1 /*
2  * CPU-agnostic ARM page table allocator.
3  *
4  * ARMv7 Short-descriptor format, supporting
5  * - Basic memory attributes
6  * - Simplified access permissions (AP[2:1] model)
7  * - Backwards-compatible TEX remap
8  * - Large pages/supersections (if indicated by the caller)
9  *
10  * Not supporting:
11  * - Legacy access permissions (AP[2:0] model)
12  *
13  * Almost certainly never supporting:
14  * - PXN
15  * - Domains
16  *
17  * This program is free software; you can redistribute it and/or modify
18  * it under the terms of the GNU General Public License version 2 as
19  * published by the Free Software Foundation.
20  *
21  * This program is distributed in the hope that it will be useful,
22  * but WITHOUT ANY WARRANTY; without even the implied warranty of
23  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
24  * GNU General Public License for more details.
25  *
26  * You should have received a copy of the GNU General Public License
27  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
28  *
29  * Copyright (C) 2014-2015 ARM Limited
30  * Copyright (c) 2014-2015 MediaTek Inc.
31  */
32 
33 #define pr_fmt(fmt)	"arm-v7s io-pgtable: " fmt
34 
35 #include <linux/dma-mapping.h>
36 #include <linux/gfp.h>
37 #include <linux/iommu.h>
38 #include <linux/kernel.h>
39 #include <linux/kmemleak.h>
40 #include <linux/sizes.h>
41 #include <linux/slab.h>
42 #include <linux/types.h>
43 
44 #include <asm/barrier.h>
45 
46 #include "io-pgtable.h"
47 
48 /* Struct accessors */
49 #define io_pgtable_to_data(x)						\
50 	container_of((x), struct arm_v7s_io_pgtable, iop)
51 
52 #define io_pgtable_ops_to_data(x)					\
53 	io_pgtable_to_data(io_pgtable_ops_to_pgtable(x))
54 
55 /*
56  * We have 32 bits total; 12 bits resolved at level 1, 8 bits at level 2,
57  * and 12 bits in a page. With some carefully-chosen coefficients we can
58  * hide the ugly inconsistencies behind these macros and at least let the
59  * rest of the code pretend to be somewhat sane.
60  */
61 #define ARM_V7S_ADDR_BITS		32
62 #define _ARM_V7S_LVL_BITS(lvl)		(16 - (lvl) * 4)
63 #define ARM_V7S_LVL_SHIFT(lvl)		(ARM_V7S_ADDR_BITS - (4 + 8 * (lvl)))
64 #define ARM_V7S_TABLE_SHIFT		10
65 
66 #define ARM_V7S_PTES_PER_LVL(lvl)	(1 << _ARM_V7S_LVL_BITS(lvl))
67 #define ARM_V7S_TABLE_SIZE(lvl)						\
68 	(ARM_V7S_PTES_PER_LVL(lvl) * sizeof(arm_v7s_iopte))
69 
70 #define ARM_V7S_BLOCK_SIZE(lvl)		(1UL << ARM_V7S_LVL_SHIFT(lvl))
71 #define ARM_V7S_LVL_MASK(lvl)		((u32)(~0U << ARM_V7S_LVL_SHIFT(lvl)))
72 #define ARM_V7S_TABLE_MASK		((u32)(~0U << ARM_V7S_TABLE_SHIFT))
73 #define _ARM_V7S_IDX_MASK(lvl)		(ARM_V7S_PTES_PER_LVL(lvl) - 1)
74 #define ARM_V7S_LVL_IDX(addr, lvl)	({				\
75 	int _l = lvl;							\
76 	((u32)(addr) >> ARM_V7S_LVL_SHIFT(_l)) & _ARM_V7S_IDX_MASK(_l); \
77 })
78 
79 /*
80  * Large page/supersection entries are effectively a block of 16 page/section
81  * entries, along the lines of the LPAE contiguous hint, but all with the
82  * same output address. For want of a better common name we'll call them
83  * "contiguous" versions of their respective page/section entries here, but
84  * noting the distinction (WRT to TLB maintenance) that they represent *one*
85  * entry repeated 16 times, not 16 separate entries (as in the LPAE case).
86  */
87 #define ARM_V7S_CONT_PAGES		16
88 
89 /* PTE type bits: these are all mixed up with XN/PXN bits in most cases */
90 #define ARM_V7S_PTE_TYPE_TABLE		0x1
91 #define ARM_V7S_PTE_TYPE_PAGE		0x2
92 #define ARM_V7S_PTE_TYPE_CONT_PAGE	0x1
93 
94 #define ARM_V7S_PTE_IS_VALID(pte)	(((pte) & 0x3) != 0)
95 #define ARM_V7S_PTE_IS_TABLE(pte, lvl)	(lvl == 1 && ((pte) & ARM_V7S_PTE_TYPE_TABLE))
96 
97 /* Page table bits */
98 #define ARM_V7S_ATTR_XN(lvl)		BIT(4 * (2 - (lvl)))
99 #define ARM_V7S_ATTR_B			BIT(2)
100 #define ARM_V7S_ATTR_C			BIT(3)
101 #define ARM_V7S_ATTR_NS_TABLE		BIT(3)
102 #define ARM_V7S_ATTR_NS_SECTION		BIT(19)
103 
104 #define ARM_V7S_CONT_SECTION		BIT(18)
105 #define ARM_V7S_CONT_PAGE_XN_SHIFT	15
106 
107 /*
108  * The attribute bits are consistently ordered*, but occupy bits [17:10] of
109  * a level 1 PTE vs. bits [11:4] at level 2. Thus we define the individual
110  * fields relative to that 8-bit block, plus a total shift relative to the PTE.
