CoCalc -- kfd_chardev.c

GitHub Repository: torvalds/linux
Path: blob/master/drivers/gpu/drm/amd/amdkfd/kfd_chardev.c
²⁶⁵¹⁶ views
1
// SPDX-License-Identifier: GPL-2.0 OR MIT
2
/*
3
 * Copyright 2014-2022 Advanced Micro Devices, Inc.
4
 *
5
 * Permission is hereby granted, free of charge, to any person obtaining a
6
 * copy of this software and associated documentation files (the "Software"),
7
 * to deal in the Software without restriction, including without limitation
8
 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
9
 * and/or sell copies of the Software, and to permit persons to whom the
10
 * Software is furnished to do so, subject to the following conditions:
11
 *
12
 * The above copyright notice and this permission notice shall be included in
13
 * all copies or substantial portions of the Software.
14
 *
15
 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16
 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17
 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.  IN NO EVENT SHALL
18
 * THE COPYRIGHT HOLDER(S) OR AUTHOR(S) BE LIABLE FOR ANY CLAIM, DAMAGES OR
19
 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
20
 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
21
 * OTHER DEALINGS IN THE SOFTWARE.
22
 */
23

24
#include <linux/device.h>
25
#include <linux/err.h>
26
#include <linux/fs.h>
27
#include <linux/file.h>
28
#include <linux/sched.h>
29
#include <linux/slab.h>
30
#include <linux/uaccess.h>
31
#include <linux/compat.h>
32
#include <uapi/linux/kfd_ioctl.h>
33
#include <linux/time.h>
34
#include <linux/mm.h>
35
#include <linux/mman.h>
36
#include <linux/ptrace.h>
37
#include <linux/dma-buf.h>
38
#include <linux/processor.h>
39
#include "kfd_priv.h"
40
#include "kfd_device_queue_manager.h"
41
#include "kfd_svm.h"
42
#include "amdgpu_amdkfd.h"
43
#include "kfd_smi_events.h"
44
#include "amdgpu_dma_buf.h"
45
#include "kfd_debug.h"
46

47
static long kfd_ioctl(struct file *, unsigned int, unsigned long);
48
static int kfd_open(struct inode *, struct file *);
49
static int kfd_release(struct inode *, struct file *);
50
static int kfd_mmap(struct file *, struct vm_area_struct *);
51

52
static const char kfd_dev_name[] = "kfd";
53

54
static const struct file_operations kfd_fops = {
55
	.owner = THIS_MODULE,
56
	.unlocked_ioctl = kfd_ioctl,
57
	.compat_ioctl = compat_ptr_ioctl,
58
	.open = kfd_open,
59
	.release = kfd_release,
60
	.mmap = kfd_mmap,
61
};
62

63
static int kfd_char_dev_major = -1;
64
struct device *kfd_device;
65
static const struct class kfd_class = {
66
	.name = kfd_dev_name,
67
};
68

69
static inline struct kfd_process_device *kfd_lock_pdd_by_id(struct kfd_process *p, __u32 gpu_id)
70
{
71
	struct kfd_process_device *pdd;
72

73
	mutex_lock(&p->mutex);
74
	pdd = kfd_process_device_data_by_id(p, gpu_id);
75

76
	if (pdd)
77
		return pdd;
78

79
	mutex_unlock(&p->mutex);
80
	return NULL;
81
}
82

83
static inline void kfd_unlock_pdd(struct kfd_process_device *pdd)
84
{
85
	mutex_unlock(&pdd->process->mutex);
86
}
87

88
int kfd_chardev_init(void)
89
{
90
	int err = 0;
91

92
	kfd_char_dev_major = register_chrdev(0, kfd_dev_name, &kfd_fops);
93
	err = kfd_char_dev_major;
94
	if (err < 0)
95
		goto err_register_chrdev;
96

97
	err = class_register(&kfd_class);
98
	if (err)
99
		goto err_class_create;
100

101
	kfd_device = device_create(&kfd_class, NULL,
102
				   MKDEV(kfd_char_dev_major, 0),
103
				   NULL, kfd_dev_name);
104
	err = PTR_ERR(kfd_device);
105
	if (IS_ERR(kfd_device))
106
		goto err_device_create;
107

108
	return 0;
109

110
err_device_create:
111
	class_unregister(&kfd_class);
112
err_class_create:
113
	unregister_chrdev(kfd_char_dev_major, kfd_dev_name);
114
err_register_chrdev:
115
	return err;
116
}
117

118
void kfd_chardev_exit(void)
119
{
120
	device_destroy(&kfd_class, MKDEV(kfd_char_dev_major, 0));
121
	class_unregister(&kfd_class);
122
	unregister_chrdev(kfd_char_dev_major, kfd_dev_name);
123
	kfd_device = NULL;
124
}
125

126

127
static int kfd_open(struct inode *inode, struct file *filep)
128
{
129
	struct kfd_process *process;
130
	bool is_32bit_user_mode;
131

132
	if (iminor(inode) != 0)
133
		return -ENODEV;
134

135
	is_32bit_user_mode = in_compat_syscall();
136

137
	if (is_32bit_user_mode) {
138
		dev_warn(kfd_device,
139
			"Process %d (32-bit) failed to open /dev/kfd\n"
140
			"32-bit processes are not supported by amdkfd\n",
141
			current->pid);
142
		return -EPERM;
143
	}
144

145
	process = kfd_create_process(current);
146
	if (IS_ERR(process))
147
		return PTR_ERR(process);
148

149
	if (kfd_process_init_cwsr_apu(process, filep)) {
150
		kfd_unref_process(process);
151
		return -EFAULT;
152
	}
153

154
	/* filep now owns the reference returned by kfd_create_process */
155
	filep->private_data = process;
156

157
	dev_dbg(kfd_device, "process pid %d opened kfd node, compat mode (32 bit) - %d\n",
158
		process->lead_thread->pid, process->is_32bit_user_mode);
159

160
	return 0;
161
}
162

163
static int kfd_release(struct inode *inode, struct file *filep)
164
{
165
	struct kfd_process *process = filep->private_data;
166

167
	if (process)
168
		kfd_unref_process(process);
169

170
	return 0;
171
}
172

173
static int kfd_ioctl_get_version(struct file *filep, struct kfd_process *p,
174
					void *data)
175
{
176
	struct kfd_ioctl_get_version_args *args = data;
177

178
	args->major_version = KFD_IOCTL_MAJOR_VERSION;
179
	args->minor_version = KFD_IOCTL_MINOR_VERSION;
180

181
	return 0;
182
}
183

184
static int set_queue_properties_from_user(struct queue_properties *q_properties,
185
				struct kfd_ioctl_create_queue_args *args)
186
{
187
	/*
188
	 * Repurpose queue percentage to accommodate new features:
189
	 * bit 0-7: queue percentage
190
	 * bit 8-15: pm4_target_xcc
191
	 */
192
	if ((args->queue_percentage & 0xFF) > KFD_MAX_QUEUE_PERCENTAGE) {
193
		pr_err("Queue percentage must be between 0 to KFD_MAX_QUEUE_PERCENTAGE\n");
194
		return -EINVAL;
195
	}
196

197
	if (args->queue_priority > KFD_MAX_QUEUE_PRIORITY) {
198
		pr_err("Queue priority must be between 0 to KFD_MAX_QUEUE_PRIORITY\n");
199
		return -EINVAL;
200
	}
201

202
	if ((args->ring_base_address) &&
203
		(!access_ok((const void __user *) args->ring_base_address,
204
			sizeof(uint64_t)))) {
205
		pr_err("Can't access ring base address\n");
206
		return -EFAULT;
207
	}
208

209
	if (!is_power_of_2(args->ring_size) && (args->ring_size != 0)) {
210
		pr_err("Ring size must be a power of 2 or 0\n");
211
		return -EINVAL;
212
	}
213

214
	if (args->ring_size < KFD_MIN_QUEUE_RING_SIZE) {
215
		args->ring_size = KFD_MIN_QUEUE_RING_SIZE;
216
		pr_debug("Size lower. clamped to KFD_MIN_QUEUE_RING_SIZE");
217
	}
218

219
	if (!access_ok((const void __user *) args->read_pointer_address,
220
			sizeof(uint32_t))) {
221
		pr_err("Can't access read pointer\n");
222
		return -EFAULT;
223
	}
224

225
	if (!access_ok((const void __user *) args->write_pointer_address,
226
			sizeof(uint32_t))) {
227
		pr_err("Can't access write pointer\n");
228
		return -EFAULT;
229
	}
230

231
	if (args->eop_buffer_address &&
232
		!access_ok((const void __user *) args->eop_buffer_address,
233
			sizeof(uint32_t))) {
234
		pr_debug("Can't access eop buffer");
235
		return -EFAULT;
236
	}
237

238
	if (args->ctx_save_restore_address &&
239
		!access_ok((const void __user *) args->ctx_save_restore_address,
240
			sizeof(uint32_t))) {
241
		pr_debug("Can't access ctx save restore buffer");
242
		return -EFAULT;
243
	}
244

245
	q_properties->is_interop = false;
246
	q_properties->is_gws = false;
247
	q_properties->queue_percent = args->queue_percentage & 0xFF;
248
	/* bit 8-15 are repurposed to be PM4 target XCC */
249
	q_properties->pm4_target_xcc = (args->queue_percentage >> 8) & 0xFF;
250
	q_properties->priority = args->queue_priority;
251
	q_properties->queue_address = args->ring_base_address;
252
	q_properties->queue_size = args->ring_size;
253
	q_properties->read_ptr = (void __user *)args->read_pointer_address;
254
	q_properties->write_ptr = (void __user *)args->write_pointer_address;
255
	q_properties->eop_ring_buffer_address = args->eop_buffer_address;
256
	q_properties->eop_ring_buffer_size = args->eop_buffer_size;
257
	q_properties->ctx_save_restore_area_address =
258
			args->ctx_save_restore_address;
259
	q_properties->ctx_save_restore_area_size = args->ctx_save_restore_size;
260
	q_properties->ctl_stack_size = args->ctl_stack_size;
261
	q_properties->sdma_engine_id = args->sdma_engine_id;
262
	if (args->queue_type == KFD_IOC_QUEUE_TYPE_COMPUTE ||
263
		args->queue_type == KFD_IOC_QUEUE_TYPE_COMPUTE_AQL)
264
		q_properties->type = KFD_QUEUE_TYPE_COMPUTE;
265
	else if (args->queue_type == KFD_IOC_QUEUE_TYPE_SDMA)
266
		q_properties->type = KFD_QUEUE_TYPE_SDMA;
267
	else if (args->queue_type == KFD_IOC_QUEUE_TYPE_SDMA_XGMI)
268
		q_properties->type = KFD_QUEUE_TYPE_SDMA_XGMI;
269
	else if (args->queue_type == KFD_IOC_QUEUE_TYPE_SDMA_BY_ENG_ID)
270
		q_properties->type = KFD_QUEUE_TYPE_SDMA_BY_ENG_ID;
271
	else
272
		return -ENOTSUPP;
273

274
	if (args->queue_type == KFD_IOC_QUEUE_TYPE_COMPUTE_AQL)
275
		q_properties->format = KFD_QUEUE_FORMAT_AQL;
276
	else
277
		q_properties->format = KFD_QUEUE_FORMAT_PM4;
278

279
	pr_debug("Queue Percentage: %d, %d\n",
280
			q_properties->queue_percent, args->queue_percentage);
281

282
	pr_debug("Queue Priority: %d, %d\n",
283
			q_properties->priority, args->queue_priority);
284

285
	pr_debug("Queue Address: 0x%llX, 0x%llX\n",
286
			q_properties->queue_address, args->ring_base_address);
287

288
	pr_debug("Queue Size: 0x%llX, %u\n",
289
			q_properties->queue_size, args->ring_size);
290

291
	pr_debug("Queue r/w Pointers: %px, %px\n",
292
			q_properties->read_ptr,
293
			q_properties->write_ptr);
294

295
	pr_debug("Queue Format: %d\n", q_properties->format);
296

297
	pr_debug("Queue EOP: 0x%llX\n", q_properties->eop_ring_buffer_address);
298

299
	pr_debug("Queue CTX save area: 0x%llX\n",
300
			q_properties->ctx_save_restore_area_address);
301

302
	return 0;
303
}
304

305
static int kfd_ioctl_create_queue(struct file *filep, struct kfd_process *p,
306
					void *data)
307
{
308
	struct kfd_ioctl_create_queue_args *args = data;
309
	struct kfd_node *dev;
310
	int err = 0;
311
	unsigned int queue_id;
312
	struct kfd_process_device *pdd;
313
	struct queue_properties q_properties;
314
	uint32_t doorbell_offset_in_process = 0;
315

316
	memset(&q_properties, 0, sizeof(struct queue_properties));
317

318
	pr_debug("Creating queue ioctl\n");
319

320
	err = set_queue_properties_from_user(&q_properties, args);
321
	if (err)
322
		return err;
323

324
	pr_debug("Looking for gpu id 0x%x\n", args->gpu_id);
325

326
	mutex_lock(&p->mutex);
327

328
	pdd = kfd_process_device_data_by_id(p, args->gpu_id);
329
	if (!pdd) {
330
		pr_debug("Could not find gpu id 0x%x\n", args->gpu_id);
331
		err = -EINVAL;
332
		goto err_pdd;
333
	}
334
	dev = pdd->dev;
335

336
	pdd = kfd_bind_process_to_device(dev, p);
337
	if (IS_ERR(pdd)) {
338
		err = -ESRCH;
339
		goto err_bind_process;
340
	}
341

342
	if (q_properties.type == KFD_QUEUE_TYPE_SDMA_BY_ENG_ID) {
343
		int max_sdma_eng_id = kfd_get_num_sdma_engines(dev) +
344
				      kfd_get_num_xgmi_sdma_engines(dev) - 1;
345

346
		if (q_properties.sdma_engine_id > max_sdma_eng_id) {
347
			err = -EINVAL;
348
			pr_err("sdma_engine_id %i exceeds maximum id of %i\n",
349
			       q_properties.sdma_engine_id, max_sdma_eng_id);
350
			goto err_sdma_engine_id;
351
		}
352
	}
353

354
	if (!pdd->qpd.proc_doorbells) {
355
		err = kfd_alloc_process_doorbells(dev->kfd, pdd);
356
		if (err) {
357
			pr_debug("failed to allocate process doorbells\n");
358
			goto err_bind_process;
359
		}
360
	}
361

362
	err = kfd_queue_acquire_buffers(pdd, &q_properties);
363
	if (err) {
364
		pr_debug("failed to acquire user queue buffers\n");
365
		goto err_acquire_queue_buf;
366
	}
367

368
	pr_debug("Creating queue for process pid %d on gpu 0x%x\n",
369
			p->lead_thread->pid,
370
			dev->id);
371

372
	err = pqm_create_queue(&p->pqm, dev, &q_properties, &queue_id,
373
			NULL, NULL, NULL, &doorbell_offset_in_process);
374
	if (err != 0)
375
		goto err_create_queue;
376

377
	args->queue_id = queue_id;
378

379

380
	/* Return gpu_id as doorbell offset for mmap usage */
381
	args->doorbell_offset = KFD_MMAP_TYPE_DOORBELL;
382
	args->doorbell_offset |= KFD_MMAP_GPU_ID(args->gpu_id);
383
	if (KFD_IS_SOC15(dev))
384
		/* On SOC15 ASICs, include the doorbell offset within the
385
		 * process doorbell frame, which is 2 pages.
386
		 */
387
		args->doorbell_offset |= doorbell_offset_in_process;
388

389
	mutex_unlock(&p->mutex);
390

391
	pr_debug("Queue id %d was created successfully\n", args->queue_id);
392

393
	pr_debug("Ring buffer address == 0x%016llX\n",
394
			args->ring_base_address);
395

396
	pr_debug("Read ptr address    == 0x%016llX\n",
397
			args->read_pointer_address);
398

399
	pr_debug("Write ptr address   == 0x%016llX\n",
400
			args->write_pointer_address);
401

402
	kfd_dbg_ev_raise(KFD_EC_MASK(EC_QUEUE_NEW), p, dev, queue_id, false, NULL, 0);
403
	return 0;
404

405
err_create_queue:
406
	kfd_queue_unref_bo_vas(pdd, &q_properties);
407
	kfd_queue_release_buffers(pdd, &q_properties);
408
err_acquire_queue_buf:
409
err_sdma_engine_id:
410
err_bind_process:
411
err_pdd:
412
	mutex_unlock(&p->mutex);
413
	return err;
414
}
415

416
static int kfd_ioctl_destroy_queue(struct file *filp, struct kfd_process *p,
417
					void *data)
418
{
419
	int retval;
420
	struct kfd_ioctl_destroy_queue_args *args = data;
421

422
	pr_debug("Destroying queue id %d for process pid %d\n",
423
				args->queue_id,
424
				p->lead_thread->pid);
425

426
	mutex_lock(&p->mutex);
427

428
	retval = pqm_destroy_queue(&p->pqm, args->queue_id);
429

430
	mutex_unlock(&p->mutex);
431
	return retval;
432
}
433

434
static int kfd_ioctl_update_queue(struct file *filp, struct kfd_process *p,
435
					void *data)
436
{
437
	int retval;
438
	struct kfd_ioctl_update_queue_args *args = data;
439
	struct queue_properties properties;
440

