1 /******************************************************************************
2  * Client-facing interface for the Xenbus driver.  In other words, the
3  * interface between the Xenbus and the device-specific code, be it the
4  * frontend or the backend of that driver.
5  *
6  * Copyright (C) 2005 XenSource Ltd
7  *
8  * This program is free software; you can redistribute it and/or
9  * modify it under the terms of the GNU General Public License version 2
10  * as published by the Free Software Foundation; or, when distributed
11  * separately from the Linux kernel or incorporated into other
12  * software packages, subject to the following license:
13  *
14  * Permission is hereby granted, free of charge, to any person obtaining a copy
15  * of this source file (the "Software"), to deal in the Software without
16  * restriction, including without limitation the rights to use, copy, modify,
17  * merge, publish, distribute, sublicense, and/or sell copies of the Software,
18  * and to permit persons to whom the Software is furnished to do so, subject to
19  * the following conditions:
20  *
21  * The above copyright notice and this permission notice shall be included in
22  * all copies or substantial portions of the Software.
23  *
24  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
25  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
26  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
27  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
28  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
29  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
30  * IN THE SOFTWARE.
31  */
32 
33 #include <linux/mm.h>
34 #include <linux/slab.h>
35 #include <linux/types.h>
36 #include <linux/spinlock.h>
37 #include <linux/vmalloc.h>
38 #include <linux/export.h>
39 #include <asm/xen/hypervisor.h>
40 #include <xen/page.h>
41 #include <xen/interface/xen.h>
42 #include <xen/interface/event_channel.h>
43 #include <xen/balloon.h>
44 #include <xen/events.h>
45 #include <xen/grant_table.h>
46 #include <xen/xenbus.h>
47 #include <xen/xen.h>
48 #include <xen/features.h>
49 
50 #include "xenbus.h"
51 
52 #define XENBUS_PAGES(_grants)	(DIV_ROUND_UP(_grants, XEN_PFN_PER_PAGE))
53 
54 #define XENBUS_MAX_RING_PAGES	(XENBUS_PAGES(XENBUS_MAX_RING_GRANTS))
55 
56 struct xenbus_map_node {
57 	struct list_head next;
58 	union {
59 		struct {
60 			struct vm_struct *area;
61 		} pv;
62 		struct {
63 			struct page *pages[XENBUS_MAX_RING_PAGES];
64 			unsigned long addrs[XENBUS_MAX_RING_GRANTS];
65 			void *addr;
66 		} hvm;
67 	};
68 	grant_handle_t handles[XENBUS_MAX_RING_GRANTS];
69 	unsigned int   nr_handles;
70 };
71 
72 static DEFINE_SPINLOCK(xenbus_valloc_lock);
73 static LIST_HEAD(xenbus_valloc_pages);
74 
75 struct xenbus_ring_ops {
76 	int (*map)(struct xenbus_device *dev,
77 		   grant_ref_t *gnt_refs, unsigned int nr_grefs,
78 		   void **vaddr);
79 	int (*unmap)(struct xenbus_device *dev, void *vaddr);
80 };
81 
82 static const struct xenbus_ring_ops *ring_ops __read_mostly;
83 
xenbus_strstate(enum xenbus_state state)84 const char *xenbus_strstate(enum xenbus_state state)
85 {
86 	static const char *const name[] = {
87 		[ XenbusStateUnknown      ] = "Unknown",
88 		[ XenbusStateInitialising ] = "Initialising",
89 		[ XenbusStateInitWait     ] = "InitWait",
90 		[ XenbusStateInitialised  ] = "Initialised",
91 		[ XenbusStateConnected    ] = "Connected",
92 		[ XenbusStateClosing      ] = "Closing",
93 		[ XenbusStateClosed	  ] = "Closed",
94 		[XenbusStateReconfiguring] = "Reconfiguring",
95 		[XenbusStateReconfigured] = "Reconfigured",
96 	};
97 	return (state < ARRAY_SIZE(name)) ? name[state] : "INVALID";
98 }
99 EXPORT_SYMBOL_GPL(xenbus_strstate);
100 
101 /**
102  * xenbus_watch_path - register a watch
103  * @dev: xenbus device
104  * @path: path to watch
105  * @watch: watch to register
106  * @callback: callback to register
107  *
108  * Register a @watch on the given path, using the given xenbus_watch structure
109  * for storage, and the given @callback function as the callback.  Return 0 on
110  * success, or -errno on error.  On success, the given @path will be saved as
111  * @watch->node, and remains the caller's to free.  On error, @watch->node will
112  * be NULL, the device will switch to %XenbusStateClosing, and the error will
113  * be saved in the store.
