1d624d665SJason Gunthorpe // SPDX-License-Identifier: GPL-2.0-only
2d624d665SJason Gunthorpe /* Copyright (c) 2021-2022, NVIDIA CORPORATION & AFFILIATES
3d624d665SJason Gunthorpe */
4d624d665SJason Gunthorpe #include <linux/file.h>
5d624d665SJason Gunthorpe #include <linux/interval_tree.h>
6d624d665SJason Gunthorpe #include <linux/iommu.h>
7d624d665SJason Gunthorpe #include <linux/iommufd.h>
8d624d665SJason Gunthorpe #include <linux/slab.h>
9d624d665SJason Gunthorpe #include <linux/vfio.h>
10d624d665SJason Gunthorpe #include <uapi/linux/vfio.h>
11d624d665SJason Gunthorpe #include <uapi/linux/iommufd.h>
12d624d665SJason Gunthorpe
13d624d665SJason Gunthorpe #include "iommufd_private.h"
14d624d665SJason Gunthorpe
get_compat_ioas(struct iommufd_ctx * ictx)15d624d665SJason Gunthorpe static struct iommufd_ioas *get_compat_ioas(struct iommufd_ctx *ictx)
16d624d665SJason Gunthorpe {
17d624d665SJason Gunthorpe struct iommufd_ioas *ioas = ERR_PTR(-ENODEV);
18d624d665SJason Gunthorpe
19d624d665SJason Gunthorpe xa_lock(&ictx->objects);
20d624d665SJason Gunthorpe if (!ictx->vfio_ioas || !iommufd_lock_obj(&ictx->vfio_ioas->obj))
21d624d665SJason Gunthorpe goto out_unlock;
22d624d665SJason Gunthorpe ioas = ictx->vfio_ioas;
23d624d665SJason Gunthorpe out_unlock:
24d624d665SJason Gunthorpe xa_unlock(&ictx->objects);
25d624d665SJason Gunthorpe return ioas;
26d624d665SJason Gunthorpe }
27d624d665SJason Gunthorpe
28d624d665SJason Gunthorpe /**
29c9a397ceSJason Gunthorpe * iommufd_vfio_compat_ioas_get_id - Ensure a compat IOAS exists
30d624d665SJason Gunthorpe * @ictx: Context to operate on
31c9a397ceSJason Gunthorpe * @out_ioas_id: The IOAS ID of the compatibility IOAS
32c9a397ceSJason Gunthorpe *
33c9a397ceSJason Gunthorpe * Return the ID of the current compatibility IOAS. The ID can be passed into
34c9a397ceSJason Gunthorpe * other functions that take an ioas_id.
35c9a397ceSJason Gunthorpe */
iommufd_vfio_compat_ioas_get_id(struct iommufd_ctx * ictx,u32 * out_ioas_id)36c9a397ceSJason Gunthorpe int iommufd_vfio_compat_ioas_get_id(struct iommufd_ctx *ictx, u32 *out_ioas_id)
37c9a397ceSJason Gunthorpe {
38c9a397ceSJason Gunthorpe struct iommufd_ioas *ioas;
39c9a397ceSJason Gunthorpe
40c9a397ceSJason Gunthorpe ioas = get_compat_ioas(ictx);
41c9a397ceSJason Gunthorpe if (IS_ERR(ioas))
42c9a397ceSJason Gunthorpe return PTR_ERR(ioas);
43c9a397ceSJason Gunthorpe *out_ioas_id = ioas->obj.id;
44c9a397ceSJason Gunthorpe iommufd_put_object(&ioas->obj);
45c9a397ceSJason Gunthorpe return 0;
46c9a397ceSJason Gunthorpe }
47c9a397ceSJason Gunthorpe EXPORT_SYMBOL_NS_GPL(iommufd_vfio_compat_ioas_get_id, IOMMUFD_VFIO);
48c9a397ceSJason Gunthorpe
49c9a397ceSJason Gunthorpe /**
50c9a397ceSJason Gunthorpe * iommufd_vfio_compat_set_no_iommu - Called when a no-iommu device is attached
51c9a397ceSJason Gunthorpe * @ictx: Context to operate on
52c9a397ceSJason Gunthorpe *
53c9a397ceSJason Gunthorpe * This allows selecting the VFIO_NOIOMMU_IOMMU and blocks normal types.
