10767e98aSRoger Pau Monné /****************************************************************************** 20767e98aSRoger Pau Monné * gnttab.c 30767e98aSRoger Pau Monné * 40767e98aSRoger Pau Monné * Two sets of functionality: 50767e98aSRoger Pau Monné * 1. Granting foreign access to our memory reservation. 60767e98aSRoger Pau Monné * 2. Accessing others' memory reservations via grant references. 70767e98aSRoger Pau Monné * (i.e., mechanisms for both sender and recipient of grant references) 80767e98aSRoger Pau Monné * 90767e98aSRoger Pau Monné * Copyright (c) 2005, Christopher Clark 100767e98aSRoger Pau Monné * Copyright (c) 2004, K A Fraser 110767e98aSRoger Pau Monné */ 120767e98aSRoger Pau Monné 130767e98aSRoger Pau Monné #include <sys/cdefs.h> 140767e98aSRoger Pau Monné __FBSDID("$FreeBSD$"); 150767e98aSRoger Pau Monné 160767e98aSRoger Pau Monné #include <sys/param.h> 170767e98aSRoger Pau Monné #include <sys/systm.h> 180767e98aSRoger Pau Monné #include <sys/bus.h> 190767e98aSRoger Pau Monné #include <sys/conf.h> 200767e98aSRoger Pau Monné #include <sys/module.h> 210767e98aSRoger Pau Monné #include <sys/kernel.h> 220767e98aSRoger Pau Monné #include <sys/lock.h> 230767e98aSRoger Pau Monné #include <sys/malloc.h> 240767e98aSRoger Pau Monné #include <sys/mman.h> 250767e98aSRoger Pau Monné #include <sys/limits.h> 260767e98aSRoger Pau Monné #include <sys/rman.h> 270767e98aSRoger Pau Monné #include <machine/resource.h> 282f9ec994SRoger Pau Monné #include <machine/cpu.h> 290767e98aSRoger Pau Monné 300767e98aSRoger Pau Monné #include <xen/xen-os.h> 310767e98aSRoger Pau Monné #include <xen/hypervisor.h> 320767e98aSRoger Pau Monné #include <machine/xen/synch_bitops.h> 330767e98aSRoger Pau Monné 340767e98aSRoger Pau Monné #include <xen/hypervisor.h> 350767e98aSRoger Pau Monné #include <xen/gnttab.h> 360767e98aSRoger Pau Monné 370767e98aSRoger Pau Monné #include <vm/vm.h> 380767e98aSRoger Pau Monné #include <vm/vm_kern.h> 390767e98aSRoger Pau Monné #include <vm/vm_extern.h> 400767e98aSRoger Pau Monné #include <vm/pmap.h> 410767e98aSRoger Pau Monné 420767e98aSRoger Pau Monné /* External tools reserve first few grant table entries. */ 430767e98aSRoger Pau Monné #define NR_RESERVED_ENTRIES 8 440767e98aSRoger Pau Monné #define GREFS_PER_GRANT_FRAME (PAGE_SIZE / sizeof(grant_entry_t)) 450767e98aSRoger Pau Monné 460767e98aSRoger Pau Monné static grant_ref_t **gnttab_list; 470767e98aSRoger Pau Monné static unsigned int nr_grant_frames; 480767e98aSRoger Pau Monné static unsigned int boot_max_nr_grant_frames; 490767e98aSRoger Pau Monné static int gnttab_free_count; 500767e98aSRoger Pau Monné static grant_ref_t gnttab_free_head; 510767e98aSRoger Pau Monné static struct mtx gnttab_list_lock; 520767e98aSRoger Pau Monné 530767e98aSRoger Pau Monné /* 540767e98aSRoger Pau Monné * Resource representing allocated physical address space 550767e98aSRoger Pau Monné * for the grant table metainfo 560767e98aSRoger Pau Monné */ 570767e98aSRoger Pau Monné static struct resource *gnttab_pseudo_phys_res; 580767e98aSRoger Pau Monné 590767e98aSRoger Pau Monné /* Resource id for allocated physical address space. */ 600767e98aSRoger Pau Monné static int gnttab_pseudo_phys_res_id; 610767e98aSRoger Pau Monné 620767e98aSRoger Pau Monné static grant_entry_t *shared; 630767e98aSRoger Pau Monné 640767e98aSRoger Pau Monné static struct gnttab_free_callback *gnttab_free_callback_list = NULL; 650767e98aSRoger Pau Monné 660767e98aSRoger Pau Monné static int gnttab_expand(unsigned int req_entries); 670767e98aSRoger Pau Monné 680767e98aSRoger Pau Monné #define RPP (PAGE_SIZE / sizeof(grant_ref_t)) 690767e98aSRoger Pau Monné #define gnttab_entry(entry) (gnttab_list[(entry) / RPP][(entry) % RPP]) 700767e98aSRoger Pau Monné 710767e98aSRoger Pau Monné static int 720767e98aSRoger Pau Monné get_free_entries(int count, int *entries) 730767e98aSRoger Pau Monné { 740767e98aSRoger Pau Monné int ref, error; 750767e98aSRoger Pau Monné grant_ref_t head; 760767e98aSRoger Pau Monné 770767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 780767e98aSRoger Pau Monné if ((gnttab_free_count < count) && 790767e98aSRoger Pau Monné ((error = gnttab_expand(count - gnttab_free_count)) != 0)) { 800767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 810767e98aSRoger Pau Monné return (error); 820767e98aSRoger