1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (C) 2007-2008 Advanced Micro Devices, Inc.
4 * Author: Joerg Roedel <jroedel@suse.de>
5 */
6
7 #define pr_fmt(fmt) "iommu: " fmt
8
9 #include <linux/device.h>
10 #include <linux/kernel.h>
11 #include <linux/bits.h>
12 #include <linux/bug.h>
13 #include <linux/types.h>
14 #include <linux/init.h>
15 #include <linux/export.h>
16 #include <linux/slab.h>
17 #include <linux/errno.h>
18 #include <linux/iommu.h>
19 #include <linux/idr.h>
20 #include <linux/notifier.h>
21 #include <linux/err.h>
22 #include <linux/pci.h>
23 #include <linux/bitops.h>
24 #include <linux/property.h>
25 #include <linux/fsl/mc.h>
26 #include <linux/module.h>
27 #include <trace/events/iommu.h>
28
29 static struct kset *iommu_group_kset;
30 static DEFINE_IDA(iommu_group_ida);
31
32 static unsigned int iommu_def_domain_type __read_mostly;
33 static bool iommu_dma_strict __read_mostly = true;
34 static u32 iommu_cmd_line __read_mostly;
35
36 struct iommu_group {
37 struct kobject kobj;
38 struct kobject *devices_kobj;
39 struct list_head devices;
40 struct mutex mutex;
41 struct blocking_notifier_head notifier;
42 void *iommu_data;
43 void (*iommu_data_release)(void *iommu_data);
44 char *name;
45 int id;
46 struct iommu_domain *default_domain;
47 struct iommu_domain *domain;
48 struct list_head entry;
49 };
50
51 struct group_device {
52 struct list_head list;
53 struct device *dev;
54 char *name;
55 };
56
57 struct iommu_group_attribute {
58 struct attribute attr;
59 ssize_t (*show)(struct iommu_group *group, char *buf);
60 ssize_t (*store)(struct iommu_group *group,
61 const char *buf, size_t count);
62 };
63
64 static const char * const iommu_group_resv_type_string[] = {
65 [IOMMU_RESV_DIRECT] = "direct",
66 [IOMMU_RESV_DIRECT_RELAXABLE] = "direct-relaxable",
67 [IOMMU_RESV_RESERVED] = "reserved",
68 [IOMMU_RESV_MSI] = "msi",
69 [IOMMU_RESV_SW_MSI] = "msi",
70 };
71
72 #define IOMMU_CMD_LINE_DMA_API BIT(0)
73
iommu_set_cmd_line_dma_api(void)74 static void iommu_set_cmd_line_dma_api(void)
75 {
76 iommu_cmd_line |= IOMMU_CMD_LINE_DMA_API;
77 }
78
iommu_cmd_line_dma_api(void)79 static bool iommu_cmd_line_dma_api(void)
80 {
81 return !!(iommu_cmd_line & IOMMU_CMD_LINE_DMA_API);
82 }
83
84 static int iommu_alloc_default_domain(struct iommu_group *group,
85 struct device *dev);
86 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
87 unsigned type);
88 static int __iommu_attach_device(struct iommu_domain *domain,
89 struct device *dev);
90 static int __iommu_attach_group(struct iommu_domain *domain,
91 struct iommu_group *group);
92 static void __iommu_detach_group(struct iommu_domain *domain,
93 struct iommu_group *group);
94 static int iommu_create_device_direct_mappings(struct iommu_group *group,
95 struct device *dev);
96 static struct iommu_group *iommu_group_get_for_dev(struct device *dev);
97
98 #define IOMMU_GROUP_ATTR(_name, _mode, _show, _store) \
99 struct iommu_group_attribute iommu_group_attr_##_name = \
100 __ATTR(_name, _mode, _show, _store)
101
102 #define to_iommu_group_attr(_attr) \
103 container_of(_attr, struct iommu_group_attribute, attr)
104 #define to_iommu_group(_kobj) \
105 container_of(_kobj, struct iommu_group, kobj)
106
107 static LIST_HEAD(iommu_device_list);
108 static DEFINE_SPINLOCK(iommu_device_lock);
109
110 /*
111 * Use a function instead of an array here because the domain-type is a
112 * bit-field, so an array would waste memory.
113 */
iommu_domain_type_str(unsigned int t)114 static const char *iommu_domain_type_str(unsigned int t)
115 {
116 switch (t) {
117 case IOMMU_DOMAIN_BLOCKED:
118 return "Blocked";
119 case IOMMU_DOMAIN_IDENTITY:
120 return "Passthrough";
121 case IOMMU_DOMAIN_UNMANAGED:
122 return "Unmanaged";
123 case IOMMU_DOMAIN_DMA:
124 return "Translated";
125 default:
126 return "Unknown";
127 }
128 }
129
iommu_subsys_init(void)130 static int __init iommu_subsys_init(void)
131 {
132 bool cmd_line = iommu_cmd_line_dma_api();
133
134 if (!cmd_line) {
135 if (IS_ENABLED(CONFIG_IOMMU_DEFAULT_PASSTHROUGH))
136 iommu_set_default_passthrough(false);
137 else
138 iommu_set_default_translated(false);
139
140 if (iommu_default_passthrough() && mem_encrypt_active()) {
141 pr_info("Memory encryption detected - Disabling default IOMMU Passthrough\n");
142 iommu_set_default_translated(false);
143 }
144 }
145
146 pr_info("Default domain type: %s %s\n",
147 iommu_domain_type_str(iommu_def_domain_type),
148 cmd_line ? "(set via kernel command line)" : "");
149
150 return 0;
151 }
152 subsys_initcall(iommu_subsys_init);
153
iommu_device_register(struct iommu_device * iommu)154 int iommu_device_register(struct iommu_device *iommu)
155 {
156 spin_lock(&iommu_device_lock);
157 list_add_tail(&iommu->list, &iommu_device_list);
158 spin_unlock(&iommu_device_lock);
159 return 0;
160 }
161 EXPORT_SYMBOL_GPL(iommu_device_register);
162
iommu_device_unregister(struct iommu_device * iommu)163 void iommu_device_unregister(struct iommu_device *iommu)
164 {
165 spin_lock(&iommu_device_lock);
166 list_del(&iommu->list);
167 spin_unlock(&iommu_device_lock);
168 }
169 EXPORT_SYMBOL_GPL(iommu_device_unregister);
170
dev_iommu_get(struct device * dev)171 static struct dev_iommu *dev_iommu_get(struct device *dev)
172 {
173 struct dev_iommu *param = dev->iommu;
174
175 if (param)
176 return param;
177
178 param = kzalloc(sizeof(*param), GFP_KERNEL);
179 if (!param)
180 return NULL;
181
182 mutex_init(¶m->lock);
183 dev->iommu = param;
184 return param;
185 }
186
dev_iommu_free(struct device * dev)187 static void dev_iommu_free(struct device *dev)
188 {
189 struct dev_iommu *param = dev->iommu;
190
191 dev->iommu = NULL;
192 if (param->fwspec) {
193 fwnode_handle_put(param->fwspec->iommu_fwnode);
194 kfree(param->fwspec);
195 }
196 kfree(param);
197 }
198
__iommu_probe_device(struct device * dev,struct list_head * group_list)199 static int __iommu_probe_device(struct device *dev, struct list_head *group_list)
200 {
201 const struct iommu_ops *ops = dev->bus->iommu_ops;
202 struct iommu_device *iommu_dev;
203 struct iommu_group *group;
204 static DEFINE_MUTEX(iommu_probe_device_lock);
205 int ret;
206
207 if (!ops)
208 return -ENODEV;
209 /*
210 * Serialise to avoid races between IOMMU drivers registering in
211 * parallel and/or the "replay" calls from ACPI/OF code via client
212 * driver probe. Once the latter have been cleaned up we should
213 * probably be able to use device_lock() here to minimise the scope,
214 * but for now enforcing a simple global ordering is fine.
215 */
216 mutex_lock(&iommu_probe_device_lock);
217 if (!dev_iommu_get(dev)) {
218 ret = -ENOMEM;
219 goto err_unlock;
220 }
221
222 if (!try_module_get(ops->owner)) {
223 ret = -EINVAL;
224 goto err_free;
225 }
226
227 iommu_dev = ops->probe_device(dev);
228 if (IS_ERR(iommu_dev)) {
229 ret = PTR_ERR(iommu_dev);
230 goto out_module_put;
231 }
232
233 dev->iommu->iommu_dev = iommu_dev;
234
235 group = iommu_group_get_for_dev(dev);
236 if (IS_ERR(group)) {
237 ret = PTR_ERR(group);
238 goto out_release;
239 }
240
241 mutex_lock(&group->mutex);
242 if (group_list && !group->default_domain && list_empty(&group->entry))
243 list_add_tail(&group->entry, group_list);
244 mutex_unlock(&group->mutex);
245 iommu_group_put(group);
246
247 mutex_unlock(&iommu_probe_device_lock);
248 iommu_device_link(iommu_dev, dev);
249
250 return 0;
251
252 out_release:
253 ops->release_device(dev);
254
255 out_module_put:
256 module_put(ops->owner);
257
258 err_free:
259 dev_iommu_free(dev);
260
261 err_unlock:
262 mutex_unlock(&iommu_probe_device_lock);
263
264 return ret;
265 }
266
iommu_probe_device(struct device * dev)267 int iommu_probe_device(struct device *dev)
268 {
269 const struct iommu_ops *ops = dev->bus->iommu_ops;
270 struct iommu_group *group;
271 int ret;
272
273 ret = __iommu_probe_device(dev, NULL);
274 if (ret)
275 goto err_out;
276
277 group = iommu_group_get(dev);
278 if (!group)
279 goto err_release;
280
281 /*
282 * Try to allocate a default domain - needs support from the
283 * IOMMU driver. There are still some drivers which don't
284 * support default domains, so the return value is not yet
285 * checked.
286 */
287 mutex_lock(&group->mutex);
288 iommu_alloc_default_domain(group, dev);
289
290 if (group->default_domain) {
291 ret = __iommu_attach_device(group->default_domain, dev);
292 if (ret) {
293 mutex_unlock(&group->mutex);
294 iommu_group_put(group);
295 goto err_release;
296 }
297 }
298
299 iommu_create_device_direct_mappings(group, dev);
300
301 mutex_unlock(&group->mutex);
302 iommu_group_put(group);
303
304 if (ops->probe_finalize)
305 ops->probe_finalize(dev);
306
307 return 0;
308
309 err_release:
310 iommu_release_device(dev);
311
312 err_out:
313 return ret;
314
315 }
316
iommu_release_device(struct device * dev)317 void iommu_release_device(struct device *dev)
318 {
319 const struct iommu_ops *ops = dev->bus->iommu_ops;
320
321 if (!dev->iommu)
322 return;
323
324 iommu_device_unlink(dev->iommu->iommu_dev, dev);
325
326 ops->release_device(dev);
327
328 iommu_group_remove_device(dev);
329 module_put(ops->owner);
330 dev_iommu_free(dev);
331 }
332
iommu_set_def_domain_type(char * str)333 static int __init iommu_set_def_domain_type(char *str)
334 {
335 bool pt;
336 int ret;
337
338 ret = kstrtobool(str, &pt);
339 if (ret)
340 return ret;
341
342 if (pt)
343 iommu_set_default_passthrough(true);
344 else
345 iommu_set_default_translated(true);
346
347 return 0;
348 }
349 early_param("iommu.passthrough", iommu_set_def_domain_type);
350
iommu_dma_setup(char * str)351 static int __init iommu_dma_setup(char *str)
352 {
353 return kstrtobool(str, &iommu_dma_strict);
354 }
355 early_param("iommu.strict", iommu_dma_setup);
356
iommu_group_attr_show(struct kobject * kobj,struct attribute * __attr,char * buf)357 static ssize_t iommu_group_attr_show(struct kobject *kobj,
358 struct attribute *__attr, char *buf)
359 {
360 struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
361 struct iommu_group *group = to_iommu_group(kobj);
362 ssize_t ret = -EIO;
363
364 if (attr->show)
365 ret = attr->show(group, buf);
366 return ret;
367 }
368
iommu_group_attr_store(struct kobject * kobj,struct attribute * __attr,const char * buf,size_t count)369 static ssize_t iommu_group_attr_store(struct kobject *kobj,
370 struct attribute *__attr,
371 const char *buf, size_t count)
372 {
373 struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
374 struct iommu_group *group = to_iommu_group(kobj);
375 ssize_t ret = -EIO;
376
377 if (attr->store)
378 ret = attr->store(group, buf, count);
379 return ret;
380 }
381
382 static const struct sysfs_ops iommu_group_sysfs_ops = {
383 .show = iommu_group_attr_show,
384 .store = iommu_group_attr_store,
385 };
386
iommu_group_create_file(struct iommu_group * group,struct iommu_group_attribute * attr)387 static int iommu_group_create_file(struct iommu_group *group,
388 struct iommu_group_attribute *attr)
389 {
390 return sysfs_create_file(&group->kobj, &attr->attr);
391 }
392
iommu_group_remove_file(struct iommu_group * group,struct iommu_group_attribute * attr)393 static void iommu_group_remove_file(struct iommu_group *group,
394 struct iommu_group_attribute *attr)
395 {
396 sysfs_remove_file(&group->kobj, &attr->attr);
397 }
398
iommu_group_show_name(struct iommu_group * group,char * buf)399 static ssize_t iommu_group_show_name(struct iommu_group *group, char *buf)
400 {
401 return sprintf(buf, "%s\n", group->name);
402 }
403
404 /**
405 * iommu_insert_resv_region - Insert a new region in the
406 * list of reserved regions.
407 * @new: new region to insert
408 * @regions: list of regions
409 *
410 * Elements are sorted by start address and overlapping segments
411 * of the same type are merged.