54c9a397ceSJason Gunthorpe */
iommufd_vfio_compat_set_no_iommu(struct iommufd_ctx * ictx)55c9a397ceSJason Gunthorpe int iommufd_vfio_compat_set_no_iommu(struct iommufd_ctx *ictx)
56c9a397ceSJason Gunthorpe {
57c9a397ceSJason Gunthorpe int ret;
58c9a397ceSJason Gunthorpe
59c9a397ceSJason Gunthorpe xa_lock(&ictx->objects);
60c9a397ceSJason Gunthorpe if (!ictx->vfio_ioas) {
61c9a397ceSJason Gunthorpe ictx->no_iommu_mode = 1;
62c9a397ceSJason Gunthorpe ret = 0;
63c9a397ceSJason Gunthorpe } else {
64c9a397ceSJason Gunthorpe ret = -EINVAL;
65c9a397ceSJason Gunthorpe }
66c9a397ceSJason Gunthorpe xa_unlock(&ictx->objects);
67c9a397ceSJason Gunthorpe return ret;
68c9a397ceSJason Gunthorpe }
69c9a397ceSJason Gunthorpe EXPORT_SYMBOL_NS_GPL(iommufd_vfio_compat_set_no_iommu, IOMMUFD_VFIO);
70c9a397ceSJason Gunthorpe
71c9a397ceSJason Gunthorpe /**
72c9a397ceSJason Gunthorpe * iommufd_vfio_compat_ioas_create - Ensure the compat IOAS is created
73c9a397ceSJason Gunthorpe * @ictx: Context to operate on
74d624d665SJason Gunthorpe *
75d624d665SJason Gunthorpe * The compatibility IOAS is the IOAS that the vfio compatibility ioctls operate
76d624d665SJason Gunthorpe * on since they do not have an IOAS ID input in their ABI. Only attaching a
77c9a397ceSJason Gunthorpe * group should cause a default creation of the internal ioas, this does nothing
78c9a397ceSJason Gunthorpe * if an existing ioas has already been assigned somehow.
79d624d665SJason Gunthorpe */
iommufd_vfio_compat_ioas_create(struct iommufd_ctx * ictx)80c9a397ceSJason Gunthorpe int iommufd_vfio_compat_ioas_create(struct iommufd_ctx *ictx)
81d624d665SJason Gunthorpe {
82d624d665SJason Gunthorpe struct iommufd_ioas *ioas = NULL;
83c9a397ceSJason Gunthorpe int ret;
84d624d665SJason Gunthorpe
85d624d665SJason Gunthorpe ioas = iommufd_ioas_alloc(ictx);
86d624d665SJason Gunthorpe if (IS_ERR(ioas))
87d624d665SJason Gunthorpe return PTR_ERR(ioas);
88d624d665SJason Gunthorpe
89d624d665SJason Gunthorpe xa_lock(&ictx->objects);
90c9a397ceSJason Gunthorpe /*
91c9a397ceSJason Gunthorpe * VFIO won't allow attaching a container to both iommu and no iommu
92c9a397ceSJason Gunthorpe * operation
93c9a397ceSJason Gunthorpe */
94c9a397ceSJason Gunthorpe if (ictx->no_iommu_mode) {
95c9a397ceSJason Gunthorpe ret = -EINVAL;
96c9a397ceSJason Gunthorpe goto out_abort;
97d624d665SJason Gunthorpe }
98c9a397ceSJason Gunthorpe
99c9a397ceSJason Gunthorpe if (ictx->vfio_ioas && iommufd_lock_obj(&ictx->vfio_ioas->obj)) {
100c9a397ceSJason Gunthorpe ret = 0;
101c9a397ceSJason Gunthorpe iommufd_put_object(&ictx->vfio_ioas->obj);
102c9a397ceSJason Gunthorpe goto out_abort;
103c9a397ceSJason Gunthorpe }
104c9a397ceSJason Gunthorpe ictx->vfio_ioas = ioas;
105d624d665SJason Gunthorpe xa_unlock(&ictx->objects);
106d624d665SJason Gunthorpe
107d624d665SJason Gunthorpe /*
108d624d665SJason Gunthorpe * An automatically created compat IOAS is treated as a userspace
109d624d665SJason Gunthorpe * created object. Userspace can learn the ID via IOMMU_VFIO_IOAS_GET,
110d624d665SJason Gunthorpe * and if not manually destroyed it will be destroyed automatically
111d624d665SJason Gunthorpe * at iommufd release.
112d624d665SJason Gunthorpe */
113d624d665SJason Gunthorpe iommufd_object_finalize(ictx, &ioas->obj);
114d624d665SJason Gunthorpe return 0;
115c9a397ceSJason Gunthorpe
116c9a397ceSJason Gunthorpe out_abort:
117c9a397ceSJason Gunthorpe xa_unlock(&ictx->objects);
118c9a397ceSJason Gunthorpe iommufd_object_abort(ictx, &ioas->obj);
119c9a397ceSJason Gunthorpe return ret;
120d624d665SJason Gunthorpe }
121c9a397ceSJason Gunthorpe EXPORT_SYMBOL_NS_GPL(iommufd_vfio_compat_ioas_create, IOMMUFD_VFIO);
122d624d665SJason Gunthorpe
