xref: /openbmc/linux/drivers/gpu/drm/i915/gvt/gtt.c (revision 8dd3cdea)
1 /*
2  * GTT virtualization
3  *
4  * Copyright(c) 2011-2016 Intel Corporation. All rights reserved.
5  *
6  * Permission is hereby granted, free of charge, to any person obtaining a
7  * copy of this software and associated documentation files (the "Software"),
8  * to deal in the Software without restriction, including without limitation
9  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
10  * and/or sell copies of the Software, and to permit persons to whom the
11  * Software is furnished to do so, subject to the following conditions:
12  *
13  * The above copyright notice and this permission notice (including the next
14  * paragraph) shall be included in all copies or substantial portions of the
15  * Software.
16  *
17  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
20  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
23  * SOFTWARE.
24  *
25  * Authors:
26  *    Zhi Wang <zhi.a.wang@intel.com>
27  *    Zhenyu Wang <zhenyuw@linux.intel.com>
28  *    Xiao Zheng <xiao.zheng@intel.com>
29  *
30  * Contributors:
31  *    Min He <min.he@intel.com>
32  *    Bing Niu <bing.niu@intel.com>
33  *
34  */
35 
36 #include "i915_drv.h"
37 #include "gvt.h"
38 #include "i915_pvinfo.h"
39 #include "trace.h"
40 
41 #include "gt/intel_gt_regs.h"
42 
43 #if defined(VERBOSE_DEBUG)
44 #define gvt_vdbg_mm(fmt, args...) gvt_dbg_mm(fmt, ##args)
45 #else
46 #define gvt_vdbg_mm(fmt, args...)
47 #endif
48 
49 static bool enable_out_of_sync = false;
50 static int preallocated_oos_pages = 8192;
51 
52 /*
53  * validate a gm address and related range size,
54  * translate it to host gm address
55  */
56 bool intel_gvt_ggtt_validate_range(struct intel_vgpu *vgpu, u64 addr, u32 size)
57 {
58 	if (size == 0)
59 		return vgpu_gmadr_is_valid(vgpu, addr);
60 
61 	if (vgpu_gmadr_is_aperture(vgpu, addr) &&
62 	    vgpu_gmadr_is_aperture(vgpu, addr + size - 1))
63 		return true;
64 	else if (vgpu_gmadr_is_hidden(vgpu, addr) &&
65 		 vgpu_gmadr_is_hidden(vgpu, addr + size - 1))
66 		return true;
67 
68 	gvt_dbg_mm("Invalid ggtt range at 0x%llx, size: 0x%x\n",
69 		     addr, size);
70 	return false;
71 }
72 
73 /* translate a guest gmadr to host gmadr */
74 int intel_gvt_ggtt_gmadr_g2h(struct intel_vgpu *vgpu, u64 g_addr, u64 *h_addr)
75 {
76 	struct drm_i915_private *i915 = vgpu->gvt->gt->i915;
77 
78 	if (drm_WARN(&i915->drm, !vgpu_gmadr_is_valid(vgpu, g_addr),
79 		     "invalid guest gmadr %llx\n", g_addr))
80 		return -EACCES;
81 
82 	if (vgpu_gmadr_is_aperture(vgpu, g_addr))
83 		*h_addr = vgpu_aperture_gmadr_base(vgpu)
84 			  + (g_addr - vgpu_aperture_offset(vgpu));
85 	else
86 		*h_addr = vgpu_hidden_gmadr_base(vgpu)
87 			  + (g_addr - vgpu_hidden_offset(vgpu));
88 	return 0;
89 }
90 
91 /* translate a host gmadr to guest gmadr */
92 int intel_gvt_ggtt_gmadr_h2g(struct intel_vgpu *vgpu, u64 h_addr, u64 *g_addr)
93 {
94 	struct drm_i915_private *i915 = vgpu->gvt->gt->i915;
95 
96 	if (drm_WARN(&i915->drm, !gvt_gmadr_is_valid(vgpu->gvt, h_addr),
97 		     "invalid host gmadr %llx\n", h_addr))
98 		return -EACCES;
99 
100 	if (gvt_gmadr_is_aperture(vgpu->gvt, h_addr))
101 		*g_addr = vgpu_aperture_gmadr_base(vgpu)
102 			+ (h_addr - gvt_aperture_gmadr_base(vgpu->gvt));
103 	else
104 		*g_addr = vgpu_hidden_gmadr_base(vgpu)
105 			+ (h_addr - gvt_hidden_gmadr_base(vgpu->gvt));
106 	return 0;
107 }
108 
109 int intel_gvt_ggtt_index_g2h(struct intel_vgpu *vgpu, unsigned long g_index,
110 			     unsigned long *h_index)
111 {
112 	u64 h_addr;
113 	int ret;
114 
115 	ret = intel_gvt_ggtt_gmadr_g2h(vgpu, g_index << I915_GTT_PAGE_SHIFT,
116 				       &h_addr);
117 	if (ret)
118 		return ret;
119 
120 	*h_index = h_addr >> I915_GTT_PAGE_SHIFT;
121 	return 0;
122 }
123 
124 int intel_gvt_ggtt_h2g_index(struct intel_vgpu *vgpu, unsigned long h_index,
125 			     unsigned long *g_index)
126 {
127 	u64 g_addr;
128 	int ret;
129 
130 	ret = intel_gvt_ggtt_gmadr_h2g(vgpu, h_index << I915_GTT_PAGE_SHIFT,
131 				       &g_addr);
132 	if (ret)
133 		return ret;
134 
135 	*g_index = g_addr >> I915_GTT_PAGE_SHIFT;
136 	return 0;
137 }
138 
139 #define gtt_type_is_entry(type) \
140 	(type > GTT_TYPE_INVALID && type < GTT_TYPE_PPGTT_ENTRY \
141 	 && type != GTT_TYPE_PPGTT_PTE_ENTRY \
142 	 && type != GTT_TYPE_PPGTT_ROOT_ENTRY)
143 
144 #define gtt_type_is_pt(type) \
145 	(type >= GTT_TYPE_PPGTT_PTE_PT && type < GTT_TYPE_MAX)
146 
147 #define gtt_type_is_pte_pt(type) \
148 	(type == GTT_TYPE_PPGTT_PTE_PT)
149 
150 #define gtt_type_is_root_pointer(type) \
151 	(gtt_type_is_entry(type) && type > GTT_TYPE_PPGTT_ROOT_ENTRY)
152 
153 #define gtt_init_entry(e, t, p, v) do { \
154 	(e)->type = t; \
155 	(e)->pdev = p; \
156 	memcpy(&(e)->val64, &v, sizeof(v)); \
157 } while (0)
158 
159 /*
160  * Mappings between GTT_TYPE* enumerations.
161  * Following information can be found according to the given type:
162  * - type of next level page table
163  * - type of entry inside this level page table
164  * - type of entry with PSE set
165  *
166  * If the given type doesn't have such a kind of information,
167  * e.g. give a l4 root entry type, then request to get its PSE type,
168  * give a PTE page table type, then request to get its next level page
169  * table type, as we know l4 root entry doesn't have a PSE bit,
170  * and a PTE page table doesn't have a next level page table type,
171  * GTT_TYPE_INVALID will be returned. This is useful when traversing a
172  * page table.
173  */
174 
175 struct gtt_type_table_entry {
176 	int entry_type;
177 	int pt_type;
178 	int next_pt_type;
179 	int pse_entry_type;
180 };
181 
182 #define GTT_TYPE_TABLE_ENTRY(type, e_type, cpt_type, npt_type, pse_type) \
183 	[type] = { \
184 		.entry_type = e_type, \
185 		.pt_type = cpt_type, \
186 		.next_pt_type = npt_type, \
187 		.pse_entry_type = pse_type, \
188 	}
189 
190 static const struct gtt_type_table_entry gtt_type_table[] = {
191 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_ROOT_L4_ENTRY,
192 			GTT_TYPE_PPGTT_ROOT_L4_ENTRY,
193 			GTT_TYPE_INVALID,
194 			GTT_TYPE_PPGTT_PML4_PT,
195 			GTT_TYPE_INVALID),
196 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PML4_PT,
197 			GTT_TYPE_PPGTT_PML4_ENTRY,
198 			GTT_TYPE_PPGTT_PML4_PT,
199 			GTT_TYPE_PPGTT_PDP_PT,
200 			GTT_TYPE_INVALID),
201 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PML4_ENTRY,
202 			GTT_TYPE_PPGTT_PML4_ENTRY,
203 			GTT_TYPE_PPGTT_PML4_PT,
204 			GTT_TYPE_PPGTT_PDP_PT,
205 			GTT_TYPE_INVALID),
206 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PDP_PT,
207 			GTT_TYPE_PPGTT_PDP_ENTRY,
208 			GTT_TYPE_PPGTT_PDP_PT,
209 			GTT_TYPE_PPGTT_PDE_PT,
210 			GTT_TYPE_PPGTT_PTE_1G_ENTRY),
211 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_ROOT_L3_ENTRY,
212 			GTT_TYPE_PPGTT_ROOT_L3_ENTRY,
213 			GTT_TYPE_INVALID,
214 			GTT_TYPE_PPGTT_PDE_PT,
215 			GTT_TYPE_PPGTT_PTE_1G_ENTRY),
216 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PDP_ENTRY,
217 			GTT_TYPE_PPGTT_PDP_ENTRY,
218 			GTT_TYPE_PPGTT_PDP_PT,
219 			GTT_TYPE_PPGTT_PDE_PT,
220 			GTT_TYPE_PPGTT_PTE_1G_ENTRY),
221 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PDE_PT,
222 			GTT_TYPE_PPGTT_PDE_ENTRY,
223 			GTT_TYPE_PPGTT_PDE_PT,
224 			GTT_TYPE_PPGTT_PTE_PT,
225 			GTT_TYPE_PPGTT_PTE_2M_ENTRY),
226 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PDE_ENTRY,
227 			GTT_TYPE_PPGTT_PDE_ENTRY,
228 			GTT_TYPE_PPGTT_PDE_PT,
229 			GTT_TYPE_PPGTT_PTE_PT,
230 			GTT_TYPE_PPGTT_PTE_2M_ENTRY),
231 	/* We take IPS bit as 'PSE' for PTE level. */
232 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PTE_PT,
233 			GTT_TYPE_PPGTT_PTE_4K_ENTRY,
234 			GTT_TYPE_PPGTT_PTE_PT,
235 			GTT_TYPE_INVALID,
236 			GTT_TYPE_PPGTT_PTE_64K_ENTRY),
237 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PTE_4K_ENTRY,
238 			GTT_TYPE_PPGTT_PTE_4K_ENTRY,
239 			GTT_TYPE_PPGTT_PTE_PT,
240 			GTT_TYPE_INVALID,
241 			GTT_TYPE_PPGTT_PTE_64K_ENTRY),
242 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PTE_64K_ENTRY,
243 			GTT_TYPE_PPGTT_PTE_4K_ENTRY,
244 			GTT_TYPE_PPGTT_PTE_PT,
245 			GTT_TYPE_INVALID,
246 			GTT_TYPE_PPGTT_PTE_64K_ENTRY),
247 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PTE_2M_ENTRY,
248 			GTT_TYPE_PPGTT_PDE_ENTRY,
249 			GTT_TYPE_PPGTT_PDE_PT,
250 			GTT_TYPE_INVALID,
251 			GTT_TYPE_PPGTT_PTE_2M_ENTRY),
252 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_PPGTT_PTE_1G_ENTRY,
253 			GTT_TYPE_PPGTT_PDP_ENTRY,
254 			GTT_TYPE_PPGTT_PDP_PT,
255 			GTT_TYPE_INVALID,
256 			GTT_TYPE_PPGTT_PTE_1G_ENTRY),
257 	GTT_TYPE_TABLE_ENTRY(GTT_TYPE_GGTT_PTE,
258 			GTT_TYPE_GGTT_PTE,
259 			GTT_TYPE_INVALID,
260 			GTT_TYPE_INVALID,
261 			GTT_TYPE_INVALID),
262 };
263 
264 static inline int get_next_pt_type(int type)
265 {
266 	return gtt_type_table[type].next_pt_type;
267 }
268 
269 static inline int get_pt_type(int type)
270 {
271 	return gtt_type_table[type].pt_type;
272 }
273 
274 static inline int get_entry_type(int type)
275 {
276 	return gtt_type_table[type].entry_type;
277 }
278 
279 static inline int get_pse_type(int type)
280 {
281 	return gtt_type_table[type].pse_entry_type;
282 }
283 
284 static u64 read_pte64(struct i915_ggtt *ggtt, unsigned long index)
285 {
286 	void __iomem *addr = (gen8_pte_t __iomem *)ggtt->gsm + index;
287 
288 	return readq(addr);
289 }
290 
291 static void ggtt_invalidate(struct intel_gt *gt)
292 {
293 	mmio_hw_access_pre(gt);
294 	intel_uncore_write(gt->uncore, GFX_FLSH_CNTL_GEN6, GFX_FLSH_CNTL_EN);
295 	mmio_hw_access_post(gt);
296 }
297 
298 static void write_pte64(struct i915_ggtt *ggtt, unsigned long index, u64 pte)
299 {
300 	void __iomem *addr = (gen8_pte_t __iomem *)ggtt->gsm + index;
301 
302 	writeq(pte, addr);
303 }
304 
305 static inline int gtt_get_entry64(void *pt,
306 		struct intel_gvt_gtt_entry *e,
307 		unsigned long index, bool hypervisor_access, unsigned long gpa,
308 		struct intel_vgpu *vgpu)
309 {
310 	const struct intel_gvt_device_info *info = &vgpu->gvt->device_info;
311 	int ret;
312 
313 	if (WARN_ON(info->gtt_entry_size != 8))
314 		return -EINVAL;
315 
316 	if (hypervisor_access) {
317 		ret = intel_gvt_hypervisor_read_gpa(vgpu, gpa +
318 				(index << info->gtt_entry_size_shift),
319 				&e->val64, 8);
320 		if (WARN_ON(ret))
321 			return ret;
322 	} else if (!pt) {
323 		e->val64 = read_pte64(vgpu->gvt->gt->ggtt, index);
324 	} else {
325 		e->val64 = *((u64 *)pt + index);
326 	}
327 	return 0;
328 }
329 
330 static inline int gtt_set_entry64(void *pt,
331 		struct intel_gvt_gtt_entry *e,
332 		unsigned long index, bool hypervisor_access, unsigned long gpa,
333 		struct intel_vgpu *vgpu)
334 {
335 	const struct intel_gvt_device_info *info = &vgpu->gvt->device_info;
336 	int ret;
337 
338 	if (WARN_ON(info->gtt_entry_size != 8))
339 		return -EINVAL;
340 
341 	if (hypervisor_access) {
342 		ret = intel_gvt_hypervisor_write_gpa(vgpu, gpa +
343 				(index << info->gtt_entry_size_shift),
344 				&e->val64, 8);
345 		if (WARN_ON(ret))
346 			return ret;
347 	} else if (!pt) {
348 		write_pte64(vgpu->gvt->gt->ggtt, index, e->val64);
349 	} else {
350 		*((u64 *)pt + index) = e->val64;
351 	}
352 	return 0;
353 }
354 
355 #define GTT_HAW 46
356 
357 #define ADDR_1G_MASK	GENMASK_ULL(GTT_HAW - 1, 30)
358 #define ADDR_2M_MASK	GENMASK_ULL(GTT_HAW - 1, 21)
359 #define ADDR_64K_MASK	GENMASK_ULL(GTT_HAW - 1, 16)
360 #define ADDR_4K_MASK	GENMASK_ULL(GTT_HAW - 1, 12)
361 
362 #define GTT_SPTE_FLAG_MASK GENMASK_ULL(62, 52)
363 #define GTT_SPTE_FLAG_64K_SPLITED BIT(52) /* splited 64K gtt entry */
364 
365 #define GTT_64K_PTE_STRIDE 16
366 
367 static unsigned long gen8_gtt_get_pfn(struct intel_gvt_gtt_entry *e)
368 {
369 	unsigned long pfn;
370 
371 	if (e->type == GTT_TYPE_PPGTT_PTE_1G_ENTRY)
372 		pfn = (e->val64 & ADDR_1G_MASK) >> PAGE_SHIFT;
373 	else if (e->type == GTT_TYPE_PPGTT_PTE_2M_ENTRY)
374 		pfn = (e->val64 & ADDR_2M_MASK) >> PAGE_SHIFT;
375 	else if (e->type == GTT_TYPE_PPGTT_PTE_64K_ENTRY)
376 		pfn = (e->val64 & ADDR_64K_MASK) >> PAGE_SHIFT;
377 	else
378 		pfn = (e->val64 & ADDR_4K_MASK) >> PAGE_SHIFT;
379 	return pfn;
380 }
381 
382 static void gen8_gtt_set_pfn(struct intel_gvt_gtt_entry *e, unsigned long pfn)
383 {
384 	if (e->type == GTT_TYPE_PPGTT_PTE_1G_ENTRY) {
385 		e->val64 &= ~ADDR_1G_MASK;
386 		pfn &= (ADDR_1G_MASK >> PAGE_SHIFT);
387 	} else if (e->type == GTT_TYPE_PPGTT_PTE_2M_ENTRY) {
388 		e->val64 &= ~ADDR_2M_MASK;
389 		pfn &= (ADDR_2M_MASK >> PAGE_SHIFT);
390 	} else if (e->type == GTT_TYPE_PPGTT_PTE_64K_ENTRY) {
391 		e->val64 &= ~ADDR_64K_MASK;
392 		pfn &= (ADDR_64K_MASK >> PAGE_SHIFT);
393 	} else {
394 		e->val64 &= ~ADDR_4K_MASK;
395 		pfn &= (ADDR_4K_MASK >> PAGE_SHIFT);
396 	}
397 
398 	e->val64 |= (pfn << PAGE_SHIFT);
399 }
400 
401 static bool gen8_gtt_test_pse(struct intel_gvt_gtt_entry *e)
402 {
403 	return !!(e->val64 & _PAGE_PSE);
404 }
405 
406 static void gen8_gtt_clear_pse(struct intel_gvt_gtt_entry *e)
407 {
408 	if (gen8_gtt_test_pse(e)) {
409 		switch (e->type) {
410 		case GTT_TYPE_PPGTT_PTE_2M_ENTRY:
411 			e->val64 &= ~_PAGE_PSE;
412 			e->type = GTT_TYPE_PPGTT_PDE_ENTRY;
413 			break;
414 		case GTT_TYPE_PPGTT_PTE_1G_ENTRY:
415 			e->type = GTT_TYPE_PPGTT_PDP_ENTRY;
416 			e->val64 &= ~_PAGE_PSE;
417 			break;
418 		default:
419 			WARN_ON(1);
420 		}
421 	}
422 }
423 
424 static bool gen8_gtt_test_ips(struct intel_gvt_gtt_entry *e)
425 {
426 	if (GEM_WARN_ON(e->type != GTT_TYPE_PPGTT_PDE_ENTRY))
427 		return false;
428 
429 	return !!(e->val64 & GEN8_PDE_IPS_64K);
430 }
431 
432 static void gen8_gtt_clear_ips(struct intel_gvt_gtt_entry *e)
433 {
434 	if (GEM_WARN_ON(e->type != GTT_TYPE_PPGTT_PDE_ENTRY))
435 		return;
436 
437 	e->val64 &= ~GEN8_PDE_IPS_64K;
438 }
439 
440 static bool gen8_gtt_test_present(struct intel_gvt_gtt_entry *e)
441 {
442 	/*
443 	 * i915 writes PDP root pointer registers without present bit,
444 	 * it also works, so we need to treat root pointer entry
445 	 * specifically.
