1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * IBM Power Systems Virtual Management Channel Support.
4 *
5 * Copyright (c) 2004, 2018 IBM Corp.
6 * Dave Engebretsen engebret@us.ibm.com
7 * Steven Royer seroyer@linux.vnet.ibm.com
8 * Adam Reznechek adreznec@linux.vnet.ibm.com
9 * Bryant G. Ly <bryantly@linux.vnet.ibm.com>
10 */
11
12 #include <linux/module.h>
13 #include <linux/kernel.h>
14 #include <linux/kthread.h>
15 #include <linux/major.h>
16 #include <linux/string.h>
17 #include <linux/fcntl.h>
18 #include <linux/slab.h>
19 #include <linux/poll.h>
20 #include <linux/init.h>
21 #include <linux/fs.h>
22 #include <linux/interrupt.h>
23 #include <linux/spinlock.h>
24 #include <linux/percpu.h>
25 #include <linux/delay.h>
26 #include <linux/uaccess.h>
27 #include <linux/io.h>
28 #include <linux/miscdevice.h>
29 #include <linux/sched/signal.h>
30
31 #include <asm/byteorder.h>
32 #include <asm/irq.h>
33 #include <asm/vio.h>
34
35 #include "ibmvmc.h"
36
37 #define IBMVMC_DRIVER_VERSION "1.0"
38
39 /*
40 * Static global variables
41 */
42 static DECLARE_WAIT_QUEUE_HEAD(ibmvmc_read_wait);
43
44 static const char ibmvmc_driver_name[] = "ibmvmc";
45
46 static struct ibmvmc_struct ibmvmc;
47 static struct ibmvmc_hmc hmcs[MAX_HMCS];
48 static struct crq_server_adapter ibmvmc_adapter;
49
50 static int ibmvmc_max_buf_pool_size = DEFAULT_BUF_POOL_SIZE;
51 static int ibmvmc_max_hmcs = DEFAULT_HMCS;
52 static int ibmvmc_max_mtu = DEFAULT_MTU;
53
h_copy_rdma(s64 length,u64 sliobn,u64 slioba,u64 dliobn,u64 dlioba)54 static inline long h_copy_rdma(s64 length, u64 sliobn, u64 slioba,
55 u64 dliobn, u64 dlioba)
56 {
57 long rc = 0;
58
59 /* Ensure all writes to source memory are visible before hcall */
60 dma_wmb();
61 pr_debug("ibmvmc: h_copy_rdma(0x%llx, 0x%llx, 0x%llx, 0x%llx, 0x%llx\n",
62 length, sliobn, slioba, dliobn, dlioba);
63 rc = plpar_hcall_norets(H_COPY_RDMA, length, sliobn, slioba,
64 dliobn, dlioba);
65 pr_debug("ibmvmc: h_copy_rdma rc = 0x%lx\n", rc);
66
67 return rc;
68 }
69
h_free_crq(uint32_t unit_address)70 static inline void h_free_crq(uint32_t unit_address)
71 {
72 long rc = 0;
73
74 do {
75 if (H_IS_LONG_BUSY(rc))
76 msleep(get_longbusy_msecs(rc));
77
78 rc = plpar_hcall_norets(H_FREE_CRQ, unit_address);
79 } while ((rc == H_BUSY) || (H_IS_LONG_BUSY(rc)));
80 }
81
82 /**
83 * h_request_vmc: - request a hypervisor virtual management channel device
84 * @vmc_index: drc index of the vmc device created
85 *
86 * Requests the hypervisor create a new virtual management channel device,
87 * allowing this partition to send hypervisor virtualization control
88 * commands.
89 *
90 * Return:
91 * 0 - Success
92 * Non-zero - Failure
93 */
h_request_vmc(u32 * vmc_index)94 static inline long h_request_vmc(u32 *vmc_index)
95 {
96 long rc = 0;
97 unsigned long retbuf[PLPAR_HCALL_BUFSIZE];
98
99 do {
100 if (H_IS_LONG_BUSY(rc))
101 msleep(get_longbusy_msecs(rc));
102
103 /* Call to request the VMC device from phyp */
104 rc = plpar_hcall(H_REQUEST_VMC, retbuf);
105 pr_debug("ibmvmc: %s rc = 0x%lx\n", __func__, rc);
106 *vmc_index = retbuf[0];
107 } while ((rc == H_BUSY) || (H_IS_LONG_BUSY(rc)));
108
109 return rc;
110 }
111
112 /* routines for managing a command/response queue */
113 /**
114 * ibmvmc_handle_event: - Interrupt handler for crq events
115 * @irq: number of irq to handle, not used
116 * @dev_instance: crq_server_adapter that received interrupt
117 *
118 * Disables interrupts and schedules ibmvmc_task
119 *
120 * Always returns IRQ_HANDLED
121 */
ibmvmc_handle_event(int irq,void * dev_instance)122 static irqreturn_t ibmvmc_handle_event(int irq, void *dev_instance)
123 {
124 struct crq_server_adapter *adapter =
125 (struct crq_server_adapter *)dev_instance;
126
127 vio_disable_interrupts(to_vio_dev(adapter->dev));
128 tasklet_schedule(&adapter->work_task);
129
130 return IRQ_HANDLED;
131 }
132
133 /**
134 * ibmvmc_release_crq_queue - Release CRQ Queue
135 *
136 * @adapter: crq_server_adapter struct
137 *
138 * Return:
139 * 0 - Success
140 * Non-Zero - Failure
141 */
ibmvmc_release_crq_queue(struct crq_server_adapter * adapter)142 static void ibmvmc_release_crq_queue(struct crq_server_adapter *adapter)
143 {
144 struct vio_dev *vdev = to_vio_dev(adapter->dev);
145 struct crq_queue *queue = &adapter->queue;
146
147 free_irq(vdev->irq, (void *)adapter);
148 tasklet_kill(&adapter->work_task);
149
150 if (adapter->reset_task)
151 kthread_stop(adapter->reset_task);
152
153 h_free_crq(vdev->unit_address);
154 dma_unmap_single(adapter->dev,
155 queue->msg_token,
156 queue->size * sizeof(*queue->msgs), DMA_BIDIRECTIONAL);
157 free_page((unsigned long)queue->msgs);
158 }
159
160 /**
161 * ibmvmc_reset_crq_queue - Reset CRQ Queue
162 *
163 * @adapter: crq_server_adapter struct
164 *
165 * This function calls h_free_crq and then calls H_REG_CRQ and does all the
166 * bookkeeping to get us back to where we can communicate.
167 *
168 * Return:
169 * 0 - Success
170 * Non-Zero - Failure
171 */
ibmvmc_reset_crq_queue(struct crq_server_adapter * adapter)172 static int ibmvmc_reset_crq_queue(struct crq_server_adapter *adapter)
173 {
174 struct vio_dev *vdev = to_vio_dev(adapter->dev);
175 struct crq_queue *queue = &adapter->queue;
176 int rc = 0;
177
178 /* Close the CRQ */
179 h_free_crq(vdev->unit_address);
180
181 /* Clean out the queue */
182 memset(queue->msgs, 0x00, PAGE_SIZE);
183 queue->cur = 0;
184
185 /* And re-open it again */
186 rc = plpar_hcall_norets(H_REG_CRQ,
187 vdev->unit_address,
188 queue->msg_token, PAGE_SIZE);
189 if (rc == 2)
190 /* Adapter is good, but other end is not ready */
191 dev_warn(adapter->dev, "Partner adapter not ready\n");
192 else if (rc != 0)
193 dev_err(adapter->dev, "couldn't register crq--rc 0x%x\n", rc);
194
195 return rc;
196 }
197
198 /**
199 * crq_queue_next_crq: - Returns the next entry in message queue
200 * @queue: crq_queue to use
201 *
202 * Returns pointer to next entry in queue, or NULL if there are no new
203 * entried in the CRQ.
204 */
crq_queue_next_crq(struct crq_queue * queue)205 static struct ibmvmc_crq_msg *crq_queue_next_crq(struct crq_queue *queue)
206 {
207 struct ibmvmc_crq_msg *crq;
208 unsigned long flags;
209
210 spin_lock_irqsave(&queue->lock, flags);
211 crq = &queue->msgs[queue->cur];
212 if (crq->valid & 0x80) {
213 if (++queue->cur == queue->size)
214 queue->cur = 0;
215
216 /* Ensure the read of the valid bit occurs before reading any
217 * other bits of the CRQ entry
218 */
219 dma_rmb();
220 } else {
221 crq = NULL;
222 }
223
224 spin_unlock_irqrestore(&queue->lock, flags);
225
226 return crq;
227 }
228
229 /**
230 * ibmvmc_send_crq - Send CRQ
231 *
232 * @adapter: crq_server_adapter struct
233 * @word1: Word1 Data field
234 * @word2: Word2 Data field
235 *
236 * Return:
237 * 0 - Success
238 * Non-Zero - Failure
239 */
ibmvmc_send_crq(struct crq_server_adapter * adapter,u64 word1,u64 word2)240 static long ibmvmc_send_crq(struct crq_server_adapter *adapter,
241 u64 word1, u64 word2)
242 {
243 struct vio_dev *vdev = to_vio_dev(adapter->dev);
244 long rc = 0;
245
246 dev_dbg(adapter->dev, "(0x%x, 0x%016llx, 0x%016llx)\n",
247 vdev->unit_address, word1, word2);
248
249 /*
250 * Ensure the command buffer is flushed to memory before handing it
251 * over to the other side to prevent it from fetching any stale data.
252 */
253 dma_wmb();
254 rc = plpar_hcall_norets(H_SEND_CRQ, vdev->unit_address, word1, word2);
255 dev_dbg(adapter->dev, "rc = 0x%lx\n", rc);
256
257 return rc;
258 }
259
260 /**
261 * alloc_dma_buffer - Create DMA Buffer
262 *
263 * @vdev: vio_dev struct
264 * @size: Size field
265 * @dma_handle: DMA address field
266 *
267 * Allocates memory for the command queue and maps remote memory into an
268 * ioba.
269 *
270 * Returns a pointer to the buffer
271 */
alloc_dma_buffer(struct vio_dev * vdev,size_t size,dma_addr_t * dma_handle)272 static void *alloc_dma_buffer(struct vio_dev *vdev, size_t size,
273 dma_addr_t *dma_handle)
274 {
275 /* allocate memory */
276 void *buffer = kzalloc(size, GFP_ATOMIC);
277
278 if (!buffer) {
279 *dma_handle = 0;
280 return NULL;
281 }
282
283 /* DMA map */
284 *dma_handle = dma_map_single(&vdev->dev, buffer, size,
285 DMA_BIDIRECTIONAL);
286
287 if (dma_mapping_error(&vdev->dev, *dma_handle)) {
288 *dma_handle = 0;
289 kfree_sensitive(buffer);
290 return NULL;
291 }
292
293 return buffer;
294 }
295
296 /**
297 * free_dma_buffer - Free DMA Buffer
298 *
299 * @vdev: vio_dev struct
300 * @size: Size field
301 * @vaddr: Address field
302 * @dma_handle: DMA address field
303 *
304 * Releases memory for a command queue and unmaps mapped remote memory.
