1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 *
4 * Copyright (c) 2009, Microsoft Corporation.
5 *
6 * Authors:
7 * Haiyang Zhang <haiyangz@microsoft.com>
8 * Hank Janssen <hjanssen@microsoft.com>
9 */
10 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
11
12 #include <linux/kernel.h>
13 #include <linux/sched.h>
14 #include <linux/wait.h>
15 #include <linux/delay.h>
16 #include <linux/mm.h>
17 #include <linux/module.h>
18 #include <linux/slab.h>
19 #include <linux/vmalloc.h>
20 #include <linux/hyperv.h>
21 #include <linux/export.h>
22 #include <linux/io.h>
23 #include <linux/set_memory.h>
24 #include <asm/mshyperv.h>
25
26 #include "hyperv_vmbus.h"
27
28
29 struct vmbus_connection vmbus_connection = {
30 .conn_state = DISCONNECTED,
31 .unload_event = COMPLETION_INITIALIZER(
32 vmbus_connection.unload_event),
33 .next_gpadl_handle = ATOMIC_INIT(0xE1E10),
34
35 .ready_for_suspend_event = COMPLETION_INITIALIZER(
36 vmbus_connection.ready_for_suspend_event),
37 .ready_for_resume_event = COMPLETION_INITIALIZER(
38 vmbus_connection.ready_for_resume_event),
39 };
40 EXPORT_SYMBOL_GPL(vmbus_connection);
41
42 /*
43 * Negotiated protocol version with the host.
44 */
45 __u32 vmbus_proto_version;
46 EXPORT_SYMBOL_GPL(vmbus_proto_version);
47
48 /*
49 * Table of VMBus versions listed from newest to oldest.
50 * VERSION_WIN7 and VERSION_WS2008 are no longer supported in
51 * Linux guests and are not listed.
52 */
53 static __u32 vmbus_versions[] = {
54 VERSION_WIN10_V5_3,
55 VERSION_WIN10_V5_2,
56 VERSION_WIN10_V5_1,
57 VERSION_WIN10_V5,
58 VERSION_WIN10_V4_1,
59 VERSION_WIN10,
60 VERSION_WIN8_1,
61 VERSION_WIN8
62 };
63
64 /*
65 * Maximal VMBus protocol version guests can negotiate. Useful to cap the
66 * VMBus version for testing and debugging purpose.
67 */
68 static uint max_version = VERSION_WIN10_V5_3;
69
70 module_param(max_version, uint, S_IRUGO);
71 MODULE_PARM_DESC(max_version,
72 "Maximal VMBus protocol version which can be negotiated");
73
vmbus_negotiate_version(struct vmbus_channel_msginfo * msginfo,u32 version)74 int vmbus_negotiate_version(struct vmbus_channel_msginfo *msginfo, u32 version)
75 {
76 int ret = 0;
77 struct vmbus_channel_initiate_contact *msg;
78 unsigned long flags;
79
80 init_completion(&msginfo->waitevent);
81
82 msg = (struct vmbus_channel_initiate_contact *)msginfo->msg;
83
84 memset(msg, 0, sizeof(*msg));
85 msg->header.msgtype = CHANNELMSG_INITIATE_CONTACT;
86 msg->vmbus_version_requested = version;
87
88 /*
89 * VMBus protocol 5.0 (VERSION_WIN10_V5) and higher require that we must
90 * use VMBUS_MESSAGE_CONNECTION_ID_4 for the Initiate Contact Message,
91 * and for subsequent messages, we must use the Message Connection ID
92 * field in the host-returned Version Response Message. And, with
93 * VERSION_WIN10_V5 and higher, we don't use msg->interrupt_page, but we
94 * tell the host explicitly that we still use VMBUS_MESSAGE_SINT(2) for
95 * compatibility.
96 *
97 * On old hosts, we should always use VMBUS_MESSAGE_CONNECTION_ID (1).
