1 /******************************************************************************
4 * Granting foreign access to our memory reservation.
6 * Copyright (c) 2005-2006, Christopher Clark
7 * Copyright (c) 2004-2005, K A Fraser
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License version 2
11 * as published by the Free Software Foundation; or, when distributed
12 * separately from the Linux kernel or incorporated into other
13 * software packages, subject to the following license:
15 * Permission is hereby granted, free of charge, to any person obtaining a copy
16 * of this source file (the "Software"), to deal in the Software without
17 * restriction, including without limitation the rights to use, copy, modify,
18 * merge, publish, distribute, sublicense, and/or sell copies of the Software,
19 * and to permit persons to whom the Software is furnished to do so, subject to
20 * the following conditions:
22 * The above copyright notice and this permission notice shall be included in
23 * all copies or substantial portions of the Software.
25 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
26 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
27 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
28 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
29 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
30 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
34 #define pr_fmt(fmt) "xen:" KBUILD_MODNAME ": " fmt
36 #include <linux/module.h>
37 #include <linux/sched.h>
39 #include <linux/slab.h>
40 #include <linux/vmalloc.h>
41 #include <linux/uaccess.h>
43 #include <linux/delay.h>
44 #include <linux/hardirq.h>
47 #include <xen/interface/xen.h>
49 #include <xen/grant_table.h>
50 #include <xen/interface/memory.h>
51 #include <xen/hvc-console.h>
52 #include <xen/swiotlb-xen.h>
53 #include <asm/xen/hypercall.h>
54 #include <asm/xen/interface.h>
56 #include <asm/pgtable.h>
57 #include <asm/sync_bitops.h>
59 /* External tools reserve first few grant table entries. */
60 #define NR_RESERVED_ENTRIES 8
61 #define GNTTAB_LIST_END 0xffffffff
63 static grant_ref_t **gnttab_list;
64 static unsigned int nr_grant_frames;
65 static unsigned int boot_max_nr_grant_frames;
66 static int gnttab_free_count;
67 static grant_ref_t gnttab_free_head;
68 static DEFINE_SPINLOCK(gnttab_list_lock);
69 unsigned long xen_hvm_resume_frames;
70 EXPORT_SYMBOL_GPL(xen_hvm_resume_frames);
73 struct grant_entry_v1 *v1;
74 union grant_entry_v2 *v2;
78 /*This is a structure of function pointers for grant table*/
81 * Mapping a list of frames for storing grant entries. Frames parameter
82 * is used to store grant table address when grant table being setup,
83 * nr_gframes is the number of frames to map grant table. Returning
84 * GNTST_okay means success and negative value means failure.
86 int (*map_frames)(xen_pfn_t *frames, unsigned int nr_gframes);
88 * Release a list of frames which are mapped in map_frames for grant
91 void (*unmap_frames)(void);
93 * Introducing a valid entry into the grant table, granting the frame of
94 * this grant entry to domain for accessing or transfering. Ref
95 * parameter is reference of this introduced grant entry, domid is id of
96 * granted domain, frame is the page frame to be granted, and flags is
97 * status of the grant entry to be updated.
99 void (*update_entry)(grant_ref_t ref, domid_t domid,
100 unsigned long frame, unsigned flags);
102 * Stop granting a grant entry to domain for accessing. Ref parameter is
103 * reference of a grant entry whose grant access will be stopped,
104 * readonly is not in use in this function. If the grant entry is
105 * currently mapped for reading or writing, just return failure(==0)
106 * directly and don't tear down the grant access. Otherwise, stop grant
107 * access for this entry and return success(==1).
109 int (*end_foreign_access_ref)(grant_ref_t ref, int readonly);
111 * Stop granting a grant entry to domain for transfer. Ref parameter is
112 * reference of a grant entry whose grant transfer will be stopped. If
113 * tranfer has not started, just reclaim the grant entry and return
114 * failure(==0). Otherwise, wait for the transfer to complete and then
117 unsigned long (*end_foreign_transfer_ref)(grant_ref_t ref);
119 * Query the status of a grant entry. Ref parameter is reference of
120 * queried grant entry, return value is the status of queried entry.
121 * Detailed status(writing/reading) can be gotten from the return value
124 int (*query_foreign_access)(grant_ref_t ref);
126 * Grant a domain to access a range of bytes within the page referred by
127 * an available grant entry. Ref parameter is reference of a grant entry
128 * which will be sub-page accessed, domid is id of grantee domain, frame
129 * is frame address of subpage grant, flags is grant type and flag
130 * information, page_off is offset of the range of bytes, and length is
131 * length of bytes to be accessed.