446 	 */
447 	if (e->type == GTT_TYPE_PPGTT_ROOT_L3_ENTRY
448 			|| e->type == GTT_TYPE_PPGTT_ROOT_L4_ENTRY)
449 		return (e->val64 != 0);
450 	else
451 		return (e->val64 & GEN8_PAGE_PRESENT);
452 }
453 
454 static void gtt_entry_clear_present(struct intel_gvt_gtt_entry *e)
455 {
456 	e->val64 &= ~GEN8_PAGE_PRESENT;
457 }
458 
459 static void gtt_entry_set_present(struct intel_gvt_gtt_entry *e)
460 {
461 	e->val64 |= GEN8_PAGE_PRESENT;
462 }
463 
464 static bool gen8_gtt_test_64k_splited(struct intel_gvt_gtt_entry *e)
465 {
466 	return !!(e->val64 & GTT_SPTE_FLAG_64K_SPLITED);
467 }
468 
469 static void gen8_gtt_set_64k_splited(struct intel_gvt_gtt_entry *e)
470 {
471 	e->val64 |= GTT_SPTE_FLAG_64K_SPLITED;
472 }
473 
474 static void gen8_gtt_clear_64k_splited(struct intel_gvt_gtt_entry *e)
475 {
476 	e->val64 &= ~GTT_SPTE_FLAG_64K_SPLITED;
477 }
478 
479 /*
480  * Per-platform GMA routines.
481  */
482 static unsigned long gma_to_ggtt_pte_index(unsigned long gma)
483 {
484 	unsigned long x = (gma >> I915_GTT_PAGE_SHIFT);
485 
486 	trace_gma_index(__func__, gma, x);
487 	return x;
488 }
489 
490 #define DEFINE_PPGTT_GMA_TO_INDEX(prefix, ename, exp) \
491 static unsigned long prefix##_gma_to_##ename##_index(unsigned long gma) \
492 { \
493 	unsigned long x = (exp); \
494 	trace_gma_index(__func__, gma, x); \
495 	return x; \
496 }
497 
498 DEFINE_PPGTT_GMA_TO_INDEX(gen8, pte, (gma >> 12 & 0x1ff));
499 DEFINE_PPGTT_GMA_TO_INDEX(gen8, pde, (gma >> 21 & 0x1ff));
500 DEFINE_PPGTT_GMA_TO_INDEX(gen8, l3_pdp, (gma >> 30 & 0x3));
501 DEFINE_PPGTT_GMA_TO_INDEX(gen8, l4_pdp, (gma >> 30 & 0x1ff));
502 DEFINE_PPGTT_GMA_TO_INDEX(gen8, pml4, (gma >> 39 & 0x1ff));
503 
504 static const struct intel_gvt_gtt_pte_ops gen8_gtt_pte_ops = {
505 	.get_entry = gtt_get_entry64,
506 	.set_entry = gtt_set_entry64,
507 	.clear_present = gtt_entry_clear_present,
508 	.set_present = gtt_entry_set_present,
509 	.test_present = gen8_gtt_test_present,
510 	.test_pse = gen8_gtt_test_pse,
511 	.clear_pse = gen8_gtt_clear_pse,
512 	.clear_ips = gen8_gtt_clear_ips,
513 	.test_ips = gen8_gtt_test_ips,
514 	.clear_64k_splited = gen8_gtt_clear_64k_splited,
515 	.set_64k_splited = gen8_gtt_set_64k_splited,
516 	.test_64k_splited = gen8_gtt_test_64k_splited,
517 	.get_pfn = gen8_gtt_get_pfn,
518 	.set_pfn = gen8_gtt_set_pfn,
519 };
520 
521 static const struct intel_gvt_gtt_gma_ops gen8_gtt_gma_ops = {
522 	.gma_to_ggtt_pte_index = gma_to_ggtt_pte_index,
523 	.gma_to_pte_index = gen8_gma_to_pte_index,
524 	.gma_to_pde_index = gen8_gma_to_pde_index,
525 	.gma_to_l3_pdp_index = gen8_gma_to_l3_pdp_index,
526 	.gma_to_l4_pdp_index = gen8_gma_to_l4_pdp_index,
527 	.gma_to_pml4_index = gen8_gma_to_pml4_index,
528 };
529 
530 /* Update entry type per pse and ips bit. */
531 static void update_entry_type_for_real(const struct intel_gvt_gtt_pte_ops *pte_ops,
532 	struct intel_gvt_gtt_entry *entry, bool ips)
533 {
534 	switch (entry->type) {
535 	case GTT_TYPE_PPGTT_PDE_ENTRY:
536 	case GTT_TYPE_PPGTT_PDP_ENTRY:
537 		if (pte_ops->test_pse(entry))
538 			entry->type = get_pse_type(entry->type);
539 		break;
540 	case GTT_TYPE_PPGTT_PTE_4K_ENTRY:
541 		if (ips)
542 			entry->type = get_pse_type(entry->type);
543 		break;
544 	default:
545 		GEM_BUG_ON(!gtt_type_is_entry(entry->type));
546 	}
547 
548 	GEM_BUG_ON(entry->type == GTT_TYPE_INVALID);
549 }
550 
551 /*
552  * MM helpers.
553  */
554 static void _ppgtt_get_root_entry(struct intel_vgpu_mm *mm,
555 		struct intel_gvt_gtt_entry *entry, unsigned long index,
556 		bool guest)
557 {
558 	const struct intel_gvt_gtt_pte_ops *pte_ops = mm->vgpu->gvt->gtt.pte_ops;
559 
560 	GEM_BUG_ON(mm->type != INTEL_GVT_MM_PPGTT);
561 
562 	entry->type = mm->ppgtt_mm.root_entry_type;
563 	pte_ops->get_entry(guest ? mm->ppgtt_mm.guest_pdps :
564 			   mm->ppgtt_mm.shadow_pdps,
565 			   entry, index, false, 0, mm->vgpu);
566 	update_entry_type_for_real(pte_ops, entry, false);
567 }
568 
569 static inline void ppgtt_get_guest_root_entry(struct intel_vgpu_mm *mm,
570 		struct intel_gvt_gtt_entry *entry, unsigned long index)
571 {
572 	_ppgtt_get_root_entry(mm, entry, index, true);
573 }
574 
575 static inline void ppgtt_get_shadow_root_entry(struct intel_vgpu_mm *mm,
576 		struct intel_gvt_gtt_entry *entry, unsigned long index)
577 {
578 	_ppgtt_get_root_entry(mm, entry, index, false);
579 }
580 
581 static void _ppgtt_set_root_entry(struct intel_vgpu_mm *mm,
582 		struct intel_gvt_gtt_entry *entry, unsigned long index,
583 		bool guest)
584 {
585 	const struct intel_gvt_gtt_pte_ops *pte_ops = mm->vgpu->gvt->gtt.pte_ops;
586 
587 	pte_ops->set_entry(guest ? mm->ppgtt_mm.guest_pdps :
588 			   mm->ppgtt_mm.shadow_pdps,
589 			   entry, index, false, 0, mm->vgpu);
590 }
591 
592 static inline void ppgtt_set_shadow_root_entry(struct intel_vgpu_mm *mm,
593 		struct intel_gvt_gtt_entry *entry, unsigned long index)
594 {
595 	_ppgtt_set_root_entry(mm, entry, index, false);
596 }
597 
598 static void ggtt_get_guest_entry(struct intel_vgpu_mm *mm,
599 		struct intel_gvt_gtt_entry *entry, unsigned long index)
600 {
601 	const struct intel_gvt_gtt_pte_ops *pte_ops = mm->vgpu->gvt->gtt.pte_ops;
602 
603 	GEM_BUG_ON(mm->type != INTEL_GVT_MM_GGTT);
604 
605 	entry->type = GTT_TYPE_GGTT_PTE;
606 	pte_ops->get_entry(mm->ggtt_mm.virtual_ggtt, entry, index,
607 			   false, 0, mm->vgpu);
608 }
609 
610 static void ggtt_set_guest_entry(struct intel_vgpu_mm *mm,
611 		struct intel_gvt_gtt_entry *entry, unsigned long index)
612 {
613 	const struct intel_gvt_gtt_pte_ops *pte_ops = mm->vgpu->gvt->gtt.pte_ops;
614 
615 	GEM_BUG_ON(mm->type != INTEL_GVT_MM_GGTT);
616 
617 	pte_ops->set_entry(mm->ggtt_mm.virtual_ggtt, entry, index,
618 			   false, 0, mm->vgpu);
619 }
620 
621 static void ggtt_get_host_entry(struct intel_vgpu_mm *mm,
622 		struct intel_gvt_gtt_entry *entry, unsigned long index)
623 {
624 	const struct intel_gvt_gtt_pte_ops *pte_ops = mm->vgpu->gvt->gtt.pte_ops;
625 
626 	GEM_BUG_ON(mm->type != INTEL_GVT_MM_GGTT);
627 
628 	pte_ops->get_entry(NULL, entry, index, false, 0, mm->vgpu);
629 }
630 
631 static void ggtt_set_host_entry(struct intel_vgpu_mm *mm,
632 		struct intel_gvt_gtt_entry *entry, unsigned long index)
633 {
634 	const struct intel_gvt_gtt_pte_ops *pte_ops = mm->vgpu->gvt->gtt.pte_ops;
635 	unsigned long offset = index;
636 
637 	GEM_BUG_ON(mm->type != INTEL_GVT_MM_GGTT);
638 
639 	if (vgpu_gmadr_is_aperture(mm->vgpu, index << I915_GTT_PAGE_SHIFT)) {
640 		offset -= (vgpu_aperture_gmadr_base(mm->vgpu) >> PAGE_SHIFT);
641 		mm->ggtt_mm.host_ggtt_aperture[offset] = entry->val64;
642 	} else if (vgpu_gmadr_is_hidden(mm->vgpu, index << I915_GTT_PAGE_SHIFT)) {
643 		offset -= (vgpu_hidden_gmadr_base(mm->vgpu) >> PAGE_SHIFT);
644 		mm->ggtt_mm.host_ggtt_hidden[offset] = entry->val64;
645 	}
646 
647 	pte_ops->set_entry(NULL, entry, index, false, 0, mm->vgpu);
648 }
649 
650 /*
651  * PPGTT shadow page table helpers.
652  */
653 static inline int ppgtt_spt_get_entry(
654 		struct intel_vgpu_ppgtt_spt *spt,
655 		void *page_table, int type,
656 		struct intel_gvt_gtt_entry *e, unsigned long index,
657 		bool guest)
658 {
659 	struct intel_gvt *gvt = spt->vgpu->gvt;
660 	const struct intel_gvt_gtt_pte_ops *ops = gvt->gtt.pte_ops;
661 	int ret;
662 
663 	e->type = get_entry_type(type);
664 
665 	if (WARN(!gtt_type_is_entry(e->type), "invalid entry type\n"))
666 		return -EINVAL;
667 
668 	ret = ops->get_entry(page_table, e, index, guest,
669 			spt->guest_page.gfn << I915_GTT_PAGE_SHIFT,
670 			spt->vgpu);
671 	if (ret)
672 		return ret;
673 
674 	update_entry_type_for_real(ops, e, guest ?
