search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
drm/tests: hdmi: Fix memory leaks in drm_display_mode_from_cea_vic()
[drm/drm-misc.git] / drivers / iommu / iommufd / ioas.c
blob2c4b2bb11e78ce4de21450a3b2e3c0efe4da7594
1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * Copyright (c) 2021-2022, NVIDIA CORPORATION & AFFILIATES
4 */
5 #include <linux/interval_tree.h>
6 #include <linux/iommu.h>
7 #include <linux/iommufd.h>
8 #include <uapi/linux/iommufd.h>
9
10 #include "io_pagetable.h"
11
12 void iommufd_ioas_destroy(struct iommufd_object *obj)
13 {
14 struct iommufd_ioas *ioas = container_of(obj, struct iommufd_ioas, obj);
15 int rc;
16
17 rc = iopt_unmap_all(&ioas->iopt, NULL);
18 WARN_ON(rc && rc != -ENOENT);
19 iopt_destroy_table(&ioas->iopt);
20 mutex_destroy(&ioas->mutex);
21 }
22
23 struct iommufd_ioas *iommufd_ioas_alloc(struct iommufd_ctx *ictx)
24 {
25 struct iommufd_ioas *ioas;
26
27 ioas = iommufd_object_alloc(ictx, ioas, IOMMUFD_OBJ_IOAS);
28 if (IS_ERR(ioas))
29 return ioas;
30
31 iopt_init_table(&ioas->iopt);
32 INIT_LIST_HEAD(&ioas->hwpt_list);
33 mutex_init(&ioas->mutex);
34 return ioas;
35 }
36
37 int iommufd_ioas_alloc_ioctl(struct iommufd_ucmd *ucmd)
38 {
39 struct iommu_ioas_alloc *cmd = ucmd->cmd;
40 struct iommufd_ioas *ioas;
41 int rc;
42
43 if (cmd->flags)
44 return -EOPNOTSUPP;
45
46 ioas = iommufd_ioas_alloc(ucmd->ictx);
47 if (IS_ERR(ioas))
48 return PTR_ERR(ioas);
49
50 cmd->out_ioas_id = ioas->obj.id;
51 rc = iommufd_ucmd_respond(ucmd, sizeof(*cmd));
52 if (rc)
53 goto out_table;
54 iommufd_object_finalize(ucmd->ictx, &ioas->obj);
55 return 0;
56
57 out_table:
58 iommufd_object_abort_and_destroy(ucmd->ictx, &ioas->obj);
59 return rc;
60 }
61
62 int iommufd_ioas_iova_ranges(struct iommufd_ucmd *ucmd)
63 {
64 struct iommu_iova_range __user *ranges;
65 struct iommu_ioas_iova_ranges *cmd = ucmd->cmd;
66 struct iommufd_ioas *ioas;
67 struct interval_tree_span_iter span;
68 u32 max_iovas;
69 int rc;
70
71 if (cmd->__reserved)
72 return -EOPNOTSUPP;
73
74 ioas = iommufd_get_ioas(ucmd->ictx, cmd->ioas_id);
75 if (IS_ERR(ioas))
76 return PTR_ERR(ioas);
77
78 down_read(&ioas->iopt.iova_rwsem);
79 max_iovas = cmd->num_iovas;
80 ranges = u64_to_user_ptr(cmd->allowed_iovas);
81 cmd->num_iovas = 0;
82 cmd->out_iova_alignment = ioas->iopt.iova_alignment;
83 interval_tree_for_each_span(&span, &ioas->iopt.reserved_itree, 0,
84 ULONG_MAX) {
85 if (!span.is_hole)
86 continue;
87 if (cmd->num_iovas < max_iovas) {
88 struct iommu_iova_range elm = {
89 .start = span.start_hole,
90 .last = span.last_hole,
91 };
92
93 if (copy_to_user(&ranges[cmd->num_iovas], &elm,
94 sizeof(elm))) {
95 rc = -EFAULT;
96 goto out_put;
97 }
98 }