441
	/*
442
	 * Repurpose queue percentage to accommodate new features:
443
	 * bit 0-7: queue percentage
444
	 * bit 8-15: pm4_target_xcc
445
	 */
446
	if ((args->queue_percentage & 0xFF) > KFD_MAX_QUEUE_PERCENTAGE) {
447
		pr_err("Queue percentage must be between 0 to KFD_MAX_QUEUE_PERCENTAGE\n");
448
		return -EINVAL;
449
	}
450

451
	if (args->queue_priority > KFD_MAX_QUEUE_PRIORITY) {
452
		pr_err("Queue priority must be between 0 to KFD_MAX_QUEUE_PRIORITY\n");
453
		return -EINVAL;
454
	}
455

456
	if ((args->ring_base_address) &&
457
		(!access_ok((const void __user *) args->ring_base_address,
458
			sizeof(uint64_t)))) {
459
		pr_err("Can't access ring base address\n");
460
		return -EFAULT;
461
	}
462

463
	if (!is_power_of_2(args->ring_size) && (args->ring_size != 0)) {
464
		pr_err("Ring size must be a power of 2 or 0\n");
465
		return -EINVAL;
466
	}
467

468
	if (args->ring_size < KFD_MIN_QUEUE_RING_SIZE) {
469
		args->ring_size = KFD_MIN_QUEUE_RING_SIZE;
470
		pr_debug("Size lower. clamped to KFD_MIN_QUEUE_RING_SIZE");
471
	}
472

473
	properties.queue_address = args->ring_base_address;
474
	properties.queue_size = args->ring_size;
475
	properties.queue_percent = args->queue_percentage & 0xFF;
476
	/* bit 8-15 are repurposed to be PM4 target XCC */
477
	properties.pm4_target_xcc = (args->queue_percentage >> 8) & 0xFF;
478
	properties.priority = args->queue_priority;
479

480
	pr_debug("Updating queue id %d for process pid %d\n",
481
			args->queue_id, p->lead_thread->pid);
482

483
	mutex_lock(&p->mutex);
484

485
	retval = pqm_update_queue_properties(&p->pqm, args->queue_id, &properties);
486

487
	mutex_unlock(&p->mutex);
488

489
	return retval;
490
}
491

492
static int kfd_ioctl_set_cu_mask(struct file *filp, struct kfd_process *p,
493
					void *data)
494
{
495
	int retval;
496
	const int max_num_cus = 1024;
497
	struct kfd_ioctl_set_cu_mask_args *args = data;
498
	struct mqd_update_info minfo = {0};
499
	uint32_t __user *cu_mask_ptr = (uint32_t __user *)args->cu_mask_ptr;
500
	size_t cu_mask_size = sizeof(uint32_t) * (args->num_cu_mask / 32);
501

502
	if ((args->num_cu_mask % 32) != 0) {
503
		pr_debug("num_cu_mask 0x%x must be a multiple of 32",
504
				args->num_cu_mask);
505
		return -EINVAL;
506
	}
507

508
	minfo.cu_mask.count = args->num_cu_mask;
509
	if (minfo.cu_mask.count == 0) {
510
		pr_debug("CU mask cannot be 0");
511
		return -EINVAL;
512
	}
513

514
	/* To prevent an unreasonably large CU mask size, set an arbitrary
515
	 * limit of max_num_cus bits.  We can then just drop any CU mask bits
516
	 * past max_num_cus bits and just use the first max_num_cus bits.
517
	 */
518
	if (minfo.cu_mask.count > max_num_cus) {
519
		pr_debug("CU mask cannot be greater than 1024 bits");
520
		minfo.cu_mask.count = max_num_cus;
521
		cu_mask_size = sizeof(uint32_t) * (max_num_cus/32);
522
	}
523

524
	minfo.cu_mask.ptr = kzalloc(cu_mask_size, GFP_KERNEL);
525
	if (!minfo.cu_mask.ptr)
526
		return -ENOMEM;
527

528
	retval = copy_from_user(minfo.cu_mask.ptr, cu_mask_ptr, cu_mask_size);
529
	if (retval) {
530
		pr_debug("Could not copy CU mask from userspace");
531
		retval = -EFAULT;
532
		goto out;
533
	}
534

535
	mutex_lock(&p->mutex);
536

537
	retval = pqm_update_mqd(&p->pqm, args->queue_id, &minfo);
538

539
	mutex_unlock(&p->mutex);
540

541
out:
542
	kfree(minfo.cu_mask.ptr);
543
	return retval;
544
}
545

546
static int kfd_ioctl_get_queue_wave_state(struct file *filep,
547
					  struct kfd_process *p, void *data)
548
{
549
	struct kfd_ioctl_get_queue_wave_state_args *args = data;
550
	int r;
551

552
	mutex_lock(&p->mutex);
553

554
	r = pqm_get_wave_state(&p->pqm, args->queue_id,
555
			       (void __user *)args->ctl_stack_address,
556
			       &args->ctl_stack_used_size,
557
			       &args->save_area_used_size);
558

559
	mutex_unlock(&p->mutex);
560

561
	return r;
562
}
563

564
static int kfd_ioctl_set_memory_policy(struct file *filep,
565
					struct kfd_process *p, void *data)
566
{
567
	struct kfd_ioctl_set_memory_policy_args *args = data;
568
	int err = 0;
569
	struct kfd_process_device *pdd;
570
	enum cache_policy default_policy, alternate_policy;
571

572
	if (args->default_policy != KFD_IOC_CACHE_POLICY_COHERENT
573
	    && args->default_policy != KFD_IOC_CACHE_POLICY_NONCOHERENT) {
574
		return -EINVAL;
575
	}
576

577
	if (args->alternate_policy != KFD_IOC_CACHE_POLICY_COHERENT
578
	    && args->alternate_policy != KFD_IOC_CACHE_POLICY_NONCOHERENT) {
579
		return -EINVAL;
580
	}
581

582
	mutex_lock(&p->mutex);
583
	pdd = kfd_process_device_data_by_id(p, args->gpu_id);
584
	if (!pdd) {
585
		pr_debug("Could not find gpu id 0x%x\n", args->gpu_id);
586
		err = -EINVAL;
587
		goto err_pdd;
588
	}
589

590
	pdd = kfd_bind_process_to_device(pdd->dev, p);
591
	if (IS_ERR(pdd)) {
592
		err = -ESRCH;
593
		goto out;
594
	}
595

596
	default_policy = (args->default_policy == KFD_IOC_CACHE_POLICY_COHERENT)
597
			 ? cache_policy_coherent : cache_policy_noncoherent;
598

599
	alternate_policy =
600
		(args->alternate_policy == KFD_IOC_CACHE_POLICY_COHERENT)
601
		   ? cache_policy_coherent : cache_policy_noncoherent;
602

603
	if (!pdd->dev->dqm->ops.set_cache_memory_policy(pdd->dev->dqm,
604
				&pdd->qpd,
605
				default_policy,
606
				alternate_policy,
607
				(void __user *)args->alternate_aperture_base,
608
				args->alternate_aperture_size,
609
				args->misc_process_flag))
610
		err = -EINVAL;
611

612
out:
613
err_pdd:
614
	mutex_unlock(&p->mutex);
615

616
	return err;
617
}
618

619
static int kfd_ioctl_set_trap_handler(struct file *filep,
620
					struct kfd_process *p, void *data)
621
{
622
	struct kfd_ioctl_set_trap_handler_args *args = data;
623
	int err = 0;
624
	struct kfd_process_device *pdd;
625

626
	mutex_lock(&p->mutex);
627

628
	pdd = kfd_process_device_data_by_id(p, args->gpu_id);
629
	if (!pdd) {
630
		err = -EINVAL;
631
		goto err_pdd;
632
	}
633

634
	pdd = kfd_bind_process_to_device(pdd->dev, p);
635
	if (IS_ERR(pdd)) {
636
		err = -ESRCH;
637
		goto out;
638
	}
639

640
	kfd_process_set_trap_handler(&pdd->qpd, args->tba_addr, args->tma_addr);
641

642
out:
643
err_pdd:
644
	mutex_unlock(&p->mutex);
645

646
	return err;
647
}
648

649
static int kfd_ioctl_dbg_register(struct file *filep,
650
				struct kfd_process *p, void *data)
651
{
652
	return -EPERM;
653
}
654

655
static int kfd_ioctl_dbg_unregister(struct file *filep,
656
				struct kfd_process *p, void *data)
657
{
658
	return -EPERM;
659
}
660

661
static int kfd_ioctl_dbg_address_watch(struct file *filep,
662
					struct kfd_process *p, void *data)
663
{
664
	return -EPERM;
665
}
666

667
/* Parse and generate fixed size data structure for wave control */
668
static int kfd_ioctl_dbg_wave_control(struct file *filep,
669
					struct kfd_process *p, void *data)
670
{
671
	return -EPERM;
672
}
673

674
static int kfd_ioctl_get_clock_counters(struct file *filep,
675
				struct kfd_process *p, void *data)
676
{
677
	struct kfd_ioctl_get_clock_counters_args *args = data;
678
	struct kfd_process_device *pdd;
679

680
	mutex_lock(&p->mutex);
681
	pdd = kfd_process_device_data_by_id(p, args->gpu_id);
682
	mutex_unlock(&p->mutex);
683
	if (pdd)
684
		/* Reading GPU clock counter from KGD */
685
		args->gpu_clock_counter = amdgpu_amdkfd_get_gpu_clock_counter(pdd->dev->adev);
686
	else
687
		/* Node without GPU resource */
688
		args->gpu_clock_counter = 0;
689

690
	/* No access to rdtsc. Using raw monotonic time */
691
	args->cpu_clock_counter = ktime_get_raw_ns();
692
	args->system_clock_counter = ktime_get_boottime_ns();
693

694
	/* Since the counter is in nano-seconds we use 1GHz frequency */
695
	args->system_clock_freq = 1000000000;
696

697
	return 0;
698
}
699

700

701
static int kfd_ioctl_get_process_apertures(struct file *filp,
702
				struct kfd_process *p, void *data)
703
{
704
	struct kfd_ioctl_get_process_apertures_args *args = data;
705
	struct kfd_process_device_apertures *pAperture;
706
	int i;
707

708
	dev_dbg(kfd_device, "get apertures for process pid %d", p->lead_thread->pid);
709

710
	args->num_of_nodes = 0;
711

712
	mutex_lock(&p->mutex);
713
	/* Run over all pdd of the process */
714
	for (i = 0; i < p->n_pdds; i++) {
715
		struct kfd_process_device *pdd = p->pdds[i];
716

717
		pAperture =
718
			&args->process_apertures[args->num_of_nodes];
719
		pAperture->gpu_id = pdd->dev->id;
720
		pAperture->lds_base = pdd->lds_base;
721
		pAperture->lds_limit = pdd->lds_limit;
722
		pAperture->gpuvm_base = pdd->gpuvm_base;
723
		pAperture->gpuvm_limit = pdd->gpuvm_limit;
724
		pAperture->scratch_base = pdd->scratch_base;
725
		pAperture->scratch_limit = pdd->scratch_limit;
726

727
		dev_dbg(kfd_device,
728
			"node id %u\n", args->num_of_nodes);
729
		dev_dbg(kfd_device,
730
			"gpu id %u\n", pdd->dev->id);
731
		dev_dbg(kfd_device,
732
			"lds_base %llX\n", pdd->lds_base);
733
		dev_dbg(kfd_device,
734
			"lds_limit %llX\n", pdd->lds_limit);
735
		dev_dbg(kfd_device,
736
			"gpuvm_base %llX\n", pdd->gpuvm_base);
737
		dev_dbg(kfd_device,
738
			"gpuvm_limit %llX\n", pdd->gpuvm_limit);
739
		dev_dbg(kfd_device,
740
			"scratch_base %llX\n", pdd->scratch_base);
741
		dev_dbg(kfd_device,
742
			"scratch_limit %llX\n", pdd->scratch_limit);
743

744
		if (++args->num_of_nodes >= NUM_OF_SUPPORTED_GPUS)
745
			break;
746
	}
747
	mutex_unlock(&p->mutex);
748

749
	return 0;
750
}
751

752
static int kfd_ioctl_get_process_apertures_new(struct file *filp,
753
				struct kfd_process *p, void *data)
754
{
755
	struct kfd_ioctl_get_process_apertures_new_args *args = data;
756
	struct kfd_process_device_apertures *pa;
757
	int ret;
758
	int i;
759

760
	dev_dbg(kfd_device, "get apertures for process pid %d",
761
			p->lead_thread->pid);
762

763
	if (args->num_of_nodes == 0) {
764
		/* Return number of nodes, so that user space can alloacate
765
		 * sufficient memory
766
		 */
767
		mutex_lock(&p->mutex);
768
		args->num_of_nodes = p->n_pdds;
769
		goto out_unlock;
770
	}
771

772
	/* Fill in process-aperture information for all available
773
	 * nodes, but not more than args->num_of_nodes as that is
774
	 * the amount of memory allocated by user
775
	 */
776
	pa = kcalloc(args->num_of_nodes, sizeof(struct kfd_process_device_apertures),
777
		     GFP_KERNEL);
778
	if (!pa)
779
		return -ENOMEM;
780

781
	mutex_lock(&p->mutex);
782

783
	if (!p->n_pdds) {
784
		args->num_of_nodes = 0;
785
		kfree(pa);
786
		goto out_unlock;
787
	}
788

789
	/* Run over all pdd of the process */
790
	for (i = 0; i < min(p->n_pdds, args->num_of_nodes); i++) {
791
		struct kfd_process_device *pdd = p->pdds[i];
792

793
		pa[i].gpu_id = pdd->dev->id;
794
		pa[i].lds_base = pdd->lds_base;
795
		pa[i].lds_limit = pdd->lds_limit;
796
		pa[i].gpuvm_base = pdd->gpuvm_base;
797
		pa[i].gpuvm_limit = pdd->gpuvm_limit;
798
		pa[i].scratch_base = pdd->scratch_base;
799
		pa[i].scratch_limit = pdd->scratch_limit;
800

801
		dev_dbg(kfd_device,
802
			"gpu id %u\n", pdd->dev->id);
803
		dev_dbg(kfd_device,
804
			"lds_base %llX\n", pdd->lds_base);
805
		dev_dbg(kfd_device,
806
			"lds_limit %llX\n", pdd->lds_limit);
807
		dev_dbg(kfd_device,
808
			"gpuvm_base %llX\n", pdd->gpuvm_base);
809
		dev_dbg(kfd_device,
810
			"gpuvm_limit %llX\n", pdd->gpuvm_limit);
811
		dev_dbg(kfd_device,
812
			"scratch_base %llX\n", pdd->scratch_base);
813
		dev_dbg(kfd_device,
814
			"scratch_limit %llX\n", pdd->scratch_limit);
815
	}
816
	mutex_unlock(&p->mutex);
817

818
	args->num_of_nodes = i;
819
	ret = copy_to_user(
820
			(void __user *)args->kfd_process_device_apertures_ptr,
821
			pa,
822
			(i * sizeof(struct kfd_process_device_apertures)));
823
	kfree(pa);
824
	return ret ? -EFAULT : 0;
825

826
out_unlock:
827
	mutex_unlock(&p->mutex);
828
	return 0;
829
}
830

831
static int kfd_ioctl_create_event(struct file *filp, struct kfd_process *p,
832
					void *data)
833
{
834
	struct kfd_ioctl_create_event_args *args = data;
835
	int err;
836

837
	/* For dGPUs the event page is allocated in user mode. The
838
	 * handle is passed to KFD with the first call to this IOCTL
839
	 * through the event_page_offset field.
840
	 */
841
	if (args->event_page_offset) {
842
		mutex_lock(&p->mutex);
843
		err = kfd_kmap_event_page(p, args->event_page_offset);
844
		mutex_unlock(&p->mutex);
845
		if (err)
846
			return err;
847
	}
848

849
	err = kfd_event_create(filp, p, args->event_type,
850
				args->auto_reset != 0, args->node_id,
851
				&args->event_id, &args->event_trigger_data,
852
				&args->event_page_offset,
853
				&args->event_slot_index);
854

855
	pr_debug("Created event (id:0x%08x) (%s)\n", args->event_id, __func__);
856
	return err;
857
}
858

859
static int kfd_ioctl_destroy_event(struct file *filp, struct kfd_process *p,
860
					void *data)
861
{
862
	struct kfd_ioctl_destroy_event_args *args = data;
863

864
	return kfd_event_destroy(p, args->event_id);
865
}
866

867
static int kfd_ioctl_set_event(struct file *filp, struct kfd_process *p,
868
				void *data)
869
{
870
	struct kfd_ioctl_set_event_args *args = data;
871

872
	return kfd_set_event(p, args->event_id);
873
}
874

875
static int kfd_ioctl_reset_event(struct file *filp, struct kfd_process *p,
876
				void *data)
877
{
878
	struct kfd_ioctl_reset_event_args *args = data;
879

880
	return kfd_reset_event(p, args->event_id);
881
}
882

883
static int kfd_ioctl_wait_events(struct file *filp, struct kfd_process *p,
884
				void *data)
885
{
886
	struct kfd_ioctl_wait_events_args *args = data;
887

