1 /* 2 * Copyright © 2008 Intel Corporation 3 * 4 * Permission is hereby granted, free of charge, to any person obtaining a 5 * copy of this software and associated documentation files (the "Software"), 6 * to deal in the Software without restriction, including without limitation 7 * the rights to use, copy, modify, merge, publish, distribute, sublicense, 8 * and/or sell copies of the Software, and to permit persons to whom the 9 * Software is furnished to do so, subject to the following conditions: 10 * 11 * The above copyright notice and this permission notice (including the next 12 * paragraph) shall be included in all copies or substantial portions of the 13 * Software. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 21 * IN THE SOFTWARE. 22 * 23 * Authors: 24 * Eric Anholt <eric@anholt.net> 25 * 26 */ 27 28 #include <drm/drmP.h> 29 #include <drm/drm_vma_manager.h> 30 #include <drm/i915_drm.h> 31 #include "i915_drv.h" 32 #include "i915_trace.h" 33 #include "intel_drv.h" 34 #include <linux/shmem_fs.h> 35 #include <linux/slab.h> 36 #include <linux/swap.h> 37 #include <linux/pci.h> 38 #include <linux/dma-buf.h> 39 40 static void i915_gem_object_flush_gtt_write_domain(struct drm_i915_gem_object *obj); 41 static void i915_gem_object_flush_cpu_write_domain(struct drm_i915_gem_object *obj, 42 bool force); 43 static __must_check int 44 i915_gem_object_wait_rendering(struct drm_i915_gem_object *obj, 45 bool readonly); 46 static __must_check int 47 i915_gem_object_bind_to_vm(struct drm_i915_gem_object *obj, 48 struct i915_address_space *vm, 49 unsigned alignment, 50 bool map_and_fenceable, 51 bool nonblocking); 52 static int i915_gem_phys_pwrite(struct drm_device *dev, 53 struct drm_i915_gem_object *obj, 54 struct drm_i915_gem_pwrite *args, 55 struct drm_file *file); 56 57 static void i915_gem_write_fence(struct drm_device *dev, int reg, 58 struct drm_i915_gem_object *obj); 59 static void i915_gem_object_update_fence(struct drm_i915_gem_object *obj, 60 struct drm_i915_fence_reg *fence, 61 bool enable); 62 63 static unsigned long i915_gem_inactive_count(struct shrinker *shrinker, 64 struct shrink_control *sc); 65 static unsigned long i915_gem_inactive_scan(struct shrinker *shrinker, 66 struct shrink_control *sc); 67 static unsigned long i915_gem_purge(struct drm_i915_private *dev_priv, long target); 68 static unsigned long i915_gem_shrink_all(struct drm_i915_private *dev_priv); 69 static void i915_gem_object_truncate(struct drm_i915_gem_object *obj); 70 71 static bool cpu_cache_is_coherent(struct drm_device *dev, 72 enum i915_cache_level level) 73 { 74 return HAS_LLC(dev) || level != I915_CACHE_NONE; 75 } 76 77 static bool cpu_write_needs_clflush(struct drm_i915_gem_object *obj) 78 { 79 if (!cpu_cache_is_coherent(obj->base.dev, obj->cache_level)) 80 return true; 81 82 return obj->pin_display; 83 } 84 85 static inline void i915_gem_object_fence_lost(struct drm_i915_gem_object *obj) 86 { 87 if (obj->tiling_mode) 88 i915_gem_release_mmap(obj); 89 90 /* As we do not have an associated fence register, we will force 91 * a tiling change if we ever need to acquire one. 92 */ 93 obj->fence_dirty = false; 94 obj->fence_reg = I915_FENCE_REG_NONE; 95 } 96 97 /* some bookkeeping */ 98 static void i915_gem_info_add_obj(struct drm_i915_private *dev_priv, 99 size_t size) 100 { 101 spin_lock(&dev_priv->mm.object_stat_lock); 102 dev_priv->mm.object_count++; 103 dev_priv->mm.object_memory += size; 104 spin_unlock(&dev_priv->mm.object_stat_lock); 105 } 106 107 static void i915_gem_info_remove_obj(struct drm_i915_private *dev_priv, 108 size_t size) 109 { 110 spin_lock(&dev_priv->mm.object_stat_lock); 111 dev_priv->mm.object_count--; 112 dev_priv->mm.object_memory -= size; 113 spin_unlock(&dev_priv->mm.object_stat_lock); 114 } 115 116 static int 117 i915_gem_wait_for_error(struct i915_gpu_error *error) 118 { 119 int ret; 120 121 #define EXIT_COND (!i915_reset_in_progress(error) || \ 122 i915_terminally_wedged(error)) 123 if (EXIT_COND) 124 return 0; 125 126 /* 127 * Only wait 10 seconds for the gpu reset to complete to avoid hanging 128 * userspace. If it takes that long something really bad is going on and 129 * we should simply try to bail out and fail as gracefully as possible. 130 */ 131 ret = wait_event_interruptible_timeout(error->reset_queue, 132 EXIT_COND, 133 10*HZ); 134 if (ret == 0) { 135 DRM_ERROR("Timed out waiting for the gpu reset to complete\n"); 136 return -EIO; 137 } else if (ret < 0) { 138 return ret; 139 } 140 #undef EXIT_COND 141 142 return 0; 143 } 144 145 int i915_mutex_lock_interruptible(struct drm_device *dev) 146 { 147 struct drm_i915_private *dev_priv = dev->dev_private; 148 int ret; 149 150 ret = i915_gem_wait_for_error(&dev_priv->gpu_error); 151 if (ret) 152 return ret; 153 154 ret = mutex_lock_interruptible(&dev->struct_mutex); 155 if (ret) 156 return ret; 157 158 WARN_ON(i915_verify_lists(dev)); 159 return 0; 160 } 161 162 static inline bool 163 i915_gem_object_is_inactive(struct drm_i915_gem_object *obj) 164 { 165 return i915_gem_obj_bound_any(obj) && !obj->active; 166 } 167 168 int 169 i915_gem_init_ioctl(struct drm_device *dev, void *data, 170 struct drm_file *file) 171 { 172 struct drm_i915_private *dev_priv = dev->dev_private; 173 struct drm_i915_gem_init *args = data; 174 175 if (drm_core_check_feature(dev, DRIVER_MODESET)) 176 return -ENODEV; 177 178 if (args->gtt_start >= args->gtt_end || 179 (args->gtt_end | args->gtt_start) & (PAGE_SIZE - 1)) 180 return -EINVAL; 181 182 /* GEM with user mode setting was never supported on ilk and later. */ 183 if (INTEL_INFO(dev)->gen >= 5) 184 return -ENODEV; 185 186 mutex_lock(&dev->struct_mutex); 187 i915_gem_setup_global_gtt(dev, args->gtt_start, args->gtt_end, 188 args->gtt_end); 189 dev_priv->gtt.mappable_end = args->gtt_end; 190 mutex_unlock(&dev->struct_mutex); 191 192 return 0; 193 } 194 195 int 196 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data, 197 struct drm_file *file) 198 { 199 struct drm_i915_private *dev_priv = dev->dev_private; 200 struct drm_i915_gem_get_aperture *args = data; 201 struct drm_i915_gem_object *obj; 202 size_t pinned; 203 204 pinned = 0; 205 mutex_lock(&dev->struct_mutex); 206 list_for_each_entry(obj, &dev_priv->mm.bound_list, global_list) 207 if (obj->pin_count) 208 pinned += i915_gem_obj_ggtt_size(obj); 209 mutex_unlock(&dev->struct_mutex); 210 211 args->aper_size = dev_priv->gtt.base.total; 212 args->aper_available_size = args->aper_size - pinned; 213 214 return 0; 215 } 216 217 void *i915_gem_object_alloc(struct drm_device *dev) 218 { 219 struct drm_i915_private *dev_priv = dev->dev_private; 220 return kmem_cache_zalloc(dev_priv->slab, GFP_KERNEL); 221 } 222 223 void i915_gem_object_free(struct drm_i915_gem_object *obj) 224 { 225 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 226 kmem_cache_free(dev_priv->slab, obj); 227 } 228 229 static int 230 i915_gem_create(struct drm_file *file, 231 struct drm_device *dev, 232 uint64_t size, 233 uint32_t *handle_p) 234 { 235 struct drm_i915_gem_object *obj; 236 int ret; 237 u32 handle; 238 239 size = roundup(size, PAGE_SIZE); 240 if (size == 0) 241 return -EINVAL; 242 243 /* Allocate the new object */ 244 obj = i915_gem_alloc_object(dev, size); 245 if (obj == NULL) 246 return -ENOMEM; 247 248 ret = drm_gem_handle_create(file, &obj->base, &handle); 249 /* drop reference from allocate - handle holds it now */ 250 drm_gem_object_unreference_unlocked(&obj->base); 251 if (ret) 252 return ret; 253 254 *handle_p = handle; 255 return 0; 256 } 257 258 int 259 i915_gem_dumb_create(struct drm_file *file, 260 struct drm_device *dev, 261 struct drm_mode_create_dumb *args) 262 { 263 /* have to work out size/pitch and return them */ 264 args->pitch = ALIGN(args->width * DIV_ROUND_UP(args->bpp, 8), 64); 265 args->size = args->pitch * args->height; 266 return i915_gem_create(file, dev, 267 args->size, &args->handle); 268 } 269 270 /** 271 * Creates a new mm object and returns a handle to it. 272 */ 273 int 274 i915_gem_create_ioctl(struct drm_device *dev, void *data, 275 struct drm_file *file) 276 { 277 struct drm_i915_gem_create *args = data; 278 279 return i915_gem_create(file, dev, 280 args->size, &args->handle); 281 } 282 283 static inline int 284 __copy_to_user_swizzled(char __user *cpu_vaddr, 285 const char *gpu_vaddr, int gpu_offset, 286 int length) 287 { 288 int ret, cpu_offset = 0; 289 290 while (length > 0) { 291 int cacheline_end = ALIGN(gpu_offset + 1, 64); 292 int this_length = min(cacheline_end - gpu_offset, length); 293 int swizzled_gpu_offset = gpu_offset ^ 64; 294 295 ret = __copy_to_user(cpu_vaddr + cpu_offset, 296 gpu_vaddr + swizzled_gpu_offset, 297 this_length); 298 if (ret) 299 return ret + length; 300 301 cpu_offset += this_length; 302 gpu_offset += this_length; 303 length -= this_length; 304 } 305 306 return 0; 307 } 308 309 static inline int 310 __copy_from_user_swizzled(char *gpu_vaddr, int gpu_offset, 311 const char __user *cpu_vaddr, 312 int length) 313 { 314 int ret, cpu_offset = 0; 315 316 while (length > 0) { 317 int cacheline_end = ALIGN(gpu_offset + 1, 64); 318 int this_length = min(cacheline_end - gpu_offset, length); 319 int swizzled_gpu_offset = gpu_offset ^ 64; 320 321 ret = __copy_from_user(gpu_vaddr + swizzled_gpu_offset, 322 cpu_vaddr + cpu_offset, 323 this_length); 324 if (ret) 325 return ret + length; 326 327 cpu_offset += this_length; 328 gpu_offset += this_length; 329 length -= this_length; 330 } 331 332 return 0; 333 } 334 335 /* Per-page copy function for the shmem pread fastpath. 336 * Flushes invalid cachelines before reading the target if 337 * needs_clflush is set. */ 338 static int 339 shmem_pread_fast(struct page *page, int shmem_page_offset, int page_length, 340 char __user *user_data, 341 bool page_do_bit17_swizzling, bool needs_clflush) 342 { 343 char *vaddr; 344 int ret; 345 346 if (unlikely(page_do_bit17_swizzling)) 347 return -EINVAL; 348 349 vaddr = kmap_atomic(page); 350 if (needs_clflush) 351 drm_clflush_virt_range(vaddr + shmem_page_offset, 352 page_length); 353 ret = __copy_to_user_inatomic(user_data, 354 vaddr + shmem_page_offset, 355 page_length); 356 kunmap_atomic(vaddr); 357 358 return ret ? -EFAULT : 0; 359 } 360 361 static void 362 shmem_clflush_swizzled_range(char *addr, unsigned long length, 363 bool swizzled) 364 { 365 if (unlikely(swizzled)) { 366 unsigned long start = (unsigned long) addr; 367 unsigned long end = (unsigned long) addr + length; 368 369 /* For swizzling simply ensure that we always flush both 370 * channels. Lame, but simple and it works. Swizzled 371 * pwrite/pread is far from a hotpath - current userspace 372 * doesn't use it at all. */ 373 start = round_down(start, 128); 374 end = round_up(end, 128); 375 376 drm_clflush_virt_range((void *)start, end - start); 377 } else { 378 drm_clflush_virt_range(addr, length); 379 } 380 381 } 382 383 /* Only difference to the fast-path function is that this can handle bit17 384 * and uses non-atomic copy and kmap functions. */ 385 static int 386 shmem_pread_slow(struct page *page, int shmem_page_offset, int page_length, 387 char __user *user_data, 388 bool page_do_bit17_swizzling, bool needs_clflush) 389 { 390 char *vaddr; 391 int ret; 392 393 vaddr = kmap(page); 394 if (needs_clflush) 395 shmem_clflush_swizzled_range(vaddr + shmem_page_offset, 396 page_length, 397 page_do_bit17_swizzling); 398 399 if (page_do_bit17_swizzling) 400 ret = __copy_to_user_swizzled(user_data, 401 vaddr, shmem_page_offset, 402 page_length); 403 else 404 ret = __copy_to_user(user_data, 405 vaddr + shmem_page_offset, 406 page_length); 407 kunmap(page); 408 409 return ret ? - EFAULT : 0; 410 } 411 412 static int 413 i915_gem_shmem_pread(struct drm_device *dev, 414 struct drm_i915_gem_object *obj, 415 struct drm_i915_gem_pread *args, 416 struct drm_file *file) 417 { 418 char __user *user_data; 419 ssize_t remain; 420 loff_t offset; 421 int shmem_page_offset, page_length, ret = 0; 422 int obj_do_bit17_swizzling, page_do_bit17_swizzling; 423 int prefaulted = 0; 424 int needs_clflush = 0; 425 struct sg_page_iter sg_iter; 426 427 user_data = to_user_ptr(args->data_ptr); 428 remain = args->size; 429 430 obj_do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj); 431 432 if (!(obj->base.read_domains & I915_GEM_DOMAIN_CPU)) { 433 /* If we're not in the cpu read domain, set ourself into the gtt 434 * read domain and manually flush cachelines (if required). This 435 * optimizes for the case when the gpu will dirty the data 436 * anyway again before the next pread happens. */ 437 needs_clflush = !cpu_cache_is_coherent(dev, obj->cache_level); 438 ret = i915_gem_object_wait_rendering(obj, true); 439 if (ret) 440 return ret; 441 } 442 443 ret = i915_gem_object_get_pages(obj); 444 if (ret) 445 return ret; 446 447 i915_gem_object_pin_pages(obj); 448 449 offset = args->offset; 450 451 for_each_sg_page(obj->pages->sgl, &sg_iter, obj->pages->nents, 452 offset >> PAGE_SHIFT) { 453 struct page *page = sg_page_iter_page(&sg_iter); 454 455 if (remain <= 0) 456 break; 457 458 /* Operation in this page 459 * 460 * shmem_page_offset = offset within page in shmem file 461 * page_length = bytes to copy for this page 462 */ 463 shmem_page_offset = offset_in_page(offset); 464 page_length = remain; 465 if ((shmem_page_offset + page_length) > PAGE_SIZE) 466 page_length = PAGE_SIZE - shmem_page_offset; 467 468 page_do_bit17_swizzling = obj_do_bit17_swizzling && 469 (page_to_phys(page) & (1 << 17)) != 0; 470 471 ret = shmem_pread_fast(page, shmem_page_offset, page_length, 472 user_data, page_do_bit17_swizzling, 473 needs_clflush); 474 if (ret == 0) 475 goto next_page; 476 477 mutex_unlock(&dev->struct_mutex); 478 479 if (likely(!i915_prefault_disable) && !prefaulted) { 480 ret = fault_in_multipages_writeable(user_data, remain); 481 /* Userspace is tricking us, but we've already clobbered 482 * its pages with the prefault and promised to write the 483 * data up to the first fault. Hence ignore any errors 484 * and just continue. */ 485 (void)ret; 486 prefaulted = 1; 487 } 488 489 ret = shmem_pread_slow(page, shmem_page_offset, page_length, 490 user_data, page_do_bit17_swizzling, 491 needs_clflush); 492 493 mutex_lock(&dev->struct_mutex); 494 495 next_page: 496 mark_page_accessed(page); 497 498 if (ret) 499 goto out; 500 501 remain -= page_length; 502 user_data += page_length; 503 offset += page_length; 504 } 505 506 out: 507 i915_gem_object_unpin_pages(obj); 508 509 return ret; 510 } 511 512 /** 513 * Reads data from the object referenced by handle. 514 * 515 * On error, the contents of *data are undefined. 516 */ 517 int 518 i915_gem_pread_ioctl(struct drm_device *dev, void *data, 519 struct drm_file *file) 520 { 521 struct drm_i915_gem_pread *args = data; 522 struct drm_i915_gem_object *obj; 523 int ret = 0; 524 525 if (args->size == 0) 526 return 0; 527 528 if (!access_ok(VERIFY_WRITE, 529 to_user_ptr(args->data_ptr), 530 args->size)) 531 return -EFAULT; 532 533 ret = i915_mutex_lock_interruptible(dev); 534 if (ret) 535 return ret; 536 537 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 538 if (&obj->base == NULL) { 539 ret = -ENOENT; 540 goto unlock; 541 } 542 543 /* Bounds check source. */ 544 if (args->offset > obj->base.size || 545 args->size > obj->base.size - args->offset) { 546 ret = -EINVAL; 547 goto out; 548 } 549 550 /* prime objects have no backing filp to GEM pread/pwrite 551 * pages from. 552 */ 553 if (!obj->base.filp) { 554 ret = -EINVAL; 555 goto out; 556 } 557 558 trace_i915_gem_object_pread(obj, args->offset, args->size); 559 560 ret = i915_gem_shmem_pread(dev, obj, args, file); 561 562 out: 563 drm_gem_object_unreference(&obj->base); 564 unlock: 565 mutex_unlock(&dev->struct_mutex); 566 return ret; 567 } 568 569 /* This is the fast write path which cannot handle 570 * page faults in the source data 571 */ 572 573 static inline int 574 fast_user_write(struct io_mapping *mapping, 575 loff_t page_base, int page_offset, 576 char __user *user_data, 577 int length) 578 { 579 void __iomem *vaddr_atomic; 580 void *vaddr; 581 unsigned long unwritten; 582 583 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base); 584 /* We can use the cpu mem copy function because this is X86. */ 585 vaddr = (void __force*)vaddr_atomic + page_offset; 586 unwritten = __copy_from_user_inatomic_nocache(vaddr, 587 user_data, length); 588 io_mapping_unmap_atomic(vaddr_atomic); 589 return unwritten; 590 } 591 592 /** 593 * This is the fast pwrite path, where we copy the data directly from the 594 * user into the GTT, uncached. 595 */ 596 static int 597 i915_gem_gtt_pwrite_fast(struct drm_device *dev, 598 struct drm_i915_gem_object *obj, 599 struct drm_i915_gem_pwrite *args, 600 struct drm_file *file) 601 { 602 drm_i915_private_t *dev_priv = dev->dev_private; 603 ssize_t remain; 604 loff_t offset, page_base; 605 char __user *user_data; 606 int page_offset, page_length, ret; 607 608 ret = i915_gem_obj_ggtt_pin(obj, 0, true, true); 609 if (ret) 610 goto out; 611 612 ret = i915_gem_object_set_to_gtt_domain(obj, true); 613 if (ret) 614 goto out_unpin; 615 616 ret = i915_gem_object_put_fence(obj); 617 if (ret) 618 goto out_unpin; 619 620 user_data = to_user_ptr(args->data_ptr); 621 remain = args->size; 622 623 offset = i915_gem_obj_ggtt_offset(obj) + args->offset; 624 625 while (remain > 0) { 626 /* Operation in this page 627 * 628 * page_base = page offset within aperture 629 * page_offset = offset within page 630 * page_length = bytes to copy for this page 631 */ 632 page_base = offset & PAGE_MASK; 633 page_offset = offset_in_page(offset); 634 page_length = remain; 635 if ((page_offset + remain) > PAGE_SIZE) 636 page_length = PAGE_SIZE - page_offset; 637 638 /* If we get a fault while copying data, then (presumably) our 639 * source page isn't available. Return the error and we'll 640 * retry in the slow path. 641 */ 642 if (fast_user_write(dev_priv->gtt.mappable, page_base, 643 page_offset, user_data, page_length)) { 644 ret = -EFAULT; 645 goto out_unpin; 646 } 647 648 remain -= page_length; 649 user_data += page_length; 650 offset += page_length; 651 } 652 653 out_unpin: 654 i915_gem_object_unpin(obj); 655 out: 656 return ret; 657 } 658 659 /* Per-page copy function for the shmem pwrite fastpath. 