virt/kvm/kvm_main.c

20c8ccb1SThomas Gleixner// SPDX-License-Identifier: GPL-2.0-only
0fce5623SAvi Kivity/*
0fce5623SAvi Kivity * Kernel-based Virtual Machine driver for Linux
0fce5623SAvi Kivity *
0fce5623SAvi Kivity * This module enables machines with Intel VT-x extensions to run virtual
0fce5623SAvi Kivity * machines without emulation or binary translation.
0fce5623SAvi Kivity *
0fce5623SAvi Kivity * Copyright (C) 2006 Qumranet, Inc.
9611c187SNicolas Kaiser * Copyright 2010 Red Hat, Inc. and/or its affiliates.
0fce5623SAvi Kivity *
0fce5623SAvi Kivity * Authors:
0fce5623SAvi Kivity *   Avi Kivity   <avi@qumranet.com>
0fce5623SAvi Kivity *   Yaniv Kamay  <yaniv@qumranet.com>
0fce5623SAvi Kivity */
0fce5623SAvi Kivity
af669ac6SAndre Przywara#include <kvm/iodev.h>
0fce5623SAvi Kivity
0fce5623SAvi Kivity#include <linux/kvm_host.h>
0fce5623SAvi Kivity#include <linux/kvm.h>
0fce5623SAvi Kivity#include <linux/module.h>
0fce5623SAvi Kivity#include <linux/errno.h>
0fce5623SAvi Kivity#include <linux/percpu.h>
0fce5623SAvi Kivity#include <linux/mm.h>
0fce5623SAvi Kivity#include <linux/miscdevice.h>
0fce5623SAvi Kivity#include <linux/vmalloc.h>
0fce5623SAvi Kivity#include <linux/reboot.h>
0fce5623SAvi Kivity#include <linux/debugfs.h>
0fce5623SAvi Kivity#include <linux/highmem.h>
0fce5623SAvi Kivity#include <linux/file.h>
fb3600ccSRafael J. Wysocki#include <linux/syscore_ops.h>
0fce5623SAvi Kivity#include <linux/cpu.h>
174cd4b1SIngo Molnar#include <linux/sched/signal.h>
6e84f315SIngo Molnar#include <linux/sched/mm.h>
03441a34SIngo Molnar#include <linux/sched/stat.h>
0fce5623SAvi Kivity#include <linux/cpumask.h>
0fce5623SAvi Kivity#include <linux/smp.h>
0fce5623SAvi Kivity#include <linux/anon_inodes.h>
0fce5623SAvi Kivity#include <linux/profile.h>
0fce5623SAvi Kivity#include <linux/kvm_para.h>
0fce5623SAvi Kivity#include <linux/pagemap.h>
0fce5623SAvi Kivity#include <linux/mman.h>
35149e21SAnthony Liguori#include <linux/swap.h>
e56d532fSSheng Yang#include <linux/bitops.h>
547de29eSMarcelo Tosatti#include <linux/spinlock.h>
6ff5894cSArnd Bergmann#include <linux/compat.h>
bc6678a3SMarcelo Tosatti#include <linux/srcu.h>
8f0b1ab6SJoerg Roedel#include <linux/hugetlb.h>
5a0e3ad6STejun Heo#include <linux/slab.h>
743eeb0bSSasha Levin#include <linux/sort.h>
743eeb0bSSasha Levin#include <linux/bsearch.h>
c011d23bSPaolo Bonzini#include <linux/io.h>
2eb06c30SWanpeng Li#include <linux/lockdep.h>
c57c8046SJunaid Shahid#include <linux/kthread.h>
2fdef3a2SSergey Senozhatsky#include <linux/suspend.h>
0fce5623SAvi Kivity
0fce5623SAvi Kivity#include <asm/processor.h>
2ea75be3SDavid Matlack#include <asm/ioctl.h>
7c0f6ba6SLinus Torvalds#include <linux/uaccess.h>
0fce5623SAvi Kivity
5f94c174SLaurent Vivier#include "coalesced_mmio.h"
af585b92SGleb Natapov#include "async_pf.h"
982ed0deSDavid Woodhouse#include "kvm_mm.h"
3c3c29fdSPaolo Bonzini#include "vfio.h"
5f94c174SLaurent Vivier
4c8c3c7fSValentin Schneider#include <trace/events/ipi.h>
4c8c3c7fSValentin Schneider
229456fcSMarcelo Tosatti#define CREATE_TRACE_POINTS
229456fcSMarcelo Tosatti#include <trace/events/kvm.h>
229456fcSMarcelo Tosatti
fb04a1edSPeter Xu#include <linux/kvm_dirty_ring.h>
fb04a1edSPeter Xu
4c8c3c7fSValentin Schneider
536a6f88SJanosch Frank/* Worst case buffer size needed for holding an integer. */
536a6f88SJanosch Frank#define ITOA_MAX_LEN 12
536a6f88SJanosch Frank
0fce5623SAvi KivityMODULE_AUTHOR("Qumranet");
0fce5623SAvi KivityMODULE_LICENSE("GPL");
0fce5623SAvi Kivity
920552b2SDavid Hildenbrand/* Architectures should define their poll value according to the halt latency */
ec76d819SSuraj Jitindar Singhunsigned int halt_poll_ns = KVM_HALT_POLL_NS_DEFAULT;
039c5d1bSRoman Storozhenkomodule_param(halt_poll_ns, uint, 0644);
ec76d819SSuraj Jitindar SinghEXPORT_SYMBOL_GPL(halt_poll_ns);
f7819512SPaolo Bonzini
aca6ff29SWanpeng Li/* Default doubles per-vcpu halt_poll_ns. */
ec76d819SSuraj Jitindar Singhunsigned int halt_poll_ns_grow = 2;
039c5d1bSRoman Storozhenkomodule_param(halt_poll_ns_grow, uint, 0644);
ec76d819SSuraj Jitindar SinghEXPORT_SYMBOL_GPL(halt_poll_ns_grow);
aca6ff29SWanpeng Li
49113d36SNir Weiner/* The start value to grow halt_poll_ns from */
49113d36SNir Weinerunsigned int halt_poll_ns_grow_start = 10000; /* 10us */
49113d36SNir Weinermodule_param(halt_poll_ns_grow_start, uint, 0644);
49113d36SNir WeinerEXPORT_SYMBOL_GPL(halt_poll_ns_grow_start);
49113d36SNir Weiner
aca6ff29SWanpeng Li/* Default resets per-vcpu halt_poll_ns . */
ec76d819SSuraj Jitindar Singhunsigned int halt_poll_ns_shrink;
039c5d1bSRoman Storozhenkomodule_param(halt_poll_ns_shrink, uint, 0644);
ec76d819SSuraj Jitindar SinghEXPORT_SYMBOL_GPL(halt_poll_ns_shrink);
aca6ff29SWanpeng Li
fa40a821SMarcelo Tosatti/*
fa40a821SMarcelo Tosatti * Ordering of locks:
fa40a821SMarcelo Tosatti *
fae3a353SSheng Yang *	kvm->lock --> kvm->slots_lock --> kvm->irq_lock
fa40a821SMarcelo Tosatti */
fa40a821SMarcelo Tosatti
0d9ce162SJunaid ShahidDEFINE_MUTEX(kvm_lock);
0fce5623SAvi KivityLIST_HEAD(vm_list);
0fce5623SAvi Kivity
aaba298cSSean Christophersonstatic struct kmem_cache *kvm_vcpu_cache;
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic __read_mostly struct preempt_ops kvm_preempt_ops;
7495e22bSPaolo Bonzinistatic DEFINE_PER_CPU(struct kvm_vcpu *, kvm_running_vcpu);
0fce5623SAvi Kivity
76f7c879SHollis Blanchardstruct dentry *kvm_debugfs_dir;
e23a808bSPaul MackerrasEXPORT_SYMBOL_GPL(kvm_debugfs_dir);
0fce5623SAvi Kivity
09cbcef6SMilan Pandurovstatic const struct file_operations stat_fops_per_vm;
536a6f88SJanosch Frank
5f6de5cbSDavid Matlackstatic struct file_operations kvm_chardev_ops;
5f6de5cbSDavid Matlack
0fce5623SAvi Kivitystatic long kvm_vcpu_ioctl(struct file *file, unsigned int ioctl,
0fce5623SAvi Kivity			   unsigned long arg);
de8e5d74SChristian Borntraeger#ifdef CONFIG_KVM_COMPAT
1dda606cSAlexander Grafstatic long kvm_vcpu_compat_ioctl(struct file *file, unsigned int ioctl,
1dda606cSAlexander Graf				  unsigned long arg);
7ddfd3e0SMarc Zyngier#define KVM_COMPAT(c)	.compat_ioctl	= (c)
7ddfd3e0SMarc Zyngier#else
9cb09e7cSMarc Zyngier/*
9cb09e7cSMarc Zyngier * For architectures that don't implement a compat infrastructure,
9cb09e7cSMarc Zyngier * adopt a double line of defense:
9cb09e7cSMarc Zyngier * - Prevent a compat task from opening /dev/kvm
9cb09e7cSMarc Zyngier * - If the open has been done by a 64bit task, and the KVM fd
9cb09e7cSMarc Zyngier *   passed to a compat task, let the ioctls fail.
9cb09e7cSMarc Zyngier */
7ddfd3e0SMarc Zyngierstatic long kvm_no_compat_ioctl(struct file *file, unsigned int ioctl,
7ddfd3e0SMarc Zyngier				unsigned long arg) { return -EINVAL; }
b9876e6dSMarc Zyngier
b9876e6dSMarc Zyngierstatic int kvm_no_compat_open(struct inode *inode, struct file *file)
b9876e6dSMarc Zyngier{
b9876e6dSMarc Zyngier	return is_compat_task() ? -ENODEV : 0;
b9876e6dSMarc Zyngier}
b9876e6dSMarc Zyngier#define KVM_COMPAT(c)	.compat_ioctl	= kvm_no_compat_ioctl,	\
b9876e6dSMarc Zyngier			.open		= kvm_no_compat_open
1dda606cSAlexander Graf#endif
10474ae8SAlexander Grafstatic int hardware_enable_all(void);
10474ae8SAlexander Grafstatic void hardware_disable_all(void);
0fce5623SAvi Kivity
e93f8a0fSMarcelo Tosattistatic void kvm_io_bus_destroy(struct kvm_io_bus *bus);
7940876eSStephen Hemminger
286de8f6SClaudio Imbrenda#define KVM_EVENT_CREATE_VM 0
286de8f6SClaudio Imbrenda#define KVM_EVENT_DESTROY_VM 1
286de8f6SClaudio Imbrendastatic void kvm_uevent_notify_change(unsigned int type, struct kvm *kvm);
286de8f6SClaudio Imbrendastatic unsigned long long kvm_createvm_count;
286de8f6SClaudio Imbrendastatic unsigned long long kvm_active_vms;
286de8f6SClaudio Imbrenda
baff59ccSVitaly Kuznetsovstatic DEFINE_PER_CPU(cpumask_var_t, cpu_kick_mask);
baff59ccSVitaly Kuznetsov
683412ccSMingwei Zhang__weak void kvm_arch_guest_memory_reclaimed(struct kvm *kvm)
683412ccSMingwei Zhang{
683412ccSMingwei Zhang}
683412ccSMingwei Zhang
284dc493SSean Christophersonbool kvm_is_zone_device_page(struct page *page)
a78986aaSSean Christopherson{
a78986aaSSean Christopherson	/*
a78986aaSSean Christopherson	 * The metadata used by is_zone_device_page() to determine whether or
a78986aaSSean Christopherson	 * not a page is ZONE_DEVICE is guaranteed to be valid if and only if
a78986aaSSean Christopherson	 * the device has been pinned, e.g. by get_user_pages().  WARN if the
a78986aaSSean Christopherson	 * page_count() is zero to help detect bad usage of this helper.
a78986aaSSean Christopherson	 */
284dc493SSean Christopherson	if (WARN_ON_ONCE(!page_count(page)))
a78986aaSSean Christopherson		return false;
a78986aaSSean Christopherson
284dc493SSean Christopherson	return is_zone_device_page(page);
a78986aaSSean Christopherson}
a78986aaSSean Christopherson
b14b2690SSean Christopherson/*
b14b2690SSean Christopherson * Returns a 'struct page' if the pfn is "valid" and backed by a refcounted
b14b2690SSean Christopherson * page, NULL otherwise.  Note, the list of refcounted PG_reserved page types
b14b2690SSean Christopherson * is likely incomplete, it has been compiled purely through people wanting to
b14b2690SSean Christopherson * back guest with a certain type of memory and encountering issues.
b14b2690SSean Christopherson */
b14b2690SSean Christophersonstruct page *kvm_pfn_to_refcounted_page(kvm_pfn_t pfn)
cbff90a7SBen-Ami Yassour{
b14b2690SSean Christopherson	struct page *page;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	if (!pfn_valid(pfn))
b14b2690SSean Christopherson		return NULL;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	page = pfn_to_page(pfn);
b14b2690SSean Christopherson	if (!PageReserved(page))
b14b2690SSean Christopherson		return page;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	/* The ZERO_PAGE(s) is marked PG_reserved, but is refcounted. */
b14b2690SSean Christopherson	if (is_zero_pfn(pfn))
b14b2690SSean Christopherson		return page;
b14b2690SSean Christopherson
a78986aaSSean Christopherson	/*
a78986aaSSean Christopherson	 * ZONE_DEVICE pages currently set PG_reserved, but from a refcounting
a78986aaSSean Christopherson	 * perspective they are "normal" pages, albeit with slightly different
a78986aaSSean Christopherson	 * usage rules.
a78986aaSSean Christopherson	 */
b14b2690SSean Christopherson	if (kvm_is_zone_device_page(page))
b14b2690SSean Christopherson		return page;
cbff90a7SBen-Ami Yassour
b14b2690SSean Christopherson	return NULL;
cbff90a7SBen-Ami Yassour}
cbff90a7SBen-Ami Yassour
0fce5623SAvi Kivity/*
0fce5623SAvi Kivity * Switches to specified vcpu, until a matching vcpu_put()
0fce5623SAvi Kivity */
ec7660ccSChristoffer Dallvoid vcpu_load(struct kvm_vcpu *vcpu)
0fce5623SAvi Kivity{
ec7660ccSChristoffer Dall	int cpu = get_cpu();
7495e22bSPaolo Bonzini
7495e22bSPaolo Bonzini	__this_cpu_write(kvm_running_vcpu, vcpu);
0fce5623SAvi Kivity	preempt_notifier_register(&vcpu->preempt_notifier);
0fce5623SAvi Kivity	kvm_arch_vcpu_load(vcpu, cpu);
0fce5623SAvi Kivity	put_cpu();
0fce5623SAvi Kivity}
2f1fe811SJim MattsonEXPORT_SYMBOL_GPL(vcpu_load);
0fce5623SAvi Kivity
0fce5623SAvi Kivityvoid vcpu_put(struct kvm_vcpu *vcpu)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	preempt_disable();
0fce5623SAvi Kivity	kvm_arch_vcpu_put(vcpu);
0fce5623SAvi Kivity	preempt_notifier_unregister(&vcpu->preempt_notifier);
7495e22bSPaolo Bonzini	__this_cpu_write(kvm_running_vcpu, NULL);
0fce5623SAvi Kivity	preempt_enable();
0fce5623SAvi Kivity}
2f1fe811SJim MattsonEXPORT_SYMBOL_GPL(vcpu_put);
0fce5623SAvi Kivity
7a97cec2SPaolo Bonzini/* TODO: merge with kvm_arch_vcpu_should_kick */
7a97cec2SPaolo Bonzinistatic bool kvm_request_needs_ipi(struct kvm_vcpu *vcpu, unsigned req)
7a97cec2SPaolo Bonzini{
7a97cec2SPaolo Bonzini	int mode = kvm_vcpu_exiting_guest_mode(vcpu);
7a97cec2SPaolo Bonzini
7a97cec2SPaolo Bonzini	/*
7a97cec2SPaolo Bonzini	 * We need to wait for the VCPU to reenable interrupts and get out of
7a97cec2SPaolo Bonzini	 * READING_SHADOW_PAGE_TABLES mode.
7a97cec2SPaolo Bonzini	 */
7a97cec2SPaolo Bonzini	if (req & KVM_REQUEST_WAIT)
7a97cec2SPaolo Bonzini		return mode != OUTSIDE_GUEST_MODE;
7a97cec2SPaolo Bonzini
7a97cec2SPaolo Bonzini	/*
7a97cec2SPaolo Bonzini	 * Need to kick a running VCPU, but otherwise there is nothing to do.
7a97cec2SPaolo Bonzini	 */
7a97cec2SPaolo Bonzini	return mode == IN_GUEST_MODE;
7a97cec2SPaolo Bonzini}
7a97cec2SPaolo Bonzini
f24b44e4SLai Jiangshanstatic void ack_kick(void *_completed)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
620b2438SVitaly Kuznetsovstatic inline bool kvm_kick_many_cpus(struct cpumask *cpus, bool wait)
b49defe8SPaolo Bonzini{
b49defe8SPaolo Bonzini	if (cpumask_empty(cpus))
b49defe8SPaolo Bonzini		return false;
b49defe8SPaolo Bonzini
f24b44e4SLai Jiangshan	smp_call_function_many(cpus, ack_kick, NULL, wait);
b49defe8SPaolo Bonzini	return true;
b49defe8SPaolo Bonzini}
b49defe8SPaolo Bonzini
b56bd8e0SJinrong Liangstatic void kvm_make_vcpu_request(struct kvm_vcpu *vcpu, unsigned int req,
b56bd8e0SJinrong Liang				  struct cpumask *tmp, int current_cpu)
0fce5623SAvi Kivity{
ae0946cdSVitaly Kuznetsov	int cpu;
7053df4eSVitaly Kuznetsov
df06dae3SSean Christopherson	if (likely(!(req & KVM_REQUEST_NO_ACTION)))
df06dae3SSean Christopherson		__kvm_make_request(req, vcpu);
6b7e2d09SXiao Guangrong
178f02ffSRadim Krčmář	if (!(req & KVM_REQUEST_NO_WAKEUP) && kvm_vcpu_wake_up(vcpu))
ae0946cdSVitaly Kuznetsov		return;
6c6e8360SRadim Krčmář
85b64045SSean Christopherson	/*
ae0946cdSVitaly Kuznetsov	 * Note, the vCPU could get migrated to a different pCPU at any point
ae0946cdSVitaly Kuznetsov	 * after kvm_request_needs_ipi(), which could result in sending an IPI
ae0946cdSVitaly Kuznetsov	 * to the previous pCPU.  But, that's OK because the purpose of the IPI
ae0946cdSVitaly Kuznetsov	 * is to ensure the vCPU returns to OUTSIDE_GUEST_MODE, which is
ae0946cdSVitaly Kuznetsov	 * satisfied if the vCPU migrates. Entering READING_SHADOW_PAGE_TABLES
ae0946cdSVitaly Kuznetsov	 * after this point is also OK, as the requirement is only that KVM wait
ae0946cdSVitaly Kuznetsov	 * for vCPUs that were reading SPTEs _before_ any changes were
ae0946cdSVitaly Kuznetsov	 * finalized. See kvm_vcpu_kick() for more details on handling requests.
85b64045SSean Christopherson	 */
0bbc2ca8SSean Christopherson	if (kvm_request_needs_ipi(vcpu, req)) {
85b64045SSean Christopherson		cpu = READ_ONCE(vcpu->cpu);
ae0946cdSVitaly Kuznetsov		if (cpu != -1 && cpu != current_cpu)
7053df4eSVitaly Kuznetsov			__cpumask_set_cpu(cpu, tmp);
0fce5623SAvi Kivity	}
85b64045SSean Christopherson}
7053df4eSVitaly Kuznetsov
ae0946cdSVitaly Kuznetsovbool kvm_make_vcpus_request_mask(struct kvm *kvm, unsigned int req,
620b2438SVitaly Kuznetsov				 unsigned long *vcpu_bitmap)
ae0946cdSVitaly Kuznetsov{
ae0946cdSVitaly Kuznetsov	struct kvm_vcpu *vcpu;
620b2438SVitaly Kuznetsov	struct cpumask *cpus;
ae0946cdSVitaly Kuznetsov	int i, me;
ae0946cdSVitaly Kuznetsov	bool called;
ae0946cdSVitaly Kuznetsov
ae0946cdSVitaly Kuznetsov	me = get_cpu();
ae0946cdSVitaly Kuznetsov
620b2438SVitaly Kuznetsov	cpus = this_cpu_cpumask_var_ptr(cpu_kick_mask);
620b2438SVitaly Kuznetsov	cpumask_clear(cpus);
620b2438SVitaly Kuznetsov
ae0946cdSVitaly Kuznetsov	for_each_set_bit(i, vcpu_bitmap, KVM_MAX_VCPUS) {
ae0946cdSVitaly Kuznetsov		vcpu = kvm_get_vcpu(kvm, i);
381cecc5SVitaly Kuznetsov		if (!vcpu)
ae0946cdSVitaly Kuznetsov			continue;
b56bd8e0SJinrong Liang		kvm_make_vcpu_request(vcpu, req, cpus, me);
ae0946cdSVitaly Kuznetsov	}
ae0946cdSVitaly Kuznetsov
620b2438SVitaly Kuznetsov	called = kvm_kick_many_cpus(cpus, !!(req & KVM_REQUEST_WAIT));
3cba4130SXiao Guangrong	put_cpu();
7053df4eSVitaly Kuznetsov
7053df4eSVitaly Kuznetsov	return called;
7053df4eSVitaly Kuznetsov}
7053df4eSVitaly Kuznetsov
54163a34SSuravee Suthikulpanitbool kvm_make_all_cpus_request_except(struct kvm *kvm, unsigned int req,
54163a34SSuravee Suthikulpanit				      struct kvm_vcpu *except)
7053df4eSVitaly Kuznetsov{
ae0946cdSVitaly Kuznetsov	struct kvm_vcpu *vcpu;
baff59ccSVitaly Kuznetsov	struct cpumask *cpus;
46808a4cSMarc Zyngier	unsigned long i;
7053df4eSVitaly Kuznetsov	bool called;
46808a4cSMarc Zyngier	int me;
7053df4eSVitaly Kuznetsov
ae0946cdSVitaly Kuznetsov	me = get_cpu();
ae0946cdSVitaly Kuznetsov
baff59ccSVitaly Kuznetsov	cpus = this_cpu_cpumask_var_ptr(cpu_kick_mask);
baff59ccSVitaly Kuznetsov	cpumask_clear(cpus);
baff59ccSVitaly Kuznetsov
ae0946cdSVitaly Kuznetsov	kvm_for_each_vcpu(i, vcpu, kvm) {
ae0946cdSVitaly Kuznetsov		if (vcpu == except)
ae0946cdSVitaly Kuznetsov			continue;
b56bd8e0SJinrong Liang		kvm_make_vcpu_request(vcpu, req, cpus, me);
ae0946cdSVitaly Kuznetsov	}
ae0946cdSVitaly Kuznetsov
ae0946cdSVitaly Kuznetsov	called = kvm_kick_many_cpus(cpus, !!(req & KVM_REQUEST_WAIT));
ae0946cdSVitaly Kuznetsov	put_cpu();
7053df4eSVitaly Kuznetsov
49846896SRusty Russell	return called;
49846896SRusty Russell}
49846896SRusty Russell
54163a34SSuravee Suthikulpanitbool kvm_make_all_cpus_request(struct kvm *kvm, unsigned int req)
54163a34SSuravee Suthikulpanit{
54163a34SSuravee Suthikulpanit	return kvm_make_all_cpus_request_except(kvm, req, NULL);
54163a34SSuravee Suthikulpanit}
a2486020SMarcelo TosattiEXPORT_SYMBOL_GPL(kvm_make_all_cpus_request);
54163a34SSuravee Suthikulpanit
49846896SRusty Russellvoid kvm_flush_remote_tlbs(struct kvm *kvm)
49846896SRusty Russell{
3cc4e148SJing Zhang	++kvm->stat.generic.remote_tlb_flush_requests;
6bc6db00SLai Jiangshan
4ae3cb3aSLan Tianyu	/*
4ae3cb3aSLan Tianyu	 * We want to publish modifications to the page tables before reading
4ae3cb3aSLan Tianyu	 * mode. Pairs with a memory barrier in arch-specific code.
4ae3cb3aSLan Tianyu	 * - x86: smp_mb__after_srcu_read_unlock in vcpu_enter_guest
4ae3cb3aSLan Tianyu	 * and smp_mb in walk_shadow_page_lockless_begin/end.
4ae3cb3aSLan Tianyu	 * - powerpc: smp_mb in kvmppc_prepare_to_enter.
4ae3cb3aSLan Tianyu	 *
4ae3cb3aSLan Tianyu	 * There is already an smp_mb__after_atomic() before
4ae3cb3aSLan Tianyu	 * kvm_make_all_cpus_request() reads vcpu->mode. We reuse that
4ae3cb3aSLan Tianyu	 * barrier here.
4ae3cb3aSLan Tianyu	 */
a1342c80SDavid Matlack	if (!kvm_arch_flush_remote_tlbs(kvm)
b08660e5STianyu Lan	    || kvm_make_all_cpus_request(kvm, KVM_REQ_TLB_FLUSH))
0193cc90SJing Zhang		++kvm->stat.generic.remote_tlb_flush;
0fce5623SAvi Kivity}
2ba9f0d8SAneesh Kumar K.VEXPORT_SYMBOL_GPL(kvm_flush_remote_tlbs);
0fce5623SAvi Kivity
d4788996SDavid Matlackvoid kvm_flush_remote_tlbs_range(struct kvm *kvm, gfn_t gfn, u64 nr_pages)
d4788996SDavid Matlack{
d4788996SDavid Matlack	if (!kvm_arch_flush_remote_tlbs_range(kvm, gfn, nr_pages))
d4788996SDavid Matlack		return;
d4788996SDavid Matlack
d4788996SDavid Matlack	/*
d4788996SDavid Matlack	 * Fall back to a flushing entire TLBs if the architecture range-based
d4788996SDavid Matlack	 * TLB invalidation is unsupported or can't be performed for whatever
d4788996SDavid Matlack	 * reason.
d4788996SDavid Matlack	 */
d4788996SDavid Matlack	kvm_flush_remote_tlbs(kvm);
d4788996SDavid Matlack}
d4788996SDavid Matlack
619b5072SDavid Matlackvoid kvm_flush_remote_tlbs_memslot(struct kvm *kvm,
619b5072SDavid Matlack				   const struct kvm_memory_slot *memslot)
619b5072SDavid Matlack{
619b5072SDavid Matlack	/*
619b5072SDavid Matlack	 * All current use cases for flushing the TLBs for a specific memslot
619b5072SDavid Matlack	 * are related to dirty logging, and many do the TLB flush out of
619b5072SDavid Matlack	 * mmu_lock. The interaction between the various operations on memslot
619b5072SDavid Matlack	 * must be serialized by slots_locks to ensure the TLB flush from one
619b5072SDavid Matlack	 * operation is observed by any other operation on the same memslot.
619b5072SDavid Matlack	 */
619b5072SDavid Matlack	lockdep_assert_held(&kvm->slots_lock);
619b5072SDavid Matlack	kvm_flush_remote_tlbs_range(kvm, memslot->base_gfn, memslot->npages);
619b5072SDavid Matlack}
0fce5623SAvi Kivity
683412ccSMingwei Zhangstatic void kvm_flush_shadow_all(struct kvm *kvm)
683412ccSMingwei Zhang{
683412ccSMingwei Zhang	kvm_arch_flush_shadow_all(kvm);
683412ccSMingwei Zhang	kvm_arch_guest_memory_reclaimed(kvm);
683412ccSMingwei Zhang}
683412ccSMingwei Zhang
6926f95aSSean Christopherson#ifdef KVM_ARCH_NR_OBJS_PER_MEMORY_CACHE
6926f95aSSean Christophersonstatic inline void *mmu_memory_cache_alloc_obj(struct kvm_mmu_memory_cache *mc,
6926f95aSSean Christopherson					       gfp_t gfp_flags)
6926f95aSSean Christopherson{
6926f95aSSean Christopherson	gfp_flags |= mc->gfp_zero;
6926f95aSSean Christopherson
6926f95aSSean Christopherson	if (mc->kmem_cache)
6926f95aSSean Christopherson		return kmem_cache_alloc(mc->kmem_cache, gfp_flags);
6926f95aSSean Christopherson	else
6926f95aSSean Christopherson		return (void *)__get_free_page(gfp_flags);
6926f95aSSean Christopherson}
6926f95aSSean Christopherson
837f66c7SDavid Matlackint __kvm_mmu_topup_memory_cache(struct kvm_mmu_memory_cache *mc, int capacity, int min)
6926f95aSSean Christopherson{
63f4b210SPaolo Bonzini	gfp_t gfp = mc->gfp_custom ? mc->gfp_custom : GFP_KERNEL_ACCOUNT;
6926f95aSSean Christopherson	void *obj;
6926f95aSSean Christopherson
6926f95aSSean Christopherson	if (mc->nobjs >= min)
6926f95aSSean Christopherson		return 0;
837f66c7SDavid Matlack
837f66c7SDavid Matlack	if (unlikely(!mc->objects)) {
837f66c7SDavid Matlack		if (WARN_ON_ONCE(!capacity))
837f66c7SDavid Matlack			return -EIO;
837f66c7SDavid Matlack
837f66c7SDavid Matlack		mc->objects = kvmalloc_array(sizeof(void *), capacity, gfp);
837f66c7SDavid Matlack		if (!mc->objects)
837f66c7SDavid Matlack			return -ENOMEM;
837f66c7SDavid Matlack
837f66c7SDavid Matlack		mc->capacity = capacity;
837f66c7SDavid Matlack	}
837f66c7SDavid Matlack
837f66c7SDavid Matlack	/* It is illegal to request a different capacity across topups. */
837f66c7SDavid Matlack	if (WARN_ON_ONCE(mc->capacity != capacity))
837f66c7SDavid Matlack		return -EIO;
837f66c7SDavid Matlack
837f66c7SDavid Matlack	while (mc->nobjs < mc->capacity) {
837f66c7SDavid Matlack		obj = mmu_memory_cache_alloc_obj(mc, gfp);
6926f95aSSean Christopherson		if (!obj)
6926f95aSSean Christopherson			return mc->nobjs >= min ? 0 : -ENOMEM;
6926f95aSSean Christopherson		mc->objects[mc->nobjs++] = obj;
6926f95aSSean Christopherson	}
6926f95aSSean Christopherson	return 0;
6926f95aSSean Christopherson}
6926f95aSSean Christopherson
837f66c7SDavid Matlackint kvm_mmu_topup_memory_cache(struct kvm_mmu_memory_cache *mc, int min)
837f66c7SDavid Matlack{
837f66c7SDavid Matlack	return __kvm_mmu_topup_memory_cache(mc, KVM_ARCH_NR_OBJS_PER_MEMORY_CACHE, min);
837f66c7SDavid Matlack}
837f66c7SDavid Matlack
6926f95aSSean Christophersonint kvm_mmu_memory_cache_nr_free_objects(struct kvm_mmu_memory_cache *mc)
6926f95aSSean Christopherson{
6926f95aSSean Christopherson	return mc->nobjs;
6926f95aSSean Christopherson}
6926f95aSSean Christopherson
6926f95aSSean Christophersonvoid kvm_mmu_free_memory_cache(struct kvm_mmu_memory_cache *mc)
6926f95aSSean Christopherson{
6926f95aSSean Christopherson	while (mc->nobjs) {
6926f95aSSean Christopherson		if (mc->kmem_cache)
6926f95aSSean Christopherson			kmem_cache_free(mc->kmem_cache, mc->objects[--mc->nobjs]);
6926f95aSSean Christopherson		else
6926f95aSSean Christopherson			free_page((unsigned long)mc->objects[--mc->nobjs]);
6926f95aSSean Christopherson	}
837f66c7SDavid Matlack
837f66c7SDavid Matlack	kvfree(mc->objects);
837f66c7SDavid Matlack
837f66c7SDavid Matlack	mc->objects = NULL;
837f66c7SDavid Matlack	mc->capacity = 0;
6926f95aSSean Christopherson}
6926f95aSSean Christopherson
6926f95aSSean Christophersonvoid *kvm_mmu_memory_cache_alloc(struct kvm_mmu_memory_cache *mc)
6926f95aSSean Christopherson{
6926f95aSSean Christopherson	void *p;
6926f95aSSean Christopherson
6926f95aSSean Christopherson	if (WARN_ON(!mc->nobjs))
6926f95aSSean Christopherson		p = mmu_memory_cache_alloc_obj(mc, GFP_ATOMIC | __GFP_ACCOUNT);
6926f95aSSean Christopherson	else
6926f95aSSean Christopherson		p = mc->objects[--mc->nobjs];
6926f95aSSean Christopherson	BUG_ON(!p);
6926f95aSSean Christopherson	return p;
6926f95aSSean Christopherson}
6926f95aSSean Christopherson#endif
6926f95aSSean Christopherson
8bd826d6SSean Christophersonstatic void kvm_vcpu_init(struct kvm_vcpu *vcpu, struct kvm *kvm, unsigned id)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	mutex_init(&vcpu->mutex);
0fce5623SAvi Kivity	vcpu->cpu = -1;
0fce5623SAvi Kivity	vcpu->kvm = kvm;
0fce5623SAvi Kivity	vcpu->vcpu_id = id;
34bb10b7SRik van Riel	vcpu->pid = NULL;
510958e9SSean Christopherson#ifndef __KVM_HAVE_ARCH_WQP
da4ad88cSDavidlohr Bueso	rcuwait_init(&vcpu->wait);
510958e9SSean Christopherson#endif
af585b92SGleb Natapov	kvm_async_pf_vcpu_init(vcpu);
0fce5623SAvi Kivity
4c088493SRaghavendra K T	kvm_vcpu_set_in_spin_loop(vcpu, false);
4c088493SRaghavendra K T	kvm_vcpu_set_dy_eligible(vcpu, false);
3a08a8f9SRaghavendra K T	vcpu->preempted = false;
d73eb57bSWanpeng Li	vcpu->ready = false;
d5c48debSSean Christopherson	preempt_notifier_init(&vcpu->preempt_notifier, &kvm_preempt_ops);
a54d8066SMaciej S. Szmigiero	vcpu->last_used_slot = NULL;
58fc1166SOliver Upton
58fc1166SOliver Upton	/* Fill the stats id string for the vcpu */
58fc1166SOliver Upton	snprintf(vcpu->stats_id, sizeof(vcpu->stats_id), "kvm-%d/vcpu-%d",
58fc1166SOliver Upton		 task_pid_nr(current), id);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
27592ae8SMarc Zyngierstatic void kvm_vcpu_destroy(struct kvm_vcpu *vcpu)
4543bdc0SSean Christopherson{
4543bdc0SSean Christopherson	kvm_arch_vcpu_destroy(vcpu);
5593473aSPaolo Bonzini	kvm_dirty_ring_free(&vcpu->dirty_ring);
e529ef66SSean Christopherson
9941d224SSean Christopherson	/*
9941d224SSean Christopherson	 * No need for rcu_read_lock as VCPU_RUN is the only place that changes
9941d224SSean Christopherson	 * the vcpu->pid pointer, and at destruction time all file descriptors
9941d224SSean Christopherson	 * are already gone.
