1 /* 2 * Copyright © 2008 Intel Corporation 3 * 4 * Permission is hereby granted, free of charge, to any person obtaining a 5 * copy of this software and associated documentation files (the "Software"), 6 * to deal in the Software without restriction, including without limitation 7 * the rights to use, copy, modify, merge, publish, distribute, sublicense, 8 * and/or sell copies of the Software, and to permit persons to whom the 9 * Software is furnished to do so, subject to the following conditions: 10 * 11 * The above copyright notice and this permission notice (including the next 12 * paragraph) shall be included in all copies or substantial portions of the 13 * Software. 14 * 15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 21 * IN THE SOFTWARE. 22 * 23 * Authors: 24 * Eric Anholt <eric@anholt.net> 25 * 26 */ 27 28 #include <drm/drmP.h> 29 #include <drm/i915_drm.h> 30 #include "i915_drv.h" 31 #include "i915_trace.h" 32 #include "intel_drv.h" 33 #include <linux/shmem_fs.h> 34 #include <linux/slab.h> 35 #include <linux/swap.h> 36 #include <linux/pci.h> 37 #include <linux/dma-buf.h> 38 39 static void i915_gem_object_flush_gtt_write_domain(struct drm_i915_gem_object *obj); 40 static void i915_gem_object_flush_cpu_write_domain(struct drm_i915_gem_object *obj); 41 static __must_check int i915_gem_object_bind_to_gtt(struct drm_i915_gem_object *obj, 42 unsigned alignment, 43 bool map_and_fenceable, 44 bool nonblocking); 45 static int i915_gem_phys_pwrite(struct drm_device *dev, 46 struct drm_i915_gem_object *obj, 47 struct drm_i915_gem_pwrite *args, 48 struct drm_file *file); 49 50 static void i915_gem_write_fence(struct drm_device *dev, int reg, 51 struct drm_i915_gem_object *obj); 52 static void i915_gem_object_update_fence(struct drm_i915_gem_object *obj, 53 struct drm_i915_fence_reg *fence, 54 bool enable); 55 56 static int i915_gem_inactive_shrink(struct shrinker *shrinker, 57 struct shrink_control *sc); 58 static long i915_gem_purge(struct drm_i915_private *dev_priv, long target); 59 static void i915_gem_shrink_all(struct drm_i915_private *dev_priv); 60 static void i915_gem_object_truncate(struct drm_i915_gem_object *obj); 61 62 static inline void i915_gem_object_fence_lost(struct drm_i915_gem_object *obj) 63 { 64 if (obj->tiling_mode) 65 i915_gem_release_mmap(obj); 66 67 /* As we do not have an associated fence register, we will force 68 * a tiling change if we ever need to acquire one. 69 */ 70 obj->fence_dirty = false; 71 obj->fence_reg = I915_FENCE_REG_NONE; 72 } 73 74 /* some bookkeeping */ 75 static void i915_gem_info_add_obj(struct drm_i915_private *dev_priv, 76 size_t size) 77 { 78 dev_priv->mm.object_count++; 79 dev_priv->mm.object_memory += size; 80 } 81 82 static void i915_gem_info_remove_obj(struct drm_i915_private *dev_priv, 83 size_t size) 84 { 85 dev_priv->mm.object_count--; 86 dev_priv->mm.object_memory -= size; 87 } 88 89 static int 90 i915_gem_wait_for_error(struct i915_gpu_error *error) 91 { 92 int ret; 93 94 #define EXIT_COND (!i915_reset_in_progress(error) || \ 95 i915_terminally_wedged(error)) 96 if (EXIT_COND) 97 return 0; 98 99 /* 100 * Only wait 10 seconds for the gpu reset to complete to avoid hanging 101 * userspace. If it takes that long something really bad is going on and 102 * we should simply try to bail out and fail as gracefully as possible. 103 */ 104 ret = wait_event_interruptible_timeout(error->reset_queue, 105 EXIT_COND, 106 10*HZ); 107 if (ret == 0) { 108 DRM_ERROR("Timed out waiting for the gpu reset to complete\n"); 109 return -EIO; 110 } else if (ret < 0) { 111 return ret; 112 } 113 #undef EXIT_COND 114 115 return 0; 116 } 117 118 int i915_mutex_lock_interruptible(struct drm_device *dev) 119 { 120 struct drm_i915_private *dev_priv = dev->dev_private; 121 int ret; 122 123 ret = i915_gem_wait_for_error(&dev_priv->gpu_error); 124 if (ret) 125 return ret; 126 127 ret = mutex_lock_interruptible(&dev->struct_mutex); 128 if (ret) 129 return ret; 130 131 WARN_ON(i915_verify_lists(dev)); 132 return 0; 133 } 134 135 static inline bool 136 i915_gem_object_is_inactive(struct drm_i915_gem_object *obj) 137 { 138 return obj->gtt_space && !obj->active; 139 } 140 141 int 142 i915_gem_init_ioctl(struct drm_device *dev, void *data, 143 struct drm_file *file) 144 { 145 struct drm_i915_private *dev_priv = dev->dev_private; 146 struct drm_i915_gem_init *args = data; 147 148 if (drm_core_check_feature(dev, DRIVER_MODESET)) 149 return -ENODEV; 150 151 if (args->gtt_start >= args->gtt_end || 152 (args->gtt_end | args->gtt_start) & (PAGE_SIZE - 1)) 153 return -EINVAL; 154 155 /* GEM with user mode setting was never supported on ilk and later. */ 156 if (INTEL_INFO(dev)->gen >= 5) 157 return -ENODEV; 158 159 mutex_lock(&dev->struct_mutex); 160 i915_gem_setup_global_gtt(dev, args->gtt_start, args->gtt_end, 161 args->gtt_end); 162 dev_priv->gtt.mappable_end = args->gtt_end; 163 mutex_unlock(&dev->struct_mutex); 164 165 return 0; 166 } 167 168 int 169 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data, 170 struct drm_file *file) 171 { 172 struct drm_i915_private *dev_priv = dev->dev_private; 173 struct drm_i915_gem_get_aperture *args = data; 174 struct drm_i915_gem_object *obj; 175 size_t pinned; 176 177 pinned = 0; 178 mutex_lock(&dev->struct_mutex); 179 list_for_each_entry(obj, &dev_priv->mm.bound_list, global_list) 180 if (obj->pin_count) 181 pinned += obj->gtt_space->size; 182 mutex_unlock(&dev->struct_mutex); 183 184 args->aper_size = dev_priv->gtt.total; 185 args->aper_available_size = args->aper_size - pinned; 186 187 return 0; 188 } 189 190 void *i915_gem_object_alloc(struct drm_device *dev) 191 { 192 struct drm_i915_private *dev_priv = dev->dev_private; 193 return kmem_cache_alloc(dev_priv->slab, GFP_KERNEL | __GFP_ZERO); 194 } 195 196 void i915_gem_object_free(struct drm_i915_gem_object *obj) 197 { 198 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 199 kmem_cache_free(dev_priv->slab, obj); 200 } 201 202 static int 203 i915_gem_create(struct drm_file *file, 204 struct drm_device *dev, 205 uint64_t size, 206 uint32_t *handle_p) 207 { 208 struct drm_i915_gem_object *obj; 209 int ret; 210 u32 handle; 211 212 size = roundup(size, PAGE_SIZE); 213 if (size == 0) 214 return -EINVAL; 215 216 /* Allocate the new object */ 217 obj = i915_gem_alloc_object(dev, size); 218 if (obj == NULL) 219 return -ENOMEM; 220 221 ret = drm_gem_handle_create(file, &obj->base, &handle); 222 if (ret) { 223 drm_gem_object_release(&obj->base); 224 i915_gem_info_remove_obj(dev->dev_private, obj->base.size); 225 i915_gem_object_free(obj); 226 return ret; 227 } 228 229 /* drop reference from allocate - handle holds it now */ 230 drm_gem_object_unreference(&obj->base); 231 trace_i915_gem_object_create(obj); 232 233 *handle_p = handle; 234 return 0; 235 } 236 237 int 238 i915_gem_dumb_create(struct drm_file *file, 239 struct drm_device *dev, 240 struct drm_mode_create_dumb *args) 241 { 242 /* have to work out size/pitch and return them */ 243 args->pitch = ALIGN(args->width * ((args->bpp + 7) / 8), 64); 244 args->size = args->pitch * args->height; 245 return i915_gem_create(file, dev, 246 args->size, &args->handle); 247 } 248 249 int i915_gem_dumb_destroy(struct drm_file *file, 250 struct drm_device *dev, 251 uint32_t handle) 252 { 253 return drm_gem_handle_delete(file, handle); 254 } 255 256 /** 257 * Creates a new mm object and returns a handle to it. 258 */ 259 int 260 i915_gem_create_ioctl(struct drm_device *dev, void *data, 261 struct drm_file *file) 262 { 263 struct drm_i915_gem_create *args = data; 264 265 return i915_gem_create(file, dev, 266 args->size, &args->handle); 267 } 268 269 static inline int 270 __copy_to_user_swizzled(char __user *cpu_vaddr, 271 const char *gpu_vaddr, int gpu_offset, 272 int length) 273 { 274 int ret, cpu_offset = 0; 275 276 while (length > 0) { 277 int cacheline_end = ALIGN(gpu_offset + 1, 64); 278 int this_length = min(cacheline_end - gpu_offset, length); 279 int swizzled_gpu_offset = gpu_offset ^ 64; 280 281 ret = __copy_to_user(cpu_vaddr + cpu_offset, 282 gpu_vaddr + swizzled_gpu_offset, 283 this_length); 284 if (ret) 285 return ret + length; 286 287 cpu_offset += this_length; 288 gpu_offset += this_length; 289 length -= this_length; 290 } 291 292 return 0; 293 } 294 295 static inline int 296 __copy_from_user_swizzled(char *gpu_vaddr, int gpu_offset, 297 const char __user *cpu_vaddr, 298 int length) 299 { 300 int ret, cpu_offset = 0; 301 302 while (length > 0) { 303 int cacheline_end = ALIGN(gpu_offset + 1, 64); 304 int this_length = min(cacheline_end - gpu_offset, length); 305 int swizzled_gpu_offset = gpu_offset ^ 64; 306 307 ret = __copy_from_user(gpu_vaddr + swizzled_gpu_offset, 308 cpu_vaddr + cpu_offset, 309 this_length); 310 if (ret) 311 return ret + length; 312 313 cpu_offset += this_length; 314 gpu_offset += this_length; 315 length -= this_length; 316 } 317 318 return 0; 319 } 320 321 /* Per-page copy function for the shmem pread fastpath. 322 * Flushes invalid cachelines before reading the target if 323 * needs_clflush is set. */ 324 static int 325 shmem_pread_fast(struct page *page, int shmem_page_offset, int page_length, 326 char __user *user_data, 327 bool page_do_bit17_swizzling, bool needs_clflush) 328 { 329 char *vaddr; 330 int ret; 331 332 if (unlikely(page_do_bit17_swizzling)) 333 return -EINVAL; 334 335 vaddr = kmap_atomic(page); 336 if (needs_clflush) 337 drm_clflush_virt_range(vaddr + shmem_page_offset, 338 page_length); 339 ret = __copy_to_user_inatomic(user_data, 340 vaddr + shmem_page_offset, 341 page_length); 342 kunmap_atomic(vaddr); 343 344 return ret ? -EFAULT : 0; 345 } 346 347 static void 348 shmem_clflush_swizzled_range(char *addr, unsigned long length, 349 bool swizzled) 350 { 351 if (unlikely(swizzled)) { 352 unsigned long start = (unsigned long) addr; 353 unsigned long end = (unsigned long) addr + length; 354 355 /* For swizzling simply ensure that we always flush both 356 * channels. Lame, but simple and it works. Swizzled 357 * pwrite/pread is far from a hotpath - current userspace 358 * doesn't use it at all. */ 359 start = round_down(start, 128); 360 end = round_up(end, 128); 361 362 drm_clflush_virt_range((void *)start, end - start); 363 } else { 364 drm_clflush_virt_range(addr, length); 365 } 366 367 } 368 369 /* Only difference to the fast-path function is that this can handle bit17 370 * and uses non-atomic copy and kmap functions. */ 371 static int 372 shmem_pread_slow(struct page *page, int shmem_page_offset, int page_length, 373 char __user *user_data, 374 bool page_do_bit17_swizzling, bool needs_clflush) 375 { 376 char *vaddr; 377 int ret; 378 379 vaddr = kmap(page); 380 if (needs_clflush) 381 shmem_clflush_swizzled_range(vaddr + shmem_page_offset, 382 page_length, 383 page_do_bit17_swizzling); 384 385 if (page_do_bit17_swizzling) 386 ret = __copy_to_user_swizzled(user_data, 387 vaddr, shmem_page_offset, 388 page_length); 389 else 390 ret = __copy_to_user(user_data, 391 vaddr + shmem_page_offset, 392 page_length); 393 kunmap(page); 394 395 return ret ? - EFAULT : 0; 396 } 397 398 static int 399 i915_gem_shmem_pread(struct drm_device *dev, 400 struct drm_i915_gem_object *obj, 401 struct drm_i915_gem_pread *args, 402 struct drm_file *file) 403 { 404 char __user *user_data; 405 ssize_t remain; 406 loff_t offset; 407 int shmem_page_offset, page_length, ret = 0; 408 int obj_do_bit17_swizzling, page_do_bit17_swizzling; 409 int prefaulted = 0; 410 int needs_clflush = 0; 411 struct sg_page_iter sg_iter; 412 413 user_data = to_user_ptr(args->data_ptr); 414 remain = args->size; 415 416 obj_do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj); 417 418 if (!(obj->base.read_domains & I915_GEM_DOMAIN_CPU)) { 419 /* If we're not in the cpu read domain, set ourself into the gtt 420 * read domain and manually flush cachelines (if required). This 421 * optimizes for the case when the gpu will dirty the data 422 * anyway again before the next pread happens. */ 423 if (obj->cache_level == I915_CACHE_NONE) 424 needs_clflush = 1; 425 if (obj->gtt_space) { 426 ret = i915_gem_object_set_to_gtt_domain(obj, false); 427 if (ret) 428 return ret; 429 } 430 } 431 432 ret = i915_gem_object_get_pages(obj); 433 if (ret) 434 return ret; 435 436 i915_gem_object_pin_pages(obj); 437 438 offset = args->offset; 439 440 for_each_sg_page(obj->pages->sgl, &sg_iter, obj->pages->nents, 441 offset >> PAGE_SHIFT) { 442 struct page *page = sg_page_iter_page(&sg_iter); 443 444 if (remain <= 0) 445 break; 446 447 /* Operation in this page 448 * 449 * shmem_page_offset = offset within page in shmem file 450 * page_length = bytes to copy for this page 451 */ 452 shmem_page_offset = offset_in_page(offset); 453 page_length = remain; 454 if ((shmem_page_offset + page_length) > PAGE_SIZE) 455 page_length = PAGE_SIZE - shmem_page_offset; 456 457 page_do_bit17_swizzling = obj_do_bit17_swizzling && 458 (page_to_phys(page) & (1 << 17)) != 0; 459 460 ret = shmem_pread_fast(page, shmem_page_offset, page_length, 461 user_data, page_do_bit17_swizzling, 462 needs_clflush); 463 if (ret == 0) 464 goto next_page; 465 466 mutex_unlock(&dev->struct_mutex); 467 468 if (!prefaulted) { 469 ret = fault_in_multipages_writeable(user_data, remain); 470 /* Userspace is tricking us, but we've already clobbered 471 * its pages with the prefault and promised to write the 472 * data up to the first fault. Hence ignore any errors 473 * and just continue. */ 474 (void)ret; 475 prefaulted = 1; 476 } 477 478 ret = shmem_pread_slow(page, shmem_page_offset, page_length, 479 user_data, page_do_bit17_swizzling, 480 needs_clflush); 481 482 mutex_lock(&dev->struct_mutex); 483 484 next_page: 485 mark_page_accessed(page); 486 487 if (ret) 488 goto out; 489 490 remain -= page_length; 491 user_data += page_length; 492 offset += page_length; 493 } 494 495 out: 496 i915_gem_object_unpin_pages(obj); 497 498 return ret; 499 } 500 501 /** 502 * Reads data from the object referenced by handle. 503 * 504 * On error, the contents of *data are undefined. 505 */ 506 int 507 i915_gem_pread_ioctl(struct drm_device *dev, void *data, 508 struct drm_file *file) 509 { 510 struct drm_i915_gem_pread *args = data; 511 struct drm_i915_gem_object *obj; 512 int ret = 0; 513 514 if (args->size == 0) 515 return 0; 516 517 if (!access_ok(VERIFY_WRITE, 518 to_user_ptr(args->data_ptr), 519 args->size)) 520 return -EFAULT; 521 522 ret = i915_mutex_lock_interruptible(dev); 523 if (ret) 524 return ret; 525 526 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 527 if (&obj->base == NULL) { 528 ret = -ENOENT; 529 goto unlock; 530 } 531 532 /* Bounds check source. */ 533 if (args->offset > obj->base.size || 534 args->size > obj->base.size - args->offset) { 535 ret = -EINVAL; 536 goto out; 537 } 538 539 /* prime objects have no backing filp to GEM pread/pwrite 540 * pages from. 541 */ 542 if (!obj->base.filp) { 543 ret = -EINVAL; 544 goto out; 545 } 546 547 trace_i915_gem_object_pread(obj, args->offset, args->size); 548 549 ret = i915_gem_shmem_pread(dev, obj, args, file); 550 551 out: 552 drm_gem_object_unreference(&obj->base); 553 unlock: 554 mutex_unlock(&dev->struct_mutex); 555 return ret; 556 } 557 558 /* This is the fast write path which cannot handle 559 * page faults in the source data 560 */ 561 562 static inline int 563 fast_user_write(struct io_mapping *mapping, 564 loff_t page_base, int page_offset, 565 char __user *user_data, 566 int length) 567 { 568 void __iomem *vaddr_atomic; 569 void *vaddr; 570 unsigned long unwritten; 571 572 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base); 573 /* We can use the cpu mem copy function because this is X86. */ 574 vaddr = (void __force*)vaddr_atomic + page_offset; 575 unwritten = __copy_from_user_inatomic_nocache(vaddr, 576 user_data, length); 577 io_mapping_unmap_atomic(vaddr_atomic); 578 return unwritten; 579 } 580 581 /** 582 * This is the fast pwrite path, where we copy the data directly from the 583 * user into the GTT, uncached. 