888
	return kfd_wait_on_events(p, args->num_events,
889
			(void __user *)args->events_ptr,
890
			(args->wait_for_all != 0),
891
			&args->timeout, &args->wait_result);
892
}
893
static int kfd_ioctl_set_scratch_backing_va(struct file *filep,
894
					struct kfd_process *p, void *data)
895
{
896
	struct kfd_ioctl_set_scratch_backing_va_args *args = data;
897
	struct kfd_process_device *pdd;
898
	struct kfd_node *dev;
899
	long err;
900

901
	mutex_lock(&p->mutex);
902
	pdd = kfd_process_device_data_by_id(p, args->gpu_id);
903
	if (!pdd) {
904
		err = -EINVAL;
905
		goto err_pdd;
906
	}
907
	dev = pdd->dev;
908

909
	pdd = kfd_bind_process_to_device(dev, p);
910
	if (IS_ERR(pdd)) {
911
		err = PTR_ERR(pdd);
912
		goto bind_process_to_device_fail;
913
	}
914

915
	pdd->qpd.sh_hidden_private_base = args->va_addr;
916

917
	mutex_unlock(&p->mutex);
918

919
	if (dev->dqm->sched_policy == KFD_SCHED_POLICY_NO_HWS &&
920
	    pdd->qpd.vmid != 0 && dev->kfd2kgd->set_scratch_backing_va)
921
		dev->kfd2kgd->set_scratch_backing_va(
922
			dev->adev, args->va_addr, pdd->qpd.vmid);
923

924
	return 0;
925

926
bind_process_to_device_fail:
927
err_pdd:
928
	mutex_unlock(&p->mutex);
929
	return err;
930
}
931

932
static int kfd_ioctl_get_tile_config(struct file *filep,
933
		struct kfd_process *p, void *data)
934
{
935
	struct kfd_ioctl_get_tile_config_args *args = data;
936
	struct kfd_process_device *pdd;
937
	struct tile_config config;
938
	int err = 0;
939

940
	mutex_lock(&p->mutex);
941
	pdd = kfd_process_device_data_by_id(p, args->gpu_id);
942
	mutex_unlock(&p->mutex);
943
	if (!pdd)
944
		return -EINVAL;
945

946
	amdgpu_amdkfd_get_tile_config(pdd->dev->adev, &config);
947

948
	args->gb_addr_config = config.gb_addr_config;
949
	args->num_banks = config.num_banks;
950
	args->num_ranks = config.num_ranks;
951

952
	if (args->num_tile_configs > config.num_tile_configs)
953
		args->num_tile_configs = config.num_tile_configs;
954
	err = copy_to_user((void __user *)args->tile_config_ptr,
955
			config.tile_config_ptr,
956
			args->num_tile_configs * sizeof(uint32_t));
957
	if (err) {
958
		args->num_tile_configs = 0;
959
		return -EFAULT;
960
	}
961

962
	if (args->num_macro_tile_configs > config.num_macro_tile_configs)
963
		args->num_macro_tile_configs =
964
				config.num_macro_tile_configs;
965
	err = copy_to_user((void __user *)args->macro_tile_config_ptr,
966
			config.macro_tile_config_ptr,
967
			args->num_macro_tile_configs * sizeof(uint32_t));
968
	if (err) {
969
		args->num_macro_tile_configs = 0;
970
		return -EFAULT;
971
	}
972

973
	return 0;
974
}
975

976
static int kfd_ioctl_acquire_vm(struct file *filep, struct kfd_process *p,
977
				void *data)
978
{
979
	struct kfd_ioctl_acquire_vm_args *args = data;
980
	struct kfd_process_device *pdd;
981
	struct file *drm_file;
982
	int ret;
983

984
	drm_file = fget(args->drm_fd);
985
	if (!drm_file)
986
		return -EINVAL;
987

988
	mutex_lock(&p->mutex);
989
	pdd = kfd_process_device_data_by_id(p, args->gpu_id);
990
	if (!pdd) {
991
		ret = -EINVAL;
992
		goto err_pdd;
993
	}
994

995
	if (pdd->drm_file) {
996
		ret = pdd->drm_file == drm_file ? 0 : -EBUSY;
997
		goto err_drm_file;
998
	}
999

1000
	ret = kfd_process_device_init_vm(pdd, drm_file);
1001
	if (ret)
1002
		goto err_unlock;
1003

1004
	/* On success, the PDD keeps the drm_file reference */
1005
	mutex_unlock(&p->mutex);
1006

1007
	return 0;
1008

1009
err_unlock:
1010
err_pdd:
1011
err_drm_file:
1012
	mutex_unlock(&p->mutex);
1013
	fput(drm_file);
1014
	return ret;
1015
}
1016

1017
bool kfd_dev_is_large_bar(struct kfd_node *dev)
1018
{
1019
	if (dev->kfd->adev->debug_largebar) {
1020
		pr_debug("Simulate large-bar allocation on non large-bar machine\n");
1021
		return true;
1022
	}
1023

1024
	if (dev->local_mem_info.local_mem_size_private == 0 &&
1025
	    dev->local_mem_info.local_mem_size_public > 0)
1026
		return true;
1027

1028
	if (dev->local_mem_info.local_mem_size_public == 0 &&
1029
	    dev->kfd->adev->gmc.is_app_apu) {
1030
		pr_debug("APP APU, Consider like a large bar system\n");
1031
		return true;
1032
	}
1033

1034
	return false;
1035
}
1036

1037
static int kfd_ioctl_get_available_memory(struct file *filep,
1038
					  struct kfd_process *p, void *data)
1039
{
1040
	struct kfd_ioctl_get_available_memory_args *args = data;
1041
	struct kfd_process_device *pdd = kfd_lock_pdd_by_id(p, args->gpu_id);
1042

1043
	if (!pdd)
1044
		return -EINVAL;
1045
	args->available = amdgpu_amdkfd_get_available_memory(pdd->dev->adev,
1046
							pdd->dev->node_id);
1047
	kfd_unlock_pdd(pdd);
1048
	return 0;
1049
}
1050

1051
static int kfd_ioctl_alloc_memory_of_gpu(struct file *filep,
1052
					struct kfd_process *p, void *data)
1053
{
1054
	struct kfd_ioctl_alloc_memory_of_gpu_args *args = data;
1055
	struct kfd_process_device *pdd;
1056
	void *mem;
1057
	struct kfd_node *dev;
1058
	int idr_handle;
1059
	long err;
1060
	uint64_t offset = args->mmap_offset;
1061
	uint32_t flags = args->flags;
1062

1063
	if (args->size == 0)
1064
		return -EINVAL;
1065

1066
#if IS_ENABLED(CONFIG_HSA_AMD_SVM)
1067
	/* Flush pending deferred work to avoid racing with deferred actions
1068
	 * from previous memory map changes (e.g. munmap).
1069
	 */
1070
	svm_range_list_lock_and_flush_work(&p->svms, current->mm);
1071
	mutex_lock(&p->svms.lock);
1072
	mmap_write_unlock(current->mm);
1073
	if (interval_tree_iter_first(&p->svms.objects,
1074
				     args->va_addr >> PAGE_SHIFT,
1075
				     (args->va_addr + args->size - 1) >> PAGE_SHIFT)) {
1076
		pr_err("Address: 0x%llx already allocated by SVM\n",
1077
			args->va_addr);
1078
		mutex_unlock(&p->svms.lock);
1079
		return -EADDRINUSE;
1080
	}
1081

1082
	/* When register user buffer check if it has been registered by svm by
1083
	 * buffer cpu virtual address.
1084
	 */
1085
	if ((flags & KFD_IOC_ALLOC_MEM_FLAGS_USERPTR) &&
1086
	    interval_tree_iter_first(&p->svms.objects,
1087
				     args->mmap_offset >> PAGE_SHIFT,
1088
				     (args->mmap_offset  + args->size - 1) >> PAGE_SHIFT)) {
1089
		pr_err("User Buffer Address: 0x%llx already allocated by SVM\n",
1090
			args->mmap_offset);
1091
		mutex_unlock(&p->svms.lock);
1092
		return -EADDRINUSE;
1093
	}
1094

1095
	mutex_unlock(&p->svms.lock);
1096
#endif
1097
	mutex_lock(&p->mutex);
1098
	pdd = kfd_process_device_data_by_id(p, args->gpu_id);
1099
	if (!pdd) {
1100
		err = -EINVAL;
1101
		goto err_pdd;
1102
	}
1103

1104
	dev = pdd->dev;
1105

1106
	if ((flags & KFD_IOC_ALLOC_MEM_FLAGS_PUBLIC) &&
1107
		(flags & KFD_IOC_ALLOC_MEM_FLAGS_VRAM) &&
1108
		!kfd_dev_is_large_bar(dev)) {
1109
		pr_err("Alloc host visible vram on small bar is not allowed\n");
1110
		err = -EINVAL;
1111
		goto err_large_bar;
1112
	}
1113

1114
	pdd = kfd_bind_process_to_device(dev, p);
1115
	if (IS_ERR(pdd)) {
1116
		err = PTR_ERR(pdd);
1117
		goto err_unlock;
1118
	}
1119

1120
	if (flags & KFD_IOC_ALLOC_MEM_FLAGS_DOORBELL) {
1121
		if (args->size != kfd_doorbell_process_slice(dev->kfd)) {
1122
			err = -EINVAL;
1123
			goto err_unlock;
1124
		}
1125
		offset = kfd_get_process_doorbells(pdd);
1126
		if (!offset) {
1127
			err = -ENOMEM;
1128
			goto err_unlock;
1129
		}
1130
	} else if (flags & KFD_IOC_ALLOC_MEM_FLAGS_MMIO_REMAP) {
1131
		if (args->size != PAGE_SIZE) {
1132
			err = -EINVAL;
1133
			goto err_unlock;
1134
		}
1135
		offset = dev->adev->rmmio_remap.bus_addr;
1136
		if (!offset || (PAGE_SIZE > 4096)) {
1137
			err = -ENOMEM;
1138
			goto err_unlock;
1139
		}
1140
	}
1141

1142
	err = amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu(
1143
		dev->adev, args->va_addr, args->size,
1144
		pdd->drm_priv, (struct kgd_mem **) &mem, &offset,
1145
		flags, false);
1146

1147
	if (err)
1148
		goto err_unlock;
1149

1150
	idr_handle = kfd_process_device_create_obj_handle(pdd, mem);
1151
	if (idr_handle < 0) {
1152
		err = -EFAULT;
1153
		goto err_free;
1154
	}
1155

1156
	/* Update the VRAM usage count */
1157
	if (flags & KFD_IOC_ALLOC_MEM_FLAGS_VRAM) {
1158
		uint64_t size = args->size;
1159

1160
		if (flags & KFD_IOC_ALLOC_MEM_FLAGS_AQL_QUEUE_MEM)
1161
			size >>= 1;
1162
		atomic64_add(PAGE_ALIGN(size), &pdd->vram_usage);
1163
	}
1164

1165
	mutex_unlock(&p->mutex);
1166

1167
	args->handle = MAKE_HANDLE(args->gpu_id, idr_handle);
1168
	args->mmap_offset = offset;
1169

1170
	/* MMIO is mapped through kfd device
1171
	 * Generate a kfd mmap offset
1172
	 */
1173
	if (flags & KFD_IOC_ALLOC_MEM_FLAGS_MMIO_REMAP)
1174
		args->mmap_offset = KFD_MMAP_TYPE_MMIO
1175
					| KFD_MMAP_GPU_ID(args->gpu_id);
1176

1177
	return 0;
1178

1179
err_free:
1180
	amdgpu_amdkfd_gpuvm_free_memory_of_gpu(dev->adev, (struct kgd_mem *)mem,
1181
					       pdd->drm_priv, NULL);
1182
err_unlock:
1183
err_pdd:
1184
err_large_bar:
1185
	mutex_unlock(&p->mutex);
1186
	return err;
1187
}
1188

1189
static int kfd_ioctl_free_memory_of_gpu(struct file *filep,
1190
					struct kfd_process *p, void *data)
1191
{
1192
	struct kfd_ioctl_free_memory_of_gpu_args *args = data;
1193
	struct kfd_process_device *pdd;
1194
	void *mem;
1195
	int ret;
1196
	uint64_t size = 0;
1197

1198
	mutex_lock(&p->mutex);
1199
	/*
1200
	 * Safeguard to prevent user space from freeing signal BO.
1201
	 * It will be freed at process termination.
1202
	 */
1203
	if (p->signal_handle && (p->signal_handle == args->handle)) {
1204
		pr_err("Free signal BO is not allowed\n");
1205
		ret = -EPERM;
1206
		goto err_unlock;
1207
	}
1208

1209
	pdd = kfd_process_device_data_by_id(p, GET_GPU_ID(args->handle));
1210
	if (!pdd) {
1211
		pr_err("Process device data doesn't exist\n");
1212
		ret = -EINVAL;
1213
		goto err_pdd;
1214
	}
1215

1216
	mem = kfd_process_device_translate_handle(
1217
		pdd, GET_IDR_HANDLE(args->handle));
1218
	if (!mem) {
1219
		ret = -EINVAL;
1220
		goto err_unlock;
1221
	}
1222

1223
	ret = amdgpu_amdkfd_gpuvm_free_memory_of_gpu(pdd->dev->adev,
1224
				(struct kgd_mem *)mem, pdd->drm_priv, &size);
1225

1226
	/* If freeing the buffer failed, leave the handle in place for
1227
	 * clean-up during process tear-down.
1228
	 */
1229
	if (!ret)
1230
		kfd_process_device_remove_obj_handle(
1231
			pdd, GET_IDR_HANDLE(args->handle));
1232

1233
	atomic64_sub(size, &pdd->vram_usage);
1234

1235
err_unlock:
1236
err_pdd:
1237
	mutex_unlock(&p->mutex);
1238
	return ret;
1239
}
1240

1241
static int kfd_ioctl_map_memory_to_gpu(struct file *filep,
1242
					struct kfd_process *p, void *data)
1243
{
1244
	struct kfd_ioctl_map_memory_to_gpu_args *args = data;
1245
	struct kfd_process_device *pdd, *peer_pdd;
1246
	void *mem;
1247
	struct kfd_node *dev;
1248
	long err = 0;
1249
	int i;
1250
	uint32_t *devices_arr = NULL;
1251

1252
	if (!args->n_devices) {
1253
		pr_debug("Device IDs array empty\n");
1254
		return -EINVAL;
1255
	}
1256
	if (args->n_success > args->n_devices) {
1257
		pr_debug("n_success exceeds n_devices\n");
1258
		return -EINVAL;
1259
	}
1260

1261
	devices_arr = kmalloc_array(args->n_devices, sizeof(*devices_arr),
1262
				    GFP_KERNEL);
1263
	if (!devices_arr)
1264
		return -ENOMEM;
1265

1266
	err = copy_from_user(devices_arr,
1267
			     (void __user *)args->device_ids_array_ptr,
1268
			     args->n_devices * sizeof(*devices_arr));
1269
	if (err != 0) {
1270
		err = -EFAULT;
1271
		goto copy_from_user_failed;
1272
	}
1273

1274
	mutex_lock(&p->mutex);
1275
	pdd = kfd_process_device_data_by_id(p, GET_GPU_ID(args->handle));
1276
	if (!pdd) {
1277
		err = -EINVAL;
1278
		goto get_process_device_data_failed;
1279
	}
1280
	dev = pdd->dev;
1281

1282
	pdd = kfd_bind_process_to_device(dev, p);
1283
	if (IS_ERR(pdd)) {
1284
		err = PTR_ERR(pdd);
1285
		goto bind_process_to_device_failed;
1286
	}
1287

1288
	mem = kfd_process_device_translate_handle(pdd,
1289
						GET_IDR_HANDLE(args->handle));
1290
	if (!mem) {
1291
		err = -ENOMEM;
1292
		goto get_mem_obj_from_handle_failed;
1293
	}
1294

1295
	for (i = args->n_success; i < args->n_devices; i++) {
1296
		peer_pdd = kfd_process_device_data_by_id(p, devices_arr[i]);
1297
		if (!peer_pdd) {
1298
			pr_debug("Getting device by id failed for 0x%x\n",
1299
				 devices_arr[i]);
1300
			err = -EINVAL;
1301
			goto get_mem_obj_from_handle_failed;
1302
		}
1303

1304
		peer_pdd = kfd_bind_process_to_device(peer_pdd->dev, p);
1305
		if (IS_ERR(peer_pdd)) {
1306
			err = PTR_ERR(peer_pdd);
1307
			goto get_mem_obj_from_handle_failed;
1308
		}
1309

1310
		err = amdgpu_amdkfd_gpuvm_map_memory_to_gpu(
1311
			peer_pdd->dev->adev, (struct kgd_mem *)mem,
1312
			peer_pdd->drm_priv);
1313
		if (err) {
1314
			struct pci_dev *pdev = peer_pdd->dev->adev->pdev;
1315

1316
			dev_err(dev->adev->dev,
1317
			       "Failed to map peer:%04x:%02x:%02x.%d mem_domain:%d\n",
1318
			       pci_domain_nr(pdev->bus),
1319
			       pdev->bus->number,
1320
			       PCI_SLOT(pdev->devfn),
1321
			       PCI_FUNC(pdev->devfn),
1322
			       ((struct kgd_mem *)mem)->domain);
1323
			goto map_memory_to_gpu_failed;
1324
		}
1325
		args->n_success = i+1;
1326
	}
1327

