xref: /openbmc/linux/drivers/iommu/intel/iommu.c (revision 017cdefe)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Copyright © 2006-2014 Intel Corporation.
4  *
5  * Authors: David Woodhouse <dwmw2@infradead.org>,
6  *          Ashok Raj <ashok.raj@intel.com>,
7  *          Shaohua Li <shaohua.li@intel.com>,
8  *          Anil S Keshavamurthy <anil.s.keshavamurthy@intel.com>,
9  *          Fenghua Yu <fenghua.yu@intel.com>
10  *          Joerg Roedel <jroedel@suse.de>
11  */
12 
13 #define pr_fmt(fmt)     "DMAR: " fmt
14 #define dev_fmt(fmt)    pr_fmt(fmt)
15 
16 #include <linux/crash_dump.h>
17 #include <linux/dma-direct.h>
18 #include <linux/dmi.h>
19 #include <linux/memory.h>
20 #include <linux/pci.h>
21 #include <linux/pci-ats.h>
22 #include <linux/spinlock.h>
23 #include <linux/syscore_ops.h>
24 #include <linux/tboot.h>
25 
26 #include "iommu.h"
27 #include "../dma-iommu.h"
28 #include "../irq_remapping.h"
29 #include "../iommu-sva.h"
30 #include "pasid.h"
31 #include "cap_audit.h"
32 #include "perfmon.h"
33 
34 #define ROOT_SIZE		VTD_PAGE_SIZE
35 #define CONTEXT_SIZE		VTD_PAGE_SIZE
36 
37 #define IS_GFX_DEVICE(pdev) ((pdev->class >> 16) == PCI_BASE_CLASS_DISPLAY)
38 #define IS_USB_DEVICE(pdev) ((pdev->class >> 8) == PCI_CLASS_SERIAL_USB)
39 #define IS_ISA_DEVICE(pdev) ((pdev->class >> 8) == PCI_CLASS_BRIDGE_ISA)
40 #define IS_AZALIA(pdev) ((pdev)->vendor == 0x8086 && (pdev)->device == 0x3a3e)
41 
42 #define IOAPIC_RANGE_START	(0xfee00000)
43 #define IOAPIC_RANGE_END	(0xfeefffff)
44 #define IOVA_START_ADDR		(0x1000)
45 
46 #define DEFAULT_DOMAIN_ADDRESS_WIDTH 57
47 
48 #define MAX_AGAW_WIDTH 64
49 #define MAX_AGAW_PFN_WIDTH	(MAX_AGAW_WIDTH - VTD_PAGE_SHIFT)
50 
51 #define __DOMAIN_MAX_PFN(gaw)  ((((uint64_t)1) << ((gaw) - VTD_PAGE_SHIFT)) - 1)
52 #define __DOMAIN_MAX_ADDR(gaw) ((((uint64_t)1) << (gaw)) - 1)
53 
54 /* We limit DOMAIN_MAX_PFN to fit in an unsigned long, and DOMAIN_MAX_ADDR
55    to match. That way, we can use 'unsigned long' for PFNs with impunity. */
56 #define DOMAIN_MAX_PFN(gaw)	((unsigned long) min_t(uint64_t, \
57 				__DOMAIN_MAX_PFN(gaw), (unsigned long)-1))
58 #define DOMAIN_MAX_ADDR(gaw)	(((uint64_t)__DOMAIN_MAX_PFN(gaw)) << VTD_PAGE_SHIFT)
59 
60 /* IO virtual address start page frame number */
61 #define IOVA_START_PFN		(1)
62 
63 #define IOVA_PFN(addr)		((addr) >> PAGE_SHIFT)
64 
65 /* page table handling */
66 #define LEVEL_STRIDE		(9)
67 #define LEVEL_MASK		(((u64)1 << LEVEL_STRIDE) - 1)
68 
69 static inline int agaw_to_level(int agaw)
70 {
71 	return agaw + 2;
72 }
73 
74 static inline int agaw_to_width(int agaw)
75 {
76 	return min_t(int, 30 + agaw * LEVEL_STRIDE, MAX_AGAW_WIDTH);
77 }
78 
79 static inline int width_to_agaw(int width)
80 {
81 	return DIV_ROUND_UP(width - 30, LEVEL_STRIDE);
82 }
83 
84 static inline unsigned int level_to_offset_bits(int level)
85 {
86 	return (level - 1) * LEVEL_STRIDE;
87 }
88 
89 static inline int pfn_level_offset(u64 pfn, int level)
90 {
91 	return (pfn >> level_to_offset_bits(level)) & LEVEL_MASK;
92 }
93 
94 static inline u64 level_mask(int level)
95 {
96 	return -1ULL << level_to_offset_bits(level);
97 }
98 
99 static inline u64 level_size(int level)
100 {
101 	return 1ULL << level_to_offset_bits(level);
102 }
103 
104 static inline u64 align_to_level(u64 pfn, int level)
105 {
106 	return (pfn + level_size(level) - 1) & level_mask(level);
107 }
108 
109 static inline unsigned long lvl_to_nr_pages(unsigned int lvl)
110 {
111 	return 1UL << min_t(int, (lvl - 1) * LEVEL_STRIDE, MAX_AGAW_PFN_WIDTH);
112 }
113 
114 /* VT-d pages must always be _smaller_ than MM pages. Otherwise things
115    are never going to work. */
116 static inline unsigned long mm_to_dma_pfn(unsigned long mm_pfn)
117 {
118 	return mm_pfn << (PAGE_SHIFT - VTD_PAGE_SHIFT);
119 }
120 static inline unsigned long page_to_dma_pfn(struct page *pg)
121 {
122 	return mm_to_dma_pfn(page_to_pfn(pg));
123 }
124 static inline unsigned long virt_to_dma_pfn(void *p)
125 {
126 	return page_to_dma_pfn(virt_to_page(p));
127 }
128 
129 static void __init check_tylersburg_isoch(void);
130 static int rwbf_quirk;
131 
132 /*
133  * set to 1 to panic kernel if can't successfully enable VT-d
134  * (used when kernel is launched w/ TXT)
135  */
136 static int force_on = 0;
137 static int intel_iommu_tboot_noforce;
138 static int no_platform_optin;
139 
140 #define ROOT_ENTRY_NR (VTD_PAGE_SIZE/sizeof(struct root_entry))
141 
142 /*
143  * Take a root_entry and return the Lower Context Table Pointer (LCTP)
144  * if marked present.
145  */
146 static phys_addr_t root_entry_lctp(struct root_entry *re)
147 {
148 	if (!(re->lo & 1))
149 		return 0;
150 
151 	return re->lo & VTD_PAGE_MASK;
152 }
153 
154 /*
155  * Take a root_entry and return the Upper Context Table Pointer (UCTP)
156  * if marked present.
157  */
158 static phys_addr_t root_entry_uctp(struct root_entry *re)
159 {
160 	if (!(re->hi & 1))
161 		return 0;
162 
163 	return re->hi & VTD_PAGE_MASK;
164 }
165 
166 static inline void context_set_present(struct context_entry *context)
167 {
168 	context->lo |= 1;
169 }
170 
171 static inline void context_set_fault_enable(struct context_entry *context)
172 {
173 	context->lo &= (((u64)-1) << 2) | 1;
174 }
175 
176 static inline void context_set_translation_type(struct context_entry *context,
177 						unsigned long value)
178 {
179 	context->lo &= (((u64)-1) << 4) | 3;
180 	context->lo |= (value & 3) << 2;
181 }
182 
183 static inline void context_set_address_root(struct context_entry *context,
184 					    unsigned long value)
185 {
186 	context->lo &= ~VTD_PAGE_MASK;
187 	context->lo |= value & VTD_PAGE_MASK;
188 }
189 
190 static inline void context_set_address_width(struct context_entry *context,
191 					     unsigned long value)
192 {
193 	context->hi |= value & 7;
194 }
195 
196 static inline void context_set_domain_id(struct context_entry *context,
197 					 unsigned long value)
198 {
199 	context->hi |= (value & ((1 << 16) - 1)) << 8;
200 }
201 
202 static inline void context_set_pasid(struct context_entry *context)
203 {
204 	context->lo |= CONTEXT_PASIDE;
205 }
206 
207 static inline int context_domain_id(struct context_entry *c)
208 {
209 	return((c->hi >> 8) & 0xffff);
210 }
211 
212 static inline void context_clear_entry(struct context_entry *context)
213 {
214 	context->lo = 0;
215 	context->hi = 0;
216 }
217 
218 static inline bool context_copied(struct intel_iommu *iommu, u8 bus, u8 devfn)
219 {
220 	if (!iommu->copied_tables)
221 		return false;
222 
223 	return test_bit(((long)bus << 8) | devfn, iommu->copied_tables);
224 }
225 
226 static inline void
227 set_context_copied(struct intel_iommu *iommu, u8 bus, u8 devfn)
228 {
229 	set_bit(((long)bus << 8) | devfn, iommu->copied_tables);
230 }
231 
232 static inline void
233 clear_context_copied(struct intel_iommu *iommu, u8 bus, u8 devfn)
234 {
235 	clear_bit(((long)bus << 8) | devfn, iommu->copied_tables);
236 }
237 
238 /*
239  * This domain is a statically identity mapping domain.
240  *	1. This domain creats a static 1:1 mapping to all usable memory.
241  * 	2. It maps to each iommu if successful.
242  *	3. Each iommu mapps to this domain if successful.
243  */
244 static struct dmar_domain *si_domain;
245 static int hw_pass_through = 1;
246 
247 struct dmar_rmrr_unit {
248 	struct list_head list;		/* list of rmrr units	*/
249 	struct acpi_dmar_header *hdr;	/* ACPI header		*/
250 	u64	base_address;		/* reserved base address*/
251 	u64	end_address;		/* reserved end address */
252 	struct dmar_dev_scope *devices;	/* target devices */
253 	int	devices_cnt;		/* target device count */
254 };
255 
256 struct dmar_atsr_unit {
257 	struct list_head list;		/* list of ATSR units */
258 	struct acpi_dmar_header *hdr;	/* ACPI header */
259 	struct dmar_dev_scope *devices;	/* target devices */
260 	int devices_cnt;		/* target device count */
261 	u8 include_all:1;		/* include all ports */
262 };
263 
264 struct dmar_satc_unit {
265 	struct list_head list;		/* list of SATC units */
266 	struct acpi_dmar_header *hdr;	/* ACPI header */
267 	struct dmar_dev_scope *devices;	/* target devices */
268 	struct intel_iommu *iommu;	/* the corresponding iommu */
269 	int devices_cnt;		/* target device count */
270 	u8 atc_required:1;		/* ATS is required */
271 };
272 
273 static LIST_HEAD(dmar_atsr_units);
274 static LIST_HEAD(dmar_rmrr_units);
275 static LIST_HEAD(dmar_satc_units);
276 
277 #define for_each_rmrr_units(rmrr) \
278 	list_for_each_entry(rmrr, &dmar_rmrr_units, list)
279 
280 static void device_block_translation(struct device *dev);
281 static void intel_iommu_domain_free(struct iommu_domain *domain);
282 
283 int dmar_disabled = !IS_ENABLED(CONFIG_INTEL_IOMMU_DEFAULT_ON);
284 int intel_iommu_sm = IS_ENABLED(CONFIG_INTEL_IOMMU_SCALABLE_MODE_DEFAULT_ON);
285 
286 int intel_iommu_enabled = 0;
287 EXPORT_SYMBOL_GPL(intel_iommu_enabled);
288 
289 static int dmar_map_gfx = 1;
290 static int intel_iommu_superpage = 1;
291 static int iommu_identity_mapping;
292 static int iommu_skip_te_disable;
293 
294 #define IDENTMAP_GFX		2
295 #define IDENTMAP_AZALIA		4
296 
297 const struct iommu_ops intel_iommu_ops;
298 
299 static bool translation_pre_enabled(struct intel_iommu *iommu)
300 {
301 	return (iommu->flags & VTD_FLAG_TRANS_PRE_ENABLED);
302 }
303 
304 static void clear_translation_pre_enabled(struct intel_iommu *iommu)
305 {
306 	iommu->flags &= ~VTD_FLAG_TRANS_PRE_ENABLED;
307 }
308 
309 static void init_translation_status(struct intel_iommu *iommu)
310 {
311 	u32 gsts;
312 
313 	gsts = readl(iommu->reg + DMAR_GSTS_REG);
314 	if (gsts & DMA_GSTS_TES)
315 		iommu->flags |= VTD_FLAG_TRANS_PRE_ENABLED;
316 }
317 
318 static int __init intel_iommu_setup(char *str)
319 {
320 	if (!str)
321 		return -EINVAL;
322 
323 	while (*str) {
324 		if (!strncmp(str, "on", 2)) {
325 			dmar_disabled = 0;
326 			pr_info("IOMMU enabled\n");
327 		} else if (!strncmp(str, "off", 3)) {
328 			dmar_disabled = 1;
329 			no_platform_optin = 1;
330 			pr_info("IOMMU disabled\n");
331 		} else if (!strncmp(str, "igfx_off", 8)) {
332 			dmar_map_gfx = 0;
333 			pr_info("Disable GFX device mapping\n");
334 		} else if (!strncmp(str, "forcedac", 8)) {
335 			pr_warn("intel_iommu=forcedac deprecated; use iommu.forcedac instead\n");
336 			iommu_dma_forcedac = true;
337 		} else if (!strncmp(str, "strict", 6)) {
338 			pr_warn("intel_iommu=strict deprecated; use iommu.strict=1 instead\n");
339 			iommu_set_dma_strict();
340 		} else if (!strncmp(str, "sp_off", 6)) {
341 			pr_info("Disable supported super page\n");
342 			intel_iommu_superpage = 0;
343 		} else if (!strncmp(str, "sm_on", 5)) {
344 			pr_info("Enable scalable mode if hardware supports\n");
345 			intel_iommu_sm = 1;
346 		} else if (!strncmp(str, "sm_off", 6)) {
347 			pr_info("Scalable mode is disallowed\n");
348 			intel_iommu_sm = 0;
349 		} else if (!strncmp(str, "tboot_noforce", 13)) {
350 			pr_info("Intel-IOMMU: not forcing on after tboot. This could expose security risk for tboot\n");
351 			intel_iommu_tboot_noforce = 1;
352 		} else {
353 			pr_notice("Unknown option - '%s'\n", str);
354 		}
355 
356 		str += strcspn(str, ",");
357 		while (*str == ',')
358 			str++;
359 	}
360 
361 	return 1;
362 }
363 __setup("intel_iommu=", intel_iommu_setup);
364 
365 void *alloc_pgtable_page(int node, gfp_t gfp)
366 {
367 	struct page *page;
368 	void *vaddr = NULL;
369 
370 	page = alloc_pages_node(node, gfp | __GFP_ZERO, 0);
371 	if (page)
372 		vaddr = page_address(page);
373 	return vaddr;
374 }
375 
376 void free_pgtable_page(void *vaddr)
377 {
378 	free_page((unsigned long)vaddr);
379 }
380 
381 static inline int domain_type_is_si(struct dmar_domain *domain)
382 {
383 	return domain->domain.type == IOMMU_DOMAIN_IDENTITY;
384 }
385 
386 static inline int domain_pfn_supported(struct dmar_domain *domain,
387 				       unsigned long pfn)
388 {
389 	int addr_width = agaw_to_width(domain->agaw) - VTD_PAGE_SHIFT;
390 
391 	return !(addr_width < BITS_PER_LONG && pfn >> addr_width);
392 }
393 
394 /*
395  * Calculate the Supported Adjusted Guest Address Widths of an IOMMU.
396  * Refer to 11.4.2 of the VT-d spec for the encoding of each bit of
397  * the returned SAGAW.
398  */
399 static unsigned long __iommu_calculate_sagaw(struct intel_iommu *iommu)
400 {
401 	unsigned long fl_sagaw, sl_sagaw;
402 
403 	fl_sagaw = BIT(2) | (cap_fl5lp_support(iommu->cap) ? BIT(3) : 0);
404 	sl_sagaw = cap_sagaw(iommu->cap);
405 
406 	/* Second level only. */
407 	if (!sm_supported(iommu) || !ecap_flts(iommu->ecap))
408 		return sl_sagaw;
409 
410 	/* First level only. */
411 	if (!ecap_slts(iommu->ecap))
412 		return fl_sagaw;
413 
414 	return fl_sagaw & sl_sagaw;
415 }
416 
417 static int __iommu_calculate_agaw(struct intel_iommu *iommu, int max_gaw)
418 {
419 	unsigned long sagaw;
420 	int agaw;
421 
422 	sagaw = __iommu_calculate_sagaw(iommu);
423 	for (agaw = width_to_agaw(max_gaw); agaw >= 0; agaw--) {
424 		if (test_bit(agaw, &sagaw))
425 			break;
426 	}
427 
428 	return agaw;
429 }
430 
431 /*
432  * Calculate max SAGAW for each iommu.
433  */
434 int iommu_calculate_max_sagaw(struct intel_iommu *iommu)
435 {
436 	return __iommu_calculate_agaw(iommu, MAX_AGAW_WIDTH);
437 }
438 
439 /*
440  * calculate agaw for each iommu.
441  * "SAGAW" may be different across iommus, use a default agaw, and
442  * get a supported less agaw for iommus that don't support the default agaw.
443  */
444 int iommu_calculate_agaw(struct intel_iommu *iommu)
445 {
446 	return __iommu_calculate_agaw(iommu, DEFAULT_DOMAIN_ADDRESS_WIDTH);
447 }
448 
449 static inline bool iommu_paging_structure_coherency(struct intel_iommu *iommu)
450 {
451 	return sm_supported(iommu) ?
452 			ecap_smpwc(iommu->ecap) : ecap_coherent(iommu->ecap);
453 }
454 
455 static void domain_update_iommu_coherency(struct dmar_domain *domain)
456 {
457 	struct iommu_domain_info *info;
458 	struct dmar_drhd_unit *drhd;
459 	struct intel_iommu *iommu;
460 	bool found = false;
461 	unsigned long i;
462 
463 	domain->iommu_coherency = true;
464 	xa_for_each(&domain->iommu_array, i, info) {
465 		found = true;
466 		if (!iommu_paging_structure_coherency(info->iommu)) {
467 			domain->iommu_coherency = false;
468 			break;
469 		}
470 	}
471 	if (found)
472 		return;
473 
474 	/* No hardware attached; use lowest common denominator */
475 	rcu_read_lock();
476 	for_each_active_iommu(iommu, drhd) {
477 		if (!iommu_paging_structure_coherency(iommu)) {
478 			domain->iommu_coherency = false;
479 			break;
480 		}
481 	}
482 	rcu_read_unlock();
483 }
484 
485 static int domain_update_iommu_superpage(struct dmar_domain *domain,
486 					 struct intel_iommu *skip)
487 {
488 	struct dmar_drhd_unit *drhd;
489 	struct intel_iommu *iommu;
490 	int mask = 0x3;
491 
492 	if (!intel_iommu_superpage)
493 		return 0;
494 
495 	/* set iommu_superpage to the smallest common denominator */
496 	rcu_read_lock();
497 	for_each_active_iommu(iommu, drhd) {
498 		if (iommu != skip) {
499 			if (domain && domain->use_first_level) {
500 				if (!cap_fl1gp_support(iommu->cap))
501 					mask = 0x1;
502 			} else {
503 				mask &= cap_super_page_val(iommu->cap);
504 			}
505 
506 			if (!mask)
507 				break;
508 		}
509 	}
510 	rcu_read_unlock();
511 
512 	return fls(mask);
513 }
514 
515 static int domain_update_device_node(struct dmar_domain *domain)
516 {
517 	struct device_domain_info *info;
518 	int nid = NUMA_NO_NODE;
519 	unsigned long flags;
520 
521 	spin_lock_irqsave(&domain->lock, flags);
522 	list_for_each_entry(info, &domain->devices, link) {
523 		/*
524 		 * There could possibly be multiple device numa nodes as devices
525 		 * within the same domain may sit behind different IOMMUs. There
526 		 * isn't perfect answer in such situation, so we select first
527 		 * come first served policy.
528 		 */
529 		nid = dev_to_node(info->dev);
530 		if (nid != NUMA_NO_NODE)
531 			break;
532 	}
533 	spin_unlock_irqrestore(&domain->lock, flags);
534 
535 	return nid;
536 }
537 
538 static void domain_update_iotlb(struct dmar_domain *domain);
539 
540 /* Return the super pagesize bitmap if supported. */
541 static unsigned long domain_super_pgsize_bitmap(struct dmar_domain *domain)
542 {
543 	unsigned long bitmap = 0;
544 
545 	/*
546 	 * 1-level super page supports page size of 2MiB, 2-level super page
547 	 * supports page size of both 2MiB and 1GiB.
548 	 */
549 	if (domain->iommu_superpage == 1)
550 		bitmap |= SZ_2M;
551 	else if (domain->iommu_superpage == 2)
552 		bitmap |= SZ_2M | SZ_1G;
553 
554 	return bitmap;
555 }
556 
557 /* Some capabilities may be different across iommus */
558 static void domain_update_iommu_cap(struct dmar_domain *domain)
559 {
560 	domain_update_iommu_coherency(domain);
561 	domain->iommu_superpage = domain_update_iommu_superpage(domain, NULL);
562 
563 	/*
564 	 * If RHSA is missing, we should default to the device numa domain
565 	 * as fall back.
566 	 */
567 	if (domain->nid == NUMA_NO_NODE)
568 		domain->nid = domain_update_device_node(domain);
569 
570 	/*
571 	 * First-level translation restricts the input-address to a
572 	 * canonical address (i.e., address bits 63:N have the same
573 	 * value as address bit [N-1], where N is 48-bits with 4-level
574 	 * paging and 57-bits with 5-level paging). Hence, skip bit
575 	 * [N-1].
576 	 */
577 	if (domain->use_first_level)
578 		domain->domain.geometry.aperture_end = __DOMAIN_MAX_ADDR(domain->gaw - 1);
579 	else
580 		domain->domain.geometry.aperture_end = __DOMAIN_MAX_ADDR(domain->gaw);
581 
582 	domain->domain.pgsize_bitmap |= domain_super_pgsize_bitmap(domain);
583 	domain_update_iotlb(domain);
584 }
585 
586 struct context_entry *iommu_context_addr(struct intel_iommu *iommu, u8 bus,
587 					 u8 devfn, int alloc)
588 {
589 	struct root_entry *root = &iommu->root_entry[bus];
590 	struct context_entry *context;
591 	u64 *entry;
592 
593 	/*
594 	 * Except that the caller requested to allocate a new entry,
595 	 * returning a copied context entry makes no sense.
596 	 */
597 	if (!alloc && context_copied(iommu, bus, devfn))
598 		return NULL;
599 
600 	entry = &root->lo;
601 	if (sm_supported(iommu)) {
602 		if (devfn >= 0x80) {
603 			devfn -= 0x80;
604 			entry = &root->hi;
605 		}
606 		devfn *= 2;
607 	}
608 	if (*entry & 1)
609 		context = phys_to_virt(*entry & VTD_PAGE_MASK);
610 	else {
611 		unsigned long phy_addr;
612 		if (!alloc)
613 			return NULL;
614 
615 		context = alloc_pgtable_page(iommu->node, GFP_ATOMIC);
616 		if (!context)
617 			return NULL;
618 
619 		__iommu_flush_cache(iommu, (void *)context, CONTEXT_SIZE);
620 		phy_addr = virt_to_phys((void *)context);
621 		*entry = phy_addr | 1;
622 		__iommu_flush_cache(iommu, entry, sizeof(*entry));
623 	}
624 	return &context[devfn];
625 }
626 
627 /**
628  * is_downstream_to_pci_bridge - test if a device belongs to the PCI
629  *				 sub-hierarchy of a candidate PCI-PCI bridge
630  * @dev: candidate PCI device belonging to @bridge PCI sub-hierarchy
631  * @bridge: the candidate PCI-PCI bridge
632  *
633  * Return: true if @dev belongs to @bridge PCI sub-hierarchy, else false.
634  */
635 static bool
636 is_downstream_to_pci_bridge(struct device *dev, struct device *bridge)
637 {
638 	struct pci_dev *pdev, *pbridge;
639 
640 	if (!dev_is_pci(dev) || !dev_is_pci(bridge))
641 		return false;
642 
643 	pdev = to_pci_dev(dev);
644 	pbridge = to_pci_dev(bridge);
645 
646 	if (pbridge->subordinate &&
647 	    pbridge->subordinate->number <= pdev->bus->number &&
648 	    pbridge->subordinate->busn_res.end >= pdev->bus->number)
649 		return true;
650 
651 	return false;
652 }
653 
654 static bool quirk_ioat_snb_local_iommu(struct pci_dev *pdev)
655 {
656 	struct dmar_drhd_unit *drhd;
657 	u32 vtbar;
658 	int rc;
659 
660 	/* We know that this device on this chipset has its own IOMMU.
661 	 * If we find it under a different IOMMU, then the BIOS is lying
662 	 * to us. Hope that the IOMMU for this device is actually
663 	 * disabled, and it needs no translation...
