1 // SPDX-License-Identifier: GPL-2.0
2 /*
3 * pKVM host driver for the Arm SMMUv3
4 *
5 * Copyright (C) 2022 Linaro Ltd.
6 */
7 #include <asm/kvm_pkvm.h>
8 #include <asm/kvm_mmu.h>
9
10 #include <linux/moduleparam.h>
11 #include <linux/of_address.h>
12 #include <linux/of_platform.h>
13 #include <linux/platform_device.h>
14 #include <linux/pm_runtime.h>
15
16 #include "arm-smmu-v3.h"
17 #include "pkvm/arm_smmu_v3.h"
18
19 extern struct kvm_iommu_ops kvm_nvhe_sym(smmu_ops);
20
21 struct host_arm_smmu_device {
22 struct arm_smmu_device smmu;
23 pkvm_handle_t id;
24 u32 boot_gbpa;
25 struct kvm_power_domain power_domain;
26 };
27
28 #define smmu_to_host(_smmu) \
29 container_of(_smmu, struct host_arm_smmu_device, smmu);
30
31 struct kvm_arm_smmu_master {
32 struct arm_smmu_device *smmu;
33 struct device *dev;
34 struct xarray domains;
35 struct kvm_arm_smmu_stream *streams;
36 unsigned int num_streams;
37 u32 ssid_bits;
38 bool idmapped; /* Stage-2 is transparently identity mapped*/
39 };
40
41 struct kvm_arm_smmu_stream {
42 u32 id;
43 struct kvm_arm_smmu_master *master;
44 struct rb_node node;
45 };
46
47 struct kvm_arm_smmu_domain {
48 struct iommu_domain domain;
49 struct arm_smmu_device *smmu;
50 struct mutex init_mutex;
51 pkvm_handle_t id;
52 };
53
54 #define to_kvm_smmu_domain(_domain) \
55 container_of(_domain, struct kvm_arm_smmu_domain, domain)
56
57 #ifdef MODULE
58 static unsigned long pkvm_module_token;
59
60 #define ksym_ref_addr_nvhe(x) \
61 ((typeof(kvm_nvhe_sym(x)) *)(pkvm_el2_mod_va(&kvm_nvhe_sym(x), pkvm_module_token)))
62
63 int kvm_nvhe_sym(smmu_init_hyp_module)(const struct pkvm_module_ops *ops);
64 #else
65 #define ksym_ref_addr_nvhe(x) \
66 ((typeof(kvm_nvhe_sym(x)) *)(kern_hyp_va(lm_alias(&kvm_nvhe_sym(x)))))
67 #endif
68
69 static size_t kvm_arm_smmu_cur;
70 static size_t kvm_arm_smmu_count;
71 static struct hyp_arm_smmu_v3_device *kvm_arm_smmu_array;
72 static DEFINE_IDA(kvm_arm_smmu_domain_ida);
73 /*
74 * Pre allocated pages that can be used from the EL2 part of the driver from atomic
75 * context, ideally used for page table pages for identity domains.
76 */
77 static int atomic_pages;
78 module_param(atomic_pages, int, 0);
79
80 static struct platform_driver kvm_arm_smmu_driver;
81
82 static struct arm_smmu_device *
kvm_arm_smmu_get_by_fwnode(struct fwnode_handle * fwnode)83 kvm_arm_smmu_get_by_fwnode(struct fwnode_handle *fwnode)
84 {
85 struct device *dev;
86
87 dev = driver_find_device_by_fwnode(&kvm_arm_smmu_driver.driver, fwnode);
88 put_device(dev);
89 return dev ? dev_get_drvdata(dev) : NULL;
90 }
91
92 static struct iommu_ops kvm_arm_smmu_ops;
93
kvm_arm_smmu_streams_cmp_key(const void * lhs,const struct rb_node * rhs)94 static int kvm_arm_smmu_streams_cmp_key(const void *lhs, const struct rb_node *rhs)
95 {
96 struct kvm_arm_smmu_stream *stream_rhs = rb_entry(rhs, struct kvm_arm_smmu_stream, node);
97 const u32 *sid_lhs = lhs;
98
99 if (*sid_lhs < stream_rhs->id)
100 return -1;
101 if (*sid_lhs > stream_rhs->id)
102 return 1;
103 return 0;
104 }
105
kvm_arm_smmu_streams_cmp_node(struct rb_node * lhs,const struct rb_node * rhs)106 static int kvm_arm_smmu_streams_cmp_node(struct rb_node *lhs, const struct rb_node *rhs)
107 {
108 return kvm_arm_smmu_streams_cmp_key(&rb_entry(lhs, struct kvm_arm_smmu_stream, node)->id,
109 rhs);
110 }
111
kvm_arm_smmu_insert_master(struct arm_smmu_device * smmu,struct kvm_arm_smmu_master * master)112 static int kvm_arm_smmu_insert_master(struct arm_smmu_device *smmu,
113 struct kvm_arm_smmu_master *master)
114 {
115 int i;
116 int ret = 0;
117 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(master->dev);
118
119 master->streams = kcalloc(fwspec->num_ids, sizeof(*master->streams), GFP_KERNEL);
120 if (!master->streams)
121 return -ENOMEM;
122 master->num_streams = fwspec->num_ids;
123
124 mutex_lock(&smmu->streams_mutex);
125 for (i = 0; i < fwspec->num_ids; i++) {
126 struct kvm_arm_smmu_stream *new_stream = &master->streams[i];
127 struct rb_node *existing;
128 u32 sid = fwspec->ids[i];
129
130 new_stream->id = sid;
131 new_stream->master = master;
132
133 existing = rb_find_add(&new_stream->node, &smmu->streams,
134 kvm_arm_smmu_streams_cmp_node);
135 if (existing) {
136 struct kvm_arm_smmu_master *existing_master = rb_entry(existing,
137 struct kvm_arm_smmu_stream,
138 node)->master;
139
140 /* Bridged PCI devices may end up with duplicated IDs */
141 if (existing_master == master)
142 continue;
143
144 dev_warn(master->dev,
145 "Aliasing StreamID 0x%x (from %s) unsupported, expect DMA to be broken\n",
146 sid, dev_name(existing_master->dev));
147 ret = -ENODEV;
148 break;
149 }
150 }
151
152 if (ret) {
153 for (i--; i >= 0; i--)
154 rb_erase(&master->streams[i].node, &smmu->streams);
155 kfree(master->streams);
156 }
157 mutex_unlock(&smmu->streams_mutex);
158
159 return ret;
160 }
161
kvm_arm_smmu_remove_master(struct kvm_arm_smmu_master * master)162 static void kvm_arm_smmu_remove_master(struct kvm_arm_smmu_master *master)
163 {
164 int i;
165 struct arm_smmu_device *smmu = master->smmu;
166 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(master->dev);
167
168 if (!smmu || !master->streams)
169 return;
170
171 mutex_lock(&smmu->streams_mutex);
172 for (i = 0; i < fwspec->num_ids; i++)
173 rb_erase(&master->streams[i].node, &smmu->streams);
174 mutex_unlock(&smmu->streams_mutex);
175
176 kfree(master->streams);
177 }
178
kvm_arm_smmu_probe_device(struct device * dev)179 static struct iommu_device *kvm_arm_smmu_probe_device(struct device *dev)
180 {
181 struct arm_smmu_device *smmu;
182 struct kvm_arm_smmu_master *master;
183 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
184 int ret;
185
186 if (WARN_ON_ONCE(dev_iommu_priv_get(dev)))
187 return ERR_PTR(-EBUSY);
188
189 smmu = kvm_arm_smmu_get_by_fwnode(fwspec->iommu_fwnode);
190 if (!smmu)
191 return ERR_PTR(-ENODEV);
192
193 master = kzalloc(sizeof(*master), GFP_KERNEL);
194 if (!master)
195 return ERR_PTR(-ENOMEM);
196
197 master->dev = dev;
198 master->smmu = smmu;
199
200 ret = kvm_arm_smmu_insert_master(smmu, master);
201 if (ret)
202 goto err_free_master;
203
204 device_property_read_u32(dev, "pasid-num-bits", &master->ssid_bits);
205
206 master->ssid_bits = min(smmu->ssid_bits, master->ssid_bits);
207 xa_init(&master->domains);
208 master->idmapped = device_property_read_bool(dev, "iommu-idmapped");
209 dev_iommu_priv_set(dev, master);
210 if (!device_link_add(dev, smmu->dev,
211 DL_FLAG_PM_RUNTIME |
212 DL_FLAG_AUTOREMOVE_SUPPLIER)) {
213 ret = -ENOLINK;
214 goto err_remove_master;
215 }
216
217 return &smmu->iommu;
218
219 err_remove_master:
220 kvm_arm_smmu_remove_master(master);
221 err_free_master:
222 kfree(master);
223 return ERR_PTR(ret);
224 }
225
kvm_arm_smmu_domain_alloc(unsigned type)226 static struct iommu_domain *kvm_arm_smmu_domain_alloc(unsigned type)
227 {
228 struct kvm_arm_smmu_domain *kvm_smmu_domain;
229
230 /*
231 * We don't support
232 * - IOMMU_DOMAIN_DMA_FQ because lazy unmap would clash with memory
233 * donation to guests.