675 				   spt->guest_page.pde_ips : false);
676 
677 	gvt_vdbg_mm("read ppgtt entry, spt type %d, entry type %d, index %lu, value %llx\n",
678 		    type, e->type, index, e->val64);
679 	return 0;
680 }
681 
682 static inline int ppgtt_spt_set_entry(
683 		struct intel_vgpu_ppgtt_spt *spt,
684 		void *page_table, int type,
685 		struct intel_gvt_gtt_entry *e, unsigned long index,
686 		bool guest)
687 {
688 	struct intel_gvt *gvt = spt->vgpu->gvt;
689 	const struct intel_gvt_gtt_pte_ops *ops = gvt->gtt.pte_ops;
690 
691 	if (WARN(!gtt_type_is_entry(e->type), "invalid entry type\n"))
692 		return -EINVAL;
693 
694 	gvt_vdbg_mm("set ppgtt entry, spt type %d, entry type %d, index %lu, value %llx\n",
695 		    type, e->type, index, e->val64);
696 
697 	return ops->set_entry(page_table, e, index, guest,
698 			spt->guest_page.gfn << I915_GTT_PAGE_SHIFT,
699 			spt->vgpu);
700 }
701 
702 #define ppgtt_get_guest_entry(spt, e, index) \
703 	ppgtt_spt_get_entry(spt, NULL, \
704 		spt->guest_page.type, e, index, true)
705 
706 #define ppgtt_set_guest_entry(spt, e, index) \
707 	ppgtt_spt_set_entry(spt, NULL, \
708 		spt->guest_page.type, e, index, true)
709 
710 #define ppgtt_get_shadow_entry(spt, e, index) \
711 	ppgtt_spt_get_entry(spt, spt->shadow_page.vaddr, \
712 		spt->shadow_page.type, e, index, false)
713 
714 #define ppgtt_set_shadow_entry(spt, e, index) \
715 	ppgtt_spt_set_entry(spt, spt->shadow_page.vaddr, \
716 		spt->shadow_page.type, e, index, false)
717 
718 static void *alloc_spt(gfp_t gfp_mask)
719 {
720 	struct intel_vgpu_ppgtt_spt *spt;
721 
722 	spt = kzalloc(sizeof(*spt), gfp_mask);
723 	if (!spt)
724 		return NULL;
725 
726 	spt->shadow_page.page = alloc_page(gfp_mask);
727 	if (!spt->shadow_page.page) {
728 		kfree(spt);
729 		return NULL;
730 	}
731 	return spt;
732 }
733 
734 static void free_spt(struct intel_vgpu_ppgtt_spt *spt)
735 {
736 	__free_page(spt->shadow_page.page);
737 	kfree(spt);
738 }
739 
740 static int detach_oos_page(struct intel_vgpu *vgpu,
741 		struct intel_vgpu_oos_page *oos_page);
742 
743 static void ppgtt_free_spt(struct intel_vgpu_ppgtt_spt *spt)
744 {
745 	struct device *kdev = spt->vgpu->gvt->gt->i915->drm.dev;
746 
747 	trace_spt_free(spt->vgpu->id, spt, spt->guest_page.type);
748 
749 	dma_unmap_page(kdev, spt->shadow_page.mfn << I915_GTT_PAGE_SHIFT, 4096,
750 		       DMA_BIDIRECTIONAL);
751 
752 	radix_tree_delete(&spt->vgpu->gtt.spt_tree, spt->shadow_page.mfn);
753 
754 	if (spt->guest_page.gfn) {
755 		if (spt->guest_page.oos_page)
756 			detach_oos_page(spt->vgpu, spt->guest_page.oos_page);
757 
758 		intel_vgpu_unregister_page_track(spt->vgpu, spt->guest_page.gfn);
759 	}
760 
761 	list_del_init(&spt->post_shadow_list);
762 	free_spt(spt);
763 }
764 
765 static void ppgtt_free_all_spt(struct intel_vgpu *vgpu)
766 {
767 	struct intel_vgpu_ppgtt_spt *spt, *spn;
768 	struct radix_tree_iter iter;
769 	LIST_HEAD(all_spt);
770 	void __rcu **slot;
771 
772 	rcu_read_lock();
773 	radix_tree_for_each_slot(slot, &vgpu->gtt.spt_tree, &iter, 0) {
774 		spt = radix_tree_deref_slot(slot);
775 		list_move(&spt->post_shadow_list, &all_spt);
776 	}
777 	rcu_read_unlock();
778 
779 	list_for_each_entry_safe(spt, spn, &all_spt, post_shadow_list)
780 		ppgtt_free_spt(spt);
781 }
782 
783 static int ppgtt_handle_guest_write_page_table_bytes(
784 		struct intel_vgpu_ppgtt_spt *spt,
785 		u64 pa, void *p_data, int bytes);
786 
787 static int ppgtt_write_protection_handler(
788 		struct intel_vgpu_page_track *page_track,
789 		u64 gpa, void *data, int bytes)
790 {
791 	struct intel_vgpu_ppgtt_spt *spt = page_track->priv_data;
792 
793 	int ret;
794 
795 	if (bytes != 4 && bytes != 8)
796 		return -EINVAL;
797 
798 	ret = ppgtt_handle_guest_write_page_table_bytes(spt, gpa, data, bytes);
799 	if (ret)
800 		return ret;
801 	return ret;
802 }
803 
804 /* Find a spt by guest gfn. */
805 static struct intel_vgpu_ppgtt_spt *intel_vgpu_find_spt_by_gfn(
806 		struct intel_vgpu *vgpu, unsigned long gfn)
807 {
808 	struct intel_vgpu_page_track *track;
809 
810 	track = intel_vgpu_find_page_track(vgpu, gfn);
811 	if (track && track->handler == ppgtt_write_protection_handler)
812 		return track->priv_data;
813 
814 	return NULL;
815 }
816 
817 /* Find the spt by shadow page mfn. */
818 static inline struct intel_vgpu_ppgtt_spt *intel_vgpu_find_spt_by_mfn(
819 		struct intel_vgpu *vgpu, unsigned long mfn)
820 {
821 	return radix_tree_lookup(&vgpu->gtt.spt_tree, mfn);
822 }
823 
824 static int reclaim_one_ppgtt_mm(struct intel_gvt *gvt);
825 
826 /* Allocate shadow page table without guest page. */
827 static struct intel_vgpu_ppgtt_spt *ppgtt_alloc_spt(
828 		struct intel_vgpu *vgpu, enum intel_gvt_gtt_type type)
829 {
830 	struct device *kdev = vgpu->gvt->gt->i915->drm.dev;
831 	struct intel_vgpu_ppgtt_spt *spt = NULL;
832 	dma_addr_t daddr;
833 	int ret;
834 
835 retry:
836 	spt = alloc_spt(GFP_KERNEL | __GFP_ZERO);
837 	if (!spt) {
838 		if (reclaim_one_ppgtt_mm(vgpu->gvt))
839 			goto retry;
840 
841 		gvt_vgpu_err("fail to allocate ppgtt shadow page\n");
842 		return ERR_PTR(-ENOMEM);
843 	}
844 
845 	spt->vgpu = vgpu;
846 	atomic_set(&spt->refcount, 1);
847 	INIT_LIST_HEAD(&spt->post_shadow_list);
848 
849 	/*
850 	 * Init shadow_page.
851 	 */
852 	spt->shadow_page.type = type;
853 	daddr = dma_map_page(kdev, spt->shadow_page.page,
854 			     0, 4096, DMA_BIDIRECTIONAL);
855 	if (dma_mapping_error(kdev, daddr)) {
856 		gvt_vgpu_err("fail to map dma addr\n");
857 		ret = -EINVAL;
858 		goto err_free_spt;
859 	}
860 	spt->shadow_page.vaddr = page_address(spt->shadow_page.page);
861 	spt->shadow_page.mfn = daddr >> I915_GTT_PAGE_SHIFT;
862 
863 	ret = radix_tree_insert(&vgpu->gtt.spt_tree, spt->shadow_page.mfn, spt);
864 	if (ret)
865 		goto err_unmap_dma;
866 
867 	return spt;
868 
869 err_unmap_dma:
870 	dma_unmap_page(kdev, daddr, PAGE_SIZE, DMA_BIDIRECTIONAL);
871 err_free_spt:
872 	free_spt(spt);
873 	return ERR_PTR(ret);
874 }
875 
876 /* Allocate shadow page table associated with specific gfn. */
877 static struct intel_vgpu_ppgtt_spt *ppgtt_alloc_spt_gfn(
878 		struct intel_vgpu *vgpu, enum intel_gvt_gtt_type type,
879 		unsigned long gfn, bool guest_pde_ips)
880 {
881 	struct intel_vgpu_ppgtt_spt *spt;
882 	int ret;
883 
884 	spt = ppgtt_alloc_spt(vgpu, type);
885 	if (IS_ERR(spt))
886 		return spt;
887 
888 	/*
889 	 * Init guest_page.
890 	 */
891 	ret = intel_vgpu_register_page_track(vgpu, gfn,
892 			ppgtt_write_protection_handler, spt);
893 	if (ret) {
894 		ppgtt_free_spt(spt);
895 		return ERR_PTR(ret);
896 	}
897 
898 	spt->guest_page.type = type;
899 	spt->guest_page.gfn = gfn;
900 	spt->guest_page.pde_ips = guest_pde_ips;
901 
902 	trace_spt_alloc(vgpu->id, spt, type, spt->shadow_page.mfn, gfn);
903 
904 	return spt;
905 }
906 
907 #define pt_entry_size_shift(spt) \
908 	((spt)->vgpu->gvt->device_info.gtt_entry_size_shift)
909 
910 #define pt_entries(spt) \
911 	(I915_GTT_PAGE_SIZE >> pt_entry_size_shift(spt))
912 
913 #define for_each_present_guest_entry(spt, e, i) \
914 	for (i = 0; i < pt_entries(spt); \
915 	     i += spt->guest_page.pde_ips ? GTT_64K_PTE_STRIDE : 1) \
916 		if (!ppgtt_get_guest_entry(spt, e, i) && \
917 		    spt->vgpu->gvt->gtt.pte_ops->test_present(e))
918 
919 #define for_each_present_shadow_entry(spt, e, i) \
920 	for (i = 0; i < pt_entries(spt); \
921 	     i += spt->shadow_page.pde_ips ? GTT_64K_PTE_STRIDE : 1) \
922 		if (!ppgtt_get_shadow_entry(spt, e, i) && \
923 		    spt->vgpu->gvt->gtt.pte_ops->test_present(e))
924 
925 #define for_each_shadow_entry(spt, e, i) \
926 	for (i = 0; i < pt_entries(spt); \
927 	     i += (spt->shadow_page.pde_ips ? GTT_64K_PTE_STRIDE : 1)) \
928 		if (!ppgtt_get_shadow_entry(spt, e, i))
929 
930 static inline void ppgtt_get_spt(struct intel_vgpu_ppgtt_spt *spt)
931 {
932 	int v = atomic_read(&spt->refcount);
933 
934 	trace_spt_refcount(spt->vgpu->id, "inc", spt, v, (v + 1));
935 	atomic_inc(&spt->refcount);
936 }
937 
938 static inline int ppgtt_put_spt(struct intel_vgpu_ppgtt_spt *spt)
939 {
940 	int v = atomic_read(&spt->refcount);
941 
942 	trace_spt_refcount(spt->vgpu->id, "dec", spt, v, (v - 1));
943 	return atomic_dec_return(&spt->refcount);
944 }
945 
946 static int ppgtt_invalidate_spt(struct intel_vgpu_ppgtt_spt *spt);
947 
948 static int ppgtt_invalidate_spt_by_shadow_entry(struct intel_vgpu *vgpu,
949 		struct intel_gvt_gtt_entry *e)
950 {
951 	struct drm_i915_private *i915 = vgpu->gvt->gt->i915;
952 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
953 	struct intel_vgpu_ppgtt_spt *s;
954 	enum intel_gvt_gtt_type cur_pt_type;
955 
956 	GEM_BUG_ON(!gtt_type_is_pt(get_next_pt_type(e->type)));
957 
958 	if (e->type != GTT_TYPE_PPGTT_ROOT_L3_ENTRY
959 		&& e->type != GTT_TYPE_PPGTT_ROOT_L4_ENTRY) {
960 		cur_pt_type = get_next_pt_type(e->type);
961 
962 		if (!gtt_type_is_pt(cur_pt_type) ||
963 				!gtt_type_is_pt(cur_pt_type + 1)) {
964 			drm_WARN(&i915->drm, 1,
965 				 "Invalid page table type, cur_pt_type is: %d\n",
966 				 cur_pt_type);
967 			return -EINVAL;
968 		}
969 
970 		cur_pt_type += 1;
971 
972 		if (ops->get_pfn(e) ==
973 			vgpu->gtt.scratch_pt[cur_pt_type].page_mfn)
974 			return 0;
975 	}
976 	s = intel_vgpu_find_spt_by_mfn(vgpu, ops->get_pfn(e));
977 	if (!s) {
978 		gvt_vgpu_err("fail to find shadow page: mfn: 0x%lx\n",
979 				ops->get_pfn(e));
980 		return -ENXIO;
981 	}
982 	return ppgtt_invalidate_spt(s);
983 }
984 
985 static inline void ppgtt_invalidate_pte(struct intel_vgpu_ppgtt_spt *spt,
986 		struct intel_gvt_gtt_entry *entry)
987 {
988 	struct intel_vgpu *vgpu = spt->vgpu;
989 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
990 	unsigned long pfn;
991 	int type;
992 
993 	pfn = ops->get_pfn(entry);
994 	type = spt->shadow_page.type;
995 
996 	/* Uninitialized spte or unshadowed spte. */
997 	if (!pfn || pfn == vgpu->gtt.scratch_pt[type].page_mfn)
998 		return;
999 
1000 	intel_gvt_hypervisor_dma_unmap_guest_page(vgpu, pfn << PAGE_SHIFT);
1001 }
1002 
1003 static int ppgtt_invalidate_spt(struct intel_vgpu_ppgtt_spt *spt)
1004 {
1005 	struct intel_vgpu *vgpu = spt->vgpu;
1006 	struct intel_gvt_gtt_entry e;
1007 	unsigned long index;
1008 	int ret;
1009 
1010 	trace_spt_change(spt->vgpu->id, "die", spt,
1011 			spt->guest_page.gfn, spt->shadow_page.type);
1012 
1013 	if (ppgtt_put_spt(spt) > 0)
1014 		return 0;
1015 
1016 	for_each_present_shadow_entry(spt, &e, index) {
1017 		switch (e.type) {
1018 		case GTT_TYPE_PPGTT_PTE_4K_ENTRY:
1019 			gvt_vdbg_mm("invalidate 4K entry\n");
1020 			ppgtt_invalidate_pte(spt, &e);
1021 			break;
1022 		case GTT_TYPE_PPGTT_PTE_64K_ENTRY:
1023 			/* We don't setup 64K shadow entry so far. */
1024 			WARN(1, "suspicious 64K gtt entry\n");
1025 			continue;
1026 		case GTT_TYPE_PPGTT_PTE_2M_ENTRY:
1027 			gvt_vdbg_mm("invalidate 2M entry\n");
1028 			continue;
1029 		case GTT_TYPE_PPGTT_PTE_1G_ENTRY:
1030 			WARN(1, "GVT doesn't support 1GB page\n");
1031 			continue;
1032 		case GTT_TYPE_PPGTT_PML4_ENTRY:
1033 		case GTT_TYPE_PPGTT_PDP_ENTRY:
1034 		case GTT_TYPE_PPGTT_PDE_ENTRY:
1035 			gvt_vdbg_mm("invalidate PMUL4/PDP/PDE entry\n");
1036 			ret = ppgtt_invalidate_spt_by_shadow_entry(
1037 					spt->vgpu, &e);
1038 			if (ret)
1039 				goto fail;
1040 			break;
1041 		default:
1042 			GEM_BUG_ON(1);
1043 		}
1044 	}
1045 
1046 	trace_spt_change(spt->vgpu->id, "release", spt,
1047 			 spt->guest_page.gfn, spt->shadow_page.type);
1048 	ppgtt_free_spt(spt);
1049 	return 0;
1050 fail:
1051 	gvt_vgpu_err("fail: shadow page %p shadow entry 0x%llx type %d\n",
1052 			spt, e.val64, e.type);
1053 	return ret;
1054 }
1055 
1056 static bool vgpu_ips_enabled(struct intel_vgpu *vgpu)
1057 {
1058 	struct drm_i915_private *dev_priv = vgpu->gvt->gt->i915;
1059 
1060 	if (GRAPHICS_VER(dev_priv) == 9) {
1061 		u32 ips = vgpu_vreg_t(vgpu, GEN8_GAMW_ECO_DEV_RW_IA) &
1062 			GAMW_ECO_ENABLE_64K_IPS_FIELD;
1063 
1064 		return ips == GAMW_ECO_ENABLE_64K_IPS_FIELD;
1065 	} else if (GRAPHICS_VER(dev_priv) >= 11) {
1066 		/* 64K paging only controlled by IPS bit in PTE now. */
1067 		return true;
1068 	} else
1069 		return false;
1070 }
1071 
1072 static int ppgtt_populate_spt(struct intel_vgpu_ppgtt_spt *spt);
1073 
1074 static struct intel_vgpu_ppgtt_spt *ppgtt_populate_spt_by_guest_entry(
1075 		struct intel_vgpu *vgpu, struct intel_gvt_gtt_entry *we)
1076 {
1077 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
1078 	struct intel_vgpu_ppgtt_spt *spt = NULL;
1079 	bool ips = false;
1080 	int ret;
1081 
1082 	GEM_BUG_ON(!gtt_type_is_pt(get_next_pt_type(we->type)));
1083 
1084 	if (we->type == GTT_TYPE_PPGTT_PDE_ENTRY)
1085 		ips = vgpu_ips_enabled(vgpu) && ops->test_ips(we);
1086 
1087 	spt = intel_vgpu_find_spt_by_gfn(vgpu, ops->get_pfn(we));
1088 	if (spt) {
1089 		ppgtt_get_spt(spt);
1090 
1091 		if (ips != spt->guest_page.pde_ips) {
1092 			spt->guest_page.pde_ips = ips;
1093 
1094 			gvt_dbg_mm("reshadow PDE since ips changed\n");
1095 			clear_page(spt->shadow_page.vaddr);
1096 			ret = ppgtt_populate_spt(spt);
1097 			if (ret) {
1098 				ppgtt_put_spt(spt);
1099 				goto err;
1100 			}
1101 		}
1102 	} else {
1103 		int type = get_next_pt_type(we->type);
1104 
1105 		if (!gtt_type_is_pt(type)) {
1106 			ret = -EINVAL;
1107 			goto err;
1108 		}
1109 
1110 		spt = ppgtt_alloc_spt_gfn(vgpu, type, ops->get_pfn(we), ips);
1111 		if (IS_ERR(spt)) {
1112 			ret = PTR_ERR(spt);
1113 			goto err;
1114 		}
1115 
1116 		ret = intel_vgpu_enable_page_track(vgpu, spt->guest_page.gfn);
1117 		if (ret)
1118 			goto err_free_spt;
1119 
1120 		ret = ppgtt_populate_spt(spt);
1121 		if (ret)
1122 			goto err_free_spt;
1123 
1124 		trace_spt_change(vgpu->id, "new", spt, spt->guest_page.gfn,
1125 				 spt->shadow_page.type);
1126 	}
1127 	return spt;
1128 
1129 err_free_spt:
1130 	ppgtt_free_spt(spt);
1131 	spt = NULL;
1132 err:
1133 	gvt_vgpu_err("fail: shadow page %p guest entry 0x%llx type %d\n",
1134 		     spt, we->val64, we->type);
1135 	return ERR_PTR(ret);
1136 }
1137 
1138 static inline void ppgtt_generate_shadow_entry(struct intel_gvt_gtt_entry *se,
1139 		struct intel_vgpu_ppgtt_spt *s, struct intel_gvt_gtt_entry *ge)
1140 {
1141 	const struct intel_gvt_gtt_pte_ops *ops = s->vgpu->gvt->gtt.pte_ops;
1142 
1143 	se->type = ge->type;
1144 	se->val64 = ge->val64;
1145 
1146 	/* Because we always split 64KB pages, so clear IPS in shadow PDE. */
1147 	if (se->type == GTT_TYPE_PPGTT_PDE_ENTRY)
1148 		ops->clear_ips(se);
1149 
1150 	ops->set_pfn(se, s->shadow_page.mfn);
1151 }
1152 
1153 /*
1154  * Check if can do 2M page
1155  * @vgpu: target vgpu
1156  * @entry: target pfn's gtt entry
1157  *
1158  * Return 1 if 2MB huge gtt shadowing is possible, 0 if miscondition,
1159  * negative if found err.