412 */
iommu_insert_resv_region(struct iommu_resv_region * new,struct list_head * regions)413 static int iommu_insert_resv_region(struct iommu_resv_region *new,
414 struct list_head *regions)
415 {
416 struct iommu_resv_region *iter, *tmp, *nr, *top;
417 LIST_HEAD(stack);
418
419 nr = iommu_alloc_resv_region(new->start, new->length,
420 new->prot, new->type);
421 if (!nr)
422 return -ENOMEM;
423
424 /* First add the new element based on start address sorting */
425 list_for_each_entry(iter, regions, list) {
426 if (nr->start < iter->start ||
427 (nr->start == iter->start && nr->type <= iter->type))
428 break;
429 }
430 list_add_tail(&nr->list, &iter->list);
431
432 /* Merge overlapping segments of type nr->type in @regions, if any */
433 list_for_each_entry_safe(iter, tmp, regions, list) {
434 phys_addr_t top_end, iter_end = iter->start + iter->length - 1;
435
436 /* no merge needed on elements of different types than @new */
437 if (iter->type != new->type) {
438 list_move_tail(&iter->list, &stack);
439 continue;
440 }
441
442 /* look for the last stack element of same type as @iter */
443 list_for_each_entry_reverse(top, &stack, list)
444 if (top->type == iter->type)
445 goto check_overlap;
446
447 list_move_tail(&iter->list, &stack);
448 continue;
449
450 check_overlap:
451 top_end = top->start + top->length - 1;
452
453 if (iter->start > top_end + 1) {
454 list_move_tail(&iter->list, &stack);
455 } else {
456 top->length = max(top_end, iter_end) - top->start + 1;
457 list_del(&iter->list);
458 kfree(iter);
459 }
460 }
461 list_splice(&stack, regions);
462 return 0;
463 }
464
465 static int
iommu_insert_device_resv_regions(struct list_head * dev_resv_regions,struct list_head * group_resv_regions)466 iommu_insert_device_resv_regions(struct list_head *dev_resv_regions,
467 struct list_head *group_resv_regions)
468 {
469 struct iommu_resv_region *entry;
470 int ret = 0;
471
472 list_for_each_entry(entry, dev_resv_regions, list) {
473 ret = iommu_insert_resv_region(entry, group_resv_regions);
474 if (ret)
475 break;
476 }
477 return ret;
478 }
479
iommu_get_group_resv_regions(struct iommu_group * group,struct list_head * head)480 int iommu_get_group_resv_regions(struct iommu_group *group,
481 struct list_head *head)
482 {
483 struct group_device *device;
484 int ret = 0;
485
486 mutex_lock(&group->mutex);
487 list_for_each_entry(device, &group->devices, list) {
488 struct list_head dev_resv_regions;
489
490 INIT_LIST_HEAD(&dev_resv_regions);
491 iommu_get_resv_regions(device->dev, &dev_resv_regions);
492 ret = iommu_insert_device_resv_regions(&dev_resv_regions, head);
493 iommu_put_resv_regions(device->dev, &dev_resv_regions);
494 if (ret)
495 break;
496 }
497 mutex_unlock(&group->mutex);
498 return ret;
499 }
500 EXPORT_SYMBOL_GPL(iommu_get_group_resv_regions);
501
iommu_group_show_resv_regions(struct iommu_group * group,char * buf)502 static ssize_t iommu_group_show_resv_regions(struct iommu_group *group,
503 char *buf)
504 {
505 struct iommu_resv_region *region, *next;
506 struct list_head group_resv_regions;
507 char *str = buf;
508
509 INIT_LIST_HEAD(&group_resv_regions);
510 iommu_get_group_resv_regions(group, &group_resv_regions);
511
512 list_for_each_entry_safe(region, next, &group_resv_regions, list) {
513 str += sprintf(str, "0x%016llx 0x%016llx %s\n",
514 (long long int)region->start,
515 (long long int)(region->start +
516 region->length - 1),
517 iommu_group_resv_type_string[region->type]);
518 kfree(region);
519 }
520
521 return (str - buf);
522 }
523
iommu_group_show_type(struct iommu_group * group,char * buf)524 static ssize_t iommu_group_show_type(struct iommu_group *group,
525 char *buf)
526 {
527 char *type = "unknown\n";
528
529 if (group->default_domain) {
530 switch (group->default_domain->type) {
531 case IOMMU_DOMAIN_BLOCKED:
532 type = "blocked\n";
533 break;
534 case IOMMU_DOMAIN_IDENTITY:
535 type = "identity\n";
536 break;
537 case IOMMU_DOMAIN_UNMANAGED:
538 type = "unmanaged\n";
539 break;
540 case IOMMU_DOMAIN_DMA:
541 type = "DMA\n";
542 break;
543 }
544 }
545 strcpy(buf, type);
546
547 return strlen(type);
548 }
549
550 static IOMMU_GROUP_ATTR(name, S_IRUGO, iommu_group_show_name, NULL);
551
552 static IOMMU_GROUP_ATTR(reserved_regions, 0444,
553 iommu_group_show_resv_regions, NULL);
554
555 static IOMMU_GROUP_ATTR(type, 0444, iommu_group_show_type, NULL);
556
iommu_group_release(struct kobject * kobj)557 static void iommu_group_release(struct kobject *kobj)
558 {
559 struct iommu_group *group = to_iommu_group(kobj);
560
561 pr_debug("Releasing group %d\n", group->id);
562
563 if (group->iommu_data_release)
564 group->iommu_data_release(group->iommu_data);
565
566 ida_simple_remove(&iommu_group_ida, group->id);
567
568 if (group->default_domain)
569 iommu_domain_free(group->default_domain);
570
571 kfree(group->name);
572 kfree(group);
573 }
574
575 static struct kobj_type iommu_group_ktype = {
576 .sysfs_ops = &iommu_group_sysfs_ops,
577 .release = iommu_group_release,
578 };
579
580 /**
581 * iommu_group_alloc - Allocate a new group
582 *
583 * This function is called by an iommu driver to allocate a new iommu
584 * group. The iommu group represents the minimum granularity of the iommu.
585 * Upon successful return, the caller holds a reference to the supplied
586 * group in order to hold the group until devices are added. Use
587 * iommu_group_put() to release this extra reference count, allowing the
588 * group to be automatically reclaimed once it has no devices or external
589 * references.
590 */
iommu_group_alloc(void)591 struct iommu_group *iommu_group_alloc(void)
592 {
593 struct iommu_group *group;
594 int ret;
595
596 group = kzalloc(sizeof(*group), GFP_KERNEL);
597 if (!group)
598 return ERR_PTR(-ENOMEM);
599
600 group->kobj.kset = iommu_group_kset;
601 mutex_init(&group->mutex);
602 INIT_LIST_HEAD(&group->devices);
603 INIT_LIST_HEAD(&group->entry);
604 BLOCKING_INIT_NOTIFIER_HEAD(&group->notifier);
605
606 ret = ida_simple_get(&iommu_group_ida, 0, 0, GFP_KERNEL);
607 if (ret < 0) {
608 kfree(group);
609 return ERR_PTR(ret);
610 }
611 group->id = ret;
612
613 ret = kobject_init_and_add(&group->kobj, &iommu_group_ktype,
614 NULL, "%d", group->id);
615 if (ret) {
616 ida_simple_remove(&iommu_group_ida, group->id);
617 kobject_put(&group->kobj);
618 return ERR_PTR(ret);
619 }
620
621 group->devices_kobj = kobject_create_and_add("devices", &group->kobj);
622 if (!group->devices_kobj) {
623 kobject_put(&group->kobj); /* triggers .release & free */
624 return ERR_PTR(-ENOMEM);
625 }
626
627 /*
628 * The devices_kobj holds a reference on the group kobject, so
629 * as long as that exists so will the group. We can therefore
630 * use the devices_kobj for reference counting.
631 */
632 kobject_put(&group->kobj);
633
634 ret = iommu_group_create_file(group,
635 &iommu_group_attr_reserved_regions);
636 if (ret)
637 return ERR_PTR(ret);
638
639 ret = iommu_group_create_file(group, &iommu_group_attr_type);
640 if (ret)
641 return ERR_PTR(ret);
642
643 pr_debug("Allocated group %d\n", group->id);
644
645 return group;
646 }
647 EXPORT_SYMBOL_GPL(iommu_group_alloc);
648
iommu_group_get_by_id(int id)649 struct iommu_group *iommu_group_get_by_id(int id)
650 {
651 struct kobject *group_kobj;
652 struct iommu_group *group;
653 const char *name;
654
655 if (!iommu_group_kset)
656 return NULL;
657
658 name = kasprintf(GFP_KERNEL, "%d", id);
659 if (!name)
660 return NULL;
661
662 group_kobj = kset_find_obj(iommu_group_kset, name);
663 kfree(name);
664
665 if (!group_kobj)
666 return NULL;
667
668 group = container_of(group_kobj, struct iommu_group, kobj);
669 BUG_ON(group->id != id);
670
671 kobject_get(group->devices_kobj);
672 kobject_put(&group->kobj);
673
674 return group;
675 }
676 EXPORT_SYMBOL_GPL(iommu_group_get_by_id);
677
678 /**
679 * iommu_group_get_iommudata - retrieve iommu_data registered for a group
680 * @group: the group
681 *
682 * iommu drivers can store data in the group for use when doing iommu
683 * operations. This function provides a way to retrieve it. Caller
684 * should hold a group reference.
685 */
iommu_group_get_iommudata(struct iommu_group * group)686 void *iommu_group_get_iommudata(struct iommu_group *group)
687 {
688 return group->iommu_data;
689 }
690 EXPORT_SYMBOL_GPL(iommu_group_get_iommudata);
691
692 /**
693 * iommu_group_set_iommudata - set iommu_data for a group
694 * @group: the group
695 * @iommu_data: new data
696 * @release: release function for iommu_data
697 *
698 * iommu drivers can store data in the group for use when doing iommu
699 * operations. This function provides a way to set the data after
700 * the group has been allocated. Caller should hold a group reference.
701 */
iommu_group_set_iommudata(struct iommu_group * group,void * iommu_data,void (* release)(void * iommu_data))702 void iommu_group_set_iommudata(struct iommu_group *group, void *iommu_data,
703 void (*release)(void *iommu_data))
704 {
705 group->iommu_data = iommu_data;
706 group->iommu_data_release = release;
707 }
708 EXPORT_SYMBOL_GPL(iommu_group_set_iommudata);
709
710 /**
711 * iommu_group_set_name - set name for a group
712 * @group: the group
713 * @name: name
714 *
715 * Allow iommu driver to set a name for a group. When set it will
716 * appear in a name attribute file under the group in sysfs.
717 */
iommu_group_set_name(struct iommu_group * group,const char * name)718 int iommu_group_set_name(struct iommu_group *group, const char *name)
719 {
720 int ret;
721
722 if (group->name) {
723 iommu_group_remove_file(group, &iommu_group_attr_name);
724 kfree(group->name);
725 group->name = NULL;
726 if (!name)
727 return 0;
728 }
729
730 group->name = kstrdup(name, GFP_KERNEL);
731 if (!group->name)
732 return -ENOMEM;
733
734 ret = iommu_group_create_file(group, &iommu_group_attr_name);
735 if (ret) {
736 kfree(group->name);
737 group->name = NULL;
738 return ret;
739 }
740
741 return 0;
742 }
743 EXPORT_SYMBOL_GPL(iommu_group_set_name);
744
iommu_create_device_direct_mappings(struct iommu_group * group,struct device * dev)745 static int iommu_create_device_direct_mappings(struct iommu_group *group,
746 struct device *dev)
747 {
748 struct iommu_domain *domain = group->default_domain;
749 struct iommu_resv_region *entry;
750 struct list_head mappings;
751 unsigned long pg_size;
752 int ret = 0;
753
754 if (!domain || domain->type != IOMMU_DOMAIN_DMA)
755 return 0;
756
757 BUG_ON(!domain->pgsize_bitmap);
758
759 pg_size = 1UL << __ffs(domain->pgsize_bitmap);
760 INIT_LIST_HEAD(&mappings);
761
762 iommu_get_resv_regions(dev, &mappings);
763
764 /* We need to consider overlapping regions for different devices */
765 list_for_each_entry(entry, &mappings, list) {
766 dma_addr_t start, end, addr;
767
768 if (domain->ops->apply_resv_region)
769 domain->ops->apply_resv_region(dev, domain, entry);
770
771 start = ALIGN(entry->start, pg_size);
772 end = ALIGN(entry->start + entry->length, pg_size);
773
774 if (entry->type != IOMMU_RESV_DIRECT &&
775 entry->type != IOMMU_RESV_DIRECT_RELAXABLE)
776 continue;
777
778 for (addr = start; addr < end; addr += pg_size) {
779 phys_addr_t phys_addr;
780
781 phys_addr = iommu_iova_to_phys(domain, addr);
782 if (phys_addr)
783 continue;
784
785 ret = iommu_map(domain, addr, addr, pg_size, entry->prot);
786 if (ret)
787 goto out;
788 }
789
790 }
791
792 iommu_flush_iotlb_all(domain);
793
794 out:
795 iommu_put_resv_regions(dev, &mappings);
796
797 return ret;
798 }
799
iommu_is_attach_deferred(struct iommu_domain * domain,struct device * dev)800 static bool iommu_is_attach_deferred(struct iommu_domain *domain,
801 struct device *dev)
802 {
803 if (domain->ops->is_attach_deferred)
804 return domain->ops->is_attach_deferred(domain, dev);
805
806 return false;
807 }
808
809 /**
810 * iommu_group_add_device - add a device to an iommu group
811 * @group: the group into which to add the device (reference should be held)
812 * @dev: the device
813 *
814 * This function is called by an iommu driver to add a device into a
815 * group. Adding a device increments the group reference count.
816 */
iommu_group_add_device(struct iommu_group * group,struct device * dev)817 int iommu_group_add_device(struct iommu_group *group, struct device *dev)
818 {
819 int ret, i = 0;
820 struct group_device *device;
821
822 device = kzalloc(sizeof(*device), GFP_KERNEL);
823 if (!device)
824 return -ENOMEM;
825
826 device->dev = dev;
827
828 ret = sysfs_create_link(&dev->kobj, &group->kobj, "iommu_group");
829 if (ret)
830 goto err_free_device;
831
832 device->name = kasprintf(GFP_KERNEL, "%s", kobject_name(&dev->kobj));
833 rename:
834 if (!device->name) {
835 ret = -ENOMEM;
836 goto err_remove_link;
837 }
838
839 ret = sysfs_create_link_nowarn(group->devices_kobj,
840 &dev->kobj, device->name);
841 if (ret) {
842 if (ret == -EEXIST && i >= 0) {
843 /*
844 * Account for the slim chance of collision
845 * and append an instance to the name.