iommufd_vfio_ioas(struct iommufd_ucmd * ucmd)123d624d665SJason Gunthorpe int iommufd_vfio_ioas(struct iommufd_ucmd *ucmd)
124d624d665SJason Gunthorpe {
125d624d665SJason Gunthorpe struct iommu_vfio_ioas *cmd = ucmd->cmd;
126d624d665SJason Gunthorpe struct iommufd_ioas *ioas;
127d624d665SJason Gunthorpe
128d624d665SJason Gunthorpe if (cmd->__reserved)
129d624d665SJason Gunthorpe return -EOPNOTSUPP;
130d624d665SJason Gunthorpe switch (cmd->op) {
131d624d665SJason Gunthorpe case IOMMU_VFIO_IOAS_GET:
132d624d665SJason Gunthorpe ioas = get_compat_ioas(ucmd->ictx);
133d624d665SJason Gunthorpe if (IS_ERR(ioas))
134d624d665SJason Gunthorpe return PTR_ERR(ioas);
135d624d665SJason Gunthorpe cmd->ioas_id = ioas->obj.id;
136d624d665SJason Gunthorpe iommufd_put_object(&ioas->obj);
137d624d665SJason Gunthorpe return iommufd_ucmd_respond(ucmd, sizeof(*cmd));
138d624d665SJason Gunthorpe
139d624d665SJason Gunthorpe case IOMMU_VFIO_IOAS_SET:
140325de950SYi Liu ioas = iommufd_get_ioas(ucmd->ictx, cmd->ioas_id);
141d624d665SJason Gunthorpe if (IS_ERR(ioas))
142d624d665SJason Gunthorpe return PTR_ERR(ioas);
143d624d665SJason Gunthorpe xa_lock(&ucmd->ictx->objects);
144d624d665SJason Gunthorpe ucmd->ictx->vfio_ioas = ioas;
145d624d665SJason Gunthorpe xa_unlock(&ucmd->ictx->objects);
146d624d665SJason Gunthorpe iommufd_put_object(&ioas->obj);
147d624d665SJason Gunthorpe return 0;
148d624d665SJason Gunthorpe
149d624d665SJason Gunthorpe case IOMMU_VFIO_IOAS_CLEAR:
150d624d665SJason Gunthorpe xa_lock(&ucmd->ictx->objects);
151d624d665SJason Gunthorpe ucmd->ictx->vfio_ioas = NULL;
152d624d665SJason Gunthorpe xa_unlock(&ucmd->ictx->objects);
153d624d665SJason Gunthorpe return 0;
154d624d665SJason Gunthorpe default:
155d624d665SJason Gunthorpe return -EOPNOTSUPP;
156d624d665SJason Gunthorpe }
157d624d665SJason Gunthorpe }
158d624d665SJason Gunthorpe
iommufd_vfio_map_dma(struct iommufd_ctx * ictx,unsigned int cmd,void __user * arg)159d624d665SJason Gunthorpe static int iommufd_vfio_map_dma(struct iommufd_ctx *ictx, unsigned int cmd,
160d624d665SJason Gunthorpe void __user *arg)
161d624d665SJason Gunthorpe {
162d624d665SJason Gunthorpe u32 supported_flags = VFIO_DMA_MAP_FLAG_READ | VFIO_DMA_MAP_FLAG_WRITE;
163d624d665SJason Gunthorpe size_t minsz = offsetofend(struct vfio_iommu_type1_dma_map, size);
164d624d665SJason Gunthorpe struct vfio_iommu_type1_dma_map map;
165d624d665SJason Gunthorpe int iommu_prot = IOMMU_CACHE;
166d624d665SJason Gunthorpe struct iommufd_ioas *ioas;
167d624d665SJason Gunthorpe unsigned long iova;
168d624d665SJason Gunthorpe int rc;
169d624d665SJason Gunthorpe
170d624d665SJason Gunthorpe if (copy_from_user(&map, arg, minsz))
171d624d665SJason Gunthorpe return -EFAULT;
172d624d665SJason Gunthorpe
173d624d665SJason Gunthorpe if (map.argsz < minsz || map.flags & ~supported_flags)
174d624d665SJason Gunthorpe return -EINVAL;
175d624d665SJason Gunthorpe
176d624d665SJason Gunthorpe if (map.flags & VFIO_DMA_MAP_FLAG_READ)
177d624d665SJason Gunthorpe iommu_prot |= IOMMU_READ;
178d624d665SJason Gunthorpe if (map.flags & VFIO_DMA_MAP_FLAG_WRITE)
179d624d665SJason Gunthorpe iommu_prot |= IOMMU_WRITE;
180d624d665SJason Gunthorpe
181d624d665SJason Gunthorpe ioas = get_compat_ioas(ictx);
182d624d665SJason Gunthorpe if (IS_ERR(ioas))
183d624d665SJason Gunthorpe return PTR_ERR(ioas);
184d624d665SJason Gunthorpe
185d624d665SJason Gunthorpe /*
186d624d665SJason Gunthorpe * Maps created through the legacy interface always use VFIO compatible
187d624d665SJason Gunthorpe * rlimit accounting. If the user wishes to use the faster user based
188d624d665SJason Gunthorpe * rlimit accounting then they must use the new interface.
