1 // SPDX-License-Identifier: GPL-2.0 OR MIT
2 /*
3 * Copyright 2014-2022 Advanced Micro Devices, Inc.
4 *
5 * Permission is hereby granted, free of charge, to any person obtaining a
6 * copy of this software and associated documentation files (the "Software"),
7 * to deal in the Software without restriction, including without limitation
8 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
9 * and/or sell copies of the Software, and to permit persons to whom the
10 * Software is furnished to do so, subject to the following conditions:
11 *
12 * The above copyright notice and this permission notice shall be included in
13 * all copies or substantial portions of the Software.
14 *
15 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
18 * THE COPYRIGHT HOLDER(S) OR AUTHOR(S) BE LIABLE FOR ANY CLAIM, DAMAGES OR
19 * OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE,
20 * ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
21 * OTHER DEALINGS IN THE SOFTWARE.
22 */
23
24 #include <linux/mm_types.h>
25 #include <linux/slab.h>
26 #include <linux/types.h>
27 #include <linux/sched/signal.h>
28 #include <linux/sched/mm.h>
29 #include <linux/uaccess.h>
30 #include <linux/mman.h>
31 #include <linux/memory.h>
32 #include "kfd_priv.h"
33 #include "kfd_events.h"
34 #include "kfd_iommu.h"
35 #include <linux/device.h>
36
37 /*
38 * Wrapper around wait_queue_entry_t
39 */
40 struct kfd_event_waiter {
41 wait_queue_entry_t wait;
42 struct kfd_event *event; /* Event to wait for */
43 bool activated; /* Becomes true when event is signaled */
44 };
45
46 /*
47 * Each signal event needs a 64-bit signal slot where the signaler will write
48 * a 1 before sending an interrupt. (This is needed because some interrupts
49 * do not contain enough spare data bits to identify an event.)
50 * We get whole pages and map them to the process VA.
51 * Individual signal events use their event_id as slot index.
52 */
53 struct kfd_signal_page {
54 uint64_t *kernel_address;
55 uint64_t __user *user_address;
56 bool need_to_free_pages;
57 };
58
page_slots(struct kfd_signal_page * page)59 static uint64_t *page_slots(struct kfd_signal_page *page)
60 {
61 return page->kernel_address;
62 }
63
allocate_signal_page(struct kfd_process * p)64 static struct kfd_signal_page *allocate_signal_page(struct kfd_process *p)
65 {
66 void *backing_store;
67 struct kfd_signal_page *page;
68
69 page = kzalloc(sizeof(*page), GFP_KERNEL);
70 if (!page)
71 return NULL;
72
73 backing_store = (void *) __get_free_pages(GFP_KERNEL,
74 get_order(KFD_SIGNAL_EVENT_LIMIT * 8));
75 if (!backing_store)
76 goto fail_alloc_signal_store;
77
78 /* Initialize all events to unsignaled */
79 memset(backing_store, (uint8_t) UNSIGNALED_EVENT_SLOT,
80 KFD_SIGNAL_EVENT_LIMIT * 8);
81
82 page->kernel_address = backing_store;
83 page->need_to_free_pages = true;
84 pr_debug("Allocated new event signal page at %p, for process %p\n",
85 page, p);
86
87 return page;
88
89 fail_alloc_signal_store:
90 kfree(page);
91 return NULL;
92 }
93
allocate_event_notification_slot(struct kfd_process * p,struct kfd_event * ev,const int * restore_id)94 static int allocate_event_notification_slot(struct kfd_process *p,
95 struct kfd_event *ev,
96 const int *restore_id)
97 {
98 int id;
99
100 if (!p->signal_page) {
101 p->signal_page = allocate_signal_page(p);
102 if (!p->signal_page)
103 return -ENOMEM;
104 /* Oldest user mode expects 256 event slots */
105 p->signal_mapped_size = 256*8;
106 }
107
108 if (restore_id) {
109 id = idr_alloc(&p->event_idr, ev, *restore_id, *restore_id + 1,
110 GFP_KERNEL);
111 } else {
112 /*
113 * Compatibility with old user mode: Only use signal slots
114 * user mode has mapped, may be less than
115 * KFD_SIGNAL_EVENT_LIMIT. This also allows future increase
116 * of the event limit without breaking user mode.
117 */
118 id = idr_alloc(&p->event_idr, ev, 0, p->signal_mapped_size / 8,
119 GFP_KERNEL);
120 }
121 if (id < 0)
122 return id;
123
124 ev->event_id = id;
125 page_slots(p->signal_page)[id] = UNSIGNALED_EVENT_SLOT;
126
127 return 0;
128 }
129
130 /*
131 * Assumes that p->event_mutex or rcu_readlock is held and of course that p is
132 * not going away.
133 */
lookup_event_by_id(struct kfd_process * p,uint32_t id)134 static struct kfd_event *lookup_event_by_id(struct kfd_process *p, uint32_t id)
135 {
136 return idr_find(&p->event_idr, id);
137 }
138
139 /**
140 * lookup_signaled_event_by_partial_id - Lookup signaled event from partial ID
141 * @p: Pointer to struct kfd_process
142 * @id: ID to look up
143 * @bits: Number of valid bits in @id
144 *
145 * Finds the first signaled event with a matching partial ID. If no
146 * matching signaled event is found, returns NULL. In that case the
147 * caller should assume that the partial ID is invalid and do an
148 * exhaustive search of all siglaned events.
149 *
150 * If multiple events with the same partial ID signal at the same
151 * time, they will be found one interrupt at a time, not necessarily
152 * in the same order the interrupts occurred. As long as the number of
153 * interrupts is correct, all signaled events will be seen by the
154 * driver.
155 */
lookup_signaled_event_by_partial_id(struct kfd_process * p,uint32_t id,uint32_t bits)156 static struct kfd_event *lookup_signaled_event_by_partial_id(
157 struct kfd_process *p, uint32_t id, uint32_t bits)
158 {
159 struct kfd_event *ev;
160
161 if (!p->signal_page || id >= KFD_SIGNAL_EVENT_LIMIT)
162 return NULL;
163
164 /* Fast path for the common case that @id is not a partial ID
165 * and we only need a single lookup.
166 */
167 if (bits > 31 || (1U << bits) >= KFD_SIGNAL_EVENT_LIMIT) {
168 if (page_slots(p->signal_page)[id] == UNSIGNALED_EVENT_SLOT)
169 return NULL;
170
171 return idr_find(&p->event_idr, id);
172 }
173
174 /* General case for partial IDs: Iterate over all matching IDs
175 * and find the first one that has signaled.
