xref: /linux/drivers/perf/arm_spe_pmu.c (revision c9d23f9657cabfd2836a096bf6eddf8df2cf1434)
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * Perf support for the Statistical Profiling Extension, introduced as
4  * part of ARMv8.2.
5  *
6  * Copyright (C) 2016 ARM Limited
7  *
8  * Author: Will Deacon <will.deacon@arm.com>
9  */
10 
11 #define PMUNAME					"arm_spe"
12 #define DRVNAME					PMUNAME "_pmu"
13 #define pr_fmt(fmt)				DRVNAME ": " fmt
14 
15 #include <linux/bitfield.h>
16 #include <linux/bitops.h>
17 #include <linux/bug.h>
18 #include <linux/capability.h>
19 #include <linux/cpuhotplug.h>
20 #include <linux/cpumask.h>
21 #include <linux/device.h>
22 #include <linux/errno.h>
23 #include <linux/interrupt.h>
24 #include <linux/irq.h>
25 #include <linux/kernel.h>
26 #include <linux/list.h>
27 #include <linux/module.h>
28 #include <linux/of_address.h>
29 #include <linux/of_device.h>
30 #include <linux/perf_event.h>
31 #include <linux/perf/arm_pmu.h>
32 #include <linux/platform_device.h>
33 #include <linux/printk.h>
34 #include <linux/slab.h>
35 #include <linux/smp.h>
36 #include <linux/vmalloc.h>
37 
38 #include <asm/barrier.h>
39 #include <asm/cpufeature.h>
40 #include <asm/mmu.h>
41 #include <asm/sysreg.h>
42 
43 /*
44  * Cache if the event is allowed to trace Context information.
45  * This allows us to perform the check, i.e, perfmon_capable(),
46  * in the context of the event owner, once, during the event_init().
47  */
48 #define SPE_PMU_HW_FLAGS_CX			0x00001
49 
50 static_assert((PERF_EVENT_FLAG_ARCH & SPE_PMU_HW_FLAGS_CX) == SPE_PMU_HW_FLAGS_CX);
51 
52 static void set_spe_event_has_cx(struct perf_event *event)
53 {
54 	if (IS_ENABLED(CONFIG_PID_IN_CONTEXTIDR) && perfmon_capable())
55 		event->hw.flags |= SPE_PMU_HW_FLAGS_CX;
56 }
57 
58 static bool get_spe_event_has_cx(struct perf_event *event)
59 {
60 	return !!(event->hw.flags & SPE_PMU_HW_FLAGS_CX);
61 }
62 
63 #define ARM_SPE_BUF_PAD_BYTE			0
64 
65 struct arm_spe_pmu_buf {
66 	int					nr_pages;
67 	bool					snapshot;
68 	void					*base;
69 };
70 
71 struct arm_spe_pmu {
72 	struct pmu				pmu;
73 	struct platform_device			*pdev;
74 	cpumask_t				supported_cpus;
75 	struct hlist_node			hotplug_node;
76 
77 	int					irq; /* PPI */
78 	u16					pmsver;
79 	u16					min_period;
80 	u16					counter_sz;
81 
82 #define SPE_PMU_FEAT_FILT_EVT			(1UL << 0)
83 #define SPE_PMU_FEAT_FILT_TYP			(1UL << 1)
84 #define SPE_PMU_FEAT_FILT_LAT			(1UL << 2)
85 #define SPE_PMU_FEAT_ARCH_INST			(1UL << 3)
86 #define SPE_PMU_FEAT_LDS			(1UL << 4)
87 #define SPE_PMU_FEAT_ERND			(1UL << 5)
88 #define SPE_PMU_FEAT_INV_FILT_EVT		(1UL << 6)
89 #define SPE_PMU_FEAT_DEV_PROBED			(1UL << 63)
90 	u64					features;
91 
92 	u16					max_record_sz;
93 	u16					align;
94 	struct perf_output_handle __percpu	*handle;
95 };
96 
97 #define to_spe_pmu(p) (container_of(p, struct arm_spe_pmu, pmu))
98 
99 /* Convert a free-running index from perf into an SPE buffer offset */
100 #define PERF_IDX2OFF(idx, buf)	((idx) % ((buf)->nr_pages << PAGE_SHIFT))
101 
102 /* Keep track of our dynamic hotplug state */
103 static enum cpuhp_state arm_spe_pmu_online;
104 
105 enum arm_spe_pmu_buf_fault_action {
106 	SPE_PMU_BUF_FAULT_ACT_SPURIOUS,
107 	SPE_PMU_BUF_FAULT_ACT_FATAL,
108 	SPE_PMU_BUF_FAULT_ACT_OK,
109 };
110 
111 /* This sysfs gunk was really good fun to write. */
112 enum arm_spe_pmu_capabilities {
113 	SPE_PMU_CAP_ARCH_INST = 0,
114 	SPE_PMU_CAP_ERND,
115 	SPE_PMU_CAP_FEAT_MAX,
116 	SPE_PMU_CAP_CNT_SZ = SPE_PMU_CAP_FEAT_MAX,
117 	SPE_PMU_CAP_MIN_IVAL,
118 };
119 
120 static int arm_spe_pmu_feat_caps[SPE_PMU_CAP_FEAT_MAX] = {
121 	[SPE_PMU_CAP_ARCH_INST]	= SPE_PMU_FEAT_ARCH_INST,
122 	[SPE_PMU_CAP_ERND]	= SPE_PMU_FEAT_ERND,
123 };
124 
125 static u32 arm_spe_pmu_cap_get(struct arm_spe_pmu *spe_pmu, int cap)
126 {
127 	if (cap < SPE_PMU_CAP_FEAT_MAX)
128 		return !!(spe_pmu->features & arm_spe_pmu_feat_caps[cap]);
129 
130 	switch (cap) {
131 	case SPE_PMU_CAP_CNT_SZ:
132 		return spe_pmu->counter_sz;
133 	case SPE_PMU_CAP_MIN_IVAL:
134 		return spe_pmu->min_period;
135 	default:
136 		WARN(1, "unknown cap %d\n", cap);
137 	}
138 
139 	return 0;
140 }
141 
142 static ssize_t arm_spe_pmu_cap_show(struct device *dev,
143 				    struct device_attribute *attr,
144 				    char *buf)
145 {
146 	struct arm_spe_pmu *spe_pmu = dev_get_drvdata(dev);
147 	struct dev_ext_attribute *ea =
148 		container_of(attr, struct dev_ext_attribute, attr);
149 	int cap = (long)ea->var;
150 
151 	return sysfs_emit(buf, "%u\n", arm_spe_pmu_cap_get(spe_pmu, cap));
152 }
153 
154 #define SPE_EXT_ATTR_ENTRY(_name, _func, _var)				\
155 	&((struct dev_ext_attribute[]) {				\
156 		{ __ATTR(_name, S_IRUGO, _func, NULL), (void *)_var }	\
157 	})[0].attr.attr
158 
159 #define SPE_CAP_EXT_ATTR_ENTRY(_name, _var)				\
160 	SPE_EXT_ATTR_ENTRY(_name, arm_spe_pmu_cap_show, _var)
161 
162 static struct attribute *arm_spe_pmu_cap_attr[] = {
163 	SPE_CAP_EXT_ATTR_ENTRY(arch_inst, SPE_PMU_CAP_ARCH_INST),
164 	SPE_CAP_EXT_ATTR_ENTRY(ernd, SPE_PMU_CAP_ERND),
165 	SPE_CAP_EXT_ATTR_ENTRY(count_size, SPE_PMU_CAP_CNT_SZ),
166 	SPE_CAP_EXT_ATTR_ENTRY(min_interval, SPE_PMU_CAP_MIN_IVAL),
167 	NULL,
168 };
169 