305 */
free_dma_buffer(struct vio_dev * vdev,size_t size,void * vaddr,dma_addr_t dma_handle)306 static void free_dma_buffer(struct vio_dev *vdev, size_t size, void *vaddr,
307 dma_addr_t dma_handle)
308 {
309 /* DMA unmap */
310 dma_unmap_single(&vdev->dev, dma_handle, size, DMA_BIDIRECTIONAL);
311
312 /* deallocate memory */
313 kfree_sensitive(vaddr);
314 }
315
316 /**
317 * ibmvmc_get_valid_hmc_buffer - Retrieve Valid HMC Buffer
318 *
319 * @hmc_index: HMC Index Field
320 *
321 * Return:
322 * Pointer to ibmvmc_buffer
323 */
ibmvmc_get_valid_hmc_buffer(u8 hmc_index)324 static struct ibmvmc_buffer *ibmvmc_get_valid_hmc_buffer(u8 hmc_index)
325 {
326 struct ibmvmc_buffer *buffer;
327 struct ibmvmc_buffer *ret_buf = NULL;
328 unsigned long i;
329
330 if (hmc_index > ibmvmc.max_hmc_index)
331 return NULL;
332
333 buffer = hmcs[hmc_index].buffer;
334
335 for (i = 0; i < ibmvmc_max_buf_pool_size; i++) {
336 if (buffer[i].valid && buffer[i].free &&
337 buffer[i].owner == VMC_BUF_OWNER_ALPHA) {
338 buffer[i].free = 0;
339 ret_buf = &buffer[i];
340 break;
341 }
342 }
343
344 return ret_buf;
345 }
346
347 /**
348 * ibmvmc_get_free_hmc_buffer - Get Free HMC Buffer
349 *
350 * @adapter: crq_server_adapter struct
351 * @hmc_index: Hmc Index field
352 *
353 * Return:
354 * Pointer to ibmvmc_buffer
355 */
ibmvmc_get_free_hmc_buffer(struct crq_server_adapter * adapter,u8 hmc_index)356 static struct ibmvmc_buffer *ibmvmc_get_free_hmc_buffer(struct crq_server_adapter *adapter,
357 u8 hmc_index)
358 {
359 struct ibmvmc_buffer *buffer;
360 struct ibmvmc_buffer *ret_buf = NULL;
361 unsigned long i;
362
363 if (hmc_index > ibmvmc.max_hmc_index) {
364 dev_info(adapter->dev, "get_free_hmc_buffer: invalid hmc_index=0x%x\n",
365 hmc_index);
366 return NULL;
367 }
368
369 buffer = hmcs[hmc_index].buffer;
370
371 for (i = 0; i < ibmvmc_max_buf_pool_size; i++) {
372 if (buffer[i].free &&
373 buffer[i].owner == VMC_BUF_OWNER_ALPHA) {
374 buffer[i].free = 0;
375 ret_buf = &buffer[i];
376 break;
377 }
378 }
379
380 return ret_buf;
381 }
382
383 /**
384 * ibmvmc_free_hmc_buffer - Free an HMC Buffer
385 *
386 * @hmc: ibmvmc_hmc struct
387 * @buffer: ibmvmc_buffer struct
388 *
389 */
ibmvmc_free_hmc_buffer(struct ibmvmc_hmc * hmc,struct ibmvmc_buffer * buffer)390 static void ibmvmc_free_hmc_buffer(struct ibmvmc_hmc *hmc,
391 struct ibmvmc_buffer *buffer)
392 {
393 unsigned long flags;
394
395 spin_lock_irqsave(&hmc->lock, flags);
396 buffer->free = 1;
397 spin_unlock_irqrestore(&hmc->lock, flags);
398 }
399
400 /**
401 * ibmvmc_count_hmc_buffers - Count HMC Buffers
402 *
403 * @hmc_index: HMC Index field
404 * @valid: Valid number of buffers field
405 * @free: Free number of buffers field
406 *
407 */
ibmvmc_count_hmc_buffers(u8 hmc_index,unsigned int * valid,unsigned int * free)408 static void ibmvmc_count_hmc_buffers(u8 hmc_index, unsigned int *valid,
409 unsigned int *free)
410 {
411 struct ibmvmc_buffer *buffer;
412 unsigned long i;
413 unsigned long flags;
414
415 if (hmc_index > ibmvmc.max_hmc_index)
416 return;
417
418 if (!valid || !free)
419 return;
420
421 *valid = 0; *free = 0;
422
423 buffer = hmcs[hmc_index].buffer;
424 spin_lock_irqsave(&hmcs[hmc_index].lock, flags);
425
426 for (i = 0; i < ibmvmc_max_buf_pool_size; i++) {
427 if (buffer[i].valid) {
428 *valid = *valid + 1;
429 if (buffer[i].free)
430 *free = *free + 1;
431 }
432 }
433
434 spin_unlock_irqrestore(&hmcs[hmc_index].lock, flags);
435 }
436
437 /**
438 * ibmvmc_get_free_hmc - Get Free HMC
439 *
440 * Return:
441 * Pointer to an available HMC Connection
442 * Null otherwise
443 */
ibmvmc_get_free_hmc(void)444 static struct ibmvmc_hmc *ibmvmc_get_free_hmc(void)
445 {
446 unsigned long i;
447 unsigned long flags;
448
449 /*
450 * Find an available HMC connection.
451 */
452 for (i = 0; i <= ibmvmc.max_hmc_index; i++) {
453 spin_lock_irqsave(&hmcs[i].lock, flags);
454 if (hmcs[i].state == ibmhmc_state_free) {
455 hmcs[i].index = i;
456 hmcs[i].state = ibmhmc_state_initial;
457 spin_unlock_irqrestore(&hmcs[i].lock, flags);
458 return &hmcs[i];
459 }
460 spin_unlock_irqrestore(&hmcs[i].lock, flags);
461 }
462
463 return NULL;
464 }
465
466 /**
467 * ibmvmc_return_hmc - Return an HMC Connection
468 *
469 * @hmc: ibmvmc_hmc struct
470 * @release_readers: Number of readers connected to session
471 *
472 * This function releases the HMC connections back into the pool.
473 *
474 * Return:
475 * 0 - Success
476 * Non-zero - Failure
477 */
ibmvmc_return_hmc(struct ibmvmc_hmc * hmc,bool release_readers)478 static int ibmvmc_return_hmc(struct ibmvmc_hmc *hmc, bool release_readers)
479 {
480 struct ibmvmc_buffer *buffer;
481 struct crq_server_adapter *adapter;
482 struct vio_dev *vdev;
483 unsigned long i;
484 unsigned long flags;
485
486 if (!hmc || !hmc->adapter)
487 return -EIO;
488
489 if (release_readers) {
490 if (hmc->file_session) {
491 struct ibmvmc_file_session *session = hmc->file_session;
492
493 session->valid = 0;
494 wake_up_interruptible(&ibmvmc_read_wait);
495 }
496 }
497
498 adapter = hmc->adapter;
499 vdev = to_vio_dev(adapter->dev);
500
501 spin_lock_irqsave(&hmc->lock, flags);
502 hmc->index = 0;
503 hmc->state = ibmhmc_state_free;
504 hmc->queue_head = 0;
505 hmc->queue_tail = 0;
506 buffer = hmc->buffer;
507 for (i = 0; i < ibmvmc_max_buf_pool_size; i++) {
508 if (buffer[i].valid) {
509 free_dma_buffer(vdev,
510 ibmvmc.max_mtu,
511 buffer[i].real_addr_local,
512 buffer[i].dma_addr_local);
513 dev_dbg(adapter->dev, "Forgot buffer id 0x%lx\n", i);
514 }
515 memset(&buffer[i], 0, sizeof(struct ibmvmc_buffer));
516
517 hmc->queue_outbound_msgs[i] = VMC_INVALID_BUFFER_ID;
518 }
519
520 spin_unlock_irqrestore(&hmc->lock, flags);
521
522 return 0;
523 }
524
525 /**
526 * ibmvmc_send_open - Interface Open
527 * @buffer: Pointer to ibmvmc_buffer struct
528 * @hmc: Pointer to ibmvmc_hmc struct
529 *
530 * This command is sent by the management partition as the result of a
531 * management partition device request. It causes the hypervisor to
532 * prepare a set of data buffers for the management application connection
533 * indicated HMC idx. A unique HMC Idx would be used if multiple management
534 * applications running concurrently were desired. Before responding to this
535 * command, the hypervisor must provide the management partition with at
536 * least one of these new buffers via the Add Buffer. This indicates whether
537 * the messages are inbound or outbound from the hypervisor.
538 *
539 * Return:
540 * 0 - Success
541 * Non-zero - Failure
542 */
ibmvmc_send_open(struct ibmvmc_buffer * buffer,struct ibmvmc_hmc * hmc)543 static int ibmvmc_send_open(struct ibmvmc_buffer *buffer,
544 struct ibmvmc_hmc *hmc)
545 {
546 struct ibmvmc_crq_msg crq_msg;
547 struct crq_server_adapter *adapter;
548 __be64 *crq_as_u64 = (__be64 *)&crq_msg;
549 int rc = 0;
550
551 if (!hmc || !hmc->adapter)
552 return -EIO;
553
554 adapter = hmc->adapter;
555
556 dev_dbg(adapter->dev, "send_open: 0x%lx 0x%lx 0x%lx 0x%lx 0x%lx\n",
557 (unsigned long)buffer->size, (unsigned long)adapter->liobn,
558 (unsigned long)buffer->dma_addr_local,
559 (unsigned long)adapter->riobn,
560 (unsigned long)buffer->dma_addr_remote);
561
562 rc = h_copy_rdma(buffer->size,
563 adapter->liobn,
564 buffer->dma_addr_local,
565 adapter->riobn,
566 buffer->dma_addr_remote);
567 if (rc) {
568 dev_err(adapter->dev, "Error: In send_open, h_copy_rdma rc 0x%x\n",
569 rc);
570 return -EIO;
571 }
572
573 hmc->state = ibmhmc_state_opening;
574
575 crq_msg.valid = 0x80;
576 crq_msg.type = VMC_MSG_OPEN;
577 crq_msg.status = 0;
578 crq_msg.var1.rsvd = 0;
579 crq_msg.hmc_session = hmc->session;
580 crq_msg.hmc_index = hmc->index;
581 crq_msg.var2.buffer_id = cpu_to_be16(buffer->id);
582 crq_msg.rsvd = 0;
583 crq_msg.var3.rsvd = 0;
584
585 ibmvmc_send_crq(adapter, be64_to_cpu(crq_as_u64[0]),
586 be64_to_cpu(crq_as_u64[1]));
587
588 return rc;
589 }
590
591 /**
592 * ibmvmc_send_close - Interface Close
593 * @hmc: Pointer to ibmvmc_hmc struct
594 *
595 * This command is sent by the management partition to terminate a
596 * management application to hypervisor connection. When this command is
597 * sent, the management partition has quiesced all I/O operations to all
598 * buffers associated with this management application connection, and
599 * has freed any storage for these buffers.
600 *
601 * Return:
602 * 0 - Success
603 * Non-zero - Failure
604 */
ibmvmc_send_close(struct ibmvmc_hmc * hmc)605 static int ibmvmc_send_close(struct ibmvmc_hmc *hmc)
606 {
607 struct ibmvmc_crq_msg crq_msg;
608 struct crq_server_adapter *adapter;
609 __be64 *crq_as_u64 = (__be64 *)&crq_msg;
610 int rc = 0;
611
612 if (!hmc || !hmc->adapter)
613 return -EIO;
614
615 adapter = hmc->adapter;
616
617 dev_info(adapter->dev, "CRQ send: close\n");
618
619 crq_msg.valid = 0x80;
620 crq_msg.type = VMC_MSG_CLOSE;
621 crq_msg.status = 0;
622 crq_msg.var1.rsvd = 0;
623 crq_msg.hmc_session = hmc->session;
624 crq_msg.hmc_index = hmc->index;
625 crq_msg.var2.rsvd = 0;
626 crq_msg.rsvd = 0;
627 crq_msg.var3.rsvd = 0;
628
629 ibmvmc_send_crq(adapter, be64_to_cpu(crq_as_u64[0]),
630 be64_to_cpu(crq_as_u64[1]));
631
632 return rc;
633 }
634
635 /**
636 * ibmvmc_send_capabilities - Send VMC Capabilities
637 *
638 * @adapter: crq_server_adapter struct
639 *
640 * The capabilities message is an administrative message sent after the CRQ
641 * initialization sequence of messages and is used to exchange VMC capabilities
642 * between the management partition and the hypervisor. The management
643 * partition must send this message and the hypervisor must respond with VMC
644 * capabilities Response message before HMC interface message can begin. Any
645 * HMC interface messages received before the exchange of capabilities has
646 * complete are dropped.