234 */
235 if (type != IOMMU_DOMAIN_DMA &&
236 type != IOMMU_DOMAIN_UNMANAGED &&
237 type != IOMMU_DOMAIN_IDENTITY &&
238 type != IOMMU_DOMAIN_BLOCKED)
239 return ERR_PTR(-EOPNOTSUPP);
240
241 kvm_smmu_domain = kzalloc(sizeof(*kvm_smmu_domain), GFP_KERNEL);
242 if (!kvm_smmu_domain)
243 return ERR_PTR(-ENOMEM);
244
245 mutex_init(&kvm_smmu_domain->init_mutex);
246
247 return &kvm_smmu_domain->domain;
248 }
249
kvm_arm_smmu_domain_finalize(struct kvm_arm_smmu_domain * kvm_smmu_domain,struct kvm_arm_smmu_master * master)250 static int kvm_arm_smmu_domain_finalize(struct kvm_arm_smmu_domain *kvm_smmu_domain,
251 struct kvm_arm_smmu_master *master)
252 {
253 int ret = 0;
254 struct arm_smmu_device *smmu = master->smmu;
255 unsigned int max_domains;
256 enum kvm_arm_smmu_domain_type type;
257 struct io_pgtable_cfg cfg;
258 unsigned long ias;
259
260 if (kvm_smmu_domain->smmu && (kvm_smmu_domain->smmu != smmu))
261 return -EINVAL;
262
263 if (kvm_smmu_domain->smmu)
264 return 0;
265
266 if (kvm_smmu_domain->domain.type == IOMMU_DOMAIN_IDENTITY) {
267 kvm_smmu_domain->id = KVM_IOMMU_DOMAIN_IDMAP_ID;
268 /*
269 * Identity domains doesn't use the DMA API, so no need to
270 * set the domain aperture.
271 */
272 goto out;
273 }
274
275 /* Default to stage-1. */
276 if (smmu->features & ARM_SMMU_FEAT_TRANS_S1) {
277 ias = (smmu->features & ARM_SMMU_FEAT_VAX) ? 52 : 48;
278 cfg = (struct io_pgtable_cfg) {
279 .fmt = ARM_64_LPAE_S1,
280 .pgsize_bitmap = smmu->pgsize_bitmap,
281 .ias = min_t(unsigned long, ias, VA_BITS),
282 .oas = smmu->ias,
283 .coherent_walk = smmu->features & ARM_SMMU_FEAT_COHERENCY,
284 };
285 ret = io_pgtable_configure(&cfg);
286 if (ret)
287 return ret;
288
289 type = KVM_ARM_SMMU_DOMAIN_S1;
290 kvm_smmu_domain->domain.pgsize_bitmap = cfg.pgsize_bitmap;
291 kvm_smmu_domain->domain.geometry.aperture_end = (1UL << cfg.ias) - 1;
292 max_domains = 1 << smmu->asid_bits;
293 } else {
294 cfg = (struct io_pgtable_cfg) {
295 .fmt = ARM_64_LPAE_S2,
296 .pgsize_bitmap = smmu->pgsize_bitmap,
297 .ias = smmu->ias,
298 .oas = smmu->oas,
299 .coherent_walk = smmu->features & ARM_SMMU_FEAT_COHERENCY,
300 };
301 ret = io_pgtable_configure(&cfg);
302 if (ret)
303 return ret;
304
305 type = KVM_ARM_SMMU_DOMAIN_S2;
306 kvm_smmu_domain->domain.pgsize_bitmap = cfg.pgsize_bitmap;
307 kvm_smmu_domain->domain.geometry.aperture_end = (1UL << cfg.ias) - 1;
308 max_domains = 1 << smmu->vmid_bits;
309 }
310 kvm_smmu_domain->domain.geometry.force_aperture = true;
311
312 /*
313 * The hypervisor uses the domain_id for asid/vmid so it has to be
314 * unique, and it has to be in range of this smmu, which can be
315 * either 8 or 16 bits.
316 */
317 ret = ida_alloc_range(&kvm_arm_smmu_domain_ida, KVM_IOMMU_DOMAIN_NR_START,
318 min(KVM_IOMMU_MAX_DOMAINS, max_domains), GFP_KERNEL);
319 if (ret < 0)
320 return ret;
321
322 kvm_smmu_domain->id = ret;
323
324 ret = kvm_iommu_alloc_domain(kvm_smmu_domain->id, type);
325 if (ret) {
326 ida_free(&kvm_arm_smmu_domain_ida, kvm_smmu_domain->id);
327 return ret;
328 }
329
330 out:
331 kvm_smmu_domain->smmu = smmu;
332 return ret;
333 }
334
kvm_arm_smmu_domain_free(struct iommu_domain * domain)335 static void kvm_arm_smmu_domain_free(struct iommu_domain *domain)
336 {
337 int ret;
338 struct kvm_arm_smmu_domain *kvm_smmu_domain = to_kvm_smmu_domain(domain);
339 struct arm_smmu_device *smmu = kvm_smmu_domain->smmu;
340
341 if (smmu && (kvm_smmu_domain->domain.type != IOMMU_DOMAIN_IDENTITY)) {
342 ret = kvm_iommu_free_domain(kvm_smmu_domain->id);
343 ida_free(&kvm_arm_smmu_domain_ida, kvm_smmu_domain->id);
344 }
345 kfree(kvm_smmu_domain);
346 }
347
kvm_arm_smmu_detach_dev_pasid(struct host_arm_smmu_device * host_smmu,struct kvm_arm_smmu_master * master,ioasid_t pasid)348 static int kvm_arm_smmu_detach_dev_pasid(struct host_arm_smmu_device *host_smmu,
349 struct kvm_arm_smmu_master *master,
350 ioasid_t pasid)
351 {
352 int i, ret;
353 struct arm_smmu_device *smmu = &host_smmu->smmu;
354 struct kvm_arm_smmu_domain *domain = xa_load(&master->domains, pasid);
355
356 if (!domain)
357 return 0;
358
359 for (i = 0; i < master->num_streams; i++) {
360 int sid = master->streams[i].id;
361
362 ret = kvm_iommu_detach_dev(host_smmu->id, domain->id, sid, pasid);
363 if (ret) {
364 dev_err(smmu->dev, "cannot detach device %s (0x%x): %d\n",
365 dev_name(master->dev), sid, ret);
366 break;
367 }
368 }
369
370 /*
371 * smmu->streams_mutex is taken to provide synchronization with respect to
372 * kvm_arm_smmu_handle_event(), since that acquires the same lock. Taking the
373 * lock makes domain removal atomic with respect to domain usage when reporting
374 * faults related to a domain to an IOMMU client driver. This makes it so that
375 * the domain doesn't go away while it is being used in the fault reporting
376 * logic.
