1 // SPDX-License-Identifier: GPL-2.0 or MIT 2 /* Copyright 2019 Linaro, Ltd, Rob Herring <robh@kernel.org> */ 3 /* Copyright 2023 Collabora ltd. */ 4 /* Copyright 2025 ARM Limited. All rights reserved. */ 5 6 #include <drm/drm_debugfs.h> 7 #include <drm/drm_drv.h> 8 #include <drm/drm_exec.h> 9 #include <drm/drm_file.h> 10 #include <drm/drm_gpuvm.h> 11 #include <drm/drm_managed.h> 12 #include <drm/drm_print.h> 13 #include <drm/gpu_scheduler.h> 14 #include <drm/panthor_drm.h> 15 16 #include <linux/atomic.h> 17 #include <linux/bitfield.h> 18 #include <linux/delay.h> 19 #include <linux/dma-mapping.h> 20 #include <linux/interrupt.h> 21 #include <linux/io.h> 22 #include <linux/iopoll.h> 23 #include <linux/io-pgtable.h> 24 #include <linux/iommu.h> 25 #include <linux/kmemleak.h> 26 #include <linux/platform_device.h> 27 #include <linux/pm_runtime.h> 28 #include <linux/rwsem.h> 29 #include <linux/sched.h> 30 #include <linux/shmem_fs.h> 31 #include <linux/sizes.h> 32 33 #include "panthor_device.h" 34 #include "panthor_gem.h" 35 #include "panthor_gpu.h" 36 #include "panthor_gpu_regs.h" 37 #include "panthor_heap.h" 38 #include "panthor_mmu.h" 39 #include "panthor_mmu_regs.h" 40 #include "panthor_sched.h" 41 42 #define MAX_AS_SLOTS 32 43 44 struct panthor_vm; 45 46 /** 47 * struct panthor_as_slot - Address space slot 48 */ 49 struct panthor_as_slot { 50 /** @vm: VM bound to this slot. NULL is no VM is bound. */ 51 struct panthor_vm *vm; 52 }; 53 54 /** 55 * struct panthor_mmu - MMU related data 56 */ 57 struct panthor_mmu { 58 /** @iomem: CPU mapping of MMU_AS_CONTROL iomem region */ 59 void __iomem *iomem; 60 61 /** @irq: The MMU irq. */ 62 struct panthor_irq irq; 63 64 /** 65 * @as: Address space related fields. 66 * 67 * The GPU has a limited number of address spaces (AS) slots, forcing 68 * us to re-assign them to re-assign slots on-demand. 69 */ 70 struct { 71 /** @as.slots_lock: Lock protecting access to all other AS fields. */ 72 struct mutex slots_lock; 73 74 /** @as.alloc_mask: Bitmask encoding the allocated slots. */ 75 unsigned long alloc_mask; 76 77 /** @as.faulty_mask: Bitmask encoding the faulty slots. */ 78 unsigned long faulty_mask; 79 80 /** @as.slots: VMs currently bound to the AS slots. */ 81 struct panthor_as_slot slots[MAX_AS_SLOTS]; 82 83 /** 84 * @as.lru_list: List of least recently used VMs. 85 * 86 * We use this list to pick a VM to evict when all slots are 87 * used. 88 * 89 * There should be no more active VMs than there are AS slots, 90 * so this LRU is just here to keep VMs bound until there's 91 * a need to release a slot, thus avoid unnecessary TLB/cache 92 * flushes. 93 */ 94 struct list_head lru_list; 95 } as; 96 97 /** @vm: VMs management fields */ 98 struct { 99 /** @vm.lock: Lock protecting access to list. */ 100 struct mutex lock; 101 102 /** @vm.list: List containing all VMs. */ 103 struct list_head list; 104 105 /** @vm.reset_in_progress: True if a reset is in progress. */ 106 bool reset_in_progress; 107 108 /** @vm.wq: Workqueue used for the VM_BIND queues. */ 109 struct workqueue_struct *wq; 110 } vm; 111 }; 112 113 /** 114 * struct panthor_vm_pool - VM pool object 115 */ 116 struct panthor_vm_pool { 117 /** @xa: Array used for VM handle tracking. */ 118 struct xarray xa; 119 }; 120 121 /** 122 * struct panthor_vma - GPU mapping object 123 * 124 * This is used to track GEM mappings in GPU space. 125 */ 126 struct panthor_vma { 127 /** @base: Inherits from drm_gpuva. */ 128 struct drm_gpuva base; 129 130 /** @node: Used to implement deferred release of VMAs. */ 131 struct list_head node; 132 133 /** 134 * @flags: Combination of drm_panthor_vm_bind_op_flags. 135 * 136 * Only map related flags are accepted. 137 */ 138 u32 flags; 139 140 /** @evicted: True if the VMA has been evicted. */ 141 bool evicted; 142 }; 143 144 /** 145 * struct panthor_vm_op_ctx - VM operation context 146 * 147 * With VM operations potentially taking place in a dma-signaling path, we 148 * need to make sure everything that might require resource allocation is 149 * pre-allocated upfront. This is what this operation context is far. 150 * 151 * We also collect resources that have been freed, so we can release them 152 * asynchronously, and let the VM_BIND scheduler process the next VM_BIND 153 * request. 154 */ 155 struct panthor_vm_op_ctx { 156 /** @rsvd_page_tables: Pages reserved for the MMU page table update. */ 157 struct { 158 /** @rsvd_page_tables.count: Number of pages reserved. */ 159 u32 count; 160 161 /** @rsvd_page_tables.ptr: Point to the first unused page in the @pages table. */ 162 u32 ptr; 163 164 /** 165 * @rsvd_page_tables.pages: Array of pages to be used for an MMU page table update. 166 * 167 * After an VM operation, there might be free pages left in this array. 168 * They should be returned to the pt_cache as part of the op_ctx cleanup. 169 */ 170 void **pages; 171 } rsvd_page_tables; 172 173 /** 174 * @preallocated_vmas: Pre-allocated VMAs to handle the remap case. 175 * 176 * Partial unmap requests or map requests overlapping existing mappings will 177 * trigger a remap call, which need to register up to three panthor_vma objects 178 * (one for the new mapping, and two for the previous and next mappings). 179 */ 180 struct panthor_vma *preallocated_vmas[3]; 181 182 /** @flags: Combination of drm_panthor_vm_bind_op_flags. */ 183 u32 flags; 184 185 /** @va: Virtual range targeted by the VM operation. */ 186 struct { 187 /** @va.addr: Start address. */ 188 u64 addr; 189 190 /** @va.range: Range size. */ 191 u64 range; 192 } va; 193 194 /** @map: Fields specific to a map operation. */ 195 struct { 196 /** @map.vm_bo: Buffer object to map. */ 197 struct drm_gpuvm_bo *vm_bo; 198 199 /** @map.bo_offset: Offset in the buffer object. */ 200 u64 bo_offset; 201 202 /** 203 * @map.sgt: sg-table pointing to pages backing the GEM object. 204 * 205 * This is gathered at job creation time, such that we don't have 206 * to allocate in ::run_job(). 207 */ 208 struct sg_table *sgt; 209 210 /** @map.bo: the BO being mapped. */ 211 struct panthor_gem_object *bo; 212 } map; 213 }; 214 215 /** 216 * struct panthor_vm - VM object 217 * 218 * A VM is an object representing a GPU (or MCU) virtual address space. 219 * It embeds the MMU page table for this address space, a tree containing 220 * all the virtual mappings of GEM objects, and other things needed to manage 221 * the VM. 222 * 223 * Except for the MCU VM, which is managed by the kernel, all other VMs are 224 * created by userspace and mostly managed by userspace, using the 225 * %DRM_IOCTL_PANTHOR_VM_BIND ioctl. 226 * 227 * A portion of the virtual address space is reserved for kernel objects, 228 * like heap chunks, and userspace gets to decide how much of the virtual 229 * address space is left to the kernel (half of the virtual address space 230 * by default). 231 */ 232 struct panthor_vm { 233 /** 234 * @base: Inherit from drm_gpuvm. 235 * 236 * We delegate all the VA management to the common drm_gpuvm framework 237 * and only implement hooks to update the MMU page table. 238 */ 239 struct drm_gpuvm base; 240 241 /** 242 * @sched: Scheduler used for asynchronous VM_BIND request. 243 * 244 * We use a 1:1 scheduler here. 245 */ 246 struct drm_gpu_scheduler sched; 247 248 /** 249 * @entity: Scheduling entity representing the VM_BIND queue. 250 * 251 * There's currently one bind queue per VM. It doesn't make sense to 252 * allow more given the VM operations are serialized anyway. 253 */ 254 struct drm_sched_entity entity; 255 256 /** @ptdev: Device. */ 257 struct panthor_device *ptdev; 258 259 /** @memattr: Value to program to the AS_MEMATTR register. */ 260 u64 memattr; 261 262 /** @pgtbl_ops: Page table operations. */ 263 struct io_pgtable_ops *pgtbl_ops; 264 265 /** @root_page_table: Stores the root page table pointer. */ 266 void *root_page_table; 267 268 /** 269 * @op_lock: Lock used to serialize operations on a VM. 270 * 271 * The serialization of jobs queued to the VM_BIND queue is already 272 * taken care of by drm_sched, but we need to serialize synchronous 273 * and asynchronous VM_BIND request. This is what this lock is for. 274 */ 275 struct mutex op_lock; 276 277 /** 278 * @op_ctx: The context attached to the currently executing VM operation. 279 * 280 * NULL when no operation is in progress. 281 */ 282 struct panthor_vm_op_ctx *op_ctx; 283 284 /** 285 * @mm: Memory management object representing the auto-VA/kernel-VA. 286 * 287 * Used to auto-allocate VA space for kernel-managed objects (tiler 288 * heaps, ...). 289 * 290 * For the MCU VM, this is managing the VA range that's used to map 291 * all shared interfaces. 292 * 293 * For user VMs, the range is specified by userspace, and must not 294 * exceed half of the VA space addressable. 295 */ 296 struct drm_mm mm; 297 298 /** @mm_lock: Lock protecting the @mm field. */ 299 struct mutex mm_lock; 300 301 /** @kernel_auto_va: Automatic VA-range for kernel BOs. */ 302 struct { 303 /** @kernel_auto_va.start: Start of the automatic VA-range for kernel BOs. */ 304 u64 start; 305 306 /** @kernel_auto_va.size: Size of the automatic VA-range for kernel BOs. */ 307 u64 end; 308 } kernel_auto_va; 309 310 /** @as: Address space related fields. */ 311 struct { 312 /** 313 * @as.id: ID of the address space this VM is bound to. 314 * 315 * A value of -1 means the VM is inactive/not bound. 316 */ 317 int id; 318 319 /** @as.active_cnt: Number of active users of this VM. */ 320 refcount_t active_cnt; 321 322 /** 323 * @as.lru_node: Used to instead the VM in the panthor_mmu::as::lru_list. 324 * 325 * Active VMs should not be inserted in the LRU list. 326 */ 327 struct list_head lru_node; 328 } as; 329 330 /** 331 * @heaps: Tiler heap related fields. 332 */ 333 struct { 334 /** 335 * @heaps.pool: The heap pool attached to this VM. 336 * 337 * Will stay NULL until someone creates a heap context on this VM. 338 */ 339 struct panthor_heap_pool *pool; 340 341 /** @heaps.lock: Lock used to protect access to @pool. */ 342 struct mutex lock; 343 } heaps; 344 345 /** @node: Used to insert the VM in the panthor_mmu::vm::list. */ 346 struct list_head node; 347 348 /** @for_mcu: True if this is the MCU VM. */ 349 bool for_mcu; 350 351 /** 352 * @destroyed: True if the VM was destroyed. 353 * 354 * No further bind requests should be queued to a destroyed VM. 355 */ 356 bool destroyed; 357 358 /** 359 * @unusable: True if the VM has turned unusable because something 360 * bad happened during an asynchronous request. 361 * 362 * We don't try to recover from such failures, because this implies 363 * informing userspace about the specific operation that failed, and 364 * hoping the userspace driver can replay things from there. This all 365 * sounds very complicated for little gain. 366 * 367 * Instead, we should just flag the VM as unusable, and fail any 368 * further request targeting this VM. 369 * 370 * We also provide a way to query a VM state, so userspace can destroy 371 * it and create a new one. 372 * 373 * As an analogy, this would be mapped to a VK_ERROR_DEVICE_LOST 374 * situation, where the logical device needs to be re-created. 375 */ 376 bool unusable; 377 378 /** 379 * @unhandled_fault: Unhandled fault happened. 380 * 381 * This should be reported to the scheduler, and the queue/group be 382 * flagged as faulty as a result. 383 */ 384 bool unhandled_fault; 385 386 /** @locked_region: Information about the currently locked region currently. */ 387 struct { 388 /** @locked_region.start: Start of the locked region. */ 389 u64 start; 390 391 /** @locked_region.size: Size of the locked region. */ 392 u64 size; 393 } locked_region; 394 395 /** @reclaim: Fields related to BO reclaim. */ 396 struct { 397 /** @reclaim.lru: LRU of BOs that are only mapped to this VM. */ 398 struct drm_gem_lru lru; 399 400 /** 401 * @reclaim.lru_node: Node used to insert the VM in 402 * panthor_device::reclaim::vms. 403 */ 404 struct list_head lru_node; 405 } reclaim; 406 }; 407 408 /** 409 * struct panthor_vm_bind_job - VM bind job 410 */ 411 struct panthor_vm_bind_job { 412 /** @base: Inherit from drm_sched_job. */ 413 struct drm_sched_job base; 414 415 /** @refcount: Reference count. */ 416 struct kref refcount; 417 418 /** @cleanup_op_ctx_work: Work used to cleanup the VM operation context. */ 419 struct work_struct cleanup_op_ctx_work; 420 421 /** @vm: VM targeted by the VM operation. */ 422 struct panthor_vm *vm; 423 424 /** @ctx: Operation context. */ 425 struct panthor_vm_op_ctx ctx; 426 }; 427 428 /* 429 * @pt_cache: Cache used to allocate MMU page tables. 430 * 431 * The pre-allocation pattern forces us to over-allocate to plan for 432 * the worst case scenario, and return the pages we didn't use. 433 * 434 * Having a kmem_cache allows us to speed allocations. 