2 * Copyright © 2008 Intel Corporation
4 * Permission is hereby granted, free of charge, to any person obtaining a
5 * copy of this software and associated documentation files (the "Software"),
6 * to deal in the Software without restriction, including without limitation
7 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
8 * and/or sell copies of the Software, and to permit persons to whom the
9 * Software is furnished to do so, subject to the following conditions:
11 * The above copyright notice and this permission notice (including the next
12 * paragraph) shall be included in all copies or substantial portions of the
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
20 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
24 * Eric Anholt <eric@anholt.net>
32 #include "i915_trace.h"
33 #include "intel_drv.h"
34 #include <linux/slab.h>
35 #include <linux/swap.h>
36 #include <linux/pci.h>
37 #include <linux/intel-gtt.h>
39 static uint32_t i915_gem_get_gtt_alignment(struct drm_gem_object *obj);
41 static int i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj,
43 static void i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj);
44 static void i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj);
45 static int i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj,
47 static int i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
50 static void i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj);
51 static int i915_gem_object_wait_rendering(struct drm_gem_object *obj,
53 static int i915_gem_object_bind_to_gtt(struct drm_gem_object *obj,
55 static void i915_gem_clear_fence_reg(struct drm_gem_object *obj);
56 static int i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
57 struct drm_i915_gem_pwrite *args,
58 struct drm_file *file_priv);
59 static void i915_gem_free_object_tail(struct drm_gem_object *obj);
62 i915_gem_object_get_pages(struct drm_gem_object *obj,
66 i915_gem_object_put_pages(struct drm_gem_object *obj);
68 static LIST_HEAD(shrink_list);
69 static DEFINE_SPINLOCK(shrink_list_lock);
71 /* some bookkeeping */
72 static void i915_gem_info_add_obj(struct drm_i915_private *dev_priv,
75 dev_priv->mm.object_count++;
76 dev_priv->mm.object_memory += size;
79 static void i915_gem_info_remove_obj(struct drm_i915_private *dev_priv,
82 dev_priv->mm.object_count--;
83 dev_priv->mm.object_memory -= size;
86 static void i915_gem_info_add_gtt(struct drm_i915_private *dev_priv,
89 dev_priv->mm.gtt_count++;
90 dev_priv->mm.gtt_memory += size;
93 static void i915_gem_info_remove_gtt(struct drm_i915_private *dev_priv,
96 dev_priv->mm.gtt_count--;
97 dev_priv->mm.gtt_memory -= size;
100 static void i915_gem_info_add_pin(struct drm_i915_private *dev_priv,
103 dev_priv->mm.pin_count++;
104 dev_priv->mm.pin_memory += size;
107 static void i915_gem_info_remove_pin(struct drm_i915_private *dev_priv,
110 dev_priv->mm.pin_count--;
111 dev_priv->mm.pin_memory -= size;
115 i915_gem_check_is_wedged(struct drm_device *dev)
117 struct drm_i915_private *dev_priv = dev->dev_private;
118 struct completion *x = &dev_priv->error_completion;
122 if (!atomic_read(&dev_priv->mm.wedged))
125 ret = wait_for_completion_interruptible(x);
129 /* Success, we reset the GPU! */
130 if (!atomic_read(&dev_priv->mm.wedged))
133 /* GPU is hung, bump the completion count to account for
134 * the token we just consumed so that we never hit zero and
135 * end up waiting upon a subsequent completion event that
138 spin_lock_irqsave(&x->wait.lock, flags);
140 spin_unlock_irqrestore(&x->wait.lock, flags);
144 static int i915_mutex_lock_interruptible(struct drm_device *dev)
146 struct drm_i915_private *dev_priv = dev->dev_private;
149 ret = i915_gem_check_is_wedged(dev);
153 ret = mutex_lock_interruptible(&dev->struct_mutex);
157 if (atomic_read(&dev_priv->mm.wedged)) {
158 mutex_unlock(&dev->struct_mutex);
162 WARN_ON(i915_verify_lists(dev));
167 i915_gem_object_is_inactive(struct drm_i915_gem_object *obj_priv)
169 return obj_priv->gtt_space &&
171 obj_priv->pin_count == 0;
174 int i915_gem_do_init(struct drm_device *dev,
178 drm_i915_private_t *dev_priv = dev->dev_private;
181 (start & (PAGE_SIZE - 1)) != 0 ||
182 (end & (PAGE_SIZE - 1)) != 0) {
186 drm_mm_init(&dev_priv->mm.gtt_space, start,
189 dev_priv->mm.gtt_total = end - start;
195 i915_gem_init_ioctl(struct drm_device *dev, void *data,
196 struct drm_file *file_priv)
198 struct drm_i915_gem_init *args = data;
201 mutex_lock(&dev->struct_mutex);
202 ret = i915_gem_do_init(dev, args->gtt_start, args->gtt_end);
203 mutex_unlock(&dev->struct_mutex);
209 i915_gem_get_aperture_ioctl(struct drm_device *dev, void *data,
210 struct drm_file *file_priv)
212 struct drm_i915_private *dev_priv = dev->dev_private;
213 struct drm_i915_gem_get_aperture *args = data;
215 if (!(dev->driver->driver_features & DRIVER_GEM))
218 mutex_lock(&dev->struct_mutex);
219 args->aper_size = dev_priv->mm.gtt_total;
220 args->aper_available_size = args->aper_size - dev_priv->mm.pin_memory;
221 mutex_unlock(&dev->struct_mutex);
228 * Creates a new mm object and returns a handle to it.
231 i915_gem_create_ioctl(struct drm_device *dev, void *data,
232 struct drm_file *file_priv)
234 struct drm_i915_gem_create *args = data;
235 struct drm_gem_object *obj;
239 args->size = roundup(args->size, PAGE_SIZE);
241 /* Allocate the new object */
242 obj = i915_gem_alloc_object(dev, args->size);
246 ret = drm_gem_handle_create(file_priv, obj, &handle);
248 drm_gem_object_release(obj);
249 i915_gem_info_remove_obj(dev->dev_private, obj->size);
254 /* drop reference from allocate - handle holds it now */
255 drm_gem_object_unreference(obj);
256 trace_i915_gem_object_create(obj);
258 args->handle = handle;
263 fast_shmem_read(struct page **pages,
264 loff_t page_base, int page_offset,
271 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT]);
272 ret = __copy_to_user_inatomic(data, vaddr + page_offset, length);
273 kunmap_atomic(vaddr);
278 static int i915_gem_object_needs_bit17_swizzle(struct drm_gem_object *obj)
280 drm_i915_private_t *dev_priv = obj->dev->dev_private;
281 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
283 return dev_priv->mm.bit_6_swizzle_x == I915_BIT_6_SWIZZLE_9_10_17 &&
284 obj_priv->tiling_mode != I915_TILING_NONE;
288 slow_shmem_copy(struct page *dst_page,
290 struct page *src_page,
294 char *dst_vaddr, *src_vaddr;
296 dst_vaddr = kmap(dst_page);
297 src_vaddr = kmap(src_page);
299 memcpy(dst_vaddr + dst_offset, src_vaddr + src_offset, length);
306 slow_shmem_bit17_copy(struct page *gpu_page,
308 struct page *cpu_page,
313 char *gpu_vaddr, *cpu_vaddr;
315 /* Use the unswizzled path if this page isn't affected. */
316 if ((page_to_phys(gpu_page) & (1 << 17)) == 0) {
318 return slow_shmem_copy(cpu_page, cpu_offset,
319 gpu_page, gpu_offset, length);
321 return slow_shmem_copy(gpu_page, gpu_offset,
322 cpu_page, cpu_offset, length);
325 gpu_vaddr = kmap(gpu_page);
326 cpu_vaddr = kmap(cpu_page);
328 /* Copy the data, XORing A6 with A17 (1). The user already knows he's
329 * XORing with the other bits (A9 for Y, A9 and A10 for X)
332 int cacheline_end = ALIGN(gpu_offset + 1, 64);
333 int this_length = min(cacheline_end - gpu_offset, length);
334 int swizzled_gpu_offset = gpu_offset ^ 64;
337 memcpy(cpu_vaddr + cpu_offset,
338 gpu_vaddr + swizzled_gpu_offset,
341 memcpy(gpu_vaddr + swizzled_gpu_offset,
342 cpu_vaddr + cpu_offset,
345 cpu_offset += this_length;
346 gpu_offset += this_length;
347 length -= this_length;
355 * This is the fast shmem pread path, which attempts to copy_from_user directly
356 * from the backing pages of the object to the user's address space. On a
357 * fault, it fails so we can fall back to i915_gem_shmem_pwrite_slow().
360 i915_gem_shmem_pread_fast(struct drm_device *dev, struct drm_gem_object *obj,
361 struct drm_i915_gem_pread *args,
362 struct drm_file *file_priv)
364 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
366 loff_t offset, page_base;
367 char __user *user_data;
368 int page_offset, page_length;
370 user_data = (char __user *) (uintptr_t) args->data_ptr;
373 obj_priv = to_intel_bo(obj);
374 offset = args->offset;
377 /* Operation in this page
379 * page_base = page offset within aperture
380 * page_offset = offset within page
381 * page_length = bytes to copy for this page
383 page_base = (offset & ~(PAGE_SIZE-1));
384 page_offset = offset & (PAGE_SIZE-1);
385 page_length = remain;
386 if ((page_offset + remain) > PAGE_SIZE)
387 page_length = PAGE_SIZE - page_offset;
389 if (fast_shmem_read(obj_priv->pages,
390 page_base, page_offset,
391 user_data, page_length))
394 remain -= page_length;
395 user_data += page_length;
396 offset += page_length;
403 i915_gem_object_get_pages_or_evict(struct drm_gem_object *obj)
407 ret = i915_gem_object_get_pages(obj, __GFP_NORETRY | __GFP_NOWARN);
409 /* If we've insufficient memory to map in the pages, attempt
410 * to make some space by throwing out some old buffers.
412 if (ret == -ENOMEM) {
413 struct drm_device *dev = obj->dev;
415 ret = i915_gem_evict_something(dev, obj->size,
416 i915_gem_get_gtt_alignment(obj));
420 ret = i915_gem_object_get_pages(obj, 0);
427 * This is the fallback shmem pread path, which allocates temporary storage
428 * in kernel space to copy_to_user into outside of the struct_mutex, so we
429 * can copy out of the object's backing pages while holding the struct mutex
430 * and not take page faults.
433 i915_gem_shmem_pread_slow(struct drm_device *dev, struct drm_gem_object *obj,
434 struct drm_i915_gem_pread *args,
435 struct drm_file *file_priv)
437 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
438 struct mm_struct *mm = current->mm;
439 struct page **user_pages;
441 loff_t offset, pinned_pages, i;
442 loff_t first_data_page, last_data_page, num_pages;
443 int shmem_page_index, shmem_page_offset;
444 int data_page_index, data_page_offset;
447 uint64_t data_ptr = args->data_ptr;
448 int do_bit17_swizzling;
452 /* Pin the user pages containing the data. We can't fault while
453 * holding the struct mutex, yet we want to hold it while
454 * dereferencing the user data.
456 first_data_page = data_ptr / PAGE_SIZE;
457 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
458 num_pages = last_data_page - first_data_page + 1;
460 user_pages = drm_malloc_ab(num_pages, sizeof(struct page *));
461 if (user_pages == NULL)
464 mutex_unlock(&dev->struct_mutex);
465 down_read(&mm->mmap_sem);
466 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
467 num_pages, 1, 0, user_pages, NULL);
468 up_read(&mm->mmap_sem);
469 mutex_lock(&dev->struct_mutex);
470 if (pinned_pages < num_pages) {
475 ret = i915_gem_object_set_cpu_read_domain_range(obj,
481 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
483 obj_priv = to_intel_bo(obj);
484 offset = args->offset;
487 /* Operation in this page
489 * shmem_page_index = page number within shmem file
490 * shmem_page_offset = offset within page in shmem file
491 * data_page_index = page number in get_user_pages return
492 * data_page_offset = offset with data_page_index page.
493 * page_length = bytes to copy for this page
495 shmem_page_index = offset / PAGE_SIZE;
496 shmem_page_offset = offset & ~PAGE_MASK;
497 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
498 data_page_offset = data_ptr & ~PAGE_MASK;
500 page_length = remain;
501 if ((shmem_page_offset + page_length) > PAGE_SIZE)
502 page_length = PAGE_SIZE - shmem_page_offset;
503 if ((data_page_offset + page_length) > PAGE_SIZE)
504 page_length = PAGE_SIZE - data_page_offset;
506 if (do_bit17_swizzling) {
507 slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
509 user_pages[data_page_index],
514 slow_shmem_copy(user_pages[data_page_index],
516 obj_priv->pages[shmem_page_index],
521 remain -= page_length;
522 data_ptr += page_length;
523 offset += page_length;
527 for (i = 0; i < pinned_pages; i++) {
528 SetPageDirty(user_pages[i]);
529 page_cache_release(user_pages[i]);
531 drm_free_large(user_pages);
537 * Reads data from the object referenced by handle.
539 * On error, the contents of *data are undefined.
542 i915_gem_pread_ioctl(struct drm_device *dev, void *data,
543 struct drm_file *file_priv)
545 struct drm_i915_gem_pread *args = data;
546 struct drm_gem_object *obj;
547 struct drm_i915_gem_object *obj_priv;
553 if (!access_ok(VERIFY_WRITE,
554 (char __user *)(uintptr_t)args->data_ptr,
558 ret = fault_in_pages_writeable((char __user *)(uintptr_t)args->data_ptr,
563 ret = i915_mutex_lock_interruptible(dev);
567 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
572 obj_priv = to_intel_bo(obj);
574 /* Bounds check source. */
575 if (args->offset > obj->size || args->size > obj->size - args->offset) {
580 ret = i915_gem_object_get_pages_or_evict(obj);
584 ret = i915_gem_object_set_cpu_read_domain_range(obj,
591 if (!i915_gem_object_needs_bit17_swizzle(obj))
592 ret = i915_gem_shmem_pread_fast(dev, obj, args, file_priv);
594 ret = i915_gem_shmem_pread_slow(dev, obj, args, file_priv);
597 i915_gem_object_put_pages(obj);
599 drm_gem_object_unreference(obj);
601 mutex_unlock(&dev->struct_mutex);
605 /* This is the fast write path which cannot handle
606 * page faults in the source data
610 fast_user_write(struct io_mapping *mapping,
611 loff_t page_base, int page_offset,
612 char __user *user_data,
616 unsigned long unwritten;
618 vaddr_atomic = io_mapping_map_atomic_wc(mapping, page_base);
619 unwritten = __copy_from_user_inatomic_nocache(vaddr_atomic + page_offset,
621 io_mapping_unmap_atomic(vaddr_atomic);
625 /* Here's the write path which can sleep for
630 slow_kernel_write(struct io_mapping *mapping,
631 loff_t gtt_base, int gtt_offset,
632 struct page *user_page, int user_offset,
635 char __iomem *dst_vaddr;
638 dst_vaddr = io_mapping_map_wc(mapping, gtt_base);
639 src_vaddr = kmap(user_page);
641 memcpy_toio(dst_vaddr + gtt_offset,
642 src_vaddr + user_offset,
646 io_mapping_unmap(dst_vaddr);
650 fast_shmem_write(struct page **pages,
651 loff_t page_base, int page_offset,
658 vaddr = kmap_atomic(pages[page_base >> PAGE_SHIFT]);
659 ret = __copy_from_user_inatomic(vaddr + page_offset, data, length);
660 kunmap_atomic(vaddr);
666 * This is the fast pwrite path, where we copy the data directly from the
667 * user into the GTT, uncached.
670 i915_gem_gtt_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
671 struct drm_i915_gem_pwrite *args,
672 struct drm_file *file_priv)
674 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
675 drm_i915_private_t *dev_priv = dev->dev_private;
677 loff_t offset, page_base;
678 char __user *user_data;
679 int page_offset, page_length;
681 user_data = (char __user *) (uintptr_t) args->data_ptr;
684 obj_priv = to_intel_bo(obj);
685 offset = obj_priv->gtt_offset + args->offset;
688 /* Operation in this page
690 * page_base = page offset within aperture
691 * page_offset = offset within page
692 * page_length = bytes to copy for this page
694 page_base = (offset & ~(PAGE_SIZE-1));
695 page_offset = offset & (PAGE_SIZE-1);
696 page_length = remain;
697 if ((page_offset + remain) > PAGE_SIZE)
698 page_length = PAGE_SIZE - page_offset;
700 /* If we get a fault while copying data, then (presumably) our
701 * source page isn't available. Return the error and we'll
702 * retry in the slow path.
704 if (fast_user_write(dev_priv->mm.gtt_mapping, page_base,
705 page_offset, user_data, page_length))
709 remain -= page_length;
710 user_data += page_length;
711 offset += page_length;
718 * This is the fallback GTT pwrite path, which uses get_user_pages to pin
719 * the memory and maps it using kmap_atomic for copying.
721 * This code resulted in x11perf -rgb10text consuming about 10% more CPU
722 * than using i915_gem_gtt_pwrite_fast on a G45 (32-bit).
725 i915_gem_gtt_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
726 struct drm_i915_gem_pwrite *args,
727 struct drm_file *file_priv)
729 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
730 drm_i915_private_t *dev_priv = dev->dev_private;
732 loff_t gtt_page_base, offset;
733 loff_t first_data_page, last_data_page, num_pages;
734 loff_t pinned_pages, i;
735 struct page **user_pages;
736 struct mm_struct *mm = current->mm;
737 int gtt_page_offset, data_page_offset, data_page_index, page_length;
739 uint64_t data_ptr = args->data_ptr;
743 /* Pin the user pages containing the data. We can't fault while
744 * holding the struct mutex, and all of the pwrite implementations
745 * want to hold it while dereferencing the user data.
