1 // SPDX-License-Identifier: GPL-2.0-only 2 3 /* Copyright (c) 2019-2021, The Linux Foundation. All rights reserved. */ 4 /* Copyright (c) 2021-2023 Qualcomm Innovation Center, Inc. All rights reserved. */ 5 6 #include <linux/bitfield.h> 7 #include <linux/bits.h> 8 #include <linux/completion.h> 9 #include <linux/delay.h> 10 #include <linux/dma-buf.h> 11 #include <linux/dma-mapping.h> 12 #include <linux/interrupt.h> 13 #include <linux/kref.h> 14 #include <linux/list.h> 15 #include <linux/math64.h> 16 #include <linux/mm.h> 17 #include <linux/moduleparam.h> 18 #include <linux/scatterlist.h> 19 #include <linux/spinlock.h> 20 #include <linux/srcu.h> 21 #include <linux/string.h> 22 #include <linux/types.h> 23 #include <linux/uaccess.h> 24 #include <linux/wait.h> 25 #include <drm/drm_file.h> 26 #include <drm/drm_gem.h> 27 #include <drm/drm_prime.h> 28 #include <drm/drm_print.h> 29 #include <uapi/drm/qaic_accel.h> 30 31 #include "qaic.h" 32 33 #define SEM_VAL_MASK GENMASK_ULL(11, 0) 34 #define SEM_INDEX_MASK GENMASK_ULL(4, 0) 35 #define BULK_XFER BIT(3) 36 #define GEN_COMPLETION BIT(4) 37 #define INBOUND_XFER 1 38 #define OUTBOUND_XFER 2 39 #define REQHP_OFF 0x0 /* we read this */ 40 #define REQTP_OFF 0x4 /* we write this */ 41 #define RSPHP_OFF 0x8 /* we write this */ 42 #define RSPTP_OFF 0xc /* we read this */ 43 44 #define ENCODE_SEM(val, index, sync, cmd, flags) \ 45 ({ \ 46 FIELD_PREP(GENMASK(11, 0), (val)) | \ 47 FIELD_PREP(GENMASK(20, 16), (index)) | \ 48 FIELD_PREP(BIT(22), (sync)) | \ 49 FIELD_PREP(GENMASK(26, 24), (cmd)) | \ 50 FIELD_PREP(GENMASK(30, 29), (flags)) | \ 51 FIELD_PREP(BIT(31), (cmd) ? 1 : 0); \ 52 }) 53 #define NUM_EVENTS 128 54 #define NUM_DELAYS 10 55 #define fifo_at(base, offset) ((base) + (offset) * get_dbc_req_elem_size()) 56 57 static unsigned int wait_exec_default_timeout_ms = 5000; /* 5 sec default */ 58 module_param(wait_exec_default_timeout_ms, uint, 0600); 59 MODULE_PARM_DESC(wait_exec_default_timeout_ms, "Default timeout for DRM_IOCTL_QAIC_WAIT_BO"); 60 61 static unsigned int datapath_poll_interval_us = 100; /* 100 usec default */ 62 module_param(datapath_poll_interval_us, uint, 0600); 63 MODULE_PARM_DESC(datapath_poll_interval_us, 64 "Amount of time to sleep between activity when datapath polling is enabled"); 65 66 struct dbc_req { 67 /* 68 * A request ID is assigned to each memory handle going in DMA queue. 69 * As a single memory handle can enqueue multiple elements in DMA queue 70 * all of them will have the same request ID. 71 */ 72 __le16 req_id; 73 /* Future use */ 74 __u8 seq_id; 75 /* 76 * Special encoded variable 77 * 7 0 - Do not force to generate MSI after DMA is completed 78 * 1 - Force to generate MSI after DMA is completed 79 * 6:5 Reserved 80 * 4 1 - Generate completion element in the response queue 81 * 0 - No Completion Code 82 * 3 0 - DMA request is a Link list transfer 83 * 1 - DMA request is a Bulk transfer 84 * 2 Reserved 85 * 1:0 00 - No DMA transfer involved 86 * 01 - DMA transfer is part of inbound transfer 87 * 10 - DMA transfer has outbound transfer 88 * 11 - NA 89 */ 90 __u8 cmd; 91 __le32 resv; 92 /* Source address for the transfer */ 93 __le64 src_addr; 94 /* Destination address for the transfer */ 95 __le64 dest_addr; 96 /* Length of transfer request */ 97 __le32 len; 98 __le32 resv2; 99 /* Doorbell address */ 100 __le64 db_addr; 101 /* 102 * Special encoded variable 103 * 7 1 - Doorbell(db) write 104 * 0 - No doorbell write 105 * 6:2 Reserved 106 * 1:0 00 - 32 bit access, db address must be aligned to 32bit-boundary 107 * 01 - 16 bit access, db address must be aligned to 16bit-boundary 108 * 10 - 8 bit access, db address must be aligned to 8bit-boundary 109 * 11 - Reserved 110 */ 111 __u8 db_len; 112 __u8 resv3; 113 __le16 resv4; 114 /* 32 bit data written to doorbell address */ 115 __le32 db_data; 116 /* 117 * Special encoded variable 118 * All the fields of sem_cmdX are passed from user and all are ORed 119 * together to form sem_cmd. 120 * 0:11 Semaphore value 121 * 15:12 Reserved 122 * 20:16 Semaphore index 123 * 21 Reserved 124 * 22 Semaphore Sync 125 * 23 Reserved 126 * 26:24 Semaphore command 127 * 28:27 Reserved 128 * 29 Semaphore DMA out bound sync fence 129 * 30 Semaphore DMA in bound sync fence 130 * 31 Enable semaphore command 131 */ 132 __le32 sem_cmd0; 133 __le32 sem_cmd1; 134 __le32 sem_cmd2; 135 __le32 sem_cmd3; 136 } __packed; 137 138 struct dbc_rsp { 139 /* Request ID of the memory handle whose DMA transaction is completed */ 140 __le16 req_id; 141 /* Status of the DMA transaction. 0 : Success otherwise failure */ 142 __le16 status; 143 } __packed; 144 145 static inline bool bo_queued(struct qaic_bo *bo) 146 { 147 return !list_empty(&bo->xfer_list); 148 } 149 150 inline int get_dbc_req_elem_size(void) 151 { 152 return sizeof(struct dbc_req); 153 } 154 155 inline int get_dbc_rsp_elem_size(void) 156 { 157 return sizeof(struct dbc_rsp); 158 } 159 160 static void free_slice(struct kref *kref) 161 { 162 struct bo_slice *slice = container_of(kref, struct bo_slice, ref_count); 163 164 slice->bo->total_slice_nents -= slice->nents; 165 list_del(&slice->slice); 166 drm_gem_object_put(&slice->bo->base); 167 sg_free_table(slice->sgt); 168 kfree(slice->sgt); 169 kvfree(slice->reqs); 170 kfree(slice); 171 } 172 173 static int clone_range_of_sgt_for_slice(struct qaic_device *qdev, struct sg_table **sgt_out, 174 struct sg_table *sgt_in, u64 size, u64 offset) 175 { 176 struct scatterlist *sg, *sgn, *sgf, *sgl; 177 unsigned int len, nents, offf, offl; 178 struct sg_table *sgt; 179 size_t total_len; 180 int ret, j; 181 182 /* find out number of relevant nents needed for this mem */ 183 total_len = 0; 184 sgf = NULL; 185 sgl = NULL; 186 nents = 0; 187 offf = 0; 188 offl = 0; 189 190 size = size ? size : PAGE_SIZE; 191 for_each_sgtable_dma_sg(sgt_in, sg, j) { 192 len = sg_dma_len(sg); 193 194 if (!len) 195 continue; 196 if (offset >= total_len && offset < total_len + len) { 197 sgf = sg; 198 offf = offset - total_len; 199 } 200 if (sgf) 201 nents++; 202 if (offset + size >= total_len && 203 offset + size <= total_len + len) { 204 sgl = sg; 205 offl = offset + size - total_len; 206 break; 207 } 208 total_len += len; 209 } 210 211 if (!sgf || !sgl) { 212 ret = -EINVAL; 213 goto out; 214 } 215 216 sgt = kzalloc(sizeof(*sgt), GFP_KERNEL); 217 if (!sgt) { 218 ret = -ENOMEM; 219 goto out; 220 } 221 222 ret = sg_alloc_table(sgt, nents, GFP_KERNEL); 223 if (ret) 224 goto free_sgt; 225 226 /* copy relevant sg node and fix page and length */ 227 sgn = sgf; 228 for_each_sgtable_dma_sg(sgt, sg, j) { 229 memcpy(sg, sgn, sizeof(*sg)); 230 if (sgn == sgf) { 231 sg_dma_address(sg) += offf; 232 sg_dma_len(sg) -= offf; 233 sg_set_page(sg, sg_page(sgn), sg_dma_len(sg), offf); 234 } else { 235 offf = 0; 236 } 237 if (sgn == sgl) { 238 sg_dma_len(sg) = offl - offf; 239 sg_set_page(sg, sg_page(sgn), offl - offf, offf); 240 sg_mark_end(sg); 241 break; 242 } 243 sgn = sg_next(sgn); 244 } 245 246 *sgt_out = sgt; 247 return ret; 248 249 free_sgt: 250 kfree(sgt); 251 out: 252 *sgt_out = NULL; 253 return ret; 254 } 255 256 static int encode_reqs(struct qaic_device *qdev, struct