10767e98aSRoger Pau Monné /****************************************************************************** 20767e98aSRoger Pau Monné * gnttab.c 30767e98aSRoger Pau Monné * 40767e98aSRoger Pau Monné * Two sets of functionality: 50767e98aSRoger Pau Monné * 1. Granting foreign access to our memory reservation. 60767e98aSRoger Pau Monné * 2. Accessing others' memory reservations via grant references. 70767e98aSRoger Pau Monné * (i.e., mechanisms for both sender and recipient of grant references) 80767e98aSRoger Pau Monné * 90767e98aSRoger Pau Monné * Copyright (c) 2005, Christopher Clark 100767e98aSRoger Pau Monné * Copyright (c) 2004, K A Fraser 110767e98aSRoger Pau Monné */ 120767e98aSRoger Pau Monné 130767e98aSRoger Pau Monné #include <sys/cdefs.h> 140767e98aSRoger Pau Monné __FBSDID("$FreeBSD$"); 150767e98aSRoger Pau Monné 160767e98aSRoger Pau Monné #include <sys/param.h> 170767e98aSRoger Pau Monné #include <sys/systm.h> 180767e98aSRoger Pau Monné #include <sys/bus.h> 190767e98aSRoger Pau Monné #include <sys/conf.h> 200767e98aSRoger Pau Monné #include <sys/module.h> 210767e98aSRoger Pau Monné #include <sys/kernel.h> 220767e98aSRoger Pau Monné #include <sys/lock.h> 230767e98aSRoger Pau Monné #include <sys/malloc.h> 240767e98aSRoger Pau Monné #include <sys/mman.h> 250767e98aSRoger Pau Monné #include <sys/limits.h> 260767e98aSRoger Pau Monné #include <sys/rman.h> 270767e98aSRoger Pau Monné #include <machine/resource.h> 282f9ec994SRoger Pau Monné #include <machine/cpu.h> 290767e98aSRoger Pau Monné 300767e98aSRoger Pau Monné #include <xen/xen-os.h> 310767e98aSRoger Pau Monné #include <xen/hypervisor.h> 320767e98aSRoger Pau Monné #include <machine/xen/synch_bitops.h> 330767e98aSRoger Pau Monné 340767e98aSRoger Pau Monné #include <xen/hypervisor.h> 350767e98aSRoger Pau Monné #include <xen/gnttab.h> 360767e98aSRoger Pau Monné 370767e98aSRoger Pau Monné #include <vm/vm.h> 380767e98aSRoger Pau Monné #include <vm/vm_kern.h> 390767e98aSRoger Pau Monné #include <vm/vm_extern.h> 400767e98aSRoger Pau Monné #include <vm/pmap.h> 410767e98aSRoger Pau Monné 420767e98aSRoger Pau Monné /* External tools reserve first few grant table entries. */ 430767e98aSRoger Pau Monné #define NR_RESERVED_ENTRIES 8 440767e98aSRoger Pau Monné #define GREFS_PER_GRANT_FRAME (PAGE_SIZE / sizeof(grant_entry_t)) 450767e98aSRoger Pau Monné 460767e98aSRoger Pau Monné static grant_ref_t **gnttab_list; 470767e98aSRoger Pau Monné static unsigned int nr_grant_frames; 480767e98aSRoger Pau Monné static unsigned int boot_max_nr_grant_frames; 490767e98aSRoger Pau Monné static int gnttab_free_count; 500767e98aSRoger Pau Monné static grant_ref_t gnttab_free_head; 510767e98aSRoger Pau Monné static struct mtx gnttab_list_lock; 520767e98aSRoger Pau Monné 530767e98aSRoger Pau Monné /* 540767e98aSRoger Pau Monné * Resource representing allocated physical address space 550767e98aSRoger Pau Monné * for the grant table metainfo 560767e98aSRoger Pau Monné */ 570767e98aSRoger Pau Monné static struct resource *gnttab_pseudo_phys_res; 580767e98aSRoger Pau Monné 590767e98aSRoger Pau Monné /* Resource id for allocated physical address space. */ 600767e98aSRoger Pau Monné static int gnttab_pseudo_phys_res_id; 610767e98aSRoger Pau Monné 620767e98aSRoger Pau Monné static grant_entry_t *shared; 630767e98aSRoger Pau Monné 640767e98aSRoger Pau Monné static struct gnttab_free_callback *gnttab_free_callback_list = NULL; 650767e98aSRoger Pau Monné 660767e98aSRoger Pau Monné static int gnttab_expand(unsigned int req_entries); 670767e98aSRoger Pau Monné 680767e98aSRoger Pau Monné #define RPP (PAGE_SIZE / sizeof(grant_ref_t)) 690767e98aSRoger Pau Monné #define gnttab_entry(entry) (gnttab_list[(entry) / RPP][(entry) % RPP]) 700767e98aSRoger Pau Monné 710767e98aSRoger Pau Monné static int 720767e98aSRoger Pau Monné get_free_entries(int count, int *entries) 730767e98aSRoger Pau Monné { 740767e98aSRoger Pau Monné int ref, error; 750767e98aSRoger Pau Monné grant_ref_t head; 760767e98aSRoger Pau Monné 770767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 780767e98aSRoger Pau Monné if ((gnttab_free_count < count) && 790767e98aSRoger Pau Monné ((error = gnttab_expand(count - gnttab_free_count)) != 