1 /******************************************************************************
4 * Granting foreign access to our memory reservation.
6 * Copyright (c) 2005-2006, Christopher Clark
7 * Copyright (c) 2004-2005, K A Fraser
9 * This program is free software; you can redistribute it and/or
10 * modify it under the terms of the GNU General Public License version 2
11 * as published by the Free Software Foundation; or, when distributed
12 * separately from the Linux kernel or incorporated into other
13 * software packages, subject to the following license:
15 * Permission is hereby granted, free of charge, to any person obtaining a copy
16 * of this source file (the "Software"), to deal in the Software without
17 * restriction, including without limitation the rights to use, copy, modify,
18 * merge, publish, distribute, sublicense, and/or sell copies of the Software,
19 * and to permit persons to whom the Software is furnished to do so, subject to
20 * the following conditions:
22 * The above copyright notice and this permission notice shall be included in
23 * all copies or substantial portions of the Software.
25 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
26 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
27 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
28 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
29 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
30 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
34 #define pr_fmt(fmt) "xen:" KBUILD_MODNAME ": " fmt
36 #include <linux/module.h>
37 #include <linux/sched.h>
39 #include <linux/slab.h>
40 #include <linux/vmalloc.h>
41 #include <linux/uaccess.h>
43 #include <linux/delay.h>
44 #include <linux/hardirq.h>
47 #include <xen/interface/xen.h>
49 #include <xen/grant_table.h>
50 #include <xen/interface/memory.h>
51 #include <xen/hvc-console.h>
52 #include <xen/swiotlb-xen.h>
53 #include <asm/xen/hypercall.h>
54 #include <asm/xen/interface.h>
56 #include <asm/pgtable.h>
57 #include <asm/sync_bitops.h>
59 /* External tools reserve first few grant table entries. */
60 #define NR_RESERVED_ENTRIES 8
61 #define GNTTAB_LIST_END 0xffffffff
63 static grant_ref_t **gnttab_list;
64 static unsigned int nr_grant_frames;
65 static int gnttab_free_count;
66 static grant_ref_t gnttab_free_head;
67 static DEFINE_SPINLOCK(gnttab_list_lock);
68 unsigned long xen_hvm_resume_frames;
69 EXPORT_SYMBOL_GPL(xen_hvm_resume_frames);
72 struct grant_entry_v1 *v1;
73 union grant_entry_v2 *v2;
77 /*This is a structure of function pointers for grant table*/
80 * Mapping a list of frames for storing grant entries. Frames parameter
81 * is used to store grant table address when grant table being setup,
82 * nr_gframes is the number of frames to map grant table. Returning
83 * GNTST_okay means success and negative value means failure.
85 int (*map_frames)(xen_pfn_t *frames, unsigned int nr_gframes);
87 * Release a list of frames which are mapped in map_frames for grant
90 void (*unmap_frames)(void);
92 * Introducing a valid entry into the grant table, granting the frame of
93 * this grant entry to domain for accessing or transfering. Ref
94 * parameter is reference of this introduced grant entry, domid is id of
95 * granted domain, frame is the page frame to be granted, and flags is
96 * status of the grant entry to be updated.
98 void (*update_entry)(grant_ref_t ref, domid_t domid,
99 unsigned long frame, unsigned flags);
101 * Stop granting a grant entry to domain for accessing. Ref parameter is
102 * reference of a grant entry whose grant access will be stopped,
103 * readonly is not in use in this function. If the grant entry is
104 * currently mapped for reading or writing, just return failure(==0)
105 * directly and don't tear down the grant access. Otherwise, stop grant
106 * access for this entry and return success(==1).
108 int (*end_foreign_access_ref)(grant_ref_t ref, int readonly);
110 * Stop granting a grant entry to domain for transfer. Ref parameter is
111 * reference of a grant entry whose grant transfer will be stopped. If
112 * tranfer has not started, just reclaim the grant entry and return
113 * failure(==0). Otherwise, wait for the transfer to complete and then
116 unsigned long (*end_foreign_transfer_ref)(grant_ref_t ref);
118 * Query the status of a grant entry. Ref parameter is reference of
119 * queried grant entry, return value is the status of queried entry.
120 * Detailed status(writing/reading) can be gotten from the return value
123 int (*query_foreign_access)(grant_ref_t ref);
125 * Grant a domain to access a range of bytes within the page referred by
126 * an available grant entry. Ref parameter is reference of a grant entry
127 * which will be sub-page accessed, domid is id of grantee domain, frame
128 * is frame address of subpage grant, flags is grant type and flag
129 * information, page_off is offset of the range of bytes, and length is
130 * length of bytes to be accessed.
