Merge tag 'arm-smmu-updates' of...

              - qcom,sdm630-smmu-v2

              - qcom,sdm845-smmu-v2

              - qcom,sm6350-smmu-v2

              - qcom,sm7150-smmu-v2

          - const: qcom,adreno-smmu

          - const: qcom,smmu-v2

      - description: Qcom Adreno GPUs on Google Cheza platform

          contains:

            enum:

              - qcom,msm8998-smmu-v2

              - qcom,sdm630-smmu-v2

    then:

      anyOf:

        - properties:

        compatible:

          contains:

            enum:

              - qcom,sdm630-smmu-v2

              - qcom,sm6375-smmu-v2

    then:

      anyOf:

          contains:

            enum:

              - qcom,sm6350-smmu-v2

              - qcom,sm7150-smmu-v2

              - qcom,sm8150-smmu-500

              - qcom,sm8250-smmu-500

    then:

#define mn_to_smmu(mn) container_of(mn, struct arm_smmu_mmu_notifier, mn)

struct arm_smmu_bond {

	struct iommu_sva		sva;

	struct mm_struct		*mm;

	struct arm_smmu_mmu_notifier	*smmu_mn;

	struct list_head		list;

	refcount_t			refs;

};

#define sva_to_bond(handle) \

static DEFINE_MUTEX(sva_lock);

/*

 * Write the CD to the CD tables for all masters that this domain is attached

 * to. Note that this is only used to update existing CD entries in the target

 * CD table, for which it's assumed that arm_smmu_write_ctx_desc can't fail.

 */

static void arm_smmu_update_ctx_desc_devices(struct arm_smmu_domain *smmu_domain,

					   int ssid,

					   struct arm_smmu_ctx_desc *cd)

{

	struct arm_smmu_master *master;

	unsigned long flags;

	spin_lock_irqsave(&smmu_domain->devices_lock, flags);

	list_for_each_entry(master, &smmu_domain->devices, domain_head) {

		arm_smmu_write_ctx_desc(master, ssid, cd);

	}

	spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);

}

/*

 * Check if the CPU ASID is available on the SMMU side. If a private context

 * descriptor is using it, try to replace it.

		return cd;

	}

	smmu_domain = container_of(cd, struct arm_smmu_domain, s1_cfg.cd);

	smmu_domain = container_of(cd, struct arm_smmu_domain, cd);

	smmu = smmu_domain->smmu;

	ret = xa_alloc(&arm_smmu_asid_xa, &new_asid, cd,

	 * be some overlap between use of both ASIDs, until we invalidate the

	 * TLB.

	 */

	arm_smmu_write_ctx_desc(smmu_domain, IOMMU_NO_PASID, cd);

	arm_smmu_update_ctx_desc_devices(smmu_domain, IOMMU_NO_PASID, cd);

	/* Invalidate TLB entries previously associated with that context */

	arm_smmu_tlb_inv_asid(smmu, asid);

	}

}

/*

 * Cloned from the MAX_TLBI_OPS in arch/arm64/include/asm/tlbflush.h, this

 * is used as a threshold to replace per-page TLBI commands to issue in the

 * command queue with an address-space TLBI command, when SMMU w/o a range

 * invalidation feature handles too many per-page TLBI commands, which will

 * otherwise result in a soft lockup.

 */

#define CMDQ_MAX_TLBI_OPS		(1 << (PAGE_SHIFT - 3))

static void arm_smmu_mm_arch_invalidate_secondary_tlbs(struct mmu_notifier *mn,

						struct mm_struct *mm,

						unsigned long start,

	 * range. So do a simple translation here by calculating size correctly.

	 */

	size = end - start;

	if (!(smmu_domain->smmu->features & ARM_SMMU_FEAT_RANGE_INV)) {

		if (size >= CMDQ_MAX_TLBI_OPS * PAGE_SIZE)

			size = 0;

	} else {

		if (size == ULONG_MAX)

			size = 0;

	}

	if (!(smmu_domain->smmu->features & ARM_SMMU_FEAT_BTM)) {

		if (!size)

	 * DMA may still be running. Keep the cd valid to avoid C_BAD_CD events,

	 * but disable translation.