9941d224SSean Christopherson	 */
9941d224SSean Christopherson	put_pid(rcu_dereference_protected(vcpu->pid, 1));
9941d224SSean Christopherson
8bd826d6SSean Christopherson	free_page((unsigned long)vcpu->run);
e529ef66SSean Christopherson	kmem_cache_free(kvm_vcpu_cache, vcpu);
4543bdc0SSean Christopherson}
27592ae8SMarc Zyngier
27592ae8SMarc Zyngiervoid kvm_destroy_vcpus(struct kvm *kvm)
27592ae8SMarc Zyngier{
46808a4cSMarc Zyngier	unsigned long i;
27592ae8SMarc Zyngier	struct kvm_vcpu *vcpu;
27592ae8SMarc Zyngier
27592ae8SMarc Zyngier	kvm_for_each_vcpu(i, vcpu, kvm) {
27592ae8SMarc Zyngier		kvm_vcpu_destroy(vcpu);
c5b07754SMarc Zyngier		xa_erase(&kvm->vcpu_array, i);
27592ae8SMarc Zyngier	}
27592ae8SMarc Zyngier
27592ae8SMarc Zyngier	atomic_set(&kvm->online_vcpus, 0);
27592ae8SMarc Zyngier}
27592ae8SMarc ZyngierEXPORT_SYMBOL_GPL(kvm_destroy_vcpus);
4543bdc0SSean Christopherson
e930bffeSAndrea Arcangeli#if defined(CONFIG_MMU_NOTIFIER) && defined(KVM_ARCH_WANT_MMU_NOTIFIER)
e930bffeSAndrea Arcangelistatic inline struct kvm *mmu_notifier_to_kvm(struct mmu_notifier *mn)
e930bffeSAndrea Arcangeli{
e930bffeSAndrea Arcangeli	return container_of(mn, struct kvm, mmu_notifier);
e930bffeSAndrea Arcangeli}
e930bffeSAndrea Arcangeli
3039bcc7SSean Christophersontypedef bool (*hva_handler_t)(struct kvm *kvm, struct kvm_gfn_range *range);
3039bcc7SSean Christopherson
f922bd9bSSean Christophersontypedef void (*on_lock_fn_t)(struct kvm *kvm, unsigned long start,
f922bd9bSSean Christopherson			     unsigned long end);
f922bd9bSSean Christopherson
683412ccSMingwei Zhangtypedef void (*on_unlock_fn_t)(struct kvm *kvm);
683412ccSMingwei Zhang
3039bcc7SSean Christophersonstruct kvm_hva_range {
3039bcc7SSean Christopherson	unsigned long start;
3039bcc7SSean Christopherson	unsigned long end;
3e1efe2bSSean Christopherson	union kvm_mmu_notifier_arg arg;
3039bcc7SSean Christopherson	hva_handler_t handler;
f922bd9bSSean Christopherson	on_lock_fn_t on_lock;
683412ccSMingwei Zhang	on_unlock_fn_t on_unlock;
3039bcc7SSean Christopherson	bool flush_on_ret;
3039bcc7SSean Christopherson	bool may_block;
3039bcc7SSean Christopherson};
3039bcc7SSean Christopherson
f922bd9bSSean Christopherson/*
f922bd9bSSean Christopherson * Use a dedicated stub instead of NULL to indicate that there is no callback
f922bd9bSSean Christopherson * function/handler.  The compiler technically can't guarantee that a real
f922bd9bSSean Christopherson * function will have a non-zero address, and so it will generate code to
f922bd9bSSean Christopherson * check for !NULL, whereas comparing against a stub will be elided at compile
f922bd9bSSean Christopherson * time (unless the compiler is getting long in the tooth, e.g. gcc 4.9).
f922bd9bSSean Christopherson */
f922bd9bSSean Christophersonstatic void kvm_null_fn(void)
f922bd9bSSean Christopherson{
f922bd9bSSean Christopherson
f922bd9bSSean Christopherson}
f922bd9bSSean Christopherson#define IS_KVM_NULL_FN(fn) ((fn) == (void *)kvm_null_fn)
f922bd9bSSean Christopherson
3e1efe2bSSean Christophersonstatic const union kvm_mmu_notifier_arg KVM_MMU_NOTIFIER_NO_ARG;
3e1efe2bSSean Christopherson
ed922739SMaciej S. Szmigiero/* Iterate over each memslot intersecting [start, last] (inclusive) range */
ed922739SMaciej S. Szmigiero#define kvm_for_each_memslot_in_hva_range(node, slots, start, last)	     \
ed922739SMaciej S. Szmigiero	for (node = interval_tree_iter_first(&slots->hva_tree, start, last); \
ed922739SMaciej S. Szmigiero	     node;							     \
ed922739SMaciej S. Szmigiero	     node = interval_tree_iter_next(node, start, last))	     \
ed922739SMaciej S. Szmigiero
3039bcc7SSean Christophersonstatic __always_inline int __kvm_handle_hva_range(struct kvm *kvm,
3039bcc7SSean Christopherson						  const struct kvm_hva_range *range)
3039bcc7SSean Christopherson{
8931a454SSean Christopherson	bool ret = false, locked = false;
f922bd9bSSean Christopherson	struct kvm_gfn_range gfn_range;
3039bcc7SSean Christopherson	struct kvm_memory_slot *slot;
3039bcc7SSean Christopherson	struct kvm_memslots *slots;
3039bcc7SSean Christopherson	int i, idx;
3039bcc7SSean Christopherson
ed922739SMaciej S. Szmigiero	if (WARN_ON_ONCE(range->end <= range->start))
ed922739SMaciej S. Szmigiero		return 0;
ed922739SMaciej S. Szmigiero
f922bd9bSSean Christopherson	/* A null handler is allowed if and only if on_lock() is provided. */
f922bd9bSSean Christopherson	if (WARN_ON_ONCE(IS_KVM_NULL_FN(range->on_lock) &&
f922bd9bSSean Christopherson			 IS_KVM_NULL_FN(range->handler)))
f922bd9bSSean Christopherson		return 0;
f922bd9bSSean Christopherson
3039bcc7SSean Christopherson	idx = srcu_read_lock(&kvm->srcu);
3039bcc7SSean Christopherson
3039bcc7SSean Christopherson	for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++) {
ed922739SMaciej S. Szmigiero		struct interval_tree_node *node;
ed922739SMaciej S. Szmigiero
3039bcc7SSean Christopherson		slots = __kvm_memslots(kvm, i);
ed922739SMaciej S. Szmigiero		kvm_for_each_memslot_in_hva_range(node, slots,
ed922739SMaciej S. Szmigiero						  range->start, range->end - 1) {
3039bcc7SSean Christopherson			unsigned long hva_start, hva_end;
3039bcc7SSean Christopherson
a54d8066SMaciej S. Szmigiero			slot = container_of(node, struct kvm_memory_slot, hva_node[slots->node_idx]);
3039bcc7SSean Christopherson			hva_start = max(range->start, slot->userspace_addr);
3039bcc7SSean Christopherson			hva_end = min(range->end, slot->userspace_addr +
3039bcc7SSean Christopherson						  (slot->npages << PAGE_SHIFT));
3039bcc7SSean Christopherson
3039bcc7SSean Christopherson			/*
3039bcc7SSean Christopherson			 * To optimize for the likely case where the address
3039bcc7SSean Christopherson			 * range is covered by zero or one memslots, don't
3039bcc7SSean Christopherson			 * bother making these conditional (to avoid writes on
3039bcc7SSean Christopherson			 * the second or later invocation of the handler).
3039bcc7SSean Christopherson			 */
3e1efe2bSSean Christopherson			gfn_range.arg = range->arg;
3039bcc7SSean Christopherson			gfn_range.may_block = range->may_block;
3039bcc7SSean Christopherson
3039bcc7SSean Christopherson			/*
3039bcc7SSean Christopherson			 * {gfn(page) | page intersects with [hva_start, hva_end)} =
3039bcc7SSean Christopherson			 * {gfn_start, gfn_start+1, ..., gfn_end-1}.
3039bcc7SSean Christopherson			 */
3039bcc7SSean Christopherson			gfn_range.start = hva_to_gfn_memslot(hva_start, slot);
3039bcc7SSean Christopherson			gfn_range.end = hva_to_gfn_memslot(hva_end + PAGE_SIZE - 1, slot);
3039bcc7SSean Christopherson			gfn_range.slot = slot;
3039bcc7SSean Christopherson
8931a454SSean Christopherson			if (!locked) {
8931a454SSean Christopherson				locked = true;
8931a454SSean Christopherson				KVM_MMU_LOCK(kvm);
071064f1SPaolo Bonzini				if (!IS_KVM_NULL_FN(range->on_lock))
071064f1SPaolo Bonzini					range->on_lock(kvm, range->start, range->end);
071064f1SPaolo Bonzini				if (IS_KVM_NULL_FN(range->handler))
071064f1SPaolo Bonzini					break;
8931a454SSean Christopherson			}
3039bcc7SSean Christopherson			ret |= range->handler(kvm, &gfn_range);
3039bcc7SSean Christopherson		}
3039bcc7SSean Christopherson	}
3039bcc7SSean Christopherson
6bc6db00SLai Jiangshan	if (range->flush_on_ret && ret)
3039bcc7SSean Christopherson		kvm_flush_remote_tlbs(kvm);
3039bcc7SSean Christopherson
683412ccSMingwei Zhang	if (locked) {
f922bd9bSSean Christopherson		KVM_MMU_UNLOCK(kvm);
683412ccSMingwei Zhang		if (!IS_KVM_NULL_FN(range->on_unlock))
683412ccSMingwei Zhang			range->on_unlock(kvm);
683412ccSMingwei Zhang	}
f922bd9bSSean Christopherson
3039bcc7SSean Christopherson	srcu_read_unlock(&kvm->srcu, idx);
3039bcc7SSean Christopherson
3039bcc7SSean Christopherson	/* The notifiers are averse to booleans. :-( */
3039bcc7SSean Christopherson	return (int)ret;
3039bcc7SSean Christopherson}
3039bcc7SSean Christopherson
3039bcc7SSean Christophersonstatic __always_inline int kvm_handle_hva_range(struct mmu_notifier *mn,
3039bcc7SSean Christopherson						unsigned long start,
3039bcc7SSean Christopherson						unsigned long end,
3e1efe2bSSean Christopherson						union kvm_mmu_notifier_arg arg,
3039bcc7SSean Christopherson						hva_handler_t handler)
3039bcc7SSean Christopherson{
3039bcc7SSean Christopherson	struct kvm *kvm = mmu_notifier_to_kvm(mn);
3039bcc7SSean Christopherson	const struct kvm_hva_range range = {
3039bcc7SSean Christopherson		.start		= start,
3039bcc7SSean Christopherson		.end		= end,
3e1efe2bSSean Christopherson		.arg		= arg,
3039bcc7SSean Christopherson		.handler	= handler,
f922bd9bSSean Christopherson		.on_lock	= (void *)kvm_null_fn,
683412ccSMingwei Zhang		.on_unlock	= (void *)kvm_null_fn,
3039bcc7SSean Christopherson		.flush_on_ret	= true,
3039bcc7SSean Christopherson		.may_block	= false,
3039bcc7SSean Christopherson	};
3039bcc7SSean Christopherson
f922bd9bSSean Christopherson	return __kvm_handle_hva_range(kvm, &range);
3039bcc7SSean Christopherson}
3039bcc7SSean Christopherson
3039bcc7SSean Christophersonstatic __always_inline int kvm_handle_hva_range_no_flush(struct mmu_notifier *mn,
3039bcc7SSean Christopherson							 unsigned long start,
3039bcc7SSean Christopherson							 unsigned long end,
3039bcc7SSean Christopherson							 hva_handler_t handler)
3039bcc7SSean Christopherson{
3039bcc7SSean Christopherson	struct kvm *kvm = mmu_notifier_to_kvm(mn);
3039bcc7SSean Christopherson	const struct kvm_hva_range range = {
3039bcc7SSean Christopherson		.start		= start,
3039bcc7SSean Christopherson		.end		= end,
3039bcc7SSean Christopherson		.handler	= handler,
f922bd9bSSean Christopherson		.on_lock	= (void *)kvm_null_fn,
683412ccSMingwei Zhang		.on_unlock	= (void *)kvm_null_fn,
3039bcc7SSean Christopherson		.flush_on_ret	= false,
3039bcc7SSean Christopherson		.may_block	= false,
3039bcc7SSean Christopherson	};
3039bcc7SSean Christopherson
f922bd9bSSean Christopherson	return __kvm_handle_hva_range(kvm, &range);
3039bcc7SSean Christopherson}
2230f9e1SGavin Shan
2230f9e1SGavin Shanstatic bool kvm_change_spte_gfn(struct kvm *kvm, struct kvm_gfn_range *range)
2230f9e1SGavin Shan{
2230f9e1SGavin Shan	/*
2230f9e1SGavin Shan	 * Skipping invalid memslots is correct if and only change_pte() is
2230f9e1SGavin Shan	 * surrounded by invalidate_range_{start,end}(), which is currently
2230f9e1SGavin Shan	 * guaranteed by the primary MMU.  If that ever changes, KVM needs to
2230f9e1SGavin Shan	 * unmap the memslot instead of skipping the memslot to ensure that KVM
2230f9e1SGavin Shan	 * doesn't hold references to the old PFN.
2230f9e1SGavin Shan	 */
2230f9e1SGavin Shan	WARN_ON_ONCE(!READ_ONCE(kvm->mn_active_invalidate_count));
2230f9e1SGavin Shan
2230f9e1SGavin Shan	if (range->slot->flags & KVM_MEMSLOT_INVALID)
2230f9e1SGavin Shan		return false;
2230f9e1SGavin Shan
2230f9e1SGavin Shan	return kvm_set_spte_gfn(kvm, range);
2230f9e1SGavin Shan}
2230f9e1SGavin Shan
3da0dd43SIzik Eidusstatic void kvm_mmu_notifier_change_pte(struct mmu_notifier *mn,
3da0dd43SIzik Eidus					struct mm_struct *mm,
3da0dd43SIzik Eidus					unsigned long address,
3da0dd43SIzik Eidus					pte_t pte)
3da0dd43SIzik Eidus{
3da0dd43SIzik Eidus	struct kvm *kvm = mmu_notifier_to_kvm(mn);
3e1efe2bSSean Christopherson	const union kvm_mmu_notifier_arg arg = { .pte = pte };
3da0dd43SIzik Eidus
501b9185SSean Christopherson	trace_kvm_set_spte_hva(address);
501b9185SSean Christopherson
c13fda23SSean Christopherson	/*
52ac8b35SPaolo Bonzini	 * .change_pte() must be surrounded by .invalidate_range_{start,end}().
20ec3ebdSChao Peng	 * If mmu_invalidate_in_progress is zero, then no in-progress
20ec3ebdSChao Peng	 * invalidations, including this one, found a relevant memslot at
20ec3ebdSChao Peng	 * start(); rechecking memslots here is unnecessary.  Note, a false
20ec3ebdSChao Peng	 * positive (count elevated by a different invalidation) is sub-optimal
20ec3ebdSChao Peng	 * but functionally ok.
c13fda23SSean Christopherson	 */
52ac8b35SPaolo Bonzini	WARN_ON_ONCE(!READ_ONCE(kvm->mn_active_invalidate_count));
20ec3ebdSChao Peng	if (!READ_ONCE(kvm->mmu_invalidate_in_progress))
071064f1SPaolo Bonzini		return;
c13fda23SSean Christopherson
3e1efe2bSSean Christopherson	kvm_handle_hva_range(mn, address, address + 1, arg, kvm_change_spte_gfn);
3da0dd43SIzik Eidus}
3da0dd43SIzik Eidus
20ec3ebdSChao Pengvoid kvm_mmu_invalidate_begin(struct kvm *kvm, unsigned long start,
f922bd9bSSean Christopherson			      unsigned long end)
e930bffeSAndrea Arcangeli{
e930bffeSAndrea Arcangeli	/*
e930bffeSAndrea Arcangeli	 * The count increase must become visible at unlock time as no
e930bffeSAndrea Arcangeli	 * spte can be established without taking the mmu_lock and
e930bffeSAndrea Arcangeli	 * count is also read inside the mmu_lock critical section.
e930bffeSAndrea Arcangeli	 */
20ec3ebdSChao Peng	kvm->mmu_invalidate_in_progress++;
20ec3ebdSChao Peng	if (likely(kvm->mmu_invalidate_in_progress == 1)) {
20ec3ebdSChao Peng		kvm->mmu_invalidate_range_start = start;
20ec3ebdSChao Peng		kvm->mmu_invalidate_range_end = end;
4a42d848SDavid Stevens	} else {
4a42d848SDavid Stevens		/*
a413a625STom Rix		 * Fully tracking multiple concurrent ranges has diminishing
4a42d848SDavid Stevens		 * returns. Keep things simple and just find the minimal range
4a42d848SDavid Stevens		 * which includes the current and new ranges. As there won't be
4a42d848SDavid Stevens		 * enough information to subtract a range after its invalidate
4a42d848SDavid Stevens		 * completes, any ranges invalidated concurrently will
4a42d848SDavid Stevens		 * accumulate and persist until all outstanding invalidates
4a42d848SDavid Stevens		 * complete.
4a42d848SDavid Stevens		 */
20ec3ebdSChao Peng		kvm->mmu_invalidate_range_start =
20ec3ebdSChao Peng			min(kvm->mmu_invalidate_range_start, start);
20ec3ebdSChao Peng		kvm->mmu_invalidate_range_end =
20ec3ebdSChao Peng			max(kvm->mmu_invalidate_range_end, end);
f922bd9bSSean Christopherson	}
4a42d848SDavid Stevens}
3039bcc7SSean Christopherson
f922bd9bSSean Christophersonstatic int kvm_mmu_notifier_invalidate_range_start(struct mmu_notifier *mn,
f922bd9bSSean Christopherson					const struct mmu_notifier_range *range)
f922bd9bSSean Christopherson{
f922bd9bSSean Christopherson	struct kvm *kvm = mmu_notifier_to_kvm(mn);
f922bd9bSSean Christopherson	const struct kvm_hva_range hva_range = {
f922bd9bSSean Christopherson		.start		= range->start,
f922bd9bSSean Christopherson		.end		= range->end,
f922bd9bSSean Christopherson		.handler	= kvm_unmap_gfn_range,
20ec3ebdSChao Peng		.on_lock	= kvm_mmu_invalidate_begin,
683412ccSMingwei Zhang		.on_unlock	= kvm_arch_guest_memory_reclaimed,
f922bd9bSSean Christopherson		.flush_on_ret	= true,
f922bd9bSSean Christopherson		.may_block	= mmu_notifier_range_blockable(range),
f922bd9bSSean Christopherson	};
565f3be2STakuya Yoshikawa
f922bd9bSSean Christopherson	trace_kvm_unmap_hva_range(range->start, range->end);
f922bd9bSSean Christopherson
52ac8b35SPaolo Bonzini	/*
52ac8b35SPaolo Bonzini	 * Prevent memslot modification between range_start() and range_end()
52ac8b35SPaolo Bonzini	 * so that conditionally locking provides the same result in both
20ec3ebdSChao Peng	 * functions.  Without that guarantee, the mmu_invalidate_in_progress
52ac8b35SPaolo Bonzini	 * adjustments will be imbalanced.
52ac8b35SPaolo Bonzini	 *
52ac8b35SPaolo Bonzini	 * Pairs with the decrement in range_end().
52ac8b35SPaolo Bonzini	 */
52ac8b35SPaolo Bonzini	spin_lock(&kvm->mn_invalidate_lock);
52ac8b35SPaolo Bonzini	kvm->mn_active_invalidate_count++;
52ac8b35SPaolo Bonzini	spin_unlock(&kvm->mn_invalidate_lock);
52ac8b35SPaolo Bonzini
58cd407cSSean Christopherson	/*
58cd407cSSean Christopherson	 * Invalidate pfn caches _before_ invalidating the secondary MMUs, i.e.
58cd407cSSean Christopherson	 * before acquiring mmu_lock, to avoid holding mmu_lock while acquiring
58cd407cSSean Christopherson	 * each cache's lock.  There are relatively few caches in existence at
58cd407cSSean Christopherson	 * any given time, and the caches themselves can check for hva overlap,
58cd407cSSean Christopherson	 * i.e. don't need to rely on memslot overlap checks for performance.
58cd407cSSean Christopherson	 * Because this runs without holding mmu_lock, the pfn caches must use
20ec3ebdSChao Peng	 * mn_active_invalidate_count (see above) instead of
20ec3ebdSChao Peng	 * mmu_invalidate_in_progress.
58cd407cSSean Christopherson	 */
982ed0deSDavid Woodhouse	gfn_to_pfn_cache_invalidate_start(kvm, range->start, range->end,
982ed0deSDavid Woodhouse					  hva_range.may_block);
982ed0deSDavid Woodhouse
f922bd9bSSean Christopherson	__kvm_handle_hva_range(kvm, &hva_range);
93065ac7SMichal Hocko
e649b3f0SEiichi Tsukata	return 0;
e930bffeSAndrea Arcangeli}
e930bffeSAndrea Arcangeli
20ec3ebdSChao Pengvoid kvm_mmu_invalidate_end(struct kvm *kvm, unsigned long start,
f922bd9bSSean Christopherson			    unsigned long end)
e930bffeSAndrea Arcangeli{
e930bffeSAndrea Arcangeli	/*
e930bffeSAndrea Arcangeli	 * This sequence increase will notify the kvm page fault that
e930bffeSAndrea Arcangeli	 * the page that is going to be mapped in the spte could have
e930bffeSAndrea Arcangeli	 * been freed.
e930bffeSAndrea Arcangeli	 */
20ec3ebdSChao Peng	kvm->mmu_invalidate_seq++;
a355aa54SPaul Mackerras	smp_wmb();
e930bffeSAndrea Arcangeli	/*
e930bffeSAndrea Arcangeli	 * The above sequence increase must be visible before the
a355aa54SPaul Mackerras	 * below count decrease, which is ensured by the smp_wmb above
20ec3ebdSChao Peng	 * in conjunction with the smp_rmb in mmu_invalidate_retry().
e930bffeSAndrea Arcangeli	 */
20ec3ebdSChao Peng	kvm->mmu_invalidate_in_progress--;
f922bd9bSSean Christopherson}
f922bd9bSSean Christopherson
f922bd9bSSean Christophersonstatic void kvm_mmu_notifier_invalidate_range_end(struct mmu_notifier *mn,
f922bd9bSSean Christopherson					const struct mmu_notifier_range *range)
f922bd9bSSean Christopherson{
f922bd9bSSean Christopherson	struct kvm *kvm = mmu_notifier_to_kvm(mn);
f922bd9bSSean Christopherson	const struct kvm_hva_range hva_range = {
f922bd9bSSean Christopherson		.start		= range->start,
f922bd9bSSean Christopherson		.end		= range->end,
f922bd9bSSean Christopherson		.handler	= (void *)kvm_null_fn,
20ec3ebdSChao Peng		.on_lock	= kvm_mmu_invalidate_end,
683412ccSMingwei Zhang		.on_unlock	= (void *)kvm_null_fn,
f922bd9bSSean Christopherson		.flush_on_ret	= false,
f922bd9bSSean Christopherson		.may_block	= mmu_notifier_range_blockable(range),
f922bd9bSSean Christopherson	};
52ac8b35SPaolo Bonzini	bool wake;
f922bd9bSSean Christopherson
f922bd9bSSean Christopherson	__kvm_handle_hva_range(kvm, &hva_range);
e930bffeSAndrea Arcangeli
52ac8b35SPaolo Bonzini	/* Pairs with the increment in range_start(). */
52ac8b35SPaolo Bonzini	spin_lock(&kvm->mn_invalidate_lock);
52ac8b35SPaolo Bonzini	wake = (--kvm->mn_active_invalidate_count == 0);
52ac8b35SPaolo Bonzini	spin_unlock(&kvm->mn_invalidate_lock);
52ac8b35SPaolo Bonzini
52ac8b35SPaolo Bonzini	/*
52ac8b35SPaolo Bonzini	 * There can only be one waiter, since the wait happens under
52ac8b35SPaolo Bonzini	 * slots_lock.
52ac8b35SPaolo Bonzini	 */
52ac8b35SPaolo Bonzini	if (wake)
52ac8b35SPaolo Bonzini		rcuwait_wake_up(&kvm->mn_memslots_update_rcuwait);
52ac8b35SPaolo Bonzini
20ec3ebdSChao Peng	BUG_ON(kvm->mmu_invalidate_in_progress < 0);
e930bffeSAndrea Arcangeli}
e930bffeSAndrea Arcangeli
e930bffeSAndrea Arcangelistatic int kvm_mmu_notifier_clear_flush_young(struct mmu_notifier *mn,
e930bffeSAndrea Arcangeli					      struct mm_struct *mm,
57128468SAndres Lagar-Cavilla					      unsigned long start,
57128468SAndres Lagar-Cavilla					      unsigned long end)
e930bffeSAndrea Arcangeli{
501b9185SSean Christopherson	trace_kvm_age_hva(start, end);
501b9185SSean Christopherson
3e1efe2bSSean Christopherson	return kvm_handle_hva_range(mn, start, end, KVM_MMU_NOTIFIER_NO_ARG,
3e1efe2bSSean Christopherson				    kvm_age_gfn);
e930bffeSAndrea Arcangeli}
e930bffeSAndrea Arcangeli
1d7715c6SVladimir Davydovstatic int kvm_mmu_notifier_clear_young(struct mmu_notifier *mn,
1d7715c6SVladimir Davydov					struct mm_struct *mm,
1d7715c6SVladimir Davydov					unsigned long start,
1d7715c6SVladimir Davydov					unsigned long end)
1d7715c6SVladimir Davydov{
501b9185SSean Christopherson	trace_kvm_age_hva(start, end);
501b9185SSean Christopherson
1d7715c6SVladimir Davydov	/*
1d7715c6SVladimir Davydov	 * Even though we do not flush TLB, this will still adversely
1d7715c6SVladimir Davydov	 * affect performance on pre-Haswell Intel EPT, where there is
1d7715c6SVladimir Davydov	 * no EPT Access Bit to clear so that we have to tear down EPT
1d7715c6SVladimir Davydov	 * tables instead. If we find this unacceptable, we can always
1d7715c6SVladimir Davydov	 * add a parameter to kvm_age_hva so that it effectively doesn't
1d7715c6SVladimir Davydov	 * do anything on clear_young.
1d7715c6SVladimir Davydov	 *
1d7715c6SVladimir Davydov	 * Also note that currently we never issue secondary TLB flushes
1d7715c6SVladimir Davydov	 * from clear_young, leaving this job up to the regular system
1d7715c6SVladimir Davydov	 * cadence. If we find this inaccurate, we might come up with a
1d7715c6SVladimir Davydov	 * more sophisticated heuristic later.
1d7715c6SVladimir Davydov	 */
3039bcc7SSean Christopherson	return kvm_handle_hva_range_no_flush(mn, start, end, kvm_age_gfn);
1d7715c6SVladimir Davydov}
1d7715c6SVladimir Davydov
8ee53820SAndrea Arcangelistatic int kvm_mmu_notifier_test_young(struct mmu_notifier *mn,
8ee53820SAndrea Arcangeli				       struct mm_struct *mm,
8ee53820SAndrea Arcangeli				       unsigned long address)
8ee53820SAndrea Arcangeli{
501b9185SSean Christopherson	trace_kvm_test_age_hva(address);
501b9185SSean Christopherson
3039bcc7SSean Christopherson	return kvm_handle_hva_range_no_flush(mn, address, address + 1,
3039bcc7SSean Christopherson					     kvm_test_age_gfn);
8ee53820SAndrea Arcangeli}
8ee53820SAndrea Arcangeli
85db06e5SMarcelo Tosattistatic void kvm_mmu_notifier_release(struct mmu_notifier *mn,
85db06e5SMarcelo Tosatti				     struct mm_struct *mm)
85db06e5SMarcelo Tosatti{
85db06e5SMarcelo Tosatti	struct kvm *kvm = mmu_notifier_to_kvm(mn);
eda2bedaSLai Jiangshan	int idx;
eda2bedaSLai Jiangshan
eda2bedaSLai Jiangshan	idx = srcu_read_lock(&kvm->srcu);
683412ccSMingwei Zhang	kvm_flush_shadow_all(kvm);
eda2bedaSLai Jiangshan	srcu_read_unlock(&kvm->srcu, idx);
85db06e5SMarcelo Tosatti}
85db06e5SMarcelo Tosatti
e930bffeSAndrea Arcangelistatic const struct mmu_notifier_ops kvm_mmu_notifier_ops = {
e930bffeSAndrea Arcangeli	.invalidate_range_start	= kvm_mmu_notifier_invalidate_range_start,
e930bffeSAndrea Arcangeli	.invalidate_range_end	= kvm_mmu_notifier_invalidate_range_end,
e930bffeSAndrea Arcangeli	.clear_flush_young	= kvm_mmu_notifier_clear_flush_young,
1d7715c6SVladimir Davydov	.clear_young		= kvm_mmu_notifier_clear_young,
8ee53820SAndrea Arcangeli	.test_young		= kvm_mmu_notifier_test_young,
3da0dd43SIzik Eidus	.change_pte		= kvm_mmu_notifier_change_pte,
85db06e5SMarcelo Tosatti	.release		= kvm_mmu_notifier_release,
e930bffeSAndrea Arcangeli};
4c07b0a4SAvi Kivity
4c07b0a4SAvi Kivitystatic int kvm_init_mmu_notifier(struct kvm *kvm)
4c07b0a4SAvi Kivity{
4c07b0a4SAvi Kivity	kvm->mmu_notifier.ops = &kvm_mmu_notifier_ops;
4c07b0a4SAvi Kivity	return mmu_notifier_register(&kvm->mmu_notifier, current->mm);
4c07b0a4SAvi Kivity}
4c07b0a4SAvi Kivity
4c07b0a4SAvi Kivity#else  /* !(CONFIG_MMU_NOTIFIER && KVM_ARCH_WANT_MMU_NOTIFIER) */
4c07b0a4SAvi Kivity
4c07b0a4SAvi Kivitystatic int kvm_init_mmu_notifier(struct kvm *kvm)
4c07b0a4SAvi Kivity{
4c07b0a4SAvi Kivity	return 0;
4c07b0a4SAvi Kivity}
4c07b0a4SAvi Kivity
e930bffeSAndrea Arcangeli#endif /* CONFIG_MMU_NOTIFIER && KVM_ARCH_WANT_MMU_NOTIFIER */
e930bffeSAndrea Arcangeli
2fdef3a2SSergey Senozhatsky#ifdef CONFIG_HAVE_KVM_PM_NOTIFIER
2fdef3a2SSergey Senozhatskystatic int kvm_pm_notifier_call(struct notifier_block *bl,
2fdef3a2SSergey Senozhatsky				unsigned long state,
2fdef3a2SSergey Senozhatsky				void *unused)
2fdef3a2SSergey Senozhatsky{
2fdef3a2SSergey Senozhatsky	struct kvm *kvm = container_of(bl, struct kvm, pm_notifier);
2fdef3a2SSergey Senozhatsky
2fdef3a2SSergey Senozhatsky	return kvm_arch_pm_notifier(kvm, state);
2fdef3a2SSergey Senozhatsky}
2fdef3a2SSergey Senozhatsky
2fdef3a2SSergey Senozhatskystatic void kvm_init_pm_notifier(struct kvm *kvm)
2fdef3a2SSergey Senozhatsky{
2fdef3a2SSergey Senozhatsky	kvm->pm_notifier.notifier_call = kvm_pm_notifier_call;
2fdef3a2SSergey Senozhatsky	/* Suspend KVM before we suspend ftrace, RCU, etc. */
2fdef3a2SSergey Senozhatsky	kvm->pm_notifier.priority = INT_MAX;
2fdef3a2SSergey Senozhatsky	register_pm_notifier(&kvm->pm_notifier);
2fdef3a2SSergey Senozhatsky}
2fdef3a2SSergey Senozhatsky
2fdef3a2SSergey Senozhatskystatic void kvm_destroy_pm_notifier(struct kvm *kvm)
2fdef3a2SSergey Senozhatsky{
2fdef3a2SSergey Senozhatsky	unregister_pm_notifier(&kvm->pm_notifier);
2fdef3a2SSergey Senozhatsky}
2fdef3a2SSergey Senozhatsky#else /* !CONFIG_HAVE_KVM_PM_NOTIFIER */
2fdef3a2SSergey Senozhatskystatic void kvm_init_pm_notifier(struct kvm *kvm)
2fdef3a2SSergey Senozhatsky{
2fdef3a2SSergey Senozhatsky}
2fdef3a2SSergey Senozhatsky
2fdef3a2SSergey Senozhatskystatic void kvm_destroy_pm_notifier(struct kvm *kvm)
2fdef3a2SSergey Senozhatsky{
2fdef3a2SSergey Senozhatsky}
2fdef3a2SSergey Senozhatsky#endif /* CONFIG_HAVE_KVM_PM_NOTIFIER */
2fdef3a2SSergey Senozhatsky
a47d2b07SPaolo Bonzinistatic void kvm_destroy_dirty_bitmap(struct kvm_memory_slot *memslot)
a47d2b07SPaolo Bonzini{
a47d2b07SPaolo Bonzini	if (!memslot->dirty_bitmap)
a47d2b07SPaolo Bonzini		return;
a47d2b07SPaolo Bonzini
a47d2b07SPaolo Bonzini	kvfree(memslot->dirty_bitmap);
a47d2b07SPaolo Bonzini	memslot->dirty_bitmap = NULL;
a47d2b07SPaolo Bonzini}
a47d2b07SPaolo Bonzini
a54d8066SMaciej S. Szmigiero/* This does not remove the slot from struct kvm_memslots data structures */
e96c81eeSSean Christophersonstatic void kvm_free_memslot(struct kvm *kvm, struct kvm_memory_slot *slot)
a47d2b07SPaolo Bonzini{
e96c81eeSSean Christopherson	kvm_destroy_dirty_bitmap(slot);
a47d2b07SPaolo Bonzini
e96c81eeSSean Christopherson	kvm_arch_free_memslot(kvm, slot);
a47d2b07SPaolo Bonzini
a54d8066SMaciej S. Szmigiero	kfree(slot);
a47d2b07SPaolo Bonzini}
a47d2b07SPaolo Bonzini
a47d2b07SPaolo Bonzinistatic void kvm_free_memslots(struct kvm *kvm, struct kvm_memslots *slots)
a47d2b07SPaolo Bonzini{
a54d8066SMaciej S. Szmigiero	struct hlist_node *idnode;
a47d2b07SPaolo Bonzini	struct kvm_memory_slot *memslot;
a54d8066SMaciej S. Szmigiero	int bkt;
a47d2b07SPaolo Bonzini
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * The same memslot objects live in both active and inactive sets,
a54d8066SMaciej S. Szmigiero	 * arbitrarily free using index '1' so the second invocation of this
a54d8066SMaciej S. Szmigiero	 * function isn't operating over a structure with dangling pointers
a54d8066SMaciej S. Szmigiero	 * (even though this function isn't actually touching them).
a54d8066SMaciej S. Szmigiero	 */
a54d8066SMaciej S. Szmigiero	if (!slots->node_idx)
a47d2b07SPaolo Bonzini		return;
a47d2b07SPaolo Bonzini
a54d8066SMaciej S. Szmigiero	hash_for_each_safe(slots->id_hash, bkt, idnode, memslot, id_node[1])
e96c81eeSSean Christopherson		kvm_free_memslot(kvm, memslot);
bf3e05bcSXiao Guangrong}
bf3e05bcSXiao Guangrong
bc9e9e67SJing Zhangstatic umode_t kvm_stats_debugfs_mode(const struct _kvm_stats_desc *pdesc)
bc9e9e67SJing Zhang{
bc9e9e67SJing Zhang	switch (pdesc->desc.flags & KVM_STATS_TYPE_MASK) {
bc9e9e67SJing Zhang	case KVM_STATS_TYPE_INSTANT:
bc9e9e67SJing Zhang		return 0444;
bc9e9e67SJing Zhang	case KVM_STATS_TYPE_CUMULATIVE:
bc9e9e67SJing Zhang	case KVM_STATS_TYPE_PEAK:
bc9e9e67SJing Zhang	default:
bc9e9e67SJing Zhang		return 0644;
bc9e9e67SJing Zhang	}
bc9e9e67SJing Zhang}
bc9e9e67SJing Zhang
bc9e9e67SJing Zhang
536a6f88SJanosch Frankstatic void kvm_destroy_vm_debugfs(struct kvm *kvm)
536a6f88SJanosch Frank{
536a6f88SJanosch Frank	int i;
bc9e9e67SJing Zhang	int kvm_debugfs_num_entries = kvm_vm_stats_header.num_desc +
bc9e9e67SJing Zhang				      kvm_vcpu_stats_header.num_desc;
536a6f88SJanosch Frank
a44a4cc1SOliver Upton	if (IS_ERR(kvm->debugfs_dentry))
536a6f88SJanosch Frank		return;
536a6f88SJanosch Frank
536a6f88SJanosch Frank	debugfs_remove_recursive(kvm->debugfs_dentry);
536a6f88SJanosch Frank
9d5a1dceSLuiz Capitulino	if (kvm->debugfs_stat_data) {
536a6f88SJanosch Frank		for (i = 0; i < kvm_debugfs_num_entries; i++)
536a6f88SJanosch Frank			kfree(kvm->debugfs_stat_data[i]);
536a6f88SJanosch Frank		kfree(kvm->debugfs_stat_data);
536a6f88SJanosch Frank	}
9d5a1dceSLuiz Capitulino}
536a6f88SJanosch Frank
59f82aadSOliver Uptonstatic int kvm_create_vm_debugfs(struct kvm *kvm, const char *fdname)
536a6f88SJanosch Frank{
85cd39afSPaolo Bonzini	static DEFINE_MUTEX(kvm_debugfs_lock);
85cd39afSPaolo Bonzini	struct dentry *dent;
536a6f88SJanosch Frank	char dir_name[ITOA_MAX_LEN * 2];
536a6f88SJanosch Frank	struct kvm_stat_data *stat_data;
bc9e9e67SJing Zhang	const struct _kvm_stats_desc *pdesc;
b74ed7a6SOliver Upton	int i, ret = -ENOMEM;
bc9e9e67SJing Zhang	int kvm_debugfs_num_entries = kvm_vm_stats_header.num_desc +
bc9e9e67SJing Zhang				      kvm_vcpu_stats_header.num_desc;
536a6f88SJanosch Frank
536a6f88SJanosch Frank	if (!debugfs_initialized())
536a6f88SJanosch Frank		return 0;
536a6f88SJanosch Frank
59f82aadSOliver Upton	snprintf(dir_name, sizeof(dir_name), "%d-%s", task_pid_nr(current), fdname);
85cd39afSPaolo Bonzini	mutex_lock(&kvm_debugfs_lock);
85cd39afSPaolo Bonzini	dent = debugfs_lookup(dir_name, kvm_debugfs_dir);
85cd39afSPaolo Bonzini	if (dent) {
85cd39afSPaolo Bonzini		pr_warn_ratelimited("KVM: debugfs: duplicate directory %s\n", dir_name);
85cd39afSPaolo Bonzini		dput(dent);
85cd39afSPaolo Bonzini		mutex_unlock(&kvm_debugfs_lock);
85cd39afSPaolo Bonzini		return 0;
85cd39afSPaolo Bonzini	}
85cd39afSPaolo Bonzini	dent = debugfs_create_dir(dir_name, kvm_debugfs_dir);
85cd39afSPaolo Bonzini	mutex_unlock(&kvm_debugfs_lock);
85cd39afSPaolo Bonzini	if (IS_ERR(dent))
85cd39afSPaolo Bonzini		return 0;
536a6f88SJanosch Frank
85cd39afSPaolo Bonzini	kvm->debugfs_dentry = dent;
536a6f88SJanosch Frank	kvm->debugfs_stat_data = kcalloc(kvm_debugfs_num_entries,
536a6f88SJanosch Frank					 sizeof(*kvm->debugfs_stat_data),
b12ce36aSBen Gardon					 GFP_KERNEL_ACCOUNT);
536a6f88SJanosch Frank	if (!kvm->debugfs_stat_data)
b74ed7a6SOliver Upton		goto out_err;
536a6f88SJanosch Frank
bc9e9e67SJing Zhang	for (i = 0; i < kvm_vm_stats_header.num_desc; ++i) {
bc9e9e67SJing Zhang		pdesc = &kvm_vm_stats_desc[i];
b12ce36aSBen Gardon		stat_data = kzalloc(sizeof(*stat_data), GFP_KERNEL_ACCOUNT);
536a6f88SJanosch Frank		if (!stat_data)
b74ed7a6SOliver Upton			goto out_err;
536a6f88SJanosch Frank
536a6f88SJanosch Frank		stat_data->kvm = kvm;
bc9e9e67SJing Zhang		stat_data->desc = pdesc;
bc9e9e67SJing Zhang		stat_data->kind = KVM_STAT_VM;
bc9e9e67SJing Zhang		kvm->debugfs_stat_data[i] = stat_data;
bc9e9e67SJing Zhang		debugfs_create_file(pdesc->name, kvm_stats_debugfs_mode(pdesc),
bc9e9e67SJing Zhang				    kvm->debugfs_dentry, stat_data,
bc9e9e67SJing Zhang				    &stat_fops_per_vm);
bc9e9e67SJing Zhang	}
bc9e9e67SJing Zhang
bc9e9e67SJing Zhang	for (i = 0; i < kvm_vcpu_stats_header.num_desc; ++i) {
bc9e9e67SJing Zhang		pdesc = &kvm_vcpu_stats_desc[i];
bc9e9e67SJing Zhang		stat_data = kzalloc(sizeof(*stat_data), GFP_KERNEL_ACCOUNT);
bc9e9e67SJing Zhang		if (!stat_data)
b74ed7a6SOliver Upton			goto out_err;
bc9e9e67SJing Zhang
bc9e9e67SJing Zhang		stat_data->kvm = kvm;
bc9e9e67SJing Zhang		stat_data->desc = pdesc;
bc9e9e67SJing Zhang		stat_data->kind = KVM_STAT_VCPU;
004d62ebSPavel Skripkin		kvm->debugfs_stat_data[i + kvm_vm_stats_header.num_desc] = stat_data;
bc9e9e67SJing Zhang		debugfs_create_file(pdesc->name, kvm_stats_debugfs_mode(pdesc),
09cbcef6SMilan Pandurov				    kvm->debugfs_dentry, stat_data,
09cbcef6SMilan Pandurov				    &stat_fops_per_vm);
536a6f88SJanosch Frank	}
3165af73SPeter Xu
3165af73SPeter Xu	ret = kvm_arch_create_vm_debugfs(kvm);
b74ed7a6SOliver Upton	if (ret)
b74ed7a6SOliver Upton		goto out_err;
3165af73SPeter Xu
536a6f88SJanosch Frank	return 0;
b74ed7a6SOliver Uptonout_err:
b74ed7a6SOliver Upton	kvm_destroy_vm_debugfs(kvm);
b74ed7a6SOliver Upton	return ret;
536a6f88SJanosch Frank}
536a6f88SJanosch Frank
1aa9b957SJunaid Shahid/*
1aa9b957SJunaid Shahid * Called after the VM is otherwise initialized, but just before adding it to
1aa9b957SJunaid Shahid * the vm_list.