1160  */
1161 static int is_2MB_gtt_possible(struct intel_vgpu *vgpu,
1162 	struct intel_gvt_gtt_entry *entry)
1163 {
1164 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
1165 	unsigned long pfn;
1166 
1167 	if (!HAS_PAGE_SIZES(vgpu->gvt->gt->i915, I915_GTT_PAGE_SIZE_2M))
1168 		return 0;
1169 
1170 	pfn = intel_gvt_hypervisor_gfn_to_mfn(vgpu, ops->get_pfn(entry));
1171 	if (pfn == INTEL_GVT_INVALID_ADDR)
1172 		return -EINVAL;
1173 
1174 	return PageTransHuge(pfn_to_page(pfn));
1175 }
1176 
1177 static int split_2MB_gtt_entry(struct intel_vgpu *vgpu,
1178 	struct intel_vgpu_ppgtt_spt *spt, unsigned long index,
1179 	struct intel_gvt_gtt_entry *se)
1180 {
1181 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
1182 	struct intel_vgpu_ppgtt_spt *sub_spt;
1183 	struct intel_gvt_gtt_entry sub_se;
1184 	unsigned long start_gfn;
1185 	dma_addr_t dma_addr;
1186 	unsigned long sub_index;
1187 	int ret;
1188 
1189 	gvt_dbg_mm("Split 2M gtt entry, index %lu\n", index);
1190 
1191 	start_gfn = ops->get_pfn(se);
1192 
1193 	sub_spt = ppgtt_alloc_spt(vgpu, GTT_TYPE_PPGTT_PTE_PT);
1194 	if (IS_ERR(sub_spt))
1195 		return PTR_ERR(sub_spt);
1196 
1197 	for_each_shadow_entry(sub_spt, &sub_se, sub_index) {
1198 		ret = intel_gvt_hypervisor_dma_map_guest_page(vgpu,
1199 				start_gfn + sub_index, PAGE_SIZE, &dma_addr);
1200 		if (ret) {
1201 			ppgtt_invalidate_spt(spt);
1202 			return ret;
1203 		}
1204 		sub_se.val64 = se->val64;
1205 
1206 		/* Copy the PAT field from PDE. */
1207 		sub_se.val64 &= ~_PAGE_PAT;
1208 		sub_se.val64 |= (se->val64 & _PAGE_PAT_LARGE) >> 5;
1209 
1210 		ops->set_pfn(&sub_se, dma_addr >> PAGE_SHIFT);
1211 		ppgtt_set_shadow_entry(sub_spt, &sub_se, sub_index);
1212 	}
1213 
1214 	/* Clear dirty field. */
1215 	se->val64 &= ~_PAGE_DIRTY;
1216 
1217 	ops->clear_pse(se);
1218 	ops->clear_ips(se);
1219 	ops->set_pfn(se, sub_spt->shadow_page.mfn);
1220 	ppgtt_set_shadow_entry(spt, se, index);
1221 	return 0;
1222 }
1223 
1224 static int split_64KB_gtt_entry(struct intel_vgpu *vgpu,
1225 	struct intel_vgpu_ppgtt_spt *spt, unsigned long index,
1226 	struct intel_gvt_gtt_entry *se)
1227 {
1228 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
1229 	struct intel_gvt_gtt_entry entry = *se;
1230 	unsigned long start_gfn;
1231 	dma_addr_t dma_addr;
1232 	int i, ret;
1233 
1234 	gvt_vdbg_mm("Split 64K gtt entry, index %lu\n", index);
1235 
1236 	GEM_BUG_ON(index % GTT_64K_PTE_STRIDE);
1237 
1238 	start_gfn = ops->get_pfn(se);
1239 
1240 	entry.type = GTT_TYPE_PPGTT_PTE_4K_ENTRY;
1241 	ops->set_64k_splited(&entry);
1242 
1243 	for (i = 0; i < GTT_64K_PTE_STRIDE; i++) {
1244 		ret = intel_gvt_hypervisor_dma_map_guest_page(vgpu,
1245 					start_gfn + i, PAGE_SIZE, &dma_addr);
1246 		if (ret)
1247 			return ret;
1248 
1249 		ops->set_pfn(&entry, dma_addr >> PAGE_SHIFT);
1250 		ppgtt_set_shadow_entry(spt, &entry, index + i);
1251 	}
1252 	return 0;
1253 }
1254 
1255 static int ppgtt_populate_shadow_entry(struct intel_vgpu *vgpu,
1256 	struct intel_vgpu_ppgtt_spt *spt, unsigned long index,
1257 	struct intel_gvt_gtt_entry *ge)
1258 {
1259 	const struct intel_gvt_gtt_pte_ops *pte_ops = vgpu->gvt->gtt.pte_ops;
1260 	struct intel_gvt_gtt_entry se = *ge;
1261 	unsigned long gfn, page_size = PAGE_SIZE;
1262 	dma_addr_t dma_addr;
1263 	int ret;
1264 
1265 	if (!pte_ops->test_present(ge))
1266 		return 0;
1267 
1268 	gfn = pte_ops->get_pfn(ge);
1269 
1270 	switch (ge->type) {
1271 	case GTT_TYPE_PPGTT_PTE_4K_ENTRY:
1272 		gvt_vdbg_mm("shadow 4K gtt entry\n");
1273 		break;
1274 	case GTT_TYPE_PPGTT_PTE_64K_ENTRY:
1275 		gvt_vdbg_mm("shadow 64K gtt entry\n");
1276 		/*
1277 		 * The layout of 64K page is special, the page size is
1278 		 * controlled by uper PDE. To be simple, we always split
1279 		 * 64K page to smaller 4K pages in shadow PT.
1280 		 */
1281 		return split_64KB_gtt_entry(vgpu, spt, index, &se);
1282 	case GTT_TYPE_PPGTT_PTE_2M_ENTRY:
1283 		gvt_vdbg_mm("shadow 2M gtt entry\n");
1284 		ret = is_2MB_gtt_possible(vgpu, ge);
1285 		if (ret == 0)
1286 			return split_2MB_gtt_entry(vgpu, spt, index, &se);
1287 		else if (ret < 0)
1288 			return ret;
1289 		page_size = I915_GTT_PAGE_SIZE_2M;
1290 		break;
1291 	case GTT_TYPE_PPGTT_PTE_1G_ENTRY:
1292 		gvt_vgpu_err("GVT doesn't support 1GB entry\n");
1293 		return -EINVAL;
1294 	default:
1295 		GEM_BUG_ON(1);
1296 	}
1297 
1298 	/* direct shadow */
1299 	ret = intel_gvt_hypervisor_dma_map_guest_page(vgpu, gfn, page_size,
1300 						      &dma_addr);
1301 	if (ret)
1302 		return -ENXIO;
1303 
1304 	pte_ops->set_pfn(&se, dma_addr >> PAGE_SHIFT);
1305 	ppgtt_set_shadow_entry(spt, &se, index);
1306 	return 0;
1307 }
1308 
1309 static int ppgtt_populate_spt(struct intel_vgpu_ppgtt_spt *spt)
1310 {
1311 	struct intel_vgpu *vgpu = spt->vgpu;
1312 	struct intel_gvt *gvt = vgpu->gvt;
1313 	const struct intel_gvt_gtt_pte_ops *ops = gvt->gtt.pte_ops;
1314 	struct intel_vgpu_ppgtt_spt *s;
1315 	struct intel_gvt_gtt_entry se, ge;
1316 	unsigned long gfn, i;
1317 	int ret;
1318 
1319 	trace_spt_change(spt->vgpu->id, "born", spt,
1320 			 spt->guest_page.gfn, spt->shadow_page.type);
1321 
1322 	for_each_present_guest_entry(spt, &ge, i) {
1323 		if (gtt_type_is_pt(get_next_pt_type(ge.type))) {
1324 			s = ppgtt_populate_spt_by_guest_entry(vgpu, &ge);
1325 			if (IS_ERR(s)) {
1326 				ret = PTR_ERR(s);
1327 				goto fail;
1328 			}
1329 			ppgtt_get_shadow_entry(spt, &se, i);
1330 			ppgtt_generate_shadow_entry(&se, s, &ge);
1331 			ppgtt_set_shadow_entry(spt, &se, i);
1332 		} else {
1333 			gfn = ops->get_pfn(&ge);
1334 			if (!intel_gvt_hypervisor_is_valid_gfn(vgpu, gfn)) {
1335 				ops->set_pfn(&se, gvt->gtt.scratch_mfn);
1336 				ppgtt_set_shadow_entry(spt, &se, i);
1337 				continue;
1338 			}
1339 
1340 			ret = ppgtt_populate_shadow_entry(vgpu, spt, i, &ge);
1341 			if (ret)
1342 				goto fail;
1343 		}
1344 	}
1345 	return 0;
1346 fail:
1347 	gvt_vgpu_err("fail: shadow page %p guest entry 0x%llx type %d\n",
1348 			spt, ge.val64, ge.type);
1349 	return ret;
1350 }
1351 
1352 static int ppgtt_handle_guest_entry_removal(struct intel_vgpu_ppgtt_spt *spt,
1353 		struct intel_gvt_gtt_entry *se, unsigned long index)
1354 {
1355 	struct intel_vgpu *vgpu = spt->vgpu;
1356 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
1357 	int ret;
1358 
1359 	trace_spt_guest_change(spt->vgpu->id, "remove", spt,
1360 			       spt->shadow_page.type, se->val64, index);
1361 
1362 	gvt_vdbg_mm("destroy old shadow entry, type %d, index %lu, value %llx\n",
1363 		    se->type, index, se->val64);
1364 
1365 	if (!ops->test_present(se))
1366 		return 0;
1367 
1368 	if (ops->get_pfn(se) ==
1369 	    vgpu->gtt.scratch_pt[spt->shadow_page.type].page_mfn)
1370 		return 0;
1371 
1372 	if (gtt_type_is_pt(get_next_pt_type(se->type))) {
1373 		struct intel_vgpu_ppgtt_spt *s =
1374 			intel_vgpu_find_spt_by_mfn(vgpu, ops->get_pfn(se));
1375 		if (!s) {
1376 			gvt_vgpu_err("fail to find guest page\n");
1377 			ret = -ENXIO;
1378 			goto fail;
1379 		}
1380 		ret = ppgtt_invalidate_spt(s);
1381 		if (ret)
1382 			goto fail;
1383 	} else {
1384 		/* We don't setup 64K shadow entry so far. */
1385 		WARN(se->type == GTT_TYPE_PPGTT_PTE_64K_ENTRY,
1386 		     "suspicious 64K entry\n");
1387 		ppgtt_invalidate_pte(spt, se);
1388 	}
1389 
1390 	return 0;
1391 fail:
1392 	gvt_vgpu_err("fail: shadow page %p guest entry 0x%llx type %d\n",
1393 			spt, se->val64, se->type);
1394 	return ret;
1395 }
1396 
1397 static int ppgtt_handle_guest_entry_add(struct intel_vgpu_ppgtt_spt *spt,
1398 		struct intel_gvt_gtt_entry *we, unsigned long index)
1399 {
1400 	struct intel_vgpu *vgpu = spt->vgpu;
1401 	struct intel_gvt_gtt_entry m;
1402 	struct intel_vgpu_ppgtt_spt *s;
1403 	int ret;
1404 
1405 	trace_spt_guest_change(spt->vgpu->id, "add", spt, spt->shadow_page.type,
1406 			       we->val64, index);
1407 
1408 	gvt_vdbg_mm("add shadow entry: type %d, index %lu, value %llx\n",
1409 		    we->type, index, we->val64);
1410 
1411 	if (gtt_type_is_pt(get_next_pt_type(we->type))) {
1412 		s = ppgtt_populate_spt_by_guest_entry(vgpu, we);
1413 		if (IS_ERR(s)) {
1414 			ret = PTR_ERR(s);
1415 			goto fail;
1416 		}
1417 		ppgtt_get_shadow_entry(spt, &m, index);
1418 		ppgtt_generate_shadow_entry(&m, s, we);
1419 		ppgtt_set_shadow_entry(spt, &m, index);
1420 	} else {
1421 		ret = ppgtt_populate_shadow_entry(vgpu, spt, index, we);
1422 		if (ret)
1423 			goto fail;
1424 	}
1425 	return 0;
1426 fail:
1427 	gvt_vgpu_err("fail: spt %p guest entry 0x%llx type %d\n",
1428 		spt, we->val64, we->type);
1429 	return ret;
1430 }
1431 
1432 static int sync_oos_page(struct intel_vgpu *vgpu,
1433 		struct intel_vgpu_oos_page *oos_page)
1434 {
1435 	const struct intel_gvt_device_info *info = &vgpu->gvt->device_info;
1436 	struct intel_gvt *gvt = vgpu->gvt;
1437 	const struct intel_gvt_gtt_pte_ops *ops = gvt->gtt.pte_ops;
1438 	struct intel_vgpu_ppgtt_spt *spt = oos_page->spt;
1439 	struct intel_gvt_gtt_entry old, new;
1440 	int index;
1441 	int ret;
1442 
1443 	trace_oos_change(vgpu->id, "sync", oos_page->id,
1444 			 spt, spt->guest_page.type);
1445 
1446 	old.type = new.type = get_entry_type(spt->guest_page.type);
1447 	old.val64 = new.val64 = 0;
1448 
1449 	for (index = 0; index < (I915_GTT_PAGE_SIZE >>
1450 				info->gtt_entry_size_shift); index++) {
1451 		ops->get_entry(oos_page->mem, &old, index, false, 0, vgpu);
1452 		ops->get_entry(NULL, &new, index, true,
1453 			       spt->guest_page.gfn << PAGE_SHIFT, vgpu);
1454 
1455 		if (old.val64 == new.val64
1456 			&& !test_and_clear_bit(index, spt->post_shadow_bitmap))
1457 			continue;
1458 
1459 		trace_oos_sync(vgpu->id, oos_page->id,
1460 				spt, spt->guest_page.type,
1461 				new.val64, index);
1462 
1463 		ret = ppgtt_populate_shadow_entry(vgpu, spt, index, &new);
1464 		if (ret)
1465 			return ret;
1466 
1467 		ops->set_entry(oos_page->mem, &new, index, false, 0, vgpu);
1468 	}
1469 
1470 	spt->guest_page.write_cnt = 0;
1471 	list_del_init(&spt->post_shadow_list);
1472 	return 0;
1473 }
1474 
1475 static int detach_oos_page(struct intel_vgpu *vgpu,
1476 		struct intel_vgpu_oos_page *oos_page)
1477 {
1478 	struct intel_gvt *gvt = vgpu->gvt;
1479 	struct intel_vgpu_ppgtt_spt *spt = oos_page->spt;
1480 
1481 	trace_oos_change(vgpu->id, "detach", oos_page->id,
1482 			 spt, spt->guest_page.type);
1483 
1484 	spt->guest_page.write_cnt = 0;
1485 	spt->guest_page.oos_page = NULL;
1486 	oos_page->spt = NULL;
1487 
1488 	list_del_init(&oos_page->vm_list);
1489 	list_move_tail(&oos_page->list, &gvt->gtt.oos_page_free_list_head);
1490 
1491 	return 0;
1492 }
1493 
1494 static int attach_oos_page(struct intel_vgpu_oos_page *oos_page,
1495 		struct intel_vgpu_ppgtt_spt *spt)
1496 {
1497 	struct intel_gvt *gvt = spt->vgpu->gvt;
1498 	int ret;
1499 
1500 	ret = intel_gvt_hypervisor_read_gpa(spt->vgpu,
1501 			spt->guest_page.gfn << I915_GTT_PAGE_SHIFT,
1502 			oos_page->mem, I915_GTT_PAGE_SIZE);
1503 	if (ret)
1504 		return ret;
1505 
1506 	oos_page->spt = spt;
1507 	spt->guest_page.oos_page = oos_page;
1508 
1509 	list_move_tail(&oos_page->list, &gvt->gtt.oos_page_use_list_head);
1510 
1511 	trace_oos_change(spt->vgpu->id, "attach", oos_page->id,
1512 			 spt, spt->guest_page.type);
1513 	return 0;
1514 }
1515 
