Loading...
1/*
2 * Copyright (C) 2013 Red Hat
3 * Author: Rob Clark <robdclark@gmail.com>
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License version 2 as published by
7 * the Free Software Foundation.
8 *
9 * This program is distributed in the hope that it will be useful, but WITHOUT
10 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
12 * more details.
13 *
14 * You should have received a copy of the GNU General Public License along with
15 * this program. If not, see <http://www.gnu.org/licenses/>.
16 */
17
18#include <linux/spinlock.h>
19#include <linux/shmem_fs.h>
20#include <linux/dma-buf.h>
21#include <linux/pfn_t.h>
22
23#include "msm_drv.h"
24#include "msm_gem.h"
25#include "msm_gpu.h"
26#include "msm_mmu.h"
27
28static dma_addr_t physaddr(struct drm_gem_object *obj)
29{
30 struct msm_gem_object *msm_obj = to_msm_bo(obj);
31 struct msm_drm_private *priv = obj->dev->dev_private;
32 return (((dma_addr_t)msm_obj->vram_node->start) << PAGE_SHIFT) +
33 priv->vram.paddr;
34}
35
36static bool use_pages(struct drm_gem_object *obj)
37{
38 struct msm_gem_object *msm_obj = to_msm_bo(obj);
39 return !msm_obj->vram_node;
40}
41
42/* allocate pages from VRAM carveout, used when no IOMMU: */
43static struct page **get_pages_vram(struct drm_gem_object *obj,
44 int npages)
45{
46 struct msm_gem_object *msm_obj = to_msm_bo(obj);
47 struct msm_drm_private *priv = obj->dev->dev_private;
48 dma_addr_t paddr;
49 struct page **p;
50 int ret, i;
51
52 p = drm_malloc_ab(npages, sizeof(struct page *));
53 if (!p)
54 return ERR_PTR(-ENOMEM);
55
56 ret = drm_mm_insert_node(&priv->vram.mm, msm_obj->vram_node,
57 npages, 0, DRM_MM_SEARCH_DEFAULT);
58 if (ret) {
59 drm_free_large(p);
60 return ERR_PTR(ret);
61 }
62
63 paddr = physaddr(obj);
64 for (i = 0; i < npages; i++) {
65 p[i] = phys_to_page(paddr);
66 paddr += PAGE_SIZE;
67 }
68
69 return p;
70}
71
72/* called with dev->struct_mutex held */
73static struct page **get_pages(struct drm_gem_object *obj)
74{
75 struct msm_gem_object *msm_obj = to_msm_bo(obj);
76
77 if (!msm_obj->pages) {
78 struct drm_device *dev = obj->dev;
79 struct page **p;
80 int npages = obj->size >> PAGE_SHIFT;
81
82 if (use_pages(obj))
83 p = drm_gem_get_pages(obj);
84 else
85 p = get_pages_vram(obj, npages);
86
87 if (IS_ERR(p)) {
88 dev_err(dev->dev, "could not get pages: %ld\n",
89 PTR_ERR(p));
90 return p;
91 }
92
93 msm_obj->sgt = drm_prime_pages_to_sg(p, npages);
94 if (IS_ERR(msm_obj->sgt)) {
95 dev_err(dev->dev, "failed to allocate sgt\n");
96 return ERR_CAST(msm_obj->sgt);
97 }
98
99 msm_obj->pages = p;
100
101 /* For non-cached buffers, ensure the new pages are clean
102 * because display controller, GPU, etc. are not coherent:
103 */
104 if (msm_obj->flags & (MSM_BO_WC|MSM_BO_UNCACHED))
105 dma_map_sg(dev->dev, msm_obj->sgt->sgl,
106 msm_obj->sgt->nents, DMA_BIDIRECTIONAL);
107 }
108
109 return msm_obj->pages;
110}
111
112static void put_pages(struct drm_gem_object *obj)
113{
114 struct msm_gem_object *msm_obj = to_msm_bo(obj);
115
116 if (msm_obj->pages) {
117 /* For non-cached buffers, ensure the new pages are clean
118 * because display controller, GPU, etc. are not coherent:
119 */
120 if (msm_obj->flags & (MSM_BO_WC|MSM_BO_UNCACHED))
121 dma_unmap_sg(obj->dev->dev, msm_obj->sgt->sgl,
122 msm_obj->sgt->nents, DMA_BIDIRECTIONAL);
123 sg_free_table(msm_obj->sgt);
124 kfree(msm_obj->sgt);
125
126 if (use_pages(obj))
127 drm_gem_put_pages(obj, msm_obj->pages, true, false);
128 else {
129 drm_mm_remove_node(msm_obj->vram_node);
130 drm_free_large(msm_obj->pages);
131 }
132
133 msm_obj->pages = NULL;
134 }
135}
136
137struct page **msm_gem_get_pages(struct drm_gem_object *obj)
138{
139 struct drm_device *dev = obj->dev;
140 struct page **p;
141 mutex_lock(&dev->struct_mutex);
142 p = get_pages(obj);
143 mutex_unlock(&dev->struct_mutex);
144 return p;
145}
146
147void msm_gem_put_pages(struct drm_gem_object *obj)
148{
149 /* when we start tracking the pin count, then do something here */
150}
151
152int msm_gem_mmap_obj(struct drm_gem_object *obj,
153 struct vm_area_struct *vma)
154{
155 struct msm_gem_object *msm_obj = to_msm_bo(obj);
156
157 vma->vm_flags &= ~VM_PFNMAP;
158 vma->vm_flags |= VM_MIXEDMAP;
159
160 if (msm_obj->flags & MSM_BO_WC) {
161 vma->vm_page_prot = pgprot_writecombine(vm_get_page_prot(vma->vm_flags));
162 } else if (msm_obj->flags & MSM_BO_UNCACHED) {
163 vma->vm_page_prot = pgprot_noncached(vm_get_page_prot(vma->vm_flags));
164 } else {
165 /*
166 * Shunt off cached objs to shmem file so they have their own
167 * address_space (so unmap_mapping_range does what we want,
168 * in particular in the case of mmap'd dmabufs)
169 */
170 fput(vma->vm_file);
171 get_file(obj->filp);
172 vma->vm_pgoff = 0;
173 vma->vm_file = obj->filp;
174
175 vma->vm_page_prot = vm_get_page_prot(vma->vm_flags);
176 }
177
178 return 0;
179}
180
181int msm_gem_mmap(struct file *filp, struct vm_area_struct *vma)
182{
183 int ret;
184
185 ret = drm_gem_mmap(filp, vma);
186 if (ret) {
187 DBG("mmap failed: %d", ret);
188 return ret;
189 }
190
191 return msm_gem_mmap_obj(vma->vm_private_data, vma);
192}
193
194int msm_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
195{
196 struct drm_gem_object *obj = vma->vm_private_data;
197 struct drm_device *dev = obj->dev;
198 struct page **pages;
199 unsigned long pfn;
200 pgoff_t pgoff;
201 int ret;
202
203 /* Make sure we don't parallel update on a fault, nor move or remove
204 * something from beneath our feet
205 */
206 ret = mutex_lock_interruptible(&dev->struct_mutex);
207 if (ret)
208 goto out;
209
210 /* make sure we have pages attached now */
211 pages = get_pages(obj);
212 if (IS_ERR(pages)) {
213 ret = PTR_ERR(pages);
214 goto out_unlock;
215 }
216
217 /* We don't use vmf->pgoff since that has the fake offset: */
218 pgoff = ((unsigned long)vmf->virtual_address -
219 vma->vm_start) >> PAGE_SHIFT;
220
221 pfn = page_to_pfn(pages[pgoff]);
222
223 VERB("Inserting %p pfn %lx, pa %lx", vmf->virtual_address,
224 pfn, pfn << PAGE_SHIFT);
225
226 ret = vm_insert_mixed(vma, (unsigned long)vmf->virtual_address,
227 __pfn_to_pfn_t(pfn, PFN_DEV));
228
229out_unlock:
230 mutex_unlock(&dev->struct_mutex);
231out:
232 switch (ret) {
233 case -EAGAIN:
234 case 0:
235 case -ERESTARTSYS:
236 case -EINTR:
237 case -EBUSY:
238 /*
239 * EBUSY is ok: this just means that another thread
240 * already did the job.
241 */
242 return VM_FAULT_NOPAGE;
243 case -ENOMEM:
244 return VM_FAULT_OOM;
245 default:
246 return VM_FAULT_SIGBUS;
247 }
248}
249
250/** get mmap offset */
251static uint64_t mmap_offset(struct drm_gem_object *obj)
252{
253 struct drm_device *dev = obj->dev;
254 int ret;
255
256 WARN_ON(!mutex_is_locked(&dev->struct_mutex));
257
258 /* Make it mmapable */
259 ret = drm_gem_create_mmap_offset(obj);
260
261 if (ret) {
262 dev_err(dev->dev, "could not allocate mmap offset\n");
263 return 0;
264 }
265
266 return drm_vma_node_offset_addr(&obj->vma_node);
267}
268
269uint64_t msm_gem_mmap_offset(struct drm_gem_object *obj)
270{
271 uint64_t offset;
272 mutex_lock(&obj->dev->struct_mutex);
273 offset = mmap_offset(obj);
274 mutex_unlock(&obj->dev->struct_mutex);
275 return offset;
276}
277
278/* should be called under struct_mutex.. although it can be called
279 * from atomic context without struct_mutex to acquire an extra
280 * iova ref if you know one is already held.