1aa9b957SJunaid Shahid */
1aa9b957SJunaid Shahidint __weak kvm_arch_post_init_vm(struct kvm *kvm)
1aa9b957SJunaid Shahid{
1aa9b957SJunaid Shahid	return 0;
1aa9b957SJunaid Shahid}
1aa9b957SJunaid Shahid
1aa9b957SJunaid Shahid/*
1aa9b957SJunaid Shahid * Called just after removing the VM from the vm_list, but before doing any
1aa9b957SJunaid Shahid * other destruction.
1aa9b957SJunaid Shahid */
1aa9b957SJunaid Shahidvoid __weak kvm_arch_pre_destroy_vm(struct kvm *kvm)
1aa9b957SJunaid Shahid{
1aa9b957SJunaid Shahid}
1aa9b957SJunaid Shahid
3165af73SPeter Xu/*
3165af73SPeter Xu * Called after per-vm debugfs created.  When called kvm->debugfs_dentry should
3165af73SPeter Xu * be setup already, so we can create arch-specific debugfs entries under it.
3165af73SPeter Xu * Cleanup should be automatic done in kvm_destroy_vm_debugfs() recursively, so
3165af73SPeter Xu * a per-arch destroy interface is not needed.
3165af73SPeter Xu */
3165af73SPeter Xuint __weak kvm_arch_create_vm_debugfs(struct kvm *kvm)
3165af73SPeter Xu{
3165af73SPeter Xu	return 0;
3165af73SPeter Xu}
3165af73SPeter Xu
b74ed7a6SOliver Uptonstatic struct kvm *kvm_create_vm(unsigned long type, const char *fdname)
0fce5623SAvi Kivity{
d89f5effSJan Kiszka	struct kvm *kvm = kvm_arch_alloc_vm();
a54d8066SMaciej S. Szmigiero	struct kvm_memslots *slots;
9121923cSJim Mattson	int r = -ENOMEM;
a54d8066SMaciej S. Szmigiero	int i, j;
0fce5623SAvi Kivity
d89f5effSJan Kiszka	if (!kvm)
d89f5effSJan Kiszka		return ERR_PTR(-ENOMEM);
d89f5effSJan Kiszka
405294f2SSean Christopherson	/* KVM is pinned via open("/dev/kvm"), the fd passed to this ioctl(). */
405294f2SSean Christopherson	__module_get(kvm_chardev_ops.owner);
405294f2SSean Christopherson
531810caSBen Gardon	KVM_MMU_LOCK_INIT(kvm);
f1f10076SVegard Nossum	mmgrab(current->mm);
e9ad4ec8SPaolo Bonzini	kvm->mm = current->mm;
e9ad4ec8SPaolo Bonzini	kvm_eventfd_init(kvm);
e9ad4ec8SPaolo Bonzini	mutex_init(&kvm->lock);
e9ad4ec8SPaolo Bonzini	mutex_init(&kvm->irq_lock);
e9ad4ec8SPaolo Bonzini	mutex_init(&kvm->slots_lock);
b10a038eSBen Gardon	mutex_init(&kvm->slots_arch_lock);
52ac8b35SPaolo Bonzini	spin_lock_init(&kvm->mn_invalidate_lock);
52ac8b35SPaolo Bonzini	rcuwait_init(&kvm->mn_memslots_update_rcuwait);
c5b07754SMarc Zyngier	xa_init(&kvm->vcpu_array);
52ac8b35SPaolo Bonzini
982ed0deSDavid Woodhouse	INIT_LIST_HEAD(&kvm->gpc_list);
982ed0deSDavid Woodhouse	spin_lock_init(&kvm->gpc_lock);
e9ad4ec8SPaolo Bonzini
e9ad4ec8SPaolo Bonzini	INIT_LIST_HEAD(&kvm->devices);
f502cc56SSean Christopherson	kvm->max_vcpus = KVM_MAX_VCPUS;
e9ad4ec8SPaolo Bonzini
9121923cSJim Mattson	BUILD_BUG_ON(KVM_MEM_SLOTS_NUM > SHRT_MAX);
9121923cSJim Mattson
5c697c36SSean Christopherson	/*
5c697c36SSean Christopherson	 * Force subsequent debugfs file creations to fail if the VM directory
5c697c36SSean Christopherson	 * is not created (by kvm_create_vm_debugfs()).
5c697c36SSean Christopherson	 */
5c697c36SSean Christopherson	kvm->debugfs_dentry = ERR_PTR(-ENOENT);
5c697c36SSean Christopherson
f2759c08SOliver Upton	snprintf(kvm->stats_id, sizeof(kvm->stats_id), "kvm-%d",
f2759c08SOliver Upton		 task_pid_nr(current));
f2759c08SOliver Upton
8a44119aSPaolo Bonzini	if (init_srcu_struct(&kvm->srcu))
8a44119aSPaolo Bonzini		goto out_err_no_srcu;
8a44119aSPaolo Bonzini	if (init_srcu_struct(&kvm->irq_srcu))
8a44119aSPaolo Bonzini		goto out_err_no_irq_srcu;
8a44119aSPaolo Bonzini
e2d3fcafSPaolo Bonzini	refcount_set(&kvm->users_count, 1);
9121923cSJim Mattson	for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++) {
a54d8066SMaciej S. Szmigiero		for (j = 0; j < 2; j++) {
a54d8066SMaciej S. Szmigiero			slots = &kvm->__memslots[i][j];
9121923cSJim Mattson
a54d8066SMaciej S. Szmigiero			atomic_long_set(&slots->last_used_slot, (unsigned long)NULL);
a54d8066SMaciej S. Szmigiero			slots->hva_tree = RB_ROOT_CACHED;
a54d8066SMaciej S. Szmigiero			slots->gfn_tree = RB_ROOT;
a54d8066SMaciej S. Szmigiero			hash_init(slots->id_hash);
a54d8066SMaciej S. Szmigiero			slots->node_idx = j;
a54d8066SMaciej S. Szmigiero
9121923cSJim Mattson			/* Generations must be different for each address space. */
9121923cSJim Mattson			slots->generation = i;
a54d8066SMaciej S. Szmigiero		}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero		rcu_assign_pointer(kvm->memslots[i], &kvm->__memslots[i][0]);
9121923cSJim Mattson	}
9121923cSJim Mattson
9121923cSJim Mattson	for (i = 0; i < KVM_NR_BUSES; i++) {
9121923cSJim Mattson		rcu_assign_pointer(kvm->buses[i],
9121923cSJim Mattson			kzalloc(sizeof(struct kvm_io_bus), GFP_KERNEL_ACCOUNT));
9121923cSJim Mattson		if (!kvm->buses[i])
a97b0e77SJim Mattson			goto out_err_no_arch_destroy_vm;
9121923cSJim Mattson	}
9121923cSJim Mattson
e08b9637SCarsten Otte	r = kvm_arch_init_vm(kvm, type);
d89f5effSJan Kiszka	if (r)
a97b0e77SJim Mattson		goto out_err_no_arch_destroy_vm;
10474ae8SAlexander Graf
10474ae8SAlexander Graf	r = hardware_enable_all();
10474ae8SAlexander Graf	if (r)
719d93cdSChristian Borntraeger		goto out_err_no_disable;
10474ae8SAlexander Graf
c77dcacbSPaolo Bonzini#ifdef CONFIG_HAVE_KVM_IRQFD
136bdfeeSGleb Natapov	INIT_HLIST_HEAD(&kvm->irq_ack_notifier_list);
75858a84SAvi Kivity#endif
0fce5623SAvi Kivity
74b5c5bfSMike Waychison	r = kvm_init_mmu_notifier(kvm);
74b5c5bfSMike Waychison	if (r)
1aa9b957SJunaid Shahid		goto out_err_no_mmu_notifier;
1aa9b957SJunaid Shahid
c2b82397SSean Christopherson	r = kvm_coalesced_mmio_init(kvm);
c2b82397SSean Christopherson	if (r < 0)
c2b82397SSean Christopherson		goto out_no_coalesced_mmio;
c2b82397SSean Christopherson
4ba4f419SSean Christopherson	r = kvm_create_vm_debugfs(kvm, fdname);
4ba4f419SSean Christopherson	if (r)
4ba4f419SSean Christopherson		goto out_err_no_debugfs;
4ba4f419SSean Christopherson
1aa9b957SJunaid Shahid	r = kvm_arch_post_init_vm(kvm);
1aa9b957SJunaid Shahid	if (r)
4ba4f419SSean Christopherson		goto out_err;
74b5c5bfSMike Waychison
0d9ce162SJunaid Shahid	mutex_lock(&kvm_lock);
0fce5623SAvi Kivity	list_add(&kvm->vm_list, &vm_list);
0d9ce162SJunaid Shahid	mutex_unlock(&kvm_lock);
d89f5effSJan Kiszka
2ecd9d29SPeter Zijlstra	preempt_notifier_inc();
2fdef3a2SSergey Senozhatsky	kvm_init_pm_notifier(kvm);
2ecd9d29SPeter Zijlstra
0fce5623SAvi Kivity	return kvm;
10474ae8SAlexander Graf
10474ae8SAlexander Grafout_err:
4ba4f419SSean Christopherson	kvm_destroy_vm_debugfs(kvm);
4ba4f419SSean Christophersonout_err_no_debugfs:
c2b82397SSean Christopherson	kvm_coalesced_mmio_free(kvm);
c2b82397SSean Christophersonout_no_coalesced_mmio:
1aa9b957SJunaid Shahid#if defined(CONFIG_MMU_NOTIFIER) && defined(KVM_ARCH_WANT_MMU_NOTIFIER)
1aa9b957SJunaid Shahid	if (kvm->mmu_notifier.ops)
1aa9b957SJunaid Shahid		mmu_notifier_unregister(&kvm->mmu_notifier, current->mm);
1aa9b957SJunaid Shahid#endif
1aa9b957SJunaid Shahidout_err_no_mmu_notifier:
10474ae8SAlexander Graf	hardware_disable_all();
719d93cdSChristian Borntraegerout_err_no_disable:
a97b0e77SJim Mattson	kvm_arch_destroy_vm(kvm);
a97b0e77SJim Mattsonout_err_no_arch_destroy_vm:
e2d3fcafSPaolo Bonzini	WARN_ON_ONCE(!refcount_dec_and_test(&kvm->users_count));
e93f8a0fSMarcelo Tosatti	for (i = 0; i < KVM_NR_BUSES; i++)
3898da94SPaolo Bonzini		kfree(kvm_get_bus(kvm, i));
8a44119aSPaolo Bonzini	cleanup_srcu_struct(&kvm->irq_srcu);
8a44119aSPaolo Bonziniout_err_no_irq_srcu:
8a44119aSPaolo Bonzini	cleanup_srcu_struct(&kvm->srcu);
8a44119aSPaolo Bonziniout_err_no_srcu:
d89f5effSJan Kiszka	kvm_arch_free_vm(kvm);
e9ad4ec8SPaolo Bonzini	mmdrop(current->mm);
405294f2SSean Christopherson	module_put(kvm_chardev_ops.owner);
10474ae8SAlexander Graf	return ERR_PTR(r);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
07f0a7bdSScott Woodstatic void kvm_destroy_devices(struct kvm *kvm)
07f0a7bdSScott Wood{
e6e3b5a6SGeliang Tang	struct kvm_device *dev, *tmp;
07f0a7bdSScott Wood
a28ebea2SChristoffer Dall	/*
a28ebea2SChristoffer Dall	 * We do not need to take the kvm->lock here, because nobody else
a28ebea2SChristoffer Dall	 * has a reference to the struct kvm at this point and therefore
a28ebea2SChristoffer Dall	 * cannot access the devices list anyhow.
a28ebea2SChristoffer Dall	 */
e6e3b5a6SGeliang Tang	list_for_each_entry_safe(dev, tmp, &kvm->devices, vm_node) {
e6e3b5a6SGeliang Tang		list_del(&dev->vm_node);
07f0a7bdSScott Wood		dev->ops->destroy(dev);
07f0a7bdSScott Wood	}
07f0a7bdSScott Wood}
07f0a7bdSScott Wood
0fce5623SAvi Kivitystatic void kvm_destroy_vm(struct kvm *kvm)
0fce5623SAvi Kivity{
e93f8a0fSMarcelo Tosatti	int i;
0fce5623SAvi Kivity	struct mm_struct *mm = kvm->mm;
0fce5623SAvi Kivity
2fdef3a2SSergey Senozhatsky	kvm_destroy_pm_notifier(kvm);
286de8f6SClaudio Imbrenda	kvm_uevent_notify_change(KVM_EVENT_DESTROY_VM, kvm);
536a6f88SJanosch Frank	kvm_destroy_vm_debugfs(kvm);
ad8ba2cdSSheng Yang	kvm_arch_sync_events(kvm);
0d9ce162SJunaid Shahid	mutex_lock(&kvm_lock);
0fce5623SAvi Kivity	list_del(&kvm->vm_list);
0d9ce162SJunaid Shahid	mutex_unlock(&kvm_lock);
1aa9b957SJunaid Shahid	kvm_arch_pre_destroy_vm(kvm);
1aa9b957SJunaid Shahid
399ec807SAvi Kivity	kvm_free_irq_routing(kvm);
df630b8cSPeter Xu	for (i = 0; i < KVM_NR_BUSES; i++) {
3898da94SPaolo Bonzini		struct kvm_io_bus *bus = kvm_get_bus(kvm, i);
4a12f951SChristian Borntraeger
4a12f951SChristian Borntraeger		if (bus)
4a12f951SChristian Borntraeger			kvm_io_bus_destroy(bus);
df630b8cSPeter Xu		kvm->buses[i] = NULL;
df630b8cSPeter Xu	}
980da6ceSAvi Kivity	kvm_coalesced_mmio_free(kvm);
e930bffeSAndrea Arcangeli#if defined(CONFIG_MMU_NOTIFIER) && defined(KVM_ARCH_WANT_MMU_NOTIFIER)
e930bffeSAndrea Arcangeli	mmu_notifier_unregister(&kvm->mmu_notifier, kvm->mm);
52ac8b35SPaolo Bonzini	/*
52ac8b35SPaolo Bonzini	 * At this point, pending calls to invalidate_range_start()
52ac8b35SPaolo Bonzini	 * have completed but no more MMU notifiers will run, so
52ac8b35SPaolo Bonzini	 * mn_active_invalidate_count may remain unbalanced.
b0d23708SJun Miao	 * No threads can be waiting in kvm_swap_active_memslots() as the
52ac8b35SPaolo Bonzini	 * last reference on KVM has been dropped, but freeing
52ac8b35SPaolo Bonzini	 * memslots would deadlock without this manual intervention.
52ac8b35SPaolo Bonzini	 */
52ac8b35SPaolo Bonzini	WARN_ON(rcuwait_active(&kvm->mn_memslots_update_rcuwait));
52ac8b35SPaolo Bonzini	kvm->mn_active_invalidate_count = 0;
f00be0caSGleb Natapov#else
683412ccSMingwei Zhang	kvm_flush_shadow_all(kvm);
e930bffeSAndrea Arcangeli#endif
0fce5623SAvi Kivity	kvm_arch_destroy_vm(kvm);
07f0a7bdSScott Wood	kvm_destroy_devices(kvm);
a54d8066SMaciej S. Szmigiero	for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++) {
a54d8066SMaciej S. Szmigiero		kvm_free_memslots(kvm, &kvm->__memslots[i][0]);
a54d8066SMaciej S. Szmigiero		kvm_free_memslots(kvm, &kvm->__memslots[i][1]);
a54d8066SMaciej S. Szmigiero	}
820b3fcdSPaolo Bonzini	cleanup_srcu_struct(&kvm->irq_srcu);
d89f5effSJan Kiszka	cleanup_srcu_struct(&kvm->srcu);
d89f5effSJan Kiszka	kvm_arch_free_vm(kvm);
2ecd9d29SPeter Zijlstra	preempt_notifier_dec();
10474ae8SAlexander Graf	hardware_disable_all();
0fce5623SAvi Kivity	mmdrop(mm);
5f6de5cbSDavid Matlack	module_put(kvm_chardev_ops.owner);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
d39f13b0SIzik Eidusvoid kvm_get_kvm(struct kvm *kvm)
d39f13b0SIzik Eidus{
e3736c3eSElena Reshetova	refcount_inc(&kvm->users_count);
d39f13b0SIzik Eidus}
d39f13b0SIzik EidusEXPORT_SYMBOL_GPL(kvm_get_kvm);
d39f13b0SIzik Eidus
605c7130SPeter Xu/*
605c7130SPeter Xu * Make sure the vm is not during destruction, which is a safe version of
605c7130SPeter Xu * kvm_get_kvm().  Return true if kvm referenced successfully, false otherwise.
605c7130SPeter Xu */
605c7130SPeter Xubool kvm_get_kvm_safe(struct kvm *kvm)
605c7130SPeter Xu{
605c7130SPeter Xu	return refcount_inc_not_zero(&kvm->users_count);
605c7130SPeter Xu}
605c7130SPeter XuEXPORT_SYMBOL_GPL(kvm_get_kvm_safe);
605c7130SPeter Xu
d39f13b0SIzik Eidusvoid kvm_put_kvm(struct kvm *kvm)
d39f13b0SIzik Eidus{
e3736c3eSElena Reshetova	if (refcount_dec_and_test(&kvm->users_count))
d39f13b0SIzik Eidus		kvm_destroy_vm(kvm);
d39f13b0SIzik Eidus}
d39f13b0SIzik EidusEXPORT_SYMBOL_GPL(kvm_put_kvm);
d39f13b0SIzik Eidus
149487bdSSean Christopherson/*
149487bdSSean Christopherson * Used to put a reference that was taken on behalf of an object associated
149487bdSSean Christopherson * with a user-visible file descriptor, e.g. a vcpu or device, if installation
149487bdSSean Christopherson * of the new file descriptor fails and the reference cannot be transferred to
149487bdSSean Christopherson * its final owner.  In such cases, the caller is still actively using @kvm and
149487bdSSean Christopherson * will fail miserably if the refcount unexpectedly hits zero.
149487bdSSean Christopherson */
149487bdSSean Christophersonvoid kvm_put_kvm_no_destroy(struct kvm *kvm)
149487bdSSean Christopherson{
149487bdSSean Christopherson	WARN_ON(refcount_dec_and_test(&kvm->users_count));
149487bdSSean Christopherson}
149487bdSSean ChristophersonEXPORT_SYMBOL_GPL(kvm_put_kvm_no_destroy);
d39f13b0SIzik Eidus
0fce5623SAvi Kivitystatic int kvm_vm_release(struct inode *inode, struct file *filp)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	struct kvm *kvm = filp->private_data;
0fce5623SAvi Kivity
721eecbfSGregory Haskins	kvm_irqfd_release(kvm);
721eecbfSGregory Haskins
d39f13b0SIzik Eidus	kvm_put_kvm(kvm);
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
515a0127STakuya Yoshikawa/*
515a0127STakuya Yoshikawa * Allocation size is twice as large as the actual dirty bitmap size.
0dff0846SSean Christopherson * See kvm_vm_ioctl_get_dirty_log() why this is needed.
515a0127STakuya Yoshikawa */
3c9bd400SJay Zhoustatic int kvm_alloc_dirty_bitmap(struct kvm_memory_slot *memslot)
a36a57b1STakuya Yoshikawa{
37b2a651SPaolo Bonzini	unsigned long dirty_bytes = kvm_dirty_bitmap_bytes(memslot);
a36a57b1STakuya Yoshikawa
37b2a651SPaolo Bonzini	memslot->dirty_bitmap = __vcalloc(2, dirty_bytes, GFP_KERNEL_ACCOUNT);
a36a57b1STakuya Yoshikawa	if (!memslot->dirty_bitmap)
a36a57b1STakuya Yoshikawa		return -ENOMEM;
a36a57b1STakuya Yoshikawa
a36a57b1STakuya Yoshikawa	return 0;
a36a57b1STakuya Yoshikawa}
a36a57b1STakuya Yoshikawa
a54d8066SMaciej S. Szmigierostatic struct kvm_memslots *kvm_get_inactive_memslots(struct kvm *kvm, int as_id)
bf3e05bcSXiao Guangrong{
a54d8066SMaciej S. Szmigiero	struct kvm_memslots *active = __kvm_memslots(kvm, as_id);
a54d8066SMaciej S. Szmigiero	int node_idx_inactive = active->node_idx ^ 1;
bf3e05bcSXiao Guangrong
a54d8066SMaciej S. Szmigiero	return &kvm->__memslots[as_id][node_idx_inactive];
8593176cSPaolo Bonzini}
efbeec70SPaolo Bonzini
efbeec70SPaolo Bonzini/*
a54d8066SMaciej S. Szmigiero * Helper to get the address space ID when one of memslot pointers may be NULL.
a54d8066SMaciej S. Szmigiero * This also serves as a sanity that at least one of the pointers is non-NULL,
a54d8066SMaciej S. Szmigiero * and that their address space IDs don't diverge.
efbeec70SPaolo Bonzini */
a54d8066SMaciej S. Szmigierostatic int kvm_memslots_get_as_id(struct kvm_memory_slot *a,
a54d8066SMaciej S. Szmigiero				  struct kvm_memory_slot *b)
0577d1abSSean Christopherson{
a54d8066SMaciej S. Szmigiero	if (WARN_ON_ONCE(!a && !b))
a54d8066SMaciej S. Szmigiero		return 0;
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	if (!a)
a54d8066SMaciej S. Szmigiero		return b->as_id;
a54d8066SMaciej S. Szmigiero	if (!b)
a54d8066SMaciej S. Szmigiero		return a->as_id;
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	WARN_ON_ONCE(a->as_id != b->as_id);
a54d8066SMaciej S. Szmigiero	return a->as_id;
0577d1abSSean Christopherson}
0577d1abSSean Christopherson
a54d8066SMaciej S. Szmigierostatic void kvm_insert_gfn_node(struct kvm_memslots *slots,
a54d8066SMaciej S. Szmigiero				struct kvm_memory_slot *slot)
0577d1abSSean Christopherson{
a54d8066SMaciej S. Szmigiero	struct rb_root *gfn_tree = &slots->gfn_tree;
a54d8066SMaciej S. Szmigiero	struct rb_node **node, *parent;
a54d8066SMaciej S. Szmigiero	int idx = slots->node_idx;
0577d1abSSean Christopherson
a54d8066SMaciej S. Szmigiero	parent = NULL;
a54d8066SMaciej S. Szmigiero	for (node = &gfn_tree->rb_node; *node; ) {
a54d8066SMaciej S. Szmigiero		struct kvm_memory_slot *tmp;
0577d1abSSean Christopherson
a54d8066SMaciej S. Szmigiero		tmp = container_of(*node, struct kvm_memory_slot, gfn_node[idx]);
a54d8066SMaciej S. Szmigiero		parent = *node;
a54d8066SMaciej S. Szmigiero		if (slot->base_gfn < tmp->base_gfn)
a54d8066SMaciej S. Szmigiero			node = &(*node)->rb_left;
a54d8066SMaciej S. Szmigiero		else if (slot->base_gfn > tmp->base_gfn)
a54d8066SMaciej S. Szmigiero			node = &(*node)->rb_right;
0577d1abSSean Christopherson		else
a54d8066SMaciej S. Szmigiero			BUG();
a54d8066SMaciej S. Szmigiero	}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	rb_link_node(&slot->gfn_node[idx], parent, node);
a54d8066SMaciej S. Szmigiero	rb_insert_color(&slot->gfn_node[idx], gfn_tree);
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigierostatic void kvm_erase_gfn_node(struct kvm_memslots *slots,
a54d8066SMaciej S. Szmigiero			       struct kvm_memory_slot *slot)
a54d8066SMaciej S. Szmigiero{
a54d8066SMaciej S. Szmigiero	rb_erase(&slot->gfn_node[slots->node_idx], &slots->gfn_tree);
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigierostatic void kvm_replace_gfn_node(struct kvm_memslots *slots,
26b8345aSMaciej S. Szmigiero				 struct kvm_memory_slot *old,
26b8345aSMaciej S. Szmigiero				 struct kvm_memory_slot *new)
26b8345aSMaciej S. Szmigiero{
a54d8066SMaciej S. Szmigiero	int idx = slots->node_idx;
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	WARN_ON_ONCE(old->base_gfn != new->base_gfn);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	rb_replace_node(&old->gfn_node[idx], &new->gfn_node[idx],
a54d8066SMaciej S. Szmigiero			&slots->gfn_tree);
a54d8066SMaciej S. Szmigiero}
0577d1abSSean Christopherson
0577d1abSSean Christopherson/*
a54d8066SMaciej S. Szmigiero * Replace @old with @new in the inactive memslots.
a54d8066SMaciej S. Szmigiero *
a54d8066SMaciej S. Szmigiero * With NULL @old this simply adds @new.
a54d8066SMaciej S. Szmigiero * With NULL @new this simply removes @old.
a54d8066SMaciej S. Szmigiero *
a54d8066SMaciej S. Szmigiero * If @new is non-NULL its hva_node[slots_idx] range has to be set
a54d8066SMaciej S. Szmigiero * appropriately.
0577d1abSSean Christopherson */
a54d8066SMaciej S. Szmigierostatic void kvm_replace_memslot(struct kvm *kvm,
a54d8066SMaciej S. Szmigiero				struct kvm_memory_slot *old,
a54d8066SMaciej S. Szmigiero				struct kvm_memory_slot *new)
a54d8066SMaciej S. Szmigiero{
a54d8066SMaciej S. Szmigiero	int as_id = kvm_memslots_get_as_id(old, new);
a54d8066SMaciej S. Szmigiero	struct kvm_memslots *slots = kvm_get_inactive_memslots(kvm, as_id);
a54d8066SMaciej S. Szmigiero	int idx = slots->node_idx;
a54d8066SMaciej S. Szmigiero
26b8345aSMaciej S. Szmigiero	if (old) {
a54d8066SMaciej S. Szmigiero		hash_del(&old->id_node[idx]);
a54d8066SMaciej S. Szmigiero		interval_tree_remove(&old->hva_node[idx], &slots->hva_tree);
26b8345aSMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero		if ((long)old == atomic_long_read(&slots->last_used_slot))
a54d8066SMaciej S. Szmigiero			atomic_long_set(&slots->last_used_slot, (long)new);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero		if (!new) {
a54d8066SMaciej S. Szmigiero			kvm_erase_gfn_node(slots, old);
26b8345aSMaciej S. Szmigiero			return;
a54d8066SMaciej S. Szmigiero		}
a54d8066SMaciej S. Szmigiero	}
26b8345aSMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * Initialize @new's hva range.  Do this even when replacing an @old
a54d8066SMaciej S. Szmigiero	 * slot, kvm_copy_memslot() deliberately does not touch node data.
a54d8066SMaciej S. Szmigiero	 */
a54d8066SMaciej S. Szmigiero	new->hva_node[idx].start = new->userspace_addr;
a54d8066SMaciej S. Szmigiero	new->hva_node[idx].last = new->userspace_addr +
ed922739SMaciej S. Szmigiero				  (new->npages << PAGE_SHIFT) - 1;
26b8345aSMaciej S. Szmigiero
0fce5623SAvi Kivity	/*
a54d8066SMaciej S. Szmigiero	 * (Re)Add the new memslot.  There is no O(1) interval_tree_replace(),
a54d8066SMaciej S. Szmigiero	 * hva_node needs to be swapped with remove+insert even though hva can't
a54d8066SMaciej S. Szmigiero	 * change when replacing an existing slot.
0fce5623SAvi Kivity	 */
a54d8066SMaciej S. Szmigiero	hash_add(slots->id_hash, &new->id_node[idx], new->id);
a54d8066SMaciej S. Szmigiero	interval_tree_insert(&new->hva_node[idx], &slots->hva_tree);
0fce5623SAvi Kivity
26b8345aSMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * If the memslot gfn is unchanged, rb_replace_node() can be used to
a54d8066SMaciej S. Szmigiero	 * switch the node in the gfn tree instead of removing the old and
a54d8066SMaciej S. Szmigiero	 * inserting the new as two separate operations. Replacement is a
a54d8066SMaciej S. Szmigiero	 * single O(1) operation versus two O(log(n)) operations for
a54d8066SMaciej S. Szmigiero	 * remove+insert.
26b8345aSMaciej S. Szmigiero	 */
a54d8066SMaciej S. Szmigiero	if (old && old->base_gfn == new->base_gfn) {
a54d8066SMaciej S. Szmigiero		kvm_replace_gfn_node(slots, old, new);
0577d1abSSean Christopherson	} else {
a54d8066SMaciej S. Szmigiero		if (old)
a54d8066SMaciej S. Szmigiero			kvm_erase_gfn_node(slots, old);
a54d8066SMaciej S. Szmigiero		kvm_insert_gfn_node(slots, new);
0577d1abSSean Christopherson	}
bf3e05bcSXiao Guangrong}
bf3e05bcSXiao Guangrong
09170a49SPaolo Bonzinistatic int check_memory_region_flags(const struct kvm_userspace_memory_region *mem)
a50d64d6SXiao Guangrong{
4d8b81abSXiao Guangrong	u32 valid_flags = KVM_MEM_LOG_DIRTY_PAGES;
4d8b81abSXiao Guangrong
0f8a4de3SChristoffer Dall#ifdef __KVM_HAVE_READONLY_MEM
4d8b81abSXiao Guangrong	valid_flags |= KVM_MEM_READONLY;
4d8b81abSXiao Guangrong#endif
4d8b81abSXiao Guangrong
4d8b81abSXiao Guangrong	if (mem->flags & ~valid_flags)
a50d64d6SXiao Guangrong		return -EINVAL;
a50d64d6SXiao Guangrong
a50d64d6SXiao Guangrong	return 0;
a50d64d6SXiao Guangrong}
a50d64d6SXiao Guangrong
a54d8066SMaciej S. Szmigierostatic void kvm_swap_active_memslots(struct kvm *kvm, int as_id)
7ec4fb44SGleb Natapov{
a54d8066SMaciej S. Szmigiero	struct kvm_memslots *slots = kvm_get_inactive_memslots(kvm, as_id);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	/* Grab the generation from the activate memslots. */
a54d8066SMaciej S. Szmigiero	u64 gen = __kvm_memslots(kvm, as_id)->generation;
7ec4fb44SGleb Natapov
361209e0SSean Christopherson	WARN_ON(gen & KVM_MEMSLOT_GEN_UPDATE_IN_PROGRESS);
361209e0SSean Christopherson	slots->generation = gen | KVM_MEMSLOT_GEN_UPDATE_IN_PROGRESS;
ee3d1570SDavid Matlack
52ac8b35SPaolo Bonzini	/*
52ac8b35SPaolo Bonzini	 * Do not store the new memslots while there are invalidations in
071064f1SPaolo Bonzini	 * progress, otherwise the locking in invalidate_range_start and
071064f1SPaolo Bonzini	 * invalidate_range_end will be unbalanced.
52ac8b35SPaolo Bonzini	 */
52ac8b35SPaolo Bonzini	spin_lock(&kvm->mn_invalidate_lock);
52ac8b35SPaolo Bonzini	prepare_to_rcuwait(&kvm->mn_memslots_update_rcuwait);
52ac8b35SPaolo Bonzini	while (kvm->mn_active_invalidate_count) {
52ac8b35SPaolo Bonzini		set_current_state(TASK_UNINTERRUPTIBLE);
52ac8b35SPaolo Bonzini		spin_unlock(&kvm->mn_invalidate_lock);
52ac8b35SPaolo Bonzini		schedule();
52ac8b35SPaolo Bonzini		spin_lock(&kvm->mn_invalidate_lock);
52ac8b35SPaolo Bonzini	}
52ac8b35SPaolo Bonzini	finish_rcuwait(&kvm->mn_memslots_update_rcuwait);
f481b069SPaolo Bonzini	rcu_assign_pointer(kvm->memslots[as_id], slots);
52ac8b35SPaolo Bonzini	spin_unlock(&kvm->mn_invalidate_lock);
b10a038eSBen Gardon
b10a038eSBen Gardon	/*
b10a038eSBen Gardon	 * Acquired in kvm_set_memslot. Must be released before synchronize
b10a038eSBen Gardon	 * SRCU below in order to avoid deadlock with another thread
b10a038eSBen Gardon	 * acquiring the slots_arch_lock in an srcu critical section.
b10a038eSBen Gardon	 */
b10a038eSBen Gardon	mutex_unlock(&kvm->slots_arch_lock);
b10a038eSBen Gardon
7ec4fb44SGleb Natapov	synchronize_srcu_expedited(&kvm->srcu);
e59dbe09STakuya Yoshikawa
ee3d1570SDavid Matlack	/*
361209e0SSean Christopherson	 * Increment the new memslot generation a second time, dropping the
00116795SMiaohe Lin	 * update in-progress flag and incrementing the generation based on
361209e0SSean Christopherson	 * the number of address spaces.  This provides a unique and easily
361209e0SSean Christopherson	 * identifiable generation number while the memslots are in flux.
361209e0SSean Christopherson	 */
361209e0SSean Christopherson	gen = slots->generation & ~KVM_MEMSLOT_GEN_UPDATE_IN_PROGRESS;
361209e0SSean Christopherson
361209e0SSean Christopherson	/*
4bd518f1SPaolo Bonzini	 * Generations must be unique even across address spaces.  We do not need
4bd518f1SPaolo Bonzini	 * a global counter for that, instead the generation space is evenly split
4bd518f1SPaolo Bonzini	 * across address spaces.  For example, with two address spaces, address
164bf7e5SSean Christopherson	 * space 0 will use generations 0, 2, 4, ... while address space 1 will
164bf7e5SSean Christopherson	 * use generations 1, 3, 5, ...
ee3d1570SDavid Matlack	 */
164bf7e5SSean Christopherson	gen += KVM_ADDRESS_SPACE_NUM;
ee3d1570SDavid Matlack
15248258SSean Christopherson	kvm_arch_memslots_updated(kvm, gen);
15248258SSean Christopherson
15248258SSean Christopherson	slots->generation = gen;
7ec4fb44SGleb Natapov}
7ec4fb44SGleb Natapov
07921665SSean Christophersonstatic int kvm_prepare_memory_region(struct kvm *kvm,
07921665SSean Christopherson				     const struct kvm_memory_slot *old,
07921665SSean Christopherson				     struct kvm_memory_slot *new,
36947254SSean Christopherson				     enum kvm_mr_change change)
36947254SSean Christopherson{
cf47f50bSSean Christopherson	int r;
cf47f50bSSean Christopherson
b10a038eSBen Gardon	/*
07921665SSean Christopherson	 * If dirty logging is disabled, nullify the bitmap; the old bitmap
07921665SSean Christopherson	 * will be freed on "commit".  If logging is enabled in both old and
07921665SSean Christopherson	 * new, reuse the existing bitmap.  If logging is enabled only in the
07921665SSean Christopherson	 * new and KVM isn't using a ring buffer, allocate and initialize a
07921665SSean Christopherson	 * new bitmap.
07921665SSean Christopherson	 */
244893faSSean Christopherson	if (change != KVM_MR_DELETE) {
07921665SSean Christopherson		if (!(new->flags & KVM_MEM_LOG_DIRTY_PAGES))
07921665SSean Christopherson			new->dirty_bitmap = NULL;
244893faSSean Christopherson		else if (old && old->dirty_bitmap)
07921665SSean Christopherson			new->dirty_bitmap = old->dirty_bitmap;
86bdf3ebSGavin Shan		else if (kvm_use_dirty_bitmap(kvm)) {
07921665SSean Christopherson			r = kvm_alloc_dirty_bitmap(new);
07921665SSean Christopherson			if (r)
07921665SSean Christopherson				return r;
07921665SSean Christopherson
07921665SSean Christopherson			if (kvm_dirty_log_manual_protect_and_init_set(kvm))
07921665SSean Christopherson				bitmap_set(new->dirty_bitmap, 0, new->npages);
07921665SSean Christopherson		}
244893faSSean Christopherson	}
07921665SSean Christopherson
07921665SSean Christopherson	r = kvm_arch_prepare_memory_region(kvm, old, new, change);
07921665SSean Christopherson
07921665SSean Christopherson	/* Free the bitmap on failure if it was allocated above. */
c87661f8SSean Christopherson	if (r && new && new->dirty_bitmap && (!old || !old->dirty_bitmap))
07921665SSean Christopherson		kvm_destroy_dirty_bitmap(new);
07921665SSean Christopherson
07921665SSean Christopherson	return r;
07921665SSean Christopherson}
07921665SSean Christopherson
07921665SSean Christophersonstatic void kvm_commit_memory_region(struct kvm *kvm,
07921665SSean Christopherson				     struct kvm_memory_slot *old,
07921665SSean Christopherson				     const struct kvm_memory_slot *new,
07921665SSean Christopherson				     enum kvm_mr_change change)
07921665SSean Christopherson{
6c7b2202SPaolo Bonzini	int old_flags = old ? old->flags : 0;
6c7b2202SPaolo Bonzini	int new_flags = new ? new->flags : 0;
07921665SSean Christopherson	/*
07921665SSean Christopherson	 * Update the total number of memslot pages before calling the arch
07921665SSean Christopherson	 * hook so that architectures can consume the result directly.