170 static const struct attribute_group arm_spe_pmu_cap_group = {
171 	.name	= "caps",
172 	.attrs	= arm_spe_pmu_cap_attr,
173 };
174 
175 /* User ABI */
176 #define ATTR_CFG_FLD_ts_enable_CFG		config	/* PMSCR_EL1.TS */
177 #define ATTR_CFG_FLD_ts_enable_LO		0
178 #define ATTR_CFG_FLD_ts_enable_HI		0
179 #define ATTR_CFG_FLD_pa_enable_CFG		config	/* PMSCR_EL1.PA */
180 #define ATTR_CFG_FLD_pa_enable_LO		1
181 #define ATTR_CFG_FLD_pa_enable_HI		1
182 #define ATTR_CFG_FLD_pct_enable_CFG		config	/* PMSCR_EL1.PCT */
183 #define ATTR_CFG_FLD_pct_enable_LO		2
184 #define ATTR_CFG_FLD_pct_enable_HI		2
185 #define ATTR_CFG_FLD_jitter_CFG			config	/* PMSIRR_EL1.RND */
186 #define ATTR_CFG_FLD_jitter_LO			16
187 #define ATTR_CFG_FLD_jitter_HI			16
188 #define ATTR_CFG_FLD_branch_filter_CFG		config	/* PMSFCR_EL1.B */
189 #define ATTR_CFG_FLD_branch_filter_LO		32
190 #define ATTR_CFG_FLD_branch_filter_HI		32
191 #define ATTR_CFG_FLD_load_filter_CFG		config	/* PMSFCR_EL1.LD */
192 #define ATTR_CFG_FLD_load_filter_LO		33
193 #define ATTR_CFG_FLD_load_filter_HI		33
194 #define ATTR_CFG_FLD_store_filter_CFG		config	/* PMSFCR_EL1.ST */
195 #define ATTR_CFG_FLD_store_filter_LO		34
196 #define ATTR_CFG_FLD_store_filter_HI		34
197 
198 #define ATTR_CFG_FLD_event_filter_CFG		config1	/* PMSEVFR_EL1 */
199 #define ATTR_CFG_FLD_event_filter_LO		0
200 #define ATTR_CFG_FLD_event_filter_HI		63
201 
202 #define ATTR_CFG_FLD_min_latency_CFG		config2	/* PMSLATFR_EL1.MINLAT */
203 #define ATTR_CFG_FLD_min_latency_LO		0
204 #define ATTR_CFG_FLD_min_latency_HI		11
205 
206 #define ATTR_CFG_FLD_inv_event_filter_CFG	config3	/* PMSNEVFR_EL1 */
207 #define ATTR_CFG_FLD_inv_event_filter_LO	0
208 #define ATTR_CFG_FLD_inv_event_filter_HI	63
209 
210 /* Why does everything I do descend into this? */
211 #define __GEN_PMU_FORMAT_ATTR(cfg, lo, hi)				\
212 	(lo) == (hi) ? #cfg ":" #lo "\n" : #cfg ":" #lo "-" #hi
213 
214 #define _GEN_PMU_FORMAT_ATTR(cfg, lo, hi)				\
215 	__GEN_PMU_FORMAT_ATTR(cfg, lo, hi)
216 
217 #define GEN_PMU_FORMAT_ATTR(name)					\
218 	PMU_FORMAT_ATTR(name,						\
219 	_GEN_PMU_FORMAT_ATTR(ATTR_CFG_FLD_##name##_CFG,			\
220 			     ATTR_CFG_FLD_##name##_LO,			\
221 			     ATTR_CFG_FLD_##name##_HI))
222 
223 #define _ATTR_CFG_GET_FLD(attr, cfg, lo, hi)				\
224 	((((attr)->cfg) >> lo) & GENMASK(hi - lo, 0))
225 
226 #define ATTR_CFG_GET_FLD(attr, name)					\
227 	_ATTR_CFG_GET_FLD(attr,						\
228 			  ATTR_CFG_FLD_##name##_CFG,			\
229 			  ATTR_CFG_FLD_##name##_LO,			\
230 			  ATTR_CFG_FLD_##name##_HI)
231 
232 GEN_PMU_FORMAT_ATTR(ts_enable);
233 GEN_PMU_FORMAT_ATTR(pa_enable);
234 GEN_PMU_FORMAT_ATTR(pct_enable);
235 GEN_PMU_FORMAT_ATTR(jitter);
236 GEN_PMU_FORMAT_ATTR(branch_filter);
237 GEN_PMU_FORMAT_ATTR(load_filter);
238 GEN_PMU_FORMAT_ATTR(store_filter);
239 GEN_PMU_FORMAT_ATTR(event_filter);
240 GEN_PMU_FORMAT_ATTR(inv_event_filter);
241 GEN_PMU_FORMAT_ATTR(min_latency);
242 
243 static struct attribute *arm_spe_pmu_formats_attr[] = {
244 	&format_attr_ts_enable.attr,
245 	&format_attr_pa_enable.attr,
246 	&format_attr_pct_enable.attr,
247 	&format_attr_jitter.attr,
248 	&format_attr_branch_filter.attr,
249 	&format_attr_load_filter.attr,
250 	&format_attr_store_filter.attr,
251 	&format_attr_event_filter.attr,
252 	&format_attr_inv_event_filter.attr,
253 	&format_attr_min_latency.attr,
254 	NULL,
255 };
256 
257 static umode_t arm_spe_pmu_format_attr_is_visible(struct kobject *kobj,
258 						  struct attribute *attr,
259 						  int unused)
260 	{
261 	struct device *dev = kobj_to_dev(kobj);
262 	struct arm_spe_pmu *spe_pmu = dev_get_drvdata(dev);
263 
264 	if (attr == &format_attr_inv_event_filter.attr && !(spe_pmu->features & SPE_PMU_FEAT_INV_FILT_EVT))
265 		return 0;
266 
267 	return attr->mode;
268 }
269 
270 static const struct attribute_group arm_spe_pmu_format_group = {
271 	.name	= "format",
272 	.is_visible = arm_spe_pmu_format_attr_is_visible,
273 	.attrs	= arm_spe_pmu_formats_attr,
274 };
275 
276 static ssize_t cpumask_show(struct device *dev,
277 			    struct device_attribute *attr, char *buf)
278 {
279 	struct arm_spe_pmu *spe_pmu = dev_get_drvdata(dev);
280 
281 	return cpumap_print_to_pagebuf(true, buf, &spe_pmu->supported_cpus);
282 }
283 static DEVICE_ATTR_RO(cpumask);
284 
285 static struct attribute *arm_spe_pmu_attrs[] = {
286 	&dev_attr_cpumask.attr,
287 	NULL,
288 };
289 
290 static const struct attribute_group arm_spe_pmu_group = {
291 	.attrs	= arm_spe_pmu_attrs,
292 };
293 
294 static const struct attribute_group *arm_spe_pmu_attr_groups[] = {
295 	&arm_spe_pmu_group,
296 	&arm_spe_pmu_cap_group,
297 	&arm_spe_pmu_format_group,
298 	NULL,
299 };
300 
301 /* Convert between user ABI and register values */
302 static u64 arm_spe_event_to_pmscr(struct perf_event *event)
303 {
304 	struct perf_event_attr *attr = &event->attr;
305 	u64 reg = 0;
306 
307 	reg |= FIELD_PREP(PMSCR_EL1_TS, ATTR_CFG_GET_FLD(attr, ts_enable));
308 	reg |= FIELD_PREP(PMSCR_EL1_PA, ATTR_CFG_GET_FLD(attr, pa_enable));
309 	reg |= FIELD_PREP(PMSCR_EL1_PCT, ATTR_CFG_GET_FLD(attr, pct_enable));
310 
311 	if (!attr->exclude_user)
312 		reg |= PMSCR_EL1_E0SPE;
313 
314 	if (!attr->exclude_kernel)
315 		reg |= PMSCR_EL1_E1SPE;
316 
317 	if (get_spe_event_has_cx(event))
