xref: /openbmc/linux/drivers/iommu/iommu.c (revision dd2934a95701576203b2f61e8ded4e4a2f9183ea)
1 /*
2  * Copyright (C) 2007-2008 Advanced Micro Devices, Inc.
3  * Author: Joerg Roedel <jroedel@suse.de>
4  *
5  * This program is free software; you can redistribute it and/or modify it
6  * under the terms of the GNU General Public License version 2 as published
7  * by the Free Software Foundation.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12  * GNU General Public License for more details.
13  *
14  * You should have received a copy of the GNU General Public License
15  * along with this program; if not, write to the Free Software
16  * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA
17  */
18 
19 #define pr_fmt(fmt)    "iommu: " fmt
20 
21 #include <linux/device.h>
22 #include <linux/kernel.h>
23 #include <linux/bug.h>
24 #include <linux/types.h>
25 #include <linux/module.h>
26 #include <linux/slab.h>
27 #include <linux/errno.h>
28 #include <linux/iommu.h>
29 #include <linux/idr.h>
30 #include <linux/notifier.h>
31 #include <linux/err.h>
32 #include <linux/pci.h>
33 #include <linux/bitops.h>
34 #include <linux/property.h>
35 #include <trace/events/iommu.h>
36 
37 static struct kset *iommu_group_kset;
38 static DEFINE_IDA(iommu_group_ida);
39 #ifdef CONFIG_IOMMU_DEFAULT_PASSTHROUGH
40 static unsigned int iommu_def_domain_type = IOMMU_DOMAIN_IDENTITY;
41 #else
42 static unsigned int iommu_def_domain_type = IOMMU_DOMAIN_DMA;
43 #endif
44 
45 struct iommu_callback_data {
46 	const struct iommu_ops *ops;
47 };
48 
49 struct iommu_group {
50 	struct kobject kobj;
51 	struct kobject *devices_kobj;
52 	struct list_head devices;
53 	struct mutex mutex;
54 	struct blocking_notifier_head notifier;
55 	void *iommu_data;
56 	void (*iommu_data_release)(void *iommu_data);
57 	char *name;
58 	int id;
59 	struct iommu_domain *default_domain;
60 	struct iommu_domain *domain;
61 };
62 
63 struct group_device {
64 	struct list_head list;
65 	struct device *dev;
66 	char *name;
67 };
68 
69 struct iommu_group_attribute {
70 	struct attribute attr;
71 	ssize_t (*show)(struct iommu_group *group, char *buf);
72 	ssize_t (*store)(struct iommu_group *group,
73 			 const char *buf, size_t count);
74 };
75 
76 static const char * const iommu_group_resv_type_string[] = {
77 	[IOMMU_RESV_DIRECT]	= "direct",
78 	[IOMMU_RESV_RESERVED]	= "reserved",
79 	[IOMMU_RESV_MSI]	= "msi",
80 	[IOMMU_RESV_SW_MSI]	= "msi",
81 };
82 
83 #define IOMMU_GROUP_ATTR(_name, _mode, _show, _store)		\
84 struct iommu_group_attribute iommu_group_attr_##_name =		\
85 	__ATTR(_name, _mode, _show, _store)
86 
87 #define to_iommu_group_attr(_attr)	\
88 	container_of(_attr, struct iommu_group_attribute, attr)
89 #define to_iommu_group(_kobj)		\
90 	container_of(_kobj, struct iommu_group, kobj)
91 
92 static LIST_HEAD(iommu_device_list);
93 static DEFINE_SPINLOCK(iommu_device_lock);
94 
95 int iommu_device_register(struct iommu_device *iommu)
96 {
97 	spin_lock(&iommu_device_lock);
98 	list_add_tail(&iommu->list, &iommu_device_list);
99 	spin_unlock(&iommu_device_lock);
100 
101 	return 0;
102 }
103 
104 void iommu_device_unregister(struct iommu_device *iommu)
105 {
106 	spin_lock(&iommu_device_lock);
107 	list_del(&iommu->list);
108 	spin_unlock(&iommu_device_lock);
109 }
110 
111 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
112 						 unsigned type);
113 static int __iommu_attach_device(struct iommu_domain *domain,
114 				 struct device *dev);
115 static int __iommu_attach_group(struct iommu_domain *domain,
116 				struct iommu_group *group);
117 static void __iommu_detach_group(struct iommu_domain *domain,
118 				 struct iommu_group *group);
119 
120 static int __init iommu_set_def_domain_type(char *str)
121 {
122 	bool pt;
123 	int ret;
124 
125 	ret = kstrtobool(str, &pt);
126 	if (ret)
127 		return ret;
128 
129 	iommu_def_domain_type = pt ? IOMMU_DOMAIN_IDENTITY : IOMMU_DOMAIN_DMA;
130 	return 0;
131 }
132 early_param("iommu.passthrough", iommu_set_def_domain_type);
133 
134 static ssize_t iommu_group_attr_show(struct kobject *kobj,
135 				     struct attribute *__attr, char *buf)
136 {
137 	struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
138 	struct iommu_group *group = to_iommu_group(kobj);
139 	ssize_t ret = -EIO;
140 
141 	if (attr->show)
142 		ret = attr->show(group, buf);
143 	return ret;
144 }
145 
146 static ssize_t iommu_group_attr_store(struct kobject *kobj,
147 				      struct attribute *__attr,
148 				      const char *buf, size_t count)
149 {
150 	struct iommu_group_attribute *attr = to_iommu_group_attr(__attr);
151 	struct iommu_group *group = to_iommu_group(kobj);
152 	ssize_t ret = -EIO;
153 
154 	if (attr->store)
155 		ret = attr->store(group, buf, count);
156 	return ret;
157 }
158 
159 static const struct sysfs_ops iommu_group_sysfs_ops = {
160 	.show = iommu_group_attr_show,
161 	.store = iommu_group_attr_store,
162 };
163 
164 static int iommu_group_create_file(struct iommu_group *group,
165 				   struct iommu_group_attribute *attr)
166 {
167 	return sysfs_create_file(&group->kobj, &attr->attr);
168 }
169 
170 static void iommu_group_remove_file(struct iommu_group *group,
171 				    struct iommu_group_attribute *attr)
172 {
173 	sysfs_remove_file(&group->kobj, &attr->attr);
174 }
175 
176 static ssize_t iommu_group_show_name(struct iommu_group *group, char *buf)
177 {
178 	return sprintf(buf, "%s\n", group->name);
179 }
180 
181 /**
182  * iommu_insert_resv_region - Insert a new region in the
183  * list of reserved regions.
184  * @new: new region to insert
185  * @regions: list of regions
186  *
187  * The new element is sorted by address with respect to the other
188  * regions of the same type. In case it overlaps with another
189  * region of the same type, regions are merged. In case it
190  * overlaps with another region of different type, regions are
191  * not merged.