1328
	err = amdgpu_amdkfd_gpuvm_sync_memory(dev->adev, (struct kgd_mem *) mem, true);
1329
	if (err) {
1330
		pr_debug("Sync memory failed, wait interrupted by user signal\n");
1331
		goto sync_memory_failed;
1332
	}
1333

1334
	mutex_unlock(&p->mutex);
1335

1336
	/* Flush TLBs after waiting for the page table updates to complete */
1337
	for (i = 0; i < args->n_devices; i++) {
1338
		peer_pdd = kfd_process_device_data_by_id(p, devices_arr[i]);
1339
		if (WARN_ON_ONCE(!peer_pdd))
1340
			continue;
1341
		kfd_flush_tlb(peer_pdd, TLB_FLUSH_LEGACY);
1342
	}
1343
	kfree(devices_arr);
1344

1345
	return err;
1346

1347
get_process_device_data_failed:
1348
bind_process_to_device_failed:
1349
get_mem_obj_from_handle_failed:
1350
map_memory_to_gpu_failed:
1351
sync_memory_failed:
1352
	mutex_unlock(&p->mutex);
1353
copy_from_user_failed:
1354
	kfree(devices_arr);
1355

1356
	return err;
1357
}
1358

1359
static int kfd_ioctl_unmap_memory_from_gpu(struct file *filep,
1360
					struct kfd_process *p, void *data)
1361
{
1362
	struct kfd_ioctl_unmap_memory_from_gpu_args *args = data;
1363
	struct kfd_process_device *pdd, *peer_pdd;
1364
	void *mem;
1365
	long err = 0;
1366
	uint32_t *devices_arr = NULL, i;
1367
	bool flush_tlb;
1368

1369
	if (!args->n_devices) {
1370
		pr_debug("Device IDs array empty\n");
1371
		return -EINVAL;
1372
	}
1373
	if (args->n_success > args->n_devices) {
1374
		pr_debug("n_success exceeds n_devices\n");
1375
		return -EINVAL;
1376
	}
1377

1378
	devices_arr = kmalloc_array(args->n_devices, sizeof(*devices_arr),
1379
				    GFP_KERNEL);
1380
	if (!devices_arr)
1381
		return -ENOMEM;
1382

1383
	err = copy_from_user(devices_arr,
1384
			     (void __user *)args->device_ids_array_ptr,
1385
			     args->n_devices * sizeof(*devices_arr));
1386
	if (err != 0) {
1387
		err = -EFAULT;
1388
		goto copy_from_user_failed;
1389
	}
1390

1391
	mutex_lock(&p->mutex);
1392
	pdd = kfd_process_device_data_by_id(p, GET_GPU_ID(args->handle));
1393
	if (!pdd) {
1394
		err = -EINVAL;
1395
		goto bind_process_to_device_failed;
1396
	}
1397

1398
	mem = kfd_process_device_translate_handle(pdd,
1399
						GET_IDR_HANDLE(args->handle));
1400
	if (!mem) {
1401
		err = -ENOMEM;
1402
		goto get_mem_obj_from_handle_failed;
1403
	}
1404

1405
	for (i = args->n_success; i < args->n_devices; i++) {
1406
		peer_pdd = kfd_process_device_data_by_id(p, devices_arr[i]);
1407
		if (!peer_pdd) {
1408
			err = -EINVAL;
1409
			goto get_mem_obj_from_handle_failed;
1410
		}
1411
		err = amdgpu_amdkfd_gpuvm_unmap_memory_from_gpu(
1412
			peer_pdd->dev->adev, (struct kgd_mem *)mem, peer_pdd->drm_priv);
1413
		if (err) {
1414
			pr_debug("Failed to unmap from gpu %d/%d\n", i, args->n_devices);
1415
			goto unmap_memory_from_gpu_failed;
1416
		}
1417
		args->n_success = i+1;
1418
	}
1419

1420
	flush_tlb = kfd_flush_tlb_after_unmap(pdd->dev->kfd);
1421
	if (flush_tlb) {
1422
		err = amdgpu_amdkfd_gpuvm_sync_memory(pdd->dev->adev,
1423
				(struct kgd_mem *) mem, true);
1424
		if (err) {
1425
			pr_debug("Sync memory failed, wait interrupted by user signal\n");
1426
			goto sync_memory_failed;
1427
		}
1428
	}
1429

1430
	/* Flush TLBs after waiting for the page table updates to complete */
1431
	for (i = 0; i < args->n_devices; i++) {
1432
		peer_pdd = kfd_process_device_data_by_id(p, devices_arr[i]);
1433
		if (WARN_ON_ONCE(!peer_pdd))
1434
			continue;
1435
		if (flush_tlb)
1436
			kfd_flush_tlb(peer_pdd, TLB_FLUSH_HEAVYWEIGHT);
1437

1438
		/* Remove dma mapping after tlb flush to avoid IO_PAGE_FAULT */
1439
		err = amdgpu_amdkfd_gpuvm_dmaunmap_mem(mem, peer_pdd->drm_priv);
1440
		if (err)
1441
			goto sync_memory_failed;
1442
	}
1443

1444
	mutex_unlock(&p->mutex);
1445

1446
	kfree(devices_arr);
1447

1448
	return 0;
1449

1450
bind_process_to_device_failed:
1451
get_mem_obj_from_handle_failed:
1452
unmap_memory_from_gpu_failed:
1453
sync_memory_failed:
1454
	mutex_unlock(&p->mutex);
1455
copy_from_user_failed:
1456
	kfree(devices_arr);
1457
	return err;
1458
}
1459

1460
static int kfd_ioctl_alloc_queue_gws(struct file *filep,
1461
		struct kfd_process *p, void *data)
1462
{
1463
	int retval;
1464
	struct kfd_ioctl_alloc_queue_gws_args *args = data;
1465
	struct queue *q;
1466
	struct kfd_node *dev;
1467

1468
	mutex_lock(&p->mutex);
1469
	q = pqm_get_user_queue(&p->pqm, args->queue_id);
1470

1471
	if (q) {
1472
		dev = q->device;
1473
	} else {
1474
		retval = -EINVAL;
1475
		goto out_unlock;
1476
	}
1477

1478
	if (!dev->gws) {
1479
		retval = -ENODEV;
1480
		goto out_unlock;
1481
	}
1482

1483
	if (dev->dqm->sched_policy == KFD_SCHED_POLICY_NO_HWS) {
1484
		retval = -ENODEV;
1485
		goto out_unlock;
1486
	}
1487

1488
	if (p->debug_trap_enabled && (!kfd_dbg_has_gws_support(dev) ||
1489
				      kfd_dbg_has_cwsr_workaround(dev))) {
1490
		retval = -EBUSY;
1491
		goto out_unlock;
1492
	}
1493

1494
	retval = pqm_set_gws(&p->pqm, args->queue_id, args->num_gws ? dev->gws : NULL);
1495
	mutex_unlock(&p->mutex);
1496

1497
	args->first_gws = 0;
1498
	return retval;
1499

1500
out_unlock:
1501
	mutex_unlock(&p->mutex);
1502
	return retval;
1503
}
1504

1505
static int kfd_ioctl_get_dmabuf_info(struct file *filep,
1506
		struct kfd_process *p, void *data)
1507
{
1508
	struct kfd_ioctl_get_dmabuf_info_args *args = data;
1509
	struct kfd_node *dev = NULL;
1510
	struct amdgpu_device *dmabuf_adev;
1511
	void *metadata_buffer = NULL;
1512
	uint32_t flags;
1513
	int8_t xcp_id;
1514
	unsigned int i;
1515
	int r;
1516

1517
	/* Find a KFD GPU device that supports the get_dmabuf_info query */
1518
	for (i = 0; kfd_topology_enum_kfd_devices(i, &dev) == 0; i++)
1519
		if (dev && !kfd_devcgroup_check_permission(dev))
1520
			break;
1521
	if (!dev)
1522
		return -EINVAL;
1523

1524
	if (args->metadata_ptr) {
1525
		metadata_buffer = kzalloc(args->metadata_size, GFP_KERNEL);
1526
		if (!metadata_buffer)
1527
			return -ENOMEM;
1528
	}
1529

1530
	/* Get dmabuf info from KGD */
1531
	r = amdgpu_amdkfd_get_dmabuf_info(dev->adev, args->dmabuf_fd,
1532
					  &dmabuf_adev, &args->size,
1533
					  metadata_buffer, args->metadata_size,
1534
					  &args->metadata_size, &flags, &xcp_id);
1535
	if (r)
1536
		goto exit;
1537

1538
	if (xcp_id >= 0)
1539
		args->gpu_id = dmabuf_adev->kfd.dev->nodes[xcp_id]->id;
1540
	else
1541
		args->gpu_id = dev->id;
1542
	args->flags = flags;
1543

1544
	/* Copy metadata buffer to user mode */
1545
	if (metadata_buffer) {
1546
		r = copy_to_user((void __user *)args->metadata_ptr,
1547
				 metadata_buffer, args->metadata_size);
1548
		if (r != 0)
1549
			r = -EFAULT;
1550
	}
1551

1552
exit:
1553
	kfree(metadata_buffer);
1554

1555
	return r;
1556
}
1557

1558
static int kfd_ioctl_import_dmabuf(struct file *filep,
1559
				   struct kfd_process *p, void *data)
1560
{
1561
	struct kfd_ioctl_import_dmabuf_args *args = data;
1562
	struct kfd_process_device *pdd;
1563
	int idr_handle;
1564
	uint64_t size;
1565
	void *mem;
1566
	int r;
1567

1568
	mutex_lock(&p->mutex);
1569
	pdd = kfd_process_device_data_by_id(p, args->gpu_id);
1570
	if (!pdd) {
1571
		r = -EINVAL;
1572
		goto err_unlock;
1573
	}
1574

1575
	pdd = kfd_bind_process_to_device(pdd->dev, p);
1576
	if (IS_ERR(pdd)) {
1577
		r = PTR_ERR(pdd);
1578
		goto err_unlock;
1579
	}
1580

1581
	r = amdgpu_amdkfd_gpuvm_import_dmabuf_fd(pdd->dev->adev, args->dmabuf_fd,
1582
						 args->va_addr, pdd->drm_priv,
1583
						 (struct kgd_mem **)&mem, &size,
1584
						 NULL);
1585
	if (r)
1586
		goto err_unlock;
1587

1588
	idr_handle = kfd_process_device_create_obj_handle(pdd, mem);
1589
	if (idr_handle < 0) {
1590
		r = -EFAULT;
1591
		goto err_free;
1592
	}
1593

1594
	mutex_unlock(&p->mutex);
1595

1596
	args->handle = MAKE_HANDLE(args->gpu_id, idr_handle);
1597

1598
	return 0;
1599

1600
err_free:
1601
	amdgpu_amdkfd_gpuvm_free_memory_of_gpu(pdd->dev->adev, (struct kgd_mem *)mem,
1602
					       pdd->drm_priv, NULL);
1603
err_unlock:
1604
	mutex_unlock(&p->mutex);
1605
	return r;
1606
}
1607

1608
static int kfd_ioctl_export_dmabuf(struct file *filep,
1609
				   struct kfd_process *p, void *data)
1610
{
1611
	struct kfd_ioctl_export_dmabuf_args *args = data;
1612
	struct kfd_process_device *pdd;
1613
	struct dma_buf *dmabuf;
1614
	struct kfd_node *dev;
1615
	void *mem;
1616
	int ret = 0;
1617

1618
	dev = kfd_device_by_id(GET_GPU_ID(args->handle));
1619
	if (!dev)
1620
		return -EINVAL;
1621

1622
	mutex_lock(&p->mutex);
1623

1624
	pdd = kfd_get_process_device_data(dev, p);
1625
	if (!pdd) {
1626
		ret = -EINVAL;
1627
		goto err_unlock;
1628
	}
1629

1630
	mem = kfd_process_device_translate_handle(pdd,
1631
						GET_IDR_HANDLE(args->handle));
1632
	if (!mem) {
1633
		ret = -EINVAL;
1634
		goto err_unlock;
1635
	}
1636

1637
	ret = amdgpu_amdkfd_gpuvm_export_dmabuf(mem, &dmabuf);
1638
	mutex_unlock(&p->mutex);
1639
	if (ret)
1640
		goto err_out;
1641

1642
	ret = dma_buf_fd(dmabuf, args->flags);
1643
	if (ret < 0) {
1644
		dma_buf_put(dmabuf);
1645
		goto err_out;
1646
	}
1647
	/* dma_buf_fd assigns the reference count to the fd, no need to
1648
	 * put the reference here.
1649
	 */
1650
	args->dmabuf_fd = ret;
1651

1652
	return 0;
1653

1654
err_unlock:
1655
	mutex_unlock(&p->mutex);
1656
err_out:
1657
	return ret;
1658
}
1659

1660
/* Handle requests for watching SMI events */
1661
static int kfd_ioctl_smi_events(struct file *filep,
1662
				struct kfd_process *p, void *data)
1663
{
1664
	struct kfd_ioctl_smi_events_args *args = data;
1665
	struct kfd_process_device *pdd;
1666

1667
	mutex_lock(&p->mutex);
1668

1669
	pdd = kfd_process_device_data_by_id(p, args->gpuid);
1670
	mutex_unlock(&p->mutex);
1671
	if (!pdd)
1672
		return -EINVAL;
1673

1674
	return kfd_smi_event_open(pdd->dev, &args->anon_fd);
1675
}
1676

1677
#if IS_ENABLED(CONFIG_HSA_AMD_SVM)
1678

1679
static int kfd_ioctl_set_xnack_mode(struct file *filep,
1680
				    struct kfd_process *p, void *data)
1681
{
1682
	struct kfd_ioctl_set_xnack_mode_args *args = data;
1683
	int r = 0;
1684

1685
	mutex_lock(&p->mutex);
1686
	if (args->xnack_enabled >= 0) {
1687
		if (!list_empty(&p->pqm.queues)) {
1688
			pr_debug("Process has user queues running\n");
1689
			r = -EBUSY;
1690
			goto out_unlock;
1691
		}
1692

1693
		if (p->xnack_enabled == args->xnack_enabled)
1694
			goto out_unlock;
1695

1696
		if (args->xnack_enabled && !kfd_process_xnack_mode(p, true)) {
1697
			r = -EPERM;
1698
			goto out_unlock;
1699
		}
1700

1701
		r = svm_range_switch_xnack_reserve_mem(p, args->xnack_enabled);
1702
	} else {
1703
		args->xnack_enabled = p->xnack_enabled;
1704
	}
1705

1706
out_unlock:
1707
	mutex_unlock(&p->mutex);
1708

1709
	return r;
1710
}
1711

1712
static int kfd_ioctl_svm(struct file *filep, struct kfd_process *p, void *data)
1713
{
1714
	struct kfd_ioctl_svm_args *args = data;
1715
	int r = 0;
1716

1717
	pr_debug("start 0x%llx size 0x%llx op 0x%x nattr 0x%x\n",
1718
		 args->start_addr, args->size, args->op, args->nattr);
1719

1720
	if ((args->start_addr & ~PAGE_MASK) || (args->size & ~PAGE_MASK))
1721
		return -EINVAL;
1722
	if (!args->start_addr || !args->size)
1723
		return -EINVAL;
1724

1725
	r = svm_ioctl(p, args->op, args->start_addr, args->size, args->nattr,
1726
		      args->attrs);
1727

1728
	return r;
1729
}
1730
#else
1731
static int kfd_ioctl_set_xnack_mode(struct file *filep,
1732
				    struct kfd_process *p, void *data)
1733
{
1734
	return -EPERM;
1735
}
1736
static int kfd_ioctl_svm(struct file *filep, struct kfd_process *p, void *data)
1737
{
1738
	return -EPERM;
1739
}
1740
#endif
1741

1742
static int criu_checkpoint_process(struct kfd_process *p,
1743
			     uint8_t __user *user_priv_data,
1744
			     uint64_t *priv_offset)
1745
{
1746
	struct kfd_criu_process_priv_data process_priv;
1747
	int ret;
1748

1749
	memset(&process_priv, 0, sizeof(process_priv));
1750

1751
	process_priv.version = KFD_CRIU_PRIV_VERSION;
1752
	/* For CR, we don't consider negative xnack mode which is used for
1753
	 * querying without changing it, here 0 simply means disabled and 1
1754
	 * means enabled so retry for finding a valid PTE.
1755
	 */
1756
	process_priv.xnack_mode = p->xnack_enabled ? 1 : 0;
1757

1758
	ret = copy_to_user(user_priv_data + *priv_offset,
1759
				&process_priv, sizeof(process_priv));
1760

1761
	if (ret) {
1762
		pr_err("Failed to copy process information to user\n");
1763
		ret = -EFAULT;
1764
	}
1765

1766
	*priv_offset += sizeof(process_priv);
1767
	return ret;
1768
}
1769

1770
static int criu_checkpoint_devices(struct kfd_process *p,
1771
			     uint32_t num_devices,
1772
			     uint8_t __user *user_addr,
1773
			     uint8_t __user *user_priv_data,
1774
			     uint64_t *priv_offset)
1775
{
1776
	struct kfd_criu_device_priv_data *device_priv = NULL;
1777
	struct kfd_criu_device_bucket *device_buckets = NULL;
1778
	int ret = 0, i;
1779

1780
	device_buckets = kvzalloc(num_devices * sizeof(*device_buckets), GFP_KERNEL);
1781
	if (!device_buckets) {
1782
		ret = -ENOMEM;
1783
		goto exit;
1784
	}
1785