318 		reg |= PMSCR_EL1_CX;
319 
320 	return reg;
321 }
322 
323 static void arm_spe_event_sanitise_period(struct perf_event *event)
324 {
325 	struct arm_spe_pmu *spe_pmu = to_spe_pmu(event->pmu);
326 	u64 period = event->hw.sample_period;
327 	u64 max_period = PMSIRR_EL1_INTERVAL_MASK;
328 
329 	if (period < spe_pmu->min_period)
330 		period = spe_pmu->min_period;
331 	else if (period > max_period)
332 		period = max_period;
333 	else
334 		period &= max_period;
335 
336 	event->hw.sample_period = period;
337 }
338 
339 static u64 arm_spe_event_to_pmsirr(struct perf_event *event)
340 {
341 	struct perf_event_attr *attr = &event->attr;
342 	u64 reg = 0;
343 
344 	arm_spe_event_sanitise_period(event);
345 
346 	reg |= FIELD_PREP(PMSIRR_EL1_RND, ATTR_CFG_GET_FLD(attr, jitter));
347 	reg |= event->hw.sample_period;
348 
349 	return reg;
350 }
351 
352 static u64 arm_spe_event_to_pmsfcr(struct perf_event *event)
353 {
354 	struct perf_event_attr *attr = &event->attr;
355 	u64 reg = 0;
356 
357 	reg |= FIELD_PREP(PMSFCR_EL1_LD, ATTR_CFG_GET_FLD(attr, load_filter));
358 	reg |= FIELD_PREP(PMSFCR_EL1_ST, ATTR_CFG_GET_FLD(attr, store_filter));
359 	reg |= FIELD_PREP(PMSFCR_EL1_B, ATTR_CFG_GET_FLD(attr, branch_filter));
360 
361 	if (reg)
362 		reg |= PMSFCR_EL1_FT;
363 
364 	if (ATTR_CFG_GET_FLD(attr, event_filter))
365 		reg |= PMSFCR_EL1_FE;
366 
367 	if (ATTR_CFG_GET_FLD(attr, inv_event_filter))
368 		reg |= PMSFCR_EL1_FnE;
369 
370 	if (ATTR_CFG_GET_FLD(attr, min_latency))
371 		reg |= PMSFCR_EL1_FL;
372 
373 	return reg;
374 }
375 
376 static u64 arm_spe_event_to_pmsevfr(struct perf_event *event)
377 {
378 	struct perf_event_attr *attr = &event->attr;
379 	return ATTR_CFG_GET_FLD(attr, event_filter);
380 }
381 
382 static u64 arm_spe_event_to_pmsnevfr(struct perf_event *event)
383 {
384 	struct perf_event_attr *attr = &event->attr;
385 	return ATTR_CFG_GET_FLD(attr, inv_event_filter);
386 }
387 
388 static u64 arm_spe_event_to_pmslatfr(struct perf_event *event)
389 {
390 	struct perf_event_attr *attr = &event->attr;
391 	return FIELD_PREP(PMSLATFR_EL1_MINLAT, ATTR_CFG_GET_FLD(attr, min_latency));
392 }
393 
394 static void arm_spe_pmu_pad_buf(struct perf_output_handle *handle, int len)
395 {
396 	struct arm_spe_pmu_buf *buf = perf_get_aux(handle);
397 	u64 head = PERF_IDX2OFF(handle->head, buf);
398 
399 	memset(buf->base + head, ARM_SPE_BUF_PAD_BYTE, len);
400 	if (!buf->snapshot)
401 		perf_aux_output_skip(handle, len);
402 }
403 
404 static u64 arm_spe_pmu_next_snapshot_off(struct perf_output_handle *handle)
405 {
406 	struct arm_spe_pmu_buf *buf = perf_get_aux(handle);
407 	struct arm_spe_pmu *spe_pmu = to_spe_pmu(handle->event->pmu);
408 	u64 head = PERF_IDX2OFF(handle->head, buf);
409 	u64 limit = buf->nr_pages * PAGE_SIZE;
410 
411 	/*
412 	 * The trace format isn't parseable in reverse, so clamp
413 	 * the limit to half of the buffer size in snapshot mode
414 	 * so that the worst case is half a buffer of records, as
415 	 * opposed to a single record.
416 	 */
417 	if (head < limit >> 1)
418 		limit >>= 1;
419 
420 	/*
421 	 * If we're within max_record_sz of the limit, we must
422 	 * pad, move the head index and recompute the limit.
423 	 */
424 	if (limit - head < spe_pmu->max_record_sz) {
425 		arm_spe_pmu_pad_buf(handle, limit - head);
426 		handle->head = PERF_IDX2OFF(limit, buf);
427 		limit = ((buf->nr_pages * PAGE_SIZE) >> 1) + handle->head;
428 	}
429 
430 	return limit;
431 }
432 
433 static u64 __arm_spe_pmu_next_off(struct perf_output_handle *handle)
434 {
435 	struct arm_spe_pmu *spe_pmu = to_spe_pmu(handle->event->pmu);
436 	struct arm_spe_pmu_buf *buf = perf_get_aux(handle);
437 	const u64 bufsize = buf->nr_pages * PAGE_SIZE;
438 	u64 limit = bufsize;
439 	u64 head, tail, wakeup;
440 
441 	/*
442 	 * The head can be misaligned for two reasons:
443 	 *
444 	 * 1. The hardware left PMBPTR pointing to the first byte after
445 	 *    a record when generating a buffer management event.
446 	 *
447 	 * 2. We used perf_aux_output_skip to consume handle->size bytes
448 	 *    and CIRC_SPACE was used to compute the size, which always
449 	 *    leaves one entry free.
450 	 *
451 	 * Deal with this by padding to the next alignment boundary and
452 	 * moving the head index. If we run out of buffer space, we'll
453 	 * reduce handle->size to zero and end up reporting truncation.
454 	 */
455 	head = PERF_IDX2OFF(handle->head, buf);
456 	if (!IS_ALIGNED(head, spe_pmu->align)) {
457 		unsigned long delta = roundup(head, spe_pmu->align) - head;
458 
459 		delta = min(delta, handle->size);
460 		arm_spe_pmu_pad_buf(handle, delta);
461 		head = PERF_IDX2OFF(handle->head, buf);
462 	}
463 
464 	/* If we've run out of free space, then nothing more to do */
465 	if (!handle->size)
466 		goto no_space;
467 
468 	/* Compute the tail and wakeup indices now that we've aligned head */
469 	tail = PERF_IDX2OFF(handle->head + handle->size, buf);
470 	wakeup = PERF_IDX2OFF(handle->wakeup, buf);
471 
472 	/*
473 	 * Avoid clobbering unconsumed data. We know we have space, so
474 	 * if we see head == tail we know that the buffer is empty. If
475 	 * head > tail, then there's nothing to clobber prior to
476 	 * wrapping.