281 *
282 * That means when I do eventually need to add support for unpinning
283 * the refcnt counter needs to be atomic_t.
284 */
285int msm_gem_get_iova_locked(struct drm_gem_object *obj, int id,
286 uint32_t *iova)
287{
288 struct msm_gem_object *msm_obj = to_msm_bo(obj);
289 int ret = 0;
290
291 if (!msm_obj->domain[id].iova) {
292 struct msm_drm_private *priv = obj->dev->dev_private;
293 struct page **pages = get_pages(obj);
294
295 if (IS_ERR(pages))
296 return PTR_ERR(pages);
297
298 if (iommu_present(&platform_bus_type)) {
299 struct msm_mmu *mmu = priv->mmus[id];
300 uint32_t offset;
301
302 if (WARN_ON(!mmu))
303 return -EINVAL;
304
305 offset = (uint32_t)mmap_offset(obj);
306 ret = mmu->funcs->map(mmu, offset, msm_obj->sgt,
307 obj->size, IOMMU_READ | IOMMU_WRITE);
308 msm_obj->domain[id].iova = offset;
309 } else {
310 msm_obj->domain[id].iova = physaddr(obj);
311 }
312 }
313
314 if (!ret)
315 *iova = msm_obj->domain[id].iova;
316
317 return ret;
318}
319
320/* get iova, taking a reference. Should have a matching put */
321int msm_gem_get_iova(struct drm_gem_object *obj, int id, uint32_t *iova)
322{
323 struct msm_gem_object *msm_obj = to_msm_bo(obj);
324 int ret;
325
326 /* this is safe right now because we don't unmap until the
327 * bo is deleted:
328 */
329 if (msm_obj->domain[id].iova) {
330 *iova = msm_obj->domain[id].iova;
331 return 0;
332 }
333
334 mutex_lock(&obj->dev->struct_mutex);
335 ret = msm_gem_get_iova_locked(obj, id, iova);
336 mutex_unlock(&obj->dev->struct_mutex);
337 return ret;
338}
339
340/* get iova without taking a reference, used in places where you have
341 * already done a 'msm_gem_get_iova()'.
342 */
343uint32_t msm_gem_iova(struct drm_gem_object *obj, int id)
344{
345 struct msm_gem_object *msm_obj = to_msm_bo(obj);
346 WARN_ON(!msm_obj->domain[id].iova);
347 return msm_obj->domain[id].iova;
348}
349
350void msm_gem_put_iova(struct drm_gem_object *obj, int id)
351{
352 // XXX TODO ..
353 // NOTE: probably don't need a _locked() version.. we wouldn't
354 // normally unmap here, but instead just mark that it could be
355 // unmapped (if the iova refcnt drops to zero), but then later
356 // if another _get_iova_locked() fails we can start unmapping
357 // things that are no longer needed..
358}
359
360int msm_gem_dumb_create(struct drm_file *file, struct drm_device *dev,
361 struct drm_mode_create_dumb *args)
362{
363 args->pitch = align_pitch(args->width, args->bpp);
364 args->size = PAGE_ALIGN(args->pitch * args->height);
365 return msm_gem_new_handle(dev, file, args->size,
366 MSM_BO_SCANOUT | MSM_BO_WC, &args->handle);
367}
368
369int msm_gem_dumb_map_offset(struct drm_file *file, struct drm_device *dev,
370 uint32_t handle, uint64_t *offset)
371{
372 struct drm_gem_object *obj;
373 int ret = 0;
374
375 /* GEM does all our handle to object mapping */
376 obj = drm_gem_object_lookup(dev, file, handle);
377 if (obj == NULL) {
378 ret = -ENOENT;
379 goto fail;
380 }
381
382 *offset = msm_gem_mmap_offset(obj);
383
384 drm_gem_object_unreference_unlocked(obj);
385
386fail:
387 return ret;
388}
389
390void *msm_gem_vaddr_locked(struct drm_gem_object *obj)
391{
392 struct msm_gem_object *msm_obj = to_msm_bo(obj);
393 WARN_ON(!mutex_is_locked(&obj->dev->struct_mutex));
394 if (!msm_obj->vaddr) {
395 struct page **pages = get_pages(obj);
396 if (IS_ERR(pages))
397 return ERR_CAST(pages);
398 msm_obj->vaddr = vmap(pages, obj->size >> PAGE_SHIFT,
399 VM_MAP, pgprot_writecombine(PAGE_KERNEL));
400 }
401 return msm_obj->vaddr;
402}
403
404void *msm_gem_vaddr(struct drm_gem_object *obj)
405{
406 void *ret;
407 mutex_lock(&obj->dev->struct_mutex);
408 ret = msm_gem_vaddr_locked(obj);
409 mutex_unlock(&obj->dev->struct_mutex);
410 return ret;
411}
412
413/* setup callback for when bo is no longer busy..
414 * TODO probably want to differentiate read vs write..
415 */
416int msm_gem_queue_inactive_cb(struct drm_gem_object *obj,
417 struct msm_fence_cb *cb)
418{
419 struct msm_gem_object *msm_obj = to_msm_bo(obj);
420 uint32_t fence = msm_gem_fence(msm_obj,
421 MSM_PREP_READ | MSM_PREP_WRITE);
422 return msm_queue_fence_cb(obj->dev, cb, fence);
423}
424
425void msm_gem_move_to_active(struct drm_gem_object *obj,
426 struct msm_gpu *gpu, bool write, uint32_t fence)
427{
428 struct msm_gem_object *msm_obj = to_msm_bo(obj);
429 msm_obj->gpu = gpu;
430 if (write)
431 msm_obj->write_fence = fence;
432 else
433 msm_obj->read_fence = fence;
434 list_del_init(&msm_obj->mm_list);
435 list_add_tail(&msm_obj->mm_list, &gpu->active_list);
436}
437
438void msm_gem_move_to_inactive(struct drm_gem_object *obj)
439{
440 struct drm_device *dev = obj->dev;
441 struct msm_drm_private *priv = dev->dev_private;
442 struct msm_gem_object *msm_obj = to_msm_bo(obj);
443
444 WARN_ON(!mutex_is_locked(&dev->struct_mutex));
445
446 msm_obj->gpu = NULL;
447 msm_obj->read_fence = 0;
448 msm_obj->write_fence = 0;
449 list_del_init(&msm_obj->mm_list);
450 list_add_tail(&msm_obj->mm_list, &priv->inactive_list);
451}
452
453int msm_gem_cpu_prep(struct drm_gem_object *obj, uint32_t op, ktime_t *timeout)
454{
455 struct drm_device *dev = obj->dev;
456 struct msm_gem_object *msm_obj = to_msm_bo(obj);
457 int ret = 0;
458
459 if (is_active(msm_obj)) {
460 uint32_t fence = msm_gem_fence(msm_obj, op);
461
462 if (op & MSM_PREP_NOSYNC)
463 timeout = NULL;
464
465 ret = msm_wait_fence(dev, fence, timeout, true);
466 }
467
468 /* TODO cache maintenance */
469
470 return ret;
471}
472
473int msm_gem_cpu_fini(struct drm_gem_object *obj)
474{
475 /* TODO cache maintenance */
476 return 0;
477}
478
479#ifdef CONFIG_DEBUG_FS
480void msm_gem_describe(struct drm_gem_object *obj, struct seq_file *m)
481{
482 struct drm_device *dev = obj->dev;
483 struct msm_gem_object *msm_obj = to_msm_bo(obj);
484 uint64_t off = drm_vma_node_start(&obj->vma_node);
485
486 WARN_ON(!mutex_is_locked(&dev->struct_mutex));
487 seq_printf(m, "%08x: %c(r=%u,w=%u) %2d (%2d) %08llx %p %zu\n",
488 msm_obj->flags, is_active(msm_obj) ? 'A' : 'I',
489 msm_obj->read_fence, msm_obj->write_fence,
490 obj->name, obj->refcount.refcount.counter,
491 off, msm_obj->vaddr, obj->size);
492}
493
494void msm_gem_describe_objects(struct list_head *list, struct seq_file *m)
495{
496 struct msm_gem_object *msm_obj;
497 int count = 0;
498 size_t size = 0;
499
500 list_for_each_entry(msm_obj, list, mm_list) {
501 struct drm_gem_object *obj = &msm_obj->base;
502 seq_printf(m, " ");
503 msm_gem_describe(obj, m);
504 count++;