bo_slice *slice, 257 struct qaic_attach_slice_entry *req) 258 { 259 __le64 db_addr = cpu_to_le64(req->db_addr); 260 __le32 db_data = cpu_to_le32(req->db_data); 261 struct scatterlist *sg; 262 __u8 cmd = BULK_XFER; 263 int presync_sem; 264 u64 dev_addr; 265 __u8 db_len; 266 int i; 267 268 if (!slice->no_xfer) 269 cmd |= (slice->dir == DMA_TO_DEVICE ? INBOUND_XFER : OUTBOUND_XFER); 270 271 if (req->db_len && !IS_ALIGNED(req->db_addr, req->db_len / 8)) 272 return -EINVAL; 273 274 presync_sem = req->sem0.presync + req->sem1.presync + req->sem2.presync + req->sem3.presync; 275 if (presync_sem > 1) 276 return -EINVAL; 277 278 presync_sem = req->sem0.presync << 0 | req->sem1.presync << 1 | 279 req->sem2.presync << 2 | req->sem3.presync << 3; 280 281 switch (req->db_len) { 282 case 32: 283 db_len = BIT(7); 284 break; 285 case 16: 286 db_len = BIT(7) | 1; 287 break; 288 case 8: 289 db_len = BIT(7) | 2; 290 break; 291 case 0: 292 db_len = 0; /* doorbell is not active for this command */ 293 break; 294 default: 295 return -EINVAL; /* should never hit this */ 296 } 297 298 /* 299 * When we end up splitting up a single request (ie a buf slice) into 300 * multiple DMA requests, we have to manage the sync data carefully. 301 * There can only be one presync sem. That needs to be on every xfer 302 * so that the DMA engine doesn't transfer data before the receiver is 303 * ready. We only do the doorbell and postsync sems after the xfer. 304 * To guarantee previous xfers for the request are complete, we use a 305 * fence. 306 */ 307 dev_addr = req->dev_addr; 308 for_each_sgtable_dma_sg(slice->sgt, sg, i) { 309 slice->reqs[i].cmd = cmd; 310 slice->reqs[i].src_addr = cpu_to_le64(slice->dir == DMA_TO_DEVICE ? 311 sg_dma_address(sg) : dev_addr); 312 slice->reqs[i].dest_addr = cpu_to_le64(slice->dir == DMA_TO_DEVICE ? 313 dev_addr : sg_dma_address(sg)); 314 /* 315 * sg_dma_len(sg) returns size of a DMA segment, maximum DMA 316 * segment size is set to UINT_MAX by qaic and hence return 317 * values of sg_dma_len(sg) can never exceed u32 range. So, 318 * by down sizing we are not corrupting the value. 319 */ 320 slice->reqs[i].len = cpu_to_le32((u32)sg_dma_len(sg)); 321 switch (presync_sem) { 322 case BIT(0): 323 slice->reqs[i].sem_cmd0 = cpu_to_le32(ENCODE_SEM(req->sem0.val, 324 req->sem0.index, 325 req->sem0.presync, 326 req->sem0.cmd, 327 req->sem0.flags)); 328 break; 329 case BIT(1): 330 slice->reqs[i].sem_cmd1 = cpu_to_le32(ENCODE_SEM(req->sem1.val, 331 req->sem1.index, 332 req->sem1.presync, 333 req->sem1.cmd, 334 req->sem1.flags)); 335 break; 336 case BIT(2): 337 slice->reqs[i].sem_cmd2 = cpu_to_le32(ENCODE_SEM(req->sem2.val, 338 req->sem2.index, 339 req->sem2.presync, 340 req->sem2.cmd, 341 req->sem2.flags)); 342 break; 343 case BIT(3): 344 slice->reqs[i].sem_cmd3 = cpu_to_le32(ENCODE_SEM(req->sem3.val, 345 req->sem3.index, 346 req->sem3.presync, 347 req->sem3.cmd, 348 req->sem3.flags)); 349 break; 350 } 351 dev_addr += sg_dma_len(sg); 352 } 353 /* add post transfer stuff to last segment */ 354 i--; 355 slice->reqs[i].cmd |= GEN_COMPLETION; 356 slice->reqs[i].db_addr = db_addr; 357 slice->reqs[i].db_len = db_len; 358 slice->reqs[i].db_data = db_data; 359 /* 360 * Add a fence if we have more than one request going to the hardware 361 * representing the entirety of the user request, and the user request 362 * has no presync condition. 363 * Fences are expensive, so we try to avoid them. We rely on the 364 * hardware behavior to avoid needing one when there is a presync 365 * condition. When a presync exists, all requests for that same 366 * presync will be queued into a fifo. Thus, since we queue the 367 * post xfer activity only on the last request we queue, the hardware 368 * will ensure that the last queued request is processed last, thus 369 * making sure the post xfer activity happens at the right time without 370 * a fence. 371 */ 372 if (i && !presync_sem) 373 req->sem0.flags |= (slice->dir == DMA_TO_DEVICE ? 374 QAIC_SEM_INSYNCFENCE : QAIC_SEM_OUTSYNCFENCE); 375 slice->reqs[i].sem_cmd0 = cpu_to_le32(ENCODE_SEM(req->sem0.val, req->sem0.index, 376 req->sem0.presync, req->sem0.cmd, 377 req->sem0.flags)); 378 slice->reqs[i].sem_cmd1 = cpu_to_le32(ENCODE_SEM(req->sem1.val, req->sem1.index, 379 req->sem1.presync, req->sem1.cmd, 380 req->sem1.flags)); 381 slice->reqs[i].sem_cmd2 = cpu_to_le32(ENCODE_SEM(req->sem2.val, req->sem2.index, 382 req->sem2.presync, req->sem2.cmd, 383 req->sem2.flags)); 384 slice->reqs[i].sem_cmd3 = cpu_to_le32(ENCODE_SEM(req->sem3.val, req->sem3.index, 385 req->sem3.presync, req->sem3.cmd, 386 req->sem3.flags)); 387 388 return 0; 389 } 390 391 static int qaic_map_one_slice(struct qaic_device *qdev, struct qaic_bo *bo, 392 struct qaic_attach_slice_entry *slice_ent) 393 { 394 struct sg_table *sgt = NULL; 395 struct bo_slice *slice; 396 int ret; 397 398 ret = clone_range_of_sgt_for_slice(qdev, &sgt, bo->sgt, slice_ent->size, slice_ent->offset); 399 if (ret) 400 goto out; 401 402 slice = kmalloc(sizeof(*slice), GFP_KERNEL); 403 if (!slice) { 404 ret = -ENOMEM; 405 goto free_sgt; 406 } 407 408 slice->reqs = kvcalloc(sgt->nents, sizeof(*slice->reqs), GFP_KERNEL); 409 if (!slice->reqs) { 410 ret = -ENOMEM; 411 goto free_slice; 412 } 413 414 slice->no_xfer = !slice_ent->size; 415 slice->sgt = sgt; 416 slice->nents = sgt->nents; 417 slice->dir = bo->dir; 418 slice->bo = bo; 419 slice->size = slice_ent->size; 420 slice->offset = slice_ent->offset; 421 422 ret = encode_reqs(qdev, slice, slice_ent); 423 if (ret) 424 goto free_req; 425 426 bo->total_slice_nents += sgt->nents; 427 kref_init(&slice->ref_count); 428 drm_gem_object_get(&bo->base); 429 list_add_tail(&slice->slice, &bo->slices); 430 431 return 0; 432 433 free_req: 434 kvfree(slice->reqs); 435 free_slice: 436 kfree(slice); 437 free_sgt: 438 sg_free_table(sgt); 439 kfree(sgt); 440 out: 441 return ret; 442 } 443 444 static int create_sgt(struct qaic_device *qdev, struct sg_table **sgt_out, u64 size) 445 { 446 struct scatterlist *sg; 447 struct sg_table *sgt; 448 struct page **pages; 449 int *pages_order; 450 int buf_extra; 451 int max_order; 452 int nr_pages; 453 int ret = 0; 454 int i, j, k; 455 int order; 456 457 if (size) { 458 nr_pages = DIV_ROUND_UP(size, PAGE_SIZE); 459 /* 460 * calculate how much extra we are going to allocate, to remove 461 * later 462 */ 463 buf_extra = (PAGE_SIZE - size % PAGE_SIZE) % PAGE_SIZE; 464 max_order = min(MAX_PAGE_ORDER, get_order(size)); 465 } else { 466 /* allocate a single page for book keeping */ 467 nr_pages = 1; 468 buf_extra = 0; 469 max_order = 0; 470 } 471 472 pages = kvmalloc_array(nr_pages, sizeof(*pages) + sizeof(*pages_order), GFP_KERNEL); 473 if (!pages) { 474 ret = -ENOMEM; 475 goto out; 476 } 477 pages_order = (void *)pages + sizeof(*pages) * nr_pages; 478 479 /* 480 * Allocate requested memory using alloc_pages. It is possible to allocate 481 * the requested memory in multiple chunks by calling alloc_pages 482 * multiple times. Use SG table to handle multiple allocated pages. 