1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3  * IOMMU API for QCOM secure IOMMUs.  Somewhat based on arm-smmu.c
4  *
5  * Copyright (C) 2013 ARM Limited
6  * Copyright (C) 2017 Red Hat
7  */
8 
9 #include <linux/atomic.h>
10 #include <linux/bitfield.h>
11 #include <linux/clk.h>
12 #include <linux/delay.h>
13 #include <linux/dma-mapping.h>
14 #include <linux/err.h>
15 #include <linux/interrupt.h>
16 #include <linux/io.h>
17 #include <linux/io-64-nonatomic-hi-lo.h>
18 #include <linux/io-pgtable.h>
19 #include <linux/iommu.h>
20 #include <linux/iopoll.h>
21 #include <linux/kconfig.h>
22 #include <linux/init.h>
23 #include <linux/mutex.h>
24 #include <linux/of.h>
25 #include <linux/of_platform.h>
26 #include <linux/platform_device.h>
27 #include <linux/pm.h>
28 #include <linux/pm_runtime.h>
29 #include <linux/firmware/qcom/qcom_scm.h>
30 #include <linux/slab.h>
31 #include <linux/spinlock.h>
32 
33 #include "arm-smmu.h"
34 
35 #define SMMU_INTR_SEL_NS     0x2000
36 
37 enum qcom_iommu_clk {
38 	CLK_IFACE,
39 	CLK_BUS,
40 	CLK_TBU,
41 	CLK_NUM,
42 };
43 
44 struct qcom_iommu_ctx;
45 
46 struct qcom_iommu_dev {
47 	/* IOMMU core code handle */
48 	struct iommu_device	 iommu;
49 	struct device		*dev;
50 	struct clk_bulk_data clks[CLK_NUM];
51 	void __iomem		*local_base;
52 	u32			 sec_id;
53 	u8			 max_asid;
54 	struct qcom_iommu_ctx	*ctxs[];   /* indexed by asid */
55 };
56 
57 struct qcom_iommu_ctx {
58 	struct device		*dev;
59 	void __iomem		*base;
60 	bool			 secure_init;
61 	bool			 secured_ctx;
62 	u8			 asid;      /* asid and ctx bank # are 1:1 */
63 	struct iommu_domain	*domain;
64 };
65 
66 struct qcom_iommu_domain {
67 	struct io_pgtable_ops	*pgtbl_ops;
68 	spinlock_t		 pgtbl_lock;
69 	struct mutex		 init_mutex; /* Protects iommu pointer */
70 	struct iommu_domain	 domain;
71 	struct qcom_iommu_dev	*iommu;
72 	struct iommu_fwspec	*fwspec;
73 };
74 
to_qcom_iommu_domain(struct iommu_domain * dom)75 static struct qcom_iommu_domain *to_qcom_iommu_domain(struct iommu_domain *dom)
76 {
77 	return container_of(dom, struct qcom_iommu_domain, domain);
78 }
79 
80 static const struct iommu_ops qcom_iommu_ops;
81 
to_ctx(struct qcom_iommu_domain * d,unsigned asid)82 static struct qcom_iommu_ctx * to_ctx(struct qcom_iommu_domain *d, unsigned asid)
83 {
84 	struct qcom_iommu_dev *qcom_iommu = d->iommu;
85 	if (!qcom_iommu)
86 		return NULL;
87 	return qcom_iommu->ctxs[asid];
88 }
89 
90 static inline void
iommu_writel(struct qcom_iommu_ctx * ctx,unsigned reg,u32 val)91 iommu_writel(struct qcom_iommu_ctx *ctx, unsigned reg, u32 val)
92 {
93 	writel_relaxed(val, ctx->base + reg);
94 }
95 
96 static inline void
iommu_writeq(struct qcom_iommu_ctx * ctx,unsigned reg,u64 val)97 iommu_writeq(struct qcom_iommu_ctx *ctx, unsigned reg, u64 val)
98 {
99 	writeq_relaxed(val, ctx->base + reg);
100 }
101 
102 static inline u32
iommu_readl(struct qcom_iommu_ctx * ctx,unsigned reg)103 iommu_readl(struct qcom_iommu_ctx *ctx, unsigned reg)
104 {
105 	return readl_relaxed(ctx->base + reg);
106 }
107 
108 static inline u64
iommu_readq(struct qcom_iommu_ctx * ctx,unsigned reg)109 iommu_readq(struct qcom_iommu_ctx *ctx, unsigned reg)
110 {
111 	return readq_relaxed(ctx->base + reg);
112 }
113 
qcom_iommu_tlb_sync(void * cookie)114 static void qcom_iommu_tlb_sync(void *cookie)
115 {
116 	struct qcom_iommu_domain *qcom_domain = cookie;
117 	struct iommu_fwspec *fwspec = qcom_domain->fwspec;
118 	unsigned i;
119 
120 	for (i = 0; i < fwspec->num_ids; i++) {
121 		struct qcom_iommu_ctx *ctx = to_ctx(qcom_domain, fwspec->ids[i]);