192  */
193 static int iommu_insert_resv_region(struct iommu_resv_region *new,
194 				    struct list_head *regions)
195 {
196 	struct iommu_resv_region *region;
197 	phys_addr_t start = new->start;
198 	phys_addr_t end = new->start + new->length - 1;
199 	struct list_head *pos = regions->next;
200 
201 	while (pos != regions) {
202 		struct iommu_resv_region *entry =
203 			list_entry(pos, struct iommu_resv_region, list);
204 		phys_addr_t a = entry->start;
205 		phys_addr_t b = entry->start + entry->length - 1;
206 		int type = entry->type;
207 
208 		if (end < a) {
209 			goto insert;
210 		} else if (start > b) {
211 			pos = pos->next;
212 		} else if ((start >= a) && (end <= b)) {
213 			if (new->type == type)
214 				goto done;
215 			else
216 				pos = pos->next;
217 		} else {
218 			if (new->type == type) {
219 				phys_addr_t new_start = min(a, start);
220 				phys_addr_t new_end = max(b, end);
221 
222 				list_del(&entry->list);
223 				entry->start = new_start;
224 				entry->length = new_end - new_start + 1;
225 				iommu_insert_resv_region(entry, regions);
226 			} else {
227 				pos = pos->next;
228 			}
229 		}
230 	}
231 insert:
232 	region = iommu_alloc_resv_region(new->start, new->length,
233 					 new->prot, new->type);
234 	if (!region)
235 		return -ENOMEM;
236 
237 	list_add_tail(&region->list, pos);
238 done:
239 	return 0;
240 }
241 
242 static int
243 iommu_insert_device_resv_regions(struct list_head *dev_resv_regions,
244 				 struct list_head *group_resv_regions)
245 {
246 	struct iommu_resv_region *entry;
247 	int ret = 0;
248 
249 	list_for_each_entry(entry, dev_resv_regions, list) {
250 		ret = iommu_insert_resv_region(entry, group_resv_regions);
251 		if (ret)
252 			break;
253 	}
254 	return ret;
255 }
256 
257 int iommu_get_group_resv_regions(struct iommu_group *group,
258 				 struct list_head *head)
259 {
260 	struct group_device *device;
261 	int ret = 0;
262 
263 	mutex_lock(&group->mutex);
264 	list_for_each_entry(device, &group->devices, list) {
265 		struct list_head dev_resv_regions;
266 
267 		INIT_LIST_HEAD(&dev_resv_regions);
268 		iommu_get_resv_regions(device->dev, &dev_resv_regions);
269 		ret = iommu_insert_device_resv_regions(&dev_resv_regions, head);
270 		iommu_put_resv_regions(device->dev, &dev_resv_regions);
271 		if (ret)
272 			break;
273 	}
274 	mutex_unlock(&group->mutex);
275 	return ret;
276 }
277 EXPORT_SYMBOL_GPL(iommu_get_group_resv_regions);
278 
279 static ssize_t iommu_group_show_resv_regions(struct iommu_group *group,
280 					     char *buf)
281 {
282 	struct iommu_resv_region *region, *next;
283 	struct list_head group_resv_regions;
284 	char *str = buf;
285 
286 	INIT_LIST_HEAD(&group_resv_regions);
287 	iommu_get_group_resv_regions(group, &group_resv_regions);
288 
289 	list_for_each_entry_safe(region, next, &group_resv_regions, list) {
290 		str += sprintf(str, "0x%016llx 0x%016llx %s\n",
291 			       (long long int)region->start,
292 			       (long long int)(region->start +
293 						region->length - 1),
294 			       iommu_group_resv_type_string[region->type]);
295 		kfree(region);
296 	}
297 
298 	return (str - buf);
299 }
300 
301 static ssize_t iommu_group_show_type(struct iommu_group *group,
302 				     char *buf)
303 {
304 	char *type = "unknown\n";
305 
306 	if (group->default_domain) {
307 		switch (group->default_domain->type) {
308 		case IOMMU_DOMAIN_BLOCKED:
309 			type = "blocked\n";
310 			break;
311 		case IOMMU_DOMAIN_IDENTITY:
312 			type = "identity\n";
313 			break;
314 		case IOMMU_DOMAIN_UNMANAGED:
315 			type = "unmanaged\n";
316 			break;
317 		case IOMMU_DOMAIN_DMA:
318 			type = "DMA";
319 			break;
320 		}
321 	}
322 	strcpy(buf, type);
323 
324 	return strlen(type);
325 }
326 
327 static IOMMU_GROUP_ATTR(name, S_IRUGO, iommu_group_show_name, NULL);
328 
329 static IOMMU_GROUP_ATTR(reserved_regions, 0444,
330 			iommu_group_show_resv_regions, NULL);
331 
332 static IOMMU_GROUP_ATTR(type, 0444, iommu_group_show_type, NULL);
333 
334 static void iommu_group_release(struct kobject *kobj)
335 {
336 	struct iommu_group *group = to_iommu_group(kobj);
337 
338 	pr_debug("Releasing group %d\n", group->id);
339 
340 	if (group->iommu_data_release)
341 		group->iommu_data_release(group->iommu_data);
342 
343 	ida_simple_remove(&iommu_group_ida, group->id);
344 
345 	if (group->default_domain)
346 		iommu_domain_free(group->default_domain);
347 
348 	kfree(group->name);
349 	kfree(group);
350 }
351 
352 static struct kobj_type iommu_group_ktype = {
353 	.sysfs_ops = &iommu_group_sysfs_ops,
354 	.release = iommu_group_release,
355 };
356 
357 /**
358  * iommu_group_alloc - Allocate a new group
359  *
360  * This function is called by an iommu driver to allocate a new iommu
361  * group.  The iommu group represents the minimum granularity of the iommu.
362  * Upon successful return, the caller holds a reference to the supplied
363  * group in order to hold the group until devices are added.  Use
364  * iommu_group_put() to release this extra reference count, allowing the
365  * group to be automatically reclaimed once it has no devices or external
366  * references.
367  */
368 struct iommu_group *iommu_group_alloc(void)
369 {
370 	struct iommu_group *group;
371 	int ret;
372 
373 	group = kzalloc(sizeof(*group), GFP_KERNEL);
374 	if (!group)
375 		return ERR_PTR(-ENOMEM);
376 
377 	group->kobj.kset = iommu_group_kset;
378 	mutex_init(&group->mutex);
379 	INIT_LIST_HEAD(&group->devices);
380 	BLOCKING_INIT_NOTIFIER_HEAD(&group->notifier);
381 
382 	ret = ida_simple_get(&iommu_group_ida, 0, 0, GFP_KERNEL);
383 	if (ret < 0) {
384 		kfree(group);
385 		return ERR_PTR(ret);
386 	}
387 	group->id = ret;
388 
389 	ret = kobject_init_and_add(&group->kobj, &iommu_group_ktype,
390 				   NULL, "%d", group->id);
391 	if (ret) {
392 		ida_simple_remove(&iommu_group_ida, group->id);
393 		kfree(group);
394 		return ERR_PTR(ret);
395 	}
396 
397 	group->devices_kobj = kobject_create_and_add("devices", &group->kobj);
398 	if (!group->devices_kobj) {
399 		kobject_put(&group->kobj); /* triggers .release & free */
400 		return ERR_PTR(-ENOMEM);
401 	}
402 
403 	/*
404 	 * The devices_kobj holds a reference on the group kobject, so
405 	 * as long as that exists so will the group.  We can therefore
406 	 * use the devices_kobj for reference counting.
407 	 */
408 	kobject_put(&group->kobj);
409 
410 	ret = iommu_group_create_file(group,
411 				      &iommu_group_attr_reserved_regions);
412 	if (ret)
413 		return ERR_PTR(ret);
414 
415 	ret = iommu_group_create_file(group, &iommu_group_attr_type);
416 	if (ret)
417 		return ERR_PTR(ret);
418 
419 	pr_debug("Allocated group %d\n", group->id);
420 
421 	return group;
422 }
423 EXPORT_SYMBOL_GPL(iommu_group_alloc);
424 
425 struct iommu_group *iommu_group_get_by_id(int id)
426 {
427 	struct kobject *group_kobj;
428 	struct iommu_group *group;
429 	const char *name;
430 
431 	if (!iommu_group_kset)
432 		return NULL;
433 
434 	name = kasprintf(GFP_KERNEL, "%d", id);
435 	if (!name)
436 		return NULL;
437 
438 	group_kobj = kset_find_obj(iommu_group_kset, name);
439 	kfree(name);
440 
441 	if (!group_kobj)
442 		return NULL;
443 
444 	group = container_of(group_kobj, struct iommu_group, kobj);
445 	BUG_ON(group->id != id);
446 
447 	kobject_get(group->devices_kobj);
448 	kobject_put(&group->kobj);
449 
450 	return group;
451 }
452 EXPORT_SYMBOL_GPL(iommu_group_get_by_id);
453 
454 /**
455  * iommu_group_get_iommudata - retrieve iommu_data registered for a group
456  * @group: the group
457  *
458  * iommu drivers can store data in the group for use when doing iommu
459  * operations.  This function provides a way to retrieve it.  Caller
460  * should hold a group reference.
461  */
462 void *iommu_group_get_iommudata(struct iommu_group *group)
463 {
464 	return group->iommu_data;
465 }
466 EXPORT_SYMBOL_GPL(iommu_group_get_iommudata);
467 
468 /**
469  * iommu_group_set_iommudata - set iommu_data for a group
470  * @group: the group
471  * @iommu_data: new data
472  * @release: release function for iommu_data
473  *
474  * iommu drivers can store data in the group for use when doing iommu
475  * operations.  This function provides a way to set the data after
476  * the group has been allocated.  Caller should hold a group reference.
477  */
478 void iommu_group_set_iommudata(struct iommu_group *group, void *iommu_data,
479 			       void (*release)(void *iommu_data))
480 {
481 	group->iommu_data = iommu_data;
482 	group->iommu_data_release = release;
483 }
484 EXPORT_SYMBOL_GPL(iommu_group_set_iommudata);
485 
486 /**
487  * iommu_group_set_name - set name for a group
488  * @group: the group
489  * @name: name
490  *
491  * Allow iommu driver to set a name for a group.  When set it will
492  * appear in a name attribute file under the group in sysfs.