Pau Monné } 830767e98aSRoger Pau Monné ref = head = gnttab_free_head; 840767e98aSRoger Pau Monné gnttab_free_count -= count; 850767e98aSRoger Pau Monné while (count-- > 1) 860767e98aSRoger Pau Monné head = gnttab_entry(head); 870767e98aSRoger Pau Monné gnttab_free_head = gnttab_entry(head); 880767e98aSRoger Pau Monné gnttab_entry(head) = GNTTAB_LIST_END; 890767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 900767e98aSRoger Pau Monné 910767e98aSRoger Pau Monné *entries = ref; 920767e98aSRoger Pau Monné return (0); 930767e98aSRoger Pau Monné } 940767e98aSRoger Pau Monné 950767e98aSRoger Pau Monné static void 960767e98aSRoger Pau Monné do_free_callbacks(void) 970767e98aSRoger Pau Monné { 980767e98aSRoger Pau Monné struct gnttab_free_callback *callback, *next; 990767e98aSRoger Pau Monné 1000767e98aSRoger Pau Monné callback = gnttab_free_callback_list; 1010767e98aSRoger Pau Monné gnttab_free_callback_list = NULL; 1020767e98aSRoger Pau Monné 1030767e98aSRoger Pau Monné while (callback != NULL) { 1040767e98aSRoger Pau Monné next = callback->next; 1050767e98aSRoger Pau Monné if (gnttab_free_count >= callback->count) { 1060767e98aSRoger Pau Monné callback->next = NULL; 1070767e98aSRoger Pau Monné callback->fn(callback->arg); 1080767e98aSRoger Pau Monné } else { 1090767e98aSRoger Pau Monné callback->next = gnttab_free_callback_list; 1100767e98aSRoger Pau Monné gnttab_free_callback_list = callback; 1110767e98aSRoger Pau Monné } 1120767e98aSRoger Pau Monné callback = next; 1130767e98aSRoger Pau Monné } 1140767e98aSRoger Pau Monné } 1150767e98aSRoger Pau Monné 1160767e98aSRoger Pau Monné static inline void 1170767e98aSRoger Pau Monné check_free_callbacks(void) 1180767e98aSRoger Pau Monné { 1190767e98aSRoger Pau Monné if (__predict_false(gnttab_free_callback_list != NULL)) 1200767e98aSRoger Pau Monné do_free_callbacks(); 1210767e98aSRoger Pau Monné } 1220767e98aSRoger Pau Monné 1230767e98aSRoger Pau Monné static void 1240767e98aSRoger Pau Monné put_free_entry(grant_ref_t ref) 1250767e98aSRoger Pau Monné { 1260767e98aSRoger Pau Monné 1270767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 1280767e98aSRoger Pau Monné gnttab_entry(ref) = gnttab_free_head; 1290767e98aSRoger Pau Monné gnttab_free_head = ref; 1300767e98aSRoger Pau Monné gnttab_free_count++; 1310767e98aSRoger Pau Monné check_free_callbacks(); 1320767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 1330767e98aSRoger Pau Monné } 1340767e98aSRoger Pau Monné 1350767e98aSRoger Pau Monné /* 1360767e98aSRoger Pau Monné * Public grant-issuing interface functions 1370767e98aSRoger Pau Monné */ 1380767e98aSRoger Pau Monné 1390767e98aSRoger Pau Monné int 1400767e98aSRoger Pau Monné gnttab_grant_foreign_access(domid_t domid, unsigned long frame, int readonly, 1410767e98aSRoger Pau Monné grant_ref_t *result) 1420767e98aSRoger Pau Monné { 1430767e98aSRoger Pau Monné int error, ref; 1440767e98aSRoger Pau Monné 1450767e98aSRoger Pau Monné error = get_free_entries(1, &ref); 1460767e98aSRoger Pau Monné 1470767e98aSRoger Pau Monné if (__predict_false(error)) 1480767e98aSRoger Pau Monné return (error); 1490767e98aSRoger Pau Monné 1500767e98aSRoger Pau Monné shared[ref].frame = frame; 1510767e98aSRoger Pau Monné shared[ref].domid = domid; 1520767e98aSRoger Pau Monné wmb(); 1530767e98aSRoger Pau Monné shared[ref].flags = GTF_permit_access | (readonly ? GTF_readonly : 0); 1540767e98aSRoger Pau Monné 1550767e98aSRoger Pau Monné if (result) 1560767e98aSRoger Pau Monné *result = ref; 1570767e98aSRoger Pau Monné 1580767e98aSRoger Pau Monné return (0); 1590767e98aSRoger Pau Monné } 1600767e98aSRoger Pau Monné 1610767e98aSRoger Pau Monné void 1620767e98aSRoger Pau Monné gnttab_grant_foreign_access_ref(grant_ref_t ref, domid_t domid, 1630767e98aSRoger Pau Monné unsigned long frame, int readonly) 1640767e98aSRoger Pau Monné { 1650767e98aSRoger Pau Monné 1660767e98aSRoger Pau Monné shared[ref].frame = frame; 1670767e98aSRoger Pau Monné shared[ref].domid = domid; 1680767e98aSRoger Pau Monné wmb(); 1690767e98aSRoger Pau Monné shared[ref].flags = GTF_permit_access | (readonly ? GTF_readonly : 0); 1700767e98aSRoger Pau Monné } 1710767e98aSRoger Pau Monné 1720767e98aSRoger Pau Monné int 1730767e98aSRoger Pau Monné gnttab_query_foreign_access(grant_ref_t ref) 1740767e98aSRoger Pau Monné { 1750767e98aSRoger