Commit | Line | Data |
---|---|---|
54cf91dc CW |
1 | /* |
2 | * Copyright © 2008,2010 Intel Corporation | |
3 | * | |
4 | * Permission is hereby granted, free of charge, to any person obtaining a | |
5 | * copy of this software and associated documentation files (the "Software"), | |
6 | * to deal in the Software without restriction, including without limitation | |
7 | * the rights to use, copy, modify, merge, publish, distribute, sublicense, | |
8 | * and/or sell copies of the Software, and to permit persons to whom the | |
9 | * Software is furnished to do so, subject to the following conditions: | |
10 | * | |
11 | * The above copyright notice and this permission notice (including the next | |
12 | * paragraph) shall be included in all copies or substantial portions of the | |
13 | * Software. | |
14 | * | |
15 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR | |
16 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, | |
17 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL | |
18 | * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER | |
19 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING | |
20 | * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS | |
21 | * IN THE SOFTWARE. | |
22 | * | |
23 | * Authors: | |
24 | * Eric Anholt <eric@anholt.net> | |
25 | * Chris Wilson <chris@chris-wilson.co.uk> | |
26 | * | |
27 | */ | |
28 | ||
daedaa33 | 29 | #include <linux/intel-iommu.h> |
ad778f89 | 30 | #include <linux/reservation.h> |
fec0445c | 31 | #include <linux/sync_file.h> |
ad778f89 CW |
32 | #include <linux/uaccess.h> |
33 | ||
cf6e7bac | 34 | #include <drm/drm_syncobj.h> |
760285e7 | 35 | #include <drm/i915_drm.h> |
ad778f89 | 36 | |
afa13085 | 37 | #include "gem/i915_gem_ioctls.h" |
8f2a1057 CW |
38 | #include "gt/intel_gt_pm.h" |
39 | ||
54cf91dc | 40 | #include "i915_drv.h" |
57822dc6 | 41 | #include "i915_gem_clflush.h" |
54cf91dc CW |
42 | #include "i915_trace.h" |
43 | #include "intel_drv.h" | |
5d723d7a | 44 | #include "intel_frontbuffer.h" |
54cf91dc | 45 | |
7dd4f672 CW |
46 | enum { |
47 | FORCE_CPU_RELOC = 1, | |
48 | FORCE_GTT_RELOC, | |
49 | FORCE_GPU_RELOC, | |
50 | #define DBG_FORCE_RELOC 0 /* choose one of the above! */ | |
51 | }; | |
d50415cc | 52 | |
dade2a61 CW |
53 | #define __EXEC_OBJECT_HAS_REF BIT(31) |
54 | #define __EXEC_OBJECT_HAS_PIN BIT(30) | |
55 | #define __EXEC_OBJECT_HAS_FENCE BIT(29) | |
56 | #define __EXEC_OBJECT_NEEDS_MAP BIT(28) | |
57 | #define __EXEC_OBJECT_NEEDS_BIAS BIT(27) | |
58 | #define __EXEC_OBJECT_INTERNAL_FLAGS (~0u << 27) /* all of the above */ | |
2889caa9 CW |
59 | #define __EXEC_OBJECT_RESERVED (__EXEC_OBJECT_HAS_PIN | __EXEC_OBJECT_HAS_FENCE) |
60 | ||
61 | #define __EXEC_HAS_RELOC BIT(31) | |
62 | #define __EXEC_VALIDATED BIT(30) | |
74c1c694 | 63 | #define __EXEC_INTERNAL_FLAGS (~0u << 30) |
2889caa9 | 64 | #define UPDATE PIN_OFFSET_FIXED |
d23db88c CW |
65 | |
66 | #define BATCH_OFFSET_BIAS (256*1024) | |
a415d355 | 67 | |
650bc635 | 68 | #define __I915_EXEC_ILLEGAL_FLAGS \ |
08e3e21a LDM |
69 | (__I915_EXEC_UNKNOWN_FLAGS | \ |
70 | I915_EXEC_CONSTANTS_MASK | \ | |
71 | I915_EXEC_RESOURCE_STREAMER) | |
5b043f4e | 72 | |
d20ac620 CW |
73 | /* Catch emission of unexpected errors for CI! */ |
74 | #if IS_ENABLED(CONFIG_DRM_I915_DEBUG_GEM) | |
75 | #undef EINVAL | |
76 | #define EINVAL ({ \ | |
77 | DRM_DEBUG_DRIVER("EINVAL at %s:%d\n", __func__, __LINE__); \ | |
78 | 22; \ | |
79 | }) | |
80 | #endif | |
81 | ||
2889caa9 CW |
82 | /** |
83 | * DOC: User command execution | |
84 | * | |
85 | * Userspace submits commands to be executed on the GPU as an instruction | |
86 | * stream within a GEM object we call a batchbuffer. This instructions may | |
87 | * refer to other GEM objects containing auxiliary state such as kernels, | |
88 | * samplers, render targets and even secondary batchbuffers. Userspace does | |
89 | * not know where in the GPU memory these objects reside and so before the | |
90 | * batchbuffer is passed to the GPU for execution, those addresses in the | |
91 | * batchbuffer and auxiliary objects are updated. This is known as relocation, | |
92 | * or patching. To try and avoid having to relocate each object on the next | |
93 | * execution, userspace is told the location of those objects in this pass, | |
94 | * but this remains just a hint as the kernel may choose a new location for | |
95 | * any object in the future. | |
96 | * | |
99d7e4ee KR |
97 | * At the level of talking to the hardware, submitting a batchbuffer for the |
98 | * GPU to execute is to add content to a buffer from which the HW | |
99 | * command streamer is reading. | |
100 | * | |
101 | * 1. Add a command to load the HW context. For Logical Ring Contexts, i.e. | |
102 | * Execlists, this command is not placed on the same buffer as the | |
103 | * remaining items. | |
104 | * | |
105 | * 2. Add a command to invalidate caches to the buffer. | |
106 | * | |
107 | * 3. Add a batchbuffer start command to the buffer; the start command is | |
108 | * essentially a token together with the GPU address of the batchbuffer | |
109 | * to be executed. | |
110 | * | |
111 | * 4. Add a pipeline flush to the buffer. | |
112 | * | |
113 | * 5. Add a memory write command to the buffer to record when the GPU | |
114 | * is done executing the batchbuffer. The memory write writes the | |
115 | * global sequence number of the request, ``i915_request::global_seqno``; | |
116 | * the i915 driver uses the current value in the register to determine | |
117 | * if the GPU has completed the batchbuffer. | |
118 | * | |
119 | * 6. Add a user interrupt command to the buffer. This command instructs | |
120 | * the GPU to issue an interrupt when the command, pipeline flush and | |
121 | * memory write are completed. | |
122 | * | |
123 | * 7. Inform the hardware of the additional commands added to the buffer | |
124 | * (by updating the tail pointer). | |
125 | * | |
2889caa9 CW |
126 | * Processing an execbuf ioctl is conceptually split up into a few phases. |
127 | * | |
128 | * 1. Validation - Ensure all the pointers, handles and flags are valid. | |
129 | * 2. Reservation - Assign GPU address space for every object | |
130 | * 3. Relocation - Update any addresses to point to the final locations | |
131 | * 4. Serialisation - Order the request with respect to its dependencies | |
132 | * 5. Construction - Construct a request to execute the batchbuffer | |
133 | * 6. Submission (at some point in the future execution) | |
134 | * | |
135 | * Reserving resources for the execbuf is the most complicated phase. We | |
136 | * neither want to have to migrate the object in the address space, nor do | |
137 | * we want to have to update any relocations pointing to this object. Ideally, | |
138 | * we want to leave the object where it is and for all the existing relocations | |
139 | * to match. If the object is given a new address, or if userspace thinks the | |
140 | * object is elsewhere, we have to parse all the relocation entries and update | |
141 | * the addresses. Userspace can set the I915_EXEC_NORELOC flag to hint that | |
142 | * all the target addresses in all of its objects match the value in the | |
143 | * relocation entries and that they all match the presumed offsets given by the | |
144 | * list of execbuffer objects. Using this knowledge, we know that if we haven't | |
145 | * moved any buffers, all the relocation entries are valid and we can skip | |
146 | * the update. (If userspace is wrong, the likely outcome is an impromptu GPU | |
147 | * hang.) The requirement for using I915_EXEC_NO_RELOC are: | |
148 | * | |
149 | * The addresses written in the objects must match the corresponding | |
150 | * reloc.presumed_offset which in turn must match the corresponding | |
151 | * execobject.offset. | |
152 | * | |
153 | * Any render targets written to in the batch must be flagged with | |
154 | * EXEC_OBJECT_WRITE. | |
155 | * | |
156 | * To avoid stalling, execobject.offset should match the current | |
157 | * address of that object within the active context. | |
158 | * | |
159 | * The reservation is done is multiple phases. First we try and keep any | |
160 | * object already bound in its current location - so as long as meets the | |
161 | * constraints imposed by the new execbuffer. Any object left unbound after the | |
162 | * first pass is then fitted into any available idle space. If an object does | |
163 | * not fit, all objects are removed from the reservation and the process rerun | |
164 | * after sorting the objects into a priority order (more difficult to fit | |
165 | * objects are tried first). Failing that, the entire VM is cleared and we try | |
166 | * to fit the execbuf once last time before concluding that it simply will not | |
167 | * fit. | |
168 | * | |
169 | * A small complication to all of this is that we allow userspace not only to | |
170 | * specify an alignment and a size for the object in the address space, but | |
171 | * we also allow userspace to specify the exact offset. This objects are | |
172 | * simpler to place (the location is known a priori) all we have to do is make | |
173 | * sure the space is available. | |
174 | * | |
175 | * Once all the objects are in place, patching up the buried pointers to point | |
176 | * to the final locations is a fairly simple job of walking over the relocation | |
177 | * entry arrays, looking up the right address and rewriting the value into | |
178 | * the object. Simple! ... The relocation entries are stored in user memory | |
179 | * and so to access them we have to copy them into a local buffer. That copy | |
180 | * has to avoid taking any pagefaults as they may lead back to a GEM object | |
181 | * requiring the struct_mutex (i.e. recursive deadlock). So once again we split | |
182 | * the relocation into multiple passes. First we try to do everything within an | |
183 | * atomic context (avoid the pagefaults) which requires that we never wait. If | |
184 | * we detect that we may wait, or if we need to fault, then we have to fallback | |
185 | * to a slower path. The slowpath has to drop the mutex. (Can you hear alarm | |
186 | * bells yet?) Dropping the mutex means that we lose all the state we have | |
187 | * built up so far for the execbuf and we must reset any global data. However, | |
188 | * we do leave the objects pinned in their final locations - which is a | |
189 | * potential issue for concurrent execbufs. Once we have left the mutex, we can | |
190 | * allocate and copy all the relocation entries into a large array at our | |
191 | * leisure, reacquire the mutex, reclaim all the objects and other state and | |
192 | * then proceed to update any incorrect addresses with the objects. | |
193 | * | |
194 | * As we process the relocation entries, we maintain a record of whether the | |
195 | * object is being written to. Using NORELOC, we expect userspace to provide | |
196 | * this information instead. We also check whether we can skip the relocation | |
197 | * by comparing the expected value inside the relocation entry with the target's | |
198 | * final address. If they differ, we have to map the current object and rewrite | |
199 | * the 4 or 8 byte pointer within. | |
200 | * | |
201 | * Serialising an execbuf is quite simple according to the rules of the GEM | |
202 | * ABI. Execution within each context is ordered by the order of submission. | |
203 | * Writes to any GEM object are in order of submission and are exclusive. Reads | |
204 | * from a GEM object are unordered with respect to other reads, but ordered by | |
205 | * writes. A write submitted after a read cannot occur before the read, and | |
206 | * similarly any read submitted after a write cannot occur before the write. | |
207 | * Writes are ordered between engines such that only one write occurs at any | |
208 | * time (completing any reads beforehand) - using semaphores where available | |
209 | * and CPU serialisation otherwise. Other GEM access obey the same rules, any | |
210 | * write (either via mmaps using set-domain, or via pwrite) must flush all GPU | |
211 | * reads before starting, and any read (either using set-domain or pread) must | |
212 | * flush all GPU writes before starting. (Note we only employ a barrier before, | |
213 | * we currently rely on userspace not concurrently starting a new execution | |
214 | * whilst reading or writing to an object. This may be an advantage or not | |
215 | * depending on how much you trust userspace not to shoot themselves in the | |
216 | * foot.) Serialisation may just result in the request being inserted into | |
217 | * a DAG awaiting its turn, but most simple is to wait on the CPU until | |
218 | * all dependencies are resolved. | |
219 | * | |
220 | * After all of that, is just a matter of closing the request and handing it to | |
221 | * the hardware (well, leaving it in a queue to be executed). However, we also | |
222 | * offer the ability for batchbuffers to be run with elevated privileges so | |
223 | * that they access otherwise hidden registers. (Used to adjust L3 cache etc.) | |
224 | * Before any batch is given extra privileges we first must check that it | |
225 | * contains no nefarious instructions, we check that each instruction is from | |
226 | * our whitelist and all registers are also from an allowed list. We first | |
227 | * copy the user's batchbuffer to a shadow (so that the user doesn't have | |
228 | * access to it, either by the CPU or GPU as we scan it) and then parse each | |
229 | * instruction. If everything is ok, we set a flag telling the hardware to run | |
230 | * the batchbuffer in trusted mode, otherwise the ioctl is rejected. | |
231 | */ | |
232 | ||
650bc635 | 233 | struct i915_execbuffer { |
2889caa9 CW |
234 | struct drm_i915_private *i915; /** i915 backpointer */ |
235 | struct drm_file *file; /** per-file lookup tables and limits */ | |
236 | struct drm_i915_gem_execbuffer2 *args; /** ioctl parameters */ | |