483 */ 484 i = 0; 485 while (nr_pages > 0) { 486 order = min(get_order(nr_pages * PAGE_SIZE), max_order); 487 while (1) { 488 pages[i] = alloc_pages(GFP_KERNEL | GFP_HIGHUSER | 489 __GFP_NOWARN | __GFP_ZERO | 490 (order ? __GFP_NORETRY : __GFP_RETRY_MAYFAIL), 491 order); 492 if (pages[i]) 493 break; 494 if (!order--) { 495 ret = -ENOMEM; 496 goto free_partial_alloc; 497 } 498 } 499 500 max_order = order; 501 pages_order[i] = order; 502 503 nr_pages -= 1 << order; 504 if (nr_pages <= 0) 505 /* account for over allocation */ 506 buf_extra += abs(nr_pages) * PAGE_SIZE; 507 i++; 508 } 509 510 sgt = kmalloc(sizeof(*sgt), GFP_KERNEL); 511 if (!sgt) { 512 ret = -ENOMEM; 513 goto free_partial_alloc; 514 } 515 516 if (sg_alloc_table(sgt, i, GFP_KERNEL)) { 517 ret = -ENOMEM; 518 goto free_sgt; 519 } 520 521 /* Populate the SG table with the allocated memory pages */ 522 sg = sgt->sgl; 523 for (k = 0; k < i; k++, sg = sg_next(sg)) { 524 /* Last entry requires special handling */ 525 if (k < i - 1) { 526 sg_set_page(sg, pages[k], PAGE_SIZE << pages_order[k], 0); 527 } else { 528 sg_set_page(sg, pages[k], (PAGE_SIZE << pages_order[k]) - buf_extra, 0); 529 sg_mark_end(sg); 530 } 531 } 532 533 kvfree(pages); 534 *sgt_out = sgt; 535 return ret; 536 537 free_sgt: 538 kfree(sgt); 539 free_partial_alloc: 540 for (j = 0; j < i; j++) 541 __free_pages(pages[j], pages_order[j]); 542 kvfree(pages); 543 out: 544 *sgt_out = NULL; 545 return ret; 546 } 547 548 static bool invalid_sem(struct qaic_sem *sem) 549 { 550 if (sem->val & ~SEM_VAL_MASK || sem->index & ~SEM_INDEX_MASK || 551 !(sem->presync == 0 || sem->presync == 1) || sem->pad || 552 sem->flags & ~(QAIC_SEM_INSYNCFENCE | QAIC_SEM_OUTSYNCFENCE) || 553 sem->cmd > QAIC_SEM_WAIT_GT_0) 554 return true; 555 return false; 556 } 557 558 static int qaic_validate_req(struct qaic_device *qdev, struct qaic_attach_slice_entry *slice_ent, 559 u32 count, u64 total_size) 560 { 561 u64 total; 562 int i; 563 564 for (i = 0; i < count; i++) { 565 if (!(slice_ent[i].db_len == 32 || slice_ent[i].db_len == 16 || 566 slice_ent[i].db_len == 8 || slice_ent[i].db_len == 0) || 567 invalid_sem(&slice_ent[i].sem0) || invalid_sem(&slice_ent[i].sem1) || 568 invalid_sem(&slice_ent[i].sem2) || invalid_sem(&slice_ent[i].sem3)) 569 return -EINVAL; 570 571 if (check_add_overflow(slice_ent[i].offset, slice_ent[i].size, &total) || 572 total > total_size) 573 return -EINVAL; 574 } 575 576 return 0; 577 } 578 579 static void qaic_free_sgt(struct sg_table *sgt) 580 { 581 struct scatterlist *sg; 582 583 if (!sgt) 584 return; 585 586 for (sg = sgt->sgl; sg; sg = sg_next(sg)) 587 if (sg_page(sg)) 588 __free_pages(sg_page(sg), get_order(sg->length)); 589 sg_free_table(sgt); 590 kfree(sgt); 591 } 592 593 static void qaic_gem_print_info(struct drm_printer *p, unsigned int indent, 594 const struct drm_gem_object *obj) 595 { 596 struct qaic_bo *bo = to_qaic_bo(obj); 597 598 drm_printf_indent(p, indent, "BO DMA direction %d\n", bo->dir); 599 } 600 601 static const struct vm_operations_struct drm_vm_ops = { 602 .open = drm_gem_vm_open, 603 .close = drm_gem_vm_close, 604 }; 605 606 static int qaic_gem_object_mmap(struct drm_gem_object *obj, struct vm_area_struct *vma) 607 { 608 struct qaic_bo *bo = to_qaic_bo(obj); 609 unsigned long offset = 0; 610 struct scatterlist *sg; 611 int ret = 0; 612 613 if (drm_gem_is_imported(obj)) 614 return -EINVAL; 615 616 for (sg = bo->sgt->sgl; sg; sg = sg_next(sg)) { 617 if (sg_page(sg)) { 618 ret = remap_pfn_range(vma, vma->vm_start + offset, page_to_pfn(sg_page(sg)), 619 sg->length, vma->vm_page_prot); 620 if (ret) 621 goto out; 622 offset += sg->length; 623 } 624 } 625 626 out: 627 return ret; 628 } 629 630 static void qaic_free_object(struct drm_gem_object *obj) 631 { 632 struct qaic_bo *bo = to_qaic_bo(obj); 633 634 if (drm_gem_is_imported(obj)) { 635 /* DMABUF/PRIME Path */ 636 drm_prime_gem_destroy(obj, NULL); 637 } else { 638 /* Private buffer allocation path */ 639 qaic_free_sgt(bo->sgt); 640 } 641 642 mutex_destroy(&bo->lock); 643 drm_gem_object_release(obj); 644 kfree(bo); 645 } 646 647 static struct sg_table *qaic_get_sg_table(struct drm_gem_object *obj) 648 { 649 struct qaic_bo *bo = to_qaic_bo(obj); 650 struct scatterlist *sg, *sg_in; 651 struct sg_table *sgt, *sgt_in; 652 int i; 653 654 sgt_in = bo->sgt; 655 656 sgt = kmalloc(sizeof(*sgt), GFP_KERNEL); 657 if (!sgt) 658 return ERR_PTR(-ENOMEM); 659 660 if (sg_alloc_table(sgt, sgt_in->orig_nents, GFP_KERNEL)) { 661 kfree(sgt); 662 return ERR_PTR(-ENOMEM); 663 } 664 665 sg = sgt->sgl; 666 for_each_sgtable_sg(sgt_in, sg_in, i) { 667 memcpy(sg, sg_in, sizeof(*sg)); 668 sg = sg_next(sg); 669 } 670 671 return sgt; 672 } 673 674 static const struct drm_gem_object_funcs qaic_gem_funcs = { 675 .free = qaic_free_object, 676 .get_sg_table = qaic_get_sg_table, 677 .print_info = qaic_gem_print_info, 678 .mmap = qaic_gem_object_mmap, 679 .vm_ops = &drm_vm_ops, 680 }; 681 682 static void qaic_init_bo(struct qaic_bo *bo, bool reinit) 683 { 684 if (reinit) { 685 bo->sliced = false; 686 reinit_completion(&bo->xfer_done); 687 } else { 688 mutex_init(&bo->lock); 689 init_completion(&bo->xfer_done); 690 } 691 complete_all(&bo->xfer_done); 692 INIT_LIST_HEAD(&bo->slices); 693 INIT_LIST_HEAD(&bo->xfer_list); 694 } 695 696 static struct qaic_bo *qaic_alloc_init_bo(void) 697 { 698 struct qaic_bo *bo; 699 700 bo = kzalloc(sizeof(*bo), GFP_KERNEL); 701 if (!bo) 702 return ERR_PTR(-ENOMEM); 703 704 qaic_init_bo(bo, false); 705 706 return bo; 707 } 708 709 int qaic_create_bo_ioctl(struct drm_device *dev, void *data, struct drm_file *file_priv) 710 { 711 struct qaic_create_bo *args = data; 712 int usr_rcu_id, qdev_rcu_id; 713 struct drm_gem_object *obj; 714 struct qaic_device *qdev; 715 struct qaic_user *usr; 716 struct qaic_bo *bo; 717 size_t size; 718 int ret; 719 720 if (args->pad) 721 return -EINVAL; 722 723 size = PAGE_ALIGN(args->size); 724 if (size == 0) 725 return -EINVAL; 726 727 usr = file_priv->driver_priv; 728 usr_rcu_id = srcu_read_lock(&usr->qddev_lock); 729 if (!usr->qddev) { 730 ret = -ENODEV; 731 goto unlock_usr_srcu; 732 } 733 734 qdev = usr->qddev->qdev; 735 qdev_rcu_id = srcu_read_lock(&qdev->dev_lock); 736 if (qdev->dev_state != QAIC_ONLINE) { 737 ret = -ENODEV; 738 goto unlock_dev_srcu; 739 } 740 741 bo = qaic_alloc_init_bo(); 742 if (IS_ERR(bo)) { 743 ret = PTR_ERR(bo); 744 goto unlock_dev_srcu; 745 } 746 obj = &bo->base; 747 748 drm_gem_private_object_init(dev, obj, size); 749 750 obj->funcs = &qaic_gem_funcs; 751 ret = create_sgt(qdev, &bo->sgt, size); 752 if (ret) 753 goto free_bo; 754 755 ret = drm_gem_create_mmap_offset(obj); 756 if (ret) 757 goto free_bo; 758 759 ret = drm_gem_handle_create(file_priv, obj, &args->handle); 760 if (ret) 761 goto free_bo; 762 763 drm_gem_object_put(obj); 764 srcu_read_unlock(&qdev->dev_lock, qdev_rcu_id); 765 srcu_read_unlock(&usr->qddev_lock, usr_rcu_id); 766 767 return 0; 768 769 free_bo: 770 drm_gem_object_put(obj); 771 unlock_dev_srcu: 772 srcu_read_unlock(&qdev->dev_lock, qdev_rcu_id); 773 unlock_usr_srcu: 774 srcu_read_unlock(&usr->qddev_lock, usr_rcu_id); 775 return ret; 776 } 777 778 int qaic_mmap_bo_ioctl(struct drm_device *dev, void *data, struct drm_file *file_priv) 779 { 780 struct qaic_mmap_bo *args = data; 