584 */ 585 static int 586 i915_gem_gtt_pwrite_fast(struct drm_device *dev, 587 struct drm_i915_gem_object *obj, 588 struct drm_i915_gem_pwrite *args, 589 struct drm_file *file) 590 { 591 drm_i915_private_t *dev_priv = dev->dev_private; 592 ssize_t remain; 593 loff_t offset, page_base; 594 char __user *user_data; 595 int page_offset, page_length, ret; 596 597 ret = i915_gem_object_pin(obj, 0, true, true); 598 if (ret) 599 goto out; 600 601 ret = i915_gem_object_set_to_gtt_domain(obj, true); 602 if (ret) 603 goto out_unpin; 604 605 ret = i915_gem_object_put_fence(obj); 606 if (ret) 607 goto out_unpin; 608 609 user_data = to_user_ptr(args->data_ptr); 610 remain = args->size; 611 612 offset = obj->gtt_offset + args->offset; 613 614 while (remain > 0) { 615 /* Operation in this page 616 * 617 * page_base = page offset within aperture 618 * page_offset = offset within page 619 * page_length = bytes to copy for this page 620 */ 621 page_base = offset & PAGE_MASK; 622 page_offset = offset_in_page(offset); 623 page_length = remain; 624 if ((page_offset + remain) > PAGE_SIZE) 625 page_length = PAGE_SIZE - page_offset; 626 627 /* If we get a fault while copying data, then (presumably) our 628 * source page isn't available. Return the error and we'll 629 * retry in the slow path. 630 */ 631 if (fast_user_write(dev_priv->gtt.mappable, page_base, 632 page_offset, user_data, page_length)) { 633 ret = -EFAULT; 634 goto out_unpin; 635 } 636 637 remain -= page_length; 638 user_data += page_length; 639 offset += page_length; 640 } 641 642 out_unpin: 643 i915_gem_object_unpin(obj); 644 out: 645 return ret; 646 } 647 648 /* Per-page copy function for the shmem pwrite fastpath. 649 * Flushes invalid cachelines before writing to the target if 650 * needs_clflush_before is set and flushes out any written cachelines after 651 * writing if needs_clflush is set. */ 652 static int 653 shmem_pwrite_fast(struct page *page, int shmem_page_offset, int page_length, 654 char __user *user_data, 655 bool page_do_bit17_swizzling, 656 bool needs_clflush_before, 657 bool needs_clflush_after) 658 { 659 char *vaddr; 660 int ret; 661 662 if (unlikely(page_do_bit17_swizzling)) 663 return -EINVAL; 664 665 vaddr = kmap_atomic(page); 666 if (needs_clflush_before) 667 drm_clflush_virt_range(vaddr + shmem_page_offset, 668 page_length); 669 ret = __copy_from_user_inatomic_nocache(vaddr + shmem_page_offset, 670 user_data, 671 page_length); 672 if (needs_clflush_after) 673 drm_clflush_virt_range(vaddr + shmem_page_offset, 674 page_length); 675 kunmap_atomic(vaddr); 676 677 return ret ? -EFAULT : 0; 678 } 679 680 /* Only difference to the fast-path function is that this can handle bit17 681 * and uses non-atomic copy and kmap functions. */ 682 static int 683 shmem_pwrite_slow(struct page *page, int shmem_page_offset, int page_length, 684 char __user *user_data, 685 bool page_do_bit17_swizzling, 686 bool needs_clflush_before, 687 bool needs_clflush_after) 688 { 689 char *vaddr; 690 int ret; 691 692 vaddr = kmap(page); 693 if (unlikely(needs_clflush_before || page_do_bit17_swizzling)) 694 shmem_clflush_swizzled_range(vaddr + shmem_page_offset, 695 page_length, 696 page_do_bit17_swizzling); 697 if (page_do_bit17_swizzling) 698 ret = __copy_from_user_swizzled(vaddr, shmem_page_offset, 699 user_data, 700 page_length); 701 else 702 ret = __copy_from_user(vaddr + shmem_page_offset, 703 user_data, 704 page_length); 705 if (needs_clflush_after) 706 shmem_clflush_swizzled_range(vaddr + shmem_page_offset, 707 page_length, 708 page_do_bit17_swizzling); 709 kunmap(page); 710 711 return ret ? -EFAULT : 0; 712 } 713 714 static int 715 i915_gem_shmem_pwrite(struct drm_device *dev, 716 struct drm_i915_gem_object *obj, 717 struct drm_i915_gem_pwrite *args, 718 struct drm_file *file) 719 { 720 ssize_t remain; 721 loff_t offset; 722 char __user *user_data; 723 int shmem_page_offset, page_length, ret = 0; 724 int obj_do_bit17_swizzling, page_do_bit17_swizzling; 725 int hit_slowpath = 0; 726 int needs_clflush_after = 0; 727 int needs_clflush_before = 0; 728 struct sg_page_iter sg_iter; 729 730 user_data = to_user_ptr(args->data_ptr); 731 remain = args->size; 732 733 obj_do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj); 734 735 if (obj->base.write_domain != I915_GEM_DOMAIN_CPU) { 736 /* If we're not in the cpu write domain, set ourself into the gtt 737 * write domain and manually flush cachelines (if required). This 738 * optimizes for the case when the gpu will use the data 739 * right away and we therefore have to clflush anyway. */ 740 if (obj->cache_level == I915_CACHE_NONE) 741 needs_clflush_after = 1; 742 if (obj->gtt_space) { 743 ret = i915_gem_object_set_to_gtt_domain(obj, true); 744 if (ret) 745 return ret; 746 } 747 } 748 /* Same trick applies for invalidate partially written cachelines before 749 * writing. */ 750 if (!(obj->base.read_domains & I915_GEM_DOMAIN_CPU) 751 && obj->cache_level == I915_CACHE_NONE) 752 needs_clflush_before = 1; 753 754 ret = i915_gem_object_get_pages(obj); 755 if (ret) 756 return ret; 757 758 i915_gem_object_pin_pages(obj); 759 760 offset = args->offset; 761 obj->dirty = 1; 762 763 for_each_sg_page(obj->pages->sgl, &sg_iter, obj->pages->nents, 764 offset >> PAGE_SHIFT) { 765 struct page *page = sg_page_iter_page(&sg_iter); 766 int partial_cacheline_write; 767 768 if (remain <= 0) 769 break; 770 771 /* Operation in this page 772 * 773 * shmem_page_offset = offset within page in shmem file 774 * page_length = bytes to copy for this page 775 */ 776 shmem_page_offset = offset_in_page(offset); 777 778 page_length = remain; 779 if ((shmem_page_offset + page_length) > PAGE_SIZE) 780 page_length = PAGE_SIZE - shmem_page_offset; 781 782 /* If we don't overwrite a cacheline completely we need to be 783 * careful to have up-to-date data by first clflushing. Don't 784 * overcomplicate things and flush the entire patch. */ 785 partial_cacheline_write = needs_clflush_before && 786 ((shmem_page_offset | page_length) 787 & (boot_cpu_data.x86_clflush_size - 1)); 788 789 page_do_bit17_swizzling = obj_do_bit17_swizzling && 790 (page_to_phys(page) & (1 << 17)) != 0; 791 792 ret = shmem_pwrite_fast(page, shmem_page_offset, page_length, 793 user_data, page_do_bit17_swizzling, 794 partial_cacheline_write, 795 needs_clflush_after); 796 if (ret == 0) 797 goto next_page; 798 799 hit_slowpath = 1; 800 mutex_unlock(&dev->struct_mutex); 801 ret = shmem_pwrite_slow(page, shmem_page_offset, page_length, 802 user_data, page_do_bit17_swizzling, 803 partial_cacheline_write, 804 needs_clflush_after); 805 806 mutex_lock(&dev->struct_mutex); 807 808 next_page: 809 set_page_dirty(page); 810 mark_page_accessed(page); 811 812 if (ret) 813 goto out; 814 815 remain -= page_length; 816 user_data += page_length; 817 offset += page_length; 818 } 819 820 out: 821 i915_gem_object_unpin_pages(obj); 822 823 if (hit_slowpath) { 824 /* 825 * Fixup: Flush cpu caches in case we didn't flush the dirty 826 * cachelines in-line while writing and the object moved 827 * out of the cpu write domain while we've dropped the lock. 828 */ 829 if (!needs_clflush_after && 830 obj->base.write_domain != I915_GEM_DOMAIN_CPU) { 831 i915_gem_clflush_object(obj); 832 i915_gem_chipset_flush(dev); 833 } 834 } 835 836 if (needs_clflush_after) 837 i915_gem_chipset_flush(dev); 838 839 return ret; 840 } 841 842 /** 843 * Writes data to the object referenced by handle. 844 * 845 * On error, the contents of the buffer that were to be modified are undefined. 846 */ 847 int 848 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data, 849 struct drm_file *file) 850 { 851 struct drm_i915_gem_pwrite *args = data; 852 struct drm_i915_gem_object *obj; 853 int ret; 854 855 if (args->size == 0) 856 return 0; 857 858 if (!access_ok(VERIFY_READ, 859 to_user_ptr(args->data_ptr), 860 args->size)) 861 return -EFAULT; 862 863 ret = fault_in_multipages_readable(to_user_ptr(args->data_ptr), 864 args->size); 865 if (ret) 866 return -EFAULT; 867 868 ret = i915_mutex_lock_interruptible(dev); 869 if (ret) 870 return ret; 871 872 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 873 if (&obj->base == NULL) { 874 ret = -ENOENT; 875 goto unlock; 876 } 877 878 /* Bounds check destination. */ 879 if (args->offset > obj->base.size || 880 args->size > obj->base.size - args->offset) { 881 ret = -EINVAL; 882 goto out; 883 } 884 885 /* prime objects have no backing filp to GEM pread/pwrite 886 * pages from. 887 */ 888 if (!obj->base.filp) { 889 ret = -EINVAL; 890 goto out; 891 } 892 893 trace_i915_gem_object_pwrite(obj, args->offset, args->size); 894 895 ret = -EFAULT; 896 /* We can only do the GTT pwrite on untiled buffers, as otherwise 897 * it would end up going through the fenced access, and we'll get 898 * different detiling behavior between reading and writing. 899 * pread/pwrite currently are reading and writing from the CPU 900 * perspective, requiring manual detiling by the client. 901 */ 902 if (obj->phys_obj) { 903 ret = i915_gem_phys_pwrite(dev, obj, args, file); 904 goto out; 905 } 906 907 if (obj->cache_level == I915_CACHE_NONE && 908 obj->tiling_mode == I915_TILING_NONE && 909 obj->base.write_domain != I915_GEM_DOMAIN_CPU) { 910 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file); 911 /* Note that the gtt paths might fail with non-page-backed user 912 * pointers (e.g. gtt mappings when moving data between 913 * textures). Fallback to the shmem path in that case. */ 914 } 915 916 if (ret == -EFAULT || ret == -ENOSPC) 917 ret = i915_gem_shmem_pwrite(dev, obj, args, file); 918 919 out: 920 drm_gem_object_unreference(&obj->base); 921 unlock: 922 mutex_unlock(&dev->struct_mutex); 923 return ret; 924 } 925 926 int 927 i915_gem_check_wedge(struct i915_gpu_error *error, 928 bool interruptible) 929 { 930 if (i915_reset_in_progress(error)) { 931 /* Non-interruptible callers can't handle -EAGAIN, hence return 932 * -EIO unconditionally for these. */ 933 if (!interruptible) 934 return -EIO; 935 936 /* Recovery complete, but the reset failed ... */ 937 if (i915_terminally_wedged(error)) 938 return -EIO; 939 940 return -EAGAIN; 941 } 942 943 return 0; 944 } 945 946 /* 947 * Compare seqno against outstanding lazy request. Emit a request if they are 948 * equal. 949 */ 950 static int 951 i915_gem_check_olr(struct intel_ring_buffer *ring, u32 seqno) 952 { 953 int ret; 954 955 BUG_ON(!mutex_is_locked(&ring->dev->struct_mutex)); 956 957 ret = 0; 958 if (seqno == ring->outstanding_lazy_request) 959 ret = i915_add_request(ring, NULL); 960 961 return ret; 962 } 963 964 /** 965 * __wait_seqno - wait until execution of seqno has finished 966 * @ring: the ring expected to report seqno 967 * @seqno: duh! 968 * @reset_counter: reset sequence associated with the given seqno 969 * @interruptible: do an interruptible wait (normally yes) 970 * @timeout: in - how long to wait (NULL forever); out - how much time remaining 971 * 972 * Note: It is of utmost importance that the passed in seqno and reset_counter 973 * values have been read by the caller in an smp safe manner. Where read-side 974 * locks are involved, it is sufficient to read the reset_counter before 975 * unlocking the lock that protects the seqno. For lockless tricks, the 976 * reset_counter _must_ be read before, and an appropriate smp_rmb must be 977 * inserted. 978 * 979 * Returns 0 if the seqno was found within the alloted time. Else returns the 980 * errno with remaining time filled in timeout argument. 981 */ 982 static int __wait_seqno(struct intel_ring_buffer *ring, u32 seqno, 983 unsigned reset_counter, 984 bool interruptible, struct timespec *timeout) 985 { 986 drm_i915_private_t *dev_priv = ring->dev->dev_private; 987 struct timespec before, now, wait_time={1,0}; 988 unsigned long timeout_jiffies; 989 long end; 990 bool wait_forever = true; 991 int ret; 992 993 if (i915_seqno_passed(ring->get_seqno(ring, true), seqno)) 994 return 0; 995 996 trace_i915_gem_request_wait_begin(ring, seqno); 997 998 if (timeout != NULL) { 999 wait_time = *timeout; 1000 wait_forever = false; 1001 } 1002 1003 timeout_jiffies = timespec_to_jiffies_timeout(&wait_time); 1004 1005 if (WARN_ON(!ring->irq_get(ring))) 1006 return -ENODEV; 1007 1008 /* Record current time in case interrupted by signal, or wedged * */ 1009 getrawmonotonic(&before); 1010 1011 #define EXIT_COND \ 1012 (i915_seqno_passed(ring->get_seqno(ring, false), seqno) || \ 1013 i915_reset_in_progress(&dev_priv->gpu_error) || \ 1014 reset_counter != atomic_read(&dev_priv->gpu_error.reset_counter)) 1015 do { 1016 if (interruptible) 1017 end = wait_event_interruptible_timeout(ring->irq_queue, 1018 EXIT_COND, 1019 timeout_jiffies); 1020 else 1021 end = wait_event_timeout(ring->irq_queue, EXIT_COND, 1022 timeout_jiffies); 1023 1024 /* We need to check whether any gpu reset happened in between 1025 * the caller grabbing the seqno and now ... */ 1026 if (reset_counter != atomic_read(&dev_priv->gpu_error.reset_counter)) 1027 end = -EAGAIN; 1028 1029 /* ... but upgrade the -EGAIN to an -EIO if the gpu is truely 1030 * gone. */ 1031 ret = i915_gem_check_wedge(&dev_priv->gpu_error, interruptible); 1032 if (ret) 1033 end = ret; 1034 } while (end == 0 && wait_forever); 1035 1036 getrawmonotonic(&now); 1037 1038 ring->irq_put(ring); 1039 trace_i915_gem_request_wait_end(ring, seqno); 1040 #undef EXIT_COND 1041 1042 if (timeout) { 1043 struct timespec sleep_time = timespec_sub(now, before); 1044 *timeout = timespec_sub(*timeout, sleep_time); 1045 if (!timespec_valid(timeout)) /* i.e. negative time remains */ 1046 set_normalized_timespec(timeout, 0, 0); 1047 } 1048 1049 switch (end) { 1050 case -EIO: 1051 case -EAGAIN: /* Wedged */ 1052 case -ERESTARTSYS: /* Signal */ 1053 return (int)end; 1054 case 0: /* Timeout */ 1055 return -ETIME; 1056 default: /* Completed */ 1057 WARN_ON(end < 0); /* We're not aware of other errors */ 1058 return 0; 1059 } 1060 } 1061 1062 /** 1063 * Waits for a sequence number to be signaled, and cleans up the 1064 * request and object lists appropriately for that event. 1065 */ 1066 int 1067 i915_wait_seqno(struct intel_ring_buffer *ring, uint32_t seqno) 1068 { 1069 struct drm_device *dev = ring->dev; 1070 struct drm_i915_private *dev_priv = dev->dev_private; 1071 bool interruptible = dev_priv->mm.interruptible; 1072 int ret; 1073 1074 BUG_ON(!mutex_is_locked(&dev->struct_mutex)); 1075 BUG_ON(seqno == 0); 1076 1077 ret = i915_gem_check_wedge(&dev_priv->gpu_error, interruptible); 1078 if (ret) 1079 return ret; 1080 1081 ret = i915_gem_check_olr(ring, seqno); 1082 if (ret) 1083 return ret; 1084 1085 return __wait_seqno(ring, seqno, 1086 atomic_read(&dev_priv->gpu_error.reset_counter), 1087 interruptible, NULL); 1088 } 1089 1090 static int 1091 i915_gem_object_wait_rendering__tail(struct drm_i915_gem_object *obj, 1092 struct intel_ring_buffer *ring) 1093 { 1094 i915_gem_retire_requests_ring(ring); 1095 1096 /* Manually manage the write flush as we may have not yet 1097 * retired the buffer. 1098 * 1099 * Note that the last_write_seqno is always the earlier of 1100 * the two (read/write) seqno, so if we haved successfully waited, 1101 * we know we have passed the last write. 1102 */ 1103 obj->last_write_seqno = 0; 1104 obj->base.write_domain &= ~I915_GEM_GPU_DOMAINS; 1105 1106 return 0; 1107 } 1108 1109 /** 1110 * Ensures that all rendering to the object has completed and the object is 1111 * safe to unbind from the GTT or access from the CPU. 1112 */ 1113 static __must_check int 1114 i915_gem_object_wait_rendering(struct drm_i915_gem_object *obj, 1115 bool readonly) 1116 { 1117 struct intel_ring_buffer *ring = obj->ring; 1118 u32 seqno; 1119 int ret; 1120 1121 seqno = readonly ? obj->last_write_seqno : obj->last_read_seqno; 1122 if (seqno == 0) 1123 return 0; 1124 1125 ret = i915_wait_seqno(ring, seqno); 1126 if (ret) 1127 return ret; 1128 1129 return i915_gem_object_wait_rendering__tail(obj, ring); 1130 } 1131 1132 /* A nonblocking variant of the above wait. This is a highly dangerous routine 1133 * as the object state may change during this call. 1134 */ 1135 static __must_check int 1136 i915_gem_object_wait_rendering__nonblocking(struct drm_i915_gem_object *obj, 1137 bool readonly) 1138 { 1139 struct drm_device *dev = obj->base.dev; 1140 struct drm_i915_private *dev_priv = dev->dev_private; 1141 struct intel_ring_buffer *ring = obj->ring; 1142 unsigned reset_counter; 1143 u32 seqno; 1144 int ret; 1145 1146 BUG_ON(!mutex_is_locked(&dev->struct_mutex)); 1147 BUG_ON(!dev_priv->mm.interruptible); 1148 1149 seqno = readonly ? obj->last_write_seqno : obj->last_read_seqno; 1150 if (seqno == 0) 1151 return 0; 1152 1153 ret = i915_gem_check_wedge(&dev_priv->gpu_error, true); 1154 if (ret) 1155 return ret; 1156 1157 ret = i915_gem_check_olr(ring, seqno); 1158 if (ret) 1159 return ret; 1160 1161 reset_counter = atomic_read(&dev_priv->gpu_error.reset_counter); 1162 mutex_unlock(&dev->struct_mutex); 1163 ret = __wait_seqno(ring, seqno, reset_counter, true, NULL); 1164 mutex_lock(&dev->struct_mutex); 1165 if (ret) 1166 return ret; 1167 1168 return i915_gem_object_wait_rendering__tail(obj, ring); 1169 } 1170 1171 /** 1172 * Called when user space prepares to use an object with the CPU, either 1173 * through the mmap ioctl's mapping or a GTT mapping. 