1 // SPDX-License-Identifier: GPL-2.0
2 /*
3  * IOMMU API for ARM architected SMMUv3 implementations.
4  *
5  * Copyright (C) 2015 ARM Limited
6  *
7  * Author: Will Deacon <will.deacon@arm.com>
8  *
9  * This driver is powered by bad coffee and bombay mix.
10  */
11 
12 #include <linux/acpi.h>
13 #include <linux/acpi_iort.h>
14 #include <linux/bitops.h>
15 #include <linux/crash_dump.h>
16 #include <linux/delay.h>
17 #include <linux/dma-iommu.h>
18 #include <linux/err.h>
19 #include <linux/interrupt.h>
20 #include <linux/io-pgtable.h>
21 #include <linux/iopoll.h>
22 #include <linux/module.h>
23 #include <linux/msi.h>
24 #include <linux/of.h>
25 #include <linux/of_address.h>
26 #include <linux/of_iommu.h>
27 #include <linux/of_platform.h>
28 #include <linux/pci.h>
29 #include <linux/pci-ats.h>
30 #include <linux/platform_device.h>
31 
32 #include <linux/amba/bus.h>
33 
34 #include "arm-smmu-v3.h"
35 
36 static bool disable_bypass = 1;
37 module_param(disable_bypass, bool, 0444);
38 MODULE_PARM_DESC(disable_bypass,
39 	"Disable bypass streams such that incoming transactions from devices that are not attached to an iommu domain will report an abort back to the device and will not be allowed to pass through the SMMU.");
40 
41 static bool disable_msipolling;
42 module_param(disable_msipolling, bool, 0444);
43 MODULE_PARM_DESC(disable_msipolling,
44 	"Disable MSI-based polling for CMD_SYNC completion.");
45 
46 enum arm_smmu_msi_index {
47 	EVTQ_MSI_INDEX,
48 	GERROR_MSI_INDEX,
49 	PRIQ_MSI_INDEX,
50 	ARM_SMMU_MAX_MSIS,
51 };
52 
53 static phys_addr_t arm_smmu_msi_cfg[ARM_SMMU_MAX_MSIS][3] = {
54 	[EVTQ_MSI_INDEX] = {
55 		ARM_SMMU_EVTQ_IRQ_CFG0,
56 		ARM_SMMU_EVTQ_IRQ_CFG1,
57 		ARM_SMMU_EVTQ_IRQ_CFG2,
58 	},
59 	[GERROR_MSI_INDEX] = {
60 		ARM_SMMU_GERROR_IRQ_CFG0,
61 		ARM_SMMU_GERROR_IRQ_CFG1,
62 		ARM_SMMU_GERROR_IRQ_CFG2,
63 	},
64 	[PRIQ_MSI_INDEX] = {
65 		ARM_SMMU_PRIQ_IRQ_CFG0,
66 		ARM_SMMU_PRIQ_IRQ_CFG1,
67 		ARM_SMMU_PRIQ_IRQ_CFG2,
68 	},
69 };
70 
71 struct arm_smmu_option_prop {
72 	u32 opt;
73 	const char *prop;
74 };
75 
76 DEFINE_XARRAY_ALLOC1(arm_smmu_asid_xa);
77 DEFINE_MUTEX(arm_smmu_asid_lock);
78 
79 static struct arm_smmu_option_prop arm_smmu_options[] = {
80 	{ ARM_SMMU_OPT_SKIP_PREFETCH, "hisilicon,broken-prefetch-cmd" },
81 	{ ARM_SMMU_OPT_PAGE0_REGS_ONLY, "cavium,cn9900-broken-page1-regspace"},
82 	{ 0, NULL},
83 };
84 
85 static inline void __iomem *arm_smmu_page1_fixup(unsigned long offset,
86 						 struct arm_smmu_device *smmu)
87 {
88 	if (offset > SZ_64K)
89 		return smmu->page1 + offset - SZ_64K;
90 
91 	return smmu->base + offset;
92 }
93 
94 static struct arm_smmu_domain *to_smmu_domain(struct iommu_domain *dom)
95 {
96 	return container_of(dom, struct arm_smmu_domain, domain);
97 }
98 
99 static void parse_driver_options(struct arm_smmu_device *smmu)
100 {
101 	int i = 0;
102 
103 	do {
104 		if (of_property_read_bool(smmu->dev->of_node,
105 						arm_smmu_options[i].prop)) {
106 			smmu->options |= arm_smmu_options[i].opt;
107 			dev_notice(smmu->dev, "option %s\n",
108 				arm_smmu_options[i].prop);
109 		}
110 	} while (arm_smmu_options[++i].opt);
111 }
112 
113 /* Low-level queue manipulation functions */
114 static bool queue_has_space(struct arm_smmu_ll_queue *q, u32 n)
115 {
116 	u32 space, prod, cons;
117 
118 	prod = Q_IDX(q, q->prod);
119 	cons = Q_IDX(q, q->cons);
120 
121 	if (Q_WRP(q, q->prod) == Q_WRP(q, q->cons))
122 		space = (1 << q->max_n_shift) - (prod - cons);
123 	else
124 		space = cons - prod;
125 
126 	return space >= n;
127 }
128 
129 static bool queue_full(struct arm_smmu_ll_queue *q)
130 {
131 	return Q_IDX(q, q->prod) == Q_IDX(q, q->cons) &&
132 	       Q_WRP(q, q->prod) != Q_WRP(q, q->cons);
133 }
134 
135 static bool queue_empty(struct arm_smmu_ll_queue *q)
136 {
137 	return Q_IDX(q, q->prod) == Q_IDX(q, q->cons) &&
138 	       Q_WRP(q, q->prod) == Q_WRP(q, q->cons);
139 }
140 
141 static bool queue_consumed(struct arm_smmu_ll_queue *q, u32 prod)
142 {
143 	return ((Q_WRP(q, q->cons) == Q_WRP(q, prod)) &&
144 		(Q_IDX(q, q->cons) > Q_IDX(q, prod))) ||
145 	       ((Q_WRP(q, q->cons) != Q_WRP(q, prod)) &&
146 		(Q_IDX(q, q->cons) <= Q_IDX(q, prod)));
147 }
148 
149 static void queue_sync_cons_out(struct arm_smmu_queue *q)
150 {
151 	/*
152 	 * Ensure that all CPU accesses (reads and writes) to the queue
153 	 * are complete before we update the cons pointer.
154 	 */
155 	__iomb();
156 	writel_relaxed(q->llq.cons, q->cons_reg);
157 }
158 
159 static void queue_inc_cons(struct arm_smmu_ll_queue *q)
160 {
161 	u32 cons = (Q_WRP(q, q->cons) | Q_IDX(q, q->cons)) + 1;
162 	q->cons = Q_OVF(q->cons) | Q_WRP(q, cons) | Q_IDX(q, cons);
163 }
164 
165 static int queue_sync_prod_in(struct arm_smmu_queue *q)
166 {
167 	u32 prod;
168 	int ret = 0;
169 
170 	/*
171 	 * We can't use the _relaxed() variant here, as we must prevent
172 	 * speculative reads of the queue before we have determined that
173 	 * prod has indeed moved.
174 	 */
175 	prod = readl(q->prod_reg);
176 
177 	if (Q_OVF(prod) != Q_OVF(q->llq.prod))
178 		ret = -EOVERFLOW;
179 
180 	q->llq.prod = prod;
181 	return ret;
182 }
183 
184 static u32 queue_inc_prod_n(struct arm_smmu_ll_queue *q, int n)
185 {
186 	u32 prod = (Q_WRP(q, q->prod) | Q_IDX(q, q->prod)) + n;
187 	return Q_OVF(q->prod) | Q_WRP(q, prod) | Q_IDX(q, prod);
188 }
189 
190 static void queue_poll_init(struct arm_smmu_device *smmu,
191 			    struct arm_smmu_queue_poll *qp)
192 {
193 	qp->delay = 1;
194 	qp->spin_cnt = 0;
195 	qp->wfe = !!(smmu->features & ARM_SMMU_FEAT_SEV);
196 	qp->timeout = ktime_add_us(ktime_get(), ARM_SMMU_POLL_TIMEOUT_US);
197 }
198 
199 static int queue_poll(struct arm_smmu_queue_poll *qp)
200 {
201 	if (ktime_compare(ktime_get(), qp->timeout) > 0)
202 		return -ETIMEDOUT;
203 
204 	if (qp->wfe) {
205 		wfe();
206 	} else if (++qp->spin_cnt < ARM_SMMU_POLL_SPIN_COUNT) {
207 		cpu_relax();
208 	} else {
209 		udelay(qp->delay);
210 		qp->delay *= 2;
211 		qp->spin_cnt = 0;
212 	}
213 
214 	return 0;
215 }
216 
217 static void queue_write(__le64 *dst, u64 *src, size_t n_dwords)
218 {
219 	int i;
220 
221 	for (i = 0; i < n_dwords; ++i)
222 		*dst++ = cpu_to_le64(*src++);
223 }
224 
225 static void queue_read(u64 *dst, __le64 *src, size_t n_dwords)
226 {
227 	int i;
228 
229 	for (i = 0; i < n_dwords; ++i)
230 		*dst++ = le64_to_cpu(*src++);
231 }
232 
233 static int queue_remove_raw(struct arm_smmu_queue *q, u64 *ent)
234 {
235 	if (queue_empty(&q->llq))
236 		return -EAGAIN;
237 
238 	queue_read(ent, Q_ENT(q, q->llq.cons), q->ent_dwords);
239 	queue_inc_cons(&q->llq);
240 	queue_sync_cons_out(q);
241 	return 0;
242 }
243 
244 /* High-level queue accessors */
245 static int arm_smmu_cmdq_build_cmd(u64 *cmd, struct arm_smmu_cmdq_ent *ent)
246 {
247 	memset(cmd, 0, 1 << CMDQ_ENT_SZ_SHIFT);
248 	cmd[0] |= FIELD_PREP(CMDQ_0_OP, ent->opcode);
249 
250 	switch (ent->opcode) {
251 	case CMDQ_OP_TLBI_EL2_ALL:
252 	case CMDQ_OP_TLBI_NSNH_ALL:
253 		break;
254 	case CMDQ_OP_PREFETCH_CFG:
255 		cmd[0] |= FIELD_PREP(CMDQ_PREFETCH_0_SID, ent->prefetch.sid);
256 		cmd[1] |= FIELD_PREP(CMDQ_PREFETCH_1_SIZE, ent->prefetch.size);
257 		cmd[1] |= ent->prefetch.addr & CMDQ_PREFETCH_1_ADDR_MASK;
258 		break;
259 	case CMDQ_OP_CFGI_CD:
260 		cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SSID, ent->cfgi.ssid);
261 		fallthrough;
262 	case CMDQ_OP_CFGI_STE:
263 		cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SID, ent->cfgi.sid);
264 		cmd[1] |= FIELD_PREP(CMDQ_CFGI_1_LEAF, ent->cfgi.leaf);
265 		break;
266 	case CMDQ_OP_CFGI_CD_ALL:
267 		cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SID, ent->cfgi.sid);
268 		break;
269 	case CMDQ_OP_CFGI_ALL:
270 		/* Cover the entire SID range */
271 		cmd[1] |= FIELD_PREP(CMDQ_CFGI_1_RANGE, 31);
272 		break;
273 	case CMDQ_OP_TLBI_NH_VA:
274 		cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_NUM, ent->tlbi.num);
275 		cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_SCALE, ent->tlbi.scale);
276 		cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid);
277 		cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_ASID, ent->tlbi.asid);
278 		cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_LEAF, ent->tlbi.leaf);
279 		cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TTL, ent->tlbi.ttl);
280 		cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TG, ent->tlbi.tg);
281 		cmd[1] |= ent->tlbi.addr & CMDQ_TLBI_1_VA_MASK;
282 		break;
283 	case CMDQ_OP_TLBI_S2_IPA:
284 		cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_NUM, ent->tlbi.num);
285 		cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_SCALE, ent->tlbi.scale);
286 		cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid);
287 		cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_LEAF, ent->tlbi.leaf);
288 		cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TTL, ent->tlbi.ttl);
289 		cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_TG, ent->tlbi.tg);
290 		cmd[1] |= ent->tlbi.addr & CMDQ_TLBI_1_IPA_MASK;
291 		break;
292 	case CMDQ_OP_TLBI_NH_ASID:
293 		cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_ASID, ent->tlbi.asid);
294 		fallthrough;
295 	case CMDQ_OP_TLBI_S12_VMALL:
296 		cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid);
297 		break;
298 	case CMDQ_OP_ATC_INV:
299 		cmd[0] |= FIELD_PREP(CMDQ_0_SSV, ent->substream_valid);
300 		cmd[0] |= FIELD_PREP(CMDQ_ATC_0_GLOBAL, ent->atc.global);
301 		cmd[0] |= FIELD_PREP(CMDQ_ATC_0_SSID, ent->atc.ssid);
302 		cmd[0] |= FIELD_PREP(CMDQ_ATC_0_SID, ent->atc.sid);
303 		cmd[1] |= FIELD_PREP(CMDQ_ATC_1_SIZE, ent->atc.size);
304 		cmd[1] |= ent->atc.addr & CMDQ_ATC_1_ADDR_MASK;
305 		break;
306 	case CMDQ_OP_PRI_RESP:
307 		cmd[0] |= FIELD_PREP(CMDQ_0_SSV, ent->substream_valid);
308 		cmd[0] |= FIELD_PREP(CMDQ_PRI_0_SSID, ent->pri.ssid);
309 		cmd[0] |= FIELD_PREP(CMDQ_PRI_0_SID, ent->pri.sid);
310 		cmd[1] |= FIELD_PREP(CMDQ_PRI_1_GRPID, ent->pri.grpid);
311 		switch (ent->pri.resp) {
312 		case PRI_RESP_DENY:
313 		case PRI_RESP_FAIL:
314 		case PRI_RESP_SUCC:
315 			break;
316 		default:
317 			return -EINVAL;
318 		}
319 		cmd[1] |= FIELD_PREP(CMDQ_PRI_1_RESP, ent->pri.resp);
320 		break;
321 	case CMDQ_OP_CMD_SYNC:
322 		if (ent->sync.msiaddr) {
323 			cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_CS, CMDQ_SYNC_0_CS_IRQ);
324 			cmd[1] |= ent->sync.msiaddr & CMDQ_SYNC_1_MSIADDR_MASK;
325 		} else {
326 			cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_CS, CMDQ_SYNC_0_CS_SEV);
327 		}
328 		cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_MSH, ARM_SMMU_SH_ISH);
329 		cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_MSIATTR, ARM_SMMU_MEMATTR_OIWB);
330 		break;
331 	default:
332 		return -ENOENT;
333 	}
334 
335 	return 0;
336 }
337 
338 static void arm_smmu_cmdq_build_sync_cmd(u64 *cmd, struct arm_smmu_device *smmu,
339 					 u32 prod)
340 {
341 	struct arm_smmu_queue *q = &smmu->cmdq.q;
342 	struct arm_smmu_cmdq_ent ent = {
343 		.opcode = CMDQ_OP_CMD_SYNC,
344 	};
345 
346 	/*
347 	 * Beware that Hi16xx adds an extra 32 bits of goodness to its MSI
348 	 * payload, so the write will zero the entire command on that platform.
349 	 */
350 	if (smmu->options & ARM_SMMU_OPT_MSIPOLL) {
351 		ent.sync.msiaddr = q->base_dma + Q_IDX(&q->llq, prod) *
352 				   q->ent_dwords * 8;
353 	}
354 
355 	arm_smmu_cmdq_build_cmd(cmd, &ent);
356 }
357 
358 static void arm_smmu_cmdq_skip_err(struct arm_smmu_device *smmu)
359 {
360 	static const char *cerror_str[] = {
361 		[CMDQ_ERR_CERROR_NONE_IDX]	= "No error",
362 		[CMDQ_ERR_CERROR_ILL_IDX]	= "Illegal command",
363 		[CMDQ_ERR_CERROR_ABT_IDX]	= "Abort on command fetch",
364 		[CMDQ_ERR_CERROR_ATC_INV_IDX]	= "ATC invalidate timeout",
365 	};
366 
367 	int i;
368 	u64 cmd[CMDQ_ENT_DWORDS];
369 	struct arm_smmu_queue *q = &smmu->cmdq.q;
370 	u32 cons = readl_relaxed(q->cons_reg);
371 	u32 idx = FIELD_GET(CMDQ_CONS_ERR, cons);
372 	struct arm_smmu_cmdq_ent cmd_sync = {
373 		.opcode = CMDQ_OP_CMD_SYNC,
374 	};
375 
376 	dev_err(smmu->dev, "CMDQ error (cons 0x%08x): %s\n", cons,
377 		idx < ARRAY_SIZE(cerror_str) ?  cerror_str[idx] : "Unknown");
378 
379 	switch (idx) {
380 	case CMDQ_ERR_CERROR_ABT_IDX:
381 		dev_err(smmu->dev, "retrying command fetch\n");
382 	case CMDQ_ERR_CERROR_NONE_IDX:
383 		return;
384 	case CMDQ_ERR_CERROR_ATC_INV_IDX:
385 		/*
386 		 * ATC Invalidation Completion timeout. CONS is still pointing
387 		 * at the CMD_SYNC. Attempt to complete other pending commands
388 		 * by repeating the CMD_SYNC, though we might well end up back
389 		 * here since the ATC invalidation may still be pending.
390 		 */
391 		return;
392 	case CMDQ_ERR_CERROR_ILL_IDX:
393 	default:
394 		break;
395 	}
396 
397 	/*
398 	 * We may have concurrent producers, so we need to be careful
399 	 * not to touch any of the shadow cmdq state.
400 	 */
401 	queue_read(cmd, Q_ENT(q, cons), q->ent_dwords);
402 	dev_err(smmu->dev, "skipping command in error state:\n");
403 	for (i = 0; i < ARRAY_SIZE(cmd); ++i)
404 		dev_err(smmu->dev, "\t0x%016llx\n", (unsigned long long)cmd[i]);
405 
406 	/* Convert the erroneous command into a CMD_SYNC */
407 	if (arm_smmu_cmdq_build_cmd(cmd, &cmd_sync)) {
408 		dev_err(smmu->dev, "failed to convert to CMD_SYNC\n");
409 		return;
410 	}
411 
412 	queue_write(Q_ENT(q, cons), cmd, q->ent_dwords);
413 }
414 
415 /*
416  * Command queue locking.
417  * This is a form of bastardised rwlock with the following major changes:
418  *
419  * - The only LOCK routines are exclusive_trylock() and shared_lock().
420  *   Neither have barrier semantics, and instead provide only a control
421  *   dependency.
422  *
423  * - The UNLOCK routines are supplemented with shared_tryunlock(), which
424  *   fails if the caller appears to be the last lock holder (yes, this is
425  *   racy). All successful UNLOCK routines have RELEASE semantics.
426  */
427 static void arm_smmu_cmdq_shared_lock(struct arm_smmu_cmdq *cmdq)
428 {
429 	int val;
430 
431 	/*
432 	 * We can try to avoid the cmpxchg() loop by simply incrementing the
433 	 * lock counter. When held in exclusive state, the lock counter is set
434 	 * to INT_MIN so these increments won't hurt as the value will remain
435 	 * negative.