	 */

	arm_smmu_write_ctx_desc(smmu_domain, mm->pasid, &quiet_cd);

	arm_smmu_update_ctx_desc_devices(smmu_domain, mm->pasid, &quiet_cd);

	arm_smmu_tlb_inv_asid(smmu_domain->smmu, smmu_mn->cd->asid);

	arm_smmu_atc_inv_domain(smmu_domain, mm->pasid, 0, 0);

			  struct mm_struct *mm)

{

	int ret;

	unsigned long flags;

	struct arm_smmu_ctx_desc *cd;

	struct arm_smmu_mmu_notifier *smmu_mn;

	struct arm_smmu_master *master;

	list_for_each_entry(smmu_mn, &smmu_domain->mmu_notifiers, list) {

		if (smmu_mn->mn.mm == mm) {

		goto err_free_cd;

	}

	ret = arm_smmu_write_ctx_desc(smmu_domain, mm->pasid, cd);

	spin_lock_irqsave(&smmu_domain->devices_lock, flags);

	list_for_each_entry(master, &smmu_domain->devices, domain_head) {

		ret = arm_smmu_write_ctx_desc(master, mm->pasid, cd);

		if (ret) {

			list_for_each_entry_from_reverse(master, &smmu_domain->devices, domain_head)

				arm_smmu_write_ctx_desc(master, mm->pasid, NULL);

			break;

		}

	}

	spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);

	if (ret)

		goto err_put_notifier;

		return;

	list_del(&smmu_mn->list);

	arm_smmu_write_ctx_desc(smmu_domain, mm->pasid, NULL);

	arm_smmu_update_ctx_desc_devices(smmu_domain, mm->pasid, NULL);

	/*

	 * If we went through clear(), we've already invalidated, and no

	arm_smmu_free_shared_cd(cd);

}

static struct iommu_sva *

__arm_smmu_sva_bind(struct device *dev, struct mm_struct *mm)

static int __arm_smmu_sva_bind(struct device *dev, struct mm_struct *mm)

{

	int ret;

	struct arm_smmu_bond *bond;

	struct arm_smmu_domain *smmu_domain = to_smmu_domain(domain);

	if (!master || !master->sva_enabled)

		return ERR_PTR(-ENODEV);

	/* If bind() was already called for this {dev, mm} pair, reuse it. */

	list_for_each_entry(bond, &master->bonds, list) {

		if (bond->mm == mm) {

			refcount_inc(&bond->refs);

			return &bond->sva;

		}

	}

		return -ENODEV;

	bond = kzalloc(sizeof(*bond), GFP_KERNEL);

	if (!bond)

		return ERR_PTR(-ENOMEM);

		return -ENOMEM;

	bond->mm = mm;

	bond->sva.dev = dev;

	refcount_set(&bond->refs, 1);

	bond->smmu_mn = arm_smmu_mmu_notifier_get(smmu_domain, mm);

	if (IS_ERR(bond->smmu_mn)) {

	}

	list_add(&bond->list, &master->bonds);

	return &bond->sva;

	return 0;

err_free_bond:

	kfree(bond);

	return ERR_PTR(ret);

	return ret;

}

bool arm_smmu_sva_supported(struct arm_smmu_device *smmu)

		}

	}

	if (!WARN_ON(!bond) && refcount_dec_and_test(&bond->refs)) {

	if (!WARN_ON(!bond)) {

		list_del(&bond->list);

		arm_smmu_mmu_notifier_put(bond->smmu_mn);

		kfree(bond);

				      struct device *dev, ioasid_t id)

{

	int ret = 0;

	struct iommu_sva *handle;

	struct mm_struct *mm = domain->mm;

	mutex_lock(&sva_lock);

	handle = __arm_smmu_sva_bind(dev, mm);

	if (IS_ERR(handle))

		ret = PTR_ERR(handle);

	ret = __arm_smmu_sva_bind(dev, mm);

	mutex_unlock(&sva_lock);

	return ret;

	arm_smmu_cmdq_issue_cmd_with_sync(smmu, &cmd);