122 		unsigned int val, ret;
123 
124 		iommu_writel(ctx, ARM_SMMU_CB_TLBSYNC, 0);
125 
126 		ret = readl_poll_timeout(ctx->base + ARM_SMMU_CB_TLBSTATUS, val,
127 					 (val & 0x1) == 0, 0, 5000000);
128 		if (ret)
129 			dev_err(ctx->dev, "timeout waiting for TLB SYNC\n");
130 	}
131 }
132 
qcom_iommu_tlb_inv_context(void * cookie)133 static void qcom_iommu_tlb_inv_context(void *cookie)
134 {
135 	struct qcom_iommu_domain *qcom_domain = cookie;
136 	struct iommu_fwspec *fwspec = qcom_domain->fwspec;
137 	unsigned i;
138 
139 	for (i = 0; i < fwspec->num_ids; i++) {
140 		struct qcom_iommu_ctx *ctx = to_ctx(qcom_domain, fwspec->ids[i]);
141 		iommu_writel(ctx, ARM_SMMU_CB_S1_TLBIASID, ctx->asid);
142 	}
143 
144 	qcom_iommu_tlb_sync(cookie);
145 }
146 
qcom_iommu_tlb_inv_range_nosync(unsigned long iova,size_t size,size_t granule,bool leaf,void * cookie)147 static void qcom_iommu_tlb_inv_range_nosync(unsigned long iova, size_t size,
148 					    size_t granule, bool leaf, void *cookie)
149 {
150 	struct qcom_iommu_domain *qcom_domain = cookie;
151 	struct iommu_fwspec *fwspec = qcom_domain->fwspec;
152 	unsigned i, reg;
153 
154 	reg = leaf ? ARM_SMMU_CB_S1_TLBIVAL : ARM_SMMU_CB_S1_TLBIVA;
155 
156 	for (i = 0; i < fwspec->num_ids; i++) {
157 		struct qcom_iommu_ctx *ctx = to_ctx(qcom_domain, fwspec->ids[i]);
158 		size_t s = size;
159 
160 		iova = (iova >> 12) << 12;
161 		iova |= ctx->asid;
162 		do {
163 			iommu_writel(ctx, reg, iova);
164 			iova += granule;
165 		} while (s -= granule);
166 	}
167 }
168 
qcom_iommu_tlb_flush_walk(unsigned long iova,size_t size,size_t granule,void * cookie)169 static void qcom_iommu_tlb_flush_walk(unsigned long iova, size_t size,
170 				      size_t granule, void *cookie)
171 {
172 	qcom_iommu_tlb_inv_range_nosync(iova, size, granule, false, cookie);
173 	qcom_iommu_tlb_sync(cookie);
174 }
175 
qcom_iommu_tlb_add_page(struct iommu_iotlb_gather * gather,unsigned long iova,size_t granule,void * cookie)176 static void qcom_iommu_tlb_add_page(struct iommu_iotlb_gather *gather,
177 				    unsigned long iova, size_t granule,
178 				    void *cookie)
179 {
180 	qcom_iommu_tlb_inv_range_nosync(iova, granule, granule, true, cookie);
181 }
182 
183 static const struct iommu_flush_ops qcom_flush_ops = {
184 	.tlb_flush_all	= qcom_iommu_tlb_inv_context,
185 	.tlb_flush_walk = qcom_iommu_tlb_flush_walk,
186 	.tlb_add_page	= qcom_iommu_tlb_add_page,
187 };
188 
qcom_iommu_fault(int irq,void * dev)189 static irqreturn_t qcom_iommu_fault(int irq, void *dev)
190 {
191 	struct qcom_iommu_ctx *ctx = dev;
192 	u32 fsr, fsynr;
193 	u64 iova;
194 
195 	fsr = iommu_readl(ctx, ARM_SMMU_CB_FSR);
196 
197 	if (!(fsr & ARM_SMMU_CB_FSR_FAULT))
198 		return IRQ_NONE;
199 
200 	fsynr = iommu_readl(ctx, ARM_SMMU_CB_FSYNR0);
201 	iova = iommu_readq(ctx, ARM_SMMU_CB_FAR);
202 
203 	if (!report_iommu_fault(ctx->domain, ctx->dev, iova, 0)) {
204 		dev_err_ratelimited(ctx->dev,
205 				    "Unhandled context fault: fsr=0x%x, "
206 				    "iova=0x%016llx, fsynr=0x%x, cb=%d\n",
207 				    fsr, iova, fsynr, ctx->asid);
208 	}
209 
210 	iommu_writel(ctx, ARM_SMMU_CB_FSR, fsr);
211 	iommu_writel(ctx, ARM_SMMU_CB_RESUME, ARM_SMMU_RESUME_TERMINATE);
212 
213 	return IRQ_HANDLED;
214 }
215 
qcom_iommu_init_domain(struct iommu_domain * domain,struct qcom_iommu_dev * qcom_iommu,struct device * dev)216 static int qcom_iommu_init_domain(struct iommu_domain *domain,
217 				  struct qcom_iommu_dev *qcom_iommu,
218 				  struct device *dev)
219 {
220 	struct qcom_iommu_domain *qcom_domain = to_qcom_iommu_domain(domain);
