1 // SPDX-License-Identifier: GPL-2.0-or-later
2 #include <linux/compat.h>
3 #include <linux/dma-mapping.h>
4 #include <linux/iommu.h>
5 #include <linux/module.h>
6 #include <linux/poll.h>
7 #include <linux/slab.h>
8 #include <linux/uacce.h>
9
10 static struct class *uacce_class;
11 static dev_t uacce_devt;
12 static DEFINE_XARRAY_ALLOC(uacce_xa);
13
14 /*
15 * If the parent driver or the device disappears, the queue state is invalid and
16 * ops are not usable anymore.
17 */
uacce_queue_is_valid(struct uacce_queue * q)18 static bool uacce_queue_is_valid(struct uacce_queue *q)
19 {
20 return q->state == UACCE_Q_INIT || q->state == UACCE_Q_STARTED;
21 }
22
uacce_start_queue(struct uacce_queue * q)23 static int uacce_start_queue(struct uacce_queue *q)
24 {
25 int ret;
26
27 if (q->state != UACCE_Q_INIT)
28 return -EINVAL;
29
30 if (q->uacce->ops->start_queue) {
31 ret = q->uacce->ops->start_queue(q);
32 if (ret < 0)
33 return ret;
34 }
35
36 q->state = UACCE_Q_STARTED;
37 return 0;
38 }
39
uacce_put_queue(struct uacce_queue * q)40 static int uacce_put_queue(struct uacce_queue *q)
41 {
42 struct uacce_device *uacce = q->uacce;
43
44 if ((q->state == UACCE_Q_STARTED) && uacce->ops->stop_queue)
45 uacce->ops->stop_queue(q);
46
47 if ((q->state == UACCE_Q_INIT || q->state == UACCE_Q_STARTED) &&
48 uacce->ops->put_queue)
49 uacce->ops->put_queue(q);
50
51 q->state = UACCE_Q_ZOMBIE;
52
53 return 0;
54 }
55
uacce_fops_unl_ioctl(struct file * filep,unsigned int cmd,unsigned long arg)56 static long uacce_fops_unl_ioctl(struct file *filep,
57 unsigned int cmd, unsigned long arg)
58 {
59 struct uacce_queue *q = filep->private_data;
60 struct uacce_device *uacce = q->uacce;
61 long ret = -ENXIO;
62
63 /*
64 * uacce->ops->ioctl() may take the mmap_lock when copying arg to/from
65 * user. Avoid a circular lock dependency with uacce_fops_mmap(), which
66 * gets called with mmap_lock held, by taking uacce->mutex instead of
67 * q->mutex. Doing this in uacce_fops_mmap() is not possible because
68 * uacce_fops_open() calls iommu_sva_bind_device(), which takes
69 * mmap_lock, while holding uacce->mutex.
70 */
71 mutex_lock(&uacce->mutex);
72 if (!uacce_queue_is_valid(q))
73 goto out_unlock;
74
75 switch (cmd) {
76 case UACCE_CMD_START_Q:
77 ret = uacce_start_queue(q);
78 break;
79 case UACCE_CMD_PUT_Q:
80 ret = uacce_put_queue(q);
81 break;
82 default:
83 if (uacce->ops->ioctl)
84 ret = uacce->ops->ioctl(q, cmd, arg);
85 else
86 ret = -EINVAL;
87 }
88 out_unlock:
89 mutex_unlock(&uacce->mutex);
90 return ret;
91 }
92
93 #ifdef CONFIG_COMPAT
uacce_fops_compat_ioctl(struct file * filep,unsigned int cmd,unsigned long arg)94 static long uacce_fops_compat_ioctl(struct file *filep,
95 unsigned int cmd, unsigned long arg)
96 {
97 arg = (unsigned long)compat_ptr(arg);
98
99 return uacce_fops_unl_ioctl(filep, cmd, arg);
100 }
101 #endif
102
uacce_bind_queue(struct uacce_device * uacce,struct uacce_queue * q)103 static int uacce_bind_queue(struct uacce_device *uacce, struct uacce_queue *q)
104 {
105 u32 pasid;
106 struct iommu_sva *handle;
107
108 if (!(uacce->flags & UACCE_DEV_SVA))
109 return 0;
110
111 handle = iommu_sva_bind_device(uacce->parent, current->mm, NULL);
112 if (IS_ERR(handle))
113 return PTR_ERR(handle);
114
115 pasid = iommu_sva_get_pasid(handle);
116 if (pasid == IOMMU_PASID_INVALID) {
