1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2013 The FreeBSD Foundation
5 *
6 * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
7 * under sponsorship from the FreeBSD Foundation.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE.
29 */
30
31 #include <sys/param.h>
32 #include <sys/bus.h>
33 #include <sys/kernel.h>
34 #include <sys/lock.h>
35 #include <sys/malloc.h>
36 #include <sys/memdesc.h>
37 #include <sys/mutex.h>
38 #include <sys/proc.h>
39 #include <sys/queue.h>
40 #include <sys/rman.h>
41 #include <sys/rwlock.h>
42 #include <sys/sched.h>
43 #include <sys/sf_buf.h>
44 #include <sys/sysctl.h>
45 #include <sys/systm.h>
46 #include <sys/taskqueue.h>
47 #include <sys/time.h>
48 #include <sys/tree.h>
49 #include <sys/vmem.h>
50 #include <vm/vm.h>
51 #include <vm/vm_extern.h>
52 #include <vm/vm_kern.h>
53 #include <vm/vm_object.h>
54 #include <vm/vm_page.h>
55 #include <vm/vm_map.h>
56 #include <vm/vm_pageout.h>
57 #include <dev/pci/pcireg.h>
58 #include <dev/pci/pcivar.h>
59 #include <machine/bus.h>
60 #include <machine/cpu.h>
61 #include <machine/intr_machdep.h>
62 #include <x86/include/apicvar.h>
63 #include <x86/include/busdma_impl.h>
64 #include <dev/iommu/busdma_iommu.h>
65 #include <x86/iommu/intel_reg.h>
66 #include <x86/iommu/x86_iommu.h>
67 #include <x86/iommu/intel_dmar.h>
68
69 u_int
dmar_nd2mask(u_int nd)70 dmar_nd2mask(u_int nd)
71 {
72 static const u_int masks[] = {
73 0x000f, /* nd == 0 */
74 0x002f, /* nd == 1 */
75 0x00ff, /* nd == 2 */
76 0x02ff, /* nd == 3 */
77 0x0fff, /* nd == 4 */
78 0x2fff, /* nd == 5 */
79 0xffff, /* nd == 6 */
80 0x0000, /* nd == 7 reserved */
81 };
82
83 KASSERT(nd <= 6, ("number of domains %d", nd));
84 return (masks[nd]);
85 }
86
87 static const struct sagaw_bits_tag {
88 int agaw;
89 int cap;
90 int awlvl;
91 int pglvl;
92 } sagaw_bits[] = {
93 {.agaw = 30, .cap = DMAR_CAP_SAGAW_2LVL, .awlvl = DMAR_CTX2_AW_2LVL,
94 .pglvl = 2},
95 {.agaw = 39, .cap = DMAR_CAP_SAGAW_3LVL, .awlvl = DMAR_CTX2_AW_3LVL,
96 .pglvl = 3},
97 {.agaw = 48, .cap = DMAR_CAP_SAGAW_4LVL, .awlvl = DMAR_CTX2_AW_4LVL,
98 .pglvl = 4},
99 {.agaw = 57, .cap = DMAR_CAP_SAGAW_5LVL, .awlvl = DMAR_CTX2_AW_5LVL,
100 .pglvl = 5}
101 /*
102 * 6-level paging (DMAR_CAP_SAGAW_6LVL) is not supported on any
103 * current VT-d hardware and its SAGAW field value is listed as
104 * reserved in the VT-d spec. If support is added in the future,
105 * this structure and the logic in dmar_maxaddr2mgaw() will need
106 * to change to avoid attempted comparison against 1ULL << 64.