176 */
177 for (ev = NULL; id < KFD_SIGNAL_EVENT_LIMIT && !ev; id += 1U << bits) {
178 if (page_slots(p->signal_page)[id] == UNSIGNALED_EVENT_SLOT)
179 continue;
180
181 ev = idr_find(&p->event_idr, id);
182 }
183
184 return ev;
185 }
186
create_signal_event(struct file * devkfd,struct kfd_process * p,struct kfd_event * ev,const int * restore_id)187 static int create_signal_event(struct file *devkfd, struct kfd_process *p,
188 struct kfd_event *ev, const int *restore_id)
189 {
190 int ret;
191
192 if (p->signal_mapped_size &&
193 p->signal_event_count == p->signal_mapped_size / 8) {
194 if (!p->signal_event_limit_reached) {
195 pr_debug("Signal event wasn't created because limit was reached\n");
196 p->signal_event_limit_reached = true;
197 }
198 return -ENOSPC;
199 }
200
201 ret = allocate_event_notification_slot(p, ev, restore_id);
202 if (ret) {
203 pr_warn("Signal event wasn't created because out of kernel memory\n");
204 return ret;
205 }
206
207 p->signal_event_count++;
208
209 ev->user_signal_address = &p->signal_page->user_address[ev->event_id];
210 pr_debug("Signal event number %zu created with id %d, address %p\n",
211 p->signal_event_count, ev->event_id,
212 ev->user_signal_address);
213
214 return 0;
215 }
216
create_other_event(struct kfd_process * p,struct kfd_event * ev,const int * restore_id)217 static int create_other_event(struct kfd_process *p, struct kfd_event *ev, const int *restore_id)
218 {
219 int id;
220
221 if (restore_id)
222 id = idr_alloc(&p->event_idr, ev, *restore_id, *restore_id + 1,
223 GFP_KERNEL);
224 else
225 /* Cast KFD_LAST_NONSIGNAL_EVENT to uint32_t. This allows an
226 * intentional integer overflow to -1 without a compiler
227 * warning. idr_alloc treats a negative value as "maximum
228 * signed integer".
229 */
230 id = idr_alloc(&p->event_idr, ev, KFD_FIRST_NONSIGNAL_EVENT_ID,
231 (uint32_t)KFD_LAST_NONSIGNAL_EVENT_ID + 1,
232 GFP_KERNEL);
233
234 if (id < 0)
235 return id;
236 ev->event_id = id;
237
238 return 0;
239 }
240
kfd_event_init_process(struct kfd_process * p)241 int kfd_event_init_process(struct kfd_process *p)
242 {
243 int id;
244
245 mutex_init(&p->event_mutex);
246 idr_init(&p->event_idr);
247 p->signal_page = NULL;
248 p->signal_event_count = 1;
249 /* Allocate event ID 0. It is used for a fast path to ignore bogus events
250 * that are sent by the CP without a context ID
251 */
252 id = idr_alloc(&p->event_idr, NULL, 0, 1, GFP_KERNEL);
253 if (id < 0) {
254 idr_destroy(&p->event_idr);
255 mutex_destroy(&p->event_mutex);
256 return id;
257 }
258 return 0;
259 }
260
destroy_event(struct kfd_process * p,struct kfd_event * ev)261 static void destroy_event(struct kfd_process *p, struct kfd_event *ev)
262 {
263 struct kfd_event_waiter *waiter;
264
265 /* Wake up pending waiters. They will return failure */
266 spin_lock(&ev->lock);
267 list_for_each_entry(waiter, &ev->wq.head, wait.entry)
268 WRITE_ONCE(waiter->event, NULL);
269 wake_up_all(&ev->wq);
270 spin_unlock(&ev->lock);
271
272 if (ev->type == KFD_EVENT_TYPE_SIGNAL ||
273 ev->type == KFD_EVENT_TYPE_DEBUG)
274 p->signal_event_count--;
275
276 idr_remove(&p->event_idr, ev->event_id);
277 kfree_rcu(ev, rcu);
278 }
279
destroy_events(struct kfd_process * p)280 static void destroy_events(struct kfd_process *p)
281 {
282 struct kfd_event *ev;
283 uint32_t id;
284
285 idr_for_each_entry(&p->event_idr, ev, id)
286 if (ev)
287 destroy_event(p, ev);
288 idr_destroy(&p->event_idr);
289 mutex_destroy(&p->event_mutex);
290 }
291
292 /*
293 * We assume that the process is being destroyed and there is no need to
294 * unmap the pages or keep bookkeeping data in order.
295 */
shutdown_signal_page(struct kfd_process * p)296 static void shutdown_signal_page(struct kfd_process *p)
297 {
298 struct kfd_signal_page *page = p->signal_page;
299
300 if (page) {
301 if (page->need_to_free_pages)
302 free_pages((unsigned long)page->kernel_address,
303 get_order(KFD_SIGNAL_EVENT_LIMIT * 8));
304 kfree(page);
305 }
306 }
307
kfd_event_free_process(struct kfd_process * p)308 void kfd_event_free_process(struct kfd_process *p)
309 {
310 destroy_events(p);
311 shutdown_signal_page(p);
312 }
313
event_can_be_gpu_signaled(const struct kfd_event * ev)314 static bool event_can_be_gpu_signaled(const struct kfd_event *ev)
315 {
316 return ev->type == KFD_EVENT_TYPE_SIGNAL ||
317 ev->type == KFD_EVENT_TYPE_DEBUG;
318 }
319
event_can_be_cpu_signaled(const struct kfd_event * ev)320 static bool event_can_be_cpu_signaled(const struct kfd_event *ev)
321 {
322 return ev->type == KFD_EVENT_TYPE_SIGNAL;
323 }
324
kfd_event_page_set(struct kfd_process * p,void * kernel_address,uint64_t size,uint64_t user_handle)325 static int kfd_event_page_set(struct kfd_process *p, void *kernel_address,
326 uint64_t size, uint64_t user_handle)
327 {
328 struct kfd_signal_page *page;
329
330 if (p->signal_page)
331 return -EBUSY;
332
333 page = kzalloc(sizeof(*page), GFP_KERNEL);
334 if (!page)
335 return -ENOMEM;
336
337 /* Initialize all events to unsignaled */
338 memset(kernel_address, (uint8_t) UNSIGNALED_EVENT_SLOT,
339 KFD_SIGNAL_EVENT_LIMIT * 8);
340
341 page->kernel_address = kernel_address;
342
343 p->signal_page = page;
344 p->signal_mapped_size = size;
345 p->signal_handle = user_handle;
346 return 0;
347 }
348
kfd_kmap_event_page(struct kfd_process * p,uint64_t event_page_offset)349 int kfd_kmap_event_page(struct kfd_process *p, uint64_t event_page_offset)