Pau Monné uint16_t nflags; 1760767e98aSRoger Pau Monné 1770767e98aSRoger Pau Monné nflags = shared[ref].flags; 1780767e98aSRoger Pau Monné 1790767e98aSRoger Pau Monné return (nflags & (GTF_reading|GTF_writing)); 1800767e98aSRoger Pau Monné } 1810767e98aSRoger Pau Monné 1820767e98aSRoger Pau Monné int 1830767e98aSRoger Pau Monné gnttab_end_foreign_access_ref(grant_ref_t ref) 1840767e98aSRoger Pau Monné { 1850767e98aSRoger Pau Monné uint16_t flags, nflags; 1860767e98aSRoger Pau Monné 1870767e98aSRoger Pau Monné nflags = shared[ref].flags; 1880767e98aSRoger Pau Monné do { 1890767e98aSRoger Pau Monné if ( (flags = nflags) & (GTF_reading|GTF_writing) ) { 1900767e98aSRoger Pau Monné printf("%s: WARNING: g.e. still in use!\n", __func__); 1910767e98aSRoger Pau Monné return (0); 1920767e98aSRoger Pau Monné } 1930767e98aSRoger Pau Monné } while ((nflags = synch_cmpxchg(&shared[ref].flags, flags, 0)) != 1940767e98aSRoger Pau Monné flags); 1950767e98aSRoger Pau Monné 1960767e98aSRoger Pau Monné return (1); 1970767e98aSRoger Pau Monné } 1980767e98aSRoger Pau Monné 1990767e98aSRoger Pau Monné void 2000767e98aSRoger Pau Monné gnttab_end_foreign_access(grant_ref_t ref, void *page) 2010767e98aSRoger Pau Monné { 2020767e98aSRoger Pau Monné if (gnttab_end_foreign_access_ref(ref)) { 2030767e98aSRoger Pau Monné put_free_entry(ref); 2040767e98aSRoger Pau Monné if (page != NULL) { 2050767e98aSRoger Pau Monné free(page, M_DEVBUF); 2060767e98aSRoger Pau Monné } 2070767e98aSRoger Pau Monné } 2080767e98aSRoger Pau Monné else { 2090767e98aSRoger Pau Monné /* XXX This needs to be fixed so that the ref and page are 2100767e98aSRoger Pau Monné placed on a list to be freed up later. */ 2110767e98aSRoger Pau Monné printf("%s: WARNING: leaking g.e. and page still in use!\n", 2120767e98aSRoger Pau Monné __func__); 2130767e98aSRoger Pau Monné } 2140767e98aSRoger Pau Monné } 2150767e98aSRoger Pau Monné 2160767e98aSRoger Pau Monné void 2170767e98aSRoger Pau Monné gnttab_end_foreign_access_references(u_int count, grant_ref_t *refs) 2180767e98aSRoger Pau Monné { 2190767e98aSRoger Pau Monné grant_ref_t *last_ref; 2200767e98aSRoger Pau Monné grant_ref_t head; 2210767e98aSRoger Pau Monné grant_ref_t tail; 2220767e98aSRoger Pau Monné 2230767e98aSRoger Pau Monné head = GNTTAB_LIST_END; 2240767e98aSRoger Pau Monné tail = *refs; 2250767e98aSRoger Pau Monné last_ref = refs + count; 2260767e98aSRoger Pau Monné while (refs != last_ref) { 2270767e98aSRoger Pau Monné 2280767e98aSRoger Pau Monné if (gnttab_end_foreign_access_ref(*refs)) { 2290767e98aSRoger Pau Monné gnttab_entry(*refs) = head; 2300767e98aSRoger Pau Monné head = *refs; 2310767e98aSRoger Pau Monné } else { 2320767e98aSRoger Pau Monné /* 2330767e98aSRoger Pau Monné * XXX This needs to be fixed so that the ref 2340767e98aSRoger Pau Monné * is placed on a list to be freed up later. 2350767e98aSRoger Pau Monné */ 2360767e98aSRoger Pau Monné printf("%s: WARNING: leaking g.e. still in use!\n", 2370767e98aSRoger Pau Monné __func__); 2380767e98aSRoger Pau Monné count--; 2390767e98aSRoger Pau Monné } 2400767e98aSRoger Pau Monné refs++; 2410767e98aSRoger Pau Monné } 2420767e98aSRoger Pau Monné 2430767e98aSRoger Pau Monné if (count != 0) { 2440767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 2450767e98aSRoger Pau Monné gnttab_free_count += count; 2460767e98aSRoger Pau Monné gnttab_entry(tail) = gnttab_free_head; 2470767e98aSRoger Pau Monné gnttab_free_head = head; 248de06f02eSRoger Pau Monné check_free_callbacks(); 2490767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 2500767e98aSRoger Pau Monné } 2510767e98aSRoger Pau Monné } 2520767e98aSRoger Pau Monné 2530767e98aSRoger Pau Monné int 2540767e98aSRoger Pau Monné gnttab_grant_foreign_transfer(domid_t domid, unsigned long pfn, 2550767e98aSRoger Pau Monné grant_ref_t *result) 2560767e98aSRoger Pau Monné { 2570767e98aSRoger Pau Monné int error, ref; 2580767e98aSRoger Pau Monné 2590767e98aSRoger Pau Monné error = get_free_entries(1, &ref); 2600767e98aSRoger Pau Monné if (__predict_false(error)) 2610767e98aSRoger Pau Monné return (error); 2620767e98aSRoger Pau Monné 2630767e98aSRoger Pau Monné gnttab_grant_foreign_transfer_ref(ref, domid, pfn); 2640767e98aSRoger Pau Monné 2650767e98aSRoger Pau Monné *result = ref; 2660767e98aSRoger Pau Monné return (0); 2670767e98aSRoger