377 */
378 mutex_lock(&smmu->streams_mutex);
379 xa_erase(&master->domains, pasid);
380 mutex_unlock(&smmu->streams_mutex);
381
382 return ret;
383 }
384
kvm_arm_smmu_detach_dev(struct host_arm_smmu_device * host_smmu,struct kvm_arm_smmu_master * master)385 static int kvm_arm_smmu_detach_dev(struct host_arm_smmu_device *host_smmu,
386 struct kvm_arm_smmu_master *master)
387 {
388 return kvm_arm_smmu_detach_dev_pasid(host_smmu, master, 0);
389 }
390
kvm_arm_smmu_remove_dev_pasid(struct device * dev,ioasid_t pasid,struct iommu_domain * domain)391 static void kvm_arm_smmu_remove_dev_pasid(struct device *dev, ioasid_t pasid,
392 struct iommu_domain *domain)
393 {
394 struct kvm_arm_smmu_master *master = dev_iommu_priv_get(dev);
395 struct host_arm_smmu_device *host_smmu = smmu_to_host(master->smmu);
396
397 kvm_arm_smmu_detach_dev_pasid(host_smmu, master, pasid);
398 }
399
kvm_arm_smmu_release_device(struct device * dev)400 static void kvm_arm_smmu_release_device(struct device *dev)
401 {
402 struct kvm_arm_smmu_master *master = dev_iommu_priv_get(dev);
403 struct host_arm_smmu_device *host_smmu = smmu_to_host(master->smmu);
404
405 kvm_arm_smmu_detach_dev(host_smmu, master);
406 xa_destroy(&master->domains);
407 kvm_arm_smmu_remove_master(master);
408 kfree(master);
409 iommu_fwspec_free(dev);
410 }
411
kvm_arm_smmu_set_dev_pasid(struct iommu_domain * domain,struct device * dev,ioasid_t pasid)412 static int kvm_arm_smmu_set_dev_pasid(struct iommu_domain *domain,
413 struct device *dev, ioasid_t pasid)
414 {
415 int i, ret;
416 struct arm_smmu_device *smmu;
417 struct host_arm_smmu_device *host_smmu;
418 struct kvm_arm_smmu_master *master = dev_iommu_priv_get(dev);
419 struct kvm_arm_smmu_domain *kvm_smmu_domain = to_kvm_smmu_domain(domain);
420
421 if (!master)
422 return -ENODEV;
423
424 smmu = master->smmu;
425 host_smmu = smmu_to_host(smmu);
426
427 ret = kvm_arm_smmu_detach_dev_pasid(host_smmu, master, pasid);
428 if (ret || (domain->type == IOMMU_DOMAIN_BLOCKED))
429 return ret;
430
431 mutex_lock(&kvm_smmu_domain->init_mutex);
432 ret = kvm_arm_smmu_domain_finalize(kvm_smmu_domain, master);
433 mutex_unlock(&kvm_smmu_domain->init_mutex);
434 if (ret)
435 return ret;
436
437 for (i = 0; i < master->num_streams; i++) {
438 int sid = master->streams[i].id;
439
440 ret = kvm_iommu_attach_dev(host_smmu->id, kvm_smmu_domain->id,
441 sid, pasid, master->ssid_bits, 0);
442 if (ret) {
443 dev_err(smmu->dev, "cannot attach device %s (0x%x): %d\n",
444 dev_name(dev), sid, ret);
445 goto out_ret;
446 }
447 }
448 ret = xa_insert(&master->domains, pasid, kvm_smmu_domain, GFP_KERNEL);
449
450 out_ret:
451 if (ret)
452 kvm_arm_smmu_detach_dev(host_smmu, master);
453 return ret;
454 }
455
kvm_arm_smmu_attach_dev(struct iommu_domain * domain,struct device * dev)456 static int kvm_arm_smmu_attach_dev(struct iommu_domain *domain,
457 struct device *dev)
458 {
459 struct kvm_arm_smmu_master *master = dev_iommu_priv_get(dev);
460 unsigned long pasid = 0;
461
462 /* All pasids must be removed first. */
463 if (xa_find_after(&master->domains, &pasid, ULONG_MAX, XA_PRESENT))
464 return -EBUSY;
465
466 return kvm_arm_smmu_set_dev_pasid(domain, dev, 0);
467 }
468
kvm_arm_smmu_def_domain_type(struct device * dev)469 static int kvm_arm_smmu_def_domain_type(struct device *dev)
470 {
471 struct kvm_arm_smmu_master *master = dev_iommu_priv_get(dev);
472
473 if (master->idmapped && atomic_pages)
474 return IOMMU_DOMAIN_IDENTITY;
475 return 0;
476 }
477
kvm_arm_smmu_capable(struct device * dev,enum iommu_cap cap)478 static bool kvm_arm_smmu_capable(struct device *dev, enum iommu_cap cap)
479 {
480 struct kvm_arm_smmu_master *master = dev_iommu_priv_get(dev);
481
482 switch (cap) {
483 case IOMMU_CAP_CACHE_COHERENCY:
484 return master->smmu->features & ARM_SMMU_FEAT_COHERENCY;
485 case IOMMU_CAP_NOEXEC:
486 default:
487 return false;
488 }
489 }
490
kvm_arm_smmu_map_pages(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t pgsize,size_t pgcount,int prot,gfp_t gfp,size_t * total_mapped)491 static int kvm_arm_smmu_map_pages(struct iommu_domain *domain,
492 unsigned long iova, phys_addr_t paddr,
493 size_t pgsize, size_t pgcount, int prot,
494 gfp_t gfp, size_t *total_mapped)
495 {
496 struct kvm_arm_smmu_domain *kvm_smmu_domain = to_kvm_smmu_domain(domain);
497
498 return kvm_iommu_map_pages(kvm_smmu_domain->id, iova, paddr, pgsize,
499 pgcount, prot, gfp, total_mapped);
500 }
501
kvm_arm_smmu_unmap_pages(struct iommu_domain * domain,unsigned long iova,size_t pgsize,size_t pgcount,struct iommu_iotlb_gather * iotlb_gather)502 static size_t kvm_arm_smmu_unmap_pages(struct iommu_domain *domain,
503 unsigned long iova, size_t pgsize,
504 size_t pgcount,
505 struct iommu_iotlb_gather *iotlb_gather)
506 {
507 struct kvm_arm_smmu_domain *kvm_smmu_domain = to_kvm_smmu_domain(domain);
508
509 return kvm_iommu_unmap_pages(kvm_smmu_domain->id, iova, pgsize, pgcount);
510 }
511
kvm_arm_smmu_iova_to_phys(struct iommu_domain * domain,dma_addr_t iova)512 static phys_addr_t kvm_arm_smmu_iova_to_phys(struct iommu_domain *domain,
513 dma_addr_t iova)
514 {
515 struct kvm_arm_smmu_domain *kvm_smmu_domain = to_kvm_smmu_domain(domain);
516
517 return kvm_iommu_iova_to_phys(kvm_smmu_domain->id, iova);
518 }
519
520 struct kvm_arm_smmu_map_sg {
521 struct iommu_map_cookie_sg cookie;
522 struct kvm_iommu_sg *sg;
523 unsigned int ptr;
524 unsigned long iova;
525 int prot;
526 gfp_t gfp;
527 unsigned int nents;
528 size_t total_mapped;