237 | struct drm_i915_gem_exec_object2 *exec; /** ioctl execobj[] */ | |
c7c6e46f CW |
238 | struct i915_vma **vma; |
239 | unsigned int *flags; | |
2889caa9 CW |
240 | |
241 | struct intel_engine_cs *engine; /** engine to queue the request to */ | |
8f2a1057 CW |
242 | struct intel_context *context; /* logical state for the request */ |
243 | struct i915_gem_context *gem_context; /** caller's context */ | |
2889caa9 CW |
244 | struct i915_address_space *vm; /** GTT and vma for the request */ |
245 | ||
e61e0f51 | 246 | struct i915_request *request; /** our request to build */ |
2889caa9 CW |
247 | struct i915_vma *batch; /** identity of the batch obj/vma */ |
248 | ||
249 | /** actual size of execobj[] as we may extend it for the cmdparser */ | |
250 | unsigned int buffer_count; | |
251 | ||
252 | /** list of vma not yet bound during reservation phase */ | |
253 | struct list_head unbound; | |
254 | ||
255 | /** list of vma that have execobj.relocation_count */ | |
256 | struct list_head relocs; | |
257 | ||
258 | /** | |
259 | * Track the most recently used object for relocations, as we | |
260 | * frequently have to perform multiple relocations within the same | |
261 | * obj/page | |
262 | */ | |
650bc635 | 263 | struct reloc_cache { |
2889caa9 CW |
264 | struct drm_mm_node node; /** temporary GTT binding */ |
265 | unsigned long vaddr; /** Current kmap address */ | |
266 | unsigned long page; /** Currently mapped page index */ | |
7dd4f672 | 267 | unsigned int gen; /** Cached value of INTEL_GEN */ |
650bc635 | 268 | bool use_64bit_reloc : 1; |
2889caa9 CW |
269 | bool has_llc : 1; |
270 | bool has_fence : 1; | |
271 | bool needs_unfenced : 1; | |
7dd4f672 | 272 | |
e61e0f51 | 273 | struct i915_request *rq; |
7dd4f672 CW |
274 | u32 *rq_cmd; |
275 | unsigned int rq_size; | |
650bc635 | 276 | } reloc_cache; |
2889caa9 CW |
277 | |
278 | u64 invalid_flags; /** Set of execobj.flags that are invalid */ | |
279 | u32 context_flags; /** Set of execobj.flags to insert from the ctx */ | |
280 | ||
281 | u32 batch_start_offset; /** Location within object of batch */ | |
282 | u32 batch_len; /** Length of batch within object */ | |
283 | u32 batch_flags; /** Flags composed for emit_bb_start() */ | |
284 | ||
285 | /** | |
286 | * Indicate either the size of the hastable used to resolve | |
287 | * relocation handles, or if negative that we are using a direct | |
288 | * index into the execobj[]. | |
289 | */ | |
290 | int lut_size; | |
291 | struct hlist_head *buckets; /** ht for relocation handles */ | |
67731b87 CW |
292 | }; |
293 | ||
c7c6e46f | 294 | #define exec_entry(EB, VMA) (&(EB)->exec[(VMA)->exec_flags - (EB)->flags]) |
4ff4b44c | 295 | |
2889caa9 CW |
296 | /* |
297 | * Used to convert any address to canonical form. | |
298 | * Starting from gen8, some commands (e.g. STATE_BASE_ADDRESS, | |
299 | * MI_LOAD_REGISTER_MEM and others, see Broadwell PRM Vol2a) require the | |
300 | * addresses to be in a canonical form: | |
301 | * "GraphicsAddress[63:48] are ignored by the HW and assumed to be in correct | |
302 | * canonical form [63:48] == [47]." | |
303 | */ | |
304 | #define GEN8_HIGH_ADDRESS_BIT 47 | |
305 | static inline u64 gen8_canonical_addr(u64 address) | |
306 | { | |
307 | return sign_extend64(address, GEN8_HIGH_ADDRESS_BIT); | |
308 | } | |
309 | ||
310 | static inline u64 gen8_noncanonical_addr(u64 address) | |
311 | { | |
312 | return address & GENMASK_ULL(GEN8_HIGH_ADDRESS_BIT, 0); | |
313 | } | |
314 | ||
3dbf26ed CW |
315 | static inline bool eb_use_cmdparser(const struct i915_execbuffer *eb) |
316 | { | |
439e2ee4 | 317 | return intel_engine_needs_cmd_parser(eb->engine) && eb->batch_len; |
3dbf26ed CW |
318 | } |
319 | ||
650bc635 | 320 | static int eb_create(struct i915_execbuffer *eb) |
67731b87 | 321 | { |
2889caa9 CW |
322 | if (!(eb->args->flags & I915_EXEC_HANDLE_LUT)) { |
323 | unsigned int size = 1 + ilog2(eb->buffer_count); | |
4ff4b44c | 324 | |
2889caa9 CW |
325 | /* |
326 | * Without a 1:1 association between relocation handles and | |
327 | * the execobject[] index, we instead create a hashtable. | |
328 | * We size it dynamically based on available memory, starting | |
329 | * first with 1:1 assocative hash and scaling back until | |
330 | * the allocation succeeds. | |
331 | * | |
332 | * Later on we use a positive lut_size to indicate we are | |
333 | * using this hashtable, and a negative value to indicate a | |
334 | * direct lookup. | |
335 | */ | |
4ff4b44c | 336 | do { |
0d95c883 | 337 | gfp_t flags; |
4d470f73 CW |
338 | |
339 | /* While we can still reduce the allocation size, don't | |
340 | * raise a warning and allow the allocation to fail. | |
341 | * On the last pass though, we want to try as hard | |
342 | * as possible to perform the allocation and warn | |
343 | * if it fails. | |
344 | */ | |
0ee931c4 | 345 | flags = GFP_KERNEL; |
4d470f73 CW |
346 | if (size > 1) |
347 | flags |= __GFP_NORETRY | __GFP_NOWARN; | |
348 | ||
4ff4b44c | 349 | eb->buckets = kzalloc(sizeof(struct hlist_head) << size, |
4d470f73 | 350 | flags); |
4ff4b44c CW |
351 | if (eb->buckets) |
352 | break; | |
353 | } while (--size); | |
354 | ||
4d470f73 CW |
355 | if (unlikely(!size)) |
356 | return -ENOMEM; | |
eef90ccb | 357 | |
2889caa9 | 358 | eb->lut_size = size; |
650bc635 | 359 | } else { |
2889caa9 | 360 | eb->lut_size = -eb->buffer_count; |
650bc635 | 361 | } |
eef90ccb | 362 | |
650bc635 | 363 | return 0; |
67731b87 CW |
364 | } |
365 | ||
2889caa9 CW |
366 | static bool |
367 | eb_vma_misplaced(const struct drm_i915_gem_exec_object2 *entry, | |
c7c6e46f CW |
368 | const struct i915_vma *vma, |
369 | unsigned int flags) | |
2889caa9 | 370 | { |
2889caa9 CW |
371 | if (vma->node.size < entry->pad_to_size) |
372 | return true; | |
373 | ||
374 | if (entry->alignment && !IS_ALIGNED(vma->node.start, entry->alignment)) | |
375 | return true; | |
376 | ||
c7c6e46f | 377 | if (flags & EXEC_OBJECT_PINNED && |
2889caa9 CW |
378 | vma->node.start != entry->offset) |
379 | return true; | |
380 | ||
c7c6e46f | 381 | if (flags & __EXEC_OBJECT_NEEDS_BIAS && |
2889caa9 CW |
382 | vma->node.start < BATCH_OFFSET_BIAS) |
383 | return true; | |
384 | ||
c7c6e46f | 385 | if (!(flags & EXEC_OBJECT_SUPPORTS_48B_ADDRESS) && |
2889caa9 CW |
386 | (vma->node.start + vma->node.size - 1) >> 32) |
387 | return true; | |
388 | ||
1d033beb CW |
389 | if (flags & __EXEC_OBJECT_NEEDS_MAP && |
390 | !i915_vma_is_map_and_fenceable(vma)) | |
391 | return true; | |
392 | ||
2889caa9 CW |
393 | return false; |
394 | } | |
395 | ||
c7c6e46f | 396 | static inline bool |
2889caa9 | 397 | eb_pin_vma(struct i915_execbuffer *eb, |
c7c6e46f | 398 | const struct drm_i915_gem_exec_object2 *entry, |
2889caa9 CW |
399 | struct i915_vma *vma) |
400 | { | |
c7c6e46f CW |
401 | unsigned int exec_flags = *vma->exec_flags; |
402 | u64 pin_flags; | |
2889caa9 | 403 | |
616d9cee | 404 | if (vma->node.size) |
c7c6e46f | 405 | pin_flags = vma->node.start; |
616d9cee | 406 | else |
c7c6e46f | 407 | pin_flags = entry->offset & PIN_OFFSET_MASK; |
616d9cee | 408 | |
c7c6e46f CW |
409 | pin_flags |= PIN_USER | PIN_NOEVICT | PIN_OFFSET_FIXED; |
410 | if (unlikely(exec_flags & EXEC_OBJECT_NEEDS_GTT)) | |
411 | pin_flags |= PIN_GLOBAL; | |
616d9cee | 412 | |
c7c6e46f CW |
413 | if (unlikely(i915_vma_pin(vma, 0, 0, pin_flags))) |
414 | return false; | |
2889caa9 | 415 | |
c7c6e46f | 416 | if (unlikely(exec_flags & EXEC_OBJECT_NEEDS_FENCE)) { |
3bd40735 | 417 | if (unlikely(i915_vma_pin_fence(vma))) { |
2889caa9 | 418 | i915_vma_unpin(vma); |
c7c6e46f | 419 | return false; |
2889caa9 CW |
420 | } |
421 | ||
3bd40735 | 422 | if (vma->fence) |
c7c6e46f | 423 | exec_flags |= __EXEC_OBJECT_HAS_FENCE; |
2889caa9 CW |
424 | } |
425 | ||
c7c6e46f CW |
426 | *vma->exec_flags = exec_flags | __EXEC_OBJECT_HAS_PIN; |
427 | return !eb_vma_misplaced(entry, vma, exec_flags); | |
2889caa9 CW |
428 | } |
429 | ||
c7c6e46f | 430 | static inline void __eb_unreserve_vma(struct i915_vma *vma, unsigned int flags) |
d55495b4 | 431 | { |
c7c6e46f | 432 | GEM_BUG_ON(!(flags & __EXEC_OBJECT_HAS_PIN)); |
2889caa9 | 433 | |
c7c6e46f | 434 | if (unlikely(flags & __EXEC_OBJECT_HAS_FENCE)) |
3bd40735 | 435 | __i915_vma_unpin_fence(vma); |
d55495b4 | 436 | |
2889caa9 | 437 | __i915_vma_unpin(vma); |
d55495b4 CW |
438 | } |
439 | ||
2889caa9 | 440 | static inline void |
c7c6e46f | 441 | eb_unreserve_vma(struct i915_vma *vma, unsigned int *flags) |
d55495b4 | 442 | { |
c7c6e46f | 443 | if (!(*flags & __EXEC_OBJECT_HAS_PIN)) |
2889caa9 | 444 | return; |
d55495b4 | 445 | |
c7c6e46f CW |
446 | __eb_unreserve_vma(vma, *flags); |
447 | *flags &= ~__EXEC_OBJECT_RESERVED; | |
d55495b4 CW |
448 | } |
449 | ||
2889caa9 CW |
450 | static int |
451 | eb_validate_vma(struct i915_execbuffer *eb, | |
452 | struct drm_i915_gem_exec_object2 *entry, | |
453 | struct i915_vma *vma) | |
67731b87 | 454 | { |
2889caa9 CW |
455 | if (unlikely(entry->flags & eb->invalid_flags)) |
456 | return -EINVAL; | |
d55495b4 | 457 | |
2889caa9 CW |
458 | if (unlikely(entry->alignment && !is_power_of_2(entry->alignment))) |
459 | return -EINVAL; | |
460 | ||
461 | /* | |
462 | * Offset can be used as input (EXEC_OBJECT_PINNED), reject | |
463 | * any non-page-aligned or non-canonical addresses. | |
464 | */ | |
465 | if (unlikely(entry->flags & EXEC_OBJECT_PINNED && | |
6fc4e48f | 466 | entry->offset != gen8_canonical_addr(entry->offset & I915_GTT_PAGE_MASK))) |
2889caa9 CW |
467 | return -EINVAL; |
468 | ||
469 | /* pad_to_size was once a reserved field, so sanitize it */ | |
470 | if (entry->flags & EXEC_OBJECT_PAD_TO_SIZE) { | |
471 | if (unlikely(offset_in_page(entry->pad_to_size))) | |
472 | return -EINVAL; | |
473 | } else { | |
474 | entry->pad_to_size = 0; | |
d55495b4 CW |
475 | } |
476 | ||
c7c6e46f | 477 | if (unlikely(vma->exec_flags)) { |
2889caa9 CW |
478 | DRM_DEBUG("Object [handle %d, index %d] appears more than once in object list\n", |
479 | entry->handle, (int)(entry - eb->exec)); | |
480 | return -EINVAL; | |
481 | } | |
482 | ||
483 | /* | |
484 | * From drm_mm perspective address space is continuous, | |
485 | * so from this point we're always using non-canonical | |
486 | * form internally. | |
487 | */ | |
488 | entry->offset = gen8_noncanonical_addr(entry->offset); | |
489 | ||
c7c6e46f CW |
490 | if (!eb->reloc_cache.has_fence) { |
491 | entry->flags &= ~EXEC_OBJECT_NEEDS_FENCE; | |
492 | } else { | |
493 | if ((entry->flags & EXEC_OBJECT_NEEDS_FENCE || | |
494 | eb->reloc_cache.needs_unfenced) && | |
495 | i915_gem_object_is_tiled(vma->obj)) | |
496 | entry->flags |= EXEC_OBJECT_NEEDS_GTT | __EXEC_OBJECT_NEEDS_MAP; | |
497 | } | |
498 | ||
499 | if (!(entry->flags & EXEC_OBJECT_PINNED)) | |
500 | entry->flags |= eb->context_flags; | |
501 | ||
2889caa9 | 502 | return 0; |
67731b87 CW |
503 | } |
504 | ||
2889caa9 | 505 | static int |
746c8f14 CW |
506 | eb_add_vma(struct i915_execbuffer *eb, |
507 | unsigned int i, unsigned batch_idx, | |
508 | struct i915_vma *vma) | |
59bfa124 | 509 | { |
c7c6e46f | 510 | struct drm_i915_gem_exec_object2 *entry = &eb->exec[i]; |
2889caa9 CW |
511 | int err; |
512 | ||
513 | GEM_BUG_ON(i915_vma_is_closed(vma)); | |
514 | ||
515 | if (!(eb->args->flags & __EXEC_VALIDATED)) { | |
516 | err = eb_validate_vma(eb, entry, vma); | |
517 | if (unlikely(err)) | |
518 | return err; | |
4ff4b44c | 519 | } |
4ff4b44c | 520 | |
4d470f73 | 521 | if (eb->lut_size > 0) { |
2889caa9 | 522 | vma->exec_handle = entry->handle; |
4ff4b44c | 523 | hlist_add_head(&vma->exec_node, |
2889caa9 CW |
524 | &eb->buckets[hash_32(entry->handle, |
525 | eb->lut_size)]); | |
4ff4b44c | 526 | } |
59bfa124 | 527 | |
2889caa9 CW |
528 | if (entry->relocation_count) |
529 | list_add_tail(&vma->reloc_link, &eb->relocs); | |
530 | ||
2889caa9 CW |
531 | /* |
532 | * Stash a pointer from the vma to execobj, so we can query its flags, | |
533 | * size, alignment etc as provided by the user. Also we stash a pointer | |
534 | * to the vma inside the execobj so that we can use a direct lookup | |
535 | * to find the right target VMA when doing relocations. | |
536 | */ | |
c7c6e46f | 537 | eb->vma[i] = vma; |
d1b48c1e | 538 | eb->flags[i] = entry->flags; |
c7c6e46f | 539 | vma->exec_flags = &eb->flags[i]; |
2889caa9 | 540 | |
746c8f14 CW |
541 | /* |
542 | * SNA is doing fancy tricks with compressing batch buffers, which leads | |
543 | * to negative relocation deltas. Usually that works out ok since the | |
544 | * relocate address is still positive, except when the batch is placed | |
545 | * very low in the GTT. Ensure this doesn't happen. | |
546 | * | |
547 | * Note that actual hangs have only been observed on gen7, but for | |
548 | * paranoia do it everywhere. | |
549 | */ | |
550 | if (i == batch_idx) { | |
827db9d8 CW |
551 | if (entry->relocation_count && |
552 | !(eb->flags[i] & EXEC_OBJECT_PINNED)) | |
746c8f14 CW |
553 | eb->flags[i] |= __EXEC_OBJECT_NEEDS_BIAS; |
554 | if (eb->reloc_cache.has_fence) | |
555 | eb->flags[i] |= EXEC_OBJECT_NEEDS_FENCE; | |
556 | ||
557 | eb->batch = vma; | |
558 | } | |
559 | ||
2889caa9 | 560 | err = 0; |
c7c6e46f | 561 | if (eb_pin_vma(eb, entry, vma)) { |
2889caa9 CW |
562 | if (entry->offset != vma->node.start) { |
563 | entry->offset = vma->node.start | UPDATE; | |
564 | eb->args->flags |= __EXEC_HAS_RELOC; | |
565 | } | |
c7c6e46f CW |
566 | } else { |
567 | eb_unreserve_vma(vma, vma->exec_flags); | |
568 | ||
569 | list_add_tail(&vma->exec_link, &eb->unbound); | |
570 | if (drm_mm_node_allocated(&vma->node)) | |
571 | err = i915_vma_unbind(vma); | |
ed2f3532 CW |
572 | if (unlikely(err)) |
573 | vma->exec_flags = NULL; | |
2889caa9 CW |
574 | } |
575 | return err; | |
576 | } | |
577 | ||
578 | static inline int use_cpu_reloc(const struct reloc_cache *cache, | |
579 | const struct drm_i915_gem_object *obj) | |
580 | { | |
581 | if (!i915_gem_object_has_struct_page(obj)) | |
582 | return false; | |
583 | ||
7dd4f672 CW |
