0;
1514
1515 type = iommu_get_def_domain_type(dev);
1516
1517 return iommu_group_alloc_default_domain(dev->bus, group, type);
1518 }
1519
1520 /**
1521 * iommu_group_get_for_dev - Find or create the IOMMU group for a device
1522 * @dev: target device
1523 *
1524 * This function is intended to be called by IOMMU drivers and extended to
1525 * support common, bus-defined algorithms when determining or creating the
1526 * IOMMU group for a device. On success, the caller will hold a reference
1527 * to the returned IOMMU group, which will already include the provided
1528 * device. The reference should be released with iommu_group_put().
1529 */
iommu_group_get_for_dev(struct device * dev)1530 static struct iommu_group *iommu_group_get_for_dev(struct device *dev)
1531 {
1532 const struct iommu_ops *ops = dev->bus->iommu_ops;
1533 struct iommu_group *group;
1534 int ret;
1535
1536 group = iommu_group_get(dev);
1537 if (group)
1538 return group;
1539
1540 if (!ops)
1541 return ERR_PTR(-EINVAL);
1542
1543 group = ops->device_group(dev);
1544 if (WARN_ON_ONCE(group == NULL))
1545 return ERR_PTR(-EINVAL);
1546
1547 if (IS_ERR(group))
1548 return group;
1549
1550 ret = iommu_group_add_device(group, dev);
1551 if (ret)
1552 goto out_put_group;
1553
1554 return group;
1555
1556 out_put_group:
1557 iommu_group_put(group);
1558
1559 return ERR_PTR(ret);
1560 }
1561
iommu_group_default_domain(struct iommu_group * group)1562 struct iommu_domain *iommu_group_default_domain(struct iommu_group *group)
1563 {
1564 return group->default_domain;
1565 }
1566
probe_iommu_group(struct device * dev,void * data)1567 static int probe_iommu_group(struct device *dev, void *data)
1568 {
1569 struct list_head *group_list = data;
1570 struct iommu_group *group;
1571 int ret;
1572
1573 /* Device is probed already if in a group */
1574 group = iommu_group_get(dev);
1575 if (group) {
1576 iommu_group_put(group);
1577 return 0;
1578 }
1579
1580 ret = __iommu_probe_device(dev, group_list);
1581 if (ret == -ENODEV)
1582 ret = 0;
1583
1584 return ret;
1585 }
1586
remove_iommu_group(struct device * dev,void * data)1587 static int remove_iommu_group(struct device *dev, void *data)
1588 {
1589 iommu_release_device(dev);
1590
1591 return 0;
1592 }
1593
iommu_bus_notifier(struct notifier_block * nb,unsigned long action,void * data)1594 static int iommu_bus_notifier(struct notifier_block *nb,
1595 unsigned long action, void *data)
1596 {
1597 unsigned long group_action = 0;
1598 struct device *dev = data;
1599 struct iommu_group *group;
1600
1601 /*
1602 * ADD/DEL call into iommu driver ops if provided, which may
1603 * result in ADD/DEL notifiers to group->notifier
1604 */
1605 if (action == BUS_NOTIFY_ADD_DEVICE) {
1606 int ret;
1607
1608 ret = iommu_probe_device(dev);
1609 return (ret) ? NOTIFY_DONE : NOTIFY_OK;
1610 } else if (action == BUS_NOTIFY_REMOVED_DEVICE) {
1611 iommu_release_device(dev);
1612 return NOTIFY_OK;
1613 }
1614
1615 /*
1616 * Remaining BUS_NOTIFYs get filtered and republished to the
1617 * group, if anyone is listening
1618 */
1619 group = iommu_group_get(dev);
1620 if (!group)
1621 return 0;
1622
1623 switch (action) {
1624 case BUS_NOTIFY_BIND_DRIVER:
1625 group_action = IOMMU_GROUP_NOTIFY_BIND_DRIVER;
1626 break;
1627 case BUS_NOTIFY_BOUND_DRIVER:
1628 group_action = IOMMU_GROUP_NOTIFY_BOUND_DRIVER;
1629 break;
1630 case BUS_NOTIFY_UNBIND_DRIVER:
1631 group_action = IOMMU_GROUP_NOTIFY_UNBIND_DRIVER;
1632 break;
1633 case BUS_NOTIFY_UNBOUND_DRIVER:
1634 group_action = IOMMU_GROUP_NOTIFY_UNBOUND_DRIVER;
1635 break;
1636 }
1637
1638 if (group_action)
1639 blocking_notifier_call_chain(&group->notifier,
1640 group_action, dev);
1641
1642 iommu_group_put(group);
1643 return 0;
1644 }
1645
1646 struct __group_domain_type {
1647 struct device *dev;
1648 unsigned int type;
1649 };
1650
probe_get_default_domain_type(struct device * dev,void * data)1651 static int probe_get_default_domain_type(struct device *dev, void *data)
1652 {
1653 const struct iommu_ops *ops = dev->bus->iommu_ops;
1654 struct __group_domain_type *gtype = data;
1655 unsigned int type = 0;
1656
1657 if (ops->def_domain_type)
1658 type = ops->def_domain_type(dev);
1659
1660 if (type) {
1661 if (gtype->type && gtype->type != type) {
1662 dev_warn(dev, "Device needs domain type %s, but device %s in the same iommu group requires type %s - using default\n",
1663 iommu_domain_type_str(type),
1664 dev_name(gtype->dev),
1665 iommu_domain_type_str(gtype->type));
1666 gtype->type = 0;
1667 }
1668
1669 if (!gtype->dev) {
1670 gtype->dev = dev;
1671 gtype->type = type;
1672 }
1673 }
1674
1675 return 0;
1676 }
1677
probe_alloc_default_domain(struct bus_type * bus,struct iommu_group * group)1678 static void probe_alloc_default_domain(struct bus_type *bus,
1679 struct iommu_group *group)
1680 {
1681 struct __group_domain_type gtype;
1682
1683 memset(>ype, 0, sizeof(gtype));
1684
1685 /* Ask for default domain requirements of all devices in the group */
1686 __iommu_group_for_each_dev(group, >ype,
1687 probe_get_default_domain_type);
1688
1689 if (!gtype.type)
1690 gtype.type = iommu_def_domain_type;
1691
1692 iommu_group_alloc_default_domain(bus, group, gtype.type);
1693
1694 }
1695
iommu_group_do_dma_attach(struct device * dev,void * data)1696 static int iommu_group_do_dma_attach(struct device *dev, void *data)
1697 {
1698 struct iommu_domain *domain = data;
1699 int ret = 0;
1700
1701 if (!iommu_is_attach_deferred(domain, dev))
1702 ret = __iommu_attach_device(domain, dev);
1703
1704 return ret;
1705 }
1706
__iommu_group_dma_attach(struct iommu_group * group)1707 static int __iommu_group_dma_attach(struct iommu_group *group)
1708 {
1709 return __iommu_group_for_each_dev(group, group->default_domain,
1710 iommu_group_do_dma_attach);
1711 }
1712
iommu_group_do_probe_finalize(struct device * dev,void * data)1713 static int iommu_group_do_probe_finalize(struct device *dev, void *data)
1714 {
1715 struct iommu_domain *domain = data;
1716
1717 if (domain->ops->probe_finalize)
1718 domain->ops->probe_finalize(dev);
1719
1720 return 0;
1721 }
1722
__iommu_group_dma_finalize(struct iommu_group * group)1723 static void __iommu_group_dma_finalize(struct iommu_group *group)
1724 {
1725 __iommu_group_for_each_dev(group, group->default_domain,
1726 iommu_group_do_probe_finalize);
1727 }
1728
iommu_do_create_direct_mappings(struct device * dev,void * data)1729 static int iommu_do_create_direct_mappings(struct device *dev, void *data)
1730 {
1731 struct iommu_group *group = data;
1732
1733 iommu_create_device_direct_mappings(group, dev);
1734
1735 return 0;
1736 }
1737
iommu_group_create_direct_mappings(struct iommu_group * group)1738 static int iommu_group_create_direct_mappings(struct iommu_group *group)
1739 {
1740 return __iommu_group_for_each_dev(group, group,
1741 iommu_do_create_direct_mappings);
1742 }
1743
bus_iommu_probe(struct bus_type * bus)1744 int bus_iommu_probe(struct bus_type *bus)
1745 {
1746 struct iommu_group *group, *next;
1747 LIST_HEAD(group_list);
1748 int ret;
1749
1750 /*
1751 * This code-path does not allocate the default domain when
1752 * creating the iommu group, so do it after the groups are
1753 * created.