114  */
xenbus_watch_path(struct xenbus_device * dev,const char * path,struct xenbus_watch * watch,void (* callback)(struct xenbus_watch *,const char *,const char *))115 int xenbus_watch_path(struct xenbus_device *dev, const char *path,
116 		      struct xenbus_watch *watch,
117 		      void (*callback)(struct xenbus_watch *,
118 				       const char *, const char *))
119 {
120 	int err;
121 
122 	watch->node = path;
123 	watch->callback = callback;
124 
125 	err = register_xenbus_watch(watch);
126 
127 	if (err) {
128 		watch->node = NULL;
129 		watch->callback = NULL;
130 		xenbus_dev_fatal(dev, err, "adding watch on %s", path);
131 	}
132 
133 	return err;
134 }
135 EXPORT_SYMBOL_GPL(xenbus_watch_path);
136 
137 
138 /**
139  * xenbus_watch_pathfmt - register a watch on a sprintf-formatted path
140  * @dev: xenbus device
141  * @watch: watch to register
142  * @callback: callback to register
143  * @pathfmt: format of path to watch
144  *
145  * Register a watch on the given @path, using the given xenbus_watch
146  * structure for storage, and the given @callback function as the callback.
147  * Return 0 on success, or -errno on error.  On success, the watched path
148  * (@path/@path2) will be saved as @watch->node, and becomes the caller's to
149  * kfree().  On error, watch->node will be NULL, so the caller has nothing to
150  * free, the device will switch to %XenbusStateClosing, and the error will be
151  * saved in the store.
152  */
xenbus_watch_pathfmt(struct xenbus_device * dev,struct xenbus_watch * watch,void (* callback)(struct xenbus_watch *,const char *,const char *),const char * pathfmt,...)153 int xenbus_watch_pathfmt(struct xenbus_device *dev,
154 			 struct xenbus_watch *watch,
155 			 void (*callback)(struct xenbus_watch *,
156 					  const char *, const char *),
157 			 const char *pathfmt, ...)
158 {
159 	int err;
160 	va_list ap;
161 	char *path;
162 
163 	va_start(ap, pathfmt);
164 	path = kvasprintf(GFP_NOIO | __GFP_HIGH, pathfmt, ap);
165 	va_end(ap);
166 
167 	if (!path) {
168 		xenbus_dev_fatal(dev, -ENOMEM, "allocating path for watch");
169 		return -ENOMEM;
170 	}
171 	err = xenbus_watch_path(dev, path, watch, callback);
172 
173 	if (err)
174 		kfree(path);
175 	return err;
176 }
177 EXPORT_SYMBOL_GPL(xenbus_watch_pathfmt);
178 
179 static void xenbus_switch_fatal(struct xenbus_device *, int, int,
180 				const char *, ...);
181 
182 static int
__xenbus_switch_state(struct xenbus_device * dev,enum xenbus_state state,int depth)183 __xenbus_switch_state(struct xenbus_device *dev,
184 		      enum xenbus_state state, int depth)
185 {
186 	/* We check whether the state is currently set to the given value, and
187 	   if not, then the state is set.  We don't want to unconditionally
188 	   write the given state, because we don't want to fire watches
189 	   unnecessarily.  Furthermore, if the node has gone, we don't write
190 	   to it, as the device will be tearing down, and we don't want to
191 	   resurrect that directory.
192 
193 	   Note that, because of this cached value of our state, this
194 	   function will not take a caller's Xenstore transaction
195 	   (something it was trying to in the past) because dev->state
196 	   would not get reset if the transaction was aborted.
197 	 */
198 
199 	struct xenbus_transaction xbt;
200 	int current_state;
201 	int err, abort;
202 
203 	if (state == dev->state)
204 		return 0;
205 
206 again:
207 	abort = 1;
208 
209 	err = xenbus_transaction_start(&xbt);
210 	if (err) {
211 		xenbus_switch_fatal(dev, depth, err, "starting transaction");
212 		return 0;
213 	}
214 
215 	err = xenbus_scanf(xbt, dev->nodename, "state", "%d", &current_state);
216 	if (err != 1)
217 		goto abort;
218 
219 	err = xenbus_printf(xbt, dev->nodename, "state", "%d", state);
220 	if (err) {
221 		xenbus_switch_fatal(dev, depth, err, "writing new state");
222 		goto abort;
223 	}
224 
225 	abort = 0;
226 abort:
227 	err = xenbus_transaction_end(xbt, abort);
228 	if (err) {
229 		if (err == -EAGAIN && !abort)
230 			goto again;
231 		xenbus_switch_fatal(dev, depth, err, "ending transaction");
232 	} else
233 		dev->state = state;
234 
235 	return 0;
236 }
237 
238 /**
239  * xenbus_switch_state
240  * @dev: xenbus device
241  * @state: new state
242  *
243  * Advertise in the store a change of the given driver to the given new_state.