584 | if (DBG_FORCE_RELOC == FORCE_CPU_RELOC) |
585 | return true; | |
586 | ||
587 | if (DBG_FORCE_RELOC == FORCE_GTT_RELOC) | |
588 | return false; | |
2889caa9 CW |
589 | |
590 | return (cache->has_llc || | |
591 | obj->cache_dirty || | |
592 | obj->cache_level != I915_CACHE_NONE); | |
593 | } | |
594 | ||
595 | static int eb_reserve_vma(const struct i915_execbuffer *eb, | |
596 | struct i915_vma *vma) | |
597 | { | |
c7c6e46f CW |
598 | struct drm_i915_gem_exec_object2 *entry = exec_entry(eb, vma); |
599 | unsigned int exec_flags = *vma->exec_flags; | |
600 | u64 pin_flags; | |
2889caa9 CW |
601 | int err; |
602 | ||
c7c6e46f CW |
603 | pin_flags = PIN_USER | PIN_NONBLOCK; |
604 | if (exec_flags & EXEC_OBJECT_NEEDS_GTT) | |
605 | pin_flags |= PIN_GLOBAL; | |
2889caa9 CW |
606 | |
607 | /* | |
608 | * Wa32bitGeneralStateOffset & Wa32bitInstructionBaseOffset, | |
609 | * limit address to the first 4GBs for unflagged objects. | |
610 | */ | |
c7c6e46f CW |
611 | if (!(exec_flags & EXEC_OBJECT_SUPPORTS_48B_ADDRESS)) |
612 | pin_flags |= PIN_ZONE_4G; | |
2889caa9 | 613 | |
c7c6e46f CW |
614 | if (exec_flags & __EXEC_OBJECT_NEEDS_MAP) |
615 | pin_flags |= PIN_MAPPABLE; | |
2889caa9 | 616 | |
c7c6e46f CW |
617 | if (exec_flags & EXEC_OBJECT_PINNED) { |
618 | pin_flags |= entry->offset | PIN_OFFSET_FIXED; | |
619 | pin_flags &= ~PIN_NONBLOCK; /* force overlapping checks */ | |
620 | } else if (exec_flags & __EXEC_OBJECT_NEEDS_BIAS) { | |
621 | pin_flags |= BATCH_OFFSET_BIAS | PIN_OFFSET_BIAS; | |
2889caa9 CW |
622 | } |
623 | ||
c7c6e46f CW |
624 | err = i915_vma_pin(vma, |
625 | entry->pad_to_size, entry->alignment, | |
626 | pin_flags); | |
2889caa9 CW |
627 | if (err) |
628 | return err; | |
629 | ||
630 | if (entry->offset != vma->node.start) { | |
631 | entry->offset = vma->node.start | UPDATE; | |
632 | eb->args->flags |= __EXEC_HAS_RELOC; | |
633 | } | |
634 | ||
c7c6e46f | 635 | if (unlikely(exec_flags & EXEC_OBJECT_NEEDS_FENCE)) { |
3bd40735 | 636 | err = i915_vma_pin_fence(vma); |
2889caa9 CW |
637 | if (unlikely(err)) { |
638 | i915_vma_unpin(vma); | |
639 | return err; | |
640 | } | |
641 | ||
3bd40735 | 642 | if (vma->fence) |
c7c6e46f | 643 | exec_flags |= __EXEC_OBJECT_HAS_FENCE; |
2889caa9 CW |
644 | } |
645 | ||
c7c6e46f CW |
646 | *vma->exec_flags = exec_flags | __EXEC_OBJECT_HAS_PIN; |
647 | GEM_BUG_ON(eb_vma_misplaced(entry, vma, exec_flags)); | |
1da7b54c | 648 | |
2889caa9 CW |
649 | return 0; |
650 | } | |
651 | ||
652 | static int eb_reserve(struct i915_execbuffer *eb) | |
653 | { | |
654 | const unsigned int count = eb->buffer_count; | |
655 | struct list_head last; | |
656 | struct i915_vma *vma; | |
657 | unsigned int i, pass; | |
658 | int err; | |
659 | ||
660 | /* | |
661 | * Attempt to pin all of the buffers into the GTT. | |
662 | * This is done in 3 phases: | |
663 | * | |
664 | * 1a. Unbind all objects that do not match the GTT constraints for | |
665 | * the execbuffer (fenceable, mappable, alignment etc). | |
666 | * 1b. Increment pin count for already bound objects. | |
667 | * 2. Bind new objects. | |
668 | * 3. Decrement pin count. | |
669 | * | |
670 | * This avoid unnecessary unbinding of later objects in order to make | |
671 | * room for the earlier objects *unless* we need to defragment. | |
672 | */ | |
673 | ||
674 | pass = 0; | |
675 | err = 0; | |
676 | do { | |
677 | list_for_each_entry(vma, &eb->unbound, exec_link) { | |
678 | err = eb_reserve_vma(eb, vma); | |
679 | if (err) | |
680 | break; | |
681 | } | |
682 | if (err != -ENOSPC) | |
683 | return err; | |
684 | ||
685 | /* Resort *all* the objects into priority order */ | |
686 | INIT_LIST_HEAD(&eb->unbound); | |
687 | INIT_LIST_HEAD(&last); | |
688 | for (i = 0; i < count; i++) { | |
c7c6e46f CW |
689 | unsigned int flags = eb->flags[i]; |
690 | struct i915_vma *vma = eb->vma[i]; | |
2889caa9 | 691 | |
c7c6e46f CW |
692 | if (flags & EXEC_OBJECT_PINNED && |
693 | flags & __EXEC_OBJECT_HAS_PIN) | |
2889caa9 CW |
694 | continue; |
695 | ||
c7c6e46f | 696 | eb_unreserve_vma(vma, &eb->flags[i]); |
2889caa9 | 697 | |
c7c6e46f | 698 | if (flags & EXEC_OBJECT_PINNED) |
35e882a4 | 699 | /* Pinned must have their slot */ |
2889caa9 | 700 | list_add(&vma->exec_link, &eb->unbound); |
c7c6e46f | 701 | else if (flags & __EXEC_OBJECT_NEEDS_MAP) |
35e882a4 | 702 | /* Map require the lowest 256MiB (aperture) */ |
2889caa9 | 703 | list_add_tail(&vma->exec_link, &eb->unbound); |
35e882a4 CW |
704 | else if (!(flags & EXEC_OBJECT_SUPPORTS_48B_ADDRESS)) |
705 | /* Prioritise 4GiB region for restricted bo */ | |
706 | list_add(&vma->exec_link, &last); | |
2889caa9 CW |
707 | else |
708 | list_add_tail(&vma->exec_link, &last); | |
709 | } | |
710 | list_splice_tail(&last, &eb->unbound); | |
711 | ||
712 | switch (pass++) { | |
713 | case 0: | |
714 | break; | |
715 | ||
716 | case 1: | |
717 | /* Too fragmented, unbind everything and retry */ | |
718 | err = i915_gem_evict_vm(eb->vm); | |
719 | if (err) | |
720 | return err; | |
721 | break; | |
722 | ||
723 | default: | |
724 | return -ENOSPC; | |
725 | } | |
726 | } while (1); | |
4ff4b44c | 727 | } |
59bfa124 | 728 | |
2889caa9 CW |
729 | static unsigned int eb_batch_index(const struct i915_execbuffer *eb) |
730 | { | |
1a71cf2f CW |
731 | if (eb->args->flags & I915_EXEC_BATCH_FIRST) |
732 | return 0; | |
733 | else | |
734 | return eb->buffer_count - 1; | |
2889caa9 CW |
735 | } |
736 | ||
737 | static int eb_select_context(struct i915_execbuffer *eb) | |
738 | { | |
739 | struct i915_gem_context *ctx; | |
740 | ||
741 | ctx = i915_gem_context_lookup(eb->file->driver_priv, eb->args->rsvd1); | |
1acfc104 CW |
742 | if (unlikely(!ctx)) |
743 | return -ENOENT; | |
2889caa9 | 744 | |
8f2a1057 | 745 | eb->gem_context = ctx; |
4f2c7337 CW |
746 | if (ctx->ppgtt) { |
747 | eb->vm = &ctx->ppgtt->vm; | |
748 | eb->invalid_flags |= EXEC_OBJECT_NEEDS_GTT; | |
749 | } else { | |
750 | eb->vm = &eb->i915->ggtt.vm; | |
751 | } | |
2889caa9 CW |
752 | |
753 | eb->context_flags = 0; | |
d3f3e5e4 | 754 | if (test_bit(UCONTEXT_NO_ZEROMAP, &ctx->user_flags)) |
2889caa9 CW |
755 | eb->context_flags |= __EXEC_OBJECT_NEEDS_BIAS; |
756 | ||
757 | return 0; | |
758 | } | |
759 | ||
d6f328bf CW |
760 | static struct i915_request *__eb_wait_for_ring(struct intel_ring *ring) |
761 | { | |
762 | struct i915_request *rq; | |
763 | ||
764 | /* | |
765 | * Completely unscientific finger-in-the-air estimates for suitable | |
766 | * maximum user request size (to avoid blocking) and then backoff. | |
767 | */ | |
768 | if (intel_ring_update_space(ring) >= PAGE_SIZE) | |
769 | return NULL; | |
770 | ||
771 | /* | |
772 | * Find a request that after waiting upon, there will be at least half | |
773 | * the ring available. The hysteresis allows us to compete for the | |
774 | * shared ring and should mean that we sleep less often prior to | |
775 | * claiming our resources, but not so long that the ring completely | |
776 | * drains before we can submit our next request. | |
777 | */ | |
778 | list_for_each_entry(rq, &ring->request_list, ring_link) { | |
779 | if (__intel_ring_space(rq->postfix, | |
780 | ring->emit, ring->size) > ring->size / 2) | |
781 | break; | |
782 | } | |
783 | if (&rq->ring_link == &ring->request_list) | |
784 | return NULL; /* weird, we will check again later for real */ | |
785 | ||
786 | return i915_request_get(rq); | |
787 | } | |
788 | ||
789 | static int eb_wait_for_ring(const struct i915_execbuffer *eb) | |
790 | { | |
d6f328bf CW |
791 | struct i915_request *rq; |
792 | int ret = 0; | |
793 | ||
794 | /* | |
795 | * Apply a light amount of backpressure to prevent excessive hogs | |
796 | * from blocking waiting for space whilst holding struct_mutex and | |
797 | * keeping all of their resources pinned. | |
798 | */ | |
799 | ||
8f2a1057 | 800 | rq = __eb_wait_for_ring(eb->context->ring); |
d6f328bf CW |
801 | if (rq) { |
802 | mutex_unlock(&eb->i915->drm.struct_mutex); | |
803 | ||
804 | if (i915_request_wait(rq, | |
805 | I915_WAIT_INTERRUPTIBLE, | |
806 | MAX_SCHEDULE_TIMEOUT) < 0) | |
807 | ret = -EINTR; | |
808 | ||
809 | i915_request_put(rq); | |
810 | ||
811 | mutex_lock(&eb->i915->drm.struct_mutex); | |
812 | } | |
813 | ||
814 | return ret; | |
815 | } | |
816 | ||
2889caa9 | 817 | static int eb_lookup_vmas(struct i915_execbuffer *eb) |
3b96eff4 | 818 | { |
8f2a1057 | 819 | struct radix_tree_root *handles_vma = &eb->gem_context->handles_vma; |
ac70ebe8 | 820 | struct drm_i915_gem_object *obj; |
746c8f14 | 821 | unsigned int i, batch; |
2889caa9 | 822 | int err; |
3b96eff4 | 823 | |
8f2a1057 | 824 | if (unlikely(i915_gem_context_is_closed(eb->gem_context))) |
8bcbfb12 CW |
825 | return -ENOENT; |
826 | ||
8f2a1057 | 827 | if (unlikely(i915_gem_context_is_banned(eb->gem_context))) |
8bcbfb12 CW |
828 | return -EIO; |
829 | ||
2889caa9 CW |
830 | INIT_LIST_HEAD(&eb->relocs); |
831 | INIT_LIST_HEAD(&eb->unbound); | |
d55495b4 | 832 | |
746c8f14 CW |
833 | batch = eb_batch_index(eb); |
834 | ||
170fa29b CW |
835 | for (i = 0; i < eb->buffer_count; i++) { |
836 | u32 handle = eb->exec[i].handle; | |
d1b48c1e | 837 | struct i915_lut_handle *lut; |
170fa29b | 838 | struct i915_vma *vma; |
4ff4b44c | 839 | |
d1b48c1e CW |
840 | vma = radix_tree_lookup(handles_vma, handle); |
841 | if (likely(vma)) | |
170fa29b | 842 | goto add_vma; |
4ff4b44c | 843 | |
170fa29b | 844 | obj = i915_gem_object_lookup(eb->file, handle); |
4ff4b44c | 845 | if (unlikely(!obj)) { |
2889caa9 | 846 | err = -ENOENT; |
170fa29b | 847 | goto err_vma; |
3b96eff4 CW |
848 | } |
849 | ||
650bc635 | 850 | vma = i915_vma_instance(obj, eb->vm, NULL); |
772b5408 | 851 | if (IS_ERR(vma)) { |
2889caa9 | 852 | err = PTR_ERR(vma); |
170fa29b | 853 | goto err_obj; |
27173f1f BW |
854 | } |
855 | ||
13f1bfd3 | 856 | lut = i915_lut_handle_alloc(); |
d1b48c1e CW |
857 | if (unlikely(!lut)) { |
858 | err = -ENOMEM; | |
859 | goto err_obj; | |
860 | } | |
861 | ||
862 | err = radix_tree_insert(handles_vma, handle, vma); | |
863 | if (unlikely(err)) { | |
13f1bfd3 | 864 | i915_lut_handle_free(lut); |
d1b48c1e | 865 | goto err_obj; |
eef90ccb | 866 | } |
4ff4b44c | 867 | |
ac70ebe8 | 868 | /* transfer ref to ctx */ |
3365e226 CW |
869 | if (!vma->open_count++) |
870 | i915_vma_reopen(vma); | |
d1b48c1e | 871 | list_add(&lut->obj_link, &obj->lut_list); |
8f2a1057 CW |
872 | list_add(&lut->ctx_link, &eb->gem_context->handles_list); |
873 | lut->ctx = eb->gem_context; | |
d1b48c1e CW |
874 | lut->handle = handle; |
875 | ||
170fa29b | 876 | add_vma: |
746c8f14 | 877 | err = eb_add_vma(eb, i, batch, vma); |
2889caa9 | 878 | if (unlikely(err)) |
ac70ebe8 | 879 | goto err_vma; |
dade2a61 | 880 | |
c7c6e46f CW |
881 | GEM_BUG_ON(vma != eb->vma[i]); |
882 | GEM_BUG_ON(vma->exec_flags != &eb->flags[i]); | |
746c8f14 CW |
883 | GEM_BUG_ON(drm_mm_node_allocated(&vma->node) && |
884 | eb_vma_misplaced(&eb->exec[i], vma, eb->flags[i])); | |
4ff4b44c CW |
885 | } |
886 | ||
2889caa9 CW |
887 | eb->args->flags |= __EXEC_VALIDATED; |
888 | return eb_reserve(eb); | |
889 | ||
170fa29b | 890 | err_obj: |
ac70ebe8 | 891 | i915_gem_object_put(obj); |
170fa29b CW |
892 | err_vma: |
893 | eb->vma[i] = NULL; | |
2889caa9 | 894 | return err; |
3b96eff4 CW |
895 | } |
896 | ||
4ff4b44c | 897 | static struct i915_vma * |
2889caa9 | 898 | eb_get_vma(const struct i915_execbuffer *eb, unsigned long handle) |
67731b87 | 899 | { |
2889caa9 CW |
900 | if (eb->lut_size < 0) { |
901 | if (handle >= -eb->lut_size) | |
eef90ccb | 902 | return NULL; |
c7c6e46f | 903 | return eb->vma[handle]; |
eef90ccb CW |
904 | } else { |
905 | struct hlist_head *head; | |
aa45950b | 906 | struct i915_vma *vma; |
67731b87 | 907 | |
2889caa9 | 908 | head = &eb->buckets[hash_32(handle, eb->lut_size)]; |
aa45950b | 909 | hlist_for_each_entry(vma, head, exec_node) { |
27173f1f BW |
910 | if (vma->exec_handle == handle) |
911 | return vma; | |
eef90ccb CW |
912 | } |
913 | return NULL; | |
914 | } | |
67731b87 CW |
915 | } |
916 | ||
2889caa9 | 917 | static void eb_release_vmas(const struct i915_execbuffer *eb) |
a415d355 | 918 | { |
2889caa9 CW |
919 | const unsigned int count = eb->buffer_count; |
920 | unsigned int i; | |
921 | ||
922 | for (i = 0; i < count; i++) { | |
c7c6e46f CW |
923 | struct i915_vma *vma = eb->vma[i]; |
924 | unsigned int flags = eb->flags[i]; | |
650bc635 | 925 | |
2889caa9 | 926 | if (!vma) |
170fa29b | 927 | break; |
bcffc3fa | 928 | |
c7c6e46f CW |
929 | GEM_BUG_ON(vma->exec_flags != &eb->flags[i]); |
930 | vma->exec_flags = NULL; | |
931 | eb->vma[i] = NULL; | |
9e53d9be | 932 | |
c7c6e46f CW |
933 | if (flags & __EXEC_OBJECT_HAS_PIN) |
934 | __eb_unreserve_vma(vma, flags); | |
dade2a61 | 935 | |
c7c6e46f | 936 | if (flags & __EXEC_OBJECT_HAS_REF) |
dade2a61 | 937 | i915_vma_put(vma); |
2889caa9 | 938 | } |
dabdfe02 CW |
939 | } |
940 | ||
2889caa9 | 941 | static void eb_reset_vmas(const struct i915_execbuffer *eb) |
934acce3 | 942 | { |
2889caa9 | 943 | eb_release_vmas(eb); |
4d470f73 | 944 | if (eb->lut_size > 0) |
2889caa9 CW |
945 | memset(eb->buckets, 0, |
946 | sizeof(struct hlist_head) << eb->lut_size); | |
934acce3 MW |
947 | } |
948 | ||
2889caa9 | 949 | static void eb_destroy(const struct i915_execbuffer *eb) |
934acce3 | 950 | { |
7dd4f672 CW |
951 | GEM_BUG_ON(eb->reloc_cache.rq); |
952 | ||
4d470f73 | 953 | if (eb->lut_size > 0) |
2889caa9 | 954 | kfree(eb->buckets); |
934acce3 MW |
955 | } |
956 | ||
2889caa9 | 957 | static inline u64 |
d50415cc | 958 | relocation_target(const struct drm_i915_gem_relocation_entry *reloc, |
2889caa9 | 959 | const struct i915_vma *target) |
934acce3 | 960 | { |
2889caa9 | 961 | return gen8_canonical_addr((int)reloc->delta + target->node.start); |
934acce3 MW |
962 | } |
963 | ||
d50415cc CW |
964 | static void reloc_cache_init(struct reloc_cache *cache, |
965 | struct drm_i915_private *i915) | |
5032d871 | 966 | { |
31a39207 | 967 | cache->page = -1; |
d50415cc | 968 | cache->vaddr = 0; |
dfc5148f | 969 | /* Must be a variable in the struct to allow GCC to unroll. */ |