747 first_data_page = data_ptr / PAGE_SIZE;
748 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
749 num_pages = last_data_page - first_data_page + 1;
751 user_pages = drm_malloc_ab(num_pages, sizeof(struct page *));
752 if (user_pages == NULL)
755 mutex_unlock(&dev->struct_mutex);
756 down_read(&mm->mmap_sem);
757 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
758 num_pages, 0, 0, user_pages, NULL);
759 up_read(&mm->mmap_sem);
760 mutex_lock(&dev->struct_mutex);
761 if (pinned_pages < num_pages) {
763 goto out_unpin_pages;
766 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
768 goto out_unpin_pages;
770 obj_priv = to_intel_bo(obj);
771 offset = obj_priv->gtt_offset + args->offset;
774 /* Operation in this page
776 * gtt_page_base = page offset within aperture
777 * gtt_page_offset = offset within page in aperture
778 * data_page_index = page number in get_user_pages return
779 * data_page_offset = offset with data_page_index page.
780 * page_length = bytes to copy for this page
782 gtt_page_base = offset & PAGE_MASK;
783 gtt_page_offset = offset & ~PAGE_MASK;
784 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
785 data_page_offset = data_ptr & ~PAGE_MASK;
787 page_length = remain;
788 if ((gtt_page_offset + page_length) > PAGE_SIZE)
789 page_length = PAGE_SIZE - gtt_page_offset;
790 if ((data_page_offset + page_length) > PAGE_SIZE)
791 page_length = PAGE_SIZE - data_page_offset;
793 slow_kernel_write(dev_priv->mm.gtt_mapping,
794 gtt_page_base, gtt_page_offset,
795 user_pages[data_page_index],
799 remain -= page_length;
800 offset += page_length;
801 data_ptr += page_length;
805 for (i = 0; i < pinned_pages; i++)
806 page_cache_release(user_pages[i]);
807 drm_free_large(user_pages);
813 * This is the fast shmem pwrite path, which attempts to directly
814 * copy_from_user into the kmapped pages backing the object.
817 i915_gem_shmem_pwrite_fast(struct drm_device *dev, struct drm_gem_object *obj,
818 struct drm_i915_gem_pwrite *args,
819 struct drm_file *file_priv)
821 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
823 loff_t offset, page_base;
824 char __user *user_data;
825 int page_offset, page_length;
827 user_data = (char __user *) (uintptr_t) args->data_ptr;
830 obj_priv = to_intel_bo(obj);
831 offset = args->offset;
835 /* Operation in this page
837 * page_base = page offset within aperture
838 * page_offset = offset within page
839 * page_length = bytes to copy for this page
841 page_base = (offset & ~(PAGE_SIZE-1));
842 page_offset = offset & (PAGE_SIZE-1);
843 page_length = remain;
844 if ((page_offset + remain) > PAGE_SIZE)
845 page_length = PAGE_SIZE - page_offset;
847 if (fast_shmem_write(obj_priv->pages,
848 page_base, page_offset,
849 user_data, page_length))
852 remain -= page_length;
853 user_data += page_length;
854 offset += page_length;
861 * This is the fallback shmem pwrite path, which uses get_user_pages to pin
862 * the memory and maps it using kmap_atomic for copying.
864 * This avoids taking mmap_sem for faulting on the user's address while the
865 * struct_mutex is held.
868 i915_gem_shmem_pwrite_slow(struct drm_device *dev, struct drm_gem_object *obj,
869 struct drm_i915_gem_pwrite *args,
870 struct drm_file *file_priv)
872 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
873 struct mm_struct *mm = current->mm;
874 struct page **user_pages;
876 loff_t offset, pinned_pages, i;
877 loff_t first_data_page, last_data_page, num_pages;
878 int shmem_page_index, shmem_page_offset;
879 int data_page_index, data_page_offset;
882 uint64_t data_ptr = args->data_ptr;
883 int do_bit17_swizzling;
887 /* Pin the user pages containing the data. We can't fault while
888 * holding the struct mutex, and all of the pwrite implementations
889 * want to hold it while dereferencing the user data.
891 first_data_page = data_ptr / PAGE_SIZE;
892 last_data_page = (data_ptr + args->size - 1) / PAGE_SIZE;
893 num_pages = last_data_page - first_data_page + 1;
895 user_pages = drm_malloc_ab(num_pages, sizeof(struct page *));
896 if (user_pages == NULL)
899 mutex_unlock(&dev->struct_mutex);
900 down_read(&mm->mmap_sem);
901 pinned_pages = get_user_pages(current, mm, (uintptr_t)args->data_ptr,
902 num_pages, 0, 0, user_pages, NULL);
903 up_read(&mm->mmap_sem);
904 mutex_lock(&dev->struct_mutex);
905 if (pinned_pages < num_pages) {
910 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
914 do_bit17_swizzling = i915_gem_object_needs_bit17_swizzle(obj);
916 obj_priv = to_intel_bo(obj);
917 offset = args->offset;
921 /* Operation in this page
923 * shmem_page_index = page number within shmem file
924 * shmem_page_offset = offset within page in shmem file
925 * data_page_index = page number in get_user_pages return
926 * data_page_offset = offset with data_page_index page.
927 * page_length = bytes to copy for this page
929 shmem_page_index = offset / PAGE_SIZE;
930 shmem_page_offset = offset & ~PAGE_MASK;
931 data_page_index = data_ptr / PAGE_SIZE - first_data_page;
932 data_page_offset = data_ptr & ~PAGE_MASK;
934 page_length = remain;
935 if ((shmem_page_offset + page_length) > PAGE_SIZE)
936 page_length = PAGE_SIZE - shmem_page_offset;
937 if ((data_page_offset + page_length) > PAGE_SIZE)
938 page_length = PAGE_SIZE - data_page_offset;
940 if (do_bit17_swizzling) {
941 slow_shmem_bit17_copy(obj_priv->pages[shmem_page_index],
943 user_pages[data_page_index],
948 slow_shmem_copy(obj_priv->pages[shmem_page_index],
950 user_pages[data_page_index],
955 remain -= page_length;
956 data_ptr += page_length;
957 offset += page_length;
961 for (i = 0; i < pinned_pages; i++)
962 page_cache_release(user_pages[i]);
963 drm_free_large(user_pages);
969 * Writes data to the object referenced by handle.
971 * On error, the contents of the buffer that were to be modified are undefined.
974 i915_gem_pwrite_ioctl(struct drm_device *dev, void *data,
975 struct drm_file *file)
977 struct drm_i915_gem_pwrite *args = data;
978 struct drm_gem_object *obj;
979 struct drm_i915_gem_object *obj_priv;
985 if (!access_ok(VERIFY_READ,
986 (char __user *)(uintptr_t)args->data_ptr,
990 ret = fault_in_pages_readable((char __user *)(uintptr_t)args->data_ptr,
995 ret = i915_mutex_lock_interruptible(dev);
999 obj = drm_gem_object_lookup(dev, file, args->handle);
1004 obj_priv = to_intel_bo(obj);
1006 /* Bounds check destination. */
1007 if (args->offset > obj->size || args->size > obj->size - args->offset) {
1012 /* We can only do the GTT pwrite on untiled buffers, as otherwise
1013 * it would end up going through the fenced access, and we'll get
1014 * different detiling behavior between reading and writing.
1015 * pread/pwrite currently are reading and writing from the CPU
1016 * perspective, requiring manual detiling by the client.
1018 if (obj_priv->phys_obj)
1019 ret = i915_gem_phys_pwrite(dev, obj, args, file);
1020 else if (obj_priv->tiling_mode == I915_TILING_NONE &&
1021 obj_priv->gtt_space &&
1022 obj->write_domain != I915_GEM_DOMAIN_CPU) {
1023 ret = i915_gem_object_pin(obj, 0);
1027 ret = i915_gem_object_set_to_gtt_domain(obj, 1);
1031 ret = i915_gem_gtt_pwrite_fast(dev, obj, args, file);
1033 ret = i915_gem_gtt_pwrite_slow(dev, obj, args, file);
1036 i915_gem_object_unpin(obj);
1038 ret = i915_gem_object_get_pages_or_evict(obj);
1042 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
1047 if (!i915_gem_object_needs_bit17_swizzle(obj))
1048 ret = i915_gem_shmem_pwrite_fast(dev, obj, args, file);
1050 ret = i915_gem_shmem_pwrite_slow(dev, obj, args, file);
1053 i915_gem_object_put_pages(obj);
1057 drm_gem_object_unreference(obj);
1059 mutex_unlock(&dev->struct_mutex);
1064 * Called when user space prepares to use an object with the CPU, either
1065 * through the mmap ioctl's mapping or a GTT mapping.
1068 i915_gem_set_domain_ioctl(struct drm_device *dev, void *data,
1069 struct drm_file *file_priv)
1071 struct drm_i915_private *dev_priv = dev->dev_private;
1072 struct drm_i915_gem_set_domain *args = data;
1073 struct drm_gem_object *obj;
1074 struct drm_i915_gem_object *obj_priv;
1075 uint32_t read_domains = args->read_domains;
1076 uint32_t write_domain = args->write_domain;
1079 if (!(dev->driver->driver_features & DRIVER_GEM))
1082 /* Only handle setting domains to types used by the CPU. */
1083 if (write_domain & I915_GEM_GPU_DOMAINS)
1086 if (read_domains & I915_GEM_GPU_DOMAINS)
1089 /* Having something in the write domain implies it's in the read
1090 * domain, and only that read domain. Enforce that in the request.
1092 if (write_domain != 0 && read_domains != write_domain)
1095 ret = i915_mutex_lock_interruptible(dev);
1099 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1104 obj_priv = to_intel_bo(obj);
1106 intel_mark_busy(dev, obj);
1108 if (read_domains & I915_GEM_DOMAIN_GTT) {
1109 ret = i915_gem_object_set_to_gtt_domain(obj, write_domain != 0);
1111 /* Update the LRU on the fence for the CPU access that's
1114 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
1115 struct drm_i915_fence_reg *reg =
1116 &dev_priv->fence_regs[obj_priv->fence_reg];
1117 list_move_tail(®->lru_list,
1118 &dev_priv->mm.fence_list);
1121 /* Silently promote "you're not bound, there was nothing to do"
1122 * to success, since the client was just asking us to
1123 * make sure everything was done.
1128 ret = i915_gem_object_set_to_cpu_domain(obj, write_domain != 0);
1131 /* Maintain LRU order of "inactive" objects */
1132 if (ret == 0 && i915_gem_object_is_inactive(obj_priv))
1133 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.inactive_list);
1135 drm_gem_object_unreference(obj);
1137 mutex_unlock(&dev->struct_mutex);
1142 * Called when user space has done writes to this buffer
1145 i915_gem_sw_finish_ioctl(struct drm_device *dev, void *data,
1146 struct drm_file *file_priv)
1148 struct drm_i915_gem_sw_finish *args = data;
1149 struct drm_gem_object *obj;
1152 if (!(dev->driver->driver_features & DRIVER_GEM))
1155 ret = i915_mutex_lock_interruptible(dev);
1159 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1165 /* Pinned buffers may be scanout, so flush the cache */
1166 if (to_intel_bo(obj)->pin_count)
1167 i915_gem_object_flush_cpu_write_domain(obj);
1169 drm_gem_object_unreference(obj);
1171 mutex_unlock(&dev->struct_mutex);
1176 * Maps the contents of an object, returning the address it is mapped
1179 * While the mapping holds a reference on the contents of the object, it doesn't
1180 * imply a ref on the object itself.
1183 i915_gem_mmap_ioctl(struct drm_device *dev, void *data,
1184 struct drm_file *file_priv)
1186 struct drm_i915_gem_mmap *args = data;
1187 struct drm_gem_object *obj;
1191 if (!(dev->driver->driver_features & DRIVER_GEM))
1194 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1198 offset = args->offset;
1200 down_write(¤t->mm->mmap_sem);
1201 addr = do_mmap(obj->filp, 0, args->size,
1202 PROT_READ | PROT_WRITE, MAP_SHARED,
1204 up_write(¤t->mm->mmap_sem);
1205 drm_gem_object_unreference_unlocked(obj);
1206 if (IS_ERR((void *)addr))
1209 args->addr_ptr = (uint64_t) addr;
1215 * i915_gem_fault - fault a page into the GTT
1216 * vma: VMA in question
1219 * The fault handler is set up by drm_gem_mmap() when a object is GTT mapped
1220 * from userspace. The fault handler takes care of binding the object to
1221 * the GTT (if needed), allocating and programming a fence register (again,
1222 * only if needed based on whether the old reg is still valid or the object
1223 * is tiled) and inserting a new PTE into the faulting process.
1225 * Note that the faulting process may involve evicting existing objects
1226 * from the GTT and/or fence registers to make room. So performance may
1227 * suffer if the GTT working set is large or there are few fence registers
1230 int i915_gem_fault(struct vm_area_struct *vma, struct vm_fault *vmf)
1232 struct drm_gem_object *obj = vma->vm_private_data;
1233 struct drm_device *dev = obj->dev;
1234 drm_i915_private_t *dev_priv = dev->dev_private;
1235 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1236 pgoff_t page_offset;
1239 bool write = !!(vmf->flags & FAULT_FLAG_WRITE);
1241 /* We don't use vmf->pgoff since that has the fake offset */
1242 page_offset = ((unsigned long)vmf->virtual_address - vma->vm_start) >>
1245 /* Now bind it into the GTT if needed */
1246 mutex_lock(&dev->struct_mutex);
1247 if (!obj_priv->gtt_space) {
1248 ret = i915_gem_object_bind_to_gtt(obj, 0);
1252 ret = i915_gem_object_set_to_gtt_domain(obj, write);
1257 /* Need a new fence register? */
1258 if (obj_priv->tiling_mode != I915_TILING_NONE) {
1259 ret = i915_gem_object_get_fence_reg(obj, true);
1264 if (i915_gem_object_is_inactive(obj_priv))
1265 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.inactive_list);
1267 pfn = ((dev->agp->base + obj_priv->gtt_offset) >> PAGE_SHIFT) +
1270 /* Finally, remap it using the new GTT offset */
1271 ret = vm_insert_pfn(vma, (unsigned long)vmf->virtual_address, pfn);
1273 mutex_unlock(&dev->struct_mutex);
1278 return VM_FAULT_NOPAGE;
1281 return VM_FAULT_OOM;
1283 return VM_FAULT_SIGBUS;
1288 * i915_gem_create_mmap_offset - create a fake mmap offset for an object
1289 * @obj: obj in question
1291 * GEM memory mapping works by handing back to userspace a fake mmap offset
1292 * it can use in a subsequent mmap(2) call. The DRM core code then looks
1293 * up the object based on the offset and sets up the various memory mapping
1296 * This routine allocates and attaches a fake offset for @obj.
1299 i915_gem_create_mmap_offset(struct drm_gem_object *obj)
1301 struct drm_device *dev = obj->dev;
1302 struct drm_gem_mm *mm = dev->mm_private;
1303 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1304 struct drm_map_list *list;
1305 struct drm_local_map *map;
1308 /* Set the object up for mmap'ing */
1309 list = &obj->map_list;
1310 list->map = kzalloc(sizeof(struct drm_map_list), GFP_KERNEL);
1315 map->type = _DRM_GEM;
1316 map->size = obj->size;
1319 /* Get a DRM GEM mmap offset allocated... */
1320 list->file_offset_node = drm_mm_search_free(&mm->offset_manager,
1321 obj->size / PAGE_SIZE, 0, 0);
1322 if (!list->file_offset_node) {
1323 DRM_ERROR("failed to allocate offset for bo %d\n", obj->name);
1328 list->file_offset_node = drm_mm_get_block(list->file_offset_node,
1329 obj->size / PAGE_SIZE, 0);
1330 if (!list->file_offset_node) {
1335 list->hash.key = list->file_offset_node->start;
1336 ret = drm_ht_insert_item(&mm->offset_hash, &list->hash);
1338 DRM_ERROR("failed to add to map hash\n");
1342 /* By now we should be all set, any drm_mmap request on the offset
1343 * below will get to our mmap & fault handler */
1344 obj_priv->mmap_offset = ((uint64_t) list->hash.key) << PAGE_SHIFT;
1349 drm_mm_put_block(list->file_offset_node);
1357 * i915_gem_release_mmap - remove physical page mappings
1358 * @obj: obj in question
1360 * Preserve the reservation of the mmapping with the DRM core code, but
1361 * relinquish ownership of the pages back to the system.
1363 * It is vital that we remove the page mapping if we have mapped a tiled
1364 * object through the GTT and then lose the fence register due to
1365 * resource pressure. Similarly if the object has been moved out of the
1366 * aperture, than pages mapped into userspace must be revoked. Removing the
1367 * mapping will then trigger a page fault on the next user access, allowing
1368 * fixup by i915_gem_fault().
1371 i915_gem_release_mmap(struct drm_gem_object *obj)
1373 struct drm_device *dev = obj->dev;
1374 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1376 if (dev->dev_mapping)
1377 unmap_mapping_range(dev->dev_mapping,
1378 obj_priv->mmap_offset, obj->size, 1);
1382 i915_gem_free_mmap_offset(struct drm_gem_object *obj)
1384 struct drm_device *dev = obj->dev;
1385 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1386 struct drm_gem_mm *mm = dev->mm_private;
1387 struct drm_map_list *list;
1389 list = &obj->map_list;
1390 drm_ht_remove_item(&mm->offset_hash, &list->hash);
1392 if (list->file_offset_node) {
1393 drm_mm_put_block(list->file_offset_node);
1394 list->file_offset_node = NULL;
1402 obj_priv->mmap_offset = 0;
1406 * i915_gem_get_gtt_alignment - return required GTT alignment for an object
1407 * @obj: object to check
1409 * Return the required GTT alignment for an object, taking into account
1410 * potential fence register mapping if needed.