493  */
494 int iommu_group_set_name(struct iommu_group *group, const char *name)
495 {
496 	int ret;
497 
498 	if (group->name) {
499 		iommu_group_remove_file(group, &iommu_group_attr_name);
500 		kfree(group->name);
501 		group->name = NULL;
502 		if (!name)
503 			return 0;
504 	}
505 
506 	group->name = kstrdup(name, GFP_KERNEL);
507 	if (!group->name)
508 		return -ENOMEM;
509 
510 	ret = iommu_group_create_file(group, &iommu_group_attr_name);
511 	if (ret) {
512 		kfree(group->name);
513 		group->name = NULL;
514 		return ret;
515 	}
516 
517 	return 0;
518 }
519 EXPORT_SYMBOL_GPL(iommu_group_set_name);
520 
521 static int iommu_group_create_direct_mappings(struct iommu_group *group,
522 					      struct device *dev)
523 {
524 	struct iommu_domain *domain = group->default_domain;
525 	struct iommu_resv_region *entry;
526 	struct list_head mappings;
527 	unsigned long pg_size;
528 	int ret = 0;
529 
530 	if (!domain || domain->type != IOMMU_DOMAIN_DMA)
531 		return 0;
532 
533 	BUG_ON(!domain->pgsize_bitmap);
534 
535 	pg_size = 1UL << __ffs(domain->pgsize_bitmap);
536 	INIT_LIST_HEAD(&mappings);
537 
538 	iommu_get_resv_regions(dev, &mappings);
539 
540 	/* We need to consider overlapping regions for different devices */
541 	list_for_each_entry(entry, &mappings, list) {
542 		dma_addr_t start, end, addr;
543 
544 		if (domain->ops->apply_resv_region)
545 			domain->ops->apply_resv_region(dev, domain, entry);
546 
547 		start = ALIGN(entry->start, pg_size);
548 		end   = ALIGN(entry->start + entry->length, pg_size);
549 
550 		if (entry->type != IOMMU_RESV_DIRECT)
551 			continue;
552 
553 		for (addr = start; addr < end; addr += pg_size) {
554 			phys_addr_t phys_addr;
555 
556 			phys_addr = iommu_iova_to_phys(domain, addr);
557 			if (phys_addr)
558 				continue;
559 
560 			ret = iommu_map(domain, addr, addr, pg_size, entry->prot);
561 			if (ret)
562 				goto out;
563 		}
564 
565 	}
566 
567 	iommu_flush_tlb_all(domain);
568 
569 out:
570 	iommu_put_resv_regions(dev, &mappings);
571 
572 	return ret;
573 }
574 
575 /**
576  * iommu_group_add_device - add a device to an iommu group
577  * @group: the group into which to add the device (reference should be held)
578  * @dev: the device
579  *
580  * This function is called by an iommu driver to add a device into a
581  * group.  Adding a device increments the group reference count.
582  */
583 int iommu_group_add_device(struct iommu_group *group, struct device *dev)
584 {
585 	int ret, i = 0;
586 	struct group_device *device;
587 
588 	device = kzalloc(sizeof(*device), GFP_KERNEL);
589 	if (!device)
590 		return -ENOMEM;
591 
592 	device->dev = dev;
593 
594 	ret = sysfs_create_link(&dev->kobj, &group->kobj, "iommu_group");
595 	if (ret)
596 		goto err_free_device;
597 
598 	device->name = kasprintf(GFP_KERNEL, "%s", kobject_name(&dev->kobj));
599 rename:
600 	if (!device->name) {
601 		ret = -ENOMEM;
602 		goto err_remove_link;
603 	}
604 
605 	ret = sysfs_create_link_nowarn(group->devices_kobj,
606 				       &dev->kobj, device->name);
607 	if (ret) {
608 		if (ret == -EEXIST && i >= 0) {
609 			/*
610 			 * Account for the slim chance of collision
611 			 * and append an instance to the name.
612 			 */
613 			kfree(device->name);
614 			device->name = kasprintf(GFP_KERNEL, "%s.%d",
615 						 kobject_name(&dev->kobj), i++);
616 			goto rename;
617 		}
618 		goto err_free_name;
619 	}
620 
621 	kobject_get(group->devices_kobj);
622 
623 	dev->iommu_group = group;
624 
625 	iommu_group_create_direct_mappings(group, dev);
626 
627 	mutex_lock(&group->mutex);
628 	list_add_tail(&device->list, &group->devices);
629 	if (group->domain)
630 		ret = __iommu_attach_device(group->domain, dev);
631 	mutex_unlock(&group->mutex);
632 	if (ret)
633 		goto err_put_group;
634 
635 	/* Notify any listeners about change to group. */
636 	blocking_notifier_call_chain(&group->notifier,
637 				     IOMMU_GROUP_NOTIFY_ADD_DEVICE, dev);
638 
639 	trace_add_device_to_group(group->id, dev);
640 
641 	pr_info("Adding device %s to group %d\n", dev_name(dev), group->id);
642 
643 	return 0;
644 
645 err_put_group:
646 	mutex_lock(&group->mutex);
647 	list_del(&device->list);
648 	mutex_unlock(&group->mutex);
649 	dev->iommu_group = NULL;
650 	kobject_put(group->devices_kobj);
651 err_free_name:
652 	kfree(device->name);
653 err_remove_link:
654 	sysfs_remove_link(&dev->kobj, "iommu_group");
655 err_free_device:
656 	kfree(device);
657 	pr_err("Failed to add device %s to group %d: %d\n", dev_name(dev), group->id, ret);
658 	return ret;
659 }
660 EXPORT_SYMBOL_GPL(iommu_group_add_device);
661 
662 /**
663  * iommu_group_remove_device - remove a device from it's current group
664  * @dev: device to be removed
665  *
666  * This function is called by an iommu driver to remove the device from
667  * it's current group.  This decrements the iommu group reference count.
668  */
669 void iommu_group_remove_device(struct device *dev)
670 {
671 	struct iommu_group *group = dev->iommu_group;
672 	struct group_device *tmp_device, *device = NULL;
673 
674 	pr_info("Removing device %s from group %d\n", dev_name(dev), group->id);
675 
676 	/* Pre-notify listeners that a device is being removed. */
677 	blocking_notifier_call_chain(&group->notifier,
678 				     IOMMU_GROUP_NOTIFY_DEL_DEVICE, dev);
679 
680 	mutex_lock(&group->mutex);
681 	list_for_each_entry(tmp_device, &group->devices, list) {
682 		if (tmp_device->dev == dev) {
683 			device = tmp_device;
684 			list_del(&device->list);
685 			break;
686 		}
687 	}
688 	mutex_unlock(&group->mutex);
689 
690 	if (!device)
691 		return;
692 
693 	sysfs_remove_link(group->devices_kobj, device->name);
694 	sysfs_remove_link(&dev->kobj, "iommu_group");
695 
696 	trace_remove_device_from_group(group->id, dev);
697 
698 	kfree(device->name);
699 	kfree(device);
700 	dev->iommu_group = NULL;
701 	kobject_put(group->devices_kobj);
702 }
703 EXPORT_SYMBOL_GPL(iommu_group_remove_device);
704 
705 static int iommu_group_device_count(struct iommu_group *group)
706 {
707 	struct group_device *entry;
708 	int ret = 0;
709 
710 	list_for_each_entry(entry, &group->devices, list)
711 		ret++;
712 
713 	return ret;
714 }
715 
716 /**
717  * iommu_group_for_each_dev - iterate over each device in the group
718  * @group: the group
719  * @data: caller opaque data to be passed to callback function
720  * @fn: caller supplied callback function
721  *
722  * This function is called by group users to iterate over group devices.
723  * Callers should hold a reference count to the group during callback.
724  * The group->mutex is held across callbacks, which will block calls to
725  * iommu_group_add/remove_device.
726  */
727 static int __iommu_group_for_each_dev(struct iommu_group *group, void *data,
728 				      int (*fn)(struct device *, void *))
729 {
730 	struct group_device *device;
731 	int ret = 0;
732 
733 	list_for_each_entry(device, &group->devices, list) {
734 		ret = fn(device->dev, data);
735 		if (ret)
736 			break;
737 	}
738 	return ret;
739 }
740 
741 
742 int iommu_group_for_each_dev(struct iommu_group *group, void *data,
743 			     int (*fn)(struct device *, void *))
744 {
745 	int ret;
746 
747 	mutex_lock(&group->mutex);
748 	ret = __iommu_group_for_each_dev(group, data, fn);
749 	mutex_unlock(&group->mutex);
750 
751 	return ret;
752 }
753 EXPORT_SYMBOL_GPL(iommu_group_for_each_dev);
754 
755 /**
756  * iommu_group_get - Return the group for a device and increment reference
757  * @dev: get the group that this device belongs to
758  *
759  * This function is called by iommu drivers and users to get the group
760  * for the specified device.  If found, the group is returned and the group
761  * reference in incremented, else NULL.
762  */
763 struct iommu_group *iommu_group_get(struct device *dev)
764 {
765 	struct iommu_group *group = dev->iommu_group;
766 
767 	if (group)
768 		kobject_get(group->devices_kobj);
769 
770 	return group;
771 }
772 EXPORT_SYMBOL_GPL(iommu_group_get);
773 
774 /**
775  * iommu_group_ref_get - Increment reference on a group
776  * @group: the group to use, must not be NULL
777  *
778  * This function is called by iommu drivers to take additional references on an
779  * existing group.  Returns the given group for convenience.
780  */
781 struct iommu_group *iommu_group_ref_get(struct iommu_group *group)
782 {
783 	kobject_get(group->devices_kobj);
784 	return group;
785 }
786 
787 /**
788  * iommu_group_put - Decrement group reference
789  * @group: the group to use
790  *
791  * This function is called by iommu drivers and users to release the
792  * iommu group.  Once the reference count is zero, the group is released.
