xref: /freebsd/sys/dev/xen/blkfront/blkfront.c (revision 1f88aa09417f1cfb3929fd37531b1ab51213c2d6)
1 /*
2  * XenBSD block device driver
3  *
4  * Copyright (c) 2010-2013 Spectra Logic Corporation
5  * Copyright (c) 2009 Scott Long, Yahoo!
6  * Copyright (c) 2009 Frank Suchomel, Citrix
7  * Copyright (c) 2009 Doug F. Rabson, Citrix
8  * Copyright (c) 2005 Kip Macy
9  * Copyright (c) 2003-2004, Keir Fraser & Steve Hand
10  * Modifications by Mark A. Williamson are (c) Intel Research Cambridge
11  *
12  *
13  * Permission is hereby granted, free of charge, to any person obtaining a copy
14  * of this software and associated documentation files (the "Software"), to
15  * deal in the Software without restriction, including without limitation the
16  * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
17  * sell copies of the Software, and to permit persons to whom the Software is
18  * furnished to do so, subject to the following conditions:
19  *
20  * The above copyright notice and this permission notice shall be included in
21  * all copies or substantial portions of the Software.
22  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
23  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
24  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
25  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
26  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
27  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
28  * DEALINGS IN THE SOFTWARE.
29  */
30 
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
33 
34 #include <sys/param.h>
35 #include <sys/systm.h>
36 #include <sys/malloc.h>
37 #include <sys/kernel.h>
38 #include <vm/vm.h>
39 #include <vm/pmap.h>
40 
41 #include <sys/bio.h>
42 #include <sys/bus.h>
43 #include <sys/conf.h>
44 #include <sys/module.h>
45 #include <sys/sysctl.h>
46 
47 #include <machine/bus.h>
48 #include <sys/rman.h>
49 #include <machine/resource.h>
50 #include <machine/intr_machdep.h>
51 #include <machine/vmparam.h>
52 
53 #include <xen/xen-os.h>
54 #include <xen/hypervisor.h>
55 #include <xen/xen_intr.h>
56 #include <xen/gnttab.h>
57 #include <xen/interface/grant_table.h>
58 #include <xen/interface/io/protocols.h>
59 #include <xen/xenbus/xenbusvar.h>
60 
61 #include <machine/_inttypes.h>
62 
63 #include <geom/geom_disk.h>
64 
65 #include <dev/xen/blkfront/block.h>
66 
67 #include "xenbus_if.h"
68 
69 /*--------------------------- Forward Declarations ---------------------------*/
70 static void xbd_closing(device_t);
71 static void xbd_startio(struct xbd_softc *sc);
72 
73 /*---------------------------------- Macros ----------------------------------*/
74 #if 0
75 #define DPRINTK(fmt, args...) printf("[XEN] %s:%d: " fmt ".\n", __func__, __LINE__, ##args)
76 #else
77 #define DPRINTK(fmt, args...)
78 #endif
79 
80 #define XBD_SECTOR_SHFT		9
81 
82 /*---------------------------- Global Static Data ----------------------------*/
83 static MALLOC_DEFINE(M_XENBLOCKFRONT, "xbd", "Xen Block Front driver data");
84 
85 static int xbd_enable_indirect = 1;
86 SYSCTL_NODE(_hw, OID_AUTO, xbd, CTLFLAG_RD | CTLFLAG_MPSAFE, 0,
87     "xbd driver parameters");
88 SYSCTL_INT(_hw_xbd, OID_AUTO, xbd_enable_indirect, CTLFLAG_RDTUN,
89     &xbd_enable_indirect, 0, "Enable xbd indirect segments");
90 
91 /*---------------------------- Command Processing ----------------------------*/
92 static void
93 xbd_freeze(struct xbd_softc *sc, xbd_flag_t xbd_flag)
94 {
95 	if (xbd_flag != XBDF_NONE && (sc->xbd_flags & xbd_flag) != 0)
96 		return;
97 
98 	sc->xbd_flags |= xbd_flag;
99 	sc->xbd_qfrozen_cnt++;
100 }
101 
102 static void
103 xbd_thaw(struct xbd_softc *sc, xbd_flag_t xbd_flag)
104 {
105 	if (xbd_flag != XBDF_NONE && (sc->xbd_flags & xbd_flag) == 0)
106 		return;
107 
108 	if (sc->xbd_qfrozen_cnt == 0)
109 		panic("%s: Thaw with flag 0x%x while not frozen.",
110 		    __func__, xbd_flag);
111 
112 	sc->xbd_flags &= ~xbd_flag;
113 	sc->xbd_qfrozen_cnt--;
114 }
115 
116 static void
117 xbd_cm_freeze(struct xbd_softc *sc, struct xbd_command *cm, xbdc_flag_t cm_flag)
118 {
119 	if ((cm->cm_flags & XBDCF_FROZEN) != 0)
120 		return;
121 
122 	cm->cm_flags |= XBDCF_FROZEN|cm_flag;
123 	xbd_freeze(sc, XBDF_NONE);
124 }
125 
126 static void
127 xbd_cm_thaw(struct xbd_softc *sc, struct xbd_command *cm)
128 {
129 	if ((cm->cm_flags & XBDCF_FROZEN) == 0)
130 		return;
131 
132 	cm->cm_flags &= ~XBDCF_FROZEN;
133 	xbd_thaw(sc, XBDF_NONE);
134 }
135 
136 static inline void
137 xbd_flush_requests(struct xbd_softc *sc)
138 {
139 	int notify;
140 
141 	RING_PUSH_REQUESTS_AND_CHECK_NOTIFY(&sc->xbd_ring, notify);
142 
143 	if (notify)
144 		xen_intr_signal(sc->xen_intr_handle);
145 }
146 
147 static void
148 xbd_free_command(struct xbd_command *cm)
149 {
150 
151 	KASSERT((cm->cm_flags & XBDCF_Q_MASK) == XBD_Q_NONE,
152 	    ("Freeing command that is still on queue %d.",
153 	    cm->cm_flags & XBDCF_Q_MASK));
154 
155 	cm->cm_flags = XBDCF_INITIALIZER;
156 	cm->cm_bp = NULL;
157 	cm->cm_complete = NULL;
158 	xbd_enqueue_cm(cm, XBD_Q_FREE);
159 	xbd_thaw(cm->cm_sc, XBDF_CM_SHORTAGE);
160 }
161 
162 static void
163 xbd_mksegarray(bus_dma_segment_t *segs, int nsegs,
164     grant_ref_t * gref_head, int otherend_id, int readonly,
165     grant_ref_t * sg_ref, struct blkif_request_segment *sg)
166 {
167 	struct blkif_request_segment *last_block_sg = sg + nsegs;
168 	vm_paddr_t buffer_ma;
169 	uint64_t fsect, lsect;
170 	int ref;
171 
172 	while (sg < last_block_sg) {
173 		KASSERT(segs->ds_addr % (1 << XBD_SECTOR_SHFT) == 0,
174 		    ("XEN disk driver I/O must be sector aligned"));
175 		KASSERT(segs->ds_len % (1 << XBD_SECTOR_SHFT) == 0,
176 		    ("XEN disk driver I/Os must be a multiple of "
177 		    "the sector length"));
178 		buffer_ma = segs->ds_addr;
179 		fsect = (buffer_ma & PAGE_MASK) >> XBD_SECTOR_SHFT;
180 		lsect = fsect + (segs->ds_len  >> XBD_SECTOR_SHFT) - 1;
181 
182 		KASSERT(lsect <= 7, ("XEN disk driver data cannot "
183 		    "cross a page boundary"));
184 
185 		/* install a grant reference. */
186 		ref = gnttab_claim_grant_reference(gref_head);
187 
188 		/*
189 		 * GNTTAB_LIST_END == 0xffffffff, but it is private
190 		 * to gnttab.c.