660 * Flushes invalid cachelines before writing to the target if 661 * needs_clflush_before is set and flushes out any written cachelines after 662 * writing if needs_clflush is set. */ 663 static int 664 shmem_pwrite_fast(struct page *page, int shmem_page_offset, int page_length, 665 char __user *user_data, 666 bool page_do_bit17_swizzling, 667 bool needs_clflush_before, 668 bool needs_clflush_after) 669 { 670 char *vaddr; 671 int ret; 672 673 if (unlikely(page_do_bit17_swizzling)) 674 return -EINVAL; 675 676 vaddr = kmap_atomic(page); 677 if (needs_clflush_before) 678 drm_clflush_virt_range(vaddr + shmem_page_offset, 679 page_length); 680 ret = __copy_from_user_inatomic_nocache(vaddr + shmem_page_offset, 681 user_data, 682 page_length); 683 if (needs_clflush_after) 684 drm_clflush_virt_range(vaddr + shmem_page_offset, 685 page_length); 686 kunmap_atomic(vaddr); 687 688 return ret ? -EFAULT : 0; 689 } 690 691 /* Only difference to the fast-path function is that this can handle bit17 692 * and uses non-atomic copy and kmap functions. */ 693 static int 694 shmem_pwrite_slow(struct page *page, int shmem_page_offset, int page_length, 695 char __user *user_data, 696 bool page_do_bit17_swizzling, 697 bool needs_clflush_before, 698 bool needs_clflush_after) 699 { 700 char *vaddr; 701 int ret; 702 703 vaddr = kmap(page); 704 if (unlikely(needs_clflush_before || page_do_bit17_swizzling)) 705 shmem_clflush_swizzled_range(vaddr + shmem_page_offset, 706 page_length, 707 page_do_bit17_swizzling); 708 if (page_do_bit17_swizzling) 709 ret = __copy_from_user_swizzled(vaddr, shmem_page_offset, 710 user_data, 711 page_length); 712 else 713 ret = __copy_from_user(vaddr + shmem_page_offset, 714 user_data, 715 page_length); 716 if (needs_clflush_after) 717 shmem_clflush_swizzled_range(vaddr + shmem_page_offset, 718 page_length, 719 page_do_bit17_swizzling); 720 kunmap(page); 721 722 return ret ? -EFAULT : 0; 723 } 724 725 static int 726 i915_gem_shmem_pwrite(struct drm_device *dev, 727 struct drm_i915_gem_object *obj, 728 struct drm_i915_gem_pwrite *args, 729 struct drm_file *file) 730 { 731 ssize_t remain; 732 loff_t offset; 733 char __user *user_data; 734 int shmem_page_offset, page_length, ret = 0; 735 int obj_do_bit17_swizzling, page_do_bit17_swizzling; 736 int hit_slowpath = 0; 737 int needs_clflush_after = 0; 738 int needs_clflush_before = 0; 739 struct sg_page_iter sg_iter; 740 741 user_data = to_user_ptr(args->data_ptr); 742 remain = args->size; 743 744 obj_do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj); 745 746 if (obj->base.write_domain != I915_GEM_DOMAIN_CPU) { 747 /* If we're not in the cpu write domain, set ourself into the gtt 748 * write domain and manually flush cachelines (if required). This 749 * optimizes for the case when the gpu will use the data 750 * right away and we therefore have to clflush anyway. */ 751 needs_clflush_after = cpu_write_needs_clflush(obj); 752 ret = i915_gem_object_wait_rendering(obj, false); 753 if (ret) 754 return ret; 755 } 756 /* Same trick applies to invalidate partially written cachelines read 757 * before writing. */ 758 if ((obj->base.read_domains & I915_GEM_DOMAIN_CPU) == 0) 759 needs_clflush_before = 760 !cpu_cache_is_coherent(dev, obj->cache_level); 761 762 ret = i915_gem_object_get_pages(obj); 763 if (ret) 764 return ret; 765 766 i915_gem_object_pin_pages(obj); 767 768 offset = args->offset; 769 obj->dirty = 1; 770 771 for_each_sg_page(obj->pages->sgl, &sg_iter, obj->pages->nents, 772 offset >> PAGE_SHIFT) { 773 struct page *page = sg_page_iter_page(&sg_iter); 774 int partial_cacheline_write; 775 776 if (remain <= 0) 777 break; 778 779 /* Operation in this page 780 * 781 * shmem_page_offset = offset within page in shmem file 782 * page_length = bytes to copy for this page 783 */ 784 shmem_page_offset = offset_in_page(offset); 785 786 page_length = remain; 787 if ((shmem_page_offset + page_length) > PAGE_SIZE) 788 page_length = PAGE_SIZE - shmem_page_offset; 789 790 /* If we don't overwrite a cacheline completely we need to be 791 * careful to have up-to-date data by first clflushing. Don't 792 * overcomplicate things and flush the entire patch. */ 793 partial_cacheline_write = needs_clflush_before && 794 ((shmem_page_offset | page_length) 795 & (boot_cpu_data.x86_clflush_size - 1)); 796 797 page_do_bit17_swizzling = obj_do_bit17_swizzling && 798 (page_to_phys(page) & (1 << 17)) != 0; 799 800 ret = shmem_pwrite_fast(page, shmem_page_offset, page_length, 801 user_data, page_do_bit17_swizzling, 802 partial_cacheline_write, 803 needs_clflush_after); 804 if (ret == 0) 805 goto next_page; 806 807 hit_slowpath = 1; 808 mutex_unlock(&dev->struct_mutex); 809 ret = shmem_pwrite_slow(page, shmem_page_offset, page_length, 810 user_data, page_do_bit17_swizzling, 811 partial_cacheline_write, 812 needs_clflush_after); 813 814 mutex_lock(&dev->struct_mutex); 815 816 next_page: 817 set_page_dirty(page); 818 mark_page_accessed(page); 819 820 if (ret) 821 goto out; 822 823 remain -= page_length; 824 user_data += page_length; 825 offset += page_length; 826 } 827 828 out: 829 i915_gem_object_unpin_pages(obj); 830 831 if (hit_slowpath) { 832 /* 833 * Fixup: Flush cpu caches in case we didn't flush the dirty 834 * cachelines in-line while writing and the object moved 835 * out of the cpu write domain while we've dropped the lock. 836 */ 837 if (!needs_clflush_after && 838 obj->base.write_domain != I915_GEM_DOMAIN_CPU) { 839 if (i915_gem_clflush_object(obj, obj->pin_display)) 840 i915_gem_chipset_flush(dev); 841 } 842 } 843 844 if (needs_clflush_after) 845 i915_gem_chipset_flush(dev); 846 847 return ret; 848 } 849 850 /** 851 * Writes data to the object referenced by handle. 852 * 853 * On error, the contents of the buffer that were to be modified are undefined. 854 */ 855 int 856 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data, 857 struct drm_file *file) 858 { 859 struct drm_i915_gem_pwrite *args = data; 860 struct drm_i915_gem_object *obj; 861 int ret; 862 863 if (args->size == 0) 864 return 0; 865 866 if (!access_ok(VERIFY_READ, 867 to_user_ptr(args->data_ptr), 868 args->size)) 869 return -EFAULT; 870 871 if (likely(!i915_prefault_disable)) { 872 ret = fault_in_multipages_readable(to_user_ptr(args->data_ptr), 873 args->size); 874 if (ret) 875 return -EFAULT; 876 } 877 878 ret = i915_mutex_lock_interruptible(dev); 879 if (ret) 880 return ret; 881 882 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 883 if (&obj->base == NULL) { 884 ret = -ENOENT; 885 goto unlock; 886 } 887 888 /* Bounds check destination. */ 889 if (args->offset > obj->base.size || 890 args->size > obj->base.size - args->offset) { 891 ret = -EINVAL; 892 goto out; 893 } 894 895 /* prime objects have no backing filp to GEM pread/pwrite 896 * pages from. 897 */ 898 if (!obj->base.filp) { 899 ret = -EINVAL; 900 goto out; 901 } 902 903 trace_i915_gem_object_pwrite(obj, args->offset, args->size); 904 905 ret = -EFAULT; 906 /* We can only do the GTT pwrite on untiled buffers, as otherwise 907 * it would end up going through the fenced access, and we'll get 908 * different detiling behavior between reading and writing. 909 * pread/pwrite currently are reading and writing from the CPU 910 * perspective, requiring manual detiling by the client. 911 */ 912 if (obj->phys_obj) { 913 ret = i915_gem_phys_pwrite(dev, obj, args, file); 914 goto out; 915 } 916 917 if (obj->tiling_mode == I915_TILING_NONE && 918 obj->base.write_domain != I915_GEM_DOMAIN_CPU && 919 cpu_write_needs_clflush(obj)) { 920 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file); 921 /* Note that the gtt paths might fail with non-page-backed user 922 * pointers (e.g. gtt mappings when moving data between 923 * textures). Fallback to the shmem path in that case. */ 924 } 925 926 if (ret == -EFAULT || ret == -ENOSPC) 927 ret = i915_gem_shmem_pwrite(dev, obj, args, file); 928 929 out: 930 drm_gem_object_unreference(&obj->base); 931 unlock: 932 mutex_unlock(&dev->struct_mutex); 933 return ret; 934 } 935 936 int 937 i915_gem_check_wedge(struct i915_gpu_error *error, 938 bool interruptible) 939 { 940 if (i915_reset_in_progress(error)) { 941 /* Non-interruptible callers can't handle -EAGAIN, hence return 942 * -EIO unconditionally for these. */ 943 if (!interruptible) 944 return -EIO; 945 946 /* Recovery complete, but the reset failed ... */ 947 if (i915_terminally_wedged(error)) 948 return -EIO; 949 950 return -EAGAIN; 951 } 952 953 return 0; 954 } 955 956 /* 957 * Compare seqno against outstanding lazy request. Emit a request if they are 958 * equal. 959 */ 960 static int 961 i915_gem_check_olr(struct intel_ring_buffer *ring, u32 seqno) 962 { 963 int ret; 964 965 BUG_ON(!mutex_is_locked(&ring->dev->struct_mutex)); 966 967 ret = 0; 968 if (seqno == ring->outstanding_lazy_seqno) 969 ret = i915_add_request(ring, NULL); 970 971 return ret; 972 } 973 974 static void fake_irq(unsigned long data) 975 { 976 wake_up_process((struct task_struct *)data); 977 } 978 979 static bool missed_irq(struct drm_i915_private *dev_priv, 980 struct intel_ring_buffer *ring) 981 { 982 return test_bit(ring->id, &dev_priv->gpu_error.missed_irq_rings); 983 } 984 985 static bool can_wait_boost(struct drm_i915_file_private *file_priv) 986 { 987 if (file_priv == NULL) 988 return true; 989 990 return !atomic_xchg(&file_priv->rps_wait_boost, true); 991 } 992 993 /** 994 * __wait_seqno - wait until execution of seqno has finished 995 * @ring: the ring expected to report seqno 996 * @seqno: duh! 997 * @reset_counter: reset sequence associated with the given seqno 998 * @interruptible: do an interruptible wait (normally yes) 999 * @timeout: in - how long to wait (NULL forever); out - how much time remaining 1000 * 1001 * Note: It is of utmost importance that the passed in seqno and reset_counter 1002 * values have been read by the caller in an smp safe manner. Where read-side 1003 * locks are involved, it is sufficient to read the reset_counter before 1004 * unlocking the lock that protects the seqno. For lockless tricks, the 1005 * reset_counter _must_ be read before, and an appropriate smp_rmb must be 1006 * inserted. 1007 * 1008 * Returns 0 if the seqno was found within the alloted time. Else returns the 1009 * errno with remaining time filled in timeout argument. 1010 */ 1011 static int __wait_seqno(struct intel_ring_buffer *ring, u32 seqno, 1012 unsigned reset_counter, 1013 bool interruptible, 1014 struct timespec *timeout, 1015 struct drm_i915_file_private *file_priv) 1016 { 1017 drm_i915_private_t *dev_priv = ring->dev->dev_private; 1018 const bool irq_test_in_progress = 1019 ACCESS_ONCE(dev_priv->gpu_error.test_irq_rings) & intel_ring_flag(ring); 1020 struct timespec before, now; 1021 DEFINE_WAIT(wait); 1022 unsigned long timeout_expire; 1023 int ret; 1024 1025 WARN(dev_priv->pc8.irqs_disabled, "IRQs disabled\n"); 1026 1027 if (i915_seqno_passed(ring->get_seqno(ring, true), seqno)) 1028 return 0; 1029 1030 timeout_expire = timeout ? jiffies + timespec_to_jiffies_timeout(timeout) : 0; 1031 1032 if (dev_priv->info->gen >= 6 && can_wait_boost(file_priv)) { 1033 gen6_rps_boost(dev_priv); 1034 if (file_priv) 1035 mod_delayed_work(dev_priv->wq, 1036 &file_priv->mm.idle_work, 1037 msecs_to_jiffies(100)); 1038 } 1039 1040 if (!irq_test_in_progress && WARN_ON(!ring->irq_get(ring))) 1041 return -ENODEV; 1042 1043 /* Record current time in case interrupted by signal, or wedged */ 1044 trace_i915_gem_request_wait_begin(ring, seqno); 1045 getrawmonotonic(&before); 1046 for (;;) { 1047 struct timer_list timer; 1048 1049 prepare_to_wait(&ring->irq_queue, &wait, 1050 interruptible ? TASK_INTERRUPTIBLE : TASK_UNINTERRUPTIBLE); 1051 1052 /* We need to check whether any gpu reset happened in between 1053 * the caller grabbing the seqno and now ... */ 1054 if (reset_counter != atomic_read(&dev_priv->gpu_error.reset_counter)) { 1055 /* ... but upgrade the -EAGAIN to an -EIO if the gpu 1056 * is truely gone. */ 1057 ret = i915_gem_check_wedge(&dev_priv->gpu_error, interruptible); 1058 if (ret == 0) 1059 ret = -EAGAIN; 1060 break; 1061 } 1062 1063 if (i915_seqno_passed(ring->get_seqno(ring, false), seqno)) { 1064 ret = 0; 1065 break; 1066 } 1067 1068 if (interruptible && signal_pending(current)) { 1069 ret = -ERESTARTSYS; 1070 break; 1071 } 1072 1073 if (timeout && time_after_eq(jiffies, timeout_expire)) { 1074 ret = -ETIME; 1075 break; 1076 } 1077 1078 timer.function = NULL; 1079 if (timeout || missed_irq(dev_priv, ring)) { 1080 unsigned long expire; 1081 1082 setup_timer_on_stack(&timer, fake_irq, (unsigned long)current); 1083 expire = missed_irq(dev_priv, ring) ? jiffies + 1 : timeout_expire; 1084 mod_timer(&timer, expire); 1085 } 1086 1087 io_schedule(); 1088 1089 if (timer.function) { 1090 del_singleshot_timer_sync(&timer); 1091 destroy_timer_on_stack(&timer); 1092 } 1093 } 1094 getrawmonotonic(&now); 1095 trace_i915_gem_request_wait_end(ring, seqno); 1096 1097 if (!irq_test_in_progress) 1098 ring->irq_put(ring); 1099 1100 finish_wait(&ring->irq_queue, &wait); 1101 1102 if (timeout) { 1103 struct timespec sleep_time = timespec_sub(now, before); 1104 *timeout = timespec_sub(*timeout, sleep_time); 1105 if (!timespec_valid(timeout)) /* i.e. negative time remains */ 1106 set_normalized_timespec(timeout, 0, 0); 1107 } 1108 1109 return ret; 1110 } 1111 1112 /** 1113 * Waits for a sequence number to be signaled, and cleans up the 1114 * request and object lists appropriately for that event. 1115 */ 1116 int 1117 i915_wait_seqno(struct intel_ring_buffer *ring, uint32_t seqno) 1118 { 1119 struct drm_device *dev = ring->dev; 1120 struct drm_i915_private *dev_priv = dev->dev_private; 1121 bool interruptible = dev_priv->mm.interruptible; 1122 int ret; 1123 1124 BUG_ON(!mutex_is_locked(&dev->struct_mutex)); 1125 BUG_ON(seqno == 0); 1126 1127 ret = i915_gem_check_wedge(&dev_priv->gpu_error, interruptible); 1128 if (ret) 1129 return ret; 1130 1131 ret = i915_gem_check_olr(ring, seqno); 1132 if (ret) 1133 return ret; 1134 1135 return __wait_seqno(ring, seqno, 1136 atomic_read(&dev_priv->gpu_error.reset_counter), 1137 interruptible, NULL, NULL); 1138 } 1139 1140 static int 1141 i915_gem_object_wait_rendering__tail(struct drm_i915_gem_object *obj, 1142 struct intel_ring_buffer *ring) 1143 { 1144 i915_gem_retire_requests_ring(ring); 1145 1146 /* Manually manage the write flush as we may have not yet 1147 * retired the buffer. 1148 * 1149 * Note that the last_write_seqno is always the earlier of 1150 * the two (read/write) seqno, so if we haved successfully waited, 1151 * we know we have passed the last write. 1152 */ 1153 obj->last_write_seqno = 0; 1154 obj->base.write_domain &= ~I915_GEM_GPU_DOMAINS; 1155 1156 return 0; 1157 } 1158 1159 /** 1160 * Ensures that all rendering to the object has completed and the object is 1161 * safe to unbind from the GTT or access from the CPU. 1162 */ 1163 static __must_check int 1164 i915_gem_object_wait_rendering(struct drm_i915_gem_object *obj, 1165 bool readonly) 1166 { 1167 struct intel_ring_buffer *ring = obj->ring; 1168 u32 seqno; 1169 int ret; 1170 1171 seqno = readonly ? obj->last_write_seqno : obj->last_read_seqno; 1172 if (seqno == 0) 1173 return 0; 1174 1175 ret = i915_wait_seqno(ring, seqno); 1176 if (ret) 1177 return ret; 1178 1179 return i915_gem_object_wait_rendering__tail(obj, ring); 1180 } 1181 1182 /* A nonblocking variant of the above wait. This is a highly dangerous routine 1183 * as the object state may change during this call. 1184 */ 1185 static __must_check int 1186 i915_gem_object_wait_rendering__nonblocking(struct drm_i915_gem_object *obj, 1187 struct drm_file *file, 1188 bool readonly) 1189 { 1190 struct drm_device *dev = obj->base.dev; 1191 struct drm_i915_private *dev_priv = dev->dev_private; 1192 struct intel_ring_buffer *ring = obj->ring; 1193 unsigned reset_counter; 1194 u32 seqno; 1195 int ret; 1196 1197 BUG_ON(!mutex_is_locked(&dev->struct_mutex)); 1198 BUG_ON(!dev_priv->mm.interruptible); 1199 1200 seqno = readonly ? obj->last_write_seqno : obj->last_read_seqno; 1201 if (seqno == 0) 1202 return 0; 1203 1204 ret = i915_gem_check_wedge(&dev_priv->gpu_error, true); 1205 if (ret) 1206 return ret; 1207 1208 ret = i915_gem_check_olr(ring, seqno); 1209 if (ret) 1210 return ret; 1211 1212 reset_counter = atomic_read(&dev_priv->gpu_error.reset_counter); 1213 mutex_unlock(&dev->struct_mutex); 1214 ret = __wait_seqno(ring, seqno, reset_counter, true, NULL, file->driver_priv); 1215 mutex_lock(&dev->struct_mutex); 1216 if (ret) 1217 return ret; 1218 1219 return i915_gem_object_wait_rendering__tail(obj, ring); 1220 } 1221 1222 /** 1223 * Called when user space prepares to use an object with the CPU, either 1224 * through the mmap ioctl's mapping or a GTT mapping. 1225 */ 1226 int 1227 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data, 1228 struct drm_file *file) 1229 { 1230 struct drm_i915_gem_set_domain *args = data; 1231 struct drm_i915_gem_object *obj; 1232 uint32_t read_domains = args->read_domains; 1233 uint32_t write_domain = args->write_domain; 1234 int ret; 1235 1236 /* Only handle setting domains to types used by the CPU. */ 1237 if (write_domain & I915_GEM_GPU_DOMAINS) 1238 return -EINVAL; 1239 1240 if (read_domains & I915_GEM_GPU_DOMAINS) 1241 return -EINVAL; 1242 1243 /* Having something in the write domain implies it's in the read 1244 * domain, and only that read domain. Enforce that in the request. 1245 */ 1246 if (write_domain != 0 && read_domains != write_domain) 1247 return -EINVAL; 1248 1249 ret = i915_mutex_lock_interruptible(dev); 1250 if (ret) 1251 return ret; 1252 1253 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 1254 if (&obj->base == NULL) { 1255 ret = -ENOENT; 1256 goto unlock; 1257 } 1258 1259 /* Try to flush the object off the GPU without holding the lock. 1260 * We will repeat the flush holding the lock in the normal manner 1261 * to catch cases where we are gazumped. 