664 	 */
665 	rc = pci_bus_read_config_dword(pdev->bus, PCI_DEVFN(0, 0), 0xb0, &vtbar);
666 	if (rc) {
667 		/* "can't" happen */
668 		dev_info(&pdev->dev, "failed to run vt-d quirk\n");
669 		return false;
670 	}
671 	vtbar &= 0xffff0000;
672 
673 	/* we know that the this iommu should be at offset 0xa000 from vtbar */
674 	drhd = dmar_find_matched_drhd_unit(pdev);
675 	if (!drhd || drhd->reg_base_addr - vtbar != 0xa000) {
676 		pr_warn_once(FW_BUG "BIOS assigned incorrect VT-d unit for Intel(R) QuickData Technology device\n");
677 		add_taint(TAINT_FIRMWARE_WORKAROUND, LOCKDEP_STILL_OK);
678 		return true;
679 	}
680 
681 	return false;
682 }
683 
684 static bool iommu_is_dummy(struct intel_iommu *iommu, struct device *dev)
685 {
686 	if (!iommu || iommu->drhd->ignored)
687 		return true;
688 
689 	if (dev_is_pci(dev)) {
690 		struct pci_dev *pdev = to_pci_dev(dev);
691 
692 		if (pdev->vendor == PCI_VENDOR_ID_INTEL &&
693 		    pdev->device == PCI_DEVICE_ID_INTEL_IOAT_SNB &&
694 		    quirk_ioat_snb_local_iommu(pdev))
695 			return true;
696 	}
697 
698 	return false;
699 }
700 
701 struct intel_iommu *device_to_iommu(struct device *dev, u8 *bus, u8 *devfn)
702 {
703 	struct dmar_drhd_unit *drhd = NULL;
704 	struct pci_dev *pdev = NULL;
705 	struct intel_iommu *iommu;
706 	struct device *tmp;
707 	u16 segment = 0;
708 	int i;
709 
710 	if (!dev)
711 		return NULL;
712 
713 	if (dev_is_pci(dev)) {
714 		struct pci_dev *pf_pdev;
715 
716 		pdev = pci_real_dma_dev(to_pci_dev(dev));
717 
718 		/* VFs aren't listed in scope tables; we need to look up
719 		 * the PF instead to find the IOMMU. */
720 		pf_pdev = pci_physfn(pdev);
721 		dev = &pf_pdev->dev;
722 		segment = pci_domain_nr(pdev->bus);
723 	} else if (has_acpi_companion(dev))
724 		dev = &ACPI_COMPANION(dev)->dev;
725 
726 	rcu_read_lock();
727 	for_each_iommu(iommu, drhd) {
728 		if (pdev && segment != drhd->segment)
729 			continue;
730 
731 		for_each_active_dev_scope(drhd->devices,
732 					  drhd->devices_cnt, i, tmp) {
733 			if (tmp == dev) {
734 				/* For a VF use its original BDF# not that of the PF
735 				 * which we used for the IOMMU lookup. Strictly speaking
736 				 * we could do this for all PCI devices; we only need to
737 				 * get the BDF# from the scope table for ACPI matches. */
738 				if (pdev && pdev->is_virtfn)
739 					goto got_pdev;
740 
741 				if (bus && devfn) {
742 					*bus = drhd->devices[i].bus;
743 					*devfn = drhd->devices[i].devfn;
744 				}
745 				goto out;
746 			}
747 
748 			if (is_downstream_to_pci_bridge(dev, tmp))
749 				goto got_pdev;
750 		}
751 
752 		if (pdev && drhd->include_all) {
753 got_pdev:
754 			if (bus && devfn) {
755 				*bus = pdev->bus->number;
756 				*devfn = pdev->devfn;
757 			}
758 			goto out;
759 		}
760 	}
761 	iommu = NULL;
762 out:
763 	if (iommu_is_dummy(iommu, dev))
764 		iommu = NULL;
765 
766 	rcu_read_unlock();
767 
768 	return iommu;
769 }
770 
771 static void domain_flush_cache(struct dmar_domain *domain,
772 			       void *addr, int size)
773 {
774 	if (!domain->iommu_coherency)
775 		clflush_cache_range(addr, size);
776 }
777 
778 static void free_context_table(struct intel_iommu *iommu)
779 {
780 	struct context_entry *context;
781 	int i;
782 
783 	if (!iommu->root_entry)
784 		return;
785 
786 	for (i = 0; i < ROOT_ENTRY_NR; i++) {
787 		context = iommu_context_addr(iommu, i, 0, 0);
788 		if (context)
789 			free_pgtable_page(context);
790 
791 		if (!sm_supported(iommu))
792 			continue;
793 
794 		context = iommu_context_addr(iommu, i, 0x80, 0);
795 		if (context)
796 			free_pgtable_page(context);
797 	}
798 
799 	free_pgtable_page(iommu->root_entry);
800 	iommu->root_entry = NULL;
801 }
802 
803 #ifdef CONFIG_DMAR_DEBUG
804 static void pgtable_walk(struct intel_iommu *iommu, unsigned long pfn,
805 			 u8 bus, u8 devfn, struct dma_pte *parent, int level)
806 {
807 	struct dma_pte *pte;
808 	int offset;
809 
810 	while (1) {
811 		offset = pfn_level_offset(pfn, level);
812 		pte = &parent[offset];
813 		if (!pte || (dma_pte_superpage(pte) || !dma_pte_present(pte))) {
814 			pr_info("PTE not present at level %d\n", level);
815 			break;
816 		}
817 
818 		pr_info("pte level: %d, pte value: 0x%016llx\n", level, pte->val);
819 
820 		if (level == 1)
821 			break;
822 
823 		parent = phys_to_virt(dma_pte_addr(pte));
824 		level--;
825 	}
826 }
827 
828 void dmar_fault_dump_ptes(struct intel_iommu *iommu, u16 source_id,
829 			  unsigned long long addr, u32 pasid)
830 {
831 	struct pasid_dir_entry *dir, *pde;
832 	struct pasid_entry *entries, *pte;
833 	struct context_entry *ctx_entry;
834 	struct root_entry *rt_entry;
835 	int i, dir_index, index, level;
836 	u8 devfn = source_id & 0xff;
837 	u8 bus = source_id >> 8;
838 	struct dma_pte *pgtable;
839 
840 	pr_info("Dump %s table entries for IOVA 0x%llx\n", iommu->name, addr);
841 
842 	/* root entry dump */
843 	rt_entry = &iommu->root_entry[bus];
844 	if (!rt_entry) {
845 		pr_info("root table entry is not present\n");
846 		return;
847 	}
848 
849 	if (sm_supported(iommu))
850 		pr_info("scalable mode root entry: hi 0x%016llx, low 0x%016llx\n",
851 			rt_entry->hi, rt_entry->lo);
852 	else
853 		pr_info("root entry: 0x%016llx", rt_entry->lo);
854 
855 	/* context entry dump */
856 	ctx_entry = iommu_context_addr(iommu, bus, devfn, 0);
857 	if (!ctx_entry) {
858 		pr_info("context table entry is not present\n");
859 		return;
860 	}
861 
862 	pr_info("context entry: hi 0x%016llx, low 0x%016llx\n",
863 		ctx_entry->hi, ctx_entry->lo);
864 
865 	/* legacy mode does not require PASID entries */
866 	if (!sm_supported(iommu)) {
867 		level = agaw_to_level(ctx_entry->hi & 7);
868 		pgtable = phys_to_virt(ctx_entry->lo & VTD_PAGE_MASK);
869 		goto pgtable_walk;
870 	}
871 
872 	/* get the pointer to pasid directory entry */
873 	dir = phys_to_virt(ctx_entry->lo & VTD_PAGE_MASK);
874 	if (!dir) {
875 		pr_info("pasid directory entry is not present\n");
876 		return;
877 	}
878 	/* For request-without-pasid, get the pasid from context entry */
879 	if (intel_iommu_sm && pasid == INVALID_IOASID)
880 		pasid = PASID_RID2PASID;
881 
882 	dir_index = pasid >> PASID_PDE_SHIFT;
883 	pde = &dir[dir_index];
884 	pr_info("pasid dir entry: 0x%016llx\n", pde->val);
885 
886 	/* get the pointer to the pasid table entry */
887 	entries = get_pasid_table_from_pde(pde);
888 	if (!entries) {
889 		pr_info("pasid table entry is not present\n");
890 		return;
891 	}
892 	index = pasid & PASID_PTE_MASK;
893 	pte = &entries[index];
894 	for (i = 0; i < ARRAY_SIZE(pte->val); i++)
895 		pr_info("pasid table entry[%d]: 0x%016llx\n", i, pte->val[i]);
896 
897 	if (pasid_pte_get_pgtt(pte) == PASID_ENTRY_PGTT_FL_ONLY) {
898 		level = pte->val[2] & BIT_ULL(2) ? 5 : 4;
899 		pgtable = phys_to_virt(pte->val[2] & VTD_PAGE_MASK);
900 	} else {
901 		level = agaw_to_level((pte->val[0] >> 2) & 0x7);
902 		pgtable = phys_to_virt(pte->val[0] & VTD_PAGE_MASK);
903 	}
904 
905 pgtable_walk:
906 	pgtable_walk(iommu, addr >> VTD_PAGE_SHIFT, bus, devfn, pgtable, level);
907 }
908 #endif
909 
910 static struct dma_pte *pfn_to_dma_pte(struct dmar_domain *domain,
911 				      unsigned long pfn, int *target_level,
912 				      gfp_t gfp)
913 {
914 	struct dma_pte *parent, *pte;
915 	int level = agaw_to_level(domain->agaw);
916 	int offset;
917 
918 	BUG_ON(!domain->pgd);
919 
920 	if (!domain_pfn_supported(domain, pfn))
921 		/* Address beyond IOMMU's addressing capabilities. */
922 		return NULL;
923 
924 	parent = domain->pgd;
925 
926 	while (1) {
927 		void *tmp_page;
928 
929 		offset = pfn_level_offset(pfn, level);
930 		pte = &parent[offset];
931 		if (!*target_level && (dma_pte_superpage(pte) || !dma_pte_present(pte)))
932 			break;
933 		if (level == *target_level)
934 			break;
935 
936 		if (!dma_pte_present(pte)) {
937 			uint64_t pteval;
938 
939 			tmp_page = alloc_pgtable_page(domain->nid, gfp);
940 
941 			if (!tmp_page)
942 				return NULL;
943 
944 			domain_flush_cache(domain, tmp_page, VTD_PAGE_SIZE);
945 			pteval = ((uint64_t)virt_to_dma_pfn(tmp_page) << VTD_PAGE_SHIFT) | DMA_PTE_READ | DMA_PTE_WRITE;
946 			if (domain->use_first_level)
947 				pteval |= DMA_FL_PTE_XD | DMA_FL_PTE_US | DMA_FL_PTE_ACCESS;
948 
949 			if (cmpxchg64(&pte->val, 0ULL, pteval))
950 				/* Someone else set it while we were thinking; use theirs. */
951 				free_pgtable_page(tmp_page);
952 			else
953 				domain_flush_cache(domain, pte, sizeof(*pte));
954 		}
955 		if (level == 1)
956 			break;
957 
958 		parent = phys_to_virt(dma_pte_addr(pte));
959 		level--;
960 	}
961 
962 	if (!*target_level)
963 		*target_level = level;
964 
965 	return pte;
966 }
967 
968 /* return address's pte at specific level */
969 static struct dma_pte *dma_pfn_level_pte(struct dmar_domain *domain,
970 					 unsigned long pfn,
971 					 int level, int *large_page)
972 {
973 	struct dma_pte *parent, *pte;
974 	int total = agaw_to_level(domain->agaw);
975 	int offset;
976 
977 	parent = domain->pgd;
978 	while (level <= total) {
979 		offset = pfn_level_offset(pfn, total);
980 		pte = &parent[offset];
981 		if (level == total)
982 			return pte;
983 
984 		if (!dma_pte_present(pte)) {
985 			*large_page = total;
986 			break;
987 		}
988 
989 		if (dma_pte_superpage(pte)) {
990 			*large_page = total;
991 			return pte;
992 		}
993 
994 		parent = phys_to_virt(dma_pte_addr(pte));
995 		total--;
996 	}
997 	return NULL;
998 }
999 
1000 /* clear last level pte, a tlb flush should be followed */
1001 static void dma_pte_clear_range(struct dmar_domain *domain,
1002 				unsigned long start_pfn,
1003 				unsigned long last_pfn)
1004 {
1005 	unsigned int large_page;
1006 	struct dma_pte *first_pte, *pte;
1007 
1008 	BUG_ON(!domain_pfn_supported(domain, start_pfn));
1009 	BUG_ON(!domain_pfn_supported(domain, last_pfn));
1010 	BUG_ON(start_pfn > last_pfn);
1011 
1012 	/* we don't need lock here; nobody else touches the iova range */
1013 	do {
1014 		large_page = 1;
1015 		first_pte = pte = dma_pfn_level_pte(domain, start_pfn, 1, &large_page);
1016 		if (!pte) {
1017 			start_pfn = align_to_level(start_pfn + 1, large_page + 1);
1018 			continue;
1019 		}
1020 		do {
1021 			dma_clear_pte(pte);
1022 			start_pfn += lvl_to_nr_pages(large_page);
1023 			pte++;
1024 		} while (start_pfn <= last_pfn && !first_pte_in_page(pte));
1025 
1026 		domain_flush_cache(domain, first_pte,
1027 				   (void *)pte - (void *)first_pte);
1028 
1029 	} while (start_pfn && start_pfn <= last_pfn);
1030 }
1031 
1032 static void dma_pte_free_level(struct dmar_domain *domain, int level,
1033 			       int retain_level, struct dma_pte *pte,
1034 			       unsigned long pfn, unsigned long start_pfn,
1035 			       unsigned long last_pfn)
1036 {
1037 	pfn = max(start_pfn, pfn);
1038 	pte = &pte[pfn_level_offset(pfn, level)];
1039 
1040 	do {
1041 		unsigned long level_pfn;
1042 		struct dma_pte *level_pte;
1043 
1044 		if (!dma_pte_present(pte) || dma_pte_superpage(pte))
1045 			goto next;
1046 
1047 		level_pfn = pfn & level_mask(level);
1048 		level_pte = phys_to_virt(dma_pte_addr(pte));
1049 
1050 		if (level > 2) {
1051 			dma_pte_free_level(domain, level - 1, retain_level,
1052 					   level_pte, level_pfn, start_pfn,
1053 					   last_pfn);
1054 		}
1055 
1056 		/*
1057 		 * Free the page table if we're below the level we want to
1058 		 * retain and the range covers the entire table.
1059 		 */
1060 		if (level < retain_level && !(start_pfn > level_pfn ||
1061 		      last_pfn < level_pfn + level_size(level) - 1)) {
1062 			dma_clear_pte(pte);
1063 			domain_flush_cache(domain, pte, sizeof(*pte));
1064 			free_pgtable_page(level_pte);
1065 		}
1066 next:
1067 		pfn += level_size(level);
1068 	} while (!first_pte_in_page(++pte) && pfn <= last_pfn);
1069 }
1070 
1071 /*
1072  * clear last level (leaf) ptes and free page table pages below the
1073  * level we wish to keep intact.
1074  */
1075 static void dma_pte_free_pagetable(struct dmar_domain *domain,
1076 				   unsigned long start_pfn,
1077 				   unsigned long last_pfn,
1078 				   int retain_level)
1079 {
1080 	dma_pte_clear_range(domain, start_pfn, last_pfn);
1081 
1082 	/* We don't need lock here; nobody else touches the iova range */
1083 	dma_pte_free_level(domain, agaw_to_level(domain->agaw), retain_level,
1084 			   domain->pgd, 0, start_pfn, last_pfn);
1085 
1086 	/* free pgd */
1087 	if (start_pfn == 0 && last_pfn == DOMAIN_MAX_PFN(domain->gaw)) {
1088 		free_pgtable_page(domain->pgd);
1089 		domain->pgd = NULL;
1090 	}
1091 }
1092 
1093 /* When a page at a given level is being unlinked from its parent, we don't
1094    need to *modify* it at all. All we need to do is make a list of all the
1095    pages which can be freed just as soon as we've flushed the IOTLB and we
1096    know the hardware page-walk will no longer touch them.
1097    The 'pte' argument is the *parent* PTE, pointing to the page that is to
1098    be freed. */
1099 static void dma_pte_list_pagetables(struct dmar_domain *domain,
1100 				    int level, struct dma_pte *pte,
1101 				    struct list_head *freelist)
1102 {
1103 	struct page *pg;
1104 
1105 	pg = pfn_to_page(dma_pte_addr(pte) >> PAGE_SHIFT);
1106 	list_add_tail(&pg->lru, freelist);
1107 
1108 	if (level == 1)
1109 		return;
1110 
1111 	pte = page_address(pg);
1112 	do {
1113 		if (dma_pte_present(pte) && !dma_pte_superpage(pte))
1114 			dma_pte_list_pagetables(domain, level - 1, pte, freelist);
1115 		pte++;
1116 	} while (!first_pte_in_page(pte));
1117 }
1118 
1119 static void dma_pte_clear_level(struct dmar_domain *domain, int level,
1120 				struct dma_pte *pte, unsigned long pfn,
1121 				unsigned long start_pfn, unsigned long last_pfn,
1122 				struct list_head *freelist)
1123 {
1124 	struct dma_pte *first_pte = NULL, *last_pte = NULL;
1125 
1126 	pfn = max(start_pfn, pfn);
1127 	pte = &pte[pfn_level_offset(pfn, level)];
1128 
1129 	do {
1130 		unsigned long level_pfn = pfn & level_mask(level);
1131 
1132 		if (!dma_pte_present(pte))
1133 			goto next;
1134 
1135 		/* If range covers entire pagetable, free it */
1136 		if (start_pfn <= level_pfn &&
1137 		    last_pfn >= level_pfn + level_size(level) - 1) {
1138 			/* These suborbinate page tables are going away entirely. Don't
1139 			   bother to clear them; we're just going to *free* them. */
1140 			if (level > 1 && !dma_pte_superpage(pte))
1141 				dma_pte_list_pagetables(domain, level - 1, pte, freelist);
1142 
1143 			dma_clear_pte(pte);
1144 			if (!first_pte)
1145 				first_pte = pte;
1146 			last_pte = pte;
1147 		} else if (level > 1) {
1148 			/* Recurse down into a level that isn't *entirely* obsolete */
1149 			dma_pte_clear_level(domain, level - 1,
1150 					    phys_to_virt(dma_pte_addr(pte)),
1151 					    level_pfn, start_pfn, last_pfn,
1152 					    freelist);
1153 		}
1154 next:
1155 		pfn = level_pfn + level_size(level);
1156 	} while (!first_pte_in_page(++pte) && pfn <= last_pfn);
1157 
1158 	if (first_pte)
1159 		domain_flush_cache(domain, first_pte,
1160 				   (void *)++last_pte - (void *)first_pte);
1161 }
1162 
1163 /* We can't just free the pages because the IOMMU may still be walking
1164    the page tables, and may have cached the intermediate levels. The
1165    pages can only be freed after the IOTLB flush has been done. */
1166 static void domain_unmap(struct dmar_domain *domain, unsigned long start_pfn,
1167 			 unsigned long last_pfn, struct list_head *freelist)
1168 {
1169 	BUG_ON(!domain_pfn_supported(domain, start_pfn));
1170 	BUG_ON(!domain_pfn_supported(domain, last_pfn));
1171 	BUG_ON(start_pfn > last_pfn);
1172 
1173 	/* we don't need lock here; nobody else touches the iova range */
1174 	dma_pte_clear_level(domain, agaw_to_level(domain->agaw),
1175 			    domain->pgd, 0, start_pfn, last_pfn, freelist);
1176 
1177 	/* free pgd */
1178 	if (start_pfn == 0 && last_pfn == DOMAIN_MAX_PFN(domain->gaw)) {
1179 		struct page *pgd_page = virt_to_page(domain->pgd);
1180 		list_add_tail(&pgd_page->lru, freelist);
1181 		domain->pgd = NULL;
1182 	}
1183 }
1184 
1185 /* iommu handling */
1186 static int iommu_alloc_root_entry(struct intel_iommu *iommu)
1187 {
1188 	struct root_entry *root;
1189 
1190 	root = (struct root_entry *)alloc_pgtable_page(iommu->node, GFP_ATOMIC);
1191 	if (!root) {
1192 		pr_err("Allocating root entry for %s failed\n",
1193 			iommu->name);
1194 		return -ENOMEM;
1195 	}
1196 
1197 	__iommu_flush_cache(iommu, root, ROOT_SIZE);
1198 	iommu->root_entry = root;
1199 
1200 	return 0;
1201 }
1202 
1203 static void iommu_set_root_entry(struct intel_iommu *iommu)
1204 {
1205 	u64 addr;
1206 	u32 sts;
1207 	unsigned long flag;
1208 
1209 	addr = virt_to_phys(iommu->root_entry);
1210 	if (sm_supported(iommu))
1211 		addr |= DMA_RTADDR_SMT;
1212 
1213 	raw_spin_lock_irqsave(&iommu->register_lock, flag);
1214 	dmar_writeq(iommu->reg + DMAR_RTADDR_REG, addr);
1215 
1216 	writel(iommu->gcmd | DMA_GCMD_SRTP, iommu->reg + DMAR_GCMD_REG);
1217 
1218 	/* Make sure hardware complete it */
1219 	IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1220 		      readl, (sts & DMA_GSTS_RTPS), sts);
1221 
1222 	raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1223 
1224 	/*
1225 	 * Hardware invalidates all DMA remapping hardware translation
1226 	 * caches as part of SRTP flow.
1227 	 */
1228 	if (cap_esrtps(iommu->cap))
1229 		return;
1230 
1231 	iommu->flush.flush_context(iommu, 0, 0, 0, DMA_CCMD_GLOBAL_INVL);
1232 	if (sm_supported(iommu))
1233 		qi_flush_pasid_cache(iommu, 0, QI_PC_GLOBAL, 0);
1234 	iommu->flush.flush_iotlb(iommu, 0, 0, 0, DMA_TLB_GLOBAL_FLUSH);
1235 }
1236 
1237 void iommu_flush_write_buffer(struct intel_iommu *iommu)
1238 {
1239 	u32 val;
1240 	unsigned long flag;
1241 
1242 	if (!rwbf_quirk && !cap_rwbf(iommu->cap))
1243 		return;
1244 
1245 	raw_spin_lock_irqsave(&iommu->register_lock, flag);
1246 	writel(iommu->gcmd | DMA_GCMD_WBF, iommu->reg + DMAR_GCMD_REG);
1247 
1248 	/* Make sure hardware complete it */
1249 	IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1250 		      readl, (!(val & DMA_GSTS_WBFS)), val);
1251 
1252 	raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1253 }
1254 
1255 /* return value determine if we need a write buffer flush */
1256 static void __iommu_flush_context(struct intel_iommu *iommu,
1257 				  u16 did, u16 source_id, u8 function_mask,
1258 				  u64 type)
1259 {
1260 	u64 val = 0;
1261 	unsigned long flag;
1262 
1263 	switch (type) {
1264 	case DMA_CCMD_GLOBAL_INVL:
1265 		val = DMA_CCMD_GLOBAL_INVL;
1266 		break;
1267 	case DMA_CCMD_DOMAIN_INVL:
1268 		val = DMA_CCMD_DOMAIN_INVL|DMA_CCMD_DID(did);
1269 		break;
1270 	case DMA_CCMD_DEVICE_INVL:
1271 		val = DMA_CCMD_DEVICE_INVL|DMA_CCMD_DID(did)
1272 			| DMA_CCMD_SID(source_id) | DMA_CCMD_FM(function_mask);
1273 		break;
1274 	default:
1275 		BUG();
1276 	}
1277 	val |= DMA_CCMD_ICC;
1278 
1279 	raw_spin_lock_irqsave(&iommu->register_lock, flag);
1280 	dmar_writeq(iommu->reg + DMAR_CCMD_REG, val);
1281 
1282 	/* Make sure hardware complete it */
1283 	IOMMU_WAIT_OP(iommu, DMAR_CCMD_REG,
1284 		dmar_readq, (!(val & DMA_CCMD_ICC)), val);
1285 
1286 	raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1287 }
1288 
1289 /* return value determine if we need a write buffer flush */
1290 static void __iommu_flush_iotlb(struct intel_iommu *iommu, u16 did,
1291 				u64 addr, unsigned int size_order, u64 type)
1292 {
1293 	int tlb_offset = ecap_iotlb_offset(iommu->ecap);
1294 	u64 val = 0, val_iva = 0;
1295 	unsigned long flag;
1296 
1297 	switch (type) {
1298 	case DMA_TLB_GLOBAL_FLUSH:
1299 		/* global flush doesn't need set IVA_REG */
1300 		val = DMA_TLB_GLOBAL_FLUSH|DMA_TLB_IVT;
1301 		break;
1302 	case DMA_TLB_DSI_FLUSH:
1303 		val = DMA_TLB_DSI_FLUSH|DMA_TLB_IVT|DMA_TLB_DID(did);
1304 		break;
1305 	case DMA_TLB_PSI_FLUSH:
1306 		val = DMA_TLB_PSI_FLUSH|DMA_TLB_IVT|DMA_TLB_DID(did);
1307 		/* IH bit is passed in as part of address */
1308 		val_iva = size_order | addr;
1309 		break;
1310 	default:
1311 		BUG();
1312 	}
1313 	/* Note: set drain read/write */
1314 #if 0
1315 	/*
1316 	 * This is probably to be super secure.. Looks like we can
1317 	 * ignore it without any impact.