793  */
794 void iommu_group_put(struct iommu_group *group)
795 {
796 	if (group)
797 		kobject_put(group->devices_kobj);
798 }
799 EXPORT_SYMBOL_GPL(iommu_group_put);
800 
801 /**
802  * iommu_group_register_notifier - Register a notifier for group changes
803  * @group: the group to watch
804  * @nb: notifier block to signal
805  *
806  * This function allows iommu group users to track changes in a group.
807  * See include/linux/iommu.h for actions sent via this notifier.  Caller
808  * should hold a reference to the group throughout notifier registration.
809  */
810 int iommu_group_register_notifier(struct iommu_group *group,
811 				  struct notifier_block *nb)
812 {
813 	return blocking_notifier_chain_register(&group->notifier, nb);
814 }
815 EXPORT_SYMBOL_GPL(iommu_group_register_notifier);
816 
817 /**
818  * iommu_group_unregister_notifier - Unregister a notifier
819  * @group: the group to watch
820  * @nb: notifier block to signal
821  *
822  * Unregister a previously registered group notifier block.
823  */
824 int iommu_group_unregister_notifier(struct iommu_group *group,
825 				    struct notifier_block *nb)
826 {
827 	return blocking_notifier_chain_unregister(&group->notifier, nb);
828 }
829 EXPORT_SYMBOL_GPL(iommu_group_unregister_notifier);
830 
831 /**
832  * iommu_group_id - Return ID for a group
833  * @group: the group to ID
834  *
835  * Return the unique ID for the group matching the sysfs group number.
836  */
837 int iommu_group_id(struct iommu_group *group)
838 {
839 	return group->id;
840 }
841 EXPORT_SYMBOL_GPL(iommu_group_id);
842 
843 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
844 					       unsigned long *devfns);
845 
846 /*
847  * To consider a PCI device isolated, we require ACS to support Source
848  * Validation, Request Redirection, Completer Redirection, and Upstream
849  * Forwarding.  This effectively means that devices cannot spoof their
850  * requester ID, requests and completions cannot be redirected, and all
851  * transactions are forwarded upstream, even as it passes through a
852  * bridge where the target device is downstream.
853  */
854 #define REQ_ACS_FLAGS   (PCI_ACS_SV | PCI_ACS_RR | PCI_ACS_CR | PCI_ACS_UF)
855 
856 /*
857  * For multifunction devices which are not isolated from each other, find
858  * all the other non-isolated functions and look for existing groups.  For
859  * each function, we also need to look for aliases to or from other devices
860  * that may already have a group.
861  */
862 static struct iommu_group *get_pci_function_alias_group(struct pci_dev *pdev,
863 							unsigned long *devfns)
864 {
865 	struct pci_dev *tmp = NULL;
866 	struct iommu_group *group;
867 
868 	if (!pdev->multifunction || pci_acs_enabled(pdev, REQ_ACS_FLAGS))
869 		return NULL;
870 
871 	for_each_pci_dev(tmp) {
872 		if (tmp == pdev || tmp->bus != pdev->bus ||
873 		    PCI_SLOT(tmp->devfn) != PCI_SLOT(pdev->devfn) ||
874 		    pci_acs_enabled(tmp, REQ_ACS_FLAGS))
875 			continue;
876 
877 		group = get_pci_alias_group(tmp, devfns);
878 		if (group) {
879 			pci_dev_put(tmp);
880 			return group;
881 		}
882 	}
883 
884 	return NULL;
885 }
886 
887 /*
888  * Look for aliases to or from the given device for existing groups. DMA
889  * aliases are only supported on the same bus, therefore the search
890  * space is quite small (especially since we're really only looking at pcie
891  * device, and therefore only expect multiple slots on the root complex or
892  * downstream switch ports).  It's conceivable though that a pair of
893  * multifunction devices could have aliases between them that would cause a
894  * loop.  To prevent this, we use a bitmap to track where we've been.
895  */
896 static struct iommu_group *get_pci_alias_group(struct pci_dev *pdev,
897 					       unsigned long *devfns)
898 {
899 	struct pci_dev *tmp = NULL;
900 	struct iommu_group *group;
901 
902 	if (test_and_set_bit(pdev->devfn & 0xff, devfns))
903 		return NULL;
904 
905 	group = iommu_group_get(&pdev->dev);
906 	if (group)
907 		return group;
908 
909 	for_each_pci_dev(tmp) {
910 		if (tmp == pdev || tmp->bus != pdev->bus)
911 			continue;
912 
913 		/* We alias them or they alias us */
914 		if (pci_devs_are_dma_aliases(pdev, tmp)) {
915 			group = get_pci_alias_group(tmp, devfns);
916 			if (group) {
917 				pci_dev_put(tmp);
918 				return group;
919 			}
920 
921 			group = get_pci_function_alias_group(tmp, devfns);
922 			if (group) {
923 				pci_dev_put(tmp);
924 				return group;
925 			}
926 		}
927 	}
928 
929 	return NULL;
930 }
931 
932 struct group_for_pci_data {
933 	struct pci_dev *pdev;
934 	struct iommu_group *group;
935 };
936 
937 /*
938  * DMA alias iterator callback, return the last seen device.  Stop and return
939  * the IOMMU group if we find one along the way.
940  */
941 static int get_pci_alias_or_group(struct pci_dev *pdev, u16 alias, void *opaque)
942 {
943 	struct group_for_pci_data *data = opaque;
944 
945 	data->pdev = pdev;
946 	data->group = iommu_group_get(&pdev->dev);
947 
948 	return data->group != NULL;
949 }
950 
951 /*
952  * Generic device_group call-back function. It just allocates one
953  * iommu-group per device.
954  */
955 struct iommu_group *generic_device_group(struct device *dev)
956 {
957 	return iommu_group_alloc();
958 }
959 
960 /*
961  * Use standard PCI bus topology, isolation features, and DMA alias quirks
962  * to find or create an IOMMU group for a device.
963  */
964 struct iommu_group *pci_device_group(struct device *dev)
965 {
966 	struct pci_dev *pdev = to_pci_dev(dev);
967 	struct group_for_pci_data data;
968 	struct pci_bus *bus;
969 	struct iommu_group *group = NULL;
970 	u64 devfns[4] = { 0 };
971 
972 	if (WARN_ON(!dev_is_pci(dev)))
973 		return ERR_PTR(-EINVAL);
974 
975 	/*
976 	 * Find the upstream DMA alias for the device.  A device must not
977 	 * be aliased due to topology in order to have its own IOMMU group.
978 	 * If we find an alias along the way that already belongs to a
979 	 * group, use it.
980 	 */
981 	if (pci_for_each_dma_alias(pdev, get_pci_alias_or_group, &data))
982 		return data.group;
983 
984 	pdev = data.pdev;
985 
986 	/*
987 	 * Continue upstream from the point of minimum IOMMU granularity
988 	 * due to aliases to the point where devices are protected from
989 	 * peer-to-peer DMA by PCI ACS.  Again, if we find an existing
990 	 * group, use it.
991 	 */
992 	for (bus = pdev->bus; !pci_is_root_bus(bus); bus = bus->parent) {
993 		if (!bus->self)
994 			continue;
995 
996 		if (pci_acs_path_enabled(bus->self, NULL, REQ_ACS_FLAGS))
997 			break;
998 
999 		pdev = bus->self;
1000 
1001 		group = iommu_group_get(&pdev->dev);
1002 		if (group)
1003 			return group;
1004 	}
1005 
1006 	/*
1007 	 * Look for existing groups on device aliases.  If we alias another
1008 	 * device or another device aliases us, use the same group.
1009 	 */
1010 	group = get_pci_alias_group(pdev, (unsigned long *)devfns);
1011 	if (group)
1012 		return group;
1013 
1014 	/*
1015 	 * Look for existing groups on non-isolated functions on the same
1016 	 * slot and aliases of those funcions, if any.  No need to clear
1017 	 * the search bitmap, the tested devfns are still valid.
1018 	 */
1019 	group = get_pci_function_alias_group(pdev, (unsigned long *)devfns);
1020 	if (group)
1021 		return group;
1022 
1023 	/* No shared group found, allocate new */
1024 	return iommu_group_alloc();
1025 }
1026 
1027 /**
1028  * iommu_group_get_for_dev - Find or create the IOMMU group for a device
1029  * @dev: target device
1030  *
1031  * This function is intended to be called by IOMMU drivers and extended to
1032  * support common, bus-defined algorithms when determining or creating the
1033  * IOMMU group for a device.  On success, the caller will hold a reference
1034  * to the returned IOMMU group, which will already include the provided
1035  * device.  The reference should be released with iommu_group_put().