1516 static int ppgtt_set_guest_page_sync(struct intel_vgpu_ppgtt_spt *spt)
1517 {
1518 	struct intel_vgpu_oos_page *oos_page = spt->guest_page.oos_page;
1519 	int ret;
1520 
1521 	ret = intel_vgpu_enable_page_track(spt->vgpu, spt->guest_page.gfn);
1522 	if (ret)
1523 		return ret;
1524 
1525 	trace_oos_change(spt->vgpu->id, "set page sync", oos_page->id,
1526 			 spt, spt->guest_page.type);
1527 
1528 	list_del_init(&oos_page->vm_list);
1529 	return sync_oos_page(spt->vgpu, oos_page);
1530 }
1531 
1532 static int ppgtt_allocate_oos_page(struct intel_vgpu_ppgtt_spt *spt)
1533 {
1534 	struct intel_gvt *gvt = spt->vgpu->gvt;
1535 	struct intel_gvt_gtt *gtt = &gvt->gtt;
1536 	struct intel_vgpu_oos_page *oos_page = spt->guest_page.oos_page;
1537 	int ret;
1538 
1539 	WARN(oos_page, "shadow PPGTT page has already has a oos page\n");
1540 
1541 	if (list_empty(&gtt->oos_page_free_list_head)) {
1542 		oos_page = container_of(gtt->oos_page_use_list_head.next,
1543 			struct intel_vgpu_oos_page, list);
1544 		ret = ppgtt_set_guest_page_sync(oos_page->spt);
1545 		if (ret)
1546 			return ret;
1547 		ret = detach_oos_page(spt->vgpu, oos_page);
1548 		if (ret)
1549 			return ret;
1550 	} else
1551 		oos_page = container_of(gtt->oos_page_free_list_head.next,
1552 			struct intel_vgpu_oos_page, list);
1553 	return attach_oos_page(oos_page, spt);
1554 }
1555 
1556 static int ppgtt_set_guest_page_oos(struct intel_vgpu_ppgtt_spt *spt)
1557 {
1558 	struct intel_vgpu_oos_page *oos_page = spt->guest_page.oos_page;
1559 
1560 	if (WARN(!oos_page, "shadow PPGTT page should have a oos page\n"))
1561 		return -EINVAL;
1562 
1563 	trace_oos_change(spt->vgpu->id, "set page out of sync", oos_page->id,
1564 			 spt, spt->guest_page.type);
1565 
1566 	list_add_tail(&oos_page->vm_list, &spt->vgpu->gtt.oos_page_list_head);
1567 	return intel_vgpu_disable_page_track(spt->vgpu, spt->guest_page.gfn);
1568 }
1569 
1570 /**
1571  * intel_vgpu_sync_oos_pages - sync all the out-of-synced shadow for vGPU
1572  * @vgpu: a vGPU
1573  *
1574  * This function is called before submitting a guest workload to host,
1575  * to sync all the out-of-synced shadow for vGPU
1576  *
1577  * Returns:
1578  * Zero on success, negative error code if failed.
1579  */
1580 int intel_vgpu_sync_oos_pages(struct intel_vgpu *vgpu)
1581 {
1582 	struct list_head *pos, *n;
1583 	struct intel_vgpu_oos_page *oos_page;
1584 	int ret;
1585 
1586 	if (!enable_out_of_sync)
1587 		return 0;
1588 
1589 	list_for_each_safe(pos, n, &vgpu->gtt.oos_page_list_head) {
1590 		oos_page = container_of(pos,
1591 				struct intel_vgpu_oos_page, vm_list);
1592 		ret = ppgtt_set_guest_page_sync(oos_page->spt);
1593 		if (ret)
1594 			return ret;
1595 	}
1596 	return 0;
1597 }
1598 
1599 /*
1600  * The heart of PPGTT shadow page table.
1601  */
1602 static int ppgtt_handle_guest_write_page_table(
1603 		struct intel_vgpu_ppgtt_spt *spt,
1604 		struct intel_gvt_gtt_entry *we, unsigned long index)
1605 {
1606 	struct intel_vgpu *vgpu = spt->vgpu;
1607 	int type = spt->shadow_page.type;
1608 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
1609 	struct intel_gvt_gtt_entry old_se;
1610 	int new_present;
1611 	int i, ret;
1612 
1613 	new_present = ops->test_present(we);
1614 
1615 	/*
1616 	 * Adding the new entry first and then removing the old one, that can
1617 	 * guarantee the ppgtt table is validated during the window between
1618 	 * adding and removal.
1619 	 */
1620 	ppgtt_get_shadow_entry(spt, &old_se, index);
1621 
1622 	if (new_present) {
1623 		ret = ppgtt_handle_guest_entry_add(spt, we, index);
1624 		if (ret)
1625 			goto fail;
1626 	}
1627 
1628 	ret = ppgtt_handle_guest_entry_removal(spt, &old_se, index);
1629 	if (ret)
1630 		goto fail;
1631 
1632 	if (!new_present) {
1633 		/* For 64KB splited entries, we need clear them all. */
1634 		if (ops->test_64k_splited(&old_se) &&
1635 		    !(index % GTT_64K_PTE_STRIDE)) {
1636 			gvt_vdbg_mm("remove splited 64K shadow entries\n");
1637 			for (i = 0; i < GTT_64K_PTE_STRIDE; i++) {
1638 				ops->clear_64k_splited(&old_se);
1639 				ops->set_pfn(&old_se,
1640 					vgpu->gtt.scratch_pt[type].page_mfn);
1641 				ppgtt_set_shadow_entry(spt, &old_se, index + i);
1642 			}
1643 		} else if (old_se.type == GTT_TYPE_PPGTT_PTE_2M_ENTRY ||
1644 			   old_se.type == GTT_TYPE_PPGTT_PTE_1G_ENTRY) {
1645 			ops->clear_pse(&old_se);
1646 			ops->set_pfn(&old_se,
1647 				     vgpu->gtt.scratch_pt[type].page_mfn);
1648 			ppgtt_set_shadow_entry(spt, &old_se, index);
1649 		} else {
1650 			ops->set_pfn(&old_se,
1651 				     vgpu->gtt.scratch_pt[type].page_mfn);
1652 			ppgtt_set_shadow_entry(spt, &old_se, index);
1653 		}
1654 	}
1655 
1656 	return 0;
1657 fail:
1658 	gvt_vgpu_err("fail: shadow page %p guest entry 0x%llx type %d.\n",
1659 			spt, we->val64, we->type);
1660 	return ret;
1661 }
1662 
1663 
1664 
1665 static inline bool can_do_out_of_sync(struct intel_vgpu_ppgtt_spt *spt)
1666 {
1667 	return enable_out_of_sync
1668 		&& gtt_type_is_pte_pt(spt->guest_page.type)
1669 		&& spt->guest_page.write_cnt >= 2;
1670 }
1671 
1672 static void ppgtt_set_post_shadow(struct intel_vgpu_ppgtt_spt *spt,
1673 		unsigned long index)
1674 {
1675 	set_bit(index, spt->post_shadow_bitmap);
1676 	if (!list_empty(&spt->post_shadow_list))
1677 		return;
1678 
1679 	list_add_tail(&spt->post_shadow_list,
1680 			&spt->vgpu->gtt.post_shadow_list_head);
1681 }
1682 
1683 /**
1684  * intel_vgpu_flush_post_shadow - flush the post shadow transactions
1685  * @vgpu: a vGPU
1686  *
1687  * This function is called before submitting a guest workload to host,
1688  * to flush all the post shadows for a vGPU.
1689  *
1690  * Returns:
1691  * Zero on success, negative error code if failed.
1692  */
1693 int intel_vgpu_flush_post_shadow(struct intel_vgpu *vgpu)
1694 {
1695 	struct list_head *pos, *n;
1696 	struct intel_vgpu_ppgtt_spt *spt;
1697 	struct intel_gvt_gtt_entry ge;
1698 	unsigned long index;
1699 	int ret;
1700 
1701 	list_for_each_safe(pos, n, &vgpu->gtt.post_shadow_list_head) {
1702 		spt = container_of(pos, struct intel_vgpu_ppgtt_spt,
1703 				post_shadow_list);
1704 
1705 		for_each_set_bit(index, spt->post_shadow_bitmap,
1706 				GTT_ENTRY_NUM_IN_ONE_PAGE) {
1707 			ppgtt_get_guest_entry(spt, &ge, index);
1708 
1709 			ret = ppgtt_handle_guest_write_page_table(spt,
1710 							&ge, index);
1711 			if (ret)
1712 				return ret;
1713 			clear_bit(index, spt->post_shadow_bitmap);
1714 		}
1715 		list_del_init(&spt->post_shadow_list);
1716 	}
1717 	return 0;
1718 }
1719 
1720 static int ppgtt_handle_guest_write_page_table_bytes(
1721 		struct intel_vgpu_ppgtt_spt *spt,
1722 		u64 pa, void *p_data, int bytes)
1723 {
1724 	struct intel_vgpu *vgpu = spt->vgpu;
1725 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
1726 	const struct intel_gvt_device_info *info = &vgpu->gvt->device_info;
1727 	struct intel_gvt_gtt_entry we, se;
1728 	unsigned long index;
1729 	int ret;
1730 
1731 	index = (pa & (PAGE_SIZE - 1)) >> info->gtt_entry_size_shift;
1732 
1733 	ppgtt_get_guest_entry(spt, &we, index);
1734 
1735 	/*
1736 	 * For page table which has 64K gtt entry, only PTE#0, PTE#16,
1737 	 * PTE#32, ... PTE#496 are used. Unused PTEs update should be
1738 	 * ignored.
1739 	 */
1740 	if (we.type == GTT_TYPE_PPGTT_PTE_64K_ENTRY &&
1741 	    (index % GTT_64K_PTE_STRIDE)) {
1742 		gvt_vdbg_mm("Ignore write to unused PTE entry, index %lu\n",
1743 			    index);
1744 		return 0;
1745 	}
1746 
1747 	if (bytes == info->gtt_entry_size) {
1748 		ret = ppgtt_handle_guest_write_page_table(spt, &we, index);
1749 		if (ret)
1750 			return ret;
1751 	} else {
1752 		if (!test_bit(index, spt->post_shadow_bitmap)) {
1753 			int type = spt->shadow_page.type;
1754 
1755 			ppgtt_get_shadow_entry(spt, &se, index);
1756 			ret = ppgtt_handle_guest_entry_removal(spt, &se, index);
1757 			if (ret)
1758 				return ret;
1759 			ops->set_pfn(&se, vgpu->gtt.scratch_pt[type].page_mfn);
1760 			ppgtt_set_shadow_entry(spt, &se, index);
1761 		}
1762 		ppgtt_set_post_shadow(spt, index);
1763 	}
1764 
1765 	if (!enable_out_of_sync)
1766 		return 0;
1767 
1768 	spt->guest_page.write_cnt++;
1769 
1770 	if (spt->guest_page.oos_page)
1771 		ops->set_entry(spt->guest_page.oos_page->mem, &we, index,
1772 				false, 0, vgpu);
1773 
1774 	if (can_do_out_of_sync(spt)) {
1775 		if (!spt->guest_page.oos_page)
1776 			ppgtt_allocate_oos_page(spt);
1777 
1778 		ret = ppgtt_set_guest_page_oos(spt);
1779 		if (ret < 0)
1780 			return ret;
1781 	}
1782 	return 0;
1783 }
1784 
1785 static void invalidate_ppgtt_mm(struct intel_vgpu_mm *mm)
1786 {
1787 	struct intel_vgpu *vgpu = mm->vgpu;
1788 	struct intel_gvt *gvt = vgpu->gvt;
1789 	struct intel_gvt_gtt *gtt = &gvt->gtt;
1790 	const struct intel_gvt_gtt_pte_ops *ops = gtt->pte_ops;
1791 	struct intel_gvt_gtt_entry se;
1792 	int index;
1793 
1794 	if (!mm->ppgtt_mm.shadowed)
1795 		return;
1796 
1797 	for (index = 0; index < ARRAY_SIZE(mm->ppgtt_mm.shadow_pdps); index++) {
1798 		ppgtt_get_shadow_root_entry(mm, &se, index);
1799 
1800 		if (!ops->test_present(&se))
1801 			continue;
1802 
1803 		ppgtt_invalidate_spt_by_shadow_entry(vgpu, &se);
1804 		se.val64 = 0;
1805 		ppgtt_set_shadow_root_entry(mm, &se, index);
1806 
1807 		trace_spt_guest_change(vgpu->id, "destroy root pointer",
1808 				       NULL, se.type, se.val64, index);
1809 	}
1810 
1811 	mm->ppgtt_mm.shadowed = false;
1812 }
1813 
1814 
1815 static int shadow_ppgtt_mm(struct intel_vgpu_mm *mm)
1816 {
1817 	struct intel_vgpu *vgpu = mm->vgpu;
1818 	struct intel_gvt *gvt = vgpu->gvt;
1819 	struct intel_gvt_gtt *gtt = &gvt->gtt;
1820 	const struct intel_gvt_gtt_pte_ops *ops = gtt->pte_ops;
1821 	struct intel_vgpu_ppgtt_spt *spt;
1822 	struct intel_gvt_gtt_entry ge, se;
1823 	int index, ret;
1824 
1825 	if (mm->ppgtt_mm.shadowed)
1826 		return 0;
1827 
1828 	mm->ppgtt_mm.shadowed = true;
1829 
1830 	for (index = 0; index < ARRAY_SIZE(mm->ppgtt_mm.guest_pdps); index++) {
1831 		ppgtt_get_guest_root_entry(mm, &ge, index);
1832 
1833 		if (!ops->test_present(&ge))
1834 			continue;
1835 
1836 		trace_spt_guest_change(vgpu->id, __func__, NULL,
1837 				       ge.type, ge.val64, index);
1838 
1839 		spt = ppgtt_populate_spt_by_guest_entry(vgpu, &ge);
1840 		if (IS_ERR(spt)) {
1841 			gvt_vgpu_err("fail to populate guest root pointer\n");
1842 			ret = PTR_ERR(spt);
1843 			goto fail;
1844 		}
1845 		ppgtt_generate_shadow_entry(&se, spt, &ge);
1846 		ppgtt_set_shadow_root_entry(mm, &se, index);
1847 
1848 		trace_spt_guest_change(vgpu->id, "populate root pointer",
1849 				       NULL, se.type, se.val64, index);
1850 	}
1851 
1852 	return 0;
1853 fail:
1854 	invalidate_ppgtt_mm(mm);
1855 	return ret;
1856 }
1857 
1858 static struct intel_vgpu_mm *vgpu_alloc_mm(struct intel_vgpu *vgpu)
1859 {
1860 	struct intel_vgpu_mm *mm;
1861 
1862 	mm = kzalloc(sizeof(*mm), GFP_KERNEL);
1863 	if (!mm)
1864 		return NULL;
1865 
1866 	mm->vgpu = vgpu;
1867 	kref_init(&mm->ref);
1868 	atomic_set(&mm->pincount, 0);
1869 
1870 	return mm;
1871 }
1872 
1873 static void vgpu_free_mm(struct intel_vgpu_mm *mm)
1874 {
1875 	kfree(mm);
1876 }
1877 
1878 /**
1879  * intel_vgpu_create_ppgtt_mm - create a ppgtt mm object for a vGPU
1880  * @vgpu: a vGPU
1881  * @root_entry_type: ppgtt root entry type
1882  * @pdps: guest pdps.