98 */
99 if (version >= VERSION_WIN10_V5) {
100 msg->msg_sint = VMBUS_MESSAGE_SINT;
101 msg->msg_vtl = ms_hyperv.vtl;
102 vmbus_connection.msg_conn_id = VMBUS_MESSAGE_CONNECTION_ID_4;
103 } else {
104 msg->interrupt_page = virt_to_phys(vmbus_connection.int_page);
105 vmbus_connection.msg_conn_id = VMBUS_MESSAGE_CONNECTION_ID;
106 }
107
108 /*
109 * shared_gpa_boundary is zero in non-SNP VMs, so it's safe to always
110 * bitwise OR it
111 */
112 msg->monitor_page1 = virt_to_phys(vmbus_connection.monitor_pages[0]) |
113 ms_hyperv.shared_gpa_boundary;
114 msg->monitor_page2 = virt_to_phys(vmbus_connection.monitor_pages[1]) |
115 ms_hyperv.shared_gpa_boundary;
116
117 msg->target_vcpu = hv_cpu_number_to_vp_number(VMBUS_CONNECT_CPU);
118
119 /*
120 * Add to list before we send the request since we may
121 * receive the response before returning from this routine
122 */
123 spin_lock_irqsave(&vmbus_connection.channelmsg_lock, flags);
124 list_add_tail(&msginfo->msglistentry,
125 &vmbus_connection.chn_msg_list);
126
127 spin_unlock_irqrestore(&vmbus_connection.channelmsg_lock, flags);
128
129 ret = vmbus_post_msg(msg,
130 sizeof(struct vmbus_channel_initiate_contact),
131 true);
132
133 trace_vmbus_negotiate_version(msg, ret);
134
135 if (ret != 0) {
136 spin_lock_irqsave(&vmbus_connection.channelmsg_lock, flags);
137 list_del(&msginfo->msglistentry);
138 spin_unlock_irqrestore(&vmbus_connection.channelmsg_lock,
139 flags);
140 return ret;
141 }
142
143 /* Wait for the connection response */
144 wait_for_completion(&msginfo->waitevent);
145
146 spin_lock_irqsave(&vmbus_connection.channelmsg_lock, flags);
147 list_del(&msginfo->msglistentry);
148 spin_unlock_irqrestore(&vmbus_connection.channelmsg_lock, flags);
149
150 /* Check if successful */
151 if (msginfo->response.version_response.version_supported) {
152 vmbus_connection.conn_state = CONNECTED;
153
154 if (version >= VERSION_WIN10_V5)
155 vmbus_connection.msg_conn_id =
156 msginfo->response.version_response.msg_conn_id;
157 } else {
158 return -ECONNREFUSED;
159 }
160
161 return ret;
162 }
163
164 /*
165 * vmbus_connect - Sends a connect request on the partition service connection
166 */
vmbus_connect(void)167 int vmbus_connect(void)
168 {
169 struct vmbus_channel_msginfo *msginfo = NULL;
170 int i, ret = 0;
171 __u32 version;
172
173 /* Initialize the vmbus connection */
174 vmbus_connection.conn_state = CONNECTING;
175 vmbus_connection.work_queue = create_workqueue("hv_vmbus_con");
176 if (!vmbus_connection.work_queue) {
177 ret = -ENOMEM;
178 goto cleanup;
179 }
180
181 vmbus_connection.rescind_work_queue =
182 create_workqueue("hv_vmbus_rescind");
183 if (!vmbus_connection.rescind_work_queue) {
184 ret = -ENOMEM;
185 goto cleanup;
186 }
187 vmbus_connection.ignore_any_offer_msg = false;
188
189 vmbus_connection.handle_primary_chan_wq =
190 create_workqueue("hv_pri_chan");
191 if (!vmbus_connection.handle_primary_chan_wq) {
192 ret = -ENOMEM;
193 goto cleanup;
194 }
195
196 vmbus_connection.handle_sub_chan_wq =
197 create_workqueue("hv_sub_chan");
198 if (!vmbus_connection.handle_sub_chan_wq) {
199 ret = -ENOMEM;
200 goto cleanup;
201 }
202
203 INIT_LIST_HEAD(&vmbus_connection.chn_msg_list);
204 spin_lock_init(&vmbus_connection.channelmsg_lock);
205
206 INIT_LIST_HEAD(&vmbus_connection.chn_list);
207 mutex_init(&vmbus_connection.channel_mutex);
208
209 /*
210 * The following Hyper-V interrupt and monitor pages can be used by
211 * UIO for mapping to user-space, so they should always be allocated on
212 * system page boundaries. The system page size must be >= the Hyper-V
213 * page size.