846 */
847 kfree(device->name);
848 device->name = kasprintf(GFP_KERNEL, "%s.%d",
849 kobject_name(&dev->kobj), i++);
850 goto rename;
851 }
852 goto err_free_name;
853 }
854
855 kobject_get(group->devices_kobj);
856
857 dev->iommu_group = group;
858
859 mutex_lock(&group->mutex);
860 list_add_tail(&device->list, &group->devices);
861 if (group->domain && !iommu_is_attach_deferred(group->domain, dev))
862 ret = __iommu_attach_device(group->domain, dev);
863 mutex_unlock(&group->mutex);
864 if (ret)
865 goto err_put_group;
866
867 /* Notify any listeners about change to group. */
868 blocking_notifier_call_chain(&group->notifier,
869 IOMMU_GROUP_NOTIFY_ADD_DEVICE, dev);
870
871 trace_add_device_to_group(group->id, dev);
872
873 dev_info(dev, "Adding to iommu group %d\n", group->id);
874
875 return 0;
876
877 err_put_group:
878 mutex_lock(&group->mutex);
879 list_del(&device->list);
880 mutex_unlock(&group->mutex);
881 dev->iommu_group = NULL;
882 kobject_put(group->devices_kobj);
883 sysfs_remove_link(group->devices_kobj, device->name);
884 err_free_name:
885 kfree(device->name);
886 err_remove_link:
887 sysfs_remove_link(&dev->kobj, "iommu_group");
888 err_free_device:
889 kfree(device);
890 dev_err(dev, "Failed to add to iommu group %d: %d\n", group->id, ret);
891 return ret;
892 }
893 EXPORT_SYMBOL_GPL(iommu_group_add_device);
894
895 /**
896 * iommu_group_remove_device - remove a device from it's current group
897 * @dev: device to be removed
898 *
899 * This function is called by an iommu driver to remove the device from
900 * it's current group. This decrements the iommu group reference count.
901 */
iommu_group_remove_device(struct device * dev)902 void iommu_group_remove_device(struct device *dev)
903 {
904 struct iommu_group *group = dev->iommu_group;
905 struct group_device *tmp_device, *device = NULL;
906
907 if (!group)
908 return;
909
910 dev_info(dev, "Removing from iommu group %d\n", group->id);
911
912 /* Pre-notify listeners that a device is being removed. */
913 blocking_notifier_call_chain(&group->notifier,
914 IOMMU_GROUP_NOTIFY_DEL_DEVICE, dev);
915
916 mutex_lock(&group->mutex);
917 list_for_each_entry(tmp_device, &group->devices, list) {
918 if (tmp_device->dev == dev) {
919 device = tmp_device;
920 list_del(&device->list);
921 break;
922 }
923 }
924 mutex_unlock(&group->mutex);
925
926 if (!device)
927 return;
928
929 sysfs_remove_link(group->devices_kobj, device->name);
930 sysfs_remove_link(&dev->kobj, "iommu_group");
931
932 trace_remove_device_from_group(group->id, dev);
933
934 kfree(device->name);
935 kfree(device);
936 dev->iommu_group = NULL;
937 kobject_put(group->devices_kobj);
938 }
939 EXPORT_SYMBOL_GPL(iommu_group_remove_device);
940
iommu_group_device_count(struct iommu_group * group)941 static int iommu_group_device_count(struct iommu_group *group)
942 {
943 struct group_device *entry;
944 int ret = 0;
945
946 list_for_each_entry(entry, &group->devices, list)
947 ret++;
948
949 return ret;
950 }
951
952 /**
953 * iommu_group_for_each_dev - iterate over each device in the group
954 * @group: the group
955 * @data: caller opaque data to be passed to callback function
956 * @fn: caller supplied callback function
957 *
958 * This function is called by group users to iterate over group devices.
959 * Callers should hold a reference count to the group during callback.
960 * The group->mutex is held across callbacks, which will block calls to
961 * iommu_group_add/remove_device.
962 */
__iommu_group_for_each_dev(struct iommu_group * group,void * data,int (* fn)(struct device *,void *))963 static int __iommu_group_for_each_dev(struct iommu_group *group, void *data,
964 int (*fn)(struct device *, void *))
965 {
966 struct group_device *device;
967 int ret = 0;
968
969 list_for_each_entry(device, &group->devices, list) {
970 ret = fn(device->dev, data);
971 if (ret)
972 break;
973 }
974 return ret;
975 }
976
977
iommu_group_for_each_dev(struct iommu_group * group,void * data,int (* fn)(struct device *,void *))978 int iommu_group_for_each_dev(struct iommu_group *group, void *data,
979 int (*fn)(struct device *, void *))
980 {
981 int ret;
982
983 mutex_lock(&group->mutex);
984 ret = __iommu_group_for_each_dev(group, data, fn);
985 mutex_unlock(&group->mutex);
986
987 return ret;
988 }
989 EXPORT_SYMBOL_GPL(iommu_group_for_each_dev);
990
991 /**
992 * iommu_group_get - Return the group for a device and increment reference
993 * @dev: get the group that this device belongs to
994 *
995 * This function is called by iommu drivers and users to get the group
996 * for the specified device. If found, the group is returned and the group
997 * reference in incremented, else NULL.
998 */
iommu_group_get(struct device * dev)999 struct iommu_group *iommu_group_get(struct device *dev)
1000 {
1001 struct iommu_group *group = dev->iommu_group;
1002
1003 if (group)
1004 kobject_get(group->devices_kobj);
1005
1006 return group;
1007 }
1008 EXPORT_SYMBOL_GPL(iommu_group_get);
1009
1010 /**
1011 * iommu_group_ref_get - Increment reference on a group
1012 * @group: the group to use, must not be NULL
1013 *
1014 * This function is called by iommu drivers to take additional references on an
1015 * existing group. Returns the given group for convenience.
1016 */
iommu_group_ref_get(struct iommu_group * group)1017 struct iommu_group *iommu_group_ref_get(struct iommu_group *group)
1018 {
1019 kobject_get(group->devices_kobj);
1020 return group;
1021 }
1022 EXPORT_SYMBOL_GPL(iommu_group_ref_get);
1023
1024 /**
1025 * iommu_group_put - Decrement group reference
1026 * @group: the group to use
1027 *
1028 * This function is called by iommu drivers and users to release the
1029 * iommu group. Once the reference count is zero, the group is released.
1030 */
iommu_group_put(struct iommu_group * group)1031 void iommu_group_put(struct iommu_group *group)
1032 {
1033 if (group)
1034 kobject_put(group->devices_kobj);
1035 }
1036 EXPORT_SYMBOL_GPL(iommu_group_put);
1037
1038 /**
1039 * iommu_group_register_notifier - Register a notifier for group changes
1040 * @group: the group to watch
1041 * @nb: notifier block to signal
1042 *
1043 * This function allows iommu group users to track changes in a group.
1044 * See include/linux/iommu.h for actions sent via this notifier. Caller
1045 * should hold a reference to the group throughout notifier registration.
1046 */
iommu_group_register_notifier(struct iommu_group * group,struct notifier_block * nb)1047 int iommu_group_register_notifier(struct iommu_group *group,
1048 struct notifier_block *nb)
1049 {
1050 return blocking_notifier_chain_register(&group->notifier, nb);
1051 }
1052 EXPORT_SYMBOL_GPL(iommu_group_register_notifier);
1053
1054 /**
1055 * iommu_group_unregister_notifier - Unregister a notifier
1056 * @group: the group to watch
1057 * @nb: notifier block to signal
1058 *
1059 * Unregister a previously registered group notifier block.
1060 */
iommu_group_unregister_notifier(struct iommu_group * group,struct notifier_block * nb)1061 int iommu_group_unregister_notifier(struct iommu_group *group,
1062 struct notifier_block *nb)
1063 {
1064 return blocking_notifier_chain_unregister(&group->notifier, nb);
1065 }
1066 EXPORT_SYMBOL_GPL(iommu_group_unregister_notifier);
1067
1068 /**
1069 * iommu_register_device_fault_handler() - Register a device fault handler
1070 * @dev: the device
1071 * @handler: the fault handler
1072 * @data: private data passed as argument to the handler
1073 *
1074 * When an IOMMU fault event is received, this handler gets called with the
1075 * fault event and data as argument. The handler should return 0 on success. If
1076 * the fault is recoverable (IOMMU_FAULT_PAGE_REQ), the consumer should also
1077 * complete the fault by calling iommu_page_response() with one of the following
1078 * response code:
1079 * - IOMMU_PAGE_RESP_SUCCESS: retry the translation
1080 * - IOMMU_PAGE_RESP_INVALID: terminate the fault
1081 * - IOMMU_PAGE_RESP_FAILURE: terminate the fault and stop reporting
1082 * page faults if possible.
1083 *
1084 * Return 0 if the fault handler was installed successfully, or an error.
1085 */
iommu_register_device_fault_handler(struct device * dev,iommu_dev_fault_handler_t handler,void * data)1086 int iommu_register_device_fault_handler(struct device *dev,
1087 iommu_dev_fault_handler_t handler,
1088 void *data)
1089 {
1090 struct dev_iommu *param = dev->iommu;
1091 int ret = 0;
1092
1093 if (!param)
1094 return -EINVAL;
1095
1096 mutex_lock(¶m->lock);
1097 /* Only allow one fault handler registered for each device */
1098 if (param->fault_param) {
1099 ret = -EBUSY;
1100 goto done_unlock;
1101 }
1102
1103 get_device(dev);
1104 param->fault_param = kzalloc(sizeof(*param->fault_param), GFP_KERNEL);
1105 if (!param->fault_param) {
1106 put_device(dev);
1107 ret = -ENOMEM;
1108 goto done_unlock;
1109 }
1110 param->fault_param->handler = handler;
1111 param->fault_param->data = data;
1112 mutex_init(¶m->fault_param->lock);
1113 INIT_LIST_HEAD(¶m->fault_param->faults);
1114
1115 done_unlock:
1116 mutex_unlock(¶m->lock);
1117
1118 return ret;
1119 }
1120 EXPORT_SYMBOL_GPL(iommu_register_device_fault_handler);
1121
1122 /**
1123 * iommu_unregister_device_fault_handler() - Unregister the device fault handler
1124 * @dev: the device
1125 *
1126 * Remove the device fault handler installed with
1127 * iommu_register_device_fault_handler().
1128 *
1129 * Return 0 on success, or an error.
1130 */
iommu_unregister_device_fault_handler(struct device * dev)1131 int iommu_unregister_device_fault_handler(struct device *dev)
1132 {
1133 struct dev_iommu *param = dev->iommu;
1134 int ret = 0;
1135
1136 if (!param)
1137 return -EINVAL;
1138
1139 mutex_lock(¶m->lock);
1140
1141 if (!param->fault_param)
1142 goto unlock;
1143
1144 /* we cannot unregister handler if there are pending faults */
1145 if (!list_empty(¶m->fault_param->faults)) {
1146 ret = -EBUSY;
1147 goto unlock;
1148 }
1149
1150 kfree(param->fault_param);
1151 param->fault_param = NULL;
1152 put_device(dev);
1153 unlock:
1154 mutex_unlock(¶m->lock);
1155
1156 return ret;
1157 }
1158 EXPORT_SYMBOL_GPL(iommu_unregister_device_fault_handler);
1159
1160 /**
1161 * iommu_report_device_fault() - Report fault event to device driver
1162 * @dev: the device
1163 * @evt: fault event data
1164 *
1165 * Called by IOMMU drivers when a fault is detected, typically in a threaded IRQ
1166 * handler. When this function fails and the fault is recoverable, it is the
1167 * caller's responsibility to complete the fault.
1168 *
1169 * Return 0 on success, or an error.
1170 */
iommu_report_device_fault(struct device * dev,struct iommu_fault_event * evt)1171 int iommu_report_device_fault(struct device *dev, struct iommu_fault_event *evt)
1172 {
1173 struct dev_iommu *param = dev->iommu;
1174 struct iommu_fault_event *evt_pending = NULL;
1175 struct iommu_fault_param *fparam;
1176 int ret = 0;
1177
1178 if (!param || !evt)
1179 return -EINVAL;
1180
1181 /* we only report device fault if there is a handler registered */
1182 mutex_lock(¶m->lock);
1183 fparam = param->fault_param;
1184 if (!fparam || !fparam->handler) {
1185 ret = -EINVAL;
1186 goto done_unlock;
1187 }
1188
1189 if (evt->fault.type == IOMMU_FAULT_PAGE_REQ &&
1190 (evt->fault.prm.flags & IOMMU_FAULT_PAGE_REQUEST_LAST_PAGE)) {
1191 evt_pending = kmemdup(evt, sizeof(struct iommu_fault_event),
1192 GFP_KERNEL);
1193 if (!evt_pending) {
1194 ret = -ENOMEM;
1195 goto done_unlock;
1196 }
1197 mutex_lock(&fparam->lock);
1198 list_add_tail(&evt_pending->list, &fparam->faults);
1199 mutex_unlock(&fparam->lock);
1200 }
1201
1202 ret = fparam->handler(&evt->fault, fparam->data);
1203 if (ret && evt_pending) {
1204 mutex_lock(&fparam->lock);
1205 list_del(&evt_pending->list);
1206 mutex_unlock(&fparam->lock);
1207 kfree(evt_pending);
1208 }
1209 done_unlock:
1210 mutex_unlock(¶m->lock);
1211 return ret;
1212 }
1213 EXPORT_SYMBOL_GPL(iommu_report_device_fault);
1214
iommu_page_response(struct device * dev,struct iommu_page_response * msg)1215 int iommu_page_response(struct device *dev,
1216 struct iommu_page_response *msg)
1217 {
1218 bool needs_pasid;
1219 int ret = -EINVAL;
1220 struct iommu_fault_event *evt;
1221 struct iommu_fault_page_request *prm;
1222 struct dev_iommu *param = dev->iommu;
1223 bool has_pasid = msg->flags & IOMMU_PAGE_RESP_PASID_VALID;
1224 struct iommu_domain *domain = iommu_get_domain_for_dev(dev);
1225
1226 if (!domain || !domain->ops->page_response)
1227 return -ENODEV;
1228
1229 if (!param || !param->fault_param)
1230 return -EINVAL;
1231
1232 if (msg->version != IOMMU_PAGE_RESP_VERSION_1 ||
1233 msg->flags & ~IOMMU_PAGE_RESP_PASID_VALID)
1234 return -EINVAL;
1235
1236 /* Only send response if there is a fault report pending */
1237 mutex_lock(¶m->fault_param->lock);
1238 if (list_empty(¶m->fault_param->faults)) {
1239 dev_warn_ratelimited(dev, "no pending PRQ, drop response\n");
1240 goto done_unlock;
1241 }
1242 /*
1243 * Check if we have a matching page request pending to respond,
1244 * otherwise return -EINVAL
1245 */
1246 list_for_each_entry(evt, ¶m->fault_param->faults, list) {
1247 prm = &evt->fault.prm;
1248 if (prm->grpid != msg->grpid)
1249 continue;
1250
1251 /*
1252 * If the PASID is required, the corresponding request is
1253 * matched using the group ID, the PASID valid bit and the PASID
1254 * value. Otherwise only the group ID matches request and
1255 * response.