435 */ 436 static struct kmem_cache *pt_cache; 437 438 /** 439 * alloc_pt() - Custom page table allocator 440 * @cookie: Cookie passed at page table allocation time. 441 * @size: Size of the page table. This size should be fixed, 442 * and determined at creation time based on the granule size. 443 * @gfp: GFP flags. 444 * 445 * We want a custom allocator so we can use a cache for page table 446 * allocations and amortize the cost of the over-reservation that's 447 * done to allow asynchronous VM operations. 448 * 449 * Return: non-NULL on success, NULL if the allocation failed for any 450 * reason. 451 */ 452 static void *alloc_pt(void *cookie, size_t size, gfp_t gfp) 453 { 454 struct panthor_vm *vm = cookie; 455 void *page; 456 457 /* Allocation of the root page table happening during init. */ 458 if (unlikely(!vm->root_page_table)) { 459 struct page *p; 460 461 drm_WARN_ON(&vm->ptdev->base, vm->op_ctx); 462 p = alloc_pages_node(dev_to_node(vm->ptdev->base.dev), 463 gfp | __GFP_ZERO, get_order(size)); 464 page = p ? page_address(p) : NULL; 465 vm->root_page_table = page; 466 return page; 467 } 468 469 /* We're not supposed to have anything bigger than 4k here, because we picked a 470 * 4k granule size at init time. 471 */ 472 if (drm_WARN_ON(&vm->ptdev->base, size != SZ_4K)) 473 return NULL; 474 475 /* We must have some op_ctx attached to the VM and it must have at least one 476 * free page. 477 */ 478 if (drm_WARN_ON(&vm->ptdev->base, !vm->op_ctx) || 479 drm_WARN_ON(&vm->ptdev->base, 480 vm->op_ctx->rsvd_page_tables.ptr >= vm->op_ctx->rsvd_page_tables.count)) 481 return NULL; 482 483 page = vm->op_ctx->rsvd_page_tables.pages[vm->op_ctx->rsvd_page_tables.ptr++]; 484 memset(page, 0, SZ_4K); 485 486 /* Page table entries don't use virtual addresses, which trips out 487 * kmemleak. kmemleak_alloc_phys() might work, but physical addresses 488 * are mixed with other fields, and I fear kmemleak won't detect that 489 * either. 490 * 491 * Let's just ignore memory passed to the page-table driver for now. 492 */ 493 kmemleak_ignore(page); 494 return page; 495 } 496 497 /** 498 * free_pt() - Custom page table free function 499 * @cookie: Cookie passed at page table allocation time. 500 * @data: Page table to free. 501 * @size: Size of the page table. This size should be fixed, 502 * and determined at creation time based on the granule size. 503 */ 504 static void free_pt(void *cookie, void *data, size_t size) 505 { 506 struct panthor_vm *vm = cookie; 507 508 if (unlikely(vm->root_page_table == data)) { 509 free_pages((unsigned long)data, get_order(size)); 510 vm->root_page_table = NULL; 511 return; 512 } 513 514 if (drm_WARN_ON(&vm->ptdev->base, size != SZ_4K)) 515 return; 516 517 /* Return the page to the pt_cache. */ 518 kmem_cache_free(pt_cache, data); 519 } 520 521 static int wait_ready(struct panthor_device *ptdev, u32 as_nr) 522 { 523 struct panthor_mmu *mmu = ptdev->mmu; 524 int ret; 525 u32 val; 526 527 /* Wait for the MMU status to indicate there is no active command, in 528 * case one is pending. 529 */ 530 ret = gpu_read_relaxed_poll_timeout_atomic(mmu->iomem, AS_STATUS(as_nr), val, 531 !(val & AS_STATUS_AS_ACTIVE), 10, 100000); 532 533 if (ret) { 534 panthor_device_schedule_reset(ptdev); 535 drm_err(&ptdev->base, "AS_ACTIVE bit stuck\n"); 536 } 537 538 return ret; 539 } 540 541 static int as_send_cmd_and_wait(struct panthor_device *ptdev, u32 as_nr, u32 cmd) 542 { 543 int status; 544 545 /* write AS_COMMAND when MMU is ready to accept another command */ 546 status = wait_ready(ptdev, as_nr); 547 if (!status) { 548 gpu_write(ptdev->mmu->iomem, AS_COMMAND(as_nr), cmd); 549 status = wait_ready(ptdev, as_nr); 550 } 551 552 return status; 553 } 554 555 static u64 pack_region_range(struct panthor_device *ptdev, u64 *region_start, u64 *size) 556 { 557 u8 region_width; 558 u64 region_end = *region_start + *size; 559 560 if (drm_WARN_ON_ONCE(&ptdev->base, !*size)) 561 return 0; 562 563 /* 564 * The locked region is a naturally aligned power of 2 block encoded as 565 * log2 minus(1). 566 * Calculate the desired start/end and look for the highest bit which 567 * differs. The smallest naturally aligned block must include this bit 568 * change, the desired region starts with this bit (and subsequent bits) 569 * zeroed and ends with the bit (and subsequent bits) set to one. 570 */ 571 region_width = max(fls64(*region_start ^ (region_end - 1)), 572 const_ilog2(AS_LOCK_REGION_MIN_SIZE)) - 1; 573 574 /* 575 * Mask off the low bits of region_start (which would be ignored by 576 * the hardware anyway) 577 */ 578 *region_start &= GENMASK_ULL(63, region_width); 579 *size = 1ull << (region_width + 1); 580 581 return region_width | *region_start; 582 } 583 584 static u32 panthor_mmu_as_fault_mask(struct panthor_device *ptdev, u32 as) 585 { 586 return BIT(as); 587 } 588 589 /* Forward declaration to call helpers within as_enable/disable */ 590 static void panthor_mmu_irq_handler(struct panthor_device *ptdev, u32 status); 591 PANTHOR_IRQ_HANDLER(mmu, panthor_mmu_irq_handler); 592 593 static int panthor_mmu_as_enable(struct panthor_device *ptdev, u32 as_nr, 594 u64 transtab, u64 transcfg, u64 memattr) 595 { 596 struct panthor_mmu *mmu = ptdev->mmu; 597 598 panthor_mmu_irq_enable_events(&ptdev->mmu->irq, 599 panthor_mmu_as_fault_mask(ptdev, as_nr)); 600 601 gpu_write64(mmu->iomem, AS_TRANSTAB(as_nr), transtab); 602 gpu_write64(mmu->iomem, AS_MEMATTR(as_nr), memattr); 603 gpu_write64(mmu->iomem, AS_TRANSCFG(as_nr), transcfg); 604 605 return as_send_cmd_and_wait(ptdev, as_nr, AS_COMMAND_UPDATE); 606 } 607 608 static int panthor_mmu_as_disable(struct panthor_device *ptdev, u32 as_nr, 609 bool recycle_slot) 610 { 611 struct panthor_mmu *mmu = ptdev->mmu; 612 struct panthor_vm *vm = ptdev->mmu->as.slots[as_nr].vm; 613 int ret; 614 615 lockdep_assert_held(&ptdev->mmu->as.slots_lock); 616 617 panthor_mmu_irq_disable_events(&ptdev->mmu->irq, 618 panthor_mmu_as_fault_mask(ptdev, as_nr)); 619 620 /* Flush+invalidate RW caches, invalidate RO ones. */ 621 ret = panthor_gpu_flush_caches(ptdev, CACHE_CLEAN | CACHE_INV, 622 CACHE_CLEAN | CACHE_INV, CACHE_INV); 623 if (ret) 624 return ret; 625 626 if (vm && vm->locked_region.size) { 627 /* Unlock the region if there's a lock pending. */ 628 ret = as_send_cmd_and_wait(ptdev, vm->as.id, AS_COMMAND_UNLOCK); 629 if (ret) 630 return ret; 631 } 632 633 /* If the slot is going to be used immediately, don't bother changing 634 * the config. 635 */ 636 if (recycle_slot) 637 return 0; 638 639 gpu_write64(mmu->iomem, AS_TRANSTAB(as_nr), 0); 640 gpu_write64(mmu->iomem, AS_MEMATTR(as_nr), 0); 641 gpu_write64(mmu->iomem, AS_TRANSCFG(as_nr), AS_TRANSCFG_ADRMODE_UNMAPPED); 642 643 return as_send_cmd_and_wait(ptdev, as_nr, AS_COMMAND_UPDATE); 644 } 645 646 static u32 panthor_mmu_fault_mask(struct panthor_device *ptdev, u32 value) 647 { 648 /* Bits 16 to 31 mean REQ_COMPLETE. */ 649 return value & GENMASK(15, 0); 650 } 651 652 /** 653 * panthor_vm_has_unhandled_faults() - Check if a VM has unhandled faults 654 * @vm: VM to check. 655 * 656 * Return: true if the VM has unhandled faults, false otherwise. 657 */ 658 bool panthor_vm_has_unhandled_faults(struct panthor_vm *vm) 659 { 660 return vm->unhandled_fault; 661 } 662 663 /** 664 * panthor_vm_is_unusable() - Check if the VM is still usable 665 * @vm: VM to check. 666 * 667 * Return: true if the VM is unusable, false otherwise. 668 */ 669 bool panthor_vm_is_unusable(struct panthor_vm *vm) 670 { 671 return vm->unusable; 672 } 673 674 static void panthor_vm_release_as_locked(struct panthor_vm *vm) 675 { 676 struct panthor_device *ptdev = vm->ptdev; 677 678 lockdep_assert_held(&ptdev->mmu->as.slots_lock); 679 680 if (drm_WARN_ON(&ptdev->base, vm->as.id < 0)) 681 return; 682 683 ptdev->mmu->as.slots[vm->as.id].vm = NULL; 684 clear_bit(vm->as.id, &ptdev->mmu->as.alloc_mask); 685 refcount_set(&vm->as.active_cnt, 0); 686 list_del_init(&vm->as.lru_node); 687 vm->as.id = -1; 688 } 689 690 /** 691 * panthor_vm_active() - Flag a VM as active 692 * @vm: VM to flag as active. 693 * 694 * Assigns an address space to a VM so it can be used by the GPU/MCU. 695 * 696 * Return: 0 on success, a negative error code otherwise. 697 */ 698 int panthor_vm_active(struct panthor_vm *vm) 699 { 700 struct panthor_device *ptdev = vm->ptdev; 701 u32 va_bits = GPU_MMU_FEATURES_VA_BITS(ptdev->gpu_info.mmu_features); 702 struct io_pgtable_cfg *cfg = &io_pgtable_ops_to_pgtable(vm->pgtbl_ops)->cfg; 703 int ret = 0, as, cookie; 704 u64 transtab, transcfg; 705 u32 fault_mask; 706 707 if (!drm_dev_enter(&ptdev->base, &cookie)) 708 return -ENODEV; 709 710 if (refcount_inc_not_zero(&vm->as.active_cnt)) 711 goto out_dev_exit; 712 713 /* As soon as active is called, we place the VM at the end of the VM LRU. 714 * If something fails after that, the only downside is that this VM that 715 * never became active in the first place will be reclaimed last, but 716 * that's an acceptable trade-off. 717 */ 718 mutex_lock(&ptdev->base.gem_lru_mutex); 719 if (vm->reclaim.lru.count) 720 list_move_tail(&vm->reclaim.lru_node, &ptdev->reclaim.vms); 721 mutex_unlock(&ptdev->base.gem_lru_mutex); 722 723 /* Make sure we don't race with lock/unlock_region() calls 724 * happening around VM bind operations. 725 */ 726 mutex_lock(&vm->op_lock); 727 mutex_lock(&ptdev->mmu->as.slots_lock); 728 729 if (refcount_inc_not_zero(&vm->as.active_cnt)) 730 goto out_unlock; 731 732 as = vm->as.id; 733 if (as >= 0) { 734 /* Unhandled pagefault on this AS, the MMU was disabled. We need to 735 * re-enable the MMU after clearing+unmasking the AS interrupts. 736 */ 737 if (ptdev->mmu->as.faulty_mask & panthor_mmu_as_fault_mask(ptdev, as)) 738 goto out_enable_as; 739 740 goto out_make_active; 741 } 742 743 /* Check for a free AS */ 744 if (vm->for_mcu) { 745 drm_WARN_ON(&ptdev->base, ptdev->mmu->as.alloc_mask & BIT(0)); 746 as = 0; 747 } else { 748 as = ffz(ptdev->mmu->as.alloc_mask | BIT(0)); 749 } 750 751 if (!(BIT(as) & ptdev->gpu_info.as_present)) { 752 struct panthor_vm *lru_vm; 753 754 lru_vm = list_first_entry_or_null(&ptdev->mmu->as.lru_list, 755 struct panthor_vm, 756 as.lru_node); 757 if (drm_WARN_ON(&ptdev->base, !lru_vm)) { 758 ret = -EBUSY; 759 goto out_unlock; 760 } 761 762 drm_WARN_ON(&ptdev->base, refcount_read(&lru_vm->as.active_cnt)); 763 as = lru_vm->as.id; 764 765 ret = panthor_mmu_as_disable(ptdev, as, true); 766 if (ret) 767 goto out_unlock; 768 769 panthor_vm_release_as_locked(lru_vm); 770 } 771 772 /* Assign the free or reclaimed AS to the FD */ 773 vm->as.id = as; 774 set_bit(as, &ptdev->mmu->as.alloc_mask); 775 ptdev->mmu->as.slots[as].vm = vm; 776 777 out_enable_as: 778 transtab = cfg->arm_lpae_s1_cfg.ttbr; 779 transcfg = AS_TRANSCFG_PTW_MEMATTR_WB | 780 AS_TRANSCFG_PTW_RA | 781 AS_TRANSCFG_ADRMODE_AARCH64_4K | 782 AS_TRANSCFG_INA_BITS(55 - va_bits); 783 if (ptdev->coherent) 784 transcfg |= AS_TRANSCFG_PTW_SH_OS; 785 786 /* If the VM is re-activated, we clear the fault. */ 787 vm->unhandled_fault = false; 788 789 /* Unhandled pagefault on this AS, clear the fault and enable the AS, 790 * which re-enables interrupts. 791 */ 792 fault_mask = panthor_mmu_as_fault_mask(ptdev, as); 793 if (ptdev->mmu->as.faulty_mask & fault_mask) { 794 gpu_write(ptdev->mmu->irq.iomem, INT_CLEAR, fault_mask); 795 ptdev->mmu->as.faulty_mask &= ~fault_mask; 796 } 797 798 /* The VM update is guarded by ::op_lock, which we take at the beginning 799 * of this function, so we don't expect any locked region here. 800 */ 801 drm_WARN_ON(&vm->ptdev->base, vm->locked_region.size > 0); 802 ret = panthor_mmu_as_enable(vm->ptdev, vm->as.id, transtab, transcfg, vm->memattr); 803 804 out_make_active: 805 if (!ret) { 806 refcount_set(&vm->as.active_cnt, 1); 807 list_del_init(&vm->as.lru_node); 808 } 809 810 out_unlock: 811 mutex_unlock(&ptdev->mmu->as.slots_lock); 812 mutex_unlock(&vm->op_lock); 813 814 out_dev_exit: 815 drm_dev_exit(cookie); 816 return ret; 817 } 818 819 /** 820 * panthor_vm_idle() - Flag a VM idle 821 * @vm: VM to flag as idle. 822 * 823 * When we know the GPU is done with the VM (no more jobs to process), 824 * we can relinquish the AS slot attached to this VM, if any. 825 * 826 * We don't release the slot immediately, but instead place the VM in 827 * the LRU list, so it can be evicted if another VM needs an AS slot. 828 * This way, VMs keep attached to the AS they were given until we run 829 * out of free slot, limiting the number of MMU operations (TLB flush 830 * and other AS updates). 