]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blame - drivers/xen/grant-table.c
projects / mirror_ubuntu-bionic-kernel.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
xen: missing includes
[mirror_ubuntu-bionic-kernel.git] / drivers / xen / grant-table.c
CommitLineData
ad9a8612
JF		 1/******************************************************************************
2 * grant_table.c
3 *
4 * Granting foreign access to our memory reservation.
5 *
6 * Copyright (c) 2005-2006, Christopher Clark
7 * Copyright (c) 2004-2005, K A Fraser
8 *
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License version 2
11 * as published by the Free Software Foundation; or, when distributed
12 * separately from the Linux kernel or incorporated into other
13 * software packages, subject to the following license:
14 *
15 * Permission is hereby granted, free of charge, to any person obtaining a copy
16 * of this source file (the "Software"), to deal in the Software without
17 * restriction, including without limitation the rights to use, copy, modify,
18 * merge, publish, distribute, sublicense, and/or sell copies of the Software,
19 * and to permit persons to whom the Software is furnished to do so, subject to
20 * the following conditions:
21 *
22 * The above copyright notice and this permission notice shall be included in
23 * all copies or substantial portions of the Software.
24 *
25 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
26 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
27 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
28 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
29 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
30 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
31 * IN THE SOFTWARE.
32 */
33
34#include <linux/module.h>
35#include <linux/sched.h>
36#include <linux/mm.h>
5a0e3ad6 37#include <linux/slab.h>
ad9a8612
JF		 38#include <linux/vmalloc.h>
39#include <linux/uaccess.h>
183d03cc 40#include <linux/io.h>
f62805f1 41#include <linux/hardirq.h>
ad9a8612 42
1ccbf534 43#include <xen/xen.h>
ad9a8612
JF		 44#include <xen/interface/xen.h>
45#include <xen/page.h>
46#include <xen/grant_table.h>
183d03cc 47#include <xen/interface/memory.h>
85ff6acb 48#include <xen/hvc-console.h>
ecbf29cd 49#include <asm/xen/hypercall.h>
4d9310e3 50#include <asm/xen/interface.h>
ad9a8612
JF		 51
52#include <asm/pgtable.h>
53#include <asm/sync_bitops.h>
54
ad9a8612
JF		 55/* External tools reserve first few grant table entries. */
56#define NR_RESERVED_ENTRIES 8
57#define GNTTAB_LIST_END 0xffffffff
85ff6acb
AL		 58#define GREFS_PER_GRANT_FRAME \
59(grant_table_version == 1 ? \
60(PAGE_SIZE / sizeof(struct grant_entry_v1)) : \
61(PAGE_SIZE / sizeof(union grant_entry_v2)))
ad9a8612
JF		 62
63static grant_ref_t **gnttab_list;
64static unsigned int nr_grant_frames;
65static unsigned int boot_max_nr_grant_frames;
66static int gnttab_free_count;
67static grant_ref_t gnttab_free_head;
68static DEFINE_SPINLOCK(gnttab_list_lock);
183d03cc
SS		 69unsigned long xen_hvm_resume_frames;
70EXPORT_SYMBOL_GPL(xen_hvm_resume_frames);
ad9a8612 71
0f9f5a95
AL		 72static union {
73 struct grant_entry_v1 *v1;
85ff6acb 74 union grant_entry_v2 *v2;
0f9f5a95
AL		 75 void *addr;
76} gnttab_shared;
77
78/*This is a structure of function pointers for grant table*/
79struct gnttab_ops {
80 /*
9dbc71d5
AL		 81 * Mapping a list of frames for storing grant entries. Frames parameter
82 * is used to store grant table address when grant table being setup,
83 * nr_gframes is the number of frames to map grant table. Returning
84 * GNTST_okay means success and negative value means failure.
0f9f5a95 85 */
9dbc71d5 86 int (*map_frames)(unsigned long *frames, unsigned int nr_gframes);
0f9f5a95
AL		 87 /*
88 * Release a list of frames which are mapped in map_frames for grant
89 * entry status.
90 */
91 void (*unmap_frames)(void);
92 /*
9dbc71d5
AL		 93 * Introducing a valid entry into the grant table, granting the frame of
94 * this grant entry to domain for accessing or transfering. Ref
95 * parameter is reference of this introduced grant entry, domid is id of
96 * granted domain, frame is the page frame to be granted, and flags is
97 * status of the grant entry to be updated.
0f9f5a95 98 */
9dbc71d5
AL		 99 void (*update_entry)(grant_ref_t ref, domid_t domid,
100 unsigned long frame, unsigned flags);
0f9f5a95 101 /*
9dbc71d5
AL		 102 * Stop granting a grant entry to domain for accessing. Ref parameter is
103 * reference of a grant entry whose grant access will be stopped,
104 * readonly is not in use in this function. If the grant entry is
0f9f5a95
AL		 105 * currently mapped for reading or writing, just return failure(==0)
106 * directly and don't tear down the grant access. Otherwise, stop grant
107 * access for this entry and return success(==1).
108 */
9dbc71d5 109 int (*end_foreign_access_ref)(grant_ref_t ref, int readonly);
0f9f5a95 110 /*
9dbc71d5
AL		 111 * Stop granting a grant entry to domain for transfer. Ref parameter is
112 * reference of a grant entry whose grant transfer will be stopped. If
113 * tranfer has not started, just reclaim the grant entry and return
114 * failure(==0). Otherwise, wait for the transfer to complete and then
115 * return the frame.
0f9f5a95 116 */
9dbc71d5 117 unsigned long (*end_foreign_transfer_ref)(grant_ref_t ref);
0f9f5a95 118 /*
9dbc71d5 119 * Query the status of a grant entry. Ref parameter is reference of
0f9f5a95
AL		 120 * queried grant entry, return value is the status of queried entry.
121 * Detailed status(writing/reading) can be gotten from the return value
122 * by bit operations.