0)) { 800767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 810767e98aSRoger Pau Monné return (error); 820767e98aSRoger Pau Monné } 830767e98aSRoger Pau Monné ref = head = gnttab_free_head; 840767e98aSRoger Pau Monné gnttab_free_count -= count; 850767e98aSRoger Pau Monné while (count-- > 1) 860767e98aSRoger Pau Monné head = gnttab_entry(head); 870767e98aSRoger Pau Monné gnttab_free_head = gnttab_entry(head); 880767e98aSRoger Pau Monné gnttab_entry(head) = GNTTAB_LIST_END; 890767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 900767e98aSRoger Pau Monné 910767e98aSRoger Pau Monné *entries = ref; 920767e98aSRoger Pau Monné return (0); 930767e98aSRoger Pau Monné } 940767e98aSRoger Pau Monné 950767e98aSRoger Pau Monné static void 960767e98aSRoger Pau Monné do_free_callbacks(void) 970767e98aSRoger Pau Monné { 980767e98aSRoger Pau Monné struct gnttab_free_callback *callback, *next; 990767e98aSRoger Pau Monné 1000767e98aSRoger Pau Monné callback = gnttab_free_callback_list; 1010767e98aSRoger Pau Monné gnttab_free_callback_list = NULL; 1020767e98aSRoger Pau Monné 1030767e98aSRoger Pau Monné while (callback != NULL) { 1040767e98aSRoger Pau Monné next = callback->next; 1050767e98aSRoger Pau Monné if (gnttab_free_count >= callback->count) { 1060767e98aSRoger Pau Monné callback->next = NULL; 1070767e98aSRoger Pau Monné callback->fn(callback->arg); 1080767e98aSRoger Pau Monné } else { 1090767e98aSRoger Pau Monné callback->next = gnttab_free_callback_list; 1100767e98aSRoger Pau Monné gnttab_free_callback_list = callback; 1110767e98aSRoger Pau Monné } 1120767e98aSRoger Pau Monné callback = next; 1130767e98aSRoger Pau Monné } 1140767e98aSRoger Pau Monné } 1150767e98aSRoger Pau Monné 1160767e98aSRoger Pau Monné static inline void 1170767e98aSRoger Pau Monné check_free_callbacks(void) 1180767e98aSRoger Pau Monné { 1190767e98aSRoger Pau Monné if (__predict_false(gnttab_free_callback_list != NULL)) 1200767e98aSRoger Pau Monné do_free_callbacks(); 1210767e98aSRoger Pau Monné } 1220767e98aSRoger Pau Monné 1230767e98aSRoger Pau Monné static void 1240767e98aSRoger Pau Monné put_free_entry(grant_ref_t ref) 1250767e98aSRoger Pau Monné { 1260767e98aSRoger Pau Monné 1270767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 1280767e98aSRoger Pau Monné gnttab_entry(ref) = gnttab_free_head; 1290767e98aSRoger Pau Monné gnttab_free_head = ref; 1300767e98aSRoger Pau Monné gnttab_free_count++; 1310767e98aSRoger Pau Monné check_free_callbacks(); 1320767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 1330767e98aSRoger Pau Monné } 1340767e98aSRoger Pau Monné 1350767e98aSRoger Pau Monné /* 1360767e98aSRoger Pau Monné * Public grant-issuing interface functions 1370767e98aSRoger Pau Monné */ 1380767e98aSRoger Pau Monné 1390767e98aSRoger Pau Monné int 1400767e98aSRoger Pau Monné gnttab_grant_foreign_access(domid_t domid, unsigned long frame, int readonly, 1410767e98aSRoger Pau Monné grant_ref_t *result) 1420767e98aSRoger Pau Monné { 1430767e98aSRoger Pau Monné int error, ref; 1440767e98aSRoger Pau Monné 1450767e98aSRoger Pau Monné error = get_free_entries(1, &ref); 1460767e98aSRoger Pau Monné 1470767e98aSRoger Pau Monné if (__predict_false(error)) 1480767e98aSRoger Pau Monné return (error); 1490767e98aSRoger Pau Monné 1500767e98aSRoger Pau Monné shared[ref].frame = frame; 1510767e98aSRoger Pau Monné shared[ref].domid = domid; 1520767e98aSRoger Pau Monné wmb(); 1530767e98aSRoger Pau Monné shared[ref].flags = GTF_permit_access | (readonly ? GTF_readonly : 0); 1540767e98aSRoger Pau Monné 1550767e98aSRoger Pau Monné if (result) 1560767e98aSRoger Pau Monné *result = ref; 1570767e98aSRoger Pau Monné 1580767e98aSRoger Pau Monné return (0); 1590767e98aSRoger Pau Monné } 1600767e98aSRoger Pau Monné 1610767e98aSRoger Pau Monné void 1620767e98aSRoger Pau Monné gnttab_grant_foreign_access_ref(grant_ref_t ref, domid_t domid, 1630767e98aSRoger Pau Monné unsigned long frame, int readonly) 1640767e98aSRoger Pau Monné { 1650767e98aSRoger Pau Monné 1660767e98aSRoger Pau Monné shared[ref].frame = frame; 1670767e98aSRoger Pau Monné shared[ref].domid = domid; 1680767e98aSRoger Pau Monné wmb(); 1690767e98aSRoger Pau Monné shared[ref].flags = GTF_permit_access | (readonly ? GTF_readonly : 0); 1700767e98aSRoger Pau Monné } 1710767e98aSRoger Pau Monné 1720767e98aSRoger Pau Monné int 1730767e98aSRoger Pau Monné gnttab_query_foreign_access(grant_ref_t ref) 1740767e98aSRoger Pau Monné { 1750767e98aSRoger Pau Monné uint16_t nflags; 1760767e98aSRoger Pau Monné 1770767e98aSRoger Pau Monné nflags = shared[ref].flags; 1780767e98aSRoger Pau Monné 1790767e98aSRoger Pau Monné return (nflags & (GTF_reading|GTF_writing)); 1800767e98aSRoger Pau Monné } 1810767e98aSRoger Pau Monné 1820767e98aSRoger Pau Monné int 1830767e98aSRoger Pau Monné gnttab_end_foreign_access_ref(grant_ref_t ref) 1840767e98aSRoger Pau Monné { 1850767e98aSRoger Pau Monné uint16_t flags, nflags; 1860767e98aSRoger Pau Monné 1870767e98aSRoger Pau Monné nflags = shared[ref].flags; 1880767e98aSRoger Pau Monné do { 1890767e98aSRoger Pau Monné if ( (flags = nflags) & (GTF_reading|GTF_writing) ) { 1900767e98aSRoger Pau Monné printf("%s: WARNING: g.e. still in use!\n", __func__); 1910767e98aSRoger Pau Monné return (0); 1920767e98aSRoger Pau Monné } 1930767e98aSRoger Pau Monné } while ((nflags = synch_cmpxchg(&shared[ref].flags, flags, 0)) != 1940767e98aSRoger Pau Monné flags); 1950767e98aSRoger Pau Monné 1960767e98aSRoger Pau Monné return (1); 1970767e98aSRoger Pau Monné } 1980767e98aSRoger Pau Monné 1990767e98aSRoger Pau Monné void 2000767e98aSRoger Pau Monné gnttab_end_foreign_access(grant_ref_t ref, void *page) 2010767e98aSRoger Pau Monné { 2020767e98aSRoger Pau Monné if (gnttab_end_foreign_access_ref(ref)) { 2030767e98aSRoger Pau Monné put_free_entry(ref); 2040767e98aSRoger Pau Monné if (page != NULL) { 2050767e98aSRoger Pau Monné free(page, M_DEVBUF); 2060767e98aSRoger Pau Monné } 2070767e98aSRoger Pau Monné } 2080767e98aSRoger Pau Monné else { 2090767e98aSRoger Pau Monné /* XXX This needs to be fixed so that the ref and page are 2100767e98aSRoger Pau Monné placed on a list to be freed up later. */ 2110767e98aSRoger Pau Monné printf("%s: WARNING: leaking g.e. and page still in use!\n", 2120767e98aSRoger Pau Monné __func__); 2130767e98aSRoger Pau Monné } 2140767e98aSRoger Pau Monné } 2150767e98aSRoger Pau Monné 2160767e98aSRoger Pau Monné void 2170767e98aSRoger Pau Monné gnttab_end_foreign_access_references(u_int count, grant_ref_t *refs) 2180767e98aSRoger Pau Monné { 2190767e98aSRoger Pau Monné grant_ref_t *last_ref; 2200767e98aSRoger Pau Monné grant_ref_t head; 2210767e98aSRoger Pau Monné grant_ref_t tail; 2220767e98aSRoger Pau Monné 2230767e98aSRoger Pau Monné head = GNTTAB_LIST_END; 2240767e98aSRoger Pau Monné tail = *refs; 2250767e98aSRoger Pau Monné last_ref = refs + count; 2260767e98aSRoger Pau Monné while (refs != last_ref) { 2270767e98aSRoger Pau Monné if (gnttab_end_foreign_access_ref(*refs)) { 2280767e98aSRoger Pau Monné gnttab_entry(*refs) = head; 2290767e98aSRoger Pau Monné head = *refs; 2300767e98aSRoger Pau Monné } else { 2310767e98aSRoger Pau Monné /* 2320767e98aSRoger Pau Monné * XXX This needs to be fixed so that the ref 2330767e98aSRoger Pau Monné * is placed on a list to be freed up later. 2340767e98aSRoger Pau Monné */ 2350767e98aSRoger Pau Monné printf("%s: WARNING: leaking g.e. still in use!\n", 2360767e98aSRoger Pau Monné __func__); 2370767e98aSRoger Pau Monné count--; 2380767e98aSRoger Pau Monné } 2390767e98aSRoger Pau Monné refs++; 2400767e98aSRoger Pau Monné } 2410767e98aSRoger Pau Monné 2420767e98aSRoger Pau Monné if (count != 0) { 2430767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 2440767e98aSRoger Pau Monné gnttab_free_count += count; 2450767e98aSRoger Pau Monné gnttab_entry(tail) = gnttab_free_head; 2460767e98aSRoger Pau Monné gnttab_free_head = head; 247de06f02eSRoger Pau Monné check_free_callbacks(); 2480767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 2490767e98aSRoger Pau Monné } 2500767e98aSRoger Pau Monné } 2510767e98aSRoger Pau Monné 2520767e98aSRoger Pau Monné int 2530767e98aSRoger Pau Monné gnttab_grant_foreign_transfer(domid_t domid, unsigned long pfn, 2540767e98aSRoger Pau Monné grant_ref_t *result) 2550767e98aSRoger Pau Monné { 2560767e98aSRoger Pau Monné int error, ref; 2570767e98aSRoger Pau Monné 2580767e98aSRoger Pau Monné error = get_free_entries(1, &ref); 