244  * Return 0 on success, or -errno on error.  On error, the device will switch
245  * to XenbusStateClosing, and the error will be saved in the store.
246  */
xenbus_switch_state(struct xenbus_device * dev,enum xenbus_state state)247 int xenbus_switch_state(struct xenbus_device *dev, enum xenbus_state state)
248 {
249 	return __xenbus_switch_state(dev, state, 0);
250 }
251 
252 EXPORT_SYMBOL_GPL(xenbus_switch_state);
253 
xenbus_frontend_closed(struct xenbus_device * dev)254 int xenbus_frontend_closed(struct xenbus_device *dev)
255 {
256 	xenbus_switch_state(dev, XenbusStateClosed);
257 	complete(&dev->down);
258 	return 0;
259 }
260 EXPORT_SYMBOL_GPL(xenbus_frontend_closed);
261 
xenbus_va_dev_error(struct xenbus_device * dev,int err,const char * fmt,va_list ap)262 static void xenbus_va_dev_error(struct xenbus_device *dev, int err,
263 				const char *fmt, va_list ap)
264 {
265 	unsigned int len;
266 	char *printf_buffer;
267 	char *path_buffer;
268 
269 #define PRINTF_BUFFER_SIZE 4096
270 
271 	printf_buffer = kmalloc(PRINTF_BUFFER_SIZE, GFP_KERNEL);
272 	if (!printf_buffer)
273 		return;
274 
275 	len = sprintf(printf_buffer, "%i ", -err);
276 	vsnprintf(printf_buffer + len, PRINTF_BUFFER_SIZE - len, fmt, ap);
277 
278 	dev_err(&dev->dev, "%s\n", printf_buffer);
279 
280 	path_buffer = kasprintf(GFP_KERNEL, "error/%s", dev->nodename);
281 	if (path_buffer)
282 		xenbus_write(XBT_NIL, path_buffer, "error", printf_buffer);
283 
284 	kfree(printf_buffer);
285 	kfree(path_buffer);
286 }
287 
288 /**
289  * xenbus_dev_error
290  * @dev: xenbus device
291  * @err: error to report
292  * @fmt: error message format
293  *
294  * Report the given negative errno into the store, along with the given
295  * formatted message.
296  */
xenbus_dev_error(struct xenbus_device * dev,int err,const char * fmt,...)297 void xenbus_dev_error(struct xenbus_device *dev, int err, const char *fmt, ...)
298 {
299 	va_list ap;
300 
301 	va_start(ap, fmt);
302 	xenbus_va_dev_error(dev, err, fmt, ap);
303 	va_end(ap);
304 }
305 EXPORT_SYMBOL_GPL(xenbus_dev_error);
306 
307 /**
308  * xenbus_dev_fatal
309  * @dev: xenbus device
310  * @err: error to report
311  * @fmt: error message format
312  *
313  * Equivalent to xenbus_dev_error(dev, err, fmt, args), followed by
314  * xenbus_switch_state(dev, XenbusStateClosing) to schedule an orderly
315  * closedown of this driver and its peer.
316  */
317 
xenbus_dev_fatal(struct xenbus_device * dev,int err,const char * fmt,...)318 void xenbus_dev_fatal(struct xenbus_device *dev, int err, const char *fmt, ...)
319 {
320 	va_list ap;
321 
322 	va_start(ap, fmt);
323 	xenbus_va_dev_error(dev, err, fmt, ap);
324 	va_end(ap);
325 
326 	xenbus_switch_state(dev, XenbusStateClosing);
327 }
328 EXPORT_SYMBOL_GPL(xenbus_dev_fatal);
329 
330 /**
331  * Equivalent to xenbus_dev_fatal(dev, err, fmt, args), but helps
332  * avoiding recursion within xenbus_switch_state.
333  */
xenbus_switch_fatal(struct xenbus_device * dev,int depth,int err,const char * fmt,...)334 static void xenbus_switch_fatal(struct xenbus_device *dev, int depth, int err,
335 				const char *fmt, ...)
336 {
337 	va_list ap;
338 
339 	va_start(ap, fmt);
340 	xenbus_va_dev_error(dev, err, fmt, ap);
341 	va_end(ap);
342 
343 	if (!depth)
344 		__xenbus_switch_state(dev, XenbusStateClosing, 1);
345 }
346 
347 /**
348  * xenbus_grant_ring
349  * @dev: xenbus device
350  * @vaddr: starting virtual address of the ring
351  * @nr_pages: number of pages to be granted
352  * @grefs: grant reference array to be filled in
353  *
354  * Grant access to the given @vaddr to the peer of the given device.
355  * Then fill in @grefs with grant references.  Return 0 on success, or
356  * -errno on error.  On error, the device will switch to
357  * XenbusStateClosing, and the error will be saved in the store.