123 */
9dbc71d5 124 int (*query_foreign_access)(grant_ref_t ref);
6666754b
AL		 125 /*
126 * Grant a domain to access a range of bytes within the page referred by
127 * an available grant entry. Ref parameter is reference of a grant entry
128 * which will be sub-page accessed, domid is id of grantee domain, frame
129 * is frame address of subpage grant, flags is grant type and flag
130 * information, page_off is offset of the range of bytes, and length is
131 * length of bytes to be accessed.
132 */
133 void (*update_subpage_entry)(grant_ref_t ref, domid_t domid,
134 unsigned long frame, int flags,
135 unsigned page_off, unsigned length);
9438ce9d
AL		 136 /*
137 * Redirect an available grant entry on domain A to another grant
138 * reference of domain B, then allow domain C to use grant reference
139 * of domain B transitively. Ref parameter is an available grant entry
140 * reference on domain A, domid is id of domain C which accesses grant
141 * entry transitively, flags is grant type and flag information,
142 * trans_domid is id of domain B whose grant entry is finally accessed
143 * transitively, trans_gref is grant entry transitive reference of
144 * domain B.
145 */
146 void (*update_trans_entry)(grant_ref_t ref, domid_t domid, int flags,
147 domid_t trans_domid, grant_ref_t trans_gref);
0f9f5a95
AL		 148};
149
150static struct gnttab_ops *gnttab_interface;
151
85ff6acb
AL		 152/*This reflects status of grant entries, so act as a global value*/
153static grant_status_t *grstatus;
154
0f9f5a95 155static int grant_table_version;
ad9a8612
JF		 156
157static struct gnttab_free_callback *gnttab_free_callback_list;
158
159static int gnttab_expand(unsigned int req_entries);
160
161#define RPP (PAGE_SIZE / sizeof(grant_ref_t))
85ff6acb 162#define SPP (PAGE_SIZE / sizeof(grant_status_t))
ad9a8612
JF		 163
164static inline grant_ref_t *__gnttab_entry(grant_ref_t entry)
165{
166 return &gnttab_list[(entry) / RPP][(entry) % RPP];
167}
168/* This can be used as an l-value */
169#define gnttab_entry(entry) (*__gnttab_entry(entry))
170
171static int get_free_entries(unsigned count)
172{
173 unsigned long flags;
272800dc 174 int ref, rc = 0;
ad9a8612
JF		 175 grant_ref_t head;
176
177 spin_lock_irqsave(&gnttab_list_lock, flags);
178
179 if ((gnttab_free_count < count) &&
180 ((rc = gnttab_expand(count - gnttab_free_count)) < 0)) {
181 spin_unlock_irqrestore(&gnttab_list_lock, flags);
182 return rc;
183 }
184
185 ref = head = gnttab_free_head;
186 gnttab_free_count -= count;
187 while (count-- > 1)
188 head = gnttab_entry(head);
189 gnttab_free_head = gnttab_entry(head);
190 gnttab_entry(head) = GNTTAB_LIST_END;
191
192 spin_unlock_irqrestore(&gnttab_list_lock, flags);
193
194 return ref;
195}
196
197static void do_free_callbacks(void)
198{
199 struct gnttab_free_callback *callback, *next;
200
201 callback = gnttab_free_callback_list;
202 gnttab_free_callback_list = NULL;
203
204 while (callback != NULL) {
205 next = callback->next;
206 if (gnttab_free_count >= callback->count) {
207 callback->next = NULL;
208 callback->fn(callback->arg);
209 } else {
210 callback->next = gnttab_free_callback_list;
211 gnttab_free_callback_list = callback;
212 }
213 callback = next;
214 }
215}
216
217static inline void check_free_callbacks(void)
218{
219 if (unlikely(gnttab_free_callback_list))
220 do_free_callbacks();
221}
222
223static void put_free_entry(grant_ref_t ref)
224{
225 unsigned long flags;
226 spin_lock_irqsave(&gnttab_list_lock, flags);
227 gnttab_entry(ref) = gnttab_free_head;
228 gnttab_free_head = ref;
229 gnttab_free_count++;
230 check_free_callbacks();
231 spin_unlock_irqrestore(&gnttab_list_lock, flags);
232}
233
0f9f5a95 234/*
85ff6acb 235 * Following applies to gnttab_update_entry_v1 and gnttab_update_entry_v2.
0f9f5a95
AL		 236 * Introducing a valid entry into the grant table:
237 * 1. Write ent->domid.
238 * 2. Write ent->frame:
239 * GTF_permit_access: Frame to which access is permitted.
240 * GTF_accept_transfer: Pseudo-phys frame slot being filled by new
241 * frame, or zero if none.
242 * 3. Write memory barrier (WMB).
243 * 4. Write ent->flags, inc. valid type.