1786
	device_priv = kvzalloc(num_devices * sizeof(*device_priv), GFP_KERNEL);
1787
	if (!device_priv) {
1788
		ret = -ENOMEM;
1789
		goto exit;
1790
	}
1791

1792
	for (i = 0; i < num_devices; i++) {
1793
		struct kfd_process_device *pdd = p->pdds[i];
1794

1795
		device_buckets[i].user_gpu_id = pdd->user_gpu_id;
1796
		device_buckets[i].actual_gpu_id = pdd->dev->id;
1797

1798
		/*
1799
		 * priv_data does not contain useful information for now and is reserved for
1800
		 * future use, so we do not set its contents.
1801
		 */
1802
	}
1803

1804
	ret = copy_to_user(user_addr, device_buckets, num_devices * sizeof(*device_buckets));
1805
	if (ret) {
1806
		pr_err("Failed to copy device information to user\n");
1807
		ret = -EFAULT;
1808
		goto exit;
1809
	}
1810

1811
	ret = copy_to_user(user_priv_data + *priv_offset,
1812
			   device_priv,
1813
			   num_devices * sizeof(*device_priv));
1814
	if (ret) {
1815
		pr_err("Failed to copy device information to user\n");
1816
		ret = -EFAULT;
1817
	}
1818
	*priv_offset += num_devices * sizeof(*device_priv);
1819

1820
exit:
1821
	kvfree(device_buckets);
1822
	kvfree(device_priv);
1823
	return ret;
1824
}
1825

1826
static uint32_t get_process_num_bos(struct kfd_process *p)
1827
{
1828
	uint32_t num_of_bos = 0;
1829
	int i;
1830

1831
	/* Run over all PDDs of the process */
1832
	for (i = 0; i < p->n_pdds; i++) {
1833
		struct kfd_process_device *pdd = p->pdds[i];
1834
		void *mem;
1835
		int id;
1836

1837
		idr_for_each_entry(&pdd->alloc_idr, mem, id) {
1838
			struct kgd_mem *kgd_mem = (struct kgd_mem *)mem;
1839

1840
			if (!kgd_mem->va || kgd_mem->va > pdd->gpuvm_base)
1841
				num_of_bos++;
1842
		}
1843
	}
1844
	return num_of_bos;
1845
}
1846

1847
static int criu_get_prime_handle(struct kgd_mem *mem,
1848
				 int flags, u32 *shared_fd,
1849
				 struct file **file)
1850
{
1851
	struct dma_buf *dmabuf;
1852
	int ret;
1853

1854
	ret = amdgpu_amdkfd_gpuvm_export_dmabuf(mem, &dmabuf);
1855
	if (ret) {
1856
		pr_err("dmabuf export failed for the BO\n");
1857
		return ret;
1858
	}
1859

1860
	ret = get_unused_fd_flags(flags);
1861
	if (ret < 0) {
1862
		pr_err("dmabuf create fd failed, ret:%d\n", ret);
1863
		goto out_free_dmabuf;
1864
	}
1865

1866
	*shared_fd = ret;
1867
	*file = dmabuf->file;
1868
	return 0;
1869

1870
out_free_dmabuf:
1871
	dma_buf_put(dmabuf);
1872
	return ret;
1873
}
1874

1875
static void commit_files(struct file **files,
1876
			 struct kfd_criu_bo_bucket *bo_buckets,
1877
			 unsigned int count,
1878
			 int err)
1879
{
1880
	while (count--) {
1881
		struct file *file = files[count];
1882

1883
		if (!file)
1884
			continue;
1885
		if (err) {
1886
			fput(file);
1887
			put_unused_fd(bo_buckets[count].dmabuf_fd);
1888
		} else {
1889
			fd_install(bo_buckets[count].dmabuf_fd, file);
1890
		}
1891
	}
1892
}
1893

1894
static int criu_checkpoint_bos(struct kfd_process *p,
1895
			       uint32_t num_bos,
1896
			       uint8_t __user *user_bos,
1897
			       uint8_t __user *user_priv_data,
1898
			       uint64_t *priv_offset)
1899
{
1900
	struct kfd_criu_bo_bucket *bo_buckets;
1901
	struct kfd_criu_bo_priv_data *bo_privs;
1902
	struct file **files = NULL;
1903
	int ret = 0, pdd_index, bo_index = 0, id;
1904
	void *mem;
1905

1906
	bo_buckets = kvzalloc(num_bos * sizeof(*bo_buckets), GFP_KERNEL);
1907
	if (!bo_buckets)
1908
		return -ENOMEM;
1909

1910
	bo_privs = kvzalloc(num_bos * sizeof(*bo_privs), GFP_KERNEL);
1911
	if (!bo_privs) {
1912
		ret = -ENOMEM;
1913
		goto exit;
1914
	}
1915

1916
	files = kvzalloc(num_bos * sizeof(struct file *), GFP_KERNEL);
1917
	if (!files) {
1918
		ret = -ENOMEM;
1919
		goto exit;
1920
	}
1921

1922
	for (pdd_index = 0; pdd_index < p->n_pdds; pdd_index++) {
1923
		struct kfd_process_device *pdd = p->pdds[pdd_index];
1924
		struct amdgpu_bo *dumper_bo;
1925
		struct kgd_mem *kgd_mem;
1926

1927
		idr_for_each_entry(&pdd->alloc_idr, mem, id) {
1928
			struct kfd_criu_bo_bucket *bo_bucket;
1929
			struct kfd_criu_bo_priv_data *bo_priv;
1930
			int i, dev_idx = 0;
1931

1932
			kgd_mem = (struct kgd_mem *)mem;
1933
			dumper_bo = kgd_mem->bo;
1934

1935
			/* Skip checkpointing BOs that are used for Trap handler
1936
			 * code and state. Currently, these BOs have a VA that
1937
			 * is less GPUVM Base
1938
			 */
1939
			if (kgd_mem->va && kgd_mem->va <= pdd->gpuvm_base)
1940
				continue;
1941

1942
			bo_bucket = &bo_buckets[bo_index];
1943
			bo_priv = &bo_privs[bo_index];
1944

1945
			bo_bucket->gpu_id = pdd->user_gpu_id;
1946
			bo_bucket->addr = (uint64_t)kgd_mem->va;
1947
			bo_bucket->size = amdgpu_bo_size(dumper_bo);
1948
			bo_bucket->alloc_flags = (uint32_t)kgd_mem->alloc_flags;
1949
			bo_priv->idr_handle = id;
1950

1951
			if (bo_bucket->alloc_flags & KFD_IOC_ALLOC_MEM_FLAGS_USERPTR) {
1952
				ret = amdgpu_ttm_tt_get_userptr(&dumper_bo->tbo,
1953
								&bo_priv->user_addr);
1954
				if (ret) {
1955
					pr_err("Failed to obtain user address for user-pointer bo\n");
1956
					goto exit;
1957
				}
1958
			}
1959
			if (bo_bucket->alloc_flags
1960
			    & (KFD_IOC_ALLOC_MEM_FLAGS_VRAM | KFD_IOC_ALLOC_MEM_FLAGS_GTT)) {
1961
				ret = criu_get_prime_handle(kgd_mem,
1962
						bo_bucket->alloc_flags &
1963
						KFD_IOC_ALLOC_MEM_FLAGS_WRITABLE ? DRM_RDWR : 0,
1964
						&bo_bucket->dmabuf_fd, &files[bo_index]);
1965
				if (ret)
1966
					goto exit;
1967
			} else {
1968
				bo_bucket->dmabuf_fd = KFD_INVALID_FD;
1969
			}
1970

1971
			if (bo_bucket->alloc_flags & KFD_IOC_ALLOC_MEM_FLAGS_DOORBELL)
1972
				bo_bucket->offset = KFD_MMAP_TYPE_DOORBELL |
1973
					KFD_MMAP_GPU_ID(pdd->dev->id);
1974
			else if (bo_bucket->alloc_flags &
1975
				KFD_IOC_ALLOC_MEM_FLAGS_MMIO_REMAP)
1976
				bo_bucket->offset = KFD_MMAP_TYPE_MMIO |
1977
					KFD_MMAP_GPU_ID(pdd->dev->id);
1978
			else
1979
				bo_bucket->offset = amdgpu_bo_mmap_offset(dumper_bo);
1980

1981
			for (i = 0; i < p->n_pdds; i++) {
1982
				if (amdgpu_amdkfd_bo_mapped_to_dev(p->pdds[i]->drm_priv, kgd_mem))
1983
					bo_priv->mapped_gpuids[dev_idx++] = p->pdds[i]->user_gpu_id;
1984
			}
1985

1986
			pr_debug("bo_size = 0x%llx, bo_addr = 0x%llx bo_offset = 0x%llx\n"
1987
					"gpu_id = 0x%x alloc_flags = 0x%x idr_handle = 0x%x",
1988
					bo_bucket->size,
1989
					bo_bucket->addr,
1990
					bo_bucket->offset,
1991
					bo_bucket->gpu_id,
1992
					bo_bucket->alloc_flags,
1993
					bo_priv->idr_handle);
1994
			bo_index++;
1995
		}
1996
	}
1997

1998
	ret = copy_to_user(user_bos, bo_buckets, num_bos * sizeof(*bo_buckets));
1999
	if (ret) {
2000
		pr_err("Failed to copy BO information to user\n");
2001
		ret = -EFAULT;
2002
		goto exit;
2003
	}
2004

2005
	ret = copy_to_user(user_priv_data + *priv_offset, bo_privs, num_bos * sizeof(*bo_privs));
2006
	if (ret) {
2007
		pr_err("Failed to copy BO priv information to user\n");
2008
		ret = -EFAULT;
2009
		goto exit;
2010
	}
2011

2012
	*priv_offset += num_bos * sizeof(*bo_privs);
2013

2014
exit:
2015
	commit_files(files, bo_buckets, bo_index, ret);
2016
	kvfree(files);
2017
	kvfree(bo_buckets);
2018
	kvfree(bo_privs);
2019
	return ret;
2020
}
2021

2022
static int criu_get_process_object_info(struct kfd_process *p,
2023
					uint32_t *num_devices,
2024
					uint32_t *num_bos,
2025
					uint32_t *num_objects,
2026
					uint64_t *objs_priv_size)
2027
{
2028
	uint64_t queues_priv_data_size, svm_priv_data_size, priv_size;
2029
	uint32_t num_queues, num_events, num_svm_ranges;
2030
	int ret;
2031

2032
	*num_devices = p->n_pdds;
2033
	*num_bos = get_process_num_bos(p);
2034

2035
	ret = kfd_process_get_queue_info(p, &num_queues, &queues_priv_data_size);
2036
	if (ret)
2037
		return ret;
2038

2039
	num_events = kfd_get_num_events(p);
2040

2041
	svm_range_get_info(p, &num_svm_ranges, &svm_priv_data_size);
2042

2043
	*num_objects = num_queues + num_events + num_svm_ranges;
2044

2045
	if (objs_priv_size) {
2046
		priv_size = sizeof(struct kfd_criu_process_priv_data);
2047
		priv_size += *num_devices * sizeof(struct kfd_criu_device_priv_data);
2048
		priv_size += *num_bos * sizeof(struct kfd_criu_bo_priv_data);
2049
		priv_size += queues_priv_data_size;
2050
		priv_size += num_events * sizeof(struct kfd_criu_event_priv_data);
2051
		priv_size += svm_priv_data_size;
2052
		*objs_priv_size = priv_size;
2053
	}
2054
	return 0;
2055
}
2056

2057
static int criu_checkpoint(struct file *filep,
2058
			   struct kfd_process *p,
2059
			   struct kfd_ioctl_criu_args *args)
2060
{
2061
	int ret;
2062
	uint32_t num_devices, num_bos, num_objects;
2063
	uint64_t priv_size, priv_offset = 0, bo_priv_offset;
2064

2065
	if (!args->devices || !args->bos || !args->priv_data)
2066
		return -EINVAL;
2067

2068
	mutex_lock(&p->mutex);
2069

2070
	if (!p->n_pdds) {
2071
		pr_err("No pdd for given process\n");
2072
		ret = -ENODEV;
2073
		goto exit_unlock;
2074
	}
2075

2076
	/* Confirm all process queues are evicted */
2077
	if (!p->queues_paused) {
2078
		pr_err("Cannot dump process when queues are not in evicted state\n");
2079
		/* CRIU plugin did not call op PROCESS_INFO before checkpointing */
2080
		ret = -EINVAL;
2081
		goto exit_unlock;
2082
	}
2083

2084
	ret = criu_get_process_object_info(p, &num_devices, &num_bos, &num_objects, &priv_size);
2085
	if (ret)
2086
		goto exit_unlock;
2087

2088
	if (num_devices != args->num_devices ||
2089
	    num_bos != args->num_bos ||
2090
	    num_objects != args->num_objects ||
2091
	    priv_size != args->priv_data_size) {
2092

2093
		ret = -EINVAL;
2094
		goto exit_unlock;
2095
	}
2096

2097
	/* each function will store private data inside priv_data and adjust priv_offset */
2098
	ret = criu_checkpoint_process(p, (uint8_t __user *)args->priv_data, &priv_offset);
2099
	if (ret)
2100
		goto exit_unlock;
2101

2102
	ret = criu_checkpoint_devices(p, num_devices, (uint8_t __user *)args->devices,
2103
				(uint8_t __user *)args->priv_data, &priv_offset);
2104
	if (ret)
2105
		goto exit_unlock;
2106

2107
	/* Leave room for BOs in the private data. They need to be restored
2108
	 * before events, but we checkpoint them last to simplify the error
2109
	 * handling.
2110
	 */
2111
	bo_priv_offset = priv_offset;
2112
	priv_offset += num_bos * sizeof(struct kfd_criu_bo_priv_data);
2113

2114
	if (num_objects) {
2115
		ret = kfd_criu_checkpoint_queues(p, (uint8_t __user *)args->priv_data,
2116
						 &priv_offset);
2117
		if (ret)
2118
			goto exit_unlock;
2119

2120
		ret = kfd_criu_checkpoint_events(p, (uint8_t __user *)args->priv_data,
2121
						 &priv_offset);
2122
		if (ret)
2123
			goto exit_unlock;
2124

2125
		ret = kfd_criu_checkpoint_svm(p, (uint8_t __user *)args->priv_data, &priv_offset);
2126
		if (ret)
2127
			goto exit_unlock;
2128
	}
2129

2130
	/* This must be the last thing in this function that can fail.
2131
	 * Otherwise we leak dmabuf file descriptors.
2132
	 */
2133
	ret = criu_checkpoint_bos(p, num_bos, (uint8_t __user *)args->bos,
2134
			   (uint8_t __user *)args->priv_data, &bo_priv_offset);
2135

2136
exit_unlock:
2137
	mutex_unlock(&p->mutex);
2138
	if (ret)
2139
		pr_err("Failed to dump CRIU ret:%d\n", ret);
2140
	else
2141
		pr_debug("CRIU dump ret:%d\n", ret);
2142

2143
	return ret;
2144
}
2145

2146
static int criu_restore_process(struct kfd_process *p,
2147
				struct kfd_ioctl_criu_args *args,
2148
				uint64_t *priv_offset,
2149
				uint64_t max_priv_data_size)
2150
{
2151
	int ret = 0;
2152
	struct kfd_criu_process_priv_data process_priv;
2153

2154
	if (*priv_offset + sizeof(process_priv) > max_priv_data_size)
2155
		return -EINVAL;
2156

2157
	ret = copy_from_user(&process_priv,
2158
				(void __user *)(args->priv_data + *priv_offset),
2159
				sizeof(process_priv));
2160
	if (ret) {
2161
		pr_err("Failed to copy process private information from user\n");
2162
		ret = -EFAULT;
2163
		goto exit;
2164
	}
2165
	*priv_offset += sizeof(process_priv);
2166

2167
	if (process_priv.version != KFD_CRIU_PRIV_VERSION) {
2168
		pr_err("Invalid CRIU API version (checkpointed:%d current:%d)\n",
2169
			process_priv.version, KFD_CRIU_PRIV_VERSION);
2170
		return -EINVAL;
2171
	}
2172

2173
	pr_debug("Setting XNACK mode\n");
2174
	if (process_priv.xnack_mode && !kfd_process_xnack_mode(p, true)) {
2175
		pr_err("xnack mode cannot be set\n");
2176
		ret = -EPERM;
2177
		goto exit;
2178
	} else {
2179
		pr_debug("set xnack mode: %d\n", process_priv.xnack_mode);
2180
		p->xnack_enabled = process_priv.xnack_mode;
2181
	}
2182

2183
exit:
2184
	return ret;
2185
}
2186

2187
static int criu_restore_devices(struct kfd_process *p,
2188
				struct kfd_ioctl_criu_args *args,
2189
				uint64_t *priv_offset,
2190
				uint64_t max_priv_data_size)
2191
{
2192
	struct kfd_criu_device_bucket *device_buckets;
2193
	struct kfd_criu_device_priv_data *device_privs;
2194
	int ret = 0;
2195
	uint32_t i;
2196

2197
	if (args->num_devices != p->n_pdds)
2198
		return -EINVAL;
2199

2200
	if (*priv_offset + (args->num_devices * sizeof(*device_privs)) > max_priv_data_size)
2201
		return -EINVAL;
2202