111  */
112 #define ARM_V7S_ATTR_SHIFT(lvl)		(16 - (lvl) * 6)
113 
114 #define ARM_V7S_ATTR_MASK		0xff
115 #define ARM_V7S_ATTR_AP0		BIT(0)
116 #define ARM_V7S_ATTR_AP1		BIT(1)
117 #define ARM_V7S_ATTR_AP2		BIT(5)
118 #define ARM_V7S_ATTR_S			BIT(6)
119 #define ARM_V7S_ATTR_NG			BIT(7)
120 #define ARM_V7S_TEX_SHIFT		2
121 #define ARM_V7S_TEX_MASK		0x7
122 #define ARM_V7S_ATTR_TEX(val)		(((val) & ARM_V7S_TEX_MASK) << ARM_V7S_TEX_SHIFT)
123 
124 #define ARM_V7S_ATTR_MTK_4GB		BIT(9) /* MTK extend it for 4GB mode */
125 
126 /* *well, except for TEX on level 2 large pages, of course :( */
127 #define ARM_V7S_CONT_PAGE_TEX_SHIFT	6
128 #define ARM_V7S_CONT_PAGE_TEX_MASK	(ARM_V7S_TEX_MASK << ARM_V7S_CONT_PAGE_TEX_SHIFT)
129 
130 /* Simplified access permissions */
131 #define ARM_V7S_PTE_AF			ARM_V7S_ATTR_AP0
132 #define ARM_V7S_PTE_AP_UNPRIV		ARM_V7S_ATTR_AP1
133 #define ARM_V7S_PTE_AP_RDONLY		ARM_V7S_ATTR_AP2
134 
135 /* Register bits */
136 #define ARM_V7S_RGN_NC			0
137 #define ARM_V7S_RGN_WBWA		1
138 #define ARM_V7S_RGN_WT			2
139 #define ARM_V7S_RGN_WB			3
140 
141 #define ARM_V7S_PRRR_TYPE_DEVICE	1
142 #define ARM_V7S_PRRR_TYPE_NORMAL	2
143 #define ARM_V7S_PRRR_TR(n, type)	(((type) & 0x3) << ((n) * 2))
144 #define ARM_V7S_PRRR_DS0		BIT(16)
145 #define ARM_V7S_PRRR_DS1		BIT(17)
146 #define ARM_V7S_PRRR_NS0		BIT(18)
147 #define ARM_V7S_PRRR_NS1		BIT(19)
148 #define ARM_V7S_PRRR_NOS(n)		BIT((n) + 24)
149 
150 #define ARM_V7S_NMRR_IR(n, attr)	(((attr) & 0x3) << ((n) * 2))
151 #define ARM_V7S_NMRR_OR(n, attr)	(((attr) & 0x3) << ((n) * 2 + 16))
152 
153 #define ARM_V7S_TTBR_S			BIT(1)
154 #define ARM_V7S_TTBR_NOS		BIT(5)
155 #define ARM_V7S_TTBR_ORGN_ATTR(attr)	(((attr) & 0x3) << 3)
156 #define ARM_V7S_TTBR_IRGN_ATTR(attr)					\
157 	((((attr) & 0x1) << 6) | (((attr) & 0x2) >> 1))
158 
159 #define ARM_V7S_TCR_PD1			BIT(5)
160 
161 typedef u32 arm_v7s_iopte;
162 
163 static bool selftest_running;
164 
165 struct arm_v7s_io_pgtable {
166 	struct io_pgtable	iop;
167 
168 	arm_v7s_iopte		*pgd;
169 	struct kmem_cache	*l2_tables;
170 };
171 
172 static dma_addr_t __arm_v7s_dma_addr(void *pages)
173 {
174 	return (dma_addr_t)virt_to_phys(pages);
175 }
176 
177 static arm_v7s_iopte *iopte_deref(arm_v7s_iopte pte, int lvl)
178 {
179 	if (ARM_V7S_PTE_IS_TABLE(pte, lvl))
180 		pte &= ARM_V7S_TABLE_MASK;
181 	else
182 		pte &= ARM_V7S_LVL_MASK(lvl);
183 	return phys_to_virt(pte);
184 }
185 
186 static void *__arm_v7s_alloc_table(int lvl, gfp_t gfp,
187 				   struct arm_v7s_io_pgtable *data)
188 {
189 	struct device *dev = data->iop.cfg.iommu_dev;
190 	dma_addr_t dma;
191 	size_t size = ARM_V7S_TABLE_SIZE(lvl);
192 	void *table = NULL;
193 
194 	if (lvl == 1)
195 		table = (void *)__get_dma_pages(__GFP_ZERO, get_order(size));
196 	else if (lvl == 2)
197 		table = kmem_cache_zalloc(data->l2_tables, gfp | GFP_DMA);
198 	if (table && !selftest_running) {
199 		dma = dma_map_single(dev, table, size, DMA_TO_DEVICE);
200 		if (dma_mapping_error(dev, dma))
201 			goto out_free;
202 		/*
203 		 * We depend on the IOMMU being able to work with any physical
204 		 * address directly, so if the DMA layer suggests otherwise by
205 		 * translating or truncating them, that bodes very badly...