1262 */ 1263 ret = i915_gem_object_wait_rendering__nonblocking(obj, file, !write_domain); 1264 if (ret) 1265 goto unref; 1266 1267 if (read_domains & I915_GEM_DOMAIN_GTT) { 1268 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0); 1269 1270 /* Silently promote "you're not bound, there was nothing to do" 1271 * to success, since the client was just asking us to 1272 * make sure everything was done. 1273 */ 1274 if (ret == -EINVAL) 1275 ret = 0; 1276 } else { 1277 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0); 1278 } 1279 1280 unref: 1281 drm_gem_object_unreference(&obj->base); 1282 unlock: 1283 mutex_unlock(&dev->struct_mutex); 1284 return ret; 1285 } 1286 1287 /** 1288 * Called when user space has done writes to this buffer 1289 */ 1290 int 1291 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data, 1292 struct drm_file *file) 1293 { 1294 struct drm_i915_gem_sw_finish *args = data; 1295 struct drm_i915_gem_object *obj; 1296 int ret = 0; 1297 1298 ret = i915_mutex_lock_interruptible(dev); 1299 if (ret) 1300 return ret; 1301 1302 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 1303 if (&obj->base == NULL) { 1304 ret = -ENOENT; 1305 goto unlock; 1306 } 1307 1308 /* Pinned buffers may be scanout, so flush the cache */ 1309 if (obj->pin_display) 1310 i915_gem_object_flush_cpu_write_domain(obj, true); 1311 1312 drm_gem_object_unreference(&obj->base); 1313 unlock: 1314 mutex_unlock(&dev->struct_mutex); 1315 return ret; 1316 } 1317 1318 /** 1319 * Maps the contents of an object, returning the address it is mapped 1320 * into. 1321 * 1322 * While the mapping holds a reference on the contents of the object, it doesn't 1323 * imply a ref on the object itself. 1324 */ 1325 int 1326 i915_gem_mmap_ioctl(struct drm_device *dev, void *data, 1327 struct drm_file *file) 1328 { 1329 struct drm_i915_gem_mmap *args = data; 1330 struct drm_gem_object *obj; 1331 unsigned long addr; 1332 1333 obj = drm_gem_object_lookup(dev, file, args->handle); 1334 if (obj == NULL) 1335 return -ENOENT; 1336 1337 /* prime objects have no backing filp to GEM mmap 1338 * pages from. 1339 */ 1340 if (!obj->filp) { 1341 drm_gem_object_unreference_unlocked(obj); 1342 return -EINVAL; 1343 } 1344 1345 addr = vm_mmap(obj->filp, 0, args->size, 1346 PROT_READ | PROT_WRITE, MAP_SHARED, 1347 args->offset); 1348 drm_gem_object_unreference_unlocked(obj); 1349 if (IS_ERR((void *)addr)) 1350 return addr; 1351 1352 args->addr_ptr = (uint64_t) addr; 1353 1354 return 0; 1355 } 1356 1357 /** 1358 * i915_gem_fault - fault a page into the GTT 1359 * vma: VMA in question 1360 * vmf: fault info 1361 * 1362 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped 1363 * from userspace. The fault handler takes care of binding the object to 1364 * the GTT (if needed), allocating and programming a fence register (again, 1365 * only if needed based on whether the old reg is still valid or the object 1366 * is tiled) and inserting a new PTE into the faulting process. 1367 * 1368 * Note that the faulting process may involve evicting existing objects 1369 * from the GTT and/or fence registers to make room. So performance may 1370 * suffer if the GTT working set is large or there are few fence registers 1371 * left. 1372 */ 1373 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf) 1374 { 1375 struct drm_i915_gem_object *obj = to_intel_bo(vma->vm_private_data); 1376 struct drm_device *dev = obj->base.dev; 1377 drm_i915_private_t *dev_priv = dev->dev_private; 1378 pgoff_t page_offset; 1379 unsigned long pfn; 1380 int ret = 0; 1381 bool write = !!(vmf->flags & FAULT_FLAG_WRITE); 1382 1383 intel_runtime_pm_get(dev_priv); 1384 1385 /* We don't use vmf->pgoff since that has the fake offset */ 1386 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >> 1387 PAGE_SHIFT; 1388 1389 ret = i915_mutex_lock_interruptible(dev); 1390 if (ret) 1391 goto out; 1392 1393 trace_i915_gem_object_fault(obj, page_offset, true, write); 1394 1395 /* Access to snoopable pages through the GTT is incoherent. */ 1396 if (obj->cache_level != I915_CACHE_NONE && !HAS_LLC(dev)) { 1397 ret = -EINVAL; 1398 goto unlock; 1399 } 1400 1401 /* Now bind it into the GTT if needed */ 1402 ret = i915_gem_obj_ggtt_pin(obj, 0, true, false); 1403 if (ret) 1404 goto unlock; 1405 1406 ret = i915_gem_object_set_to_gtt_domain(obj, write); 1407 if (ret) 1408 goto unpin; 1409 1410 ret = i915_gem_object_get_fence(obj); 1411 if (ret) 1412 goto unpin; 1413 1414 obj->fault_mappable = true; 1415 1416 pfn = dev_priv->gtt.mappable_base + i915_gem_obj_ggtt_offset(obj); 1417 pfn >>= PAGE_SHIFT; 1418 pfn += page_offset; 1419 1420 /* Finally, remap it using the new GTT offset */ 1421 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn); 1422 unpin: 1423 i915_gem_object_unpin(obj); 1424 unlock: 1425 mutex_unlock(&dev->struct_mutex); 1426 out: 1427 switch (ret) { 1428 case -EIO: 1429 /* If this -EIO is due to a gpu hang, give the reset code a 1430 * chance to clean up the mess. Otherwise return the proper 1431 * SIGBUS. */ 1432 if (i915_terminally_wedged(&dev_priv->gpu_error)) { 1433 ret = VM_FAULT_SIGBUS; 1434 break; 1435 } 1436 case -EAGAIN: 1437 /* 1438 * EAGAIN means the gpu is hung and we'll wait for the error 1439 * handler to reset everything when re-faulting in 1440 * i915_mutex_lock_interruptible. 1441 */ 1442 case 0: 1443 case -ERESTARTSYS: 1444 case -EINTR: 1445 case -EBUSY: 1446 /* 1447 * EBUSY is ok: this just means that another thread 1448 * already did the job. 1449 */ 1450 ret = VM_FAULT_NOPAGE; 1451 break; 1452 case -ENOMEM: 1453 ret = VM_FAULT_OOM; 1454 break; 1455 case -ENOSPC: 1456 ret = VM_FAULT_SIGBUS; 1457 break; 1458 default: 1459 WARN_ONCE(ret, "unhandled error in i915_gem_fault: %i\n", ret); 1460 ret = VM_FAULT_SIGBUS; 1461 break; 1462 } 1463 1464 intel_runtime_pm_put(dev_priv); 1465 return ret; 1466 } 1467 1468 void i915_gem_release_all_mmaps(struct drm_i915_private *dev_priv) 1469 { 1470 struct i915_vma *vma; 1471 1472 /* 1473 * Only the global gtt is relevant for gtt memory mappings, so restrict 1474 * list traversal to objects bound into the global address space. Note 1475 * that the active list should be empty, but better safe than sorry. 1476 */ 1477 WARN_ON(!list_empty(&dev_priv->gtt.base.active_list)); 1478 list_for_each_entry(vma, &dev_priv->gtt.base.active_list, mm_list) 1479 i915_gem_release_mmap(vma->obj); 1480 list_for_each_entry(vma, &dev_priv->gtt.base.inactive_list, mm_list) 1481 i915_gem_release_mmap(vma->obj); 1482 } 1483 1484 /** 1485 * i915_gem_release_mmap - remove physical page mappings 1486 * @obj: obj in question 1487 * 1488 * Preserve the reservation of the mmapping with the DRM core code, but 1489 * relinquish ownership of the pages back to the system. 1490 * 1491 * It is vital that we remove the page mapping if we have mapped a tiled 1492 * object through the GTT and then lose the fence register due to 1493 * resource pressure. Similarly if the object has been moved out of the 1494 * aperture, than pages mapped into userspace must be revoked. Removing the 1495 * mapping will then trigger a page fault on the next user access, allowing 1496 * fixup by i915_gem_fault(). 1497 */ 1498 void 1499 i915_gem_release_mmap(struct drm_i915_gem_object *obj) 1500 { 1501 if (!obj->fault_mappable) 1502 return; 1503 1504 drm_vma_node_unmap(&obj->base.vma_node, obj->base.dev->dev_mapping); 1505 obj->fault_mappable = false; 1506 } 1507 1508 uint32_t 1509 i915_gem_get_gtt_size(struct drm_device *dev, uint32_t size, int tiling_mode) 1510 { 1511 uint32_t gtt_size; 1512 1513 if (INTEL_INFO(dev)->gen >= 4 || 1514 tiling_mode == I915_TILING_NONE) 1515 return size; 1516 1517 /* Previous chips need a power-of-two fence region when tiling */ 1518 if (INTEL_INFO(dev)->gen == 3) 1519 gtt_size = 1024*1024; 1520 else 1521 gtt_size = 512*1024; 1522 1523 while (gtt_size < size) 1524 gtt_size <<= 1; 1525 1526 return gtt_size; 1527 } 1528 1529 /** 1530 * i915_gem_get_gtt_alignment - return required GTT alignment for an object 1531 * @obj: object to check 1532 * 1533 * Return the required GTT alignment for an object, taking into account 1534 * potential fence register mapping. 1535 */ 1536 uint32_t 1537 i915_gem_get_gtt_alignment(struct drm_device *dev, uint32_t size, 1538 int tiling_mode, bool fenced) 1539 { 1540 /* 1541 * Minimum alignment is 4k (GTT page size), but might be greater 1542 * if a fence register is needed for the object. 1543 */ 1544 if (INTEL_INFO(dev)->gen >= 4 || (!fenced && IS_G33(dev)) || 1545 tiling_mode == I915_TILING_NONE) 1546 return 4096; 1547 1548 /* 1549 * Previous chips need to be aligned to the size of the smallest 1550 * fence register that can contain the object. 1551 */ 1552 return i915_gem_get_gtt_size(dev, size, tiling_mode); 1553 } 1554 1555 static int i915_gem_object_create_mmap_offset(struct drm_i915_gem_object *obj) 1556 { 1557 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 1558 int ret; 1559 1560 if (drm_vma_node_has_offset(&obj->base.vma_node)) 1561 return 0; 1562 1563 dev_priv->mm.shrinker_no_lock_stealing = true; 1564 1565 ret = drm_gem_create_mmap_offset(&obj->base); 1566 if (ret != -ENOSPC) 1567 goto out; 1568 1569 /* Badly fragmented mmap space? The only way we can recover 1570 * space is by destroying unwanted objects. We can't randomly release 1571 * mmap_offsets as userspace expects them to be persistent for the 1572 * lifetime of the objects. The closest we can is to release the 1573 * offsets on purgeable objects by truncating it and marking it purged, 1574 * which prevents userspace from ever using that object again. 1575 */ 1576 i915_gem_purge(dev_priv, obj->base.size >> PAGE_SHIFT); 1577 ret = drm_gem_create_mmap_offset(&obj->base); 1578 if (ret != -ENOSPC) 1579 goto out; 1580 1581 i915_gem_shrink_all(dev_priv); 1582 ret = drm_gem_create_mmap_offset(&obj->base); 1583 out: 1584 dev_priv->mm.shrinker_no_lock_stealing = false; 1585 1586 return ret; 1587 } 1588 1589 static void i915_gem_object_free_mmap_offset(struct drm_i915_gem_object *obj) 1590 { 1591 drm_gem_free_mmap_offset(&obj->base); 1592 } 1593 1594 int 1595 i915_gem_mmap_gtt(struct drm_file *file, 1596 struct drm_device *dev, 1597 uint32_t handle, 1598 uint64_t *offset) 1599 { 1600 struct drm_i915_private *dev_priv = dev->dev_private; 1601 struct drm_i915_gem_object *obj; 1602 int ret; 1603 1604 ret = i915_mutex_lock_interruptible(dev); 1605 if (ret) 1606 return ret; 1607 1608 obj = to_intel_bo(drm_gem_object_lookup(dev, file, handle)); 1609 if (&obj->base == NULL) { 1610 ret = -ENOENT; 1611 goto unlock; 1612 } 1613 1614 if (obj->base.size > dev_priv->gtt.mappable_end) { 1615 ret = -E2BIG; 1616 goto out; 1617 } 1618 1619 if (obj->madv != I915_MADV_WILLNEED) { 1620 DRM_ERROR("Attempting to mmap a purgeable buffer\n"); 1621 ret = -EINVAL; 1622 goto out; 1623 } 1624 1625 ret = i915_gem_object_create_mmap_offset(obj); 1626 if (ret) 1627 goto out; 1628 1629 *offset = drm_vma_node_offset_addr(&obj->base.vma_node); 1630 1631 out: 1632 drm_gem_object_unreference(&obj->base); 1633 unlock: 1634 mutex_unlock(&dev->struct_mutex); 1635 return ret; 1636 } 1637 1638 /** 1639 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing 1640 * @dev: DRM device 1641 * @data: GTT mapping ioctl data 1642 * @file: GEM object info 1643 * 1644 * Simply returns the fake offset to userspace so it can mmap it. 1645 * The mmap call will end up in drm_gem_mmap(), which will set things 1646 * up so we can get faults in the handler above. 1647 * 1648 * The fault handler will take care of binding the object into the GTT 1649 * (since it may have been evicted to make room for something), allocating 1650 * a fence register, and mapping the appropriate aperture address into 1651 * userspace. 1652 */ 1653 int 1654 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data, 1655 struct drm_file *file) 1656 { 1657 struct drm_i915_gem_mmap_gtt *args = data; 1658 1659 return i915_gem_mmap_gtt(file, dev, args->handle, &args->offset); 1660 } 1661 1662 /* Immediately discard the backing storage */ 1663 static void 1664 i915_gem_object_truncate(struct drm_i915_gem_object *obj) 1665 { 1666 struct inode *inode; 1667 1668 i915_gem_object_free_mmap_offset(obj); 1669 1670 if (obj->base.filp == NULL) 1671 return; 1672 1673 /* Our goal here is to return as much of the memory as 1674 * is possible back to the system as we are called from OOM. 1675 * To do this we must instruct the shmfs to drop all of its 1676 * backing pages, *now*. 1677 */ 1678 inode = file_inode(obj->base.filp); 1679 shmem_truncate_range(inode, 0, (loff_t)-1); 1680 1681 obj->madv = __I915_MADV_PURGED; 1682 } 1683 1684 static inline int 1685 i915_gem_object_is_purgeable(struct drm_i915_gem_object *obj) 1686 { 1687 return obj->madv == I915_MADV_DONTNEED; 1688 } 1689 1690 static void 1691 i915_gem_object_put_pages_gtt(struct drm_i915_gem_object *obj) 1692 { 1693 struct sg_page_iter sg_iter; 1694 int ret; 1695 1696 BUG_ON(obj->madv == __I915_MADV_PURGED); 1697 1698 ret = i915_gem_object_set_to_cpu_domain(obj, true); 1699 if (ret) { 1700 /* In the event of a disaster, abandon all caches and 1701 * hope for the best. 1702 */ 1703 WARN_ON(ret != -EIO); 1704 i915_gem_clflush_object(obj, true); 1705 obj->base.read_domains = obj->base.write_domain = I915_GEM_DOMAIN_CPU; 1706 } 1707 1708 if (i915_gem_object_needs_bit17_swizzle(obj)) 1709 i915_gem_object_save_bit_17_swizzle(obj); 1710 1711 if (obj->madv == I915_MADV_DONTNEED) 1712 obj->dirty = 0; 1713 1714 for_each_sg_page(obj->pages->sgl, &sg_iter, obj->pages->nents, 0) { 1715 struct page *page = sg_page_iter_page(&sg_iter); 1716 1717 if (obj->dirty) 1718 set_page_dirty(page); 1719 1720 if (obj->madv == I915_MADV_WILLNEED) 1721 mark_page_accessed(page); 1722 1723 page_cache_release(page); 1724 } 1725 obj->dirty = 0; 1726 1727 sg_free_table(obj->pages); 1728 kfree(obj->pages); 1729 } 1730 1731 int 1732 i915_gem_object_put_pages(struct drm_i915_gem_object *obj) 1733 { 1734 const struct drm_i915_gem_object_ops *ops = obj->ops; 1735 1736 if (obj->pages == NULL) 1737 return 0; 1738 1739 if (obj->pages_pin_count) 1740 return -EBUSY; 1741 1742 BUG_ON(i915_gem_obj_bound_any(obj)); 1743 1744 /* ->put_pages might need to allocate memory for the bit17 swizzle 1745 * array, hence protect them from being reaped by removing them from gtt 1746 * lists early. */ 1747 list_del(&obj->global_list); 1748 1749 ops->put_pages(obj); 1750 obj->pages = NULL; 1751 1752 if (i915_gem_object_is_purgeable(obj)) 1753 i915_gem_object_truncate(obj); 1754 1755 return 0; 1756 } 1757 1758 static unsigned long 1759 __i915_gem_shrink(struct drm_i915_private *dev_priv, long target, 1760 bool purgeable_only) 1761 { 1762 struct list_head still_bound_list; 1763 struct drm_i915_gem_object *obj, *next; 1764 unsigned long count = 0; 1765 1766 list_for_each_entry_safe(obj, next, 1767 &dev_priv->mm.unbound_list, 1768 global_list) { 1769 if ((i915_gem_object_is_purgeable(obj) || !purgeable_only) && 1770 i915_gem_object_put_pages(obj) == 0) { 1771 count += obj->base.size >> PAGE_SHIFT; 1772 if (count >= target) 1773 return count; 1774 } 1775 } 1776 1777 /* 1778 * As we may completely rewrite the bound list whilst unbinding 1779 * (due to retiring requests) we have to strictly process only 1780 * one element of the list at the time, and recheck the list 1781 * on every iteration. 1782 */ 1783 INIT_LIST_HEAD(&still_bound_list); 1784 while (count < target && !list_empty(&dev_priv->mm.bound_list)) { 1785 struct i915_vma *vma, *v; 1786 1787 obj = list_first_entry(&dev_priv->mm.bound_list, 1788 typeof(*obj), global_list); 1789 list_move_tail(&obj->global_list, &still_bound_list); 1790 1791 if (!i915_gem_object_is_purgeable(obj) && purgeable_only) 1792 continue; 1793 1794 /* 1795 * Hold a reference whilst we unbind this object, as we may 1796 * end up waiting for and retiring requests. This might 1797 * release the final reference (held by the active list) 1798 * and result in the object being freed from under us. 1799 * in this object being freed. 1800 * 1801 * Note 1: Shrinking the bound list is special since only active 1802 * (and hence bound objects) can contain such limbo objects, so 1803 * we don't need special tricks for shrinking the unbound list. 1804 * The only other place where we have to be careful with active 1805 * objects suddenly disappearing due to retiring requests is the 1806 * eviction code. 1807 * 1808 * Note 2: Even though the bound list doesn't hold a reference 1809 * to the object we can safely grab one here: The final object 1810 * unreferencing and the bound_list are both protected by the 1811 * dev->struct_mutex and so we won't ever be able to observe an 1812 * object on the bound_list with a reference count equals 0. 1813 */ 1814 drm_gem_object_reference(&obj->base); 1815 1816 list_for_each_entry_safe(vma, v, &obj->vma_list, vma_link) 1817 if (i915_vma_unbind(vma)) 1818 break; 1819 1820 if (i915_gem_object_put_pages(obj) == 0) 1821 count += obj->base.size >> PAGE_SHIFT; 1822 1823 drm_gem_object_unreference(&obj->base); 1824 } 1825 list_splice(&still_bound_list, &dev_priv->mm.bound_list); 1826 1827 return count; 1828 } 1829 1830 static unsigned long 1831 i915_gem_purge(struct drm_i915_private *dev_priv, long target) 1832 { 1833 return __i915_gem_shrink(dev_priv, target, true); 1834 } 1835 1836 static unsigned long 1837 i915_gem_shrink_all(struct drm_i915_private *dev_priv) 1838 { 1839 struct drm_i915_gem_object *obj, *next; 1840 long freed = 0; 1841 1842 i915_gem_evict_everything(dev_priv->dev); 1843 1844 list_for_each_entry_safe(obj, next, &dev_priv->mm.unbound_list, 1845 global_list) { 1846 if (i915_gem_object_put_pages(obj) == 0) 1847 freed += obj->base.size >> PAGE_SHIFT; 1848 } 1849 return freed; 1850 } 1851 1852 static int 1853 i915_gem_object_get_pages_gtt(struct drm_i915_gem_object *obj) 1854 { 1855 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 1856 int page_count, i; 1857 struct address_space *mapping; 1858 struct sg_table *st; 1859 struct scatterlist *sg; 1860 struct sg_page_iter sg_iter; 1861 struct page *page; 1862 unsigned long last_pfn = 0; /* suppress gcc warning */ 1863 gfp_t gfp; 1864 1865 /* Assert that the object is not currently in any GPU domain. As it 1866 * wasn't in the GTT, there shouldn't be any way it could have been in 1867 * a GPU cache 1868 */ 1869 BUG_ON(obj->base.read_domains & I915_GEM_GPU_DOMAINS); 1870 BUG_ON(obj->base.write_domain & I915_GEM_GPU_DOMAINS); 1871 1872 st = kmalloc(sizeof(*st), GFP_KERNEL); 1873 if (st == NULL) 1874 return -ENOMEM; 1875 1876 page_count = obj->base.size / PAGE_SIZE; 1877 if (sg_alloc_table(st, page_count, GFP_KERNEL)) { 1878 kfree(st); 1879 return -ENOMEM; 1880 } 1881 1882 /* Get the list of pages out of our struct file. They'll be pinned 1883 * at this point until we release them. 1884 * 1885 * Fail silently without starting the shrinker 1886 */ 1887 mapping = file_inode(obj->base.filp)->i_mapping; 1888 gfp = mapping_gfp_mask(mapping); 1889 gfp |= __GFP_NORETRY | __GFP_NOWARN | __GFP_NO_KSWAPD; 1890 gfp &= ~(__GFP_IO | __GFP_WAIT); 1891 sg = st->sgl; 1892 st->nents = 0; 1893 for (i = 0; i < page_count; i++) { 1894 page = shmem_read_mapping_page_gfp(mapping, i, gfp); 1895 if (IS_ERR(page)) { 1896 i915_gem_purge(dev_priv, page_count); 1897 page = shmem_read_mapping_page_gfp(mapping, i, gfp); 1898 } 1899 if (IS_ERR(page)) { 1900 /* We've tried hard to allocate the memory by reaping 1901 * our own buffer, now let the real VM do its job and 1902 * go down in flames if truly OOM. 1903 */ 1904 gfp &= ~(__GFP_NORETRY | __GFP_NOWARN | __GFP_NO_KSWAPD); 1905 gfp |= __GFP_IO | __GFP_WAIT; 1906 1907 i915_gem_shrink_all(dev_priv); 1908 page = shmem_read_mapping_page_gfp(mapping, i, gfp); 1909 if (IS_ERR(page)) 1910 goto err_pages; 1911 1912 gfp |= __GFP_NORETRY | __GFP_NOWARN | __GFP_NO_KSWAPD; 1913 gfp &= ~(__GFP_IO | __GFP_WAIT); 1914 } 1915 #ifdef CONFIG_SWIOTLB 1916 if (swiotlb_nr_tbl()) { 1917 st->nents++; 1918 sg_set_page(sg, page, PAGE_SIZE, 0); 1919 sg = sg_next(sg); 1920 continue; 1921 } 1922 #endif 1923 if (!i || page_to_pfn(page) != last_pfn + 1) { 1924 if (i) 1925 sg = sg_next(sg); 1926 st->nents++; 1927 sg_set_page(sg, page, PAGE_SIZE, 0); 1928 } else { 1929 sg->length += PAGE_SIZE; 1930 } 1931 last_pfn = page_to_pfn(page); 1932 1933 /* Check that the i965g/gm workaround works. */ 1934 WARN_ON((gfp & __GFP_DMA32) && (last_pfn >= 0x00100000UL)); 1935 } 1936 #ifdef CONFIG_SWIOTLB 1937 if (!swiotlb_nr_tbl()) 1938 #endif 1939 sg_mark_end(sg); 1940 obj->pages = st; 1941 1942 if (i915_gem_object_needs_bit17_swizzle(obj)) 1943 i915_gem_object_do_bit_17_swizzle(obj); 1944 1945 return 0; 1946 1947 err_pages: 1948 sg_mark_end(sg); 1949 for_each_sg_page(st->sgl, &sg_iter, st->nents, 0) 1950 page_cache_release(sg_page_iter_page(&sg_iter)); 1951 sg_free_table(st); 1952 kfree(st); 1953 return PTR_ERR(page); 1954 } 1955 1956 /* Ensure that the associated pages are gathered from the backing storage 1957 * and pinned into our object. i915_gem_object_get_pages() may be called 1958 * multiple times before they are released by a single call to 1959 * i915_gem_object_put_pages() - once the pages are no longer referenced 1960 * either as a result of memory pressure (reaping pages under the shrinker) 1961 * or as the object is itself released. 