2203
	device_buckets = kmalloc_array(args->num_devices, sizeof(*device_buckets), GFP_KERNEL);
2204
	if (!device_buckets)
2205
		return -ENOMEM;
2206

2207
	ret = copy_from_user(device_buckets, (void __user *)args->devices,
2208
				args->num_devices * sizeof(*device_buckets));
2209
	if (ret) {
2210
		pr_err("Failed to copy devices buckets from user\n");
2211
		ret = -EFAULT;
2212
		goto exit;
2213
	}
2214

2215
	for (i = 0; i < args->num_devices; i++) {
2216
		struct kfd_node *dev;
2217
		struct kfd_process_device *pdd;
2218
		struct file *drm_file;
2219

2220
		/* device private data is not currently used */
2221

2222
		if (!device_buckets[i].user_gpu_id) {
2223
			pr_err("Invalid user gpu_id\n");
2224
			ret = -EINVAL;
2225
			goto exit;
2226
		}
2227

2228
		dev = kfd_device_by_id(device_buckets[i].actual_gpu_id);
2229
		if (!dev) {
2230
			pr_err("Failed to find device with gpu_id = %x\n",
2231
				device_buckets[i].actual_gpu_id);
2232
			ret = -EINVAL;
2233
			goto exit;
2234
		}
2235

2236
		pdd = kfd_get_process_device_data(dev, p);
2237
		if (!pdd) {
2238
			pr_err("Failed to get pdd for gpu_id = %x\n",
2239
					device_buckets[i].actual_gpu_id);
2240
			ret = -EINVAL;
2241
			goto exit;
2242
		}
2243
		pdd->user_gpu_id = device_buckets[i].user_gpu_id;
2244

2245
		drm_file = fget(device_buckets[i].drm_fd);
2246
		if (!drm_file) {
2247
			pr_err("Invalid render node file descriptor sent from plugin (%d)\n",
2248
				device_buckets[i].drm_fd);
2249
			ret = -EINVAL;
2250
			goto exit;
2251
		}
2252

2253
		if (pdd->drm_file) {
2254
			ret = -EINVAL;
2255
			goto exit;
2256
		}
2257

2258
		/* create the vm using render nodes for kfd pdd */
2259
		if (kfd_process_device_init_vm(pdd, drm_file)) {
2260
			pr_err("could not init vm for given pdd\n");
2261
			/* On success, the PDD keeps the drm_file reference */
2262
			fput(drm_file);
2263
			ret = -EINVAL;
2264
			goto exit;
2265
		}
2266
		/*
2267
		 * pdd now already has the vm bound to render node so below api won't create a new
2268
		 * exclusive kfd mapping but use existing one with renderDXXX but is still needed
2269
		 * for iommu v2 binding  and runtime pm.
2270
		 */
2271
		pdd = kfd_bind_process_to_device(dev, p);
2272
		if (IS_ERR(pdd)) {
2273
			ret = PTR_ERR(pdd);
2274
			goto exit;
2275
		}
2276

2277
		if (!pdd->qpd.proc_doorbells) {
2278
			ret = kfd_alloc_process_doorbells(dev->kfd, pdd);
2279
			if (ret)
2280
				goto exit;
2281
		}
2282
	}
2283

2284
	/*
2285
	 * We are not copying device private data from user as we are not using the data for now,
2286
	 * but we still adjust for its private data.
2287
	 */
2288
	*priv_offset += args->num_devices * sizeof(*device_privs);
2289

2290
exit:
2291
	kfree(device_buckets);
2292
	return ret;
2293
}
2294

2295
static int criu_restore_memory_of_gpu(struct kfd_process_device *pdd,
2296
				      struct kfd_criu_bo_bucket *bo_bucket,
2297
				      struct kfd_criu_bo_priv_data *bo_priv,
2298
				      struct kgd_mem **kgd_mem)
2299
{
2300
	int idr_handle;
2301
	int ret;
2302
	const bool criu_resume = true;
2303
	u64 offset;
2304

2305
	if (bo_bucket->alloc_flags & KFD_IOC_ALLOC_MEM_FLAGS_DOORBELL) {
2306
		if (bo_bucket->size !=
2307
				kfd_doorbell_process_slice(pdd->dev->kfd))
2308
			return -EINVAL;
2309

2310
		offset = kfd_get_process_doorbells(pdd);
2311
		if (!offset)
2312
			return -ENOMEM;
2313
	} else if (bo_bucket->alloc_flags & KFD_IOC_ALLOC_MEM_FLAGS_MMIO_REMAP) {
2314
		/* MMIO BOs need remapped bus address */
2315
		if (bo_bucket->size != PAGE_SIZE) {
2316
			pr_err("Invalid page size\n");
2317
			return -EINVAL;
2318
		}
2319
		offset = pdd->dev->adev->rmmio_remap.bus_addr;
2320
		if (!offset || (PAGE_SIZE > 4096)) {
2321
			pr_err("amdgpu_amdkfd_get_mmio_remap_phys_addr failed\n");
2322
			return -ENOMEM;
2323
		}
2324
	} else if (bo_bucket->alloc_flags & KFD_IOC_ALLOC_MEM_FLAGS_USERPTR) {
2325
		offset = bo_priv->user_addr;
2326
	}
2327
	/* Create the BO */
2328
	ret = amdgpu_amdkfd_gpuvm_alloc_memory_of_gpu(pdd->dev->adev, bo_bucket->addr,
2329
						      bo_bucket->size, pdd->drm_priv, kgd_mem,
2330
						      &offset, bo_bucket->alloc_flags, criu_resume);
2331
	if (ret) {
2332
		pr_err("Could not create the BO\n");
2333
		return ret;
2334
	}
2335
	pr_debug("New BO created: size:0x%llx addr:0x%llx offset:0x%llx\n",
2336
		 bo_bucket->size, bo_bucket->addr, offset);
2337

2338
	/* Restore previous IDR handle */
2339
	pr_debug("Restoring old IDR handle for the BO");
2340
	idr_handle = idr_alloc(&pdd->alloc_idr, *kgd_mem, bo_priv->idr_handle,
2341
			       bo_priv->idr_handle + 1, GFP_KERNEL);
2342

2343
	if (idr_handle < 0) {
2344
		pr_err("Could not allocate idr\n");
2345
		amdgpu_amdkfd_gpuvm_free_memory_of_gpu(pdd->dev->adev, *kgd_mem, pdd->drm_priv,
2346
						       NULL);
2347
		return -ENOMEM;
2348
	}
2349

2350
	if (bo_bucket->alloc_flags & KFD_IOC_ALLOC_MEM_FLAGS_DOORBELL)
2351
		bo_bucket->restored_offset = KFD_MMAP_TYPE_DOORBELL | KFD_MMAP_GPU_ID(pdd->dev->id);
2352
	if (bo_bucket->alloc_flags & KFD_IOC_ALLOC_MEM_FLAGS_MMIO_REMAP) {
2353
		bo_bucket->restored_offset = KFD_MMAP_TYPE_MMIO | KFD_MMAP_GPU_ID(pdd->dev->id);
2354
	} else if (bo_bucket->alloc_flags & KFD_IOC_ALLOC_MEM_FLAGS_GTT) {
2355
		bo_bucket->restored_offset = offset;
2356
	} else if (bo_bucket->alloc_flags & KFD_IOC_ALLOC_MEM_FLAGS_VRAM) {
2357
		bo_bucket->restored_offset = offset;
2358
		/* Update the VRAM usage count */
2359
		atomic64_add(bo_bucket->size, &pdd->vram_usage);
2360
	}
2361
	return 0;
2362
}
2363

2364
static int criu_restore_bo(struct kfd_process *p,
2365
			   struct kfd_criu_bo_bucket *bo_bucket,
2366
			   struct kfd_criu_bo_priv_data *bo_priv,
2367
			   struct file **file)
2368
{
2369
	struct kfd_process_device *pdd;
2370
	struct kgd_mem *kgd_mem;
2371
	int ret;
2372
	int j;
2373

2374
	pr_debug("Restoring BO size:0x%llx addr:0x%llx gpu_id:0x%x flags:0x%x idr_handle:0x%x\n",
2375
		 bo_bucket->size, bo_bucket->addr, bo_bucket->gpu_id, bo_bucket->alloc_flags,
2376
		 bo_priv->idr_handle);
2377

2378
	pdd = kfd_process_device_data_by_id(p, bo_bucket->gpu_id);
2379
	if (!pdd) {
2380
		pr_err("Failed to get pdd\n");
2381
		return -ENODEV;
2382
	}
2383

2384
	ret = criu_restore_memory_of_gpu(pdd, bo_bucket, bo_priv, &kgd_mem);
2385
	if (ret)
2386
		return ret;
2387

2388
	/* now map these BOs to GPU/s */
2389
	for (j = 0; j < p->n_pdds; j++) {
2390
		struct kfd_node *peer;
2391
		struct kfd_process_device *peer_pdd;
2392

2393
		if (!bo_priv->mapped_gpuids[j])
2394
			break;
2395

2396
		peer_pdd = kfd_process_device_data_by_id(p, bo_priv->mapped_gpuids[j]);
2397
		if (!peer_pdd)
2398
			return -EINVAL;
2399

2400
		peer = peer_pdd->dev;
2401

2402
		peer_pdd = kfd_bind_process_to_device(peer, p);
2403
		if (IS_ERR(peer_pdd))
2404
			return PTR_ERR(peer_pdd);
2405

2406
		ret = amdgpu_amdkfd_gpuvm_map_memory_to_gpu(peer->adev, kgd_mem,
2407
							    peer_pdd->drm_priv);
2408
		if (ret) {
2409
			pr_err("Failed to map to gpu %d/%d\n", j, p->n_pdds);
2410
			return ret;
2411
		}
2412
	}
2413

2414
	pr_debug("map memory was successful for the BO\n");
2415
	/* create the dmabuf object and export the bo */
2416
	if (bo_bucket->alloc_flags
2417
	    & (KFD_IOC_ALLOC_MEM_FLAGS_VRAM | KFD_IOC_ALLOC_MEM_FLAGS_GTT)) {
2418
		ret = criu_get_prime_handle(kgd_mem, DRM_RDWR,
2419
					    &bo_bucket->dmabuf_fd, file);
2420
		if (ret)
2421
			return ret;
2422
	} else {
2423
		bo_bucket->dmabuf_fd = KFD_INVALID_FD;
2424
	}
2425

2426
	return 0;
2427
}
2428

2429
static int criu_restore_bos(struct kfd_process *p,
2430
			    struct kfd_ioctl_criu_args *args,
2431
			    uint64_t *priv_offset,
2432
			    uint64_t max_priv_data_size)
2433
{
2434
	struct kfd_criu_bo_bucket *bo_buckets = NULL;
2435
	struct kfd_criu_bo_priv_data *bo_privs = NULL;
2436
	struct file **files = NULL;
2437
	int ret = 0;
2438
	uint32_t i = 0;
2439

2440
	if (*priv_offset + (args->num_bos * sizeof(*bo_privs)) > max_priv_data_size)
2441
		return -EINVAL;
2442

2443
	/* Prevent MMU notifications until stage-4 IOCTL (CRIU_RESUME) is received */
2444
	amdgpu_amdkfd_block_mmu_notifications(p->kgd_process_info);
2445

2446
	bo_buckets = kvmalloc_array(args->num_bos, sizeof(*bo_buckets), GFP_KERNEL);
2447
	if (!bo_buckets)
2448
		return -ENOMEM;
2449

2450
	files = kvzalloc(args->num_bos * sizeof(struct file *), GFP_KERNEL);
2451
	if (!files) {
2452
		ret = -ENOMEM;
2453
		goto exit;
2454
	}
2455

2456
	ret = copy_from_user(bo_buckets, (void __user *)args->bos,
2457
			     args->num_bos * sizeof(*bo_buckets));
2458
	if (ret) {
2459
		pr_err("Failed to copy BOs information from user\n");
2460
		ret = -EFAULT;
2461
		goto exit;
2462
	}
2463

2464
	bo_privs = kvmalloc_array(args->num_bos, sizeof(*bo_privs), GFP_KERNEL);
2465
	if (!bo_privs) {
2466
		ret = -ENOMEM;
2467
		goto exit;
2468
	}
2469

2470
	ret = copy_from_user(bo_privs, (void __user *)args->priv_data + *priv_offset,
2471
			     args->num_bos * sizeof(*bo_privs));
2472
	if (ret) {
2473
		pr_err("Failed to copy BOs information from user\n");
2474
		ret = -EFAULT;
2475
		goto exit;
2476
	}
2477
	*priv_offset += args->num_bos * sizeof(*bo_privs);
2478

2479
	/* Create and map new BOs */
2480
	for (; i < args->num_bos; i++) {
2481
		ret = criu_restore_bo(p, &bo_buckets[i], &bo_privs[i], &files[i]);
2482
		if (ret) {
2483
			pr_debug("Failed to restore BO[%d] ret%d\n", i, ret);
2484
			goto exit;
2485
		}
2486
	} /* done */
2487

2488
	/* Copy only the buckets back so user can read bo_buckets[N].restored_offset */
2489
	ret = copy_to_user((void __user *)args->bos,
2490
				bo_buckets,
2491
				(args->num_bos * sizeof(*bo_buckets)));
2492
	if (ret)
2493
		ret = -EFAULT;
2494

2495
exit:
2496
	commit_files(files, bo_buckets, i, ret);
2497
	kvfree(files);
2498
	kvfree(bo_buckets);
2499
	kvfree(bo_privs);
2500
	return ret;
2501
}
2502

2503
static int criu_restore_objects(struct file *filep,
2504
				struct kfd_process *p,
2505
				struct kfd_ioctl_criu_args *args,
2506
				uint64_t *priv_offset,
2507
				uint64_t max_priv_data_size)
2508
{
2509
	int ret = 0;
2510
	uint32_t i;
2511

2512
	BUILD_BUG_ON(offsetof(struct kfd_criu_queue_priv_data, object_type));
2513
	BUILD_BUG_ON(offsetof(struct kfd_criu_event_priv_data, object_type));
2514
	BUILD_BUG_ON(offsetof(struct kfd_criu_svm_range_priv_data, object_type));
2515

2516
	for (i = 0; i < args->num_objects; i++) {
2517
		uint32_t object_type;
2518

2519
		if (*priv_offset + sizeof(object_type) > max_priv_data_size) {
2520
			pr_err("Invalid private data size\n");
2521
			return -EINVAL;
2522
		}
2523

2524
		ret = get_user(object_type, (uint32_t __user *)(args->priv_data + *priv_offset));
2525
		if (ret) {
2526
			pr_err("Failed to copy private information from user\n");
2527
			goto exit;
2528
		}
2529

2530
		switch (object_type) {
2531
		case KFD_CRIU_OBJECT_TYPE_QUEUE:
2532
			ret = kfd_criu_restore_queue(p, (uint8_t __user *)args->priv_data,
2533
						     priv_offset, max_priv_data_size);
2534
			if (ret)
2535
				goto exit;
2536
			break;
2537
		case KFD_CRIU_OBJECT_TYPE_EVENT:
2538
			ret = kfd_criu_restore_event(filep, p, (uint8_t __user *)args->priv_data,
2539
						     priv_offset, max_priv_data_size);
2540
			if (ret)
2541
				goto exit;
2542
			break;
2543
		case KFD_CRIU_OBJECT_TYPE_SVM_RANGE:
2544
			ret = kfd_criu_restore_svm(p, (uint8_t __user *)args->priv_data,
2545
						     priv_offset, max_priv_data_size);
2546
			if (ret)
2547
				goto exit;
2548
			break;
2549
		default:
2550
			pr_err("Invalid object type:%u at index:%d\n", object_type, i);
2551
			ret = -EINVAL;
2552
			goto exit;
2553
		}
2554
	}
2555
exit:
2556
	return ret;
2557
}
2558

2559
static int criu_restore(struct file *filep,
2560
			struct kfd_process *p,
2561
			struct kfd_ioctl_criu_args *args)
2562
{
2563
	uint64_t priv_offset = 0;
2564
	int ret = 0;
2565

2566
	pr_debug("CRIU restore (num_devices:%u num_bos:%u num_objects:%u priv_data_size:%llu)\n",
2567
		 args->num_devices, args->num_bos, args->num_objects, args->priv_data_size);
2568

2569
	if (!args->bos || !args->devices || !args->priv_data || !args->priv_data_size ||
2570
	    !args->num_devices || !args->num_bos)
2571
		return -EINVAL;
2572

2573
	mutex_lock(&p->mutex);
2574

2575
	/*
2576
	 * Set the process to evicted state to avoid running any new queues before all the memory
2577
	 * mappings are ready.
2578
	 */
2579
	ret = kfd_process_evict_queues(p, KFD_QUEUE_EVICTION_CRIU_RESTORE);
2580
	if (ret)
2581
		goto exit_unlock;
2582

2583
	/* Each function will adjust priv_offset based on how many bytes they consumed */
2584
	ret = criu_restore_process(p, args, &priv_offset, args->priv_data_size);
2585
	if (ret)
2586
		goto exit_unlock;
2587

2588
	ret = criu_restore_devices(p, args, &priv_offset, args->priv_data_size);
2589
	if (ret)
2590
		goto exit_unlock;
2591

2592
	ret = criu_restore_bos(p, args, &priv_offset, args->priv_data_size);
2593
	if (ret)
2594
		goto exit_unlock;
2595