505 size += obj->size;
506 }
507
508 seq_printf(m, "Total %d objects, %zu bytes\n", count, size);
509}
510#endif
511
512void msm_gem_free_object(struct drm_gem_object *obj)
513{
514 struct drm_device *dev = obj->dev;
515 struct msm_drm_private *priv = obj->dev->dev_private;
516 struct msm_gem_object *msm_obj = to_msm_bo(obj);
517 int id;
518
519 WARN_ON(!mutex_is_locked(&dev->struct_mutex));
520
521 /* object should not be on active list: */
522 WARN_ON(is_active(msm_obj));
523
524 list_del(&msm_obj->mm_list);
525
526 for (id = 0; id < ARRAY_SIZE(msm_obj->domain); id++) {
527 struct msm_mmu *mmu = priv->mmus[id];
528 if (mmu && msm_obj->domain[id].iova) {
529 uint32_t offset = msm_obj->domain[id].iova;
530 mmu->funcs->unmap(mmu, offset, msm_obj->sgt, obj->size);
531 }
532 }
533
534 if (obj->import_attach) {
535 if (msm_obj->vaddr)
536 dma_buf_vunmap(obj->import_attach->dmabuf, msm_obj->vaddr);
537
538 /* Don't drop the pages for imported dmabuf, as they are not
539 * ours, just free the array we allocated:
540 */
541 if (msm_obj->pages)
542 drm_free_large(msm_obj->pages);
543
544 drm_prime_gem_destroy(obj, msm_obj->sgt);
545 } else {
546 vunmap(msm_obj->vaddr);
547 put_pages(obj);
548 }
549
550 if (msm_obj->resv == &msm_obj->_resv)
551 reservation_object_fini(msm_obj->resv);
552
553 drm_gem_object_release(obj);
554
555 kfree(msm_obj);
556}
557
558/* convenience method to construct a GEM buffer object, and userspace handle */
559int msm_gem_new_handle(struct drm_device *dev, struct drm_file *file,
560 uint32_t size, uint32_t flags, uint32_t *handle)
561{
562 struct drm_gem_object *obj;
563 int ret;
564
565 ret = mutex_lock_interruptible(&dev->struct_mutex);
566 if (ret)
567 return ret;
568
569 obj = msm_gem_new(dev, size, flags);
570
571 mutex_unlock(&dev->struct_mutex);
572
573 if (IS_ERR(obj))
574 return PTR_ERR(obj);
575
576 ret = drm_gem_handle_create(file, obj, handle);
577
578 /* drop reference from allocate - handle holds it now */
579 drm_gem_object_unreference_unlocked(obj);
580
581 return ret;
582}
583
584static int msm_gem_new_impl(struct drm_device *dev,
585 uint32_t size, uint32_t flags,
586 struct drm_gem_object **obj)
587{
588 struct msm_drm_private *priv = dev->dev_private;
589 struct msm_gem_object *msm_obj;
590 unsigned sz;
591 bool use_vram = false;
592
593 switch (flags & MSM_BO_CACHE_MASK) {
594 case MSM_BO_UNCACHED:
595 case MSM_BO_CACHED:
596 case MSM_BO_WC:
597 break;
598 default:
599 dev_err(dev->dev, "invalid cache flag: %x\n",
600 (flags & MSM_BO_CACHE_MASK));
601 return -EINVAL;
602 }
603
604 if (!iommu_present(&platform_bus_type))
605 use_vram = true;
606 else if ((flags & MSM_BO_STOLEN) && priv->vram.size)
607 use_vram = true;
608
609 if (WARN_ON(use_vram && !priv->vram.size))
610 return -EINVAL;
611
612 sz = sizeof(*msm_obj);
613 if (use_vram)
614 sz += sizeof(struct drm_mm_node);
615
616 msm_obj = kzalloc(sz, GFP_KERNEL);
617 if (!msm_obj)
618 return -ENOMEM;
619
620 if (use_vram)
621 msm_obj->vram_node = (void *)&msm_obj[1];
622
623 msm_obj->flags = flags;
624
625 msm_obj->resv = &msm_obj->_resv;
626 reservation_object_init(msm_obj->resv);
627
628 INIT_LIST_HEAD(&msm_obj->submit_entry);
629 list_add_tail(&msm_obj->mm_list, &priv->inactive_list);
630
631 *obj = &msm_obj->base;
632
633 return 0;
634}
635
636struct drm_gem_object *msm_gem_new(struct drm_device *dev,
637 uint32_t size, uint32_t flags)
638{
639 struct drm_gem_object *obj = NULL;
640 int ret;
641
642 WARN_ON(!mutex_is_locked(&dev->struct_mutex));
643
644 size = PAGE_ALIGN(size);
645
646 ret = msm_gem_new_impl(dev, size, flags, &obj);
647 if (ret)
648 goto fail;
649
650 if (use_pages(obj)) {
651 ret = drm_gem_object_init(dev, obj, size);
652 if (ret)
653 goto fail;
654 } else {
655 drm_gem_private_object_init(dev, obj, size);
656 }
657
658 return obj;
659
660fail:
661 if (obj)
662 drm_gem_object_unreference(obj);
663
664 return ERR_PTR(ret);
665}
666
667struct drm_gem_object *msm_gem_import(struct drm_device *dev,
668 uint32_t size, struct sg_table *sgt)
669{
670 struct msm_gem_object *msm_obj;
671 struct drm_gem_object *obj;
672 int ret, npages;
673
674 /* if we don't have IOMMU, don't bother pretending we can import: */
675 if (!iommu_present(&platform_bus_type)) {
676 dev_err(dev->dev, "cannot import without IOMMU\n");
677 return ERR_PTR(-EINVAL);
678 }
679
680 size = PAGE_ALIGN(size);
681
682 ret = msm_gem_new_impl(dev, size, MSM_BO_WC, &obj);
683 if (ret)
684 goto fail;
685
686 drm_gem_private_object_init(dev, obj, size);
687
688 npages = size / PAGE_SIZE;
689
690 msm_obj = to_msm_bo(obj);
691 msm_obj->sgt = sgt;
692 msm_obj->pages = drm_malloc_ab(npages, sizeof(struct page *));
693 if (!msm_obj->pages) {
694 ret = -ENOMEM;
695 goto fail;
696 }
697
698 ret = drm_prime_sg_to_page_addr_arrays(sgt, msm_obj->pages, NULL, npages);
699 if (ret)
700 goto fail;
701
702 return obj;
703
704fail:
705 if (obj)
706 drm_gem_object_unreference_unlocked(obj);
707
708 return ERR_PTR(ret);
709}
1// SPDX-License-Identifier: GPL-2.0-only
2/*
3 * Copyright (C) 2013 Red Hat
4 * Author: Rob Clark <robdclark@gmail.com>
5 */
6
7#include <linux/dma-map-ops.h>
8#include <linux/spinlock.h>
9#include <linux/shmem_fs.h>
10#include <linux/dma-buf.h>
11#include <linux/pfn_t.h>
12
13#include <drm/drm_prime.h>
14
15#include "msm_drv.h"
16#include "msm_fence.h"
17#include "msm_gem.h"
18#include "msm_gpu.h"
19#include "msm_mmu.h"
20
21static void update_inactive(struct msm_gem_object *msm_obj);
22
23static dma_addr_t physaddr(struct drm_gem_object *obj)
24{
25 struct msm_gem_object *msm_obj = to_msm_bo(obj);
26 struct msm_drm_private *priv = obj->dev->dev_private;
27 return (((dma_addr_t)msm_obj->vram_node->start) << PAGE_SHIFT) +
28 priv->vram.paddr;
29}
30
31static bool use_pages(struct drm_gem_object *obj)
32{
33 struct msm_gem_object *msm_obj = to_msm_bo(obj);
34 return !msm_obj->vram_node;
35}
36
37/*
38 * Cache sync.. this is a bit over-complicated, to fit dma-mapping
39 * API. Really GPU cache is out of scope here (handled on cmdstream)
40 * and all we need to do is invalidate newly allocated pages before
41 * mapping to CPU as uncached/writecombine.
42 *
43 * On top of this, we have the added headache, that depending on
44 * display generation, the display's iommu may be wired up to either
45 * the toplevel drm device (mdss), or to the mdp sub-node, meaning
46 * that here we either have dma-direct or iommu ops.
47 *
48 * Let this be a cautionary tail of abstraction gone wrong.