117 iommu_sva_unbind_device(handle);
118 return -ENODEV;
119 }
120
121 q->handle = handle;
122 q->pasid = pasid;
123 return 0;
124 }
125
uacce_unbind_queue(struct uacce_queue * q)126 static void uacce_unbind_queue(struct uacce_queue *q)
127 {
128 if (!q->handle)
129 return;
130 iommu_sva_unbind_device(q->handle);
131 q->handle = NULL;
132 }
133
uacce_fops_open(struct inode * inode,struct file * filep)134 static int uacce_fops_open(struct inode *inode, struct file *filep)
135 {
136 struct uacce_device *uacce;
137 struct uacce_queue *q;
138 int ret = 0;
139
140 uacce = xa_load(&uacce_xa, iminor(inode));
141 if (!uacce)
142 return -ENODEV;
143
144 q = kzalloc(sizeof(struct uacce_queue), GFP_KERNEL);
145 if (!q)
146 return -ENOMEM;
147
148 mutex_lock(&uacce->mutex);
149
150 if (!uacce->parent) {
151 ret = -EINVAL;
152 goto out_with_mem;
153 }
154
155 ret = uacce_bind_queue(uacce, q);
156 if (ret)
157 goto out_with_mem;
158
159 q->uacce = uacce;
160
161 if (uacce->ops->get_queue) {
162 ret = uacce->ops->get_queue(uacce, q->pasid, q);
163 if (ret < 0)
164 goto out_with_bond;
165 }
166
167 init_waitqueue_head(&q->wait);
168 filep->private_data = q;
169 uacce->inode = inode;
170 q->state = UACCE_Q_INIT;
171 mutex_init(&q->mutex);
172 list_add(&q->list, &uacce->queues);
173 mutex_unlock(&uacce->mutex);
174
175 return 0;
176
177 out_with_bond:
178 uacce_unbind_queue(q);
179 out_with_mem:
180 kfree(q);
181 mutex_unlock(&uacce->mutex);
182 return ret;
183 }
184
uacce_fops_release(struct inode * inode,struct file * filep)185 static int uacce_fops_release(struct inode *inode, struct file *filep)
186 {
187 struct uacce_queue *q = filep->private_data;
188 struct uacce_device *uacce = q->uacce;
189
190 mutex_lock(&uacce->mutex);
191 uacce_put_queue(q);
192 uacce_unbind_queue(q);
193 list_del(&q->list);
194 mutex_unlock(&uacce->mutex);
195 kfree(q);
196
197 return 0;
198 }
199
uacce_vma_close(struct vm_area_struct * vma)200 static void uacce_vma_close(struct vm_area_struct *vma)
201 {
202 struct uacce_queue *q = vma->vm_private_data;
203 struct uacce_qfile_region *qfr = NULL;
204
205 if (vma->vm_pgoff < UACCE_MAX_REGION)
206 qfr = q->qfrs[vma->vm_pgoff];
207
208 kfree(qfr);
209 }
210
211 static const struct vm_operations_struct uacce_vm_ops = {
212 .close = uacce_vma_close,
213 };
214
uacce_fops_mmap(struct file * filep,struct vm_area_struct * vma)215 static int uacce_fops_mmap(struct file *filep, struct vm_area_struct *vma)
216 {
217 struct uacce_queue *q = filep->private_data;
218 struct uacce_device *uacce = q->uacce;
219 struct uacce_qfile_region *qfr;
220 enum uacce_qfrt type = UACCE_MAX_REGION;
221 int ret = 0;
222
223 if (vma->vm_pgoff < UACCE_MAX_REGION)
224 type = vma->vm_pgoff;
225 else
226 return -EINVAL;
227
228 qfr = kzalloc(sizeof(*qfr), GFP_KERNEL);
229 if (!qfr)
230 return -ENOMEM;
231
232 vma->vm_flags |= VM_DONTCOPY | VM_DONTEXPAND | VM_WIPEONFORK;
233 vma->vm_ops = &uacce_vm_ops;
234 vma->vm_private_data = q;
235 qfr->type = type;
236
237 mutex_lock(&q->mutex);
238 if (!uacce_queue_is_valid(q)) {
239 ret = -ENXIO;
240 goto out_with_lock;
241 }
242
243 if (q->qfrs[type]) {
244 ret = -EEXIST;
245 goto out_with_lock;
246 }
247
248 switch (type) {
249 case UACCE_QFRT_MMIO:
250 if (!uacce->ops->mmap) {
251 ret = -EINVAL;
252 goto out_with_lock;
253 }
254
255 ret = uacce->ops->mmap(q, vma, qfr);
