--- v9
+++ v10
@@ -1,444 +1,335 @@
-At the moment writing new TCE value to the IOMMU table fails with EBUSY
-if there is a valid entry already. However PAPR specification allows
-the guest to write new TCE value without clearing it first.
-
-Another problem this patch is addressing is the use of pool locks for
-external IOMMU users such as VFIO. The pool locks are to protect
-DMA page allocator rather than entries and since the host kernel does
-not control what pages are in use, there is no point in pool locks and
-exchange()+put_page(oldtce) is sufficient to avoid possible races.
-
-This adds an exchange() callback to iommu_table_ops which does the same
-thing as set() plus it returns replaced TCE and DMA direction so
-the caller can release the pages afterwards. The exchange() receives
-a physical address unlike set() which receives linear mapping address;
-and returns a physical address as the clear() does.
-
-This implements exchange() for P5IOC2/IODA/IODA2. This adds a requirement
-for a platform to have exchange() implemented in order to support VFIO.
-
-This replaces iommu_tce_build() and iommu_clear_tce() with
-a single iommu_tce_xchg().
-
-This makes sure that TCE permission bits are not set in TCE passed to
-IOMMU API as those are to be calculated by platform code from DMA direction.
-
-This moves SetPageDirty() to the IOMMU code to make it work for both
-VFIO ioctl interface in in-kernel TCE acceleration (when it becomes
-available later).
+This adds tce_iommu_take_ownership() and tce_iommu_release_ownership
+which call in a loop iommu_take_ownership()/iommu_release_ownership()
+for every table on the group. As there is just one now, no change in
+behaviour is expected.
+
+At the moment the iommu_table struct has a set_bypass() which enables/
+disables DMA bypass on IODA2 PHB. This is exposed to POWERPC IOMMU code
+which calls this callback when external IOMMU users such as VFIO are
+about to get over a PHB.
+
+The set_bypass() callback is not really an iommu_table function but
+IOMMU/PE function. This introduces a iommu_table_group_ops struct and
+adds take_ownership()/release_ownership() callbacks to it which are
+called when an external user takes/releases control over the IOMMU.
+
+This replaces set_bypass() with ownership callbacks as it is not
+necessarily just bypass enabling, it can be something else/more
+so let's give it more generic name.
+
+The callbacks is implemented for IODA2 only. Other platforms (P5IOC2,
+IODA1) will use the old iommu_take_ownership/iommu_release_ownership API.
+The following patches will replace iommu_take_ownership/
+iommu_release_ownership calls in IODA2 with full IOMMU table release/
+create.
+
+As we here and touching bypass control, this removes
+pnv_pci_ioda2_setup_bypass_pe() as it does not do much
+more compared to pnv_pci_ioda2_set_bypass. This moves tce_bypass_base
+initialization to pnv_pci_ioda2_setup_dma_pe.
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
[aw: for the vfio related changes]
Acked-by: Alex Williamson <alex.williamson@redhat.com>
---
Changes:
+v10:
+* fixed comments around take_ownership/release_ownership in iommu_table_group_ops
+
v9:
-* changed exchange() to work with physical addresses as these addresses
-are never accessed by the code and physical addresses are actual values
-we put into the IOMMU table
+* squashed "vfio: powerpc/spapr: powerpc/iommu: Rework IOMMU ownership control"
+and "vfio: powerpc/spapr: powerpc/powernv/ioda2: Rework IOMMU ownership control"
+into a single patch
+* moved helpers with a loop through tables in a group
+to vfio_iommu_spapr_tce.c to keep the platform code free of IOMMU table
+groups as much as possible
+* added missing tce_iommu_clear() to tce_iommu_release_ownership()
+* replaced the set_ownership(enable) callback with take_ownership() and
+release_ownership()
---
- arch/powerpc/include/asm/iommu.h | 22 +++++++++--
- arch/powerpc/kernel/iommu.c | 57 +++++++++-------------------
- arch/powerpc/platforms/powernv/pci-ioda.c | 34 +++++++++++++++++
- arch/powerpc/platforms/powernv/pci-p5ioc2.c | 3 ++
- arch/powerpc/platforms/powernv/pci.c | 17 +++++++++
- arch/powerpc/platforms/powernv/pci.h | 2 +
- drivers/vfio/vfio_iommu_spapr_tce.c | 58 ++++++++++++++++++-----------
- 7 files changed, 128 insertions(+), 65 deletions(-)
+ arch/powerpc/include/asm/iommu.h | 11 ++++-
+ arch/powerpc/kernel/iommu.c | 12 -----
+ arch/powerpc/platforms/powernv/pci-ioda.c | 73 ++++++++++++++++++-------------
+ drivers/vfio/vfio_iommu_spapr_tce.c | 70 ++++++++++++++++++++++++++---
+ 4 files changed, 116 insertions(+), 50 deletions(-)
diff --git a/arch/powerpc/include/asm/iommu.h b/arch/powerpc/include/asm/iommu.h
-index e63419e..7e7ca0a 100644
+index 664beeb..c5375c5 100644
--- a/arch/powerpc/include/asm/iommu.h
+++ b/arch/powerpc/include/asm/iommu.h
-@@ -45,13 +45,29 @@ extern int iommu_is_off;
- extern int iommu_force_on;
-
- struct iommu_table_ops {
-+ /*
-+ * When called with direction==DMA_NONE, it is equal to clear().