831 */ 832 void panthor_vm_idle(struct panthor_vm *vm) 833 { 834 struct panthor_device *ptdev = vm->ptdev; 835 836 if (!refcount_dec_and_mutex_lock(&vm->as.active_cnt, &ptdev->mmu->as.slots_lock)) 837 return; 838 839 if (!drm_WARN_ON(&ptdev->base, vm->as.id == -1 || !list_empty(&vm->as.lru_node))) 840 list_add_tail(&vm->as.lru_node, &ptdev->mmu->as.lru_list); 841 842 refcount_set(&vm->as.active_cnt, 0); 843 mutex_unlock(&ptdev->mmu->as.slots_lock); 844 } 845 846 u32 panthor_vm_page_size(struct panthor_vm *vm) 847 { 848 const struct io_pgtable *pgt = io_pgtable_ops_to_pgtable(vm->pgtbl_ops); 849 u32 pg_shift = ffs(pgt->cfg.pgsize_bitmap) - 1; 850 851 return 1u << pg_shift; 852 } 853 854 static void panthor_vm_stop(struct panthor_vm *vm) 855 { 856 drm_sched_stop(&vm->sched, NULL); 857 } 858 859 static void panthor_vm_start(struct panthor_vm *vm) 860 { 861 drm_sched_start(&vm->sched, 0); 862 } 863 864 /** 865 * panthor_vm_as() - Get the AS slot attached to a VM 866 * @vm: VM to get the AS slot of. 867 * 868 * Return: -1 if the VM is not assigned an AS slot yet, >= 0 otherwise. 869 */ 870 int panthor_vm_as(struct panthor_vm *vm) 871 { 872 return vm->as.id; 873 } 874 875 static size_t get_pgsize(u64 addr, size_t size, size_t *count) 876 { 877 /* 878 * io-pgtable only operates on multiple pages within a single table 879 * entry, so we need to split at boundaries of the table size, i.e. 880 * the next block size up. The distance from address A to the next 881 * boundary of block size B is logically B - A % B, but in unsigned 882 * two's complement where B is a power of two we get the equivalence 883 * B - A % B == (B - A) % B == (n * B - A) % B, and choose n = 0 :) 884 */ 885 size_t blk_offset = -addr % SZ_2M; 886 887 if (blk_offset || size < SZ_2M) { 888 *count = min_not_zero(blk_offset, size) / SZ_4K; 889 return SZ_4K; 890 } 891 blk_offset = -addr % SZ_1G ?: SZ_1G; 892 *count = min(blk_offset, size) / SZ_2M; 893 return SZ_2M; 894 } 895 896 static void panthor_vm_declare_unusable(struct panthor_vm *vm) 897 { 898 struct panthor_device *ptdev = vm->ptdev; 899 int cookie; 900 901 if (vm->unusable) 902 return; 903 904 vm->unusable = true; 905 mutex_lock(&ptdev->mmu->as.slots_lock); 906 if (vm->as.id >= 0 && drm_dev_enter(&ptdev->base, &cookie)) { 907 panthor_mmu_as_disable(ptdev, vm->as.id, false); 908 drm_dev_exit(cookie); 909 } 910 mutex_unlock(&ptdev->mmu->as.slots_lock); 911 } 912 913 static void panthor_vm_unmap_pages(struct panthor_vm *vm, u64 iova, u64 size) 914 { 915 struct panthor_device *ptdev = vm->ptdev; 916 struct io_pgtable_ops *ops = vm->pgtbl_ops; 917 u64 start_iova = iova; 918 u64 offset = 0; 919 920 if (!size) 921 return; 922 923 drm_WARN_ON(&ptdev->base, 924 (iova < vm->locked_region.start) || 925 (iova + size > vm->locked_region.start + vm->locked_region.size)); 926 927 while (offset < size) { 928 size_t unmapped_sz = 0, pgcount; 929 size_t pgsize = get_pgsize(iova + offset, size - offset, &pgcount); 930 931 unmapped_sz = ops->unmap_pages(ops, iova + offset, pgsize, pgcount, NULL); 932 if (drm_WARN_ON_ONCE(&ptdev->base, unmapped_sz != pgsize * pgcount)) { 933 /* Gracefully handle sparsely unmapped regions to avoid leaving 934 * page table pages behind when the drm_gpuvm and VM page table 935 * are out-of-sync. This is not supposed to happen, hence the 936 * above WARN_ON(). 937 */ 938 while (!ops->iova_to_phys(ops, iova + unmapped_sz) && 939 unmapped_sz < pgsize * pgcount) 940 unmapped_sz += SZ_4K; 941 942 /* We're passed the point where we can try to fix things, 943 * so flag the VM unusable to make sure it's not going 944 * to be used anymore. 945 */ 946 panthor_vm_declare_unusable(vm); 947 948 /* If we don't make progress, we're screwed. That also means 949 * something else prevents us from unmapping the region, but 950 * there's not much we can do here: time for debugging. 951 */ 952 if (drm_WARN_ON_ONCE(&ptdev->base, !unmapped_sz)) 953 return; 954 } 955 956 drm_dbg(&ptdev->base, 957 "unmap: as=%d, iova=0x%llx, sz=%llu, va=0x%llx, pgcnt=%zu, pgsz=%zu", 958 vm->as.id, start_iova, size, iova + offset, 959 unmapped_sz / pgsize, pgsize); 960 961 offset += unmapped_sz; 962 } 963 } 964 965 static int 966 panthor_vm_map_pages(struct panthor_vm *vm, u64 iova, int prot, 967 struct sg_table *sgt, u64 offset, u64 size) 968 { 969 struct panthor_device *ptdev = vm->ptdev; 970 unsigned int count; 971 struct scatterlist *sgl; 972 struct io_pgtable_ops *ops = vm->pgtbl_ops; 973 u64 start_iova = iova; 974 u64 start_size = size; 975 int ret; 976 977 if (!size) 978 return 0; 979 980 drm_WARN_ON(&ptdev->base, 981 (iova < vm->locked_region.start) || 982 (iova + size > vm->locked_region.start + vm->locked_region.size)); 983 984 for_each_sgtable_dma_sg(sgt, sgl, count) { 985 dma_addr_t paddr = sg_dma_address(sgl); 986 size_t len = sg_dma_len(sgl); 987 988 if (len <= offset) { 989 offset -= len; 990 continue; 991 } 992 993 paddr += offset; 994 len -= offset; 995 len = min_t(size_t, len, size); 996 size -= len; 997 998 while (len) { 999 size_t pgcount, mapped = 0; 1000 size_t pgsize = get_pgsize(iova | paddr, len, &pgcount); 1001 1002 ret = ops->map_pages(ops, iova, paddr, pgsize, pgcount, prot, 1003 GFP_KERNEL, &mapped); 1004 1005 drm_dbg(&ptdev->base, 1006 "map: as=%d, iova=0x%llx, sz=%llu, va=0x%llx, pa=%pad, pgcnt=%zu, pgsz=%zu", 1007 vm->as.id, start_iova, start_size, iova, &paddr, 1008 mapped / pgsize, pgsize); 1009 1010 iova += mapped; 1011 paddr += mapped; 1012 len -= mapped; 1013 1014 /* If nothing was mapped, consider it an ENOMEM. */ 1015 if (!ret && !mapped) 1016 ret = -ENOMEM; 1017 1018 /* If something fails, we stop there, and flag the VM unusable. */ 1019 if (drm_WARN_ON_ONCE(&ptdev->base, ret)) { 1020 /* Unmap what we've already mapped to avoid leaving page 1021 * table pages behind. 1022 */ 1023 panthor_vm_unmap_pages(vm, start_iova, iova - start_iova); 1024 panthor_vm_declare_unusable(vm); 1025 return ret; 1026 } 1027 } 1028 1029 if (!size) 1030 break; 1031 1032 offset = 0; 1033 } 1034 1035 return 0; 1036 } 1037 1038 static int flags_to_prot(u32 flags) 1039 { 1040 int prot = 0; 1041 1042 if (flags & DRM_PANTHOR_VM_BIND_OP_MAP_NOEXEC) 1043 prot |= IOMMU_NOEXEC; 1044 1045 if (!(flags & DRM_PANTHOR_VM_BIND_OP_MAP_UNCACHED)) 1046 prot |= IOMMU_CACHE; 1047 1048 if (flags & DRM_PANTHOR_VM_BIND_OP_MAP_READONLY) 1049 prot |= IOMMU_READ; 1050 else 1051 prot |= IOMMU_READ | IOMMU_WRITE; 1052 1053 return prot; 1054 } 1055 1056 /** 1057 * panthor_vm_alloc_va() - Allocate a region in the auto-va space 1058 * @vm: VM to allocate a region on. 1059 * @va: start of the VA range. Can be PANTHOR_VM_KERNEL_AUTO_VA if the user 1060 * wants the VA to be automatically allocated from the auto-VA range. 1061 * @size: size of the VA range. 1062 * @va_node: drm_mm_node to initialize. Must be zero-initialized. 1063 * 1064 * Some GPU objects, like heap chunks, are fully managed by the kernel and 1065 * need to be mapped to the userspace VM, in the region reserved for kernel 1066 * objects. 1067 * 1068 * This function takes care of allocating a region in the kernel auto-VA space. 1069 * 1070 * Return: 0 on success, an error code otherwise. 1071 */ 1072 int 1073 panthor_vm_alloc_va(struct panthor_vm *vm, u64 va, u64 size, 1074 struct drm_mm_node *va_node) 1075 { 1076 ssize_t vm_pgsz = panthor_vm_page_size(vm); 1077 int ret; 1078 1079 if (!size || !IS_ALIGNED(size, vm_pgsz)) 1080 return -EINVAL; 1081 1082 if (va != PANTHOR_VM_KERNEL_AUTO_VA && !IS_ALIGNED(va, vm_pgsz)) 1083 return -EINVAL; 1084 1085 mutex_lock(&vm->mm_lock); 1086 if (va != PANTHOR_VM_KERNEL_AUTO_VA) { 1087 va_node->start = va; 1088 va_node->size = size; 1089 ret = drm_mm_reserve_node(&vm->mm, va_node); 1090 } else { 1091 ret = drm_mm_insert_node_in_range(&vm->mm, va_node, size, 1092 size >= SZ_2M ? SZ_2M : SZ_4K, 1093 0, vm->kernel_auto_va.start, 1094 vm->kernel_auto_va.end, 1095 DRM_MM_INSERT_BEST); 1096 } 1097 mutex_unlock(&vm->mm_lock); 1098 1099 return ret; 1100 } 1101 1102 /** 1103 * panthor_vm_free_va() - Free a region allocated with panthor_vm_alloc_va() 1104 * @vm: VM to free the region on. 1105 * @va_node: Memory node representing the region to free. 1106 */ 1107 void panthor_vm_free_va(struct panthor_vm *vm, struct drm_mm_node *va_node) 1108 { 1109 mutex_lock(&vm->mm_lock); 1110 drm_mm_remove_node(va_node); 1111 mutex_unlock(&vm->mm_lock); 1112 } 1113 1114 static void panthor_vm_bo_free(struct drm_gpuvm_bo *vm_bo) 1115 { 1116 struct panthor_gem_object *bo = to_panthor_bo(vm_bo->obj); 1117 1118 /* We couldn't call this when we unlinked, because the resv lock can't 1119 * be taken in the dma signalling path, so call it now. 1120 */ 1121 dma_resv_lock(bo->base.resv, NULL); 1122 mutex_lock(&bo->base.gpuva.lock); 1123 panthor_gem_update_reclaim_state_locked(bo, NULL); 1124 mutex_unlock(&bo->base.gpuva.lock); 1125 dma_resv_unlock(bo->base.resv); 1126 1127 kfree(vm_bo); 1128 } 1129 1130 static void panthor_vm_cleanup_op_ctx(struct panthor_vm_op_ctx *op_ctx, 1131 struct panthor_vm *vm) 1132 { 1133 u32 remaining_pt_count = op_ctx->rsvd_page_tables.count - 1134 op_ctx->rsvd_page_tables.ptr; 1135 u32 op_type = op_ctx->flags & DRM_PANTHOR_VM_BIND_OP_TYPE_MASK; 1136 1137 /* If this is a map operation and no BO is attached, we're being called 1138 * from vm_bo_validate() and we can't acquire the VM lock because it's 1139 * already held. In that case, we just skip the deferred vm_bo cleanup, 1140 * which is fine, because the vm_bo validation is not calling 1141 * drm_gpuvm_bo_put_deferred(). 1142 */ 1143 bool skip_deferred_cleanup = op_type == DRM_PANTHOR_VM_BIND_OP_TYPE_MAP && 1144 !op_ctx->map.bo; 1145 1146 if (remaining_pt_count) { 1147 kmem_cache_free_bulk(pt_cache, remaining_pt_count, 1148 op_ctx->rsvd_page_tables.pages + 1149 op_ctx->rsvd_page_tables.ptr); 1150 } 1151 1152 kfree(op_ctx->rsvd_page_tables.pages); 1153 1154 if (op_ctx->map.vm_bo) 1155 drm_gpuvm_bo_put_deferred(op_ctx->map.vm_bo); 1156 1157 if (op_ctx->map.bo) { 1158 panthor_gem_unpin(op_ctx->map.bo); 1159 drm_gem_object_put(&op_ctx->map.bo->base); 1160 } 1161 1162 for (u32 i = 0; i < ARRAY_SIZE(op_ctx->preallocated_vmas); i++) 1163 kfree(op_ctx->preallocated_vmas[i]); 1164 1165 if (!skip_deferred_cleanup) 1166 drm_gpuvm_bo_deferred_cleanup(&vm->base); 1167 } 1168 1169 static void 1170 panthor_vm_op_ctx_return_vma(struct panthor_vm_op_ctx *op_ctx, 1171 struct panthor_vma *vma) 1172 { 1173 for (u32 i = 0; i < ARRAY_SIZE(op_ctx->preallocated_vmas); i++) { 1174 if (!op_ctx->preallocated_vmas[i]) { 1175 op_ctx->preallocated_vmas[i] = vma; 1176 return; 1177 } 1178 } 1179 1180 WARN_ON_ONCE(1); 1181 } 1182 1183 static struct panthor_vma * 1184 panthor_vm_op_ctx_get_vma(struct panthor_vm_op_ctx *op_ctx) 1185 { 1186 for (u32 i = 0; i < ARRAY_SIZE(op_ctx->preallocated_vmas); i++) { 1187 struct panthor_vma *vma = op_ctx->preallocated_vmas[i]; 1188 1189 if (vma) { 1190 op_ctx->preallocated_vmas[i] = NULL; 1191 return vma; 1192 } 1193 } 1194 1195 return NULL; 1196 } 1197 1198 static int 1199 panthor_vm_op_ctx_prealloc_vmas(struct panthor_vm_op_ctx *op_ctx) 1200 { 1201 u32 vma_count; 1202 1203 switch (op_ctx->flags & DRM_PANTHOR_VM_BIND_OP_TYPE_MASK) { 1204 case DRM_PANTHOR_VM_BIND_OP_TYPE_MAP: 1205 /* One VMA for the new mapping, and two more VMAs for the remap case 1206 * which might contain both a prev and next VA. 1207 */ 1208 vma_count = 3; 1209 break; 1210 1211 case DRM_PANTHOR_VM_BIND_OP_TYPE_UNMAP: 1212 /* Two VMAs can be needed for an unmap, as an unmap can happen 1213 * in the middle of a drm_gpuva, requiring a remap with both 1214 * prev & next VA. Or an unmap can span more than one drm_gpuva 1215 * where the first and last ones are covered partially, requring 1216 * a remap for the first with a prev VA and remap for the last 1217 * with a next VA. 1218 */ 1219 vma_count = 2; 1220 break; 1221 1222 default: 1223 return 0; 1224 } 1225 1226 for (u32 i = 0; i < vma_count; i++) { 1227 struct panthor_vma *vma = kzalloc_obj(*vma); 1228 1229 if (!vma) 1230 return -ENOMEM; 1231 1232 op_ctx->preallocated_vmas[i] = vma; 1233 } 1234 1235 return 0; 1236 } 1237 1238 static void panthor_vm_init_op_ctx(struct panthor_vm_op_ctx *op_ctx, 1239 u64 size, u64 va, u32 flags) 1240 { 1241 memset(op_ctx, 0, sizeof(*op_ctx)); 1242 op_ctx->flags = flags; 1243 op_ctx->va.range = size; 1244 op_ctx->va.addr = va; 1245 } 1246 1247 static int panthor_vm_op_ctx_prealloc_pts(struct panthor_vm_op_ctx *op_ctx) 1248 { 1249 u64 size = op_ctx->va.range; 1250 u64 va = op_ctx->va.addr; 1251 1252 /* L1, L2 and L3 page tables. 