206 		 */
207 		if (dma != virt_to_phys(table))
208 			goto out_unmap;
209 	}
210 	kmemleak_ignore(table);
211 	return table;
212 
213 out_unmap:
214 	dev_err(dev, "Cannot accommodate DMA translation for IOMMU page tables\n");
215 	dma_unmap_single(dev, dma, size, DMA_TO_DEVICE);
216 out_free:
217 	if (lvl == 1)
218 		free_pages((unsigned long)table, get_order(size));
219 	else
220 		kmem_cache_free(data->l2_tables, table);
221 	return NULL;
222 }
223 
224 static void __arm_v7s_free_table(void *table, int lvl,
225 				 struct arm_v7s_io_pgtable *data)
226 {
227 	struct device *dev = data->iop.cfg.iommu_dev;
228 	size_t size = ARM_V7S_TABLE_SIZE(lvl);
229 
230 	if (!selftest_running)
231 		dma_unmap_single(dev, __arm_v7s_dma_addr(table), size,
232 				 DMA_TO_DEVICE);
233 	if (lvl == 1)
234 		free_pages((unsigned long)table, get_order(size));
235 	else
236 		kmem_cache_free(data->l2_tables, table);
237 }
238 
239 static void __arm_v7s_pte_sync(arm_v7s_iopte *ptep, int num_entries,
240 			       struct io_pgtable_cfg *cfg)
241 {
242 	if (selftest_running)
243 		return;
244 
245 	dma_sync_single_for_device(cfg->iommu_dev, __arm_v7s_dma_addr(ptep),
246 				   num_entries * sizeof(*ptep), DMA_TO_DEVICE);
247 }
248 static void __arm_v7s_set_pte(arm_v7s_iopte *ptep, arm_v7s_iopte pte,
249 			      int num_entries, struct io_pgtable_cfg *cfg)
250 {
251 	int i;
252 
253 	for (i = 0; i < num_entries; i++)
254 		ptep[i] = pte;
255 
256 	__arm_v7s_pte_sync(ptep, num_entries, cfg);
257 }
258 
259 static arm_v7s_iopte arm_v7s_prot_to_pte(int prot, int lvl,
260 					 struct io_pgtable_cfg *cfg)
261 {
262 	bool ap = !(cfg->quirks & IO_PGTABLE_QUIRK_NO_PERMS);
263 	arm_v7s_iopte pte = ARM_V7S_ATTR_NG | ARM_V7S_ATTR_S;
264 
265 	if (!(prot & IOMMU_MMIO))
266 		pte |= ARM_V7S_ATTR_TEX(1);
267 	if (ap) {
268 		pte |= ARM_V7S_PTE_AF;
269 		if (!(prot & IOMMU_PRIV))
270 			pte |= ARM_V7S_PTE_AP_UNPRIV;
271 		if (!(prot & IOMMU_WRITE))
272 			pte |= ARM_V7S_PTE_AP_RDONLY;
273 	}
274 	pte <<= ARM_V7S_ATTR_SHIFT(lvl);
275 
276 	if ((prot & IOMMU_NOEXEC) && ap)
277 		pte |= ARM_V7S_ATTR_XN(lvl);
278 	if (prot & IOMMU_MMIO)
279 		pte |= ARM_V7S_ATTR_B;
280 	else if (prot & IOMMU_CACHE)
281 		pte |= ARM_V7S_ATTR_B | ARM_V7S_ATTR_C;
282 
283 	return pte;
284 }
285 
286 static int arm_v7s_pte_to_prot(arm_v7s_iopte pte, int lvl)
287 {
288 	int prot = IOMMU_READ;
289 	arm_v7s_iopte attr = pte >> ARM_V7S_ATTR_SHIFT(lvl);
290 
291 	if (!(attr & ARM_V7S_PTE_AP_RDONLY))
292 		prot |= IOMMU_WRITE;
293 	if (!(attr & ARM_V7S_PTE_AP_UNPRIV))
294 		prot |= IOMMU_PRIV;
295 	if ((attr & (ARM_V7S_TEX_MASK << ARM_V7S_TEX_SHIFT)) == 0)
296 		prot |= IOMMU_MMIO;
297 	else if (pte & ARM_V7S_ATTR_C)
298 		prot |= IOMMU_CACHE;
299 	if (pte & ARM_V7S_ATTR_XN(lvl))
300 		prot |= IOMMU_NOEXEC;
301 
302 	return prot;
303 }
304 
305 static arm_v7s_iopte arm_v7s_pte_to_cont(arm_v7s_iopte pte, int lvl)
306 {
307 	if (lvl == 1) {
308 		pte |= ARM_V7S_CONT_SECTION;
309 	} else if (lvl == 2) {
310 		arm_v7s_iopte xn = pte & ARM_V7S_ATTR_XN(lvl);
311 		arm_v7s_iopte tex = pte & ARM_V7S_CONT_PAGE_TEX_MASK;
312 
313 		pte ^= xn | tex | ARM_V7S_PTE_TYPE_PAGE;
314 		pte |= (xn << ARM_V7S_CONT_PAGE_XN_SHIFT) |
315 		       (tex << ARM_V7S_CONT_PAGE_TEX_SHIFT) |
316 		       ARM_V7S_PTE_TYPE_CONT_PAGE;
317 	}
318 	return pte;
319 }
320 
