1 // SPDX-License-Identifier: GPL-2.0
3 * IOMMU API for ARM architected SMMUv3 implementations.
5 * Copyright (C) 2015 ARM Limited
7 * Author: Will Deacon <will.deacon@arm.com>
9 * This driver is powered by bad coffee and bombay mix.
12 #include <linux/acpi.h>
13 #include <linux/acpi_iort.h>
14 #include <linux/bitfield.h>
15 #include <linux/bitops.h>
16 #include <linux/crash_dump.h>
17 #include <linux/delay.h>
18 #include <linux/dma-iommu.h>
19 #include <linux/err.h>
20 #include <linux/interrupt.h>
21 #include <linux/iommu.h>
22 #include <linux/iopoll.h>
23 #include <linux/module.h>
24 #include <linux/msi.h>
26 #include <linux/of_address.h>
27 #include <linux/of_iommu.h>
28 #include <linux/of_platform.h>
29 #include <linux/pci.h>
30 #include <linux/platform_device.h>
32 #include <linux/amba/bus.h>
34 #include "io-pgtable.h"
37 #define ARM_SMMU_IDR0 0x0
38 #define IDR0_ST_LVL GENMASK(28, 27)
39 #define IDR0_ST_LVL_2LVL 1
40 #define IDR0_STALL_MODEL GENMASK(25, 24)
41 #define IDR0_STALL_MODEL_STALL 0
42 #define IDR0_STALL_MODEL_FORCE 2
43 #define IDR0_TTENDIAN GENMASK(22, 21)
44 #define IDR0_TTENDIAN_MIXED 0
45 #define IDR0_TTENDIAN_LE 2
46 #define IDR0_TTENDIAN_BE 3
47 #define IDR0_CD2L (1 << 19)
48 #define IDR0_VMID16 (1 << 18)
49 #define IDR0_PRI (1 << 16)
50 #define IDR0_SEV (1 << 14)
51 #define IDR0_MSI (1 << 13)
52 #define IDR0_ASID16 (1 << 12)
53 #define IDR0_ATS (1 << 10)
54 #define IDR0_HYP (1 << 9)
55 #define IDR0_COHACC (1 << 4)
56 #define IDR0_TTF GENMASK(3, 2)
57 #define IDR0_TTF_AARCH64 2
58 #define IDR0_TTF_AARCH32_64 3
59 #define IDR0_S1P (1 << 1)
60 #define IDR0_S2P (1 << 0)
62 #define ARM_SMMU_IDR1 0x4
63 #define IDR1_TABLES_PRESET (1 << 30)
64 #define IDR1_QUEUES_PRESET (1 << 29)
65 #define IDR1_REL (1 << 28)
66 #define IDR1_CMDQS GENMASK(25, 21)
67 #define IDR1_EVTQS GENMASK(20, 16)
68 #define IDR1_PRIQS GENMASK(15, 11)
69 #define IDR1_SSIDSIZE GENMASK(10, 6)
70 #define IDR1_SIDSIZE GENMASK(5, 0)
72 #define ARM_SMMU_IDR5 0x14
73 #define IDR5_STALL_MAX GENMASK(31, 16)
74 #define IDR5_GRAN64K (1 << 6)
75 #define IDR5_GRAN16K (1 << 5)
76 #define IDR5_GRAN4K (1 << 4)
77 #define IDR5_OAS GENMASK(2, 0)
78 #define IDR5_OAS_32_BIT 0
79 #define IDR5_OAS_36_BIT 1
80 #define IDR5_OAS_40_BIT 2
81 #define IDR5_OAS_42_BIT 3
82 #define IDR5_OAS_44_BIT 4
83 #define IDR5_OAS_48_BIT 5
84 #define IDR5_OAS_52_BIT 6
85 #define IDR5_VAX GENMASK(11, 10)
86 #define IDR5_VAX_52_BIT 1
88 #define ARM_SMMU_CR0 0x20
89 #define CR0_CMDQEN (1 << 3)
90 #define CR0_EVTQEN (1 << 2)
91 #define CR0_PRIQEN (1 << 1)
92 #define CR0_SMMUEN (1 << 0)
94 #define ARM_SMMU_CR0ACK 0x24
96 #define ARM_SMMU_CR1 0x28
97 #define CR1_TABLE_SH GENMASK(11, 10)
98 #define CR1_TABLE_OC GENMASK(9, 8)
99 #define CR1_TABLE_IC GENMASK(7, 6)
100 #define CR1_QUEUE_SH GENMASK(5, 4)
101 #define CR1_QUEUE_OC GENMASK(3, 2)
102 #define CR1_QUEUE_IC GENMASK(1, 0)
103 /* CR1 cacheability fields don't quite follow the usual TCR-style encoding */
104 #define CR1_CACHE_NC 0
105 #define CR1_CACHE_WB 1
106 #define CR1_CACHE_WT 2
108 #define ARM_SMMU_CR2 0x2c
109 #define CR2_PTM (1 << 2)
110 #define CR2_RECINVSID (1 << 1)
111 #define CR2_E2H (1 << 0)
113 #define ARM_SMMU_GBPA 0x44
114 #define GBPA_UPDATE (1 << 31)
115 #define GBPA_ABORT (1 << 20)
117 #define ARM_SMMU_IRQ_CTRL 0x50
118 #define IRQ_CTRL_EVTQ_IRQEN (1 << 2)
119 #define IRQ_CTRL_PRIQ_IRQEN (1 << 1)
120 #define IRQ_CTRL_GERROR_IRQEN (1 << 0)
122 #define ARM_SMMU_IRQ_CTRLACK 0x54
124 #define ARM_SMMU_GERROR 0x60
125 #define GERROR_SFM_ERR (1 << 8)
126 #define GERROR_MSI_GERROR_ABT_ERR (1 << 7)
127 #define GERROR_MSI_PRIQ_ABT_ERR (1 << 6)
128 #define GERROR_MSI_EVTQ_ABT_ERR (1 << 5)
129 #define GERROR_MSI_CMDQ_ABT_ERR (1 << 4)
130 #define GERROR_PRIQ_ABT_ERR (1 << 3)
131 #define GERROR_EVTQ_ABT_ERR (1 << 2)
132 #define GERROR_CMDQ_ERR (1 << 0)
133 #define GERROR_ERR_MASK 0xfd
135 #define ARM_SMMU_GERRORN 0x64
137 #define ARM_SMMU_GERROR_IRQ_CFG0 0x68
138 #define ARM_SMMU_GERROR_IRQ_CFG1 0x70
139 #define ARM_SMMU_GERROR_IRQ_CFG2 0x74
141 #define ARM_SMMU_STRTAB_BASE 0x80
142 #define STRTAB_BASE_RA (1UL << 62)
143 #define STRTAB_BASE_ADDR_MASK GENMASK_ULL(51, 6)
145 #define ARM_SMMU_STRTAB_BASE_CFG 0x88
146 #define STRTAB_BASE_CFG_FMT GENMASK(17, 16)
147 #define STRTAB_BASE_CFG_FMT_LINEAR 0
148 #define STRTAB_BASE_CFG_FMT_2LVL 1
149 #define STRTAB_BASE_CFG_SPLIT GENMASK(10, 6)
150 #define STRTAB_BASE_CFG_LOG2SIZE GENMASK(5, 0)
152 #define ARM_SMMU_CMDQ_BASE 0x90
153 #define ARM_SMMU_CMDQ_PROD 0x98
154 #define ARM_SMMU_CMDQ_CONS 0x9c
156 #define ARM_SMMU_EVTQ_BASE 0xa0
157 #define ARM_SMMU_EVTQ_PROD 0x100a8
158 #define ARM_SMMU_EVTQ_CONS 0x100ac
159 #define ARM_SMMU_EVTQ_IRQ_CFG0 0xb0
160 #define ARM_SMMU_EVTQ_IRQ_CFG1 0xb8
161 #define ARM_SMMU_EVTQ_IRQ_CFG2 0xbc
163 #define ARM_SMMU_PRIQ_BASE 0xc0
164 #define ARM_SMMU_PRIQ_PROD 0x100c8
165 #define ARM_SMMU_PRIQ_CONS 0x100cc
166 #define ARM_SMMU_PRIQ_IRQ_CFG0 0xd0
167 #define ARM_SMMU_PRIQ_IRQ_CFG1 0xd8
168 #define ARM_SMMU_PRIQ_IRQ_CFG2 0xdc
170 /* Common MSI config fields */
171 #define MSI_CFG0_ADDR_MASK GENMASK_ULL(51, 2)
172 #define MSI_CFG2_SH GENMASK(5, 4)
173 #define MSI_CFG2_MEMATTR GENMASK(3, 0)
175 /* Common memory attribute values */
176 #define ARM_SMMU_SH_NSH 0
177 #define ARM_SMMU_SH_OSH 2
178 #define ARM_SMMU_SH_ISH 3
179 #define ARM_SMMU_MEMATTR_DEVICE_nGnRE 0x1
180 #define ARM_SMMU_MEMATTR_OIWB 0xf
182 #define Q_IDX(q, p) ((p) & ((1 << (q)->max_n_shift) - 1))
183 #define Q_WRP(q, p) ((p) & (1 << (q)->max_n_shift))
184 #define Q_OVERFLOW_FLAG (1 << 31)
185 #define Q_OVF(q, p) ((p) & Q_OVERFLOW_FLAG)
186 #define Q_ENT(q, p) ((q)->base + \
187 Q_IDX(q, p) * (q)->ent_dwords)
189 #define Q_BASE_RWA (1UL << 62)
190 #define Q_BASE_ADDR_MASK GENMASK_ULL(51, 5)
191 #define Q_BASE_LOG2SIZE GENMASK(4, 0)
196 * Linear: Enough to cover 1 << IDR1.SIDSIZE entries
197 * 2lvl: 128k L1 entries,
198 * 256 lazy entries per table (each table covers a PCI bus)
200 #define STRTAB_L1_SZ_SHIFT 20
201 #define STRTAB_SPLIT 8
203 #define STRTAB_L1_DESC_DWORDS 1
204 #define STRTAB_L1_DESC_SPAN GENMASK_ULL(4, 0)
205 #define STRTAB_L1_DESC_L2PTR_MASK GENMASK_ULL(51, 6)
207 #define STRTAB_STE_DWORDS 8
208 #define STRTAB_STE_0_V (1UL << 0)
209 #define STRTAB_STE_0_CFG GENMASK_ULL(3, 1)
210 #define STRTAB_STE_0_CFG_ABORT 0
211 #define STRTAB_STE_0_CFG_BYPASS 4
212 #define STRTAB_STE_0_CFG_S1_TRANS 5
213 #define STRTAB_STE_0_CFG_S2_TRANS 6
215 #define STRTAB_STE_0_S1FMT GENMASK_ULL(5, 4)
216 #define STRTAB_STE_0_S1FMT_LINEAR 0
217 #define STRTAB_STE_0_S1CTXPTR_MASK GENMASK_ULL(51, 6)
218 #define STRTAB_STE_0_S1CDMAX GENMASK_ULL(63, 59)
220 #define STRTAB_STE_1_S1C_CACHE_NC 0UL
221 #define STRTAB_STE_1_S1C_CACHE_WBRA 1UL
222 #define STRTAB_STE_1_S1C_CACHE_WT 2UL
223 #define STRTAB_STE_1_S1C_CACHE_WB 3UL
224 #define STRTAB_STE_1_S1CIR GENMASK_ULL(3, 2)
225 #define STRTAB_STE_1_S1COR GENMASK_ULL(5, 4)
226 #define STRTAB_STE_1_S1CSH GENMASK_ULL(7, 6)
228 #define STRTAB_STE_1_S1STALLD (1UL << 27)
230 #define STRTAB_STE_1_EATS GENMASK_ULL(29, 28)
231 #define STRTAB_STE_1_EATS_ABT 0UL
232 #define STRTAB_STE_1_EATS_TRANS 1UL
233 #define STRTAB_STE_1_EATS_S1CHK 2UL
235 #define STRTAB_STE_1_STRW GENMASK_ULL(31, 30)
236 #define STRTAB_STE_1_STRW_NSEL1 0UL
237 #define STRTAB_STE_1_STRW_EL2 2UL
239 #define STRTAB_STE_1_SHCFG GENMASK_ULL(45, 44)
240 #define STRTAB_STE_1_SHCFG_INCOMING 1UL
242 #define STRTAB_STE_2_S2VMID GENMASK_ULL(15, 0)
243 #define STRTAB_STE_2_VTCR GENMASK_ULL(50, 32)
244 #define STRTAB_STE_2_S2AA64 (1UL << 51)
245 #define STRTAB_STE_2_S2ENDI (1UL << 52)
246 #define STRTAB_STE_2_S2PTW (1UL << 54)
247 #define STRTAB_STE_2_S2R (1UL << 58)
249 #define STRTAB_STE_3_S2TTB_MASK GENMASK_ULL(51, 4)
251 /* Context descriptor (stage-1 only) */
252 #define CTXDESC_CD_DWORDS 8
253 #define CTXDESC_CD_0_TCR_T0SZ GENMASK_ULL(5, 0)
254 #define ARM64_TCR_T0SZ GENMASK_ULL(5, 0)
255 #define CTXDESC_CD_0_TCR_TG0 GENMASK_ULL(7, 6)
256 #define ARM64_TCR_TG0 GENMASK_ULL(15, 14)
257 #define CTXDESC_CD_0_TCR_IRGN0 GENMASK_ULL(9, 8)
258 #define ARM64_TCR_IRGN0 GENMASK_ULL(9, 8)
259 #define CTXDESC_CD_0_TCR_ORGN0 GENMASK_ULL(11, 10)
260 #define ARM64_TCR_ORGN0 GENMASK_ULL(11, 10)
261 #define CTXDESC_CD_0_TCR_SH0 GENMASK_ULL(13, 12)
262 #define ARM64_TCR_SH0 GENMASK_ULL(13, 12)
263 #define CTXDESC_CD_0_TCR_EPD0 (1ULL << 14)
264 #define ARM64_TCR_EPD0 (1ULL << 7)
265 #define CTXDESC_CD_0_TCR_EPD1 (1ULL << 30)
266 #define ARM64_TCR_EPD1 (1ULL << 23)
268 #define CTXDESC_CD_0_ENDI (1UL << 15)
269 #define CTXDESC_CD_0_V (1UL << 31)
271 #define CTXDESC_CD_0_TCR_IPS GENMASK_ULL(34, 32)
272 #define ARM64_TCR_IPS GENMASK_ULL(34, 32)
273 #define CTXDESC_CD_0_TCR_TBI0 (1ULL << 38)
274 #define ARM64_TCR_TBI0 (1ULL << 37)
276 #define CTXDESC_CD_0_AA64 (1UL << 41)
277 #define CTXDESC_CD_0_S (1UL << 44)
278 #define CTXDESC_CD_0_R (1UL << 45)
279 #define CTXDESC_CD_0_A (1UL << 46)
280 #define CTXDESC_CD_0_ASET (1UL << 47)