-+ * uaddr is a linear map address.
-+ */
- int (*set)(struct iommu_table *tbl,
- long index, long npages,
- unsigned long uaddr,
- enum dma_data_direction direction,
- struct dma_attrs *attrs);
-+#ifdef CONFIG_IOMMU_API
-+ /*
-+ * Exchanges existing TCE with new TCE plus direction bits;
-+ * returns old TCE and DMA direction mask.
-+ * @tce is a physical address.
-+ */
-+ int (*exchange)(struct iommu_table *tbl,
-+ long index,
-+ unsigned long *tce,
-+ enum dma_data_direction *direction);
-+#endif
- void (*clear)(struct iommu_table *tbl,
- long index, long npages);
-+ /* get() returns a physical address */
- unsigned long (*get)(struct iommu_table *tbl, long index);
- void (*flush)(struct iommu_table *tbl);
+@@ -95,7 +95,6 @@ struct iommu_table {
+ struct list_head it_group_list;/* List of iommu_table_group_link */
+ #endif
+ struct iommu_table_ops *it_ops;
+- void (*set_bypass)(struct iommu_table *tbl, bool enable);
};
-@@ -152,6 +168,8 @@ extern void iommu_register_group(struct iommu_table_group *table_group,
- extern int iommu_add_device(struct device *dev);
- extern void iommu_del_device(struct device *dev);
- extern int __init tce_iommu_bus_notifier_init(void);
-+extern long iommu_tce_xchg(struct iommu_table *tbl, unsigned long entry,
-+ unsigned long *tce, enum dma_data_direction *direction);
- #else
- static inline void iommu_register_group(struct iommu_table_group *table_group,
- int pci_domain_number,
-@@ -231,10 +249,6 @@ extern int iommu_tce_clear_param_check(struct iommu_table *tbl,
- unsigned long npages);
- extern int iommu_tce_put_param_check(struct iommu_table *tbl,
- unsigned long ioba, unsigned long tce);
--extern int iommu_tce_build(struct iommu_table *tbl, unsigned long entry,
-- unsigned long hwaddr, enum dma_data_direction direction);
--extern unsigned long iommu_clear_tce(struct iommu_table *tbl,
-- unsigned long entry);
-
- extern void iommu_flush_tce(struct iommu_table *tbl);
- extern int iommu_take_ownership(struct iommu_table *tbl);
+
+ /* Pure 2^n version of get_order */
+@@ -130,6 +129,15 @@ extern struct iommu_table *iommu_init_table(struct iommu_table * tbl,
+
+ #define IOMMU_TABLE_GROUP_MAX_TABLES 1
+
++struct iommu_table_group;
++
++struct iommu_table_group_ops {
++ /* Switch ownership from platform code to external user (e.g. VFIO) */
++ void (*take_ownership)(struct iommu_table_group *table_group);
++ /* Switch ownership from external user (e.g. VFIO) back to core */
++ void (*release_ownership)(struct iommu_table_group *table_group);
++};
++
+ struct iommu_table_group_link {
+ struct list_head next;
+ struct rcu_head rcu;
+@@ -139,6 +147,7 @@ struct iommu_table_group_link {
+ struct iommu_table_group {
+ struct iommu_group *group;
+ struct iommu_table *tables[IOMMU_TABLE_GROUP_MAX_TABLES];
++ struct iommu_table_group_ops *ops;
+ };
+