132 void (*update_subpage_entry)(grant_ref_t ref, domid_t domid,
133 unsigned long frame, int flags,
134 unsigned page_off, unsigned length);
136 * Redirect an available grant entry on domain A to another grant
137 * reference of domain B, then allow domain C to use grant reference
138 * of domain B transitively. Ref parameter is an available grant entry
139 * reference on domain A, domid is id of domain C which accesses grant
140 * entry transitively, flags is grant type and flag information,
141 * trans_domid is id of domain B whose grant entry is finally accessed
142 * transitively, trans_gref is grant entry transitive reference of
145 void (*update_trans_entry)(grant_ref_t ref, domid_t domid, int flags,
146 domid_t trans_domid, grant_ref_t trans_gref);
149 static struct gnttab_ops *gnttab_interface;
151 /*This reflects status of grant entries, so act as a global value*/
152 static grant_status_t *grstatus;
154 static int grant_table_version;
155 static int grefs_per_grant_frame;
157 static struct gnttab_free_callback *gnttab_free_callback_list;
159 static int gnttab_expand(unsigned int req_entries);
161 #define RPP (PAGE_SIZE / sizeof(grant_ref_t))
162 #define SPP (PAGE_SIZE / sizeof(grant_status_t))
164 static inline grant_ref_t *__gnttab_entry(grant_ref_t entry)
166 return &gnttab_list[(entry) / RPP][(entry) % RPP];
168 /* This can be used as an l-value */
169 #define gnttab_entry(entry) (*__gnttab_entry(entry))
171 static int get_free_entries(unsigned count)
177 spin_lock_irqsave(&gnttab_list_lock, flags);
179 if ((gnttab_free_count < count) &&
180 ((rc = gnttab_expand(count - gnttab_free_count)) < 0)) {
181 spin_unlock_irqrestore(&gnttab_list_lock, flags);
185 ref = head = gnttab_free_head;
186 gnttab_free_count -= count;
188 head = gnttab_entry(head);
189 gnttab_free_head = gnttab_entry(head);
190 gnttab_entry(head) = GNTTAB_LIST_END;
192 spin_unlock_irqrestore(&gnttab_list_lock, flags);
197 static void do_free_callbacks(void)
199 struct gnttab_free_callback *callback, *next;
201 callback = gnttab_free_callback_list;
202 gnttab_free_callback_list = NULL;
204 while (callback != NULL) {
205 next = callback->next;
206 if (gnttab_free_count >= callback->count) {
207 callback->next = NULL;
208 callback->fn(callback->arg);
210 callback->next = gnttab_free_callback_list;
211 gnttab_free_callback_list = callback;
217 static inline void check_free_callbacks(void)
219 if (unlikely(gnttab_free_callback_list))
223 static void put_free_entry(grant_ref_t ref)
226 spin_lock_irqsave(&gnttab_list_lock, flags);
227 gnttab_entry(ref) = gnttab_free_head;
228 gnttab_free_head = ref;
230 check_free_callbacks();
231 spin_unlock_irqrestore(&gnttab_list_lock, flags);
235 * Following applies to gnttab_update_entry_v1 and gnttab_update_entry_v2.
236 * Introducing a valid entry into the grant table:
237 * 1. Write ent->domid.
238 * 2. Write ent->frame:
239 * GTF_permit_access: Frame to which access is permitted.
240 * GTF_accept_transfer: Pseudo-phys frame slot being filled by new
241 * frame, or zero if none.
242 * 3. Write memory barrier (WMB).
243 * 4. Write ent->flags, inc. valid type.
