10767e98aSRoger Pau Monné /****************************************************************************** 20767e98aSRoger Pau Monné * gnttab.c 30767e98aSRoger Pau Monné * 40767e98aSRoger Pau Monné * Two sets of functionality: 50767e98aSRoger Pau Monné * 1. Granting foreign access to our memory reservation. 60767e98aSRoger Pau Monné * 2. Accessing others' memory reservations via grant references. 70767e98aSRoger Pau Monné * (i.e., mechanisms for both sender and recipient of grant references) 80767e98aSRoger Pau Monné * 90767e98aSRoger Pau Monné * Copyright (c) 2005, Christopher Clark 100767e98aSRoger Pau Monné * Copyright (c) 2004, K A Fraser 110767e98aSRoger Pau Monné */ 120767e98aSRoger Pau Monné 130767e98aSRoger Pau Monné #include <sys/cdefs.h> 140767e98aSRoger Pau Monné __FBSDID("$FreeBSD$"); 150767e98aSRoger Pau Monné 160767e98aSRoger Pau Monné #include "opt_pmap.h" 170767e98aSRoger Pau Monné 180767e98aSRoger Pau Monné #include <sys/param.h> 190767e98aSRoger Pau Monné #include <sys/systm.h> 200767e98aSRoger Pau Monné #include <sys/bus.h> 210767e98aSRoger Pau Monné #include <sys/conf.h> 220767e98aSRoger Pau Monné #include <sys/module.h> 230767e98aSRoger Pau Monné #include <sys/kernel.h> 240767e98aSRoger Pau Monné #include <sys/lock.h> 250767e98aSRoger Pau Monné #include <sys/malloc.h> 260767e98aSRoger Pau Monné #include <sys/mman.h> 270767e98aSRoger Pau Monné #include <sys/limits.h> 280767e98aSRoger Pau Monné #include <sys/rman.h> 290767e98aSRoger Pau Monné #include <machine/resource.h> 300767e98aSRoger Pau Monné 310767e98aSRoger Pau Monné #include <xen/xen-os.h> 320767e98aSRoger Pau Monné #include <xen/hypervisor.h> 330767e98aSRoger Pau Monné #include <machine/xen/synch_bitops.h> 340767e98aSRoger Pau Monné 350767e98aSRoger Pau Monné #include <xen/hypervisor.h> 360767e98aSRoger Pau Monné #include <xen/gnttab.h> 370767e98aSRoger Pau Monné 380767e98aSRoger Pau Monné #include <vm/vm.h> 390767e98aSRoger Pau Monné #include <vm/vm_kern.h> 400767e98aSRoger Pau Monné #include <vm/vm_extern.h> 410767e98aSRoger Pau Monné #include <vm/pmap.h> 420767e98aSRoger Pau Monné 430767e98aSRoger Pau Monné #define cmpxchg(a, b, c) atomic_cmpset_int((volatile u_int *)(a),(b),(c)) 440767e98aSRoger Pau Monné 450767e98aSRoger Pau Monné /* External tools reserve first few grant table entries. */ 460767e98aSRoger Pau Monné #define NR_RESERVED_ENTRIES 8 470767e98aSRoger Pau Monné #define GREFS_PER_GRANT_FRAME (PAGE_SIZE / sizeof(grant_entry_t)) 480767e98aSRoger Pau Monné 490767e98aSRoger Pau Monné static grant_ref_t **gnttab_list; 500767e98aSRoger Pau Monné static unsigned int nr_grant_frames; 510767e98aSRoger Pau Monné static unsigned int boot_max_nr_grant_frames; 520767e98aSRoger Pau Monné static int gnttab_free_count; 530767e98aSRoger Pau Monné static grant_ref_t gnttab_free_head; 540767e98aSRoger Pau Monné static struct mtx gnttab_list_lock; 550767e98aSRoger Pau Monné 560767e98aSRoger Pau Monné /* 570767e98aSRoger Pau Monné * Resource representing allocated physical address space 580767e98aSRoger Pau Monné * for the grant table metainfo 590767e98aSRoger Pau Monné */ 600767e98aSRoger Pau Monné static struct resource *gnttab_pseudo_phys_res; 610767e98aSRoger Pau Monné 620767e98aSRoger Pau Monné /* Resource id for allocated physical address space. */ 630767e98aSRoger Pau Monné static int gnttab_pseudo_phys_res_id; 640767e98aSRoger Pau Monné 650767e98aSRoger Pau Monné static grant_entry_t *shared; 660767e98aSRoger Pau Monné 670767e98aSRoger Pau Monné static struct gnttab_free_callback *gnttab_free_callback_list = NULL; 680767e98aSRoger Pau Monné 690767e98aSRoger Pau Monné static int gnttab_expand(unsigned int req_entries); 700767e98aSRoger Pau Monné 710767e98aSRoger Pau Monné #define RPP (PAGE_SIZE / sizeof(grant_ref_t)) 720767e98aSRoger Pau Monné #define gnttab_entry(entry) (gnttab_list[(entry) / RPP][(entry) % RPP]) 730767e98aSRoger Pau Monné 740767e98aSRoger Pau Monné static int 750767e98aSRoger Pau Monné get_free_entries(int count, int *entries) 760767e98aSRoger Pau Monné { 770767e98aSRoger Pau Monné int ref, error; 780767e98aSRoger Pau Monné grant_ref_t head; 790767e98aSRoger Pau Monné 800767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 810767e98aSRoger Pau Monné if ((gnttab_free_count < count) && 820767e98aSRoger Pau Monné ((error = gnttab_expand(count - gnttab_free_count)) != 0)) { 830767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 840767e98aSRoger Pau Monné return (error); 850767e98aSRoger Pau Monné } 860767e98aSRoger Pau Monné ref = head = gnttab_free_head; 870767e98aSRoger Pau Monné gnttab_free_count -= count; 880767e98aSRoger Pau Monné while (count-- > 1) 890767e98aSRoger Pau Monné head = gnttab_entry(head); 900767e98aSRoger Pau Monné gnttab_free_head = gnttab_entry(head); 910767e98aSRoger Pau Monné gnttab_entry(head) = GNTTAB_LIST_END; 920767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 930767e98aSRoger Pau Monné 940767e98aSRoger Pau Monné *entries = ref; 950767e98aSRoger Pau Monné return (0); 960767e98aSRoger Pau Monné } 970767e98aSRoger Pau Monné 980767e98aSRoger Pau Monné static void 990767e98aSRoger Pau Monné do_free_callbacks(void) 1000767e98aSRoger Pau Monné { 1010767e98aSRoger Pau Monné struct gnttab_free_callback *callback, *next; 1020767e98aSRoger Pau Monné 1030767e98aSRoger Pau Monné callback = gnttab_free_callback_list; 1040767e98aSRoger Pau Monné gnttab_free_callback_list = NULL; 1050767e98aSRoger Pau Monné 1060767e98aSRoger Pau Monné while (callback != NULL) { 1070767e98aSRoger Pau Monné next = callback->next; 1080767e98aSRoger Pau Monné if (gnttab_free_count >= callback->count) { 1090767e98aSRoger Pau Monné callback->next = NULL; 1100767e98aSRoger Pau Monné callback->fn(callback->arg); 1110767e98aSRoger Pau Monné } else { 1120767e98aSRoger Pau Monné callback->next = gnttab_free_callback_list; 1130767e98aSRoger Pau Monné gnttab_free_callback_list = callback; 1140767e98aSRoger Pau Monné } 1150767e98aSRoger Pau Monné callback = next; 1160767e98aSRoger Pau Monné } 1170767e98aSRoger Pau Monné } 1180767e98aSRoger Pau Monné 1190767e98aSRoger Pau Monné static inline void 1200767e98aSRoger Pau Monné check_free_callbacks(void) 1210767e98aSRoger Pau Monné { 1220767e98aSRoger Pau Monné if (__predict_false(gnttab_free_callback_list != NULL)) 1230767e98aSRoger Pau Monné do_free_callbacks(); 1240767e98aSRoger Pau Monné } 1250767e98aSRoger Pau Monné 1260767e98aSRoger Pau Monné static void 1270767e98aSRoger Pau Monné put_free_entry(grant_ref_t ref) 1280767e98aSRoger Pau Monné { 1290767e98aSRoger Pau Monné 1300767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 1310767e98aSRoger Pau Monné gnttab_entry(ref) = gnttab_free_head; 1320767e98aSRoger Pau Monné gnttab_free_head = ref; 1330767e98aSRoger Pau Monné gnttab_free_count++; 1340767e98aSRoger Pau Monné check_free_callbacks(); 1350767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 1360767e98aSRoger Pau Monné } 1370767e98aSRoger Pau Monné 1380767e98aSRoger Pau Monné /* 1390767e98aSRoger Pau Monné * Public grant-issuing interface functions 1400767e98aSRoger Pau Monné */ 1410767e98aSRoger Pau Monné 1420767e98aSRoger Pau Monné int 1430767e98aSRoger Pau Monné gnttab_grant_foreign_access(domid_t domid, unsigned long frame, int readonly, 1440767e98aSRoger Pau Monné grant_ref_t *result) 1450767e98aSRoger Pau Monné { 1460767e98aSRoger Pau Monné int error, ref; 1470767e98aSRoger Pau Monné 1480767e98aSRoger Pau Monné error = get_free_entries(1, &ref); 1490767e98aSRoger Pau Monné 1500767e98aSRoger Pau Monné if (__predict_false(error)) 1510767e98aSRoger Pau Monné return (error); 1520767e98aSRoger Pau Monné 1530767e98aSRoger Pau Monné shared[ref].frame = frame; 1540767e98aSRoger Pau Monné shared[ref].domid = domid; 1550767e98aSRoger Pau Monné wmb(); 1560767e98aSRoger Pau Monné shared[ref].flags = GTF_permit_access | (readonly ? GTF_readonly : 0); 1570767e98aSRoger Pau Monné 1580767e98aSRoger Pau Monné if (result) 1590767e98aSRoger Pau Monné *result = ref; 1600767e98aSRoger Pau Monné 1610767e98aSRoger Pau Monné return (0); 1620767e98aSRoger Pau Monné } 1630767e98aSRoger Pau Monné 1640767e98aSRoger Pau Monné void 1650767e98aSRoger Pau Monné gnttab_grant_foreign_access_ref(grant_ref_t ref, domid_t domid, 1660767e98aSRoger Pau Monné unsigned long frame, int readonly) 1670767e98aSRoger Pau Monné { 1680767e98aSRoger Pau Monné 1690767e98aSRoger Pau Monné shared[ref].frame = frame; 1700767e98aSRoger Pau Monné shared[ref].domid = domid; 1710767e98aSRoger Pau Monné wmb(); 1720767e98aSRoger Pau Monné shared[ref].flags = GTF_permit_access | (readonly ? GTF_readonly : 0); 1730767e98aSRoger Pau Monné } 1740767e98aSRoger Pau Monné 1750767e98aSRoger Pau Monné