1036  */
1037 struct iommu_group *iommu_group_get_for_dev(struct device *dev)
1038 {
1039 	const struct iommu_ops *ops = dev->bus->iommu_ops;
1040 	struct iommu_group *group;
1041 	int ret;
1042 
1043 	group = iommu_group_get(dev);
1044 	if (group)
1045 		return group;
1046 
1047 	if (!ops)
1048 		return ERR_PTR(-EINVAL);
1049 
1050 	group = ops->device_group(dev);
1051 	if (WARN_ON_ONCE(group == NULL))
1052 		return ERR_PTR(-EINVAL);
1053 
1054 	if (IS_ERR(group))
1055 		return group;
1056 
1057 	/*
1058 	 * Try to allocate a default domain - needs support from the
1059 	 * IOMMU driver.
1060 	 */
1061 	if (!group->default_domain) {
1062 		struct iommu_domain *dom;
1063 
1064 		dom = __iommu_domain_alloc(dev->bus, iommu_def_domain_type);
1065 		if (!dom && iommu_def_domain_type != IOMMU_DOMAIN_DMA) {
1066 			dev_warn(dev,
1067 				 "failed to allocate default IOMMU domain of type %u; falling back to IOMMU_DOMAIN_DMA",
1068 				 iommu_def_domain_type);
1069 			dom = __iommu_domain_alloc(dev->bus, IOMMU_DOMAIN_DMA);
1070 		}
1071 
1072 		group->default_domain = dom;
1073 		if (!group->domain)
1074 			group->domain = dom;
1075 	}
1076 
1077 	ret = iommu_group_add_device(group, dev);
1078 	if (ret) {
1079 		iommu_group_put(group);
1080 		return ERR_PTR(ret);
1081 	}
1082 
1083 	return group;
1084 }
1085 
1086 struct iommu_domain *iommu_group_default_domain(struct iommu_group *group)
1087 {
1088 	return group->default_domain;
1089 }
1090 
1091 static int add_iommu_group(struct device *dev, void *data)
1092 {
1093 	struct iommu_callback_data *cb = data;
1094 	const struct iommu_ops *ops = cb->ops;
1095 	int ret;
1096 
1097 	if (!ops->add_device)
1098 		return 0;
1099 
1100 	WARN_ON(dev->iommu_group);
1101 
1102 	ret = ops->add_device(dev);
1103 
1104 	/*
1105 	 * We ignore -ENODEV errors for now, as they just mean that the
1106 	 * device is not translated by an IOMMU. We still care about
1107 	 * other errors and fail to initialize when they happen.
1108 	 */
1109 	if (ret == -ENODEV)
1110 		ret = 0;
1111 
1112 	return ret;
1113 }
1114 
1115 static int remove_iommu_group(struct device *dev, void *data)
1116 {
1117 	struct iommu_callback_data *cb = data;
1118 	const struct iommu_ops *ops = cb->ops;
1119 
1120 	if (ops->remove_device && dev->iommu_group)
1121 		ops->remove_device(dev);
1122 
1123 	return 0;
1124 }
1125 
1126 static int iommu_bus_notifier(struct notifier_block *nb,
1127 			      unsigned long action, void *data)
1128 {
1129 	struct device *dev = data;
1130 	const struct iommu_ops *ops = dev->bus->iommu_ops;
1131 	struct iommu_group *group;
1132 	unsigned long group_action = 0;
1133 
1134 	/*
1135 	 * ADD/DEL call into iommu driver ops if provided, which may
1136 	 * result in ADD/DEL notifiers to group->notifier
1137 	 */
1138 	if (action == BUS_NOTIFY_ADD_DEVICE) {
1139 		if (ops->add_device) {
1140 			int ret;
1141 
1142 			ret = ops->add_device(dev);
1143 			return (ret) ? NOTIFY_DONE : NOTIFY_OK;
1144 		}
1145 	} else if (action == BUS_NOTIFY_REMOVED_DEVICE) {
1146 		if (ops->remove_device && dev->iommu_group) {
1147 			ops->remove_device(dev);
1148 			return 0;
1149 		}
1150 	}
1151 
1152 	/*
1153 	 * Remaining BUS_NOTIFYs get filtered and republished to the
1154 	 * group, if anyone is listening
1155 	 */
1156 	group = iommu_group_get(dev);
1157 	if (!group)
1158 		return 0;
1159 
1160 	switch (action) {
1161 	case BUS_NOTIFY_BIND_DRIVER:
1162 		group_action = IOMMU_GROUP_NOTIFY_BIND_DRIVER;
1163 		break;
1164 	case BUS_NOTIFY_BOUND_DRIVER:
1165 		group_action = IOMMU_GROUP_NOTIFY_BOUND_DRIVER;
1166 		break;
1167 	case BUS_NOTIFY_UNBIND_DRIVER:
1168 		group_action = IOMMU_GROUP_NOTIFY_UNBIND_DRIVER;
1169 		break;
1170 	case BUS_NOTIFY_UNBOUND_DRIVER:
1171 		group_action = IOMMU_GROUP_NOTIFY_UNBOUND_DRIVER;
1172 		break;
1173 	}
1174 
1175 	if (group_action)
1176 		blocking_notifier_call_chain(&group->notifier,
1177 					     group_action, dev);
1178 
1179 	iommu_group_put(group);
1180 	return 0;
1181 }
1182 
1183 static int iommu_bus_init(struct bus_type *bus, const struct iommu_ops *ops)
1184 {
1185 	int err;
1186 	struct notifier_block *nb;
1187 	struct iommu_callback_data cb = {
1188 		.ops = ops,
1189 	};
1190 
1191 	nb = kzalloc(sizeof(struct notifier_block), GFP_KERNEL);
1192 	if (!nb)
1193 		return -ENOMEM;
1194 
1195 	nb->notifier_call = iommu_bus_notifier;
1196 
1197 	err = bus_register_notifier(bus, nb);
1198 	if (err)
1199 		goto out_free;
1200 
1201 	err = bus_for_each_dev(bus, NULL, &cb, add_iommu_group);
1202 	if (err)
1203 		goto out_err;
1204 
1205 
1206 	return 0;
1207 
1208 out_err:
1209 	/* Clean up */
1210 	bus_for_each_dev(bus, NULL, &cb, remove_iommu_group);
1211 	bus_unregister_notifier(bus, nb);
1212 
1213 out_free:
1214 	kfree(nb);
1215 
1216 	return err;
1217 }
1218 
1219 /**
1220  * bus_set_iommu - set iommu-callbacks for the bus
1221  * @bus: bus.
1222  * @ops: the callbacks provided by the iommu-driver
1223  *
1224  * This function is called by an iommu driver to set the iommu methods
1225  * used for a particular bus. Drivers for devices on that bus can use
1226  * the iommu-api after these ops are registered.
1227  * This special function is needed because IOMMUs are usually devices on
1228  * the bus itself, so the iommu drivers are not initialized when the bus
1229  * is set up. With this function the iommu-driver can set the iommu-ops
1230  * afterwards.
1231  */
1232 int bus_set_iommu(struct bus_type *bus, const struct iommu_ops *ops)
1233 {
1234 	int err;
1235 
1236 	if (bus->iommu_ops != NULL)
1237 		return -EBUSY;
1238 
1239 	bus->iommu_ops = ops;
1240 
1241 	/* Do IOMMU specific setup for this bus-type */
1242 	err = iommu_bus_init(bus, ops);
1243 	if (err)
1244 		bus->iommu_ops = NULL;
1245 
1246 	return err;
1247 }
1248 EXPORT_SYMBOL_GPL(bus_set_iommu);
1249 
1250 bool iommu_present(struct bus_type *bus)
1251 {
1252 	return bus->iommu_ops != NULL;
1253 }
1254 EXPORT_SYMBOL_GPL(iommu_present);
1255 
1256 bool iommu_capable(struct bus_type *bus, enum iommu_cap cap)
1257 {
1258 	if (!bus->iommu_ops || !bus->iommu_ops->capable)
1259 		return false;
1260 
1261 	return bus->iommu_ops->capable(cap);
1262 }
1263 EXPORT_SYMBOL_GPL(iommu_capable);
1264 
1265 /**
1266  * iommu_set_fault_handler() - set a fault handler for an iommu domain
1267  * @domain: iommu domain
1268  * @handler: fault handler
1269  * @token: user data, will be passed back to the fault handler
1270  *
1271  * This function should be used by IOMMU users which want to be notified
1272  * whenever an IOMMU fault happens.
1273  *
1274  * The fault handler itself should return 0 on success, and an appropriate
1275  * error code otherwise.