244 */
245static void gnttab_update_entry_v1(grant_ref_t ref, domid_t domid,
246 unsigned long frame, unsigned flags)
ad9a8612 247{
0f9f5a95
AL		 248 gnttab_shared.v1[ref].domid = domid;
249 gnttab_shared.v1[ref].frame = frame;
ad9a8612 250 wmb();
0f9f5a95 251 gnttab_shared.v1[ref].flags = flags;
ad9a8612
JF		 252}
253
85ff6acb
AL		 254static void gnttab_update_entry_v2(grant_ref_t ref, domid_t domid,
255 unsigned long frame, unsigned flags)
256{
257 gnttab_shared.v2[ref].hdr.domid = domid;
258 gnttab_shared.v2[ref].full_page.frame = frame;
259 wmb();
260 gnttab_shared.v2[ref].hdr.flags = GTF_permit_access | flags;
261}
262
ad9a8612
JF		 263/*
264 * Public grant-issuing interface functions
265 */
266void gnttab_grant_foreign_access_ref(grant_ref_t ref, domid_t domid,
267 unsigned long frame, int readonly)
268{
0f9f5a95 269 gnttab_interface->update_entry(ref, domid, frame,
ad9a8612
JF		 270 GTF_permit_access | (readonly ? GTF_readonly : 0));
271}
272EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_ref);
273
274int gnttab_grant_foreign_access(domid_t domid, unsigned long frame,
275 int readonly)
276{
277 int ref;
278
279 ref = get_free_entries(1);
280 if (unlikely(ref < 0))
281 return -ENOSPC;
282
283 gnttab_grant_foreign_access_ref(ref, domid, frame, readonly);
284
285 return ref;
286}
287EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access);
288
6666754b
AL		 289void gnttab_update_subpage_entry_v2(grant_ref_t ref, domid_t domid,
290 unsigned long frame, int flags,
291 unsigned page_off,
292 unsigned length)
293{
294 gnttab_shared.v2[ref].sub_page.frame = frame;
295 gnttab_shared.v2[ref].sub_page.page_off = page_off;
296 gnttab_shared.v2[ref].sub_page.length = length;
297 gnttab_shared.v2[ref].hdr.domid = domid;
298 wmb();
299 gnttab_shared.v2[ref].hdr.flags =
300 GTF_permit_access | GTF_sub_page | flags;
301}
302
303int gnttab_grant_foreign_access_subpage_ref(grant_ref_t ref, domid_t domid,
304 unsigned long frame, int flags,
305 unsigned page_off,
306 unsigned length)
307{
308 if (flags & (GTF_accept_transfer | GTF_reading |
309 GTF_writing | GTF_transitive))
310 return -EPERM;
311
312 if (gnttab_interface->update_subpage_entry == NULL)
313 return -ENOSYS;
314
315 gnttab_interface->update_subpage_entry(ref, domid, frame, flags,
316 page_off, length);
317
318 return 0;
319}
320EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_subpage_ref);
321
322int gnttab_grant_foreign_access_subpage(domid_t domid, unsigned long frame,
323 int flags, unsigned page_off,
324 unsigned length)
325{
326 int ref, rc;
327
328 ref = get_free_entries(1);
329 if (unlikely(ref < 0))
330 return -ENOSPC;
331
332 rc = gnttab_grant_foreign_access_subpage_ref(ref, domid, frame, flags,
333 page_off, length);
334 if (rc < 0) {
335 put_free_entry(ref);
336 return rc;
337 }
338
339 return ref;
340}
341EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_subpage);
342
343bool gnttab_subpage_grants_available(void)
344{
345 return gnttab_interface->update_subpage_entry != NULL;
346}
347EXPORT_SYMBOL_GPL(gnttab_subpage_grants_available);
348
9438ce9d
AL		 349void gnttab_update_trans_entry_v2(grant_ref_t ref, domid_t domid,
350 int flags, domid_t trans_domid,
351 grant_ref_t trans_gref)
352{
353 gnttab_shared.v2[ref].transitive.trans_domid = trans_domid;
354 gnttab_shared.v2[ref].transitive.gref = trans_gref;
355 gnttab_shared.v2[ref].hdr.domid = domid;
356 wmb();
357 gnttab_shared.v2[ref].hdr.flags =
358 GTF_permit_access | GTF_transitive | flags;
359}
360
361int gnttab_grant_foreign_access_trans_ref(grant_ref_t ref, domid_t domid,
362 int flags, domid_t trans_domid,
363 grant_ref_t trans_gref)
364{
365 if (flags & (GTF_accept_transfer | GTF_reading |
366 GTF_writing | GTF_sub_page))
367 return -EPERM;
368
369 if (gnttab_interface->update_trans_entry == NULL)
370 return -ENOSYS;
371
372 gnttab_interface->update_trans_entry(ref, domid, flags, trans_domid,
373 trans_gref);
374
375 return 0;
376}
377EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_trans_ref);
378
379int gnttab_grant_foreign_access_trans(domid_t domid, int flags,
380 domid_t trans_domid,
381 grant_ref_t trans_gref)
382{
383 int ref, rc;
384
385 ref = get_free_entries(1);
386 if (unlikely(ref < 0))
387 return -ENOSPC;
388
389 rc = gnttab_grant_foreign_access_trans_ref(ref, domid, flags,
390 trans_domid, trans_gref);
391 if (rc < 0) {
392 put_free_entry(ref);
393 return rc;
394 }
395
396 return ref;
397}
398EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_trans);
399
400bool gnttab_trans_grants_available(void)
401{
402 return gnttab_interface->update_trans_entry != NULL;
403}
404EXPORT_SYMBOL_GPL(gnttab_trans_grants_available);
405
0f9f5a95 406static int gnttab_query_foreign_access_v1(grant_ref_t ref)
ad9a8612 407{
0f9f5a95
AL		 408 return gnttab_shared.v1[ref].flags & (GTF_reading|GTF_writing);
409}
ad9a8612 410
85ff6acb
AL		 411static int gnttab_query_foreign_access_v2(grant_ref_t ref)
412{
413 return grstatus[ref] & (GTF_reading|GTF_writing);
414}
415
0f9f5a95
AL		 416int gnttab_query_foreign_access(grant_ref_t ref)
417{
418 return gnttab_interface->query_foreign_access(ref);
ad9a8612
JF		 419}
420EXPORT_SYMBOL_GPL(gnttab_query_foreign_access);
421