int 1760767e98aSRoger Pau Monné gnttab_query_foreign_access(grant_ref_t ref) 1770767e98aSRoger Pau Monné { 1780767e98aSRoger Pau Monné uint16_t nflags; 1790767e98aSRoger Pau Monné 1800767e98aSRoger Pau Monné nflags = shared[ref].flags; 1810767e98aSRoger Pau Monné 1820767e98aSRoger Pau Monné return (nflags & (GTF_reading|GTF_writing)); 1830767e98aSRoger Pau Monné } 1840767e98aSRoger Pau Monné 1850767e98aSRoger Pau Monné int 1860767e98aSRoger Pau Monné gnttab_end_foreign_access_ref(grant_ref_t ref) 1870767e98aSRoger Pau Monné { 1880767e98aSRoger Pau Monné uint16_t flags, nflags; 1890767e98aSRoger Pau Monné 1900767e98aSRoger Pau Monné nflags = shared[ref].flags; 1910767e98aSRoger Pau Monné do { 1920767e98aSRoger Pau Monné if ( (flags = nflags) & (GTF_reading|GTF_writing) ) { 1930767e98aSRoger Pau Monné printf("%s: WARNING: g.e. still in use!\n", __func__); 1940767e98aSRoger Pau Monné return (0); 1950767e98aSRoger Pau Monné } 1960767e98aSRoger Pau Monné } while ((nflags = synch_cmpxchg(&shared[ref].flags, flags, 0)) != 1970767e98aSRoger Pau Monné flags); 1980767e98aSRoger Pau Monné 1990767e98aSRoger Pau Monné return (1); 2000767e98aSRoger Pau Monné } 2010767e98aSRoger Pau Monné 2020767e98aSRoger Pau Monné void 2030767e98aSRoger Pau Monné gnttab_end_foreign_access(grant_ref_t ref, void *page) 2040767e98aSRoger Pau Monné { 2050767e98aSRoger Pau Monné if (gnttab_end_foreign_access_ref(ref)) { 2060767e98aSRoger Pau Monné put_free_entry(ref); 2070767e98aSRoger Pau Monné if (page != NULL) { 2080767e98aSRoger Pau Monné free(page, M_DEVBUF); 2090767e98aSRoger Pau Monné } 2100767e98aSRoger Pau Monné } 2110767e98aSRoger Pau Monné else { 2120767e98aSRoger Pau Monné /* XXX This needs to be fixed so that the ref and page are 2130767e98aSRoger Pau Monné placed on a list to be freed up later. */ 2140767e98aSRoger Pau Monné printf("%s: WARNING: leaking g.e. and page still in use!\n", 2150767e98aSRoger Pau Monné __func__); 2160767e98aSRoger Pau Monné } 2170767e98aSRoger Pau Monné } 2180767e98aSRoger Pau Monné 2190767e98aSRoger Pau Monné void 2200767e98aSRoger Pau Monné gnttab_end_foreign_access_references(u_int count, grant_ref_t *refs) 2210767e98aSRoger Pau Monné { 2220767e98aSRoger Pau Monné grant_ref_t *last_ref; 2230767e98aSRoger Pau Monné grant_ref_t head; 2240767e98aSRoger Pau Monné grant_ref_t tail; 2250767e98aSRoger Pau Monné 2260767e98aSRoger Pau Monné head = GNTTAB_LIST_END; 2270767e98aSRoger Pau Monné tail = *refs; 2280767e98aSRoger Pau Monné last_ref = refs + count; 2290767e98aSRoger Pau Monné while (refs != last_ref) { 2300767e98aSRoger Pau Monné 2310767e98aSRoger Pau Monné if (gnttab_end_foreign_access_ref(*refs)) { 2320767e98aSRoger Pau Monné gnttab_entry(*refs) = head; 2330767e98aSRoger Pau Monné head = *refs; 2340767e98aSRoger Pau Monné } else { 2350767e98aSRoger Pau Monné /* 2360767e98aSRoger Pau Monné * XXX This needs to be fixed so that the ref 2370767e98aSRoger Pau Monné * is placed on a list to be freed up later. 2380767e98aSRoger Pau Monné */ 2390767e98aSRoger Pau Monné printf("%s: WARNING: leaking g.e. still in use!\n", 2400767e98aSRoger Pau Monné __func__); 2410767e98aSRoger Pau Monné count--; 2420767e98aSRoger Pau Monné } 2430767e98aSRoger Pau Monné refs++; 2440767e98aSRoger Pau Monné } 2450767e98aSRoger Pau Monné 2460767e98aSRoger Pau Monné if (count != 0) { 2470767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 2480767e98aSRoger Pau Monné gnttab_free_count += count; 2490767e98aSRoger Pau Monné gnttab_entry(tail) = gnttab_free_head; 2500767e98aSRoger Pau Monné gnttab_free_head = head; 2510767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 2520767e98aSRoger Pau Monné } 2530767e98aSRoger Pau Monné } 2540767e98aSRoger Pau Monné 2550767e98aSRoger Pau Monné int 2560767e98aSRoger Pau Monné gnttab_grant_foreign_transfer(domid_t domid, unsigned long pfn, 2570767e98aSRoger Pau Monné grant_ref_t *result) 2580767e98aSRoger Pau Monné { 2590767e98aSRoger Pau Monné int error, ref; 2600767e98aSRoger Pau Monné 2610767e98aSRoger Pau Monné error = get_free_entries(1, &ref); 2620767e98aSRoger Pau Monné if (__predict_false(error)) 2630767e98aSRoger Pau Monné return (error); 2640767e98aSRoger Pau Monné 2650767e98aSRoger Pau Monné gnttab_grant_foreign_transfer_ref(ref, domid, pfn); 2660767e98aSRoger Pau Monné 2670767e98aSRoger Pau Monné *result = ref; 