1174 */ 1175 int 1176 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data, 1177 struct drm_file *file) 1178 { 1179 struct drm_i915_gem_set_domain *args = data; 1180 struct drm_i915_gem_object *obj; 1181 uint32_t read_domains = args->read_domains; 1182 uint32_t write_domain = args->write_domain; 1183 int ret; 1184 1185 /* Only handle setting domains to types used by the CPU. */ 1186 if (write_domain & I915_GEM_GPU_DOMAINS) 1187 return -EINVAL; 1188 1189 if (read_domains & I915_GEM_GPU_DOMAINS) 1190 return -EINVAL; 1191 1192 /* Having something in the write domain implies it's in the read 1193 * domain, and only that read domain. Enforce that in the request. 1194 */ 1195 if (write_domain != 0 && read_domains != write_domain) 1196 return -EINVAL; 1197 1198 ret = i915_mutex_lock_interruptible(dev); 1199 if (ret) 1200 return ret; 1201 1202 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 1203 if (&obj->base == NULL) { 1204 ret = -ENOENT; 1205 goto unlock; 1206 } 1207 1208 /* Try to flush the object off the GPU without holding the lock. 1209 * We will repeat the flush holding the lock in the normal manner 1210 * to catch cases where we are gazumped. 1211 */ 1212 ret = i915_gem_object_wait_rendering__nonblocking(obj, !write_domain); 1213 if (ret) 1214 goto unref; 1215 1216 if (read_domains & I915_GEM_DOMAIN_GTT) { 1217 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0); 1218 1219 /* Silently promote "you're not bound, there was nothing to do" 1220 * to success, since the client was just asking us to 1221 * make sure everything was done. 1222 */ 1223 if (ret == -EINVAL) 1224 ret = 0; 1225 } else { 1226 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0); 1227 } 1228 1229 unref: 1230 drm_gem_object_unreference(&obj->base); 1231 unlock: 1232 mutex_unlock(&dev->struct_mutex); 1233 return ret; 1234 } 1235 1236 /** 1237 * Called when user space has done writes to this buffer 1238 */ 1239 int 1240 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data, 1241 struct drm_file *file) 1242 { 1243 struct drm_i915_gem_sw_finish *args = data; 1244 struct drm_i915_gem_object *obj; 1245 int ret = 0; 1246 1247 ret = i915_mutex_lock_interruptible(dev); 1248 if (ret) 1249 return ret; 1250 1251 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 1252 if (&obj->base == NULL) { 1253 ret = -ENOENT; 1254 goto unlock; 1255 } 1256 1257 /* Pinned buffers may be scanout, so flush the cache */ 1258 if (obj->pin_count) 1259 i915_gem_object_flush_cpu_write_domain(obj); 1260 1261 drm_gem_object_unreference(&obj->base); 1262 unlock: 1263 mutex_unlock(&dev->struct_mutex); 1264 return ret; 1265 } 1266 1267 /** 1268 * Maps the contents of an object, returning the address it is mapped 1269 * into. 1270 * 1271 * While the mapping holds a reference on the contents of the object, it doesn't 1272 * imply a ref on the object itself. 1273 */ 1274 int 1275 i915_gem_mmap_ioctl(struct drm_device *dev, void *data, 1276 struct drm_file *file) 1277 { 1278 struct drm_i915_gem_mmap *args = data; 1279 struct drm_gem_object *obj; 1280 unsigned long addr; 1281 1282 obj = drm_gem_object_lookup(dev, file, args->handle); 1283 if (obj == NULL) 1284 return -ENOENT; 1285 1286 /* prime objects have no backing filp to GEM mmap 1287 * pages from. 1288 */ 1289 if (!obj->filp) { 1290 drm_gem_object_unreference_unlocked(obj); 1291 return -EINVAL; 1292 } 1293 1294 addr = vm_mmap(obj->filp, 0, args->size, 1295 PROT_READ | PROT_WRITE, MAP_SHARED, 1296 args->offset); 1297 drm_gem_object_unreference_unlocked(obj); 1298 if (IS_ERR((void *)addr)) 1299 return addr; 1300 1301 args->addr_ptr = (uint64_t) addr; 1302 1303 return 0; 1304 } 1305 1306 /** 1307 * i915_gem_fault - fault a page into the GTT 1308 * vma: VMA in question 1309 * vmf: fault info 1310 * 1311 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped 1312 * from userspace. The fault handler takes care of binding the object to 1313 * the GTT (if needed), allocating and programming a fence register (again, 1314 * only if needed based on whether the old reg is still valid or the object 1315 * is tiled) and inserting a new PTE into the faulting process. 1316 * 1317 * Note that the faulting process may involve evicting existing objects 1318 * from the GTT and/or fence registers to make room. So performance may 1319 * suffer if the GTT working set is large or there are few fence registers 1320 * left. 1321 */ 1322 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf) 1323 { 1324 struct drm_i915_gem_object *obj = to_intel_bo(vma->vm_private_data); 1325 struct drm_device *dev = obj->base.dev; 1326 drm_i915_private_t *dev_priv = dev->dev_private; 1327 pgoff_t page_offset; 1328 unsigned long pfn; 1329 int ret = 0; 1330 bool write = !!(vmf->flags & FAULT_FLAG_WRITE); 1331 1332 /* We don't use vmf->pgoff since that has the fake offset */ 1333 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >> 1334 PAGE_SHIFT; 1335 1336 ret = i915_mutex_lock_interruptible(dev); 1337 if (ret) 1338 goto out; 1339 1340 trace_i915_gem_object_fault(obj, page_offset, true, write); 1341 1342 /* Access to snoopable pages through the GTT is incoherent. */ 1343 if (obj->cache_level != I915_CACHE_NONE && !HAS_LLC(dev)) { 1344 ret = -EINVAL; 1345 goto unlock; 1346 } 1347 1348 /* Now bind it into the GTT if needed */ 1349 ret = i915_gem_object_pin(obj, 0, true, false); 1350 if (ret) 1351 goto unlock; 1352 1353 ret = i915_gem_object_set_to_gtt_domain(obj, write); 1354 if (ret) 1355 goto unpin; 1356 1357 ret = i915_gem_object_get_fence(obj); 1358 if (ret) 1359 goto unpin; 1360 1361 obj->fault_mappable = true; 1362 1363 pfn = ((dev_priv->gtt.mappable_base + obj->gtt_offset) >> PAGE_SHIFT) + 1364 page_offset; 1365 1366 /* Finally, remap it using the new GTT offset */ 1367 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn); 1368 unpin: 1369 i915_gem_object_unpin(obj); 1370 unlock: 1371 mutex_unlock(&dev->struct_mutex); 1372 out: 1373 switch (ret) { 1374 case -EIO: 1375 /* If this -EIO is due to a gpu hang, give the reset code a 1376 * chance to clean up the mess. Otherwise return the proper 1377 * SIGBUS. */ 1378 if (i915_terminally_wedged(&dev_priv->gpu_error)) 1379 return VM_FAULT_SIGBUS; 1380 case -EAGAIN: 1381 /* Give the error handler a chance to run and move the 1382 * objects off the GPU active list. Next time we service the 1383 * fault, we should be able to transition the page into the 1384 * GTT without touching the GPU (and so avoid further 1385 * EIO/EGAIN). If the GPU is wedged, then there is no issue 1386 * with coherency, just lost writes. 1387 */ 1388 set_need_resched(); 1389 case 0: 1390 case -ERESTARTSYS: 1391 case -EINTR: 1392 case -EBUSY: 1393 /* 1394 * EBUSY is ok: this just means that another thread 1395 * already did the job. 1396 */ 1397 return VM_FAULT_NOPAGE; 1398 case -ENOMEM: 1399 return VM_FAULT_OOM; 1400 case -ENOSPC: 1401 return VM_FAULT_SIGBUS; 1402 default: 1403 WARN_ONCE(ret, "unhandled error in i915_gem_fault: %i\n", ret); 1404 return VM_FAULT_SIGBUS; 1405 } 1406 } 1407 1408 /** 1409 * i915_gem_release_mmap - remove physical page mappings 1410 * @obj: obj in question 1411 * 1412 * Preserve the reservation of the mmapping with the DRM core code, but 1413 * relinquish ownership of the pages back to the system. 1414 * 1415 * It is vital that we remove the page mapping if we have mapped a tiled 1416 * object through the GTT and then lose the fence register due to 1417 * resource pressure. Similarly if the object has been moved out of the 1418 * aperture, than pages mapped into userspace must be revoked. Removing the 1419 * mapping will then trigger a page fault on the next user access, allowing 1420 * fixup by i915_gem_fault(). 1421 */ 1422 void 1423 i915_gem_release_mmap(struct drm_i915_gem_object *obj) 1424 { 1425 if (!obj->fault_mappable) 1426 return; 1427 1428 if (obj->base.dev->dev_mapping) 1429 unmap_mapping_range(obj->base.dev->dev_mapping, 1430 (loff_t)obj->base.map_list.hash.key<<PAGE_SHIFT, 1431 obj->base.size, 1); 1432 1433 obj->fault_mappable = false; 1434 } 1435 1436 uint32_t 1437 i915_gem_get_gtt_size(struct drm_device *dev, uint32_t size, int tiling_mode) 1438 { 1439 uint32_t gtt_size; 1440 1441 if (INTEL_INFO(dev)->gen >= 4 || 1442 tiling_mode == I915_TILING_NONE) 1443 return size; 1444 1445 /* Previous chips need a power-of-two fence region when tiling */ 1446 if (INTEL_INFO(dev)->gen == 3) 1447 gtt_size = 1024*1024; 1448 else 1449 gtt_size = 512*1024; 1450 1451 while (gtt_size < size) 1452 gtt_size <<= 1; 1453 1454 return gtt_size; 1455 } 1456 1457 /** 1458 * i915_gem_get_gtt_alignment - return required GTT alignment for an object 1459 * @obj: object to check 1460 * 1461 * Return the required GTT alignment for an object, taking into account 1462 * potential fence register mapping. 1463 */ 1464 uint32_t 1465 i915_gem_get_gtt_alignment(struct drm_device *dev, uint32_t size, 1466 int tiling_mode, bool fenced) 1467 { 1468 /* 1469 * Minimum alignment is 4k (GTT page size), but might be greater 1470 * if a fence register is needed for the object. 1471 */ 1472 if (INTEL_INFO(dev)->gen >= 4 || (!fenced && IS_G33(dev)) || 1473 tiling_mode == I915_TILING_NONE) 1474 return 4096; 1475 1476 /* 1477 * Previous chips need to be aligned to the size of the smallest 1478 * fence register that can contain the object. 1479 */ 1480 return i915_gem_get_gtt_size(dev, size, tiling_mode); 1481 } 1482 1483 static int i915_gem_object_create_mmap_offset(struct drm_i915_gem_object *obj) 1484 { 1485 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 1486 int ret; 1487 1488 if (obj->base.map_list.map) 1489 return 0; 1490 1491 dev_priv->mm.shrinker_no_lock_stealing = true; 1492 1493 ret = drm_gem_create_mmap_offset(&obj->base); 1494 if (ret != -ENOSPC) 1495 goto out; 1496 1497 /* Badly fragmented mmap space? The only way we can recover 1498 * space is by destroying unwanted objects. We can't randomly release 1499 * mmap_offsets as userspace expects them to be persistent for the 1500 * lifetime of the objects. The closest we can is to release the 1501 * offsets on purgeable objects by truncating it and marking it purged, 1502 * which prevents userspace from ever using that object again. 1503 */ 1504 i915_gem_purge(dev_priv, obj->base.size >> PAGE_SHIFT); 1505 ret = drm_gem_create_mmap_offset(&obj->base); 1506 if (ret != -ENOSPC) 1507 goto out; 1508 1509 i915_gem_shrink_all(dev_priv); 1510 ret = drm_gem_create_mmap_offset(&obj->base); 1511 out: 1512 dev_priv->mm.shrinker_no_lock_stealing = false; 1513 1514 return ret; 1515 } 1516 1517 static void i915_gem_object_free_mmap_offset(struct drm_i915_gem_object *obj) 1518 { 1519 if (!obj->base.map_list.map) 1520 return; 1521 1522 drm_gem_free_mmap_offset(&obj->base); 1523 } 1524 1525 int 1526 i915_gem_mmap_gtt(struct drm_file *file, 1527 struct drm_device *dev, 1528 uint32_t handle, 1529 uint64_t *offset) 1530 { 1531 struct drm_i915_private *dev_priv = dev->dev_private; 1532 struct drm_i915_gem_object *obj; 1533 int ret; 1534 1535 ret = i915_mutex_lock_interruptible(dev); 1536 if (ret) 1537 return ret; 1538 1539 obj = to_intel_bo(drm_gem_object_lookup(dev, file, handle)); 1540 if (&obj->base == NULL) { 1541 ret = -ENOENT; 1542 goto unlock; 1543 } 1544 1545 if (obj->base.size > dev_priv->gtt.mappable_end) { 1546 ret = -E2BIG; 1547 goto out; 1548 } 1549 1550 if (obj->madv != I915_MADV_WILLNEED) { 1551 DRM_ERROR("Attempting to mmap a purgeable buffer\n"); 1552 ret = -EINVAL; 1553 goto out; 1554 } 1555 1556 ret = i915_gem_object_create_mmap_offset(obj); 1557 if (ret) 1558 goto out; 1559 1560 *offset = (u64)obj->base.map_list.hash.key << PAGE_SHIFT; 1561 1562 out: 1563 drm_gem_object_unreference(&obj->base); 1564 unlock: 1565 mutex_unlock(&dev->struct_mutex); 1566 return ret; 1567 } 1568 1569 /** 1570 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing 1571 * @dev: DRM device 1572 * @data: GTT mapping ioctl data 1573 * @file: GEM object info 1574 * 1575 * Simply returns the fake offset to userspace so it can mmap it. 1576 * The mmap call will end up in drm_gem_mmap(), which will set things 1577 * up so we can get faults in the handler above. 1578 * 1579 * The fault handler will take care of binding the object into the GTT 1580 * (since it may have been evicted to make room for something), allocating 1581 * a fence register, and mapping the appropriate aperture address into 1582 * userspace. 1583 */ 1584 int 1585 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data, 1586 struct drm_file *file) 1587 { 1588 struct drm_i915_gem_mmap_gtt *args = data; 1589 1590 return i915_gem_mmap_gtt(file, dev, args->handle, &args->offset); 1591 } 1592 1593 /* Immediately discard the backing storage */ 1594 static void 1595 i915_gem_object_truncate(struct drm_i915_gem_object *obj) 1596 { 1597 struct inode *inode; 1598 1599 i915_gem_object_free_mmap_offset(obj); 1600 1601 if (obj->base.filp == NULL) 1602 return; 1603 1604 /* Our goal here is to return as much of the memory as 1605 * is possible back to the system as we are called from OOM. 1606 * To do this we must instruct the shmfs to drop all of its 1607 * backing pages, *now*. 1608 */ 1609 inode = file_inode(obj->base.filp); 1610 shmem_truncate_range(inode, 0, (loff_t)-1); 1611 1612 obj->madv = __I915_MADV_PURGED; 1613 } 1614 1615 static inline int 1616 i915_gem_object_is_purgeable(struct drm_i915_gem_object *obj) 1617 { 1618 return obj->madv == I915_MADV_DONTNEED; 1619 } 1620 1621 static void 1622 i915_gem_object_put_pages_gtt(struct drm_i915_gem_object *obj) 1623 { 1624 struct sg_page_iter sg_iter; 1625 int ret; 1626 1627 BUG_ON(obj->madv == __I915_MADV_PURGED); 1628 1629 ret = i915_gem_object_set_to_cpu_domain(obj, true); 1630 if (ret) { 1631 /* In the event of a disaster, abandon all caches and 1632 * hope for the best. 1633 */ 1634 WARN_ON(ret != -EIO); 1635 i915_gem_clflush_object(obj); 1636 obj->base.read_domains = obj->base.write_domain = I915_GEM_DOMAIN_CPU; 1637 } 1638 1639 if (i915_gem_object_needs_bit17_swizzle(obj)) 1640 i915_gem_object_save_bit_17_swizzle(obj); 1641 1642 if (obj->madv == I915_MADV_DONTNEED) 1643 obj->dirty = 0; 1644 1645 for_each_sg_page(obj->pages->sgl, &sg_iter, obj->pages->nents, 0) { 1646 struct page *page = sg_page_iter_page(&sg_iter); 1647 1648 if (obj->dirty) 1649 set_page_dirty(page); 1650 1651 if (obj->madv == I915_MADV_WILLNEED) 1652 mark_page_accessed(page); 1653 1654 page_cache_release(page); 1655 } 1656 obj->dirty = 0; 1657 1658 sg_free_table(obj->pages); 1659 kfree(obj->pages); 1660 } 1661 1662 int 1663 i915_gem_object_put_pages(struct drm_i915_gem_object *obj) 1664 { 1665 const struct drm_i915_gem_object_ops *ops = obj->ops; 1666 1667 if (obj->pages == NULL) 1668 return 0; 1669 1670 BUG_ON(obj->gtt_space); 1671 1672 if (obj->pages_pin_count) 1673 return -EBUSY; 1674 1675 /* ->put_pages might need to allocate memory for the bit17 swizzle 1676 * array, hence protect them from being reaped by removing them from gtt 1677 * lists early. */ 1678 list_del(&obj->global_list); 1679 1680 ops->put_pages(obj); 1681 obj->pages = NULL; 1682 1683 if (i915_gem_object_is_purgeable(obj)) 1684 i915_gem_object_truncate(obj); 1685 1686 return 0; 1687 } 1688 1689 static long 1690 __i915_gem_shrink(struct drm_i915_private *dev_priv, long target, 1691 bool purgeable_only) 1692 { 1693 struct drm_i915_gem_object *obj, *next; 1694 long count = 0; 1695 1696 list_for_each_entry_safe(obj, next, 1697 &dev_priv->mm.unbound_list, 1698 global_list) { 1699 if ((i915_gem_object_is_purgeable(obj) || !purgeable_only) && 1700 i915_gem_object_put_pages(obj) == 0) { 1701 count += obj->base.size >> PAGE_SHIFT; 1702 if (count >= target) 1703 return count; 1704 } 1705 } 1706 1707 list_for_each_entry_safe(obj, next, 1708 &dev_priv->mm.inactive_list, 1709 mm_list) { 1710 if ((i915_gem_object_is_purgeable(obj) || !purgeable_only) && 1711 i915_gem_object_unbind(obj) == 0 && 1712 i915_gem_object_put_pages(obj) == 0) { 1713 count += obj->base.size >> PAGE_SHIFT; 1714 if (count >= target) 1715 return count; 1716 } 1717 } 1718 1719 return count; 1720 } 1721 1722 static long 1723 