133 void (*update_subpage_entry)(grant_ref_t ref, domid_t domid,
134 unsigned long frame, int flags,
135 unsigned page_off, unsigned length);
137 * Redirect an available grant entry on domain A to another grant
138 * reference of domain B, then allow domain C to use grant reference
139 * of domain B transitively. Ref parameter is an available grant entry
140 * reference on domain A, domid is id of domain C which accesses grant
141 * entry transitively, flags is grant type and flag information,
142 * trans_domid is id of domain B whose grant entry is finally accessed
143 * transitively, trans_gref is grant entry transitive reference of
146 void (*update_trans_entry)(grant_ref_t ref, domid_t domid, int flags,
147 domid_t trans_domid, grant_ref_t trans_gref);
150 static struct gnttab_ops *gnttab_interface;
152 /*This reflects status of grant entries, so act as a global value*/
153 static grant_status_t *grstatus;
155 static int grant_table_version;
156 static int grefs_per_grant_frame;
158 static struct gnttab_free_callback *gnttab_free_callback_list;
160 static int gnttab_expand(unsigned int req_entries);
162 #define RPP (PAGE_SIZE / sizeof(grant_ref_t))
163 #define SPP (PAGE_SIZE / sizeof(grant_status_t))
165 static inline grant_ref_t *__gnttab_entry(grant_ref_t entry)
167 return &gnttab_list[(entry) / RPP][(entry) % RPP];
169 /* This can be used as an l-value */
170 #define gnttab_entry(entry) (*__gnttab_entry(entry))
172 static int get_free_entries(unsigned count)
178 spin_lock_irqsave(&gnttab_list_lock, flags);
180 if ((gnttab_free_count < count) &&
181 ((rc = gnttab_expand(count - gnttab_free_count)) < 0)) {
182 spin_unlock_irqrestore(&gnttab_list_lock, flags);
186 ref = head = gnttab_free_head;
187 gnttab_free_count -= count;
189 head = gnttab_entry(head);
190 gnttab_free_head = gnttab_entry(head);
191 gnttab_entry(head) = GNTTAB_LIST_END;
193 spin_unlock_irqrestore(&gnttab_list_lock, flags);
198 static void do_free_callbacks(void)
200 struct gnttab_free_callback *callback, *next;
202 callback = gnttab_free_callback_list;
203 gnttab_free_callback_list = NULL;
205 while (callback != NULL) {
206 next = callback->next;
207 if (gnttab_free_count >= callback->count) {
208 callback->next = NULL;
209 callback->fn(callback->arg);
211 callback->next = gnttab_free_callback_list;
212 gnttab_free_callback_list = callback;
218 static inline void check_free_callbacks(void)
220 if (unlikely(gnttab_free_callback_list))
224 static void put_free_entry(grant_ref_t ref)
227 spin_lock_irqsave(&gnttab_list_lock, flags);
228 gnttab_entry(ref) = gnttab_free_head;
229 gnttab_free_head = ref;
231 check_free_callbacks();
232 spin_unlock_irqrestore(&gnttab_list_lock, flags);
236 * Following applies to gnttab_update_entry_v1 and gnttab_update_entry_v2.
237 * Introducing a valid entry into the grant table:
238 * 1. Write ent->domid.
239 * 2. Write ent->frame:
240 * GTF_permit_access: Frame to which access is permitted.
241 * GTF_accept_transfer: Pseudo-phys frame slot being filled by new
242 * frame, or zero if none.
243 * 3. Write memory barrier (WMB).
244 * 4. Write ent->flags, inc. valid type.