2680767e98aSRoger Pau Monné return (0); 2690767e98aSRoger Pau Monné } 2700767e98aSRoger Pau Monné 2710767e98aSRoger Pau Monné void 2720767e98aSRoger Pau Monné gnttab_grant_foreign_transfer_ref(grant_ref_t ref, domid_t domid, 2730767e98aSRoger Pau Monné unsigned long pfn) 2740767e98aSRoger Pau Monné { 2750767e98aSRoger Pau Monné shared[ref].frame = pfn; 2760767e98aSRoger Pau Monné shared[ref].domid = domid; 2770767e98aSRoger Pau Monné wmb(); 2780767e98aSRoger Pau Monné shared[ref].flags = GTF_accept_transfer; 2790767e98aSRoger Pau Monné } 2800767e98aSRoger Pau Monné 2810767e98aSRoger Pau Monné unsigned long 2820767e98aSRoger Pau Monné gnttab_end_foreign_transfer_ref(grant_ref_t ref) 2830767e98aSRoger Pau Monné { 2840767e98aSRoger Pau Monné unsigned long frame; 2850767e98aSRoger Pau Monné uint16_t flags; 2860767e98aSRoger Pau Monné 2870767e98aSRoger Pau Monné /* 2880767e98aSRoger Pau Monné * If a transfer is not even yet started, try to reclaim the grant 2890767e98aSRoger Pau Monné * reference and return failure (== 0). 2900767e98aSRoger Pau Monné */ 2910767e98aSRoger Pau Monné while (!((flags = shared[ref].flags) & GTF_transfer_committed)) { 2920767e98aSRoger Pau Monné if ( synch_cmpxchg(&shared[ref].flags, flags, 0) == flags ) 2930767e98aSRoger Pau Monné return (0); 2940767e98aSRoger Pau Monné cpu_relax(); 2950767e98aSRoger Pau Monné } 2960767e98aSRoger Pau Monné 2970767e98aSRoger Pau Monné /* If a transfer is in progress then wait until it is completed. */ 2980767e98aSRoger Pau Monné while (!(flags & GTF_transfer_completed)) { 2990767e98aSRoger Pau Monné flags = shared[ref].flags; 3000767e98aSRoger Pau Monné cpu_relax(); 3010767e98aSRoger Pau Monné } 3020767e98aSRoger Pau Monné 3030767e98aSRoger Pau Monné /* Read the frame number /after/ reading completion status. */ 3040767e98aSRoger Pau Monné rmb(); 3050767e98aSRoger Pau Monné frame = shared[ref].frame; 3060767e98aSRoger Pau Monné KASSERT(frame != 0, ("grant table inconsistent")); 3070767e98aSRoger Pau Monné 3080767e98aSRoger Pau Monné return (frame); 3090767e98aSRoger Pau Monné } 3100767e98aSRoger Pau Monné 3110767e98aSRoger Pau Monné unsigned long 3120767e98aSRoger Pau Monné gnttab_end_foreign_transfer(grant_ref_t ref) 3130767e98aSRoger Pau Monné { 3140767e98aSRoger Pau Monné unsigned long frame = gnttab_end_foreign_transfer_ref(ref); 3150767e98aSRoger Pau Monné 3160767e98aSRoger Pau Monné put_free_entry(ref); 3170767e98aSRoger Pau Monné return (frame); 3180767e98aSRoger Pau Monné } 3190767e98aSRoger Pau Monné 3200767e98aSRoger Pau Monné void 3210767e98aSRoger Pau Monné gnttab_free_grant_reference(grant_ref_t ref) 3220767e98aSRoger Pau Monné { 3230767e98aSRoger Pau Monné 3240767e98aSRoger Pau Monné put_free_entry(ref); 3250767e98aSRoger Pau Monné } 3260767e98aSRoger Pau Monné 3270767e98aSRoger Pau Monné void 3280767e98aSRoger Pau Monné gnttab_free_grant_references(grant_ref_t head) 3290767e98aSRoger Pau Monné { 3300767e98aSRoger Pau Monné grant_ref_t ref; 3310767e98aSRoger Pau Monné int count = 1; 3320767e98aSRoger Pau Monné 3330767e98aSRoger Pau Monné if (head == GNTTAB_LIST_END) 3340767e98aSRoger Pau Monné return; 3350767e98aSRoger Pau Monné 3360767e98aSRoger Pau Monné ref = head; 3370767e98aSRoger Pau Monné while (gnttab_entry(ref) != GNTTAB_LIST_END) { 3380767e98aSRoger Pau Monné ref = gnttab_entry(ref); 3390767e98aSRoger Pau Monné count++; 3400767e98aSRoger Pau Monné } 3410767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 3420767e98aSRoger Pau Monné gnttab_entry(ref) = gnttab_free_head; 3430767e98aSRoger Pau Monné gnttab_free_head = head; 3440767e98aSRoger Pau Monné gnttab_free_count += count; 3450767e98aSRoger Pau Monné check_free_callbacks(); 3460767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 3470767e98aSRoger Pau Monné } 3480767e98aSRoger Pau Monné 3490767e98aSRoger Pau Monné int 3500767e98aSRoger Pau Monné gnttab_alloc_grant_references(uint16_t count, grant_ref_t *head) 3510767e98aSRoger Pau Monné { 3520767e98aSRoger Pau Monné int ref, error; 3530767e98aSRoger Pau Monné 3540767e98aSRoger Pau Monné error = get_free_entries(count, &ref); 3550767e98aSRoger Pau Monné if (__predict_false(error)) 3560767e98aSRoger Pau Monné return (error); 3570767e98aSRoger Pau Monné 3580767e98aSRoger Pau Monné *head = ref; 3590767e98aSRoger Pau Monné return (0); 3600767e98aSRoger Pau Monné } 