529 size_t size; /* Total size of entries not mapped yet. */
530 };
531
kvm_arm_smmu_alloc_cookie_sg(unsigned long iova,int prot,unsigned int nents,gfp_t gfp)532 static struct iommu_map_cookie_sg *kvm_arm_smmu_alloc_cookie_sg(unsigned long iova,
533 int prot,
534 unsigned int nents,
535 gfp_t gfp)
536 {
537 int ret;
538 struct kvm_arm_smmu_map_sg *map_sg = kzalloc(sizeof(*map_sg), gfp);
539
540 if (!map_sg)
541 return NULL;
542
543 /* Rounds nents to allocate to page aligned size. */
544 map_sg->nents = kvm_iommu_sg_nents_round(nents);
545 map_sg->sg = kvm_iommu_sg_alloc(map_sg->nents, gfp);
546 if (!map_sg->sg)
547 return NULL;
548 map_sg->iova = iova;
549 map_sg->prot = prot;
550 map_sg->gfp = gfp;
551 ret = kvm_iommu_share_hyp_sg(map_sg->sg, map_sg->nents);
552 if (ret) {
553 kvm_iommu_sg_free(map_sg->sg, map_sg->nents);
554 kfree(map_sg);
555 return NULL;
556 }
557
558 return &map_sg->cookie;
559 }
560
kvm_arm_smmu_add_deferred_map_sg(struct iommu_map_cookie_sg * cookie,phys_addr_t paddr,size_t pgsize,size_t pgcount)561 static int kvm_arm_smmu_add_deferred_map_sg(struct iommu_map_cookie_sg *cookie,
562 phys_addr_t paddr, size_t pgsize, size_t pgcount)
563 {
564 struct kvm_arm_smmu_map_sg *map_sg = container_of(cookie, struct kvm_arm_smmu_map_sg,
565 cookie);
566 struct kvm_iommu_sg *sg = map_sg->sg;
567 struct kvm_arm_smmu_domain *kvm_smmu_domain = to_kvm_smmu_domain(map_sg->cookie.domain);
568 size_t mapped;
569
570 /* Out of space, flush the list. */
571 if (map_sg->nents == map_sg->ptr) {
572 mapped = kvm_iommu_map_sg(kvm_smmu_domain->id, sg, map_sg->iova,
573 map_sg->ptr, map_sg->prot, map_sg->gfp);
574 /*
575 * Something went wrong, undo the mappings from the current sg list,
576 * leaving total mapped as it would be unmapped from core code as
577 * kvm_arm_smmu_consume_deferred_map_sg() would return total_mapped.
578 */
579 if (mapped != map_sg->size) {
580 iommu_unmap(&kvm_smmu_domain->domain, map_sg->iova, mapped);
581 /*
582 * The core code will try to consume the list in the error path
583 * don't attempt to map this list again as it already failed, so
584 * no need to waste time.
585 */
586 map_sg->ptr = 0;
587 return -EINVAL;
588 }
589 map_sg->ptr = 0;
590 map_sg->iova += mapped;
591 map_sg->total_mapped += mapped;
592 map_sg->size = 0;
593 }
594
595 sg[map_sg->ptr].phys = paddr;
596 sg[map_sg->ptr].pgsize = pgsize;
597 sg[map_sg->ptr].pgcount = pgcount;
598 map_sg->size += pgsize * pgcount;
599 map_sg->ptr++;
600 return 0;
601 }
602
kvm_arm_smmu_consume_deferred_map_sg(struct iommu_map_cookie_sg * cookie)603 static size_t kvm_arm_smmu_consume_deferred_map_sg(struct iommu_map_cookie_sg *cookie)
604 {
605 struct kvm_arm_smmu_map_sg *map_sg = container_of(cookie, struct kvm_arm_smmu_map_sg,
606 cookie);
607 struct kvm_iommu_sg *sg = map_sg->sg;
608 struct kvm_arm_smmu_domain *kvm_smmu_domain = to_kvm_smmu_domain(map_sg->cookie.domain);
609 size_t total_mapped = map_sg->total_mapped;
610
611 /* Might be cleared from error path. */
612 if (map_sg->ptr)
613 total_mapped += kvm_iommu_map_sg(kvm_smmu_domain->id, sg, map_sg->iova,
614 map_sg->ptr, map_sg->prot, map_sg->gfp);
615 kvm_iommu_unshare_hyp_sg(sg, map_sg->nents);
616 kvm_iommu_sg_free(sg, map_sg->nents);
617 kfree(map_sg);
618 return total_mapped;
619 }
620
621 static struct iommu_ops kvm_arm_smmu_ops = {
622 .capable = kvm_arm_smmu_capable,
623 .device_group = arm_smmu_device_group,
624 .of_xlate = arm_smmu_of_xlate,
625 .get_resv_regions = arm_smmu_get_resv_regions,
626 .probe_device = kvm_arm_smmu_probe_device,
627 .release_device = kvm_arm_smmu_release_device,
628 .domain_alloc = kvm_arm_smmu_domain_alloc,
629 .pgsize_bitmap = -1UL,
630 .remove_dev_pasid = kvm_arm_smmu_remove_dev_pasid,
631 .owner = THIS_MODULE,
632 .def_domain_type = kvm_arm_smmu_def_domain_type,
633 .default_domain_ops = &(const struct iommu_domain_ops) {
634 .attach_dev = kvm_arm_smmu_attach_dev,
635 .free = kvm_arm_smmu_domain_free,
636 .map_pages = kvm_arm_smmu_map_pages,
637 .unmap_pages = kvm_arm_smmu_unmap_pages,
638 .iova_to_phys = kvm_arm_smmu_iova_to_phys,
639 .set_dev_pasid = kvm_arm_smmu_set_dev_pasid,
640 .alloc_cookie_sg = kvm_arm_smmu_alloc_cookie_sg,
641 .add_deferred_map_sg = kvm_arm_smmu_add_deferred_map_sg,
642 .consume_deferred_map_sg = kvm_arm_smmu_consume_deferred_map_sg,
643 }
644 };
645
kvm_arm_smmu_validate_features(struct arm_smmu_device * smmu)646 static bool kvm_arm_smmu_validate_features(struct arm_smmu_device *smmu)
647 {
648 unsigned int required_features =
649 ARM_SMMU_FEAT_TT_LE;
650 unsigned int forbidden_features =
651 ARM_SMMU_FEAT_STALL_FORCE;
652 unsigned int keep_features =
653 ARM_SMMU_FEAT_2_LVL_STRTAB |
654 ARM_SMMU_FEAT_2_LVL_CDTAB |
655 ARM_SMMU_FEAT_TT_LE |
656 ARM_SMMU_FEAT_SEV |
657 ARM_SMMU_FEAT_COHERENCY |
658 ARM_SMMU_FEAT_TRANS_S1 |
659 ARM_SMMU_FEAT_TRANS_S2 |
660 ARM_SMMU_FEAT_VAX |
661 ARM_SMMU_FEAT_RANGE_INV;
662
663 if (smmu->options & ARM_SMMU_OPT_PAGE0_REGS_ONLY) {
664 dev_err(smmu->dev, "unsupported layout\n");
665 return false;
666 }
667
668 if ((smmu->features & required_features) != required_features) {
669 dev_err(smmu->dev, "missing features 0x%x\n",
670 required_features & ~smmu->features);
671 return false;
672 }
673
674 if (smmu->features & forbidden_features) {
675 dev_err(smmu->dev, "features 0x%x forbidden\n",
676 smmu->features & forbidden_features);
677 return false;
678 }
679
680 smmu->features &= keep_features;
681
682 return true;
683 }
684