107 */
108 };
109
110 bool
dmar_pglvl_supported(struct dmar_unit * unit,int pglvl)111 dmar_pglvl_supported(struct dmar_unit *unit, int pglvl)
112 {
113 int i;
114
115 for (i = 0; i < nitems(sagaw_bits); i++) {
116 if (sagaw_bits[i].pglvl != pglvl)
117 continue;
118 if ((DMAR_CAP_SAGAW(unit->hw_cap) & sagaw_bits[i].cap) != 0)
119 return (true);
120 }
121 return (false);
122 }
123
124 int
domain_set_agaw(struct dmar_domain * domain,int mgaw)125 domain_set_agaw(struct dmar_domain *domain, int mgaw)
126 {
127 int sagaw, i;
128
129 domain->mgaw = mgaw;
130 sagaw = DMAR_CAP_SAGAW(domain->dmar->hw_cap);
131 for (i = 0; i < nitems(sagaw_bits); i++) {
132 if (sagaw_bits[i].agaw >= mgaw) {
133 domain->agaw = sagaw_bits[i].agaw;
134 domain->pglvl = sagaw_bits[i].pglvl;
135 domain->awlvl = sagaw_bits[i].awlvl;
136 return (0);
137 }
138 }
139 device_printf(domain->dmar->iommu.dev,
140 "context request mgaw %d: no agaw found, sagaw %x\n",
141 mgaw, sagaw);
142 return (EINVAL);
143 }
144
145 /*
146 * Find a best fit mgaw for the given maxaddr:
147 * - if allow_less is false, must find sagaw which maps all requested
148 * addresses (used by identity mappings);
149 * - if allow_less is true, and no supported sagaw can map all requested
150 * address space, accept the biggest sagaw, whatever is it.
151 */
152 int
dmar_maxaddr2mgaw(struct dmar_unit * unit,iommu_gaddr_t maxaddr,bool allow_less)153 dmar_maxaddr2mgaw(struct dmar_unit *unit, iommu_gaddr_t maxaddr, bool allow_less)
154 {
155 int i;
156
157 for (i = 0; i < nitems(sagaw_bits); i++) {
158 if ((1ULL << sagaw_bits[i].agaw) >= maxaddr &&
159 (DMAR_CAP_SAGAW(unit->hw_cap) & sagaw_bits[i].cap) != 0)
160 break;
161 }
162 if (allow_less && i == nitems(sagaw_bits)) {
163 do {
164 i--;
165 } while ((DMAR_CAP_SAGAW(unit->hw_cap) & sagaw_bits[i].cap)
166 == 0);
167 }
168 if (i < nitems(sagaw_bits))
169 return (sagaw_bits[i].agaw);
170 KASSERT(0, ("no mgaw for maxaddr %jx allow_less %d",
171 (uintmax_t) maxaddr, allow_less));
172 return (-1);
173 }
174
175 /*
176 * Return true if the page table level lvl supports the superpage for
177 * the context ctx.
178 */
179 int
domain_is_sp_lvl(struct dmar_domain * domain,int lvl)180 domain_is_sp_lvl(struct dmar_domain *domain, int lvl)
181 {
182 int alvl, cap_sps;
183 static const int sagaw_sp[] = {
184 DMAR_CAP_SPS_2M,
185 DMAR_CAP_SPS_1G,
186 DMAR_CAP_SPS_512G,
187 DMAR_CAP_SPS_1T
188 };
189
190 alvl = domain->pglvl - lvl - 1;
191 cap_sps = DMAR_CAP_SPS(domain->dmar->hw_cap);
192 return (alvl < nitems(sagaw_sp) && (sagaw_sp[alvl] & cap_sps) != 0);
193 }
194
195 iommu_gaddr_t
domain_page_size(struct dmar_domain * domain,int lvl)196 domain_page_size(struct dmar_domain *domain, int lvl)
197 {
198
199 return (pglvl_page_size(domain->pglvl, lvl));
200 }
201
202 int
calc_am(struct dmar_unit * unit,iommu_gaddr_t base,iommu_gaddr_t size,iommu_gaddr_t * isizep)203 calc_am(struct dmar_unit *unit, iommu_gaddr_t base, iommu_gaddr_t size,
204 iommu_gaddr_t *isizep)
205 {
206 iommu_gaddr_t isize;
207 int am;
208
209 for (am = DMAR_CAP_MAMV(unit->hw_cap);; am--) {
210 isize = 1ULL << (am + IOMMU_PAGE_SHIFT);
211 if ((base & (isize - 1)) == 0 && size >= isize)
212 break;
213 if (am == 0)
214 break;
215 }
216 *isizep = isize;
217 return (am);
218 }
219
220 int haw;
221 int dmar_tbl_pagecnt;
222
223 static void
dmar_flush_transl_to_ram(struct dmar_unit * unit,void * dst,size_t sz)224 dmar_flush_transl_to_ram(struct dmar_unit *unit, void *dst, size_t sz)
225 {
226
227 if (DMAR_IS_COHERENT(unit))
228 return;
229 /*
230 * If DMAR does not snoop paging structures accesses, flush
231 * CPU cache to memory.