1256 */
1257 needs_pasid = prm->flags & IOMMU_FAULT_PAGE_RESPONSE_NEEDS_PASID;
1258 if (needs_pasid && (!has_pasid || msg->pasid != prm->pasid))
1259 continue;
1260
1261 if (!needs_pasid && has_pasid) {
1262 /* No big deal, just clear it. */
1263 msg->flags &= ~IOMMU_PAGE_RESP_PASID_VALID;
1264 msg->pasid = 0;
1265 }
1266
1267 ret = domain->ops->page_response(dev, evt, msg);
1268 list_del(&evt->list);
1269 kfree(evt);
1270 break;
1271 }
1272
1273 done_unlock:
1274 mutex_unlock(¶m->fault_param->lock);
1275 return ret;
1276 }
1277 EXPORT_SYMBOL_GPL(iommu_page_response);
1278
1279 /**
1280 * iommu_group_id - Return ID for a group
1281 * @group: the group to ID
1282 *
1283 * Return the unique ID for the group matching the sysfs group number.
1284 */
iommu_group_id(struct iommu_group * group)1285 int iommu_group_id(struct iommu_group *group)
1286 {
1287 return group->id;
1288 }
1289 EXPORT_SYMBOL_GPL(iommu_group_id);
1290
1291 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
1292 unsigned long *devfns);
1293
1294 /*
1295 * To consider a PCI device isolated, we require ACS to support Source
1296 * Validation, Request Redirection, Completer Redirection, and Upstream
1297 * Forwarding. This effectively means that devices cannot spoof their
1298 * requester ID, requests and completions cannot be redirected, and all
1299 * transactions are forwarded upstream, even as it passes through a
1300 * bridge where the target device is downstream.
1301 */
1302 #define REQ_ACS_FLAGS (PCI_ACS_SV | PCI_ACS_RR | PCI_ACS_CR | PCI_ACS_UF)
1303
1304 /*
1305 * For multifunction devices which are not isolated from each other, find
1306 * all the other non-isolated functions and look for existing groups. For
1307 * each function, we also need to look for aliases to or from other devices
1308 * that may already have a group.
1309 */
get_pci_function_alias_group(struct pci_dev * pdev,unsigned long * devfns)1310 static struct iommu_group *get_pci_function_alias_group(struct pci_dev *pdev,
1311 unsigned long *devfns)
1312 {
1313 struct pci_dev *tmp = NULL;
1314 struct iommu_group *group;
1315
1316 if (!pdev->multifunction || pci_acs_enabled(pdev, REQ_ACS_FLAGS))
1317 return NULL;
1318
1319 for_each_pci_dev(tmp) {
1320 if (tmp == pdev || tmp->bus != pdev->bus ||
1321 PCI_SLOT(tmp->devfn) != PCI_SLOT(pdev->devfn) ||
1322 pci_acs_enabled(tmp, REQ_ACS_FLAGS))
1323 continue;
1324
1325 group = get_pci_alias_group(tmp, devfns);
1326 if (group) {
1327 pci_dev_put(tmp);
1328 return group;
1329 }
1330 }
1331
1332 return NULL;
1333 }
1334
1335 /*
1336 * Look for aliases to or from the given device for existing groups. DMA
1337 * aliases are only supported on the same bus, therefore the search
1338 * space is quite small (especially since we're really only looking at pcie
1339 * device, and therefore only expect multiple slots on the root complex or
1340 * downstream switch ports). It's conceivable though that a pair of
1341 * multifunction devices could have aliases between them that would cause a
1342 * loop. To prevent this, we use a bitmap to track where we've been.
1343 */
get_pci_alias_group(struct pci_dev * pdev,unsigned long * devfns)1344 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
1345 unsigned long *devfns)
1346 {
1347 struct pci_dev *tmp = NULL;
1348 struct iommu_group *group;
1349
1350 if (test_and_set_bit(pdev->devfn & 0xff, devfns))
1351 return NULL;
1352
1353 group = iommu_group_get(&pdev->dev);
1354 if (group)
1355 return group;
1356
1357 for_each_pci_dev(tmp) {
1358 if (tmp == pdev || tmp->bus != pdev->bus)
1359 continue;
1360
1361 /* We alias them or they alias us */
1362 if (pci_devs_are_dma_aliases(pdev, tmp)) {
1363 group = get_pci_alias_group(tmp, devfns);
1364 if (group) {
1365 pci_dev_put(tmp);
1366 return group;
1367 }
1368
1369 group = get_pci_function_alias_group(tmp, devfns);
1370 if (group) {
1371 pci_dev_put(tmp);
1372 return group;
1373 }
1374 }
1375 }
1376
1377 return NULL;
1378 }
1379
1380 struct group_for_pci_data {
1381 struct pci_dev *pdev;
1382 struct iommu_group *group;
1383 };
1384
1385 /*
1386 * DMA alias iterator callback, return the last seen device. Stop and return
1387 * the IOMMU group if we find one along the way.
1388 */
get_pci_alias_or_group(struct pci_dev * pdev,u16 alias,void * opaque)1389 static int get_pci_alias_or_group(struct pci_dev *pdev, u16 alias, void *opaque)
1390 {
1391 struct group_for_pci_data *data = opaque;
1392
1393 data->pdev = pdev;
1394 data->group = iommu_group_get(&pdev->dev);
1395
1396 return data->group != NULL;
1397 }
1398
1399 /*
1400 * Generic device_group call-back function. It just allocates one
1401 * iommu-group per device.
1402 */
generic_device_group(struct device * dev)1403 struct iommu_group *generic_device_group(struct device *dev)
1404 {
1405 return iommu_group_alloc();
1406 }
1407 EXPORT_SYMBOL_GPL(generic_device_group);
1408
1409 /*
1410 * Use standard PCI bus topology, isolation features, and DMA alias quirks
1411 * to find or create an IOMMU group for a device.
1412 */
pci_device_group(struct device * dev)1413 struct iommu_group *pci_device_group(struct device *dev)
1414 {
1415 struct pci_dev *pdev = to_pci_dev(dev);
1416 struct group_for_pci_data data;
1417 struct pci_bus *bus;
1418 struct iommu_group *group = NULL;
1419 u64 devfns[4] = { 0 };
1420
1421 if (WARN_ON(!dev_is_pci(dev)))
1422 return ERR_PTR(-EINVAL);
1423
1424 /*
1425 * Find the upstream DMA alias for the device. A device must not
1426 * be aliased due to topology in order to have its own IOMMU group.
1427 * If we find an alias along the way that already belongs to a
1428 * group, use it.
1429 */
1430 if (pci_for_each_dma_alias(pdev, get_pci_alias_or_group, &data))
1431 return data.group;
1432
1433 pdev = data.pdev;
1434
1435 /*
1436 * Continue upstream from the point of minimum IOMMU granularity
1437 * due to aliases to the point where devices are protected from
1438 * peer-to-peer DMA by PCI ACS. Again, if we find an existing
1439 * group, use it.
1440 */
1441 for (bus = pdev->bus; !pci_is_root_bus(bus); bus = bus->parent) {
1442 if (!bus->self)
1443 continue;
1444
1445 if (pci_acs_path_enabled(bus->self, NULL, REQ_ACS_FLAGS))
1446 break;
1447
1448 pdev = bus->self;
1449
1450 group = iommu_group_get(&pdev->dev);
1451 if (group)
1452 return group;
1453 }
1454
1455 /*
1456 * Look for existing groups on device aliases. If we alias another
1457 * device or another device aliases us, use the same group.
1458 */
1459 group = get_pci_alias_group(pdev, (unsigned long *)devfns);
1460 if (group)
1461 return group;
1462
1463 /*
1464 * Look for existing groups on non-isolated functions on the same
1465 * slot and aliases of those funcions, if any. No need to clear
1466 * the search bitmap, the tested devfns are still valid.
1467 */
1468 group = get_pci_function_alias_group(pdev, (unsigned long *)devfns);
1469 if (group)
1470 return group;
1471
1472 /* No shared group found, allocate new */
1473 return iommu_group_alloc();
1474 }
1475 EXPORT_SYMBOL_GPL(pci_device_group);
1476
1477 /* Get the IOMMU group for device on fsl-mc bus */
fsl_mc_device_group(struct device * dev)1478 struct iommu_group *fsl_mc_device_group(struct device *dev)
1479 {
1480 struct device *cont_dev = fsl_mc_cont_dev(dev);
1481 struct iommu_group *group;
1482
1483 group = iommu_group_get(cont_dev);
1484 if (!group)
1485 group = iommu_group_alloc();
1486 return group;
1487 }
1488 EXPORT_SYMBOL_GPL(fsl_mc_device_group);
1489
iommu_get_def_domain_type(struct device * dev)1490 static int iommu_get_def_domain_type(struct device *dev)
1491 {
1492 const struct iommu_ops *ops = dev->bus->iommu_ops;
1493 unsigned int type = 0;
1494
1495 if (ops->def_domain_type)
1496 type = ops->def_domain_type(dev);
1497
1498 return (type == 0) ? iommu_def_domain_type : type;
1499 }
1500
iommu_group_alloc_default_domain(struct bus_type * bus,struct iommu_group * group,unsigned int type)1501 static int iommu_group_alloc_default_domain(struct bus_type *bus,
1502 struct iommu_group *group,
1503 unsigned int type)
1504 {
1505 struct iommu_domain *dom;
1506
1507 dom = __iommu_domain_alloc(bus, type);
1508 if (!dom && type != IOMMU_DOMAIN_DMA) {
1509 dom = __iommu_domain_alloc(bus, IOMMU_DOMAIN_DMA);
1510 if (dom)
1511 pr_warn("Failed to allocate default IOMMU domain of type %u for group %s - Falling back to IOMMU_DOMAIN_DMA",
1512 type, group->name);
1513 }
1514
1515 if (!dom)
1516 return -ENOMEM;
1517
1518 group->default_domain = dom;
1519 if (!group->domain)
1520 group->domain = dom;
1521
1522 if (!iommu_dma_strict) {
1523 int attr = 1;
1524 iommu_domain_set_attr(dom,
1525 DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE,
1526 &attr);
1527 }
1528
1529 return 0;
1530 }
1531
iommu_alloc_default_domain(struct iommu_group * group,struct device * dev)1532 static int iommu_alloc_default_domain(struct iommu_group *group,
1533 struct device *dev)
1534 {
1535 unsigned int type;
1536
1537 if (group->default_domain)
1538 return 0;
1539
1540 type = iommu_get_def_domain_type(dev);
1541
1542 return iommu_group_alloc_default_domain(dev->bus, group, type);
1543 }
1544
1545 /**
1546 * iommu_group_get_for_dev - Find or create the IOMMU group for a device
1547 * @dev: target device
1548 *
1549 * This function is intended to be called by IOMMU drivers and extended to
1550 * support common, bus-defined algorithms when determining or creating the
1551 * IOMMU group for a device. On success, the caller will hold a reference
1552 * to the returned IOMMU group, which will already include the provided
1553 * device. The reference should be released with iommu_group_put().
