1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * 4 * Copyright (c) 2009, Microsoft Corporation. 5 * 6 * Authors: 7 * Haiyang Zhang <haiyangz@microsoft.com> 8 * Hank Janssen <hjanssen@microsoft.com> 9 */ 10 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 11 12 #include <linux/kernel.h> 13 #include <linux/sched.h> 14 #include <linux/wait.h> 15 #include <linux/delay.h> 16 #include <linux/mm.h> 17 #include <linux/module.h> 18 #include <linux/slab.h> 19 #include <linux/vmalloc.h> 20 #include <linux/hyperv.h> 21 #include <linux/export.h> 22 #include <linux/io.h> 23 #include <linux/set_memory.h> 24 #include <asm/mshyperv.h> 25 26 #include "hyperv_vmbus.h" 27 28 29 struct vmbus_connection vmbus_connection = { 30 .conn_state = DISCONNECTED, 31 .unload_event = COMPLETION_INITIALIZER( 32 vmbus_connection.unload_event), 33 .next_gpadl_handle = ATOMIC_INIT(0xE1E10), 34 35 .ready_for_suspend_event = COMPLETION_INITIALIZER( 36 vmbus_connection.ready_for_suspend_event), 37 .all_offers_delivered_event = COMPLETION_INITIALIZER( 38 vmbus_connection.all_offers_delivered_event), 39 }; 40 EXPORT_SYMBOL_GPL(vmbus_connection); 41 42 /* 43 * Negotiated protocol version with the host. 44 */ 45 __u32 vmbus_proto_version; 46 EXPORT_SYMBOL_GPL(vmbus_proto_version); 47 48 /* 49 * Table of VMBus versions listed from newest to oldest. 50 * VERSION_WIN7 and VERSION_WS2008 are no longer supported in 51 * Linux guests and are not listed. 52 */ 53 static __u32 vmbus_versions[] = { 54 VERSION_WIN10_V5_3, 55 VERSION_WIN10_V5_2, 56 VERSION_WIN10_V5_1, 57 VERSION_WIN10_V5, 58 VERSION_WIN10_V4_1, 59 VERSION_WIN10, 60 VERSION_WIN8_1, 61 VERSION_WIN8 62 }; 63 64 /* 65 * Maximal VMBus protocol version guests can negotiate. Useful to cap the 66 * VMBus version for testing and debugging purpose. 67 */ 68 static uint max_version = VERSION_WIN10_V5_3; 69 70 module_param(max_version, uint, S_IRUGO); 71 MODULE_PARM_DESC(max_version, 72 "Maximal VMBus protocol version which can be negotiated"); 73 74 int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, u32 version) 75 { 76 int ret = 0; 77 struct vmbus_channel_initiate_contact *msg; 78 unsigned long flags; 79 80 init_completion(&msginfo->waitevent); 81 82 msg = (struct vmbus_channel_initiate_contact *)msginfo->msg; 83 84 memset(msg, 0, sizeof(*msg)); 85 msg->header.msgtype = CHANNELMSG_INITIATE_CONTACT; 86 msg->vmbus_version_requested = version; 87 88 /* 89 * VMBus protocol 5.0 (VERSION_WIN10_V5) and higher require that we must 90 * use VMBUS_MESSAGE_CONNECTION_ID_4 for the Initiate Contact Message, 91 * and for subsequent messages, we must use the Message Connection ID 92 * field in the host-returned Version Response Message. And, with 93 * VERSION_WIN10_V5 and higher, we don't use msg->interrupt_page, but we 94 * tell the host explicitly that we still use VMBUS_MESSAGE_SINT(2) for 95 * compatibility. 96 * 97 * On old hosts, we should always use VMBUS_MESSAGE_CONNECTION_ID (1). 