99 cmd->num_iovas++;
100 }
101 rc = iommufd_ucmd_respond(ucmd, sizeof(*cmd));
102 if (rc)
103 goto out_put;
104 if (cmd->num_iovas > max_iovas)
105 rc = -EMSGSIZE;
106 out_put:
107 up_read(&ioas->iopt.iova_rwsem);
108 iommufd_put_object(ucmd->ictx, &ioas->obj);
109 return rc;
110 }
111
112 static int iommufd_ioas_load_iovas(struct rb_root_cached *itree,
113 struct iommu_iova_range __user *ranges,
114 u32 num)
115 {
116 u32 i;
117
118 for (i = 0; i != num; i++) {
119 struct iommu_iova_range range;
120 struct iopt_allowed *allowed;
121
122 if (copy_from_user(&range, ranges + i, sizeof(range)))
123 return -EFAULT;
124
125 if (range.start >= range.last)
126 return -EINVAL;
127
128 if (interval_tree_iter_first(itree, range.start, range.last))
129 return -EINVAL;
130
131 allowed = kzalloc(sizeof(*allowed), GFP_KERNEL_ACCOUNT);
132 if (!allowed)
133 return -ENOMEM;
134 allowed->node.start = range.start;
135 allowed->node.last = range.last;
136
137 interval_tree_insert(&allowed->node, itree);
138 }
139 return 0;
140 }
141
142 int iommufd_ioas_allow_iovas(struct iommufd_ucmd *ucmd)
143 {
144 struct iommu_ioas_allow_iovas *cmd = ucmd->cmd;
145 struct rb_root_cached allowed_iova = RB_ROOT_CACHED;
146 struct interval_tree_node *node;
147 struct iommufd_ioas *ioas;
148 struct io_pagetable *iopt;
149 int rc = 0;
150
151 if (cmd->__reserved)
152 return -EOPNOTSUPP;
153
154 ioas = iommufd_get_ioas(ucmd->ictx, cmd->ioas_id);
155 if (IS_ERR(ioas))
156 return PTR_ERR(ioas);
157 iopt = &ioas->iopt;
158
159 rc = iommufd_ioas_load_iovas(&allowed_iova,
160 u64_to_user_ptr(cmd->allowed_iovas),
161 cmd->num_iovas);
162 if (rc)
163 goto out_free;
164
165 /*
166 * We want the allowed tree update to be atomic, so we have to keep the
167 * original nodes around, and keep track of the new nodes as we allocate
168 * memory for them. The simplest solution is to have a new/old tree and
169 * then swap new for old. On success we free the old tree, on failure we
170 * free the new tree.
171 */
172 rc = iopt_set_allow_iova(iopt, &allowed_iova);
173 out_free:
174 while ((node = interval_tree_iter_first(&allowed_iova, 0, ULONG_MAX))) {
175 interval_tree_remove(node, &allowed_iova);
176 kfree(container_of(node, struct iopt_allowed, node));
177 }
178 iommufd_put_object(ucmd->ictx, &ioas->obj);
179 return rc;
180 }
181
182 static int conv_iommu_prot(u32 map_flags)
183 {
184 /*
185 * We provide no manual cache coherency ioctls to userspace and most
186 * architectures make the CPU ops for cache flushing privileged.
187 * Therefore we require the underlying IOMMU to support CPU coherent
188 * operation. Support for IOMMU_CACHE is enforced by the
189 * IOMMU_CAP_CACHE_COHERENCY test during bind.