1413 i915_gem_get_gtt_alignment(struct drm_gem_object *obj)
1415 struct drm_device *dev = obj->dev;
1416 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1420 * Minimum alignment is 4k (GTT page size), but might be greater
1421 * if a fence register is needed for the object.
1423 if (INTEL_INFO(dev)->gen >= 4 || obj_priv->tiling_mode == I915_TILING_NONE)
1427 * Previous chips need to be aligned to the size of the smallest
1428 * fence register that can contain the object.
1430 if (INTEL_INFO(dev)->gen == 3)
1435 for (i = start; i < obj->size; i <<= 1)
1442 * i915_gem_mmap_gtt_ioctl - prepare an object for GTT mmap'ing
1444 * @data: GTT mapping ioctl data
1445 * @file_priv: GEM object info
1447 * Simply returns the fake offset to userspace so it can mmap it.
1448 * The mmap call will end up in drm_gem_mmap(), which will set things
1449 * up so we can get faults in the handler above.
1451 * The fault handler will take care of binding the object into the GTT
1452 * (since it may have been evicted to make room for something), allocating
1453 * a fence register, and mapping the appropriate aperture address into
1457 i915_gem_mmap_gtt_ioctl(struct drm_device *dev, void *data,
1458 struct drm_file *file_priv)
1460 struct drm_i915_gem_mmap_gtt *args = data;
1461 struct drm_gem_object *obj;
1462 struct drm_i915_gem_object *obj_priv;
1465 if (!(dev->driver->driver_features & DRIVER_GEM))
1468 ret = i915_mutex_lock_interruptible(dev);
1472 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
1477 obj_priv = to_intel_bo(obj);
1479 if (obj_priv->madv != I915_MADV_WILLNEED) {
1480 DRM_ERROR("Attempting to mmap a purgeable buffer\n");
1485 if (!obj_priv->mmap_offset) {
1486 ret = i915_gem_create_mmap_offset(obj);
1491 args->offset = obj_priv->mmap_offset;
1494 * Pull it into the GTT so that we have a page list (makes the
1495 * initial fault faster and any subsequent flushing possible).
1497 if (!obj_priv->agp_mem) {
1498 ret = i915_gem_object_bind_to_gtt(obj, 0);
1504 drm_gem_object_unreference(obj);
1506 mutex_unlock(&dev->struct_mutex);
1511 i915_gem_object_put_pages(struct drm_gem_object *obj)
1513 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1514 int page_count = obj->size / PAGE_SIZE;
1517 BUG_ON(obj_priv->pages_refcount == 0);
1518 BUG_ON(obj_priv->madv == __I915_MADV_PURGED);
1520 if (--obj_priv->pages_refcount != 0)
1523 if (obj_priv->tiling_mode != I915_TILING_NONE)
1524 i915_gem_object_save_bit_17_swizzle(obj);
1526 if (obj_priv->madv == I915_MADV_DONTNEED)
1527 obj_priv->dirty = 0;
1529 for (i = 0; i < page_count; i++) {
1530 if (obj_priv->dirty)
1531 set_page_dirty(obj_priv->pages[i]);
1533 if (obj_priv->madv == I915_MADV_WILLNEED)
1534 mark_page_accessed(obj_priv->pages[i]);
1536 page_cache_release(obj_priv->pages[i]);
1538 obj_priv->dirty = 0;
1540 drm_free_large(obj_priv->pages);
1541 obj_priv->pages = NULL;
1545 i915_gem_next_request_seqno(struct drm_device *dev,
1546 struct intel_ring_buffer *ring)
1548 drm_i915_private_t *dev_priv = dev->dev_private;
1550 ring->outstanding_lazy_request = true;
1551 return dev_priv->next_seqno;
1555 i915_gem_object_move_to_active(struct drm_gem_object *obj,
1556 struct intel_ring_buffer *ring)
1558 struct drm_device *dev = obj->dev;
1559 struct drm_i915_private *dev_priv = dev->dev_private;
1560 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1561 uint32_t seqno = i915_gem_next_request_seqno(dev, ring);
1563 BUG_ON(ring == NULL);
1564 obj_priv->ring = ring;
1566 /* Add a reference if we're newly entering the active list. */
1567 if (!obj_priv->active) {
1568 drm_gem_object_reference(obj);
1569 obj_priv->active = 1;
1572 /* Move from whatever list we were on to the tail of execution. */
1573 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.active_list);
1574 list_move_tail(&obj_priv->ring_list, &ring->active_list);
1575 obj_priv->last_rendering_seqno = seqno;
1579 i915_gem_object_move_to_flushing(struct drm_gem_object *obj)
1581 struct drm_device *dev = obj->dev;
1582 drm_i915_private_t *dev_priv = dev->dev_private;
1583 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1585 BUG_ON(!obj_priv->active);
1586 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.flushing_list);
1587 list_del_init(&obj_priv->ring_list);
1588 obj_priv->last_rendering_seqno = 0;
1591 /* Immediately discard the backing storage */
1593 i915_gem_object_truncate(struct drm_gem_object *obj)
1595 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1596 struct inode *inode;
1598 /* Our goal here is to return as much of the memory as
1599 * is possible back to the system as we are called from OOM.
1600 * To do this we must instruct the shmfs to drop all of its
1601 * backing pages, *now*. Here we mirror the actions taken
1602 * when by shmem_delete_inode() to release the backing store.
1604 inode = obj->filp->f_path.dentry->d_inode;
1605 truncate_inode_pages(inode->i_mapping, 0);
1606 if (inode->i_op->truncate_range)
1607 inode->i_op->truncate_range(inode, 0, (loff_t)-1);
1609 obj_priv->madv = __I915_MADV_PURGED;
1613 i915_gem_object_is_purgeable(struct drm_i915_gem_object *obj_priv)
1615 return obj_priv->madv == I915_MADV_DONTNEED;
1619 i915_gem_object_move_to_inactive(struct drm_gem_object *obj)
1621 struct drm_device *dev = obj->dev;
1622 drm_i915_private_t *dev_priv = dev->dev_private;
1623 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
1625 if (obj_priv->pin_count != 0)
1626 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.pinned_list);
1628 list_move_tail(&obj_priv->mm_list, &dev_priv->mm.inactive_list);
1629 list_del_init(&obj_priv->ring_list);
1631 BUG_ON(!list_empty(&obj_priv->gpu_write_list));
1633 obj_priv->last_rendering_seqno = 0;
1634 obj_priv->ring = NULL;
1635 if (obj_priv->active) {
1636 obj_priv->active = 0;
1637 drm_gem_object_unreference(obj);
1639 WARN_ON(i915_verify_lists(dev));
1643 i915_gem_process_flushing_list(struct drm_device *dev,
1644 uint32_t flush_domains,
1645 struct intel_ring_buffer *ring)
1647 drm_i915_private_t *dev_priv = dev->dev_private;
1648 struct drm_i915_gem_object *obj_priv, *next;
1650 list_for_each_entry_safe(obj_priv, next,
1651 &ring->gpu_write_list,
1653 struct drm_gem_object *obj = &obj_priv->base;
1655 if (obj->write_domain & flush_domains) {
1656 uint32_t old_write_domain = obj->write_domain;
1658 obj->write_domain = 0;
1659 list_del_init(&obj_priv->gpu_write_list);
1660 i915_gem_object_move_to_active(obj, ring);
1662 /* update the fence lru list */
1663 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
1664 struct drm_i915_fence_reg *reg =
1665 &dev_priv->fence_regs[obj_priv->fence_reg];
1666 list_move_tail(®->lru_list,
1667 &dev_priv->mm.fence_list);
1670 trace_i915_gem_object_change_domain(obj,
1678 i915_add_request(struct drm_device *dev,
1679 struct drm_file *file,
1680 struct drm_i915_gem_request *request,
1681 struct intel_ring_buffer *ring)
1683 drm_i915_private_t *dev_priv = dev->dev_private;
1684 struct drm_i915_file_private *file_priv = NULL;
1689 file_priv = file->driver_priv;
1691 if (request == NULL) {
1692 request = kzalloc(sizeof(*request), GFP_KERNEL);
1693 if (request == NULL)
1697 seqno = ring->add_request(dev, ring, 0);
1698 ring->outstanding_lazy_request = false;
1700 request->seqno = seqno;
1701 request->ring = ring;
1702 request->emitted_jiffies = jiffies;
1703 was_empty = list_empty(&ring->request_list);
1704 list_add_tail(&request->list, &ring->request_list);
1707 spin_lock(&file_priv->mm.lock);
1708 request->file_priv = file_priv;
1709 list_add_tail(&request->client_list,
1710 &file_priv->mm.request_list);
1711 spin_unlock(&file_priv->mm.lock);
1714 if (!dev_priv->mm.suspended) {
1715 mod_timer(&dev_priv->hangcheck_timer,
1716 jiffies + msecs_to_jiffies(DRM_I915_HANGCHECK_PERIOD));
1718 queue_delayed_work(dev_priv->wq,
1719 &dev_priv->mm.retire_work, HZ);
1725 * Command execution barrier
1727 * Ensures that all commands in the ring are finished
1728 * before signalling the CPU
1731 i915_retire_commands(struct drm_device *dev, struct intel_ring_buffer *ring)
1733 uint32_t flush_domains = 0;
1735 /* The sampler always gets flushed on i965 (sigh) */
1736 if (INTEL_INFO(dev)->gen >= 4)
1737 flush_domains |= I915_GEM_DOMAIN_SAMPLER;
1739 ring->flush(dev, ring,
1740 I915_GEM_DOMAIN_COMMAND, flush_domains);
1744 i915_gem_request_remove_from_client(struct drm_i915_gem_request *request)
1746 struct drm_i915_file_private *file_priv = request->file_priv;
1751 spin_lock(&file_priv->mm.lock);
1752 list_del(&request->client_list);
1753 request->file_priv = NULL;
1754 spin_unlock(&file_priv->mm.lock);
1757 static void i915_gem_reset_ring_lists(struct drm_i915_private *dev_priv,
1758 struct intel_ring_buffer *ring)
1760 while (!list_empty(&ring->request_list)) {
1761 struct drm_i915_gem_request *request;
1763 request = list_first_entry(&ring->request_list,
1764 struct drm_i915_gem_request,
1767 list_del(&request->list);
1768 i915_gem_request_remove_from_client(request);
1772 while (!list_empty(&ring->active_list)) {
1773 struct drm_i915_gem_object *obj_priv;
1775 obj_priv = list_first_entry(&ring->active_list,
1776 struct drm_i915_gem_object,
1779 obj_priv->base.write_domain = 0;
1780 list_del_init(&obj_priv->gpu_write_list);
1781 i915_gem_object_move_to_inactive(&obj_priv->base);
1785 void i915_gem_reset(struct drm_device *dev)
1787 struct drm_i915_private *dev_priv = dev->dev_private;
1788 struct drm_i915_gem_object *obj_priv;
1791 i915_gem_reset_ring_lists(dev_priv, &dev_priv->render_ring);
1792 i915_gem_reset_ring_lists(dev_priv, &dev_priv->bsd_ring);
1793 i915_gem_reset_ring_lists(dev_priv, &dev_priv->blt_ring);
1795 /* Remove anything from the flushing lists. The GPU cache is likely
1796 * to be lost on reset along with the data, so simply move the
1797 * lost bo to the inactive list.
1799 while (!list_empty(&dev_priv->mm.flushing_list)) {
1800 obj_priv = list_first_entry(&dev_priv->mm.flushing_list,
1801 struct drm_i915_gem_object,
1804 obj_priv->base.write_domain = 0;
1805 list_del_init(&obj_priv->gpu_write_list);
1806 i915_gem_object_move_to_inactive(&obj_priv->base);
1809 /* Move everything out of the GPU domains to ensure we do any
1810 * necessary invalidation upon reuse.
1812 list_for_each_entry(obj_priv,
1813 &dev_priv->mm.inactive_list,
1816 obj_priv->base.read_domains &= ~I915_GEM_GPU_DOMAINS;
1819 /* The fence registers are invalidated so clear them out */
1820 for (i = 0; i < 16; i++) {
1821 struct drm_i915_fence_reg *reg;
1823 reg = &dev_priv->fence_regs[i];
1827 i915_gem_clear_fence_reg(reg->obj);
1832 * This function clears the request list as sequence numbers are passed.
1835 i915_gem_retire_requests_ring(struct drm_device *dev,
1836 struct intel_ring_buffer *ring)
1838 drm_i915_private_t *dev_priv = dev->dev_private;
1841 if (!ring->status_page.page_addr ||
1842 list_empty(&ring->request_list))
1845 WARN_ON(i915_verify_lists(dev));
1847 seqno = ring->get_seqno(dev, ring);
1848 while (!list_empty(&ring->request_list)) {
1849 struct drm_i915_gem_request *request;
1851 request = list_first_entry(&ring->request_list,
1852 struct drm_i915_gem_request,
1855 if (!i915_seqno_passed(seqno, request->seqno))
1858 trace_i915_gem_request_retire(dev, request->seqno);
1860 list_del(&request->list);
1861 i915_gem_request_remove_from_client(request);
1865 /* Move any buffers on the active list that are no longer referenced
1866 * by the ringbuffer to the flushing/inactive lists as appropriate.
1868 while (!list_empty(&ring->active_list)) {
1869 struct drm_gem_object *obj;
1870 struct drm_i915_gem_object *obj_priv;
1872 obj_priv = list_first_entry(&ring->active_list,
1873 struct drm_i915_gem_object,
1876 if (!i915_seqno_passed(seqno, obj_priv->last_rendering_seqno))
1879 obj = &obj_priv->base;
1880 if (obj->write_domain != 0)
1881 i915_gem_object_move_to_flushing(obj);
1883 i915_gem_object_move_to_inactive(obj);
1886 if (unlikely (dev_priv->trace_irq_seqno &&
1887 i915_seqno_passed(dev_priv->trace_irq_seqno, seqno))) {
1888 ring->user_irq_put(dev, ring);
1889 dev_priv->trace_irq_seqno = 0;
1892 WARN_ON(i915_verify_lists(dev));
1896 i915_gem_retire_requests(struct drm_device *dev)
1898 drm_i915_private_t *dev_priv = dev->dev_private;
1900 if (!list_empty(&dev_priv->mm.deferred_free_list)) {
1901 struct drm_i915_gem_object *obj_priv, *tmp;
1903 /* We must be careful that during unbind() we do not
1904 * accidentally infinitely recurse into retire requests.
1906 * retire -> free -> unbind -> wait -> retire_ring
1908 list_for_each_entry_safe(obj_priv, tmp,
1909 &dev_priv->mm.deferred_free_list,
1911 i915_gem_free_object_tail(&obj_priv->base);
1914 i915_gem_retire_requests_ring(dev, &dev_priv->render_ring);
1915 i915_gem_retire_requests_ring(dev, &dev_priv->bsd_ring);
1916 i915_gem_retire_requests_ring(dev, &dev_priv->blt_ring);
1920 i915_gem_retire_work_handler(struct work_struct *work)
1922 drm_i915_private_t *dev_priv;
1923 struct drm_device *dev;
1925 dev_priv = container_of(work, drm_i915_private_t,
1926 mm.retire_work.work);
1927 dev = dev_priv->dev;
1929 /* Come back later if the device is busy... */
1930 if (!mutex_trylock(&dev->struct_mutex)) {
1931 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1935 i915_gem_retire_requests(dev);
1937 if (!dev_priv->mm.suspended &&
1938 (!list_empty(&dev_priv->render_ring.request_list) ||
1939 !list_empty(&dev_priv->bsd_ring.request_list) ||
1940 !list_empty(&dev_priv->blt_ring.request_list)))
1941 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, HZ);
1942 mutex_unlock(&dev->struct_mutex);
1946 i915_do_wait_request(struct drm_device *dev, uint32_t seqno,
1947 bool interruptible, struct intel_ring_buffer *ring)
1949 drm_i915_private_t *dev_priv = dev->dev_private;
1955 if (atomic_read(&dev_priv->mm.wedged))
1958 if (ring->outstanding_lazy_request) {
1959 seqno = i915_add_request(dev, NULL, NULL, ring);
1963 BUG_ON(seqno == dev_priv->next_seqno);
1965 if (!i915_seqno_passed(ring->get_seqno(dev, ring), seqno)) {
1966 if (HAS_PCH_SPLIT(dev))
1967 ier = I915_READ(DEIER) | I915_READ(GTIER);
1969 ier = I915_READ(IER);
1971 DRM_ERROR("something (likely vbetool) disabled "
1972 "interrupts, re-enabling\n");
1973 i915_driver_irq_preinstall(dev);
1974 i915_driver_irq_postinstall(dev);
1977 trace_i915_gem_request_wait_begin(dev, seqno);
1979 ring->waiting_gem_seqno = seqno;
1980 ring->user_irq_get(dev, ring);
1982 ret = wait_event_interruptible(ring->irq_queue,
1984 ring->get_seqno(dev, ring), seqno)
1985 || atomic_read(&dev_priv->mm.wedged));
1987 wait_event(ring->irq_queue,
1989 ring->get_seqno(dev, ring), seqno)
1990 || atomic_read(&dev_priv->mm.wedged));
1992 ring->user_irq_put(dev, ring);
1993 ring->waiting_gem_seqno = 0;
1995 trace_i915_gem_request_wait_end(dev, seqno);
1997 if (atomic_read(&dev_priv->mm.wedged))
2000 if (ret && ret != -ERESTARTSYS)
2001 DRM_ERROR("%s returns %d (awaiting %d at %d, next %d)\n",
2002 __func__, ret, seqno, ring->get_seqno(dev, ring),
2003 dev_priv->next_seqno);
2005 /* Directly dispatch request retiring. While we have the work queue
2006 * to handle this, the waiter on a request often wants an associated
2007 * buffer to have made it to the inactive list, and we would need
2008 * a separate wait queue to handle that.