350 {
351 struct kfd_dev *kfd;
352 struct kfd_process_device *pdd;
353 void *mem, *kern_addr;
354 uint64_t size;
355 int err = 0;
356
357 if (p->signal_page) {
358 pr_err("Event page is already set\n");
359 return -EINVAL;
360 }
361
362 pdd = kfd_process_device_data_by_id(p, GET_GPU_ID(event_page_offset));
363 if (!pdd) {
364 pr_err("Getting device by id failed in %s\n", __func__);
365 return -EINVAL;
366 }
367 kfd = pdd->dev;
368
369 pdd = kfd_bind_process_to_device(kfd, p);
370 if (IS_ERR(pdd))
371 return PTR_ERR(pdd);
372
373 mem = kfd_process_device_translate_handle(pdd,
374 GET_IDR_HANDLE(event_page_offset));
375 if (!mem) {
376 pr_err("Can't find BO, offset is 0x%llx\n", event_page_offset);
377 return -EINVAL;
378 }
379
380 err = amdgpu_amdkfd_gpuvm_map_gtt_bo_to_kernel(kfd->adev,
381 mem, &kern_addr, &size);
382 if (err) {
383 pr_err("Failed to map event page to kernel\n");
384 return err;
385 }
386
387 err = kfd_event_page_set(p, kern_addr, size, event_page_offset);
388 if (err) {
389 pr_err("Failed to set event page\n");
390 amdgpu_amdkfd_gpuvm_unmap_gtt_bo_from_kernel(kfd->adev, mem);
391 return err;
392 }
393 return err;
394 }
395
kfd_event_create(struct file * devkfd,struct kfd_process * p,uint32_t event_type,bool auto_reset,uint32_t node_id,uint32_t * event_id,uint32_t * event_trigger_data,uint64_t * event_page_offset,uint32_t * event_slot_index)396 int kfd_event_create(struct file *devkfd, struct kfd_process *p,
397 uint32_t event_type, bool auto_reset, uint32_t node_id,
398 uint32_t *event_id, uint32_t *event_trigger_data,
399 uint64_t *event_page_offset, uint32_t *event_slot_index)
400 {
401 int ret = 0;
402 struct kfd_event *ev = kzalloc(sizeof(*ev), GFP_KERNEL);
403
404 if (!ev)
405 return -ENOMEM;
406
407 ev->type = event_type;
408 ev->auto_reset = auto_reset;
409 ev->signaled = false;
410
411 spin_lock_init(&ev->lock);
412 init_waitqueue_head(&ev->wq);
413
414 *event_page_offset = 0;
415
416 mutex_lock(&p->event_mutex);
417
418 switch (event_type) {
419 case KFD_EVENT_TYPE_SIGNAL:
420 case KFD_EVENT_TYPE_DEBUG:
421 ret = create_signal_event(devkfd, p, ev, NULL);
422 if (!ret) {
423 *event_page_offset = KFD_MMAP_TYPE_EVENTS;
424 *event_slot_index = ev->event_id;
425 }
426 break;
427 default:
428 ret = create_other_event(p, ev, NULL);
429 break;
430 }
431
432 if (!ret) {
433 *event_id = ev->event_id;
434 *event_trigger_data = ev->event_id;
435 } else {
436 kfree(ev);
437 }
438
439 mutex_unlock(&p->event_mutex);
440
441 return ret;
442 }
443
kfd_criu_restore_event(struct file * devkfd,struct kfd_process * p,uint8_t __user * user_priv_ptr,uint64_t * priv_data_offset,uint64_t max_priv_data_size)444 int kfd_criu_restore_event(struct file *devkfd,
445 struct kfd_process *p,
446 uint8_t __user *user_priv_ptr,
447 uint64_t *priv_data_offset,
448 uint64_t max_priv_data_size)
449 {
450 struct kfd_criu_event_priv_data *ev_priv;
451 struct kfd_event *ev = NULL;
452 int ret = 0;
453
454 ev_priv = kmalloc(sizeof(*ev_priv), GFP_KERNEL);
455 if (!ev_priv)
456 return -ENOMEM;
457
458 ev = kzalloc(sizeof(*ev), GFP_KERNEL);
459 if (!ev) {
460 ret = -ENOMEM;
461 goto exit;
462 }
463
464 if (*priv_data_offset + sizeof(*ev_priv) > max_priv_data_size) {
465 ret = -EINVAL;
466 goto exit;
467 }
468
469 ret = copy_from_user(ev_priv, user_priv_ptr + *priv_data_offset, sizeof(*ev_priv));
470 if (ret) {
471 ret = -EFAULT;
472 goto exit;
473 }
474 *priv_data_offset += sizeof(*ev_priv);
475
476 if (ev_priv->user_handle) {
477 ret = kfd_kmap_event_page(p, ev_priv->user_handle);
478 if (ret)
479 goto exit;
480 }
481
482 ev->type = ev_priv->type;
483 ev->auto_reset = ev_priv->auto_reset;
484 ev->signaled = ev_priv->signaled;
485
486 spin_lock_init(&ev->lock);
487 init_waitqueue_head(&ev->wq);
488
489 mutex_lock(&p->event_mutex);
490 switch (ev->type) {
491 case KFD_EVENT_TYPE_SIGNAL:
492 case KFD_EVENT_TYPE_DEBUG:
493 ret = create_signal_event(devkfd, p, ev, &ev_priv->event_id);
494 break;
495 case KFD_EVENT_TYPE_MEMORY:
496 memcpy(&ev->memory_exception_data,
497 &ev_priv->memory_exception_data,
498 sizeof(struct kfd_hsa_memory_exception_data));
499
500 ret = create_other_event(p, ev, &ev_priv->event_id);
501 break;
502 case KFD_EVENT_TYPE_HW_EXCEPTION:
503 memcpy(&ev->hw_exception_data,
504 &ev_priv->hw_exception_data,
505 sizeof(struct kfd_hsa_hw_exception_data));
506
507 ret = create_other_event(p, ev, &ev_priv->event_id);
508 break;
509 }
510
511 exit:
512 if (ret)
513 kfree(ev);
514
515 kfree(ev_priv);
516
517 mutex_unlock(&p->event_mutex);
518
519 return ret;
520 }
521
kfd_criu_checkpoint_events(struct kfd_process * p,uint8_t __user * user_priv_data,uint64_t * priv_data_offset)522 int kfd_criu_checkpoint_events(struct kfd_process *p,
523 uint8_t __user *user_priv_data,
524 uint64_t *priv_data_offset)
525 {
526 struct kfd_criu_event_priv_data *ev_privs;
527 int i = 0;
528 int ret = 0;
529 struct kfd_event *ev;
530 uint32_t ev_id;
531
532 uint32_t num_events = kfd_get_num_events(p);
533
534 if (!num_events)
535 return 0;
536
537 ev_privs = kvzalloc(num_events * sizeof(*ev_privs), GFP_KERNEL);
538 if (!ev_privs)
539 return -ENOMEM;
540
541
542 idr_for_each_entry(&p->event_idr, ev, ev_id) {
543 struct kfd_criu_event_priv_data *ev_priv;
544
545 /*
546 * Currently, all events have same size of private_data, but the current ioctl's