358  */
xenbus_grant_ring(struct xenbus_device * dev,void * vaddr,unsigned int nr_pages,grant_ref_t * grefs)359 int xenbus_grant_ring(struct xenbus_device *dev, void *vaddr,
360 		      unsigned int nr_pages, grant_ref_t *grefs)
361 {
362 	int err;
363 	int i, j;
364 
365 	for (i = 0; i < nr_pages; i++) {
366 		err = gnttab_grant_foreign_access(dev->otherend_id,
367 						  virt_to_gfn(vaddr), 0);
368 		if (err < 0) {
369 			xenbus_dev_fatal(dev, err,
370 					 "granting access to ring page");
371 			goto fail;
372 		}
373 		grefs[i] = err;
374 
375 		vaddr = vaddr + XEN_PAGE_SIZE;
376 	}
377 
378 	return 0;
379 
380 fail:
381 	for (j = 0; j < i; j++)
382 		gnttab_end_foreign_access_ref(grefs[j], 0);
383 	return err;
384 }
385 EXPORT_SYMBOL_GPL(xenbus_grant_ring);
386 
387 
388 /**
389  * Allocate an event channel for the given xenbus_device, assigning the newly
390  * created local port to *port.  Return 0 on success, or -errno on error.  On
391  * error, the device will switch to XenbusStateClosing, and the error will be
392  * saved in the store.
393  */
xenbus_alloc_evtchn(struct xenbus_device * dev,int * port)394 int xenbus_alloc_evtchn(struct xenbus_device *dev, int *port)
395 {
396 	struct evtchn_alloc_unbound alloc_unbound;
397 	int err;
398 
399 	alloc_unbound.dom = DOMID_SELF;
400 	alloc_unbound.remote_dom = dev->otherend_id;
401 
402 	err = HYPERVISOR_event_channel_op(EVTCHNOP_alloc_unbound,
403 					  &alloc_unbound);
404 	if (err)
405 		xenbus_dev_fatal(dev, err, "allocating event channel");
406 	else
407 		*port = alloc_unbound.port;
408 
409 	return err;
410 }
411 EXPORT_SYMBOL_GPL(xenbus_alloc_evtchn);
412 
413 
414 /**
415  * Free an existing event channel. Returns 0 on success or -errno on error.
416  */
xenbus_free_evtchn(struct xenbus_device * dev,int port)417 int xenbus_free_evtchn(struct xenbus_device *dev, int port)
418 {
419 	struct evtchn_close close;
420 	int err;
421 
422 	close.port = port;
423 
424 	err = HYPERVISOR_event_channel_op(EVTCHNOP_close, &close);
425 	if (err)
426 		xenbus_dev_error(dev, err, "freeing event channel %d", port);
427 
428 	return err;
429 }
430 EXPORT_SYMBOL_GPL(xenbus_free_evtchn);
431 
432 
433 /**
434  * xenbus_map_ring_valloc
435  * @dev: xenbus device
436  * @gnt_refs: grant reference array
437  * @nr_grefs: number of grant references
438  * @vaddr: pointer to address to be filled out by mapping
439  *
440  * Map @nr_grefs pages of memory into this domain from another
441  * domain's grant table.  xenbus_map_ring_valloc allocates @nr_grefs
442  * pages of virtual address space, maps the pages to that address, and
443  * sets *vaddr to that address.  Returns 0 on success, and GNTST_*
444  * (see xen/include/interface/grant_table.h) or -ENOMEM / -EINVAL on
445  * error. If an error is returned, device will switch to
446  * XenbusStateClosing and the error message will be saved in XenStore.
