xref: /linux/drivers/block/xen-blkfront.c (revision 15a1fbdcfb519c2bd291ed01c6c94e0b89537a77)
1 /*
2  * blkfront.c
3  *
4  * XenLinux virtual block device driver.
5  *
6  * Copyright (c) 2003-2004, Keir Fraser & Steve Hand
7  * Modifications by Mark A. Williamson are (c) Intel Research Cambridge
8  * Copyright (c) 2004, Christian Limpach
9  * Copyright (c) 2004, Andrew Warfield
10  * Copyright (c) 2005, Christopher Clark
11  * Copyright (c) 2005, XenSource Ltd
12  *
13  * This program is free software; you can redistribute it and/or
14  * modify it under the terms of the GNU General Public License version 2
15  * as published by the Free Software Foundation; or, when distributed
16  * separately from the Linux kernel or incorporated into other
17  * software packages, subject to the following license:
18  *
19  * Permission is hereby granted, free of charge, to any person obtaining a copy
20  * of this source file (the "Software"), to deal in the Software without
21  * restriction, including without limitation the rights to use, copy, modify,
22  * merge, publish, distribute, sublicense, and/or sell copies of the Software,
23  * and to permit persons to whom the Software is furnished to do so, subject to
24  * the following conditions:
25  *
26  * The above copyright notice and this permission notice shall be included in
27  * all copies or substantial portions of the Software.
28  *
29  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
30  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
31  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
32  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
33  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
34  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
35  * IN THE SOFTWARE.
36  */
37 
38 #include <linux/interrupt.h>
39 #include <linux/blkdev.h>
40 #include <linux/blk-mq.h>
41 #include <linux/hdreg.h>
42 #include <linux/cdrom.h>
43 #include <linux/module.h>
44 #include <linux/slab.h>
45 #include <linux/mutex.h>
46 #include <linux/scatterlist.h>
47 #include <linux/bitmap.h>
48 #include <linux/list.h>
49 #include <linux/workqueue.h>
50 
51 #include <xen/xen.h>
52 #include <xen/xenbus.h>
53 #include <xen/grant_table.h>
54 #include <xen/events.h>
55 #include <xen/page.h>
56 #include <xen/platform_pci.h>
57 
58 #include <xen/interface/grant_table.h>
59 #include <xen/interface/io/blkif.h>
60 #include <xen/interface/io/protocols.h>
61 
62 #include <asm/xen/hypervisor.h>
63 
64 /*
65  * The minimal size of segment supported by the block framework is PAGE_SIZE.
66  * When Linux is using a different page size than Xen, it may not be possible
67  * to put all the data in a single segment.
68  * This can happen when the backend doesn't support indirect descriptor and
69  * therefore the maximum amount of data that a request can carry is
70  * BLKIF_MAX_SEGMENTS_PER_REQUEST * XEN_PAGE_SIZE = 44KB
71  *
72  * Note that we only support one extra request. So the Linux page size
73  * should be <= ( 2 * BLKIF_MAX_SEGMENTS_PER_REQUEST * XEN_PAGE_SIZE) =
74  * 88KB.
75  */
76 #define HAS_EXTRA_REQ (BLKIF_MAX_SEGMENTS_PER_REQUEST < XEN_PFN_PER_PAGE)
77 
78 enum blkif_state {
79 	BLKIF_STATE_DISCONNECTED,
80 	BLKIF_STATE_CONNECTED,
81 	BLKIF_STATE_SUSPENDED,
82 };
83 
84 struct grant {
85 	grant_ref_t gref;
86 	struct page *page;
87 	struct list_head node;
88 };
89 
90 enum blk_req_status {
91 	REQ_WAITING,
92 	REQ_DONE,
93 	REQ_ERROR,
94 	REQ_EOPNOTSUPP,
95 };
96 
97 struct blk_shadow {
98 	struct blkif_request req;
99 	struct request *request;
100 	struct grant **grants_used;
101 	struct grant **indirect_grants;
102 	struct scatterlist *sg;
103 	unsigned int num_sg;
104 	enum blk_req_status status;
105 
106 	#define NO_ASSOCIATED_ID ~0UL
107 	/*
108 	 * Id of the sibling if we ever need 2 requests when handling a
109 	 * block I/O request
110 	 */
111 	unsigned long associated_id;
112 };
113 
114 struct blkif_req {
115 	blk_status_t	error;
116 };
117 
118 static inline struct blkif_req *blkif_req(struct request *rq)
119 {
120 	return blk_mq_rq_to_pdu(rq);
121 }
122 
123 static DEFINE_MUTEX(blkfront_mutex);
124 static const struct block_device_operations xlvbd_block_fops;
125 static struct delayed_work blkfront_work;
126 static LIST_HEAD(info_list);
127 
128 /*
129  * Maximum number of segments in indirect requests, the actual value used by
130  * the frontend driver is the minimum of this value and the value provided
131  * by the backend driver.
132  */
133 
134 static unsigned int xen_blkif_max_segments = 32;
135 module_param_named(max_indirect_segments, xen_blkif_max_segments, uint, 0444);
136 MODULE_PARM_DESC(max_indirect_segments,
137 		 "Maximum amount of segments in indirect requests (default is 32)");
138 
139 static unsigned int xen_blkif_max_queues = 4;
140 module_param_named(max_queues, xen_blkif_max_queues, uint, 0444);
141 MODULE_PARM_DESC(max_queues, "Maximum number of hardware queues/rings used per virtual disk");
142 
143 /*
144  * Maximum order of pages to be used for the shared ring between front and
145  * backend, 4KB page granularity is used.
146  */
147 static unsigned int xen_blkif_max_ring_order;
148 module_param_named(max_ring_page_order, xen_blkif_max_ring_order, int, 0444);
149 MODULE_PARM_DESC(max_ring_page_order, "Maximum order of pages to be used for the shared ring");
150 
151 #define BLK_RING_SIZE(info)	\
152 	__CONST_RING_SIZE(blkif, XEN_PAGE_SIZE * (info)->nr_ring_pages)
153 
154 /*
155  * ring-ref%u i=(-1UL) would take 11 characters + 'ring-ref' is 8, so 19
156  * characters are enough. Define to 20 to keep consistent with backend.
157  */
158 #define RINGREF_NAME_LEN (20)
159 /*
160  * queue-%u would take 7 + 10(UINT_MAX) = 17 characters.
161  */
162 #define QUEUE_NAME_LEN (17)
163 
164 /*
165  *  Per-ring info.
166  *  Every blkfront device can associate with one or more blkfront_ring_info,
167  *  depending on how many hardware queues/rings to be used.
168  */
169 struct blkfront_ring_info {
170 	/* Lock to protect data in every ring buffer. */
171 	spinlock_t ring_lock;
172 	struct blkif_front_ring ring;
173 	unsigned int ring_ref[XENBUS_MAX_RING_GRANTS];
174 	unsigned int evtchn, irq;
175 	struct work_struct work;
176 	struct gnttab_free_callback callback;
177 	struct list_head indirect_pages;
178 	struct list_head grants;
179 	unsigned int persistent_gnts_c;
180 	unsigned long shadow_free;
181 	struct blkfront_info *dev_info;
182 	struct blk_shadow shadow[];
183 };
184 
185 /*
186  * We have one of these per vbd, whether ide, scsi or 'other'.  They
187  * hang in private_data off the gendisk structure. We may end up
188  * putting all kinds of interesting stuff here :-)
189  */
190 struct blkfront_info
191 {
192 	struct mutex mutex;
193 	struct xenbus_device *xbdev;
194 	struct gendisk *gd;
195 	u16 sector_size;
196 	unsigned int physical_sector_size;
197 	int vdevice;
198 	blkif_vdev_t handle;
199 	enum blkif_state connected;
200 	/* Number of pages per ring buffer. */
201 	unsigned int nr_ring_pages;
202 	struct request_queue *rq;
203 	unsigned int feature_flush:1;
204 	unsigned int feature_fua:1;
205 	unsigned int feature_discard:1;
206 	unsigned int feature_secdiscard:1;
207 	unsigned int feature_persistent:1;
208 	unsigned int discard_granularity;
209 	unsigned int discard_alignment;
210 	/* Number of 4KB segments handled */
211 	unsigned int max_indirect_segments;
212 	int is_ready;
213 	struct blk_mq_tag_set tag_set;
214 	struct blkfront_ring_info *rinfo;
215 	unsigned int nr_rings;
216 	/* Save uncomplete reqs and bios for migration. */
217 	struct list_head requests;
218 	struct bio_list bio_list;
219 	struct list_head info_list;
220 };
221 
222 static unsigned int nr_minors;
223 static unsigned long *minors;
224 static DEFINE_SPINLOCK(minor_lock);
225 
226 #define GRANT_INVALID_REF	0
227 
228 #define PARTS_PER_DISK		16
229 #define PARTS_PER_EXT_DISK      256
230 
231 #define BLKIF_MAJOR(dev) ((dev)>>8)
232 #define BLKIF_MINOR(dev) ((dev) & 0xff)
233 
234 #define EXT_SHIFT 28
235 #define EXTENDED (1<<EXT_SHIFT)
236 #define VDEV_IS_EXTENDED(dev) ((dev)&(EXTENDED))
237 #define BLKIF_MINOR_EXT(dev) ((dev)&(~EXTENDED))
238 #define EMULATED_HD_DISK_MINOR_OFFSET (0)
239 #define EMULATED_HD_DISK_NAME_OFFSET (EMULATED_HD_DISK_MINOR_OFFSET / 256)
240 #define EMULATED_SD_DISK_MINOR_OFFSET (0)
241 #define EMULATED_SD_DISK_NAME_OFFSET (EMULATED_SD_DISK_MINOR_OFFSET / 256)
242 
243 #define DEV_NAME	"xvd"	/* name in /dev */
244 
245 /*
246  * Grants are always the same size as a Xen page (i.e 4KB).
247  * A physical segment is always the same size as a Linux page.
248  * Number of grants per physical segment
249  */
250 #define GRANTS_PER_PSEG	(PAGE_SIZE / XEN_PAGE_SIZE)
251 
252 #define GRANTS_PER_INDIRECT_FRAME \
253 	(XEN_PAGE_SIZE / sizeof(struct blkif_request_segment))
254 
255 #define INDIRECT_GREFS(_grants)		\
256 	DIV_ROUND_UP(_grants, GRANTS_PER_INDIRECT_FRAME)
257 
258 static int blkfront_setup_indirect(struct blkfront_ring_info *rinfo);
259 static void blkfront_gather_backend_features(struct blkfront_info *info);
260 static int negotiate_mq(struct blkfront_info *info);
261 
262 static int get_id_from_freelist(struct blkfront_ring_info *rinfo)
263 {
264 	unsigned long free = rinfo->shadow_free;
265 
266 	BUG_ON(free >= BLK_RING_SIZE(rinfo->dev_info));
267 	rinfo->shadow_free = rinfo->shadow[free].req.u.rw.id;
268 	rinfo->shadow[free].req.u.rw.id = 0x0fffffee; /* debug */
269 	return free;
270 }
271 
272 static int add_id_to_freelist(struct blkfront_ring_info *rinfo,
273 			      unsigned long id)
274 {
275 	if (rinfo->shadow[id].req.u.rw.id != id)
276 		return -EINVAL;
277 	if (rinfo->shadow[id].request == NULL)
278 		return -EINVAL;
279 	rinfo->shadow[id].req.u.rw.id  = rinfo->shadow_free;
280 	rinfo->shadow[id].request = NULL;
281 	rinfo->shadow_free = id;
282 	return 0;
283 }
284 
285 static int fill_grant_buffer(struct blkfront_ring_info *rinfo, int num)
286 {
287 	struct blkfront_info *info = rinfo->dev_info;
288 	struct page *granted_page;
289 	struct grant *gnt_list_entry, *n;
290 	int i = 0;
291 
292 	while (i < num) {
293 		gnt_list_entry = kzalloc(sizeof(struct grant), GFP_NOIO);
294 		if (!gnt_list_entry)
295 			goto out_of_memory;
296 
297 		if (info->feature_persistent) {
298 			granted_page = alloc_page(GFP_NOIO);
299 			if (!granted_page) {
300 				kfree(gnt_list_entry);
301 				goto out_of_memory;
302 			}
303 			gnt_list_entry->page = granted_page;
304 		}
305 
306 		gnt_list_entry->gref = GRANT_INVALID_REF;
307 		list_add(&gnt_list_entry->node, &rinfo->grants);
308 		i++;
309 	}
310 
311 	return 0;
312 
313 out_of_memory:
314 	list_for_each_entry_safe(gnt_list_entry, n,
315 	                         &rinfo->grants, node) {
316 		list_del(&gnt_list_entry->node);
317 		if (info->feature_persistent)
318 			__free_page(gnt_list_entry->page);
319 		kfree(gnt_list_entry);
320 		i--;
321 	}
322 	BUG_ON(i != 0);
323 	return -ENOMEM;
324 }
325 
326 static struct grant *get_free_grant(struct blkfront_ring_info *rinfo)
327 {
328 	struct grant *gnt_list_entry;
329 
330 	BUG_ON(list_empty(&rinfo->grants));
331 	gnt_list_entry = list_first_entry(&rinfo->grants, struct grant,
332 					  node);
333 	list_del(&gnt_list_entry->node);
334 
335 	if (gnt_list_entry->gref != GRANT_INVALID_REF)
336 		rinfo->persistent_gnts_c--;
337 
338 	return gnt_list_entry;
339 }
340 
341 static inline void grant_foreign_access(const struct grant *gnt_list_entry,
342 					const struct blkfront_info *info)
343 {
344 	gnttab_page_grant_foreign_access_ref_one(gnt_list_entry->gref,
345 						 info->xbdev->otherend_id,
346 						 gnt_list_entry->page,
347 						 0);
348 }
349 
350 static struct grant *get_grant(grant_ref_t *gref_head,