214 */
215 BUILD_BUG_ON(PAGE_SIZE < HV_HYP_PAGE_SIZE);
216
217 /*
218 * Setup the vmbus event connection for channel interrupt
219 * abstraction stuff
220 */
221 vmbus_connection.int_page =
222 (void *)__get_free_page(GFP_KERNEL | __GFP_ZERO);
223 if (vmbus_connection.int_page == NULL) {
224 ret = -ENOMEM;
225 goto cleanup;
226 }
227
228 vmbus_connection.recv_int_page = vmbus_connection.int_page;
229 vmbus_connection.send_int_page =
230 (void *)((unsigned long)vmbus_connection.int_page +
231 (HV_HYP_PAGE_SIZE >> 1));
232
233 /*
234 * Setup the monitor notification facility. The 1st page for
235 * parent->child and the 2nd page for child->parent
236 */
237 vmbus_connection.monitor_pages[0] = (void *)__get_free_page(GFP_KERNEL);
238 vmbus_connection.monitor_pages[1] = (void *)__get_free_page(GFP_KERNEL);
239 if ((vmbus_connection.monitor_pages[0] == NULL) ||
240 (vmbus_connection.monitor_pages[1] == NULL)) {
241 ret = -ENOMEM;
242 goto cleanup;
243 }
244
245 ret = set_memory_decrypted((unsigned long)
246 vmbus_connection.monitor_pages[0], 1);
247 ret |= set_memory_decrypted((unsigned long)
248 vmbus_connection.monitor_pages[1], 1);
249 if (ret) {
250 /*
251 * If set_memory_decrypted() fails, the encryption state
252 * of the memory is unknown. So leak the memory instead
253 * of risking returning decrypted memory to the free list.
254 * For simplicity, always handle both pages the same.
255 */
256 vmbus_connection.monitor_pages[0] = NULL;
257 vmbus_connection.monitor_pages[1] = NULL;
258 goto cleanup;
259 }
260
261 /*
262 * Set_memory_decrypted() will change the memory contents if
263 * decryption occurs, so zero monitor pages here.
264 */
265 memset(vmbus_connection.monitor_pages[0], 0x00, HV_HYP_PAGE_SIZE);
266 memset(vmbus_connection.monitor_pages[1], 0x00, HV_HYP_PAGE_SIZE);
267
268 msginfo = kzalloc(sizeof(*msginfo) +
269 sizeof(struct vmbus_channel_initiate_contact),
270 GFP_KERNEL);
271 if (msginfo == NULL) {
272 ret = -ENOMEM;
273 goto cleanup;
274 }
275
276 /*
277 * Negotiate a compatible VMBUS version number with the
278 * host. We start with the highest number we can support
279 * and work our way down until we negotiate a compatible
280 * version.