436 	 */
437 	if (atomic_fetch_inc_relaxed(&cmdq->lock) >= 0)
438 		return;
439 
440 	do {
441 		val = atomic_cond_read_relaxed(&cmdq->lock, VAL >= 0);
442 	} while (atomic_cmpxchg_relaxed(&cmdq->lock, val, val + 1) != val);
443 }
444 
445 static void arm_smmu_cmdq_shared_unlock(struct arm_smmu_cmdq *cmdq)
446 {
447 	(void)atomic_dec_return_release(&cmdq->lock);
448 }
449 
450 static bool arm_smmu_cmdq_shared_tryunlock(struct arm_smmu_cmdq *cmdq)
451 {
452 	if (atomic_read(&cmdq->lock) == 1)
453 		return false;
454 
455 	arm_smmu_cmdq_shared_unlock(cmdq);
456 	return true;
457 }
458 
459 #define arm_smmu_cmdq_exclusive_trylock_irqsave(cmdq, flags)		\
460 ({									\
461 	bool __ret;							\
462 	local_irq_save(flags);						\
463 	__ret = !atomic_cmpxchg_relaxed(&cmdq->lock, 0, INT_MIN);	\
464 	if (!__ret)							\
465 		local_irq_restore(flags);				\
466 	__ret;								\
467 })
468 
469 #define arm_smmu_cmdq_exclusive_unlock_irqrestore(cmdq, flags)		\
470 ({									\
471 	atomic_set_release(&cmdq->lock, 0);				\
472 	local_irq_restore(flags);					\
473 })
474 
475 
476 /*
477  * Command queue insertion.
478  * This is made fiddly by our attempts to achieve some sort of scalability
479  * since there is one queue shared amongst all of the CPUs in the system.  If
480  * you like mixed-size concurrency, dependency ordering and relaxed atomics,
481  * then you'll *love* this monstrosity.
482  *
483  * The basic idea is to split the queue up into ranges of commands that are
484  * owned by a given CPU; the owner may not have written all of the commands
485  * itself, but is responsible for advancing the hardware prod pointer when
486  * the time comes. The algorithm is roughly:
487  *
488  * 	1. Allocate some space in the queue. At this point we also discover
489  *	   whether the head of the queue is currently owned by another CPU,
490  *	   or whether we are the owner.
491  *
492  *	2. Write our commands into our allocated slots in the queue.
493  *
494  *	3. Mark our slots as valid in arm_smmu_cmdq.valid_map.
495  *
496  *	4. If we are an owner:
497  *		a. Wait for the previous owner to finish.
498  *		b. Mark the queue head as unowned, which tells us the range
499  *		   that we are responsible for publishing.
500  *		c. Wait for all commands in our owned range to become valid.
501  *		d. Advance the hardware prod pointer.
502  *		e. Tell the next owner we've finished.
503  *
504  *	5. If we are inserting a CMD_SYNC (we may or may not have been an
505  *	   owner), then we need to stick around until it has completed:
506  *		a. If we have MSIs, the SMMU can write back into the CMD_SYNC
507  *		   to clear the first 4 bytes.
508  *		b. Otherwise, we spin waiting for the hardware cons pointer to
509  *		   advance past our command.
510  *
511  * The devil is in the details, particularly the use of locking for handling
512  * SYNC completion and freeing up space in the queue before we think that it is
513  * full.
514  */
515 static void __arm_smmu_cmdq_poll_set_valid_map(struct arm_smmu_cmdq *cmdq,
516 					       u32 sprod, u32 eprod, bool set)
517 {
518 	u32 swidx, sbidx, ewidx, ebidx;
519 	struct arm_smmu_ll_queue llq = {
520 		.max_n_shift	= cmdq->q.llq.max_n_shift,
521 		.prod		= sprod,
522 	};
523 
524 	ewidx = BIT_WORD(Q_IDX(&llq, eprod));
525 	ebidx = Q_IDX(&llq, eprod) % BITS_PER_LONG;
526 
527 	while (llq.prod != eprod) {
528 		unsigned long mask;
529 		atomic_long_t *ptr;
530 		u32 limit = BITS_PER_LONG;
531 
532 		swidx = BIT_WORD(Q_IDX(&llq, llq.prod));
533 		sbidx = Q_IDX(&llq, llq.prod) % BITS_PER_LONG;
534 
535 		ptr = &cmdq->valid_map[swidx];
536 
537 		if ((swidx == ewidx) && (sbidx < ebidx))
538 			limit = ebidx;
539 
540 		mask = GENMASK(limit - 1, sbidx);
541 
542 		/*
543 		 * The valid bit is the inverse of the wrap bit. This means
544 		 * that a zero-initialised queue is invalid and, after marking
545 		 * all entries as valid, they become invalid again when we
546 		 * wrap.
547 		 */
548 		if (set) {
549 			atomic_long_xor(mask, ptr);
550 		} else { /* Poll */
551 			unsigned long valid;
552 
553 			valid = (ULONG_MAX + !!Q_WRP(&llq, llq.prod)) & mask;
554 			atomic_long_cond_read_relaxed(ptr, (VAL & mask) == valid);
555 		}
556 
557 		llq.prod = queue_inc_prod_n(&llq, limit - sbidx);
558 	}
559 }
560 
561 /* Mark all entries in the range [sprod, eprod) as valid */
562 static void arm_smmu_cmdq_set_valid_map(struct arm_smmu_cmdq *cmdq,
563 					u32 sprod, u32 eprod)
564 {
565 	__arm_smmu_cmdq_poll_set_valid_map(cmdq, sprod, eprod, true);
566 }
567 
568 /* Wait for all entries in the range [sprod, eprod) to become valid */
569 static void arm_smmu_cmdq_poll_valid_map(struct arm_smmu_cmdq *cmdq,
570 					 u32 sprod, u32 eprod)
571 {
572 	__arm_smmu_cmdq_poll_set_valid_map(cmdq, sprod, eprod, false);
573 }
574 
575 /* Wait for the command queue to become non-full */
576 static int arm_smmu_cmdq_poll_until_not_full(struct arm_smmu_device *smmu,
577 					     struct arm_smmu_ll_queue *llq)
578 {
579 	unsigned long flags;
580 	struct arm_smmu_queue_poll qp;
581 	struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
582 	int ret = 0;
583 
584 	/*
585 	 * Try to update our copy of cons by grabbing exclusive cmdq access. If
586 	 * that fails, spin until somebody else updates it for us.
587 	 */
588 	if (arm_smmu_cmdq_exclusive_trylock_irqsave(cmdq, flags)) {
589 		WRITE_ONCE(cmdq->q.llq.cons, readl_relaxed(cmdq->q.cons_reg));
590 		arm_smmu_cmdq_exclusive_unlock_irqrestore(cmdq, flags);
591 		llq->val = READ_ONCE(cmdq->q.llq.val);
592 		return 0;
593 	}
594 
595 	queue_poll_init(smmu, &qp);
596 	do {
597 		llq->val = READ_ONCE(smmu->cmdq.q.llq.val);
598 		if (!queue_full(llq))
599 			break;
600 
601 		ret = queue_poll(&qp);
602 	} while (!ret);
603 
604 	return ret;
605 }
606 
607 /*
608  * Wait until the SMMU signals a CMD_SYNC completion MSI.
609  * Must be called with the cmdq lock held in some capacity.
610  */
611 static int __arm_smmu_cmdq_poll_until_msi(struct arm_smmu_device *smmu,
612 					  struct arm_smmu_ll_queue *llq)
613 {
614 	int ret = 0;
615 	struct arm_smmu_queue_poll qp;
616 	struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
617 	u32 *cmd = (u32 *)(Q_ENT(&cmdq->q, llq->prod));
618 
619 	queue_poll_init(smmu, &qp);
620 
621 	/*
622 	 * The MSI won't generate an event, since it's being written back
623 	 * into the command queue.
624 	 */
625 	qp.wfe = false;
626 	smp_cond_load_relaxed(cmd, !VAL || (ret = queue_poll(&qp)));
627 	llq->cons = ret ? llq->prod : queue_inc_prod_n(llq, 1);
628 	return ret;
629 }
630 
631 /*
632  * Wait until the SMMU cons index passes llq->prod.
633  * Must be called with the cmdq lock held in some capacity.
634  */
635 static int __arm_smmu_cmdq_poll_until_consumed(struct arm_smmu_device *smmu,
636 					       struct arm_smmu_ll_queue *llq)
637 {
638 	struct arm_smmu_queue_poll qp;
639 	struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
640 	u32 prod = llq->prod;
641 	int ret = 0;
642 
643 	queue_poll_init(smmu, &qp);
644 	llq->val = READ_ONCE(smmu->cmdq.q.llq.val);
645 	do {
646 		if (queue_consumed(llq, prod))
647 			break;
648 
649 		ret = queue_poll(&qp);
650 
651 		/*
652 		 * This needs to be a readl() so that our subsequent call
653 		 * to arm_smmu_cmdq_shared_tryunlock() can fail accurately.
654 		 *
655 		 * Specifically, we need to ensure that we observe all
656 		 * shared_lock()s by other CMD_SYNCs that share our owner,
657 		 * so that a failing call to tryunlock() means that we're
658 		 * the last one out and therefore we can safely advance
659 		 * cmdq->q.llq.cons. Roughly speaking:
660 		 *
661 		 * CPU 0		CPU1			CPU2 (us)
662 		 *
663 		 * if (sync)
664 		 * 	shared_lock();
665 		 *
666 		 * dma_wmb();
667 		 * set_valid_map();
668 		 *
669 		 * 			if (owner) {
670 		 *				poll_valid_map();
671 		 *				<control dependency>
672 		 *				writel(prod_reg);
673 		 *
674 		 *						readl(cons_reg);
675 		 *						tryunlock();
676 		 *
677 		 * Requires us to see CPU 0's shared_lock() acquisition.
678 		 */
679 		llq->cons = readl(cmdq->q.cons_reg);
680 	} while (!ret);
681 
682 	return ret;
683 }
684 
685 static int arm_smmu_cmdq_poll_until_sync(struct arm_smmu_device *smmu,
686 					 struct arm_smmu_ll_queue *llq)
687 {
688 	if (smmu->options & ARM_SMMU_OPT_MSIPOLL)
689 		return __arm_smmu_cmdq_poll_until_msi(smmu, llq);
690 
691 	return __arm_smmu_cmdq_poll_until_consumed(smmu, llq);
692 }
693 
694 static void arm_smmu_cmdq_write_entries(struct arm_smmu_cmdq *cmdq, u64 *cmds,
695 					u32 prod, int n)
696 {
697 	int i;
698 	struct arm_smmu_ll_queue llq = {
699 		.max_n_shift	= cmdq->q.llq.max_n_shift,
700 		.prod		= prod,
701 	};
702 
703 	for (i = 0; i < n; ++i) {
704 		u64 *cmd = &cmds[i * CMDQ_ENT_DWORDS];
705 
706 		prod = queue_inc_prod_n(&llq, i);
707 		queue_write(Q_ENT(&cmdq->q, prod), cmd, CMDQ_ENT_DWORDS);
708 	}
709 }
710 
711 /*
712  * This is the actual insertion function, and provides the following
713  * ordering guarantees to callers:
714  *
715  * - There is a dma_wmb() before publishing any commands to the queue.
716  *   This can be relied upon to order prior writes to data structures
717  *   in memory (such as a CD or an STE) before the command.
718  *
719  * - On completion of a CMD_SYNC, there is a control dependency.
720  *   This can be relied upon to order subsequent writes to memory (e.g.
721  *   freeing an IOVA) after completion of the CMD_SYNC.
722  *
723  * - Command insertion is totally ordered, so if two CPUs each race to
724  *   insert their own list of commands then all of the commands from one
725  *   CPU will appear before any of the commands from the other CPU.
726  */
727 static int arm_smmu_cmdq_issue_cmdlist(struct arm_smmu_device *smmu,
728 				       u64 *cmds, int n, bool sync)
729 {
730 	u64 cmd_sync[CMDQ_ENT_DWORDS];
731 	u32 prod;
732 	unsigned long flags;
733 	bool owner;
734 	struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
735 	struct arm_smmu_ll_queue llq = {
736 		.max_n_shift = cmdq->q.llq.max_n_shift,
737 	}, head = llq;
738 	int ret = 0;
739 
740 	/* 1. Allocate some space in the queue */
741 	local_irq_save(flags);
742 	llq.val = READ_ONCE(cmdq->q.llq.val);
743 	do {
744 		u64 old;
745 
746 		while (!queue_has_space(&llq, n + sync)) {
747 			local_irq_restore(flags);
748 			if (arm_smmu_cmdq_poll_until_not_full(smmu, &llq))
749 				dev_err_ratelimited(smmu->dev, "CMDQ timeout\n");
750 			local_irq_save(flags);
751 		}
752 
753 		head.cons = llq.cons;
754 		head.prod = queue_inc_prod_n(&llq, n + sync) |
755 					     CMDQ_PROD_OWNED_FLAG;
756 
757 		old = cmpxchg_relaxed(&cmdq->q.llq.val, llq.val, head.val);
758 		if (old == llq.val)
759 			break;
760 
761 		llq.val = old;
762 	} while (1);
763 	owner = !(llq.prod & CMDQ_PROD_OWNED_FLAG);
764 	head.prod &= ~CMDQ_PROD_OWNED_FLAG;
765 	llq.prod &= ~CMDQ_PROD_OWNED_FLAG;
766 
767 	/*
768 	 * 2. Write our commands into the queue
769 	 * Dependency ordering from the cmpxchg() loop above.
770 	 */
771 	arm_smmu_cmdq_write_entries(cmdq, cmds, llq.prod, n);
772 	if (sync) {
773 		prod = queue_inc_prod_n(&llq, n);
774 		arm_smmu_cmdq_build_sync_cmd(cmd_sync, smmu, prod);
775 		queue_write(Q_ENT(&cmdq->q, prod), cmd_sync, CMDQ_ENT_DWORDS);
776 
777 		/*
778 		 * In order to determine completion of our CMD_SYNC, we must
779 		 * ensure that the queue can't wrap twice without us noticing.
780 		 * We achieve that by taking the cmdq lock as shared before
781 		 * marking our slot as valid.
782 		 */
783 		arm_smmu_cmdq_shared_lock(cmdq);
784 	}
785 
786 	/* 3. Mark our slots as valid, ensuring commands are visible first */
787 	dma_wmb();
788 	arm_smmu_cmdq_set_valid_map(cmdq, llq.prod, head.prod);
789 
790 	/* 4. If we are the owner, take control of the SMMU hardware */
791 	if (owner) {
792 		/* a. Wait for previous owner to finish */
793 		atomic_cond_read_relaxed(&cmdq->owner_prod, VAL == llq.prod);
794 
795 		/* b. Stop gathering work by clearing the owned flag */
796 		prod = atomic_fetch_andnot_relaxed(CMDQ_PROD_OWNED_FLAG,
797 						   &cmdq->q.llq.atomic.prod);
798 		prod &= ~CMDQ_PROD_OWNED_FLAG;
799 
800 		/*
801 		 * c. Wait for any gathered work to be written to the queue.
802 		 * Note that we read our own entries so that we have the control
803 		 * dependency required by (d).
804 		 */
805 		arm_smmu_cmdq_poll_valid_map(cmdq, llq.prod, prod);
806 
807 		/*
808 		 * d. Advance the hardware prod pointer
809 		 * Control dependency ordering from the entries becoming valid.
810 		 */
811 		writel_relaxed(prod, cmdq->q.prod_reg);
812 
813 		/*
814 		 * e. Tell the next owner we're done
815 		 * Make sure we've updated the hardware first, so that we don't
816 		 * race to update prod and potentially move it backwards.
817 		 */
818 		atomic_set_release(&cmdq->owner_prod, prod);
819 	}
820 
821 	/* 5. If we are inserting a CMD_SYNC, we must wait for it to complete */
822 	if (sync) {
823 		llq.prod = queue_inc_prod_n(&llq, n);
824 		ret = arm_smmu_cmdq_poll_until_sync(smmu, &llq);
825 		if (ret) {
826 			dev_err_ratelimited(smmu->dev,
827 					    "CMD_SYNC timeout at 0x%08x [hwprod 0x%08x, hwcons 0x%08x]\n",
828 					    llq.prod,
829 					    readl_relaxed(cmdq->q.prod_reg),
830 					    readl_relaxed(cmdq->q.cons_reg));
831 		}
832 
833 		/*
834 		 * Try to unlock the cmdq lock. This will fail if we're the last
835 		 * reader, in which case we can safely update cmdq->q.llq.cons
836 		 */
837 		if (!arm_smmu_cmdq_shared_tryunlock(cmdq)) {
838 			WRITE_ONCE(cmdq->q.llq.cons, llq.cons);
839 			arm_smmu_cmdq_shared_unlock(cmdq);
840 		}
841 	}
842 
843 	local_irq_restore(flags);
844 	return ret;
845 }
846 
847 static int arm_smmu_cmdq_issue_cmd(struct arm_smmu_device *smmu,
848 				   struct arm_smmu_cmdq_ent *ent)
849 {
850 	u64 cmd[CMDQ_ENT_DWORDS];
851 
852 	if (arm_smmu_cmdq_build_cmd(cmd, ent)) {
853 		dev_warn(smmu->dev, "ignoring unknown CMDQ opcode 0x%x\n",
854 			 ent->opcode);
855 		return -EINVAL;
856 	}
857 
858 	return arm_smmu_cmdq_issue_cmdlist(smmu, cmd, 1, false);
859 }
860 
861 static int arm_smmu_cmdq_issue_sync(struct arm_smmu_device *smmu)
862 {
863 	return arm_smmu_cmdq_issue_cmdlist(smmu, NULL, 0, true);
864 }
865 
866 static void arm_smmu_cmdq_batch_add(struct arm_smmu_device *smmu,
867 				    struct arm_smmu_cmdq_batch *cmds,
868 				    struct arm_smmu_cmdq_ent *cmd)
869 {
870 	if (cmds->num == CMDQ_BATCH_ENTRIES) {
871 		arm_smmu_cmdq_issue_cmdlist(smmu, cmds->cmds, cmds->num, false);
872 		cmds->num = 0;
873 	}
874 	arm_smmu_cmdq_build_cmd(&cmds->cmds[cmds->num * CMDQ_ENT_DWORDS], cmd);
875 	cmds->num++;
876 }
877 
878 static int arm_smmu_cmdq_batch_submit(struct arm_smmu_device *smmu,
879 				      struct arm_smmu_cmdq_batch *cmds)
880 {
881 	return arm_smmu_cmdq_issue_cmdlist(smmu, cmds->cmds, cmds->num, true);
882 }
883 
884 /* Context descriptor manipulation functions */
885 void arm_smmu_tlb_inv_asid(struct arm_smmu_device *smmu, u16 asid)
886 {
887 	struct arm_smmu_cmdq_ent cmd = {
888 		.opcode = CMDQ_OP_TLBI_NH_ASID,
889 		.tlbi.asid = asid,
890 	};
891 
892 	arm_smmu_cmdq_issue_cmd(smmu, &cmd);
893 	arm_smmu_cmdq_issue_sync(smmu);
894 }
895 
896 static void arm_smmu_sync_cd(struct arm_smmu_domain *smmu_domain,
897 			     int ssid, bool leaf)
898 {
899 	size_t i;
900 	unsigned long flags;
901 	struct arm_smmu_master *master;
902 	struct arm_smmu_cmdq_batch cmds = {};
903 	struct arm_smmu_device *smmu = smmu_domain->smmu;
904 	struct arm_smmu_cmdq_ent cmd = {
905 		.opcode	= CMDQ_OP_CFGI_CD,
906 		.cfgi	= {
907 			.ssid	= ssid,
908 			.leaf	= leaf,
909 		},
910 	};
911 
912 	spin_lock_irqsave(&smmu_domain->devices_lock, flags);
913 	list_for_each_entry(master, &smmu_domain->devices, domain_head) {
914 		for (i = 0; i < master->num_sids; i++) {
915 			cmd.cfgi.sid = master->sids[i];
916 			arm_smmu_cmdq_batch_add(smmu, &cmds, &cmd);
917 		}
918 	}
919 	spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);
920 
921 	arm_smmu_cmdq_batch_submit(smmu, &cmds);
922 }
923 
924 static int arm_smmu_alloc_cd_leaf_table(struct arm_smmu_device *smmu,
925 					struct arm_smmu_l1_ctx_desc *l1_desc)
926 {
927 	size_t size = CTXDESC_L2_ENTRIES * (CTXDESC_CD_DWORDS << 3);
928 
929 	l1_desc->l2ptr = dmam_alloc_coherent(smmu->dev, size,
930 					     &l1_desc->l2ptr_dma, GFP_KERNEL);
931 	if (!l1_desc->l2ptr) {
932 		dev_warn(smmu->dev,
933 			 "failed to allocate context descriptor table\n");
934 		return -ENOMEM;
935 	}
936 	return 0;
937 }
938 
939 static void arm_smmu_write_cd_l1_desc(__le64 *dst,
940 				      struct arm_smmu_l1_ctx_desc *l1_desc)
941 {
942 	u64 val = (l1_desc->l2ptr_dma & CTXDESC_L1_DESC_L2PTR_MASK) |
943 		  CTXDESC_L1_DESC_V;
944 
945 	/* See comment in arm_smmu_write_ctx_desc() */
946 	WRITE_ONCE(*dst, cpu_to_le64(val));
947 }
948 
949 static __le64 *arm_smmu_get_cd_ptr(struct arm_smmu_domain *smmu_domain,
950 				   u32 ssid)
951 {
952 	__le64 *l1ptr;
953 	unsigned int idx;
954 	struct arm_smmu_l1_ctx_desc *l1_desc;
955 	struct arm_smmu_device *smmu = smmu_domain->smmu;
956 	struct arm_smmu_ctx_desc_cfg *cdcfg = &smmu_domain->s1_cfg.cdcfg;
957 
958 	if (smmu_domain->s1_cfg.s1fmt == STRTAB_STE_0_S1FMT_LINEAR)
959 		return cdcfg->cdtab + ssid * CTXDESC_CD_DWORDS;
960 
961 	idx = ssid >> CTXDESC_SPLIT;
962 	l1_desc = &cdcfg->l1_desc[idx];
963 	if (!l1_desc->l2ptr) {
964 		if (arm_smmu_alloc_cd_leaf_table(smmu, l1_desc))
965 			return NULL;
966 
967 		l1ptr = cdcfg->cdtab + idx * CTXDESC_L1_DESC_DWORDS;
968 		arm_smmu_write_cd_l1_desc(l1ptr, l1_desc);
969 		/* An invalid L1CD can be cached */
970 		arm_smmu_sync_cd(smmu_domain, ssid, false);
971 	}
972 	idx = ssid & (CTXDESC_L2_ENTRIES - 1);
973 	return l1_desc->l2ptr + idx * CTXDESC_CD_DWORDS;
974 }
975 
976 int arm_smmu_write_ctx_desc(struct arm_smmu_domain *smmu_domain, int ssid,
977 			    struct arm_smmu_ctx_desc *cd)
978 {
979 	/*
980 	 * This function handles the following cases:
981 	 *
982 	 * (1) Install primary CD, for normal DMA traffic (SSID = 0).