281 #define CTXDESC_CD_0_ASID GENMASK_ULL(63, 48)
283 #define CTXDESC_CD_1_TTB0_MASK GENMASK_ULL(51, 4)
285 /* Convert between AArch64 (CPU) TCR format and SMMU CD format */
286 #define ARM_SMMU_TCR2CD(tcr, fld) FIELD_PREP(CTXDESC_CD_0_TCR_##fld, \
287 FIELD_GET(ARM64_TCR_##fld, tcr))
290 #define CMDQ_ENT_DWORDS 2
291 #define CMDQ_MAX_SZ_SHIFT 8
293 #define CMDQ_CONS_ERR GENMASK(30, 24)
294 #define CMDQ_ERR_CERROR_NONE_IDX 0
295 #define CMDQ_ERR_CERROR_ILL_IDX 1
296 #define CMDQ_ERR_CERROR_ABT_IDX 2
298 #define CMDQ_0_OP GENMASK_ULL(7, 0)
299 #define CMDQ_0_SSV (1UL << 11)
301 #define CMDQ_PREFETCH_0_SID GENMASK_ULL(63, 32)
302 #define CMDQ_PREFETCH_1_SIZE GENMASK_ULL(4, 0)
303 #define CMDQ_PREFETCH_1_ADDR_MASK GENMASK_ULL(63, 12)
305 #define CMDQ_CFGI_0_SID GENMASK_ULL(63, 32)
306 #define CMDQ_CFGI_1_LEAF (1UL << 0)
307 #define CMDQ_CFGI_1_RANGE GENMASK_ULL(4, 0)
309 #define CMDQ_TLBI_0_VMID GENMASK_ULL(47, 32)
310 #define CMDQ_TLBI_0_ASID GENMASK_ULL(63, 48)
311 #define CMDQ_TLBI_1_LEAF (1UL << 0)
312 #define CMDQ_TLBI_1_VA_MASK GENMASK_ULL(63, 12)
313 #define CMDQ_TLBI_1_IPA_MASK GENMASK_ULL(51, 12)
315 #define CMDQ_PRI_0_SSID GENMASK_ULL(31, 12)
316 #define CMDQ_PRI_0_SID GENMASK_ULL(63, 32)
317 #define CMDQ_PRI_1_GRPID GENMASK_ULL(8, 0)
318 #define CMDQ_PRI_1_RESP GENMASK_ULL(13, 12)
320 #define CMDQ_SYNC_0_CS GENMASK_ULL(13, 12)
321 #define CMDQ_SYNC_0_CS_NONE 0
322 #define CMDQ_SYNC_0_CS_IRQ 1
323 #define CMDQ_SYNC_0_CS_SEV 2
324 #define CMDQ_SYNC_0_MSH GENMASK_ULL(23, 22)
325 #define CMDQ_SYNC_0_MSIATTR GENMASK_ULL(27, 24)
326 #define CMDQ_SYNC_0_MSIDATA GENMASK_ULL(63, 32)
327 #define CMDQ_SYNC_1_MSIADDR_MASK GENMASK_ULL(51, 2)
330 #define EVTQ_ENT_DWORDS 4
331 #define EVTQ_MAX_SZ_SHIFT 7
333 #define EVTQ_0_ID GENMASK_ULL(7, 0)
336 #define PRIQ_ENT_DWORDS 2
337 #define PRIQ_MAX_SZ_SHIFT 8
339 #define PRIQ_0_SID GENMASK_ULL(31, 0)
340 #define PRIQ_0_SSID GENMASK_ULL(51, 32)
341 #define PRIQ_0_PERM_PRIV (1UL << 58)
342 #define PRIQ_0_PERM_EXEC (1UL << 59)
343 #define PRIQ_0_PERM_READ (1UL << 60)
344 #define PRIQ_0_PERM_WRITE (1UL << 61)
345 #define PRIQ_0_PRG_LAST (1UL << 62)
346 #define PRIQ_0_SSID_V (1UL << 63)
348 #define PRIQ_1_PRG_IDX GENMASK_ULL(8, 0)
349 #define PRIQ_1_ADDR_MASK GENMASK_ULL(63, 12)
351 /* High-level queue structures */
352 #define ARM_SMMU_POLL_TIMEOUT_US 100
353 #define ARM_SMMU_CMDQ_SYNC_TIMEOUT_US 1000000 /* 1s! */
354 #define ARM_SMMU_CMDQ_SYNC_SPIN_COUNT 10
356 #define MSI_IOVA_BASE 0x8000000
357 #define MSI_IOVA_LENGTH 0x100000
359 static bool disable_bypass = 1;
360 module_param_named(disable_bypass, disable_bypass, bool, S_IRUGO);
361 MODULE_PARM_DESC(disable_bypass,
362 "Disable bypass streams such that incoming transactions from devices that are not attached to an iommu domain will report an abort back to the device and will not be allowed to pass through the SMMU.");
370 enum arm_smmu_msi_index {
377 static phys_addr_t arm_smmu_msi_cfg[ARM_SMMU_MAX_MSIS][3] = {
379 ARM_SMMU_EVTQ_IRQ_CFG0,
380 ARM_SMMU_EVTQ_IRQ_CFG1,
381 ARM_SMMU_EVTQ_IRQ_CFG2,
383 [GERROR_MSI_INDEX] = {
384 ARM_SMMU_GERROR_IRQ_CFG0,
385 ARM_SMMU_GERROR_IRQ_CFG1,
386 ARM_SMMU_GERROR_IRQ_CFG2,
389 ARM_SMMU_PRIQ_IRQ_CFG0,
390 ARM_SMMU_PRIQ_IRQ_CFG1,
391 ARM_SMMU_PRIQ_IRQ_CFG2,
395 struct arm_smmu_cmdq_ent {
398 bool substream_valid;
400 /* Command-specific fields */
402 #define CMDQ_OP_PREFETCH_CFG 0x1
409 #define CMDQ_OP_CFGI_STE 0x3
410 #define CMDQ_OP_CFGI_ALL 0x4
419 #define CMDQ_OP_TLBI_NH_ASID 0x11
420 #define CMDQ_OP_TLBI_NH_VA 0x12
421 #define CMDQ_OP_TLBI_EL2_ALL 0x20
422 #define CMDQ_OP_TLBI_S12_VMALL 0x28
423 #define CMDQ_OP_TLBI_S2_IPA 0x2a
424 #define CMDQ_OP_TLBI_NSNH_ALL 0x30
432 #define CMDQ_OP_PRI_RESP 0x41
440 #define CMDQ_OP_CMD_SYNC 0x46
448 struct arm_smmu_queue {
449 int irq; /* Wired interrupt */
460 u32 __iomem *prod_reg;
461 u32 __iomem *cons_reg;
464 struct arm_smmu_cmdq {
465 struct arm_smmu_queue q;
469 struct arm_smmu_evtq {
470 struct arm_smmu_queue q;
474 struct arm_smmu_priq {
475 struct arm_smmu_queue q;
478 /* High-level stream table and context descriptor structures */
479 struct arm_smmu_strtab_l1_desc {
483 dma_addr_t l2ptr_dma;
486 struct arm_smmu_s1_cfg {
488 dma_addr_t cdptr_dma;
490 struct arm_smmu_ctx_desc {
498 struct arm_smmu_s2_cfg {
504 struct arm_smmu_strtab_ent {
506 * An STE is "assigned" if the master emitting the corresponding SID
507 * is attached to a domain. The behaviour of an unassigned STE is
508 * determined by the disable_bypass parameter, whereas an assigned
509 * STE behaves according to s1_cfg/s2_cfg, which themselves are
510 * configured according to the domain type.
513 struct arm_smmu_s1_cfg *s1_cfg;
514 struct arm_smmu_s2_cfg *s2_cfg;
517 struct arm_smmu_strtab_cfg {
519 dma_addr_t strtab_dma;
520 struct arm_smmu_strtab_l1_desc *l1_desc;
521 unsigned int num_l1_ents;
527 /* An SMMUv3 instance */
528 struct arm_smmu_device {
532 #define ARM_SMMU_FEAT_2_LVL_STRTAB (1 << 0)
533 #define ARM_SMMU_FEAT_2_LVL_CDTAB (1 << 1)
534 #define ARM_SMMU_FEAT_TT_LE (1 << 2)
535 #define ARM_SMMU_FEAT_TT_BE (1 << 3)
536 #define ARM_SMMU_FEAT_PRI (1 << 4)
537 #define ARM_SMMU_FEAT_ATS (1 << 5)
538 #define ARM_SMMU_FEAT_SEV (1 << 6)
539 #define ARM_SMMU_FEAT_MSI (1 << 7)
540 #define ARM_SMMU_FEAT_COHERENCY (1 << 8)
541 #define ARM_SMMU_FEAT_TRANS_S1 (1 << 9)
542 #define ARM_SMMU_FEAT_TRANS_S2 (1 << 10)
543 #define ARM_SMMU_FEAT_STALLS (1 << 11)
544 #define ARM_SMMU_FEAT_HYP (1 << 12)
545 #define ARM_SMMU_FEAT_STALL_FORCE (1 << 13)
546 #define ARM_SMMU_FEAT_VAX (1 << 14)
549 #define ARM_SMMU_OPT_SKIP_PREFETCH (1 << 0)
550 #define ARM_SMMU_OPT_PAGE0_REGS_ONLY (1 << 1)
553 struct arm_smmu_cmdq cmdq;
554 struct arm_smmu_evtq evtq;
555 struct arm_smmu_priq priq;
562 unsigned long ias; /* IPA */
563 unsigned long oas; /* PA */
564 unsigned long pgsize_bitmap;
566 #define ARM_SMMU_MAX_ASIDS (1 << 16)
567 unsigned int asid_bits;
568 DECLARE_BITMAP(asid_map, ARM_SMMU_MAX_ASIDS);
570 #define ARM_SMMU_MAX_VMIDS (1 << 16)
571 unsigned int vmid_bits;
572 DECLARE_BITMAP(vmid_map, ARM_SMMU_MAX_VMIDS);
574 unsigned int ssid_bits;
575 unsigned int sid_bits;
577 struct arm_smmu_strtab_cfg strtab_cfg;
581 /* IOMMU core code handle */
582 struct iommu_device iommu;
585 /* SMMU private data for each master */
586 struct arm_smmu_master_data {
587 struct arm_smmu_device *smmu;
588 struct arm_smmu_strtab_ent ste;
591 /* SMMU private data for an IOMMU domain */
592 enum arm_smmu_domain_stage {
593 ARM_SMMU_DOMAIN_S1 = 0,
595 ARM_SMMU_DOMAIN_NESTED,
596 ARM_SMMU_DOMAIN_BYPASS,
599 struct arm_smmu_domain {
600 struct arm_smmu_device *smmu;
601 struct mutex init_mutex; /* Protects smmu pointer */
603 struct io_pgtable_ops *pgtbl_ops;
606 enum arm_smmu_domain_stage stage;
608 struct arm_smmu_s1_cfg s1_cfg;
609 struct arm_smmu_s2_cfg s2_cfg;
612 struct iommu_domain domain;
615 struct arm_smmu_option_prop {
620 static struct arm_smmu_option_prop arm_smmu_options[] = {
621 { ARM_SMMU_OPT_SKIP_PREFETCH, "hisilicon,broken-prefetch-cmd" },
622 { ARM_SMMU_OPT_PAGE0_REGS_ONLY, "cavium,cn9900-broken-page1-regspace"},
626 static inline void __iomem *arm_smmu_page1_fixup(unsigned long offset,
627 struct arm_smmu_device *smmu)
629 if ((offset > SZ_64K) &&
630 (smmu->options & ARM_SMMU_OPT_PAGE0_REGS_ONLY))
633 return smmu->base + offset;
636 static struct arm_smmu_domain *to_smmu_domain(struct iommu_domain *dom)
638 return container_of(dom, struct arm_smmu_domain, domain);
641 static void parse_driver_options(struct arm_smmu_device *smmu)
646 if (of_property_read_bool(smmu->dev->of_node,
647 arm_smmu_options[i].prop)) {
648 smmu->options |= arm_smmu_options[i].opt;
649 dev_notice(smmu->dev, "option %s\n",
650 arm_smmu_options[i].prop);
652 } while (arm_smmu_options[++i].opt);
655 /* Low-level queue manipulation functions */
656 static bool queue_full(struct arm_smmu_queue *q)
658 return Q_IDX(q, q->prod) == Q_IDX(q, q->cons) &&
659 Q_WRP(q, q->prod) != Q_WRP(q, q->cons);
662 static bool queue_empty(struct arm_smmu_queue *q)
664 return Q_IDX(q, q->prod) == Q_IDX(q, q->cons) &&
665 Q_WRP(q, q->prod) == Q_WRP(q, q->cons);
668 static void queue_sync_cons(struct arm_smmu_queue *q)
670 q->cons = readl_relaxed(q->cons_reg);
673 static void queue_inc_cons(struct arm_smmu_queue *q)
675 u32 cons = (Q_WRP(q, q->cons) | Q_IDX(q, q->cons)) + 1;
677 q->cons = Q_OVF(q, q->cons) | Q_WRP(q, cons) | Q_IDX(q, cons);
678 writel(q->cons, q->cons_reg);
681 static int queue_sync_prod(struct arm_smmu_queue *q)
684 u32 prod = readl_relaxed(q->prod_reg);
686 if (Q_OVF(q, prod) != Q_OVF(q, q->prod))
693 static void queue_inc_prod(struct arm_smmu_queue *q)
695 u32 prod = (Q_WRP(q, q->prod) | Q_IDX(q, q->prod)) + 1;
697 q->prod = Q_OVF(q, q->prod) | Q_WRP(q, prod) | Q_IDX(q, prod);
698 writel(q->prod, q->prod_reg);
702 * Wait for the SMMU to consume items. If sync is true, wait until the queue
703 * is empty. Otherwise, wait until there is at least one free slot.