781 int usr_rcu_id, qdev_rcu_id; 782 struct drm_gem_object *obj; 783 struct qaic_device *qdev; 784 struct qaic_user *usr; 785 int ret = 0; 786 787 usr = file_priv->driver_priv; 788 usr_rcu_id = srcu_read_lock(&usr->qddev_lock); 789 if (!usr->qddev) { 790 ret = -ENODEV; 791 goto unlock_usr_srcu; 792 } 793 794 qdev = usr->qddev->qdev; 795 qdev_rcu_id = srcu_read_lock(&qdev->dev_lock); 796 if (qdev->dev_state != QAIC_ONLINE) { 797 ret = -ENODEV; 798 goto unlock_dev_srcu; 799 } 800 801 obj = drm_gem_object_lookup(file_priv, args->handle); 802 if (!obj) { 803 ret = -ENOENT; 804 goto unlock_dev_srcu; 805 } 806 807 args->offset = drm_vma_node_offset_addr(&obj->vma_node); 808 809 drm_gem_object_put(obj); 810 811 unlock_dev_srcu: 812 srcu_read_unlock(&qdev->dev_lock, qdev_rcu_id); 813 unlock_usr_srcu: 814 srcu_read_unlock(&usr->qddev_lock, usr_rcu_id); 815 return ret; 816 } 817 818 struct drm_gem_object *qaic_gem_prime_import(struct drm_device *dev, struct dma_buf *dma_buf) 819 { 820 struct dma_buf_attachment *attach; 821 struct drm_gem_object *obj; 822 struct qaic_bo *bo; 823 int ret; 824 825 bo = qaic_alloc_init_bo(); 826 if (IS_ERR(bo)) { 827 ret = PTR_ERR(bo); 828 goto out; 829 } 830 831 obj = &bo->base; 832 get_dma_buf(dma_buf); 833 834 attach = dma_buf_attach(dma_buf, dev->dev); 835 if (IS_ERR(attach)) { 836 ret = PTR_ERR(attach); 837 goto attach_fail; 838 } 839 840 if (!attach->dmabuf->size) { 841 ret = -EINVAL; 842 goto size_align_fail; 843 } 844 845 drm_gem_private_object_init(dev, obj, attach->dmabuf->size); 846 /* 847 * skipping dma_buf_map_attachment() as we do not know the direction 848 * just yet. Once the direction is known in the subsequent IOCTL to 849 * attach slicing, we can do it then. 850 */ 851 852 obj->funcs = &qaic_gem_funcs; 853 obj->import_attach = attach; 854 obj->resv = dma_buf->resv; 855 856 return obj; 857 858 size_align_fail: 859 dma_buf_detach(dma_buf, attach); 860 attach_fail: 861 dma_buf_put(dma_buf); 862 kfree(bo); 863 out: 864 return ERR_PTR(ret); 865 } 866 867 static int qaic_prepare_import_bo(struct qaic_bo *bo, struct qaic_attach_slice_hdr *hdr) 868 { 869 struct drm_gem_object *obj = &bo->base; 870 struct sg_table *sgt; 871 int ret; 872 873 sgt = dma_buf_map_attachment(obj->import_attach, hdr->dir); 874 if (IS_ERR(sgt)) { 875 ret = PTR_ERR(sgt); 876 return ret; 877 } 878 879 bo->sgt = sgt; 880 881 return 0; 882 } 883 884 static int qaic_prepare_export_bo(struct qaic_device *qdev, struct qaic_bo *bo, 885 struct qaic_attach_slice_hdr *hdr) 886 { 887 int ret; 888 889 ret = dma_map_sgtable(&qdev->pdev->dev, bo->sgt, hdr->dir, 0); 890 if (ret) 891 return -EFAULT; 892 893 return 0; 894 } 895 896 static int qaic_prepare_bo(struct qaic_device *qdev, struct qaic_bo *bo, 897 struct qaic_attach_slice_hdr *hdr) 898 { 899 int ret; 900 901 if (drm_gem_is_imported(&bo->base)) 902 ret = qaic_prepare_import_bo(bo, hdr); 903 else 904 ret = qaic_prepare_export_bo(qdev, bo, hdr); 905 bo->dir = hdr->dir; 906 bo->dbc = &qdev->dbc[hdr->dbc_id]; 907 bo->nr_slice = hdr->count; 908 909 return ret; 910 } 911 912 static void qaic_unprepare_import_bo(struct qaic_bo *bo) 913 { 914 dma_buf_unmap_attachment(bo->base.import_attach, bo->sgt, bo->dir); 915 bo->sgt = NULL; 916 } 917 918 static void qaic_unprepare_export_bo(struct qaic_device *qdev, struct qaic_bo *bo) 919 { 920 dma_unmap_sgtable(&qdev->pdev->dev, bo->sgt, bo->dir, 0); 921 } 922 923 static void qaic_unprepare_bo(struct qaic_device *qdev, struct qaic_bo *bo) 924 { 925 if (drm_gem_is_imported(&bo->base)) 926 qaic_unprepare_import_bo(bo); 927 else 928 qaic_unprepare_export_bo(qdev, bo); 929 930 bo->dir = 0; 931 bo->dbc = NULL; 932 bo->nr_slice = 0; 933 } 934 935 static void qaic_free_slices_bo(struct qaic_bo *bo) 936 { 937 struct bo_slice *slice, *temp; 938 939 list_for_each_entry_safe(slice, temp, &bo->slices, slice) 940 kref_put(&slice->ref_count, free_slice); 941 if (WARN_ON_ONCE(bo->total_slice_nents != 0)) 942 bo->total_slice_nents = 0; 943 bo->nr_slice = 0; 944 } 945 946 static int qaic_attach_slicing_bo(struct qaic_device *qdev, struct qaic_bo *bo, 947 struct qaic_attach_slice_hdr *hdr, 948 struct qaic_attach_slice_entry *slice_ent) 949 { 950 int ret, i; 951 952 for (i = 0; i < hdr->count; i++) { 953 ret = qaic_map_one_slice(qdev, bo, &slice_ent[i]); 954 if (ret) { 955 qaic_free_slices_bo(bo); 956 return ret; 957 } 958 } 959 960 if (bo->total_slice_nents > bo->dbc->nelem) { 961 qaic_free_slices_bo(bo); 962 return -ENOSPC; 963 } 964 965 return 0; 966 } 967 968 int qaic_attach_slice_bo_ioctl(struct drm_device *dev, void *data, struct drm_file *file_priv) 969 { 970 struct qaic_attach_slice_entry *slice_ent; 971 struct qaic_attach_slice *args = data; 972 int rcu_id, usr_rcu_id, qdev_rcu_id; 973 struct dma_bridge_chan *dbc; 974 struct drm_gem_object *obj; 975 struct qaic_device *qdev; 976 unsigned long arg_size; 977 struct qaic_user *usr; 978 u8 __user *user_data; 979 struct qaic_bo *bo; 980 int ret; 981 982 if (args->hdr.count == 0) 983 return -EINVAL; 984 985 arg_size = args->hdr.count * sizeof(*slice_ent); 986 if (arg_size / args->hdr.count != sizeof(*slice_ent)) 987 return -EINVAL; 988 989 if (!(args->hdr.dir == DMA_TO_DEVICE || args->hdr.dir == DMA_FROM_DEVICE)) 990 return -EINVAL; 991 992 if (args->data == 0) 993 return -EINVAL; 994 995 usr = file_priv->driver_priv; 996 usr_rcu_id = srcu_read_lock(&usr->qddev_lock); 997 if (!usr->qddev) { 998 ret = -ENODEV; 999 goto unlock_usr_srcu; 1000 } 1001 1002 qdev = usr->qddev->qdev; 1003 qdev_rcu_id = srcu_read_lock(&qdev->dev_lock); 1004 if (qdev->dev_state != QAIC_ONLINE) { 1005 ret = -ENODEV; 1006 goto unlock_dev_srcu; 1007 } 1008 1009 if (args->hdr.dbc_id >= qdev->num_dbc) { 1010 ret = -EINVAL; 1011 goto unlock_dev_srcu; 1012 } 1013 1014 user_data = u64_to_user_ptr(args->data); 1015 1016 slice_ent = memdup_user(user_data, arg_size); 1017 if (IS_ERR(slice_ent)) { 1018 ret = PTR_ERR(slice_ent); 1019 goto unlock_dev_srcu; 1020 } 1021 1022 obj = drm_gem_object_lookup(file_priv, args->hdr.handle); 1023 if (!obj) { 1024 ret = -ENOENT; 1025 goto free_slice_ent; 1026 } 1027 1028 ret = qaic_validate_req(qdev, slice_ent, args->hdr.count, obj->size); 1029 if (ret) 1030 goto put_bo; 1031 1032 bo = to_qaic_bo(obj); 1033 ret = mutex_lock_interruptible(&bo->lock); 1034 if (ret) 1035 goto put_bo; 1036 1037 if (bo->sliced) { 1038 ret = -EINVAL; 1039 goto unlock_bo; 1040 } 1041 1042 dbc = &qdev->dbc[args->hdr.dbc_id]; 1043 rcu_id = srcu_read_lock(&dbc->ch_lock); 1044 if (dbc->usr != usr) { 1045 ret = -EINVAL; 1046 goto unlock_ch_srcu; 1047 } 1048 1049 ret = qaic_prepare_bo(qdev, bo, &args->hdr); 1050 if (ret) 1051 goto unlock_ch_srcu; 1052 1053 ret = qaic_attach_slicing_bo(qdev, bo, &args->hdr, slice_ent); 1054 if (ret) 1055 goto unprepare_bo; 1056 1057 if (args->hdr.dir == DMA_TO_DEVICE) 1058 dma_sync_sgtable_for_cpu(&qdev->pdev->dev, bo->sgt, args->hdr.dir); 1059 1060 bo->sliced = true; 1061 list_add_tail(&bo->bo_list, &bo->dbc->bo_lists); 1062 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1063 mutex_unlock(&bo->lock); 1064 kfree(slice_ent); 1065 srcu_read_unlock(&qdev->dev_lock, qdev_rcu_id); 1066 