7dd4f672 | 970 | cache->gen = INTEL_GEN(i915); |
2889caa9 | 971 | cache->has_llc = HAS_LLC(i915); |
dfc5148f | 972 | cache->use_64bit_reloc = HAS_64BIT_RELOC(i915); |
7dd4f672 CW |
973 | cache->has_fence = cache->gen < 4; |
974 | cache->needs_unfenced = INTEL_INFO(i915)->unfenced_needs_alignment; | |
e8cb909a | 975 | cache->node.allocated = false; |
7dd4f672 CW |
976 | cache->rq = NULL; |
977 | cache->rq_size = 0; | |
d50415cc | 978 | } |
5032d871 | 979 | |
d50415cc CW |
980 | static inline void *unmask_page(unsigned long p) |
981 | { | |
982 | return (void *)(uintptr_t)(p & PAGE_MASK); | |
983 | } | |
984 | ||
985 | static inline unsigned int unmask_flags(unsigned long p) | |
986 | { | |
987 | return p & ~PAGE_MASK; | |
31a39207 CW |
988 | } |
989 | ||
d50415cc CW |
990 | #define KMAP 0x4 /* after CLFLUSH_FLAGS */ |
991 | ||
650bc635 CW |
992 | static inline struct i915_ggtt *cache_to_ggtt(struct reloc_cache *cache) |
993 | { | |
994 | struct drm_i915_private *i915 = | |
995 | container_of(cache, struct i915_execbuffer, reloc_cache)->i915; | |
996 | return &i915->ggtt; | |
997 | } | |
998 | ||
7dd4f672 CW |
999 | static void reloc_gpu_flush(struct reloc_cache *cache) |
1000 | { | |
1001 | GEM_BUG_ON(cache->rq_size >= cache->rq->batch->obj->base.size / sizeof(u32)); | |
1002 | cache->rq_cmd[cache->rq_size] = MI_BATCH_BUFFER_END; | |
a679f58d CW |
1003 | |
1004 | __i915_gem_object_flush_map(cache->rq->batch->obj, 0, cache->rq_size); | |
7dd4f672 | 1005 | i915_gem_object_unpin_map(cache->rq->batch->obj); |
a679f58d | 1006 | |
7dd4f672 CW |
1007 | i915_gem_chipset_flush(cache->rq->i915); |
1008 | ||
697b9a87 | 1009 | i915_request_add(cache->rq); |
7dd4f672 CW |
1010 | cache->rq = NULL; |
1011 | } | |
1012 | ||
650bc635 | 1013 | static void reloc_cache_reset(struct reloc_cache *cache) |
31a39207 | 1014 | { |
d50415cc | 1015 | void *vaddr; |
5032d871 | 1016 | |
7dd4f672 CW |
1017 | if (cache->rq) |
1018 | reloc_gpu_flush(cache); | |
1019 | ||
31a39207 CW |
1020 | if (!cache->vaddr) |
1021 | return; | |
3c94ceee | 1022 | |
d50415cc CW |
1023 | vaddr = unmask_page(cache->vaddr); |
1024 | if (cache->vaddr & KMAP) { | |
1025 | if (cache->vaddr & CLFLUSH_AFTER) | |
1026 | mb(); | |
3c94ceee | 1027 | |
d50415cc CW |
1028 | kunmap_atomic(vaddr); |
1029 | i915_gem_obj_finish_shmem_access((struct drm_i915_gem_object *)cache->node.mm); | |
1030 | } else { | |
e8cb909a | 1031 | wmb(); |
d50415cc | 1032 | io_mapping_unmap_atomic((void __iomem *)vaddr); |
e8cb909a | 1033 | if (cache->node.allocated) { |
650bc635 | 1034 | struct i915_ggtt *ggtt = cache_to_ggtt(cache); |
e8cb909a | 1035 | |
82ad6443 CW |
1036 | ggtt->vm.clear_range(&ggtt->vm, |
1037 | cache->node.start, | |
1038 | cache->node.size); | |
e8cb909a CW |
1039 | drm_mm_remove_node(&cache->node); |
1040 | } else { | |
1041 | i915_vma_unpin((struct i915_vma *)cache->node.mm); | |
3c94ceee | 1042 | } |
31a39207 | 1043 | } |
650bc635 CW |
1044 | |
1045 | cache->vaddr = 0; | |
1046 | cache->page = -1; | |
31a39207 CW |
1047 | } |
1048 | ||
1049 | static void *reloc_kmap(struct drm_i915_gem_object *obj, | |
1050 | struct reloc_cache *cache, | |
2889caa9 | 1051 | unsigned long page) |
31a39207 | 1052 | { |
d50415cc CW |
1053 | void *vaddr; |
1054 | ||
1055 | if (cache->vaddr) { | |
1056 | kunmap_atomic(unmask_page(cache->vaddr)); | |
1057 | } else { | |
1058 | unsigned int flushes; | |
2889caa9 | 1059 | int err; |
31a39207 | 1060 | |
2889caa9 CW |
1061 | err = i915_gem_obj_prepare_shmem_write(obj, &flushes); |
1062 | if (err) | |
1063 | return ERR_PTR(err); | |
d50415cc CW |
1064 | |
1065 | BUILD_BUG_ON(KMAP & CLFLUSH_FLAGS); | |
1066 | BUILD_BUG_ON((KMAP | CLFLUSH_FLAGS) & PAGE_MASK); | |
3c94ceee | 1067 | |
d50415cc CW |
1068 | cache->vaddr = flushes | KMAP; |
1069 | cache->node.mm = (void *)obj; | |
1070 | if (flushes) | |
1071 | mb(); | |
3c94ceee BW |
1072 | } |
1073 | ||
d50415cc CW |
1074 | vaddr = kmap_atomic(i915_gem_object_get_dirty_page(obj, page)); |
1075 | cache->vaddr = unmask_flags(cache->vaddr) | (unsigned long)vaddr; | |
31a39207 | 1076 | cache->page = page; |
5032d871 | 1077 | |
d50415cc | 1078 | return vaddr; |
5032d871 RB |
1079 | } |
1080 | ||
d50415cc CW |
1081 | static void *reloc_iomap(struct drm_i915_gem_object *obj, |
1082 | struct reloc_cache *cache, | |
2889caa9 | 1083 | unsigned long page) |
5032d871 | 1084 | { |
650bc635 | 1085 | struct i915_ggtt *ggtt = cache_to_ggtt(cache); |
e8cb909a | 1086 | unsigned long offset; |
d50415cc | 1087 | void *vaddr; |
5032d871 | 1088 | |
d50415cc | 1089 | if (cache->vaddr) { |
615e5000 | 1090 | io_mapping_unmap_atomic((void __force __iomem *) unmask_page(cache->vaddr)); |
d50415cc CW |
1091 | } else { |
1092 | struct i915_vma *vma; | |
2889caa9 | 1093 | int err; |
5032d871 | 1094 | |
2889caa9 | 1095 | if (use_cpu_reloc(cache, obj)) |
d50415cc | 1096 | return NULL; |
3c94ceee | 1097 | |
2889caa9 CW |
1098 | err = i915_gem_object_set_to_gtt_domain(obj, true); |
1099 | if (err) | |
1100 | return ERR_PTR(err); | |
3c94ceee | 1101 | |
d50415cc | 1102 | vma = i915_gem_object_ggtt_pin(obj, NULL, 0, 0, |
3c755c5b CW |
1103 | PIN_MAPPABLE | |
1104 | PIN_NONBLOCK | | |
1105 | PIN_NONFAULT); | |
e8cb909a CW |
1106 | if (IS_ERR(vma)) { |
1107 | memset(&cache->node, 0, sizeof(cache->node)); | |
2889caa9 | 1108 | err = drm_mm_insert_node_in_range |
82ad6443 | 1109 | (&ggtt->vm.mm, &cache->node, |
f51455d4 | 1110 | PAGE_SIZE, 0, I915_COLOR_UNEVICTABLE, |
e8cb909a | 1111 | 0, ggtt->mappable_end, |
4e64e553 | 1112 | DRM_MM_INSERT_LOW); |
2889caa9 | 1113 | if (err) /* no inactive aperture space, use cpu reloc */ |
c92fa4fe | 1114 | return NULL; |
e8cb909a | 1115 | } else { |
2889caa9 CW |
1116 | err = i915_vma_put_fence(vma); |
1117 | if (err) { | |
e8cb909a | 1118 | i915_vma_unpin(vma); |
2889caa9 | 1119 | return ERR_PTR(err); |
e8cb909a | 1120 | } |
5032d871 | 1121 | |
e8cb909a CW |
1122 | cache->node.start = vma->node.start; |
1123 | cache->node.mm = (void *)vma; | |
3c94ceee | 1124 | } |
e8cb909a | 1125 | } |
3c94ceee | 1126 | |
e8cb909a CW |
1127 | offset = cache->node.start; |
1128 | if (cache->node.allocated) { | |
fc099090 | 1129 | wmb(); |
82ad6443 CW |
1130 | ggtt->vm.insert_page(&ggtt->vm, |
1131 | i915_gem_object_get_dma_address(obj, page), | |
1132 | offset, I915_CACHE_NONE, 0); | |
e8cb909a CW |
1133 | } else { |
1134 | offset += page << PAGE_SHIFT; | |
3c94ceee BW |
1135 | } |
1136 | ||
73ebd503 | 1137 | vaddr = (void __force *)io_mapping_map_atomic_wc(&ggtt->iomap, |
650bc635 | 1138 | offset); |
d50415cc CW |
1139 | cache->page = page; |
1140 | cache->vaddr = (unsigned long)vaddr; | |
5032d871 | 1141 | |
d50415cc | 1142 | return vaddr; |
5032d871 RB |
1143 | } |
1144 | ||
d50415cc CW |
1145 | static void *reloc_vaddr(struct drm_i915_gem_object *obj, |
1146 | struct reloc_cache *cache, | |
2889caa9 | 1147 | unsigned long page) |
edf4427b | 1148 | { |
d50415cc | 1149 | void *vaddr; |
5032d871 | 1150 | |
d50415cc CW |
1151 | if (cache->page == page) { |
1152 | vaddr = unmask_page(cache->vaddr); | |
1153 | } else { | |
1154 | vaddr = NULL; | |
1155 | if ((cache->vaddr & KMAP) == 0) | |
1156 | vaddr = reloc_iomap(obj, cache, page); | |
1157 | if (!vaddr) | |
1158 | vaddr = reloc_kmap(obj, cache, page); | |
3c94ceee BW |
1159 | } |
1160 | ||
d50415cc | 1161 | return vaddr; |
edf4427b CW |
1162 | } |
1163 | ||
d50415cc | 1164 | static void clflush_write32(u32 *addr, u32 value, unsigned int flushes) |
edf4427b | 1165 | { |
d50415cc CW |
1166 | if (unlikely(flushes & (CLFLUSH_BEFORE | CLFLUSH_AFTER))) { |
1167 | if (flushes & CLFLUSH_BEFORE) { | |
1168 | clflushopt(addr); | |
1169 | mb(); | |
1170 | } | |
edf4427b | 1171 | |
d50415cc | 1172 | *addr = value; |
edf4427b | 1173 | |
2889caa9 CW |
1174 | /* |
1175 | * Writes to the same cacheline are serialised by the CPU | |
d50415cc CW |
1176 | * (including clflush). On the write path, we only require |
1177 | * that it hits memory in an orderly fashion and place | |
1178 | * mb barriers at the start and end of the relocation phase | |
1179 | * to ensure ordering of clflush wrt to the system. | |
1180 | */ | |
1181 | if (flushes & CLFLUSH_AFTER) | |
1182 | clflushopt(addr); | |
1183 | } else | |
1184 | *addr = value; | |
edf4427b | 1185 | } |
edf4427b | 1186 | |
7dd4f672 CW |
1187 | static int __reloc_gpu_alloc(struct i915_execbuffer *eb, |
1188 | struct i915_vma *vma, | |
1189 | unsigned int len) | |
1190 | { | |
1191 | struct reloc_cache *cache = &eb->reloc_cache; | |
1192 | struct drm_i915_gem_object *obj; | |
e61e0f51 | 1193 | struct i915_request *rq; |
7dd4f672 CW |
1194 | struct i915_vma *batch; |
1195 | u32 *cmd; | |
1196 | int err; | |
1197 | ||
46223993 CW |
1198 | if (DBG_FORCE_RELOC == FORCE_GPU_RELOC) { |
1199 | obj = vma->obj; | |
1200 | if (obj->cache_dirty & ~obj->cache_coherent) | |
1201 | i915_gem_clflush_object(obj, 0); | |
1202 | obj->write_domain = 0; | |
1203 | } | |
1204 | ||
c0a51fd0 | 1205 | GEM_BUG_ON(vma->obj->write_domain & I915_GEM_DOMAIN_CPU); |
7dd4f672 CW |
1206 | |
1207 | obj = i915_gem_batch_pool_get(&eb->engine->batch_pool, PAGE_SIZE); | |
1208 | if (IS_ERR(obj)) | |
1209 | return PTR_ERR(obj); | |
1210 | ||
1211 | cmd = i915_gem_object_pin_map(obj, | |
a575c676 CW |
1212 | cache->has_llc ? |
1213 | I915_MAP_FORCE_WB : | |
1214 | I915_MAP_FORCE_WC); | |
7dd4f672 CW |
1215 | i915_gem_object_unpin_pages(obj); |
1216 | if (IS_ERR(cmd)) | |
1217 | return PTR_ERR(cmd); | |
1218 | ||
7dd4f672 CW |
1219 | batch = i915_vma_instance(obj, vma->vm, NULL); |
1220 | if (IS_ERR(batch)) { | |
1221 | err = PTR_ERR(batch); | |
1222 | goto err_unmap; | |
1223 | } | |
1224 | ||
1225 | err = i915_vma_pin(batch, 0, 0, PIN_USER | PIN_NONBLOCK); | |
1226 | if (err) | |
1227 | goto err_unmap; | |
1228 | ||
8f2a1057 | 1229 | rq = i915_request_create(eb->context); |
7dd4f672 CW |
1230 | if (IS_ERR(rq)) { |
1231 | err = PTR_ERR(rq); | |
1232 | goto err_unpin; | |
1233 | } | |
1234 | ||
e61e0f51 | 1235 | err = i915_request_await_object(rq, vma->obj, true); |
7dd4f672 CW |
1236 | if (err) |
1237 | goto err_request; | |
1238 | ||
7dd4f672 CW |
1239 | err = eb->engine->emit_bb_start(rq, |
1240 | batch->node.start, PAGE_SIZE, | |
1241 | cache->gen > 5 ? 0 : I915_DISPATCH_SECURE); | |
1242 | if (err) | |
1243 | goto err_request; | |
1244 | ||
95ff7c7d | 1245 | GEM_BUG_ON(!reservation_object_test_signaled_rcu(batch->resv, true)); |
a5236978 CW |
1246 | err = i915_vma_move_to_active(batch, rq, 0); |
1247 | if (err) | |
1248 | goto skip_request; | |
7dd4f672 | 1249 | |
a5236978 CW |
1250 | err = i915_vma_move_to_active(vma, rq, EXEC_OBJECT_WRITE); |
1251 | if (err) | |
1252 | goto skip_request; | |
7dd4f672 CW |
1253 | |
1254 | rq->batch = batch; | |
a5236978 | 1255 | i915_vma_unpin(batch); |
7dd4f672 CW |
1256 | |
1257 | cache->rq = rq; | |
1258 | cache->rq_cmd = cmd; | |
1259 | cache->rq_size = 0; | |
1260 | ||
1261 | /* Return with batch mapping (cmd) still pinned */ | |
1262 | return 0; | |
1263 | ||
a5236978 CW |
1264 | skip_request: |
1265 | i915_request_skip(rq, err); | |
7dd4f672 | 1266 | err_request: |
e61e0f51 | 1267 | i915_request_add(rq); |
7dd4f672 CW |
1268 | err_unpin: |
1269 | i915_vma_unpin(batch); | |
1270 | err_unmap: | |
1271 | i915_gem_object_unpin_map(obj); | |
1272 | return err; | |
1273 | } | |
1274 | ||
1275 | static u32 *reloc_gpu(struct i915_execbuffer *eb, | |
1276 | struct i915_vma *vma, | |
1277 | unsigned int len) | |
1278 | { | |
1279 | struct reloc_cache *cache = &eb->reloc_cache; | |
1280 | u32 *cmd; | |
1281 | ||
1282 | if (cache->rq_size > PAGE_SIZE/sizeof(u32) - (len + 1)) | |
1283 | reloc_gpu_flush(cache); | |
1284 | ||
1285 | if (unlikely(!cache->rq)) { | |
1286 | int err; | |
1287 | ||
3dbf26ed CW |
1288 | /* If we need to copy for the cmdparser, we will stall anyway */ |
1289 | if (eb_use_cmdparser(eb)) | |
1290 | return ERR_PTR(-EWOULDBLOCK); | |
1291 | ||
90cad095 CW |
1292 | if (!intel_engine_can_store_dword(eb->engine)) |
1293 | return ERR_PTR(-ENODEV); | |
1294 | ||
7dd4f672 CW |
1295 | err = __reloc_gpu_alloc(eb, vma, len); |
1296 | if (unlikely(err)) | |
1297 | return ERR_PTR(err); | |
1298 | } | |
1299 | ||
1300 | cmd = cache->rq_cmd + cache->rq_size; | |
1301 | cache->rq_size += len; | |
1302 | ||
1303 | return cmd; | |
1304 | } | |
1305 | ||
2889caa9 CW |
1306 | static u64 |
1307 | relocate_entry(struct i915_vma *vma, | |
d50415cc | 1308 | const struct drm_i915_gem_relocation_entry *reloc, |
2889caa9 CW |
1309 | struct i915_execbuffer *eb, |
1310 | const struct i915_vma *target) | |
edf4427b | 1311 | { |
d50415cc | 1312 | u64 offset = reloc->offset; |
2889caa9 CW |
1313 | u64 target_offset = relocation_target(reloc, target); |
1314 | bool wide = eb->reloc_cache.use_64bit_reloc; | |
d50415cc | 1315 | void *vaddr; |
edf4427b | 1316 | |
7dd4f672 CW |
1317 | if (!eb->reloc_cache.vaddr && |
1318 | (DBG_FORCE_RELOC == FORCE_GPU_RELOC || | |
90cad095 | 1319 | !reservation_object_test_signaled_rcu(vma->resv, true))) { |
7dd4f672 CW |
1320 | const unsigned int gen = eb->reloc_cache.gen; |
1321 | unsigned int len; | |
1322 | u32 *batch; | |
1323 | u64 addr; | |
1324 | ||
1325 | if (wide) | |
1326 | len = offset & 7 ? 8 : 5; | |
1327 | else if (gen >= 4) | |
1328 | len = 4; | |
f2f5c061 | 1329 | else |
a889580c | 1330 | len = 3; |
7dd4f672 CW |
1331 | |
1332 | batch = reloc_gpu(eb, vma, len); | |
1333 | if (IS_ERR(batch)) | |
1334 | goto repeat; | |
1335 | ||
1336 | addr = gen8_canonical_addr(vma->node.start + offset); | |
1337 | if (wide) { | |
1338 | if (offset & 7) { | |
1339 | *batch++ = MI_STORE_DWORD_IMM_GEN4; | |
1340 | *batch++ = lower_32_bits(addr); | |
1341 | *batch++ = upper_32_bits(addr); | |
1342 | *batch++ = lower_32_bits(target_offset); | |
1343 | ||
1344 | addr = gen8_canonical_addr(addr + 4); | |
1345 | ||
1346 | *batch++ = MI_STORE_DWORD_IMM_GEN4; | |
1347 | *batch++ = lower_32_bits(addr); | |
1348 | *batch++ = upper_32_bits(addr); | |
1349 | *batch++ = upper_32_bits(target_offset); | |
1350 | } else { | |