07921665SSean Christopherson	 */
07921665SSean Christopherson	if (change == KVM_MR_DELETE)
07921665SSean Christopherson		kvm->nr_memslot_pages -= old->npages;
07921665SSean Christopherson	else if (change == KVM_MR_CREATE)
07921665SSean Christopherson		kvm->nr_memslot_pages += new->npages;
07921665SSean Christopherson
6c7b2202SPaolo Bonzini	if ((old_flags ^ new_flags) & KVM_MEM_LOG_DIRTY_PAGES) {
6c7b2202SPaolo Bonzini		int change = (new_flags & KVM_MEM_LOG_DIRTY_PAGES) ? 1 : -1;
6c7b2202SPaolo Bonzini		atomic_set(&kvm->nr_memslots_dirty_logging,
6c7b2202SPaolo Bonzini			   atomic_read(&kvm->nr_memslots_dirty_logging) + change);
6c7b2202SPaolo Bonzini	}
6c7b2202SPaolo Bonzini
07921665SSean Christopherson	kvm_arch_commit_memory_region(kvm, old, new, change);
07921665SSean Christopherson
a54d8066SMaciej S. Szmigiero	switch (change) {
a54d8066SMaciej S. Szmigiero	case KVM_MR_CREATE:
a54d8066SMaciej S. Szmigiero		/* Nothing more to do. */
a54d8066SMaciej S. Szmigiero		break;
a54d8066SMaciej S. Szmigiero	case KVM_MR_DELETE:
a54d8066SMaciej S. Szmigiero		/* Free the old memslot and all its metadata. */
07921665SSean Christopherson		kvm_free_memslot(kvm, old);
a54d8066SMaciej S. Szmigiero		break;
a54d8066SMaciej S. Szmigiero	case KVM_MR_MOVE:
a54d8066SMaciej S. Szmigiero	case KVM_MR_FLAGS_ONLY:
a54d8066SMaciej S. Szmigiero		/*
a54d8066SMaciej S. Szmigiero		 * Free the dirty bitmap as needed; the below check encompasses
a54d8066SMaciej S. Szmigiero		 * both the flags and whether a ring buffer is being used)
a54d8066SMaciej S. Szmigiero		 */
a54d8066SMaciej S. Szmigiero		if (old->dirty_bitmap && !new->dirty_bitmap)
07921665SSean Christopherson			kvm_destroy_dirty_bitmap(old);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero		/*
a54d8066SMaciej S. Szmigiero		 * The final quirk.  Free the detached, old slot, but only its
a54d8066SMaciej S. Szmigiero		 * memory, not any metadata.  Metadata, including arch specific
a54d8066SMaciej S. Szmigiero		 * data, may be reused by @new.
a54d8066SMaciej S. Szmigiero		 */
a54d8066SMaciej S. Szmigiero		kfree(old);
a54d8066SMaciej S. Szmigiero		break;
a54d8066SMaciej S. Szmigiero	default:
a54d8066SMaciej S. Szmigiero		BUG();
a54d8066SMaciej S. Szmigiero	}
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero/*
a54d8066SMaciej S. Szmigiero * Activate @new, which must be installed in the inactive slots by the caller,
a54d8066SMaciej S. Szmigiero * by swapping the active slots and then propagating @new to @old once @old is
a54d8066SMaciej S. Szmigiero * unreachable and can be safely modified.
a54d8066SMaciej S. Szmigiero *
a54d8066SMaciej S. Szmigiero * With NULL @old this simply adds @new to @active (while swapping the sets).
a54d8066SMaciej S. Szmigiero * With NULL @new this simply removes @old from @active and frees it
a54d8066SMaciej S. Szmigiero * (while also swapping the sets).
a54d8066SMaciej S. Szmigiero */
a54d8066SMaciej S. Szmigierostatic void kvm_activate_memslot(struct kvm *kvm,
a54d8066SMaciej S. Szmigiero				 struct kvm_memory_slot *old,
a54d8066SMaciej S. Szmigiero				 struct kvm_memory_slot *new)
a54d8066SMaciej S. Szmigiero{
a54d8066SMaciej S. Szmigiero	int as_id = kvm_memslots_get_as_id(old, new);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	kvm_swap_active_memslots(kvm, as_id);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	/* Propagate the new memslot to the now inactive memslots. */
a54d8066SMaciej S. Szmigiero	kvm_replace_memslot(kvm, old, new);
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigierostatic void kvm_copy_memslot(struct kvm_memory_slot *dest,
a54d8066SMaciej S. Szmigiero			     const struct kvm_memory_slot *src)
a54d8066SMaciej S. Szmigiero{
a54d8066SMaciej S. Szmigiero	dest->base_gfn = src->base_gfn;
a54d8066SMaciej S. Szmigiero	dest->npages = src->npages;
a54d8066SMaciej S. Szmigiero	dest->dirty_bitmap = src->dirty_bitmap;
a54d8066SMaciej S. Szmigiero	dest->arch = src->arch;
a54d8066SMaciej S. Szmigiero	dest->userspace_addr = src->userspace_addr;
a54d8066SMaciej S. Szmigiero	dest->flags = src->flags;
a54d8066SMaciej S. Szmigiero	dest->id = src->id;
a54d8066SMaciej S. Szmigiero	dest->as_id = src->as_id;
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigierostatic void kvm_invalidate_memslot(struct kvm *kvm,
a54d8066SMaciej S. Szmigiero				   struct kvm_memory_slot *old,
244893faSSean Christopherson				   struct kvm_memory_slot *invalid_slot)
a54d8066SMaciej S. Szmigiero{
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * Mark the current slot INVALID.  As with all memslot modifications,
a54d8066SMaciej S. Szmigiero	 * this must be done on an unreachable slot to avoid modifying the
a54d8066SMaciej S. Szmigiero	 * current slot in the active tree.
a54d8066SMaciej S. Szmigiero	 */
244893faSSean Christopherson	kvm_copy_memslot(invalid_slot, old);
244893faSSean Christopherson	invalid_slot->flags |= KVM_MEMSLOT_INVALID;
244893faSSean Christopherson	kvm_replace_memslot(kvm, old, invalid_slot);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * Activate the slot that is now marked INVALID, but don't propagate
a54d8066SMaciej S. Szmigiero	 * the slot to the now inactive slots. The slot is either going to be
a54d8066SMaciej S. Szmigiero	 * deleted or recreated as a new slot.
a54d8066SMaciej S. Szmigiero	 */
a54d8066SMaciej S. Szmigiero	kvm_swap_active_memslots(kvm, old->as_id);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * From this point no new shadow pages pointing to a deleted, or moved,
a54d8066SMaciej S. Szmigiero	 * memslot will be created.  Validation of sp->gfn happens in:
a54d8066SMaciej S. Szmigiero	 *	- gfn_to_hva (kvm_read_guest, gfn_to_pfn)
a54d8066SMaciej S. Szmigiero	 *	- kvm_is_visible_gfn (mmu_check_root)
a54d8066SMaciej S. Szmigiero	 */
bcb63dcdSMaciej S. Szmigiero	kvm_arch_flush_shadow_memslot(kvm, old);
683412ccSMingwei Zhang	kvm_arch_guest_memory_reclaimed(kvm);
a54d8066SMaciej S. Szmigiero
b0d23708SJun Miao	/* Was released by kvm_swap_active_memslots(), reacquire. */
a54d8066SMaciej S. Szmigiero	mutex_lock(&kvm->slots_arch_lock);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * Copy the arch-specific field of the newly-installed slot back to the
a54d8066SMaciej S. Szmigiero	 * old slot as the arch data could have changed between releasing
b0d23708SJun Miao	 * slots_arch_lock in kvm_swap_active_memslots() and re-acquiring the lock
a54d8066SMaciej S. Szmigiero	 * above.  Writers are required to retrieve memslots *after* acquiring
a54d8066SMaciej S. Szmigiero	 * slots_arch_lock, thus the active slot's data is guaranteed to be fresh.
a54d8066SMaciej S. Szmigiero	 */
244893faSSean Christopherson	old->arch = invalid_slot->arch;
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigierostatic void kvm_create_memslot(struct kvm *kvm,
244893faSSean Christopherson			       struct kvm_memory_slot *new)
a54d8066SMaciej S. Szmigiero{
244893faSSean Christopherson	/* Add the new memslot to the inactive set and activate. */
244893faSSean Christopherson	kvm_replace_memslot(kvm, NULL, new);
244893faSSean Christopherson	kvm_activate_memslot(kvm, NULL, new);
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigierostatic void kvm_delete_memslot(struct kvm *kvm,
a54d8066SMaciej S. Szmigiero			       struct kvm_memory_slot *old,
a54d8066SMaciej S. Szmigiero			       struct kvm_memory_slot *invalid_slot)
a54d8066SMaciej S. Szmigiero{
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * Remove the old memslot (in the inactive memslots) by passing NULL as
244893faSSean Christopherson	 * the "new" slot, and for the invalid version in the active slots.
a54d8066SMaciej S. Szmigiero	 */
a54d8066SMaciej S. Szmigiero	kvm_replace_memslot(kvm, old, NULL);
a54d8066SMaciej S. Szmigiero	kvm_activate_memslot(kvm, invalid_slot, NULL);
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
244893faSSean Christophersonstatic void kvm_move_memslot(struct kvm *kvm,
a54d8066SMaciej S. Szmigiero			     struct kvm_memory_slot *old,
244893faSSean Christopherson			     struct kvm_memory_slot *new,
a54d8066SMaciej S. Szmigiero			     struct kvm_memory_slot *invalid_slot)
a54d8066SMaciej S. Szmigiero{
a54d8066SMaciej S. Szmigiero	/*
244893faSSean Christopherson	 * Replace the old memslot in the inactive slots, and then swap slots
244893faSSean Christopherson	 * and replace the current INVALID with the new as well.
a54d8066SMaciej S. Szmigiero	 */
244893faSSean Christopherson	kvm_replace_memslot(kvm, old, new);
244893faSSean Christopherson	kvm_activate_memslot(kvm, invalid_slot, new);
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigierostatic void kvm_update_flags_memslot(struct kvm *kvm,
a54d8066SMaciej S. Szmigiero				     struct kvm_memory_slot *old,
244893faSSean Christopherson				     struct kvm_memory_slot *new)
a54d8066SMaciej S. Szmigiero{
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * Similar to the MOVE case, but the slot doesn't need to be zapped as
a54d8066SMaciej S. Szmigiero	 * an intermediate step. Instead, the old memslot is simply replaced
a54d8066SMaciej S. Szmigiero	 * with a new, updated copy in both memslot sets.
a54d8066SMaciej S. Szmigiero	 */
244893faSSean Christopherson	kvm_replace_memslot(kvm, old, new);
244893faSSean Christopherson	kvm_activate_memslot(kvm, old, new);
07921665SSean Christopherson}
07921665SSean Christopherson
cf47f50bSSean Christophersonstatic int kvm_set_memslot(struct kvm *kvm,
a54d8066SMaciej S. Szmigiero			   struct kvm_memory_slot *old,
ce5f0215SSean Christopherson			   struct kvm_memory_slot *new,
cf47f50bSSean Christopherson			   enum kvm_mr_change change)
cf47f50bSSean Christopherson{
244893faSSean Christopherson	struct kvm_memory_slot *invalid_slot;
cf47f50bSSean Christopherson	int r;
cf47f50bSSean Christopherson
b10a038eSBen Gardon	/*
b0d23708SJun Miao	 * Released in kvm_swap_active_memslots().
b10a038eSBen Gardon	 *
b0d23708SJun Miao	 * Must be held from before the current memslots are copied until after
b0d23708SJun Miao	 * the new memslots are installed with rcu_assign_pointer, then
b0d23708SJun Miao	 * released before the synchronize srcu in kvm_swap_active_memslots().
b10a038eSBen Gardon	 *
b10a038eSBen Gardon	 * When modifying memslots outside of the slots_lock, must be held
b10a038eSBen Gardon	 * before reading the pointer to the current memslots until after all
b10a038eSBen Gardon	 * changes to those memslots are complete.
b10a038eSBen Gardon	 *
b10a038eSBen Gardon	 * These rules ensure that installing new memslots does not lose
b10a038eSBen Gardon	 * changes made to the previous memslots.
b10a038eSBen Gardon	 */
b10a038eSBen Gardon	mutex_lock(&kvm->slots_arch_lock);
b10a038eSBen Gardon
cf47f50bSSean Christopherson	/*
a54d8066SMaciej S. Szmigiero	 * Invalidate the old slot if it's being deleted or moved.  This is
a54d8066SMaciej S. Szmigiero	 * done prior to actually deleting/moving the memslot to allow vCPUs to
a54d8066SMaciej S. Szmigiero	 * continue running by ensuring there are no mappings or shadow pages
a54d8066SMaciej S. Szmigiero	 * for the memslot when it is deleted/moved.  Without pre-invalidation
a54d8066SMaciej S. Szmigiero	 * (and without a lock), a window would exist between effecting the
a54d8066SMaciej S. Szmigiero	 * delete/move and committing the changes in arch code where KVM or a
a54d8066SMaciej S. Szmigiero	 * guest could access a non-existent memslot.
244893faSSean Christopherson	 *
244893faSSean Christopherson	 * Modifications are done on a temporary, unreachable slot.  The old
244893faSSean Christopherson	 * slot needs to be preserved in case a later step fails and the
244893faSSean Christopherson	 * invalidation needs to be reverted.
cf47f50bSSean Christopherson	 */
244893faSSean Christopherson	if (change == KVM_MR_DELETE || change == KVM_MR_MOVE) {
244893faSSean Christopherson		invalid_slot = kzalloc(sizeof(*invalid_slot), GFP_KERNEL_ACCOUNT);
244893faSSean Christopherson		if (!invalid_slot) {
cf47f50bSSean Christopherson			mutex_unlock(&kvm->slots_arch_lock);
cf47f50bSSean Christopherson			return -ENOMEM;
cf47f50bSSean Christopherson		}
244893faSSean Christopherson		kvm_invalidate_memslot(kvm, old, invalid_slot);
cf47f50bSSean Christopherson	}
cf47f50bSSean Christopherson
a54d8066SMaciej S. Szmigiero	r = kvm_prepare_memory_region(kvm, old, new, change);
a54d8066SMaciej S. Szmigiero	if (r) {
bda44d84SSean Christopherson		/*
a54d8066SMaciej S. Szmigiero		 * For DELETE/MOVE, revert the above INVALID change.  No
a54d8066SMaciej S. Szmigiero		 * modifications required since the original slot was preserved
a54d8066SMaciej S. Szmigiero		 * in the inactive slots.  Changing the active memslots also
a54d8066SMaciej S. Szmigiero		 * release slots_arch_lock.
bda44d84SSean Christopherson		 */
b10a038eSBen Gardon		if (change == KVM_MR_DELETE || change == KVM_MR_MOVE) {
244893faSSean Christopherson			kvm_activate_memslot(kvm, invalid_slot, old);
244893faSSean Christopherson			kfree(invalid_slot);
b10a038eSBen Gardon		} else {
b10a038eSBen Gardon			mutex_unlock(&kvm->slots_arch_lock);
b10a038eSBen Gardon		}
cf47f50bSSean Christopherson		return r;
cf47f50bSSean Christopherson	}
cf47f50bSSean Christopherson
9e9eb226SPeter Xu	/*
a54d8066SMaciej S. Szmigiero	 * For DELETE and MOVE, the working slot is now active as the INVALID
a54d8066SMaciej S. Szmigiero	 * version of the old slot.  MOVE is particularly special as it reuses
a54d8066SMaciej S. Szmigiero	 * the old slot and returns a copy of the old slot (in working_slot).
a54d8066SMaciej S. Szmigiero	 * For CREATE, there is no old slot.  For DELETE and FLAGS_ONLY, the
a54d8066SMaciej S. Szmigiero	 * old slot is detached but otherwise preserved.
9e9eb226SPeter Xu	 */
a54d8066SMaciej S. Szmigiero	if (change == KVM_MR_CREATE)
244893faSSean Christopherson		kvm_create_memslot(kvm, new);
a54d8066SMaciej S. Szmigiero	else if (change == KVM_MR_DELETE)
244893faSSean Christopherson		kvm_delete_memslot(kvm, old, invalid_slot);
a54d8066SMaciej S. Szmigiero	else if (change == KVM_MR_MOVE)
244893faSSean Christopherson		kvm_move_memslot(kvm, old, new, invalid_slot);
a54d8066SMaciej S. Szmigiero	else if (change == KVM_MR_FLAGS_ONLY)
244893faSSean Christopherson		kvm_update_flags_memslot(kvm, old, new);
a54d8066SMaciej S. Szmigiero	else
a54d8066SMaciej S. Szmigiero		BUG();
5c0b4f3dSSean Christopherson
244893faSSean Christopherson	/* Free the temporary INVALID slot used for DELETE and MOVE. */
244893faSSean Christopherson	if (change == KVM_MR_DELETE || change == KVM_MR_MOVE)
244893faSSean Christopherson		kfree(invalid_slot);
244893faSSean Christopherson
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * No need to refresh new->arch, changes after dropping slots_arch_lock
a413a625STom Rix	 * will directly hit the final, active memslot.  Architectures are
a54d8066SMaciej S. Szmigiero	 * responsible for knowing that new->arch may be stale.
a54d8066SMaciej S. Szmigiero	 */
a54d8066SMaciej S. Szmigiero	kvm_commit_memory_region(kvm, old, new, change);
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	return 0;
a54d8066SMaciej S. Szmigiero}
a54d8066SMaciej S. Szmigiero
44401a20SMaciej S. Szmigierostatic bool kvm_check_memslot_overlap(struct kvm_memslots *slots, int id,
44401a20SMaciej S. Szmigiero				      gfn_t start, gfn_t end)
44401a20SMaciej S. Szmigiero{
44401a20SMaciej S. Szmigiero	struct kvm_memslot_iter iter;
44401a20SMaciej S. Szmigiero
44401a20SMaciej S. Szmigiero	kvm_for_each_memslot_in_gfn_range(&iter, slots, start, end) {
44401a20SMaciej S. Szmigiero		if (iter.slot->id != id)
44401a20SMaciej S. Szmigiero			return true;
44401a20SMaciej S. Szmigiero	}
44401a20SMaciej S. Szmigiero
44401a20SMaciej S. Szmigiero	return false;
5c0b4f3dSSean Christopherson}
5c0b4f3dSSean Christopherson
0fce5623SAvi Kivity/*
0fce5623SAvi Kivity * Allocate some memory and give it an address in the guest physical address
0fce5623SAvi Kivity * space.
0fce5623SAvi Kivity *
0fce5623SAvi Kivity * Discontiguous memory is allowed, mostly for framebuffers.
0fce5623SAvi Kivity *
02d5d55bSDominik Dingel * Must be called holding kvm->slots_lock for write.
0fce5623SAvi Kivity */
0fce5623SAvi Kivityint __kvm_set_memory_region(struct kvm *kvm,
09170a49SPaolo Bonzini			    const struct kvm_userspace_memory_region *mem)
0fce5623SAvi Kivity{
244893faSSean Christopherson	struct kvm_memory_slot *old, *new;
44401a20SMaciej S. Szmigiero	struct kvm_memslots *slots;
f64c0398STakuya Yoshikawa	enum kvm_mr_change change;
0f9bdef3SSean Christopherson	unsigned long npages;
0f9bdef3SSean Christopherson	gfn_t base_gfn;
163da372SSean Christopherson	int as_id, id;
163da372SSean Christopherson	int r;
0fce5623SAvi Kivity
a50d64d6SXiao Guangrong	r = check_memory_region_flags(mem);
a50d64d6SXiao Guangrong	if (r)
71a4c30bSSean Christopherson		return r;
a50d64d6SXiao Guangrong
f481b069SPaolo Bonzini	as_id = mem->slot >> 16;
f481b069SPaolo Bonzini	id = (u16)mem->slot;
f481b069SPaolo Bonzini
0fce5623SAvi Kivity	/* General sanity checks */
6b285a55SSean Christopherson	if ((mem->memory_size & (PAGE_SIZE - 1)) ||
6b285a55SSean Christopherson	    (mem->memory_size != (unsigned long)mem->memory_size))
71a4c30bSSean Christopherson		return -EINVAL;
0fce5623SAvi Kivity	if (mem->guest_phys_addr & (PAGE_SIZE - 1))
71a4c30bSSean Christopherson		return -EINVAL;
fa3d315aSTakuya Yoshikawa	/* We can read the guest memory with __xxx_user() later on. */
09d952c9SPaolo Bonzini	if ((mem->userspace_addr & (PAGE_SIZE - 1)) ||
139bc8a6SMarc Zyngier	    (mem->userspace_addr != untagged_addr(mem->userspace_addr)) ||
96d4f267SLinus Torvalds	     !access_ok((void __user *)(unsigned long)mem->userspace_addr,
09d952c9SPaolo Bonzini			mem->memory_size))
71a4c30bSSean Christopherson		return -EINVAL;
f481b069SPaolo Bonzini	if (as_id >= KVM_ADDRESS_SPACE_NUM || id >= KVM_MEM_SLOTS_NUM)
71a4c30bSSean Christopherson		return -EINVAL;
0fce5623SAvi Kivity	if (mem->guest_phys_addr + mem->memory_size < mem->guest_phys_addr)
71a4c30bSSean Christopherson		return -EINVAL;
0f9bdef3SSean Christopherson	if ((mem->memory_size >> PAGE_SHIFT) > KVM_MEM_MAX_NR_PAGES)
0f9bdef3SSean Christopherson		return -EINVAL;
0fce5623SAvi Kivity
44401a20SMaciej S. Szmigiero	slots = __kvm_memslots(kvm, as_id);
0fce5623SAvi Kivity
5c0b4f3dSSean Christopherson	/*
7cd08553SSean Christopherson	 * Note, the old memslot (and the pointer itself!) may be invalidated
7cd08553SSean Christopherson	 * and/or destroyed by kvm_set_memslot().
5c0b4f3dSSean Christopherson	 */
44401a20SMaciej S. Szmigiero	old = id_to_memslot(slots, id);
163da372SSean Christopherson
47ea7d90SSean Christopherson	if (!mem->memory_size) {
7cd08553SSean Christopherson		if (!old || !old->npages)
47ea7d90SSean Christopherson			return -EINVAL;
47ea7d90SSean Christopherson
7cd08553SSean Christopherson		if (WARN_ON_ONCE(kvm->nr_memslot_pages < old->npages))
47ea7d90SSean Christopherson			return -EIO;
47ea7d90SSean Christopherson
244893faSSean Christopherson		return kvm_set_memslot(kvm, old, NULL, KVM_MR_DELETE);
5c0b4f3dSSean Christopherson	}
5c0b4f3dSSean Christopherson
0f9bdef3SSean Christopherson	base_gfn = (mem->guest_phys_addr >> PAGE_SHIFT);
0f9bdef3SSean Christopherson	npages = (mem->memory_size >> PAGE_SHIFT);
5c0b4f3dSSean Christopherson
7cd08553SSean Christopherson	if (!old || !old->npages) {
f64c0398STakuya Yoshikawa		change = KVM_MR_CREATE;
afa319a5SSean Christopherson
afa319a5SSean Christopherson		/*
afa319a5SSean Christopherson		 * To simplify KVM internals, the total number of pages across
afa319a5SSean Christopherson		 * all memslots must fit in an unsigned long.
afa319a5SSean Christopherson		 */
0f9bdef3SSean Christopherson		if ((kvm->nr_memslot_pages + npages) < kvm->nr_memslot_pages)
afa319a5SSean Christopherson			return -EINVAL;
5c0b4f3dSSean Christopherson	} else { /* Modify an existing slot. */
0f9bdef3SSean Christopherson		if ((mem->userspace_addr != old->userspace_addr) ||
0f9bdef3SSean Christopherson		    (npages != old->npages) ||
0f9bdef3SSean Christopherson		    ((mem->flags ^ old->flags) & KVM_MEM_READONLY))
71a4c30bSSean Christopherson			return -EINVAL;
0fce5623SAvi Kivity
0f9bdef3SSean Christopherson		if (base_gfn != old->base_gfn)
f64c0398STakuya Yoshikawa			change = KVM_MR_MOVE;
0f9bdef3SSean Christopherson		else if (mem->flags != old->flags)
f64c0398STakuya Yoshikawa			change = KVM_MR_FLAGS_ONLY;
71a4c30bSSean Christopherson		else /* Nothing to change. */
71a4c30bSSean Christopherson			return 0;
f64c0398STakuya Yoshikawa	}
09170a49SPaolo Bonzini
44401a20SMaciej S. Szmigiero	if ((change == KVM_MR_CREATE || change == KVM_MR_MOVE) &&
0f9bdef3SSean Christopherson	    kvm_check_memslot_overlap(slots, id, base_gfn, base_gfn + npages))
71a4c30bSSean Christopherson		return -EEXIST;
0fce5623SAvi Kivity
244893faSSean Christopherson	/* Allocate a slot that will persist in the memslot. */
244893faSSean Christopherson	new = kzalloc(sizeof(*new), GFP_KERNEL_ACCOUNT);
244893faSSean Christopherson	if (!new)
244893faSSean Christopherson		return -ENOMEM;
0f9bdef3SSean Christopherson
244893faSSean Christopherson	new->as_id = as_id;
244893faSSean Christopherson	new->id = id;
244893faSSean Christopherson	new->base_gfn = base_gfn;
244893faSSean Christopherson	new->npages = npages;
244893faSSean Christopherson	new->flags = mem->flags;
244893faSSean Christopherson	new->userspace_addr = mem->userspace_addr;
244893faSSean Christopherson
244893faSSean Christopherson	r = kvm_set_memslot(kvm, old, new, change);
71a4c30bSSean Christopherson	if (r)
244893faSSean Christopherson		kfree(new);
0fce5623SAvi Kivity	return r;
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(__kvm_set_memory_region);
0fce5623SAvi Kivity
0fce5623SAvi Kivityint kvm_set_memory_region(struct kvm *kvm,
09170a49SPaolo Bonzini			  const struct kvm_userspace_memory_region *mem)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	int r;
0fce5623SAvi Kivity
79fac95eSMarcelo Tosatti	mutex_lock(&kvm->slots_lock);
47ae31e2STakuya Yoshikawa	r = __kvm_set_memory_region(kvm, mem);
79fac95eSMarcelo Tosatti	mutex_unlock(&kvm->slots_lock);
0fce5623SAvi Kivity	return r;
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_set_memory_region);
0fce5623SAvi Kivity
7940876eSStephen Hemmingerstatic int kvm_vm_ioctl_set_memory_region(struct kvm *kvm,
47ae31e2STakuya Yoshikawa					  struct kvm_userspace_memory_region *mem)
0fce5623SAvi Kivity{
f481b069SPaolo Bonzini	if ((u16)mem->slot >= KVM_USER_MEM_SLOTS)
0fce5623SAvi Kivity		return -EINVAL;
09170a49SPaolo Bonzini
47ae31e2STakuya Yoshikawa	return kvm_set_memory_region(kvm, mem);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
0dff0846SSean Christopherson#ifndef CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT
2a49f61dSSean Christopherson/**
2a49f61dSSean Christopherson * kvm_get_dirty_log - get a snapshot of dirty pages
2a49f61dSSean Christopherson * @kvm:	pointer to kvm instance
2a49f61dSSean Christopherson * @log:	slot id and address to which we copy the log
2a49f61dSSean Christopherson * @is_dirty:	set to '1' if any dirty pages were found
2a49f61dSSean Christopherson * @memslot:	set to the associated memslot, always valid on success
2a49f61dSSean Christopherson */
2a49f61dSSean Christophersonint kvm_get_dirty_log(struct kvm *kvm, struct kvm_dirty_log *log,
2a49f61dSSean Christopherson		      int *is_dirty, struct kvm_memory_slot **memslot)
0fce5623SAvi Kivity{
9f6b8029SPaolo Bonzini	struct kvm_memslots *slots;
843574a3SMarkus Elfring	int i, as_id, id;
87bf6e7dSTakuya Yoshikawa	unsigned long n;
0fce5623SAvi Kivity	unsigned long any = 0;
0fce5623SAvi Kivity
86bdf3ebSGavin Shan	/* Dirty ring tracking may be exclusive to dirty log tracking */
86bdf3ebSGavin Shan	if (!kvm_use_dirty_bitmap(kvm))
b2cc64c4SPeter Xu		return -ENXIO;
b2cc64c4SPeter Xu
2a49f61dSSean Christopherson	*memslot = NULL;
2a49f61dSSean Christopherson	*is_dirty = 0;
2a49f61dSSean Christopherson
f481b069SPaolo Bonzini	as_id = log->slot >> 16;
f481b069SPaolo Bonzini	id = (u16)log->slot;
f481b069SPaolo Bonzini	if (as_id >= KVM_ADDRESS_SPACE_NUM || id >= KVM_USER_MEM_SLOTS)
843574a3SMarkus Elfring		return -EINVAL;
0fce5623SAvi Kivity
f481b069SPaolo Bonzini	slots = __kvm_memslots(kvm, as_id);
2a49f61dSSean Christopherson	*memslot = id_to_memslot(slots, id);
0577d1abSSean Christopherson	if (!(*memslot) || !(*memslot)->dirty_bitmap)
843574a3SMarkus Elfring		return -ENOENT;
0fce5623SAvi Kivity
2a49f61dSSean Christopherson	kvm_arch_sync_dirty_log(kvm, *memslot);
2a49f61dSSean Christopherson
2a49f61dSSean Christopherson	n = kvm_dirty_bitmap_bytes(*memslot);
0fce5623SAvi Kivity
0fce5623SAvi Kivity	for (i = 0; !any && i < n/sizeof(long); ++i)
2a49f61dSSean Christopherson		any = (*memslot)->dirty_bitmap[i];
0fce5623SAvi Kivity
2a49f61dSSean Christopherson	if (copy_to_user(log->dirty_bitmap, (*memslot)->dirty_bitmap, n))
843574a3SMarkus Elfring		return -EFAULT;
0fce5623SAvi Kivity
0fce5623SAvi Kivity	if (any)
0fce5623SAvi Kivity		*is_dirty = 1;
843574a3SMarkus Elfring	return 0;
0fce5623SAvi Kivity}
2ba9f0d8SAneesh Kumar K.VEXPORT_SYMBOL_GPL(kvm_get_dirty_log);
0fce5623SAvi Kivity
0dff0846SSean Christopherson#else /* CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT */
ba0513b5SMario Smarduch/**
b8b00220SJiang Biao * kvm_get_dirty_log_protect - get a snapshot of dirty pages
2a31b9dbSPaolo Bonzini *	and reenable dirty page tracking for the corresponding pages.
ba0513b5SMario Smarduch * @kvm:	pointer to kvm instance
ba0513b5SMario Smarduch * @log:	slot id and address to which we copy the log
ba0513b5SMario Smarduch *
ba0513b5SMario Smarduch * We need to keep it in mind that VCPU threads can write to the bitmap
ba0513b5SMario Smarduch * concurrently. So, to avoid losing track of dirty pages we keep the
ba0513b5SMario Smarduch * following order:
ba0513b5SMario Smarduch *
ba0513b5SMario Smarduch *    1. Take a snapshot of the bit and clear it if needed.
ba0513b5SMario Smarduch *    2. Write protect the corresponding page.
ba0513b5SMario Smarduch *    3. Copy the snapshot to the userspace.
ba0513b5SMario Smarduch *    4. Upon return caller flushes TLB's if needed.
ba0513b5SMario Smarduch *
ba0513b5SMario Smarduch * Between 2 and 4, the guest may write to the page using the remaining TLB
ba0513b5SMario Smarduch * entry.  This is not a problem because the page is reported dirty using
ba0513b5SMario Smarduch * the snapshot taken before and step 4 ensures that writes done after
ba0513b5SMario Smarduch * exiting to userspace will be logged for the next call.
ba0513b5SMario Smarduch *
ba0513b5SMario Smarduch */
0dff0846SSean Christophersonstatic int kvm_get_dirty_log_protect(struct kvm *kvm, struct kvm_dirty_log *log)
ba0513b5SMario Smarduch{
9f6b8029SPaolo Bonzini	struct kvm_memslots *slots;
ba0513b5SMario Smarduch	struct kvm_memory_slot *memslot;
58d6db34SMarkus Elfring	int i, as_id, id;
ba0513b5SMario Smarduch	unsigned long n;
ba0513b5SMario Smarduch	unsigned long *dirty_bitmap;
ba0513b5SMario Smarduch	unsigned long *dirty_bitmap_buffer;
0dff0846SSean Christopherson	bool flush;
ba0513b5SMario Smarduch
86bdf3ebSGavin Shan	/* Dirty ring tracking may be exclusive to dirty log tracking */
86bdf3ebSGavin Shan	if (!kvm_use_dirty_bitmap(kvm))
b2cc64c4SPeter Xu		return -ENXIO;
b2cc64c4SPeter Xu
f481b069SPaolo Bonzini	as_id = log->slot >> 16;
f481b069SPaolo Bonzini	id = (u16)log->slot;
f481b069SPaolo Bonzini	if (as_id >= KVM_ADDRESS_SPACE_NUM || id >= KVM_USER_MEM_SLOTS)
58d6db34SMarkus Elfring		return -EINVAL;
ba0513b5SMario Smarduch
f481b069SPaolo Bonzini	slots = __kvm_memslots(kvm, as_id);
f481b069SPaolo Bonzini	memslot = id_to_memslot(slots, id);
0577d1abSSean Christopherson	if (!memslot || !memslot->dirty_bitmap)
0577d1abSSean Christopherson		return -ENOENT;
ba0513b5SMario Smarduch
ba0513b5SMario Smarduch	dirty_bitmap = memslot->dirty_bitmap;
ba0513b5SMario Smarduch
0dff0846SSean Christopherson	kvm_arch_sync_dirty_log(kvm, memslot);
0dff0846SSean Christopherson
ba0513b5SMario Smarduch	n = kvm_dirty_bitmap_bytes(memslot);
0dff0846SSean Christopherson	flush = false;
2a31b9dbSPaolo Bonzini	if (kvm->manual_dirty_log_protect) {
2a31b9dbSPaolo Bonzini		/*
2a31b9dbSPaolo Bonzini		 * Unlike kvm_get_dirty_log, we always return false in *flush,
2a31b9dbSPaolo Bonzini		 * because no flush is needed until KVM_CLEAR_DIRTY_LOG.  There
2a31b9dbSPaolo Bonzini		 * is some code duplication between this function and
2a31b9dbSPaolo Bonzini		 * kvm_get_dirty_log, but hopefully all architecture
2a31b9dbSPaolo Bonzini		 * transition to kvm_get_dirty_log_protect and kvm_get_dirty_log
2a31b9dbSPaolo Bonzini		 * can be eliminated.
2a31b9dbSPaolo Bonzini		 */
2a31b9dbSPaolo Bonzini		dirty_bitmap_buffer = dirty_bitmap;
2a31b9dbSPaolo Bonzini	} else {
03133347SClaudio Imbrenda		dirty_bitmap_buffer = kvm_second_dirty_bitmap(memslot);
ba0513b5SMario Smarduch		memset(dirty_bitmap_buffer, 0, n);
ba0513b5SMario Smarduch
531810caSBen Gardon		KVM_MMU_LOCK(kvm);
ba0513b5SMario Smarduch		for (i = 0; i < n / sizeof(long); i++) {
ba0513b5SMario Smarduch			unsigned long mask;
ba0513b5SMario Smarduch			gfn_t offset;
ba0513b5SMario Smarduch
ba0513b5SMario Smarduch			if (!dirty_bitmap[i])
ba0513b5SMario Smarduch				continue;
ba0513b5SMario Smarduch
0dff0846SSean Christopherson			flush = true;
ba0513b5SMario Smarduch			mask = xchg(&dirty_bitmap[i], 0);
ba0513b5SMario Smarduch			dirty_bitmap_buffer[i] = mask;
ba0513b5SMario Smarduch
ba0513b5SMario Smarduch			offset = i * BITS_PER_LONG;
58d2930fSTakuya Yoshikawa			kvm_arch_mmu_enable_log_dirty_pt_masked(kvm, memslot,
58d2930fSTakuya Yoshikawa								offset, mask);
58d2930fSTakuya Yoshikawa		}
531810caSBen Gardon		KVM_MMU_UNLOCK(kvm);
2a31b9dbSPaolo Bonzini	}
2a31b9dbSPaolo Bonzini
0dff0846SSean Christopherson	if (flush)
619b5072SDavid Matlack		kvm_flush_remote_tlbs_memslot(kvm, memslot);
0dff0846SSean Christopherson
ba0513b5SMario Smarduch	if (copy_to_user(log->dirty_bitmap, dirty_bitmap_buffer, n))
58d6db34SMarkus Elfring		return -EFAULT;
58d6db34SMarkus Elfring	return 0;
ba0513b5SMario Smarduch}
0dff0846SSean Christopherson
0dff0846SSean Christopherson
0dff0846SSean Christopherson/**
0dff0846SSean Christopherson * kvm_vm_ioctl_get_dirty_log - get and clear the log of dirty pages in a slot
0dff0846SSean Christopherson * @kvm: kvm instance
0dff0846SSean Christopherson * @log: slot id and address to which we copy the log
0dff0846SSean Christopherson *
0dff0846SSean Christopherson * Steps 1-4 below provide general overview of dirty page logging. See
0dff0846SSean Christopherson * kvm_get_dirty_log_protect() function description for additional details.
0dff0846SSean Christopherson *
0dff0846SSean Christopherson * We call kvm_get_dirty_log_protect() to handle steps 1-3, upon return we
0dff0846SSean Christopherson * always flush the TLB (step 4) even if previous step failed  and the dirty
0dff0846SSean Christopherson * bitmap may be corrupt. Regardless of previous outcome the KVM logging API
0dff0846SSean Christopherson * does not preclude user space subsequent dirty log read. Flushing TLB ensures
0dff0846SSean Christopherson * writes will be marked dirty for next log read.
0dff0846SSean Christopherson *
0dff0846SSean Christopherson *   1. Take a snapshot of the bit and clear it if needed.