189d624d665SJason Gunthorpe */
190d624d665SJason Gunthorpe iova = map.iova;
191d624d665SJason Gunthorpe rc = iopt_map_user_pages(ictx, &ioas->iopt, &iova, u64_to_user_ptr(map.vaddr),
192d624d665SJason Gunthorpe map.size, iommu_prot, 0);
193d624d665SJason Gunthorpe iommufd_put_object(&ioas->obj);
194d624d665SJason Gunthorpe return rc;
195d624d665SJason Gunthorpe }
196d624d665SJason Gunthorpe
iommufd_vfio_unmap_dma(struct iommufd_ctx * ictx,unsigned int cmd,void __user * arg)197d624d665SJason Gunthorpe static int iommufd_vfio_unmap_dma(struct iommufd_ctx *ictx, unsigned int cmd,
198d624d665SJason Gunthorpe void __user *arg)
199d624d665SJason Gunthorpe {
200d624d665SJason Gunthorpe size_t minsz = offsetofend(struct vfio_iommu_type1_dma_unmap, size);
201d624d665SJason Gunthorpe /*
202d624d665SJason Gunthorpe * VFIO_DMA_UNMAP_FLAG_GET_DIRTY_BITMAP is obsoleted by the new
203d624d665SJason Gunthorpe * dirty tracking direction:
204d624d665SJason Gunthorpe * https://lore.kernel.org/kvm/20220731125503.142683-1-yishaih@nvidia.com/
205d624d665SJason Gunthorpe * https://lore.kernel.org/kvm/20220428210933.3583-1-joao.m.martins@oracle.com/
206d624d665SJason Gunthorpe */
207d624d665SJason Gunthorpe u32 supported_flags = VFIO_DMA_UNMAP_FLAG_ALL;
208d624d665SJason Gunthorpe struct vfio_iommu_type1_dma_unmap unmap;
209d624d665SJason Gunthorpe unsigned long unmapped = 0;
210d624d665SJason Gunthorpe struct iommufd_ioas *ioas;
211d624d665SJason Gunthorpe int rc;
212d624d665SJason Gunthorpe
213d624d665SJason Gunthorpe if (copy_from_user(&unmap, arg, minsz))
214d624d665SJason Gunthorpe return -EFAULT;
215d624d665SJason Gunthorpe
216d624d665SJason Gunthorpe if (unmap.argsz < minsz || unmap.flags & ~supported_flags)
217d624d665SJason Gunthorpe return -EINVAL;
218d624d665SJason Gunthorpe
219d624d665SJason Gunthorpe ioas = get_compat_ioas(ictx);
220d624d665SJason Gunthorpe if (IS_ERR(ioas))
221d624d665SJason Gunthorpe return PTR_ERR(ioas);
222d624d665SJason Gunthorpe
223d624d665SJason Gunthorpe if (unmap.flags & VFIO_DMA_UNMAP_FLAG_ALL) {
224d624d665SJason Gunthorpe if (unmap.iova != 0 || unmap.size != 0) {
225d624d665SJason Gunthorpe rc = -EINVAL;
226d624d665SJason Gunthorpe goto err_put;
227d624d665SJason Gunthorpe }
228d624d665SJason Gunthorpe rc = iopt_unmap_all(&ioas->iopt, &unmapped);
229d624d665SJason Gunthorpe } else {
230d624d665SJason Gunthorpe if (READ_ONCE(ioas->iopt.disable_large_pages)) {
231d624d665SJason Gunthorpe /*
232d624d665SJason Gunthorpe * Create cuts at the start and last of the requested
233d624d665SJason Gunthorpe * range. If the start IOVA is 0 then it doesn't need to
234d624d665SJason Gunthorpe * be cut.
235d624d665SJason Gunthorpe */
236d624d665SJason Gunthorpe unsigned long iovas[] = { unmap.iova + unmap.size - 1,
237d624d665SJason Gunthorpe unmap.iova - 1 };
238d624d665SJason Gunthorpe
239d624d665SJason Gunthorpe rc = iopt_cut_iova(&ioas->iopt, iovas,
240d624d665SJason Gunthorpe unmap.iova ? 2 : 1);
241d624d665SJason Gunthorpe if (rc)
242d624d665SJason Gunthorpe goto err_put;
243d624d665SJason Gunthorpe }
244d624d665SJason Gunthorpe rc = iopt_unmap_iova(&ioas->iopt, unmap.iova, unmap.size,
245d624d665SJason Gunthorpe &unmapped);
246d624d665SJason Gunthorpe }
247d624d665SJason Gunthorpe unmap.size = unmapped;
248d624d665SJason Gunthorpe if (copy_to_user(arg, &unmap, minsz))
249d624d665SJason Gunthorpe rc = -EFAULT;
250d624d665SJason Gunthorpe
251d624d665SJason Gunthorpe err_put:
252d624d665SJason Gunthorpe iommufd_put_object(&ioas->obj);
253d624d665SJason Gunthorpe return rc;
254d624d665SJason Gunthorpe }
255d624d665SJason Gunthorpe
iommufd_vfio_cc_iommu(struct iommufd_ctx * ictx)256d624d665SJason Gunthorpe static int iommufd_vfio_cc_iommu(struct iommufd_ctx *ictx)
257d624d665SJason Gunthorpe {
258d624d665SJason Gunthorpe struct iommufd_hw_pagetable *hwpt;
259d624d665SJason Gunthorpe struct iommufd_ioas *ioas;
260d624d665SJason Gunthorpe int rc = 1;
261d624d665SJason Gunthorpe
262d624d665SJason Gunthorpe ioas = get_compat_ioas(ictx);
263d624d665SJason Gunthorpe if (IS_ERR(ioas))
264d624d665SJason Gunthorpe return PTR_ERR(ioas);
265d624d665SJason Gunthorpe
266d624d665SJason Gunthorpe mutex_lock(&ioas->mutex);
267d624d665SJason Gunthorpe list_for_each_entry(hwpt, &ioas->hwpt_list, hwpt_item) {
268d624d665SJason Gunthorpe if (!hwpt->enforce_cache_coherency) {
269d624d665SJason Gunthorpe rc = 0;