0f9f5a95 422static int gnttab_end_foreign_access_ref_v1(grant_ref_t ref, int readonly)
ad9a8612
JF		 423{
424 u16 flags, nflags;
b1e495b2 425 u16 *pflags;
ad9a8612 426
b1e495b2
AL		 427 pflags = &gnttab_shared.v1[ref].flags;
428 nflags = *pflags;
ad9a8612
JF		 429 do {
430 flags = nflags;
569ca5b3 431 if (flags & (GTF_reading|GTF_writing))
ad9a8612 432 return 0;
b1e495b2 433 } while ((nflags = sync_cmpxchg(pflags, flags, 0)) != flags);
ad9a8612
JF		 434
435 return 1;
436}
0f9f5a95 437
85ff6acb
AL		 438static int gnttab_end_foreign_access_ref_v2(grant_ref_t ref, int readonly)
439{
440 gnttab_shared.v2[ref].hdr.flags = 0;
441 mb();
442 if (grstatus[ref] & (GTF_reading|GTF_writing)) {
443 return 0;
444 } else {
445 /* The read of grstatus needs to have acquire
446 semantics. On x86, reads already have
447 that, and we just need to protect against
448 compiler reorderings. On other
449 architectures we may need a full
450 barrier. */
451#ifdef CONFIG_X86
452 barrier();
453#else
454 mb();
455#endif
456 }
457
458 return 1;
459}
460
569ca5b3 461static inline int _gnttab_end_foreign_access_ref(grant_ref_t ref, int readonly)
0f9f5a95
AL		 462{
463 return gnttab_interface->end_foreign_access_ref(ref, readonly);
464}
569ca5b3
JB		 465
466int gnttab_end_foreign_access_ref(grant_ref_t ref, int readonly)
467{
468 if (_gnttab_end_foreign_access_ref(ref, readonly))
469 return 1;
470 pr_warn("WARNING: g.e. %#x still in use!\n", ref);
471 return 0;
472}
ad9a8612
JF		 473EXPORT_SYMBOL_GPL(gnttab_end_foreign_access_ref);
474
569ca5b3
JB		 475struct deferred_entry {
476 struct list_head list;
477 grant_ref_t ref;
478 bool ro;
479 uint16_t warn_delay;
480 struct page *page;
481};
482static LIST_HEAD(deferred_list);
483static void gnttab_handle_deferred(unsigned long);
484static DEFINE_TIMER(deferred_timer, gnttab_handle_deferred, 0, 0);
485
486static void gnttab_handle_deferred(unsigned long unused)
487{
488 unsigned int nr = 10;
489 struct deferred_entry *first = NULL;
490 unsigned long flags;
491
492 spin_lock_irqsave(&gnttab_list_lock, flags);
493 while (nr--) {
494 struct deferred_entry *entry
495 = list_first_entry(&deferred_list,
496 struct deferred_entry, list);
497
498 if (entry == first)
499 break;
500 list_del(&entry->list);
501 spin_unlock_irqrestore(&gnttab_list_lock, flags);
502 if (_gnttab_end_foreign_access_ref(entry->ref, entry->ro)) {
503 put_free_entry(entry->ref);
504 if (entry->page) {
505 pr_debug("freeing g.e. %#x (pfn %#lx)\n",
506 entry->ref, page_to_pfn(entry->page));
507 __free_page(entry->page);
508 } else
509 pr_info("freeing g.e. %#x\n", entry->ref);
510 kfree(entry);
511 entry = NULL;
512 } else {
513 if (!--entry->warn_delay)
514 pr_info("g.e. %#x still pending\n",
515 entry->ref);
516 if (!first)
517 first = entry;
518 }
519 spin_lock_irqsave(&gnttab_list_lock, flags);
520 if (entry)
521 list_add_tail(&entry->list, &deferred_list);
522 else if (list_empty(&deferred_list))
523 break;
524 }
525 if (!list_empty(&deferred_list) && !timer_pending(&deferred_timer)) {
526 deferred_timer.expires = jiffies + HZ;
527 add_timer(&deferred_timer);
528 }
529 spin_unlock_irqrestore(&gnttab_list_lock, flags);
530}
531
532static void gnttab_add_deferred(grant_ref_t ref, bool readonly,
533 struct page *page)
534{
535 struct deferred_entry *entry = kmalloc(sizeof(*entry), GFP_ATOMIC);
536 const char *what = KERN_WARNING "leaking";
537
538 if (entry) {
539 unsigned long flags;
540
541 entry->ref = ref;
542 entry->ro = readonly;
543 entry->page = page;
544 entry->warn_delay = 60;
545 spin_lock_irqsave(&gnttab_list_lock, flags);
546 list_add_tail(&entry->list, &deferred_list);
547 if (!timer_pending(&deferred_timer)) {
548 deferred_timer.expires = jiffies + HZ;
549 add_timer(&deferred_timer);
550 }
551 spin_unlock_irqrestore(&gnttab_list_lock, flags);
552 what = KERN_DEBUG "deferring";
553 }
554 printk("%s g.e. %#x (pfn %#lx)\n",
555 what, ref, page ? page_to_pfn(page) : -1);
556}
557
ad9a8612
JF		 558void gnttab_end_foreign_access(grant_ref_t ref, int readonly,
559 unsigned long page)
560{
561 if (gnttab_end_foreign_access_ref(ref, readonly)) {
562 put_free_entry(ref);
563 if (page != 0)
564 free_page(page);
569ca5b3
JB		 565 } else
566 gnttab_add_deferred(ref, readonly,
567 page ? virt_to_page(page) : NULL);
ad9a8612
JF		 568}
569EXPORT_SYMBOL_GPL(gnttab_end_foreign_access);
570
571int gnttab_grant_foreign_transfer(domid_t domid, unsigned long pfn)
572{
573 int ref;
574
575 ref = get_free_entries(1);
576 if (unlikely(ref < 0))
577 return -ENOSPC;
578 gnttab_grant_foreign_transfer_ref(ref, domid, pfn);
579
580 return ref;
581}
582EXPORT_SYMBOL_GPL(gnttab_grant_foreign_transfer);
583
584void gnttab_grant_foreign_transfer_ref(grant_ref_t ref, domid_t domid,
585 unsigned long pfn)
586{
0f9f5a95 587 gnttab_interface->update_entry(ref, domid, pfn, GTF_accept_transfer);
ad9a8612
JF		 588}
589EXPORT_SYMBOL_GPL(gnttab_grant_foreign_transfer_ref);
590
0f9f5a95 591static unsigned long gnttab_end_foreign_transfer_ref_v1(grant_ref_t ref)
ad9a8612
JF		 592{
593 unsigned long frame;
594 u16 flags;
b1e495b2
AL		 595 u16 *pflags;
596
597 pflags = &gnttab_shared.v1[ref].flags;
ad9a8612
JF		 598
599 /*
600 * If a transfer is not even yet started, try to reclaim the grant
601 * reference and return failure (== 0).