1253 * We could optimize L3 allocation by iterating over the sgt and merging 1254 * 2M contiguous blocks, but it's simpler to over-provision and return 1255 * the pages if they're not used. 1256 */ 1257 u64 pt_count = ((ALIGN(va + size, 1ull << 39) - ALIGN_DOWN(va, 1ull << 39)) >> 39) + 1258 ((ALIGN(va + size, 1ull << 30) - ALIGN_DOWN(va, 1ull << 30)) >> 30) + 1259 ((ALIGN(va + size, 1ull << 21) - ALIGN_DOWN(va, 1ull << 21)) >> 21); 1260 1261 op_ctx->rsvd_page_tables.pages = kzalloc_objs(*op_ctx->rsvd_page_tables.pages, 1262 pt_count); 1263 if (!op_ctx->rsvd_page_tables.pages) 1264 return -ENOMEM; 1265 1266 if (!kmem_cache_alloc_bulk(pt_cache, GFP_KERNEL, pt_count, 1267 op_ctx->rsvd_page_tables.pages)) { 1268 op_ctx->rsvd_page_tables.count = 0; 1269 return -ENOMEM; 1270 } 1271 op_ctx->rsvd_page_tables.count = pt_count; 1272 1273 return 0; 1274 } 1275 1276 #define PANTHOR_VM_BIND_OP_MAP_FLAGS \ 1277 (DRM_PANTHOR_VM_BIND_OP_MAP_READONLY | \ 1278 DRM_PANTHOR_VM_BIND_OP_MAP_NOEXEC | \ 1279 DRM_PANTHOR_VM_BIND_OP_MAP_UNCACHED | \ 1280 DRM_PANTHOR_VM_BIND_OP_TYPE_MASK) 1281 1282 static int panthor_vm_prepare_map_op_ctx(struct panthor_vm_op_ctx *op_ctx, 1283 struct panthor_vm *vm, 1284 struct panthor_gem_object *bo, 1285 u64 offset, 1286 u64 size, u64 va, 1287 u32 flags) 1288 { 1289 struct drm_gpuvm_bo *preallocated_vm_bo; 1290 struct sg_table *sgt = NULL; 1291 int ret; 1292 1293 if (!bo) 1294 return -EINVAL; 1295 1296 if ((flags & ~PANTHOR_VM_BIND_OP_MAP_FLAGS) || 1297 (flags & DRM_PANTHOR_VM_BIND_OP_TYPE_MASK) != DRM_PANTHOR_VM_BIND_OP_TYPE_MAP) 1298 return -EINVAL; 1299 1300 /* Make sure the VA and size are in-bounds. */ 1301 if (size > bo->base.size || offset > bo->base.size - size) 1302 return -EINVAL; 1303 1304 /* If the BO has an exclusive VM attached, it can't be mapped to other VMs. */ 1305 if (bo->exclusive_vm_root_gem && 1306 bo->exclusive_vm_root_gem != panthor_vm_root_gem(vm)) 1307 return -EINVAL; 1308 1309 panthor_vm_init_op_ctx(op_ctx, size, va, flags); 1310 1311 ret = panthor_vm_op_ctx_prealloc_vmas(op_ctx); 1312 if (ret) 1313 goto err_cleanup; 1314 1315 /* Pre-reserve the BO pages, so the map operation doesn't have to 1316 * allocate. 1317 */ 1318 ret = panthor_gem_pin(bo); 1319 if (ret) 1320 goto err_cleanup; 1321 1322 drm_gem_object_get(&bo->base); 1323 op_ctx->map.bo = bo; 1324 1325 sgt = panthor_gem_get_dev_sgt(bo); 1326 if (IS_ERR(sgt)) { 1327 ret = PTR_ERR(sgt); 1328 goto err_cleanup; 1329 } 1330 1331 preallocated_vm_bo = drm_gpuvm_bo_create(&vm->base, &bo->base); 1332 if (!preallocated_vm_bo) { 1333 ret = -ENOMEM; 1334 goto err_cleanup; 1335 } 1336 1337 op_ctx->map.vm_bo = drm_gpuvm_bo_obtain_prealloc(preallocated_vm_bo); 1338 op_ctx->map.bo_offset = offset; 1339 1340 ret = panthor_vm_op_ctx_prealloc_pts(op_ctx); 1341 if (ret) 1342 goto err_cleanup; 1343 1344 /* Insert BO into the extobj list last, when we know nothing can fail. */ 1345 if (bo->base.resv != panthor_vm_resv(vm)) { 1346 dma_resv_lock(panthor_vm_resv(vm), NULL); 1347 drm_gpuvm_bo_extobj_add(op_ctx->map.vm_bo); 1348 dma_resv_unlock(panthor_vm_resv(vm)); 1349 } 1350 1351 /* And finally update the BO state. */ 1352 dma_resv_lock(bo->base.resv, NULL); 1353 mutex_lock(&bo->base.gpuva.lock); 1354 panthor_gem_update_reclaim_state_locked(bo, NULL); 1355 mutex_unlock(&bo->base.gpuva.lock); 1356 dma_resv_unlock(bo->base.resv); 1357 1358 return 0; 1359 1360 err_cleanup: 1361 panthor_vm_cleanup_op_ctx(op_ctx, vm); 1362 return ret; 1363 } 1364 1365 static int panthor_vm_prepare_unmap_op_ctx(struct panthor_vm_op_ctx *op_ctx, 1366 struct panthor_vm *vm, 1367 u64 va, u64 size) 1368 { 1369 u32 pt_count = 0; 1370 int ret; 1371 1372 memset(op_ctx, 0, sizeof(*op_ctx)); 1373 op_ctx->va.range = size; 1374 op_ctx->va.addr = va; 1375 op_ctx->flags = DRM_PANTHOR_VM_BIND_OP_TYPE_UNMAP; 1376 1377 /* Pre-allocate L3 page tables to account for the split-2M-block 1378 * situation on unmap. 1379 */ 1380 if (va != ALIGN(va, SZ_2M)) 1381 pt_count++; 1382 1383 if (va + size != ALIGN(va + size, SZ_2M) && 1384 ALIGN(va + size, SZ_2M) != ALIGN(va, SZ_2M)) 1385 pt_count++; 1386 1387 ret = panthor_vm_op_ctx_prealloc_vmas(op_ctx); 1388 if (ret) 1389 goto err_cleanup; 1390 1391 if (pt_count) { 1392 op_ctx->rsvd_page_tables.pages = kzalloc_objs(*op_ctx->rsvd_page_tables.pages, 1393 pt_count); 1394 if (!op_ctx->rsvd_page_tables.pages) { 1395 ret = -ENOMEM; 1396 goto err_cleanup; 1397 } 1398 1399 if (!kmem_cache_alloc_bulk(pt_cache, GFP_KERNEL, pt_count, 1400 op_ctx->rsvd_page_tables.pages)) { 1401 ret = -ENOMEM; 1402 goto err_cleanup; 1403 } 1404 op_ctx->rsvd_page_tables.count = pt_count; 1405 } 1406 1407 return 0; 1408 1409 err_cleanup: 1410 panthor_vm_cleanup_op_ctx(op_ctx, vm); 1411 return ret; 1412 } 1413 1414 static void panthor_vm_prepare_sync_only_op_ctx(struct panthor_vm_op_ctx *op_ctx, 1415 struct panthor_vm *vm) 1416 { 1417 memset(op_ctx, 0, sizeof(*op_ctx)); 1418 op_ctx->flags = DRM_PANTHOR_VM_BIND_OP_TYPE_SYNC_ONLY; 1419 } 1420 1421 /** 1422 * panthor_vm_get_bo_for_va() - Get the GEM object mapped at a virtual address 1423 * @vm: VM to look into. 1424 * @va: Virtual address to search for. 1425 * @bo_offset: Offset of the GEM object mapped at this virtual address. 1426 * Only valid on success. 1427 * 1428 * The object returned by this function might no longer be mapped when the 1429 * function returns. It's the caller responsibility to ensure there's no 1430 * concurrent map/unmap operations making the returned value invalid, or 1431 * make sure it doesn't matter if the object is no longer mapped. 1432 * 1433 * Return: A valid pointer on success, an ERR_PTR() otherwise. 1434 */ 1435 struct panthor_gem_object * 1436 panthor_vm_get_bo_for_va(struct panthor_vm *vm, u64 va, u64 *bo_offset) 1437 { 1438 struct panthor_gem_object *bo = ERR_PTR(-ENOENT); 1439 struct drm_gpuva *gpuva; 1440 struct panthor_vma *vma; 1441 1442 /* Take the VM lock to prevent concurrent map/unmap operations. */ 1443 mutex_lock(&vm->op_lock); 1444 gpuva = drm_gpuva_find_first(&vm->base, va, 1); 1445 vma = gpuva ? container_of(gpuva, struct panthor_vma, base) : NULL; 1446 if (vma && vma->base.gem.obj) { 1447 drm_gem_object_get(vma->base.gem.obj); 1448 bo = to_panthor_bo(vma->base.gem.obj); 1449 *bo_offset = vma->base.gem.offset + (va - vma->base.va.addr); 1450 } 1451 mutex_unlock(&vm->op_lock); 1452 1453 return bo; 1454 } 1455 1456 #define PANTHOR_VM_MIN_KERNEL_VA_SIZE SZ_256M 1457 1458 static u64 1459 panthor_vm_create_get_user_va_range(const struct drm_panthor_vm_create *args, 1460 u64 full_va_range) 1461 { 1462 u64 user_va_range; 1463 1464 /* Make sure we have a minimum amount of VA space for kernel objects. */ 1465 if (full_va_range < PANTHOR_VM_MIN_KERNEL_VA_SIZE) 1466 return 0; 1467 1468 if (args->user_va_range) { 1469 /* Use the user provided value if != 0. */ 1470 user_va_range = args->user_va_range; 1471 } else if (TASK_SIZE_OF(current) < full_va_range) { 1472 /* If the task VM size is smaller than the GPU VA range, pick this 1473 * as our default user VA range, so userspace can CPU/GPU map buffers 1474 * at the same address. 1475 */ 1476 user_va_range = TASK_SIZE_OF(current); 1477 } else { 1478 /* If the GPU VA range is smaller than the task VM size, we 1479 * just have to live with the fact we won't be able to map 1480 * all buffers at the same GPU/CPU address. 1481 * 1482 * If the GPU VA range is bigger than 4G (more than 32-bit of 1483 * VA), we split the range in two, and assign half of it to 1484 * the user and the other half to the kernel, if it's not, we 1485 * keep the kernel VA space as small as possible. 1486 */ 1487 user_va_range = full_va_range > SZ_4G ? 1488 full_va_range / 2 : 1489 full_va_range - PANTHOR_VM_MIN_KERNEL_VA_SIZE; 1490 } 1491 1492 if (full_va_range - PANTHOR_VM_MIN_KERNEL_VA_SIZE < user_va_range) 1493 user_va_range = full_va_range - PANTHOR_VM_MIN_KERNEL_VA_SIZE; 1494 1495 return user_va_range; 1496 } 1497 1498 #define PANTHOR_VM_CREATE_FLAGS 0 1499 1500 static int 1501 panthor_vm_create_check_args(const struct panthor_device *ptdev, 1502 const struct drm_panthor_vm_create *args, 1503 u64 *kernel_va_start, u64 *kernel_va_range) 1504 { 1505 u32 va_bits = GPU_MMU_FEATURES_VA_BITS(ptdev->gpu_info.mmu_features); 1506 u64 full_va_range = 1ull << va_bits; 1507 u64 user_va_range; 1508 1509 if (args->flags & ~PANTHOR_VM_CREATE_FLAGS) 1510 return -EINVAL; 1511 1512 user_va_range = panthor_vm_create_get_user_va_range(args, full_va_range); 1513 if (!user_va_range || (args->user_va_range && args->user_va_range > user_va_range)) 1514 return -EINVAL; 1515 1516 /* Pick a kernel VA range that's a power of two, to have a clear split. */ 1517 *kernel_va_range = rounddown_pow_of_two(full_va_range - user_va_range); 1518 *kernel_va_start = full_va_range - *kernel_va_range; 1519 return 0; 1520 } 1521 1522 /* 1523 * Only 32 VMs per open file. If that becomes a limiting factor, we can 1524 * increase this number. 1525 */ 1526 #define PANTHOR_MAX_VMS_PER_FILE 32 1527 1528 /** 1529 * panthor_vm_pool_create_vm() - Create a VM 1530 * @ptdev: The panthor device 1531 * @pool: The VM to create this VM on. 1532 * @args: VM creation args. 1533 * 1534 * Return: a positive VM ID on success, a negative error code otherwise. 1535 */ 1536 int panthor_vm_pool_create_vm(struct panthor_device *ptdev, 1537 struct panthor_vm_pool *pool, 1538 struct drm_panthor_vm_create *args) 1539 { 1540 u64 kernel_va_start, kernel_va_range; 1541 struct panthor_vm *vm; 1542 int ret; 1543 u32 id; 1544 1545 ret = panthor_vm_create_check_args(ptdev, args, &kernel_va_start, &kernel_va_range); 1546 if (ret) 1547 return ret; 1548 1549 vm = panthor_vm_create(ptdev, false, kernel_va_start, kernel_va_range, 1550 kernel_va_start, kernel_va_range); 1551 if (IS_ERR(vm)) 1552 return PTR_ERR(vm); 1553 1554 ret = xa_alloc(&pool->xa, &id, vm, 1555 XA_LIMIT(1, PANTHOR_MAX_VMS_PER_FILE), GFP_KERNEL); 1556 1557 if (ret) { 1558 panthor_vm_put(vm); 1559 return ret; 1560 } 1561 1562 args->user_va_range = kernel_va_start; 1563 return id; 1564 } 1565 1566 static void panthor_vm_destroy(struct panthor_vm *vm) 1567 { 1568 if (!vm) 1569 return; 1570 1571 vm->destroyed = true; 1572 1573 /* Tell scheduler to stop all GPU work related to this VM */ 1574 if (refcount_read(&vm->as.active_cnt) > 0) 1575 panthor_sched_prepare_for_vm_destruction(vm->ptdev); 1576 1577 mutex_lock(&vm->heaps.lock); 1578 panthor_heap_pool_destroy(vm->heaps.pool); 1579 vm->heaps.pool = NULL; 1580 mutex_unlock(&vm->heaps.lock); 1581 1582 drm_WARN_ON(&vm->ptdev->base, 1583 panthor_vm_unmap_range(vm, vm->base.mm_start, vm->base.mm_range)); 1584 panthor_vm_put(vm); 1585 } 1586 1587 /** 1588 * panthor_vm_pool_destroy_vm() - Destroy a VM. 1589 * @pool: VM pool. 1590 * @handle: VM handle. 1591 * 1592 * This function doesn't free the VM object or its resources, it just kills 1593 * all mappings, and makes sure nothing can be mapped after that point. 1594 * 1595 * If there was any active jobs at the time this function is called, these 1596 * jobs should experience page faults and be killed as a result. 1597 * 1598 * The VM resources are freed when the last reference on the VM object is 1599 * dropped. 1600 * 1601 * Return: %0 for success, negative errno value for failure 1602 */ 1603 int panthor_vm_pool_destroy_vm(struct panthor_vm_pool *pool, u32 handle) 1604 { 1605 struct panthor_vm *vm; 1606 1607 vm = xa_erase(&pool->xa, handle); 1608 1609 panthor_vm_destroy(vm); 1610 1611 return vm ? 0 : -EINVAL; 1612 } 1613 1614 /** 1615 * panthor_vm_pool_get_vm() - Retrieve VM object bound to a VM handle 1616 * @pool: VM pool to check. 1617 * @handle: Handle of the VM to retrieve. 1618 * 1619 * Return: A valid pointer if the VM exists, NULL otherwise. 1620 */ 1621 struct panthor_vm * 1622 panthor_vm_pool_get_vm(struct panthor_vm_pool *pool, u32 handle) 1623 { 1624 struct panthor_vm *vm; 1625 1626 xa_lock(&pool->xa); 1627 vm = panthor_vm_get(xa_load(&pool->xa, handle)); 1628 xa_unlock(&pool->xa); 1629 1630 return vm; 1631 } 1632 1633 /** 1634 * panthor_vm_pool_destroy() - Destroy a VM pool. 1635 * @pfile: File. 1636 * 1637 * Destroy all VMs in the pool, and release the pool resources. 1638 * 1639 * Note that VMs can outlive the pool they were created from if other 1640 * objects hold a reference to there VMs. 1641 */ 1642 void panthor_vm_pool_destroy(struct panthor_file *pfile) 1643 { 1644 struct panthor_vm *vm; 1645 unsigned long i; 1646 1647 if (!pfile->vms) 1648 return; 1649 1650 xa_for_each(&pfile->vms->xa, i, vm) 1651 panthor_vm_destroy(vm); 1652 1653 xa_destroy(&pfile->vms->xa); 1654 kfree(pfile->vms); 1655 } 1656 1657 /** 1658 * panthor_vm_pool_create() - Create a VM pool 1659 * @pfile: File. 1660 * 1661 * Return: 0 on success, a negative error code otherwise. 1662 */ 1663 int panthor_vm_pool_create(struct panthor_file *pfile) 1664 { 1665 pfile->vms = kzalloc_obj(*pfile->vms); 1666 if (!pfile->vms) 1667 return -ENOMEM; 1668 1669 xa_init_flags(&pfile->vms->xa, XA_FLAGS_ALLOC1); 1670 return 0; 1671 } 1672 1673 /* dummy TLB ops, the real TLB flush happens in panthor_vm_flush_range() */ 1674 static void mmu_tlb_flush_all(void *cookie) 1675 { 1676 } 1677 1678 static void mmu_tlb_flush_walk(unsigned long iova, size_t size, size_t granule, void *cookie) 1679 { 1680 } 1681 1682 static const struct iommu_flush_ops mmu_tlb_ops = { 1683 .tlb_flush_all = mmu_tlb_flush_all, 1684 .tlb_flush_walk = mmu_tlb_flush_walk, 1685 }; 1686 1687 static const char *access_type_name(struct panthor_device *ptdev, 1688 u32 fault_status) 1689 { 1690 switch (fault_status & AS_FAULTSTATUS_ACCESS_TYPE_MASK) { 1691 case AS_FAULTSTATUS_ACCESS_TYPE_ATOMIC: 1692 return "ATOMIC"; 1693 case AS_FAULTSTATUS_ACCESS_TYPE_READ: 1694 return "READ"; 1695 case AS_FAULTSTATUS_ACCESS_TYPE_WRITE: 1696 return "WRITE"; 1697 case AS_FAULTSTATUS_ACCESS_TYPE_EX: 1698 return "EXECUTE"; 1699 default: 1700 drm_WARN_ON(&ptdev->base, 1); 1701 return NULL; 1702 } 1703 } 1704 1705 static int panthor_vm_lock_region(struct panthor_vm *vm, u64 start, u64 size) 1706 { 1707 struct panthor_device *ptdev = vm->ptdev; 1708 int ret = 0; 1709 1710 /* sm_step_remap() can call panthor_vm_lock_region() to account for 1711 * the wider unmap needed when doing a partial huge page unamp. We 1712 * need to ignore the lock if it's already part of the locked region. 