246 static void gnttab_update_entry_v1(grant_ref_t ref, domid_t domid,
247 unsigned long frame, unsigned flags)
249 gnttab_shared.v1[ref].domid = domid;
250 gnttab_shared.v1[ref].frame = frame;
252 gnttab_shared.v1[ref].flags = flags;
255 static void gnttab_update_entry_v2(grant_ref_t ref, domid_t domid,
256 unsigned long frame, unsigned flags)
258 gnttab_shared.v2[ref].hdr.domid = domid;
259 gnttab_shared.v2[ref].full_page.frame = frame;
261 gnttab_shared.v2[ref].hdr.flags = GTF_permit_access | flags;
265 * Public grant-issuing interface functions
267 void gnttab_grant_foreign_access_ref(grant_ref_t ref, domid_t domid,
268 unsigned long frame, int readonly)
270 gnttab_interface->update_entry(ref, domid, frame,
271 GTF_permit_access | (readonly ? GTF_readonly : 0));
273 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_ref);
275 int gnttab_grant_foreign_access(domid_t domid, unsigned long frame,
280 ref = get_free_entries(1);
281 if (unlikely(ref < 0))
284 gnttab_grant_foreign_access_ref(ref, domid, frame, readonly);
288 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access);
290 static void gnttab_update_subpage_entry_v2(grant_ref_t ref, domid_t domid,
291 unsigned long frame, int flags,
292 unsigned page_off, unsigned length)
294 gnttab_shared.v2[ref].sub_page.frame = frame;
295 gnttab_shared.v2[ref].sub_page.page_off = page_off;
296 gnttab_shared.v2[ref].sub_page.length = length;
297 gnttab_shared.v2[ref].hdr.domid = domid;
299 gnttab_shared.v2[ref].hdr.flags =
300 GTF_permit_access | GTF_sub_page | flags;
303 int gnttab_grant_foreign_access_subpage_ref(grant_ref_t ref, domid_t domid,
304 unsigned long frame, int flags,
308 if (flags & (GTF_accept_transfer | GTF_reading |
309 GTF_writing | GTF_transitive))
312 if (gnttab_interface->update_subpage_entry == NULL)
315 gnttab_interface->update_subpage_entry(ref, domid, frame, flags,
320 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_subpage_ref);
322 int gnttab_grant_foreign_access_subpage(domid_t domid, unsigned long frame,
323 int flags, unsigned page_off,
328 ref = get_free_entries(1);
329 if (unlikely(ref < 0))
332 rc = gnttab_grant_foreign_access_subpage_ref(ref, domid, frame, flags,
341 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_subpage);
343 bool gnttab_subpage_grants_available(void)
345 return gnttab_interface->update_subpage_entry != NULL;
347 EXPORT_SYMBOL_GPL(gnttab_subpage_grants_available);
349 static void gnttab_update_trans_entry_v2(grant_ref_t ref, domid_t domid,
350 int flags, domid_t trans_domid,
351 grant_ref_t trans_gref)
353 gnttab_shared.v2[ref].transitive.trans_domid = trans_domid;
354 gnttab_shared.v2[ref].transitive.gref = trans_gref;
355 gnttab_shared.v2[ref].hdr.domid = domid;
357 gnttab_shared.v2[ref].hdr.flags =
358 GTF_permit_access | GTF_transitive | flags;
361 int gnttab_grant_foreign_access_trans_ref(grant_ref_t ref, domid_t domid,
362 int flags, domid_t trans_domid,
363 grant_ref_t trans_gref)
365 if (flags & (GTF_accept_transfer | GTF_reading |
366 GTF_writing | GTF_sub_page))
369 if (gnttab_interface->update_trans_entry == NULL)
372 gnttab_interface->update_trans_entry(ref, domid, flags, trans_domid,
377 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_trans_ref);
379 int gnttab_grant_foreign_access_trans(domid_t domid, int flags,
381 grant_ref_t trans_gref)
385 ref = get_free_entries(1);
386 if (unlikely(ref < 0))
389 rc = gnttab_grant_foreign_access_trans_ref(ref, domid, flags,
390 trans_domid, trans_gref);
398 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_trans);
400 bool gnttab_trans_grants_available(void)
402 return gnttab_interface->update_trans_entry != NULL;
404 EXPORT_SYMBOL_GPL(gnttab_trans_grants_available);
406 static int gnttab_query_foreign_access_v1(grant_ref_t ref)
408 return gnttab_shared.v1[ref].flags & (GTF_reading|GTF_writing);
411 static int gnttab_query_foreign_access_v2(grant_ref_t ref)
413 return grstatus[ref] & (GTF_reading|GTF_writing);
416 int gnttab_query_foreign_access(grant_ref_t ref)
418 return gnttab_interface->query_foreign_access(ref);
420 EXPORT_SYMBOL_GPL(gnttab_query_foreign_access);
422 static int gnttab_end_foreign_access_ref_v1(grant_ref_t ref, int readonly)
427 pflags = &gnttab_shared.v1[ref].flags;
431 if (flags & (GTF_reading|GTF_writing))