+ extern void iommu_register_group(struct iommu_table_group *table_group,
diff --git a/arch/powerpc/kernel/iommu.c b/arch/powerpc/kernel/iommu.c
-index ea2c8ba..2eaba0c 100644
+index bdf19c6..7e54714 100644
--- a/arch/powerpc/kernel/iommu.c
+++ b/arch/powerpc/kernel/iommu.c
-@@ -975,9 +975,6 @@ EXPORT_SYMBOL_GPL(iommu_tce_clear_param_check);
- int iommu_tce_put_param_check(struct iommu_table *tbl,
- unsigned long ioba, unsigned long tce)
- {
-- if (!(tce & (TCE_PCI_WRITE | TCE_PCI_READ)))
-- return -EINVAL;
--
- if (tce & ~(IOMMU_PAGE_MASK(tbl) | TCE_PCI_WRITE | TCE_PCI_READ))
- return -EINVAL;
-
-@@ -995,44 +992,16 @@ int iommu_tce_put_param_check(struct iommu_table *tbl,
- }
- EXPORT_SYMBOL_GPL(iommu_tce_put_param_check);
-
--unsigned long iommu_clear_tce(struct iommu_table *tbl, unsigned long entry)
-+long iommu_tce_xchg(struct iommu_table *tbl, unsigned long entry,
-+ unsigned long *tce, enum dma_data_direction *direction)
- {
-- unsigned long oldtce;
-- struct iommu_pool *pool = get_pool(tbl, entry);
-+ long ret;
-
-- spin_lock(&(pool->lock));
-+ ret = tbl->it_ops->exchange(tbl, entry, tce, direction);
-
-- oldtce = tbl->it_ops->get(tbl, entry);
-- if (oldtce & (TCE_PCI_WRITE | TCE_PCI_READ))
-- tbl->it_ops->clear(tbl, entry, 1);
-- else
-- oldtce = 0;
--
-- spin_unlock(&(pool->lock));
--
-- return oldtce;
--}
--EXPORT_SYMBOL_GPL(iommu_clear_tce);
--
--/*
-- * hwaddr is a kernel virtual address here (0xc... bazillion),
-- * tce_build converts it to a physical address.
-- */
--int iommu_tce_build(struct iommu_table *tbl, unsigned long entry,
-- unsigned long hwaddr, enum dma_data_direction direction)
--{
-- int ret = -EBUSY;
-- unsigned long oldtce;
-- struct iommu_pool *pool = get_pool(tbl, entry);
--
-- spin_lock(&(pool->lock));
--
-- oldtce = tbl->it_ops->get(tbl, entry);
-- /* Add new entry if it is not busy */
-- if (!(oldtce & (TCE_PCI_WRITE | TCE_PCI_READ)))
-- ret = tbl->it_ops->set(tbl, entry, 1, hwaddr, direction, NULL);
--
-- spin_unlock(&(pool->lock));
-+ if (!ret && ((*direction == DMA_FROM_DEVICE) ||
-+ (*direction == DMA_BIDIRECTIONAL)))
-+ SetPageDirty(pfn_to_page(*tce >> PAGE_SHIFT));
-
- /* if (unlikely(ret))
- pr_err("iommu_tce: %s failed on hwaddr=%lx ioba=%lx kva=%lx ret=%d\n",
-@@ -1041,13 +1010,23 @@ int iommu_tce_build(struct iommu_table *tbl, unsigned long entry,
-
- return ret;
- }
--EXPORT_SYMBOL_GPL(iommu_tce_build);
-+EXPORT_SYMBOL_GPL(iommu_tce_xchg);
-
- int iommu_take_ownership(struct iommu_table *tbl)
- {
- unsigned long flags, i, sz = (tbl->it_size + 7) >> 3;
- int ret = 0;
-
-+ /*
-+ * VFIO does not control TCE entries allocation and the guest
-+ * can write new TCEs on top of existing ones so iommu_tce_build()
-+ * must be able to release old pages. This functionality
-+ * requires exchange() callback defined so if it is not
-+ * implemented, we disallow taking ownership over the table.