49 */
50
51static void sync_for_device(struct msm_gem_object *msm_obj)
52{
53 struct device *dev = msm_obj->base.dev->dev;
54
55 dma_map_sgtable(dev, msm_obj->sgt, DMA_BIDIRECTIONAL, 0);
56}
57
58static void sync_for_cpu(struct msm_gem_object *msm_obj)
59{
60 struct device *dev = msm_obj->base.dev->dev;
61
62 dma_unmap_sgtable(dev, msm_obj->sgt, DMA_BIDIRECTIONAL, 0);
63}
64
65/* allocate pages from VRAM carveout, used when no IOMMU: */
66static struct page **get_pages_vram(struct drm_gem_object *obj, int npages)
67{
68 struct msm_gem_object *msm_obj = to_msm_bo(obj);
69 struct msm_drm_private *priv = obj->dev->dev_private;
70 dma_addr_t paddr;
71 struct page **p;
72 int ret, i;
73
74 p = kvmalloc_array(npages, sizeof(struct page *), GFP_KERNEL);
75 if (!p)
76 return ERR_PTR(-ENOMEM);
77
78 spin_lock(&priv->vram.lock);
79 ret = drm_mm_insert_node(&priv->vram.mm, msm_obj->vram_node, npages);
80 spin_unlock(&priv->vram.lock);
81 if (ret) {
82 kvfree(p);
83 return ERR_PTR(ret);
84 }
85
86 paddr = physaddr(obj);
87 for (i = 0; i < npages; i++) {
88 p[i] = phys_to_page(paddr);
89 paddr += PAGE_SIZE;
90 }
91
92 return p;
93}
94
95static struct page **get_pages(struct drm_gem_object *obj)
96{
97 struct msm_gem_object *msm_obj = to_msm_bo(obj);
98
99 GEM_WARN_ON(!msm_gem_is_locked(obj));
100
101 if (!msm_obj->pages) {
102 struct drm_device *dev = obj->dev;
103 struct page **p;
104 int npages = obj->size >> PAGE_SHIFT;
105
106 if (use_pages(obj))
107 p = drm_gem_get_pages(obj);
108 else
109 p = get_pages_vram(obj, npages);
110
111 if (IS_ERR(p)) {
112 DRM_DEV_ERROR(dev->dev, "could not get pages: %ld\n",
113 PTR_ERR(p));
114 return p;
115 }
116
117 msm_obj->pages = p;
118
119 msm_obj->sgt = drm_prime_pages_to_sg(obj->dev, p, npages);
120 if (IS_ERR(msm_obj->sgt)) {
121 void *ptr = ERR_CAST(msm_obj->sgt);
122
123 DRM_DEV_ERROR(dev->dev, "failed to allocate sgt\n");
124 msm_obj->sgt = NULL;
125 return ptr;
126 }
127
128 /* For non-cached buffers, ensure the new pages are clean
129 * because display controller, GPU, etc. are not coherent:
130 */
131 if (msm_obj->flags & (MSM_BO_WC|MSM_BO_UNCACHED))
132 sync_for_device(msm_obj);
133
134 GEM_WARN_ON(msm_obj->active_count);
135 update_inactive(msm_obj);
136 }
137
138 return msm_obj->pages;
139}
140
141static void put_pages_vram(struct drm_gem_object *obj)
142{
143 struct msm_gem_object *msm_obj = to_msm_bo(obj);
144 struct msm_drm_private *priv = obj->dev->dev_private;
145
146 spin_lock(&priv->vram.lock);
147 drm_mm_remove_node(msm_obj->vram_node);
148 spin_unlock(&priv->vram.lock);
149
150 kvfree(msm_obj->pages);
151}
152
153static void put_pages(struct drm_gem_object *obj)
154{
155 struct msm_gem_object *msm_obj = to_msm_bo(obj);
156
157 if (msm_obj->pages) {
158 if (msm_obj->sgt) {
159 /* For non-cached buffers, ensure the new
160 * pages are clean because display controller,
161 * GPU, etc. are not coherent:
162 */
163 if (msm_obj->flags & (MSM_BO_WC|MSM_BO_UNCACHED))
164 sync_for_cpu(msm_obj);
165
166 sg_free_table(msm_obj->sgt);
167 kfree(msm_obj->sgt);
168 msm_obj->sgt = NULL;
169 }
170
171 if (use_pages(obj))
172 drm_gem_put_pages(obj, msm_obj->pages, true, false);
173 else
174 put_pages_vram(obj);
175
176 msm_obj->pages = NULL;
177 }
178}
179
180struct page **msm_gem_get_pages(struct drm_gem_object *obj)
181{
182 struct msm_gem_object *msm_obj = to_msm_bo(obj);
183 struct page **p;
184
185 msm_gem_lock(obj);
186
187 if (GEM_WARN_ON(msm_obj->madv != MSM_MADV_WILLNEED)) {
188 msm_gem_unlock(obj);
189 return ERR_PTR(-EBUSY);
190 }
191
192 p = get_pages(obj);
193
194 if (!IS_ERR(p)) {
195 msm_obj->pin_count++;
196 update_inactive(msm_obj);
197 }
198
199 msm_gem_unlock(obj);
200 return p;
201}
202
203void msm_gem_put_pages(struct drm_gem_object *obj)
204{
205 struct msm_gem_object *msm_obj = to_msm_bo(obj);
206
207 msm_gem_lock(obj);
208 msm_obj->pin_count--;
209 GEM_WARN_ON(msm_obj->pin_count < 0);
210 update_inactive(msm_obj);
211 msm_gem_unlock(obj);
212}
213
214static pgprot_t msm_gem_pgprot(struct msm_gem_object *msm_obj, pgprot_t prot)
215{
216 if (msm_obj->flags & (MSM_BO_WC|MSM_BO_UNCACHED))
217 return pgprot_writecombine(prot);
218 return prot;
219}
220
221int msm_gem_mmap_obj(struct drm_gem_object *obj,
222 struct vm_area_struct *vma)
223{
224 struct msm_gem_object *msm_obj = to_msm_bo(obj);
225
226 vma->vm_flags &= ~VM_PFNMAP;
227 vma->vm_flags |= VM_MIXEDMAP;
228 vma->vm_page_prot = msm_gem_pgprot(msm_obj, vm_get_page_prot(vma->vm_flags));
229
230 return 0;
231}
232
233int msm_gem_mmap(struct file *filp, struct vm_area_struct *vma)
234{
235 int ret;
236
237 ret = drm_gem_mmap(filp, vma);
238 if (ret) {
239 DBG("mmap failed: %d", ret);
240 return ret;
241 }
242
243 return msm_gem_mmap_obj(vma->vm_private_data, vma);
244}
245
246static vm_fault_t msm_gem_fault(struct vm_fault *vmf)
247{
248 struct vm_area_struct *vma = vmf->vma;
249 struct drm_gem_object *obj = vma->vm_private_data;
250 struct msm_gem_object *msm_obj = to_msm_bo(obj);
251 struct page **pages;
252 unsigned long pfn;
253 pgoff_t pgoff;
254 int err;
255 vm_fault_t ret;
256
257 /*
258 * vm_ops.open/drm_gem_mmap_obj and close get and put
259 * a reference on obj. So, we dont need to hold one here.
260 */
261 err = msm_gem_lock_interruptible(obj);
262 if (err) {
263 ret = VM_FAULT_NOPAGE;
264 goto out;
265 }
266
267 if (GEM_WARN_ON(msm_obj->madv != MSM_MADV_WILLNEED)) {
268 msm_gem_unlock(obj);
269 return VM_FAULT_SIGBUS;
270 }
271
272 /* make sure we have pages attached now */
273 pages = get_pages(obj);
274 if (IS_ERR(pages)) {
275 ret = vmf_error(PTR_ERR(pages));
276 goto out_unlock;
277 }
278
279 /* We don't use vmf->pgoff since that has the fake offset: */
280 pgoff = (vmf->address - vma->vm_start) >> PAGE_SHIFT;
281
282 pfn = page_to_pfn(pages[pgoff]);
283
284 VERB("Inserting %p pfn %lx, pa %lx", (void *)vmf->address,
285 pfn, pfn << PAGE_SHIFT);
286
287 ret = vmf_insert_mixed(vma, vmf->address, __pfn_to_pfn_t(pfn, PFN_DEV));
288out_unlock:
289 msm_gem_unlock(obj);
290out:
291 return ret;
292}
293
294/** get mmap offset */
295static uint64_t mmap_offset(struct drm_gem_object *obj)
296{
297 struct drm_device *dev = obj->dev;
298 int ret;
299
300 GEM_WARN_ON(!msm_gem_is_locked(obj));
301
302 /* Make it mmapable */
303 ret = drm_gem_create_mmap_offset(obj);
304
305 if (ret) {
306 DRM_DEV_ERROR(dev->dev, "could not allocate mmap offset\n");
307 return 0;
308 }
309
310 return drm_vma_node_offset_addr(&obj->vma_node);
311}
312
313uint64_t msm_gem_mmap_offset(struct drm_gem_object *obj)
314{
315 uint64_t offset;
316
317 msm_gem_lock(obj);
318 offset = mmap_offset(obj);
319 msm_gem_unlock(obj);
320 return offset;
321}
322
323static struct msm_gem_vma *add_vma(struct drm_gem_object *obj,
324 struct msm_gem_address_space *aspace)
325{
326 struct msm_gem_object *msm_obj = to_msm_bo(obj);
327 struct msm_gem_vma *vma;
328
329 GEM_WARN_ON(!msm_gem_is_locked(obj));
330
331 vma = kzalloc(sizeof(*vma), GFP_KERNEL);
332 if (!vma)
333 return ERR_PTR(-ENOMEM);
334
335 vma->aspace = aspace;
336
337 list_add_tail(&vma->list, &msm_obj->vmas);
338
339 return vma;
340}
341
342static struct msm_gem_vma *lookup_vma(struct drm_gem_object *obj,
343 struct msm_gem_address_space *aspace)
344{
345 struct msm_gem_object *msm_obj = to_msm_bo(obj);
346 struct msm_gem_vma *vma;
347
348 GEM_WARN_ON(!msm_gem_is_locked(obj));
349
350 list_for_each_entry(vma, &msm_obj->vmas, list) {
351 if (vma->aspace == aspace)
352 return vma;
353 }
354
355 return NULL;
356}
357
358static void del_vma(struct msm_gem_vma *vma)
359{
360 if (!vma)
361 return;
362
363 list_del(&vma->list);
364 kfree(vma);
365}
366
367/*
368 * If close is true, this also closes the VMA (releasing the allocated
369 * iova range) in addition to removing the iommu mapping. In the eviction
370 * case (!close), we keep the iova allocated, but only remove the iommu
371 * mapping.