2011 i915_gem_retire_requests_ring(dev, ring);
2017 * Waits for a sequence number to be signaled, and cleans up the
2018 * request and object lists appropriately for that event.
2021 i915_wait_request(struct drm_device *dev, uint32_t seqno,
2022 struct intel_ring_buffer *ring)
2024 return i915_do_wait_request(dev, seqno, 1, ring);
2028 i915_gem_flush_ring(struct drm_device *dev,
2029 struct drm_file *file_priv,
2030 struct intel_ring_buffer *ring,
2031 uint32_t invalidate_domains,
2032 uint32_t flush_domains)
2034 ring->flush(dev, ring, invalidate_domains, flush_domains);
2035 i915_gem_process_flushing_list(dev, flush_domains, ring);
2039 i915_gem_flush(struct drm_device *dev,
2040 struct drm_file *file_priv,
2041 uint32_t invalidate_domains,
2042 uint32_t flush_domains,
2043 uint32_t flush_rings)
2045 drm_i915_private_t *dev_priv = dev->dev_private;
2047 if (flush_domains & I915_GEM_DOMAIN_CPU)
2048 drm_agp_chipset_flush(dev);
2050 if ((flush_domains | invalidate_domains) & I915_GEM_GPU_DOMAINS) {
2051 if (flush_rings & RING_RENDER)
2052 i915_gem_flush_ring(dev, file_priv,
2053 &dev_priv->render_ring,
2054 invalidate_domains, flush_domains);
2055 if (flush_rings & RING_BSD)
2056 i915_gem_flush_ring(dev, file_priv,
2057 &dev_priv->bsd_ring,
2058 invalidate_domains, flush_domains);
2059 if (flush_rings & RING_BLT)
2060 i915_gem_flush_ring(dev, file_priv,
2061 &dev_priv->blt_ring,
2062 invalidate_domains, flush_domains);
2067 * Ensures that all rendering to the object has completed and the object is
2068 * safe to unbind from the GTT or access from the CPU.
2071 i915_gem_object_wait_rendering(struct drm_gem_object *obj,
2074 struct drm_device *dev = obj->dev;
2075 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2078 /* This function only exists to support waiting for existing rendering,
2079 * not for emitting required flushes.
2081 BUG_ON((obj->write_domain & I915_GEM_GPU_DOMAINS) != 0);
2083 /* If there is rendering queued on the buffer being evicted, wait for
2086 if (obj_priv->active) {
2087 ret = i915_do_wait_request(dev,
2088 obj_priv->last_rendering_seqno,
2099 * Unbinds an object from the GTT aperture.
2102 i915_gem_object_unbind(struct drm_gem_object *obj)
2104 struct drm_device *dev = obj->dev;
2105 struct drm_i915_private *dev_priv = dev->dev_private;
2106 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2109 if (obj_priv->gtt_space == NULL)
2112 if (obj_priv->pin_count != 0) {
2113 DRM_ERROR("Attempting to unbind pinned buffer\n");
2117 /* blow away mappings if mapped through GTT */
2118 i915_gem_release_mmap(obj);
2120 /* Move the object to the CPU domain to ensure that
2121 * any possible CPU writes while it's not in the GTT
2122 * are flushed when we go to remap it. This will
2123 * also ensure that all pending GPU writes are finished
2126 ret = i915_gem_object_set_to_cpu_domain(obj, 1);
2127 if (ret == -ERESTARTSYS)
2129 /* Continue on if we fail due to EIO, the GPU is hung so we
2130 * should be safe and we need to cleanup or else we might
2131 * cause memory corruption through use-after-free.
2134 i915_gem_clflush_object(obj);
2135 obj->read_domains = obj->write_domain = I915_GEM_DOMAIN_CPU;
2138 /* release the fence reg _after_ flushing */
2139 if (obj_priv->fence_reg != I915_FENCE_REG_NONE)
2140 i915_gem_clear_fence_reg(obj);
2142 drm_unbind_agp(obj_priv->agp_mem);
2143 drm_free_agp(obj_priv->agp_mem, obj->size / PAGE_SIZE);
2145 i915_gem_object_put_pages(obj);
2146 BUG_ON(obj_priv->pages_refcount);
2148 i915_gem_info_remove_gtt(dev_priv, obj->size);
2149 list_del_init(&obj_priv->mm_list);
2151 drm_mm_put_block(obj_priv->gtt_space);
2152 obj_priv->gtt_space = NULL;
2153 obj_priv->gtt_offset = 0;
2155 if (i915_gem_object_is_purgeable(obj_priv))
2156 i915_gem_object_truncate(obj);
2158 trace_i915_gem_object_unbind(obj);
2163 static int i915_ring_idle(struct drm_device *dev,
2164 struct intel_ring_buffer *ring)
2166 if (list_empty(&ring->gpu_write_list) && list_empty(&ring->active_list))
2169 i915_gem_flush_ring(dev, NULL, ring,
2170 I915_GEM_GPU_DOMAINS, I915_GEM_GPU_DOMAINS);
2171 return i915_wait_request(dev,
2172 i915_gem_next_request_seqno(dev, ring),
2177 i915_gpu_idle(struct drm_device *dev)
2179 drm_i915_private_t *dev_priv = dev->dev_private;
2183 lists_empty = (list_empty(&dev_priv->mm.flushing_list) &&
2184 list_empty(&dev_priv->mm.active_list));
2188 /* Flush everything onto the inactive list. */
2189 ret = i915_ring_idle(dev, &dev_priv->render_ring);
2193 ret = i915_ring_idle(dev, &dev_priv->bsd_ring);
2197 ret = i915_ring_idle(dev, &dev_priv->blt_ring);
2205 i915_gem_object_get_pages(struct drm_gem_object *obj,
2208 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2210 struct address_space *mapping;
2211 struct inode *inode;
2214 BUG_ON(obj_priv->pages_refcount
2215 == DRM_I915_GEM_OBJECT_MAX_PAGES_REFCOUNT);
2217 if (obj_priv->pages_refcount++ != 0)
2220 /* Get the list of pages out of our struct file. They'll be pinned
2221 * at this point until we release them.
2223 page_count = obj->size / PAGE_SIZE;
2224 BUG_ON(obj_priv->pages != NULL);
2225 obj_priv->pages = drm_calloc_large(page_count, sizeof(struct page *));
2226 if (obj_priv->pages == NULL) {
2227 obj_priv->pages_refcount--;
2231 inode = obj->filp->f_path.dentry->d_inode;
2232 mapping = inode->i_mapping;
2233 for (i = 0; i < page_count; i++) {
2234 page = read_cache_page_gfp(mapping, i,
2242 obj_priv->pages[i] = page;
2245 if (obj_priv->tiling_mode != I915_TILING_NONE)
2246 i915_gem_object_do_bit_17_swizzle(obj);
2252 page_cache_release(obj_priv->pages[i]);
2254 drm_free_large(obj_priv->pages);
2255 obj_priv->pages = NULL;
2256 obj_priv->pages_refcount--;
2257 return PTR_ERR(page);
2260 static void sandybridge_write_fence_reg(struct drm_i915_fence_reg *reg)
2262 struct drm_gem_object *obj = reg->obj;
2263 struct drm_device *dev = obj->dev;
2264 drm_i915_private_t *dev_priv = dev->dev_private;
2265 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2266 int regnum = obj_priv->fence_reg;
2269 val = (uint64_t)((obj_priv->gtt_offset + obj->size - 4096) &
2271 val |= obj_priv->gtt_offset & 0xfffff000;
2272 val |= (uint64_t)((obj_priv->stride / 128) - 1) <<
2273 SANDYBRIDGE_FENCE_PITCH_SHIFT;
2275 if (obj_priv->tiling_mode == I915_TILING_Y)
2276 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
2277 val |= I965_FENCE_REG_VALID;
2279 I915_WRITE64(FENCE_REG_SANDYBRIDGE_0 + (regnum * 8), val);
2282 static void i965_write_fence_reg(struct drm_i915_fence_reg *reg)
2284 struct drm_gem_object *obj = reg->obj;
2285 struct drm_device *dev = obj->dev;
2286 drm_i915_private_t *dev_priv = dev->dev_private;
2287 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2288 int regnum = obj_priv->fence_reg;
2291 val = (uint64_t)((obj_priv->gtt_offset + obj->size - 4096) &
2293 val |= obj_priv->gtt_offset & 0xfffff000;
2294 val |= ((obj_priv->stride / 128) - 1) << I965_FENCE_PITCH_SHIFT;
2295 if (obj_priv->tiling_mode == I915_TILING_Y)
2296 val |= 1 << I965_FENCE_TILING_Y_SHIFT;
2297 val |= I965_FENCE_REG_VALID;
2299 I915_WRITE64(FENCE_REG_965_0 + (regnum * 8), val);
2302 static void i915_write_fence_reg(struct drm_i915_fence_reg *reg)
2304 struct drm_gem_object *obj = reg->obj;
2305 struct drm_device *dev = obj->dev;
2306 drm_i915_private_t *dev_priv = dev->dev_private;
2307 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2308 int regnum = obj_priv->fence_reg;
2310 uint32_t fence_reg, val;
2313 if ((obj_priv->gtt_offset & ~I915_FENCE_START_MASK) ||
2314 (obj_priv->gtt_offset & (obj->size - 1))) {
2315 WARN(1, "%s: object 0x%08x not 1M or size (0x%zx) aligned\n",
2316 __func__, obj_priv->gtt_offset, obj->size);
2320 if (obj_priv->tiling_mode == I915_TILING_Y &&
2321 HAS_128_BYTE_Y_TILING(dev))
2326 /* Note: pitch better be a power of two tile widths */
2327 pitch_val = obj_priv->stride / tile_width;
2328 pitch_val = ffs(pitch_val) - 1;
2330 if (obj_priv->tiling_mode == I915_TILING_Y &&
2331 HAS_128_BYTE_Y_TILING(dev))
2332 WARN_ON(pitch_val > I830_FENCE_MAX_PITCH_VAL);
2334 WARN_ON(pitch_val > I915_FENCE_MAX_PITCH_VAL);
2336 val = obj_priv->gtt_offset;
2337 if (obj_priv->tiling_mode == I915_TILING_Y)
2338 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2339 val |= I915_FENCE_SIZE_BITS(obj->size);
2340 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2341 val |= I830_FENCE_REG_VALID;
2344 fence_reg = FENCE_REG_830_0 + (regnum * 4);
2346 fence_reg = FENCE_REG_945_8 + ((regnum - 8) * 4);
2347 I915_WRITE(fence_reg, val);
2350 static void i830_write_fence_reg(struct drm_i915_fence_reg *reg)
2352 struct drm_gem_object *obj = reg->obj;
2353 struct drm_device *dev = obj->dev;
2354 drm_i915_private_t *dev_priv = dev->dev_private;
2355 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2356 int regnum = obj_priv->fence_reg;
2359 uint32_t fence_size_bits;
2361 if ((obj_priv->gtt_offset & ~I830_FENCE_START_MASK) ||
2362 (obj_priv->gtt_offset & (obj->size - 1))) {
2363 WARN(1, "%s: object 0x%08x not 512K or size aligned\n",
2364 __func__, obj_priv->gtt_offset);
2368 pitch_val = obj_priv->stride / 128;
2369 pitch_val = ffs(pitch_val) - 1;
2370 WARN_ON(pitch_val > I830_FENCE_MAX_PITCH_VAL);
2372 val = obj_priv->gtt_offset;
2373 if (obj_priv->tiling_mode == I915_TILING_Y)
2374 val |= 1 << I830_FENCE_TILING_Y_SHIFT;
2375 fence_size_bits = I830_FENCE_SIZE_BITS(obj->size);
2376 WARN_ON(fence_size_bits & ~0x00000f00);
2377 val |= fence_size_bits;
2378 val |= pitch_val << I830_FENCE_PITCH_SHIFT;
2379 val |= I830_FENCE_REG_VALID;
2381 I915_WRITE(FENCE_REG_830_0 + (regnum * 4), val);
2384 static int i915_find_fence_reg(struct drm_device *dev,
2387 struct drm_i915_fence_reg *reg = NULL;
2388 struct drm_i915_gem_object *obj_priv = NULL;
2389 struct drm_i915_private *dev_priv = dev->dev_private;
2390 struct drm_gem_object *obj = NULL;
2393 /* First try to find a free reg */
2395 for (i = dev_priv->fence_reg_start; i < dev_priv->num_fence_regs; i++) {
2396 reg = &dev_priv->fence_regs[i];
2400 obj_priv = to_intel_bo(reg->obj);
2401 if (!obj_priv->pin_count)
2408 /* None available, try to steal one or wait for a user to finish */
2409 i = I915_FENCE_REG_NONE;
2410 list_for_each_entry(reg, &dev_priv->mm.fence_list,
2413 obj_priv = to_intel_bo(obj);
2415 if (obj_priv->pin_count)
2419 i = obj_priv->fence_reg;
2423 BUG_ON(i == I915_FENCE_REG_NONE);
2425 /* We only have a reference on obj from the active list. put_fence_reg
2426 * might drop that one, causing a use-after-free in it. So hold a
2427 * private reference to obj like the other callers of put_fence_reg
2428 * (set_tiling ioctl) do. */
2429 drm_gem_object_reference(obj);
2430 ret = i915_gem_object_put_fence_reg(obj, interruptible);
2431 drm_gem_object_unreference(obj);
2439 * i915_gem_object_get_fence_reg - set up a fence reg for an object
2440 * @obj: object to map through a fence reg
2442 * When mapping objects through the GTT, userspace wants to be able to write
2443 * to them without having to worry about swizzling if the object is tiled.
2445 * This function walks the fence regs looking for a free one for @obj,
2446 * stealing one if it can't find any.
2448 * It then sets up the reg based on the object's properties: address, pitch
2449 * and tiling format.
2452 i915_gem_object_get_fence_reg(struct drm_gem_object *obj,
2455 struct drm_device *dev = obj->dev;
2456 struct drm_i915_private *dev_priv = dev->dev_private;
2457 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2458 struct drm_i915_fence_reg *reg = NULL;
2461 /* Just update our place in the LRU if our fence is getting used. */
2462 if (obj_priv->fence_reg != I915_FENCE_REG_NONE) {
2463 reg = &dev_priv->fence_regs[obj_priv->fence_reg];
2464 list_move_tail(®->lru_list, &dev_priv->mm.fence_list);
2468 switch (obj_priv->tiling_mode) {
2469 case I915_TILING_NONE:
2470 WARN(1, "allocating a fence for non-tiled object?\n");
2473 if (!obj_priv->stride)
2475 WARN((obj_priv->stride & (512 - 1)),
2476 "object 0x%08x is X tiled but has non-512B pitch\n",
2477 obj_priv->gtt_offset);
2480 if (!obj_priv->stride)
2482 WARN((obj_priv->stride & (128 - 1)),
2483 "object 0x%08x is Y tiled but has non-128B pitch\n",
2484 obj_priv->gtt_offset);
2488 ret = i915_find_fence_reg(dev, interruptible);
2492 obj_priv->fence_reg = ret;
2493 reg = &dev_priv->fence_regs[obj_priv->fence_reg];
2494 list_add_tail(®->lru_list, &dev_priv->mm.fence_list);
2498 switch (INTEL_INFO(dev)->gen) {
2500 sandybridge_write_fence_reg(reg);
2504 i965_write_fence_reg(reg);
2507 i915_write_fence_reg(reg);
2510 i830_write_fence_reg(reg);
2514 trace_i915_gem_object_get_fence(obj, obj_priv->fence_reg,
2515 obj_priv->tiling_mode);
2521 * i915_gem_clear_fence_reg - clear out fence register info
2522 * @obj: object to clear
2524 * Zeroes out the fence register itself and clears out the associated
2525 * data structures in dev_priv and obj_priv.
2528 i915_gem_clear_fence_reg(struct drm_gem_object *obj)
2530 struct drm_device *dev = obj->dev;
2531 drm_i915_private_t *dev_priv = dev->dev_private;
2532 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2533 struct drm_i915_fence_reg *reg =
2534 &dev_priv->fence_regs[obj_priv->fence_reg];
2537 switch (INTEL_INFO(dev)->gen) {
2539 I915_WRITE64(FENCE_REG_SANDYBRIDGE_0 +
2540 (obj_priv->fence_reg * 8), 0);
2544 I915_WRITE64(FENCE_REG_965_0 + (obj_priv->fence_reg * 8), 0);
2547 if (obj_priv->fence_reg >= 8)
2548 fence_reg = FENCE_REG_945_8 + (obj_priv->fence_reg - 8) * 4;
2551 fence_reg = FENCE_REG_830_0 + obj_priv->fence_reg * 4;
2553 I915_WRITE(fence_reg, 0);
2558 obj_priv->fence_reg = I915_FENCE_REG_NONE;
2559 list_del_init(®->lru_list);
2563 * i915_gem_object_put_fence_reg - waits on outstanding fenced access
2564 * to the buffer to finish, and then resets the fence register.
2565 * @obj: tiled object holding a fence register.
2566 * @bool: whether the wait upon the fence is interruptible
2568 * Zeroes out the fence register itself and clears out the associated
2569 * data structures in dev_priv and obj_priv.
2572 i915_gem_object_put_fence_reg(struct drm_gem_object *obj,
2575 struct drm_device *dev = obj->dev;
2576 struct drm_i915_private *dev_priv = dev->dev_private;
2577 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2578 struct drm_i915_fence_reg *reg;
2580 if (obj_priv->fence_reg == I915_FENCE_REG_NONE)
2583 /* If we've changed tiling, GTT-mappings of the object
2584 * need to re-fault to ensure that the correct fence register
2585 * setup is in place.
2587 i915_gem_release_mmap(obj);
2589 /* On the i915, GPU access to tiled buffers is via a fence,
2590 * therefore we must wait for any outstanding access to complete
2591 * before clearing the fence.