-+ */
-+ if (!tbl->it_ops->exchange)
-+ return -EINVAL;
-+
- spin_lock_irqsave(&tbl->large_pool.lock, flags);
- for (i = 0; i < tbl->nr_pools; i++)
- spin_lock(&tbl->pools[i].lock);
+@@ -1044,14 +1044,6 @@ int iommu_take_ownership(struct iommu_table *tbl)
+
+ memset(tbl->it_map, 0xff, sz);
+
+- /*
+- * Disable iommu bypass, otherwise the user can DMA to all of
+- * our physical memory via the bypass window instead of just
+- * the pages that has been explicitly mapped into the iommu
+- */
+- if (tbl->set_bypass)
+- tbl->set_bypass(tbl, false);
+-
+ return 0;
+ }
+ EXPORT_SYMBOL_GPL(iommu_take_ownership);
+@@ -1065,10 +1057,6 @@ void iommu_release_ownership(struct iommu_table *tbl)
+ /* Restore bit#0 set by iommu_init_table() */
+ if (tbl->it_offset == 0)
+ set_bit(0, tbl->it_map);
+-
+- /* The kernel owns the device now, we can restore the iommu bypass */
+- if (tbl->set_bypass)
+- tbl->set_bypass(tbl, true);
+ }
+ EXPORT_SYMBOL_GPL(iommu_release_ownership);
+
diff --git a/arch/powerpc/platforms/powernv/pci-ioda.c b/arch/powerpc/platforms/powernv/pci-ioda.c
-index b22b3ca..fb765af 100644
+index 53bf242b..35ab19c8 100644
--- a/arch/powerpc/platforms/powernv/pci-ioda.c
+++ b/arch/powerpc/platforms/powernv/pci-ioda.c
-@@ -1728,6 +1728,20 @@ static int pnv_ioda1_tce_build(struct iommu_table *tbl, long index,
- return ret;
- }
-
+@@ -1918,13 +1918,8 @@ static void pnv_pci_ioda_setup_dma_pe(struct pnv_phb *phb,
+ }
+ }
+
+-static void pnv_pci_ioda2_set_bypass(struct iommu_table *tbl, bool enable)
++static void pnv_pci_ioda2_set_bypass(struct pnv_ioda_pe *pe, bool enable)
+ {
+- struct iommu_table_group_link *tgl = list_first_entry_or_null(
+- &tbl->it_group_list, struct iommu_table_group_link,
+- next);
+- struct pnv_ioda_pe *pe = container_of(tgl->table_group,
+- struct pnv_ioda_pe, table_group);
+ uint16_t window_id = (pe->pe_number << 1 ) + 1;
+ int64_t rc;
+
+@@ -1951,33 +1946,48 @@ static void pnv_pci_ioda2_set_bypass(struct iommu_table *tbl, bool enable)
+ pe->tce_bypass_enabled = enable;
+ }
+
+-static void pnv_pci_ioda2_setup_bypass_pe(struct pnv_phb *phb,
+- struct pnv_ioda_pe *pe)
+#ifdef CONFIG_IOMMU_API
-+static int pnv_ioda1_tce_xchg(struct iommu_table *tbl, long index,
-+ unsigned long *tce, enum dma_data_direction *direction)
++static void pnv_ioda2_take_ownership(struct iommu_table_group *table_group)
+ {
++ struct pnv_ioda_pe *pe = container_of(table_group, struct pnv_ioda_pe,
++ table_group);
++
++ iommu_take_ownership(table_group->tables[0]);
++ pnv_pci_ioda2_set_bypass(pe, false);
++}
++
++static void pnv_ioda2_release_ownership(struct iommu_table_group *table_group)
+{
-+ long ret = pnv_tce_xchg(tbl, index, tce, direction);
-+
-+ if (!ret && (tbl->it_type &
-+ (TCE_PCI_SWINV_CREATE | TCE_PCI_SWINV_FREE)))
-+ pnv_pci_ioda1_tce_invalidate(tbl, index, 1, false);
-+
-+ return ret;
++ struct pnv_ioda_pe *pe = container_of(table_group, struct pnv_ioda_pe,
++ table_group);
++
++ iommu_release_ownership(table_group->tables[0]);
