xref: /freebsd/sys/x86/iommu/intel_utils.c (revision 7937bfbc0ca53fe7cdd0d54414f9296e273a518e)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2013 The FreeBSD Foundation
5  *
6  * This software was developed by Konstantin Belousov <kib@FreeBSD.org>
7  * under sponsorship from the FreeBSD Foundation.
8  *
9  * Redistribution and use in source and binary forms, with or without
10  * modification, are permitted provided that the following conditions
11  * are met:
12  * 1. Redistributions of source code must retain the above copyright
13  *    notice, this list of conditions and the following disclaimer.
14  * 2. Redistributions in binary form must reproduce the above copyright
15  *    notice, this list of conditions and the following disclaimer in the
16  *    documentation and/or other materials provided with the distribution.
17  *
18  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21  * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28  * SUCH DAMAGE.
29  */
30 
31 #include <sys/param.h>
32 #include <sys/bus.h>
33 #include <sys/kernel.h>
34 #include <sys/lock.h>
35 #include <sys/malloc.h>
36 #include <sys/memdesc.h>
37 #include <sys/mutex.h>
38 #include <sys/proc.h>
39 #include <sys/queue.h>
40 #include <sys/rman.h>
41 #include <sys/rwlock.h>
42 #include <sys/sched.h>
43 #include <sys/sf_buf.h>
44 #include <sys/sysctl.h>
45 #include <sys/systm.h>
46 #include <sys/taskqueue.h>
47 #include <sys/time.h>
48 #include <sys/tree.h>
49 #include <sys/vmem.h>
50 #include <vm/vm.h>
51 #include <vm/vm_extern.h>
52 #include <vm/vm_kern.h>
53 #include <vm/vm_object.h>
54 #include <vm/vm_page.h>
55 #include <vm/vm_map.h>
56 #include <vm/vm_pageout.h>
57 #include <dev/pci/pcireg.h>
58 #include <dev/pci/pcivar.h>
59 #include <machine/bus.h>
60 #include <machine/cpu.h>
61 #include <machine/intr_machdep.h>
62 #include <x86/include/apicvar.h>
63 #include <x86/include/busdma_impl.h>
64 #include <dev/iommu/busdma_iommu.h>
65 #include <x86/iommu/intel_reg.h>
66 #include <x86/iommu/x86_iommu.h>
67 #include <x86/iommu/intel_dmar.h>
68 
69 u_int
70 dmar_nd2mask(u_int nd)
71 {
72 	static const u_int masks[] = {
73 		0x000f,	/* nd == 0 */
74 		0x002f,	/* nd == 1 */
75 		0x00ff,	/* nd == 2 */
76 		0x02ff,	/* nd == 3 */
77 		0x0fff,	/* nd == 4 */
78 		0x2fff,	/* nd == 5 */
79 		0xffff,	/* nd == 6 */
80 		0x0000,	/* nd == 7 reserved */
81 	};
82 
83 	KASSERT(nd <= 6, ("number of domains %d", nd));
84 	return (masks[nd]);
85 }
86 
87 static const struct sagaw_bits_tag {
88 	int agaw;
89 	int cap;
90 	int awlvl;
91 	int pglvl;
92 } sagaw_bits[] = {
93 	{.agaw = 30, .cap = DMAR_CAP_SAGAW_2LVL, .awlvl = DMAR_CTX2_AW_2LVL,
94 	    .pglvl = 2},
95 	{.agaw = 39, .cap = DMAR_CAP_SAGAW_3LVL, .awlvl = DMAR_CTX2_AW_3LVL,
96 	    .pglvl = 3},
97 	{.agaw = 48, .cap = DMAR_CAP_SAGAW_4LVL, .awlvl = DMAR_CTX2_AW_4LVL,
98 	    .pglvl = 4},
99 	{.agaw = 57, .cap = DMAR_CAP_SAGAW_5LVL, .awlvl = DMAR_CTX2_AW_5LVL,
100 	    .pglvl = 5}
101 	/*
102 	 * 6-level paging (DMAR_CAP_SAGAW_6LVL) is not supported on any
103 	 * current VT-d hardware and its SAGAW field value is listed as
104 	 * reserved in the VT-d spec.  If support is added in the future,
105 	 * this structure and the logic in dmar_maxaddr2mgaw() will need
106 	 * to change to avoid attempted comparison against 1ULL << 64.