98 */ 99 if (version >= VERSION_WIN10_V5) { 100 msg->msg_sint = VMBUS_MESSAGE_SINT; 101 msg->msg_vtl = ms_hyperv.vtl; 102 vmbus_connection.msg_conn_id = VMBUS_MESSAGE_CONNECTION_ID_4; 103 } else { 104 msg->interrupt_page = virt_to_phys(vmbus_connection.int_page); 105 vmbus_connection.msg_conn_id = VMBUS_MESSAGE_CONNECTION_ID; 106 } 107 108 /* 109 * shared_gpa_boundary is zero in non-SNP VMs, so it's safe to always 110 * bitwise OR it 111 */ 112 msg->monitor_page1 = virt_to_phys(vmbus_connection.monitor_pages[0]) | 113 ms_hyperv.shared_gpa_boundary; 114 msg->monitor_page2 = virt_to_phys(vmbus_connection.monitor_pages[1]) | 115 ms_hyperv.shared_gpa_boundary; 116 117 msg->target_vcpu = hv_cpu_number_to_vp_number(VMBUS_CONNECT_CPU); 118 119 /* 120 * Add to list before we send the request since we may 121 * receive the response before returning from this routine 122 */ 123 spin_lock_irqsave(&vmbus_connection.channelmsg_lock, flags); 124 list_add_tail(&msginfo->msglistentry, 125 &vmbus_connection.chn_msg_list); 126 127 spin_unlock_irqrestore(&vmbus_connection.channelmsg_lock, flags); 128 129 ret = vmbus_post_msg(msg, 130 sizeof(struct vmbus_channel_initiate_contact), 131 true); 132 133 trace_vmbus_negotiate_version(msg, ret); 134 135 if (ret != 0) { 136 spin_lock_irqsave(&vmbus_connection.channelmsg_lock, flags); 137 list_del(&msginfo->msglistentry); 138 spin_unlock_irqrestore(&vmbus_connection.channelmsg_lock, 139 flags); 140 return ret; 141 } 142 143 /* Wait for the connection response */ 144 wait_for_completion(&msginfo->waitevent); 145 146 spin_lock_irqsave(&vmbus_connection.channelmsg_lock, flags); 147 list_del(&msginfo->msglistentry); 148 spin_unlock_irqrestore(&vmbus_connection.channelmsg_lock, flags); 149 150 /* Check if successful */ 151 if (msginfo->response.version_response.version_supported) { 152 vmbus_connection.conn_state = CONNECTED; 153 154 if (version >= VERSION_WIN10_V5) 155 vmbus_connection.msg_conn_id = 156 msginfo->response.version_response.msg_conn_id; 157 } else { 158 return -ECONNREFUSED; 159 } 160 161 return ret; 162 } 163 164 /* 165 * vmbus_connect - Sends a connect request on the partition service connection 166 */ 167 int vmbus_connect(void) 168 { 169 struct vmbus_channel_msginfo *msginfo = NULL; 170 int i, ret = 0; 171 __u32 version; 172 173 /* Initialize the vmbus connection */ 174 vmbus_connection.conn_state = CONNECTING; 175 vmbus_connection.work_queue = create_workqueue("hv_vmbus_con"); 176 if (!vmbus_connection.work_queue) { 177 ret = -ENOMEM; 178 goto cleanup; 179 } 180 181 vmbus_connection.rescind_work_queue = 182 create_workqueue("hv_vmbus_rescind"); 183 if (!vmbus_connection.rescind_work_queue) { 184 ret = -ENOMEM; 185 goto cleanup; 186 } 187 vmbus_connection.ignore_any_offer_msg = false; 188 189 vmbus_connection.handle_primary_chan_wq = 190 create_workqueue("hv_pri_chan"); 191 if (!vmbus_connection.handle_primary_chan_wq) { 192 ret = -ENOMEM; 193 goto cleanup; 194 } 195 196 vmbus_connection.handle_sub_chan_wq = 197 create_workqueue("hv_sub_chan"); 198 if (!vmbus_connection.handle_sub_chan_wq) { 199 ret = -ENOMEM; 200 goto cleanup; 201 } 202 203 INIT_LIST_HEAD(&vmbus_connection.chn_msg_list); 204 spin_lock_init(&vmbus_connection.channelmsg_lock); 205 206 INIT_LIST_HEAD(&vmbus_connection.chn_list); 207 mutex_init(&vmbus_connection.channel_mutex); 