1318 	 */
1319 	if (cap_read_drain(iommu->cap))
1320 		val |= DMA_TLB_READ_DRAIN;
1321 #endif
1322 	if (cap_write_drain(iommu->cap))
1323 		val |= DMA_TLB_WRITE_DRAIN;
1324 
1325 	raw_spin_lock_irqsave(&iommu->register_lock, flag);
1326 	/* Note: Only uses first TLB reg currently */
1327 	if (val_iva)
1328 		dmar_writeq(iommu->reg + tlb_offset, val_iva);
1329 	dmar_writeq(iommu->reg + tlb_offset + 8, val);
1330 
1331 	/* Make sure hardware complete it */
1332 	IOMMU_WAIT_OP(iommu, tlb_offset + 8,
1333 		dmar_readq, (!(val & DMA_TLB_IVT)), val);
1334 
1335 	raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1336 
1337 	/* check IOTLB invalidation granularity */
1338 	if (DMA_TLB_IAIG(val) == 0)
1339 		pr_err("Flush IOTLB failed\n");
1340 	if (DMA_TLB_IAIG(val) != DMA_TLB_IIRG(type))
1341 		pr_debug("TLB flush request %Lx, actual %Lx\n",
1342 			(unsigned long long)DMA_TLB_IIRG(type),
1343 			(unsigned long long)DMA_TLB_IAIG(val));
1344 }
1345 
1346 static struct device_domain_info *
1347 domain_lookup_dev_info(struct dmar_domain *domain,
1348 		       struct intel_iommu *iommu, u8 bus, u8 devfn)
1349 {
1350 	struct device_domain_info *info;
1351 	unsigned long flags;
1352 
1353 	spin_lock_irqsave(&domain->lock, flags);
1354 	list_for_each_entry(info, &domain->devices, link) {
1355 		if (info->iommu == iommu && info->bus == bus &&
1356 		    info->devfn == devfn) {
1357 			spin_unlock_irqrestore(&domain->lock, flags);
1358 			return info;
1359 		}
1360 	}
1361 	spin_unlock_irqrestore(&domain->lock, flags);
1362 
1363 	return NULL;
1364 }
1365 
1366 static void domain_update_iotlb(struct dmar_domain *domain)
1367 {
1368 	struct device_domain_info *info;
1369 	bool has_iotlb_device = false;
1370 	unsigned long flags;
1371 
1372 	spin_lock_irqsave(&domain->lock, flags);
1373 	list_for_each_entry(info, &domain->devices, link) {
1374 		if (info->ats_enabled) {
1375 			has_iotlb_device = true;
1376 			break;
1377 		}
1378 	}
1379 	domain->has_iotlb_device = has_iotlb_device;
1380 	spin_unlock_irqrestore(&domain->lock, flags);
1381 }
1382 
1383 /*
1384  * The extra devTLB flush quirk impacts those QAT devices with PCI device
1385  * IDs ranging from 0x4940 to 0x4943. It is exempted from risky_device()
1386  * check because it applies only to the built-in QAT devices and it doesn't
1387  * grant additional privileges.
1388  */
1389 #define BUGGY_QAT_DEVID_MASK 0x4940
1390 static bool dev_needs_extra_dtlb_flush(struct pci_dev *pdev)
1391 {
1392 	if (pdev->vendor != PCI_VENDOR_ID_INTEL)
1393 		return false;
1394 
1395 	if ((pdev->device & 0xfffc) != BUGGY_QAT_DEVID_MASK)
1396 		return false;
1397 
1398 	return true;
1399 }
1400 
1401 static void iommu_enable_pci_caps(struct device_domain_info *info)
1402 {
1403 	struct pci_dev *pdev;
1404 
1405 	if (!dev_is_pci(info->dev))
1406 		return;
1407 
1408 	pdev = to_pci_dev(info->dev);
1409 	/* For IOMMU that supports device IOTLB throttling (DIT), we assign
1410 	 * PFSID to the invalidation desc of a VF such that IOMMU HW can gauge
1411 	 * queue depth at PF level. If DIT is not set, PFSID will be treated as
1412 	 * reserved, which should be set to 0.
1413 	 */
1414 	if (!ecap_dit(info->iommu->ecap))
1415 		info->pfsid = 0;
1416 	else {
1417 		struct pci_dev *pf_pdev;
1418 
1419 		/* pdev will be returned if device is not a vf */
1420 		pf_pdev = pci_physfn(pdev);
1421 		info->pfsid = pci_dev_id(pf_pdev);
1422 	}
1423 
1424 	/* The PCIe spec, in its wisdom, declares that the behaviour of
1425 	   the device if you enable PASID support after ATS support is
1426 	   undefined. So always enable PASID support on devices which
1427 	   have it, even if we can't yet know if we're ever going to
1428 	   use it. */
1429 	if (info->pasid_supported && !pci_enable_pasid(pdev, info->pasid_supported & ~1))
1430 		info->pasid_enabled = 1;
1431 
1432 	if (info->pri_supported &&
1433 	    (info->pasid_enabled ? pci_prg_resp_pasid_required(pdev) : 1)  &&
1434 	    !pci_reset_pri(pdev) && !pci_enable_pri(pdev, PRQ_DEPTH))
1435 		info->pri_enabled = 1;
1436 
1437 	if (info->ats_supported && pci_ats_page_aligned(pdev) &&
1438 	    !pci_enable_ats(pdev, VTD_PAGE_SHIFT)) {
1439 		info->ats_enabled = 1;
1440 		domain_update_iotlb(info->domain);
1441 		info->ats_qdep = pci_ats_queue_depth(pdev);
1442 	}
1443 }
1444 
1445 static void iommu_disable_pci_caps(struct device_domain_info *info)
1446 {
1447 	struct pci_dev *pdev;
1448 
1449 	if (!dev_is_pci(info->dev))
1450 		return;
1451 
1452 	pdev = to_pci_dev(info->dev);
1453 
1454 	if (info->ats_enabled) {
1455 		pci_disable_ats(pdev);
1456 		info->ats_enabled = 0;
1457 		domain_update_iotlb(info->domain);
1458 	}
1459 
1460 	if (info->pri_enabled) {
1461 		pci_disable_pri(pdev);
1462 		info->pri_enabled = 0;
1463 	}
1464 
1465 	if (info->pasid_enabled) {
1466 		pci_disable_pasid(pdev);
1467 		info->pasid_enabled = 0;
1468 	}
1469 }
1470 
1471 static void __iommu_flush_dev_iotlb(struct device_domain_info *info,
1472 				    u64 addr, unsigned int mask)
1473 {
1474 	u16 sid, qdep;
1475 
1476 	if (!info || !info->ats_enabled)
1477 		return;
1478 
1479 	sid = info->bus << 8 | info->devfn;
1480 	qdep = info->ats_qdep;
1481 	qi_flush_dev_iotlb(info->iommu, sid, info->pfsid,
1482 			   qdep, addr, mask);
1483 	quirk_extra_dev_tlb_flush(info, addr, mask, PASID_RID2PASID, qdep);
1484 }
1485 
1486 static void iommu_flush_dev_iotlb(struct dmar_domain *domain,
1487 				  u64 addr, unsigned mask)
1488 {
1489 	struct device_domain_info *info;
1490 	unsigned long flags;
1491 
1492 	if (!domain->has_iotlb_device)
1493 		return;
1494 
1495 	spin_lock_irqsave(&domain->lock, flags);
1496 	list_for_each_entry(info, &domain->devices, link)
1497 		__iommu_flush_dev_iotlb(info, addr, mask);
1498 	spin_unlock_irqrestore(&domain->lock, flags);
1499 }
1500 
1501 static void iommu_flush_iotlb_psi(struct intel_iommu *iommu,
1502 				  struct dmar_domain *domain,
1503 				  unsigned long pfn, unsigned int pages,
1504 				  int ih, int map)
1505 {
1506 	unsigned int aligned_pages = __roundup_pow_of_two(pages);
1507 	unsigned int mask = ilog2(aligned_pages);
1508 	uint64_t addr = (uint64_t)pfn << VTD_PAGE_SHIFT;
1509 	u16 did = domain_id_iommu(domain, iommu);
1510 
1511 	BUG_ON(pages == 0);
1512 
1513 	if (ih)
1514 		ih = 1 << 6;
1515 
1516 	if (domain->use_first_level) {
1517 		qi_flush_piotlb(iommu, did, PASID_RID2PASID, addr, pages, ih);
1518 	} else {
1519 		unsigned long bitmask = aligned_pages - 1;
1520 
1521 		/*
1522 		 * PSI masks the low order bits of the base address. If the
1523 		 * address isn't aligned to the mask, then compute a mask value
1524 		 * needed to ensure the target range is flushed.
1525 		 */
1526 		if (unlikely(bitmask & pfn)) {
1527 			unsigned long end_pfn = pfn + pages - 1, shared_bits;
1528 
1529 			/*
1530 			 * Since end_pfn <= pfn + bitmask, the only way bits
1531 			 * higher than bitmask can differ in pfn and end_pfn is
1532 			 * by carrying. This means after masking out bitmask,
1533 			 * high bits starting with the first set bit in
1534 			 * shared_bits are all equal in both pfn and end_pfn.
1535 			 */
1536 			shared_bits = ~(pfn ^ end_pfn) & ~bitmask;
1537 			mask = shared_bits ? __ffs(shared_bits) : BITS_PER_LONG;
1538 		}
1539 
1540 		/*
1541 		 * Fallback to domain selective flush if no PSI support or
1542 		 * the size is too big.
1543 		 */
1544 		if (!cap_pgsel_inv(iommu->cap) ||
1545 		    mask > cap_max_amask_val(iommu->cap))
1546 			iommu->flush.flush_iotlb(iommu, did, 0, 0,
1547 							DMA_TLB_DSI_FLUSH);
1548 		else
1549 			iommu->flush.flush_iotlb(iommu, did, addr | ih, mask,
1550 							DMA_TLB_PSI_FLUSH);
1551 	}
1552 
1553 	/*
1554 	 * In caching mode, changes of pages from non-present to present require
1555 	 * flush. However, device IOTLB doesn't need to be flushed in this case.
1556 	 */
1557 	if (!cap_caching_mode(iommu->cap) || !map)
1558 		iommu_flush_dev_iotlb(domain, addr, mask);
1559 }
1560 
1561 /* Notification for newly created mappings */
1562 static inline void __mapping_notify_one(struct intel_iommu *iommu,
1563 					struct dmar_domain *domain,
1564 					unsigned long pfn, unsigned int pages)
1565 {
1566 	/*
1567 	 * It's a non-present to present mapping. Only flush if caching mode
1568 	 * and second level.
1569 	 */
1570 	if (cap_caching_mode(iommu->cap) && !domain->use_first_level)
1571 		iommu_flush_iotlb_psi(iommu, domain, pfn, pages, 0, 1);
1572 	else
1573 		iommu_flush_write_buffer(iommu);
1574 }
1575 
1576 static void intel_flush_iotlb_all(struct iommu_domain *domain)
1577 {
1578 	struct dmar_domain *dmar_domain = to_dmar_domain(domain);
1579 	struct iommu_domain_info *info;
1580 	unsigned long idx;
1581 
1582 	xa_for_each(&dmar_domain->iommu_array, idx, info) {
1583 		struct intel_iommu *iommu = info->iommu;
1584 		u16 did = domain_id_iommu(dmar_domain, iommu);
1585 
1586 		if (dmar_domain->use_first_level)
1587 			qi_flush_piotlb(iommu, did, PASID_RID2PASID, 0, -1, 0);
1588 		else
1589 			iommu->flush.flush_iotlb(iommu, did, 0, 0,
1590 						 DMA_TLB_DSI_FLUSH);
1591 
1592 		if (!cap_caching_mode(iommu->cap))
1593 			iommu_flush_dev_iotlb(dmar_domain, 0, MAX_AGAW_PFN_WIDTH);
1594 	}
1595 }
1596 
1597 static void iommu_disable_protect_mem_regions(struct intel_iommu *iommu)
1598 {
1599 	u32 pmen;
1600 	unsigned long flags;
1601 
1602 	if (!cap_plmr(iommu->cap) && !cap_phmr(iommu->cap))
1603 		return;
1604 
1605 	raw_spin_lock_irqsave(&iommu->register_lock, flags);
1606 	pmen = readl(iommu->reg + DMAR_PMEN_REG);
1607 	pmen &= ~DMA_PMEN_EPM;
1608 	writel(pmen, iommu->reg + DMAR_PMEN_REG);
1609 
1610 	/* wait for the protected region status bit to clear */
1611 	IOMMU_WAIT_OP(iommu, DMAR_PMEN_REG,
1612 		readl, !(pmen & DMA_PMEN_PRS), pmen);
1613 
1614 	raw_spin_unlock_irqrestore(&iommu->register_lock, flags);
1615 }
1616 
1617 static void iommu_enable_translation(struct intel_iommu *iommu)
1618 {
1619 	u32 sts;
1620 	unsigned long flags;
1621 
1622 	raw_spin_lock_irqsave(&iommu->register_lock, flags);
1623 	iommu->gcmd |= DMA_GCMD_TE;
1624 	writel(iommu->gcmd, iommu->reg + DMAR_GCMD_REG);
1625 
1626 	/* Make sure hardware complete it */
1627 	IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1628 		      readl, (sts & DMA_GSTS_TES), sts);
1629 
1630 	raw_spin_unlock_irqrestore(&iommu->register_lock, flags);
1631 }
1632 
1633 static void iommu_disable_translation(struct intel_iommu *iommu)
1634 {
1635 	u32 sts;
1636 	unsigned long flag;
1637 
1638 	if (iommu_skip_te_disable && iommu->drhd->gfx_dedicated &&
1639 	    (cap_read_drain(iommu->cap) || cap_write_drain(iommu->cap)))
1640 		return;
1641 
1642 	raw_spin_lock_irqsave(&iommu->register_lock, flag);
1643 	iommu->gcmd &= ~DMA_GCMD_TE;
1644 	writel(iommu->gcmd, iommu->reg + DMAR_GCMD_REG);
1645 
1646 	/* Make sure hardware complete it */
1647 	IOMMU_WAIT_OP(iommu, DMAR_GSTS_REG,
1648 		      readl, (!(sts & DMA_GSTS_TES)), sts);
1649 
1650 	raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
1651 }
1652 
1653 static int iommu_init_domains(struct intel_iommu *iommu)
1654 {
1655 	u32 ndomains;
1656 
1657 	ndomains = cap_ndoms(iommu->cap);
1658 	pr_debug("%s: Number of Domains supported <%d>\n",
1659 		 iommu->name, ndomains);
1660 
1661 	spin_lock_init(&iommu->lock);
1662 
1663 	iommu->domain_ids = bitmap_zalloc(ndomains, GFP_KERNEL);
1664 	if (!iommu->domain_ids)
1665 		return -ENOMEM;
1666 
1667 	/*
1668 	 * If Caching mode is set, then invalid translations are tagged
1669 	 * with domain-id 0, hence we need to pre-allocate it. We also
1670 	 * use domain-id 0 as a marker for non-allocated domain-id, so
1671 	 * make sure it is not used for a real domain.
1672 	 */
1673 	set_bit(0, iommu->domain_ids);
1674 
1675 	/*
1676 	 * Vt-d spec rev3.0 (section 6.2.3.1) requires that each pasid
1677 	 * entry for first-level or pass-through translation modes should
1678 	 * be programmed with a domain id different from those used for
1679 	 * second-level or nested translation. We reserve a domain id for
1680 	 * this purpose.
1681 	 */
1682 	if (sm_supported(iommu))
1683 		set_bit(FLPT_DEFAULT_DID, iommu->domain_ids);
1684 
1685 	return 0;
1686 }
1687 
1688 static void disable_dmar_iommu(struct intel_iommu *iommu)
1689 {
1690 	if (!iommu->domain_ids)
1691 		return;
1692 
1693 	/*
1694 	 * All iommu domains must have been detached from the devices,
1695 	 * hence there should be no domain IDs in use.
1696 	 */
1697 	if (WARN_ON(bitmap_weight(iommu->domain_ids, cap_ndoms(iommu->cap))
1698 		    > NUM_RESERVED_DID))
1699 		return;
1700 
1701 	if (iommu->gcmd & DMA_GCMD_TE)
1702 		iommu_disable_translation(iommu);
1703 }
1704 
1705 static void free_dmar_iommu(struct intel_iommu *iommu)
1706 {
1707 	if (iommu->domain_ids) {
1708 		bitmap_free(iommu->domain_ids);
1709 		iommu->domain_ids = NULL;
1710 	}
1711 
1712 	if (iommu->copied_tables) {
1713 		bitmap_free(iommu->copied_tables);
1714 		iommu->copied_tables = NULL;
1715 	}
1716 
1717 	/* free context mapping */
1718 	free_context_table(iommu);
1719 
1720 #ifdef CONFIG_INTEL_IOMMU_SVM
1721 	if (pasid_supported(iommu)) {
1722 		if (ecap_prs(iommu->ecap))
1723 			intel_svm_finish_prq(iommu);
1724 	}
1725 	if (vccap_pasid(iommu->vccap))
1726 		ioasid_unregister_allocator(&iommu->pasid_allocator);
1727 
1728 #endif
1729 }
1730 
1731 /*
1732  * Check and return whether first level is used by default for
1733  * DMA translation.
1734  */
1735 static bool first_level_by_default(unsigned int type)
1736 {
1737 	/* Only SL is available in legacy mode */
1738 	if (!scalable_mode_support())
1739 		return false;
1740 
1741 	/* Only level (either FL or SL) is available, just use it */
1742 	if (intel_cap_flts_sanity() ^ intel_cap_slts_sanity())
1743 		return intel_cap_flts_sanity();
1744 
1745 	/* Both levels are available, decide it based on domain type */
1746 	return type != IOMMU_DOMAIN_UNMANAGED;
1747 }
1748 
1749 static struct dmar_domain *alloc_domain(unsigned int type)
1750 {
1751 	struct dmar_domain *domain;
1752 
1753 	domain = kzalloc(sizeof(*domain), GFP_KERNEL);
1754 	if (!domain)
1755 		return NULL;
1756 
1757 	domain->nid = NUMA_NO_NODE;
1758 	if (first_level_by_default(type))
1759 		domain->use_first_level = true;
1760 	domain->has_iotlb_device = false;
1761 	INIT_LIST_HEAD(&domain->devices);
1762 	spin_lock_init(&domain->lock);
1763 	xa_init(&domain->iommu_array);
1764 
1765 	return domain;
1766 }
1767 
1768 static int domain_attach_iommu(struct dmar_domain *domain,
1769 			       struct intel_iommu *iommu)
1770 {
1771 	struct iommu_domain_info *info, *curr;
1772 	unsigned long ndomains;
1773 	int num, ret = -ENOSPC;
1774 
1775 	info = kzalloc(sizeof(*info), GFP_KERNEL);
1776 	if (!info)
1777 		return -ENOMEM;
1778 
1779 	spin_lock(&iommu->lock);
1780 	curr = xa_load(&domain->iommu_array, iommu->seq_id);
1781 	if (curr) {
1782 		curr->refcnt++;
1783 		spin_unlock(&iommu->lock);
1784 		kfree(info);
1785 		return 0;
1786 	}
1787 
1788 	ndomains = cap_ndoms(iommu->cap);
1789 	num = find_first_zero_bit(iommu->domain_ids, ndomains);
1790 	if (num >= ndomains) {
1791 		pr_err("%s: No free domain ids\n", iommu->name);
1792 		goto err_unlock;
1793 	}
1794 
1795 	set_bit(num, iommu->domain_ids);
1796 	info->refcnt	= 1;
1797 	info->did	= num;
1798 	info->iommu	= iommu;
1799 	curr = xa_cmpxchg(&domain->iommu_array, iommu->seq_id,
1800 			  NULL, info, GFP_ATOMIC);
1801 	if (curr) {
1802 		ret = xa_err(curr) ? : -EBUSY;
1803 		goto err_clear;
1804 	}
1805 	domain_update_iommu_cap(domain);
1806 
1807 	spin_unlock(&iommu->lock);
1808 	return 0;
1809 
1810 err_clear:
1811 	clear_bit(info->did, iommu->domain_ids);
1812 err_unlock:
1813 	spin_unlock(&iommu->lock);
1814 	kfree(info);
1815 	return ret;
1816 }
1817 
1818 static void domain_detach_iommu(struct dmar_domain *domain,
1819 				struct intel_iommu *iommu)
1820 {
1821 	struct iommu_domain_info *info;
1822 
1823 	spin_lock(&iommu->lock);
1824 	info = xa_load(&domain->iommu_array, iommu->seq_id);
1825 	if (--info->refcnt == 0) {
1826 		clear_bit(info->did, iommu->domain_ids);
1827 		xa_erase(&domain->iommu_array, iommu->seq_id);
1828 		domain->nid = NUMA_NO_NODE;
1829 		domain_update_iommu_cap(domain);
1830 		kfree(info);
1831 	}
1832 	spin_unlock(&iommu->lock);
1833 }
1834 
1835 static inline int guestwidth_to_adjustwidth(int gaw)
1836 {
1837 	int agaw;
1838 	int r = (gaw - 12) % 9;
1839 
1840 	if (r == 0)
1841 		agaw = gaw;
1842 	else
1843 		agaw = gaw + 9 - r;
1844 	if (agaw > 64)
1845 		agaw = 64;
1846 	return agaw;
1847 }
1848 
1849 static void domain_exit(struct dmar_domain *domain)
1850 {
1851 	if (domain->pgd) {
1852 		LIST_HEAD(freelist);
1853 
1854 		domain_unmap(domain, 0, DOMAIN_MAX_PFN(domain->gaw), &freelist);
1855 		put_pages_list(&freelist);
1856 	}
1857 
1858 	if (WARN_ON(!list_empty(&domain->devices)))
1859 		return;
1860 
1861 	kfree(domain);
1862 }
1863 
1864 /*
1865  * Get the PASID directory size for scalable mode context entry.
1866  * Value of X in the PDTS field of a scalable mode context entry
1867  * indicates PASID directory with 2^(X + 7) entries.
1868  */
1869 static inline unsigned long context_get_sm_pds(struct pasid_table *table)
1870 {
1871 	unsigned long pds, max_pde;
1872 
1873 	max_pde = table->max_pasid >> PASID_PDE_SHIFT;
1874 	pds = find_first_bit(&max_pde, MAX_NR_PASID_BITS);
1875 	if (pds < 7)
1876 		return 0;
1877 
1878 	return pds - 7;
1879 }
1880 
1881 /*
1882  * Set the RID_PASID field of a scalable mode context entry. The
1883  * IOMMU hardware will use the PASID value set in this field for
1884  * DMA translations of DMA requests without PASID.
1885  */
1886 static inline void
1887 context_set_sm_rid2pasid(struct context_entry *context, unsigned long pasid)
1888 {
1889 	context->hi |= pasid & ((1 << 20) - 1);
1890 }
1891 
1892 /*
1893  * Set the DTE(Device-TLB Enable) field of a scalable mode context
1894  * entry.
1895  */
1896 static inline void context_set_sm_dte(struct context_entry *context)
1897 {
1898 	context->lo |= (1 << 2);
1899 }
1900 
1901 /*
1902  * Set the PRE(Page Request Enable) field of a scalable mode context
1903  * entry.
1904  */
1905 static inline void context_set_sm_pre(struct context_entry *context)
1906 {
1907 	context->lo |= (1 << 4);
1908 }
1909 
1910 /* Convert value to context PASID directory size field coding. */
1911 #define context_pdts(pds)	(((pds) & 0x7) << 9)
1912 
1913 static int domain_context_mapping_one(struct dmar_domain *domain,
1914 				      struct intel_iommu *iommu,
1915 				      struct pasid_table *table,
1916 				      u8 bus, u8 devfn)
1917 {
1918 	struct device_domain_info *info =
1919 			domain_lookup_dev_info(domain, iommu, bus, devfn);
1920 	u16 did = domain_id_iommu(domain, iommu);
1921 	int translation = CONTEXT_TT_MULTI_LEVEL;
1922 	struct context_entry *context;
1923 	int ret;
1924 
1925 	WARN_ON(did == 0);
1926 
1927 	if (hw_pass_through && domain_type_is_si(domain))
1928 		translation = CONTEXT_TT_PASS_THROUGH;
1929 
1930 	pr_debug("Set context mapping for %02x:%02x.%d\n",
1931 		bus, PCI_SLOT(devfn), PCI_FUNC(devfn));
1932 
1933 	BUG_ON(!domain->pgd);
1934 
1935 	spin_lock(&iommu->lock);
1936 	ret = -ENOMEM;
1937 	context = iommu_context_addr(iommu, bus, devfn, 1);
1938 	if (!context)
1939 		goto out_unlock;
1940 
1941 	ret = 0;
1942 	if (context_present(context) && !context_copied(iommu, bus, devfn))
1943 		goto out_unlock;
1944 
1945 	/*
1946 	 * For kdump cases, old valid entries may be cached due to the
1947 	 * in-flight DMA and copied pgtable, but there is no unmapping
1948 	 * behaviour for them, thus we need an explicit cache flush for
1949 	 * the newly-mapped device. For kdump, at this point, the device
1950 	 * is supposed to finish reset at its driver probe stage, so no
1951 	 * in-flight DMA will exist, and we don't need to worry anymore
1952 	 * hereafter.