270d624d665SJason Gunthorpe break;
271d624d665SJason Gunthorpe }
272d624d665SJason Gunthorpe }
273d624d665SJason Gunthorpe mutex_unlock(&ioas->mutex);
274d624d665SJason Gunthorpe
275d624d665SJason Gunthorpe iommufd_put_object(&ioas->obj);
276d624d665SJason Gunthorpe return rc;
277d624d665SJason Gunthorpe }
278d624d665SJason Gunthorpe
iommufd_vfio_check_extension(struct iommufd_ctx * ictx,unsigned long type)279d624d665SJason Gunthorpe static int iommufd_vfio_check_extension(struct iommufd_ctx *ictx,
280d624d665SJason Gunthorpe unsigned long type)
281d624d665SJason Gunthorpe {
282d624d665SJason Gunthorpe switch (type) {
283d624d665SJason Gunthorpe case VFIO_TYPE1_IOMMU:
284d624d665SJason Gunthorpe case VFIO_TYPE1v2_IOMMU:
285d624d665SJason Gunthorpe case VFIO_UNMAP_ALL:
286d624d665SJason Gunthorpe return 1;
287d624d665SJason Gunthorpe
288c9a397ceSJason Gunthorpe case VFIO_NOIOMMU_IOMMU:
289c9a397ceSJason Gunthorpe return IS_ENABLED(CONFIG_VFIO_NOIOMMU);
290c9a397ceSJason Gunthorpe
291d624d665SJason Gunthorpe case VFIO_DMA_CC_IOMMU:
292d624d665SJason Gunthorpe return iommufd_vfio_cc_iommu(ictx);
293d624d665SJason Gunthorpe
294d624d665SJason Gunthorpe /*
295d624d665SJason Gunthorpe * This is obsolete, and to be removed from VFIO. It was an incomplete
296d624d665SJason Gunthorpe * idea that got merged.
297d624d665SJason Gunthorpe * https://lore.kernel.org/kvm/0-v1-0093c9b0e345+19-vfio_no_nesting_jgg@nvidia.com/
298d624d665SJason Gunthorpe */
299d624d665SJason Gunthorpe case VFIO_TYPE1_NESTING_IOMMU:
300d624d665SJason Gunthorpe return 0;
301d624d665SJason Gunthorpe
302d624d665SJason Gunthorpe /*
303d624d665SJason Gunthorpe * VFIO_DMA_MAP_FLAG_VADDR
304d624d665SJason Gunthorpe * https://lore.kernel.org/kvm/1611939252-7240-1-git-send-email-steven.sistare@oracle.com/
305d624d665SJason Gunthorpe * https://lore.kernel.org/all/Yz777bJZjTyLrHEQ@nvidia.com/
306d624d665SJason Gunthorpe *
307d624d665SJason Gunthorpe * It is hard to see how this could be implemented safely.
308d624d665SJason Gunthorpe */
309d624d665SJason Gunthorpe case VFIO_UPDATE_VADDR:
310d624d665SJason Gunthorpe default:
311d624d665SJason Gunthorpe return 0;
312d624d665SJason Gunthorpe }
313d624d665SJason Gunthorpe }
314d624d665SJason Gunthorpe
iommufd_vfio_set_iommu(struct iommufd_ctx * ictx,unsigned long type)315d624d665SJason Gunthorpe static int iommufd_vfio_set_iommu(struct iommufd_ctx *ictx, unsigned long type)
316d624d665SJason Gunthorpe {
317c9a397ceSJason Gunthorpe bool no_iommu_mode = READ_ONCE(ictx->no_iommu_mode);
318d624d665SJason Gunthorpe struct iommufd_ioas *ioas = NULL;
319d624d665SJason Gunthorpe int rc = 0;
320d624d665SJason Gunthorpe
321c9a397ceSJason Gunthorpe /*
322c9a397ceSJason Gunthorpe * Emulation for NOIOMMU is imperfect in that VFIO blocks almost all
323c9a397ceSJason Gunthorpe * other ioctls. We let them keep working but they mostly fail since no
324c9a397ceSJason Gunthorpe * IOAS should exist.
325c9a397ceSJason Gunthorpe */
326c9a397ceSJason Gunthorpe if (IS_ENABLED(CONFIG_VFIO_NOIOMMU) && type == VFIO_NOIOMMU_IOMMU &&
327c9a397ceSJason Gunthorpe no_iommu_mode) {
328c9a397ceSJason Gunthorpe if (!capable(CAP_SYS_RAWIO))
329c9a397ceSJason Gunthorpe return -EPERM;
330c9a397ceSJason Gunthorpe return 0;
331c9a397ceSJason Gunthorpe }
332c9a397ceSJason Gunthorpe
333c9a397ceSJason Gunthorpe if ((type != VFIO_TYPE1_IOMMU && type != VFIO_TYPE1v2_IOMMU) ||
334c9a397ceSJason Gunthorpe no_iommu_mode)
335d624d665SJason Gunthorpe return -EINVAL;
336d624d665SJason Gunthorpe
337d624d665SJason Gunthorpe /* VFIO fails the set_iommu if there is no group */
338d624d665SJason Gunthorpe ioas = get_compat_ioas(ictx);
339d624d665SJason Gunthorpe if (IS_ERR(ioas))
340d624d665SJason Gunthorpe return PTR_ERR(ioas);
341d624d665SJason Gunthorpe
342d624d665SJason Gunthorpe /*
343d624d665SJason Gunthorpe * The difference between TYPE1 and TYPE1v2 is the ability to unmap in
344d624d665SJason Gunthorpe * the middle of mapped ranges. This is complicated by huge page support
345d624d665SJason Gunthorpe * which creates single large IOPTEs that cannot be split by the iommu
346d624d665SJason Gunthorpe * driver. TYPE1 is very old at this point and likely nothing uses it,
347d624d665SJason Gunthorpe * however it is simple enough to emulate by simply disabling the
348d624d665SJason Gunthorpe * problematic large IOPTEs. Then we can safely unmap within any range.