447  */
xenbus_map_ring_valloc(struct xenbus_device * dev,grant_ref_t * gnt_refs,unsigned int nr_grefs,void ** vaddr)448 int xenbus_map_ring_valloc(struct xenbus_device *dev, grant_ref_t *gnt_refs,
449 			   unsigned int nr_grefs, void **vaddr)
450 {
451 	return ring_ops->map(dev, gnt_refs, nr_grefs, vaddr);
452 }
453 EXPORT_SYMBOL_GPL(xenbus_map_ring_valloc);
454 
455 /* N.B. sizeof(phys_addr_t) doesn't always equal to sizeof(unsigned
456  * long), e.g. 32-on-64.  Caller is responsible for preparing the
457  * right array to feed into this function */
__xenbus_map_ring(struct xenbus_device * dev,grant_ref_t * gnt_refs,unsigned int nr_grefs,grant_handle_t * handles,phys_addr_t * addrs,unsigned int flags,bool * leaked)458 static int __xenbus_map_ring(struct xenbus_device *dev,
459 			     grant_ref_t *gnt_refs,
460 			     unsigned int nr_grefs,
461 			     grant_handle_t *handles,
462 			     phys_addr_t *addrs,
463 			     unsigned int flags,
464 			     bool *leaked)
465 {
466 	struct gnttab_map_grant_ref map[XENBUS_MAX_RING_GRANTS];
467 	struct gnttab_unmap_grant_ref unmap[XENBUS_MAX_RING_GRANTS];
468 	int i, j;
469 	int err = GNTST_okay;
470 
471 	if (nr_grefs > XENBUS_MAX_RING_GRANTS)
472 		return -EINVAL;
473 
474 	for (i = 0; i < nr_grefs; i++) {
475 		memset(&map[i], 0, sizeof(map[i]));
476 		gnttab_set_map_op(&map[i], addrs[i], flags, gnt_refs[i],
477 				  dev->otherend_id);
478 		handles[i] = INVALID_GRANT_HANDLE;
479 	}
480 
481 	gnttab_batch_map(map, i);
482 
483 	for (i = 0; i < nr_grefs; i++) {
484 		if (map[i].status != GNTST_okay) {
485 			err = map[i].status;
486 			xenbus_dev_fatal(dev, map[i].status,
487 					 "mapping in shared page %d from domain %d",
488 					 gnt_refs[i], dev->otherend_id);
489 			goto fail;
490 		} else
491 			handles[i] = map[i].handle;
492 	}
493 
494 	return GNTST_okay;
495 
496  fail:
497 	for (i = j = 0; i < nr_grefs; i++) {
498 		if (handles[i] != INVALID_GRANT_HANDLE) {
499 			memset(&unmap[j], 0, sizeof(unmap[j]));
500 			gnttab_set_unmap_op(&unmap[j], (phys_addr_t)addrs[i],
501 					    GNTMAP_host_map, handles[i]);
502 			j++;
503 		}
504 	}
505 
506 	if (HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, unmap, j))
507 		BUG();
508 
509 	*leaked = false;
510 	for (i = 0; i < j; i++) {
511 		if (unmap[i].status != GNTST_okay) {
512 			*leaked = true;
513 			break;
514 		}
515 	}
516 
517 	return err;
518 }
519 
520 struct map_ring_valloc_hvm
521 {
522 	unsigned int idx;
523 
524 	/* Why do we need two arrays? See comment of __xenbus_map_ring */
525 	phys_addr_t phys_addrs[XENBUS_MAX_RING_GRANTS];
526 	unsigned long addrs[XENBUS_MAX_RING_GRANTS];
527 };
528 
xenbus_map_ring_setup_grant_hvm(unsigned long gfn,unsigned int goffset,unsigned int len,void * data)529 static void xenbus_map_ring_setup_grant_hvm(unsigned long gfn,
530 					    unsigned int goffset,
531 					    unsigned int len,
532 					    void *data)
533 {
534 	struct map_ring_valloc_hvm *info = data;
535 	unsigned long vaddr = (unsigned long)gfn_to_virt(gfn);
536 
537 	info->phys_addrs[info->idx] = vaddr;
538 	info->addrs[info->idx] = vaddr;
539 
540 	info->idx++;
541 }
542 
xenbus_map_ring_valloc_hvm(struct xenbus_device * dev,grant_ref_t * gnt_ref,unsigned int nr_grefs,void ** vaddr)543 static int xenbus_map_ring_valloc_hvm(struct xenbus_device *dev,
544 				      grant_ref_t *gnt_ref,
545 				      unsigned int nr_grefs,
546 				      void **vaddr)
547 {
548 	struct xenbus_map_node *node;
549 	int err;
550 	void *addr;
551 	bool leaked = false;
552 	struct map_ring_valloc_hvm info = {
553 		.idx = 0,
554 	};
555 	unsigned int nr_pages = XENBUS_PAGES(nr_grefs);
556 
557 	if (nr_grefs > XENBUS_MAX_RING_GRANTS)
558 		return -EINVAL;
559 
560 	*vaddr = NULL;
561 
562 	node = kzalloc(sizeof(*node), GFP_KERNEL);
563 	if (!node)
564 		return -ENOMEM;
565 
566 	err = alloc_xenballooned_pages(nr_pages, node->hvm.pages);
567 	if (err)
568 		goto out_err;
569 
570 	gnttab_foreach_grant(node->hvm.pages, nr_grefs,
571 			     xenbus_map_ring_setup_grant_hvm,
572 			     &info);
573 
574 	err = __xenbus_map_ring(dev, gnt_ref, nr_grefs, node->handles,
575 				info.phys_addrs, GNTMAP_host_map, &leaked);
576 	node->nr_handles = nr_grefs;
577 
578 	if (err)
579 		goto out_free_ballooned_pages;
580 
581 	addr = vmap(node->hvm.pages, nr_pages, VM_MAP | VM_IOREMAP,
582 		    PAGE_KERNEL);
583 	if (!addr) {
584 		err = -ENOMEM;
585 		goto out_xenbus_unmap_ring;
586 	}
587 
588 	node->hvm.addr = addr;
589 
590 	spin_lock(&xenbus_valloc_lock);
591 	list_add(&node->next, &xenbus_valloc_pages);
592 	spin_unlock(&xenbus_valloc_lock);
593 
594 	*vaddr = addr;
595 	return 0;
596 
597  out_xenbus_unmap_ring:
598 	if (!leaked)
599 		xenbus_unmap_ring(dev, node->handles, nr_grefs, info.addrs);
600 	else
601 		pr_alert("leaking %p size %u page(s)",
602 			 addr, nr_pages);
603  out_free_ballooned_pages:
604 	if (!leaked)
605 		free_xenballooned_pages(nr_pages, node->hvm.pages);
606  out_err:
607 	kfree(node);
608 	return err;
609 }
610 
611 
612 /**
613  * xenbus_map_ring
614  * @dev: xenbus device
615  * @gnt_refs: grant reference array
616  * @nr_grefs: number of grant reference
617  * @handles: pointer to grant handle to be filled
618  * @vaddrs: addresses to be mapped to
619  * @leaked: fail to clean up a failed map, caller should not free vaddr
620  *
621  * Map pages of memory into this domain from another domain's grant table.