245 static void gnttab_update_entry_v1(grant_ref_t ref, domid_t domid,
246 unsigned long frame, unsigned flags)
248 gnttab_shared.v1[ref].domid = domid;
249 gnttab_shared.v1[ref].frame = frame;
251 gnttab_shared.v1[ref].flags = flags;
254 static void gnttab_update_entry_v2(grant_ref_t ref, domid_t domid,
255 unsigned long frame, unsigned flags)
257 gnttab_shared.v2[ref].hdr.domid = domid;
258 gnttab_shared.v2[ref].full_page.frame = frame;
260 gnttab_shared.v2[ref].hdr.flags = GTF_permit_access | flags;
264 * Public grant-issuing interface functions
266 void gnttab_grant_foreign_access_ref(grant_ref_t ref, domid_t domid,
267 unsigned long frame, int readonly)
269 gnttab_interface->update_entry(ref, domid, frame,
270 GTF_permit_access | (readonly ? GTF_readonly : 0));
272 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_ref);
274 int gnttab_grant_foreign_access(domid_t domid, unsigned long frame,
279 ref = get_free_entries(1);
280 if (unlikely(ref < 0))
283 gnttab_grant_foreign_access_ref(ref, domid, frame, readonly);
287 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access);
289 static void gnttab_update_subpage_entry_v2(grant_ref_t ref, domid_t domid,
290 unsigned long frame, int flags,
291 unsigned page_off, unsigned length)
293 gnttab_shared.v2[ref].sub_page.frame = frame;
294 gnttab_shared.v2[ref].sub_page.page_off = page_off;
295 gnttab_shared.v2[ref].sub_page.length = length;
296 gnttab_shared.v2[ref].hdr.domid = domid;
298 gnttab_shared.v2[ref].hdr.flags =
299 GTF_permit_access | GTF_sub_page | flags;
302 int gnttab_grant_foreign_access_subpage_ref(grant_ref_t ref, domid_t domid,
303 unsigned long frame, int flags,
307 if (flags & (GTF_accept_transfer | GTF_reading |
308 GTF_writing | GTF_transitive))
311 if (gnttab_interface->update_subpage_entry == NULL)
314 gnttab_interface->update_subpage_entry(ref, domid, frame, flags,
319 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_subpage_ref);
321 int gnttab_grant_foreign_access_subpage(domid_t domid, unsigned long frame,
322 int flags, unsigned page_off,
327 ref = get_free_entries(1);
328 if (unlikely(ref < 0))
331 rc = gnttab_grant_foreign_access_subpage_ref(ref, domid, frame, flags,
340 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_subpage);
342 bool gnttab_subpage_grants_available(void)
344 return gnttab_interface->update_subpage_entry != NULL;
346 EXPORT_SYMBOL_GPL(gnttab_subpage_grants_available);
348 static void gnttab_update_trans_entry_v2(grant_ref_t ref, domid_t domid,
349 int flags, domid_t trans_domid,
350 grant_ref_t trans_gref)
352 gnttab_shared.v2[ref].transitive.trans_domid = trans_domid;
353 gnttab_shared.v2[ref].transitive.gref = trans_gref;
354 gnttab_shared.v2[ref].hdr.domid = domid;
356 gnttab_shared.v2[ref].hdr.flags =
357 GTF_permit_access | GTF_transitive | flags;
360 int gnttab_grant_foreign_access_trans_ref(grant_ref_t ref, domid_t domid,
361 int flags, domid_t trans_domid,
362 grant_ref_t trans_gref)
364 if (flags & (GTF_accept_transfer | GTF_reading |
365 GTF_writing | GTF_sub_page))
368 if (gnttab_interface->update_trans_entry == NULL)
371 gnttab_interface->update_trans_entry(ref, domid, flags, trans_domid,
376 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_trans_ref);
378 int gnttab_grant_foreign_access_trans(domid_t domid, int flags,
380 grant_ref_t trans_gref)
384 ref = get_free_entries(1);
385 if (unlikely(ref < 0))
388 rc = gnttab_grant_foreign_access_trans_ref(ref, domid, flags,
389 trans_domid, trans_gref);
397 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_access_trans);
399 bool gnttab_trans_grants_available(void)
401 return gnttab_interface->update_trans_entry != NULL;
403 EXPORT_SYMBOL_GPL(gnttab_trans_grants_available);
405 static int gnttab_query_foreign_access_v1(grant_ref_t ref)
407 return gnttab_shared.v1[ref].flags & (GTF_reading|GTF_writing);
410 static int gnttab_query_foreign_access_v2(grant_ref_t ref)
412 return grstatus[ref] & (GTF_reading|GTF_writing);
415 int gnttab_query_foreign_access(grant_ref_t ref)
417 return gnttab_interface->query_foreign_access(ref);
419 EXPORT_SYMBOL_GPL(gnttab_query_foreign_access);
421 static int gnttab_end_foreign_access_ref_v1(grant_ref_t ref, int readonly)
426 pflags = &gnttab_shared.v1[ref].flags;
430 if (flags & (GTF_reading|GTF_writing))