349d624d665SJason Gunthorpe */
350d624d665SJason Gunthorpe if (type == VFIO_TYPE1_IOMMU)
351d624d665SJason Gunthorpe rc = iopt_disable_large_pages(&ioas->iopt);
352d624d665SJason Gunthorpe iommufd_put_object(&ioas->obj);
353d624d665SJason Gunthorpe return rc;
354d624d665SJason Gunthorpe }
355d624d665SJason Gunthorpe
iommufd_get_pagesizes(struct iommufd_ioas * ioas)356d624d665SJason Gunthorpe static unsigned long iommufd_get_pagesizes(struct iommufd_ioas *ioas)
357d624d665SJason Gunthorpe {
358d624d665SJason Gunthorpe struct io_pagetable *iopt = &ioas->iopt;
359d624d665SJason Gunthorpe unsigned long pgsize_bitmap = ULONG_MAX;
360d624d665SJason Gunthorpe struct iommu_domain *domain;
361d624d665SJason Gunthorpe unsigned long index;
362d624d665SJason Gunthorpe
363d624d665SJason Gunthorpe down_read(&iopt->domains_rwsem);
364d624d665SJason Gunthorpe xa_for_each(&iopt->domains, index, domain)
365d624d665SJason Gunthorpe pgsize_bitmap &= domain->pgsize_bitmap;
366d624d665SJason Gunthorpe
367d624d665SJason Gunthorpe /* See vfio_update_pgsize_bitmap() */
368d624d665SJason Gunthorpe if (pgsize_bitmap & ~PAGE_MASK) {
369d624d665SJason Gunthorpe pgsize_bitmap &= PAGE_MASK;
370d624d665SJason Gunthorpe pgsize_bitmap |= PAGE_SIZE;
371d624d665SJason Gunthorpe }
372d624d665SJason Gunthorpe pgsize_bitmap = max(pgsize_bitmap, ioas->iopt.iova_alignment);
373d624d665SJason Gunthorpe up_read(&iopt->domains_rwsem);
374d624d665SJason Gunthorpe return pgsize_bitmap;
375d624d665SJason Gunthorpe }
376d624d665SJason Gunthorpe
iommufd_fill_cap_iova(struct iommufd_ioas * ioas,struct vfio_info_cap_header __user * cur,size_t avail)377d624d665SJason Gunthorpe static int iommufd_fill_cap_iova(struct iommufd_ioas *ioas,
378d624d665SJason Gunthorpe struct vfio_info_cap_header __user *cur,
379d624d665SJason Gunthorpe size_t avail)
380d624d665SJason Gunthorpe {
381d624d665SJason Gunthorpe struct vfio_iommu_type1_info_cap_iova_range __user *ucap_iovas =
382d624d665SJason Gunthorpe container_of(cur,
383d624d665SJason Gunthorpe struct vfio_iommu_type1_info_cap_iova_range __user,
384d624d665SJason Gunthorpe header);
385d624d665SJason Gunthorpe struct vfio_iommu_type1_info_cap_iova_range cap_iovas = {
386d624d665SJason Gunthorpe .header = {
387d624d665SJason Gunthorpe .id = VFIO_IOMMU_TYPE1_INFO_CAP_IOVA_RANGE,
388d624d665SJason Gunthorpe .version = 1,
389d624d665SJason Gunthorpe },
390d624d665SJason Gunthorpe };
391d624d665SJason Gunthorpe struct interval_tree_span_iter span;
392d624d665SJason Gunthorpe
393d624d665SJason Gunthorpe interval_tree_for_each_span(&span, &ioas->iopt.reserved_itree, 0,
394d624d665SJason Gunthorpe ULONG_MAX) {
395d624d665SJason Gunthorpe struct vfio_iova_range range;
396d624d665SJason Gunthorpe
397d624d665SJason Gunthorpe if (!span.is_hole)
398d624d665SJason Gunthorpe continue;
399d624d665SJason Gunthorpe range.start = span.start_hole;
400d624d665SJason Gunthorpe range.end = span.last_hole;
401d624d665SJason Gunthorpe if (avail >= struct_size(&cap_iovas, iova_ranges,
402d624d665SJason Gunthorpe cap_iovas.nr_iovas + 1) &&
403d624d665SJason Gunthorpe copy_to_user(&ucap_iovas->iova_ranges[cap_iovas.nr_iovas],
404d624d665SJason Gunthorpe &range, sizeof(range)))
405d624d665SJason Gunthorpe return -EFAULT;
406d624d665SJason Gunthorpe cap_iovas.nr_iovas++;
407d624d665SJason Gunthorpe }
408d624d665SJason Gunthorpe if (avail >= struct_size(&cap_iovas, iova_ranges, cap_iovas.nr_iovas) &&
409d624d665SJason Gunthorpe copy_to_user(ucap_iovas, &cap_iovas, sizeof(cap_iovas)))
410d624d665SJason Gunthorpe return -EFAULT;