1276  */
1277 void iommu_set_fault_handler(struct iommu_domain *domain,
1278 					iommu_fault_handler_t handler,
1279 					void *token)
1280 {
1281 	BUG_ON(!domain);
1282 
1283 	domain->handler = handler;
1284 	domain->handler_token = token;
1285 }
1286 EXPORT_SYMBOL_GPL(iommu_set_fault_handler);
1287 
1288 static struct iommu_domain *__iommu_domain_alloc(struct bus_type *bus,
1289 						 unsigned type)
1290 {
1291 	struct iommu_domain *domain;
1292 
1293 	if (bus == NULL || bus->iommu_ops == NULL)
1294 		return NULL;
1295 
1296 	domain = bus->iommu_ops->domain_alloc(type);
1297 	if (!domain)
1298 		return NULL;
1299 
1300 	domain->ops  = bus->iommu_ops;
1301 	domain->type = type;
1302 	/* Assume all sizes by default; the driver may override this later */
1303 	domain->pgsize_bitmap  = bus->iommu_ops->pgsize_bitmap;
1304 
1305 	return domain;
1306 }
1307 
1308 struct iommu_domain *iommu_domain_alloc(struct bus_type *bus)
1309 {
1310 	return __iommu_domain_alloc(bus, IOMMU_DOMAIN_UNMANAGED);
1311 }
1312 EXPORT_SYMBOL_GPL(iommu_domain_alloc);
1313 
1314 void iommu_domain_free(struct iommu_domain *domain)
1315 {
1316 	domain->ops->domain_free(domain);
1317 }
1318 EXPORT_SYMBOL_GPL(iommu_domain_free);
1319 
1320 static int __iommu_attach_device(struct iommu_domain *domain,
1321 				 struct device *dev)
1322 {
1323 	int ret;
1324 	if ((domain->ops->is_attach_deferred != NULL) &&
1325 	    domain->ops->is_attach_deferred(domain, dev))
1326 		return 0;
1327 
1328 	if (unlikely(domain->ops->attach_dev == NULL))
1329 		return -ENODEV;
1330 
1331 	ret = domain->ops->attach_dev(domain, dev);
1332 	if (!ret)
1333 		trace_attach_device_to_domain(dev);
1334 	return ret;
1335 }
1336 
1337 int iommu_attach_device(struct iommu_domain *domain, struct device *dev)
1338 {
1339 	struct iommu_group *group;
1340 	int ret;
1341 
1342 	group = iommu_group_get(dev);
1343 	if (!group)
1344 		return -ENODEV;
1345 
1346 	/*
1347 	 * Lock the group to make sure the device-count doesn't
1348 	 * change while we are attaching
1349 	 */
1350 	mutex_lock(&group->mutex);
1351 	ret = -EINVAL;
1352 	if (iommu_group_device_count(group) != 1)
1353 		goto out_unlock;
1354 
1355 	ret = __iommu_attach_group(domain, group);
1356 
1357 out_unlock:
1358 	mutex_unlock(&group->mutex);
1359 	iommu_group_put(group);
1360 
1361 	return ret;
1362 }
1363 EXPORT_SYMBOL_GPL(iommu_attach_device);
1364 
1365 static void __iommu_detach_device(struct iommu_domain *domain,
1366 				  struct device *dev)
1367 {
1368 	if ((domain->ops->is_attach_deferred != NULL) &&
1369 	    domain->ops->is_attach_deferred(domain, dev))
1370 		return;
1371 
1372 	if (unlikely(domain->ops->detach_dev == NULL))
1373 		return;
1374 
1375 	domain->ops->detach_dev(domain, dev);
1376 	trace_detach_device_from_domain(dev);
1377 }
1378 
1379 void iommu_detach_device(struct iommu_domain *domain, struct device *dev)
1380 {
1381 	struct iommu_group *group;
1382 
1383 	group = iommu_group_get(dev);
1384 	if (!group)
1385 		return;
1386 
1387 	mutex_lock(&group->mutex);
1388 	if (iommu_group_device_count(group) != 1) {
1389 		WARN_ON(1);
1390 		goto out_unlock;
1391 	}
1392 
1393 	__iommu_detach_group(domain, group);
1394 
1395 out_unlock:
1396 	mutex_unlock(&group->mutex);
1397 	iommu_group_put(group);
1398 }
1399 EXPORT_SYMBOL_GPL(iommu_detach_device);
1400 
1401 struct iommu_domain *iommu_get_domain_for_dev(struct device *dev)
1402 {
1403 	struct iommu_domain *domain;
1404 	struct iommu_group *group;
1405 
1406 	group = iommu_group_get(dev);
1407 	if (!group)
1408 		return NULL;
1409 
1410 	domain = group->domain;
1411 
1412 	iommu_group_put(group);
1413 
1414 	return domain;
1415 }
1416 EXPORT_SYMBOL_GPL(iommu_get_domain_for_dev);
1417 
1418 /*
1419  * IOMMU groups are really the natrual working unit of the IOMMU, but
1420  * the IOMMU API works on domains and devices.  Bridge that gap by
1421  * iterating over the devices in a group.  Ideally we'd have a single
1422  * device which represents the requestor ID of the group, but we also
1423  * allow IOMMU drivers to create policy defined minimum sets, where
1424  * the physical hardware may be able to distiguish members, but we
1425  * wish to group them at a higher level (ex. untrusted multi-function
1426  * PCI devices).  Thus we attach each device.
1427  */
1428 static int iommu_group_do_attach_device(struct device *dev, void *data)
1429 {
1430 	struct iommu_domain *domain = data;
1431 
1432 	return __iommu_attach_device(domain, dev);
1433 }
1434 
1435 static int __iommu_attach_group(struct iommu_domain *domain,
1436 				struct iommu_group *group)
1437 {
1438 	int ret;
1439 
1440 	if (group->default_domain && group->domain != group->default_domain)
1441 		return -EBUSY;
1442 
1443 	ret = __iommu_group_for_each_dev(group, domain,
1444 					 iommu_group_do_attach_device);
1445 	if (ret == 0)
1446 		group->domain = domain;
1447 
1448 	return ret;
1449 }
1450 
1451 int iommu_attach_group(struct iommu_domain *domain, struct iommu_group *group)
1452 {
1453 	int ret;
1454 
1455 	mutex_lock(&group->mutex);
1456 	ret = __iommu_attach_group(domain, group);
1457 	mutex_unlock(&group->mutex);
1458 
1459 	return ret;
1460 }
1461 EXPORT_SYMBOL_GPL(iommu_attach_group);
1462 
1463 static int iommu_group_do_detach_device(struct device *dev, void *data)
1464 {
1465 	struct iommu_domain *domain = data;
1466 
1467 	__iommu_detach_device(domain, dev);
1468 
1469 	return 0;
1470 }
1471 
1472 static void __iommu_detach_group(struct iommu_domain *domain,
1473 				 struct iommu_group *group)
1474 {
1475 	int ret;
1476 
1477 	if (!group->default_domain) {
1478 		__iommu_group_for_each_dev(group, domain,
1479 					   iommu_group_do_detach_device);
1480 		group->domain = NULL;
1481 		return;
1482 	}
1483 
1484 	if (group->domain == group->default_domain)
1485 		return;
1486 
1487 	/* Detach by re-attaching to the default domain */
1488 	ret = __iommu_group_for_each_dev(group, group->default_domain,
1489 					 iommu_group_do_attach_device);
1490 	if (ret != 0)
1491 		WARN_ON(1);
1492 	else
1493 		group->domain = group->default_domain;
1494 }
1495 
1496 void iommu_detach_group(struct iommu_domain *domain, struct iommu_group *group)
1497 {
1498 	mutex_lock(&group->mutex);
1499 	__iommu_detach_group(domain, group);
1500 	mutex_unlock(&group->mutex);
1501 }
1502 EXPORT_SYMBOL_GPL(iommu_detach_group);
1503 
1504 phys_addr_t iommu_iova_to_phys(struct iommu_domain *domain, dma_addr_t iova)
1505 {
1506 	if (unlikely(domain->ops->iova_to_phys == NULL))
1507 		return 0;
1508 
1509 	return domain->ops->iova_to_phys(domain, iova);
1510 }
1511 EXPORT_SYMBOL_GPL(iommu_iova_to_phys);
1512 
1513 static size_t iommu_pgsize(struct iommu_domain *domain,
1514 			   unsigned long addr_merge, size_t size)
1515 {
1516 	unsigned int pgsize_idx;
1517 	size_t pgsize;
1518 
1519 	/* Max page size that still fits into 'size' */
1520 	pgsize_idx = __fls(size);
1521 
1522 	/* need to consider alignment requirements ? */
1523 	if (likely(addr_merge)) {
1524 		/* Max page size allowed by address */
1525 		unsigned int align_pgsize_idx = __ffs(addr_merge);
1526 		pgsize_idx = min(pgsize_idx, align_pgsize_idx);
1527 	}
1528 
1529 	/* build a mask of acceptable page sizes */
1530 	pgsize = (1UL << (pgsize_idx + 1)) - 1;
1531 
1532 	/* throw away page sizes not supported by the hardware */
1533 	pgsize &= domain->pgsize_bitmap;
1534 
1535 	/* make sure we're still sane */
1536 	BUG_ON(!pgsize);
1537 
1538 	/* pick the biggest page */
1539 	pgsize_idx = __fls(pgsize);