1351 | *batch++ = (MI_STORE_DWORD_IMM_GEN4 | (1 << 21)) + 1; | |
1352 | *batch++ = lower_32_bits(addr); | |
1353 | *batch++ = upper_32_bits(addr); | |
1354 | *batch++ = lower_32_bits(target_offset); | |
1355 | *batch++ = upper_32_bits(target_offset); | |
1356 | } | |
1357 | } else if (gen >= 6) { | |
1358 | *batch++ = MI_STORE_DWORD_IMM_GEN4; | |
1359 | *batch++ = 0; | |
1360 | *batch++ = addr; | |
1361 | *batch++ = target_offset; | |
1362 | } else if (gen >= 4) { | |
1363 | *batch++ = MI_STORE_DWORD_IMM_GEN4 | MI_USE_GGTT; | |
1364 | *batch++ = 0; | |
1365 | *batch++ = addr; | |
1366 | *batch++ = target_offset; | |
1367 | } else { | |
1368 | *batch++ = MI_STORE_DWORD_IMM | MI_MEM_VIRTUAL; | |
1369 | *batch++ = addr; | |
1370 | *batch++ = target_offset; | |
1371 | } | |
1372 | ||
1373 | goto out; | |
1374 | } | |
1375 | ||
d50415cc | 1376 | repeat: |
95ff7c7d | 1377 | vaddr = reloc_vaddr(vma->obj, &eb->reloc_cache, offset >> PAGE_SHIFT); |
d50415cc CW |
1378 | if (IS_ERR(vaddr)) |
1379 | return PTR_ERR(vaddr); | |
1380 | ||
1381 | clflush_write32(vaddr + offset_in_page(offset), | |
1382 | lower_32_bits(target_offset), | |
2889caa9 | 1383 | eb->reloc_cache.vaddr); |
d50415cc CW |
1384 | |
1385 | if (wide) { | |
1386 | offset += sizeof(u32); | |
1387 | target_offset >>= 32; | |
1388 | wide = false; | |
1389 | goto repeat; | |
edf4427b | 1390 | } |
edf4427b | 1391 | |
7dd4f672 | 1392 | out: |
2889caa9 | 1393 | return target->node.start | UPDATE; |
edf4427b | 1394 | } |
edf4427b | 1395 | |
2889caa9 CW |
1396 | static u64 |
1397 | eb_relocate_entry(struct i915_execbuffer *eb, | |
1398 | struct i915_vma *vma, | |
1399 | const struct drm_i915_gem_relocation_entry *reloc) | |
54cf91dc | 1400 | { |
507d977f | 1401 | struct i915_vma *target; |
2889caa9 | 1402 | int err; |
54cf91dc | 1403 | |
67731b87 | 1404 | /* we've already hold a reference to all valid objects */ |
507d977f CW |
1405 | target = eb_get_vma(eb, reloc->target_handle); |
1406 | if (unlikely(!target)) | |
54cf91dc | 1407 | return -ENOENT; |
e844b990 | 1408 | |
54cf91dc | 1409 | /* Validate that the target is in a valid r/w GPU domain */ |
b8f7ab17 | 1410 | if (unlikely(reloc->write_domain & (reloc->write_domain - 1))) { |
ff240199 | 1411 | DRM_DEBUG("reloc with multiple write domains: " |
507d977f | 1412 | "target %d offset %d " |
54cf91dc | 1413 | "read %08x write %08x", |
507d977f | 1414 | reloc->target_handle, |
54cf91dc CW |
1415 | (int) reloc->offset, |
1416 | reloc->read_domains, | |
1417 | reloc->write_domain); | |
8b78f0e5 | 1418 | return -EINVAL; |
54cf91dc | 1419 | } |
4ca4a250 DV |
1420 | if (unlikely((reloc->write_domain | reloc->read_domains) |
1421 | & ~I915_GEM_GPU_DOMAINS)) { | |
ff240199 | 1422 | DRM_DEBUG("reloc with read/write non-GPU domains: " |
507d977f | 1423 | "target %d offset %d " |
54cf91dc | 1424 | "read %08x write %08x", |
507d977f | 1425 | reloc->target_handle, |
54cf91dc CW |
1426 | (int) reloc->offset, |
1427 | reloc->read_domains, | |
1428 | reloc->write_domain); | |
8b78f0e5 | 1429 | return -EINVAL; |
54cf91dc | 1430 | } |
54cf91dc | 1431 | |
2889caa9 | 1432 | if (reloc->write_domain) { |
c7c6e46f | 1433 | *target->exec_flags |= EXEC_OBJECT_WRITE; |
507d977f | 1434 | |
2889caa9 CW |
1435 | /* |
1436 | * Sandybridge PPGTT errata: We need a global gtt mapping | |
1437 | * for MI and pipe_control writes because the gpu doesn't | |
1438 | * properly redirect them through the ppgtt for non_secure | |
1439 | * batchbuffers. | |
1440 | */ | |
1441 | if (reloc->write_domain == I915_GEM_DOMAIN_INSTRUCTION && | |
cf819eff | 1442 | IS_GEN(eb->i915, 6)) { |
2889caa9 CW |
1443 | err = i915_vma_bind(target, target->obj->cache_level, |
1444 | PIN_GLOBAL); | |
1445 | if (WARN_ONCE(err, | |
1446 | "Unexpected failure to bind target VMA!")) | |
1447 | return err; | |
1448 | } | |
507d977f | 1449 | } |
54cf91dc | 1450 | |
2889caa9 CW |
1451 | /* |
1452 | * If the relocation already has the right value in it, no | |
54cf91dc CW |
1453 | * more work needs to be done. |
1454 | */ | |
7dd4f672 CW |
1455 | if (!DBG_FORCE_RELOC && |
1456 | gen8_canonical_addr(target->node.start) == reloc->presumed_offset) | |
67731b87 | 1457 | return 0; |
54cf91dc CW |
1458 | |
1459 | /* Check that the relocation address is valid... */ | |
3c94ceee | 1460 | if (unlikely(reloc->offset > |
507d977f | 1461 | vma->size - (eb->reloc_cache.use_64bit_reloc ? 8 : 4))) { |
ff240199 | 1462 | DRM_DEBUG("Relocation beyond object bounds: " |
507d977f CW |
1463 | "target %d offset %d size %d.\n", |
1464 | reloc->target_handle, | |
1465 | (int)reloc->offset, | |
1466 | (int)vma->size); | |
8b78f0e5 | 1467 | return -EINVAL; |
54cf91dc | 1468 | } |
b8f7ab17 | 1469 | if (unlikely(reloc->offset & 3)) { |
ff240199 | 1470 | DRM_DEBUG("Relocation not 4-byte aligned: " |
507d977f CW |
1471 | "target %d offset %d.\n", |
1472 | reloc->target_handle, | |
1473 | (int)reloc->offset); | |
8b78f0e5 | 1474 | return -EINVAL; |
54cf91dc CW |
1475 | } |
1476 | ||
071750e5 CW |
1477 | /* |
1478 | * If we write into the object, we need to force the synchronisation | |
1479 | * barrier, either with an asynchronous clflush or if we executed the | |
1480 | * patching using the GPU (though that should be serialised by the | |
1481 | * timeline). To be completely sure, and since we are required to | |
1482 | * do relocations we are already stalling, disable the user's opt | |
0519bcb1 | 1483 | * out of our synchronisation. |
071750e5 | 1484 | */ |
c7c6e46f | 1485 | *vma->exec_flags &= ~EXEC_OBJECT_ASYNC; |
071750e5 | 1486 | |
54cf91dc | 1487 | /* and update the user's relocation entry */ |
2889caa9 | 1488 | return relocate_entry(vma, reloc, eb, target); |
54cf91dc CW |
1489 | } |
1490 | ||
2889caa9 | 1491 | static int eb_relocate_vma(struct i915_execbuffer *eb, struct i915_vma *vma) |
54cf91dc | 1492 | { |
1d83f442 | 1493 | #define N_RELOC(x) ((x) / sizeof(struct drm_i915_gem_relocation_entry)) |
2889caa9 CW |
1494 | struct drm_i915_gem_relocation_entry stack[N_RELOC(512)]; |
1495 | struct drm_i915_gem_relocation_entry __user *urelocs; | |
c7c6e46f | 1496 | const struct drm_i915_gem_exec_object2 *entry = exec_entry(eb, vma); |
2889caa9 | 1497 | unsigned int remain; |
54cf91dc | 1498 | |
2889caa9 | 1499 | urelocs = u64_to_user_ptr(entry->relocs_ptr); |
1d83f442 | 1500 | remain = entry->relocation_count; |
2889caa9 CW |
1501 | if (unlikely(remain > N_RELOC(ULONG_MAX))) |
1502 | return -EINVAL; | |
ebc0808f | 1503 | |
2889caa9 CW |
1504 | /* |
1505 | * We must check that the entire relocation array is safe | |
1506 | * to read. However, if the array is not writable the user loses | |
1507 | * the updated relocation values. | |
1508 | */ | |
96d4f267 | 1509 | if (unlikely(!access_ok(urelocs, remain*sizeof(*urelocs)))) |
2889caa9 CW |
1510 | return -EFAULT; |
1511 | ||
1512 | do { | |
1513 | struct drm_i915_gem_relocation_entry *r = stack; | |
1514 | unsigned int count = | |
1515 | min_t(unsigned int, remain, ARRAY_SIZE(stack)); | |
1516 | unsigned int copied; | |
1d83f442 | 1517 | |
2889caa9 CW |
1518 | /* |
1519 | * This is the fast path and we cannot handle a pagefault | |
ebc0808f CW |
1520 | * whilst holding the struct mutex lest the user pass in the |
1521 | * relocations contained within a mmaped bo. For in such a case | |
1522 | * we, the page fault handler would call i915_gem_fault() and | |
1523 | * we would try to acquire the struct mutex again. Obviously | |
1524 | * this is bad and so lockdep complains vehemently. | |
1525 | */ | |
1526 | pagefault_disable(); | |
2889caa9 | 1527 | copied = __copy_from_user_inatomic(r, urelocs, count * sizeof(r[0])); |
ebc0808f | 1528 | pagefault_enable(); |
2889caa9 CW |
1529 | if (unlikely(copied)) { |
1530 | remain = -EFAULT; | |
31a39207 CW |
1531 | goto out; |
1532 | } | |
54cf91dc | 1533 | |
2889caa9 | 1534 | remain -= count; |
1d83f442 | 1535 | do { |
2889caa9 | 1536 | u64 offset = eb_relocate_entry(eb, vma, r); |
54cf91dc | 1537 | |
2889caa9 CW |
1538 | if (likely(offset == 0)) { |
1539 | } else if ((s64)offset < 0) { | |
1540 | remain = (int)offset; | |
31a39207 | 1541 | goto out; |
2889caa9 CW |
1542 | } else { |
1543 | /* | |
1544 | * Note that reporting an error now | |
1545 | * leaves everything in an inconsistent | |
1546 | * state as we have *already* changed | |
1547 | * the relocation value inside the | |
1548 | * object. As we have not changed the | |
1549 | * reloc.presumed_offset or will not | |
1550 | * change the execobject.offset, on the | |
1551 | * call we may not rewrite the value | |
1552 | * inside the object, leaving it | |
1553 | * dangling and causing a GPU hang. Unless | |
1554 | * userspace dynamically rebuilds the | |
1555 | * relocations on each execbuf rather than | |
1556 | * presume a static tree. | |
1557 | * | |
1558 | * We did previously check if the relocations | |
1559 | * were writable (access_ok), an error now | |
1560 | * would be a strange race with mprotect, | |
1561 | * having already demonstrated that we | |
1562 | * can read from this userspace address. | |
1563 | */ | |
1564 | offset = gen8_canonical_addr(offset & ~UPDATE); | |
fddcd00a CW |
1565 | if (unlikely(__put_user(offset, &urelocs[r-stack].presumed_offset))) { |
1566 | remain = -EFAULT; | |
1567 | goto out; | |
1568 | } | |
1d83f442 | 1569 | } |
2889caa9 CW |
1570 | } while (r++, --count); |
1571 | urelocs += ARRAY_SIZE(stack); | |
1572 | } while (remain); | |
31a39207 | 1573 | out: |
650bc635 | 1574 | reloc_cache_reset(&eb->reloc_cache); |
2889caa9 | 1575 | return remain; |
54cf91dc CW |
1576 | } |
1577 | ||
1578 | static int | |
2889caa9 | 1579 | eb_relocate_vma_slow(struct i915_execbuffer *eb, struct i915_vma *vma) |
54cf91dc | 1580 | { |
c7c6e46f | 1581 | const struct drm_i915_gem_exec_object2 *entry = exec_entry(eb, vma); |
2889caa9 CW |
1582 | struct drm_i915_gem_relocation_entry *relocs = |
1583 | u64_to_ptr(typeof(*relocs), entry->relocs_ptr); | |
1584 | unsigned int i; | |
1585 | int err; | |
54cf91dc CW |
1586 | |
1587 | for (i = 0; i < entry->relocation_count; i++) { | |
2889caa9 | 1588 | u64 offset = eb_relocate_entry(eb, vma, &relocs[i]); |
d4aeee77 | 1589 | |
2889caa9 CW |
1590 | if ((s64)offset < 0) { |
1591 | err = (int)offset; | |
1592 | goto err; | |
1593 | } | |
54cf91dc | 1594 | } |
2889caa9 CW |
1595 | err = 0; |
1596 | err: | |
1597 | reloc_cache_reset(&eb->reloc_cache); | |
1598 | return err; | |
edf4427b CW |
1599 | } |
1600 | ||
2889caa9 | 1601 | static int check_relocations(const struct drm_i915_gem_exec_object2 *entry) |
1690e1eb | 1602 | { |
2889caa9 CW |
1603 | const char __user *addr, *end; |
1604 | unsigned long size; | |
1605 | char __maybe_unused c; | |
1690e1eb | 1606 | |
2889caa9 CW |
1607 | size = entry->relocation_count; |
1608 | if (size == 0) | |
1609 | return 0; | |
7788a765 | 1610 | |
2889caa9 CW |
1611 | if (size > N_RELOC(ULONG_MAX)) |
1612 | return -EINVAL; | |
9a5a53b3 | 1613 | |
2889caa9 CW |
1614 | addr = u64_to_user_ptr(entry->relocs_ptr); |
1615 | size *= sizeof(struct drm_i915_gem_relocation_entry); | |
96d4f267 | 1616 | if (!access_ok(addr, size)) |
2889caa9 | 1617 | return -EFAULT; |
1690e1eb | 1618 | |
2889caa9 CW |
1619 | end = addr + size; |
1620 | for (; addr < end; addr += PAGE_SIZE) { | |
1621 | int err = __get_user(c, addr); | |
1622 | if (err) | |
1623 | return err; | |
ed5982e6 | 1624 | } |
2889caa9 | 1625 | return __get_user(c, end - 1); |
7788a765 | 1626 | } |
1690e1eb | 1627 | |
2889caa9 | 1628 | static int eb_copy_relocations(const struct i915_execbuffer *eb) |
d23db88c | 1629 | { |
2889caa9 CW |
1630 | const unsigned int count = eb->buffer_count; |
1631 | unsigned int i; | |
1632 | int err; | |
e6a84468 | 1633 | |
2889caa9 CW |
1634 | for (i = 0; i < count; i++) { |
1635 | const unsigned int nreloc = eb->exec[i].relocation_count; | |
1636 | struct drm_i915_gem_relocation_entry __user *urelocs; | |
1637 | struct drm_i915_gem_relocation_entry *relocs; | |
1638 | unsigned long size; | |
1639 | unsigned long copied; | |
e6a84468 | 1640 | |
2889caa9 CW |
1641 | if (nreloc == 0) |
1642 | continue; | |
e6a84468 | 1643 | |
2889caa9 CW |
1644 | err = check_relocations(&eb->exec[i]); |
1645 | if (err) | |
1646 | goto err; | |
d23db88c | 1647 | |
2889caa9 CW |
1648 | urelocs = u64_to_user_ptr(eb->exec[i].relocs_ptr); |
1649 | size = nreloc * sizeof(*relocs); | |
d23db88c | 1650 | |
0ee931c4 | 1651 | relocs = kvmalloc_array(size, 1, GFP_KERNEL); |
2889caa9 | 1652 | if (!relocs) { |
2889caa9 CW |
1653 | err = -ENOMEM; |
1654 | goto err; | |
1655 | } | |
d23db88c | 1656 | |
2889caa9 CW |
1657 | /* copy_from_user is limited to < 4GiB */ |
1658 | copied = 0; | |
1659 | do { | |
1660 | unsigned int len = | |
1661 | min_t(u64, BIT_ULL(31), size - copied); | |
1662 | ||
1663 | if (__copy_from_user((char *)relocs + copied, | |
908a6105 | 1664 | (char __user *)urelocs + copied, |
2889caa9 | 1665 | len)) { |
fddcd00a | 1666 | end_user: |
0b2c8f8b | 1667 | user_access_end(); |
8f4faed0 | 1668 | end: |
2889caa9 CW |
1669 | kvfree(relocs); |
1670 | err = -EFAULT; | |
1671 | goto err; | |
1672 | } | |
91b2db6f | 1673 | |
2889caa9 CW |
1674 | copied += len; |
1675 | } while (copied < size); | |
506a8e87 | 1676 | |
2889caa9 CW |
1677 | /* |
1678 | * As we do not update the known relocation offsets after | |
1679 | * relocating (due to the complexities in lock handling), | |
1680 | * we need to mark them as invalid now so that we force the | |
1681 | * relocation processing next time. Just in case the target | |
1682 | * object is evicted and then rebound into its old | |
1683 | * presumed_offset before the next execbuffer - if that | |
1684 | * happened we would make the mistake of assuming that the | |
1685 | * relocations were valid. | |
1686 | */ | |
594cc251 | 1687 | if (!user_access_begin(urelocs, size)) |
8f4faed0 | 1688 | goto end; |
594cc251 | 1689 | |
2889caa9 CW |
1690 | for (copied = 0; copied < nreloc; copied++) |
1691 | unsafe_put_user(-1, | |
1692 | &urelocs[copied].presumed_offset, | |
1693 | end_user); | |