i915_gem_purge(struct drm_i915_private *dev_priv, long target) 1724 { 1725 return __i915_gem_shrink(dev_priv, target, true); 1726 } 1727 1728 static void 1729 i915_gem_shrink_all(struct drm_i915_private *dev_priv) 1730 { 1731 struct drm_i915_gem_object *obj, *next; 1732 1733 i915_gem_evict_everything(dev_priv->dev); 1734 1735 list_for_each_entry_safe(obj, next, &dev_priv->mm.unbound_list, 1736 global_list) 1737 i915_gem_object_put_pages(obj); 1738 } 1739 1740 static int 1741 i915_gem_object_get_pages_gtt(struct drm_i915_gem_object *obj) 1742 { 1743 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 1744 int page_count, i; 1745 struct address_space *mapping; 1746 struct sg_table *st; 1747 struct scatterlist *sg; 1748 struct sg_page_iter sg_iter; 1749 struct page *page; 1750 unsigned long last_pfn = 0; /* suppress gcc warning */ 1751 gfp_t gfp; 1752 1753 /* Assert that the object is not currently in any GPU domain. As it 1754 * wasn't in the GTT, there shouldn't be any way it could have been in 1755 * a GPU cache 1756 */ 1757 BUG_ON(obj->base.read_domains & I915_GEM_GPU_DOMAINS); 1758 BUG_ON(obj->base.write_domain & I915_GEM_GPU_DOMAINS); 1759 1760 st = kmalloc(sizeof(*st), GFP_KERNEL); 1761 if (st == NULL) 1762 return -ENOMEM; 1763 1764 page_count = obj->base.size / PAGE_SIZE; 1765 if (sg_alloc_table(st, page_count, GFP_KERNEL)) { 1766 sg_free_table(st); 1767 kfree(st); 1768 return -ENOMEM; 1769 } 1770 1771 /* Get the list of pages out of our struct file. They'll be pinned 1772 * at this point until we release them. 1773 * 1774 * Fail silently without starting the shrinker 1775 */ 1776 mapping = file_inode(obj->base.filp)->i_mapping; 1777 gfp = mapping_gfp_mask(mapping); 1778 gfp |= __GFP_NORETRY | __GFP_NOWARN | __GFP_NO_KSWAPD; 1779 gfp &= ~(__GFP_IO | __GFP_WAIT); 1780 sg = st->sgl; 1781 st->nents = 0; 1782 for (i = 0; i < page_count; i++) { 1783 page = shmem_read_mapping_page_gfp(mapping, i, gfp); 1784 if (IS_ERR(page)) { 1785 i915_gem_purge(dev_priv, page_count); 1786 page = shmem_read_mapping_page_gfp(mapping, i, gfp); 1787 } 1788 if (IS_ERR(page)) { 1789 /* We've tried hard to allocate the memory by reaping 1790 * our own buffer, now let the real VM do its job and 1791 * go down in flames if truly OOM. 1792 */ 1793 gfp &= ~(__GFP_NORETRY | __GFP_NOWARN | __GFP_NO_KSWAPD); 1794 gfp |= __GFP_IO | __GFP_WAIT; 1795 1796 i915_gem_shrink_all(dev_priv); 1797 page = shmem_read_mapping_page_gfp(mapping, i, gfp); 1798 if (IS_ERR(page)) 1799 goto err_pages; 1800 1801 gfp |= __GFP_NORETRY | __GFP_NOWARN | __GFP_NO_KSWAPD; 1802 gfp &= ~(__GFP_IO | __GFP_WAIT); 1803 } 1804 #ifdef CONFIG_SWIOTLB 1805 if (swiotlb_nr_tbl()) { 1806 st->nents++; 1807 sg_set_page(sg, page, PAGE_SIZE, 0); 1808 sg = sg_next(sg); 1809 continue; 1810 } 1811 #endif 1812 if (!i || page_to_pfn(page) != last_pfn + 1) { 1813 if (i) 1814 sg = sg_next(sg); 1815 st->nents++; 1816 sg_set_page(sg, page, PAGE_SIZE, 0); 1817 } else { 1818 sg->length += PAGE_SIZE; 1819 } 1820 last_pfn = page_to_pfn(page); 1821 } 1822 #ifdef CONFIG_SWIOTLB 1823 if (!swiotlb_nr_tbl()) 1824 #endif 1825 sg_mark_end(sg); 1826 obj->pages = st; 1827 1828 if (i915_gem_object_needs_bit17_swizzle(obj)) 1829 i915_gem_object_do_bit_17_swizzle(obj); 1830 1831 return 0; 1832 1833 err_pages: 1834 sg_mark_end(sg); 1835 for_each_sg_page(st->sgl, &sg_iter, st->nents, 0) 1836 page_cache_release(sg_page_iter_page(&sg_iter)); 1837 sg_free_table(st); 1838 kfree(st); 1839 return PTR_ERR(page); 1840 } 1841 1842 /* Ensure that the associated pages are gathered from the backing storage 1843 * and pinned into our object. i915_gem_object_get_pages() may be called 1844 * multiple times before they are released by a single call to 1845 * i915_gem_object_put_pages() - once the pages are no longer referenced 1846 * either as a result of memory pressure (reaping pages under the shrinker) 1847 * or as the object is itself released. 1848 */ 1849 int 1850 i915_gem_object_get_pages(struct drm_i915_gem_object *obj) 1851 { 1852 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 1853 const struct drm_i915_gem_object_ops *ops = obj->ops; 1854 int ret; 1855 1856 if (obj->pages) 1857 return 0; 1858 1859 if (obj->madv != I915_MADV_WILLNEED) { 1860 DRM_ERROR("Attempting to obtain a purgeable object\n"); 1861 return -EINVAL; 1862 } 1863 1864 BUG_ON(obj->pages_pin_count); 1865 1866 ret = ops->get_pages(obj); 1867 if (ret) 1868 return ret; 1869 1870 list_add_tail(&obj->global_list, &dev_priv->mm.unbound_list); 1871 return 0; 1872 } 1873 1874 void 1875 i915_gem_object_move_to_active(struct drm_i915_gem_object *obj, 1876 struct intel_ring_buffer *ring) 1877 { 1878 struct drm_device *dev = obj->base.dev; 1879 struct drm_i915_private *dev_priv = dev->dev_private; 1880 u32 seqno = intel_ring_get_seqno(ring); 1881 1882 BUG_ON(ring == NULL); 1883 if (obj->ring != ring && obj->last_write_seqno) { 1884 /* Keep the seqno relative to the current ring */ 1885 obj->last_write_seqno = seqno; 1886 } 1887 obj->ring = ring; 1888 1889 /* Add a reference if we're newly entering the active list. */ 1890 if (!obj->active) { 1891 drm_gem_object_reference(&obj->base); 1892 obj->active = 1; 1893 } 1894 1895 /* Move from whatever list we were on to the tail of execution. */ 1896 list_move_tail(&obj->mm_list, &dev_priv->mm.active_list); 1897 list_move_tail(&obj->ring_list, &ring->active_list); 1898 1899 obj->last_read_seqno = seqno; 1900 1901 if (obj->fenced_gpu_access) { 1902 obj->last_fenced_seqno = seqno; 1903 1904 /* Bump MRU to take account of the delayed flush */ 1905 if (obj->fence_reg != I915_FENCE_REG_NONE) { 1906 struct drm_i915_fence_reg *reg; 1907 1908 reg = &dev_priv->fence_regs[obj->fence_reg]; 1909 list_move_tail(®->lru_list, 1910 &dev_priv->mm.fence_list); 1911 } 1912 } 1913 } 1914 1915 static void 1916 i915_gem_object_move_to_inactive(struct drm_i915_gem_object *obj) 1917 { 1918 struct drm_device *dev = obj->base.dev; 1919 struct drm_i915_private *dev_priv = dev->dev_private; 1920 1921 BUG_ON(obj->base.write_domain & ~I915_GEM_GPU_DOMAINS); 1922 BUG_ON(!obj->active); 1923 1924 list_move_tail(&obj->mm_list, &dev_priv->mm.inactive_list); 1925 1926 list_del_init(&obj->ring_list); 1927 obj->ring = NULL; 1928 1929 obj->last_read_seqno = 0; 1930 obj->last_write_seqno = 0; 1931 obj->base.write_domain = 0; 1932 1933 obj->last_fenced_seqno = 0; 1934 obj->fenced_gpu_access = false; 1935 1936 obj->active = 0; 1937 drm_gem_object_unreference(&obj->base); 1938 1939 WARN_ON(i915_verify_lists(dev)); 1940 } 1941 1942 static int 1943 i915_gem_init_seqno(struct drm_device *dev, u32 seqno) 1944 { 1945 struct drm_i915_private *dev_priv = dev->dev_private; 1946 struct intel_ring_buffer *ring; 1947 int ret, i, j; 1948 1949 /* Carefully retire all requests without writing to the rings */ 1950 for_each_ring(ring, dev_priv, i) { 1951 ret = intel_ring_idle(ring); 1952 if (ret) 1953 return ret; 1954 } 1955 i915_gem_retire_requests(dev); 1956 1957 /* Finally reset hw state */ 1958 for_each_ring(ring, dev_priv, i) { 1959 intel_ring_init_seqno(ring, seqno); 1960 1961 for (j = 0; j < ARRAY_SIZE(ring->sync_seqno); j++) 1962 ring->sync_seqno[j] = 0; 1963 } 1964 1965 return 0; 1966 } 1967 1968 int i915_gem_set_seqno(struct drm_device *dev, u32 seqno) 1969 { 1970 struct drm_i915_private *dev_priv = dev->dev_private; 1971 int ret; 1972 1973 if (seqno == 0) 1974 return -EINVAL; 1975 1976 /* HWS page needs to be set less than what we 1977 * will inject to ring 1978 */ 1979 ret = i915_gem_init_seqno(dev, seqno - 1); 1980 if (ret) 1981 return ret; 1982 1983 /* Carefully set the last_seqno value so that wrap 1984 * detection still works 1985 */ 1986 dev_priv->next_seqno = seqno; 1987 dev_priv->last_seqno = seqno - 1; 1988 if (dev_priv->last_seqno == 0) 1989 dev_priv->last_seqno--; 1990 1991 return 0; 1992 } 1993 1994 int 1995 i915_gem_get_seqno(struct drm_device *dev, u32 *seqno) 1996 { 1997 struct drm_i915_private *dev_priv = dev->dev_private; 1998 1999 /* reserve 0 for non-seqno */ 2000 if (dev_priv->next_seqno == 0) { 2001 int ret = i915_gem_init_seqno(dev, 0); 2002 if (ret) 2003 return ret; 2004 2005 dev_priv->next_seqno = 1; 2006 } 2007 2008 *seqno = dev_priv->last_seqno = dev_priv->next_seqno++; 2009 return 0; 2010 } 2011 2012 int __i915_add_request(struct intel_ring_buffer *ring, 2013 struct drm_file *file, 2014 struct drm_i915_gem_object *obj, 2015 u32 *out_seqno) 2016 { 2017 drm_i915_private_t *dev_priv = ring->dev->dev_private; 2018 struct drm_i915_gem_request *request; 2019 u32 request_ring_position, request_start; 2020 int was_empty; 2021 int ret; 2022 2023 request_start = intel_ring_get_tail(ring); 2024 /* 2025 * Emit any outstanding flushes - execbuf can fail to emit the flush 2026 * after having emitted the batchbuffer command. Hence we need to fix 2027 * things up similar to emitting the lazy request. The difference here 2028 * is that the flush _must_ happen before the next request, no matter 2029 * what. 2030 */ 2031 ret = intel_ring_flush_all_caches(ring); 2032 if (ret) 2033 return ret; 2034 2035 request = kmalloc(sizeof(*request), GFP_KERNEL); 2036 if (request == NULL) 2037 return -ENOMEM; 2038 2039 2040 /* Record the position of the start of the request so that 2041 * should we detect the updated seqno part-way through the 2042 * GPU processing the request, we never over-estimate the 2043 * position of the head. 2044 */ 2045 request_ring_position = intel_ring_get_tail(ring); 2046 2047 ret = ring->add_request(ring); 2048 if (ret) { 2049 kfree(request); 2050 return ret; 2051 } 2052 2053 request->seqno = intel_ring_get_seqno(ring); 2054 request->ring = ring; 2055 request->head = request_start; 2056 request->tail = request_ring_position; 2057 request->ctx = ring->last_context; 2058 request->batch_obj = obj; 2059 2060 /* Whilst this request exists, batch_obj will be on the 2061 * active_list, and so will hold the active reference. Only when this 2062 * request is retired will the the batch_obj be moved onto the 2063 * inactive_list and lose its active reference. Hence we do not need 2064 * to explicitly hold another reference here. 2065 */ 2066 2067 if (request->ctx) 2068 i915_gem_context_reference(request->ctx); 2069 2070 request->emitted_jiffies = jiffies; 2071 was_empty = list_empty(&ring->request_list); 2072 list_add_tail(&request->list, &ring->request_list); 2073 request->file_priv = NULL; 2074 2075 if (file) { 2076 struct drm_i915_file_private *file_priv = file->driver_priv; 2077 2078 spin_lock(&file_priv->mm.lock); 2079 request->file_priv = file_priv; 2080 list_add_tail(&request->client_list, 2081 &file_priv->mm.request_list); 2082 spin_unlock(&file_priv->mm.lock); 2083 } 2084 2085 trace_i915_gem_request_add(ring, request->seqno); 2086 ring->outstanding_lazy_request = 0; 2087 2088 if (!dev_priv->mm.suspended) { 2089 if (i915_enable_hangcheck) { 2090 mod_timer(&dev_priv->gpu_error.hangcheck_timer, 2091 round_jiffies_up(jiffies + DRM_I915_HANGCHECK_JIFFIES)); 2092 } 2093 if (was_empty) { 2094 queue_delayed_work(dev_priv->wq, 2095 &dev_priv->mm.retire_work, 2096 round_jiffies_up_relative(HZ)); 2097 intel_mark_busy(dev_priv->dev); 2098 } 2099 } 2100 2101 if (out_seqno) 2102 *out_seqno = request->seqno; 2103 return 0; 2104 } 2105 2106 static inline void 2107 i915_gem_request_remove_from_client(struct drm_i915_gem_request *request) 2108 { 2109 struct drm_i915_file_private *file_priv = request->file_priv; 2110 2111 if (!file_priv) 2112 return; 2113 2114 spin_lock(&file_priv->mm.lock); 2115 if (request->file_priv) { 2116 list_del(&request->client_list); 2117 request->file_priv = NULL; 2118 } 2119 spin_unlock(&file_priv->mm.lock); 2120 } 2121 2122 static bool i915_head_inside_object(u32 acthd, struct drm_i915_gem_object *obj) 2123 { 2124 if (acthd >= obj->gtt_offset && 2125 acthd < obj->gtt_offset + obj->base.size) 2126 return true; 2127 2128 return false; 2129 } 2130 2131 static bool i915_head_inside_request(const u32 acthd_unmasked, 2132 const u32 request_start, 2133 const u32 request_end) 2134 { 2135 const u32 acthd = acthd_unmasked & HEAD_ADDR; 2136 2137 if (request_start < request_end) { 2138 if (acthd >= request_start && acthd < request_end) 2139 return true; 2140 } else if (request_start > request_end) { 2141 if (acthd >= request_start || acthd < request_end) 2142 return true; 2143 } 2144 2145 return false; 2146 } 2147 2148 static bool i915_request_guilty(struct drm_i915_gem_request *request, 2149 const u32 acthd, bool *inside) 2150 { 2151 /* There is a possibility that unmasked head address 2152 * pointing inside the ring, matches the batch_obj address range. 2153 * However this is extremely unlikely. 2154 */ 2155 2156 if (request->batch_obj) { 2157 if (i915_head_inside_object(acthd, request->batch_obj)) { 2158 *inside = true; 2159 return true; 2160 } 2161 } 2162 2163 if (i915_head_inside_request(acthd, request->head, request->tail)) { 2164 *inside = false; 2165 return true; 2166 } 2167 2168 return false; 2169 } 2170 2171 static void i915_set_reset_status(struct intel_ring_buffer *ring, 2172 struct drm_i915_gem_request *request, 2173 u32 acthd) 2174 { 2175 struct i915_ctx_hang_stats *hs = NULL; 2176 bool inside, guilty; 2177 2178 /* Innocent until proven guilty */ 2179 guilty = false; 2180 2181 if (ring->hangcheck.action != wait && 2182 i915_request_guilty(request, acthd, &inside)) { 2183 DRM_ERROR("%s hung %s bo (0x%x ctx %d) at 0x%x\n", 2184 ring->name, 2185 inside ? "inside" : "flushing", 2186 request->batch_obj ? 2187 request->batch_obj->gtt_offset : 0, 2188 request->ctx ? request->ctx->id : 0, 2189 acthd); 2190 2191 guilty = true; 2192 } 2193 2194 /* If contexts are disabled or this is the default context, use 2195 * file_priv->reset_state 2196 */ 2197 if (request->ctx && request->ctx->id != DEFAULT_CONTEXT_ID) 2198 hs = &request->ctx->hang_stats; 2199 else if (request->file_priv) 2200 hs = &request->file_priv->hang_stats; 2201 2202 if (hs) { 2203 if (guilty) 2204 hs->batch_active++; 2205 else 2206 hs->batch_pending++; 2207 } 2208 } 2209 2210 static void i915_gem_free_request(struct drm_i915_gem_request *request) 2211 { 2212 list_del(&request->list); 2213 i915_gem_request_remove_from_client(request); 2214 2215 if (request->ctx) 2216 i915_gem_context_unreference(request->ctx); 2217 2218 kfree(request); 2219 } 2220 2221 static void i915_gem_reset_ring_lists(struct drm_i915_private *dev_priv, 2222 struct intel_ring_buffer *ring) 2223 { 2224 u32 completed_seqno; 2225 u32 acthd; 2226 2227 acthd = intel_ring_get_active_head(ring); 2228 completed_seqno = ring->get_seqno(ring, false); 2229 2230 while (!list_empty(&ring->request_list)) { 2231 struct drm_i915_gem_request *request; 2232 2233 request = list_first_entry(&ring->request_list, 2234 struct drm_i915_gem_request, 2235 list); 2236 2237 if (request->seqno > completed_seqno) 2238 i915_set_reset_status(ring, request, acthd); 2239 2240 i915_gem_free_request(request); 2241 } 2242 2243 while (!list_empty(&ring->active_list)) { 2244 struct drm_i915_gem_object *obj; 2245 2246 obj = list_first_entry(&ring->active_list, 2247 struct drm_i915_gem_object, 2248 ring_list); 2249 2250 i915_gem_object_move_to_inactive(obj); 2251 } 2252 } 2253 2254 void i915_gem_restore_fences(struct drm_device *dev) 2255 { 2256 struct drm_i915_private *dev_priv = dev->dev_private; 2257 int i; 2258 2259 for (i = 0; i < dev_priv->num_fence_regs; i++) { 2260 struct drm_i915_fence_reg *reg = &dev_priv->fence_regs[i]; 2261 i915_gem_write_fence(dev, i, reg->obj); 2262 } 2263 } 2264 2265 void i915_gem_reset(struct drm_device *dev) 2266 { 2267 struct drm_i915_private *dev_priv = dev->dev_private; 2268 struct drm_i915_gem_object *obj; 2269 struct intel_ring_buffer *ring; 2270 int i; 2271 2272 for_each_ring(ring, dev_priv, i) 2273 i915_gem_reset_ring_lists(dev_priv, ring); 2274 2275 /* Move everything out of the GPU domains to ensure we do any 2276 * necessary invalidation upon reuse. 2277 */ 2278 list_for_each_entry(obj, 2279 &dev_priv->mm.inactive_list, 2280 mm_list) 2281 { 2282 obj->base.read_domains &= ~I915_GEM_GPU_DOMAINS; 2283 } 2284 2285 i915_gem_restore_fences(dev); 2286 } 2287 2288 /** 2289 * This function clears the request list as sequence numbers are passed. 