2590767e98aSRoger Pau Monné if (__predict_false(error)) 2600767e98aSRoger Pau Monné return (error); 2610767e98aSRoger Pau Monné 2620767e98aSRoger Pau Monné gnttab_grant_foreign_transfer_ref(ref, domid, pfn); 2630767e98aSRoger Pau Monné 2640767e98aSRoger Pau Monné *result = ref; 2650767e98aSRoger Pau Monné return (0); 2660767e98aSRoger Pau Monné } 2670767e98aSRoger Pau Monné 2680767e98aSRoger Pau Monné void 2690767e98aSRoger Pau Monné gnttab_grant_foreign_transfer_ref(grant_ref_t ref, domid_t domid, 2700767e98aSRoger Pau Monné unsigned long pfn) 2710767e98aSRoger Pau Monné { 2720767e98aSRoger Pau Monné shared[ref].frame = pfn; 2730767e98aSRoger Pau Monné shared[ref].domid = domid; 2740767e98aSRoger Pau Monné wmb(); 2750767e98aSRoger Pau Monné shared[ref].flags = GTF_accept_transfer; 2760767e98aSRoger Pau Monné } 2770767e98aSRoger Pau Monné 2780767e98aSRoger Pau Monné unsigned long 2790767e98aSRoger Pau Monné gnttab_end_foreign_transfer_ref(grant_ref_t ref) 2800767e98aSRoger Pau Monné { 2810767e98aSRoger Pau Monné unsigned long frame; 2820767e98aSRoger Pau Monné uint16_t flags; 2830767e98aSRoger Pau Monné 2840767e98aSRoger Pau Monné /* 2850767e98aSRoger Pau Monné * If a transfer is not even yet started, try to reclaim the grant 2860767e98aSRoger Pau Monné * reference and return failure (== 0). 2870767e98aSRoger Pau Monné */ 2880767e98aSRoger Pau Monné while (!((flags = shared[ref].flags) & GTF_transfer_committed)) { 2890767e98aSRoger Pau Monné if ( synch_cmpxchg(&shared[ref].flags, flags, 0) == flags ) 2900767e98aSRoger Pau Monné return (0); 2912f9ec994SRoger Pau Monné cpu_spinwait(); 2920767e98aSRoger Pau Monné } 2930767e98aSRoger Pau Monné 2940767e98aSRoger Pau Monné /* If a transfer is in progress then wait until it is completed. */ 2950767e98aSRoger Pau Monné while (!(flags & GTF_transfer_completed)) { 2960767e98aSRoger Pau Monné flags = shared[ref].flags; 2972f9ec994SRoger Pau Monné cpu_spinwait(); 2980767e98aSRoger Pau Monné } 2990767e98aSRoger Pau Monné 3000767e98aSRoger Pau Monné /* Read the frame number /after/ reading completion status. */ 3010767e98aSRoger Pau Monné rmb(); 3020767e98aSRoger Pau Monné frame = shared[ref].frame; 3030767e98aSRoger Pau Monné KASSERT(frame != 0, ("grant table inconsistent")); 3040767e98aSRoger Pau Monné 3050767e98aSRoger Pau Monné return (frame); 3060767e98aSRoger Pau Monné } 3070767e98aSRoger Pau Monné 3080767e98aSRoger Pau Monné unsigned long 3090767e98aSRoger Pau Monné gnttab_end_foreign_transfer(grant_ref_t ref) 3100767e98aSRoger Pau Monné { 3110767e98aSRoger Pau Monné unsigned long frame = gnttab_end_foreign_transfer_ref(ref); 3120767e98aSRoger Pau Monné 3130767e98aSRoger Pau Monné put_free_entry(ref); 3140767e98aSRoger Pau Monné return (frame); 3150767e98aSRoger Pau Monné } 3160767e98aSRoger Pau Monné 3170767e98aSRoger Pau Monné void 3180767e98aSRoger Pau Monné gnttab_free_grant_reference(grant_ref_t ref) 3190767e98aSRoger Pau Monné { 3200767e98aSRoger Pau Monné 3210767e98aSRoger Pau Monné put_free_entry(ref); 3220767e98aSRoger Pau Monné } 3230767e98aSRoger Pau Monné 3240767e98aSRoger Pau Monné void 3250767e98aSRoger Pau Monné gnttab_free_grant_references(grant_ref_t head) 3260767e98aSRoger Pau Monné { 3270767e98aSRoger Pau Monné grant_ref_t ref; 3280767e98aSRoger Pau Monné int count = 1; 3290767e98aSRoger Pau Monné 3300767e98aSRoger Pau Monné if (head == GNTTAB_LIST_END) 3310767e98aSRoger Pau Monné return; 3320767e98aSRoger Pau Monné 3330767e98aSRoger Pau Monné ref = head; 3340767e98aSRoger Pau Monné while (gnttab_entry(ref) != GNTTAB_LIST_END) { 3350767e98aSRoger Pau Monné ref = gnttab_entry(ref); 3360767e98aSRoger Pau Monné count++; 3370767e98aSRoger Pau Monné } 3380767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 3390767e98aSRoger Pau Monné gnttab_entry(ref) = gnttab_free_head; 3400767e98aSRoger Pau Monné gnttab_free_head = head; 3410767e98aSRoger Pau Monné gnttab_free_count += count; 3420767e98aSRoger Pau Monné check_free_callbacks(); 3430767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 3440767e98aSRoger Pau Monné } 3450767e98aSRoger Pau Monné 3460767e98aSRoger Pau Monné int 3470767e98aSRoger Pau Monné gnttab_alloc_grant_references(uint16_t