321 static arm_v7s_iopte arm_v7s_cont_to_pte(arm_v7s_iopte pte, int lvl)
322 {
323 	if (lvl == 1) {
324 		pte &= ~ARM_V7S_CONT_SECTION;
325 	} else if (lvl == 2) {
326 		arm_v7s_iopte xn = pte & BIT(ARM_V7S_CONT_PAGE_XN_SHIFT);
327 		arm_v7s_iopte tex = pte & (ARM_V7S_CONT_PAGE_TEX_MASK <<
328 					   ARM_V7S_CONT_PAGE_TEX_SHIFT);
329 
330 		pte ^= xn | tex | ARM_V7S_PTE_TYPE_CONT_PAGE;
331 		pte |= (xn >> ARM_V7S_CONT_PAGE_XN_SHIFT) |
332 		       (tex >> ARM_V7S_CONT_PAGE_TEX_SHIFT) |
333 		       ARM_V7S_PTE_TYPE_PAGE;
334 	}
335 	return pte;
336 }
337 
338 static bool arm_v7s_pte_is_cont(arm_v7s_iopte pte, int lvl)
339 {
340 	if (lvl == 1 && !ARM_V7S_PTE_IS_TABLE(pte, lvl))
341 		return pte & ARM_V7S_CONT_SECTION;
342 	else if (lvl == 2)
343 		return !(pte & ARM_V7S_PTE_TYPE_PAGE);
344 	return false;
345 }
346 
347 static int __arm_v7s_unmap(struct arm_v7s_io_pgtable *, unsigned long,
348 			   size_t, int, arm_v7s_iopte *);
349 
350 static int arm_v7s_init_pte(struct arm_v7s_io_pgtable *data,
351 			    unsigned long iova, phys_addr_t paddr, int prot,
352 			    int lvl, int num_entries, arm_v7s_iopte *ptep)
353 {
354 	struct io_pgtable_cfg *cfg = &data->iop.cfg;
355 	arm_v7s_iopte pte = arm_v7s_prot_to_pte(prot, lvl, cfg);
356 	int i;
357 
358 	for (i = 0; i < num_entries; i++)
359 		if (ARM_V7S_PTE_IS_TABLE(ptep[i], lvl)) {
360 			/*
361 			 * We need to unmap and free the old table before
362 			 * overwriting it with a block entry.
363 			 */
364 			arm_v7s_iopte *tblp;
365 			size_t sz = ARM_V7S_BLOCK_SIZE(lvl);
366 
367 			tblp = ptep - ARM_V7S_LVL_IDX(iova, lvl);
368 			if (WARN_ON(__arm_v7s_unmap(data, iova + i * sz,
369 						    sz, lvl, tblp) != sz))
370 				return -EINVAL;
371 		} else if (ptep[i]) {
372 			/* We require an unmap first */
373 			WARN_ON(!selftest_running);
374 			return -EEXIST;
375 		}
376 
377 	pte |= ARM_V7S_PTE_TYPE_PAGE;
378 	if (lvl == 1 && (cfg->quirks & IO_PGTABLE_QUIRK_ARM_NS))
379 		pte |= ARM_V7S_ATTR_NS_SECTION;
380 
381 	if (cfg->quirks & IO_PGTABLE_QUIRK_ARM_MTK_4GB)
382 		pte |= ARM_V7S_ATTR_MTK_4GB;
383 
384 	if (num_entries > 1)
385 		pte = arm_v7s_pte_to_cont(pte, lvl);
386 
387 	pte |= paddr & ARM_V7S_LVL_MASK(lvl);
388 
389 	__arm_v7s_set_pte(ptep, pte, num_entries, cfg);
390 	return 0;
391 }
392 
393 static int __arm_v7s_map(struct arm_v7s_io_pgtable *data, unsigned long iova,
394 			 phys_addr_t paddr, size_t size, int prot,
395 			 int lvl, arm_v7s_iopte *ptep)
396 {
397 	struct io_pgtable_cfg *cfg = &data->iop.cfg;
398 	arm_v7s_iopte pte, *cptep;
399 	int num_entries = size >> ARM_V7S_LVL_SHIFT(lvl);
400 
401 	/* Find our entry at the current level */
402 	ptep += ARM_V7S_LVL_IDX(iova, lvl);
403 
404 	/* If we can install a leaf entry at this level, then do so */
405 	if (num_entries)
406 		return arm_v7s_init_pte(data, iova, paddr, prot,
407 					lvl, num_entries, ptep);
408 
409 	/* We can't allocate tables at the final level */
410 	if (WARN_ON(lvl == 2))
411 		return -EINVAL;
412 
413 	/* Grab a pointer to the next level */
414 	pte = *ptep;
415 	if (!pte) {
416 		cptep = __arm_v7s_alloc_table(lvl + 1, GFP_ATOMIC, data);
417 		if (!cptep)
418 			return -ENOMEM;
419 
420 		pte = virt_to_phys(cptep) | ARM_V7S_PTE_TYPE_TABLE;
421 		if (cfg->quirks & IO_PGTABLE_QUIRK_ARM_NS)
422 			pte |= ARM_V7S_ATTR_NS_TABLE;
423 
424 		__arm_v7s_set_pte(ptep, pte, 1, cfg);