Pau Monné } 2680767e98aSRoger Pau Monné 2690767e98aSRoger Pau Monné void 2700767e98aSRoger Pau Monné gnttab_grant_foreign_transfer_ref(grant_ref_t ref, domid_t domid, 2710767e98aSRoger Pau Monné unsigned long pfn) 2720767e98aSRoger Pau Monné { 2730767e98aSRoger Pau Monné shared[ref].frame = pfn; 2740767e98aSRoger Pau Monné shared[ref].domid = domid; 2750767e98aSRoger Pau Monné wmb(); 2760767e98aSRoger Pau Monné shared[ref].flags = GTF_accept_transfer; 2770767e98aSRoger Pau Monné } 2780767e98aSRoger Pau Monné 2790767e98aSRoger Pau Monné unsigned long 2800767e98aSRoger Pau Monné gnttab_end_foreign_transfer_ref(grant_ref_t ref) 2810767e98aSRoger Pau Monné { 2820767e98aSRoger Pau Monné unsigned long frame; 2830767e98aSRoger Pau Monné uint16_t flags; 2840767e98aSRoger Pau Monné 2850767e98aSRoger Pau Monné /* 2860767e98aSRoger Pau Monné * If a transfer is not even yet started, try to reclaim the grant 2870767e98aSRoger Pau Monné * reference and return failure (== 0). 2880767e98aSRoger Pau Monné */ 2890767e98aSRoger Pau Monné while (!((flags = shared[ref].flags) & GTF_transfer_committed)) { 2900767e98aSRoger Pau Monné if ( synch_cmpxchg(&shared[ref].flags, flags, 0) == flags ) 2910767e98aSRoger Pau Monné return (0); 2922f9ec994SRoger Pau Monné cpu_spinwait(); 2930767e98aSRoger Pau Monné } 2940767e98aSRoger Pau Monné 2950767e98aSRoger Pau Monné /* If a transfer is in progress then wait until it is completed. */ 2960767e98aSRoger Pau Monné while (!(flags & GTF_transfer_completed)) { 2970767e98aSRoger Pau Monné flags = shared[ref].flags; 2982f9ec994SRoger Pau Monné cpu_spinwait(); 2990767e98aSRoger Pau Monné } 3000767e98aSRoger Pau Monné 3010767e98aSRoger Pau Monné /* Read the frame number /after/ reading completion status. */ 3020767e98aSRoger Pau Monné rmb(); 3030767e98aSRoger Pau Monné frame = shared[ref].frame; 3040767e98aSRoger Pau Monné KASSERT(frame != 0, ("grant table inconsistent")); 3050767e98aSRoger Pau Monné 3060767e98aSRoger Pau Monné return (frame); 3070767e98aSRoger Pau Monné } 3080767e98aSRoger Pau Monné 3090767e98aSRoger Pau Monné unsigned long 3100767e98aSRoger Pau Monné gnttab_end_foreign_transfer(grant_ref_t ref) 3110767e98aSRoger Pau Monné { 3120767e98aSRoger Pau Monné unsigned long frame = gnttab_end_foreign_transfer_ref(ref); 3130767e98aSRoger Pau Monné 3140767e98aSRoger Pau Monné put_free_entry(ref); 3150767e98aSRoger Pau Monné return (frame); 3160767e98aSRoger Pau Monné } 3170767e98aSRoger Pau Monné 3180767e98aSRoger Pau Monné void 3190767e98aSRoger Pau Monné gnttab_free_grant_reference(grant_ref_t ref) 3200767e98aSRoger Pau Monné { 3210767e98aSRoger Pau Monné 3220767e98aSRoger Pau Monné put_free_entry(ref); 3230767e98aSRoger Pau Monné } 3240767e98aSRoger Pau Monné 3250767e98aSRoger Pau Monné void 3260767e98aSRoger Pau Monné gnttab_free_grant_references(grant_ref_t head) 3270767e98aSRoger Pau Monné { 3280767e98aSRoger Pau Monné grant_ref_t ref; 3290767e98aSRoger Pau Monné int count = 1; 3300767e98aSRoger Pau Monné 3310767e98aSRoger Pau Monné if (head == GNTTAB_LIST_END) 3320767e98aSRoger Pau Monné return; 3330767e98aSRoger Pau Monné 3340767e98aSRoger Pau Monné ref = head; 3350767e98aSRoger Pau Monné while (gnttab_entry(ref) != GNTTAB_LIST_END) { 3360767e98aSRoger Pau Monné ref = gnttab_entry(ref); 3370767e98aSRoger Pau Monné count++; 3380767e98aSRoger Pau Monné } 3390767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 3400767e98aSRoger Pau Monné gnttab_entry(ref) = gnttab_free_head; 3410767e98aSRoger Pau Monné gnttab_free_head = head; 3420767e98aSRoger Pau Monné gnttab_free_count += count; 3430767e98aSRoger Pau Monné check_free_callbacks(); 3440767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 3450767e98aSRoger Pau Monné } 3460767e98aSRoger Pau Monné 3470767e98aSRoger Pau Monné int 3480767e98aSRoger Pau Monné gnttab_alloc_grant_references(uint16_t count, grant_ref_t *head) 3490767e98aSRoger Pau Monné { 3500767e98aSRoger Pau Monné int ref, error; 3510767e98aSRoger Pau Monné 3520767e98aSRoger Pau Monné error = get_free_entries(count, &ref); 3530767e98aSRoger Pau Monné if (__predict_false(error)) 3540767e98aSRoger Pau Monné return (error); 3550767e98aSRoger Pau Monné 3560767e98aSRoger Pau Monné *head = ref; 3570767e98aSRoger Pau Monné return (0); 3580767e98aSRoger Pau Monné } 3590767e98aSRoger Pau Monné 