1754 */
1755 ret = bus_for_each_dev(bus, NULL, &group_list, probe_iommu_group);
1756 if (ret)
1757 return ret;
1758
1759 list_for_each_entry_safe(group, next, &group_list, entry) {
1760 /* Remove item from the list */
1761 list_del_init(&group->entry);
1762
1763 mutex_lock(&group->mutex);
1764
1765 /* Try to allocate default domain */
1766 probe_alloc_default_domain(bus, group);
1767
1768 if (!group->default_domain) {
1769 mutex_unlock(&group->mutex);
1770 continue;
1771 }
1772
1773 iommu_group_create_direct_mappings(group);
1774
1775 ret = __iommu_group_dma_attach(group);
1776
1777 mutex_unlock(&group->mutex);
1778
1779 if (ret)
1780 break;
1781
1782 __iommu_group_dma_finalize(group);
1783 }
1784
1785 return ret;
1786 }
1787
iommu_bus_init(struct bus_type * bus,const struct iommu_ops * ops)1788 static int iommu_bus_init(struct bus_type *bus, const struct iommu_ops *ops)
1789 {
1790 struct notifier_block *nb;
1791 int err;
1792
1793 nb = kzalloc(sizeof(struct notifier_block), GFP_KERNEL);
1794 if (!nb)
1795 return -ENOMEM;
1796
1797 nb->notifier_call = iommu_bus_notifier;
1798
1799 err = bus_register_notifier(bus, nb);
1800 if (err)
1801 goto out_free;
1802
1803 err = bus_iommu_probe(bus);
1804 if (err)
1805 goto out_err;
1806
1807
1808 return 0;
1809
1810 out_err:
1811 /* Clean up */
1812 bus_for_each_dev(bus, NULL, NULL, remove_iommu_group);
1813 bus_unregister_notifier(bus, nb);
1814
1815 out_free:
1816 kfree(nb);
1817
1818 return err;
1819 }
1820
1821 /**
1822 * bus_set_iommu - set iommu-callbacks for the bus
1823 * @bus: bus.
1824 * @ops: the callbacks provided by the iommu-driver
1825 *
1826 * This function is called by an iommu driver to set the iommu methods
1827 * used for a particular bus. Drivers for devices on that bus can use
1828 * the iommu-api after these ops are registered.
1829 * This special function is needed because IOMMUs are usually devices on
1830 * the bus itself, so the iommu drivers are not initialized when the bus
1831 * is set up. With this function the iommu-driver can set the iommu-ops
1832 * afterwards.
1833 */
bus_set_iommu(struct bus_type * bus,const struct iommu_ops * ops)1834 int bus_set_iommu(struct bus_type *bus, const struct iommu_ops *ops)
1835 {
1836 int err;
1837
1838 if (ops == NULL) {
1839 bus->iommu_ops = NULL;
1840 return 0;
1841 }
1842
1843 if (bus->iommu_ops != NULL)
1844 return -EBUSY;
1845
1846 bus->iommu_ops = ops;
1847
1848 /* Do IOMMU specific setup for this bus-type */
1849 err = iommu_bus_init(bus, ops);
1850 if (err)
1851 bus->iommu_ops = NULL;
1852
1853 return err;
1854 }
1855 EXPORT_SYMBOL_GPL(bus_set_iommu);
1856
iommu_present(struct bus_type * bus)1857 bool iommu_present(struct bus_type *bus)
1858 {
1859 return bus->iommu_ops != NULL;
1860 }
1861 EXPORT_SYMBOL_GPL(iommu_present);
1862
iommu_capable(struct bus_type * bus,enum iommu_cap cap)1863 bool iommu_capable(struct bus_type *bus, enum iommu_cap cap)
1864 {
1865 if (!bus->iommu_ops || !bus->iommu_ops->capable)
1866 return false;
1867
1868 return bus->iommu_ops->capable(cap);
1869 }
1870 EXPORT_SYMBOL_GPL(iommu_capable);
1871
1872 /**
1873 * iommu_set_fault_handler() - set a fault handler for an iommu domain
1874 * @domain: iommu domain
1875 * @handler: fault handler
1876 * @token: user data, will be passed back to the fault handler
1877 *
1878 * This function should be used by IOMMU users which want to be notified
1879 * whenever an IOMMU fault happens.
1880 *
1881 * The fault handler itself should return 0 on success, and an appropriate
1882 * error code otherwise.
1883 */
iommu_set_fault_handler(struct iommu_domain * domain,iommu_fault_handler_t handler,void * token)1884 void iommu_set_fault_handler(struct iommu_domain *domain,
1885 iommu_fault_handler_t handler,
1886 void *token)
1887 {
1888 BUG_ON(!domain);
1889
1890 domain->handler = handler;
1891 domain->handler_token = token;
1892 }
1893 EXPORT_SYMBOL_GPL(iommu_set_fault_handler);
1894
__iommu_domain_alloc(struct bus_type * bus,unsigned type)1895 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
1896 unsigned type)
1897 {
1898 struct iommu_domain *domain;
1899
1900 if (bus == NULL || bus->iommu_ops == NULL)
1901 return NULL;
1902
1903 domain = bus->iommu_ops->domain_alloc(type);
1904 if (!domain)
1905 return NULL;
1906
1907 domain->ops = bus->iommu_ops;
1908 domain->type = type;
1909 /* Assume all sizes by default; the driver may override this later */
1910 domain->pgsize_bitmap = bus->iommu_ops->pgsize_bitmap;
1911
1912 return domain;
1913 }
1914
iommu_domain_alloc(struct bus_type * bus)1915 struct iommu_domain *iommu_domain_alloc(struct bus_type *bus)
1916 {
1917 return __iommu_domain_alloc(bus, IOMMU_DOMAIN_UNMANAGED);
1918 }
1919 EXPORT_SYMBOL_GPL(iommu_domain_alloc);
1920
iommu_domain_free(struct iommu_domain * domain)1921 void iommu_domain_free(struct iommu_domain *domain)
1922 {
1923 domain->ops->domain_free(domain);
1924 }
1925 EXPORT_SYMBOL_GPL(iommu_domain_free);
1926
__iommu_attach_device(struct iommu_domain * domain,struct device * dev)1927 static int __iommu_attach_device(struct iommu_domain *domain,
1928 struct device *dev)
1929 {
1930 int ret;
1931
1932 if (unlikely(domain->ops->attach_dev == NULL))
1933 return -ENODEV;
1934
1935 ret = domain->ops->attach_dev(domain, dev);
1936 if (!ret)
1937 trace_attach_device_to_domain(dev);
1938 return ret;
1939 }
1940
iommu_attach_device(struct iommu_domain * domain,struct device * dev)1941 int iommu_attach_device(struct iommu_domain *domain, struct device *dev)
1942 {
1943 struct iommu_group *group;
1944 int ret;
1945
1946 group = iommu_group_get(dev);
1947 if (!group)
1948 return -ENODEV;
1949
1950 /*
1951 * Lock the group to make sure the device-count doesn't
1952 * change while we are attaching
1953 */
1954 mutex_lock(&group->mutex);
1955 ret = -EINVAL;
1956 if (iommu_group_device_count(group) != 1)
1957 goto out_unlock;
1958
1959 ret = __iommu_attach_group(domain, group);
1960
1961 out_unlock:
1962 mutex_unlock(&group->mutex);
1963 iommu_group_put(group);
1964
1965 return ret;
1966 }
1967 EXPORT_SYMBOL_GPL(iommu_attach_device);
1968
1969 /*
1970 * Check flags and other user provided data for valid combinations. We also
1971 * make sure no reserved fields or unused flags are set. This is to ensure
1972 * not breaking userspace in the future when these fields or flags are used.