432 } while ((nflags = sync_cmpxchg(pflags, flags, 0)) != flags);
437 static int gnttab_end_foreign_access_ref_v2(grant_ref_t ref, int readonly)
439 gnttab_shared.v2[ref].hdr.flags = 0;
441 if (grstatus[ref] & (GTF_reading|GTF_writing)) {
444 /* The read of grstatus needs to have acquire
445 semantics. On x86, reads already have
446 that, and we just need to protect against
447 compiler reorderings. On other
448 architectures we may need a full
460 static inline int _gnttab_end_foreign_access_ref(grant_ref_t ref, int readonly)
462 return gnttab_interface->end_foreign_access_ref(ref, readonly);
465 int gnttab_end_foreign_access_ref(grant_ref_t ref, int readonly)
467 if (_gnttab_end_foreign_access_ref(ref, readonly))
469 pr_warn("WARNING: g.e. %#x still in use!\n", ref);
472 EXPORT_SYMBOL_GPL(gnttab_end_foreign_access_ref);
474 struct deferred_entry {
475 struct list_head list;
481 static LIST_HEAD(deferred_list);
482 static void gnttab_handle_deferred(unsigned long);
483 static DEFINE_TIMER(deferred_timer, gnttab_handle_deferred, 0, 0);
485 static void gnttab_handle_deferred(unsigned long unused)
487 unsigned int nr = 10;
488 struct deferred_entry *first = NULL;
491 spin_lock_irqsave(&gnttab_list_lock, flags);
493 struct deferred_entry *entry
494 = list_first_entry(&deferred_list,
495 struct deferred_entry, list);
499 list_del(&entry->list);
500 spin_unlock_irqrestore(&gnttab_list_lock, flags);
501 if (_gnttab_end_foreign_access_ref(entry->ref, entry->ro)) {
502 put_free_entry(entry->ref);
504 pr_debug("freeing g.e. %#x (pfn %#lx)\n",
505 entry->ref, page_to_pfn(entry->page));
506 __free_page(entry->page);
508 pr_info("freeing g.e. %#x\n", entry->ref);
512 if (!--entry->warn_delay)
513 pr_info("g.e. %#x still pending\n", entry->ref);
517 spin_lock_irqsave(&gnttab_list_lock, flags);
519 list_add_tail(&entry->list, &deferred_list);
520 else if (list_empty(&deferred_list))
523 if (!list_empty(&deferred_list) && !timer_pending(&deferred_timer)) {
524 deferred_timer.expires = jiffies + HZ;
525 add_timer(&deferred_timer);
527 spin_unlock_irqrestore(&gnttab_list_lock, flags);
530 static void gnttab_add_deferred(grant_ref_t ref, bool readonly,
533 struct deferred_entry *entry = kmalloc(sizeof(*entry), GFP_ATOMIC);
534 const char *what = KERN_WARNING "leaking";
540 entry->ro = readonly;
542 entry->warn_delay = 60;
543 spin_lock_irqsave(&gnttab_list_lock, flags);
544 list_add_tail(&entry->list, &deferred_list);
545 if (!timer_pending(&deferred_timer)) {
546 deferred_timer.expires = jiffies + HZ;
547 add_timer(&deferred_timer);
549 spin_unlock_irqrestore(&gnttab_list_lock, flags);
550 what = KERN_DEBUG "deferring";
552 printk("%s g.e. %#x (pfn %#lx)\n",
553 what, ref, page ? page_to_pfn(page) : -1);
556 void gnttab_end_foreign_access(grant_ref_t ref, int readonly,
559 if (gnttab_end_foreign_access_ref(ref, readonly)) {
564 gnttab_add_deferred(ref, readonly,
565 page ? virt_to_page(page) : NULL);
567 EXPORT_SYMBOL_GPL(gnttab_end_foreign_access);
569 int gnttab_grant_foreign_transfer(domid_t domid, unsigned long pfn)
573 ref = get_free_entries(1);
574 if (unlikely(ref < 0))
576 gnttab_grant_foreign_transfer_ref(ref, domid, pfn);
580 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_transfer);
582 void gnttab_grant_foreign_transfer_ref(grant_ref_t ref, domid_t domid,
585 gnttab_interface->update_entry(ref, domid, pfn, GTF_accept_transfer);
587 EXPORT_SYMBOL_GPL(gnttab_grant_foreign_transfer_ref);
589 static unsigned long gnttab_end_foreign_transfer_ref_v1(grant_ref_t ref)
595 pflags = &gnttab_shared.v1[ref].flags;
598 * If a transfer is not even yet started, try to reclaim the grant
599 * reference and return failure (== 0).
601 while (!((flags = *pflags) & GTF_transfer_committed)) {
602 if (sync_cmpxchg(pflags, flags, 0) == flags)
607 /* If a transfer is in progress then wait until it is completed. */
608 while (!(flags & GTF_transfer_completed)) {
613 rmb(); /* Read the frame number /after/ reading completion status. */
614 frame = gnttab_shared.v1[ref].frame;
620 static unsigned long gnttab_end_foreign_transfer_ref_v2(grant_ref_t ref)
626 pflags = &gnttab_shared.v2[ref].hdr.flags;
629 * If a transfer is not even yet started, try to reclaim the grant
630 * reference and return failure (== 0).