983 	 * (2) Install a secondary CD, for SID+SSID traffic.
984 	 * (3) Update ASID of a CD. Atomically write the first 64 bits of the
985 	 *     CD, then invalidate the old entry and mappings.
986 	 * (4) Remove a secondary CD.
987 	 */
988 	u64 val;
989 	bool cd_live;
990 	__le64 *cdptr;
991 	struct arm_smmu_device *smmu = smmu_domain->smmu;
992 
993 	if (WARN_ON(ssid >= (1 << smmu_domain->s1_cfg.s1cdmax)))
994 		return -E2BIG;
995 
996 	cdptr = arm_smmu_get_cd_ptr(smmu_domain, ssid);
997 	if (!cdptr)
998 		return -ENOMEM;
999 
1000 	val = le64_to_cpu(cdptr[0]);
1001 	cd_live = !!(val & CTXDESC_CD_0_V);
1002 
1003 	if (!cd) { /* (4) */
1004 		val = 0;
1005 	} else if (cd_live) { /* (3) */
1006 		val &= ~CTXDESC_CD_0_ASID;
1007 		val |= FIELD_PREP(CTXDESC_CD_0_ASID, cd->asid);
1008 		/*
1009 		 * Until CD+TLB invalidation, both ASIDs may be used for tagging
1010 		 * this substream's traffic
1011 		 */
1012 	} else { /* (1) and (2) */
1013 		cdptr[1] = cpu_to_le64(cd->ttbr & CTXDESC_CD_1_TTB0_MASK);
1014 		cdptr[2] = 0;
1015 		cdptr[3] = cpu_to_le64(cd->mair);
1016 
1017 		/*
1018 		 * STE is live, and the SMMU might read dwords of this CD in any
1019 		 * order. Ensure that it observes valid values before reading
1020 		 * V=1.
1021 		 */
1022 		arm_smmu_sync_cd(smmu_domain, ssid, true);
1023 
1024 		val = cd->tcr |
1025 #ifdef __BIG_ENDIAN
1026 			CTXDESC_CD_0_ENDI |
1027 #endif
1028 			CTXDESC_CD_0_R | CTXDESC_CD_0_A |
1029 			(cd->mm ? 0 : CTXDESC_CD_0_ASET) |
1030 			CTXDESC_CD_0_AA64 |
1031 			FIELD_PREP(CTXDESC_CD_0_ASID, cd->asid) |
1032 			CTXDESC_CD_0_V;
1033 
1034 		/* STALL_MODEL==0b10 && CD.S==0 is ILLEGAL */
1035 		if (smmu->features & ARM_SMMU_FEAT_STALL_FORCE)
1036 			val |= CTXDESC_CD_0_S;
1037 	}
1038 
1039 	/*
1040 	 * The SMMU accesses 64-bit values atomically. See IHI0070Ca 3.21.3
1041 	 * "Configuration structures and configuration invalidation completion"
1042 	 *
1043 	 *   The size of single-copy atomic reads made by the SMMU is
1044 	 *   IMPLEMENTATION DEFINED but must be at least 64 bits. Any single
1045 	 *   field within an aligned 64-bit span of a structure can be altered
1046 	 *   without first making the structure invalid.
1047 	 */
1048 	WRITE_ONCE(cdptr[0], cpu_to_le64(val));
1049 	arm_smmu_sync_cd(smmu_domain, ssid, true);
1050 	return 0;
1051 }
1052 
1053 static int arm_smmu_alloc_cd_tables(struct arm_smmu_domain *smmu_domain)
1054 {
1055 	int ret;
1056 	size_t l1size;
1057 	size_t max_contexts;
1058 	struct arm_smmu_device *smmu = smmu_domain->smmu;
1059 	struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;
1060 	struct arm_smmu_ctx_desc_cfg *cdcfg = &cfg->cdcfg;
1061 
1062 	max_contexts = 1 << cfg->s1cdmax;
1063 
1064 	if (!(smmu->features & ARM_SMMU_FEAT_2_LVL_CDTAB) ||
1065 	    max_contexts <= CTXDESC_L2_ENTRIES) {
1066 		cfg->s1fmt = STRTAB_STE_0_S1FMT_LINEAR;
1067 		cdcfg->num_l1_ents = max_contexts;
1068 
1069 		l1size = max_contexts * (CTXDESC_CD_DWORDS << 3);
1070 	} else {
1071 		cfg->s1fmt = STRTAB_STE_0_S1FMT_64K_L2;
1072 		cdcfg->num_l1_ents = DIV_ROUND_UP(max_contexts,
1073 						  CTXDESC_L2_ENTRIES);
1074 
1075 		cdcfg->l1_desc = devm_kcalloc(smmu->dev, cdcfg->num_l1_ents,
1076 					      sizeof(*cdcfg->l1_desc),
1077 					      GFP_KERNEL);
1078 		if (!cdcfg->l1_desc)
1079 			return -ENOMEM;
1080 
1081 		l1size = cdcfg->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3);
1082 	}
1083 
1084 	cdcfg->cdtab = dmam_alloc_coherent(smmu->dev, l1size, &cdcfg->cdtab_dma,
1085 					   GFP_KERNEL);
1086 	if (!cdcfg->cdtab) {
1087 		dev_warn(smmu->dev, "failed to allocate context descriptor\n");
1088 		ret = -ENOMEM;
1089 		goto err_free_l1;
1090 	}
1091 
1092 	return 0;
1093 
1094 err_free_l1:
1095 	if (cdcfg->l1_desc) {
1096 		devm_kfree(smmu->dev, cdcfg->l1_desc);
1097 		cdcfg->l1_desc = NULL;
1098 	}
1099 	return ret;
1100 }
1101 
1102 static void arm_smmu_free_cd_tables(struct arm_smmu_domain *smmu_domain)
1103 {
1104 	int i;
1105 	size_t size, l1size;
1106 	struct arm_smmu_device *smmu = smmu_domain->smmu;
1107 	struct arm_smmu_ctx_desc_cfg *cdcfg = &smmu_domain->s1_cfg.cdcfg;
1108 
1109 	if (cdcfg->l1_desc) {
1110 		size = CTXDESC_L2_ENTRIES * (CTXDESC_CD_DWORDS << 3);
1111 
1112 		for (i = 0; i < cdcfg->num_l1_ents; i++) {
1113 			if (!cdcfg->l1_desc[i].l2ptr)
1114 				continue;
1115 
1116 			dmam_free_coherent(smmu->dev, size,
1117 					   cdcfg->l1_desc[i].l2ptr,
1118 					   cdcfg->l1_desc[i].l2ptr_dma);
1119 		}
1120 		devm_kfree(smmu->dev, cdcfg->l1_desc);
1121 		cdcfg->l1_desc = NULL;
1122 
1123 		l1size = cdcfg->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3);
1124 	} else {
1125 		l1size = cdcfg->num_l1_ents * (CTXDESC_CD_DWORDS << 3);
1126 	}
1127 
1128 	dmam_free_coherent(smmu->dev, l1size, cdcfg->cdtab, cdcfg->cdtab_dma);
1129 	cdcfg->cdtab_dma = 0;
1130 	cdcfg->cdtab = NULL;
1131 }
1132 
1133 bool arm_smmu_free_asid(struct arm_smmu_ctx_desc *cd)
1134 {
1135 	bool free;
1136 	struct arm_smmu_ctx_desc *old_cd;
1137 
1138 	if (!cd->asid)
1139 		return false;
1140 
1141 	free = refcount_dec_and_test(&cd->refs);
1142 	if (free) {
1143 		old_cd = xa_erase(&arm_smmu_asid_xa, cd->asid);
1144 		WARN_ON(old_cd != cd);
1145 	}
1146 	return free;
1147 }
1148 
1149 /* Stream table manipulation functions */
1150 static void
1151 arm_smmu_write_strtab_l1_desc(__le64 *dst, struct arm_smmu_strtab_l1_desc *desc)
1152 {
1153 	u64 val = 0;
1154 
1155 	val |= FIELD_PREP(STRTAB_L1_DESC_SPAN, desc->span);
1156 	val |= desc->l2ptr_dma & STRTAB_L1_DESC_L2PTR_MASK;
1157 
1158 	/* See comment in arm_smmu_write_ctx_desc() */
1159 	WRITE_ONCE(*dst, cpu_to_le64(val));
1160 }
1161 
1162 static void arm_smmu_sync_ste_for_sid(struct arm_smmu_device *smmu, u32 sid)
1163 {
1164 	struct arm_smmu_cmdq_ent cmd = {
1165 		.opcode	= CMDQ_OP_CFGI_STE,
1166 		.cfgi	= {
1167 			.sid	= sid,
1168 			.leaf	= true,
1169 		},
1170 	};
1171 
1172 	arm_smmu_cmdq_issue_cmd(smmu, &cmd);
1173 	arm_smmu_cmdq_issue_sync(smmu);
1174 }
1175 
1176 static void arm_smmu_write_strtab_ent(struct arm_smmu_master *master, u32 sid,
1177 				      __le64 *dst)
1178 {
1179 	/*
1180 	 * This is hideously complicated, but we only really care about
1181 	 * three cases at the moment:
1182 	 *
1183 	 * 1. Invalid (all zero) -> bypass/fault (init)
1184 	 * 2. Bypass/fault -> translation/bypass (attach)
1185 	 * 3. Translation/bypass -> bypass/fault (detach)
1186 	 *
1187 	 * Given that we can't update the STE atomically and the SMMU
1188 	 * doesn't read the thing in a defined order, that leaves us
1189 	 * with the following maintenance requirements:
1190 	 *
1191 	 * 1. Update Config, return (init time STEs aren't live)
1192 	 * 2. Write everything apart from dword 0, sync, write dword 0, sync
1193 	 * 3. Update Config, sync
1194 	 */
1195 	u64 val = le64_to_cpu(dst[0]);
1196 	bool ste_live = false;
1197 	struct arm_smmu_device *smmu = NULL;
1198 	struct arm_smmu_s1_cfg *s1_cfg = NULL;
1199 	struct arm_smmu_s2_cfg *s2_cfg = NULL;
1200 	struct arm_smmu_domain *smmu_domain = NULL;
1201 	struct arm_smmu_cmdq_ent prefetch_cmd = {
1202 		.opcode		= CMDQ_OP_PREFETCH_CFG,
1203 		.prefetch	= {
1204 			.sid	= sid,
1205 		},
1206 	};
1207 
1208 	if (master) {
1209 		smmu_domain = master->domain;
1210 		smmu = master->smmu;
1211 	}
1212 
1213 	if (smmu_domain) {
1214 		switch (smmu_domain->stage) {
1215 		case ARM_SMMU_DOMAIN_S1:
1216 			s1_cfg = &smmu_domain->s1_cfg;
1217 			break;
1218 		case ARM_SMMU_DOMAIN_S2:
1219 		case ARM_SMMU_DOMAIN_NESTED:
1220 			s2_cfg = &smmu_domain->s2_cfg;
1221 			break;
1222 		default:
1223 			break;
1224 		}
1225 	}
1226 
1227 	if (val & STRTAB_STE_0_V) {
1228 		switch (FIELD_GET(STRTAB_STE_0_CFG, val)) {
1229 		case STRTAB_STE_0_CFG_BYPASS:
1230 			break;
1231 		case STRTAB_STE_0_CFG_S1_TRANS:
1232 		case STRTAB_STE_0_CFG_S2_TRANS:
1233 			ste_live = true;
1234 			break;
1235 		case STRTAB_STE_0_CFG_ABORT:
1236 			BUG_ON(!disable_bypass);
1237 			break;
1238 		default:
1239 			BUG(); /* STE corruption */
1240 		}
1241 	}
1242 
1243 	/* Nuke the existing STE_0 value, as we're going to rewrite it */
1244 	val = STRTAB_STE_0_V;
1245 
1246 	/* Bypass/fault */
1247 	if (!smmu_domain || !(s1_cfg || s2_cfg)) {
1248 		if (!smmu_domain && disable_bypass)
1249 			val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_ABORT);
1250 		else
1251 			val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_BYPASS);
1252 
1253 		dst[0] = cpu_to_le64(val);
1254 		dst[1] = cpu_to_le64(FIELD_PREP(STRTAB_STE_1_SHCFG,
1255 						STRTAB_STE_1_SHCFG_INCOMING));
1256 		dst[2] = 0; /* Nuke the VMID */
1257 		/*
1258 		 * The SMMU can perform negative caching, so we must sync
1259 		 * the STE regardless of whether the old value was live.
1260 		 */
1261 		if (smmu)
1262 			arm_smmu_sync_ste_for_sid(smmu, sid);
1263 		return;
1264 	}
1265 
1266 	if (s1_cfg) {
1267 		BUG_ON(ste_live);
1268 		dst[1] = cpu_to_le64(
1269 			 FIELD_PREP(STRTAB_STE_1_S1DSS, STRTAB_STE_1_S1DSS_SSID0) |
1270 			 FIELD_PREP(STRTAB_STE_1_S1CIR, STRTAB_STE_1_S1C_CACHE_WBRA) |
1271 			 FIELD_PREP(STRTAB_STE_1_S1COR, STRTAB_STE_1_S1C_CACHE_WBRA) |
1272 			 FIELD_PREP(STRTAB_STE_1_S1CSH, ARM_SMMU_SH_ISH) |
1273 			 FIELD_PREP(STRTAB_STE_1_STRW, STRTAB_STE_1_STRW_NSEL1));
1274 
1275 		if (smmu->features & ARM_SMMU_FEAT_STALLS &&
1276 		   !(smmu->features & ARM_SMMU_FEAT_STALL_FORCE))
1277 			dst[1] |= cpu_to_le64(STRTAB_STE_1_S1STALLD);
1278 
1279 		val |= (s1_cfg->cdcfg.cdtab_dma & STRTAB_STE_0_S1CTXPTR_MASK) |
1280 			FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_S1_TRANS) |
1281 			FIELD_PREP(STRTAB_STE_0_S1CDMAX, s1_cfg->s1cdmax) |
1282 			FIELD_PREP(STRTAB_STE_0_S1FMT, s1_cfg->s1fmt);
1283 	}
1284 
1285 	if (s2_cfg) {
1286 		BUG_ON(ste_live);
1287 		dst[2] = cpu_to_le64(
1288 			 FIELD_PREP(STRTAB_STE_2_S2VMID, s2_cfg->vmid) |
1289 			 FIELD_PREP(STRTAB_STE_2_VTCR, s2_cfg->vtcr) |
1290 #ifdef __BIG_ENDIAN
1291 			 STRTAB_STE_2_S2ENDI |
1292 #endif
1293 			 STRTAB_STE_2_S2PTW | STRTAB_STE_2_S2AA64 |
1294 			 STRTAB_STE_2_S2R);
1295 
1296 		dst[3] = cpu_to_le64(s2_cfg->vttbr & STRTAB_STE_3_S2TTB_MASK);
1297 
1298 		val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_S2_TRANS);
1299 	}
1300 
1301 	if (master->ats_enabled)
1302 		dst[1] |= cpu_to_le64(FIELD_PREP(STRTAB_STE_1_EATS,
1303 						 STRTAB_STE_1_EATS_TRANS));
1304 
1305 	arm_smmu_sync_ste_for_sid(smmu, sid);
1306 	/* See comment in arm_smmu_write_ctx_desc() */
1307 	WRITE_ONCE(dst[0], cpu_to_le64(val));
1308 	arm_smmu_sync_ste_for_sid(smmu, sid);
1309 
1310 	/* It's likely that we'll want to use the new STE soon */
1311 	if (!(smmu->options & ARM_SMMU_OPT_SKIP_PREFETCH))
1312 		arm_smmu_cmdq_issue_cmd(smmu, &prefetch_cmd);
1313 }
1314 
1315 static void arm_smmu_init_bypass_stes(__le64 *strtab, unsigned int nent)
1316 {
1317 	unsigned int i;
1318 
1319 	for (i = 0; i < nent; ++i) {
1320 		arm_smmu_write_strtab_ent(NULL, -1, strtab);
1321 		strtab += STRTAB_STE_DWORDS;
1322 	}
1323 }
1324 
1325 static int arm_smmu_init_l2_strtab(struct arm_smmu_device *smmu, u32 sid)
1326 {
1327 	size_t size;
1328 	void *strtab;
1329 	struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
1330 	struct arm_smmu_strtab_l1_desc *desc = &cfg->l1_desc[sid >> STRTAB_SPLIT];
1331 
1332 	if (desc->l2ptr)
1333 		return 0;
1334 
1335 	size = 1 << (STRTAB_SPLIT + ilog2(STRTAB_STE_DWORDS) + 3);
1336 	strtab = &cfg->strtab[(sid >> STRTAB_SPLIT) * STRTAB_L1_DESC_DWORDS];
1337 
1338 	desc->span = STRTAB_SPLIT + 1;
1339 	desc->l2ptr = dmam_alloc_coherent(smmu->dev, size, &desc->l2ptr_dma,
1340 					  GFP_KERNEL);
1341 	if (!desc->l2ptr) {
1342 		dev_err(smmu->dev,
1343 			"failed to allocate l2 stream table for SID %u\n",
1344 			sid);
1345 		return -ENOMEM;
1346 	}
1347 
1348 	arm_smmu_init_bypass_stes(desc->l2ptr, 1 << STRTAB_SPLIT);
1349 	arm_smmu_write_strtab_l1_desc(strtab, desc);
1350 	return 0;
1351 }
1352 
1353 /* IRQ and event handlers */
1354 static irqreturn_t arm_smmu_evtq_thread(int irq, void *dev)
1355 {
1356 	int i;
1357 	struct arm_smmu_device *smmu = dev;
1358 	struct arm_smmu_queue *q = &smmu->evtq.q;
1359 	struct arm_smmu_ll_queue *llq = &q->llq;
1360 	u64 evt[EVTQ_ENT_DWORDS];
1361 
1362 	do {
1363 		while (!queue_remove_raw(q, evt)) {
1364 			u8 id = FIELD_GET(EVTQ_0_ID, evt[0]);
1365 
1366 			dev_info(smmu->dev, "event 0x%02x received:\n", id);
1367 			for (i = 0; i < ARRAY_SIZE(evt); ++i)
1368 				dev_info(smmu->dev, "\t0x%016llx\n",
1369 					 (unsigned long long)evt[i]);
1370 
1371 		}
1372 
1373 		/*
1374 		 * Not much we can do on overflow, so scream and pretend we're
1375 		 * trying harder.