547 * and CRIU plugin supports private_data of variable sizes
548 */
549 ev_priv = &ev_privs[i];
550
551 ev_priv->object_type = KFD_CRIU_OBJECT_TYPE_EVENT;
552
553 /* We store the user_handle with the first event */
554 if (i == 0 && p->signal_page)
555 ev_priv->user_handle = p->signal_handle;
556
557 ev_priv->event_id = ev->event_id;
558 ev_priv->auto_reset = ev->auto_reset;
559 ev_priv->type = ev->type;
560 ev_priv->signaled = ev->signaled;
561
562 if (ev_priv->type == KFD_EVENT_TYPE_MEMORY)
563 memcpy(&ev_priv->memory_exception_data,
564 &ev->memory_exception_data,
565 sizeof(struct kfd_hsa_memory_exception_data));
566 else if (ev_priv->type == KFD_EVENT_TYPE_HW_EXCEPTION)
567 memcpy(&ev_priv->hw_exception_data,
568 &ev->hw_exception_data,
569 sizeof(struct kfd_hsa_hw_exception_data));
570
571 pr_debug("Checkpointed event[%d] id = 0x%08x auto_reset = %x type = %x signaled = %x\n",
572 i,
573 ev_priv->event_id,
574 ev_priv->auto_reset,
575 ev_priv->type,
576 ev_priv->signaled);
577 i++;
578 }
579
580 ret = copy_to_user(user_priv_data + *priv_data_offset,
581 ev_privs, num_events * sizeof(*ev_privs));
582 if (ret) {
583 pr_err("Failed to copy events priv to user\n");
584 ret = -EFAULT;
585 }
586
587 *priv_data_offset += num_events * sizeof(*ev_privs);
588
589 kvfree(ev_privs);
590 return ret;
591 }
592
kfd_get_num_events(struct kfd_process * p)593 int kfd_get_num_events(struct kfd_process *p)
594 {
595 struct kfd_event *ev;
596 uint32_t id;
597 u32 num_events = 0;
598
599 idr_for_each_entry(&p->event_idr, ev, id)
600 num_events++;
601
602 return num_events;
603 }
604
605 /* Assumes that p is current. */
kfd_event_destroy(struct kfd_process * p,uint32_t event_id)606 int kfd_event_destroy(struct kfd_process *p, uint32_t event_id)
607 {
608 struct kfd_event *ev;
609 int ret = 0;
610
611 mutex_lock(&p->event_mutex);
612
613 ev = lookup_event_by_id(p, event_id);
614
615 if (ev)
616 destroy_event(p, ev);
617 else
618 ret = -EINVAL;
619
620 mutex_unlock(&p->event_mutex);
621 return ret;
622 }
623
set_event(struct kfd_event * ev)624 static void set_event(struct kfd_event *ev)
625 {
626 struct kfd_event_waiter *waiter;
627
628 /* Auto reset if the list is non-empty and we're waking
629 * someone. waitqueue_active is safe here because we're
630 * protected by the ev->lock, which is also held when
631 * updating the wait queues in kfd_wait_on_events.
632 */
633 ev->signaled = !ev->auto_reset || !waitqueue_active(&ev->wq);
634
635 list_for_each_entry(waiter, &ev->wq.head, wait.entry)
636 WRITE_ONCE(waiter->activated, true);
637
638 wake_up_all(&ev->wq);
639 }
640
641 /* Assumes that p is current. */
kfd_set_event(struct kfd_process * p,uint32_t event_id)642 int kfd_set_event(struct kfd_process *p, uint32_t event_id)
643 {
644 int ret = 0;
645 struct kfd_event *ev;
646
647 rcu_read_lock();
648
649 ev = lookup_event_by_id(p, event_id);
650 if (!ev) {
651 ret = -EINVAL;
652 goto unlock_rcu;
653 }
654 spin_lock(&ev->lock);
655
656 if (event_can_be_cpu_signaled(ev))
657 set_event(ev);
658 else
659 ret = -EINVAL;
660
661 spin_unlock(&ev->lock);
662 unlock_rcu:
663 rcu_read_unlock();
664 return ret;
665 }
666
reset_event(struct kfd_event * ev)667 static void reset_event(struct kfd_event *ev)
668 {
669 ev->signaled = false;
670 }
671
672 /* Assumes that p is current. */
kfd_reset_event(struct kfd_process * p,uint32_t event_id)673 int kfd_reset_event(struct kfd_process *p, uint32_t event_id)
674 {
675 int ret = 0;
676 struct kfd_event *ev;
677
678 rcu_read_lock();
679
680 ev = lookup_event_by_id(p, event_id);
681 if (!ev) {
682 ret = -EINVAL;
683 goto unlock_rcu;
684 }
685 spin_lock(&ev->lock);
686
687 if (event_can_be_cpu_signaled(ev))
688 reset_event(ev);
689 else
690 ret = -EINVAL;
691
692 spin_unlock(&ev->lock);
693 unlock_rcu:
694 rcu_read_unlock();
695 return ret;
696
697 }
698
acknowledge_signal(struct kfd_process * p,struct kfd_event * ev)699 static void acknowledge_signal(struct kfd_process *p, struct kfd_event *ev)
700 {
701 WRITE_ONCE(page_slots(p->signal_page)[ev->event_id], UNSIGNALED_EVENT_SLOT);
702 }
703
set_event_from_interrupt(struct kfd_process * p,struct kfd_event * ev)704 static void set_event_from_interrupt(struct kfd_process *p,
705 struct kfd_event *ev)
706 {
707 if (ev && event_can_be_gpu_signaled(ev)) {
708 acknowledge_signal(p, ev);
709 spin_lock(&ev->lock);
710 set_event(ev);
711 spin_unlock(&ev->lock);
712 }
713 }
714
kfd_signal_event_interrupt(u32 pasid,uint32_t partial_id,uint32_t valid_id_bits)715 void kfd_signal_event_interrupt(u32 pasid, uint32_t partial_id,
716 uint32_t valid_id_bits)
717 {
718 struct kfd_event *ev = NULL;
719
720 /*
721 * Because we are called from arbitrary context (workqueue) as opposed
722 * to process context, kfd_process could attempt to exit while we are
723 * running so the lookup function increments the process ref count.
724 */
725 struct kfd_process *p = kfd_lookup_process_by_pasid(pasid);
726
727 if (!p)
728 return; /* Presumably process exited. */
729
730 rcu_read_lock();
731
732 if (valid_id_bits)
733 ev = lookup_signaled_event_by_partial_id(p, partial_id,
734 valid_id_bits);
735 if (ev) {
736 set_event_from_interrupt(p, ev);
737 } else if (p->signal_page) {
738 /*
739 * Partial ID lookup failed. Assume that the event ID
740 * in the interrupt payload was invalid and do an
741 * exhaustive search of signaled events.