107 	 */
108 };
109 
110 bool
111 dmar_pglvl_supported(struct dmar_unit *unit, int pglvl)
112 {
113 	int i;
114 
115 	for (i = 0; i < nitems(sagaw_bits); i++) {
116 		if (sagaw_bits[i].pglvl != pglvl)
117 			continue;
118 		if ((DMAR_CAP_SAGAW(unit->hw_cap) & sagaw_bits[i].cap) != 0)
119 			return (true);
120 	}
121 	return (false);
122 }
123 
124 int
125 domain_set_agaw(struct dmar_domain *domain, int mgaw)
126 {
127 	int sagaw, i;
128 
129 	domain->mgaw = mgaw;
130 	sagaw = DMAR_CAP_SAGAW(domain->dmar->hw_cap);
131 	for (i = 0; i < nitems(sagaw_bits); i++) {
132 		if (sagaw_bits[i].agaw >= mgaw) {
133 			domain->agaw = sagaw_bits[i].agaw;
134 			domain->pglvl = sagaw_bits[i].pglvl;
135 			domain->awlvl = sagaw_bits[i].awlvl;
136 			return (0);
137 		}
138 	}
139 	device_printf(domain->dmar->iommu.dev,
140 	    "context request mgaw %d: no agaw found, sagaw %x\n",
141 	    mgaw, sagaw);
142 	return (EINVAL);
143 }
144 
145 /*
146  * Find a best fit mgaw for the given maxaddr:
147  *   - if allow_less is false, must find sagaw which maps all requested
148  *     addresses (used by identity mappings);
149  *   - if allow_less is true, and no supported sagaw can map all requested
150  *     address space, accept the biggest sagaw, whatever is it.
151  */
152 int
153 dmar_maxaddr2mgaw(struct dmar_unit *unit, iommu_gaddr_t maxaddr, bool allow_less)
154 {
155 	int i;
156 
157 	for (i = 0; i < nitems(sagaw_bits); i++) {
158 		if ((1ULL << sagaw_bits[i].agaw) >= maxaddr &&
159 		    (DMAR_CAP_SAGAW(unit->hw_cap) & sagaw_bits[i].cap) != 0)
160 			break;
161 	}
162 	if (allow_less && i == nitems(sagaw_bits)) {
163 		do {
164 			i--;
165 		} while ((DMAR_CAP_SAGAW(unit->hw_cap) & sagaw_bits[i].cap)
166 		    == 0);
167 	}
168 	if (i < nitems(sagaw_bits))
169 		return (sagaw_bits[i].agaw);
170 	KASSERT(0, ("no mgaw for maxaddr %jx allow_less %d",
171 	    (uintmax_t) maxaddr, allow_less));
172 	return (-1);
173 }
174 
175 /*
176  * Return true if the page table level lvl supports the superpage for
177  * the context ctx.
178  */
179 int
180 domain_is_sp_lvl(struct dmar_domain *domain, int lvl)
181 {
182 	int alvl, cap_sps;
183 	static const int sagaw_sp[] = {
184 		DMAR_CAP_SPS_2M,
185 		DMAR_CAP_SPS_1G,
186 		DMAR_CAP_SPS_512G,
187 		DMAR_CAP_SPS_1T
188 	};
189 
190 	alvl = domain->pglvl - lvl - 1;
191 	cap_sps = DMAR_CAP_SPS(domain->dmar->hw_cap);
192 	return (alvl < nitems(sagaw_sp) && (sagaw_sp[alvl] & cap_sps) != 0);
193 }
194 
195 iommu_gaddr_t
196 domain_page_size(struct dmar_domain *domain, int lvl)
197 {
198 
199 	return (pglvl_page_size(domain->pglvl, lvl));
200 }
201 
202 int
203 calc_am(struct dmar_unit *unit, iommu_gaddr_t base, iommu_gaddr_t size,
204     iommu_gaddr_t *isizep)
205 {
206 	iommu_gaddr_t isize;
207 	int am;
208 
209 	for (am = DMAR_CAP_MAMV(unit->hw_cap);; am--) {
210 		isize = 1ULL << (am + IOMMU_PAGE_SHIFT);
211 		if ((base & (isize - 1)) == 0 && size >= isize)
212 			break;
213 		if (am == 0)
214 			break;
215 	}
216 	*isizep = isize;
217 	return (am);
218 }
219 
220 int haw;
221 int dmar_tbl_pagecnt;
222 
223 static void
224 dmar_flush_transl_to_ram(struct dmar_unit *unit, void *dst, size_t sz)
225 {
226 
227 	if (DMAR_IS_COHERENT(unit))
228 		return;
229 	/*
230 	 * If DMAR does not snoop paging structures accesses, flush
231 	 * CPU cache to memory.