++ pnv_pci_ioda2_set_bypass(pe, true);
+}
++
++static struct iommu_table_group_ops pnv_pci_ioda2_ops = {
++ .take_ownership = pnv_ioda2_take_ownership,
++ .release_ownership = pnv_ioda2_release_ownership,
++};
+#endif
+
- static void pnv_ioda1_tce_free(struct iommu_table *tbl, long index,
- long npages)
- {
-@@ -1739,6 +1753,9 @@ static void pnv_ioda1_tce_free(struct iommu_table *tbl, long index,
-
- static struct iommu_table_ops pnv_ioda1_iommu_ops = {
- .set = pnv_ioda1_tce_build,
++static void pnv_pci_ioda2_setup_dma_pe(struct pnv_phb *phb,
++ struct pnv_ioda_pe *pe)
++{
++ struct page *tce_mem = NULL;
++ void *addr;
++ const __be64 *swinvp;
++ struct iommu_table *tbl;
++ unsigned int tce_table_size, end;
++ int64_t rc;
++
++ /* We shouldn't already have a 32-bit DMA associated */
++ if (WARN_ON(pe->tce32_seg >= 0))
++ return;
++
+ /* TVE #1 is selected by PCI address bit 59 */
+ pe->tce_bypass_base = 1ull << 59;
+
+- /* Install set_bypass callback for VFIO */
+- pe->table_group.tables[0]->set_bypass = pnv_pci_ioda2_set_bypass;
+-
+- /* Enable bypass by default */
+- pnv_pci_ioda2_set_bypass(pe->table_group.tables[0], true);
+-}
+-
+-static void pnv_pci_ioda2_setup_dma_pe(struct pnv_phb *phb,
+- struct pnv_ioda_pe *pe)
+-{
+- struct page *tce_mem = NULL;
+- void *addr;
+- const __be64 *swinvp;
+- struct iommu_table *tbl;
+- unsigned int tce_table_size, end;
+- int64_t rc;
+-
+- /* We shouldn't already have a 32-bit DMA associated */
+- if (WARN_ON(pe->tce32_seg >= 0))
+- return;
+-
+ tbl = pnv_pci_table_alloc(phb->hose->node);
+ iommu_register_group(&pe->table_group, phb->hose->global_number,
+ pe->pe_number);
+@@ -2032,6 +2042,9 @@ static void pnv_pci_ioda2_setup_dma_pe(struct pnv_phb *phb,
+ }
+ tbl->it_ops = &pnv_ioda2_iommu_ops;
+ iommu_init_table(tbl, phb->hose->node);
+#ifdef CONFIG_IOMMU_API
-+ .exchange = pnv_ioda1_tce_xchg,
++ pe->table_group.ops = &pnv_pci_ioda2_ops;
+#endif
- .clear = pnv_ioda1_tce_free,
- .get = pnv_tce_get,
- };
-@@ -1800,6 +1817,20 @@ static int pnv_ioda2_tce_build(struct iommu_table *tbl, long index,
- return ret;
- }
-
-+#ifdef CONFIG_IOMMU_API
-+static int pnv_ioda2_tce_xchg(struct iommu_table *tbl, long index,
-+ unsigned long *tce, enum dma_data_direction *direction)
+
+ if (pe->flags & PNV_IODA_PE_DEV) {
+ /*
+@@ -2046,7 +2059,7 @@ static void pnv_pci_ioda2_setup_dma_pe(struct pnv_phb *phb,
+
+ /* Also create a bypass window */
+ if (!pnv_iommu_bypass_disabled)
+- pnv_pci_ioda2_setup_bypass_pe(phb, pe);
++ pnv_pci_ioda2_set_bypass(pe, true);
+
+ return;
+ fail:
+diff --git a/drivers/vfio/vfio_iommu_spapr_tce.c b/drivers/vfio/vfio_iommu_spapr_tce.c
+index ed3310b..2ead291 100644
+--- a/drivers/vfio/vfio_iommu_spapr_tce.c
++++ b/drivers/vfio/vfio_iommu_spapr_tce.c
+@@ -486,6 +486,47 @@ static long tce_iommu_ioctl(void *iommu_data,
+ return -ENOTTY;
+ }
+
++static void tce_iommu_release_ownership(struct tce_container *container,
++ struct iommu_table_group *table_group)