221 	struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
222 	struct io_pgtable_ops *pgtbl_ops;
223 	struct io_pgtable_cfg pgtbl_cfg;
224 	int i, ret = 0;
225 	u32 reg;
226 
227 	mutex_lock(&qcom_domain->init_mutex);
228 	if (qcom_domain->iommu)
229 		goto out_unlock;
230 
231 	pgtbl_cfg = (struct io_pgtable_cfg) {
232 		.pgsize_bitmap	= qcom_iommu_ops.pgsize_bitmap,
233 		.ias		= 32,
234 		.oas		= 40,
235 		.tlb		= &qcom_flush_ops,
236 		.iommu_dev	= qcom_iommu->dev,
237 	};
238 
239 	qcom_domain->iommu = qcom_iommu;
240 	qcom_domain->fwspec = fwspec;
241 
242 	pgtbl_ops = alloc_io_pgtable_ops(ARM_32_LPAE_S1, &pgtbl_cfg, qcom_domain);
243 	if (!pgtbl_ops) {
244 		dev_err(qcom_iommu->dev, "failed to allocate pagetable ops\n");
245 		ret = -ENOMEM;
246 		goto out_clear_iommu;
247 	}
248 
249 	/* Update the domain's page sizes to reflect the page table format */
250 	domain->pgsize_bitmap = pgtbl_cfg.pgsize_bitmap;
251 	domain->geometry.aperture_end = (1ULL << pgtbl_cfg.ias) - 1;
252 	domain->geometry.force_aperture = true;
253 
254 	for (i = 0; i < fwspec->num_ids; i++) {
255 		struct qcom_iommu_ctx *ctx = to_ctx(qcom_domain, fwspec->ids[i]);
256 
257 		if (!ctx->secure_init) {
258 			ret = qcom_scm_restore_sec_cfg(qcom_iommu->sec_id, ctx->asid);
259 			if (ret) {
260 				dev_err(qcom_iommu->dev, "secure init failed: %d\n", ret);
261 				goto out_clear_iommu;
262 			}
263 			ctx->secure_init = true;
264 		}
265 
266 		/* Secured QSMMU-500/QSMMU-v2 contexts cannot be programmed */
267 		if (ctx->secured_ctx) {
268 			ctx->domain = domain;
269 			continue;
270 		}
271 
272 		/* Disable context bank before programming */
273 		iommu_writel(ctx, ARM_SMMU_CB_SCTLR, 0);
274 
275 		/* Clear context bank fault address fault status registers */
276 		iommu_writel(ctx, ARM_SMMU_CB_FAR, 0);
277 		iommu_writel(ctx, ARM_SMMU_CB_FSR, ARM_SMMU_CB_FSR_FAULT);
278 
279 		/* TTBRs */
280 		iommu_writeq(ctx, ARM_SMMU_CB_TTBR0,
281 				pgtbl_cfg.arm_lpae_s1_cfg.ttbr |
282 				FIELD_PREP(ARM_SMMU_TTBRn_ASID, ctx->asid));
283 		iommu_writeq(ctx, ARM_SMMU_CB_TTBR1, 0);
284 
285 		/* TCR */
286 		iommu_writel(ctx, ARM_SMMU_CB_TCR2,
287 				arm_smmu_lpae_tcr2(&pgtbl_cfg));
288 		iommu_writel(ctx, ARM_SMMU_CB_TCR,
289 			     arm_smmu_lpae_tcr(&pgtbl_cfg) | ARM_SMMU_TCR_EAE);
290 
291 		/* MAIRs (stage-1 only) */
292 		iommu_writel(ctx, ARM_SMMU_CB_S1_MAIR0,
293 				pgtbl_cfg.arm_lpae_s1_cfg.mair);
294 		iommu_writel(ctx, ARM_SMMU_CB_S1_MAIR1,
295 				pgtbl_cfg.arm_lpae_s1_cfg.mair >> 32);
296 
297 		/* SCTLR */
298 		reg = ARM_SMMU_SCTLR_CFIE | ARM_SMMU_SCTLR_CFRE |
299 		      ARM_SMMU_SCTLR_AFE | ARM_SMMU_SCTLR_TRE |
300 		      ARM_SMMU_SCTLR_M | ARM_SMMU_SCTLR_S1_ASIDPNE |
301 		      ARM_SMMU_SCTLR_CFCFG;
302 
303 		if (IS_ENABLED(CONFIG_CPU_BIG_ENDIAN))
304 			reg |= ARM_SMMU_SCTLR_E;
305 
306 		iommu_writel(ctx, ARM_SMMU_CB_SCTLR, reg);
307 
308 		ctx->domain = domain;
309 	}
310 
311 	mutex_unlock(&qcom_domain->init_mutex);
312 
313 	/* Publish page table ops for map/unmap */
314 	qcom_domain->pgtbl_ops = pgtbl_ops;
315 
316 	return 0;
317 
318 out_clear_iommu:
319 	qcom_domain->iommu = NULL;
320 out_unlock:
321 	mutex_unlock(&qcom_domain->init_mutex);
322 	return ret;
323 }
324 
qcom_iommu_domain_alloc_paging(struct device * dev)325 static struct iommu_domain *qcom_iommu_domain_alloc_paging(struct device *dev)
326 {
327 	struct qcom_iommu_domain *qcom_domain;
328 
329 	/*
330 	 * Allocate the domain and initialise some of its data structures.
331 	 * We can't really do anything meaningful until we've added a
332 	 * master.