1554 */
iommu_group_get_for_dev(struct device * dev)1555 static struct iommu_group *iommu_group_get_for_dev(struct device *dev)
1556 {
1557 const struct iommu_ops *ops = dev->bus->iommu_ops;
1558 struct iommu_group *group;
1559 int ret;
1560
1561 group = iommu_group_get(dev);
1562 if (group)
1563 return group;
1564
1565 if (!ops)
1566 return ERR_PTR(-EINVAL);
1567
1568 group = ops->device_group(dev);
1569 if (WARN_ON_ONCE(group == NULL))
1570 return ERR_PTR(-EINVAL);
1571
1572 if (IS_ERR(group))
1573 return group;
1574
1575 ret = iommu_group_add_device(group, dev);
1576 if (ret)
1577 goto out_put_group;
1578
1579 return group;
1580
1581 out_put_group:
1582 iommu_group_put(group);
1583
1584 return ERR_PTR(ret);
1585 }
1586
iommu_group_default_domain(struct iommu_group * group)1587 struct iommu_domain *iommu_group_default_domain(struct iommu_group *group)
1588 {
1589 return group->default_domain;
1590 }
1591
probe_iommu_group(struct device * dev,void * data)1592 static int probe_iommu_group(struct device *dev, void *data)
1593 {
1594 struct list_head *group_list = data;
1595 struct iommu_group *group;
1596 int ret;
1597
1598 /* Device is probed already if in a group */
1599 group = iommu_group_get(dev);
1600 if (group) {
1601 iommu_group_put(group);
1602 return 0;
1603 }
1604
1605 ret = __iommu_probe_device(dev, group_list);
1606 if (ret == -ENODEV)
1607 ret = 0;
1608
1609 return ret;
1610 }
1611
remove_iommu_group(struct device * dev,void * data)1612 static int remove_iommu_group(struct device *dev, void *data)
1613 {
1614 iommu_release_device(dev);
1615
1616 return 0;
1617 }
1618
iommu_bus_notifier(struct notifier_block * nb,unsigned long action,void * data)1619 static int iommu_bus_notifier(struct notifier_block *nb,
1620 unsigned long action, void *data)
1621 {
1622 unsigned long group_action = 0;
1623 struct device *dev = data;
1624 struct iommu_group *group;
1625
1626 /*
1627 * ADD/DEL call into iommu driver ops if provided, which may
1628 * result in ADD/DEL notifiers to group->notifier
1629 */
1630 if (action == BUS_NOTIFY_ADD_DEVICE) {
1631 int ret;
1632
1633 ret = iommu_probe_device(dev);
1634 return (ret) ? NOTIFY_DONE : NOTIFY_OK;
1635 } else if (action == BUS_NOTIFY_REMOVED_DEVICE) {
1636 iommu_release_device(dev);
1637 return NOTIFY_OK;
1638 }
1639
1640 /*
1641 * Remaining BUS_NOTIFYs get filtered and republished to the
1642 * group, if anyone is listening
1643 */
1644 group = iommu_group_get(dev);
1645 if (!group)
1646 return 0;
1647
1648 switch (action) {
1649 case BUS_NOTIFY_BIND_DRIVER:
1650 group_action = IOMMU_GROUP_NOTIFY_BIND_DRIVER;
1651 break;
1652 case BUS_NOTIFY_BOUND_DRIVER:
1653 group_action = IOMMU_GROUP_NOTIFY_BOUND_DRIVER;
1654 break;
1655 case BUS_NOTIFY_UNBIND_DRIVER:
1656 group_action = IOMMU_GROUP_NOTIFY_UNBIND_DRIVER;
1657 break;
1658 case BUS_NOTIFY_UNBOUND_DRIVER:
1659 group_action = IOMMU_GROUP_NOTIFY_UNBOUND_DRIVER;
1660 break;
1661 }
1662
1663 if (group_action)
1664 blocking_notifier_call_chain(&group->notifier,
1665 group_action, dev);
1666
1667 iommu_group_put(group);
1668 return 0;
1669 }
1670
1671 struct __group_domain_type {
1672 struct device *dev;
1673 unsigned int type;
1674 };
1675
probe_get_default_domain_type(struct device * dev,void * data)1676 static int probe_get_default_domain_type(struct device *dev, void *data)
1677 {
1678 const struct iommu_ops *ops = dev->bus->iommu_ops;
1679 struct __group_domain_type *gtype = data;
1680 unsigned int type = 0;
1681
1682 if (ops->def_domain_type)
1683 type = ops->def_domain_type(dev);
1684
1685 if (type) {
1686 if (gtype->type && gtype->type != type) {
1687 dev_warn(dev, "Device needs domain type %s, but device %s in the same iommu group requires type %s - using default\n",
1688 iommu_domain_type_str(type),
1689 dev_name(gtype->dev),
1690 iommu_domain_type_str(gtype->type));
1691 gtype->type = 0;
1692 }
1693
1694 if (!gtype->dev) {
1695 gtype->dev = dev;
1696 gtype->type = type;
1697 }
1698 }
1699
1700 return 0;
1701 }
1702
probe_alloc_default_domain(struct bus_type * bus,struct iommu_group * group)1703 static void probe_alloc_default_domain(struct bus_type *bus,
1704 struct iommu_group *group)
1705 {
1706 struct __group_domain_type gtype;
1707
1708 memset(>ype, 0, sizeof(gtype));
1709
1710 /* Ask for default domain requirements of all devices in the group */
1711 __iommu_group_for_each_dev(group, >ype,
1712 probe_get_default_domain_type);
1713
1714 if (!gtype.type)
1715 gtype.type = iommu_def_domain_type;
1716
1717 iommu_group_alloc_default_domain(bus, group, gtype.type);
1718
1719 }
1720
iommu_group_do_dma_attach(struct device * dev,void * data)1721 static int iommu_group_do_dma_attach(struct device *dev, void *data)
1722 {
1723 struct iommu_domain *domain = data;
1724 int ret = 0;
1725
1726 if (!iommu_is_attach_deferred(domain, dev))
1727 ret = __iommu_attach_device(domain, dev);
1728
1729 return ret;
1730 }
1731
__iommu_group_dma_attach(struct iommu_group * group)1732 static int __iommu_group_dma_attach(struct iommu_group *group)
1733 {
1734 return __iommu_group_for_each_dev(group, group->default_domain,
1735 iommu_group_do_dma_attach);
1736 }
1737
iommu_group_do_probe_finalize(struct device * dev,void * data)1738 static int iommu_group_do_probe_finalize(struct device *dev, void *data)
1739 {
1740 struct iommu_domain *domain = data;
1741
1742 if (domain->ops->probe_finalize)
1743 domain->ops->probe_finalize(dev);
1744
1745 return 0;
1746 }
1747
__iommu_group_dma_finalize(struct iommu_group * group)1748 static void __iommu_group_dma_finalize(struct iommu_group *group)
1749 {
1750 __iommu_group_for_each_dev(group, group->default_domain,
1751 iommu_group_do_probe_finalize);
1752 }
1753
iommu_do_create_direct_mappings(struct device * dev,void * data)1754 static int iommu_do_create_direct_mappings(struct device *dev, void *data)
1755 {
1756 struct iommu_group *group = data;
1757
1758 iommu_create_device_direct_mappings(group, dev);
1759
1760 return 0;
1761 }
1762
iommu_group_create_direct_mappings(struct iommu_group * group)1763 static int iommu_group_create_direct_mappings(struct iommu_group *group)
1764 {
1765 return __iommu_group_for_each_dev(group, group,
1766 iommu_do_create_direct_mappings);
1767 }
1768
bus_iommu_probe(struct bus_type * bus)1769 int bus_iommu_probe(struct bus_type *bus)
1770 {
1771 struct iommu_group *group, *next;
1772 LIST_HEAD(group_list);
1773 int ret;
1774
1775 /*
1776 * This code-path does not allocate the default domain when
1777 * creating the iommu group, so do it after the groups are
1778 * created.
1779 */
1780 ret = bus_for_each_dev(bus, NULL, &group_list, probe_iommu_group);
1781 if (ret)
1782 return ret;
1783
1784 list_for_each_entry_safe(group, next, &group_list, entry) {
1785 mutex_lock(&group->mutex);
1786
1787 /* Remove item from the list */
1788 list_del_init(&group->entry);
1789
1790 /* Try to allocate default domain */
1791 probe_alloc_default_domain(bus, group);
1792
1793 if (!group->default_domain) {
1794 mutex_unlock(&group->mutex);
1795 continue;
1796 }
1797
1798 iommu_group_create_direct_mappings(group);
1799
1800 ret = __iommu_group_dma_attach(group);
1801
1802 mutex_unlock(&group->mutex);
1803
1804 if (ret)
1805 break;
1806
1807 __iommu_group_dma_finalize(group);
1808 }
1809
1810 return ret;
1811 }
1812
iommu_bus_init(struct bus_type * bus,const struct iommu_ops * ops)1813 static int iommu_bus_init(struct bus_type *bus, const struct iommu_ops *ops)
1814 {
1815 struct notifier_block *nb;
1816 int err;
1817
1818 nb = kzalloc(sizeof(struct notifier_block), GFP_KERNEL);
1819 if (!nb)
1820 return -ENOMEM;
1821
1822 nb->notifier_call = iommu_bus_notifier;
1823
1824 err = bus_register_notifier(bus, nb);
1825 if (err)
1826 goto out_free;
1827
1828 err = bus_iommu_probe(bus);
1829 if (err)
1830 goto out_err;
1831
1832
1833 return 0;
1834
1835 out_err:
1836 /* Clean up */
1837 bus_for_each_dev(bus, NULL, NULL, remove_iommu_group);
1838 bus_unregister_notifier(bus, nb);
1839
1840 out_free:
1841 kfree(nb);
1842
1843 return err;
1844 }
1845
1846 /**
1847 * bus_set_iommu - set iommu-callbacks for the bus
1848 * @bus: bus.
1849 * @ops: the callbacks provided by the iommu-driver
1850 *
1851 * This function is called by an iommu driver to set the iommu methods
1852 * used for a particular bus. Drivers for devices on that bus can use
1853 * the iommu-api after these ops are registered.
1854 * This special function is needed because IOMMUs are usually devices on
1855 * the bus itself, so the iommu drivers are not initialized when the bus
1856 * is set up. With this function the iommu-driver can set the iommu-ops
1857 * afterwards.
1858 */
bus_set_iommu(struct bus_type * bus,const struct iommu_ops * ops)1859 int bus_set_iommu(struct bus_type *bus, const struct iommu_ops *ops)
1860 {
1861 int err;
1862
1863 if (ops == NULL) {
1864 bus->iommu_ops = NULL;
1865 return 0;
1866 }
1867
1868 if (bus->iommu_ops != NULL)
1869 return -EBUSY;
1870
1871 bus->iommu_ops = ops;
1872
1873 /* Do IOMMU specific setup for this bus-type */
1874 err = iommu_bus_init(bus, ops);
1875 if (err)
1876 bus->iommu_ops = NULL;
1877
1878 return err;
1879 }
1880 EXPORT_SYMBOL_GPL(bus_set_iommu);
1881
iommu_present(struct bus_type * bus)1882 bool iommu_present(struct bus_type *bus)
1883 {
1884 return bus->iommu_ops != NULL;
1885 }
1886 EXPORT_SYMBOL_GPL(iommu_present);
1887
iommu_capable(struct bus_type * bus,enum iommu_cap cap)1888 bool iommu_capable(struct bus_type *bus, enum iommu_cap cap)
1889 {
1890 if (!bus->iommu_ops || !bus->iommu_ops->capable)
1891 return false;
1892
1893 return bus->iommu_ops->capable(cap);
1894 }
1895 EXPORT_SYMBOL_GPL(iommu_capable);
1896
1897 /**
1898 * iommu_set_fault_handler() - set a fault handler for an iommu domain
1899 * @domain: iommu domain
1900 * @handler: fault handler
1901 * @token: user data, will be passed back to the fault handler
1902 *
1903 * This function should be used by IOMMU users which want to be notified
1904 * whenever an IOMMU fault happens.
1905 *
1906 * The fault handler itself should return 0 on success, and an appropriate
1907 * error code otherwise.
1908 */
iommu_set_fault_handler(struct iommu_domain * domain,iommu_fault_handler_t handler,void * token)1909 void iommu_set_fault_handler(struct iommu_domain *domain,
1910 iommu_fault_handler_t handler,
1911 void *token)
1912 {
1913 BUG_ON(!domain);
1914
1915 domain->handler = handler;
1916 domain->handler_token = token;
1917 }
1918 EXPORT_SYMBOL_GPL(iommu_set_fault_handler);
1919
__iommu_domain_alloc(struct bus_type * bus,unsigned type)1920 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
1921 unsigned type)
1922 {
1923 struct iommu_domain *domain;
1924
1925 if (bus == NULL || bus->iommu_ops == NULL)
1926 return NULL;
1927
1928 domain = bus->iommu_ops->domain_alloc(type);
1929 if (!domain)
1930 return NULL;
1931
1932 domain->ops = bus->iommu_ops;
1933 domain->type = type;
1934 /* Assume all sizes by default; the driver may override this later */
1935 domain->pgsize_bitmap = bus->iommu_ops->pgsize_bitmap;
1936
1937 return domain;
1938 }
1939
iommu_domain_alloc(struct bus_type * bus)1940 struct iommu_domain *iommu_domain_alloc(struct bus_type *bus)
1941 {
1942 return __iommu_domain_alloc(bus, IOMMU_DOMAIN_UNMANAGED);
1943 }
1944 EXPORT_SYMBOL_GPL(iommu_domain_alloc);
1945
iommu_domain_free(struct iommu_domain * domain)1946 void iommu_domain_free(struct iommu_domain *domain)
1947 {
1948 domain->ops->domain_free(domain);
1949 }
1950 EXPORT_SYMBOL_GPL(iommu_domain_free);
1951
__iommu_attach_device(struct iommu_domain * domain,struct device * dev)1952 static int __iommu_attach_device(struct iommu_domain *domain,
1953 struct device *dev)
1954 {
1955 int ret;
1956
1957 if (unlikely(domain->ops->attach_dev == NULL))
1958 return -ENODEV;
1959
1960 ret = domain->ops->attach_dev(domain, dev);
1961 if (!ret)
1962 trace_attach_device_to_domain(dev);
1963 return ret;
1964 }
1965
iommu_attach_device(struct iommu_domain * domain,struct device * dev)1966 int iommu_attach_device(struct iommu_domain *domain, struct device *dev)
1967 {
1968 struct iommu_group *group;
1969 int ret;
1970
1971 group = iommu_group_get(dev);
1972 if (!group)
1973 return -ENODEV;
1974
1975 /*
1976 * Lock the group to make sure the device-count doesn't
1977 * change while we are attaching
1978 */
1979 mutex_lock(&group->mutex);
1980 ret = -EINVAL;
1981 if (iommu_group_device_count(group) != 1)
1982 goto out_unlock;
1983
1984 ret = __iommu_attach_group(domain, group);
1985
1986 out_unlock:
1987 mutex_unlock(&group->mutex);
1988 iommu_group_put(group);
1989
1990 return ret;
1991 }
1992 EXPORT_SYMBOL_GPL(iommu_attach_device);
1993
1994 /*
1995 * Check flags and other user provided data for valid combinations. We also
1996 * make sure no reserved fields or unused flags are set. This is to ensure
1997 * not breaking userspace in the future when these fields or flags are used.
1998 */
iommu_check_cache_invl_data(struct iommu_cache_invalidate_info * info)1999 static int iommu_check_cache_invl_data(struct iommu_cache_invalidate_info *info)
2000 {
2001 u32 mask;
2002 int i;
2003
2004 if (info->version != IOMMU_CACHE_INVALIDATE_INFO_VERSION_1)
2005 return -EINVAL;
2006
2007 mask = (1 << IOMMU_CACHE_INV_TYPE_NR) - 1;
2008 if (info->cache & ~mask)
2009 return -EINVAL;
2010
2011 if (info->granularity >= IOMMU_INV_GRANU_NR)
2012 return -EINVAL;
2013
2014 switch (info->granularity) {
2015 case IOMMU_INV_GRANU_ADDR:
2016 if (info->cache & IOMMU_CACHE_INV_TYPE_PASID)
2017 return -EINVAL;
2018
2019 mask = IOMMU_INV_ADDR_FLAGS_PASID |
2020 IOMMU_INV_ADDR_FLAGS_ARCHID |
2021 IOMMU_INV_ADDR_FLAGS_LEAF;
2022
2023 if (info->granu.addr_info.flags & ~mask)
2024 return -EINVAL;
2025 break;
2026 case IOMMU_INV_GRANU_PASID:
2027 mask = IOMMU_INV_PASID_FLAGS_PASID |
2028 IOMMU_INV_PASID_FLAGS_ARCHID;
2029 if (info->granu.pasid_info.flags & ~mask)
2030 return -EINVAL;
2031
2032 break;
2033 case IOMMU_INV_GRANU_DOMAIN:
2034 if (info->cache & IOMMU_CACHE_INV_TYPE_DEV_IOTLB)
2035 return -EINVAL;
2036 break;
2037 default:
2038 return -EINVAL;
2039 }
2040
2041 /* Check reserved padding fields */
2042 for (i = 0; i < sizeof(info->padding); i++) {
2043 if (info->padding[i])
2044 return -EINVAL;
2045 }
2046
2047 return 0;
2048 }
2049
iommu_uapi_cache_invalidate(struct iommu_domain * domain,struct device * dev,void __user * uinfo)2050 int iommu_uapi_cache_invalidate(struct iommu_domain *domain, struct device *dev,
2051 void __user *uinfo)
2052 {
2053 struct iommu_cache_invalidate_info inv_info = { 0 };
2054 u32 minsz;
2055 int ret;
2056
2057 if (unlikely(!domain->ops->cache_invalidate))
2058 return -ENODEV;
2059
2060 /*
2061 * No new spaces can be added before the variable sized union, the
2062 * minimum size is the offset to the union.