1540 	pgsize = 1UL << pgsize_idx;
1541 
1542 	return pgsize;
1543 }
1544 
1545 int iommu_map(struct iommu_domain *domain, unsigned long iova,
1546 	      phys_addr_t paddr, size_t size, int prot)
1547 {
1548 	unsigned long orig_iova = iova;
1549 	unsigned int min_pagesz;
1550 	size_t orig_size = size;
1551 	phys_addr_t orig_paddr = paddr;
1552 	int ret = 0;
1553 
1554 	if (unlikely(domain->ops->map == NULL ||
1555 		     domain->pgsize_bitmap == 0UL))
1556 		return -ENODEV;
1557 
1558 	if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
1559 		return -EINVAL;
1560 
1561 	/* find out the minimum page size supported */
1562 	min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
1563 
1564 	/*
1565 	 * both the virtual address and the physical one, as well as
1566 	 * the size of the mapping, must be aligned (at least) to the
1567 	 * size of the smallest page supported by the hardware
1568 	 */
1569 	if (!IS_ALIGNED(iova | paddr | size, min_pagesz)) {
1570 		pr_err("unaligned: iova 0x%lx pa %pa size 0x%zx min_pagesz 0x%x\n",
1571 		       iova, &paddr, size, min_pagesz);
1572 		return -EINVAL;
1573 	}
1574 
1575 	pr_debug("map: iova 0x%lx pa %pa size 0x%zx\n", iova, &paddr, size);
1576 
1577 	while (size) {
1578 		size_t pgsize = iommu_pgsize(domain, iova | paddr, size);
1579 
1580 		pr_debug("mapping: iova 0x%lx pa %pa pgsize 0x%zx\n",
1581 			 iova, &paddr, pgsize);
1582 
1583 		ret = domain->ops->map(domain, iova, paddr, pgsize, prot);
1584 		if (ret)
1585 			break;
1586 
1587 		iova += pgsize;
1588 		paddr += pgsize;
1589 		size -= pgsize;
1590 	}
1591 
1592 	/* unroll mapping in case something went wrong */
1593 	if (ret)
1594 		iommu_unmap(domain, orig_iova, orig_size - size);
1595 	else
1596 		trace_map(orig_iova, orig_paddr, orig_size);
1597 
1598 	return ret;
1599 }
1600 EXPORT_SYMBOL_GPL(iommu_map);
1601 
1602 static size_t __iommu_unmap(struct iommu_domain *domain,
1603 			    unsigned long iova, size_t size,
1604 			    bool sync)
1605 {
1606 	const struct iommu_ops *ops = domain->ops;
1607 	size_t unmapped_page, unmapped = 0;
1608 	unsigned long orig_iova = iova;
1609 	unsigned int min_pagesz;
1610 
1611 	if (unlikely(ops->unmap == NULL ||
1612 		     domain->pgsize_bitmap == 0UL))
1613 		return 0;
1614 
1615 	if (unlikely(!(domain->type & __IOMMU_DOMAIN_PAGING)))
1616 		return 0;
1617 
1618 	/* find out the minimum page size supported */
1619 	min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
1620 
1621 	/*
1622 	 * The virtual address, as well as the size of the mapping, must be
1623 	 * aligned (at least) to the size of the smallest page supported
1624 	 * by the hardware
1625 	 */
1626 	if (!IS_ALIGNED(iova | size, min_pagesz)) {
1627 		pr_err("unaligned: iova 0x%lx size 0x%zx min_pagesz 0x%x\n",
1628 		       iova, size, min_pagesz);
1629 		return 0;
1630 	}
1631 
1632 	pr_debug("unmap this: iova 0x%lx size 0x%zx\n", iova, size);
1633 
1634 	/*
1635 	 * Keep iterating until we either unmap 'size' bytes (or more)
1636 	 * or we hit an area that isn't mapped.
1637 	 */
1638 	while (unmapped < size) {
1639 		size_t pgsize = iommu_pgsize(domain, iova, size - unmapped);
1640 
1641 		unmapped_page = ops->unmap(domain, iova, pgsize);
1642 		if (!unmapped_page)
1643 			break;
1644 
1645 		if (sync && ops->iotlb_range_add)
1646 			ops->iotlb_range_add(domain, iova, pgsize);
1647 
1648 		pr_debug("unmapped: iova 0x%lx size 0x%zx\n",
1649 			 iova, unmapped_page);
1650 
1651 		iova += unmapped_page;
1652 		unmapped += unmapped_page;
1653 	}
1654 
1655 	if (sync && ops->iotlb_sync)
1656 		ops->iotlb_sync(domain);
1657 
1658 	trace_unmap(orig_iova, size, unmapped);
1659 	return unmapped;
1660 }
1661 
1662 size_t iommu_unmap(struct iommu_domain *domain,
1663 		   unsigned long iova, size_t size)
1664 {
1665 	return __iommu_unmap(domain, iova, size, true);
1666 }
1667 EXPORT_SYMBOL_GPL(iommu_unmap);
1668 
1669 size_t iommu_unmap_fast(struct iommu_domain *domain,
1670 			unsigned long iova, size_t size)
1671 {
1672 	return __iommu_unmap(domain, iova, size, false);
1673 }
1674 EXPORT_SYMBOL_GPL(iommu_unmap_fast);
1675 
1676 size_t iommu_map_sg(struct iommu_domain *domain, unsigned long iova,
1677 		    struct scatterlist *sg, unsigned int nents, int prot)
1678 {
1679 	struct scatterlist *s;
1680 	size_t mapped = 0;
1681 	unsigned int i, min_pagesz;
1682 	int ret;
1683 
1684 	if (unlikely(domain->pgsize_bitmap == 0UL))
1685 		return 0;
1686 
1687 	min_pagesz = 1 << __ffs(domain->pgsize_bitmap);
1688 
1689 	for_each_sg(sg, s, nents, i) {
1690 		phys_addr_t phys = page_to_phys(sg_page(s)) + s->offset;
1691 
1692 		/*
1693 		 * We are mapping on IOMMU page boundaries, so offset within
1694 		 * the page must be 0. However, the IOMMU may support pages
1695 		 * smaller than PAGE_SIZE, so s->offset may still represent
1696 		 * an offset of that boundary within the CPU page.
1697 		 */
1698 		if (!IS_ALIGNED(s->offset, min_pagesz))
1699 			goto out_err;
1700 
1701 		ret = iommu_map(domain, iova + mapped, phys, s->length, prot);
1702 		if (ret)
1703 			goto out_err;
1704 
1705 		mapped += s->length;
1706 	}
1707 
1708 	return mapped;
1709 
1710 out_err:
1711 	/* undo mappings already done */
1712 	iommu_unmap(domain, iova, mapped);
1713 
1714 	return 0;
1715 
1716 }
1717 EXPORT_SYMBOL_GPL(iommu_map_sg);
1718 
1719 int iommu_domain_window_enable(struct iommu_domain *domain, u32 wnd_nr,
1720 			       phys_addr_t paddr, u64 size, int prot)
1721 {
1722 	if (unlikely(domain->ops->domain_window_enable == NULL))
1723 		return -ENODEV;
1724 
1725 	return domain->ops->domain_window_enable(domain, wnd_nr, paddr, size,
1726 						 prot);
1727 }
1728 EXPORT_SYMBOL_GPL(iommu_domain_window_enable);
1729 
1730 void iommu_domain_window_disable(struct iommu_domain *domain, u32 wnd_nr)
1731 {
1732 	if (unlikely(domain->ops->domain_window_disable == NULL))
1733 		return;
1734 
1735 	return domain->ops->domain_window_disable(domain, wnd_nr);
1736 }
1737 EXPORT_SYMBOL_GPL(iommu_domain_window_disable);
1738 
1739 /**
1740  * report_iommu_fault() - report about an IOMMU fault to the IOMMU framework
1741  * @domain: the iommu domain where the fault has happened
1742  * @dev: the device where the fault has happened
1743  * @iova: the faulting address
1744  * @flags: mmu fault flags (e.g. IOMMU_FAULT_READ/IOMMU_FAULT_WRITE/...)
1745  *
1746  * This function should be called by the low-level IOMMU implementations
1747  * whenever IOMMU faults happen, to allow high-level users, that are
1748  * interested in such events, to know about them.
1749  *
1750  * This event may be useful for several possible use cases:
1751  * - mere logging of the event
1752  * - dynamic TLB/PTE loading
1753  * - if restarting of the faulting device is required
1754  *
1755  * Returns 0 on success and an appropriate error code otherwise (if dynamic
1756  * PTE/TLB loading will one day be supported, implementations will be able
1757  * to tell whether it succeeded or not according to this return value).
1758  *
1759  * Specifically, -ENOSYS is returned if a fault handler isn't installed
1760  * (though fault handlers can also return -ENOSYS, in case they want to
1761  * elicit the default behavior of the IOMMU drivers).
1762  */
1763 int report_iommu_fault(struct iommu_domain *domain, struct device *dev,
1764 		       unsigned long iova, int flags)
1765 {
1766 	int ret = -ENOSYS;
1767 
1768 	/*
1769 	 * if upper layers showed interest and installed a fault handler,
1770 	 * invoke it.