count, grant_ref_t *head) 3480767e98aSRoger Pau Monné { 3490767e98aSRoger Pau Monné int ref, error; 3500767e98aSRoger Pau Monné 3510767e98aSRoger Pau Monné error = get_free_entries(count, &ref); 3520767e98aSRoger Pau Monné if (__predict_false(error)) 3530767e98aSRoger Pau Monné return (error); 3540767e98aSRoger Pau Monné 3550767e98aSRoger Pau Monné *head = ref; 3560767e98aSRoger Pau Monné return (0); 3570767e98aSRoger Pau Monné } 3580767e98aSRoger Pau Monné 3590767e98aSRoger Pau Monné int 3600767e98aSRoger Pau Monné gnttab_empty_grant_references(const grant_ref_t *private_head) 3610767e98aSRoger Pau Monné { 3620767e98aSRoger Pau Monné 3630767e98aSRoger Pau Monné return (*private_head == GNTTAB_LIST_END); 3640767e98aSRoger Pau Monné } 3650767e98aSRoger Pau Monné 3660767e98aSRoger Pau Monné int 3670767e98aSRoger Pau Monné gnttab_claim_grant_reference(grant_ref_t *private_head) 3680767e98aSRoger Pau Monné { 3690767e98aSRoger Pau Monné grant_ref_t g = *private_head; 3700767e98aSRoger Pau Monné 3710767e98aSRoger Pau Monné if (__predict_false(g == GNTTAB_LIST_END)) 3720767e98aSRoger Pau Monné return (g); 3730767e98aSRoger Pau Monné *private_head = gnttab_entry(g); 3740767e98aSRoger Pau Monné return (g); 3750767e98aSRoger Pau Monné } 3760767e98aSRoger Pau Monné 3770767e98aSRoger Pau Monné void 3780767e98aSRoger Pau Monné gnttab_release_grant_reference(grant_ref_t *private_head, grant_ref_t release) 3790767e98aSRoger Pau Monné { 3800767e98aSRoger Pau Monné 3810767e98aSRoger Pau Monné gnttab_entry(release) = *private_head; 3820767e98aSRoger Pau Monné *private_head = release; 3830767e98aSRoger Pau Monné } 3840767e98aSRoger Pau Monné 3850767e98aSRoger Pau Monné void 3860767e98aSRoger Pau Monné gnttab_request_free_callback(struct gnttab_free_callback *callback, 3870767e98aSRoger Pau Monné void (*fn)(void *), void *arg, uint16_t count) 3880767e98aSRoger Pau Monné { 3890767e98aSRoger Pau Monné 3900767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 3910767e98aSRoger Pau Monné if (callback->next) 3920767e98aSRoger Pau Monné goto out; 3930767e98aSRoger Pau Monné callback->fn = fn; 3940767e98aSRoger Pau Monné callback->arg = arg; 3950767e98aSRoger Pau Monné callback->count = count; 3960767e98aSRoger Pau Monné callback->next = gnttab_free_callback_list; 3970767e98aSRoger Pau Monné gnttab_free_callback_list = callback; 3980767e98aSRoger Pau Monné check_free_callbacks(); 3990767e98aSRoger Pau Monné out: 4000767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 4010767e98aSRoger Pau Monné 4020767e98aSRoger Pau Monné } 4030767e98aSRoger Pau Monné 4040767e98aSRoger Pau Monné void 4050767e98aSRoger Pau Monné gnttab_cancel_free_callback(struct gnttab_free_callback *callback) 4060767e98aSRoger Pau Monné { 4070767e98aSRoger Pau Monné struct gnttab_free_callback **pcb; 4080767e98aSRoger Pau Monné 4090767e98aSRoger Pau Monné mtx_lock(&gnttab_list_lock); 4100767e98aSRoger Pau Monné for (pcb = &gnttab_free_callback_list; *pcb; pcb = &(*pcb)->next) { 4110767e98aSRoger Pau Monné if (*pcb == callback) { 4120767e98aSRoger Pau Monné *pcb = callback->next; 4130767e98aSRoger Pau Monné break; 4140767e98aSRoger Pau Monné } 4150767e98aSRoger Pau Monné } 4160767e98aSRoger Pau Monné mtx_unlock(&gnttab_list_lock); 4170767e98aSRoger Pau Monné } 4180767e98aSRoger Pau Monné 4190767e98aSRoger Pau Monné static int 4200767e98aSRoger Pau Monné grow_gnttab_list(unsigned int more_frames) 4210767e98aSRoger Pau Monné { 4220767e98aSRoger Pau Monné unsigned int new_nr_grant_frames, extra_entries, i; 4230767e98aSRoger Pau Monné 4240767e98aSRoger Pau Monné new_nr_grant_frames = nr_grant_frames + more_frames; 4250767e98aSRoger Pau Monné extra_entries = more_frames * GREFS_PER_GRANT_FRAME; 4260767e98aSRoger Pau Monné 4270767e98aSRoger Pau Monné for (i = nr_grant_frames; i < new_nr_grant_frames; i++) 4280767e98aSRoger Pau Monné { 4290767e98aSRoger Pau Monné gnttab_list[i] = (grant_ref_t *) 4300767e98aSRoger Pau Monné malloc(PAGE_SIZE, M_DEVBUF, M_NOWAIT); 4310767e98aSRoger Pau Monné 4320767e98aSRoger Pau Monné if (!gnttab_list[i]) 4330767e98aSRoger Pau Monné goto grow_nomem; 4340767e98aSRoger Pau Monné } 4350767e98aSRoger Pau Monné 4360767e98aSRoger Pau Monné for (i = GREFS_PER_GRANT_FRAME * nr_grant_frames; 4370767e98aSRoger Pau Monné i < GREFS_PER_GRANT_FRAME * new_nr_grant_frames - 1; i++) 4380767e98aSRoger Pau Monné gnttab_entry(i) = i + 1; 4390767e98aSRoger Pau Monné 4400767e98aSRoger Pau Monné gnttab_entry(i) = gnttab_free_head; 4410767e98aSRoger Pau Monné gnttab_free_head = GREFS_PER_GRANT_FRAME * nr_grant_frames; 4420767e98aSRoger Pau Monné gnttab_free_count += extra_entries; 4430767e98aSRoger Pau Monné 4440767e98aSRoger Pau Monné nr_grant_frames = new_nr_grant_frames; 4450767e98aSRoger Pau Monné 4460767e98aSRoger Pau Monné check_free_callbacks(); 4470767e98aSRoger Pau Monné 4480767e98aSRoger Pau Monné return (0); 4490767e98aSRoger Pau Monné 4500767e98aSRoger Pau Monné grow_nomem: 4510767e98aSRoger Pau Monné for ( ; i >= nr_grant_frames; i--) 4520767e98aSRoger Pau Monné free(gnttab_list[i], M_DEVBUF); 4530767e98aSRoger Pau Monné return (ENOMEM); 4540767e98aSRoger Pau Monné } 4550767e98aSRoger Pau Monné 4560767e98aSRoger Pau Monné static unsigned int 4570767e98aSRoger Pau Monné __max_nr_grant_frames(void) 4580767e98aSRoger Pau Monné { 4590767e98aSRoger Pau Monné struct gnttab_query_size query; 4600767e98aSRoger Pau Monné int rc; 4610767e98aSRoger Pau Monné 4620767e98aSRoger Pau Monné query.dom = DOMID_SELF; 4630767e98aSRoger Pau Monné 4640767e98aSRoger Pau Monné rc = HYPERVISOR_grant_table_op(GNTTABOP_query_size, &query, 1); 4650767e98aSRoger Pau Monné if ((rc < 0) || (query.status != GNTST_okay)) 4660767e98aSRoger Pau Monné return (4); /* Legacy max supported number of frames */ 4670767e98aSRoger Pau Monné 4680767e98aSRoger Pau Monné return (query.max_nr_frames); 4690767e98aSRoger Pau Monné } 4700767e98aSRoger Pau Monné 4710767e98aSRoger Pau Monné static inline 4720767e98aSRoger Pau Monné unsigned int max_nr_grant_frames(void) 4730767e98aSRoger Pau Monné { 4740767e98aSRoger Pau Monné 4757de88bb4SElliott Mitchell return (min(__max_nr_grant_frames(), boot_max_nr_grant_frames)); 4760767e98aSRoger Pau Monné } 4770767e98aSRoger Pau Monné 4780767e98aSRoger Pau Monné #ifdef notyet 4790767e98aSRoger Pau Monné /* 4800767e98aSRoger Pau Monné * XXX needed for backend support 4810767e98aSRoger Pau Monné * 4820767e98aSRoger Pau Monné */ 4830767e98aSRoger Pau Monné static int 4840767e98aSRoger Pau Monné map_pte_fn(pte_t *pte, struct page *pmd_page, 4850767e98aSRoger Pau Monné unsigned long addr, void *data) 4860767e98aSRoger Pau Monné { 4870767e98aSRoger Pau Monné unsigned long **frames = (unsigned long **)data; 4880767e98aSRoger Pau Monné 4890767e98aSRoger Pau Monné set_pte_at(&init_mm, addr, pte, pfn_pte_ma((*frames)[0], PAGE_KERNEL)); 4900767e98aSRoger Pau Monné (*frames)++; 4910767e98aSRoger Pau Monné return 0; 4920767e98aSRoger Pau Monné } 4930767e98aSRoger Pau Monné 4940767e98aSRoger Pau Monné static int 4950767e98aSRoger Pau Monné unmap_pte_fn(pte_t *pte, struct page *pmd_page, 4960767e98aSRoger Pau Monné unsigned long addr, void *data) 4970767e98aSRoger Pau Monné { 4980767e98aSRoger Pau Monné 4990767e98aSRoger Pau Monné set_pte_at(&init_mm, addr, pte, __pte(0)); 5000767e98aSRoger Pau Monné return 0; 5010767e98aSRoger Pau Monné } 5020767e98aSRoger Pau Monné #endif 5030767e98aSRoger Pau Monné 5040767e98aSRoger Pau Monné static vm_paddr_t resume_frames; 5050767e98aSRoger Pau Monné 506*759ae58cSRoger Pau Monné static void 5070767e98aSRoger Pau Monné gnttab_map(unsigned int start_idx, unsigned int end_idx) 5080767e98aSRoger Pau Monné { 5090767e98aSRoger Pau Monné struct xen_add_to_physmap xatp; 5100767e98aSRoger Pau Monné unsigned int i = end_idx; 5110767e98aSRoger Pau Monné 5120767e98aSRoger Pau Monné /* 5130767e98aSRoger Pau Monné * Loop backwards, so that the first hypercall has the largest index, 5140767e98aSRoger Pau Monné * ensuring that the table will grow only once. 5150767e98aSRoger Pau Monné */ 5160767e98aSRoger Pau Monné do { 5170767e98aSRoger Pau Monné xatp.domid = DOMID_SELF; 5180767e98aSRoger Pau Monné xatp.idx = i; 5190767e98aSRoger Pau Monné xatp.space = XENMAPSPACE_grant_table; 5200767e98aSRoger Pau Monné xatp.gpfn = (resume_frames >> PAGE_SHIFT) + i; 5210767e98aSRoger Pau Monné if (HYPERVISOR_memory_op(XENMEM_add_to_physmap, &xatp)) 5220767e98aSRoger Pau Monné