2063 */
2064 minsz = offsetof(struct iommu_cache_invalidate_info, granu);
2065
2066 /* Copy minsz from user to get flags and argsz */
2067 if (copy_from_user(&inv_info, uinfo, minsz))
2068 return -EFAULT;
2069
2070 /* Fields before the variable size union are mandatory */
2071 if (inv_info.argsz < minsz)
2072 return -EINVAL;
2073
2074 /* PASID and address granu require additional info beyond minsz */
2075 if (inv_info.granularity == IOMMU_INV_GRANU_PASID &&
2076 inv_info.argsz < offsetofend(struct iommu_cache_invalidate_info, granu.pasid_info))
2077 return -EINVAL;
2078
2079 if (inv_info.granularity == IOMMU_INV_GRANU_ADDR &&
2080 inv_info.argsz < offsetofend(struct iommu_cache_invalidate_info, granu.addr_info))
2081 return -EINVAL;
2082
2083 /*
2084 * User might be using a newer UAPI header which has a larger data
2085 * size, we shall support the existing flags within the current
2086 * size. Copy the remaining user data _after_ minsz but not more
2087 * than the current kernel supported size.
2088 */
2089 if (copy_from_user((void *)&inv_info + minsz, uinfo + minsz,
2090 min_t(u32, inv_info.argsz, sizeof(inv_info)) - minsz))
2091 return -EFAULT;
2092
2093 /* Now the argsz is validated, check the content */
2094 ret = iommu_check_cache_invl_data(&inv_info);
2095 if (ret)
2096 return ret;
2097
2098 return domain->ops->cache_invalidate(domain, dev, &inv_info);
2099 }
2100 EXPORT_SYMBOL_GPL(iommu_uapi_cache_invalidate);
2101
iommu_check_bind_data(struct iommu_gpasid_bind_data * data)2102 static int iommu_check_bind_data(struct iommu_gpasid_bind_data *data)
2103 {
2104 u64 mask;
2105 int i;
2106
2107 if (data->version != IOMMU_GPASID_BIND_VERSION_1)
2108 return -EINVAL;
2109
2110 /* Check the range of supported formats */
2111 if (data->format >= IOMMU_PASID_FORMAT_LAST)
2112 return -EINVAL;
2113
2114 /* Check all flags */
2115 mask = IOMMU_SVA_GPASID_VAL;
2116 if (data->flags & ~mask)
2117 return -EINVAL;
2118
2119 /* Check reserved padding fields */
2120 for (i = 0; i < sizeof(data->padding); i++) {
2121 if (data->padding[i])
2122 return -EINVAL;
2123 }
2124
2125 return 0;
2126 }
2127
iommu_sva_prepare_bind_data(void __user * udata,struct iommu_gpasid_bind_data * data)2128 static int iommu_sva_prepare_bind_data(void __user *udata,
2129 struct iommu_gpasid_bind_data *data)
2130 {
2131 u32 minsz;
2132
2133 /*
2134 * No new spaces can be added before the variable sized union, the
2135 * minimum size is the offset to the union.
2136 */
2137 minsz = offsetof(struct iommu_gpasid_bind_data, vendor);
2138
2139 /* Copy minsz from user to get flags and argsz */
2140 if (copy_from_user(data, udata, minsz))
2141 return -EFAULT;
2142
2143 /* Fields before the variable size union are mandatory */
2144 if (data->argsz < minsz)
2145 return -EINVAL;
2146 /*
2147 * User might be using a newer UAPI header, we shall let IOMMU vendor
2148 * driver decide on what size it needs. Since the guest PASID bind data
2149 * can be vendor specific, larger argsz could be the result of extension
2150 * for one vendor but it should not affect another vendor.
2151 * Copy the remaining user data _after_ minsz
2152 */
2153 if (copy_from_user((void *)data + minsz, udata + minsz,
2154 min_t(u32, data->argsz, sizeof(*data)) - minsz))
2155 return -EFAULT;
2156
2157 return iommu_check_bind_data(data);
2158 }
2159
iommu_uapi_sva_bind_gpasid(struct iommu_domain * domain,struct device * dev,void __user * udata)2160 int iommu_uapi_sva_bind_gpasid(struct iommu_domain *domain, struct device *dev,
2161 void __user *udata)
2162 {
2163 struct iommu_gpasid_bind_data data = { 0 };
2164 int ret;
2165
2166 if (unlikely(!domain->ops->sva_bind_gpasid))
2167 return -ENODEV;
2168
2169 ret = iommu_sva_prepare_bind_data(udata, &data);
2170 if (ret)
2171 return ret;
2172
2173 return domain->ops->sva_bind_gpasid(domain, dev, &data);
2174 }
2175 EXPORT_SYMBOL_GPL(iommu_uapi_sva_bind_gpasid);
2176
iommu_sva_unbind_gpasid(struct iommu_domain * domain,struct device * dev,ioasid_t pasid)2177 int iommu_sva_unbind_gpasid(struct iommu_domain *domain, struct device *dev,
2178 ioasid_t pasid)
2179 {
2180 if (unlikely(!domain->ops->sva_unbind_gpasid))
2181 return -ENODEV;
2182
2183 return domain->ops->sva_unbind_gpasid(dev, pasid);
2184 }
2185 EXPORT_SYMBOL_GPL(iommu_sva_unbind_gpasid);
2186
iommu_uapi_sva_unbind_gpasid(struct iommu_domain * domain,struct device * dev,void __user * udata)2187 int iommu_uapi_sva_unbind_gpasid(struct iommu_domain *domain, struct device *dev,
2188 void __user *udata)
2189 {
2190 struct iommu_gpasid_bind_data data = { 0 };
2191 int ret;
2192
2193 if (unlikely(!domain->ops->sva_bind_gpasid))
2194 return -ENODEV;
2195
2196 ret = iommu_sva_prepare_bind_data(udata, &data);
2197 if (ret)
2198 return ret;
2199
2200 return iommu_sva_unbind_gpasid(domain, dev, data.hpasid);
2201 }
2202 EXPORT_SYMBOL_GPL(iommu_uapi_sva_unbind_gpasid);
2203
__iommu_detach_device(struct iommu_domain * domain,struct device * dev)2204 static void __iommu_detach_device(struct iommu_domain *domain,
2205 struct device *dev)
2206 {
2207 if (iommu_is_attach_deferred(domain, dev))
2208 return;
2209
2210 if (unlikely(domain->ops->detach_dev == NULL))
2211 return;
2212
2213 domain->ops->detach_dev(domain, dev);
2214 trace_detach_device_from_domain(dev);
2215 }
2216
iommu_detach_device(struct iommu_domain * domain,struct device * dev)2217 void iommu_detach_device(struct iommu_domain *domain, struct device *dev)
2218 {
2219 struct iommu_group *group;
2220
2221 group = iommu_group_get(dev);
2222 if (!group)
2223 return;
2224
2225 mutex_lock(&group->mutex);
2226 if (iommu_group_device_count(group) != 1) {
2227 WARN_ON(1);
2228 goto out_unlock;
2229 }
2230
2231 __iommu_detach_group(domain, group);
2232
2233 out_unlock:
2234 mutex_unlock(&group->mutex);
2235 iommu_group_put(group);
2236 }
2237 EXPORT_SYMBOL_GPL(iommu_detach_device);
2238
iommu_get_domain_for_dev(struct device * dev)2239 struct iommu_domain *iommu_get_domain_for_dev(struct device *dev)
2240 {
2241 struct iommu_domain *domain;
2242 struct iommu_group *group;
2243
2244 group = iommu_group_get(dev);
2245 if (!group)
2246 return NULL;
2247
2248 domain = group->domain;
2249
2250 iommu_group_put(group);
2251
2252 return domain;
2253 }
2254 EXPORT_SYMBOL_GPL(iommu_get_domain_for_dev);
2255
2256 /*
2257 * For IOMMU_DOMAIN_DMA implementations which already provide their own
2258 * guarantees that the group and its default domain are valid and correct.
2259 */
iommu_get_dma_domain(struct device * dev)2260 struct iommu_domain *iommu_get_dma_domain(struct device *dev)
2261 {
2262 return dev->iommu_group->default_domain;
2263 }
2264
2265 /*
2266 * IOMMU groups are really the natural working unit of the IOMMU, but
2267 * the IOMMU API works on domains and devices. Bridge that gap by
2268 * iterating over the devices in a group. Ideally we'd have a single
2269 * device which represents the requestor ID of the group, but we also
2270 * allow IOMMU drivers to create policy defined minimum sets, where
2271 * the physical hardware may be able to distiguish members, but we
2272 * wish to group them at a higher level (ex. untrusted multi-function
2273 * PCI devices). Thus we attach each device.
2274 */
iommu_group_do_attach_device(struct device * dev,void * data)2275 static int iommu_group_do_attach_device(struct device *dev, void *data)
2276 {
2277 struct iommu_domain *domain = data;
2278
2279 return __iommu_attach_device(domain, dev);
2280 }
2281
__iommu_attach_group(struct iommu_domain * domain,struct iommu_group * group)2282 static int __iommu_attach_group(struct iommu_domain *domain,
2283 struct iommu_group *group)
2284 {
2285 int ret;
2286
2287 if (group->default_domain && group->domain != group->default_domain)
2288 return -EBUSY;
2289
2290 ret = __iommu_group_for_each_dev(group, domain,
2291 iommu_group_do_attach_device);
2292 if (ret == 0)
2293 group->domain = domain;
2294
2295 return ret;
2296 }
2297
iommu_attach_group(struct iommu_domain * domain,struct iommu_group * group)2298 int iommu_attach_group(struct iommu_domain *domain, struct iommu_group *group)
2299 {
2300 int ret;
2301
2302 mutex_lock(&group->mutex);
2303 ret = __iommu_attach_group(domain, group);
2304 mutex_unlock(&group->mutex);
2305
2306 return ret;
2307 }
2308 EXPORT_SYMBOL_GPL(iommu_attach_group);
2309
iommu_group_do_detach_device(struct device * dev,void * data)2310 static int iommu_group_do_detach_device(struct device *dev, void *data)
2311 {
2312 struct iommu_domain *domain = data;
2313
2314 __iommu_detach_device(domain, dev);
2315
2316 return 0;
2317 }
2318
__iommu_detach_group(struct iommu_domain * domain,struct iommu_group * group)2319 static void __iommu_detach_group(struct iommu_domain *domain,
2320 struct iommu_group *group)
2321 {
2322 int ret;
2323
2324 if (!group->default_domain) {
2325 __iommu_group_for_each_dev(group, domain,
2326 iommu_group_do_detach_device);
2327 group->domain = NULL;
2328 return;
2329 }
2330
2331 if (group->domain == group->default_domain)
2332 return;
2333
2334 /* Detach by re-attaching to the default domain */
2335 ret = __iommu_group_for_each_dev(group, group->default_domain,
2336 iommu_group_do_attach_device);
2337 if (ret != 0)
2338 WARN_ON(1);
2339 else
2340 group->domain = group->default_domain;
2341 }
2342
iommu_detach_group(struct iommu_domain * domain,struct iommu_group * group)2343 void iommu_detach_group(struct iommu_domain *domain, struct iommu_group *group)
2344 {
2345 mutex_lock(&group->mutex);
2346 __iommu_detach_group(domain, group);
2347 mutex_unlock(&group->mutex);
2348 }
2349 EXPORT_SYMBOL_GPL(iommu_detach_group);
2350
iommu_iova_to_phys(struct iommu_domain * domain,dma_addr_t iova)2351 phys_addr_t iommu_iova_to_phys(struct iommu_domain *domain, dma_addr_t iova)
2352 {
2353 if (unlikely(domain->ops->iova_to_phys == NULL))
2354 return 0;
2355
2356 return domain->ops->iova_to_phys(domain, iova);
2357 }
2358 EXPORT_SYMBOL_GPL(iommu_iova_to_phys);
2359
iommu_pgsize(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,size_t * count)2360 static size_t iommu_pgsize(struct iommu_domain *domain, unsigned long iova,
2361 phys_addr_t paddr, size_t size, size_t *count)
2362 {
2363 unsigned int pgsize_idx, pgsize_idx_next;
2364 unsigned long pgsizes;
2365 size_t offset, pgsize, pgsize_next;
2366 unsigned long addr_merge = paddr | iova;
2367
2368 /* Page sizes supported by the hardware and small enough for @size */
2369 pgsizes = domain->pgsize_bitmap & GENMASK(__fls(size), 0);
2370
2371 /* Constrain the page sizes further based on the maximum alignment */
2372 if (likely(addr_merge))
2373 pgsizes &= GENMASK(__ffs(addr_merge), 0);
2374
2375 /* Make sure we have at least one suitable page size */
2376 BUG_ON(!pgsizes);
2377
2378 /* Pick the biggest page size remaining */
2379 pgsize_idx = __fls(pgsizes);
2380 pgsize = BIT(pgsize_idx);
2381 if (!count)
2382 return pgsize;
2383
2384
2385 /* Find the next biggest support page size, if it exists */
2386 pgsizes = domain->pgsize_bitmap & ~GENMASK(pgsize_idx, 0);
2387 if (!pgsizes)
2388 goto out_set_count;
2389
2390 pgsize_idx_next = __ffs(pgsizes);
2391 pgsize_next = BIT(pgsize_idx_next);
2392
2393 /*
2394 * There's no point trying a bigger page size unless the virtual
2395 * and physical addresses are similarly offset within the larger page.
2396 */
2397 if ((iova ^ paddr) & (pgsize_next - 1))
2398 goto out_set_count;
2399
2400 /* Calculate the offset to the next page size alignment boundary */
2401 offset = pgsize_next - (addr_merge & (pgsize_next - 1));
2402
2403 /*
2404 * If size is big enough to accommodate the larger page, reduce
2405 * the number of smaller pages.