602 */
b1e495b2
AL		 603 while (!((flags = *pflags) & GTF_transfer_committed)) {
604 if (sync_cmpxchg(pflags, flags, 0) == flags)
ad9a8612
JF		 605 return 0;
606 cpu_relax();
607 }
608
609 /* If a transfer is in progress then wait until it is completed. */
610 while (!(flags & GTF_transfer_completed)) {
b1e495b2 611 flags = *pflags;
ad9a8612
JF		 612 cpu_relax();
613 }
614
615 rmb(); /* Read the frame number /after/ reading completion status. */
0f9f5a95 616 frame = gnttab_shared.v1[ref].frame;
ad9a8612
JF		 617 BUG_ON(frame == 0);
618
619 return frame;
620}
0f9f5a95 621
85ff6acb
AL		 622static unsigned long gnttab_end_foreign_transfer_ref_v2(grant_ref_t ref)
623{
624 unsigned long frame;
625 u16 flags;
626 u16 *pflags;
627
628 pflags = &gnttab_shared.v2[ref].hdr.flags;
629
630 /*
631 * If a transfer is not even yet started, try to reclaim the grant
632 * reference and return failure (== 0).
633 */
634 while (!((flags = *pflags) & GTF_transfer_committed)) {
635 if (sync_cmpxchg(pflags, flags, 0) == flags)
636 return 0;
637 cpu_relax();
638 }
639
640 /* If a transfer is in progress then wait until it is completed. */
641 while (!(flags & GTF_transfer_completed)) {
642 flags = *pflags;
643 cpu_relax();
644 }
645
646 rmb(); /* Read the frame number /after/ reading completion status. */
647 frame = gnttab_shared.v2[ref].full_page.frame;
648 BUG_ON(frame == 0);
649
650 return frame;
651}
652
0f9f5a95
AL		 653unsigned long gnttab_end_foreign_transfer_ref(grant_ref_t ref)
654{
655 return gnttab_interface->end_foreign_transfer_ref(ref);
656}
ad9a8612
JF		 657EXPORT_SYMBOL_GPL(gnttab_end_foreign_transfer_ref);
658
659unsigned long gnttab_end_foreign_transfer(grant_ref_t ref)
660{
661 unsigned long frame = gnttab_end_foreign_transfer_ref(ref);
662 put_free_entry(ref);
663 return frame;
664}
665EXPORT_SYMBOL_GPL(gnttab_end_foreign_transfer);
666
667void gnttab_free_grant_reference(grant_ref_t ref)
668{
669 put_free_entry(ref);
670}
671EXPORT_SYMBOL_GPL(gnttab_free_grant_reference);
672
673void gnttab_free_grant_references(grant_ref_t head)
674{
675 grant_ref_t ref;
676 unsigned long flags;
677 int count = 1;
678 if (head == GNTTAB_LIST_END)
679 return;
680 spin_lock_irqsave(&gnttab_list_lock, flags);
681 ref = head;
682 while (gnttab_entry(ref) != GNTTAB_LIST_END) {
683 ref = gnttab_entry(ref);
684 count++;
685 }
686 gnttab_entry(ref) = gnttab_free_head;
687 gnttab_free_head = head;
688 gnttab_free_count += count;
689 check_free_callbacks();
690 spin_unlock_irqrestore(&gnttab_list_lock, flags);
691}
692EXPORT_SYMBOL_GPL(gnttab_free_grant_references);
693
694int gnttab_alloc_grant_references(u16 count, grant_ref_t *head)
695{
696 int h = get_free_entries(count);
697
698 if (h < 0)
699 return -ENOSPC;
700
701 *head = h;
702
703 return 0;
704}
705EXPORT_SYMBOL_GPL(gnttab_alloc_grant_references);
706
707int gnttab_empty_grant_references(const grant_ref_t *private_head)
708{
709 return (*private_head == GNTTAB_LIST_END);
710}
711EXPORT_SYMBOL_GPL(gnttab_empty_grant_references);
712
713int gnttab_claim_grant_reference(grant_ref_t *private_head)
714{
715 grant_ref_t g = *private_head;
716 if (unlikely(g == GNTTAB_LIST_END))
717 return -ENOSPC;
718 *private_head = gnttab_entry(g);
719 return g;
720}
721EXPORT_SYMBOL_GPL(gnttab_claim_grant_reference);
722
723void gnttab_release_grant_reference(grant_ref_t *private_head,
724 grant_ref_t release)
725{
726 gnttab_entry(release) = *private_head;
727 *private_head = release;
728}
729EXPORT_SYMBOL_GPL(gnttab_release_grant_reference);
730
731void gnttab_request_free_callback(struct gnttab_free_callback *callback,
732 void (*fn)(void *), void *arg, u16 count)
733{
734 unsigned long flags;
735 spin_lock_irqsave(&gnttab_list_lock, flags);
736 if (callback->next)
737 goto out;
738 callback->fn = fn;
739 callback->arg = arg;
740 callback->count = count;
741 callback->next = gnttab_free_callback_list;
742 gnttab_free_callback_list = callback;
743 check_free_callbacks();
744out:
745 spin_unlock_irqrestore(&gnttab_list_lock, flags);
746}
747EXPORT_SYMBOL_GPL(gnttab_request_free_callback);
748
749void gnttab_cancel_free_callback(struct gnttab_free_callback *callback)
750{
751 struct gnttab_free_callback **pcb;
752 unsigned long flags;
753
754 spin_lock_irqsave(&gnttab_list_lock, flags);
755 for (pcb = &gnttab_free_callback_list; *pcb; pcb = &(*pcb)->next) {
756 if (*pcb == callback) {
757 *pcb = callback->next;
758 break;
759 }
760 }
761 spin_unlock_irqrestore(&gnttab_list_lock, flags);
762}
763EXPORT_SYMBOL_GPL(gnttab_cancel_free_callback);
764
765static int grow_gnttab_list(unsigned int more_frames)
766{
767 unsigned int new_nr_grant_frames, extra_entries, i;
bbc60c18 768 unsigned int nr_glist_frames, new_nr_glist_frames;
ad9a8612
JF		 769
770 new_nr_grant_frames = nr_grant_frames + more_frames;
771 extra_entries = more_frames * GREFS_PER_GRANT_FRAME;
772