1953 	 */
1954 	if (context_copied(iommu, bus, devfn)) {
1955 		u16 did_old = context_domain_id(context);
1956 
1957 		if (did_old < cap_ndoms(iommu->cap)) {
1958 			iommu->flush.flush_context(iommu, did_old,
1959 						   (((u16)bus) << 8) | devfn,
1960 						   DMA_CCMD_MASK_NOBIT,
1961 						   DMA_CCMD_DEVICE_INVL);
1962 			iommu->flush.flush_iotlb(iommu, did_old, 0, 0,
1963 						 DMA_TLB_DSI_FLUSH);
1964 		}
1965 
1966 		clear_context_copied(iommu, bus, devfn);
1967 	}
1968 
1969 	context_clear_entry(context);
1970 
1971 	if (sm_supported(iommu)) {
1972 		unsigned long pds;
1973 
1974 		WARN_ON(!table);
1975 
1976 		/* Setup the PASID DIR pointer: */
1977 		pds = context_get_sm_pds(table);
1978 		context->lo = (u64)virt_to_phys(table->table) |
1979 				context_pdts(pds);
1980 
1981 		/* Setup the RID_PASID field: */
1982 		context_set_sm_rid2pasid(context, PASID_RID2PASID);
1983 
1984 		/*
1985 		 * Setup the Device-TLB enable bit and Page request
1986 		 * Enable bit:
1987 		 */
1988 		if (info && info->ats_supported)
1989 			context_set_sm_dte(context);
1990 		if (info && info->pri_supported)
1991 			context_set_sm_pre(context);
1992 		if (info && info->pasid_supported)
1993 			context_set_pasid(context);
1994 	} else {
1995 		struct dma_pte *pgd = domain->pgd;
1996 		int agaw;
1997 
1998 		context_set_domain_id(context, did);
1999 
2000 		if (translation != CONTEXT_TT_PASS_THROUGH) {
2001 			/*
2002 			 * Skip top levels of page tables for iommu which has
2003 			 * less agaw than default. Unnecessary for PT mode.
2004 			 */
2005 			for (agaw = domain->agaw; agaw > iommu->agaw; agaw--) {
2006 				ret = -ENOMEM;
2007 				pgd = phys_to_virt(dma_pte_addr(pgd));
2008 				if (!dma_pte_present(pgd))
2009 					goto out_unlock;
2010 			}
2011 
2012 			if (info && info->ats_supported)
2013 				translation = CONTEXT_TT_DEV_IOTLB;
2014 			else
2015 				translation = CONTEXT_TT_MULTI_LEVEL;
2016 
2017 			context_set_address_root(context, virt_to_phys(pgd));
2018 			context_set_address_width(context, agaw);
2019 		} else {
2020 			/*
2021 			 * In pass through mode, AW must be programmed to
2022 			 * indicate the largest AGAW value supported by
2023 			 * hardware. And ASR is ignored by hardware.
2024 			 */
2025 			context_set_address_width(context, iommu->msagaw);
2026 		}
2027 
2028 		context_set_translation_type(context, translation);
2029 	}
2030 
2031 	context_set_fault_enable(context);
2032 	context_set_present(context);
2033 	if (!ecap_coherent(iommu->ecap))
2034 		clflush_cache_range(context, sizeof(*context));
2035 
2036 	/*
2037 	 * It's a non-present to present mapping. If hardware doesn't cache
2038 	 * non-present entry we only need to flush the write-buffer. If the
2039 	 * _does_ cache non-present entries, then it does so in the special
2040 	 * domain #0, which we have to flush:
2041 	 */
2042 	if (cap_caching_mode(iommu->cap)) {
2043 		iommu->flush.flush_context(iommu, 0,
2044 					   (((u16)bus) << 8) | devfn,
2045 					   DMA_CCMD_MASK_NOBIT,
2046 					   DMA_CCMD_DEVICE_INVL);
2047 		iommu->flush.flush_iotlb(iommu, did, 0, 0, DMA_TLB_DSI_FLUSH);
2048 	} else {
2049 		iommu_flush_write_buffer(iommu);
2050 	}
2051 
2052 	ret = 0;
2053 
2054 out_unlock:
2055 	spin_unlock(&iommu->lock);
2056 
2057 	return ret;
2058 }
2059 
2060 struct domain_context_mapping_data {
2061 	struct dmar_domain *domain;
2062 	struct intel_iommu *iommu;
2063 	struct pasid_table *table;
2064 };
2065 
2066 static int domain_context_mapping_cb(struct pci_dev *pdev,
2067 				     u16 alias, void *opaque)
2068 {
2069 	struct domain_context_mapping_data *data = opaque;
2070 
2071 	return domain_context_mapping_one(data->domain, data->iommu,
2072 					  data->table, PCI_BUS_NUM(alias),
2073 					  alias & 0xff);
2074 }
2075 
2076 static int
2077 domain_context_mapping(struct dmar_domain *domain, struct device *dev)
2078 {
2079 	struct domain_context_mapping_data data;
2080 	struct pasid_table *table;
2081 	struct intel_iommu *iommu;
2082 	u8 bus, devfn;
2083 
2084 	iommu = device_to_iommu(dev, &bus, &devfn);
2085 	if (!iommu)
2086 		return -ENODEV;
2087 
2088 	table = intel_pasid_get_table(dev);
2089 
2090 	if (!dev_is_pci(dev))
2091 		return domain_context_mapping_one(domain, iommu, table,
2092 						  bus, devfn);
2093 
2094 	data.domain = domain;
2095 	data.iommu = iommu;
2096 	data.table = table;
2097 
2098 	return pci_for_each_dma_alias(to_pci_dev(dev),
2099 				      &domain_context_mapping_cb, &data);
2100 }
2101 
2102 /* Returns a number of VTD pages, but aligned to MM page size */
2103 static inline unsigned long aligned_nrpages(unsigned long host_addr,
2104 					    size_t size)
2105 {
2106 	host_addr &= ~PAGE_MASK;
2107 	return PAGE_ALIGN(host_addr + size) >> VTD_PAGE_SHIFT;
2108 }
2109 
2110 /* Return largest possible superpage level for a given mapping */
2111 static inline int hardware_largepage_caps(struct dmar_domain *domain,
2112 					  unsigned long iov_pfn,
2113 					  unsigned long phy_pfn,
2114 					  unsigned long pages)
2115 {
2116 	int support, level = 1;
2117 	unsigned long pfnmerge;
2118 
2119 	support = domain->iommu_superpage;
2120 
2121 	/* To use a large page, the virtual *and* physical addresses
2122 	   must be aligned to 2MiB/1GiB/etc. Lower bits set in either
2123 	   of them will mean we have to use smaller pages. So just
2124 	   merge them and check both at once. */
2125 	pfnmerge = iov_pfn | phy_pfn;
2126 
2127 	while (support && !(pfnmerge & ~VTD_STRIDE_MASK)) {
2128 		pages >>= VTD_STRIDE_SHIFT;
2129 		if (!pages)
2130 			break;
2131 		pfnmerge >>= VTD_STRIDE_SHIFT;
2132 		level++;
2133 		support--;
2134 	}
2135 	return level;
2136 }
2137 
2138 /*
2139  * Ensure that old small page tables are removed to make room for superpage(s).
2140  * We're going to add new large pages, so make sure we don't remove their parent
2141  * tables. The IOTLB/devTLBs should be flushed if any PDE/PTEs are cleared.
2142  */
2143 static void switch_to_super_page(struct dmar_domain *domain,
2144 				 unsigned long start_pfn,
2145 				 unsigned long end_pfn, int level)
2146 {
2147 	unsigned long lvl_pages = lvl_to_nr_pages(level);
2148 	struct iommu_domain_info *info;
2149 	struct dma_pte *pte = NULL;
2150 	unsigned long i;
2151 
2152 	while (start_pfn <= end_pfn) {
2153 		if (!pte)
2154 			pte = pfn_to_dma_pte(domain, start_pfn, &level,
2155 					     GFP_ATOMIC);
2156 
2157 		if (dma_pte_present(pte)) {
2158 			dma_pte_free_pagetable(domain, start_pfn,
2159 					       start_pfn + lvl_pages - 1,
2160 					       level + 1);
2161 
2162 			xa_for_each(&domain->iommu_array, i, info)
2163 				iommu_flush_iotlb_psi(info->iommu, domain,
2164 						      start_pfn, lvl_pages,
2165 						      0, 0);
2166 		}
2167 
2168 		pte++;
2169 		start_pfn += lvl_pages;
2170 		if (first_pte_in_page(pte))
2171 			pte = NULL;
2172 	}
2173 }
2174 
2175 static int
2176 __domain_mapping(struct dmar_domain *domain, unsigned long iov_pfn,
2177 		 unsigned long phys_pfn, unsigned long nr_pages, int prot,
2178 		 gfp_t gfp)
2179 {
2180 	struct dma_pte *first_pte = NULL, *pte = NULL;
2181 	unsigned int largepage_lvl = 0;
2182 	unsigned long lvl_pages = 0;
2183 	phys_addr_t pteval;
2184 	u64 attr;
2185 
2186 	BUG_ON(!domain_pfn_supported(domain, iov_pfn + nr_pages - 1));
2187 
2188 	if ((prot & (DMA_PTE_READ|DMA_PTE_WRITE)) == 0)
2189 		return -EINVAL;
2190 
2191 	attr = prot & (DMA_PTE_READ | DMA_PTE_WRITE | DMA_PTE_SNP);
2192 	attr |= DMA_FL_PTE_PRESENT;
2193 	if (domain->use_first_level) {
2194 		attr |= DMA_FL_PTE_XD | DMA_FL_PTE_US | DMA_FL_PTE_ACCESS;
2195 		if (prot & DMA_PTE_WRITE)
2196 			attr |= DMA_FL_PTE_DIRTY;
2197 	}
2198 
2199 	pteval = ((phys_addr_t)phys_pfn << VTD_PAGE_SHIFT) | attr;
2200 
2201 	while (nr_pages > 0) {
2202 		uint64_t tmp;
2203 
2204 		if (!pte) {
2205 			largepage_lvl = hardware_largepage_caps(domain, iov_pfn,
2206 					phys_pfn, nr_pages);
2207 
2208 			pte = pfn_to_dma_pte(domain, iov_pfn, &largepage_lvl,
2209 					     gfp);
2210 			if (!pte)
2211 				return -ENOMEM;
2212 			first_pte = pte;
2213 
2214 			lvl_pages = lvl_to_nr_pages(largepage_lvl);
2215 
2216 			/* It is large page*/
2217 			if (largepage_lvl > 1) {
2218 				unsigned long end_pfn;
2219 				unsigned long pages_to_remove;
2220 
2221 				pteval |= DMA_PTE_LARGE_PAGE;
2222 				pages_to_remove = min_t(unsigned long, nr_pages,
2223 							nr_pte_to_next_page(pte) * lvl_pages);
2224 				end_pfn = iov_pfn + pages_to_remove - 1;
2225 				switch_to_super_page(domain, iov_pfn, end_pfn, largepage_lvl);
2226 			} else {
2227 				pteval &= ~(uint64_t)DMA_PTE_LARGE_PAGE;
2228 			}
2229 
2230 		}
2231 		/* We don't need lock here, nobody else
2232 		 * touches the iova range
2233 		 */
2234 		tmp = cmpxchg64_local(&pte->val, 0ULL, pteval);
2235 		if (tmp) {
2236 			static int dumps = 5;
2237 			pr_crit("ERROR: DMA PTE for vPFN 0x%lx already set (to %llx not %llx)\n",
2238 				iov_pfn, tmp, (unsigned long long)pteval);
2239 			if (dumps) {
2240 				dumps--;
2241 				debug_dma_dump_mappings(NULL);
2242 			}
2243 			WARN_ON(1);
2244 		}
2245 
2246 		nr_pages -= lvl_pages;
2247 		iov_pfn += lvl_pages;
2248 		phys_pfn += lvl_pages;
2249 		pteval += lvl_pages * VTD_PAGE_SIZE;
2250 
2251 		/* If the next PTE would be the first in a new page, then we
2252 		 * need to flush the cache on the entries we've just written.
2253 		 * And then we'll need to recalculate 'pte', so clear it and
2254 		 * let it get set again in the if (!pte) block above.
2255 		 *
2256 		 * If we're done (!nr_pages) we need to flush the cache too.
2257 		 *
2258 		 * Also if we've been setting superpages, we may need to
2259 		 * recalculate 'pte' and switch back to smaller pages for the
2260 		 * end of the mapping, if the trailing size is not enough to
2261 		 * use another superpage (i.e. nr_pages < lvl_pages).
2262 		 */
2263 		pte++;
2264 		if (!nr_pages || first_pte_in_page(pte) ||
2265 		    (largepage_lvl > 1 && nr_pages < lvl_pages)) {
2266 			domain_flush_cache(domain, first_pte,
2267 					   (void *)pte - (void *)first_pte);
2268 			pte = NULL;
2269 		}
2270 	}
2271 
2272 	return 0;
2273 }
2274 
2275 static void domain_context_clear_one(struct device_domain_info *info, u8 bus, u8 devfn)
2276 {
2277 	struct intel_iommu *iommu = info->iommu;
2278 	struct context_entry *context;
2279 	u16 did_old;
2280 
2281 	if (!iommu)
2282 		return;
2283 
2284 	spin_lock(&iommu->lock);
2285 	context = iommu_context_addr(iommu, bus, devfn, 0);
2286 	if (!context) {
2287 		spin_unlock(&iommu->lock);
2288 		return;
2289 	}
2290 
2291 	if (sm_supported(iommu)) {
2292 		if (hw_pass_through && domain_type_is_si(info->domain))
2293 			did_old = FLPT_DEFAULT_DID;
2294 		else
2295 			did_old = domain_id_iommu(info->domain, iommu);
2296 	} else {
2297 		did_old = context_domain_id(context);
2298 	}
2299 
2300 	context_clear_entry(context);
2301 	__iommu_flush_cache(iommu, context, sizeof(*context));
2302 	spin_unlock(&iommu->lock);
2303 	iommu->flush.flush_context(iommu,
2304 				   did_old,
2305 				   (((u16)bus) << 8) | devfn,
2306 				   DMA_CCMD_MASK_NOBIT,
2307 				   DMA_CCMD_DEVICE_INVL);
2308 
2309 	if (sm_supported(iommu))
2310 		qi_flush_pasid_cache(iommu, did_old, QI_PC_ALL_PASIDS, 0);
2311 
2312 	iommu->flush.flush_iotlb(iommu,
2313 				 did_old,
2314 				 0,
2315 				 0,
2316 				 DMA_TLB_DSI_FLUSH);
2317 
2318 	__iommu_flush_dev_iotlb(info, 0, MAX_AGAW_PFN_WIDTH);
2319 }
2320 
2321 static int domain_setup_first_level(struct intel_iommu *iommu,
2322 				    struct dmar_domain *domain,
2323 				    struct device *dev,
2324 				    u32 pasid)
2325 {
2326 	struct dma_pte *pgd = domain->pgd;
2327 	int agaw, level;
2328 	int flags = 0;
2329 
2330 	/*
2331 	 * Skip top levels of page tables for iommu which has
2332 	 * less agaw than default. Unnecessary for PT mode.
2333 	 */
2334 	for (agaw = domain->agaw; agaw > iommu->agaw; agaw--) {
2335 		pgd = phys_to_virt(dma_pte_addr(pgd));
2336 		if (!dma_pte_present(pgd))
2337 			return -ENOMEM;
2338 	}
2339 
2340 	level = agaw_to_level(agaw);
2341 	if (level != 4 && level != 5)
2342 		return -EINVAL;
2343 
2344 	if (pasid != PASID_RID2PASID)
2345 		flags |= PASID_FLAG_SUPERVISOR_MODE;
2346 	if (level == 5)
2347 		flags |= PASID_FLAG_FL5LP;
2348 
2349 	if (domain->force_snooping)
2350 		flags |= PASID_FLAG_PAGE_SNOOP;
2351 
2352 	return intel_pasid_setup_first_level(iommu, dev, (pgd_t *)pgd, pasid,
2353 					     domain_id_iommu(domain, iommu),
2354 					     flags);
2355 }
2356 
2357 static bool dev_is_real_dma_subdevice(struct device *dev)
2358 {
2359 	return dev && dev_is_pci(dev) &&
2360 	       pci_real_dma_dev(to_pci_dev(dev)) != to_pci_dev(dev);
2361 }
2362 
2363 static int iommu_domain_identity_map(struct dmar_domain *domain,
2364 				     unsigned long first_vpfn,
2365 				     unsigned long last_vpfn)
2366 {
2367 	/*
2368 	 * RMRR range might have overlap with physical memory range,
2369 	 * clear it first
2370 	 */
2371 	dma_pte_clear_range(domain, first_vpfn, last_vpfn);
2372 
2373 	return __domain_mapping(domain, first_vpfn,
2374 				first_vpfn, last_vpfn - first_vpfn + 1,
2375 				DMA_PTE_READ|DMA_PTE_WRITE, GFP_KERNEL);
2376 }
2377 
2378 static int md_domain_init(struct dmar_domain *domain, int guest_width);
2379 
2380 static int __init si_domain_init(int hw)
2381 {
2382 	struct dmar_rmrr_unit *rmrr;
2383 	struct device *dev;
2384 	int i, nid, ret;
2385 
2386 	si_domain = alloc_domain(IOMMU_DOMAIN_IDENTITY);
2387 	if (!si_domain)
2388 		return -EFAULT;
2389 
2390 	if (md_domain_init(si_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
2391 		domain_exit(si_domain);
2392 		si_domain = NULL;
2393 		return -EFAULT;
2394 	}
2395 
2396 	if (hw)
2397 		return 0;
2398 
2399 	for_each_online_node(nid) {
2400 		unsigned long start_pfn, end_pfn;
2401 		int i;
2402 
2403 		for_each_mem_pfn_range(i, nid, &start_pfn, &end_pfn, NULL) {
2404 			ret = iommu_domain_identity_map(si_domain,
2405 					mm_to_dma_pfn(start_pfn),
2406 					mm_to_dma_pfn(end_pfn));
2407 			if (ret)
2408 				return ret;
2409 		}
2410 	}
2411 
2412 	/*
2413 	 * Identity map the RMRRs so that devices with RMRRs could also use
2414 	 * the si_domain.
2415 	 */
2416 	for_each_rmrr_units(rmrr) {
2417 		for_each_active_dev_scope(rmrr->devices, rmrr->devices_cnt,
2418 					  i, dev) {
2419 			unsigned long long start = rmrr->base_address;
2420 			unsigned long long end = rmrr->end_address;
2421 
2422 			if (WARN_ON(end < start ||
2423 				    end >> agaw_to_width(si_domain->agaw)))
2424 				continue;
2425 
2426 			ret = iommu_domain_identity_map(si_domain,
2427 					mm_to_dma_pfn(start >> PAGE_SHIFT),
2428 					mm_to_dma_pfn(end >> PAGE_SHIFT));
2429 			if (ret)
2430 				return ret;
2431 		}
2432 	}
2433 
2434 	return 0;
2435 }
2436 
2437 static int dmar_domain_attach_device(struct dmar_domain *domain,
2438 				     struct device *dev)
2439 {
2440 	struct device_domain_info *info = dev_iommu_priv_get(dev);
2441 	struct intel_iommu *iommu;
2442 	unsigned long flags;
2443 	u8 bus, devfn;
2444 	int ret;
2445 
2446 	iommu = device_to_iommu(dev, &bus, &devfn);
2447 	if (!iommu)
2448 		return -ENODEV;
2449 
2450 	ret = domain_attach_iommu(domain, iommu);
2451 	if (ret)
2452 		return ret;
2453 	info->domain = domain;
2454 	spin_lock_irqsave(&domain->lock, flags);
2455 	list_add(&info->link, &domain->devices);
2456 	spin_unlock_irqrestore(&domain->lock, flags);
2457 
2458 	/* PASID table is mandatory for a PCI device in scalable mode. */
2459 	if (sm_supported(iommu) && !dev_is_real_dma_subdevice(dev)) {
2460 		/* Setup the PASID entry for requests without PASID: */
2461 		if (hw_pass_through && domain_type_is_si(domain))
2462 			ret = intel_pasid_setup_pass_through(iommu, domain,
2463 					dev, PASID_RID2PASID);
2464 		else if (domain->use_first_level)
2465 			ret = domain_setup_first_level(iommu, domain, dev,
2466 					PASID_RID2PASID);
2467 		else
2468 			ret = intel_pasid_setup_second_level(iommu, domain,
2469 					dev, PASID_RID2PASID);
2470 		if (ret) {
2471 			dev_err(dev, "Setup RID2PASID failed\n");
2472 			device_block_translation(dev);
2473 			return ret;
2474 		}
2475 	}
2476 
2477 	ret = domain_context_mapping(domain, dev);
2478 	if (ret) {
2479 		dev_err(dev, "Domain context map failed\n");
2480 		device_block_translation(dev);
2481 		return ret;
2482 	}
2483 
2484 	iommu_enable_pci_caps(info);
2485 
2486 	return 0;
2487 }
2488 
2489 static bool device_has_rmrr(struct device *dev)
2490 {
2491 	struct dmar_rmrr_unit *rmrr;
2492 	struct device *tmp;
2493 	int i;
2494 
2495 	rcu_read_lock();
2496 	for_each_rmrr_units(rmrr) {
2497 		/*
2498 		 * Return TRUE if this RMRR contains the device that
2499 		 * is passed in.
2500 		 */
2501 		for_each_active_dev_scope(rmrr->devices,
2502 					  rmrr->devices_cnt, i, tmp)
2503 			if (tmp == dev ||
2504 			    is_downstream_to_pci_bridge(dev, tmp)) {
2505 				rcu_read_unlock();
2506 				return true;
2507 			}
2508 	}
2509 	rcu_read_unlock();
2510 	return false;
2511 }
2512 
2513 /**
2514  * device_rmrr_is_relaxable - Test whether the RMRR of this device
2515  * is relaxable (ie. is allowed to be not enforced under some conditions)
2516  * @dev: device handle
2517  *
2518  * We assume that PCI USB devices with RMRRs have them largely
2519  * for historical reasons and that the RMRR space is not actively used post
2520  * boot.  This exclusion may change if vendors begin to abuse it.
2521  *
2522  * The same exception is made for graphics devices, with the requirement that
2523  * any use of the RMRR regions will be torn down before assigning the device
2524  * to a guest.
2525  *
2526  * Return: true if the RMRR is relaxable, false otherwise
2527  */
2528 static bool device_rmrr_is_relaxable(struct device *dev)
2529 {
2530 	struct pci_dev *pdev;
2531 
2532 	if (!dev_is_pci(dev))
2533 		return false;
2534 
2535 	pdev = to_pci_dev(dev);
2536 	if (IS_USB_DEVICE(pdev) || IS_GFX_DEVICE(pdev))
2537 		return true;
2538 	else
2539 		return false;
2540 }
2541 
2542 /*
2543  * There are a couple cases where we need to restrict the functionality of
2544  * devices associated with RMRRs.  The first is when evaluating a device for
2545  * identity mapping because problems exist when devices are moved in and out
2546  * of domains and their respective RMRR information is lost.  This means that
2547  * a device with associated RMRRs will never be in a "passthrough" domain.
2548  * The second is use of the device through the IOMMU API.  This interface
2549  * expects to have full control of the IOVA space for the device.  We cannot
2550  * satisfy both the requirement that RMRR access is maintained and have an
2551  * unencumbered IOVA space.  We also have no ability to quiesce the device's
2552  * use of the RMRR space or even inform the IOMMU API user of the restriction.
2553  * We therefore prevent devices associated with an RMRR from participating in
2554  * the IOMMU API, which eliminates them from device assignment.
2555  *
2556  * In both cases, devices which have relaxable RMRRs are not concerned by this
2557  * restriction. See device_rmrr_is_relaxable comment.
2558  */
2559 static bool device_is_rmrr_locked(struct device *dev)
2560 {
2561 	if (!device_has_rmrr(dev))
2562 		return false;
2563 
2564 	if (device_rmrr_is_relaxable(dev))
2565 		return false;
2566 
2567 	return true;
2568 }
2569 
2570 /*
2571  * Return the required default domain type for a specific device.