425 	} else if (ARM_V7S_PTE_IS_TABLE(pte, lvl)) {
426 		cptep = iopte_deref(pte, lvl);
427 	} else {
428 		/* We require an unmap first */
429 		WARN_ON(!selftest_running);
430 		return -EEXIST;
431 	}
432 
433 	/* Rinse, repeat */
434 	return __arm_v7s_map(data, iova, paddr, size, prot, lvl + 1, cptep);
435 }
436 
437 static int arm_v7s_map(struct io_pgtable_ops *ops, unsigned long iova,
438 			phys_addr_t paddr, size_t size, int prot)
439 {
440 	struct arm_v7s_io_pgtable *data = io_pgtable_ops_to_data(ops);
441 	struct io_pgtable *iop = &data->iop;
442 	int ret;
443 
444 	/* If no access, then nothing to do */
445 	if (!(prot & (IOMMU_READ | IOMMU_WRITE)))
446 		return 0;
447 
448 	ret = __arm_v7s_map(data, iova, paddr, size, prot, 1, data->pgd);
449 	/*
450 	 * Synchronise all PTE updates for the new mapping before there's
451 	 * a chance for anything to kick off a table walk for the new iova.
452 	 */
453 	if (iop->cfg.quirks & IO_PGTABLE_QUIRK_TLBI_ON_MAP) {
454 		io_pgtable_tlb_add_flush(iop, iova, size,
455 					 ARM_V7S_BLOCK_SIZE(2), false);
456 		io_pgtable_tlb_sync(iop);
457 	} else {
458 		wmb();
459 	}
460 
461 	return ret;
462 }
463 
464 static void arm_v7s_free_pgtable(struct io_pgtable *iop)
465 {
466 	struct arm_v7s_io_pgtable *data = io_pgtable_to_data(iop);
467 	int i;
468 
469 	for (i = 0; i < ARM_V7S_PTES_PER_LVL(1); i++) {
470 		arm_v7s_iopte pte = data->pgd[i];
471 
472 		if (ARM_V7S_PTE_IS_TABLE(pte, 1))
473 			__arm_v7s_free_table(iopte_deref(pte, 1), 2, data);
474 	}
475 	__arm_v7s_free_table(data->pgd, 1, data);
476 	kmem_cache_destroy(data->l2_tables);
477 	kfree(data);
478 }
479 
480 static void arm_v7s_split_cont(struct arm_v7s_io_pgtable *data,
481 			       unsigned long iova, int idx, int lvl,
482 			       arm_v7s_iopte *ptep)
483 {
484 	struct io_pgtable *iop = &data->iop;
485 	arm_v7s_iopte pte;
486 	size_t size = ARM_V7S_BLOCK_SIZE(lvl);
487 	int i;
488 
489 	ptep -= idx & (ARM_V7S_CONT_PAGES - 1);
490 	pte = arm_v7s_cont_to_pte(*ptep, lvl);
491 	for (i = 0; i < ARM_V7S_CONT_PAGES; i++) {
492 		ptep[i] = pte;
493 		pte += size;
494 	}
495 
496 	__arm_v7s_pte_sync(ptep, ARM_V7S_CONT_PAGES, &iop->cfg);
497 
498 	size *= ARM_V7S_CONT_PAGES;
499 	io_pgtable_tlb_add_flush(iop, iova, size, size, true);
500 	io_pgtable_tlb_sync(iop);
501 }
502 
503 static int arm_v7s_split_blk_unmap(struct arm_v7s_io_pgtable *data,
504 				   unsigned long iova, size_t size,
505 				   arm_v7s_iopte *ptep)
506 {
507 	unsigned long blk_start, blk_end, blk_size;
508 	phys_addr_t blk_paddr;
509 	arm_v7s_iopte table = 0;
510 	int prot = arm_v7s_pte_to_prot(*ptep, 1);
511 
512 	blk_size = ARM_V7S_BLOCK_SIZE(1);
513 	blk_start = iova & ARM_V7S_LVL_MASK(1);
514 	blk_end = blk_start + ARM_V7S_BLOCK_SIZE(1);
515 	blk_paddr = *ptep & ARM_V7S_LVL_MASK(1);
516 
517 	for (; blk_start < blk_end; blk_start += size, blk_paddr += size) {
518 		arm_v7s_iopte *tablep;
519 
520 		/* Unmap! */
521 		if (blk_start == iova)
522 			continue;
523 
524 		/* __arm_v7s_map expects a pointer to the start of the table */
525 		tablep = &table - ARM_V7S_LVL_IDX(blk_start, 1);
526 		if (__arm_v7s_map(data, blk_start, blk_paddr, size, prot, 1,
527 				  tablep) < 0) {
528 			if (table) {
529 				/* Free the table we allocated */
530 				tablep = iopte_deref(table, 1);
531 				__arm_v7s_free_table(tablep, 2, data);