742 */
743 uint64_t *slots = page_slots(p->signal_page);
744 uint32_t id;
745
746 if (valid_id_bits)
747 pr_debug_ratelimited("Partial ID invalid: %u (%u valid bits)\n",
748 partial_id, valid_id_bits);
749
750 if (p->signal_event_count < KFD_SIGNAL_EVENT_LIMIT / 64) {
751 /* With relatively few events, it's faster to
752 * iterate over the event IDR
753 */
754 idr_for_each_entry(&p->event_idr, ev, id) {
755 if (id >= KFD_SIGNAL_EVENT_LIMIT)
756 break;
757
758 if (READ_ONCE(slots[id]) != UNSIGNALED_EVENT_SLOT)
759 set_event_from_interrupt(p, ev);
760 }
761 } else {
762 /* With relatively many events, it's faster to
763 * iterate over the signal slots and lookup
764 * only signaled events from the IDR.
765 */
766 for (id = 1; id < KFD_SIGNAL_EVENT_LIMIT; id++)
767 if (READ_ONCE(slots[id]) != UNSIGNALED_EVENT_SLOT) {
768 ev = lookup_event_by_id(p, id);
769 set_event_from_interrupt(p, ev);
770 }
771 }
772 }
773
774 rcu_read_unlock();
775 kfd_unref_process(p);
776 }
777
alloc_event_waiters(uint32_t num_events)778 static struct kfd_event_waiter *alloc_event_waiters(uint32_t num_events)
779 {
780 struct kfd_event_waiter *event_waiters;
781 uint32_t i;
782
783 event_waiters = kmalloc_array(num_events,
784 sizeof(struct kfd_event_waiter),
785 GFP_KERNEL);
786 if (!event_waiters)
787 return NULL;
788
789 for (i = 0; (event_waiters) && (i < num_events) ; i++) {
790 init_wait(&event_waiters[i].wait);
791 event_waiters[i].activated = false;
792 }
793
794 return event_waiters;
795 }
796
init_event_waiter(struct kfd_process * p,struct kfd_event_waiter * waiter,uint32_t event_id)797 static int init_event_waiter(struct kfd_process *p,
798 struct kfd_event_waiter *waiter,
799 uint32_t event_id)
800 {
801 struct kfd_event *ev = lookup_event_by_id(p, event_id);
802
803 if (!ev)
804 return -EINVAL;
805
806 spin_lock(&ev->lock);
807 waiter->event = ev;
808 waiter->activated = ev->signaled;
809 ev->signaled = ev->signaled && !ev->auto_reset;
810 if (!waiter->activated)
811 add_wait_queue(&ev->wq, &waiter->wait);
812 spin_unlock(&ev->lock);
813
814 return 0;
815 }
816
817 /* test_event_condition - Test condition of events being waited for
818 * @all: Return completion only if all events have signaled
819 * @num_events: Number of events to wait for
820 * @event_waiters: Array of event waiters, one per event
821 *
822 * Returns KFD_IOC_WAIT_RESULT_COMPLETE if all (or one) event(s) have
823 * signaled. Returns KFD_IOC_WAIT_RESULT_TIMEOUT if no (or not all)
824 * events have signaled. Returns KFD_IOC_WAIT_RESULT_FAIL if any of
825 * the events have been destroyed.
826 */
test_event_condition(bool all,uint32_t num_events,struct kfd_event_waiter * event_waiters)827 static uint32_t test_event_condition(bool all, uint32_t num_events,
828 struct kfd_event_waiter *event_waiters)
829 {
830 uint32_t i;
831 uint32_t activated_count = 0;
832
833 for (i = 0; i < num_events; i++) {
834 if (!READ_ONCE(event_waiters[i].event))
835 return KFD_IOC_WAIT_RESULT_FAIL;
836
837 if (READ_ONCE(event_waiters[i].activated)) {
838 if (!all)
839 return KFD_IOC_WAIT_RESULT_COMPLETE;
840
841 activated_count++;
842 }
843 }
844
845 return activated_count == num_events ?
846 KFD_IOC_WAIT_RESULT_COMPLETE : KFD_IOC_WAIT_RESULT_TIMEOUT;
847 }
848
849 /*
850 * Copy event specific data, if defined.
851 * Currently only memory exception events have additional data to copy to user
852 */
copy_signaled_event_data(uint32_t num_events,struct kfd_event_waiter * event_waiters,struct kfd_event_data __user * data)853 static int copy_signaled_event_data(uint32_t num_events,
854 struct kfd_event_waiter *event_waiters,
855 struct kfd_event_data __user *data)
856 {
857 struct kfd_hsa_memory_exception_data *src;
858 struct kfd_hsa_memory_exception_data __user *dst;
859 struct kfd_event_waiter *waiter;
860 struct kfd_event *event;
861 uint32_t i;
862
863 for (i = 0; i < num_events; i++) {
864 waiter = &event_waiters[i];
865 event = waiter->event;
866 if (!event)
867 return -EINVAL; /* event was destroyed */
868 if (waiter->activated && event->type == KFD_EVENT_TYPE_MEMORY) {
869 dst = &data[i].memory_exception_data;
870 src = &event->memory_exception_data;
871 if (copy_to_user(dst, src,
872 sizeof(struct kfd_hsa_memory_exception_data)))
873 return -EFAULT;
874 }
875 }
876
877 return 0;
878 }
879
user_timeout_to_jiffies(uint32_t user_timeout_ms)880 static long user_timeout_to_jiffies(uint32_t user_timeout_ms)
881 {
882 if (user_timeout_ms == KFD_EVENT_TIMEOUT_IMMEDIATE)
883 return 0;
884
885 if (user_timeout_ms == KFD_EVENT_TIMEOUT_INFINITE)
886 return MAX_SCHEDULE_TIMEOUT;
887
888 /*
889 * msecs_to_jiffies interprets all values above 2^31-1 as infinite,
890 * but we consider them finite.
891 * This hack is wrong, but nobody is likely to notice.