232 */
233 pmap_force_invalidate_cache_range((uintptr_t)dst, (uintptr_t)dst + sz);
234 }
235
236 void
dmar_flush_pte_to_ram(struct dmar_unit * unit,iommu_pte_t * dst)237 dmar_flush_pte_to_ram(struct dmar_unit *unit, iommu_pte_t *dst)
238 {
239
240 dmar_flush_transl_to_ram(unit, dst, sizeof(*dst));
241 }
242
243 void
dmar_flush_ctx_to_ram(struct dmar_unit * unit,dmar_ctx_entry_t * dst)244 dmar_flush_ctx_to_ram(struct dmar_unit *unit, dmar_ctx_entry_t *dst)
245 {
246
247 dmar_flush_transl_to_ram(unit, dst, sizeof(*dst));
248 }
249
250 void
dmar_flush_root_to_ram(struct dmar_unit * unit,dmar_root_entry_t * dst)251 dmar_flush_root_to_ram(struct dmar_unit *unit, dmar_root_entry_t *dst)
252 {
253
254 dmar_flush_transl_to_ram(unit, dst, sizeof(*dst));
255 }
256
257 /*
258 * Load the root entry pointer into the hardware, busily waiting for
259 * the completion.
260 */
261 int
dmar_load_root_entry_ptr(struct dmar_unit * unit)262 dmar_load_root_entry_ptr(struct dmar_unit *unit)
263 {
264 vm_page_t root_entry;
265 int error;
266
267 /*
268 * Access to the GCMD register must be serialized while the
269 * command is submitted.
270 */
271 DMAR_ASSERT_LOCKED(unit);
272
273 VM_OBJECT_RLOCK(unit->ctx_obj);
274 root_entry = vm_page_lookup(unit->ctx_obj, 0);
275 VM_OBJECT_RUNLOCK(unit->ctx_obj);
276 dmar_write8(unit, DMAR_RTADDR_REG, VM_PAGE_TO_PHYS(root_entry));
277 dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd | DMAR_GCMD_SRTP);
278 DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_RTPS)
279 != 0));
280 return (error);
281 }
282
283 /*
284 * Globally invalidate the context entries cache, busily waiting for
285 * the completion.
286 */
287 int
dmar_inv_ctx_glob(struct dmar_unit * unit)288 dmar_inv_ctx_glob(struct dmar_unit *unit)
289 {
290 int error;
291
292 /*
293 * Access to the CCMD register must be serialized while the
294 * command is submitted.
295 */
296 DMAR_ASSERT_LOCKED(unit);
297 KASSERT(!unit->qi_enabled, ("QI enabled"));
298
299 /*
300 * The DMAR_CCMD_ICC bit in the upper dword should be written
301 * after the low dword write is completed. Amd64
302 * dmar_write8() does not have this issue, i386 dmar_write8()
303 * writes the upper dword last.
304 */
305 dmar_write8(unit, DMAR_CCMD_REG, DMAR_CCMD_ICC | DMAR_CCMD_CIRG_GLOB);
306 DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_CCMD_REG + 4) & DMAR_CCMD_ICC32)
307 == 0));
308 return (error);
309 }
310
311 /*
312 * Globally invalidate the IOTLB, busily waiting for the completion.
313 */
314 int
dmar_inv_iotlb_glob(struct dmar_unit * unit)315 dmar_inv_iotlb_glob(struct dmar_unit *unit)
316 {
317 int error, reg;
318
319 DMAR_ASSERT_LOCKED(unit);
320 KASSERT(!unit->qi_enabled, ("QI enabled"));
321
322 reg = 16 * DMAR_ECAP_IRO(unit->hw_ecap);
323 /* See a comment about DMAR_CCMD_ICC in dmar_inv_ctx_glob. */
324 dmar_write8(unit, reg + DMAR_IOTLB_REG_OFF, DMAR_IOTLB_IVT |
325 DMAR_IOTLB_IIRG_GLB | DMAR_IOTLB_DR | DMAR_IOTLB_DW);
326 DMAR_WAIT_UNTIL(((dmar_read4(unit, reg + DMAR_IOTLB_REG_OFF + 4) &
327 DMAR_IOTLB_IVT32) == 0));
328 return (error);
329 }
330
331 /*
332 * Flush the chipset write buffers. See 11.1 "Write Buffer Flushing"
333 * in the architecture specification.