kvm_arm_smmu_find_master(struct arm_smmu_device * smmu,u32 sid)685 static struct kvm_arm_smmu_master *kvm_arm_smmu_find_master(struct arm_smmu_device *smmu, u32 sid)
686 {
687 struct rb_node *node;
688
689 lockdep_assert_held(&smmu->streams_mutex);
690
691 node = rb_find(&sid, &smmu->streams, kvm_arm_smmu_streams_cmp_key);
692 if (!node)
693 return NULL;
694 return rb_entry(node, struct kvm_arm_smmu_stream, node)->master;
695 }
696
kvm_arm_smmu_decode_event(struct arm_smmu_device * smmu,u64 * raw,struct arm_smmu_event * event)697 static void kvm_arm_smmu_decode_event(struct arm_smmu_device *smmu, u64 *raw,
698 struct arm_smmu_event *event)
699 {
700 struct kvm_arm_smmu_master *master;
701
702 event->id = FIELD_GET(EVTQ_0_ID, raw[0]);
703 event->sid = FIELD_GET(EVTQ_0_SID, raw[0]);
704 event->ssv = FIELD_GET(EVTQ_0_SSV, raw[0]);
705 event->ssid = event->ssv ? FIELD_GET(EVTQ_0_SSID, raw[0]) : IOMMU_NO_PASID;
706 event->read = FIELD_GET(EVTQ_1_RnW, raw[1]);
707 event->iova = FIELD_GET(EVTQ_2_ADDR, raw[2]);
708 event->dev = NULL;
709
710 mutex_lock(&smmu->streams_mutex);
711 master = kvm_arm_smmu_find_master(smmu, event->sid);
712 if (master)
713 event->dev = get_device(master->dev);
714 mutex_unlock(&smmu->streams_mutex);
715 }
716
kvm_arm_smmu_handle_event(struct arm_smmu_device * smmu,u64 * evt,struct arm_smmu_event * event)717 static int kvm_arm_smmu_handle_event(struct arm_smmu_device *smmu, u64 *evt,
718 struct arm_smmu_event *event)
719 {
720 int ret = 0;
721 struct kvm_arm_smmu_master *master;
722 struct kvm_arm_smmu_domain *smmu_domain;
723
724 switch (event->id) {
725 case EVT_ID_TRANSLATION_FAULT:
726 case EVT_ID_ADDR_SIZE_FAULT:
727 case EVT_ID_ACCESS_FAULT:
728 case EVT_ID_PERMISSION_FAULT:
729 break;
730 default:
731 return -EOPNOTSUPP;
732 }
733
734 mutex_lock(&smmu->streams_mutex);
735 master = kvm_arm_smmu_find_master(smmu, event->sid);
736 if (!master) {
737 ret = -EINVAL;
738 goto out_unlock;
739 }
740
741 smmu_domain = xa_load(&master->domains, event->ssid);
742 if (!smmu_domain) {
743 ret = -EINVAL;
744 goto out_unlock;
745 }
746
747 ret = report_iommu_fault(&smmu_domain->domain, master->dev, event->iova,
748 event->read ? IOMMU_FAULT_READ : IOMMU_FAULT_WRITE);
749
750 out_unlock:
751 mutex_unlock(&smmu->streams_mutex);
752 return ret;
753 }
754
kvm_arm_smmu_dump_event(struct arm_smmu_device * smmu,u64 * raw,struct arm_smmu_event * evt,struct ratelimit_state * rs)755 static void kvm_arm_smmu_dump_event(struct arm_smmu_device *smmu, u64 *raw,
756 struct arm_smmu_event *evt, struct ratelimit_state *rs)
757 {
758
759 int i;
760
761 if (!__ratelimit(rs))
762 return;
763
764 dev_info(smmu->dev, "event 0x%02x received:\n", evt->id);
765 for (i = 0; i < EVTQ_ENT_DWORDS; ++i)
766 dev_info(smmu->dev, "\t0x%016llx\n", (unsigned long long)raw[i]);
767 }
768
kvm_arm_smmu_evt_handler(int irq,void * dev)769 static irqreturn_t kvm_arm_smmu_evt_handler(int irq, void *dev)
770 {
771 struct arm_smmu_device *smmu = dev;
772 struct arm_smmu_queue *q = &smmu->evtq.q;
773 struct arm_smmu_ll_queue *llq = &q->llq;
774 static DEFINE_RATELIMIT_STATE(rs, DEFAULT_RATELIMIT_INTERVAL,
775 DEFAULT_RATELIMIT_BURST);
776 u64 evt[EVTQ_ENT_DWORDS];
777 struct arm_smmu_event event = {0};
778
779 if (pm_runtime_get_if_active(smmu->dev) == 0) {
780 dev_err(smmu->dev, "Unable to handle event interrupt because device not runtime active\n");
781 return IRQ_NONE;
782 }
783
784 do {
785 while (!queue_remove_raw(q, evt)) {
786 kvm_arm_smmu_decode_event(smmu, evt, &event);
787 if (kvm_arm_smmu_handle_event(smmu, evt, &event))
788 kvm_arm_smmu_dump_event(smmu, evt, &event, &rs);
789
790 put_device(event.dev);
791 cond_resched();
792 }
793
794 /*
795 * Not much we can do on overflow, so scream and pretend we're
796 * trying harder.
797 */
798 if (queue_sync_prod_in(q) == -EOVERFLOW)
799 dev_err(smmu->dev, "EVTQ overflow detected -- events lost\n");
800 } while (!queue_empty(llq));
801
802 /* Sync our overflow flag, as we believe we're up to speed */
803 queue_sync_cons_ovf(q);
804 pm_runtime_put(smmu->dev);
805 return IRQ_HANDLED;
806 }
807
kvm_arm_smmu_gerror_handler(int irq,void * dev)808 static irqreturn_t kvm_arm_smmu_gerror_handler(int irq, void *dev)
809 {
810 u32 gerror, gerrorn, active;
811 struct arm_smmu_device *smmu = dev;
812
813 if (pm_runtime_get_if_active(smmu->dev) == 0) {
814 dev_err(smmu->dev, "Unable to handle global error interrupt because device not runtime active\n");
815 return IRQ_NONE;
816 }
817
818 gerror = readl_relaxed(smmu->base + ARM_SMMU_GERROR);
819 gerrorn = readl_relaxed(smmu->base + ARM_SMMU_GERRORN);
820
821 active = gerror ^ gerrorn;
822 if (!(active & GERROR_ERR_MASK)) {
823 pm_runtime_put(smmu->dev);
824 return IRQ_NONE; /* No errors pending */
825 }
826
827 dev_warn(smmu->dev,
828 "unexpected global error reported (0x%08x), this could be serious\n",
829 active);
830
831 /* There is no API to reconfigure the device at the moment.*/
832 if (active & GERROR_SFM_ERR)
833 dev_err(smmu->dev, "device has entered Service Failure Mode!\n");
834
835 if (active & GERROR_MSI_GERROR_ABT_ERR)
836 dev_warn(smmu->dev, "GERROR MSI write aborted\n");
837
838 if (active & GERROR_MSI_PRIQ_ABT_ERR)
839 dev_warn(smmu->dev, "PRIQ MSI write aborted\n");
840
841 if (active & GERROR_MSI_EVTQ_ABT_ERR)
842 dev_warn(smmu->dev, "EVTQ MSI write aborted\n");
843
844 if (active & GERROR_MSI_CMDQ_ABT_ERR)
845 dev_warn(smmu->dev, "CMDQ MSI write aborted\n");
846
847 if (active & GERROR_PRIQ_ABT_ERR)
848 dev_err(smmu->dev, "PRIQ write aborted -- events may have been lost\n");
849