1771 	 */
1772 	if (domain->handler)
1773 		ret = domain->handler(domain, dev, iova, flags,
1774 						domain->handler_token);
1775 
1776 	trace_io_page_fault(dev, iova, flags);
1777 	return ret;
1778 }
1779 EXPORT_SYMBOL_GPL(report_iommu_fault);
1780 
1781 static int __init iommu_init(void)
1782 {
1783 	iommu_group_kset = kset_create_and_add("iommu_groups",
1784 					       NULL, kernel_kobj);
1785 	BUG_ON(!iommu_group_kset);
1786 
1787 	iommu_debugfs_setup();
1788 
1789 	return 0;
1790 }
1791 core_initcall(iommu_init);
1792 
1793 int iommu_domain_get_attr(struct iommu_domain *domain,
1794 			  enum iommu_attr attr, void *data)
1795 {
1796 	struct iommu_domain_geometry *geometry;
1797 	bool *paging;
1798 	int ret = 0;
1799 	u32 *count;
1800 
1801 	switch (attr) {
1802 	case DOMAIN_ATTR_GEOMETRY:
1803 		geometry  = data;
1804 		*geometry = domain->geometry;
1805 
1806 		break;
1807 	case DOMAIN_ATTR_PAGING:
1808 		paging  = data;
1809 		*paging = (domain->pgsize_bitmap != 0UL);
1810 		break;
1811 	case DOMAIN_ATTR_WINDOWS:
1812 		count = data;
1813 
1814 		if (domain->ops->domain_get_windows != NULL)
1815 			*count = domain->ops->domain_get_windows(domain);
1816 		else
1817 			ret = -ENODEV;
1818 
1819 		break;
1820 	default:
1821 		if (!domain->ops->domain_get_attr)
1822 			return -EINVAL;
1823 
1824 		ret = domain->ops->domain_get_attr(domain, attr, data);
1825 	}
1826 
1827 	return ret;
1828 }
1829 EXPORT_SYMBOL_GPL(iommu_domain_get_attr);
1830 
1831 int iommu_domain_set_attr(struct iommu_domain *domain,
1832 			  enum iommu_attr attr, void *data)
1833 {
1834 	int ret = 0;
1835 	u32 *count;
1836 
1837 	switch (attr) {
1838 	case DOMAIN_ATTR_WINDOWS:
1839 		count = data;
1840 
1841 		if (domain->ops->domain_set_windows != NULL)
1842 			ret = domain->ops->domain_set_windows(domain, *count);
1843 		else
1844 			ret = -ENODEV;
1845 
1846 		break;
1847 	default:
1848 		if (domain->ops->domain_set_attr == NULL)
1849 			return -EINVAL;
1850 
1851 		ret = domain->ops->domain_set_attr(domain, attr, data);
1852 	}
1853 
1854 	return ret;
1855 }
1856 EXPORT_SYMBOL_GPL(iommu_domain_set_attr);
1857 
1858 void iommu_get_resv_regions(struct device *dev, struct list_head *list)
1859 {
1860 	const struct iommu_ops *ops = dev->bus->iommu_ops;
1861 
1862 	if (ops && ops->get_resv_regions)
1863 		ops->get_resv_regions(dev, list);
1864 }
1865 
1866 void iommu_put_resv_regions(struct device *dev, struct list_head *list)
1867 {
1868 	const struct iommu_ops *ops = dev->bus->iommu_ops;
1869 
1870 	if (ops && ops->put_resv_regions)
1871 		ops->put_resv_regions(dev, list);
1872 }
1873 
1874 struct iommu_resv_region *iommu_alloc_resv_region(phys_addr_t start,
1875 						  size_t length, int prot,
1876 						  enum iommu_resv_type type)
1877 {
1878 	struct iommu_resv_region *region;
1879 
1880 	region = kzalloc(sizeof(*region), GFP_KERNEL);
1881 	if (!region)
1882 		return NULL;
1883 
1884 	INIT_LIST_HEAD(&region->list);
1885 	region->start = start;
1886 	region->length = length;
1887 	region->prot = prot;
1888 	region->type = type;
1889 	return region;
1890 }
1891 
1892 /* Request that a device is direct mapped by the IOMMU */
1893 int iommu_request_dm_for_dev(struct device *dev)
1894 {
1895 	struct iommu_domain *dm_domain;
1896 	struct iommu_group *group;
1897 	int ret;
1898 
1899 	/* Device must already be in a group before calling this function */
1900 	group = iommu_group_get_for_dev(dev);
1901 	if (IS_ERR(group))
1902 		return PTR_ERR(group);
1903 
1904 	mutex_lock(&group->mutex);
1905 
1906 	/* Check if the default domain is already direct mapped */
1907 	ret = 0;
1908 	if (group->default_domain &&
1909 	    group->default_domain->type == IOMMU_DOMAIN_IDENTITY)
1910 		goto out;
1911 
1912 	/* Don't change mappings of existing devices */
1913 	ret = -EBUSY;
1914 	if (iommu_group_device_count(group) != 1)
1915 		goto out;
1916 
1917 	/* Allocate a direct mapped domain */
1918 	ret = -ENOMEM;
1919 	dm_domain = __iommu_domain_alloc(dev->bus, IOMMU_DOMAIN_IDENTITY);
1920 	if (!dm_domain)
1921 		goto out;
1922 
1923 	/* Attach the device to the domain */
1924 	ret = __iommu_attach_group(dm_domain, group);
1925 	if (ret) {
1926 		iommu_domain_free(dm_domain);
1927 		goto out;
1928 	}
1929 
1930 	/* Make the direct mapped domain the default for this group */
1931 	if (group->default_domain)
1932 		iommu_domain_free(group->default_domain);
1933 	group->default_domain = dm_domain;
1934 
1935 	pr_info("Using direct mapping for device %s\n", dev_name(dev));
1936 
1937 	ret = 0;
1938 out:
1939 	mutex_unlock(&group->mutex);
1940 	iommu_group_put(group);
1941 
1942 	return ret;
1943 }
1944 
1945 const struct iommu_ops *iommu_ops_from_fwnode(struct fwnode_handle *fwnode)
1946 {
1947 	const struct iommu_ops *ops = NULL;
1948 	struct iommu_device *iommu;
1949 
1950 	spin_lock(&iommu_device_lock);
1951 	list_for_each_entry(iommu, &iommu_device_list, list)
1952 		if (iommu->fwnode == fwnode) {
1953 			ops = iommu->ops;
1954 			break;
1955 		}
1956 	spin_unlock(&iommu_device_lock);
1957 	return ops;
1958 }
1959 
1960 int iommu_fwspec_init(struct device *dev, struct fwnode_handle *iommu_fwnode,
1961 		      const struct iommu_ops *ops)
1962 {
1963 	struct iommu_fwspec *fwspec = dev->iommu_fwspec;
1964 
1965 	if (fwspec)
1966 		return ops == fwspec->ops ? 0 : -EINVAL;
1967 
1968 	fwspec = kzalloc(sizeof(*fwspec), GFP_KERNEL);
1969 	if (!fwspec)
1970 		return -ENOMEM;
1971 
1972 	of_node_get(to_of_node(iommu_fwnode));
1973 	fwspec->iommu_fwnode = iommu_fwnode;
1974 	fwspec->ops = ops;
1975 	dev->iommu_fwspec = fwspec;
1976 	return 0;
1977 }
1978 EXPORT_SYMBOL_GPL(iommu_fwspec_init);
1979 
1980 void iommu_fwspec_free(struct device *dev)
1981 {
1982 	struct iommu_fwspec *fwspec = dev->iommu_fwspec;
1983 
1984 	if (fwspec) {
1985 		fwnode_handle_put(fwspec->iommu_fwnode);
1986 		kfree(fwspec);
1987 		dev->iommu_fwspec = NULL;
1988 	}
1989 }
1990 EXPORT_SYMBOL_GPL(iommu_fwspec_free);
1991 
1992 int iommu_fwspec_add_ids(struct device *dev, u32 *ids, int num_ids)
1993 {
1994 	struct iommu_fwspec *fwspec = dev->iommu_fwspec;
1995 	size_t size;
1996 	int i;
1997 
1998 	if (!fwspec)
1999 		return -EINVAL;
2000 
2001 	size = offsetof(struct iommu_fwspec, ids[fwspec->num_ids + num_ids]);
2002 	if (size > sizeof(*fwspec)) {
2003 		fwspec = krealloc(dev->iommu_fwspec, size, GFP_KERNEL);
2004 		if (!fwspec)
2005 			return -ENOMEM;
2006 
2007 		dev->iommu_fwspec = fwspec;
2008 	}
2009 
2010 	for (i = 0; i < num_ids; i++)
2011 		fwspec->ids[fwspec->num_ids + i] = ids[i];
2012 
2013 	fwspec->num_ids += num_ids;
2014 	return 0;
2015 }
2016 EXPORT_SYMBOL_GPL(iommu_fwspec_add_ids);
2017