532 			}
533 			return 0; /* Bytes unmapped */
534 		}
535 	}
536 
537 	__arm_v7s_set_pte(ptep, table, 1, &data->iop.cfg);
538 	iova &= ~(blk_size - 1);
539 	io_pgtable_tlb_add_flush(&data->iop, iova, blk_size, blk_size, true);
540 	return size;
541 }
542 
543 static int __arm_v7s_unmap(struct arm_v7s_io_pgtable *data,
544 			    unsigned long iova, size_t size, int lvl,
545 			    arm_v7s_iopte *ptep)
546 {
547 	arm_v7s_iopte pte[ARM_V7S_CONT_PAGES];
548 	struct io_pgtable *iop = &data->iop;
549 	int idx, i = 0, num_entries = size >> ARM_V7S_LVL_SHIFT(lvl);
550 
551 	/* Something went horribly wrong and we ran out of page table */
552 	if (WARN_ON(lvl > 2))
553 		return 0;
554 
555 	idx = ARM_V7S_LVL_IDX(iova, lvl);
556 	ptep += idx;
557 	do {
558 		if (WARN_ON(!ARM_V7S_PTE_IS_VALID(ptep[i])))
559 			return 0;
560 		pte[i] = ptep[i];
561 	} while (++i < num_entries);
562 
563 	/*
564 	 * If we've hit a contiguous 'large page' entry at this level, it
565 	 * needs splitting first, unless we're unmapping the whole lot.
566 	 */
567 	if (num_entries <= 1 && arm_v7s_pte_is_cont(pte[0], lvl))
568 		arm_v7s_split_cont(data, iova, idx, lvl, ptep);
569 
570 	/* If the size matches this level, we're in the right place */
571 	if (num_entries) {
572 		size_t blk_size = ARM_V7S_BLOCK_SIZE(lvl);
573 
574 		__arm_v7s_set_pte(ptep, 0, num_entries, &iop->cfg);
575 
576 		for (i = 0; i < num_entries; i++) {
577 			if (ARM_V7S_PTE_IS_TABLE(pte[i], lvl)) {
578 				/* Also flush any partial walks */
579 				io_pgtable_tlb_add_flush(iop, iova, blk_size,
580 					ARM_V7S_BLOCK_SIZE(lvl + 1), false);
581 				io_pgtable_tlb_sync(iop);
582 				ptep = iopte_deref(pte[i], lvl);
583 				__arm_v7s_free_table(ptep, lvl + 1, data);
584 			} else {
585 				io_pgtable_tlb_add_flush(iop, iova, blk_size,
586 							 blk_size, true);
587 			}
588 			iova += blk_size;
589 		}
590 		return size;
591 	} else if (lvl == 1 && !ARM_V7S_PTE_IS_TABLE(pte[0], lvl)) {
592 		/*
593 		 * Insert a table at the next level to map the old region,
594 		 * minus the part we want to unmap
595 		 */
596 		return arm_v7s_split_blk_unmap(data, iova, size, ptep);
597 	}
598 
599 	/* Keep on walkin' */
600 	ptep = iopte_deref(pte[0], lvl);
601 	return __arm_v7s_unmap(data, iova, size, lvl + 1, ptep);
602 }
603 
604 static int arm_v7s_unmap(struct io_pgtable_ops *ops, unsigned long iova,
605 			 size_t size)
606 {
607 	struct arm_v7s_io_pgtable *data = io_pgtable_ops_to_data(ops);
608 	size_t unmapped;
609 
610 	unmapped = __arm_v7s_unmap(data, iova, size, 1, data->pgd);
611 	if (unmapped)
612 		io_pgtable_tlb_sync(&data->iop);
613 
614 	return unmapped;
615 }
616 
617 static phys_addr_t arm_v7s_iova_to_phys(struct io_pgtable_ops *ops,
618 					unsigned long iova)
619 {
620 	struct arm_v7s_io_pgtable *data = io_pgtable_ops_to_data(ops);
621 	arm_v7s_iopte *ptep = data->pgd, pte;
622 	int lvl = 0;
623 	u32 mask;
624 
625 	do {
626 		pte = ptep[ARM_V7S_LVL_IDX(iova, ++lvl)];
627 		ptep = iopte_deref(pte, lvl);
628 	} while (ARM_V7S_PTE_IS_TABLE(pte, lvl));
629 
630 	if (!ARM_V7S_PTE_IS_VALID(pte))
631 		return 0;
632 
633 	mask = ARM_V7S_LVL_MASK(lvl);
634 	if (arm_v7s_pte_is_cont(pte, lvl))
635 		mask *= ARM_V7S_CONT_PAGES;
636 	return (pte & mask) | (iova & ~mask);
637 }
638 
639 static struct io_pgtable *arm_v7s_alloc_pgtable(struct io_pgtable_cfg *cfg,