705 static int queue_poll_cons(struct arm_smmu_queue *q, bool sync, bool wfe)
708 unsigned int delay = 1, spin_cnt = 0;
710 /* Wait longer if it's a CMD_SYNC */
711 timeout = ktime_add_us(ktime_get(), sync ?
712 ARM_SMMU_CMDQ_SYNC_TIMEOUT_US :
713 ARM_SMMU_POLL_TIMEOUT_US);
715 while (queue_sync_cons(q), (sync ? !queue_empty(q) : queue_full(q))) {
716 if (ktime_compare(ktime_get(), timeout) > 0)
721 } else if (++spin_cnt < ARM_SMMU_CMDQ_SYNC_SPIN_COUNT) {
734 static void queue_write(__le64 *dst, u64 *src, size_t n_dwords)
738 for (i = 0; i < n_dwords; ++i)
739 *dst++ = cpu_to_le64(*src++);
742 static int queue_insert_raw(struct arm_smmu_queue *q, u64 *ent)
747 queue_write(Q_ENT(q, q->prod), ent, q->ent_dwords);
752 static void queue_read(__le64 *dst, u64 *src, size_t n_dwords)
756 for (i = 0; i < n_dwords; ++i)
757 *dst++ = le64_to_cpu(*src++);
760 static int queue_remove_raw(struct arm_smmu_queue *q, u64 *ent)
765 queue_read(ent, Q_ENT(q, q->cons), q->ent_dwords);
770 /* High-level queue accessors */
771 static int arm_smmu_cmdq_build_cmd(u64 *cmd, struct arm_smmu_cmdq_ent *ent)
773 memset(cmd, 0, CMDQ_ENT_DWORDS << 3);
774 cmd[0] |= FIELD_PREP(CMDQ_0_OP, ent->opcode);
776 switch (ent->opcode) {
777 case CMDQ_OP_TLBI_EL2_ALL:
778 case CMDQ_OP_TLBI_NSNH_ALL:
780 case CMDQ_OP_PREFETCH_CFG:
781 cmd[0] |= FIELD_PREP(CMDQ_PREFETCH_0_SID, ent->prefetch.sid);
782 cmd[1] |= FIELD_PREP(CMDQ_PREFETCH_1_SIZE, ent->prefetch.size);
783 cmd[1] |= ent->prefetch.addr & CMDQ_PREFETCH_1_ADDR_MASK;
785 case CMDQ_OP_CFGI_STE:
786 cmd[0] |= FIELD_PREP(CMDQ_CFGI_0_SID, ent->cfgi.sid);
787 cmd[1] |= FIELD_PREP(CMDQ_CFGI_1_LEAF, ent->cfgi.leaf);
789 case CMDQ_OP_CFGI_ALL:
790 /* Cover the entire SID range */
791 cmd[1] |= FIELD_PREP(CMDQ_CFGI_1_RANGE, 31);
793 case CMDQ_OP_TLBI_NH_VA:
794 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_ASID, ent->tlbi.asid);
795 cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_LEAF, ent->tlbi.leaf);
796 cmd[1] |= ent->tlbi.addr & CMDQ_TLBI_1_VA_MASK;
798 case CMDQ_OP_TLBI_S2_IPA:
799 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid);
800 cmd[1] |= FIELD_PREP(CMDQ_TLBI_1_LEAF, ent->tlbi.leaf);
801 cmd[1] |= ent->tlbi.addr & CMDQ_TLBI_1_IPA_MASK;
803 case CMDQ_OP_TLBI_NH_ASID:
804 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_ASID, ent->tlbi.asid);
806 case CMDQ_OP_TLBI_S12_VMALL:
807 cmd[0] |= FIELD_PREP(CMDQ_TLBI_0_VMID, ent->tlbi.vmid);
809 case CMDQ_OP_PRI_RESP:
810 cmd[0] |= FIELD_PREP(CMDQ_0_SSV, ent->substream_valid);
811 cmd[0] |= FIELD_PREP(CMDQ_PRI_0_SSID, ent->pri.ssid);
812 cmd[0] |= FIELD_PREP(CMDQ_PRI_0_SID, ent->pri.sid);
813 cmd[1] |= FIELD_PREP(CMDQ_PRI_1_GRPID, ent->pri.grpid);
814 switch (ent->pri.resp) {
822 cmd[1] |= FIELD_PREP(CMDQ_PRI_1_RESP, ent->pri.resp);
824 case CMDQ_OP_CMD_SYNC:
825 if (ent->sync.msiaddr)
826 cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_CS, CMDQ_SYNC_0_CS_IRQ);
828 cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_CS, CMDQ_SYNC_0_CS_SEV);
829 cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_MSH, ARM_SMMU_SH_ISH);
830 cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_MSIATTR, ARM_SMMU_MEMATTR_OIWB);
831 cmd[0] |= FIELD_PREP(CMDQ_SYNC_0_MSIDATA, ent->sync.msidata);
832 cmd[1] |= ent->sync.msiaddr & CMDQ_SYNC_1_MSIADDR_MASK;
841 static void arm_smmu_cmdq_skip_err(struct arm_smmu_device *smmu)
843 static const char *cerror_str[] = {
844 [CMDQ_ERR_CERROR_NONE_IDX] = "No error",
845 [CMDQ_ERR_CERROR_ILL_IDX] = "Illegal command",
846 [CMDQ_ERR_CERROR_ABT_IDX] = "Abort on command fetch",
850 u64 cmd[CMDQ_ENT_DWORDS];
851 struct arm_smmu_queue *q = &smmu->cmdq.q;
852 u32 cons = readl_relaxed(q->cons_reg);
853 u32 idx = FIELD_GET(CMDQ_CONS_ERR, cons);
854 struct arm_smmu_cmdq_ent cmd_sync = {
855 .opcode = CMDQ_OP_CMD_SYNC,
858 dev_err(smmu->dev, "CMDQ error (cons 0x%08x): %s\n", cons,
859 idx < ARRAY_SIZE(cerror_str) ? cerror_str[idx] : "Unknown");
862 case CMDQ_ERR_CERROR_ABT_IDX:
863 dev_err(smmu->dev, "retrying command fetch\n");
864 case CMDQ_ERR_CERROR_NONE_IDX:
866 case CMDQ_ERR_CERROR_ILL_IDX:
873 * We may have concurrent producers, so we need to be careful
874 * not to touch any of the shadow cmdq state.
876 queue_read(cmd, Q_ENT(q, cons), q->ent_dwords);
877 dev_err(smmu->dev, "skipping command in error state:\n");
878 for (i = 0; i < ARRAY_SIZE(cmd); ++i)
879 dev_err(smmu->dev, "\t0x%016llx\n", (unsigned long long)cmd[i]);
881 /* Convert the erroneous command into a CMD_SYNC */
882 if (arm_smmu_cmdq_build_cmd(cmd, &cmd_sync)) {
883 dev_err(smmu->dev, "failed to convert to CMD_SYNC\n");
887 queue_write(Q_ENT(q, cons), cmd, q->ent_dwords);
890 static void arm_smmu_cmdq_insert_cmd(struct arm_smmu_device *smmu, u64 *cmd)
892 struct arm_smmu_queue *q = &smmu->cmdq.q;
893 bool wfe = !!(smmu->features & ARM_SMMU_FEAT_SEV);
895 smmu->prev_cmd_opcode = FIELD_GET(CMDQ_0_OP, cmd[0]);
897 while (queue_insert_raw(q, cmd) == -ENOSPC) {
898 if (queue_poll_cons(q, false, wfe))
899 dev_err_ratelimited(smmu->dev, "CMDQ timeout\n");
903 static void arm_smmu_cmdq_issue_cmd(struct arm_smmu_device *smmu,
904 struct arm_smmu_cmdq_ent *ent)
906 u64 cmd[CMDQ_ENT_DWORDS];
909 if (arm_smmu_cmdq_build_cmd(cmd, ent)) {
910 dev_warn(smmu->dev, "ignoring unknown CMDQ opcode 0x%x\n",
915 spin_lock_irqsave(&smmu->cmdq.lock, flags);
916 arm_smmu_cmdq_insert_cmd(smmu, cmd);
917 spin_unlock_irqrestore(&smmu->cmdq.lock, flags);
921 * The difference between val and sync_idx is bounded by the maximum size of
922 * a queue at 2^20 entries, so 32 bits is plenty for wrap-safe arithmetic.
924 static int __arm_smmu_sync_poll_msi(struct arm_smmu_device *smmu, u32 sync_idx)
929 timeout = ktime_add_us(ktime_get(), ARM_SMMU_CMDQ_SYNC_TIMEOUT_US);
930 val = smp_cond_load_acquire(&smmu->sync_count,
931 (int)(VAL - sync_idx) >= 0 ||
932 !ktime_before(ktime_get(), timeout));
934 return (int)(val - sync_idx) < 0 ? -ETIMEDOUT : 0;
937 static int __arm_smmu_cmdq_issue_sync_msi(struct arm_smmu_device *smmu)
939 u64 cmd[CMDQ_ENT_DWORDS];
941 struct arm_smmu_cmdq_ent ent = {
942 .opcode = CMDQ_OP_CMD_SYNC,
944 .msiaddr = virt_to_phys(&smmu->sync_count),
948 spin_lock_irqsave(&smmu->cmdq.lock, flags);
950 /* Piggy-back on the previous command if it's a SYNC */
951 if (smmu->prev_cmd_opcode == CMDQ_OP_CMD_SYNC) {
952 ent.sync.msidata = smmu->sync_nr;
954 ent.sync.msidata = ++smmu->sync_nr;
955 arm_smmu_cmdq_build_cmd(cmd, &ent);
956 arm_smmu_cmdq_insert_cmd(smmu, cmd);
959 spin_unlock_irqrestore(&smmu->cmdq.lock, flags);
961 return __arm_smmu_sync_poll_msi(smmu, ent.sync.msidata);
964 static int __arm_smmu_cmdq_issue_sync(struct arm_smmu_device *smmu)
966 u64 cmd[CMDQ_ENT_DWORDS];
968 bool wfe = !!(smmu->features & ARM_SMMU_FEAT_SEV);
969 struct arm_smmu_cmdq_ent ent = { .opcode = CMDQ_OP_CMD_SYNC };
972 arm_smmu_cmdq_build_cmd(cmd, &ent);
974 spin_lock_irqsave(&smmu->cmdq.lock, flags);
975 arm_smmu_cmdq_insert_cmd(smmu, cmd);
976 ret = queue_poll_cons(&smmu->cmdq.q, true, wfe);
977 spin_unlock_irqrestore(&smmu->cmdq.lock, flags);
982 static void arm_smmu_cmdq_issue_sync(struct arm_smmu_device *smmu)
985 bool msi = (smmu->features & ARM_SMMU_FEAT_MSI) &&
986 (smmu->features & ARM_SMMU_FEAT_COHERENCY);
988 ret = msi ? __arm_smmu_cmdq_issue_sync_msi(smmu)
989 : __arm_smmu_cmdq_issue_sync(smmu);
991 dev_err_ratelimited(smmu->dev, "CMD_SYNC timeout\n");
994 /* Context descriptor manipulation functions */
995 static u64 arm_smmu_cpu_tcr_to_cd(u64 tcr)
999 /* Repack the TCR. Just care about TTBR0 for now */
1000 val |= ARM_SMMU_TCR2CD(tcr, T0SZ);
1001 val |= ARM_SMMU_TCR2CD(tcr, TG0);
1002 val |= ARM_SMMU_TCR2CD(tcr, IRGN0);
1003 val |= ARM_SMMU_TCR2CD(tcr, ORGN0);
1004 val |= ARM_SMMU_TCR2CD(tcr, SH0);
1005 val |= ARM_SMMU_TCR2CD(tcr, EPD0);
1006 val |= ARM_SMMU_TCR2CD(tcr, EPD1);
1007 val |= ARM_SMMU_TCR2CD(tcr, IPS);
1008 val |= ARM_SMMU_TCR2CD(tcr, TBI0);
1013 static void arm_smmu_write_ctx_desc(struct arm_smmu_device *smmu,
1014 struct arm_smmu_s1_cfg *cfg)
1019 * We don't need to issue any invalidation here, as we'll invalidate
1020 * the STE when installing the new entry anyway.