2572  *
2573  * @dev: the device in query
2574  * @startup: true if this is during early boot
2575  *
2576  * Returns:
2577  *  - IOMMU_DOMAIN_DMA: device requires a dynamic mapping domain
2578  *  - IOMMU_DOMAIN_IDENTITY: device requires an identical mapping domain
2579  *  - 0: both identity and dynamic domains work for this device
2580  */
2581 static int device_def_domain_type(struct device *dev)
2582 {
2583 	if (dev_is_pci(dev)) {
2584 		struct pci_dev *pdev = to_pci_dev(dev);
2585 
2586 		if ((iommu_identity_mapping & IDENTMAP_AZALIA) && IS_AZALIA(pdev))
2587 			return IOMMU_DOMAIN_IDENTITY;
2588 
2589 		if ((iommu_identity_mapping & IDENTMAP_GFX) && IS_GFX_DEVICE(pdev))
2590 			return IOMMU_DOMAIN_IDENTITY;
2591 	}
2592 
2593 	return 0;
2594 }
2595 
2596 static void intel_iommu_init_qi(struct intel_iommu *iommu)
2597 {
2598 	/*
2599 	 * Start from the sane iommu hardware state.
2600 	 * If the queued invalidation is already initialized by us
2601 	 * (for example, while enabling interrupt-remapping) then
2602 	 * we got the things already rolling from a sane state.
2603 	 */
2604 	if (!iommu->qi) {
2605 		/*
2606 		 * Clear any previous faults.
2607 		 */
2608 		dmar_fault(-1, iommu);
2609 		/*
2610 		 * Disable queued invalidation if supported and already enabled
2611 		 * before OS handover.
2612 		 */
2613 		dmar_disable_qi(iommu);
2614 	}
2615 
2616 	if (dmar_enable_qi(iommu)) {
2617 		/*
2618 		 * Queued Invalidate not enabled, use Register Based Invalidate
2619 		 */
2620 		iommu->flush.flush_context = __iommu_flush_context;
2621 		iommu->flush.flush_iotlb = __iommu_flush_iotlb;
2622 		pr_info("%s: Using Register based invalidation\n",
2623 			iommu->name);
2624 	} else {
2625 		iommu->flush.flush_context = qi_flush_context;
2626 		iommu->flush.flush_iotlb = qi_flush_iotlb;
2627 		pr_info("%s: Using Queued invalidation\n", iommu->name);
2628 	}
2629 }
2630 
2631 static int copy_context_table(struct intel_iommu *iommu,
2632 			      struct root_entry *old_re,
2633 			      struct context_entry **tbl,
2634 			      int bus, bool ext)
2635 {
2636 	int tbl_idx, pos = 0, idx, devfn, ret = 0, did;
2637 	struct context_entry *new_ce = NULL, ce;
2638 	struct context_entry *old_ce = NULL;
2639 	struct root_entry re;
2640 	phys_addr_t old_ce_phys;
2641 
2642 	tbl_idx = ext ? bus * 2 : bus;
2643 	memcpy(&re, old_re, sizeof(re));
2644 
2645 	for (devfn = 0; devfn < 256; devfn++) {
2646 		/* First calculate the correct index */
2647 		idx = (ext ? devfn * 2 : devfn) % 256;
2648 
2649 		if (idx == 0) {
2650 			/* First save what we may have and clean up */
2651 			if (new_ce) {
2652 				tbl[tbl_idx] = new_ce;
2653 				__iommu_flush_cache(iommu, new_ce,
2654 						    VTD_PAGE_SIZE);
2655 				pos = 1;
2656 			}
2657 
2658 			if (old_ce)
2659 				memunmap(old_ce);
2660 
2661 			ret = 0;
2662 			if (devfn < 0x80)
2663 				old_ce_phys = root_entry_lctp(&re);
2664 			else
2665 				old_ce_phys = root_entry_uctp(&re);
2666 
2667 			if (!old_ce_phys) {
2668 				if (ext && devfn == 0) {
2669 					/* No LCTP, try UCTP */
2670 					devfn = 0x7f;
2671 					continue;
2672 				} else {
2673 					goto out;
2674 				}
2675 			}
2676 
2677 			ret = -ENOMEM;
2678 			old_ce = memremap(old_ce_phys, PAGE_SIZE,
2679 					MEMREMAP_WB);
2680 			if (!old_ce)
2681 				goto out;
2682 
2683 			new_ce = alloc_pgtable_page(iommu->node, GFP_KERNEL);
2684 			if (!new_ce)
2685 				goto out_unmap;
2686 
2687 			ret = 0;
2688 		}
2689 
2690 		/* Now copy the context entry */
2691 		memcpy(&ce, old_ce + idx, sizeof(ce));
2692 
2693 		if (!context_present(&ce))
2694 			continue;
2695 
2696 		did = context_domain_id(&ce);
2697 		if (did >= 0 && did < cap_ndoms(iommu->cap))
2698 			set_bit(did, iommu->domain_ids);
2699 
2700 		set_context_copied(iommu, bus, devfn);
2701 		new_ce[idx] = ce;
2702 	}
2703 
2704 	tbl[tbl_idx + pos] = new_ce;
2705 
2706 	__iommu_flush_cache(iommu, new_ce, VTD_PAGE_SIZE);
2707 
2708 out_unmap:
2709 	memunmap(old_ce);
2710 
2711 out:
2712 	return ret;
2713 }
2714 
2715 static int copy_translation_tables(struct intel_iommu *iommu)
2716 {
2717 	struct context_entry **ctxt_tbls;
2718 	struct root_entry *old_rt;
2719 	phys_addr_t old_rt_phys;
2720 	int ctxt_table_entries;
2721 	u64 rtaddr_reg;
2722 	int bus, ret;
2723 	bool new_ext, ext;
2724 
2725 	rtaddr_reg = dmar_readq(iommu->reg + DMAR_RTADDR_REG);
2726 	ext        = !!(rtaddr_reg & DMA_RTADDR_SMT);
2727 	new_ext    = !!sm_supported(iommu);
2728 
2729 	/*
2730 	 * The RTT bit can only be changed when translation is disabled,
2731 	 * but disabling translation means to open a window for data
2732 	 * corruption. So bail out and don't copy anything if we would
2733 	 * have to change the bit.
2734 	 */
2735 	if (new_ext != ext)
2736 		return -EINVAL;
2737 
2738 	iommu->copied_tables = bitmap_zalloc(BIT_ULL(16), GFP_KERNEL);
2739 	if (!iommu->copied_tables)
2740 		return -ENOMEM;
2741 
2742 	old_rt_phys = rtaddr_reg & VTD_PAGE_MASK;
2743 	if (!old_rt_phys)
2744 		return -EINVAL;
2745 
2746 	old_rt = memremap(old_rt_phys, PAGE_SIZE, MEMREMAP_WB);
2747 	if (!old_rt)
2748 		return -ENOMEM;
2749 
2750 	/* This is too big for the stack - allocate it from slab */
2751 	ctxt_table_entries = ext ? 512 : 256;
2752 	ret = -ENOMEM;
2753 	ctxt_tbls = kcalloc(ctxt_table_entries, sizeof(void *), GFP_KERNEL);
2754 	if (!ctxt_tbls)
2755 		goto out_unmap;
2756 
2757 	for (bus = 0; bus < 256; bus++) {
2758 		ret = copy_context_table(iommu, &old_rt[bus],
2759 					 ctxt_tbls, bus, ext);
2760 		if (ret) {
2761 			pr_err("%s: Failed to copy context table for bus %d\n",
2762 				iommu->name, bus);
2763 			continue;
2764 		}
2765 	}
2766 
2767 	spin_lock(&iommu->lock);
2768 
2769 	/* Context tables are copied, now write them to the root_entry table */
2770 	for (bus = 0; bus < 256; bus++) {
2771 		int idx = ext ? bus * 2 : bus;
2772 		u64 val;
2773 
2774 		if (ctxt_tbls[idx]) {
2775 			val = virt_to_phys(ctxt_tbls[idx]) | 1;
2776 			iommu->root_entry[bus].lo = val;
2777 		}
2778 
2779 		if (!ext || !ctxt_tbls[idx + 1])
2780 			continue;
2781 
2782 		val = virt_to_phys(ctxt_tbls[idx + 1]) | 1;
2783 		iommu->root_entry[bus].hi = val;
2784 	}
2785 
2786 	spin_unlock(&iommu->lock);
2787 
2788 	kfree(ctxt_tbls);
2789 
2790 	__iommu_flush_cache(iommu, iommu->root_entry, PAGE_SIZE);
2791 
2792 	ret = 0;
2793 
2794 out_unmap:
2795 	memunmap(old_rt);
2796 
2797 	return ret;
2798 }
2799 
2800 #ifdef CONFIG_INTEL_IOMMU_SVM
2801 static ioasid_t intel_vcmd_ioasid_alloc(ioasid_t min, ioasid_t max, void *data)
2802 {
2803 	struct intel_iommu *iommu = data;
2804 	ioasid_t ioasid;
2805 
2806 	if (!iommu)
2807 		return INVALID_IOASID;
2808 	/*
2809 	 * VT-d virtual command interface always uses the full 20 bit
2810 	 * PASID range. Host can partition guest PASID range based on
2811 	 * policies but it is out of guest's control.
2812 	 */
2813 	if (min < PASID_MIN || max > intel_pasid_max_id)
2814 		return INVALID_IOASID;
2815 
2816 	if (vcmd_alloc_pasid(iommu, &ioasid))
2817 		return INVALID_IOASID;
2818 
2819 	return ioasid;
2820 }
2821 
2822 static void intel_vcmd_ioasid_free(ioasid_t ioasid, void *data)
2823 {
2824 	struct intel_iommu *iommu = data;
2825 
2826 	if (!iommu)
2827 		return;
2828 	/*
2829 	 * Sanity check the ioasid owner is done at upper layer, e.g. VFIO
2830 	 * We can only free the PASID when all the devices are unbound.
2831 	 */
2832 	if (ioasid_find(NULL, ioasid, NULL)) {
2833 		pr_alert("Cannot free active IOASID %d\n", ioasid);
2834 		return;
2835 	}
2836 	vcmd_free_pasid(iommu, ioasid);
2837 }
2838 
2839 static void register_pasid_allocator(struct intel_iommu *iommu)
2840 {
2841 	/*
2842 	 * If we are running in the host, no need for custom allocator
2843 	 * in that PASIDs are allocated from the host system-wide.
2844 	 */
2845 	if (!cap_caching_mode(iommu->cap))
2846 		return;
2847 
2848 	if (!sm_supported(iommu)) {
2849 		pr_warn("VT-d Scalable Mode not enabled, no PASID allocation\n");
2850 		return;
2851 	}
2852 
2853 	/*
2854 	 * Register a custom PASID allocator if we are running in a guest,
2855 	 * guest PASID must be obtained via virtual command interface.
2856 	 * There can be multiple vIOMMUs in each guest but only one allocator
2857 	 * is active. All vIOMMU allocators will eventually be calling the same
2858 	 * host allocator.
2859 	 */
2860 	if (!vccap_pasid(iommu->vccap))
2861 		return;
2862 
2863 	pr_info("Register custom PASID allocator\n");
2864 	iommu->pasid_allocator.alloc = intel_vcmd_ioasid_alloc;
2865 	iommu->pasid_allocator.free = intel_vcmd_ioasid_free;
2866 	iommu->pasid_allocator.pdata = (void *)iommu;
2867 	if (ioasid_register_allocator(&iommu->pasid_allocator)) {
2868 		pr_warn("Custom PASID allocator failed, scalable mode disabled\n");
2869 		/*
2870 		 * Disable scalable mode on this IOMMU if there
2871 		 * is no custom allocator. Mixing SM capable vIOMMU
2872 		 * and non-SM vIOMMU are not supported.
2873 		 */
2874 		intel_iommu_sm = 0;
2875 	}
2876 }
2877 #endif
2878 
2879 static int __init init_dmars(void)
2880 {
2881 	struct dmar_drhd_unit *drhd;
2882 	struct intel_iommu *iommu;
2883 	int ret;
2884 
2885 	ret = intel_cap_audit(CAP_AUDIT_STATIC_DMAR, NULL);
2886 	if (ret)
2887 		goto free_iommu;
2888 
2889 	for_each_iommu(iommu, drhd) {
2890 		if (drhd->ignored) {
2891 			iommu_disable_translation(iommu);
2892 			continue;
2893 		}
2894 
2895 		/*
2896 		 * Find the max pasid size of all IOMMU's in the system.
2897 		 * We need to ensure the system pasid table is no bigger
2898 		 * than the smallest supported.
2899 		 */
2900 		if (pasid_supported(iommu)) {
2901 			u32 temp = 2 << ecap_pss(iommu->ecap);
2902 
2903 			intel_pasid_max_id = min_t(u32, temp,
2904 						   intel_pasid_max_id);
2905 		}
2906 
2907 		intel_iommu_init_qi(iommu);
2908 
2909 		ret = iommu_init_domains(iommu);
2910 		if (ret)
2911 			goto free_iommu;
2912 
2913 		init_translation_status(iommu);
2914 
2915 		if (translation_pre_enabled(iommu) && !is_kdump_kernel()) {
2916 			iommu_disable_translation(iommu);
2917 			clear_translation_pre_enabled(iommu);
2918 			pr_warn("Translation was enabled for %s but we are not in kdump mode\n",
2919 				iommu->name);
2920 		}
2921 
2922 		/*
2923 		 * TBD:
2924 		 * we could share the same root & context tables
2925 		 * among all IOMMU's. Need to Split it later.
2926 		 */
2927 		ret = iommu_alloc_root_entry(iommu);
2928 		if (ret)
2929 			goto free_iommu;
2930 
2931 		if (translation_pre_enabled(iommu)) {
2932 			pr_info("Translation already enabled - trying to copy translation structures\n");
2933 
2934 			ret = copy_translation_tables(iommu);
2935 			if (ret) {
2936 				/*
2937 				 * We found the IOMMU with translation
2938 				 * enabled - but failed to copy over the
2939 				 * old root-entry table. Try to proceed
2940 				 * by disabling translation now and
2941 				 * allocating a clean root-entry table.
2942 				 * This might cause DMAR faults, but
2943 				 * probably the dump will still succeed.
2944 				 */
2945 				pr_err("Failed to copy translation tables from previous kernel for %s\n",
2946 				       iommu->name);
2947 				iommu_disable_translation(iommu);
2948 				clear_translation_pre_enabled(iommu);
2949 			} else {
2950 				pr_info("Copied translation tables from previous kernel for %s\n",
2951 					iommu->name);
2952 			}
2953 		}
2954 
2955 		if (!ecap_pass_through(iommu->ecap))
2956 			hw_pass_through = 0;
2957 		intel_svm_check(iommu);
2958 	}
2959 
2960 	/*
2961 	 * Now that qi is enabled on all iommus, set the root entry and flush
2962 	 * caches. This is required on some Intel X58 chipsets, otherwise the
2963 	 * flush_context function will loop forever and the boot hangs.
2964 	 */
2965 	for_each_active_iommu(iommu, drhd) {
2966 		iommu_flush_write_buffer(iommu);
2967 #ifdef CONFIG_INTEL_IOMMU_SVM
2968 		register_pasid_allocator(iommu);
2969 #endif
2970 		iommu_set_root_entry(iommu);
2971 	}
2972 
2973 #ifdef CONFIG_INTEL_IOMMU_BROKEN_GFX_WA
2974 	dmar_map_gfx = 0;
2975 #endif
2976 
2977 	if (!dmar_map_gfx)
2978 		iommu_identity_mapping |= IDENTMAP_GFX;
2979 
2980 	check_tylersburg_isoch();
2981 
2982 	ret = si_domain_init(hw_pass_through);
2983 	if (ret)
2984 		goto free_iommu;
2985 
2986 	/*
2987 	 * for each drhd
2988 	 *   enable fault log
2989 	 *   global invalidate context cache
2990 	 *   global invalidate iotlb
2991 	 *   enable translation
2992 	 */
2993 	for_each_iommu(iommu, drhd) {
2994 		if (drhd->ignored) {
2995 			/*
2996 			 * we always have to disable PMRs or DMA may fail on
2997 			 * this device
2998 			 */
2999 			if (force_on)
3000 				iommu_disable_protect_mem_regions(iommu);
3001 			continue;
3002 		}
3003 
3004 		iommu_flush_write_buffer(iommu);
3005 
3006 #ifdef CONFIG_INTEL_IOMMU_SVM
3007 		if (pasid_supported(iommu) && ecap_prs(iommu->ecap)) {
3008 			/*
3009 			 * Call dmar_alloc_hwirq() with dmar_global_lock held,
3010 			 * could cause possible lock race condition.
3011 			 */
3012 			up_write(&dmar_global_lock);
3013 			ret = intel_svm_enable_prq(iommu);
3014 			down_write(&dmar_global_lock);
3015 			if (ret)
3016 				goto free_iommu;
3017 		}
3018 #endif
3019 		ret = dmar_set_interrupt(iommu);
3020 		if (ret)
3021 			goto free_iommu;
3022 	}
3023 
3024 	return 0;
3025 
3026 free_iommu:
3027 	for_each_active_iommu(iommu, drhd) {
3028 		disable_dmar_iommu(iommu);
3029 		free_dmar_iommu(iommu);
3030 	}
3031 	if (si_domain) {
3032 		domain_exit(si_domain);
3033 		si_domain = NULL;
3034 	}
3035 
3036 	return ret;
3037 }
3038 
3039 static void __init init_no_remapping_devices(void)
3040 {
3041 	struct dmar_drhd_unit *drhd;
3042 	struct device *dev;
3043 	int i;
3044 
3045 	for_each_drhd_unit(drhd) {
3046 		if (!drhd->include_all) {
3047 			for_each_active_dev_scope(drhd->devices,
3048 						  drhd->devices_cnt, i, dev)
3049 				break;
3050 			/* ignore DMAR unit if no devices exist */
3051 			if (i == drhd->devices_cnt)
3052 				drhd->ignored = 1;
3053 		}
3054 	}
3055 
3056 	for_each_active_drhd_unit(drhd) {
3057 		if (drhd->include_all)
3058 			continue;
3059 
3060 		for_each_active_dev_scope(drhd->devices,
3061 					  drhd->devices_cnt, i, dev)
3062 			if (!dev_is_pci(dev) || !IS_GFX_DEVICE(to_pci_dev(dev)))
3063 				break;
3064 		if (i < drhd->devices_cnt)
3065 			continue;
3066 
3067 		/* This IOMMU has *only* gfx devices. Either bypass it or
3068 		   set the gfx_mapped flag, as appropriate */
3069 		drhd->gfx_dedicated = 1;
3070 		if (!dmar_map_gfx)
3071 			drhd->ignored = 1;
3072 	}
3073 }
3074 
3075 #ifdef CONFIG_SUSPEND
3076 static int init_iommu_hw(void)
3077 {
3078 	struct dmar_drhd_unit *drhd;
3079 	struct intel_iommu *iommu = NULL;
3080 
3081 	for_each_active_iommu(iommu, drhd)
3082 		if (iommu->qi)
3083 			dmar_reenable_qi(iommu);
3084 
3085 	for_each_iommu(iommu, drhd) {
3086 		if (drhd->ignored) {
3087 			/*
3088 			 * we always have to disable PMRs or DMA may fail on
3089 			 * this device
3090 			 */
3091 			if (force_on)
3092 				iommu_disable_protect_mem_regions(iommu);
3093 			continue;
3094 		}
3095 
3096 		iommu_flush_write_buffer(iommu);
3097 		iommu_set_root_entry(iommu);
3098 		iommu_enable_translation(iommu);
3099 		iommu_disable_protect_mem_regions(iommu);
3100 	}
3101 
3102 	return 0;
3103 }
3104 
3105 static void iommu_flush_all(void)
3106 {
3107 	struct dmar_drhd_unit *drhd;
3108 	struct intel_iommu *iommu;
3109 
3110 	for_each_active_iommu(iommu, drhd) {
3111 		iommu->flush.flush_context(iommu, 0, 0, 0,
3112 					   DMA_CCMD_GLOBAL_INVL);
3113 		iommu->flush.flush_iotlb(iommu, 0, 0, 0,
3114 					 DMA_TLB_GLOBAL_FLUSH);
3115 	}
3116 }
3117 
3118 static int iommu_suspend(void)
3119 {
3120 	struct dmar_drhd_unit *drhd;
3121 	struct intel_iommu *iommu = NULL;
3122 	unsigned long flag;
3123 
3124 	for_each_active_iommu(iommu, drhd) {
3125 		iommu->iommu_state = kcalloc(MAX_SR_DMAR_REGS, sizeof(u32),
3126 					     GFP_KERNEL);
3127 		if (!iommu->iommu_state)
3128 			goto nomem;
3129 	}
3130 
3131 	iommu_flush_all();
3132 
3133 	for_each_active_iommu(iommu, drhd) {
3134 		iommu_disable_translation(iommu);
3135 
3136 		raw_spin_lock_irqsave(&iommu->register_lock, flag);
3137 
3138 		iommu->iommu_state[SR_DMAR_FECTL_REG] =
3139 			readl(iommu->reg + DMAR_FECTL_REG);
3140 		iommu->iommu_state[SR_DMAR_FEDATA_REG] =
3141 			readl(iommu->reg + DMAR_FEDATA_REG);
3142 		iommu->iommu_state[SR_DMAR_FEADDR_REG] =
3143 			readl(iommu->reg + DMAR_FEADDR_REG);
3144 		iommu->iommu_state[SR_DMAR_FEUADDR_REG] =
3145 			readl(iommu->reg + DMAR_FEUADDR_REG);
3146 
3147 		raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
3148 	}
3149 	return 0;
3150 
3151 nomem:
3152 	for_each_active_iommu(iommu, drhd)
3153 		kfree(iommu->iommu_state);
3154 
3155 	return -ENOMEM;
3156 }
3157 
3158 static void iommu_resume(void)
3159 {
3160 	struct dmar_drhd_unit *drhd;
3161 	struct intel_iommu *iommu = NULL;
3162 	unsigned long flag;
3163 
3164 	if (init_iommu_hw()) {
3165 		if (force_on)
3166 			panic("tboot: IOMMU setup failed, DMAR can not resume!\n");
3167 		else
3168 			WARN(1, "IOMMU setup failed, DMAR can not resume!\n");
3169 		return;
3170 	}
3171 
3172 	for_each_active_iommu(iommu, drhd) {
3173 
3174 		raw_spin_lock_irqsave(&iommu->register_lock, flag);
3175 
3176 		writel(iommu->iommu_state[SR_DMAR_FECTL_REG],
3177 			iommu->reg + DMAR_FECTL_REG);
3178 		writel(iommu->iommu_state[SR_DMAR_FEDATA_REG],
3179 			iommu->reg + DMAR_FEDATA_REG);
3180 		writel(iommu->iommu_state[SR_DMAR_FEADDR_REG],
3181 			iommu->reg + DMAR_FEADDR_REG);
3182 		writel(iommu->iommu_state[SR_DMAR_FEUADDR_REG],
3183 			iommu->reg + DMAR_FEUADDR_REG);
3184 
3185 		raw_spin_unlock_irqrestore(&iommu->register_lock, flag);
3186 	}
3187 
3188 	for_each_active_iommu(iommu, drhd)
3189 		kfree(iommu->iommu_state);
3190 }
3191 
3192 static struct syscore_ops iommu_syscore_ops = {
3193 	.resume		= iommu_resume,
3194 	.suspend	= iommu_suspend,
3195 };
3196 
3197 static void __init init_iommu_pm_ops(void)
3198 {
3199 	register_syscore_ops(&iommu_syscore_ops);
3200 }
3201 
3202 #else
3203 static inline void init_iommu_pm_ops(void) {}
3204 #endif	/* CONFIG_PM */
3205 
3206 static int __init rmrr_sanity_check(struct acpi_dmar_reserved_memory *rmrr)
3207 {
3208 	if (!IS_ALIGNED(rmrr->base_address, PAGE_SIZE) ||
3209 	    !IS_ALIGNED(rmrr->end_address + 1, PAGE_SIZE) ||
3210 	    rmrr->end_address <= rmrr->base_address ||
3211 	    arch_rmrr_sanity_check(rmrr))
3212 		return -EINVAL;
3213 
3214 	return 0;
3215 }
3216 
3217 int __init dmar_parse_one_rmrr(struct acpi_dmar_header *header, void *arg)
3218 {
3219 	struct acpi_dmar_reserved_memory *rmrr;
3220 	struct dmar_rmrr_unit *rmrru;
3221 
3222 	rmrr = (struct acpi_dmar_reserved_memory *)header;
3223 	if (rmrr_sanity_check(rmrr)) {
3224 		pr_warn(FW_BUG
3225 			   "Your BIOS is broken; bad RMRR [%#018Lx-%#018Lx]\n"
3226 			   "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
3227 			   rmrr->base_address, rmrr->end_address,
3228 			   dmi_get_system_info(DMI_BIOS_VENDOR),
3229 			   dmi_get_system_info(DMI_BIOS_VERSION),
3230 			   dmi_get_system_info(DMI_PRODUCT_VERSION));
3231 		add_taint(TAINT_FIRMWARE_WORKAROUND, LOCKDEP_STILL_OK);
3232 	}
3233 
3234 	rmrru = kzalloc(sizeof(*rmrru), GFP_KERNEL);
3235 	if (!rmrru)
3236 		goto out;
3237 
3238 	rmrru->hdr = header;
3239 
3240 	rmrru->base_address = rmrr->base_address;
3241 	rmrru->end_address = rmrr->end_address;
3242 
3243 	rmrru->devices = dmar_alloc_dev_scope((void *)(rmrr + 1),
3244 				((void *)rmrr) + rmrr->header.length,
3245 				&rmrru->devices_cnt);
3246 	if (rmrru->devices_cnt && rmrru->devices == NULL)
3247 		goto free_rmrru;
3248 
3249 	list_add(&rmrru->list, &dmar_rmrr_units);
3250 
3251 	return 0;
3252 free_rmrru:
3253 	kfree(rmrru);
3254 out:
3255 	return -ENOMEM;
3256 }
3257 
3258 static struct dmar_atsr_unit *dmar_find_atsr(struct acpi_dmar_atsr *atsr)
3259 {
3260 	struct dmar_atsr_unit *atsru;
3261 	struct acpi_dmar_atsr *tmp;
3262 
3263 	list_for_each_entry_rcu(atsru, &dmar_atsr_units, list,
3264 				dmar_rcu_check()) {
3265 		tmp = (struct acpi_dmar_atsr *)atsru->hdr;
3266 		if (atsr->segment != tmp->segment)
3267 			continue;
3268 		if (atsr->header.length != tmp->header.length)
3269 			continue;
3270 		if (memcmp(atsr, tmp, atsr->header.length) == 0)
3271 			return atsru;
3272 	}
3273 
3274 	return NULL;
3275 }
3276 
3277 int dmar_parse_one_atsr(struct acpi_dmar_header *hdr, void *arg)
3278 {
3279 	struct acpi_dmar_atsr *atsr;
3280 	struct dmar_atsr_unit *atsru;
3281 
3282 	if (system_state >= SYSTEM_RUNNING && !intel_iommu_enabled)
3283 		return 0;
3284 
3285 	atsr = container_of(hdr, struct acpi_dmar_atsr, header);
3286 	atsru = dmar_find_atsr(atsr);
3287 	if (atsru)
3288 		return 0;
3289 
3290 	atsru = kzalloc(sizeof(*atsru) + hdr->length, GFP_KERNEL);
3291 	if (!atsru)
3292 		return -ENOMEM;
3293 
3294 	/*
3295 	 * If memory is allocated from slab by ACPI _DSM method, we need to
3296 	 * copy the memory content because the memory buffer will be freed
3297 	 * on return.