281 */
282
283 for (i = 0; ; i++) {
284 if (i == ARRAY_SIZE(vmbus_versions)) {
285 ret = -EDOM;
286 goto cleanup;
287 }
288
289 version = vmbus_versions[i];
290 if (version > max_version)
291 continue;
292
293 ret = vmbus_negotiate_version(msginfo, version);
294 if (ret == -ETIMEDOUT)
295 goto cleanup;
296
297 if (vmbus_connection.conn_state == CONNECTED)
298 break;
299 }
300
301 if (hv_is_isolation_supported() && version < VERSION_WIN10_V5_2) {
302 pr_err("Invalid VMBus version %d.%d (expected >= %d.%d) from the host supporting isolation\n",
303 version >> 16, version & 0xFFFF, VERSION_WIN10_V5_2 >> 16, VERSION_WIN10_V5_2 & 0xFFFF);
304 ret = -EINVAL;
305 goto cleanup;
306 }
307
308 vmbus_proto_version = version;
309 pr_info("Vmbus version:%d.%d\n",
310 version >> 16, version & 0xFFFF);
311
312 vmbus_connection.channels = kcalloc(MAX_CHANNEL_RELIDS,
313 sizeof(struct vmbus_channel *),
314 GFP_KERNEL);
315 if (vmbus_connection.channels == NULL) {
316 ret = -ENOMEM;
317 goto cleanup;
318 }
319
320 kfree(msginfo);
321 return 0;
322
323 cleanup:
324 pr_err("Unable to connect to host\n");
325
326 vmbus_connection.conn_state = DISCONNECTED;
327 vmbus_disconnect();
328
329 kfree(msginfo);
330
331 return ret;
332 }
333
vmbus_disconnect(void)334 void vmbus_disconnect(void)
335 {
336 /*
337 * First send the unload request to the host.
338 */
339 vmbus_initiate_unload(false);
340
341 if (vmbus_connection.handle_sub_chan_wq)
342 destroy_workqueue(vmbus_connection.handle_sub_chan_wq);
343
344 if (vmbus_connection.handle_primary_chan_wq)
345 destroy_workqueue(vmbus_connection.handle_primary_chan_wq);
346
347 if (vmbus_connection.rescind_work_queue)
348 destroy_workqueue(vmbus_connection.rescind_work_queue);
349
350 if (vmbus_connection.work_queue)
351 destroy_workqueue(vmbus_connection.work_queue);
352
353 if (vmbus_connection.int_page) {
354 free_page((unsigned long)vmbus_connection.int_page);
355 vmbus_connection.int_page = NULL;
356 }
357
358 if (vmbus_connection.monitor_pages[0]) {
359 if (!set_memory_encrypted(
360 (unsigned long)vmbus_connection.monitor_pages[0], 1))
361 free_page((unsigned long)
362 vmbus_connection.monitor_pages[0]);
363 vmbus_connection.monitor_pages[0] = NULL;
364 }
365
366 if (vmbus_connection.monitor_pages[1]) {
367 if (!set_memory_encrypted(
368 (unsigned long)vmbus_connection.monitor_pages[1], 1))
369 free_page((unsigned long)
370 vmbus_connection.monitor_pages[1]);
371 vmbus_connection.monitor_pages[1] = NULL;
372 }
373 }
374
375 /*
376 * relid2channel - Get the channel object given its
377 * child relative id (ie channel id)
378 */
relid2channel(u32 relid)379 struct vmbus_channel *relid2channel(u32 relid)
380 {
381 if (vmbus_connection.channels == NULL) {
382 pr_warn_once("relid2channel: relid=%d: No channels mapped!\n", relid);
383 return NULL;
384 }
385 if (WARN_ON(relid >= MAX_CHANNEL_RELIDS))
386 return NULL;
387 return READ_ONCE(vmbus_connection.channels[relid]);
388 }
389
390 /*
391 * vmbus_on_event - Process a channel event notification
392 *
393 * For batched channels (default) optimize host to guest signaling
394 * by ensuring:
395 * 1. While reading the channel, we disable interrupts from host.
396 * 2. Ensure that we process all posted messages from the host
397 * before returning from this callback.
398 * 3. Once we return, enable signaling from the host. Once this
399 * state is set we check to see if additional packets are
400 * available to read. In this case we repeat the process.
401 * If this tasklet has been running for a long time
402 * then reschedule ourselves.
403 */
vmbus_on_event(unsigned long data)404 void vmbus_on_event(unsigned long data)
405 {
406 struct vmbus_channel *channel = (void *) data;
407 void (*callback_fn)(void *context);
408
409 trace_vmbus_on_event(channel);
410
411 hv_debug_delay_test(channel, INTERRUPT_DELAY);
412
413 /* A channel once created is persistent even when
414 * there is no driver handling the device. An
415 * unloading driver sets the onchannel_callback to NULL.