1022 val = arm_smmu_cpu_tcr_to_cd(cfg->cd.tcr) |
1026 CTXDESC_CD_0_R | CTXDESC_CD_0_A | CTXDESC_CD_0_ASET |
1027 CTXDESC_CD_0_AA64 | FIELD_PREP(CTXDESC_CD_0_ASID, cfg->cd.asid) |
1030 /* STALL_MODEL==0b10 && CD.S==0 is ILLEGAL */
1031 if (smmu->features & ARM_SMMU_FEAT_STALL_FORCE)
1032 val |= CTXDESC_CD_0_S;
1034 cfg->cdptr[0] = cpu_to_le64(val);
1036 val = cfg->cd.ttbr & CTXDESC_CD_1_TTB0_MASK;
1037 cfg->cdptr[1] = cpu_to_le64(val);
1039 cfg->cdptr[3] = cpu_to_le64(cfg->cd.mair);
1042 /* Stream table manipulation functions */
1044 arm_smmu_write_strtab_l1_desc(__le64 *dst, struct arm_smmu_strtab_l1_desc *desc)
1048 val |= FIELD_PREP(STRTAB_L1_DESC_SPAN, desc->span);
1049 val |= desc->l2ptr_dma & STRTAB_L1_DESC_L2PTR_MASK;
1051 *dst = cpu_to_le64(val);
1054 static void arm_smmu_sync_ste_for_sid(struct arm_smmu_device *smmu, u32 sid)
1056 struct arm_smmu_cmdq_ent cmd = {
1057 .opcode = CMDQ_OP_CFGI_STE,
1064 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
1065 arm_smmu_cmdq_issue_sync(smmu);
1068 static void arm_smmu_write_strtab_ent(struct arm_smmu_device *smmu, u32 sid,
1069 __le64 *dst, struct arm_smmu_strtab_ent *ste)
1072 * This is hideously complicated, but we only really care about
1073 * three cases at the moment:
1075 * 1. Invalid (all zero) -> bypass/fault (init)
1076 * 2. Bypass/fault -> translation/bypass (attach)
1077 * 3. Translation/bypass -> bypass/fault (detach)
1079 * Given that we can't update the STE atomically and the SMMU
1080 * doesn't read the thing in a defined order, that leaves us
1081 * with the following maintenance requirements:
1083 * 1. Update Config, return (init time STEs aren't live)
1084 * 2. Write everything apart from dword 0, sync, write dword 0, sync
1085 * 3. Update Config, sync
1087 u64 val = le64_to_cpu(dst[0]);
1088 bool ste_live = false;
1089 struct arm_smmu_cmdq_ent prefetch_cmd = {
1090 .opcode = CMDQ_OP_PREFETCH_CFG,
1096 if (val & STRTAB_STE_0_V) {
1097 switch (FIELD_GET(STRTAB_STE_0_CFG, val)) {
1098 case STRTAB_STE_0_CFG_BYPASS:
1100 case STRTAB_STE_0_CFG_S1_TRANS:
1101 case STRTAB_STE_0_CFG_S2_TRANS:
1104 case STRTAB_STE_0_CFG_ABORT:
1108 BUG(); /* STE corruption */
1112 /* Nuke the existing STE_0 value, as we're going to rewrite it */
1113 val = STRTAB_STE_0_V;
1116 if (!ste->assigned || !(ste->s1_cfg || ste->s2_cfg)) {
1117 if (!ste->assigned && disable_bypass)
1118 val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_ABORT);
1120 val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_BYPASS);
1122 dst[0] = cpu_to_le64(val);
1123 dst[1] = cpu_to_le64(FIELD_PREP(STRTAB_STE_1_SHCFG,
1124 STRTAB_STE_1_SHCFG_INCOMING));
1125 dst[2] = 0; /* Nuke the VMID */
1127 * The SMMU can perform negative caching, so we must sync
1128 * the STE regardless of whether the old value was live.
1131 arm_smmu_sync_ste_for_sid(smmu, sid);
1137 dst[1] = cpu_to_le64(
1138 FIELD_PREP(STRTAB_STE_1_S1CIR, STRTAB_STE_1_S1C_CACHE_WBRA) |
1139 FIELD_PREP(STRTAB_STE_1_S1COR, STRTAB_STE_1_S1C_CACHE_WBRA) |
1140 FIELD_PREP(STRTAB_STE_1_S1CSH, ARM_SMMU_SH_ISH) |
1141 #ifdef CONFIG_PCI_ATS
1142 FIELD_PREP(STRTAB_STE_1_EATS, STRTAB_STE_1_EATS_TRANS) |
1144 FIELD_PREP(STRTAB_STE_1_STRW, STRTAB_STE_1_STRW_NSEL1));
1146 if (smmu->features & ARM_SMMU_FEAT_STALLS &&
1147 !(smmu->features & ARM_SMMU_FEAT_STALL_FORCE))
1148 dst[1] |= cpu_to_le64(STRTAB_STE_1_S1STALLD);
1150 val |= (ste->s1_cfg->cdptr_dma & STRTAB_STE_0_S1CTXPTR_MASK) |
1151 FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_S1_TRANS);
1156 dst[2] = cpu_to_le64(
1157 FIELD_PREP(STRTAB_STE_2_S2VMID, ste->s2_cfg->vmid) |
1158 FIELD_PREP(STRTAB_STE_2_VTCR, ste->s2_cfg->vtcr) |
1160 STRTAB_STE_2_S2ENDI |
1162 STRTAB_STE_2_S2PTW | STRTAB_STE_2_S2AA64 |
1165 dst[3] = cpu_to_le64(ste->s2_cfg->vttbr & STRTAB_STE_3_S2TTB_MASK);
1167 val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_S2_TRANS);
1170 arm_smmu_sync_ste_for_sid(smmu, sid);
1171 dst[0] = cpu_to_le64(val);
1172 arm_smmu_sync_ste_for_sid(smmu, sid);
1174 /* It's likely that we'll want to use the new STE soon */
1175 if (!(smmu->options & ARM_SMMU_OPT_SKIP_PREFETCH))
1176 arm_smmu_cmdq_issue_cmd(smmu, &prefetch_cmd);
1179 static void arm_smmu_init_bypass_stes(u64 *strtab, unsigned int nent)
1182 struct arm_smmu_strtab_ent ste = { .assigned = false };
1184 for (i = 0; i < nent; ++i) {
1185 arm_smmu_write_strtab_ent(NULL, -1, strtab, &ste);
1186 strtab += STRTAB_STE_DWORDS;
1190 static int arm_smmu_init_l2_strtab(struct arm_smmu_device *smmu, u32 sid)
1194 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
1195 struct arm_smmu_strtab_l1_desc *desc = &cfg->l1_desc[sid >> STRTAB_SPLIT];
1200 size = 1 << (STRTAB_SPLIT + ilog2(STRTAB_STE_DWORDS) + 3);
1201 strtab = &cfg->strtab[(sid >> STRTAB_SPLIT) * STRTAB_L1_DESC_DWORDS];
1203 desc->span = STRTAB_SPLIT + 1;
1204 desc->l2ptr = dmam_alloc_coherent(smmu->dev, size, &desc->l2ptr_dma,
1205 GFP_KERNEL | __GFP_ZERO);
1208 "failed to allocate l2 stream table for SID %u\n",
1213 arm_smmu_init_bypass_stes(desc->l2ptr, 1 << STRTAB_SPLIT);
1214 arm_smmu_write_strtab_l1_desc(strtab, desc);
1218 /* IRQ and event handlers */
1219 static irqreturn_t arm_smmu_evtq_thread(int irq, void *dev)
1222 struct arm_smmu_device *smmu = dev;
1223 struct arm_smmu_queue *q = &smmu->evtq.q;
1224 u64 evt[EVTQ_ENT_DWORDS];
1227 while (!queue_remove_raw(q, evt)) {
1228 u8 id = FIELD_GET(EVTQ_0_ID, evt[0]);
1230 dev_info(smmu->dev, "event 0x%02x received:\n", id);
1231 for (i = 0; i < ARRAY_SIZE(evt); ++i)
1232 dev_info(smmu->dev, "\t0x%016llx\n",
1233 (unsigned long long)evt[i]);
1238 * Not much we can do on overflow, so scream and pretend we're
1241 if (queue_sync_prod(q) == -EOVERFLOW)
1242 dev_err(smmu->dev, "EVTQ overflow detected -- events lost\n");
1243 } while (!queue_empty(q));
1245 /* Sync our overflow flag, as we believe we're up to speed */
1246 q->cons = Q_OVF(q, q->prod) | Q_WRP(q, q->cons) | Q_IDX(q, q->cons);
1250 static void arm_smmu_handle_ppr(struct arm_smmu_device *smmu, u64 *evt)
1256 sid = FIELD_GET(PRIQ_0_SID, evt[0]);
1257 ssv = FIELD_GET(PRIQ_0_SSID_V, evt[0]);
1258 ssid = ssv ? FIELD_GET(PRIQ_0_SSID, evt[0]) : 0;
1259 last = FIELD_GET(PRIQ_0_PRG_LAST, evt[0]);
1260 grpid = FIELD_GET(PRIQ_1_PRG_IDX, evt[1]);
1262 dev_info(smmu->dev, "unexpected PRI request received:\n");
1264 "\tsid 0x%08x.0x%05x: [%u%s] %sprivileged %s%s%s access at iova 0x%016llx\n",
1265 sid, ssid, grpid, last ? "L" : "",
1266 evt[0] & PRIQ_0_PERM_PRIV ? "" : "un",
1267 evt[0] & PRIQ_0_PERM_READ ? "R" : "",
1268 evt[0] & PRIQ_0_PERM_WRITE ? "W" : "",
1269 evt[0] & PRIQ_0_PERM_EXEC ? "X" : "",
1270 evt[1] & PRIQ_1_ADDR_MASK);
1273 struct arm_smmu_cmdq_ent cmd = {
1274 .opcode = CMDQ_OP_PRI_RESP,
1275 .substream_valid = ssv,
1280 .resp = PRI_RESP_DENY,
1284 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
1288 static irqreturn_t arm_smmu_priq_thread(int irq, void *dev)
1290 struct arm_smmu_device *smmu = dev;
1291 struct arm_smmu_queue *q = &smmu->priq.q;
1292 u64 evt[PRIQ_ENT_DWORDS];
1295 while (!queue_remove_raw(q, evt))
1296 arm_smmu_handle_ppr(smmu, evt);
1298 if (queue_sync_prod(q) == -EOVERFLOW)
1299 dev_err(smmu->dev, "PRIQ overflow detected -- requests lost\n");
1300 } while (!queue_empty(q));
1302 /* Sync our overflow flag, as we believe we're up to speed */
1303 q->cons = Q_OVF(q, q->prod) | Q_WRP(q, q->cons) | Q_IDX(q, q->cons);
1304 writel(q->cons, q->cons_reg);
1308 static int arm_smmu_device_disable(struct arm_smmu_device *smmu);
1310 static irqreturn_t arm_smmu_gerror_handler(int irq, void *dev)
1312 u32 gerror, gerrorn, active;
1313 struct arm_smmu_device *smmu = dev;
1315 gerror = readl_relaxed(smmu->base + ARM_SMMU_GERROR);
1316 gerrorn = readl_relaxed(smmu->base + ARM_SMMU_GERRORN);
1318 active = gerror ^ gerrorn;
1319 if (!(active & GERROR_ERR_MASK))
1320 return IRQ_NONE; /* No errors pending */
1323 "unexpected global error reported (0x%08x), this could be serious\n",
1326 if (active & GERROR_SFM_ERR) {
1327 dev_err(smmu->dev, "device has entered Service Failure Mode!\n");
1328 arm_smmu_device_disable(smmu);
1331 if (active & GERROR_MSI_GERROR_ABT_ERR)
1332 dev_warn(smmu->dev, "GERROR MSI write aborted\n");
1334 if (active & GERROR_MSI_PRIQ_ABT_ERR)
1335 dev_warn(smmu->dev, "PRIQ MSI write aborted\n");
1337 if (active & GERROR_MSI_EVTQ_ABT_ERR)
1338 dev_warn(smmu->dev, "EVTQ MSI write aborted\n");
1340 if (active & GERROR_MSI_CMDQ_ABT_ERR)
1341 dev_warn(smmu->dev, "CMDQ MSI write aborted\n");
1343 if (active & GERROR_PRIQ_ABT_ERR)
1344 dev_err(smmu->dev, "PRIQ write aborted -- events may have been lost\n");
1346 if (active & GERROR_EVTQ_ABT_ERR)
1347 dev_err(smmu->dev, "EVTQ write aborted -- events may have been lost\n");
1349 if (active & GERROR_CMDQ_ERR)
1350 arm_smmu_cmdq_skip_err(smmu);
1352 writel(gerror, smmu->base + ARM_SMMU_GERRORN);
1356 static irqreturn_t arm_smmu_combined_irq_thread(int irq, void *dev)
1358 struct arm_smmu_device *smmu = dev;
1360 arm_smmu_evtq_thread(irq, dev);
1361 if (smmu->features & ARM_SMMU_FEAT_PRI)
1362 arm_smmu_priq_thread(irq, dev);
1367 static irqreturn_t arm_smmu_combined_irq_handler(int irq, void *dev)
1369 arm_smmu_gerror_handler(irq, dev);
1370 return IRQ_WAKE_THREAD;
1373 /* IO_PGTABLE API */
1374 static void arm_smmu_tlb_sync(void *cookie)
1376 struct arm_smmu_domain *smmu_domain = cookie;
1378 arm_smmu_cmdq_issue_sync(smmu_domain->smmu);
1381 static void arm_smmu_tlb_inv_context(void *cookie)
1383 struct arm_smmu_domain *smmu_domain = cookie;
1384 struct arm_smmu_device *smmu = smmu_domain->smmu;
1385 struct arm_smmu_cmdq_ent cmd;
1387 if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
1388 cmd.opcode = CMDQ_OP_TLBI_NH_ASID;
1389 cmd.tlbi.asid = smmu_domain->s1_cfg.cd.asid;
1392 cmd.opcode = CMDQ_OP_TLBI_S12_VMALL;
1393 cmd.tlbi.vmid = smmu_domain->s2_cfg.vmid;
1397 * NOTE: when io-pgtable is in non-strict mode, we may get here with
1398 * PTEs previously cleared by unmaps on the current CPU not yet visible
1399 * to the SMMU. We are relying on the DSB implicit in queue_inc_prod()
1400 * to guarantee those are observed before the TLBI. Do be careful, 007.