}

static void arm_smmu_sync_cd(struct arm_smmu_domain *smmu_domain,

static void arm_smmu_sync_cd(struct arm_smmu_master *master,

			     int ssid, bool leaf)

{

	size_t i;

	unsigned long flags;

	struct arm_smmu_master *master;

	struct arm_smmu_cmdq_batch cmds;

	struct arm_smmu_device *smmu = smmu_domain->smmu;

	struct arm_smmu_device *smmu = master->smmu;

	struct arm_smmu_cmdq_ent cmd = {

		.opcode	= CMDQ_OP_CFGI_CD,

		.cfgi	= {

	};

	cmds.num = 0;

	spin_lock_irqsave(&smmu_domain->devices_lock, flags);

	list_for_each_entry(master, &smmu_domain->devices, domain_head) {

	for (i = 0; i < master->num_streams; i++) {

		cmd.cfgi.sid = master->streams[i].id;

		arm_smmu_cmdq_batch_add(smmu, &cmds, &cmd);

	}

	}

	spin_unlock_irqrestore(&smmu_domain->devices_lock, flags);

	arm_smmu_cmdq_batch_submit(smmu, &cmds);

}

	WRITE_ONCE(*dst, cpu_to_le64(val));

}

static __le64 *arm_smmu_get_cd_ptr(struct arm_smmu_domain *smmu_domain,

				   u32 ssid)

static __le64 *arm_smmu_get_cd_ptr(struct arm_smmu_master *master, u32 ssid)

{

	__le64 *l1ptr;

	unsigned int idx;

	struct arm_smmu_l1_ctx_desc *l1_desc;

	struct arm_smmu_device *smmu = smmu_domain->smmu;

	struct arm_smmu_ctx_desc_cfg *cdcfg = &smmu_domain->s1_cfg.cdcfg;

	struct arm_smmu_device *smmu = master->smmu;

	struct arm_smmu_ctx_desc_cfg *cd_table = &master->cd_table;

	if (smmu_domain->s1_cfg.s1fmt == STRTAB_STE_0_S1FMT_LINEAR)

		return cdcfg->cdtab + ssid * CTXDESC_CD_DWORDS;

	if (cd_table->s1fmt == STRTAB_STE_0_S1FMT_LINEAR)

		return cd_table->cdtab + ssid * CTXDESC_CD_DWORDS;

	idx = ssid >> CTXDESC_SPLIT;

	l1_desc = &cdcfg->l1_desc[idx];

	l1_desc = &cd_table->l1_desc[idx];

	if (!l1_desc->l2ptr) {

		if (arm_smmu_alloc_cd_leaf_table(smmu, l1_desc))

			return NULL;

		l1ptr = cdcfg->cdtab + idx * CTXDESC_L1_DESC_DWORDS;

		l1ptr = cd_table->cdtab + idx * CTXDESC_L1_DESC_DWORDS;

		arm_smmu_write_cd_l1_desc(l1ptr, l1_desc);

		/* An invalid L1CD can be cached */

		arm_smmu_sync_cd(smmu_domain, ssid, false);

		arm_smmu_sync_cd(master, ssid, false);

	}

	idx = ssid & (CTXDESC_L2_ENTRIES - 1);

	return l1_desc->l2ptr + idx * CTXDESC_CD_DWORDS;

}

int arm_smmu_write_ctx_desc(struct arm_smmu_domain *smmu_domain, int ssid,

int arm_smmu_write_ctx_desc(struct arm_smmu_master *master, int ssid,

			    struct arm_smmu_ctx_desc *cd)

{

	/*

	u64 val;

	bool cd_live;

	__le64 *cdptr;

	struct arm_smmu_ctx_desc_cfg *cd_table = &master->cd_table;

	if (WARN_ON(ssid >= (1 << smmu_domain->s1_cfg.s1cdmax)))

	if (WARN_ON(ssid >= (1 << cd_table->s1cdmax)))

		return -E2BIG;

	cdptr = arm_smmu_get_cd_ptr(smmu_domain, ssid);

	cdptr = arm_smmu_get_cd_ptr(master, ssid);

	if (!cdptr)

		return -ENOMEM;

		cdptr[3] = cpu_to_le64(cd->mair);

		/*

		 * STE is live, and the SMMU might read dwords of this CD in any

		 * STE may be live, and the SMMU might read dwords of this CD in any

		 * order. Ensure that it observes valid values before reading

		 * V=1.