1376 		 */
1377 		if (queue_sync_prod_in(q) == -EOVERFLOW)
1378 			dev_err(smmu->dev, "EVTQ overflow detected -- events lost\n");
1379 	} while (!queue_empty(llq));
1380 
1381 	/* Sync our overflow flag, as we believe we're up to speed */
1382 	llq->cons = Q_OVF(llq->prod) | Q_WRP(llq, llq->cons) |
1383 		    Q_IDX(llq, llq->cons);
1384 	return IRQ_HANDLED;
1385 }
1386 
1387 static void arm_smmu_handle_ppr(struct arm_smmu_device *smmu, u64 *evt)
1388 {
1389 	u32 sid, ssid;
1390 	u16 grpid;
1391 	bool ssv, last;
1392 
1393 	sid = FIELD_GET(PRIQ_0_SID, evt[0]);
1394 	ssv = FIELD_GET(PRIQ_0_SSID_V, evt[0]);
1395 	ssid = ssv ? FIELD_GET(PRIQ_0_SSID, evt[0]) : 0;
1396 	last = FIELD_GET(PRIQ_0_PRG_LAST, evt[0]);
1397 	grpid = FIELD_GET(PRIQ_1_PRG_IDX, evt[1]);
1398 
1399 	dev_info(smmu->dev, "unexpected PRI request received:\n");
1400 	dev_info(smmu->dev,
1401 		 "\tsid 0x%08x.0x%05x: [%u%s] %sprivileged %s%s%s access at iova 0x%016llx\n",
1402 		 sid, ssid, grpid, last ? "L" : "",
1403 		 evt[0] & PRIQ_0_PERM_PRIV ? "" : "un",
1404 		 evt[0] & PRIQ_0_PERM_READ ? "R" : "",
1405 		 evt[0] & PRIQ_0_PERM_WRITE ? "W" : "",
1406 		 evt[0] & PRIQ_0_PERM_EXEC ? "X" : "",
1407 		 evt[1] & PRIQ_1_ADDR_MASK);
1408 
1409 	if (last) {
1410 		struct arm_smmu_cmdq_ent cmd = {
1411 			.opcode			= CMDQ_OP_PRI_RESP,
1412 			.substream_valid	= ssv,
1413 			.pri			= {
1414 				.sid	= sid,
1415 				.ssid	= ssid,
1416 				.grpid	= grpid,
1417 				.resp	= PRI_RESP_DENY,
1418 			},
1419 		};
1420 
1421 		arm_smmu_cmdq_issue_cmd(smmu, &cmd);
1422 	}
1423 }
1424 
1425 static irqreturn_t arm_smmu_priq_thread(int irq, void *dev)
1426 {
1427 	struct arm_smmu_device *smmu = dev;
1428 	struct arm_smmu_queue *q = &smmu->priq.q;
1429 	struct arm_smmu_ll_queue *llq = &q->llq;
1430 	u64 evt[PRIQ_ENT_DWORDS];
1431 
1432 	do {
1433 		while (!queue_remove_raw(q, evt))
1434 			arm_smmu_handle_ppr(smmu, evt);
1435 
1436 		if (queue_sync_prod_in(q) == -EOVERFLOW)
1437 			dev_err(smmu->dev, "PRIQ overflow detected -- requests lost\n");
1438 	} while (!queue_empty(llq));
1439 
1440 	/* Sync our overflow flag, as we believe we're up to speed */
1441 	llq->cons = Q_OVF(llq->prod) | Q_WRP(llq, llq->cons) |
1442 		      Q_IDX(llq, llq->cons);
1443 	queue_sync_cons_out(q);
1444 	return IRQ_HANDLED;
1445 }
1446 
1447 static int arm_smmu_device_disable(struct arm_smmu_device *smmu);
1448 
1449 static irqreturn_t arm_smmu_gerror_handler(int irq, void *dev)
1450 {
1451 	u32 gerror, gerrorn, active;
1452 	struct arm_smmu_device *smmu = dev;
1453 
1454 	gerror = readl_relaxed(smmu->base + ARM_SMMU_GERROR);
1455 	gerrorn = readl_relaxed(smmu->base + ARM_SMMU_GERRORN);
1456 
1457 	active = gerror ^ gerrorn;
1458 	if (!(active & GERROR_ERR_MASK))
1459 		return IRQ_NONE; /* No errors pending */
1460 
1461 	dev_warn(smmu->dev,
1462 		 "unexpected global error reported (0x%08x), this could be serious\n",
1463 		 active);
1464 
1465 	if (active & GERROR_SFM_ERR) {
1466 		dev_err(smmu->dev, "device has entered Service Failure Mode!\n");
1467 		arm_smmu_device_disable(smmu);
1468 	}
1469 
1470 	if (active & GERROR_MSI_GERROR_ABT_ERR)
1471 		dev_warn(smmu->dev, "GERROR MSI write aborted\n");
1472 
1473 	if (active & GERROR_MSI_PRIQ_ABT_ERR)
1474 		dev_warn(smmu->dev, "PRIQ MSI write aborted\n");
1475 
1476 	if (active & GERROR_MSI_EVTQ_ABT_ERR)
1477 		dev_warn(smmu->dev, "EVTQ MSI write aborted\n");
1478 
1479 	if (active & GERROR_MSI_CMDQ_ABT_ERR)
1480 		dev_warn(smmu->dev, "CMDQ MSI write aborted\n");
1481 
1482 	if (active & GERROR_PRIQ_ABT_ERR)
1483 		dev_err(smmu->dev, "PRIQ write aborted -- events may have been lost\n");
1484 
1485 	if (active & GERROR_EVTQ_ABT_ERR)
1486 		dev_err(smmu->dev, "EVTQ write aborted -- events may have been lost\n");
1487 
1488 	if (active & GERROR_CMDQ_ERR)
1489 		arm_smmu_cmdq_skip_err(smmu);
1490 
1491 	writel(gerror, smmu->base + ARM_SMMU_GERRORN);
1492 	return IRQ_HANDLED;
1493 }
1494 
1495 static irqreturn_t arm_smmu_combined_irq_thread(int irq, void *dev)
1496 {
1497 	struct arm_smmu_device *smmu = dev;
1498 
1499 	arm_smmu_evtq_thread(irq, dev);
1500 	if (smmu->features & ARM_SMMU_FEAT_PRI)
1501 		arm_smmu_priq_thread(irq, dev);
1502 
1503 	return IRQ_HANDLED;
1504 }
1505 
1506 static irqreturn_t arm_smmu_combined_irq_handler(int irq, void *dev)
1507 {
1508 	arm_smmu_gerror_handler(irq, dev);
1509 	return IRQ_WAKE_THREAD;
1510 }
1511 
1512 static void
1513 arm_smmu_atc_inv_to_cmd(int ssid, unsigned long iova, size_t size,
1514 			struct arm_smmu_cmdq_ent *cmd)
1515 {
1516 	size_t log2_span;
1517 	size_t span_mask;
1518 	/* ATC invalidates are always on 4096-bytes pages */
1519 	size_t inval_grain_shift = 12;
1520 	unsigned long page_start, page_end;
1521 
1522 	*cmd = (struct arm_smmu_cmdq_ent) {
1523 		.opcode			= CMDQ_OP_ATC_INV,
1524 		.substream_valid	= !!ssid,
1525 		.atc.ssid		= ssid,
1526 	};
1527 
1528 	if (!size) {
1529 		cmd->atc.size = ATC_INV_SIZE_ALL;
1530 		return;
1531 	}
1532 
1533 	page_start	= iova >> inval_grain_shift;
1534 	page_end	= (iova + size - 1) >> inval_grain_shift;
1535 
1536 	/*
1537 	 * In an ATS Invalidate Request, the address must be aligned on the
1538 	 * range size, which must be a power of two number of page sizes. We
1539 	 * thus have to choose between grossly over-invalidating the region, or
1540 	 * splitting the invalidation into multiple commands. For simplicity
1541 	 * we'll go with the first solution, but should refine it in the future
1542 	 * if multiple commands are shown to be more efficient.
1543 	 *
1544 	 * Find the smallest power of two that covers the range. The most
1545 	 * significant differing bit between the start and end addresses,
1546 	 * fls(start ^ end), indicates the required span. For example:
1547 	 *
1548 	 * We want to invalidate pages [8; 11]. This is already the ideal range:
1549 	 *		x = 0b1000 ^ 0b1011 = 0b11
1550 	 *		span = 1 << fls(x) = 4
1551 	 *
1552 	 * To invalidate pages [7; 10], we need to invalidate [0; 15]:
1553 	 *		x = 0b0111 ^ 0b1010 = 0b1101
1554 	 *		span = 1 << fls(x) = 16
1555 	 */
1556 	log2_span	= fls_long(page_start ^ page_end);
1557 	span_mask	= (1ULL << log2_span) - 1;
1558 
1559 	page_start	&= ~span_mask;
1560 
1561 	cmd->atc.addr	= page_start << inval_grain_shift;
1562 	cmd->atc.size	= log2_span;
1563 }
1564 
1565 static int arm_smmu_atc_inv_master(struct arm_smmu_master *master)
1566 {
1567 	int i;
1568 	struct arm_smmu_cmdq_ent cmd;
1569 
1570 	arm_smmu_atc_inv_to_cmd(0, 0, 0, &cmd);
1571 
1572 	for (i = 0; i < master->num_sids; i++) {
1573 		cmd.atc.sid = master->sids[i];
1574 		arm_smmu_cmdq_issue_cmd(master->smmu, &cmd);
1575 	}
1576 
1577 	return arm_smmu_cmdq_issue_sync(master->smmu);
1578 }
1579 
1580 static int arm_smmu_atc_inv_domain(struct arm_smmu_domain *smmu_domain,
1581 				   int ssid, unsigned long iova, size_t size)
1582 {
1583 	int i;
1584 	unsigned long flags;
1585 	struct arm_smmu_cmdq_ent cmd;
1586 	struct arm_smmu_master *master;
1587 	struct arm_smmu_cmdq_batch cmds = {};
1588 
1589 	if (!(smmu_domain->smmu->features & ARM_SMMU_FEAT_ATS))
1590 		return 0;
1591 
1592 	/*
1593 	 * Ensure that we've completed prior invalidation of the main TLBs
1594 	 * before we read 'nr_ats_masters' in case of a concurrent call to
1595 	 * arm_smmu_enable_ats():
1596 	 *
1597 	 *	// unmap()			// arm_smmu_enable_ats()
1598 	 *	TLBI+SYNC			atomic_inc(&nr_ats_masters);
1599 	 *	smp_mb();			[...]
1600 	 *	atomic_read(&nr_ats_masters);	pci_enable_ats() // writel()
1601 	 *
1602 	 * Ensures that we always see the incremented 'nr_ats_masters' count if
1603 	 * ATS was enabled at the PCI device before completion of the TLBI.
1604 	 */
1605 	smp_mb();
1606 	if (!atomic_read(&smmu_domain->nr_ats_masters))
1607 		return 0;
1608 
1609 	arm_smmu_atc_inv_to_cmd(ssid, iova, size, &cmd);
1610 
1611 	spin_lock_irqsave(&smmu_domain->devices_lock, flags);
1612 	list_for_each_entry(master, &smmu_domain->devices, domain_head) {
1613 		if (!master->ats_enabled)
1614 			continue;
1615 
1616 		for (i = 0; i < master->num_sids; i++) {
1617 			cmd.atc.sid = master->sids[i];
1618 			arm_smmu_cmdq_batch_add(smmu_domain->smmu, &cmds, &cmd);
1619 		}
1620 	}
1621 	spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);
1622 
1623 	return arm_smmu_cmdq_batch_submit(smmu_domain->smmu, &cmds);
1624 }
1625 
1626 /* IO_PGTABLE API */
1627 static void arm_smmu_tlb_inv_context(void *cookie)
1628 {
1629 	struct arm_smmu_domain *smmu_domain = cookie;
1630 	struct arm_smmu_device *smmu = smmu_domain->smmu;
1631 	struct arm_smmu_cmdq_ent cmd;
1632 
1633 	/*
1634 	 * NOTE: when io-pgtable is in non-strict mode, we may get here with
1635 	 * PTEs previously cleared by unmaps on the current CPU not yet visible
1636 	 * to the SMMU. We are relying on the dma_wmb() implicit during cmd
1637 	 * insertion to guarantee those are observed before the TLBI. Do be
1638 	 * careful, 007.
1639 	 */
1640 	if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
1641 		arm_smmu_tlb_inv_asid(smmu, smmu_domain->s1_cfg.cd.asid);
1642 	} else {
1643 		cmd.opcode	= CMDQ_OP_TLBI_S12_VMALL;
1644 		cmd.tlbi.vmid	= smmu_domain->s2_cfg.vmid;
1645 		arm_smmu_cmdq_issue_cmd(smmu, &cmd);
1646 		arm_smmu_cmdq_issue_sync(smmu);
1647 	}
1648 	arm_smmu_atc_inv_domain(smmu_domain, 0, 0, 0);
1649 }
1650 
1651 static void arm_smmu_tlb_inv_range(unsigned long iova, size_t size,
1652 				   size_t granule, bool leaf,
1653 				   struct arm_smmu_domain *smmu_domain)
1654 {
1655 	struct arm_smmu_device *smmu = smmu_domain->smmu;
1656 	unsigned long start = iova, end = iova + size, num_pages = 0, tg = 0;
1657 	size_t inv_range = granule;
1658 	struct arm_smmu_cmdq_batch cmds = {};
1659 	struct arm_smmu_cmdq_ent cmd = {
1660 		.tlbi = {
1661 			.leaf	= leaf,
1662 		},
1663 	};
1664 
1665 	if (!size)
1666 		return;
1667 
1668 	if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
1669 		cmd.opcode	= CMDQ_OP_TLBI_NH_VA;
1670 		cmd.tlbi.asid	= smmu_domain->s1_cfg.cd.asid;
1671 	} else {
1672 		cmd.opcode	= CMDQ_OP_TLBI_S2_IPA;
1673 		cmd.tlbi.vmid	= smmu_domain->s2_cfg.vmid;
1674 	}
1675 
1676 	if (smmu->features & ARM_SMMU_FEAT_RANGE_INV) {
1677 		/* Get the leaf page size */
1678 		tg = __ffs(smmu_domain->domain.pgsize_bitmap);
1679 
1680 		/* Convert page size of 12,14,16 (log2) to 1,2,3 */
1681 		cmd.tlbi.tg = (tg - 10) / 2;
1682 
1683 		/* Determine what level the granule is at */
1684 		cmd.tlbi.ttl = 4 - ((ilog2(granule) - 3) / (tg - 3));
1685 
1686 		num_pages = size >> tg;
1687 	}
1688 
1689 	while (iova < end) {
1690 		if (smmu->features & ARM_SMMU_FEAT_RANGE_INV) {
1691 			/*
1692 			 * On each iteration of the loop, the range is 5 bits
1693 			 * worth of the aligned size remaining.
1694 			 * The range in pages is:
1695 			 *
1696 			 * range = (num_pages & (0x1f << __ffs(num_pages)))
1697 			 */
1698 			unsigned long scale, num;
1699 
1700 			/* Determine the power of 2 multiple number of pages */
1701 			scale = __ffs(num_pages);
1702 			cmd.tlbi.scale = scale;
1703 
1704 			/* Determine how many chunks of 2^scale size we have */
1705 			num = (num_pages >> scale) & CMDQ_TLBI_RANGE_NUM_MAX;
1706 			cmd.tlbi.num = num - 1;
1707 
1708 			/* range is num * 2^scale * pgsize */
1709 			inv_range = num << (scale + tg);
1710 
1711 			/* Clear out the lower order bits for the next iteration */
1712 			num_pages -= num << scale;
1713 		}
1714 
1715 		cmd.tlbi.addr = iova;
1716 		arm_smmu_cmdq_batch_add(smmu, &cmds, &cmd);
1717 		iova += inv_range;
1718 	}
1719 	arm_smmu_cmdq_batch_submit(smmu, &cmds);
1720 
1721 	/*
1722 	 * Unfortunately, this can't be leaf-only since we may have
1723 	 * zapped an entire table.
1724 	 */
1725 	arm_smmu_atc_inv_domain(smmu_domain, 0, start, size);
1726 }
1727 
1728 static void arm_smmu_tlb_inv_page_nosync(struct iommu_iotlb_gather *gather,
1729 					 unsigned long iova, size_t granule,
1730 					 void *cookie)
1731 {
1732 	struct arm_smmu_domain *smmu_domain = cookie;
1733 	struct iommu_domain *domain = &smmu_domain->domain;
1734 
1735 	iommu_iotlb_gather_add_page(domain, gather, iova, granule);
1736 }
1737 
1738 static void arm_smmu_tlb_inv_walk(unsigned long iova, size_t size,
1739 				  size_t granule, void *cookie)
1740 {
1741 	arm_smmu_tlb_inv_range(iova, size, granule, false, cookie);
1742 }
1743 
1744 static void arm_smmu_tlb_inv_leaf(unsigned long iova, size_t size,
1745 				  size_t granule, void *cookie)
1746 {
1747 	arm_smmu_tlb_inv_range(iova, size, granule, true, cookie);
1748 }
1749 
1750 static const struct iommu_flush_ops arm_smmu_flush_ops = {
1751 	.tlb_flush_all	= arm_smmu_tlb_inv_context,
1752 	.tlb_flush_walk = arm_smmu_tlb_inv_walk,
1753 	.tlb_flush_leaf = arm_smmu_tlb_inv_leaf,
1754 	.tlb_add_page	= arm_smmu_tlb_inv_page_nosync,
1755 };
1756 
1757 /* IOMMU API */
1758 static bool arm_smmu_capable(enum iommu_cap cap)
1759 {
1760 	switch (cap) {
1761 	case IOMMU_CAP_CACHE_COHERENCY:
1762 		return true;
1763 	case IOMMU_CAP_NOEXEC:
1764 		return true;
1765 	default:
1766 		return false;
1767 	}
1768 }
1769 
1770 static struct iommu_domain *arm_smmu_domain_alloc(unsigned type)
1771 {
1772 	struct arm_smmu_domain *smmu_domain;
1773 
1774 	if (type != IOMMU_DOMAIN_UNMANAGED &&
1775 	    type != IOMMU_DOMAIN_DMA &&
1776 	    type != IOMMU_DOMAIN_IDENTITY)
1777 		return NULL;
1778 
1779 	/*
1780 	 * Allocate the domain and initialise some of its data structures.
1781 	 * We can't really do anything meaningful until we've added a
1782 	 * master.