3610767e98aSRoger Pau Monné 3620767e98aSRoger Pau Monné int 3630767e98aSRoger Pau Monné gnttab_empty_grant_references(const grant_ref_t *private_head) 3640767e98aSRoger Pau Monné { 3650767e98aSRoger Pau Monné 3660767e98aSRoger Pau Monné return (*private_head == GNTTAB_LIST_END); 3670767e98aSRoger Pau Monné } 3680767e98aSRoger Pau Monné 3690767e98aSRoger Pau Monné int 3700767e98aSRoger Pau Monné gnttab_claim_grant_reference(grant_ref_t *private_head) 3710767e98aSRoger Pau Monné { 3720767e98aSRoger Pau Monné grant_ref_t g = *private_head; 3730767e98aSRoger Pau Monné 3740767e98aSRoger Pau Monné if (__predict_false(g == GNTTAB_LIST_END)) 3750767e98aSRoger Pau Monné return (g); 3760767e98aSRoger Pau Monné *private_head = gnttab_entry(g); 3770767e98aSRoger Pau Monné return (g); 3780767e98aSRoger Pau Monné } 3790767e98aSRoger Pau Monné 3800767e98aSRoger Pau Monné void 3810767e98aSRoger Pau Monné gnttab_release_grant_reference(grant_ref_t *private_head, grant_ref_t release) 3820767e98aSRoger Pau Monné { 3830767e98aSRoger Pau Monné 3840767e98aSRoger Pau Monné gnttab_entry(release) = *private_head; 3850767e98aSRoger Pau Monné *private_head = release; 3860767e98aSRoger Pau Monné } 3870767e98aSRoger Pau Monné 3880767e98aSRoger Pau Monné void 3890767e98aSRoger Pau Monné gnttab_request_free_callback(struct gnttab_free_callback *callback, 3900767e98aSRoger Pau Monné void (*fn)(void *), void *arg, uint16_t count) 3910767e98aSRoger Pau Monné { 3920767e98aSRoger Pau Monné 3930767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 3940767e98aSRoger Pau Monné if (callback->next) 3950767e98aSRoger Pau Monné goto out; 3960767e98aSRoger Pau Monné callback->fn = fn; 3970767e98aSRoger Pau Monné callback->arg = arg; 3980767e98aSRoger Pau Monné callback->count = count; 3990767e98aSRoger Pau Monné callback->next = gnttab_free_callback_list; 4000767e98aSRoger Pau Monné gnttab_free_callback_list = callback; 4010767e98aSRoger Pau Monné check_free_callbacks(); 4020767e98aSRoger Pau Monné out: 4030767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 4040767e98aSRoger Pau Monné 4050767e98aSRoger Pau Monné } 4060767e98aSRoger Pau Monné 4070767e98aSRoger Pau Monné void 4080767e98aSRoger Pau Monné gnttab_cancel_free_callback(struct gnttab_free_callback *callback) 4090767e98aSRoger Pau Monné { 4100767e98aSRoger Pau Monné struct gnttab_free_callback **pcb; 4110767e98aSRoger Pau Monné 4120767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 4130767e98aSRoger Pau Monné for (pcb = &gnttab_free_callback_list; *pcb; pcb = &(*pcb)->next) { 4140767e98aSRoger Pau Monné if (*pcb == callback) { 4150767e98aSRoger Pau Monné *pcb = callback->next; 4160767e98aSRoger Pau Monné break; 4170767e98aSRoger Pau Monné } 4180767e98aSRoger Pau Monné } 4190767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 4200767e98aSRoger Pau Monné } 4210767e98aSRoger Pau Monné 4220767e98aSRoger Pau Monné 4230767e98aSRoger Pau Monné static int 4240767e98aSRoger Pau Monné grow_gnttab_list(unsigned int more_frames) 4250767e98aSRoger Pau Monné { 4260767e98aSRoger Pau Monné unsigned int new_nr_grant_frames, extra_entries, i; 4270767e98aSRoger Pau Monné 4280767e98aSRoger Pau Monné new_nr_grant_frames = nr_grant_frames + more_frames; 4290767e98aSRoger Pau Monné extra_entries = more_frames * GREFS_PER_GRANT_FRAME; 4300767e98aSRoger Pau Monné 4310767e98aSRoger Pau Monné for (i = nr_grant_frames; i < new_nr_grant_frames; i++) 4320767e98aSRoger Pau Monné { 4330767e98aSRoger Pau Monné gnttab_list[i] = (grant_ref_t *) 4340767e98aSRoger Pau Monné malloc(PAGE_SIZE, M_DEVBUF, M_NOWAIT); 4350767e98aSRoger Pau Monné 4360767e98aSRoger Pau Monné if (!gnttab_list[i]) 4370767e98aSRoger Pau Monné goto grow_nomem; 4380767e98aSRoger Pau Monné } 4390767e98aSRoger Pau Monné 4400767e98aSRoger Pau Monné for (i = GREFS_PER_GRANT_FRAME * nr_grant_frames; 4410767e98aSRoger Pau Monné i < GREFS_PER_GRANT_FRAME * new_nr_grant_frames - 1; i++) 4420767e98aSRoger Pau Monné gnttab_entry(i) = i + 1; 4430767e98aSRoger Pau Monné 4440767e98aSRoger Pau Monné gnttab_entry(i) = gnttab_free_head; 4450767e98aSRoger Pau Monné gnttab_free_head = GREFS_PER_GRANT_FRAME * nr_grant_frames; 4460767e98aSRoger Pau Monné gnttab_free_count += extra_entries; 4470767e98aSRoger Pau Monné 4480767e98aSRoger Pau Monné nr_grant_frames = new_nr_grant_frames; 4490767e98aSRoger Pau