191 		 */
192 		KASSERT(ref != ~0, ("grant_reference failed"));
193 
194 		gnttab_grant_foreign_access_ref(
195 		    ref,
196 		    otherend_id,
197 		    buffer_ma >> PAGE_SHIFT,
198 		    readonly);
199 
200 		*sg_ref = ref;
201 		*sg = (struct blkif_request_segment) {
202 			.gref       = ref,
203 			.first_sect = fsect,
204 			.last_sect  = lsect
205 		};
206 		sg++;
207 		sg_ref++;
208 		segs++;
209 	}
210 }
211 
212 static void
213 xbd_queue_cb(void *arg, bus_dma_segment_t *segs, int nsegs, int error)
214 {
215 	struct xbd_softc *sc;
216 	struct xbd_command *cm;
217 	int op;
218 
219 	cm = arg;
220 	sc = cm->cm_sc;
221 
222 	if (error) {
223 		cm->cm_bp->bio_error = EIO;
224 		biodone(cm->cm_bp);
225 		xbd_free_command(cm);
226 		return;
227 	}
228 
229 	KASSERT(nsegs <= sc->xbd_max_request_segments,
230 	    ("Too many segments in a blkfront I/O"));
231 
232 	if (nsegs <= BLKIF_MAX_SEGMENTS_PER_REQUEST) {
233 		blkif_request_t	*ring_req;
234 
235 		/* Fill out a blkif_request_t structure. */
236 		ring_req = (blkif_request_t *)
237 		    RING_GET_REQUEST(&sc->xbd_ring, sc->xbd_ring.req_prod_pvt);
238 		sc->xbd_ring.req_prod_pvt++;
239 		ring_req->id = cm->cm_id;
240 		ring_req->operation = cm->cm_operation;
241 		ring_req->sector_number = cm->cm_sector_number;
242 		ring_req->handle = (blkif_vdev_t)(uintptr_t)sc->xbd_disk;
243 		ring_req->nr_segments = nsegs;
244 		cm->cm_nseg = nsegs;
245 		xbd_mksegarray(segs, nsegs, &cm->cm_gref_head,
246 		    xenbus_get_otherend_id(sc->xbd_dev),
247 		    cm->cm_operation == BLKIF_OP_WRITE,
248 		    cm->cm_sg_refs, ring_req->seg);
249 	} else {
250 		blkif_request_indirect_t *ring_req;
251 
252 		/* Fill out a blkif_request_indirect_t structure. */
253 		ring_req = (blkif_request_indirect_t *)
254 		    RING_GET_REQUEST(&sc->xbd_ring, sc->xbd_ring.req_prod_pvt);
255 		sc->xbd_ring.req_prod_pvt++;
256 		ring_req->id = cm->cm_id;
257 		ring_req->operation = BLKIF_OP_INDIRECT;
258 		ring_req->indirect_op = cm->cm_operation;
259 		ring_req->sector_number = cm->cm_sector_number;
260 		ring_req->handle = (blkif_vdev_t)(uintptr_t)sc->xbd_disk;
261 		ring_req->nr_segments = nsegs;
262 		cm->cm_nseg = nsegs;
263 		xbd_mksegarray(segs, nsegs, &cm->cm_gref_head,
264 		    xenbus_get_otherend_id(sc->xbd_dev),
265 		    cm->cm_operation == BLKIF_OP_WRITE,
266 		    cm->cm_sg_refs, cm->cm_indirectionpages);
267 		memcpy(ring_req->indirect_grefs, &cm->cm_indirectionrefs,
268 		    sizeof(grant_ref_t) * sc->xbd_max_request_indirectpages);
269 	}
270 
271 	if (cm->cm_operation == BLKIF_OP_READ)
272 		op = BUS_DMASYNC_PREREAD;
273 	else if (cm->cm_operation == BLKIF_OP_WRITE)
274 		op = BUS_DMASYNC_PREWRITE;
275 	else
276 		op = 0;
277 	bus_dmamap_sync(sc->xbd_io_dmat, cm->cm_map, op);
278 
279 	gnttab_free_grant_references(cm->cm_gref_head);
280 
281 	xbd_enqueue_cm(cm, XBD_Q_BUSY);
282 
283 	/*
284 	 * If bus dma had to asynchronously call us back to dispatch
285 	 * this command, we are no longer executing in the context of
286 	 * xbd_startio().  Thus we cannot rely on xbd_startio()'s call to
287 	 * xbd_flush_requests() to publish this command to the backend
288 	 * along with any other commands that it could batch.
289 	 */
290 	if ((cm->cm_flags & XBDCF_ASYNC_MAPPING) != 0)
291 		xbd_flush_requests(sc);
292 
293 	return;
294 }
295 
296 static int
297 xbd_queue_request(struct xbd_softc *sc, struct xbd_command *cm)
298 {
299 	int error;
300 
301 	if (cm->cm_bp != NULL)
302 		error = bus_dmamap_load_bio(sc->xbd_io_dmat, cm->cm_map,
303 		    cm->cm_bp, xbd_queue_cb, cm, 0);
304 	else
305 		error = bus_dmamap_load(sc->xbd_io_dmat, cm->cm_map,
306 		    cm->cm_data, cm->cm_datalen, xbd_queue_cb, cm, 0);
307 	if (error == EINPROGRESS) {
308 		/*
309 		 * Maintain queuing order by freezing the queue.  The next
310 		 * command may not require as many resources as the command
311 		 * we just attempted to map, so we can't rely on bus dma
312 		 * blocking for it too.
313 		 */
314 		xbd_cm_freeze(sc, cm, XBDCF_ASYNC_MAPPING);
315 		return (0);
316 	}
317 
318 	return (error);
319 }
320 
321 static void
322 xbd_restart_queue_callback(void *arg)
323 {
324 	struct xbd_softc *sc = arg;
325 
326 	mtx_lock(&sc->xbd_io_lock);
327 
328 	xbd_thaw(sc, XBDF_GNT_SHORTAGE);
329 
330 	xbd_startio(sc);
331 
332 	mtx_unlock(&sc->xbd_io_lock);
333 }
334 
335 static struct xbd_command *
336 xbd_bio_command(struct xbd_softc *sc)
337 {
338 	struct xbd_command *cm;
339 	struct bio *bp;
340 
341 	if (__predict_false(sc->xbd_state != XBD_STATE_CONNECTED))
342 		return (NULL);
343 
344 	bp = xbd_dequeue_bio(sc);
345 	if (bp == NULL)
346 		return (NULL);
347 
348 	if ((cm = xbd_dequeue_cm(sc, XBD_Q_FREE)) == NULL) {
349 		xbd_freeze(sc, XBDF_CM_SHORTAGE);
350 		xbd_requeue_bio(sc, bp);
351 		return (NULL);
352 	}
353 
354 	if (gnttab_alloc_grant_references(sc->xbd_max_request_segments,
355 	    &cm->cm_gref_head) != 0) {
356 		gnttab_request_free_callback(&sc->xbd_callback,
357 		    xbd_restart_queue_callback, sc,
358 		    sc->xbd_max_request_segments);
359 		xbd_freeze(sc, XBDF_GNT_SHORTAGE);
360 		xbd_requeue_bio(sc, bp);
361 		xbd_enqueue_cm(cm, XBD_Q_FREE);
362 		return (NULL);
363 	}
364 
365 	cm->cm_bp = bp;
366 	cm->cm_sector_number = (blkif_sector_t)bp->bio_pblkno;
367 
368 	switch (bp->bio_cmd) {
369 	case BIO_READ:
370 		cm->cm_operation = BLKIF_OP_READ;
371 		break;
372 	case BIO_WRITE:
373 		cm->cm_operation = BLKIF_OP_WRITE;
374 		if ((bp->bio_flags & BIO_ORDERED) != 0) {
375 			if ((sc->xbd_flags & XBDF_BARRIER) != 0) {
376 				cm->cm_operation = BLKIF_OP_WRITE_BARRIER;
377 			} else {
378 				/*
379 				 * Single step this command.
380 				 */
381 				cm->cm_flags |= XBDCF_Q_FREEZE;
382 				if (xbd_queue_length(sc, XBD_Q_BUSY) != 0) {
383 					/*
384 					 * Wait for in-flight requests to
385 					 * finish.
386 					 */
387 					xbd_freeze(sc, XBDF_WAIT_IDLE);
388 					xbd_requeue_cm(cm, XBD_Q_READY);
389 					return (NULL);
390 				}
391 			}
392 		}
393 		break;
394 	case BIO_FLUSH:
395 		if ((sc->xbd_flags & XBDF_FLUSH) != 0)
396 			cm->cm_operation = BLKIF_OP_FLUSH_DISKCACHE;
397 		else if ((sc->xbd_flags & XBDF_BARRIER) != 0)
398 			cm->cm_operation = BLKIF_OP_WRITE_BARRIER;
399 		else
400 			panic("flush request, but no flush support available");
401 		break;
402 	default:
403 		biofinish(bp, NULL, EOPNOTSUPP);
404 		xbd_enqueue_cm(cm, XBD_Q_FREE);
405 		return (NULL);
406 	}
407 
408 	return (cm);
409 }
410 
411 /*
412  * Dequeue buffers and place them in the shared communication ring.