1402 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
1403 arm_smmu_cmdq_issue_sync(smmu);
1406 static void arm_smmu_tlb_inv_range_nosync(unsigned long iova, size_t size,
1407 size_t granule, bool leaf, void *cookie)
1409 struct arm_smmu_domain *smmu_domain = cookie;
1410 struct arm_smmu_device *smmu = smmu_domain->smmu;
1411 struct arm_smmu_cmdq_ent cmd = {
1418 if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
1419 cmd.opcode = CMDQ_OP_TLBI_NH_VA;
1420 cmd.tlbi.asid = smmu_domain->s1_cfg.cd.asid;
1422 cmd.opcode = CMDQ_OP_TLBI_S2_IPA;
1423 cmd.tlbi.vmid = smmu_domain->s2_cfg.vmid;
1427 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
1428 cmd.tlbi.addr += granule;
1429 } while (size -= granule);
1432 static const struct iommu_gather_ops arm_smmu_gather_ops = {
1433 .tlb_flush_all = arm_smmu_tlb_inv_context,
1434 .tlb_add_flush = arm_smmu_tlb_inv_range_nosync,
1435 .tlb_sync = arm_smmu_tlb_sync,
1439 static bool arm_smmu_capable(enum iommu_cap cap)
1442 case IOMMU_CAP_CACHE_COHERENCY:
1444 case IOMMU_CAP_NOEXEC:
1451 static struct iommu_domain *arm_smmu_domain_alloc(unsigned type)
1453 struct arm_smmu_domain *smmu_domain;
1455 if (type != IOMMU_DOMAIN_UNMANAGED &&
1456 type != IOMMU_DOMAIN_DMA &&
1457 type != IOMMU_DOMAIN_IDENTITY)
1461 * Allocate the domain and initialise some of its data structures.
1462 * We can't really do anything meaningful until we've added a
1465 smmu_domain = kzalloc(sizeof(*smmu_domain), GFP_KERNEL);
1469 if (type == IOMMU_DOMAIN_DMA &&
1470 iommu_get_dma_cookie(&smmu_domain->domain)) {
1475 mutex_init(&smmu_domain->init_mutex);
1476 return &smmu_domain->domain;
1479 static int arm_smmu_bitmap_alloc(unsigned long *map, int span)
1481 int idx, size = 1 << span;
1484 idx = find_first_zero_bit(map, size);
1487 } while (test_and_set_bit(idx, map));
1492 static void arm_smmu_bitmap_free(unsigned long *map, int idx)
1494 clear_bit(idx, map);
1497 static void arm_smmu_domain_free(struct iommu_domain *domain)
1499 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
1500 struct arm_smmu_device *smmu = smmu_domain->smmu;
1502 iommu_put_dma_cookie(domain);
1503 free_io_pgtable_ops(smmu_domain->pgtbl_ops);
1505 /* Free the CD and ASID, if we allocated them */
1506 if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
1507 struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;
1510 dmam_free_coherent(smmu_domain->smmu->dev,
1511 CTXDESC_CD_DWORDS << 3,
1515 arm_smmu_bitmap_free(smmu->asid_map, cfg->cd.asid);
1518 struct arm_smmu_s2_cfg *cfg = &smmu_domain->s2_cfg;
1520 arm_smmu_bitmap_free(smmu->vmid_map, cfg->vmid);
1526 static int arm_smmu_domain_finalise_s1(struct arm_smmu_domain *smmu_domain,
1527 struct io_pgtable_cfg *pgtbl_cfg)
1531 struct arm_smmu_device *smmu = smmu_domain->smmu;
1532 struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;
1534 asid = arm_smmu_bitmap_alloc(smmu->asid_map, smmu->asid_bits);
1538 cfg->cdptr = dmam_alloc_coherent(smmu->dev, CTXDESC_CD_DWORDS << 3,
1540 GFP_KERNEL | __GFP_ZERO);
1542 dev_warn(smmu->dev, "failed to allocate context descriptor\n");
1547 cfg->cd.asid = (u16)asid;
1548 cfg->cd.ttbr = pgtbl_cfg->arm_lpae_s1_cfg.ttbr[0];
1549 cfg->cd.tcr = pgtbl_cfg->arm_lpae_s1_cfg.tcr;
1550 cfg->cd.mair = pgtbl_cfg->arm_lpae_s1_cfg.mair[0];
1554 arm_smmu_bitmap_free(smmu->asid_map, asid);
1558 static int arm_smmu_domain_finalise_s2(struct arm_smmu_domain *smmu_domain,
1559 struct io_pgtable_cfg *pgtbl_cfg)
1562 struct arm_smmu_device *smmu = smmu_domain->smmu;
1563 struct arm_smmu_s2_cfg *cfg = &smmu_domain->s2_cfg;
1565 vmid = arm_smmu_bitmap_alloc(smmu->vmid_map, smmu->vmid_bits);
1569 cfg->vmid = (u16)vmid;
1570 cfg->vttbr = pgtbl_cfg->arm_lpae_s2_cfg.vttbr;
1571 cfg->vtcr = pgtbl_cfg->arm_lpae_s2_cfg.vtcr;
1575 static int arm_smmu_domain_finalise(struct iommu_domain *domain)
1578 unsigned long ias, oas;
1579 enum io_pgtable_fmt fmt;
1580 struct io_pgtable_cfg pgtbl_cfg;
1581 struct io_pgtable_ops *pgtbl_ops;
1582 int (*finalise_stage_fn)(struct arm_smmu_domain *,
1583 struct io_pgtable_cfg *);
1584 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
1585 struct arm_smmu_device *smmu = smmu_domain->smmu;
1587 if (domain->type == IOMMU_DOMAIN_IDENTITY) {
1588 smmu_domain->stage = ARM_SMMU_DOMAIN_BYPASS;
1592 /* Restrict the stage to what we can actually support */
1593 if (!(smmu->features & ARM_SMMU_FEAT_TRANS_S1))
1594 smmu_domain->stage = ARM_SMMU_DOMAIN_S2;
1595 if (!(smmu->features & ARM_SMMU_FEAT_TRANS_S2))
1596 smmu_domain->stage = ARM_SMMU_DOMAIN_S1;
1598 switch (smmu_domain->stage) {
1599 case ARM_SMMU_DOMAIN_S1:
1600 ias = (smmu->features & ARM_SMMU_FEAT_VAX) ? 52 : 48;
1601 ias = min_t(unsigned long, ias, VA_BITS);
1603 fmt = ARM_64_LPAE_S1;
1604 finalise_stage_fn = arm_smmu_domain_finalise_s1;
1606 case ARM_SMMU_DOMAIN_NESTED:
1607 case ARM_SMMU_DOMAIN_S2:
1610 fmt = ARM_64_LPAE_S2;
1611 finalise_stage_fn = arm_smmu_domain_finalise_s2;
1617 pgtbl_cfg = (struct io_pgtable_cfg) {
1618 .pgsize_bitmap = smmu->pgsize_bitmap,
1621 .tlb = &arm_smmu_gather_ops,
1622 .iommu_dev = smmu->dev,
1625 if (smmu->features & ARM_SMMU_FEAT_COHERENCY)
1626 pgtbl_cfg.quirks = IO_PGTABLE_QUIRK_NO_DMA;
1628 if (smmu_domain->non_strict)
1629 pgtbl_cfg.quirks |= IO_PGTABLE_QUIRK_NON_STRICT;
1631 pgtbl_ops = alloc_io_pgtable_ops(fmt, &pgtbl_cfg, smmu_domain);
1635 domain->pgsize_bitmap = pgtbl_cfg.pgsize_bitmap;
1636 domain->geometry.aperture_end = (1UL << pgtbl_cfg.ias) - 1;
1637 domain->geometry.force_aperture = true;
1639 ret = finalise_stage_fn(smmu_domain, &pgtbl_cfg);
1641 free_io_pgtable_ops(pgtbl_ops);
1645 smmu_domain->pgtbl_ops = pgtbl_ops;
1649 static __le64 *arm_smmu_get_step_for_sid(struct arm_smmu_device *smmu, u32 sid)
1652 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
1654 if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) {
1655 struct arm_smmu_strtab_l1_desc *l1_desc;
1658 /* Two-level walk */
1659 idx = (sid >> STRTAB_SPLIT) * STRTAB_L1_DESC_DWORDS;
1660 l1_desc = &cfg->l1_desc[idx];
1661 idx = (sid & ((1 << STRTAB_SPLIT) - 1)) * STRTAB_STE_DWORDS;
1662 step = &l1_desc->l2ptr[idx];
1664 /* Simple linear lookup */
1665 step = &cfg->strtab[sid * STRTAB_STE_DWORDS];
1671 static void arm_smmu_install_ste_for_dev(struct iommu_fwspec *fwspec)
1674 struct arm_smmu_master_data *master = fwspec->iommu_priv;
1675 struct arm_smmu_device *smmu = master->smmu;
1677 for (i = 0; i < fwspec->num_ids; ++i) {
1678 u32 sid = fwspec->ids[i];
1679 __le64 *step = arm_smmu_get_step_for_sid(smmu, sid);
1681 /* Bridged PCI devices may end up with duplicated IDs */
1682 for (j = 0; j < i; j++)
1683 if (fwspec->ids[j] == sid)
1688 arm_smmu_write_strtab_ent(smmu, sid, step, &master->ste);
1692 static void arm_smmu_detach_dev(struct device *dev)
1694 struct arm_smmu_master_data *master = dev->iommu_fwspec->iommu_priv;
1696 master->ste.assigned = false;
1697 arm_smmu_install_ste_for_dev(dev->iommu_fwspec);
1700 static int arm_smmu_attach_dev(struct iommu_domain *domain, struct device *dev)
1703 struct arm_smmu_device *smmu;
1704 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
1705 struct arm_smmu_master_data *master;
1706 struct arm_smmu_strtab_ent *ste;
1708 if (!dev->iommu_fwspec)
1711 master = dev->iommu_fwspec->iommu_priv;
1712 smmu = master->smmu;
1715 /* Already attached to a different domain? */
1717 arm_smmu_detach_dev(dev);
1719 mutex_lock(&smmu_domain->init_mutex);
1721 if (!smmu_domain->smmu) {
1722 smmu_domain->smmu = smmu;
1723 ret = arm_smmu_domain_finalise(domain);
1725 smmu_domain->smmu = NULL;
1728 } else if (smmu_domain->smmu != smmu) {
1730 "cannot attach to SMMU %s (upstream of %s)\n",
1731 dev_name(smmu_domain->smmu->dev),
1732 dev_name(smmu->dev));
1737 ste->assigned = true;
1739 if (smmu_domain->stage == ARM_SMMU_DOMAIN_BYPASS) {
1742 } else if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {
1743 ste->s1_cfg = &smmu_domain->s1_cfg;
1745 arm_smmu_write_ctx_desc(smmu, ste->s1_cfg);
1748 ste->s2_cfg = &smmu_domain->s2_cfg;
1751 arm_smmu_install_ste_for_dev(dev->iommu_fwspec);
1753 mutex_unlock(&smmu_domain->init_mutex);
1757 static int arm_smmu_map(struct iommu_domain *domain, unsigned long iova,
1758 phys_addr_t paddr, size_t size, int prot)
1760 struct io_pgtable_ops *ops = to_smmu_domain(domain)->pgtbl_ops;
1765 return ops->map(ops, iova, paddr, size, prot);
1769 arm_smmu_unmap(struct iommu_domain *domain, unsigned long iova, size_t size)
1771 struct io_pgtable_ops *ops = to_smmu_domain(domain)->pgtbl_ops;
1776 return ops->unmap(ops, iova, size);
1779 static void arm_smmu_flush_iotlb_all(struct iommu_domain *domain)
1781 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
1783 if (smmu_domain->smmu)
1784 arm_smmu_tlb_inv_context(smmu_domain);
1787 static void arm_smmu_iotlb_sync(struct iommu_domain *domain)
1789 struct arm_smmu_device *smmu = to_smmu_domain(domain)->smmu;
1792 arm_smmu_cmdq_issue_sync(smmu);
1796 arm_smmu_iova_to_phys(struct iommu_domain *domain, dma_addr_t iova)
1798 struct io_pgtable_ops *ops = to_smmu_domain(domain)->pgtbl_ops;
1800 if (domain->type == IOMMU_DOMAIN_IDENTITY)
1806 return ops->iova_to_phys(ops, iova);
1809 static struct platform_driver arm_smmu_driver;
1811 static int arm_smmu_match_node(struct device *dev, void *data)
1813 return dev->fwnode == data;
1817 struct arm_smmu_device *arm_smmu_get_by_fwnode(struct fwnode_handle *fwnode)
1819 struct device *dev = driver_find_device(&arm_smmu_driver.driver, NULL,
1820 fwnode, arm_smmu_match_node);
1822 return dev ? dev_get_drvdata(dev) : NULL;
1825 static bool arm_smmu_sid_in_range(struct arm_smmu_device *smmu, u32 sid)
1827 unsigned long limit = smmu->strtab_cfg.num_l1_ents;
1829 if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB)
1830 limit *= 1UL << STRTAB_SPLIT;
1835 static struct iommu_ops arm_smmu_ops;
1837 static int arm_smmu_add_device(struct device *dev)
1840 struct arm_smmu_device *smmu;
1841 struct arm_smmu_master_data *master;
1842 struct iommu_fwspec *fwspec = dev->iommu_fwspec;
1843 struct iommu_group *group;
1845 if (!fwspec || fwspec->ops != &arm_smmu_ops)
1848 * We _can_ actually withstand dodgy bus code re-calling add_device()
1849 * without an intervening remove_device()/of_xlate() sequence, but
1850 * we're not going to do so quietly...