372 */
373static void
374put_iova_spaces(struct drm_gem_object *obj, bool close)
375{
376 struct msm_gem_object *msm_obj = to_msm_bo(obj);
377 struct msm_gem_vma *vma;
378
379 GEM_WARN_ON(!msm_gem_is_locked(obj));
380
381 list_for_each_entry(vma, &msm_obj->vmas, list) {
382 if (vma->aspace) {
383 msm_gem_purge_vma(vma->aspace, vma);
384 if (close)
385 msm_gem_close_vma(vma->aspace, vma);
386 }
387 }
388}
389
390/* Called with msm_obj locked */
391static void
392put_iova_vmas(struct drm_gem_object *obj)
393{
394 struct msm_gem_object *msm_obj = to_msm_bo(obj);
395 struct msm_gem_vma *vma, *tmp;
396
397 GEM_WARN_ON(!msm_gem_is_locked(obj));
398
399 list_for_each_entry_safe(vma, tmp, &msm_obj->vmas, list) {
400 del_vma(vma);
401 }
402}
403
404static int get_iova_locked(struct drm_gem_object *obj,
405 struct msm_gem_address_space *aspace, uint64_t *iova,
406 u64 range_start, u64 range_end)
407{
408 struct msm_gem_vma *vma;
409 int ret = 0;
410
411 GEM_WARN_ON(!msm_gem_is_locked(obj));
412
413 vma = lookup_vma(obj, aspace);
414
415 if (!vma) {
416 vma = add_vma(obj, aspace);
417 if (IS_ERR(vma))
418 return PTR_ERR(vma);
419
420 ret = msm_gem_init_vma(aspace, vma, obj->size >> PAGE_SHIFT,
421 range_start, range_end);
422 if (ret) {
423 del_vma(vma);
424 return ret;
425 }
426 }
427
428 *iova = vma->iova;
429 return 0;
430}
431
432static int msm_gem_pin_iova(struct drm_gem_object *obj,
433 struct msm_gem_address_space *aspace)
434{
435 struct msm_gem_object *msm_obj = to_msm_bo(obj);
436 struct msm_gem_vma *vma;
437 struct page **pages;
438 int ret, prot = IOMMU_READ;
439
440 if (!(msm_obj->flags & MSM_BO_GPU_READONLY))
441 prot |= IOMMU_WRITE;
442
443 if (msm_obj->flags & MSM_BO_MAP_PRIV)
444 prot |= IOMMU_PRIV;
445
446 if (msm_obj->flags & MSM_BO_CACHED_COHERENT)
447 prot |= IOMMU_CACHE;
448
449 GEM_WARN_ON(!msm_gem_is_locked(obj));
450
451 if (GEM_WARN_ON(msm_obj->madv != MSM_MADV_WILLNEED))
452 return -EBUSY;
453
454 vma = lookup_vma(obj, aspace);
455 if (GEM_WARN_ON(!vma))
456 return -EINVAL;
457
458 pages = get_pages(obj);
459 if (IS_ERR(pages))
460 return PTR_ERR(pages);
461
462 ret = msm_gem_map_vma(aspace, vma, prot,
463 msm_obj->sgt, obj->size >> PAGE_SHIFT);
464
465 if (!ret)
466 msm_obj->pin_count++;
467
468 return ret;
469}
470
471static int get_and_pin_iova_range_locked(struct drm_gem_object *obj,
472 struct msm_gem_address_space *aspace, uint64_t *iova,
473 u64 range_start, u64 range_end)
474{
475 u64 local;
476 int ret;
477
478 GEM_WARN_ON(!msm_gem_is_locked(obj));
479
480 ret = get_iova_locked(obj, aspace, &local,
481 range_start, range_end);
482
483 if (!ret)
484 ret = msm_gem_pin_iova(obj, aspace);
485
486 if (!ret)
487 *iova = local;
488
489 return ret;
490}
491
492/*
493 * get iova and pin it. Should have a matching put
494 * limits iova to specified range (in pages)
495 */
496int msm_gem_get_and_pin_iova_range(struct drm_gem_object *obj,
497 struct msm_gem_address_space *aspace, uint64_t *iova,
498 u64 range_start, u64 range_end)
499{
500 int ret;
501
502 msm_gem_lock(obj);
503 ret = get_and_pin_iova_range_locked(obj, aspace, iova, range_start, range_end);
504 msm_gem_unlock(obj);
505
506 return ret;
507}
508
509int msm_gem_get_and_pin_iova_locked(struct drm_gem_object *obj,
510 struct msm_gem_address_space *aspace, uint64_t *iova)
511{
512 return get_and_pin_iova_range_locked(obj, aspace, iova, 0, U64_MAX);
513}
514
515/* get iova and pin it. Should have a matching put */
516int msm_gem_get_and_pin_iova(struct drm_gem_object *obj,
517 struct msm_gem_address_space *aspace, uint64_t *iova)
518{
519 return msm_gem_get_and_pin_iova_range(obj, aspace, iova, 0, U64_MAX);
520}
521
522/*
523 * Get an iova but don't pin it. Doesn't need a put because iovas are currently
524 * valid for the life of the object
525 */
526int msm_gem_get_iova(struct drm_gem_object *obj,
527 struct msm_gem_address_space *aspace, uint64_t *iova)
528{
529 int ret;
530
531 msm_gem_lock(obj);
532 ret = get_iova_locked(obj, aspace, iova, 0, U64_MAX);
533 msm_gem_unlock(obj);
534
535 return ret;
536}
537
538/* get iova without taking a reference, used in places where you have
539 * already done a 'msm_gem_get_and_pin_iova' or 'msm_gem_get_iova'
540 */
541uint64_t msm_gem_iova(struct drm_gem_object *obj,
542 struct msm_gem_address_space *aspace)
543{
544 struct msm_gem_vma *vma;
545
546 msm_gem_lock(obj);
547 vma = lookup_vma(obj, aspace);
548 msm_gem_unlock(obj);
549 GEM_WARN_ON(!vma);
550
551 return vma ? vma->iova : 0;
552}
553
554/*
555 * Locked variant of msm_gem_unpin_iova()
556 */
557void msm_gem_unpin_iova_locked(struct drm_gem_object *obj,
558 struct msm_gem_address_space *aspace)
559{
560 struct msm_gem_object *msm_obj = to_msm_bo(obj);
561 struct msm_gem_vma *vma;
562
563 GEM_WARN_ON(!msm_gem_is_locked(obj));
564
565 vma = lookup_vma(obj, aspace);
566
567 if (!GEM_WARN_ON(!vma)) {
568 msm_gem_unmap_vma(aspace, vma);
569
570 msm_obj->pin_count--;
571 GEM_WARN_ON(msm_obj->pin_count < 0);
572
573 update_inactive(msm_obj);
574 }
575}
576
577/*
578 * Unpin a iova by updating the reference counts. The memory isn't actually
579 * purged until something else (shrinker, mm_notifier, destroy, etc) decides
580 * to get rid of it
581 */
582void msm_gem_unpin_iova(struct drm_gem_object *obj,
583 struct msm_gem_address_space *aspace)
584{
585 msm_gem_lock(obj);
586 msm_gem_unpin_iova_locked(obj, aspace);
587 msm_gem_unlock(obj);
588}
589
590int msm_gem_dumb_create(struct drm_file *file, struct drm_device *dev,
591 struct drm_mode_create_dumb *args)
592{
593 args->pitch = align_pitch(args->width, args->bpp);
594 args->size = PAGE_ALIGN(args->pitch * args->height);
595 return msm_gem_new_handle(dev, file, args->size,
596 MSM_BO_SCANOUT | MSM_BO_WC, &args->handle, "dumb");
597}
598
599int msm_gem_dumb_map_offset(struct drm_file *file, struct drm_device *dev,
600 uint32_t handle, uint64_t *offset)
601{
602 struct drm_gem_object *obj;
603 int ret = 0;
604
605 /* GEM does all our handle to object mapping */
606 obj = drm_gem_object_lookup(file, handle);
607 if (obj == NULL) {
608 ret = -ENOENT;
609 goto fail;
610 }
611
612 *offset = msm_gem_mmap_offset(obj);
613
614 drm_gem_object_put(obj);
615
616fail:
617 return ret;
618}
619
620static void *get_vaddr(struct drm_gem_object *obj, unsigned madv)
621{
622 struct msm_gem_object *msm_obj = to_msm_bo(obj);
623 int ret = 0;
624
625 GEM_WARN_ON(!msm_gem_is_locked(obj));
626
627 if (obj->import_attach)
628 return ERR_PTR(-ENODEV);
629
630 if (GEM_WARN_ON(msm_obj->madv > madv)) {
631 DRM_DEV_ERROR(obj->dev->dev, "Invalid madv state: %u vs %u\n",
632 msm_obj->madv, madv);
633 return ERR_PTR(-EBUSY);
634 }
635
636 /* increment vmap_count *before* vmap() call, so shrinker can
637 * check vmap_count (is_vunmapable()) outside of msm_obj lock.