632 while (!((flags = *pflags) & GTF_transfer_committed)) {
633 if (sync_cmpxchg(pflags, flags, 0) == flags)
638 /* If a transfer is in progress then wait until it is completed. */
639 while (!(flags & GTF_transfer_completed)) {
644 rmb(); /* Read the frame number /after/ reading completion status. */
645 frame = gnttab_shared.v2[ref].full_page.frame;
651 unsigned long gnttab_end_foreign_transfer_ref(grant_ref_t ref)
653 return gnttab_interface->end_foreign_transfer_ref(ref);
655 EXPORT_SYMBOL_GPL(gnttab_end_foreign_transfer_ref);
657 unsigned long gnttab_end_foreign_transfer(grant_ref_t ref)
659 unsigned long frame = gnttab_end_foreign_transfer_ref(ref);
663 EXPORT_SYMBOL_GPL(gnttab_end_foreign_transfer);
665 void gnttab_free_grant_reference(grant_ref_t ref)
669 EXPORT_SYMBOL_GPL(gnttab_free_grant_reference);
671 void gnttab_free_grant_references(grant_ref_t head)
676 if (head == GNTTAB_LIST_END)
678 spin_lock_irqsave(&gnttab_list_lock, flags);
680 while (gnttab_entry(ref) != GNTTAB_LIST_END) {
681 ref = gnttab_entry(ref);
684 gnttab_entry(ref) = gnttab_free_head;
685 gnttab_free_head = head;
686 gnttab_free_count += count;
687 check_free_callbacks();
688 spin_unlock_irqrestore(&gnttab_list_lock, flags);
690 EXPORT_SYMBOL_GPL(gnttab_free_grant_references);
692 int gnttab_alloc_grant_references(u16 count, grant_ref_t *head)
694 int h = get_free_entries(count);
703 EXPORT_SYMBOL_GPL(gnttab_alloc_grant_references);
705 int gnttab_empty_grant_references(const grant_ref_t *private_head)
707 return (*private_head == GNTTAB_LIST_END);
709 EXPORT_SYMBOL_GPL(gnttab_empty_grant_references);
711 int gnttab_claim_grant_reference(grant_ref_t *private_head)
713 grant_ref_t g = *private_head;
714 if (unlikely(g == GNTTAB_LIST_END))
716 *private_head = gnttab_entry(g);
719 EXPORT_SYMBOL_GPL(gnttab_claim_grant_reference);
721 void gnttab_release_grant_reference(grant_ref_t *private_head,
724 gnttab_entry(release) = *private_head;
725 *private_head = release;
727 EXPORT_SYMBOL_GPL(gnttab_release_grant_reference);
729 void gnttab_request_free_callback(struct gnttab_free_callback *callback,
730 void (*fn)(void *), void *arg, u16 count)
733 struct gnttab_free_callback *cb;
735 spin_lock_irqsave(&gnttab_list_lock, flags);
737 /* Check if the callback is already on the list */
738 cb = gnttab_free_callback_list;
747 callback->count = count;
748 callback->next = gnttab_free_callback_list;
749 gnttab_free_callback_list = callback;
750 check_free_callbacks();
752 spin_unlock_irqrestore(&gnttab_list_lock, flags);
754 EXPORT_SYMBOL_GPL(gnttab_request_free_callback);
756 void gnttab_cancel_free_callback(struct gnttab_free_callback *callback)
758 struct gnttab_free_callback **pcb;
761 spin_lock_irqsave(&gnttab_list_lock, flags);
762 for (pcb = &gnttab_free_callback_list; *pcb; pcb = &(*pcb)->next) {
763 if (*pcb == callback) {
764 *pcb = callback->next;
768 spin_unlock_irqrestore(&gnttab_list_lock, flags);
770 EXPORT_SYMBOL_GPL(gnttab_cancel_free_callback);
772 static int grow_gnttab_list(unsigned int more_frames)
774 unsigned int new_nr_grant_frames, extra_entries, i;
775 unsigned int nr_glist_frames, new_nr_glist_frames;
777 BUG_ON(grefs_per_grant_frame == 0);
779 new_nr_grant_frames = nr_grant_frames + more_frames;
780 extra_entries = more_frames * grefs_per_grant_frame;
782 nr_glist_frames = (nr_grant_frames * grefs_per_grant_frame + RPP - 1) / RPP;
783 new_nr_glist_frames =
784 (new_nr_grant_frames * grefs_per_grant_frame + RPP - 1) / RPP;
785 for (i = nr_glist_frames; i < new_nr_glist_frames; i++) {
786 gnttab_list[i] = (grant_ref_t *)__get_free_page(GFP_ATOMIC);
792 for (i = grefs_per_grant_frame * nr_grant_frames;
793 i < grefs_per_grant_frame * new_nr_grant_frames - 1; i++)
794 gnttab_entry(i) = i + 1;
796 gnttab_entry(i) = gnttab_free_head;
797 gnttab_free_head = grefs_per_grant_frame * nr_grant_frames;
798 gnttab_free_count += extra_entries;
800 nr_grant_frames = new_nr_grant_frames;