411d624d665SJason Gunthorpe return struct_size(&cap_iovas, iova_ranges, cap_iovas.nr_iovas);
412d624d665SJason Gunthorpe }
413d624d665SJason Gunthorpe
iommufd_fill_cap_dma_avail(struct iommufd_ioas * ioas,struct vfio_info_cap_header __user * cur,size_t avail)414d624d665SJason Gunthorpe static int iommufd_fill_cap_dma_avail(struct iommufd_ioas *ioas,
415d624d665SJason Gunthorpe struct vfio_info_cap_header __user *cur,
416d624d665SJason Gunthorpe size_t avail)
417d624d665SJason Gunthorpe {
418d624d665SJason Gunthorpe struct vfio_iommu_type1_info_dma_avail cap_dma = {
419d624d665SJason Gunthorpe .header = {
420d624d665SJason Gunthorpe .id = VFIO_IOMMU_TYPE1_INFO_DMA_AVAIL,
421d624d665SJason Gunthorpe .version = 1,
422d624d665SJason Gunthorpe },
423d624d665SJason Gunthorpe /*
424d624d665SJason Gunthorpe * iommufd's limit is based on the cgroup's memory limit.
425d624d665SJason Gunthorpe * Normally vfio would return U16_MAX here, and provide a module
426d624d665SJason Gunthorpe * parameter to adjust it. Since S390 qemu userspace actually
427d624d665SJason Gunthorpe * pays attention and needs a value bigger than U16_MAX return
428d624d665SJason Gunthorpe * U32_MAX.
429d624d665SJason Gunthorpe */
430d624d665SJason Gunthorpe .avail = U32_MAX,
431d624d665SJason Gunthorpe };
432d624d665SJason Gunthorpe
433d624d665SJason Gunthorpe if (avail >= sizeof(cap_dma) &&
434d624d665SJason Gunthorpe copy_to_user(cur, &cap_dma, sizeof(cap_dma)))
435d624d665SJason Gunthorpe return -EFAULT;
436d624d665SJason Gunthorpe return sizeof(cap_dma);
437d624d665SJason Gunthorpe }
438d624d665SJason Gunthorpe
iommufd_vfio_iommu_get_info(struct iommufd_ctx * ictx,void __user * arg)439d624d665SJason Gunthorpe static int iommufd_vfio_iommu_get_info(struct iommufd_ctx *ictx,
440d624d665SJason Gunthorpe void __user *arg)
441d624d665SJason Gunthorpe {
442d624d665SJason Gunthorpe typedef int (*fill_cap_fn)(struct iommufd_ioas *ioas,
443d624d665SJason Gunthorpe struct vfio_info_cap_header __user *cur,
444d624d665SJason Gunthorpe size_t avail);
445d624d665SJason Gunthorpe static const fill_cap_fn fill_fns[] = {
446d624d665SJason Gunthorpe iommufd_fill_cap_dma_avail,
447d624d665SJason Gunthorpe iommufd_fill_cap_iova,
448d624d665SJason Gunthorpe };
449d624d665SJason Gunthorpe size_t minsz = offsetofend(struct vfio_iommu_type1_info, iova_pgsizes);
450d624d665SJason Gunthorpe struct vfio_info_cap_header __user *last_cap = NULL;
451b3551eadSJason Gunthorpe struct vfio_iommu_type1_info info = {};
452d624d665SJason Gunthorpe struct iommufd_ioas *ioas;
453d624d665SJason Gunthorpe size_t total_cap_size;
454d624d665SJason Gunthorpe int rc;
455d624d665SJason Gunthorpe int i;
456d624d665SJason Gunthorpe
457d624d665SJason Gunthorpe if (copy_from_user(&info, arg, minsz))
458d624d665SJason Gunthorpe return -EFAULT;
459d624d665SJason Gunthorpe
460d624d665SJason Gunthorpe if (info.argsz < minsz)
461d624d665SJason Gunthorpe return -EINVAL;
462d624d665SJason Gunthorpe minsz = min_t(size_t, info.argsz, sizeof(info));
463d624d665SJason Gunthorpe
464d624d665SJason Gunthorpe ioas = get_compat_ioas(ictx);
465d624d665SJason Gunthorpe if (IS_ERR(ioas))
466d624d665SJason Gunthorpe return PTR_ERR(ioas);
467d624d665SJason Gunthorpe
468d624d665SJason Gunthorpe info.flags = VFIO_IOMMU_INFO_PGSIZES;
469d624d665SJason Gunthorpe info.iova_pgsizes = iommufd_get_pagesizes(ioas);
470d624d665SJason Gunthorpe info.cap_offset = 0;
471d624d665SJason Gunthorpe
472d624d665SJason Gunthorpe down_read(&ioas->iopt.iova_rwsem);
473d624d665SJason Gunthorpe total_cap_size = sizeof(info);