647 *
648 * Return:
649 * 0 - Success
650 */
ibmvmc_send_capabilities(struct crq_server_adapter * adapter)651 static int ibmvmc_send_capabilities(struct crq_server_adapter *adapter)
652 {
653 struct ibmvmc_admin_crq_msg crq_msg;
654 __be64 *crq_as_u64 = (__be64 *)&crq_msg;
655
656 dev_dbg(adapter->dev, "ibmvmc: CRQ send: capabilities\n");
657 crq_msg.valid = 0x80;
658 crq_msg.type = VMC_MSG_CAP;
659 crq_msg.status = 0;
660 crq_msg.rsvd[0] = 0;
661 crq_msg.rsvd[1] = 0;
662 crq_msg.max_hmc = ibmvmc_max_hmcs;
663 crq_msg.max_mtu = cpu_to_be32(ibmvmc_max_mtu);
664 crq_msg.pool_size = cpu_to_be16(ibmvmc_max_buf_pool_size);
665 crq_msg.crq_size = cpu_to_be16(adapter->queue.size);
666 crq_msg.version = cpu_to_be16(IBMVMC_PROTOCOL_VERSION);
667
668 ibmvmc_send_crq(adapter, be64_to_cpu(crq_as_u64[0]),
669 be64_to_cpu(crq_as_u64[1]));
670
671 ibmvmc.state = ibmvmc_state_capabilities;
672
673 return 0;
674 }
675
676 /**
677 * ibmvmc_send_add_buffer_resp - Add Buffer Response
678 *
679 * @adapter: crq_server_adapter struct
680 * @status: Status field
681 * @hmc_session: HMC Session field
682 * @hmc_index: HMC Index field
683 * @buffer_id: Buffer Id field
684 *
685 * This command is sent by the management partition to the hypervisor in
686 * response to the Add Buffer message. The Status field indicates the result of
687 * the command.
688 *
689 * Return:
690 * 0 - Success
691 */
ibmvmc_send_add_buffer_resp(struct crq_server_adapter * adapter,u8 status,u8 hmc_session,u8 hmc_index,u16 buffer_id)692 static int ibmvmc_send_add_buffer_resp(struct crq_server_adapter *adapter,
693 u8 status, u8 hmc_session,
694 u8 hmc_index, u16 buffer_id)
695 {
696 struct ibmvmc_crq_msg crq_msg;
697 __be64 *crq_as_u64 = (__be64 *)&crq_msg;
698
699 dev_dbg(adapter->dev, "CRQ send: add_buffer_resp\n");
700 crq_msg.valid = 0x80;
701 crq_msg.type = VMC_MSG_ADD_BUF_RESP;
702 crq_msg.status = status;
703 crq_msg.var1.rsvd = 0;
704 crq_msg.hmc_session = hmc_session;
705 crq_msg.hmc_index = hmc_index;
706 crq_msg.var2.buffer_id = cpu_to_be16(buffer_id);
707 crq_msg.rsvd = 0;
708 crq_msg.var3.rsvd = 0;
709
710 ibmvmc_send_crq(adapter, be64_to_cpu(crq_as_u64[0]),
711 be64_to_cpu(crq_as_u64[1]));
712
713 return 0;
714 }
715
716 /**
717 * ibmvmc_send_rem_buffer_resp - Remove Buffer Response
718 *
719 * @adapter: crq_server_adapter struct
720 * @status: Status field
721 * @hmc_session: HMC Session field
722 * @hmc_index: HMC Index field
723 * @buffer_id: Buffer Id field
724 *
725 * This command is sent by the management partition to the hypervisor in
726 * response to the Remove Buffer message. The Buffer ID field indicates
727 * which buffer the management partition selected to remove. The Status
728 * field indicates the result of the command.
729 *
730 * Return:
731 * 0 - Success
732 */
ibmvmc_send_rem_buffer_resp(struct crq_server_adapter * adapter,u8 status,u8 hmc_session,u8 hmc_index,u16 buffer_id)733 static int ibmvmc_send_rem_buffer_resp(struct crq_server_adapter *adapter,
734 u8 status, u8 hmc_session,
735 u8 hmc_index, u16 buffer_id)
736 {
737 struct ibmvmc_crq_msg crq_msg;
738 __be64 *crq_as_u64 = (__be64 *)&crq_msg;
739
740 dev_dbg(adapter->dev, "CRQ send: rem_buffer_resp\n");
741 crq_msg.valid = 0x80;
742 crq_msg.type = VMC_MSG_REM_BUF_RESP;
743 crq_msg.status = status;
744 crq_msg.var1.rsvd = 0;
745 crq_msg.hmc_session = hmc_session;
746 crq_msg.hmc_index = hmc_index;
747 crq_msg.var2.buffer_id = cpu_to_be16(buffer_id);
748 crq_msg.rsvd = 0;
749 crq_msg.var3.rsvd = 0;
750
751 ibmvmc_send_crq(adapter, be64_to_cpu(crq_as_u64[0]),
752 be64_to_cpu(crq_as_u64[1]));
753
754 return 0;
755 }
756
757 /**
758 * ibmvmc_send_msg - Signal Message
759 *
760 * @adapter: crq_server_adapter struct
761 * @buffer: ibmvmc_buffer struct
762 * @hmc: ibmvmc_hmc struct
763 * @msg_len: message length field
764 *
765 * This command is sent between the management partition and the hypervisor
766 * in order to signal the arrival of an HMC protocol message. The command
767 * can be sent by both the management partition and the hypervisor. It is
768 * used for all traffic between the management application and the hypervisor,
769 * regardless of who initiated the communication.
770 *
771 * There is no response to this message.
772 *
773 * Return:
774 * 0 - Success
775 * Non-zero - Failure
776 */
ibmvmc_send_msg(struct crq_server_adapter * adapter,struct ibmvmc_buffer * buffer,struct ibmvmc_hmc * hmc,int msg_len)777 static int ibmvmc_send_msg(struct crq_server_adapter *adapter,
778 struct ibmvmc_buffer *buffer,
779 struct ibmvmc_hmc *hmc, int msg_len)
780 {
781 struct ibmvmc_crq_msg crq_msg;
782 __be64 *crq_as_u64 = (__be64 *)&crq_msg;
783 int rc = 0;
784
785 dev_dbg(adapter->dev, "CRQ send: rdma to HV\n");
786 rc = h_copy_rdma(msg_len,
787 adapter->liobn,
788 buffer->dma_addr_local,
789 adapter->riobn,
790 buffer->dma_addr_remote);
791 if (rc) {
792 dev_err(adapter->dev, "Error in send_msg, h_copy_rdma rc 0x%x\n",
793 rc);
794 return rc;
795 }
796
797 crq_msg.valid = 0x80;
798 crq_msg.type = VMC_MSG_SIGNAL;
799 crq_msg.status = 0;
800 crq_msg.var1.rsvd = 0;
801 crq_msg.hmc_session = hmc->session;
802 crq_msg.hmc_index = hmc->index;
803 crq_msg.var2.buffer_id = cpu_to_be16(buffer->id);
804 crq_msg.var3.msg_len = cpu_to_be32(msg_len);
805 dev_dbg(adapter->dev, "CRQ send: msg to HV 0x%llx 0x%llx\n",
806 be64_to_cpu(crq_as_u64[0]), be64_to_cpu(crq_as_u64[1]));
807
808 buffer->owner = VMC_BUF_OWNER_HV;
809 ibmvmc_send_crq(adapter, be64_to_cpu(crq_as_u64[0]),
810 be64_to_cpu(crq_as_u64[1]));
811
812 return rc;
813 }
814
815 /**
816 * ibmvmc_open - Open Session
817 *
818 * @inode: inode struct
819 * @file: file struct
820 *
821 * Return:
822 * 0 - Success
823 * Non-zero - Failure
824 */
ibmvmc_open(struct inode * inode,struct file * file)825 static int ibmvmc_open(struct inode *inode, struct file *file)
826 {
827 struct ibmvmc_file_session *session;
828
829 pr_debug("%s: inode = 0x%lx, file = 0x%lx, state = 0x%x\n", __func__,
830 (unsigned long)inode, (unsigned long)file,
831 ibmvmc.state);
832
833 session = kzalloc(sizeof(*session), GFP_KERNEL);
834 if (!session)
835 return -ENOMEM;
836
837 session->file = file;
838 file->private_data = session;
839
840 return 0;
841 }
842
843 /**
844 * ibmvmc_close - Close Session
845 *
846 * @inode: inode struct
847 * @file: file struct
848 *
849 * Return:
850 * 0 - Success
851 * Non-zero - Failure
852 */
ibmvmc_close(struct inode * inode,struct file * file)853 static int ibmvmc_close(struct inode *inode, struct file *file)
854 {
855 struct ibmvmc_file_session *session;
856 struct ibmvmc_hmc *hmc;
857 int rc = 0;
858 unsigned long flags;
859
860 pr_debug("%s: file = 0x%lx, state = 0x%x\n", __func__,
861 (unsigned long)file, ibmvmc.state);
862
863 session = file->private_data;
864 if (!session)
865 return -EIO;
866
867 hmc = session->hmc;
868 if (hmc) {
869 if (!hmc->adapter)
870 return -EIO;
871
872 if (ibmvmc.state == ibmvmc_state_failed) {
873 dev_warn(hmc->adapter->dev, "close: state_failed\n");
874 return -EIO;
875 }
876
877 spin_lock_irqsave(&hmc->lock, flags);
878 if (hmc->state >= ibmhmc_state_opening) {
879 rc = ibmvmc_send_close(hmc);
880 if (rc)
881 dev_warn(hmc->adapter->dev, "close: send_close failed.\n");
882 }
883 spin_unlock_irqrestore(&hmc->lock, flags);
884 }
885
886 kfree_sensitive(session);
887
888 return rc;
889 }
890
891 /**
892 * ibmvmc_read - Read
893 *
894 * @file: file struct
895 * @buf: Character buffer
896 * @nbytes: Size in bytes
897 * @ppos: Offset
898 *
899 * Return:
900 * 0 - Success
901 * Non-zero - Failure
902 */
ibmvmc_read(struct file * file,char * buf,size_t nbytes,loff_t * ppos)903 static ssize_t ibmvmc_read(struct file *file, char *buf, size_t nbytes,
904 loff_t *ppos)
905 {
906 struct ibmvmc_file_session *session;
907 struct ibmvmc_hmc *hmc;
908 struct crq_server_adapter *adapter;
909 struct ibmvmc_buffer *buffer;
910 ssize_t n;
911 ssize_t retval = 0;
912 unsigned long flags;
913 DEFINE_WAIT(wait);
914
915 pr_debug("ibmvmc: read: file = 0x%lx, buf = 0x%lx, nbytes = 0x%lx\n",
916 (unsigned long)file, (unsigned long)buf,
917 (unsigned long)nbytes);
918
919 if (nbytes == 0)
920 return 0;
921
922 if (nbytes > ibmvmc.max_mtu) {
923 pr_warn("ibmvmc: read: nbytes invalid 0x%x\n",
924 (unsigned int)nbytes);
925 return -EINVAL;
926 }
927
928 session = file->private_data;
929 if (!session) {
930 pr_warn("ibmvmc: read: no session\n");
931 return -EIO;
932 }
933
934 hmc = session->hmc;
935 if (!hmc) {
936 pr_warn("ibmvmc: read: no hmc\n");
937 return -EIO;
938 }
939
940 adapter = hmc->adapter;
941 if (!adapter) {
942 pr_warn("ibmvmc: read: no adapter\n");
943 return -EIO;
944 }
945
946 do {
947 prepare_to_wait(&ibmvmc_read_wait, &wait, TASK_INTERRUPTIBLE);
948
949 spin_lock_irqsave(&hmc->lock, flags);
950 if (hmc->queue_tail != hmc->queue_head)
951 /* Data is available */
952 break;
953
954 spin_unlock_irqrestore(&hmc->lock, flags);
955
956 if (!session->valid) {
957 retval = -EBADFD;
958 goto out;
959 }
960 if (file->f_flags & O_NONBLOCK) {
961 retval = -EAGAIN;
962 goto out;
963 }
964
965 schedule();
966
967 if (signal_pending(current)) {
968 retval = -ERESTARTSYS;
969 goto out;
970 }
971 } while (1);
972
973 buffer = &(hmc->buffer[hmc->queue_outbound_msgs[hmc->queue_tail]]);
974 hmc->queue_tail++;
975 if (hmc->queue_tail == ibmvmc_max_buf_pool_size)
976 hmc->queue_tail = 0;
977 spin_unlock_irqrestore(&hmc->lock, flags);
978
979 nbytes = min_t(size_t, nbytes, buffer->msg_len);
980 n = copy_to_user((void *)buf, buffer->real_addr_local, nbytes);
981 dev_dbg(adapter->dev, "read: copy to user nbytes = 0x%lx.\n", nbytes);
982 ibmvmc_free_hmc_buffer(hmc, buffer);
983 retval = nbytes;
984
985 if (n) {
986 dev_warn(adapter->dev, "read: copy to user failed.\n");
987 retval = -EFAULT;
988 }
989
990 out:
991 finish_wait(&ibmvmc_read_wait, &wait);
992 dev_dbg(adapter->dev, "read: out %ld\n", retval);
993 return retval;
994 }
995
996 /**
997 * ibmvmc_poll - Poll
998 *
999 * @file: file struct
1000 * @wait: Poll Table
1001 *
1002 * Return:
1003 * poll.h return values
1004 */
ibmvmc_poll(struct file * file,poll_table * wait)1005 static unsigned int ibmvmc_poll(struct file *file, poll_table *wait)
1006 {
1007 struct ibmvmc_file_session *session;
1008 struct ibmvmc_hmc *hmc;
1009 unsigned int mask = 0;
1010
1011 session = file->private_data;
1012 if (!session)
1013 return 0;
1014
1015 hmc = session->hmc;
1016 if (!hmc)
1017 return 0;
1018
1019 poll_wait(file, &ibmvmc_read_wait, wait);
1020
1021 if (hmc->queue_head != hmc->queue_tail)
1022 mask |= POLLIN | POLLRDNORM;
1023
1024 return mask;
1025 }
1026
1027 /**
1028 * ibmvmc_write - Write
1029 *
1030 * @file: file struct
1031 * @buffer: Character buffer
1032 * @count: Count field
1033 * @ppos: Offset
1034 *
1035 * Return:
1036 * 0 - Success
1037 * Non-zero - Failure
1038 */
ibmvmc_write(struct file * file,const char * buffer,size_t count,loff_t * ppos)1039 static ssize_t ibmvmc_write(struct file *file, const char *buffer,
1040 size_t count, loff_t *ppos)
1041 {
1042 struct inode *inode;
1043 struct ibmvmc_buffer *vmc_buffer;
1044 struct ibmvmc_file_session *session;
1045 struct crq_server_adapter *adapter;
1046 struct ibmvmc_hmc *hmc;
1047 unsigned char *buf;
1048 unsigned long flags;
1049 size_t bytes;
1050 const char *p = buffer;
1051 size_t c = count;
1052 int ret = 0;
1053
1054 session = file->private_data;
1055 if (!session)
1056 return -EIO;
1057
1058 hmc = session->hmc;
1059 if (!hmc)
1060 return -EIO;
1061
1062 spin_lock_irqsave(&hmc->lock, flags);
1063 if (hmc->state == ibmhmc_state_free) {
1064 /* HMC connection is not valid (possibly was reset under us). */
1065 ret = -EIO;
1066 goto out;
1067 }
1068
1069 adapter = hmc->adapter;
1070 if (!adapter) {
1071 ret = -EIO;
1072 goto out;
1073 }
1074
1075 if (count > ibmvmc.max_mtu) {
1076 dev_warn(adapter->dev, "invalid buffer size 0x%lx\n",
1077 (unsigned long)count);
1078 ret = -EIO;
1079 goto out;
1080 }
1081
1082 /* Waiting for the open resp message to the ioctl(1) - retry */
1083 if (hmc->state == ibmhmc_state_opening) {
1084 ret = -EBUSY;
1085 goto out;
1086 }
1087
1088 /* Make sure the ioctl() was called & the open msg sent, and that
1089 * the HMC connection has not failed.