1962 */ 1963 int 1964 i915_gem_object_get_pages(struct drm_i915_gem_object *obj) 1965 { 1966 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 1967 const struct drm_i915_gem_object_ops *ops = obj->ops; 1968 int ret; 1969 1970 if (obj->pages) 1971 return 0; 1972 1973 if (obj->madv != I915_MADV_WILLNEED) { 1974 DRM_ERROR("Attempting to obtain a purgeable object\n"); 1975 return -EINVAL; 1976 } 1977 1978 BUG_ON(obj->pages_pin_count); 1979 1980 ret = ops->get_pages(obj); 1981 if (ret) 1982 return ret; 1983 1984 list_add_tail(&obj->global_list, &dev_priv->mm.unbound_list); 1985 return 0; 1986 } 1987 1988 static void 1989 i915_gem_object_move_to_active(struct drm_i915_gem_object *obj, 1990 struct intel_ring_buffer *ring) 1991 { 1992 struct drm_device *dev = obj->base.dev; 1993 struct drm_i915_private *dev_priv = dev->dev_private; 1994 u32 seqno = intel_ring_get_seqno(ring); 1995 1996 BUG_ON(ring == NULL); 1997 if (obj->ring != ring && obj->last_write_seqno) { 1998 /* Keep the seqno relative to the current ring */ 1999 obj->last_write_seqno = seqno; 2000 } 2001 obj->ring = ring; 2002 2003 /* Add a reference if we're newly entering the active list. */ 2004 if (!obj->active) { 2005 drm_gem_object_reference(&obj->base); 2006 obj->active = 1; 2007 } 2008 2009 list_move_tail(&obj->ring_list, &ring->active_list); 2010 2011 obj->last_read_seqno = seqno; 2012 2013 if (obj->fenced_gpu_access) { 2014 obj->last_fenced_seqno = seqno; 2015 2016 /* Bump MRU to take account of the delayed flush */ 2017 if (obj->fence_reg != I915_FENCE_REG_NONE) { 2018 struct drm_i915_fence_reg *reg; 2019 2020 reg = &dev_priv->fence_regs[obj->fence_reg]; 2021 list_move_tail(®->lru_list, 2022 &dev_priv->mm.fence_list); 2023 } 2024 } 2025 } 2026 2027 void i915_vma_move_to_active(struct i915_vma *vma, 2028 struct intel_ring_buffer *ring) 2029 { 2030 list_move_tail(&vma->mm_list, &vma->vm->active_list); 2031 return i915_gem_object_move_to_active(vma->obj, ring); 2032 } 2033 2034 static void 2035 i915_gem_object_move_to_inactive(struct drm_i915_gem_object *obj) 2036 { 2037 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 2038 struct i915_address_space *ggtt_vm = &dev_priv->gtt.base; 2039 struct i915_vma *vma = i915_gem_obj_to_vma(obj, ggtt_vm); 2040 2041 BUG_ON(obj->base.write_domain & ~I915_GEM_GPU_DOMAINS); 2042 BUG_ON(!obj->active); 2043 2044 list_move_tail(&vma->mm_list, &ggtt_vm->inactive_list); 2045 2046 list_del_init(&obj->ring_list); 2047 obj->ring = NULL; 2048 2049 obj->last_read_seqno = 0; 2050 obj->last_write_seqno = 0; 2051 obj->base.write_domain = 0; 2052 2053 obj->last_fenced_seqno = 0; 2054 obj->fenced_gpu_access = false; 2055 2056 obj->active = 0; 2057 drm_gem_object_unreference(&obj->base); 2058 2059 WARN_ON(i915_verify_lists(dev)); 2060 } 2061 2062 static int 2063 i915_gem_init_seqno(struct drm_device *dev, u32 seqno) 2064 { 2065 struct drm_i915_private *dev_priv = dev->dev_private; 2066 struct intel_ring_buffer *ring; 2067 int ret, i, j; 2068 2069 /* Carefully retire all requests without writing to the rings */ 2070 for_each_ring(ring, dev_priv, i) { 2071 ret = intel_ring_idle(ring); 2072 if (ret) 2073 return ret; 2074 } 2075 i915_gem_retire_requests(dev); 2076 2077 /* Finally reset hw state */ 2078 for_each_ring(ring, dev_priv, i) { 2079 intel_ring_init_seqno(ring, seqno); 2080 2081 for (j = 0; j < ARRAY_SIZE(ring->sync_seqno); j++) 2082 ring->sync_seqno[j] = 0; 2083 } 2084 2085 return 0; 2086 } 2087 2088 int i915_gem_set_seqno(struct drm_device *dev, u32 seqno) 2089 { 2090 struct drm_i915_private *dev_priv = dev->dev_private; 2091 int ret; 2092 2093 if (seqno == 0) 2094 return -EINVAL; 2095 2096 /* HWS page needs to be set less than what we 2097 * will inject to ring 2098 */ 2099 ret = i915_gem_init_seqno(dev, seqno - 1); 2100 if (ret) 2101 return ret; 2102 2103 /* Carefully set the last_seqno value so that wrap 2104 * detection still works 2105 */ 2106 dev_priv->next_seqno = seqno; 2107 dev_priv->last_seqno = seqno - 1; 2108 if (dev_priv->last_seqno == 0) 2109 dev_priv->last_seqno--; 2110 2111 return 0; 2112 } 2113 2114 int 2115 i915_gem_get_seqno(struct drm_device *dev, u32 *seqno) 2116 { 2117 struct drm_i915_private *dev_priv = dev->dev_private; 2118 2119 /* reserve 0 for non-seqno */ 2120 if (dev_priv->next_seqno == 0) { 2121 int ret = i915_gem_init_seqno(dev, 0); 2122 if (ret) 2123 return ret; 2124 2125 dev_priv->next_seqno = 1; 2126 } 2127 2128 *seqno = dev_priv->last_seqno = dev_priv->next_seqno++; 2129 return 0; 2130 } 2131 2132 int __i915_add_request(struct intel_ring_buffer *ring, 2133 struct drm_file *file, 2134 struct drm_i915_gem_object *obj, 2135 u32 *out_seqno) 2136 { 2137 drm_i915_private_t *dev_priv = ring->dev->dev_private; 2138 struct drm_i915_gem_request *request; 2139 u32 request_ring_position, request_start; 2140 int was_empty; 2141 int ret; 2142 2143 request_start = intel_ring_get_tail(ring); 2144 /* 2145 * Emit any outstanding flushes - execbuf can fail to emit the flush 2146 * after having emitted the batchbuffer command. Hence we need to fix 2147 * things up similar to emitting the lazy request. The difference here 2148 * is that the flush _must_ happen before the next request, no matter 2149 * what. 2150 */ 2151 ret = intel_ring_flush_all_caches(ring); 2152 if (ret) 2153 return ret; 2154 2155 request = ring->preallocated_lazy_request; 2156 if (WARN_ON(request == NULL)) 2157 return -ENOMEM; 2158 2159 /* Record the position of the start of the request so that 2160 * should we detect the updated seqno part-way through the 2161 * GPU processing the request, we never over-estimate the 2162 * position of the head. 2163 */ 2164 request_ring_position = intel_ring_get_tail(ring); 2165 2166 ret = ring->add_request(ring); 2167 if (ret) 2168 return ret; 2169 2170 request->seqno = intel_ring_get_seqno(ring); 2171 request->ring = ring; 2172 request->head = request_start; 2173 request->tail = request_ring_position; 2174 2175 /* Whilst this request exists, batch_obj will be on the 2176 * active_list, and so will hold the active reference. Only when this 2177 * request is retired will the the batch_obj be moved onto the 2178 * inactive_list and lose its active reference. Hence we do not need 2179 * to explicitly hold another reference here. 2180 */ 2181 request->batch_obj = obj; 2182 2183 /* Hold a reference to the current context so that we can inspect 2184 * it later in case a hangcheck error event fires. 2185 */ 2186 request->ctx = ring->last_context; 2187 if (request->ctx) 2188 i915_gem_context_reference(request->ctx); 2189 2190 request->emitted_jiffies = jiffies; 2191 was_empty = list_empty(&ring->request_list); 2192 list_add_tail(&request->list, &ring->request_list); 2193 request->file_priv = NULL; 2194 2195 if (file) { 2196 struct drm_i915_file_private *file_priv = file->driver_priv; 2197 2198 spin_lock(&file_priv->mm.lock); 2199 request->file_priv = file_priv; 2200 list_add_tail(&request->client_list, 2201 &file_priv->mm.request_list); 2202 spin_unlock(&file_priv->mm.lock); 2203 } 2204 2205 trace_i915_gem_request_add(ring, request->seqno); 2206 ring->outstanding_lazy_seqno = 0; 2207 ring->preallocated_lazy_request = NULL; 2208 2209 if (!dev_priv->ums.mm_suspended) { 2210 i915_queue_hangcheck(ring->dev); 2211 2212 if (was_empty) { 2213 cancel_delayed_work_sync(&dev_priv->mm.idle_work); 2214 queue_delayed_work(dev_priv->wq, 2215 &dev_priv->mm.retire_work, 2216 round_jiffies_up_relative(HZ)); 2217 intel_mark_busy(dev_priv->dev); 2218 } 2219 } 2220 2221 if (out_seqno) 2222 *out_seqno = request->seqno; 2223 return 0; 2224 } 2225 2226 static inline void 2227 i915_gem_request_remove_from_client(struct drm_i915_gem_request *request) 2228 { 2229 struct drm_i915_file_private *file_priv = request->file_priv; 2230 2231 if (!file_priv) 2232 return; 2233 2234 spin_lock(&file_priv->mm.lock); 2235 list_del(&request->client_list); 2236 request->file_priv = NULL; 2237 spin_unlock(&file_priv->mm.lock); 2238 } 2239 2240 static bool i915_head_inside_object(u32 acthd, struct drm_i915_gem_object *obj, 2241 struct i915_address_space *vm) 2242 { 2243 if (acthd >= i915_gem_obj_offset(obj, vm) && 2244 acthd < i915_gem_obj_offset(obj, vm) + obj->base.size) 2245 return true; 2246 2247 return false; 2248 } 2249 2250 static bool i915_head_inside_request(const u32 acthd_unmasked, 2251 const u32 request_start, 2252 const u32 request_end) 2253 { 2254 const u32 acthd = acthd_unmasked & HEAD_ADDR; 2255 2256 if (request_start < request_end) { 2257 if (acthd >= request_start && acthd < request_end) 2258 return true; 2259 } else if (request_start > request_end) { 2260 if (acthd >= request_start || acthd < request_end) 2261 return true; 2262 } 2263 2264 return false; 2265 } 2266 2267 static struct i915_address_space * 2268 request_to_vm(struct drm_i915_gem_request *request) 2269 { 2270 struct drm_i915_private *dev_priv = request->ring->dev->dev_private; 2271 struct i915_address_space *vm; 2272 2273 vm = &dev_priv->gtt.base; 2274 2275 return vm; 2276 } 2277 2278 static bool i915_request_guilty(struct drm_i915_gem_request *request, 2279 const u32 acthd, bool *inside) 2280 { 2281 /* There is a possibility that unmasked head address 2282 * pointing inside the ring, matches the batch_obj address range. 2283 * However this is extremely unlikely. 2284 */ 2285 if (request->batch_obj) { 2286 if (i915_head_inside_object(acthd, request->batch_obj, 2287 request_to_vm(request))) { 2288 *inside = true; 2289 return true; 2290 } 2291 } 2292 2293 if (i915_head_inside_request(acthd, request->head, request->tail)) { 2294 *inside = false; 2295 return true; 2296 } 2297 2298 return false; 2299 } 2300 2301 static bool i915_context_is_banned(const struct i915_ctx_hang_stats *hs) 2302 { 2303 const unsigned long elapsed = get_seconds() - hs->guilty_ts; 2304 2305 if (hs->banned) 2306 return true; 2307 2308 if (elapsed <= DRM_I915_CTX_BAN_PERIOD) { 2309 DRM_ERROR("context hanging too fast, declaring banned!\n"); 2310 return true; 2311 } 2312 2313 return false; 2314 } 2315 2316 static void i915_set_reset_status(struct intel_ring_buffer *ring, 2317 struct drm_i915_gem_request *request, 2318 u32 acthd) 2319 { 2320 struct i915_ctx_hang_stats *hs = NULL; 2321 bool inside, guilty; 2322 unsigned long offset = 0; 2323 2324 /* Innocent until proven guilty */ 2325 guilty = false; 2326 2327 if (request->batch_obj) 2328 offset = i915_gem_obj_offset(request->batch_obj, 2329 request_to_vm(request)); 2330 2331 if (ring->hangcheck.action != HANGCHECK_WAIT && 2332 i915_request_guilty(request, acthd, &inside)) { 2333 DRM_DEBUG("%s hung %s bo (0x%lx ctx %d) at 0x%x\n", 2334 ring->name, 2335 inside ? "inside" : "flushing", 2336 offset, 2337 request->ctx ? request->ctx->id : 0, 2338 acthd); 2339 2340 guilty = true; 2341 } 2342 2343 /* If contexts are disabled or this is the default context, use 2344 * file_priv->reset_state 2345 */ 2346 if (request->ctx && request->ctx->id != DEFAULT_CONTEXT_ID) 2347 hs = &request->ctx->hang_stats; 2348 else if (request->file_priv) 2349 hs = &request->file_priv->hang_stats; 2350 2351 if (hs) { 2352 if (guilty) { 2353 hs->banned = i915_context_is_banned(hs); 2354 hs->batch_active++; 2355 hs->guilty_ts = get_seconds(); 2356 } else { 2357 hs->batch_pending++; 2358 } 2359 } 2360 } 2361 2362 static void i915_gem_free_request(struct drm_i915_gem_request *request) 2363 { 2364 list_del(&request->list); 2365 i915_gem_request_remove_from_client(request); 2366 2367 if (request->ctx) 2368 i915_gem_context_unreference(request->ctx); 2369 2370 kfree(request); 2371 } 2372 2373 static void i915_gem_reset_ring_status(struct drm_i915_private *dev_priv, 2374 struct intel_ring_buffer *ring) 2375 { 2376 u32 completed_seqno = ring->get_seqno(ring, false); 2377 u32 acthd = intel_ring_get_active_head(ring); 2378 struct drm_i915_gem_request *request; 2379 2380 list_for_each_entry(request, &ring->request_list, list) { 2381 if (i915_seqno_passed(completed_seqno, request->seqno)) 2382 continue; 2383 2384 i915_set_reset_status(ring, request, acthd); 2385 } 2386 } 2387 2388 static void i915_gem_reset_ring_cleanup(struct drm_i915_private *dev_priv, 2389 struct intel_ring_buffer *ring) 2390 { 2391 while (!list_empty(&ring->active_list)) { 2392 struct drm_i915_gem_object *obj; 2393 2394 obj = list_first_entry(&ring->active_list, 2395 struct drm_i915_gem_object, 2396 ring_list); 2397 2398 i915_gem_object_move_to_inactive(obj); 2399 } 2400 2401 /* 2402 * We must free the requests after all the corresponding objects have 2403 * been moved off active lists. Which is the same order as the normal 2404 * retire_requests function does. This is important if object hold 2405 * implicit references on things like e.g. ppgtt address spaces through 2406 * the request. 2407 */ 2408 while (!list_empty(&ring->request_list)) { 2409 struct drm_i915_gem_request *request; 2410 2411 request = list_first_entry(&ring->request_list, 2412 struct drm_i915_gem_request, 2413 list); 2414 2415 i915_gem_free_request(request); 2416 } 2417 } 2418 2419 void i915_gem_restore_fences(struct drm_device *dev) 2420 { 2421 struct drm_i915_private *dev_priv = dev->dev_private; 2422 int i; 2423 2424 for (i = 0; i < dev_priv->num_fence_regs; i++) { 2425 struct drm_i915_fence_reg *reg = &dev_priv->fence_regs[i]; 2426 2427 /* 2428 * Commit delayed tiling changes if we have an object still 2429 * attached to the fence, otherwise just clear the fence. 2430 */ 2431 if (reg->obj) { 2432 i915_gem_object_update_fence(reg->obj, reg, 2433 reg->obj->tiling_mode); 2434 } else { 2435 i915_gem_write_fence(dev, i, NULL); 2436 } 2437 } 2438 } 2439 2440 void i915_gem_reset(struct drm_device *dev) 2441 { 2442 struct drm_i915_private *dev_priv = dev->dev_private; 2443 struct intel_ring_buffer *ring; 2444 int i; 2445 2446 /* 2447 * Before we free the objects from the requests, we need to inspect 2448 * them for finding the guilty party. As the requests only borrow 2449 * their reference to the objects, the inspection must be done first. 2450 */ 2451 for_each_ring(ring, dev_priv, i) 2452 i915_gem_reset_ring_status(dev_priv, ring); 2453 2454 for_each_ring(ring, dev_priv, i) 2455 i915_gem_reset_ring_cleanup(dev_priv, ring); 2456 2457 i915_gem_cleanup_ringbuffer(dev); 2458 2459 i915_gem_restore_fences(dev); 2460 } 2461 2462 /** 2463 * This function clears the request list as sequence numbers are passed. 2464 */ 2465 void 2466 i915_gem_retire_requests_ring(struct intel_ring_buffer *ring) 2467 { 2468 uint32_t seqno; 2469 2470 if (list_empty(&ring->request_list)) 2471 return; 2472 2473 WARN_ON(i915_verify_lists(ring->dev)); 2474 2475 seqno = ring->get_seqno(ring, true); 2476 2477 while (!list_empty(&ring->request_list)) { 2478 struct drm_i915_gem_request *request; 2479 2480 request = list_first_entry(&ring->request_list, 2481 struct drm_i915_gem_request, 2482 list); 2483 2484 if (!i915_seqno_passed(seqno, request->seqno)) 2485 break; 2486 2487 trace_i915_gem_request_retire(ring, request->seqno); 2488 /* We know the GPU must have read the request to have 2489 * sent us the seqno + interrupt, so use the position 2490 * of tail of the request to update the last known position 2491 * of the GPU head. 2492 */ 2493 ring->last_retired_head = request->tail; 2494 2495 i915_gem_free_request(request); 2496 } 2497 2498 /* Move any buffers on the active list that are no longer referenced 2499 * by the ringbuffer to the flushing/inactive lists as appropriate. 2500 */ 2501 while (!list_empty(&ring->active_list)) { 2502 struct drm_i915_gem_object *obj; 2503 2504 obj = list_first_entry(&ring->active_list, 2505 struct drm_i915_gem_object, 2506 ring_list); 2507 2508 if (!i915_seqno_passed(seqno, obj->last_read_seqno)) 2509 break; 2510 2511 i915_gem_object_move_to_inactive(obj); 2512 } 2513 2514 if (unlikely(ring->trace_irq_seqno && 2515 i915_seqno_passed(seqno, ring->trace_irq_seqno))) { 2516 ring->irq_put(ring); 2517 ring->trace_irq_seqno = 0; 2518 } 2519 2520 WARN_ON(i915_verify_lists(ring->dev)); 2521 } 2522 2523 bool 2524 i915_gem_retire_requests(struct drm_device *dev) 2525 { 2526 drm_i915_private_t *dev_priv = dev->dev_private; 2527 struct intel_ring_buffer *ring; 2528 bool idle = true; 2529 int i; 2530 2531 for_each_ring(ring, dev_priv, i) { 2532 i915_gem_retire_requests_ring(ring); 2533 idle &= list_empty(&ring->request_list); 2534 } 2535 2536 if (idle) 2537 mod_delayed_work(dev_priv->wq, 2538 &dev_priv->mm.idle_work, 2539 msecs_to_jiffies(100)); 2540 2541 return idle; 2542 } 2543 2544 static void 2545 i915_gem_retire_work_handler(struct work_struct *work) 2546 { 2547 struct drm_i915_private *dev_priv = 2548 container_of(work, typeof(*dev_priv), mm.retire_work.work); 2549 struct drm_device *dev = dev_priv->dev; 2550 bool idle; 2551 2552 /* Come back later if the device is busy... */ 2553 idle = false; 2554 if (mutex_trylock(&dev->struct_mutex)) { 2555 idle = i915_gem_retire_requests(dev); 2556 mutex_unlock(&dev->struct_mutex); 2557 } 2558 if (!idle) 2559 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, 2560 round_jiffies_up_relative(HZ)); 2561 } 2562 2563 static void 2564 i915_gem_idle_work_handler(struct work_struct *work) 2565 { 2566 struct drm_i915_private *dev_priv = 2567 container_of(work, typeof(*dev_priv), mm.idle_work.work); 2568 2569 intel_mark_idle(dev_priv->dev); 2570 } 2571 2572 /** 2573 * Ensures that an object will eventually get non-busy by flushing any required 2574 * write domains, emitting any outstanding lazy request and retiring and 2575 * completed requests. 