208 209 /* 210 * The following Hyper-V interrupt and monitor pages can be used by 211 * UIO for mapping to user-space, so they should always be allocated on 212 * system page boundaries. The system page size must be >= the Hyper-V 213 * page size. 214 */ 215 BUILD_BUG_ON(PAGE_SIZE < HV_HYP_PAGE_SIZE); 216 217 /* 218 * Setup the vmbus event connection for channel interrupt 219 * abstraction stuff 220 */ 221 vmbus_connection.int_page = 222 (void *)__get_free_page(GFP_KERNEL | __GFP_ZERO); 223 if (vmbus_connection.int_page == NULL) { 224 ret = -ENOMEM; 225 goto cleanup; 226 } 227 228 vmbus_connection.recv_int_page = vmbus_connection.int_page; 229 vmbus_connection.send_int_page = 230 (void *)((unsigned long)vmbus_connection.int_page + 231 (HV_HYP_PAGE_SIZE >> 1)); 232 233 /* 234 * Setup the monitor notification facility. The 1st page for 235 * parent->child and the 2nd page for child->parent 236 */ 237 vmbus_connection.monitor_pages[0] = (void *)__get_free_page(GFP_KERNEL); 238 vmbus_connection.monitor_pages[1] = (void *)__get_free_page(GFP_KERNEL); 239 if ((vmbus_connection.monitor_pages[0] == NULL) || 240 (vmbus_connection.monitor_pages[1] == NULL)) { 241 ret = -ENOMEM; 242 goto cleanup; 243 } 244 245 ret = set_memory_decrypted((unsigned long) 246 vmbus_connection.monitor_pages[0], 1); 247 ret |= set_memory_decrypted((unsigned long) 248 vmbus_connection.monitor_pages[1], 1); 249 if (ret) { 250 /* 251 * If set_memory_decrypted() fails, the encryption state 252 * of the memory is unknown. So leak the memory instead 253 * of risking returning decrypted memory to the free list. 254 * For simplicity, always handle both pages the same. 255 */ 256 vmbus_connection.monitor_pages[0] = NULL; 257 vmbus_connection.monitor_pages[1] = NULL; 258 goto cleanup; 259 } 260 261 /* 262 * Set_memory_decrypted() will change the memory contents if 263 * decryption occurs, so zero monitor pages here. 264 */ 265 memset(vmbus_connection.monitor_pages[0], 0x00, HV_HYP_PAGE_SIZE); 266 memset(vmbus_connection.monitor_pages[1], 0x00, HV_HYP_PAGE_SIZE); 267 268 msginfo = kzalloc(sizeof(*msginfo) + 269 sizeof(struct vmbus_channel_initiate_contact), 270 GFP_KERNEL); 271 if (msginfo == NULL) { 272 ret = -ENOMEM; 273 goto cleanup; 274 } 275 276 /* 277 * Negotiate a compatible VMBUS version number with the 278 * host. We start with the highest number we can support 279 * and work our way down until we negotiate a compatible 280 * version. 281 */ 282 283 for (i = 0; ; i++) { 284 if (i == ARRAY_SIZE(vmbus_versions)) { 285 ret = -EDOM; 286 goto cleanup; 287 } 288 289 version = vmbus_versions[i]; 290 if (version > max_version) 291 continue; 292 293 ret = vmbus_negotiate_version(msginfo, version); 294 if (ret == -ETIMEDOUT) 295 goto cleanup; 296 297 if (vmbus_connection.conn_state == CONNECTED) 298 break; 299 } 300 301 if (hv_is_isolation_supported() && version < VERSION_WIN10_V5_2) { 302 pr_err("Invalid VMBus version %d.%d (expected >= %d.%d) from the host supporting isolation\n", 303 version >> 16, version & 0xFFFF, VERSION_WIN10_V5_2 >> 16, VERSION_WIN10_V5_2 & 0xFFFF); 304 ret = -EINVAL; 305 goto cleanup; 306 } 307 308 vmbus_proto_version = version; 309 pr_info("Vmbus version:%d.