		 */

		arm_smmu_sync_cd(smmu_domain, ssid, true);

		arm_smmu_sync_cd(master, ssid, true);

		val = cd->tcr |

#ifdef __BIG_ENDIAN

			FIELD_PREP(CTXDESC_CD_0_ASID, cd->asid) |

			CTXDESC_CD_0_V;

		if (smmu_domain->stall_enabled)

		if (cd_table->stall_enabled)

			val |= CTXDESC_CD_0_S;

	}

	 *   without first making the structure invalid.

	 */

	WRITE_ONCE(cdptr[0], cpu_to_le64(val));

	arm_smmu_sync_cd(smmu_domain, ssid, true);

	arm_smmu_sync_cd(master, ssid, true);

	return 0;

}

static int arm_smmu_alloc_cd_tables(struct arm_smmu_domain *smmu_domain)

static int arm_smmu_alloc_cd_tables(struct arm_smmu_master *master)

{

	int ret;

	size_t l1size;

	size_t max_contexts;

	struct arm_smmu_device *smmu = smmu_domain->smmu;

	struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;

	struct arm_smmu_ctx_desc_cfg *cdcfg = &cfg->cdcfg;

	struct arm_smmu_device *smmu = master->smmu;

	struct arm_smmu_ctx_desc_cfg *cd_table = &master->cd_table;

	max_contexts = 1 << cfg->s1cdmax;

	cd_table->stall_enabled = master->stall_enabled;

	cd_table->s1cdmax = master->ssid_bits;

	max_contexts = 1 << cd_table->s1cdmax;

	if (!(smmu->features & ARM_SMMU_FEAT_2_LVL_CDTAB) ||

	    max_contexts <= CTXDESC_L2_ENTRIES) {

		cfg->s1fmt = STRTAB_STE_0_S1FMT_LINEAR;

		cdcfg->num_l1_ents = max_contexts;

		cd_table->s1fmt = STRTAB_STE_0_S1FMT_LINEAR;

		cd_table->num_l1_ents = max_contexts;

		l1size = max_contexts * (CTXDESC_CD_DWORDS << 3);

	} else {

		cfg->s1fmt = STRTAB_STE_0_S1FMT_64K_L2;

		cdcfg->num_l1_ents = DIV_ROUND_UP(max_contexts,

		cd_table->s1fmt = STRTAB_STE_0_S1FMT_64K_L2;

		cd_table->num_l1_ents = DIV_ROUND_UP(max_contexts,

						  CTXDESC_L2_ENTRIES);

		cdcfg->l1_desc = devm_kcalloc(smmu->dev, cdcfg->num_l1_ents,

					      sizeof(*cdcfg->l1_desc),

		cd_table->l1_desc = devm_kcalloc(smmu->dev, cd_table->num_l1_ents,

					      sizeof(*cd_table->l1_desc),

					      GFP_KERNEL);

		if (!cdcfg->l1_desc)

		if (!cd_table->l1_desc)

			return -ENOMEM;

		l1size = cdcfg->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3);

		l1size = cd_table->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3);

	}

	cdcfg->cdtab = dmam_alloc_coherent(smmu->dev, l1size, &cdcfg->cdtab_dma,

	cd_table->cdtab = dmam_alloc_coherent(smmu->dev, l1size, &cd_table->cdtab_dma,

					   GFP_KERNEL);

	if (!cdcfg->cdtab) {

	if (!cd_table->cdtab) {

		dev_warn(smmu->dev, "failed to allocate context descriptor\n");

		ret = -ENOMEM;

		goto err_free_l1;

	return 0;

err_free_l1:

	if (cdcfg->l1_desc) {

		devm_kfree(smmu->dev, cdcfg->l1_desc);

		cdcfg->l1_desc = NULL;

	if (cd_table->l1_desc) {

		devm_kfree(smmu->dev, cd_table->l1_desc);

		cd_table->l1_desc = NULL;