1783 	 */
1784 	smmu_domain = kzalloc(sizeof(*smmu_domain), GFP_KERNEL);
1785 	if (!smmu_domain)
1786 		return NULL;
1787 
1788 	if (type == IOMMU_DOMAIN_DMA &&
1789 	    iommu_get_dma_cookie(&smmu_domain->domain)) {
1790 		kfree(smmu_domain);
1791 		return NULL;
1792 	}
1793 
1794 	mutex_init(&smmu_domain->init_mutex);
1795 	INIT_LIST_HEAD(&smmu_domain->devices);
1796 	spin_lock_init(&smmu_domain->devices_lock);
1797 
1798 	return &smmu_domain->domain;
1799 }
1800 
1801 static int arm_smmu_bitmap_alloc(unsigned long *map, int span)
1802 {
1803 	int idx, size = 1 << span;
1804 
1805 	do {
1806 		idx = find_first_zero_bit(map, size);
1807 		if (idx == size)
1808 			return -ENOSPC;
1809 	} while (test_and_set_bit(idx, map));
1810 
1811 	return idx;
1812 }
1813 
1814 static void arm_smmu_bitmap_free(unsigned long *map, int idx)
1815 {
1816 	clear_bit(idx, map);
1817 }
1818 
1819 static void arm_smmu_domain_free(struct iommu_domain *domain)
1820 {
1821 	struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
1822 	struct arm_smmu_device *smmu = smmu_domain->smmu;
1823 
1824 	iommu_put_dma_cookie(domain);
1825 	free_io_pgtable_ops(smmu_domain->pgtbl_ops);
1826 
1827 	/* Free the CD and ASID, if we allocated them */
1828 	if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
1829 		struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;
1830 
1831 		/* Prevent SVA from touching the CD while we're freeing it */
1832 		mutex_lock(&arm_smmu_asid_lock);
1833 		if (cfg->cdcfg.cdtab)
1834 			arm_smmu_free_cd_tables(smmu_domain);
1835 		arm_smmu_free_asid(&cfg->cd);
1836 		mutex_unlock(&arm_smmu_asid_lock);
1837 	} else {
1838 		struct arm_smmu_s2_cfg *cfg = &smmu_domain->s2_cfg;
1839 		if (cfg->vmid)
1840 			arm_smmu_bitmap_free(smmu->vmid_map, cfg->vmid);
1841 	}
1842 
1843 	kfree(smmu_domain);
1844 }
1845 
1846 static int arm_smmu_domain_finalise_s1(struct arm_smmu_domain *smmu_domain,
1847 				       struct arm_smmu_master *master,
1848 				       struct io_pgtable_cfg *pgtbl_cfg)
1849 {
1850 	int ret;
1851 	u32 asid;
1852 	struct arm_smmu_device *smmu = smmu_domain->smmu;
1853 	struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;
1854 	typeof(&pgtbl_cfg->arm_lpae_s1_cfg.tcr) tcr = &pgtbl_cfg->arm_lpae_s1_cfg.tcr;
1855 
1856 	refcount_set(&cfg->cd.refs, 1);
1857 
1858 	/* Prevent SVA from modifying the ASID until it is written to the CD */
1859 	mutex_lock(&arm_smmu_asid_lock);
1860 	ret = xa_alloc(&arm_smmu_asid_xa, &asid, &cfg->cd,
1861 		       XA_LIMIT(1, (1 << smmu->asid_bits) - 1), GFP_KERNEL);
1862 	if (ret)
1863 		goto out_unlock;
1864 
1865 	cfg->s1cdmax = master->ssid_bits;
1866 
1867 	ret = arm_smmu_alloc_cd_tables(smmu_domain);
1868 	if (ret)
1869 		goto out_free_asid;
1870 
1871 	cfg->cd.asid	= (u16)asid;
1872 	cfg->cd.ttbr	= pgtbl_cfg->arm_lpae_s1_cfg.ttbr;
1873 	cfg->cd.tcr	= FIELD_PREP(CTXDESC_CD_0_TCR_T0SZ, tcr->tsz) |
1874 			  FIELD_PREP(CTXDESC_CD_0_TCR_TG0, tcr->tg) |
1875 			  FIELD_PREP(CTXDESC_CD_0_TCR_IRGN0, tcr->irgn) |
1876 			  FIELD_PREP(CTXDESC_CD_0_TCR_ORGN0, tcr->orgn) |
1877 			  FIELD_PREP(CTXDESC_CD_0_TCR_SH0, tcr->sh) |
1878 			  FIELD_PREP(CTXDESC_CD_0_TCR_IPS, tcr->ips) |
1879 			  CTXDESC_CD_0_TCR_EPD1 | CTXDESC_CD_0_AA64;
1880 	cfg->cd.mair	= pgtbl_cfg->arm_lpae_s1_cfg.mair;
1881 
1882 	/*
1883 	 * Note that this will end up calling arm_smmu_sync_cd() before
1884 	 * the master has been added to the devices list for this domain.
1885 	 * This isn't an issue because the STE hasn't been installed yet.
1886 	 */
1887 	ret = arm_smmu_write_ctx_desc(smmu_domain, 0, &cfg->cd);
1888 	if (ret)
1889 		goto out_free_cd_tables;
1890 
1891 	mutex_unlock(&arm_smmu_asid_lock);
1892 	return 0;
1893 
1894 out_free_cd_tables:
1895 	arm_smmu_free_cd_tables(smmu_domain);
1896 out_free_asid:
1897 	arm_smmu_free_asid(&cfg->cd);
1898 out_unlock:
1899 	mutex_unlock(&arm_smmu_asid_lock);
1900 	return ret;
1901 }
1902 
1903 static int arm_smmu_domain_finalise_s2(struct arm_smmu_domain *smmu_domain,
1904 				       struct arm_smmu_master *master,
1905 				       struct io_pgtable_cfg *pgtbl_cfg)
1906 {
1907 	int vmid;
1908 	struct arm_smmu_device *smmu = smmu_domain->smmu;
1909 	struct arm_smmu_s2_cfg *cfg = &smmu_domain->s2_cfg;
1910 	typeof(&pgtbl_cfg->arm_lpae_s2_cfg.vtcr) vtcr;
1911 
1912 	vmid = arm_smmu_bitmap_alloc(smmu->vmid_map, smmu->vmid_bits);
1913 	if (vmid < 0)
1914 		return vmid;
1915 
1916 	vtcr = &pgtbl_cfg->arm_lpae_s2_cfg.vtcr;
1917 	cfg->vmid	= (u16)vmid;
1918 	cfg->vttbr	= pgtbl_cfg->arm_lpae_s2_cfg.vttbr;
1919 	cfg->vtcr	= FIELD_PREP(STRTAB_STE_2_VTCR_S2T0SZ, vtcr->tsz) |
1920 			  FIELD_PREP(STRTAB_STE_2_VTCR_S2SL0, vtcr->sl) |
1921 			  FIELD_PREP(STRTAB_STE_2_VTCR_S2IR0, vtcr->irgn) |
1922 			  FIELD_PREP(STRTAB_STE_2_VTCR_S2OR0, vtcr->orgn) |
1923 			  FIELD_PREP(STRTAB_STE_2_VTCR_S2SH0, vtcr->sh) |
1924 			  FIELD_PREP(STRTAB_STE_2_VTCR_S2TG, vtcr->tg) |
1925 			  FIELD_PREP(STRTAB_STE_2_VTCR_S2PS, vtcr->ps);
1926 	return 0;
1927 }
1928 
1929 static int arm_smmu_domain_finalise(struct iommu_domain *domain,
1930 				    struct arm_smmu_master *master)
1931 {
1932 	int ret;
1933 	unsigned long ias, oas;
1934 	enum io_pgtable_fmt fmt;
1935 	struct io_pgtable_cfg pgtbl_cfg;
1936 	struct io_pgtable_ops *pgtbl_ops;
1937 	int (*finalise_stage_fn)(struct arm_smmu_domain *,
1938 				 struct arm_smmu_master *,
1939 				 struct io_pgtable_cfg *);
1940 	struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
1941 	struct arm_smmu_device *smmu = smmu_domain->smmu;
1942 
1943 	if (domain->type == IOMMU_DOMAIN_IDENTITY) {
1944 		smmu_domain->stage = ARM_SMMU_DOMAIN_BYPASS;
1945 		return 0;
1946 	}
1947 
1948 	/* Restrict the stage to what we can actually support */
1949 	if (!(smmu->features & ARM_SMMU_FEAT_TRANS_S1))
1950 		smmu_domain->stage = ARM_SMMU_DOMAIN_S2;
1951 	if (!(smmu->features & ARM_SMMU_FEAT_TRANS_S2))
1952 		smmu_domain->stage = ARM_SMMU_DOMAIN_S1;
1953 
1954 	switch (smmu_domain->stage) {
1955 	case ARM_SMMU_DOMAIN_S1:
1956 		ias = (smmu->features & ARM_SMMU_FEAT_VAX) ? 52 : 48;
1957 		ias = min_t(unsigned long, ias, VA_BITS);
1958 		oas = smmu->ias;
1959 		fmt = ARM_64_LPAE_S1;
1960 		finalise_stage_fn = arm_smmu_domain_finalise_s1;
1961 		break;
1962 	case ARM_SMMU_DOMAIN_NESTED:
1963 	case ARM_SMMU_DOMAIN_S2:
1964 		ias = smmu->ias;
1965 		oas = smmu->oas;
1966 		fmt = ARM_64_LPAE_S2;
1967 		finalise_stage_fn = arm_smmu_domain_finalise_s2;
1968 		break;
1969 	default:
1970 		return -EINVAL;
1971 	}
1972 
1973 	pgtbl_cfg = (struct io_pgtable_cfg) {
1974 		.pgsize_bitmap	= smmu->pgsize_bitmap,
1975 		.ias		= ias,
1976 		.oas		= oas,
1977 		.coherent_walk	= smmu->features & ARM_SMMU_FEAT_COHERENCY,
1978 		.tlb		= &arm_smmu_flush_ops,
1979 		.iommu_dev	= smmu->dev,
1980 	};
1981 
1982 	if (smmu_domain->non_strict)
1983 		pgtbl_cfg.quirks |= IO_PGTABLE_QUIRK_NON_STRICT;
1984 
1985 	pgtbl_ops = alloc_io_pgtable_ops(fmt, &pgtbl_cfg, smmu_domain);
1986 	if (!pgtbl_ops)
1987 		return -ENOMEM;
1988 
1989 	domain->pgsize_bitmap = pgtbl_cfg.pgsize_bitmap;
1990 	domain->geometry.aperture_end = (1UL << pgtbl_cfg.ias) - 1;
1991 	domain->geometry.force_aperture = true;
1992 
1993 	ret = finalise_stage_fn(smmu_domain, master, &pgtbl_cfg);
1994 	if (ret < 0) {
1995 		free_io_pgtable_ops(pgtbl_ops);
1996 		return ret;
1997 	}
1998 
1999 	smmu_domain->pgtbl_ops = pgtbl_ops;
2000 	return 0;
2001 }
2002 
2003 static __le64 *arm_smmu_get_step_for_sid(struct arm_smmu_device *smmu, u32 sid)
2004 {
2005 	__le64 *step;
2006 	struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
2007 
2008 	if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) {
2009 		struct arm_smmu_strtab_l1_desc *l1_desc;
2010 		int idx;
2011 
2012 		/* Two-level walk */
2013 		idx = (sid >> STRTAB_SPLIT) * STRTAB_L1_DESC_DWORDS;
2014 		l1_desc = &cfg->l1_desc[idx];
2015 		idx = (sid & ((1 << STRTAB_SPLIT) - 1)) * STRTAB_STE_DWORDS;
2016 		step = &l1_desc->l2ptr[idx];
2017 	} else {
2018 		/* Simple linear lookup */
2019 		step = &cfg->strtab[sid * STRTAB_STE_DWORDS];
2020 	}
2021 
2022 	return step;
2023 }
2024 
2025 static void arm_smmu_install_ste_for_dev(struct arm_smmu_master *master)
2026 {
2027 	int i, j;
2028 	struct arm_smmu_device *smmu = master->smmu;
2029 
2030 	for (i = 0; i < master->num_sids; ++i) {
2031 		u32 sid = master->sids[i];
2032 		__le64 *step = arm_smmu_get_step_for_sid(smmu, sid);
2033 
2034 		/* Bridged PCI devices may end up with duplicated IDs */
2035 		for (j = 0; j < i; j++)
2036 			if (master->sids[j] == sid)
2037 				break;
2038 		if (j < i)
2039 			continue;
2040 
2041 		arm_smmu_write_strtab_ent(master, sid, step);
2042 	}
2043 }
2044 
2045 static bool arm_smmu_ats_supported(struct arm_smmu_master *master)
2046 {
2047 	struct device *dev = master->dev;
2048 	struct arm_smmu_device *smmu = master->smmu;
2049 	struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2050 
2051 	if (!(smmu->features & ARM_SMMU_FEAT_ATS))
2052 		return false;
2053 
2054 	if (!(fwspec->flags & IOMMU_FWSPEC_PCI_RC_ATS))
2055 		return false;
2056 
2057 	return dev_is_pci(dev) && pci_ats_supported(to_pci_dev(dev));
2058 }
2059 
2060 static void arm_smmu_enable_ats(struct arm_smmu_master *master)
2061 {
2062 	size_t stu;
2063 	struct pci_dev *pdev;
2064 	struct arm_smmu_device *smmu = master->smmu;
2065 	struct arm_smmu_domain *smmu_domain = master->domain;
2066 
2067 	/* Don't enable ATS at the endpoint if it's not enabled in the STE */
2068 	if (!master->ats_enabled)
2069 		return;
2070 
2071 	/* Smallest Translation Unit: log2 of the smallest supported granule */
2072 	stu = __ffs(smmu->pgsize_bitmap);
2073 	pdev = to_pci_dev(master->dev);
2074 
2075 	atomic_inc(&smmu_domain->nr_ats_masters);
2076 	arm_smmu_atc_inv_domain(smmu_domain, 0, 0, 0);
2077 	if (pci_enable_ats(pdev, stu))
2078 		dev_err(master->dev, "Failed to enable ATS (STU %zu)\n", stu);
2079 }
2080 
2081 static void arm_smmu_disable_ats(struct arm_smmu_master *master)
2082 {
2083 	struct arm_smmu_domain *smmu_domain = master->domain;
2084 
2085 	if (!master->ats_enabled)
2086 		return;
2087 
2088 	pci_disable_ats(to_pci_dev(master->dev));
2089 	/*
2090 	 * Ensure ATS is disabled at the endpoint before we issue the
2091 	 * ATC invalidation via the SMMU.
2092 	 */
2093 	wmb();
2094 	arm_smmu_atc_inv_master(master);
2095 	atomic_dec(&smmu_domain->nr_ats_masters);
2096 }
2097 
2098 static int arm_smmu_enable_pasid(struct arm_smmu_master *master)
2099 {
2100 	int ret;
2101 	int features;
2102 	int num_pasids;
2103 	struct pci_dev *pdev;
2104 
2105 	if (!dev_is_pci(master->dev))
2106 		return -ENODEV;
2107 
2108 	pdev = to_pci_dev(master->dev);
2109 
2110 	features = pci_pasid_features(pdev);
2111 	if (features < 0)
2112 		return features;
2113 
2114 	num_pasids = pci_max_pasids(pdev);
2115 	if (num_pasids <= 0)
2116 		return num_pasids;
2117 
2118 	ret = pci_enable_pasid(pdev, features);
2119 	if (ret) {
2120 		dev_err(&pdev->dev, "Failed to enable PASID\n");
2121 		return ret;
2122 	}
2123 
2124 	master->ssid_bits = min_t(u8, ilog2(num_pasids),
2125 				  master->smmu->ssid_bits);
2126 	return 0;
2127 }
2128 
2129 static void arm_smmu_disable_pasid(struct arm_smmu_master *master)
2130 {
2131 	struct pci_dev *pdev;
2132 
2133 	if (!dev_is_pci(master->dev))
2134 		return;
2135 
2136 	pdev = to_pci_dev(master->dev);
2137 
2138 	if (!pdev->pasid_enabled)
2139 		return;
2140 
2141 	master->ssid_bits = 0;
2142 	pci_disable_pasid(pdev);
2143 }
2144 
2145 static void arm_smmu_detach_dev(struct arm_smmu_master *master)
2146 {
2147 	unsigned long flags;
2148 	struct arm_smmu_domain *smmu_domain = master->domain;
2149 
2150 	if (!smmu_domain)
2151 		return;
2152 
2153 	arm_smmu_disable_ats(master);
2154 
2155 	spin_lock_irqsave(&smmu_domain->devices_lock, flags);
2156 	list_del(&master->domain_head);
2157 	spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);
2158 
2159 	master->domain = NULL;
2160 	master->ats_enabled = false;
2161 	arm_smmu_install_ste_for_dev(master);
2162 }
2163 
2164 static int arm_smmu_attach_dev(struct iommu_domain *domain, struct device *dev)
2165 {
2166 	int ret = 0;
2167 	unsigned long flags;
2168 	struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2169 	struct arm_smmu_device *smmu;
2170 	struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2171 	struct arm_smmu_master *master;
2172 
2173 	if (!fwspec)
2174 		return -ENOENT;
2175 
2176 	master = dev_iommu_priv_get(dev);
2177 	smmu = master->smmu;
2178 
2179 	/*
2180 	 * Checking that SVA is disabled ensures that this device isn't bound to
2181 	 * any mm, and can be safely detached from its old domain. Bonds cannot
2182 	 * be removed concurrently since we're holding the group mutex.