622  * xenbus_map_ring does not allocate the virtual address space (you must do
623  * this yourself!). It only maps in the pages to the specified address.
624  * Returns 0 on success, and GNTST_* (see xen/include/interface/grant_table.h)
625  * or -ENOMEM / -EINVAL on error. If an error is returned, device will switch to
626  * XenbusStateClosing and the first error message will be saved in XenStore.
627  * Further more if we fail to map the ring, caller should check @leaked.
628  * If @leaked is not zero it means xenbus_map_ring fails to clean up, caller
629  * should not free the address space of @vaddr.
630  */
xenbus_map_ring(struct xenbus_device * dev,grant_ref_t * gnt_refs,unsigned int nr_grefs,grant_handle_t * handles,unsigned long * vaddrs,bool * leaked)631 int xenbus_map_ring(struct xenbus_device *dev, grant_ref_t *gnt_refs,
632 		    unsigned int nr_grefs, grant_handle_t *handles,
633 		    unsigned long *vaddrs, bool *leaked)
634 {
635 	phys_addr_t phys_addrs[XENBUS_MAX_RING_GRANTS];
636 	int i;
637 
638 	if (nr_grefs > XENBUS_MAX_RING_GRANTS)
639 		return -EINVAL;
640 
641 	for (i = 0; i < nr_grefs; i++)
642 		phys_addrs[i] = (unsigned long)vaddrs[i];
643 
644 	return __xenbus_map_ring(dev, gnt_refs, nr_grefs, handles,
645 				 phys_addrs, GNTMAP_host_map, leaked);
646 }
647 EXPORT_SYMBOL_GPL(xenbus_map_ring);
648 
649 
650 /**
651  * xenbus_unmap_ring_vfree
652  * @dev: xenbus device
653  * @vaddr: addr to unmap
654  *
655  * Based on Rusty Russell's skeleton driver's unmap_page.
656  * Unmap a page of memory in this domain that was imported from another domain.
657  * Use xenbus_unmap_ring_vfree if you mapped in your memory with
658  * xenbus_map_ring_valloc (it will free the virtual address space).
659  * Returns 0 on success and returns GNTST_* on error
660  * (see xen/include/interface/grant_table.h).