2290 */ 2291 void 2292 i915_gem_retire_requests_ring(struct intel_ring_buffer *ring) 2293 { 2294 uint32_t seqno; 2295 2296 if (list_empty(&ring->request_list)) 2297 return; 2298 2299 WARN_ON(i915_verify_lists(ring->dev)); 2300 2301 seqno = ring->get_seqno(ring, true); 2302 2303 while (!list_empty(&ring->request_list)) { 2304 struct drm_i915_gem_request *request; 2305 2306 request = list_first_entry(&ring->request_list, 2307 struct drm_i915_gem_request, 2308 list); 2309 2310 if (!i915_seqno_passed(seqno, request->seqno)) 2311 break; 2312 2313 trace_i915_gem_request_retire(ring, request->seqno); 2314 /* We know the GPU must have read the request to have 2315 * sent us the seqno + interrupt, so use the position 2316 * of tail of the request to update the last known position 2317 * of the GPU head. 2318 */ 2319 ring->last_retired_head = request->tail; 2320 2321 i915_gem_free_request(request); 2322 } 2323 2324 /* Move any buffers on the active list that are no longer referenced 2325 * by the ringbuffer to the flushing/inactive lists as appropriate. 2326 */ 2327 while (!list_empty(&ring->active_list)) { 2328 struct drm_i915_gem_object *obj; 2329 2330 obj = list_first_entry(&ring->active_list, 2331 struct drm_i915_gem_object, 2332 ring_list); 2333 2334 if (!i915_seqno_passed(seqno, obj->last_read_seqno)) 2335 break; 2336 2337 i915_gem_object_move_to_inactive(obj); 2338 } 2339 2340 if (unlikely(ring->trace_irq_seqno && 2341 i915_seqno_passed(seqno, ring->trace_irq_seqno))) { 2342 ring->irq_put(ring); 2343 ring->trace_irq_seqno = 0; 2344 } 2345 2346 WARN_ON(i915_verify_lists(ring->dev)); 2347 } 2348 2349 void 2350 i915_gem_retire_requests(struct drm_device *dev) 2351 { 2352 drm_i915_private_t *dev_priv = dev->dev_private; 2353 struct intel_ring_buffer *ring; 2354 int i; 2355 2356 for_each_ring(ring, dev_priv, i) 2357 i915_gem_retire_requests_ring(ring); 2358 } 2359 2360 static void 2361 i915_gem_retire_work_handler(struct work_struct *work) 2362 { 2363 drm_i915_private_t *dev_priv; 2364 struct drm_device *dev; 2365 struct intel_ring_buffer *ring; 2366 bool idle; 2367 int i; 2368 2369 dev_priv = container_of(work, drm_i915_private_t, 2370 mm.retire_work.work); 2371 dev = dev_priv->dev; 2372 2373 /* Come back later if the device is busy... */ 2374 if (!mutex_trylock(&dev->struct_mutex)) { 2375 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, 2376 round_jiffies_up_relative(HZ)); 2377 return; 2378 } 2379 2380 i915_gem_retire_requests(dev); 2381 2382 /* Send a periodic flush down the ring so we don't hold onto GEM 2383 * objects indefinitely. 2384 */ 2385 idle = true; 2386 for_each_ring(ring, dev_priv, i) { 2387 if (ring->gpu_caches_dirty) 2388 i915_add_request(ring, NULL); 2389 2390 idle &= list_empty(&ring->request_list); 2391 } 2392 2393 if (!dev_priv->mm.suspended && !idle) 2394 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, 2395 round_jiffies_up_relative(HZ)); 2396 if (idle) 2397 intel_mark_idle(dev); 2398 2399 mutex_unlock(&dev->struct_mutex); 2400 } 2401 2402 /** 2403 * Ensures that an object will eventually get non-busy by flushing any required 2404 * write domains, emitting any outstanding lazy request and retiring and 2405 * completed requests. 2406 */ 2407 static int 2408 i915_gem_object_flush_active(struct drm_i915_gem_object *obj) 2409 { 2410 int ret; 2411 2412 if (obj->active) { 2413 ret = i915_gem_check_olr(obj->ring, obj->last_read_seqno); 2414 if (ret) 2415 return ret; 2416 2417 i915_gem_retire_requests_ring(obj->ring); 2418 } 2419 2420 return 0; 2421 } 2422 2423 /** 2424 * i915_gem_wait_ioctl - implements DRM_IOCTL_I915_GEM_WAIT 2425 * @DRM_IOCTL_ARGS: standard ioctl arguments 2426 * 2427 * Returns 0 if successful, else an error is returned with the remaining time in 2428 * the timeout parameter. 2429 * -ETIME: object is still busy after timeout 2430 * -ERESTARTSYS: signal interrupted the wait 2431 * -ENONENT: object doesn't exist 2432 * Also possible, but rare: 2433 * -EAGAIN: GPU wedged 2434 * -ENOMEM: damn 2435 * -ENODEV: Internal IRQ fail 2436 * -E?: The add request failed 2437 * 2438 * The wait ioctl with a timeout of 0 reimplements the busy ioctl. With any 2439 * non-zero timeout parameter the wait ioctl will wait for the given number of 2440 * nanoseconds on an object becoming unbusy. Since the wait itself does so 2441 * without holding struct_mutex the object may become re-busied before this 2442 * function completes. A similar but shorter * race condition exists in the busy 2443 * ioctl 2444 */ 2445 int 2446 i915_gem_wait_ioctl(struct drm_device *dev, void *data, struct drm_file *file) 2447 { 2448 drm_i915_private_t *dev_priv = dev->dev_private; 2449 struct drm_i915_gem_wait *args = data; 2450 struct drm_i915_gem_object *obj; 2451 struct intel_ring_buffer *ring = NULL; 2452 struct timespec timeout_stack, *timeout = NULL; 2453 unsigned reset_counter; 2454 u32 seqno = 0; 2455 int ret = 0; 2456 2457 if (args->timeout_ns >= 0) { 2458 timeout_stack = ns_to_timespec(args->timeout_ns); 2459 timeout = &timeout_stack; 2460 } 2461 2462 ret = i915_mutex_lock_interruptible(dev); 2463 if (ret) 2464 return ret; 2465 2466 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->bo_handle)); 2467 if (&obj->base == NULL) { 2468 mutex_unlock(&dev->struct_mutex); 2469 return -ENOENT; 2470 } 2471 2472 /* Need to make sure the object gets inactive eventually. */ 2473 ret = i915_gem_object_flush_active(obj); 2474 if (ret) 2475 goto out; 2476 2477 if (obj->active) { 2478 seqno = obj->last_read_seqno; 2479 ring = obj->ring; 2480 } 2481 2482 if (seqno == 0) 2483 goto out; 2484 2485 /* Do this after OLR check to make sure we make forward progress polling 2486 * on this IOCTL with a 0 timeout (like busy ioctl) 2487 */ 2488 if (!args->timeout_ns) { 2489 ret = -ETIME; 2490 goto out; 2491 } 2492 2493 drm_gem_object_unreference(&obj->base); 2494 reset_counter = atomic_read(&dev_priv->gpu_error.reset_counter); 2495 mutex_unlock(&dev->struct_mutex); 2496 2497 ret = __wait_seqno(ring, seqno, reset_counter, true, timeout); 2498 if (timeout) 2499 args->timeout_ns = timespec_to_ns(timeout); 2500 return ret; 2501 2502 out: 2503 drm_gem_object_unreference(&obj->base); 2504 mutex_unlock(&dev->struct_mutex); 2505 return ret; 2506 } 2507 2508 /** 2509 * i915_gem_object_sync - sync an object to a ring. 2510 * 2511 * @obj: object which may be in use on another ring. 2512 * @to: ring we wish to use the object on. May be NULL. 2513 * 2514 * This code is meant to abstract object synchronization with the GPU. 2515 * Calling with NULL implies synchronizing the object with the CPU 2516 * rather than a particular GPU ring. 2517 * 2518 * Returns 0 if successful, else propagates up the lower layer error. 2519 */ 2520 int 2521 i915_gem_object_sync(struct drm_i915_gem_object *obj, 2522 struct intel_ring_buffer *to) 2523 { 2524 struct intel_ring_buffer *from = obj->ring; 2525 u32 seqno; 2526 int ret, idx; 2527 2528 if (from == NULL || to == from) 2529 return 0; 2530 2531 if (to == NULL || !i915_semaphore_is_enabled(obj->base.dev)) 2532 return i915_gem_object_wait_rendering(obj, false); 2533 2534 idx = intel_ring_sync_index(from, to); 2535 2536 seqno = obj->last_read_seqno; 2537 if (seqno <= from->sync_seqno[idx]) 2538 return 0; 2539 2540 ret = i915_gem_check_olr(obj->ring, seqno); 2541 if (ret) 2542 return ret; 2543 2544 ret = to->sync_to(to, from, seqno); 2545 if (!ret) 2546 /* We use last_read_seqno because sync_to() 2547 * might have just caused seqno wrap under 2548 * the radar. 2549 */ 2550 from->sync_seqno[idx] = obj->last_read_seqno; 2551 2552 return ret; 2553 } 2554 2555 static void i915_gem_object_finish_gtt(struct drm_i915_gem_object *obj) 2556 { 2557 u32 old_write_domain, old_read_domains; 2558 2559 /* Force a pagefault for domain tracking on next user access */ 2560 i915_gem_release_mmap(obj); 2561 2562 if ((obj->base.read_domains & I915_GEM_DOMAIN_GTT) == 0) 2563 return; 2564 2565 /* Wait for any direct GTT access to complete */ 2566 mb(); 2567 2568 old_read_domains = obj->base.read_domains; 2569 old_write_domain = obj->base.write_domain; 2570 2571 obj->base.read_domains &= ~I915_GEM_DOMAIN_GTT; 2572 obj->base.write_domain &= ~I915_GEM_DOMAIN_GTT; 2573 2574 trace_i915_gem_object_change_domain(obj, 2575 old_read_domains, 2576 old_write_domain); 2577 } 2578 2579 /** 2580 * Unbinds an object from the GTT aperture. 2581 */ 2582 int 2583 i915_gem_object_unbind(struct drm_i915_gem_object *obj) 2584 { 2585 drm_i915_private_t *dev_priv = obj->base.dev->dev_private; 2586 int ret; 2587 2588 if (obj->gtt_space == NULL) 2589 return 0; 2590 2591 if (obj->pin_count) 2592 return -EBUSY; 2593 2594 BUG_ON(obj->pages == NULL); 2595 2596 ret = i915_gem_object_finish_gpu(obj); 2597 if (ret) 2598 return ret; 2599 /* Continue on if we fail due to EIO, the GPU is hung so we 2600 * should be safe and we need to cleanup or else we might 2601 * cause memory corruption through use-after-free. 2602 */ 2603 2604 i915_gem_object_finish_gtt(obj); 2605 2606 /* release the fence reg _after_ flushing */ 2607 ret = i915_gem_object_put_fence(obj); 2608 if (ret) 2609 return ret; 2610 2611 trace_i915_gem_object_unbind(obj); 2612 2613 if (obj->has_global_gtt_mapping) 2614 i915_gem_gtt_unbind_object(obj); 2615 if (obj->has_aliasing_ppgtt_mapping) { 2616 i915_ppgtt_unbind_object(dev_priv->mm.aliasing_ppgtt, obj); 2617 obj->has_aliasing_ppgtt_mapping = 0; 2618 } 2619 i915_gem_gtt_finish_object(obj); 2620 i915_gem_object_unpin_pages(obj); 2621 2622 list_del(&obj->mm_list); 2623 list_move_tail(&obj->global_list, &dev_priv->mm.unbound_list); 2624 /* Avoid an unnecessary call to unbind on rebind. */ 2625 obj->map_and_fenceable = true; 2626 2627 drm_mm_put_block(obj->gtt_space); 2628 obj->gtt_space = NULL; 2629 obj->gtt_offset = 0; 2630 2631 return 0; 2632 } 2633 2634 int i915_gpu_idle(struct drm_device *dev) 2635 { 2636 drm_i915_private_t *dev_priv = dev->dev_private; 2637 struct intel_ring_buffer *ring; 2638 int ret, i; 2639 2640 /* Flush everything onto the inactive list. */ 2641 for_each_ring(ring, dev_priv, i) { 2642 ret = i915_switch_context(ring, NULL, DEFAULT_CONTEXT_ID); 2643 if (ret) 2644 return ret; 2645 2646 ret = intel_ring_idle(ring); 2647 if (ret) 2648 return ret; 2649 } 2650 2651 return 0; 2652 } 2653 2654 static void i965_write_fence_reg(struct drm_device *dev, int reg, 2655 struct drm_i915_gem_object *obj) 2656 { 2657 drm_i915_private_t *dev_priv = dev->dev_private; 2658 int fence_reg; 2659 int fence_pitch_shift; 2660 2661 if (INTEL_INFO(dev)->gen >= 6) { 2662 fence_reg = FENCE_REG_SANDYBRIDGE_0; 2663 fence_pitch_shift = SANDYBRIDGE_FENCE_PITCH_SHIFT; 2664 } else { 2665 fence_reg = FENCE_REG_965_0; 2666 fence_pitch_shift = I965_FENCE_PITCH_SHIFT; 2667 } 2668 2669 fence_reg += reg * 8; 2670 2671 /* To w/a incoherency with non-atomic 64-bit register updates, 2672 * we split the 64-bit update into two 32-bit writes. In order 2673 * for a partial fence not to be evaluated between writes, we 2674 * precede the update with write to turn off the fence register, 2675 * and only enable the fence as the last step. 2676 * 2677 * For extra levels of paranoia, we make sure each step lands 2678 * before applying the next step. 2679 */ 2680 I915_WRITE(fence_reg, 0); 2681 POSTING_READ(fence_reg); 2682 2683 if (obj) { 2684 u32 size = obj->gtt_space->size; 2685 uint64_t val; 2686 2687 val = (uint64_t)((obj->gtt_offset + size - 4096) & 2688 0xfffff000) << 32; 2689 val |= obj->gtt_offset & 0xfffff000; 2690 val |= (uint64_t)((obj->stride / 128) - 1) << fence_pitch_shift; 2691 if (obj->tiling_mode == I915_TILING_Y) 2692 val |= 1 << I965_FENCE_TILING_Y_SHIFT; 2693 val |= I965_FENCE_REG_VALID; 2694 2695 I915_WRITE(fence_reg + 4, val >> 32); 2696 POSTING_READ(fence_reg + 4); 2697 2698 I915_WRITE(fence_reg + 0, val); 2699 POSTING_READ(fence_reg); 2700 } else { 2701 I915_WRITE(fence_reg + 4, 0); 2702 POSTING_READ(fence_reg + 4); 2703 } 2704 } 2705 2706 static void i915_write_fence_reg(struct drm_device *dev, int reg, 2707 struct drm_i915_gem_object *obj) 2708 { 2709 drm_i915_private_t *dev_priv = dev->dev_private; 2710 u32 val; 2711 2712 if (obj) { 2713 u32 size = obj->gtt_space->size; 2714 int pitch_val; 2715 int tile_width; 2716 2717 WARN((obj->gtt_offset & ~I915_FENCE_START_MASK) || 2718 (size & -size) != size || 2719 (obj->gtt_offset & (size - 1)), 2720 "object 0x%08x [fenceable? %d] not 1M or pot-size (0x%08x) aligned\n", 2721 obj->gtt_offset, obj->map_and_fenceable, size); 2722 2723 if (obj->tiling_mode == I915_TILING_Y && HAS_128_BYTE_Y_TILING(dev)) 2724 tile_width = 128; 2725 else 2726 tile_width = 512; 2727 2728 /* Note: pitch better be a power of two tile widths */ 2729 pitch_val = obj->stride / tile_width; 2730 pitch_val = ffs(pitch_val) - 1; 2731 2732 val = obj->gtt_offset; 2733 if (obj->tiling_mode == I915_TILING_Y) 2734 val |= 1 << I830_FENCE_TILING_Y_SHIFT; 2735 val |= I915_FENCE_SIZE_BITS(size); 2736 val |= pitch_val << I830_FENCE_PITCH_SHIFT; 2737 val |= I830_FENCE_REG_VALID; 2738 } else 2739 val = 0; 2740 2741 if (reg < 8) 2742 reg = FENCE_REG_830_0 + reg * 4; 2743 else 2744 reg = FENCE_REG_945_8 + (reg - 8) * 4; 2745 2746 I915_WRITE(reg, val); 2747 POSTING_READ(reg); 2748 } 2749 2750 static void i830_write_fence_reg(struct drm_device *dev, int reg, 2751 struct drm_i915_gem_object *obj) 2752 { 2753 drm_i915_private_t *dev_priv = dev->dev_private; 2754 uint32_t val; 2755 2756 if (obj) { 2757 u32 size = obj->gtt_space->size; 2758 uint32_t pitch_val; 2759 2760 WARN((obj->gtt_offset & ~I830_FENCE_START_MASK) || 2761 (size & -size) != size || 2762 (obj->gtt_offset & (size - 1)), 2763 "object 0x%08x not 512K or pot-size 0x%08x aligned\n", 2764 obj->gtt_offset, size); 2765 2766 pitch_val = obj->stride / 128; 2767 pitch_val = ffs(pitch_val) - 1; 2768 2769 val = obj->gtt_offset; 2770 if (obj->tiling_mode == I915_TILING_Y) 2771 val |= 1 << I830_FENCE_TILING_Y_SHIFT; 2772 val |= I830_FENCE_SIZE_BITS(size); 2773 val |= pitch_val << I830_FENCE_PITCH_SHIFT; 2774 val |= I830_FENCE_REG_VALID; 2775 } else 2776 val = 0; 2777 2778 I915_WRITE(FENCE_REG_830_0 + reg * 4, val); 2779 POSTING_READ(FENCE_REG_830_0 + reg * 4); 2780 } 2781 2782 inline static bool i915_gem_object_needs_mb(struct drm_i915_gem_object *obj) 2783 { 2784 return obj && obj->base.read_domains & I915_GEM_DOMAIN_GTT; 2785 } 2786 2787 static void i915_gem_write_fence(struct drm_device *dev, int reg, 2788 struct drm_i915_gem_object *obj) 2789 { 2790 struct drm_i915_private *dev_priv = dev->dev_private; 2791 2792 /* Ensure that all CPU reads are completed before installing a fence 2793 * and all writes before removing the fence. 2794 */ 2795 if (i915_gem_object_needs_mb(dev_priv->fence_regs[reg].obj)) 2796 mb(); 2797 2798 switch (INTEL_INFO(dev)->gen) { 2799 case 7: 2800 case 6: 2801 case 5: 2802 case 4: i965_write_fence_reg(dev, reg, obj); break; 2803 case 3: i915_write_fence_reg(dev, reg, obj); break; 2804 case 2: i830_write_fence_reg(dev, reg, obj); break; 2805 default: BUG(); 2806 } 2807 2808 /* And similarly be paranoid that no direct access to this region 2809 * is reordered to before the fence is installed. 2810 */ 2811 if (i915_gem_object_needs_mb(obj)) 2812 mb(); 2813 } 2814 2815 static inline int fence_number(struct drm_i915_private *dev_priv, 2816 struct drm_i915_fence_reg *fence) 2817 { 2818 return fence - dev_priv->fence_regs; 2819 } 2820 2821 static void i915_gem_object_update_fence(struct drm_i915_gem_object *obj, 2822 struct drm_i915_fence_reg *fence, 2823 bool enable) 2824 { 2825 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 2826 int reg = fence_number(dev_priv, fence); 2827 2828 i915_gem_write_fence(obj->base.dev, reg, enable ? obj : NULL); 2829 2830 if (enable) { 2831 obj->fence_reg = reg; 2832 fence->obj = obj; 2833 list_move_tail(&fence->lru_list, &dev_priv->mm.fence_list); 2834 } else { 2835 obj->fence_reg = I915_FENCE_REG_NONE; 2836 fence->obj = NULL; 2837 list_del_init(&fence->lru_list); 2838 } 2839 } 2840 2841 static int 2842 i915_gem_object_wait_fence(struct drm_i915_gem_object *obj) 2843 { 2844 if (obj->last_fenced_seqno) { 2845 int ret = i915_wait_seqno(obj->ring, obj->last_fenced_seqno); 2846 if (ret) 2847 return ret; 2848 2849 obj->last_fenced_seqno = 0; 2850 } 2851 2852 obj->fenced_gpu_access = false; 2853 return 0; 2854 } 2855 2856 int 2857 i915_gem_object_put_fence(struct drm_i915_gem_object *obj) 2858 { 2859 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 2860 struct drm_i915_fence_reg *fence; 2861 int ret; 2862 2863 ret = i915_gem_object_wait_fence(obj); 2864 if (ret) 2865 return ret; 2866 2867 if (obj->fence_reg == I915_FENCE_REG_NONE) 2868 return 0; 2869 2870 fence = &dev_priv->fence_regs[obj->fence_reg]; 2871 2872 i915_gem_object_fence_lost(obj); 2873 i915_gem_object_update_fence(obj, fence, false); 2874 2875 return 0; 2876 } 2877 2878 static struct drm_i915_fence_reg * 2879 i915_find_fence_reg(struct drm_device *dev) 2880 { 2881 struct drm_i915_private *dev_priv = dev->dev_private; 2882 struct drm_i915_fence_reg *reg, *avail; 2883 int i; 2884 2885 /* First try to find a free reg */ 2886 avail = NULL; 2887 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) { 2888 reg = &dev_priv->fence_regs[i]; 2889 if (!reg->obj) 2890 return reg; 2891 2892 if (!reg->pin_count) 2893 avail = reg; 2894 } 2895 2896 if (avail == NULL) 2897 return NULL; 2898 2899 /* None available, try to steal one or wait for a user to finish */ 2900 list_for_each_entry(reg, &dev_priv->mm.fence_list, lru_list) { 2901 if (reg->pin_count) 2902 continue; 2903 2904 return reg; 2905 } 2906 2907 return NULL; 2908 } 2909 2910 /** 2911 * i915_gem_object_get_fence - set up fencing for an object 2912 * @obj: object to map through a fence reg 2913 * 2914 * When mapping objects through the GTT, userspace wants to be able to write 2915 * to them without having to worry about swizzling if the object is tiled. 