1973 */
iommu_check_cache_invl_data(struct iommu_cache_invalidate_info * info)1974 static int iommu_check_cache_invl_data(struct iommu_cache_invalidate_info *info)
1975 {
1976 u32 mask;
1977 int i;
1978
1979 if (info->version != IOMMU_CACHE_INVALIDATE_INFO_VERSION_1)
1980 return -EINVAL;
1981
1982 mask = (1 << IOMMU_CACHE_INV_TYPE_NR) - 1;
1983 if (info->cache & ~mask)
1984 return -EINVAL;
1985
1986 if (info->granularity >= IOMMU_INV_GRANU_NR)
1987 return -EINVAL;
1988
1989 switch (info->granularity) {
1990 case IOMMU_INV_GRANU_ADDR:
1991 if (info->cache & IOMMU_CACHE_INV_TYPE_PASID)
1992 return -EINVAL;
1993
1994 mask = IOMMU_INV_ADDR_FLAGS_PASID |
1995 IOMMU_INV_ADDR_FLAGS_ARCHID |
1996 IOMMU_INV_ADDR_FLAGS_LEAF;
1997
1998 if (info->granu.addr_info.flags & ~mask)
1999 return -EINVAL;
2000 break;
2001 case IOMMU_INV_GRANU_PASID:
2002 mask = IOMMU_INV_PASID_FLAGS_PASID |
2003 IOMMU_INV_PASID_FLAGS_ARCHID;
2004 if (info->granu.pasid_info.flags & ~mask)
2005 return -EINVAL;
2006
2007 break;
2008 case IOMMU_INV_GRANU_DOMAIN:
2009 if (info->cache & IOMMU_CACHE_INV_TYPE_DEV_IOTLB)
2010 return -EINVAL;
2011 break;
2012 default:
2013 return -EINVAL;
2014 }
2015
2016 /* Check reserved padding fields */
2017 for (i = 0; i < sizeof(info->padding); i++) {
2018 if (info->padding[i])
2019 return -EINVAL;
2020 }
2021
2022 return 0;
2023 }
2024
iommu_uapi_cache_invalidate(struct iommu_domain * domain,struct device * dev,void __user * uinfo)2025 int iommu_uapi_cache_invalidate(struct iommu_domain *domain, struct device *dev,
2026 void __user *uinfo)
2027 {
2028 struct iommu_cache_invalidate_info inv_info = { 0 };
2029 u32 minsz;
2030 int ret;
2031
2032 if (unlikely(!domain->ops->cache_invalidate))
2033 return -ENODEV;
2034
2035 /*
2036 * No new spaces can be added before the variable sized union, the
2037 * minimum size is the offset to the union.
2038 */
2039 minsz = offsetof(struct iommu_cache_invalidate_info, granu);
2040
2041 /* Copy minsz from user to get flags and argsz */
2042 if (copy_from_user(&inv_info, uinfo, minsz))
2043 return -EFAULT;
2044
2045 /* Fields before the variable size union are mandatory */
2046 if (inv_info.argsz < minsz)
2047 return -EINVAL;
2048
2049 /* PASID and address granu require additional info beyond minsz */
2050 if (inv_info.granularity == IOMMU_INV_GRANU_PASID &&
2051 inv_info.argsz < offsetofend(struct iommu_cache_invalidate_info, granu.pasid_info))
2052 return -EINVAL;
2053
2054 if (inv_info.granularity == IOMMU_INV_GRANU_ADDR &&
2055 inv_info.argsz < offsetofend(struct iommu_cache_invalidate_info, granu.addr_info))
2056 return -EINVAL;
2057
2058 /*
2059 * User might be using a newer UAPI header which has a larger data
2060 * size, we shall support the existing flags within the current
2061 * size. Copy the remaining user data _after_ minsz but not more
2062 * than the current kernel supported size.
2063 */
2064 if (copy_from_user((void *)&inv_info + minsz, uinfo + minsz,
2065 min_t(u32, inv_info.argsz, sizeof(inv_info)) - minsz))
2066 return -EFAULT;
2067
2068 /* Now the argsz is validated, check the content */
2069 ret = iommu_check_cache_invl_data(&inv_info);
2070 if (ret)
2071 return ret;
2072
2073 return domain->ops->cache_invalidate(domain, dev, &inv_info);
2074 }
2075 EXPORT_SYMBOL_GPL(iommu_uapi_cache_invalidate);
2076
iommu_check_bind_data(struct iommu_gpasid_bind_data * data)2077 static int iommu_check_bind_data(struct iommu_gpasid_bind_data *data)
2078 {
2079 u64 mask;
2080 int i;
2081
2082 if (data->version != IOMMU_GPASID_BIND_VERSION_1)
2083 return -EINVAL;
2084
2085 /* Check the range of supported formats */
2086 if (data->format >= IOMMU_PASID_FORMAT_LAST)
2087 return -EINVAL;
2088
2089 /* Check all flags */
2090 mask = IOMMU_SVA_GPASID_VAL;
2091 if (data->flags & ~mask)
2092 return -EINVAL;
2093
2094 /* Check reserved padding fields */
2095 for (i = 0; i < sizeof(data->padding); i++) {
2096 if (data->padding[i])
2097 return -EINVAL;
2098 }
2099
2100 return 0;
2101 }
2102
iommu_sva_prepare_bind_data(void __user * udata,struct iommu_gpasid_bind_data * data)2103 static int iommu_sva_prepare_bind_data(void __user *udata,
2104 struct iommu_gpasid_bind_data *data)
2105 {
2106 u32 minsz;
2107
2108 /*
2109 * No new spaces can be added before the variable sized union, the
2110 * minimum size is the offset to the union.
2111 */
2112 minsz = offsetof(struct iommu_gpasid_bind_data, vendor);
2113
2114 /* Copy minsz from user to get flags and argsz */
2115 if (copy_from_user(data, udata, minsz))
2116 return -EFAULT;
2117
2118 /* Fields before the variable size union are mandatory */
2119 if (data->argsz < minsz)
2120 return -EINVAL;
2121 /*
2122 * User might be using a newer UAPI header, we shall let IOMMU vendor
2123 * driver decide on what size it needs. Since the guest PASID bind data
2124 * can be vendor specific, larger argsz could be the result of extension
2125 * for one vendor but it should not affect another vendor.