413  * Return when no more requests can be accepted or all buffers have
414  * been queued.
415  *
416  * Signal XEN once the ring has been filled out.
417  */
418 static void
419 xbd_startio(struct xbd_softc *sc)
420 {
421 	struct xbd_command *cm;
422 	int error, queued = 0;
423 
424 	mtx_assert(&sc->xbd_io_lock, MA_OWNED);
425 
426 	if (sc->xbd_state != XBD_STATE_CONNECTED)
427 		return;
428 
429 	while (!RING_FULL(&sc->xbd_ring)) {
430 		if (sc->xbd_qfrozen_cnt != 0)
431 			break;
432 
433 		cm = xbd_dequeue_cm(sc, XBD_Q_READY);
434 
435 		if (cm == NULL)
436 		    cm = xbd_bio_command(sc);
437 
438 		if (cm == NULL)
439 			break;
440 
441 		if ((cm->cm_flags & XBDCF_Q_FREEZE) != 0) {
442 			/*
443 			 * Single step command.  Future work is
444 			 * held off until this command completes.
445 			 */
446 			xbd_cm_freeze(sc, cm, XBDCF_Q_FREEZE);
447 		}
448 
449 		if ((error = xbd_queue_request(sc, cm)) != 0) {
450 			printf("xbd_queue_request returned %d\n", error);
451 			break;
452 		}
453 		queued++;
454 	}
455 
456 	if (queued != 0)
457 		xbd_flush_requests(sc);
458 }
459 
460 static void
461 xbd_bio_complete(struct xbd_softc *sc, struct xbd_command *cm)
462 {
463 	struct bio *bp;
464 
465 	bp = cm->cm_bp;
466 
467 	if (__predict_false(cm->cm_status != BLKIF_RSP_OKAY)) {
468 		disk_err(bp, "disk error" , -1, 0);
469 		printf(" status: %x\n", cm->cm_status);
470 		bp->bio_flags |= BIO_ERROR;
471 	}
472 
473 	if (bp->bio_flags & BIO_ERROR)
474 		bp->bio_error = EIO;
475 	else
476 		bp->bio_resid = 0;
477 
478 	xbd_free_command(cm);
479 	biodone(bp);
480 }
481 
482 static void
483 xbd_int(void *xsc)
484 {
485 	struct xbd_softc *sc = xsc;
486 	struct xbd_command *cm;
487 	blkif_response_t *bret;
488 	RING_IDX i, rp;
489 	int op;
490 
491 	mtx_lock(&sc->xbd_io_lock);
492 
493 	if (__predict_false(sc->xbd_state == XBD_STATE_DISCONNECTED)) {
494 		mtx_unlock(&sc->xbd_io_lock);
495 		return;
496 	}
497 
498  again:
499 	rp = sc->xbd_ring.sring->rsp_prod;
500 	rmb(); /* Ensure we see queued responses up to 'rp'. */
501 
502 	for (i = sc->xbd_ring.rsp_cons; i != rp;) {
503 		bret = RING_GET_RESPONSE(&sc->xbd_ring, i);
504 		cm   = &sc->xbd_shadow[bret->id];
505 
506 		xbd_remove_cm(cm, XBD_Q_BUSY);
507 		gnttab_end_foreign_access_references(cm->cm_nseg,
508 		    cm->cm_sg_refs);
509 		i++;
510 
511 		if (cm->cm_operation == BLKIF_OP_READ)
512 			op = BUS_DMASYNC_POSTREAD;
513 		else if (cm->cm_operation == BLKIF_OP_WRITE ||
514 		    cm->cm_operation == BLKIF_OP_WRITE_BARRIER)
515 			op = BUS_DMASYNC_POSTWRITE;
516 		else
517 			op = 0;
518 		bus_dmamap_sync(sc->xbd_io_dmat, cm->cm_map, op);
519 		bus_dmamap_unload(sc->xbd_io_dmat, cm->cm_map);
520 
521 		/*
522 		 * Release any hold this command has on future command
523 		 * dispatch.
524 		 */
525 		xbd_cm_thaw(sc, cm);
526 
527 		/*
528 		 * Directly call the i/o complete routine to save an
529 		 * an indirection in the common case.
530 		 */
531 		cm->cm_status = bret->status;
532 		if (cm->cm_bp)
533 			xbd_bio_complete(sc, cm);
534 		else if (cm->cm_complete != NULL)
535 			cm->cm_complete(cm);
536 		else
537 			xbd_free_command(cm);
538 	}
539 
540 	sc->xbd_ring.rsp_cons = i;
541 
542 	if (i != sc->xbd_ring.req_prod_pvt) {
543 		int more_to_do;
544 		RING_FINAL_CHECK_FOR_RESPONSES(&sc->xbd_ring, more_to_do);
545 		if (more_to_do)
546 			goto again;
547 	} else {
548 		sc->xbd_ring.sring->rsp_event = i + 1;
549 	}
550 
551 	if (xbd_queue_length(sc, XBD_Q_BUSY) == 0)
552 		xbd_thaw(sc, XBDF_WAIT_IDLE);
553 
554 	xbd_startio(sc);
555 
556 	if (__predict_false(sc->xbd_state == XBD_STATE_SUSPENDED))
557 		wakeup(&sc->xbd_cm_q[XBD_Q_BUSY]);
558 
559 	mtx_unlock(&sc->xbd_io_lock);
560 }
561 
562 /*------------------------------- Dump Support -------------------------------*/
563 /**
564  * Quiesce the disk writes for a dump file before allowing the next buffer.
565  */
566 static void
567 xbd_quiesce(struct xbd_softc *sc)
568 {
569 	int mtd;
570 
571 	// While there are outstanding requests
572 	while (xbd_queue_length(sc, XBD_Q_BUSY) != 0) {
573 		RING_FINAL_CHECK_FOR_RESPONSES(&sc->xbd_ring, mtd);
574 		if (mtd) {
575 			/* Received request completions, update queue. */
576 			xbd_int(sc);
577 		}
578 		if (xbd_queue_length(sc, XBD_Q_BUSY) != 0) {
579 			/*
580 			 * Still pending requests, wait for the disk i/o
581 			 * to complete.
582 			 */
583 			HYPERVISOR_yield();
584 		}
585 	}
586 }
587 
588 /* Kernel dump function for a paravirtualized disk device */
589 static void
590 xbd_dump_complete(struct xbd_command *cm)
591 {
592 
593 	xbd_enqueue_cm(cm, XBD_Q_COMPLETE);
594 }
595 
596 static int
597 xbd_dump(void *arg, void *virtual, vm_offset_t physical, off_t offset,
598     size_t length)
599 {
600 	struct disk *dp = arg;
601 	struct xbd_softc *sc = dp->d_drv1;
602 	struct xbd_command *cm;
603 	size_t chunk;
604 	int sbp;
605 	int rc = 0;
606 
607 	if (length == 0)
608 		return (0);
609 
610 	xbd_quiesce(sc);	/* All quiet on the western front. */
611 
612 	/*
613 	 * If this lock is held, then this module is failing, and a
614 	 * successful kernel dump is highly unlikely anyway.
615 	 */
616 	mtx_lock(&sc->xbd_io_lock);
617 
618 	/* Split the 64KB block as needed */
619 	for (sbp=0; length > 0; sbp++) {
620 		cm = xbd_dequeue_cm(sc, XBD_Q_FREE);
621 		if (cm == NULL) {
622 			mtx_unlock(&sc->xbd_io_lock);
623 			device_printf(sc->xbd_dev, "dump: no more commands?\n");
624 			return (EBUSY);
625 		}
626 
627 		if (gnttab_alloc_grant_references(sc->xbd_max_request_segments,
628 		    &cm->cm_gref_head) != 0) {
629 			xbd_free_command(cm);
630 			mtx_unlock(&sc->xbd_io_lock);
631 			device_printf(sc->xbd_dev, "no more grant allocs?\n");
632 			return (EBUSY);
633 		}
634 
635 		chunk = length > sc->xbd_max_request_size ?