%d\n", 310 version >> 16, version & 0xFFFF); 311 312 vmbus_connection.channels = kcalloc(MAX_CHANNEL_RELIDS, 313 sizeof(struct vmbus_channel *), 314 GFP_KERNEL); 315 if (vmbus_connection.channels == NULL) { 316 ret = -ENOMEM; 317 goto cleanup; 318 } 319 320 kfree(msginfo); 321 return 0; 322 323 cleanup: 324 pr_err("Unable to connect to host\n"); 325 326 vmbus_connection.conn_state = DISCONNECTED; 327 vmbus_disconnect(); 328 329 kfree(msginfo); 330 331 return ret; 332 } 333 334 void vmbus_disconnect(void) 335 { 336 /* 337 * First send the unload request to the host. 338 */ 339 vmbus_initiate_unload(false); 340 341 if (vmbus_connection.handle_sub_chan_wq) 342 destroy_workqueue(vmbus_connection.handle_sub_chan_wq); 343 344 if (vmbus_connection.handle_primary_chan_wq) 345 destroy_workqueue(vmbus_connection.handle_primary_chan_wq); 346 347 if (vmbus_connection.rescind_work_queue) 348 destroy_workqueue(vmbus_connection.rescind_work_queue); 349 350 if (vmbus_connection.work_queue) 351 destroy_workqueue(vmbus_connection.work_queue); 352 353 if (vmbus_connection.int_page) { 354 free_page((unsigned long)vmbus_connection.int_page); 355 vmbus_connection.int_page = NULL; 356 } 357 358 if (vmbus_connection.monitor_pages[0]) { 359 if (!set_memory_encrypted( 360 (unsigned long)vmbus_connection.monitor_pages[0], 1)) 361 free_page((unsigned long) 362 vmbus_connection.monitor_pages[0]); 363 vmbus_connection.monitor_pages[0] = NULL; 364 } 365 366 if (vmbus_connection.monitor_pages[1]) { 367 if (!set_memory_encrypted( 368 (unsigned long)vmbus_connection.monitor_pages[1], 1)) 369 free_page((unsigned long) 370 vmbus_connection.monitor_pages[1]); 371 vmbus_connection.monitor_pages[1] = NULL; 372 } 373 } 374 375 /* 376 * relid2channel - Get the channel object given its 377 * child relative id (ie channel id) 378 */ 379 struct vmbus_channel *relid2channel(u32 relid) 380 { 381 if (vmbus_connection.channels == NULL) { 382 pr_warn_once("relid2channel: relid=%d: No channels mapped!\n", relid); 383 return NULL; 384 } 385 if (WARN_ON(relid >= MAX_CHANNEL_RELIDS)) 386 return NULL; 387 return READ_ONCE(vmbus_connection.channels[relid]); 388 } 389 390 /* 391 * vmbus_on_event - Process a channel event notification 392 * 393 * For batched channels (default) optimize host to guest signaling 394 * by ensuring: 395 * 1. While reading the channel, we disable interrupts from host. 396 * 2. Ensure that we process all posted messages from the host 397 * before returning from this callback. 398 * 3. Once we return, enable signaling from the host. Once this 399 * state is set we check to see if additional packets are 400 * available to read. In this case we repeat the process. 401 * If this tasklet has been running for a long time 402 * then reschedule ourselves. 