2916 * This function walks the fence regs looking for a free one for @obj, 2917 * stealing one if it can't find any. 2918 * 2919 * It then sets up the reg based on the object's properties: address, pitch 2920 * and tiling format. 2921 * 2922 * For an untiled surface, this removes any existing fence. 2923 */ 2924 int 2925 i915_gem_object_get_fence(struct drm_i915_gem_object *obj) 2926 { 2927 struct drm_device *dev = obj->base.dev; 2928 struct drm_i915_private *dev_priv = dev->dev_private; 2929 bool enable = obj->tiling_mode != I915_TILING_NONE; 2930 struct drm_i915_fence_reg *reg; 2931 int ret; 2932 2933 /* Have we updated the tiling parameters upon the object and so 2934 * will need to serialise the write to the associated fence register? 2935 */ 2936 if (obj->fence_dirty) { 2937 ret = i915_gem_object_wait_fence(obj); 2938 if (ret) 2939 return ret; 2940 } 2941 2942 /* Just update our place in the LRU if our fence is getting reused. */ 2943 if (obj->fence_reg != I915_FENCE_REG_NONE) { 2944 reg = &dev_priv->fence_regs[obj->fence_reg]; 2945 if (!obj->fence_dirty) { 2946 list_move_tail(®->lru_list, 2947 &dev_priv->mm.fence_list); 2948 return 0; 2949 } 2950 } else if (enable) { 2951 reg = i915_find_fence_reg(dev); 2952 if (reg == NULL) 2953 return -EDEADLK; 2954 2955 if (reg->obj) { 2956 struct drm_i915_gem_object *old = reg->obj; 2957 2958 ret = i915_gem_object_wait_fence(old); 2959 if (ret) 2960 return ret; 2961 2962 i915_gem_object_fence_lost(old); 2963 } 2964 } else 2965 return 0; 2966 2967 i915_gem_object_update_fence(obj, reg, enable); 2968 obj->fence_dirty = false; 2969 2970 return 0; 2971 } 2972 2973 static bool i915_gem_valid_gtt_space(struct drm_device *dev, 2974 struct drm_mm_node *gtt_space, 2975 unsigned long cache_level) 2976 { 2977 struct drm_mm_node *other; 2978 2979 /* On non-LLC machines we have to be careful when putting differing 2980 * types of snoopable memory together to avoid the prefetcher 2981 * crossing memory domains and dying. 2982 */ 2983 if (HAS_LLC(dev)) 2984 return true; 2985 2986 if (gtt_space == NULL) 2987 return true; 2988 2989 if (list_empty(>t_space->node_list)) 2990 return true; 2991 2992 other = list_entry(gtt_space->node_list.prev, struct drm_mm_node, node_list); 2993 if (other->allocated && !other->hole_follows && other->color != cache_level) 2994 return false; 2995 2996 other = list_entry(gtt_space->node_list.next, struct drm_mm_node, node_list); 2997 if (other->allocated && !gtt_space->hole_follows && other->color != cache_level) 2998 return false; 2999 3000 return true; 3001 } 3002 3003 static void i915_gem_verify_gtt(struct drm_device *dev) 3004 { 3005 #if WATCH_GTT 3006 struct drm_i915_private *dev_priv = dev->dev_private; 3007 struct drm_i915_gem_object *obj; 3008 int err = 0; 3009 3010 list_for_each_entry(obj, &dev_priv->mm.gtt_list, global_list) { 3011 if (obj->gtt_space == NULL) { 3012 printk(KERN_ERR "object found on GTT list with no space reserved\n"); 3013 err++; 3014 continue; 3015 } 3016 3017 if (obj->cache_level != obj->gtt_space->color) { 3018 printk(KERN_ERR "object reserved space [%08lx, %08lx] with wrong color, cache_level=%x, color=%lx\n", 3019 obj->gtt_space->start, 3020 obj->gtt_space->start + obj->gtt_space->size, 3021 obj->cache_level, 3022 obj->gtt_space->color); 3023 err++; 3024 continue; 3025 } 3026 3027 if (!i915_gem_valid_gtt_space(dev, 3028 obj->gtt_space, 3029 obj->cache_level)) { 3030 printk(KERN_ERR "invalid GTT space found at [%08lx, %08lx] - color=%x\n", 3031 obj->gtt_space->start, 3032 obj->gtt_space->start + obj->gtt_space->size, 3033 obj->cache_level); 3034 err++; 3035 continue; 3036 } 3037 } 3038 3039 WARN_ON(err); 3040 #endif 3041 } 3042 3043 /** 3044 * Finds free space in the GTT aperture and binds the object there. 3045 */ 3046 static int 3047 i915_gem_object_bind_to_gtt(struct drm_i915_gem_object *obj, 3048 unsigned alignment, 3049 bool map_and_fenceable, 3050 bool nonblocking) 3051 { 3052 struct drm_device *dev = obj->base.dev; 3053 drm_i915_private_t *dev_priv = dev->dev_private; 3054 struct drm_mm_node *node; 3055 u32 size, fence_size, fence_alignment, unfenced_alignment; 3056 bool mappable, fenceable; 3057 size_t gtt_max = map_and_fenceable ? 3058 dev_priv->gtt.mappable_end : dev_priv->gtt.total; 3059 int ret; 3060 3061 fence_size = i915_gem_get_gtt_size(dev, 3062 obj->base.size, 3063 obj->tiling_mode); 3064 fence_alignment = i915_gem_get_gtt_alignment(dev, 3065 obj->base.size, 3066 obj->tiling_mode, true); 3067 unfenced_alignment = 3068 i915_gem_get_gtt_alignment(dev, 3069 obj->base.size, 3070 obj->tiling_mode, false); 3071 3072 if (alignment == 0) 3073 alignment = map_and_fenceable ? fence_alignment : 3074 unfenced_alignment; 3075 if (map_and_fenceable && alignment & (fence_alignment - 1)) { 3076 DRM_ERROR("Invalid object alignment requested %u\n", alignment); 3077 return -EINVAL; 3078 } 3079 3080 size = map_and_fenceable ? fence_size : obj->base.size; 3081 3082 /* If the object is bigger than the entire aperture, reject it early 3083 * before evicting everything in a vain attempt to find space. 3084 */ 3085 if (obj->base.size > gtt_max) { 3086 DRM_ERROR("Attempting to bind an object larger than the aperture: object=%zd > %s aperture=%zu\n", 3087 obj->base.size, 3088 map_and_fenceable ? "mappable" : "total", 3089 gtt_max); 3090 return -E2BIG; 3091 } 3092 3093 ret = i915_gem_object_get_pages(obj); 3094 if (ret) 3095 return ret; 3096 3097 i915_gem_object_pin_pages(obj); 3098 3099 node = kzalloc(sizeof(*node), GFP_KERNEL); 3100 if (node == NULL) { 3101 i915_gem_object_unpin_pages(obj); 3102 return -ENOMEM; 3103 } 3104 3105 search_free: 3106 ret = drm_mm_insert_node_in_range_generic(&dev_priv->mm.gtt_space, node, 3107 size, alignment, 3108 obj->cache_level, 0, gtt_max); 3109 if (ret) { 3110 ret = i915_gem_evict_something(dev, size, alignment, 3111 obj->cache_level, 3112 map_and_fenceable, 3113 nonblocking); 3114 if (ret == 0) 3115 goto search_free; 3116 3117 i915_gem_object_unpin_pages(obj); 3118 kfree(node); 3119 return ret; 3120 } 3121 if (WARN_ON(!i915_gem_valid_gtt_space(dev, node, obj->cache_level))) { 3122 i915_gem_object_unpin_pages(obj); 3123 drm_mm_put_block(node); 3124 return -EINVAL; 3125 } 3126 3127 ret = i915_gem_gtt_prepare_object(obj); 3128 if (ret) { 3129 i915_gem_object_unpin_pages(obj); 3130 drm_mm_put_block(node); 3131 return ret; 3132 } 3133 3134 list_move_tail(&obj->global_list, &dev_priv->mm.bound_list); 3135 list_add_tail(&obj->mm_list, &dev_priv->mm.inactive_list); 3136 3137 obj->gtt_space = node; 3138 obj->gtt_offset = node->start; 3139 3140 fenceable = 3141 node->size == fence_size && 3142 (node->start & (fence_alignment - 1)) == 0; 3143 3144 mappable = 3145 obj->gtt_offset + obj->base.size <= dev_priv->gtt.mappable_end; 3146 3147 obj->map_and_fenceable = mappable && fenceable; 3148 3149 trace_i915_gem_object_bind(obj, map_and_fenceable); 3150 i915_gem_verify_gtt(dev); 3151 return 0; 3152 } 3153 3154 void 3155 i915_gem_clflush_object(struct drm_i915_gem_object *obj) 3156 { 3157 /* If we don't have a page list set up, then we're not pinned 3158 * to GPU, and we can ignore the cache flush because it'll happen 3159 * again at bind time. 3160 */ 3161 if (obj->pages == NULL) 3162 return; 3163 3164 /* 3165 * Stolen memory is always coherent with the GPU as it is explicitly 3166 * marked as wc by the system, or the system is cache-coherent. 3167 */ 3168 if (obj->stolen) 3169 return; 3170 3171 /* If the GPU is snooping the contents of the CPU cache, 3172 * we do not need to manually clear the CPU cache lines. However, 3173 * the caches are only snooped when the render cache is 3174 * flushed/invalidated. As we always have to emit invalidations 3175 * and flushes when moving into and out of the RENDER domain, correct 3176 * snooping behaviour occurs naturally as the result of our domain 3177 * tracking. 3178 */ 3179 if (obj->cache_level != I915_CACHE_NONE) 3180 return; 3181 3182 trace_i915_gem_object_clflush(obj); 3183 3184 drm_clflush_sg(obj->pages); 3185 } 3186 3187 /** Flushes the GTT write domain for the object if it's dirty. */ 3188 static void 3189 i915_gem_object_flush_gtt_write_domain(struct drm_i915_gem_object *obj) 3190 { 3191 uint32_t old_write_domain; 3192 3193 if (obj->base.write_domain != I915_GEM_DOMAIN_GTT) 3194 return; 3195 3196 /* No actual flushing is required for the GTT write domain. Writes 3197 * to it immediately go to main memory as far as we know, so there's 3198 * no chipset flush. It also doesn't land in render cache. 3199 * 3200 * However, we do have to enforce the order so that all writes through 3201 * the GTT land before any writes to the device, such as updates to 3202 * the GATT itself. 3203 */ 3204 wmb(); 3205 3206 old_write_domain = obj->base.write_domain; 3207 obj->base.write_domain = 0; 3208 3209 trace_i915_gem_object_change_domain(obj, 3210 obj->base.read_domains, 3211 old_write_domain); 3212 } 3213 3214 /** Flushes the CPU write domain for the object if it's dirty. */ 3215 static void 3216 i915_gem_object_flush_cpu_write_domain(struct drm_i915_gem_object *obj) 3217 { 3218 uint32_t old_write_domain; 3219 3220 if (obj->base.write_domain != I915_GEM_DOMAIN_CPU) 3221 return; 3222 3223 i915_gem_clflush_object(obj); 3224 i915_gem_chipset_flush(obj->base.dev); 3225 old_write_domain = obj->base.write_domain; 3226 obj->base.write_domain = 0; 3227 3228 trace_i915_gem_object_change_domain(obj, 3229 obj->base.read_domains, 3230 old_write_domain); 3231 } 3232 3233 /** 3234 * Moves a single object to the GTT read, and possibly write domain. 3235 * 3236 * This function returns when the move is complete, including waiting on 3237 * flushes to occur. 3238 */ 3239 int 3240 i915_gem_object_set_to_gtt_domain(struct drm_i915_gem_object *obj, bool write) 3241 { 3242 drm_i915_private_t *dev_priv = obj->base.dev->dev_private; 3243 uint32_t old_write_domain, old_read_domains; 3244 int ret; 3245 3246 /* Not valid to be called on unbound objects. */ 3247 if (obj->gtt_space == NULL) 3248 return -EINVAL; 3249 3250 if (obj->base.write_domain == I915_GEM_DOMAIN_GTT) 3251 return 0; 3252 3253 ret = i915_gem_object_wait_rendering(obj, !write); 3254 if (ret) 3255 return ret; 3256 3257 i915_gem_object_flush_cpu_write_domain(obj); 3258 3259 /* Serialise direct access to this object with the barriers for 3260 * coherent writes from the GPU, by effectively invalidating the 3261 * GTT domain upon first access. 3262 */ 3263 if ((obj->base.read_domains & I915_GEM_DOMAIN_GTT) == 0) 3264 mb(); 3265 3266 old_write_domain = obj->base.write_domain; 3267 old_read_domains = obj->base.read_domains; 3268 3269 /* It should now be out of any other write domains, and we can update 3270 * the domain values for our changes. 3271 */ 3272 BUG_ON((obj->base.write_domain & ~I915_GEM_DOMAIN_GTT) != 0); 3273 obj->base.read_domains |= I915_GEM_DOMAIN_GTT; 3274 if (write) { 3275 obj->base.read_domains = I915_GEM_DOMAIN_GTT; 3276 obj->base.write_domain = I915_GEM_DOMAIN_GTT; 3277 obj->dirty = 1; 3278 } 3279 3280 trace_i915_gem_object_change_domain(obj, 3281 old_read_domains, 3282 old_write_domain); 3283 3284 /* And bump the LRU for this access */ 3285 if (i915_gem_object_is_inactive(obj)) 3286 list_move_tail(&obj->mm_list, &dev_priv->mm.inactive_list); 3287 3288 return 0; 3289 } 3290 3291 int i915_gem_object_set_cache_level(struct drm_i915_gem_object *obj, 3292 enum i915_cache_level cache_level) 3293 { 3294 struct drm_device *dev = obj->base.dev; 3295 drm_i915_private_t *dev_priv = dev->dev_private; 3296 int ret; 3297 3298 if (obj->cache_level == cache_level) 3299 return 0; 3300 3301 if (obj->pin_count) { 3302 DRM_DEBUG("can not change the cache level of pinned objects\n"); 3303 return -EBUSY; 3304 } 3305 3306 if (!i915_gem_valid_gtt_space(dev, obj->gtt_space, cache_level)) { 3307 ret = i915_gem_object_unbind(obj); 3308 if (ret) 3309 return ret; 3310 } 3311 3312 if (obj->gtt_space) { 3313 ret = i915_gem_object_finish_gpu(obj); 3314 if (ret) 3315 return ret; 3316 3317 i915_gem_object_finish_gtt(obj); 3318 3319 /* Before SandyBridge, you could not use tiling or fence 3320 * registers with snooped memory, so relinquish any fences 3321 * currently pointing to our region in the aperture. 3322 */ 3323 if (INTEL_INFO(dev)->gen < 6) { 3324 ret = i915_gem_object_put_fence(obj); 3325 if (ret) 3326 return ret; 3327 } 3328 3329 if (obj->has_global_gtt_mapping) 3330 i915_gem_gtt_bind_object(obj, cache_level); 3331 if (obj->has_aliasing_ppgtt_mapping) 3332 i915_ppgtt_bind_object(dev_priv->mm.aliasing_ppgtt, 3333 obj, cache_level); 3334 3335 obj->gtt_space->color = cache_level; 3336 } 3337 3338 if (cache_level == I915_CACHE_NONE) { 3339 u32 old_read_domains, old_write_domain; 3340 3341 /* If we're coming from LLC cached, then we haven't 3342 * actually been tracking whether the data is in the 3343 * CPU cache or not, since we only allow one bit set 3344 * in obj->write_domain and have been skipping the clflushes. 3345 * Just set it to the CPU cache for now. 3346 */ 3347 WARN_ON(obj->base.write_domain & ~I915_GEM_DOMAIN_CPU); 3348 WARN_ON(obj->base.read_domains & ~I915_GEM_DOMAIN_CPU); 3349 3350 old_read_domains = obj->base.read_domains; 3351 old_write_domain = obj->base.write_domain; 3352 3353 obj->base.read_domains = I915_GEM_DOMAIN_CPU; 3354 obj->base.write_domain = I915_GEM_DOMAIN_CPU; 3355 3356 trace_i915_gem_object_change_domain(obj, 3357 old_read_domains, 3358 old_write_domain); 3359 } 3360 3361 obj->cache_level = cache_level; 3362 i915_gem_verify_gtt(dev); 3363 return 0; 3364 } 3365 3366 int i915_gem_get_caching_ioctl(struct drm_device *dev, void *data, 3367 struct drm_file *file) 3368 { 3369 struct drm_i915_gem_caching *args = data; 3370 struct drm_i915_gem_object *obj; 3371 int ret; 3372 3373 ret = i915_mutex_lock_interruptible(dev); 3374 if (ret) 3375 return ret; 3376 3377 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 3378 if (&obj->base == NULL) { 3379 ret = -ENOENT; 3380 goto unlock; 3381 } 3382 3383 args->caching = obj->cache_level != I915_CACHE_NONE; 3384 3385 drm_gem_object_unreference(&obj->base); 3386 unlock: 3387 mutex_unlock(&dev->struct_mutex); 3388 return ret; 3389 } 3390 3391 int i915_gem_set_caching_ioctl(struct drm_device *dev, void *data, 3392 struct drm_file *file) 3393 { 3394 struct drm_i915_gem_caching *args = data; 3395 struct drm_i915_gem_object *obj; 3396 enum i915_cache_level level; 3397 int ret; 3398 3399 switch (args->caching) { 3400 case I915_CACHING_NONE: 3401 level = I915_CACHE_NONE; 3402 break; 3403 case I915_CACHING_CACHED: 3404 level = I915_CACHE_LLC; 3405 break; 3406 default: 3407 return -EINVAL; 3408 } 3409 3410 ret = i915_mutex_lock_interruptible(dev); 3411 if (ret) 3412 return ret; 3413 3414 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 3415 if (&obj->base == NULL) { 3416 ret = -ENOENT; 3417 goto unlock; 3418 } 3419 3420 ret = i915_gem_object_set_cache_level(obj, level); 3421 3422 drm_gem_object_unreference(&obj->base); 3423 unlock: 3424 mutex_unlock(&dev->struct_mutex); 3425 return ret; 3426 } 3427 3428 /* 3429 * Prepare buffer for display plane (scanout, cursors, etc). 3430 * Can be called from an uninterruptible phase (modesetting) and allows 3431 * any flushes to be pipelined (for pageflips). 