640 						void *cookie)
641 {
642 	struct arm_v7s_io_pgtable *data;
643 
644 #ifdef PHYS_OFFSET
645 	if (upper_32_bits(PHYS_OFFSET))
646 		return NULL;
647 #endif
648 	if (cfg->ias > ARM_V7S_ADDR_BITS || cfg->oas > ARM_V7S_ADDR_BITS)
649 		return NULL;
650 
651 	if (cfg->quirks & ~(IO_PGTABLE_QUIRK_ARM_NS |
652 			    IO_PGTABLE_QUIRK_NO_PERMS |
653 			    IO_PGTABLE_QUIRK_TLBI_ON_MAP |
654 			    IO_PGTABLE_QUIRK_ARM_MTK_4GB))
655 		return NULL;
656 
657 	/* If ARM_MTK_4GB is enabled, the NO_PERMS is also expected. */
658 	if (cfg->quirks & IO_PGTABLE_QUIRK_ARM_MTK_4GB &&
659 	    !(cfg->quirks & IO_PGTABLE_QUIRK_NO_PERMS))
660 			return NULL;
661 
662 	data = kmalloc(sizeof(*data), GFP_KERNEL);
663 	if (!data)
664 		return NULL;
665 
666 	data->l2_tables = kmem_cache_create("io-pgtable_armv7s_l2",
667 					    ARM_V7S_TABLE_SIZE(2),
668 					    ARM_V7S_TABLE_SIZE(2),
669 					    SLAB_CACHE_DMA, NULL);
670 	if (!data->l2_tables)
671 		goto out_free_data;
672 
673 	data->iop.ops = (struct io_pgtable_ops) {
674 		.map		= arm_v7s_map,
675 		.unmap		= arm_v7s_unmap,
676 		.iova_to_phys	= arm_v7s_iova_to_phys,
677 	};
678 
679 	/* We have to do this early for __arm_v7s_alloc_table to work... */
680 	data->iop.cfg = *cfg;
681 
682 	/*
683 	 * Unless the IOMMU driver indicates supersection support by
684 	 * having SZ_16M set in the initial bitmap, they won't be used.
685 	 */
686 	cfg->pgsize_bitmap &= SZ_4K | SZ_64K | SZ_1M | SZ_16M;
687 
688 	/* TCR: T0SZ=0, disable TTBR1 */
689 	cfg->arm_v7s_cfg.tcr = ARM_V7S_TCR_PD1;
690 
691 	/*
692 	 * TEX remap: the indices used map to the closest equivalent types
693 	 * under the non-TEX-remap interpretation of those attribute bits,
694 	 * excepting various implementation-defined aspects of shareability.
695 	 */
696 	cfg->arm_v7s_cfg.prrr = ARM_V7S_PRRR_TR(1, ARM_V7S_PRRR_TYPE_DEVICE) |
697 				ARM_V7S_PRRR_TR(4, ARM_V7S_PRRR_TYPE_NORMAL) |
698 				ARM_V7S_PRRR_TR(7, ARM_V7S_PRRR_TYPE_NORMAL) |
699 				ARM_V7S_PRRR_DS0 | ARM_V7S_PRRR_DS1 |
700 				ARM_V7S_PRRR_NS1 | ARM_V7S_PRRR_NOS(7);
701 	cfg->arm_v7s_cfg.nmrr = ARM_V7S_NMRR_IR(7, ARM_V7S_RGN_WBWA) |
702 				ARM_V7S_NMRR_OR(7, ARM_V7S_RGN_WBWA);
703 
704 	/* Looking good; allocate a pgd */
705 	data->pgd = __arm_v7s_alloc_table(1, GFP_KERNEL, data);
706 	if (!data->pgd)
707 		goto out_free_data;
708 
709 	/* Ensure the empty pgd is visible before any actual TTBR write */
710 	wmb();
711 
712 	/* TTBRs */
713 	cfg->arm_v7s_cfg.ttbr[0] = virt_to_phys(data->pgd) |
714 				   ARM_V7S_TTBR_S | ARM_V7S_TTBR_NOS |
715 				   ARM_V7S_TTBR_IRGN_ATTR(ARM_V7S_RGN_WBWA) |
716 				   ARM_V7S_TTBR_ORGN_ATTR(ARM_V7S_RGN_WBWA);
717 	cfg->arm_v7s_cfg.ttbr[1] = 0;
718 	return &data->iop;
719 
720 out_free_data:
721 	kmem_cache_destroy(data->l2_tables);
722 	kfree(data);
723 	return NULL;
724 }
725 
726 struct io_pgtable_init_fns io_pgtable_arm_v7s_init_fns = {
727 	.alloc	= arm_v7s_alloc_pgtable,
728 	.free	= arm_v7s_free_pgtable,
729 };
730 
731 #ifdef CONFIG_IOMMU_IO_PGTABLE_ARMV7S_SELFTEST
732 
733 static struct io_pgtable_cfg *cfg_cookie;
734 
735 static void dummy_tlb_flush_all(void *cookie)
736 {
737 	WARN_ON(cookie != cfg_cookie);
738 }
739 
740 static void dummy_tlb_add_flush(unsigned long iova, size_t size,
741 				size_t granule, bool leaf, void *cookie)
742 {
743 	WARN_ON(cookie != cfg_cookie);