2593 reg = &dev_priv->fence_regs[obj_priv->fence_reg];
2597 ret = i915_gem_object_flush_gpu_write_domain(obj, true);
2601 ret = i915_gem_object_wait_rendering(obj, interruptible);
2608 i915_gem_object_flush_gtt_write_domain(obj);
2609 i915_gem_clear_fence_reg(obj);
2615 * Finds free space in the GTT aperture and binds the object there.
2618 i915_gem_object_bind_to_gtt(struct drm_gem_object *obj, unsigned alignment)
2620 struct drm_device *dev = obj->dev;
2621 drm_i915_private_t *dev_priv = dev->dev_private;
2622 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2623 struct drm_mm_node *free_space;
2624 gfp_t gfpmask = __GFP_NORETRY | __GFP_NOWARN;
2627 if (obj_priv->madv != I915_MADV_WILLNEED) {
2628 DRM_ERROR("Attempting to bind a purgeable object\n");
2633 alignment = i915_gem_get_gtt_alignment(obj);
2634 if (alignment & (i915_gem_get_gtt_alignment(obj) - 1)) {
2635 DRM_ERROR("Invalid object alignment requested %u\n", alignment);
2639 /* If the object is bigger than the entire aperture, reject it early
2640 * before evicting everything in a vain attempt to find space.
2642 if (obj->size > dev_priv->mm.gtt_total) {
2643 DRM_ERROR("Attempting to bind an object larger than the aperture\n");
2648 free_space = drm_mm_search_free(&dev_priv->mm.gtt_space,
2649 obj->size, alignment, 0);
2650 if (free_space != NULL)
2651 obj_priv->gtt_space = drm_mm_get_block(free_space, obj->size,
2653 if (obj_priv->gtt_space == NULL) {
2654 /* If the gtt is empty and we're still having trouble
2655 * fitting our object in, we're out of memory.
2657 ret = i915_gem_evict_something(dev, obj->size, alignment);
2664 ret = i915_gem_object_get_pages(obj, gfpmask);
2666 drm_mm_put_block(obj_priv->gtt_space);
2667 obj_priv->gtt_space = NULL;
2669 if (ret == -ENOMEM) {
2670 /* first try to clear up some space from the GTT */
2671 ret = i915_gem_evict_something(dev, obj->size,
2674 /* now try to shrink everyone else */
2689 /* Create an AGP memory structure pointing at our pages, and bind it
2692 obj_priv->agp_mem = drm_agp_bind_pages(dev,
2694 obj->size >> PAGE_SHIFT,
2695 obj_priv->gtt_space->start,
2696 obj_priv->agp_type);
2697 if (obj_priv->agp_mem == NULL) {
2698 i915_gem_object_put_pages(obj);
2699 drm_mm_put_block(obj_priv->gtt_space);
2700 obj_priv->gtt_space = NULL;
2702 ret = i915_gem_evict_something(dev, obj->size, alignment);
2709 /* keep track of bounds object by adding it to the inactive list */
2710 list_add_tail(&obj_priv->mm_list, &dev_priv->mm.inactive_list);
2711 i915_gem_info_add_gtt(dev_priv, obj->size);
2713 /* Assert that the object is not currently in any GPU domain. As it
2714 * wasn't in the GTT, there shouldn't be any way it could have been in
2717 BUG_ON(obj->read_domains & I915_GEM_GPU_DOMAINS);
2718 BUG_ON(obj->write_domain & I915_GEM_GPU_DOMAINS);
2720 obj_priv->gtt_offset = obj_priv->gtt_space->start;
2721 trace_i915_gem_object_bind(obj, obj_priv->gtt_offset);
2727 i915_gem_clflush_object(struct drm_gem_object *obj)
2729 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2731 /* If we don't have a page list set up, then we're not pinned
2732 * to GPU, and we can ignore the cache flush because it'll happen
2733 * again at bind time.
2735 if (obj_priv->pages == NULL)
2738 trace_i915_gem_object_clflush(obj);
2740 drm_clflush_pages(obj_priv->pages, obj->size / PAGE_SIZE);
2743 /** Flushes any GPU write domain for the object if it's dirty. */
2745 i915_gem_object_flush_gpu_write_domain(struct drm_gem_object *obj,
2748 struct drm_device *dev = obj->dev;
2749 uint32_t old_write_domain;
2751 if ((obj->write_domain & I915_GEM_GPU_DOMAINS) == 0)
2754 /* Queue the GPU write cache flushing we need. */
2755 old_write_domain = obj->write_domain;
2756 i915_gem_flush_ring(dev, NULL,
2757 to_intel_bo(obj)->ring,
2758 0, obj->write_domain);
2759 BUG_ON(obj->write_domain);
2761 trace_i915_gem_object_change_domain(obj,
2768 return i915_gem_object_wait_rendering(obj, true);
2771 /** Flushes the GTT write domain for the object if it's dirty. */
2773 i915_gem_object_flush_gtt_write_domain(struct drm_gem_object *obj)
2775 uint32_t old_write_domain;
2777 if (obj->write_domain != I915_GEM_DOMAIN_GTT)
2780 /* No actual flushing is required for the GTT write domain. Writes
2781 * to it immediately go to main memory as far as we know, so there's
2782 * no chipset flush. It also doesn't land in render cache.
2784 old_write_domain = obj->write_domain;
2785 obj->write_domain = 0;
2787 trace_i915_gem_object_change_domain(obj,
2792 /** Flushes the CPU write domain for the object if it's dirty. */
2794 i915_gem_object_flush_cpu_write_domain(struct drm_gem_object *obj)
2796 struct drm_device *dev = obj->dev;
2797 uint32_t old_write_domain;
2799 if (obj->write_domain != I915_GEM_DOMAIN_CPU)
2802 i915_gem_clflush_object(obj);
2803 drm_agp_chipset_flush(dev);
2804 old_write_domain = obj->write_domain;
2805 obj->write_domain = 0;
2807 trace_i915_gem_object_change_domain(obj,
2813 * Moves a single object to the GTT read, and possibly write domain.
2815 * This function returns when the move is complete, including waiting on
2819 i915_gem_object_set_to_gtt_domain(struct drm_gem_object *obj, int write)
2821 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2822 uint32_t old_write_domain, old_read_domains;
2825 /* Not valid to be called on unbound objects. */
2826 if (obj_priv->gtt_space == NULL)
2829 ret = i915_gem_object_flush_gpu_write_domain(obj, false);
2833 i915_gem_object_flush_cpu_write_domain(obj);
2836 ret = i915_gem_object_wait_rendering(obj, true);
2841 old_write_domain = obj->write_domain;
2842 old_read_domains = obj->read_domains;
2844 /* It should now be out of any other write domains, and we can update
2845 * the domain values for our changes.
2847 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_GTT) != 0);
2848 obj->read_domains |= I915_GEM_DOMAIN_GTT;
2850 obj->read_domains = I915_GEM_DOMAIN_GTT;
2851 obj->write_domain = I915_GEM_DOMAIN_GTT;
2852 obj_priv->dirty = 1;
2855 trace_i915_gem_object_change_domain(obj,
2863 * Prepare buffer for display plane. Use uninterruptible for possible flush
2864 * wait, as in modesetting process we're not supposed to be interrupted.
2867 i915_gem_object_set_to_display_plane(struct drm_gem_object *obj,
2870 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
2871 uint32_t old_read_domains;
2874 /* Not valid to be called on unbound objects. */
2875 if (obj_priv->gtt_space == NULL)
2878 ret = i915_gem_object_flush_gpu_write_domain(obj, true);
2882 /* Currently, we are always called from an non-interruptible context. */
2884 ret = i915_gem_object_wait_rendering(obj, false);
2889 i915_gem_object_flush_cpu_write_domain(obj);
2891 old_read_domains = obj->read_domains;
2892 obj->read_domains |= I915_GEM_DOMAIN_GTT;
2894 trace_i915_gem_object_change_domain(obj,
2902 i915_gem_object_flush_gpu(struct drm_i915_gem_object *obj,
2908 if (obj->base.write_domain & I915_GEM_GPU_DOMAINS)
2909 i915_gem_flush_ring(obj->base.dev, NULL, obj->ring,
2910 0, obj->base.write_domain);
2912 return i915_gem_object_wait_rendering(&obj->base, interruptible);
2916 * Moves a single object to the CPU read, and possibly write domain.
2918 * This function returns when the move is complete, including waiting on
2922 i915_gem_object_set_to_cpu_domain(struct drm_gem_object *obj, int write)
2924 uint32_t old_write_domain, old_read_domains;
2927 ret = i915_gem_object_flush_gpu_write_domain(obj, false);
2931 i915_gem_object_flush_gtt_write_domain(obj);
2933 /* If we have a partially-valid cache of the object in the CPU,
2934 * finish invalidating it and free the per-page flags.
2936 i915_gem_object_set_to_full_cpu_read_domain(obj);
2939 ret = i915_gem_object_wait_rendering(obj, true);
2944 old_write_domain = obj->write_domain;
2945 old_read_domains = obj->read_domains;
2947 /* Flush the CPU cache if it's still invalid. */
2948 if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0) {
2949 i915_gem_clflush_object(obj);
2951 obj->read_domains |= I915_GEM_DOMAIN_CPU;
2954 /* It should now be out of any other write domains, and we can update
2955 * the domain values for our changes.
2957 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
2959 /* If we're writing through the CPU, then the GPU read domains will
2960 * need to be invalidated at next use.
2963 obj->read_domains = I915_GEM_DOMAIN_CPU;
2964 obj->write_domain = I915_GEM_DOMAIN_CPU;
2967 trace_i915_gem_object_change_domain(obj,
2975 * Set the next domain for the specified object. This
2976 * may not actually perform the necessary flushing/invaliding though,
2977 * as that may want to be batched with other set_domain operations
2979 * This is (we hope) the only really tricky part of gem. The goal
2980 * is fairly simple -- track which caches hold bits of the object
2981 * and make sure they remain coherent. A few concrete examples may
2982 * help to explain how it works. For shorthand, we use the notation
2983 * (read_domains, write_domain), e.g. (CPU, CPU) to indicate the
2984 * a pair of read and write domain masks.
2986 * Case 1: the batch buffer
2992 * 5. Unmapped from GTT
2995 * Let's take these a step at a time
2998 * Pages allocated from the kernel may still have
2999 * cache contents, so we set them to (CPU, CPU) always.
3000 * 2. Written by CPU (using pwrite)
3001 * The pwrite function calls set_domain (CPU, CPU) and
3002 * this function does nothing (as nothing changes)
3004 * This function asserts that the object is not
3005 * currently in any GPU-based read or write domains
3007 * i915_gem_execbuffer calls set_domain (COMMAND, 0).
3008 * As write_domain is zero, this function adds in the
3009 * current read domains (CPU+COMMAND, 0).
3010 * flush_domains is set to CPU.
3011 * invalidate_domains is set to COMMAND
3012 * clflush is run to get data out of the CPU caches
3013 * then i915_dev_set_domain calls i915_gem_flush to
3014 * emit an MI_FLUSH and drm_agp_chipset_flush
3015 * 5. Unmapped from GTT
3016 * i915_gem_object_unbind calls set_domain (CPU, CPU)
3017 * flush_domains and invalidate_domains end up both zero
3018 * so no flushing/invalidating happens
3022 * Case 2: The shared render buffer
3026 * 3. Read/written by GPU
3027 * 4. set_domain to (CPU,CPU)
3028 * 5. Read/written by CPU
3029 * 6. Read/written by GPU
3032 * Same as last example, (CPU, CPU)
3034 * Nothing changes (assertions find that it is not in the GPU)
3035 * 3. Read/written by GPU
3036 * execbuffer calls set_domain (RENDER, RENDER)
3037 * flush_domains gets CPU
3038 * invalidate_domains gets GPU
3040 * MI_FLUSH and drm_agp_chipset_flush
3041 * 4. set_domain (CPU, CPU)
3042 * flush_domains gets GPU
3043 * invalidate_domains gets CPU
3044 * wait_rendering (obj) to make sure all drawing is complete.
3045 * This will include an MI_FLUSH to get the data from GPU
3047 * clflush (obj) to invalidate the CPU cache
3048 * Another MI_FLUSH in i915_gem_flush (eliminate this somehow?)
3049 * 5. Read/written by CPU
3050 * cache lines are loaded and dirtied
3051 * 6. Read written by GPU
3052 * Same as last GPU access
3054 * Case 3: The constant buffer
3059 * 4. Updated (written) by CPU again
3068 * flush_domains = CPU
3069 * invalidate_domains = RENDER
3072 * drm_agp_chipset_flush
3073 * 4. Updated (written) by CPU again
3075 * flush_domains = 0 (no previous write domain)
3076 * invalidate_domains = 0 (no new read domains)
3079 * flush_domains = CPU
3080 * invalidate_domains = RENDER
3083 * drm_agp_chipset_flush
3086 i915_gem_object_set_to_gpu_domain(struct drm_gem_object *obj,
3087 struct intel_ring_buffer *ring)
3089 struct drm_device *dev = obj->dev;
3090 struct drm_i915_private *dev_priv = dev->dev_private;
3091 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
3092 uint32_t invalidate_domains = 0;
3093 uint32_t flush_domains = 0;
3094 uint32_t old_read_domains;
3096 intel_mark_busy(dev, obj);
3099 * If the object isn't moving to a new write domain,
3100 * let the object stay in multiple read domains
3102 if (obj->pending_write_domain == 0)
3103 obj->pending_read_domains |= obj->read_domains;
3105 obj_priv->dirty = 1;
3108 * Flush the current write domain if
3109 * the new read domains don't match. Invalidate
3110 * any read domains which differ from the old
3113 if (obj->write_domain &&
3114 (obj->write_domain != obj->pending_read_domains ||
3115 obj_priv->ring != ring)) {
3116 flush_domains |= obj->write_domain;
3117 invalidate_domains |=
3118 obj->pending_read_domains & ~obj->write_domain;
3121 * Invalidate any read caches which may have
3122 * stale data. That is, any new read domains.
3124 invalidate_domains |= obj->pending_read_domains & ~obj->read_domains;
3125 if ((flush_domains | invalidate_domains) & I915_GEM_DOMAIN_CPU)
3126 i915_gem_clflush_object(obj);
3128 old_read_domains = obj->read_domains;
3130 /* The actual obj->write_domain will be updated with
3131 * pending_write_domain after we emit the accumulated flush for all
3132 * of our domain changes in execbuffers (which clears objects'
3133 * write_domains). So if we have a current write domain that we
3134 * aren't changing, set pending_write_domain to that.
3136 if (flush_domains == 0 && obj->pending_write_domain == 0)
3137 obj->pending_write_domain = obj->write_domain;
3138 obj->read_domains = obj->pending_read_domains;
3140 dev->invalidate_domains |= invalidate_domains;
3141 dev->flush_domains |= flush_domains;
3142 if (flush_domains & I915_GEM_GPU_DOMAINS)
3143 dev_priv->mm.flush_rings |= obj_priv->ring->id;
3144 if (invalidate_domains & I915_GEM_GPU_DOMAINS)
3145 dev_priv->mm.flush_rings |= ring->id;
3147 trace_i915_gem_object_change_domain(obj,
3153 * Moves the object from a partially CPU read to a full one.
3155 * Note that this only resolves i915_gem_object_set_cpu_read_domain_range(),
3156 * and doesn't handle transitioning from !(read_domains & I915_GEM_DOMAIN_CPU).
3159 i915_gem_object_set_to_full_cpu_read_domain(struct drm_gem_object *obj)
3161 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
3163 if (!obj_priv->page_cpu_valid)
3166 /* If we're partially in the CPU read domain, finish moving it in.
3168 if (obj->read_domains & I915_GEM_DOMAIN_CPU) {
3171 for (i = 0; i <= (obj->size - 1) / PAGE_SIZE; i++) {
3172 if (obj_priv->page_cpu_valid[i])
3174 drm_clflush_pages(obj_priv->pages + i, 1);
3178 /* Free the page_cpu_valid mappings which are now stale, whether
3179 * or not we've got I915_GEM_DOMAIN_CPU.
3181 kfree(obj_priv->page_cpu_valid);
3182 obj_priv->page_cpu_valid = NULL;
3186 * Set the CPU read domain on a range of the object.
3188 * The object ends up with I915_GEM_DOMAIN_CPU in its read flags although it's
3189 * not entirely valid. The page_cpu_valid member of the object flags which
3190 * pages have been flushed, and will be respected by
3191 * i915_gem_object_set_to_cpu_domain() if it's called on to get a valid mapping
3192 * of the whole object.
3194 * This function returns when the move is complete, including waiting on
3198 i915_gem_object_set_cpu_read_domain_range(struct drm_gem_object *obj,
3199 uint64_t offset, uint64_t size)
3201 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
3202 uint32_t old_read_domains;
3205 if (offset == 0 && size == obj->size)
3206 return i915_gem_object_set_to_cpu_domain(obj, 0);
3208 ret = i915_gem_object_flush_gpu_write_domain(obj, false);
3211 i915_gem_object_flush_gtt_write_domain(obj);
3213 /* If we're already fully in the CPU read domain, we're done. */
3214 if (obj_priv->page_cpu_valid == NULL &&
3215 (obj->read_domains & I915_GEM_DOMAIN_CPU) != 0)
3218 /* Otherwise, create/clear the per-page CPU read domain flag if we're
3219 * newly adding I915_GEM_DOMAIN_CPU
3221 if (obj_priv->page_cpu_valid == NULL) {
3222 obj_priv->page_cpu_valid = kzalloc(obj->size / PAGE_SIZE,
3224 if (obj_priv->page_cpu_valid == NULL)
3226 } else if ((obj->read_domains & I915_GEM_DOMAIN_CPU) == 0)
3227 memset(obj_priv->page_cpu_valid, 0, obj->size / PAGE_SIZE);
3229 /* Flush the cache on any pages that are still invalid from the CPU's
3232 for (i = offset / PAGE_SIZE; i <= (offset + size - 1) / PAGE_SIZE;
3234 if (obj_priv->page_cpu_valid[i])
3237 drm_clflush_pages(obj_priv->pages + i, 1);
3239 obj_priv->page_cpu_valid[i] = 1;
3242 /* It should now be out of any other write domains, and we can update
3243 * the domain values for our changes.