850 if (active & GERROR_EVTQ_ABT_ERR)
851 dev_err(smmu->dev, "EVTQ write aborted -- events may have been lost\n");
852
853 if (active & GERROR_CMDQ_ERR) {
854 dev_err(smmu->dev, "CMDQ ERR -- Hypervisor cmdq corrupted?\n");
855 BUG();
856 }
857
858 writel(gerror, smmu->base + ARM_SMMU_GERRORN);
859 pm_runtime_put(smmu->dev);
860 return IRQ_HANDLED;
861 }
862
kvm_arm_smmu_pri_handler(int irq,void * dev)863 static irqreturn_t kvm_arm_smmu_pri_handler(int irq, void *dev)
864 {
865 struct arm_smmu_device *smmu = dev;
866
867 dev_err(smmu->dev, "PRI not supported in KVM driver!\n");
868
869 return IRQ_HANDLED;
870 }
871
kvm_arm_smmu_device_reset(struct host_arm_smmu_device * host_smmu)872 static int kvm_arm_smmu_device_reset(struct host_arm_smmu_device *host_smmu)
873 {
874 int ret;
875 u32 reg;
876 struct arm_smmu_device *smmu = &host_smmu->smmu;
877 u32 irqen_flags = IRQ_CTRL_EVTQ_IRQEN | IRQ_CTRL_GERROR_IRQEN;
878
879 reg = readl_relaxed(smmu->base + ARM_SMMU_CR0);
880 if (reg & CR0_SMMUEN)
881 dev_warn(smmu->dev, "SMMU currently enabled! Resetting...\n");
882
883 /* Disable bypass */
884 host_smmu->boot_gbpa = readl_relaxed(smmu->base + ARM_SMMU_GBPA);
885 ret = arm_smmu_update_gbpa(smmu, GBPA_ABORT, 0);
886 if (ret)
887 return ret;
888
889 ret = arm_smmu_device_disable(smmu);
890 if (ret)
891 return ret;
892
893 /* Stream table */
894 arm_smmu_write_strtab(smmu);
895
896 /* Command queue */
897 writeq_relaxed(smmu->cmdq.q.q_base, smmu->base + ARM_SMMU_CMDQ_BASE);
898
899 /* Event queue */
900 writeq_relaxed(smmu->evtq.q.q_base, smmu->base + ARM_SMMU_EVTQ_BASE);
901 writel_relaxed(smmu->evtq.q.llq.prod, smmu->base + SZ_64K + ARM_SMMU_EVTQ_PROD);
902 writel_relaxed(smmu->evtq.q.llq.cons, smmu->base + SZ_64K + ARM_SMMU_EVTQ_CONS);
903
904 /* Disable IRQs first */
905 ret = arm_smmu_write_reg_sync(smmu, 0, ARM_SMMU_IRQ_CTRL,
906 ARM_SMMU_IRQ_CTRLACK);
907 if (ret) {
908 dev_err(smmu->dev, "failed to disable irqs\n");
909 return ret;
910 }
911
912 /*
913 * We don't support combined irqs for now, no specific reason, they are uncommon
914 * so we just try to avoid bloating the code.
915 */
916 if (smmu->combined_irq)
917 dev_err(smmu->dev, "Combined irqs not supported by this driver\n");
918 else
919 arm_smmu_setup_unique_irqs(smmu, kvm_arm_smmu_evt_handler,
920 kvm_arm_smmu_gerror_handler,
921 kvm_arm_smmu_pri_handler);
922
923 if (smmu->features & ARM_SMMU_FEAT_PRI)
924 irqen_flags |= IRQ_CTRL_PRIQ_IRQEN;
925
926 /* Enable interrupt generation on the SMMU */
927 ret = arm_smmu_write_reg_sync(smmu, irqen_flags,
928 ARM_SMMU_IRQ_CTRL, ARM_SMMU_IRQ_CTRLACK);
929 if (ret)
930 dev_warn(smmu->dev, "failed to enable irqs\n");
931
932 return 0;
933 }
934
kvm_arm_probe_scmi_pd(struct device_node * scmi_node,struct kvm_power_domain * pd)935 static int kvm_arm_probe_scmi_pd(struct device_node *scmi_node,
936 struct kvm_power_domain *pd)
937 {
938 int ret;
939 struct resource res;
940 struct of_phandle_args args;
941
942 pd->type = KVM_POWER_DOMAIN_ARM_SCMI;
943
944 ret = of_parse_phandle_with_args(scmi_node, "shmem", NULL, 0, &args);
945 if (ret)
946 return ret;
947
948 ret = of_address_to_resource(args.np, 0, &res);
949 if (ret)
950 goto out_put_nodes;
951
952 ret = of_property_read_u32(scmi_node, "arm,smc-id",
953 &pd->arm_scmi.smc_id);
954 if (ret)
955 goto out_put_nodes;
956
957 /*
958 * The shared buffer is unmapped from the host while a request is in
959 * flight, so it has to be on its own page.
960 */
961 if (!IS_ALIGNED(res.start, SZ_64K) || resource_size(&res) < SZ_64K) {
962 ret = -EINVAL;
963 goto out_put_nodes;
964 }
965
966 pd->arm_scmi.shmem_base = res.start;
967 pd->arm_scmi.shmem_size = resource_size(&res);
968
969 out_put_nodes:
970 of_node_put(args.np);
971 return ret;
972 }
973
974 /* TODO: Move this. None of it is specific to SMMU */
kvm_arm_probe_power_domain(struct device * dev,struct kvm_power_domain * pd)975 static int kvm_arm_probe_power_domain(struct device *dev,
976 struct kvm_power_domain *pd)
977 {
978 int ret;
979 struct device_node *parent;
980 struct of_phandle_args args;
981
982 if (!of_get_property(dev->of_node, "power-domains", NULL))
983 return 0;
984
985 ret = of_parse_phandle_with_args(dev->of_node, "power-domains",
986 "#power-domain-cells", 0, &args);
987 if (ret)
988 return ret;
989
990 parent = of_get_parent(args.np);
991 if (parent && of_device_is_compatible(parent, "arm,scmi-smc") &&
992 args.args_count > 0) {
993 pd->arm_scmi.domain_id = args.args[0];
994 ret = kvm_arm_probe_scmi_pd(parent, pd);
995 } else {
996 dev_warn(dev, "Unknown PM method for %pOF, using HVC\n",
997 args.np);
998 pd->type = KVM_POWER_DOMAIN_HOST_HVC;
999 pd->device_id = kvm_arm_smmu_cur;
1000 }
1001 of_node_put(parent);
1002 of_node_put(args.np);
1003 return ret;
1004 }
1005
kvm_arm_smmu_probe(struct platform_device * pdev)1006 static int kvm_arm_smmu_probe(struct platform_device *pdev)
1007 {
1008 int ret;
1009 size_t size;
1010 phys_addr_t ioaddr;
1011 struct resource *res;
1012 struct arm_smmu_device *smmu;
1013 struct device *dev = &pdev->dev;
1014 struct host_arm_smmu_device *host_smmu;
1015 struct hyp_arm_smmu_v3_device *hyp_smmu;
1016
1017 if (kvm_arm_smmu_cur >= kvm_arm_smmu_count)
1018 return -ENOSPC;
1019
1020 hyp_smmu = &kvm_arm_smmu_array[kvm_arm_smmu_cur];
1021
1022 host_smmu = devm_kzalloc(dev, sizeof(*host_smmu), GFP_KERNEL);
1023 if (!host_smmu)
1024 return -ENOMEM;
1025
1026 smmu = &host_smmu->smmu;
1027 smmu->dev = dev;
1028
1029 ret = arm_smmu_fw_probe(pdev, smmu);
1030 if (ret)
1031 return ret;
1032