477 	 */
478 	if (head < tail)
479 		limit = round_down(tail, PAGE_SIZE);
480 
481 	/*
482 	 * Wakeup may be arbitrarily far into the future. If it's not in
483 	 * the current generation, either we'll wrap before hitting it,
484 	 * or it's in the past and has been handled already.
485 	 *
486 	 * If there's a wakeup before we wrap, arrange to be woken up by
487 	 * the page boundary following it. Keep the tail boundary if
488 	 * that's lower.
489 	 */
490 	if (handle->wakeup < (handle->head + handle->size) && head <= wakeup)
491 		limit = min(limit, round_up(wakeup, PAGE_SIZE));
492 
493 	if (limit > head)
494 		return limit;
495 
496 	arm_spe_pmu_pad_buf(handle, handle->size);
497 no_space:
498 	perf_aux_output_flag(handle, PERF_AUX_FLAG_TRUNCATED);
499 	perf_aux_output_end(handle, 0);
500 	return 0;
501 }
502 
503 static u64 arm_spe_pmu_next_off(struct perf_output_handle *handle)
504 {
505 	struct arm_spe_pmu_buf *buf = perf_get_aux(handle);
506 	struct arm_spe_pmu *spe_pmu = to_spe_pmu(handle->event->pmu);
507 	u64 limit = __arm_spe_pmu_next_off(handle);
508 	u64 head = PERF_IDX2OFF(handle->head, buf);
509 
510 	/*
511 	 * If the head has come too close to the end of the buffer,
512 	 * then pad to the end and recompute the limit.
513 	 */
514 	if (limit && (limit - head < spe_pmu->max_record_sz)) {
515 		arm_spe_pmu_pad_buf(handle, limit - head);
516 		limit = __arm_spe_pmu_next_off(handle);
517 	}
518 
519 	return limit;
520 }
521 
522 static void arm_spe_perf_aux_output_begin(struct perf_output_handle *handle,
523 					  struct perf_event *event)
524 {
525 	u64 base, limit;
526 	struct arm_spe_pmu_buf *buf;
527 
528 	/* Start a new aux session */
529 	buf = perf_aux_output_begin(handle, event);
530 	if (!buf) {
531 		event->hw.state |= PERF_HES_STOPPED;
532 		/*
533 		 * We still need to clear the limit pointer, since the
534 		 * profiler might only be disabled by virtue of a fault.
535 		 */
536 		limit = 0;
537 		goto out_write_limit;
538 	}
539 
540 	limit = buf->snapshot ? arm_spe_pmu_next_snapshot_off(handle)
541 			      : arm_spe_pmu_next_off(handle);
542 	if (limit)
543 		limit |= PMBLIMITR_EL1_E;
544 
545 	limit += (u64)buf->base;
546 	base = (u64)buf->base + PERF_IDX2OFF(handle->head, buf);
547 	write_sysreg_s(base, SYS_PMBPTR_EL1);
548 
549 out_write_limit:
550 	write_sysreg_s(limit, SYS_PMBLIMITR_EL1);
551 }
552 
553 static void arm_spe_perf_aux_output_end(struct perf_output_handle *handle)
554 {
555 	struct arm_spe_pmu_buf *buf = perf_get_aux(handle);
556 	u64 offset, size;
557 
558 	offset = read_sysreg_s(SYS_PMBPTR_EL1) - (u64)buf->base;
559 	size = offset - PERF_IDX2OFF(handle->head, buf);
560 
561 	if (buf->snapshot)
562 		handle->head = offset;
563 
564 	perf_aux_output_end(handle, size);
565 }
566 
567 static void arm_spe_pmu_disable_and_drain_local(void)
568 {
569 	/* Disable profiling at EL0 and EL1 */
570 	write_sysreg_s(0, SYS_PMSCR_EL1);
571 	isb();
572 
573 	/* Drain any buffered data */
574 	psb_csync();
575 	dsb(nsh);
576 
577 	/* Disable the profiling buffer */
578 	write_sysreg_s(0, SYS_PMBLIMITR_EL1);
579 	isb();
580 }
581 
582 /* IRQ handling */
583 static enum arm_spe_pmu_buf_fault_action
584 arm_spe_pmu_buf_get_fault_act(struct perf_output_handle *handle)
585 {
586 	const char *err_str;
587 	u64 pmbsr;
588 	enum arm_spe_pmu_buf_fault_action ret;
589 
590 	/*
591 	 * Ensure new profiling data is visible to the CPU and any external
592 	 * aborts have been resolved.
593 	 */
594 	psb_csync();
595 	dsb(nsh);
596 
597 	/* Ensure hardware updates to PMBPTR_EL1 are visible */
598 	isb();
599 
600 	/* Service required? */
601 	pmbsr = read_sysreg_s(SYS_PMBSR_EL1);
602 	if (!FIELD_GET(PMBSR_EL1_S, pmbsr))
603 		return SPE_PMU_BUF_FAULT_ACT_SPURIOUS;
604 
605 	/*
606 	 * If we've lost data, disable profiling and also set the PARTIAL
607 	 * flag to indicate that the last record is corrupted.
608 	 */
609 	if (FIELD_GET(PMBSR_EL1_DL, pmbsr))
610 		perf_aux_output_flag(handle, PERF_AUX_FLAG_TRUNCATED |
611 					     PERF_AUX_FLAG_PARTIAL);
612 
613 	/* Report collisions to userspace so that it can up the period */
614 	if (FIELD_GET(PMBSR_EL1_COLL, pmbsr))
615 		perf_aux_output_flag(handle, PERF_AUX_FLAG_COLLISION);
616 
617 	/* We only expect buffer management events */
618 	switch (FIELD_GET(PMBSR_EL1_EC, pmbsr)) {
619 	case PMBSR_EL1_EC_BUF:
620 		/* Handled below */
621 		break;
622 	case PMBSR_EL1_EC_FAULT_S1:
623 	case PMBSR_EL1_EC_FAULT_S2:
624 		err_str = "Unexpected buffer fault";
625 		goto out_err;
626 	default:
627 		err_str = "Unknown error code";
628 		goto out_err;
629 	}
630 
631 	/* Buffer management event */
632 	switch (FIELD_GET(PMBSR_EL1_BUF_BSC_MASK, pmbsr)) {
633 	case PMBSR_EL1_BUF_BSC_FULL:
634 		ret = SPE_PMU_BUF_FAULT_ACT_OK;
635 		goto out_stop;
636 	default:
637 		err_str = "Unknown buffer status code";
638 	}
639 
640 out_err:
641 	pr_err_ratelimited("%s on CPU %d [PMBSR=0x%016llx, PMBPTR=0x%016llx, PMBLIMITR=0x%016llx]\n",
642 			   err_str, smp_processor_id(), pmbsr,
643 			   read_sysreg_s(SYS_PMBPTR_EL1),
644 			   read_sysreg_s(SYS_PMBLIMITR_EL1));
645 	ret = SPE_PMU_BUF_FAULT_ACT_FATAL;
646 
647 out_stop:
648 	arm_spe_perf_aux_output_end(handle);
649 	return ret;
650 }
651 
652 static irqreturn_t arm_spe_pmu_irq_handler(int irq, void *dev)
653 {
654 	struct perf_output_handle *handle = dev;
655 	struct perf_event *event = handle->event;
656 	enum arm_spe_pmu_buf_fault_action act;
657 
658 	if (!perf_get_aux(handle))
659 		return IRQ_NONE;
660 
661 	act = arm_spe_pmu_buf_get_fault_act(handle);
662 	if (act == SPE_PMU_BUF_FAULT_ACT_SPURIOUS)
663 		return IRQ_NONE;
664 
665 	/*
666 	 * Ensure perf callbacks have completed, which may disable the
667 	 * profiling buffer in response to a TRUNCATION flag.