3298 	 */
3299 	atsru->hdr = (void *)(atsru + 1);
3300 	memcpy(atsru->hdr, hdr, hdr->length);
3301 	atsru->include_all = atsr->flags & 0x1;
3302 	if (!atsru->include_all) {
3303 		atsru->devices = dmar_alloc_dev_scope((void *)(atsr + 1),
3304 				(void *)atsr + atsr->header.length,
3305 				&atsru->devices_cnt);
3306 		if (atsru->devices_cnt && atsru->devices == NULL) {
3307 			kfree(atsru);
3308 			return -ENOMEM;
3309 		}
3310 	}
3311 
3312 	list_add_rcu(&atsru->list, &dmar_atsr_units);
3313 
3314 	return 0;
3315 }
3316 
3317 static void intel_iommu_free_atsr(struct dmar_atsr_unit *atsru)
3318 {
3319 	dmar_free_dev_scope(&atsru->devices, &atsru->devices_cnt);
3320 	kfree(atsru);
3321 }
3322 
3323 int dmar_release_one_atsr(struct acpi_dmar_header *hdr, void *arg)
3324 {
3325 	struct acpi_dmar_atsr *atsr;
3326 	struct dmar_atsr_unit *atsru;
3327 
3328 	atsr = container_of(hdr, struct acpi_dmar_atsr, header);
3329 	atsru = dmar_find_atsr(atsr);
3330 	if (atsru) {
3331 		list_del_rcu(&atsru->list);
3332 		synchronize_rcu();
3333 		intel_iommu_free_atsr(atsru);
3334 	}
3335 
3336 	return 0;
3337 }
3338 
3339 int dmar_check_one_atsr(struct acpi_dmar_header *hdr, void *arg)
3340 {
3341 	int i;
3342 	struct device *dev;
3343 	struct acpi_dmar_atsr *atsr;
3344 	struct dmar_atsr_unit *atsru;
3345 
3346 	atsr = container_of(hdr, struct acpi_dmar_atsr, header);
3347 	atsru = dmar_find_atsr(atsr);
3348 	if (!atsru)
3349 		return 0;
3350 
3351 	if (!atsru->include_all && atsru->devices && atsru->devices_cnt) {
3352 		for_each_active_dev_scope(atsru->devices, atsru->devices_cnt,
3353 					  i, dev)
3354 			return -EBUSY;
3355 	}
3356 
3357 	return 0;
3358 }
3359 
3360 static struct dmar_satc_unit *dmar_find_satc(struct acpi_dmar_satc *satc)
3361 {
3362 	struct dmar_satc_unit *satcu;
3363 	struct acpi_dmar_satc *tmp;
3364 
3365 	list_for_each_entry_rcu(satcu, &dmar_satc_units, list,
3366 				dmar_rcu_check()) {
3367 		tmp = (struct acpi_dmar_satc *)satcu->hdr;
3368 		if (satc->segment != tmp->segment)
3369 			continue;
3370 		if (satc->header.length != tmp->header.length)
3371 			continue;
3372 		if (memcmp(satc, tmp, satc->header.length) == 0)
3373 			return satcu;
3374 	}
3375 
3376 	return NULL;
3377 }
3378 
3379 int dmar_parse_one_satc(struct acpi_dmar_header *hdr, void *arg)
3380 {
3381 	struct acpi_dmar_satc *satc;
3382 	struct dmar_satc_unit *satcu;
3383 
3384 	if (system_state >= SYSTEM_RUNNING && !intel_iommu_enabled)
3385 		return 0;
3386 
3387 	satc = container_of(hdr, struct acpi_dmar_satc, header);
3388 	satcu = dmar_find_satc(satc);
3389 	if (satcu)
3390 		return 0;
3391 
3392 	satcu = kzalloc(sizeof(*satcu) + hdr->length, GFP_KERNEL);
3393 	if (!satcu)
3394 		return -ENOMEM;
3395 
3396 	satcu->hdr = (void *)(satcu + 1);
3397 	memcpy(satcu->hdr, hdr, hdr->length);
3398 	satcu->atc_required = satc->flags & 0x1;
3399 	satcu->devices = dmar_alloc_dev_scope((void *)(satc + 1),
3400 					      (void *)satc + satc->header.length,
3401 					      &satcu->devices_cnt);
3402 	if (satcu->devices_cnt && !satcu->devices) {
3403 		kfree(satcu);
3404 		return -ENOMEM;
3405 	}
3406 	list_add_rcu(&satcu->list, &dmar_satc_units);
3407 
3408 	return 0;
3409 }
3410 
3411 static int intel_iommu_add(struct dmar_drhd_unit *dmaru)
3412 {
3413 	int sp, ret;
3414 	struct intel_iommu *iommu = dmaru->iommu;
3415 
3416 	ret = intel_cap_audit(CAP_AUDIT_HOTPLUG_DMAR, iommu);
3417 	if (ret)
3418 		goto out;
3419 
3420 	if (hw_pass_through && !ecap_pass_through(iommu->ecap)) {
3421 		pr_warn("%s: Doesn't support hardware pass through.\n",
3422 			iommu->name);
3423 		return -ENXIO;
3424 	}
3425 
3426 	sp = domain_update_iommu_superpage(NULL, iommu) - 1;
3427 	if (sp >= 0 && !(cap_super_page_val(iommu->cap) & (1 << sp))) {
3428 		pr_warn("%s: Doesn't support large page.\n",
3429 			iommu->name);
3430 		return -ENXIO;
3431 	}
3432 
3433 	/*
3434 	 * Disable translation if already enabled prior to OS handover.
3435 	 */
3436 	if (iommu->gcmd & DMA_GCMD_TE)
3437 		iommu_disable_translation(iommu);
3438 
3439 	ret = iommu_init_domains(iommu);
3440 	if (ret == 0)
3441 		ret = iommu_alloc_root_entry(iommu);
3442 	if (ret)
3443 		goto out;
3444 
3445 	intel_svm_check(iommu);
3446 
3447 	if (dmaru->ignored) {
3448 		/*
3449 		 * we always have to disable PMRs or DMA may fail on this device
3450 		 */
3451 		if (force_on)
3452 			iommu_disable_protect_mem_regions(iommu);
3453 		return 0;
3454 	}
3455 
3456 	intel_iommu_init_qi(iommu);
3457 	iommu_flush_write_buffer(iommu);
3458 
3459 #ifdef CONFIG_INTEL_IOMMU_SVM
3460 	if (pasid_supported(iommu) && ecap_prs(iommu->ecap)) {
3461 		ret = intel_svm_enable_prq(iommu);
3462 		if (ret)
3463 			goto disable_iommu;
3464 	}
3465 #endif
3466 	ret = dmar_set_interrupt(iommu);
3467 	if (ret)
3468 		goto disable_iommu;
3469 
3470 	iommu_set_root_entry(iommu);
3471 	iommu_enable_translation(iommu);
3472 
3473 	iommu_disable_protect_mem_regions(iommu);
3474 	return 0;
3475 
3476 disable_iommu:
3477 	disable_dmar_iommu(iommu);
3478 out:
3479 	free_dmar_iommu(iommu);
3480 	return ret;
3481 }
3482 
3483 int dmar_iommu_hotplug(struct dmar_drhd_unit *dmaru, bool insert)
3484 {
3485 	int ret = 0;
3486 	struct intel_iommu *iommu = dmaru->iommu;
3487 
3488 	if (!intel_iommu_enabled)
3489 		return 0;
3490 	if (iommu == NULL)
3491 		return -EINVAL;
3492 
3493 	if (insert) {
3494 		ret = intel_iommu_add(dmaru);
3495 	} else {
3496 		disable_dmar_iommu(iommu);
3497 		free_dmar_iommu(iommu);
3498 	}
3499 
3500 	return ret;
3501 }
3502 
3503 static void intel_iommu_free_dmars(void)
3504 {
3505 	struct dmar_rmrr_unit *rmrru, *rmrr_n;
3506 	struct dmar_atsr_unit *atsru, *atsr_n;
3507 	struct dmar_satc_unit *satcu, *satc_n;
3508 
3509 	list_for_each_entry_safe(rmrru, rmrr_n, &dmar_rmrr_units, list) {
3510 		list_del(&rmrru->list);
3511 		dmar_free_dev_scope(&rmrru->devices, &rmrru->devices_cnt);
3512 		kfree(rmrru);
3513 	}
3514 
3515 	list_for_each_entry_safe(atsru, atsr_n, &dmar_atsr_units, list) {
3516 		list_del(&atsru->list);
3517 		intel_iommu_free_atsr(atsru);
3518 	}
3519 	list_for_each_entry_safe(satcu, satc_n, &dmar_satc_units, list) {
3520 		list_del(&satcu->list);
3521 		dmar_free_dev_scope(&satcu->devices, &satcu->devices_cnt);
3522 		kfree(satcu);
3523 	}
3524 }
3525 
3526 static struct dmar_satc_unit *dmar_find_matched_satc_unit(struct pci_dev *dev)
3527 {
3528 	struct dmar_satc_unit *satcu;
3529 	struct acpi_dmar_satc *satc;
3530 	struct device *tmp;
3531 	int i;
3532 
3533 	dev = pci_physfn(dev);
3534 	rcu_read_lock();
3535 
3536 	list_for_each_entry_rcu(satcu, &dmar_satc_units, list) {
3537 		satc = container_of(satcu->hdr, struct acpi_dmar_satc, header);
3538 		if (satc->segment != pci_domain_nr(dev->bus))
3539 			continue;
3540 		for_each_dev_scope(satcu->devices, satcu->devices_cnt, i, tmp)
3541 			if (to_pci_dev(tmp) == dev)
3542 				goto out;
3543 	}
3544 	satcu = NULL;
3545 out:
3546 	rcu_read_unlock();
3547 	return satcu;
3548 }
3549 
3550 static int dmar_ats_supported(struct pci_dev *dev, struct intel_iommu *iommu)
3551 {
3552 	int i, ret = 1;
3553 	struct pci_bus *bus;
3554 	struct pci_dev *bridge = NULL;
3555 	struct device *tmp;
3556 	struct acpi_dmar_atsr *atsr;
3557 	struct dmar_atsr_unit *atsru;
3558 	struct dmar_satc_unit *satcu;
3559 
3560 	dev = pci_physfn(dev);
3561 	satcu = dmar_find_matched_satc_unit(dev);
3562 	if (satcu)
3563 		/*
3564 		 * This device supports ATS as it is in SATC table.
3565 		 * When IOMMU is in legacy mode, enabling ATS is done
3566 		 * automatically by HW for the device that requires
3567 		 * ATS, hence OS should not enable this device ATS
3568 		 * to avoid duplicated TLB invalidation.
3569 		 */
3570 		return !(satcu->atc_required && !sm_supported(iommu));
3571 
3572 	for (bus = dev->bus; bus; bus = bus->parent) {
3573 		bridge = bus->self;
3574 		/* If it's an integrated device, allow ATS */
3575 		if (!bridge)
3576 			return 1;
3577 		/* Connected via non-PCIe: no ATS */
3578 		if (!pci_is_pcie(bridge) ||
3579 		    pci_pcie_type(bridge) == PCI_EXP_TYPE_PCI_BRIDGE)
3580 			return 0;
3581 		/* If we found the root port, look it up in the ATSR */
3582 		if (pci_pcie_type(bridge) == PCI_EXP_TYPE_ROOT_PORT)
3583 			break;
3584 	}
3585 
3586 	rcu_read_lock();
3587 	list_for_each_entry_rcu(atsru, &dmar_atsr_units, list) {
3588 		atsr = container_of(atsru->hdr, struct acpi_dmar_atsr, header);
3589 		if (atsr->segment != pci_domain_nr(dev->bus))
3590 			continue;
3591 
3592 		for_each_dev_scope(atsru->devices, atsru->devices_cnt, i, tmp)
3593 			if (tmp == &bridge->dev)
3594 				goto out;
3595 
3596 		if (atsru->include_all)
3597 			goto out;
3598 	}
3599 	ret = 0;
3600 out:
3601 	rcu_read_unlock();
3602 
3603 	return ret;
3604 }
3605 
3606 int dmar_iommu_notify_scope_dev(struct dmar_pci_notify_info *info)
3607 {
3608 	int ret;
3609 	struct dmar_rmrr_unit *rmrru;
3610 	struct dmar_atsr_unit *atsru;
3611 	struct dmar_satc_unit *satcu;
3612 	struct acpi_dmar_atsr *atsr;
3613 	struct acpi_dmar_reserved_memory *rmrr;
3614 	struct acpi_dmar_satc *satc;
3615 
3616 	if (!intel_iommu_enabled && system_state >= SYSTEM_RUNNING)
3617 		return 0;
3618 
3619 	list_for_each_entry(rmrru, &dmar_rmrr_units, list) {
3620 		rmrr = container_of(rmrru->hdr,
3621 				    struct acpi_dmar_reserved_memory, header);
3622 		if (info->event == BUS_NOTIFY_ADD_DEVICE) {
3623 			ret = dmar_insert_dev_scope(info, (void *)(rmrr + 1),
3624 				((void *)rmrr) + rmrr->header.length,
3625 				rmrr->segment, rmrru->devices,
3626 				rmrru->devices_cnt);
3627 			if (ret < 0)
3628 				return ret;
3629 		} else if (info->event == BUS_NOTIFY_REMOVED_DEVICE) {
3630 			dmar_remove_dev_scope(info, rmrr->segment,
3631 				rmrru->devices, rmrru->devices_cnt);
3632 		}
3633 	}
3634 
3635 	list_for_each_entry(atsru, &dmar_atsr_units, list) {
3636 		if (atsru->include_all)
3637 			continue;
3638 
3639 		atsr = container_of(atsru->hdr, struct acpi_dmar_atsr, header);
3640 		if (info->event == BUS_NOTIFY_ADD_DEVICE) {
3641 			ret = dmar_insert_dev_scope(info, (void *)(atsr + 1),
3642 					(void *)atsr + atsr->header.length,
3643 					atsr->segment, atsru->devices,
3644 					atsru->devices_cnt);
3645 			if (ret > 0)
3646 				break;
3647 			else if (ret < 0)
3648 				return ret;
3649 		} else if (info->event == BUS_NOTIFY_REMOVED_DEVICE) {
3650 			if (dmar_remove_dev_scope(info, atsr->segment,
3651 					atsru->devices, atsru->devices_cnt))
3652 				break;
3653 		}
3654 	}
3655 	list_for_each_entry(satcu, &dmar_satc_units, list) {
3656 		satc = container_of(satcu->hdr, struct acpi_dmar_satc, header);
3657 		if (info->event == BUS_NOTIFY_ADD_DEVICE) {
3658 			ret = dmar_insert_dev_scope(info, (void *)(satc + 1),
3659 					(void *)satc + satc->header.length,
3660 					satc->segment, satcu->devices,
3661 					satcu->devices_cnt);
3662 			if (ret > 0)
3663 				break;
3664 			else if (ret < 0)
3665 				return ret;
3666 		} else if (info->event == BUS_NOTIFY_REMOVED_DEVICE) {
3667 			if (dmar_remove_dev_scope(info, satc->segment,
3668 					satcu->devices, satcu->devices_cnt))
3669 				break;
3670 		}
3671 	}
3672 
3673 	return 0;
3674 }
3675 
3676 static int intel_iommu_memory_notifier(struct notifier_block *nb,
3677 				       unsigned long val, void *v)
3678 {
3679 	struct memory_notify *mhp = v;
3680 	unsigned long start_vpfn = mm_to_dma_pfn(mhp->start_pfn);
3681 	unsigned long last_vpfn = mm_to_dma_pfn(mhp->start_pfn +
3682 			mhp->nr_pages - 1);
3683 
3684 	switch (val) {
3685 	case MEM_GOING_ONLINE:
3686 		if (iommu_domain_identity_map(si_domain,
3687 					      start_vpfn, last_vpfn)) {
3688 			pr_warn("Failed to build identity map for [%lx-%lx]\n",
3689 				start_vpfn, last_vpfn);
3690 			return NOTIFY_BAD;
3691 		}
3692 		break;
3693 
3694 	case MEM_OFFLINE:
3695 	case MEM_CANCEL_ONLINE:
3696 		{
3697 			struct dmar_drhd_unit *drhd;
3698 			struct intel_iommu *iommu;
3699 			LIST_HEAD(freelist);
3700 
3701 			domain_unmap(si_domain, start_vpfn, last_vpfn, &freelist);
3702 
3703 			rcu_read_lock();
3704 			for_each_active_iommu(iommu, drhd)
3705 				iommu_flush_iotlb_psi(iommu, si_domain,
3706 					start_vpfn, mhp->nr_pages,
3707 					list_empty(&freelist), 0);
3708 			rcu_read_unlock();
3709 			put_pages_list(&freelist);
3710 		}
3711 		break;
3712 	}
3713 
3714 	return NOTIFY_OK;
3715 }
3716 
3717 static struct notifier_block intel_iommu_memory_nb = {
3718 	.notifier_call = intel_iommu_memory_notifier,
3719 	.priority = 0
3720 };
3721 
3722 static void intel_disable_iommus(void)
3723 {
3724 	struct intel_iommu *iommu = NULL;
3725 	struct dmar_drhd_unit *drhd;
3726 
3727 	for_each_iommu(iommu, drhd)
3728 		iommu_disable_translation(iommu);
3729 }
3730 
3731 void intel_iommu_shutdown(void)
3732 {
3733 	struct dmar_drhd_unit *drhd;
3734 	struct intel_iommu *iommu = NULL;
3735 
3736 	if (no_iommu || dmar_disabled)
3737 		return;
3738 
3739 	down_write(&dmar_global_lock);
3740 
3741 	/* Disable PMRs explicitly here. */
3742 	for_each_iommu(iommu, drhd)
3743 		iommu_disable_protect_mem_regions(iommu);
3744 
3745 	/* Make sure the IOMMUs are switched off */
3746 	intel_disable_iommus();
3747 
3748 	up_write(&dmar_global_lock);
3749 }
3750 
3751 static inline struct intel_iommu *dev_to_intel_iommu(struct device *dev)
3752 {
3753 	struct iommu_device *iommu_dev = dev_to_iommu_device(dev);
3754 
3755 	return container_of(iommu_dev, struct intel_iommu, iommu);
3756 }
3757 
3758 static ssize_t version_show(struct device *dev,
3759 			    struct device_attribute *attr, char *buf)
3760 {
3761 	struct intel_iommu *iommu = dev_to_intel_iommu(dev);
3762 	u32 ver = readl(iommu->reg + DMAR_VER_REG);
3763 	return sprintf(buf, "%d:%d\n",
3764 		       DMAR_VER_MAJOR(ver), DMAR_VER_MINOR(ver));
3765 }
3766 static DEVICE_ATTR_RO(version);
3767 
3768 static ssize_t address_show(struct device *dev,
3769 			    struct device_attribute *attr, char *buf)
3770 {
3771 	struct intel_iommu *iommu = dev_to_intel_iommu(dev);
3772 	return sprintf(buf, "%llx\n", iommu->reg_phys);
3773 }
3774 static DEVICE_ATTR_RO(address);
3775 
3776 static ssize_t cap_show(struct device *dev,
3777 			struct device_attribute *attr, char *buf)
3778 {
3779 	struct intel_iommu *iommu = dev_to_intel_iommu(dev);
3780 	return sprintf(buf, "%llx\n", iommu->cap);
3781 }
3782 static DEVICE_ATTR_RO(cap);
3783 
3784 static ssize_t ecap_show(struct device *dev,
3785 			 struct device_attribute *attr, char *buf)
3786 {
3787 	struct intel_iommu *iommu = dev_to_intel_iommu(dev);
3788 	return sprintf(buf, "%llx\n", iommu->ecap);
3789 }
3790 static DEVICE_ATTR_RO(ecap);
3791 
3792 static ssize_t domains_supported_show(struct device *dev,
3793 				      struct device_attribute *attr, char *buf)
3794 {
3795 	struct intel_iommu *iommu = dev_to_intel_iommu(dev);
3796 	return sprintf(buf, "%ld\n", cap_ndoms(iommu->cap));
3797 }
3798 static DEVICE_ATTR_RO(domains_supported);
3799 
3800 static ssize_t domains_used_show(struct device *dev,
3801 				 struct device_attribute *attr, char *buf)
3802 {
3803 	struct intel_iommu *iommu = dev_to_intel_iommu(dev);
3804 	return sprintf(buf, "%d\n", bitmap_weight(iommu->domain_ids,
3805 						  cap_ndoms(iommu->cap)));
3806 }
3807 static DEVICE_ATTR_RO(domains_used);
3808 
3809 static struct attribute *intel_iommu_attrs[] = {
3810 	&dev_attr_version.attr,
3811 	&dev_attr_address.attr,
3812 	&dev_attr_cap.attr,
3813 	&dev_attr_ecap.attr,
3814 	&dev_attr_domains_supported.attr,
3815 	&dev_attr_domains_used.attr,
3816 	NULL,
3817 };
3818 
3819 static struct attribute_group intel_iommu_group = {
3820 	.name = "intel-iommu",
3821 	.attrs = intel_iommu_attrs,
3822 };
3823 
3824 const struct attribute_group *intel_iommu_groups[] = {
3825 	&intel_iommu_group,
3826 	NULL,
3827 };
3828 
3829 static inline bool has_external_pci(void)
3830 {
3831 	struct pci_dev *pdev = NULL;
3832 
3833 	for_each_pci_dev(pdev)
3834 		if (pdev->external_facing) {
3835 			pci_dev_put(pdev);
3836 			return true;
3837 		}
3838 
3839 	return false;
3840 }
3841 
3842 static int __init platform_optin_force_iommu(void)
3843 {
3844 	if (!dmar_platform_optin() || no_platform_optin || !has_external_pci())
3845 		return 0;
3846 
3847 	if (no_iommu || dmar_disabled)
3848 		pr_info("Intel-IOMMU force enabled due to platform opt in\n");
3849 
3850 	/*
3851 	 * If Intel-IOMMU is disabled by default, we will apply identity
3852 	 * map for all devices except those marked as being untrusted.