351 			       unsigned long gfn,
352 			       struct blkfront_ring_info *rinfo)
353 {
354 	struct grant *gnt_list_entry = get_free_grant(rinfo);
355 	struct blkfront_info *info = rinfo->dev_info;
356 
357 	if (gnt_list_entry->gref != GRANT_INVALID_REF)
358 		return gnt_list_entry;
359 
360 	/* Assign a gref to this page */
361 	gnt_list_entry->gref = gnttab_claim_grant_reference(gref_head);
362 	BUG_ON(gnt_list_entry->gref == -ENOSPC);
363 	if (info->feature_persistent)
364 		grant_foreign_access(gnt_list_entry, info);
365 	else {
366 		/* Grant access to the GFN passed by the caller */
367 		gnttab_grant_foreign_access_ref(gnt_list_entry->gref,
368 						info->xbdev->otherend_id,
369 						gfn, 0);
370 	}
371 
372 	return gnt_list_entry;
373 }
374 
375 static struct grant *get_indirect_grant(grant_ref_t *gref_head,
376 					struct blkfront_ring_info *rinfo)
377 {
378 	struct grant *gnt_list_entry = get_free_grant(rinfo);
379 	struct blkfront_info *info = rinfo->dev_info;
380 
381 	if (gnt_list_entry->gref != GRANT_INVALID_REF)
382 		return gnt_list_entry;
383 
384 	/* Assign a gref to this page */
385 	gnt_list_entry->gref = gnttab_claim_grant_reference(gref_head);
386 	BUG_ON(gnt_list_entry->gref == -ENOSPC);
387 	if (!info->feature_persistent) {
388 		struct page *indirect_page;
389 
390 		/* Fetch a pre-allocated page to use for indirect grefs */
391 		BUG_ON(list_empty(&rinfo->indirect_pages));
392 		indirect_page = list_first_entry(&rinfo->indirect_pages,
393 						 struct page, lru);
394 		list_del(&indirect_page->lru);
395 		gnt_list_entry->page = indirect_page;
396 	}
397 	grant_foreign_access(gnt_list_entry, info);
398 
399 	return gnt_list_entry;
400 }
401 
402 static const char *op_name(int op)
403 {
404 	static const char *const names[] = {
405 		[BLKIF_OP_READ] = "read",
406 		[BLKIF_OP_WRITE] = "write",
407 		[BLKIF_OP_WRITE_BARRIER] = "barrier",
408 		[BLKIF_OP_FLUSH_DISKCACHE] = "flush",
409 		[BLKIF_OP_DISCARD] = "discard" };
410 
411 	if (op < 0 || op >= ARRAY_SIZE(names))
412 		return "unknown";
413 
414 	if (!names[op])
415 		return "reserved";
416 
417 	return names[op];
418 }
419 static int xlbd_reserve_minors(unsigned int minor, unsigned int nr)
420 {
421 	unsigned int end = minor + nr;
422 	int rc;
423 
424 	if (end > nr_minors) {
425 		unsigned long *bitmap, *old;
426 
427 		bitmap = kcalloc(BITS_TO_LONGS(end), sizeof(*bitmap),
428 				 GFP_KERNEL);
429 		if (bitmap == NULL)
430 			return -ENOMEM;
431 
432 		spin_lock(&minor_lock);
433 		if (end > nr_minors) {
434 			old = minors;
435 			memcpy(bitmap, minors,
436 			       BITS_TO_LONGS(nr_minors) * sizeof(*bitmap));
437 			minors = bitmap;
438 			nr_minors = BITS_TO_LONGS(end) * BITS_PER_LONG;
439 		} else
440 			old = bitmap;
441 		spin_unlock(&minor_lock);
442 		kfree(old);
443 	}
444 
445 	spin_lock(&minor_lock);
446 	if (find_next_bit(minors, end, minor) >= end) {
447 		bitmap_set(minors, minor, nr);
448 		rc = 0;
449 	} else
450 		rc = -EBUSY;
451 	spin_unlock(&minor_lock);
452 
453 	return rc;
454 }
455 
456 static void xlbd_release_minors(unsigned int minor, unsigned int nr)
457 {
458 	unsigned int end = minor + nr;
459 
460 	BUG_ON(end > nr_minors);
461 	spin_lock(&minor_lock);
462 	bitmap_clear(minors,  minor, nr);
463 	spin_unlock(&minor_lock);
464 }
465 
466 static void blkif_restart_queue_callback(void *arg)
467 {
468 	struct blkfront_ring_info *rinfo = (struct blkfront_ring_info *)arg;
469 	schedule_work(&rinfo->work);
470 }
471 
472 static int blkif_getgeo(struct block_device *bd, struct hd_geometry *hg)
473 {
474 	/* We don't have real geometry info, but let's at least return
475 	   values consistent with the size of the device */
476 	sector_t nsect = get_capacity(bd->bd_disk);
477 	sector_t cylinders = nsect;
478 
479 	hg->heads = 0xff;
480 	hg->sectors = 0x3f;
481 	sector_div(cylinders, hg->heads * hg->sectors);
482 	hg->cylinders = cylinders;
483 	if ((sector_t)(hg->cylinders + 1) * hg->heads * hg->sectors < nsect)
484 		hg->cylinders = 0xffff;
485 	return 0;
486 }
487 
488 static int blkif_ioctl(struct block_device *bdev, fmode_t mode,
489 		       unsigned command, unsigned long argument)
490 {
491 	struct blkfront_info *info = bdev->bd_disk->private_data;
492 	int i;
493 
494 	dev_dbg(&info->xbdev->dev, "command: 0x%x, argument: 0x%lx\n",
495 		command, (long)argument);
496 
497 	switch (command) {
498 	case CDROMMULTISESSION:
499 		dev_dbg(&info->xbdev->dev, "FIXME: support multisession CDs later\n");
500 		for (i = 0; i < sizeof(struct cdrom_multisession); i++)
501 			if (put_user(0, (char __user *)(argument + i)))
502 				return -EFAULT;
503 		return 0;
504 
505 	case CDROM_GET_CAPABILITY: {
506 		struct gendisk *gd = info->gd;
507 		if (gd->flags & GENHD_FL_CD)
508 			return 0;
509 		return -EINVAL;
510 	}
511 
512 	default:
513 		/*printk(KERN_ALERT "ioctl %08x not supported by Xen blkdev\n",
514 		  command);*/
515 		return -EINVAL; /* same return as native Linux */
516 	}
517 
518 	return 0;
519 }
520 
521 static unsigned long blkif_ring_get_request(struct blkfront_ring_info *rinfo,
522 					    struct request *req,
523 					    struct blkif_request **ring_req)
524 {
525 	unsigned long id;
526 
527 	*ring_req = RING_GET_REQUEST(&rinfo->ring, rinfo->ring.req_prod_pvt);
528 	rinfo->ring.req_prod_pvt++;
529 
530 	id = get_id_from_freelist(rinfo);
531 	rinfo->shadow[id].request = req;
532 	rinfo->shadow[id].status = REQ_WAITING;
533 	rinfo->shadow[id].associated_id = NO_ASSOCIATED_ID;
534 
535 	(*ring_req)->u.rw.id = id;
536 
537 	return id;
538 }
539 
540 static int blkif_queue_discard_req(struct request *req, struct blkfront_ring_info *rinfo)
541 {
542 	struct blkfront_info *info = rinfo->dev_info;
543 	struct blkif_request *ring_req;
544 	unsigned long id;
545 
546 	/* Fill out a communications ring structure. */
547 	id = blkif_ring_get_request(rinfo, req, &ring_req);
548 
549 	ring_req->operation = BLKIF_OP_DISCARD;
550 	ring_req->u.discard.nr_sectors = blk_rq_sectors(req);
551 	ring_req->u.discard.id = id;
552 	ring_req->u.discard.sector_number = (blkif_sector_t)blk_rq_pos(req);
553 	if (req_op(req) == REQ_OP_SECURE_ERASE && info->feature_secdiscard)
554 		ring_req->u.discard.flag = BLKIF_DISCARD_SECURE;
555 	else
556 		ring_req->u.discard.flag = 0;
557 
558 	/* Keep a private copy so we can reissue requests when recovering. */
559 	rinfo->shadow[id].req = *ring_req;
560 
561 	return 0;
562 }
563 
564 struct setup_rw_req {
565 	unsigned int grant_idx;
566 	struct blkif_request_segment *segments;
567 	struct blkfront_ring_info *rinfo;
568 	struct blkif_request *ring_req;
569 	grant_ref_t gref_head;
570 	unsigned int id;
571 	/* Only used when persistent grant is used and it's a read request */
572 	bool need_copy;
573 	unsigned int bvec_off;
574 	char *bvec_data;
575 
576 	bool require_extra_req;
577 	struct blkif_request *extra_ring_req;
578 };
579 
580 static void blkif_setup_rw_req_grant(unsigned long gfn, unsigned int offset,
581 				     unsigned int len, void *data)
582 {
583 	struct setup_rw_req *setup = data;
584 	int n, ref;
585 	struct grant *gnt_list_entry;
586 	unsigned int fsect, lsect;
587 	/* Convenient aliases */
588 	unsigned int grant_idx = setup->grant_idx;
589 	struct blkif_request *ring_req = setup->ring_req;
590 	struct blkfront_ring_info *rinfo = setup->rinfo;
591 	/*
592 	 * We always use the shadow of the first request to store the list
593 	 * of grant associated to the block I/O request. This made the
594 	 * completion more easy to handle even if the block I/O request is
595 	 * split.
596 	 */
597 	struct blk_shadow *shadow = &rinfo->shadow[setup->id];
598 
599 	if (unlikely(setup->require_extra_req &&
600 		     grant_idx >= BLKIF_MAX_SEGMENTS_PER_REQUEST)) {
601 		/*
602 		 * We are using the second request, setup grant_idx
603 		 * to be the index of the segment array.
604 		 */
605 		grant_idx -= BLKIF_MAX_SEGMENTS_PER_REQUEST;
606 		ring_req = setup->extra_ring_req;
607 	}
608 
609 	if ((ring_req->operation == BLKIF_OP_INDIRECT) &&
610 	    (grant_idx % GRANTS_PER_INDIRECT_FRAME == 0)) {
611 		if (setup->segments)
612 			kunmap_atomic(setup->segments);
613 
614 		n = grant_idx / GRANTS_PER_INDIRECT_FRAME;
615 		gnt_list_entry = get_indirect_grant(&setup->gref_head, rinfo);
616 		shadow->indirect_grants[n] = gnt_list_entry;
617 		setup->segments = kmap_atomic(gnt_list_entry->page);
618 		ring_req->u.indirect.indirect_grefs[n] = gnt_list_entry->gref;
619 	}
620 
621 	gnt_list_entry = get_grant(&setup->gref_head, gfn, rinfo);
622 	ref = gnt_list_entry->gref;
623 	/*
624 	 * All the grants are stored in the shadow of the first
625 	 * request. Therefore we have to use the global index.
626 	 */
627 	shadow->grants_used[setup->grant_idx] = gnt_list_entry;
628 
629 	if (setup->need_copy) {
630 		void *shared_data;
631 
632 		shared_data = kmap_atomic(gnt_list_entry->page);
633 		/*
634 		 * this does not wipe data stored outside the
635 		 * range sg->offset..sg->offset+sg->length.
636 		 * Therefore, blkback *could* see data from
637 		 * previous requests. This is OK as long as
638 		 * persistent grants are shared with just one
639 		 * domain. It may need refactoring if this
640 		 * changes
641 		 */
642 		memcpy(shared_data + offset,
643 		       setup->bvec_data + setup->bvec_off,
644 		       len);
645 
646 		kunmap_atomic(shared_data);
647 		setup->bvec_off += len;
648 	}
649 
650 	fsect = offset >> 9;
651 	lsect = fsect + (len >> 9) - 1;
652 	if (ring_req->operation != BLKIF_OP_INDIRECT) {
653 		ring_req->u.rw.seg[grant_idx] =
654 			(struct blkif_request_segment) {
655 				.gref       = ref,
656 				.first_sect = fsect,
657 				.last_sect  = lsect };
658 	} else {
659 		setup->segments[grant_idx % GRANTS_PER_INDIRECT_FRAME] =
660 			(struct blkif_request_segment) {
661 				.gref       = ref,
662 				.first_sect = fsect,
663 				.last_sect  = lsect };
664 	}
665 
666 	(setup->grant_idx)++;
667 }
668 
669 static void blkif_setup_extra_req(struct blkif_request *first,
670 				  struct blkif_request *second)
671 {
672 	uint16_t nr_segments = first->u.rw.nr_segments;
673 
674 	/*
675 	 * The second request is only present when the first request uses
676 	 * all its segments. It's always the continuity of the first one.
677 	 */
678 	first->u.rw.nr_segments = BLKIF_MAX_SEGMENTS_PER_REQUEST;
679 
680 	second->u.rw.nr_segments = nr_segments - BLKIF_MAX_SEGMENTS_PER_REQUEST;
681 	second->u.rw.sector_number = first->u.rw.sector_number +
682 		(BLKIF_MAX_SEGMENTS_PER_REQUEST * XEN_PAGE_SIZE) / 512;
683 
684 	second->u.rw.handle = first->u.rw.handle;
685 	second->operation = first->operation;
686 }
687 
688 static int blkif_queue_rw_req(struct request *req, struct blkfront_ring_info *rinfo)
689 {
690 	struct blkfront_info *info = rinfo->dev_info;
691 	struct blkif_request *ring_req, *extra_ring_req = NULL;
692 	unsigned long id, extra_id = NO_ASSOCIATED_ID;
693 	bool require_extra_req = false;
694 	int i;
695 	struct setup_rw_req setup = {
696 		.grant_idx = 0,
697 		.segments = NULL,
698 		.rinfo = rinfo,
699 		.need_copy = rq_data_dir(req) && info->feature_persistent,
700 	};
701 
702 	/*
703 	 * Used to store if we are able to queue the request by just using
704 	 * existing persistent grants, or if we have to get new grants,
705 	 * as there are not sufficiently many free.
706 	 */
707 	bool new_persistent_gnts = false;
708 	struct scatterlist *sg;
709 	int num_sg, max_grefs, num_grant;
710 
711 	max_grefs = req->nr_phys_segments * GRANTS_PER_PSEG;
712 	if (max_grefs > BLKIF_MAX_SEGMENTS_PER_REQUEST)
713 		/*
714 		 * If we are using indirect segments we need to account
715 		 * for the indirect grefs used in the request.