668 	 */
669 	irq_work_run();
670 
671 	switch (act) {
672 	case SPE_PMU_BUF_FAULT_ACT_FATAL:
673 		/*
674 		 * If a fatal exception occurred then leaving the profiling
675 		 * buffer enabled is a recipe waiting to happen. Since
676 		 * fatal faults don't always imply truncation, make sure
677 		 * that the profiling buffer is disabled explicitly before
678 		 * clearing the syndrome register.
679 		 */
680 		arm_spe_pmu_disable_and_drain_local();
681 		break;
682 	case SPE_PMU_BUF_FAULT_ACT_OK:
683 		/*
684 		 * We handled the fault (the buffer was full), so resume
685 		 * profiling as long as we didn't detect truncation.
686 		 * PMBPTR might be misaligned, but we'll burn that bridge
687 		 * when we get to it.
688 		 */
689 		if (!(handle->aux_flags & PERF_AUX_FLAG_TRUNCATED)) {
690 			arm_spe_perf_aux_output_begin(handle, event);
691 			isb();
692 		}
693 		break;
694 	case SPE_PMU_BUF_FAULT_ACT_SPURIOUS:
695 		/* We've seen you before, but GCC has the memory of a sieve. */
696 		break;
697 	}
698 
699 	/* The buffer pointers are now sane, so resume profiling. */
700 	write_sysreg_s(0, SYS_PMBSR_EL1);
701 	return IRQ_HANDLED;
702 }
703 
704 static u64 arm_spe_pmsevfr_res0(u16 pmsver)
705 {
706 	switch (pmsver) {
707 	case ID_AA64DFR0_EL1_PMSVer_IMP:
708 		return PMSEVFR_EL1_RES0_IMP;
709 	case ID_AA64DFR0_EL1_PMSVer_V1P1:
710 		return PMSEVFR_EL1_RES0_V1P1;
711 	case ID_AA64DFR0_EL1_PMSVer_V1P2:
712 	/* Return the highest version we support in default */
713 	default:
714 		return PMSEVFR_EL1_RES0_V1P2;
715 	}
716 }
717 
718 /* Perf callbacks */
719 static int arm_spe_pmu_event_init(struct perf_event *event)
720 {
721 	u64 reg;
722 	struct perf_event_attr *attr = &event->attr;
723 	struct arm_spe_pmu *spe_pmu = to_spe_pmu(event->pmu);
724 
725 	/* This is, of course, deeply driver-specific */
726 	if (attr->type != event->pmu->type)
727 		return -ENOENT;
728 
729 	if (event->cpu >= 0 &&
730 	    !cpumask_test_cpu(event->cpu, &spe_pmu->supported_cpus))
731 		return -ENOENT;
732 
733 	if (arm_spe_event_to_pmsevfr(event) & arm_spe_pmsevfr_res0(spe_pmu->pmsver))
734 		return -EOPNOTSUPP;
735 
736 	if (arm_spe_event_to_pmsnevfr(event) & arm_spe_pmsevfr_res0(spe_pmu->pmsver))
737 		return -EOPNOTSUPP;
738 
739 	if (attr->exclude_idle)
740 		return -EOPNOTSUPP;
741 
742 	/*
743 	 * Feedback-directed frequency throttling doesn't work when we
744 	 * have a buffer of samples. We'd need to manually count the
745 	 * samples in the buffer when it fills up and adjust the event
746 	 * count to reflect that. Instead, just force the user to specify
747 	 * a sample period.
748 	 */
749 	if (attr->freq)
750 		return -EINVAL;
751 
752 	reg = arm_spe_event_to_pmsfcr(event);
753 	if ((FIELD_GET(PMSFCR_EL1_FE, reg)) &&
754 	    !(spe_pmu->features & SPE_PMU_FEAT_FILT_EVT))
755 		return -EOPNOTSUPP;
756 
757 	if ((FIELD_GET(PMSFCR_EL1_FnE, reg)) &&
758 	    !(spe_pmu->features & SPE_PMU_FEAT_INV_FILT_EVT))
759 		return -EOPNOTSUPP;
760 
761 	if ((FIELD_GET(PMSFCR_EL1_FT, reg)) &&
762 	    !(spe_pmu->features & SPE_PMU_FEAT_FILT_TYP))
763 		return -EOPNOTSUPP;
764 
765 	if ((FIELD_GET(PMSFCR_EL1_FL, reg)) &&
766 	    !(spe_pmu->features & SPE_PMU_FEAT_FILT_LAT))
767 		return -EOPNOTSUPP;
768 
769 	set_spe_event_has_cx(event);
770 	reg = arm_spe_event_to_pmscr(event);
771 	if (!perfmon_capable() &&
772 	    (reg & (PMSCR_EL1_PA | PMSCR_EL1_PCT)))
773 		return -EACCES;
774 
775 	return 0;
776 }
777 
778 static void arm_spe_pmu_start(struct perf_event *event, int flags)
779 {
780 	u64 reg;
781 	struct arm_spe_pmu *spe_pmu = to_spe_pmu(event->pmu);
782 	struct hw_perf_event *hwc = &event->hw;
783 	struct perf_output_handle *handle = this_cpu_ptr(spe_pmu->handle);
784 
785 	hwc->state = 0;
786 	arm_spe_perf_aux_output_begin(handle, event);
787 	if (hwc->state)
788 		return;
789 
790 	reg = arm_spe_event_to_pmsfcr(event);
791 	write_sysreg_s(reg, SYS_PMSFCR_EL1);
792 
793 	reg = arm_spe_event_to_pmsevfr(event);
794 	write_sysreg_s(reg, SYS_PMSEVFR_EL1);
795 
796 	if (spe_pmu->features & SPE_PMU_FEAT_INV_FILT_EVT) {
797 		reg = arm_spe_event_to_pmsnevfr(event);
798 		write_sysreg_s(reg, SYS_PMSNEVFR_EL1);
799 	}
800 
801 	reg = arm_spe_event_to_pmslatfr(event);
802 	write_sysreg_s(reg, SYS_PMSLATFR_EL1);
803 
804 	if (flags & PERF_EF_RELOAD) {
805 		reg = arm_spe_event_to_pmsirr(event);
806 		write_sysreg_s(reg, SYS_PMSIRR_EL1);
807 		isb();
808 		reg = local64_read(&hwc->period_left);
809 		write_sysreg_s(reg, SYS_PMSICR_EL1);
810 	}
811 
812 	reg = arm_spe_event_to_pmscr(event);
813 	isb();
814 	write_sysreg_s(reg, SYS_PMSCR_EL1);
815 }
816 
817 static void arm_spe_pmu_stop(struct perf_event *event, int flags)
818 {
819 	struct arm_spe_pmu *spe_pmu = to_spe_pmu(event->pmu);
820 	struct hw_perf_event *hwc = &event->hw;
821 	struct perf_output_handle *handle = this_cpu_ptr(spe_pmu->handle);
822 
823 	/* If we're already stopped, then nothing to do */
824 	if (hwc->state & PERF_HES_STOPPED)
825 		return;
826 
827 	/* Stop all trace generation */
828 	arm_spe_pmu_disable_and_drain_local();
829 
830 	if (flags & PERF_EF_UPDATE) {
831 		/*
832 		 * If there's a fault pending then ensure we contain it
833 		 * to this buffer, since we might be on the context-switch
834 		 * path.