srcu_read_unlock(&usr->qddev_lock, usr_rcu_id); 1067 1068 return 0; 1069 1070 unprepare_bo: 1071 qaic_unprepare_bo(qdev, bo); 1072 unlock_ch_srcu: 1073 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1074 unlock_bo: 1075 mutex_unlock(&bo->lock); 1076 put_bo: 1077 drm_gem_object_put(obj); 1078 free_slice_ent: 1079 kfree(slice_ent); 1080 unlock_dev_srcu: 1081 srcu_read_unlock(&qdev->dev_lock, qdev_rcu_id); 1082 unlock_usr_srcu: 1083 srcu_read_unlock(&usr->qddev_lock, usr_rcu_id); 1084 return ret; 1085 } 1086 1087 static inline u32 fifo_space_avail(u32 head, u32 tail, u32 q_size) 1088 { 1089 u32 avail = head - tail - 1; 1090 1091 if (head <= tail) 1092 avail += q_size; 1093 1094 return avail; 1095 } 1096 1097 static inline int copy_exec_reqs(struct qaic_device *qdev, struct bo_slice *slice, u32 dbc_id, 1098 u32 head, u32 *ptail) 1099 { 1100 struct dma_bridge_chan *dbc = &qdev->dbc[dbc_id]; 1101 struct dbc_req *reqs = slice->reqs; 1102 u32 tail = *ptail; 1103 u32 avail; 1104 1105 avail = fifo_space_avail(head, tail, dbc->nelem); 1106 if (avail < slice->nents) 1107 return -EAGAIN; 1108 1109 if (tail + slice->nents > dbc->nelem) { 1110 avail = dbc->nelem - tail; 1111 avail = min_t(u32, avail, slice->nents); 1112 memcpy(fifo_at(dbc->req_q_base, tail), reqs, sizeof(*reqs) * avail); 1113 reqs += avail; 1114 avail = slice->nents - avail; 1115 if (avail) 1116 memcpy(dbc->req_q_base, reqs, sizeof(*reqs) * avail); 1117 } else { 1118 memcpy(fifo_at(dbc->req_q_base, tail), reqs, sizeof(*reqs) * slice->nents); 1119 } 1120 1121 *ptail = (tail + slice->nents) % dbc->nelem; 1122 1123 return 0; 1124 } 1125 1126 static inline int copy_partial_exec_reqs(struct qaic_device *qdev, struct bo_slice *slice, 1127 u64 resize, struct dma_bridge_chan *dbc, u32 head, 1128 u32 *ptail) 1129 { 1130 struct dbc_req *reqs = slice->reqs; 1131 struct dbc_req *last_req; 1132 u32 tail = *ptail; 1133 u64 last_bytes; 1134 u32 first_n; 1135 u32 avail; 1136 1137 avail = fifo_space_avail(head, tail, dbc->nelem); 1138 1139 /* 1140 * After this for loop is complete, first_n represents the index 1141 * of the last DMA request of this slice that needs to be 1142 * transferred after resizing and last_bytes represents DMA size 1143 * of that request. 1144 */ 1145 last_bytes = resize; 1146 for (first_n = 0; first_n < slice->nents; first_n++) 1147 if (last_bytes > le32_to_cpu(reqs[first_n].len)) 1148 last_bytes -= le32_to_cpu(reqs[first_n].len); 1149 else 1150 break; 1151 1152 if (avail < (first_n + 1)) 1153 return -EAGAIN; 1154 1155 if (first_n) { 1156 if (tail + first_n > dbc->nelem) { 1157 avail = dbc->nelem - tail; 1158 avail = min_t(u32, avail, first_n); 1159 memcpy(fifo_at(dbc->req_q_base, tail), reqs, sizeof(*reqs) * avail); 1160 last_req = reqs + avail; 1161 avail = first_n - avail; 1162 if (avail) 1163 memcpy(dbc->req_q_base, last_req, sizeof(*reqs) * avail); 1164 } else { 1165 memcpy(fifo_at(dbc->req_q_base, tail), reqs, sizeof(*reqs) * first_n); 1166 } 1167 } 1168 1169 /* 1170 * Copy over the last entry. Here we need to adjust len to the left over 1171 * size, and set src and dst to the entry it is copied to. 1172 */ 1173 last_req = fifo_at(dbc->req_q_base, (tail + first_n) % dbc->nelem); 1174 memcpy(last_req, reqs + slice->nents - 1, sizeof(*reqs)); 1175 1176 /* 1177 * last_bytes holds size of a DMA segment, maximum DMA segment size is 1178 * set to UINT_MAX by qaic and hence last_bytes can never exceed u32 1179 * range. So, by down sizing we are not corrupting the value. 1180 */ 1181 last_req->len = cpu_to_le32((u32)last_bytes); 1182 last_req->src_addr = reqs[first_n].src_addr; 1183 last_req->dest_addr = reqs[first_n].dest_addr; 1184 if (!last_bytes) 1185 /* Disable DMA transfer */ 1186 last_req->cmd = GENMASK(7, 2) & reqs[first_n].cmd; 1187 1188 *ptail = (tail + first_n + 1) % dbc->nelem; 1189 1190 return 0; 1191 } 1192 1193 static int send_bo_list_to_device(struct qaic_device *qdev, struct drm_file *file_priv, 1194 struct qaic_execute_entry *exec, unsigned int count, 1195 bool is_partial, struct dma_bridge_chan *dbc, u32 head, 1196 u32 *tail) 1197 { 1198 struct qaic_partial_execute_entry *pexec = (struct qaic_partial_execute_entry *)exec; 1199 struct drm_gem_object *obj; 1200 struct bo_slice *slice; 1201 unsigned long flags; 1202 struct qaic_bo *bo; 1203 int i, j; 1204 int ret; 1205 1206 for (i = 0; i < count; i++) { 1207 /* 1208 * ref count will be decremented when the transfer of this 1209 * buffer is complete. It is inside dbc_irq_threaded_fn(). 1210 */ 1211 obj = drm_gem_object_lookup(file_priv, 1212 is_partial ? pexec[i].handle : exec[i].handle); 1213 if (!obj) { 1214 ret = -ENOENT; 1215 goto failed_to_send_bo; 1216 } 1217 1218 bo = to_qaic_bo(obj); 1219 ret = mutex_lock_interruptible(&bo->lock); 1220 if (ret) 1221 goto failed_to_send_bo; 1222 1223 if (!bo->sliced) { 1224 ret = -EINVAL; 1225 goto unlock_bo; 1226 } 1227 1228 if (is_partial && pexec[i].resize > bo->base.size) { 1229 ret = -EINVAL; 1230 goto unlock_bo; 1231 } 1232 1233 spin_lock_irqsave(&dbc->xfer_lock, flags); 1234 if (bo_queued(bo)) { 1235 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1236 ret = -EINVAL; 1237 goto unlock_bo; 1238 } 1239 1240 bo->req_id = dbc->next_req_id++; 1241 1242 list_for_each_entry(slice, &bo->slices, slice) { 1243 for (j = 0; j < slice->nents; j++) 1244 slice->reqs[j].req_id = cpu_to_le16(bo->req_id); 1245 1246 if (is_partial && (!pexec[i].resize || pexec[i].resize <= slice->offset)) 1247 /* Configure the slice for no DMA transfer */ 1248 ret = copy_partial_exec_reqs(qdev, slice, 0, dbc, head, tail); 1249 else if (is_partial && pexec[i].resize < slice->offset + slice->size) 1250 /* Configure the slice to be partially DMA transferred */ 1251 ret = copy_partial_exec_reqs(qdev, slice, 1252 pexec[i].resize - slice->offset, dbc, 1253 head, tail); 1254 else 1255 ret = copy_exec_reqs(qdev, slice, dbc->id, head, tail); 1256 if (ret) { 1257 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1258 goto unlock_bo; 1259 } 1260 } 1261 reinit_completion(&bo->xfer_done); 1262 list_add_tail(&bo->xfer_list, &dbc->xfer_list); 1263 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1264 dma_sync_sgtable_for_device(&qdev->pdev->dev, bo->sgt, bo->dir); 1265 mutex_unlock(&bo->lock); 1266 } 1267 1268 return 0; 1269 1270 unlock_bo: 1271 mutex_unlock(&bo->lock); 1272 failed_to_send_bo: 1273 if (likely(obj)) 1274 drm_gem_object_put(obj); 1275 for (j = 0; j < i; j++) { 1276 spin_lock_irqsave(&dbc->xfer_lock, flags); 1277 bo = list_last_entry(&dbc->xfer_list, struct qaic_bo, xfer_list); 1278 obj = &bo->base; 1279 list_del_init(&bo->xfer_list); 1280 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1281 dma_sync_sgtable_for_cpu(&qdev->pdev->dev, bo->sgt, bo->dir); 1282 drm_gem_object_put(obj); 1283 } 1284 return ret; 1285 } 1286 1287 static void update_profiling_data(struct drm_file *file_priv, 1288 struct qaic_execute_entry *exec, unsigned int count, 1289 bool is_partial, u64 received_ts, u64 submit_ts, u32 queue_level) 1290 { 1291 struct qaic_partial_execute_entry *pexec = (struct qaic_partial_execute_entry *)exec; 1292 struct drm_gem_object *obj; 1293 struct qaic_bo *bo; 1294 int i; 1295 1296 for (i = 0; i < count; i++) { 1297 /* 1298 * Since we already committed the BO to hardware, the only way 1299 * this should fail is a pending signal. We can't cancel the 1300 * submit to hardware, so we have to just skip the profiling 1301 * data. In case the signal is not fatal to the process, we 1302 * return success so that the user doesn't try to resubmit. 