1713 */ 1714 if (start >= vm->locked_region.start && 1715 start + size <= vm->locked_region.start + vm->locked_region.size) 1716 return 0; 1717 1718 /* sm_step_remap() may need a locked region that isn't a strict superset 1719 * of the original one because of having to extend unmap boundaries beyond 1720 * it to deal with partial unmaps of transparent huge pages. What we want 1721 * in those cases is to lock the union of both regions. The new region must 1722 * always overlap with the original one, because the upper and lower unmap 1723 * boundaries in a remap operation can only shift up or down respectively, 1724 * but never otherwise. 1725 */ 1726 if (vm->locked_region.size) { 1727 u64 end = max(vm->locked_region.start + vm->locked_region.size, 1728 start + size); 1729 1730 drm_WARN_ON_ONCE(&vm->ptdev->base, (start + size <= vm->locked_region.start) || 1731 (start >= vm->locked_region.start + vm->locked_region.size)); 1732 1733 start = min(start, vm->locked_region.start); 1734 size = end - start; 1735 } 1736 1737 mutex_lock(&ptdev->mmu->as.slots_lock); 1738 if (vm->as.id >= 0 && size) { 1739 /* Lock the region that needs to be updated */ 1740 gpu_write64(ptdev->mmu->iomem, AS_LOCKADDR(vm->as.id), 1741 pack_region_range(ptdev, &start, &size)); 1742 1743 /* If the lock succeeded, update the locked_region info. */ 1744 ret = as_send_cmd_and_wait(ptdev, vm->as.id, AS_COMMAND_LOCK); 1745 } 1746 1747 if (!ret) { 1748 vm->locked_region.start = start; 1749 vm->locked_region.size = size; 1750 } 1751 mutex_unlock(&ptdev->mmu->as.slots_lock); 1752 1753 return ret; 1754 } 1755 1756 static void panthor_vm_unlock_region(struct panthor_vm *vm) 1757 { 1758 struct panthor_device *ptdev = vm->ptdev; 1759 1760 mutex_lock(&ptdev->mmu->as.slots_lock); 1761 if (vm->as.id >= 0) { 1762 int ret; 1763 1764 /* flush+invalidate RW caches and invalidate RO ones. 1765 * TODO: See if we can use FLUSH_PA_RANGE when the physical 1766 * range is narrow enough and the HW supports it. 1767 */ 1768 ret = panthor_gpu_flush_caches(ptdev, CACHE_CLEAN | CACHE_INV, 1769 CACHE_CLEAN | CACHE_INV, 1770 CACHE_INV); 1771 1772 /* Unlock the region if the flush is effective. */ 1773 if (!ret) 1774 ret = as_send_cmd_and_wait(ptdev, vm->as.id, AS_COMMAND_UNLOCK); 1775 1776 /* If we fail to flush or unlock the region, schedule a GPU reset 1777 * to unblock the situation. 1778 */ 1779 if (ret) 1780 panthor_device_schedule_reset(ptdev); 1781 } 1782 vm->locked_region.start = 0; 1783 vm->locked_region.size = 0; 1784 mutex_unlock(&ptdev->mmu->as.slots_lock); 1785 } 1786 1787 static void panthor_mmu_irq_handler(struct panthor_device *ptdev, u32 status) 1788 { 1789 struct panthor_mmu *mmu = ptdev->mmu; 1790 bool has_unhandled_faults = false; 1791 1792 status = panthor_mmu_fault_mask(ptdev, status); 1793 while (status) { 1794 u32 as = ffs(status | (status >> 16)) - 1; 1795 u32 mask = panthor_mmu_as_fault_mask(ptdev, as); 1796 u64 addr; 1797 u32 fault_status; 1798 u32 exception_type; 1799 u32 access_type; 1800 u32 source_id; 1801 1802 fault_status = gpu_read(mmu->iomem, AS_FAULTSTATUS(as)); 1803 addr = gpu_read64(mmu->iomem, AS_FAULTADDRESS(as)); 1804 1805 /* decode the fault status */ 1806 exception_type = fault_status & 0xFF; 1807 access_type = (fault_status >> 8) & 0x3; 1808 source_id = (fault_status >> 16); 1809 1810 mutex_lock(&ptdev->mmu->as.slots_lock); 1811 1812 ptdev->mmu->as.faulty_mask |= mask; 1813 1814 /* terminal fault, print info about the fault */ 1815 drm_err(&ptdev->base, 1816 "Unhandled Page fault in AS%d at VA 0x%016llX\n" 1817 "raw fault status: 0x%X\n" 1818 "decoded fault status: %s\n" 1819 "exception type 0x%X: %s\n" 1820 "access type 0x%X: %s\n" 1821 "source id 0x%X\n", 1822 as, addr, 1823 fault_status, 1824 (fault_status & (1 << 10) ? "DECODER FAULT" : "SLAVE FAULT"), 1825 exception_type, panthor_exception_name(ptdev, exception_type), 1826 access_type, access_type_name(ptdev, fault_status), 1827 source_id); 1828 1829 /* We don't handle VM faults at the moment, so let's just clear the 1830 * interrupt and let the writer/reader crash. 1831 * Note that COMPLETED irqs are never cleared, but this is fine 1832 * because they are always masked. 1833 */ 1834 gpu_write(mmu->irq.iomem, INT_CLEAR, mask); 1835 1836 if (ptdev->mmu->as.slots[as].vm) 1837 ptdev->mmu->as.slots[as].vm->unhandled_fault = true; 1838 1839 /* Disable the MMU to kill jobs on this AS. */ 1840 panthor_mmu_as_disable(ptdev, as, false); 1841 mutex_unlock(&ptdev->mmu->as.slots_lock); 1842 1843 status &= ~mask; 1844 has_unhandled_faults = true; 1845 } 1846 1847 if (has_unhandled_faults) 1848 panthor_sched_report_mmu_fault(ptdev); 1849 } 1850 1851 /** 1852 * panthor_mmu_suspend() - Suspend the MMU logic 1853 * @ptdev: Device. 1854 * 1855 * All we do here is de-assign the AS slots on all active VMs, so things 1856 * get flushed to the main memory, and no further access to these VMs are 1857 * possible. 1858 * 1859 * We also suspend the MMU IRQ. 1860 */ 1861 void panthor_mmu_suspend(struct panthor_device *ptdev) 1862 { 1863 mutex_lock(&ptdev->mmu->as.slots_lock); 1864 for (u32 i = 0; i < ARRAY_SIZE(ptdev->mmu->as.slots); i++) { 1865 struct panthor_vm *vm = ptdev->mmu->as.slots[i].vm; 1866 1867 if (vm) { 1868 drm_WARN_ON(&ptdev->base, 1869 panthor_mmu_as_disable(ptdev, i, false)); 1870 panthor_vm_release_as_locked(vm); 1871 } 1872 } 1873 mutex_unlock(&ptdev->mmu->as.slots_lock); 1874 1875 panthor_mmu_irq_suspend(&ptdev->mmu->irq); 1876 } 1877 1878 /** 1879 * panthor_mmu_resume() - Resume the MMU logic 1880 * @ptdev: Device. 1881 * 1882 * Resume the IRQ. 1883 * 1884 * We don't re-enable previously active VMs. We assume other parts of the 1885 * driver will call panthor_vm_active() on the VMs they intend to use. 1886 */ 1887 void panthor_mmu_resume(struct panthor_device *ptdev) 1888 { 1889 mutex_lock(&ptdev->mmu->as.slots_lock); 1890 ptdev->mmu->as.alloc_mask = 0; 1891 ptdev->mmu->as.faulty_mask = 0; 1892 mutex_unlock(&ptdev->mmu->as.slots_lock); 1893 1894 panthor_mmu_irq_resume(&ptdev->mmu->irq); 1895 } 1896 1897 /** 1898 * panthor_mmu_pre_reset() - Prepare for a reset 1899 * @ptdev: Device. 1900 * 1901 * Suspend the IRQ, and make sure all VM_BIND queues are stopped, so we 1902 * don't get asked to do a VM operation while the GPU is down. 1903 * 1904 * We don't cleanly shutdown the AS slots here, because the reset might 1905 * come from an AS_ACTIVE_BIT stuck situation. 1906 */ 1907 void panthor_mmu_pre_reset(struct panthor_device *ptdev) 1908 { 1909 struct panthor_vm *vm; 1910 1911 panthor_mmu_irq_suspend(&ptdev->mmu->irq); 1912 1913 mutex_lock(&ptdev->mmu->vm.lock); 1914 ptdev->mmu->vm.reset_in_progress = true; 1915 list_for_each_entry(vm, &ptdev->mmu->vm.list, node) 1916 panthor_vm_stop(vm); 1917 mutex_unlock(&ptdev->mmu->vm.lock); 1918 } 1919 1920 /** 1921 * panthor_mmu_post_reset() - Restore things after a reset 1922 * @ptdev: Device. 1923 * 1924 * Put the MMU logic back in action after a reset. That implies resuming the 1925 * IRQ and re-enabling the VM_BIND queues. 1926 */ 1927 void panthor_mmu_post_reset(struct panthor_device *ptdev) 1928 { 1929 struct panthor_vm *vm; 1930 1931 mutex_lock(&ptdev->mmu->as.slots_lock); 1932 1933 /* Now that the reset is effective, we can assume that none of the 1934 * AS slots are setup, and clear the faulty flags too. 1935 */ 1936 ptdev->mmu->as.alloc_mask = 0; 1937 ptdev->mmu->as.faulty_mask = 0; 1938 1939 for (u32 i = 0; i < ARRAY_SIZE(ptdev->mmu->as.slots); i++) { 1940 struct panthor_vm *vm = ptdev->mmu->as.slots[i].vm; 1941 1942 if (vm) 1943 panthor_vm_release_as_locked(vm); 1944 } 1945 1946 mutex_unlock(&ptdev->mmu->as.slots_lock); 1947 1948 panthor_mmu_irq_resume(&ptdev->mmu->irq); 1949 1950 /* Restart the VM_BIND queues. */ 1951 mutex_lock(&ptdev->mmu->vm.lock); 1952 list_for_each_entry(vm, &ptdev->mmu->vm.list, node) { 1953 panthor_vm_start(vm); 1954 } 1955 ptdev->mmu->vm.reset_in_progress = false; 1956 mutex_unlock(&ptdev->mmu->vm.lock); 1957 } 1958 1959 static void panthor_vm_free(struct drm_gpuvm *gpuvm) 1960 { 1961 struct panthor_vm *vm = container_of(gpuvm, struct panthor_vm, base); 1962 struct panthor_device *ptdev = vm->ptdev; 1963 1964 mutex_lock(&ptdev->base.gem_lru_mutex); 1965 list_del_init(&vm->reclaim.lru_node); 1966 mutex_unlock(&ptdev->base.gem_lru_mutex); 1967 1968 mutex_lock(&vm->heaps.lock); 1969 if (drm_WARN_ON(&ptdev->base, vm->heaps.pool)) 1970 panthor_heap_pool_destroy(vm->heaps.pool); 1971 mutex_unlock(&vm->heaps.lock); 1972 mutex_destroy(&vm->heaps.lock); 1973 1974 mutex_lock(&ptdev->mmu->vm.lock); 1975 list_del(&vm->node); 1976 /* Restore the scheduler state so we can call drm_sched_entity_destroy() 1977 * and drm_sched_fini(). If get there, that means we have no job left 1978 * and no new jobs can be queued, so we can start the scheduler without 1979 * risking interfering with the reset. 1980 */ 1981 if (ptdev->mmu->vm.reset_in_progress) 1982 panthor_vm_start(vm); 1983 mutex_unlock(&ptdev->mmu->vm.lock); 1984 1985 drm_sched_entity_destroy(&vm->entity); 1986 drm_sched_fini(&vm->sched); 1987 1988 mutex_lock(&vm->op_lock); 1989 mutex_lock(&ptdev->mmu->as.slots_lock); 1990 if (vm->as.id >= 0) { 1991 int cookie; 1992 1993 if (drm_dev_enter(&ptdev->base, &cookie)) { 1994 panthor_mmu_as_disable(ptdev, vm->as.id, false); 1995 drm_dev_exit(cookie); 1996 } 1997 1998 ptdev->mmu->as.slots[vm->as.id].vm = NULL; 1999 clear_bit(vm->as.id, &ptdev->mmu->as.alloc_mask); 2000 list_del(&vm->as.lru_node); 2001 } 2002 mutex_unlock(&ptdev->mmu->as.slots_lock); 2003 mutex_unlock(&vm->op_lock); 2004 2005 free_io_pgtable_ops(vm->pgtbl_ops); 2006 2007 drm_mm_takedown(&vm->mm); 2008 kfree(vm); 2009 } 2010 2011 /** 2012 * panthor_vm_put() - Release a reference on a VM 2013 * @vm: VM to release the reference on. Can be NULL. 2014 */ 2015 void panthor_vm_put(struct panthor_vm *vm) 2016 { 2017 drm_gpuvm_put(vm ? &vm->base : NULL); 2018 } 2019 2020 /** 2021 * panthor_vm_get() - Get a VM reference 2022 * @vm: VM to get the reference on. Can be NULL. 2023 * 2024 * Return: @vm value. 2025 */ 2026 struct panthor_vm *panthor_vm_get(struct panthor_vm *vm) 2027 { 2028 if (vm) 2029 drm_gpuvm_get(&vm->base); 2030 2031 return vm; 2032 } 2033 2034 /** 2035 * panthor_vm_get_heap_pool() - Get the heap pool attached to a VM 2036 * @vm: VM to query the heap pool on. 2037 * @create: True if the heap pool should be created when it doesn't exist. 2038 * 2039 * Heap pools are per-VM. This function allows one to retrieve the heap pool 2040 * attached to a VM. 2041 * 2042 * If no heap pool exists yet, and @create is true, we create one. 2043 * 2044 * The returned panthor_heap_pool should be released with panthor_heap_pool_put(). 2045 * 2046 * Return: A valid pointer on success, an ERR_PTR() otherwise. 2047 */ 2048 struct panthor_heap_pool *panthor_vm_get_heap_pool(struct panthor_vm *vm, bool create) 2049 { 2050 struct panthor_heap_pool *pool; 2051 2052 mutex_lock(&vm->heaps.lock); 2053 if (!vm->heaps.pool && create) { 2054 if (vm->destroyed) 2055 pool = ERR_PTR(-EINVAL); 2056 else 2057 pool = panthor_heap_pool_create(vm->ptdev, vm); 2058 2059 if (!IS_ERR(pool)) 2060 vm->heaps.pool = panthor_heap_pool_get(pool); 2061 } else { 2062 pool = panthor_heap_pool_get(vm->heaps.pool); 2063 if (!pool) 2064 pool = ERR_PTR(-ENOENT); 2065 } 2066 mutex_unlock(&vm->heaps.lock); 2067 2068 return pool; 2069 } 2070 2071 /** 2072 * panthor_vm_heaps_sizes() - Calculate size of all heap chunks across all 2073 * heaps over all the heap pools in a VM 2074 * @pfile: File. 2075 * @stats: Memory stats to be updated. 2076 * 2077 * Calculate all heap chunk sizes in all heap pools bound to a VM. If the VM 2078 * is active, record the size as active as well. 2079 */ 2080 void panthor_vm_heaps_sizes(struct panthor_file *pfile, struct drm_memory_stats *stats) 2081 { 2082 struct panthor_vm *vm; 2083 unsigned long i; 2084 2085 if (!pfile->vms) 2086 return; 2087 2088 xa_lock(&pfile->vms->xa); 2089 xa_for_each(&pfile->vms->xa, i, vm) { 2090 size_t size = panthor_heap_pool_size(vm->heaps.pool); 2091 stats->resident += size; 2092 if (vm->as.id >= 0) 2093 stats->active += size; 2094 } 2095 xa_unlock(&pfile->vms->xa); 2096 } 2097 2098 static u64 mair_to_memattr(u64 mair, bool coherent) 2099 { 2100 u64 memattr = 0; 2101 u32 i; 2102 2103 for (i = 0; i < 8; i++) { 2104 u8 in_attr = mair >> (8 * i), out_attr; 2105 u8 outer = in_attr >> 4, inner = in_attr & 0xf; 2106 2107 /* For caching to be enabled, inner and outer caching policy 2108 * have to be both write-back, if one of them is write-through 2109 * or non-cacheable, we just choose non-cacheable. Device 2110 * memory is also translated to non-cacheable. 