744 	WARN_ON(!(size & cfg_cookie->pgsize_bitmap));
745 }
746 
747 static void dummy_tlb_sync(void *cookie)
748 {
749 	WARN_ON(cookie != cfg_cookie);
750 }
751 
752 static struct iommu_gather_ops dummy_tlb_ops = {
753 	.tlb_flush_all	= dummy_tlb_flush_all,
754 	.tlb_add_flush	= dummy_tlb_add_flush,
755 	.tlb_sync	= dummy_tlb_sync,
756 };
757 
758 #define __FAIL(ops)	({				\
759 		WARN(1, "selftest: test failed\n");	\
760 		selftest_running = false;		\
761 		-EFAULT;				\
762 })
763 
764 static int __init arm_v7s_do_selftests(void)
765 {
766 	struct io_pgtable_ops *ops;
767 	struct io_pgtable_cfg cfg = {
768 		.tlb = &dummy_tlb_ops,
769 		.oas = 32,
770 		.ias = 32,
771 		.quirks = IO_PGTABLE_QUIRK_ARM_NS,
772 		.pgsize_bitmap = SZ_4K | SZ_64K | SZ_1M | SZ_16M,
773 	};
774 	unsigned int iova, size, iova_start;
775 	unsigned int i, loopnr = 0;
776 
777 	selftest_running = true;
778 
779 	cfg_cookie = &cfg;
780 
781 	ops = alloc_io_pgtable_ops(ARM_V7S, &cfg, &cfg);
782 	if (!ops) {
783 		pr_err("selftest: failed to allocate io pgtable ops\n");
784 		return -EINVAL;
785 	}
786 
787 	/*
788 	 * Initial sanity checks.
789 	 * Empty page tables shouldn't provide any translations.
790 	 */
791 	if (ops->iova_to_phys(ops, 42))
792 		return __FAIL(ops);
793 
794 	if (ops->iova_to_phys(ops, SZ_1G + 42))
795 		return __FAIL(ops);
796 
797 	if (ops->iova_to_phys(ops, SZ_2G + 42))
798 		return __FAIL(ops);
799 
800 	/*
801 	 * Distinct mappings of different granule sizes.
802 	 */
803 	iova = 0;
804 	for_each_set_bit(i, &cfg.pgsize_bitmap, BITS_PER_LONG) {
805 		size = 1UL << i;
806 		if (ops->map(ops, iova, iova, size, IOMMU_READ |
807 						    IOMMU_WRITE |
808 						    IOMMU_NOEXEC |
809 						    IOMMU_CACHE))
810 			return __FAIL(ops);
811 
812 		/* Overlapping mappings */
813 		if (!ops->map(ops, iova, iova + size, size,
814 			      IOMMU_READ | IOMMU_NOEXEC))
815 			return __FAIL(ops);
816 
817 		if (ops->iova_to_phys(ops, iova + 42) != (iova + 42))
818 			return __FAIL(ops);
819 
820 		iova += SZ_16M;
821 		loopnr++;
822 	}
823 
824 	/* Partial unmap */
825 	i = 1;
826 	size = 1UL << __ffs(cfg.pgsize_bitmap);
827 	while (i < loopnr) {
828 		iova_start = i * SZ_16M;
829 		if (ops->unmap(ops, iova_start + size, size) != size)
830 			return __FAIL(ops);
831 
832 		/* Remap of partial unmap */
833 		if (ops->map(ops, iova_start + size, size, size, IOMMU_READ))
834 			return __FAIL(ops);
835 
836 		if (ops->iova_to_phys(ops, iova_start + size + 42)
837 		    != (size + 42))
838 			return __FAIL(ops);
839 		i++;
840 	}
841 
842 	/* Full unmap */
843 	iova = 0;
844 	i = find_first_bit(&cfg.pgsize_bitmap, BITS_PER_LONG);
845 	while (i != BITS_PER_LONG) {
846 		size = 1UL << i;
847 
848 		if (ops->unmap(ops, iova, size) != size)
849 			return __FAIL(ops);
850 
851 		if (ops->iova_to_phys(ops, iova + 42))
852 			return __FAIL(ops);
853 
854 		/* Remap full block */
855 		if (ops->map(ops, iova, iova, size, IOMMU_WRITE))
856 			return __FAIL(ops);
857 
858 		if (ops->iova_to_phys(ops, iova + 42) != (iova + 42))
859 			return __FAIL(ops);
860 
861 		iova += SZ_16M;
862 		i++;
863 		i = find_next_bit(&cfg.pgsize_bitmap, BITS_PER_LONG, i);
864 	}
865 
866 	free_io_pgtable_ops(ops);
867 
868 	selftest_running = false;
869 
870 	pr_info("self test ok\n");
871 	return 0;
872 }
873 subsys_initcall(arm_v7s_do_selftests);
874 #endif
875