802 check_free_callbacks();
807 for ( ; i >= nr_glist_frames; i--)
808 free_page((unsigned long) gnttab_list[i]);
812 static unsigned int __max_nr_grant_frames(void)
814 struct gnttab_query_size query;
817 query.dom = DOMID_SELF;
819 rc = HYPERVISOR_grant_table_op(GNTTABOP_query_size, &query, 1);
820 if ((rc < 0) || (query.status != GNTST_okay))
821 return 4; /* Legacy max supported number of frames */
823 return query.max_nr_frames;
826 unsigned int gnttab_max_grant_frames(void)
828 unsigned int xen_max = __max_nr_grant_frames();
829 static unsigned int boot_max_nr_grant_frames;
831 /* First time, initialize it properly. */
832 if (!boot_max_nr_grant_frames)
833 boot_max_nr_grant_frames = __max_nr_grant_frames();
835 if (xen_max > boot_max_nr_grant_frames)
836 return boot_max_nr_grant_frames;
839 EXPORT_SYMBOL_GPL(gnttab_max_grant_frames);
841 /* Handling of paged out grant targets (GNTST_eagain) */
842 #define MAX_DELAY 256
844 gnttab_retry_eagain_gop(unsigned int cmd, void *gop, int16_t *status,
850 BUG_ON(HYPERVISOR_grant_table_op(cmd, gop, 1));
851 if (*status == GNTST_eagain)
853 } while ((*status == GNTST_eagain) && (delay < MAX_DELAY));
855 if (delay >= MAX_DELAY) {
856 pr_err("%s: %s eagain grant\n", func, current->comm);
857 *status = GNTST_bad_page;
861 void gnttab_batch_map(struct gnttab_map_grant_ref *batch, unsigned count)
863 struct gnttab_map_grant_ref *op;
865 if (HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, batch, count))
867 for (op = batch; op < batch + count; op++)
868 if (op->status == GNTST_eagain)
869 gnttab_retry_eagain_gop(GNTTABOP_map_grant_ref, op,
870 &op->status, __func__);
872 EXPORT_SYMBOL_GPL(gnttab_batch_map);
874 void gnttab_batch_copy(struct gnttab_copy *batch, unsigned count)
876 struct gnttab_copy *op;
878 if (HYPERVISOR_grant_table_op(GNTTABOP_copy, batch, count))
880 for (op = batch; op < batch + count; op++)
881 if (op->status == GNTST_eagain)
882 gnttab_retry_eagain_gop(GNTTABOP_copy, op,
883 &op->status, __func__);
885 EXPORT_SYMBOL_GPL(gnttab_batch_copy);
887 int gnttab_map_refs(struct gnttab_map_grant_ref *map_ops,
888 struct gnttab_map_grant_ref *kmap_ops,
889 struct page **pages, unsigned int count)
896 ret = HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, map_ops, count);
900 /* Retry eagain maps */
901 for (i = 0; i < count; i++)
902 if (map_ops[i].status == GNTST_eagain)
903 gnttab_retry_eagain_gop(GNTTABOP_map_grant_ref, map_ops + i,
904 &map_ops[i].status, __func__);
906 /* this is basically a nop on x86 */
907 if (xen_feature(XENFEAT_auto_translated_physmap)) {
908 for (i = 0; i < count; i++) {
909 if (map_ops[i].status)
911 set_phys_to_machine(map_ops[i].host_addr >> PAGE_SHIFT,
912 map_ops[i].dev_bus_addr >> PAGE_SHIFT);
917 if (!in_interrupt() && paravirt_get_lazy_mode() == PARAVIRT_LAZY_NONE) {
918 arch_enter_lazy_mmu_mode();
922 for (i = 0; i < count; i++) {
923 /* Do not add to override if the map failed. */
924 if (map_ops[i].status)
927 if (map_ops[i].flags & GNTMAP_contains_pte) {
928 pte = (pte_t *) (mfn_to_virt(PFN_DOWN(map_ops[i].host_addr)) +
929 (map_ops[i].host_addr & ~PAGE_MASK));
932 mfn = PFN_DOWN(map_ops[i].dev_bus_addr);
934 ret = m2p_add_override(mfn, pages[i], kmap_ops ?
935 &kmap_ops[i] : NULL);
942 arch_leave_lazy_mmu_mode();
946 EXPORT_SYMBOL_GPL(gnttab_map_refs);
948 int gnttab_unmap_refs(struct gnttab_unmap_grant_ref *unmap_ops,
949 struct gnttab_map_grant_ref *kmap_ops,
950 struct page **pages, unsigned int count)
955 ret = HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, unmap_ops, count);
959 /* this is basically a nop on x86 */
960 if (xen_feature(XENFEAT_auto_translated_physmap)) {
961 for (i = 0; i < count; i++) {
962 set_phys_to_machine(unmap_ops[i].host_addr >> PAGE_SHIFT,
968 if (!in_interrupt() && paravirt_get_lazy_mode() == PARAVIRT_LAZY_NONE) {
969 arch_enter_lazy_mmu_mode();
973 for (i = 0; i < count; i++) {
974 ret = m2p_remove_override(pages[i], kmap_ops ?