256 if (ret)
257 goto out_with_lock;
258
259 break;
260
261 case UACCE_QFRT_DUS:
262 if (!uacce->ops->mmap) {
263 ret = -EINVAL;
264 goto out_with_lock;
265 }
266
267 ret = uacce->ops->mmap(q, vma, qfr);
268 if (ret)
269 goto out_with_lock;
270 break;
271
272 default:
273 ret = -EINVAL;
274 goto out_with_lock;
275 }
276
277 q->qfrs[type] = qfr;
278 mutex_unlock(&q->mutex);
279
280 return ret;
281
282 out_with_lock:
283 mutex_unlock(&q->mutex);
284 kfree(qfr);
285 return ret;
286 }
287
uacce_fops_poll(struct file * file,poll_table * wait)288 static __poll_t uacce_fops_poll(struct file *file, poll_table *wait)
289 {
290 struct uacce_queue *q = file->private_data;
291 struct uacce_device *uacce = q->uacce;
292 __poll_t ret = 0;
293
294 mutex_lock(&q->mutex);
295 if (!uacce_queue_is_valid(q))
296 goto out_unlock;
297
298 poll_wait(file, &q->wait, wait);
299
300 if (uacce->ops->is_q_updated && uacce->ops->is_q_updated(q))
301 ret = EPOLLIN | EPOLLRDNORM;
302
303 out_unlock:
304 mutex_unlock(&q->mutex);
305 return ret;
306 }
307
308 static const struct file_operations uacce_fops = {
309 .owner = THIS_MODULE,
310 .open = uacce_fops_open,
311 .release = uacce_fops_release,
312 .unlocked_ioctl = uacce_fops_unl_ioctl,
313 #ifdef CONFIG_COMPAT
314 .compat_ioctl = uacce_fops_compat_ioctl,
315 #endif
316 .mmap = uacce_fops_mmap,
317 .poll = uacce_fops_poll,
318 };
319
320 #define to_uacce_device(dev) container_of(dev, struct uacce_device, dev)
321
api_show(struct device * dev,struct device_attribute * attr,char * buf)322 static ssize_t api_show(struct device *dev,
323 struct device_attribute *attr, char *buf)
324 {
325 struct uacce_device *uacce = to_uacce_device(dev);
326
327 return sprintf(buf, "%s\n", uacce->api_ver);
328 }
329
flags_show(struct device * dev,struct device_attribute * attr,char * buf)330 static ssize_t flags_show(struct device *dev,
331 struct device_attribute *attr, char *buf)
332 {
333 struct uacce_device *uacce = to_uacce_device(dev);
334
335 return sprintf(buf, "%u\n", uacce->flags);
336 }
337
available_instances_show(struct device * dev,struct device_attribute * attr,char * buf)338 static ssize_t available_instances_show(struct device *dev,
339 struct device_attribute *attr,
340 char *buf)
341 {
342 struct uacce_device *uacce = to_uacce_device(dev);
343
344 if (!uacce->ops->get_available_instances)
345 return -ENODEV;
346
347 return sprintf(buf, "%d\n",
348 uacce->ops->get_available_instances(uacce));
349 }
350
algorithms_show(struct device * dev,struct device_attribute * attr,char * buf)351 static ssize_t algorithms_show(struct device *dev,
352 struct device_attribute *attr, char *buf)
353 {
354 struct uacce_device *uacce = to_uacce_device(dev);
355
356 return sprintf(buf, "%s\n", uacce->algs);
357 }
358
region_mmio_size_show(struct device * dev,struct device_attribute * attr,char * buf)359 static ssize_t region_mmio_size_show(struct device *dev,
360 struct device_attribute *attr, char *buf)
361 {
362 struct uacce_device *uacce = to_uacce_device(dev);
363
364 return sprintf(buf, "%lu\n",
365 uacce->qf_pg_num[UACCE_QFRT_MMIO] << PAGE_SHIFT);
366 }
367
region_dus_size_show(struct device * dev,struct device_attribute * attr,char * buf)368 static ssize_t region_dus_size_show(struct device *dev,
369 struct device_attribute *attr, char *buf)
370 {
371 struct uacce_device *uacce = to_uacce_device(dev);