+{
-+ long ret = pnv_tce_xchg(tbl, index, tce, direction);
-+
-+ if (!ret && (tbl->it_type &
-+ (TCE_PCI_SWINV_CREATE | TCE_PCI_SWINV_FREE)))
-+ pnv_pci_ioda2_tce_invalidate(tbl, index, 1, false);
-+
-+ return ret;
++ int i;
++
++ for (i = 0; i < IOMMU_TABLE_GROUP_MAX_TABLES; ++i) {
++ struct iommu_table *tbl = table_group->tables[i];
++
++ if (!tbl)
++ continue;
++
++ tce_iommu_clear(container, tbl, tbl->it_offset, tbl->it_size);
++ if (tbl->it_map)
++ iommu_release_ownership(tbl);
++ }
+}
-+#endif
-+
- static void pnv_ioda2_tce_free(struct iommu_table *tbl, long index,
- long npages)
- {
-@@ -1811,6 +1842,9 @@ static void pnv_ioda2_tce_free(struct iommu_table *tbl, long index,
-
- static struct iommu_table_ops pnv_ioda2_iommu_ops = {
- .set = pnv_ioda2_tce_build,
-+#ifdef CONFIG_IOMMU_API
-+ .exchange = pnv_ioda2_tce_xchg,
-+#endif
- .clear = pnv_ioda2_tce_free,
- .get = pnv_tce_get,
- };
-diff --git a/arch/powerpc/platforms/powernv/pci-p5ioc2.c b/arch/powerpc/platforms/powernv/pci-p5ioc2.c
-index a073af0..7a6fd92 100644
---- a/arch/powerpc/platforms/powernv/pci-p5ioc2.c
-+++ b/arch/powerpc/platforms/powernv/pci-p5ioc2.c
-@@ -85,6 +85,9 @@ static void pnv_pci_init_p5ioc2_msis(struct pnv_phb *phb) { }
-
- static struct iommu_table_ops pnv_p5ioc2_iommu_ops = {
- .set = pnv_tce_build,
-+#ifdef CONFIG_IOMMU_API
-+ .exchange = pnv_tce_xchg,
-+#endif
- .clear = pnv_tce_free,
- .get = pnv_tce_get,
- };
-diff --git a/arch/powerpc/platforms/powernv/pci.c b/arch/powerpc/platforms/powernv/pci.c
-index ba75aa5..e8802ac 100644
---- a/arch/powerpc/platforms/powernv/pci.c
-+++ b/arch/powerpc/platforms/powernv/pci.c
-@@ -598,6 +598,23 @@ int pnv_tce_build(struct iommu_table *tbl, long index, long npages,
- return 0;
- }
-
-+#ifdef CONFIG_IOMMU_API
-+int pnv_tce_xchg(struct iommu_table *tbl, long index,
-+ unsigned long *tce, enum dma_data_direction *direction)
++
++static int tce_iommu_take_ownership(struct tce_container *container,
++ struct iommu_table_group *table_group)
+{
-+ u64 proto_tce = iommu_direction_to_tce_perm(*direction);
-+ unsigned long newtce = *tce | proto_tce;
-+ unsigned long idx = index - tbl->it_offset;
-+
-+ *tce = xchg(pnv_tce(tbl, idx), cpu_to_be64(newtce));
-+ *tce = be64_to_cpu(*tce);
-+ *direction = iommu_tce_direction(*tce);
-+ *tce &= ~(TCE_PCI_READ | TCE_PCI_WRITE);
++ int i, j, rc = 0;
++
++ for (i = 0; i < IOMMU_TABLE_GROUP_MAX_TABLES; ++i) {
++ struct iommu_table *tbl = table_group->tables[i];
++
++ if (!tbl || !tbl->it_map)
++ continue;
++
++ rc = iommu_take_ownership(tbl);
++ if (rc) {
++ for (j = 0; j < i; ++j)
++ iommu_release_ownership(
++ table_group->tables[j]);
++
++ return rc;
++ }
++ }
+
+ return 0;
+}
-+#endif
-+
- void pnv_tce_free(struct iommu_table *tbl, long index, long npages)
++
+ static int tce_iommu_attach_group(void *iommu_data,
+ struct iommu_group *iommu_group)
{
- long i;
-diff --git a/arch/powerpc/platforms/powernv/pci.h b/arch/powerpc/platforms/powernv/pci.h