panic("HYPERVISOR_memory_op failed to map gnttab"); 5230767e98aSRoger Pau Monné } while (i-- > start_idx); 5240767e98aSRoger Pau Monné } 5250767e98aSRoger Pau Monné 5260767e98aSRoger Pau Monné int 5270767e98aSRoger Pau Monné gnttab_resume(device_t dev) 5280767e98aSRoger Pau Monné { 5290767e98aSRoger Pau Monné unsigned int max_nr_gframes, nr_gframes; 5300767e98aSRoger Pau Monné 5310767e98aSRoger Pau Monné nr_gframes = nr_grant_frames; 5320767e98aSRoger Pau Monné max_nr_gframes = max_nr_grant_frames(); 5330767e98aSRoger Pau Monné if (max_nr_gframes < nr_gframes) 5340767e98aSRoger Pau Monné return (ENOSYS); 5350767e98aSRoger Pau Monné 5360767e98aSRoger Pau Monné if (!resume_frames) { 5370767e98aSRoger Pau Monné KASSERT(dev != NULL, 5380767e98aSRoger Pau Monné ("No resume frames and no device provided")); 5390767e98aSRoger Pau Monné 5400df8b29dSRoger Pau Monné gnttab_pseudo_phys_res = xenmem_alloc(dev, 5410df8b29dSRoger Pau Monné &gnttab_pseudo_phys_res_id, PAGE_SIZE * max_nr_gframes); 5420767e98aSRoger Pau Monné if (gnttab_pseudo_phys_res == NULL) 5430767e98aSRoger Pau Monné panic("Unable to reserve physical memory for gnttab"); 5440767e98aSRoger Pau Monné resume_frames = rman_get_start(gnttab_pseudo_phys_res); 545*759ae58cSRoger Pau Monné shared = rman_get_virtual(gnttab_pseudo_phys_res); 5460767e98aSRoger Pau Monné } 547*759ae58cSRoger Pau Monné gnttab_map(0, nr_gframes - 1); 5480767e98aSRoger Pau Monné 549*759ae58cSRoger Pau Monné return (0); 5500767e98aSRoger Pau Monné } 5510767e98aSRoger Pau Monné 5520767e98aSRoger Pau Monné static int 5530767e98aSRoger Pau Monné gnttab_expand(unsigned int req_entries) 5540767e98aSRoger Pau Monné { 5550767e98aSRoger Pau Monné unsigned int cur, extra; 5560767e98aSRoger Pau Monné 5570767e98aSRoger Pau Monné cur = nr_grant_frames; 558057b4402SPedro F. Giffuni extra = howmany(req_entries, GREFS_PER_GRANT_FRAME); 5590767e98aSRoger Pau Monné if (cur + extra > max_nr_grant_frames()) 5600767e98aSRoger Pau Monné return (ENOSPC); 5610767e98aSRoger Pau Monné 562*759ae58cSRoger Pau Monné gnttab_map(cur, cur + extra - 1); 5630767e98aSRoger Pau Monné 564*759ae58cSRoger Pau Monné return (grow_gnttab_list(extra)); 5650767e98aSRoger Pau Monné } 5660767e98aSRoger Pau Monné 5675477025aSRoger Pau Monné MTX_SYSINIT(gnttab, &gnttab_list_lock, "GNTTAB LOCK", MTX_DEF | MTX_RECURSE); 5681093cd82SRoger Pau Monné 5691093cd82SRoger Pau Monné /*------------------ Private Device Attachment Functions --------------------*/ 5701093cd82SRoger Pau Monné /** 5711093cd82SRoger Pau Monné * \brief Identify instances of this device type in the system. 5721093cd82SRoger Pau Monné * 5731093cd82SRoger Pau Monné * \param driver The driver performing this identify action. 5741093cd82SRoger Pau Monné * \param parent The NewBus parent device for any devices this method adds. 5751093cd82SRoger Pau Monné */ 5761093cd82SRoger Pau Monné static void 5771093cd82SRoger Pau Monné granttable_identify(driver_t *driver __unused, device_t parent) 5781093cd82SRoger Pau Monné { 5791093cd82SRoger Pau Monné 5801093cd82SRoger Pau Monné KASSERT(xen_domain(), 5811093cd82SRoger Pau Monné ("Trying to attach grant-table device on non Xen domain")); 5821093cd82SRoger Pau Monné /* 5831093cd82SRoger Pau Monné * A single device instance for our driver is always present 5841093cd82SRoger Pau Monné * in a system operating under Xen. 5851093cd82SRoger Pau Monné */ 5861093cd82SRoger Pau Monné if (BUS_ADD_CHILD(parent, 0, driver->name, 0) == NULL) 5871093cd82SRoger Pau Monné panic("unable to attach Xen Grant-table device"); 5881093cd82SRoger Pau Monné } 5891093cd82SRoger Pau Monné 5901093cd82SRoger Pau Monné /** 5911093cd82SRoger Pau Monné * \brief Probe for the existence of the Xen Grant-table device 5921093cd82SRoger Pau Monné * 5931093cd82SRoger Pau Monné * \param dev NewBus device_t for this instance. 5941093cd82SRoger Pau Monné * 5951093cd82SRoger Pau Monné * \return Always returns 0 indicating success. 5961093cd82SRoger Pau Monné */ 5971093cd82SRoger Pau Monné static int 5981093cd82SRoger Pau Monné granttable_probe(device_t dev) 5991093cd82SRoger Pau Monné { 6001093cd82SRoger Pau Monné 6011093cd82SRoger Pau Monné device_set_desc(dev, "Xen Grant-table Device"); 6021093cd82SRoger Pau Monné return (BUS_PROBE_NOWILDCARD); 6031093cd82SRoger Pau Monné } 6041093cd82SRoger Pau Monné 6051093cd82SRoger Pau Monné /** 6061093cd82SRoger Pau Monné * \brief Attach the Xen Grant-table device. 