2126 * Copy the remaining user data _after_ minsz
2127 */
2128 if (copy_from_user((void *)data + minsz, udata + minsz,
2129 min_t(u32, data->argsz, sizeof(*data)) - minsz))
2130 return -EFAULT;
2131
2132 return iommu_check_bind_data(data);
2133 }
2134
iommu_uapi_sva_bind_gpasid(struct iommu_domain * domain,struct device * dev,void __user * udata)2135 int iommu_uapi_sva_bind_gpasid(struct iommu_domain *domain, struct device *dev,
2136 void __user *udata)
2137 {
2138 struct iommu_gpasid_bind_data data = { 0 };
2139 int ret;
2140
2141 if (unlikely(!domain->ops->sva_bind_gpasid))
2142 return -ENODEV;
2143
2144 ret = iommu_sva_prepare_bind_data(udata, &data);
2145 if (ret)
2146 return ret;
2147
2148 return domain->ops->sva_bind_gpasid(domain, dev, &data);
2149 }
2150 EXPORT_SYMBOL_GPL(iommu_uapi_sva_bind_gpasid);
2151
iommu_sva_unbind_gpasid(struct iommu_domain * domain,struct device * dev,ioasid_t pasid)2152 int iommu_sva_unbind_gpasid(struct iommu_domain *domain, struct device *dev,
2153 ioasid_t pasid)
2154 {
2155 if (unlikely(!domain->ops->sva_unbind_gpasid))
2156 return -ENODEV;
2157
2158 return domain->ops->sva_unbind_gpasid(dev, pasid);
2159 }
2160 EXPORT_SYMBOL_GPL(iommu_sva_unbind_gpasid);
2161
iommu_uapi_sva_unbind_gpasid(struct iommu_domain * domain,struct device * dev,void __user * udata)2162 int iommu_uapi_sva_unbind_gpasid(struct iommu_domain *domain, struct device *dev,
2163 void __user *udata)
2164 {
2165 struct iommu_gpasid_bind_data data = { 0 };
2166 int ret;
2167
2168 if (unlikely(!domain->ops->sva_bind_gpasid))
2169 return -ENODEV;
2170
2171 ret = iommu_sva_prepare_bind_data(udata, &data);
2172 if (ret)
2173 return ret;
2174
2175 return iommu_sva_unbind_gpasid(domain, dev, data.hpasid);
2176 }
2177 EXPORT_SYMBOL_GPL(iommu_uapi_sva_unbind_gpasid);
2178
__iommu_detach_device(struct iommu_domain * domain,struct device * dev)2179 static void __iommu_detach_device(struct iommu_domain *domain,
2180 struct device *dev)
2181 {
2182 if (iommu_is_attach_deferred(domain, dev))
2183 return;
2184
2185 if (unlikely(domain->ops->detach_dev == NULL))
2186 return;
2187
2188 domain->ops->detach_dev(domain, dev);
2189 trace_detach_device_from_domain(dev);
2190 }
2191
iommu_detach_device(struct iommu_domain * domain,struct device * dev)2192 void iommu_detach_device(struct iommu_domain *domain, struct device *dev)
2193 {
2194 struct iommu_group *group;
2195
2196 group = iommu_group_get(dev);
2197 if (!group)
2198 return;
2199
2200 mutex_lock(&group->mutex);
2201 if (iommu_group_device_count(group) != 1) {
2202 WARN_ON(1);
2203 goto out_unlock;
2204 }
2205
2206 __iommu_detach_group(domain, group);
2207
2208 out_unlock:
2209 mutex_unlock(&group->mutex);
2210 iommu_group_put(group);
2211 }
2212 EXPORT_SYMBOL_GPL(iommu_detach_device);
2213
iommu_get_domain_for_dev(struct device * dev)2214 struct iommu_domain *iommu_get_domain_for_dev(struct device *dev)
2215 {
2216 struct iommu_domain *domain;
2217 struct iommu_group *group;
2218
2219 group = iommu_group_get(dev);
2220 if (!group)
2221 return NULL;
2222
2223 domain = group->domain;
2224
2225 iommu_group_put(group);
2226
2227 return domain;
2228 }
2229 EXPORT_SYMBOL_GPL(iommu_get_domain_for_dev);
2230
2231 /*
2232 * For IOMMU_DOMAIN_DMA implementations which already provide their own
2233 * guarantees that the group and its default domain are valid and correct.
2234 */
iommu_get_dma_domain(struct device * dev)2235 struct iommu_domain *iommu_get_dma_domain(struct device *dev)
2236 {
2237 return dev->iommu_group->default_domain;
2238 }
2239
2240 /*
2241 * IOMMU groups are really the natural working unit of the IOMMU, but
2242 * the IOMMU API works on domains and devices. Bridge that gap by
2243 * iterating over the devices in a group. Ideally we'd have a single
2244 * device which represents the requestor ID of the group, but we also
2245 * allow IOMMU drivers to create policy defined minimum sets, where
2246 * the physical hardware may be able to distiguish members, but we
2247 * wish to group them at a higher level (ex. untrusted multi-function
2248 * PCI devices). Thus we attach each device.
2249 */
iommu_group_do_attach_device(struct device * dev,void * data)2250 static int iommu_group_do_attach_device(struct device *dev, void *data)
2251 {
2252 struct iommu_domain *domain = data;
2253
2254 return __iommu_attach_device(domain, dev);
2255 }
2256
__iommu_attach_group(struct iommu_domain * domain,struct iommu_group * group)2257 static int __iommu_attach_group(struct iommu_domain *domain,
2258 struct iommu_group *group)
2259 {
2260 int ret;
2261
2262 if (group->default_domain && group->domain != group->default_domain)
2263 return -EBUSY;
2264
2265 ret = __iommu_group_for_each_dev(group, domain,
2266 iommu_group_do_attach_device);
2267 if (ret == 0)
2268 group->domain = domain;
2269
2270 return ret;
2271 }
2272
iommu_attach_group(struct iommu_domain * domain,struct iommu_group * group)2273 int iommu_attach_group(struct iommu_domain *domain, struct iommu_group *group)
2274 {
2275 int ret;
2276
2277 mutex_lock(&group->mutex);
2278 ret = __iommu_attach_group(domain, group);
2279 mutex_unlock(&group->mutex);
2280
2281 return ret;
2282 }
2283 EXPORT_SYMBOL_GPL(iommu_attach_group);
2284
iommu_group_do_detach_device(struct device * dev,void * data)2285 static int iommu_group_do_detach_device(struct device *dev, void *data)
2286 {
2287 struct iommu_domain *domain = data;
2288
2289 __iommu_detach_device(domain, dev);
2290
2291 return 0;
2292 }
2293
__iommu_detach_group(struct iommu_domain * domain,struct iommu_group * group)2294 static void __iommu_detach_group(struct iommu_domain *domain,
2295 struct iommu_group *group)
2296 {
2297 int ret;
2298
2299 if (!group->default_domain) {
2300 __iommu_group_for_each_dev(group, domain,
2301 iommu_group_do_detach_device);
2302 group->domain = NULL;
2303 return;
2304 }
2305
2306 if (group->domain == group->default_domain)
2307 return;
2308
2309 /* Detach by re-attaching to the default domain */