1852 if (WARN_ON_ONCE(fwspec->iommu_priv)) {
1853 master = fwspec->iommu_priv;
1854 smmu = master->smmu;
1856 smmu = arm_smmu_get_by_fwnode(fwspec->iommu_fwnode);
1859 master = kzalloc(sizeof(*master), GFP_KERNEL);
1863 master->smmu = smmu;
1864 fwspec->iommu_priv = master;
1867 /* Check the SIDs are in range of the SMMU and our stream table */
1868 for (i = 0; i < fwspec->num_ids; i++) {
1869 u32 sid = fwspec->ids[i];
1871 if (!arm_smmu_sid_in_range(smmu, sid))
1874 /* Ensure l2 strtab is initialised */
1875 if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB) {
1876 ret = arm_smmu_init_l2_strtab(smmu, sid);
1882 group = iommu_group_get_for_dev(dev);
1883 if (!IS_ERR(group)) {
1884 iommu_group_put(group);
1885 iommu_device_link(&smmu->iommu, dev);
1888 return PTR_ERR_OR_ZERO(group);
1891 static void arm_smmu_remove_device(struct device *dev)
1893 struct iommu_fwspec *fwspec = dev->iommu_fwspec;
1894 struct arm_smmu_master_data *master;
1895 struct arm_smmu_device *smmu;
1897 if (!fwspec || fwspec->ops != &arm_smmu_ops)
1900 master = fwspec->iommu_priv;
1901 smmu = master->smmu;
1902 if (master && master->ste.assigned)
1903 arm_smmu_detach_dev(dev);
1904 iommu_group_remove_device(dev);
1905 iommu_device_unlink(&smmu->iommu, dev);
1907 iommu_fwspec_free(dev);
1910 static struct iommu_group *arm_smmu_device_group(struct device *dev)
1912 struct iommu_group *group;
1915 * We don't support devices sharing stream IDs other than PCI RID
1916 * aliases, since the necessary ID-to-device lookup becomes rather
1917 * impractical given a potential sparse 32-bit stream ID space.
1919 if (dev_is_pci(dev))
1920 group = pci_device_group(dev);
1922 group = generic_device_group(dev);
1927 static int arm_smmu_domain_get_attr(struct iommu_domain *domain,
1928 enum iommu_attr attr, void *data)
1930 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
1932 switch (domain->type) {
1933 case IOMMU_DOMAIN_UNMANAGED:
1935 case DOMAIN_ATTR_NESTING:
1936 *(int *)data = (smmu_domain->stage == ARM_SMMU_DOMAIN_NESTED);
1942 case IOMMU_DOMAIN_DMA:
1944 case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE:
1945 *(int *)data = smmu_domain->non_strict;
1956 static int arm_smmu_domain_set_attr(struct iommu_domain *domain,
1957 enum iommu_attr attr, void *data)
1960 struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);
1962 mutex_lock(&smmu_domain->init_mutex);
1964 switch (domain->type) {
1965 case IOMMU_DOMAIN_UNMANAGED:
1967 case DOMAIN_ATTR_NESTING:
1968 if (smmu_domain->smmu) {
1974 smmu_domain->stage = ARM_SMMU_DOMAIN_NESTED;
1976 smmu_domain->stage = ARM_SMMU_DOMAIN_S1;
1982 case IOMMU_DOMAIN_DMA:
1984 case DOMAIN_ATTR_DMA_USE_FLUSH_QUEUE:
1985 smmu_domain->non_strict = *(int *)data;
1996 mutex_unlock(&smmu_domain->init_mutex);
2000 static int arm_smmu_of_xlate(struct device *dev, struct of_phandle_args *args)
2002 return iommu_fwspec_add_ids(dev, args->args, 1);
2005 static void arm_smmu_get_resv_regions(struct device *dev,
2006 struct list_head *head)
2008 struct iommu_resv_region *region;
2009 int prot = IOMMU_WRITE | IOMMU_NOEXEC | IOMMU_MMIO;
2011 region = iommu_alloc_resv_region(MSI_IOVA_BASE, MSI_IOVA_LENGTH,
2012 prot, IOMMU_RESV_SW_MSI);
2016 list_add_tail(®ion->list, head);
2018 iommu_dma_get_resv_regions(dev, head);
2021 static void arm_smmu_put_resv_regions(struct device *dev,
2022 struct list_head *head)
2024 struct iommu_resv_region *entry, *next;
2026 list_for_each_entry_safe(entry, next, head, list)
2030 static struct iommu_ops arm_smmu_ops = {
2031 .capable = arm_smmu_capable,
2032 .domain_alloc = arm_smmu_domain_alloc,
2033 .domain_free = arm_smmu_domain_free,
2034 .attach_dev = arm_smmu_attach_dev,
2035 .map = arm_smmu_map,
2036 .unmap = arm_smmu_unmap,
2037 .flush_iotlb_all = arm_smmu_flush_iotlb_all,
2038 .iotlb_sync = arm_smmu_iotlb_sync,
2039 .iova_to_phys = arm_smmu_iova_to_phys,
2040 .add_device = arm_smmu_add_device,
2041 .remove_device = arm_smmu_remove_device,
2042 .device_group = arm_smmu_device_group,
2043 .domain_get_attr = arm_smmu_domain_get_attr,
2044 .domain_set_attr = arm_smmu_domain_set_attr,
2045 .of_xlate = arm_smmu_of_xlate,
2046 .get_resv_regions = arm_smmu_get_resv_regions,
2047 .put_resv_regions = arm_smmu_put_resv_regions,
2048 .pgsize_bitmap = -1UL, /* Restricted during device attach */
2051 /* Probing and initialisation functions */
2052 static int arm_smmu_init_one_queue(struct arm_smmu_device *smmu,
2053 struct arm_smmu_queue *q,
2054 unsigned long prod_off,
2055 unsigned long cons_off,
2058 size_t qsz = ((1 << q->max_n_shift) * dwords) << 3;
2060 q->base = dmam_alloc_coherent(smmu->dev, qsz, &q->base_dma, GFP_KERNEL);
2062 dev_err(smmu->dev, "failed to allocate queue (0x%zx bytes)\n",
2067 q->prod_reg = arm_smmu_page1_fixup(prod_off, smmu);
2068 q->cons_reg = arm_smmu_page1_fixup(cons_off, smmu);
2069 q->ent_dwords = dwords;
2071 q->q_base = Q_BASE_RWA;
2072 q->q_base |= q->base_dma & Q_BASE_ADDR_MASK;
2073 q->q_base |= FIELD_PREP(Q_BASE_LOG2SIZE, q->max_n_shift);
2075 q->prod = q->cons = 0;
2079 static int arm_smmu_init_queues(struct arm_smmu_device *smmu)
2084 spin_lock_init(&smmu->cmdq.lock);
2085 ret = arm_smmu_init_one_queue(smmu, &smmu->cmdq.q, ARM_SMMU_CMDQ_PROD,
2086 ARM_SMMU_CMDQ_CONS, CMDQ_ENT_DWORDS);
2091 ret = arm_smmu_init_one_queue(smmu, &smmu->evtq.q, ARM_SMMU_EVTQ_PROD,
2092 ARM_SMMU_EVTQ_CONS, EVTQ_ENT_DWORDS);
2097 if (!(smmu->features & ARM_SMMU_FEAT_PRI))
2100 return arm_smmu_init_one_queue(smmu, &smmu->priq.q, ARM_SMMU_PRIQ_PROD,
2101 ARM_SMMU_PRIQ_CONS, PRIQ_ENT_DWORDS);
2104 static int arm_smmu_init_l1_strtab(struct arm_smmu_device *smmu)
2107 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
2108 size_t size = sizeof(*cfg->l1_desc) * cfg->num_l1_ents;
2109 void *strtab = smmu->strtab_cfg.strtab;
2111 cfg->l1_desc = devm_kzalloc(smmu->dev, size, GFP_KERNEL);
2112 if (!cfg->l1_desc) {
2113 dev_err(smmu->dev, "failed to allocate l1 stream table desc\n");
2117 for (i = 0; i < cfg->num_l1_ents; ++i) {
2118 arm_smmu_write_strtab_l1_desc(strtab, &cfg->l1_desc[i]);
2119 strtab += STRTAB_L1_DESC_DWORDS << 3;
2125 static int arm_smmu_init_strtab_2lvl(struct arm_smmu_device *smmu)
2130 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
2132 /* Calculate the L1 size, capped to the SIDSIZE. */
2133 size = STRTAB_L1_SZ_SHIFT - (ilog2(STRTAB_L1_DESC_DWORDS) + 3);
2134 size = min(size, smmu->sid_bits - STRTAB_SPLIT);
2135 cfg->num_l1_ents = 1 << size;
2137 size += STRTAB_SPLIT;
2138 if (size < smmu->sid_bits)
2140 "2-level strtab only covers %u/%u bits of SID\n",
2141 size, smmu->sid_bits);
2143 l1size = cfg->num_l1_ents * (STRTAB_L1_DESC_DWORDS << 3);
2144 strtab = dmam_alloc_coherent(smmu->dev, l1size, &cfg->strtab_dma,
2145 GFP_KERNEL | __GFP_ZERO);
2148 "failed to allocate l1 stream table (%u bytes)\n",
2152 cfg->strtab = strtab;
2154 /* Configure strtab_base_cfg for 2 levels */
2155 reg = FIELD_PREP(STRTAB_BASE_CFG_FMT, STRTAB_BASE_CFG_FMT_2LVL);
2156 reg |= FIELD_PREP(STRTAB_BASE_CFG_LOG2SIZE, size);
2157 reg |= FIELD_PREP(STRTAB_BASE_CFG_SPLIT, STRTAB_SPLIT);
2158 cfg->strtab_base_cfg = reg;
2160 return arm_smmu_init_l1_strtab(smmu);
2163 static int arm_smmu_init_strtab_linear(struct arm_smmu_device *smmu)
2168 struct arm_smmu_strtab_cfg *cfg = &smmu->strtab_cfg;
2170 size = (1 << smmu->sid_bits) * (STRTAB_STE_DWORDS << 3);
2171 strtab = dmam_alloc_coherent(smmu->dev, size, &cfg->strtab_dma,
2172 GFP_KERNEL | __GFP_ZERO);
2175 "failed to allocate linear stream table (%u bytes)\n",
2179 cfg->strtab = strtab;
2180 cfg->num_l1_ents = 1 << smmu->sid_bits;
2182 /* Configure strtab_base_cfg for a linear table covering all SIDs */
2183 reg = FIELD_PREP(STRTAB_BASE_CFG_FMT, STRTAB_BASE_CFG_FMT_LINEAR);
2184 reg |= FIELD_PREP(STRTAB_BASE_CFG_LOG2SIZE, smmu->sid_bits);
2185 cfg->strtab_base_cfg = reg;
2187 arm_smmu_init_bypass_stes(strtab, cfg->num_l1_ents);
2191 static int arm_smmu_init_strtab(struct arm_smmu_device *smmu)
2196 if (smmu->features & ARM_SMMU_FEAT_2_LVL_STRTAB)
2197 ret = arm_smmu_init_strtab_2lvl(smmu);
2199 ret = arm_smmu_init_strtab_linear(smmu);
2204 /* Set the strtab base address */
2205 reg = smmu->strtab_cfg.strtab_dma & STRTAB_BASE_ADDR_MASK;
2206 reg |= STRTAB_BASE_RA;
2207 smmu->strtab_cfg.strtab_base = reg;
2209 /* Allocate the first VMID for stage-2 bypass STEs */
2210 set_bit(0, smmu->vmid_map);
2214 static int arm_smmu_init_structures(struct arm_smmu_device *smmu)
2218 ret = arm_smmu_init_queues(smmu);
2222 return arm_smmu_init_strtab(smmu);
2225 static int arm_smmu_write_reg_sync(struct arm_smmu_device *smmu, u32 val,