661  */
xenbus_unmap_ring_vfree(struct xenbus_device * dev,void * vaddr)662 int xenbus_unmap_ring_vfree(struct xenbus_device *dev, void *vaddr)
663 {
664 	return ring_ops->unmap(dev, vaddr);
665 }
666 EXPORT_SYMBOL_GPL(xenbus_unmap_ring_vfree);
667 
668 #ifdef CONFIG_XEN_PV
xenbus_map_ring_valloc_pv(struct xenbus_device * dev,grant_ref_t * gnt_refs,unsigned int nr_grefs,void ** vaddr)669 static int xenbus_map_ring_valloc_pv(struct xenbus_device *dev,
670 				     grant_ref_t *gnt_refs,
671 				     unsigned int nr_grefs,
672 				     void **vaddr)
673 {
674 	struct xenbus_map_node *node;
675 	struct vm_struct *area;
676 	pte_t *ptes[XENBUS_MAX_RING_GRANTS];
677 	phys_addr_t phys_addrs[XENBUS_MAX_RING_GRANTS];
678 	int err = GNTST_okay;
679 	int i;
680 	bool leaked;
681 
682 	*vaddr = NULL;
683 
684 	if (nr_grefs > XENBUS_MAX_RING_GRANTS)
685 		return -EINVAL;
686 
687 	node = kzalloc(sizeof(*node), GFP_KERNEL);
688 	if (!node)
689 		return -ENOMEM;
690 
691 	area = alloc_vm_area(XEN_PAGE_SIZE * nr_grefs, ptes);
692 	if (!area) {
693 		kfree(node);
694 		return -ENOMEM;
695 	}
696 
697 	for (i = 0; i < nr_grefs; i++)
698 		phys_addrs[i] = arbitrary_virt_to_machine(ptes[i]).maddr;
699 
700 	err = __xenbus_map_ring(dev, gnt_refs, nr_grefs, node->handles,
701 				phys_addrs,
702 				GNTMAP_host_map | GNTMAP_contains_pte,
703 				&leaked);
704 	if (err)
705 		goto failed;
706 
707 	node->nr_handles = nr_grefs;
708 	node->pv.area = area;
709 
710 	spin_lock(&xenbus_valloc_lock);
711 	list_add(&node->next, &xenbus_valloc_pages);
712 	spin_unlock(&xenbus_valloc_lock);
713 
714 	*vaddr = area->addr;
715 	return 0;
716 
717 failed:
718 	if (!leaked)
719 		free_vm_area(area);
720 	else
721 		pr_alert("leaking VM area %p size %u page(s)", area, nr_grefs);
722 
723 	kfree(node);
724 	return err;
725 }
726 
xenbus_unmap_ring_vfree_pv(struct xenbus_device * dev,void * vaddr)727 static int xenbus_unmap_ring_vfree_pv(struct xenbus_device *dev, void *vaddr)
728 {
729 	struct xenbus_map_node *node;
730 	struct gnttab_unmap_grant_ref unmap[XENBUS_MAX_RING_GRANTS];
731 	unsigned int level;
732 	int i;
733 	bool leaked = false;
734 	int err;
735 
736 	spin_lock(&xenbus_valloc_lock);
737 	list_for_each_entry(node, &xenbus_valloc_pages, next) {
738 		if (node->pv.area->addr == vaddr) {
739 			list_del(&node->next);
740 			goto found;
741 		}
742 	}
743 	node = NULL;
744  found:
745 	spin_unlock(&xenbus_valloc_lock);
746 
747 	if (!node) {
748 		xenbus_dev_error(dev, -ENOENT,
749 				 "can't find mapped virtual address %p", vaddr);
750 		return GNTST_bad_virt_addr;
751 	}
752 
753 	for (i = 0; i < node->nr_handles; i++) {
754 		unsigned long addr;
755 
756 		memset(&unmap[i], 0, sizeof(unmap[i]));
757 		addr = (unsigned long)vaddr + (XEN_PAGE_SIZE * i);
758 		unmap[i].host_addr = arbitrary_virt_to_machine(
759 			lookup_address(addr, &level)).maddr;
760 		unmap[i].dev_bus_addr = 0;
761 		unmap[i].handle = node->handles[i];
762 	}
763 
764 	if (HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, unmap, i))
765 		BUG();
766 
767 	err = GNTST_okay;
768 	leaked = false;
769 	for (i = 0; i < node->nr_handles; i++) {
770 		if (unmap[i].status != GNTST_okay) {
771 			leaked = true;
772 			xenbus_dev_error(dev, unmap[i].status,
773 					 "unmapping page at handle %d error %d",
774 					 node->handles[i], unmap[i].status);
775 			err = unmap[i].status;
776 			break;
777 		}
778 	}
779 
780 	if (!leaked)
781 		free_vm_area(node->pv.area);
782 	else
783 		pr_alert("leaking VM area %p size %u page(s)",
784 			 node->pv.area, node->nr_handles);
785 
786 	kfree(node);
787 	return err;
788 }
789 
790 static const struct xenbus_ring_ops ring_ops_pv = {
791 	.map = xenbus_map_ring_valloc_pv,
792 	.unmap = xenbus_unmap_ring_vfree_pv,
793 };
794 #endif
795 
796 struct unmap_ring_vfree_hvm
797 {
798 	unsigned int idx;
799 	unsigned long addrs[XENBUS_MAX_RING_GRANTS];
800 };
801 
xenbus_unmap_ring_setup_grant_hvm(unsigned long gfn,unsigned int goffset,unsigned int len,void * data)802 static void xenbus_unmap_ring_setup_grant_hvm(unsigned long gfn,