-index bd83d85..b15cce5 100644
---- a/arch/powerpc/platforms/powernv/pci.h
-+++ b/arch/powerpc/platforms/powernv/pci.h
-@@ -205,6 +205,8 @@ extern int pnv_tce_build(struct iommu_table *tbl, long index, long npages,
- unsigned long uaddr, enum dma_data_direction direction,
- struct dma_attrs *attrs);
- extern void pnv_tce_free(struct iommu_table *tbl, long index, long npages);
-+extern int pnv_tce_xchg(struct iommu_table *tbl, long index,
-+ unsigned long *tce, enum dma_data_direction *direction);
- extern unsigned long pnv_tce_get(struct iommu_table *tbl, long index);
-
- void pnv_pci_dump_phb_diag_data(struct pci_controller *hose,
-diff --git a/drivers/vfio/vfio_iommu_spapr_tce.c b/drivers/vfio/vfio_iommu_spapr_tce.c
-index dacc738..2d51bbf 100644
---- a/drivers/vfio/vfio_iommu_spapr_tce.c
-+++ b/drivers/vfio/vfio_iommu_spapr_tce.c
-@@ -239,14 +239,7 @@ static void tce_iommu_unuse_page(struct tce_container *container,
+@@ -518,9 +559,23 @@ static int tce_iommu_attach_group(void *iommu_data,
+ goto unlock_exit;
+ }
+
+- ret = iommu_take_ownership(table_group->tables[0]);
+- if (!ret)
+- container->grp = iommu_group;
++ if (!table_group->ops || !table_group->ops->take_ownership ||
++ !table_group->ops->release_ownership) {
++ ret = tce_iommu_take_ownership(container, table_group);
++ } else {
++ /*
++ * Disable iommu bypass, otherwise the user can DMA to all of
++ * our physical memory via the bypass window instead of just
++ * the pages that has been explicitly mapped into the iommu
++ */
++ table_group->ops->take_ownership(table_group);
++ ret = 0;
++ }
++
++ if (ret)
++ goto unlock_exit;
++
++ container->grp = iommu_group;
+
+ unlock_exit:
+ mutex_unlock(&container->lock);
+@@ -533,7 +588,6 @@ static void tce_iommu_detach_group(void *iommu_data,
{
- struct page *page;
-
-- if (!(oldtce & (TCE_PCI_READ | TCE_PCI_WRITE)))
-- return;
--
- page = pfn_to_page(oldtce >> PAGE_SHIFT);
--
-- if (oldtce & TCE_PCI_WRITE)
-- SetPageDirty(page);
--
- put_page(page);
- }
-
-@@ -255,10 +248,17 @@ static int tce_iommu_clear(struct tce_container *container,
- unsigned long entry, unsigned long pages)
- {
- unsigned long oldtce;
-+ long ret;
-+ enum dma_data_direction direction;
-
- for ( ; pages; --pages, ++entry) {
-- oldtce = iommu_clear_tce(tbl, entry);
-- if (!oldtce)
-+ direction = DMA_NONE;
-+ oldtce = 0;
-+ ret = iommu_tce_xchg(tbl, entry, &oldtce, &direction);
-+ if (ret)
-+ continue;
-+
-+ if (direction == DMA_NONE)
- continue;
-
- tce_iommu_unuse_page(container, oldtce);
-@@ -283,12 +283,13 @@ static int tce_iommu_use_page(unsigned long tce, unsigned long *hpa)
-
- static long tce_iommu_build(struct tce_container *container,
- struct iommu_table *tbl,
-- unsigned long entry, unsigned long tce, unsigned long pages)
-+ unsigned long entry, unsigned long tce, unsigned long pages,
-+ enum dma_data_direction direction)
- {
- long i, ret = 0;
- struct page *page;
- unsigned long hpa;
-- enum dma_data_direction direction = iommu_tce_direction(tce);