3245 BUG_ON((obj->write_domain & ~I915_GEM_DOMAIN_CPU) != 0);
3247 old_read_domains = obj->read_domains;
3248 obj->read_domains |= I915_GEM_DOMAIN_CPU;
3250 trace_i915_gem_object_change_domain(obj,
3258 * Pin an object to the GTT and evaluate the relocations landing in it.
3261 i915_gem_execbuffer_relocate(struct drm_i915_gem_object *obj,
3262 struct drm_file *file_priv,
3263 struct drm_i915_gem_exec_object2 *entry)
3265 struct drm_device *dev = obj->base.dev;
3266 drm_i915_private_t *dev_priv = dev->dev_private;
3267 struct drm_i915_gem_relocation_entry __user *user_relocs;
3268 struct drm_gem_object *target_obj = NULL;
3269 uint32_t target_handle = 0;
3272 user_relocs = (void __user *)(uintptr_t)entry->relocs_ptr;
3273 for (i = 0; i < entry->relocation_count; i++) {
3274 struct drm_i915_gem_relocation_entry reloc;
3275 uint32_t target_offset;
3277 if (__copy_from_user_inatomic(&reloc,
3284 if (reloc.target_handle != target_handle) {
3285 drm_gem_object_unreference(target_obj);
3287 target_obj = drm_gem_object_lookup(dev, file_priv,
3288 reloc.target_handle);
3289 if (target_obj == NULL) {
3294 target_handle = reloc.target_handle;
3296 target_offset = to_intel_bo(target_obj)->gtt_offset;
3299 DRM_INFO("%s: obj %p offset %08x target %d "
3300 "read %08x write %08x gtt %08x "
3301 "presumed %08x delta %08x\n",
3305 (int) reloc.target_handle,
3306 (int) reloc.read_domains,
3307 (int) reloc.write_domain,
3308 (int) target_offset,
3309 (int) reloc.presumed_offset,
3313 /* The target buffer should have appeared before us in the
3314 * exec_object list, so it should have a GTT space bound by now.
3316 if (target_offset == 0) {
3317 DRM_ERROR("No GTT space found for object %d\n",
3318 reloc.target_handle);
3323 /* Validate that the target is in a valid r/w GPU domain */
3324 if (reloc.write_domain & (reloc.write_domain - 1)) {
3325 DRM_ERROR("reloc with multiple write domains: "
3326 "obj %p target %d offset %d "
3327 "read %08x write %08x",
3328 obj, reloc.target_handle,
3331 reloc.write_domain);
3335 if (reloc.write_domain & I915_GEM_DOMAIN_CPU ||
3336 reloc.read_domains & I915_GEM_DOMAIN_CPU) {
3337 DRM_ERROR("reloc with read/write CPU domains: "
3338 "obj %p target %d offset %d "
3339 "read %08x write %08x",
3340 obj, reloc.target_handle,
3343 reloc.write_domain);
3347 if (reloc.write_domain && target_obj->pending_write_domain &&
3348 reloc.write_domain != target_obj->pending_write_domain) {
3349 DRM_ERROR("Write domain conflict: "
3350 "obj %p target %d offset %d "
3351 "new %08x old %08x\n",
3352 obj, reloc.target_handle,
3355 target_obj->pending_write_domain);
3360 target_obj->pending_read_domains |= reloc.read_domains;
3361 target_obj->pending_write_domain |= reloc.write_domain;
3363 /* If the relocation already has the right value in it, no
3364 * more work needs to be done.
3366 if (target_offset == reloc.presumed_offset)
3369 /* Check that the relocation address is valid... */
3370 if (reloc.offset > obj->base.size - 4) {
3371 DRM_ERROR("Relocation beyond object bounds: "
3372 "obj %p target %d offset %d size %d.\n",
3373 obj, reloc.target_handle,
3374 (int) reloc.offset, (int) obj->base.size);
3378 if (reloc.offset & 3) {
3379 DRM_ERROR("Relocation not 4-byte aligned: "
3380 "obj %p target %d offset %d.\n",
3381 obj, reloc.target_handle,
3382 (int) reloc.offset);
3387 /* and points to somewhere within the target object. */
3388 if (reloc.delta >= target_obj->size) {
3389 DRM_ERROR("Relocation beyond target object bounds: "
3390 "obj %p target %d delta %d size %d.\n",
3391 obj, reloc.target_handle,
3392 (int) reloc.delta, (int) target_obj->size);
3397 reloc.delta += target_offset;
3398 if (obj->base.write_domain == I915_GEM_DOMAIN_CPU) {
3399 uint32_t page_offset = reloc.offset & ~PAGE_MASK;
3402 vaddr = kmap_atomic(obj->pages[reloc.offset >> PAGE_SHIFT]);
3403 *(uint32_t *)(vaddr + page_offset) = reloc.delta;
3404 kunmap_atomic(vaddr);
3406 uint32_t __iomem *reloc_entry;
3407 void __iomem *reloc_page;
3409 ret = i915_gem_object_set_to_gtt_domain(&obj->base, 1);
3413 /* Map the page containing the relocation we're going to perform. */
3414 reloc.offset += obj->gtt_offset;
3415 reloc_page = io_mapping_map_atomic_wc(dev_priv->mm.gtt_mapping,
3416 reloc.offset & PAGE_MASK);
3417 reloc_entry = (uint32_t __iomem *)
3418 (reloc_page + (reloc.offset & ~PAGE_MASK));
3419 iowrite32(reloc.delta, reloc_entry);
3420 io_mapping_unmap_atomic(reloc_page);
3423 /* and update the user's relocation entry */
3424 reloc.presumed_offset = target_offset;
3425 if (__copy_to_user_inatomic(&user_relocs[i].presumed_offset,
3426 &reloc.presumed_offset,
3427 sizeof(reloc.presumed_offset))) {
3433 drm_gem_object_unreference(target_obj);
3438 i915_gem_execbuffer_pin(struct drm_device *dev,
3439 struct drm_file *file,
3440 struct drm_gem_object **object_list,
3441 struct drm_i915_gem_exec_object2 *exec_list,
3444 struct drm_i915_private *dev_priv = dev->dev_private;
3447 /* attempt to pin all of the buffers into the GTT */
3448 for (retry = 0; retry < 2; retry++) {
3450 for (i = 0; i < count; i++) {
3451 struct drm_i915_gem_exec_object2 *entry = &exec_list[i];
3452 struct drm_i915_gem_object *obj= to_intel_bo(object_list[i]);
3454 entry->flags & EXEC_OBJECT_NEEDS_FENCE &&
3455 obj->tiling_mode != I915_TILING_NONE;
3457 /* Check fence reg constraints and rebind if necessary */
3459 !i915_gem_object_fence_offset_ok(&obj->base,
3460 obj->tiling_mode)) {
3461 ret = i915_gem_object_unbind(&obj->base);
3466 ret = i915_gem_object_pin(&obj->base, entry->alignment);
3471 * Pre-965 chips need a fence register set up in order
3472 * to properly handle blits to/from tiled surfaces.
3475 ret = i915_gem_object_get_fence_reg(&obj->base, true);
3477 i915_gem_object_unpin(&obj->base);
3481 dev_priv->fence_regs[obj->fence_reg].gpu = true;
3484 entry->offset = obj->gtt_offset;
3488 i915_gem_object_unpin(object_list[i]);
3493 if (ret != -ENOSPC || retry)
3496 ret = i915_gem_evict_everything(dev);
3505 i915_gem_execbuffer_move_to_gpu(struct drm_device *dev,
3506 struct drm_file *file,
3507 struct intel_ring_buffer *ring,
3508 struct drm_gem_object **objects,
3511 struct drm_i915_private *dev_priv = dev->dev_private;
3514 /* Zero the global flush/invalidate flags. These
3515 * will be modified as new domains are computed
3518 dev->invalidate_domains = 0;
3519 dev->flush_domains = 0;
3520 dev_priv->mm.flush_rings = 0;
3521 for (i = 0; i < count; i++)
3522 i915_gem_object_set_to_gpu_domain(objects[i], ring);
3524 if (dev->invalidate_domains | dev->flush_domains) {
3526 DRM_INFO("%s: invalidate_domains %08x flush_domains %08x\n",
3528 dev->invalidate_domains,
3529 dev->flush_domains);
3531 i915_gem_flush(dev, file,
3532 dev->invalidate_domains,
3534 dev_priv->mm.flush_rings);
3537 for (i = 0; i < count; i++) {
3538 struct drm_i915_gem_object *obj = to_intel_bo(objects[i]);
3539 /* XXX replace with semaphores */
3540 if (obj->ring && ring != obj->ring) {
3541 ret = i915_gem_object_wait_rendering(&obj->base, true);
3550 /* Throttle our rendering by waiting until the ring has completed our requests
3551 * emitted over 20 msec ago.
3553 * Note that if we were to use the current jiffies each time around the loop,
3554 * we wouldn't escape the function with any frames outstanding if the time to
3555 * render a frame was over 20ms.
3557 * This should get us reasonable parallelism between CPU and GPU but also
3558 * relatively low latency when blocking on a particular request to finish.
3561 i915_gem_ring_throttle(struct drm_device *dev, struct drm_file *file)
3563 struct drm_i915_private *dev_priv = dev->dev_private;
3564 struct drm_i915_file_private *file_priv = file->driver_priv;
3565 unsigned long recent_enough = jiffies - msecs_to_jiffies(20);
3566 struct drm_i915_gem_request *request;
3567 struct intel_ring_buffer *ring = NULL;
3571 spin_lock(&file_priv->mm.lock);
3572 list_for_each_entry(request, &file_priv->mm.request_list, client_list) {
3573 if (time_after_eq(request->emitted_jiffies, recent_enough))
3576 ring = request->ring;
3577 seqno = request->seqno;
3579 spin_unlock(&file_priv->mm.lock);
3585 if (!i915_seqno_passed(ring->get_seqno(dev, ring), seqno)) {
3586 /* And wait for the seqno passing without holding any locks and
3587 * causing extra latency for others. This is safe as the irq
3588 * generation is designed to be run atomically and so is
3591 ring->user_irq_get(dev, ring);
3592 ret = wait_event_interruptible(ring->irq_queue,
3593 i915_seqno_passed(ring->get_seqno(dev, ring), seqno)
3594 || atomic_read(&dev_priv->mm.wedged));
3595 ring->user_irq_put(dev, ring);
3597 if (ret == 0 && atomic_read(&dev_priv->mm.wedged))
3602 queue_delayed_work(dev_priv->wq, &dev_priv->mm.retire_work, 0);
3608 i915_gem_check_execbuffer(struct drm_i915_gem_execbuffer2 *exec,
3609 uint64_t exec_offset)
3611 uint32_t exec_start, exec_len;
3613 exec_start = (uint32_t) exec_offset + exec->batch_start_offset;
3614 exec_len = (uint32_t) exec->batch_len;
3616 if ((exec_start | exec_len) & 0x7)
3626 validate_exec_list(struct drm_i915_gem_exec_object2 *exec,
3631 for (i = 0; i < count; i++) {
3632 char __user *ptr = (char __user *)(uintptr_t)exec[i].relocs_ptr;
3633 int length; /* limited by fault_in_pages_readable() */
3635 /* First check for malicious input causing overflow */
3636 if (exec[i].relocation_count >
3637 INT_MAX / sizeof(struct drm_i915_gem_relocation_entry))
3640 length = exec[i].relocation_count *
3641 sizeof(struct drm_i915_gem_relocation_entry);
3642 if (!access_ok(VERIFY_READ, ptr, length))
3645 /* we may also need to update the presumed offsets */
3646 if (!access_ok(VERIFY_WRITE, ptr, length))
3649 if (fault_in_pages_readable(ptr, length))
3657 i915_gem_do_execbuffer(struct drm_device *dev, void *data,
3658 struct drm_file *file,
3659 struct drm_i915_gem_execbuffer2 *args,
3660 struct drm_i915_gem_exec_object2 *exec_list)
3662 drm_i915_private_t *dev_priv = dev->dev_private;
3663 struct drm_gem_object **object_list = NULL;
3664 struct drm_gem_object *batch_obj;
3665 struct drm_i915_gem_object *obj_priv;
3666 struct drm_clip_rect *cliprects = NULL;
3667 struct drm_i915_gem_request *request = NULL;
3669 uint64_t exec_offset;
3671 struct intel_ring_buffer *ring = NULL;
3673 ret = i915_gem_check_is_wedged(dev);
3677 ret = validate_exec_list(exec_list, args->buffer_count);
3682 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
3683 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
3685 switch (args->flags & I915_EXEC_RING_MASK) {
3686 case I915_EXEC_DEFAULT:
3687 case I915_EXEC_RENDER:
3688 ring = &dev_priv->render_ring;
3691 if (!HAS_BSD(dev)) {
3692 DRM_ERROR("execbuf with invalid ring (BSD)\n");
3695 ring = &dev_priv->bsd_ring;
3698 if (!HAS_BLT(dev)) {
3699 DRM_ERROR("execbuf with invalid ring (BLT)\n");
3702 ring = &dev_priv->blt_ring;
3705 DRM_ERROR("execbuf with unknown ring: %d\n",
3706 (int)(args->flags & I915_EXEC_RING_MASK));
3710 if (args->buffer_count < 1) {
3711 DRM_ERROR("execbuf with %d buffers\n", args->buffer_count);
3714 object_list = drm_malloc_ab(sizeof(*object_list), args->buffer_count);
3715 if (object_list == NULL) {
3716 DRM_ERROR("Failed to allocate object list for %d buffers\n",
3717 args->buffer_count);
3722 if (args->num_cliprects != 0) {
3723 cliprects = kcalloc(args->num_cliprects, sizeof(*cliprects),
3725 if (cliprects == NULL) {
3730 ret = copy_from_user(cliprects,
3731 (struct drm_clip_rect __user *)
3732 (uintptr_t) args->cliprects_ptr,
3733 sizeof(*cliprects) * args->num_cliprects);
3735 DRM_ERROR("copy %d cliprects failed: %d\n",
3736 args->num_cliprects, ret);
3742 request = kzalloc(sizeof(*request), GFP_KERNEL);
3743 if (request == NULL) {
3748 ret = i915_mutex_lock_interruptible(dev);
3752 if (dev_priv->mm.suspended) {
3753 mutex_unlock(&dev->struct_mutex);
3758 /* Look up object handles */
3759 for (i = 0; i < args->buffer_count; i++) {
3760 object_list[i] = drm_gem_object_lookup(dev, file,
3761 exec_list[i].handle);
3762 if (object_list[i] == NULL) {
3763 DRM_ERROR("Invalid object handle %d at index %d\n",
3764 exec_list[i].handle, i);
3765 /* prevent error path from reading uninitialized data */
3766 args->buffer_count = i + 1;
3771 obj_priv = to_intel_bo(object_list[i]);
3772 if (obj_priv->in_execbuffer) {
3773 DRM_ERROR("Object %p appears more than once in object list\n",
3775 /* prevent error path from reading uninitialized data */
3776 args->buffer_count = i + 1;
3780 obj_priv->in_execbuffer = true;
3783 /* Move the objects en-masse into the GTT, evicting if necessary. */
3784 ret = i915_gem_execbuffer_pin(dev, file,
3785 object_list, exec_list,
3786 args->buffer_count);
3790 /* The objects are in their final locations, apply the relocations. */
3791 for (i = 0; i < args->buffer_count; i++) {
3792 struct drm_i915_gem_object *obj = to_intel_bo(object_list[i]);
3793 obj->base.pending_read_domains = 0;
3794 obj->base.pending_write_domain = 0;
3795 ret = i915_gem_execbuffer_relocate(obj, file, &exec_list[i]);
3800 /* Set the pending read domains for the batch buffer to COMMAND */
3801 batch_obj = object_list[args->buffer_count-1];
3802 if (batch_obj->pending_write_domain) {
3803 DRM_ERROR("Attempting to use self-modifying batch buffer\n");
3807 batch_obj->pending_read_domains |= I915_GEM_DOMAIN_COMMAND;
3809 /* Sanity check the batch buffer */
3810 exec_offset = to_intel_bo(batch_obj)->gtt_offset;
3811 ret = i915_gem_check_execbuffer(args, exec_offset);
3813 DRM_ERROR("execbuf with invalid offset/length\n");
3817 ret = i915_gem_execbuffer_move_to_gpu(dev, file, ring,
3818 object_list, args->buffer_count);
3822 for (i = 0; i < args->buffer_count; i++) {
3823 struct drm_gem_object *obj = object_list[i];
3824 uint32_t old_write_domain = obj->write_domain;
3825 obj->write_domain = obj->pending_write_domain;
3826 trace_i915_gem_object_change_domain(obj,
3832 for (i = 0; i < args->buffer_count; i++) {
3833 i915_gem_object_check_coherency(object_list[i],
3834 exec_list[i].handle);
3839 i915_gem_dump_object(batch_obj,
3845 /* Check for any pending flips. As we only maintain a flip queue depth
3846 * of 1, we can simply insert a WAIT for the next display flip prior
3847 * to executing the batch and avoid stalling the CPU.