2889caa9 | 1694 | user_access_end(); |
d23db88c | 1695 | |
2889caa9 CW |
1696 | eb->exec[i].relocs_ptr = (uintptr_t)relocs; |
1697 | } | |
edf4427b | 1698 | |
2889caa9 | 1699 | return 0; |
101b506a | 1700 | |
2889caa9 CW |
1701 | err: |
1702 | while (i--) { | |
1703 | struct drm_i915_gem_relocation_entry *relocs = | |
1704 | u64_to_ptr(typeof(*relocs), eb->exec[i].relocs_ptr); | |
1705 | if (eb->exec[i].relocation_count) | |
1706 | kvfree(relocs); | |
1707 | } | |
1708 | return err; | |
d23db88c CW |
1709 | } |
1710 | ||
2889caa9 | 1711 | static int eb_prefault_relocations(const struct i915_execbuffer *eb) |
54cf91dc | 1712 | { |
2889caa9 CW |
1713 | const unsigned int count = eb->buffer_count; |
1714 | unsigned int i; | |
54cf91dc | 1715 | |
4f044a88 | 1716 | if (unlikely(i915_modparams.prefault_disable)) |
2889caa9 | 1717 | return 0; |
54cf91dc | 1718 | |
2889caa9 CW |
1719 | for (i = 0; i < count; i++) { |
1720 | int err; | |
54cf91dc | 1721 | |
2889caa9 CW |
1722 | err = check_relocations(&eb->exec[i]); |
1723 | if (err) | |
1724 | return err; | |
1725 | } | |
a415d355 | 1726 | |
2889caa9 | 1727 | return 0; |
54cf91dc CW |
1728 | } |
1729 | ||
2889caa9 | 1730 | static noinline int eb_relocate_slow(struct i915_execbuffer *eb) |
54cf91dc | 1731 | { |
650bc635 | 1732 | struct drm_device *dev = &eb->i915->drm; |
2889caa9 | 1733 | bool have_copy = false; |
27173f1f | 1734 | struct i915_vma *vma; |
2889caa9 CW |
1735 | int err = 0; |
1736 | ||
1737 | repeat: | |
1738 | if (signal_pending(current)) { | |
1739 | err = -ERESTARTSYS; | |
1740 | goto out; | |
1741 | } | |
27173f1f | 1742 | |
67731b87 | 1743 | /* We may process another execbuffer during the unlock... */ |
2889caa9 | 1744 | eb_reset_vmas(eb); |
54cf91dc CW |
1745 | mutex_unlock(&dev->struct_mutex); |
1746 | ||
2889caa9 CW |
1747 | /* |
1748 | * We take 3 passes through the slowpatch. | |
1749 | * | |
1750 | * 1 - we try to just prefault all the user relocation entries and | |
1751 | * then attempt to reuse the atomic pagefault disabled fast path again. | |
1752 | * | |
1753 | * 2 - we copy the user entries to a local buffer here outside of the | |
1754 | * local and allow ourselves to wait upon any rendering before | |
1755 | * relocations | |
1756 | * | |
1757 | * 3 - we already have a local copy of the relocation entries, but | |
1758 | * were interrupted (EAGAIN) whilst waiting for the objects, try again. | |
1759 | */ | |
1760 | if (!err) { | |
1761 | err = eb_prefault_relocations(eb); | |
1762 | } else if (!have_copy) { | |
1763 | err = eb_copy_relocations(eb); | |
1764 | have_copy = err == 0; | |
1765 | } else { | |
1766 | cond_resched(); | |
1767 | err = 0; | |
54cf91dc | 1768 | } |
2889caa9 CW |
1769 | if (err) { |
1770 | mutex_lock(&dev->struct_mutex); | |
1771 | goto out; | |
54cf91dc CW |
1772 | } |
1773 | ||
8a2421bd CW |
1774 | /* A frequent cause for EAGAIN are currently unavailable client pages */ |
1775 | flush_workqueue(eb->i915->mm.userptr_wq); | |
1776 | ||
2889caa9 CW |
1777 | err = i915_mutex_lock_interruptible(dev); |
1778 | if (err) { | |
54cf91dc | 1779 | mutex_lock(&dev->struct_mutex); |
2889caa9 | 1780 | goto out; |
54cf91dc CW |
1781 | } |
1782 | ||
67731b87 | 1783 | /* reacquire the objects */ |
2889caa9 CW |
1784 | err = eb_lookup_vmas(eb); |
1785 | if (err) | |
3b96eff4 | 1786 | goto err; |
67731b87 | 1787 | |
c7c6e46f CW |
1788 | GEM_BUG_ON(!eb->batch); |
1789 | ||
2889caa9 CW |
1790 | list_for_each_entry(vma, &eb->relocs, reloc_link) { |
1791 | if (!have_copy) { | |
1792 | pagefault_disable(); | |
1793 | err = eb_relocate_vma(eb, vma); | |
1794 | pagefault_enable(); | |
1795 | if (err) | |
1796 | goto repeat; | |
1797 | } else { | |
1798 | err = eb_relocate_vma_slow(eb, vma); | |
1799 | if (err) | |
1800 | goto err; | |
1801 | } | |
54cf91dc CW |
1802 | } |
1803 | ||
2889caa9 CW |
1804 | /* |
1805 | * Leave the user relocations as are, this is the painfully slow path, | |
54cf91dc CW |
1806 | * and we want to avoid the complication of dropping the lock whilst |
1807 | * having buffers reserved in the aperture and so causing spurious | |
1808 | * ENOSPC for random operations. | |
1809 | */ | |
1810 | ||
1811 | err: | |
2889caa9 CW |
1812 | if (err == -EAGAIN) |
1813 | goto repeat; | |
1814 | ||
1815 | out: | |
1816 | if (have_copy) { | |
1817 | const unsigned int count = eb->buffer_count; | |
1818 | unsigned int i; | |
1819 | ||
1820 | for (i = 0; i < count; i++) { | |
1821 | const struct drm_i915_gem_exec_object2 *entry = | |
1822 | &eb->exec[i]; | |
1823 | struct drm_i915_gem_relocation_entry *relocs; | |
1824 | ||
1825 | if (!entry->relocation_count) | |
1826 | continue; | |
1827 | ||
1828 | relocs = u64_to_ptr(typeof(*relocs), entry->relocs_ptr); | |
1829 | kvfree(relocs); | |
1830 | } | |
1831 | } | |
1832 | ||
1f727d9e | 1833 | return err; |
54cf91dc CW |
1834 | } |
1835 | ||
2889caa9 | 1836 | static int eb_relocate(struct i915_execbuffer *eb) |
54cf91dc | 1837 | { |
2889caa9 CW |
1838 | if (eb_lookup_vmas(eb)) |
1839 | goto slow; | |
1840 | ||
1841 | /* The objects are in their final locations, apply the relocations. */ | |
1842 | if (eb->args->flags & __EXEC_HAS_RELOC) { | |
1843 | struct i915_vma *vma; | |
1844 | ||
1845 | list_for_each_entry(vma, &eb->relocs, reloc_link) { | |
1846 | if (eb_relocate_vma(eb, vma)) | |
1847 | goto slow; | |
1848 | } | |
1849 | } | |
1850 | ||
1851 | return 0; | |
1852 | ||
1853 | slow: | |
1854 | return eb_relocate_slow(eb); | |
1855 | } | |
1856 | ||
2889caa9 CW |
1857 | static int eb_move_to_gpu(struct i915_execbuffer *eb) |
1858 | { | |
1859 | const unsigned int count = eb->buffer_count; | |
1860 | unsigned int i; | |
1861 | int err; | |
54cf91dc | 1862 | |
2889caa9 | 1863 | for (i = 0; i < count; i++) { |
c7c6e46f CW |
1864 | unsigned int flags = eb->flags[i]; |
1865 | struct i915_vma *vma = eb->vma[i]; | |
27173f1f | 1866 | struct drm_i915_gem_object *obj = vma->obj; |
03ade511 | 1867 | |
c7c6e46f | 1868 | if (flags & EXEC_OBJECT_CAPTURE) { |
e61e0f51 | 1869 | struct i915_capture_list *capture; |
b0fd47ad CW |
1870 | |
1871 | capture = kmalloc(sizeof(*capture), GFP_KERNEL); | |
1872 | if (unlikely(!capture)) | |
1873 | return -ENOMEM; | |
1874 | ||
650bc635 | 1875 | capture->next = eb->request->capture_list; |
c7c6e46f | 1876 | capture->vma = eb->vma[i]; |
650bc635 | 1877 | eb->request->capture_list = capture; |
b0fd47ad CW |
1878 | } |
1879 | ||
b8f55be6 CW |
1880 | /* |
1881 | * If the GPU is not _reading_ through the CPU cache, we need | |
1882 | * to make sure that any writes (both previous GPU writes from | |
1883 | * before a change in snooping levels and normal CPU writes) | |
1884 | * caught in that cache are flushed to main memory. | |
1885 | * | |
1886 | * We want to say | |
1887 | * obj->cache_dirty && | |
1888 | * !(obj->cache_coherent & I915_BO_CACHE_COHERENT_FOR_READ) | |
1889 | * but gcc's optimiser doesn't handle that as well and emits | |
1890 | * two jumps instead of one. Maybe one day... | |
1891 | */ | |
1892 | if (unlikely(obj->cache_dirty & ~obj->cache_coherent)) { | |
0f46daa1 | 1893 | if (i915_gem_clflush_object(obj, 0)) |
c7c6e46f | 1894 | flags &= ~EXEC_OBJECT_ASYNC; |
0f46daa1 CW |
1895 | } |
1896 | ||
c7c6e46f CW |
1897 | if (flags & EXEC_OBJECT_ASYNC) |
1898 | continue; | |
77ae9957 | 1899 | |
e61e0f51 | 1900 | err = i915_request_await_object |
c7c6e46f | 1901 | (eb->request, obj, flags & EXEC_OBJECT_WRITE); |
2889caa9 CW |
1902 | if (err) |
1903 | return err; | |
2889caa9 CW |
1904 | } |
1905 | ||
1906 | for (i = 0; i < count; i++) { | |
c7c6e46f CW |
1907 | unsigned int flags = eb->flags[i]; |
1908 | struct i915_vma *vma = eb->vma[i]; | |
1909 | ||
a5236978 CW |
1910 | err = i915_vma_move_to_active(vma, eb->request, flags); |
1911 | if (unlikely(err)) { | |
1912 | i915_request_skip(eb->request, err); | |
1913 | return err; | |
1914 | } | |
2889caa9 | 1915 | |
c7c6e46f CW |
1916 | __eb_unreserve_vma(vma, flags); |
1917 | vma->exec_flags = NULL; | |
1918 | ||
1919 | if (unlikely(flags & __EXEC_OBJECT_HAS_REF)) | |
dade2a61 | 1920 | i915_vma_put(vma); |
c59a333f | 1921 | } |
2889caa9 | 1922 | eb->exec = NULL; |
c59a333f | 1923 | |
dcd79934 | 1924 | /* Unconditionally flush any chipset caches (for streaming writes). */ |
650bc635 | 1925 | i915_gem_chipset_flush(eb->i915); |
6ac42f41 | 1926 | |
2113184c | 1927 | return 0; |
54cf91dc CW |
1928 | } |
1929 | ||
2889caa9 | 1930 | static bool i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec) |
54cf91dc | 1931 | { |
650bc635 | 1932 | if (exec->flags & __I915_EXEC_ILLEGAL_FLAGS) |
ed5982e6 DV |
1933 | return false; |
1934 | ||
2f5945bc | 1935 | /* Kernel clipping was a DRI1 misfeature */ |
cf6e7bac JE |
1936 | if (!(exec->flags & I915_EXEC_FENCE_ARRAY)) { |
1937 | if (exec->num_cliprects || exec->cliprects_ptr) | |
1938 | return false; | |
1939 | } | |
2f5945bc CW |
1940 | |
1941 | if (exec->DR4 == 0xffffffff) { | |
1942 | DRM_DEBUG("UXA submitting garbage DR4, fixing up\n"); | |
1943 | exec->DR4 = 0; | |
1944 | } | |
1945 | if (exec->DR1 || exec->DR4) | |
1946 | return false; | |
1947 | ||
1948 | if ((exec->batch_start_offset | exec->batch_len) & 0x7) | |
1949 | return false; | |
1950 | ||
1951 | return true; | |
54cf91dc CW |
1952 | } |
1953 | ||
e61e0f51 | 1954 | static int i915_reset_gen7_sol_offsets(struct i915_request *rq) |
ae662d31 | 1955 | { |
73dec95e TU |
1956 | u32 *cs; |
1957 | int i; | |
ae662d31 | 1958 | |
8a68d464 | 1959 | if (!IS_GEN(rq->i915, 7) || rq->engine->id != RCS0) { |
9d662da8 DV |
1960 | DRM_DEBUG("sol reset is gen7/rcs only\n"); |
1961 | return -EINVAL; | |
1962 | } | |
ae662d31 | 1963 | |
e61e0f51 | 1964 | cs = intel_ring_begin(rq, 4 * 2 + 2); |
73dec95e TU |
1965 | if (IS_ERR(cs)) |
1966 | return PTR_ERR(cs); | |
ae662d31 | 1967 | |
2889caa9 | 1968 | *cs++ = MI_LOAD_REGISTER_IMM(4); |
ae662d31 | 1969 | for (i = 0; i < 4; i++) { |
73dec95e TU |
1970 | *cs++ = i915_mmio_reg_offset(GEN7_SO_WRITE_OFFSET(i)); |
1971 | *cs++ = 0; | |
ae662d31 | 1972 | } |
2889caa9 | 1973 | *cs++ = MI_NOOP; |
e61e0f51 | 1974 | intel_ring_advance(rq, cs); |
ae662d31 EA |
1975 | |
1976 | return 0; | |
1977 | } | |
1978 | ||
650bc635 | 1979 | static struct i915_vma *eb_parse(struct i915_execbuffer *eb, bool is_master) |
71745376 | 1980 | { |
71745376 | 1981 | struct drm_i915_gem_object *shadow_batch_obj; |
17cabf57 | 1982 | struct i915_vma *vma; |
2889caa9 | 1983 | int err; |
71745376 | 1984 | |
650bc635 CW |
1985 | shadow_batch_obj = i915_gem_batch_pool_get(&eb->engine->batch_pool, |
1986 | PAGE_ALIGN(eb->batch_len)); | |
71745376 | 1987 | if (IS_ERR(shadow_batch_obj)) |
59bfa124 | 1988 | return ERR_CAST(shadow_batch_obj); |
71745376 | 1989 | |
2889caa9 | 1990 | err = intel_engine_cmd_parser(eb->engine, |
650bc635 | 1991 | eb->batch->obj, |
33a051a5 | 1992 | shadow_batch_obj, |
650bc635 CW |
1993 | eb->batch_start_offset, |
1994 | eb->batch_len, | |
33a051a5 | 1995 | is_master); |
2889caa9 CW |
1996 | if (err) { |
1997 | if (err == -EACCES) /* unhandled chained batch */ | |
058d88c4 CW |
1998 | vma = NULL; |
1999 | else | |
2889caa9 | 2000 | vma = ERR_PTR(err); |
058d88c4 CW |
2001 | goto out; |
2002 | } | |
71745376 | 2003 | |
058d88c4 CW |
2004 | vma = i915_gem_object_ggtt_pin(shadow_batch_obj, NULL, 0, 0, 0); |
2005 | if (IS_ERR(vma)) | |
2006 | goto out; | |
de4e783a | 2007 | |
c7c6e46f CW |
2008 | eb->vma[eb->buffer_count] = i915_vma_get(vma); |
2009 | eb->flags[eb->buffer_count] = | |
2010 | __EXEC_OBJECT_HAS_PIN | __EXEC_OBJECT_HAS_REF; | |
2011 | vma->exec_flags = &eb->flags[eb->buffer_count]; | |
2012 | eb->buffer_count++; | |
71745376 | 2013 | |
058d88c4 | 2014 | out: |
de4e783a | 2015 | i915_gem_object_unpin_pages(shadow_batch_obj); |
058d88c4 | 2016 | return vma; |
71745376 | 2017 | } |
5c6c6003 | 2018 | |
c8659efa | 2019 | static void |
e61e0f51 | 2020 | add_to_client(struct i915_request *rq, struct drm_file *file) |
c8659efa | 2021 | { |
e61e0f51 CW |
2022 | rq->file_priv = file->driver_priv; |
2023 | list_add_tail(&rq->client_link, &rq->file_priv->mm.request_list); | |
c8659efa CW |
2024 | } |
2025 | ||
2889caa9 | 2026 | static int eb_submit(struct i915_execbuffer *eb) |
78382593 | 2027 | { |
2889caa9 | 2028 | int err; |
78382593 | 2029 | |
2889caa9 CW |
2030 | err = eb_move_to_gpu(eb); |
2031 | if (err) | |
2032 | return err; | |
78382593 | 2033 | |
650bc635 | 2034 | if (eb->args->flags & I915_EXEC_GEN7_SOL_RESET) { |
2889caa9 CW |
2035 | err = i915_reset_gen7_sol_offsets(eb->request); |
2036 | if (err) | |
2037 | return err; | |
78382593 OM |
2038 | } |
2039 | ||
85474441 CW |
2040 | /* |
2041 | * After we completed waiting for other engines (using HW semaphores) | |
2042 | * then we can signal that this request/batch is ready to run. This | |
2043 | * allows us to determine if the batch is still waiting on the GPU | |
2044 | * or actually running by checking the breadcrumb. | |
2045 | */ | |
2046 | if (eb->engine->emit_init_breadcrumb) { | |
2047 | err = eb->engine->emit_init_breadcrumb(eb->request); | |
2048 | if (err) | |
2049 | return err; | |
2050 | } | |
2051 | ||
2889caa9 | 2052 | err = eb->engine->emit_bb_start(eb->request, |
650bc635 CW |
2053 | eb->batch->node.start + |
2054 | eb->batch_start_offset, | |
2055 | eb->batch_len, | |
2889caa9 CW |
2056 | eb->batch_flags); |
2057 | if (err) | |
2058 | return err; | |
78382593 | 2059 | |
2f5945bc | 2060 | return 0; |
78382593 OM |
2061 | } |
2062 | ||
204bcfef | 2063 | /* |
a8ebba75 | 2064 | * Find one BSD ring to dispatch the corresponding BSD command. |
c80ff16e | 2065 | * The engine index is returned. |
a8ebba75 | 2066 | */ |
de1add36 | 2067 | static unsigned int |
c80ff16e CW |
2068 | gen8_dispatch_bsd_engine(struct drm_i915_private *dev_priv, |
2069 | struct drm_file *file) | |
a8ebba75 | 2070 | { |
a8ebba75 ZY |
2071 | struct drm_i915_file_private *file_priv = file->driver_priv; |
2072 | ||
de1add36 | 2073 | /* Check whether the file_priv has already selected one ring. */ |
6f633402 JL |
2074 | if ((int)file_priv->bsd_engine < 0) |