0dff0846SSean Christopherson *   2. Write protect the corresponding page.
0dff0846SSean Christopherson *   3. Copy the snapshot to the userspace.
0dff0846SSean Christopherson *   4. Flush TLB's if needed.
0dff0846SSean Christopherson */
0dff0846SSean Christophersonstatic int kvm_vm_ioctl_get_dirty_log(struct kvm *kvm,
0dff0846SSean Christopherson				      struct kvm_dirty_log *log)
0dff0846SSean Christopherson{
0dff0846SSean Christopherson	int r;
0dff0846SSean Christopherson
0dff0846SSean Christopherson	mutex_lock(&kvm->slots_lock);
0dff0846SSean Christopherson
0dff0846SSean Christopherson	r = kvm_get_dirty_log_protect(kvm, log);
0dff0846SSean Christopherson
0dff0846SSean Christopherson	mutex_unlock(&kvm->slots_lock);
0dff0846SSean Christopherson	return r;
0dff0846SSean Christopherson}
2a31b9dbSPaolo Bonzini
2a31b9dbSPaolo Bonzini/**
2a31b9dbSPaolo Bonzini * kvm_clear_dirty_log_protect - clear dirty bits in the bitmap
2a31b9dbSPaolo Bonzini *	and reenable dirty page tracking for the corresponding pages.
2a31b9dbSPaolo Bonzini * @kvm:	pointer to kvm instance
2a31b9dbSPaolo Bonzini * @log:	slot id and address from which to fetch the bitmap of dirty pages
2a31b9dbSPaolo Bonzini */
0dff0846SSean Christophersonstatic int kvm_clear_dirty_log_protect(struct kvm *kvm,
0dff0846SSean Christopherson				       struct kvm_clear_dirty_log *log)
2a31b9dbSPaolo Bonzini{
2a31b9dbSPaolo Bonzini	struct kvm_memslots *slots;
2a31b9dbSPaolo Bonzini	struct kvm_memory_slot *memslot;
98938aa8STomas Bortoli	int as_id, id;
2a31b9dbSPaolo Bonzini	gfn_t offset;
98938aa8STomas Bortoli	unsigned long i, n;
2a31b9dbSPaolo Bonzini	unsigned long *dirty_bitmap;
2a31b9dbSPaolo Bonzini	unsigned long *dirty_bitmap_buffer;
0dff0846SSean Christopherson	bool flush;
2a31b9dbSPaolo Bonzini
86bdf3ebSGavin Shan	/* Dirty ring tracking may be exclusive to dirty log tracking */
86bdf3ebSGavin Shan	if (!kvm_use_dirty_bitmap(kvm))
b2cc64c4SPeter Xu		return -ENXIO;
b2cc64c4SPeter Xu
2a31b9dbSPaolo Bonzini	as_id = log->slot >> 16;
2a31b9dbSPaolo Bonzini	id = (u16)log->slot;
2a31b9dbSPaolo Bonzini	if (as_id >= KVM_ADDRESS_SPACE_NUM || id >= KVM_USER_MEM_SLOTS)
2a31b9dbSPaolo Bonzini		return -EINVAL;
2a31b9dbSPaolo Bonzini
76d58e0fSPaolo Bonzini	if (log->first_page & 63)
2a31b9dbSPaolo Bonzini		return -EINVAL;
2a31b9dbSPaolo Bonzini
2a31b9dbSPaolo Bonzini	slots = __kvm_memslots(kvm, as_id);
2a31b9dbSPaolo Bonzini	memslot = id_to_memslot(slots, id);
0577d1abSSean Christopherson	if (!memslot || !memslot->dirty_bitmap)
0577d1abSSean Christopherson		return -ENOENT;
2a31b9dbSPaolo Bonzini
2a31b9dbSPaolo Bonzini	dirty_bitmap = memslot->dirty_bitmap;
2a31b9dbSPaolo Bonzini
4ddc9204SPeter Xu	n = ALIGN(log->num_pages, BITS_PER_LONG) / 8;
98938aa8STomas Bortoli
98938aa8STomas Bortoli	if (log->first_page > memslot->npages ||
76d58e0fSPaolo Bonzini	    log->num_pages > memslot->npages - log->first_page ||
76d58e0fSPaolo Bonzini	    (log->num_pages < memslot->npages - log->first_page && (log->num_pages & 63)))
98938aa8STomas Bortoli	    return -EINVAL;
98938aa8STomas Bortoli
0dff0846SSean Christopherson	kvm_arch_sync_dirty_log(kvm, memslot);
0dff0846SSean Christopherson
0dff0846SSean Christopherson	flush = false;
2a31b9dbSPaolo Bonzini	dirty_bitmap_buffer = kvm_second_dirty_bitmap(memslot);
2a31b9dbSPaolo Bonzini	if (copy_from_user(dirty_bitmap_buffer, log->dirty_bitmap, n))
2a31b9dbSPaolo Bonzini		return -EFAULT;
2a31b9dbSPaolo Bonzini
531810caSBen Gardon	KVM_MMU_LOCK(kvm);
53eac7a8SPeter Xu	for (offset = log->first_page, i = offset / BITS_PER_LONG,
53eac7a8SPeter Xu		 n = DIV_ROUND_UP(log->num_pages, BITS_PER_LONG); n--;
2a31b9dbSPaolo Bonzini	     i++, offset += BITS_PER_LONG) {
2a31b9dbSPaolo Bonzini		unsigned long mask = *dirty_bitmap_buffer++;
2a31b9dbSPaolo Bonzini		atomic_long_t *p = (atomic_long_t *) &dirty_bitmap[i];
2a31b9dbSPaolo Bonzini		if (!mask)
2a31b9dbSPaolo Bonzini			continue;
2a31b9dbSPaolo Bonzini
2a31b9dbSPaolo Bonzini		mask &= atomic_long_fetch_andnot(mask, p);
2a31b9dbSPaolo Bonzini
2a31b9dbSPaolo Bonzini		/*
2a31b9dbSPaolo Bonzini		 * mask contains the bits that really have been cleared.  This
2a31b9dbSPaolo Bonzini		 * never includes any bits beyond the length of the memslot (if
2a31b9dbSPaolo Bonzini		 * the length is not aligned to 64 pages), therefore it is not
2a31b9dbSPaolo Bonzini		 * a problem if userspace sets them in log->dirty_bitmap.
2a31b9dbSPaolo Bonzini		*/
2a31b9dbSPaolo Bonzini		if (mask) {
0dff0846SSean Christopherson			flush = true;
2a31b9dbSPaolo Bonzini			kvm_arch_mmu_enable_log_dirty_pt_masked(kvm, memslot,
2a31b9dbSPaolo Bonzini								offset, mask);
2a31b9dbSPaolo Bonzini		}
2a31b9dbSPaolo Bonzini	}
531810caSBen Gardon	KVM_MMU_UNLOCK(kvm);
2a31b9dbSPaolo Bonzini
0dff0846SSean Christopherson	if (flush)
619b5072SDavid Matlack		kvm_flush_remote_tlbs_memslot(kvm, memslot);
0dff0846SSean Christopherson
2a31b9dbSPaolo Bonzini	return 0;
2a31b9dbSPaolo Bonzini}
0dff0846SSean Christopherson
0dff0846SSean Christophersonstatic int kvm_vm_ioctl_clear_dirty_log(struct kvm *kvm,
0dff0846SSean Christopherson					struct kvm_clear_dirty_log *log)
0dff0846SSean Christopherson{
0dff0846SSean Christopherson	int r;
0dff0846SSean Christopherson
0dff0846SSean Christopherson	mutex_lock(&kvm->slots_lock);
0dff0846SSean Christopherson
0dff0846SSean Christopherson	r = kvm_clear_dirty_log_protect(kvm, log);
0dff0846SSean Christopherson
0dff0846SSean Christopherson	mutex_unlock(&kvm->slots_lock);
0dff0846SSean Christopherson	return r;
0dff0846SSean Christopherson}
0dff0846SSean Christopherson#endif /* CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT */
ba0513b5SMario Smarduch
49c7754cSGleb Natapovstruct kvm_memory_slot *gfn_to_memslot(struct kvm *kvm, gfn_t gfn)
49c7754cSGleb Natapov{
49c7754cSGleb Natapov	return __gfn_to_memslot(kvm_memslots(kvm), gfn);
49c7754cSGleb Natapov}
a1f4d395SAvi KivityEXPORT_SYMBOL_GPL(gfn_to_memslot);
0fce5623SAvi Kivity
8e73485cSPaolo Bonzinistruct kvm_memory_slot *kvm_vcpu_gfn_to_memslot(struct kvm_vcpu *vcpu, gfn_t gfn)
8e73485cSPaolo Bonzini{
fe22ed82SDavid Matlack	struct kvm_memslots *slots = kvm_vcpu_memslots(vcpu);
a54d8066SMaciej S. Szmigiero	u64 gen = slots->generation;
fe22ed82SDavid Matlack	struct kvm_memory_slot *slot;
fe22ed82SDavid Matlack
a54d8066SMaciej S. Szmigiero	/*
a54d8066SMaciej S. Szmigiero	 * This also protects against using a memslot from a different address space,
a54d8066SMaciej S. Szmigiero	 * since different address spaces have different generation numbers.
a54d8066SMaciej S. Szmigiero	 */
a54d8066SMaciej S. Szmigiero	if (unlikely(gen != vcpu->last_used_slot_gen)) {
a54d8066SMaciej S. Szmigiero		vcpu->last_used_slot = NULL;
a54d8066SMaciej S. Szmigiero		vcpu->last_used_slot_gen = gen;
a54d8066SMaciej S. Szmigiero	}
a54d8066SMaciej S. Szmigiero
a54d8066SMaciej S. Szmigiero	slot = try_get_memslot(vcpu->last_used_slot, gfn);
fe22ed82SDavid Matlack	if (slot)
fe22ed82SDavid Matlack		return slot;
fe22ed82SDavid Matlack
fe22ed82SDavid Matlack	/*
fe22ed82SDavid Matlack	 * Fall back to searching all memslots. We purposely use
fe22ed82SDavid Matlack	 * search_memslots() instead of __gfn_to_memslot() to avoid
a54d8066SMaciej S. Szmigiero	 * thrashing the VM-wide last_used_slot in kvm_memslots.
fe22ed82SDavid Matlack	 */
a54d8066SMaciej S. Szmigiero	slot = search_memslots(slots, gfn, false);
fe22ed82SDavid Matlack	if (slot) {
a54d8066SMaciej S. Szmigiero		vcpu->last_used_slot = slot;
fe22ed82SDavid Matlack		return slot;
fe22ed82SDavid Matlack	}
fe22ed82SDavid Matlack
fe22ed82SDavid Matlack	return NULL;
8e73485cSPaolo Bonzini}
8e73485cSPaolo Bonzini
33e94154SYaowei Baibool kvm_is_visible_gfn(struct kvm *kvm, gfn_t gfn)
0fce5623SAvi Kivity{
bf3e05bcSXiao Guangrong	struct kvm_memory_slot *memslot = gfn_to_memslot(kvm, gfn);
0fce5623SAvi Kivity
c36b7150SPaolo Bonzini	return kvm_is_visible_memslot(memslot);
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_is_visible_gfn);
0fce5623SAvi Kivity
995decb6SVitaly Kuznetsovbool kvm_vcpu_is_visible_gfn(struct kvm_vcpu *vcpu, gfn_t gfn)
995decb6SVitaly Kuznetsov{
995decb6SVitaly Kuznetsov	struct kvm_memory_slot *memslot = kvm_vcpu_gfn_to_memslot(vcpu, gfn);
995decb6SVitaly Kuznetsov
995decb6SVitaly Kuznetsov	return kvm_is_visible_memslot(memslot);
995decb6SVitaly Kuznetsov}
995decb6SVitaly KuznetsovEXPORT_SYMBOL_GPL(kvm_vcpu_is_visible_gfn);
995decb6SVitaly Kuznetsov
f9b84e19SSean Christophersonunsigned long kvm_host_page_size(struct kvm_vcpu *vcpu, gfn_t gfn)
8f0b1ab6SJoerg Roedel{
8f0b1ab6SJoerg Roedel	struct vm_area_struct *vma;
8f0b1ab6SJoerg Roedel	unsigned long addr, size;
8f0b1ab6SJoerg Roedel
8f0b1ab6SJoerg Roedel	size = PAGE_SIZE;
8f0b1ab6SJoerg Roedel
42cde48bSSean Christopherson	addr = kvm_vcpu_gfn_to_hva_prot(vcpu, gfn, NULL);
8f0b1ab6SJoerg Roedel	if (kvm_is_error_hva(addr))
8f0b1ab6SJoerg Roedel		return PAGE_SIZE;
8f0b1ab6SJoerg Roedel
d8ed45c5SMichel Lespinasse	mmap_read_lock(current->mm);
8f0b1ab6SJoerg Roedel	vma = find_vma(current->mm, addr);
8f0b1ab6SJoerg Roedel	if (!vma)
8f0b1ab6SJoerg Roedel		goto out;
8f0b1ab6SJoerg Roedel
8f0b1ab6SJoerg Roedel	size = vma_kernel_pagesize(vma);
8f0b1ab6SJoerg Roedel
8f0b1ab6SJoerg Roedelout:
d8ed45c5SMichel Lespinasse	mmap_read_unlock(current->mm);
8f0b1ab6SJoerg Roedel
8f0b1ab6SJoerg Roedel	return size;
8f0b1ab6SJoerg Roedel}
8f0b1ab6SJoerg Roedel
8283e36aSBen Gardonstatic bool memslot_is_readonly(const struct kvm_memory_slot *slot)
4d8b81abSXiao Guangrong{
4d8b81abSXiao Guangrong	return slot->flags & KVM_MEM_READONLY;
4d8b81abSXiao Guangrong}
4d8b81abSXiao Guangrong
8283e36aSBen Gardonstatic unsigned long __gfn_to_hva_many(const struct kvm_memory_slot *slot, gfn_t gfn,
4d8b81abSXiao Guangrong				       gfn_t *nr_pages, bool write)
0fce5623SAvi Kivity{
bc6678a3SMarcelo Tosatti	if (!slot || slot->flags & KVM_MEMSLOT_INVALID)
ca3a490cSXiao Guangrong		return KVM_HVA_ERR_BAD;
48987781SXiao Guangrong
4d8b81abSXiao Guangrong	if (memslot_is_readonly(slot) && write)
4d8b81abSXiao Guangrong		return KVM_HVA_ERR_RO_BAD;
48987781SXiao Guangrong
48987781SXiao Guangrong	if (nr_pages)
48987781SXiao Guangrong		*nr_pages = slot->npages - (gfn - slot->base_gfn);
48987781SXiao Guangrong
4d8b81abSXiao Guangrong	return __gfn_to_hva_memslot(slot, gfn);
0fce5623SAvi Kivity}
48987781SXiao Guangrong
4d8b81abSXiao Guangrongstatic unsigned long gfn_to_hva_many(struct kvm_memory_slot *slot, gfn_t gfn,
4d8b81abSXiao Guangrong				     gfn_t *nr_pages)
4d8b81abSXiao Guangrong{
4d8b81abSXiao Guangrong	return __gfn_to_hva_many(slot, gfn, nr_pages, true);
4d8b81abSXiao Guangrong}
4d8b81abSXiao Guangrong
4d8b81abSXiao Guangrongunsigned long gfn_to_hva_memslot(struct kvm_memory_slot *slot,
4d8b81abSXiao Guangrong					gfn_t gfn)
4d8b81abSXiao Guangrong{
4d8b81abSXiao Guangrong	return gfn_to_hva_many(slot, gfn, NULL);
4d8b81abSXiao Guangrong}
4d8b81abSXiao GuangrongEXPORT_SYMBOL_GPL(gfn_to_hva_memslot);
4d8b81abSXiao Guangrong
48987781SXiao Guangrongunsigned long gfn_to_hva(struct kvm *kvm, gfn_t gfn)
48987781SXiao Guangrong{
49c7754cSGleb Natapov	return gfn_to_hva_many(gfn_to_memslot(kvm, gfn), gfn, NULL);
48987781SXiao Guangrong}
0d150298SSheng YangEXPORT_SYMBOL_GPL(gfn_to_hva);
0fce5623SAvi Kivity
8e73485cSPaolo Bonziniunsigned long kvm_vcpu_gfn_to_hva(struct kvm_vcpu *vcpu, gfn_t gfn)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	return gfn_to_hva_many(kvm_vcpu_gfn_to_memslot(vcpu, gfn), gfn, NULL);
8e73485cSPaolo Bonzini}
8e73485cSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_vcpu_gfn_to_hva);
8e73485cSPaolo Bonzini
86ab8cffSXiao Guangrong/*
970c0d4bSWei Yang * Return the hva of a @gfn and the R/W attribute if possible.
970c0d4bSWei Yang *
970c0d4bSWei Yang * @slot: the kvm_memory_slot which contains @gfn
970c0d4bSWei Yang * @gfn: the gfn to be translated
970c0d4bSWei Yang * @writable: used to return the read/write attribute of the @slot if the hva
970c0d4bSWei Yang * is valid and @writable is not NULL
86ab8cffSXiao Guangrong */
64d83126SChristoffer Dallunsigned long gfn_to_hva_memslot_prot(struct kvm_memory_slot *slot,
64d83126SChristoffer Dall				      gfn_t gfn, bool *writable)
8030089fSGleb Natapov{
a2ac07feSGleb Natapov	unsigned long hva = __gfn_to_hva_many(slot, gfn, NULL, false);
a2ac07feSGleb Natapov
a2ac07feSGleb Natapov	if (!kvm_is_error_hva(hva) && writable)
ba6a3541SPaolo Bonzini		*writable = !memslot_is_readonly(slot);
ba6a3541SPaolo Bonzini
a2ac07feSGleb Natapov	return hva;
86ab8cffSXiao Guangrong}
86ab8cffSXiao Guangrong
64d83126SChristoffer Dallunsigned long gfn_to_hva_prot(struct kvm *kvm, gfn_t gfn, bool *writable)
64d83126SChristoffer Dall{
64d83126SChristoffer Dall	struct kvm_memory_slot *slot = gfn_to_memslot(kvm, gfn);
64d83126SChristoffer Dall
64d83126SChristoffer Dall	return gfn_to_hva_memslot_prot(slot, gfn, writable);
64d83126SChristoffer Dall}
64d83126SChristoffer Dall
8e73485cSPaolo Bonziniunsigned long kvm_vcpu_gfn_to_hva_prot(struct kvm_vcpu *vcpu, gfn_t gfn, bool *writable)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	struct kvm_memory_slot *slot = kvm_vcpu_gfn_to_memslot(vcpu, gfn);
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonzini	return gfn_to_hva_memslot_prot(slot, gfn, writable);
8e73485cSPaolo Bonzini}
8e73485cSPaolo Bonzini
fafc3dbaSHuang Yingstatic inline int check_user_page_hwpoison(unsigned long addr)
fafc3dbaSHuang Ying{
0d731759SLorenzo Stoakes	int rc, flags = FOLL_HWPOISON | FOLL_WRITE;
fafc3dbaSHuang Ying
54d02069SLorenzo Stoakes	rc = get_user_pages(addr, 1, flags, NULL);
fafc3dbaSHuang Ying	return rc == -EHWPOISON;
fafc3dbaSHuang Ying}
fafc3dbaSHuang Ying
2fc84311SXiao Guangrong/*
b9b33da2SPaolo Bonzini * The fast path to get the writable pfn which will be stored in @pfn,
b9b33da2SPaolo Bonzini * true indicates success, otherwise false is returned.  It's also the
311497e0SMiaohe Lin * only part that runs if we can in atomic context.
2fc84311SXiao Guangrong */
b9b33da2SPaolo Bonzinistatic bool hva_to_pfn_fast(unsigned long addr, bool write_fault,
b9b33da2SPaolo Bonzini			    bool *writable, kvm_pfn_t *pfn)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	struct page *page[1];
0fce5623SAvi Kivity
12ce13feSXiao Guangrong	/*
12ce13feSXiao Guangrong	 * Fast pin a writable pfn only if it is a write fault request
12ce13feSXiao Guangrong	 * or the caller allows to map a writable pfn for a read fault
12ce13feSXiao Guangrong	 * request.
12ce13feSXiao Guangrong	 */
12ce13feSXiao Guangrong	if (!(write_fault || writable))
12ce13feSXiao Guangrong		return false;
12ce13feSXiao Guangrong
dadbb612SSouptick Joarder	if (get_user_page_fast_only(addr, FOLL_WRITE, page)) {
2fc84311SXiao Guangrong		*pfn = page_to_pfn(page[0]);
612819c3SMarcelo Tosatti
612819c3SMarcelo Tosatti		if (writable)
612819c3SMarcelo Tosatti			*writable = true;
2fc84311SXiao Guangrong		return true;
2fc84311SXiao Guangrong	}
612819c3SMarcelo Tosatti
2fc84311SXiao Guangrong	return false;
2fc84311SXiao Guangrong}
af585b92SGleb Natapov
2fc84311SXiao Guangrong/*
2fc84311SXiao Guangrong * The slow path to get the pfn of the specified host virtual address,
2fc84311SXiao Guangrong * 1 indicates success, -errno is returned if error is detected.
2fc84311SXiao Guangrong */
2fc84311SXiao Guangrongstatic int hva_to_pfn_slow(unsigned long addr, bool *async, bool write_fault,
c8b88b33SPeter Xu			   bool interruptible, bool *writable, kvm_pfn_t *pfn)
2fc84311SXiao Guangrong{
b1e1296dSDavid Hildenbrand	/*
b1e1296dSDavid Hildenbrand	 * When a VCPU accesses a page that is not mapped into the secondary
b1e1296dSDavid Hildenbrand	 * MMU, we lookup the page using GUP to map it, so the guest VCPU can
b1e1296dSDavid Hildenbrand	 * make progress. We always want to honor NUMA hinting faults in that
b1e1296dSDavid Hildenbrand	 * case, because GUP usage corresponds to memory accesses from the VCPU.
b1e1296dSDavid Hildenbrand	 * Otherwise, we'd not trigger NUMA hinting faults once a page is
b1e1296dSDavid Hildenbrand	 * mapped into the secondary MMU and gets accessed by a VCPU.
b1e1296dSDavid Hildenbrand	 *
b1e1296dSDavid Hildenbrand	 * Note that get_user_page_fast_only() and FOLL_WRITE for now
b1e1296dSDavid Hildenbrand	 * implicitly honor NUMA hinting faults and don't need this flag.
b1e1296dSDavid Hildenbrand	 */
b1e1296dSDavid Hildenbrand	unsigned int flags = FOLL_HWPOISON | FOLL_HONOR_NUMA_FAULT;
ce53053cSAl Viro	struct page *page;
28249139SLi kunyu	int npages;
2fc84311SXiao Guangrong
0fce5623SAvi Kivity	might_sleep();
612819c3SMarcelo Tosatti
612819c3SMarcelo Tosatti	if (writable)
612819c3SMarcelo Tosatti		*writable = write_fault;
612819c3SMarcelo Tosatti
d4944b0eSLorenzo Stoakes	if (write_fault)
d4944b0eSLorenzo Stoakes		flags |= FOLL_WRITE;
ce53053cSAl Viro	if (async)
ce53053cSAl Viro		flags |= FOLL_NOWAIT;
c8b88b33SPeter Xu	if (interruptible)
c8b88b33SPeter Xu		flags |= FOLL_INTERRUPTIBLE;
d4944b0eSLorenzo Stoakes
ce53053cSAl Viro	npages = get_user_pages_unlocked(addr, 1, &page, flags);
2fc84311SXiao Guangrong	if (npages != 1)
2fc84311SXiao Guangrong		return npages;
612819c3SMarcelo Tosatti
612819c3SMarcelo Tosatti	/* map read fault as writable if possible */
12ce13feSXiao Guangrong	if (unlikely(!write_fault) && writable) {
ce53053cSAl Viro		struct page *wpage;
612819c3SMarcelo Tosatti
dadbb612SSouptick Joarder		if (get_user_page_fast_only(addr, FOLL_WRITE, &wpage)) {
612819c3SMarcelo Tosatti			*writable = true;
ce53053cSAl Viro			put_page(page);
ce53053cSAl Viro			page = wpage;
612819c3SMarcelo Tosatti		}
612819c3SMarcelo Tosatti	}
ce53053cSAl Viro	*pfn = page_to_pfn(page);
2fc84311SXiao Guangrong	return npages;
887c08acSXiao Guangrong}
0fce5623SAvi Kivity
4d8b81abSXiao Guangrongstatic bool vma_is_valid(struct vm_area_struct *vma, bool write_fault)
4d8b81abSXiao Guangrong{
4d8b81abSXiao Guangrong	if (unlikely(!(vma->vm_flags & VM_READ)))
4d8b81abSXiao Guangrong		return false;
4d8b81abSXiao Guangrong
4d8b81abSXiao Guangrong	if (write_fault && (unlikely(!(vma->vm_flags & VM_WRITE))))
4d8b81abSXiao Guangrong		return false;
4d8b81abSXiao Guangrong
4d8b81abSXiao Guangrong	return true;
4d8b81abSXiao Guangrong}
4d8b81abSXiao Guangrong
f8be156bSNicholas Pigginstatic int kvm_try_get_pfn(kvm_pfn_t pfn)
f8be156bSNicholas Piggin{
b14b2690SSean Christopherson	struct page *page = kvm_pfn_to_refcounted_page(pfn);
b14b2690SSean Christopherson
b14b2690SSean Christopherson	if (!page)
f8be156bSNicholas Piggin		return 1;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	return get_page_unless_zero(page);
f8be156bSNicholas Piggin}
f8be156bSNicholas Piggin
92176a8eSPaolo Bonzinistatic int hva_to_pfn_remapped(struct vm_area_struct *vma,
1625566eSXianting Tian			       unsigned long addr, bool write_fault,
1625566eSXianting Tian			       bool *writable, kvm_pfn_t *p_pfn)
92176a8eSPaolo Bonzini{
a9545779SSean Christopherson	kvm_pfn_t pfn;
bd2fae8dSPaolo Bonzini	pte_t *ptep;
c33c7948SRyan Roberts	pte_t pte;
bd2fae8dSPaolo Bonzini	spinlock_t *ptl;
add6a0cdSPaolo Bonzini	int r;
add6a0cdSPaolo Bonzini
9fd6dad1SPaolo Bonzini	r = follow_pte(vma->vm_mm, addr, &ptep, &ptl);
add6a0cdSPaolo Bonzini	if (r) {
add6a0cdSPaolo Bonzini		/*
add6a0cdSPaolo Bonzini		 * get_user_pages fails for VM_IO and VM_PFNMAP vmas and does
add6a0cdSPaolo Bonzini		 * not call the fault handler, so do it here.
add6a0cdSPaolo Bonzini		 */
add6a0cdSPaolo Bonzini		bool unlocked = false;
64019a2eSPeter Xu		r = fixup_user_fault(current->mm, addr,
add6a0cdSPaolo Bonzini				     (write_fault ? FAULT_FLAG_WRITE : 0),
add6a0cdSPaolo Bonzini				     &unlocked);
a8387d0bSPaolo Bonzini		if (unlocked)
a8387d0bSPaolo Bonzini			return -EAGAIN;
add6a0cdSPaolo Bonzini		if (r)
add6a0cdSPaolo Bonzini			return r;
add6a0cdSPaolo Bonzini
9fd6dad1SPaolo Bonzini		r = follow_pte(vma->vm_mm, addr, &ptep, &ptl);
add6a0cdSPaolo Bonzini		if (r)
add6a0cdSPaolo Bonzini			return r;
bd2fae8dSPaolo Bonzini	}
add6a0cdSPaolo Bonzini
c33c7948SRyan Roberts	pte = ptep_get(ptep);
c33c7948SRyan Roberts
c33c7948SRyan Roberts	if (write_fault && !pte_write(pte)) {
bd2fae8dSPaolo Bonzini		pfn = KVM_PFN_ERR_RO_FAULT;
bd2fae8dSPaolo Bonzini		goto out;
add6a0cdSPaolo Bonzini	}
add6a0cdSPaolo Bonzini
a340b3e2SKarimAllah Ahmed	if (writable)
c33c7948SRyan Roberts		*writable = pte_write(pte);
c33c7948SRyan Roberts	pfn = pte_pfn(pte);
add6a0cdSPaolo Bonzini
add6a0cdSPaolo Bonzini	/*
add6a0cdSPaolo Bonzini	 * Get a reference here because callers of *hva_to_pfn* and
add6a0cdSPaolo Bonzini	 * *gfn_to_pfn* ultimately call kvm_release_pfn_clean on the
add6a0cdSPaolo Bonzini	 * returned pfn.  This is only needed if the VMA has VM_MIXEDMAP
36c3ce6cSMarc Zyngier	 * set, but the kvm_try_get_pfn/kvm_release_pfn_clean pair will
add6a0cdSPaolo Bonzini	 * simply do nothing for reserved pfns.
add6a0cdSPaolo Bonzini	 *
add6a0cdSPaolo Bonzini	 * Whoever called remap_pfn_range is also going to call e.g.
add6a0cdSPaolo Bonzini	 * unmap_mapping_range before the underlying pages are freed,
add6a0cdSPaolo Bonzini	 * causing a call to our MMU notifier.
f8be156bSNicholas Piggin	 *
f8be156bSNicholas Piggin	 * Certain IO or PFNMAP mappings can be backed with valid
f8be156bSNicholas Piggin	 * struct pages, but be allocated without refcounting e.g.,
f8be156bSNicholas Piggin	 * tail pages of non-compound higher order allocations, which
f8be156bSNicholas Piggin	 * would then underflow the refcount when the caller does the
f8be156bSNicholas Piggin	 * required put_page. Don't allow those pages here.
add6a0cdSPaolo Bonzini	 */
f8be156bSNicholas Piggin	if (!kvm_try_get_pfn(pfn))
f8be156bSNicholas Piggin		r = -EFAULT;
add6a0cdSPaolo Bonzini
bd2fae8dSPaolo Bonziniout:
bd2fae8dSPaolo Bonzini	pte_unmap_unlock(ptep, ptl);
add6a0cdSPaolo Bonzini	*p_pfn = pfn;
f8be156bSNicholas Piggin
f8be156bSNicholas Piggin	return r;
92176a8eSPaolo Bonzini}
92176a8eSPaolo Bonzini
12ce13feSXiao Guangrong/*
12ce13feSXiao Guangrong * Pin guest page in memory and return its pfn.
12ce13feSXiao Guangrong * @addr: host virtual address which maps memory to the guest
12ce13feSXiao Guangrong * @atomic: whether this function can sleep
c8b88b33SPeter Xu * @interruptible: whether the process can be interrupted by non-fatal signals
12ce13feSXiao Guangrong * @async: whether this function need to wait IO complete if the
12ce13feSXiao Guangrong *         host page is not in the memory
12ce13feSXiao Guangrong * @write_fault: whether we should get a writable host page
12ce13feSXiao Guangrong * @writable: whether it allows to map a writable host page for !@write_fault
12ce13feSXiao Guangrong *
12ce13feSXiao Guangrong * The function will map a writable host page for these two cases:
12ce13feSXiao Guangrong * 1): @write_fault = true
12ce13feSXiao Guangrong * 2): @write_fault = false && @writable, @writable will tell the caller
12ce13feSXiao Guangrong *     whether the mapping is writable.
12ce13feSXiao Guangrong */
c8b88b33SPeter Xukvm_pfn_t hva_to_pfn(unsigned long addr, bool atomic, bool interruptible,
c8b88b33SPeter Xu		     bool *async, bool write_fault, bool *writable)
2fc84311SXiao Guangrong{
2e2e3738SAnthony Liguori	struct vm_area_struct *vma;
943dfea8SSean Christopherson	kvm_pfn_t pfn;
92176a8eSPaolo Bonzini	int npages, r;
2fc84311SXiao Guangrong
2fc84311SXiao Guangrong	/* we can do it either atomically or asynchronously, not both */
2fc84311SXiao Guangrong	BUG_ON(atomic && async);
2fc84311SXiao Guangrong
b9b33da2SPaolo Bonzini	if (hva_to_pfn_fast(addr, write_fault, writable, &pfn))
2fc84311SXiao Guangrong		return pfn;
2e2e3738SAnthony Liguori
887c08acSXiao Guangrong	if (atomic)
6c8ee57bSXiao Guangrong		return KVM_PFN_ERR_FAULT;
887c08acSXiao Guangrong
c8b88b33SPeter Xu	npages = hva_to_pfn_slow(addr, async, write_fault, interruptible,
c8b88b33SPeter Xu				 writable, &pfn);
2fc84311SXiao Guangrong	if (npages == 1)
2fc84311SXiao Guangrong		return pfn;
fe5ed56cSPeter Xu	if (npages == -EINTR)
fe5ed56cSPeter Xu		return KVM_PFN_ERR_SIGPENDING;
2e2e3738SAnthony Liguori
d8ed45c5SMichel Lespinasse	mmap_read_lock(current->mm);
0857b9e9SGleb Natapov	if (npages == -EHWPOISON ||
0857b9e9SGleb Natapov	      (!async && check_user_page_hwpoison(addr))) {
2fc84311SXiao Guangrong		pfn = KVM_PFN_ERR_HWPOISON;
2fc84311SXiao Guangrong		goto exit;
bf998156SHuang Ying	}
bf998156SHuang Ying
a8387d0bSPaolo Bonziniretry:
fc98c03bSLiam Howlett	vma = vma_lookup(current->mm, addr);
4c2155ceSMarcelo Tosatti
8030089fSGleb Natapov	if (vma == NULL)
6c8ee57bSXiao Guangrong		pfn = KVM_PFN_ERR_FAULT;
92176a8eSPaolo Bonzini	else if (vma->vm_flags & (VM_IO | VM_PFNMAP)) {
1625566eSXianting Tian		r = hva_to_pfn_remapped(vma, addr, write_fault, writable, &pfn);
a8387d0bSPaolo Bonzini		if (r == -EAGAIN)
a8387d0bSPaolo Bonzini			goto retry;
92176a8eSPaolo Bonzini		if (r < 0)
92176a8eSPaolo Bonzini			pfn = KVM_PFN_ERR_FAULT;
8030089fSGleb Natapov	} else {
4d8b81abSXiao Guangrong		if (async && vma_is_valid(vma, write_fault))
8030089fSGleb Natapov			*async = true;
6c8ee57bSXiao Guangrong		pfn = KVM_PFN_ERR_FAULT;
8030089fSGleb Natapov	}
2fc84311SXiao Guangrongexit:
d8ed45c5SMichel Lespinasse	mmap_read_unlock(current->mm);
2e2e3738SAnthony Liguori	return pfn;
35149e21SAnthony Liguori}
35149e21SAnthony Liguori
8283e36aSBen Gardonkvm_pfn_t __gfn_to_pfn_memslot(const struct kvm_memory_slot *slot, gfn_t gfn,
c8b88b33SPeter Xu			       bool atomic, bool interruptible, bool *async,
c8b88b33SPeter Xu			       bool write_fault, bool *writable, hva_t *hva)
887c08acSXiao Guangrong{
4d8b81abSXiao Guangrong	unsigned long addr = __gfn_to_hva_many(slot, gfn, NULL, write_fault);
4d8b81abSXiao Guangrong
4a42d848SDavid Stevens	if (hva)
4a42d848SDavid Stevens		*hva = addr;
4a42d848SDavid Stevens
b2740d35SPaolo Bonzini	if (addr == KVM_HVA_ERR_RO_BAD) {
b2740d35SPaolo Bonzini		if (writable)
b2740d35SPaolo Bonzini			*writable = false;
4d8b81abSXiao Guangrong		return KVM_PFN_ERR_RO_FAULT;
b2740d35SPaolo Bonzini	}
4d8b81abSXiao Guangrong
b2740d35SPaolo Bonzini	if (kvm_is_error_hva(addr)) {
b2740d35SPaolo Bonzini		if (writable)
b2740d35SPaolo Bonzini			*writable = false;
81c52c56SXiao Guangrong		return KVM_PFN_NOSLOT;
b2740d35SPaolo Bonzini	}
4d8b81abSXiao Guangrong
4d8b81abSXiao Guangrong	/* Do not map writable pfn in the readonly memslot. */
4d8b81abSXiao Guangrong	if (writable && memslot_is_readonly(slot)) {
4d8b81abSXiao Guangrong		*writable = false;
4d8b81abSXiao Guangrong		writable = NULL;
887c08acSXiao Guangrong	}
4d8b81abSXiao Guangrong
c8b88b33SPeter Xu	return hva_to_pfn(addr, atomic, interruptible, async, write_fault,
4d8b81abSXiao Guangrong			  writable);
4d8b81abSXiao Guangrong}
3520469dSPaolo BonziniEXPORT_SYMBOL_GPL(__gfn_to_pfn_memslot);
887c08acSXiao Guangrong
ba049e93SDan Williamskvm_pfn_t gfn_to_pfn_prot(struct kvm *kvm, gfn_t gfn, bool write_fault,
612819c3SMarcelo Tosatti		      bool *writable)
612819c3SMarcelo Tosatti{
c8b88b33SPeter Xu	return __gfn_to_pfn_memslot(gfn_to_memslot(kvm, gfn), gfn, false, false,
c8b88b33SPeter Xu				    NULL, write_fault, writable, NULL);
612819c3SMarcelo Tosatti}
612819c3SMarcelo TosattiEXPORT_SYMBOL_GPL(gfn_to_pfn_prot);
612819c3SMarcelo Tosatti
8283e36aSBen Gardonkvm_pfn_t gfn_to_pfn_memslot(const struct kvm_memory_slot *slot, gfn_t gfn)
506f0d6fSMarcelo Tosatti{
c8b88b33SPeter Xu	return __gfn_to_pfn_memslot(slot, gfn, false, false, NULL, true,
c8b88b33SPeter Xu				    NULL, NULL);
506f0d6fSMarcelo Tosatti}
e37afc6eSPaolo BonziniEXPORT_SYMBOL_GPL(gfn_to_pfn_memslot);
506f0d6fSMarcelo Tosatti
8283e36aSBen Gardonkvm_pfn_t gfn_to_pfn_memslot_atomic(const struct kvm_memory_slot *slot, gfn_t gfn)
037d92dcSXiao Guangrong{
c8b88b33SPeter Xu	return __gfn_to_pfn_memslot(slot, gfn, true, false, NULL, true,
c8b88b33SPeter Xu				    NULL, NULL);
037d92dcSXiao Guangrong}
037d92dcSXiao GuangrongEXPORT_SYMBOL_GPL(gfn_to_pfn_memslot_atomic);
037d92dcSXiao Guangrong
ba049e93SDan Williamskvm_pfn_t kvm_vcpu_gfn_to_pfn_atomic(struct kvm_vcpu *vcpu, gfn_t gfn)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	return gfn_to_pfn_memslot_atomic(kvm_vcpu_gfn_to_memslot(vcpu, gfn), gfn);
8e73485cSPaolo Bonzini}
8e73485cSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_vcpu_gfn_to_pfn_atomic);
8e73485cSPaolo Bonzini
ba049e93SDan Williamskvm_pfn_t gfn_to_pfn(struct kvm *kvm, gfn_t gfn)
e37afc6eSPaolo Bonzini{
e37afc6eSPaolo Bonzini	return gfn_to_pfn_memslot(gfn_to_memslot(kvm, gfn), gfn);
e37afc6eSPaolo Bonzini}
e37afc6eSPaolo BonziniEXPORT_SYMBOL_GPL(gfn_to_pfn);
e37afc6eSPaolo Bonzini
ba049e93SDan Williamskvm_pfn_t kvm_vcpu_gfn_to_pfn(struct kvm_vcpu *vcpu, gfn_t gfn)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	return gfn_to_pfn_memslot(kvm_vcpu_gfn_to_memslot(vcpu, gfn), gfn);
8e73485cSPaolo Bonzini}
8e73485cSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_vcpu_gfn_to_pfn);
8e73485cSPaolo Bonzini
d9ef13c2SPaolo Bonziniint gfn_to_page_many_atomic(struct kvm_memory_slot *slot, gfn_t gfn,
d9ef13c2SPaolo Bonzini			    struct page **pages, int nr_pages)
48987781SXiao Guangrong{
48987781SXiao Guangrong	unsigned long addr;
076b925dSArnd Bergmann	gfn_t entry = 0;
48987781SXiao Guangrong
d9ef13c2SPaolo Bonzini	addr = gfn_to_hva_many(slot, gfn, &entry);
48987781SXiao Guangrong	if (kvm_is_error_hva(addr))
48987781SXiao Guangrong		return -1;
48987781SXiao Guangrong
48987781SXiao Guangrong	if (entry < nr_pages)
48987781SXiao Guangrong		return 0;
48987781SXiao Guangrong
dadbb612SSouptick Joarder	return get_user_pages_fast_only(addr, nr_pages, FOLL_WRITE, pages);
48987781SXiao Guangrong}
48987781SXiao GuangrongEXPORT_SYMBOL_GPL(gfn_to_page_many_atomic);
48987781SXiao Guangrong
b1624f99SSean Christopherson/*
b1624f99SSean Christopherson * Do not use this helper unless you are absolutely certain the gfn _must_ be
b1624f99SSean Christopherson * backed by 'struct page'.  A valid example is if the backing memslot is
b1624f99SSean Christopherson * controlled by KVM.  Note, if the returned page is valid, it's refcount has
b1624f99SSean Christopherson * been elevated by gfn_to_pfn().