bbc60c18
MAEM		 773 nr_glist_frames = (nr_grant_frames * GREFS_PER_GRANT_FRAME + RPP - 1) / RPP;
774 new_nr_glist_frames =
775 (new_nr_grant_frames * GREFS_PER_GRANT_FRAME + RPP - 1) / RPP;
776 for (i = nr_glist_frames; i < new_nr_glist_frames; i++) {
ad9a8612
JF		 777 gnttab_list[i] = (grant_ref_t *)__get_free_page(GFP_ATOMIC);
778 if (!gnttab_list[i])
779 goto grow_nomem;
780 }
781
782
783 for (i = GREFS_PER_GRANT_FRAME * nr_grant_frames;
784 i < GREFS_PER_GRANT_FRAME * new_nr_grant_frames - 1; i++)
785 gnttab_entry(i) = i + 1;
786
787 gnttab_entry(i) = gnttab_free_head;
788 gnttab_free_head = GREFS_PER_GRANT_FRAME * nr_grant_frames;
789 gnttab_free_count += extra_entries;
790
791 nr_grant_frames = new_nr_grant_frames;
792
793 check_free_callbacks();
794
795 return 0;
796
797grow_nomem:
bbc60c18 798 for ( ; i >= nr_glist_frames; i--)
ad9a8612
JF		 799 free_page((unsigned long) gnttab_list[i]);
800 return -ENOMEM;
801}
802
803static unsigned int __max_nr_grant_frames(void)
804{
805 struct gnttab_query_size query;
806 int rc;
807
808 query.dom = DOMID_SELF;
809
810 rc = HYPERVISOR_grant_table_op(GNTTABOP_query_size, &query, 1);
811 if ((rc < 0) || (query.status != GNTST_okay))
812 return 4; /* Legacy max supported number of frames */
813
814 return query.max_nr_frames;
815}
816
183d03cc 817unsigned int gnttab_max_grant_frames(void)
ad9a8612
JF		 818{
819 unsigned int xen_max = __max_nr_grant_frames();
820
821 if (xen_max > boot_max_nr_grant_frames)
822 return boot_max_nr_grant_frames;
823 return xen_max;
824}
183d03cc 825EXPORT_SYMBOL_GPL(gnttab_max_grant_frames);
ad9a8612 826
289b777e 827int gnttab_map_refs(struct gnttab_map_grant_ref *map_ops,
c123799a
AL		 828 struct gnttab_map_grant_ref *kmap_ops,
829 struct page **pages, unsigned int count)
289b777e
SS		 830{
831 int i, ret;
f62805f1 832 bool lazy = false;
289b777e
SS		 833 pte_t *pte;
834 unsigned long mfn;
835
836 ret = HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, map_ops, count);
87f1d40a
JF		 837 if (ret)
838 return ret;
289b777e 839
aab8f11a
DDG		 840 if (xen_feature(XENFEAT_auto_translated_physmap))
841 return ret;
842
f62805f1
SS		 843 if (!in_interrupt() && paravirt_get_lazy_mode() == PARAVIRT_LAZY_NONE) {
844 arch_enter_lazy_mmu_mode();
845 lazy = true;
846 }
847
289b777e 848 for (i = 0; i < count; i++) {
dc4972a4
IC		 849 /* Do not add to override if the map failed. */
850 if (map_ops[i].status)
851 continue;
852
cf8d9163
KRW		 853 if (map_ops[i].flags & GNTMAP_contains_pte) {
854 pte = (pte_t *) (mfn_to_virt(PFN_DOWN(map_ops[i].host_addr)) +
289b777e 855 (map_ops[i].host_addr & ~PAGE_MASK));
cf8d9163
KRW		 856 mfn = pte_mfn(*pte);
857 } else {
7d17e84b 858 mfn = PFN_DOWN(map_ops[i].dev_bus_addr);
cf8d9163 859 }
7d17e84b
DDG		 860 ret = m2p_add_override(mfn, pages[i], kmap_ops ?
861 &kmap_ops[i] : NULL);
87f1d40a
JF		 862 if (ret)
863 return ret;
289b777e
SS		 864 }
865
f62805f1
SS		 866 if (lazy)
867 arch_leave_lazy_mmu_mode();
868
289b777e
SS		 869 return ret;
870}
871EXPORT_SYMBOL_GPL(gnttab_map_refs);
872
873int gnttab_unmap_refs(struct gnttab_unmap_grant_ref *unmap_ops,
7d17e84b 874 struct page **pages, unsigned int count, bool clear_pte)
289b777e
SS		 875{
876 int i, ret;
f62805f1 877 bool lazy = false;
289b777e
SS		 878
879 ret = HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, unmap_ops, count);
87f1d40a
JF		 880 if (ret)
881 return ret;
882
aab8f11a
DDG		 883 if (xen_feature(XENFEAT_auto_translated_physmap))
884 return ret;
885
f62805f1
SS		 886 if (!in_interrupt() && paravirt_get_lazy_mode() == PARAVIRT_LAZY_NONE) {
887 arch_enter_lazy_mmu_mode();
888 lazy = true;
889 }
890
87f1d40a 891 for (i = 0; i < count; i++) {
7d17e84b 892 ret = m2p_remove_override(pages[i], clear_pte);
87f1d40a
JF		 893 if (ret)
894 return ret;
895 }
289b777e 896
f62805f1
SS		 897 if (lazy)
898 arch_leave_lazy_mmu_mode();
899
289b777e
SS		 900 return ret;
901}
902EXPORT_SYMBOL_GPL(gnttab_unmap_refs);
903
85ff6acb
AL		 904static unsigned nr_status_frames(unsigned nr_grant_frames)
905{
906 return (nr_grant_frames * GREFS_PER_GRANT_FRAME + SPP - 1) / SPP;
907}
908
0f9f5a95
AL		 909static int gnttab_map_frames_v1(unsigned long *frames, unsigned int nr_gframes)
910{
911 int rc;
912
913 rc = arch_gnttab_map_shared(frames, nr_gframes,
914 gnttab_max_grant_frames(),
915 &gnttab_shared.addr);
916 BUG_ON(rc);
917
918 return 0;
919}
920
921static void gnttab_unmap_frames_v1(void)
922{
85ff6acb
AL		 923 arch_gnttab_unmap(gnttab_shared.addr, nr_grant_frames);
924}
925
926static int gnttab_map_frames_v2(unsigned long *frames, unsigned int nr_gframes)
927{
928 uint64_t *sframes;
929 unsigned int nr_sframes;
930 struct gnttab_get_status_frames getframes;
931 int rc;
932
933 nr_sframes = nr_status_frames(nr_gframes);
934
935 /* No need for kzalloc as it is initialized in following hypercall
936 * GNTTABOP_get_status_frames.