190 */
191 int iommu_prot = IOMMU_CACHE;
192
193 if (map_flags & IOMMU_IOAS_MAP_WRITEABLE)
194 iommu_prot |= IOMMU_WRITE;
195 if (map_flags & IOMMU_IOAS_MAP_READABLE)
196 iommu_prot |= IOMMU_READ;
197 return iommu_prot;
198 }
199
200 int iommufd_ioas_map(struct iommufd_ucmd *ucmd)
201 {
202 struct iommu_ioas_map *cmd = ucmd->cmd;
203 unsigned long iova = cmd->iova;
204 struct iommufd_ioas *ioas;
205 unsigned int flags = 0;
206 int rc;
207
208 if ((cmd->flags &
209 ~(IOMMU_IOAS_MAP_FIXED_IOVA | IOMMU_IOAS_MAP_WRITEABLE |
210 IOMMU_IOAS_MAP_READABLE)) ||
211 cmd->__reserved)
212 return -EOPNOTSUPP;
213 if (cmd->iova >= ULONG_MAX || cmd->length >= ULONG_MAX)
214 return -EOVERFLOW;
215
216 if (!(cmd->flags &
217 (IOMMU_IOAS_MAP_WRITEABLE | IOMMU_IOAS_MAP_READABLE)))
218 return -EINVAL;
219
220 ioas = iommufd_get_ioas(ucmd->ictx, cmd->ioas_id);
221 if (IS_ERR(ioas))
222 return PTR_ERR(ioas);
223
224 if (!(cmd->flags & IOMMU_IOAS_MAP_FIXED_IOVA))
225 flags = IOPT_ALLOC_IOVA;
226 rc = iopt_map_user_pages(ucmd->ictx, &ioas->iopt, &iova,
227 u64_to_user_ptr(cmd->user_va), cmd->length,
228 conv_iommu_prot(cmd->flags), flags);
229 if (rc)
230 goto out_put;
231
232 cmd->iova = iova;
233 rc = iommufd_ucmd_respond(ucmd, sizeof(*cmd));
234 out_put:
235 iommufd_put_object(ucmd->ictx, &ioas->obj);
236 return rc;
237 }
238
239 int iommufd_ioas_copy(struct iommufd_ucmd *ucmd)
240 {
241 struct iommu_ioas_copy *cmd = ucmd->cmd;
242 struct iommufd_ioas *src_ioas;
243 struct iommufd_ioas *dst_ioas;
244 unsigned int flags = 0;
245 LIST_HEAD(pages_list);
246 unsigned long iova;
247 int rc;
248
249 iommufd_test_syz_conv_iova_id(ucmd, cmd->src_ioas_id, &cmd->src_iova,
250 &cmd->flags);
251
252 if ((cmd->flags &
253 ~(IOMMU_IOAS_MAP_FIXED_IOVA | IOMMU_IOAS_MAP_WRITEABLE |
254 IOMMU_IOAS_MAP_READABLE)))
255 return -EOPNOTSUPP;
256 if (cmd->length >= ULONG_MAX || cmd->src_iova >= ULONG_MAX ||
257 cmd->dst_iova >= ULONG_MAX)
258 return -EOVERFLOW;
259
260 if (!(cmd->flags &
261 (IOMMU_IOAS_MAP_WRITEABLE | IOMMU_IOAS_MAP_READABLE)))
262 return -EINVAL;
263
264 src_ioas = iommufd_get_ioas(ucmd->ictx, cmd->src_ioas_id);
265 if (IS_ERR(src_ioas))
266 return PTR_ERR(src_ioas);
267 rc = iopt_get_pages(&src_ioas->iopt, cmd->src_iova, cmd->length,
268 &pages_list);
269 iommufd_put_object(ucmd->ictx, &src_ioas->obj);
270 if (rc)
271 return rc;
272
273 dst_ioas = iommufd_get_ioas(ucmd->ictx, cmd->dst_ioas_id);
274 if (IS_ERR(dst_ioas)) {
275 rc = PTR_ERR(dst_ioas);
276 goto out_pages;
277 }
278
279 if (!(cmd->flags & IOMMU_IOAS_MAP_FIXED_IOVA))
280 flags = IOPT_ALLOC_IOVA;
281 iova = cmd->dst_iova;
282 rc = iopt_map_pages(&dst_ioas->iopt, &pages_list, cmd->length, &iova,
283 conv_iommu_prot(cmd->flags), flags);
284 if (rc)
285 goto out_put_dst;
286
287 cmd->dst_iova = iova;
288 rc = iommufd_ucmd_respond(ucmd, sizeof(*cmd));