716 		 */
717 		max_grefs += INDIRECT_GREFS(max_grefs);
718 
719 	/* Check if we have enough persistent grants to allocate a requests */
720 	if (rinfo->persistent_gnts_c < max_grefs) {
721 		new_persistent_gnts = true;
722 
723 		if (gnttab_alloc_grant_references(
724 		    max_grefs - rinfo->persistent_gnts_c,
725 		    &setup.gref_head) < 0) {
726 			gnttab_request_free_callback(
727 				&rinfo->callback,
728 				blkif_restart_queue_callback,
729 				rinfo,
730 				max_grefs - rinfo->persistent_gnts_c);
731 			return 1;
732 		}
733 	}
734 
735 	/* Fill out a communications ring structure. */
736 	id = blkif_ring_get_request(rinfo, req, &ring_req);
737 
738 	num_sg = blk_rq_map_sg(req->q, req, rinfo->shadow[id].sg);
739 	num_grant = 0;
740 	/* Calculate the number of grant used */
741 	for_each_sg(rinfo->shadow[id].sg, sg, num_sg, i)
742 	       num_grant += gnttab_count_grant(sg->offset, sg->length);
743 
744 	require_extra_req = info->max_indirect_segments == 0 &&
745 		num_grant > BLKIF_MAX_SEGMENTS_PER_REQUEST;
746 	BUG_ON(!HAS_EXTRA_REQ && require_extra_req);
747 
748 	rinfo->shadow[id].num_sg = num_sg;
749 	if (num_grant > BLKIF_MAX_SEGMENTS_PER_REQUEST &&
750 	    likely(!require_extra_req)) {
751 		/*
752 		 * The indirect operation can only be a BLKIF_OP_READ or
753 		 * BLKIF_OP_WRITE
754 		 */
755 		BUG_ON(req_op(req) == REQ_OP_FLUSH || req->cmd_flags & REQ_FUA);
756 		ring_req->operation = BLKIF_OP_INDIRECT;
757 		ring_req->u.indirect.indirect_op = rq_data_dir(req) ?
758 			BLKIF_OP_WRITE : BLKIF_OP_READ;
759 		ring_req->u.indirect.sector_number = (blkif_sector_t)blk_rq_pos(req);
760 		ring_req->u.indirect.handle = info->handle;
761 		ring_req->u.indirect.nr_segments = num_grant;
762 	} else {
763 		ring_req->u.rw.sector_number = (blkif_sector_t)blk_rq_pos(req);
764 		ring_req->u.rw.handle = info->handle;
765 		ring_req->operation = rq_data_dir(req) ?
766 			BLKIF_OP_WRITE : BLKIF_OP_READ;
767 		if (req_op(req) == REQ_OP_FLUSH || req->cmd_flags & REQ_FUA) {
768 			/*
769 			 * Ideally we can do an unordered flush-to-disk.
770 			 * In case the backend onlysupports barriers, use that.
771 			 * A barrier request a superset of FUA, so we can
772 			 * implement it the same way.  (It's also a FLUSH+FUA,
773 			 * since it is guaranteed ordered WRT previous writes.)
774 			 */
775 			if (info->feature_flush && info->feature_fua)
776 				ring_req->operation =
777 					BLKIF_OP_WRITE_BARRIER;
778 			else if (info->feature_flush)
779 				ring_req->operation =
780 					BLKIF_OP_FLUSH_DISKCACHE;
781 			else
782 				ring_req->operation = 0;
783 		}
784 		ring_req->u.rw.nr_segments = num_grant;
785 		if (unlikely(require_extra_req)) {
786 			extra_id = blkif_ring_get_request(rinfo, req,
787 							  &extra_ring_req);
788 			/*
789 			 * Only the first request contains the scatter-gather
790 			 * list.
791 			 */
792 			rinfo->shadow[extra_id].num_sg = 0;
793 
794 			blkif_setup_extra_req(ring_req, extra_ring_req);
795 
796 			/* Link the 2 requests together */
797 			rinfo->shadow[extra_id].associated_id = id;
798 			rinfo->shadow[id].associated_id = extra_id;
799 		}
800 	}
801 
802 	setup.ring_req = ring_req;
803 	setup.id = id;
804 
805 	setup.require_extra_req = require_extra_req;
806 	if (unlikely(require_extra_req))
807 		setup.extra_ring_req = extra_ring_req;
808 
809 	for_each_sg(rinfo->shadow[id].sg, sg, num_sg, i) {
810 		BUG_ON(sg->offset + sg->length > PAGE_SIZE);
811 
812 		if (setup.need_copy) {
813 			setup.bvec_off = sg->offset;
814 			setup.bvec_data = kmap_atomic(sg_page(sg));
815 		}
816 
817 		gnttab_foreach_grant_in_range(sg_page(sg),
818 					      sg->offset,
819 					      sg->length,
820 					      blkif_setup_rw_req_grant,
821 					      &setup);
822 
823 		if (setup.need_copy)
824 			kunmap_atomic(setup.bvec_data);
825 	}
826 	if (setup.segments)
827 		kunmap_atomic(setup.segments);
828 
829 	/* Keep a private copy so we can reissue requests when recovering. */
830 	rinfo->shadow[id].req = *ring_req;
831 	if (unlikely(require_extra_req))
832 		rinfo->shadow[extra_id].req = *extra_ring_req;
833 
834 	if (new_persistent_gnts)
835 		gnttab_free_grant_references(setup.gref_head);
836 
837 	return 0;
838 }
839 
840 /*
841  * Generate a Xen blkfront IO request from a blk layer request.  Reads
842  * and writes are handled as expected.
843  *
844  * @req: a request struct
845  */
846 static int blkif_queue_request(struct request *req, struct blkfront_ring_info *rinfo)
847 {
848 	if (unlikely(rinfo->dev_info->connected != BLKIF_STATE_CONNECTED))
849 		return 1;
850 
851 	if (unlikely(req_op(req) == REQ_OP_DISCARD ||
852 		     req_op(req) == REQ_OP_SECURE_ERASE))
853 		return blkif_queue_discard_req(req, rinfo);
854 	else
855 		return blkif_queue_rw_req(req, rinfo);
856 }
857 
858 static inline void flush_requests(struct blkfront_ring_info *rinfo)
859 {
860 	int notify;
861 
862 	RING_PUSH_REQUESTS_AND_CHECK_NOTIFY(&rinfo->ring, notify);
863 
864 	if (notify)
865 		notify_remote_via_irq(rinfo->irq);
866 }
867 
868 static inline bool blkif_request_flush_invalid(struct request *req,
869 					       struct blkfront_info *info)
870 {
871 	return (blk_rq_is_passthrough(req) ||
872 		((req_op(req) == REQ_OP_FLUSH) &&
873 		 !info->feature_flush) ||
874 		((req->cmd_flags & REQ_FUA) &&
875 		 !info->feature_fua));
876 }
877 
878 static blk_status_t blkif_queue_rq(struct blk_mq_hw_ctx *hctx,
879 			  const struct blk_mq_queue_data *qd)
880 {
881 	unsigned long flags;
882 	int qid = hctx->queue_num;
883 	struct blkfront_info *info = hctx->queue->queuedata;
884 	struct blkfront_ring_info *rinfo = NULL;
885 
886 	BUG_ON(info->nr_rings <= qid);
887 	rinfo = &info->rinfo[qid];
888 	blk_mq_start_request(qd->rq);
889 	spin_lock_irqsave(&rinfo->ring_lock, flags);
890 	if (RING_FULL(&rinfo->ring))
891 		goto out_busy;
892 
893 	if (blkif_request_flush_invalid(qd->rq, rinfo->dev_info))
894 		goto out_err;
895 
896 	if (blkif_queue_request(qd->rq, rinfo))
897 		goto out_busy;
898 
899 	flush_requests(rinfo);
900 	spin_unlock_irqrestore(&rinfo->ring_lock, flags);
901 	return BLK_STS_OK;
902 
903 out_err:
904 	spin_unlock_irqrestore(&rinfo->ring_lock, flags);
905 	return BLK_STS_IOERR;
906 
907 out_busy:
908 	blk_mq_stop_hw_queue(hctx);
909 	spin_unlock_irqrestore(&rinfo->ring_lock, flags);
910 	return BLK_STS_DEV_RESOURCE;
911 }
912 
913 static void blkif_complete_rq(struct request *rq)
914 {
915 	blk_mq_end_request(rq, blkif_req(rq)->error);
916 }
917 
918 static const struct blk_mq_ops blkfront_mq_ops = {
919 	.queue_rq = blkif_queue_rq,
920 	.complete = blkif_complete_rq,
921 };
922 
923 static void blkif_set_queue_limits(struct blkfront_info *info)
924 {
925 	struct request_queue *rq = info->rq;
926 	struct gendisk *gd = info->gd;
927 	unsigned int segments = info->max_indirect_segments ? :
928 				BLKIF_MAX_SEGMENTS_PER_REQUEST;
929 
930 	blk_queue_flag_set(QUEUE_FLAG_VIRT, rq);
931 
932 	if (info->feature_discard) {
933 		blk_queue_flag_set(QUEUE_FLAG_DISCARD, rq);
934 		blk_queue_max_discard_sectors(rq, get_capacity(gd));
935 		rq->limits.discard_granularity = info->discard_granularity;
936 		rq->limits.discard_alignment = info->discard_alignment;
937 		if (info->feature_secdiscard)
938 			blk_queue_flag_set(QUEUE_FLAG_SECERASE, rq);
939 	}
940 
941 	/* Hard sector size and max sectors impersonate the equiv. hardware. */
942 	blk_queue_logical_block_size(rq, info->sector_size);
943 	blk_queue_physical_block_size(rq, info->physical_sector_size);
944 	blk_queue_max_hw_sectors(rq, (segments * XEN_PAGE_SIZE) / 512);
945 
946 	/* Each segment in a request is up to an aligned page in size. */
947 	blk_queue_segment_boundary(rq, PAGE_SIZE - 1);
948 	blk_queue_max_segment_size(rq, PAGE_SIZE);
949 
950 	/* Ensure a merged request will fit in a single I/O ring slot. */
951 	blk_queue_max_segments(rq, segments / GRANTS_PER_PSEG);
952 
953 	/* Make sure buffer addresses are sector-aligned. */
954 	blk_queue_dma_alignment(rq, 511);
955 }
956 
957 static int xlvbd_init_blk_queue(struct gendisk *gd, u16 sector_size,
958 				unsigned int physical_sector_size)
959 {
960 	struct request_queue *rq;
961 	struct blkfront_info *info = gd->private_data;
962 
963 	memset(&info->tag_set, 0, sizeof(info->tag_set));
964 	info->tag_set.ops = &blkfront_mq_ops;
965 	info->tag_set.nr_hw_queues = info->nr_rings;
966 	if (HAS_EXTRA_REQ && info->max_indirect_segments == 0) {
967 		/*
968 		 * When indirect descriptior is not supported, the I/O request
969 		 * will be split between multiple request in the ring.
970 		 * To avoid problems when sending the request, divide by
971 		 * 2 the depth of the queue.
972 		 */
973 		info->tag_set.queue_depth =  BLK_RING_SIZE(info) / 2;
974 	} else
975 		info->tag_set.queue_depth = BLK_RING_SIZE(info);
976 	info->tag_set.numa_node = NUMA_NO_NODE;
977 	info->tag_set.flags = BLK_MQ_F_SHOULD_MERGE;
978 	info->tag_set.cmd_size = sizeof(struct blkif_req);
979 	info->tag_set.driver_data = info;
980 
981 	if (blk_mq_alloc_tag_set(&info->tag_set))
982 		return -EINVAL;
983 	rq = blk_mq_init_queue(&info->tag_set);
984 	if (IS_ERR(rq)) {
985 		blk_mq_free_tag_set(&info->tag_set);
986 		return PTR_ERR(rq);
987 	}
988 
989 	rq->queuedata = info;
990 	info->rq = gd->queue = rq;
991 	info->gd = gd;
992 	info->sector_size = sector_size;
993 	info->physical_sector_size = physical_sector_size;
994 	blkif_set_queue_limits(info);
995 
996 	return 0;
997 }
998 
999 static const char *flush_info(struct blkfront_info *info)
1000 {
1001 	if (info->feature_flush && info->feature_fua)
1002 		return "barrier: enabled;";
1003 	else if (info->feature_flush)
1004 		return "flush diskcache: enabled;";
1005 	else
1006 		return "barrier or flush: disabled;";
1007 }
1008 
1009 static void xlvbd_flush(struct blkfront_info *info)
1010 {
1011 	blk_queue_write_cache(info->rq, info->feature_flush ? true : false,
1012 			      info->feature_fua ? true : false);
1013 	pr_info("blkfront: %s: %s %s %s %s %s\n",
1014 		info->gd->disk_name, flush_info(info),
1015 		"persistent grants:", info->feature_persistent ?