333 	 */
334 	qcom_domain = kzalloc(sizeof(*qcom_domain), GFP_KERNEL);
335 	if (!qcom_domain)
336 		return NULL;
337 
338 	mutex_init(&qcom_domain->init_mutex);
339 	spin_lock_init(&qcom_domain->pgtbl_lock);
340 
341 	return &qcom_domain->domain;
342 }
343 
qcom_iommu_domain_free(struct iommu_domain * domain)344 static void qcom_iommu_domain_free(struct iommu_domain *domain)
345 {
346 	struct qcom_iommu_domain *qcom_domain = to_qcom_iommu_domain(domain);
347 
348 	if (qcom_domain->iommu) {
349 		/*
350 		 * NOTE: unmap can be called after client device is powered
351 		 * off, for example, with GPUs or anything involving dma-buf.
352 		 * So we cannot rely on the device_link.  Make sure the IOMMU
353 		 * is on to avoid unclocked accesses in the TLB inv path:
354 		 */
355 		pm_runtime_get_sync(qcom_domain->iommu->dev);
356 		free_io_pgtable_ops(qcom_domain->pgtbl_ops);
357 		pm_runtime_put_sync(qcom_domain->iommu->dev);
358 	}
359 
360 	kfree(qcom_domain);
361 }
362 
qcom_iommu_attach_dev(struct iommu_domain * domain,struct device * dev)363 static int qcom_iommu_attach_dev(struct iommu_domain *domain, struct device *dev)
364 {
365 	struct qcom_iommu_dev *qcom_iommu = dev_iommu_priv_get(dev);
366 	struct qcom_iommu_domain *qcom_domain = to_qcom_iommu_domain(domain);
367 	int ret;
368 
369 	if (!qcom_iommu) {
370 		dev_err(dev, "cannot attach to IOMMU, is it on the same bus?\n");
371 		return -ENXIO;
372 	}
373 
374 	/* Ensure that the domain is finalized */
375 	pm_runtime_get_sync(qcom_iommu->dev);
376 	ret = qcom_iommu_init_domain(domain, qcom_iommu, dev);
377 	pm_runtime_put_sync(qcom_iommu->dev);
378 	if (ret < 0)
379 		return ret;
380 
381 	/*
382 	 * Sanity check the domain. We don't support domains across
383 	 * different IOMMUs.
384 	 */
385 	if (qcom_domain->iommu != qcom_iommu)
386 		return -EINVAL;
387 
388 	return 0;
389 }
390 
qcom_iommu_identity_attach(struct iommu_domain * identity_domain,struct device * dev)391 static int qcom_iommu_identity_attach(struct iommu_domain *identity_domain,
392 				      struct device *dev)
393 {
394 	struct iommu_domain *domain = iommu_get_domain_for_dev(dev);
395 	struct qcom_iommu_domain *qcom_domain;
396 	struct iommu_fwspec *fwspec = dev_iommu_fwspec_get(dev);
397 	struct qcom_iommu_dev *qcom_iommu = dev_iommu_priv_get(dev);
398 	unsigned int i;
399 
400 	if (domain == identity_domain || !domain)
401 		return 0;
402 
403 	qcom_domain = to_qcom_iommu_domain(domain);
404 	if (WARN_ON(!qcom_domain->iommu))
405 		return -EINVAL;
406 
407 	pm_runtime_get_sync(qcom_iommu->dev);
408 	for (i = 0; i < fwspec->num_ids; i++) {
409 		struct qcom_iommu_ctx *ctx = to_ctx(qcom_domain, fwspec->ids[i]);
410 
411 		/* Disable the context bank: */
412 		iommu_writel(ctx, ARM_SMMU_CB_SCTLR, 0);
413 
414 		ctx->domain = NULL;
415 	}
416 	pm_runtime_put_sync(qcom_iommu->dev);
417 	return 0;
418 }
419 
420 static struct iommu_domain_ops qcom_iommu_identity_ops = {
421 	.attach_dev = qcom_iommu_identity_attach,
422 };
423 
424 static struct iommu_domain qcom_iommu_identity_domain = {
425 	.type = IOMMU_DOMAIN_IDENTITY,
426 	.ops = &qcom_iommu_identity_ops,
427 };
428 
qcom_iommu_map(struct iommu_domain * domain,unsigned long iova,phys_addr_t paddr,size_t pgsize,size_t pgcount,int prot,gfp_t gfp,size_t * mapped)429 static int qcom_iommu_map(struct iommu_domain *domain, unsigned long iova,
430 			  phys_addr_t paddr, size_t pgsize, size_t pgcount,
431 			  int prot, gfp_t gfp, size_t *mapped)
432 {
433 	int ret;
434 	unsigned long flags;
435 	struct qcom_iommu_domain *qcom_domain = to_qcom_iommu_domain(domain);
436 	struct io_pgtable_ops *ops = qcom_domain->pgtbl_ops;