1090 */
1091 if (hmc->state != ibmhmc_state_ready) {
1092 ret = -EIO;
1093 goto out;
1094 }
1095
1096 vmc_buffer = ibmvmc_get_valid_hmc_buffer(hmc->index);
1097 if (!vmc_buffer) {
1098 /* No buffer available for the msg send, or we have not yet
1099 * completed the open/open_resp sequence. Retry until this is
1100 * complete.
1101 */
1102 ret = -EBUSY;
1103 goto out;
1104 }
1105 if (!vmc_buffer->real_addr_local) {
1106 dev_err(adapter->dev, "no buffer storage assigned\n");
1107 ret = -EIO;
1108 goto out;
1109 }
1110 buf = vmc_buffer->real_addr_local;
1111
1112 while (c > 0) {
1113 bytes = min_t(size_t, c, vmc_buffer->size);
1114
1115 bytes -= copy_from_user(buf, p, bytes);
1116 if (!bytes) {
1117 ret = -EFAULT;
1118 goto out;
1119 }
1120 c -= bytes;
1121 p += bytes;
1122 }
1123 if (p == buffer)
1124 goto out;
1125
1126 inode = file_inode(file);
1127 inode->i_mtime = inode_set_ctime_current(inode);
1128 mark_inode_dirty(inode);
1129
1130 dev_dbg(adapter->dev, "write: file = 0x%lx, count = 0x%lx\n",
1131 (unsigned long)file, (unsigned long)count);
1132
1133 ibmvmc_send_msg(adapter, vmc_buffer, hmc, count);
1134 ret = p - buffer;
1135 out:
1136 spin_unlock_irqrestore(&hmc->lock, flags);
1137 return (ssize_t)(ret);
1138 }
1139
1140 /**
1141 * ibmvmc_setup_hmc - Setup the HMC
1142 *
1143 * @session: ibmvmc_file_session struct
1144 *
1145 * Return:
1146 * 0 - Success
1147 * Non-zero - Failure
1148 */
ibmvmc_setup_hmc(struct ibmvmc_file_session * session)1149 static long ibmvmc_setup_hmc(struct ibmvmc_file_session *session)
1150 {
1151 struct ibmvmc_hmc *hmc;
1152 unsigned int valid, free, index;
1153
1154 if (ibmvmc.state == ibmvmc_state_failed) {
1155 pr_warn("ibmvmc: Reserve HMC: state_failed\n");
1156 return -EIO;
1157 }
1158
1159 if (ibmvmc.state < ibmvmc_state_ready) {
1160 pr_warn("ibmvmc: Reserve HMC: not state_ready\n");
1161 return -EAGAIN;
1162 }
1163
1164 /* Device is busy until capabilities have been exchanged and we
1165 * have a generic buffer for each possible HMC connection.
1166 */
1167 for (index = 0; index <= ibmvmc.max_hmc_index; index++) {
1168 valid = 0;
1169 ibmvmc_count_hmc_buffers(index, &valid, &free);
1170 if (valid == 0) {
1171 pr_warn("ibmvmc: buffers not ready for index %d\n",
1172 index);
1173 return -ENOBUFS;
1174 }
1175 }
1176
1177 /* Get an hmc object, and transition to ibmhmc_state_initial */
1178 hmc = ibmvmc_get_free_hmc();
1179 if (!hmc) {
1180 pr_warn("%s: free hmc not found\n", __func__);
1181 return -EBUSY;
1182 }
1183
1184 hmc->session = hmc->session + 1;
1185 if (hmc->session == 0xff)
1186 hmc->session = 1;
1187
1188 session->hmc = hmc;
1189 hmc->adapter = &ibmvmc_adapter;
1190 hmc->file_session = session;
1191 session->valid = 1;
1192
1193 return 0;
1194 }
1195
1196 /**
1197 * ibmvmc_ioctl_sethmcid - IOCTL Set HMC ID
1198 *
1199 * @session: ibmvmc_file_session struct
1200 * @new_hmc_id: HMC id field
1201 *
1202 * IOCTL command to setup the hmc id
1203 *
1204 * Return:
1205 * 0 - Success
1206 * Non-zero - Failure
1207 */
ibmvmc_ioctl_sethmcid(struct ibmvmc_file_session * session,unsigned char __user * new_hmc_id)1208 static long ibmvmc_ioctl_sethmcid(struct ibmvmc_file_session *session,
1209 unsigned char __user *new_hmc_id)
1210 {
1211 struct ibmvmc_hmc *hmc;
1212 struct ibmvmc_buffer *buffer;
1213 size_t bytes;
1214 char print_buffer[HMC_ID_LEN + 1];
1215 unsigned long flags;
1216 long rc = 0;
1217
1218 /* Reserve HMC session */
1219 hmc = session->hmc;
1220 if (!hmc) {
1221 rc = ibmvmc_setup_hmc(session);
1222 if (rc)
1223 return rc;
1224
1225 hmc = session->hmc;
1226 if (!hmc) {
1227 pr_err("ibmvmc: setup_hmc success but no hmc\n");
1228 return -EIO;
1229 }
1230 }
1231
1232 if (hmc->state != ibmhmc_state_initial) {
1233 pr_warn("ibmvmc: sethmcid: invalid state to send open 0x%x\n",
1234 hmc->state);
1235 return -EIO;
1236 }
1237
1238 bytes = copy_from_user(hmc->hmc_id, new_hmc_id, HMC_ID_LEN);
1239 if (bytes)
1240 return -EFAULT;
1241
1242 /* Send Open Session command */
1243 spin_lock_irqsave(&hmc->lock, flags);
1244 buffer = ibmvmc_get_valid_hmc_buffer(hmc->index);
1245 spin_unlock_irqrestore(&hmc->lock, flags);
1246
1247 if (!buffer || !buffer->real_addr_local) {
1248 pr_warn("ibmvmc: sethmcid: no buffer available\n");
1249 return -EIO;
1250 }
1251
1252 /* Make sure buffer is NULL terminated before trying to print it */
1253 memset(print_buffer, 0, HMC_ID_LEN + 1);
1254 strncpy(print_buffer, hmc->hmc_id, HMC_ID_LEN);
1255 pr_info("ibmvmc: sethmcid: Set HMC ID: \"%s\"\n", print_buffer);
1256
1257 memcpy(buffer->real_addr_local, hmc->hmc_id, HMC_ID_LEN);
1258 /* RDMA over ID, send open msg, change state to ibmhmc_state_opening */
1259 rc = ibmvmc_send_open(buffer, hmc);
1260
1261 return rc;
1262 }
1263
1264 /**
1265 * ibmvmc_ioctl_query - IOCTL Query
1266 *
1267 * @session: ibmvmc_file_session struct
1268 * @ret_struct: ibmvmc_query_struct
1269 *
1270 * Return:
1271 * 0 - Success
1272 * Non-zero - Failure
1273 */
ibmvmc_ioctl_query(struct ibmvmc_file_session * session,struct ibmvmc_query_struct __user * ret_struct)1274 static long ibmvmc_ioctl_query(struct ibmvmc_file_session *session,
1275 struct ibmvmc_query_struct __user *ret_struct)
1276 {
1277 struct ibmvmc_query_struct query_struct;
1278 size_t bytes;
1279
1280 memset(&query_struct, 0, sizeof(query_struct));
1281 query_struct.have_vmc = (ibmvmc.state > ibmvmc_state_initial);
1282 query_struct.state = ibmvmc.state;
1283 query_struct.vmc_drc_index = ibmvmc.vmc_drc_index;
1284
1285 bytes = copy_to_user(ret_struct, &query_struct,
1286 sizeof(query_struct));
1287 if (bytes)
1288 return -EFAULT;
1289
1290 return 0;
1291 }
1292
1293 /**
1294 * ibmvmc_ioctl_requestvmc - IOCTL Request VMC
1295 *
1296 * @session: ibmvmc_file_session struct
1297 * @ret_vmc_index: VMC Index
1298 *
1299 * Return:
1300 * 0 - Success
1301 * Non-zero - Failure
1302 */
ibmvmc_ioctl_requestvmc(struct ibmvmc_file_session * session,u32 __user * ret_vmc_index)1303 static long ibmvmc_ioctl_requestvmc(struct ibmvmc_file_session *session,
1304 u32 __user *ret_vmc_index)
1305 {
1306 /* TODO: (adreznec) Add locking to control multiple process access */
1307 size_t bytes;
1308 long rc;
1309 u32 vmc_drc_index;
1310
1311 /* Call to request the VMC device from phyp*/
1312 rc = h_request_vmc(&vmc_drc_index);
1313 pr_debug("ibmvmc: requestvmc: H_REQUEST_VMC rc = 0x%lx\n", rc);
1314
1315 if (rc == H_SUCCESS) {
1316 rc = 0;
1317 } else if (rc == H_FUNCTION) {
1318 pr_err("ibmvmc: requestvmc: h_request_vmc not supported\n");
1319 return -EPERM;
1320 } else if (rc == H_AUTHORITY) {
1321 pr_err("ibmvmc: requestvmc: hypervisor denied vmc request\n");
1322 return -EPERM;
1323 } else if (rc == H_HARDWARE) {
1324 pr_err("ibmvmc: requestvmc: hypervisor hardware fault\n");
1325 return -EIO;
1326 } else if (rc == H_RESOURCE) {
1327 pr_err("ibmvmc: requestvmc: vmc resource unavailable\n");
1328 return -ENODEV;
1329 } else if (rc == H_NOT_AVAILABLE) {
1330 pr_err("ibmvmc: requestvmc: system cannot be vmc managed\n");
1331 return -EPERM;
1332 } else if (rc == H_PARAMETER) {
1333 pr_err("ibmvmc: requestvmc: invalid parameter\n");
1334 return -EINVAL;
1335 }
1336
1337 /* Success, set the vmc index in global struct */
1338 ibmvmc.vmc_drc_index = vmc_drc_index;
1339
1340 bytes = copy_to_user(ret_vmc_index, &vmc_drc_index,