1033 mutex_init(&smmu->streams_mutex);
1034 smmu->streams = RB_ROOT;
1035
1036 ret = kvm_arm_probe_power_domain(dev, &host_smmu->power_domain);
1037 if (ret)
1038 return ret;
1039
1040 res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
1041 size = resource_size(res);
1042 if (size < SZ_128K) {
1043 dev_err(dev, "unsupported MMIO region size (%pr)\n", res);
1044 return -EINVAL;
1045 }
1046 ioaddr = res->start;
1047 host_smmu->id = kvm_arm_smmu_cur;
1048
1049 smmu->base = devm_ioremap_resource(dev, res);
1050 if (IS_ERR(smmu->base))
1051 return PTR_ERR(smmu->base);
1052
1053 arm_smmu_probe_irq(pdev, smmu);
1054
1055 ret = arm_smmu_device_hw_probe(smmu);
1056 if (ret)
1057 return ret;
1058
1059 if (!kvm_arm_smmu_validate_features(smmu))
1060 return -ENODEV;
1061
1062 if (kvm_arm_smmu_ops.pgsize_bitmap == -1UL)
1063 kvm_arm_smmu_ops.pgsize_bitmap = smmu->pgsize_bitmap;
1064 else
1065 kvm_arm_smmu_ops.pgsize_bitmap |= smmu->pgsize_bitmap;
1066
1067 ret = arm_smmu_init_one_queue(smmu, &smmu->cmdq.q, smmu->base,
1068 ARM_SMMU_CMDQ_PROD, ARM_SMMU_CMDQ_CONS,
1069 CMDQ_ENT_DWORDS, "cmdq");
1070 if (ret)
1071 return ret;
1072
1073 /* evtq */
1074 ret = arm_smmu_init_one_queue(smmu, &smmu->evtq.q, smmu->base + SZ_64K,
1075 ARM_SMMU_EVTQ_PROD, ARM_SMMU_EVTQ_CONS,
1076 EVTQ_ENT_DWORDS, "evtq");
1077 if (ret)
1078 return ret;
1079
1080 ret = arm_smmu_init_strtab(smmu);
1081 if (ret)
1082 return ret;
1083
1084 ret = kvm_arm_smmu_device_reset(host_smmu);
1085 if (ret)
1086 return ret;
1087
1088 platform_set_drvdata(pdev, smmu);
1089
1090 /* Hypervisor parameters */
1091 hyp_smmu->pgsize_bitmap = smmu->pgsize_bitmap;
1092 hyp_smmu->oas = smmu->oas;
1093 hyp_smmu->ias = smmu->ias;
1094 hyp_smmu->mmio_addr = ioaddr;
1095 hyp_smmu->mmio_size = size;
1096 hyp_smmu->features = smmu->features;
1097 hyp_smmu->iommu.power_domain = host_smmu->power_domain;
1098 hyp_smmu->ssid_bits = smmu->ssid_bits;
1099
1100 kvm_arm_smmu_cur++;
1101
1102 pm_runtime_set_active(dev);
1103 pm_runtime_enable(dev);
1104 /*
1105 * Take a reference to keep the SMMU powered on while the hypervisor
1106 * initializes it.
1107 */
1108 pm_runtime_resume_and_get(dev);
1109
1110 return arm_smmu_register_iommu(smmu, &kvm_arm_smmu_ops, ioaddr);
1111 }
1112
kvm_arm_smmu_remove(struct platform_device * pdev)1113 static void kvm_arm_smmu_remove(struct platform_device *pdev)
1114 {
1115 struct arm_smmu_device *smmu = platform_get_drvdata(pdev);
1116 struct host_arm_smmu_device *host_smmu = smmu_to_host(smmu);
1117
1118 pm_runtime_disable(&pdev->dev);
1119 pm_runtime_set_suspended(&pdev->dev);
1120 /*
1121 * There was an error during hypervisor setup. The hyp driver may
1122 * have already enabled the device, so disable it.
1123 */
1124 arm_smmu_device_disable(smmu);
1125 arm_smmu_update_gbpa(smmu, host_smmu->boot_gbpa, GBPA_ABORT);
1126 arm_smmu_unregister_iommu(smmu);
1127 }
1128
kvm_arm_smmu_suspend(struct device * dev)1129 static int kvm_arm_smmu_suspend(struct device *dev)
1130 {
1131 struct arm_smmu_device *smmu = dev_get_drvdata(dev);
1132 struct host_arm_smmu_device *host_smmu = smmu_to_host(smmu);
1133
1134 if (host_smmu->power_domain.type == KVM_POWER_DOMAIN_HOST_HVC)
1135 return pkvm_iommu_suspend(dev);
1136 return 0;
1137 }
1138
kvm_arm_smmu_resume(struct device * dev)1139 static int kvm_arm_smmu_resume(struct device *dev)
1140 {
1141 struct arm_smmu_device *smmu = dev_get_drvdata(dev);
1142 struct host_arm_smmu_device *host_smmu = smmu_to_host(smmu);
1143
1144 if (host_smmu->power_domain.type == KVM_POWER_DOMAIN_HOST_HVC)
1145 return pkvm_iommu_resume(dev);
1146 return 0;
1147 }
1148
1149 static const struct dev_pm_ops kvm_arm_smmu_pm_ops = {
1150 SET_RUNTIME_PM_OPS(kvm_arm_smmu_suspend, kvm_arm_smmu_resume, NULL)
1151 };
1152
1153 static const struct of_device_id arm_smmu_of_match[] = {
1154 { .compatible = "arm,smmu-v3", },
1155 { },
1156 };
1157
1158 static struct platform_driver kvm_arm_smmu_driver = {
1159 .driver = {
1160 .name = "kvm-arm-smmu-v3",
1161 .of_match_table = arm_smmu_of_match,
1162 .pm = &kvm_arm_smmu_pm_ops,
1163 },
1164 .remove = kvm_arm_smmu_remove,
1165 };
1166
kvm_arm_smmu_array_alloc(void)1167 static int kvm_arm_smmu_array_alloc(void)
1168 {
1169 int smmu_order;
1170 struct device_node *np;
1171
1172 kvm_arm_smmu_count = 0;
1173 for_each_compatible_node(np, NULL, "arm,smmu-v3")
1174 kvm_arm_smmu_count++;
1175
1176 if (!kvm_arm_smmu_count)
1177 return 0;
1178
1179 /* Allocate the parameter list shared with the hypervisor */
1180 smmu_order = get_order(kvm_arm_smmu_count * sizeof(*kvm_arm_smmu_array));
1181 kvm_arm_smmu_array = (void *)__get_free_pages(GFP_KERNEL | __GFP_ZERO,
1182 smmu_order);
1183 if (!kvm_arm_smmu_array)
1184 return -ENOMEM;
1185
1186 return 0;
1187 }
1188
kvm_arm_smmu_array_free(void)1189 static void kvm_arm_smmu_array_free(void)
1190 {
1191 int order;
1192
1193 order = get_order(kvm_arm_smmu_count * sizeof(*kvm_arm_smmu_array));
1194 free_pages((unsigned long)kvm_arm_smmu_array, order);
1195 }
1196
smmu_put_device(struct device * dev,void * data)1197 static int smmu_put_device(struct device *dev, void *data)
1198 {
1199 pm_runtime_put(dev);
1200 return 0;
1201 }
1202
smmu_alloc_atomic_mc(struct kvm_hyp_memcache * atomic_mc)1203 static int smmu_alloc_atomic_mc(struct kvm_hyp_memcache *atomic_mc)
1204 {
1205 int ret;
1206 #ifndef MODULE
1207 u64 i;
1208 phys_addr_t start, end;
1209
1210 /*
1211 * Allocate pages to cover mapping with PAGE_SIZE for all memory
1212 * Then allocate extra for 1GB of MMIO.