2310 ret = __iommu_group_for_each_dev(group, group->default_domain,
2311 iommu_group_do_attach_device);
2312 if (ret != 0)
2313 WARN_ON(1);
2314 else
2315 group->domain = group->default_domain;
2316 }
2317
iommu_detach_group(struct iommu_domain * domain,struct iommu_group * group)2318 void iommu_detach_group(struct iommu_domain *domain, struct iommu_group *group)
2319 {
2320 mutex_lock(&group->mutex);
2321 __iommu_detach_group(domain, group);
2322 mutex_unlock(&group->mutex);
2323 }
2324 EXPORT_SYMBOL_GPL(iommu_detach_group);
2325
iommu_iova_to_phys(struct iommu_domain * domain,dma_addr_t iova)2326 phys_addr_t iommu_iova_to_phys(struct iommu_domain *domain, dma_addr_t iova)
2327 {
2328 if (unlikely(domain->ops->iova_to_phys == NULL))
2329 return 0;
2330
2331 return domain->ops->iova_to_phys(domain, iova);
2332 }
2333 EXPORT_SYMBOL_GPL(iommu_iova_to_phys);
2334
iommu_pgsize(struct iommu_domain * domain,unsigned long addr_merge,size_t size)2335 static size_t iommu_pgsize(struct iommu_domain *domain,
2336 unsigned long addr_merge, size_t size)
2337 {
2338 unsigned int pgsize_idx;
2339 size_t pgsize;
2340
2341 /* Max page size that still fits into 'size' */
2342 pgsize_idx = __fls(size);
2343
2344 /* need to consider alignment requirements ? */
2345 if (likely(addr_merge)) {
2346 /* Max page size allowed by address */
2347 unsigned int align_pgsize_idx = __ffs(addr_merge);
2348 pgsize_idx = min(pgsize_idx, align_pgsize_idx);
2349 }
2350
2351 /* build a mask of acceptable page sizes */
2352 pgsize = (1UL << (pgsize_idx + 1)) - 1;
2353
2354 /* throw away page sizes not supported by the hardware */
2355 pgsize &= domain->pgsize_bitmap;
2356
2357 /* make sure we're still sane */
2358 BUG_ON(!pgsize);
2359
2360 /* pick the biggest page */
2361 pgsize_idx = __fls(pgsize);
2362 pgsize = 1UL << pgsize_idx;
2363
2364 return pgsize;
2365 }
2366
__iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot,gfp_t gfp)2367 static int __iommu_map(struct iommu_domain *domain, unsigned long iova,
2368 phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
2369 {
2370 const struct iommu_ops *ops = domain->ops;
2371 unsigned long orig_iova = iova;
2372 unsigned int min_pagesz;
2373 size_t orig_size = size;
2374 phys_addr_t orig_paddr = paddr;
2375 int ret = 0;
2376
2377 if (unlikely(ops->map == NULL ||
2378 domain->pgsize_bitmap == 0UL))
2379 return -ENODEV;
2380
2381 if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
2382 return -EINVAL;
2383
2384 /* find out the minimum page size supported */
2385 min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
2386
2387 /*
2388 * both the virtual address and the physical one, as well as
2389 * the size of the mapping, must be aligned (at least) to the
2390 * size of the smallest page supported by the hardware
2391 */
2392 if (!IS_ALIGNED(iova | paddr | size, min_pagesz)) {
2393 pr_err("unaligned: iova 0x%lx pa %pa size 0x%zx min_pagesz 0x%x\n",
2394 iova, &paddr, size, min_pagesz);
2395 return -EINVAL;
2396 }
2397
2398 pr_debug("map: iova 0x%lx pa %pa size 0x%zx\n", iova, &paddr, size);
2399
2400 while (size) {
2401 size_t pgsize = iommu_pgsize(domain, iova | paddr, size);
2402
2403 pr_debug("mapping: iova 0x%lx pa %pa pgsize 0x%zx\n",
2404 iova, &paddr, pgsize);
2405 ret = ops->map(domain, iova, paddr, pgsize, prot, gfp);
2406
2407 if (ret)
2408 break;
2409
2410 iova += pgsize;
2411 paddr += pgsize;
2412 size -= pgsize;
2413 }
2414
2415 /* unroll mapping in case something went wrong */
2416 if (ret)
2417 iommu_unmap(domain, orig_iova, orig_size - size);
2418 else
2419 trace_map(orig_iova, orig_paddr, orig_size);
2420
2421 return ret;
2422 }
2423
_iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot,gfp_t gfp)2424 static int _iommu_map(struct iommu_domain *domain, unsigned long iova,
2425 phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
2426 {
2427 const struct iommu_ops *ops = domain->ops;
2428 int ret;
2429
2430 ret = __iommu_map(domain, iova, paddr, size, prot, gfp);
2431 if (ret == 0 && ops->iotlb_sync_map)
2432 ops->iotlb_sync_map(domain);
2433
2434 return ret;
2435 }
2436
iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot)2437 int iommu_map(struct iommu_domain *domain, unsigned long iova,
2438 phys_addr_t paddr, size_t size, int prot)
2439 {
2440 might_sleep();
2441 return _iommu_map(domain, iova, paddr, size, prot, GFP_KERNEL);
2442 }
2443 EXPORT_SYMBOL_GPL(iommu_map);
2444
iommu_map_atomic(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot)2445 int iommu_map_atomic(struct iommu_domain *domain, unsigned long iova,
2446 phys_addr_t paddr, size_t size, int prot)
2447 {
2448 return _iommu_map(domain, iova, paddr, size, prot, GFP_ATOMIC);
2449 }
2450 EXPORT_SYMBOL_GPL(iommu_map_atomic);
2451
__iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2452 static size_t __iommu_unmap(struct iommu_domain *domain,
2453 unsigned long iova, size_t size,
2454 struct iommu_iotlb_gather *iotlb_gather)
2455 {
2456 const struct iommu_ops *ops = domain->ops;
2457 size_t unmapped_page, unmapped = 0;
2458 unsigned long orig_iova = iova;
2459 unsigned int min_pagesz;
2460
2461 if (unlikely(ops->unmap == NULL ||
2462 domain->pgsize_bitmap == 0UL))
2463 return 0;
2464
2465 if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
2466 return 0;
2467
2468 /* find out the minimum page size supported */
2469 min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
2470
2471 /*
2472 * The virtual address, as well as the size of the mapping, must be
2473 * aligned (at least) to the size of the smallest page supported
2474 * by the hardware
2475 */
2476 if (!IS_ALIGNED(iova | size, min_pagesz)) {
2477 pr_err("unaligned: iova 0x%lx size 0x%zx min_pagesz 0x%x\n",
2478 iova, size, min_pagesz);
2479 return 0;
2480 }
2481
2482 pr_debug("unmap this: iova 0x%lx size 0x%zx\n", iova, size);
2483
2484 /*
2485 * Keep iterating until we either unmap 'size' bytes (or more)
2486 * or we hit an area that isn't mapped.