Monné 4500767e98aSRoger Pau Monné check_free_callbacks(); 4510767e98aSRoger Pau Monné 4520767e98aSRoger Pau Monné return (0); 4530767e98aSRoger Pau Monné 4540767e98aSRoger Pau Monné grow_nomem: 4550767e98aSRoger Pau Monné for ( ; i >= nr_grant_frames; i--) 4560767e98aSRoger Pau Monné free(gnttab_list[i], M_DEVBUF); 4570767e98aSRoger Pau Monné return (ENOMEM); 4580767e98aSRoger Pau Monné } 4590767e98aSRoger Pau Monné 4600767e98aSRoger Pau Monné static unsigned int 4610767e98aSRoger Pau Monné __max_nr_grant_frames(void) 4620767e98aSRoger Pau Monné { 4630767e98aSRoger Pau Monné struct gnttab_query_size query; 4640767e98aSRoger Pau Monné int rc; 4650767e98aSRoger Pau Monné 4660767e98aSRoger Pau Monné query.dom = DOMID_SELF; 4670767e98aSRoger Pau Monné 4680767e98aSRoger Pau Monné rc = HYPERVISOR_grant_table_op(GNTTABOP_query_size, &query, 1); 4690767e98aSRoger Pau Monné if ((rc < 0) || (query.status != GNTST_okay)) 4700767e98aSRoger Pau Monné return (4); /* Legacy max supported number of frames */ 4710767e98aSRoger Pau Monné 4720767e98aSRoger Pau Monné return (query.max_nr_frames); 4730767e98aSRoger Pau Monné } 4740767e98aSRoger Pau Monné 4750767e98aSRoger Pau Monné static inline 4760767e98aSRoger Pau Monné unsigned int max_nr_grant_frames(void) 4770767e98aSRoger Pau Monné { 4780767e98aSRoger Pau Monné unsigned int xen_max = __max_nr_grant_frames(); 4790767e98aSRoger Pau Monné 4800767e98aSRoger Pau Monné if (xen_max > boot_max_nr_grant_frames) 4810767e98aSRoger Pau Monné return (boot_max_nr_grant_frames); 4820767e98aSRoger Pau Monné return (xen_max); 4830767e98aSRoger Pau Monné } 4840767e98aSRoger Pau Monné 4850767e98aSRoger Pau Monné #ifdef notyet 4860767e98aSRoger Pau Monné /* 4870767e98aSRoger Pau Monné * XXX needed for backend support 4880767e98aSRoger Pau Monné * 4890767e98aSRoger Pau Monné */ 4900767e98aSRoger Pau Monné static int 4910767e98aSRoger Pau Monné map_pte_fn(pte_t *pte, struct page *pmd_page, 4920767e98aSRoger Pau Monné unsigned long addr, void *data) 4930767e98aSRoger Pau Monné { 4940767e98aSRoger Pau Monné unsigned long **frames = (unsigned long **)data; 4950767e98aSRoger Pau Monné 4960767e98aSRoger Pau Monné set_pte_at(&init_mm, addr, pte, pfn_pte_ma((*frames)[0], PAGE_KERNEL)); 4970767e98aSRoger Pau Monné (*frames)++; 4980767e98aSRoger Pau Monné return 0; 4990767e98aSRoger Pau Monné } 5000767e98aSRoger Pau Monné 5010767e98aSRoger Pau Monné static int 5020767e98aSRoger Pau Monné unmap_pte_fn(pte_t *pte, struct page *pmd_page, 5030767e98aSRoger Pau Monné unsigned long addr, void *data) 5040767e98aSRoger Pau Monné { 5050767e98aSRoger Pau Monné 5060767e98aSRoger Pau Monné set_pte_at(&init_mm, addr, pte, __pte(0)); 5070767e98aSRoger Pau Monné return 0; 5080767e98aSRoger Pau Monné } 5090767e98aSRoger Pau Monné #endif 5100767e98aSRoger Pau Monné 5110767e98aSRoger Pau Monné static vm_paddr_t resume_frames; 5120767e98aSRoger Pau Monné 5130767e98aSRoger Pau Monné static int 5140767e98aSRoger Pau Monné gnttab_map(unsigned int start_idx, unsigned int end_idx) 5150767e98aSRoger Pau Monné { 5160767e98aSRoger Pau Monné struct xen_add_to_physmap xatp; 5170767e98aSRoger Pau Monné unsigned int i = end_idx; 5180767e98aSRoger Pau Monné 5190767e98aSRoger Pau Monné /* 5200767e98aSRoger Pau Monné * Loop backwards, so that the first hypercall has the largest index, 5210767e98aSRoger Pau Monné * ensuring that the table will grow only once. 5220767e98aSRoger Pau Monné */ 5230767e98aSRoger Pau Monné do { 5240767e98aSRoger Pau Monné xatp.domid = DOMID_SELF; 5250767e98aSRoger Pau Monné xatp.idx = i; 5260767e98aSRoger Pau Monné xatp.space = XENMAPSPACE_grant_table; 5270767e98aSRoger Pau Monné xatp.gpfn = (resume_frames >> PAGE_SHIFT) + i; 5280767e98aSRoger Pau Monné if (HYPERVISOR_memory_op(XENMEM_add_to_physmap, &xatp)) 5290767e98aSRoger Pau Monné panic("HYPERVISOR_memory_op failed to map gnttab"); 5300767e98aSRoger Pau Monné } while (i-- > start_idx); 5310767e98aSRoger Pau Monné 5320767e98aSRoger Pau Monné if (shared == NULL) { 5330767e98aSRoger Pau Monné vm_offset_t area; 5340767e98aSRoger Pau Monné 5350767e98aSRoger Pau Monné area = kva_alloc(PAGE_SIZE * max_nr_grant_frames()); 5360767e98aSRoger Pau Monné KASSERT(area, ("can't allocate VM space for grant table")); 5370767e98aSRoger Pau Monné shared = (grant_entry_t *)area; 5380767e98aSRoger Pau Monné } 5390767e98aSRoger