636 		    sc->xbd_max_request_size : length;
637 		cm->cm_data = virtual;
638 		cm->cm_datalen = chunk;
639 		cm->cm_operation = BLKIF_OP_WRITE;
640 		cm->cm_sector_number = offset / dp->d_sectorsize;
641 		cm->cm_complete = xbd_dump_complete;
642 
643 		xbd_enqueue_cm(cm, XBD_Q_READY);
644 
645 		length -= chunk;
646 		offset += chunk;
647 		virtual = (char *) virtual + chunk;
648 	}
649 
650 	/* Tell DOM0 to do the I/O */
651 	xbd_startio(sc);
652 	mtx_unlock(&sc->xbd_io_lock);
653 
654 	/* Poll for the completion. */
655 	xbd_quiesce(sc);	/* All quite on the eastern front */
656 
657 	/* If there were any errors, bail out... */
658 	while ((cm = xbd_dequeue_cm(sc, XBD_Q_COMPLETE)) != NULL) {
659 		if (cm->cm_status != BLKIF_RSP_OKAY) {
660 			device_printf(sc->xbd_dev,
661 			    "Dump I/O failed at sector %jd\n",
662 			    cm->cm_sector_number);
663 			rc = EIO;
664 		}
665 		xbd_free_command(cm);
666 	}
667 
668 	return (rc);
669 }
670 
671 /*----------------------------- Disk Entrypoints -----------------------------*/
672 static int
673 xbd_open(struct disk *dp)
674 {
675 	struct xbd_softc *sc = dp->d_drv1;
676 
677 	if (sc == NULL) {
678 		printf("xbd%d: not found", dp->d_unit);
679 		return (ENXIO);
680 	}
681 
682 	sc->xbd_flags |= XBDF_OPEN;
683 	sc->xbd_users++;
684 	return (0);
685 }
686 
687 static int
688 xbd_close(struct disk *dp)
689 {
690 	struct xbd_softc *sc = dp->d_drv1;
691 
692 	if (sc == NULL)
693 		return (ENXIO);
694 	sc->xbd_flags &= ~XBDF_OPEN;
695 	if (--(sc->xbd_users) == 0) {
696 		/*
697 		 * Check whether we have been instructed to close.  We will
698 		 * have ignored this request initially, as the device was
699 		 * still mounted.
700 		 */
701 		if (xenbus_get_otherend_state(sc->xbd_dev) ==
702 		    XenbusStateClosing)
703 			xbd_closing(sc->xbd_dev);
704 	}
705 	return (0);
706 }
707 
708 static int
709 xbd_ioctl(struct disk *dp, u_long cmd, void *addr, int flag, struct thread *td)
710 {
711 	struct xbd_softc *sc = dp->d_drv1;
712 
713 	if (sc == NULL)
714 		return (ENXIO);
715 
716 	return (ENOTTY);
717 }
718 
719 /*
720  * Read/write routine for a buffer.  Finds the proper unit, place it on
721  * the sortq and kick the controller.
722  */
723 static void
724 xbd_strategy(struct bio *bp)
725 {
726 	struct xbd_softc *sc = bp->bio_disk->d_drv1;
727 
728 	/* bogus disk? */
729 	if (sc == NULL) {
730 		bp->bio_error = EINVAL;
731 		bp->bio_flags |= BIO_ERROR;
732 		bp->bio_resid = bp->bio_bcount;
733 		biodone(bp);
734 		return;
735 	}
736 
737 	/*
738 	 * Place it in the queue of disk activities for this disk
739 	 */
740 	mtx_lock(&sc->xbd_io_lock);
741 
742 	xbd_enqueue_bio(sc, bp);
743 	xbd_startio(sc);
744 
745 	mtx_unlock(&sc->xbd_io_lock);
746 	return;
747 }
748 
749 /*------------------------------ Ring Management -----------------------------*/
750 static int
751 xbd_alloc_ring(struct xbd_softc *sc)
752 {
753 	blkif_sring_t *sring;
754 	uintptr_t sring_page_addr;
755 	int error;
756 	int i;
757 
758 	sring = malloc(sc->xbd_ring_pages * PAGE_SIZE, M_XENBLOCKFRONT,
759 	    M_NOWAIT|M_ZERO);
760 	if (sring == NULL) {
761 		xenbus_dev_fatal(sc->xbd_dev, ENOMEM, "allocating shared ring");
762 		return (ENOMEM);
763 	}
764 	SHARED_RING_INIT(sring);
765 	FRONT_RING_INIT(&sc->xbd_ring, sring, sc->xbd_ring_pages * PAGE_SIZE);
766 
767 	for (i = 0, sring_page_addr = (uintptr_t)sring;
768 	     i < sc->xbd_ring_pages;
769 	     i++, sring_page_addr += PAGE_SIZE) {
770 		error = xenbus_grant_ring(sc->xbd_dev,
771 		    (vtophys(sring_page_addr) >> PAGE_SHIFT),
772 		    &sc->xbd_ring_ref[i]);
773 		if (error) {
774 			xenbus_dev_fatal(sc->xbd_dev, error,
775 			    "granting ring_ref(%d)", i);
776 			return (error);
777 		}
778 	}
779 	if (sc->xbd_ring_pages == 1) {
780 		error = xs_printf(XST_NIL, xenbus_get_node(sc->xbd_dev),
781 		    "ring-ref", "%u", sc->xbd_ring_ref[0]);
782 		if (error) {
783 			xenbus_dev_fatal(sc->xbd_dev, error,
784 			    "writing %s/ring-ref",
785 			    xenbus_get_node(sc->xbd_dev));
786 			return (error);
787 		}
788 	} else {
789 		for (i = 0; i < sc->xbd_ring_pages; i++) {
790 			char ring_ref_name[]= "ring_refXX";
791 
792 			snprintf(ring_ref_name, sizeof(ring_ref_name),
793 			    "ring-ref%u", i);
794 			error = xs_printf(XST_NIL, xenbus_get_node(sc->xbd_dev),
795 			     ring_ref_name, "%u", sc->xbd_ring_ref[i]);
796 			if (error) {
797 				xenbus_dev_fatal(sc->xbd_dev, error,
798 				    "writing %s/%s",
799 				    xenbus_get_node(sc->xbd_dev),
800 				    ring_ref_name);
801 				return (error);
802 			}
803 		}
804 	}
805 
806 	error = xen_intr_alloc_and_bind_local_port(sc->xbd_dev,
807 	    xenbus_get_otherend_id(sc->xbd_dev), NULL, xbd_int, sc,
808 	    INTR_TYPE_BIO | INTR_MPSAFE, &sc->xen_intr_handle);
809 	if (error) {
810 		xenbus_dev_fatal(sc->xbd_dev, error,
811 		    "xen_intr_alloc_and_bind_local_port failed");
812 		return (error);
813 	}
814 
815 	return (0);
816 }
817 
818 static void
819 xbd_free_ring(struct xbd_softc *sc)
820 {
821 	int i;
822 
823 	if (sc->xbd_ring.sring == NULL)
824 		return;
825 
826 	for (i = 0; i < sc->xbd_ring_pages; i++) {
827 		if (sc->xbd_ring_ref[i] != GRANT_REF_INVALID) {
828 			gnttab_end_foreign_access_ref(sc->xbd_ring_ref[i]);
829 			sc->xbd_ring_ref[i] = GRANT_REF_INVALID;
830 		}
831 	}
832 	free(sc->xbd_ring.sring, M_XENBLOCKFRONT);
833 	sc->xbd_ring.sring = NULL;
834 }
835 
836 /*-------------------------- Initialization/Teardown -------------------------*/
837 static int
838 xbd_feature_string(struct xbd_softc *sc, char *features, size_t len)
839 {
840 	struct sbuf sb;
841 	int feature_cnt;
842 
843 	sbuf_new(&sb, features, len, SBUF_FIXEDLEN);
844 
845 	feature_cnt = 0;
846 	if ((sc->xbd_flags & XBDF_FLUSH) != 0) {
847 		sbuf_printf(&sb, "flush");
848 		feature_cnt++;
849 	}
850 
851 	if ((sc->xbd_flags & XBDF_BARRIER) != 0) {
852 		if (feature_cnt != 0)
853 			sbuf_printf(&sb, ", ");
854 		sbuf_printf(&sb, "write_barrier");
855 		feature_cnt++;
856 	}
857 
858 	if ((sc->xbd_flags & XBDF_DISCARD) != 0) {
859 		if (feature_cnt != 0)
860 			sbuf_printf(&sb, ", ");
861 		sbuf_printf(&sb, "discard");
862 		feature_cnt++;
863 	}
864 
865 	if ((sc->xbd_flags & XBDF_PERSISTENT) != 0) {
866 		if (feature_cnt != 0)
867 			sbuf_printf(&sb, ", ");
868 		sbuf_printf(&sb, "persistent_grants");
869 		feature_cnt++;
870 	}
871 
872 	(void) sbuf_finish(&sb);
873 	return (sbuf_len(&sb));
874 }
875 
876 static int
877 xbd_sysctl_features(SYSCTL_HANDLER_ARGS)
878 {
879 	char features[80];
880 	struct xbd_softc *sc = arg1;
881 	int error;
882 	int len;
883 
884 	error = sysctl_wire_old_buffer(req, 0);
885 	if (error != 0)
886 		return (error);
887 
888 	len = xbd_feature_string(sc, features, sizeof(features));
889 
890 	/* len is -1 on error, which will make the SYSCTL_OUT a no-op. */
891 	return (SYSCTL_OUT(req, features, len + 1/*NUL*/));
892 }
893 
894 static void
895 xbd_setup_sysctl(struct xbd_softc *xbd)
896 {