2576 */ 2577 static int 2578 i915_gem_object_flush_active(struct drm_i915_gem_object *obj) 2579 { 2580 int ret; 2581 2582 if (obj->active) { 2583 ret = i915_gem_check_olr(obj->ring, obj->last_read_seqno); 2584 if (ret) 2585 return ret; 2586 2587 i915_gem_retire_requests_ring(obj->ring); 2588 } 2589 2590 return 0; 2591 } 2592 2593 /** 2594 * i915_gem_wait_ioctl - implements DRM_IOCTL_I915_GEM_WAIT 2595 * @DRM_IOCTL_ARGS: standard ioctl arguments 2596 * 2597 * Returns 0 if successful, else an error is returned with the remaining time in 2598 * the timeout parameter. 2599 * -ETIME: object is still busy after timeout 2600 * -ERESTARTSYS: signal interrupted the wait 2601 * -ENONENT: object doesn't exist 2602 * Also possible, but rare: 2603 * -EAGAIN: GPU wedged 2604 * -ENOMEM: damn 2605 * -ENODEV: Internal IRQ fail 2606 * -E?: The add request failed 2607 * 2608 * The wait ioctl with a timeout of 0 reimplements the busy ioctl. With any 2609 * non-zero timeout parameter the wait ioctl will wait for the given number of 2610 * nanoseconds on an object becoming unbusy. Since the wait itself does so 2611 * without holding struct_mutex the object may become re-busied before this 2612 * function completes. A similar but shorter * race condition exists in the busy 2613 * ioctl 2614 */ 2615 int 2616 i915_gem_wait_ioctl(struct drm_device *dev, void *data, struct drm_file *file) 2617 { 2618 drm_i915_private_t *dev_priv = dev->dev_private; 2619 struct drm_i915_gem_wait *args = data; 2620 struct drm_i915_gem_object *obj; 2621 struct intel_ring_buffer *ring = NULL; 2622 struct timespec timeout_stack, *timeout = NULL; 2623 unsigned reset_counter; 2624 u32 seqno = 0; 2625 int ret = 0; 2626 2627 if (args->timeout_ns >= 0) { 2628 timeout_stack = ns_to_timespec(args->timeout_ns); 2629 timeout = &timeout_stack; 2630 } 2631 2632 ret = i915_mutex_lock_interruptible(dev); 2633 if (ret) 2634 return ret; 2635 2636 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->bo_handle)); 2637 if (&obj->base == NULL) { 2638 mutex_unlock(&dev->struct_mutex); 2639 return -ENOENT; 2640 } 2641 2642 /* Need to make sure the object gets inactive eventually. */ 2643 ret = i915_gem_object_flush_active(obj); 2644 if (ret) 2645 goto out; 2646 2647 if (obj->active) { 2648 seqno = obj->last_read_seqno; 2649 ring = obj->ring; 2650 } 2651 2652 if (seqno == 0) 2653 goto out; 2654 2655 /* Do this after OLR check to make sure we make forward progress polling 2656 * on this IOCTL with a 0 timeout (like busy ioctl) 2657 */ 2658 if (!args->timeout_ns) { 2659 ret = -ETIME; 2660 goto out; 2661 } 2662 2663 drm_gem_object_unreference(&obj->base); 2664 reset_counter = atomic_read(&dev_priv->gpu_error.reset_counter); 2665 mutex_unlock(&dev->struct_mutex); 2666 2667 ret = __wait_seqno(ring, seqno, reset_counter, true, timeout, file->driver_priv); 2668 if (timeout) 2669 args->timeout_ns = timespec_to_ns(timeout); 2670 return ret; 2671 2672 out: 2673 drm_gem_object_unreference(&obj->base); 2674 mutex_unlock(&dev->struct_mutex); 2675 return ret; 2676 } 2677 2678 /** 2679 * i915_gem_object_sync - sync an object to a ring. 2680 * 2681 * @obj: object which may be in use on another ring. 2682 * @to: ring we wish to use the object on. May be NULL. 2683 * 2684 * This code is meant to abstract object synchronization with the GPU. 2685 * Calling with NULL implies synchronizing the object with the CPU 2686 * rather than a particular GPU ring. 2687 * 2688 * Returns 0 if successful, else propagates up the lower layer error. 2689 */ 2690 int 2691 i915_gem_object_sync(struct drm_i915_gem_object *obj, 2692 struct intel_ring_buffer *to) 2693 { 2694 struct intel_ring_buffer *from = obj->ring; 2695 u32 seqno; 2696 int ret, idx; 2697 2698 if (from == NULL || to == from) 2699 return 0; 2700 2701 if (to == NULL || !i915_semaphore_is_enabled(obj->base.dev)) 2702 return i915_gem_object_wait_rendering(obj, false); 2703 2704 idx = intel_ring_sync_index(from, to); 2705 2706 seqno = obj->last_read_seqno; 2707 if (seqno <= from->sync_seqno[idx]) 2708 return 0; 2709 2710 ret = i915_gem_check_olr(obj->ring, seqno); 2711 if (ret) 2712 return ret; 2713 2714 trace_i915_gem_ring_sync_to(from, to, seqno); 2715 ret = to->sync_to(to, from, seqno); 2716 if (!ret) 2717 /* We use last_read_seqno because sync_to() 2718 * might have just caused seqno wrap under 2719 * the radar. 2720 */ 2721 from->sync_seqno[idx] = obj->last_read_seqno; 2722 2723 return ret; 2724 } 2725 2726 static void i915_gem_object_finish_gtt(struct drm_i915_gem_object *obj) 2727 { 2728 u32 old_write_domain, old_read_domains; 2729 2730 /* Force a pagefault for domain tracking on next user access */ 2731 i915_gem_release_mmap(obj); 2732 2733 if ((obj->base.read_domains & I915_GEM_DOMAIN_GTT) == 0) 2734 return; 2735 2736 /* Wait for any direct GTT access to complete */ 2737 mb(); 2738 2739 old_read_domains = obj->base.read_domains; 2740 old_write_domain = obj->base.write_domain; 2741 2742 obj->base.read_domains &= ~I915_GEM_DOMAIN_GTT; 2743 obj->base.write_domain &= ~I915_GEM_DOMAIN_GTT; 2744 2745 trace_i915_gem_object_change_domain(obj, 2746 old_read_domains, 2747 old_write_domain); 2748 } 2749 2750 int i915_vma_unbind(struct i915_vma *vma) 2751 { 2752 struct drm_i915_gem_object *obj = vma->obj; 2753 drm_i915_private_t *dev_priv = obj->base.dev->dev_private; 2754 int ret; 2755 2756 /* For now we only ever use 1 vma per object */ 2757 WARN_ON(!list_is_singular(&obj->vma_list)); 2758 2759 if (list_empty(&vma->vma_link)) 2760 return 0; 2761 2762 if (!drm_mm_node_allocated(&vma->node)) { 2763 i915_gem_vma_destroy(vma); 2764 2765 return 0; 2766 } 2767 2768 if (obj->pin_count) 2769 return -EBUSY; 2770 2771 BUG_ON(obj->pages == NULL); 2772 2773 ret = i915_gem_object_finish_gpu(obj); 2774 if (ret) 2775 return ret; 2776 /* Continue on if we fail due to EIO, the GPU is hung so we 2777 * should be safe and we need to cleanup or else we might 2778 * cause memory corruption through use-after-free. 2779 */ 2780 2781 i915_gem_object_finish_gtt(obj); 2782 2783 /* release the fence reg _after_ flushing */ 2784 ret = i915_gem_object_put_fence(obj); 2785 if (ret) 2786 return ret; 2787 2788 trace_i915_vma_unbind(vma); 2789 2790 if (obj->has_global_gtt_mapping) 2791 i915_gem_gtt_unbind_object(obj); 2792 if (obj->has_aliasing_ppgtt_mapping) { 2793 i915_ppgtt_unbind_object(dev_priv->mm.aliasing_ppgtt, obj); 2794 obj->has_aliasing_ppgtt_mapping = 0; 2795 } 2796 i915_gem_gtt_finish_object(obj); 2797 2798 list_del(&vma->mm_list); 2799 /* Avoid an unnecessary call to unbind on rebind. */ 2800 if (i915_is_ggtt(vma->vm)) 2801 obj->map_and_fenceable = true; 2802 2803 drm_mm_remove_node(&vma->node); 2804 i915_gem_vma_destroy(vma); 2805 2806 /* Since the unbound list is global, only move to that list if 2807 * no more VMAs exist. */ 2808 if (list_empty(&obj->vma_list)) 2809 list_move_tail(&obj->global_list, &dev_priv->mm.unbound_list); 2810 2811 /* And finally now the object is completely decoupled from this vma, 2812 * we can drop its hold on the backing storage and allow it to be 2813 * reaped by the shrinker. 2814 */ 2815 i915_gem_object_unpin_pages(obj); 2816 2817 return 0; 2818 } 2819 2820 /** 2821 * Unbinds an object from the global GTT aperture. 2822 */ 2823 int 2824 i915_gem_object_ggtt_unbind(struct drm_i915_gem_object *obj) 2825 { 2826 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 2827 struct i915_address_space *ggtt = &dev_priv->gtt.base; 2828 2829 if (!i915_gem_obj_ggtt_bound(obj)) 2830 return 0; 2831 2832 if (obj->pin_count) 2833 return -EBUSY; 2834 2835 BUG_ON(obj->pages == NULL); 2836 2837 return i915_vma_unbind(i915_gem_obj_to_vma(obj, ggtt)); 2838 } 2839 2840 int i915_gpu_idle(struct drm_device *dev) 2841 { 2842 drm_i915_private_t *dev_priv = dev->dev_private; 2843 struct intel_ring_buffer *ring; 2844 int ret, i; 2845 2846 /* Flush everything onto the inactive list. */ 2847 for_each_ring(ring, dev_priv, i) { 2848 ret = i915_switch_context(ring, NULL, DEFAULT_CONTEXT_ID); 2849 if (ret) 2850 return ret; 2851 2852 ret = intel_ring_idle(ring); 2853 if (ret) 2854 return ret; 2855 } 2856 2857 return 0; 2858 } 2859 2860 static void i965_write_fence_reg(struct drm_device *dev, int reg, 2861 struct drm_i915_gem_object *obj) 2862 { 2863 drm_i915_private_t *dev_priv = dev->dev_private; 2864 int fence_reg; 2865 int fence_pitch_shift; 2866 2867 if (INTEL_INFO(dev)->gen >= 6) { 2868 fence_reg = FENCE_REG_SANDYBRIDGE_0; 2869 fence_pitch_shift = SANDYBRIDGE_FENCE_PITCH_SHIFT; 2870 } else { 2871 fence_reg = FENCE_REG_965_0; 2872 fence_pitch_shift = I965_FENCE_PITCH_SHIFT; 2873 } 2874 2875 fence_reg += reg * 8; 2876 2877 /* To w/a incoherency with non-atomic 64-bit register updates, 2878 * we split the 64-bit update into two 32-bit writes. In order 2879 * for a partial fence not to be evaluated between writes, we 2880 * precede the update with write to turn off the fence register, 2881 * and only enable the fence as the last step. 2882 * 2883 * For extra levels of paranoia, we make sure each step lands 2884 * before applying the next step. 2885 */ 2886 I915_WRITE(fence_reg, 0); 2887 POSTING_READ(fence_reg); 2888 2889 if (obj) { 2890 u32 size = i915_gem_obj_ggtt_size(obj); 2891 uint64_t val; 2892 2893 val = (uint64_t)((i915_gem_obj_ggtt_offset(obj) + size - 4096) & 2894 0xfffff000) << 32; 2895 val |= i915_gem_obj_ggtt_offset(obj) & 0xfffff000; 2896 val |= (uint64_t)((obj->stride / 128) - 1) << fence_pitch_shift; 2897 if (obj->tiling_mode == I915_TILING_Y) 2898 val |= 1 << I965_FENCE_TILING_Y_SHIFT; 2899 val |= I965_FENCE_REG_VALID; 2900 2901 I915_WRITE(fence_reg + 4, val >> 32); 2902 POSTING_READ(fence_reg + 4); 2903 2904 I915_WRITE(fence_reg + 0, val); 2905 POSTING_READ(fence_reg); 2906 } else { 2907 I915_WRITE(fence_reg + 4, 0); 2908 POSTING_READ(fence_reg + 4); 2909 } 2910 } 2911 2912 static void i915_write_fence_reg(struct drm_device *dev, int reg, 2913 struct drm_i915_gem_object *obj) 2914 { 2915 drm_i915_private_t *dev_priv = dev->dev_private; 2916 u32 val; 2917 2918 if (obj) { 2919 u32 size = i915_gem_obj_ggtt_size(obj); 2920 int pitch_val; 2921 int tile_width; 2922 2923 WARN((i915_gem_obj_ggtt_offset(obj) & ~I915_FENCE_START_MASK) || 2924 (size & -size) != size || 2925 (i915_gem_obj_ggtt_offset(obj) & (size - 1)), 2926 "object 0x%08lx [fenceable? %d] not 1M or pot-size (0x%08x) aligned\n", 2927 i915_gem_obj_ggtt_offset(obj), obj->map_and_fenceable, size); 2928 2929 if (obj->tiling_mode == I915_TILING_Y && HAS_128_BYTE_Y_TILING(dev)) 2930 tile_width = 128; 2931 else 2932 tile_width = 512; 2933 2934 /* Note: pitch better be a power of two tile widths */ 2935 pitch_val = obj->stride / tile_width; 2936 pitch_val = ffs(pitch_val) - 1; 2937 2938 val = i915_gem_obj_ggtt_offset(obj); 2939 if (obj->tiling_mode == I915_TILING_Y) 2940 val |= 1 << I830_FENCE_TILING_Y_SHIFT; 2941 val |= I915_FENCE_SIZE_BITS(size); 2942 val |= pitch_val << I830_FENCE_PITCH_SHIFT; 2943 val |= I830_FENCE_REG_VALID; 2944 } else 2945 val = 0; 2946 2947 if (reg < 8) 2948 reg = FENCE_REG_830_0 + reg * 4; 2949 else 2950 reg = FENCE_REG_945_8 + (reg - 8) * 4; 2951 2952 I915_WRITE(reg, val); 2953 POSTING_READ(reg); 2954 } 2955 2956 static void i830_write_fence_reg(struct drm_device *dev, int reg, 2957 struct drm_i915_gem_object *obj) 2958 { 2959 drm_i915_private_t *dev_priv = dev->dev_private; 2960 uint32_t val; 2961 2962 if (obj) { 2963 u32 size = i915_gem_obj_ggtt_size(obj); 2964 uint32_t pitch_val; 2965 2966 WARN((i915_gem_obj_ggtt_offset(obj) & ~I830_FENCE_START_MASK) || 2967 (size & -size) != size || 2968 (i915_gem_obj_ggtt_offset(obj) & (size - 1)), 2969 "object 0x%08lx not 512K or pot-size 0x%08x aligned\n", 2970 i915_gem_obj_ggtt_offset(obj), size); 2971 2972 pitch_val = obj->stride / 128; 2973 pitch_val = ffs(pitch_val) - 1; 2974 2975 val = i915_gem_obj_ggtt_offset(obj); 2976 if (obj->tiling_mode == I915_TILING_Y) 2977 val |= 1 << I830_FENCE_TILING_Y_SHIFT; 2978 val |= I830_FENCE_SIZE_BITS(size); 2979 val |= pitch_val << I830_FENCE_PITCH_SHIFT; 2980 val |= I830_FENCE_REG_VALID; 2981 } else 2982 val = 0; 2983 2984 I915_WRITE(FENCE_REG_830_0 + reg * 4, val); 2985 POSTING_READ(FENCE_REG_830_0 + reg * 4); 2986 } 2987 2988 inline static bool i915_gem_object_needs_mb(struct drm_i915_gem_object *obj) 2989 { 2990 return obj && obj->base.read_domains & I915_GEM_DOMAIN_GTT; 2991 } 2992 2993 static void i915_gem_write_fence(struct drm_device *dev, int reg, 2994 struct drm_i915_gem_object *obj) 2995 { 2996 struct drm_i915_private *dev_priv = dev->dev_private; 2997 2998 /* Ensure that all CPU reads are completed before installing a fence 2999 * and all writes before removing the fence. 3000 */ 3001 if (i915_gem_object_needs_mb(dev_priv->fence_regs[reg].obj)) 3002 mb(); 3003 3004 WARN(obj && (!obj->stride || !obj->tiling_mode), 3005 "bogus fence setup with stride: 0x%x, tiling mode: %i\n", 3006 obj->stride, obj->tiling_mode); 3007 3008 switch (INTEL_INFO(dev)->gen) { 3009 case 8: 3010 case 7: 3011 case 6: 3012 case 5: 3013 case 4: i965_write_fence_reg(dev, reg, obj); break; 3014 case 3: i915_write_fence_reg(dev, reg, obj); break; 3015 case 2: i830_write_fence_reg(dev, reg, obj); break; 3016 default: BUG(); 3017 } 3018 3019 /* And similarly be paranoid that no direct access to this region 3020 * is reordered to before the fence is installed. 3021 */ 3022 if (i915_gem_object_needs_mb(obj)) 3023 mb(); 3024 } 3025 3026 static inline int fence_number(struct drm_i915_private *dev_priv, 3027 struct drm_i915_fence_reg *fence) 3028 { 3029 return fence - dev_priv->fence_regs; 3030 } 3031 3032 static void i915_gem_object_update_fence(struct drm_i915_gem_object *obj, 3033 struct drm_i915_fence_reg *fence, 3034 bool enable) 3035 { 3036 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 3037 int reg = fence_number(dev_priv, fence); 3038 3039 i915_gem_write_fence(obj->base.dev, reg, enable ? obj : NULL); 3040 3041 if (enable) { 3042 obj->fence_reg = reg; 3043 fence->obj = obj; 3044 list_move_tail(&fence->lru_list, &dev_priv->mm.fence_list); 3045 } else { 3046 obj->fence_reg = I915_FENCE_REG_NONE; 3047 fence->obj = NULL; 3048 list_del_init(&fence->lru_list); 3049 } 3050 obj->fence_dirty = false; 3051 } 3052 3053 static int 3054 i915_gem_object_wait_fence(struct drm_i915_gem_object *obj) 3055 { 3056 if (obj->last_fenced_seqno) { 3057 int ret = i915_wait_seqno(obj->ring, obj->last_fenced_seqno); 3058 if (ret) 3059 return ret; 3060 3061 obj->last_fenced_seqno = 0; 3062 } 3063 3064 obj->fenced_gpu_access = false; 3065 return 0; 3066 } 3067 3068 int 3069 i915_gem_object_put_fence(struct drm_i915_gem_object *obj) 3070 { 3071 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 3072 struct drm_i915_fence_reg *fence; 3073 int ret; 3074 3075 ret = i915_gem_object_wait_fence(obj); 3076 if (ret) 3077 return ret; 3078 3079 if (obj->fence_reg == I915_FENCE_REG_NONE) 3080 return 0; 3081 3082 fence = &dev_priv->fence_regs[obj->fence_reg]; 3083 3084 i915_gem_object_fence_lost(obj); 3085 i915_gem_object_update_fence(obj, fence, false); 3086 3087 return 0; 3088 } 3089 3090 static struct drm_i915_fence_reg * 3091 i915_find_fence_reg(struct drm_device *dev) 3092 { 3093 struct drm_i915_private *dev_priv = dev->dev_private; 3094 struct drm_i915_fence_reg *reg, *avail; 3095 int i; 3096 3097 /* First try to find a free reg */ 3098 avail = NULL; 3099 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) { 3100 reg = &dev_priv->fence_regs[i]; 3101 if (!reg->obj) 3102 return reg; 3103 3104 if (!reg->pin_count) 3105 avail = reg; 3106 } 3107 3108 if (avail == NULL) 3109 goto deadlock; 3110 3111 /* None available, try to steal one or wait for a user to finish */ 3112 list_for_each_entry(reg, &dev_priv->mm.fence_list, lru_list) { 3113 if (reg->pin_count) 3114 continue; 3115 3116 return reg; 3117 } 3118 3119 deadlock: 3120 /* Wait for completion of pending flips which consume fences */ 3121 if (intel_has_pending_fb_unpin(dev)) 3122 return ERR_PTR(-EAGAIN); 3123 3124 return ERR_PTR(-EDEADLK); 3125 } 3126 3127 /** 3128 * i915_gem_object_get_fence - set up fencing for an object 3129 * @obj: object to map through a fence reg 3130 * 3131 * When mapping objects through the GTT, userspace wants to be able to write 3132 * to them without having to worry about swizzling if the object is tiled. 3133 * This function walks the fence regs looking for a free one for @obj, 3134 * stealing one if it can't find any. 3135 * 3136 * It then sets up the reg based on the object's properties: address, pitch 3137 * and tiling format. 3138 * 3139 * For an untiled surface, this removes any existing fence. 3140 */ 3141 int 3142 i915_gem_object_get_fence(struct drm_i915_gem_object *obj) 3143 { 3144 struct drm_device *dev = obj->base.dev; 3145 struct drm_i915_private *dev_priv = dev->dev_private; 3146 bool enable = obj->tiling_mode != I915_TILING_NONE; 3147 struct drm_i915_fence_reg *reg; 3148 int ret; 3149 3150 /* Have we updated the tiling parameters upon the object and so 3151 * will need to serialise the write to the associated fence register? 