3600767e98aSRoger Pau Monné int 3610767e98aSRoger Pau Monné gnttab_empty_grant_references(const grant_ref_t *private_head) 3620767e98aSRoger Pau Monné { 3630767e98aSRoger Pau Monné 3640767e98aSRoger Pau Monné return (*private_head == GNTTAB_LIST_END); 3650767e98aSRoger Pau Monné } 3660767e98aSRoger Pau Monné 3670767e98aSRoger Pau Monné int 3680767e98aSRoger Pau Monné gnttab_claim_grant_reference(grant_ref_t *private_head) 3690767e98aSRoger Pau Monné { 3700767e98aSRoger Pau Monné grant_ref_t g = *private_head; 3710767e98aSRoger Pau Monné 3720767e98aSRoger Pau Monné if (__predict_false(g == GNTTAB_LIST_END)) 3730767e98aSRoger Pau Monné return (g); 3740767e98aSRoger Pau Monné *private_head = gnttab_entry(g); 3750767e98aSRoger Pau Monné return (g); 3760767e98aSRoger Pau Monné } 3770767e98aSRoger Pau Monné 3780767e98aSRoger Pau Monné void 3790767e98aSRoger Pau Monné gnttab_release_grant_reference(grant_ref_t *private_head, grant_ref_t release) 3800767e98aSRoger Pau Monné { 3810767e98aSRoger Pau Monné 3820767e98aSRoger Pau Monné gnttab_entry(release) = *private_head; 3830767e98aSRoger Pau Monné *private_head = release; 3840767e98aSRoger Pau Monné } 3850767e98aSRoger Pau Monné 3860767e98aSRoger Pau Monné void 3870767e98aSRoger Pau Monné gnttab_request_free_callback(struct gnttab_free_callback *callback, 3880767e98aSRoger Pau Monné void (*fn)(void *), void *arg, uint16_t count) 3890767e98aSRoger Pau Monné { 3900767e98aSRoger Pau Monné 3910767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 3920767e98aSRoger Pau Monné if (callback->next) 3930767e98aSRoger Pau Monné goto out; 3940767e98aSRoger Pau Monné callback->fn = fn; 3950767e98aSRoger Pau Monné callback->arg = arg; 3960767e98aSRoger Pau Monné callback->count = count; 3970767e98aSRoger Pau Monné callback->next = gnttab_free_callback_list; 3980767e98aSRoger Pau Monné gnttab_free_callback_list = callback; 3990767e98aSRoger Pau Monné check_free_callbacks(); 4000767e98aSRoger Pau Monné out: 4010767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 4020767e98aSRoger Pau Monné 4030767e98aSRoger Pau Monné } 4040767e98aSRoger Pau Monné 4050767e98aSRoger Pau Monné void 4060767e98aSRoger Pau Monné gnttab_cancel_free_callback(struct gnttab_free_callback *callback) 4070767e98aSRoger Pau Monné { 4080767e98aSRoger Pau Monné struct gnttab_free_callback **pcb; 4090767e98aSRoger Pau Monné 4100767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 4110767e98aSRoger Pau Monné for (pcb = &gnttab_free_callback_list; *pcb; pcb = &(*pcb)->next) { 4120767e98aSRoger Pau Monné if (*pcb == callback) { 4130767e98aSRoger Pau Monné *pcb = callback->next; 4140767e98aSRoger Pau Monné break; 4150767e98aSRoger Pau Monné } 4160767e98aSRoger Pau Monné } 4170767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 4180767e98aSRoger Pau Monné } 4190767e98aSRoger Pau Monné 4200767e98aSRoger Pau Monné 4210767e98aSRoger Pau Monné static int 4220767e98aSRoger Pau Monné grow_gnttab_list(unsigned int more_frames) 4230767e98aSRoger Pau Monné { 4240767e98aSRoger Pau Monné unsigned int new_nr_grant_frames, extra_entries, i; 4250767e98aSRoger Pau Monné 4260767e98aSRoger Pau Monné new_nr_grant_frames = nr_grant_frames + more_frames; 4270767e98aSRoger Pau Monné extra_entries = more_frames * GREFS_PER_GRANT_FRAME; 4280767e98aSRoger Pau Monné 4290767e98aSRoger Pau Monné for (i = nr_grant_frames; i < new_nr_grant_frames; i++) 4300767e98aSRoger Pau Monné { 4310767e98aSRoger Pau Monné gnttab_list[i] = (grant_ref_t *) 4320767e98aSRoger Pau Monné malloc(PAGE_SIZE, M_DEVBUF, M_NOWAIT); 4330767e98aSRoger Pau Monné 4340767e98aSRoger Pau Monné if (!gnttab_list[i]) 4350767e98aSRoger Pau Monné goto grow_nomem; 4360767e98aSRoger Pau Monné } 4370767e98aSRoger Pau Monné 4380767e98aSRoger Pau Monné for (i = GREFS_PER_GRANT_FRAME * nr_grant_frames; 4390767e98aSRoger Pau Monné i < GREFS_PER_GRANT_FRAME * new_nr_grant_frames - 1; i++) 4400767e98aSRoger Pau Monné gnttab_entry(i) = i + 1; 4410767e98aSRoger Pau Monné 4420767e98aSRoger Pau Monné gnttab_entry(i) = gnttab_free_head; 4430767e98aSRoger Pau Monné gnttab_free_head = GREFS_PER_GRANT_FRAME * nr_grant_frames; 4440767e98aSRoger Pau Monné gnttab_free_count += extra_entries; 4450767e98aSRoger Pau Monné 4460767e98aSRoger Pau Monné nr_grant_frames = new_nr_grant_frames; 4470767e98aSRoger Pau Monné 4480767e98aSRoger