372
373 return sprintf(buf, "%lu\n",
374 uacce->qf_pg_num[UACCE_QFRT_DUS] << PAGE_SHIFT);
375 }
376
377 static DEVICE_ATTR_RO(api);
378 static DEVICE_ATTR_RO(flags);
379 static DEVICE_ATTR_RO(available_instances);
380 static DEVICE_ATTR_RO(algorithms);
381 static DEVICE_ATTR_RO(region_mmio_size);
382 static DEVICE_ATTR_RO(region_dus_size);
383
384 static struct attribute *uacce_dev_attrs[] = {
385 &dev_attr_api.attr,
386 &dev_attr_flags.attr,
387 &dev_attr_available_instances.attr,
388 &dev_attr_algorithms.attr,
389 &dev_attr_region_mmio_size.attr,
390 &dev_attr_region_dus_size.attr,
391 NULL,
392 };
393
uacce_dev_is_visible(struct kobject * kobj,struct attribute * attr,int n)394 static umode_t uacce_dev_is_visible(struct kobject *kobj,
395 struct attribute *attr, int n)
396 {
397 struct device *dev = kobj_to_dev(kobj);
398 struct uacce_device *uacce = to_uacce_device(dev);
399
400 if (((attr == &dev_attr_region_mmio_size.attr) &&
401 (!uacce->qf_pg_num[UACCE_QFRT_MMIO])) ||
402 ((attr == &dev_attr_region_dus_size.attr) &&
403 (!uacce->qf_pg_num[UACCE_QFRT_DUS])))
404 return 0;
405
406 return attr->mode;
407 }
408
409 static struct attribute_group uacce_dev_group = {
410 .is_visible = uacce_dev_is_visible,
411 .attrs = uacce_dev_attrs,
412 };
413
414 __ATTRIBUTE_GROUPS(uacce_dev);
415
uacce_release(struct device * dev)416 static void uacce_release(struct device *dev)
417 {
418 struct uacce_device *uacce = to_uacce_device(dev);
419
420 kfree(uacce);
421 }
422
423 /**
424 * uacce_alloc() - alloc an accelerator
425 * @parent: pointer of uacce parent device
426 * @interface: pointer of uacce_interface for register
427 *
428 * Returns uacce pointer if success and ERR_PTR if not
429 * Need check returned negotiated uacce->flags
430 */
uacce_alloc(struct device * parent,struct uacce_interface * interface)431 struct uacce_device *uacce_alloc(struct device *parent,
432 struct uacce_interface *interface)
433 {
434 unsigned int flags = interface->flags;
435 struct uacce_device *uacce;
436 int ret;
437
438 uacce = kzalloc(sizeof(struct uacce_device), GFP_KERNEL);
439 if (!uacce)
440 return ERR_PTR(-ENOMEM);
441
442 if (flags & UACCE_DEV_SVA) {
443 ret = iommu_dev_enable_feature(parent, IOMMU_DEV_FEAT_SVA);
444 if (ret)
445 flags &= ~UACCE_DEV_SVA;
446 }
447
448 uacce->parent = parent;
449 uacce->flags = flags;
450 uacce->ops = interface->ops;
451
452 ret = xa_alloc(&uacce_xa, &uacce->dev_id, uacce, xa_limit_32b,
453 GFP_KERNEL);
454 if (ret < 0)
455 goto err_with_uacce;
456
457 INIT_LIST_HEAD(&uacce->queues);
458 mutex_init(&uacce->mutex);
459 device_initialize(&uacce->dev);
460 uacce->dev.devt = MKDEV(MAJOR(uacce_devt), uacce->dev_id);
461 uacce->dev.class = uacce_class;
462 uacce->dev.groups = uacce_dev_groups;
463 uacce->dev.parent = uacce->parent;
464 uacce->dev.release = uacce_release;
465 dev_set_name(&uacce->dev, "%s-%d", interface->name, uacce->dev_id);
466
467 return uacce;
468
469 err_with_uacce:
470 if (flags & UACCE_DEV_SVA)
471 iommu_dev_disable_feature(uacce->parent, IOMMU_DEV_FEAT_SVA);
472 kfree(uacce);
473 return ERR_PTR(ret);
474 }
475 EXPORT_SYMBOL_GPL(uacce_alloc);
476
477 /**
478 * uacce_register() - add the accelerator to cdev and export to user space
479 * @uacce: The initialized uacce device
480 *
481 * Return 0 if register succeeded, or an error.