437 
438 	if (!ops)
439 		return -ENODEV;
440 
441 	spin_lock_irqsave(&qcom_domain->pgtbl_lock, flags);
442 	ret = ops->map_pages(ops, iova, paddr, pgsize, pgcount, prot, GFP_ATOMIC, mapped);
443 	spin_unlock_irqrestore(&qcom_domain->pgtbl_lock, flags);
444 	return ret;
445 }
446 
qcom_iommu_unmap(struct iommu_domain * domain,unsigned long iova,size_t pgsize,size_t pgcount,struct iommu_iotlb_gather * gather)447 static size_t qcom_iommu_unmap(struct iommu_domain *domain, unsigned long iova,
448 			       size_t pgsize, size_t pgcount,
449 			       struct iommu_iotlb_gather *gather)
450 {
451 	size_t ret;
452 	unsigned long flags;
453 	struct qcom_iommu_domain *qcom_domain = to_qcom_iommu_domain(domain);
454 	struct io_pgtable_ops *ops = qcom_domain->pgtbl_ops;
455 
456 	if (!ops)
457 		return 0;
458 
459 	/* NOTE: unmap can be called after client device is powered off,
460 	 * for example, with GPUs or anything involving dma-buf.  So we
461 	 * cannot rely on the device_link.  Make sure the IOMMU is on to
462 	 * avoid unclocked accesses in the TLB inv path:
463 	 */
464 	pm_runtime_get_sync(qcom_domain->iommu->dev);
465 	spin_lock_irqsave(&qcom_domain->pgtbl_lock, flags);
466 	ret = ops->unmap_pages(ops, iova, pgsize, pgcount, gather);
467 	spin_unlock_irqrestore(&qcom_domain->pgtbl_lock, flags);
468 	pm_runtime_put_sync(qcom_domain->iommu->dev);
469 
470 	return ret;
471 }
472 
qcom_iommu_flush_iotlb_all(struct iommu_domain * domain)473 static void qcom_iommu_flush_iotlb_all(struct iommu_domain *domain)
474 {
475 	struct qcom_iommu_domain *qcom_domain = to_qcom_iommu_domain(domain);
476 	struct io_pgtable *pgtable = container_of(qcom_domain->pgtbl_ops,
477 						  struct io_pgtable, ops);
478 	if (!qcom_domain->pgtbl_ops)
479 		return;
480 
481 	pm_runtime_get_sync(qcom_domain->iommu->dev);
482 	qcom_iommu_tlb_sync(pgtable->cookie);
483 	pm_runtime_put_sync(qcom_domain->iommu->dev);
484 }
485 
qcom_iommu_iotlb_sync(struct iommu_domain * domain,struct iommu_iotlb_gather * gather)486 static void qcom_iommu_iotlb_sync(struct iommu_domain *domain,
487 				  struct iommu_iotlb_gather *gather)
488 {
489 	qcom_iommu_flush_iotlb_all(domain);
490 }
491 
qcom_iommu_iova_to_phys(struct iommu_domain * domain,dma_addr_t iova)492 static phys_addr_t qcom_iommu_iova_to_phys(struct iommu_domain *domain,
493 					   dma_addr_t iova)
494 {
495 	phys_addr_t ret;
496 	unsigned long flags;
497 	struct qcom_iommu_domain *qcom_domain = to_qcom_iommu_domain(domain);
498 	struct io_pgtable_ops *ops = qcom_domain->pgtbl_ops;
499 
500 	if (!ops)
501 		return 0;
502 
503 	spin_lock_irqsave(&qcom_domain->pgtbl_lock, flags);
504 	ret = ops->iova_to_phys(ops, iova);
505 	spin_unlock_irqrestore(&qcom_domain->pgtbl_lock, flags);
506 
507 	return ret;
508 }
509 
qcom_iommu_capable(struct device * dev,enum iommu_cap cap)510 static bool qcom_iommu_capable(struct device *dev, enum iommu_cap cap)
511 {
512 	switch (cap) {
513 	case IOMMU_CAP_CACHE_COHERENCY:
514 		/*
515 		 * Return true here as the SMMU can always send out coherent
516 		 * requests.
517 		 */
518 		return true;
519 	case IOMMU_CAP_NOEXEC:
520 		return true;
521 	default:
522 		return false;
523 	}
524 }
525 
qcom_iommu_probe_device(struct device * dev)526 static struct iommu_device *qcom_iommu_probe_device(struct device *dev)
527 {
528 	struct qcom_iommu_dev *qcom_iommu = dev_iommu_priv_get(dev);
529 	struct device_link *link;
530 
531 	if (!qcom_iommu)
532 		return ERR_PTR(-ENODEV);
533 
534 	/*
535 	 * Establish the link between iommu and master, so that the
536 	 * iommu gets runtime enabled/disabled as per the master's
537 	 * needs.