	}

	return ret;

}

static void arm_smmu_free_cd_tables(struct arm_smmu_domain *smmu_domain)

static void arm_smmu_free_cd_tables(struct arm_smmu_master *master)

{

	int i;

	size_t size, l1size;

	struct arm_smmu_device *smmu = smmu_domain->smmu;

	struct arm_smmu_ctx_desc_cfg *cdcfg = &smmu_domain->s1_cfg.cdcfg;

	struct arm_smmu_device *smmu = master->smmu;

	struct arm_smmu_ctx_desc_cfg *cd_table = &master->cd_table;

	if (cdcfg->l1_desc) {

	if (cd_table->l1_desc) {

		size = CTXDESC_L2_ENTRIES * (CTXDESC_CD_DWORDS << 3);

		for (i = 0; i < cdcfg->num_l1_ents; i++) {

			if (!cdcfg->l1_desc[i].l2ptr)

		for (i = 0; i < cd_table->num_l1_ents; i++) {

			if (!cd_table->l1_desc[i].l2ptr)

				continue;

			dmam_free_coherent(smmu->dev, size,

					   cdcfg->l1_desc[i].l2ptr,

					   cdcfg->l1_desc[i].l2ptr_dma);

					   cd_table->l1_desc[i].l2ptr,

					   cd_table->l1_desc[i].l2ptr_dma);

		}

		devm_kfree(smmu->dev, cdcfg->l1_desc);

		cdcfg->l1_desc = NULL;

		devm_kfree(smmu->dev, cd_table->l1_desc);

		cd_table->l1_desc = NULL;

		l1size = cdcfg->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3);

		l1size = cd_table->num_l1_ents * (CTXDESC_L1_DESC_DWORDS << 3);

	} else {

		l1size = cdcfg->num_l1_ents * (CTXDESC_CD_DWORDS << 3);

		l1size = cd_table->num_l1_ents * (CTXDESC_CD_DWORDS << 3);

	}

	dmam_free_coherent(smmu->dev, l1size, cdcfg->cdtab, cdcfg->cdtab_dma);

	cdcfg->cdtab_dma = 0;

	cdcfg->cdtab = NULL;

	dmam_free_coherent(smmu->dev, l1size, cd_table->cdtab, cd_table->cdtab_dma);

	cd_table->cdtab_dma = 0;

	cd_table->cdtab = NULL;

}

bool arm_smmu_free_asid(struct arm_smmu_ctx_desc *cd)

	u64 val = le64_to_cpu(dst[0]);

	bool ste_live = false;

	struct arm_smmu_device *smmu = NULL;

	struct arm_smmu_s1_cfg *s1_cfg = NULL;

	struct arm_smmu_ctx_desc_cfg *cd_table = NULL;

	struct arm_smmu_s2_cfg *s2_cfg = NULL;

	struct arm_smmu_domain *smmu_domain = NULL;

	struct arm_smmu_cmdq_ent prefetch_cmd = {

	if (smmu_domain) {

		switch (smmu_domain->stage) {

		case ARM_SMMU_DOMAIN_S1:

			s1_cfg = &smmu_domain->s1_cfg;

			cd_table = &master->cd_table;

			break;

		case ARM_SMMU_DOMAIN_S2:

		case ARM_SMMU_DOMAIN_NESTED:

	val = STRTAB_STE_0_V;

	/* Bypass/fault */

	if (!smmu_domain || !(s1_cfg || s2_cfg)) {

	if (!smmu_domain || !(cd_table || s2_cfg)) {

		if (!smmu_domain && disable_bypass)

			val |= FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_ABORT);

		else

		return;

	}

	if (s1_cfg) {

	if (cd_table) {

		u64 strw = smmu->features & ARM_SMMU_FEAT_E2H ?