Pau Monné 5400767e98aSRoger Pau Monné for (i = start_idx; i <= end_idx; i++) { 5410767e98aSRoger Pau Monné pmap_kenter((vm_offset_t) shared + i * PAGE_SIZE, 5420767e98aSRoger Pau Monné resume_frames + i * PAGE_SIZE); 5430767e98aSRoger Pau Monné } 5440767e98aSRoger Pau Monné 5450767e98aSRoger Pau Monné return (0); 5460767e98aSRoger Pau Monné } 5470767e98aSRoger Pau Monné 5480767e98aSRoger Pau Monné int 5490767e98aSRoger Pau Monné gnttab_resume(device_t dev) 5500767e98aSRoger Pau Monné { 5510767e98aSRoger Pau Monné unsigned int max_nr_gframes, nr_gframes; 5520767e98aSRoger Pau Monné 5530767e98aSRoger Pau Monné nr_gframes = nr_grant_frames; 5540767e98aSRoger Pau Monné max_nr_gframes = max_nr_grant_frames(); 5550767e98aSRoger Pau Monné if (max_nr_gframes < nr_gframes) 5560767e98aSRoger Pau Monné return (ENOSYS); 5570767e98aSRoger Pau Monné 5580767e98aSRoger Pau Monné if (!resume_frames) { 5590767e98aSRoger Pau Monné KASSERT(dev != NULL, 5600767e98aSRoger Pau Monné ("No resume frames and no device provided")); 5610767e98aSRoger Pau Monné 562*0df8b29dSRoger Pau Monné gnttab_pseudo_phys_res = xenmem_alloc(dev, 563*0df8b29dSRoger Pau Monné &gnttab_pseudo_phys_res_id, PAGE_SIZE * max_nr_gframes); 5640767e98aSRoger Pau Monné if (gnttab_pseudo_phys_res == NULL) 5650767e98aSRoger Pau Monné panic("Unable to reserve physical memory for gnttab"); 5660767e98aSRoger Pau Monné resume_frames = rman_get_start(gnttab_pseudo_phys_res); 5670767e98aSRoger Pau Monné } 5680767e98aSRoger Pau Monné 5690767e98aSRoger Pau Monné return (gnttab_map(0, nr_gframes - 1)); 5700767e98aSRoger Pau Monné } 5710767e98aSRoger Pau Monné 5720767e98aSRoger Pau Monné static int 5730767e98aSRoger Pau Monné gnttab_expand(unsigned int req_entries) 5740767e98aSRoger Pau Monné { 5750767e98aSRoger Pau Monné int error; 5760767e98aSRoger Pau Monné unsigned int cur, extra; 5770767e98aSRoger Pau Monné 5780767e98aSRoger Pau Monné cur = nr_grant_frames; 5790767e98aSRoger Pau Monné extra = ((req_entries + (GREFS_PER_GRANT_FRAME-1)) / 5800767e98aSRoger Pau Monné GREFS_PER_GRANT_FRAME); 5810767e98aSRoger Pau Monné if (cur + extra > max_nr_grant_frames()) 5820767e98aSRoger Pau Monné return (ENOSPC); 5830767e98aSRoger Pau Monné 5840767e98aSRoger Pau Monné error = gnttab_map(cur, cur + extra - 1); 5850767e98aSRoger Pau Monné if (!error) 5860767e98aSRoger Pau Monné error = grow_gnttab_list(extra); 5870767e98aSRoger Pau Monné 5880767e98aSRoger Pau Monné return (error); 5890767e98aSRoger Pau Monné } 5900767e98aSRoger Pau Monné 5911093cd82SRoger Pau Monné MTX_SYSINIT(gnttab, &gnttab_list_lock, "GNTTAB LOCK", MTX_DEF); 5921093cd82SRoger Pau Monné 5931093cd82SRoger Pau Monné /*------------------ Private Device Attachment Functions --------------------*/ 5941093cd82SRoger Pau Monné /** 5951093cd82SRoger Pau Monné * \brief Identify instances of this device type in the system. 5961093cd82SRoger Pau Monné * 5971093cd82SRoger Pau Monné * \param driver The driver performing this identify action. 5981093cd82SRoger Pau Monné * \param parent The NewBus parent device for any devices this method adds. 5991093cd82SRoger Pau Monné */ 6001093cd82SRoger Pau Monné static void 6011093cd82SRoger Pau Monné granttable_identify(driver_t *driver __unused, device_t parent) 6021093cd82SRoger Pau Monné { 6031093cd82SRoger Pau Monné 6041093cd82SRoger Pau Monné KASSERT(xen_domain(), 6051093cd82SRoger Pau Monné ("Trying to attach grant-table device on non Xen domain")); 6061093cd82SRoger Pau Monné /* 6071093cd82SRoger Pau Monné * A single device instance for our driver is always present 6081093cd82SRoger Pau Monné * in a system operating under Xen. 6091093cd82SRoger Pau Monné */ 6101093cd82SRoger Pau Monné if (BUS_ADD_CHILD(parent, 0, driver->name, 0) == NULL) 6111093cd82SRoger Pau Monné panic("unable to attach Xen Grant-table device"); 6121093cd82SRoger Pau Monné } 6131093cd82SRoger Pau Monné 6141093cd82SRoger Pau Monné /** 6151093cd82SRoger Pau Monné * \brief Probe for the existence of the Xen Grant-table device 6161093cd82SRoger Pau Monné * 6171093cd82SRoger Pau Monné * \param dev NewBus device_t for this instance. 6181093cd82SRoger Pau Monné * 6191093cd82SRoger Pau Monné * \return Always returns 0 indicating success. 