892 */
893 user_timeout_ms = min_t(uint32_t, user_timeout_ms, 0x7FFFFFFF);
894
895 return msecs_to_jiffies(user_timeout_ms) + 1;
896 }
897
free_waiters(uint32_t num_events,struct kfd_event_waiter * waiters,bool undo_auto_reset)898 static void free_waiters(uint32_t num_events, struct kfd_event_waiter *waiters,
899 bool undo_auto_reset)
900 {
901 uint32_t i;
902
903 for (i = 0; i < num_events; i++)
904 if (waiters[i].event) {
905 spin_lock(&waiters[i].event->lock);
906 remove_wait_queue(&waiters[i].event->wq,
907 &waiters[i].wait);
908 if (undo_auto_reset && waiters[i].activated &&
909 waiters[i].event && waiters[i].event->auto_reset)
910 set_event(waiters[i].event);
911 spin_unlock(&waiters[i].event->lock);
912 }
913
914 kfree(waiters);
915 }
916
kfd_wait_on_events(struct kfd_process * p,uint32_t num_events,void __user * data,bool all,uint32_t * user_timeout_ms,uint32_t * wait_result)917 int kfd_wait_on_events(struct kfd_process *p,
918 uint32_t num_events, void __user *data,
919 bool all, uint32_t *user_timeout_ms,
920 uint32_t *wait_result)
921 {
922 struct kfd_event_data __user *events =
923 (struct kfd_event_data __user *) data;
924 uint32_t i;
925 int ret = 0;
926
927 struct kfd_event_waiter *event_waiters = NULL;
928 long timeout = user_timeout_to_jiffies(*user_timeout_ms);
929
930 event_waiters = alloc_event_waiters(num_events);
931 if (!event_waiters) {
932 ret = -ENOMEM;
933 goto out;
934 }
935
936 /* Use p->event_mutex here to protect against concurrent creation and
937 * destruction of events while we initialize event_waiters.
938 */
939 mutex_lock(&p->event_mutex);
940
941 for (i = 0; i < num_events; i++) {
942 struct kfd_event_data event_data;
943
944 if (copy_from_user(&event_data, &events[i],
945 sizeof(struct kfd_event_data))) {
946 ret = -EFAULT;
947 goto out_unlock;
948 }
949
950 ret = init_event_waiter(p, &event_waiters[i],
951 event_data.event_id);
952 if (ret)
953 goto out_unlock;
954 }
955
956 /* Check condition once. */
957 *wait_result = test_event_condition(all, num_events, event_waiters);
958 if (*wait_result == KFD_IOC_WAIT_RESULT_COMPLETE) {
959 ret = copy_signaled_event_data(num_events,
960 event_waiters, events);
961 goto out_unlock;
962 } else if (WARN_ON(*wait_result == KFD_IOC_WAIT_RESULT_FAIL)) {
963 /* This should not happen. Events shouldn't be
964 * destroyed while we're holding the event_mutex
965 */
966 goto out_unlock;
967 }
968
969 mutex_unlock(&p->event_mutex);
970
971 while (true) {
972 if (fatal_signal_pending(current)) {
973 ret = -EINTR;
974 break;
975 }
976
977 if (signal_pending(current)) {
978 ret = -ERESTARTSYS;
979 if (*user_timeout_ms != KFD_EVENT_TIMEOUT_IMMEDIATE &&
980 *user_timeout_ms != KFD_EVENT_TIMEOUT_INFINITE)
981 *user_timeout_ms = jiffies_to_msecs(
982 max(0l, timeout-1));
983 break;
984 }
985
986 /* Set task state to interruptible sleep before
987 * checking wake-up conditions. A concurrent wake-up
988 * will put the task back into runnable state. In that
989 * case schedule_timeout will not put the task to
990 * sleep and we'll get a chance to re-check the
991 * updated conditions almost immediately. Otherwise,
992 * this race condition would lead to a soft hang or a
993 * very long sleep.
994 */
995 set_current_state(TASK_INTERRUPTIBLE);
996
997 *wait_result = test_event_condition(all, num_events,
998 event_waiters);
999 if (*wait_result != KFD_IOC_WAIT_RESULT_TIMEOUT)
1000 break;
1001
1002 if (timeout <= 0)
1003 break;
1004
1005 timeout = schedule_timeout(timeout);
1006 }
1007 __set_current_state(TASK_RUNNING);
1008
1009 mutex_lock(&p->event_mutex);
1010 /* copy_signaled_event_data may sleep. So this has to happen
1011 * after the task state is set back to RUNNING.
1012 *
1013 * The event may also have been destroyed after signaling. So
1014 * copy_signaled_event_data also must confirm that the event
1015 * still exists. Therefore this must be under the p->event_mutex
1016 * which is also held when events are destroyed.
1017 */
1018 if (!ret && *wait_result == KFD_IOC_WAIT_RESULT_COMPLETE)
1019 ret = copy_signaled_event_data(num_events,
1020 event_waiters, events);
1021
1022 out_unlock:
1023 free_waiters(num_events, event_waiters, ret == -ERESTARTSYS);
1024 mutex_unlock(&p->event_mutex);
1025 out:
1026 if (ret)
1027 *wait_result = KFD_IOC_WAIT_RESULT_FAIL;
1028 else if (*wait_result == KFD_IOC_WAIT_RESULT_FAIL)
1029 ret = -EIO;
1030
1031 return ret;
1032 }
1033
kfd_event_mmap(struct kfd_process * p,struct vm_area_struct * vma)1034 int kfd_event_mmap(struct kfd_process *p, struct vm_area_struct *vma)
1035 {
1036 unsigned long pfn;
1037 struct kfd_signal_page *page;
1038 int ret;
1039
1040 /* check required size doesn't exceed the allocated size */
1041 if (get_order(KFD_SIGNAL_EVENT_LIMIT * 8) <
1042 get_order(vma->vm_end - vma->vm_start)) {
1043 pr_err("Event page mmap requested illegal size\n");
1044 return -EINVAL;
1045 }
1046
1047 page = p->signal_page;
1048 if (!page) {
1049 /* Probably KFD bug, but mmap is user-accessible. */
1050 pr_debug("Signal page could not be found\n");
1051 return -EINVAL;
1052 }
1053
1054 pfn = __pa(page->kernel_address);
1055 pfn >>= PAGE_SHIFT;
1056
1057 vma->vm_flags |= VM_IO | VM_DONTCOPY | VM_DONTEXPAND | VM_NORESERVE
1058 | VM_DONTDUMP | VM_PFNMAP;
1059
1060 pr_debug("Mapping signal page\n");
1061 pr_debug(" start user address == 0x%08lx\n", vma->vm_start);
1062 pr_debug(" end user address == 0x%08lx\n", vma->vm_end);
1063 pr_debug(" pfn == 0x%016lX\n", pfn);
1064 pr_debug(" vm_flags == 0x%08lX\n", vma->vm_flags);
1065 pr_debug(" size == 0x%08lX\n",
1066 vma->vm_end - vma->vm_start);
1067
1068 page->user_address = (uint64_t __user *)vma->vm_start;
1069
1070 /* mapping the page to user process */
1071 ret = remap_pfn_range(vma, vma->vm_start, pfn,
1072 vma->vm_end - vma->vm_start, vma->vm_page_prot);
1073 if (!ret)
1074 p->signal_mapped_size = vma->vm_end - vma->vm_start;
1075
1076 return ret;
1077 }
1078
1079 /*
1080 * Assumes that p is not going away.