975 &kmap_ops[i] : NULL);
982 arch_leave_lazy_mmu_mode();
986 EXPORT_SYMBOL_GPL(gnttab_unmap_refs);
988 static unsigned nr_status_frames(unsigned nr_grant_frames)
990 BUG_ON(grefs_per_grant_frame == 0);
991 return (nr_grant_frames * grefs_per_grant_frame + SPP - 1) / SPP;
994 static int gnttab_map_frames_v1(xen_pfn_t *frames, unsigned int nr_gframes)
998 rc = arch_gnttab_map_shared(frames, nr_gframes,
999 gnttab_max_grant_frames(),
1000 &gnttab_shared.addr);
1006 static void gnttab_unmap_frames_v1(void)
1008 arch_gnttab_unmap(gnttab_shared.addr, nr_grant_frames);
1011 static int gnttab_map_frames_v2(xen_pfn_t *frames, unsigned int nr_gframes)
1014 unsigned int nr_sframes;
1015 struct gnttab_get_status_frames getframes;
1018 nr_sframes = nr_status_frames(nr_gframes);
1020 /* No need for kzalloc as it is initialized in following hypercall
1021 * GNTTABOP_get_status_frames.
1023 sframes = kmalloc(nr_sframes * sizeof(uint64_t), GFP_ATOMIC);
1027 getframes.dom = DOMID_SELF;
1028 getframes.nr_frames = nr_sframes;
1029 set_xen_guest_handle(getframes.frame_list, sframes);
1031 rc = HYPERVISOR_grant_table_op(GNTTABOP_get_status_frames,
1033 if (rc == -ENOSYS) {
1038 BUG_ON(rc || getframes.status);
1040 rc = arch_gnttab_map_status(sframes, nr_sframes,
1041 nr_status_frames(gnttab_max_grant_frames()),
1046 rc = arch_gnttab_map_shared(frames, nr_gframes,
1047 gnttab_max_grant_frames(),
1048 &gnttab_shared.addr);
1054 static void gnttab_unmap_frames_v2(void)
1056 arch_gnttab_unmap(gnttab_shared.addr, nr_grant_frames);
1057 arch_gnttab_unmap(grstatus, nr_status_frames(nr_grant_frames));
1060 static int gnttab_map(unsigned int start_idx, unsigned int end_idx)
1062 struct gnttab_setup_table setup;
1064 unsigned int nr_gframes = end_idx + 1;
1067 if (xen_hvm_domain()) {
1068 struct xen_add_to_physmap xatp;
1069 unsigned int i = end_idx;
1072 * Loop backwards, so that the first hypercall has the largest
1073 * index, ensuring that the table will grow only once.
1076 xatp.domid = DOMID_SELF;
1078 xatp.space = XENMAPSPACE_grant_table;
1079 xatp.gpfn = (xen_hvm_resume_frames >> PAGE_SHIFT) + i;
1080 rc = HYPERVISOR_memory_op(XENMEM_add_to_physmap, &xatp);
1082 pr_warn("grant table add_to_physmap failed, err=%d\n",
1086 } while (i-- > start_idx);
1091 /* No need for kzalloc as it is initialized in following hypercall
1092 * GNTTABOP_setup_table.
1094 frames = kmalloc(nr_gframes * sizeof(unsigned long), GFP_ATOMIC);
1098 setup.dom = DOMID_SELF;
1099 setup.nr_frames = nr_gframes;
1100 set_xen_guest_handle(setup.frame_list, frames);
1102 rc = HYPERVISOR_grant_table_op(GNTTABOP_setup_table, &setup, 1);
1103 if (rc == -ENOSYS) {
1108 BUG_ON(rc || setup.status);
1110 rc = gnttab_interface->map_frames(frames, nr_gframes);
1117 static struct gnttab_ops gnttab_v1_ops = {
1118 .map_frames = gnttab_map_frames_v1,
1119 .unmap_frames = gnttab_unmap_frames_v1,
1120 .update_entry = gnttab_update_entry_v1,
1121 .end_foreign_access_ref = gnttab_end_foreign_access_ref_v1,
1122 .end_foreign_transfer_ref = gnttab_end_foreign_transfer_ref_v1,
1123 .query_foreign_access = gnttab_query_foreign_access_v1,
1126 static struct gnttab_ops gnttab_v2_ops = {
1127 .map_frames = gnttab_map_frames_v2,
1128 .unmap_frames = gnttab_unmap_frames_v2,
1129 .update_entry = gnttab_update_entry_v2,
1130 .end_foreign_access_ref = gnttab_end_foreign_access_ref_v2,
1131 .end_foreign_transfer_ref = gnttab_end_foreign_transfer_ref_v2,
1132 .query_foreign_access = gnttab_query_foreign_access_v2,
1133 .update_subpage_entry = gnttab_update_subpage_entry_v2,