897 	struct sysctl_ctx_list *sysctl_ctx = NULL;
898 	struct sysctl_oid *sysctl_tree = NULL;
899 	struct sysctl_oid_list *children;
900 
901 	sysctl_ctx = device_get_sysctl_ctx(xbd->xbd_dev);
902 	if (sysctl_ctx == NULL)
903 		return;
904 
905 	sysctl_tree = device_get_sysctl_tree(xbd->xbd_dev);
906 	if (sysctl_tree == NULL)
907 		return;
908 
909 	children = SYSCTL_CHILDREN(sysctl_tree);
910 	SYSCTL_ADD_UINT(sysctl_ctx, children, OID_AUTO,
911 	    "max_requests", CTLFLAG_RD, &xbd->xbd_max_requests, -1,
912 	    "maximum outstanding requests (negotiated)");
913 
914 	SYSCTL_ADD_UINT(sysctl_ctx, children, OID_AUTO,
915 	    "max_request_segments", CTLFLAG_RD,
916 	    &xbd->xbd_max_request_segments, 0,
917 	    "maximum number of pages per requests (negotiated)");
918 
919 	SYSCTL_ADD_UINT(sysctl_ctx, children, OID_AUTO,
920 	    "max_request_size", CTLFLAG_RD, &xbd->xbd_max_request_size, 0,
921 	    "maximum size in bytes of a request (negotiated)");
922 
923 	SYSCTL_ADD_UINT(sysctl_ctx, children, OID_AUTO,
924 	    "ring_pages", CTLFLAG_RD, &xbd->xbd_ring_pages, 0,
925 	    "communication channel pages (negotiated)");
926 
927 	SYSCTL_ADD_PROC(sysctl_ctx, children, OID_AUTO,
928 	    "features", CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_NEEDGIANT, xbd,
929 	    0, xbd_sysctl_features, "A", "protocol features (negotiated)");
930 }
931 
932 /*
933  * Translate Linux major/minor to an appropriate name and unit
934  * number. For HVM guests, this allows us to use the same drive names
935  * with blkfront as the emulated drives, easing transition slightly.
936  */
937 static void
938 xbd_vdevice_to_unit(uint32_t vdevice, int *unit, const char **name)
939 {
940 	static struct vdev_info {
941 		int major;
942 		int shift;
943 		int base;
944 		const char *name;
945 	} info[] = {
946 		{3,	6,	0,	"ada"},	/* ide0 */
947 		{22,	6,	2,	"ada"},	/* ide1 */
948 		{33,	6,	4,	"ada"},	/* ide2 */
949 		{34,	6,	6,	"ada"},	/* ide3 */
950 		{56,	6,	8,	"ada"},	/* ide4 */
951 		{57,	6,	10,	"ada"},	/* ide5 */
952 		{88,	6,	12,	"ada"},	/* ide6 */
953 		{89,	6,	14,	"ada"},	/* ide7 */
954 		{90,	6,	16,	"ada"},	/* ide8 */
955 		{91,	6,	18,	"ada"},	/* ide9 */
956 
957 		{8,	4,	0,	"da"},	/* scsi disk0 */
958 		{65,	4,	16,	"da"},	/* scsi disk1 */
959 		{66,	4,	32,	"da"},	/* scsi disk2 */
960 		{67,	4,	48,	"da"},	/* scsi disk3 */
961 		{68,	4,	64,	"da"},	/* scsi disk4 */
962 		{69,	4,	80,	"da"},	/* scsi disk5 */
963 		{70,	4,	96,	"da"},	/* scsi disk6 */
964 		{71,	4,	112,	"da"},	/* scsi disk7 */
965 		{128,	4,	128,	"da"},	/* scsi disk8 */
966 		{129,	4,	144,	"da"},	/* scsi disk9 */
967 		{130,	4,	160,	"da"},	/* scsi disk10 */
968 		{131,	4,	176,	"da"},	/* scsi disk11 */
969 		{132,	4,	192,	"da"},	/* scsi disk12 */
970 		{133,	4,	208,	"da"},	/* scsi disk13 */
971 		{134,	4,	224,	"da"},	/* scsi disk14 */
972 		{135,	4,	240,	"da"},	/* scsi disk15 */
973 
974 		{202,	4,	0,	"xbd"},	/* xbd */
975 
976 		{0,	0,	0,	NULL},
977 	};
978 	int major = vdevice >> 8;
979 	int minor = vdevice & 0xff;
980 	int i;
981 
982 	if (vdevice & (1 << 28)) {
983 		*unit = (vdevice & ((1 << 28) - 1)) >> 8;
984 		*name = "xbd";
985 		return;
986 	}
987 
988 	for (i = 0; info[i].major; i++) {
989 		if (info[i].major == major) {
990 			*unit = info[i].base + (minor >> info[i].shift);
991 			*name = info[i].name;
992 			return;
993 		}
994 	}
995 
996 	*unit = minor >> 4;
997 	*name = "xbd";
998 }
999 
1000 int
1001 xbd_instance_create(struct xbd_softc *sc, blkif_sector_t sectors,
1002     int vdevice, uint16_t vdisk_info, unsigned long sector_size,
1003     unsigned long phys_sector_size)
1004 {
1005 	char features[80];
1006 	int unit, error = 0;
1007 	const char *name;
1008 
1009 	xbd_vdevice_to_unit(vdevice, &unit, &name);
1010 
1011 	sc->xbd_unit = unit;
1012 
1013 	if (strcmp(name, "xbd") != 0)
1014 		device_printf(sc->xbd_dev, "attaching as %s%d\n", name, unit);
1015 
1016 	if (xbd_feature_string(sc, features, sizeof(features)) > 0) {
1017 		device_printf(sc->xbd_dev, "features: %s\n",
1018 		    features);
1019 	}
1020 
1021 	sc->xbd_disk = disk_alloc();
1022 	sc->xbd_disk->d_unit = sc->xbd_unit;
1023 	sc->xbd_disk->d_open = xbd_open;
1024 	sc->xbd_disk->d_close = xbd_close;
1025 	sc->xbd_disk->d_ioctl = xbd_ioctl;
1026 	sc->xbd_disk->d_strategy = xbd_strategy;
1027 	sc->xbd_disk->d_dump = xbd_dump;
1028 	sc->xbd_disk->d_name = name;
1029 	sc->xbd_disk->d_drv1 = sc;
1030 	sc->xbd_disk->d_sectorsize = sector_size;
1031 	sc->xbd_disk->d_stripesize = phys_sector_size;
1032 	sc->xbd_disk->d_stripeoffset = 0;
1033 
1034 	sc->xbd_disk->d_mediasize = sectors * sector_size;
1035 	sc->xbd_disk->d_maxsize = sc->xbd_max_request_size;
1036 	sc->xbd_disk->d_flags = DISKFLAG_UNMAPPED_BIO;
1037 	if ((sc->xbd_flags & (XBDF_FLUSH|XBDF_BARRIER)) != 0) {
1038 		sc->xbd_disk->d_flags |= DISKFLAG_CANFLUSHCACHE;
1039 		device_printf(sc->xbd_dev,
1040 		    "synchronize cache commands enabled.\n");
1041 	}
1042 	disk_create(sc->xbd_disk, DISK_VERSION);
1043 
1044 	return error;
1045 }
1046 
1047 static void
1048 xbd_free(struct xbd_softc *sc)
1049 {
1050 	int i;
1051 
1052 	/* Prevent new requests being issued until we fix things up. */
1053 	mtx_lock(&sc->xbd_io_lock);
1054 	sc->xbd_state = XBD_STATE_DISCONNECTED;
1055 	mtx_unlock(&sc->xbd_io_lock);
1056 
1057 	/* Free resources associated with old device channel. */
1058 	xbd_free_ring(sc);
1059 	if (sc->xbd_shadow) {
1060 		for (i = 0; i < sc->xbd_max_requests; i++) {
1061 			struct xbd_command *cm;
1062 
1063 			cm = &sc->xbd_shadow[i];
1064 			if (cm->cm_sg_refs != NULL) {
1065 				free(cm->cm_sg_refs, M_XENBLOCKFRONT);
1066 				cm->cm_sg_refs = NULL;
1067 			}
1068 
1069 			if (cm->cm_indirectionpages != NULL) {
1070 				gnttab_end_foreign_access_references(
1071 				    sc->xbd_max_request_indirectpages,
1072 				    &cm->cm_indirectionrefs[0]);
1073 				contigfree(cm->cm_indirectionpages, PAGE_SIZE *
1074 				    sc->xbd_max_request_indirectpages,
1075 				    M_XENBLOCKFRONT);
1076 				cm->cm_indirectionpages = NULL;
1077 			}
1078 
1079 			bus_dmamap_destroy(sc->xbd_io_dmat, cm->cm_map);
1080 		}
1081 		free(sc->xbd_shadow, M_XENBLOCKFRONT);
1082 		sc->xbd_shadow = NULL;
1083 
1084 		bus_dma_tag_destroy(sc->xbd_io_dmat);
1085 
1086 		xbd_initq_cm(sc, XBD_Q_FREE);
1087 		xbd_initq_cm(sc, XBD_Q_READY);
1088 		xbd_initq_cm(sc, XBD_Q_COMPLETE);
1089 	}
1090 
1091 	xen_intr_unbind(&sc->xen_intr_handle);
1092 
1093 }
1094 
1095 /*--------------------------- State Change Handlers --------------------------*/
1096 static void
1097 xbd_initialize(struct xbd_softc *sc)
1098 {
1099 	const char *otherend_path;
1100 	const char *node_path;
1101 	uint32_t max_ring_page_order;
1102 	int error;
1103 
1104 	if (xenbus_get_state(sc->xbd_dev) != XenbusStateInitialising) {
1105 		/* Initialization has already been performed. */
1106 		return;
1107 	}
1108 
1109 	/*
1110 	 * Protocol defaults valid even if negotiation for a
1111 	 * setting fails.