2596
	ret = criu_restore_objects(filep, p, args, &priv_offset, args->priv_data_size);
2597
	if (ret)
2598
		goto exit_unlock;
2599

2600
	if (priv_offset != args->priv_data_size) {
2601
		pr_err("Invalid private data size\n");
2602
		ret = -EINVAL;
2603
	}
2604

2605
exit_unlock:
2606
	mutex_unlock(&p->mutex);
2607
	if (ret)
2608
		pr_err("Failed to restore CRIU ret:%d\n", ret);
2609
	else
2610
		pr_debug("CRIU restore successful\n");
2611

2612
	return ret;
2613
}
2614

2615
static int criu_unpause(struct file *filep,
2616
			struct kfd_process *p,
2617
			struct kfd_ioctl_criu_args *args)
2618
{
2619
	int ret;
2620

2621
	mutex_lock(&p->mutex);
2622

2623
	if (!p->queues_paused) {
2624
		mutex_unlock(&p->mutex);
2625
		return -EINVAL;
2626
	}
2627

2628
	ret = kfd_process_restore_queues(p);
2629
	if (ret)
2630
		pr_err("Failed to unpause queues ret:%d\n", ret);
2631
	else
2632
		p->queues_paused = false;
2633

2634
	mutex_unlock(&p->mutex);
2635

2636
	return ret;
2637
}
2638

2639
static int criu_resume(struct file *filep,
2640
			struct kfd_process *p,
2641
			struct kfd_ioctl_criu_args *args)
2642
{
2643
	struct kfd_process *target = NULL;
2644
	struct pid *pid = NULL;
2645
	int ret = 0;
2646

2647
	pr_debug("Inside %s, target pid for criu restore: %d\n", __func__,
2648
		 args->pid);
2649

2650
	pid = find_get_pid(args->pid);
2651
	if (!pid) {
2652
		pr_err("Cannot find pid info for %i\n", args->pid);
2653
		return -ESRCH;
2654
	}
2655

2656
	pr_debug("calling kfd_lookup_process_by_pid\n");
2657
	target = kfd_lookup_process_by_pid(pid);
2658

2659
	put_pid(pid);
2660

2661
	if (!target) {
2662
		pr_debug("Cannot find process info for %i\n", args->pid);
2663
		return -ESRCH;
2664
	}
2665

2666
	mutex_lock(&target->mutex);
2667
	ret = kfd_criu_resume_svm(target);
2668
	if (ret) {
2669
		pr_err("kfd_criu_resume_svm failed for %i\n", args->pid);
2670
		goto exit;
2671
	}
2672

2673
	ret =  amdgpu_amdkfd_criu_resume(target->kgd_process_info);
2674
	if (ret)
2675
		pr_err("amdgpu_amdkfd_criu_resume failed for %i\n", args->pid);
2676

2677
exit:
2678
	mutex_unlock(&target->mutex);
2679

2680
	kfd_unref_process(target);
2681
	return ret;
2682
}
2683

2684
static int criu_process_info(struct file *filep,
2685
				struct kfd_process *p,
2686
				struct kfd_ioctl_criu_args *args)
2687
{
2688
	int ret = 0;
2689

2690
	mutex_lock(&p->mutex);
2691

2692
	if (!p->n_pdds) {
2693
		pr_err("No pdd for given process\n");
2694
		ret = -ENODEV;
2695
		goto err_unlock;
2696
	}
2697

2698
	ret = kfd_process_evict_queues(p, KFD_QUEUE_EVICTION_CRIU_CHECKPOINT);
2699
	if (ret)
2700
		goto err_unlock;
2701

2702
	p->queues_paused = true;
2703

2704
	args->pid = task_pid_nr_ns(p->lead_thread,
2705
					task_active_pid_ns(p->lead_thread));
2706

2707
	ret = criu_get_process_object_info(p, &args->num_devices, &args->num_bos,
2708
					   &args->num_objects, &args->priv_data_size);
2709
	if (ret)
2710
		goto err_unlock;
2711

2712
	dev_dbg(kfd_device, "Num of devices:%u bos:%u objects:%u priv_data_size:%lld\n",
2713
				args->num_devices, args->num_bos, args->num_objects,
2714
				args->priv_data_size);
2715

2716
err_unlock:
2717
	if (ret) {
2718
		kfd_process_restore_queues(p);
2719
		p->queues_paused = false;
2720
	}
2721
	mutex_unlock(&p->mutex);
2722
	return ret;
2723
}
2724

2725
static int kfd_ioctl_criu(struct file *filep, struct kfd_process *p, void *data)
2726
{
2727
	struct kfd_ioctl_criu_args *args = data;
2728
	int ret;
2729

2730
	dev_dbg(kfd_device, "CRIU operation: %d\n", args->op);
2731
	switch (args->op) {
2732
	case KFD_CRIU_OP_PROCESS_INFO:
2733
		ret = criu_process_info(filep, p, args);
2734
		break;
2735
	case KFD_CRIU_OP_CHECKPOINT:
2736
		ret = criu_checkpoint(filep, p, args);
2737
		break;
2738
	case KFD_CRIU_OP_UNPAUSE:
2739
		ret = criu_unpause(filep, p, args);
2740
		break;
2741
	case KFD_CRIU_OP_RESTORE:
2742
		ret = criu_restore(filep, p, args);
2743
		break;
2744
	case KFD_CRIU_OP_RESUME:
2745
		ret = criu_resume(filep, p, args);
2746
		break;
2747
	default:
2748
		dev_dbg(kfd_device, "Unsupported CRIU operation:%d\n", args->op);
2749
		ret = -EINVAL;
2750
		break;
2751
	}
2752

2753
	if (ret)
2754
		dev_dbg(kfd_device, "CRIU operation:%d err:%d\n", args->op, ret);
2755

2756
	return ret;
2757
}
2758

2759
static int runtime_enable(struct kfd_process *p, uint64_t r_debug,
2760
			bool enable_ttmp_setup)
2761
{
2762
	int i = 0, ret = 0;
2763

2764
	if (p->is_runtime_retry)
2765
		goto retry;
2766

2767
	if (p->runtime_info.runtime_state != DEBUG_RUNTIME_STATE_DISABLED)
2768
		return -EBUSY;
2769

2770
	for (i = 0; i < p->n_pdds; i++) {
2771
		struct kfd_process_device *pdd = p->pdds[i];
2772

2773
		if (pdd->qpd.queue_count)
2774
			return -EEXIST;
2775

2776
		/*
2777
		 * Setup TTMPs by default.
2778
		 * Note that this call must remain here for MES ADD QUEUE to
2779
		 * skip_process_ctx_clear unconditionally as the first call to
2780
		 * SET_SHADER_DEBUGGER clears any stale process context data
2781
		 * saved in MES.
2782
		 */
2783
		if (pdd->dev->kfd->shared_resources.enable_mes)
2784
			kfd_dbg_set_mes_debug_mode(pdd, !kfd_dbg_has_cwsr_workaround(pdd->dev));
2785
	}
2786

2787
	p->runtime_info.runtime_state = DEBUG_RUNTIME_STATE_ENABLED;
2788
	p->runtime_info.r_debug = r_debug;
2789
	p->runtime_info.ttmp_setup = enable_ttmp_setup;
2790

2791
	if (p->runtime_info.ttmp_setup) {
2792
		for (i = 0; i < p->n_pdds; i++) {
2793
			struct kfd_process_device *pdd = p->pdds[i];
2794

2795
			if (!kfd_dbg_is_rlc_restore_supported(pdd->dev)) {
2796
				amdgpu_gfx_off_ctrl(pdd->dev->adev, false);
2797
				pdd->dev->kfd2kgd->enable_debug_trap(
2798
						pdd->dev->adev,
2799
						true,
2800
						pdd->dev->vm_info.last_vmid_kfd);
2801
			} else if (kfd_dbg_is_per_vmid_supported(pdd->dev)) {
2802
				pdd->spi_dbg_override = pdd->dev->kfd2kgd->enable_debug_trap(
2803
						pdd->dev->adev,
2804
						false,
2805
						0);
2806
			}
2807
		}
2808
	}
2809

2810
retry:
2811
	if (p->debug_trap_enabled) {
2812
		if (!p->is_runtime_retry) {
2813
			kfd_dbg_trap_activate(p);
2814
			kfd_dbg_ev_raise(KFD_EC_MASK(EC_PROCESS_RUNTIME),
2815
					p, NULL, 0, false, NULL, 0);
2816
		}
2817

2818
		mutex_unlock(&p->mutex);
2819
		ret = down_interruptible(&p->runtime_enable_sema);
2820
		mutex_lock(&p->mutex);
2821

2822
		p->is_runtime_retry = !!ret;
2823
	}
2824

2825
	return ret;
2826
}
2827

2828
static int runtime_disable(struct kfd_process *p)
2829
{
2830
	int i = 0, ret;
2831
	bool was_enabled = p->runtime_info.runtime_state == DEBUG_RUNTIME_STATE_ENABLED;
2832

2833
	p->runtime_info.runtime_state = DEBUG_RUNTIME_STATE_DISABLED;
2834
	p->runtime_info.r_debug = 0;
2835

2836
	if (p->debug_trap_enabled) {
2837
		if (was_enabled)
2838
			kfd_dbg_trap_deactivate(p, false, 0);
2839

2840
		if (!p->is_runtime_retry)
2841
			kfd_dbg_ev_raise(KFD_EC_MASK(EC_PROCESS_RUNTIME),
2842
					p, NULL, 0, false, NULL, 0);
2843

2844
		mutex_unlock(&p->mutex);
2845
		ret = down_interruptible(&p->runtime_enable_sema);
2846
		mutex_lock(&p->mutex);
2847

2848
		p->is_runtime_retry = !!ret;
2849
		if (ret)
2850
			return ret;
2851
	}
2852

2853
	if (was_enabled && p->runtime_info.ttmp_setup) {
2854
		for (i = 0; i < p->n_pdds; i++) {
2855
			struct kfd_process_device *pdd = p->pdds[i];
2856

2857
			if (!kfd_dbg_is_rlc_restore_supported(pdd->dev))
2858
				amdgpu_gfx_off_ctrl(pdd->dev->adev, true);
2859
		}
2860
	}
2861

2862
	p->runtime_info.ttmp_setup = false;
2863

2864
	/* disable ttmp setup */
2865
	for (i = 0; i < p->n_pdds; i++) {
2866
		struct kfd_process_device *pdd = p->pdds[i];
2867

2868
		if (kfd_dbg_is_per_vmid_supported(pdd->dev)) {
2869
			pdd->spi_dbg_override =
2870
					pdd->dev->kfd2kgd->disable_debug_trap(
2871
					pdd->dev->adev,
2872
					false,
2873
					pdd->dev->vm_info.last_vmid_kfd);
2874

2875
			if (!pdd->dev->kfd->shared_resources.enable_mes)
2876
				debug_refresh_runlist(pdd->dev->dqm);
2877
			else
2878
				kfd_dbg_set_mes_debug_mode(pdd,
2879
							   !kfd_dbg_has_cwsr_workaround(pdd->dev));
2880
		}
2881
	}
2882

2883
	return 0;
2884
}
2885

2886
static int kfd_ioctl_runtime_enable(struct file *filep, struct kfd_process *p, void *data)
2887
{
2888
	struct kfd_ioctl_runtime_enable_args *args = data;
2889
	int r;
2890

2891
	mutex_lock(&p->mutex);
2892

2893
	if (args->mode_mask & KFD_RUNTIME_ENABLE_MODE_ENABLE_MASK)
2894
		r = runtime_enable(p, args->r_debug,
2895
				!!(args->mode_mask & KFD_RUNTIME_ENABLE_MODE_TTMP_SAVE_MASK));
2896
	else
2897
		r = runtime_disable(p);
2898

2899
	mutex_unlock(&p->mutex);
2900

2901
	return r;
2902
}
2903

2904
static int kfd_ioctl_set_debug_trap(struct file *filep, struct kfd_process *p, void *data)
2905
{
2906
	struct kfd_ioctl_dbg_trap_args *args = data;
2907
	struct task_struct *thread = NULL;
2908
	struct mm_struct *mm = NULL;
2909
	struct pid *pid = NULL;
2910
	struct kfd_process *target = NULL;
2911
	struct kfd_process_device *pdd = NULL;
2912
	int r = 0;
2913

2914
	if (sched_policy == KFD_SCHED_POLICY_NO_HWS) {
2915
		pr_err("Debugging does not support sched_policy %i", sched_policy);
2916
		return -EINVAL;
2917
	}
2918

2919
	pid = find_get_pid(args->pid);
2920
	if (!pid) {
2921
		pr_debug("Cannot find pid info for %i\n", args->pid);
2922
		r = -ESRCH;
2923
		goto out;
2924
	}
2925

2926
	thread = get_pid_task(pid, PIDTYPE_PID);
2927
	if (!thread) {
2928
		r = -ESRCH;
2929
		goto out;
2930
	}
2931

2932
	mm = get_task_mm(thread);
2933
	if (!mm) {
2934
		r = -ESRCH;
2935
		goto out;
2936
	}
2937

2938
	if (args->op == KFD_IOC_DBG_TRAP_ENABLE) {
2939
		bool create_process;
2940

2941
		rcu_read_lock();
2942
		create_process = thread && thread != current && ptrace_parent(thread) == current;
2943
		rcu_read_unlock();
2944

2945
		target = create_process ? kfd_create_process(thread) :
2946
					kfd_lookup_process_by_pid(pid);
2947
	} else {
2948
		target = kfd_lookup_process_by_pid(pid);
2949
	}
2950

2951
	if (IS_ERR_OR_NULL(target)) {
2952
		pr_debug("Cannot find process PID %i to debug\n", args->pid);
2953
		r = target ? PTR_ERR(target) : -ESRCH;
2954
		target = NULL;
2955
		goto out;
2956
	}
2957

2958
	/* Check if target is still PTRACED. */
2959
	rcu_read_lock();
2960
	if (target != p && args->op != KFD_IOC_DBG_TRAP_DISABLE
2961
				&& ptrace_parent(target->lead_thread) != current) {
2962
		pr_err("PID %i is not PTRACED and cannot be debugged\n", args->pid);
2963
		r = -EPERM;
2964
	}
2965
	rcu_read_unlock();
2966

2967
	if (r)
2968
		goto out;
2969

2970
	mutex_lock(&target->mutex);
2971

2972
	if (args->op != KFD_IOC_DBG_TRAP_ENABLE && !target->debug_trap_enabled) {
2973
		pr_err("PID %i not debug enabled for op %i\n", args->pid, args->op);
2974
		r = -EINVAL;
2975
		goto unlock_out;
2976
	}
2977

2978
	if (target->runtime_info.runtime_state != DEBUG_RUNTIME_STATE_ENABLED &&
2979
			(args->op == KFD_IOC_DBG_TRAP_SET_WAVE_LAUNCH_OVERRIDE ||
2980
			 args->op == KFD_IOC_DBG_TRAP_SET_WAVE_LAUNCH_MODE ||
2981
			 args->op == KFD_IOC_DBG_TRAP_SUSPEND_QUEUES ||
2982
			 args->op == KFD_IOC_DBG_TRAP_RESUME_QUEUES ||
2983
			 args->op == KFD_IOC_DBG_TRAP_SET_NODE_ADDRESS_WATCH ||
2984
			 args->op == KFD_IOC_DBG_TRAP_CLEAR_NODE_ADDRESS_WATCH ||
2985
			 args->op == KFD_IOC_DBG_TRAP_SET_FLAGS)) {
2986
		r = -EPERM;
2987
		goto unlock_out;
2988
	}
2989

2990
	if (args->op == KFD_IOC_DBG_TRAP_SET_NODE_ADDRESS_WATCH ||
2991
	    args->op == KFD_IOC_DBG_TRAP_CLEAR_NODE_ADDRESS_WATCH) {
2992
		int user_gpu_id = kfd_process_get_user_gpu_id(target,
2993
				args->op == KFD_IOC_DBG_TRAP_SET_NODE_ADDRESS_WATCH ?
2994
					args->set_node_address_watch.gpu_id :
2995
					args->clear_node_address_watch.gpu_id);
2996

2997
		pdd = kfd_process_device_data_by_id(target, user_gpu_id);
2998
		if (user_gpu_id == -EINVAL || !pdd) {
2999
			r = -ENODEV;
3000
			goto unlock_out;
3001
		}
3002
	}
3003

3004
	switch (args->op) {
3005
	case KFD_IOC_DBG_TRAP_ENABLE:
3006
		if (target != p)
3007
			target->debugger_process = p;
3008

3009
		r = kfd_dbg_trap_enable(target,
3010
					args->enable.dbg_fd,
3011
					(void __user *)args->enable.rinfo_ptr,
3012
					&args->enable.rinfo_size);
3013
		if (!r)
3014
			target->exception_enable_mask = args->enable.exception_mask;
3015