3853 	 */
3854 	if (dmar_disabled)
3855 		iommu_set_default_passthrough(false);
3856 
3857 	dmar_disabled = 0;
3858 	no_iommu = 0;
3859 
3860 	return 1;
3861 }
3862 
3863 static int __init probe_acpi_namespace_devices(void)
3864 {
3865 	struct dmar_drhd_unit *drhd;
3866 	/* To avoid a -Wunused-but-set-variable warning. */
3867 	struct intel_iommu *iommu __maybe_unused;
3868 	struct device *dev;
3869 	int i, ret = 0;
3870 
3871 	for_each_active_iommu(iommu, drhd) {
3872 		for_each_active_dev_scope(drhd->devices,
3873 					  drhd->devices_cnt, i, dev) {
3874 			struct acpi_device_physical_node *pn;
3875 			struct iommu_group *group;
3876 			struct acpi_device *adev;
3877 
3878 			if (dev->bus != &acpi_bus_type)
3879 				continue;
3880 
3881 			adev = to_acpi_device(dev);
3882 			mutex_lock(&adev->physical_node_lock);
3883 			list_for_each_entry(pn,
3884 					    &adev->physical_node_list, node) {
3885 				group = iommu_group_get(pn->dev);
3886 				if (group) {
3887 					iommu_group_put(group);
3888 					continue;
3889 				}
3890 
3891 				ret = iommu_probe_device(pn->dev);
3892 				if (ret)
3893 					break;
3894 			}
3895 			mutex_unlock(&adev->physical_node_lock);
3896 
3897 			if (ret)
3898 				return ret;
3899 		}
3900 	}
3901 
3902 	return 0;
3903 }
3904 
3905 static __init int tboot_force_iommu(void)
3906 {
3907 	if (!tboot_enabled())
3908 		return 0;
3909 
3910 	if (no_iommu || dmar_disabled)
3911 		pr_warn("Forcing Intel-IOMMU to enabled\n");
3912 
3913 	dmar_disabled = 0;
3914 	no_iommu = 0;
3915 
3916 	return 1;
3917 }
3918 
3919 int __init intel_iommu_init(void)
3920 {
3921 	int ret = -ENODEV;
3922 	struct dmar_drhd_unit *drhd;
3923 	struct intel_iommu *iommu;
3924 
3925 	/*
3926 	 * Intel IOMMU is required for a TXT/tboot launch or platform
3927 	 * opt in, so enforce that.
3928 	 */
3929 	force_on = (!intel_iommu_tboot_noforce && tboot_force_iommu()) ||
3930 		    platform_optin_force_iommu();
3931 
3932 	down_write(&dmar_global_lock);
3933 	if (dmar_table_init()) {
3934 		if (force_on)
3935 			panic("tboot: Failed to initialize DMAR table\n");
3936 		goto out_free_dmar;
3937 	}
3938 
3939 	if (dmar_dev_scope_init() < 0) {
3940 		if (force_on)
3941 			panic("tboot: Failed to initialize DMAR device scope\n");
3942 		goto out_free_dmar;
3943 	}
3944 
3945 	up_write(&dmar_global_lock);
3946 
3947 	/*
3948 	 * The bus notifier takes the dmar_global_lock, so lockdep will
3949 	 * complain later when we register it under the lock.
3950 	 */
3951 	dmar_register_bus_notifier();
3952 
3953 	down_write(&dmar_global_lock);
3954 
3955 	if (!no_iommu)
3956 		intel_iommu_debugfs_init();
3957 
3958 	if (no_iommu || dmar_disabled) {
3959 		/*
3960 		 * We exit the function here to ensure IOMMU's remapping and
3961 		 * mempool aren't setup, which means that the IOMMU's PMRs
3962 		 * won't be disabled via the call to init_dmars(). So disable
3963 		 * it explicitly here. The PMRs were setup by tboot prior to
3964 		 * calling SENTER, but the kernel is expected to reset/tear
3965 		 * down the PMRs.
3966 		 */
3967 		if (intel_iommu_tboot_noforce) {
3968 			for_each_iommu(iommu, drhd)
3969 				iommu_disable_protect_mem_regions(iommu);
3970 		}
3971 
3972 		/*
3973 		 * Make sure the IOMMUs are switched off, even when we
3974 		 * boot into a kexec kernel and the previous kernel left
3975 		 * them enabled
3976 		 */
3977 		intel_disable_iommus();
3978 		goto out_free_dmar;
3979 	}
3980 
3981 	if (list_empty(&dmar_rmrr_units))
3982 		pr_info("No RMRR found\n");
3983 
3984 	if (list_empty(&dmar_atsr_units))
3985 		pr_info("No ATSR found\n");
3986 
3987 	if (list_empty(&dmar_satc_units))
3988 		pr_info("No SATC found\n");
3989 
3990 	init_no_remapping_devices();
3991 
3992 	ret = init_dmars();
3993 	if (ret) {
3994 		if (force_on)
3995 			panic("tboot: Failed to initialize DMARs\n");
3996 		pr_err("Initialization failed\n");
3997 		goto out_free_dmar;
3998 	}
3999 	up_write(&dmar_global_lock);
4000 
4001 	init_iommu_pm_ops();
4002 
4003 	down_read(&dmar_global_lock);
4004 	for_each_active_iommu(iommu, drhd) {
4005 		/*
4006 		 * The flush queue implementation does not perform
4007 		 * page-selective invalidations that are required for efficient
4008 		 * TLB flushes in virtual environments.  The benefit of batching
4009 		 * is likely to be much lower than the overhead of synchronizing
4010 		 * the virtual and physical IOMMU page-tables.
4011 		 */
4012 		if (cap_caching_mode(iommu->cap) &&
4013 		    !first_level_by_default(IOMMU_DOMAIN_DMA)) {
4014 			pr_info_once("IOMMU batching disallowed due to virtualization\n");
4015 			iommu_set_dma_strict();
4016 		}
4017 		iommu_device_sysfs_add(&iommu->iommu, NULL,
4018 				       intel_iommu_groups,
4019 				       "%s", iommu->name);
4020 		iommu_device_register(&iommu->iommu, &intel_iommu_ops, NULL);
4021 
4022 		iommu_pmu_register(iommu);
4023 	}
4024 	up_read(&dmar_global_lock);
4025 
4026 	if (si_domain && !hw_pass_through)
4027 		register_memory_notifier(&intel_iommu_memory_nb);
4028 
4029 	down_read(&dmar_global_lock);
4030 	if (probe_acpi_namespace_devices())
4031 		pr_warn("ACPI name space devices didn't probe correctly\n");
4032 
4033 	/* Finally, we enable the DMA remapping hardware. */
4034 	for_each_iommu(iommu, drhd) {
4035 		if (!drhd->ignored && !translation_pre_enabled(iommu))
4036 			iommu_enable_translation(iommu);
4037 
4038 		iommu_disable_protect_mem_regions(iommu);
4039 	}
4040 	up_read(&dmar_global_lock);
4041 
4042 	pr_info("Intel(R) Virtualization Technology for Directed I/O\n");
4043 
4044 	intel_iommu_enabled = 1;
4045 
4046 	return 0;
4047 
4048 out_free_dmar:
4049 	intel_iommu_free_dmars();
4050 	up_write(&dmar_global_lock);
4051 	return ret;
4052 }
4053 
4054 static int domain_context_clear_one_cb(struct pci_dev *pdev, u16 alias, void *opaque)
4055 {
4056 	struct device_domain_info *info = opaque;
4057 
4058 	domain_context_clear_one(info, PCI_BUS_NUM(alias), alias & 0xff);
4059 	return 0;
4060 }
4061 
4062 /*
4063  * NB - intel-iommu lacks any sort of reference counting for the users of
4064  * dependent devices.  If multiple endpoints have intersecting dependent
4065  * devices, unbinding the driver from any one of them will possibly leave
4066  * the others unable to operate.
4067  */
4068 static void domain_context_clear(struct device_domain_info *info)
4069 {
4070 	if (!info->iommu || !info->dev || !dev_is_pci(info->dev))
4071 		return;
4072 
4073 	pci_for_each_dma_alias(to_pci_dev(info->dev),
4074 			       &domain_context_clear_one_cb, info);
4075 }
4076 
4077 static void dmar_remove_one_dev_info(struct device *dev)
4078 {
4079 	struct device_domain_info *info = dev_iommu_priv_get(dev);
4080 	struct dmar_domain *domain = info->domain;
4081 	struct intel_iommu *iommu = info->iommu;
4082 	unsigned long flags;
4083 
4084 	if (!dev_is_real_dma_subdevice(info->dev)) {
4085 		if (dev_is_pci(info->dev) && sm_supported(iommu))
4086 			intel_pasid_tear_down_entry(iommu, info->dev,
4087 					PASID_RID2PASID, false);
4088 
4089 		iommu_disable_pci_caps(info);
4090 		domain_context_clear(info);
4091 	}
4092 
4093 	spin_lock_irqsave(&domain->lock, flags);
4094 	list_del(&info->link);
4095 	spin_unlock_irqrestore(&domain->lock, flags);
4096 
4097 	domain_detach_iommu(domain, iommu);
4098 	info->domain = NULL;
4099 }
4100 
4101 /*
4102  * Clear the page table pointer in context or pasid table entries so that
4103  * all DMA requests without PASID from the device are blocked. If the page
4104  * table has been set, clean up the data structures.
4105  */
4106 static void device_block_translation(struct device *dev)
4107 {
4108 	struct device_domain_info *info = dev_iommu_priv_get(dev);
4109 	struct intel_iommu *iommu = info->iommu;
4110 	unsigned long flags;
4111 
4112 	iommu_disable_pci_caps(info);
4113 	if (!dev_is_real_dma_subdevice(dev)) {
4114 		if (sm_supported(iommu))
4115 			intel_pasid_tear_down_entry(iommu, dev,
4116 						    PASID_RID2PASID, false);
4117 		else
4118 			domain_context_clear(info);
4119 	}
4120 
4121 	if (!info->domain)
4122 		return;
4123 
4124 	spin_lock_irqsave(&info->domain->lock, flags);
4125 	list_del(&info->link);
4126 	spin_unlock_irqrestore(&info->domain->lock, flags);
4127 
4128 	domain_detach_iommu(info->domain, iommu);
4129 	info->domain = NULL;
4130 }
4131 
4132 static int md_domain_init(struct dmar_domain *domain, int guest_width)
4133 {
4134 	int adjust_width;
4135 
4136 	/* calculate AGAW */
4137 	domain->gaw = guest_width;
4138 	adjust_width = guestwidth_to_adjustwidth(guest_width);
4139 	domain->agaw = width_to_agaw(adjust_width);
4140 
4141 	domain->iommu_coherency = false;
4142 	domain->iommu_superpage = 0;
4143 	domain->max_addr = 0;
4144 
4145 	/* always allocate the top pgd */
4146 	domain->pgd = alloc_pgtable_page(domain->nid, GFP_ATOMIC);
4147 	if (!domain->pgd)
4148 		return -ENOMEM;
4149 	domain_flush_cache(domain, domain->pgd, PAGE_SIZE);
4150 	return 0;
4151 }
4152 
4153 static int blocking_domain_attach_dev(struct iommu_domain *domain,
4154 				      struct device *dev)
4155 {
4156 	device_block_translation(dev);
4157 	return 0;
4158 }
4159 
4160 static struct iommu_domain blocking_domain = {
4161 	.ops = &(const struct iommu_domain_ops) {
4162 		.attach_dev	= blocking_domain_attach_dev,
4163 		.free		= intel_iommu_domain_free
4164 	}
4165 };
4166 
4167 static struct iommu_domain *intel_iommu_domain_alloc(unsigned type)
4168 {
4169 	struct dmar_domain *dmar_domain;
4170 	struct iommu_domain *domain;
4171 
4172 	switch (type) {
4173 	case IOMMU_DOMAIN_BLOCKED:
4174 		return &blocking_domain;
4175 	case IOMMU_DOMAIN_DMA:
4176 	case IOMMU_DOMAIN_DMA_FQ:
4177 	case IOMMU_DOMAIN_UNMANAGED:
4178 		dmar_domain = alloc_domain(type);
4179 		if (!dmar_domain) {
4180 			pr_err("Can't allocate dmar_domain\n");
4181 			return NULL;
4182 		}
4183 		if (md_domain_init(dmar_domain, DEFAULT_DOMAIN_ADDRESS_WIDTH)) {
4184 			pr_err("Domain initialization failed\n");
4185 			domain_exit(dmar_domain);
4186 			return NULL;
4187 		}
4188 
4189 		domain = &dmar_domain->domain;
4190 		domain->geometry.aperture_start = 0;
4191 		domain->geometry.aperture_end   =
4192 				__DOMAIN_MAX_ADDR(dmar_domain->gaw);
4193 		domain->geometry.force_aperture = true;
4194 
4195 		return domain;
4196 	case IOMMU_DOMAIN_IDENTITY:
4197 		return &si_domain->domain;
4198 	case IOMMU_DOMAIN_SVA:
4199 		return intel_svm_domain_alloc();
4200 	default:
4201 		return NULL;
4202 	}
4203 
4204 	return NULL;
4205 }
4206 
4207 static void intel_iommu_domain_free(struct iommu_domain *domain)
4208 {
4209 	if (domain != &si_domain->domain && domain != &blocking_domain)
4210 		domain_exit(to_dmar_domain(domain));
4211 }
4212 
4213 static int prepare_domain_attach_device(struct iommu_domain *domain,
4214 					struct device *dev)
4215 {
4216 	struct dmar_domain *dmar_domain = to_dmar_domain(domain);
4217 	struct intel_iommu *iommu;
4218 	int addr_width;
4219 
4220 	iommu = device_to_iommu(dev, NULL, NULL);
4221 	if (!iommu)
4222 		return -ENODEV;
4223 
4224 	if (dmar_domain->force_snooping && !ecap_sc_support(iommu->ecap))
4225 		return -EINVAL;
4226 
4227 	/* check if this iommu agaw is sufficient for max mapped address */
4228 	addr_width = agaw_to_width(iommu->agaw);
4229 	if (addr_width > cap_mgaw(iommu->cap))
4230 		addr_width = cap_mgaw(iommu->cap);
4231 
4232 	if (dmar_domain->max_addr > (1LL << addr_width))
4233 		return -EINVAL;
4234 	dmar_domain->gaw = addr_width;
4235 
4236 	/*
4237 	 * Knock out extra levels of page tables if necessary
4238 	 */
4239 	while (iommu->agaw < dmar_domain->agaw) {
4240 		struct dma_pte *pte;
4241 
4242 		pte = dmar_domain->pgd;
4243 		if (dma_pte_present(pte)) {
4244 			dmar_domain->pgd = phys_to_virt(dma_pte_addr(pte));
4245 			free_pgtable_page(pte);
4246 		}
4247 		dmar_domain->agaw--;
4248 	}
4249 
4250 	return 0;
4251 }
4252 
4253 static int intel_iommu_attach_device(struct iommu_domain *domain,
4254 				     struct device *dev)
4255 {
4256 	struct device_domain_info *info = dev_iommu_priv_get(dev);
4257 	int ret;
4258 
4259 	if (domain->type == IOMMU_DOMAIN_UNMANAGED &&
4260 	    device_is_rmrr_locked(dev)) {
4261 		dev_warn(dev, "Device is ineligible for IOMMU domain attach due to platform RMRR requirement.  Contact your platform vendor.\n");
4262 		return -EPERM;
4263 	}
4264 
4265 	if (info->domain)
4266 		device_block_translation(dev);
4267 
4268 	ret = prepare_domain_attach_device(domain, dev);
4269 	if (ret)
4270 		return ret;
4271 
4272 	return dmar_domain_attach_device(to_dmar_domain(domain), dev);
4273 }
4274 
4275 static int intel_iommu_map(struct iommu_domain *domain,
4276 			   unsigned long iova, phys_addr_t hpa,
4277 			   size_t size, int iommu_prot, gfp_t gfp)
4278 {
4279 	struct dmar_domain *dmar_domain = to_dmar_domain(domain);
4280 	u64 max_addr;
4281 	int prot = 0;
4282 
4283 	if (iommu_prot & IOMMU_READ)
4284 		prot |= DMA_PTE_READ;
4285 	if (iommu_prot & IOMMU_WRITE)
4286 		prot |= DMA_PTE_WRITE;
4287 	if (dmar_domain->set_pte_snp)
4288 		prot |= DMA_PTE_SNP;
4289 
4290 	max_addr = iova + size;
4291 	if (dmar_domain->max_addr < max_addr) {
4292 		u64 end;
4293 
4294 		/* check if minimum agaw is sufficient for mapped address */
4295 		end = __DOMAIN_MAX_ADDR(dmar_domain->gaw) + 1;
4296 		if (end < max_addr) {
4297 			pr_err("%s: iommu width (%d) is not "
4298 			       "sufficient for the mapped address (%llx)\n",
4299 			       __func__, dmar_domain->gaw, max_addr);
4300 			return -EFAULT;
4301 		}
4302 		dmar_domain->max_addr = max_addr;
4303 	}
4304 	/* Round up size to next multiple of PAGE_SIZE, if it and
4305 	   the low bits of hpa would take us onto the next page */
4306 	size = aligned_nrpages(hpa, size);
4307 	return __domain_mapping(dmar_domain, iova >> VTD_PAGE_SHIFT,
4308 				hpa >> VTD_PAGE_SHIFT, size, prot, gfp);
4309 }
4310 
4311 static int intel_iommu_map_pages(struct iommu_domain *domain,
4312 				 unsigned long iova, phys_addr_t paddr,
4313 				 size_t pgsize, size_t pgcount,
4314 				 int prot, gfp_t gfp, size_t *mapped)
4315 {
4316 	unsigned long pgshift = __ffs(pgsize);
4317 	size_t size = pgcount << pgshift;
4318 	int ret;
4319 
4320 	if (pgsize != SZ_4K && pgsize != SZ_2M && pgsize != SZ_1G)
4321 		return -EINVAL;
4322 
4323 	if (!IS_ALIGNED(iova | paddr, pgsize))
4324 		return -EINVAL;
4325 
4326 	ret = intel_iommu_map(domain, iova, paddr, size, prot, gfp);
4327 	if (!ret && mapped)
4328 		*mapped = size;
4329 
4330 	return ret;
4331 }
4332 
4333 static size_t intel_iommu_unmap(struct iommu_domain *domain,
4334 				unsigned long iova, size_t size,
4335 				struct iommu_iotlb_gather *gather)
4336 {
4337 	struct dmar_domain *dmar_domain = to_dmar_domain(domain);
4338 	unsigned long start_pfn, last_pfn;
4339 	int level = 0;
4340 
4341 	/* Cope with horrid API which requires us to unmap more than the
4342 	   size argument if it happens to be a large-page mapping. */
4343 	BUG_ON(!pfn_to_dma_pte(dmar_domain, iova >> VTD_PAGE_SHIFT, &level,
4344 			       GFP_ATOMIC));
4345 
4346 	if (size < VTD_PAGE_SIZE << level_to_offset_bits(level))
4347 		size = VTD_PAGE_SIZE << level_to_offset_bits(level);
4348 
4349 	start_pfn = iova >> VTD_PAGE_SHIFT;
4350 	last_pfn = (iova + size - 1) >> VTD_PAGE_SHIFT;
4351 
4352 	domain_unmap(dmar_domain, start_pfn, last_pfn, &gather->freelist);
4353 
4354 	if (dmar_domain->max_addr == iova + size)
4355 		dmar_domain->max_addr = iova;
4356 
4357 	/*
4358 	 * We do not use page-selective IOTLB invalidation in flush queue,
4359 	 * so there is no need to track page and sync iotlb.
4360 	 */
4361 	if (!iommu_iotlb_gather_queued(gather))
4362 		iommu_iotlb_gather_add_page(domain, gather, iova, size);
4363 
4364 	return size;
4365 }
4366 
4367 static size_t intel_iommu_unmap_pages(struct iommu_domain *domain,
4368 				      unsigned long iova,
4369 				      size_t pgsize, size_t pgcount,
4370 				      struct iommu_iotlb_gather *gather)
4371 {
4372 	unsigned long pgshift = __ffs(pgsize);
4373 	size_t size = pgcount << pgshift;
4374 
4375 	return intel_iommu_unmap(domain, iova, size, gather);
4376 }
4377 
4378 static void intel_iommu_tlb_sync(struct iommu_domain *domain,
4379 				 struct iommu_iotlb_gather *gather)
4380 {
4381 	struct dmar_domain *dmar_domain = to_dmar_domain(domain);
4382 	unsigned long iova_pfn = IOVA_PFN(gather->start);
4383 	size_t size = gather->end - gather->start;
4384 	struct iommu_domain_info *info;
4385 	unsigned long start_pfn;
4386 	unsigned long nrpages;
4387 	unsigned long i;
4388 
4389 	nrpages = aligned_nrpages(gather->start, size);
4390 	start_pfn = mm_to_dma_pfn(iova_pfn);
4391 
4392 	xa_for_each(&dmar_domain->iommu_array, i, info)
4393 		iommu_flush_iotlb_psi(info->iommu, dmar_domain,
4394 				      start_pfn, nrpages,
4395 				      list_empty(&gather->freelist), 0);
4396 
4397 	put_pages_list(&gather->freelist);
4398 }
4399 
4400 static phys_addr_t intel_iommu_iova_to_phys(struct iommu_domain *domain,
4401 					    dma_addr_t iova)
4402 {
4403 	struct dmar_domain *dmar_domain = to_dmar_domain(domain);
4404 	struct dma_pte *pte;
4405 	int level = 0;
4406 	u64 phys = 0;
4407 
4408 	pte = pfn_to_dma_pte(dmar_domain, iova >> VTD_PAGE_SHIFT, &level,
4409 			     GFP_ATOMIC);
4410 	if (pte && dma_pte_present(pte))
4411 		phys = dma_pte_addr(pte) +
4412 			(iova & (BIT_MASK(level_to_offset_bits(level) +
4413 						VTD_PAGE_SHIFT) - 1));
4414 
4415 	return phys;
4416 }
4417 
4418 static bool domain_support_force_snooping(struct dmar_domain *domain)
4419 {
4420 	struct device_domain_info *info;
4421 	bool support = true;
4422 
4423 	assert_spin_locked(&domain->lock);
4424 	list_for_each_entry(info, &domain->devices, link) {
4425 		if (!ecap_sc_support(info->iommu->ecap)) {
4426 			support = false;
4427 			break;
4428 		}
4429 	}
4430 
4431 	return support;
4432 }
4433 
4434 static void domain_set_force_snooping(struct dmar_domain *domain)
4435 {
4436 	struct device_domain_info *info;
4437 
4438 	assert_spin_locked(&domain->lock);
4439 	/*
4440 	 * Second level page table supports per-PTE snoop control. The
4441 	 * iommu_map() interface will handle this by setting SNP bit.