835 		 */
836 		if (perf_get_aux(handle)) {
837 			enum arm_spe_pmu_buf_fault_action act;
838 
839 			act = arm_spe_pmu_buf_get_fault_act(handle);
840 			if (act == SPE_PMU_BUF_FAULT_ACT_SPURIOUS)
841 				arm_spe_perf_aux_output_end(handle);
842 			else
843 				write_sysreg_s(0, SYS_PMBSR_EL1);
844 		}
845 
846 		/*
847 		 * This may also contain ECOUNT, but nobody else should
848 		 * be looking at period_left, since we forbid frequency
849 		 * based sampling.
850 		 */
851 		local64_set(&hwc->period_left, read_sysreg_s(SYS_PMSICR_EL1));
852 		hwc->state |= PERF_HES_UPTODATE;
853 	}
854 
855 	hwc->state |= PERF_HES_STOPPED;
856 }
857 
858 static int arm_spe_pmu_add(struct perf_event *event, int flags)
859 {
860 	int ret = 0;
861 	struct arm_spe_pmu *spe_pmu = to_spe_pmu(event->pmu);
862 	struct hw_perf_event *hwc = &event->hw;
863 	int cpu = event->cpu == -1 ? smp_processor_id() : event->cpu;
864 
865 	if (!cpumask_test_cpu(cpu, &spe_pmu->supported_cpus))
866 		return -ENOENT;
867 
868 	hwc->state = PERF_HES_UPTODATE | PERF_HES_STOPPED;
869 
870 	if (flags & PERF_EF_START) {
871 		arm_spe_pmu_start(event, PERF_EF_RELOAD);
872 		if (hwc->state & PERF_HES_STOPPED)
873 			ret = -EINVAL;
874 	}
875 
876 	return ret;
877 }
878 
879 static void arm_spe_pmu_del(struct perf_event *event, int flags)
880 {
881 	arm_spe_pmu_stop(event, PERF_EF_UPDATE);
882 }
883 
884 static void arm_spe_pmu_read(struct perf_event *event)
885 {
886 }
887 
888 static void *arm_spe_pmu_setup_aux(struct perf_event *event, void **pages,
889 				   int nr_pages, bool snapshot)
890 {
891 	int i, cpu = event->cpu;
892 	struct page **pglist;
893 	struct arm_spe_pmu_buf *buf;
894 
895 	/* We need at least two pages for this to work. */
896 	if (nr_pages < 2)
897 		return NULL;
898 
899 	/*
900 	 * We require an even number of pages for snapshot mode, so that
901 	 * we can effectively treat the buffer as consisting of two equal
902 	 * parts and give userspace a fighting chance of getting some
903 	 * useful data out of it.
904 	 */
905 	if (snapshot && (nr_pages & 1))
906 		return NULL;
907 
908 	if (cpu == -1)
909 		cpu = raw_smp_processor_id();
910 
911 	buf = kzalloc_node(sizeof(*buf), GFP_KERNEL, cpu_to_node(cpu));
912 	if (!buf)
913 		return NULL;
914 
915 	pglist = kcalloc(nr_pages, sizeof(*pglist), GFP_KERNEL);
916 	if (!pglist)
917 		goto out_free_buf;
918 
919 	for (i = 0; i < nr_pages; ++i)
920 		pglist[i] = virt_to_page(pages[i]);
921 
922 	buf->base = vmap(pglist, nr_pages, VM_MAP, PAGE_KERNEL);
923 	if (!buf->base)
924 		goto out_free_pglist;
925 
926 	buf->nr_pages	= nr_pages;
927 	buf->snapshot	= snapshot;
928 
929 	kfree(pglist);
930 	return buf;
931 
932 out_free_pglist:
933 	kfree(pglist);
934 out_free_buf:
935 	kfree(buf);
936 	return NULL;
937 }
938 
939 static void arm_spe_pmu_free_aux(void *aux)
940 {
941 	struct arm_spe_pmu_buf *buf = aux;
942 
943 	vunmap(buf->base);
944 	kfree(buf);
945 }
946 
947 /* Initialisation and teardown functions */
948 static int arm_spe_pmu_perf_init(struct arm_spe_pmu *spe_pmu)
949 {
950 	static atomic_t pmu_idx = ATOMIC_INIT(-1);
951 
952 	int idx;
953 	char *name;
954 	struct device *dev = &spe_pmu->pdev->dev;
955 
956 	spe_pmu->pmu = (struct pmu) {
957 		.module = THIS_MODULE,
958 		.capabilities	= PERF_PMU_CAP_EXCLUSIVE | PERF_PMU_CAP_ITRACE,
959 		.attr_groups	= arm_spe_pmu_attr_groups,
960 		/*
961 		 * We hitch a ride on the software context here, so that
962 		 * we can support per-task profiling (which is not possible
963 		 * with the invalid context as it doesn't get sched callbacks).
964 		 * This requires that userspace either uses a dummy event for
965 		 * perf_event_open, since the aux buffer is not setup until
966 		 * a subsequent mmap, or creates the profiling event in a
967 		 * disabled state and explicitly PERF_EVENT_IOC_ENABLEs it
968 		 * once the buffer has been created.