482 */
uacce_register(struct uacce_device * uacce)483 int uacce_register(struct uacce_device *uacce)
484 {
485 if (!uacce)
486 return -ENODEV;
487
488 uacce->cdev = cdev_alloc();
489 if (!uacce->cdev)
490 return -ENOMEM;
491
492 uacce->cdev->ops = &uacce_fops;
493 uacce->cdev->owner = THIS_MODULE;
494
495 return cdev_device_add(uacce->cdev, &uacce->dev);
496 }
497 EXPORT_SYMBOL_GPL(uacce_register);
498
499 /**
500 * uacce_remove() - remove the accelerator
501 * @uacce: the accelerator to remove
502 */
uacce_remove(struct uacce_device * uacce)503 void uacce_remove(struct uacce_device *uacce)
504 {
505 struct uacce_queue *q, *next_q;
506
507 if (!uacce)
508 return;
509 /*
510 * unmap remaining mapping from user space, preventing user still
511 * access the mmaped area while parent device is already removed
512 */
513 if (uacce->inode)
514 unmap_mapping_range(uacce->inode->i_mapping, 0, 0, 1);
515
516 /*
517 * uacce_fops_open() may be running concurrently, even after we remove
518 * the cdev. Holding uacce->mutex ensures that open() does not obtain a
519 * removed uacce device.
520 */
521 mutex_lock(&uacce->mutex);
522 /* ensure no open queue remains */
523 list_for_each_entry_safe(q, next_q, &uacce->queues, list) {
524 /*
525 * Taking q->mutex ensures that fops do not use the defunct
526 * uacce->ops after the queue is disabled.
527 */
528 mutex_lock(&q->mutex);
529 uacce_put_queue(q);
530 mutex_unlock(&q->mutex);
531 uacce_unbind_queue(q);
532 }
533
534 /* disable sva now since no opened queues */
535 if (uacce->flags & UACCE_DEV_SVA)
536 iommu_dev_disable_feature(uacce->parent, IOMMU_DEV_FEAT_SVA);
537
538 if (uacce->cdev)
539 cdev_device_del(uacce->cdev, &uacce->dev);
540 xa_erase(&uacce_xa, uacce->dev_id);
541 /*
542 * uacce exists as long as there are open fds, but ops will be freed
543 * now. Ensure that bugs cause NULL deref rather than use-after-free.
544 */
545 uacce->ops = NULL;
546 uacce->parent = NULL;
547 mutex_unlock(&uacce->mutex);
548 put_device(&uacce->dev);
549 }
550 EXPORT_SYMBOL_GPL(uacce_remove);
551
uacce_init(void)552 static int __init uacce_init(void)
553 {
554 int ret;
555
556 uacce_class = class_create(THIS_MODULE, UACCE_NAME);
557 if (IS_ERR(uacce_class))
558 return PTR_ERR(uacce_class);
559
560 ret = alloc_chrdev_region(&uacce_devt, 0, MINORMASK, UACCE_NAME);
561 if (ret)
562 class_destroy(uacce_class);
563
564 return ret;
565 }
566
uacce_exit(void)567 static __exit void uacce_exit(void)
568 {
569 unregister_chrdev_region(uacce_devt, MINORMASK);
570 class_destroy(uacce_class);
571 }
572
573 subsys_initcall(uacce_init);
574 module_exit(uacce_exit);
575
576 MODULE_LICENSE("GPL");
577 MODULE_AUTHOR("Hisilicon Tech. Co., Ltd.");
578 MODULE_DESCRIPTION("Accelerator interface for Userland applications");
579