2111 */ 2112 if (!(outer & 3) || !(outer & 4) || !(inner & 4)) { 2113 out_attr = AS_MEMATTR_AARCH64_INNER_OUTER_NC | 2114 AS_MEMATTR_AARCH64_SH_MIDGARD_INNER | 2115 AS_MEMATTR_AARCH64_INNER_ALLOC_EXPL(false, false); 2116 } else { 2117 out_attr = AS_MEMATTR_AARCH64_INNER_OUTER_WB | 2118 AS_MEMATTR_AARCH64_INNER_ALLOC_EXPL(inner & 1, inner & 2); 2119 /* Use SH_MIDGARD_INNER mode when device isn't coherent, 2120 * so SH_IS, which is used when IOMMU_CACHE is set, maps 2121 * to Mali's internal-shareable mode. As per the Mali 2122 * Spec, inner and outer-shareable modes aren't allowed 2123 * for WB memory when coherency is disabled. 2124 * Use SH_CPU_INNER mode when coherency is enabled, so 2125 * that SH_IS actually maps to the standard definition of 2126 * inner-shareable. 2127 */ 2128 if (!coherent) 2129 out_attr |= AS_MEMATTR_AARCH64_SH_MIDGARD_INNER; 2130 else 2131 out_attr |= AS_MEMATTR_AARCH64_SH_CPU_INNER; 2132 } 2133 2134 memattr |= (u64)out_attr << (8 * i); 2135 } 2136 2137 return memattr; 2138 } 2139 2140 static void panthor_vma_link(struct panthor_vm *vm, 2141 struct panthor_vma *vma, 2142 struct drm_gpuvm_bo *vm_bo) 2143 { 2144 struct panthor_gem_object *bo = to_panthor_bo(vma->base.gem.obj); 2145 2146 mutex_lock(&bo->base.gpuva.lock); 2147 drm_gpuva_link(&vma->base, vm_bo); 2148 mutex_unlock(&bo->base.gpuva.lock); 2149 } 2150 2151 static void panthor_vma_unlink(struct panthor_vma *vma) 2152 { 2153 drm_gpuva_unlink_defer(&vma->base); 2154 kfree(vma); 2155 } 2156 2157 static void panthor_vma_init(struct panthor_vma *vma, u32 flags) 2158 { 2159 INIT_LIST_HEAD(&vma->node); 2160 vma->flags = flags; 2161 } 2162 2163 #define PANTHOR_VM_MAP_FLAGS \ 2164 (DRM_PANTHOR_VM_BIND_OP_MAP_READONLY | \ 2165 DRM_PANTHOR_VM_BIND_OP_MAP_NOEXEC | \ 2166 DRM_PANTHOR_VM_BIND_OP_MAP_UNCACHED) 2167 2168 static int panthor_gpuva_sm_step_map(struct drm_gpuva_op *op, void *priv) 2169 { 2170 struct panthor_vm *vm = priv; 2171 struct panthor_vm_op_ctx *op_ctx = vm->op_ctx; 2172 struct panthor_vma *vma = panthor_vm_op_ctx_get_vma(op_ctx); 2173 int ret; 2174 2175 if (!vma) 2176 return -EINVAL; 2177 2178 panthor_vma_init(vma, op_ctx->flags & PANTHOR_VM_MAP_FLAGS); 2179 2180 ret = panthor_vm_map_pages(vm, op->map.va.addr, flags_to_prot(vma->flags), 2181 op_ctx->map.bo->dmap.sgt, op->map.gem.offset, 2182 op->map.va.range); 2183 if (ret) { 2184 panthor_vm_op_ctx_return_vma(op_ctx, vma); 2185 return ret; 2186 } 2187 2188 drm_gpuva_map(&vm->base, &vma->base, &op->map); 2189 panthor_vma_link(vm, vma, op_ctx->map.vm_bo); 2190 2191 drm_gpuvm_bo_put_deferred(op_ctx->map.vm_bo); 2192 op_ctx->map.vm_bo = NULL; 2193 2194 return 0; 2195 } 2196 2197 static bool 2198 iova_mapped_as_huge_page(struct drm_gpuva_op_map *op, u64 addr) 2199 { 2200 struct panthor_gem_object *bo = to_panthor_bo(op->gem.obj); 2201 const struct page *pg; 2202 pgoff_t bo_offset; 2203 2204 bo_offset = addr - op->va.addr + op->gem.offset; 2205 pg = bo->backing.pages[bo_offset >> PAGE_SHIFT]; 2206 2207 return folio_size(page_folio(pg)) >= SZ_2M; 2208 } 2209 2210 static void 2211 unmap_hugepage_align(const struct drm_gpuva_op_remap *op, 2212 u64 *unmap_start, u64 *unmap_range) 2213 { 2214 u64 aligned_unmap_start, aligned_unmap_end, unmap_end; 2215 2216 unmap_end = *unmap_start + *unmap_range; 2217 aligned_unmap_start = ALIGN_DOWN(*unmap_start, SZ_2M); 2218 aligned_unmap_end = ALIGN(unmap_end, SZ_2M); 2219 2220 /* If we're dealing with a huge page, make sure the unmap region is 2221 * aligned on the start of the page. 2222 */ 2223 if (op->prev && aligned_unmap_start < *unmap_start && 2224 op->prev->va.addr <= aligned_unmap_start && 2225 iova_mapped_as_huge_page(op->prev, *unmap_start)) { 2226 *unmap_range += *unmap_start - aligned_unmap_start; 2227 *unmap_start = aligned_unmap_start; 2228 } 2229 2230 /* If we're dealing with a huge page, make sure the unmap region is 2231 * aligned on the end of the page. 2232 */ 2233 if (op->next && aligned_unmap_end > unmap_end && 2234 op->next->va.addr + op->next->va.range >= aligned_unmap_end && 2235 iova_mapped_as_huge_page(op->next, unmap_end - 1)) { 2236 *unmap_range += aligned_unmap_end - unmap_end; 2237 } 2238 } 2239 2240 static int panthor_gpuva_sm_step_remap(struct drm_gpuva_op *op, 2241 void *priv) 2242 { 2243 struct panthor_vma *unmap_vma = container_of(op->remap.unmap->va, struct panthor_vma, base); 2244 struct panthor_vm *vm = priv; 2245 struct panthor_vm_op_ctx *op_ctx = vm->op_ctx; 2246 struct panthor_vma *prev_vma = NULL, *next_vma = NULL; 2247 u64 unmap_start, unmap_range; 2248 int ret; 2249 2250 drm_gpuva_op_remap_to_unmap_range(&op->remap, &unmap_start, &unmap_range); 2251 2252 /* 2253 * ARM IOMMU page table management code disallows partial unmaps of huge pages, 2254 * so when a partial unmap is requested, we must first unmap the entire huge 2255 * page and then remap the difference between the huge page minus the requested 2256 * unmap region. Calculating the right start address and range for the expanded 2257 * unmap operation is the responsibility of the following function. 2258 */ 2259 unmap_hugepage_align(&op->remap, &unmap_start, &unmap_range); 2260 2261 /* If the range changed, we might have to lock a wider region to guarantee 2262 * atomicity. panthor_vm_lock_region() bails out early if the new region 2263 * is already part of the locked region, so no need to do this check here. 2264 */ 2265 if (!unmap_vma->evicted) { 2266 panthor_vm_lock_region(vm, unmap_start, unmap_range); 2267 panthor_vm_unmap_pages(vm, unmap_start, unmap_range); 2268 } 2269 2270 if (op->remap.prev) { 2271 struct panthor_gem_object *bo = to_panthor_bo(op->remap.prev->gem.obj); 2272 u64 offset = op->remap.prev->gem.offset + unmap_start - op->remap.prev->va.addr; 2273 u64 size = op->remap.prev->va.addr + op->remap.prev->va.range - unmap_start; 2274 2275 if (!unmap_vma->evicted) { 2276 ret = panthor_vm_map_pages(vm, unmap_start, 2277 flags_to_prot(unmap_vma->flags), 2278 bo->dmap.sgt, offset, size); 2279 if (ret) 2280 return ret; 2281 } 2282 2283 prev_vma = panthor_vm_op_ctx_get_vma(op_ctx); 2284 panthor_vma_init(prev_vma, unmap_vma->flags); 2285 prev_vma->evicted = unmap_vma->evicted; 2286 } 2287 2288 if (op->remap.next) { 2289 struct panthor_gem_object *bo = to_panthor_bo(op->remap.next->gem.obj); 2290 u64 addr = op->remap.next->va.addr; 2291 u64 size = unmap_start + unmap_range - op->remap.next->va.addr; 2292 2293 if (!unmap_vma->evicted) { 2294 ret = panthor_vm_map_pages(vm, addr, flags_to_prot(unmap_vma->flags), 2295 bo->dmap.sgt, op->remap.next->gem.offset, 2296 size); 2297 if (ret) 2298 return ret; 2299 } 2300 2301 next_vma = panthor_vm_op_ctx_get_vma(op_ctx); 2302 panthor_vma_init(next_vma, unmap_vma->flags); 2303 next_vma->evicted = unmap_vma->evicted; 2304 } 2305 2306 drm_gpuva_remap(prev_vma ? &prev_vma->base : NULL, 2307 next_vma ? &next_vma->base : NULL, 2308 &op->remap); 2309 2310 if (prev_vma) { 2311 /* panthor_vma_link() transfers the vm_bo ownership to 2312 * the VMA object. Since the vm_bo we're passing is still 2313 * owned by the old mapping which will be released when this 2314 * mapping is destroyed, we need to grab a ref here. 2315 */ 2316 panthor_vma_link(vm, prev_vma, op->remap.unmap->va->vm_bo); 2317 } 2318 2319 if (next_vma) { 2320 panthor_vma_link(vm, next_vma, op->remap.unmap->va->vm_bo); 2321 } 2322 2323 panthor_vma_unlink(unmap_vma); 2324 return 0; 2325 } 2326 2327 static int panthor_gpuva_sm_step_unmap(struct drm_gpuva_op *op, 2328 void *priv) 2329 { 2330 struct panthor_vma *unmap_vma = container_of(op->unmap.va, struct panthor_vma, base); 2331 struct panthor_vm *vm = priv; 2332 2333 if (!unmap_vma->evicted) { 2334 panthor_vm_unmap_pages(vm, unmap_vma->base.va.addr, 2335 unmap_vma->base.va.range); 2336 } 2337 2338 drm_gpuva_unmap(&op->unmap); 2339 panthor_vma_unlink(unmap_vma); 2340 return 0; 2341 } 2342 2343 void panthor_vm_update_bo_reclaim_lru_locked(struct panthor_gem_object *bo) 2344 { 2345 struct panthor_device *ptdev = container_of(bo->base.dev, struct panthor_device, base); 2346 struct panthor_vm *vm = NULL; 2347 struct drm_gpuvm_bo *vm_bo; 2348 2349 dma_resv_assert_held(bo->base.resv); 2350 lockdep_assert_held(&bo->base.gpuva.lock); 2351 2352 drm_gem_for_each_gpuvm_bo(vm_bo, &bo->base) { 2353 if (vm_bo->evicted) 2354 continue; 2355 2356 /* We're only supposed to have one non-evicted vm_bo in the list if we get 2357 * there. 2358 */ 2359 drm_WARN_ON(&ptdev->base, vm); 2360 vm = container_of(vm_bo->vm, struct panthor_vm, base); 2361 2362 mutex_lock(&ptdev->base.gem_lru_mutex); 2363 drm_gem_lru_move_tail_locked(&vm->reclaim.lru, &bo->base); 2364 if (list_empty(&vm->reclaim.lru_node)) 2365 list_move(&vm->reclaim.lru_node, &ptdev->reclaim.vms); 2366 mutex_unlock(&ptdev->base.gem_lru_mutex); 2367 } 2368 } 2369 2370 int panthor_vm_evict_bo_mappings_locked(struct panthor_gem_object *bo) 2371 { 2372 struct drm_gpuvm_bo *vm_bo; 2373 int ret = 0; 2374 2375 drm_gem_for_each_gpuvm_bo(vm_bo, &bo->base) { 2376 struct panthor_vm *vm = container_of(vm_bo->vm, struct panthor_vm, base); 2377 struct drm_gpuva *va; 2378 2379 if (!mutex_trylock(&vm->op_lock)) 2380 return -EDEADLK; 2381 2382 /* It can be that the vm_bo was already evicted but a new 2383 * mapping pointing to this BO got created in the meantime, 2384 * thus turning the vm_bo in partially evicted state. In that case 2385 * we don't call drm_gpuvm_bo_evict() again because this would 2386 * mess up with the internal gpuvm lists, but we do walk the 2387 * VAs on this vm_bo to make sure the non-evicted ones are 2388 * torn down. 2389 */ 2390 if (!vm_bo->evicted) 2391 drm_gpuvm_bo_evict(vm_bo, true); 2392 2393 drm_gpuvm_bo_for_each_va(va, vm_bo) { 2394 struct panthor_vma *vma = container_of(va, struct panthor_vma, base); 2395 2396 if (vma->evicted) 2397 continue; 2398 2399 /* If something fail in the middle of a VM_BO eviction, the VM_BO 2400 * is considered fully evicted, but some of its VMAs might still be 2401 * active. That's okay because the pages won't be released if this 2402 * function returns an error. 2403 * 2404 * On the next job targeting this VM, the partially evicted VM_BO 2405 * will be validated, causing all its evicted VMAs to be repopulated 2406 * before the job runs. So no GPU fault expected. 2407 */ 2408 ret = panthor_vm_lock_region(vm, va->va.addr, va->va.range); 2409 if (ret) 2410 break; 2411 2412 panthor_vm_unmap_pages(vm, va->va.addr, va->va.range); 2413 panthor_vm_unlock_region(vm); 2414 vma->evicted = true; 2415 } 2416 2417 mutex_unlock(&vm->op_lock); 2418 2419 if (ret) 2420 break; 2421 } 2422 2423 return ret; 2424 } 2425 2426 static struct panthor_vma *select_evicted_vma(struct drm_gpuvm_bo *vm_bo, 2427 struct panthor_vm_op_ctx *op_ctx) 2428 { 2429 struct panthor_vm *vm = container_of(vm_bo->vm, struct panthor_vm, base); 2430 struct panthor_vma *first_evicted_vma = NULL; 2431 struct drm_gpuva *va; 2432 2433 /* Take op_lock to protect against va insertion/removal. */ 2434 mutex_lock(&vm->op_lock); 2435 drm_gpuvm_bo_for_each_va(va, vm_bo) { 2436 struct panthor_vma *vma = container_of(va, struct panthor_vma, base); 2437 2438 if (vma->evicted) { 2439 first_evicted_vma = vma; 2440 panthor_vm_init_op_ctx(op_ctx, va->va.range, va->va.addr, vma->flags); 2441 op_ctx->map.bo_offset = va->gem.offset; 2442 break; 2443 } 2444 } 2445 mutex_unlock(&vm->op_lock); 2446 2447 return first_evicted_vma; 2448 } 2449 2450 static int remap_evicted_vma(struct drm_gpuvm_bo *vm_bo, 2451 struct panthor_vma *evicted_vma, 2452 struct panthor_vm_op_ctx *op_ctx) 2453 { 2454 struct panthor_vm *vm = container_of(vm_bo->vm, struct panthor_vm, base); 2455 struct panthor_gem_object *bo = to_panthor_bo(vm_bo->obj); 2456 struct drm_gpuva *va; 2457 bool found = false; 2458 int ret; 2459 2460 ret = panthor_vm_op_ctx_prealloc_pts(op_ctx); 2461 if (ret) 2462 goto out_cleanup; 2463 2464 /* Take op_lock to protect against va insertion/removal. Note that the 2465 * evicted_vma selection was done with the same lock held, but we had 2466 * to release it so we can allocate PTs, because this very same lock 2467 * is taken in a DMA-signalling path. 2468 */ 2469 mutex_lock(&vm->op_lock); 2470 drm_gpuvm_bo_for_each_va(va, vm_bo) { 2471 struct panthor_vma *vma = container_of(va, struct panthor_vma, base); 2472 2473 if (vma != evicted_vma) 2474 continue; 2475 2476 /* Because we had to release the lock between the evicted_vma selection 2477 * and its repopulation, we can't rely solely on pointer equality (the 2478 * VMA might have been freed and a new one allocated at the same address). 