433 } while ((nflags = sync_cmpxchg(pflags, flags, 0)) != flags);
438 static int gnttab_end_foreign_access_ref_v2(grant_ref_t ref, int readonly)
440 gnttab_shared.v2[ref].hdr.flags = 0;
442 if (grstatus[ref] & (GTF_reading|GTF_writing)) {
445 /* The read of grstatus needs to have acquire
446 semantics. On x86, reads already have
447 that, and we just need to protect against
448 compiler reorderings. On other
449 architectures we may need a full
461 static inline int _gnttab_end_foreign_access_ref(grant_ref_t ref, int readonly)
463 return gnttab_interface->end_foreign_access_ref(ref, readonly);
466 int gnttab_end_foreign_access_ref(grant_ref_t ref, int readonly)
468 if (_gnttab_end_foreign_access_ref(ref, readonly))
470 pr_warn("WARNING: g.e. %#x still in use!\n", ref);
473 EXPORT_SYMBOL_GPL(gnttab_end_foreign_access_ref);
475 struct deferred_entry {
476 struct list_head list;
482 static LIST_HEAD(deferred_list);
483 static void gnttab_handle_deferred(unsigned long);
484 static DEFINE_TIMER(deferred_timer, gnttab_handle_deferred, 0, 0);
486 static void gnttab_handle_deferred(unsigned long unused)
488 unsigned int nr = 10;
489 struct deferred_entry *first = NULL;
492 spin_lock_irqsave(&gnttab_list_lock, flags);
494 struct deferred_entry *entry
495 = list_first_entry(&deferred_list,
496 struct deferred_entry, list);
500 list_del(&entry->list);
501 spin_unlock_irqrestore(&gnttab_list_lock, flags);
502 if (_gnttab_end_foreign_access_ref(entry->ref, entry->ro)) {
503 put_free_entry(entry->ref);
505 pr_debug("freeing g.e. %#x (pfn %#lx)\n",
506 entry->ref, page_to_pfn(entry->page));
507 __free_page(entry->page);
509 pr_info("freeing g.e. %#x\n", entry->ref);
513 if (!--entry->warn_delay)
514 pr_info("g.e. %#x still pending\n", entry->ref);
518 spin_lock_irqsave(&gnttab_list_lock, flags);
520 list_add_tail(&entry->list, &deferred_list);
521 else if (list_empty(&deferred_list))
524 if (!list_empty(&deferred_list) && !timer_pending(&deferred_timer)) {
525 deferred_timer.expires = jiffies + HZ;
526 add_timer(&deferred_timer);
528 spin_unlock_irqrestore(&gnttab_list_lock, flags);
531 static void gnttab_add_deferred(grant_ref_t ref, bool readonly,
534 struct deferred_entry *entry = kmalloc(sizeof(*entry), GFP_ATOMIC);
535 const char *what = KERN_WARNING "leaking";
541 entry->ro = readonly;
543 entry->warn_delay = 60;
544 spin_lock_irqsave(&gnttab_list_lock, flags);
545 list_add_tail(&entry->list, &deferred_list);
546 if (!timer_pending(&deferred_timer)) {
547 deferred_timer.expires = jiffies + HZ;
548 add_timer(&deferred_timer);
550 spin_unlock_irqrestore(&gnttab_list_lock, flags);
551 what = KERN_DEBUG "deferring";
553 printk("%s g.e. %#x (pfn %#lx)\n",
554 what, ref, page ? page_to_pfn(page) : -1);
557 void gnttab_end_foreign_access(grant_ref_t ref, int readonly,
560 if (gnttab_end_foreign_access_ref(ref, readonly)) {
565 gnttab_add_deferred(ref, readonly,
566 page ? virt_to_page(page) : NULL);
568 EXPORT_SYMBOL_GPL(gnttab_end_foreign_access);
570 int gnttab_grant_foreign_transfer(domid_t domid, unsigned long pfn)
574 ref = get_free_entries(1);
575 if (unlikely(ref < 0))
577 gnttab_grant_foreign_transfer_ref(ref, domid, pfn);
581 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_transfer);
583 void gnttab_grant_foreign_transfer_ref(grant_ref_t ref, domid_t domid,
586 gnttab_interface->update_entry(ref, domid, pfn, GTF_accept_transfer);
588 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_transfer_ref);
590 static unsigned long gnttab_end_foreign_transfer_ref_v1(grant_ref_t ref)
596 pflags = &gnttab_shared.v1[ref].flags;
599 * If a transfer is not even yet started, try to reclaim the grant
600 * reference and return failure (== 0).
602 while (!((flags = *pflags) & GTF_transfer_committed)) {
603 if (sync_cmpxchg(pflags, flags, 0) == flags)
608 /* If a transfer is in progress then wait until it is completed. */
609 while (!(flags & GTF_transfer_completed)) {
614 rmb(); /* Read the frame number /after/ reading completion status. */
615 frame = gnttab_shared.v1[ref].frame;
621 static unsigned long gnttab_end_foreign_transfer_ref_v2(grant_ref_t ref)
627 pflags = &gnttab_shared.v2[ref].hdr.flags;
630 * If a transfer is not even yet started, try to reclaim the grant
631 * reference and return failure (== 0).