4442 	 */
4443 	if (!domain->use_first_level) {
4444 		domain->set_pte_snp = true;
4445 		return;
4446 	}
4447 
4448 	list_for_each_entry(info, &domain->devices, link)
4449 		intel_pasid_setup_page_snoop_control(info->iommu, info->dev,
4450 						     PASID_RID2PASID);
4451 }
4452 
4453 static bool intel_iommu_enforce_cache_coherency(struct iommu_domain *domain)
4454 {
4455 	struct dmar_domain *dmar_domain = to_dmar_domain(domain);
4456 	unsigned long flags;
4457 
4458 	if (dmar_domain->force_snooping)
4459 		return true;
4460 
4461 	spin_lock_irqsave(&dmar_domain->lock, flags);
4462 	if (!domain_support_force_snooping(dmar_domain)) {
4463 		spin_unlock_irqrestore(&dmar_domain->lock, flags);
4464 		return false;
4465 	}
4466 
4467 	domain_set_force_snooping(dmar_domain);
4468 	dmar_domain->force_snooping = true;
4469 	spin_unlock_irqrestore(&dmar_domain->lock, flags);
4470 
4471 	return true;
4472 }
4473 
4474 static bool intel_iommu_capable(struct device *dev, enum iommu_cap cap)
4475 {
4476 	struct device_domain_info *info = dev_iommu_priv_get(dev);
4477 
4478 	switch (cap) {
4479 	case IOMMU_CAP_CACHE_COHERENCY:
4480 		return true;
4481 	case IOMMU_CAP_PRE_BOOT_PROTECTION:
4482 		return dmar_platform_optin();
4483 	case IOMMU_CAP_ENFORCE_CACHE_COHERENCY:
4484 		return ecap_sc_support(info->iommu->ecap);
4485 	default:
4486 		return false;
4487 	}
4488 }
4489 
4490 static struct iommu_device *intel_iommu_probe_device(struct device *dev)
4491 {
4492 	struct pci_dev *pdev = dev_is_pci(dev) ? to_pci_dev(dev) : NULL;
4493 	struct device_domain_info *info;
4494 	struct intel_iommu *iommu;
4495 	u8 bus, devfn;
4496 	int ret;
4497 
4498 	iommu = device_to_iommu(dev, &bus, &devfn);
4499 	if (!iommu || !iommu->iommu.ops)
4500 		return ERR_PTR(-ENODEV);
4501 
4502 	info = kzalloc(sizeof(*info), GFP_KERNEL);
4503 	if (!info)
4504 		return ERR_PTR(-ENOMEM);
4505 
4506 	if (dev_is_real_dma_subdevice(dev)) {
4507 		info->bus = pdev->bus->number;
4508 		info->devfn = pdev->devfn;
4509 		info->segment = pci_domain_nr(pdev->bus);
4510 	} else {
4511 		info->bus = bus;
4512 		info->devfn = devfn;
4513 		info->segment = iommu->segment;
4514 	}
4515 
4516 	info->dev = dev;
4517 	info->iommu = iommu;
4518 	if (dev_is_pci(dev)) {
4519 		if (ecap_dev_iotlb_support(iommu->ecap) &&
4520 		    pci_ats_supported(pdev) &&
4521 		    dmar_ats_supported(pdev, iommu)) {
4522 			info->ats_supported = 1;
4523 			info->dtlb_extra_inval = dev_needs_extra_dtlb_flush(pdev);
4524 		}
4525 		if (sm_supported(iommu)) {
4526 			if (pasid_supported(iommu)) {
4527 				int features = pci_pasid_features(pdev);
4528 
4529 				if (features >= 0)
4530 					info->pasid_supported = features | 1;
4531 			}
4532 
4533 			if (info->ats_supported && ecap_prs(iommu->ecap) &&
4534 			    pci_pri_supported(pdev))
4535 				info->pri_supported = 1;
4536 		}
4537 	}
4538 
4539 	dev_iommu_priv_set(dev, info);
4540 
4541 	if (sm_supported(iommu) && !dev_is_real_dma_subdevice(dev)) {
4542 		ret = intel_pasid_alloc_table(dev);
4543 		if (ret) {
4544 			dev_err(dev, "PASID table allocation failed\n");
4545 			dev_iommu_priv_set(dev, NULL);
4546 			kfree(info);
4547 			return ERR_PTR(ret);
4548 		}
4549 	}
4550 
4551 	return &iommu->iommu;
4552 }
4553 
4554 static void intel_iommu_release_device(struct device *dev)
4555 {
4556 	struct device_domain_info *info = dev_iommu_priv_get(dev);
4557 
4558 	dmar_remove_one_dev_info(dev);
4559 	intel_pasid_free_table(dev);
4560 	dev_iommu_priv_set(dev, NULL);
4561 	kfree(info);
4562 	set_dma_ops(dev, NULL);
4563 }
4564 
4565 static void intel_iommu_probe_finalize(struct device *dev)
4566 {
4567 	set_dma_ops(dev, NULL);
4568 	iommu_setup_dma_ops(dev, 0, U64_MAX);
4569 }
4570 
4571 static void intel_iommu_get_resv_regions(struct device *device,
4572 					 struct list_head *head)
4573 {
4574 	int prot = DMA_PTE_READ | DMA_PTE_WRITE;
4575 	struct iommu_resv_region *reg;
4576 	struct dmar_rmrr_unit *rmrr;
4577 	struct device *i_dev;
4578 	int i;
4579 
4580 	rcu_read_lock();
4581 	for_each_rmrr_units(rmrr) {
4582 		for_each_active_dev_scope(rmrr->devices, rmrr->devices_cnt,
4583 					  i, i_dev) {
4584 			struct iommu_resv_region *resv;
4585 			enum iommu_resv_type type;
4586 			size_t length;
4587 
4588 			if (i_dev != device &&
4589 			    !is_downstream_to_pci_bridge(device, i_dev))
4590 				continue;
4591 
4592 			length = rmrr->end_address - rmrr->base_address + 1;
4593 
4594 			type = device_rmrr_is_relaxable(device) ?
4595 				IOMMU_RESV_DIRECT_RELAXABLE : IOMMU_RESV_DIRECT;
4596 
4597 			resv = iommu_alloc_resv_region(rmrr->base_address,
4598 						       length, prot, type,
4599 						       GFP_ATOMIC);
4600 			if (!resv)
4601 				break;
4602 
4603 			list_add_tail(&resv->list, head);
4604 		}
4605 	}
4606 	rcu_read_unlock();
4607 
4608 #ifdef CONFIG_INTEL_IOMMU_FLOPPY_WA
4609 	if (dev_is_pci(device)) {
4610 		struct pci_dev *pdev = to_pci_dev(device);
4611 
4612 		if ((pdev->class >> 8) == PCI_CLASS_BRIDGE_ISA) {
4613 			reg = iommu_alloc_resv_region(0, 1UL << 24, prot,
4614 					IOMMU_RESV_DIRECT_RELAXABLE,
4615 					GFP_KERNEL);
4616 			if (reg)
4617 				list_add_tail(&reg->list, head);
4618 		}
4619 	}
4620 #endif /* CONFIG_INTEL_IOMMU_FLOPPY_WA */
4621 
4622 	reg = iommu_alloc_resv_region(IOAPIC_RANGE_START,
4623 				      IOAPIC_RANGE_END - IOAPIC_RANGE_START + 1,
4624 				      0, IOMMU_RESV_MSI, GFP_KERNEL);
4625 	if (!reg)
4626 		return;
4627 	list_add_tail(&reg->list, head);
4628 }
4629 
4630 static struct iommu_group *intel_iommu_device_group(struct device *dev)
4631 {
4632 	if (dev_is_pci(dev))
4633 		return pci_device_group(dev);
4634 	return generic_device_group(dev);
4635 }
4636 
4637 static int intel_iommu_enable_sva(struct device *dev)
4638 {
4639 	struct device_domain_info *info = dev_iommu_priv_get(dev);
4640 	struct intel_iommu *iommu;
4641 	int ret;
4642 
4643 	if (!info || dmar_disabled)
4644 		return -EINVAL;
4645 
4646 	iommu = info->iommu;
4647 	if (!iommu)
4648 		return -EINVAL;
4649 
4650 	if (!(iommu->flags & VTD_FLAG_SVM_CAPABLE))
4651 		return -ENODEV;
4652 
4653 	if (!info->pasid_enabled || !info->pri_enabled || !info->ats_enabled)
4654 		return -EINVAL;
4655 
4656 	ret = iopf_queue_add_device(iommu->iopf_queue, dev);
4657 	if (ret)
4658 		return ret;
4659 
4660 	ret = iommu_register_device_fault_handler(dev, iommu_queue_iopf, dev);
4661 	if (ret)
4662 		iopf_queue_remove_device(iommu->iopf_queue, dev);
4663 
4664 	return ret;
4665 }
4666 
4667 static int intel_iommu_disable_sva(struct device *dev)
4668 {
4669 	struct device_domain_info *info = dev_iommu_priv_get(dev);
4670 	struct intel_iommu *iommu = info->iommu;
4671 	int ret;
4672 
4673 	ret = iommu_unregister_device_fault_handler(dev);
4674 	if (ret)
4675 		return ret;
4676 
4677 	ret = iopf_queue_remove_device(iommu->iopf_queue, dev);
4678 	if (ret)
4679 		iommu_register_device_fault_handler(dev, iommu_queue_iopf, dev);
4680 
4681 	return ret;
4682 }
4683 
4684 static int intel_iommu_enable_iopf(struct device *dev)
4685 {
4686 	struct device_domain_info *info = dev_iommu_priv_get(dev);
4687 
4688 	if (info && info->pri_supported)
4689 		return 0;
4690 
4691 	return -ENODEV;
4692 }
4693 
4694 static int
4695 intel_iommu_dev_enable_feat(struct device *dev, enum iommu_dev_features feat)
4696 {
4697 	switch (feat) {
4698 	case IOMMU_DEV_FEAT_IOPF:
4699 		return intel_iommu_enable_iopf(dev);
4700 
4701 	case IOMMU_DEV_FEAT_SVA:
4702 		return intel_iommu_enable_sva(dev);
4703 
4704 	default:
4705 		return -ENODEV;
4706 	}
4707 }
4708 
4709 static int
4710 intel_iommu_dev_disable_feat(struct device *dev, enum iommu_dev_features feat)
4711 {
4712 	switch (feat) {
4713 	case IOMMU_DEV_FEAT_IOPF:
4714 		return 0;
4715 
4716 	case IOMMU_DEV_FEAT_SVA:
4717 		return intel_iommu_disable_sva(dev);
4718 
4719 	default:
4720 		return -ENODEV;
4721 	}
4722 }
4723 
4724 static bool intel_iommu_is_attach_deferred(struct device *dev)
4725 {
4726 	struct device_domain_info *info = dev_iommu_priv_get(dev);
4727 
4728 	return translation_pre_enabled(info->iommu) && !info->domain;
4729 }
4730 
4731 /*
4732  * Check that the device does not live on an external facing PCI port that is
4733  * marked as untrusted. Such devices should not be able to apply quirks and
4734  * thus not be able to bypass the IOMMU restrictions.
4735  */
4736 static bool risky_device(struct pci_dev *pdev)
4737 {
4738 	if (pdev->untrusted) {
4739 		pci_info(pdev,
4740 			 "Skipping IOMMU quirk for dev [%04X:%04X] on untrusted PCI link\n",
4741 			 pdev->vendor, pdev->device);
4742 		pci_info(pdev, "Please check with your BIOS/Platform vendor about this\n");
4743 		return true;
4744 	}
4745 	return false;
4746 }
4747 
4748 static void intel_iommu_iotlb_sync_map(struct iommu_domain *domain,
4749 				       unsigned long iova, size_t size)
4750 {
4751 	struct dmar_domain *dmar_domain = to_dmar_domain(domain);
4752 	unsigned long pages = aligned_nrpages(iova, size);
4753 	unsigned long pfn = iova >> VTD_PAGE_SHIFT;
4754 	struct iommu_domain_info *info;
4755 	unsigned long i;
4756 
4757 	xa_for_each(&dmar_domain->iommu_array, i, info)
4758 		__mapping_notify_one(info->iommu, dmar_domain, pfn, pages);
4759 }
4760 
4761 static void intel_iommu_remove_dev_pasid(struct device *dev, ioasid_t pasid)
4762 {
4763 	struct intel_iommu *iommu = device_to_iommu(dev, NULL, NULL);
4764 	struct iommu_domain *domain;
4765 
4766 	/* Domain type specific cleanup: */
4767 	domain = iommu_get_domain_for_dev_pasid(dev, pasid, 0);
4768 	if (domain) {
4769 		switch (domain->type) {
4770 		case IOMMU_DOMAIN_SVA:
4771 			intel_svm_remove_dev_pasid(dev, pasid);
4772 			break;
4773 		default:
4774 			/* should never reach here */
4775 			WARN_ON(1);
4776 			break;
4777 		}
4778 	}
4779 
4780 	intel_pasid_tear_down_entry(iommu, dev, pasid, false);
4781 }
4782 
4783 const struct iommu_ops intel_iommu_ops = {
4784 	.capable		= intel_iommu_capable,
4785 	.domain_alloc		= intel_iommu_domain_alloc,
4786 	.probe_device		= intel_iommu_probe_device,
4787 	.probe_finalize		= intel_iommu_probe_finalize,
4788 	.release_device		= intel_iommu_release_device,
4789 	.get_resv_regions	= intel_iommu_get_resv_regions,
4790 	.device_group		= intel_iommu_device_group,
4791 	.dev_enable_feat	= intel_iommu_dev_enable_feat,
4792 	.dev_disable_feat	= intel_iommu_dev_disable_feat,
4793 	.is_attach_deferred	= intel_iommu_is_attach_deferred,
4794 	.def_domain_type	= device_def_domain_type,
4795 	.remove_dev_pasid	= intel_iommu_remove_dev_pasid,
4796 	.pgsize_bitmap		= SZ_4K,
4797 #ifdef CONFIG_INTEL_IOMMU_SVM
4798 	.page_response		= intel_svm_page_response,
4799 #endif
4800 	.default_domain_ops = &(const struct iommu_domain_ops) {
4801 		.attach_dev		= intel_iommu_attach_device,
4802 		.map_pages		= intel_iommu_map_pages,
4803 		.unmap_pages		= intel_iommu_unmap_pages,
4804 		.iotlb_sync_map		= intel_iommu_iotlb_sync_map,
4805 		.flush_iotlb_all        = intel_flush_iotlb_all,
4806 		.iotlb_sync		= intel_iommu_tlb_sync,
4807 		.iova_to_phys		= intel_iommu_iova_to_phys,
4808 		.free			= intel_iommu_domain_free,
4809 		.enforce_cache_coherency = intel_iommu_enforce_cache_coherency,
4810 	}
4811 };
4812 
4813 static void quirk_iommu_igfx(struct pci_dev *dev)
4814 {
4815 	if (risky_device(dev))
4816 		return;
4817 
4818 	pci_info(dev, "Disabling IOMMU for graphics on this chipset\n");
4819 	dmar_map_gfx = 0;
4820 }
4821 
4822 /* G4x/GM45 integrated gfx dmar support is totally busted. */
4823 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2a40, quirk_iommu_igfx);
4824 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e00, quirk_iommu_igfx);
4825 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e10, quirk_iommu_igfx);
4826 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e20, quirk_iommu_igfx);
4827 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e30, quirk_iommu_igfx);
4828 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e40, quirk_iommu_igfx);
4829 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e90, quirk_iommu_igfx);
4830 
4831 /* Broadwell igfx malfunctions with dmar */
4832 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1606, quirk_iommu_igfx);
4833 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x160B, quirk_iommu_igfx);
4834 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x160E, quirk_iommu_igfx);
4835 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1602, quirk_iommu_igfx);
4836 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x160A, quirk_iommu_igfx);
4837 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x160D, quirk_iommu_igfx);
4838 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1616, quirk_iommu_igfx);
4839 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x161B, quirk_iommu_igfx);
4840 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x161E, quirk_iommu_igfx);
4841 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1612, quirk_iommu_igfx);
4842 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x161A, quirk_iommu_igfx);
4843 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x161D, quirk_iommu_igfx);
4844 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1626, quirk_iommu_igfx);
4845 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x162B, quirk_iommu_igfx);
4846 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x162E, quirk_iommu_igfx);
4847 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1622, quirk_iommu_igfx);
4848 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x162A, quirk_iommu_igfx);
4849 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x162D, quirk_iommu_igfx);
4850 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1636, quirk_iommu_igfx);
4851 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163B, quirk_iommu_igfx);
4852 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163E, quirk_iommu_igfx);
4853 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x1632, quirk_iommu_igfx);
4854 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163A, quirk_iommu_igfx);
4855 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x163D, quirk_iommu_igfx);
4856 
4857 static void quirk_iommu_rwbf(struct pci_dev *dev)
4858 {
4859 	if (risky_device(dev))
4860 		return;
4861 
4862 	/*
4863 	 * Mobile 4 Series Chipset neglects to set RWBF capability,
4864 	 * but needs it. Same seems to hold for the desktop versions.
4865 	 */
4866 	pci_info(dev, "Forcing write-buffer flush capability\n");
4867 	rwbf_quirk = 1;
4868 }
4869 
4870 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2a40, quirk_iommu_rwbf);
4871 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e00, quirk_iommu_rwbf);
4872 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e10, quirk_iommu_rwbf);
4873 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e20, quirk_iommu_rwbf);
4874 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e30, quirk_iommu_rwbf);
4875 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e40, quirk_iommu_rwbf);
4876 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x2e90, quirk_iommu_rwbf);
4877 
4878 #define GGC 0x52
4879 #define GGC_MEMORY_SIZE_MASK	(0xf << 8)
4880 #define GGC_MEMORY_SIZE_NONE	(0x0 << 8)
4881 #define GGC_MEMORY_SIZE_1M	(0x1 << 8)
4882 #define GGC_MEMORY_SIZE_2M	(0x3 << 8)
4883 #define GGC_MEMORY_VT_ENABLED	(0x8 << 8)
4884 #define GGC_MEMORY_SIZE_2M_VT	(0x9 << 8)
4885 #define GGC_MEMORY_SIZE_3M_VT	(0xa << 8)
4886 #define GGC_MEMORY_SIZE_4M_VT	(0xb << 8)
4887 
4888 static void quirk_calpella_no_shadow_gtt(struct pci_dev *dev)
4889 {
4890 	unsigned short ggc;
4891 
4892 	if (risky_device(dev))
4893 		return;
4894 
4895 	if (pci_read_config_word(dev, GGC, &ggc))
4896 		return;
4897 
4898 	if (!(ggc & GGC_MEMORY_VT_ENABLED)) {
4899 		pci_info(dev, "BIOS has allocated no shadow GTT; disabling IOMMU for graphics\n");
4900 		dmar_map_gfx = 0;
4901 	} else if (dmar_map_gfx) {
4902 		/* we have to ensure the gfx device is idle before we flush */
4903 		pci_info(dev, "Disabling batched IOTLB flush on Ironlake\n");
4904 		iommu_set_dma_strict();
4905 	}
4906 }
4907 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0040, quirk_calpella_no_shadow_gtt);
4908 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0044, quirk_calpella_no_shadow_gtt);
4909 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x0062, quirk_calpella_no_shadow_gtt);
4910 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, 0x006a, quirk_calpella_no_shadow_gtt);
4911 
4912 static void quirk_igfx_skip_te_disable(struct pci_dev *dev)
4913 {
4914 	unsigned short ver;
4915 
4916 	if (!IS_GFX_DEVICE(dev))
4917 		return;
4918 
4919 	ver = (dev->device >> 8) & 0xff;
4920 	if (ver != 0x45 && ver != 0x46 && ver != 0x4c &&
4921 	    ver != 0x4e && ver != 0x8a && ver != 0x98 &&
4922 	    ver != 0x9a && ver != 0xa7)
4923 		return;
4924 
4925 	if (risky_device(dev))
4926 		return;
4927 
4928 	pci_info(dev, "Skip IOMMU disabling for graphics\n");
4929 	iommu_skip_te_disable = 1;
4930 }
4931 DECLARE_PCI_FIXUP_HEADER(PCI_VENDOR_ID_INTEL, PCI_ANY_ID, quirk_igfx_skip_te_disable);
4932 
4933 /* On Tylersburg chipsets, some BIOSes have been known to enable the
4934    ISOCH DMAR unit for the Azalia sound device, but not give it any
4935    TLB entries, which causes it to deadlock. Check for that.  We do
4936    this in a function called from init_dmars(), instead of in a PCI
4937    quirk, because we don't want to print the obnoxious "BIOS broken"
4938    message if VT-d is actually disabled.
4939 */
4940 static void __init check_tylersburg_isoch(void)
4941 {
4942 	struct pci_dev *pdev;
4943 	uint32_t vtisochctrl;
4944 
4945 	/* If there's no Azalia in the system anyway, forget it. */
4946 	pdev = pci_get_device(PCI_VENDOR_ID_INTEL, 0x3a3e, NULL);
4947 	if (!pdev)
4948 		return;
4949 
4950 	if (risky_device(pdev)) {
4951 		pci_dev_put(pdev);
4952 		return;
4953 	}
4954 
4955 	pci_dev_put(pdev);
4956 
4957 	/* System Management Registers. Might be hidden, in which case
4958 	   we can't do the sanity check. But that's OK, because the
4959 	   known-broken BIOSes _don't_ actually hide it, so far. */
4960 	pdev = pci_get_device(PCI_VENDOR_ID_INTEL, 0x342e, NULL);
4961 	if (!pdev)
4962 		return;
4963 
4964 	if (risky_device(pdev)) {
4965 		pci_dev_put(pdev);
4966 		return;
4967 	}
4968 
4969 	if (pci_read_config_dword(pdev, 0x188, &vtisochctrl)) {
4970 		pci_dev_put(pdev);
4971 		return;
4972 	}
4973 
4974 	pci_dev_put(pdev);
4975 
4976 	/* If Azalia DMA is routed to the non-isoch DMAR unit, fine. */
4977 	if (vtisochctrl & 1)
4978 		return;
4979 
4980 	/* Drop all bits other than the number of TLB entries */
4981 	vtisochctrl &= 0x1c;
4982 
4983 	/* If we have the recommended number of TLB entries (16), fine. */
4984 	if (vtisochctrl == 0x10)
4985 		return;
4986 
4987 	/* Zero TLB entries? You get to ride the short bus to school. */
4988 	if (!vtisochctrl) {
4989 		WARN(1, "Your BIOS is broken; DMA routed to ISOCH DMAR unit but no TLB space.\n"
4990 		     "BIOS vendor: %s; Ver: %s; Product Version: %s\n",
4991 		     dmi_get_system_info(DMI_BIOS_VENDOR),
4992 		     dmi_get_system_info(DMI_BIOS_VERSION),
4993 		     dmi_get_system_info(DMI_PRODUCT_VERSION));
4994 		iommu_identity_mapping |= IDENTMAP_AZALIA;
4995 		return;
4996 	}
4997 
4998 	pr_warn("Recommended TLB entries for ISOCH unit is 16; your BIOS set %d\n",
4999 	       vtisochctrl);
5000 }
5001 
5002 /*
5003  * Here we deal with a device TLB defect where device may inadvertently issue ATS
5004  * invalidation completion before posted writes initiated with translated address
5005  * that utilized translations matching the invalidation address range, violating
5006  * the invalidation completion ordering.
5007  * Therefore, any use cases that cannot guarantee DMA is stopped before unmap is
5008  * vulnerable to this defect. In other words, any dTLB invalidation initiated not
5009  * under the control of the trusted/privileged host device driver must use this
5010  * quirk.
5011  * Device TLBs are invalidated under the following six conditions:
5012  * 1. Device driver does DMA API unmap IOVA
5013  * 2. Device driver unbind a PASID from a process, sva_unbind_device()
5014  * 3. PASID is torn down, after PASID cache is flushed. e.g. process
5015  *    exit_mmap() due to crash
5016  * 4. Under SVA usage, called by mmu_notifier.invalidate_range() where
5017  *    VM has to free pages that were unmapped
5018  * 5. Userspace driver unmaps a DMA buffer
5019  * 6. Cache invalidation in vSVA usage (upcoming)
5020  *
5021  * For #1 and #2, device drivers are responsible for stopping DMA traffic
5022  * before unmap/unbind. For #3, iommu driver gets mmu_notifier to
5023  * invalidate TLB the same way as normal user unmap which will use this quirk.
5024  * The dTLB invalidation after PASID cache flush does not need this quirk.
5025  *
5026  * As a reminder, #6 will *NEED* this quirk as we enable nested translation.
5027  */
5028 void quirk_extra_dev_tlb_flush(struct device_domain_info *info,
5029 			       unsigned long address, unsigned long mask,
5030 			       u32 pasid, u16 qdep)
5031 {
5032 	u16 sid;
5033 
5034 	if (likely(!info->dtlb_extra_inval))
5035 		return;
5036 
5037 	sid = PCI_DEVID(info->bus, info->devfn);
5038 	if (pasid == PASID_RID2PASID) {
5039 		qi_flush_dev_iotlb(info->iommu, sid, info->pfsid,
5040 				   qdep, address, mask);
5041 	} else {
5042 		qi_flush_dev_iotlb_pasid(info->iommu, sid, info->pfsid,
5043 					 pasid, qdep, address, mask);
5044 	}
5045 }
5046 
5047 #define ecmd_get_status_code(res)	(((res) & 0xff) >> 1)
5048 
5049 /*
5050  * Function to submit a command to the enhanced command interface. The
5051  * valid enhanced command descriptions are defined in Table 47 of the
5052  * VT-d spec. The VT-d hardware implementation may support some but not
5053  * all commands, which can be determined by checking the Enhanced
5054  * Command Capability Register.
5055  *
5056  * Return values:
5057  *  - 0: Command successful without any error;
5058  *  - Negative: software error value;
5059  *  - Nonzero positive: failure status code defined in Table 48.
5060  */
5061 int ecmd_submit_sync(struct intel_iommu *iommu, u8 ecmd, u64 oa, u64 ob)
5062 {
5063 	unsigned long flags;
5064 	u64 res;
5065 	int ret;
5066 
5067 	if (!cap_ecmds(iommu->cap))
5068 		return -ENODEV;
5069 
5070 	raw_spin_lock_irqsave(&iommu->register_lock, flags);
5071 
5072 	res = dmar_readq(iommu->reg + DMAR_ECRSP_REG);
5073 	if (res & DMA_ECMD_ECRSP_IP) {
5074 		ret = -EBUSY;
5075 		goto err;
5076 	}
5077 
5078 	/*
5079 	 * Unconditionally write the operand B, because
5080 	 * - There is no side effect if an ecmd doesn't require an
5081 	 *   operand B, but we set the register to some value.
5082 	 * - It's not invoked in any critical path. The extra MMIO
5083 	 *   write doesn't bring any performance concerns.
5084 	 */
5085 	dmar_writeq(iommu->reg + DMAR_ECEO_REG, ob);
5086 	dmar_writeq(iommu->reg + DMAR_ECMD_REG, ecmd | (oa << DMA_ECMD_OA_SHIFT));
5087 
5088 	IOMMU_WAIT_OP(iommu, DMAR_ECRSP_REG, dmar_readq,
5089 		      !(res & DMA_ECMD_ECRSP_IP), res);
5090 
5091 	if (res & DMA_ECMD_ECRSP_IP) {
5092 		ret = -ETIMEDOUT;
5093 		goto err;
5094 	}
5095 
5096 	ret = ecmd_get_status_code(res);
5097 err:
5098 	raw_spin_unlock_irqrestore(&iommu->register_lock, flags);
5099 
5100 	return ret;
5101 }
5102