2479 * If the evicted bit is still set, we're sure it's our VMA, because 2480 * population/eviction is serialized with the BO resv lock. 2481 */ 2482 if (vma->evicted) 2483 found = true; 2484 2485 break; 2486 } 2487 2488 if (found) { 2489 vm->op_ctx = op_ctx; 2490 ret = panthor_vm_lock_region(vm, evicted_vma->base.va.addr, 2491 evicted_vma->base.va.range); 2492 if (!ret) { 2493 ret = panthor_vm_map_pages(vm, evicted_vma->base.va.addr, 2494 flags_to_prot(evicted_vma->flags), 2495 bo->dmap.sgt, 2496 evicted_vma->base.gem.offset, 2497 evicted_vma->base.va.range); 2498 if (!ret) 2499 evicted_vma->evicted = false; 2500 2501 panthor_vm_unlock_region(vm); 2502 } 2503 2504 vm->op_ctx = NULL; 2505 } 2506 2507 mutex_unlock(&vm->op_lock); 2508 2509 out_cleanup: 2510 panthor_vm_cleanup_op_ctx(op_ctx, vm); 2511 return ret; 2512 } 2513 2514 static int panthor_vm_restore_vmas(struct drm_gpuvm_bo *vm_bo) 2515 { 2516 struct panthor_vm *vm = container_of(vm_bo->vm, struct panthor_vm, base); 2517 struct panthor_gem_object *bo = to_panthor_bo(vm_bo->obj); 2518 struct panthor_vm_op_ctx op_ctx; 2519 2520 if (drm_WARN_ON_ONCE(&vm->ptdev->base, !bo->dmap.sgt)) 2521 return -EINVAL; 2522 2523 for (struct panthor_vma *vma = select_evicted_vma(vm_bo, &op_ctx); 2524 vma; vma = select_evicted_vma(vm_bo, &op_ctx)) { 2525 int ret; 2526 2527 ret = remap_evicted_vma(vm_bo, vma, &op_ctx); 2528 if (ret) 2529 return ret; 2530 } 2531 2532 return 0; 2533 } 2534 2535 static int panthor_vm_bo_validate(struct drm_gpuvm_bo *vm_bo, 2536 struct drm_exec *exec) 2537 { 2538 struct panthor_gem_object *bo = to_panthor_bo(vm_bo->obj); 2539 int ret; 2540 2541 ret = panthor_gem_swapin_locked(bo); 2542 if (ret) 2543 return ret; 2544 2545 ret = panthor_vm_restore_vmas(vm_bo); 2546 if (ret) 2547 return ret; 2548 2549 drm_gpuvm_bo_evict(vm_bo, false); 2550 mutex_lock(&bo->base.gpuva.lock); 2551 panthor_gem_update_reclaim_state_locked(bo, NULL); 2552 mutex_unlock(&bo->base.gpuva.lock); 2553 return 0; 2554 } 2555 2556 static const struct drm_gpuvm_ops panthor_gpuvm_ops = { 2557 .vm_free = panthor_vm_free, 2558 .vm_bo_free = panthor_vm_bo_free, 2559 .sm_step_map = panthor_gpuva_sm_step_map, 2560 .sm_step_remap = panthor_gpuva_sm_step_remap, 2561 .sm_step_unmap = panthor_gpuva_sm_step_unmap, 2562 .vm_bo_validate = panthor_vm_bo_validate, 2563 }; 2564 2565 /** 2566 * panthor_vm_resv() - Get the dma_resv object attached to a VM. 2567 * @vm: VM to get the dma_resv of. 2568 * 2569 * Return: A dma_resv object. 2570 */ 2571 struct dma_resv *panthor_vm_resv(struct panthor_vm *vm) 2572 { 2573 return drm_gpuvm_resv(&vm->base); 2574 } 2575 2576 struct drm_gem_object *panthor_vm_root_gem(struct panthor_vm *vm) 2577 { 2578 if (!vm) 2579 return NULL; 2580 2581 return vm->base.r_obj; 2582 } 2583 2584 static int 2585 panthor_vm_exec_op(struct panthor_vm *vm, struct panthor_vm_op_ctx *op, 2586 bool flag_vm_unusable_on_failure) 2587 { 2588 u32 op_type = op->flags & DRM_PANTHOR_VM_BIND_OP_TYPE_MASK; 2589 int ret; 2590 2591 if (op_type == DRM_PANTHOR_VM_BIND_OP_TYPE_SYNC_ONLY) 2592 return 0; 2593 2594 mutex_lock(&vm->op_lock); 2595 vm->op_ctx = op; 2596 2597 ret = panthor_vm_lock_region(vm, op->va.addr, op->va.range); 2598 if (ret) 2599 goto out; 2600 2601 switch (op_type) { 2602 case DRM_PANTHOR_VM_BIND_OP_TYPE_MAP: { 2603 const struct drm_gpuvm_map_req map_req = { 2604 .map.va.addr = op->va.addr, 2605 .map.va.range = op->va.range, 2606 .map.gem.obj = op->map.vm_bo->obj, 2607 .map.gem.offset = op->map.bo_offset, 2608 }; 2609 2610 if (vm->unusable) { 2611 ret = -EINVAL; 2612 break; 2613 } 2614 2615 ret = drm_gpuvm_sm_map(&vm->base, vm, &map_req); 2616 break; 2617 } 2618 2619 case DRM_PANTHOR_VM_BIND_OP_TYPE_UNMAP: 2620 ret = drm_gpuvm_sm_unmap(&vm->base, vm, op->va.addr, op->va.range); 2621 break; 2622 2623 default: 2624 ret = -EINVAL; 2625 break; 2626 } 2627 2628 panthor_vm_unlock_region(vm); 2629 2630 out: 2631 if (ret && flag_vm_unusable_on_failure) 2632 panthor_vm_declare_unusable(vm); 2633 2634 vm->op_ctx = NULL; 2635 mutex_unlock(&vm->op_lock); 2636 2637 return ret; 2638 } 2639 2640 static struct dma_fence * 2641 panthor_vm_bind_run_job(struct drm_sched_job *sched_job) 2642 { 2643 struct panthor_vm_bind_job *job = container_of(sched_job, struct panthor_vm_bind_job, base); 2644 bool cookie; 2645 int ret; 2646 2647 /* Not only we report an error whose result is propagated to the 2648 * drm_sched finished fence, but we also flag the VM as unusable, because 2649 * a failure in the async VM_BIND results in an inconsistent state. VM needs 2650 * to be destroyed and recreated. 2651 */ 2652 cookie = dma_fence_begin_signalling(); 2653 ret = panthor_vm_exec_op(job->vm, &job->ctx, true); 2654 dma_fence_end_signalling(cookie); 2655 2656 return ret ? ERR_PTR(ret) : NULL; 2657 } 2658 2659 static void panthor_vm_bind_job_release(struct kref *kref) 2660 { 2661 struct panthor_vm_bind_job *job = container_of(kref, struct panthor_vm_bind_job, refcount); 2662 2663 if (job->base.s_fence) 2664 drm_sched_job_cleanup(&job->base); 2665 2666 panthor_vm_cleanup_op_ctx(&job->ctx, job->vm); 2667 panthor_vm_put(job->vm); 2668 kfree(job); 2669 } 2670 2671 /** 2672 * panthor_vm_bind_job_put() - Release a VM_BIND job reference 2673 * @sched_job: Job to release the reference on. 2674 */ 2675 void panthor_vm_bind_job_put(struct drm_sched_job *sched_job) 2676 { 2677 struct panthor_vm_bind_job *job = 2678 container_of(sched_job, struct panthor_vm_bind_job, base); 2679 2680 if (sched_job) 2681 kref_put(&job->refcount, panthor_vm_bind_job_release); 2682 } 2683 2684 static void 2685 panthor_vm_bind_free_job(struct drm_sched_job *sched_job) 2686 { 2687 struct panthor_vm_bind_job *job = 2688 container_of(sched_job, struct panthor_vm_bind_job, base); 2689 2690 drm_sched_job_cleanup(sched_job); 2691 2692 /* Do the heavy cleanups asynchronously, so we're out of the 2693 * dma-signaling path and can acquire dma-resv locks safely. 2694 */ 2695 queue_work(panthor_cleanup_wq, &job->cleanup_op_ctx_work); 2696 } 2697 2698 static enum drm_gpu_sched_stat 2699 panthor_vm_bind_timedout_job(struct drm_sched_job *sched_job) 2700 { 2701 WARN(1, "VM_BIND ops are synchronous for now, there should be no timeout!"); 2702 return DRM_GPU_SCHED_STAT_RESET; 2703 } 2704 2705 static const struct drm_sched_backend_ops panthor_vm_bind_ops = { 2706 .run_job = panthor_vm_bind_run_job, 2707 .free_job = panthor_vm_bind_free_job, 2708 .timedout_job = panthor_vm_bind_timedout_job, 2709 }; 2710 2711 /** 2712 * panthor_vm_create() - Create a VM 2713 * @ptdev: Device. 2714 * @for_mcu: True if this is the FW MCU VM. 2715 * @kernel_va_start: Start of the range reserved for kernel BO mapping. 2716 * @kernel_va_size: Size of the range reserved for kernel BO mapping. 2717 * @auto_kernel_va_start: Start of the auto-VA kernel range. 2718 * @auto_kernel_va_size: Size of the auto-VA kernel range. 2719 * 2720 * Return: A valid pointer on success, an ERR_PTR() otherwise. 2721 */ 2722 struct panthor_vm * 2723 panthor_vm_create(struct panthor_device *ptdev, bool for_mcu, 2724 u64 kernel_va_start, u64 kernel_va_size, 2725 u64 auto_kernel_va_start, u64 auto_kernel_va_size) 2726 { 2727 u32 va_bits = GPU_MMU_FEATURES_VA_BITS(ptdev->gpu_info.mmu_features); 2728 u32 pa_bits = GPU_MMU_FEATURES_PA_BITS(ptdev->gpu_info.mmu_features); 2729 u64 full_va_range = 1ull << va_bits; 2730 struct drm_gem_object *dummy_gem; 2731 struct drm_gpu_scheduler *sched; 2732 const struct drm_sched_init_args sched_args = { 2733 .ops = &panthor_vm_bind_ops, 2734 .submit_wq = ptdev->mmu->vm.wq, 2735 .credit_limit = 1, 2736 /* Bind operations are synchronous for now, no timeout needed. */ 2737 .timeout = MAX_SCHEDULE_TIMEOUT, 2738 .name = "panthor-vm-bind", 2739 .dev = ptdev->base.dev, 2740 }; 2741 struct io_pgtable_cfg pgtbl_cfg; 2742 u64 mair, min_va, va_range; 2743 struct panthor_vm *vm; 2744 int ret; 2745 2746 vm = kzalloc_obj(*vm); 2747 if (!vm) 2748 return ERR_PTR(-ENOMEM); 2749 2750 /* We allocate a dummy GEM for the VM. */ 2751 dummy_gem = drm_gpuvm_resv_object_alloc(&ptdev->base); 2752 if (!dummy_gem) { 2753 ret = -ENOMEM; 2754 goto err_free_vm; 2755 } 2756 2757 mutex_init(&vm->heaps.lock); 2758 vm->for_mcu = for_mcu; 2759 vm->ptdev = ptdev; 2760 mutex_init(&vm->op_lock); 2761 2762 if (for_mcu) { 2763 /* CSF MCU is a cortex M7, and can only address 4G */ 2764 min_va = 0; 2765 va_range = SZ_4G; 2766 } else { 2767 min_va = 0; 2768 va_range = full_va_range; 2769 } 2770 2771 mutex_init(&vm->mm_lock); 2772 drm_mm_init(&vm->mm, kernel_va_start, kernel_va_size); 2773 vm->kernel_auto_va.start = auto_kernel_va_start; 2774 vm->kernel_auto_va.end = vm->kernel_auto_va.start + auto_kernel_va_size - 1; 2775 2776 drm_gem_lru_init(&vm->reclaim.lru); 2777 INIT_LIST_HEAD(&vm->reclaim.lru_node); 2778 INIT_LIST_HEAD(&vm->node); 2779 INIT_LIST_HEAD(&vm->as.lru_node); 2780 vm->as.id = -1; 2781 refcount_set(&vm->as.active_cnt, 0); 2782 2783 pgtbl_cfg = (struct io_pgtable_cfg) { 2784 .pgsize_bitmap = SZ_4K | SZ_2M, 2785 .ias = va_bits, 2786 .oas = pa_bits, 2787 .coherent_walk = ptdev->coherent, 2788 .tlb = &mmu_tlb_ops, 2789 .iommu_dev = ptdev->base.dev, 2790 .alloc = alloc_pt, 2791 .free = free_pt, 2792 }; 2793 2794 vm->pgtbl_ops = alloc_io_pgtable_ops(ARM_64_LPAE_S1, &pgtbl_cfg, vm); 2795 if (!vm->pgtbl_ops) { 2796 ret = -EINVAL; 2797 goto err_mm_takedown; 2798 } 2799 2800 ret = drm_sched_init(&vm->sched, &sched_args); 2801 if (ret) 2802 goto err_free_io_pgtable; 2803 2804 sched = &vm->sched; 2805 ret = drm_sched_entity_init(&vm->entity, 0, &sched, 1, NULL); 2806 if (ret) 2807 goto err_sched_fini; 2808 2809 mair = io_pgtable_ops_to_pgtable(vm->pgtbl_ops)->cfg.arm_lpae_s1_cfg.mair; 2810 vm->memattr = mair_to_memattr(mair, ptdev->coherent); 2811 2812 mutex_lock(&ptdev->mmu->vm.lock); 2813 list_add_tail(&vm->node, &ptdev->mmu->vm.list); 2814 2815 /* If a reset is in progress, stop the scheduler. */ 2816 if (ptdev->mmu->vm.reset_in_progress) 2817 panthor_vm_stop(vm); 2818 mutex_unlock(&ptdev->mmu->vm.lock); 2819 2820 /* We intentionally leave the reserved range to zero, because we want kernel VMAs 2821 * to be handled the same way user VMAs are. 2822 */ 2823 drm_gpuvm_init(&vm->base, for_mcu ? "panthor-MCU-VM" : "panthor-GPU-VM", 2824 DRM_GPUVM_RESV_PROTECTED | DRM_GPUVM_IMMEDIATE_MODE, 2825 &ptdev->base, dummy_gem, min_va, va_range, 0, 0, 2826 &panthor_gpuvm_ops); 2827 drm_gem_object_put(dummy_gem); 2828 return vm; 2829 2830 err_sched_fini: 2831 drm_sched_fini(&vm->sched); 2832 2833 err_free_io_pgtable: 2834 free_io_pgtable_ops(vm->pgtbl_ops); 2835 2836 err_mm_takedown: 2837 drm_mm_takedown(&vm->mm); 2838 drm_gem_object_put(dummy_gem); 2839 2840 err_free_vm: 2841 kfree(vm); 2842 return ERR_PTR(ret); 2843 } 2844 2845 static int 2846 panthor_vm_bind_prepare_op_ctx(struct drm_file *file, 2847 struct panthor_vm *vm, 2848 const struct drm_panthor_vm_bind_op *op, 2849 struct panthor_vm_op_ctx *op_ctx) 2850 { 2851 ssize_t vm_pgsz = panthor_vm_page_size(vm); 2852 struct drm_gem_object *gem; 2853 int ret; 2854 2855 /* Aligned on page size. */ 2856 if (!IS_ALIGNED(op->va | op->size | op->bo_offset, vm_pgsz)) 2857 return -EINVAL; 2858 2859 switch (op->flags & DRM_PANTHOR_VM_BIND_OP_TYPE_MASK) { 2860 case DRM_PANTHOR_VM_BIND_OP_TYPE_MAP: 2861 gem = drm_gem_object_lookup(file, op->bo_handle); 2862 ret = panthor_vm_prepare_map_op_ctx(op_ctx, vm, 2863 gem ? to_panthor_bo(gem) : NULL, 2864 op->bo_offset, 2865 op->size, 2866 op->va, 2867 op->flags); 2868 drm_gem_object_put(gem); 2869 return ret; 2870 2871 case DRM_PANTHOR_VM_BIND_OP_TYPE_UNMAP: 2872 if (op->flags & ~DRM_PANTHOR_VM_BIND_OP_TYPE_MASK) 2873 return -EINVAL; 2874 2875 if (op->bo_handle || op->bo_offset) 2876 return -EINVAL; 2877 2878 return panthor_vm_prepare_unmap_op_ctx(op_ctx, vm, op->va, op->size); 2879 2880 case DRM_PANTHOR_VM_BIND_OP_TYPE_SYNC_ONLY: 2881 if (op->flags & ~DRM_PANTHOR_VM_BIND_OP_TYPE_MASK) 2882 return -EINVAL; 2883 2884 if (op->bo_handle || op->bo_offset) 2885 return -EINVAL; 2886 2887 if (op->va || op->size) 2888 return -EINVAL; 2889 2890 if (!op->syncs.count) 2891 return -EINVAL; 2892 2893 panthor_vm_prepare_sync_only_op_ctx(op_ctx, vm); 2894 return 0; 2895 2896 default: 2897 return -EINVAL; 2898 } 2899 } 2900 2901 static void panthor_vm_bind_job_cleanup_op_ctx_work(struct work_struct *work) 2902 { 2903 struct panthor_vm_bind_job *job = 2904 container_of(work, struct panthor_vm_bind_job, cleanup_op_ctx_work); 2905 2906 panthor_vm_bind_job_put(&job->base); 2907 } 2908 2909 /** 2910 * panthor_vm_bind_job_create() - Create a VM_BIND job 2911 * @file: File. 2912 * @vm: VM targeted by the VM_BIND job. 2913 * @op: VM operation data. 2914 * 2915 * Return: A valid pointer on success, an ERR_PTR() otherwise. 