1016 		"enabled;" : "disabled;", "indirect descriptors:",
1017 		info->max_indirect_segments ? "enabled;" : "disabled;");
1018 }
1019 
1020 static int xen_translate_vdev(int vdevice, int *minor, unsigned int *offset)
1021 {
1022 	int major;
1023 	major = BLKIF_MAJOR(vdevice);
1024 	*minor = BLKIF_MINOR(vdevice);
1025 	switch (major) {
1026 		case XEN_IDE0_MAJOR:
1027 			*offset = (*minor / 64) + EMULATED_HD_DISK_NAME_OFFSET;
1028 			*minor = ((*minor / 64) * PARTS_PER_DISK) +
1029 				EMULATED_HD_DISK_MINOR_OFFSET;
1030 			break;
1031 		case XEN_IDE1_MAJOR:
1032 			*offset = (*minor / 64) + 2 + EMULATED_HD_DISK_NAME_OFFSET;
1033 			*minor = (((*minor / 64) + 2) * PARTS_PER_DISK) +
1034 				EMULATED_HD_DISK_MINOR_OFFSET;
1035 			break;
1036 		case XEN_SCSI_DISK0_MAJOR:
1037 			*offset = (*minor / PARTS_PER_DISK) + EMULATED_SD_DISK_NAME_OFFSET;
1038 			*minor = *minor + EMULATED_SD_DISK_MINOR_OFFSET;
1039 			break;
1040 		case XEN_SCSI_DISK1_MAJOR:
1041 		case XEN_SCSI_DISK2_MAJOR:
1042 		case XEN_SCSI_DISK3_MAJOR:
1043 		case XEN_SCSI_DISK4_MAJOR:
1044 		case XEN_SCSI_DISK5_MAJOR:
1045 		case XEN_SCSI_DISK6_MAJOR:
1046 		case XEN_SCSI_DISK7_MAJOR:
1047 			*offset = (*minor / PARTS_PER_DISK) +
1048 				((major - XEN_SCSI_DISK1_MAJOR + 1) * 16) +
1049 				EMULATED_SD_DISK_NAME_OFFSET;
1050 			*minor = *minor +
1051 				((major - XEN_SCSI_DISK1_MAJOR + 1) * 16 * PARTS_PER_DISK) +
1052 				EMULATED_SD_DISK_MINOR_OFFSET;
1053 			break;
1054 		case XEN_SCSI_DISK8_MAJOR:
1055 		case XEN_SCSI_DISK9_MAJOR:
1056 		case XEN_SCSI_DISK10_MAJOR:
1057 		case XEN_SCSI_DISK11_MAJOR:
1058 		case XEN_SCSI_DISK12_MAJOR:
1059 		case XEN_SCSI_DISK13_MAJOR:
1060 		case XEN_SCSI_DISK14_MAJOR:
1061 		case XEN_SCSI_DISK15_MAJOR:
1062 			*offset = (*minor / PARTS_PER_DISK) +
1063 				((major - XEN_SCSI_DISK8_MAJOR + 8) * 16) +
1064 				EMULATED_SD_DISK_NAME_OFFSET;
1065 			*minor = *minor +
1066 				((major - XEN_SCSI_DISK8_MAJOR + 8) * 16 * PARTS_PER_DISK) +
1067 				EMULATED_SD_DISK_MINOR_OFFSET;
1068 			break;
1069 		case XENVBD_MAJOR:
1070 			*offset = *minor / PARTS_PER_DISK;
1071 			break;
1072 		default:
1073 			printk(KERN_WARNING "blkfront: your disk configuration is "
1074 					"incorrect, please use an xvd device instead\n");
1075 			return -ENODEV;
1076 	}
1077 	return 0;
1078 }
1079 
1080 static char *encode_disk_name(char *ptr, unsigned int n)
1081 {
1082 	if (n >= 26)
1083 		ptr = encode_disk_name(ptr, n / 26 - 1);
1084 	*ptr = 'a' + n % 26;
1085 	return ptr + 1;
1086 }
1087 
1088 static int xlvbd_alloc_gendisk(blkif_sector_t capacity,
1089 			       struct blkfront_info *info,
1090 			       u16 vdisk_info, u16 sector_size,
1091 			       unsigned int physical_sector_size)
1092 {
1093 	struct gendisk *gd;
1094 	int nr_minors = 1;
1095 	int err;
1096 	unsigned int offset;
1097 	int minor;
1098 	int nr_parts;
1099 	char *ptr;
1100 
1101 	BUG_ON(info->gd != NULL);
1102 	BUG_ON(info->rq != NULL);
1103 
1104 	if ((info->vdevice>>EXT_SHIFT) > 1) {
1105 		/* this is above the extended range; something is wrong */
1106 		printk(KERN_WARNING "blkfront: vdevice 0x%x is above the extended range; ignoring\n", info->vdevice);
1107 		return -ENODEV;
1108 	}
1109 
1110 	if (!VDEV_IS_EXTENDED(info->vdevice)) {
1111 		err = xen_translate_vdev(info->vdevice, &minor, &offset);
1112 		if (err)
1113 			return err;
1114 		nr_parts = PARTS_PER_DISK;
1115 	} else {
1116 		minor = BLKIF_MINOR_EXT(info->vdevice);
1117 		nr_parts = PARTS_PER_EXT_DISK;
1118 		offset = minor / nr_parts;
1119 		if (xen_hvm_domain() && offset < EMULATED_HD_DISK_NAME_OFFSET + 4)
1120 			printk(KERN_WARNING "blkfront: vdevice 0x%x might conflict with "
1121 					"emulated IDE disks,\n\t choose an xvd device name"
1122 					"from xvde on\n", info->vdevice);
1123 	}
1124 	if (minor >> MINORBITS) {
1125 		pr_warn("blkfront: %#x's minor (%#x) out of range; ignoring\n",
1126 			info->vdevice, minor);
1127 		return -ENODEV;
1128 	}
1129 
1130 	if ((minor % nr_parts) == 0)
1131 		nr_minors = nr_parts;
1132 
1133 	err = xlbd_reserve_minors(minor, nr_minors);
1134 	if (err)
1135 		goto out;
1136 	err = -ENODEV;
1137 
1138 	gd = alloc_disk(nr_minors);
1139 	if (gd == NULL)
1140 		goto release;
1141 
1142 	strcpy(gd->disk_name, DEV_NAME);
1143 	ptr = encode_disk_name(gd->disk_name + sizeof(DEV_NAME) - 1, offset);
1144 	BUG_ON(ptr >= gd->disk_name + DISK_NAME_LEN);
1145 	if (nr_minors > 1)
1146 		*ptr = 0;
1147 	else
1148 		snprintf(ptr, gd->disk_name + DISK_NAME_LEN - ptr,
1149 			 "%d", minor & (nr_parts - 1));
1150 
1151 	gd->major = XENVBD_MAJOR;
1152 	gd->first_minor = minor;
1153 	gd->fops = &xlvbd_block_fops;
1154 	gd->private_data = info;
1155 	set_capacity(gd, capacity);
1156 
1157 	if (xlvbd_init_blk_queue(gd, sector_size, physical_sector_size)) {
1158 		del_gendisk(gd);
1159 		goto release;
1160 	}
1161 
1162 	xlvbd_flush(info);
1163 
1164 	if (vdisk_info & VDISK_READONLY)
1165 		set_disk_ro(gd, 1);
1166 
1167 	if (vdisk_info & VDISK_REMOVABLE)
1168 		gd->flags |= GENHD_FL_REMOVABLE;
1169 
1170 	if (vdisk_info & VDISK_CDROM)
1171 		gd->flags |= GENHD_FL_CD;
1172 
1173 	return 0;
1174 
1175  release:
1176 	xlbd_release_minors(minor, nr_minors);
1177  out:
1178 	return err;
1179 }
1180 
1181 static void xlvbd_release_gendisk(struct blkfront_info *info)
1182 {
1183 	unsigned int minor, nr_minors, i;
1184 
1185 	if (info->rq == NULL)
1186 		return;
1187 
1188 	/* No more blkif_request(). */
1189 	blk_mq_stop_hw_queues(info->rq);
1190 
1191 	for (i = 0; i < info->nr_rings; i++) {
1192 		struct blkfront_ring_info *rinfo = &info->rinfo[i];
1193 
1194 		/* No more gnttab callback work. */
1195 		gnttab_cancel_free_callback(&rinfo->callback);
1196 
1197 		/* Flush gnttab callback work. Must be done with no locks held. */
1198 		flush_work(&rinfo->work);
1199 	}
1200 
1201 	del_gendisk(info->gd);
1202 
1203 	minor = info->gd->first_minor;
1204 	nr_minors = info->gd->minors;
1205 	xlbd_release_minors(minor, nr_minors);
1206 
1207 	blk_cleanup_queue(info->rq);
1208 	blk_mq_free_tag_set(&info->tag_set);
1209 	info->rq = NULL;
1210 
1211 	put_disk(info->gd);
1212 	info->gd = NULL;
1213 }
1214 
1215 /* Already hold rinfo->ring_lock. */
1216 static inline void kick_pending_request_queues_locked(struct blkfront_ring_info *rinfo)
1217 {
1218 	if (!RING_FULL(&rinfo->ring))
1219 		blk_mq_start_stopped_hw_queues(rinfo->dev_info->rq, true);
1220 }
1221 
1222 static void kick_pending_request_queues(struct blkfront_ring_info *rinfo)
1223 {
1224 	unsigned long flags;
1225 
1226 	spin_lock_irqsave(&rinfo->ring_lock, flags);
1227 	kick_pending_request_queues_locked(rinfo);
1228 	spin_unlock_irqrestore(&rinfo->ring_lock, flags);
1229 }
1230 
1231 static void blkif_restart_queue(struct work_struct *work)
1232 {
1233 	struct blkfront_ring_info *rinfo = container_of(work, struct blkfront_ring_info, work);
1234 
1235 	if (rinfo->dev_info->connected == BLKIF_STATE_CONNECTED)
1236 		kick_pending_request_queues(rinfo);
1237 }
1238 
1239 static void blkif_free_ring(struct blkfront_ring_info *rinfo)
1240 {
1241 	struct grant *persistent_gnt, *n;
1242 	struct blkfront_info *info = rinfo->dev_info;
1243 	int i, j, segs;
1244 
1245 	/*
1246 	 * Remove indirect pages, this only happens when using indirect
1247 	 * descriptors but not persistent grants
1248 	 */
1249 	if (!list_empty(&rinfo->indirect_pages)) {
1250 		struct page *indirect_page, *n;
1251 
1252 		BUG_ON(info->feature_persistent);
1253 		list_for_each_entry_safe(indirect_page, n, &rinfo->indirect_pages, lru) {
1254 			list_del(&indirect_page->lru);
1255 			__free_page(indirect_page);
1256 		}
1257 	}
1258 
1259 	/* Remove all persistent grants. */
1260 	if (!list_empty(&rinfo->grants)) {
1261 		list_for_each_entry_safe(persistent_gnt, n,
1262 					 &rinfo->grants, node) {
1263 			list_del(&persistent_gnt->node);
1264 			if (persistent_gnt->gref != GRANT_INVALID_REF) {
1265 				gnttab_end_foreign_access(persistent_gnt->gref,
1266 							  0, 0UL);
1267 				rinfo->persistent_gnts_c--;
1268 			}
1269 			if (info->feature_persistent)
1270 				__free_page(persistent_gnt->page);
1271 			kfree(persistent_gnt);
1272 		}
1273 	}
1274 	BUG_ON(rinfo->persistent_gnts_c != 0);
1275 
1276 	for (i = 0; i < BLK_RING_SIZE(info); i++) {
1277 		/*
1278 		 * Clear persistent grants present in requests already
1279 		 * on the shared ring
1280 		 */
1281 		if (!rinfo->shadow[i].request)
1282 			goto free_shadow;
1283 
1284 		segs = rinfo->shadow[i].req.operation == BLKIF_OP_INDIRECT ?
1285 		       rinfo->shadow[i].req.u.indirect.nr_segments :
1286 		       rinfo->shadow[i].req.u.rw.nr_segments;
1287 		for (j = 0; j < segs; j++) {
1288 			persistent_gnt = rinfo->shadow[i].grants_used[j];
1289 			gnttab_end_foreign_access(persistent_gnt->gref, 0, 0UL);
1290 			if (info->feature_persistent)
1291 				__free_page(persistent_gnt->page);
1292 			kfree(persistent_gnt);
1293 		}
1294 
1295 		if (rinfo->shadow[i].req.operation != BLKIF_OP_INDIRECT)
1296 			/*
1297 			 * If this is not an indirect operation don't try to
1298 			 * free indirect segments
1299 			 */
1300 			goto free_shadow;
1301 
1302 		for (j = 0; j < INDIRECT_GREFS(segs); j++) {
1303 			persistent_gnt = rinfo->shadow[i].indirect_grants[j];
1304 			gnttab_end_foreign_access(persistent_gnt->gref, 0, 0UL);
1305 			__free_page(persistent_gnt->page);
1306 			kfree(persistent_gnt);
1307 		}
1308 
1309 free_shadow:
1310 		kvfree(rinfo->shadow[i].grants_used);
1311 		rinfo->shadow[i].grants_used = NULL;
1312 		kvfree(rinfo->shadow[i].indirect_grants);
1313 		rinfo->shadow[i].indirect_grants = NULL;
1314 		kvfree(rinfo->shadow[i].sg);
1315 		rinfo->shadow[i].sg = NULL;
1316 	}
1317 
1318 	/* No more gnttab callback work. */
1319 	gnttab_cancel_free_callback(&rinfo->callback);
1320 
1321 	/* Flush gnttab callback work. Must be done with no locks held. */
1322 	flush_work(&rinfo->work);
1323 
1324 	/* Free resources associated with old device channel. */
1325 	for (i = 0; i < info->nr_ring_pages; i++) {
1326 		if (rinfo->ring_ref[i] != GRANT_INVALID_REF) {
1327 			gnttab_end_foreign_access(rinfo->ring_ref[i], 0, 0);
1328 			rinfo->ring_ref[i] = GRANT_INVALID_REF;
1329 		}
1330 	}
1331 	free_pages((unsigned long)rinfo->ring.sring, get_order(info->nr_ring_pages * XEN_PAGE_SIZE));
1332 	rinfo->ring.sring = NULL;
1333 
1334 	if (rinfo->irq)
1335 		unbind_from_irqhandler(rinfo->irq, rinfo);
1336 	rinfo->evtchn = rinfo->irq = 0;
1337 }
1338 
1339 static void blkif_free(struct blkfront_info *info, int suspend)
1340 {
1341 	unsigned int i;
1342 
1343 	/* Prevent new requests being issued until we fix things up. */
1344 	info->connected = suspend ?