538 	 */
539 	link = device_link_add(dev, qcom_iommu->dev, DL_FLAG_PM_RUNTIME);
540 	if (!link) {
541 		dev_err(qcom_iommu->dev, "Unable to create device link between %s and %s\n",
542 			dev_name(qcom_iommu->dev), dev_name(dev));
543 		return ERR_PTR(-ENODEV);
544 	}
545 
546 	return &qcom_iommu->iommu;
547 }
548 
qcom_iommu_of_xlate(struct device * dev,const struct of_phandle_args * args)549 static int qcom_iommu_of_xlate(struct device *dev,
550 			       const struct of_phandle_args *args)
551 {
552 	struct qcom_iommu_dev *qcom_iommu;
553 	struct platform_device *iommu_pdev;
554 	unsigned asid = args->args[0];
555 
556 	if (args->args_count != 1) {
557 		dev_err(dev, "incorrect number of iommu params found for %s "
558 			"(found %d, expected 1)\n",
559 			args->np->full_name, args->args_count);
560 		return -EINVAL;
561 	}
562 
563 	iommu_pdev = of_find_device_by_node(args->np);
564 	if (WARN_ON(!iommu_pdev))
565 		return -EINVAL;
566 
567 	qcom_iommu = platform_get_drvdata(iommu_pdev);
568 
569 	/* make sure the asid specified in dt is valid, so we don't have
570 	 * to sanity check this elsewhere:
571 	 */
572 	if (WARN_ON(asid > qcom_iommu->max_asid) ||
573 	    WARN_ON(qcom_iommu->ctxs[asid] == NULL)) {
574 		put_device(&iommu_pdev->dev);
575 		return -EINVAL;
576 	}
577 
578 	if (!dev_iommu_priv_get(dev)) {
579 		dev_iommu_priv_set(dev, qcom_iommu);
580 	} else {
581 		/* make sure devices iommus dt node isn't referring to
582 		 * multiple different iommu devices.  Multiple context
583 		 * banks are ok, but multiple devices are not:
584 		 */
585 		if (WARN_ON(qcom_iommu != dev_iommu_priv_get(dev))) {
586 			put_device(&iommu_pdev->dev);
587 			return -EINVAL;
588 		}
589 	}
590 
591 	return iommu_fwspec_add_ids(dev, &asid, 1);
592 }
593 
594 static const struct iommu_ops qcom_iommu_ops = {
595 	.identity_domain = &qcom_iommu_identity_domain,
596 	.capable	= qcom_iommu_capable,
597 	.domain_alloc_paging = qcom_iommu_domain_alloc_paging,
598 	.probe_device	= qcom_iommu_probe_device,
599 	.device_group	= generic_device_group,
600 	.of_xlate	= qcom_iommu_of_xlate,
601 	.pgsize_bitmap	= SZ_4K | SZ_64K | SZ_1M | SZ_16M,
602 	.default_domain_ops = &(const struct iommu_domain_ops) {
603 		.attach_dev	= qcom_iommu_attach_dev,
604 		.map_pages	= qcom_iommu_map,
605 		.unmap_pages	= qcom_iommu_unmap,
606 		.flush_iotlb_all = qcom_iommu_flush_iotlb_all,
607 		.iotlb_sync	= qcom_iommu_iotlb_sync,
608 		.iova_to_phys	= qcom_iommu_iova_to_phys,
609 		.free		= qcom_iommu_domain_free,
610 	}
611 };
612 
qcom_iommu_sec_ptbl_init(struct device * dev)613 static int qcom_iommu_sec_ptbl_init(struct device *dev)
614 {
615 	size_t psize = 0;
616 	unsigned int spare = 0;
617 	void *cpu_addr;
618 	dma_addr_t paddr;
619 	unsigned long attrs;
620 	static bool allocated = false;
621 	int ret;
622 
623 	if (allocated)
624 		return 0;
625 
626 	ret = qcom_scm_iommu_secure_ptbl_size(spare, &psize);
627 	if (ret) {
628 		dev_err(dev, "failed to get iommu secure pgtable size (%d)\n",
629 			ret);
630 		return ret;
631 	}
632 
633 	dev_info(dev, "iommu sec: pgtable size: %zu\n", psize);
634 
635 	attrs = DMA_ATTR_NO_KERNEL_MAPPING;
636 
637 	cpu_addr = dma_alloc_attrs(dev, psize, &paddr, GFP_KERNEL, attrs);
638 	if (!cpu_addr) {
639 		dev_err(dev, "failed to allocate %zu bytes for pgtable\n",
640 			psize);
641 		return -ENOMEM;
642 	}
643 
644 	ret = qcom_scm_iommu_secure_ptbl_init(paddr, psize, spare);
645 	if (ret) {
646 		dev_err(dev, "failed to init iommu pgtable (%d)\n", ret);
647 		goto free_mem;
648 	}
649 
650 	allocated = true;
651 	return 0;
652 
653 free_mem:
654 	dma_free_attrs(dev, psize, cpu_addr, paddr, attrs);
655 	return ret;
656 }
657 
get_asid(const struct device_node * np)658 static int get_asid(const struct device_node *np)
659 {
660 	u32 reg, val;
661 	int asid;
662 
663 	/* read the "reg" property directly to get the relative address
664 	 * of the context bank, and calculate the asid from that:
665 	 */
666 	if (of_property_read_u32_index(np, "reg", 0, &reg))
667 		return -ENODEV;
668 
669 	/*
670 	 * Context banks are 0x1000 apart but, in some cases, the ASID
671 	 * number doesn't match to this logic and needs to be passed
672 	 * from the DT configuration explicitly.