1303 */ 1304 obj = drm_gem_object_lookup(file_priv, 1305 is_partial ? pexec[i].handle : exec[i].handle); 1306 if (!obj) 1307 break; 1308 bo = to_qaic_bo(obj); 1309 bo->perf_stats.req_received_ts = received_ts; 1310 bo->perf_stats.req_submit_ts = submit_ts; 1311 bo->perf_stats.queue_level_before = queue_level; 1312 queue_level += bo->total_slice_nents; 1313 drm_gem_object_put(obj); 1314 } 1315 } 1316 1317 static int __qaic_execute_bo_ioctl(struct drm_device *dev, void *data, struct drm_file *file_priv, 1318 bool is_partial) 1319 { 1320 struct qaic_execute *args = data; 1321 struct qaic_execute_entry *exec; 1322 struct dma_bridge_chan *dbc; 1323 int usr_rcu_id, qdev_rcu_id; 1324 struct qaic_device *qdev; 1325 struct qaic_user *usr; 1326 u64 received_ts; 1327 u32 queue_level; 1328 u64 submit_ts; 1329 int rcu_id; 1330 u32 head; 1331 u32 tail; 1332 u64 size; 1333 int ret; 1334 1335 received_ts = ktime_get_ns(); 1336 1337 size = is_partial ? sizeof(struct qaic_partial_execute_entry) : sizeof(*exec); 1338 if (args->hdr.count == 0) 1339 return -EINVAL; 1340 1341 exec = memdup_array_user(u64_to_user_ptr(args->data), args->hdr.count, size); 1342 if (IS_ERR(exec)) 1343 return PTR_ERR(exec); 1344 1345 usr = file_priv->driver_priv; 1346 usr_rcu_id = srcu_read_lock(&usr->qddev_lock); 1347 if (!usr->qddev) { 1348 ret = -ENODEV; 1349 goto unlock_usr_srcu; 1350 } 1351 1352 qdev = usr->qddev->qdev; 1353 qdev_rcu_id = srcu_read_lock(&qdev->dev_lock); 1354 if (qdev->dev_state != QAIC_ONLINE) { 1355 ret = -ENODEV; 1356 goto unlock_dev_srcu; 1357 } 1358 1359 if (args->hdr.dbc_id >= qdev->num_dbc) { 1360 ret = -EINVAL; 1361 goto unlock_dev_srcu; 1362 } 1363 1364 dbc = &qdev->dbc[args->hdr.dbc_id]; 1365 1366 rcu_id = srcu_read_lock(&dbc->ch_lock); 1367 if (!dbc->usr || dbc->usr->handle != usr->handle) { 1368 ret = -EPERM; 1369 goto release_ch_rcu; 1370 } 1371 1372 head = readl(dbc->dbc_base + REQHP_OFF); 1373 tail = readl(dbc->dbc_base + REQTP_OFF); 1374 1375 if (head == U32_MAX || tail == U32_MAX) { 1376 /* PCI link error */ 1377 ret = -ENODEV; 1378 goto release_ch_rcu; 1379 } 1380 1381 queue_level = head <= tail ? tail - head : dbc->nelem - (head - tail); 1382 1383 ret = send_bo_list_to_device(qdev, file_priv, exec, args->hdr.count, is_partial, dbc, 1384 head, &tail); 1385 if (ret) 1386 goto release_ch_rcu; 1387 1388 /* Finalize commit to hardware */ 1389 submit_ts = ktime_get_ns(); 1390 writel(tail, dbc->dbc_base + REQTP_OFF); 1391 1392 update_profiling_data(file_priv, exec, args->hdr.count, is_partial, received_ts, 1393 submit_ts, queue_level); 1394 1395 if (datapath_polling) 1396 schedule_work(&dbc->poll_work); 1397 1398 release_ch_rcu: 1399 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1400 unlock_dev_srcu: 1401 srcu_read_unlock(&qdev->dev_lock, qdev_rcu_id); 1402 unlock_usr_srcu: 1403 srcu_read_unlock(&usr->qddev_lock, usr_rcu_id); 1404 kfree(exec); 1405 return ret; 1406 } 1407 1408 int qaic_execute_bo_ioctl(struct drm_device *dev, void *data, struct drm_file *file_priv) 1409 { 1410 return __qaic_execute_bo_ioctl(dev, data, file_priv, false); 1411 } 1412 1413 int qaic_partial_execute_bo_ioctl(struct drm_device *dev, void *data, struct drm_file *file_priv) 1414 { 1415 return __qaic_execute_bo_ioctl(dev, data, file_priv, true); 1416 } 1417 1418 /* 1419 * Our interrupt handling is a bit more complicated than a simple ideal, but 1420 * sadly necessary. 1421 * 1422 * Each dbc has a completion queue. Entries in the queue correspond to DMA 1423 * requests which the device has processed. The hardware already has a built 1424 * in irq mitigation. When the device puts an entry into the queue, it will 1425 * only trigger an interrupt if the queue was empty. Therefore, when adding 1426 * the Nth event to a non-empty queue, the hardware doesn't trigger an 1427 * interrupt. This means the host doesn't get additional interrupts signaling 1428 * the same thing - the queue has something to process. 1429 * This behavior can be overridden in the DMA request. 1430 * This means that when the host receives an interrupt, it is required to 1431 * drain the queue. 1432 * 1433 * This behavior is what NAPI attempts to accomplish, although we can't use 1434 * NAPI as we don't have a netdev. We use threaded irqs instead. 1435 * 1436 * However, there is a situation where the host drains the queue fast enough 1437 * that every event causes an interrupt. Typically this is not a problem as 1438 * the rate of events would be low. However, that is not the case with 1439 * lprnet for example. On an Intel Xeon D-2191 where we run 8 instances of 1440 * lprnet, the host receives roughly 80k interrupts per second from the device 1441 * (per /proc/interrupts). While NAPI documentation indicates the host should 1442 * just chug along, sadly that behavior causes instability in some hosts. 1443 * 1444 * Therefore, we implement an interrupt disable scheme similar to NAPI. The 1445 * key difference is that we will delay after draining the queue for a small 1446 * time to allow additional events to come in via polling. Using the above 1447 * lprnet workload, this reduces the number of interrupts processed from 1448 * ~80k/sec to about 64 in 5 minutes and appears to solve the system 1449 * instability. 1450 */ 1451 irqreturn_t dbc_irq_handler(int irq, void *data) 1452 { 1453 struct dma_bridge_chan *dbc = data; 1454 int rcu_id; 1455 u32 head; 1456 u32 tail; 1457 1458 rcu_id = srcu_read_lock(&dbc->ch_lock); 1459 1460 if (datapath_polling) { 1461 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1462 /* 1463 * Normally datapath_polling will not have irqs enabled, but 1464 * when running with only one MSI the interrupt is shared with 1465 * MHI so it cannot be disabled. Return ASAP instead. 