1345 		BLKIF_STATE_SUSPENDED : BLKIF_STATE_DISCONNECTED;
1346 	/* No more blkif_request(). */
1347 	if (info->rq)
1348 		blk_mq_stop_hw_queues(info->rq);
1349 
1350 	for (i = 0; i < info->nr_rings; i++)
1351 		blkif_free_ring(&info->rinfo[i]);
1352 
1353 	kvfree(info->rinfo);
1354 	info->rinfo = NULL;
1355 	info->nr_rings = 0;
1356 }
1357 
1358 struct copy_from_grant {
1359 	const struct blk_shadow *s;
1360 	unsigned int grant_idx;
1361 	unsigned int bvec_offset;
1362 	char *bvec_data;
1363 };
1364 
1365 static void blkif_copy_from_grant(unsigned long gfn, unsigned int offset,
1366 				  unsigned int len, void *data)
1367 {
1368 	struct copy_from_grant *info = data;
1369 	char *shared_data;
1370 	/* Convenient aliases */
1371 	const struct blk_shadow *s = info->s;
1372 
1373 	shared_data = kmap_atomic(s->grants_used[info->grant_idx]->page);
1374 
1375 	memcpy(info->bvec_data + info->bvec_offset,
1376 	       shared_data + offset, len);
1377 
1378 	info->bvec_offset += len;
1379 	info->grant_idx++;
1380 
1381 	kunmap_atomic(shared_data);
1382 }
1383 
1384 static enum blk_req_status blkif_rsp_to_req_status(int rsp)
1385 {
1386 	switch (rsp)
1387 	{
1388 	case BLKIF_RSP_OKAY:
1389 		return REQ_DONE;
1390 	case BLKIF_RSP_EOPNOTSUPP:
1391 		return REQ_EOPNOTSUPP;
1392 	case BLKIF_RSP_ERROR:
1393 		/* Fallthrough. */
1394 	default:
1395 		return REQ_ERROR;
1396 	}
1397 }
1398 
1399 /*
1400  * Get the final status of the block request based on two ring response
1401  */
1402 static int blkif_get_final_status(enum blk_req_status s1,
1403 				  enum blk_req_status s2)
1404 {
1405 	BUG_ON(s1 == REQ_WAITING);
1406 	BUG_ON(s2 == REQ_WAITING);
1407 
1408 	if (s1 == REQ_ERROR || s2 == REQ_ERROR)
1409 		return BLKIF_RSP_ERROR;
1410 	else if (s1 == REQ_EOPNOTSUPP || s2 == REQ_EOPNOTSUPP)
1411 		return BLKIF_RSP_EOPNOTSUPP;
1412 	return BLKIF_RSP_OKAY;
1413 }
1414 
1415 static bool blkif_completion(unsigned long *id,
1416 			     struct blkfront_ring_info *rinfo,
1417 			     struct blkif_response *bret)
1418 {
1419 	int i = 0;
1420 	struct scatterlist *sg;
1421 	int num_sg, num_grant;
1422 	struct blkfront_info *info = rinfo->dev_info;
1423 	struct blk_shadow *s = &rinfo->shadow[*id];
1424 	struct copy_from_grant data = {
1425 		.grant_idx = 0,
1426 	};
1427 
1428 	num_grant = s->req.operation == BLKIF_OP_INDIRECT ?
1429 		s->req.u.indirect.nr_segments : s->req.u.rw.nr_segments;
1430 
1431 	/* The I/O request may be split in two. */
1432 	if (unlikely(s->associated_id != NO_ASSOCIATED_ID)) {
1433 		struct blk_shadow *s2 = &rinfo->shadow[s->associated_id];
1434 
1435 		/* Keep the status of the current response in shadow. */
1436 		s->status = blkif_rsp_to_req_status(bret->status);
1437 
1438 		/* Wait the second response if not yet here. */
1439 		if (s2->status == REQ_WAITING)
1440 			return false;
1441 
1442 		bret->status = blkif_get_final_status(s->status,
1443 						      s2->status);
1444 
1445 		/*
1446 		 * All the grants is stored in the first shadow in order
1447 		 * to make the completion code simpler.
1448 		 */
1449 		num_grant += s2->req.u.rw.nr_segments;
1450 
1451 		/*
1452 		 * The two responses may not come in order. Only the
1453 		 * first request will store the scatter-gather list.
1454 		 */
1455 		if (s2->num_sg != 0) {
1456 			/* Update "id" with the ID of the first response. */
1457 			*id = s->associated_id;
1458 			s = s2;
1459 		}
1460 
1461 		/*
1462 		 * We don't need anymore the second request, so recycling
1463 		 * it now.
1464 		 */
1465 		if (add_id_to_freelist(rinfo, s->associated_id))
1466 			WARN(1, "%s: can't recycle the second part (id = %ld) of the request\n",
1467 			     info->gd->disk_name, s->associated_id);
1468 	}
1469 
1470 	data.s = s;
1471 	num_sg = s->num_sg;
1472 
1473 	if (bret->operation == BLKIF_OP_READ && info->feature_persistent) {
1474 		for_each_sg(s->sg, sg, num_sg, i) {
1475 			BUG_ON(sg->offset + sg->length > PAGE_SIZE);
1476 
1477 			data.bvec_offset = sg->offset;
1478 			data.bvec_data = kmap_atomic(sg_page(sg));
1479 
1480 			gnttab_foreach_grant_in_range(sg_page(sg),
1481 						      sg->offset,
1482 						      sg->length,
1483 						      blkif_copy_from_grant,
1484 						      &data);
1485 
1486 			kunmap_atomic(data.bvec_data);
1487 		}
1488 	}
1489 	/* Add the persistent grant into the list of free grants */
1490 	for (i = 0; i < num_grant; i++) {
1491 		if (gnttab_query_foreign_access(s->grants_used[i]->gref)) {
1492 			/*
1493 			 * If the grant is still mapped by the backend (the
1494 			 * backend has chosen to make this grant persistent)
1495 			 * we add it at the head of the list, so it will be
1496 			 * reused first.
1497 			 */
1498 			if (!info->feature_persistent)
1499 				pr_alert_ratelimited("backed has not unmapped grant: %u\n",
1500 						     s->grants_used[i]->gref);
1501 			list_add(&s->grants_used[i]->node, &rinfo->grants);
1502 			rinfo->persistent_gnts_c++;
1503 		} else {
1504 			/*
1505 			 * If the grant is not mapped by the backend we end the
1506 			 * foreign access and add it to the tail of the list,
1507 			 * so it will not be picked again unless we run out of
1508 			 * persistent grants.
1509 			 */
1510 			gnttab_end_foreign_access(s->grants_used[i]->gref, 0, 0UL);
1511 			s->grants_used[i]->gref = GRANT_INVALID_REF;
1512 			list_add_tail(&s->grants_used[i]->node, &rinfo->grants);
1513 		}
1514 	}
1515 	if (s->req.operation == BLKIF_OP_INDIRECT) {
1516 		for (i = 0; i < INDIRECT_GREFS(num_grant); i++) {
1517 			if (gnttab_query_foreign_access(s->indirect_grants[i]->gref)) {
1518 				if (!info->feature_persistent)
1519 					pr_alert_ratelimited("backed has not unmapped grant: %u\n",
1520 							     s->indirect_grants[i]->gref);
1521 				list_add(&s->indirect_grants[i]->node, &rinfo->grants);
1522 				rinfo->persistent_gnts_c++;
1523 			} else {
1524 				struct page *indirect_page;
1525 
1526 				gnttab_end_foreign_access(s->indirect_grants[i]->gref, 0, 0UL);
1527 				/*
1528 				 * Add the used indirect page back to the list of
1529 				 * available pages for indirect grefs.
1530 				 */
1531 				if (!info->feature_persistent) {
1532 					indirect_page = s->indirect_grants[i]->page;
1533 					list_add(&indirect_page->lru, &rinfo->indirect_pages);
1534 				}
1535 				s->indirect_grants[i]->gref = GRANT_INVALID_REF;
1536 				list_add_tail(&s->indirect_grants[i]->node, &rinfo->grants);
1537 			}
1538 		}
1539 	}
1540 
1541 	return true;
1542 }
1543 
1544 static irqreturn_t blkif_interrupt(int irq, void *dev_id)
1545 {
1546 	struct request *req;
1547 	struct blkif_response *bret;
1548 	RING_IDX i, rp;
1549 	unsigned long flags;
1550 	struct blkfront_ring_info *rinfo = (struct blkfront_ring_info *)dev_id;
1551 	struct blkfront_info *info = rinfo->dev_info;
1552 
1553 	if (unlikely(info->connected != BLKIF_STATE_CONNECTED))
1554 		return IRQ_HANDLED;
1555 
1556 	spin_lock_irqsave(&rinfo->ring_lock, flags);
1557  again:
1558 	rp = rinfo->ring.sring->rsp_prod;
1559 	rmb(); /* Ensure we see queued responses up to 'rp'. */
1560 
1561 	for (i = rinfo->ring.rsp_cons; i != rp; i++) {
1562 		unsigned long id;
1563 
1564 		bret = RING_GET_RESPONSE(&rinfo->ring, i);
1565 		id   = bret->id;
1566 		/*
1567 		 * The backend has messed up and given us an id that we would
1568 		 * never have given to it (we stamp it up to BLK_RING_SIZE -
1569 		 * look in get_id_from_freelist.
1570 		 */
1571 		if (id >= BLK_RING_SIZE(info)) {
1572 			WARN(1, "%s: response to %s has incorrect id (%ld)\n",
1573 			     info->gd->disk_name, op_name(bret->operation), id);
1574 			/* We can't safely get the 'struct request' as
1575 			 * the id is busted. */
1576 			continue;
1577 		}
1578 		req  = rinfo->shadow[id].request;
1579 
1580 		if (bret->operation != BLKIF_OP_DISCARD) {
1581 			/*
1582 			 * We may need to wait for an extra response if the
1583 			 * I/O request is split in 2
1584 			 */
1585 			if (!blkif_completion(&id, rinfo, bret))
1586 				continue;
1587 		}
1588 
1589 		if (add_id_to_freelist(rinfo, id)) {
1590 			WARN(1, "%s: response to %s (id %ld) couldn't be recycled!\n",
1591 			     info->gd->disk_name, op_name(bret->operation), id);
1592 			continue;
1593 		}
1594 
1595 		if (bret->status == BLKIF_RSP_OKAY)
1596 			blkif_req(req)->error = BLK_STS_OK;
1597 		else
1598 			blkif_req(req)->error = BLK_STS_IOERR;
1599 
1600 		switch (bret->operation) {
1601 		case BLKIF_OP_DISCARD:
1602 			if (unlikely(bret->status == BLKIF_RSP_EOPNOTSUPP)) {
1603 				struct request_queue *rq = info->rq;
1604 				printk(KERN_WARNING "blkfront: %s: %s op failed\n",
1605 					   info->gd->disk_name, op_name(bret->operation));
1606 				blkif_req(req)->error = BLK_STS_NOTSUPP;
1607 				info->feature_discard = 0;
1608 				info->feature_secdiscard = 0;
1609 				blk_queue_flag_clear(QUEUE_FLAG_DISCARD, rq);
1610 				blk_queue_flag_clear(QUEUE_FLAG_SECERASE, rq);
1611 			}
1612 			break;
1613 		case BLKIF_OP_FLUSH_DISKCACHE:
1614 		case BLKIF_OP_WRITE_BARRIER:
1615 			if (unlikely(bret->status == BLKIF_RSP_EOPNOTSUPP)) {
1616 				printk(KERN_WARNING "blkfront: %s: %s op failed\n",
1617 				       info->gd->disk_name, op_name(bret->operation));
1618 				blkif_req(req)->error = BLK_STS_NOTSUPP;
1619 			}
1620 			if (unlikely(bret->status == BLKIF_RSP_ERROR &&
1621 				     rinfo->shadow[id].req.u.rw.nr_segments == 0)) {
1622 				printk(KERN_WARNING "blkfront: %s: empty %s op failed\n",
1623 				       info->gd->disk_name, op_name(bret->operation));
1624 				blkif_req(req)->error = BLK_STS_NOTSUPP;
1625 			}
1626 			if (unlikely(blkif_req(req)->error)) {
1627 				if (blkif_req(req)->error == BLK_STS_NOTSUPP)
1628 					blkif_req(req)->error = BLK_STS_OK;
1629 				info->feature_fua = 0;
1630 				info->feature_flush = 0;
1631 				xlvbd_flush(info);
1632 			}
1633 			/* fall through */
1634 		case BLKIF_OP_READ:
1635 		case BLKIF_OP_WRITE:
1636 			if (unlikely(bret->status != BLKIF_RSP_OKAY))
1637 				dev_dbg(&info->xbdev->dev, "Bad return from blkdev data "
1638 					"request: %x\n", bret->status);
1639 
1640 			break;
1641 		default:
1642 			BUG();
1643 		}
1644 
1645 		blk_mq_complete_request(req);
1646 	}
1647 
1648 	rinfo->ring.rsp_cons = i;
1649 
1650 	if (i != rinfo->ring.req_prod_pvt) {
1651 		int more_to_do;
1652 		RING_FINAL_CHECK_FOR_RESPONSES(&rinfo->ring, more_to_do);
1653 		if (more_to_do)
1654 			goto again;
1655 	} else
1656 		rinfo->ring.sring->rsp_event = i + 1;
1657 
1658 	kick_pending_request_queues_locked(rinfo);
1659 
1660 	spin_unlock_irqrestore(&rinfo->ring_lock, flags);
1661 
1662 	return IRQ_HANDLED;
1663 }
1664 
1665 
1666 static int setup_blkring(struct xenbus_device *dev,
1667 			 struct blkfront_ring_info *rinfo)
1668 {
1669 	struct blkif_sring *sring;
1670 	int err, i;
1671 	struct blkfront_info *info = rinfo->dev_info;
1672 	unsigned long ring_size = info->nr_ring_pages * XEN_PAGE_SIZE;
1673 	grant_ref_t gref[XENBUS_MAX_RING_GRANTS];
1674 
1675 	for (i = 0; i < info->nr_ring_pages; i++)
1676 		rinfo->ring_ref[i] = GRANT_INVALID_REF;
1677 
1678 	sring = (struct blkif_sring *)__get_free_pages(GFP_NOIO | __GFP_HIGH,
1679 						       get_order(ring_size));
1680 	if (!sring) {
1681 		xenbus_dev_fatal(dev, -ENOMEM, "allocating shared ring");
1682 		return -ENOMEM;
1683 	}
1684 	SHARED_RING_INIT(sring);
1685 	FRONT_RING_INIT(&rinfo->ring, sring, ring_size);
1686 
1687 	err = xenbus_grant_ring(dev, rinfo->ring.sring, info->nr_ring_pages, gref);
1688 	if (err < 0) {
1689 		free_pages((unsigned long)sring, get_order(ring_size));
1690 		rinfo->ring.sring = NULL;
1691 		goto fail;
1692 	}
1693 	for (i = 0; i < info->nr_ring_pages; i++)
1694 		rinfo->ring_ref[i] = gref[i];
1695 
1696 	err = xenbus_alloc_evtchn(dev, &rinfo->evtchn);
1697 	if (err)
1698 		goto fail;
1699 
1700 	err = bind_evtchn_to_irqhandler(rinfo->evtchn, blkif_interrupt, 0,
1701 					"blkif", rinfo);
1702 	if (err <= 0) {
1703 		xenbus_dev_fatal(dev, err,
1704 				 "bind_evtchn_to_irqhandler failed");
1705 		goto fail;
1706 	}
1707 	rinfo->irq = err;
1708 
1709 	return 0;
1710 fail:
1711 	blkif_free(info, 0);
1712 	return err;
1713 }
1714 
1715 /*
1716  * Write out per-ring/queue nodes including ring-ref and event-channel, and each
1717  * ring buffer may have multi pages depending on ->nr_ring_pages.