334 */
335 int
dmar_flush_write_bufs(struct dmar_unit * unit)336 dmar_flush_write_bufs(struct dmar_unit *unit)
337 {
338 int error;
339
340 DMAR_ASSERT_LOCKED(unit);
341
342 /*
343 * DMAR_GCMD_WBF is only valid when CAP_RWBF is reported.
344 */
345 KASSERT((unit->hw_cap & DMAR_CAP_RWBF) != 0,
346 ("dmar%d: no RWBF", unit->iommu.unit));
347
348 dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd | DMAR_GCMD_WBF);
349 DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_WBFS)
350 != 0));
351 return (error);
352 }
353
354 /*
355 * Some BIOSes protect memory region they reside in by using DMAR to
356 * prevent devices from doing any DMA transactions to that part of RAM.
357 * AMI refers to this as "DMA Control Guarantee".
358 * We need to disable this when address translation is enabled.
359 */
360 int
dmar_disable_protected_regions(struct dmar_unit * unit)361 dmar_disable_protected_regions(struct dmar_unit *unit)
362 {
363 uint32_t reg;
364 int error;
365
366 DMAR_ASSERT_LOCKED(unit);
367
368 /* Check if we support the feature. */
369 if ((unit->hw_cap & (DMAR_CAP_PLMR | DMAR_CAP_PHMR)) == 0)
370 return (0);
371
372 reg = dmar_read4(unit, DMAR_PMEN_REG);
373 if ((reg & DMAR_PMEN_EPM) == 0)
374 return (0);
375
376 reg &= ~DMAR_PMEN_EPM;
377 dmar_write4(unit, DMAR_PMEN_REG, reg);
378 DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_PMEN_REG) & DMAR_PMEN_PRS)
379 != 0));
380
381 return (error);
382 }
383
384 int
dmar_enable_translation(struct dmar_unit * unit)385 dmar_enable_translation(struct dmar_unit *unit)
386 {
387 int error;
388
389 DMAR_ASSERT_LOCKED(unit);
390 unit->hw_gcmd |= DMAR_GCMD_TE;
391 dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd);
392 DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_TES)
393 != 0));
394 return (error);
395 }
396
397 int
dmar_disable_translation(struct dmar_unit * unit)398 dmar_disable_translation(struct dmar_unit *unit)
399 {
400 int error;
401
402 DMAR_ASSERT_LOCKED(unit);
403 unit->hw_gcmd &= ~DMAR_GCMD_TE;
404 dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd);
405 DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_TES)
406 == 0));
407 return (error);
408 }
409
410 int
dmar_load_irt_ptr(struct dmar_unit * unit)411 dmar_load_irt_ptr(struct dmar_unit *unit)
412 {
413 uint64_t irta, s;
414 int error;
415
416 DMAR_ASSERT_LOCKED(unit);
417 irta = unit->irt_phys;
418 if (DMAR_X2APIC(unit))
419 irta |= DMAR_IRTA_EIME;
420 s = fls(unit->irte_cnt) - 2;
421 KASSERT(unit->irte_cnt >= 2 && s <= DMAR_IRTA_S_MASK &&
422 powerof2(unit->irte_cnt),
423 ("IRTA_REG_S overflow %x", unit->irte_cnt));
424 irta |= s;
425 dmar_write8(unit, DMAR_IRTA_REG, irta);
426 dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd | DMAR_GCMD_SIRTP);
427 DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_IRTPS)
428 != 0));
429 return (error);
430 }
431
432 int
dmar_enable_ir(struct dmar_unit * unit)433 dmar_enable_ir(struct dmar_unit *unit)
434 {
435 int error;
436
437 DMAR_ASSERT_LOCKED(unit);
438 unit->hw_gcmd |= DMAR_GCMD_IRE;
439 unit->hw_gcmd &= ~DMAR_GCMD_CFI;