633 while (!((flags = *pflags) & GTF_transfer_committed)) {
634 if (sync_cmpxchg(pflags, flags, 0) == flags)
639 /* If a transfer is in progress then wait until it is completed. */
640 while (!(flags & GTF_transfer_completed)) {
645 rmb(); /* Read the frame number /after/ reading completion status. */
646 frame = gnttab_shared.v2[ref].full_page.frame;
652 unsigned long gnttab_end_foreign_transfer_ref(grant_ref_t ref)
654 return gnttab_interface->end_foreign_transfer_ref(ref);
656 EXPORT_SYMBOL_GPL(gnttab_end_foreign_transfer_ref);
658 unsigned long gnttab_end_foreign_transfer(grant_ref_t ref)
660 unsigned long frame = gnttab_end_foreign_transfer_ref(ref);
664 EXPORT_SYMBOL_GPL(gnttab_end_foreign_transfer);
666 void gnttab_free_grant_reference(grant_ref_t ref)
670 EXPORT_SYMBOL_GPL(gnttab_free_grant_reference);
672 void gnttab_free_grant_references(grant_ref_t head)
677 if (head == GNTTAB_LIST_END)
679 spin_lock_irqsave(&gnttab_list_lock, flags);
681 while (gnttab_entry(ref) != GNTTAB_LIST_END) {
682 ref = gnttab_entry(ref);
685 gnttab_entry(ref) = gnttab_free_head;
686 gnttab_free_head = head;
687 gnttab_free_count += count;
688 check_free_callbacks();
689 spin_unlock_irqrestore(&gnttab_list_lock, flags);
691 EXPORT_SYMBOL_GPL(gnttab_free_grant_references);
693 int gnttab_alloc_grant_references(u16 count, grant_ref_t *head)
695 int h = get_free_entries(count);
704 EXPORT_SYMBOL_GPL(gnttab_alloc_grant_references);
706 int gnttab_empty_grant_references(const grant_ref_t *private_head)
708 return (*private_head == GNTTAB_LIST_END);
710 EXPORT_SYMBOL_GPL(gnttab_empty_grant_references);
712 int gnttab_claim_grant_reference(grant_ref_t *private_head)
714 grant_ref_t g = *private_head;
715 if (unlikely(g == GNTTAB_LIST_END))
717 *private_head = gnttab_entry(g);
720 EXPORT_SYMBOL_GPL(gnttab_claim_grant_reference);
722 void gnttab_release_grant_reference(grant_ref_t *private_head,
725 gnttab_entry(release) = *private_head;
726 *private_head = release;
728 EXPORT_SYMBOL_GPL(gnttab_release_grant_reference);
730 void gnttab_request_free_callback(struct gnttab_free_callback *callback,
731 void (*fn)(void *), void *arg, u16 count)
734 struct gnttab_free_callback *cb;
736 spin_lock_irqsave(&gnttab_list_lock, flags);
738 /* Check if the callback is already on the list */
739 cb = gnttab_free_callback_list;
748 callback->count = count;
749 callback->next = gnttab_free_callback_list;
750 gnttab_free_callback_list = callback;
751 check_free_callbacks();
753 spin_unlock_irqrestore(&gnttab_list_lock, flags);
755 EXPORT_SYMBOL_GPL(gnttab_request_free_callback);
757 void gnttab_cancel_free_callback(struct gnttab_free_callback *callback)
759 struct gnttab_free_callback **pcb;
762 spin_lock_irqsave(&gnttab_list_lock, flags);
763 for (pcb = &gnttab_free_callback_list; *pcb; pcb = &(*pcb)->next) {
764 if (*pcb == callback) {
765 *pcb = callback->next;
769 spin_unlock_irqrestore(&gnttab_list_lock, flags);
771 EXPORT_SYMBOL_GPL(gnttab_cancel_free_callback);
773 static int grow_gnttab_list(unsigned int more_frames)
775 unsigned int new_nr_grant_frames, extra_entries, i;
776 unsigned int nr_glist_frames, new_nr_glist_frames;
778 BUG_ON(grefs_per_grant_frame == 0);
780 new_nr_grant_frames = nr_grant_frames + more_frames;
781 extra_entries = more_frames * grefs_per_grant_frame;
783 nr_glist_frames = (nr_grant_frames * grefs_per_grant_frame + RPP - 1) / RPP;
784 new_nr_glist_frames =
785 (new_nr_grant_frames * grefs_per_grant_frame + RPP - 1) / RPP;
786 for (i = nr_glist_frames; i < new_nr_glist_frames; i++) {
787 gnttab_list[i] = (grant_ref_t *)__get_free_page(GFP_ATOMIC);
793 for (i = grefs_per_grant_frame * nr_grant_frames;
794 i < grefs_per_grant_frame * new_nr_grant_frames - 1; i++)
795 gnttab_entry(i) = i + 1;
797 gnttab_entry(i) = gnttab_free_head;
798 gnttab_free_head = grefs_per_grant_frame * nr_grant_frames;