2075 | file_priv->bsd_engine = atomic_fetch_xor(1, | |
2076 | &dev_priv->mm.bsd_engine_dispatch_index); | |
d23db88c | 2077 | |
c80ff16e | 2078 | return file_priv->bsd_engine; |
d23db88c CW |
2079 | } |
2080 | ||
5e2a0419 | 2081 | static const enum intel_engine_id user_ring_map[] = { |
8a68d464 CW |
2082 | [I915_EXEC_DEFAULT] = RCS0, |
2083 | [I915_EXEC_RENDER] = RCS0, | |
2084 | [I915_EXEC_BLT] = BCS0, | |
2085 | [I915_EXEC_BSD] = VCS0, | |
2086 | [I915_EXEC_VEBOX] = VECS0 | |
de1add36 TU |
2087 | }; |
2088 | ||
5e2a0419 | 2089 | static int eb_pin_context(struct i915_execbuffer *eb, struct intel_context *ce) |
de1add36 | 2090 | { |
8f2a1057 | 2091 | int err; |
de1add36 | 2092 | |
8f2a1057 CW |
2093 | /* |
2094 | * ABI: Before userspace accesses the GPU (e.g. execbuffer), report | |
2095 | * EIO if the GPU is already wedged. | |
2096 | */ | |
2097 | err = i915_terminally_wedged(eb->i915); | |
2098 | if (err) | |
2099 | return err; | |
2100 | ||
2101 | /* | |
2102 | * Pinning the contexts may generate requests in order to acquire | |
2103 | * GGTT space, so do this first before we reserve a seqno for | |
2104 | * ourselves. | |
2105 | */ | |
fa9f6681 | 2106 | err = intel_context_pin(ce); |
fa9f6681 CW |
2107 | if (err) |
2108 | return err; | |
8f2a1057 | 2109 | |
5e2a0419 | 2110 | eb->engine = ce->engine; |
8f2a1057 CW |
2111 | eb->context = ce; |
2112 | return 0; | |
2113 | } | |
2114 | ||
2115 | static void eb_unpin_context(struct i915_execbuffer *eb) | |
2116 | { | |
2117 | intel_context_unpin(eb->context); | |
2118 | } | |
de1add36 | 2119 | |
5e2a0419 CW |
2120 | static unsigned int |
2121 | eb_select_legacy_ring(struct i915_execbuffer *eb, | |
2122 | struct drm_file *file, | |
2123 | struct drm_i915_gem_execbuffer2 *args) | |
de1add36 | 2124 | { |
8f2a1057 | 2125 | struct drm_i915_private *i915 = eb->i915; |
de1add36 | 2126 | unsigned int user_ring_id = args->flags & I915_EXEC_RING_MASK; |
de1add36 | 2127 | |
5e2a0419 CW |
2128 | if (user_ring_id != I915_EXEC_BSD && |
2129 | (args->flags & I915_EXEC_BSD_MASK)) { | |
de1add36 TU |
2130 | DRM_DEBUG("execbuf with non bsd ring but with invalid " |
2131 | "bsd dispatch flags: %d\n", (int)(args->flags)); | |
5e2a0419 | 2132 | return -1; |
de1add36 TU |
2133 | } |
2134 | ||
8f2a1057 | 2135 | if (user_ring_id == I915_EXEC_BSD && HAS_ENGINE(i915, VCS1)) { |
de1add36 TU |
2136 | unsigned int bsd_idx = args->flags & I915_EXEC_BSD_MASK; |
2137 | ||
2138 | if (bsd_idx == I915_EXEC_BSD_DEFAULT) { | |
8f2a1057 | 2139 | bsd_idx = gen8_dispatch_bsd_engine(i915, file); |
de1add36 TU |
2140 | } else if (bsd_idx >= I915_EXEC_BSD_RING1 && |
2141 | bsd_idx <= I915_EXEC_BSD_RING2) { | |
d9da6aa0 | 2142 | bsd_idx >>= I915_EXEC_BSD_SHIFT; |
de1add36 TU |
2143 | bsd_idx--; |
2144 | } else { | |
2145 | DRM_DEBUG("execbuf with unknown bsd ring: %u\n", | |
2146 | bsd_idx); | |
5e2a0419 | 2147 | return -1; |
de1add36 TU |
2148 | } |
2149 | ||
5e2a0419 | 2150 | return _VCS(bsd_idx); |
de1add36 TU |
2151 | } |
2152 | ||
5e2a0419 CW |
2153 | if (user_ring_id >= ARRAY_SIZE(user_ring_map)) { |
2154 | DRM_DEBUG("execbuf with unknown ring: %u\n", user_ring_id); | |
2155 | return -1; | |
de1add36 TU |
2156 | } |
2157 | ||
5e2a0419 CW |
2158 | return user_ring_map[user_ring_id]; |
2159 | } | |
2160 | ||
2161 | static int | |
2162 | eb_select_engine(struct i915_execbuffer *eb, | |
2163 | struct drm_file *file, | |
2164 | struct drm_i915_gem_execbuffer2 *args) | |
2165 | { | |
2166 | struct intel_context *ce; | |
2167 | unsigned int idx; | |
2168 | int err; | |
2169 | ||
976b55f0 CW |
2170 | if (i915_gem_context_user_engines(eb->gem_context)) |
2171 | idx = args->flags & I915_EXEC_RING_MASK; | |
2172 | else | |
2173 | idx = eb_select_legacy_ring(eb, file, args); | |
5e2a0419 CW |
2174 | |
2175 | ce = i915_gem_context_get_engine(eb->gem_context, idx); | |
2176 | if (IS_ERR(ce)) | |
2177 | return PTR_ERR(ce); | |
2178 | ||
2179 | err = eb_pin_context(eb, ce); | |
2180 | intel_context_put(ce); | |
2181 | ||
2182 | return err; | |
de1add36 TU |
2183 | } |
2184 | ||
cf6e7bac JE |
2185 | static void |
2186 | __free_fence_array(struct drm_syncobj **fences, unsigned int n) | |
2187 | { | |
2188 | while (n--) | |
2189 | drm_syncobj_put(ptr_mask_bits(fences[n], 2)); | |
2190 | kvfree(fences); | |
2191 | } | |
2192 | ||
2193 | static struct drm_syncobj ** | |
2194 | get_fence_array(struct drm_i915_gem_execbuffer2 *args, | |
2195 | struct drm_file *file) | |
2196 | { | |
d710fc16 | 2197 | const unsigned long nfences = args->num_cliprects; |
cf6e7bac JE |
2198 | struct drm_i915_gem_exec_fence __user *user; |
2199 | struct drm_syncobj **fences; | |
d710fc16 | 2200 | unsigned long n; |
cf6e7bac JE |
2201 | int err; |
2202 | ||
2203 | if (!(args->flags & I915_EXEC_FENCE_ARRAY)) | |
2204 | return NULL; | |
2205 | ||
d710fc16 CW |
2206 | /* Check multiplication overflow for access_ok() and kvmalloc_array() */ |
2207 | BUILD_BUG_ON(sizeof(size_t) > sizeof(unsigned long)); | |
2208 | if (nfences > min_t(unsigned long, | |
2209 | ULONG_MAX / sizeof(*user), | |
2210 | SIZE_MAX / sizeof(*fences))) | |
cf6e7bac JE |
2211 | return ERR_PTR(-EINVAL); |
2212 | ||
2213 | user = u64_to_user_ptr(args->cliprects_ptr); | |
96d4f267 | 2214 | if (!access_ok(user, nfences * sizeof(*user))) |
cf6e7bac JE |
2215 | return ERR_PTR(-EFAULT); |
2216 | ||
d710fc16 | 2217 | fences = kvmalloc_array(nfences, sizeof(*fences), |
0ee931c4 | 2218 | __GFP_NOWARN | GFP_KERNEL); |
cf6e7bac JE |
2219 | if (!fences) |
2220 | return ERR_PTR(-ENOMEM); | |
2221 | ||
2222 | for (n = 0; n < nfences; n++) { | |
2223 | struct drm_i915_gem_exec_fence fence; | |
2224 | struct drm_syncobj *syncobj; | |
2225 | ||
2226 | if (__copy_from_user(&fence, user++, sizeof(fence))) { | |
2227 | err = -EFAULT; | |
2228 | goto err; | |
2229 | } | |
2230 | ||
ebcaa1ff TU |
2231 | if (fence.flags & __I915_EXEC_FENCE_UNKNOWN_FLAGS) { |
2232 | err = -EINVAL; | |
2233 | goto err; | |
2234 | } | |
2235 | ||
cf6e7bac JE |
2236 | syncobj = drm_syncobj_find(file, fence.handle); |
2237 | if (!syncobj) { | |
2238 | DRM_DEBUG("Invalid syncobj handle provided\n"); | |
2239 | err = -ENOENT; | |
2240 | goto err; | |
2241 | } | |
2242 | ||
ebcaa1ff TU |
2243 | BUILD_BUG_ON(~(ARCH_KMALLOC_MINALIGN - 1) & |
2244 | ~__I915_EXEC_FENCE_UNKNOWN_FLAGS); | |
2245 | ||
cf6e7bac JE |
2246 | fences[n] = ptr_pack_bits(syncobj, fence.flags, 2); |
2247 | } | |
2248 | ||
2249 | return fences; | |
2250 | ||
2251 | err: | |
2252 | __free_fence_array(fences, n); | |
2253 | return ERR_PTR(err); | |
2254 | } | |
2255 | ||
2256 | static void | |
2257 | put_fence_array(struct drm_i915_gem_execbuffer2 *args, | |
2258 | struct drm_syncobj **fences) | |
2259 | { | |
2260 | if (fences) | |
2261 | __free_fence_array(fences, args->num_cliprects); | |
2262 | } | |
2263 | ||
2264 | static int | |
2265 | await_fence_array(struct i915_execbuffer *eb, | |
2266 | struct drm_syncobj **fences) | |
2267 | { | |
2268 | const unsigned int nfences = eb->args->num_cliprects; | |
2269 | unsigned int n; | |
2270 | int err; | |
2271 | ||
2272 | for (n = 0; n < nfences; n++) { | |
2273 | struct drm_syncobj *syncobj; | |
2274 | struct dma_fence *fence; | |
2275 | unsigned int flags; | |
2276 | ||
2277 | syncobj = ptr_unpack_bits(fences[n], &flags, 2); | |
2278 | if (!(flags & I915_EXEC_FENCE_WAIT)) | |
2279 | continue; | |
2280 | ||
afca4216 | 2281 | fence = drm_syncobj_fence_get(syncobj); |
cf6e7bac JE |
2282 | if (!fence) |
2283 | return -EINVAL; | |
2284 | ||
e61e0f51 | 2285 | err = i915_request_await_dma_fence(eb->request, fence); |
cf6e7bac JE |
2286 | dma_fence_put(fence); |
2287 | if (err < 0) | |
2288 | return err; | |
2289 | } | |
2290 | ||
2291 | return 0; | |
2292 | } | |
2293 | ||
2294 | static void | |
2295 | signal_fence_array(struct i915_execbuffer *eb, | |
2296 | struct drm_syncobj **fences) | |
2297 | { | |
2298 | const unsigned int nfences = eb->args->num_cliprects; | |
2299 | struct dma_fence * const fence = &eb->request->fence; | |
2300 | unsigned int n; | |
2301 | ||
2302 | for (n = 0; n < nfences; n++) { | |
2303 | struct drm_syncobj *syncobj; | |
2304 | unsigned int flags; | |
2305 | ||
2306 | syncobj = ptr_unpack_bits(fences[n], &flags, 2); | |
2307 | if (!(flags & I915_EXEC_FENCE_SIGNAL)) | |
2308 | continue; | |
2309 | ||
0b258ed1 | 2310 | drm_syncobj_replace_fence(syncobj, fence); |
cf6e7bac JE |
2311 | } |
2312 | } | |
2313 | ||
54cf91dc | 2314 | static int |
650bc635 | 2315 | i915_gem_do_execbuffer(struct drm_device *dev, |
54cf91dc CW |
2316 | struct drm_file *file, |
2317 | struct drm_i915_gem_execbuffer2 *args, | |
cf6e7bac JE |
2318 | struct drm_i915_gem_exec_object2 *exec, |
2319 | struct drm_syncobj **fences) | |
54cf91dc | 2320 | { |
650bc635 | 2321 | struct i915_execbuffer eb; |
fec0445c | 2322 | struct dma_fence *in_fence = NULL; |
a88b6e4c | 2323 | struct dma_fence *exec_fence = NULL; |
fec0445c CW |
2324 | struct sync_file *out_fence = NULL; |
2325 | int out_fence_fd = -1; | |
2889caa9 | 2326 | int err; |
432e58ed | 2327 | |
74c1c694 | 2328 | BUILD_BUG_ON(__EXEC_INTERNAL_FLAGS & ~__I915_EXEC_ILLEGAL_FLAGS); |
2889caa9 CW |
2329 | BUILD_BUG_ON(__EXEC_OBJECT_INTERNAL_FLAGS & |
2330 | ~__EXEC_OBJECT_UNKNOWN_FLAGS); | |
54cf91dc | 2331 | |
650bc635 CW |
2332 | eb.i915 = to_i915(dev); |
2333 | eb.file = file; | |
2334 | eb.args = args; | |
7dd4f672 | 2335 | if (DBG_FORCE_RELOC || !(args->flags & I915_EXEC_NO_RELOC)) |
2889caa9 | 2336 | args->flags |= __EXEC_HAS_RELOC; |
c7c6e46f | 2337 | |
650bc635 | 2338 | eb.exec = exec; |
170fa29b CW |
2339 | eb.vma = (struct i915_vma **)(exec + args->buffer_count + 1); |
2340 | eb.vma[0] = NULL; | |
c7c6e46f CW |
2341 | eb.flags = (unsigned int *)(eb.vma + args->buffer_count + 1); |
2342 | ||
2889caa9 | 2343 | eb.invalid_flags = __EXEC_OBJECT_UNKNOWN_FLAGS; |
650bc635 CW |
2344 | reloc_cache_init(&eb.reloc_cache, eb.i915); |
2345 | ||
2889caa9 | 2346 | eb.buffer_count = args->buffer_count; |
650bc635 CW |
2347 | eb.batch_start_offset = args->batch_start_offset; |
2348 | eb.batch_len = args->batch_len; | |
2349 | ||
2889caa9 | 2350 | eb.batch_flags = 0; |
d7d4eedd | 2351 | if (args->flags & I915_EXEC_SECURE) { |
b3ac9f25 | 2352 | if (!drm_is_current_master(file) || !capable(CAP_SYS_ADMIN)) |
d7d4eedd CW |
2353 | return -EPERM; |
2354 | ||
2889caa9 | 2355 | eb.batch_flags |= I915_DISPATCH_SECURE; |
d7d4eedd | 2356 | } |
b45305fc | 2357 | if (args->flags & I915_EXEC_IS_PINNED) |
2889caa9 | 2358 | eb.batch_flags |= I915_DISPATCH_PINNED; |
54cf91dc | 2359 | |
fec0445c CW |
2360 | if (args->flags & I915_EXEC_FENCE_IN) { |
2361 | in_fence = sync_file_get_fence(lower_32_bits(args->rsvd2)); | |
4a04e371 DCS |
2362 | if (!in_fence) |
2363 | return -EINVAL; | |
fec0445c CW |
2364 | } |
2365 | ||
a88b6e4c CW |
2366 | if (args->flags & I915_EXEC_FENCE_SUBMIT) { |
2367 | if (in_fence) { | |
2368 | err = -EINVAL; | |
2369 | goto err_in_fence; | |
2370 | } | |
2371 | ||
2372 | exec_fence = sync_file_get_fence(lower_32_bits(args->rsvd2)); | |
2373 | if (!exec_fence) { | |
2374 | err = -EINVAL; | |
2375 | goto err_in_fence; | |
2376 | } | |
2377 | } | |
2378 | ||
fec0445c CW |
2379 | if (args->flags & I915_EXEC_FENCE_OUT) { |
2380 | out_fence_fd = get_unused_fd_flags(O_CLOEXEC); | |
2381 | if (out_fence_fd < 0) { | |
2889caa9 | 2382 | err = out_fence_fd; |
a88b6e4c | 2383 | goto err_exec_fence; |
fec0445c CW |
2384 | } |
2385 | } | |
2386 | ||
4d470f73 CW |
2387 | err = eb_create(&eb); |
2388 | if (err) | |
2389 | goto err_out_fence; | |
2390 | ||
2391 | GEM_BUG_ON(!eb.lut_size); | |
2889caa9 | 2392 | |
1acfc104 CW |
2393 | err = eb_select_context(&eb); |
2394 | if (unlikely(err)) | |
2395 | goto err_destroy; | |
2396 | ||
2889caa9 CW |
2397 | /* |
2398 | * Take a local wakeref for preparing to dispatch the execbuf as | |
67d97da3 CW |
2399 | * we expect to access the hardware fairly frequently in the |
2400 | * process. Upon first dispatch, we acquire another prolonged | |
2401 | * wakeref that we hold until the GPU has been idle for at least | |
2402 | * 100ms. | |
2403 | */ | |
8f2a1057 | 2404 | intel_gt_pm_get(eb.i915); |
1acfc104 | 2405 | |
2889caa9 CW |
2406 | err = i915_mutex_lock_interruptible(dev); |
2407 | if (err) | |
2408 | goto err_rpm; | |
f65c9168 | 2409 | |
8f2a1057 | 2410 | err = eb_select_engine(&eb, file, args); |
d6f328bf CW |
2411 | if (unlikely(err)) |
2412 | goto err_unlock; | |
2413 | ||
8f2a1057 CW |
2414 | err = eb_wait_for_ring(&eb); /* may temporarily drop struct_mutex */ |
2415 | if (unlikely(err)) | |
2416 | goto err_engine; | |
2417 | ||
2889caa9 | 2418 | err = eb_relocate(&eb); |
1f727d9e | 2419 | if (err) { |
2889caa9 CW |
2420 | /* |
2421 | * If the user expects the execobject.offset and | |
2422 | * reloc.presumed_offset to be an exact match, | |
2423 | * as for using NO_RELOC, then we cannot update | |
2424 | * the execobject.offset until we have completed | |
2425 | * relocation. | |
2426 | */ | |
2427 | args->flags &= ~__EXEC_HAS_RELOC; | |
2889caa9 | 2428 | goto err_vma; |
1f727d9e | 2429 | } |
54cf91dc | 2430 | |
c7c6e46f | 2431 | if (unlikely(*eb.batch->exec_flags & EXEC_OBJECT_WRITE)) { |
ff240199 | 2432 | DRM_DEBUG("Attempting to use self-modifying batch buffer\n"); |
2889caa9 CW |
2433 | err = -EINVAL; |
2434 | goto err_vma; | |
54cf91dc | 2435 | } |
650bc635 CW |
2436 | if (eb.batch_start_offset > eb.batch->size || |
2437 | eb.batch_len > eb.batch->size - eb.batch_start_offset) { | |
0b537272 | 2438 | DRM_DEBUG("Attempting to use out-of-bounds batch\n"); |
2889caa9 CW |
2439 | err = -EINVAL; |
2440 | goto err_vma; | |
0b537272 | 2441 | } |
54cf91dc | 2442 | |
3dbf26ed | 2443 | if (eb_use_cmdparser(&eb)) { |
59bfa124 CW |
2444 | struct i915_vma *vma; |
2445 | ||
650bc635 | 2446 | vma = eb_parse(&eb, drm_is_current_master(file)); |
59bfa124 | 2447 | if (IS_ERR(vma)) { |
2889caa9 CW |
2448 | err = PTR_ERR(vma); |
2449 | goto err_vma; | |
78a42377 | 2450 | } |
17cabf57 | 2451 | |
59bfa124 | 2452 | if (vma) { |
c7c7372e RP |
2453 | /* |