673 	 */
674 	if (!of_property_read_u32(np, "qcom,ctx-asid", &val))
675 		asid = val;
676 	else
677 		asid = reg / 0x1000;
678 
679 	return asid;
680 }
681 
qcom_iommu_ctx_probe(struct platform_device * pdev)682 static int qcom_iommu_ctx_probe(struct platform_device *pdev)
683 {
684 	struct qcom_iommu_ctx *ctx;
685 	struct device *dev = &pdev->dev;
686 	struct qcom_iommu_dev *qcom_iommu = dev_get_drvdata(dev->parent);
687 	int ret, irq;
688 
689 	ctx = devm_kzalloc(dev, sizeof(*ctx), GFP_KERNEL);
690 	if (!ctx)
691 		return -ENOMEM;
692 
693 	ctx->dev = dev;
694 	platform_set_drvdata(pdev, ctx);
695 
696 	ctx->base = devm_platform_ioremap_resource(pdev, 0);
697 	if (IS_ERR(ctx->base))
698 		return PTR_ERR(ctx->base);
699 
700 	irq = platform_get_irq(pdev, 0);
701 	if (irq < 0)
702 		return irq;
703 
704 	if (of_device_is_compatible(dev->of_node, "qcom,msm-iommu-v2-sec"))
705 		ctx->secured_ctx = true;
706 
707 	/* clear IRQs before registering fault handler, just in case the
708 	 * boot-loader left us a surprise:
709 	 */
710 	if (!ctx->secured_ctx)
711 		iommu_writel(ctx, ARM_SMMU_CB_FSR, iommu_readl(ctx, ARM_SMMU_CB_FSR));
712 
713 	ret = devm_request_irq(dev, irq,
714 			       qcom_iommu_fault,
715 			       IRQF_SHARED,
716 			       "qcom-iommu-fault",
717 			       ctx);
718 	if (ret) {
719 		dev_err(dev, "failed to request IRQ %u\n", irq);
720 		return ret;
721 	}
722 
723 	ret = get_asid(dev->of_node);
724 	if (ret < 0) {
725 		dev_err(dev, "missing reg property\n");
726 		return ret;
727 	}
728 
729 	ctx->asid = ret;
730 
731 	dev_dbg(dev, "found asid %u\n", ctx->asid);
732 
733 	qcom_iommu->ctxs[ctx->asid] = ctx;
734 
735 	return 0;
736 }
737 
qcom_iommu_ctx_remove(struct platform_device * pdev)738 static void qcom_iommu_ctx_remove(struct platform_device *pdev)
739 {
740 	struct qcom_iommu_dev *qcom_iommu = dev_get_drvdata(pdev->dev.parent);
741 	struct qcom_iommu_ctx *ctx = platform_get_drvdata(pdev);
742 
743 	platform_set_drvdata(pdev, NULL);
744 
745 	qcom_iommu->ctxs[ctx->asid] = NULL;
746 }
747 
748 static const struct of_device_id ctx_of_match[] = {
749 	{ .compatible = "qcom,msm-iommu-v1-ns" },
750 	{ .compatible = "qcom,msm-iommu-v1-sec" },
751 	{ .compatible = "qcom,msm-iommu-v2-ns" },
752 	{ .compatible = "qcom,msm-iommu-v2-sec" },
753 	{ /* sentinel */ }
754 };
755 
756 static struct platform_driver qcom_iommu_ctx_driver = {
757 	.driver	= {
758 		.name		= "qcom-iommu-ctx",
759 		.of_match_table	= ctx_of_match,
760 	},
761 	.probe	= qcom_iommu_ctx_probe,
762 	.remove_new = qcom_iommu_ctx_remove,
763 };
764 
qcom_iommu_has_secure_context(struct qcom_iommu_dev * qcom_iommu)765 static bool qcom_iommu_has_secure_context(struct qcom_iommu_dev *qcom_iommu)
766 {
767 	struct device_node *child;
768 
769 	for_each_child_of_node(qcom_iommu->dev->of_node, child) {
770 		if (of_device_is_compatible(child, "qcom,msm-iommu-v1-sec") ||
771 		    of_device_is_compatible(child, "qcom,msm-iommu-v2-sec")) {
772 			of_node_put(child);
773 			return true;
774 		}
775 	}
776 
777 	return false;
778 }
779 
qcom_iommu_device_probe(struct platform_device * pdev)780 static int qcom_iommu_device_probe(struct platform_device *pdev)
781 {
782 	struct device_node *child;
783 	struct qcom_iommu_dev *qcom_iommu;
784 	struct device *dev = &pdev->dev;
785 	struct resource *res;
786 	struct clk *clk;
787 	int ret, max_asid = 0;
788 
789 	/* find the max asid (which is 1:1 to ctx bank idx), so we know how
790 	 * many child ctx devices we have:
791 	 */
792 	for_each_child_of_node(dev->of_node, child)
793 		max_asid = max(max_asid, get_asid(child));
794 
795 	qcom_iommu = devm_kzalloc(dev, struct_size(qcom_iommu, ctxs, max_asid + 1),
796 				  GFP_KERNEL);
797 	if (!qcom_iommu)
798 		return -ENOMEM;
799 	qcom_iommu->max_asid = max_asid;
800 	qcom_iommu->dev = dev;
801 
802 	res = platform_get_resource(pdev, IORESOURCE_MEM, 0);
803 	if (res) {
804 		qcom_iommu->local_base = devm_ioremap_resource(dev, res);
805 		if (IS_ERR(qcom_iommu->local_base))
806 			return PTR_ERR(qcom_iommu->local_base);
807 	}
808 
809 	clk = devm_clk_get(dev, "iface");