1081 */
lookup_events_by_type_and_signal(struct kfd_process * p,int type,void * event_data)1082 static void lookup_events_by_type_and_signal(struct kfd_process *p,
1083 int type, void *event_data)
1084 {
1085 struct kfd_hsa_memory_exception_data *ev_data;
1086 struct kfd_event *ev;
1087 uint32_t id;
1088 bool send_signal = true;
1089
1090 ev_data = (struct kfd_hsa_memory_exception_data *) event_data;
1091
1092 rcu_read_lock();
1093
1094 id = KFD_FIRST_NONSIGNAL_EVENT_ID;
1095 idr_for_each_entry_continue(&p->event_idr, ev, id)
1096 if (ev->type == type) {
1097 send_signal = false;
1098 dev_dbg(kfd_device,
1099 "Event found: id %X type %d",
1100 ev->event_id, ev->type);
1101 spin_lock(&ev->lock);
1102 set_event(ev);
1103 if (ev->type == KFD_EVENT_TYPE_MEMORY && ev_data)
1104 ev->memory_exception_data = *ev_data;
1105 spin_unlock(&ev->lock);
1106 }
1107
1108 if (type == KFD_EVENT_TYPE_MEMORY) {
1109 dev_warn(kfd_device,
1110 "Sending SIGSEGV to process %d (pasid 0x%x)",
1111 p->lead_thread->pid, p->pasid);
1112 send_sig(SIGSEGV, p->lead_thread, 0);
1113 }
1114
1115 /* Send SIGTERM no event of type "type" has been found*/
1116 if (send_signal) {
1117 if (send_sigterm) {
1118 dev_warn(kfd_device,
1119 "Sending SIGTERM to process %d (pasid 0x%x)",
1120 p->lead_thread->pid, p->pasid);
1121 send_sig(SIGTERM, p->lead_thread, 0);
1122 } else {
1123 dev_err(kfd_device,
1124 "Process %d (pasid 0x%x) got unhandled exception",
1125 p->lead_thread->pid, p->pasid);
1126 }
1127 }
1128
1129 rcu_read_unlock();
1130 }
1131
1132 #ifdef KFD_SUPPORT_IOMMU_V2
kfd_signal_iommu_event(struct kfd_dev * dev,u32 pasid,unsigned long address,bool is_write_requested,bool is_execute_requested)1133 void kfd_signal_iommu_event(struct kfd_dev *dev, u32 pasid,
1134 unsigned long address, bool is_write_requested,
1135 bool is_execute_requested)
1136 {
1137 struct kfd_hsa_memory_exception_data memory_exception_data;
1138 struct vm_area_struct *vma;
1139 int user_gpu_id;
1140
1141 /*
1142 * Because we are called from arbitrary context (workqueue) as opposed
1143 * to process context, kfd_process could attempt to exit while we are
1144 * running so the lookup function increments the process ref count.
1145 */
1146 struct kfd_process *p = kfd_lookup_process_by_pasid(pasid);
1147 struct mm_struct *mm;
1148
1149 if (!p)
1150 return; /* Presumably process exited. */
1151
1152 /* Take a safe reference to the mm_struct, which may otherwise
1153 * disappear even while the kfd_process is still referenced.
1154 */
1155 mm = get_task_mm(p->lead_thread);
1156 if (!mm) {
1157 kfd_unref_process(p);
1158 return; /* Process is exiting */
1159 }
1160
1161 user_gpu_id = kfd_process_get_user_gpu_id(p, dev->id);
1162 if (unlikely(user_gpu_id == -EINVAL)) {
1163 WARN_ONCE(1, "Could not get user_gpu_id from dev->id:%x\n", dev->id);
1164 return;
1165 }
1166 memset(&memory_exception_data, 0, sizeof(memory_exception_data));
1167
1168 mmap_read_lock(mm);
1169 vma = find_vma(mm, address);
1170
1171 memory_exception_data.gpu_id = user_gpu_id;
1172 memory_exception_data.va = address;
1173 /* Set failure reason */
1174 memory_exception_data.failure.NotPresent = 1;
1175 memory_exception_data.failure.NoExecute = 0;
1176 memory_exception_data.failure.ReadOnly = 0;
1177 if (vma && address >= vma->vm_start) {
1178 memory_exception_data.failure.NotPresent = 0;
1179
1180 if (is_write_requested && !(vma->vm_flags & VM_WRITE))
1181 memory_exception_data.failure.ReadOnly = 1;
1182 else
1183 memory_exception_data.failure.ReadOnly = 0;
1184
1185 if (is_execute_requested && !(vma->vm_flags & VM_EXEC))
1186 memory_exception_data.failure.NoExecute = 1;
1187 else
1188 memory_exception_data.failure.NoExecute = 0;
1189 }
1190
1191 mmap_read_unlock(mm);
1192 mmput(mm);
1193
1194 pr_debug("notpresent %d, noexecute %d, readonly %d\n",
1195 memory_exception_data.failure.NotPresent,
1196 memory_exception_data.failure.NoExecute,
1197 memory_exception_data.failure.ReadOnly);
1198
1199 /* Workaround on Raven to not kill the process when memory is freed
1200 * before IOMMU is able to finish processing all the excessive PPRs
1201 */
1202
1203 if (KFD_GC_VERSION(dev) != IP_VERSION(9, 1, 0) &&
1204 KFD_GC_VERSION(dev) != IP_VERSION(9, 2, 2) &&
1205 KFD_GC_VERSION(dev) != IP_VERSION(9, 3, 0))
1206 lookup_events_by_type_and_signal(p, KFD_EVENT_TYPE_MEMORY,
1207 &memory_exception_data);
1208
1209 kfd_unref_process(p);
1210 }
1211 #endif /* KFD_SUPPORT_IOMMU_V2 */
1212
kfd_signal_hw_exception_event(u32 pasid)1213 void kfd_signal_hw_exception_event(u32 pasid)
1214 {
1215 /*
1216 * Because we are called from arbitrary context (workqueue) as opposed
1217 * to process context, kfd_process could attempt to exit while we are
1218 * running so the lookup function increments the process ref count.