3152 */ 3153 if (obj->fence_dirty) { 3154 ret = i915_gem_object_wait_fence(obj); 3155 if (ret) 3156 return ret; 3157 } 3158 3159 /* Just update our place in the LRU if our fence is getting reused. */ 3160 if (obj->fence_reg != I915_FENCE_REG_NONE) { 3161 reg = &dev_priv->fence_regs[obj->fence_reg]; 3162 if (!obj->fence_dirty) { 3163 list_move_tail(®->lru_list, 3164 &dev_priv->mm.fence_list); 3165 return 0; 3166 } 3167 } else if (enable) { 3168 reg = i915_find_fence_reg(dev); 3169 if (IS_ERR(reg)) 3170 return PTR_ERR(reg); 3171 3172 if (reg->obj) { 3173 struct drm_i915_gem_object *old = reg->obj; 3174 3175 ret = i915_gem_object_wait_fence(old); 3176 if (ret) 3177 return ret; 3178 3179 i915_gem_object_fence_lost(old); 3180 } 3181 } else 3182 return 0; 3183 3184 i915_gem_object_update_fence(obj, reg, enable); 3185 3186 return 0; 3187 } 3188 3189 static bool i915_gem_valid_gtt_space(struct drm_device *dev, 3190 struct drm_mm_node *gtt_space, 3191 unsigned long cache_level) 3192 { 3193 struct drm_mm_node *other; 3194 3195 /* On non-LLC machines we have to be careful when putting differing 3196 * types of snoopable memory together to avoid the prefetcher 3197 * crossing memory domains and dying. 3198 */ 3199 if (HAS_LLC(dev)) 3200 return true; 3201 3202 if (!drm_mm_node_allocated(gtt_space)) 3203 return true; 3204 3205 if (list_empty(>t_space->node_list)) 3206 return true; 3207 3208 other = list_entry(gtt_space->node_list.prev, struct drm_mm_node, node_list); 3209 if (other->allocated && !other->hole_follows && other->color != cache_level) 3210 return false; 3211 3212 other = list_entry(gtt_space->node_list.next, struct drm_mm_node, node_list); 3213 if (other->allocated && !gtt_space->hole_follows && other->color != cache_level) 3214 return false; 3215 3216 return true; 3217 } 3218 3219 static void i915_gem_verify_gtt(struct drm_device *dev) 3220 { 3221 #if WATCH_GTT 3222 struct drm_i915_private *dev_priv = dev->dev_private; 3223 struct drm_i915_gem_object *obj; 3224 int err = 0; 3225 3226 list_for_each_entry(obj, &dev_priv->mm.gtt_list, global_list) { 3227 if (obj->gtt_space == NULL) { 3228 printk(KERN_ERR "object found on GTT list with no space reserved\n"); 3229 err++; 3230 continue; 3231 } 3232 3233 if (obj->cache_level != obj->gtt_space->color) { 3234 printk(KERN_ERR "object reserved space [%08lx, %08lx] with wrong color, cache_level=%x, color=%lx\n", 3235 i915_gem_obj_ggtt_offset(obj), 3236 i915_gem_obj_ggtt_offset(obj) + i915_gem_obj_ggtt_size(obj), 3237 obj->cache_level, 3238 obj->gtt_space->color); 3239 err++; 3240 continue; 3241 } 3242 3243 if (!i915_gem_valid_gtt_space(dev, 3244 obj->gtt_space, 3245 obj->cache_level)) { 3246 printk(KERN_ERR "invalid GTT space found at [%08lx, %08lx] - color=%x\n", 3247 i915_gem_obj_ggtt_offset(obj), 3248 i915_gem_obj_ggtt_offset(obj) + i915_gem_obj_ggtt_size(obj), 3249 obj->cache_level); 3250 err++; 3251 continue; 3252 } 3253 } 3254 3255 WARN_ON(err); 3256 #endif 3257 } 3258 3259 /** 3260 * Finds free space in the GTT aperture and binds the object there. 3261 */ 3262 static int 3263 i915_gem_object_bind_to_vm(struct drm_i915_gem_object *obj, 3264 struct i915_address_space *vm, 3265 unsigned alignment, 3266 bool map_and_fenceable, 3267 bool nonblocking) 3268 { 3269 struct drm_device *dev = obj->base.dev; 3270 drm_i915_private_t *dev_priv = dev->dev_private; 3271 u32 size, fence_size, fence_alignment, unfenced_alignment; 3272 size_t gtt_max = 3273 map_and_fenceable ? dev_priv->gtt.mappable_end : vm->total; 3274 struct i915_vma *vma; 3275 int ret; 3276 3277 fence_size = i915_gem_get_gtt_size(dev, 3278 obj->base.size, 3279 obj->tiling_mode); 3280 fence_alignment = i915_gem_get_gtt_alignment(dev, 3281 obj->base.size, 3282 obj->tiling_mode, true); 3283 unfenced_alignment = 3284 i915_gem_get_gtt_alignment(dev, 3285 obj->base.size, 3286 obj->tiling_mode, false); 3287 3288 if (alignment == 0) 3289 alignment = map_and_fenceable ? fence_alignment : 3290 unfenced_alignment; 3291 if (map_and_fenceable && alignment & (fence_alignment - 1)) { 3292 DRM_ERROR("Invalid object alignment requested %u\n", alignment); 3293 return -EINVAL; 3294 } 3295 3296 size = map_and_fenceable ? fence_size : obj->base.size; 3297 3298 /* If the object is bigger than the entire aperture, reject it early 3299 * before evicting everything in a vain attempt to find space. 3300 */ 3301 if (obj->base.size > gtt_max) { 3302 DRM_ERROR("Attempting to bind an object larger than the aperture: object=%zd > %s aperture=%zu\n", 3303 obj->base.size, 3304 map_and_fenceable ? "mappable" : "total", 3305 gtt_max); 3306 return -E2BIG; 3307 } 3308 3309 ret = i915_gem_object_get_pages(obj); 3310 if (ret) 3311 return ret; 3312 3313 i915_gem_object_pin_pages(obj); 3314 3315 BUG_ON(!i915_is_ggtt(vm)); 3316 3317 vma = i915_gem_obj_lookup_or_create_vma(obj, vm); 3318 if (IS_ERR(vma)) { 3319 ret = PTR_ERR(vma); 3320 goto err_unpin; 3321 } 3322 3323 /* For now we only ever use 1 vma per object */ 3324 WARN_ON(!list_is_singular(&obj->vma_list)); 3325 3326 search_free: 3327 ret = drm_mm_insert_node_in_range_generic(&vm->mm, &vma->node, 3328 size, alignment, 3329 obj->cache_level, 0, gtt_max, 3330 DRM_MM_SEARCH_DEFAULT); 3331 if (ret) { 3332 ret = i915_gem_evict_something(dev, vm, size, alignment, 3333 obj->cache_level, 3334 map_and_fenceable, 3335 nonblocking); 3336 if (ret == 0) 3337 goto search_free; 3338 3339 goto err_free_vma; 3340 } 3341 if (WARN_ON(!i915_gem_valid_gtt_space(dev, &vma->node, 3342 obj->cache_level))) { 3343 ret = -EINVAL; 3344 goto err_remove_node; 3345 } 3346 3347 ret = i915_gem_gtt_prepare_object(obj); 3348 if (ret) 3349 goto err_remove_node; 3350 3351 list_move_tail(&obj->global_list, &dev_priv->mm.bound_list); 3352 list_add_tail(&vma->mm_list, &vm->inactive_list); 3353 3354 if (i915_is_ggtt(vm)) { 3355 bool mappable, fenceable; 3356 3357 fenceable = (vma->node.size == fence_size && 3358 (vma->node.start & (fence_alignment - 1)) == 0); 3359 3360 mappable = (vma->node.start + obj->base.size <= 3361 dev_priv->gtt.mappable_end); 3362 3363 obj->map_and_fenceable = mappable && fenceable; 3364 } 3365 3366 WARN_ON(map_and_fenceable && !obj->map_and_fenceable); 3367 3368 trace_i915_vma_bind(vma, map_and_fenceable); 3369 i915_gem_verify_gtt(dev); 3370 return 0; 3371 3372 err_remove_node: 3373 drm_mm_remove_node(&vma->node); 3374 err_free_vma: 3375 i915_gem_vma_destroy(vma); 3376 err_unpin: 3377 i915_gem_object_unpin_pages(obj); 3378 return ret; 3379 } 3380 3381 bool 3382 i915_gem_clflush_object(struct drm_i915_gem_object *obj, 3383 bool force) 3384 { 3385 /* If we don't have a page list set up, then we're not pinned 3386 * to GPU, and we can ignore the cache flush because it'll happen 3387 * again at bind time. 3388 */ 3389 if (obj->pages == NULL) 3390 return false; 3391 3392 /* 3393 * Stolen memory is always coherent with the GPU as it is explicitly 3394 * marked as wc by the system, or the system is cache-coherent. 3395 */ 3396 if (obj->stolen) 3397 return false; 3398 3399 /* If the GPU is snooping the contents of the CPU cache, 3400 * we do not need to manually clear the CPU cache lines. However, 3401 * the caches are only snooped when the render cache is 3402 * flushed/invalidated. As we always have to emit invalidations 3403 * and flushes when moving into and out of the RENDER domain, correct 3404 * snooping behaviour occurs naturally as the result of our domain 3405 * tracking. 3406 */ 3407 if (!force && cpu_cache_is_coherent(obj->base.dev, obj->cache_level)) 3408 return false; 3409 3410 trace_i915_gem_object_clflush(obj); 3411 drm_clflush_sg(obj->pages); 3412 3413 return true; 3414 } 3415 3416 /** Flushes the GTT write domain for the object if it's dirty. */ 3417 static void 3418 i915_gem_object_flush_gtt_write_domain(struct drm_i915_gem_object *obj) 3419 { 3420 uint32_t old_write_domain; 3421 3422 if (obj->base.write_domain != I915_GEM_DOMAIN_GTT) 3423 return; 3424 3425 /* No actual flushing is required for the GTT write domain. Writes 3426 * to it immediately go to main memory as far as we know, so there's 3427 * no chipset flush. It also doesn't land in render cache. 3428 * 3429 * However, we do have to enforce the order so that all writes through 3430 * the GTT land before any writes to the device, such as updates to 3431 * the GATT itself. 3432 */ 3433 wmb(); 3434 3435 old_write_domain = obj->base.write_domain; 3436 obj->base.write_domain = 0; 3437 3438 trace_i915_gem_object_change_domain(obj, 3439 obj->base.read_domains, 3440 old_write_domain); 3441 } 3442 3443 /** Flushes the CPU write domain for the object if it's dirty. */ 3444 static void 3445 i915_gem_object_flush_cpu_write_domain(struct drm_i915_gem_object *obj, 3446 bool force) 3447 { 3448 uint32_t old_write_domain; 3449 3450 if (obj->base.write_domain != I915_GEM_DOMAIN_CPU) 3451 return; 3452 3453 if (i915_gem_clflush_object(obj, force)) 3454 i915_gem_chipset_flush(obj->base.dev); 3455 3456 old_write_domain = obj->base.write_domain; 3457 obj->base.write_domain = 0; 3458 3459 trace_i915_gem_object_change_domain(obj, 3460 obj->base.read_domains, 3461 old_write_domain); 3462 } 3463 3464 /** 3465 * Moves a single object to the GTT read, and possibly write domain. 3466 * 3467 * This function returns when the move is complete, including waiting on 3468 * flushes to occur. 3469 */ 3470 int 3471 i915_gem_object_set_to_gtt_domain(struct drm_i915_gem_object *obj, bool write) 3472 { 3473 drm_i915_private_t *dev_priv = obj->base.dev->dev_private; 3474 uint32_t old_write_domain, old_read_domains; 3475 int ret; 3476 3477 /* Not valid to be called on unbound objects. */ 3478 if (!i915_gem_obj_bound_any(obj)) 3479 return -EINVAL; 3480 3481 if (obj->base.write_domain == I915_GEM_DOMAIN_GTT) 3482 return 0; 3483 3484 ret = i915_gem_object_wait_rendering(obj, !write); 3485 if (ret) 3486 return ret; 3487 3488 i915_gem_object_flush_cpu_write_domain(obj, false); 3489 3490 /* Serialise direct access to this object with the barriers for 3491 * coherent writes from the GPU, by effectively invalidating the 3492 * GTT domain upon first access. 3493 */ 3494 if ((obj->base.read_domains & I915_GEM_DOMAIN_GTT) == 0) 3495 mb(); 3496 3497 old_write_domain = obj->base.write_domain; 3498 old_read_domains = obj->base.read_domains; 3499 3500 /* It should now be out of any other write domains, and we can update 3501 * the domain values for our changes. 3502 */ 3503 BUG_ON((obj->base.write_domain & ~I915_GEM_DOMAIN_GTT) != 0); 3504 obj->base.read_domains |= I915_GEM_DOMAIN_GTT; 3505 if (write) { 3506 obj->base.read_domains = I915_GEM_DOMAIN_GTT; 3507 obj->base.write_domain = I915_GEM_DOMAIN_GTT; 3508 obj->dirty = 1; 3509 } 3510 3511 trace_i915_gem_object_change_domain(obj, 3512 old_read_domains, 3513 old_write_domain); 3514 3515 /* And bump the LRU for this access */ 3516 if (i915_gem_object_is_inactive(obj)) { 3517 struct i915_vma *vma = i915_gem_obj_to_ggtt(obj); 3518 if (vma) 3519 list_move_tail(&vma->mm_list, 3520 &dev_priv->gtt.base.inactive_list); 3521 3522 } 3523 3524 return 0; 3525 } 3526 3527 int i915_gem_object_set_cache_level(struct drm_i915_gem_object *obj, 3528 enum i915_cache_level cache_level) 3529 { 3530 struct drm_device *dev = obj->base.dev; 3531 drm_i915_private_t *dev_priv = dev->dev_private; 3532 struct i915_vma *vma; 3533 int ret; 3534 3535 if (obj->cache_level == cache_level) 3536 return 0; 3537 3538 if (obj->pin_count) { 3539 DRM_DEBUG("can not change the cache level of pinned objects\n"); 3540 return -EBUSY; 3541 } 3542 3543 list_for_each_entry(vma, &obj->vma_list, vma_link) { 3544 if (!i915_gem_valid_gtt_space(dev, &vma->node, cache_level)) { 3545 ret = i915_vma_unbind(vma); 3546 if (ret) 3547 return ret; 3548 3549 break; 3550 } 3551 } 3552 3553 if (i915_gem_obj_bound_any(obj)) { 3554 ret = i915_gem_object_finish_gpu(obj); 3555 if (ret) 3556 return ret; 3557 3558 i915_gem_object_finish_gtt(obj); 3559 3560 /* Before SandyBridge, you could not use tiling or fence 3561 * registers with snooped memory, so relinquish any fences 3562 * currently pointing to our region in the aperture. 3563 */ 3564 if (INTEL_INFO(dev)->gen < 6) { 3565 ret = i915_gem_object_put_fence(obj); 3566 if (ret) 3567 return ret; 3568 } 3569 3570 if (obj->has_global_gtt_mapping) 3571 i915_gem_gtt_bind_object(obj, cache_level); 3572 if (obj->has_aliasing_ppgtt_mapping) 3573 i915_ppgtt_bind_object(dev_priv->mm.aliasing_ppgtt, 3574 obj, cache_level); 3575 } 3576 3577 list_for_each_entry(vma, &obj->vma_list, vma_link) 3578 vma->node.color = cache_level; 3579 obj->cache_level = cache_level; 3580 3581 if (cpu_write_needs_clflush(obj)) { 3582 u32 old_read_domains, old_write_domain; 3583 3584 /* If we're coming from LLC cached, then we haven't 3585 * actually been tracking whether the data is in the 3586 * CPU cache or not, since we only allow one bit set 3587 * in obj->write_domain and have been skipping the clflushes. 3588 * Just set it to the CPU cache for now. 3589 */ 3590 WARN_ON(obj->base.write_domain & ~I915_GEM_DOMAIN_CPU); 3591 3592 old_read_domains = obj->base.read_domains; 3593 old_write_domain = obj->base.write_domain; 3594 3595 obj->base.read_domains = I915_GEM_DOMAIN_CPU; 3596 obj->base.write_domain = I915_GEM_DOMAIN_CPU; 3597 3598 trace_i915_gem_object_change_domain(obj, 3599 old_read_domains, 3600 old_write_domain); 3601 } 3602 3603 i915_gem_verify_gtt(dev); 3604 return 0; 3605 } 3606 3607 int i915_gem_get_caching_ioctl(struct drm_device *dev, void *data, 3608 struct drm_file *file) 3609 { 3610 struct drm_i915_gem_caching *args = data; 3611 struct drm_i915_gem_object *obj; 3612 int ret; 3613 3614 ret = i915_mutex_lock_interruptible(dev); 3615 if (ret) 3616 return ret; 3617 3618 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 3619 if (&obj->base == NULL) { 3620 ret = -ENOENT; 3621 goto unlock; 3622 } 3623 3624 switch (obj->cache_level) { 3625 case I915_CACHE_LLC: 3626 case I915_CACHE_L3_LLC: 3627 args->caching = I915_CACHING_CACHED; 3628 break; 3629 3630 case I915_CACHE_WT: 3631 args->caching = I915_CACHING_DISPLAY; 3632 break; 3633 3634 default: 3635 args->caching = I915_CACHING_NONE; 3636 break; 3637 } 3638 3639 drm_gem_object_unreference(&obj->base); 3640 unlock: 3641 mutex_unlock(&dev->struct_mutex); 3642 return ret; 3643 } 3644 3645 int i915_gem_set_caching_ioctl(struct drm_device *dev, void *data, 3646 struct drm_file *file) 3647 { 3648 struct drm_i915_gem_caching *args = data; 3649 struct drm_i915_gem_object *obj; 3650 enum i915_cache_level level; 3651 int ret; 3652 3653 switch (args->caching) { 3654 case I915_CACHING_NONE: 3655 level = I915_CACHE_NONE; 3656 break; 3657 case I915_CACHING_CACHED: 3658 level = I915_CACHE_LLC; 3659 break; 3660 case I915_CACHING_DISPLAY: 3661 level = HAS_WT(dev) ? I915_CACHE_WT : I915_CACHE_NONE; 3662 break; 3663 default: 3664 return -EINVAL; 3665 } 3666 3667 ret = i915_mutex_lock_interruptible(dev); 3668 if (ret) 3669 return ret; 3670 3671 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 3672 if (&obj->base == NULL) { 3673 ret = -ENOENT; 3674 goto unlock; 3675 } 3676 3677 ret = i915_gem_object_set_cache_level(obj, level); 3678 3679 drm_gem_object_unreference(&obj->base); 3680 unlock: 3681 mutex_unlock(&dev->struct_mutex); 3682 return ret; 3683 } 3684 3685 static bool is_pin_display(struct drm_i915_gem_object *obj) 3686 { 3687 /* There are 3 sources that pin objects: 3688 * 1. The display engine (scanouts, sprites, cursors); 3689 * 2. Reservations for execbuffer; 3690 * 3. The user. 3691 * 3692 * We can ignore reservations as we hold the struct_mutex and 3693 * are only called outside of the reservation path. The user 3694 * can only increment pin_count once, and so if after 3695 * subtracting the potential reference by the user, any pin_count 3696 * remains, it must be due to another use by the display engine. 3697 */ 3698 return obj->pin_count - !!obj->user_pin_count; 3699 } 3700 3701 /* 3702 * Prepare buffer for display plane (scanout, cursors, etc). 3703 * Can be called from an uninterruptible phase (modesetting) and allows 3704 * any flushes to be pipelined (for pageflips). 3705 */ 3706 int 3707 i915_gem_object_pin_to_display_plane(struct drm_i915_gem_object *obj, 3708 u32 alignment, 3709 struct intel_ring_buffer *pipelined) 3710 { 3711 u32 old_read_domains, old_write_domain; 3712 int ret; 3713 3714 if (pipelined != obj->ring) { 3715 ret = i915_gem_object_sync(obj, pipelined); 3716 if (ret) 3717 return ret; 3718 } 3719 3720 /* Mark the pin_display early so that we account for the 3721 * display coherency whilst setting up the cache domains. 3722 */ 3723 obj->pin_display = true; 3724 3725 /* The display engine is not coherent with the LLC cache on gen6. As 3726 * a result, we make sure that the pinning that is about to occur is 3727 * done with uncached PTEs. This is lowest common denominator for all 3728 * chipsets. 3729 * 3730 * However for gen6+, we could do better by using the GFDT bit instead 3731 * of uncaching, which would allow us to flush all the LLC-cached data 3732 * with that bit in the PTE to main memory with just one PIPE_CONTROL. 3733 */ 3734 ret = i915_gem_object_set_cache_level(obj, 3735 HAS_WT(obj->base.dev) ? I915_CACHE_WT : I915_CACHE_NONE); 3736 if (ret) 3737 goto err_unpin_display; 3738 3739 /* As the user may map the buffer once pinned in the display plane 3740 * (e.g. libkms for the bootup splash), we have to ensure that we 3741 * always use map_and_fenceable for all scanout buffers. 3742 */ 3743 ret = i915_gem_obj_ggtt_pin(obj, alignment, true, false); 3744 if (ret) 3745 goto err_unpin_display; 3746 3747 i915_gem_object_flush_cpu_write_domain(obj, true); 3748 3749 old_write_domain = obj->base.write_domain; 3750 old_read_domains = obj->base.read_domains; 3751 3752 /* It should now be out of any other write domains, and we can update 3753 * the domain values for our changes. 3754 */ 3755 obj->base.write_domain = 0; 3756 obj->base.read_domains |= I915_GEM_DOMAIN_GTT; 3757 3758 trace_i915_gem_object_change_domain(obj, 3759 old_read_domains, 3760 old_write_domain); 3761 3762 return 0; 3763 3764 err_unpin_display: 3765 obj->pin_display = is_pin_display(obj); 3766 return ret; 3767 } 3768 3769 void 3770 i915_gem_object_unpin_from_display_plane(struct drm_i915_gem_object *obj) 3771 { 3772 i915_gem_object_unpin(obj); 3773 obj->pin_display = is_pin_display(obj); 3774 } 3775 3776 int 3777 i915_gem_object_finish_gpu(struct drm_i915_gem_object *obj) 3778 { 3779 int ret; 3780 3781 if ((obj->base.read_domains & I915_GEM_GPU_DOMAINS) == 0) 3782 return 0; 3783 3784 ret = i915_gem_object_wait_rendering(obj, false); 3785 if (ret) 3786 return ret; 3787 3788 /* Ensure that we invalidate the GPU's caches and TLBs. */ 3789 obj->base.read_domains &= ~I915_GEM_GPU_DOMAINS; 3790 return 0; 3791 } 3792 3793 /** 3794 * Moves a single object to the CPU read, and possibly write domain. 3795 * 3796 * This function returns when the move is complete, including waiting on 3797 * flushes to occur. 