799 gnttab_free_count += extra_entries;
801 nr_grant_frames = new_nr_grant_frames;
803 check_free_callbacks();
808 for ( ; i >= nr_glist_frames; i--)
809 free_page((unsigned long) gnttab_list[i]);
813 static unsigned int __max_nr_grant_frames(void)
815 struct gnttab_query_size query;
818 query.dom = DOMID_SELF;
820 rc = HYPERVISOR_grant_table_op(GNTTABOP_query_size, &query, 1);
821 if ((rc < 0) || (query.status != GNTST_okay))
822 return 4; /* Legacy max supported number of frames */
824 return query.max_nr_frames;
827 unsigned int gnttab_max_grant_frames(void)
829 unsigned int xen_max = __max_nr_grant_frames();
831 if (xen_max > boot_max_nr_grant_frames)
832 return boot_max_nr_grant_frames;
835 EXPORT_SYMBOL_GPL(gnttab_max_grant_frames);
837 /* Handling of paged out grant targets (GNTST_eagain) */
838 #define MAX_DELAY 256
840 gnttab_retry_eagain_gop(unsigned int cmd, void *gop, int16_t *status,
846 BUG_ON(HYPERVISOR_grant_table_op(cmd, gop, 1));
847 if (*status == GNTST_eagain)
849 } while ((*status == GNTST_eagain) && (delay < MAX_DELAY));
851 if (delay >= MAX_DELAY) {
852 pr_err("%s: %s eagain grant\n", func, current->comm);
853 *status = GNTST_bad_page;
857 void gnttab_batch_map(struct gnttab_map_grant_ref *batch, unsigned count)
859 struct gnttab_map_grant_ref *op;
861 if (HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, batch, count))
863 for (op = batch; op < batch + count; op++)
864 if (op->status == GNTST_eagain)
865 gnttab_retry_eagain_gop(GNTTABOP_map_grant_ref, op,
866 &op->status, __func__);
868 EXPORT_SYMBOL_GPL(gnttab_batch_map);
870 void gnttab_batch_copy(struct gnttab_copy *batch, unsigned count)
872 struct gnttab_copy *op;
874 if (HYPERVISOR_grant_table_op(GNTTABOP_copy, batch, count))
876 for (op = batch; op < batch + count; op++)
877 if (op->status == GNTST_eagain)
878 gnttab_retry_eagain_gop(GNTTABOP_copy, op,
879 &op->status, __func__);
881 EXPORT_SYMBOL_GPL(gnttab_batch_copy);
883 int gnttab_map_refs(struct gnttab_map_grant_ref *map_ops,
884 struct gnttab_map_grant_ref *kmap_ops,
885 struct page **pages, unsigned int count)
892 ret = HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, map_ops, count);
896 /* Retry eagain maps */
897 for (i = 0; i < count; i++)
898 if (map_ops[i].status == GNTST_eagain)
899 gnttab_retry_eagain_gop(GNTTABOP_map_grant_ref, map_ops + i,
900 &map_ops[i].status, __func__);
902 /* this is basically a nop on x86 */
903 if (xen_feature(XENFEAT_auto_translated_physmap)) {
904 for (i = 0; i < count; i++) {
905 if (map_ops[i].status)
907 set_phys_to_machine(map_ops[i].host_addr >> PAGE_SHIFT,
908 map_ops[i].dev_bus_addr >> PAGE_SHIFT);
913 if (!in_interrupt() && paravirt_get_lazy_mode() == PARAVIRT_LAZY_NONE) {
914 arch_enter_lazy_mmu_mode();
918 for (i = 0; i < count; i++) {
919 /* Do not add to override if the map failed. */
920 if (map_ops[i].status)
923 if (map_ops[i].flags & GNTMAP_contains_pte) {
924 pte = (pte_t *) (mfn_to_virt(PFN_DOWN(map_ops[i].host_addr)) +
925 (map_ops[i].host_addr & ~PAGE_MASK));
928 mfn = PFN_DOWN(map_ops[i].dev_bus_addr);
930 ret = m2p_add_override(mfn, pages[i], kmap_ops ?
931 &kmap_ops[i] : NULL);
937 arch_leave_lazy_mmu_mode();
941 EXPORT_SYMBOL_GPL(gnttab_map_refs);
943 int gnttab_unmap_refs(struct gnttab_unmap_grant_ref *unmap_ops,
944 struct gnttab_map_grant_ref *kmap_ops,
945 struct page **pages, unsigned int count)
950 ret = HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, unmap_ops, count);
954 /* this is basically a nop on x86 */
955 if (xen_feature(XENFEAT_auto_translated_physmap)) {
956 for (i = 0; i < count; i++) {
957 set_phys_to_machine(unmap_ops[i].host_addr >> PAGE_SHIFT,
963 if (!in_interrupt() && paravirt_get_lazy_mode() == PARAVIRT_LAZY_NONE) {
964 arch_enter_lazy_mmu_mode();
968 for (i = 0; i < count; i++) {
969 ret = m2p_remove_override(pages[i], kmap_ops ?