b1624f99SSean Christopherson */
35149e21SAnthony Liguoristruct page *gfn_to_page(struct kvm *kvm, gfn_t gfn)
35149e21SAnthony Liguori{
b14b2690SSean Christopherson	struct page *page;
ba049e93SDan Williams	kvm_pfn_t pfn;
2e2e3738SAnthony Liguori
2e2e3738SAnthony Liguori	pfn = gfn_to_pfn(kvm, gfn);
2e2e3738SAnthony Liguori
c77fb9dcSXiantao Zhang	if (is_error_noslot_pfn(pfn))
2e2e3738SAnthony Liguori		return KVM_ERR_PTR_BAD_PAGE;
2e2e3738SAnthony Liguori
b14b2690SSean Christopherson	page = kvm_pfn_to_refcounted_page(pfn);
b14b2690SSean Christopherson	if (!page)
0fce5623SAvi Kivity		return KVM_ERR_PTR_BAD_PAGE;
0fce5623SAvi Kivity
b14b2690SSean Christopherson	return page;
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(gfn_to_page);
0fce5623SAvi Kivity
357a18adSDavid Woodhousevoid kvm_release_pfn(kvm_pfn_t pfn, bool dirty)
91724814SBoris Ostrovsky{
91724814SBoris Ostrovsky	if (dirty)
91724814SBoris Ostrovsky		kvm_release_pfn_dirty(pfn);
91724814SBoris Ostrovsky	else
91724814SBoris Ostrovsky		kvm_release_pfn_clean(pfn);
91724814SBoris Ostrovsky}
91724814SBoris Ostrovsky
357a18adSDavid Woodhouseint kvm_vcpu_map(struct kvm_vcpu *vcpu, gfn_t gfn, struct kvm_host_map *map)
e45adf66SKarimAllah Ahmed{
e45adf66SKarimAllah Ahmed	kvm_pfn_t pfn;
e45adf66SKarimAllah Ahmed	void *hva = NULL;
e45adf66SKarimAllah Ahmed	struct page *page = KVM_UNMAPPED_PAGE;
e45adf66SKarimAllah Ahmed
e45adf66SKarimAllah Ahmed	if (!map)
e45adf66SKarimAllah Ahmed		return -EINVAL;
e45adf66SKarimAllah Ahmed
357a18adSDavid Woodhouse	pfn = gfn_to_pfn(vcpu->kvm, gfn);
e45adf66SKarimAllah Ahmed	if (is_error_noslot_pfn(pfn))
e45adf66SKarimAllah Ahmed		return -EINVAL;
e45adf66SKarimAllah Ahmed
e45adf66SKarimAllah Ahmed	if (pfn_valid(pfn)) {
e45adf66SKarimAllah Ahmed		page = pfn_to_page(pfn);
e45adf66SKarimAllah Ahmed		hva = kmap(page);
d30b214dSPaolo Bonzini#ifdef CONFIG_HAS_IOMEM
91724814SBoris Ostrovsky	} else {
357a18adSDavid Woodhouse		hva = memremap(pfn_to_hpa(pfn), PAGE_SIZE, MEMREMAP_WB);
d30b214dSPaolo Bonzini#endif
e45adf66SKarimAllah Ahmed	}
e45adf66SKarimAllah Ahmed
e45adf66SKarimAllah Ahmed	if (!hva)
e45adf66SKarimAllah Ahmed		return -EFAULT;
e45adf66SKarimAllah Ahmed
e45adf66SKarimAllah Ahmed	map->page = page;
e45adf66SKarimAllah Ahmed	map->hva = hva;
e45adf66SKarimAllah Ahmed	map->pfn = pfn;
e45adf66SKarimAllah Ahmed	map->gfn = gfn;
e45adf66SKarimAllah Ahmed
e45adf66SKarimAllah Ahmed	return 0;
e45adf66SKarimAllah Ahmed}
e45adf66SKarimAllah AhmedEXPORT_SYMBOL_GPL(kvm_vcpu_map);
e45adf66SKarimAllah Ahmed
357a18adSDavid Woodhousevoid kvm_vcpu_unmap(struct kvm_vcpu *vcpu, struct kvm_host_map *map, bool dirty)
e45adf66SKarimAllah Ahmed{
e45adf66SKarimAllah Ahmed	if (!map)
e45adf66SKarimAllah Ahmed		return;
e45adf66SKarimAllah Ahmed
e45adf66SKarimAllah Ahmed	if (!map->hva)
e45adf66SKarimAllah Ahmed		return;
e45adf66SKarimAllah Ahmed
357a18adSDavid Woodhouse	if (map->page != KVM_UNMAPPED_PAGE)
91724814SBoris Ostrovsky		kunmap(map->page);
91724814SBoris Ostrovsky#ifdef CONFIG_HAS_IOMEM
91724814SBoris Ostrovsky	else
357a18adSDavid Woodhouse		memunmap(map->hva);
eb1f2f38SChristian Borntraeger#endif
e45adf66SKarimAllah Ahmed
91724814SBoris Ostrovsky	if (dirty)
357a18adSDavid Woodhouse		kvm_vcpu_mark_page_dirty(vcpu, map->gfn);
91724814SBoris Ostrovsky
357a18adSDavid Woodhouse	kvm_release_pfn(map->pfn, dirty);
e45adf66SKarimAllah Ahmed
e45adf66SKarimAllah Ahmed	map->hva = NULL;
e45adf66SKarimAllah Ahmed	map->page = NULL;
e45adf66SKarimAllah Ahmed}
e45adf66SKarimAllah AhmedEXPORT_SYMBOL_GPL(kvm_vcpu_unmap);
e45adf66SKarimAllah Ahmed
8e1c6914SSean Christophersonstatic bool kvm_is_ad_tracked_page(struct page *page)
8e73485cSPaolo Bonzini{
8e1c6914SSean Christopherson	/*
8e1c6914SSean Christopherson	 * Per page-flags.h, pages tagged PG_reserved "should in general not be
8e1c6914SSean Christopherson	 * touched (e.g. set dirty) except by its owner".
8e1c6914SSean Christopherson	 */
8e1c6914SSean Christopherson	return !PageReserved(page);
8e73485cSPaolo Bonzini}
8e1c6914SSean Christopherson
8e1c6914SSean Christophersonstatic void kvm_set_page_dirty(struct page *page)
8e1c6914SSean Christopherson{
8e1c6914SSean Christopherson	if (kvm_is_ad_tracked_page(page))
8e1c6914SSean Christopherson		SetPageDirty(page);
8e1c6914SSean Christopherson}
8e1c6914SSean Christopherson
8e1c6914SSean Christophersonstatic void kvm_set_page_accessed(struct page *page)
8e1c6914SSean Christopherson{
8e1c6914SSean Christopherson	if (kvm_is_ad_tracked_page(page))
8e1c6914SSean Christopherson		mark_page_accessed(page);
8e1c6914SSean Christopherson}
8e73485cSPaolo Bonzini
0fce5623SAvi Kivityvoid kvm_release_page_clean(struct page *page)
0fce5623SAvi Kivity{
32cad84fSXiao Guangrong	WARN_ON(is_error_page(page));
32cad84fSXiao Guangrong
8e1c6914SSean Christopherson	kvm_set_page_accessed(page);
8e1c6914SSean Christopherson	put_page(page);
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_release_page_clean);
0fce5623SAvi Kivity
ba049e93SDan Williamsvoid kvm_release_pfn_clean(kvm_pfn_t pfn)
35149e21SAnthony Liguori{
b14b2690SSean Christopherson	struct page *page;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	if (is_error_noslot_pfn(pfn))
b14b2690SSean Christopherson		return;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	page = kvm_pfn_to_refcounted_page(pfn);
b14b2690SSean Christopherson	if (!page)
b14b2690SSean Christopherson		return;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	kvm_release_page_clean(page);
35149e21SAnthony Liguori}
35149e21SAnthony LiguoriEXPORT_SYMBOL_GPL(kvm_release_pfn_clean);
35149e21SAnthony Liguori
0fce5623SAvi Kivityvoid kvm_release_page_dirty(struct page *page)
0fce5623SAvi Kivity{
a2766325SXiao Guangrong	WARN_ON(is_error_page(page));
a2766325SXiao Guangrong
8e1c6914SSean Christopherson	kvm_set_page_dirty(page);
8e1c6914SSean Christopherson	kvm_release_page_clean(page);
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_release_page_dirty);
0fce5623SAvi Kivity
f7a6509fSDavid Hildenbrandvoid kvm_release_pfn_dirty(kvm_pfn_t pfn)
35149e21SAnthony Liguori{
b14b2690SSean Christopherson	struct page *page;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	if (is_error_noslot_pfn(pfn))
b14b2690SSean Christopherson		return;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	page = kvm_pfn_to_refcounted_page(pfn);
b14b2690SSean Christopherson	if (!page)
b14b2690SSean Christopherson		return;
b14b2690SSean Christopherson
b14b2690SSean Christopherson	kvm_release_page_dirty(page);
35149e21SAnthony Liguori}
f7a6509fSDavid HildenbrandEXPORT_SYMBOL_GPL(kvm_release_pfn_dirty);
35149e21SAnthony Liguori
a1040b0dSSean Christopherson/*
8e1c6914SSean Christopherson * Note, checking for an error/noslot pfn is the caller's responsibility when
8e1c6914SSean Christopherson * directly marking a page dirty/accessed.  Unlike the "release" helpers, the
8e1c6914SSean Christopherson * "set" helpers are not to be used when the pfn might point at garbage.
a1040b0dSSean Christopherson */
ba049e93SDan Williamsvoid kvm_set_pfn_dirty(kvm_pfn_t pfn)
35149e21SAnthony Liguori{
8e1c6914SSean Christopherson	if (WARN_ON(is_error_noslot_pfn(pfn)))
8e1c6914SSean Christopherson		return;
8e1c6914SSean Christopherson
8e1c6914SSean Christopherson	if (pfn_valid(pfn))
8e1c6914SSean Christopherson		kvm_set_page_dirty(pfn_to_page(pfn));
2e2e3738SAnthony Liguori}
35149e21SAnthony LiguoriEXPORT_SYMBOL_GPL(kvm_set_pfn_dirty);
35149e21SAnthony Liguori
ba049e93SDan Williamsvoid kvm_set_pfn_accessed(kvm_pfn_t pfn)
35149e21SAnthony Liguori{
8e1c6914SSean Christopherson	if (WARN_ON(is_error_noslot_pfn(pfn)))
8e1c6914SSean Christopherson		return;
8e1c6914SSean Christopherson
8e1c6914SSean Christopherson	if (pfn_valid(pfn))
8e1c6914SSean Christopherson		kvm_set_page_accessed(pfn_to_page(pfn));
35149e21SAnthony Liguori}
35149e21SAnthony LiguoriEXPORT_SYMBOL_GPL(kvm_set_pfn_accessed);
35149e21SAnthony Liguori
0fce5623SAvi Kivitystatic int next_segment(unsigned long len, int offset)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	if (len > PAGE_SIZE - offset)
0fce5623SAvi Kivity		return PAGE_SIZE - offset;
0fce5623SAvi Kivity	else
0fce5623SAvi Kivity		return len;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
8e73485cSPaolo Bonzinistatic int __kvm_read_guest_page(struct kvm_memory_slot *slot, gfn_t gfn,
8e73485cSPaolo Bonzini				 void *data, int offset, int len)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	int r;
0fce5623SAvi Kivity	unsigned long addr;
0fce5623SAvi Kivity
8e73485cSPaolo Bonzini	addr = gfn_to_hva_memslot_prot(slot, gfn, NULL);
0fce5623SAvi Kivity	if (kvm_is_error_hva(addr))
0fce5623SAvi Kivity		return -EFAULT;
3180a7fcSPaolo Bonzini	r = __copy_from_user(data, (void __user *)addr + offset, len);
0fce5623SAvi Kivity	if (r)
0fce5623SAvi Kivity		return -EFAULT;
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonziniint kvm_read_guest_page(struct kvm *kvm, gfn_t gfn, void *data, int offset,
8e73485cSPaolo Bonzini			int len)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	struct kvm_memory_slot *slot = gfn_to_memslot(kvm, gfn);
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonzini	return __kvm_read_guest_page(slot, gfn, data, offset, len);
8e73485cSPaolo Bonzini}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_read_guest_page);
0fce5623SAvi Kivity
8e73485cSPaolo Bonziniint kvm_vcpu_read_guest_page(struct kvm_vcpu *vcpu, gfn_t gfn, void *data,
8e73485cSPaolo Bonzini			     int offset, int len)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	struct kvm_memory_slot *slot = kvm_vcpu_gfn_to_memslot(vcpu, gfn);
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonzini	return __kvm_read_guest_page(slot, gfn, data, offset, len);
8e73485cSPaolo Bonzini}
8e73485cSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_vcpu_read_guest_page);
8e73485cSPaolo Bonzini
0fce5623SAvi Kivityint kvm_read_guest(struct kvm *kvm, gpa_t gpa, void *data, unsigned long len)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	gfn_t gfn = gpa >> PAGE_SHIFT;
0fce5623SAvi Kivity	int seg;
0fce5623SAvi Kivity	int offset = offset_in_page(gpa);
0fce5623SAvi Kivity	int ret;
0fce5623SAvi Kivity
0fce5623SAvi Kivity	while ((seg = next_segment(len, offset)) != 0) {
0fce5623SAvi Kivity		ret = kvm_read_guest_page(kvm, gfn, data, offset, seg);
0fce5623SAvi Kivity		if (ret < 0)
0fce5623SAvi Kivity			return ret;
0fce5623SAvi Kivity		offset = 0;
0fce5623SAvi Kivity		len -= seg;
0fce5623SAvi Kivity		data += seg;
0fce5623SAvi Kivity		++gfn;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_read_guest);
0fce5623SAvi Kivity
8e73485cSPaolo Bonziniint kvm_vcpu_read_guest(struct kvm_vcpu *vcpu, gpa_t gpa, void *data, unsigned long len)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	gfn_t gfn = gpa >> PAGE_SHIFT;
8e73485cSPaolo Bonzini	int seg;
8e73485cSPaolo Bonzini	int offset = offset_in_page(gpa);
8e73485cSPaolo Bonzini	int ret;
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonzini	while ((seg = next_segment(len, offset)) != 0) {
8e73485cSPaolo Bonzini		ret = kvm_vcpu_read_guest_page(vcpu, gfn, data, offset, seg);
8e73485cSPaolo Bonzini		if (ret < 0)
8e73485cSPaolo Bonzini			return ret;
8e73485cSPaolo Bonzini		offset = 0;
8e73485cSPaolo Bonzini		len -= seg;
8e73485cSPaolo Bonzini		data += seg;
8e73485cSPaolo Bonzini		++gfn;
8e73485cSPaolo Bonzini	}
8e73485cSPaolo Bonzini	return 0;
8e73485cSPaolo Bonzini}
8e73485cSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_vcpu_read_guest);
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonzinistatic int __kvm_read_guest_atomic(struct kvm_memory_slot *slot, gfn_t gfn,
8e73485cSPaolo Bonzini			           void *data, int offset, unsigned long len)
7ec54588SMarcelo Tosatti{
7ec54588SMarcelo Tosatti	int r;
7ec54588SMarcelo Tosatti	unsigned long addr;
7ec54588SMarcelo Tosatti
8e73485cSPaolo Bonzini	addr = gfn_to_hva_memslot_prot(slot, gfn, NULL);
7ec54588SMarcelo Tosatti	if (kvm_is_error_hva(addr))
7ec54588SMarcelo Tosatti		return -EFAULT;
0aac03f0SAndrea Arcangeli	pagefault_disable();
3180a7fcSPaolo Bonzini	r = __copy_from_user_inatomic(data, (void __user *)addr + offset, len);
0aac03f0SAndrea Arcangeli	pagefault_enable();
7ec54588SMarcelo Tosatti	if (r)
7ec54588SMarcelo Tosatti		return -EFAULT;
7ec54588SMarcelo Tosatti	return 0;
7ec54588SMarcelo Tosatti}
7ec54588SMarcelo Tosatti
8e73485cSPaolo Bonziniint kvm_vcpu_read_guest_atomic(struct kvm_vcpu *vcpu, gpa_t gpa,
8e73485cSPaolo Bonzini			       void *data, unsigned long len)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	gfn_t gfn = gpa >> PAGE_SHIFT;
8e73485cSPaolo Bonzini	struct kvm_memory_slot *slot = kvm_vcpu_gfn_to_memslot(vcpu, gfn);
8e73485cSPaolo Bonzini	int offset = offset_in_page(gpa);
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonzini	return __kvm_read_guest_atomic(slot, gfn, data, offset, len);
8e73485cSPaolo Bonzini}
8e73485cSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_vcpu_read_guest_atomic);
8e73485cSPaolo Bonzini
28bd726aSPeter Xustatic int __kvm_write_guest_page(struct kvm *kvm,
28bd726aSPeter Xu				  struct kvm_memory_slot *memslot, gfn_t gfn,
8e73485cSPaolo Bonzini			          const void *data, int offset, int len)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	int r;
0fce5623SAvi Kivity	unsigned long addr;
0fce5623SAvi Kivity
251eb841SRadim Krčmář	addr = gfn_to_hva_memslot(memslot, gfn);
0fce5623SAvi Kivity	if (kvm_is_error_hva(addr))
0fce5623SAvi Kivity		return -EFAULT;
8b0cedffSXiao Guangrong	r = __copy_to_user((void __user *)addr + offset, data, len);
0fce5623SAvi Kivity	if (r)
0fce5623SAvi Kivity		return -EFAULT;
28bd726aSPeter Xu	mark_page_dirty_in_slot(kvm, memslot, gfn);
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonziniint kvm_write_guest_page(struct kvm *kvm, gfn_t gfn,
8e73485cSPaolo Bonzini			 const void *data, int offset, int len)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	struct kvm_memory_slot *slot = gfn_to_memslot(kvm, gfn);
8e73485cSPaolo Bonzini
28bd726aSPeter Xu	return __kvm_write_guest_page(kvm, slot, gfn, data, offset, len);
8e73485cSPaolo Bonzini}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_write_guest_page);
0fce5623SAvi Kivity
8e73485cSPaolo Bonziniint kvm_vcpu_write_guest_page(struct kvm_vcpu *vcpu, gfn_t gfn,
8e73485cSPaolo Bonzini			      const void *data, int offset, int len)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	struct kvm_memory_slot *slot = kvm_vcpu_gfn_to_memslot(vcpu, gfn);
8e73485cSPaolo Bonzini
28bd726aSPeter Xu	return __kvm_write_guest_page(vcpu->kvm, slot, gfn, data, offset, len);
8e73485cSPaolo Bonzini}
8e73485cSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_vcpu_write_guest_page);
8e73485cSPaolo Bonzini
0fce5623SAvi Kivityint kvm_write_guest(struct kvm *kvm, gpa_t gpa, const void *data,
0fce5623SAvi Kivity		    unsigned long len)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	gfn_t gfn = gpa >> PAGE_SHIFT;
0fce5623SAvi Kivity	int seg;
0fce5623SAvi Kivity	int offset = offset_in_page(gpa);
0fce5623SAvi Kivity	int ret;
0fce5623SAvi Kivity
0fce5623SAvi Kivity	while ((seg = next_segment(len, offset)) != 0) {
0fce5623SAvi Kivity		ret = kvm_write_guest_page(kvm, gfn, data, offset, seg);
0fce5623SAvi Kivity		if (ret < 0)
0fce5623SAvi Kivity			return ret;
0fce5623SAvi Kivity		offset = 0;
0fce5623SAvi Kivity		len -= seg;
0fce5623SAvi Kivity		data += seg;
0fce5623SAvi Kivity		++gfn;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
ff651cb6SWincy VanEXPORT_SYMBOL_GPL(kvm_write_guest);
0fce5623SAvi Kivity
8e73485cSPaolo Bonziniint kvm_vcpu_write_guest(struct kvm_vcpu *vcpu, gpa_t gpa, const void *data,
8e73485cSPaolo Bonzini		         unsigned long len)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	gfn_t gfn = gpa >> PAGE_SHIFT;
8e73485cSPaolo Bonzini	int seg;
8e73485cSPaolo Bonzini	int offset = offset_in_page(gpa);
8e73485cSPaolo Bonzini	int ret;
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonzini	while ((seg = next_segment(len, offset)) != 0) {
8e73485cSPaolo Bonzini		ret = kvm_vcpu_write_guest_page(vcpu, gfn, data, offset, seg);
8e73485cSPaolo Bonzini		if (ret < 0)
8e73485cSPaolo Bonzini			return ret;
8e73485cSPaolo Bonzini		offset = 0;
8e73485cSPaolo Bonzini		len -= seg;
8e73485cSPaolo Bonzini		data += seg;
8e73485cSPaolo Bonzini		++gfn;
8e73485cSPaolo Bonzini	}
8e73485cSPaolo Bonzini	return 0;
8e73485cSPaolo Bonzini}
8e73485cSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_vcpu_write_guest);
8e73485cSPaolo Bonzini
5a2d4365SPaolo Bonzinistatic int __kvm_gfn_to_hva_cache_init(struct kvm_memslots *slots,
5a2d4365SPaolo Bonzini				       struct gfn_to_hva_cache *ghc,
8f964525SAndrew Honig				       gpa_t gpa, unsigned long len)
49c7754cSGleb Natapov{
49c7754cSGleb Natapov	int offset = offset_in_page(gpa);
8f964525SAndrew Honig	gfn_t start_gfn = gpa >> PAGE_SHIFT;
8f964525SAndrew Honig	gfn_t end_gfn = (gpa + len - 1) >> PAGE_SHIFT;
8f964525SAndrew Honig	gfn_t nr_pages_needed = end_gfn - start_gfn + 1;
8f964525SAndrew Honig	gfn_t nr_pages_avail;
49c7754cSGleb Natapov
6ad1e29fSSean Christopherson	/* Update ghc->generation before performing any error checks. */
49c7754cSGleb Natapov	ghc->generation = slots->generation;
6ad1e29fSSean Christopherson
6ad1e29fSSean Christopherson	if (start_gfn > end_gfn) {
f1b9dd5eSJim Mattson		ghc->hva = KVM_HVA_ERR_BAD;
6ad1e29fSSean Christopherson		return -EINVAL;
6ad1e29fSSean Christopherson	}
f1b9dd5eSJim Mattson
8f964525SAndrew Honig	/*
8f964525SAndrew Honig	 * If the requested region crosses two memslots, we still
8f964525SAndrew Honig	 * verify that the entire region is valid here.
8f964525SAndrew Honig	 */
6ad1e29fSSean Christopherson	for ( ; start_gfn <= end_gfn; start_gfn += nr_pages_avail) {
5a2d4365SPaolo Bonzini		ghc->memslot = __gfn_to_memslot(slots, start_gfn);
8f964525SAndrew Honig		ghc->hva = gfn_to_hva_many(ghc->memslot, start_gfn,
8f964525SAndrew Honig					   &nr_pages_avail);
8f964525SAndrew Honig		if (kvm_is_error_hva(ghc->hva))
6ad1e29fSSean Christopherson			return -EFAULT;
8f964525SAndrew Honig	}
f1b9dd5eSJim Mattson
8f964525SAndrew Honig	/* Use the slow path for cross page reads and writes. */
6ad1e29fSSean Christopherson	if (nr_pages_needed == 1)
f1b9dd5eSJim Mattson		ghc->hva += offset;
f1b9dd5eSJim Mattson	else
8f964525SAndrew Honig		ghc->memslot = NULL;
f1b9dd5eSJim Mattson
6ad1e29fSSean Christopherson	ghc->gpa = gpa;
6ad1e29fSSean Christopherson	ghc->len = len;
6ad1e29fSSean Christopherson	return 0;
49c7754cSGleb Natapov}
5a2d4365SPaolo Bonzini
4e335d9eSPaolo Bonziniint kvm_gfn_to_hva_cache_init(struct kvm *kvm, struct gfn_to_hva_cache *ghc,
5a2d4365SPaolo Bonzini			      gpa_t gpa, unsigned long len)
5a2d4365SPaolo Bonzini{
4e335d9eSPaolo Bonzini	struct kvm_memslots *slots = kvm_memslots(kvm);
5a2d4365SPaolo Bonzini	return __kvm_gfn_to_hva_cache_init(slots, ghc, gpa, len);
5a2d4365SPaolo Bonzini}
4e335d9eSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_gfn_to_hva_cache_init);
49c7754cSGleb Natapov
4e335d9eSPaolo Bonziniint kvm_write_guest_offset_cached(struct kvm *kvm, struct gfn_to_hva_cache *ghc,
7a86dab8SJim Mattson				  void *data, unsigned int offset,
7a86dab8SJim Mattson				  unsigned long len)
49c7754cSGleb Natapov{
4e335d9eSPaolo Bonzini	struct kvm_memslots *slots = kvm_memslots(kvm);
49c7754cSGleb Natapov	int r;
4ec6e863SPan Xinhui	gpa_t gpa = ghc->gpa + offset;
49c7754cSGleb Natapov
5f25e71eSPaolo Bonzini	if (WARN_ON_ONCE(len + offset > ghc->len))
5f25e71eSPaolo Bonzini		return -EINVAL;
8f964525SAndrew Honig
dc9ce71eSSean Christopherson	if (slots->generation != ghc->generation) {
dc9ce71eSSean Christopherson		if (__kvm_gfn_to_hva_cache_init(slots, ghc, ghc->gpa, ghc->len))
dc9ce71eSSean Christopherson			return -EFAULT;
dc9ce71eSSean Christopherson	}
8f964525SAndrew Honig
49c7754cSGleb Natapov	if (kvm_is_error_hva(ghc->hva))
49c7754cSGleb Natapov		return -EFAULT;
49c7754cSGleb Natapov
fcfbc617SSean Christopherson	if (unlikely(!ghc->memslot))
fcfbc617SSean Christopherson		return kvm_write_guest(kvm, gpa, data, len);
fcfbc617SSean Christopherson
4ec6e863SPan Xinhui	r = __copy_to_user((void __user *)ghc->hva + offset, data, len);
49c7754cSGleb Natapov	if (r)
49c7754cSGleb Natapov		return -EFAULT;
28bd726aSPeter Xu	mark_page_dirty_in_slot(kvm, ghc->memslot, gpa >> PAGE_SHIFT);
49c7754cSGleb Natapov
49c7754cSGleb Natapov	return 0;
49c7754cSGleb Natapov}
4e335d9eSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_write_guest_offset_cached);
4ec6e863SPan Xinhui
4e335d9eSPaolo Bonziniint kvm_write_guest_cached(struct kvm *kvm, struct gfn_to_hva_cache *ghc,
4ec6e863SPan Xinhui			   void *data, unsigned long len)
4ec6e863SPan Xinhui{
4e335d9eSPaolo Bonzini	return kvm_write_guest_offset_cached(kvm, ghc, data, 0, len);
4ec6e863SPan Xinhui}
4e335d9eSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_write_guest_cached);
49c7754cSGleb Natapov
0958f0ceSVitaly Kuznetsovint kvm_read_guest_offset_cached(struct kvm *kvm, struct gfn_to_hva_cache *ghc,
0958f0ceSVitaly Kuznetsov				 void *data, unsigned int offset,
0958f0ceSVitaly Kuznetsov				 unsigned long len)
e03b644fSGleb Natapov{
4e335d9eSPaolo Bonzini	struct kvm_memslots *slots = kvm_memslots(kvm);
e03b644fSGleb Natapov	int r;
0958f0ceSVitaly Kuznetsov	gpa_t gpa = ghc->gpa + offset;
e03b644fSGleb Natapov
5f25e71eSPaolo Bonzini	if (WARN_ON_ONCE(len + offset > ghc->len))
5f25e71eSPaolo Bonzini		return -EINVAL;
8f964525SAndrew Honig
dc9ce71eSSean Christopherson	if (slots->generation != ghc->generation) {
dc9ce71eSSean Christopherson		if (__kvm_gfn_to_hva_cache_init(slots, ghc, ghc->gpa, ghc->len))
dc9ce71eSSean Christopherson			return -EFAULT;
dc9ce71eSSean Christopherson	}
8f964525SAndrew Honig
e03b644fSGleb Natapov	if (kvm_is_error_hva(ghc->hva))
e03b644fSGleb Natapov		return -EFAULT;
e03b644fSGleb Natapov
fcfbc617SSean Christopherson	if (unlikely(!ghc->memslot))
0958f0ceSVitaly Kuznetsov		return kvm_read_guest(kvm, gpa, data, len);
fcfbc617SSean Christopherson
0958f0ceSVitaly Kuznetsov	r = __copy_from_user(data, (void __user *)ghc->hva + offset, len);
e03b644fSGleb Natapov	if (r)
e03b644fSGleb Natapov		return -EFAULT;
e03b644fSGleb Natapov
e03b644fSGleb Natapov	return 0;
e03b644fSGleb Natapov}
0958f0ceSVitaly KuznetsovEXPORT_SYMBOL_GPL(kvm_read_guest_offset_cached);
0958f0ceSVitaly Kuznetsov
0958f0ceSVitaly Kuznetsovint kvm_read_guest_cached(struct kvm *kvm, struct gfn_to_hva_cache *ghc,
0958f0ceSVitaly Kuznetsov			  void *data, unsigned long len)
0958f0ceSVitaly Kuznetsov{
0958f0ceSVitaly Kuznetsov	return kvm_read_guest_offset_cached(kvm, ghc, data, 0, len);
0958f0ceSVitaly Kuznetsov}
4e335d9eSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_read_guest_cached);
e03b644fSGleb Natapov
0fce5623SAvi Kivityint kvm_clear_guest(struct kvm *kvm, gpa_t gpa, unsigned long len)
0fce5623SAvi Kivity{
2f541442SPaolo Bonzini	const void *zero_page = (const void *) __va(page_to_phys(ZERO_PAGE(0)));
0fce5623SAvi Kivity	gfn_t gfn = gpa >> PAGE_SHIFT;
0fce5623SAvi Kivity	int seg;
0fce5623SAvi Kivity	int offset = offset_in_page(gpa);
0fce5623SAvi Kivity	int ret;
0fce5623SAvi Kivity
0fce5623SAvi Kivity	while ((seg = next_segment(len, offset)) != 0) {
2f541442SPaolo Bonzini		ret = kvm_write_guest_page(kvm, gfn, zero_page, offset, len);
0fce5623SAvi Kivity		if (ret < 0)
0fce5623SAvi Kivity			return ret;
0fce5623SAvi Kivity		offset = 0;
0fce5623SAvi Kivity		len -= seg;
0fce5623SAvi Kivity		++gfn;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_clear_guest);
0fce5623SAvi Kivity
28bd726aSPeter Xuvoid mark_page_dirty_in_slot(struct kvm *kvm,
8283e36aSBen Gardon			     const struct kvm_memory_slot *memslot,
28bd726aSPeter Xu		 	     gfn_t gfn)
0fce5623SAvi Kivity{
2efd61a6SDavid Woodhouse	struct kvm_vcpu *vcpu = kvm_get_running_vcpu();
2efd61a6SDavid Woodhouse
e09fccb5SChristian Borntraeger#ifdef CONFIG_HAVE_KVM_DIRTY_RING
86bdf3ebSGavin Shan	if (WARN_ON_ONCE(vcpu && vcpu->kvm != kvm))
2efd61a6SDavid Woodhouse		return;
86bdf3ebSGavin Shan
c57351a7SGavin Shan	WARN_ON_ONCE(!vcpu && !kvm_arch_allow_write_without_running_vcpu(kvm));
e09fccb5SChristian Borntraeger#endif
2efd61a6SDavid Woodhouse
044c59c4SPeter Xu	if (memslot && kvm_slot_dirty_track_enabled(memslot)) {
0fce5623SAvi Kivity		unsigned long rel_gfn = gfn - memslot->base_gfn;
fb04a1edSPeter Xu		u32 slot = (memslot->as_id << 16) | memslot->id;
0fce5623SAvi Kivity
86bdf3ebSGavin Shan		if (kvm->dirty_ring_size && vcpu)
cf87ac73SGavin Shan			kvm_dirty_ring_push(vcpu, slot, rel_gfn);
c57351a7SGavin Shan		else if (memslot->dirty_bitmap)
b74ca3b3STakuya Yoshikawa			set_bit_le(rel_gfn, memslot->dirty_bitmap);
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity}
a6a0b05dSBen GardonEXPORT_SYMBOL_GPL(mark_page_dirty_in_slot);
0fce5623SAvi Kivity
49c7754cSGleb Natapovvoid mark_page_dirty(struct kvm *kvm, gfn_t gfn)
49c7754cSGleb Natapov{
49c7754cSGleb Natapov	struct kvm_memory_slot *memslot;
49c7754cSGleb Natapov
49c7754cSGleb Natapov	memslot = gfn_to_memslot(kvm, gfn);
28bd726aSPeter Xu	mark_page_dirty_in_slot(kvm, memslot, gfn);
49c7754cSGleb Natapov}
2ba9f0d8SAneesh Kumar K.VEXPORT_SYMBOL_GPL(mark_page_dirty);
49c7754cSGleb Natapov
8e73485cSPaolo Bonzinivoid kvm_vcpu_mark_page_dirty(struct kvm_vcpu *vcpu, gfn_t gfn)
8e73485cSPaolo Bonzini{
8e73485cSPaolo Bonzini	struct kvm_memory_slot *memslot;
8e73485cSPaolo Bonzini
8e73485cSPaolo Bonzini	memslot = kvm_vcpu_gfn_to_memslot(vcpu, gfn);
28bd726aSPeter Xu	mark_page_dirty_in_slot(vcpu->kvm, memslot, gfn);
8e73485cSPaolo Bonzini}
8e73485cSPaolo BonziniEXPORT_SYMBOL_GPL(kvm_vcpu_mark_page_dirty);
8e73485cSPaolo Bonzini
20b7035cSJan H. Schönherrvoid kvm_sigset_activate(struct kvm_vcpu *vcpu)
20b7035cSJan H. Schönherr{
20b7035cSJan H. Schönherr	if (!vcpu->sigset_active)
20b7035cSJan H. Schönherr		return;
20b7035cSJan H. Schönherr
20b7035cSJan H. Schönherr	/*
20b7035cSJan H. Schönherr	 * This does a lockless modification of ->real_blocked, which is fine
20b7035cSJan H. Schönherr	 * because, only current can change ->real_blocked and all readers of
20b7035cSJan H. Schönherr	 * ->real_blocked don't care as long ->real_blocked is always a subset
20b7035cSJan H. Schönherr	 * of ->blocked.