6201093cd82SRoger Pau Monné */ 6211093cd82SRoger Pau Monné static int 6221093cd82SRoger Pau Monné granttable_probe(device_t dev) 6231093cd82SRoger Pau Monné { 6241093cd82SRoger Pau Monné 6251093cd82SRoger Pau Monné device_set_desc(dev, "Xen Grant-table Device"); 6261093cd82SRoger Pau Monné return (BUS_PROBE_NOWILDCARD); 6271093cd82SRoger Pau Monné } 6281093cd82SRoger Pau Monné 6291093cd82SRoger Pau Monné /** 6301093cd82SRoger Pau Monné * \brief Attach the Xen Grant-table device. 6311093cd82SRoger Pau Monné * 6321093cd82SRoger Pau Monné * \param dev NewBus device_t for this instance. 6331093cd82SRoger Pau Monné * 6341093cd82SRoger Pau Monné * \return On success, 0. Otherwise an errno value indicating the 6351093cd82SRoger Pau Monné * type of failure. 6361093cd82SRoger Pau Monné */ 6371093cd82SRoger Pau Monné static int 6381093cd82SRoger Pau Monné granttable_attach(device_t dev) 6390767e98aSRoger Pau Monné { 6400767e98aSRoger Pau Monné int i; 6410767e98aSRoger Pau Monné unsigned int max_nr_glist_frames; 6420767e98aSRoger Pau Monné unsigned int nr_init_grefs; 6430767e98aSRoger Pau Monné 6440767e98aSRoger Pau Monné nr_grant_frames = 1; 6450767e98aSRoger Pau Monné boot_max_nr_grant_frames = __max_nr_grant_frames(); 6460767e98aSRoger Pau Monné 6470767e98aSRoger Pau Monné /* Determine the maximum number of frames required for the 6480767e98aSRoger Pau Monné * grant reference free list on the current hypervisor. 6490767e98aSRoger Pau Monné */ 6500767e98aSRoger Pau Monné max_nr_glist_frames = (boot_max_nr_grant_frames * 6510767e98aSRoger Pau Monné GREFS_PER_GRANT_FRAME / 6520767e98aSRoger Pau Monné (PAGE_SIZE / sizeof(grant_ref_t))); 6530767e98aSRoger Pau Monné 6540767e98aSRoger Pau Monné gnttab_list = malloc(max_nr_glist_frames * sizeof(grant_ref_t *), 6550767e98aSRoger Pau Monné M_DEVBUF, M_NOWAIT); 6560767e98aSRoger Pau Monné 6570767e98aSRoger Pau Monné if (gnttab_list == NULL) 6580767e98aSRoger Pau Monné return (ENOMEM); 6590767e98aSRoger Pau Monné 6600767e98aSRoger Pau Monné for (i = 0; i < nr_grant_frames; i++) { 6610767e98aSRoger Pau Monné gnttab_list[i] = (grant_ref_t *) 6620767e98aSRoger Pau Monné malloc(PAGE_SIZE, M_DEVBUF, M_NOWAIT); 6630767e98aSRoger Pau Monné if (gnttab_list[i] == NULL) 6640767e98aSRoger Pau Monné goto ini_nomem; 6650767e98aSRoger Pau Monné } 6660767e98aSRoger Pau Monné 6670767e98aSRoger Pau Monné if (gnttab_resume(dev)) 6680767e98aSRoger Pau Monné return (ENODEV); 6690767e98aSRoger Pau Monné 6700767e98aSRoger Pau Monné nr_init_grefs = nr_grant_frames * GREFS_PER_GRANT_FRAME; 6710767e98aSRoger Pau Monné 6720767e98aSRoger Pau Monné for (i = NR_RESERVED_ENTRIES; i < nr_init_grefs - 1; i++) 6730767e98aSRoger Pau Monné gnttab_entry(i) = i + 1; 6740767e98aSRoger Pau Monné 6750767e98aSRoger Pau Monné gnttab_entry(nr_init_grefs - 1) = GNTTAB_LIST_END; 6760767e98aSRoger Pau Monné gnttab_free_count = nr_init_grefs - NR_RESERVED_ENTRIES; 6770767e98aSRoger Pau Monné gnttab_free_head = NR_RESERVED_ENTRIES; 6780767e98aSRoger Pau Monné 6790767e98aSRoger Pau Monné if (bootverbose) 6800767e98aSRoger Pau Monné printf("Grant table initialized\n"); 6810767e98aSRoger Pau Monné 6820767e98aSRoger Pau Monné return (0); 6830767e98aSRoger Pau Monné 6840767e98aSRoger Pau Monné ini_nomem: 6850767e98aSRoger Pau Monné for (i--; i >= 0; i--) 6860767e98aSRoger Pau Monné free(gnttab_list[i], M_DEVBUF); 6870767e98aSRoger Pau Monné free(gnttab_list, M_DEVBUF); 6880767e98aSRoger Pau Monné return (ENOMEM); 6890767e98aSRoger Pau Monné } 6900767e98aSRoger Pau Monné 6911093cd82SRoger Pau Monné /*-------------------- Private Device Attachment Data -----------------------*/ 6921093cd82SRoger Pau Monné static device_method_t granttable_methods[] = { 6931093cd82SRoger Pau Monné /* Device interface */ 6941093cd82SRoger Pau Monné DEVMETHOD(device_identify, granttable_identify), 6951093cd82SRoger Pau Monné DEVMETHOD(device_probe, granttable_probe), 6961093cd82SRoger Pau Monné DEVMETHOD(device_attach, granttable_attach), 6971093cd82SRoger Pau Monné 6981093cd82SRoger Pau Monné DEVMETHOD_END 6991093cd82SRoger Pau Monné }; 7001093cd82SRoger Pau Monné 7011093cd82SRoger Pau Monné DEFINE_CLASS_0(granttable, granttable_driver, granttable_methods, 0); 7021093cd82SRoger Pau Monné devclass_t granttable_devclass; 7031093cd82SRoger Pau Monné 7041093cd82SRoger Pau Monné DRIVER_MODULE_ORDERED(granttable, xenpv, granttable_driver, granttable_devclass, 7051093cd82SRoger Pau Monné NULL, NULL, SI_ORDER_FIRST); 706