2454 | * Batch parsed and accepted: | |
2455 | * | |
2456 | * Set the DISPATCH_SECURE bit to remove the NON_SECURE | |
2457 | * bit from MI_BATCH_BUFFER_START commands issued in | |
2458 | * the dispatch_execbuffer implementations. We | |
2459 | * specifically don't want that set on batches the | |
2460 | * command parser has accepted. | |
2461 | */ | |
2889caa9 | 2462 | eb.batch_flags |= I915_DISPATCH_SECURE; |
650bc635 CW |
2463 | eb.batch_start_offset = 0; |
2464 | eb.batch = vma; | |
c7c7372e | 2465 | } |
351e3db2 BV |
2466 | } |
2467 | ||
650bc635 CW |
2468 | if (eb.batch_len == 0) |
2469 | eb.batch_len = eb.batch->size - eb.batch_start_offset; | |
78a42377 | 2470 | |
2889caa9 CW |
2471 | /* |
2472 | * snb/ivb/vlv conflate the "batch in ppgtt" bit with the "non-secure | |
d7d4eedd | 2473 | * batch" bit. Hence we need to pin secure batches into the global gtt. |
28cf5415 | 2474 | * hsw should have this fixed, but bdw mucks it up again. */ |
2889caa9 | 2475 | if (eb.batch_flags & I915_DISPATCH_SECURE) { |
058d88c4 | 2476 | struct i915_vma *vma; |
59bfa124 | 2477 | |
da51a1e7 DV |
2478 | /* |
2479 | * So on first glance it looks freaky that we pin the batch here | |
2480 | * outside of the reservation loop. But: | |
2481 | * - The batch is already pinned into the relevant ppgtt, so we | |
2482 | * already have the backing storage fully allocated. | |
2483 | * - No other BO uses the global gtt (well contexts, but meh), | |
fd0753cf | 2484 | * so we don't really have issues with multiple objects not |
da51a1e7 DV |
2485 | * fitting due to fragmentation. |
2486 | * So this is actually safe. | |
2487 | */ | |
2889caa9 | 2488 | vma = i915_gem_object_ggtt_pin(eb.batch->obj, NULL, 0, 0, 0); |
058d88c4 | 2489 | if (IS_ERR(vma)) { |
2889caa9 CW |
2490 | err = PTR_ERR(vma); |
2491 | goto err_vma; | |
058d88c4 | 2492 | } |
d7d4eedd | 2493 | |
650bc635 | 2494 | eb.batch = vma; |
59bfa124 | 2495 | } |
d7d4eedd | 2496 | |
7dd4f672 CW |
2497 | /* All GPU relocation batches must be submitted prior to the user rq */ |
2498 | GEM_BUG_ON(eb.reloc_cache.rq); | |
2499 | ||
0c8dac88 | 2500 | /* Allocate a request for this batch buffer nice and early. */ |
8f2a1057 | 2501 | eb.request = i915_request_create(eb.context); |
650bc635 | 2502 | if (IS_ERR(eb.request)) { |
2889caa9 | 2503 | err = PTR_ERR(eb.request); |
0c8dac88 | 2504 | goto err_batch_unpin; |
26827088 | 2505 | } |
0c8dac88 | 2506 | |
fec0445c | 2507 | if (in_fence) { |
e61e0f51 | 2508 | err = i915_request_await_dma_fence(eb.request, in_fence); |
2889caa9 | 2509 | if (err < 0) |
fec0445c CW |
2510 | goto err_request; |
2511 | } | |
2512 | ||
a88b6e4c CW |
2513 | if (exec_fence) { |
2514 | err = i915_request_await_execution(eb.request, exec_fence, | |
2515 | eb.engine->bond_execute); | |
2516 | if (err < 0) | |
2517 | goto err_request; | |
2518 | } | |
2519 | ||
cf6e7bac JE |
2520 | if (fences) { |
2521 | err = await_fence_array(&eb, fences); | |
2522 | if (err) | |
2523 | goto err_request; | |
2524 | } | |
2525 | ||
fec0445c | 2526 | if (out_fence_fd != -1) { |
650bc635 | 2527 | out_fence = sync_file_create(&eb.request->fence); |
fec0445c | 2528 | if (!out_fence) { |
2889caa9 | 2529 | err = -ENOMEM; |
fec0445c CW |
2530 | goto err_request; |
2531 | } | |
2532 | } | |
2533 | ||
2889caa9 CW |
2534 | /* |
2535 | * Whilst this request exists, batch_obj will be on the | |
17f298cf CW |
2536 | * active_list, and so will hold the active reference. Only when this |
2537 | * request is retired will the the batch_obj be moved onto the | |
2538 | * inactive_list and lose its active reference. Hence we do not need | |
2539 | * to explicitly hold another reference here. | |
2540 | */ | |
650bc635 | 2541 | eb.request->batch = eb.batch; |
5f19e2bf | 2542 | |
e61e0f51 | 2543 | trace_i915_request_queue(eb.request, eb.batch_flags); |
2889caa9 | 2544 | err = eb_submit(&eb); |
aa9b7810 | 2545 | err_request: |
650bc635 | 2546 | add_to_client(eb.request, file); |
8f2a1057 | 2547 | i915_request_add(eb.request); |
c8659efa | 2548 | |
cf6e7bac JE |
2549 | if (fences) |
2550 | signal_fence_array(&eb, fences); | |
2551 | ||
fec0445c | 2552 | if (out_fence) { |
2889caa9 | 2553 | if (err == 0) { |
fec0445c | 2554 | fd_install(out_fence_fd, out_fence->file); |
b6a88e4a | 2555 | args->rsvd2 &= GENMASK_ULL(31, 0); /* keep in-fence */ |
fec0445c CW |
2556 | args->rsvd2 |= (u64)out_fence_fd << 32; |
2557 | out_fence_fd = -1; | |
2558 | } else { | |
2559 | fput(out_fence->file); | |
2560 | } | |
2561 | } | |
54cf91dc | 2562 | |
0c8dac88 | 2563 | err_batch_unpin: |
2889caa9 | 2564 | if (eb.batch_flags & I915_DISPATCH_SECURE) |
650bc635 | 2565 | i915_vma_unpin(eb.batch); |
2889caa9 CW |
2566 | err_vma: |
2567 | if (eb.exec) | |
2568 | eb_release_vmas(&eb); | |
8f2a1057 CW |
2569 | err_engine: |
2570 | eb_unpin_context(&eb); | |
d6f328bf | 2571 | err_unlock: |
54cf91dc | 2572 | mutex_unlock(&dev->struct_mutex); |
2889caa9 | 2573 | err_rpm: |
8f2a1057 CW |
2574 | intel_gt_pm_put(eb.i915); |
2575 | i915_gem_context_put(eb.gem_context); | |
1acfc104 | 2576 | err_destroy: |
2889caa9 | 2577 | eb_destroy(&eb); |
4d470f73 | 2578 | err_out_fence: |
fec0445c CW |
2579 | if (out_fence_fd != -1) |
2580 | put_unused_fd(out_fence_fd); | |
a88b6e4c CW |
2581 | err_exec_fence: |
2582 | dma_fence_put(exec_fence); | |
4a04e371 | 2583 | err_in_fence: |
fec0445c | 2584 | dma_fence_put(in_fence); |
2889caa9 | 2585 | return err; |
54cf91dc CW |
2586 | } |
2587 | ||
d710fc16 CW |
2588 | static size_t eb_element_size(void) |
2589 | { | |
2590 | return (sizeof(struct drm_i915_gem_exec_object2) + | |
2591 | sizeof(struct i915_vma *) + | |
2592 | sizeof(unsigned int)); | |
2593 | } | |
2594 | ||
2595 | static bool check_buffer_count(size_t count) | |
2596 | { | |
2597 | const size_t sz = eb_element_size(); | |
2598 | ||
2599 | /* | |
2600 | * When using LUT_HANDLE, we impose a limit of INT_MAX for the lookup | |
2601 | * array size (see eb_create()). Otherwise, we can accept an array as | |
2602 | * large as can be addressed (though use large arrays at your peril)! | |
2603 | */ | |
2604 | ||
2605 | return !(count < 1 || count > INT_MAX || count > SIZE_MAX / sz - 1); | |
2606 | } | |
2607 | ||
54cf91dc CW |
2608 | /* |
2609 | * Legacy execbuffer just creates an exec2 list from the original exec object | |
2610 | * list array and passes it to the real function. | |
2611 | */ | |
2612 | int | |
6a20fe7b VS |
2613 | i915_gem_execbuffer_ioctl(struct drm_device *dev, void *data, |
2614 | struct drm_file *file) | |
54cf91dc CW |
2615 | { |
2616 | struct drm_i915_gem_execbuffer *args = data; | |
2617 | struct drm_i915_gem_execbuffer2 exec2; | |
2618 | struct drm_i915_gem_exec_object *exec_list = NULL; | |
2619 | struct drm_i915_gem_exec_object2 *exec2_list = NULL; | |
d710fc16 | 2620 | const size_t count = args->buffer_count; |
2889caa9 CW |
2621 | unsigned int i; |
2622 | int err; | |
54cf91dc | 2623 | |
d710fc16 CW |
2624 | if (!check_buffer_count(count)) { |
2625 | DRM_DEBUG("execbuf2 with %zd buffers\n", count); | |
54cf91dc CW |
2626 | return -EINVAL; |
2627 | } | |
2628 | ||
2889caa9 CW |
2629 | exec2.buffers_ptr = args->buffers_ptr; |
2630 | exec2.buffer_count = args->buffer_count; | |
2631 | exec2.batch_start_offset = args->batch_start_offset; | |
2632 | exec2.batch_len = args->batch_len; | |
2633 | exec2.DR1 = args->DR1; | |
2634 | exec2.DR4 = args->DR4; | |
2635 | exec2.num_cliprects = args->num_cliprects; | |
2636 | exec2.cliprects_ptr = args->cliprects_ptr; | |
2637 | exec2.flags = I915_EXEC_RENDER; | |
2638 | i915_execbuffer2_set_context_id(exec2, 0); | |
2639 | ||
2640 | if (!i915_gem_check_execbuffer(&exec2)) | |
2641 | return -EINVAL; | |
2642 | ||
54cf91dc | 2643 | /* Copy in the exec list from userland */ |
d710fc16 | 2644 | exec_list = kvmalloc_array(count, sizeof(*exec_list), |
0ee931c4 | 2645 | __GFP_NOWARN | GFP_KERNEL); |
d710fc16 | 2646 | exec2_list = kvmalloc_array(count + 1, eb_element_size(), |
0ee931c4 | 2647 | __GFP_NOWARN | GFP_KERNEL); |
54cf91dc | 2648 | if (exec_list == NULL || exec2_list == NULL) { |
ff240199 | 2649 | DRM_DEBUG("Failed to allocate exec list for %d buffers\n", |
54cf91dc | 2650 | args->buffer_count); |
2098105e MH |
2651 | kvfree(exec_list); |
2652 | kvfree(exec2_list); | |
54cf91dc CW |
2653 | return -ENOMEM; |
2654 | } | |
2889caa9 | 2655 | err = copy_from_user(exec_list, |
3ed605bc | 2656 | u64_to_user_ptr(args->buffers_ptr), |
d710fc16 | 2657 | sizeof(*exec_list) * count); |
2889caa9 | 2658 | if (err) { |
ff240199 | 2659 | DRM_DEBUG("copy %d exec entries failed %d\n", |
2889caa9 | 2660 | args->buffer_count, err); |
2098105e MH |
2661 | kvfree(exec_list); |
2662 | kvfree(exec2_list); | |
54cf91dc CW |
2663 | return -EFAULT; |
2664 | } | |
2665 | ||
2666 | for (i = 0; i < args->buffer_count; i++) { | |
2667 | exec2_list[i].handle = exec_list[i].handle; | |
2668 | exec2_list[i].relocation_count = exec_list[i].relocation_count; | |
2669 | exec2_list[i].relocs_ptr = exec_list[i].relocs_ptr; | |
2670 | exec2_list[i].alignment = exec_list[i].alignment; | |
2671 | exec2_list[i].offset = exec_list[i].offset; | |
f0836b72 | 2672 | if (INTEL_GEN(to_i915(dev)) < 4) |
54cf91dc CW |
2673 | exec2_list[i].flags = EXEC_OBJECT_NEEDS_FENCE; |
2674 | else | |
2675 | exec2_list[i].flags = 0; | |
2676 | } | |
2677 | ||
cf6e7bac | 2678 | err = i915_gem_do_execbuffer(dev, file, &exec2, exec2_list, NULL); |
2889caa9 | 2679 | if (exec2.flags & __EXEC_HAS_RELOC) { |
9aab8bff | 2680 | struct drm_i915_gem_exec_object __user *user_exec_list = |
3ed605bc | 2681 | u64_to_user_ptr(args->buffers_ptr); |
9aab8bff | 2682 | |
54cf91dc | 2683 | /* Copy the new buffer offsets back to the user's exec list. */ |
9aab8bff | 2684 | for (i = 0; i < args->buffer_count; i++) { |
2889caa9 CW |
2685 | if (!(exec2_list[i].offset & UPDATE)) |
2686 | continue; | |
2687 | ||
934acce3 | 2688 | exec2_list[i].offset = |
2889caa9 CW |
2689 | gen8_canonical_addr(exec2_list[i].offset & PIN_OFFSET_MASK); |
2690 | exec2_list[i].offset &= PIN_OFFSET_MASK; | |
2691 | if (__copy_to_user(&user_exec_list[i].offset, | |
2692 | &exec2_list[i].offset, | |
2693 | sizeof(user_exec_list[i].offset))) | |
9aab8bff | 2694 | break; |
54cf91dc CW |
2695 | } |
2696 | } | |
2697 | ||
2098105e MH |
2698 | kvfree(exec_list); |
2699 | kvfree(exec2_list); | |
2889caa9 | 2700 | return err; |
54cf91dc CW |
2701 | } |
2702 | ||
2703 | int | |
6a20fe7b VS |
2704 | i915_gem_execbuffer2_ioctl(struct drm_device *dev, void *data, |
2705 | struct drm_file *file) | |
54cf91dc CW |
2706 | { |
2707 | struct drm_i915_gem_execbuffer2 *args = data; | |
2889caa9 | 2708 | struct drm_i915_gem_exec_object2 *exec2_list; |
cf6e7bac | 2709 | struct drm_syncobj **fences = NULL; |
d710fc16 | 2710 | const size_t count = args->buffer_count; |
2889caa9 | 2711 | int err; |
54cf91dc | 2712 | |
d710fc16 CW |
2713 | if (!check_buffer_count(count)) { |
2714 | DRM_DEBUG("execbuf2 with %zd buffers\n", count); | |
54cf91dc CW |
2715 | return -EINVAL; |
2716 | } | |
2717 | ||
2889caa9 CW |
2718 | if (!i915_gem_check_execbuffer(args)) |
2719 | return -EINVAL; | |
2720 | ||
2721 | /* Allocate an extra slot for use by the command parser */ | |
d710fc16 | 2722 | exec2_list = kvmalloc_array(count + 1, eb_element_size(), |
0ee931c4 | 2723 | __GFP_NOWARN | GFP_KERNEL); |
54cf91dc | 2724 | if (exec2_list == NULL) { |
d710fc16 CW |
2725 | DRM_DEBUG("Failed to allocate exec list for %zd buffers\n", |
2726 | count); | |
54cf91dc CW |
2727 | return -ENOMEM; |
2728 | } | |
2889caa9 CW |
2729 | if (copy_from_user(exec2_list, |
2730 | u64_to_user_ptr(args->buffers_ptr), | |
d710fc16 CW |
2731 | sizeof(*exec2_list) * count)) { |
2732 | DRM_DEBUG("copy %zd exec entries failed\n", count); | |
2098105e | 2733 | kvfree(exec2_list); |
54cf91dc CW |
2734 | return -EFAULT; |
2735 | } | |
2736 | ||
cf6e7bac JE |
2737 | if (args->flags & I915_EXEC_FENCE_ARRAY) { |
2738 | fences = get_fence_array(args, file); | |
2739 | if (IS_ERR(fences)) { | |
2740 | kvfree(exec2_list); | |
2741 | return PTR_ERR(fences); | |
2742 | } | |
2743 | } | |
2744 | ||
2745 | err = i915_gem_do_execbuffer(dev, file, args, exec2_list, fences); | |
2889caa9 CW |
2746 | |
2747 | /* | |
2748 | * Now that we have begun execution of the batchbuffer, we ignore | |
2749 | * any new error after this point. Also given that we have already | |
2750 | * updated the associated relocations, we try to write out the current | |
2751 | * object locations irrespective of any error. | |
2752 | */ | |
2753 | if (args->flags & __EXEC_HAS_RELOC) { | |
d593d992 | 2754 | struct drm_i915_gem_exec_object2 __user *user_exec_list = |
2889caa9 CW |
2755 | u64_to_user_ptr(args->buffers_ptr); |
2756 | unsigned int i; | |
9aab8bff | 2757 | |
2889caa9 | 2758 | /* Copy the new buffer offsets back to the user's exec list. */ |
594cc251 LT |
2759 | /* |
2760 | * Note: count * sizeof(*user_exec_list) does not overflow, | |
2761 | * because we checked 'count' in check_buffer_count(). | |
2762 | * | |
2763 | * And this range already got effectively checked earlier | |
2764 | * when we did the "copy_from_user()" above. | |
2765 | */ | |
2766 | if (!user_access_begin(user_exec_list, count * sizeof(*user_exec_list))) | |
8f4faed0 | 2767 | goto end; |
594cc251 | 2768 | |
9aab8bff | 2769 | for (i = 0; i < args->buffer_count; i++) { |
2889caa9 CW |
2770 | if (!(exec2_list[i].offset & UPDATE)) |
2771 | continue; | |
2772 | ||
934acce3 | 2773 | exec2_list[i].offset = |
2889caa9 CW |
2774 | gen8_canonical_addr(exec2_list[i].offset & PIN_OFFSET_MASK); |
2775 | unsafe_put_user(exec2_list[i].offset, | |
2776 | &user_exec_list[i].offset, | |
2777 | end_user); | |
54cf91dc | 2778 | } |
2889caa9 CW |
2779 | end_user: |
2780 | user_access_end(); | |
8f4faed0 | 2781 | end:; |
54cf91dc CW |
2782 | } |
2783 | ||
2889caa9 | 2784 | args->flags &= ~__I915_EXEC_UNKNOWN_FLAGS; |
cf6e7bac | 2785 | put_fence_array(args, fences); |
2098105e | 2786 | kvfree(exec2_list); |
2889caa9 | 2787 | return err; |
54cf91dc | 2788 | } |