1883  *
1884  * This function is used to create a ppgtt mm object for a vGPU.
1885  *
1886  * Returns:
1887  * Zero on success, negative error code in pointer if failed.
1888  */
1889 struct intel_vgpu_mm *intel_vgpu_create_ppgtt_mm(struct intel_vgpu *vgpu,
1890 		enum intel_gvt_gtt_type root_entry_type, u64 pdps[])
1891 {
1892 	struct intel_gvt *gvt = vgpu->gvt;
1893 	struct intel_vgpu_mm *mm;
1894 	int ret;
1895 
1896 	mm = vgpu_alloc_mm(vgpu);
1897 	if (!mm)
1898 		return ERR_PTR(-ENOMEM);
1899 
1900 	mm->type = INTEL_GVT_MM_PPGTT;
1901 
1902 	GEM_BUG_ON(root_entry_type != GTT_TYPE_PPGTT_ROOT_L3_ENTRY &&
1903 		   root_entry_type != GTT_TYPE_PPGTT_ROOT_L4_ENTRY);
1904 	mm->ppgtt_mm.root_entry_type = root_entry_type;
1905 
1906 	INIT_LIST_HEAD(&mm->ppgtt_mm.list);
1907 	INIT_LIST_HEAD(&mm->ppgtt_mm.lru_list);
1908 	INIT_LIST_HEAD(&mm->ppgtt_mm.link);
1909 
1910 	if (root_entry_type == GTT_TYPE_PPGTT_ROOT_L4_ENTRY)
1911 		mm->ppgtt_mm.guest_pdps[0] = pdps[0];
1912 	else
1913 		memcpy(mm->ppgtt_mm.guest_pdps, pdps,
1914 		       sizeof(mm->ppgtt_mm.guest_pdps));
1915 
1916 	ret = shadow_ppgtt_mm(mm);
1917 	if (ret) {
1918 		gvt_vgpu_err("failed to shadow ppgtt mm\n");
1919 		vgpu_free_mm(mm);
1920 		return ERR_PTR(ret);
1921 	}
1922 
1923 	list_add_tail(&mm->ppgtt_mm.list, &vgpu->gtt.ppgtt_mm_list_head);
1924 
1925 	mutex_lock(&gvt->gtt.ppgtt_mm_lock);
1926 	list_add_tail(&mm->ppgtt_mm.lru_list, &gvt->gtt.ppgtt_mm_lru_list_head);
1927 	mutex_unlock(&gvt->gtt.ppgtt_mm_lock);
1928 
1929 	return mm;
1930 }
1931 
1932 static struct intel_vgpu_mm *intel_vgpu_create_ggtt_mm(struct intel_vgpu *vgpu)
1933 {
1934 	struct intel_vgpu_mm *mm;
1935 	unsigned long nr_entries;
1936 
1937 	mm = vgpu_alloc_mm(vgpu);
1938 	if (!mm)
1939 		return ERR_PTR(-ENOMEM);
1940 
1941 	mm->type = INTEL_GVT_MM_GGTT;
1942 
1943 	nr_entries = gvt_ggtt_gm_sz(vgpu->gvt) >> I915_GTT_PAGE_SHIFT;
1944 	mm->ggtt_mm.virtual_ggtt =
1945 		vzalloc(array_size(nr_entries,
1946 				   vgpu->gvt->device_info.gtt_entry_size));
1947 	if (!mm->ggtt_mm.virtual_ggtt) {
1948 		vgpu_free_mm(mm);
1949 		return ERR_PTR(-ENOMEM);
1950 	}
1951 
1952 	mm->ggtt_mm.host_ggtt_aperture = vzalloc((vgpu_aperture_sz(vgpu) >> PAGE_SHIFT) * sizeof(u64));
1953 	if (!mm->ggtt_mm.host_ggtt_aperture) {
1954 		vfree(mm->ggtt_mm.virtual_ggtt);
1955 		vgpu_free_mm(mm);
1956 		return ERR_PTR(-ENOMEM);
1957 	}
1958 
1959 	mm->ggtt_mm.host_ggtt_hidden = vzalloc((vgpu_hidden_sz(vgpu) >> PAGE_SHIFT) * sizeof(u64));
1960 	if (!mm->ggtt_mm.host_ggtt_hidden) {
1961 		vfree(mm->ggtt_mm.host_ggtt_aperture);
1962 		vfree(mm->ggtt_mm.virtual_ggtt);
1963 		vgpu_free_mm(mm);
1964 		return ERR_PTR(-ENOMEM);
1965 	}
1966 
1967 	return mm;
1968 }
1969 
1970 /**
1971  * _intel_vgpu_mm_release - destroy a mm object
1972  * @mm_ref: a kref object
1973  *
1974  * This function is used to destroy a mm object for vGPU
1975  *
1976  */
1977 void _intel_vgpu_mm_release(struct kref *mm_ref)
1978 {
1979 	struct intel_vgpu_mm *mm = container_of(mm_ref, typeof(*mm), ref);
1980 
1981 	if (GEM_WARN_ON(atomic_read(&mm->pincount)))
1982 		gvt_err("vgpu mm pin count bug detected\n");
1983 
1984 	if (mm->type == INTEL_GVT_MM_PPGTT) {
1985 		list_del(&mm->ppgtt_mm.list);
1986 
1987 		mutex_lock(&mm->vgpu->gvt->gtt.ppgtt_mm_lock);
1988 		list_del(&mm->ppgtt_mm.lru_list);
1989 		mutex_unlock(&mm->vgpu->gvt->gtt.ppgtt_mm_lock);
1990 
1991 		invalidate_ppgtt_mm(mm);
1992 	} else {
1993 		vfree(mm->ggtt_mm.virtual_ggtt);
1994 		vfree(mm->ggtt_mm.host_ggtt_aperture);
1995 		vfree(mm->ggtt_mm.host_ggtt_hidden);
1996 	}
1997 
1998 	vgpu_free_mm(mm);
1999 }
2000 
2001 /**
2002  * intel_vgpu_unpin_mm - decrease the pin count of a vGPU mm object
2003  * @mm: a vGPU mm object
2004  *
2005  * This function is called when user doesn't want to use a vGPU mm object
2006  */
2007 void intel_vgpu_unpin_mm(struct intel_vgpu_mm *mm)
2008 {
2009 	atomic_dec_if_positive(&mm->pincount);
2010 }
2011 
2012 /**
2013  * intel_vgpu_pin_mm - increase the pin count of a vGPU mm object
2014  * @mm: target vgpu mm
2015  *
2016  * This function is called when user wants to use a vGPU mm object. If this
2017  * mm object hasn't been shadowed yet, the shadow will be populated at this
2018  * time.
2019  *
2020  * Returns:
2021  * Zero on success, negative error code if failed.
2022  */
2023 int intel_vgpu_pin_mm(struct intel_vgpu_mm *mm)
2024 {
2025 	int ret;
2026 
2027 	atomic_inc(&mm->pincount);
2028 
2029 	if (mm->type == INTEL_GVT_MM_PPGTT) {
2030 		ret = shadow_ppgtt_mm(mm);
2031 		if (ret)
2032 			return ret;
2033 
2034 		mutex_lock(&mm->vgpu->gvt->gtt.ppgtt_mm_lock);
2035 		list_move_tail(&mm->ppgtt_mm.lru_list,
2036 			       &mm->vgpu->gvt->gtt.ppgtt_mm_lru_list_head);
2037 		mutex_unlock(&mm->vgpu->gvt->gtt.ppgtt_mm_lock);
2038 	}
2039 
2040 	return 0;
2041 }
2042 
2043 static int reclaim_one_ppgtt_mm(struct intel_gvt *gvt)
2044 {
2045 	struct intel_vgpu_mm *mm;
2046 	struct list_head *pos, *n;
2047 
2048 	mutex_lock(&gvt->gtt.ppgtt_mm_lock);
2049 
2050 	list_for_each_safe(pos, n, &gvt->gtt.ppgtt_mm_lru_list_head) {
2051 		mm = container_of(pos, struct intel_vgpu_mm, ppgtt_mm.lru_list);
2052 
2053 		if (atomic_read(&mm->pincount))
2054 			continue;
2055 
2056 		list_del_init(&mm->ppgtt_mm.lru_list);
2057 		mutex_unlock(&gvt->gtt.ppgtt_mm_lock);
2058 		invalidate_ppgtt_mm(mm);
2059 		return 1;
2060 	}
2061 	mutex_unlock(&gvt->gtt.ppgtt_mm_lock);
2062 	return 0;
2063 }
2064 
2065 /*
2066  * GMA translation APIs.
2067  */
2068 static inline int ppgtt_get_next_level_entry(struct intel_vgpu_mm *mm,
2069 		struct intel_gvt_gtt_entry *e, unsigned long index, bool guest)
2070 {
2071 	struct intel_vgpu *vgpu = mm->vgpu;
2072 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
2073 	struct intel_vgpu_ppgtt_spt *s;
2074 
2075 	s = intel_vgpu_find_spt_by_mfn(vgpu, ops->get_pfn(e));
2076 	if (!s)
2077 		return -ENXIO;
2078 
2079 	if (!guest)
2080 		ppgtt_get_shadow_entry(s, e, index);
2081 	else
2082 		ppgtt_get_guest_entry(s, e, index);
2083 	return 0;
2084 }
2085 
2086 /**
2087  * intel_vgpu_gma_to_gpa - translate a gma to GPA
2088  * @mm: mm object. could be a PPGTT or GGTT mm object
2089  * @gma: graphics memory address in this mm object
2090  *
2091  * This function is used to translate a graphics memory address in specific
2092  * graphics memory space to guest physical address.
2093  *
2094  * Returns:
2095  * Guest physical address on success, INTEL_GVT_INVALID_ADDR if failed.
2096  */
2097 unsigned long intel_vgpu_gma_to_gpa(struct intel_vgpu_mm *mm, unsigned long gma)
2098 {
2099 	struct intel_vgpu *vgpu = mm->vgpu;
2100 	struct intel_gvt *gvt = vgpu->gvt;
2101 	const struct intel_gvt_gtt_pte_ops *pte_ops = gvt->gtt.pte_ops;
2102 	const struct intel_gvt_gtt_gma_ops *gma_ops = gvt->gtt.gma_ops;
2103 	unsigned long gpa = INTEL_GVT_INVALID_ADDR;
2104 	unsigned long gma_index[4];
2105 	struct intel_gvt_gtt_entry e;
2106 	int i, levels = 0;
2107 	int ret;
2108 
2109 	GEM_BUG_ON(mm->type != INTEL_GVT_MM_GGTT &&
2110 		   mm->type != INTEL_GVT_MM_PPGTT);
2111 
2112 	if (mm->type == INTEL_GVT_MM_GGTT) {
2113 		if (!vgpu_gmadr_is_valid(vgpu, gma))
2114 			goto err;
2115 
2116 		ggtt_get_guest_entry(mm, &e,
2117 			gma_ops->gma_to_ggtt_pte_index(gma));
2118 
2119 		gpa = (pte_ops->get_pfn(&e) << I915_GTT_PAGE_SHIFT)
2120 			+ (gma & ~I915_GTT_PAGE_MASK);
2121 
2122 		trace_gma_translate(vgpu->id, "ggtt", 0, 0, gma, gpa);
2123 	} else {
2124 		switch (mm->ppgtt_mm.root_entry_type) {
2125 		case GTT_TYPE_PPGTT_ROOT_L4_ENTRY:
2126 			ppgtt_get_shadow_root_entry(mm, &e, 0);
2127 
2128 			gma_index[0] = gma_ops->gma_to_pml4_index(gma);
2129 			gma_index[1] = gma_ops->gma_to_l4_pdp_index(gma);
2130 			gma_index[2] = gma_ops->gma_to_pde_index(gma);
2131 			gma_index[3] = gma_ops->gma_to_pte_index(gma);
2132 			levels = 4;
2133 			break;
2134 		case GTT_TYPE_PPGTT_ROOT_L3_ENTRY:
2135 			ppgtt_get_shadow_root_entry(mm, &e,
2136 					gma_ops->gma_to_l3_pdp_index(gma));
2137 
2138 			gma_index[0] = gma_ops->gma_to_pde_index(gma);
2139 			gma_index[1] = gma_ops->gma_to_pte_index(gma);
2140 			levels = 2;
2141 			break;
2142 		default:
2143 			GEM_BUG_ON(1);
2144 		}
2145 
2146 		/* walk the shadow page table and get gpa from guest entry */
2147 		for (i = 0; i < levels; i++) {
2148 			ret = ppgtt_get_next_level_entry(mm, &e, gma_index[i],
2149 				(i == levels - 1));
2150 			if (ret)
2151 				goto err;
2152 
2153 			if (!pte_ops->test_present(&e)) {
2154 				gvt_dbg_core("GMA 0x%lx is not present\n", gma);
2155 				goto err;
2156 			}
2157 		}
2158 
2159 		gpa = (pte_ops->get_pfn(&e) << I915_GTT_PAGE_SHIFT) +
2160 					(gma & ~I915_GTT_PAGE_MASK);
2161 		trace_gma_translate(vgpu->id, "ppgtt", 0,
2162 				    mm->ppgtt_mm.root_entry_type, gma, gpa);
2163 	}
2164 
2165 	return gpa;
2166 err:
2167 	gvt_vgpu_err("invalid mm type: %d gma %lx\n", mm->type, gma);
2168 	return INTEL_GVT_INVALID_ADDR;
2169 }
2170 
2171 static int emulate_ggtt_mmio_read(struct intel_vgpu *vgpu,
2172 	unsigned int off, void *p_data, unsigned int bytes)
2173 {
2174 	struct intel_vgpu_mm *ggtt_mm = vgpu->gtt.ggtt_mm;
2175 	const struct intel_gvt_device_info *info = &vgpu->gvt->device_info;
2176 	unsigned long index = off >> info->gtt_entry_size_shift;
2177 	unsigned long gma;
2178 	struct intel_gvt_gtt_entry e;
2179 
2180 	if (bytes != 4 && bytes != 8)
2181 		return -EINVAL;
2182 
2183 	gma = index << I915_GTT_PAGE_SHIFT;
2184 	if (!intel_gvt_ggtt_validate_range(vgpu,
2185 					   gma, 1 << I915_GTT_PAGE_SHIFT)) {
2186 		gvt_dbg_mm("read invalid ggtt at 0x%lx\n", gma);
2187 		memset(p_data, 0, bytes);
2188 		return 0;
2189 	}
2190 
2191 	ggtt_get_guest_entry(ggtt_mm, &e, index);
2192 	memcpy(p_data, (void *)&e.val64 + (off & (info->gtt_entry_size - 1)),
2193 			bytes);
2194 	return 0;
2195 }
2196 
2197 /**
2198  * intel_vgpu_emulate_ggtt_mmio_read - emulate GTT MMIO register read
2199  * @vgpu: a vGPU
2200  * @off: register offset
2201  * @p_data: data will be returned to guest
2202  * @bytes: data length
2203  *
2204  * This function is used to emulate the GTT MMIO register read
2205  *
2206  * Returns:
2207  * Zero on success, error code if failed.