2487 */
2488 while (unmapped < size) {
2489 size_t pgsize = iommu_pgsize(domain, iova, size - unmapped);
2490
2491 unmapped_page = ops->unmap(domain, iova, pgsize, iotlb_gather);
2492 if (!unmapped_page)
2493 break;
2494
2495 pr_debug("unmapped: iova 0x%lx size 0x%zx\n",
2496 iova, unmapped_page);
2497
2498 iova += unmapped_page;
2499 unmapped += unmapped_page;
2500 }
2501
2502 trace_unmap(orig_iova, size, unmapped);
2503 return unmapped;
2504 }
2505
iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t size)2506 size_t iommu_unmap(struct iommu_domain *domain,
2507 unsigned long iova, size_t size)
2508 {
2509 struct iommu_iotlb_gather iotlb_gather;
2510 size_t ret;
2511
2512 iommu_iotlb_gather_init(&iotlb_gather);
2513 ret = __iommu_unmap(domain, iova, size, &iotlb_gather);
2514 iommu_iotlb_sync(domain, &iotlb_gather);
2515
2516 return ret;
2517 }
2518 EXPORT_SYMBOL_GPL(iommu_unmap);
2519
iommu_unmap_fast(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2520 size_t iommu_unmap_fast(struct iommu_domain *domain,
2521 unsigned long iova, size_t size,
2522 struct iommu_iotlb_gather *iotlb_gather)
2523 {
2524 return __iommu_unmap(domain, iova, size, iotlb_gather);
2525 }
2526 EXPORT_SYMBOL_GPL(iommu_unmap_fast);
2527
__iommu_map_sg(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot,gfp_t gfp)2528 static size_t __iommu_map_sg(struct iommu_domain *domain, unsigned long iova,
2529 struct scatterlist *sg, unsigned int nents, int prot,
2530 gfp_t gfp)
2531 {
2532 const struct iommu_ops *ops = domain->ops;
2533 size_t len = 0, mapped = 0;
2534 phys_addr_t start;
2535 unsigned int i = 0;
2536 int ret;
2537
2538 while (i <= nents) {
2539 phys_addr_t s_phys = sg_phys(sg);
2540
2541 if (len && s_phys != start + len) {
2542 ret = __iommu_map(domain, iova + mapped, start,
2543 len, prot, gfp);
2544
2545 if (ret)
2546 goto out_err;
2547
2548 mapped += len;
2549 len = 0;
2550 }
2551
2552 if (len) {
2553 len += sg->length;
2554 } else {
2555 len = sg->length;
2556 start = s_phys;
2557 }
2558
2559 if (++i < nents)
2560 sg = sg_next(sg);
2561 }
2562
2563 if (ops->iotlb_sync_map)
2564 ops->iotlb_sync_map(domain);
2565 return mapped;
2566
2567 out_err:
2568 /* undo mappings already done */
2569 iommu_unmap(domain, iova, mapped);
2570
2571 return 0;
2572
2573 }
2574
iommu_map_sg(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot)2575 size_t iommu_map_sg(struct iommu_domain *domain, unsigned long iova,
2576 struct scatterlist *sg, unsigned int nents, int prot)
2577 {
2578 might_sleep();
2579 return __iommu_map_sg(domain, iova, sg, nents, prot, GFP_KERNEL);
2580 }
2581 EXPORT_SYMBOL_GPL(iommu_map_sg);
2582
iommu_map_sg_atomic(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot)2583 size_t iommu_map_sg_atomic(struct iommu_domain *domain, unsigned long iova,
2584 struct scatterlist *sg, unsigned int nents, int prot)
2585 {
2586 return __iommu_map_sg(domain, iova, sg, nents, prot, GFP_ATOMIC);
2587 }
2588 EXPORT_SYMBOL_GPL(iommu_map_sg_atomic);
2589
iommu_domain_window_enable(struct iommu_domain * domain,u32 wnd_nr,phys_addr_t paddr,u64 size,int prot)2590 int iommu_domain_window_enable(struct iommu_domain *domain, u32 wnd_nr,
2591 phys_addr_t paddr, u64 size, int prot)
2592 {
2593 if (unlikely(domain->ops->domain_window_enable == NULL))
2594 return -ENODEV;
2595
2596 return domain->ops->domain_window_enable(domain, wnd_nr, paddr, size,
2597 prot);
2598 }
2599 EXPORT_SYMBOL_GPL(iommu_domain_window_enable);
2600
iommu_domain_window_disable(struct iommu_domain * domain,u32 wnd_nr)2601 void iommu_domain_window_disable(struct iommu_domain *domain, u32 wnd_nr)
2602 {
2603 if (unlikely(domain->ops->domain_window_disable == NULL))
2604 return;
2605
2606 return domain->ops->domain_window_disable(domain, wnd_nr);
2607 }
2608 EXPORT_SYMBOL_GPL(iommu_domain_window_disable);
2609
2610 /**
2611 * report_iommu_fault() - report about an IOMMU fault to the IOMMU framework
2612 * @domain: the iommu domain where the fault has happened
2613 * @dev: the device where the fault has happened
2614 * @iova: the faulting address
2615 * @flags: mmu fault flags (e.g. IOMMU_FAULT_READ/IOMMU_FAULT_WRITE/...)
2616 *
2617 * This function should be called by the low-level IOMMU implementations
2618 * whenever IOMMU faults happen, to allow high-level users, that are
2619 * interested in such events, to know about them.
2620 *
2621 * This event may be useful for several possible use cases:
2622 * - mere logging of the event
2623 * - dynamic TLB/PTE loading
2624 * - if restarting of the faulting device is required
2625 *
2626 * Returns 0 on success and an appropriate error code otherwise (if dynamic
2627 * PTE/TLB loading will one day be supported, implementations will be able
2628 * to tell whether it succeeded or not according to this return value).
2629 *
2630 * Specifically, -ENOSYS is returned if a fault handler isn't installed
2631 * (though fault handlers can also return -ENOSYS, in case they want to
2632 * elicit the default behavior of the IOMMU drivers).
2633 */
report_iommu_fault(struct iommu_domain * domain,struct device * dev,unsigned long iova,int flags)2634 int report_iommu_fault(struct iommu_domain *domain, struct device *dev,
2635 unsigned long iova, int flags)
2636 {
2637 int ret = -ENOSYS;
2638
2639 /*
2640 * if upper layers showed interest and installed a fault handler,
2641 * invoke it.
2642 */
2643 if (domain->handler)
2644 ret = domain->handler(domain, dev, iova, flags,
2645 domain->handler_token);
2646
2647 trace_io_page_fault(dev, iova, flags);
2648 return ret;
2649 }
2650 EXPORT_SYMBOL_GPL(report_iommu_fault);
2651
iommu_init(void)2652 static int __init iommu_init(void)
2653 {
2654 iommu_group_kset = kset_create_and_add("iommu_groups",
2655 NULL, kernel_kobj);
2656 BUG_ON(!iommu_group_kset);
2657
2658 iommu_debugfs_setup();
2659
2660 return 0;
2661 }
2662 core_initcall(iommu_init);
2663
iommu_domain_get_attr(struct iommu_domain * domain,enum iommu_attr attr,void * data)2664 int iommu_domain_get_attr(struct iommu_domain *domain,
2665 enum iommu_attr attr, void *data)
2666 {
2667 struct iommu_domain_geometry *geometry;
2668 bool *paging;
2669 int ret = 0;
2670
2671 switch (attr) {
2672 case DOMAIN_ATTR_GEOMETRY:
2673 geometry = data;
2674 *geometry = domain->geometry;
2675
2676 break;
2677 case DOMAIN_ATTR_PAGING:
2678 paging = data;
2679 *paging = (domain->pgsize_bitmap != 0UL);
2680 break;
2681 default:
2682 if (!domain->ops->domain_get_attr)
2683 return -EINVAL;
2684
2685 ret = domain->ops->domain_get_attr(domain, attr, data);
2686 }
2687
2688 return ret;
2689 }
2690 EXPORT_SYMBOL_GPL(iommu_domain_get_attr);
2691
iommu_domain_set_attr(struct iommu_domain * domain,enum iommu_attr attr,void * data)2692 int iommu_domain_set_attr(struct iommu_domain *domain,
2693 enum iommu_attr attr, void *data)
2694 {
2695 int ret = 0;
2696
2697 switch (attr) {
2698 default:
2699 if (domain->ops->domain_set_attr == NULL)
2700 return -EINVAL;
2701
2702 ret = domain->ops->domain_set_attr(domain, attr, data);
2703 }
2704
2705 return ret;
2706 }
2707 EXPORT_SYMBOL_GPL(iommu_domain_set_attr);
2708
iommu_get_resv_regions(struct device * dev,struct list_head * list)2709 void iommu_get_resv_regions(struct device *dev, struct list_head *list)
2710 {
2711 const struct iommu_ops *ops = dev->bus->iommu_ops;
2712
2713 if (ops && ops->get_resv_regions)
2714 ops->get_resv_regions(dev, list);
2715 }
2716
iommu_put_resv_regions(struct device * dev,struct list_head * list)2717 void iommu_put_resv_regions(struct device *dev, struct list_head *list)
2718 {
2719 const struct iommu_ops *ops = dev->bus->iommu_ops;
2720
2721 if (ops && ops->put_resv_regions)
2722 ops->put_resv_regions(dev, list);
2723 }
2724
2725 /**
2726 * generic_iommu_put_resv_regions - Reserved region driver helper
2727 * @dev: device for which to free reserved regions
2728 * @list: reserved region list for device
2729 *
2730 * IOMMU drivers can use this to implement their .put_resv_regions() callback
2731 * for simple reservations. Memory allocated for each reserved region will be
2732 * freed. If an IOMMU driver allocates additional resources per region, it is
2733 * going to have to implement a custom callback.