1341 sizeof(*ret_vmc_index));
1342 if (bytes) {
1343 pr_warn("ibmvmc: requestvmc: copy to user failed.\n");
1344 return -EFAULT;
1345 }
1346 return rc;
1347 }
1348
1349 /**
1350 * ibmvmc_ioctl - IOCTL
1351 *
1352 * @file: file information
1353 * @cmd: cmd field
1354 * @arg: Argument field
1355 *
1356 * Return:
1357 * 0 - Success
1358 * Non-zero - Failure
1359 */
ibmvmc_ioctl(struct file * file,unsigned int cmd,unsigned long arg)1360 static long ibmvmc_ioctl(struct file *file,
1361 unsigned int cmd, unsigned long arg)
1362 {
1363 struct ibmvmc_file_session *session = file->private_data;
1364
1365 pr_debug("ibmvmc: ioctl file=0x%lx, cmd=0x%x, arg=0x%lx, ses=0x%lx\n",
1366 (unsigned long)file, cmd, arg,
1367 (unsigned long)session);
1368
1369 if (!session) {
1370 pr_warn("ibmvmc: ioctl: no session\n");
1371 return -EIO;
1372 }
1373
1374 switch (cmd) {
1375 case VMC_IOCTL_SETHMCID:
1376 return ibmvmc_ioctl_sethmcid(session,
1377 (unsigned char __user *)arg);
1378 case VMC_IOCTL_QUERY:
1379 return ibmvmc_ioctl_query(session,
1380 (struct ibmvmc_query_struct __user *)arg);
1381 case VMC_IOCTL_REQUESTVMC:
1382 return ibmvmc_ioctl_requestvmc(session,
1383 (unsigned int __user *)arg);
1384 default:
1385 pr_warn("ibmvmc: unknown ioctl 0x%x\n", cmd);
1386 return -EINVAL;
1387 }
1388 }
1389
1390 static const struct file_operations ibmvmc_fops = {
1391 .owner = THIS_MODULE,
1392 .read = ibmvmc_read,
1393 .write = ibmvmc_write,
1394 .poll = ibmvmc_poll,
1395 .unlocked_ioctl = ibmvmc_ioctl,
1396 .open = ibmvmc_open,
1397 .release = ibmvmc_close,
1398 };
1399
1400 /**
1401 * ibmvmc_add_buffer - Add Buffer
1402 *
1403 * @adapter: crq_server_adapter struct
1404 * @crq: ibmvmc_crq_msg struct
1405 *
1406 * This message transfers a buffer from hypervisor ownership to management
1407 * partition ownership. The LIOBA is obtained from the virtual TCE table
1408 * associated with the hypervisor side of the VMC device, and points to a
1409 * buffer of size MTU (as established in the capabilities exchange).
1410 *
1411 * Typical flow for ading buffers:
1412 * 1. A new management application connection is opened by the management
1413 * partition.
1414 * 2. The hypervisor assigns new buffers for the traffic associated with
1415 * that connection.
1416 * 3. The hypervisor sends VMC Add Buffer messages to the management
1417 * partition, informing it of the new buffers.
1418 * 4. The hypervisor sends an HMC protocol message (to the management
1419 * application) notifying it of the new buffers. This informs the
1420 * application that it has buffers available for sending HMC
1421 * commands.
1422 *
1423 * Return:
1424 * 0 - Success
1425 * Non-zero - Failure
1426 */
ibmvmc_add_buffer(struct crq_server_adapter * adapter,struct ibmvmc_crq_msg * crq)1427 static int ibmvmc_add_buffer(struct crq_server_adapter *adapter,
1428 struct ibmvmc_crq_msg *crq)
1429 {
1430 struct ibmvmc_buffer *buffer;
1431 u8 hmc_index;
1432 u8 hmc_session;
1433 u16 buffer_id;
1434 unsigned long flags;
1435 int rc = 0;
1436
1437 if (!crq)
1438 return -1;
1439
1440 hmc_session = crq->hmc_session;
1441 hmc_index = crq->hmc_index;
1442 buffer_id = be16_to_cpu(crq->var2.buffer_id);
1443
1444 if (hmc_index > ibmvmc.max_hmc_index) {
1445 dev_err(adapter->dev, "add_buffer: invalid hmc_index = 0x%x\n",
1446 hmc_index);
1447 ibmvmc_send_add_buffer_resp(adapter, VMC_MSG_INVALID_HMC_INDEX,
1448 hmc_session, hmc_index, buffer_id);
1449 return -1;
1450 }
1451
1452 if (buffer_id >= ibmvmc.max_buffer_pool_size) {
1453 dev_err(adapter->dev, "add_buffer: invalid buffer_id = 0x%x\n",
1454 buffer_id);
1455 ibmvmc_send_add_buffer_resp(adapter, VMC_MSG_INVALID_BUFFER_ID,
1456 hmc_session, hmc_index, buffer_id);
1457 return -1;
1458 }
1459
1460 spin_lock_irqsave(&hmcs[hmc_index].lock, flags);
1461 buffer = &hmcs[hmc_index].buffer[buffer_id];
1462
1463 if (buffer->real_addr_local || buffer->dma_addr_local) {
1464 dev_warn(adapter->dev, "add_buffer: already allocated id = 0x%lx\n",
1465 (unsigned long)buffer_id);
1466 spin_unlock_irqrestore(&hmcs[hmc_index].lock, flags);
1467 ibmvmc_send_add_buffer_resp(adapter, VMC_MSG_INVALID_BUFFER_ID,
1468 hmc_session, hmc_index, buffer_id);
1469 return -1;
1470 }
1471
1472 buffer->real_addr_local = alloc_dma_buffer(to_vio_dev(adapter->dev),
1473 ibmvmc.max_mtu,
1474 &buffer->dma_addr_local);
1475
1476 if (!buffer->real_addr_local) {
1477 dev_err(adapter->dev, "add_buffer: alloc_dma_buffer failed.\n");
1478 spin_unlock_irqrestore(&hmcs[hmc_index].lock, flags);
1479 ibmvmc_send_add_buffer_resp(adapter, VMC_MSG_INTERFACE_FAILURE,
1480 hmc_session, hmc_index, buffer_id);
1481 return -1;
1482 }
1483
1484 buffer->dma_addr_remote = be32_to_cpu(crq->var3.lioba);
1485 buffer->size = ibmvmc.max_mtu;
1486 buffer->owner = crq->var1.owner;
1487 buffer->free = 1;
1488 /* Must ensure valid==1 is observable only after all other fields are */
1489 dma_wmb();
1490 buffer->valid = 1;
1491 buffer->id = buffer_id;
1492
1493 dev_dbg(adapter->dev, "add_buffer: successfully added a buffer:\n");
1494 dev_dbg(adapter->dev, " index: %d, session: %d, buffer: 0x%x, owner: %d\n",
1495 hmc_index, hmc_session, buffer_id, buffer->owner);
1496 dev_dbg(adapter->dev, " local: 0x%x, remote: 0x%x\n",
1497 (u32)buffer->dma_addr_local,
1498 (u32)buffer->dma_addr_remote);
1499 spin_unlock_irqrestore(&hmcs[hmc_index].lock, flags);
1500
1501 ibmvmc_send_add_buffer_resp(adapter, VMC_MSG_SUCCESS, hmc_session,
1502 hmc_index, buffer_id);
1503
1504 return rc;
1505 }
1506
1507 /**
1508 * ibmvmc_rem_buffer - Remove Buffer
1509 *
1510 * @adapter: crq_server_adapter struct
1511 * @crq: ibmvmc_crq_msg struct
1512 *
1513 * This message requests an HMC buffer to be transferred from management
1514 * partition ownership to hypervisor ownership. The management partition may
1515 * not be able to satisfy the request at a particular point in time if all its
1516 * buffers are in use. The management partition requires a depth of at least
1517 * one inbound buffer to allow management application commands to flow to the
1518 * hypervisor. It is, therefore, an interface error for the hypervisor to
1519 * attempt to remove the management partition's last buffer.
1520 *
1521 * The hypervisor is expected to manage buffer usage with the management
1522 * application directly and inform the management partition when buffers may be
1523 * removed. The typical flow for removing buffers:
1524 *
1525 * 1. The management application no longer needs a communication path to a
1526 * particular hypervisor function. That function is closed.
1527 * 2. The hypervisor and the management application quiesce all traffic to that
1528 * function. The hypervisor requests a reduction in buffer pool size.
1529 * 3. The management application acknowledges the reduction in buffer pool size.
1530 * 4. The hypervisor sends a Remove Buffer message to the management partition,
1531 * informing it of the reduction in buffers.
1532 * 5. The management partition verifies it can remove the buffer. This is
1533 * possible if buffers have been quiesced.
1534 *
1535 * Return:
1536 * 0 - Success
1537 * Non-zero - Failure
1538 */
1539 /*
1540 * The hypervisor requested that we pick an unused buffer, and return it.
1541 * Before sending the buffer back, we free any storage associated with the
1542 * buffer.