232 	 */
233 	pmap_force_invalidate_cache_range((uintptr_t)dst, (uintptr_t)dst + sz);
234 }
235 
236 void
237 dmar_flush_pte_to_ram(struct dmar_unit *unit, iommu_pte_t *dst)
238 {
239 
240 	dmar_flush_transl_to_ram(unit, dst, sizeof(*dst));
241 }
242 
243 void
244 dmar_flush_ctx_to_ram(struct dmar_unit *unit, dmar_ctx_entry_t *dst)
245 {
246 
247 	dmar_flush_transl_to_ram(unit, dst, sizeof(*dst));
248 }
249 
250 void
251 dmar_flush_root_to_ram(struct dmar_unit *unit, dmar_root_entry_t *dst)
252 {
253 
254 	dmar_flush_transl_to_ram(unit, dst, sizeof(*dst));
255 }
256 
257 /*
258  * Load the root entry pointer into the hardware, busily waiting for
259  * the completion.
260  */
261 int
262 dmar_load_root_entry_ptr(struct dmar_unit *unit)
263 {
264 	vm_page_t root_entry;
265 	int error;
266 
267 	/*
268 	 * Access to the GCMD register must be serialized while the
269 	 * command is submitted.
270 	 */
271 	DMAR_ASSERT_LOCKED(unit);
272 
273 	VM_OBJECT_RLOCK(unit->ctx_obj);
274 	root_entry = vm_page_lookup(unit->ctx_obj, 0);
275 	VM_OBJECT_RUNLOCK(unit->ctx_obj);
276 	dmar_write8(unit, DMAR_RTADDR_REG, VM_PAGE_TO_PHYS(root_entry));
277 	dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd | DMAR_GCMD_SRTP);
278 	DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_RTPS)
279 	    != 0));
280 	return (error);
281 }
282 
283 /*
284  * Globally invalidate the context entries cache, busily waiting for
285  * the completion.
286  */
287 int
288 dmar_inv_ctx_glob(struct dmar_unit *unit)
289 {
290 	int error;
291 
292 	/*
293 	 * Access to the CCMD register must be serialized while the
294 	 * command is submitted.
295 	 */
296 	DMAR_ASSERT_LOCKED(unit);
297 	KASSERT(!unit->qi_enabled, ("QI enabled"));
298 
299 	/*
300 	 * The DMAR_CCMD_ICC bit in the upper dword should be written
301 	 * after the low dword write is completed.  Amd64
302 	 * dmar_write8() does not have this issue, i386 dmar_write8()
303 	 * writes the upper dword last.
304 	 */
305 	dmar_write8(unit, DMAR_CCMD_REG, DMAR_CCMD_ICC | DMAR_CCMD_CIRG_GLOB);
306 	DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_CCMD_REG + 4) & DMAR_CCMD_ICC32)
307 	    == 0));
308 	return (error);
309 }
310 
311 /*
312  * Globally invalidate the IOTLB, busily waiting for the completion.
313  */
314 int
315 dmar_inv_iotlb_glob(struct dmar_unit *unit)
316 {
317 	int error, reg;
318 
319 	DMAR_ASSERT_LOCKED(unit);
320 	KASSERT(!unit->qi_enabled, ("QI enabled"));
321 
322 	reg = 16 * DMAR_ECAP_IRO(unit->hw_ecap);
323 	/* See a comment about DMAR_CCMD_ICC in dmar_inv_ctx_glob. */
324 	dmar_write8(unit, reg + DMAR_IOTLB_REG_OFF, DMAR_IOTLB_IVT |
325 	    DMAR_IOTLB_IIRG_GLB | DMAR_IOTLB_DR | DMAR_IOTLB_DW);
326 	DMAR_WAIT_UNTIL(((dmar_read4(unit, reg + DMAR_IOTLB_REG_OFF + 4) &
327 	    DMAR_IOTLB_IVT32) == 0));
328 	return (error);
329 }
330 
331 /*
332  * Flush the chipset write buffers.  See 11.1 "Write Buffer Flushing"
333  * in the architecture specification.