20b7035cSJan H. Schönherr	 */
20b7035cSJan H. Schönherr	sigprocmask(SIG_SETMASK, &vcpu->sigset, &current->real_blocked);
20b7035cSJan H. Schönherr}
20b7035cSJan H. Schönherr
20b7035cSJan H. Schönherrvoid kvm_sigset_deactivate(struct kvm_vcpu *vcpu)
20b7035cSJan H. Schönherr{
20b7035cSJan H. Schönherr	if (!vcpu->sigset_active)
20b7035cSJan H. Schönherr		return;
20b7035cSJan H. Schönherr
20b7035cSJan H. Schönherr	sigprocmask(SIG_SETMASK, &current->real_blocked, NULL);
20b7035cSJan H. Schönherr	sigemptyset(&current->real_blocked);
20b7035cSJan H. Schönherr}
20b7035cSJan H. Schönherr
aca6ff29SWanpeng Listatic void grow_halt_poll_ns(struct kvm_vcpu *vcpu)
aca6ff29SWanpeng Li{
dee339b5SNir Weiner	unsigned int old, val, grow, grow_start;
aca6ff29SWanpeng Li
2cbd7824SWanpeng Li	old = val = vcpu->halt_poll_ns;
dee339b5SNir Weiner	grow_start = READ_ONCE(halt_poll_ns_grow_start);
6b6de68cSChristian Borntraeger	grow = READ_ONCE(halt_poll_ns_grow);
7fa08e71SNir Weiner	if (!grow)
7fa08e71SNir Weiner		goto out;
7fa08e71SNir Weiner
6b6de68cSChristian Borntraeger	val *= grow;
dee339b5SNir Weiner	if (val < grow_start)
dee339b5SNir Weiner		val = grow_start;
aca6ff29SWanpeng Li
aca6ff29SWanpeng Li	vcpu->halt_poll_ns = val;
7fa08e71SNir Weinerout:
2cbd7824SWanpeng Li	trace_kvm_halt_poll_ns_grow(vcpu->vcpu_id, val, old);
aca6ff29SWanpeng Li}
aca6ff29SWanpeng Li
aca6ff29SWanpeng Listatic void shrink_halt_poll_ns(struct kvm_vcpu *vcpu)
aca6ff29SWanpeng Li{
ae232ea4SSergey Senozhatsky	unsigned int old, val, shrink, grow_start;
aca6ff29SWanpeng Li
2cbd7824SWanpeng Li	old = val = vcpu->halt_poll_ns;
6b6de68cSChristian Borntraeger	shrink = READ_ONCE(halt_poll_ns_shrink);
ae232ea4SSergey Senozhatsky	grow_start = READ_ONCE(halt_poll_ns_grow_start);
6b6de68cSChristian Borntraeger	if (shrink == 0)
aca6ff29SWanpeng Li		val = 0;
aca6ff29SWanpeng Li	else
6b6de68cSChristian Borntraeger		val /= shrink;
aca6ff29SWanpeng Li
ae232ea4SSergey Senozhatsky	if (val < grow_start)
ae232ea4SSergey Senozhatsky		val = 0;
ae232ea4SSergey Senozhatsky
aca6ff29SWanpeng Li	vcpu->halt_poll_ns = val;
2cbd7824SWanpeng Li	trace_kvm_halt_poll_ns_shrink(vcpu->vcpu_id, val, old);
aca6ff29SWanpeng Li}
aca6ff29SWanpeng Li
f7819512SPaolo Bonzinistatic int kvm_vcpu_check_block(struct kvm_vcpu *vcpu)
f7819512SPaolo Bonzini{
50c28f21SJunaid Shahid	int ret = -EINTR;
50c28f21SJunaid Shahid	int idx = srcu_read_lock(&vcpu->kvm->srcu);
50c28f21SJunaid Shahid
c59fb127SPaolo Bonzini	if (kvm_arch_vcpu_runnable(vcpu))
50c28f21SJunaid Shahid		goto out;
f7819512SPaolo Bonzini	if (kvm_cpu_has_pending_timer(vcpu))
50c28f21SJunaid Shahid		goto out;
f7819512SPaolo Bonzini	if (signal_pending(current))
50c28f21SJunaid Shahid		goto out;
084071d5SMarcelo Tosatti	if (kvm_check_request(KVM_REQ_UNBLOCK, vcpu))
084071d5SMarcelo Tosatti		goto out;
f7819512SPaolo Bonzini
50c28f21SJunaid Shahid	ret = 0;
50c28f21SJunaid Shahidout:
50c28f21SJunaid Shahid	srcu_read_unlock(&vcpu->kvm->srcu, idx);
50c28f21SJunaid Shahid	return ret;
f7819512SPaolo Bonzini}
f7819512SPaolo Bonzini
0fce5623SAvi Kivity/*
fac42688SSean Christopherson * Block the vCPU until the vCPU is runnable, an event arrives, or a signal is
fac42688SSean Christopherson * pending.  This is mostly used when halting a vCPU, but may also be used
fac42688SSean Christopherson * directly for other vCPU non-runnable states, e.g. x86's Wait-For-SIPI.
0fce5623SAvi Kivity */
fac42688SSean Christophersonbool kvm_vcpu_block(struct kvm_vcpu *vcpu)
0fce5623SAvi Kivity{
fac42688SSean Christopherson	struct rcuwait *wait = kvm_arch_vcpu_get_wait(vcpu);
f7819512SPaolo Bonzini	bool waited = false;
fac42688SSean Christopherson
c3858335SJing Zhang	vcpu->stat.generic.blocking = 1;
f7819512SPaolo Bonzini
18869f26SMaxim Levitsky	preempt_disable();
07ab0f8dSMarc Zyngier	kvm_arch_vcpu_blocking(vcpu);
fac42688SSean Christopherson	prepare_to_rcuwait(wait);
18869f26SMaxim Levitsky	preempt_enable();
18869f26SMaxim Levitsky
e5c239cfSMarcelo Tosatti	for (;;) {
da4ad88cSDavidlohr Bueso		set_current_state(TASK_INTERRUPTIBLE);
0fce5623SAvi Kivity
f7819512SPaolo Bonzini		if (kvm_vcpu_check_block(vcpu) < 0)
e5c239cfSMarcelo Tosatti			break;
e5c239cfSMarcelo Tosatti
f7819512SPaolo Bonzini		waited = true;
0fce5623SAvi Kivity		schedule();
0fce5623SAvi Kivity	}
fac42688SSean Christopherson
18869f26SMaxim Levitsky	preempt_disable();
18869f26SMaxim Levitsky	finish_rcuwait(wait);
fac42688SSean Christopherson	kvm_arch_vcpu_unblocking(vcpu);
18869f26SMaxim Levitsky	preempt_enable();
fac42688SSean Christopherson
c3858335SJing Zhang	vcpu->stat.generic.blocking = 0;
c3858335SJing Zhang
fac42688SSean Christopherson	return waited;
fac42688SSean Christopherson}
fac42688SSean Christopherson
29e72893SSean Christophersonstatic inline void update_halt_poll_stats(struct kvm_vcpu *vcpu, ktime_t start,
29e72893SSean Christopherson					  ktime_t end, bool success)
0fce5623SAvi Kivity{
30c94347SSean Christopherson	struct kvm_vcpu_stat_generic *stats = &vcpu->stat.generic;
29e72893SSean Christopherson	u64 poll_ns = ktime_to_ns(ktime_sub(end, start));
29e72893SSean Christopherson
30c94347SSean Christopherson	++vcpu->stat.generic.halt_attempted_poll;
30c94347SSean Christopherson
30c94347SSean Christopherson	if (success) {
30c94347SSean Christopherson		++vcpu->stat.generic.halt_successful_poll;
30c94347SSean Christopherson
30c94347SSean Christopherson		if (!vcpu_valid_wakeup(vcpu))
30c94347SSean Christopherson			++vcpu->stat.generic.halt_poll_invalid;
30c94347SSean Christopherson
30c94347SSean Christopherson		stats->halt_poll_success_ns += poll_ns;
30c94347SSean Christopherson		KVM_STATS_LOG_HIST_UPDATE(stats->halt_poll_success_hist, poll_ns);
30c94347SSean Christopherson	} else {
30c94347SSean Christopherson		stats->halt_poll_fail_ns += poll_ns;
30c94347SSean Christopherson		KVM_STATS_LOG_HIST_UPDATE(stats->halt_poll_fail_hist, poll_ns);
30c94347SSean Christopherson	}
e5c239cfSMarcelo Tosatti}
0fce5623SAvi Kivity
175d5dc7SDavid Matlackstatic unsigned int kvm_vcpu_max_halt_poll_ns(struct kvm_vcpu *vcpu)
175d5dc7SDavid Matlack{
9eb8ca04SDavid Matlack	struct kvm *kvm = vcpu->kvm;
9eb8ca04SDavid Matlack
9eb8ca04SDavid Matlack	if (kvm->override_halt_poll_ns) {
9eb8ca04SDavid Matlack		/*
9eb8ca04SDavid Matlack		 * Ensure kvm->max_halt_poll_ns is not read before
9eb8ca04SDavid Matlack		 * kvm->override_halt_poll_ns.
9eb8ca04SDavid Matlack		 *
9eb8ca04SDavid Matlack		 * Pairs with the smp_wmb() when enabling KVM_CAP_HALT_POLL.
9eb8ca04SDavid Matlack		 */
9eb8ca04SDavid Matlack		smp_rmb();
9eb8ca04SDavid Matlack		return READ_ONCE(kvm->max_halt_poll_ns);
9eb8ca04SDavid Matlack	}
9eb8ca04SDavid Matlack
9eb8ca04SDavid Matlack	return READ_ONCE(halt_poll_ns);
175d5dc7SDavid Matlack}
175d5dc7SDavid Matlack
fac42688SSean Christopherson/*
fac42688SSean Christopherson * Emulate a vCPU halt condition, e.g. HLT on x86, WFI on arm, etc...  If halt
fac42688SSean Christopherson * polling is enabled, busy wait for a short time before blocking to avoid the
fac42688SSean Christopherson * expensive block+unblock sequence if a wake event arrives soon after the vCPU
fac42688SSean Christopherson * is halted.
fac42688SSean Christopherson */
91b99ea7SSean Christophersonvoid kvm_vcpu_halt(struct kvm_vcpu *vcpu)
0fce5623SAvi Kivity{
175d5dc7SDavid Matlack	unsigned int max_halt_poll_ns = kvm_vcpu_max_halt_poll_ns(vcpu);
6f390916SSean Christopherson	bool halt_poll_allowed = !kvm_arch_no_poll(vcpu);
0fce5623SAvi Kivity	ktime_t start, cur, poll_end;
0fce5623SAvi Kivity	bool waited = false;
97b6847aSDavid Matlack	bool do_halt_poll;
91b99ea7SSean Christopherson	u64 halt_ns;
0fce5623SAvi Kivity
175d5dc7SDavid Matlack	if (vcpu->halt_poll_ns > max_halt_poll_ns)
175d5dc7SDavid Matlack		vcpu->halt_poll_ns = max_halt_poll_ns;
97b6847aSDavid Matlack
97b6847aSDavid Matlack	do_halt_poll = halt_poll_allowed && vcpu->halt_poll_ns;
97b6847aSDavid Matlack
0fce5623SAvi Kivity	start = cur = poll_end = ktime_get();
8df6a61cSSean Christopherson	if (do_halt_poll) {
109a9826SSean Christopherson		ktime_t stop = ktime_add_ns(start, vcpu->halt_poll_ns);
d255f4f2SZhai, Edwin
d255f4f2SZhai, Edwin		do {
30c94347SSean Christopherson			if (kvm_vcpu_check_block(vcpu) < 0)
0fce5623SAvi Kivity				goto out;
0fce5623SAvi Kivity			cpu_relax();
0fce5623SAvi Kivity			poll_end = cur = ktime_get();
0fce5623SAvi Kivity		} while (kvm_vcpu_can_poll(cur, stop));
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity
fac42688SSean Christopherson	waited = kvm_vcpu_block(vcpu);
f6c60d08SSean Christopherson
f7819512SPaolo Bonzini	cur = ktime_get();
87bcc5faSJing Zhang	if (waited) {
87bcc5faSJing Zhang		vcpu->stat.generic.halt_wait_ns +=
87bcc5faSJing Zhang			ktime_to_ns(cur) - ktime_to_ns(poll_end);
8ccba534SJing Zhang		KVM_STATS_LOG_HIST_UPDATE(vcpu->stat.generic.halt_wait_hist,
8ccba534SJing Zhang				ktime_to_ns(cur) - ktime_to_ns(poll_end));
87bcc5faSJing Zhang	}
f7819512SPaolo Bonziniout:
91b99ea7SSean Christopherson	/* The total time the vCPU was "halted", including polling time. */
91b99ea7SSean Christopherson	halt_ns = ktime_to_ns(cur) - ktime_to_ns(start);
aca6ff29SWanpeng Li
29e72893SSean Christopherson	/*
29e72893SSean Christopherson	 * Note, halt-polling is considered successful so long as the vCPU was
29e72893SSean Christopherson	 * never actually scheduled out, i.e. even if the wake event arrived
29e72893SSean Christopherson	 * after of the halt-polling loop itself, but before the full wait.
29e72893SSean Christopherson	 */
8df6a61cSSean Christopherson	if (do_halt_poll)
29e72893SSean Christopherson		update_halt_poll_stats(vcpu, start, poll_end, !waited);
cb953129SDavid Matlack
6f390916SSean Christopherson	if (halt_poll_allowed) {
175d5dc7SDavid Matlack		/* Recompute the max halt poll time in case it changed. */
175d5dc7SDavid Matlack		max_halt_poll_ns = kvm_vcpu_max_halt_poll_ns(vcpu);
175d5dc7SDavid Matlack
44551b2fSWanpeng Li		if (!vcpu_valid_wakeup(vcpu)) {
2086d320SChristian Borntraeger			shrink_halt_poll_ns(vcpu);
175d5dc7SDavid Matlack		} else if (max_halt_poll_ns) {
91b99ea7SSean Christopherson			if (halt_ns <= vcpu->halt_poll_ns)
aca6ff29SWanpeng Li				;
aca6ff29SWanpeng Li			/* we had a long block, shrink polling */
acd05785SDavid Matlack			else if (vcpu->halt_poll_ns &&
175d5dc7SDavid Matlack				 halt_ns > max_halt_poll_ns)
aca6ff29SWanpeng Li				shrink_halt_poll_ns(vcpu);
aca6ff29SWanpeng Li			/* we had a short halt and our poll time is too small */
175d5dc7SDavid Matlack			else if (vcpu->halt_poll_ns < max_halt_poll_ns &&
175d5dc7SDavid Matlack				 halt_ns < max_halt_poll_ns)
aca6ff29SWanpeng Li				grow_halt_poll_ns(vcpu);
44551b2fSWanpeng Li		} else {
edb9272fSWanpeng Li			vcpu->halt_poll_ns = 0;
44551b2fSWanpeng Li		}
44551b2fSWanpeng Li	}
aca6ff29SWanpeng Li
91b99ea7SSean Christopherson	trace_kvm_vcpu_wakeup(halt_ns, waited, vcpu_valid_wakeup(vcpu));
0fce5623SAvi Kivity}
91b99ea7SSean ChristophersonEXPORT_SYMBOL_GPL(kvm_vcpu_halt);
0fce5623SAvi Kivity
178f02ffSRadim Krčmářbool kvm_vcpu_wake_up(struct kvm_vcpu *vcpu)
b6d33834SChristoffer Dall{
d92a5d1cSSean Christopherson	if (__kvm_vcpu_wake_up(vcpu)) {
d73eb57bSWanpeng Li		WRITE_ONCE(vcpu->ready, true);
0193cc90SJing Zhang		++vcpu->stat.generic.halt_wakeup;
178f02ffSRadim Krčmář		return true;
b6d33834SChristoffer Dall	}
b6d33834SChristoffer Dall
178f02ffSRadim Krčmář	return false;
dd1a4cc1SRadim Krčmář}
dd1a4cc1SRadim KrčmářEXPORT_SYMBOL_GPL(kvm_vcpu_wake_up);
dd1a4cc1SRadim Krčmář
0266c894SPaolo Bonzini#ifndef CONFIG_S390
dd1a4cc1SRadim Krčmář/*
dd1a4cc1SRadim Krčmář * Kick a sleeping VCPU, or a guest VCPU in guest mode, into host kernel mode.
dd1a4cc1SRadim Krčmář */
dd1a4cc1SRadim Krčmářvoid kvm_vcpu_kick(struct kvm_vcpu *vcpu)
dd1a4cc1SRadim Krčmář{
85b64045SSean Christopherson	int me, cpu;
dd1a4cc1SRadim Krčmář
178f02ffSRadim Krčmář	if (kvm_vcpu_wake_up(vcpu))
178f02ffSRadim Krčmář		return;
178f02ffSRadim Krčmář
aefdc2edSPaolo Bonzini	me = get_cpu();
aefdc2edSPaolo Bonzini	/*
aefdc2edSPaolo Bonzini	 * The only state change done outside the vcpu mutex is IN_GUEST_MODE
aefdc2edSPaolo Bonzini	 * to EXITING_GUEST_MODE.  Therefore the moderately expensive "should
aefdc2edSPaolo Bonzini	 * kick" check does not need atomic operations if kvm_vcpu_kick is used
aefdc2edSPaolo Bonzini	 * within the vCPU thread itself.
aefdc2edSPaolo Bonzini	 */
aefdc2edSPaolo Bonzini	if (vcpu == __this_cpu_read(kvm_running_vcpu)) {
aefdc2edSPaolo Bonzini		if (vcpu->mode == IN_GUEST_MODE)
aefdc2edSPaolo Bonzini			WRITE_ONCE(vcpu->mode, EXITING_GUEST_MODE);
aefdc2edSPaolo Bonzini		goto out;
aefdc2edSPaolo Bonzini	}
aefdc2edSPaolo Bonzini
85b64045SSean Christopherson	/*
85b64045SSean Christopherson	 * Note, the vCPU could get migrated to a different pCPU at any point
85b64045SSean Christopherson	 * after kvm_arch_vcpu_should_kick(), which could result in sending an
85b64045SSean Christopherson	 * IPI to the previous pCPU.  But, that's ok because the purpose of the
85b64045SSean Christopherson	 * IPI is to force the vCPU to leave IN_GUEST_MODE, and migrating the
85b64045SSean Christopherson	 * vCPU also requires it to leave IN_GUEST_MODE.
85b64045SSean Christopherson	 */
85b64045SSean Christopherson	if (kvm_arch_vcpu_should_kick(vcpu)) {
85b64045SSean Christopherson		cpu = READ_ONCE(vcpu->cpu);
b6d33834SChristoffer Dall		if (cpu != me && (unsigned)cpu < nr_cpu_ids && cpu_online(cpu))
b6d33834SChristoffer Dall			smp_send_reschedule(cpu);
85b64045SSean Christopherson	}
aefdc2edSPaolo Bonziniout:
b6d33834SChristoffer Dall	put_cpu();
b6d33834SChristoffer Dall}
a20ed54dSYang ZhangEXPORT_SYMBOL_GPL(kvm_vcpu_kick);
0266c894SPaolo Bonzini#endif /* !CONFIG_S390 */
b6d33834SChristoffer Dall
fa93384fSDan Carpenterint kvm_vcpu_yield_to(struct kvm_vcpu *target)
41628d33SKonstantin Weitz{
41628d33SKonstantin Weitz	struct pid *pid;
41628d33SKonstantin Weitz	struct task_struct *task = NULL;
fa93384fSDan Carpenter	int ret = 0;
41628d33SKonstantin Weitz
41628d33SKonstantin Weitz	rcu_read_lock();
41628d33SKonstantin Weitz	pid = rcu_dereference(target->pid);
41628d33SKonstantin Weitz	if (pid)
27fbe64bSSam Bobroff		task = get_pid_task(pid, PIDTYPE_PID);
41628d33SKonstantin Weitz	rcu_read_unlock();
41628d33SKonstantin Weitz	if (!task)
c45c528eSRaghavendra K T		return ret;
c45c528eSRaghavendra K T	ret = yield_to(task, 1);
41628d33SKonstantin Weitz	put_task_struct(task);
c45c528eSRaghavendra K T
c45c528eSRaghavendra K T	return ret;
41628d33SKonstantin Weitz}
41628d33SKonstantin WeitzEXPORT_SYMBOL_GPL(kvm_vcpu_yield_to);
41628d33SKonstantin Weitz
06e48c51SRaghavendra K T/*
06e48c51SRaghavendra K T * Helper that checks whether a VCPU is eligible for directed yield.
06e48c51SRaghavendra K T * Most eligible candidate to yield is decided by following heuristics:
06e48c51SRaghavendra K T *
06e48c51SRaghavendra K T *  (a) VCPU which has not done pl-exit or cpu relax intercepted recently
06e48c51SRaghavendra K T *  (preempted lock holder), indicated by @in_spin_loop.
656012c7SFuad Tabba *  Set at the beginning and cleared at the end of interception/PLE handler.
06e48c51SRaghavendra K T *
06e48c51SRaghavendra K T *  (b) VCPU which has done pl-exit/ cpu relax intercepted but did not get
06e48c51SRaghavendra K T *  chance last time (mostly it has become eligible now since we have probably
06e48c51SRaghavendra K T *  yielded to lockholder in last iteration. This is done by toggling
06e48c51SRaghavendra K T *  @dy_eligible each time a VCPU checked for eligibility.)
06e48c51SRaghavendra K T *
06e48c51SRaghavendra K T *  Yielding to a recently pl-exited/cpu relax intercepted VCPU before yielding
06e48c51SRaghavendra K T *  to preempted lock-holder could result in wrong VCPU selection and CPU
06e48c51SRaghavendra K T *  burning. Giving priority for a potential lock-holder increases lock
06e48c51SRaghavendra K T *  progress.
06e48c51SRaghavendra K T *
06e48c51SRaghavendra K T *  Since algorithm is based on heuristics, accessing another VCPU data without
06e48c51SRaghavendra K T *  locking does not harm. It may result in trying to yield to  same VCPU, fail
06e48c51SRaghavendra K T *  and continue with next VCPU and so on.
06e48c51SRaghavendra K T */
7940876eSStephen Hemmingerstatic bool kvm_vcpu_eligible_for_directed_yield(struct kvm_vcpu *vcpu)
06e48c51SRaghavendra K T{
4a55dd72SScott Wood#ifdef CONFIG_HAVE_KVM_CPU_RELAX_INTERCEPT
06e48c51SRaghavendra K T	bool eligible;
06e48c51SRaghavendra K T
06e48c51SRaghavendra K T	eligible = !vcpu->spin_loop.in_spin_loop ||
34656113SChristian Borntraeger		    vcpu->spin_loop.dy_eligible;
06e48c51SRaghavendra K T
06e48c51SRaghavendra K T	if (vcpu->spin_loop.in_spin_loop)
06e48c51SRaghavendra K T		kvm_vcpu_set_dy_eligible(vcpu, !vcpu->spin_loop.dy_eligible);
06e48c51SRaghavendra K T
06e48c51SRaghavendra K T	return eligible;
4a55dd72SScott Wood#else
4a55dd72SScott Wood	return true;
06e48c51SRaghavendra K T#endif
4a55dd72SScott Wood}
c45c528eSRaghavendra K T
17e433b5SWanpeng Li/*
17e433b5SWanpeng Li * Unlike kvm_arch_vcpu_runnable, this function is called outside
17e433b5SWanpeng Li * a vcpu_load/vcpu_put pair.  However, for most architectures
17e433b5SWanpeng Li * kvm_arch_vcpu_runnable does not require vcpu_load.
17e433b5SWanpeng Li */
17e433b5SWanpeng Libool __weak kvm_arch_dy_runnable(struct kvm_vcpu *vcpu)
17e433b5SWanpeng Li{
17e433b5SWanpeng Li	return kvm_arch_vcpu_runnable(vcpu);
17e433b5SWanpeng Li}
17e433b5SWanpeng Li
17e433b5SWanpeng Listatic bool vcpu_dy_runnable(struct kvm_vcpu *vcpu)
17e433b5SWanpeng Li{
17e433b5SWanpeng Li	if (kvm_arch_dy_runnable(vcpu))
17e433b5SWanpeng Li		return true;
17e433b5SWanpeng Li
17e433b5SWanpeng Li#ifdef CONFIG_KVM_ASYNC_PF
17e433b5SWanpeng Li	if (!list_empty_careful(&vcpu->async_pf.done))
17e433b5SWanpeng Li		return true;
17e433b5SWanpeng Li#endif
17e433b5SWanpeng Li
17e433b5SWanpeng Li	return false;
17e433b5SWanpeng Li}
17e433b5SWanpeng Li
52acd22fSWanpeng Libool __weak kvm_arch_dy_has_pending_interrupt(struct kvm_vcpu *vcpu)
52acd22fSWanpeng Li{
52acd22fSWanpeng Li	return false;
52acd22fSWanpeng Li}
52acd22fSWanpeng Li
199b5763SLongpeng(Mike)void kvm_vcpu_on_spin(struct kvm_vcpu *me, bool yield_to_kernel_mode)
d255f4f2SZhai, Edwin{
217ece61SRik van Riel	struct kvm *kvm = me->kvm;
217ece61SRik van Riel	struct kvm_vcpu *vcpu;
a937ef95SBreno Leitao	int last_boosted_vcpu;
46808a4cSMarc Zyngier	unsigned long i;
217ece61SRik van Riel	int yielded = 0;
c45c528eSRaghavendra K T	int try = 3;
217ece61SRik van Riel	int pass;
d255f4f2SZhai, Edwin
a937ef95SBreno Leitao	last_boosted_vcpu = READ_ONCE(kvm->last_boosted_vcpu);
4c088493SRaghavendra K T	kvm_vcpu_set_in_spin_loop(me, true);
217ece61SRik van Riel	/*
217ece61SRik van Riel	 * We boost the priority of a VCPU that is runnable but not
217ece61SRik van Riel	 * currently running, because it got preempted by something
217ece61SRik van Riel	 * else and called schedule in __vcpu_run.  Hopefully that
217ece61SRik van Riel	 * VCPU is holding the lock that we need and will release it.
217ece61SRik van Riel	 * We approximate round-robin by starting at the last boosted VCPU.
217ece61SRik van Riel	 */
c45c528eSRaghavendra K T	for (pass = 0; pass < 2 && !yielded && try; pass++) {
217ece61SRik van Riel		kvm_for_each_vcpu(i, vcpu, kvm) {
5cfc2aabSRik van Riel			if (!pass && i <= last_boosted_vcpu) {
217ece61SRik van Riel				i = last_boosted_vcpu;
217ece61SRik van Riel				continue;
217ece61SRik van Riel			} else if (pass && i > last_boosted_vcpu)
217ece61SRik van Riel				break;
d73eb57bSWanpeng Li			if (!READ_ONCE(vcpu->ready))
7bc7ae25SRaghavendra K T				continue;
217ece61SRik van Riel			if (vcpu == me)
217ece61SRik van Riel				continue;
d92a5d1cSSean Christopherson			if (kvm_vcpu_is_blocking(vcpu) && !vcpu_dy_runnable(vcpu))
217ece61SRik van Riel				continue;
046ddeedSWanpeng Li			if (READ_ONCE(vcpu->preempted) && yield_to_kernel_mode &&
52acd22fSWanpeng Li			    !kvm_arch_dy_has_pending_interrupt(vcpu) &&
046ddeedSWanpeng Li			    !kvm_arch_vcpu_in_kernel(vcpu))
199b5763SLongpeng(Mike)				continue;
06e48c51SRaghavendra K T			if (!kvm_vcpu_eligible_for_directed_yield(vcpu))
06e48c51SRaghavendra K T				continue;
c45c528eSRaghavendra K T
c45c528eSRaghavendra K T			yielded = kvm_vcpu_yield_to(vcpu);
c45c528eSRaghavendra K T			if (yielded > 0) {
a937ef95SBreno Leitao				WRITE_ONCE(kvm->last_boosted_vcpu, i);
c45c528eSRaghavendra K T				break;
c45c528eSRaghavendra K T			} else if (yielded < 0) {
c45c528eSRaghavendra K T				try--;
c45c528eSRaghavendra K T				if (!try)
217ece61SRik van Riel					break;
217ece61SRik van Riel			}
217ece61SRik van Riel		}
217ece61SRik van Riel	}
4c088493SRaghavendra K T	kvm_vcpu_set_in_spin_loop(me, false);
06e48c51SRaghavendra K T
06e48c51SRaghavendra K T	/* Ensure vcpu is not eligible during next spinloop */
06e48c51SRaghavendra K T	kvm_vcpu_set_dy_eligible(me, false);
d255f4f2SZhai, Edwin}
d255f4f2SZhai, EdwinEXPORT_SYMBOL_GPL(kvm_vcpu_on_spin);
d255f4f2SZhai, Edwin
fb04a1edSPeter Xustatic bool kvm_page_in_dirty_ring(struct kvm *kvm, unsigned long pgoff)
fb04a1edSPeter Xu{
dc70ec21SDavid Woodhouse#ifdef CONFIG_HAVE_KVM_DIRTY_RING
fb04a1edSPeter Xu	return (pgoff >= KVM_DIRTY_LOG_PAGE_OFFSET) &&
fb04a1edSPeter Xu	    (pgoff < KVM_DIRTY_LOG_PAGE_OFFSET +
fb04a1edSPeter Xu	     kvm->dirty_ring_size / PAGE_SIZE);
fb04a1edSPeter Xu#else
fb04a1edSPeter Xu	return false;
fb04a1edSPeter Xu#endif
fb04a1edSPeter Xu}
fb04a1edSPeter Xu
1499fa80SSouptick Joarderstatic vm_fault_t kvm_vcpu_fault(struct vm_fault *vmf)
0fce5623SAvi Kivity{
11bac800SDave Jiang	struct kvm_vcpu *vcpu = vmf->vma->vm_file->private_data;
0fce5623SAvi Kivity	struct page *page;
0fce5623SAvi Kivity
0fce5623SAvi Kivity	if (vmf->pgoff == 0)
0fce5623SAvi Kivity		page = virt_to_page(vcpu->run);
09566765SAvi Kivity#ifdef CONFIG_X86
0fce5623SAvi Kivity	else if (vmf->pgoff == KVM_PIO_PAGE_OFFSET)
0fce5623SAvi Kivity		page = virt_to_page(vcpu->arch.pio_data);
09566765SAvi Kivity#endif
4b4357e0SPaolo Bonzini#ifdef CONFIG_KVM_MMIO
5f94c174SLaurent Vivier	else if (vmf->pgoff == KVM_COALESCED_MMIO_PAGE_OFFSET)
5f94c174SLaurent Vivier		page = virt_to_page(vcpu->kvm->coalesced_mmio_ring);
5f94c174SLaurent Vivier#endif
fb04a1edSPeter Xu	else if (kvm_page_in_dirty_ring(vcpu->kvm, vmf->pgoff))
fb04a1edSPeter Xu		page = kvm_dirty_ring_get_page(
fb04a1edSPeter Xu		    &vcpu->dirty_ring,
fb04a1edSPeter Xu		    vmf->pgoff - KVM_DIRTY_LOG_PAGE_OFFSET);
0fce5623SAvi Kivity	else
5b1c1493SCarsten Otte		return kvm_arch_vcpu_fault(vcpu, vmf);
0fce5623SAvi Kivity	get_page(page);
0fce5623SAvi Kivity	vmf->page = page;
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
f0f37e2fSAlexey Dobriyanstatic const struct vm_operations_struct kvm_vcpu_vm_ops = {
0fce5623SAvi Kivity	.fault = kvm_vcpu_fault,
0fce5623SAvi Kivity};
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic int kvm_vcpu_mmap(struct file *file, struct vm_area_struct *vma)
0fce5623SAvi Kivity{
fb04a1edSPeter Xu	struct kvm_vcpu *vcpu = file->private_data;
11476d27SYang Li	unsigned long pages = vma_pages(vma);
fb04a1edSPeter Xu
fb04a1edSPeter Xu	if ((kvm_page_in_dirty_ring(vcpu->kvm, vma->vm_pgoff) ||
fb04a1edSPeter Xu	     kvm_page_in_dirty_ring(vcpu->kvm, vma->vm_pgoff + pages - 1)) &&
fb04a1edSPeter Xu	    ((vma->vm_flags & VM_EXEC) || !(vma->vm_flags & VM_SHARED)))
fb04a1edSPeter Xu		return -EINVAL;
fb04a1edSPeter Xu
0fce5623SAvi Kivity	vma->vm_ops = &kvm_vcpu_vm_ops;
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic int kvm_vcpu_release(struct inode *inode, struct file *filp)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	struct kvm_vcpu *vcpu = filp->private_data;
0fce5623SAvi Kivity
66c0b394SAl Viro	kvm_put_kvm(vcpu->kvm);
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
70375c2dSDavid Matlackstatic const struct file_operations kvm_vcpu_fops = {
0fce5623SAvi Kivity	.release        = kvm_vcpu_release,
0fce5623SAvi Kivity	.unlocked_ioctl = kvm_vcpu_ioctl,
0fce5623SAvi Kivity	.mmap           = kvm_vcpu_mmap,
6038f373SArnd Bergmann	.llseek		= noop_llseek,
7ddfd3e0SMarc Zyngier	KVM_COMPAT(kvm_vcpu_compat_ioctl),
0fce5623SAvi Kivity};
0fce5623SAvi Kivity
0fce5623SAvi Kivity/*
0fce5623SAvi Kivity * Allocates an inode for the vcpu.
0fce5623SAvi Kivity */
0fce5623SAvi Kivitystatic int create_vcpu_fd(struct kvm_vcpu *vcpu)
0fce5623SAvi Kivity{
e46b4692SMasatake YAMATO	char name[8 + 1 + ITOA_MAX_LEN + 1];
e46b4692SMasatake YAMATO
e46b4692SMasatake YAMATO	snprintf(name, sizeof(name), "kvm-vcpu:%d", vcpu->vcpu_id);
e46b4692SMasatake YAMATO	return anon_inode_getfd(name, &kvm_vcpu_fops, vcpu, O_RDWR | O_CLOEXEC);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
e36de87dSVineeth Pillai#ifdef __KVM_HAVE_ARCH_VCPU_DEBUGFS
e36de87dSVineeth Pillaistatic int vcpu_get_pid(void *data, u64 *val)
e36de87dSVineeth Pillai{
14aa40a1SLi kunyu	struct kvm_vcpu *vcpu = data;
76021e96SSean Christopherson
76021e96SSean Christopherson	rcu_read_lock();
76021e96SSean Christopherson	*val = pid_nr(rcu_dereference(vcpu->pid));
76021e96SSean Christopherson	rcu_read_unlock();
e36de87dSVineeth Pillai	return 0;
e36de87dSVineeth Pillai}
e36de87dSVineeth Pillai
e36de87dSVineeth PillaiDEFINE_SIMPLE_ATTRIBUTE(vcpu_get_pid_fops, vcpu_get_pid, NULL, "%llu\n");
e36de87dSVineeth Pillai
3e7093d0SGreg KHstatic void kvm_create_vcpu_debugfs(struct kvm_vcpu *vcpu)
45b5939eSLuiz Capitulino{
d56f5136SPaolo Bonzini	struct dentry *debugfs_dentry;
45b5939eSLuiz Capitulino	char dir_name[ITOA_MAX_LEN * 2];
45b5939eSLuiz Capitulino
45b5939eSLuiz Capitulino	if (!debugfs_initialized())
3e7093d0SGreg KH		return;
45b5939eSLuiz Capitulino
45b5939eSLuiz Capitulino	snprintf(dir_name, sizeof(dir_name), "vcpu%d", vcpu->vcpu_id);
d56f5136SPaolo Bonzini	debugfs_dentry = debugfs_create_dir(dir_name,
45b5939eSLuiz Capitulino					    vcpu->kvm->debugfs_dentry);
e36de87dSVineeth Pillai	debugfs_create_file("pid", 0444, debugfs_dentry, vcpu,
e36de87dSVineeth Pillai			    &vcpu_get_pid_fops);
45b5939eSLuiz Capitulino
d56f5136SPaolo Bonzini	kvm_arch_create_vcpu_debugfs(vcpu, debugfs_dentry);
45b5939eSLuiz Capitulino}
e36de87dSVineeth Pillai#endif
45b5939eSLuiz Capitulino
0fce5623SAvi Kivity/*
0fce5623SAvi Kivity * Creates some virtual cpus.  Good luck creating more than one.