2734 */
generic_iommu_put_resv_regions(struct device * dev,struct list_head * list)2735 void generic_iommu_put_resv_regions(struct device *dev, struct list_head *list)
2736 {
2737 struct iommu_resv_region *entry, *next;
2738
2739 list_for_each_entry_safe(entry, next, list, list)
2740 kfree(entry);
2741 }
2742 EXPORT_SYMBOL(generic_iommu_put_resv_regions);
2743
iommu_alloc_resv_region(phys_addr_t start,size_t length,int prot,enum iommu_resv_type type)2744 struct iommu_resv_region *iommu_alloc_resv_region(phys_addr_t start,
2745 size_t length, int prot,
2746 enum iommu_resv_type type)
2747 {
2748 struct iommu_resv_region *region;
2749
2750 region = kzalloc(sizeof(*region), GFP_KERNEL);
2751 if (!region)
2752 return NULL;
2753
2754 INIT_LIST_HEAD(®ion->list);
2755 region->start = start;
2756 region->length = length;
2757 region->prot = prot;
2758 region->type = type;
2759 return region;
2760 }
2761 EXPORT_SYMBOL_GPL(iommu_alloc_resv_region);
2762
iommu_set_default_passthrough(bool cmd_line)2763 void iommu_set_default_passthrough(bool cmd_line)
2764 {
2765 if (cmd_line)
2766 iommu_set_cmd_line_dma_api();
2767
2768 iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY;
2769 }
2770
iommu_set_default_translated(bool cmd_line)2771 void iommu_set_default_translated(bool cmd_line)
2772 {
2773 if (cmd_line)
2774 iommu_set_cmd_line_dma_api();
2775
2776 iommu_def_domain_type = IOMMU_DOMAIN_DMA;
2777 }
2778
iommu_default_passthrough(void)2779 bool iommu_default_passthrough(void)
2780 {
2781 return iommu_def_domain_type == IOMMU_DOMAIN_IDENTITY;
2782 }
2783 EXPORT_SYMBOL_GPL(iommu_default_passthrough);
2784
iommu_ops_from_fwnode(struct fwnode_handle * fwnode)2785 const struct iommu_ops *iommu_ops_from_fwnode(struct fwnode_handle *fwnode)
2786 {
2787 const struct iommu_ops *ops = NULL;
2788 struct iommu_device *iommu;
2789
2790 spin_lock(&iommu_device_lock);
2791 list_for_each_entry(iommu, &iommu_device_list, list)
2792 if (iommu->fwnode == fwnode) {
2793 ops = iommu->ops;
2794 break;
2795 }
2796 spin_unlock(&iommu_device_lock);
2797 return ops;
2798 }
2799
iommu_fwspec_init(struct device * dev,struct fwnode_handle * iommu_fwnode,const struct iommu_ops * ops)2800 int iommu_fwspec_init(struct device *dev, struct fwnode_handle *iommu_fwnode,
2801 const struct iommu_ops *ops)
2802 {
2803 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2804
2805 if (fwspec)
2806 return ops == fwspec->ops ? 0 : -EINVAL;
2807
2808 if (!dev_iommu_get(dev))
2809 return -ENOMEM;
2810
2811 /* Preallocate for the overwhelmingly common case of 1 ID */
2812 fwspec = kzalloc(struct_size(fwspec, ids, 1), GFP_KERNEL);
2813 if (!fwspec)
2814 return -ENOMEM;
2815
2816 of_node_get(to_of_node(iommu_fwnode));
2817 fwspec->iommu_fwnode = iommu_fwnode;
2818 fwspec->ops = ops;
2819 dev_iommu_fwspec_set(dev, fwspec);
2820 return 0;
2821 }
2822 EXPORT_SYMBOL_GPL(iommu_fwspec_init);
2823
iommu_fwspec_free(struct device * dev)2824 void iommu_fwspec_free(struct device *dev)
2825 {
2826 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2827
2828 if (fwspec) {
2829 fwnode_handle_put(fwspec->iommu_fwnode);
2830 kfree(fwspec);
2831 dev_iommu_fwspec_set(dev, NULL);
2832 }
2833 }
2834 EXPORT_SYMBOL_GPL(iommu_fwspec_free);
2835
iommu_fwspec_add_ids(struct device * dev,u32 * ids,int num_ids)2836 int iommu_fwspec_add_ids(struct device *dev, u32 *ids, int num_ids)
2837 {
2838 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2839 int i, new_num;
2840
2841 if (!fwspec)
2842 return -EINVAL;
2843
2844 new_num = fwspec->num_ids + num_ids;
2845 if (new_num > 1) {
2846 fwspec = krealloc(fwspec, struct_size(fwspec, ids, new_num),
2847 GFP_KERNEL);
2848 if (!fwspec)
2849 return -ENOMEM;
2850
2851 dev_iommu_fwspec_set(dev, fwspec);
2852 }
2853
2854 for (i = 0; i < num_ids; i++)
2855 fwspec->ids[fwspec->num_ids + i] = ids[i];
2856
2857 fwspec->num_ids = new_num;
2858 return 0;
2859 }
2860 EXPORT_SYMBOL_GPL(iommu_fwspec_add_ids);
2861
2862 /*
2863 * Per device IOMMU features.
2864 */
iommu_dev_has_feature(struct device * dev,enum iommu_dev_features feat)2865 bool iommu_dev_has_feature(struct device *dev, enum iommu_dev_features feat)
2866 {
2867 const struct iommu_ops *ops = dev->bus->iommu_ops;
2868
2869 if (ops && ops->dev_has_feat)
2870 return ops->dev_has_feat(dev, feat);
2871
2872 return false;
2873 }
2874 EXPORT_SYMBOL_GPL(iommu_dev_has_feature);
2875
iommu_dev_enable_feature(struct device * dev,enum iommu_dev_features feat)2876 int iommu_dev_enable_feature(struct device *dev, enum iommu_dev_features feat)
2877 {
2878 if (dev->iommu && dev->iommu->iommu_dev) {
2879 const struct iommu_ops *ops = dev->iommu->iommu_dev->ops;
2880
2881 if (ops->dev_enable_feat)
2882 return ops->dev_enable_feat(dev, feat);
2883 }
2884
2885 return -ENODEV;
2886 }
2887 EXPORT_SYMBOL_GPL(iommu_dev_enable_feature);
2888
2889 /*
2890 * The device drivers should do the necessary cleanups before calling this.