970 &kmap_ops[i] : NULL);
976 arch_leave_lazy_mmu_mode();
980 EXPORT_SYMBOL_GPL(gnttab_unmap_refs);
982 static unsigned nr_status_frames(unsigned nr_grant_frames)
984 BUG_ON(grefs_per_grant_frame == 0);
985 return (nr_grant_frames * grefs_per_grant_frame + SPP - 1) / SPP;
988 static int gnttab_map_frames_v1(xen_pfn_t *frames, unsigned int nr_gframes)
992 rc = arch_gnttab_map_shared(frames, nr_gframes,
993 gnttab_max_grant_frames(),
994 &gnttab_shared.addr);
1000 static void gnttab_unmap_frames_v1(void)
1002 arch_gnttab_unmap(gnttab_shared.addr, nr_grant_frames);
1005 static int gnttab_map_frames_v2(xen_pfn_t *frames, unsigned int nr_gframes)
1008 unsigned int nr_sframes;
1009 struct gnttab_get_status_frames getframes;
1012 nr_sframes = nr_status_frames(nr_gframes);
1014 /* No need for kzalloc as it is initialized in following hypercall
1015 * GNTTABOP_get_status_frames.
1017 sframes = kmalloc(nr_sframes * sizeof(uint64_t), GFP_ATOMIC);
1021 getframes.dom = DOMID_SELF;
1022 getframes.nr_frames = nr_sframes;
1023 set_xen_guest_handle(getframes.frame_list, sframes);
1025 rc = HYPERVISOR_grant_table_op(GNTTABOP_get_status_frames,
1027 if (rc == -ENOSYS) {
1032 BUG_ON(rc || getframes.status);
1034 rc = arch_gnttab_map_status(sframes, nr_sframes,
1035 nr_status_frames(gnttab_max_grant_frames()),
1040 rc = arch_gnttab_map_shared(frames, nr_gframes,
1041 gnttab_max_grant_frames(),
1042 &gnttab_shared.addr);
1048 static void gnttab_unmap_frames_v2(void)
1050 arch_gnttab_unmap(gnttab_shared.addr, nr_grant_frames);
1051 arch_gnttab_unmap(grstatus, nr_status_frames(nr_grant_frames));
1054 static int gnttab_map(unsigned int start_idx, unsigned int end_idx)
1056 struct gnttab_setup_table setup;
1058 unsigned int nr_gframes = end_idx + 1;
1061 if (xen_hvm_domain()) {
1062 struct xen_add_to_physmap xatp;
1063 unsigned int i = end_idx;
1066 * Loop backwards, so that the first hypercall has the largest
1067 * index, ensuring that the table will grow only once.
1070 xatp.domid = DOMID_SELF;
1072 xatp.space = XENMAPSPACE_grant_table;
1073 xatp.gpfn = (xen_hvm_resume_frames >> PAGE_SHIFT) + i;
1074 rc = HYPERVISOR_memory_op(XENMEM_add_to_physmap, &xatp);
1076 pr_warn("grant table add_to_physmap failed, err=%d\n",
1080 } while (i-- > start_idx);
1085 /* No need for kzalloc as it is initialized in following hypercall
1086 * GNTTABOP_setup_table.
1088 frames = kmalloc(nr_gframes * sizeof(unsigned long), GFP_ATOMIC);
1092 setup.dom = DOMID_SELF;
1093 setup.nr_frames = nr_gframes;
1094 set_xen_guest_handle(setup.frame_list, frames);
1096 rc = HYPERVISOR_grant_table_op(GNTTABOP_setup_table, &setup, 1);
1097 if (rc == -ENOSYS) {
1102 BUG_ON(rc || setup.status);
1104 rc = gnttab_interface->map_frames(frames, nr_gframes);
1111 static struct gnttab_ops gnttab_v1_ops = {
1112 .map_frames = gnttab_map_frames_v1,
1113 .unmap_frames = gnttab_unmap_frames_v1,
1114 .update_entry = gnttab_update_entry_v1,
1115 .end_foreign_access_ref = gnttab_end_foreign_access_ref_v1,
1116 .end_foreign_transfer_ref = gnttab_end_foreign_transfer_ref_v1,
1117 .query_foreign_access = gnttab_query_foreign_access_v1,
1120 static struct gnttab_ops gnttab_v2_ops = {
1121 .map_frames = gnttab_map_frames_v2,
1122 .unmap_frames = gnttab_unmap_frames_v2,
1123 .update_entry = gnttab_update_entry_v2,
1124 .end_foreign_access_ref = gnttab_end_foreign_access_ref_v2,
1125 .end_foreign_transfer_ref = gnttab_end_foreign_transfer_ref_v2,
1126 .query_foreign_access = gnttab_query_foreign_access_v2,
1127 .update_subpage_entry = gnttab_update_subpage_entry_v2,