1718  */
1719 static int write_per_ring_nodes(struct xenbus_transaction xbt,
1720 				struct blkfront_ring_info *rinfo, const char *dir)
1721 {
1722 	int err;
1723 	unsigned int i;
1724 	const char *message = NULL;
1725 	struct blkfront_info *info = rinfo->dev_info;
1726 
1727 	if (info->nr_ring_pages == 1) {
1728 		err = xenbus_printf(xbt, dir, "ring-ref", "%u", rinfo->ring_ref[0]);
1729 		if (err) {
1730 			message = "writing ring-ref";
1731 			goto abort_transaction;
1732 		}
1733 	} else {
1734 		for (i = 0; i < info->nr_ring_pages; i++) {
1735 			char ring_ref_name[RINGREF_NAME_LEN];
1736 
1737 			snprintf(ring_ref_name, RINGREF_NAME_LEN, "ring-ref%u", i);
1738 			err = xenbus_printf(xbt, dir, ring_ref_name,
1739 					    "%u", rinfo->ring_ref[i]);
1740 			if (err) {
1741 				message = "writing ring-ref";
1742 				goto abort_transaction;
1743 			}
1744 		}
1745 	}
1746 
1747 	err = xenbus_printf(xbt, dir, "event-channel", "%u", rinfo->evtchn);
1748 	if (err) {
1749 		message = "writing event-channel";
1750 		goto abort_transaction;
1751 	}
1752 
1753 	return 0;
1754 
1755 abort_transaction:
1756 	xenbus_transaction_end(xbt, 1);
1757 	if (message)
1758 		xenbus_dev_fatal(info->xbdev, err, "%s", message);
1759 
1760 	return err;
1761 }
1762 
1763 static void free_info(struct blkfront_info *info)
1764 {
1765 	list_del(&info->info_list);
1766 	kfree(info);
1767 }
1768 
1769 /* Common code used when first setting up, and when resuming. */
1770 static int talk_to_blkback(struct xenbus_device *dev,
1771 			   struct blkfront_info *info)
1772 {
1773 	const char *message = NULL;
1774 	struct xenbus_transaction xbt;
1775 	int err;
1776 	unsigned int i, max_page_order;
1777 	unsigned int ring_page_order;
1778 
1779 	if (!info)
1780 		return -ENODEV;
1781 
1782 	max_page_order = xenbus_read_unsigned(info->xbdev->otherend,
1783 					      "max-ring-page-order", 0);
1784 	ring_page_order = min(xen_blkif_max_ring_order, max_page_order);
1785 	info->nr_ring_pages = 1 << ring_page_order;
1786 
1787 	err = negotiate_mq(info);
1788 	if (err)
1789 		goto destroy_blkring;
1790 
1791 	for (i = 0; i < info->nr_rings; i++) {
1792 		struct blkfront_ring_info *rinfo = &info->rinfo[i];
1793 
1794 		/* Create shared ring, alloc event channel. */
1795 		err = setup_blkring(dev, rinfo);
1796 		if (err)
1797 			goto destroy_blkring;
1798 	}
1799 
1800 again:
1801 	err = xenbus_transaction_start(&xbt);
1802 	if (err) {
1803 		xenbus_dev_fatal(dev, err, "starting transaction");
1804 		goto destroy_blkring;
1805 	}
1806 
1807 	if (info->nr_ring_pages > 1) {
1808 		err = xenbus_printf(xbt, dev->nodename, "ring-page-order", "%u",
1809 				    ring_page_order);
1810 		if (err) {
1811 			message = "writing ring-page-order";
1812 			goto abort_transaction;
1813 		}
1814 	}
1815 
1816 	/* We already got the number of queues/rings in _probe */
1817 	if (info->nr_rings == 1) {
1818 		err = write_per_ring_nodes(xbt, &info->rinfo[0], dev->nodename);
1819 		if (err)
1820 			goto destroy_blkring;
1821 	} else {
1822 		char *path;
1823 		size_t pathsize;
1824 
1825 		err = xenbus_printf(xbt, dev->nodename, "multi-queue-num-queues", "%u",
1826 				    info->nr_rings);
1827 		if (err) {
1828 			message = "writing multi-queue-num-queues";
1829 			goto abort_transaction;
1830 		}
1831 
1832 		pathsize = strlen(dev->nodename) + QUEUE_NAME_LEN;
1833 		path = kmalloc(pathsize, GFP_KERNEL);
1834 		if (!path) {
1835 			err = -ENOMEM;
1836 			message = "ENOMEM while writing ring references";
1837 			goto abort_transaction;
1838 		}
1839 
1840 		for (i = 0; i < info->nr_rings; i++) {
1841 			memset(path, 0, pathsize);
1842 			snprintf(path, pathsize, "%s/queue-%u", dev->nodename, i);
1843 			err = write_per_ring_nodes(xbt, &info->rinfo[i], path);
1844 			if (err) {
1845 				kfree(path);
1846 				goto destroy_blkring;
1847 			}
1848 		}
1849 		kfree(path);
1850 	}
1851 	err = xenbus_printf(xbt, dev->nodename, "protocol", "%s",
1852 			    XEN_IO_PROTO_ABI_NATIVE);
1853 	if (err) {
1854 		message = "writing protocol";
1855 		goto abort_transaction;
1856 	}
1857 	err = xenbus_printf(xbt, dev->nodename,
1858 			    "feature-persistent", "%u", 1);
1859 	if (err)
1860 		dev_warn(&dev->dev,
1861 			 "writing persistent grants feature to xenbus");
1862 
1863 	err = xenbus_transaction_end(xbt, 0);
1864 	if (err) {
1865 		if (err == -EAGAIN)
1866 			goto again;
1867 		xenbus_dev_fatal(dev, err, "completing transaction");
1868 		goto destroy_blkring;
1869 	}
1870 
1871 	for (i = 0; i < info->nr_rings; i++) {
1872 		unsigned int j;
1873 		struct blkfront_ring_info *rinfo = &info->rinfo[i];
1874 
1875 		for (j = 0; j < BLK_RING_SIZE(info); j++)
1876 			rinfo->shadow[j].req.u.rw.id = j + 1;
1877 		rinfo->shadow[BLK_RING_SIZE(info)-1].req.u.rw.id = 0x0fffffff;
1878 	}
1879 	xenbus_switch_state(dev, XenbusStateInitialised);
1880 
1881 	return 0;
1882 
1883  abort_transaction:
1884 	xenbus_transaction_end(xbt, 1);
1885 	if (message)
1886 		xenbus_dev_fatal(dev, err, "%s", message);
1887  destroy_blkring:
1888 	blkif_free(info, 0);
1889 
1890 	mutex_lock(&blkfront_mutex);
1891 	free_info(info);
1892 	mutex_unlock(&blkfront_mutex);
1893 
1894 	dev_set_drvdata(&dev->dev, NULL);
1895 
1896 	return err;
1897 }
1898 
1899 static int negotiate_mq(struct blkfront_info *info)
1900 {
1901 	unsigned int backend_max_queues;
1902 	unsigned int i;
1903 
1904 	BUG_ON(info->nr_rings);
1905 
1906 	/* Check if backend supports multiple queues. */
1907 	backend_max_queues = xenbus_read_unsigned(info->xbdev->otherend,
1908 						  "multi-queue-max-queues", 1);
1909 	info->nr_rings = min(backend_max_queues, xen_blkif_max_queues);
1910 	/* We need at least one ring. */
1911 	if (!info->nr_rings)
1912 		info->nr_rings = 1;
1913 
1914 	info->rinfo = kvcalloc(info->nr_rings,
1915 			       struct_size(info->rinfo, shadow,
1916 					   BLK_RING_SIZE(info)),
1917 			       GFP_KERNEL);
1918 	if (!info->rinfo) {
1919 		xenbus_dev_fatal(info->xbdev, -ENOMEM, "allocating ring_info structure");
1920 		info->nr_rings = 0;
1921 		return -ENOMEM;
1922 	}
1923 
1924 	for (i = 0; i < info->nr_rings; i++) {
1925 		struct blkfront_ring_info *rinfo;
1926 
1927 		rinfo = &info->rinfo[i];
1928 		INIT_LIST_HEAD(&rinfo->indirect_pages);
1929 		INIT_LIST_HEAD(&rinfo->grants);
1930 		rinfo->dev_info = info;
1931 		INIT_WORK(&rinfo->work, blkif_restart_queue);
1932 		spin_lock_init(&rinfo->ring_lock);
1933 	}
1934 	return 0;
1935 }
1936 /**
1937  * Entry point to this code when a new device is created.  Allocate the basic
1938  * structures and the ring buffer for communication with the backend, and
1939  * inform the backend of the appropriate details for those.  Switch to
1940  * Initialised state.
1941  */
1942 static int blkfront_probe(struct xenbus_device *dev,
1943 			  const struct xenbus_device_id *id)
1944 {
1945 	int err, vdevice;
1946 	struct blkfront_info *info;
1947 
1948 	/* FIXME: Use dynamic device id if this is not set. */
1949 	err = xenbus_scanf(XBT_NIL, dev->nodename,
1950 			   "virtual-device", "%i", &vdevice);
1951 	if (err != 1) {
1952 		/* go looking in the extended area instead */
1953 		err = xenbus_scanf(XBT_NIL, dev->nodename, "virtual-device-ext",
1954 				   "%i", &vdevice);
1955 		if (err != 1) {
1956 			xenbus_dev_fatal(dev, err, "reading virtual-device");
1957 			return err;
1958 		}
1959 	}
1960 
1961 	if (xen_hvm_domain()) {
1962 		char *type;
1963 		int len;
1964 		/* no unplug has been done: do not hook devices != xen vbds */
1965 		if (xen_has_pv_and_legacy_disk_devices()) {
1966 			int major;
1967 
1968 			if (!VDEV_IS_EXTENDED(vdevice))
1969 				major = BLKIF_MAJOR(vdevice);
1970 			else
1971 				major = XENVBD_MAJOR;
1972 
1973 			if (major != XENVBD_MAJOR) {
1974 				printk(KERN_INFO
1975 						"%s: HVM does not support vbd %d as xen block device\n",
1976 						__func__, vdevice);
1977 				return -ENODEV;
1978 			}
1979 		}
1980 		/* do not create a PV cdrom device if we are an HVM guest */
1981 		type = xenbus_read(XBT_NIL, dev->nodename, "device-type", &len);
1982 		if (IS_ERR(type))
1983 			return -ENODEV;
1984 		if (strncmp(type, "cdrom", 5) == 0) {
1985 			kfree(type);
1986 			return -ENODEV;
1987 		}
1988 		kfree(type);
1989 	}
1990 	info = kzalloc(sizeof(*info), GFP_KERNEL);
1991 	if (!info) {
1992 		xenbus_dev_fatal(dev, -ENOMEM, "allocating info structure");
1993 		return -ENOMEM;
1994 	}
1995 
1996 	info->xbdev = dev;
1997 
1998 	mutex_init(&info->mutex);
1999 	info->vdevice = vdevice;
2000 	info->connected = BLKIF_STATE_DISCONNECTED;
2001 
2002 	/* Front end dir is a number, which is used as the id. */
2003 	info->handle = simple_strtoul(strrchr(dev->nodename, '/')+1, NULL, 0);
2004 	dev_set_drvdata(&dev->dev, info);
2005 
2006 	mutex_lock(&blkfront_mutex);
2007 	list_add(&info->info_list, &info_list);
2008 	mutex_unlock(&blkfront_mutex);
2009 
2010 	return 0;
2011 }
2012 
2013 static int blkif_recover(struct blkfront_info *info)
2014 {
2015 	unsigned int r_index;
2016 	struct request *req, *n;
2017 	int rc;
2018 	struct bio *bio;
2019 	unsigned int segs;
2020 
2021 	blkfront_gather_backend_features(info);
2022 	/* Reset limits changed by blk_mq_update_nr_hw_queues(). */
2023 	blkif_set_queue_limits(info);
2024 	segs = info->max_indirect_segments ? : BLKIF_MAX_SEGMENTS_PER_REQUEST;
2025 	blk_queue_max_segments(info->rq, segs / GRANTS_PER_PSEG);
2026 
2027 	for (r_index = 0; r_index < info->nr_rings; r_index++) {
2028 		struct blkfront_ring_info *rinfo = &info->rinfo[r_index];
2029 
2030 		rc = blkfront_setup_indirect(rinfo);
2031 		if (rc)
2032 			return rc;
2033 	}
2034 	xenbus_switch_state(info->xbdev, XenbusStateConnected);
2035 
2036 	/* Now safe for us to use the shared ring */
2037 	info->connected = BLKIF_STATE_CONNECTED;
2038 
2039 	for (r_index = 0; r_index < info->nr_rings; r_index++) {
2040 		struct blkfront_ring_info *rinfo;
2041 
2042 		rinfo = &info->rinfo[r_index];
2043 		/* Kick any other new requests queued since we resumed */
2044 		kick_pending_request_queues(rinfo);
2045 	}
2046 
2047 	list_for_each_entry_safe(req, n, &info->requests, queuelist) {
2048 		/* Requeue pending requests (flush or discard) */
2049 		list_del_init(&req->queuelist);
2050 		BUG_ON(req->nr_phys_segments > segs);
2051 		blk_mq_requeue_request(req, false);
2052 	}
2053 	blk_mq_start_stopped_hw_queues(info->rq, true);
2054 	blk_mq_kick_requeue_list(info->rq);
2055 
2056 	while ((bio = bio_list_pop(&info->bio_list)) != NULL) {
2057 		/* Traverse the list of pending bios and re-queue them */
2058 		submit_bio(bio);
2059 	}
2060 
2061 	return 0;
2062 }
2063 
2064 /**
2065  * We are reconnecting to the backend, due to a suspend/resume, or a backend
2066  * driver restart.  We tear down our blkif structure and recreate it, but
2067  * leave the device-layer structures intact so that this is transparent to the
2068  * rest of the kernel.