638 * This guarantees that we won't try to msm_gem_vunmap() this
639 * same object from within the vmap() call (while we already
640 * hold msm_obj lock)
641 */
642 msm_obj->vmap_count++;
643
644 if (!msm_obj->vaddr) {
645 struct page **pages = get_pages(obj);
646 if (IS_ERR(pages)) {
647 ret = PTR_ERR(pages);
648 goto fail;
649 }
650 msm_obj->vaddr = vmap(pages, obj->size >> PAGE_SHIFT,
651 VM_MAP, msm_gem_pgprot(msm_obj, PAGE_KERNEL));
652 if (msm_obj->vaddr == NULL) {
653 ret = -ENOMEM;
654 goto fail;
655 }
656
657 update_inactive(msm_obj);
658 }
659
660 return msm_obj->vaddr;
661
662fail:
663 msm_obj->vmap_count--;
664 return ERR_PTR(ret);
665}
666
667void *msm_gem_get_vaddr_locked(struct drm_gem_object *obj)
668{
669 return get_vaddr(obj, MSM_MADV_WILLNEED);
670}
671
672void *msm_gem_get_vaddr(struct drm_gem_object *obj)
673{
674 void *ret;
675
676 msm_gem_lock(obj);
677 ret = msm_gem_get_vaddr_locked(obj);
678 msm_gem_unlock(obj);
679
680 return ret;
681}
682
683/*
684 * Don't use this! It is for the very special case of dumping
685 * submits from GPU hangs or faults, were the bo may already
686 * be MSM_MADV_DONTNEED, but we know the buffer is still on the
687 * active list.
688 */
689void *msm_gem_get_vaddr_active(struct drm_gem_object *obj)
690{
691 return get_vaddr(obj, __MSM_MADV_PURGED);
692}
693
694void msm_gem_put_vaddr_locked(struct drm_gem_object *obj)
695{
696 struct msm_gem_object *msm_obj = to_msm_bo(obj);
697
698 GEM_WARN_ON(!msm_gem_is_locked(obj));
699 GEM_WARN_ON(msm_obj->vmap_count < 1);
700
701 msm_obj->vmap_count--;
702}
703
704void msm_gem_put_vaddr(struct drm_gem_object *obj)
705{
706 msm_gem_lock(obj);
707 msm_gem_put_vaddr_locked(obj);
708 msm_gem_unlock(obj);
709}
710
711/* Update madvise status, returns true if not purged, else
712 * false or -errno.
713 */
714int msm_gem_madvise(struct drm_gem_object *obj, unsigned madv)
715{
716 struct msm_gem_object *msm_obj = to_msm_bo(obj);
717
718 msm_gem_lock(obj);
719
720 if (msm_obj->madv != __MSM_MADV_PURGED)
721 msm_obj->madv = madv;
722
723 madv = msm_obj->madv;
724
725 /* If the obj is inactive, we might need to move it
726 * between inactive lists
727 */
728 if (msm_obj->active_count == 0)
729 update_inactive(msm_obj);
730
731 msm_gem_unlock(obj);
732
733 return (madv != __MSM_MADV_PURGED);
734}
735
736void msm_gem_purge(struct drm_gem_object *obj)
737{
738 struct drm_device *dev = obj->dev;
739 struct msm_gem_object *msm_obj = to_msm_bo(obj);
740
741 GEM_WARN_ON(!msm_gem_is_locked(obj));
742 GEM_WARN_ON(!is_purgeable(msm_obj));
743
744 /* Get rid of any iommu mapping(s): */
745 put_iova_spaces(obj, true);
746
747 msm_gem_vunmap(obj);
748
749 drm_vma_node_unmap(&obj->vma_node, dev->anon_inode->i_mapping);
750
751 put_pages(obj);
752
753 put_iova_vmas(obj);
754
755 msm_obj->madv = __MSM_MADV_PURGED;
756 update_inactive(msm_obj);
757
758 drm_gem_free_mmap_offset(obj);
759
760 /* Our goal here is to return as much of the memory as
761 * is possible back to the system as we are called from OOM.
762 * To do this we must instruct the shmfs to drop all of its
763 * backing pages, *now*.
764 */
765 shmem_truncate_range(file_inode(obj->filp), 0, (loff_t)-1);
766
767 invalidate_mapping_pages(file_inode(obj->filp)->i_mapping,
768 0, (loff_t)-1);
769}
770
771/*
772 * Unpin the backing pages and make them available to be swapped out.
773 */
774void msm_gem_evict(struct drm_gem_object *obj)
775{
776 struct drm_device *dev = obj->dev;
777 struct msm_gem_object *msm_obj = to_msm_bo(obj);
778
779 GEM_WARN_ON(!msm_gem_is_locked(obj));
780 GEM_WARN_ON(is_unevictable(msm_obj));
781 GEM_WARN_ON(!msm_obj->evictable);
782 GEM_WARN_ON(msm_obj->active_count);
783
784 /* Get rid of any iommu mapping(s): */
785 put_iova_spaces(obj, false);
786
787 drm_vma_node_unmap(&obj->vma_node, dev->anon_inode->i_mapping);
788
789 put_pages(obj);
790
791 update_inactive(msm_obj);
792}
793
794void msm_gem_vunmap(struct drm_gem_object *obj)
795{
796 struct msm_gem_object *msm_obj = to_msm_bo(obj);
797
798 GEM_WARN_ON(!msm_gem_is_locked(obj));
799
800 if (!msm_obj->vaddr || GEM_WARN_ON(!is_vunmapable(msm_obj)))
801 return;
802
803 vunmap(msm_obj->vaddr);
804 msm_obj->vaddr = NULL;
805}
806
807/* must be called before _move_to_active().. */
808int msm_gem_sync_object(struct drm_gem_object *obj,
809 struct msm_fence_context *fctx, bool exclusive)
810{
811 struct dma_resv_list *fobj;
812 struct dma_fence *fence;
813 int i, ret;
814
815 fobj = dma_resv_shared_list(obj->resv);
816 if (!fobj || (fobj->shared_count == 0)) {
817 fence = dma_resv_excl_fence(obj->resv);
818 /* don't need to wait on our own fences, since ring is fifo */
819 if (fence && (fence->context != fctx->context)) {
820 ret = dma_fence_wait(fence, true);
821 if (ret)
822 return ret;
823 }
824 }
825
826 if (!exclusive || !fobj)
827 return 0;
828
829 for (i = 0; i < fobj->shared_count; i++) {
830 fence = rcu_dereference_protected(fobj->shared[i],
831 dma_resv_held(obj->resv));
832 if (fence->context != fctx->context) {
833 ret = dma_fence_wait(fence, true);
834 if (ret)
835 return ret;
836 }
837 }
838
839 return 0;
840}
841
842void msm_gem_active_get(struct drm_gem_object *obj, struct msm_gpu *gpu)
843{
844 struct msm_gem_object *msm_obj = to_msm_bo(obj);
845 struct msm_drm_private *priv = obj->dev->dev_private;
846
847 might_sleep();
848 GEM_WARN_ON(!msm_gem_is_locked(obj));
849 GEM_WARN_ON(msm_obj->madv != MSM_MADV_WILLNEED);
850 GEM_WARN_ON(msm_obj->dontneed);
851 GEM_WARN_ON(!msm_obj->sgt);
852
853 if (msm_obj->active_count++ == 0) {
854 mutex_lock(&priv->mm_lock);
855 if (msm_obj->evictable)
856 mark_unevictable(msm_obj);
857 list_del(&msm_obj->mm_list);
858 list_add_tail(&msm_obj->mm_list, &gpu->active_list);
859 mutex_unlock(&priv->mm_lock);
860 }
861}
862
863void msm_gem_active_put(struct drm_gem_object *obj)
864{
865 struct msm_gem_object *msm_obj = to_msm_bo(obj);
866
867 might_sleep();
868 GEM_WARN_ON(!msm_gem_is_locked(obj));
869
870 if (--msm_obj->active_count == 0) {
871 update_inactive(msm_obj);
872 }
873}
874
875static void update_inactive(struct msm_gem_object *msm_obj)
876{
877 struct msm_drm_private *priv = msm_obj->base.dev->dev_private;
878
879 GEM_WARN_ON(!msm_gem_is_locked(&msm_obj->base));
880
881 if (msm_obj->active_count != 0)
882 return;
883
884 mutex_lock(&priv->mm_lock);
885
886 if (msm_obj->dontneed)
887 mark_unpurgeable(msm_obj);
888 if (msm_obj->evictable)
889 mark_unevictable(msm_obj);
890
891 list_del(&msm_obj->mm_list);
892 if ((msm_obj->madv == MSM_MADV_WILLNEED) && msm_obj->sgt) {
893 list_add_tail(&msm_obj->mm_list, &priv->inactive_willneed);
894 mark_evictable(msm_obj);
895 } else if (msm_obj->madv == MSM_MADV_DONTNEED) {
896 list_add_tail(&msm_obj->mm_list, &priv->inactive_dontneed);
897 mark_purgeable(msm_obj);
898 } else {
899 GEM_WARN_ON((msm_obj->madv != __MSM_MADV_PURGED) && msm_obj->sgt);
900 list_add_tail(&msm_obj->mm_list, &priv->inactive_unpinned);
901 }
902
903 mutex_unlock(&priv->mm_lock);
904}
905
906int msm_gem_cpu_prep(struct drm_gem_object *obj, uint32_t op, ktime_t *timeout)
907{
908 bool write = !!(op & MSM_PREP_WRITE);
909 unsigned long remain =
910 op & MSM_PREP_NOSYNC ? 0 : timeout_to_jiffies(timeout);
911 long ret;
912
913 ret = dma_resv_wait_timeout(obj->resv, write, true, remain);
914 if (ret == 0)
915 return remain == 0 ? -EBUSY : -ETIMEDOUT;
916 else if (ret < 0)
917 return ret;
918
919 /* TODO cache maintenance */
920
921 return 0;
922}
923
924int msm_gem_cpu_fini(struct drm_gem_object *obj)
925{
926 /* TODO cache maintenance */
927 return 0;
928}
929
930#ifdef CONFIG_DEBUG_FS
931static void describe_fence(struct dma_fence *fence, const char *type,
932 struct seq_file *m)
933{
934 if (!dma_fence_is_signaled(fence))
935 seq_printf(m, "\t%9s: %s %s seq %llu\n", type,
936 fence->ops->get_driver_name(fence),
937 fence->ops->get_timeline_name(fence),
938 fence->seqno);
939}
940
941void msm_gem_describe(struct drm_gem_object *obj, struct seq_file *m,
942 struct msm_gem_stats *stats)
943{
944 struct msm_gem_object *msm_obj = to_msm_bo(obj);