1128 .update_trans_entry = gnttab_update_trans_entry_v2,
1131 static void gnttab_request_version(void)
1134 struct gnttab_set_version gsv;
1136 if (xen_hvm_domain())
1140 rc = HYPERVISOR_grant_table_op(GNTTABOP_set_version, &gsv, 1);
1141 if (rc == 0 && gsv.version == 2) {
1142 grant_table_version = 2;
1143 grefs_per_grant_frame = PAGE_SIZE / sizeof(union grant_entry_v2);
1144 gnttab_interface = &gnttab_v2_ops;
1145 } else if (grant_table_version == 2) {
1147 * If we've already used version 2 features,
1148 * but then suddenly discover that they're not
1149 * available (e.g. migrating to an older
1150 * version of Xen), almost unbounded badness
1153 panic("we need grant tables version 2, but only version 1 is available");
1155 grant_table_version = 1;
1156 grefs_per_grant_frame = PAGE_SIZE / sizeof(struct grant_entry_v1);
1157 gnttab_interface = &gnttab_v1_ops;
1159 pr_info("Grant tables using version %d layout\n", grant_table_version);
1162 static int gnttab_setup(void)
1164 unsigned int max_nr_gframes;
1166 max_nr_gframes = gnttab_max_grant_frames();
1167 if (max_nr_gframes < nr_grant_frames)
1170 if (xen_pv_domain())
1171 return gnttab_map(0, nr_grant_frames - 1);
1173 if (gnttab_shared.addr == NULL) {
1174 gnttab_shared.addr = xen_remap(xen_hvm_resume_frames,
1175 PAGE_SIZE * max_nr_gframes);
1176 if (gnttab_shared.addr == NULL) {
1177 pr_warn("Failed to ioremap gnttab share frames!\n");
1182 gnttab_map(0, nr_grant_frames - 1);
1187 int gnttab_resume(void)
1189 gnttab_request_version();
1190 return gnttab_setup();
1193 int gnttab_suspend(void)
1195 gnttab_interface->unmap_frames();
1199 static int gnttab_expand(unsigned int req_entries)
1202 unsigned int cur, extra;
1204 BUG_ON(grefs_per_grant_frame == 0);
1205 cur = nr_grant_frames;
1206 extra = ((req_entries + (grefs_per_grant_frame-1)) /
1207 grefs_per_grant_frame);
1208 if (cur + extra > gnttab_max_grant_frames())
1211 rc = gnttab_map(cur, cur + extra - 1);
1213 rc = grow_gnttab_list(extra);
1218 int gnttab_init(void)
1221 unsigned int max_nr_glist_frames, nr_glist_frames;
1222 unsigned int nr_init_grefs;
1225 gnttab_request_version();
1226 nr_grant_frames = 1;
1227 boot_max_nr_grant_frames = __max_nr_grant_frames();
1229 /* Determine the maximum number of frames required for the
1230 * grant reference free list on the current hypervisor.
1232 BUG_ON(grefs_per_grant_frame == 0);
1233 max_nr_glist_frames = (boot_max_nr_grant_frames *
1234 grefs_per_grant_frame / RPP);
1236 gnttab_list = kmalloc(max_nr_glist_frames * sizeof(grant_ref_t *),
1238 if (gnttab_list == NULL)
1241 nr_glist_frames = (nr_grant_frames * grefs_per_grant_frame + RPP - 1) / RPP;
1242 for (i = 0; i < nr_glist_frames; i++) {
1243 gnttab_list[i] = (grant_ref_t *)__get_free_page(GFP_KERNEL);
1244 if (gnttab_list[i] == NULL) {
1250 if (gnttab_setup() < 0) {
1255 nr_init_grefs = nr_grant_frames * grefs_per_grant_frame;
1257 for (i = NR_RESERVED_ENTRIES; i < nr_init_grefs - 1; i++)
1258 gnttab_entry(i) = i + 1;
1260 gnttab_entry(nr_init_grefs - 1) = GNTTAB_LIST_END;
1261 gnttab_free_count = nr_init_grefs - NR_RESERVED_ENTRIES;
1262 gnttab_free_head = NR_RESERVED_ENTRIES;
1264 printk("Grant table initialized\n");
1268 for (i--; i >= 0; i--)
1269 free_page((unsigned long)gnttab_list[i]);
1273 EXPORT_SYMBOL_GPL(gnttab_init);
1275 static int __gnttab_init(void)
1277 /* Delay grant-table initialization in the PV on HVM case */
1278 if (xen_hvm_domain())
1281 if (!xen_pv_domain())
1284 return gnttab_init();
1287 core_initcall(__gnttab_init);
projects / ~andy / linux / blob