1112 	 */
1113 	max_ring_page_order = 0;
1114 	sc->xbd_ring_pages = 1;
1115 
1116 	/*
1117 	 * Protocol negotiation.
1118 	 *
1119 	 * \note xs_gather() returns on the first encountered error, so
1120 	 *       we must use independent calls in order to guarantee
1121 	 *       we don't miss information in a sparsly populated back-end
1122 	 *       tree.
1123 	 *
1124 	 * \note xs_scanf() does not update variables for unmatched
1125 	 *	 fields.
1126 	 */
1127 	otherend_path = xenbus_get_otherend_path(sc->xbd_dev);
1128 	node_path = xenbus_get_node(sc->xbd_dev);
1129 
1130 	/* Support both backend schemes for relaying ring page limits. */
1131 	(void)xs_scanf(XST_NIL, otherend_path,
1132 	    "max-ring-page-order", NULL, "%" PRIu32,
1133 	    &max_ring_page_order);
1134 	sc->xbd_ring_pages = 1 << max_ring_page_order;
1135 	(void)xs_scanf(XST_NIL, otherend_path,
1136 	    "max-ring-pages", NULL, "%" PRIu32,
1137 	    &sc->xbd_ring_pages);
1138 	if (sc->xbd_ring_pages < 1)
1139 		sc->xbd_ring_pages = 1;
1140 
1141 	if (sc->xbd_ring_pages > XBD_MAX_RING_PAGES) {
1142 		device_printf(sc->xbd_dev,
1143 		    "Back-end specified ring-pages of %u "
1144 		    "limited to front-end limit of %u.\n",
1145 		    sc->xbd_ring_pages, XBD_MAX_RING_PAGES);
1146 		sc->xbd_ring_pages = XBD_MAX_RING_PAGES;
1147 	}
1148 
1149 	if (powerof2(sc->xbd_ring_pages) == 0) {
1150 		uint32_t new_page_limit;
1151 
1152 		new_page_limit = 0x01 << (fls(sc->xbd_ring_pages) - 1);
1153 		device_printf(sc->xbd_dev,
1154 		    "Back-end specified ring-pages of %u "
1155 		    "is not a power of 2. Limited to %u.\n",
1156 		    sc->xbd_ring_pages, new_page_limit);
1157 		sc->xbd_ring_pages = new_page_limit;
1158 	}
1159 
1160 	sc->xbd_max_requests =
1161 	    BLKIF_MAX_RING_REQUESTS(sc->xbd_ring_pages * PAGE_SIZE);
1162 	if (sc->xbd_max_requests > XBD_MAX_REQUESTS) {
1163 		device_printf(sc->xbd_dev,
1164 		    "Back-end specified max_requests of %u "
1165 		    "limited to front-end limit of %zu.\n",
1166 		    sc->xbd_max_requests, XBD_MAX_REQUESTS);
1167 		sc->xbd_max_requests = XBD_MAX_REQUESTS;
1168 	}
1169 
1170 	if (xbd_alloc_ring(sc) != 0)
1171 		return;
1172 
1173 	/* Support both backend schemes for relaying ring page limits. */
1174 	if (sc->xbd_ring_pages > 1) {
1175 		error = xs_printf(XST_NIL, node_path,
1176 		    "num-ring-pages","%u",
1177 		    sc->xbd_ring_pages);
1178 		if (error) {
1179 			xenbus_dev_fatal(sc->xbd_dev, error,
1180 			    "writing %s/num-ring-pages",
1181 			    node_path);
1182 			return;
1183 		}
1184 
1185 		error = xs_printf(XST_NIL, node_path,
1186 		    "ring-page-order", "%u",
1187 		    fls(sc->xbd_ring_pages) - 1);
1188 		if (error) {
1189 			xenbus_dev_fatal(sc->xbd_dev, error,
1190 			    "writing %s/ring-page-order",
1191 			    node_path);
1192 			return;
1193 		}
1194 	}
1195 
1196 	error = xs_printf(XST_NIL, node_path, "event-channel",
1197 	    "%u", xen_intr_port(sc->xen_intr_handle));
1198 	if (error) {
1199 		xenbus_dev_fatal(sc->xbd_dev, error,
1200 		    "writing %s/event-channel",
1201 		    node_path);
1202 		return;
1203 	}
1204 
1205 	error = xs_printf(XST_NIL, node_path, "protocol",
1206 	    "%s", XEN_IO_PROTO_ABI_NATIVE);
1207 	if (error) {
1208 		xenbus_dev_fatal(sc->xbd_dev, error,
1209 		    "writing %s/protocol",
1210 		    node_path);
1211 		return;
1212 	}
1213 
1214 	xenbus_set_state(sc->xbd_dev, XenbusStateInitialised);
1215 }
1216 
1217 /*
1218  * Invoked when the backend is finally 'ready' (and has published
1219  * the details about the physical device - #sectors, size, etc).