969 		 */
970 		.task_ctx_nr	= perf_sw_context,
971 		.event_init	= arm_spe_pmu_event_init,
972 		.add		= arm_spe_pmu_add,
973 		.del		= arm_spe_pmu_del,
974 		.start		= arm_spe_pmu_start,
975 		.stop		= arm_spe_pmu_stop,
976 		.read		= arm_spe_pmu_read,
977 		.setup_aux	= arm_spe_pmu_setup_aux,
978 		.free_aux	= arm_spe_pmu_free_aux,
979 	};
980 
981 	idx = atomic_inc_return(&pmu_idx);
982 	name = devm_kasprintf(dev, GFP_KERNEL, "%s_%d", PMUNAME, idx);
983 	if (!name) {
984 		dev_err(dev, "failed to allocate name for pmu %d\n", idx);
985 		return -ENOMEM;
986 	}
987 
988 	return perf_pmu_register(&spe_pmu->pmu, name, -1);
989 }
990 
991 static void arm_spe_pmu_perf_destroy(struct arm_spe_pmu *spe_pmu)
992 {
993 	perf_pmu_unregister(&spe_pmu->pmu);
994 }
995 
996 static void __arm_spe_pmu_dev_probe(void *info)
997 {
998 	int fld;
999 	u64 reg;
1000 	struct arm_spe_pmu *spe_pmu = info;
1001 	struct device *dev = &spe_pmu->pdev->dev;
1002 
1003 	fld = cpuid_feature_extract_unsigned_field(read_cpuid(ID_AA64DFR0_EL1),
1004 						   ID_AA64DFR0_EL1_PMSVer_SHIFT);
1005 	if (!fld) {
1006 		dev_err(dev,
1007 			"unsupported ID_AA64DFR0_EL1.PMSVer [%d] on CPU %d\n",
1008 			fld, smp_processor_id());
1009 		return;
1010 	}
1011 	spe_pmu->pmsver = (u16)fld;
1012 
1013 	/* Read PMBIDR first to determine whether or not we have access */
1014 	reg = read_sysreg_s(SYS_PMBIDR_EL1);
1015 	if (FIELD_GET(PMBIDR_EL1_P, reg)) {
1016 		dev_err(dev,
1017 			"profiling buffer owned by higher exception level\n");
1018 		return;
1019 	}
1020 
1021 	/* Minimum alignment. If it's out-of-range, then fail the probe */
1022 	fld = FIELD_GET(PMBIDR_EL1_ALIGN, reg);
1023 	spe_pmu->align = 1 << fld;
1024 	if (spe_pmu->align > SZ_2K) {
1025 		dev_err(dev, "unsupported PMBIDR.Align [%d] on CPU %d\n",
1026 			fld, smp_processor_id());
1027 		return;
1028 	}
1029 
1030 	/* It's now safe to read PMSIDR and figure out what we've got */
1031 	reg = read_sysreg_s(SYS_PMSIDR_EL1);
1032 	if (FIELD_GET(PMSIDR_EL1_FE, reg))
1033 		spe_pmu->features |= SPE_PMU_FEAT_FILT_EVT;
1034 
1035 	if (FIELD_GET(PMSIDR_EL1_FnE, reg))
1036 		spe_pmu->features |= SPE_PMU_FEAT_INV_FILT_EVT;
1037 
1038 	if (FIELD_GET(PMSIDR_EL1_FT, reg))
1039 		spe_pmu->features |= SPE_PMU_FEAT_FILT_TYP;
1040 
1041 	if (FIELD_GET(PMSIDR_EL1_FL, reg))
1042 		spe_pmu->features |= SPE_PMU_FEAT_FILT_LAT;
1043 
1044 	if (FIELD_GET(PMSIDR_EL1_ARCHINST, reg))
1045 		spe_pmu->features |= SPE_PMU_FEAT_ARCH_INST;
1046 
1047 	if (FIELD_GET(PMSIDR_EL1_LDS, reg))
1048 		spe_pmu->features |= SPE_PMU_FEAT_LDS;
1049 
1050 	if (FIELD_GET(PMSIDR_EL1_ERND, reg))
1051 		spe_pmu->features |= SPE_PMU_FEAT_ERND;
1052 
1053 	/* This field has a spaced out encoding, so just use a look-up */
1054 	fld = FIELD_GET(PMSIDR_EL1_INTERVAL, reg);
1055 	switch (fld) {
1056 	case PMSIDR_EL1_INTERVAL_256:
1057 		spe_pmu->min_period = 256;
1058 		break;
1059 	case PMSIDR_EL1_INTERVAL_512:
1060 		spe_pmu->min_period = 512;
1061 		break;
1062 	case PMSIDR_EL1_INTERVAL_768:
1063 		spe_pmu->min_period = 768;
1064 		break;
1065 	case PMSIDR_EL1_INTERVAL_1024:
1066 		spe_pmu->min_period = 1024;
1067 		break;
1068 	case PMSIDR_EL1_INTERVAL_1536:
1069 		spe_pmu->min_period = 1536;
1070 		break;
1071 	case PMSIDR_EL1_INTERVAL_2048:
1072 		spe_pmu->min_period = 2048;
1073 		break;
1074 	case PMSIDR_EL1_INTERVAL_3072:
1075 		spe_pmu->min_period = 3072;
1076 		break;
1077 	default:
1078 		dev_warn(dev, "unknown PMSIDR_EL1.Interval [%d]; assuming 8\n",
1079 			 fld);
1080 		fallthrough;
1081 	case PMSIDR_EL1_INTERVAL_4096:
1082 		spe_pmu->min_period = 4096;
1083 	}
1084 
1085 	/* Maximum record size. If it's out-of-range, then fail the probe */
1086 	fld = FIELD_GET(PMSIDR_EL1_MAXSIZE, reg);
1087 	spe_pmu->max_record_sz = 1 << fld;
1088 	if (spe_pmu->max_record_sz > SZ_2K || spe_pmu->max_record_sz < 16) {
1089 		dev_err(dev, "unsupported PMSIDR_EL1.MaxSize [%d] on CPU %d\n",
1090 			fld, smp_processor_id());
1091 		return;
1092 	}
1093 
1094 	fld = FIELD_GET(PMSIDR_EL1_COUNTSIZE, reg);
1095 	switch (fld) {
1096 	default:
1097 		dev_warn(dev, "unknown PMSIDR_EL1.CountSize [%d]; assuming 2\n",
1098 			 fld);
1099 		fallthrough;
1100 	case PMSIDR_EL1_COUNTSIZE_12_BIT_SAT:
1101 		spe_pmu->counter_sz = 12;
1102 		break;
1103 	case PMSIDR_EL1_COUNTSIZE_16_BIT_SAT:
1104 		spe_pmu->counter_sz = 16;
1105 	}
1106 
1107 	dev_info(dev,
1108 		 "probed SPEv1.%d for CPUs %*pbl [max_record_sz %u, align %u, features 0x%llx]\n",
1109 		 spe_pmu->pmsver - 1, cpumask_pr_args(&spe_pmu->supported_cpus),
1110 		 spe_pmu->max_record_sz, spe_pmu->align, spe_pmu->features);
1111 
1112 	spe_pmu->features |= SPE_PMU_FEAT_DEV_PROBED;
1113 }
1114 
1115 static void __arm_spe_pmu_reset_local(void)
1116 {
1117 	/*
1118 	 * This is probably overkill, as we have no idea where we're
1119 	 * draining any buffered data to...
1120 	 */
1121 	arm_spe_pmu_disable_and_drain_local();
1122 
1123 	/* Reset the buffer base pointer */
1124 	write_sysreg_s(0, SYS_PMBPTR_EL1);
1125 	isb();
1126 
1127 	/* Clear any pending management interrupts */
1128 	write_sysreg_s(0, SYS_PMBSR_EL1);
1129 	isb();
1130 }
1131 
1132 static void __arm_spe_pmu_setup_one(void *info)
1133 {
1134 	struct arm_spe_pmu *spe_pmu = info;
1135 
1136 	__arm_spe_pmu_reset_local();
1137 	enable_percpu_irq(spe_pmu->irq, IRQ_TYPE_NONE);
1138 }
1139 
1140 static void __arm_spe_pmu_stop_one(void *info)
1141 {
1142 	struct arm_spe_pmu *spe_pmu = info;
1143 
1144 	disable_percpu_irq(spe_pmu->irq);
1145 	__arm_spe_pmu_reset_local();
1146 }
1147 
1148 static int arm_spe_pmu_cpu_startup(unsigned int cpu, struct hlist_node *node)
1149 {
1150 	struct arm_spe_pmu *spe_pmu;
1151 
1152 	spe_pmu = hlist_entry_safe(node, struct arm_spe_pmu, hotplug_node);
1153 	if (!cpumask_test_cpu(cpu, &spe_pmu->supported_cpus))
1154 		return 0;
1155 
1156 	__arm_spe_pmu_setup_one(spe_pmu);
1157 	return 0;
1158 }
1159 
1160 static int arm_spe_pmu_cpu_teardown(unsigned int cpu, struct hlist_node *node)
1161 {
1162 	struct arm_spe_pmu *spe_pmu;
1163 
1164 	spe_pmu = hlist_entry_safe(node, struct arm_spe_pmu, hotplug_node);
1165 	if (!cpumask_test_cpu(cpu, &spe_pmu->supported_cpus))
1166 		return 0;
1167 
1168 	__arm_spe_pmu_stop_one(spe_pmu);
1169 	return 0;
1170 }
1171 
1172 static int arm_spe_pmu_dev_init(struct arm_spe_pmu *spe_pmu)
1173 {
1174 	int ret;
1175 	cpumask_t *mask = &spe_pmu->supported_cpus;
1176 
1177 	/* Make sure we probe the hardware on a relevant CPU */
1178 	ret = smp_call_function_any(mask,  __arm_spe_pmu_dev_probe, spe_pmu, 1);
1179 	if (ret || !(spe_pmu->features & SPE_PMU_FEAT_DEV_PROBED))
1180 		return -ENXIO;
1181 
1182 	/* Request our PPIs (note that the IRQ is still disabled) */
1183 	ret = request_percpu_irq(spe_pmu->irq, arm_spe_pmu_irq_handler, DRVNAME,
1184 				 spe_pmu->handle);
1185 	if (ret)
1186 		return ret;
1187 
1188 	/*
1189 	 * Register our hotplug notifier now so we don't miss any events.