			STRTAB_STE_1_STRW_EL2 : STRTAB_STE_1_STRW_NSEL1;

		    !master->stall_enabled)

			dst[1] |= cpu_to_le64(STRTAB_STE_1_S1STALLD);

		val |= (s1_cfg->cdcfg.cdtab_dma & STRTAB_STE_0_S1CTXPTR_MASK) |

		val |= (cd_table->cdtab_dma & STRTAB_STE_0_S1CTXPTR_MASK) |

			FIELD_PREP(STRTAB_STE_0_CFG, STRTAB_STE_0_CFG_S1_TRANS) |

			FIELD_PREP(STRTAB_STE_0_S1CDMAX, s1_cfg->s1cdmax) |

			FIELD_PREP(STRTAB_STE_0_S1FMT, s1_cfg->s1fmt);

			FIELD_PREP(STRTAB_STE_0_S1CDMAX, cd_table->s1cdmax) |

			FIELD_PREP(STRTAB_STE_0_S1FMT, cd_table->s1fmt);

	}

	if (s2_cfg) {

	 * careful, 007.

	 */

	if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {

		arm_smmu_tlb_inv_asid(smmu, smmu_domain->s1_cfg.cd.asid);

		arm_smmu_tlb_inv_asid(smmu, smmu_domain->cd.asid);

	} else {

		cmd.opcode	= CMDQ_OP_TLBI_S12_VMALL;

		cmd.tlbi.vmid	= smmu_domain->s2_cfg.vmid;

		/* Get the leaf page size */

		tg = __ffs(smmu_domain->domain.pgsize_bitmap);

		num_pages = size >> tg;

		/* Convert page size of 12,14,16 (log2) to 1,2,3 */

		cmd->tlbi.tg = (tg - 10) / 2;

		/*

		 * Determine what level the granule is at. For non-leaf, io-pgtable

		 * assumes .tlb_flush_walk can invalidate multiple levels at once,

		 * so ignore the nominal last-level granule and leave TTL=0.

		 * Determine what level the granule is at. For non-leaf, both

		 * io-pgtable and SVA pass a nominal last-level granule because

		 * they don't know what level(s) actually apply, so ignore that

		 * and leave TTL=0. However for various errata reasons we still

		 * want to use a range command, so avoid the SVA corner case

		 * where both scale and num could be 0 as well.

		 */

		if (cmd->tlbi.leaf)

			cmd->tlbi.ttl = 4 - ((ilog2(granule) - 3) / (tg - 3));

		num_pages = size >> tg;

		else if ((num_pages & CMDQ_TLBI_RANGE_NUM_MAX) == 1)

			num_pages++;

	}

	cmds.num = 0;

	if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {

		cmd.opcode	= smmu_domain->smmu->features & ARM_SMMU_FEAT_E2H ?

				  CMDQ_OP_TLBI_EL2_VA : CMDQ_OP_TLBI_NH_VA;

		cmd.tlbi.asid	= smmu_domain->s1_cfg.cd.asid;

		cmd.tlbi.asid	= smmu_domain->cd.asid;

	} else {

		cmd.opcode	= CMDQ_OP_TLBI_S2_IPA;

		cmd.tlbi.vmid	= smmu_domain->s2_cfg.vmid;

	free_io_pgtable_ops(smmu_domain->pgtbl_ops);

	/* Free the CD and ASID, if we allocated them */

	/* Free the ASID or VMID */

	if (smmu_domain->stage == ARM_SMMU_DOMAIN_S1) {

		struct arm_smmu_s1_cfg *cfg = &smmu_domain->s1_cfg;

		/* Prevent SVA from touching the CD while we're freeing it */

		mutex_lock(&arm_smmu_asid_lock);

		if (cfg->cdcfg.cdtab)

			arm_smmu_free_cd_tables(smmu_domain);

		arm_smmu_free_asid(&cfg->cd);

		arm_smmu_free_asid(&smmu_domain->cd);

		mutex_unlock(&arm_smmu_asid_lock);

	} else {

		struct arm_smmu_s2_cfg *cfg = &smmu_domain->s2_cfg;

}