334  */
335 int
336 dmar_flush_write_bufs(struct dmar_unit *unit)
337 {
338 	int error;
339 
340 	DMAR_ASSERT_LOCKED(unit);
341 
342 	/*
343 	 * DMAR_GCMD_WBF is only valid when CAP_RWBF is reported.
344 	 */
345 	KASSERT((unit->hw_cap & DMAR_CAP_RWBF) != 0,
346 	    ("dmar%d: no RWBF", unit->iommu.unit));
347 
348 	dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd | DMAR_GCMD_WBF);
349 	DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_WBFS)
350 	    != 0));
351 	return (error);
352 }
353 
354 /*
355  * Some BIOSes protect memory region they reside in by using DMAR to
356  * prevent devices from doing any DMA transactions to that part of RAM.
357  * AMI refers to this as "DMA Control Guarantee".
358  * We need to disable this when address translation is enabled.
359  */
360 int
361 dmar_disable_protected_regions(struct dmar_unit *unit)
362 {
363 	uint32_t reg;
364 	int error;
365 
366 	DMAR_ASSERT_LOCKED(unit);
367 
368 	/* Check if we support the feature. */
369 	if ((unit->hw_cap & (DMAR_CAP_PLMR | DMAR_CAP_PHMR)) == 0)
370 		return (0);
371 
372 	reg = dmar_read4(unit, DMAR_PMEN_REG);
373 	if ((reg & DMAR_PMEN_EPM) == 0)
374 		return (0);
375 
376 	reg &= ~DMAR_PMEN_EPM;
377 	dmar_write4(unit, DMAR_PMEN_REG, reg);
378 	DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_PMEN_REG) & DMAR_PMEN_PRS)
379 	    != 0));
380 
381 	return (error);
382 }
383 
384 int
385 dmar_enable_translation(struct dmar_unit *unit)
386 {
387 	int error;
388 
389 	DMAR_ASSERT_LOCKED(unit);
390 	unit->hw_gcmd |= DMAR_GCMD_TE;
391 	dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd);
392 	DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_TES)
393 	    != 0));
394 	return (error);
395 }
396 
397 int
398 dmar_disable_translation(struct dmar_unit *unit)
399 {
400 	int error;
401 
402 	DMAR_ASSERT_LOCKED(unit);
403 	unit->hw_gcmd &= ~DMAR_GCMD_TE;
404 	dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd);
405 	DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_TES)
406 	    == 0));
407 	return (error);
408 }
409 
410 int
411 dmar_load_irt_ptr(struct dmar_unit *unit)
412 {
413 	uint64_t irta, s;
414 	int error;
415 
416 	DMAR_ASSERT_LOCKED(unit);
417 	irta = unit->irt_phys;
418 	if (DMAR_X2APIC(unit))
419 		irta |= DMAR_IRTA_EIME;
420 	s = fls(unit->irte_cnt) - 2;
421 	KASSERT(unit->irte_cnt >= 2 && s <= DMAR_IRTA_S_MASK &&
422 	    powerof2(unit->irte_cnt),
423 	    ("IRTA_REG_S overflow %x", unit->irte_cnt));
424 	irta |= s;
425 	dmar_write8(unit, DMAR_IRTA_REG, irta);
426 	dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd | DMAR_GCMD_SIRTP);
427 	DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_IRTPS)
428 	    != 0));
429 	return (error);
430 }
431 
432 int
433 dmar_enable_ir(struct dmar_unit *unit)
434 {
435 	int error;
436 
437 	DMAR_ASSERT_LOCKED(unit);
438 	unit->hw_gcmd |= DMAR_GCMD_IRE;
439 	unit->hw_gcmd &= ~DMAR_GCMD_CFI;