474d624d665SJason Gunthorpe for (i = 0; i != ARRAY_SIZE(fill_fns); i++) {
475d624d665SJason Gunthorpe int cap_size;
476d624d665SJason Gunthorpe
477d624d665SJason Gunthorpe if (info.argsz > total_cap_size)
478d624d665SJason Gunthorpe cap_size = fill_fns[i](ioas, arg + total_cap_size,
479d624d665SJason Gunthorpe info.argsz - total_cap_size);
480d624d665SJason Gunthorpe else
481d624d665SJason Gunthorpe cap_size = fill_fns[i](ioas, NULL, 0);
482d624d665SJason Gunthorpe if (cap_size < 0) {
483d624d665SJason Gunthorpe rc = cap_size;
484d624d665SJason Gunthorpe goto out_put;
485d624d665SJason Gunthorpe }
486*a881b496SStefan Hajnoczi cap_size = ALIGN(cap_size, sizeof(u64));
487*a881b496SStefan Hajnoczi
488d624d665SJason Gunthorpe if (last_cap && info.argsz >= total_cap_size &&
489d624d665SJason Gunthorpe put_user(total_cap_size, &last_cap->next)) {
490d624d665SJason Gunthorpe rc = -EFAULT;
491d624d665SJason Gunthorpe goto out_put;
492d624d665SJason Gunthorpe }
493d624d665SJason Gunthorpe last_cap = arg + total_cap_size;
494d624d665SJason Gunthorpe total_cap_size += cap_size;
495d624d665SJason Gunthorpe }
496d624d665SJason Gunthorpe
497d624d665SJason Gunthorpe /*
498d624d665SJason Gunthorpe * If the user did not provide enough space then only some caps are
499d624d665SJason Gunthorpe * returned and the argsz will be updated to the correct amount to get
500d624d665SJason Gunthorpe * all caps.
501d624d665SJason Gunthorpe */
502d624d665SJason Gunthorpe if (info.argsz >= total_cap_size)
503d624d665SJason Gunthorpe info.cap_offset = sizeof(info);
504d624d665SJason Gunthorpe info.argsz = total_cap_size;
505d624d665SJason Gunthorpe info.flags |= VFIO_IOMMU_INFO_CAPS;
506d624d665SJason Gunthorpe if (copy_to_user(arg, &info, minsz)) {
507d624d665SJason Gunthorpe rc = -EFAULT;
508d624d665SJason Gunthorpe goto out_put;
509d624d665SJason Gunthorpe }
510d624d665SJason Gunthorpe rc = 0;
511d624d665SJason Gunthorpe
512d624d665SJason Gunthorpe out_put:
513d624d665SJason Gunthorpe up_read(&ioas->iopt.iova_rwsem);
514d624d665SJason Gunthorpe iommufd_put_object(&ioas->obj);
515d624d665SJason Gunthorpe return rc;
516d624d665SJason Gunthorpe }
517d624d665SJason Gunthorpe
iommufd_vfio_ioctl(struct iommufd_ctx * ictx,unsigned int cmd,unsigned long arg)518d624d665SJason Gunthorpe int iommufd_vfio_ioctl(struct iommufd_ctx *ictx, unsigned int cmd,
519d624d665SJason Gunthorpe unsigned long arg)
520d624d665SJason Gunthorpe {
521d624d665SJason Gunthorpe void __user *uarg = (void __user *)arg;
522d624d665SJason Gunthorpe
523d624d665SJason Gunthorpe switch (cmd) {
524d624d665SJason Gunthorpe case VFIO_GET_API_VERSION:
525d624d665SJason Gunthorpe return VFIO_API_VERSION;
526d624d665SJason Gunthorpe case VFIO_SET_IOMMU:
527d624d665SJason Gunthorpe return iommufd_vfio_set_iommu(ictx, arg);
528d624d665SJason Gunthorpe case VFIO_CHECK_EXTENSION:
529d624d665SJason Gunthorpe return iommufd_vfio_check_extension(ictx, arg);
530d624d665SJason Gunthorpe case VFIO_IOMMU_GET_INFO:
531d624d665SJason Gunthorpe return iommufd_vfio_iommu_get_info(ictx, uarg);
532d624d665SJason Gunthorpe case VFIO_IOMMU_MAP_DMA:
533d624d665SJason Gunthorpe return iommufd_vfio_map_dma(ictx, cmd, uarg);
534d624d665SJason Gunthorpe case VFIO_IOMMU_UNMAP_DMA:
535d624d665SJason Gunthorpe return iommufd_vfio_unmap_dma(ictx, cmd, uarg);
536d624d665SJason Gunthorpe case VFIO_IOMMU_DIRTY_PAGES:
537d624d665SJason Gunthorpe default:
538d624d665SJason Gunthorpe return -ENOIOCTLCMD;
539d624d665SJason Gunthorpe }
540d624d665SJason Gunthorpe return -ENOIOCTLCMD;
541d624d665SJason Gunthorpe }
542