1220  */
1221 static void
1222 xbd_connect(struct xbd_softc *sc)
1223 {
1224 	device_t dev = sc->xbd_dev;
1225 	blkif_sector_t sectors;
1226 	unsigned long sector_size, phys_sector_size;
1227 	unsigned int binfo;
1228 	int err, feature_barrier, feature_flush;
1229 	int i, j;
1230 
1231 	DPRINTK("blkfront.c:connect:%s.\n", xenbus_get_otherend_path(dev));
1232 
1233 	if (sc->xbd_state == XBD_STATE_SUSPENDED) {
1234 		return;
1235 	}
1236 
1237 	if (sc->xbd_state == XBD_STATE_CONNECTED) {
1238 		struct disk *disk;
1239 
1240 		disk = sc->xbd_disk;
1241 		if (disk == NULL) {
1242 			return;
1243 		}
1244 		err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
1245 		    "sectors", "%"PRIu64, &sectors, NULL);
1246 		if (err != 0) {
1247 			xenbus_dev_error(dev, err,
1248 			    "reading sectors at %s",
1249 			    xenbus_get_otherend_path(dev));
1250 			return;
1251 		}
1252 		disk->d_mediasize = disk->d_sectorsize * sectors;
1253 		err = disk_resize(disk, M_NOWAIT);
1254 		if (err) {
1255 			xenbus_dev_error(dev, err,
1256 			    "unable to resize disk %s%u",
1257 			    disk->d_name, disk->d_unit);
1258 			return;
1259 		}
1260 		device_printf(sc->xbd_dev,
1261 		    "changed capacity to %jd\n",
1262 		    (intmax_t)disk->d_mediasize);
1263 		return;
1264 	}
1265 
1266 	err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
1267 	    "sectors", "%"PRIu64, &sectors,
1268 	    "info", "%u", &binfo,
1269 	    "sector-size", "%lu", &sector_size,
1270 	    NULL);
1271 	if (err) {
1272 		xenbus_dev_fatal(dev, err,
1273 		    "reading backend fields at %s",
1274 		    xenbus_get_otherend_path(dev));
1275 		return;
1276 	}
1277 	if ((sectors == 0) || (sector_size == 0)) {
1278 		xenbus_dev_fatal(dev, 0,
1279 		    "invalid parameters from %s:"
1280 		    " sectors = %"PRIu64", sector_size = %lu",
1281 		    xenbus_get_otherend_path(dev),
1282 		    sectors, sector_size);
1283 		return;
1284 	}
1285 	err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
1286 	     "physical-sector-size", "%lu", &phys_sector_size,
1287 	     NULL);
1288 	if (err || phys_sector_size <= sector_size)
1289 		phys_sector_size = 0;
1290 	err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
1291 	     "feature-barrier", "%d", &feature_barrier,
1292 	     NULL);
1293 	if (err == 0 && feature_barrier != 0)
1294 		sc->xbd_flags |= XBDF_BARRIER;
1295 
1296 	err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
1297 	     "feature-flush-cache", "%d", &feature_flush,
1298 	     NULL);
1299 	if (err == 0 && feature_flush != 0)
1300 		sc->xbd_flags |= XBDF_FLUSH;
1301 
1302 	err = xs_gather(XST_NIL, xenbus_get_otherend_path(dev),
1303 	    "feature-max-indirect-segments", "%" PRIu32,
1304 	    &sc->xbd_max_request_segments, NULL);
1305 	if ((err != 0) || (xbd_enable_indirect == 0))
1306 		sc->xbd_max_request_segments = 0;
1307 	if (sc->xbd_max_request_segments > XBD_MAX_INDIRECT_SEGMENTS)
1308 		sc->xbd_max_request_segments = XBD_MAX_INDIRECT_SEGMENTS;
1309 	if (sc->xbd_max_request_segments > XBD_SIZE_TO_SEGS(maxphys))
1310 		sc->xbd_max_request_segments = XBD_SIZE_TO_SEGS(maxphys);
1311 	sc->xbd_max_request_indirectpages =
1312 	    XBD_INDIRECT_SEGS_TO_PAGES(sc->xbd_max_request_segments);
1313 	if (sc->xbd_max_request_segments < BLKIF_MAX_SEGMENTS_PER_REQUEST)
1314 		sc->xbd_max_request_segments = BLKIF_MAX_SEGMENTS_PER_REQUEST;
1315 	sc->xbd_max_request_size =
1316 	    XBD_SEGS_TO_SIZE(sc->xbd_max_request_segments);
1317 
1318 	/* Allocate datastructures based on negotiated values. */
1319 	err = bus_dma_tag_create(
1320 	    bus_get_dma_tag(sc->xbd_dev),	/* parent */
1321 	    512, PAGE_SIZE,			/* algnmnt, boundary */
1322 	    BUS_SPACE_MAXADDR,			/* lowaddr */
1323 	    BUS_SPACE_MAXADDR,			/* highaddr */
1324 	    NULL, NULL,				/* filter, filterarg */
1325 	    sc->xbd_max_request_size,
1326 	    sc->xbd_max_request_segments,
1327 	    PAGE_SIZE,				/* maxsegsize */
1328 	    BUS_DMA_ALLOCNOW,			/* flags */
1329 	    busdma_lock_mutex,			/* lockfunc */
1330 	    &sc->xbd_io_lock,			/* lockarg */
1331 	    &sc->xbd_io_dmat);
1332 	if (err != 0) {
1333 		xenbus_dev_fatal(sc->xbd_dev, err,
1334 		    "Cannot allocate parent DMA tag\n");
1335 		return;
1336 	}
1337 
1338 	/* Per-transaction data allocation. */
1339 	sc->xbd_shadow = malloc(sizeof(*sc->xbd_shadow) * sc->xbd_max_requests,
1340 	    M_XENBLOCKFRONT, M_NOWAIT|M_ZERO);
1341 	if (sc->xbd_shadow == NULL) {
1342 		bus_dma_tag_destroy(sc->xbd_io_dmat);
1343 		xenbus_dev_fatal(sc->xbd_dev, ENOMEM,
1344 		    "Cannot allocate request structures\n");
1345 		return;
1346 	}
1347 
1348 	for (i = 0; i < sc->xbd_max_requests; i++) {
1349 		struct xbd_command *cm;
1350 		void * indirectpages;
1351 
1352 		cm = &sc->xbd_shadow[i];
1353 		cm->cm_sg_refs = malloc(
1354 		    sizeof(grant_ref_t) * sc->xbd_max_request_segments,
1355 		    M_XENBLOCKFRONT, M_NOWAIT);
1356 		if (cm->cm_sg_refs == NULL)
1357 			break;
1358 		cm->cm_id = i;
1359 		cm->cm_flags = XBDCF_INITIALIZER;
1360 		cm->cm_sc = sc;
1361 		if (bus_dmamap_create(sc->xbd_io_dmat, 0, &cm->cm_map) != 0)
1362 			break;
1363 		if (sc->xbd_max_request_indirectpages > 0) {
1364 			indirectpages = contigmalloc(
1365 			    PAGE_SIZE * sc->xbd_max_request_indirectpages,
1366 			    M_XENBLOCKFRONT, M_ZERO | M_NOWAIT, 0, ~0,
1367 			    PAGE_SIZE, 0);
1368 			if (indirectpages == NULL)
1369 				sc->xbd_max_request_indirectpages = 0;
1370 		} else {
1371 			indirectpages = NULL;
1372 		}
1373 		for (j = 0; j < sc->xbd_max_request_indirectpages; j++) {
1374 			if (gnttab_grant_foreign_access(
1375 			    xenbus_get_otherend_id(sc->xbd_dev),
1376 			    (vtophys(indirectpages) >> PAGE_SHIFT) + j,
1377 			    1 /* grant read-only access */,
1378 			    &cm->cm_indirectionrefs[j]))
1379 				break;
1380 		}
1381 		if (j < sc->xbd_max_request_indirectpages) {
1382 			contigfree(indirectpages,
1383 			    PAGE_SIZE * sc->xbd_max_request_indirectpages,
1384 			    M_XENBLOCKFRONT);
1385 			break;
1386 		}
1387 		cm->cm_indirectionpages = indirectpages;
1388 		xbd_free_command(cm);
1389 	}
1390 
1391 	if (sc->xbd_disk == NULL) {
1392 		device_printf(dev, "%juMB <%s> at %s",
1393 		    (uintmax_t) sectors / (1048576 / sector_size),
1394 		    device_get_desc(dev),
1395 		    xenbus_get_node(dev));
1396 		bus_print_child_footer(device_get_parent(dev), dev);
1397 
1398 		xbd_instance_create(sc, sectors, sc->xbd_vdevice, binfo,
1399 		    sector_size, phys_sector_size);
1400 	}
1401 
1402 	(void)xenbus_set_state(dev, XenbusStateConnected);
1403 
1404 	/* Kick pending requests. */
1405 	mtx_lock(&sc->xbd_io_lock);
1406 	sc->xbd_state = XBD_STATE_CONNECTED;
1407 	xbd_startio(sc);
1408 	sc->xbd_flags |= XBDF_READY;
1409 	mtx_unlock(&sc->xbd_io_lock);
1410 }
1411 
1412 /**
1413  * Handle the change of state of the backend to Closing.  We must delete our
1414  * device-layer structures now, to ensure that writes are flushed through to
1415  * the backend.  Once this is done, we can switch to Closed in
1416  * acknowledgement.