1466 */ 1467 return IRQ_HANDLED; 1468 } 1469 1470 if (!dbc->usr) { 1471 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1472 return IRQ_HANDLED; 1473 } 1474 1475 head = readl(dbc->dbc_base + RSPHP_OFF); 1476 if (head == U32_MAX) { /* PCI link error */ 1477 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1478 return IRQ_NONE; 1479 } 1480 1481 tail = readl(dbc->dbc_base + RSPTP_OFF); 1482 if (tail == U32_MAX) { /* PCI link error */ 1483 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1484 return IRQ_NONE; 1485 } 1486 1487 if (head == tail) { /* queue empty */ 1488 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1489 return IRQ_NONE; 1490 } 1491 1492 if (!dbc->qdev->single_msi) 1493 disable_irq_nosync(irq); 1494 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1495 return IRQ_WAKE_THREAD; 1496 } 1497 1498 void irq_polling_work(struct work_struct *work) 1499 { 1500 struct dma_bridge_chan *dbc = container_of(work, struct dma_bridge_chan, poll_work); 1501 unsigned long flags; 1502 int rcu_id; 1503 u32 head; 1504 u32 tail; 1505 1506 rcu_id = srcu_read_lock(&dbc->ch_lock); 1507 1508 while (1) { 1509 if (dbc->qdev->dev_state != QAIC_ONLINE) { 1510 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1511 return; 1512 } 1513 if (!dbc->usr) { 1514 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1515 return; 1516 } 1517 spin_lock_irqsave(&dbc->xfer_lock, flags); 1518 if (list_empty(&dbc->xfer_list)) { 1519 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1520 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1521 return; 1522 } 1523 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1524 1525 head = readl(dbc->dbc_base + RSPHP_OFF); 1526 if (head == U32_MAX) { /* PCI link error */ 1527 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1528 return; 1529 } 1530 1531 tail = readl(dbc->dbc_base + RSPTP_OFF); 1532 if (tail == U32_MAX) { /* PCI link error */ 1533 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1534 return; 1535 } 1536 1537 if (head != tail) { 1538 irq_wake_thread(dbc->irq, dbc); 1539 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1540 return; 1541 } 1542 1543 cond_resched(); 1544 usleep_range(datapath_poll_interval_us, 2 * datapath_poll_interval_us); 1545 } 1546 } 1547 1548 irqreturn_t dbc_irq_threaded_fn(int irq, void *data) 1549 { 1550 struct dma_bridge_chan *dbc = data; 1551 int event_count = NUM_EVENTS; 1552 int delay_count = NUM_DELAYS; 1553 struct qaic_device *qdev; 1554 struct qaic_bo *bo, *i; 1555 struct dbc_rsp *rsp; 1556 unsigned long flags; 1557 int rcu_id; 1558 u16 status; 1559 u16 req_id; 1560 u32 head; 1561 u32 tail; 1562 1563 rcu_id = srcu_read_lock(&dbc->ch_lock); 1564 qdev = dbc->qdev; 1565 1566 head = readl(dbc->dbc_base + RSPHP_OFF); 1567 if (head == U32_MAX) /* PCI link error */ 1568 goto error_out; 1569 1570 read_fifo: 1571 1572 if (!event_count) { 1573 event_count = NUM_EVENTS; 1574 cond_resched(); 1575 } 1576 1577 /* 1578 * if this channel isn't assigned or gets unassigned during processing 1579 * we have nothing further to do 1580 */ 1581 if (!dbc->usr) 1582 goto error_out; 1583 1584 tail = readl(dbc->dbc_base + RSPTP_OFF); 1585 if (tail == U32_MAX) /* PCI link error */ 1586 goto error_out; 1587 1588 if (head == tail) { /* queue empty */ 1589 if (delay_count) { 1590 --delay_count; 1591 usleep_range(100, 200); 1592 goto read_fifo; /* check for a new event */ 1593 } 1594 goto normal_out; 1595 } 1596 1597 delay_count = NUM_DELAYS; 1598 while (head != tail) { 1599 if (!event_count) 1600 break; 1601 --event_count; 1602 rsp = dbc->rsp_q_base + head * sizeof(*rsp); 1603 req_id = le16_to_cpu(rsp->req_id); 1604 status = le16_to_cpu(rsp->status); 1605 if (status) 1606 pci_dbg(qdev->pdev, "req_id %d failed with status %d\n", req_id, status); 1607 spin_lock_irqsave(&dbc->xfer_lock, flags); 1608 /* 1609 * A BO can receive multiple interrupts, since a BO can be 1610 * divided into multiple slices and a buffer receives as many 1611 * interrupts as slices. So until it receives interrupts for 1612 * all the slices we cannot mark that buffer complete. 1613 */ 1614 list_for_each_entry_safe(bo, i, &dbc->xfer_list, xfer_list) { 1615 if (bo->req_id == req_id) 1616 bo->nr_slice_xfer_done++; 1617 else 1618 continue; 1619 1620 if (bo->nr_slice_xfer_done < bo->nr_slice) 1621 break; 1622 1623 /* 1624 * At this point we have received all the interrupts for 1625 * BO, which means BO execution is complete. 1626 */ 1627 dma_sync_sgtable_for_cpu(&qdev->pdev->dev, bo->sgt, bo->dir); 1628 bo->nr_slice_xfer_done = 0; 1629 list_del_init(&bo->xfer_list); 1630 bo->perf_stats.req_processed_ts = ktime_get_ns(); 1631 complete_all(&bo->xfer_done); 1632 drm_gem_object_put(&bo->base); 1633 break; 1634 } 1635 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1636 head = (head + 1) % dbc->nelem; 1637 } 1638 1639 /* 1640 * Update the head pointer of response queue and let the device know 1641 * that we have consumed elements from the queue. 1642 */ 1643 writel(head, dbc->dbc_base + RSPHP_OFF); 1644 1645 /* elements might have been put in the queue while we were processing */ 1646 goto read_fifo; 1647 1648 normal_out: 1649 if (!qdev->single_msi && likely(!datapath_polling)) 1650 enable_irq(irq); 1651 else if (unlikely(datapath_polling)) 1652 schedule_work(&dbc->poll_work); 1653 /* checking the fifo and enabling irqs is a race, missed event check */ 1654 tail = readl(dbc->dbc_base + RSPTP_OFF); 1655 if (tail != U32_MAX && head != tail) { 1656 if (!qdev->single_msi && likely(!datapath_polling)) 1657 disable_irq_nosync(irq); 1658 goto read_fifo; 1659 } 1660 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1661 return IRQ_HANDLED; 1662 1663 error_out: 1664 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1665 if (!qdev->single_msi && likely(!datapath_polling)) 1666 enable_irq(irq); 1667 else if (unlikely(datapath_polling)) 1668 schedule_work(&dbc->poll_work); 1669 1670 return IRQ_HANDLED; 1671 } 1672 1673 int qaic_wait_bo_ioctl(struct drm_device *dev, void *data, struct drm_file *file_priv) 1674 { 1675 struct qaic_wait *args = data; 1676 int usr_rcu_id, qdev_rcu_id; 1677 struct dma_bridge_chan *dbc; 1678 struct drm_gem_object *obj; 1679 struct qaic_device *qdev; 1680 unsigned long timeout; 1681 struct qaic_user *usr; 1682 struct qaic_bo *bo; 1683 int rcu_id; 1684 int ret; 1685 1686 if (args->pad != 0) 1687 return -EINVAL; 1688 1689 usr = file_priv->driver_priv; 1690 usr_rcu_id = srcu_read_lock(&usr->qddev_lock); 1691 if (!usr->qddev) { 1692 ret = -ENODEV; 1693 goto unlock_usr_srcu; 1694 } 1695 1696 qdev = usr->qddev->qdev; 1697 qdev_rcu_id = srcu_read_lock(&qdev->dev_lock); 1698 if (qdev->dev_state != QAIC_ONLINE) { 1699 ret = -ENODEV; 1700 goto unlock_dev_srcu; 1701 } 1702 1703 if (args->dbc_id >= qdev->num_dbc) { 1704 ret = -EINVAL; 1705 goto unlock_dev_srcu; 1706 } 1707 1708 dbc = &qdev->dbc[args->dbc_id]; 1709 1710 rcu_id = srcu_read_lock(&dbc->ch_lock); 1711 if (dbc->usr != usr) { 1712 ret = -EPERM; 1713 goto unlock_ch_srcu; 1714 } 1715 1716 obj = drm_gem_object_lookup(file_priv, args->handle); 1717 if (!obj) { 1718 ret = -ENOENT; 1719 goto unlock_ch_srcu; 1720 } 1721 1722 bo = to_qaic_bo(obj); 1723 timeout = args->timeout ? args->timeout : wait_exec_default_timeout_ms; 1724 timeout = msecs_to_jiffies(timeout); 1725 ret = wait_for_completion_interruptible_timeout(&bo->xfer_done, timeout); 1726 if (!ret) { 1727 ret = -ETIMEDOUT; 1728 goto put_obj; 1729 } 1730 if (ret > 0) 1731 ret = 0; 1732 1733 if (!dbc->usr) 1734 ret = -EPERM; 1735 1736 put_obj: 1737 drm_gem_object_put(obj); 1738 unlock_ch_srcu: 1739 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1740 unlock_dev_srcu: 1741 srcu_read_unlock(&qdev->dev_lock, qdev_rcu_id); 1742 unlock_usr_srcu: 1743 srcu_read_unlock(&usr->qddev_lock, usr_rcu_id); 1744 return ret; 1745 } 1746 1747 int qaic_perf_stats_bo_ioctl(struct drm_device *dev, void *data, struct drm_file *file_priv) 1748 { 1749 struct qaic_perf_stats_entry *ent = NULL; 1750 struct qaic_perf_stats *args = data; 1751 int usr_rcu_id, qdev_rcu_id; 1752 struct drm_gem_object *obj; 1753 struct qaic_device *qdev; 1754 struct qaic_user *usr; 1755 struct qaic_bo *bo; 1756 int ret = 0; 1757 int i; 1758 1759 usr = file_priv->driver_priv; 1760 usr_rcu_id = srcu_read_lock(&usr->qddev_lock); 1761 if (!usr->qddev) { 1762 ret = -ENODEV; 1763 goto unlock_usr_srcu; 1764 } 1765 1766 qdev = usr->qddev->qdev; 1767 qdev_rcu_id = srcu_read_lock(&qdev->dev_lock); 1768 if (qdev->dev_state != QAIC_ONLINE) { 1769 ret = -ENODEV; 1770 goto unlock_dev_srcu; 1771 } 1772 1773 if (args->hdr.dbc_id >= qdev->num_dbc) { 1774 ret = -EINVAL; 1775 goto unlock_dev_srcu; 1776 } 1777 1778 ent = memdup_array_user(u64_to_user_ptr(args->data), args->hdr.count, sizeof(*ent)); 1779 if (IS_ERR(ent)) { 1780 ret = PTR_ERR(ent); 1781 goto unlock_dev_srcu; 1782 } 1783 1784 for (i = 0; i < args->hdr.count; i++) { 1785 obj = drm_gem_object_lookup(file_priv, ent[i].handle); 1786 if (!obj) { 1787 ret = -ENOENT; 1788 goto free_ent; 1789 } 1790 bo = to_qaic_bo(obj); 1791 /* 1792 * perf stats ioctl is called before wait ioctl is complete then 1793 * the latency information is invalid. 