1543 */
ibmvmc_rem_buffer(struct crq_server_adapter * adapter,struct ibmvmc_crq_msg * crq)1544 static int ibmvmc_rem_buffer(struct crq_server_adapter *adapter,
1545 struct ibmvmc_crq_msg *crq)
1546 {
1547 struct ibmvmc_buffer *buffer;
1548 u8 hmc_index;
1549 u8 hmc_session;
1550 u16 buffer_id = 0;
1551 unsigned long flags;
1552 int rc = 0;
1553
1554 if (!crq)
1555 return -1;
1556
1557 hmc_session = crq->hmc_session;
1558 hmc_index = crq->hmc_index;
1559
1560 if (hmc_index > ibmvmc.max_hmc_index) {
1561 dev_warn(adapter->dev, "rem_buffer: invalid hmc_index = 0x%x\n",
1562 hmc_index);
1563 ibmvmc_send_rem_buffer_resp(adapter, VMC_MSG_INVALID_HMC_INDEX,
1564 hmc_session, hmc_index, buffer_id);
1565 return -1;
1566 }
1567
1568 spin_lock_irqsave(&hmcs[hmc_index].lock, flags);
1569 buffer = ibmvmc_get_free_hmc_buffer(adapter, hmc_index);
1570 if (!buffer) {
1571 dev_info(adapter->dev, "rem_buffer: no buffer to remove\n");
1572 spin_unlock_irqrestore(&hmcs[hmc_index].lock, flags);
1573 ibmvmc_send_rem_buffer_resp(adapter, VMC_MSG_NO_BUFFER,
1574 hmc_session, hmc_index,
1575 VMC_INVALID_BUFFER_ID);
1576 return -1;
1577 }
1578
1579 buffer_id = buffer->id;
1580
1581 if (buffer->valid)
1582 free_dma_buffer(to_vio_dev(adapter->dev),
1583 ibmvmc.max_mtu,
1584 buffer->real_addr_local,
1585 buffer->dma_addr_local);
1586
1587 memset(buffer, 0, sizeof(struct ibmvmc_buffer));
1588 spin_unlock_irqrestore(&hmcs[hmc_index].lock, flags);
1589
1590 dev_dbg(adapter->dev, "rem_buffer: removed buffer 0x%x.\n", buffer_id);
1591 ibmvmc_send_rem_buffer_resp(adapter, VMC_MSG_SUCCESS, hmc_session,
1592 hmc_index, buffer_id);
1593
1594 return rc;
1595 }
1596
ibmvmc_recv_msg(struct crq_server_adapter * adapter,struct ibmvmc_crq_msg * crq)1597 static int ibmvmc_recv_msg(struct crq_server_adapter *adapter,
1598 struct ibmvmc_crq_msg *crq)
1599 {
1600 struct ibmvmc_buffer *buffer;
1601 struct ibmvmc_hmc *hmc;
1602 unsigned long msg_len;
1603 u8 hmc_index;
1604 u8 hmc_session;
1605 u16 buffer_id;
1606 unsigned long flags;
1607 int rc = 0;
1608
1609 if (!crq)
1610 return -1;
1611
1612 /* Hypervisor writes CRQs directly into our memory in big endian */
1613 dev_dbg(adapter->dev, "Recv_msg: msg from HV 0x%016llx 0x%016llx\n",
1614 be64_to_cpu(*((unsigned long *)crq)),
1615 be64_to_cpu(*(((unsigned long *)crq) + 1)));
1616
1617 hmc_session = crq->hmc_session;
1618 hmc_index = crq->hmc_index;
1619 buffer_id = be16_to_cpu(crq->var2.buffer_id);
1620 msg_len = be32_to_cpu(crq->var3.msg_len);
1621
1622 if (hmc_index > ibmvmc.max_hmc_index) {
1623 dev_err(adapter->dev, "Recv_msg: invalid hmc_index = 0x%x\n",
1624 hmc_index);
1625 ibmvmc_send_add_buffer_resp(adapter, VMC_MSG_INVALID_HMC_INDEX,
1626 hmc_session, hmc_index, buffer_id);
1627 return -1;
1628 }
1629
1630 if (buffer_id >= ibmvmc.max_buffer_pool_size) {
1631 dev_err(adapter->dev, "Recv_msg: invalid buffer_id = 0x%x\n",
1632 buffer_id);
1633 ibmvmc_send_add_buffer_resp(adapter, VMC_MSG_INVALID_BUFFER_ID,
1634 hmc_session, hmc_index, buffer_id);
1635 return -1;
1636 }
1637
1638 hmc = &hmcs[hmc_index];
1639 spin_lock_irqsave(&hmc->lock, flags);
1640
1641 if (hmc->state == ibmhmc_state_free) {
1642 dev_err(adapter->dev, "Recv_msg: invalid hmc state = 0x%x\n",
1643 hmc->state);
1644 /* HMC connection is not valid (possibly was reset under us). */
1645 spin_unlock_irqrestore(&hmc->lock, flags);
1646 return -1;
1647 }
1648
1649 buffer = &hmc->buffer[buffer_id];
1650
1651 if (buffer->valid == 0 || buffer->owner == VMC_BUF_OWNER_ALPHA) {
1652 dev_err(adapter->dev, "Recv_msg: not valid, or not HV. 0x%x 0x%x\n",
1653 buffer->valid, buffer->owner);
1654 spin_unlock_irqrestore(&hmc->lock, flags);
1655 return -1;
1656 }
1657
1658 /* RDMA the data into the partition. */
1659 rc = h_copy_rdma(msg_len,
1660 adapter->riobn,
1661 buffer->dma_addr_remote,
1662 adapter->liobn,
1663 buffer->dma_addr_local);
1664
1665 dev_dbg(adapter->dev, "Recv_msg: msg_len = 0x%x, buffer_id = 0x%x, queue_head = 0x%x, hmc_idx = 0x%x\n",
1666 (unsigned int)msg_len, (unsigned int)buffer_id,
1667 (unsigned int)hmc->queue_head, (unsigned int)hmc_index);
1668 buffer->msg_len = msg_len;
1669 buffer->free = 0;
1670 buffer->owner = VMC_BUF_OWNER_ALPHA;
1671
1672 if (rc) {
1673 dev_err(adapter->dev, "Failure in recv_msg: h_copy_rdma = 0x%x\n",
1674 rc);
1675 spin_unlock_irqrestore(&hmc->lock, flags);
1676 return -1;
1677 }
1678
1679 /* Must be locked because read operates on the same data */
1680 hmc->queue_outbound_msgs[hmc->queue_head] = buffer_id;
1681 hmc->queue_head++;
1682 if (hmc->queue_head == ibmvmc_max_buf_pool_size)
1683 hmc->queue_head = 0;
1684
1685 if (hmc->queue_head == hmc->queue_tail)
1686 dev_err(adapter->dev, "outbound buffer queue wrapped.\n");
1687
1688 spin_unlock_irqrestore(&hmc->lock, flags);
1689
1690 wake_up_interruptible(&ibmvmc_read_wait);
1691
1692 return 0;
1693 }
1694
1695 /**
1696 * ibmvmc_process_capabilities - Process Capabilities
1697 *
1698 * @adapter: crq_server_adapter struct
1699 * @crqp: ibmvmc_crq_msg struct
1700 *
1701 */
ibmvmc_process_capabilities(struct crq_server_adapter * adapter,struct ibmvmc_crq_msg * crqp)1702 static void ibmvmc_process_capabilities(struct crq_server_adapter *adapter,
1703 struct ibmvmc_crq_msg *crqp)
1704 {
1705 struct ibmvmc_admin_crq_msg *crq = (struct ibmvmc_admin_crq_msg *)crqp;
1706
1707 if ((be16_to_cpu(crq->version) >> 8) !=
1708 (IBMVMC_PROTOCOL_VERSION >> 8)) {
1709 dev_err(adapter->dev, "init failed, incompatible versions 0x%x 0x%x\n",
1710 be16_to_cpu(crq->version),
1711 IBMVMC_PROTOCOL_VERSION);
1712 ibmvmc.state = ibmvmc_state_failed;
1713 return;
1714 }
1715
1716 ibmvmc.max_mtu = min_t(u32, ibmvmc_max_mtu, be32_to_cpu(crq->max_mtu));
1717 ibmvmc.max_buffer_pool_size = min_t(u16, ibmvmc_max_buf_pool_size,
1718 be16_to_cpu(crq->pool_size));
1719 ibmvmc.max_hmc_index = min_t(u8, ibmvmc_max_hmcs, crq->max_hmc) - 1;
1720 ibmvmc.state = ibmvmc_state_ready;
1721
1722 dev_info(adapter->dev, "Capabilities: mtu=0x%x, pool_size=0x%x, max_hmc=0x%x\n",
1723 ibmvmc.max_mtu, ibmvmc.max_buffer_pool_size,
1724 ibmvmc.max_hmc_index);
1725 }
1726
1727 /**
1728 * ibmvmc_validate_hmc_session - Validate HMC Session
1729 *
1730 * @adapter: crq_server_adapter struct
1731 * @crq: ibmvmc_crq_msg struct
1732 *
1733 * Return:
1734 * 0 - Success
1735 * Non-zero - Failure
1736 */
ibmvmc_validate_hmc_session(struct crq_server_adapter * adapter,struct ibmvmc_crq_msg * crq)1737 static int ibmvmc_validate_hmc_session(struct crq_server_adapter *adapter,
1738 struct ibmvmc_crq_msg *crq)
1739 {
1740 unsigned char hmc_index;
1741
1742 hmc_index = crq->hmc_index;
1743
1744 if (crq->hmc_session == 0)
1745 return 0;
1746
1747 if (hmc_index > ibmvmc.max_hmc_index)
1748 return -1;
1749
1750 if (hmcs[hmc_index].session != crq->hmc_session) {
1751 dev_warn(adapter->dev, "Drop, bad session: expected 0x%x, recv 0x%x\n",
1752 hmcs[hmc_index].session, crq->hmc_session);
1753 return -1;
1754 }
1755
1756 return 0;
1757 }
1758
1759 /**
1760 * ibmvmc_reset - Reset
1761 *
1762 * @adapter: crq_server_adapter struct
1763 * @xport_event: export_event field
1764 *
1765 * Closes all HMC sessions and conditionally schedules a CRQ reset.
1766 * @xport_event: If true, the partner closed their CRQ; we don't need to reset.
1767 * If false, we need to schedule a CRQ reset.
1768 */
ibmvmc_reset(struct crq_server_adapter * adapter,bool xport_event)1769 static void ibmvmc_reset(struct crq_server_adapter *adapter, bool xport_event)
1770 {
1771 int i;
1772
1773 if (ibmvmc.state != ibmvmc_state_sched_reset) {
1774 dev_info(adapter->dev, "*** Reset to initial state.\n");
1775 for (i = 0; i < ibmvmc_max_hmcs; i++)
1776 ibmvmc_return_hmc(&hmcs[i], xport_event);
1777
1778 if (xport_event) {
1779 /* CRQ was closed by the partner. We don't need to do
1780 * anything except set ourself to the correct state to
1781 * handle init msgs.
1782 */
1783 ibmvmc.state = ibmvmc_state_crqinit;
1784 } else {
1785 /* The partner did not close their CRQ - instead, we're
1786 * closing the CRQ on our end. Need to schedule this
1787 * for process context, because CRQ reset may require a
1788 * sleep.
1789 *
1790 * Setting ibmvmc.state here immediately prevents
1791 * ibmvmc_open from completing until the reset
1792 * completes in process context.
1793 */
1794 ibmvmc.state = ibmvmc_state_sched_reset;
1795 dev_dbg(adapter->dev, "Device reset scheduled");
1796 wake_up_interruptible(&adapter->reset_wait_queue);
1797 }
1798 }
1799 }
1800
1801 /**
1802 * ibmvmc_reset_task - Reset Task
1803 *
1804 * @data: Data field
1805 *
1806 * Performs a CRQ reset of the VMC device in process context.
1807 * NOTE: This function should not be called directly, use ibmvmc_reset.
1808 */
ibmvmc_reset_task(void * data)1809 static int ibmvmc_reset_task(void *data)
1810 {
1811 struct crq_server_adapter *adapter = data;
1812 int rc;
1813
1814 set_user_nice(current, -20);
1815
1816 while (!kthread_should_stop()) {
1817 wait_event_interruptible(adapter->reset_wait_queue,
1818 (ibmvmc.state == ibmvmc_state_sched_reset) ||
1819 kthread_should_stop());
1820
1821 if (kthread_should_stop())
1822 break;
1823
1824 dev_dbg(adapter->dev, "CRQ resetting in process context");
1825 tasklet_disable(&adapter->work_task);
1826
1827 rc = ibmvmc_reset_crq_queue(adapter);
1828
1829 if (rc != H_SUCCESS && rc != H_RESOURCE) {
1830 dev_err(adapter->dev, "Error initializing CRQ. rc = 0x%x\n",
1831 rc);
1832 ibmvmc.state = ibmvmc_state_failed;
1833 } else {
1834 ibmvmc.state = ibmvmc_state_crqinit;
1835
1836 if (ibmvmc_send_crq(adapter, 0xC001000000000000LL, 0)
1837 != 0 && rc != H_RESOURCE)
1838 dev_warn(adapter->dev, "Failed to send initialize CRQ message\n");
1839 }
1840
1841 vio_enable_interrupts(to_vio_dev(adapter->dev));
1842 tasklet_enable(&adapter->work_task);
1843 }
1844
1845 return 0;
1846 }
1847
1848 /**
1849 * ibmvmc_process_open_resp - Process Open Response
1850 *
1851 * @crq: ibmvmc_crq_msg struct
1852 * @adapter: crq_server_adapter struct
1853 *
1854 * This command is sent by the hypervisor in response to the Interface
1855 * Open message. When this message is received, the indicated buffer is
1856 * again available for management partition use.