3432 */ 3433 int 3434 i915_gem_object_pin_to_display_plane(struct drm_i915_gem_object *obj, 3435 u32 alignment, 3436 struct intel_ring_buffer *pipelined) 3437 { 3438 u32 old_read_domains, old_write_domain; 3439 int ret; 3440 3441 if (pipelined != obj->ring) { 3442 ret = i915_gem_object_sync(obj, pipelined); 3443 if (ret) 3444 return ret; 3445 } 3446 3447 /* The display engine is not coherent with the LLC cache on gen6. As 3448 * a result, we make sure that the pinning that is about to occur is 3449 * done with uncached PTEs. This is lowest common denominator for all 3450 * chipsets. 3451 * 3452 * However for gen6+, we could do better by using the GFDT bit instead 3453 * of uncaching, which would allow us to flush all the LLC-cached data 3454 * with that bit in the PTE to main memory with just one PIPE_CONTROL. 3455 */ 3456 ret = i915_gem_object_set_cache_level(obj, I915_CACHE_NONE); 3457 if (ret) 3458 return ret; 3459 3460 /* As the user may map the buffer once pinned in the display plane 3461 * (e.g. libkms for the bootup splash), we have to ensure that we 3462 * always use map_and_fenceable for all scanout buffers. 3463 */ 3464 ret = i915_gem_object_pin(obj, alignment, true, false); 3465 if (ret) 3466 return ret; 3467 3468 i915_gem_object_flush_cpu_write_domain(obj); 3469 3470 old_write_domain = obj->base.write_domain; 3471 old_read_domains = obj->base.read_domains; 3472 3473 /* It should now be out of any other write domains, and we can update 3474 * the domain values for our changes. 3475 */ 3476 obj->base.write_domain = 0; 3477 obj->base.read_domains |= I915_GEM_DOMAIN_GTT; 3478 3479 trace_i915_gem_object_change_domain(obj, 3480 old_read_domains, 3481 old_write_domain); 3482 3483 return 0; 3484 } 3485 3486 int 3487 i915_gem_object_finish_gpu(struct drm_i915_gem_object *obj) 3488 { 3489 int ret; 3490 3491 if ((obj->base.read_domains & I915_GEM_GPU_DOMAINS) == 0) 3492 return 0; 3493 3494 ret = i915_gem_object_wait_rendering(obj, false); 3495 if (ret) 3496 return ret; 3497 3498 /* Ensure that we invalidate the GPU's caches and TLBs. */ 3499 obj->base.read_domains &= ~I915_GEM_GPU_DOMAINS; 3500 return 0; 3501 } 3502 3503 /** 3504 * Moves a single object to the CPU read, and possibly write domain. 3505 * 3506 * This function returns when the move is complete, including waiting on 3507 * flushes to occur. 3508 */ 3509 int 3510 i915_gem_object_set_to_cpu_domain(struct drm_i915_gem_object *obj, bool write) 3511 { 3512 uint32_t old_write_domain, old_read_domains; 3513 int ret; 3514 3515 if (obj->base.write_domain == I915_GEM_DOMAIN_CPU) 3516 return 0; 3517 3518 ret = i915_gem_object_wait_rendering(obj, !write); 3519 if (ret) 3520 return ret; 3521 3522 i915_gem_object_flush_gtt_write_domain(obj); 3523 3524 old_write_domain = obj->base.write_domain; 3525 old_read_domains = obj->base.read_domains; 3526 3527 /* Flush the CPU cache if it's still invalid. */ 3528 if ((obj->base.read_domains & I915_GEM_DOMAIN_CPU) == 0) { 3529 i915_gem_clflush_object(obj); 3530 3531 obj->base.read_domains |= I915_GEM_DOMAIN_CPU; 3532 } 3533 3534 /* It should now be out of any other write domains, and we can update 3535 * the domain values for our changes. 3536 */ 3537 BUG_ON((obj->base.write_domain & ~I915_GEM_DOMAIN_CPU) != 0); 3538 3539 /* If we're writing through the CPU, then the GPU read domains will 3540 * need to be invalidated at next use. 3541 */ 3542 if (write) { 3543 obj->base.read_domains = I915_GEM_DOMAIN_CPU; 3544 obj->base.write_domain = I915_GEM_DOMAIN_CPU; 3545 } 3546 3547 trace_i915_gem_object_change_domain(obj, 3548 old_read_domains, 3549 old_write_domain); 3550 3551 return 0; 3552 } 3553 3554 /* Throttle our rendering by waiting until the ring has completed our requests 3555 * emitted over 20 msec ago. 3556 * 3557 * Note that if we were to use the current jiffies each time around the loop, 3558 * we wouldn't escape the function with any frames outstanding if the time to 3559 * render a frame was over 20ms. 3560 * 3561 * This should get us reasonable parallelism between CPU and GPU but also 3562 * relatively low latency when blocking on a particular request to finish. 3563 */ 3564 static int 3565 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file) 3566 { 3567 struct drm_i915_private *dev_priv = dev->dev_private; 3568 struct drm_i915_file_private *file_priv = file->driver_priv; 3569 unsigned long recent_enough = jiffies - msecs_to_jiffies(20); 3570 struct drm_i915_gem_request *request; 3571 struct intel_ring_buffer *ring = NULL; 3572 unsigned reset_counter; 3573 u32 seqno = 0; 3574 int ret; 3575 3576 ret = i915_gem_wait_for_error(&dev_priv->gpu_error); 3577 if (ret) 3578 return ret; 3579 3580 ret = i915_gem_check_wedge(&dev_priv->gpu_error, false); 3581 if (ret) 3582 return ret; 3583 3584 spin_lock(&file_priv->mm.lock); 3585 list_for_each_entry(request, &file_priv->mm.request_list, client_list) { 3586 if (time_after_eq(request->emitted_jiffies, recent_enough)) 3587 break; 3588 3589 ring = request->ring; 3590 seqno = request->seqno; 3591 } 3592 reset_counter = atomic_read(&dev_priv->gpu_error.reset_counter); 3593 spin_unlock(&file_priv->mm.lock); 3594 3595 if (seqno == 0) 3596 return 0; 3597 3598 ret = __wait_seqno(ring, seqno, reset_counter, true, NULL); 3599 if (ret == 0) 3600 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, 0); 3601 3602 return ret; 3603 } 3604 3605 int 3606 i915_gem_object_pin(struct drm_i915_gem_object *obj, 3607 uint32_t alignment, 3608 bool map_and_fenceable, 3609 bool nonblocking) 3610 { 3611 int ret; 3612 3613 if (WARN_ON(obj->pin_count == DRM_I915_GEM_OBJECT_MAX_PIN_COUNT)) 3614 return -EBUSY; 3615 3616 if (obj->gtt_space != NULL) { 3617 if ((alignment && obj->gtt_offset & (alignment - 1)) || 3618 (map_and_fenceable && !obj->map_and_fenceable)) { 3619 WARN(obj->pin_count, 3620 "bo is already pinned with incorrect alignment:" 3621 " offset=%x, req.alignment=%x, req.map_and_fenceable=%d," 3622 " obj->map_and_fenceable=%d\n", 3623 obj->gtt_offset, alignment, 3624 map_and_fenceable, 3625 obj->map_and_fenceable); 3626 ret = i915_gem_object_unbind(obj); 3627 if (ret) 3628 return ret; 3629 } 3630 } 3631 3632 if (obj->gtt_space == NULL) { 3633 struct drm_i915_private *dev_priv = obj->base.dev->dev_private; 3634 3635 ret = i915_gem_object_bind_to_gtt(obj, alignment, 3636 map_and_fenceable, 3637 nonblocking); 3638 if (ret) 3639 return ret; 3640 3641 if (!dev_priv->mm.aliasing_ppgtt) 3642 i915_gem_gtt_bind_object(obj, obj->cache_level); 3643 } 3644 3645 if (!obj->has_global_gtt_mapping && map_and_fenceable) 3646 i915_gem_gtt_bind_object(obj, obj->cache_level); 3647 3648 obj->pin_count++; 3649 obj->pin_mappable |= map_and_fenceable; 3650 3651 return 0; 3652 } 3653 3654 void 3655 i915_gem_object_unpin(struct drm_i915_gem_object *obj) 3656 { 3657 BUG_ON(obj->pin_count == 0); 3658 BUG_ON(obj->gtt_space == NULL); 3659 3660 if (--obj->pin_count == 0) 3661 obj->pin_mappable = false; 3662 } 3663 3664 int 3665 i915_gem_pin_ioctl(struct drm_device *dev, void *data, 3666 struct drm_file *file) 3667 { 3668 struct drm_i915_gem_pin *args = data; 3669 struct drm_i915_gem_object *obj; 3670 int ret; 3671 3672 ret = i915_mutex_lock_interruptible(dev); 3673 if (ret) 3674 return ret; 3675 3676 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 3677 if (&obj->base == NULL) { 3678 ret = -ENOENT; 3679 goto unlock; 3680 } 3681 3682 if (obj->madv != I915_MADV_WILLNEED) { 3683 DRM_ERROR("Attempting to pin a purgeable buffer\n"); 3684 ret = -EINVAL; 3685 goto out; 3686 } 3687 3688 if (obj->pin_filp != NULL && obj->pin_filp != file) { 3689 DRM_ERROR("Already pinned in i915_gem_pin_ioctl(): %d\n", 3690 args->handle); 3691 ret = -EINVAL; 3692 goto out; 3693 } 3694 3695 if (obj->user_pin_count == 0) { 3696 ret = i915_gem_object_pin(obj, args->alignment, true, false); 3697 if (ret) 3698 goto out; 3699 } 3700 3701 obj->user_pin_count++; 3702 obj->pin_filp = file; 3703 3704 /* XXX - flush the CPU caches for pinned objects 3705 * as the X server doesn't manage domains yet 3706 */ 3707 i915_gem_object_flush_cpu_write_domain(obj); 3708 args->offset = obj->gtt_offset; 3709 out: 3710 drm_gem_object_unreference(&obj->base); 3711 unlock: 3712 mutex_unlock(&dev->struct_mutex); 3713 return ret; 3714 } 3715 3716 int 3717 i915_gem_unpin_ioctl(struct drm_device *dev, void *data, 3718 struct drm_file *file) 3719 { 3720 struct drm_i915_gem_pin *args = data; 3721 struct drm_i915_gem_object *obj; 3722 int ret; 3723 3724 ret = i915_mutex_lock_interruptible(dev); 3725 if (ret) 3726 return ret; 3727 3728 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 3729 if (&obj->base == NULL) { 3730 ret = -ENOENT; 3731 goto unlock; 3732 } 3733 3734 if (obj->pin_filp != file) { 3735 DRM_ERROR("Not pinned by caller in i915_gem_pin_ioctl(): %d\n", 3736 args->handle); 3737 ret = -EINVAL; 3738 goto out; 3739 } 3740 obj->user_pin_count--; 3741 if (obj->user_pin_count == 0) { 3742 obj->pin_filp = NULL; 3743 i915_gem_object_unpin(obj); 3744 } 3745 3746 out: 3747 drm_gem_object_unreference(&obj->base); 3748 unlock: 3749 mutex_unlock(&dev->struct_mutex); 3750 return ret; 3751 } 3752 3753 int 3754 i915_gem_busy_ioctl(struct drm_device *dev, void *data, 3755 struct drm_file *file) 3756 { 3757 struct drm_i915_gem_busy *args = data; 3758 struct drm_i915_gem_object *obj; 3759 int ret; 3760 3761 ret = i915_mutex_lock_interruptible(dev); 3762 if (ret) 3763 return ret; 3764 3765 obj = to_intel_bo(drm_gem_object_lookup(dev, file, args->handle)); 3766 if (&obj->base == NULL) { 3767 ret = -ENOENT; 3768 goto unlock; 3769 } 3770 3771 /* Count all active objects as busy, even if they are currently not used 3772 * by the gpu. Users of this interface expect objects to eventually 3773 * become non-busy without any further actions, therefore emit any 3774 * necessary flushes here. 3775 */ 3776 ret = i915_gem_object_flush_active(obj); 3777 3778 args->busy = obj->active; 3779 if (obj->ring) { 3780 BUILD_BUG_ON(I915_NUM_RINGS > 16); 3781 args->busy |= intel_ring_flag(obj->ring) << 16; 3782 } 3783 3784 drm_gem_object_unreference(&obj->base); 3785 unlock: 3786 mutex_unlock(&dev->struct_mutex); 3787 return ret; 3788 } 3789 3790 int 3791 i915_gem_throttle_ioctl(struct drm_device *dev, void *data, 3792 struct drm_file *file_priv) 3793 { 3794 return i915_gem_ring_throttle(dev, file_priv); 3795 } 3796 3797 int 3798 i915_gem_madvise_ioctl(struct drm_device *dev, void *data, 3799 struct drm_file *file_priv) 3800 { 3801 struct drm_i915_gem_madvise *args = data; 3802 struct drm_i915_gem_object *obj; 3803 int ret; 3804 3805 switch (args->madv) { 3806 case I915_MADV_DONTNEED: 3807 case I915_MADV_WILLNEED: 3808 break; 3809 default: 3810 return -EINVAL; 3811 } 3812 3813 ret = i915_mutex_lock_interruptible(dev); 3814 if (ret) 3815 return ret; 3816 3817 obj = to_intel_bo(drm_gem_object_lookup(dev, file_priv, args->handle)); 3818 if (&obj->base == NULL) { 3819 ret = -ENOENT; 3820 goto unlock; 3821 } 3822 3823 if (obj->pin_count) { 3824 ret = -EINVAL; 3825 goto out; 3826 } 3827 3828 if (obj->madv != __I915_MADV_PURGED) 3829 obj->madv = args->madv; 3830 3831 /* if the object is no longer attached, discard its backing storage */ 3832 if (i915_gem_object_is_purgeable(obj) && obj->pages == NULL) 3833 i915_gem_object_truncate(obj); 3834 3835 args->retained = obj->madv != __I915_MADV_PURGED; 3836 3837 out: 3838 drm_gem_object_unreference(&obj->base); 3839 unlock: 3840 mutex_unlock(&dev->struct_mutex); 3841 return ret; 3842 } 3843 3844 void i915_gem_object_init(struct drm_i915_gem_object *obj, 3845 const struct drm_i915_gem_object_ops *ops) 3846 { 3847 INIT_LIST_HEAD(&obj->mm_list); 3848 INIT_LIST_HEAD(&obj->global_list); 3849 INIT_LIST_HEAD(&obj->ring_list); 3850 INIT_LIST_HEAD(&obj->exec_list); 3851 3852 obj->ops = ops; 3853 3854 obj->fence_reg = I915_FENCE_REG_NONE; 3855 obj->madv = I915_MADV_WILLNEED; 3856 /* Avoid an unnecessary call to unbind on the first bind. */ 3857 obj->map_and_fenceable = true; 3858 3859 i915_gem_info_add_obj(obj->base.dev->dev_private, obj->base.size); 3860 } 3861 3862 static const struct drm_i915_gem_object_ops i915_gem_object_ops = { 3863 .get_pages = i915_gem_object_get_pages_gtt, 3864 .put_pages = i915_gem_object_put_pages_gtt, 3865 }; 3866 3867 struct drm_i915_gem_object *i915_gem_alloc_object(struct drm_device *dev, 3868 size_t size) 3869 { 3870 struct drm_i915_gem_object *obj; 3871 struct address_space *mapping; 3872 gfp_t mask; 3873 3874 obj = i915_gem_object_alloc(dev); 3875 if (obj == NULL) 3876 return NULL; 3877 3878 if (drm_gem_object_init(dev, &obj->base, size) != 0) { 3879 i915_gem_object_free(obj); 3880 return NULL; 3881 } 3882 3883 mask = GFP_HIGHUSER | __GFP_RECLAIMABLE; 3884 if (IS_CRESTLINE(dev) || IS_BROADWATER(dev)) { 3885 /* 965gm cannot relocate objects above 4GiB. */ 3886 mask &= ~__GFP_HIGHMEM; 3887 mask |= __GFP_DMA32; 3888 } 3889 3890 mapping = file_inode(obj->base.filp)->i_mapping; 3891 mapping_set_gfp_mask(mapping, mask); 3892 3893 i915_gem_object_init(obj, &i915_gem_object_ops); 3894 3895 obj->base.write_domain = I915_GEM_DOMAIN_CPU; 3896 obj->base.read_domains = I915_GEM_DOMAIN_CPU; 3897 3898 if (HAS_LLC(dev)) { 3899 /* On some devices, we can have the GPU use the LLC (the CPU 3900 * cache) for about a 10% performance improvement 3901 * compared to uncached. Graphics requests other than 3902 * display scanout are coherent with the CPU in 3903 * accessing this cache. This means in this mode we 3904 * don't need to clflush on the CPU side, and on the 3905 * GPU side we only need to flush internal caches to 3906 * get data visible to the CPU. 3907 * 3908 * However, we maintain the display planes as UC, and so 3909 * need to rebind when first used as such. 3910 */ 3911 obj->cache_level = I915_CACHE_LLC; 3912 } else 3913 obj->cache_level = I915_CACHE_NONE; 3914 3915 return obj; 3916 } 3917 3918 int i915_gem_init_object(struct drm_gem_object *obj) 3919 { 3920 BUG(); 3921 3922 return 0; 3923 } 3924 3925 void i915_gem_free_object(struct drm_gem_object *gem_obj) 3926 { 3927 struct drm_i915_gem_object *obj = to_intel_bo(gem_obj); 3928 struct drm_device *dev = obj->base.dev; 3929 drm_i915_private_t *dev_priv = dev->dev_private; 3930 3931 trace_i915_gem_object_destroy(obj); 3932 3933 if (obj->phys_obj) 3934 i915_gem_detach_phys_object(dev, obj); 3935 3936 obj->pin_count = 0; 3937 if (WARN_ON(i915_gem_object_unbind(obj) == -ERESTARTSYS)) { 3938 bool was_interruptible; 3939 3940 was_interruptible = dev_priv->mm.interruptible; 3941 dev_priv->mm.interruptible = false; 3942 3943 WARN_ON(i915_gem_object_unbind(obj)); 3944 3945 dev_priv->mm.interruptible = was_interruptible; 3946 } 3947 3948 /* Stolen objects don't hold a ref, but do hold pin count. Fix that up 3949 * before progressing. */ 3950 if (obj->stolen) 3951 i915_gem_object_unpin_pages(obj); 3952 3953 if (WARN_ON(obj->pages_pin_count)) 3954 obj->pages_pin_count = 0; 3955 i915_gem_object_put_pages(obj); 3956 i915_gem_object_free_mmap_offset(obj); 3957 i915_gem_object_release_stolen(obj); 3958 3959 BUG_ON(obj->pages); 3960 3961 if (obj->base.import_attach) 3962 drm_prime_gem_destroy(&obj->base, NULL); 3963 3964 drm_gem_object_release(&obj->base); 3965 i915_gem_info_remove_obj(dev_priv, obj->base.size); 3966 3967 kfree(obj->bit_17); 3968 i915_gem_object_free(obj); 3969 } 3970 3971 int 3972 i915_gem_idle(struct drm_device *dev) 3973 { 3974 drm_i915_private_t *dev_priv = dev->dev_private; 3975 int ret; 3976 3977 mutex_lock(&dev->struct_mutex); 3978 3979 if (dev_priv->mm.suspended) { 3980 mutex_unlock(&dev->struct_mutex); 3981 return 0; 3982 } 3983 3984 ret = i915_gpu_idle(dev); 3985 if (ret) { 3986 mutex_unlock(&dev->struct_mutex); 3987 return ret; 3988 } 3989 i915_gem_retire_requests(dev); 3990 3991 /* Under UMS, be paranoid and evict. */ 3992 if (!drm_core_check_feature(dev, DRIVER_MODESET)) 3993 i915_gem_evict_everything(dev); 3994 3995 /* Hack! Don't let anybody do execbuf while we don't control the chip. 3996 * We need to replace this with a semaphore, or something. 3997 * And not confound mm.suspended! 