2226 unsigned int reg_off, unsigned int ack_off)
2230 writel_relaxed(val, smmu->base + reg_off);
2231 return readl_relaxed_poll_timeout(smmu->base + ack_off, reg, reg == val,
2232 1, ARM_SMMU_POLL_TIMEOUT_US);
2235 /* GBPA is "special" */
2236 static int arm_smmu_update_gbpa(struct arm_smmu_device *smmu, u32 set, u32 clr)
2239 u32 reg, __iomem *gbpa = smmu->base + ARM_SMMU_GBPA;
2241 ret = readl_relaxed_poll_timeout(gbpa, reg, !(reg & GBPA_UPDATE),
2242 1, ARM_SMMU_POLL_TIMEOUT_US);
2248 writel_relaxed(reg | GBPA_UPDATE, gbpa);
2249 ret = readl_relaxed_poll_timeout(gbpa, reg, !(reg & GBPA_UPDATE),
2250 1, ARM_SMMU_POLL_TIMEOUT_US);
2253 dev_err(smmu->dev, "GBPA not responding to update\n");
2257 static void arm_smmu_free_msis(void *data)
2259 struct device *dev = data;
2260 platform_msi_domain_free_irqs(dev);
2263 static void arm_smmu_write_msi_msg(struct msi_desc *desc, struct msi_msg *msg)
2265 phys_addr_t doorbell;
2266 struct device *dev = msi_desc_to_dev(desc);
2267 struct arm_smmu_device *smmu = dev_get_drvdata(dev);
2268 phys_addr_t *cfg = arm_smmu_msi_cfg[desc->platform.msi_index];
2270 doorbell = (((u64)msg->address_hi) << 32) | msg->address_lo;
2271 doorbell &= MSI_CFG0_ADDR_MASK;
2273 writeq_relaxed(doorbell, smmu->base + cfg[0]);
2274 writel_relaxed(msg->data, smmu->base + cfg[1]);
2275 writel_relaxed(ARM_SMMU_MEMATTR_DEVICE_nGnRE, smmu->base + cfg[2]);
2278 static void arm_smmu_setup_msis(struct arm_smmu_device *smmu)
2280 struct msi_desc *desc;
2281 int ret, nvec = ARM_SMMU_MAX_MSIS;
2282 struct device *dev = smmu->dev;
2284 /* Clear the MSI address regs */
2285 writeq_relaxed(0, smmu->base + ARM_SMMU_GERROR_IRQ_CFG0);
2286 writeq_relaxed(0, smmu->base + ARM_SMMU_EVTQ_IRQ_CFG0);
2288 if (smmu->features & ARM_SMMU_FEAT_PRI)
2289 writeq_relaxed(0, smmu->base + ARM_SMMU_PRIQ_IRQ_CFG0);
2293 if (!(smmu->features & ARM_SMMU_FEAT_MSI))
2296 if (!dev->msi_domain) {
2297 dev_info(smmu->dev, "msi_domain absent - falling back to wired irqs\n");
2301 /* Allocate MSIs for evtq, gerror and priq. Ignore cmdq */
2302 ret = platform_msi_domain_alloc_irqs(dev, nvec, arm_smmu_write_msi_msg);
2304 dev_warn(dev, "failed to allocate MSIs - falling back to wired irqs\n");
2308 for_each_msi_entry(desc, dev) {
2309 switch (desc->platform.msi_index) {
2310 case EVTQ_MSI_INDEX:
2311 smmu->evtq.q.irq = desc->irq;
2313 case GERROR_MSI_INDEX:
2314 smmu->gerr_irq = desc->irq;
2316 case PRIQ_MSI_INDEX:
2317 smmu->priq.q.irq = desc->irq;
2319 default: /* Unknown */
2324 /* Add callback to free MSIs on teardown */
2325 devm_add_action(dev, arm_smmu_free_msis, dev);
2328 static void arm_smmu_setup_unique_irqs(struct arm_smmu_device *smmu)
2332 arm_smmu_setup_msis(smmu);
2334 /* Request interrupt lines */
2335 irq = smmu->evtq.q.irq;
2337 ret = devm_request_threaded_irq(smmu->dev, irq, NULL,
2338 arm_smmu_evtq_thread,
2340 "arm-smmu-v3-evtq", smmu);
2342 dev_warn(smmu->dev, "failed to enable evtq irq\n");
2344 dev_warn(smmu->dev, "no evtq irq - events will not be reported!\n");
2347 irq = smmu->gerr_irq;
2349 ret = devm_request_irq(smmu->dev, irq, arm_smmu_gerror_handler,
2350 0, "arm-smmu-v3-gerror", smmu);
2352 dev_warn(smmu->dev, "failed to enable gerror irq\n");
2354 dev_warn(smmu->dev, "no gerr irq - errors will not be reported!\n");
2357 if (smmu->features & ARM_SMMU_FEAT_PRI) {
2358 irq = smmu->priq.q.irq;
2360 ret = devm_request_threaded_irq(smmu->dev, irq, NULL,
2361 arm_smmu_priq_thread,
2367 "failed to enable priq irq\n");
2369 dev_warn(smmu->dev, "no priq irq - PRI will be broken\n");
2374 static int arm_smmu_setup_irqs(struct arm_smmu_device *smmu)
2377 u32 irqen_flags = IRQ_CTRL_EVTQ_IRQEN | IRQ_CTRL_GERROR_IRQEN;
2379 /* Disable IRQs first */
2380 ret = arm_smmu_write_reg_sync(smmu, 0, ARM_SMMU_IRQ_CTRL,
2381 ARM_SMMU_IRQ_CTRLACK);
2383 dev_err(smmu->dev, "failed to disable irqs\n");
2387 irq = smmu->combined_irq;
2390 * Cavium ThunderX2 implementation doesn't support unique irq
2391 * lines. Use a single irq line for all the SMMUv3 interrupts.
2393 ret = devm_request_threaded_irq(smmu->dev, irq,
2394 arm_smmu_combined_irq_handler,
2395 arm_smmu_combined_irq_thread,
2397 "arm-smmu-v3-combined-irq", smmu);
2399 dev_warn(smmu->dev, "failed to enable combined irq\n");
2401 arm_smmu_setup_unique_irqs(smmu);
2403 if (smmu->features & ARM_SMMU_FEAT_PRI)
2404 irqen_flags |= IRQ_CTRL_PRIQ_IRQEN;
2406 /* Enable interrupt generation on the SMMU */
2407 ret = arm_smmu_write_reg_sync(smmu, irqen_flags,
2408 ARM_SMMU_IRQ_CTRL, ARM_SMMU_IRQ_CTRLACK);
2410 dev_warn(smmu->dev, "failed to enable irqs\n");
2415 static int arm_smmu_device_disable(struct arm_smmu_device *smmu)
2419 ret = arm_smmu_write_reg_sync(smmu, 0, ARM_SMMU_CR0, ARM_SMMU_CR0ACK);
2421 dev_err(smmu->dev, "failed to clear cr0\n");
2426 static int arm_smmu_device_reset(struct arm_smmu_device *smmu, bool bypass)
2430 struct arm_smmu_cmdq_ent cmd;
2432 /* Clear CR0 and sync (disables SMMU and queue processing) */
2433 reg = readl_relaxed(smmu->base + ARM_SMMU_CR0);
2434 if (reg & CR0_SMMUEN) {
2435 if (is_kdump_kernel()) {
2436 arm_smmu_update_gbpa(smmu, GBPA_ABORT, 0);
2437 arm_smmu_device_disable(smmu);
2441 dev_warn(smmu->dev, "SMMU currently enabled! Resetting...\n");
2444 ret = arm_smmu_device_disable(smmu);
2448 /* CR1 (table and queue memory attributes) */
2449 reg = FIELD_PREP(CR1_TABLE_SH, ARM_SMMU_SH_ISH) |
2450 FIELD_PREP(CR1_TABLE_OC, CR1_CACHE_WB) |
2451 FIELD_PREP(CR1_TABLE_IC, CR1_CACHE_WB) |
2452 FIELD_PREP(CR1_QUEUE_SH, ARM_SMMU_SH_ISH) |
2453 FIELD_PREP(CR1_QUEUE_OC, CR1_CACHE_WB) |
2454 FIELD_PREP(CR1_QUEUE_IC, CR1_CACHE_WB);
2455 writel_relaxed(reg, smmu->base + ARM_SMMU_CR1);
2457 /* CR2 (random crap) */
2458 reg = CR2_PTM | CR2_RECINVSID | CR2_E2H;
2459 writel_relaxed(reg, smmu->base + ARM_SMMU_CR2);
2462 writeq_relaxed(smmu->strtab_cfg.strtab_base,
2463 smmu->base + ARM_SMMU_STRTAB_BASE);
2464 writel_relaxed(smmu->strtab_cfg.strtab_base_cfg,
2465 smmu->base + ARM_SMMU_STRTAB_BASE_CFG);
2468 writeq_relaxed(smmu->cmdq.q.q_base, smmu->base + ARM_SMMU_CMDQ_BASE);
2469 writel_relaxed(smmu->cmdq.q.prod, smmu->base + ARM_SMMU_CMDQ_PROD);
2470 writel_relaxed(smmu->cmdq.q.cons, smmu->base + ARM_SMMU_CMDQ_CONS);
2472 enables = CR0_CMDQEN;
2473 ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
2476 dev_err(smmu->dev, "failed to enable command queue\n");
2480 /* Invalidate any cached configuration */
2481 cmd.opcode = CMDQ_OP_CFGI_ALL;
2482 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
2483 arm_smmu_cmdq_issue_sync(smmu);
2485 /* Invalidate any stale TLB entries */
2486 if (smmu->features & ARM_SMMU_FEAT_HYP) {
2487 cmd.opcode = CMDQ_OP_TLBI_EL2_ALL;
2488 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
2491 cmd.opcode = CMDQ_OP_TLBI_NSNH_ALL;
2492 arm_smmu_cmdq_issue_cmd(smmu, &cmd);
2493 arm_smmu_cmdq_issue_sync(smmu);
2496 writeq_relaxed(smmu->evtq.q.q_base, smmu->base + ARM_SMMU_EVTQ_BASE);
2497 writel_relaxed(smmu->evtq.q.prod,
2498 arm_smmu_page1_fixup(ARM_SMMU_EVTQ_PROD, smmu));
2499 writel_relaxed(smmu->evtq.q.cons,
2500 arm_smmu_page1_fixup(ARM_SMMU_EVTQ_CONS, smmu));
2502 enables |= CR0_EVTQEN;
2503 ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
2506 dev_err(smmu->dev, "failed to enable event queue\n");
2511 if (smmu->features & ARM_SMMU_FEAT_PRI) {
2512 writeq_relaxed(smmu->priq.q.q_base,
2513 smmu->base + ARM_SMMU_PRIQ_BASE);
2514 writel_relaxed(smmu->priq.q.prod,
2515 arm_smmu_page1_fixup(ARM_SMMU_PRIQ_PROD, smmu));
2516 writel_relaxed(smmu->priq.q.cons,
2517 arm_smmu_page1_fixup(ARM_SMMU_PRIQ_CONS, smmu));
2519 enables |= CR0_PRIQEN;
2520 ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
2523 dev_err(smmu->dev, "failed to enable PRI queue\n");
2528 ret = arm_smmu_setup_irqs(smmu);
2530 dev_err(smmu->dev, "failed to setup irqs\n");
2535 /* Enable the SMMU interface, or ensure bypass */
2536 if (!bypass || disable_bypass) {
2537 enables |= CR0_SMMUEN;
2539 ret = arm_smmu_update_gbpa(smmu, 0, GBPA_ABORT);
2543 ret = arm_smmu_write_reg_sync(smmu, enables, ARM_SMMU_CR0,
2546 dev_err(smmu->dev, "failed to enable SMMU interface\n");
2553 static int arm_smmu_device_hw_probe(struct arm_smmu_device *smmu)
2556 bool coherent = smmu->features & ARM_SMMU_FEAT_COHERENCY;
2559 reg = readl_relaxed(smmu->base + ARM_SMMU_IDR0);
2561 /* 2-level structures */
2562 if (FIELD_GET(IDR0_ST_LVL, reg) == IDR0_ST_LVL_2LVL)
2563 smmu->features |= ARM_SMMU_FEAT_2_LVL_STRTAB;
2565 if (reg & IDR0_CD2L)
2566 smmu->features |= ARM_SMMU_FEAT_2_LVL_CDTAB;
2569 * Translation table endianness.