3850 for (i = 0; i < args->buffer_count; i++) {
3851 if (object_list[i]->write_domain)
3852 flips |= atomic_read(&to_intel_bo(object_list[i])->pending_flip);
3855 int plane, flip_mask;
3857 for (plane = 0; flips >> plane; plane++) {
3858 if (((flips >> plane) & 1) == 0)
3862 flip_mask = MI_WAIT_FOR_PLANE_B_FLIP;
3864 flip_mask = MI_WAIT_FOR_PLANE_A_FLIP;
3866 intel_ring_begin(dev, ring, 2);
3867 intel_ring_emit(dev, ring,
3868 MI_WAIT_FOR_EVENT | flip_mask);
3869 intel_ring_emit(dev, ring, MI_NOOP);
3870 intel_ring_advance(dev, ring);
3874 /* Exec the batchbuffer */
3875 ret = ring->dispatch_gem_execbuffer(dev, ring, args,
3876 cliprects, exec_offset);
3878 DRM_ERROR("dispatch failed %d\n", ret);
3883 * Ensure that the commands in the batch buffer are
3884 * finished before the interrupt fires
3886 i915_retire_commands(dev, ring);
3888 for (i = 0; i < args->buffer_count; i++) {
3889 struct drm_gem_object *obj = object_list[i];
3891 i915_gem_object_move_to_active(obj, ring);
3892 if (obj->write_domain)
3893 list_move_tail(&to_intel_bo(obj)->gpu_write_list,
3894 &ring->gpu_write_list);
3897 i915_add_request(dev, file, request, ring);
3901 for (i = 0; i < args->buffer_count; i++) {
3902 if (object_list[i]) {
3903 obj_priv = to_intel_bo(object_list[i]);
3904 obj_priv->in_execbuffer = false;
3906 drm_gem_object_unreference(object_list[i]);
3909 mutex_unlock(&dev->struct_mutex);
3912 drm_free_large(object_list);
3920 * Legacy execbuffer just creates an exec2 list from the original exec object
3921 * list array and passes it to the real function.
3924 i915_gem_execbuffer(struct drm_device *dev, void *data,
3925 struct drm_file *file_priv)
3927 struct drm_i915_gem_execbuffer *args = data;
3928 struct drm_i915_gem_execbuffer2 exec2;
3929 struct drm_i915_gem_exec_object *exec_list = NULL;
3930 struct drm_i915_gem_exec_object2 *exec2_list = NULL;
3934 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
3935 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
3938 if (args->buffer_count < 1) {
3939 DRM_ERROR("execbuf with %d buffers\n", args->buffer_count);
3943 /* Copy in the exec list from userland */
3944 exec_list = drm_malloc_ab(sizeof(*exec_list), args->buffer_count);
3945 exec2_list = drm_malloc_ab(sizeof(*exec2_list), args->buffer_count);
3946 if (exec_list == NULL || exec2_list == NULL) {
3947 DRM_ERROR("Failed to allocate exec list for %d buffers\n",
3948 args->buffer_count);
3949 drm_free_large(exec_list);
3950 drm_free_large(exec2_list);
3953 ret = copy_from_user(exec_list,
3954 (struct drm_i915_relocation_entry __user *)
3955 (uintptr_t) args->buffers_ptr,
3956 sizeof(*exec_list) * args->buffer_count);
3958 DRM_ERROR("copy %d exec entries failed %d\n",
3959 args->buffer_count, ret);
3960 drm_free_large(exec_list);
3961 drm_free_large(exec2_list);
3965 for (i = 0; i < args->buffer_count; i++) {
3966 exec2_list[i].handle = exec_list[i].handle;
3967 exec2_list[i].relocation_count = exec_list[i].relocation_count;
3968 exec2_list[i].relocs_ptr = exec_list[i].relocs_ptr;
3969 exec2_list[i].alignment = exec_list[i].alignment;
3970 exec2_list[i].offset = exec_list[i].offset;
3971 if (INTEL_INFO(dev)->gen < 4)
3972 exec2_list[i].flags = EXEC_OBJECT_NEEDS_FENCE;
3974 exec2_list[i].flags = 0;
3977 exec2.buffers_ptr = args->buffers_ptr;
3978 exec2.buffer_count = args->buffer_count;
3979 exec2.batch_start_offset = args->batch_start_offset;
3980 exec2.batch_len = args->batch_len;
3981 exec2.DR1 = args->DR1;
3982 exec2.DR4 = args->DR4;
3983 exec2.num_cliprects = args->num_cliprects;
3984 exec2.cliprects_ptr = args->cliprects_ptr;
3985 exec2.flags = I915_EXEC_RENDER;
3987 ret = i915_gem_do_execbuffer(dev, data, file_priv, &exec2, exec2_list);
3989 /* Copy the new buffer offsets back to the user's exec list. */
3990 for (i = 0; i < args->buffer_count; i++)
3991 exec_list[i].offset = exec2_list[i].offset;
3992 /* ... and back out to userspace */
3993 ret = copy_to_user((struct drm_i915_relocation_entry __user *)
3994 (uintptr_t) args->buffers_ptr,
3996 sizeof(*exec_list) * args->buffer_count);
3999 DRM_ERROR("failed to copy %d exec entries "
4000 "back to user (%d)\n",
4001 args->buffer_count, ret);
4005 drm_free_large(exec_list);
4006 drm_free_large(exec2_list);
4011 i915_gem_execbuffer2(struct drm_device *dev, void *data,
4012 struct drm_file *file_priv)
4014 struct drm_i915_gem_execbuffer2 *args = data;
4015 struct drm_i915_gem_exec_object2 *exec2_list = NULL;
4019 DRM_INFO("buffers_ptr %d buffer_count %d len %08x\n",
4020 (int) args->buffers_ptr, args->buffer_count, args->batch_len);
4023 if (args->buffer_count < 1) {
4024 DRM_ERROR("execbuf2 with %d buffers\n", args->buffer_count);
4028 exec2_list = drm_malloc_ab(sizeof(*exec2_list), args->buffer_count);
4029 if (exec2_list == NULL) {
4030 DRM_ERROR("Failed to allocate exec list for %d buffers\n",
4031 args->buffer_count);
4034 ret = copy_from_user(exec2_list,
4035 (struct drm_i915_relocation_entry __user *)
4036 (uintptr_t) args->buffers_ptr,
4037 sizeof(*exec2_list) * args->buffer_count);
4039 DRM_ERROR("copy %d exec entries failed %d\n",
4040 args->buffer_count, ret);
4041 drm_free_large(exec2_list);
4045 ret = i915_gem_do_execbuffer(dev, data, file_priv, args, exec2_list);
4047 /* Copy the new buffer offsets back to the user's exec list. */
4048 ret = copy_to_user((struct drm_i915_relocation_entry __user *)
4049 (uintptr_t) args->buffers_ptr,
4051 sizeof(*exec2_list) * args->buffer_count);
4054 DRM_ERROR("failed to copy %d exec entries "
4055 "back to user (%d)\n",
4056 args->buffer_count, ret);
4060 drm_free_large(exec2_list);
4065 i915_gem_object_pin(struct drm_gem_object *obj, uint32_t alignment)
4067 struct drm_device *dev = obj->dev;
4068 struct drm_i915_private *dev_priv = dev->dev_private;
4069 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4072 BUG_ON(obj_priv->pin_count == DRM_I915_GEM_OBJECT_MAX_PIN_COUNT);
4073 WARN_ON(i915_verify_lists(dev));
4075 if (obj_priv->gtt_space != NULL) {
4077 alignment = i915_gem_get_gtt_alignment(obj);
4078 if (obj_priv->gtt_offset & (alignment - 1)) {
4079 WARN(obj_priv->pin_count,
4080 "bo is already pinned with incorrect alignment: offset=%x, req.alignment=%x\n",
4081 obj_priv->gtt_offset, alignment);
4082 ret = i915_gem_object_unbind(obj);
4088 if (obj_priv->gtt_space == NULL) {
4089 ret = i915_gem_object_bind_to_gtt(obj, alignment);
4094 obj_priv->pin_count++;
4096 /* If the object is not active and not pending a flush,
4097 * remove it from the inactive list
4099 if (obj_priv->pin_count == 1) {
4100 i915_gem_info_add_pin(dev_priv, obj->size);
4101 if (!obj_priv->active)
4102 list_move_tail(&obj_priv->mm_list,
4103 &dev_priv->mm.pinned_list);
4106 WARN_ON(i915_verify_lists(dev));
4111 i915_gem_object_unpin(struct drm_gem_object *obj)
4113 struct drm_device *dev = obj->dev;
4114 drm_i915_private_t *dev_priv = dev->dev_private;
4115 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4117 WARN_ON(i915_verify_lists(dev));
4118 obj_priv->pin_count--;
4119 BUG_ON(obj_priv->pin_count < 0);
4120 BUG_ON(obj_priv->gtt_space == NULL);
4122 /* If the object is no longer pinned, and is
4123 * neither active nor being flushed, then stick it on
4126 if (obj_priv->pin_count == 0) {
4127 if (!obj_priv->active)
4128 list_move_tail(&obj_priv->mm_list,
4129 &dev_priv->mm.inactive_list);
4130 i915_gem_info_remove_pin(dev_priv, obj->size);
4132 WARN_ON(i915_verify_lists(dev));
4136 i915_gem_pin_ioctl(struct drm_device *dev, void *data,
4137 struct drm_file *file_priv)
4139 struct drm_i915_gem_pin *args = data;
4140 struct drm_gem_object *obj;
4141 struct drm_i915_gem_object *obj_priv;
4144 ret = i915_mutex_lock_interruptible(dev);
4148 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4153 obj_priv = to_intel_bo(obj);
4155 if (obj_priv->madv != I915_MADV_WILLNEED) {
4156 DRM_ERROR("Attempting to pin a purgeable buffer\n");
4161 if (obj_priv->pin_filp != NULL && obj_priv->pin_filp != file_priv) {
4162 DRM_ERROR("Already pinned in i915_gem_pin_ioctl(): %d\n",
4168 obj_priv->user_pin_count++;
4169 obj_priv->pin_filp = file_priv;
4170 if (obj_priv->user_pin_count == 1) {
4171 ret = i915_gem_object_pin(obj, args->alignment);
4176 /* XXX - flush the CPU caches for pinned objects
4177 * as the X server doesn't manage domains yet
4179 i915_gem_object_flush_cpu_write_domain(obj);
4180 args->offset = obj_priv->gtt_offset;
4182 drm_gem_object_unreference(obj);
4184 mutex_unlock(&dev->struct_mutex);
4189 i915_gem_unpin_ioctl(struct drm_device *dev, void *data,
4190 struct drm_file *file_priv)
4192 struct drm_i915_gem_pin *args = data;
4193 struct drm_gem_object *obj;
4194 struct drm_i915_gem_object *obj_priv;
4197 ret = i915_mutex_lock_interruptible(dev);
4201 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4206 obj_priv = to_intel_bo(obj);
4208 if (obj_priv->pin_filp != file_priv) {
4209 DRM_ERROR("Not pinned by caller in i915_gem_pin_ioctl(): %d\n",
4214 obj_priv->user_pin_count--;
4215 if (obj_priv->user_pin_count == 0) {
4216 obj_priv->pin_filp = NULL;
4217 i915_gem_object_unpin(obj);
4221 drm_gem_object_unreference(obj);
4223 mutex_unlock(&dev->struct_mutex);
4228 i915_gem_busy_ioctl(struct drm_device *dev, void *data,
4229 struct drm_file *file_priv)
4231 struct drm_i915_gem_busy *args = data;
4232 struct drm_gem_object *obj;
4233 struct drm_i915_gem_object *obj_priv;
4236 ret = i915_mutex_lock_interruptible(dev);
4240 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4245 obj_priv = to_intel_bo(obj);
4247 /* Count all active objects as busy, even if they are currently not used
4248 * by the gpu. Users of this interface expect objects to eventually
4249 * become non-busy without any further actions, therefore emit any
4250 * necessary flushes here.
4252 args->busy = obj_priv->active;
4254 /* Unconditionally flush objects, even when the gpu still uses this
4255 * object. Userspace calling this function indicates that it wants to
4256 * use this buffer rather sooner than later, so issuing the required
4257 * flush earlier is beneficial.
4259 if (obj->write_domain & I915_GEM_GPU_DOMAINS)
4260 i915_gem_flush_ring(dev, file_priv,
4262 0, obj->write_domain);
4264 /* Update the active list for the hardware's current position.
4265 * Otherwise this only updates on a delayed timer or when irqs
4266 * are actually unmasked, and our working set ends up being
4267 * larger than required.
4269 i915_gem_retire_requests_ring(dev, obj_priv->ring);
4271 args->busy = obj_priv->active;
4274 drm_gem_object_unreference(obj);
4276 mutex_unlock(&dev->struct_mutex);
4281 i915_gem_throttle_ioctl(struct drm_device *dev, void *data,
4282 struct drm_file *file_priv)
4284 return i915_gem_ring_throttle(dev, file_priv);
4288 i915_gem_madvise_ioctl(struct drm_device *dev, void *data,
4289 struct drm_file *file_priv)
4291 struct drm_i915_gem_madvise *args = data;
4292 struct drm_gem_object *obj;
4293 struct drm_i915_gem_object *obj_priv;
4296 switch (args->madv) {
4297 case I915_MADV_DONTNEED:
4298 case I915_MADV_WILLNEED:
4304 ret = i915_mutex_lock_interruptible(dev);
4308 obj = drm_gem_object_lookup(dev, file_priv, args->handle);
4313 obj_priv = to_intel_bo(obj);
4315 if (obj_priv->pin_count) {
4320 if (obj_priv->madv != __I915_MADV_PURGED)
4321 obj_priv->madv = args->madv;
4323 /* if the object is no longer bound, discard its backing storage */
4324 if (i915_gem_object_is_purgeable(obj_priv) &&
4325 obj_priv->gtt_space == NULL)
4326 i915_gem_object_truncate(obj);
4328 args->retained = obj_priv->madv != __I915_MADV_PURGED;
4331 drm_gem_object_unreference(obj);
4333 mutex_unlock(&dev->struct_mutex);
4337 struct drm_gem_object * i915_gem_alloc_object(struct drm_device *dev,
4340 struct drm_i915_private *dev_priv = dev->dev_private;
4341 struct drm_i915_gem_object *obj;
4343 obj = kzalloc(sizeof(*obj), GFP_KERNEL);
4347 if (drm_gem_object_init(dev, &obj->base, size) != 0) {
4352 i915_gem_info_add_obj(dev_priv, size);
4354 obj->base.write_domain = I915_GEM_DOMAIN_CPU;
4355 obj->base.read_domains = I915_GEM_DOMAIN_CPU;
4357 obj->agp_type = AGP_USER_MEMORY;
4358 obj->base.driver_private = NULL;
4359 obj->fence_reg = I915_FENCE_REG_NONE;
4360 INIT_LIST_HEAD(&obj->mm_list);
4361 INIT_LIST_HEAD(&obj->ring_list);
4362 INIT_LIST_HEAD(&obj->gpu_write_list);
4363 obj->madv = I915_MADV_WILLNEED;
4368 int i915_gem_init_object(struct drm_gem_object *obj)
4375 static void i915_gem_free_object_tail(struct drm_gem_object *obj)
4377 struct drm_device *dev = obj->dev;
4378 drm_i915_private_t *dev_priv = dev->dev_private;
4379 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4382 ret = i915_gem_object_unbind(obj);
4383 if (ret == -ERESTARTSYS) {
4384 list_move(&obj_priv->mm_list,
4385 &dev_priv->mm.deferred_free_list);
4389 if (obj_priv->mmap_offset)
4390 i915_gem_free_mmap_offset(obj);
4392 drm_gem_object_release(obj);
4393 i915_gem_info_remove_obj(dev_priv, obj->size);
4395 kfree(obj_priv->page_cpu_valid);
4396 kfree(obj_priv->bit_17);
4400 void i915_gem_free_object(struct drm_gem_object *obj)
4402 struct drm_device *dev = obj->dev;
4403 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4405 trace_i915_gem_object_destroy(obj);
4407 while (obj_priv->pin_count > 0)
4408 i915_gem_object_unpin(obj);
4410 if (obj_priv->phys_obj)
4411 i915_gem_detach_phys_object(dev, obj);
4413 i915_gem_free_object_tail(obj);
4417 i915_gem_idle(struct drm_device *dev)
4419 drm_i915_private_t *dev_priv = dev->dev_private;
4422 mutex_lock(&dev->struct_mutex);
4424 if (dev_priv->mm.suspended) {
4425 mutex_unlock(&dev->struct_mutex);
4429 ret = i915_gpu_idle(dev);
4431 mutex_unlock(&dev->struct_mutex);
4435 /* Under UMS, be paranoid and evict. */
4436 if (!drm_core_check_feature(dev, DRIVER_MODESET)) {
4437 ret = i915_gem_evict_inactive(dev);
4439 mutex_unlock(&dev->struct_mutex);
4444 /* Hack! Don't let anybody do execbuf while we don't control the chip.
4445 * We need to replace this with a semaphore, or something.
4446 * And not confound mm.suspended!
4448 dev_priv->mm.suspended = 1;
4449 del_timer_sync(&dev_priv->hangcheck_timer);
4451 i915_kernel_lost_context(dev);
4452 i915_gem_cleanup_ringbuffer(dev);
4454 mutex_unlock(&dev->struct_mutex);
4456 /* Cancel the retire work handler, which should be idle now. */
4457 cancel_delayed_work_sync(&dev_priv->mm.retire_work);
4463 * 965+ support PIPE_CONTROL commands, which provide finer grained control
4464 * over cache flushing.