440 dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd);
441 DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_IRES)
442 != 0));
443 return (error);
444 }
445
446 int
dmar_disable_ir(struct dmar_unit * unit)447 dmar_disable_ir(struct dmar_unit *unit)
448 {
449 int error;
450
451 DMAR_ASSERT_LOCKED(unit);
452 unit->hw_gcmd &= ~DMAR_GCMD_IRE;
453 dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd);
454 DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_IRES)
455 == 0));
456 return (error);
457 }
458
459 #define BARRIER_F \
460 u_int f_done, f_inproc, f_wakeup; \
461 \
462 f_done = 1 << (barrier_id * 3); \
463 f_inproc = 1 << (barrier_id * 3 + 1); \
464 f_wakeup = 1 << (barrier_id * 3 + 2)
465
466 bool
dmar_barrier_enter(struct dmar_unit * dmar,u_int barrier_id)467 dmar_barrier_enter(struct dmar_unit *dmar, u_int barrier_id)
468 {
469 BARRIER_F;
470
471 DMAR_LOCK(dmar);
472 if ((dmar->barrier_flags & f_done) != 0) {
473 DMAR_UNLOCK(dmar);
474 return (false);
475 }
476
477 if ((dmar->barrier_flags & f_inproc) != 0) {
478 while ((dmar->barrier_flags & f_inproc) != 0) {
479 dmar->barrier_flags |= f_wakeup;
480 msleep(&dmar->barrier_flags, &dmar->iommu.lock, 0,
481 "dmarb", 0);
482 }
483 KASSERT((dmar->barrier_flags & f_done) != 0,
484 ("dmar%d barrier %d missing done", dmar->iommu.unit,
485 barrier_id));
486 DMAR_UNLOCK(dmar);
487 return (false);
488 }
489
490 dmar->barrier_flags |= f_inproc;
491 DMAR_UNLOCK(dmar);
492 return (true);
493 }
494
495 void
dmar_barrier_exit(struct dmar_unit * dmar,u_int barrier_id)496 dmar_barrier_exit(struct dmar_unit *dmar, u_int barrier_id)
497 {
498 BARRIER_F;
499
500 DMAR_ASSERT_LOCKED(dmar);
501 KASSERT((dmar->barrier_flags & (f_done | f_inproc)) == f_inproc,
502 ("dmar%d barrier %d missed entry", dmar->iommu.unit, barrier_id));
503 dmar->barrier_flags |= f_done;
504 if ((dmar->barrier_flags & f_wakeup) != 0)
505 wakeup(&dmar->barrier_flags);
506 dmar->barrier_flags &= ~(f_inproc | f_wakeup);
507 DMAR_UNLOCK(dmar);
508 }
509
510 struct timespec dmar_hw_timeout = {
511 .tv_sec = 0,
512 .tv_nsec = 1000000
513 };
514
515 static const uint64_t d = 1000000000;
516
517 void
dmar_update_timeout(uint64_t newval)518 dmar_update_timeout(uint64_t newval)
519 {
520
521 /* XXXKIB not atomic */
522 dmar_hw_timeout.tv_sec = newval / d;
523 dmar_hw_timeout.tv_nsec = newval % d;
524 }
525
526 uint64_t
dmar_get_timeout(void)527 dmar_get_timeout(void)
528 {
529
530 return ((uint64_t)dmar_hw_timeout.tv_sec * d +
531 dmar_hw_timeout.tv_nsec);
532 }
533
534 static int
dmar_timeout_sysctl(SYSCTL_HANDLER_ARGS)535 dmar_timeout_sysctl(SYSCTL_HANDLER_ARGS)
536 {
537 uint64_t val;
538 int error;
539
540 val = dmar_get_timeout();
541 error = sysctl_handle_long(oidp, &val, 0, req);
542 if (error != 0 || req->newptr == NULL)
543 return (error);
544 dmar_update_timeout(val);
545 return (error);
546 }
547
548 SYSCTL_PROC(_hw_iommu_dmar, OID_AUTO, timeout,
549 CTLTYPE_U64 | CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 0,
550 dmar_timeout_sysctl, "QU",
551 "Timeout for command wait, in nanoseconds");
552