2208  */
2209 int intel_vgpu_emulate_ggtt_mmio_read(struct intel_vgpu *vgpu, unsigned int off,
2210 	void *p_data, unsigned int bytes)
2211 {
2212 	const struct intel_gvt_device_info *info = &vgpu->gvt->device_info;
2213 	int ret;
2214 
2215 	if (bytes != 4 && bytes != 8)
2216 		return -EINVAL;
2217 
2218 	off -= info->gtt_start_offset;
2219 	ret = emulate_ggtt_mmio_read(vgpu, off, p_data, bytes);
2220 	return ret;
2221 }
2222 
2223 static void ggtt_invalidate_pte(struct intel_vgpu *vgpu,
2224 		struct intel_gvt_gtt_entry *entry)
2225 {
2226 	const struct intel_gvt_gtt_pte_ops *pte_ops = vgpu->gvt->gtt.pte_ops;
2227 	unsigned long pfn;
2228 
2229 	pfn = pte_ops->get_pfn(entry);
2230 	if (pfn != vgpu->gvt->gtt.scratch_mfn)
2231 		intel_gvt_hypervisor_dma_unmap_guest_page(vgpu,
2232 						pfn << PAGE_SHIFT);
2233 }
2234 
2235 static int emulate_ggtt_mmio_write(struct intel_vgpu *vgpu, unsigned int off,
2236 	void *p_data, unsigned int bytes)
2237 {
2238 	struct intel_gvt *gvt = vgpu->gvt;
2239 	const struct intel_gvt_device_info *info = &gvt->device_info;
2240 	struct intel_vgpu_mm *ggtt_mm = vgpu->gtt.ggtt_mm;
2241 	const struct intel_gvt_gtt_pte_ops *ops = gvt->gtt.pte_ops;
2242 	unsigned long g_gtt_index = off >> info->gtt_entry_size_shift;
2243 	unsigned long gma, gfn;
2244 	struct intel_gvt_gtt_entry e = {.val64 = 0, .type = GTT_TYPE_GGTT_PTE};
2245 	struct intel_gvt_gtt_entry m = {.val64 = 0, .type = GTT_TYPE_GGTT_PTE};
2246 	dma_addr_t dma_addr;
2247 	int ret;
2248 	struct intel_gvt_partial_pte *partial_pte, *pos, *n;
2249 	bool partial_update = false;
2250 
2251 	if (bytes != 4 && bytes != 8)
2252 		return -EINVAL;
2253 
2254 	gma = g_gtt_index << I915_GTT_PAGE_SHIFT;
2255 
2256 	/* the VM may configure the whole GM space when ballooning is used */
2257 	if (!vgpu_gmadr_is_valid(vgpu, gma))
2258 		return 0;
2259 
2260 	e.type = GTT_TYPE_GGTT_PTE;
2261 	memcpy((void *)&e.val64 + (off & (info->gtt_entry_size - 1)), p_data,
2262 			bytes);
2263 
2264 	/* If ggtt entry size is 8 bytes, and it's split into two 4 bytes
2265 	 * write, save the first 4 bytes in a list and update virtual
2266 	 * PTE. Only update shadow PTE when the second 4 bytes comes.
2267 	 */
2268 	if (bytes < info->gtt_entry_size) {
2269 		bool found = false;
2270 
2271 		list_for_each_entry_safe(pos, n,
2272 				&ggtt_mm->ggtt_mm.partial_pte_list, list) {
2273 			if (g_gtt_index == pos->offset >>
2274 					info->gtt_entry_size_shift) {
2275 				if (off != pos->offset) {
2276 					/* the second partial part*/
2277 					int last_off = pos->offset &
2278 						(info->gtt_entry_size - 1);
2279 
2280 					memcpy((void *)&e.val64 + last_off,
2281 						(void *)&pos->data + last_off,
2282 						bytes);
2283 
2284 					list_del(&pos->list);
2285 					kfree(pos);
2286 					found = true;
2287 					break;
2288 				}
2289 
2290 				/* update of the first partial part */
2291 				pos->data = e.val64;
2292 				ggtt_set_guest_entry(ggtt_mm, &e, g_gtt_index);
2293 				return 0;
2294 			}
2295 		}
2296 
2297 		if (!found) {
2298 			/* the first partial part */
2299 			partial_pte = kzalloc(sizeof(*partial_pte), GFP_KERNEL);
2300 			if (!partial_pte)
2301 				return -ENOMEM;
2302 			partial_pte->offset = off;
2303 			partial_pte->data = e.val64;
2304 			list_add_tail(&partial_pte->list,
2305 				&ggtt_mm->ggtt_mm.partial_pte_list);
2306 			partial_update = true;
2307 		}
2308 	}
2309 
2310 	if (!partial_update && (ops->test_present(&e))) {
2311 		gfn = ops->get_pfn(&e);
2312 		m.val64 = e.val64;
2313 		m.type = e.type;
2314 
2315 		/* one PTE update may be issued in multiple writes and the
2316 		 * first write may not construct a valid gfn
2317 		 */
2318 		if (!intel_gvt_hypervisor_is_valid_gfn(vgpu, gfn)) {
2319 			ops->set_pfn(&m, gvt->gtt.scratch_mfn);
2320 			goto out;
2321 		}
2322 
2323 		ret = intel_gvt_hypervisor_dma_map_guest_page(vgpu, gfn,
2324 							PAGE_SIZE, &dma_addr);
2325 		if (ret) {
2326 			gvt_vgpu_err("fail to populate guest ggtt entry\n");
2327 			/* guest driver may read/write the entry when partial
2328 			 * update the entry in this situation p2m will fail
2329 			 * settting the shadow entry to point to a scratch page
2330 			 */
2331 			ops->set_pfn(&m, gvt->gtt.scratch_mfn);
2332 		} else
2333 			ops->set_pfn(&m, dma_addr >> PAGE_SHIFT);
2334 	} else {
2335 		ops->set_pfn(&m, gvt->gtt.scratch_mfn);
2336 		ops->clear_present(&m);
2337 	}
2338 
2339 out:
2340 	ggtt_set_guest_entry(ggtt_mm, &e, g_gtt_index);
2341 
2342 	ggtt_get_host_entry(ggtt_mm, &e, g_gtt_index);
2343 	ggtt_invalidate_pte(vgpu, &e);
2344 
2345 	ggtt_set_host_entry(ggtt_mm, &m, g_gtt_index);
2346 	ggtt_invalidate(gvt->gt);
2347 	return 0;
2348 }
2349 
2350 /*
2351  * intel_vgpu_emulate_ggtt_mmio_write - emulate GTT MMIO register write
2352  * @vgpu: a vGPU
2353  * @off: register offset
2354  * @p_data: data from guest write
2355  * @bytes: data length
2356  *
2357  * This function is used to emulate the GTT MMIO register write
2358  *
2359  * Returns:
2360  * Zero on success, error code if failed.
2361  */
2362 int intel_vgpu_emulate_ggtt_mmio_write(struct intel_vgpu *vgpu,
2363 		unsigned int off, void *p_data, unsigned int bytes)
2364 {
2365 	const struct intel_gvt_device_info *info = &vgpu->gvt->device_info;
2366 	int ret;
2367 	struct intel_vgpu_submission *s = &vgpu->submission;
2368 	struct intel_engine_cs *engine;
2369 	int i;
2370 
2371 	if (bytes != 4 && bytes != 8)
2372 		return -EINVAL;
2373 
2374 	off -= info->gtt_start_offset;
2375 	ret = emulate_ggtt_mmio_write(vgpu, off, p_data, bytes);
2376 
2377 	/* if ggtt of last submitted context is written,
2378 	 * that context is probably got unpinned.
2379 	 * Set last shadowed ctx to invalid.
2380 	 */
2381 	for_each_engine(engine, vgpu->gvt->gt, i) {
2382 		if (!s->last_ctx[i].valid)
2383 			continue;
2384 
2385 		if (s->last_ctx[i].lrca == (off >> info->gtt_entry_size_shift))
2386 			s->last_ctx[i].valid = false;
2387 	}
2388 	return ret;
2389 }
2390 
2391 static int alloc_scratch_pages(struct intel_vgpu *vgpu,
2392 		enum intel_gvt_gtt_type type)
2393 {
2394 	struct drm_i915_private *i915 = vgpu->gvt->gt->i915;
2395 	struct intel_vgpu_gtt *gtt = &vgpu->gtt;
2396 	const struct intel_gvt_gtt_pte_ops *ops = vgpu->gvt->gtt.pte_ops;
2397 	int page_entry_num = I915_GTT_PAGE_SIZE >>
2398 				vgpu->gvt->device_info.gtt_entry_size_shift;
2399 	void *scratch_pt;
2400 	int i;
2401 	struct device *dev = vgpu->gvt->gt->i915->drm.dev;
2402 	dma_addr_t daddr;
2403 
2404 	if (drm_WARN_ON(&i915->drm,
2405 			type < GTT_TYPE_PPGTT_PTE_PT || type >= GTT_TYPE_MAX))
2406 		return -EINVAL;
2407 
2408 	scratch_pt = (void *)get_zeroed_page(GFP_KERNEL);
2409 	if (!scratch_pt) {
2410 		gvt_vgpu_err("fail to allocate scratch page\n");
2411 		return -ENOMEM;
2412 	}
2413 
2414 	daddr = dma_map_page(dev, virt_to_page(scratch_pt), 0, 4096, DMA_BIDIRECTIONAL);
2415 	if (dma_mapping_error(dev, daddr)) {
2416 		gvt_vgpu_err("fail to dmamap scratch_pt\n");
2417 		__free_page(virt_to_page(scratch_pt));
2418 		return -ENOMEM;
2419 	}
2420 	gtt->scratch_pt[type].page_mfn =
2421 		(unsigned long)(daddr >> I915_GTT_PAGE_SHIFT);
2422 	gtt->scratch_pt[type].page = virt_to_page(scratch_pt);
2423 	gvt_dbg_mm("vgpu%d create scratch_pt: type %d mfn=0x%lx\n",
2424 			vgpu->id, type, gtt->scratch_pt[type].page_mfn);
2425 
2426 	/* Build the tree by full filled the scratch pt with the entries which
2427 	 * point to the next level scratch pt or scratch page. The
2428 	 * scratch_pt[type] indicate the scratch pt/scratch page used by the
2429 	 * 'type' pt.
2430 	 * e.g. scratch_pt[GTT_TYPE_PPGTT_PDE_PT] is used by
2431 	 * GTT_TYPE_PPGTT_PDE_PT level pt, that means this scratch_pt it self
2432 	 * is GTT_TYPE_PPGTT_PTE_PT, and full filled by scratch page mfn.
2433 	 */
2434 	if (type > GTT_TYPE_PPGTT_PTE_PT) {
2435 		struct intel_gvt_gtt_entry se;
2436 
2437 		memset(&se, 0, sizeof(struct intel_gvt_gtt_entry));
2438 		se.type = get_entry_type(type - 1);
2439 		ops->set_pfn(&se, gtt->scratch_pt[type - 1].page_mfn);
2440 
2441 		/* The entry parameters like present/writeable/cache type
2442 		 * set to the same as i915's scratch page tree.
2443 		 */
2444 		se.val64 |= GEN8_PAGE_PRESENT | GEN8_PAGE_RW;
2445 		if (type == GTT_TYPE_PPGTT_PDE_PT)
2446 			se.val64 |= PPAT_CACHED;
2447 
2448 		for (i = 0; i < page_entry_num; i++)
2449 			ops->set_entry(scratch_pt, &se, i, false, 0, vgpu);
2450 	}
2451 
2452 	return 0;
2453 }
2454 
2455 static int release_scratch_page_tree(struct intel_vgpu *vgpu)
2456 {
2457 	int i;
2458 	struct device *dev = vgpu->gvt->gt->i915->drm.dev;
2459 	dma_addr_t daddr;
2460 
2461 	for (i = GTT_TYPE_PPGTT_PTE_PT; i < GTT_TYPE_MAX; i++) {
2462 		if (vgpu->gtt.scratch_pt[i].page != NULL) {
2463 			daddr = (dma_addr_t)(vgpu->gtt.scratch_pt[i].page_mfn <<
2464 					I915_GTT_PAGE_SHIFT);
2465 			dma_unmap_page(dev, daddr, 4096, DMA_BIDIRECTIONAL);
2466 			__free_page(vgpu->gtt.scratch_pt[i].page);
2467 			vgpu->gtt.scratch_pt[i].page = NULL;
2468 			vgpu->gtt.scratch_pt[i].page_mfn = 0;
2469 		}
2470 	}
2471 
2472 	return 0;
2473 }
2474 
2475 static int create_scratch_page_tree(struct intel_vgpu *vgpu)
2476 {
2477 	int i, ret;
2478 
2479 	for (i = GTT_TYPE_PPGTT_PTE_PT; i < GTT_TYPE_MAX; i++) {
2480 		ret = alloc_scratch_pages(vgpu, i);
2481 		if (ret)
2482 			goto err;
2483 	}
2484 
2485 	return 0;
2486 
2487 err:
2488 	release_scratch_page_tree(vgpu);
2489 	return ret;
2490 }
2491 
2492 /**
2493  * intel_vgpu_init_gtt - initialize per-vGPU graphics memory virulization
2494  * @vgpu: a vGPU
2495  *
2496  * This function is used to initialize per-vGPU graphics memory virtualization
2497  * components.
2498  *
2499  * Returns:
2500  * Zero on success, error code if failed.
2501  */
2502 int intel_vgpu_init_gtt(struct intel_vgpu *vgpu)
2503 {
2504 	struct intel_vgpu_gtt *gtt = &vgpu->gtt;
2505 
2506 	INIT_RADIX_TREE(&gtt->spt_tree, GFP_KERNEL);
2507 
2508 	INIT_LIST_HEAD(&gtt->ppgtt_mm_list_head);
2509 	INIT_LIST_HEAD(&gtt->oos_page_list_head);
2510 	INIT_LIST_HEAD(&gtt->post_shadow_list_head);
2511 
2512 	gtt->ggtt_mm = intel_vgpu_create_ggtt_mm(vgpu);
2513 	if (IS_ERR(gtt->ggtt_mm)) {
2514 		gvt_vgpu_err("fail to create mm for ggtt.\n");
2515 		return PTR_ERR(gtt->ggtt_mm);
2516 	}
2517 
2518 	intel_vgpu_reset_ggtt(vgpu, false);
2519 
2520 	INIT_LIST_HEAD(&gtt->ggtt_mm->ggtt_mm.partial_pte_list);
2521 
2522 	return create_scratch_page_tree(vgpu);
2523 }
2524 
2525 void intel_vgpu_destroy_all_ppgtt_mm(struct intel_vgpu *vgpu)
2526 {
2527 	struct list_head *pos, *n;
2528 	struct intel_vgpu_mm *mm;
2529 
2530 	list_for_each_safe(pos, n, &vgpu->gtt.ppgtt_mm_list_head) {
2531 		mm = container_of(pos, struct intel_vgpu_mm, ppgtt_mm.list);
2532 		intel_vgpu_destroy_mm(mm);
2533 	}
2534 
2535 	if (GEM_WARN_ON(!list_empty(&vgpu->gtt.ppgtt_mm_list_head)))
2536 		gvt_err("vgpu ppgtt mm is not fully destroyed\n");
2537 
2538 	if (GEM_WARN_ON(!radix_tree_empty(&vgpu->gtt.spt_tree))) {
2539 		gvt_err("Why we still has spt not freed?\n");
2540 		ppgtt_free_all_spt(vgpu);
2541 	}
2542 }
2543 
2544 static void intel_vgpu_destroy_ggtt_mm(struct intel_vgpu *vgpu)
2545 {
2546 	struct intel_gvt_partial_pte *pos, *next;
2547 
2548 	list_for_each_entry_safe(pos, next,
2549 				 &vgpu->gtt.ggtt_mm->ggtt_mm.partial_pte_list,
2550 				 list) {
2551 		gvt_dbg_mm("partial PTE update on hold 0x%lx : 0x%llx\n",
2552 			pos->offset, pos->data);
2553 		kfree(pos);
2554 	}
2555 	intel_vgpu_destroy_mm(vgpu->gtt.ggtt_mm);
2556 	vgpu->gtt.ggtt_mm = NULL;
2557 }
2558 
2559 /**
2560  * intel_vgpu_clean_gtt - clean up per-vGPU graphics memory virulization
2561  * @vgpu: a vGPU
2562  *
2563  * This function is used to clean up per-vGPU graphics memory virtualization
2564  * components.