440 	dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd);
441 	DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_IRES)
442 	    != 0));
443 	return (error);
444 }
445 
446 int
447 dmar_disable_ir(struct dmar_unit *unit)
448 {
449 	int error;
450 
451 	DMAR_ASSERT_LOCKED(unit);
452 	unit->hw_gcmd &= ~DMAR_GCMD_IRE;
453 	dmar_write4(unit, DMAR_GCMD_REG, unit->hw_gcmd);
454 	DMAR_WAIT_UNTIL(((dmar_read4(unit, DMAR_GSTS_REG) & DMAR_GSTS_IRES)
455 	    == 0));
456 	return (error);
457 }
458 
459 #define BARRIER_F				\
460 	u_int f_done, f_inproc, f_wakeup;	\
461 						\
462 	f_done = 1 << (barrier_id * 3);		\
463 	f_inproc = 1 << (barrier_id * 3 + 1);	\
464 	f_wakeup = 1 << (barrier_id * 3 + 2)
465 
466 bool
467 dmar_barrier_enter(struct dmar_unit *dmar, u_int barrier_id)
468 {
469 	BARRIER_F;
470 
471 	DMAR_LOCK(dmar);
472 	if ((dmar->barrier_flags & f_done) != 0) {
473 		DMAR_UNLOCK(dmar);
474 		return (false);
475 	}
476 
477 	if ((dmar->barrier_flags & f_inproc) != 0) {
478 		while ((dmar->barrier_flags & f_inproc) != 0) {
479 			dmar->barrier_flags |= f_wakeup;
480 			msleep(&dmar->barrier_flags, &dmar->iommu.lock, 0,
481 			    "dmarb", 0);
482 		}
483 		KASSERT((dmar->barrier_flags & f_done) != 0,
484 		    ("dmar%d barrier %d missing done", dmar->iommu.unit,
485 		    barrier_id));
486 		DMAR_UNLOCK(dmar);
487 		return (false);
488 	}
489 
490 	dmar->barrier_flags |= f_inproc;
491 	DMAR_UNLOCK(dmar);
492 	return (true);
493 }
494 
495 void
496 dmar_barrier_exit(struct dmar_unit *dmar, u_int barrier_id)
497 {
498 	BARRIER_F;
499 
500 	DMAR_ASSERT_LOCKED(dmar);
501 	KASSERT((dmar->barrier_flags & (f_done | f_inproc)) == f_inproc,
502 	    ("dmar%d barrier %d missed entry", dmar->iommu.unit, barrier_id));
503 	dmar->barrier_flags |= f_done;
504 	if ((dmar->barrier_flags & f_wakeup) != 0)
505 		wakeup(&dmar->barrier_flags);
506 	dmar->barrier_flags &= ~(f_inproc | f_wakeup);
507 	DMAR_UNLOCK(dmar);
508 }
509 
510 struct timespec dmar_hw_timeout = {
511 	.tv_sec = 0,
512 	.tv_nsec = 1000000
513 };
514 
515 static const uint64_t d = 1000000000;
516 
517 void
518 dmar_update_timeout(uint64_t newval)
519 {
520 
521 	/* XXXKIB not atomic */
522 	dmar_hw_timeout.tv_sec = newval / d;
523 	dmar_hw_timeout.tv_nsec = newval % d;
524 }
525 
526 uint64_t
527 dmar_get_timeout(void)
528 {
529 
530 	return ((uint64_t)dmar_hw_timeout.tv_sec * d +
531 	    dmar_hw_timeout.tv_nsec);
532 }
533 
534 static int
535 dmar_timeout_sysctl(SYSCTL_HANDLER_ARGS)
536 {
537 	uint64_t val;
538 	int error;
539 
540 	val = dmar_get_timeout();
541 	error = sysctl_handle_long(oidp, &val, 0, req);
542 	if (error != 0 || req->newptr == NULL)
543 		return (error);
544 	dmar_update_timeout(val);
545 	return (error);
546 }
547 
548 SYSCTL_PROC(_hw_iommu_dmar, OID_AUTO, timeout,
549     CTLTYPE_U64 | CTLFLAG_RW | CTLFLAG_MPSAFE, 0, 0,
550     dmar_timeout_sysctl, "QU",
551     "Timeout for command wait, in nanoseconds");
552