945 struct dma_resv *robj = obj->resv;
946 struct dma_resv_list *fobj;
947 struct dma_fence *fence;
948 struct msm_gem_vma *vma;
949 uint64_t off = drm_vma_node_start(&obj->vma_node);
950 const char *madv;
951
952 msm_gem_lock(obj);
953
954 stats->all.count++;
955 stats->all.size += obj->size;
956
957 if (is_active(msm_obj)) {
958 stats->active.count++;
959 stats->active.size += obj->size;
960 }
961
962 if (msm_obj->pages) {
963 stats->resident.count++;
964 stats->resident.size += obj->size;
965 }
966
967 switch (msm_obj->madv) {
968 case __MSM_MADV_PURGED:
969 stats->purged.count++;
970 stats->purged.size += obj->size;
971 madv = " purged";
972 break;
973 case MSM_MADV_DONTNEED:
974 stats->purgeable.count++;
975 stats->purgeable.size += obj->size;
976 madv = " purgeable";
977 break;
978 case MSM_MADV_WILLNEED:
979 default:
980 madv = "";
981 break;
982 }
983
984 seq_printf(m, "%08x: %c %2d (%2d) %08llx %p",
985 msm_obj->flags, is_active(msm_obj) ? 'A' : 'I',
986 obj->name, kref_read(&obj->refcount),
987 off, msm_obj->vaddr);
988
989 seq_printf(m, " %08zu %9s %-32s\n", obj->size, madv, msm_obj->name);
990
991 if (!list_empty(&msm_obj->vmas)) {
992
993 seq_puts(m, " vmas:");
994
995 list_for_each_entry(vma, &msm_obj->vmas, list) {
996 const char *name, *comm;
997 if (vma->aspace) {
998 struct msm_gem_address_space *aspace = vma->aspace;
999 struct task_struct *task =
1000 get_pid_task(aspace->pid, PIDTYPE_PID);
1001 if (task) {
1002 comm = kstrdup(task->comm, GFP_KERNEL);
1003 } else {
1004 comm = NULL;
1005 }
1006 name = aspace->name;
1007 } else {
1008 name = comm = NULL;
1009 }
1010 seq_printf(m, " [%s%s%s: aspace=%p, %08llx,%s,inuse=%d]",
1011 name, comm ? ":" : "", comm ? comm : "",
1012 vma->aspace, vma->iova,
1013 vma->mapped ? "mapped" : "unmapped",
1014 vma->inuse);
1015 kfree(comm);
1016 }
1017
1018 seq_puts(m, "\n");
1019 }
1020
1021 rcu_read_lock();
1022 fobj = dma_resv_shared_list(robj);
1023 if (fobj) {
1024 unsigned int i, shared_count = fobj->shared_count;
1025
1026 for (i = 0; i < shared_count; i++) {
1027 fence = rcu_dereference(fobj->shared[i]);
1028 describe_fence(fence, "Shared", m);
1029 }
1030 }
1031
1032 fence = dma_resv_excl_fence(robj);
1033 if (fence)
1034 describe_fence(fence, "Exclusive", m);
1035 rcu_read_unlock();
1036
1037 msm_gem_unlock(obj);
1038}
1039
1040void msm_gem_describe_objects(struct list_head *list, struct seq_file *m)
1041{
1042 struct msm_gem_stats stats = {};
1043 struct msm_gem_object *msm_obj;
1044
1045 seq_puts(m, " flags id ref offset kaddr size madv name\n");
1046 list_for_each_entry(msm_obj, list, node) {
1047 struct drm_gem_object *obj = &msm_obj->base;
1048 seq_puts(m, " ");
1049 msm_gem_describe(obj, m, &stats);
1050 }
1051
1052 seq_printf(m, "Total: %4d objects, %9zu bytes\n",
1053 stats.all.count, stats.all.size);
1054 seq_printf(m, "Active: %4d objects, %9zu bytes\n",
1055 stats.active.count, stats.active.size);
1056 seq_printf(m, "Resident: %4d objects, %9zu bytes\n",
1057 stats.resident.count, stats.resident.size);
1058 seq_printf(m, "Purgeable: %4d objects, %9zu bytes\n",
1059 stats.purgeable.count, stats.purgeable.size);
1060 seq_printf(m, "Purged: %4d objects, %9zu bytes\n",
1061 stats.purged.count, stats.purged.size);
1062}
1063#endif
1064
1065/* don't call directly! Use drm_gem_object_put_locked() and friends */
1066void msm_gem_free_object(struct drm_gem_object *obj)
1067{
1068 struct msm_gem_object *msm_obj = to_msm_bo(obj);
1069 struct drm_device *dev = obj->dev;
1070 struct msm_drm_private *priv = dev->dev_private;
1071
1072 mutex_lock(&priv->obj_lock);
1073 list_del(&msm_obj->node);
1074 mutex_unlock(&priv->obj_lock);
1075
1076 mutex_lock(&priv->mm_lock);
1077 if (msm_obj->dontneed)
1078 mark_unpurgeable(msm_obj);
1079 list_del(&msm_obj->mm_list);
1080 mutex_unlock(&priv->mm_lock);
1081
1082 msm_gem_lock(obj);
1083
1084 /* object should not be on active list: */
1085 GEM_WARN_ON(is_active(msm_obj));
1086
1087 put_iova_spaces(obj, true);
1088
1089 if (obj->import_attach) {
1090 GEM_WARN_ON(msm_obj->vaddr);
1091
1092 /* Don't drop the pages for imported dmabuf, as they are not
1093 * ours, just free the array we allocated:
1094 */
1095 kvfree(msm_obj->pages);
1096
1097 put_iova_vmas(obj);
1098
1099 /* dma_buf_detach() grabs resv lock, so we need to unlock
1100 * prior to drm_prime_gem_destroy
1101 */
1102 msm_gem_unlock(obj);
1103
1104 drm_prime_gem_destroy(obj, msm_obj->sgt);
1105 } else {
1106 msm_gem_vunmap(obj);
1107 put_pages(obj);
1108 put_iova_vmas(obj);
1109 msm_gem_unlock(obj);
1110 }
1111
1112 drm_gem_object_release(obj);
1113
1114 kfree(msm_obj);
1115}
1116
1117/* convenience method to construct a GEM buffer object, and userspace handle */
1118int msm_gem_new_handle(struct drm_device *dev, struct drm_file *file,
1119 uint32_t size, uint32_t flags, uint32_t *handle,
1120 char *name)
1121{
1122 struct drm_gem_object *obj;
1123 int ret;
1124
1125 obj = msm_gem_new(dev, size, flags);
1126
1127 if (IS_ERR(obj))
1128 return PTR_ERR(obj);
1129
1130 if (name)
1131 msm_gem_object_set_name(obj, "%s", name);
1132
1133 ret = drm_gem_handle_create(file, obj, handle);
1134
1135 /* drop reference from allocate - handle holds it now */
1136 drm_gem_object_put(obj);
1137
1138 return ret;
1139}
1140
1141static const struct vm_operations_struct vm_ops = {
1142 .fault = msm_gem_fault,
1143 .open = drm_gem_vm_open,
1144 .close = drm_gem_vm_close,
1145};
1146
1147static const struct drm_gem_object_funcs msm_gem_object_funcs = {
1148 .free = msm_gem_free_object,
1149 .pin = msm_gem_prime_pin,
1150 .unpin = msm_gem_prime_unpin,
1151 .get_sg_table = msm_gem_prime_get_sg_table,
1152 .vmap = msm_gem_prime_vmap,
1153 .vunmap = msm_gem_prime_vunmap,
1154 .vm_ops = &vm_ops,
1155};
1156
1157static int msm_gem_new_impl(struct drm_device *dev,
1158 uint32_t size, uint32_t flags,
1159 struct drm_gem_object **obj)
1160{
1161 struct msm_drm_private *priv = dev->dev_private;
1162 struct msm_gem_object *msm_obj;
1163
1164 switch (flags & MSM_BO_CACHE_MASK) {
1165 case MSM_BO_UNCACHED:
1166 case MSM_BO_CACHED:
1167 case MSM_BO_WC:
1168 break;
1169 case MSM_BO_CACHED_COHERENT:
1170 if (priv->has_cached_coherent)
1171 break;
1172 fallthrough;
1173 default:
1174 DRM_DEV_ERROR(dev->dev, "invalid cache flag: %x\n",
1175 (flags & MSM_BO_CACHE_MASK));
1176 return -EINVAL;
1177 }
1178
1179 msm_obj = kzalloc(sizeof(*msm_obj), GFP_KERNEL);
1180 if (!msm_obj)
1181 return -ENOMEM;
1182
1183 msm_obj->flags = flags;
1184 msm_obj->madv = MSM_MADV_WILLNEED;
1185
1186 INIT_LIST_HEAD(&msm_obj->submit_entry);
1187 INIT_LIST_HEAD(&msm_obj->vmas);
1188
1189 *obj = &msm_obj->base;
1190 (*obj)->funcs = &msm_gem_object_funcs;
1191
1192 return 0;
1193}
1194
1195static struct drm_gem_object *_msm_gem_new(struct drm_device *dev,
1196 uint32_t size, uint32_t flags, bool struct_mutex_locked)
1197{
1198 struct msm_drm_private *priv = dev->dev_private;
1199 struct msm_gem_object *msm_obj;
1200 struct drm_gem_object *obj = NULL;
1201 bool use_vram = false;
1202 int ret;
1203
1204 size = PAGE_ALIGN(size);
1205
1206 if (!msm_use_mmu(dev))
1207 use_vram = true;
1208 else if ((flags & (MSM_BO_STOLEN | MSM_BO_SCANOUT)) && priv->vram.size)
1209 use_vram = true;
1210
1211 if (GEM_WARN_ON(use_vram && !priv->vram.size))
1212 return ERR_PTR(-EINVAL);
1213
1214 /* Disallow zero sized objects as they make the underlying
1215 * infrastructure grumpy
1216 */
1217 if (size == 0)
1218 return ERR_PTR(-EINVAL);
1219
1220 ret = msm_gem_new_impl(dev, size, flags, &obj);
1221 if (ret)
1222 goto fail;
1223
1224 msm_obj = to_msm_bo(obj);
1225
1226 if (use_vram) {
1227 struct msm_gem_vma *vma;
1228 struct page **pages;
1229
1230 drm_gem_private_object_init(dev, obj, size);
1231
1232 msm_gem_lock(obj);
1233
1234 vma = add_vma(obj, NULL);
1235 msm_gem_unlock(obj);
1236 if (IS_ERR(vma)) {
1237 ret = PTR_ERR(vma);
1238 goto fail;
1239 }
1240
1241 to_msm_bo(obj)->vram_node = &vma->node;
1242
1243 /* Call chain get_pages() -> update_inactive() tries to
1244 * access msm_obj->mm_list, but it is not initialized yet.