2565  *
2566  * Returns:
2567  * Zero on success, error code if failed.
2568  */
2569 void intel_vgpu_clean_gtt(struct intel_vgpu *vgpu)
2570 {
2571 	intel_vgpu_destroy_all_ppgtt_mm(vgpu);
2572 	intel_vgpu_destroy_ggtt_mm(vgpu);
2573 	release_scratch_page_tree(vgpu);
2574 }
2575 
2576 static void clean_spt_oos(struct intel_gvt *gvt)
2577 {
2578 	struct intel_gvt_gtt *gtt = &gvt->gtt;
2579 	struct list_head *pos, *n;
2580 	struct intel_vgpu_oos_page *oos_page;
2581 
2582 	WARN(!list_empty(&gtt->oos_page_use_list_head),
2583 		"someone is still using oos page\n");
2584 
2585 	list_for_each_safe(pos, n, &gtt->oos_page_free_list_head) {
2586 		oos_page = container_of(pos, struct intel_vgpu_oos_page, list);
2587 		list_del(&oos_page->list);
2588 		free_page((unsigned long)oos_page->mem);
2589 		kfree(oos_page);
2590 	}
2591 }
2592 
2593 static int setup_spt_oos(struct intel_gvt *gvt)
2594 {
2595 	struct intel_gvt_gtt *gtt = &gvt->gtt;
2596 	struct intel_vgpu_oos_page *oos_page;
2597 	int i;
2598 	int ret;
2599 
2600 	INIT_LIST_HEAD(&gtt->oos_page_free_list_head);
2601 	INIT_LIST_HEAD(&gtt->oos_page_use_list_head);
2602 
2603 	for (i = 0; i < preallocated_oos_pages; i++) {
2604 		oos_page = kzalloc(sizeof(*oos_page), GFP_KERNEL);
2605 		if (!oos_page) {
2606 			ret = -ENOMEM;
2607 			goto fail;
2608 		}
2609 		oos_page->mem = (void *)__get_free_pages(GFP_KERNEL, 0);
2610 		if (!oos_page->mem) {
2611 			ret = -ENOMEM;
2612 			kfree(oos_page);
2613 			goto fail;
2614 		}
2615 
2616 		INIT_LIST_HEAD(&oos_page->list);
2617 		INIT_LIST_HEAD(&oos_page->vm_list);
2618 		oos_page->id = i;
2619 		list_add_tail(&oos_page->list, &gtt->oos_page_free_list_head);
2620 	}
2621 
2622 	gvt_dbg_mm("%d oos pages preallocated\n", i);
2623 
2624 	return 0;
2625 fail:
2626 	clean_spt_oos(gvt);
2627 	return ret;
2628 }
2629 
2630 /**
2631  * intel_vgpu_find_ppgtt_mm - find a PPGTT mm object
2632  * @vgpu: a vGPU
2633  * @pdps: pdp root array
2634  *
2635  * This function is used to find a PPGTT mm object from mm object pool
2636  *
2637  * Returns:
2638  * pointer to mm object on success, NULL if failed.
2639  */
2640 struct intel_vgpu_mm *intel_vgpu_find_ppgtt_mm(struct intel_vgpu *vgpu,
2641 		u64 pdps[])
2642 {
2643 	struct intel_vgpu_mm *mm;
2644 	struct list_head *pos;
2645 
2646 	list_for_each(pos, &vgpu->gtt.ppgtt_mm_list_head) {
2647 		mm = container_of(pos, struct intel_vgpu_mm, ppgtt_mm.list);
2648 
2649 		switch (mm->ppgtt_mm.root_entry_type) {
2650 		case GTT_TYPE_PPGTT_ROOT_L4_ENTRY:
2651 			if (pdps[0] == mm->ppgtt_mm.guest_pdps[0])
2652 				return mm;
2653 			break;
2654 		case GTT_TYPE_PPGTT_ROOT_L3_ENTRY:
2655 			if (!memcmp(pdps, mm->ppgtt_mm.guest_pdps,
2656 				    sizeof(mm->ppgtt_mm.guest_pdps)))
2657 				return mm;
2658 			break;
2659 		default:
2660 			GEM_BUG_ON(1);
2661 		}
2662 	}
2663 	return NULL;
2664 }
2665 
2666 /**
2667  * intel_vgpu_get_ppgtt_mm - get or create a PPGTT mm object.
2668  * @vgpu: a vGPU
2669  * @root_entry_type: ppgtt root entry type
2670  * @pdps: guest pdps
2671  *
2672  * This function is used to find or create a PPGTT mm object from a guest.
2673  *
2674  * Returns:
2675  * Zero on success, negative error code if failed.
2676  */
2677 struct intel_vgpu_mm *intel_vgpu_get_ppgtt_mm(struct intel_vgpu *vgpu,
2678 		enum intel_gvt_gtt_type root_entry_type, u64 pdps[])
2679 {
2680 	struct intel_vgpu_mm *mm;
2681 
2682 	mm = intel_vgpu_find_ppgtt_mm(vgpu, pdps);
2683 	if (mm) {
2684 		intel_vgpu_mm_get(mm);
2685 	} else {
2686 		mm = intel_vgpu_create_ppgtt_mm(vgpu, root_entry_type, pdps);
2687 		if (IS_ERR(mm))
2688 			gvt_vgpu_err("fail to create mm\n");
2689 	}
2690 	return mm;
2691 }
2692 
2693 /**
2694  * intel_vgpu_put_ppgtt_mm - find and put a PPGTT mm object.
2695  * @vgpu: a vGPU
2696  * @pdps: guest pdps
2697  *
2698  * This function is used to find a PPGTT mm object from a guest and destroy it.
2699  *
2700  * Returns:
2701  * Zero on success, negative error code if failed.
2702  */
2703 int intel_vgpu_put_ppgtt_mm(struct intel_vgpu *vgpu, u64 pdps[])
2704 {
2705 	struct intel_vgpu_mm *mm;
2706 
2707 	mm = intel_vgpu_find_ppgtt_mm(vgpu, pdps);
2708 	if (!mm) {
2709 		gvt_vgpu_err("fail to find ppgtt instance.\n");
2710 		return -EINVAL;
2711 	}
2712 	intel_vgpu_mm_put(mm);
2713 	return 0;
2714 }
2715 
2716 /**
2717  * intel_gvt_init_gtt - initialize mm components of a GVT device
2718  * @gvt: GVT device
2719  *
2720  * This function is called at the initialization stage, to initialize
2721  * the mm components of a GVT device.
2722  *
2723  * Returns:
2724  * zero on success, negative error code if failed.
2725  */
2726 int intel_gvt_init_gtt(struct intel_gvt *gvt)
2727 {
2728 	int ret;
2729 	void *page;
2730 	struct device *dev = gvt->gt->i915->drm.dev;
2731 	dma_addr_t daddr;
2732 
2733 	gvt_dbg_core("init gtt\n");
2734 
2735 	gvt->gtt.pte_ops = &gen8_gtt_pte_ops;
2736 	gvt->gtt.gma_ops = &gen8_gtt_gma_ops;
2737 
2738 	page = (void *)get_zeroed_page(GFP_KERNEL);
2739 	if (!page) {
2740 		gvt_err("fail to allocate scratch ggtt page\n");
2741 		return -ENOMEM;
2742 	}
2743 
2744 	daddr = dma_map_page(dev, virt_to_page(page), 0,
2745 			4096, DMA_BIDIRECTIONAL);
2746 	if (dma_mapping_error(dev, daddr)) {
2747 		gvt_err("fail to dmamap scratch ggtt page\n");
2748 		__free_page(virt_to_page(page));
2749 		return -ENOMEM;
2750 	}
2751 
2752 	gvt->gtt.scratch_page = virt_to_page(page);
2753 	gvt->gtt.scratch_mfn = (unsigned long)(daddr >> I915_GTT_PAGE_SHIFT);
2754 
2755 	if (enable_out_of_sync) {
2756 		ret = setup_spt_oos(gvt);
2757 		if (ret) {
2758 			gvt_err("fail to initialize SPT oos\n");
2759 			dma_unmap_page(dev, daddr, 4096, DMA_BIDIRECTIONAL);
2760 			__free_page(gvt->gtt.scratch_page);
2761 			return ret;
2762 		}
2763 	}
2764 	INIT_LIST_HEAD(&gvt->gtt.ppgtt_mm_lru_list_head);
2765 	mutex_init(&gvt->gtt.ppgtt_mm_lock);
2766 	return 0;
2767 }
2768 
2769 /**
2770  * intel_gvt_clean_gtt - clean up mm components of a GVT device
2771  * @gvt: GVT device
2772  *
2773  * This function is called at the driver unloading stage, to clean up the
2774  * the mm components of a GVT device.
2775  *
2776  */
2777 void intel_gvt_clean_gtt(struct intel_gvt *gvt)
2778 {
2779 	struct device *dev = gvt->gt->i915->drm.dev;
2780 	dma_addr_t daddr = (dma_addr_t)(gvt->gtt.scratch_mfn <<
2781 					I915_GTT_PAGE_SHIFT);
2782 
2783 	dma_unmap_page(dev, daddr, 4096, DMA_BIDIRECTIONAL);
2784 
2785 	__free_page(gvt->gtt.scratch_page);
2786 
2787 	if (enable_out_of_sync)
2788 		clean_spt_oos(gvt);
2789 }
2790 
2791 /**
2792  * intel_vgpu_invalidate_ppgtt - invalidate PPGTT instances
2793  * @vgpu: a vGPU
2794  *
2795  * This function is called when invalidate all PPGTT instances of a vGPU.
2796  *
2797  */
2798 void intel_vgpu_invalidate_ppgtt(struct intel_vgpu *vgpu)
2799 {
2800 	struct list_head *pos, *n;
2801 	struct intel_vgpu_mm *mm;
2802 
2803 	list_for_each_safe(pos, n, &vgpu->gtt.ppgtt_mm_list_head) {
2804 		mm = container_of(pos, struct intel_vgpu_mm, ppgtt_mm.list);
2805 		if (mm->type == INTEL_GVT_MM_PPGTT) {
2806 			mutex_lock(&vgpu->gvt->gtt.ppgtt_mm_lock);
2807 			list_del_init(&mm->ppgtt_mm.lru_list);
2808 			mutex_unlock(&vgpu->gvt->gtt.ppgtt_mm_lock);
2809 			if (mm->ppgtt_mm.shadowed)
2810 				invalidate_ppgtt_mm(mm);
2811 		}
2812 	}
2813 }
2814 
2815 /**
2816  * intel_vgpu_reset_ggtt - reset the GGTT entry
2817  * @vgpu: a vGPU
2818  * @invalidate_old: invalidate old entries
2819  *
2820  * This function is called at the vGPU create stage
2821  * to reset all the GGTT entries.
2822  *
2823  */
2824 void intel_vgpu_reset_ggtt(struct intel_vgpu *vgpu, bool invalidate_old)
2825 {
2826 	struct intel_gvt *gvt = vgpu->gvt;
2827 	const struct intel_gvt_gtt_pte_ops *pte_ops = vgpu->gvt->gtt.pte_ops;
2828 	struct intel_gvt_gtt_entry entry = {.type = GTT_TYPE_GGTT_PTE};
2829 	struct intel_gvt_gtt_entry old_entry;
2830 	u32 index;
2831 	u32 num_entries;
2832 
2833 	pte_ops->set_pfn(&entry, gvt->gtt.scratch_mfn);
2834 	pte_ops->set_present(&entry);
2835 
2836 	index = vgpu_aperture_gmadr_base(vgpu) >> PAGE_SHIFT;
2837 	num_entries = vgpu_aperture_sz(vgpu) >> PAGE_SHIFT;
2838 	while (num_entries--) {
2839 		if (invalidate_old) {
2840 			ggtt_get_host_entry(vgpu->gtt.ggtt_mm, &old_entry, index);
2841 			ggtt_invalidate_pte(vgpu, &old_entry);
2842 		}
2843 		ggtt_set_host_entry(vgpu->gtt.ggtt_mm, &entry, index++);
2844 	}
2845 
2846 	index = vgpu_hidden_gmadr_base(vgpu) >> PAGE_SHIFT;
2847 	num_entries = vgpu_hidden_sz(vgpu) >> PAGE_SHIFT;
2848 	while (num_entries--) {
2849 		if (invalidate_old) {
2850 			ggtt_get_host_entry(vgpu->gtt.ggtt_mm, &old_entry, index);
2851 			ggtt_invalidate_pte(vgpu, &old_entry);
2852 		}
2853 		ggtt_set_host_entry(vgpu->gtt.ggtt_mm, &entry, index++);
2854 	}
2855 
2856 	ggtt_invalidate(gvt->gt);
2857 }
2858 
2859 /**
2860  * intel_vgpu_reset_gtt - reset the all GTT related status
2861  * @vgpu: a vGPU
2862  *
2863  * This function is called from vfio core to reset reset all
2864  * GTT related status, including GGTT, PPGTT, scratch page.
2865  *
2866  */
2867 void intel_vgpu_reset_gtt(struct intel_vgpu *vgpu)
2868 {
2869 	/* Shadow pages are only created when there is no page
2870 	 * table tracking data, so remove page tracking data after
2871 	 * removing the shadow pages.
2872 	 */
2873 	intel_vgpu_destroy_all_ppgtt_mm(vgpu);
2874 	intel_vgpu_reset_ggtt(vgpu, true);
2875 }
2876 
2877 /**
2878  * intel_gvt_restore_ggtt - restore all vGPU's ggtt entries
2879  * @gvt: intel gvt device
2880  *
2881  * This function is called at driver resume stage to restore
2882  * GGTT entries of every vGPU.
2883  *
2884  */
2885 void intel_gvt_restore_ggtt(struct intel_gvt *gvt)
2886 {
2887 	struct intel_vgpu *vgpu;
2888 	struct intel_vgpu_mm *mm;
2889 	int id;
2890 	gen8_pte_t pte;
2891 	u32 idx, num_low, num_hi, offset;
2892 
2893 	/* Restore dirty host ggtt for all vGPUs */
2894 	idr_for_each_entry(&(gvt)->vgpu_idr, vgpu, id) {
2895 		mm = vgpu->gtt.ggtt_mm;
2896 
2897 		num_low = vgpu_aperture_sz(vgpu) >> PAGE_SHIFT;
2898 		offset = vgpu_aperture_gmadr_base(vgpu) >> PAGE_SHIFT;
2899 		for (idx = 0; idx < num_low; idx++) {
2900 			pte = mm->ggtt_mm.host_ggtt_aperture[idx];
2901 			if (pte & GEN8_PAGE_PRESENT)
2902 				write_pte64(vgpu->gvt->gt->ggtt, offset + idx, pte);
2903 		}
2904 
2905 		num_hi = vgpu_hidden_sz(vgpu) >> PAGE_SHIFT;
2906 		offset = vgpu_hidden_gmadr_base(vgpu) >> PAGE_SHIFT;
2907 		for (idx = 0; idx < num_hi; idx++) {
2908 			pte = mm->ggtt_mm.host_ggtt_hidden[idx];
2909 			if (pte & GEN8_PAGE_PRESENT)
2910 				write_pte64(vgpu->gvt->gt->ggtt, offset + idx, pte);
2911 		}
2912 	}
2913 }
2914