403 */ 404 void vmbus_on_event(unsigned long data) 405 { 406 struct vmbus_channel *channel = (void *) data; 407 void (*callback_fn)(void *context); 408 409 trace_vmbus_on_event(channel); 410 411 hv_debug_delay_test(channel, INTERRUPT_DELAY); 412 413 /* A channel once created is persistent even when 414 * there is no driver handling the device. An 415 * unloading driver sets the onchannel_callback to NULL. 416 */ 417 callback_fn = READ_ONCE(channel->onchannel_callback); 418 if (unlikely(!callback_fn)) 419 return; 420 421 (*callback_fn)(channel->channel_callback_context); 422 423 if (channel->callback_mode != HV_CALL_BATCHED) 424 return; 425 426 if (likely(hv_end_read(&channel->inbound) == 0)) 427 return; 428 429 hv_begin_read(&channel->inbound); 430 tasklet_schedule(&channel->callback_event); 431 } 432 433 /* 434 * vmbus_post_msg - Send a msg on the vmbus's message connection 435 */ 436 int vmbus_post_msg(void *buffer, size_t buflen, bool can_sleep) 437 { 438 struct vmbus_channel_message_header *hdr; 439 union hv_connection_id conn_id; 440 int ret = 0; 441 int retries = 0; 442 u32 usec = 1; 443 444 conn_id.asu32 = 0; 445 conn_id.u.id = vmbus_connection.msg_conn_id; 446 447 /* 448 * hv_post_message() can have transient failures because of 449 * insufficient resources. Retry the operation a couple of 450 * times before giving up. 451 */ 452 while (retries < 100) { 453 ret = hv_post_message(conn_id, 1, buffer, buflen); 454 455 switch (ret) { 456 case HV_STATUS_INVALID_CONNECTION_ID: 457 /* 458 * See vmbus_negotiate_version(): VMBus protocol 5.0 459 * and higher require that we must use 460 * VMBUS_MESSAGE_CONNECTION_ID_4 for the Initiate 461 * Contact message, but on old hosts that only 462 * support VMBus protocol 4.0 or lower, here we get 463 * HV_STATUS_INVALID_CONNECTION_ID and we should 464 * return an error immediately without retrying. 465 */ 466 hdr = buffer; 467 if (hdr->msgtype == CHANNELMSG_INITIATE_CONTACT) 468 return -EINVAL; 469 /* 470 * We could get this if we send messages too 471 * frequently. 472 */ 473 ret = -EAGAIN; 474 break; 475 case HV_STATUS_INSUFFICIENT_MEMORY: 476 case HV_STATUS_INSUFFICIENT_BUFFERS: 477 ret = -ENOBUFS; 478 break; 479 case HV_STATUS_SUCCESS: 480 return ret; 481 default: 482 pr_err("hv_post_msg() failed; error code:%d\n", ret); 483 return -EINVAL; 484 } 485 486 retries++; 487 if (can_sleep && usec > 1000) 488 msleep(usec / 1000); 489 else if (usec < MAX_UDELAY_MS * 1000) 490 udelay(usec); 491 else 492 mdelay(usec / 1000); 493 494 if (retries < 22) 495 usec *= 2; 496 } 497 return ret; 498 } 499 500 /* 501 * vmbus_set_event - Send an event notification to the parent 502 */ 503 void vmbus_set_event(struct vmbus_channel *channel) 504 { 505 u32 child_relid = channel->offermsg.child_relid; 506 507 if (!channel->is_dedicated_interrupt) 508 vmbus_send_interrupt(child_relid); 509 510 ++channel->sig_events; 511 512 if (ms_hyperv.paravisor_present) { 513 if (hv_isolation_type_snp()) 514 hv_ghcb_hypercall(HVCALL_SIGNAL_EVENT, &channel->sig_event, 515 NULL, sizeof(channel->sig_event)); 516 else if (hv_isolation_type_tdx()) 517 hv_tdx_hypercall(HVCALL_SIGNAL_EVENT | HV_HYPERCALL_FAST_BIT, 518 channel->sig_event, 0); 519 else 520 WARN_ON_ONCE(1); 521 } else { 522 u64 control = HVCALL_SIGNAL_EVENT; 523 524 control |= hv_nested ? HV_HYPERCALL_NESTED : 0; 525 hv_do_fast_hypercall8(control, channel->sig_event); 526 } 527 } 528 EXPORT_SYMBOL_GPL(vmbus_set_event); 529