Pau Monné check_free_callbacks(); 4490767e98aSRoger Pau Monné 4500767e98aSRoger Pau Monné return (0); 4510767e98aSRoger Pau Monné 4520767e98aSRoger Pau Monné grow_nomem: 4530767e98aSRoger Pau Monné for ( ; i >= nr_grant_frames; i--) 4540767e98aSRoger Pau Monné free(gnttab_list[i], M_DEVBUF); 4550767e98aSRoger Pau Monné return (ENOMEM); 4560767e98aSRoger Pau Monné } 4570767e98aSRoger Pau Monné 4580767e98aSRoger Pau Monné static unsigned int 4590767e98aSRoger Pau Monné __max_nr_grant_frames(void) 4600767e98aSRoger Pau Monné { 4610767e98aSRoger Pau Monné struct gnttab_query_size query; 4620767e98aSRoger Pau Monné int rc; 4630767e98aSRoger Pau Monné 4640767e98aSRoger Pau Monné query.dom = DOMID_SELF; 4650767e98aSRoger Pau Monné 4660767e98aSRoger Pau Monné rc = HYPERVISOR_grant_table_op(GNTTABOP_query_size, &query, 1); 4670767e98aSRoger Pau Monné if ((rc < 0) || (query.status != GNTST_okay)) 4680767e98aSRoger Pau Monné return (4); /* Legacy max supported number of frames */ 4690767e98aSRoger Pau Monné 4700767e98aSRoger Pau Monné return (query.max_nr_frames); 4710767e98aSRoger Pau Monné } 4720767e98aSRoger Pau Monné 4730767e98aSRoger Pau Monné static inline 4740767e98aSRoger Pau Monné unsigned int max_nr_grant_frames(void) 4750767e98aSRoger Pau Monné { 4760767e98aSRoger Pau Monné unsigned int xen_max = __max_nr_grant_frames(); 4770767e98aSRoger Pau Monné 4780767e98aSRoger Pau Monné if (xen_max > boot_max_nr_grant_frames) 4790767e98aSRoger Pau Monné return (boot_max_nr_grant_frames); 4800767e98aSRoger Pau Monné return (xen_max); 4810767e98aSRoger Pau Monné } 4820767e98aSRoger Pau Monné 4830767e98aSRoger Pau Monné #ifdef notyet 4840767e98aSRoger Pau Monné /* 4850767e98aSRoger Pau Monné * XXX needed for backend support 4860767e98aSRoger Pau Monné * 4870767e98aSRoger Pau Monné */ 4880767e98aSRoger Pau Monné static int 4890767e98aSRoger Pau Monné map_pte_fn(pte_t *pte, struct page *pmd_page, 4900767e98aSRoger Pau Monné unsigned long addr, void *data) 4910767e98aSRoger Pau Monné { 4920767e98aSRoger Pau Monné unsigned long **frames = (unsigned long **)data; 4930767e98aSRoger Pau Monné 4940767e98aSRoger Pau Monné set_pte_at(&init_mm, addr, pte, pfn_pte_ma((*frames)[0], PAGE_KERNEL)); 4950767e98aSRoger Pau Monné (*frames)++; 4960767e98aSRoger Pau Monné return 0; 4970767e98aSRoger Pau Monné } 4980767e98aSRoger Pau Monné 4990767e98aSRoger Pau Monné static int 5000767e98aSRoger Pau Monné unmap_pte_fn(pte_t *pte, struct page *pmd_page, 5010767e98aSRoger Pau Monné unsigned long addr, void *data) 5020767e98aSRoger Pau Monné { 5030767e98aSRoger Pau Monné 5040767e98aSRoger Pau Monné set_pte_at(&init_mm, addr, pte, __pte(0)); 5050767e98aSRoger Pau Monné return 0; 5060767e98aSRoger Pau Monné } 5070767e98aSRoger Pau Monné #endif 5080767e98aSRoger Pau Monné 5090767e98aSRoger Pau Monné static vm_paddr_t resume_frames; 5100767e98aSRoger Pau Monné 5110767e98aSRoger Pau Monné static int 5120767e98aSRoger Pau Monné gnttab_map(unsigned int start_idx, unsigned int end_idx) 5130767e98aSRoger Pau Monné { 5140767e98aSRoger Pau Monné struct xen_add_to_physmap xatp; 5150767e98aSRoger Pau Monné unsigned int i = end_idx; 5160767e98aSRoger Pau Monné 5170767e98aSRoger Pau Monné /* 5180767e98aSRoger Pau Monné * Loop backwards, so that the first hypercall has the largest index, 5190767e98aSRoger Pau Monné * ensuring that the table will grow only once. 5200767e98aSRoger Pau Monné */ 5210767e98aSRoger Pau Monné do { 5220767e98aSRoger Pau Monné xatp.domid = DOMID_SELF; 5230767e98aSRoger Pau Monné xatp.idx = i; 5240767e98aSRoger Pau Monné xatp.space = XENMAPSPACE_grant_table; 5250767e98aSRoger Pau Monné xatp.gpfn = (resume_frames >> PAGE_SHIFT) + i; 5260767e98aSRoger Pau Monné if (HYPERVISOR_memory_op(XENMEM_add_to_physmap, &xatp)) 5270767e98aSRoger Pau Monné panic("HYPERVISOR_memory_op failed to map gnttab"); 5280767e98aSRoger Pau Monné } while (i-- > start_idx); 5290767e98aSRoger Pau Monné 5300767e98aSRoger Pau Monné if (shared == NULL) { 5310767e98aSRoger Pau Monné vm_offset_t area; 5320767e98aSRoger Pau Monné 5330767e98aSRoger Pau Monné area = kva_alloc(PAGE_SIZE * max_nr_grant_frames()); 5340767e98aSRoger Pau Monné KASSERT(area, ("can't allocate VM space for grant table")); 5350767e98aSRoger Pau Monné shared = (grant_entry_t *)area; 5360767e98aSRoger Pau Monné } 