937 */
938 sframes = kmalloc(nr_sframes * sizeof(uint64_t), GFP_ATOMIC);
939 if (!sframes)
940 return -ENOMEM;
941
942 getframes.dom = DOMID_SELF;
943 getframes.nr_frames = nr_sframes;
944 set_xen_guest_handle(getframes.frame_list, sframes);
945
946 rc = HYPERVISOR_grant_table_op(GNTTABOP_get_status_frames,
947 &getframes, 1);
948 if (rc == -ENOSYS) {
949 kfree(sframes);
950 return -ENOSYS;
951 }
952
953 BUG_ON(rc || getframes.status);
954
955 rc = arch_gnttab_map_status(sframes, nr_sframes,
956 nr_status_frames(gnttab_max_grant_frames()),
957 &grstatus);
958 BUG_ON(rc);
959 kfree(sframes);
960
961 rc = arch_gnttab_map_shared(frames, nr_gframes,
962 gnttab_max_grant_frames(),
963 &gnttab_shared.addr);
964 BUG_ON(rc);
965
966 return 0;
967}
968
969static void gnttab_unmap_frames_v2(void)
970{
971 arch_gnttab_unmap(gnttab_shared.addr, nr_grant_frames);
972 arch_gnttab_unmap(grstatus, nr_status_frames(nr_grant_frames));
0f9f5a95
AL		 973}
974
ad9a8612
JF		 975static int gnttab_map(unsigned int start_idx, unsigned int end_idx)
976{
977 struct gnttab_setup_table setup;
978 unsigned long *frames;
979 unsigned int nr_gframes = end_idx + 1;
980 int rc;
981
183d03cc
SS		 982 if (xen_hvm_domain()) {
983 struct xen_add_to_physmap xatp;
984 unsigned int i = end_idx;
985 rc = 0;
986 /*
987 * Loop backwards, so that the first hypercall has the largest
988 * index, ensuring that the table will grow only once.
989 */
990 do {
991 xatp.domid = DOMID_SELF;
992 xatp.idx = i;
993 xatp.space = XENMAPSPACE_grant_table;
994 xatp.gpfn = (xen_hvm_resume_frames >> PAGE_SHIFT) + i;
995 rc = HYPERVISOR_memory_op(XENMEM_add_to_physmap, &xatp);
996 if (rc != 0) {
997 printk(KERN_WARNING
998 "grant table add_to_physmap failed, err=%d\n", rc);
999 break;
1000 }
1001 } while (i-- > start_idx);
1002
1003 return rc;
1004 }
1005
85ff6acb
AL		 1006 /* No need for kzalloc as it is initialized in following hypercall
1007 * GNTTABOP_setup_table.
1008 */
ad9a8612
JF		 1009 frames = kmalloc(nr_gframes * sizeof(unsigned long), GFP_ATOMIC);
1010 if (!frames)
1011 return -ENOMEM;
1012
1013 setup.dom = DOMID_SELF;
1014 setup.nr_frames = nr_gframes;
87e27cf6 1015 set_xen_guest_handle(setup.frame_list, frames);
ad9a8612
JF		 1016
1017 rc = HYPERVISOR_grant_table_op(GNTTABOP_setup_table, &setup, 1);
1018 if (rc == -ENOSYS) {
1019 kfree(frames);
1020 return -ENOSYS;
1021 }
1022
1023 BUG_ON(rc || setup.status);
1024
0f9f5a95 1025 rc = gnttab_interface->map_frames(frames, nr_gframes);
ad9a8612
JF		 1026
1027 kfree(frames);
1028
0f9f5a95
AL		 1029 return rc;
1030}
1031
1032static struct gnttab_ops gnttab_v1_ops = {
1033 .map_frames = gnttab_map_frames_v1,
1034 .unmap_frames = gnttab_unmap_frames_v1,
1035 .update_entry = gnttab_update_entry_v1,
1036 .end_foreign_access_ref = gnttab_end_foreign_access_ref_v1,
1037 .end_foreign_transfer_ref = gnttab_end_foreign_transfer_ref_v1,
1038 .query_foreign_access = gnttab_query_foreign_access_v1,
1039};
1040
85ff6acb
AL		 1041static struct gnttab_ops gnttab_v2_ops = {
1042 .map_frames = gnttab_map_frames_v2,
1043 .unmap_frames = gnttab_unmap_frames_v2,
1044 .update_entry = gnttab_update_entry_v2,
1045 .end_foreign_access_ref = gnttab_end_foreign_access_ref_v2,
1046 .end_foreign_transfer_ref = gnttab_end_foreign_transfer_ref_v2,
1047 .query_foreign_access = gnttab_query_foreign_access_v2,
6666754b 1048 .update_subpage_entry = gnttab_update_subpage_entry_v2,
9438ce9d 1049 .update_trans_entry = gnttab_update_trans_entry_v2,
85ff6acb
AL		 1050};
1051
0f9f5a95
AL		 1052static void gnttab_request_version(void)
1053{
85ff6acb
AL		 1054 int rc;
1055 struct gnttab_set_version gsv;
1056
69e8f430
KRW		 1057 if (xen_hvm_domain())
1058 gsv.version = 1;
1059 else
1060 gsv.version = 2;
85ff6acb 1061 rc = HYPERVISOR_grant_table_op(GNTTABOP_set_version, &gsv, 1);
69e8f430 1062 if (rc == 0 && gsv.version == 2) {
85ff6acb
AL		 1063 grant_table_version = 2;
1064 gnttab_interface = &gnttab_v2_ops;
1065 } else if (grant_table_version == 2) {
1066 /*
1067 * If we've already used version 2 features,
1068 * but then suddenly discover that they're not
1069 * available (e.g. migrating to an older
1070 * version of Xen), almost unbounded badness
1071 * can happen.