2183 	 */
2184 	if (arm_smmu_master_sva_enabled(master)) {
2185 		dev_err(dev, "cannot attach - SVA enabled\n");
2186 		return -EBUSY;
2187 	}
2188 
2189 	arm_smmu_detach_dev(master);
2190 
2191 	mutex_lock(&smmu_domain->init_mutex);
2192 
2193 	if (!smmu_domain->smmu) {
2194 		smmu_domain->smmu = smmu;
2195 		ret = arm_smmu_domain_finalise(domain, master);
2196 		if (ret) {
2197 			smmu_domain->smmu = NULL;
2198 			goto out_unlock;
2199 		}
2200 	} else if (smmu_domain->smmu != smmu) {
2201 		dev_err(dev,
2202 			"cannot attach to SMMU %s (upstream of %s)\n",
2203 			dev_name(smmu_domain->smmu->dev),
2204 			dev_name(smmu->dev));
2205 		ret = -ENXIO;
2206 		goto out_unlock;
2207 	} else if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1 &&
2208 		   master->ssid_bits != smmu_domain->s1_cfg.s1cdmax) {
2209 		dev_err(dev,
2210 			"cannot attach to incompatible domain (%u SSID bits != %u)\n",
2211 			smmu_domain->s1_cfg.s1cdmax, master->ssid_bits);
2212 		ret = -EINVAL;
2213 		goto out_unlock;
2214 	}
2215 
2216 	master->domain = smmu_domain;
2217 
2218 	if (smmu_domain->stage != ARM_SMMU_DOMAIN_BYPASS)
2219 		master->ats_enabled = arm_smmu_ats_supported(master);
2220 
2221 	arm_smmu_install_ste_for_dev(master);
2222 
2223 	spin_lock_irqsave(&smmu_domain->devices_lock, flags);
2224 	list_add(&master->domain_head, &smmu_domain->devices);
2225 	spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);
2226 
2227 	arm_smmu_enable_ats(master);
2228 
2229 out_unlock:
2230 	mutex_unlock(&smmu_domain->init_mutex);
2231 	return ret;
2232 }
2233 
2234 static int arm_smmu_map(struct iommu_domain *domain, unsigned long iova,
2235 			phys_addr_t paddr, size_t size, int prot, gfp_t gfp)
2236 {
2237 	struct io_pgtable_ops *ops = to_smmu_domain(domain)->pgtbl_ops;
2238 
2239 	if (!ops)
2240 		return -ENODEV;
2241 
2242 	return ops->map(ops, iova, paddr, size, prot, gfp);
2243 }
2244 
2245 static size_t arm_smmu_unmap(struct iommu_domain *domain, unsigned long iova,
2246 			     size_t size, struct iommu_iotlb_gather *gather)
2247 {
2248 	struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2249 	struct io_pgtable_ops *ops = smmu_domain->pgtbl_ops;
2250 
2251 	if (!ops)
2252 		return 0;
2253 
2254 	return ops->unmap(ops, iova, size, gather);
2255 }
2256 
2257 static void arm_smmu_flush_iotlb_all(struct iommu_domain *domain)
2258 {
2259 	struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2260 
2261 	if (smmu_domain->smmu)
2262 		arm_smmu_tlb_inv_context(smmu_domain);
2263 }
2264 
2265 static void arm_smmu_iotlb_sync(struct iommu_domain *domain,
2266 				struct iommu_iotlb_gather *gather)
2267 {
2268 	struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2269 
2270 	arm_smmu_tlb_inv_range(gather->start, gather->end - gather->start,
2271 			       gather->pgsize, true, smmu_domain);
2272 }
2273 
2274 static phys_addr_t
2275 arm_smmu_iova_to_phys(struct iommu_domain *domain, dma_addr_t iova)
2276 {
2277 	struct io_pgtable_ops *ops = to_smmu_domain(domain)->pgtbl_ops;
2278 
2279 	if (domain->type == IOMMU_DOMAIN_IDENTITY)
2280 		return iova;
2281 
2282 	if (!ops)
2283 		return 0;
2284 
2285 	return ops->iova_to_phys(ops, iova);
2286 }
2287 
2288 static struct platform_driver arm_smmu_driver;
2289 
2290 static
2291 struct arm_smmu_device *arm_smmu_get_by_fwnode(struct fwnode_handle *fwnode)
2292 {
2293 	struct device *dev = driver_find_device_by_fwnode(&arm_smmu_driver.driver,
2294 							  fwnode);
2295 	put_device(dev);
2296 	return dev ? dev_get_drvdata(dev) : NULL;
2297 }
2298 
2299 static bool arm_smmu_sid_in_range(struct arm_smmu_device *smmu, u32 sid)
2300 {
2301 	unsigned long limit = smmu->strtab_cfg.num_l1_ents;
2302 
2303 	if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB)
2304 		limit *= 1UL << STRTAB_SPLIT;
2305 
2306 	return sid < limit;
2307 }
2308 
2309 static struct iommu_ops arm_smmu_ops;
2310 
2311 static struct iommu_device *arm_smmu_probe_device(struct device *dev)
2312 {
2313 	int i, ret;
2314 	struct arm_smmu_device *smmu;
2315 	struct arm_smmu_master *master;
2316 	struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2317 
2318 	if (!fwspec || fwspec->ops != &arm_smmu_ops)
2319 		return ERR_PTR(-ENODEV);
2320 
2321 	if (WARN_ON_ONCE(dev_iommu_priv_get(dev)))
2322 		return ERR_PTR(-EBUSY);
2323 
2324 	smmu = arm_smmu_get_by_fwnode(fwspec->iommu_fwnode);
2325 	if (!smmu)
2326 		return ERR_PTR(-ENODEV);
2327 
2328 	master = kzalloc(sizeof(*master), GFP_KERNEL);
2329 	if (!master)
2330 		return ERR_PTR(-ENOMEM);
2331 
2332 	master->dev = dev;
2333 	master->smmu = smmu;
2334 	master->sids = fwspec->ids;
2335 	master->num_sids = fwspec->num_ids;
2336 	INIT_LIST_HEAD(&master->bonds);
2337 	dev_iommu_priv_set(dev, master);
2338 
2339 	/* Check the SIDs are in range of the SMMU and our stream table */
2340 	for (i = 0; i < master->num_sids; i++) {
2341 		u32 sid = master->sids[i];
2342 
2343 		if (!arm_smmu_sid_in_range(smmu, sid)) {
2344 			ret = -ERANGE;
2345 			goto err_free_master;
2346 		}
2347 
2348 		/* Ensure l2 strtab is initialised */
2349 		if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) {
2350 			ret = arm_smmu_init_l2_strtab(smmu, sid);
2351 			if (ret)
2352 				goto err_free_master;
2353 		}
2354 	}
2355 
2356 	master->ssid_bits = min(smmu->ssid_bits, fwspec->num_pasid_bits);
2357 
2358 	/*
2359 	 * Note that PASID must be enabled before, and disabled after ATS:
2360 	 * PCI Express Base 4.0r1.0 - 10.5.1.3 ATS Control Register
2361 	 *
2362 	 *   Behavior is undefined if this bit is Set and the value of the PASID
2363 	 *   Enable, Execute Requested Enable, or Privileged Mode Requested bits
2364 	 *   are changed.
2365 	 */
2366 	arm_smmu_enable_pasid(master);
2367 
2368 	if (!(smmu->features & ARM_SMMU_FEAT_2_LVL_CDTAB))
2369 		master->ssid_bits = min_t(u8, master->ssid_bits,
2370 					  CTXDESC_LINEAR_CDMAX);
2371 
2372 	return &smmu->iommu;
2373 
2374 err_free_master:
2375 	kfree(master);
2376 	dev_iommu_priv_set(dev, NULL);
2377 	return ERR_PTR(ret);
2378 }
2379 
2380 static void arm_smmu_release_device(struct device *dev)
2381 {
2382 	struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
2383 	struct arm_smmu_master *master;
2384 
2385 	if (!fwspec || fwspec->ops != &arm_smmu_ops)
2386 		return;
2387 
2388 	master = dev_iommu_priv_get(dev);
2389 	WARN_ON(arm_smmu_master_sva_enabled(master));
2390 	arm_smmu_detach_dev(master);
2391 	arm_smmu_disable_pasid(master);
2392 	kfree(master);
2393 	iommu_fwspec_free(dev);
2394 }
2395 
2396 static struct iommu_group *arm_smmu_device_group(struct device *dev)
2397 {
2398 	struct iommu_group *group;
2399 
2400 	/*
2401 	 * We don't support devices sharing stream IDs other than PCI RID
2402 	 * aliases, since the necessary ID-to-device lookup becomes rather
2403 	 * impractical given a potential sparse 32-bit stream ID space.
2404 	 */
2405 	if (dev_is_pci(dev))
2406 		group = pci_device_group(dev);
2407 	else
2408 		group = generic_device_group(dev);
2409 
2410 	return group;
2411 }
2412 
2413 static int arm_smmu_domain_get_attr(struct iommu_domain *domain,
2414 				    enum iommu_attr attr, void *data)
2415 {
2416 	struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2417 
2418 	switch (domain->type) {
2419 	case IOMMU_DOMAIN_UNMANAGED:
2420 		switch (attr) {
2421 		case DOMAIN_ATTR_NESTING:
2422 			*(int *)data = (smmu_domain->stage == ARM_SMMU_DOMAIN_NESTED);
2423 			return 0;
2424 		default:
2425 			return -ENODEV;
2426 		}
2427 		break;
2428 	case IOMMU_DOMAIN_DMA:
2429 		switch (attr) {
2430 		case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE:
2431 			*(int *)data = smmu_domain->non_strict;
2432 			return 0;
2433 		default:
2434 			return -ENODEV;
2435 		}
2436 		break;
2437 	default:
2438 		return -EINVAL;
2439 	}
2440 }
2441 
2442 static int arm_smmu_domain_set_attr(struct iommu_domain *domain,
2443 				    enum iommu_attr attr, void *data)
2444 {
2445 	int ret = 0;
2446 	struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
2447 
2448 	mutex_lock(&smmu_domain->init_mutex);
2449 
2450 	switch (domain->type) {
2451 	case IOMMU_DOMAIN_UNMANAGED:
2452 		switch (attr) {
2453 		case DOMAIN_ATTR_NESTING:
2454 			if (smmu_domain->smmu) {
2455 				ret = -EPERM;
2456 				goto out_unlock;
2457 			}
2458 
2459 			if (*(int *)data)
2460 				smmu_domain->stage = ARM_SMMU_DOMAIN_NESTED;
2461 			else
2462 				smmu_domain->stage = ARM_SMMU_DOMAIN_S1;
2463 			break;
2464 		default:
2465 			ret = -ENODEV;
2466 		}
2467 		break;
2468 	case IOMMU_DOMAIN_DMA:
2469 		switch(attr) {
2470 		case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE:
2471 			smmu_domain->non_strict = *(int *)data;
2472 			break;
2473 		default:
2474 			ret = -ENODEV;
2475 		}
2476 		break;
2477 	default:
2478 		ret = -EINVAL;
2479 	}
2480 
2481 out_unlock:
2482 	mutex_unlock(&smmu_domain->init_mutex);
2483 	return ret;
2484 }
2485 
2486 static int arm_smmu_of_xlate(struct device *dev, struct of_phandle_args *args)
2487 {
2488 	return iommu_fwspec_add_ids(dev, args->args, 1);
2489 }
2490 
2491 static void arm_smmu_get_resv_regions(struct device *dev,
2492 				      struct list_head *head)
2493 {
2494 	struct iommu_resv_region *region;
2495 	int prot = IOMMU_WRITE | IOMMU_NOEXEC | IOMMU_MMIO;
2496 
2497 	region = iommu_alloc_resv_region(MSI_IOVA_BASE, MSI_IOVA_LENGTH,
2498 					 prot, IOMMU_RESV_SW_MSI);
2499 	if (!region)
2500 		return;
2501 
2502 	list_add_tail(&region->list, head);
2503 
2504 	iommu_dma_get_resv_regions(dev, head);
2505 }
2506 
2507 static bool arm_smmu_dev_has_feature(struct device *dev,
2508 				     enum iommu_dev_features feat)
2509 {
2510 	struct arm_smmu_master *master = dev_iommu_priv_get(dev);
2511 
2512 	if (!master)
2513 		return false;
2514 
2515 	switch (feat) {
2516 	case IOMMU_DEV_FEAT_SVA:
2517 		return arm_smmu_master_sva_supported(master);
2518 	default:
2519 		return false;
2520 	}
2521 }
2522 
2523 static bool arm_smmu_dev_feature_enabled(struct device *dev,
2524 					 enum iommu_dev_features feat)
2525 {
2526 	struct arm_smmu_master *master = dev_iommu_priv_get(dev);
2527 
2528 	if (!master)
2529 		return false;
2530 
2531 	switch (feat) {
2532 	case IOMMU_DEV_FEAT_SVA:
2533 		return arm_smmu_master_sva_enabled(master);
2534 	default:
2535 		return false;
2536 	}
2537 }
2538 
2539 static int arm_smmu_dev_enable_feature(struct device *dev,
2540 				       enum iommu_dev_features feat)
2541 {
2542 	if (!arm_smmu_dev_has_feature(dev, feat))
2543 		return -ENODEV;
2544 
2545 	if (arm_smmu_dev_feature_enabled(dev, feat))
2546 		return -EBUSY;
2547 
2548 	switch (feat) {
2549 	case IOMMU_DEV_FEAT_SVA:
2550 		return arm_smmu_master_enable_sva(dev_iommu_priv_get(dev));
2551 	default:
2552 		return -EINVAL;
2553 	}
2554 }
2555 
2556 static int arm_smmu_dev_disable_feature(struct device *dev,
2557 					enum iommu_dev_features feat)
2558 {
2559 	if (!arm_smmu_dev_feature_enabled(dev, feat))
2560 		return -EINVAL;
2561 
2562 	switch (feat) {
2563 	case IOMMU_DEV_FEAT_SVA:
2564 		return arm_smmu_master_disable_sva(dev_iommu_priv_get(dev));
2565 	default:
2566 		return -EINVAL;
2567 	}
2568 }
2569 
2570 static struct iommu_ops arm_smmu_ops = {
2571 	.capable		= arm_smmu_capable,
2572 	.domain_alloc		= arm_smmu_domain_alloc,
2573 	.domain_free		= arm_smmu_domain_free,
2574 	.attach_dev		= arm_smmu_attach_dev,
2575 	.map			= arm_smmu_map,
2576 	.unmap			= arm_smmu_unmap,
2577 	.flush_iotlb_all	= arm_smmu_flush_iotlb_all,
2578 	.iotlb_sync		= arm_smmu_iotlb_sync,
2579 	.iova_to_phys		= arm_smmu_iova_to_phys,
2580 	.probe_device		= arm_smmu_probe_device,
2581 	.release_device		= arm_smmu_release_device,
2582 	.device_group		= arm_smmu_device_group,
2583 	.domain_get_attr	= arm_smmu_domain_get_attr,
2584 	.domain_set_attr	= arm_smmu_domain_set_attr,
2585 	.of_xlate		= arm_smmu_of_xlate,
2586 	.get_resv_regions	= arm_smmu_get_resv_regions,
2587 	.put_resv_regions	= generic_iommu_put_resv_regions,
2588 	.dev_has_feat		= arm_smmu_dev_has_feature,
2589 	.dev_feat_enabled	= arm_smmu_dev_feature_enabled,
2590 	.dev_enable_feat	= arm_smmu_dev_enable_feature,
2591 	.dev_disable_feat	= arm_smmu_dev_disable_feature,
2592 	.pgsize_bitmap		= -1UL, /* Restricted during device attach */
2593 };
2594 
2595 /* Probing and initialisation functions */
2596 static int arm_smmu_init_one_queue(struct arm_smmu_device *smmu,
2597 				   struct arm_smmu_queue *q,
2598 				   unsigned long prod_off,
2599 				   unsigned long cons_off,
2600 				   size_t dwords, const char *name)
2601 {
2602 	size_t qsz;
2603 
2604 	do {
2605 		qsz = ((1 << q->llq.max_n_shift) * dwords) << 3;
2606 		q->base = dmam_alloc_coherent(smmu->dev, qsz, &q->base_dma,
2607 					      GFP_KERNEL);
2608 		if (q->base || qsz < PAGE_SIZE)
2609 			break;
2610 
2611 		q->llq.max_n_shift--;
2612 	} while (1);
2613 
2614 	if (!q->base) {
2615 		dev_err(smmu->dev,
2616 			"failed to allocate queue (0x%zx bytes) for %s\n",
2617 			qsz, name);
2618 		return -ENOMEM;
2619 	}
2620 
2621 	if (!WARN_ON(q->base_dma & (qsz - 1))) {
2622 		dev_info(smmu->dev, "allocated %u entries for %s\n",
2623 			 1 << q->llq.max_n_shift, name);
2624 	}
2625 
2626 	q->prod_reg	= arm_smmu_page1_fixup(prod_off, smmu);
2627 	q->cons_reg	= arm_smmu_page1_fixup(cons_off, smmu);
2628 	q->ent_dwords	= dwords;
2629 
2630 	q->q_base  = Q_BASE_RWA;
2631 	q->q_base |= q->base_dma & Q_BASE_ADDR_MASK;
2632 	q->q_base |= FIELD_PREP(Q_BASE_LOG2SIZE, q->llq.max_n_shift);
2633 
2634 	q->llq.prod = q->llq.cons = 0;
2635 	return 0;
2636 }
2637 
2638 static void arm_smmu_cmdq_free_bitmap(void *data)
2639 {
2640 	unsigned long *bitmap = data;
2641 	bitmap_free(bitmap);
2642 }
2643 
2644 static int arm_smmu_cmdq_init(struct arm_smmu_device *smmu)
2645 {
2646 	int ret = 0;
2647 	struct arm_smmu_cmdq *cmdq = &smmu->cmdq;
2648 	unsigned int nents = 1 << cmdq->q.llq.max_n_shift;
2649 	atomic_long_t *bitmap;
2650 
2651 	atomic_set(&cmdq->owner_prod, 0);
2652 	atomic_set(&cmdq->lock, 0);
2653 
2654 	bitmap = (atomic_long_t *)bitmap_zalloc(nents, GFP_KERNEL);
2655 	if (!bitmap) {
2656 		dev_err(smmu->dev, "failed to allocate cmdq bitmap\n");
2657 		ret = -ENOMEM;
2658 	} else {
2659 		cmdq->valid_map = bitmap;
2660 		devm_add_action(smmu->dev, arm_smmu_cmdq_free_bitmap, bitmap);
2661 	}
2662 
2663 	return ret;
2664 }
2665 
2666 static int arm_smmu_init_queues(struct arm_smmu_device *smmu)
2667 {
2668 	int ret;
2669 
2670 	/* cmdq */
2671 	ret = arm_smmu_init_one_queue(smmu, &smmu->cmdq.q, ARM_SMMU_CMDQ_PROD,
2672 				      ARM_SMMU_CMDQ_CONS, CMDQ_ENT_DWORDS,
2673 				      "cmdq");
2674 	if (ret)
2675 		return ret;
2676 
2677 	ret = arm_smmu_cmdq_init(smmu);
2678 	if (ret)
2679 		return ret;
2680 
2681 	/* evtq */
2682 	ret = arm_smmu_init_one_queue(smmu, &smmu->evtq.q, ARM_SMMU_EVTQ_PROD,
2683 				      ARM_SMMU_EVTQ_CONS, EVTQ_ENT_DWORDS,
2684 				      "evtq");
2685 	if (ret)
2686 		return ret;
2687 
2688 	/* priq */
2689 	if (!(smmu->features & ARM_SMMU_FEAT_PRI))
2690 		return 0;
2691 
2692 	return arm_smmu_init_one_queue(smmu, &smmu->priq.q, ARM_SMMU_PRIQ_PROD,
2693 				       ARM_SMMU_PRIQ_CONS, PRIQ_ENT_DWORDS,
2694 				       "priq");
2695 }
2696 
2697 static int arm_smmu_init_l1_strtab(struct arm_smmu_device *smmu)
2698 {