2069  */
2070 static int blkfront_resume(struct xenbus_device *dev)
2071 {
2072 	struct blkfront_info *info = dev_get_drvdata(&dev->dev);
2073 	int err = 0;
2074 	unsigned int i, j;
2075 
2076 	dev_dbg(&dev->dev, "blkfront_resume: %s\n", dev->nodename);
2077 
2078 	bio_list_init(&info->bio_list);
2079 	INIT_LIST_HEAD(&info->requests);
2080 	for (i = 0; i < info->nr_rings; i++) {
2081 		struct blkfront_ring_info *rinfo = &info->rinfo[i];
2082 		struct bio_list merge_bio;
2083 		struct blk_shadow *shadow = rinfo->shadow;
2084 
2085 		for (j = 0; j < BLK_RING_SIZE(info); j++) {
2086 			/* Not in use? */
2087 			if (!shadow[j].request)
2088 				continue;
2089 
2090 			/*
2091 			 * Get the bios in the request so we can re-queue them.
2092 			 */
2093 			if (req_op(shadow[j].request) == REQ_OP_FLUSH ||
2094 			    req_op(shadow[j].request) == REQ_OP_DISCARD ||
2095 			    req_op(shadow[j].request) == REQ_OP_SECURE_ERASE ||
2096 			    shadow[j].request->cmd_flags & REQ_FUA) {
2097 				/*
2098 				 * Flush operations don't contain bios, so
2099 				 * we need to requeue the whole request
2100 				 *
2101 				 * XXX: but this doesn't make any sense for a
2102 				 * write with the FUA flag set..
2103 				 */
2104 				list_add(&shadow[j].request->queuelist, &info->requests);
2105 				continue;
2106 			}
2107 			merge_bio.head = shadow[j].request->bio;
2108 			merge_bio.tail = shadow[j].request->biotail;
2109 			bio_list_merge(&info->bio_list, &merge_bio);
2110 			shadow[j].request->bio = NULL;
2111 			blk_mq_end_request(shadow[j].request, BLK_STS_OK);
2112 		}
2113 	}
2114 
2115 	blkif_free(info, info->connected == BLKIF_STATE_CONNECTED);
2116 
2117 	err = talk_to_blkback(dev, info);
2118 	if (!err)
2119 		blk_mq_update_nr_hw_queues(&info->tag_set, info->nr_rings);
2120 
2121 	/*
2122 	 * We have to wait for the backend to switch to
2123 	 * connected state, since we want to read which
2124 	 * features it supports.
2125 	 */
2126 
2127 	return err;
2128 }
2129 
2130 static void blkfront_closing(struct blkfront_info *info)
2131 {
2132 	struct xenbus_device *xbdev = info->xbdev;
2133 	struct block_device *bdev = NULL;
2134 
2135 	mutex_lock(&info->mutex);
2136 
2137 	if (xbdev->state == XenbusStateClosing) {
2138 		mutex_unlock(&info->mutex);
2139 		return;
2140 	}
2141 
2142 	if (info->gd)
2143 		bdev = bdget_disk(info->gd, 0);
2144 
2145 	mutex_unlock(&info->mutex);
2146 
2147 	if (!bdev) {
2148 		xenbus_frontend_closed(xbdev);
2149 		return;
2150 	}
2151 
2152 	mutex_lock(&bdev->bd_mutex);
2153 
2154 	if (bdev->bd_openers) {
2155 		xenbus_dev_error(xbdev, -EBUSY,
2156 				 "Device in use; refusing to close");
2157 		xenbus_switch_state(xbdev, XenbusStateClosing);
2158 	} else {
2159 		xlvbd_release_gendisk(info);
2160 		xenbus_frontend_closed(xbdev);
2161 	}
2162 
2163 	mutex_unlock(&bdev->bd_mutex);
2164 	bdput(bdev);
2165 }
2166 
2167 static void blkfront_setup_discard(struct blkfront_info *info)
2168 {
2169 	int err;
2170 	unsigned int discard_granularity;
2171 	unsigned int discard_alignment;
2172 
2173 	info->feature_discard = 1;
2174 	err = xenbus_gather(XBT_NIL, info->xbdev->otherend,
2175 		"discard-granularity", "%u", &discard_granularity,
2176 		"discard-alignment", "%u", &discard_alignment,
2177 		NULL);
2178 	if (!err) {
2179 		info->discard_granularity = discard_granularity;
2180 		info->discard_alignment = discard_alignment;
2181 	}
2182 	info->feature_secdiscard =
2183 		!!xenbus_read_unsigned(info->xbdev->otherend, "discard-secure",
2184 				       0);
2185 }
2186 
2187 static int blkfront_setup_indirect(struct blkfront_ring_info *rinfo)
2188 {
2189 	unsigned int psegs, grants;
2190 	int err, i;
2191 	struct blkfront_info *info = rinfo->dev_info;
2192 
2193 	if (info->max_indirect_segments == 0) {
2194 		if (!HAS_EXTRA_REQ)
2195 			grants = BLKIF_MAX_SEGMENTS_PER_REQUEST;
2196 		else {
2197 			/*
2198 			 * When an extra req is required, the maximum
2199 			 * grants supported is related to the size of the
2200 			 * Linux block segment.
2201 			 */
2202 			grants = GRANTS_PER_PSEG;
2203 		}
2204 	}
2205 	else
2206 		grants = info->max_indirect_segments;
2207 	psegs = DIV_ROUND_UP(grants, GRANTS_PER_PSEG);
2208 
2209 	err = fill_grant_buffer(rinfo,
2210 				(grants + INDIRECT_GREFS(grants)) * BLK_RING_SIZE(info));
2211 	if (err)
2212 		goto out_of_memory;
2213 
2214 	if (!info->feature_persistent && info->max_indirect_segments) {
2215 		/*
2216 		 * We are using indirect descriptors but not persistent
2217 		 * grants, we need to allocate a set of pages that can be
2218 		 * used for mapping indirect grefs
2219 		 */
2220 		int num = INDIRECT_GREFS(grants) * BLK_RING_SIZE(info);
2221 
2222 		BUG_ON(!list_empty(&rinfo->indirect_pages));
2223 		for (i = 0; i < num; i++) {
2224 			struct page *indirect_page = alloc_page(GFP_NOIO);
2225 			if (!indirect_page)
2226 				goto out_of_memory;
2227 			list_add(&indirect_page->lru, &rinfo->indirect_pages);
2228 		}
2229 	}
2230 
2231 	for (i = 0; i < BLK_RING_SIZE(info); i++) {
2232 		rinfo->shadow[i].grants_used =
2233 			kvcalloc(grants,
2234 				 sizeof(rinfo->shadow[i].grants_used[0]),
2235 				 GFP_NOIO);
2236 		rinfo->shadow[i].sg = kvcalloc(psegs,
2237 					       sizeof(rinfo->shadow[i].sg[0]),
2238 					       GFP_NOIO);
2239 		if (info->max_indirect_segments)
2240 			rinfo->shadow[i].indirect_grants =
2241 				kvcalloc(INDIRECT_GREFS(grants),
2242 					 sizeof(rinfo->shadow[i].indirect_grants[0]),
2243 					 GFP_NOIO);
2244 		if ((rinfo->shadow[i].grants_used == NULL) ||
2245 			(rinfo->shadow[i].sg == NULL) ||
2246 		     (info->max_indirect_segments &&
2247 		     (rinfo->shadow[i].indirect_grants == NULL)))
2248 			goto out_of_memory;
2249 		sg_init_table(rinfo->shadow[i].sg, psegs);
2250 	}
2251 
2252 
2253 	return 0;
2254 
2255 out_of_memory:
2256 	for (i = 0; i < BLK_RING_SIZE(info); i++) {
2257 		kvfree(rinfo->shadow[i].grants_used);
2258 		rinfo->shadow[i].grants_used = NULL;
2259 		kvfree(rinfo->shadow[i].sg);
2260 		rinfo->shadow[i].sg = NULL;
2261 		kvfree(rinfo->shadow[i].indirect_grants);
2262 		rinfo->shadow[i].indirect_grants = NULL;
2263 	}
2264 	if (!list_empty(&rinfo->indirect_pages)) {
2265 		struct page *indirect_page, *n;
2266 		list_for_each_entry_safe(indirect_page, n, &rinfo->indirect_pages, lru) {
2267 			list_del(&indirect_page->lru);
2268 			__free_page(indirect_page);
2269 		}
2270 	}
2271 	return -ENOMEM;
2272 }
2273 
2274 /*
2275  * Gather all backend feature-*
2276  */
2277 static void blkfront_gather_backend_features(struct blkfront_info *info)
2278 {
2279 	unsigned int indirect_segments;
2280 
2281 	info->feature_flush = 0;
2282 	info->feature_fua = 0;
2283 
2284 	/*
2285 	 * If there's no "feature-barrier" defined, then it means
2286 	 * we're dealing with a very old backend which writes
2287 	 * synchronously; nothing to do.
2288 	 *
2289 	 * If there are barriers, then we use flush.
2290 	 */
2291 	if (xenbus_read_unsigned(info->xbdev->otherend, "feature-barrier", 0)) {
2292 		info->feature_flush = 1;
2293 		info->feature_fua = 1;
2294 	}
2295 
2296 	/*
2297 	 * And if there is "feature-flush-cache" use that above
2298 	 * barriers.
2299 	 */
2300 	if (xenbus_read_unsigned(info->xbdev->otherend, "feature-flush-cache",
2301 				 0)) {
2302 		info->feature_flush = 1;
2303 		info->feature_fua = 0;
2304 	}
2305 
2306 	if (xenbus_read_unsigned(info->xbdev->otherend, "feature-discard", 0))
2307 		blkfront_setup_discard(info);
2308 
2309 	info->feature_persistent =
2310 		!!xenbus_read_unsigned(info->xbdev->otherend,
2311 				       "feature-persistent", 0);
2312 
2313 	indirect_segments = xenbus_read_unsigned(info->xbdev->otherend,
2314 					"feature-max-indirect-segments", 0);
2315 	if (indirect_segments > xen_blkif_max_segments)
2316 		indirect_segments = xen_blkif_max_segments;
2317 	if (indirect_segments <= BLKIF_MAX_SEGMENTS_PER_REQUEST)
2318 		indirect_segments = 0;
2319 	info->max_indirect_segments = indirect_segments;
2320 
2321 	if (info->feature_persistent) {
2322 		mutex_lock(&blkfront_mutex);
2323 		schedule_delayed_work(&blkfront_work, HZ * 10);
2324 		mutex_unlock(&blkfront_mutex);
2325 	}
2326 }
2327 
2328 /*
2329  * Invoked when the backend is finally 'ready' (and has told produced
2330  * the details about the physical device - #sectors, size, etc).
2331  */
2332 static void blkfront_connect(struct blkfront_info *info)
2333 {
2334 	unsigned long long sectors;
2335 	unsigned long sector_size;
2336 	unsigned int physical_sector_size;
2337 	unsigned int binfo;
2338 	char *envp[] = { "RESIZE=1", NULL };
2339 	int err, i;
2340 
2341 	switch (info->connected) {
2342 	case BLKIF_STATE_CONNECTED:
2343 		/*
2344 		 * Potentially, the back-end may be signalling
2345 		 * a capacity change; update the capacity.
2346 		 */
2347 		err = xenbus_scanf(XBT_NIL, info->xbdev->otherend,
2348 				   "sectors", "%Lu", &sectors);
2349 		if (XENBUS_EXIST_ERR(err))
2350 			return;
2351 		printk(KERN_INFO "Setting capacity to %Lu\n",
2352 		       sectors);
2353 		set_capacity(info->gd, sectors);
2354 		revalidate_disk(info->gd);
2355 		kobject_uevent_env(&disk_to_dev(info->gd)->kobj,
2356 				   KOBJ_CHANGE, envp);
2357 
2358 		return;
2359 	case BLKIF_STATE_SUSPENDED:
2360 		/*
2361 		 * If we are recovering from suspension, we need to wait
2362 		 * for the backend to announce it's features before
2363 		 * reconnecting, at least we need to know if the backend
2364 		 * supports indirect descriptors, and how many.
2365 		 */
2366 		blkif_recover(info);
2367 		return;
2368 
2369 	default:
2370 		break;
2371 	}
2372 
2373 	dev_dbg(&info->xbdev->dev, "%s:%s.\n",
2374 		__func__, info->xbdev->otherend);
2375 
2376 	err = xenbus_gather(XBT_NIL, info->xbdev->otherend,
2377 			    "sectors", "%llu", &sectors,
2378 			    "info", "%u", &binfo,
2379 			    "sector-size", "%lu", &sector_size,
2380 			    NULL);
2381 	if (err) {
2382 		xenbus_dev_fatal(info->xbdev, err,
2383 				 "reading backend fields at %s",
2384 				 info->xbdev->otherend);
2385 		return;
2386 	}
2387 
2388 	/*
2389 	 * physcial-sector-size is a newer field, so old backends may not
2390 	 * provide this. Assume physical sector size to be the same as
2391 	 * sector_size in that case.