3998 */ 3999 dev_priv->mm.suspended = 1; 4000 del_timer_sync(&dev_priv->gpu_error.hangcheck_timer); 4001 4002 i915_kernel_lost_context(dev); 4003 i915_gem_cleanup_ringbuffer(dev); 4004 4005 mutex_unlock(&dev->struct_mutex); 4006 4007 /* Cancel the retire work handler, which should be idle now. */ 4008 cancel_delayed_work_sync(&dev_priv->mm.retire_work); 4009 4010 return 0; 4011 } 4012 4013 void i915_gem_l3_remap(struct drm_device *dev) 4014 { 4015 drm_i915_private_t *dev_priv = dev->dev_private; 4016 u32 misccpctl; 4017 int i; 4018 4019 if (!HAS_L3_GPU_CACHE(dev)) 4020 return; 4021 4022 if (!dev_priv->l3_parity.remap_info) 4023 return; 4024 4025 misccpctl = I915_READ(GEN7_MISCCPCTL); 4026 I915_WRITE(GEN7_MISCCPCTL, misccpctl & ~GEN7_DOP_CLOCK_GATE_ENABLE); 4027 POSTING_READ(GEN7_MISCCPCTL); 4028 4029 for (i = 0; i < GEN7_L3LOG_SIZE; i += 4) { 4030 u32 remap = I915_READ(GEN7_L3LOG_BASE + i); 4031 if (remap && remap != dev_priv->l3_parity.remap_info[i/4]) 4032 DRM_DEBUG("0x%x was already programmed to %x\n", 4033 GEN7_L3LOG_BASE + i, remap); 4034 if (remap && !dev_priv->l3_parity.remap_info[i/4]) 4035 DRM_DEBUG_DRIVER("Clearing remapped register\n"); 4036 I915_WRITE(GEN7_L3LOG_BASE + i, dev_priv->l3_parity.remap_info[i/4]); 4037 } 4038 4039 /* Make sure all the writes land before disabling dop clock gating */ 4040 POSTING_READ(GEN7_L3LOG_BASE); 4041 4042 I915_WRITE(GEN7_MISCCPCTL, misccpctl); 4043 } 4044 4045 void i915_gem_init_swizzling(struct drm_device *dev) 4046 { 4047 drm_i915_private_t *dev_priv = dev->dev_private; 4048 4049 if (INTEL_INFO(dev)->gen < 5 || 4050 dev_priv->mm.bit_6_swizzle_x == I915_BIT_6_SWIZZLE_NONE) 4051 return; 4052 4053 I915_WRITE(DISP_ARB_CTL, I915_READ(DISP_ARB_CTL) | 4054 DISP_TILE_SURFACE_SWIZZLING); 4055 4056 if (IS_GEN5(dev)) 4057 return; 4058 4059 I915_WRITE(TILECTL, I915_READ(TILECTL) | TILECTL_SWZCTL); 4060 if (IS_GEN6(dev)) 4061 I915_WRITE(ARB_MODE, _MASKED_BIT_ENABLE(ARB_MODE_SWIZZLE_SNB)); 4062 else if (IS_GEN7(dev)) 4063 I915_WRITE(ARB_MODE, _MASKED_BIT_ENABLE(ARB_MODE_SWIZZLE_IVB)); 4064 else 4065 BUG(); 4066 } 4067 4068 static bool 4069 intel_enable_blt(struct drm_device *dev) 4070 { 4071 if (!HAS_BLT(dev)) 4072 return false; 4073 4074 /* The blitter was dysfunctional on early prototypes */ 4075 if (IS_GEN6(dev) && dev->pdev->revision < 8) { 4076 DRM_INFO("BLT not supported on this pre-production hardware;" 4077 " graphics performance will be degraded.\n"); 4078 return false; 4079 } 4080 4081 return true; 4082 } 4083 4084 static int i915_gem_init_rings(struct drm_device *dev) 4085 { 4086 struct drm_i915_private *dev_priv = dev->dev_private; 4087 int ret; 4088 4089 ret = intel_init_render_ring_buffer(dev); 4090 if (ret) 4091 return ret; 4092 4093 if (HAS_BSD(dev)) { 4094 ret = intel_init_bsd_ring_buffer(dev); 4095 if (ret) 4096 goto cleanup_render_ring; 4097 } 4098 4099 if (intel_enable_blt(dev)) { 4100 ret = intel_init_blt_ring_buffer(dev); 4101 if (ret) 4102 goto cleanup_bsd_ring; 4103 } 4104 4105 if (HAS_VEBOX(dev)) { 4106 ret = intel_init_vebox_ring_buffer(dev); 4107 if (ret) 4108 goto cleanup_blt_ring; 4109 } 4110 4111 4112 ret = i915_gem_set_seqno(dev, ((u32)~0 - 0x1000)); 4113 if (ret) 4114 goto cleanup_vebox_ring; 4115 4116 return 0; 4117 4118 cleanup_vebox_ring: 4119 intel_cleanup_ring_buffer(&dev_priv->ring[VECS]); 4120 cleanup_blt_ring: 4121 intel_cleanup_ring_buffer(&dev_priv->ring[BCS]); 4122 cleanup_bsd_ring: 4123 intel_cleanup_ring_buffer(&dev_priv->ring[VCS]); 4124 cleanup_render_ring: 4125 intel_cleanup_ring_buffer(&dev_priv->ring[RCS]); 4126 4127 return ret; 4128 } 4129 4130 int 4131 i915_gem_init_hw(struct drm_device *dev) 4132 { 4133 drm_i915_private_t *dev_priv = dev->dev_private; 4134 int ret; 4135 4136 if (INTEL_INFO(dev)->gen < 6 && !intel_enable_gtt()) 4137 return -EIO; 4138 4139 if (IS_HASWELL(dev) && (I915_READ(0x120010) == 1)) 4140 I915_WRITE(0x9008, I915_READ(0x9008) | 0xf0000); 4141 4142 if (HAS_PCH_NOP(dev)) { 4143 u32 temp = I915_READ(GEN7_MSG_CTL); 4144 temp &= ~(WAIT_FOR_PCH_FLR_ACK | WAIT_FOR_PCH_RESET_ACK); 4145 I915_WRITE(GEN7_MSG_CTL, temp); 4146 } 4147 4148 i915_gem_l3_remap(dev); 4149 4150 i915_gem_init_swizzling(dev); 4151 4152 ret = i915_gem_init_rings(dev); 4153 if (ret) 4154 return ret; 4155 4156 /* 4157 * XXX: There was some w/a described somewhere suggesting loading 4158 * contexts before PPGTT. 4159 */ 4160 i915_gem_context_init(dev); 4161 if (dev_priv->mm.aliasing_ppgtt) { 4162 ret = dev_priv->mm.aliasing_ppgtt->enable(dev); 4163 if (ret) { 4164 i915_gem_cleanup_aliasing_ppgtt(dev); 4165 DRM_INFO("PPGTT enable failed. This is not fatal, but unexpected\n"); 4166 } 4167 } 4168 4169 return 0; 4170 } 4171 4172 int i915_gem_init(struct drm_device *dev) 4173 { 4174 struct drm_i915_private *dev_priv = dev->dev_private; 4175 int ret; 4176 4177 mutex_lock(&dev->struct_mutex); 4178 4179 if (IS_VALLEYVIEW(dev)) { 4180 /* VLVA0 (potential hack), BIOS isn't actually waking us */ 4181 I915_WRITE(VLV_GTLC_WAKE_CTRL, 1); 4182 if (wait_for((I915_READ(VLV_GTLC_PW_STATUS) & 1) == 1, 10)) 4183 DRM_DEBUG_DRIVER("allow wake ack timed out\n"); 4184 } 4185 4186 i915_gem_init_global_gtt(dev); 4187 4188 ret = i915_gem_init_hw(dev); 4189 mutex_unlock(&dev->struct_mutex); 4190 if (ret) { 4191 i915_gem_cleanup_aliasing_ppgtt(dev); 4192 return ret; 4193 } 4194 4195 /* Allow hardware batchbuffers unless told otherwise, but not for KMS. */ 4196 if (!drm_core_check_feature(dev, DRIVER_MODESET)) 4197 dev_priv->dri1.allow_batchbuffer = 1; 4198 return 0; 4199 } 4200 4201 void 4202 i915_gem_cleanup_ringbuffer(struct drm_device *dev) 4203 { 4204 drm_i915_private_t *dev_priv = dev->dev_private; 4205 struct intel_ring_buffer *ring; 4206 int i; 4207 4208 for_each_ring(ring, dev_priv, i) 4209 intel_cleanup_ring_buffer(ring); 4210 } 4211 4212 int 4213 i915_gem_entervt_ioctl(struct drm_device *dev, void *data, 4214 struct drm_file *file_priv) 4215 { 4216 drm_i915_private_t *dev_priv = dev->dev_private; 4217 int ret; 4218 4219 if (drm_core_check_feature(dev, DRIVER_MODESET)) 4220 return 0; 4221 4222 if (i915_reset_in_progress(&dev_priv->gpu_error)) { 4223 DRM_ERROR("Reenabling wedged hardware, good luck\n"); 4224 atomic_set(&dev_priv->gpu_error.reset_counter, 0); 4225 } 4226 4227 mutex_lock(&dev->struct_mutex); 4228 dev_priv->mm.suspended = 0; 4229 4230 ret = i915_gem_init_hw(dev); 4231 if (ret != 0) { 4232 mutex_unlock(&dev->struct_mutex); 4233 return ret; 4234 } 4235 4236 BUG_ON(!list_empty(&dev_priv->mm.active_list)); 4237 mutex_unlock(&dev->struct_mutex); 4238 4239 ret = drm_irq_install(dev); 4240 if (ret) 4241 goto cleanup_ringbuffer; 4242 4243 return 0; 4244 4245 cleanup_ringbuffer: 4246 mutex_lock(&dev->struct_mutex); 4247 i915_gem_cleanup_ringbuffer(dev); 4248 dev_priv->mm.suspended = 1; 4249 mutex_unlock(&dev->struct_mutex); 4250 4251 return ret; 4252 } 4253 4254 int 4255 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data, 4256 struct drm_file *file_priv) 4257 { 4258 if (drm_core_check_feature(dev, DRIVER_MODESET)) 4259 return 0; 4260 4261 drm_irq_uninstall(dev); 4262 return i915_gem_idle(dev); 4263 } 4264 4265 void 4266 i915_gem_lastclose(struct drm_device *dev) 4267 { 4268 int ret; 4269 4270 if (drm_core_check_feature(dev, DRIVER_MODESET)) 4271 return; 4272 4273 ret = i915_gem_idle(dev); 4274 if (ret) 4275 DRM_ERROR("failed to idle hardware: %d\n", ret); 4276 } 4277 4278 static void 4279 init_ring_lists(struct intel_ring_buffer *ring) 4280 { 4281 INIT_LIST_HEAD(&ring->active_list); 4282 INIT_LIST_HEAD(&ring->request_list); 4283 } 4284 4285 void 4286 i915_gem_load(struct drm_device *dev) 4287 { 4288 drm_i915_private_t *dev_priv = dev->dev_private; 4289 int i; 4290 4291 dev_priv->slab = 4292 kmem_cache_create("i915_gem_object", 4293 sizeof(struct drm_i915_gem_object), 0, 4294 SLAB_HWCACHE_ALIGN, 4295 NULL); 4296 4297 INIT_LIST_HEAD(&dev_priv->mm.active_list); 4298 INIT_LIST_HEAD(&dev_priv->mm.inactive_list); 4299 INIT_LIST_HEAD(&dev_priv->mm.unbound_list); 4300 INIT_LIST_HEAD(&dev_priv->mm.bound_list); 4301 INIT_LIST_HEAD(&dev_priv->mm.fence_list); 4302 for (i = 0; i < I915_NUM_RINGS; i++) 4303 init_ring_lists(&dev_priv->ring[i]); 4304 for (i = 0; i < I915_MAX_NUM_FENCES; i++) 4305 INIT_LIST_HEAD(&dev_priv->fence_regs[i].lru_list); 4306 INIT_DELAYED_WORK(&dev_priv->mm.retire_work, 4307 i915_gem_retire_work_handler); 4308 init_waitqueue_head(&dev_priv->gpu_error.reset_queue); 4309 4310 /* On GEN3 we really need to make sure the ARB C3 LP bit is set */ 4311 if (IS_GEN3(dev)) { 4312 I915_WRITE(MI_ARB_STATE, 4313 _MASKED_BIT_ENABLE(MI_ARB_C3_LP_WRITE_ENABLE)); 4314 } 4315 4316 dev_priv->relative_constants_mode = I915_EXEC_CONSTANTS_REL_GENERAL; 4317 4318 /* Old X drivers will take 0-2 for front, back, depth buffers */ 4319 if (!drm_core_check_feature(dev, DRIVER_MODESET)) 4320 dev_priv->fence_reg_start = 3; 4321 4322 if (INTEL_INFO(dev)->gen >= 7 && !IS_VALLEYVIEW(dev)) 4323 dev_priv->num_fence_regs = 32; 4324 else if (INTEL_INFO(dev)->gen >= 4 || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev)) 4325 dev_priv->num_fence_regs = 16; 4326 else 4327 dev_priv->num_fence_regs = 8; 4328 4329 /* Initialize fence registers to zero */ 4330 INIT_LIST_HEAD(&dev_priv->mm.fence_list); 4331 i915_gem_restore_fences(dev); 4332 4333 i915_gem_detect_bit_6_swizzle(dev); 4334 init_waitqueue_head(&dev_priv->pending_flip_queue); 4335 4336 dev_priv->mm.interruptible = true; 4337 4338 dev_priv->mm.inactive_shrinker.shrink = i915_gem_inactive_shrink; 4339 dev_priv->mm.inactive_shrinker.seeks = DEFAULT_SEEKS; 4340 register_shrinker(&dev_priv->mm.inactive_shrinker); 4341 } 4342 4343 /* 4344 * Create a physically contiguous memory object for this object 4345 * e.g. for cursor + overlay regs 4346 */ 4347 static int i915_gem_init_phys_object(struct drm_device *dev, 4348 int id, int size, int align) 4349 { 4350 drm_i915_private_t *dev_priv = dev->dev_private; 4351 struct drm_i915_gem_phys_object *phys_obj; 4352 int ret; 4353 4354 if (dev_priv->mm.phys_objs[id - 1] || !size) 4355 return 0; 4356 4357 phys_obj = kzalloc(sizeof(struct drm_i915_gem_phys_object), GFP_KERNEL); 4358 if (!phys_obj) 4359 return -ENOMEM; 4360 4361 phys_obj->id = id; 4362 4363 phys_obj->handle = drm_pci_alloc(dev, size, align); 4364 if (!phys_obj->handle) { 4365 ret = -ENOMEM; 4366 goto kfree_obj; 4367 } 4368 #ifdef CONFIG_X86 4369 set_memory_wc((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE); 4370 #endif 4371 4372 dev_priv->mm.phys_objs[id - 1] = phys_obj; 4373 4374 return 0; 4375 kfree_obj: 4376 kfree(phys_obj); 4377 return ret; 4378 } 4379 4380 static void i915_gem_free_phys_object(struct drm_device *dev, int id) 4381 { 4382 drm_i915_private_t *dev_priv = dev->dev_private; 4383 struct drm_i915_gem_phys_object *phys_obj; 4384 4385 if (!dev_priv->mm.phys_objs[id - 1]) 4386 return; 4387 4388 phys_obj = dev_priv->mm.phys_objs[id - 1]; 4389 if (phys_obj->cur_obj) { 4390 i915_gem_detach_phys_object(dev, phys_obj->cur_obj); 4391 } 4392 4393 #ifdef CONFIG_X86 4394 set_memory_wb((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE); 4395 #endif 4396 drm_pci_free(dev, phys_obj->handle); 4397 kfree(phys_obj); 4398 dev_priv->mm.phys_objs[id - 1] = NULL; 4399 } 4400 4401 void i915_gem_free_all_phys_object(struct drm_device *dev) 4402 { 4403 int i; 4404 4405 for (i = I915_GEM_PHYS_CURSOR_0; i <= I915_MAX_PHYS_OBJECT; i++) 4406 i915_gem_free_phys_object(dev, i); 4407 } 4408 4409 void i915_gem_detach_phys_object(struct drm_device *dev, 4410 struct drm_i915_gem_object *obj) 4411 { 4412 struct address_space *mapping = file_inode(obj->base.filp)->i_mapping; 4413 char *vaddr; 4414 int i; 4415 int page_count; 4416 4417 if (!obj->phys_obj) 4418 return; 4419 vaddr = obj->phys_obj->handle->vaddr; 4420 4421 page_count = obj->base.size / PAGE_SIZE; 4422 for (i = 0; i < page_count; i++) { 4423 struct page *page = shmem_read_mapping_page(mapping, i); 4424 if (!IS_ERR(page)) { 4425 char *dst = kmap_atomic(page); 4426 memcpy(dst, vaddr + i*PAGE_SIZE, PAGE_SIZE); 4427 kunmap_atomic(dst); 4428 4429 drm_clflush_pages(&page, 1); 4430 4431 set_page_dirty(page); 4432 mark_page_accessed(page); 4433 page_cache_release(page); 4434 } 4435 } 4436 i915_gem_chipset_flush(dev); 4437 4438 obj->phys_obj->cur_obj = NULL; 4439 obj->phys_obj = NULL; 4440 } 4441 4442 int 4443 i915_gem_attach_phys_object(struct drm_device *dev, 4444 struct drm_i915_gem_object *obj, 4445 int id, 4446 int align) 4447 { 4448 struct address_space *mapping = file_inode(obj->base.filp)->i_mapping; 4449 drm_i915_private_t *dev_priv = dev->dev_private; 4450 int ret = 0; 4451 int page_count; 4452 int i; 4453 4454 if (id > I915_MAX_PHYS_OBJECT) 4455 return -EINVAL; 4456 4457 if (obj->phys_obj) { 4458 if (obj->phys_obj->id == id) 4459 return 0; 4460 i915_gem_detach_phys_object(dev, obj); 4461 } 4462 4463 /* create a new object */ 4464 if (!dev_priv->mm.phys_objs[id - 1]) { 4465 ret = i915_gem_init_phys_object(dev, id, 4466 obj->base.size, align); 4467 if (ret) { 4468 DRM_ERROR("failed to init phys object %d size: %zu\n", 4469 id, obj->base.size); 4470 return ret; 4471 } 4472 } 4473 4474 /* bind to the object */ 4475 obj->phys_obj = dev_priv->mm.phys_objs[id - 1]; 4476 obj->phys_obj->cur_obj = obj; 4477 4478 page_count = obj->base.size / PAGE_SIZE; 4479 4480 for (i = 0; i < page_count; i++) { 4481 struct page *page; 4482 char *dst, *src; 4483 4484 page = shmem_read_mapping_page(mapping, i); 4485 if (IS_ERR(page)) 4486 return PTR_ERR(page); 4487 4488 src = kmap_atomic(page); 4489 dst = obj->phys_obj->handle->vaddr + (i * PAGE_SIZE); 4490 memcpy(dst, src, PAGE_SIZE); 4491 kunmap_atomic(src); 4492 4493 mark_page_accessed(page); 4494 page_cache_release(page); 4495 } 4496 4497 return 0; 4498 } 4499 4500 static int 4501 i915_gem_phys_pwrite(struct drm_device *dev, 4502 struct drm_i915_gem_object *obj, 4503 struct drm_i915_gem_pwrite *args, 4504 struct drm_file *file_priv) 4505 { 4506 void *vaddr = obj->phys_obj->handle->vaddr + args->offset; 4507 char __user *user_data = to_user_ptr(args->data_ptr); 4508 4509 if (__copy_from_user_inatomic_nocache(vaddr, user_data, args->size)) { 4510 unsigned long unwritten; 4511 4512 /* The physical object once assigned is fixed for the lifetime 4513 * of the obj, so we can safely drop the lock and continue 4514 * to access vaddr. 4515 */ 4516 mutex_unlock(&dev->struct_mutex); 4517 unwritten = copy_from_user(vaddr, user_data, args->size); 4518 mutex_lock(&dev->struct_mutex); 4519 if (unwritten) 4520 return -EFAULT; 4521 } 4522 4523 i915_gem_chipset_flush(dev); 4524 return 0; 4525 } 4526 4527 void i915_gem_release(struct drm_device *dev, struct drm_file *file) 4528 { 4529 struct drm_i915_file_private *file_priv = file->driver_priv; 4530 4531 /* Clean up our request list when the client is going away, so that 4532 * later retire_requests won't dereference our soon-to-be-gone 4533 * file_priv. 4534 */ 4535 spin_lock(&file_priv->mm.lock); 4536 while (!list_empty(&file_priv->mm.request_list)) { 4537 struct drm_i915_gem_request *request; 4538 4539 request = list_first_entry(&file_priv->mm.request_list, 4540 struct drm_i915_gem_request, 4541 client_list); 4542 list_del(&request->client_list); 4543 request->file_priv = NULL; 4544 } 4545 spin_unlock(&file_priv->mm.lock); 4546 } 4547 4548 static bool mutex_is_locked_by(struct mutex *mutex, struct task_struct *task) 4549 { 4550 if (!mutex_is_locked(mutex)) 4551 return false; 4552 4553 #if defined(CONFIG_SMP) || defined(CONFIG_DEBUG_MUTEXES) 4554 return mutex->owner == task; 4555 #else 4556 /* Since UP may be pre-empted, we cannot assume that we own the lock */ 4557 return false; 4558 #endif 4559 } 4560 4561 static int 4562 i915_gem_inactive_shrink(struct shrinker *shrinker, struct shrink_control *sc) 4563 { 4564 struct drm_i915_private *dev_priv = 4565 container_of(shrinker, 4566 struct drm_i915_private, 4567 mm.inactive_shrinker); 4568 struct drm_device *dev = dev_priv->dev; 4569 struct drm_i915_gem_object *obj; 4570 int nr_to_scan = sc->nr_to_scan; 4571 bool unlock = true; 4572 int cnt; 4573 4574 if (!mutex_trylock(&dev->struct_mutex)) { 4575 if (!mutex_is_locked_by(&dev->struct_mutex, current)) 4576 return 0; 4577 4578 if (dev_priv->mm.shrinker_no_lock_stealing) 4579 return 0; 4580 4581 unlock = false; 4582 } 4583 4584 if (nr_to_scan) { 4585 nr_to_scan -= i915_gem_purge(dev_priv, nr_to_scan); 4586 if (nr_to_scan > 0) 4587 nr_to_scan -= __i915_gem_shrink(dev_priv, nr_to_scan, 4588 false); 4589 if (nr_to_scan > 0) 4590 i915_gem_shrink_all(dev_priv); 4591 } 4592 4593 cnt = 0; 4594 list_for_each_entry(obj, &dev_priv->mm.unbound_list, global_list) 4595 if (obj->pages_pin_count == 0) 4596 cnt += obj->base.size >> PAGE_SHIFT; 4597 list_for_each_entry(obj, &dev_priv->mm.inactive_list, mm_list) 4598 if (obj->pin_count == 0 && obj->pages_pin_count == 0) 4599 cnt += obj->base.size >> PAGE_SHIFT; 4600 4601 if (unlock) 4602 mutex_unlock(&dev->struct_mutex); 4603 return cnt; 4604 } 4605