3016
		break;
3017
	case KFD_IOC_DBG_TRAP_DISABLE:
3018
		r = kfd_dbg_trap_disable(target);
3019
		break;
3020
	case KFD_IOC_DBG_TRAP_SEND_RUNTIME_EVENT:
3021
		r = kfd_dbg_send_exception_to_runtime(target,
3022
				args->send_runtime_event.gpu_id,
3023
				args->send_runtime_event.queue_id,
3024
				args->send_runtime_event.exception_mask);
3025
		break;
3026
	case KFD_IOC_DBG_TRAP_SET_EXCEPTIONS_ENABLED:
3027
		kfd_dbg_set_enabled_debug_exception_mask(target,
3028
				args->set_exceptions_enabled.exception_mask);
3029
		break;
3030
	case KFD_IOC_DBG_TRAP_SET_WAVE_LAUNCH_OVERRIDE:
3031
		r = kfd_dbg_trap_set_wave_launch_override(target,
3032
				args->launch_override.override_mode,
3033
				args->launch_override.enable_mask,
3034
				args->launch_override.support_request_mask,
3035
				&args->launch_override.enable_mask,
3036
				&args->launch_override.support_request_mask);
3037
		break;
3038
	case KFD_IOC_DBG_TRAP_SET_WAVE_LAUNCH_MODE:
3039
		r = kfd_dbg_trap_set_wave_launch_mode(target,
3040
				args->launch_mode.launch_mode);
3041
		break;
3042
	case KFD_IOC_DBG_TRAP_SUSPEND_QUEUES:
3043
		r = suspend_queues(target,
3044
				args->suspend_queues.num_queues,
3045
				args->suspend_queues.grace_period,
3046
				args->suspend_queues.exception_mask,
3047
				(uint32_t *)args->suspend_queues.queue_array_ptr);
3048

3049
		break;
3050
	case KFD_IOC_DBG_TRAP_RESUME_QUEUES:
3051
		r = resume_queues(target, args->resume_queues.num_queues,
3052
				(uint32_t *)args->resume_queues.queue_array_ptr);
3053
		break;
3054
	case KFD_IOC_DBG_TRAP_SET_NODE_ADDRESS_WATCH:
3055
		r = kfd_dbg_trap_set_dev_address_watch(pdd,
3056
				args->set_node_address_watch.address,
3057
				args->set_node_address_watch.mask,
3058
				&args->set_node_address_watch.id,
3059
				args->set_node_address_watch.mode);
3060
		break;
3061
	case KFD_IOC_DBG_TRAP_CLEAR_NODE_ADDRESS_WATCH:
3062
		r = kfd_dbg_trap_clear_dev_address_watch(pdd,
3063
				args->clear_node_address_watch.id);
3064
		break;
3065
	case KFD_IOC_DBG_TRAP_SET_FLAGS:
3066
		r = kfd_dbg_trap_set_flags(target, &args->set_flags.flags);
3067
		break;
3068
	case KFD_IOC_DBG_TRAP_QUERY_DEBUG_EVENT:
3069
		r = kfd_dbg_ev_query_debug_event(target,
3070
				&args->query_debug_event.queue_id,
3071
				&args->query_debug_event.gpu_id,
3072
				args->query_debug_event.exception_mask,
3073
				&args->query_debug_event.exception_mask);
3074
		break;
3075
	case KFD_IOC_DBG_TRAP_QUERY_EXCEPTION_INFO:
3076
		r = kfd_dbg_trap_query_exception_info(target,
3077
				args->query_exception_info.source_id,
3078
				args->query_exception_info.exception_code,
3079
				args->query_exception_info.clear_exception,
3080
				(void __user *)args->query_exception_info.info_ptr,
3081
				&args->query_exception_info.info_size);
3082
		break;
3083
	case KFD_IOC_DBG_TRAP_GET_QUEUE_SNAPSHOT:
3084
		r = pqm_get_queue_snapshot(&target->pqm,
3085
				args->queue_snapshot.exception_mask,
3086
				(void __user *)args->queue_snapshot.snapshot_buf_ptr,
3087
				&args->queue_snapshot.num_queues,
3088
				&args->queue_snapshot.entry_size);
3089
		break;
3090
	case KFD_IOC_DBG_TRAP_GET_DEVICE_SNAPSHOT:
3091
		r = kfd_dbg_trap_device_snapshot(target,
3092
				args->device_snapshot.exception_mask,
3093
				(void __user *)args->device_snapshot.snapshot_buf_ptr,
3094
				&args->device_snapshot.num_devices,
3095
				&args->device_snapshot.entry_size);
3096
		break;
3097
	default:
3098
		pr_err("Invalid option: %i\n", args->op);
3099
		r = -EINVAL;
3100
	}
3101

3102
unlock_out:
3103
	mutex_unlock(&target->mutex);
3104

3105
out:
3106
	if (thread)
3107
		put_task_struct(thread);
3108

3109
	if (mm)
3110
		mmput(mm);
3111

3112
	if (pid)
3113
		put_pid(pid);
3114

3115
	if (target)
3116
		kfd_unref_process(target);
3117

3118
	return r;
3119
}
3120

3121
#define AMDKFD_IOCTL_DEF(ioctl, _func, _flags) \
3122
	[_IOC_NR(ioctl)] = {.cmd = ioctl, .func = _func, .flags = _flags, \
3123
			    .cmd_drv = 0, .name = #ioctl}
3124

3125
/** Ioctl table */
3126
static const struct amdkfd_ioctl_desc amdkfd_ioctls[] = {
3127
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_GET_VERSION,
3128
			kfd_ioctl_get_version, 0),
3129

3130
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_CREATE_QUEUE,
3131
			kfd_ioctl_create_queue, 0),
3132

3133
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_DESTROY_QUEUE,
3134
			kfd_ioctl_destroy_queue, 0),
3135

3136
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_SET_MEMORY_POLICY,
3137
			kfd_ioctl_set_memory_policy, 0),
3138

3139
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_GET_CLOCK_COUNTERS,
3140
			kfd_ioctl_get_clock_counters, 0),
3141

3142
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_GET_PROCESS_APERTURES,
3143
			kfd_ioctl_get_process_apertures, 0),
3144

3145
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_UPDATE_QUEUE,
3146
			kfd_ioctl_update_queue, 0),
3147

3148
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_CREATE_EVENT,
3149
			kfd_ioctl_create_event, 0),
3150

3151
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_DESTROY_EVENT,
3152
			kfd_ioctl_destroy_event, 0),
3153

3154
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_SET_EVENT,
3155
			kfd_ioctl_set_event, 0),
3156

3157
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_RESET_EVENT,
3158
			kfd_ioctl_reset_event, 0),
3159

3160
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_WAIT_EVENTS,
3161
			kfd_ioctl_wait_events, 0),
3162

3163
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_DBG_REGISTER_DEPRECATED,
3164
			kfd_ioctl_dbg_register, 0),
3165

3166
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_DBG_UNREGISTER_DEPRECATED,
3167
			kfd_ioctl_dbg_unregister, 0),
3168

3169
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_DBG_ADDRESS_WATCH_DEPRECATED,
3170
			kfd_ioctl_dbg_address_watch, 0),
3171

3172
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_DBG_WAVE_CONTROL_DEPRECATED,
3173
			kfd_ioctl_dbg_wave_control, 0),
3174

3175
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_SET_SCRATCH_BACKING_VA,
3176
			kfd_ioctl_set_scratch_backing_va, 0),
3177

3178
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_GET_TILE_CONFIG,
3179
			kfd_ioctl_get_tile_config, 0),
3180

3181
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_SET_TRAP_HANDLER,
3182
			kfd_ioctl_set_trap_handler, 0),
3183

3184
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_GET_PROCESS_APERTURES_NEW,
3185
			kfd_ioctl_get_process_apertures_new, 0),
3186

3187
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_ACQUIRE_VM,
3188
			kfd_ioctl_acquire_vm, 0),
3189

3190
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_ALLOC_MEMORY_OF_GPU,
3191
			kfd_ioctl_alloc_memory_of_gpu, 0),
3192

3193
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_FREE_MEMORY_OF_GPU,
3194
			kfd_ioctl_free_memory_of_gpu, 0),
3195

3196
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_MAP_MEMORY_TO_GPU,
3197
			kfd_ioctl_map_memory_to_gpu, 0),
3198

3199
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_UNMAP_MEMORY_FROM_GPU,
3200
			kfd_ioctl_unmap_memory_from_gpu, 0),
3201

3202
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_SET_CU_MASK,
3203
			kfd_ioctl_set_cu_mask, 0),
3204

3205
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_GET_QUEUE_WAVE_STATE,
3206
			kfd_ioctl_get_queue_wave_state, 0),
3207

3208
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_GET_DMABUF_INFO,
3209
				kfd_ioctl_get_dmabuf_info, 0),
3210

3211
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_IMPORT_DMABUF,
3212
				kfd_ioctl_import_dmabuf, 0),
3213

3214
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_ALLOC_QUEUE_GWS,
3215
			kfd_ioctl_alloc_queue_gws, 0),
3216

3217
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_SMI_EVENTS,
3218
			kfd_ioctl_smi_events, 0),
3219

3220
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_SVM, kfd_ioctl_svm, 0),
3221

3222
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_SET_XNACK_MODE,
3223
			kfd_ioctl_set_xnack_mode, 0),
3224

3225
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_CRIU_OP,
3226
			kfd_ioctl_criu, KFD_IOC_FLAG_CHECKPOINT_RESTORE),
3227

3228
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_AVAILABLE_MEMORY,
3229
			kfd_ioctl_get_available_memory, 0),
3230

3231
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_EXPORT_DMABUF,
3232
				kfd_ioctl_export_dmabuf, 0),
3233

3234
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_RUNTIME_ENABLE,
3235
			kfd_ioctl_runtime_enable, 0),
3236

3237
	AMDKFD_IOCTL_DEF(AMDKFD_IOC_DBG_TRAP,
3238
			kfd_ioctl_set_debug_trap, 0),
3239
};
3240

3241
#define AMDKFD_CORE_IOCTL_COUNT	ARRAY_SIZE(amdkfd_ioctls)
3242

3243
static long kfd_ioctl(struct file *filep, unsigned int cmd, unsigned long arg)
3244
{
3245
	struct kfd_process *process;
3246
	amdkfd_ioctl_t *func;
3247
	const struct amdkfd_ioctl_desc *ioctl = NULL;
3248
	unsigned int nr = _IOC_NR(cmd);
3249
	char stack_kdata[128];
3250
	char *kdata = NULL;
3251
	unsigned int usize, asize;
3252
	int retcode = -EINVAL;
3253
	bool ptrace_attached = false;
3254

3255
	if (nr >= AMDKFD_CORE_IOCTL_COUNT)
3256
		goto err_i1;
3257

3258
	if ((nr >= AMDKFD_COMMAND_START) && (nr < AMDKFD_COMMAND_END)) {
3259
		u32 amdkfd_size;
3260

3261
		ioctl = &amdkfd_ioctls[nr];
3262

3263
		amdkfd_size = _IOC_SIZE(ioctl->cmd);
3264
		usize = asize = _IOC_SIZE(cmd);
3265
		if (amdkfd_size > asize)
3266
			asize = amdkfd_size;
3267

3268
		cmd = ioctl->cmd;
3269
	} else
3270
		goto err_i1;
3271

3272
	dev_dbg(kfd_device, "ioctl cmd 0x%x (#0x%x), arg 0x%lx\n", cmd, nr, arg);
3273

3274
	/* Get the process struct from the filep. Only the process
3275
	 * that opened /dev/kfd can use the file descriptor. Child
3276
	 * processes need to create their own KFD device context.
3277
	 */
3278
	process = filep->private_data;
3279

3280
	rcu_read_lock();
3281
	if ((ioctl->flags & KFD_IOC_FLAG_CHECKPOINT_RESTORE) &&
3282
	    ptrace_parent(process->lead_thread) == current)
3283
		ptrace_attached = true;
3284
	rcu_read_unlock();
3285

3286
	if (process->lead_thread != current->group_leader
3287
	    && !ptrace_attached) {
3288
		dev_dbg(kfd_device, "Using KFD FD in wrong process\n");
3289
		retcode = -EBADF;
3290
		goto err_i1;
3291
	}
3292

3293
	/* Do not trust userspace, use our own definition */
3294
	func = ioctl->func;
3295

3296
	if (unlikely(!func)) {
3297
		dev_dbg(kfd_device, "no function\n");
3298
		retcode = -EINVAL;
3299
		goto err_i1;
3300
	}
3301

3302
	/*
3303
	 * Versions of docker shipped in Ubuntu 18.xx and 20.xx do not support
3304
	 * CAP_CHECKPOINT_RESTORE, so we also allow access if CAP_SYS_ADMIN as CAP_SYS_ADMIN is a
3305
	 * more priviledged access.
3306
	 */
3307
	if (unlikely(ioctl->flags & KFD_IOC_FLAG_CHECKPOINT_RESTORE)) {
3308
		if (!capable(CAP_CHECKPOINT_RESTORE) &&
3309
						!capable(CAP_SYS_ADMIN)) {
3310
			retcode = -EACCES;
3311
			goto err_i1;
3312
		}
3313
	}
3314

3315
	if (cmd & (IOC_IN | IOC_OUT)) {
3316
		if (asize <= sizeof(stack_kdata)) {
3317
			kdata = stack_kdata;
3318
		} else {
3319
			kdata = kmalloc(asize, GFP_KERNEL);
3320
			if (!kdata) {
3321
				retcode = -ENOMEM;
3322
				goto err_i1;
3323
			}
3324
		}
3325
		if (asize > usize)
3326
			memset(kdata + usize, 0, asize - usize);
3327
	}
3328

3329
	if (cmd & IOC_IN) {
3330
		if (copy_from_user(kdata, (void __user *)arg, usize) != 0) {
3331
			retcode = -EFAULT;
3332
			goto err_i1;
3333
		}
3334
	} else if (cmd & IOC_OUT) {
3335
		memset(kdata, 0, usize);
3336
	}
3337

3338
	retcode = func(filep, process, kdata);
3339

3340
	if (cmd & IOC_OUT)
3341
		if (copy_to_user((void __user *)arg, kdata, usize) != 0)
3342
			retcode = -EFAULT;
3343

3344
err_i1:
3345
	if (!ioctl)
3346
		dev_dbg(kfd_device, "invalid ioctl: pid=%d, cmd=0x%02x, nr=0x%02x\n",
3347
			  task_pid_nr(current), cmd, nr);
3348

3349
	if (kdata != stack_kdata)
3350
		kfree(kdata);
3351

3352
	if (retcode)
3353
		dev_dbg(kfd_device, "ioctl cmd (#0x%x), arg 0x%lx, ret = %d\n",
3354
				nr, arg, retcode);
3355

3356
	return retcode;
3357
}
3358

3359
static int kfd_mmio_mmap(struct kfd_node *dev, struct kfd_process *process,
3360
		      struct vm_area_struct *vma)
3361
{
3362
	phys_addr_t address;
3363

3364
	if (vma->vm_end - vma->vm_start != PAGE_SIZE)
3365
		return -EINVAL;
3366

3367
	if (PAGE_SIZE > 4096)
3368
		return -EINVAL;
3369

3370
	address = dev->adev->rmmio_remap.bus_addr;
3371

3372
	vm_flags_set(vma, VM_IO | VM_DONTCOPY | VM_DONTEXPAND | VM_NORESERVE |
3373
				VM_DONTDUMP | VM_PFNMAP);
3374

3375
	vma->vm_page_prot = pgprot_noncached(vma->vm_page_prot);
3376

3377
	pr_debug("process pid %d mapping mmio page\n"
3378
		 "     target user address == 0x%08llX\n"
3379
		 "     physical address    == 0x%08llX\n"
3380
		 "     vm_flags            == 0x%04lX\n"
3381
		 "     size                == 0x%04lX\n",
3382
		 process->lead_thread->pid, (unsigned long long) vma->vm_start,
3383
		 address, vma->vm_flags, PAGE_SIZE);
3384

3385
	return io_remap_pfn_range(vma,
3386
				vma->vm_start,
3387
				address >> PAGE_SHIFT,
3388
				PAGE_SIZE,
3389
				vma->vm_page_prot);
3390
}
3391

3392

3393
static int kfd_mmap(struct file *filp, struct vm_area_struct *vma)
3394
{
3395
	struct kfd_process *process;
3396
	struct kfd_node *dev = NULL;
3397
	unsigned long mmap_offset;
3398
	unsigned int gpu_id;
3399

3400
	process = kfd_get_process(current);
3401
	if (IS_ERR(process))
3402
		return PTR_ERR(process);
3403

3404
	mmap_offset = vma->vm_pgoff << PAGE_SHIFT;
3405
	gpu_id = KFD_MMAP_GET_GPU_ID(mmap_offset);
3406
	if (gpu_id)
3407
		dev = kfd_device_by_id(gpu_id);
3408

3409
	switch (mmap_offset & KFD_MMAP_TYPE_MASK) {
3410
	case KFD_MMAP_TYPE_DOORBELL:
3411
		if (!dev)
3412
			return -ENODEV;
3413
		return kfd_doorbell_mmap(dev, process, vma);
3414

3415
	case KFD_MMAP_TYPE_EVENTS:
3416
		return kfd_event_mmap(process, vma);
3417

3418
	case KFD_MMAP_TYPE_RESERVED_MEM:
3419
		if (!dev)
3420
			return -ENODEV;
3421
		return kfd_reserved_mem_mmap(dev, process, vma);
3422
	case KFD_MMAP_TYPE_MMIO:
3423
		if (!dev)
3424
			return -ENODEV;
3425
		return kfd_mmio_mmap(dev, process, vma);
3426
	}
3427

3428
	return -EFAULT;
3429
}
3430

3431
Product

Resources

Company