1857 */
ibmvmc_process_open_resp(struct ibmvmc_crq_msg * crq,struct crq_server_adapter * adapter)1858 static void ibmvmc_process_open_resp(struct ibmvmc_crq_msg *crq,
1859 struct crq_server_adapter *adapter)
1860 {
1861 unsigned char hmc_index;
1862 unsigned short buffer_id;
1863
1864 hmc_index = crq->hmc_index;
1865 if (hmc_index > ibmvmc.max_hmc_index) {
1866 /* Why would PHYP give an index > max negotiated? */
1867 ibmvmc_reset(adapter, false);
1868 return;
1869 }
1870
1871 if (crq->status) {
1872 dev_warn(adapter->dev, "open_resp: failed - status 0x%x\n",
1873 crq->status);
1874 ibmvmc_return_hmc(&hmcs[hmc_index], false);
1875 return;
1876 }
1877
1878 if (hmcs[hmc_index].state == ibmhmc_state_opening) {
1879 buffer_id = be16_to_cpu(crq->var2.buffer_id);
1880 if (buffer_id >= ibmvmc.max_buffer_pool_size) {
1881 dev_err(adapter->dev, "open_resp: invalid buffer_id = 0x%x\n",
1882 buffer_id);
1883 hmcs[hmc_index].state = ibmhmc_state_failed;
1884 } else {
1885 ibmvmc_free_hmc_buffer(&hmcs[hmc_index],
1886 &hmcs[hmc_index].buffer[buffer_id]);
1887 hmcs[hmc_index].state = ibmhmc_state_ready;
1888 dev_dbg(adapter->dev, "open_resp: set hmc state = ready\n");
1889 }
1890 } else {
1891 dev_warn(adapter->dev, "open_resp: invalid hmc state (0x%x)\n",
1892 hmcs[hmc_index].state);
1893 }
1894 }
1895
1896 /**
1897 * ibmvmc_process_close_resp - Process Close Response
1898 *
1899 * @crq: ibmvmc_crq_msg struct
1900 * @adapter: crq_server_adapter struct
1901 *
1902 * This command is sent by the hypervisor in response to the managemant
1903 * application Interface Close message.
1904 *
1905 * If the close fails, simply reset the entire driver as the state of the VMC
1906 * must be in tough shape.
1907 */
ibmvmc_process_close_resp(struct ibmvmc_crq_msg * crq,struct crq_server_adapter * adapter)1908 static void ibmvmc_process_close_resp(struct ibmvmc_crq_msg *crq,
1909 struct crq_server_adapter *adapter)
1910 {
1911 unsigned char hmc_index;
1912
1913 hmc_index = crq->hmc_index;
1914 if (hmc_index > ibmvmc.max_hmc_index) {
1915 ibmvmc_reset(adapter, false);
1916 return;
1917 }
1918
1919 if (crq->status) {
1920 dev_warn(adapter->dev, "close_resp: failed - status 0x%x\n",
1921 crq->status);
1922 ibmvmc_reset(adapter, false);
1923 return;
1924 }
1925
1926 ibmvmc_return_hmc(&hmcs[hmc_index], false);
1927 }
1928
1929 /**
1930 * ibmvmc_crq_process - Process CRQ
1931 *
1932 * @adapter: crq_server_adapter struct
1933 * @crq: ibmvmc_crq_msg struct
1934 *
1935 * Process the CRQ message based upon the type of message received.
1936 *
1937 */
ibmvmc_crq_process(struct crq_server_adapter * adapter,struct ibmvmc_crq_msg * crq)1938 static void ibmvmc_crq_process(struct crq_server_adapter *adapter,
1939 struct ibmvmc_crq_msg *crq)
1940 {
1941 switch (crq->type) {
1942 case VMC_MSG_CAP_RESP:
1943 dev_dbg(adapter->dev, "CRQ recv: capabilities resp (0x%x)\n",
1944 crq->type);
1945 if (ibmvmc.state == ibmvmc_state_capabilities)
1946 ibmvmc_process_capabilities(adapter, crq);
1947 else
1948 dev_warn(adapter->dev, "caps msg invalid in state 0x%x\n",
1949 ibmvmc.state);
1950 break;
1951 case VMC_MSG_OPEN_RESP:
1952 dev_dbg(adapter->dev, "CRQ recv: open resp (0x%x)\n",
1953 crq->type);
1954 if (ibmvmc_validate_hmc_session(adapter, crq) == 0)
1955 ibmvmc_process_open_resp(crq, adapter);
1956 break;
1957 case VMC_MSG_ADD_BUF:
1958 dev_dbg(adapter->dev, "CRQ recv: add buf (0x%x)\n",
1959 crq->type);
1960 if (ibmvmc_validate_hmc_session(adapter, crq) == 0)
1961 ibmvmc_add_buffer(adapter, crq);
1962 break;
1963 case VMC_MSG_REM_BUF:
1964 dev_dbg(adapter->dev, "CRQ recv: rem buf (0x%x)\n",
1965 crq->type);
1966 if (ibmvmc_validate_hmc_session(adapter, crq) == 0)
1967 ibmvmc_rem_buffer(adapter, crq);
1968 break;
1969 case VMC_MSG_SIGNAL:
1970 dev_dbg(adapter->dev, "CRQ recv: signal msg (0x%x)\n",
1971 crq->type);
1972 if (ibmvmc_validate_hmc_session(adapter, crq) == 0)
1973 ibmvmc_recv_msg(adapter, crq);
1974 break;
1975 case VMC_MSG_CLOSE_RESP:
1976 dev_dbg(adapter->dev, "CRQ recv: close resp (0x%x)\n",
1977 crq->type);
1978 if (ibmvmc_validate_hmc_session(adapter, crq) == 0)
1979 ibmvmc_process_close_resp(crq, adapter);
1980 break;
1981 case VMC_MSG_CAP:
1982 case VMC_MSG_OPEN:
1983 case VMC_MSG_CLOSE:
1984 case VMC_MSG_ADD_BUF_RESP:
1985 case VMC_MSG_REM_BUF_RESP:
1986 dev_warn(adapter->dev, "CRQ recv: unexpected msg (0x%x)\n",
1987 crq->type);
1988 break;
1989 default:
1990 dev_warn(adapter->dev, "CRQ recv: unknown msg (0x%x)\n",
1991 crq->type);
1992 break;
1993 }
1994 }
1995
1996 /**
1997 * ibmvmc_handle_crq_init - Handle CRQ Init
1998 *
1999 * @crq: ibmvmc_crq_msg struct
2000 * @adapter: crq_server_adapter struct
2001 *
2002 * Handle the type of crq initialization based on whether
2003 * it is a message or a response.
2004 *
2005 */
ibmvmc_handle_crq_init(struct ibmvmc_crq_msg * crq,struct crq_server_adapter * adapter)2006 static void ibmvmc_handle_crq_init(struct ibmvmc_crq_msg *crq,
2007 struct crq_server_adapter *adapter)
2008 {
2009 switch (crq->type) {
2010 case 0x01: /* Initialization message */
2011 dev_dbg(adapter->dev, "CRQ recv: CRQ init msg - state 0x%x\n",
2012 ibmvmc.state);
2013 if (ibmvmc.state == ibmvmc_state_crqinit) {
2014 /* Send back a response */
2015 if (ibmvmc_send_crq(adapter, 0xC002000000000000,
2016 0) == 0)
2017 ibmvmc_send_capabilities(adapter);
2018 else
2019 dev_err(adapter->dev, " Unable to send init rsp\n");
2020 } else {
2021 dev_err(adapter->dev, "Invalid state 0x%x mtu = 0x%x\n",
2022 ibmvmc.state, ibmvmc.max_mtu);
2023 }
2024
2025 break;
2026 case 0x02: /* Initialization response */
2027 dev_dbg(adapter->dev, "CRQ recv: initialization resp msg - state 0x%x\n",
2028 ibmvmc.state);
2029 if (ibmvmc.state == ibmvmc_state_crqinit)
2030 ibmvmc_send_capabilities(adapter);
2031 break;
2032 default:
2033 dev_warn(adapter->dev, "Unknown crq message type 0x%lx\n",
2034 (unsigned long)crq->type);
2035 }
2036 }
2037
2038 /**
2039 * ibmvmc_handle_crq - Handle CRQ
2040 *
2041 * @crq: ibmvmc_crq_msg struct
2042 * @adapter: crq_server_adapter struct
2043 *
2044 * Read the command elements from the command queue and execute the
2045 * requests based upon the type of crq message.
2046 *
2047 */
ibmvmc_handle_crq(struct ibmvmc_crq_msg * crq,struct crq_server_adapter * adapter)2048 static void ibmvmc_handle_crq(struct ibmvmc_crq_msg *crq,
2049 struct crq_server_adapter *adapter)
2050 {
2051 switch (crq->valid) {
2052 case 0xC0: /* initialization */
2053 ibmvmc_handle_crq_init(crq, adapter);
2054 break;
2055 case 0xFF: /* Hypervisor telling us the connection is closed */
2056 dev_warn(adapter->dev, "CRQ recv: virtual adapter failed - resetting.\n");
2057 ibmvmc_reset(adapter, true);
2058 break;
2059 case 0x80: /* real payload */
2060 ibmvmc_crq_process(adapter, crq);
2061 break;
2062 default:
2063 dev_warn(adapter->dev, "CRQ recv: unknown msg 0x%02x.\n",
2064 crq->valid);
2065 break;
2066 }
2067 }
2068
ibmvmc_task(unsigned long data)2069 static void ibmvmc_task(unsigned long data)
2070 {
2071 struct crq_server_adapter *adapter =
2072 (struct crq_server_adapter *)data;
2073 struct vio_dev *vdev = to_vio_dev(adapter->dev);
2074 struct ibmvmc_crq_msg *crq;
2075 int done = 0;
2076
2077 while (!done) {
2078 /* Pull all the valid messages off the CRQ */
2079 while ((crq = crq_queue_next_crq(&adapter->queue)) != NULL) {
2080 ibmvmc_handle_crq(crq, adapter);
2081 crq->valid = 0x00;
2082 /* CRQ reset was requested, stop processing CRQs.
2083 * Interrupts will be re-enabled by the reset task.
2084 */
2085 if (ibmvmc.state == ibmvmc_state_sched_reset)
2086 return;
2087 }
2088
2089 vio_enable_interrupts(vdev);
2090 crq = crq_queue_next_crq(&adapter->queue);
2091 if (crq) {
2092 vio_disable_interrupts(vdev);
2093 ibmvmc_handle_crq(crq, adapter);
2094 crq->valid = 0x00;
2095 /* CRQ reset was requested, stop processing CRQs.
2096 * Interrupts will be re-enabled by the reset task.