810 	if (IS_ERR(clk)) {
811 		dev_err(dev, "failed to get iface clock\n");
812 		return PTR_ERR(clk);
813 	}
814 	qcom_iommu->clks[CLK_IFACE].clk = clk;
815 
816 	clk = devm_clk_get(dev, "bus");
817 	if (IS_ERR(clk)) {
818 		dev_err(dev, "failed to get bus clock\n");
819 		return PTR_ERR(clk);
820 	}
821 	qcom_iommu->clks[CLK_BUS].clk = clk;
822 
823 	clk = devm_clk_get_optional(dev, "tbu");
824 	if (IS_ERR(clk)) {
825 		dev_err(dev, "failed to get tbu clock\n");
826 		return PTR_ERR(clk);
827 	}
828 	qcom_iommu->clks[CLK_TBU].clk = clk;
829 
830 	if (of_property_read_u32(dev->of_node, "qcom,iommu-secure-id",
831 				 &qcom_iommu->sec_id)) {
832 		dev_err(dev, "missing qcom,iommu-secure-id property\n");
833 		return -ENODEV;
834 	}
835 
836 	if (qcom_iommu_has_secure_context(qcom_iommu)) {
837 		ret = qcom_iommu_sec_ptbl_init(dev);
838 		if (ret) {
839 			dev_err(dev, "cannot init secure pg table(%d)\n", ret);
840 			return ret;
841 		}
842 	}
843 
844 	platform_set_drvdata(pdev, qcom_iommu);
845 
846 	pm_runtime_enable(dev);
847 
848 	/* register context bank devices, which are child nodes: */
849 	ret = devm_of_platform_populate(dev);
850 	if (ret) {
851 		dev_err(dev, "Failed to populate iommu contexts\n");
852 		goto err_pm_disable;
853 	}
854 
855 	ret = iommu_device_sysfs_add(&qcom_iommu->iommu, dev, NULL,
856 				     dev_name(dev));
857 	if (ret) {
858 		dev_err(dev, "Failed to register iommu in sysfs\n");
859 		goto err_pm_disable;
860 	}
861 
862 	ret = iommu_device_register(&qcom_iommu->iommu, &qcom_iommu_ops, dev);
863 	if (ret) {
864 		dev_err(dev, "Failed to register iommu\n");
865 		goto err_pm_disable;
866 	}
867 
868 	if (qcom_iommu->local_base) {
869 		pm_runtime_get_sync(dev);
870 		writel_relaxed(0xffffffff, qcom_iommu->local_base + SMMU_INTR_SEL_NS);
871 		pm_runtime_put_sync(dev);
872 	}
873 
874 	return 0;
875 
876 err_pm_disable:
877 	pm_runtime_disable(dev);
878 	return ret;
879 }
880 
qcom_iommu_device_remove(struct platform_device * pdev)881 static void qcom_iommu_device_remove(struct platform_device *pdev)
882 {
883 	struct qcom_iommu_dev *qcom_iommu = platform_get_drvdata(pdev);
884 
885 	pm_runtime_force_suspend(&pdev->dev);
886 	platform_set_drvdata(pdev, NULL);
887 	iommu_device_sysfs_remove(&qcom_iommu->iommu);
888 	iommu_device_unregister(&qcom_iommu->iommu);
889 }
890 
qcom_iommu_resume(struct device * dev)891 static int __maybe_unused qcom_iommu_resume(struct device *dev)
892 {
893 	struct qcom_iommu_dev *qcom_iommu = dev_get_drvdata(dev);
894 	int ret;
895 
896 	ret = clk_bulk_prepare_enable(CLK_NUM, qcom_iommu->clks);
897 	if (ret < 0)
898 		return ret;
899 
900 	if (dev->pm_domain)
901 		return qcom_scm_restore_sec_cfg(qcom_iommu->sec_id, 0);
902 
903 	return ret;
904 }
905 
qcom_iommu_suspend(struct device * dev)906 static int __maybe_unused qcom_iommu_suspend(struct device *dev)
907 {
908 	struct qcom_iommu_dev *qcom_iommu = dev_get_drvdata(dev);
909 
910 	clk_bulk_disable_unprepare(CLK_NUM, qcom_iommu->clks);
911 
912 	return 0;
913 }
914 
915 static const struct dev_pm_ops qcom_iommu_pm_ops = {
916 	SET_RUNTIME_PM_OPS(qcom_iommu_suspend, qcom_iommu_resume, NULL)
917 	SET_SYSTEM_SLEEP_PM_OPS(pm_runtime_force_suspend,
918 				pm_runtime_force_resume)
919 };
920 
921 static const struct of_device_id qcom_iommu_of_match[] = {
922 	{ .compatible = "qcom,msm-iommu-v1" },
923 	{ .compatible = "qcom,msm-iommu-v2" },
924 	{ /* sentinel */ }
925 };
926 
927 static struct platform_driver qcom_iommu_driver = {
928 	.driver	= {
929 		.name		= "qcom-iommu",
930 		.of_match_table	= qcom_iommu_of_match,
931 		.pm		= &qcom_iommu_pm_ops,
932 	},
933 	.probe	= qcom_iommu_device_probe,
934 	.remove_new = qcom_iommu_device_remove,
935 };
936 
qcom_iommu_init(void)937 static int __init qcom_iommu_init(void)
938 {
939 	int ret;
940 
941 	ret = platform_driver_register(&qcom_iommu_ctx_driver);
942 	if (ret)
943 		return ret;
944 
945 	ret = platform_driver_register(&qcom_iommu_driver);
946 	if (ret)
947 		platform_driver_unregister(&qcom_iommu_ctx_driver);
948 
949 	return ret;
950 }
951 device_initcall(qcom_iommu_init);
952