1213 * Add 10 extra pages as we map the rest with first level blocks
1214 * for PAGE_SIZE = 4KB, that should cover 5TB of address space.
1215 */
1216 for_each_mem_range(i, &start, &end) {
1217 atomic_pages += __hyp_pgtable_max_pages((end - start) >> PAGE_SHIFT);
1218 }
1219
1220 atomic_pages += __hyp_pgtable_max_pages(SZ_1G >> PAGE_SHIFT) + 10;
1221 #endif
1222
1223 /* Module didn't set that parameter. */
1224 if (!atomic_pages)
1225 return 0;
1226
1227 /* For PGD*/
1228 ret = topup_hyp_memcache(atomic_mc, 1, 3);
1229 if (ret)
1230 return ret;
1231 ret = topup_hyp_memcache(atomic_mc, atomic_pages, 0);
1232 if (ret)
1233 return ret;
1234 pr_info("smmuv3: Allocated %d MiB for atomic usage\n",
1235 (atomic_pages << PAGE_SHIFT) / SZ_1M);
1236 /* Topup hyp alloc so IOMMU driver can allocate domains. */
1237 __pkvm_topup_hyp_alloc(1);
1238
1239 return ret;
1240 }
1241
1242 /*
1243 * Drop the PM references of the SMMU taken at probe
1244 * after it's guaranteed the hypervisor as initialized the SMMUs.
1245 */
kvm_arm_smmu_v3_post_init(void)1246 static int kvm_arm_smmu_v3_post_init(void)
1247 {
1248 if (!kvm_arm_smmu_count)
1249 return 0;
1250
1251 WARN_ON(driver_for_each_device(&kvm_arm_smmu_driver.driver, NULL,
1252 NULL, smmu_put_device));
1253 return 0;
1254 }
1255
kvm_arm_smmu_v3_init_drv(void)1256 static int kvm_arm_smmu_v3_init_drv(void)
1257 {
1258 int ret;
1259 struct kvm_hyp_memcache atomic_mc;
1260
1261 /*
1262 * Check whether any device owned by the host is behind an SMMU.
1263 */
1264 ret = kvm_arm_smmu_array_alloc();
1265 if (ret || !kvm_arm_smmu_count)
1266 return ret;
1267
1268 ret = platform_driver_probe(&kvm_arm_smmu_driver, kvm_arm_smmu_probe);
1269 if (ret)
1270 goto err_free;
1271
1272 if (kvm_arm_smmu_cur != kvm_arm_smmu_count) {
1273 /* A device exists but failed to probe */
1274 ret = -EUNATCH;
1275 goto err_free;
1276 }
1277
1278 #ifdef MODULE
1279 ret = pkvm_load_el2_module(kvm_nvhe_sym(smmu_init_hyp_module),
1280 &pkvm_module_token);
1281
1282 if (ret) {
1283 pr_err("Failed to load SMMUv3 IOMMU EL2 module: %d\n", ret);
1284 return ret;
1285 }
1286 #endif
1287 /*
1288 * These variables are stored in the nVHE image, and won't be accessible
1289 * after KVM initialization. Ownership of kvm_arm_smmu_array will be
1290 * transferred to the hypervisor as well.
1291 */
1292 kvm_hyp_arm_smmu_v3_smmus = kvm_arm_smmu_array;
1293 kvm_hyp_arm_smmu_v3_count = kvm_arm_smmu_count;
1294
1295 ret = smmu_alloc_atomic_mc(&atomic_mc);
1296 if (ret)
1297 goto err_free;
1298
1299 ret = kvm_iommu_init_hyp(ksym_ref_addr_nvhe(smmu_ops), &atomic_mc);
1300 if (ret)
1301 return ret;
1302
1303 /* Preemptively allocate the identity domain. */
1304 if (atomic_pages) {
1305 ret = kvm_iommu_alloc_domain(KVM_IOMMU_DOMAIN_IDMAP_ID,
1306 KVM_IOMMU_DOMAIN_IDMAP_TYPE);
1307 if (ret)
1308 return ret;
1309 }
1310 return kvm_arm_smmu_v3_post_init();
1311
1312 err_free:
1313 kvm_arm_smmu_array_free();
1314 return ret;
1315 }
1316
kvm_arm_smmu_v3_remove_drv(void)1317 static void kvm_arm_smmu_v3_remove_drv(void)
1318 {
1319 platform_driver_unregister(&kvm_arm_smmu_driver);
1320 }
1321
kvm_arm_smmu_v3_id(struct device * dev)1322 static pkvm_handle_t kvm_arm_smmu_v3_id(struct device *dev)
1323 {
1324 struct arm_smmu_device *smmu = dev_get_drvdata(dev);
1325 struct host_arm_smmu_device *host_smmu = smmu_to_host(smmu);
1326
1327 return host_smmu->id;
1328 }
1329
kvm_arm_v3_id_by_of(struct device_node * np)1330 static pkvm_handle_t kvm_arm_v3_id_by_of(struct device_node *np)
1331 {
1332 struct device *dev;
1333
1334 dev = driver_find_device_by_of_node(&kvm_arm_smmu_driver.driver, np);
1335 if (!dev)
1336 return 0;
1337
1338 put_device(dev);
1339
1340 return kvm_arm_smmu_v3_id(dev);
1341 }
1342
kvm_arm_smmu_v3_num_ids(struct device * dev)1343 static int kvm_arm_smmu_v3_num_ids(struct device *dev)
1344 {
1345 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
1346
1347 if (!fwspec)
1348 return -ENODEV;
1349
1350 return fwspec->num_ids;
1351 }
1352
kvm_arm_smmu_v3_device_id(struct device * dev,u32 idx,pkvm_handle_t * out_iommu,u32 * out_sid)1353 static int kvm_arm_smmu_v3_device_id(struct device *dev, u32 idx,
1354 pkvm_handle_t *out_iommu, u32 *out_sid)
1355 {
1356 struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
1357 struct kvm_arm_smmu_master *master = dev_iommu_priv_get(dev);
1358
1359 if (!fwspec || !master)
1360 return -ENODEV;
1361 if (idx >= fwspec->num_ids)
1362 return -ENOENT;
1363 *out_sid = fwspec->ids[idx];
1364 *out_iommu = kvm_arm_smmu_v3_id(master->smmu->dev);
1365
1366 return 0;
1367 }
1368
1369 struct kvm_iommu_driver kvm_smmu_v3_ops = {
1370 .init_driver = kvm_arm_smmu_v3_init_drv,
1371 .remove_driver = kvm_arm_smmu_v3_remove_drv,
1372 .get_iommu_id_by_of = kvm_arm_v3_id_by_of,
1373 .get_device_iommu_num_ids = kvm_arm_smmu_v3_num_ids,
1374 .get_device_iommu_id = kvm_arm_smmu_v3_device_id,
1375 };
1376
kvm_arm_smmu_v3_register(void)1377 static int kvm_arm_smmu_v3_register(void)
1378 {
1379 if (!is_protected_kvm_enabled())
1380 return 0;
1381
1382 return kvm_iommu_register_driver(&kvm_smmu_v3_ops);
1383 };
1384
1385 /*
1386 * Register must be run before de-privliage before kvm_iommu_init_driver
1387 * for module case, it should be loaded using pKVM early loading which
1388 * loads it before this point.
1389 * For builtin drivers we use core_initcall
1390 */
1391 #ifdef MODULE
1392 module_init(kvm_arm_smmu_v3_register);
1393 #else
1394 core_initcall(kvm_arm_smmu_v3_register);
1395 #endif
1396 MODULE_LICENSE("GPL v2");
1397