1072 */
1073 panic("we need grant tables version 2, but only version 1 is available");
1074 } else {
1075 grant_table_version = 1;
1076 gnttab_interface = &gnttab_v1_ops;
1077 }
0f9f5a95
AL		 1078 printk(KERN_INFO "Grant tables using version %d layout.\n",
1079 grant_table_version);
ad9a8612
JF		 1080}
1081
0e91398f 1082int gnttab_resume(void)
ad9a8612 1083{
183d03cc
SS		 1084 unsigned int max_nr_gframes;
1085
0f9f5a95 1086 gnttab_request_version();
183d03cc
SS		 1087 max_nr_gframes = gnttab_max_grant_frames();
1088 if (max_nr_gframes < nr_grant_frames)
ad9a8612 1089 return -ENOSYS;
183d03cc
SS		 1090
1091 if (xen_pv_domain())
1092 return gnttab_map(0, nr_grant_frames - 1);
1093
0f9f5a95
AL		 1094 if (gnttab_shared.addr == NULL) {
1095 gnttab_shared.addr = ioremap(xen_hvm_resume_frames,
1096 PAGE_SIZE * max_nr_gframes);
1097 if (gnttab_shared.addr == NULL) {
183d03cc
SS		 1098 printk(KERN_WARNING
1099 "Failed to ioremap gnttab share frames!");
1100 return -ENOMEM;
1101 }
1102 }
1103
1104 gnttab_map(0, nr_grant_frames - 1);
1105
1106 return 0;
ad9a8612
JF		 1107}
1108
0e91398f 1109int gnttab_suspend(void)
ad9a8612 1110{
0f9f5a95 1111 gnttab_interface->unmap_frames();
ad9a8612
JF		 1112 return 0;
1113}
1114
1115static int gnttab_expand(unsigned int req_entries)
1116{
1117 int rc;
1118 unsigned int cur, extra;
1119
1120 cur = nr_grant_frames;
1121 extra = ((req_entries + (GREFS_PER_GRANT_FRAME-1)) /
1122 GREFS_PER_GRANT_FRAME);
183d03cc 1123 if (cur + extra > gnttab_max_grant_frames())
ad9a8612
JF		 1124 return -ENOSPC;
1125
1126 rc = gnttab_map(cur, cur + extra - 1);
1127 if (rc == 0)
1128 rc = grow_gnttab_list(extra);
1129
1130 return rc;
1131}
1132
183d03cc 1133int gnttab_init(void)
ad9a8612
JF		 1134{
1135 int i;
bbc60c18 1136 unsigned int max_nr_glist_frames, nr_glist_frames;
ad9a8612 1137 unsigned int nr_init_grefs;
6b5e7d9e 1138 int ret;
ad9a8612 1139
ad9a8612
JF		 1140 nr_grant_frames = 1;
1141 boot_max_nr_grant_frames = __max_nr_grant_frames();
1142
1143 /* Determine the maximum number of frames required for the
1144 * grant reference free list on the current hypervisor.
1145 */
1146 max_nr_glist_frames = (boot_max_nr_grant_frames *
bbc60c18 1147 GREFS_PER_GRANT_FRAME / RPP);
ad9a8612
JF		 1148
1149 gnttab_list = kmalloc(max_nr_glist_frames * sizeof(grant_ref_t *),
1150 GFP_KERNEL);
1151 if (gnttab_list == NULL)
1152 return -ENOMEM;
1153
bbc60c18
MAEM		 1154 nr_glist_frames = (nr_grant_frames * GREFS_PER_GRANT_FRAME + RPP - 1) / RPP;
1155 for (i = 0; i < nr_glist_frames; i++) {
ad9a8612 1156 gnttab_list[i] = (grant_ref_t *)__get_free_page(GFP_KERNEL);
6b5e7d9e
JL		 1157 if (gnttab_list[i] == NULL) {
1158 ret = -ENOMEM;
ad9a8612 1159 goto ini_nomem;
6b5e7d9e 1160 }
ad9a8612
JF		 1161 }
1162
6b5e7d9e
JL		 1163 if (gnttab_resume() < 0) {
1164 ret = -ENODEV;
1165 goto ini_nomem;
1166 }
ad9a8612
JF		 1167
1168 nr_init_grefs = nr_grant_frames * GREFS_PER_GRANT_FRAME;
1169
1170 for (i = NR_RESERVED_ENTRIES; i < nr_init_grefs - 1; i++)
1171 gnttab_entry(i) = i + 1;
1172
1173 gnttab_entry(nr_init_grefs - 1) = GNTTAB_LIST_END;
1174 gnttab_free_count = nr_init_grefs - NR_RESERVED_ENTRIES;
1175 gnttab_free_head = NR_RESERVED_ENTRIES;
1176
1177 printk("Grant table initialized\n");
1178 return 0;
1179
1180 ini_nomem:
1181 for (i--; i >= 0; i--)
1182 free_page((unsigned long)gnttab_list[i]);
1183 kfree(gnttab_list);
6b5e7d9e 1184 return ret;
ad9a8612 1185}
183d03cc
SS		 1186EXPORT_SYMBOL_GPL(gnttab_init);
1187
1188static int __devinit __gnttab_init(void)
1189{
1190 /* Delay grant-table initialization in the PV on HVM case */
1191 if (xen_hvm_domain())
1192 return 0;
1193
1194 if (!xen_pv_domain())
1195 return -ENODEV;
1196
1197 return gnttab_init();
1198}
ad9a8612 1199
183d03cc 1200core_initcall(__gnttab_init);
ubuntu-bionic-kernel mirror