2392 	 */
2393 	physical_sector_size = xenbus_read_unsigned(info->xbdev->otherend,
2394 						    "physical-sector-size",
2395 						    sector_size);
2396 	blkfront_gather_backend_features(info);
2397 	for (i = 0; i < info->nr_rings; i++) {
2398 		err = blkfront_setup_indirect(&info->rinfo[i]);
2399 		if (err) {
2400 			xenbus_dev_fatal(info->xbdev, err, "setup_indirect at %s",
2401 					 info->xbdev->otherend);
2402 			blkif_free(info, 0);
2403 			break;
2404 		}
2405 	}
2406 
2407 	err = xlvbd_alloc_gendisk(sectors, info, binfo, sector_size,
2408 				  physical_sector_size);
2409 	if (err) {
2410 		xenbus_dev_fatal(info->xbdev, err, "xlvbd_add at %s",
2411 				 info->xbdev->otherend);
2412 		goto fail;
2413 	}
2414 
2415 	xenbus_switch_state(info->xbdev, XenbusStateConnected);
2416 
2417 	/* Kick pending requests. */
2418 	info->connected = BLKIF_STATE_CONNECTED;
2419 	for (i = 0; i < info->nr_rings; i++)
2420 		kick_pending_request_queues(&info->rinfo[i]);
2421 
2422 	device_add_disk(&info->xbdev->dev, info->gd, NULL);
2423 
2424 	info->is_ready = 1;
2425 	return;
2426 
2427 fail:
2428 	blkif_free(info, 0);
2429 	return;
2430 }
2431 
2432 /**
2433  * Callback received when the backend's state changes.
2434  */
2435 static void blkback_changed(struct xenbus_device *dev,
2436 			    enum xenbus_state backend_state)
2437 {
2438 	struct blkfront_info *info = dev_get_drvdata(&dev->dev);
2439 
2440 	dev_dbg(&dev->dev, "blkfront:blkback_changed to state %d.\n", backend_state);
2441 
2442 	switch (backend_state) {
2443 	case XenbusStateInitWait:
2444 		if (dev->state != XenbusStateInitialising)
2445 			break;
2446 		if (talk_to_blkback(dev, info))
2447 			break;
2448 	case XenbusStateInitialising:
2449 	case XenbusStateInitialised:
2450 	case XenbusStateReconfiguring:
2451 	case XenbusStateReconfigured:
2452 	case XenbusStateUnknown:
2453 		break;
2454 
2455 	case XenbusStateConnected:
2456 		/*
2457 		 * talk_to_blkback sets state to XenbusStateInitialised
2458 		 * and blkfront_connect sets it to XenbusStateConnected
2459 		 * (if connection went OK).
2460 		 *
2461 		 * If the backend (or toolstack) decides to poke at backend
2462 		 * state (and re-trigger the watch by setting the state repeatedly
2463 		 * to XenbusStateConnected (4)) we need to deal with this.
2464 		 * This is allowed as this is used to communicate to the guest
2465 		 * that the size of disk has changed!
2466 		 */
2467 		if ((dev->state != XenbusStateInitialised) &&
2468 		    (dev->state != XenbusStateConnected)) {
2469 			if (talk_to_blkback(dev, info))
2470 				break;
2471 		}
2472 
2473 		blkfront_connect(info);
2474 		break;
2475 
2476 	case XenbusStateClosed:
2477 		if (dev->state == XenbusStateClosed)
2478 			break;
2479 		/* fall through */
2480 	case XenbusStateClosing:
2481 		if (info)
2482 			blkfront_closing(info);
2483 		break;
2484 	}
2485 }
2486 
2487 static int blkfront_remove(struct xenbus_device *xbdev)
2488 {
2489 	struct blkfront_info *info = dev_get_drvdata(&xbdev->dev);
2490 	struct block_device *bdev = NULL;
2491 	struct gendisk *disk;
2492 
2493 	dev_dbg(&xbdev->dev, "%s removed", xbdev->nodename);
2494 
2495 	if (!info)
2496 		return 0;
2497 
2498 	blkif_free(info, 0);
2499 
2500 	mutex_lock(&info->mutex);
2501 
2502 	disk = info->gd;
2503 	if (disk)
2504 		bdev = bdget_disk(disk, 0);
2505 
2506 	info->xbdev = NULL;
2507 	mutex_unlock(&info->mutex);
2508 
2509 	if (!bdev) {
2510 		mutex_lock(&blkfront_mutex);
2511 		free_info(info);
2512 		mutex_unlock(&blkfront_mutex);
2513 		return 0;
2514 	}
2515 
2516 	/*
2517 	 * The xbdev was removed before we reached the Closed
2518 	 * state. See if it's safe to remove the disk. If the bdev
2519 	 * isn't closed yet, we let release take care of it.
2520 	 */
2521 
2522 	mutex_lock(&bdev->bd_mutex);
2523 	info = disk->private_data;
2524 
2525 	dev_warn(disk_to_dev(disk),
2526 		 "%s was hot-unplugged, %d stale handles\n",
2527 		 xbdev->nodename, bdev->bd_openers);
2528 
2529 	if (info && !bdev->bd_openers) {
2530 		xlvbd_release_gendisk(info);
2531 		disk->private_data = NULL;
2532 		mutex_lock(&blkfront_mutex);
2533 		free_info(info);
2534 		mutex_unlock(&blkfront_mutex);
2535 	}
2536 
2537 	mutex_unlock(&bdev->bd_mutex);
2538 	bdput(bdev);
2539 
2540 	return 0;
2541 }
2542 
2543 static int blkfront_is_ready(struct xenbus_device *dev)
2544 {
2545 	struct blkfront_info *info = dev_get_drvdata(&dev->dev);
2546 
2547 	return info->is_ready && info->xbdev;
2548 }
2549 
2550 static int blkif_open(struct block_device *bdev, fmode_t mode)
2551 {
2552 	struct gendisk *disk = bdev->bd_disk;
2553 	struct blkfront_info *info;
2554 	int err = 0;
2555 
2556 	mutex_lock(&blkfront_mutex);
2557 
2558 	info = disk->private_data;
2559 	if (!info) {
2560 		/* xbdev gone */
2561 		err = -ERESTARTSYS;
2562 		goto out;
2563 	}
2564 
2565 	mutex_lock(&info->mutex);
2566 
2567 	if (!info->gd)
2568 		/* xbdev is closed */
2569 		err = -ERESTARTSYS;
2570 
2571 	mutex_unlock(&info->mutex);
2572 
2573 out:
2574 	mutex_unlock(&blkfront_mutex);
2575 	return err;
2576 }
2577 
2578 static void blkif_release(struct gendisk *disk, fmode_t mode)
2579 {
2580 	struct blkfront_info *info = disk->private_data;
2581 	struct block_device *bdev;
2582 	struct xenbus_device *xbdev;
2583 
2584 	mutex_lock(&blkfront_mutex);
2585 
2586 	bdev = bdget_disk(disk, 0);
2587 
2588 	if (!bdev) {
2589 		WARN(1, "Block device %s yanked out from us!\n", disk->disk_name);
2590 		goto out_mutex;
2591 	}
2592 	if (bdev->bd_openers)
2593 		goto out;
2594 
2595 	/*
2596 	 * Check if we have been instructed to close. We will have
2597 	 * deferred this request, because the bdev was still open.
2598 	 */
2599 
2600 	mutex_lock(&info->mutex);
2601 	xbdev = info->xbdev;
2602 
2603 	if (xbdev && xbdev->state == XenbusStateClosing) {
2604 		/* pending switch to state closed */
2605 		dev_info(disk_to_dev(bdev->bd_disk), "releasing disk\n");
2606 		xlvbd_release_gendisk(info);
2607 		xenbus_frontend_closed(info->xbdev);
2608  	}
2609 
2610 	mutex_unlock(&info->mutex);
2611 
2612 	if (!xbdev) {
2613 		/* sudden device removal */
2614 		dev_info(disk_to_dev(bdev->bd_disk), "releasing disk\n");
2615 		xlvbd_release_gendisk(info);
2616 		disk->private_data = NULL;
2617 		free_info(info);
2618 	}
2619 
2620 out:
2621 	bdput(bdev);
2622 out_mutex:
2623 	mutex_unlock(&blkfront_mutex);
2624 }
2625 
2626 static const struct block_device_operations xlvbd_block_fops =
2627 {
2628 	.owner = THIS_MODULE,
2629 	.open = blkif_open,
2630 	.release = blkif_release,
2631 	.getgeo = blkif_getgeo,
2632 	.ioctl = blkif_ioctl,
2633 	.compat_ioctl = blkdev_compat_ptr_ioctl,
2634 };
2635 
2636 
2637 static const struct xenbus_device_id blkfront_ids[] = {
2638 	{ "vbd" },
2639 	{ "" }
2640 };
2641 
2642 static struct xenbus_driver blkfront_driver = {
2643 	.ids  = blkfront_ids,
2644 	.probe = blkfront_probe,
2645 	.remove = blkfront_remove,
2646 	.resume = blkfront_resume,
2647 	.otherend_changed = blkback_changed,
2648 	.is_ready = blkfront_is_ready,
2649 };
2650 
2651 static void purge_persistent_grants(struct blkfront_info *info)
2652 {
2653 	unsigned int i;
2654 	unsigned long flags;
2655 
2656 	for (i = 0; i < info->nr_rings; i++) {
2657 		struct blkfront_ring_info *rinfo = &info->rinfo[i];
2658 		struct grant *gnt_list_entry, *tmp;
2659 
2660 		spin_lock_irqsave(&rinfo->ring_lock, flags);
2661 
2662 		if (rinfo->persistent_gnts_c == 0) {
2663 			spin_unlock_irqrestore(&rinfo->ring_lock, flags);
2664 			continue;
2665 		}
2666 
2667 		list_for_each_entry_safe(gnt_list_entry, tmp, &rinfo->grants,
2668 					 node) {
2669 			if (gnt_list_entry->gref == GRANT_INVALID_REF ||
2670 			    gnttab_query_foreign_access(gnt_list_entry->gref))
2671 				continue;
2672 
2673 			list_del(&gnt_list_entry->node);
2674 			gnttab_end_foreign_access(gnt_list_entry->gref, 0, 0UL);
2675 			rinfo->persistent_gnts_c--;
2676 			gnt_list_entry->gref = GRANT_INVALID_REF;
2677 			list_add_tail(&gnt_list_entry->node, &rinfo->grants);
2678 		}
2679 
2680 		spin_unlock_irqrestore(&rinfo->ring_lock, flags);
2681 	}
2682 }
2683 
2684 static void blkfront_delay_work(struct work_struct *work)
2685 {
2686 	struct blkfront_info *info;
2687 	bool need_schedule_work = false;
2688 
2689 	mutex_lock(&blkfront_mutex);
2690 
2691 	list_for_each_entry(info, &info_list, info_list) {
2692 		if (info->feature_persistent) {
2693 			need_schedule_work = true;
2694 			mutex_lock(&info->mutex);
2695 			purge_persistent_grants(info);
2696 			mutex_unlock(&info->mutex);
2697 		}
2698 	}
2699 
2700 	if (need_schedule_work)
2701 		schedule_delayed_work(&blkfront_work, HZ * 10);
2702 
2703 	mutex_unlock(&blkfront_mutex);
2704 }
2705 
2706 static int __init xlblk_init(void)
2707 {
2708 	int ret;
2709 	int nr_cpus = num_online_cpus();
2710 
2711 	if (!xen_domain())
2712 		return -ENODEV;
2713 
2714 	if (!xen_has_pv_disk_devices())
2715 		return -ENODEV;
2716 
2717 	if (register_blkdev(XENVBD_MAJOR, DEV_NAME)) {
2718 		pr_warn("xen_blk: can't get major %d with name %s\n",
2719 			XENVBD_MAJOR, DEV_NAME);
2720 		return -ENODEV;
2721 	}
2722 
2723 	if (xen_blkif_max_segments < BLKIF_MAX_SEGMENTS_PER_REQUEST)
2724 		xen_blkif_max_segments = BLKIF_MAX_SEGMENTS_PER_REQUEST;
2725 
2726 	if (xen_blkif_max_ring_order > XENBUS_MAX_RING_GRANT_ORDER) {
2727 		pr_info("Invalid max_ring_order (%d), will use default max: %d.\n",
2728 			xen_blkif_max_ring_order, XENBUS_MAX_RING_GRANT_ORDER);
2729 		xen_blkif_max_ring_order = XENBUS_MAX_RING_GRANT_ORDER;
2730 	}
2731 
2732 	if (xen_blkif_max_queues > nr_cpus) {
2733 		pr_info("Invalid max_queues (%d), will use default max: %d.\n",
2734 			xen_blkif_max_queues, nr_cpus);
2735 		xen_blkif_max_queues = nr_cpus;
2736 	}
2737 
2738 	INIT_DELAYED_WORK(&blkfront_work, blkfront_delay_work);
2739 
2740 	ret = xenbus_register_frontend(&blkfront_driver);
2741 	if (ret) {
2742 		unregister_blkdev(XENVBD_MAJOR, DEV_NAME);
2743 		return ret;
2744 	}
2745 
2746 	return 0;
2747 }
2748 module_init(xlblk_init);
2749 
2750 
2751 static void __exit xlblk_exit(void)
2752 {
2753 	cancel_delayed_work_sync(&blkfront_work);
2754 
2755 	xenbus_unregister_driver(&blkfront_driver);
2756 	unregister_blkdev(XENVBD_MAJOR, DEV_NAME);
2757 	kfree(minors);
2758 }
2759 module_exit(xlblk_exit);
2760 
2761 MODULE_DESCRIPTION("Xen virtual block device frontend");
2762 MODULE_LICENSE("GPL");
2763 MODULE_ALIAS_BLOCKDEV_MAJOR(XENVBD_MAJOR);
2764 MODULE_ALIAS("xen:vbd");
2765 MODULE_ALIAS("xenblk");
2766