-+ enum dma_data_direction dirtmp;
-
- for (i = 0; i < pages; ++i) {
- unsigned long offset = tce & IOMMU_PAGE_MASK(tbl) & ~PAGE_MASK;
-@@ -304,8 +305,8 @@ static long tce_iommu_build(struct tce_container *container,
- }
-
- hpa |= offset;
-- ret = iommu_tce_build(tbl, entry + i, (unsigned long) __va(hpa),
-- direction);
-+ dirtmp = direction;
-+ ret = iommu_tce_xchg(tbl, entry + i, &hpa, &dirtmp);
- if (ret) {
- tce_iommu_unuse_page(container, hpa);
- pr_err("iommu_tce: %s failed ioba=%lx, tce=%lx, ret=%ld\n",
-@@ -313,6 +314,10 @@ static long tce_iommu_build(struct tce_container *container,
- tce, ret);
- break;
- }
-+
-+ if (dirtmp != DMA_NONE)
-+ tce_iommu_unuse_page(container, hpa);
-+
- tce += IOMMU_PAGE_SIZE(tbl);
- }
-
-@@ -377,7 +382,7 @@ static long tce_iommu_ioctl(void *iommu_data,
- case VFIO_IOMMU_MAP_DMA: {
- struct vfio_iommu_type1_dma_map param;
- struct iommu_table *tbl;
-- unsigned long tce;
-+ enum dma_data_direction direction;
-
- if (!container->enabled)
- return -EPERM;
-@@ -398,24 +403,33 @@ static long tce_iommu_ioctl(void *iommu_data,
- if (!tbl)
- return -ENXIO;
-
-- if ((param.size & ~IOMMU_PAGE_MASK(tbl)) ||
-- (param.vaddr & ~IOMMU_PAGE_MASK(tbl)))
-+ if (param.size & ~IOMMU_PAGE_MASK(tbl))
-+ return -EINVAL;
-+
-+ if (param.vaddr & (TCE_PCI_READ | TCE_PCI_WRITE))
- return -EINVAL;
-
- /* iova is checked by the IOMMU API */
-- tce = param.vaddr;
- if (param.flags & VFIO_DMA_MAP_FLAG_READ)
-- tce |= TCE_PCI_READ;
-- if (param.flags & VFIO_DMA_MAP_FLAG_WRITE)
-- tce |= TCE_PCI_WRITE;
-+ if (param.flags & VFIO_DMA_MAP_FLAG_WRITE)
-+ direction = DMA_BIDIRECTIONAL;
-+ else
-+ direction = DMA_TO_DEVICE;
-+ else
-+ if (param.flags & VFIO_DMA_MAP_FLAG_WRITE)
-+ direction = DMA_FROM_DEVICE;
-+ else
-+ return -EINVAL;
-
-- ret = iommu_tce_put_param_check(tbl, param.iova, tce);
-+ ret = iommu_tce_put_param_check(tbl, param.iova, param.vaddr);
- if (ret)
- return ret;
-
- ret = tce_iommu_build(container, tbl,
- param.iova >> tbl->it_page_shift,
-- tce, param.size >> tbl->it_page_shift);
-+ param.vaddr,
-+ param.size >> tbl->it_page_shift,
-+ direction);
-
- iommu_flush_tce(tbl);
-
+ struct tce_container *container = iommu_data;
+ struct iommu_table_group *table_group;
+- struct iommu_table *tbl;
+
+ mutex_lock(&container->lock);
+ if (iommu_group != container->grp) {
+@@ -556,9 +610,11 @@ static void tce_iommu_detach_group(void *iommu_data,
+ table_group = iommu_group_get_iommudata(iommu_group);
+ BUG_ON(!table_group);
+
+- tbl = table_group->tables[0];
+- tce_iommu_clear(container, tbl, tbl->it_offset, tbl->it_size);
+- iommu_release_ownership(tbl);
++ /* Kernel owns the device now, we can restore bypass */
++ if (!table_group->ops || !table_group->ops->release_ownership)
++ tce_iommu_release_ownership(container, table_group);
++ else
++ table_group->ops->release_ownership(table_group);
+
+ unlock_exit:
+ mutex_unlock(&container->lock);
--
-2.0.0
+2.4.0.rc3.8.gfb3e7d5