1245 * To avoid NULL pointer dereference error, initialize
1246 * mm_list to be empty.
1247 */
1248 INIT_LIST_HEAD(&msm_obj->mm_list);
1249
1250 msm_gem_lock(obj);
1251 pages = get_pages(obj);
1252 msm_gem_unlock(obj);
1253 if (IS_ERR(pages)) {
1254 ret = PTR_ERR(pages);
1255 goto fail;
1256 }
1257
1258 vma->iova = physaddr(obj);
1259 } else {
1260 ret = drm_gem_object_init(dev, obj, size);
1261 if (ret)
1262 goto fail;
1263 /*
1264 * Our buffers are kept pinned, so allocating them from the
1265 * MOVABLE zone is a really bad idea, and conflicts with CMA.
1266 * See comments above new_inode() why this is required _and_
1267 * expected if you're going to pin these pages.
1268 */
1269 mapping_set_gfp_mask(obj->filp->f_mapping, GFP_HIGHUSER);
1270 }
1271
1272 mutex_lock(&priv->mm_lock);
1273 list_add_tail(&msm_obj->mm_list, &priv->inactive_unpinned);
1274 mutex_unlock(&priv->mm_lock);
1275
1276 mutex_lock(&priv->obj_lock);
1277 list_add_tail(&msm_obj->node, &priv->objects);
1278 mutex_unlock(&priv->obj_lock);
1279
1280 return obj;
1281
1282fail:
1283 if (struct_mutex_locked) {
1284 drm_gem_object_put_locked(obj);
1285 } else {
1286 drm_gem_object_put(obj);
1287 }
1288 return ERR_PTR(ret);
1289}
1290
1291struct drm_gem_object *msm_gem_new_locked(struct drm_device *dev,
1292 uint32_t size, uint32_t flags)
1293{
1294 return _msm_gem_new(dev, size, flags, true);
1295}
1296
1297struct drm_gem_object *msm_gem_new(struct drm_device *dev,
1298 uint32_t size, uint32_t flags)
1299{
1300 return _msm_gem_new(dev, size, flags, false);
1301}
1302
1303struct drm_gem_object *msm_gem_import(struct drm_device *dev,
1304 struct dma_buf *dmabuf, struct sg_table *sgt)
1305{
1306 struct msm_drm_private *priv = dev->dev_private;
1307 struct msm_gem_object *msm_obj;
1308 struct drm_gem_object *obj;
1309 uint32_t size;
1310 int ret, npages;
1311
1312 /* if we don't have IOMMU, don't bother pretending we can import: */
1313 if (!msm_use_mmu(dev)) {
1314 DRM_DEV_ERROR(dev->dev, "cannot import without IOMMU\n");
1315 return ERR_PTR(-EINVAL);
1316 }
1317
1318 size = PAGE_ALIGN(dmabuf->size);
1319
1320 ret = msm_gem_new_impl(dev, size, MSM_BO_WC, &obj);
1321 if (ret)
1322 goto fail;
1323
1324 drm_gem_private_object_init(dev, obj, size);
1325
1326 npages = size / PAGE_SIZE;
1327
1328 msm_obj = to_msm_bo(obj);
1329 msm_gem_lock(obj);
1330 msm_obj->sgt = sgt;
1331 msm_obj->pages = kvmalloc_array(npages, sizeof(struct page *), GFP_KERNEL);
1332 if (!msm_obj->pages) {
1333 msm_gem_unlock(obj);
1334 ret = -ENOMEM;
1335 goto fail;
1336 }
1337
1338 ret = drm_prime_sg_to_page_array(sgt, msm_obj->pages, npages);
1339 if (ret) {
1340 msm_gem_unlock(obj);
1341 goto fail;
1342 }
1343
1344 msm_gem_unlock(obj);
1345
1346 mutex_lock(&priv->mm_lock);
1347 list_add_tail(&msm_obj->mm_list, &priv->inactive_unpinned);
1348 mutex_unlock(&priv->mm_lock);
1349
1350 mutex_lock(&priv->obj_lock);
1351 list_add_tail(&msm_obj->node, &priv->objects);
1352 mutex_unlock(&priv->obj_lock);
1353
1354 return obj;
1355
1356fail:
1357 drm_gem_object_put(obj);
1358 return ERR_PTR(ret);
1359}
1360
1361static void *_msm_gem_kernel_new(struct drm_device *dev, uint32_t size,
1362 uint32_t flags, struct msm_gem_address_space *aspace,
1363 struct drm_gem_object **bo, uint64_t *iova, bool locked)
1364{
1365 void *vaddr;
1366 struct drm_gem_object *obj = _msm_gem_new(dev, size, flags, locked);
1367 int ret;
1368
1369 if (IS_ERR(obj))
1370 return ERR_CAST(obj);
1371
1372 if (iova) {
1373 ret = msm_gem_get_and_pin_iova(obj, aspace, iova);
1374 if (ret)
1375 goto err;
1376 }
1377
1378 vaddr = msm_gem_get_vaddr(obj);
1379 if (IS_ERR(vaddr)) {
1380 msm_gem_unpin_iova(obj, aspace);
1381 ret = PTR_ERR(vaddr);
1382 goto err;
1383 }
1384
1385 if (bo)
1386 *bo = obj;
1387
1388 return vaddr;
1389err:
1390 if (locked)
1391 drm_gem_object_put_locked(obj);
1392 else
1393 drm_gem_object_put(obj);
1394
1395 return ERR_PTR(ret);
1396
1397}
1398
1399void *msm_gem_kernel_new(struct drm_device *dev, uint32_t size,
1400 uint32_t flags, struct msm_gem_address_space *aspace,
1401 struct drm_gem_object **bo, uint64_t *iova)
1402{
1403 return _msm_gem_kernel_new(dev, size, flags, aspace, bo, iova, false);
1404}
1405
1406void *msm_gem_kernel_new_locked(struct drm_device *dev, uint32_t size,
1407 uint32_t flags, struct msm_gem_address_space *aspace,
1408 struct drm_gem_object **bo, uint64_t *iova)
1409{
1410 return _msm_gem_kernel_new(dev, size, flags, aspace, bo, iova, true);
1411}
1412
1413void msm_gem_kernel_put(struct drm_gem_object *bo,
1414 struct msm_gem_address_space *aspace, bool locked)
1415{
1416 if (IS_ERR_OR_NULL(bo))
1417 return;
1418
1419 msm_gem_put_vaddr(bo);
1420 msm_gem_unpin_iova(bo, aspace);
1421
1422 if (locked)
1423 drm_gem_object_put_locked(bo);
1424 else
1425 drm_gem_object_put(bo);
1426}
1427
1428void msm_gem_object_set_name(struct drm_gem_object *bo, const char *fmt, ...)
1429{
1430 struct msm_gem_object *msm_obj = to_msm_bo(bo);
1431 va_list ap;
1432
1433 if (!fmt)
1434 return;
1435
1436 va_start(ap, fmt);
1437 vsnprintf(msm_obj->name, sizeof(msm_obj->name), fmt, ap);
1438 va_end(ap);
1439}