1219 */
1220 struct kfd_process *p = kfd_lookup_process_by_pasid(pasid);
1221
1222 if (!p)
1223 return; /* Presumably process exited. */
1224
1225 lookup_events_by_type_and_signal(p, KFD_EVENT_TYPE_HW_EXCEPTION, NULL);
1226 kfd_unref_process(p);
1227 }
1228
kfd_signal_vm_fault_event(struct kfd_dev * dev,u32 pasid,struct kfd_vm_fault_info * info)1229 void kfd_signal_vm_fault_event(struct kfd_dev *dev, u32 pasid,
1230 struct kfd_vm_fault_info *info)
1231 {
1232 struct kfd_event *ev;
1233 uint32_t id;
1234 struct kfd_process *p = kfd_lookup_process_by_pasid(pasid);
1235 struct kfd_hsa_memory_exception_data memory_exception_data;
1236 int user_gpu_id;
1237
1238 if (!p)
1239 return; /* Presumably process exited. */
1240
1241 user_gpu_id = kfd_process_get_user_gpu_id(p, dev->id);
1242 if (unlikely(user_gpu_id == -EINVAL)) {
1243 WARN_ONCE(1, "Could not get user_gpu_id from dev->id:%x\n", dev->id);
1244 return;
1245 }
1246
1247 memset(&memory_exception_data, 0, sizeof(memory_exception_data));
1248 memory_exception_data.gpu_id = user_gpu_id;
1249 memory_exception_data.failure.imprecise = true;
1250 /* Set failure reason */
1251 if (info) {
1252 memory_exception_data.va = (info->page_addr) << PAGE_SHIFT;
1253 memory_exception_data.failure.NotPresent =
1254 info->prot_valid ? 1 : 0;
1255 memory_exception_data.failure.NoExecute =
1256 info->prot_exec ? 1 : 0;
1257 memory_exception_data.failure.ReadOnly =
1258 info->prot_write ? 1 : 0;
1259 memory_exception_data.failure.imprecise = 0;
1260 }
1261
1262 rcu_read_lock();
1263
1264 id = KFD_FIRST_NONSIGNAL_EVENT_ID;
1265 idr_for_each_entry_continue(&p->event_idr, ev, id)
1266 if (ev->type == KFD_EVENT_TYPE_MEMORY) {
1267 spin_lock(&ev->lock);
1268 ev->memory_exception_data = memory_exception_data;
1269 set_event(ev);
1270 spin_unlock(&ev->lock);
1271 }
1272
1273 rcu_read_unlock();
1274 kfd_unref_process(p);
1275 }
1276
kfd_signal_reset_event(struct kfd_dev * dev)1277 void kfd_signal_reset_event(struct kfd_dev *dev)
1278 {
1279 struct kfd_hsa_hw_exception_data hw_exception_data;
1280 struct kfd_hsa_memory_exception_data memory_exception_data;
1281 struct kfd_process *p;
1282 struct kfd_event *ev;
1283 unsigned int temp;
1284 uint32_t id, idx;
1285 int reset_cause = atomic_read(&dev->sram_ecc_flag) ?
1286 KFD_HW_EXCEPTION_ECC :
1287 KFD_HW_EXCEPTION_GPU_HANG;
1288
1289 /* Whole gpu reset caused by GPU hang and memory is lost */
1290 memset(&hw_exception_data, 0, sizeof(hw_exception_data));
1291 hw_exception_data.memory_lost = 1;
1292 hw_exception_data.reset_cause = reset_cause;
1293
1294 memset(&memory_exception_data, 0, sizeof(memory_exception_data));
1295 memory_exception_data.ErrorType = KFD_MEM_ERR_SRAM_ECC;
1296 memory_exception_data.failure.imprecise = true;
1297
1298 idx = srcu_read_lock(&kfd_processes_srcu);
1299 hash_for_each_rcu(kfd_processes_table, temp, p, kfd_processes) {
1300 int user_gpu_id = kfd_process_get_user_gpu_id(p, dev->id);
1301
1302 if (unlikely(user_gpu_id == -EINVAL)) {
1303 WARN_ONCE(1, "Could not get user_gpu_id from dev->id:%x\n", dev->id);
1304 continue;
1305 }
1306
1307 rcu_read_lock();
1308
1309 id = KFD_FIRST_NONSIGNAL_EVENT_ID;
1310 idr_for_each_entry_continue(&p->event_idr, ev, id) {
1311 if (ev->type == KFD_EVENT_TYPE_HW_EXCEPTION) {
1312 spin_lock(&ev->lock);
1313 ev->hw_exception_data = hw_exception_data;
1314 ev->hw_exception_data.gpu_id = user_gpu_id;
1315 set_event(ev);
1316 spin_unlock(&ev->lock);
1317 }
1318 if (ev->type == KFD_EVENT_TYPE_MEMORY &&
1319 reset_cause == KFD_HW_EXCEPTION_ECC) {
1320 spin_lock(&ev->lock);
1321 ev->memory_exception_data = memory_exception_data;
1322 ev->memory_exception_data.gpu_id = user_gpu_id;
1323 set_event(ev);
1324 spin_unlock(&ev->lock);
1325 }
1326 }
1327
1328 rcu_read_unlock();
1329 }
1330 srcu_read_unlock(&kfd_processes_srcu, idx);
1331 }
1332
kfd_signal_poison_consumed_event(struct kfd_dev * dev,u32 pasid)1333 void kfd_signal_poison_consumed_event(struct kfd_dev *dev, u32 pasid)
1334 {
1335 struct kfd_process *p = kfd_lookup_process_by_pasid(pasid);
1336 struct kfd_hsa_memory_exception_data memory_exception_data;
1337 struct kfd_hsa_hw_exception_data hw_exception_data;
1338 struct kfd_event *ev;
1339 uint32_t id = KFD_FIRST_NONSIGNAL_EVENT_ID;
1340 int user_gpu_id;
1341
1342 if (!p)
1343 return; /* Presumably process exited. */
1344
1345 user_gpu_id = kfd_process_get_user_gpu_id(p, dev->id);
1346 if (unlikely(user_gpu_id == -EINVAL)) {
1347 WARN_ONCE(1, "Could not get user_gpu_id from dev->id:%x\n", dev->id);
1348 return;
1349 }
1350
1351 memset(&hw_exception_data, 0, sizeof(hw_exception_data));
1352 hw_exception_data.gpu_id = user_gpu_id;
1353 hw_exception_data.memory_lost = 1;
1354 hw_exception_data.reset_cause = KFD_HW_EXCEPTION_ECC;
1355
1356 memset(&memory_exception_data, 0, sizeof(memory_exception_data));
1357 memory_exception_data.ErrorType = KFD_MEM_ERR_POISON_CONSUMED;
1358 memory_exception_data.gpu_id = user_gpu_id;
1359 memory_exception_data.failure.imprecise = true;
1360
1361 rcu_read_lock();
1362
1363 idr_for_each_entry_continue(&p->event_idr, ev, id) {
1364 if (ev->type == KFD_EVENT_TYPE_HW_EXCEPTION) {
1365 spin_lock(&ev->lock);
1366 ev->hw_exception_data = hw_exception_data;
1367 set_event(ev);
1368 spin_unlock(&ev->lock);
1369 }
1370
1371 if (ev->type == KFD_EVENT_TYPE_MEMORY) {
1372 spin_lock(&ev->lock);
1373 ev->memory_exception_data = memory_exception_data;
1374 set_event(ev);
1375 spin_unlock(&ev->lock);
1376 }
1377 }
1378
1379 rcu_read_unlock();
1380
1381 /* user application will handle SIGBUS signal */
1382 send_sig(SIGBUS, p->lead_thread, 0);
1383
1384 kfd_unref_process(p);
1385 }
1386