1134 .update_trans_entry = gnttab_update_trans_entry_v2,
1137 static void gnttab_request_version(void)
1140 struct gnttab_set_version gsv;
1142 if (xen_hvm_domain())
1146 rc = HYPERVISOR_grant_table_op(GNTTABOP_set_version, &gsv, 1);
1147 if (rc == 0 && gsv.version == 2) {
1148 grant_table_version = 2;
1149 grefs_per_grant_frame = PAGE_SIZE / sizeof(union grant_entry_v2);
1150 gnttab_interface = &gnttab_v2_ops;
1151 } else if (grant_table_version == 2) {
1153 * If we've already used version 2 features,
1154 * but then suddenly discover that they're not
1155 * available (e.g. migrating to an older
1156 * version of Xen), almost unbounded badness
1159 panic("we need grant tables version 2, but only version 1 is available");
1161 grant_table_version = 1;
1162 grefs_per_grant_frame = PAGE_SIZE / sizeof(struct grant_entry_v1);
1163 gnttab_interface = &gnttab_v1_ops;
1165 pr_info("Grant tables using version %d layout\n", grant_table_version);
1168 static int gnttab_setup(void)
1170 unsigned int max_nr_gframes;
1172 max_nr_gframes = gnttab_max_grant_frames();
1173 if (max_nr_gframes < nr_grant_frames)
1176 if (xen_feature(XENFEAT_auto_translated_physmap) && gnttab_shared.addr == NULL) {
1177 gnttab_shared.addr = xen_remap(xen_hvm_resume_frames,
1178 PAGE_SIZE * max_nr_gframes);
1179 if (gnttab_shared.addr == NULL) {
1180 pr_warn("Failed to ioremap gnttab share frames (addr=0x%08lx)!\n",
1181 xen_hvm_resume_frames);
1185 return gnttab_map(0, nr_grant_frames - 1);
1188 int gnttab_resume(void)
1190 gnttab_request_version();
1191 return gnttab_setup();
1194 int gnttab_suspend(void)
1196 gnttab_interface->unmap_frames();
1200 static int gnttab_expand(unsigned int req_entries)
1203 unsigned int cur, extra;
1205 BUG_ON(grefs_per_grant_frame == 0);
1206 cur = nr_grant_frames;
1207 extra = ((req_entries + (grefs_per_grant_frame-1)) /
1208 grefs_per_grant_frame);
1209 if (cur + extra > gnttab_max_grant_frames())
1212 rc = gnttab_map(cur, cur + extra - 1);
1214 rc = grow_gnttab_list(extra);
1219 int gnttab_init(void)
1222 unsigned int max_nr_glist_frames, nr_glist_frames;
1223 unsigned int nr_init_grefs;
1226 gnttab_request_version();
1227 nr_grant_frames = 1;
1229 /* Determine the maximum number of frames required for the
1230 * grant reference free list on the current hypervisor.
1232 BUG_ON(grefs_per_grant_frame == 0);
1233 max_nr_glist_frames = (gnttab_max_grant_frames() *
1234 grefs_per_grant_frame / RPP);
1236 gnttab_list = kmalloc(max_nr_glist_frames * sizeof(grant_ref_t *),
1238 if (gnttab_list == NULL)
1241 nr_glist_frames = (nr_grant_frames * grefs_per_grant_frame + RPP - 1) / RPP;
1242 for (i = 0; i < nr_glist_frames; i++) {
1243 gnttab_list[i] = (grant_ref_t *)__get_free_page(GFP_KERNEL);
1244 if (gnttab_list[i] == NULL) {
1250 if (gnttab_setup() < 0) {
1255 nr_init_grefs = nr_grant_frames * grefs_per_grant_frame;
1257 for (i = NR_RESERVED_ENTRIES; i < nr_init_grefs - 1; i++)
1258 gnttab_entry(i) = i + 1;
1260 gnttab_entry(nr_init_grefs - 1) = GNTTAB_LIST_END;
1261 gnttab_free_count = nr_init_grefs - NR_RESERVED_ENTRIES;
1262 gnttab_free_head = NR_RESERVED_ENTRIES;
1264 printk("Grant table initialized\n");
1268 for (i--; i >= 0; i--)
1269 free_page((unsigned long)gnttab_list[i]);
1273 EXPORT_SYMBOL_GPL(gnttab_init);
1275 static int __gnttab_init(void)
1277 /* Delay grant-table initialization in the PV on HVM case */
1278 if (xen_hvm_domain())
1281 if (!xen_pv_domain())
1284 return gnttab_init();
1287 core_initcall(__gnttab_init);
projects / linux-2.6-microblaze.git / blob