1190 	 * This will enable the IRQ for any supported CPUs that are already
1191 	 * up.
1192 	 */
1193 	ret = cpuhp_state_add_instance(arm_spe_pmu_online,
1194 				       &spe_pmu->hotplug_node);
1195 	if (ret)
1196 		free_percpu_irq(spe_pmu->irq, spe_pmu->handle);
1197 
1198 	return ret;
1199 }
1200 
1201 static void arm_spe_pmu_dev_teardown(struct arm_spe_pmu *spe_pmu)
1202 {
1203 	cpuhp_state_remove_instance(arm_spe_pmu_online, &spe_pmu->hotplug_node);
1204 	free_percpu_irq(spe_pmu->irq, spe_pmu->handle);
1205 }
1206 
1207 /* Driver and device probing */
1208 static int arm_spe_pmu_irq_probe(struct arm_spe_pmu *spe_pmu)
1209 {
1210 	struct platform_device *pdev = spe_pmu->pdev;
1211 	int irq = platform_get_irq(pdev, 0);
1212 
1213 	if (irq < 0)
1214 		return -ENXIO;
1215 
1216 	if (!irq_is_percpu(irq)) {
1217 		dev_err(&pdev->dev, "expected PPI but got SPI (%d)\n", irq);
1218 		return -EINVAL;
1219 	}
1220 
1221 	if (irq_get_percpu_devid_partition(irq, &spe_pmu->supported_cpus)) {
1222 		dev_err(&pdev->dev, "failed to get PPI partition (%d)\n", irq);
1223 		return -EINVAL;
1224 	}
1225 
1226 	spe_pmu->irq = irq;
1227 	return 0;
1228 }
1229 
1230 static const struct of_device_id arm_spe_pmu_of_match[] = {
1231 	{ .compatible = "arm,statistical-profiling-extension-v1", .data = (void *)1 },
1232 	{ /* Sentinel */ },
1233 };
1234 MODULE_DEVICE_TABLE(of, arm_spe_pmu_of_match);
1235 
1236 static const struct platform_device_id arm_spe_match[] = {
1237 	{ ARMV8_SPE_PDEV_NAME, 0},
1238 	{ }
1239 };
1240 MODULE_DEVICE_TABLE(platform, arm_spe_match);
1241 
1242 static int arm_spe_pmu_device_probe(struct platform_device *pdev)
1243 {
1244 	int ret;
1245 	struct arm_spe_pmu *spe_pmu;
1246 	struct device *dev = &pdev->dev;
1247 
1248 	/*
1249 	 * If kernelspace is unmapped when running at EL0, then the SPE
1250 	 * buffer will fault and prematurely terminate the AUX session.
1251 	 */
1252 	if (arm64_kernel_unmapped_at_el0()) {
1253 		dev_warn_once(dev, "profiling buffer inaccessible. Try passing \"kpti=off\" on the kernel command line\n");
1254 		return -EPERM;
1255 	}
1256 
1257 	spe_pmu = devm_kzalloc(dev, sizeof(*spe_pmu), GFP_KERNEL);
1258 	if (!spe_pmu)
1259 		return -ENOMEM;
1260 
1261 	spe_pmu->handle = alloc_percpu(typeof(*spe_pmu->handle));
1262 	if (!spe_pmu->handle)
1263 		return -ENOMEM;
1264 
1265 	spe_pmu->pdev = pdev;
1266 	platform_set_drvdata(pdev, spe_pmu);
1267 
1268 	ret = arm_spe_pmu_irq_probe(spe_pmu);
1269 	if (ret)
1270 		goto out_free_handle;
1271 
1272 	ret = arm_spe_pmu_dev_init(spe_pmu);
1273 	if (ret)
1274 		goto out_free_handle;
1275 
1276 	ret = arm_spe_pmu_perf_init(spe_pmu);
1277 	if (ret)
1278 		goto out_teardown_dev;
1279 
1280 	return 0;
1281 
1282 out_teardown_dev:
1283 	arm_spe_pmu_dev_teardown(spe_pmu);
1284 out_free_handle:
1285 	free_percpu(spe_pmu->handle);
1286 	return ret;
1287 }
1288 
1289 static int arm_spe_pmu_device_remove(struct platform_device *pdev)
1290 {
1291 	struct arm_spe_pmu *spe_pmu = platform_get_drvdata(pdev);
1292 
1293 	arm_spe_pmu_perf_destroy(spe_pmu);
1294 	arm_spe_pmu_dev_teardown(spe_pmu);
1295 	free_percpu(spe_pmu->handle);
1296 	return 0;
1297 }
1298 
1299 static struct platform_driver arm_spe_pmu_driver = {
1300 	.id_table = arm_spe_match,
1301 	.driver	= {
1302 		.name		= DRVNAME,
1303 		.of_match_table	= of_match_ptr(arm_spe_pmu_of_match),
1304 		.suppress_bind_attrs = true,
1305 	},
1306 	.probe	= arm_spe_pmu_device_probe,
1307 	.remove	= arm_spe_pmu_device_remove,
1308 };
1309 
1310 static int __init arm_spe_pmu_init(void)
1311 {
1312 	int ret;
1313 
1314 	ret = cpuhp_setup_state_multi(CPUHP_AP_ONLINE_DYN, DRVNAME,
1315 				      arm_spe_pmu_cpu_startup,
1316 				      arm_spe_pmu_cpu_teardown);
1317 	if (ret < 0)
1318 		return ret;
1319 	arm_spe_pmu_online = ret;
1320 
1321 	ret = platform_driver_register(&arm_spe_pmu_driver);
1322 	if (ret)
1323 		cpuhp_remove_multi_state(arm_spe_pmu_online);
1324 
1325 	return ret;
1326 }
1327 
1328 static void __exit arm_spe_pmu_exit(void)
1329 {
1330 	platform_driver_unregister(&arm_spe_pmu_driver);
1331 	cpuhp_remove_multi_state(arm_spe_pmu_online);
1332 }
1333 
1334 module_init(arm_spe_pmu_init);
1335 module_exit(arm_spe_pmu_exit);
1336 
1337 MODULE_DESCRIPTION("Perf driver for the ARMv8.2 Statistical Profiling Extension");
1338 MODULE_AUTHOR("Will Deacon <will.deacon@arm.com>");
1339 MODULE_LICENSE("GPL v2");
1340