3798 */ 3799 int 3800 i915_gem_object_set_to_cpu_domain(struct drm_i915_gem_object *obj, bool write) 3801 { 3802 uint32_t old_write_domain, old_read_domains; 3803 int ret; 3804 3805 if (obj->base.write_domain == I915_GEM_DOMAIN_CPU) 3806 return 0; 3807 3808 ret = i915_gem_object_wait_rendering(obj, !write); 3809 if (ret) 3810 return ret; 3811 3812 i915_gem_object_flush_gtt_write_domain(obj); 3813 3814 old_write_domain = obj->base.write_domain; 3815 old_read_domains = obj->base.read_domains; 3816 3817 /* Flush the CPU cache if it's still invalid. */ 3818 if ((obj->base.read_domains & I915_GEM_DOMAIN_CPU) == 0) { 3819 i915_gem_clflush_object(obj, false); 3820 3821 obj->base.read_domains |= I915_GEM_DOMAIN_CPU; 3822 } 3823 3824 /* It should now be out of any other write domains, and we can update 3825 * the domain values for our changes. 3826 */ 3827 BUG_ON((obj->base.write_domain & ~I915_GEM_DOMAIN_CPU) != 0); 3828 3829 /* If we're writing through the CPU, then the GPU read domains will 3830 * need to be invalidated at next use. 3831 */ 3832 if (write) { 3833 obj->base.read_domains = I915_GEM_DOMAIN_CPU; 3834 obj->base.write_domain = I915_GEM_DOMAIN_CPU; 3835 } 3836 3837 trace_i915_gem_object_change_domain(obj, 3838 old_read_domains, 3839 old_write_domain); 3840 3841 return 0; 3842 } 3843 3844 /* Throttle our rendering by waiting until the ring has completed our requests 3845 * emitted over 20 msec ago. 3846 * 3847 * Note that if we were to use the current jiffies each time around the loop, 3848 * we wouldn't escape the function with any frames outstanding if the time to 3849 * render a frame was over 20ms. 3850 * 3851 * This should get us reasonable parallelism between CPU and GPU but also 3852 * relatively low latency when blocking on a particular request to finish. 3853 */ 3854 static int 3855 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file) 3856 { 3857 struct drm_i915_private *dev_priv = dev->dev_private; 3858 struct drm_i915_file_private *file_priv = file->driver_priv; 3859 unsigned long recent_enough = jiffies - msecs_to_jiffies(20); 3860 struct drm_i915_gem_request *request; 3861 struct intel_ring_buffer *ring = NULL; 3862 unsigned reset_counter; 3863 u32 seqno = 0; 3864 int ret; 3865 3866 ret = i915_gem_wait_for_error(&dev_priv->gpu_error); 3867 if (ret) 3868 return ret; 3869 3870 ret = i915_gem_check_wedge(&dev_priv->gpu_error, false); 3871 if (ret) 3872 return ret; 3873 3874 spin_lock(&file_priv->mm.lock); 3875 list_for_each_entry(request, &file_priv->mm.request_list, client_list) { 3876 if (time_after_eq(request->emitted_jiffies, recent_enough)) 3877 break; 3878 3879 ring = request->ring; 3880 seqno = request->seqno; 3881 } 3882 reset_counter = atomic_read(&dev_priv->gpu_error.reset_counter); 3883 spin_unlock(&file_priv->mm.lock); 3884 3885 if (seqno == 0) 3886 return 0; 3887 3888 ret = __wait_seqno(ring, seqno, reset_counter, true, NULL, NULL); 3889 if (ret == 0) 3890 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, 0); 3891 3892 return ret; 3893 } 3894 3895 int 3896 i915_gem_object_pin(struct drm_i915_gem_object *obj, 3897 struct i915_address_space *vm, 3898 uint32_t alignment, 3899 bool map_and_fenceable, 3900 bool nonblocking) 3901 { 3902 struct i915_vma *vma; 3903 int ret; 3904 3905 if (WARN_ON(obj->pin_count == DRM_I915_GEM_OBJECT_MAX_PIN_COUNT)) 3906 return -EBUSY; 3907 3908 WARN_ON(map_and_fenceable && !i915_is_ggtt(vm)); 3909 3910 vma = i915_gem_obj_to_vma(obj, vm); 3911 3912 if (vma) { 3913 if ((alignment && 3914 vma->node.start & (alignment - 1)) || 3915 (map_and_fenceable && !obj->map_and_fenceable)) { 3916 WARN(obj->pin_count, 3917 "bo is already pinned with incorrect alignment:" 3918 " offset=%lx, req.alignment=%x, req.map_and_fenceable=%d," 3919 " obj->map_and_fenceable=%d\n", 3920 i915_gem_obj_offset(obj, vm), alignment, 3921 map_and_fenceable, 3922 obj->map_and_fenceable); 3923 ret = i915_vma_unbind(vma); 3924 if (ret) 3925 return ret; 3926 } 3927 } 3928 3929 if (!i915_gem_obj_bound(obj, vm)) { 3930 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 3931 3932 ret = i915_gem_object_bind_to_vm(obj, vm, alignment, 3933 map_and_fenceable, 3934 nonblocking); 3935 if (ret) 3936 return ret; 3937 3938 if (!dev_priv->mm.aliasing_ppgtt) 3939 i915_gem_gtt_bind_object(obj, obj->cache_level); 3940 } 3941 3942 if (!obj->has_global_gtt_mapping && map_and_fenceable) 3943 i915_gem_gtt_bind_object(obj, obj->cache_level); 3944 3945 obj->pin_count++; 3946 obj->pin_mappable |= map_and_fenceable; 3947 3948 return 0; 3949 } 3950 3951 void 3952 i915_gem_object_unpin(struct drm_i915_gem_object *obj) 3953 { 3954 BUG_ON(obj->pin_count == 0); 3955 BUG_ON(!i915_gem_obj_bound_any(obj)); 3956 3957 if (--obj->pin_count == 0) 3958 obj->pin_mappable = false; 3959 } 3960 3961 int 3962 i915_gem_pin_ioctl(struct drm_device *dev, void *data, 3963 struct drm_file *file) 3964 { 3965 struct drm_i915_gem_pin *args = data; 3966 struct drm_i915_gem_object *obj; 3967 int ret; 3968 3969 ret = i915_mutex_lock_interruptible(dev); 3970 if (ret) 3971 return ret; 3972 3973 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 3974 if (&obj->base == NULL) { 3975 ret = -ENOENT; 3976 goto unlock; 3977 } 3978 3979 if (obj->madv != I915_MADV_WILLNEED) { 3980 DRM_ERROR("Attempting to pin a purgeable buffer\n"); 3981 ret = -EINVAL; 3982 goto out; 3983 } 3984 3985 if (obj->pin_filp != NULL && obj->pin_filp != file) { 3986 DRM_ERROR("Already pinned in i915_gem_pin_ioctl(): %d\n", 3987 args->handle); 3988 ret = -EINVAL; 3989 goto out; 3990 } 3991 3992 if (obj->user_pin_count == ULONG_MAX) { 3993 ret = -EBUSY; 3994 goto out; 3995 } 3996 3997 if (obj->user_pin_count == 0) { 3998 ret = i915_gem_obj_ggtt_pin(obj, args->alignment, true, false); 3999 if (ret) 4000 goto out; 4001 } 4002 4003 obj->user_pin_count++; 4004 obj->pin_filp = file; 4005 4006 args->offset = i915_gem_obj_ggtt_offset(obj); 4007 out: 4008 drm_gem_object_unreference(&obj->base); 4009 unlock: 4010 mutex_unlock(&dev->struct_mutex); 4011 return ret; 4012 } 4013 4014 int 4015 i915_gem_unpin_ioctl(struct drm_device *dev, void *data, 4016 struct drm_file *file) 4017 { 4018 struct drm_i915_gem_pin *args = data; 4019 struct drm_i915_gem_object *obj; 4020 int ret; 4021 4022 ret = i915_mutex_lock_interruptible(dev); 4023 if (ret) 4024 return ret; 4025 4026 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 4027 if (&obj->base == NULL) { 4028 ret = -ENOENT; 4029 goto unlock; 4030 } 4031 4032 if (obj->pin_filp != file) { 4033 DRM_ERROR("Not pinned by caller in i915_gem_pin_ioctl(): %d\n", 4034 args->handle); 4035 ret = -EINVAL; 4036 goto out; 4037 } 4038 obj->user_pin_count--; 4039 if (obj->user_pin_count == 0) { 4040 obj->pin_filp = NULL; 4041 i915_gem_object_unpin(obj); 4042 } 4043 4044 out: 4045 drm_gem_object_unreference(&obj->base); 4046 unlock: 4047 mutex_unlock(&dev->struct_mutex); 4048 return ret; 4049 } 4050 4051 int 4052 i915_gem_busy_ioctl(struct drm_device *dev, void *data, 4053 struct drm_file *file) 4054 { 4055 struct drm_i915_gem_busy *args = data; 4056 struct drm_i915_gem_object *obj; 4057 int ret; 4058 4059 ret = i915_mutex_lock_interruptible(dev); 4060 if (ret) 4061 return ret; 4062 4063 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 4064 if (&obj->base == NULL) { 4065 ret = -ENOENT; 4066 goto unlock; 4067 } 4068 4069 /* Count all active objects as busy, even if they are currently not used 4070 * by the gpu. Users of this interface expect objects to eventually 4071 * become non-busy without any further actions, therefore emit any 4072 * necessary flushes here. 4073 */ 4074 ret = i915_gem_object_flush_active(obj); 4075 4076 args->busy = obj->active; 4077 if (obj->ring) { 4078 BUILD_BUG_ON(I915_NUM_RINGS > 16); 4079 args->busy |= intel_ring_flag(obj->ring) << 16; 4080 } 4081 4082 drm_gem_object_unreference(&obj->base); 4083 unlock: 4084 mutex_unlock(&dev->struct_mutex); 4085 return ret; 4086 } 4087 4088 int 4089 i915_gem_throttle_ioctl(struct drm_device *dev, void *data, 4090 struct drm_file *file_priv) 4091 { 4092 return i915_gem_ring_throttle(dev, file_priv); 4093 } 4094 4095 int 4096 i915_gem_madvise_ioctl(struct drm_device *dev, void *data, 4097 struct drm_file *file_priv) 4098 { 4099 struct drm_i915_gem_madvise *args = data; 4100 struct drm_i915_gem_object *obj; 4101 int ret; 4102 4103 switch (args->madv) { 4104 case I915_MADV_DONTNEED: 4105 case I915_MADV_WILLNEED: 4106 break; 4107 default: 4108 return -EINVAL; 4109 } 4110 4111 ret = i915_mutex_lock_interruptible(dev); 4112 if (ret) 4113 return ret; 4114 4115 obj = to_intel_bo(drm_gem_object_lookup(dev, file_priv, args->handle)); 4116 if (&obj->base == NULL) { 4117 ret = -ENOENT; 4118 goto unlock; 4119 } 4120 4121 if (obj->pin_count) { 4122 ret = -EINVAL; 4123 goto out; 4124 } 4125 4126 if (obj->madv != __I915_MADV_PURGED) 4127 obj->madv = args->madv; 4128 4129 /* if the object is no longer attached, discard its backing storage */ 4130 if (i915_gem_object_is_purgeable(obj) && obj->pages == NULL) 4131 i915_gem_object_truncate(obj); 4132 4133 args->retained = obj->madv != __I915_MADV_PURGED; 4134 4135 out: 4136 drm_gem_object_unreference(&obj->base); 4137 unlock: 4138 mutex_unlock(&dev->struct_mutex); 4139 return ret; 4140 } 4141 4142 void i915_gem_object_init(struct drm_i915_gem_object *obj, 4143 const struct drm_i915_gem_object_ops *ops) 4144 { 4145 INIT_LIST_HEAD(&obj->global_list); 4146 INIT_LIST_HEAD(&obj->ring_list); 4147 INIT_LIST_HEAD(&obj->obj_exec_link); 4148 INIT_LIST_HEAD(&obj->vma_list); 4149 4150 obj->ops = ops; 4151 4152 obj->fence_reg = I915_FENCE_REG_NONE; 4153 obj->madv = I915_MADV_WILLNEED; 4154 /* Avoid an unnecessary call to unbind on the first bind. */ 4155 obj->map_and_fenceable = true; 4156 4157 i915_gem_info_add_obj(obj->base.dev->dev_private, obj->base.size); 4158 } 4159 4160 static const struct drm_i915_gem_object_ops i915_gem_object_ops = { 4161 .get_pages = i915_gem_object_get_pages_gtt, 4162 .put_pages = i915_gem_object_put_pages_gtt, 4163 }; 4164 4165 struct drm_i915_gem_object *i915_gem_alloc_object(struct drm_device *dev, 4166 size_t size) 4167 { 4168 struct drm_i915_gem_object *obj; 4169 struct address_space *mapping; 4170 gfp_t mask; 4171 4172 obj = i915_gem_object_alloc(dev); 4173 if (obj == NULL) 4174 return NULL; 4175 4176 if (drm_gem_object_init(dev, &obj->base, size) != 0) { 4177 i915_gem_object_free(obj); 4178 return NULL; 4179 } 4180 4181 mask = GFP_HIGHUSER | __GFP_RECLAIMABLE; 4182 if (IS_CRESTLINE(dev) || IS_BROADWATER(dev)) { 4183 /* 965gm cannot relocate objects above 4GiB. */ 4184 mask &= ~__GFP_HIGHMEM; 4185 mask |= __GFP_DMA32; 4186 } 4187 4188 mapping = file_inode(obj->base.filp)->i_mapping; 4189 mapping_set_gfp_mask(mapping, mask); 4190 4191 i915_gem_object_init(obj, &i915_gem_object_ops); 4192 4193 obj->base.write_domain = I915_GEM_DOMAIN_CPU; 4194 obj->base.read_domains = I915_GEM_DOMAIN_CPU; 4195 4196 if (HAS_LLC(dev)) { 4197 /* On some devices, we can have the GPU use the LLC (the CPU 4198 * cache) for about a 10% performance improvement 4199 * compared to uncached. Graphics requests other than 4200 * display scanout are coherent with the CPU in 4201 * accessing this cache. This means in this mode we 4202 * don't need to clflush on the CPU side, and on the 4203 * GPU side we only need to flush internal caches to 4204 * get data visible to the CPU. 4205 * 4206 * However, we maintain the display planes as UC, and so 4207 * need to rebind when first used as such. 4208 */ 4209 obj->cache_level = I915_CACHE_LLC; 4210 } else 4211 obj->cache_level = I915_CACHE_NONE; 4212 4213 trace_i915_gem_object_create(obj); 4214 4215 return obj; 4216 } 4217 4218 void i915_gem_free_object(struct drm_gem_object *gem_obj) 4219 { 4220 struct drm_i915_gem_object *obj = to_intel_bo(gem_obj); 4221 struct drm_device *dev = obj->base.dev; 4222 drm_i915_private_t *dev_priv = dev->dev_private; 4223 struct i915_vma *vma, *next; 4224 4225 intel_runtime_pm_get(dev_priv); 4226 4227 trace_i915_gem_object_destroy(obj); 4228 4229 if (obj->phys_obj) 4230 i915_gem_detach_phys_object(dev, obj); 4231 4232 obj->pin_count = 0; 4233 /* NB: 0 or 1 elements */ 4234 WARN_ON(!list_empty(&obj->vma_list) && 4235 !list_is_singular(&obj->vma_list)); 4236 list_for_each_entry_safe(vma, next, &obj->vma_list, vma_link) { 4237 int ret = i915_vma_unbind(vma); 4238 if (WARN_ON(ret == -ERESTARTSYS)) { 4239 bool was_interruptible; 4240 4241 was_interruptible = dev_priv->mm.interruptible; 4242 dev_priv->mm.interruptible = false; 4243 4244 WARN_ON(i915_vma_unbind(vma)); 4245 4246 dev_priv->mm.interruptible = was_interruptible; 4247 } 4248 } 4249 4250 /* Stolen objects don't hold a ref, but do hold pin count. Fix that up 4251 * before progressing. */ 4252 if (obj->stolen) 4253 i915_gem_object_unpin_pages(obj); 4254 4255 if (WARN_ON(obj->pages_pin_count)) 4256 obj->pages_pin_count = 0; 4257 i915_gem_object_put_pages(obj); 4258 i915_gem_object_free_mmap_offset(obj); 4259 i915_gem_object_release_stolen(obj); 4260 4261 BUG_ON(obj->pages); 4262 4263 if (obj->base.import_attach) 4264 drm_prime_gem_destroy(&obj->base, NULL); 4265 4266 drm_gem_object_release(&obj->base); 4267 i915_gem_info_remove_obj(dev_priv, obj->base.size); 4268 4269 kfree(obj->bit_17); 4270 i915_gem_object_free(obj); 4271 4272 intel_runtime_pm_put(dev_priv); 4273 } 4274 4275 struct i915_vma *i915_gem_obj_to_vma(struct drm_i915_gem_object *obj, 4276 struct i915_address_space *vm) 4277 { 4278 struct i915_vma *vma; 4279 list_for_each_entry(vma, &obj->vma_list, vma_link) 4280 if (vma->vm == vm) 4281 return vma; 4282 4283 return NULL; 4284 } 4285 4286 static struct i915_vma *__i915_gem_vma_create(struct drm_i915_gem_object *obj, 4287 struct i915_address_space *vm) 4288 { 4289 struct i915_vma *vma = kzalloc(sizeof(*vma), GFP_KERNEL); 4290 if (vma == NULL) 4291 return ERR_PTR(-ENOMEM); 4292 4293 INIT_LIST_HEAD(&vma->vma_link); 4294 INIT_LIST_HEAD(&vma->mm_list); 4295 INIT_LIST_HEAD(&vma->exec_list); 4296 vma->vm = vm; 4297 vma->obj = obj; 4298 4299 /* Keep GGTT vmas first to make debug easier */ 4300 if (i915_is_ggtt(vm)) 4301 list_add(&vma->vma_link, &obj->vma_list); 4302 else 4303 list_add_tail(&vma->vma_link, &obj->vma_list); 4304 4305 return vma; 4306 } 4307 4308 struct i915_vma * 4309 i915_gem_obj_lookup_or_create_vma(struct drm_i915_gem_object *obj, 4310 struct i915_address_space *vm) 4311 { 4312 struct i915_vma *vma; 4313 4314 vma = i915_gem_obj_to_vma(obj, vm); 4315 if (!vma) 4316 vma = __i915_gem_vma_create(obj, vm); 4317 4318 return vma; 4319 } 4320 4321 void i915_gem_vma_destroy(struct i915_vma *vma) 4322 { 4323 WARN_ON(vma->node.allocated); 4324 4325 /* Keep the vma as a placeholder in the execbuffer reservation lists */ 4326 if (!list_empty(&vma->exec_list)) 4327 return; 4328 4329 list_del(&vma->vma_link); 4330 4331 kfree(vma); 4332 } 4333 4334 int 4335 i915_gem_suspend(struct drm_device *dev) 4336 { 4337 drm_i915_private_t *dev_priv = dev->dev_private; 4338 int ret = 0; 4339 4340 mutex_lock(&dev->struct_mutex); 4341 if (dev_priv->ums.mm_suspended) 4342 goto err; 4343 4344 ret = i915_gpu_idle(dev); 4345 if (ret) 4346 goto err; 4347 4348 i915_gem_retire_requests(dev); 4349 4350 /* Under UMS, be paranoid and evict. */ 4351 if (!drm_core_check_feature(dev, DRIVER_MODESET)) 4352 i915_gem_evict_everything(dev); 4353 4354 i915_kernel_lost_context(dev); 4355 i915_gem_cleanup_ringbuffer(dev); 4356 4357 /* Hack! Don't let anybody do execbuf while we don't control the chip. 4358 * We need to replace this with a semaphore, or something. 4359 * And not confound ums.mm_suspended! 4360 */ 4361 dev_priv->ums.mm_suspended = !drm_core_check_feature(dev, 4362 DRIVER_MODESET); 4363 mutex_unlock(&dev->struct_mutex); 4364 4365 del_timer_sync(&dev_priv->gpu_error.hangcheck_timer); 4366 cancel_delayed_work_sync(&dev_priv->mm.retire_work); 4367 cancel_delayed_work_sync(&dev_priv->mm.idle_work); 4368 4369 return 0; 4370 4371 err: 4372 mutex_unlock(&dev->struct_mutex); 4373 return ret; 4374 } 4375 4376 int i915_gem_l3_remap(struct intel_ring_buffer *ring, int slice) 4377 { 4378 struct drm_device *dev = ring->dev; 4379 drm_i915_private_t *dev_priv = dev->dev_private; 4380 u32 reg_base = GEN7_L3LOG_BASE + (slice * 0x200); 4381 u32 *remap_info = dev_priv->l3_parity.remap_info[slice]; 4382 int i, ret; 4383 4384 if (!HAS_L3_DPF(dev) || !remap_info) 4385 return 0; 4386 4387 ret = intel_ring_begin(ring, GEN7_L3LOG_SIZE / 4 * 3); 4388 if (ret) 4389 return ret; 4390 4391 /* 4392 * Note: We do not worry about the concurrent register cacheline hang 4393 * here because no other code should access these registers other than 4394 * at initialization time. 4395 */ 4396 for (i = 0; i < GEN7_L3LOG_SIZE; i += 4) { 4397 intel_ring_emit(ring, MI_LOAD_REGISTER_IMM(1)); 4398 intel_ring_emit(ring, reg_base + i); 4399 intel_ring_emit(ring, remap_info[i/4]); 4400 } 4401 4402 intel_ring_advance(ring); 4403 4404 return ret; 4405 } 4406 4407 void i915_gem_init_swizzling(struct drm_device *dev) 4408 { 4409 drm_i915_private_t *dev_priv = dev->dev_private; 4410 4411 if (INTEL_INFO(dev)->gen < 5 || 4412 dev_priv->mm.bit_6_swizzle_x == I915_BIT_6_SWIZZLE_NONE) 4413 return; 4414 4415 I915_WRITE(DISP_ARB_CTL, I915_READ(DISP_ARB_CTL) | 4416 DISP_TILE_SURFACE_SWIZZLING); 4417 4418 if (IS_GEN5(dev)) 4419 return; 4420 4421 I915_WRITE(TILECTL, I915_READ(TILECTL) | TILECTL_SWZCTL); 4422 if (IS_GEN6(dev)) 4423 I915_WRITE(ARB_MODE, _MASKED_BIT_ENABLE(ARB_MODE_SWIZZLE_SNB)); 4424 else if (IS_GEN7(dev)) 4425 I915_WRITE(ARB_MODE, _MASKED_BIT_ENABLE(ARB_MODE_SWIZZLE_IVB)); 4426 else if (IS_GEN8(dev)) 4427 I915_WRITE(GAMTARBMODE, _MASKED_BIT_ENABLE(ARB_MODE_SWIZZLE_BDW)); 4428 else 4429 BUG(); 4430 } 4431 4432 static bool 4433 intel_enable_blt(struct drm_device *dev) 4434 { 4435 if (!HAS_BLT(dev)) 4436 return false; 4437 4438 /* The blitter was dysfunctional on early prototypes */ 4439 if (IS_GEN6(dev) && dev->pdev->revision < 8) { 4440 DRM_INFO("BLT not supported on this pre-production hardware;" 4441 " graphics performance will be degraded.