2699 	unsigned int i;
2700 	struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
2701 	size_t size = sizeof(*cfg->l1_desc) * cfg->num_l1_ents;
2702 	void *strtab = smmu->strtab_cfg.strtab;
2703 
2704 	cfg->l1_desc = devm_kzalloc(smmu->dev, size, GFP_KERNEL);
2705 	if (!cfg->l1_desc) {
2706 		dev_err(smmu->dev, "failed to allocate l1 stream table desc\n");
2707 		return -ENOMEM;
2708 	}
2709 
2710 	for (i = 0; i < cfg->num_l1_ents; ++i) {
2711 		arm_smmu_write_strtab_l1_desc(strtab, &cfg->l1_desc[i]);
2712 		strtab += STRTAB_L1_DESC_DWORDS << 3;
2713 	}
2714 
2715 	return 0;
2716 }
2717 
2718 static int arm_smmu_init_strtab_2lvl(struct arm_smmu_device *smmu)
2719 {
2720 	void *strtab;
2721 	u64 reg;
2722 	u32 size, l1size;
2723 	struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
2724 
2725 	/* Calculate the L1 size, capped to the SIDSIZE. */
2726 	size = STRTAB_L1_SZ_SHIFT - (ilog2(STRTAB_L1_DESC_DWORDS) + 3);
2727 	size = min(size, smmu->sid_bits - STRTAB_SPLIT);
2728 	cfg->num_l1_ents = 1 << size;
2729 
2730 	size += STRTAB_SPLIT;
2731 	if (size < smmu->sid_bits)
2732 		dev_warn(smmu->dev,
2733 			 "2-level strtab only covers %u/%u bits of SID\n",
2734 			 size, smmu->sid_bits);
2735 
2736 	l1size = cfg->num_l1_ents * (STRTAB_L1_DESC_DWORDS << 3);
2737 	strtab = dmam_alloc_coherent(smmu->dev, l1size, &cfg->strtab_dma,
2738 				     GFP_KERNEL);
2739 	if (!strtab) {
2740 		dev_err(smmu->dev,
2741 			"failed to allocate l1 stream table (%u bytes)\n",
2742 			l1size);
2743 		return -ENOMEM;
2744 	}
2745 	cfg->strtab = strtab;
2746 
2747 	/* Configure strtab_base_cfg for 2 levels */
2748 	reg  = FIELD_PREP(STRTAB_BASE_CFG_FMT, STRTAB_BASE_CFG_FMT_2LVL);
2749 	reg |= FIELD_PREP(STRTAB_BASE_CFG_LOG2SIZE, size);
2750 	reg |= FIELD_PREP(STRTAB_BASE_CFG_SPLIT, STRTAB_SPLIT);
2751 	cfg->strtab_base_cfg = reg;
2752 
2753 	return arm_smmu_init_l1_strtab(smmu);
2754 }
2755 
2756 static int arm_smmu_init_strtab_linear(struct arm_smmu_device *smmu)
2757 {
2758 	void *strtab;
2759 	u64 reg;
2760 	u32 size;
2761 	struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
2762 
2763 	size = (1 << smmu->sid_bits) * (STRTAB_STE_DWORDS << 3);
2764 	strtab = dmam_alloc_coherent(smmu->dev, size, &cfg->strtab_dma,
2765 				     GFP_KERNEL);
2766 	if (!strtab) {
2767 		dev_err(smmu->dev,
2768 			"failed to allocate linear stream table (%u bytes)\n",
2769 			size);
2770 		return -ENOMEM;
2771 	}
2772 	cfg->strtab = strtab;
2773 	cfg->num_l1_ents = 1 << smmu->sid_bits;
2774 
2775 	/* Configure strtab_base_cfg for a linear table covering all SIDs */
2776 	reg  = FIELD_PREP(STRTAB_BASE_CFG_FMT, STRTAB_BASE_CFG_FMT_LINEAR);
2777 	reg |= FIELD_PREP(STRTAB_BASE_CFG_LOG2SIZE, smmu->sid_bits);
2778 	cfg->strtab_base_cfg = reg;
2779 
2780 	arm_smmu_init_bypass_stes(strtab, cfg->num_l1_ents);
2781 	return 0;
2782 }
2783 
2784 static int arm_smmu_init_strtab(struct arm_smmu_device *smmu)
2785 {
2786 	u64 reg;
2787 	int ret;
2788 
2789 	if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB)
2790 		ret = arm_smmu_init_strtab_2lvl(smmu);
2791 	else
2792 		ret = arm_smmu_init_strtab_linear(smmu);
2793 
2794 	if (ret)
2795 		return ret;
2796 
2797 	/* Set the strtab base address */
2798 	reg  = smmu->strtab_cfg.strtab_dma & STRTAB_BASE_ADDR_MASK;
2799 	reg |= STRTAB_BASE_RA;
2800 	smmu->strtab_cfg.strtab_base = reg;
2801 
2802 	/* Allocate the first VMID for stage-2 bypass STEs */
2803 	set_bit(0, smmu->vmid_map);
2804 	return 0;
2805 }
2806 
2807 static int arm_smmu_init_structures(struct arm_smmu_device *smmu)
2808 {
2809 	int ret;
2810 
2811 	ret = arm_smmu_init_queues(smmu);
2812 	if (ret)
2813 		return ret;
2814 
2815 	return arm_smmu_init_strtab(smmu);
2816 }
2817 
2818 static int arm_smmu_write_reg_sync(struct arm_smmu_device *smmu, u32 val,
2819 				   unsigned int reg_off, unsigned int ack_off)
2820 {
2821 	u32 reg;
2822 
2823 	writel_relaxed(val, smmu->base + reg_off);
2824 	return readl_relaxed_poll_timeout(smmu->base + ack_off, reg, reg == val,
2825 					  1, ARM_SMMU_POLL_TIMEOUT_US);
2826 }
2827 
2828 /* GBPA is "special" */
2829 static int arm_smmu_update_gbpa(struct arm_smmu_device *smmu, u32 set, u32 clr)
2830 {
2831 	int ret;
2832 	u32 reg, __iomem *gbpa = smmu->base + ARM_SMMU_GBPA;
2833 
2834 	ret = readl_relaxed_poll_timeout(gbpa, reg, !(reg & GBPA_UPDATE),
2835 					 1, ARM_SMMU_POLL_TIMEOUT_US);
2836 	if (ret)
2837 		return ret;
2838 
2839 	reg &= ~clr;
2840 	reg |= set;
2841 	writel_relaxed(reg | GBPA_UPDATE, gbpa);
2842 	ret = readl_relaxed_poll_timeout(gbpa, reg, !(reg & GBPA_UPDATE),
2843 					 1, ARM_SMMU_POLL_TIMEOUT_US);
2844 
2845 	if (ret)
2846 		dev_err(smmu->dev, "GBPA not responding to update\n");
2847 	return ret;
2848 }
2849 
2850 static void arm_smmu_free_msis(void *data)
2851 {
2852 	struct device *dev = data;
2853 	platform_msi_domain_free_irqs(dev);
2854 }
2855 
2856 static void arm_smmu_write_msi_msg(struct msi_desc *desc, struct msi_msg *msg)
2857 {
2858 	phys_addr_t doorbell;
2859 	struct device *dev = msi_desc_to_dev(desc);
2860 	struct arm_smmu_device *smmu = dev_get_drvdata(dev);
2861 	phys_addr_t *cfg = arm_smmu_msi_cfg[desc->platform.msi_index];
2862 
2863 	doorbell = (((u64)msg->address_hi) << 32) | msg->address_lo;
2864 	doorbell &= MSI_CFG0_ADDR_MASK;
2865 
2866 	writeq_relaxed(doorbell, smmu->base + cfg[0]);
2867 	writel_relaxed(msg->data, smmu->base + cfg[1]);
2868 	writel_relaxed(ARM_SMMU_MEMATTR_DEVICE_nGnRE, smmu->base + cfg[2]);
2869 }
2870 
2871 static void arm_smmu_setup_msis(struct arm_smmu_device *smmu)
2872 {
2873 	struct msi_desc *desc;
2874 	int ret, nvec = ARM_SMMU_MAX_MSIS;
2875 	struct device *dev = smmu->dev;
2876 
2877 	/* Clear the MSI address regs */
2878 	writeq_relaxed(0, smmu->base + ARM_SMMU_GERROR_IRQ_CFG0);
2879 	writeq_relaxed(0, smmu->base + ARM_SMMU_EVTQ_IRQ_CFG0);
2880 
2881 	if (smmu->features & ARM_SMMU_FEAT_PRI)
2882 		writeq_relaxed(0, smmu->base + ARM_SMMU_PRIQ_IRQ_CFG0);
2883 	else
2884 		nvec--;
2885 
2886 	if (!(smmu->features & ARM_SMMU_FEAT_MSI))
2887 		return;
2888 
2889 	if (!dev->msi_domain) {
2890 		dev_info(smmu->dev, "msi_domain absent - falling back to wired irqs\n");
2891 		return;
2892 	}
2893 
2894 	/* Allocate MSIs for evtq, gerror and priq. Ignore cmdq */
2895 	ret = platform_msi_domain_alloc_irqs(dev, nvec, arm_smmu_write_msi_msg);
2896 	if (ret) {
2897 		dev_warn(dev, "failed to allocate MSIs - falling back to wired irqs\n");
2898 		return;
2899 	}
2900 
2901 	for_each_msi_entry(desc, dev) {
2902 		switch (desc->platform.msi_index) {
2903 		case EVTQ_MSI_INDEX:
2904 			smmu->evtq.q.irq = desc->irq;
2905 			break;
2906 		case GERROR_MSI_INDEX:
2907 			smmu->gerr_irq = desc->irq;
2908 			break;
2909 		case PRIQ_MSI_INDEX:
2910 			smmu->priq.q.irq = desc->irq;
2911 			break;
2912 		default:	/* Unknown */
2913 			continue;
2914 		}
2915 	}
2916 
2917 	/* Add callback to free MSIs on teardown */
2918 	devm_add_action(dev, arm_smmu_free_msis, dev);
2919 }
2920 
2921 static void arm_smmu_setup_unique_irqs(struct arm_smmu_device *smmu)
2922 {
2923 	int irq, ret;
2924 
2925 	arm_smmu_setup_msis(smmu);
2926 
2927 	/* Request interrupt lines */
2928 	irq = smmu->evtq.q.irq;
2929 	if (irq) {
2930 		ret = devm_request_threaded_irq(smmu->dev, irq, NULL,
2931 						arm_smmu_evtq_thread,
2932 						IRQF_ONESHOT,
2933 						"arm-smmu-v3-evtq", smmu);
2934 		if (ret < 0)
2935 			dev_warn(smmu->dev, "failed to enable evtq irq\n");
2936 	} else {
2937 		dev_warn(smmu->dev, "no evtq irq - events will not be reported!\n");
2938 	}
2939 
2940 	irq = smmu->gerr_irq;
2941 	if (irq) {
2942 		ret = devm_request_irq(smmu->dev, irq, arm_smmu_gerror_handler,
2943 				       0, "arm-smmu-v3-gerror", smmu);
2944 		if (ret < 0)
2945 			dev_warn(smmu->dev, "failed to enable gerror irq\n");
2946 	} else {
2947 		dev_warn(smmu->dev, "no gerr irq - errors will not be reported!\n");
2948 	}
2949 
2950 	if (smmu->features & ARM_SMMU_FEAT_PRI) {
2951 		irq = smmu->priq.q.irq;
2952 		if (irq) {
2953 			ret = devm_request_threaded_irq(smmu->dev, irq, NULL,
2954 							arm_smmu_priq_thread,
2955 							IRQF_ONESHOT,
2956 							"arm-smmu-v3-priq",
2957 							smmu);
2958 			if (ret < 0)
2959 				dev_warn(smmu->dev,
2960 					 "failed to enable priq irq\n");
2961 		} else {
2962 			dev_warn(smmu->dev, "no priq irq - PRI will be broken\n");
2963 		}
2964 	}
2965 }
2966 
2967 static int arm_smmu_setup_irqs(struct arm_smmu_device *smmu)
2968 {
2969 	int ret, irq;
2970 	u32 irqen_flags = IRQ_CTRL_EVTQ_IRQEN | IRQ_CTRL_GERROR_IRQEN;
2971 
2972 	/* Disable IRQs first */
2973 	ret = arm_smmu_write_reg_sync(smmu, 0, ARM_SMMU_IRQ_CTRL,
2974 				      ARM_SMMU_IRQ_CTRLACK);
2975 	if (ret) {
2976 		dev_err(smmu->dev, "failed to disable irqs\n");
2977 		return ret;
2978 	}
2979 
2980 	irq = smmu->combined_irq;
2981 	if (irq) {
2982 		/*
2983 		 * Cavium ThunderX2 implementation doesn't support unique irq
2984 		 * lines. Use a single irq line for all the SMMUv3 interrupts.
2985 		 */
2986 		ret = devm_request_threaded_irq(smmu->dev, irq,
2987 					arm_smmu_combined_irq_handler,
2988 					arm_smmu_combined_irq_thread,
2989 					IRQF_ONESHOT,
2990 					"arm-smmu-v3-combined-irq", smmu);
2991 		if (ret < 0)
2992 			dev_warn(smmu->dev, "failed to enable combined irq\n");
2993 	} else
2994 		arm_smmu_setup_unique_irqs(smmu);
2995 
2996 	if (smmu->features & ARM_SMMU_FEAT_PRI)
2997 		irqen_flags |= IRQ_CTRL_PRIQ_IRQEN;
2998 
2999 	/* Enable interrupt generation on the SMMU */
3000 	ret = arm_smmu_write_reg_sync(smmu, irqen_flags,
3001 				      ARM_SMMU_IRQ_CTRL, ARM_SMMU_IRQ_CTRLACK);
3002 	if (ret)
3003 		dev_warn(smmu->dev, "failed to enable irqs\n");
3004 
3005 	return 0;
3006 }
3007 
3008 static int arm_smmu_device_disable(struct arm_smmu_device *smmu)
3009 {
3010 	int ret;
3011 
3012 	ret = arm_smmu_write_reg_sync(smmu, 0, ARM_SMMU_CR0, ARM_SMMU_CR0ACK);
3013 	if (ret)
3014 		dev_err(smmu->dev, "failed to clear cr0\n");
3015 
3016 	return ret;
3017 }
3018 
3019 static int arm_smmu_device_reset(struct arm_smmu_device *smmu, bool bypass)
3020 {
3021 	int ret;
3022 	u32 reg, enables;
3023 	struct arm_smmu_cmdq_ent cmd;
3024 
3025 	/* Clear CR0 and sync (disables SMMU and queue processing) */
3026 	reg = readl_relaxed(smmu->base + ARM_SMMU_CR0);
3027 	if (reg & CR0_SMMUEN) {
3028 		dev_warn(smmu->dev, "SMMU currently enabled! Resetting...\n");
3029 		WARN_ON(is_kdump_kernel() && !disable_bypass);
3030 		arm_smmu_update_gbpa(smmu, GBPA_ABORT, 0);
3031 	}
3032 
3033 	ret = arm_smmu_device_disable(smmu);
3034 	if (ret)
3035 		return ret;
3036 
3037 	/* CR1 (table and queue memory attributes) */
3038 	reg = FIELD_PREP(CR1_TABLE_SH, ARM_SMMU_SH_ISH) |
3039 	      FIELD_PREP(CR1_TABLE_OC, CR1_CACHE_WB) |
3040 	      FIELD_PREP(CR1_TABLE_IC, CR1_CACHE_WB) |
3041 	      FIELD_PREP(CR1_QUEUE_SH, ARM_SMMU_SH_ISH) |
3042 	      FIELD_PREP(CR1_QUEUE_OC, CR1_CACHE_WB) |
3043 	      FIELD_PREP(CR1_QUEUE_IC, CR1_CACHE_WB);
3044 	writel_relaxed(reg, smmu->base + ARM_SMMU_CR1);
3045 
3046 	/* CR2 (random crap) */
3047 	reg = CR2_PTM | CR2_RECINVSID | CR2_E2H;
3048 	writel_relaxed(reg, smmu->base + ARM_SMMU_CR2);
3049 
3050 	/* Stream table */
3051 	writeq_relaxed(smmu->strtab_cfg.strtab_base,
3052 		       smmu->base + ARM_SMMU_STRTAB_BASE);
3053 	writel_relaxed(smmu->strtab_cfg.strtab_base_cfg,
3054 		       smmu->base + ARM_SMMU_STRTAB_BASE_CFG);
3055 
3056 	/* Command queue */
3057 	writeq_relaxed(smmu->cmdq.q.q_base, smmu->base + ARM_SMMU_CMDQ_BASE);
3058 	writel_relaxed(smmu->cmdq.q.llq.prod, smmu->base + ARM_SMMU_CMDQ_PROD);
3059 	writel_relaxed(smmu->cmdq.q.llq.cons, smmu->base + ARM_SMMU_CMDQ_CONS);
3060 
3061 	enables = CR0_CMDQEN;
3062 	ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3063 				      ARM_SMMU_CR0ACK);
3064 	if (ret) {
3065 		dev_err(smmu->dev, "failed to enable command queue\n");
3066 		return ret;
3067 	}
3068 
3069 	/* Invalidate any cached configuration */
3070 	cmd.opcode = CMDQ_OP_CFGI_ALL;
3071 	arm_smmu_cmdq_issue_cmd(smmu, &cmd);
3072 	arm_smmu_cmdq_issue_sync(smmu);
3073 
3074 	/* Invalidate any stale TLB entries */
3075 	if (smmu->features & ARM_SMMU_FEAT_HYP) {
3076 		cmd.opcode = CMDQ_OP_TLBI_EL2_ALL;
3077 		arm_smmu_cmdq_issue_cmd(smmu, &cmd);
3078 	}
3079 
3080 	cmd.opcode = CMDQ_OP_TLBI_NSNH_ALL;
3081 	arm_smmu_cmdq_issue_cmd(smmu, &cmd);
3082 	arm_smmu_cmdq_issue_sync(smmu);
3083 
3084 	/* Event queue */
3085 	writeq_relaxed(smmu->evtq.q.q_base, smmu->base + ARM_SMMU_EVTQ_BASE);
3086 	writel_relaxed(smmu->evtq.q.llq.prod,
3087 		       arm_smmu_page1_fixup(ARM_SMMU_EVTQ_PROD, smmu));
3088 	writel_relaxed(smmu->evtq.q.llq.cons,
3089 		       arm_smmu_page1_fixup(ARM_SMMU_EVTQ_CONS, smmu));
3090 
3091 	enables |= CR0_EVTQEN;
3092 	ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3093 				      ARM_SMMU_CR0ACK);
3094 	if (ret) {
3095 		dev_err(smmu->dev, "failed to enable event queue\n");
3096 		return ret;
3097 	}
3098 
3099 	/* PRI queue */
3100 	if (smmu->features & ARM_SMMU_FEAT_PRI) {
3101 		writeq_relaxed(smmu->priq.q.q_base,
3102 			       smmu->base + ARM_SMMU_PRIQ_BASE);
3103 		writel_relaxed(smmu->priq.q.llq.prod,
3104 			       arm_smmu_page1_fixup(ARM_SMMU_PRIQ_PROD, smmu));
3105 		writel_relaxed(smmu->priq.q.llq.cons,
3106 			       arm_smmu_page1_fixup(ARM_SMMU_PRIQ_CONS, smmu));
3107 
3108 		enables |= CR0_PRIQEN;
3109 		ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3110 					      ARM_SMMU_CR0ACK);
3111 		if (ret) {
3112 			dev_err(smmu->dev, "failed to enable PRI queue\n");
3113 			return ret;
3114 		}
3115 	}
3116 
3117 	if (smmu->features & ARM_SMMU_FEAT_ATS) {
3118 		enables |= CR0_ATSCHK;
3119 		ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3120 					      ARM_SMMU_CR0ACK);
3121 		if (ret) {
3122 			dev_err(smmu->dev, "failed to enable ATS check\n");
3123 			return ret;
3124 		}
3125 	}
3126 
3127 	ret = arm_smmu_setup_irqs(smmu);
3128 	if (ret) {
3129 		dev_err(smmu->dev, "failed to setup irqs\n");
3130 		return ret;
3131 	}
3132 
3133 	if (is_kdump_kernel())
3134 		enables &= ~(CR0_EVTQEN | CR0_PRIQEN);
3135 
3136 	/* Enable the SMMU interface, or ensure bypass */
3137 	if (!bypass || disable_bypass) {
3138 		enables |= CR0_SMMUEN;
3139 	} else {
3140 		ret = arm_smmu_update_gbpa(smmu, 0, GBPA_ABORT);
3141 		if (ret)
3142 			return ret;
3143 	}
3144 	ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
3145 				      ARM_SMMU_CR0ACK);
3146 	if (ret) {
3147 		dev_err(smmu->dev, "failed to enable SMMU interface\n");
3148 		return ret;
3149 	}
3150 
3151 	return 0;
3152 }
3153 
3154 static int arm_smmu_device_hw_probe(struct arm_smmu_device *smmu)
3155 {
3156 	u32 reg;
3157 	bool coherent = smmu->features & ARM_SMMU_FEAT_COHERENCY;
3158 
3159 	/* IDR0 */
3160 	reg = readl_relaxed(smmu->base + ARM_SMMU_IDR0);
3161 
3162 	/* 2-level structures */
3163 	if (FIELD_GET(IDR0_ST_LVL, reg) == IDR0_ST_LVL_2LVL)
3164 		smmu->features |= ARM_SMMU_FEAT_2_LVL_STRTAB;
3165 
3166 	if (reg & IDR0_CD2L)
3167 		smmu->features |= ARM_SMMU_FEAT_2_LVL_CDTAB;
3168 
3169 	/*
3170 	 * Translation table endianness.
3171 	 * We currently require the same endianness as the CPU, but this
3172 	 * could be changed later by adding a new IO_PGTABLE_QUIRK.