2891 * For example, before disabling the aux-domain feature, the device driver
2892 * should detach all aux-domains. Otherwise, this will return -EBUSY.
2893 */
iommu_dev_disable_feature(struct device * dev,enum iommu_dev_features feat)2894 int iommu_dev_disable_feature(struct device *dev, enum iommu_dev_features feat)
2895 {
2896 if (dev->iommu && dev->iommu->iommu_dev) {
2897 const struct iommu_ops *ops = dev->iommu->iommu_dev->ops;
2898
2899 if (ops->dev_disable_feat)
2900 return ops->dev_disable_feat(dev, feat);
2901 }
2902
2903 return -EBUSY;
2904 }
2905 EXPORT_SYMBOL_GPL(iommu_dev_disable_feature);
2906
iommu_dev_feature_enabled(struct device * dev,enum iommu_dev_features feat)2907 bool iommu_dev_feature_enabled(struct device *dev, enum iommu_dev_features feat)
2908 {
2909 if (dev->iommu && dev->iommu->iommu_dev) {
2910 const struct iommu_ops *ops = dev->iommu->iommu_dev->ops;
2911
2912 if (ops->dev_feat_enabled)
2913 return ops->dev_feat_enabled(dev, feat);
2914 }
2915
2916 return false;
2917 }
2918 EXPORT_SYMBOL_GPL(iommu_dev_feature_enabled);
2919
2920 /*
2921 * Aux-domain specific attach/detach.
2922 *
2923 * Only works if iommu_dev_feature_enabled(dev, IOMMU_DEV_FEAT_AUX) returns
2924 * true. Also, as long as domains are attached to a device through this
2925 * interface, any tries to call iommu_attach_device() should fail
2926 * (iommu_detach_device() can't fail, so we fail when trying to re-attach).
2927 * This should make us safe against a device being attached to a guest as a
2928 * whole while there are still pasid users on it (aux and sva).
2929 */
iommu_aux_attach_device(struct iommu_domain * domain,struct device * dev)2930 int iommu_aux_attach_device(struct iommu_domain *domain, struct device *dev)
2931 {
2932 int ret = -ENODEV;
2933
2934 if (domain->ops->aux_attach_dev)
2935 ret = domain->ops->aux_attach_dev(domain, dev);
2936
2937 if (!ret)
2938 trace_attach_device_to_domain(dev);
2939
2940 return ret;
2941 }
2942 EXPORT_SYMBOL_GPL(iommu_aux_attach_device);
2943
iommu_aux_detach_device(struct iommu_domain * domain,struct device * dev)2944 void iommu_aux_detach_device(struct iommu_domain *domain, struct device *dev)
2945 {
2946 if (domain->ops->aux_detach_dev) {
2947 domain->ops->aux_detach_dev(domain, dev);
2948 trace_detach_device_from_domain(dev);
2949 }
2950 }
2951 EXPORT_SYMBOL_GPL(iommu_aux_detach_device);
2952
iommu_aux_get_pasid(struct iommu_domain * domain,struct device * dev)2953 int iommu_aux_get_pasid(struct iommu_domain *domain, struct device *dev)
2954 {
2955 int ret = -ENODEV;
2956
2957 if (domain->ops->aux_get_pasid)
2958 ret = domain->ops->aux_get_pasid(domain, dev);
2959
2960 return ret;
2961 }
2962 EXPORT_SYMBOL_GPL(iommu_aux_get_pasid);
2963
2964 /**
2965 * iommu_sva_bind_device() - Bind a process address space to a device
2966 * @dev: the device
2967 * @mm: the mm to bind, caller must hold a reference to it
2968 *
2969 * Create a bond between device and address space, allowing the device to access
2970 * the mm using the returned PASID. If a bond already exists between @device and
2971 * @mm, it is returned and an additional reference is taken. Caller must call
2972 * iommu_sva_unbind_device() to release each reference.
2973 *
2974 * iommu_dev_enable_feature(dev, IOMMU_DEV_FEAT_SVA) must be called first, to
2975 * initialize the required SVA features.
2976 *
2977 * On error, returns an ERR_PTR value.
2978 */
2979 struct iommu_sva *
iommu_sva_bind_device(struct device * dev,struct mm_struct * mm,void * drvdata)2980 iommu_sva_bind_device(struct device *dev, struct mm_struct *mm, void *drvdata)
2981 {
2982 struct iommu_group *group;
2983 struct iommu_sva *handle = ERR_PTR(-EINVAL);
2984 const struct iommu_ops *ops = dev->bus->iommu_ops;
2985
2986 if (!ops || !ops->sva_bind)
2987 return ERR_PTR(-ENODEV);
2988
2989 group = iommu_group_get(dev);
2990 if (!group)
2991 return ERR_PTR(-ENODEV);
2992
2993 /* Ensure device count and domain don't change while we're binding */
2994 mutex_lock(&group->mutex);
2995
2996 /*
2997 * To keep things simple, SVA currently doesn't support IOMMU groups
2998 * with more than one device. Existing SVA-capable systems are not
2999 * affected by the problems that required IOMMU groups (lack of ACS
3000 * isolation, device ID aliasing and other hardware issues).
3001 */
3002 if (iommu_group_device_count(group) != 1)
3003 goto out_unlock;
3004
3005 handle = ops->sva_bind(dev, mm, drvdata);
3006
3007 out_unlock:
3008 mutex_unlock(&group->mutex);
3009 iommu_group_put(group);
3010
3011 return handle;
3012 }
3013 EXPORT_SYMBOL_GPL(iommu_sva_bind_device);
3014
3015 /**
3016 * iommu_sva_unbind_device() - Remove a bond created with iommu_sva_bind_device
3017 * @handle: the handle returned by iommu_sva_bind_device()
3018 *
3019 * Put reference to a bond between device and address space. The device should
3020 * not be issuing any more transaction for this PASID. All outstanding page
3021 * requests for this PASID must have been flushed to the IOMMU.
3022 *
3023 * Returns 0 on success, or an error value
3024 */
iommu_sva_unbind_device(struct iommu_sva * handle)3025 void iommu_sva_unbind_device(struct iommu_sva *handle)
3026 {
3027 struct iommu_group *group;
3028 struct device *dev = handle->dev;
3029 const struct iommu_ops *ops = dev->bus->iommu_ops;
3030
3031 if (!ops || !ops->sva_unbind)
3032 return;
3033
3034 group = iommu_group_get(dev);
3035 if (!group)
3036 return;
3037
3038 mutex_lock(&group->mutex);
3039 ops->sva_unbind(handle);
3040 mutex_unlock(&group->mutex);
3041
3042 iommu_group_put(group);
3043 }
3044 EXPORT_SYMBOL_GPL(iommu_sva_unbind_device);
3045
iommu_sva_get_pasid(struct iommu_sva * handle)3046 u32 iommu_sva_get_pasid(struct iommu_sva *handle)
3047 {
3048 const struct iommu_ops *ops = handle->dev->bus->iommu_ops;
3049
3050 if (!ops || !ops->sva_get_pasid)
3051 return IOMMU_PASID_INVALID;
3052
3053 return ops->sva_get_pasid(handle);
3054 }
3055 EXPORT_SYMBOL_GPL(iommu_sva_get_pasid);
3056