1417  */
1418 static void
1419 xbd_closing(device_t dev)
1420 {
1421 	struct xbd_softc *sc = device_get_softc(dev);
1422 
1423 	xenbus_set_state(dev, XenbusStateClosing);
1424 
1425 	DPRINTK("xbd_closing: %s removed\n", xenbus_get_node(dev));
1426 
1427 	if (sc->xbd_disk != NULL) {
1428 		disk_destroy(sc->xbd_disk);
1429 		sc->xbd_disk = NULL;
1430 	}
1431 
1432 	xenbus_set_state(dev, XenbusStateClosed);
1433 }
1434 
1435 /*---------------------------- NewBus Entrypoints ----------------------------*/
1436 static int
1437 xbd_probe(device_t dev)
1438 {
1439 	if (strcmp(xenbus_get_type(dev), "vbd") != 0)
1440 		return (ENXIO);
1441 
1442 	if (xen_pv_disks_disabled())
1443 		return (ENXIO);
1444 
1445 	if (xen_hvm_domain()) {
1446 		int error;
1447 		char *type;
1448 
1449 		/*
1450 		 * When running in an HVM domain, IDE disk emulation is
1451 		 * disabled early in boot so that native drivers will
1452 		 * not see emulated hardware.  However, CDROM device
1453 		 * emulation cannot be disabled.
1454 		 *
1455 		 * Through use of FreeBSD's vm_guest and xen_hvm_domain()
1456 		 * APIs, we could modify the native CDROM driver to fail its
1457 		 * probe when running under Xen.  Unfortunatlely, the PV
1458 		 * CDROM support in XenServer (up through at least version
1459 		 * 6.2) isn't functional, so we instead rely on the emulated
1460 		 * CDROM instance, and fail to attach the PV one here in
1461 		 * the blkfront driver.
1462 		 */
1463 		error = xs_read(XST_NIL, xenbus_get_node(dev),
1464 		    "device-type", NULL, (void **) &type);
1465 		if (error)
1466 			return (ENXIO);
1467 
1468 		if (strncmp(type, "cdrom", 5) == 0) {
1469 			free(type, M_XENSTORE);
1470 			return (ENXIO);
1471 		}
1472 		free(type, M_XENSTORE);
1473 	}
1474 
1475 	device_set_desc(dev, "Virtual Block Device");
1476 	device_quiet(dev);
1477 	return (0);
1478 }
1479 
1480 /*
1481  * Setup supplies the backend dir, virtual device.  We place an event
1482  * channel and shared frame entries.  We watch backend to wait if it's
1483  * ok.
1484  */
1485 static int
1486 xbd_attach(device_t dev)
1487 {
1488 	struct xbd_softc *sc;
1489 	const char *name;
1490 	uint32_t vdevice;
1491 	int error;
1492 	int i;
1493 	int unit;
1494 
1495 	/* FIXME: Use dynamic device id if this is not set. */
1496 	error = xs_scanf(XST_NIL, xenbus_get_node(dev),
1497 	    "virtual-device", NULL, "%" PRIu32, &vdevice);
1498 	if (error)
1499 		error = xs_scanf(XST_NIL, xenbus_get_node(dev),
1500 		    "virtual-device-ext", NULL, "%" PRIu32, &vdevice);
1501 	if (error) {
1502 		xenbus_dev_fatal(dev, error, "reading virtual-device");
1503 		device_printf(dev, "Couldn't determine virtual device.\n");
1504 		return (error);
1505 	}
1506 
1507 	xbd_vdevice_to_unit(vdevice, &unit, &name);
1508 	if (!strcmp(name, "xbd"))
1509 		device_set_unit(dev, unit);
1510 
1511 	sc = device_get_softc(dev);
1512 	mtx_init(&sc->xbd_io_lock, "blkfront i/o lock", NULL, MTX_DEF);
1513 	xbd_initqs(sc);
1514 	for (i = 0; i < XBD_MAX_RING_PAGES; i++)
1515 		sc->xbd_ring_ref[i] = GRANT_REF_INVALID;
1516 
1517 	sc->xbd_dev = dev;
1518 	sc->xbd_vdevice = vdevice;
1519 	sc->xbd_state = XBD_STATE_DISCONNECTED;
1520 
1521 	xbd_setup_sysctl(sc);
1522 
1523 	/* Wait for backend device to publish its protocol capabilities. */
1524 	xenbus_set_state(dev, XenbusStateInitialising);
1525 
1526 	return (0);
1527 }
1528 
1529 static int
1530 xbd_detach(device_t dev)
1531 {
1532 	struct xbd_softc *sc = device_get_softc(dev);
1533 
1534 	DPRINTK("%s: %s removed\n", __func__, xenbus_get_node(dev));
1535 
1536 	xbd_free(sc);
1537 	mtx_destroy(&sc->xbd_io_lock);
1538 
1539 	return 0;
1540 }
1541 
1542 static int
1543 xbd_suspend(device_t dev)
1544 {
1545 	struct xbd_softc *sc = device_get_softc(dev);
1546 	int retval;
1547 	int saved_state;
1548 
1549 	/* Prevent new requests being issued until we fix things up. */
1550 	mtx_lock(&sc->xbd_io_lock);
1551 	saved_state = sc->xbd_state;
1552 	sc->xbd_state = XBD_STATE_SUSPENDED;
1553 
1554 	/* Wait for outstanding I/O to drain. */
1555 	retval = 0;
1556 	while (xbd_queue_length(sc, XBD_Q_BUSY) != 0) {
1557 		if (msleep(&sc->xbd_cm_q[XBD_Q_BUSY], &sc->xbd_io_lock,
1558 		    PRIBIO, "blkf_susp", 30 * hz) == EWOULDBLOCK) {
1559 			retval = EBUSY;
1560 			break;
1561 		}
1562 	}
1563 	mtx_unlock(&sc->xbd_io_lock);
1564 
1565 	if (retval != 0)
1566 		sc->xbd_state = saved_state;
1567 
1568 	return (retval);
1569 }
1570 
1571 static int
1572 xbd_resume(device_t dev)
1573 {
1574 	struct xbd_softc *sc = device_get_softc(dev);
1575 
1576 	if (xen_suspend_cancelled) {
1577 		sc->xbd_state = XBD_STATE_CONNECTED;
1578 		return (0);
1579 	}
1580 
1581 	DPRINTK("xbd_resume: %s\n", xenbus_get_node(dev));
1582 
1583 	xbd_free(sc);
1584 	xbd_initialize(sc);
1585 	return (0);
1586 }
1587 
1588 /**
1589  * Callback received when the backend's state changes.
1590  */
1591 static void
1592 xbd_backend_changed(device_t dev, XenbusState backend_state)
1593 {
1594 	struct xbd_softc *sc = device_get_softc(dev);
1595 
1596 	DPRINTK("backend_state=%d\n", backend_state);
1597 
1598 	switch (backend_state) {
1599 	case XenbusStateUnknown:
1600 	case XenbusStateInitialising:
1601 	case XenbusStateReconfigured:
1602 	case XenbusStateReconfiguring:
1603 	case XenbusStateClosed:
1604 		break;
1605 
1606 	case XenbusStateInitWait:
1607 	case XenbusStateInitialised:
1608 		xbd_initialize(sc);
1609 		break;
1610 
1611 	case XenbusStateConnected:
1612 		xbd_initialize(sc);
1613 		xbd_connect(sc);
1614 		break;
1615 
1616 	case XenbusStateClosing:
1617 		if (sc->xbd_users > 0) {
1618 			device_printf(dev, "detaching with pending users\n");
1619 			KASSERT(sc->xbd_disk != NULL,
1620 			    ("NULL disk with pending users\n"));
1621 			disk_gone(sc->xbd_disk);
1622 		} else {
1623 			xbd_closing(dev);
1624 		}
1625 		break;
1626 	}
1627 }
1628 
1629 /*---------------------------- NewBus Registration ---------------------------*/
1630 static device_method_t xbd_methods[] = {
1631 	/* Device interface */
1632 	DEVMETHOD(device_probe,         xbd_probe),
1633 	DEVMETHOD(device_attach,        xbd_attach),
1634 	DEVMETHOD(device_detach,        xbd_detach),
1635 	DEVMETHOD(device_shutdown,      bus_generic_shutdown),
1636 	DEVMETHOD(device_suspend,       xbd_suspend),
1637 	DEVMETHOD(device_resume,        xbd_resume),
1638 
1639 	/* Xenbus interface */
1640 	DEVMETHOD(xenbus_otherend_changed, xbd_backend_changed),
1641 
1642 	{ 0, 0 }
1643 };
1644 
1645 static driver_t xbd_driver = {
1646 	"xbd",
1647 	xbd_methods,
1648 	sizeof(struct xbd_softc),
1649 };
1650 devclass_t xbd_devclass;
1651 
1652 DRIVER_MODULE(xbd, xenbusb_front, xbd_driver, xbd_devclass, 0, 0);
1653