5370767e98aSRoger Pau Monné 5380767e98aSRoger Pau Monné for (i = start_idx; i <= end_idx; i++) { 5390767e98aSRoger Pau Monné pmap_kenter((vm_offset_t) shared + i * PAGE_SIZE, 5400767e98aSRoger Pau Monné resume_frames + i * PAGE_SIZE); 5410767e98aSRoger Pau Monné } 5420767e98aSRoger Pau Monné 5430767e98aSRoger Pau Monné return (0); 5440767e98aSRoger Pau Monné } 5450767e98aSRoger Pau Monné 5460767e98aSRoger Pau Monné int 5470767e98aSRoger Pau Monné gnttab_resume(device_t dev) 5480767e98aSRoger Pau Monné { 5490767e98aSRoger Pau Monné unsigned int max_nr_gframes, nr_gframes; 5500767e98aSRoger Pau Monné 5510767e98aSRoger Pau Monné nr_gframes = nr_grant_frames; 5520767e98aSRoger Pau Monné max_nr_gframes = max_nr_grant_frames(); 5530767e98aSRoger Pau Monné if (max_nr_gframes < nr_gframes) 5540767e98aSRoger Pau Monné return (ENOSYS); 5550767e98aSRoger Pau Monné 5560767e98aSRoger Pau Monné if (!resume_frames) { 5570767e98aSRoger Pau Monné KASSERT(dev != NULL, 5580767e98aSRoger Pau Monné ("No resume frames and no device provided")); 5590767e98aSRoger Pau Monné 5600df8b29dSRoger Pau Monné gnttab_pseudo_phys_res = xenmem_alloc(dev, 5610df8b29dSRoger Pau Monné &gnttab_pseudo_phys_res_id, PAGE_SIZE * max_nr_gframes); 5620767e98aSRoger Pau Monné if (gnttab_pseudo_phys_res == NULL) 5630767e98aSRoger Pau Monné panic("Unable to reserve physical memory for gnttab"); 5640767e98aSRoger Pau Monné resume_frames = rman_get_start(gnttab_pseudo_phys_res); 5650767e98aSRoger Pau Monné } 5660767e98aSRoger Pau Monné 5670767e98aSRoger Pau Monné return (gnttab_map(0, nr_gframes - 1)); 5680767e98aSRoger Pau Monné } 5690767e98aSRoger Pau Monné 5700767e98aSRoger Pau Monné static int 5710767e98aSRoger Pau Monné gnttab_expand(unsigned int req_entries) 5720767e98aSRoger Pau Monné { 5730767e98aSRoger Pau Monné int error; 5740767e98aSRoger Pau Monné unsigned int cur, extra; 5750767e98aSRoger Pau Monné 5760767e98aSRoger Pau Monné cur = nr_grant_frames; 577057b4402SPedro F. Giffuni extra = howmany(req_entries, GREFS_PER_GRANT_FRAME); 5780767e98aSRoger Pau Monné if (cur + extra > max_nr_grant_frames()) 5790767e98aSRoger Pau Monné return (ENOSPC); 5800767e98aSRoger Pau Monné 5810767e98aSRoger Pau Monné error = gnttab_map(cur, cur + extra - 1); 5820767e98aSRoger Pau Monné if (!error) 5830767e98aSRoger Pau Monné error = grow_gnttab_list(extra); 5840767e98aSRoger Pau Monné 5850767e98aSRoger Pau Monné return (error); 5860767e98aSRoger Pau Monné } 5870767e98aSRoger Pau Monné 588*5477025aSRoger Pau Monné MTX_SYSINIT(gnttab, &gnttab_list_lock, "GNTTAB LOCK", MTX_DEF | MTX_RECURSE); 5891093cd82SRoger Pau Monné 5901093cd82SRoger Pau Monné /*------------------ Private Device Attachment Functions --------------------*/ 5911093cd82SRoger Pau Monné /** 5921093cd82SRoger Pau Monné * \brief Identify instances of this device type in the system. 5931093cd82SRoger Pau Monné * 5941093cd82SRoger Pau Monné * \param driver The driver performing this identify action. 5951093cd82SRoger Pau Monné * \param parent The NewBus parent device for any devices this method adds. 5961093cd82SRoger Pau Monné */ 5971093cd82SRoger Pau Monné static void 5981093cd82SRoger Pau Monné granttable_identify(driver_t *driver __unused, device_t parent) 5991093cd82SRoger Pau Monné { 6001093cd82SRoger Pau Monné 6011093cd82SRoger Pau Monné KASSERT(xen_domain(), 6021093cd82SRoger Pau Monné ("Trying to attach grant-table device on non Xen domain")); 6031093cd82SRoger Pau Monné /* 6041093cd82SRoger Pau Monné * A single device instance for our driver is always present 6051093cd82SRoger Pau Monné * in a system operating under Xen. 6061093cd82SRoger Pau Monné */ 6071093cd82SRoger Pau Monné if (BUS_ADD_CHILD(parent, 0, driver->name, 0) == NULL) 6081093cd82SRoger Pau Monné panic("unable to attach Xen Grant-table device"); 6091093cd82SRoger Pau Monné } 6101093cd82SRoger Pau Monné 6111093cd82SRoger Pau Monné /** 6121093cd82SRoger Pau Monné * \brief Probe for the existence of the Xen Grant-table device 6131093cd82SRoger Pau Monné * 6141093cd82SRoger Pau Monné * \param dev NewBus device_t for this instance. 6151093cd82SRoger Pau Monné * 6161093cd82SRoger Pau Monné * \return Always returns 0 indicating success. 