2406 */
2407 if (offset + pgsize_next <= size)
2408 size = offset;
2409
2410 out_set_count:
2411 *count = size >> pgsize_idx;
2412 return pgsize;
2413 }
2414
__iommu_map_pages(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot,gfp_t gfp,size_t * mapped)2415 static int __iommu_map_pages(struct iommu_domain *domain, unsigned long iova,
2416 phys_addr_t paddr, size_t size, int prot,
2417 gfp_t gfp, size_t *mapped)
2418 {
2419 const struct iommu_ops *ops = domain->ops;
2420 size_t pgsize, count;
2421 int ret;
2422
2423 pgsize = iommu_pgsize(domain, iova, paddr, size, &count);
2424
2425 pr_debug("mapping: iova 0x%lx pa %pa pgsize 0x%zx count %zu\n",
2426 iova, &paddr, pgsize, count);
2427
2428 if (ops->map_pages) {
2429 ret = ops->map_pages(domain, iova, paddr, pgsize, count, prot,
2430 gfp, mapped);
2431 } else {
2432 ret = ops->map(domain, iova, paddr, pgsize, prot, gfp);
2433 *mapped = ret ? 0 : pgsize;
2434 }
2435
2436 return ret;
2437 }
2438
__iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot,gfp_t gfp)2439 static int __iommu_map(struct iommu_domain *domain, unsigned long iova,
2440 phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
2441 {
2442 const struct iommu_ops *ops = domain->ops;
2443 unsigned long orig_iova = iova;
2444 unsigned int min_pagesz;
2445 size_t orig_size = size;
2446 phys_addr_t orig_paddr = paddr;
2447 int ret = 0;
2448
2449 if (unlikely(!(ops->map || ops->map_pages) ||
2450 domain->pgsize_bitmap == 0UL))
2451 return -ENODEV;
2452
2453 if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
2454 return -EINVAL;
2455
2456 /* find out the minimum page size supported */
2457 min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
2458
2459 /*
2460 * both the virtual address and the physical one, as well as
2461 * the size of the mapping, must be aligned (at least) to the
2462 * size of the smallest page supported by the hardware
2463 */
2464 if (!IS_ALIGNED(iova | paddr | size, min_pagesz)) {
2465 pr_err("unaligned: iova 0x%lx pa %pa size 0x%zx min_pagesz 0x%x\n",
2466 iova, &paddr, size, min_pagesz);
2467 return -EINVAL;
2468 }
2469
2470 pr_debug("map: iova 0x%lx pa %pa size 0x%zx\n", iova, &paddr, size);
2471
2472 while (size) {
2473 size_t mapped = 0;
2474
2475 ret = __iommu_map_pages(domain, iova, paddr, size, prot, gfp,
2476 &mapped);
2477 /*
2478 * Some pages may have been mapped, even if an error occurred,
2479 * so we should account for those so they can be unmapped.
2480 */
2481 size -= mapped;
2482
2483 if (ret)
2484 break;
2485
2486 iova += mapped;
2487 paddr += mapped;
2488 }
2489
2490 /* unroll mapping in case something went wrong */
2491 if (ret)
2492 iommu_unmap(domain, orig_iova, orig_size - size);
2493 else
2494 trace_map(orig_iova, orig_paddr, orig_size);
2495
2496 return ret;
2497 }
2498
_iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot,gfp_t gfp)2499 static int _iommu_map(struct iommu_domain *domain, unsigned long iova,
2500 phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
2501 {
2502 const struct iommu_ops *ops = domain->ops;
2503 int ret;
2504
2505 ret = __iommu_map(domain, iova, paddr, size, prot, gfp);
2506 if (ret == 0 && ops->iotlb_sync_map)
2507 ops->iotlb_sync_map(domain, iova, size);
2508
2509 return ret;
2510 }
2511
iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot)2512 int iommu_map(struct iommu_domain *domain, unsigned long iova,
2513 phys_addr_t paddr, size_t size, int prot)
2514 {
2515 might_sleep();
2516 return _iommu_map(domain, iova, paddr, size, prot, GFP_KERNEL);
2517 }
2518 EXPORT_SYMBOL_GPL(iommu_map);
2519
iommu_map_atomic(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t size,int prot)2520 int iommu_map_atomic(struct iommu_domain *domain, unsigned long iova,
2521 phys_addr_t paddr, size_t size, int prot)
2522 {
2523 return _iommu_map(domain, iova, paddr, size, prot, GFP_ATOMIC);
2524 }
2525 EXPORT_SYMBOL_GPL(iommu_map_atomic);
2526
__iommu_unmap_pages(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2527 static size_t __iommu_unmap_pages(struct iommu_domain *domain,
2528 unsigned long iova, size_t size,
2529 struct iommu_iotlb_gather *iotlb_gather)
2530 {
2531 const struct iommu_ops *ops = domain->ops;
2532 size_t pgsize, count;
2533
2534 pgsize = iommu_pgsize(domain, iova, iova, size, &count);
2535 return ops->unmap_pages ?
2536 ops->unmap_pages(domain, iova, pgsize, count, iotlb_gather) :
2537 ops->unmap(domain, iova, pgsize, iotlb_gather);
2538 }
2539
__iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2540 static size_t __iommu_unmap(struct iommu_domain *domain,
2541 unsigned long iova, size_t size,
2542 struct iommu_iotlb_gather *iotlb_gather)
2543 {
2544 const struct iommu_ops *ops = domain->ops;
2545 size_t unmapped_page, unmapped = 0;
2546 unsigned long orig_iova = iova;
2547 unsigned int min_pagesz;
2548
2549 if (unlikely(!(ops->unmap || ops->unmap_pages) ||
2550 domain->pgsize_bitmap == 0UL))
2551 return 0;
2552
2553 if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
2554 return 0;
2555
2556 /* find out the minimum page size supported */
2557 min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
2558
2559 /*
2560 * The virtual address, as well as the size of the mapping, must be
2561 * aligned (at least) to the size of the smallest page supported
2562 * by the hardware
2563 */
2564 if (!IS_ALIGNED(iova | size, min_pagesz)) {
2565 pr_err("unaligned: iova 0x%lx size 0x%zx min_pagesz 0x%x\n",
2566 iova, size, min_pagesz);
2567 return 0;
2568 }
2569
2570 pr_debug("unmap this: iova 0x%lx size 0x%zx\n", iova, size);
2571
2572 /*
2573 * Keep iterating until we either unmap 'size' bytes (or more)
2574 * or we hit an area that isn't mapped.
2575 */
2576 while (unmapped < size) {
2577 unmapped_page = __iommu_unmap_pages(domain, iova,
2578 size - unmapped,
2579 iotlb_gather);
2580 if (!unmapped_page)
2581 break;
2582
2583 pr_debug("unmapped: iova 0x%lx size 0x%zx\n",
2584 iova, unmapped_page);
2585
2586 iova += unmapped_page;
2587 unmapped += unmapped_page;
2588 }
2589
2590 trace_unmap(orig_iova, size, unmapped);
2591 return unmapped;
2592 }
2593
iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t size)2594 size_t iommu_unmap(struct iommu_domain *domain,
2595 unsigned long iova, size_t size)
2596 {
2597 struct iommu_iotlb_gather iotlb_gather;
2598 size_t ret;
2599
2600 iommu_iotlb_gather_init(&iotlb_gather);
2601 ret = __iommu_unmap(domain, iova, size, &iotlb_gather);
2602 iommu_iotlb_sync(domain, &iotlb_gather);
2603
2604 return ret;
2605 }
2606 EXPORT_SYMBOL_GPL(iommu_unmap);
2607
iommu_unmap_fast(struct iommu_domain * domain,unsigned long iova,size_t size,struct iommu_iotlb_gather * iotlb_gather)2608 size_t iommu_unmap_fast(struct iommu_domain *domain,
2609 unsigned long iova, size_t size,
2610 struct iommu_iotlb_gather *iotlb_gather)
2611 {
2612 return __iommu_unmap(domain, iova, size, iotlb_gather);
2613 }
2614 EXPORT_SYMBOL_GPL(iommu_unmap_fast);
2615
__iommu_map_sg(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot,gfp_t gfp)2616 static size_t __iommu_map_sg(struct iommu_domain *domain, unsigned long iova,
2617 struct scatterlist *sg, unsigned int nents, int prot,
2618 gfp_t gfp)
2619 {
2620 const struct iommu_ops *ops = domain->ops;
2621 size_t len = 0, mapped = 0;
2622 phys_addr_t start;
2623 unsigned int i = 0;
2624 int ret;
2625
2626 if (ops->map_sg) {
2627 ret = ops->map_sg(domain, iova, sg, nents, prot, gfp, &mapped);
2628
2629 if (ops->iotlb_sync_map)
2630 ops->iotlb_sync_map(domain, iova, mapped);
2631
2632 if (ret)
2633 goto out_err;
2634
2635 return mapped;
2636 }
2637
2638 while (i <= nents) {
2639 phys_addr_t s_phys = sg_phys(sg);
2640
2641 if (len && s_phys != start + len) {
2642 ret = __iommu_map(domain, iova + mapped, start,
2643 len, prot, gfp);
2644
2645 if (ret)
2646 goto out_err;
2647
2648 mapped += len;
2649 len = 0;
2650 }
2651
2652 if (len) {
2653 len += sg->length;
2654 } else {
2655 len = sg->length;
2656 start = s_phys;
2657 }
2658
2659 if (++i < nents)
2660 sg = sg_next(sg);
2661 }
2662
2663 if (ops->iotlb_sync_map)
2664 ops->iotlb_sync_map(domain, iova, mapped);
2665 return mapped;
2666
2667 out_err:
2668 /* undo mappings already done */
2669 iommu_unmap(domain, iova, mapped);
2670
2671 return 0;
2672
2673 }
2674
iommu_map_sg(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot)2675 size_t iommu_map_sg(struct iommu_domain *domain, unsigned long iova,
2676 struct scatterlist *sg, unsigned int nents, int prot)
2677 {
2678 might_sleep();
2679 return __iommu_map_sg(domain, iova, sg, nents, prot, GFP_KERNEL);
2680 }
2681 EXPORT_SYMBOL_GPL(iommu_map_sg);
2682
iommu_map_sg_atomic(struct iommu_domain * domain,unsigned long iova,struct scatterlist * sg,unsigned int nents,int prot)2683 size_t iommu_map_sg_atomic(struct iommu_domain *domain, unsigned long iova,
2684 struct scatterlist *sg, unsigned int nents, int prot)
2685 {
2686 return __iommu_map_sg(domain, iova, sg, nents, prot, GFP_ATOMIC);
2687 }
2688 EXPORT_SYMBOL_GPL(iommu_map_sg_atomic);
2689
iommu_domain_window_enable(struct iommu_domain * domain,u32 wnd_nr,phys_addr_t paddr,u64 size,int prot)2690 int iommu_domain_window_enable(struct iommu_domain *domain, u32 wnd_nr,
2691 phys_addr_t paddr, u64 size, int prot)
2692 {
2693 if (unlikely(domain->ops->domain_window_enable == NULL))
2694 return -ENODEV;
2695
2696 return domain->ops->domain_window_enable(domain, wnd_nr, paddr, size,
2697 prot);
2698 }
2699 EXPORT_SYMBOL_GPL(iommu_domain_window_enable);
2700
iommu_domain_window_disable(struct iommu_domain * domain,u32 wnd_nr)2701 void iommu_domain_window_disable(struct iommu_domain *domain, u32 wnd_nr)
2702 {
2703 if (unlikely(domain->ops->domain_window_disable == NULL))
2704 return;
2705
2706 return domain->ops->domain_window_disable(domain, wnd_nr);
2707 }
2708 EXPORT_SYMBOL_GPL(iommu_domain_window_disable);
2709
2710 /**
2711 * report_iommu_fault() - report about an IOMMU fault to the IOMMU framework
2712 * @domain: the iommu domain where the fault has happened
2713 * @dev: the device where the fault has happened
2714 * @iova: the faulting address
2715 * @flags: mmu fault flags (e.g. IOMMU_FAULT_READ/IOMMU_FAULT_WRITE/...)
2716 *
2717 * This function should be called by the low-level IOMMU implementations
2718 * whenever IOMMU faults happen, to allow high-level users, that are
2719 * interested in such events, to know about them.
2720 *
2721 * This event may be useful for several possible use cases:
2722 * - mere logging of the event
2723 * - dynamic TLB/PTE loading
2724 * - if restarting of the faulting device is required
2725 *
2726 * Returns 0 on success and an appropriate error code otherwise (if dynamic
2727 * PTE/TLB loading will one day be supported, implementations will be able
2728 * to tell whether it succeeded or not according to this return value).
2729 *
2730 * Specifically, -ENOSYS is returned if a fault handler isn't installed
2731 * (though fault handlers can also return -ENOSYS, in case they want to
2732 * elicit the default behavior of the IOMMU drivers).
2733 */
report_iommu_fault(struct iommu_domain * domain,struct device * dev,unsigned long iova,int flags)2734 int report_iommu_fault(struct iommu_domain *domain, struct device *dev,
2735 unsigned long iova, int flags)
2736 {
2737 int ret = -ENOSYS;
2738
2739 /*
2740 * if upper layers showed interest and installed a fault handler,
2741 * invoke it.
2742 */
2743 if (domain->handler)
2744 ret = domain->handler(domain, dev, iova, flags,
2745 domain->handler_token);
2746
2747 trace_io_page_fault(dev, iova, flags);
2748 return ret;
2749 }
2750 EXPORT_SYMBOL_GPL(report_iommu_fault);
2751
iommu_init(void)2752 static int __init iommu_init(void)
2753 {
2754 iommu_group_kset = kset_create_and_add("iommu_groups",
2755 NULL, kernel_kobj);
2756 BUG_ON(!iommu_group_kset);
2757
2758 iommu_debugfs_setup();
2759
2760 return 0;
2761 }
2762 core_initcall(iommu_init);
2763
iommu_domain_get_attr(struct iommu_domain * domain,enum iommu_attr attr,void * data)2764 int iommu_domain_get_attr(struct iommu_domain *domain,
2765 enum iommu_attr attr, void *data)
2766 {
2767 struct iommu_domain_geometry *geometry;
2768 bool *paging;
2769 int ret = 0;
2770
2771 switch (attr) {
2772 case DOMAIN_ATTR_GEOMETRY:
2773 geometry = data;
2774 *geometry = domain->geometry;
2775
2776 break;
2777 case DOMAIN_ATTR_PAGING:
2778 paging = data;
2779 *paging = (domain->pgsize_bitmap != 0UL);
2780 break;
2781 default:
2782 if (!domain->ops->domain_get_attr)
2783 return -EINVAL;
2784
2785 ret = domain->ops->domain_get_attr(domain, attr, data);
2786 }
2787
2788 return ret;
2789 }
2790 EXPORT_SYMBOL_GPL(iommu_domain_get_attr);
2791
iommu_domain_set_attr(struct iommu_domain * domain,enum iommu_attr attr,void * data)2792 int iommu_domain_set_attr(struct iommu_domain *domain,
2793 enum iommu_attr attr, void *data)
2794 {
2795 int ret = 0;
2796
2797 switch (attr) {
2798 default:
2799 if (domain->ops->domain_set_attr == NULL)
2800 return -EINVAL;
2801
2802 ret = domain->ops->domain_set_attr(domain, attr, data);
2803 }
2804
2805 return ret;
2806 }
2807 EXPORT_SYMBOL_GPL(iommu_domain_set_attr);
2808
iommu_get_resv_regions(struct device * dev,struct list_head * list)2809 void iommu_get_resv_regions(struct device *dev, struct list_head *list)
2810 {
2811 const struct iommu_ops *ops = dev->bus->iommu_ops;
2812
2813 if (ops && ops->get_resv_regions)
2814 ops->get_resv_regions(dev, list);
2815 }
2816
iommu_put_resv_regions(struct device * dev,struct list_head * list)2817 void iommu_put_resv_regions(struct device *dev, struct list_head *list)
2818 {
2819 const struct iommu_ops *ops = dev->bus->iommu_ops;
2820
2821 if (ops && ops->put_resv_regions)
2822 ops->put_resv_regions(dev, list);
2823 }
2824
2825 /**
2826 * generic_iommu_put_resv_regions - Reserved region driver helper
2827 * @dev: device for which to free reserved regions
2828 * @list: reserved region list for device
2829 *
2830 * IOMMU drivers can use this to implement their .put_resv_regions() callback
2831 * for simple reservations. Memory allocated for each reserved region will be
2832 * freed. If an IOMMU driver allocates additional resources per region, it is
2833 * going to have to implement a custom callback.