\n"); 4442 return false; 4443 } 4444 4445 return true; 4446 } 4447 4448 static int i915_gem_init_rings(struct drm_device *dev) 4449 { 4450 struct drm_i915_private *dev_priv = dev->dev_private; 4451 int ret; 4452 4453 ret = intel_init_render_ring_buffer(dev); 4454 if (ret) 4455 return ret; 4456 4457 if (HAS_BSD(dev)) { 4458 ret = intel_init_bsd_ring_buffer(dev); 4459 if (ret) 4460 goto cleanup_render_ring; 4461 } 4462 4463 if (intel_enable_blt(dev)) { 4464 ret = intel_init_blt_ring_buffer(dev); 4465 if (ret) 4466 goto cleanup_bsd_ring; 4467 } 4468 4469 if (HAS_VEBOX(dev)) { 4470 ret = intel_init_vebox_ring_buffer(dev); 4471 if (ret) 4472 goto cleanup_blt_ring; 4473 } 4474 4475 4476 ret = i915_gem_set_seqno(dev, ((u32)~0 - 0x1000)); 4477 if (ret) 4478 goto cleanup_vebox_ring; 4479 4480 return 0; 4481 4482 cleanup_vebox_ring: 4483 intel_cleanup_ring_buffer(&dev_priv->ring[VECS]); 4484 cleanup_blt_ring: 4485 intel_cleanup_ring_buffer(&dev_priv->ring[BCS]); 4486 cleanup_bsd_ring: 4487 intel_cleanup_ring_buffer(&dev_priv->ring[VCS]); 4488 cleanup_render_ring: 4489 intel_cleanup_ring_buffer(&dev_priv->ring[RCS]); 4490 4491 return ret; 4492 } 4493 4494 int 4495 i915_gem_init_hw(struct drm_device *dev) 4496 { 4497 drm_i915_private_t *dev_priv = dev->dev_private; 4498 int ret, i; 4499 4500 if (INTEL_INFO(dev)->gen < 6 && !intel_enable_gtt()) 4501 return -EIO; 4502 4503 if (dev_priv->ellc_size) 4504 I915_WRITE(HSW_IDICR, I915_READ(HSW_IDICR) | IDIHASHMSK(0xf)); 4505 4506 if (IS_HASWELL(dev)) 4507 I915_WRITE(MI_PREDICATE_RESULT_2, IS_HSW_GT3(dev) ? 4508 LOWER_SLICE_ENABLED : LOWER_SLICE_DISABLED); 4509 4510 if (HAS_PCH_NOP(dev)) { 4511 u32 temp = I915_READ(GEN7_MSG_CTL); 4512 temp &= ~(WAIT_FOR_PCH_FLR_ACK | WAIT_FOR_PCH_RESET_ACK); 4513 I915_WRITE(GEN7_MSG_CTL, temp); 4514 } 4515 4516 i915_gem_init_swizzling(dev); 4517 4518 ret = i915_gem_init_rings(dev); 4519 if (ret) 4520 return ret; 4521 4522 for (i = 0; i < NUM_L3_SLICES(dev); i++) 4523 i915_gem_l3_remap(&dev_priv->ring[RCS], i); 4524 4525 /* 4526 * XXX: There was some w/a described somewhere suggesting loading 4527 * contexts before PPGTT. 4528 */ 4529 ret = i915_gem_context_init(dev); 4530 if (ret) { 4531 i915_gem_cleanup_ringbuffer(dev); 4532 DRM_ERROR("Context initialization failed %d\n", ret); 4533 return ret; 4534 } 4535 4536 if (dev_priv->mm.aliasing_ppgtt) { 4537 ret = dev_priv->mm.aliasing_ppgtt->enable(dev); 4538 if (ret) { 4539 i915_gem_cleanup_aliasing_ppgtt(dev); 4540 DRM_INFO("PPGTT enable failed. This is not fatal, but unexpected\n"); 4541 } 4542 } 4543 4544 return 0; 4545 } 4546 4547 int i915_gem_init(struct drm_device *dev) 4548 { 4549 struct drm_i915_private *dev_priv = dev->dev_private; 4550 int ret; 4551 4552 mutex_lock(&dev->struct_mutex); 4553 4554 if (IS_VALLEYVIEW(dev)) { 4555 /* VLVA0 (potential hack), BIOS isn't actually waking us */ 4556 I915_WRITE(VLV_GTLC_WAKE_CTRL, 1); 4557 if (wait_for((I915_READ(VLV_GTLC_PW_STATUS) & 1) == 1, 10)) 4558 DRM_DEBUG_DRIVER("allow wake ack timed out\n"); 4559 } 4560 4561 i915_gem_init_global_gtt(dev); 4562 4563 ret = i915_gem_init_hw(dev); 4564 mutex_unlock(&dev->struct_mutex); 4565 if (ret) { 4566 i915_gem_cleanup_aliasing_ppgtt(dev); 4567 return ret; 4568 } 4569 4570 /* Allow hardware batchbuffers unless told otherwise, but not for KMS. */ 4571 if (!drm_core_check_feature(dev, DRIVER_MODESET)) 4572 dev_priv->dri1.allow_batchbuffer = 1; 4573 return 0; 4574 } 4575 4576 void 4577 i915_gem_cleanup_ringbuffer(struct drm_device *dev) 4578 { 4579 drm_i915_private_t *dev_priv = dev->dev_private; 4580 struct intel_ring_buffer *ring; 4581 int i; 4582 4583 for_each_ring(ring, dev_priv, i) 4584 intel_cleanup_ring_buffer(ring); 4585 } 4586 4587 int 4588 i915_gem_entervt_ioctl(struct drm_device *dev, void *data, 4589 struct drm_file *file_priv) 4590 { 4591 struct drm_i915_private *dev_priv = dev->dev_private; 4592 int ret; 4593 4594 if (drm_core_check_feature(dev, DRIVER_MODESET)) 4595 return 0; 4596 4597 if (i915_reset_in_progress(&dev_priv->gpu_error)) { 4598 DRM_ERROR("Reenabling wedged hardware, good luck\n"); 4599 atomic_set(&dev_priv->gpu_error.reset_counter, 0); 4600 } 4601 4602 mutex_lock(&dev->struct_mutex); 4603 dev_priv->ums.mm_suspended = 0; 4604 4605 ret = i915_gem_init_hw(dev); 4606 if (ret != 0) { 4607 mutex_unlock(&dev->struct_mutex); 4608 return ret; 4609 } 4610 4611 BUG_ON(!list_empty(&dev_priv->gtt.base.active_list)); 4612 mutex_unlock(&dev->struct_mutex); 4613 4614 ret = drm_irq_install(dev); 4615 if (ret) 4616 goto cleanup_ringbuffer; 4617 4618 return 0; 4619 4620 cleanup_ringbuffer: 4621 mutex_lock(&dev->struct_mutex); 4622 i915_gem_cleanup_ringbuffer(dev); 4623 dev_priv->ums.mm_suspended = 1; 4624 mutex_unlock(&dev->struct_mutex); 4625 4626 return ret; 4627 } 4628 4629 int 4630 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data, 4631 struct drm_file *file_priv) 4632 { 4633 if (drm_core_check_feature(dev, DRIVER_MODESET)) 4634 return 0; 4635 4636 drm_irq_uninstall(dev); 4637 4638 return i915_gem_suspend(dev); 4639 } 4640 4641 void 4642 i915_gem_lastclose(struct drm_device *dev) 4643 { 4644 int ret; 4645 4646 if (drm_core_check_feature(dev, DRIVER_MODESET)) 4647 return; 4648 4649 ret = i915_gem_suspend(dev); 4650 if (ret) 4651 DRM_ERROR("failed to idle hardware: %d\n", ret); 4652 } 4653 4654 static void 4655 init_ring_lists(struct intel_ring_buffer *ring) 4656 { 4657 INIT_LIST_HEAD(&ring->active_list); 4658 INIT_LIST_HEAD(&ring->request_list); 4659 } 4660 4661 static void i915_init_vm(struct drm_i915_private *dev_priv, 4662 struct i915_address_space *vm) 4663 { 4664 vm->dev = dev_priv->dev; 4665 INIT_LIST_HEAD(&vm->active_list); 4666 INIT_LIST_HEAD(&vm->inactive_list); 4667 INIT_LIST_HEAD(&vm->global_link); 4668 list_add(&vm->global_link, &dev_priv->vm_list); 4669 } 4670 4671 void 4672 i915_gem_load(struct drm_device *dev) 4673 { 4674 drm_i915_private_t *dev_priv = dev->dev_private; 4675 int i; 4676 4677 dev_priv->slab = 4678 kmem_cache_create("i915_gem_object", 4679 sizeof(struct drm_i915_gem_object), 0, 4680 SLAB_HWCACHE_ALIGN, 4681 NULL); 4682 4683 INIT_LIST_HEAD(&dev_priv->vm_list); 4684 i915_init_vm(dev_priv, &dev_priv->gtt.base); 4685 4686 INIT_LIST_HEAD(&dev_priv->context_list); 4687 INIT_LIST_HEAD(&dev_priv->mm.unbound_list); 4688 INIT_LIST_HEAD(&dev_priv->mm.bound_list); 4689 INIT_LIST_HEAD(&dev_priv->mm.fence_list); 4690 for (i = 0; i < I915_NUM_RINGS; i++) 4691 init_ring_lists(&dev_priv->ring[i]); 4692 for (i = 0; i < I915_MAX_NUM_FENCES; i++) 4693 INIT_LIST_HEAD(&dev_priv->fence_regs[i].lru_list); 4694 INIT_DELAYED_WORK(&dev_priv->mm.retire_work, 4695 i915_gem_retire_work_handler); 4696 INIT_DELAYED_WORK(&dev_priv->mm.idle_work, 4697 i915_gem_idle_work_handler); 4698 init_waitqueue_head(&dev_priv->gpu_error.reset_queue); 4699 4700 /* On GEN3 we really need to make sure the ARB C3 LP bit is set */ 4701 if (IS_GEN3(dev)) { 4702 I915_WRITE(MI_ARB_STATE, 4703 _MASKED_BIT_ENABLE(MI_ARB_C3_LP_WRITE_ENABLE)); 4704 } 4705 4706 dev_priv->relative_constants_mode = I915_EXEC_CONSTANTS_REL_GENERAL; 4707 4708 /* Old X drivers will take 0-2 for front, back, depth buffers */ 4709 if (!drm_core_check_feature(dev, DRIVER_MODESET)) 4710 dev_priv->fence_reg_start = 3; 4711 4712 if (INTEL_INFO(dev)->gen >= 7 && !IS_VALLEYVIEW(dev)) 4713 dev_priv->num_fence_regs = 32; 4714 else if (INTEL_INFO(dev)->gen >= 4 || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev)) 4715 dev_priv->num_fence_regs = 16; 4716 else 4717 dev_priv->num_fence_regs = 8; 4718 4719 /* Initialize fence registers to zero */ 4720 INIT_LIST_HEAD(&dev_priv->mm.fence_list); 4721 i915_gem_restore_fences(dev); 4722 4723 i915_gem_detect_bit_6_swizzle(dev); 4724 init_waitqueue_head(&dev_priv->pending_flip_queue); 4725 4726 dev_priv->mm.interruptible = true; 4727 4728 dev_priv->mm.inactive_shrinker.scan_objects = i915_gem_inactive_scan; 4729 dev_priv->mm.inactive_shrinker.count_objects = i915_gem_inactive_count; 4730 dev_priv->mm.inactive_shrinker.seeks = DEFAULT_SEEKS; 4731 register_shrinker(&dev_priv->mm.inactive_shrinker); 4732 } 4733 4734 /* 4735 * Create a physically contiguous memory object for this object 4736 * e.g. for cursor + overlay regs 4737 */ 4738 static int i915_gem_init_phys_object(struct drm_device *dev, 4739 int id, int size, int align) 4740 { 4741 drm_i915_private_t *dev_priv = dev->dev_private; 4742 struct drm_i915_gem_phys_object *phys_obj; 4743 int ret; 4744 4745 if (dev_priv->mm.phys_objs[id - 1] || !size) 4746 return 0; 4747 4748 phys_obj = kzalloc(sizeof(*phys_obj), GFP_KERNEL); 4749 if (!phys_obj) 4750 return -ENOMEM; 4751 4752 phys_obj->id = id; 4753 4754 phys_obj->handle = drm_pci_alloc(dev, size, align); 4755 if (!phys_obj->handle) { 4756 ret = -ENOMEM; 4757 goto kfree_obj; 4758 } 4759 #ifdef CONFIG_X86 4760 set_memory_wc((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE); 4761 #endif 4762 4763 dev_priv->mm.phys_objs[id - 1] = phys_obj; 4764 4765 return 0; 4766 kfree_obj: 4767 kfree(phys_obj); 4768 return ret; 4769 } 4770 4771 static void i915_gem_free_phys_object(struct drm_device *dev, int id) 4772 { 4773 drm_i915_private_t *dev_priv = dev->dev_private; 4774 struct drm_i915_gem_phys_object *phys_obj; 4775 4776 if (!dev_priv->mm.phys_objs[id - 1]) 4777 return; 4778 4779 phys_obj = dev_priv->mm.phys_objs[id - 1]; 4780 if (phys_obj->cur_obj) { 4781 i915_gem_detach_phys_object(dev, phys_obj->cur_obj); 4782 } 4783 4784 #ifdef CONFIG_X86 4785 set_memory_wb((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE); 4786 #endif 4787 drm_pci_free(dev, phys_obj->handle); 4788 kfree(phys_obj); 4789 dev_priv->mm.phys_objs[id - 1] = NULL; 4790 } 4791 4792 void i915_gem_free_all_phys_object(struct drm_device *dev) 4793 { 4794 int i; 4795 4796 for (i = I915_GEM_PHYS_CURSOR_0; i <= I915_MAX_PHYS_OBJECT; i++) 4797 i915_gem_free_phys_object(dev, i); 4798 } 4799 4800 void i915_gem_detach_phys_object(struct drm_device *dev, 4801 struct drm_i915_gem_object *obj) 4802 { 4803 struct address_space *mapping = file_inode(obj->base.filp)->i_mapping; 4804 char *vaddr; 4805 int i; 4806 int page_count; 4807 4808 if (!obj->phys_obj) 4809 return; 4810 vaddr = obj->phys_obj->handle->vaddr; 4811 4812 page_count = obj->base.size / PAGE_SIZE; 4813 for (i = 0; i < page_count; i++) { 4814 struct page *page = shmem_read_mapping_page(mapping, i); 4815 if (!IS_ERR(page)) { 4816 char *dst = kmap_atomic(page); 4817 memcpy(dst, vaddr + i*PAGE_SIZE, PAGE_SIZE); 4818 kunmap_atomic(dst); 4819 4820 drm_clflush_pages(&page, 1); 4821 4822 set_page_dirty(page); 4823 mark_page_accessed(page); 4824 page_cache_release(page); 4825 } 4826 } 4827 i915_gem_chipset_flush(dev); 4828 4829 obj->phys_obj->cur_obj = NULL; 4830 obj->phys_obj = NULL; 4831 } 4832 4833 int 4834 i915_gem_attach_phys_object(struct drm_device *dev, 4835 struct drm_i915_gem_object *obj, 4836 int id, 4837 int align) 4838 { 4839 struct address_space *mapping = file_inode(obj->base.filp)->i_mapping; 4840 drm_i915_private_t *dev_priv = dev->dev_private; 4841 int ret = 0; 4842 int page_count; 4843 int i; 4844 4845 if (id > I915_MAX_PHYS_OBJECT) 4846 return -EINVAL; 4847 4848 if (obj->phys_obj) { 4849 if (obj->phys_obj->id == id) 4850 return 0; 4851 i915_gem_detach_phys_object(dev, obj); 4852 } 4853 4854 /* create a new object */ 4855 if (!dev_priv->mm.phys_objs[id - 1]) { 4856 ret = i915_gem_init_phys_object(dev, id, 4857 obj->base.size, align); 4858 if (ret) { 4859 DRM_ERROR("failed to init phys object %d size: %zu\n", 4860 id, obj->base.size); 4861 return ret; 4862 } 4863 } 4864 4865 /* bind to the object */ 4866 obj->phys_obj = dev_priv->mm.phys_objs[id - 1]; 4867 obj->phys_obj->cur_obj = obj; 4868 4869 page_count = obj->base.size / PAGE_SIZE; 4870 4871 for (i = 0; i < page_count; i++) { 4872 struct page *page; 4873 char *dst, *src; 4874 4875 page = shmem_read_mapping_page(mapping, i); 4876 if (IS_ERR(page)) 4877 return PTR_ERR(page); 4878 4879 src = kmap_atomic(page); 4880 dst = obj->phys_obj->handle->vaddr + (i * PAGE_SIZE); 4881 memcpy(dst, src, PAGE_SIZE); 4882 kunmap_atomic(src); 4883 4884 mark_page_accessed(page); 4885 page_cache_release(page); 4886 } 4887 4888 return 0; 4889 } 4890 4891 static int 4892 i915_gem_phys_pwrite(struct drm_device *dev, 4893 struct drm_i915_gem_object *obj, 4894 struct drm_i915_gem_pwrite *args, 4895 struct drm_file *file_priv) 4896 { 4897 void *vaddr = obj->phys_obj->handle->vaddr + args->offset; 4898 char __user *user_data = to_user_ptr(args->data_ptr); 4899 4900 if (__copy_from_user_inatomic_nocache(vaddr, user_data, args->size)) { 4901 unsigned long unwritten; 4902 4903 /* The physical object once assigned is fixed for the lifetime 4904 * of the obj, so we can safely drop the lock and continue 4905 * to access vaddr. 4906 */ 4907 mutex_unlock(&dev->struct_mutex); 4908 unwritten = copy_from_user(vaddr, user_data, args->size); 4909 mutex_lock(&dev->struct_mutex); 4910 if (unwritten) 4911 return -EFAULT; 4912 } 4913 4914 i915_gem_chipset_flush(dev); 4915 return 0; 4916 } 4917 4918 void i915_gem_release(struct drm_device *dev, struct drm_file *file) 4919 { 4920 struct drm_i915_file_private *file_priv = file->driver_priv; 4921 4922 cancel_delayed_work_sync(&file_priv->mm.idle_work); 4923 4924 /* Clean up our request list when the client is going away, so that 4925 * later retire_requests won't dereference our soon-to-be-gone 4926 * file_priv. 4927 */ 4928 spin_lock(&file_priv->mm.lock); 4929 while (!list_empty(&file_priv->mm.request_list)) { 4930 struct drm_i915_gem_request *request; 4931 4932 request = list_first_entry(&file_priv->mm.request_list, 4933 struct drm_i915_gem_request, 4934 client_list); 4935 list_del(&request->client_list); 4936 request->file_priv = NULL; 4937 } 4938 spin_unlock(&file_priv->mm.lock); 4939 } 4940 4941 static void 4942 i915_gem_file_idle_work_handler(struct work_struct *work) 4943 { 4944 struct drm_i915_file_private *file_priv = 4945 container_of(work, typeof(*file_priv), mm.idle_work.work); 4946 4947 atomic_set(&file_priv->rps_wait_boost, false); 4948 } 4949 4950 int i915_gem_open(struct drm_device *dev, struct drm_file *file) 4951 { 4952 struct drm_i915_file_private *file_priv; 4953 4954 DRM_DEBUG_DRIVER("\n"); 4955 4956 file_priv = kzalloc(sizeof(*file_priv), GFP_KERNEL); 4957 if (!file_priv) 4958 return -ENOMEM; 4959 4960 file->driver_priv = file_priv; 4961 file_priv->dev_priv = dev->dev_private; 4962 4963 spin_lock_init(&file_priv->mm.lock); 4964 INIT_LIST_HEAD(&file_priv->mm.request_list); 4965 INIT_DELAYED_WORK(&file_priv->mm.idle_work, 4966 i915_gem_file_idle_work_handler); 4967 4968 idr_init(&file_priv->context_idr); 4969 4970 return 0; 4971 } 4972 4973 static bool mutex_is_locked_by(struct mutex *mutex, struct task_struct *task) 4974 { 4975 if (!mutex_is_locked(mutex)) 4976 return false; 4977 4978 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_MUTEXES) 4979 return mutex->owner == task; 4980 #else 4981 /* Since UP may be pre-empted, we cannot assume that we own the lock */ 4982 return false; 4983 #endif 4984 } 4985 4986 static unsigned long 4987 i915_gem_inactive_count(struct shrinker *shrinker, struct shrink_control *sc) 4988 { 4989 struct drm_i915_private *dev_priv = 4990 container_of(shrinker, 4991 struct drm_i915_private, 4992 mm.inactive_shrinker); 4993 struct drm_device *dev = dev_priv->dev; 4994 struct drm_i915_gem_object *obj; 4995 bool unlock = true; 4996 unsigned long count; 4997 4998 if (!mutex_trylock(&dev->struct_mutex)) { 4999 if (!mutex_is_locked_by(&dev->struct_mutex, current)) 5000 return 0; 5001 5002 if (dev_priv->mm.shrinker_no_lock_stealing) 5003 return 0; 5004 5005 unlock = false; 5006 } 5007 5008 count = 0; 5009 list_for_each_entry(obj, &dev_priv->mm.unbound_list, global_list) 5010 if (obj->pages_pin_count == 0) 5011 count += obj->base.size >> PAGE_SHIFT; 5012 5013 list_for_each_entry(obj, &dev_priv->mm.bound_list, global_list) { 5014 if (obj->active) 5015 continue; 5016 5017 if (obj->pin_count == 0 && obj->pages_pin_count == 0) 5018 count += obj->base.size >> PAGE_SHIFT; 5019 } 5020 5021 if (unlock) 5022 mutex_unlock(&dev->struct_mutex); 5023 5024 return count; 5025 } 5026 5027 /* All the new VM stuff */ 5028 unsigned long i915_gem_obj_offset(struct drm_i915_gem_object *o, 5029 struct i915_address_space *vm) 5030 { 5031 struct drm_i915_private *dev_priv = o->base.dev->dev_private; 5032 struct i915_vma *vma; 5033 5034 if (vm == &dev_priv->mm.aliasing_ppgtt->base) 5035 vm = &dev_priv->gtt.base; 5036 5037 BUG_ON(list_empty(&o->vma_list)); 5038 list_for_each_entry(vma, &o->vma_list, vma_link) { 5039 if (vma->vm == vm) 5040 return vma->node.start; 5041 5042 } 5043 return -1; 5044 } 5045 5046 bool i915_gem_obj_bound(struct drm_i915_gem_object *o, 5047 struct i915_address_space *vm) 5048 { 5049 struct i915_vma *vma; 5050 5051 list_for_each_entry(vma, &o->vma_list, vma_link) 5052 if (vma->vm == vm && drm_mm_node_allocated(&vma->node)) 5053 return true; 5054 5055 return false; 5056 } 5057 5058 bool i915_gem_obj_bound_any(struct drm_i915_gem_object *o) 5059 { 5060 struct i915_vma *vma; 5061 5062 list_for_each_entry(vma, &o->vma_list, vma_link) 5063 if (drm_mm_node_allocated(&vma->node)) 5064 return true; 5065 5066 return false; 5067 } 5068 5069 unsigned long i915_gem_obj_size(struct drm_i915_gem_object *o, 5070 struct i915_address_space *vm) 5071 { 5072 struct drm_i915_private *dev_priv = o->base.dev->dev_private; 5073 struct i915_vma *vma; 5074 5075 if (vm == &dev_priv->mm.aliasing_ppgtt->base) 5076 vm = &dev_priv->gtt.base; 5077 5078 BUG_ON(list_empty(&o->vma_list)); 5079 5080 list_for_each_entry(vma, &o->vma_list, vma_link) 5081 if (vma->vm == vm) 5082 return vma->node.size; 5083 5084 return 0; 5085 } 5086 5087 static unsigned long 5088 i915_gem_inactive_scan(struct shrinker *shrinker, struct shrink_control *sc) 5089 { 5090 struct drm_i915_private *dev_priv = 5091 container_of(shrinker, 5092 struct drm_i915_private, 5093 mm.inactive_shrinker); 5094 struct drm_device *dev = dev_priv->dev; 5095 unsigned long freed; 5096 bool unlock = true; 5097 5098 if (!mutex_trylock(&dev->struct_mutex)) { 5099 if (!mutex_is_locked_by(&dev->struct_mutex, current)) 5100 return SHRINK_STOP; 5101 5102 if (dev_priv->mm.shrinker_no_lock_stealing) 5103 return SHRINK_STOP; 5104 5105 unlock = false; 5106 } 5107 5108 freed = i915_gem_purge(dev_priv, sc->nr_to_scan); 5109 if (freed < sc->nr_to_scan) 5110 freed += __i915_gem_shrink(dev_priv, 5111 sc->nr_to_scan - freed, 5112 false); 5113 if (freed < sc->nr_to_scan) 5114 freed += i915_gem_shrink_all(dev_priv); 5115 5116 if (unlock) 5117 mutex_unlock(&dev->struct_mutex); 5118 5119 return freed; 5120 } 5121 5122 struct i915_vma *i915_gem_obj_to_ggtt(struct drm_i915_gem_object *obj) 5123 { 5124 struct i915_vma *vma; 5125 5126 if (WARN_ON(list_empty(&obj->vma_list))) 5127 return NULL; 5128 5129 vma = list_first_entry(&obj->vma_list, typeof(*vma), vma_link); 5130 if (WARN_ON(vma->vm != obj_to_ggtt(obj))) 5131 return NULL; 5132 5133 return vma; 5134 } 5135