289 out_put_dst:
290 iommufd_put_object(ucmd->ictx, &dst_ioas->obj);
291 out_pages:
292 iopt_free_pages_list(&pages_list);
293 return rc;
294 }
295
296 int iommufd_ioas_unmap(struct iommufd_ucmd *ucmd)
297 {
298 struct iommu_ioas_unmap *cmd = ucmd->cmd;
299 struct iommufd_ioas *ioas;
300 unsigned long unmapped = 0;
301 int rc;
302
303 ioas = iommufd_get_ioas(ucmd->ictx, cmd->ioas_id);
304 if (IS_ERR(ioas))
305 return PTR_ERR(ioas);
306
307 if (cmd->iova == 0 && cmd->length == U64_MAX) {
308 rc = iopt_unmap_all(&ioas->iopt, &unmapped);
309 if (rc)
310 goto out_put;
311 } else {
312 if (cmd->iova >= ULONG_MAX || cmd->length >= ULONG_MAX) {
313 rc = -EOVERFLOW;
314 goto out_put;
315 }
316 rc = iopt_unmap_iova(&ioas->iopt, cmd->iova, cmd->length,
317 &unmapped);
318 if (rc)
319 goto out_put;
320 }
321
322 cmd->length = unmapped;
323 rc = iommufd_ucmd_respond(ucmd, sizeof(*cmd));
324
325 out_put:
326 iommufd_put_object(ucmd->ictx, &ioas->obj);
327 return rc;
328 }
329
330 int iommufd_option_rlimit_mode(struct iommu_option *cmd,
331 struct iommufd_ctx *ictx)
332 {
333 if (cmd->object_id)
334 return -EOPNOTSUPP;
335
336 if (cmd->op == IOMMU_OPTION_OP_GET) {
337 cmd->val64 = ictx->account_mode == IOPT_PAGES_ACCOUNT_MM;
338 return 0;
339 }
340 if (cmd->op == IOMMU_OPTION_OP_SET) {
341 int rc = 0;
342
343 if (!capable(CAP_SYS_RESOURCE))
344 return -EPERM;
345
346 xa_lock(&ictx->objects);
347 if (!xa_empty(&ictx->objects)) {
348 rc = -EBUSY;
349 } else {
350 if (cmd->val64 == 0)
351 ictx->account_mode = IOPT_PAGES_ACCOUNT_USER;
352 else if (cmd->val64 == 1)
353 ictx->account_mode = IOPT_PAGES_ACCOUNT_MM;
354 else
355 rc = -EINVAL;
356 }
357 xa_unlock(&ictx->objects);
358
359 return rc;
360 }
361 return -EOPNOTSUPP;
362 }
363
364 static int iommufd_ioas_option_huge_pages(struct iommu_option *cmd,
365 struct iommufd_ioas *ioas)
366 {
367 if (cmd->op == IOMMU_OPTION_OP_GET) {
368 cmd->val64 = !ioas->iopt.disable_large_pages;
369 return 0;
370 }
371 if (cmd->op == IOMMU_OPTION_OP_SET) {
372 if (cmd->val64 == 0)
373 return iopt_disable_large_pages(&ioas->iopt);
374 if (cmd->val64 == 1) {
375 iopt_enable_large_pages(&ioas->iopt);
376 return 0;
377 }
378 return -EINVAL;
379 }
380 return -EOPNOTSUPP;
381 }
382
383 int iommufd_ioas_option(struct iommufd_ucmd *ucmd)
384 {
385 struct iommu_option *cmd = ucmd->cmd;
386 struct iommufd_ioas *ioas;
387 int rc = 0;
388
389 if (cmd->__reserved)
390 return -EOPNOTSUPP;
391
392 ioas = iommufd_get_ioas(ucmd->ictx, cmd->object_id);
393 if (IS_ERR(ioas))
394 return PTR_ERR(ioas);
395
396 switch (cmd->option_id) {
397 case IOMMU_OPTION_HUGE_PAGES:
398 rc = iommufd_ioas_option_huge_pages(cmd, ioas);
399 break;
400 default:
401 rc = -EOPNOTSUPP;
402 }
403
404 iommufd_put_object(ucmd->ictx, &ioas->obj);
405 return rc;
406 }
Kernel DRM miscellaneous fixes and cross-tree changes