3173 	 */
3174 	switch (FIELD_GET(IDR0_TTENDIAN, reg)) {
3175 	case IDR0_TTENDIAN_MIXED:
3176 		smmu->features |= ARM_SMMU_FEAT_TT_LE | ARM_SMMU_FEAT_TT_BE;
3177 		break;
3178 #ifdef __BIG_ENDIAN
3179 	case IDR0_TTENDIAN_BE:
3180 		smmu->features |= ARM_SMMU_FEAT_TT_BE;
3181 		break;
3182 #else
3183 	case IDR0_TTENDIAN_LE:
3184 		smmu->features |= ARM_SMMU_FEAT_TT_LE;
3185 		break;
3186 #endif
3187 	default:
3188 		dev_err(smmu->dev, "unknown/unsupported TT endianness!\n");
3189 		return -ENXIO;
3190 	}
3191 
3192 	/* Boolean feature flags */
3193 	if (IS_ENABLED(CONFIG_PCI_PRI) && reg & IDR0_PRI)
3194 		smmu->features |= ARM_SMMU_FEAT_PRI;
3195 
3196 	if (IS_ENABLED(CONFIG_PCI_ATS) && reg & IDR0_ATS)
3197 		smmu->features |= ARM_SMMU_FEAT_ATS;
3198 
3199 	if (reg & IDR0_SEV)
3200 		smmu->features |= ARM_SMMU_FEAT_SEV;
3201 
3202 	if (reg & IDR0_MSI) {
3203 		smmu->features |= ARM_SMMU_FEAT_MSI;
3204 		if (coherent && !disable_msipolling)
3205 			smmu->options |= ARM_SMMU_OPT_MSIPOLL;
3206 	}
3207 
3208 	if (reg & IDR0_HYP)
3209 		smmu->features |= ARM_SMMU_FEAT_HYP;
3210 
3211 	/*
3212 	 * The coherency feature as set by FW is used in preference to the ID
3213 	 * register, but warn on mismatch.
3214 	 */
3215 	if (!!(reg & IDR0_COHACC) != coherent)
3216 		dev_warn(smmu->dev, "IDR0.COHACC overridden by FW configuration (%s)\n",
3217 			 coherent ? "true" : "false");
3218 
3219 	switch (FIELD_GET(IDR0_STALL_MODEL, reg)) {
3220 	case IDR0_STALL_MODEL_FORCE:
3221 		smmu->features |= ARM_SMMU_FEAT_STALL_FORCE;
3222 		fallthrough;
3223 	case IDR0_STALL_MODEL_STALL:
3224 		smmu->features |= ARM_SMMU_FEAT_STALLS;
3225 	}
3226 
3227 	if (reg & IDR0_S1P)
3228 		smmu->features |= ARM_SMMU_FEAT_TRANS_S1;
3229 
3230 	if (reg & IDR0_S2P)
3231 		smmu->features |= ARM_SMMU_FEAT_TRANS_S2;
3232 
3233 	if (!(reg & (IDR0_S1P | IDR0_S2P))) {
3234 		dev_err(smmu->dev, "no translation support!\n");
3235 		return -ENXIO;
3236 	}
3237 
3238 	/* We only support the AArch64 table format at present */
3239 	switch (FIELD_GET(IDR0_TTF, reg)) {
3240 	case IDR0_TTF_AARCH32_64:
3241 		smmu->ias = 40;
3242 		fallthrough;
3243 	case IDR0_TTF_AARCH64:
3244 		break;
3245 	default:
3246 		dev_err(smmu->dev, "AArch64 table format not supported!\n");
3247 		return -ENXIO;
3248 	}
3249 
3250 	/* ASID/VMID sizes */
3251 	smmu->asid_bits = reg & IDR0_ASID16 ? 16 : 8;
3252 	smmu->vmid_bits = reg & IDR0_VMID16 ? 16 : 8;
3253 
3254 	/* IDR1 */
3255 	reg = readl_relaxed(smmu->base + ARM_SMMU_IDR1);
3256 	if (reg & (IDR1_TABLES_PRESET | IDR1_QUEUES_PRESET | IDR1_REL)) {
3257 		dev_err(smmu->dev, "embedded implementation not supported\n");
3258 		return -ENXIO;
3259 	}
3260 
3261 	/* Queue sizes, capped to ensure natural alignment */
3262 	smmu->cmdq.q.llq.max_n_shift = min_t(u32, CMDQ_MAX_SZ_SHIFT,
3263 					     FIELD_GET(IDR1_CMDQS, reg));
3264 	if (smmu->cmdq.q.llq.max_n_shift <= ilog2(CMDQ_BATCH_ENTRIES)) {
3265 		/*
3266 		 * We don't support splitting up batches, so one batch of
3267 		 * commands plus an extra sync needs to fit inside the command
3268 		 * queue. There's also no way we can handle the weird alignment
3269 		 * restrictions on the base pointer for a unit-length queue.
3270 		 */
3271 		dev_err(smmu->dev, "command queue size <= %d entries not supported\n",
3272 			CMDQ_BATCH_ENTRIES);
3273 		return -ENXIO;
3274 	}
3275 
3276 	smmu->evtq.q.llq.max_n_shift = min_t(u32, EVTQ_MAX_SZ_SHIFT,
3277 					     FIELD_GET(IDR1_EVTQS, reg));
3278 	smmu->priq.q.llq.max_n_shift = min_t(u32, PRIQ_MAX_SZ_SHIFT,
3279 					     FIELD_GET(IDR1_PRIQS, reg));
3280 
3281 	/* SID/SSID sizes */
3282 	smmu->ssid_bits = FIELD_GET(IDR1_SSIDSIZE, reg);
3283 	smmu->sid_bits = FIELD_GET(IDR1_SIDSIZE, reg);
3284 
3285 	/*
3286 	 * If the SMMU supports fewer bits than would fill a single L2 stream
3287 	 * table, use a linear table instead.
3288 	 */
3289 	if (smmu->sid_bits <= STRTAB_SPLIT)
3290 		smmu->features &= ~ARM_SMMU_FEAT_2_LVL_STRTAB;
3291 
3292 	/* IDR3 */
3293 	reg = readl_relaxed(smmu->base + ARM_SMMU_IDR3);
3294 	if (FIELD_GET(IDR3_RIL, reg))
3295 		smmu->features |= ARM_SMMU_FEAT_RANGE_INV;
3296 
3297 	/* IDR5 */
3298 	reg = readl_relaxed(smmu->base + ARM_SMMU_IDR5);
3299 
3300 	/* Maximum number of outstanding stalls */
3301 	smmu->evtq.max_stalls = FIELD_GET(IDR5_STALL_MAX, reg);
3302 
3303 	/* Page sizes */
3304 	if (reg & IDR5_GRAN64K)
3305 		smmu->pgsize_bitmap |= SZ_64K | SZ_512M;
3306 	if (reg & IDR5_GRAN16K)
3307 		smmu->pgsize_bitmap |= SZ_16K | SZ_32M;
3308 	if (reg & IDR5_GRAN4K)
3309 		smmu->pgsize_bitmap |= SZ_4K | SZ_2M | SZ_1G;
3310 
3311 	/* Input address size */
3312 	if (FIELD_GET(IDR5_VAX, reg) == IDR5_VAX_52_BIT)
3313 		smmu->features |= ARM_SMMU_FEAT_VAX;
3314 
3315 	/* Output address size */
3316 	switch (FIELD_GET(IDR5_OAS, reg)) {
3317 	case IDR5_OAS_32_BIT:
3318 		smmu->oas = 32;
3319 		break;
3320 	case IDR5_OAS_36_BIT:
3321 		smmu->oas = 36;
3322 		break;
3323 	case IDR5_OAS_40_BIT:
3324 		smmu->oas = 40;
3325 		break;
3326 	case IDR5_OAS_42_BIT:
3327 		smmu->oas = 42;
3328 		break;
3329 	case IDR5_OAS_44_BIT:
3330 		smmu->oas = 44;
3331 		break;
3332 	case IDR5_OAS_52_BIT:
3333 		smmu->oas = 52;
3334 		smmu->pgsize_bitmap |= 1ULL << 42; /* 4TB */
3335 		break;
3336 	default:
3337 		dev_info(smmu->dev,
3338 			"unknown output address size. Truncating to 48-bit\n");
3339 		fallthrough;
3340 	case IDR5_OAS_48_BIT:
3341 		smmu->oas = 48;
3342 	}
3343 
3344 	if (arm_smmu_ops.pgsize_bitmap == -1UL)
3345 		arm_smmu_ops.pgsize_bitmap = smmu->pgsize_bitmap;
3346 	else
3347 		arm_smmu_ops.pgsize_bitmap |= smmu->pgsize_bitmap;
3348 
3349 	/* Set the DMA mask for our table walker */
3350 	if (dma_set_mask_and_coherent(smmu->dev, DMA_BIT_MASK(smmu->oas)))
3351 		dev_warn(smmu->dev,
3352 			 "failed to set DMA mask for table walker\n");
3353 
3354 	smmu->ias = max(smmu->ias, smmu->oas);
3355 
3356 	if (arm_smmu_sva_supported(smmu))
3357 		smmu->features |= ARM_SMMU_FEAT_SVA;
3358 
3359 	dev_info(smmu->dev, "ias %lu-bit, oas %lu-bit (features 0x%08x)\n",
3360 		 smmu->ias, smmu->oas, smmu->features);
3361 	return 0;
3362 }
3363 
3364 #ifdef CONFIG_ACPI
3365 static void acpi_smmu_get_options(u32 model, struct arm_smmu_device *smmu)
3366 {
3367 	switch (model) {
3368 	case ACPI_IORT_SMMU_V3_CAVIUM_CN99XX:
3369 		smmu->options |= ARM_SMMU_OPT_PAGE0_REGS_ONLY;
3370 		break;
3371 	case ACPI_IORT_SMMU_V3_HISILICON_HI161X:
3372 		smmu->options |= ARM_SMMU_OPT_SKIP_PREFETCH;
3373 		break;
3374 	}
3375 
3376 	dev_notice(smmu->dev, "option mask 0x%x\n", smmu->options);
3377 }
3378 
3379 static int arm_smmu_device_acpi_probe(struct platform_device *pdev,
3380 				      struct arm_smmu_device *smmu)
3381 {
3382 	struct acpi_iort_smmu_v3 *iort_smmu;
3383 	struct device *dev = smmu->dev;
3384 	struct acpi_iort_node *node;
3385 
3386 	node = *(struct acpi_iort_node **)dev_get_platdata(dev);
3387 
3388 	/* Retrieve SMMUv3 specific data */
3389 	iort_smmu = (struct acpi_iort_smmu_v3 *)node->node_data;
3390 
3391 	acpi_smmu_get_options(iort_smmu->model, smmu);
3392 
3393 	if (iort_smmu->flags & ACPI_IORT_SMMU_V3_COHACC_OVERRIDE)
3394 		smmu->features |= ARM_SMMU_FEAT_COHERENCY;
3395 
3396 	return 0;
3397 }
3398 #else
3399 static inline int arm_smmu_device_acpi_probe(struct platform_device *pdev,
3400 					     struct arm_smmu_device *smmu)
3401 {
3402 	return -ENODEV;
3403 }
3404 #endif
3405 
3406 static int arm_smmu_device_dt_probe(struct platform_device *pdev,
3407 				    struct arm_smmu_device *smmu)
3408 {
3409 	struct device *dev = &pdev->dev;
3410 	u32 cells;
3411 	int ret = -EINVAL;
3412 
3413 	if (of_property_read_u32(dev->of_node, "#iommu-cells", &cells))
3414 		dev_err(dev, "missing #iommu-cells property\n");
3415 	else if (cells != 1)
3416 		dev_err(dev, "invalid #iommu-cells value (%d)\n", cells);
3417 	else
3418 		ret = 0;
3419 
3420 	parse_driver_options(smmu);
3421 
3422 	if (of_dma_is_coherent(dev->of_node))
3423 		smmu->features |= ARM_SMMU_FEAT_COHERENCY;
3424 
3425 	return ret;
3426 }
3427 
3428 static unsigned long arm_smmu_resource_size(struct arm_smmu_device *smmu)
3429 {
3430 	if (smmu->options & ARM_SMMU_OPT_PAGE0_REGS_ONLY)
3431 		return SZ_64K;
3432 	else
3433 		return SZ_128K;
3434 }
3435 
3436 static int arm_smmu_set_bus_ops(struct iommu_ops *ops)
3437 {
3438 	int err;
3439 
3440 #ifdef CONFIG_PCI
3441 	if (pci_bus_type.iommu_ops != ops) {
3442 		err = bus_set_iommu(&pci_bus_type, ops);
3443 		if (err)
3444 			return err;
3445 	}
3446 #endif
3447 #ifdef CONFIG_ARM_AMBA
3448 	if (amba_bustype.iommu_ops != ops) {
3449 		err = bus_set_iommu(&amba_bustype, ops);
3450 		if (err)
3451 			goto err_reset_pci_ops;
3452 	}
3453 #endif
3454 	if (platform_bus_type.iommu_ops != ops) {
3455 		err = bus_set_iommu(&platform_bus_type, ops);
3456 		if (err)
3457 			goto err_reset_amba_ops;
3458 	}
3459 
3460 	return 0;
3461 
3462 err_reset_amba_ops:
3463 #ifdef CONFIG_ARM_AMBA
3464 	bus_set_iommu(&amba_bustype, NULL);
3465 #endif
3466 err_reset_pci_ops: __maybe_unused;
3467 #ifdef CONFIG_PCI
3468 	bus_set_iommu(&pci_bus_type, NULL);
3469 #endif
3470 	return err;
3471 }
3472 
3473 static void __iomem *arm_smmu_ioremap(struct device *dev, resource_size_t start,
3474 				      resource_size_t size)
3475 {
3476 	struct resource res = {
3477 		.flags = IORESOURCE_MEM,
3478 		.start = start,
3479 		.end = start + size - 1,
3480 	};
3481 
3482 	return devm_ioremap_resource(dev, &res);
3483 }
3484 
3485 static int arm_smmu_device_probe(struct platform_device *pdev)
3486 {
3487 	int irq, ret;
3488 	struct resource *res;
3489 	resource_size_t ioaddr;
3490 	struct arm_smmu_device *smmu;
3491 	struct device *dev = &pdev->dev;
3492 	bool bypass;
3493 
3494 	smmu = devm_kzalloc(dev, sizeof(*smmu), GFP_KERNEL);
3495 	if (!smmu) {
3496 		dev_err(dev, "failed to allocate arm_smmu_device\n");
3497 		return -ENOMEM;
3498 	}
3499 	smmu->dev = dev;
3500 
3501 	if (dev->of_node) {
3502 		ret = arm_smmu_device_dt_probe(pdev, smmu);
3503 	} else {
3504 		ret = arm_smmu_device_acpi_probe(pdev, smmu);
3505 		if (ret == -ENODEV)
3506 			return ret;
3507 	}
3508 
3509 	/* Set bypass mode according to firmware probing result */
3510 	bypass = !!ret;
3511 
3512 	/* Base address */
3513 	res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
3514 	if (resource_size(res) < arm_smmu_resource_size(smmu)) {
3515 		dev_err(dev, "MMIO region too small (%pr)\n", res);
3516 		return -EINVAL;
3517 	}
3518 	ioaddr = res->start;
3519 
3520 	/*
3521 	 * Don't map the IMPLEMENTATION DEFINED regions, since they may contain
3522 	 * the PMCG registers which are reserved by the PMU driver.
3523 	 */
3524 	smmu->base = arm_smmu_ioremap(dev, ioaddr, ARM_SMMU_REG_SZ);
3525 	if (IS_ERR(smmu->base))
3526 		return PTR_ERR(smmu->base);
3527 
3528 	if (arm_smmu_resource_size(smmu) > SZ_64K) {
3529 		smmu->page1 = arm_smmu_ioremap(dev, ioaddr + SZ_64K,
3530 					       ARM_SMMU_REG_SZ);
3531 		if (IS_ERR(smmu->page1))
3532 			return PTR_ERR(smmu->page1);
3533 	} else {
3534 		smmu->page1 = smmu->base;
3535 	}
3536 
3537 	/* Interrupt lines */
3538 
3539 	irq = platform_get_irq_byname_optional(pdev, "combined");
3540 	if (irq > 0)
3541 		smmu->combined_irq = irq;
3542 	else {
3543 		irq = platform_get_irq_byname_optional(pdev, "eventq");
3544 		if (irq > 0)
3545 			smmu->evtq.q.irq = irq;
3546 
3547 		irq = platform_get_irq_byname_optional(pdev, "priq");
3548 		if (irq > 0)
3549 			smmu->priq.q.irq = irq;
3550 
3551 		irq = platform_get_irq_byname_optional(pdev, "gerror");
3552 		if (irq > 0)
3553 			smmu->gerr_irq = irq;
3554 	}
3555 	/* Probe the h/w */
3556 	ret = arm_smmu_device_hw_probe(smmu);
3557 	if (ret)
3558 		return ret;
3559 
3560 	/* Initialise in-memory data structures */
3561 	ret = arm_smmu_init_structures(smmu);
3562 	if (ret)
3563 		return ret;
3564 
3565 	/* Record our private device structure */
3566 	platform_set_drvdata(pdev, smmu);
3567 
3568 	/* Reset the device */
3569 	ret = arm_smmu_device_reset(smmu, bypass);
3570 	if (ret)
3571 		return ret;
3572 
3573 	/* And we're up. Go go go! */
3574 	ret = iommu_device_sysfs_add(&smmu->iommu, dev, NULL,
3575 				     "smmu3.%pa", &ioaddr);
3576 	if (ret)
3577 		return ret;
3578 
3579 	iommu_device_set_ops(&smmu->iommu, &arm_smmu_ops);
3580 	iommu_device_set_fwnode(&smmu->iommu, dev->fwnode);
3581 
3582 	ret = iommu_device_register(&smmu->iommu);
3583 	if (ret) {
3584 		dev_err(dev, "Failed to register iommu\n");
3585 		return ret;
3586 	}
3587 
3588 	return arm_smmu_set_bus_ops(&arm_smmu_ops);
3589 }
3590 
3591 static int arm_smmu_device_remove(struct platform_device *pdev)
3592 {
3593 	struct arm_smmu_device *smmu = platform_get_drvdata(pdev);
3594 
3595 	arm_smmu_set_bus_ops(NULL);
3596 	iommu_device_unregister(&smmu->iommu);
3597 	iommu_device_sysfs_remove(&smmu->iommu);
3598 	arm_smmu_device_disable(smmu);
3599 
3600 	return 0;
3601 }
3602 
3603 static void arm_smmu_device_shutdown(struct platform_device *pdev)
3604 {
3605 	arm_smmu_device_remove(pdev);
3606 }
3607 
3608 static const struct of_device_id arm_smmu_of_match[] = {
3609 	{ .compatible = "arm,smmu-v3", },
3610 	{ },
3611 };
3612 MODULE_DEVICE_TABLE(of, arm_smmu_of_match);
3613 
3614 static struct platform_driver arm_smmu_driver = {
3615 	.driver	= {
3616 		.name			= "arm-smmu-v3",
3617 		.of_match_table		= arm_smmu_of_match,
3618 		.suppress_bind_attrs	= true,
3619 	},
3620 	.probe	= arm_smmu_device_probe,
3621 	.remove	= arm_smmu_device_remove,
3622 	.shutdown = arm_smmu_device_shutdown,
3623 };
3624 module_platform_driver(arm_smmu_driver);
3625 
3626 MODULE_DESCRIPTION("IOMMU API for ARM architected SMMUv3 implementations");
3627 MODULE_AUTHOR("Will Deacon <will@kernel.org>");
3628 MODULE_ALIAS("platform:arm-smmu-v3");
3629 MODULE_LICENSE("GPL v2");
3630