2834 */
generic_iommu_put_resv_regions(struct device * dev,struct list_head * list)2835 void generic_iommu_put_resv_regions(struct device *dev, struct list_head *list)
2836 {
2837 struct iommu_resv_region *entry, *next;
2838
2839 list_for_each_entry_safe(entry, next, list, list)
2840 kfree(entry);
2841 }
2842 EXPORT_SYMBOL(generic_iommu_put_resv_regions);
2843
iommu_alloc_resv_region(phys_addr_t start,size_t length,int prot,enum iommu_resv_type type)2844 struct iommu_resv_region *iommu_alloc_resv_region(phys_addr_t start,
2845 size_t length, int prot,
2846 enum iommu_resv_type type)
2847 {
2848 struct iommu_resv_region *region;
2849
2850 region = kzalloc(sizeof(*region), GFP_KERNEL);
2851 if (!region)
2852 return NULL;
2853
2854 INIT_LIST_HEAD(®ion->list);
2855 region->start = start;
2856 region->length = length;
2857 region->prot = prot;
2858 region->type = type;
2859 return region;
2860 }
2861 EXPORT_SYMBOL_GPL(iommu_alloc_resv_region);
2862
iommu_set_default_passthrough(bool cmd_line)2863 void iommu_set_default_passthrough(bool cmd_line)
2864 {
2865 if (cmd_line)
2866 iommu_set_cmd_line_dma_api();
2867
2868 iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY;
2869 }
2870
iommu_set_default_translated(bool cmd_line)2871 void iommu_set_default_translated(bool cmd_line)
2872 {
2873 if (cmd_line)
2874 iommu_set_cmd_line_dma_api();
2875
2876 iommu_def_domain_type = IOMMU_DOMAIN_DMA;
2877 }
2878
iommu_default_passthrough(void)2879 bool iommu_default_passthrough(void)
2880 {
2881 return iommu_def_domain_type == IOMMU_DOMAIN_IDENTITY;
2882 }
2883 EXPORT_SYMBOL_GPL(iommu_default_passthrough);
2884
iommu_ops_from_fwnode(struct fwnode_handle * fwnode)2885 const struct iommu_ops *iommu_ops_from_fwnode(struct fwnode_handle *fwnode)
2886 {
2887 const struct iommu_ops *ops = NULL;
2888 struct iommu_device *iommu;
2889
2890 spin_lock(&iommu_device_lock);
2891 list_for_each_entry(iommu, &iommu_device_list, list)
2892 if (iommu->fwnode == fwnode) {
2893 ops = iommu->ops;
2894 break;
2895 }
2896 spin_unlock(&iommu_device_lock);
2897 return ops;
2898 }
2899
iommu_fwspec_init(struct device * dev,struct fwnode_handle * iommu_fwnode,const struct iommu_ops * ops)2900 int iommu_fwspec_init(struct device *dev, struct fwnode_handle *iommu_fwnode,
2901 const struct iommu_ops *ops)
2902 {
2903 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2904
2905 if (fwspec)
2906 return ops == fwspec->ops ? 0 : -EINVAL;
2907
2908 if (!dev_iommu_get(dev))
2909 return -ENOMEM;
2910
2911 /* Preallocate for the overwhelmingly common case of 1 ID */
2912 fwspec = kzalloc(struct_size(fwspec, ids, 1), GFP_KERNEL);
2913 if (!fwspec)
2914 return -ENOMEM;
2915
2916 of_node_get(to_of_node(iommu_fwnode));
2917 fwspec->iommu_fwnode = iommu_fwnode;
2918 fwspec->ops = ops;
2919 dev_iommu_fwspec_set(dev, fwspec);
2920 return 0;
2921 }
2922 EXPORT_SYMBOL_GPL(iommu_fwspec_init);
2923
iommu_fwspec_free(struct device * dev)2924 void iommu_fwspec_free(struct device *dev)
2925 {
2926 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2927
2928 if (fwspec) {
2929 fwnode_handle_put(fwspec->iommu_fwnode);
2930 kfree(fwspec);
2931 dev_iommu_fwspec_set(dev, NULL);
2932 }
2933 }
2934 EXPORT_SYMBOL_GPL(iommu_fwspec_free);
2935
iommu_fwspec_add_ids(struct device * dev,u32 * ids,int num_ids)2936 int iommu_fwspec_add_ids(struct device *dev, u32 *ids, int num_ids)
2937 {
2938 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2939 int i, new_num;
2940
2941 if (!fwspec)
2942 return -EINVAL;
2943
2944 new_num = fwspec->num_ids + num_ids;
2945 if (new_num > 1) {
2946 fwspec = krealloc(fwspec, struct_size(fwspec, ids, new_num),
2947 GFP_KERNEL);
2948 if (!fwspec)
2949 return -ENOMEM;
2950
2951 dev_iommu_fwspec_set(dev, fwspec);
2952 }
2953
2954 for (i = 0; i < num_ids; i++)
2955 fwspec->ids[fwspec->num_ids + i] = ids[i];
2956
2957 fwspec->num_ids = new_num;
2958 return 0;
2959 }
2960 EXPORT_SYMBOL_GPL(iommu_fwspec_add_ids);
2961
2962 /*
2963 * Per device IOMMU features.
2964 */
iommu_dev_has_feature(struct device * dev,enum iommu_dev_features feat)2965 bool iommu_dev_has_feature(struct device *dev, enum iommu_dev_features feat)
2966 {
2967 const struct iommu_ops *ops = dev->bus->iommu_ops;
2968
2969 if (ops && ops->dev_has_feat)
2970 return ops->dev_has_feat(dev, feat);
2971
2972 return false;
2973 }
2974 EXPORT_SYMBOL_GPL(iommu_dev_has_feature);
2975
iommu_dev_enable_feature(struct device * dev,enum iommu_dev_features feat)2976 int iommu_dev_enable_feature(struct device *dev, enum iommu_dev_features feat)
2977 {
2978 if (dev->iommu && dev->iommu->iommu_dev) {
2979 const struct iommu_ops *ops = dev->iommu->iommu_dev->ops;
2980
2981 if (ops->dev_enable_feat)
2982 return ops->dev_enable_feat(dev, feat);
2983 }
2984
2985 return -ENODEV;
2986 }
2987 EXPORT_SYMBOL_GPL(iommu_dev_enable_feature);
2988
2989 /*
2990 * The device drivers should do the necessary cleanups before calling this.
2991 * For example, before disabling the aux-domain feature, the device driver
2992 * should detach all aux-domains. Otherwise, this will return -EBUSY.
2993 */
iommu_dev_disable_feature(struct device * dev,enum iommu_dev_features feat)2994 int iommu_dev_disable_feature(struct device *dev, enum iommu_dev_features feat)
2995 {
2996 if (dev->iommu && dev->iommu->iommu_dev) {
2997 const struct iommu_ops *ops = dev->iommu->iommu_dev->ops;
2998
2999 if (ops->dev_disable_feat)
3000 return ops->dev_disable_feat(dev, feat);
3001 }
3002
3003 return -EBUSY;
3004 }
3005 EXPORT_SYMBOL_GPL(iommu_dev_disable_feature);
3006
iommu_dev_feature_enabled(struct device * dev,enum iommu_dev_features feat)3007 bool iommu_dev_feature_enabled(struct device *dev, enum iommu_dev_features feat)
3008 {
3009 if (dev->iommu && dev->iommu->iommu_dev) {
3010 const struct iommu_ops *ops = dev->iommu->iommu_dev->ops;
3011
3012 if (ops->dev_feat_enabled)
3013 return ops->dev_feat_enabled(dev, feat);
3014 }
3015
3016 return false;
3017 }
3018 EXPORT_SYMBOL_GPL(iommu_dev_feature_enabled);
3019
3020 /*
3021 * Aux-domain specific attach/detach.
3022 *
3023 * Only works if iommu_dev_feature_enabled(dev, IOMMU_DEV_FEAT_AUX) returns
3024 * true. Also, as long as domains are attached to a device through this
3025 * interface, any tries to call iommu_attach_device() should fail
3026 * (iommu_detach_device() can't fail, so we fail when trying to re-attach).
3027 * This should make us safe against a device being attached to a guest as a
3028 * whole while there are still pasid users on it (aux and sva).
3029 */
iommu_aux_attach_device(struct iommu_domain * domain,struct device * dev)3030 int iommu_aux_attach_device(struct iommu_domain *domain, struct device *dev)
3031 {
3032 int ret = -ENODEV;
3033
3034 if (domain->ops->aux_attach_dev)
3035 ret = domain->ops->aux_attach_dev(domain, dev);
3036
3037 if (!ret)
3038 trace_attach_device_to_domain(dev);
3039
3040 return ret;
3041 }
3042 EXPORT_SYMBOL_GPL(iommu_aux_attach_device);
3043
iommu_aux_detach_device(struct iommu_domain * domain,struct device * dev)3044 void iommu_aux_detach_device(struct iommu_domain *domain, struct device *dev)
3045 {
3046 if (domain->ops->aux_detach_dev) {
3047 domain->ops->aux_detach_dev(domain, dev);
3048 trace_detach_device_from_domain(dev);
3049 }
3050 }
3051 EXPORT_SYMBOL_GPL(iommu_aux_detach_device);
3052
iommu_aux_get_pasid(struct iommu_domain * domain,struct device * dev)3053 int iommu_aux_get_pasid(struct iommu_domain *domain, struct device *dev)
3054 {
3055 int ret = -ENODEV;
3056
3057 if (domain->ops->aux_get_pasid)
3058 ret = domain->ops->aux_get_pasid(domain, dev);
3059
3060 return ret;
3061 }
3062 EXPORT_SYMBOL_GPL(iommu_aux_get_pasid);
3063
3064 /**
3065 * iommu_sva_bind_device() - Bind a process address space to a device
3066 * @dev: the device
3067 * @mm: the mm to bind, caller must hold a reference to it
3068 *
3069 * Create a bond between device and address space, allowing the device to access
3070 * the mm using the returned PASID. If a bond already exists between @device and
3071 * @mm, it is returned and an additional reference is taken. Caller must call
3072 * iommu_sva_unbind_device() to release each reference.
3073 *
3074 * iommu_dev_enable_feature(dev, IOMMU_DEV_FEAT_SVA) must be called first, to
3075 * initialize the required SVA features.
3076 *
3077 * On error, returns an ERR_PTR value.
3078 */
3079 struct iommu_sva *
iommu_sva_bind_device(struct device * dev,struct mm_struct * mm,void * drvdata)3080 iommu_sva_bind_device(struct device *dev, struct mm_struct *mm, void *drvdata)
3081 {
3082 struct iommu_group *group;
3083 struct iommu_sva *handle = ERR_PTR(-EINVAL);
3084 const struct iommu_ops *ops = dev->bus->iommu_ops;
3085
3086 if (!ops || !ops->sva_bind)
3087 return ERR_PTR(-ENODEV);
3088
3089 group = iommu_group_get(dev);
3090 if (!group)
3091 return ERR_PTR(-ENODEV);
3092
3093 /* Ensure device count and domain don't change while we're binding */
3094 mutex_lock(&group->mutex);
3095
3096 /*
3097 * To keep things simple, SVA currently doesn't support IOMMU groups
3098 * with more than one device. Existing SVA-capable systems are not
3099 * affected by the problems that required IOMMU groups (lack of ACS
3100 * isolation, device ID aliasing and other hardware issues).
3101 */
3102 if (iommu_group_device_count(group) != 1)
3103 goto out_unlock;
3104
3105 handle = ops->sva_bind(dev, mm, drvdata);
3106
3107 out_unlock:
3108 mutex_unlock(&group->mutex);
3109 iommu_group_put(group);
3110
3111 return handle;
3112 }
3113 EXPORT_SYMBOL_GPL(iommu_sva_bind_device);
3114
3115 /**
3116 * iommu_sva_unbind_device() - Remove a bond created with iommu_sva_bind_device
3117 * @handle: the handle returned by iommu_sva_bind_device()
3118 *
3119 * Put reference to a bond between device and address space. The device should
3120 * not be issuing any more transaction for this PASID. All outstanding page
3121 * requests for this PASID must have been flushed to the IOMMU.
3122 *
3123 * Returns 0 on success, or an error value
3124 */
iommu_sva_unbind_device(struct iommu_sva * handle)3125 void iommu_sva_unbind_device(struct iommu_sva *handle)
3126 {
3127 struct iommu_group *group;
3128 struct device *dev = handle->dev;
3129 const struct iommu_ops *ops = dev->bus->iommu_ops;
3130
3131 if (!ops || !ops->sva_unbind)
3132 return;
3133
3134 group = iommu_group_get(dev);
3135 if (!group)
3136 return;
3137
3138 mutex_lock(&group->mutex);
3139 ops->sva_unbind(handle);
3140 mutex_unlock(&group->mutex);
3141
3142 iommu_group_put(group);
3143 }
3144 EXPORT_SYMBOL_GPL(iommu_sva_unbind_device);
3145
iommu_sva_get_pasid(struct iommu_sva * handle)3146 u32 iommu_sva_get_pasid(struct iommu_sva *handle)
3147 {
3148 const struct iommu_ops *ops = handle->dev->bus->iommu_ops;
3149
3150 if (!ops || !ops->sva_get_pasid)
3151 return IOMMU_PASID_INVALID;
3152
3153 return ops->sva_get_pasid(handle);
3154 }
3155 EXPORT_SYMBOL_GPL(iommu_sva_get_pasid);
3156