6071093cd82SRoger Pau Monné * 6081093cd82SRoger Pau Monné * \param dev NewBus device_t for this instance. 6091093cd82SRoger Pau Monné * 6101093cd82SRoger Pau Monné * \return On success, 0. Otherwise an errno value indicating the 6111093cd82SRoger Pau Monné * type of failure. 6121093cd82SRoger Pau Monné */ 6131093cd82SRoger Pau Monné static int 6141093cd82SRoger Pau Monné granttable_attach(device_t dev) 6150767e98aSRoger Pau Monné { 6160767e98aSRoger Pau Monné int i; 6170767e98aSRoger Pau Monné unsigned int max_nr_glist_frames; 6180767e98aSRoger Pau Monné unsigned int nr_init_grefs; 6190767e98aSRoger Pau Monné 6200767e98aSRoger Pau Monné nr_grant_frames = 1; 6210767e98aSRoger Pau Monné boot_max_nr_grant_frames = __max_nr_grant_frames(); 6220767e98aSRoger Pau Monné 6230767e98aSRoger Pau Monné /* Determine the maximum number of frames required for the 6240767e98aSRoger Pau Monné * grant reference free list on the current hypervisor. 6250767e98aSRoger Pau Monné */ 6260767e98aSRoger Pau Monné max_nr_glist_frames = (boot_max_nr_grant_frames * 6270767e98aSRoger Pau Monné GREFS_PER_GRANT_FRAME / 6280767e98aSRoger Pau Monné (PAGE_SIZE / sizeof(grant_ref_t))); 6290767e98aSRoger Pau Monné 6300767e98aSRoger Pau Monné gnttab_list = malloc(max_nr_glist_frames * sizeof(grant_ref_t *), 6310767e98aSRoger Pau Monné M_DEVBUF, M_NOWAIT); 6320767e98aSRoger Pau Monné 6330767e98aSRoger Pau Monné if (gnttab_list == NULL) 6340767e98aSRoger Pau Monné return (ENOMEM); 6350767e98aSRoger Pau Monné 6360767e98aSRoger Pau Monné for (i = 0; i < nr_grant_frames; i++) { 6370767e98aSRoger Pau Monné gnttab_list[i] = (grant_ref_t *) 6380767e98aSRoger Pau Monné malloc(PAGE_SIZE, M_DEVBUF, M_NOWAIT); 6390767e98aSRoger Pau Monné if (gnttab_list[i] == NULL) 6400767e98aSRoger Pau Monné goto ini_nomem; 6410767e98aSRoger Pau Monné } 6420767e98aSRoger Pau Monné 6430767e98aSRoger Pau Monné if (gnttab_resume(dev)) 6440767e98aSRoger Pau Monné return (ENODEV); 6450767e98aSRoger Pau Monné 6460767e98aSRoger Pau Monné nr_init_grefs = nr_grant_frames * GREFS_PER_GRANT_FRAME; 6470767e98aSRoger Pau Monné 6480767e98aSRoger Pau Monné for (i = NR_RESERVED_ENTRIES; i < nr_init_grefs - 1; i++) 6490767e98aSRoger Pau Monné gnttab_entry(i) = i + 1; 6500767e98aSRoger Pau Monné 6510767e98aSRoger Pau Monné gnttab_entry(nr_init_grefs - 1) = GNTTAB_LIST_END; 6520767e98aSRoger Pau Monné gnttab_free_count = nr_init_grefs - NR_RESERVED_ENTRIES; 6530767e98aSRoger Pau Monné gnttab_free_head = NR_RESERVED_ENTRIES; 6540767e98aSRoger Pau Monné 6550767e98aSRoger Pau Monné if (bootverbose) 6560767e98aSRoger Pau Monné printf("Grant table initialized\n"); 6570767e98aSRoger Pau Monné 6580767e98aSRoger Pau Monné return (0); 6590767e98aSRoger Pau Monné 6600767e98aSRoger Pau Monné ini_nomem: 6610767e98aSRoger Pau Monné for (i--; i >= 0; i--) 6620767e98aSRoger Pau Monné free(gnttab_list[i], M_DEVBUF); 6630767e98aSRoger Pau Monné free(gnttab_list, M_DEVBUF); 6640767e98aSRoger Pau Monné return (ENOMEM); 6650767e98aSRoger Pau Monné } 6660767e98aSRoger Pau Monné 6671093cd82SRoger Pau Monné /*-------------------- Private Device Attachment Data -----------------------*/ 6681093cd82SRoger Pau Monné static device_method_t granttable_methods[] = { 6691093cd82SRoger Pau Monné /* Device interface */ 6701093cd82SRoger Pau Monné DEVMETHOD(device_identify, granttable_identify), 6711093cd82SRoger Pau Monné DEVMETHOD(device_probe, granttable_probe), 6721093cd82SRoger Pau Monné DEVMETHOD(device_attach, granttable_attach), 6731093cd82SRoger Pau Monné 6741093cd82SRoger Pau Monné DEVMETHOD_END 6751093cd82SRoger Pau Monné }; 6761093cd82SRoger Pau Monné 6771093cd82SRoger Pau Monné DEFINE_CLASS_0(granttable, granttable_driver, granttable_methods, 0); 6781093cd82SRoger Pau Monné devclass_t granttable_devclass; 6791093cd82SRoger Pau Monné 6801093cd82SRoger Pau Monné DRIVER_MODULE_ORDERED(granttable, xenpv, granttable_driver, granttable_devclass, 6811093cd82SRoger Pau Monné NULL, NULL, SI_ORDER_FIRST); 682