4467 i915_gem_init_pipe_control(struct drm_device *dev)
4469 drm_i915_private_t *dev_priv = dev->dev_private;
4470 struct drm_gem_object *obj;
4471 struct drm_i915_gem_object *obj_priv;
4474 obj = i915_gem_alloc_object(dev, 4096);
4476 DRM_ERROR("Failed to allocate seqno page\n");
4480 obj_priv = to_intel_bo(obj);
4481 obj_priv->agp_type = AGP_USER_CACHED_MEMORY;
4483 ret = i915_gem_object_pin(obj, 4096);
4487 dev_priv->seqno_gfx_addr = obj_priv->gtt_offset;
4488 dev_priv->seqno_page = kmap(obj_priv->pages[0]);
4489 if (dev_priv->seqno_page == NULL)
4492 dev_priv->seqno_obj = obj;
4493 memset(dev_priv->seqno_page, 0, PAGE_SIZE);
4498 i915_gem_object_unpin(obj);
4500 drm_gem_object_unreference(obj);
4507 i915_gem_cleanup_pipe_control(struct drm_device *dev)
4509 drm_i915_private_t *dev_priv = dev->dev_private;
4510 struct drm_gem_object *obj;
4511 struct drm_i915_gem_object *obj_priv;
4513 obj = dev_priv->seqno_obj;
4514 obj_priv = to_intel_bo(obj);
4515 kunmap(obj_priv->pages[0]);
4516 i915_gem_object_unpin(obj);
4517 drm_gem_object_unreference(obj);
4518 dev_priv->seqno_obj = NULL;
4520 dev_priv->seqno_page = NULL;
4524 i915_gem_init_ringbuffer(struct drm_device *dev)
4526 drm_i915_private_t *dev_priv = dev->dev_private;
4529 if (HAS_PIPE_CONTROL(dev)) {
4530 ret = i915_gem_init_pipe_control(dev);
4535 ret = intel_init_render_ring_buffer(dev);
4537 goto cleanup_pipe_control;
4540 ret = intel_init_bsd_ring_buffer(dev);
4542 goto cleanup_render_ring;
4546 ret = intel_init_blt_ring_buffer(dev);
4548 goto cleanup_bsd_ring;
4551 dev_priv->next_seqno = 1;
4556 intel_cleanup_ring_buffer(dev, &dev_priv->bsd_ring);
4557 cleanup_render_ring:
4558 intel_cleanup_ring_buffer(dev, &dev_priv->render_ring);
4559 cleanup_pipe_control:
4560 if (HAS_PIPE_CONTROL(dev))
4561 i915_gem_cleanup_pipe_control(dev);
4566 i915_gem_cleanup_ringbuffer(struct drm_device *dev)
4568 drm_i915_private_t *dev_priv = dev->dev_private;
4570 intel_cleanup_ring_buffer(dev, &dev_priv->render_ring);
4571 intel_cleanup_ring_buffer(dev, &dev_priv->bsd_ring);
4572 intel_cleanup_ring_buffer(dev, &dev_priv->blt_ring);
4573 if (HAS_PIPE_CONTROL(dev))
4574 i915_gem_cleanup_pipe_control(dev);
4578 i915_gem_entervt_ioctl(struct drm_device *dev, void *data,
4579 struct drm_file *file_priv)
4581 drm_i915_private_t *dev_priv = dev->dev_private;
4584 if (drm_core_check_feature(dev, DRIVER_MODESET))
4587 if (atomic_read(&dev_priv->mm.wedged)) {
4588 DRM_ERROR("Reenabling wedged hardware, good luck\n");
4589 atomic_set(&dev_priv->mm.wedged, 0);
4592 mutex_lock(&dev->struct_mutex);
4593 dev_priv->mm.suspended = 0;
4595 ret = i915_gem_init_ringbuffer(dev);
4597 mutex_unlock(&dev->struct_mutex);
4601 BUG_ON(!list_empty(&dev_priv->mm.active_list));
4602 BUG_ON(!list_empty(&dev_priv->render_ring.active_list));
4603 BUG_ON(!list_empty(&dev_priv->bsd_ring.active_list));
4604 BUG_ON(!list_empty(&dev_priv->blt_ring.active_list));
4605 BUG_ON(!list_empty(&dev_priv->mm.flushing_list));
4606 BUG_ON(!list_empty(&dev_priv->mm.inactive_list));
4607 BUG_ON(!list_empty(&dev_priv->render_ring.request_list));
4608 BUG_ON(!list_empty(&dev_priv->bsd_ring.request_list));
4609 BUG_ON(!list_empty(&dev_priv->blt_ring.request_list));
4610 mutex_unlock(&dev->struct_mutex);
4612 ret = drm_irq_install(dev);
4614 goto cleanup_ringbuffer;
4619 mutex_lock(&dev->struct_mutex);
4620 i915_gem_cleanup_ringbuffer(dev);
4621 dev_priv->mm.suspended = 1;
4622 mutex_unlock(&dev->struct_mutex);
4628 i915_gem_leavevt_ioctl(struct drm_device *dev, void *data,
4629 struct drm_file *file_priv)
4631 if (drm_core_check_feature(dev, DRIVER_MODESET))
4634 drm_irq_uninstall(dev);
4635 return i915_gem_idle(dev);
4639 i915_gem_lastclose(struct drm_device *dev)
4643 if (drm_core_check_feature(dev, DRIVER_MODESET))
4646 ret = i915_gem_idle(dev);
4648 DRM_ERROR("failed to idle hardware: %d\n", ret);
4652 init_ring_lists(struct intel_ring_buffer *ring)
4654 INIT_LIST_HEAD(&ring->active_list);
4655 INIT_LIST_HEAD(&ring->request_list);
4656 INIT_LIST_HEAD(&ring->gpu_write_list);
4660 i915_gem_load(struct drm_device *dev)
4663 drm_i915_private_t *dev_priv = dev->dev_private;
4665 INIT_LIST_HEAD(&dev_priv->mm.active_list);
4666 INIT_LIST_HEAD(&dev_priv->mm.flushing_list);
4667 INIT_LIST_HEAD(&dev_priv->mm.inactive_list);
4668 INIT_LIST_HEAD(&dev_priv->mm.pinned_list);
4669 INIT_LIST_HEAD(&dev_priv->mm.fence_list);
4670 INIT_LIST_HEAD(&dev_priv->mm.deferred_free_list);
4671 init_ring_lists(&dev_priv->render_ring);
4672 init_ring_lists(&dev_priv->bsd_ring);
4673 init_ring_lists(&dev_priv->blt_ring);
4674 for (i = 0; i < 16; i++)
4675 INIT_LIST_HEAD(&dev_priv->fence_regs[i].lru_list);
4676 INIT_DELAYED_WORK(&dev_priv->mm.retire_work,
4677 i915_gem_retire_work_handler);
4678 init_completion(&dev_priv->error_completion);
4679 spin_lock(&shrink_list_lock);
4680 list_add(&dev_priv->mm.shrink_list, &shrink_list);
4681 spin_unlock(&shrink_list_lock);
4683 /* On GEN3 we really need to make sure the ARB C3 LP bit is set */
4685 u32 tmp = I915_READ(MI_ARB_STATE);
4686 if (!(tmp & MI_ARB_C3_LP_WRITE_ENABLE)) {
4687 /* arb state is a masked write, so set bit + bit in mask */
4688 tmp = MI_ARB_C3_LP_WRITE_ENABLE | (MI_ARB_C3_LP_WRITE_ENABLE << MI_ARB_MASK_SHIFT);
4689 I915_WRITE(MI_ARB_STATE, tmp);
4693 /* Old X drivers will take 0-2 for front, back, depth buffers */
4694 if (!drm_core_check_feature(dev, DRIVER_MODESET))
4695 dev_priv->fence_reg_start = 3;
4697 if (INTEL_INFO(dev)->gen >= 4 || IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4698 dev_priv->num_fence_regs = 16;
4700 dev_priv->num_fence_regs = 8;
4702 /* Initialize fence registers to zero */
4703 switch (INTEL_INFO(dev)->gen) {
4705 for (i = 0; i < 16; i++)
4706 I915_WRITE64(FENCE_REG_SANDYBRIDGE_0 + (i * 8), 0);
4710 for (i = 0; i < 16; i++)
4711 I915_WRITE64(FENCE_REG_965_0 + (i * 8), 0);
4714 if (IS_I945G(dev) || IS_I945GM(dev) || IS_G33(dev))
4715 for (i = 0; i < 8; i++)
4716 I915_WRITE(FENCE_REG_945_8 + (i * 4), 0);
4718 for (i = 0; i < 8; i++)
4719 I915_WRITE(FENCE_REG_830_0 + (i * 4), 0);
4722 i915_gem_detect_bit_6_swizzle(dev);
4723 init_waitqueue_head(&dev_priv->pending_flip_queue);
4727 * Create a physically contiguous memory object for this object
4728 * e.g. for cursor + overlay regs
4730 static int i915_gem_init_phys_object(struct drm_device *dev,
4731 int id, int size, int align)
4733 drm_i915_private_t *dev_priv = dev->dev_private;
4734 struct drm_i915_gem_phys_object *phys_obj;
4737 if (dev_priv->mm.phys_objs[id - 1] || !size)
4740 phys_obj = kzalloc(sizeof(struct drm_i915_gem_phys_object), GFP_KERNEL);
4746 phys_obj->handle = drm_pci_alloc(dev, size, align);
4747 if (!phys_obj->handle) {
4752 set_memory_wc((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4755 dev_priv->mm.phys_objs[id - 1] = phys_obj;
4763 static void i915_gem_free_phys_object(struct drm_device *dev, int id)
4765 drm_i915_private_t *dev_priv = dev->dev_private;
4766 struct drm_i915_gem_phys_object *phys_obj;
4768 if (!dev_priv->mm.phys_objs[id - 1])
4771 phys_obj = dev_priv->mm.phys_objs[id - 1];
4772 if (phys_obj->cur_obj) {
4773 i915_gem_detach_phys_object(dev, phys_obj->cur_obj);
4777 set_memory_wb((unsigned long)phys_obj->handle->vaddr, phys_obj->handle->size / PAGE_SIZE);
4779 drm_pci_free(dev, phys_obj->handle);
4781 dev_priv->mm.phys_objs[id - 1] = NULL;
4784 void i915_gem_free_all_phys_object(struct drm_device *dev)
4788 for (i = I915_GEM_PHYS_CURSOR_0; i <= I915_MAX_PHYS_OBJECT; i++)
4789 i915_gem_free_phys_object(dev, i);
4792 void i915_gem_detach_phys_object(struct drm_device *dev,
4793 struct drm_gem_object *obj)
4795 struct drm_i915_gem_object *obj_priv;
4800 obj_priv = to_intel_bo(obj);
4801 if (!obj_priv->phys_obj)
4804 ret = i915_gem_object_get_pages(obj, 0);
4808 page_count = obj->size / PAGE_SIZE;
4810 for (i = 0; i < page_count; i++) {
4811 char *dst = kmap_atomic(obj_priv->pages[i]);
4812 char *src = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4814 memcpy(dst, src, PAGE_SIZE);
4817 drm_clflush_pages(obj_priv->pages, page_count);
4818 drm_agp_chipset_flush(dev);
4820 i915_gem_object_put_pages(obj);
4822 obj_priv->phys_obj->cur_obj = NULL;
4823 obj_priv->phys_obj = NULL;
4827 i915_gem_attach_phys_object(struct drm_device *dev,
4828 struct drm_gem_object *obj,
4832 drm_i915_private_t *dev_priv = dev->dev_private;
4833 struct drm_i915_gem_object *obj_priv;
4838 if (id > I915_MAX_PHYS_OBJECT)
4841 obj_priv = to_intel_bo(obj);
4843 if (obj_priv->phys_obj) {
4844 if (obj_priv->phys_obj->id == id)
4846 i915_gem_detach_phys_object(dev, obj);
4849 /* create a new object */
4850 if (!dev_priv->mm.phys_objs[id - 1]) {
4851 ret = i915_gem_init_phys_object(dev, id,
4854 DRM_ERROR("failed to init phys object %d size: %zu\n", id, obj->size);
4859 /* bind to the object */
4860 obj_priv->phys_obj = dev_priv->mm.phys_objs[id - 1];
4861 obj_priv->phys_obj->cur_obj = obj;
4863 ret = i915_gem_object_get_pages(obj, 0);
4865 DRM_ERROR("failed to get page list\n");
4869 page_count = obj->size / PAGE_SIZE;
4871 for (i = 0; i < page_count; i++) {
4872 char *src = kmap_atomic(obj_priv->pages[i]);
4873 char *dst = obj_priv->phys_obj->handle->vaddr + (i * PAGE_SIZE);
4875 memcpy(dst, src, PAGE_SIZE);
4879 i915_gem_object_put_pages(obj);
4887 i915_gem_phys_pwrite(struct drm_device *dev, struct drm_gem_object *obj,
4888 struct drm_i915_gem_pwrite *args,
4889 struct drm_file *file_priv)
4891 struct drm_i915_gem_object *obj_priv = to_intel_bo(obj);
4892 void *vaddr = obj_priv->phys_obj->handle->vaddr + args->offset;
4893 char __user *user_data = (char __user *) (uintptr_t) args->data_ptr;
4895 DRM_DEBUG_DRIVER("vaddr %p, %lld\n", vaddr, args->size);
4897 if (__copy_from_user_inatomic_nocache(vaddr, user_data, args->size)) {
4898 unsigned long unwritten;
4900 /* The physical object once assigned is fixed for the lifetime
4901 * of the obj, so we can safely drop the lock and continue
4904 mutex_unlock(&dev->struct_mutex);
4905 unwritten = copy_from_user(vaddr, user_data, args->size);
4906 mutex_lock(&dev->struct_mutex);
4911 drm_agp_chipset_flush(dev);
4915 void i915_gem_release(struct drm_device *dev, struct drm_file *file)
4917 struct drm_i915_file_private *file_priv = file->driver_priv;
4919 /* Clean up our request list when the client is going away, so that
4920 * later retire_requests won't dereference our soon-to-be-gone
4923 spin_lock(&file_priv->mm.lock);
4924 while (!list_empty(&file_priv->mm.request_list)) {
4925 struct drm_i915_gem_request *request;
4927 request = list_first_entry(&file_priv->mm.request_list,
4928 struct drm_i915_gem_request,
4930 list_del(&request->client_list);
4931 request->file_priv = NULL;
4933 spin_unlock(&file_priv->mm.lock);
4937 i915_gpu_is_active(struct drm_device *dev)
4939 drm_i915_private_t *dev_priv = dev->dev_private;
4942 lists_empty = list_empty(&dev_priv->mm.flushing_list) &&
4943 list_empty(&dev_priv->mm.active_list);
4945 return !lists_empty;
4949 i915_gem_shrink(struct shrinker *shrink, int nr_to_scan, gfp_t gfp_mask)
4951 drm_i915_private_t *dev_priv, *next_dev;
4952 struct drm_i915_gem_object *obj_priv, *next_obj;
4954 int would_deadlock = 1;
4956 /* "fast-path" to count number of available objects */
4957 if (nr_to_scan == 0) {
4958 spin_lock(&shrink_list_lock);
4959 list_for_each_entry(dev_priv, &shrink_list, mm.shrink_list) {
4960 struct drm_device *dev = dev_priv->dev;
4962 if (mutex_trylock(&dev->struct_mutex)) {
4963 list_for_each_entry(obj_priv,
4964 &dev_priv->mm.inactive_list,
4967 mutex_unlock(&dev->struct_mutex);
4970 spin_unlock(&shrink_list_lock);
4972 return (cnt / 100) * sysctl_vfs_cache_pressure;
4975 spin_lock(&shrink_list_lock);
4978 /* first scan for clean buffers */
4979 list_for_each_entry_safe(dev_priv, next_dev,
4980 &shrink_list, mm.shrink_list) {
4981 struct drm_device *dev = dev_priv->dev;
4983 if (! mutex_trylock(&dev->struct_mutex))
4986 spin_unlock(&shrink_list_lock);
4987 i915_gem_retire_requests(dev);
4989 list_for_each_entry_safe(obj_priv, next_obj,
4990 &dev_priv->mm.inactive_list,
4992 if (i915_gem_object_is_purgeable(obj_priv)) {
4993 i915_gem_object_unbind(&obj_priv->base);
4994 if (--nr_to_scan <= 0)
4999 spin_lock(&shrink_list_lock);
5000 mutex_unlock(&dev->struct_mutex);
5004 if (nr_to_scan <= 0)
5008 /* second pass, evict/count anything still on the inactive list */
5009 list_for_each_entry_safe(dev_priv, next_dev,
5010 &shrink_list, mm.shrink_list) {
5011 struct drm_device *dev = dev_priv->dev;
5013 if (! mutex_trylock(&dev->struct_mutex))
5016 spin_unlock(&shrink_list_lock);
5018 list_for_each_entry_safe(obj_priv, next_obj,
5019 &dev_priv->mm.inactive_list,
5021 if (nr_to_scan > 0) {
5022 i915_gem_object_unbind(&obj_priv->base);
5028 spin_lock(&shrink_list_lock);
5029 mutex_unlock(&dev->struct_mutex);
5038 * We are desperate for pages, so as a last resort, wait
5039 * for the GPU to finish and discard whatever we can.
5040 * This has a dramatic impact to reduce the number of
5041 * OOM-killer events whilst running the GPU aggressively.
5043 list_for_each_entry(dev_priv, &shrink_list, mm.shrink_list) {
5044 struct drm_device *dev = dev_priv->dev;
5046 if (!mutex_trylock(&dev->struct_mutex))
5049 spin_unlock(&shrink_list_lock);
5051 if (i915_gpu_is_active(dev)) {
5056 spin_lock(&shrink_list_lock);
5057 mutex_unlock(&dev->struct_mutex);
5064 spin_unlock(&shrink_list_lock);
5069 return (cnt / 100) * sysctl_vfs_cache_pressure;
5074 static struct shrinker shrinker = {
5075 .shrink = i915_gem_shrink,
5076 .seeks = DEFAULT_SEEKS,
5080 i915_gem_shrinker_init(void)
5082 register_shrinker(&shrinker);
5086 i915_gem_shrinker_exit(void)
5088 unregister_shrinker(&shrinker);
projects / firefly-linux-kernel-4.4.55.git / blob