6171093cd82SRoger Pau Monné */ 6181093cd82SRoger Pau Monné static int 6191093cd82SRoger Pau Monné granttable_probe(device_t dev) 6201093cd82SRoger Pau Monné { 6211093cd82SRoger Pau Monné 6221093cd82SRoger Pau Monné device_set_desc(dev, "Xen Grant-table Device"); 6231093cd82SRoger Pau Monné return (BUS_PROBE_NOWILDCARD); 6241093cd82SRoger Pau Monné } 6251093cd82SRoger Pau Monné 6261093cd82SRoger Pau Monné /** 6271093cd82SRoger Pau Monné * \brief Attach the Xen Grant-table device. 6281093cd82SRoger Pau Monné * 6291093cd82SRoger Pau Monné * \param dev NewBus device_t for this instance. 6301093cd82SRoger Pau Monné * 6311093cd82SRoger Pau Monné * \return On success, 0. Otherwise an errno value indicating the 6321093cd82SRoger Pau Monné * type of failure. 6331093cd82SRoger Pau Monné */ 6341093cd82SRoger Pau Monné static int 6351093cd82SRoger Pau Monné granttable_attach(device_t dev) 6360767e98aSRoger Pau Monné { 6370767e98aSRoger Pau Monné int i; 6380767e98aSRoger Pau Monné unsigned int max_nr_glist_frames; 6390767e98aSRoger Pau Monné unsigned int nr_init_grefs; 6400767e98aSRoger Pau Monné 6410767e98aSRoger Pau Monné nr_grant_frames = 1; 6420767e98aSRoger Pau Monné boot_max_nr_grant_frames = __max_nr_grant_frames(); 6430767e98aSRoger Pau Monné 6440767e98aSRoger Pau Monné /* Determine the maximum number of frames required for the 6450767e98aSRoger Pau Monné * grant reference free list on the current hypervisor. 6460767e98aSRoger Pau Monné */ 6470767e98aSRoger Pau Monné max_nr_glist_frames = (boot_max_nr_grant_frames * 6480767e98aSRoger Pau Monné GREFS_PER_GRANT_FRAME / 6490767e98aSRoger Pau Monné (PAGE_SIZE / sizeof(grant_ref_t))); 6500767e98aSRoger Pau Monné 6510767e98aSRoger Pau Monné gnttab_list = malloc(max_nr_glist_frames * sizeof(grant_ref_t *), 6520767e98aSRoger Pau Monné M_DEVBUF, M_NOWAIT); 6530767e98aSRoger Pau Monné 6540767e98aSRoger Pau Monné if (gnttab_list == NULL) 6550767e98aSRoger Pau Monné return (ENOMEM); 6560767e98aSRoger Pau Monné 6570767e98aSRoger Pau Monné for (i = 0; i < nr_grant_frames; i++) { 6580767e98aSRoger Pau Monné gnttab_list[i] = (grant_ref_t *) 6590767e98aSRoger Pau Monné malloc(PAGE_SIZE, M_DEVBUF, M_NOWAIT); 6600767e98aSRoger Pau Monné if (gnttab_list[i] == NULL) 6610767e98aSRoger Pau Monné goto ini_nomem; 6620767e98aSRoger Pau Monné } 6630767e98aSRoger Pau Monné 6640767e98aSRoger Pau Monné if (gnttab_resume(dev)) 6650767e98aSRoger Pau Monné return (ENODEV); 6660767e98aSRoger Pau Monné 6670767e98aSRoger Pau Monné nr_init_grefs = nr_grant_frames * GREFS_PER_GRANT_FRAME; 6680767e98aSRoger Pau Monné 6690767e98aSRoger Pau Monné for (i = NR_RESERVED_ENTRIES; i < nr_init_grefs - 1; i++) 6700767e98aSRoger Pau Monné gnttab_entry(i) = i + 1; 6710767e98aSRoger Pau Monné 6720767e98aSRoger Pau Monné gnttab_entry(nr_init_grefs - 1) = GNTTAB_LIST_END; 6730767e98aSRoger Pau Monné gnttab_free_count = nr_init_grefs - NR_RESERVED_ENTRIES; 6740767e98aSRoger Pau Monné gnttab_free_head = NR_RESERVED_ENTRIES; 6750767e98aSRoger Pau Monné 6760767e98aSRoger Pau Monné if (bootverbose) 6770767e98aSRoger Pau Monné printf("Grant table initialized\n"); 6780767e98aSRoger Pau Monné 6790767e98aSRoger Pau Monné return (0); 6800767e98aSRoger Pau Monné 6810767e98aSRoger Pau Monné ini_nomem: 6820767e98aSRoger Pau Monné for (i--; i >= 0; i--) 6830767e98aSRoger Pau Monné free(gnttab_list[i], M_DEVBUF); 6840767e98aSRoger Pau Monné free(gnttab_list, M_DEVBUF); 6850767e98aSRoger Pau Monné return (ENOMEM); 6860767e98aSRoger Pau Monné } 6870767e98aSRoger Pau Monné 6881093cd82SRoger Pau Monné /*-------------------- Private Device Attachment Data -----------------------*/ 6891093cd82SRoger Pau Monné static device_method_t granttable_methods[] = { 6901093cd82SRoger Pau Monné /* Device interface */ 6911093cd82SRoger Pau Monné DEVMETHOD(device_identify, granttable_identify), 6921093cd82SRoger Pau Monné DEVMETHOD(device_probe, granttable_probe), 6931093cd82SRoger Pau Monné DEVMETHOD(device_attach, granttable_attach), 6941093cd82SRoger Pau Monné 6951093cd82SRoger Pau Monné DEVMETHOD_END 6961093cd82SRoger Pau Monné }; 6971093cd82SRoger Pau Monné 6981093cd82SRoger Pau Monné DEFINE_CLASS_0(granttable, granttable_driver, granttable_methods, 0); 6991093cd82SRoger Pau Monné devclass_t granttable_devclass; 7001093cd82SRoger Pau Monné 7011093cd82SRoger Pau Monné DRIVER_MODULE_ORDERED(granttable, xenpv, granttable_driver, granttable_devclass, 7021093cd82SRoger Pau Monné NULL, NULL, SI_ORDER_FIRST); 703