803 					      unsigned int goffset,
804 					      unsigned int len,
805 					      void *data)
806 {
807 	struct unmap_ring_vfree_hvm *info = data;
808 
809 	info->addrs[info->idx] = (unsigned long)gfn_to_virt(gfn);
810 
811 	info->idx++;
812 }
813 
xenbus_unmap_ring_vfree_hvm(struct xenbus_device * dev,void * vaddr)814 static int xenbus_unmap_ring_vfree_hvm(struct xenbus_device *dev, void *vaddr)
815 {
816 	int rv;
817 	struct xenbus_map_node *node;
818 	void *addr;
819 	struct unmap_ring_vfree_hvm info = {
820 		.idx = 0,
821 	};
822 	unsigned int nr_pages;
823 
824 	spin_lock(&xenbus_valloc_lock);
825 	list_for_each_entry(node, &xenbus_valloc_pages, next) {
826 		addr = node->hvm.addr;
827 		if (addr == vaddr) {
828 			list_del(&node->next);
829 			goto found;
830 		}
831 	}
832 	node = addr = NULL;
833  found:
834 	spin_unlock(&xenbus_valloc_lock);
835 
836 	if (!node) {
837 		xenbus_dev_error(dev, -ENOENT,
838 				 "can't find mapped virtual address %p", vaddr);
839 		return GNTST_bad_virt_addr;
840 	}
841 
842 	nr_pages = XENBUS_PAGES(node->nr_handles);
843 
844 	gnttab_foreach_grant(node->hvm.pages, node->nr_handles,
845 			     xenbus_unmap_ring_setup_grant_hvm,
846 			     &info);
847 
848 	rv = xenbus_unmap_ring(dev, node->handles, node->nr_handles,
849 			       info.addrs);
850 	if (!rv) {
851 		vunmap(vaddr);
852 		free_xenballooned_pages(nr_pages, node->hvm.pages);
853 	}
854 	else
855 		WARN(1, "Leaking %p, size %u page(s)\n", vaddr, nr_pages);
856 
857 	kfree(node);
858 	return rv;
859 }
860 
861 /**
862  * xenbus_unmap_ring
863  * @dev: xenbus device
864  * @handles: grant handle array
865  * @nr_handles: number of handles in the array
866  * @vaddrs: addresses to unmap
867  *
868  * Unmap memory in this domain that was imported from another domain.
869  * Returns 0 on success and returns GNTST_* on error
870  * (see xen/include/interface/grant_table.h).
871  */
xenbus_unmap_ring(struct xenbus_device * dev,grant_handle_t * handles,unsigned int nr_handles,unsigned long * vaddrs)872 int xenbus_unmap_ring(struct xenbus_device *dev,
873 		      grant_handle_t *handles, unsigned int nr_handles,
874 		      unsigned long *vaddrs)
875 {
876 	struct gnttab_unmap_grant_ref unmap[XENBUS_MAX_RING_GRANTS];
877 	int i;
878 	int err;
879 
880 	if (nr_handles > XENBUS_MAX_RING_GRANTS)
881 		return -EINVAL;
882 
883 	for (i = 0; i < nr_handles; i++)
884 		gnttab_set_unmap_op(&unmap[i], vaddrs[i],
885 				    GNTMAP_host_map, handles[i]);
886 
887 	if (HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, unmap, i))
888 		BUG();
889 
890 	err = GNTST_okay;
891 	for (i = 0; i < nr_handles; i++) {
892 		if (unmap[i].status != GNTST_okay) {
893 			xenbus_dev_error(dev, unmap[i].status,
894 					 "unmapping page at handle %d error %d",
895 					 handles[i], unmap[i].status);
896 			err = unmap[i].status;
897 			break;
898 		}
899 	}
900 
901 	return err;
902 }
903 EXPORT_SYMBOL_GPL(xenbus_unmap_ring);
904 
905 
906 /**
907  * xenbus_read_driver_state
908  * @path: path for driver
909  *
910  * Return the state of the driver rooted at the given store path, or
911  * XenbusStateUnknown if no state can be read.
912  */
xenbus_read_driver_state(const char * path)913 enum xenbus_state xenbus_read_driver_state(const char *path)
914 {
915 	enum xenbus_state result;
916 	int err = xenbus_gather(XBT_NIL, path, "state", "%d", &result, NULL);
917 	if (err)
918 		result = XenbusStateUnknown;
919 
920 	return result;
921 }
922 EXPORT_SYMBOL_GPL(xenbus_read_driver_state);
923 
924 static const struct xenbus_ring_ops ring_ops_hvm = {
925 	.map = xenbus_map_ring_valloc_hvm,
926 	.unmap = xenbus_unmap_ring_vfree_hvm,
927 };
928 
xenbus_ring_ops_init(void)929 void __init xenbus_ring_ops_init(void)
930 {
931 #ifdef CONFIG_XEN_PV
932 	if (!xen_feature(XENFEAT_auto_translated_physmap))
933 		ring_ops = &ring_ops_pv;
934 	else
935 #endif
936 		ring_ops = &ring_ops_hvm;
937 }
938