2916 */ 2917 struct drm_sched_job * 2918 panthor_vm_bind_job_create(struct drm_file *file, 2919 struct panthor_vm *vm, 2920 const struct drm_panthor_vm_bind_op *op) 2921 { 2922 struct panthor_vm_bind_job *job; 2923 int ret; 2924 2925 if (!vm) 2926 return ERR_PTR(-EINVAL); 2927 2928 if (vm->destroyed || vm->unusable) 2929 return ERR_PTR(-EINVAL); 2930 2931 job = kzalloc_obj(*job); 2932 if (!job) 2933 return ERR_PTR(-ENOMEM); 2934 2935 ret = panthor_vm_bind_prepare_op_ctx(file, vm, op, &job->ctx); 2936 if (ret) { 2937 kfree(job); 2938 return ERR_PTR(ret); 2939 } 2940 2941 INIT_WORK(&job->cleanup_op_ctx_work, panthor_vm_bind_job_cleanup_op_ctx_work); 2942 kref_init(&job->refcount); 2943 job->vm = panthor_vm_get(vm); 2944 2945 ret = drm_sched_job_init(&job->base, &vm->entity, 1, vm, file->client_id); 2946 if (ret) 2947 goto err_put_job; 2948 2949 return &job->base; 2950 2951 err_put_job: 2952 panthor_vm_bind_job_put(&job->base); 2953 return ERR_PTR(ret); 2954 } 2955 2956 /** 2957 * panthor_vm_bind_job_prepare_resvs() - Prepare VM_BIND job dma_resvs 2958 * @exec: The locking/preparation context. 2959 * @sched_job: The job to prepare resvs on. 2960 * 2961 * Locks and prepare the VM resv. 2962 * 2963 * If this is a map operation, locks and prepares the GEM resv. 2964 * 2965 * Return: 0 on success, a negative error code otherwise. 2966 */ 2967 int panthor_vm_bind_job_prepare_resvs(struct drm_exec *exec, 2968 struct drm_sched_job *sched_job) 2969 { 2970 struct panthor_vm_bind_job *job = container_of(sched_job, struct panthor_vm_bind_job, base); 2971 int ret; 2972 2973 /* Acquire the VM lock an reserve a slot for this VM bind job. */ 2974 ret = drm_gpuvm_prepare_vm(&job->vm->base, exec, 1); 2975 if (ret) 2976 return ret; 2977 2978 if (job->ctx.map.vm_bo) { 2979 /* Lock/prepare the GEM being mapped. */ 2980 ret = drm_exec_prepare_obj(exec, job->ctx.map.vm_bo->obj, 1); 2981 if (ret) 2982 return ret; 2983 } 2984 2985 return 0; 2986 } 2987 2988 /** 2989 * panthor_vm_bind_job_update_resvs() - Update the resv objects touched by a job 2990 * @exec: drm_exec context. 2991 * @sched_job: Job to update the resvs on. 2992 */ 2993 void panthor_vm_bind_job_update_resvs(struct drm_exec *exec, 2994 struct drm_sched_job *sched_job) 2995 { 2996 struct panthor_vm_bind_job *job = container_of(sched_job, struct panthor_vm_bind_job, base); 2997 2998 /* Explicit sync => we just register our job finished fence as bookkeep. */ 2999 drm_gpuvm_resv_add_fence(&job->vm->base, exec, 3000 &sched_job->s_fence->finished, 3001 DMA_RESV_USAGE_BOOKKEEP, 3002 DMA_RESV_USAGE_BOOKKEEP); 3003 } 3004 3005 void panthor_vm_update_resvs(struct panthor_vm *vm, struct drm_exec *exec, 3006 struct dma_fence *fence, 3007 enum dma_resv_usage private_usage, 3008 enum dma_resv_usage extobj_usage) 3009 { 3010 drm_gpuvm_resv_add_fence(&vm->base, exec, fence, private_usage, extobj_usage); 3011 } 3012 3013 /** 3014 * panthor_vm_bind_exec_sync_op() - Execute a VM_BIND operation synchronously. 3015 * @file: File. 3016 * @vm: VM targeted by the VM operation. 3017 * @op: Data describing the VM operation. 3018 * 3019 * Return: 0 on success, a negative error code otherwise. 3020 */ 3021 int panthor_vm_bind_exec_sync_op(struct drm_file *file, 3022 struct panthor_vm *vm, 3023 struct drm_panthor_vm_bind_op *op) 3024 { 3025 struct panthor_vm_op_ctx op_ctx; 3026 int ret; 3027 3028 /* No sync objects allowed on synchronous operations. */ 3029 if (op->syncs.count) 3030 return -EINVAL; 3031 3032 if (!op->size) 3033 return 0; 3034 3035 ret = panthor_vm_bind_prepare_op_ctx(file, vm, op, &op_ctx); 3036 if (ret) 3037 return ret; 3038 3039 ret = panthor_vm_exec_op(vm, &op_ctx, false); 3040 panthor_vm_cleanup_op_ctx(&op_ctx, vm); 3041 3042 return ret; 3043 } 3044 3045 /** 3046 * panthor_vm_map_bo_range() - Map a GEM object range to a VM 3047 * @vm: VM to map the GEM to. 3048 * @bo: GEM object to map. 3049 * @offset: Offset in the GEM object. 3050 * @size: Size to map. 3051 * @va: Virtual address to map the object to. 3052 * @flags: Combination of drm_panthor_vm_bind_op_flags flags. 3053 * Only map-related flags are valid. 3054 * 3055 * Internal use only. For userspace requests, use 3056 * panthor_vm_bind_exec_sync_op() instead. 3057 * 3058 * Return: 0 on success, a negative error code otherwise. 3059 */ 3060 int panthor_vm_map_bo_range(struct panthor_vm *vm, struct panthor_gem_object *bo, 3061 u64 offset, u64 size, u64 va, u32 flags) 3062 { 3063 struct panthor_vm_op_ctx op_ctx; 3064 int ret; 3065 3066 ret = panthor_vm_prepare_map_op_ctx(&op_ctx, vm, bo, offset, size, va, flags); 3067 if (ret) 3068 return ret; 3069 3070 ret = panthor_vm_exec_op(vm, &op_ctx, false); 3071 panthor_vm_cleanup_op_ctx(&op_ctx, vm); 3072 3073 return ret; 3074 } 3075 3076 /** 3077 * panthor_vm_unmap_range() - Unmap a portion of the VA space 3078 * @vm: VM to unmap the region from. 3079 * @va: Virtual address to unmap. Must be 4k aligned. 3080 * @size: Size of the region to unmap. Must be 4k aligned. 3081 * 3082 * Internal use only. For userspace requests, use 3083 * panthor_vm_bind_exec_sync_op() instead. 3084 * 3085 * Return: 0 on success, a negative error code otherwise. 3086 */ 3087 int panthor_vm_unmap_range(struct panthor_vm *vm, u64 va, u64 size) 3088 { 3089 struct panthor_vm_op_ctx op_ctx; 3090 int ret; 3091 3092 ret = panthor_vm_prepare_unmap_op_ctx(&op_ctx, vm, va, size); 3093 if (ret) 3094 return ret; 3095 3096 ret = panthor_vm_exec_op(vm, &op_ctx, false); 3097 panthor_vm_cleanup_op_ctx(&op_ctx, vm); 3098 3099 return ret; 3100 } 3101 3102 /** 3103 * panthor_vm_prepare_mapped_bos_resvs() - Prepare resvs on VM BOs. 3104 * @exec: Locking/preparation context. 3105 * @vm: VM targeted by the GPU job. 3106 * @slot_count: Number of slots to reserve. 3107 * 3108 * GPU jobs assume all BOs bound to the VM at the time the job is submitted 3109 * are available when the job is executed. In order to guarantee that, we 3110 * need to reserve a slot on all BOs mapped to a VM and update this slot with 3111 * the job fence after its submission. 3112 * 3113 * Return: 0 on success, a negative error code otherwise. 3114 */ 3115 int panthor_vm_prepare_mapped_bos_resvs(struct drm_exec *exec, struct panthor_vm *vm, 3116 u32 slot_count) 3117 { 3118 int ret; 3119 3120 /* Acquire the VM lock and reserve a slot for this GPU job. */ 3121 ret = drm_gpuvm_prepare_vm(&vm->base, exec, slot_count); 3122 if (ret) 3123 return ret; 3124 3125 ret = drm_gpuvm_prepare_objects(&vm->base, exec, slot_count); 3126 if (ret) 3127 return ret; 3128 3129 return drm_gpuvm_validate(&vm->base, exec); 3130 } 3131 3132 unsigned long 3133 panthor_mmu_reclaim_priv_bos(struct panthor_device *ptdev, 3134 unsigned int nr_to_scan, unsigned long *remaining, 3135 bool (*shrink)(struct drm_gem_object *, 3136 struct ww_acquire_ctx *)) 3137 { 3138 unsigned long freed = 0; 3139 LIST_HEAD(remaining_vms); 3140 LIST_HEAD(vms); 3141 3142 mutex_lock(&ptdev->base.gem_lru_mutex); 3143 list_splice_init(&ptdev->reclaim.vms, &vms); 3144 3145 while (freed < nr_to_scan) { 3146 struct panthor_vm *vm; 3147 3148 vm = list_first_entry_or_null(&vms, typeof(*vm), 3149 reclaim.lru_node); 3150 if (!vm) 3151 break; 3152 3153 if (!kref_get_unless_zero(&vm->base.kref)) { 3154 list_del_init(&vm->reclaim.lru_node); 3155 continue; 3156 } 3157 3158 mutex_unlock(&ptdev->base.gem_lru_mutex); 3159 3160 freed += drm_gem_lru_scan(&ptdev->base, &vm->reclaim.lru, 3161 nr_to_scan - freed, 3162 remaining, shrink, NULL); 3163 3164 mutex_lock(&ptdev->base.gem_lru_mutex); 3165 3166 /* If the VM is still in the temporary list, remove it so we 3167 * can proceed with the next VM. 3168 */ 3169 if (vm == list_first_entry_or_null(&vms, typeof(*vm), reclaim.lru_node)) { 3170 list_del_init(&vm->reclaim.lru_node); 3171 3172 /* Keep the VM around if there are still things to 3173 * reclaim, so we can preserve the LRU order when 3174 * re-inserting in ptdev->reclaim.vms at the end. 3175 */ 3176 if (vm->reclaim.lru.count > 0) 3177 list_add_tail(&vm->reclaim.lru_node, &remaining_vms); 3178 } 3179 3180 mutex_unlock(&ptdev->base.gem_lru_mutex); 3181 3182 panthor_vm_put(vm); 3183 3184 mutex_lock(&ptdev->base.gem_lru_mutex); 3185 } 3186 3187 /* Re-insert VMs with remaining data to reclaim at the beginning of 3188 * the LRU. Note that any activeness change on the VM that happened 3189 * while we were reclaiming would have moved the VM out of our 3190 * temporary [remaining_]vms list, meaning anything we re-insert here 3191 * preserves the LRU order. 3192 */ 3193 list_splice_tail(&vms, &remaining_vms); 3194 list_splice(&remaining_vms, &ptdev->reclaim.vms); 3195 mutex_unlock(&ptdev->base.gem_lru_mutex); 3196 3197 return freed; 3198 } 3199 3200 /** 3201 * panthor_mmu_unplug() - Unplug the MMU logic 3202 * @ptdev: Device. 3203 * 3204 * No access to the MMU regs should be done after this function is called. 3205 * We suspend the IRQ and disable all VMs to guarantee that. 3206 */ 3207 void panthor_mmu_unplug(struct panthor_device *ptdev) 3208 { 3209 if (!IS_ENABLED(CONFIG_PM) || pm_runtime_active(ptdev->base.dev)) 3210 panthor_mmu_irq_suspend(&ptdev->mmu->irq); 3211 3212 mutex_lock(&ptdev->mmu->as.slots_lock); 3213 for (u32 i = 0; i < ARRAY_SIZE(ptdev->mmu->as.slots); i++) { 3214 struct panthor_vm *vm = ptdev->mmu->as.slots[i].vm; 3215 3216 if (vm) { 3217 drm_WARN_ON(&ptdev->base, 3218 panthor_mmu_as_disable(ptdev, i, false)); 3219 panthor_vm_release_as_locked(vm); 3220 } 3221 } 3222 mutex_unlock(&ptdev->mmu->as.slots_lock); 3223 } 3224 3225 static void panthor_mmu_release_wq(struct drm_device *ddev, void *res) 3226 { 3227 destroy_workqueue(res); 3228 } 3229 3230 /** 3231 * panthor_mmu_init() - Initialize the MMU logic. 3232 * @ptdev: Device. 3233 * 3234 * Return: 0 on success, a negative error code otherwise. 3235 */ 3236 int panthor_mmu_init(struct panthor_device *ptdev) 3237 { 3238 u32 va_bits = GPU_MMU_FEATURES_VA_BITS(ptdev->gpu_info.mmu_features); 3239 struct panthor_mmu *mmu; 3240 int ret, irq; 3241 3242 mmu = drmm_kzalloc(&ptdev->base, sizeof(*mmu), GFP_KERNEL); 3243 if (!mmu) 3244 return -ENOMEM; 3245 3246 INIT_LIST_HEAD(&mmu->as.lru_list); 3247 3248 ret = drmm_mutex_init(&ptdev->base, &mmu->as.slots_lock); 3249 if (ret) 3250 return ret; 3251 3252 INIT_LIST_HEAD(&mmu->vm.list); 3253 ret = drmm_mutex_init(&ptdev->base, &mmu->vm.lock); 3254 if (ret) 3255 return ret; 3256 3257 mmu->iomem = ptdev->iomem + MMU_AS_BASE; 3258 ptdev->mmu = mmu; 3259 3260 irq = platform_get_irq_byname(to_platform_device(ptdev->base.dev), "mmu"); 3261 if (irq <= 0) 3262 return -ENODEV; 3263 3264 ret = panthor_request_mmu_irq(ptdev, &mmu->irq, irq, 3265 panthor_mmu_fault_mask(ptdev, ~0), 3266 ptdev->iomem + MMU_INT_BASE); 3267 if (ret) 3268 return ret; 3269 3270 mmu->vm.wq = alloc_workqueue("panthor-vm-bind", WQ_UNBOUND, 0); 3271 if (!mmu->vm.wq) 3272 return -ENOMEM; 3273 3274 /* On 32-bit kernels, the VA space is limited by the io_pgtable_ops abstraction, 3275 * which passes iova as an unsigned long. Patch the mmu_features to reflect this 3276 * limitation. 3277 */ 3278 if (va_bits > BITS_PER_LONG) { 3279 ptdev->gpu_info.mmu_features &= ~GENMASK(7, 0); 3280 ptdev->gpu_info.mmu_features |= BITS_PER_LONG; 3281 } 3282 3283 return drmm_add_action_or_reset(&ptdev->base, panthor_mmu_release_wq, mmu->vm.wq); 3284 } 3285 3286 #ifdef CONFIG_DEBUG_FS 3287 static int show_vm_gpuvas(struct panthor_vm *vm, struct seq_file *m) 3288 { 3289 int ret; 3290 3291 mutex_lock(&vm->op_lock); 3292 ret = drm_debugfs_gpuva_info(m, &vm->base); 3293 mutex_unlock(&vm->op_lock); 3294 3295 return ret; 3296 } 3297 3298 static int show_each_vm(struct seq_file *m, void *arg) 3299 { 3300 struct drm_info_node *node = (struct drm_info_node *)m->private; 3301 struct drm_device *ddev = node->minor->dev; 3302 struct panthor_device *ptdev = container_of(ddev, struct panthor_device, base); 3303 int (*show)(struct panthor_vm *, struct seq_file *) = node->info_ent->data; 3304 struct panthor_vm *vm; 3305 int ret = 0; 3306 3307 mutex_lock(&ptdev->mmu->vm.lock); 3308 list_for_each_entry(vm, &ptdev->mmu->vm.list, node) { 3309 ret = show(vm, m); 3310 if (ret < 0) 3311 break; 3312 3313 seq_puts(m, "\n"); 3314 } 3315 mutex_unlock(&ptdev->mmu->vm.lock); 3316 3317 return ret; 3318 } 3319 3320 static struct drm_info_list panthor_mmu_debugfs_list[] = { 3321 DRM_DEBUGFS_GPUVA_INFO(show_each_vm, show_vm_gpuvas), 3322 }; 3323 3324 /** 3325 * panthor_mmu_debugfs_init() - Initialize MMU debugfs entries 3326 * @minor: Minor. 3327 */ 3328 void panthor_mmu_debugfs_init(struct drm_minor *minor) 3329 { 3330 drm_debugfs_create_files(panthor_mmu_debugfs_list, 3331 ARRAY_SIZE(panthor_mmu_debugfs_list), 3332 minor->debugfs_root, minor); 3333 } 3334 #endif /* CONFIG_DEBUG_FS */ 3335 3336 /** 3337 * panthor_mmu_pt_cache_init() - Initialize the page table cache. 3338 * 3339 * Return: 0 on success, a negative error code otherwise. 3340 */ 3341 int panthor_mmu_pt_cache_init(void) 3342 { 3343 pt_cache = kmem_cache_create("panthor-mmu-pt", SZ_4K, SZ_4K, 0, NULL); 3344 if (!pt_cache) 3345 return -ENOMEM; 3346 3347 return 0; 3348 } 3349 3350 /** 3351 * panthor_mmu_pt_cache_fini() - Destroy the page table cache. 3352 */ 3353 void panthor_mmu_pt_cache_fini(void) 3354 { 3355 kmem_cache_destroy(pt_cache); 3356 } 3357