1794 */ 1795 if (bo->perf_stats.req_processed_ts < bo->perf_stats.req_submit_ts) { 1796 ent[i].device_latency_us = 0; 1797 } else { 1798 ent[i].device_latency_us = div_u64((bo->perf_stats.req_processed_ts - 1799 bo->perf_stats.req_submit_ts), 1000); 1800 } 1801 ent[i].submit_latency_us = div_u64((bo->perf_stats.req_submit_ts - 1802 bo->perf_stats.req_received_ts), 1000); 1803 ent[i].queue_level_before = bo->perf_stats.queue_level_before; 1804 ent[i].num_queue_element = bo->total_slice_nents; 1805 drm_gem_object_put(obj); 1806 } 1807 1808 if (copy_to_user(u64_to_user_ptr(args->data), ent, args->hdr.count * sizeof(*ent))) 1809 ret = -EFAULT; 1810 1811 free_ent: 1812 kfree(ent); 1813 unlock_dev_srcu: 1814 srcu_read_unlock(&qdev->dev_lock, qdev_rcu_id); 1815 unlock_usr_srcu: 1816 srcu_read_unlock(&usr->qddev_lock, usr_rcu_id); 1817 return ret; 1818 } 1819 1820 static void detach_slice_bo(struct qaic_device *qdev, struct qaic_bo *bo) 1821 { 1822 qaic_free_slices_bo(bo); 1823 qaic_unprepare_bo(qdev, bo); 1824 qaic_init_bo(bo, true); 1825 list_del(&bo->bo_list); 1826 drm_gem_object_put(&bo->base); 1827 } 1828 1829 int qaic_detach_slice_bo_ioctl(struct drm_device *dev, void *data, struct drm_file *file_priv) 1830 { 1831 struct qaic_detach_slice *args = data; 1832 int rcu_id, usr_rcu_id, qdev_rcu_id; 1833 struct dma_bridge_chan *dbc; 1834 struct drm_gem_object *obj; 1835 struct qaic_device *qdev; 1836 struct qaic_user *usr; 1837 unsigned long flags; 1838 struct qaic_bo *bo; 1839 int ret; 1840 1841 if (args->pad != 0) 1842 return -EINVAL; 1843 1844 usr = file_priv->driver_priv; 1845 usr_rcu_id = srcu_read_lock(&usr->qddev_lock); 1846 if (!usr->qddev) { 1847 ret = -ENODEV; 1848 goto unlock_usr_srcu; 1849 } 1850 1851 qdev = usr->qddev->qdev; 1852 qdev_rcu_id = srcu_read_lock(&qdev->dev_lock); 1853 if (qdev->dev_state != QAIC_ONLINE) { 1854 ret = -ENODEV; 1855 goto unlock_dev_srcu; 1856 } 1857 1858 obj = drm_gem_object_lookup(file_priv, args->handle); 1859 if (!obj) { 1860 ret = -ENOENT; 1861 goto unlock_dev_srcu; 1862 } 1863 1864 bo = to_qaic_bo(obj); 1865 ret = mutex_lock_interruptible(&bo->lock); 1866 if (ret) 1867 goto put_bo; 1868 1869 if (!bo->sliced) { 1870 ret = -EINVAL; 1871 goto unlock_bo; 1872 } 1873 1874 dbc = bo->dbc; 1875 rcu_id = srcu_read_lock(&dbc->ch_lock); 1876 if (dbc->usr != usr) { 1877 ret = -EINVAL; 1878 goto unlock_ch_srcu; 1879 } 1880 1881 /* Check if BO is committed to H/W for DMA */ 1882 spin_lock_irqsave(&dbc->xfer_lock, flags); 1883 if (bo_queued(bo)) { 1884 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1885 ret = -EBUSY; 1886 goto unlock_ch_srcu; 1887 } 1888 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1889 1890 detach_slice_bo(qdev, bo); 1891 1892 unlock_ch_srcu: 1893 srcu_read_unlock(&dbc->ch_lock, rcu_id); 1894 unlock_bo: 1895 mutex_unlock(&bo->lock); 1896 put_bo: 1897 drm_gem_object_put(obj); 1898 unlock_dev_srcu: 1899 srcu_read_unlock(&qdev->dev_lock, qdev_rcu_id); 1900 unlock_usr_srcu: 1901 srcu_read_unlock(&usr->qddev_lock, usr_rcu_id); 1902 return ret; 1903 } 1904 1905 static void empty_xfer_list(struct qaic_device *qdev, struct dma_bridge_chan *dbc) 1906 { 1907 unsigned long flags; 1908 struct qaic_bo *bo; 1909 1910 spin_lock_irqsave(&dbc->xfer_lock, flags); 1911 while (!list_empty(&dbc->xfer_list)) { 1912 bo = list_first_entry(&dbc->xfer_list, typeof(*bo), xfer_list); 1913 list_del_init(&bo->xfer_list); 1914 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1915 bo->nr_slice_xfer_done = 0; 1916 bo->req_id = 0; 1917 bo->perf_stats.req_received_ts = 0; 1918 bo->perf_stats.req_submit_ts = 0; 1919 bo->perf_stats.req_processed_ts = 0; 1920 bo->perf_stats.queue_level_before = 0; 1921 dma_sync_sgtable_for_cpu(&qdev->pdev->dev, bo->sgt, bo->dir); 1922 complete_all(&bo->xfer_done); 1923 drm_gem_object_put(&bo->base); 1924 spin_lock_irqsave(&dbc->xfer_lock, flags); 1925 } 1926 spin_unlock_irqrestore(&dbc->xfer_lock, flags); 1927 } 1928 1929 int disable_dbc(struct qaic_device *qdev, u32 dbc_id, struct qaic_user *usr) 1930 { 1931 if (!qdev->dbc[dbc_id].usr || qdev->dbc[dbc_id].usr->handle != usr->handle) 1932 return -EPERM; 1933 1934 qdev->dbc[dbc_id].usr = NULL; 1935 synchronize_srcu(&qdev->dbc[dbc_id].ch_lock); 1936 return 0; 1937 } 1938 1939 /** 1940 * enable_dbc - Enable the DBC. DBCs are disabled by removing the context of 1941 * user. Add user context back to DBC to enable it. This function trusts the 1942 * DBC ID passed and expects the DBC to be disabled. 1943 * @qdev: Qranium device handle 1944 * @dbc_id: ID of the DBC 1945 * @usr: User context 1946 */ 1947 void enable_dbc(struct qaic_device *qdev, u32 dbc_id, struct qaic_user *usr) 1948 { 1949 qdev->dbc[dbc_id].usr = usr; 1950 } 1951 1952 void wakeup_dbc(struct qaic_device *qdev, u32 dbc_id) 1953 { 1954 struct dma_bridge_chan *dbc = &qdev->dbc[dbc_id]; 1955 1956 dbc->usr = NULL; 1957 empty_xfer_list(qdev, dbc); 1958 synchronize_srcu(&dbc->ch_lock); 1959 /* 1960 * Threads holding channel lock, may add more elements in the xfer_list. 1961 * Flush out these elements from xfer_list. 1962 */ 1963 empty_xfer_list(qdev, dbc); 1964 } 1965 1966 void release_dbc(struct qaic_device *qdev, u32 dbc_id) 1967 { 1968 struct qaic_bo *bo, *bo_temp; 1969 struct dma_bridge_chan *dbc; 1970 1971 dbc = &qdev->dbc[dbc_id]; 1972 if (!dbc->in_use) 1973 return; 1974 1975 wakeup_dbc(qdev, dbc_id); 1976 1977 dma_free_coherent(&qdev->pdev->dev, dbc->total_size, dbc->req_q_base, dbc->dma_addr); 1978 dbc->total_size = 0; 1979 dbc->req_q_base = NULL; 1980 dbc->dma_addr = 0; 1981 dbc->nelem = 0; 1982 dbc->usr = NULL; 1983 1984 list_for_each_entry_safe(bo, bo_temp, &dbc->bo_lists, bo_list) { 1985 drm_gem_object_get(&bo->base); 1986 mutex_lock(&bo->lock); 1987 detach_slice_bo(qdev, bo); 1988 mutex_unlock(&bo->lock); 1989 drm_gem_object_put(&bo->base); 1990 } 1991 1992 dbc->in_use = false; 1993 wake_up(&dbc->dbc_release); 1994 } 1995 1996 void qaic_data_get_fifo_info(struct dma_bridge_chan *dbc, u32 *head, u32 *tail) 1997 { 1998 if (!dbc || !head || !tail) 1999 return; 2000 2001 *head = readl(dbc->dbc_base + REQHP_OFF); 2002 *tail = readl(dbc->dbc_base + REQTP_OFF); 2003 } 2004