416 */
417 callback_fn = READ_ONCE(channel->onchannel_callback);
418 if (unlikely(!callback_fn))
419 return;
420
421 (*callback_fn)(channel->channel_callback_context);
422
423 if (channel->callback_mode != HV_CALL_BATCHED)
424 return;
425
426 if (likely(hv_end_read(&channel->inbound) == 0))
427 return;
428
429 hv_begin_read(&channel->inbound);
430 tasklet_schedule(&channel->callback_event);
431 }
432
433 /*
434 * vmbus_post_msg - Send a msg on the vmbus's message connection
435 */
vmbus_post_msg(void * buffer,size_t buflen,bool can_sleep)436 int vmbus_post_msg(void *buffer, size_t buflen, bool can_sleep)
437 {
438 struct vmbus_channel_message_header *hdr;
439 union hv_connection_id conn_id;
440 int ret = 0;
441 int retries = 0;
442 u32 usec = 1;
443
444 conn_id.asu32 = 0;
445 conn_id.u.id = vmbus_connection.msg_conn_id;
446
447 /*
448 * hv_post_message() can have transient failures because of
449 * insufficient resources. Retry the operation a couple of
450 * times before giving up.
451 */
452 while (retries < 100) {
453 ret = hv_post_message(conn_id, 1, buffer, buflen);
454
455 switch (ret) {
456 case HV_STATUS_INVALID_CONNECTION_ID:
457 /*
458 * See vmbus_negotiate_version(): VMBus protocol 5.0
459 * and higher require that we must use
460 * VMBUS_MESSAGE_CONNECTION_ID_4 for the Initiate
461 * Contact message, but on old hosts that only
462 * support VMBus protocol 4.0 or lower, here we get
463 * HV_STATUS_INVALID_CONNECTION_ID and we should
464 * return an error immediately without retrying.
465 */
466 hdr = buffer;
467 if (hdr->msgtype == CHANNELMSG_INITIATE_CONTACT)
468 return -EINVAL;
469 /*
470 * We could get this if we send messages too
471 * frequently.
472 */
473 ret = -EAGAIN;
474 break;
475 case HV_STATUS_INSUFFICIENT_MEMORY:
476 case HV_STATUS_INSUFFICIENT_BUFFERS:
477 ret = -ENOBUFS;
478 break;
479 case HV_STATUS_SUCCESS:
480 return ret;
481 default:
482 pr_err("hv_post_msg() failed; error code:%d\n", ret);
483 return -EINVAL;
484 }
485
486 retries++;
487 if (can_sleep && usec > 1000)
488 msleep(usec / 1000);
489 else if (usec < MAX_UDELAY_MS * 1000)
490 udelay(usec);
491 else
492 mdelay(usec / 1000);
493
494 if (retries < 22)
495 usec *= 2;
496 }
497 return ret;
498 }
499
500 /*
501 * vmbus_set_event - Send an event notification to the parent
502 */
vmbus_set_event(struct vmbus_channel * channel)503 void vmbus_set_event(struct vmbus_channel *channel)
504 {
505 u32 child_relid = channel->offermsg.child_relid;
506
507 if (!channel->is_dedicated_interrupt)
508 vmbus_send_interrupt(child_relid);
509
510 ++channel->sig_events;
511
512 if (ms_hyperv.paravisor_present) {
513 if (hv_isolation_type_snp())
514 hv_ghcb_hypercall(HVCALL_SIGNAL_EVENT, &channel->sig_event,
515 NULL, sizeof(channel->sig_event));
516 else if (hv_isolation_type_tdx())
517 hv_tdx_hypercall(HVCALL_SIGNAL_EVENT | HV_HYPERCALL_FAST_BIT,
518 channel->sig_event, 0);
519 else
520 WARN_ON_ONCE(1);
521 } else {
522 hv_do_fast_hypercall8(HVCALL_SIGNAL_EVENT, channel->sig_event);
523 }
524 }
525 EXPORT_SYMBOL_GPL(vmbus_set_event);
526