2097 */
2098 if (ibmvmc.state == ibmvmc_state_sched_reset)
2099 return;
2100 } else {
2101 done = 1;
2102 }
2103 }
2104 }
2105
2106 /**
2107 * ibmvmc_init_crq_queue - Init CRQ Queue
2108 *
2109 * @adapter: crq_server_adapter struct
2110 *
2111 * Return:
2112 * 0 - Success
2113 * Non-zero - Failure
2114 */
ibmvmc_init_crq_queue(struct crq_server_adapter * adapter)2115 static int ibmvmc_init_crq_queue(struct crq_server_adapter *adapter)
2116 {
2117 struct vio_dev *vdev = to_vio_dev(adapter->dev);
2118 struct crq_queue *queue = &adapter->queue;
2119 int rc = 0;
2120 int retrc = 0;
2121
2122 queue->msgs = (struct ibmvmc_crq_msg *)get_zeroed_page(GFP_KERNEL);
2123
2124 if (!queue->msgs)
2125 goto malloc_failed;
2126
2127 queue->size = PAGE_SIZE / sizeof(*queue->msgs);
2128
2129 queue->msg_token = dma_map_single(adapter->dev, queue->msgs,
2130 queue->size * sizeof(*queue->msgs),
2131 DMA_BIDIRECTIONAL);
2132
2133 if (dma_mapping_error(adapter->dev, queue->msg_token))
2134 goto map_failed;
2135
2136 retrc = plpar_hcall_norets(H_REG_CRQ,
2137 vdev->unit_address,
2138 queue->msg_token, PAGE_SIZE);
2139 rc = retrc;
2140
2141 if (rc == H_RESOURCE)
2142 rc = ibmvmc_reset_crq_queue(adapter);
2143
2144 if (rc == 2) {
2145 dev_warn(adapter->dev, "Partner adapter not ready\n");
2146 retrc = 0;
2147 } else if (rc != 0) {
2148 dev_err(adapter->dev, "Error %d opening adapter\n", rc);
2149 goto reg_crq_failed;
2150 }
2151
2152 queue->cur = 0;
2153 spin_lock_init(&queue->lock);
2154
2155 tasklet_init(&adapter->work_task, ibmvmc_task, (unsigned long)adapter);
2156
2157 if (request_irq(vdev->irq,
2158 ibmvmc_handle_event,
2159 0, "ibmvmc", (void *)adapter) != 0) {
2160 dev_err(adapter->dev, "couldn't register irq 0x%x\n",
2161 vdev->irq);
2162 goto req_irq_failed;
2163 }
2164
2165 rc = vio_enable_interrupts(vdev);
2166 if (rc != 0) {
2167 dev_err(adapter->dev, "Error %d enabling interrupts!!!\n", rc);
2168 goto req_irq_failed;
2169 }
2170
2171 return retrc;
2172
2173 req_irq_failed:
2174 /* Cannot have any work since we either never got our IRQ registered,
2175 * or never got interrupts enabled
2176 */
2177 tasklet_kill(&adapter->work_task);
2178 h_free_crq(vdev->unit_address);
2179 reg_crq_failed:
2180 dma_unmap_single(adapter->dev,
2181 queue->msg_token,
2182 queue->size * sizeof(*queue->msgs), DMA_BIDIRECTIONAL);
2183 map_failed:
2184 free_page((unsigned long)queue->msgs);
2185 malloc_failed:
2186 return -ENOMEM;
2187 }
2188
2189 /* Fill in the liobn and riobn fields on the adapter */
read_dma_window(struct vio_dev * vdev,struct crq_server_adapter * adapter)2190 static int read_dma_window(struct vio_dev *vdev,
2191 struct crq_server_adapter *adapter)
2192 {
2193 const __be32 *dma_window;
2194 const __be32 *prop;
2195
2196 /* TODO Using of_parse_dma_window would be better, but it doesn't give
2197 * a way to read multiple windows without already knowing the size of
2198 * a window or the number of windows
2199 */
2200 dma_window =
2201 (const __be32 *)vio_get_attribute(vdev, "ibm,my-dma-window",
2202 NULL);
2203 if (!dma_window) {
2204 dev_warn(adapter->dev, "Couldn't find ibm,my-dma-window property\n");
2205 return -1;
2206 }
2207
2208 adapter->liobn = be32_to_cpu(*dma_window);
2209 dma_window++;
2210
2211 prop = (const __be32 *)vio_get_attribute(vdev, "ibm,#dma-address-cells",
2212 NULL);
2213 if (!prop) {
2214 dev_warn(adapter->dev, "Couldn't find ibm,#dma-address-cells property\n");
2215 dma_window++;
2216 } else {
2217 dma_window += be32_to_cpu(*prop);
2218 }
2219
2220 prop = (const __be32 *)vio_get_attribute(vdev, "ibm,#dma-size-cells",
2221 NULL);
2222 if (!prop) {
2223 dev_warn(adapter->dev, "Couldn't find ibm,#dma-size-cells property\n");
2224 dma_window++;
2225 } else {
2226 dma_window += be32_to_cpu(*prop);
2227 }
2228
2229 /* dma_window should point to the second window now */
2230 adapter->riobn = be32_to_cpu(*dma_window);
2231
2232 return 0;
2233 }
2234
ibmvmc_probe(struct vio_dev * vdev,const struct vio_device_id * id)2235 static int ibmvmc_probe(struct vio_dev *vdev, const struct vio_device_id *id)
2236 {
2237 struct crq_server_adapter *adapter = &ibmvmc_adapter;
2238 int rc;
2239
2240 dev_set_drvdata(&vdev->dev, NULL);
2241 memset(adapter, 0, sizeof(*adapter));
2242 adapter->dev = &vdev->dev;
2243
2244 dev_info(adapter->dev, "Probe for UA 0x%x\n", vdev->unit_address);
2245
2246 rc = read_dma_window(vdev, adapter);
2247 if (rc != 0) {
2248 ibmvmc.state = ibmvmc_state_failed;
2249 return -1;
2250 }
2251
2252 dev_dbg(adapter->dev, "Probe: liobn 0x%x, riobn 0x%x\n",
2253 adapter->liobn, adapter->riobn);
2254
2255 init_waitqueue_head(&adapter->reset_wait_queue);
2256 adapter->reset_task = kthread_run(ibmvmc_reset_task, adapter, "ibmvmc");
2257 if (IS_ERR(adapter->reset_task)) {
2258 dev_err(adapter->dev, "Failed to start reset thread\n");
2259 ibmvmc.state = ibmvmc_state_failed;
2260 rc = PTR_ERR(adapter->reset_task);
2261 adapter->reset_task = NULL;
2262 return rc;
2263 }
2264
2265 rc = ibmvmc_init_crq_queue(adapter);
2266 if (rc != 0 && rc != H_RESOURCE) {
2267 dev_err(adapter->dev, "Error initializing CRQ. rc = 0x%x\n",
2268 rc);
2269 ibmvmc.state = ibmvmc_state_failed;
2270 goto crq_failed;
2271 }
2272
2273 ibmvmc.state = ibmvmc_state_crqinit;
2274
2275 /* Try to send an initialization message. Note that this is allowed
2276 * to fail if the other end is not acive. In that case we just wait
2277 * for the other side to initialize.
2278 */
2279 if (ibmvmc_send_crq(adapter, 0xC001000000000000LL, 0) != 0 &&
2280 rc != H_RESOURCE)
2281 dev_warn(adapter->dev, "Failed to send initialize CRQ message\n");
2282
2283 dev_set_drvdata(&vdev->dev, adapter);
2284
2285 return 0;
2286
2287 crq_failed:
2288 kthread_stop(adapter->reset_task);
2289 adapter->reset_task = NULL;
2290 return -EPERM;
2291 }
2292
ibmvmc_remove(struct vio_dev * vdev)2293 static void ibmvmc_remove(struct vio_dev *vdev)
2294 {
2295 struct crq_server_adapter *adapter = dev_get_drvdata(&vdev->dev);
2296
2297 dev_info(adapter->dev, "Entering remove for UA 0x%x\n",
2298 vdev->unit_address);
2299 ibmvmc_release_crq_queue(adapter);
2300 }
2301
2302 static struct vio_device_id ibmvmc_device_table[] = {
2303 { "ibm,vmc", "IBM,vmc" },
2304 { "", "" }
2305 };
2306 MODULE_DEVICE_TABLE(vio, ibmvmc_device_table);
2307
2308 static struct vio_driver ibmvmc_driver = {
2309 .name = ibmvmc_driver_name,
2310 .id_table = ibmvmc_device_table,
2311 .probe = ibmvmc_probe,
2312 .remove = ibmvmc_remove,
2313 };
2314
ibmvmc_scrub_module_parms(void)2315 static void __init ibmvmc_scrub_module_parms(void)
2316 {
2317 if (ibmvmc_max_mtu > MAX_MTU) {
2318 pr_warn("ibmvmc: Max MTU reduced to %d\n", MAX_MTU);
2319 ibmvmc_max_mtu = MAX_MTU;
2320 } else if (ibmvmc_max_mtu < MIN_MTU) {
2321 pr_warn("ibmvmc: Max MTU increased to %d\n", MIN_MTU);
2322 ibmvmc_max_mtu = MIN_MTU;
2323 }
2324
2325 if (ibmvmc_max_buf_pool_size > MAX_BUF_POOL_SIZE) {
2326 pr_warn("ibmvmc: Max buffer pool size reduced to %d\n",
2327 MAX_BUF_POOL_SIZE);
2328 ibmvmc_max_buf_pool_size = MAX_BUF_POOL_SIZE;
2329 } else if (ibmvmc_max_buf_pool_size < MIN_BUF_POOL_SIZE) {
2330 pr_warn("ibmvmc: Max buffer pool size increased to %d\n",
2331 MIN_BUF_POOL_SIZE);
2332 ibmvmc_max_buf_pool_size = MIN_BUF_POOL_SIZE;
2333 }
2334
2335 if (ibmvmc_max_hmcs > MAX_HMCS) {
2336 pr_warn("ibmvmc: Max HMCs reduced to %d\n", MAX_HMCS);
2337 ibmvmc_max_hmcs = MAX_HMCS;
2338 } else if (ibmvmc_max_hmcs < MIN_HMCS) {
2339 pr_warn("ibmvmc: Max HMCs increased to %d\n", MIN_HMCS);
2340 ibmvmc_max_hmcs = MIN_HMCS;
2341 }
2342 }
2343
2344 static struct miscdevice ibmvmc_miscdev = {
2345 .name = ibmvmc_driver_name,
2346 .minor = MISC_DYNAMIC_MINOR,
2347 .fops = &ibmvmc_fops,
2348 };
2349
ibmvmc_module_init(void)2350 static int __init ibmvmc_module_init(void)
2351 {
2352 int rc, i, j;
2353
2354 ibmvmc.state = ibmvmc_state_initial;
2355 pr_info("ibmvmc: version %s\n", IBMVMC_DRIVER_VERSION);
2356
2357 rc = misc_register(&ibmvmc_miscdev);
2358 if (rc) {
2359 pr_err("ibmvmc: misc registration failed\n");
2360 goto misc_register_failed;
2361 }
2362 pr_info("ibmvmc: node %d:%d\n", MISC_MAJOR,
2363 ibmvmc_miscdev.minor);
2364
2365 /* Initialize data structures */
2366 memset(hmcs, 0, sizeof(struct ibmvmc_hmc) * MAX_HMCS);
2367 for (i = 0; i < MAX_HMCS; i++) {
2368 spin_lock_init(&hmcs[i].lock);
2369 hmcs[i].state = ibmhmc_state_free;
2370 for (j = 0; j < MAX_BUF_POOL_SIZE; j++)
2371 hmcs[i].queue_outbound_msgs[j] = VMC_INVALID_BUFFER_ID;
2372 }
2373
2374 /* Sanity check module parms */
2375 ibmvmc_scrub_module_parms();
2376
2377 /*
2378 * Initialize some reasonable values. Might be negotiated smaller
2379 * values during the capabilities exchange.
2380 */
2381 ibmvmc.max_mtu = ibmvmc_max_mtu;
2382 ibmvmc.max_buffer_pool_size = ibmvmc_max_buf_pool_size;
2383 ibmvmc.max_hmc_index = ibmvmc_max_hmcs - 1;
2384
2385 rc = vio_register_driver(&ibmvmc_driver);
2386
2387 if (rc) {
2388 pr_err("ibmvmc: rc %d from vio_register_driver\n", rc);
2389 goto vio_reg_failed;
2390 }
2391
2392 return 0;
2393
2394 vio_reg_failed:
2395 misc_deregister(&ibmvmc_miscdev);
2396 misc_register_failed:
2397 return rc;
2398 }
2399
ibmvmc_module_exit(void)2400 static void __exit ibmvmc_module_exit(void)
2401 {
2402 pr_info("ibmvmc: module exit\n");
2403 vio_unregister_driver(&ibmvmc_driver);
2404 misc_deregister(&ibmvmc_miscdev);
2405 }
2406
2407 module_init(ibmvmc_module_init);
2408 module_exit(ibmvmc_module_exit);
2409
2410 module_param_named(buf_pool_size, ibmvmc_max_buf_pool_size,
2411 int, 0644);
2412 MODULE_PARM_DESC(buf_pool_size, "Buffer pool size");
2413 module_param_named(max_hmcs, ibmvmc_max_hmcs, int, 0644);
2414 MODULE_PARM_DESC(max_hmcs, "Max HMCs");
2415 module_param_named(max_mtu, ibmvmc_max_mtu, int, 0644);
2416 MODULE_PARM_DESC(max_mtu, "Max MTU");
2417
2418 MODULE_AUTHOR("Steven Royer <seroyer@linux.vnet.ibm.com>");
2419 MODULE_DESCRIPTION("IBM VMC");
2420 MODULE_VERSION(IBMVMC_DRIVER_VERSION);
2421 MODULE_LICENSE("GPL v2");
2422