2570 * We currently require the same endianness as the CPU, but this
2571 * could be changed later by adding a new IO_PGTABLE_QUIRK.
2573 switch (FIELD_GET(IDR0_TTENDIAN, reg)) {
2574 case IDR0_TTENDIAN_MIXED:
2575 smmu->features |= ARM_SMMU_FEAT_TT_LE | ARM_SMMU_FEAT_TT_BE;
2578 case IDR0_TTENDIAN_BE:
2579 smmu->features |= ARM_SMMU_FEAT_TT_BE;
2582 case IDR0_TTENDIAN_LE:
2583 smmu->features |= ARM_SMMU_FEAT_TT_LE;
2587 dev_err(smmu->dev, "unknown/unsupported TT endianness!\n");
2591 /* Boolean feature flags */
2592 if (IS_ENABLED(CONFIG_PCI_PRI) && reg & IDR0_PRI)
2593 smmu->features |= ARM_SMMU_FEAT_PRI;
2595 if (IS_ENABLED(CONFIG_PCI_ATS) && reg & IDR0_ATS)
2596 smmu->features |= ARM_SMMU_FEAT_ATS;
2599 smmu->features |= ARM_SMMU_FEAT_SEV;
2602 smmu->features |= ARM_SMMU_FEAT_MSI;
2605 smmu->features |= ARM_SMMU_FEAT_HYP;
2608 * The coherency feature as set by FW is used in preference to the ID
2609 * register, but warn on mismatch.
2611 if (!!(reg & IDR0_COHACC) != coherent)
2612 dev_warn(smmu->dev, "IDR0.COHACC overridden by FW configuration (%s)\n",
2613 coherent ? "true" : "false");
2615 switch (FIELD_GET(IDR0_STALL_MODEL, reg)) {
2616 case IDR0_STALL_MODEL_FORCE:
2617 smmu->features |= ARM_SMMU_FEAT_STALL_FORCE;
2619 case IDR0_STALL_MODEL_STALL:
2620 smmu->features |= ARM_SMMU_FEAT_STALLS;
2624 smmu->features |= ARM_SMMU_FEAT_TRANS_S1;
2627 smmu->features |= ARM_SMMU_FEAT_TRANS_S2;
2629 if (!(reg & (IDR0_S1P | IDR0_S2P))) {
2630 dev_err(smmu->dev, "no translation support!\n");
2634 /* We only support the AArch64 table format at present */
2635 switch (FIELD_GET(IDR0_TTF, reg)) {
2636 case IDR0_TTF_AARCH32_64:
2639 case IDR0_TTF_AARCH64:
2642 dev_err(smmu->dev, "AArch64 table format not supported!\n");
2646 /* ASID/VMID sizes */
2647 smmu->asid_bits = reg & IDR0_ASID16 ? 16 : 8;
2648 smmu->vmid_bits = reg & IDR0_VMID16 ? 16 : 8;
2651 reg = readl_relaxed(smmu->base + ARM_SMMU_IDR1);
2652 if (reg & (IDR1_TABLES_PRESET | IDR1_QUEUES_PRESET | IDR1_REL)) {
2653 dev_err(smmu->dev, "embedded implementation not supported\n");
2657 /* Queue sizes, capped at 4k */
2658 smmu->cmdq.q.max_n_shift = min_t(u32, CMDQ_MAX_SZ_SHIFT,
2659 FIELD_GET(IDR1_CMDQS, reg));
2660 if (!smmu->cmdq.q.max_n_shift) {
2661 /* Odd alignment restrictions on the base, so ignore for now */
2662 dev_err(smmu->dev, "unit-length command queue not supported\n");
2666 smmu->evtq.q.max_n_shift = min_t(u32, EVTQ_MAX_SZ_SHIFT,
2667 FIELD_GET(IDR1_EVTQS, reg));
2668 smmu->priq.q.max_n_shift = min_t(u32, PRIQ_MAX_SZ_SHIFT,
2669 FIELD_GET(IDR1_PRIQS, reg));
2671 /* SID/SSID sizes */
2672 smmu->ssid_bits = FIELD_GET(IDR1_SSIDSIZE, reg);
2673 smmu->sid_bits = FIELD_GET(IDR1_SIDSIZE, reg);
2676 * If the SMMU supports fewer bits than would fill a single L2 stream
2677 * table, use a linear table instead.
2679 if (smmu->sid_bits <= STRTAB_SPLIT)
2680 smmu->features &= ~ARM_SMMU_FEAT_2_LVL_STRTAB;
2683 reg = readl_relaxed(smmu->base + ARM_SMMU_IDR5);
2685 /* Maximum number of outstanding stalls */
2686 smmu->evtq.max_stalls = FIELD_GET(IDR5_STALL_MAX, reg);
2689 if (reg & IDR5_GRAN64K)
2690 smmu->pgsize_bitmap |= SZ_64K | SZ_512M;
2691 if (reg & IDR5_GRAN16K)
2692 smmu->pgsize_bitmap |= SZ_16K | SZ_32M;
2693 if (reg & IDR5_GRAN4K)
2694 smmu->pgsize_bitmap |= SZ_4K | SZ_2M | SZ_1G;
2696 /* Input address size */
2697 if (FIELD_GET(IDR5_VAX, reg) == IDR5_VAX_52_BIT)
2698 smmu->features |= ARM_SMMU_FEAT_VAX;
2700 /* Output address size */
2701 switch (FIELD_GET(IDR5_OAS, reg)) {
2702 case IDR5_OAS_32_BIT:
2705 case IDR5_OAS_36_BIT:
2708 case IDR5_OAS_40_BIT:
2711 case IDR5_OAS_42_BIT:
2714 case IDR5_OAS_44_BIT:
2717 case IDR5_OAS_52_BIT:
2719 smmu->pgsize_bitmap |= 1ULL << 42; /* 4TB */
2723 "unknown output address size. Truncating to 48-bit\n");
2725 case IDR5_OAS_48_BIT:
2729 if (arm_smmu_ops.pgsize_bitmap == -1UL)
2730 arm_smmu_ops.pgsize_bitmap = smmu->pgsize_bitmap;
2732 arm_smmu_ops.pgsize_bitmap |= smmu->pgsize_bitmap;
2734 /* Set the DMA mask for our table walker */
2735 if (dma_set_mask_and_coherent(smmu->dev, DMA_BIT_MASK(smmu->oas)))
2737 "failed to set DMA mask for table walker\n");
2739 smmu->ias = max(smmu->ias, smmu->oas);
2741 dev_info(smmu->dev, "ias %lu-bit, oas %lu-bit (features 0x%08x)\n",
2742 smmu->ias, smmu->oas, smmu->features);
2747 static void acpi_smmu_get_options(u32 model, struct arm_smmu_device *smmu)
2750 case ACPI_IORT_SMMU_V3_CAVIUM_CN99XX:
2751 smmu->options |= ARM_SMMU_OPT_PAGE0_REGS_ONLY;
2753 case ACPI_IORT_SMMU_V3_HISILICON_HI161X:
2754 smmu->options |= ARM_SMMU_OPT_SKIP_PREFETCH;
2758 dev_notice(smmu->dev, "option mask 0x%x\n", smmu->options);
2761 static int arm_smmu_device_acpi_probe(struct platform_device *pdev,
2762 struct arm_smmu_device *smmu)
2764 struct acpi_iort_smmu_v3 *iort_smmu;
2765 struct device *dev = smmu->dev;
2766 struct acpi_iort_node *node;
2768 node = *(struct acpi_iort_node **)dev_get_platdata(dev);
2770 /* Retrieve SMMUv3 specific data */
2771 iort_smmu = (struct acpi_iort_smmu_v3 *)node->node_data;
2773 acpi_smmu_get_options(iort_smmu->model, smmu);
2775 if (iort_smmu->flags & ACPI_IORT_SMMU_V3_COHACC_OVERRIDE)
2776 smmu->features |= ARM_SMMU_FEAT_COHERENCY;
2781 static inline int arm_smmu_device_acpi_probe(struct platform_device *pdev,
2782 struct arm_smmu_device *smmu)
2788 static int arm_smmu_device_dt_probe(struct platform_device *pdev,
2789 struct arm_smmu_device *smmu)
2791 struct device *dev = &pdev->dev;
2795 if (of_property_read_u32(dev->of_node, "#iommu-cells", &cells))
2796 dev_err(dev, "missing #iommu-cells property\n");
2797 else if (cells != 1)
2798 dev_err(dev, "invalid #iommu-cells value (%d)\n", cells);
2802 parse_driver_options(smmu);
2804 if (of_dma_is_coherent(dev->of_node))
2805 smmu->features |= ARM_SMMU_FEAT_COHERENCY;
2810 static unsigned long arm_smmu_resource_size(struct arm_smmu_device *smmu)
2812 if (smmu->options & ARM_SMMU_OPT_PAGE0_REGS_ONLY)
2818 static int arm_smmu_device_probe(struct platform_device *pdev)
2821 struct resource *res;
2822 resource_size_t ioaddr;
2823 struct arm_smmu_device *smmu;
2824 struct device *dev = &pdev->dev;
2827 smmu = devm_kzalloc(dev, sizeof(*smmu), GFP_KERNEL);
2829 dev_err(dev, "failed to allocate arm_smmu_device\n");
2835 ret = arm_smmu_device_dt_probe(pdev, smmu);
2837 ret = arm_smmu_device_acpi_probe(pdev, smmu);
2842 /* Set bypass mode according to firmware probing result */
2846 res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
2847 if (resource_size(res) + 1 < arm_smmu_resource_size(smmu)) {
2848 dev_err(dev, "MMIO region too small (%pr)\n", res);
2851 ioaddr = res->start;
2853 smmu->base = devm_ioremap_resource(dev, res);
2854 if (IS_ERR(smmu->base))
2855 return PTR_ERR(smmu->base);
2857 /* Interrupt lines */
2859 irq = platform_get_irq_byname(pdev, "combined");
2861 smmu->combined_irq = irq;
2863 irq = platform_get_irq_byname(pdev, "eventq");
2865 smmu->evtq.q.irq = irq;
2867 irq = platform_get_irq_byname(pdev, "priq");
2869 smmu->priq.q.irq = irq;
2871 irq = platform_get_irq_byname(pdev, "gerror");
2873 smmu->gerr_irq = irq;
2876 ret = arm_smmu_device_hw_probe(smmu);
2880 /* Initialise in-memory data structures */
2881 ret = arm_smmu_init_structures(smmu);
2885 /* Record our private device structure */
2886 platform_set_drvdata(pdev, smmu);
2888 /* Reset the device */
2889 ret = arm_smmu_device_reset(smmu, bypass);
2893 /* And we're up. Go go go! */
2894 ret = iommu_device_sysfs_add(&smmu->iommu, dev, NULL,
2895 "smmu3.%pa", &ioaddr);
2899 iommu_device_set_ops(&smmu->iommu, &arm_smmu_ops);
2900 iommu_device_set_fwnode(&smmu->iommu, dev->fwnode);
2902 ret = iommu_device_register(&smmu->iommu);
2904 dev_err(dev, "Failed to register iommu\n");
2909 if (pci_bus_type.iommu_ops != &arm_smmu_ops) {
2911 ret = bus_set_iommu(&pci_bus_type, &arm_smmu_ops);
2916 #ifdef CONFIG_ARM_AMBA
2917 if (amba_bustype.iommu_ops != &arm_smmu_ops) {
2918 ret = bus_set_iommu(&amba_bustype, &arm_smmu_ops);
2923 if (platform_bus_type.iommu_ops != &arm_smmu_ops) {
2924 ret = bus_set_iommu(&platform_bus_type, &arm_smmu_ops);
2931 static int arm_smmu_device_remove(struct platform_device *pdev)
2933 struct arm_smmu_device *smmu = platform_get_drvdata(pdev);
2935 arm_smmu_device_disable(smmu);
2940 static void arm_smmu_device_shutdown(struct platform_device *pdev)
2942 arm_smmu_device_remove(pdev);
2945 static const struct of_device_id arm_smmu_of_match[] = {
2946 { .compatible = "arm,smmu-v3", },
2949 MODULE_DEVICE_TABLE(of, arm_smmu_of_match);
2951 static struct platform_driver arm_smmu_driver = {
2953 .name = "arm-smmu-v3",
2954 .of_match_table = of_match_ptr(arm_smmu_of_match),
2956 .probe = arm_smmu_device_probe,
2957 .remove = arm_smmu_device_remove,
2958 .shutdown = arm_smmu_device_shutdown,
2960 module_platform_driver(arm_smmu_driver);
2962 MODULE_DESCRIPTION("IOMMU API for ARM architected SMMUv3 implementations");
2963 MODULE_AUTHOR("Will Deacon <will.deacon@arm.com>");
2964 MODULE_LICENSE("GPL v2");
projects / linux-2.6-block.git / blob