0fce5623SAvi Kivity */
73880c80SGleb Natapovstatic int kvm_vm_ioctl_create_vcpu(struct kvm *kvm, u32 id)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	int r;
e09fefdeSDavid Hildenbrand	struct kvm_vcpu *vcpu;
8bd826d6SSean Christopherson	struct page *page;
0fce5623SAvi Kivity
a1c42ddeSJuergen Gross	if (id >= KVM_MAX_VCPU_IDS)
338c7dbaSAndy Honig		return -EINVAL;
338c7dbaSAndy Honig
6c7caebcSPaolo Bonzini	mutex_lock(&kvm->lock);
f502cc56SSean Christopherson	if (kvm->created_vcpus >= kvm->max_vcpus) {
6c7caebcSPaolo Bonzini		mutex_unlock(&kvm->lock);
6c7caebcSPaolo Bonzini		return -EINVAL;
6c7caebcSPaolo Bonzini	}
6c7caebcSPaolo Bonzini
1d5e740dSZeng Guang	r = kvm_arch_vcpu_precreate(kvm, id);
1d5e740dSZeng Guang	if (r) {
1d5e740dSZeng Guang		mutex_unlock(&kvm->lock);
1d5e740dSZeng Guang		return r;
1d5e740dSZeng Guang	}
1d5e740dSZeng Guang
6c7caebcSPaolo Bonzini	kvm->created_vcpus++;
6c7caebcSPaolo Bonzini	mutex_unlock(&kvm->lock);
6c7caebcSPaolo Bonzini
85f47930SSean Christopherson	vcpu = kmem_cache_zalloc(kvm_vcpu_cache, GFP_KERNEL_ACCOUNT);
e529ef66SSean Christopherson	if (!vcpu) {
e529ef66SSean Christopherson		r = -ENOMEM;
6c7caebcSPaolo Bonzini		goto vcpu_decrement;
6c7caebcSPaolo Bonzini	}
0fce5623SAvi Kivity
fcd97ad5SPeter Xu	BUILD_BUG_ON(sizeof(struct kvm_run) > PAGE_SIZE);
93bb59caSShakeel Butt	page = alloc_page(GFP_KERNEL_ACCOUNT | __GFP_ZERO);
8bd826d6SSean Christopherson	if (!page) {
8bd826d6SSean Christopherson		r = -ENOMEM;
e529ef66SSean Christopherson		goto vcpu_free;
8bd826d6SSean Christopherson	}
8bd826d6SSean Christopherson	vcpu->run = page_address(page);
8bd826d6SSean Christopherson
8bd826d6SSean Christopherson	kvm_vcpu_init(vcpu, kvm, id);
e529ef66SSean Christopherson
e529ef66SSean Christopherson	r = kvm_arch_vcpu_create(vcpu);
e529ef66SSean Christopherson	if (r)
8bd826d6SSean Christopherson		goto vcpu_free_run_page;
e529ef66SSean Christopherson
fb04a1edSPeter Xu	if (kvm->dirty_ring_size) {
fb04a1edSPeter Xu		r = kvm_dirty_ring_alloc(&vcpu->dirty_ring,
fb04a1edSPeter Xu					 id, kvm->dirty_ring_size);
fb04a1edSPeter Xu		if (r)
fb04a1edSPeter Xu			goto arch_vcpu_destroy;
fb04a1edSPeter Xu	}
fb04a1edSPeter Xu
0fce5623SAvi Kivity	mutex_lock(&kvm->lock);
42a90008SDavid Woodhouse
42a90008SDavid Woodhouse#ifdef CONFIG_LOCKDEP
42a90008SDavid Woodhouse	/* Ensure that lockdep knows vcpu->mutex is taken *inside* kvm->lock */
42a90008SDavid Woodhouse	mutex_lock(&vcpu->mutex);
42a90008SDavid Woodhouse	mutex_unlock(&vcpu->mutex);
42a90008SDavid Woodhouse#endif
42a90008SDavid Woodhouse
e09fefdeSDavid Hildenbrand	if (kvm_get_vcpu_by_id(kvm, id)) {
0fce5623SAvi Kivity		r = -EEXIST;
d780592bSJan Kiszka		goto unlock_vcpu_destroy;
0fce5623SAvi Kivity	}
73880c80SGleb Natapov
8750e72aSRadim Krčmář	vcpu->vcpu_idx = atomic_read(&kvm->online_vcpus);
afb2acb2SMichal Luczaj	r = xa_reserve(&kvm->vcpu_array, vcpu->vcpu_idx, GFP_KERNEL_ACCOUNT);
c5b07754SMarc Zyngier	if (r)
c5b07754SMarc Zyngier		goto unlock_vcpu_destroy;
0fce5623SAvi Kivity
0fce5623SAvi Kivity	/* Now it's all set up, let userspace reach it */
66c0b394SAl Viro	kvm_get_kvm(kvm);
0fce5623SAvi Kivity	r = create_vcpu_fd(vcpu);
afb2acb2SMichal Luczaj	if (r < 0)
afb2acb2SMichal Luczaj		goto kvm_put_xa_release;
afb2acb2SMichal Luczaj
5f643e46SMichal Luczaj	if (KVM_BUG_ON(xa_store(&kvm->vcpu_array, vcpu->vcpu_idx, vcpu, 0), kvm)) {
afb2acb2SMichal Luczaj		r = -EINVAL;
afb2acb2SMichal Luczaj		goto kvm_put_xa_release;
73880c80SGleb Natapov	}
73880c80SGleb Natapov
dd489240SPaolo Bonzini	/*
c5b07754SMarc Zyngier	 * Pairs with smp_rmb() in kvm_get_vcpu.  Store the vcpu
c5b07754SMarc Zyngier	 * pointer before kvm->online_vcpu's incremented value.
dd489240SPaolo Bonzini	 */
73880c80SGleb Natapov	smp_wmb();
73880c80SGleb Natapov	atomic_inc(&kvm->online_vcpus);
73880c80SGleb Natapov
73880c80SGleb Natapov	mutex_unlock(&kvm->lock);
42897d86SMarcelo Tosatti	kvm_arch_vcpu_postcreate(vcpu);
63d04348SPaolo Bonzini	kvm_create_vcpu_debugfs(vcpu);
0fce5623SAvi Kivity	return r;
0fce5623SAvi Kivity
afb2acb2SMichal Luczajkvm_put_xa_release:
afb2acb2SMichal Luczaj	kvm_put_kvm_no_destroy(kvm);
afb2acb2SMichal Luczaj	xa_release(&kvm->vcpu_array, vcpu->vcpu_idx);
d780592bSJan Kiszkaunlock_vcpu_destroy:
7d8fece6SGlauber Costa	mutex_unlock(&kvm->lock);
fb04a1edSPeter Xu	kvm_dirty_ring_free(&vcpu->dirty_ring);
fb04a1edSPeter Xuarch_vcpu_destroy:
0fce5623SAvi Kivity	kvm_arch_vcpu_destroy(vcpu);
8bd826d6SSean Christophersonvcpu_free_run_page:
8bd826d6SSean Christopherson	free_page((unsigned long)vcpu->run);
e529ef66SSean Christophersonvcpu_free:
e529ef66SSean Christopherson	kmem_cache_free(kvm_vcpu_cache, vcpu);
6c7caebcSPaolo Bonzinivcpu_decrement:
6c7caebcSPaolo Bonzini	mutex_lock(&kvm->lock);
6c7caebcSPaolo Bonzini	kvm->created_vcpus--;
6c7caebcSPaolo Bonzini	mutex_unlock(&kvm->lock);
0fce5623SAvi Kivity	return r;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic int kvm_vcpu_ioctl_set_sigmask(struct kvm_vcpu *vcpu, sigset_t *sigset)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	if (sigset) {
0fce5623SAvi Kivity		sigdelsetmask(sigset, sigmask(SIGKILL)|sigmask(SIGSTOP));
0fce5623SAvi Kivity		vcpu->sigset_active = 1;
0fce5623SAvi Kivity		vcpu->sigset = *sigset;
0fce5623SAvi Kivity	} else
0fce5623SAvi Kivity		vcpu->sigset_active = 0;
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
ce55c049SJing Zhangstatic ssize_t kvm_vcpu_stats_read(struct file *file, char __user *user_buffer,
ce55c049SJing Zhang			      size_t size, loff_t *offset)
ce55c049SJing Zhang{
ce55c049SJing Zhang	struct kvm_vcpu *vcpu = file->private_data;
ce55c049SJing Zhang
ce55c049SJing Zhang	return kvm_stats_read(vcpu->stats_id, &kvm_vcpu_stats_header,
ce55c049SJing Zhang			&kvm_vcpu_stats_desc[0], &vcpu->stat,
ce55c049SJing Zhang			sizeof(vcpu->stat), user_buffer, size, offset);
ce55c049SJing Zhang}
ce55c049SJing Zhang
eed3013fSSean Christophersonstatic int kvm_vcpu_stats_release(struct inode *inode, struct file *file)
eed3013fSSean Christopherson{
eed3013fSSean Christopherson	struct kvm_vcpu *vcpu = file->private_data;
eed3013fSSean Christopherson
eed3013fSSean Christopherson	kvm_put_kvm(vcpu->kvm);
eed3013fSSean Christopherson	return 0;
eed3013fSSean Christopherson}
eed3013fSSean Christopherson
ce55c049SJing Zhangstatic const struct file_operations kvm_vcpu_stats_fops = {
ce55c049SJing Zhang	.read = kvm_vcpu_stats_read,
eed3013fSSean Christopherson	.release = kvm_vcpu_stats_release,
ce55c049SJing Zhang	.llseek = noop_llseek,
ce55c049SJing Zhang};
ce55c049SJing Zhang
ce55c049SJing Zhangstatic int kvm_vcpu_ioctl_get_stats_fd(struct kvm_vcpu *vcpu)
ce55c049SJing Zhang{
ce55c049SJing Zhang	int fd;
ce55c049SJing Zhang	struct file *file;
ce55c049SJing Zhang	char name[15 + ITOA_MAX_LEN + 1];
ce55c049SJing Zhang
ce55c049SJing Zhang	snprintf(name, sizeof(name), "kvm-vcpu-stats:%d", vcpu->vcpu_id);
ce55c049SJing Zhang
ce55c049SJing Zhang	fd = get_unused_fd_flags(O_CLOEXEC);
ce55c049SJing Zhang	if (fd < 0)
ce55c049SJing Zhang		return fd;
ce55c049SJing Zhang
ce55c049SJing Zhang	file = anon_inode_getfile(name, &kvm_vcpu_stats_fops, vcpu, O_RDONLY);
ce55c049SJing Zhang	if (IS_ERR(file)) {
ce55c049SJing Zhang		put_unused_fd(fd);
ce55c049SJing Zhang		return PTR_ERR(file);
ce55c049SJing Zhang	}
eed3013fSSean Christopherson
eed3013fSSean Christopherson	kvm_get_kvm(vcpu->kvm);
eed3013fSSean Christopherson
ce55c049SJing Zhang	file->f_mode |= FMODE_PREAD;
ce55c049SJing Zhang	fd_install(fd, file);
ce55c049SJing Zhang
ce55c049SJing Zhang	return fd;
ce55c049SJing Zhang}
ce55c049SJing Zhang
0fce5623SAvi Kivitystatic long kvm_vcpu_ioctl(struct file *filp,
0fce5623SAvi Kivity			   unsigned int ioctl, unsigned long arg)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	struct kvm_vcpu *vcpu = filp->private_data;
0fce5623SAvi Kivity	void __user *argp = (void __user *)arg;
0fce5623SAvi Kivity	int r;
fa3795a7SDave Hansen	struct kvm_fpu *fpu = NULL;
fa3795a7SDave Hansen	struct kvm_sregs *kvm_sregs = NULL;
0fce5623SAvi Kivity
f4d31653SPaolo Bonzini	if (vcpu->kvm->mm != current->mm || vcpu->kvm->vm_dead)
0fce5623SAvi Kivity		return -EIO;
2122ff5eSAvi Kivity
2ea75be3SDavid Matlack	if (unlikely(_IOC_TYPE(ioctl) != KVMIO))
2ea75be3SDavid Matlack		return -EINVAL;
2ea75be3SDavid Matlack
2122ff5eSAvi Kivity	/*
5cb0944cSPaolo Bonzini	 * Some architectures have vcpu ioctls that are asynchronous to vcpu
5cb0944cSPaolo Bonzini	 * execution; mutex_lock() would break them.
2122ff5eSAvi Kivity	 */
5cb0944cSPaolo Bonzini	r = kvm_arch_vcpu_async_ioctl(filp, ioctl, arg);
5cb0944cSPaolo Bonzini	if (r != -ENOIOCTLCMD)
9fc77441SMichael S. Tsirkin		return r;
2122ff5eSAvi Kivity
ec7660ccSChristoffer Dall	if (mutex_lock_killable(&vcpu->mutex))
ec7660ccSChristoffer Dall		return -EINTR;
0fce5623SAvi Kivity	switch (ioctl) {
0e4524a5SChristian Borntraeger	case KVM_RUN: {
0e4524a5SChristian Borntraeger		struct pid *oldpid;
0fce5623SAvi Kivity		r = -EINVAL;
0fce5623SAvi Kivity		if (arg)
0fce5623SAvi Kivity			goto out;
0e4524a5SChristian Borntraeger		oldpid = rcu_access_pointer(vcpu->pid);
71dbc8a9SEric W. Biederman		if (unlikely(oldpid != task_pid(current))) {
7a72f7a1SChristian Borntraeger			/* The thread running this VCPU changed. */
bd2a6394SChristoffer Dall			struct pid *newpid;
f95ef0cdSXiubo Li
bd2a6394SChristoffer Dall			r = kvm_arch_vcpu_run_pid_change(vcpu);
bd2a6394SChristoffer Dall			if (r)
bd2a6394SChristoffer Dall				break;
bd2a6394SChristoffer Dall
bd2a6394SChristoffer Dall			newpid = get_task_pid(current, PIDTYPE_PID);
7a72f7a1SChristian Borntraeger			rcu_assign_pointer(vcpu->pid, newpid);
7a72f7a1SChristian Borntraeger			if (oldpid)
7a72f7a1SChristian Borntraeger				synchronize_rcu();
7a72f7a1SChristian Borntraeger			put_pid(oldpid);
7a72f7a1SChristian Borntraeger		}
1b94f6f8STianjia Zhang		r = kvm_arch_vcpu_ioctl_run(vcpu);
64be5007SGleb Natapov		trace_kvm_userspace_exit(vcpu->run->exit_reason, r);
0fce5623SAvi Kivity		break;
0e4524a5SChristian Borntraeger	}
0fce5623SAvi Kivity	case KVM_GET_REGS: {
3e4bb3acSXiantao Zhang		struct kvm_regs *kvm_regs;
0fce5623SAvi Kivity
3e4bb3acSXiantao Zhang		r = -ENOMEM;
b12ce36aSBen Gardon		kvm_regs = kzalloc(sizeof(struct kvm_regs), GFP_KERNEL_ACCOUNT);
3e4bb3acSXiantao Zhang		if (!kvm_regs)
3e4bb3acSXiantao Zhang			goto out;
3e4bb3acSXiantao Zhang		r = kvm_arch_vcpu_ioctl_get_regs(vcpu, kvm_regs);
0fce5623SAvi Kivity		if (r)
3e4bb3acSXiantao Zhang			goto out_free1;
0fce5623SAvi Kivity		r = -EFAULT;
3e4bb3acSXiantao Zhang		if (copy_to_user(argp, kvm_regs, sizeof(struct kvm_regs)))
3e4bb3acSXiantao Zhang			goto out_free1;
0fce5623SAvi Kivity		r = 0;
3e4bb3acSXiantao Zhangout_free1:
3e4bb3acSXiantao Zhang		kfree(kvm_regs);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	case KVM_SET_REGS: {
3e4bb3acSXiantao Zhang		struct kvm_regs *kvm_regs;
0fce5623SAvi Kivity
ff5c2c03SSasha Levin		kvm_regs = memdup_user(argp, sizeof(*kvm_regs));
ff5c2c03SSasha Levin		if (IS_ERR(kvm_regs)) {
ff5c2c03SSasha Levin			r = PTR_ERR(kvm_regs);
3e4bb3acSXiantao Zhang			goto out;
ff5c2c03SSasha Levin		}
3e4bb3acSXiantao Zhang		r = kvm_arch_vcpu_ioctl_set_regs(vcpu, kvm_regs);
3e4bb3acSXiantao Zhang		kfree(kvm_regs);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	case KVM_GET_SREGS: {
b12ce36aSBen Gardon		kvm_sregs = kzalloc(sizeof(struct kvm_sregs),
b12ce36aSBen Gardon				    GFP_KERNEL_ACCOUNT);
fa3795a7SDave Hansen		r = -ENOMEM;
fa3795a7SDave Hansen		if (!kvm_sregs)
fa3795a7SDave Hansen			goto out;
fa3795a7SDave Hansen		r = kvm_arch_vcpu_ioctl_get_sregs(vcpu, kvm_sregs);
0fce5623SAvi Kivity		if (r)
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity		r = -EFAULT;
fa3795a7SDave Hansen		if (copy_to_user(argp, kvm_sregs, sizeof(struct kvm_sregs)))
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity		r = 0;
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	case KVM_SET_SREGS: {
ff5c2c03SSasha Levin		kvm_sregs = memdup_user(argp, sizeof(*kvm_sregs));
ff5c2c03SSasha Levin		if (IS_ERR(kvm_sregs)) {
ff5c2c03SSasha Levin			r = PTR_ERR(kvm_sregs);
18595411SGuo Chao			kvm_sregs = NULL;
0fce5623SAvi Kivity			goto out;
ff5c2c03SSasha Levin		}
fa3795a7SDave Hansen		r = kvm_arch_vcpu_ioctl_set_sregs(vcpu, kvm_sregs);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
62d9f0dbSMarcelo Tosatti	case KVM_GET_MP_STATE: {
62d9f0dbSMarcelo Tosatti		struct kvm_mp_state mp_state;
62d9f0dbSMarcelo Tosatti
62d9f0dbSMarcelo Tosatti		r = kvm_arch_vcpu_ioctl_get_mpstate(vcpu, &mp_state);
62d9f0dbSMarcelo Tosatti		if (r)
62d9f0dbSMarcelo Tosatti			goto out;
62d9f0dbSMarcelo Tosatti		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_to_user(argp, &mp_state, sizeof(mp_state)))
62d9f0dbSMarcelo Tosatti			goto out;
62d9f0dbSMarcelo Tosatti		r = 0;
62d9f0dbSMarcelo Tosatti		break;
62d9f0dbSMarcelo Tosatti	}
62d9f0dbSMarcelo Tosatti	case KVM_SET_MP_STATE: {
62d9f0dbSMarcelo Tosatti		struct kvm_mp_state mp_state;
62d9f0dbSMarcelo Tosatti
62d9f0dbSMarcelo Tosatti		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&mp_state, argp, sizeof(mp_state)))
62d9f0dbSMarcelo Tosatti			goto out;
62d9f0dbSMarcelo Tosatti		r = kvm_arch_vcpu_ioctl_set_mpstate(vcpu, &mp_state);
62d9f0dbSMarcelo Tosatti		break;
62d9f0dbSMarcelo Tosatti	}
0fce5623SAvi Kivity	case KVM_TRANSLATE: {
0fce5623SAvi Kivity		struct kvm_translation tr;
0fce5623SAvi Kivity
0fce5623SAvi Kivity		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&tr, argp, sizeof(tr)))
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity		r = kvm_arch_vcpu_ioctl_translate(vcpu, &tr);
0fce5623SAvi Kivity		if (r)
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_to_user(argp, &tr, sizeof(tr)))
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity		r = 0;
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
d0bfb940SJan Kiszka	case KVM_SET_GUEST_DEBUG: {
d0bfb940SJan Kiszka		struct kvm_guest_debug dbg;
0fce5623SAvi Kivity
0fce5623SAvi Kivity		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&dbg, argp, sizeof(dbg)))
0fce5623SAvi Kivity			goto out;
d0bfb940SJan Kiszka		r = kvm_arch_vcpu_ioctl_set_guest_debug(vcpu, &dbg);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	case KVM_SET_SIGNAL_MASK: {
0fce5623SAvi Kivity		struct kvm_signal_mask __user *sigmask_arg = argp;
0fce5623SAvi Kivity		struct kvm_signal_mask kvm_sigmask;
0fce5623SAvi Kivity		sigset_t sigset, *p;
0fce5623SAvi Kivity
0fce5623SAvi Kivity		p = NULL;
0fce5623SAvi Kivity		if (argp) {
0fce5623SAvi Kivity			r = -EFAULT;
0fce5623SAvi Kivity			if (copy_from_user(&kvm_sigmask, argp,
893bdbf1SXiubo Li					   sizeof(kvm_sigmask)))
0fce5623SAvi Kivity				goto out;
0fce5623SAvi Kivity			r = -EINVAL;
893bdbf1SXiubo Li			if (kvm_sigmask.len != sizeof(sigset))
0fce5623SAvi Kivity				goto out;
0fce5623SAvi Kivity			r = -EFAULT;
0fce5623SAvi Kivity			if (copy_from_user(&sigset, sigmask_arg->sigset,
893bdbf1SXiubo Li					   sizeof(sigset)))
0fce5623SAvi Kivity				goto out;
0fce5623SAvi Kivity			p = &sigset;
0fce5623SAvi Kivity		}
376d41ffSAndi Kleen		r = kvm_vcpu_ioctl_set_sigmask(vcpu, p);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	case KVM_GET_FPU: {
b12ce36aSBen Gardon		fpu = kzalloc(sizeof(struct kvm_fpu), GFP_KERNEL_ACCOUNT);
fa3795a7SDave Hansen		r = -ENOMEM;
fa3795a7SDave Hansen		if (!fpu)
fa3795a7SDave Hansen			goto out;
fa3795a7SDave Hansen		r = kvm_arch_vcpu_ioctl_get_fpu(vcpu, fpu);
0fce5623SAvi Kivity		if (r)
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity		r = -EFAULT;
fa3795a7SDave Hansen		if (copy_to_user(argp, fpu, sizeof(struct kvm_fpu)))
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity		r = 0;
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	case KVM_SET_FPU: {
ff5c2c03SSasha Levin		fpu = memdup_user(argp, sizeof(*fpu));
ff5c2c03SSasha Levin		if (IS_ERR(fpu)) {
ff5c2c03SSasha Levin			r = PTR_ERR(fpu);
18595411SGuo Chao			fpu = NULL;
0fce5623SAvi Kivity			goto out;
ff5c2c03SSasha Levin		}
fa3795a7SDave Hansen		r = kvm_arch_vcpu_ioctl_set_fpu(vcpu, fpu);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
ce55c049SJing Zhang	case KVM_GET_STATS_FD: {
ce55c049SJing Zhang		r = kvm_vcpu_ioctl_get_stats_fd(vcpu);
ce55c049SJing Zhang		break;
ce55c049SJing Zhang	}
0fce5623SAvi Kivity	default:
0fce5623SAvi Kivity		r = kvm_arch_vcpu_ioctl(filp, ioctl, arg);
0fce5623SAvi Kivity	}
0fce5623SAvi Kivityout:
ec7660ccSChristoffer Dall	mutex_unlock(&vcpu->mutex);
fa3795a7SDave Hansen	kfree(fpu);
fa3795a7SDave Hansen	kfree(kvm_sregs);
0fce5623SAvi Kivity	return r;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
de8e5d74SChristian Borntraeger#ifdef CONFIG_KVM_COMPAT
1dda606cSAlexander Grafstatic long kvm_vcpu_compat_ioctl(struct file *filp,
1dda606cSAlexander Graf				  unsigned int ioctl, unsigned long arg)
1dda606cSAlexander Graf{
1dda606cSAlexander Graf	struct kvm_vcpu *vcpu = filp->private_data;
1dda606cSAlexander Graf	void __user *argp = compat_ptr(arg);
1dda606cSAlexander Graf	int r;
1dda606cSAlexander Graf
f4d31653SPaolo Bonzini	if (vcpu->kvm->mm != current->mm || vcpu->kvm->vm_dead)
1dda606cSAlexander Graf		return -EIO;
1dda606cSAlexander Graf
1dda606cSAlexander Graf	switch (ioctl) {
1dda606cSAlexander Graf	case KVM_SET_SIGNAL_MASK: {
1dda606cSAlexander Graf		struct kvm_signal_mask __user *sigmask_arg = argp;
1dda606cSAlexander Graf		struct kvm_signal_mask kvm_sigmask;
1dda606cSAlexander Graf		sigset_t sigset;
1dda606cSAlexander Graf
1dda606cSAlexander Graf		if (argp) {
1dda606cSAlexander Graf			r = -EFAULT;
1dda606cSAlexander Graf			if (copy_from_user(&kvm_sigmask, argp,
893bdbf1SXiubo Li					   sizeof(kvm_sigmask)))
1dda606cSAlexander Graf				goto out;
1dda606cSAlexander Graf			r = -EINVAL;
3968cf62SAl Viro			if (kvm_sigmask.len != sizeof(compat_sigset_t))
1dda606cSAlexander Graf				goto out;
1dda606cSAlexander Graf			r = -EFAULT;
1393b4aaSPaolo Bonzini			if (get_compat_sigset(&sigset,
1393b4aaSPaolo Bonzini					      (compat_sigset_t __user *)sigmask_arg->sigset))
1dda606cSAlexander Graf				goto out;
1dda606cSAlexander Graf			r = kvm_vcpu_ioctl_set_sigmask(vcpu, &sigset);
760a9a30SAlan Cox		} else
760a9a30SAlan Cox			r = kvm_vcpu_ioctl_set_sigmask(vcpu, NULL);
1dda606cSAlexander Graf		break;
1dda606cSAlexander Graf	}
1dda606cSAlexander Graf	default:
1dda606cSAlexander Graf		r = kvm_vcpu_ioctl(filp, ioctl, arg);
1dda606cSAlexander Graf	}
1dda606cSAlexander Graf
1dda606cSAlexander Grafout:
1dda606cSAlexander Graf	return r;
1dda606cSAlexander Graf}
1dda606cSAlexander Graf#endif
1dda606cSAlexander Graf
a1cd3f08SCédric Le Goaterstatic int kvm_device_mmap(struct file *filp, struct vm_area_struct *vma)
a1cd3f08SCédric Le Goater{
a1cd3f08SCédric Le Goater	struct kvm_device *dev = filp->private_data;
a1cd3f08SCédric Le Goater
a1cd3f08SCédric Le Goater	if (dev->ops->mmap)
a1cd3f08SCédric Le Goater		return dev->ops->mmap(dev, vma);
a1cd3f08SCédric Le Goater
a1cd3f08SCédric Le Goater	return -ENODEV;
a1cd3f08SCédric Le Goater}
a1cd3f08SCédric Le Goater
852b6d57SScott Woodstatic int kvm_device_ioctl_attr(struct kvm_device *dev,
852b6d57SScott Wood				 int (*accessor)(struct kvm_device *dev,
852b6d57SScott Wood						 struct kvm_device_attr *attr),
852b6d57SScott Wood				 unsigned long arg)
852b6d57SScott Wood{
852b6d57SScott Wood	struct kvm_device_attr attr;
852b6d57SScott Wood
852b6d57SScott Wood	if (!accessor)
852b6d57SScott Wood		return -EPERM;
852b6d57SScott Wood
852b6d57SScott Wood	if (copy_from_user(&attr, (void __user *)arg, sizeof(attr)))
852b6d57SScott Wood		return -EFAULT;
852b6d57SScott Wood
852b6d57SScott Wood	return accessor(dev, &attr);
852b6d57SScott Wood}
852b6d57SScott Wood
852b6d57SScott Woodstatic long kvm_device_ioctl(struct file *filp, unsigned int ioctl,
852b6d57SScott Wood			     unsigned long arg)
852b6d57SScott Wood{
852b6d57SScott Wood	struct kvm_device *dev = filp->private_data;
852b6d57SScott Wood
f4d31653SPaolo Bonzini	if (dev->kvm->mm != current->mm || dev->kvm->vm_dead)
ddba9180SSean Christopherson		return -EIO;
ddba9180SSean Christopherson
852b6d57SScott Wood	switch (ioctl) {
852b6d57SScott Wood	case KVM_SET_DEVICE_ATTR:
852b6d57SScott Wood		return kvm_device_ioctl_attr(dev, dev->ops->set_attr, arg);
852b6d57SScott Wood	case KVM_GET_DEVICE_ATTR:
852b6d57SScott Wood		return kvm_device_ioctl_attr(dev, dev->ops->get_attr, arg);
852b6d57SScott Wood	case KVM_HAS_DEVICE_ATTR:
852b6d57SScott Wood		return kvm_device_ioctl_attr(dev, dev->ops->has_attr, arg);
852b6d57SScott Wood	default:
852b6d57SScott Wood		if (dev->ops->ioctl)
852b6d57SScott Wood			return dev->ops->ioctl(dev, ioctl, arg);
852b6d57SScott Wood
852b6d57SScott Wood		return -ENOTTY;
852b6d57SScott Wood	}
852b6d57SScott Wood}
852b6d57SScott Wood
852b6d57SScott Woodstatic int kvm_device_release(struct inode *inode, struct file *filp)
852b6d57SScott Wood{
852b6d57SScott Wood	struct kvm_device *dev = filp->private_data;
852b6d57SScott Wood	struct kvm *kvm = dev->kvm;
852b6d57SScott Wood
2bde9b3eSCédric Le Goater	if (dev->ops->release) {
2bde9b3eSCédric Le Goater		mutex_lock(&kvm->lock);
2bde9b3eSCédric Le Goater		list_del(&dev->vm_node);
2bde9b3eSCédric Le Goater		dev->ops->release(dev);
2bde9b3eSCédric Le Goater		mutex_unlock(&kvm->lock);
2bde9b3eSCédric Le Goater	}
2bde9b3eSCédric Le Goater
852b6d57SScott Wood	kvm_put_kvm(kvm);
852b6d57SScott Wood	return 0;
852b6d57SScott Wood}
852b6d57SScott Wood
852b6d57SScott Woodstatic const struct file_operations kvm_device_fops = {
852b6d57SScott Wood	.unlocked_ioctl = kvm_device_ioctl,
852b6d57SScott Wood	.release = kvm_device_release,
7ddfd3e0SMarc Zyngier	KVM_COMPAT(kvm_device_ioctl),
a1cd3f08SCédric Le Goater	.mmap = kvm_device_mmap,
852b6d57SScott Wood};
852b6d57SScott Wood
852b6d57SScott Woodstruct kvm_device *kvm_device_from_filp(struct file *filp)
852b6d57SScott Wood{
852b6d57SScott Wood	if (filp->f_op != &kvm_device_fops)
852b6d57SScott Wood		return NULL;
852b6d57SScott Wood
852b6d57SScott Wood	return filp->private_data;
852b6d57SScott Wood}
852b6d57SScott Wood
8538cb22SSteven Pricestatic const struct kvm_device_ops *kvm_device_ops_table[KVM_DEV_TYPE_MAX] = {
d60eacb0SWill Deacon#ifdef CONFIG_KVM_MPIC
d60eacb0SWill Deacon	[KVM_DEV_TYPE_FSL_MPIC_20]	= &kvm_mpic_ops,
d60eacb0SWill Deacon	[KVM_DEV_TYPE_FSL_MPIC_42]	= &kvm_mpic_ops,
d60eacb0SWill Deacon#endif
d60eacb0SWill Deacon};
d60eacb0SWill Deacon
8538cb22SSteven Priceint kvm_register_device_ops(const struct kvm_device_ops *ops, u32 type)
d60eacb0SWill Deacon{
d60eacb0SWill Deacon	if (type >= ARRAY_SIZE(kvm_device_ops_table))
d60eacb0SWill Deacon		return -ENOSPC;
d60eacb0SWill Deacon
d60eacb0SWill Deacon	if (kvm_device_ops_table[type] != NULL)
d60eacb0SWill Deacon		return -EEXIST;
d60eacb0SWill Deacon
d60eacb0SWill Deacon	kvm_device_ops_table[type] = ops;
d60eacb0SWill Deacon	return 0;
d60eacb0SWill Deacon}
d60eacb0SWill Deacon
571ee1b6SWanpeng Livoid kvm_unregister_device_ops(u32 type)
571ee1b6SWanpeng Li{
571ee1b6SWanpeng Li	if (kvm_device_ops_table[type] != NULL)
571ee1b6SWanpeng Li		kvm_device_ops_table[type] = NULL;
571ee1b6SWanpeng Li}
571ee1b6SWanpeng Li
852b6d57SScott Woodstatic int kvm_ioctl_create_device(struct kvm *kvm,
852b6d57SScott Wood				   struct kvm_create_device *cd)
852b6d57SScott Wood{
eceb6e1dSLi kunyu	const struct kvm_device_ops *ops;
852b6d57SScott Wood	struct kvm_device *dev;
852b6d57SScott Wood	bool test = cd->flags & KVM_CREATE_DEVICE_TEST;
1d487e9bSPaolo Bonzini	int type;
852b6d57SScott Wood	int ret;
852b6d57SScott Wood
d60eacb0SWill Deacon	if (cd->type >= ARRAY_SIZE(kvm_device_ops_table))
852b6d57SScott Wood		return -ENODEV;
d60eacb0SWill Deacon
1d487e9bSPaolo Bonzini	type = array_index_nospec(cd->type, ARRAY_SIZE(kvm_device_ops_table));
1d487e9bSPaolo Bonzini	ops = kvm_device_ops_table[type];
d60eacb0SWill Deacon	if (ops == NULL)
d60eacb0SWill Deacon		return -ENODEV;
852b6d57SScott Wood
852b6d57SScott Wood	if (test)
852b6d57SScott Wood		return 0;
852b6d57SScott Wood
b12ce36aSBen Gardon	dev = kzalloc(sizeof(*dev), GFP_KERNEL_ACCOUNT);
852b6d57SScott Wood	if (!dev)
852b6d57SScott Wood		return -ENOMEM;
852b6d57SScott Wood
852b6d57SScott Wood	dev->ops = ops;
852b6d57SScott Wood	dev->kvm = kvm;
852b6d57SScott Wood
a28ebea2SChristoffer Dall	mutex_lock(&kvm->lock);
1d487e9bSPaolo Bonzini	ret = ops->create(dev, type);
852b6d57SScott Wood	if (ret < 0) {
a28ebea2SChristoffer Dall		mutex_unlock(&kvm->lock);
852b6d57SScott Wood		kfree(dev);
852b6d57SScott Wood		return ret;
852b6d57SScott Wood	}
a28ebea2SChristoffer Dall	list_add(&dev->vm_node, &kvm->devices);
a28ebea2SChristoffer Dall	mutex_unlock(&kvm->lock);
852b6d57SScott Wood
023e9fddSChristoffer Dall	if (ops->init)
023e9fddSChristoffer Dall		ops->init(dev);
023e9fddSChristoffer Dall
cfa39381SJann Horn	kvm_get_kvm(kvm);
24009b05SYann Droneaud	ret = anon_inode_getfd(ops->name, &kvm_device_fops, dev, O_RDWR | O_CLOEXEC);
852b6d57SScott Wood	if (ret < 0) {
149487bdSSean Christopherson		kvm_put_kvm_no_destroy(kvm);
a28ebea2SChristoffer Dall		mutex_lock(&kvm->lock);
a28ebea2SChristoffer Dall		list_del(&dev->vm_node);
e8bc2427SAlexey Kardashevskiy		if (ops->release)
e8bc2427SAlexey Kardashevskiy			ops->release(dev);
a28ebea2SChristoffer Dall		mutex_unlock(&kvm->lock);
e8bc2427SAlexey Kardashevskiy		if (ops->destroy)
a0f1d21cSDan Carpenter			ops->destroy(dev);
852b6d57SScott Wood		return ret;
852b6d57SScott Wood	}
852b6d57SScott Wood
852b6d57SScott Wood	cd->fd = ret;
852b6d57SScott Wood	return 0;
852b6d57SScott Wood}
852b6d57SScott Wood
f15ba52bSThomas Huthstatic int kvm_vm_ioctl_check_extension_generic(struct kvm *kvm, long arg)
92b591a4SAlexander Graf{
92b591a4SAlexander Graf	switch (arg) {
92b591a4SAlexander Graf	case KVM_CAP_USER_MEMORY:
92b591a4SAlexander Graf	case KVM_CAP_DESTROY_MEMORY_REGION_WORKS:
92b591a4SAlexander Graf	case KVM_CAP_JOIN_MEMORY_REGIONS_WORKS:
92b591a4SAlexander Graf	case KVM_CAP_INTERNAL_ERROR_DATA:
92b591a4SAlexander Graf#ifdef CONFIG_HAVE_KVM_MSI
92b591a4SAlexander Graf	case KVM_CAP_SIGNAL_MSI:
92b591a4SAlexander Graf#endif
297e2105SPaul Mackerras#ifdef CONFIG_HAVE_KVM_IRQFD
dc9be0faSPaolo Bonzini	case KVM_CAP_IRQFD:
92b591a4SAlexander Graf#endif
e9ea5069SJason Wang	case KVM_CAP_IOEVENTFD_ANY_LENGTH:
92b591a4SAlexander Graf	case KVM_CAP_CHECK_EXTENSION_VM:
e5d83c74SPaolo Bonzini	case KVM_CAP_ENABLE_CAP_VM:
acd05785SDavid Matlack	case KVM_CAP_HALT_POLL:
92b591a4SAlexander Graf		return 1;
4b4357e0SPaolo Bonzini#ifdef CONFIG_KVM_MMIO
30422558SPaolo Bonzini	case KVM_CAP_COALESCED_MMIO:
30422558SPaolo Bonzini		return KVM_COALESCED_MMIO_PAGE_OFFSET;
0804c849SPeng Hao	case KVM_CAP_COALESCED_PIO:
0804c849SPeng Hao		return 1;
30422558SPaolo Bonzini#endif
3c9bd400SJay Zhou#ifdef CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT
3c9bd400SJay Zhou	case KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2:
3c9bd400SJay Zhou		return KVM_DIRTY_LOG_MANUAL_CAPS;
3c9bd400SJay Zhou#endif
92b591a4SAlexander Graf#ifdef CONFIG_HAVE_KVM_IRQ_ROUTING
92b591a4SAlexander Graf	case KVM_CAP_IRQ_ROUTING:
92b591a4SAlexander Graf		return KVM_MAX_IRQ_ROUTES;
92b591a4SAlexander Graf#endif
f481b069SPaolo Bonzini#if KVM_ADDRESS_SPACE_NUM > 1
f481b069SPaolo Bonzini	case KVM_CAP_MULTI_ADDRESS_SPACE:
f481b069SPaolo Bonzini		return KVM_ADDRESS_SPACE_NUM;
f481b069SPaolo Bonzini#endif
c110ae57SPaolo Bonzini	case KVM_CAP_NR_MEMSLOTS:
c110ae57SPaolo Bonzini		return KVM_USER_MEM_SLOTS;
fb04a1edSPeter Xu	case KVM_CAP_DIRTY_LOG_RING:
17601bfeSMarc Zyngier#ifdef CONFIG_HAVE_KVM_DIRTY_RING_TSO
17601bfeSMarc Zyngier		return KVM_DIRTY_RING_MAX_ENTRIES * sizeof(struct kvm_dirty_gfn);
17601bfeSMarc Zyngier#else
17601bfeSMarc Zyngier		return 0;
17601bfeSMarc Zyngier#endif
17601bfeSMarc Zyngier	case KVM_CAP_DIRTY_LOG_RING_ACQ_REL:
17601bfeSMarc Zyngier#ifdef CONFIG_HAVE_KVM_DIRTY_RING_ACQ_REL
fb04a1edSPeter Xu		return KVM_DIRTY_RING_MAX_ENTRIES * sizeof(struct kvm_dirty_gfn);
fb04a1edSPeter Xu#else
fb04a1edSPeter Xu		return 0;
fb04a1edSPeter Xu#endif
86bdf3ebSGavin Shan#ifdef CONFIG_NEED_KVM_DIRTY_RING_WITH_BITMAP
86bdf3ebSGavin Shan	case KVM_CAP_DIRTY_LOG_RING_WITH_BITMAP:
86bdf3ebSGavin Shan#endif
ce55c049SJing Zhang	case KVM_CAP_BINARY_STATS_FD:
d495f942SPaolo Bonzini	case KVM_CAP_SYSTEM_EVENT_DATA:
ce55c049SJing Zhang		return 1;
92b591a4SAlexander Graf	default:
92b591a4SAlexander Graf		break;
92b591a4SAlexander Graf	}
92b591a4SAlexander Graf	return kvm_vm_ioctl_check_extension(kvm, arg);
92b591a4SAlexander Graf}
92b591a4SAlexander Graf
fb04a1edSPeter Xustatic int kvm_vm_ioctl_enable_dirty_log_ring(struct kvm *kvm, u32 size)
fb04a1edSPeter Xu{
fb04a1edSPeter Xu	int r;
fb04a1edSPeter Xu
fb04a1edSPeter Xu	if (!KVM_DIRTY_LOG_PAGE_OFFSET)
fb04a1edSPeter Xu		return -EINVAL;
fb04a1edSPeter Xu
fb04a1edSPeter Xu	/* the size should be power of 2 */
fb04a1edSPeter Xu	if (!size || (size & (size - 1)))
fb04a1edSPeter Xu		return -EINVAL;
fb04a1edSPeter Xu
fb04a1edSPeter Xu	/* Should be bigger to keep the reserved entries, or a page */
fb04a1edSPeter Xu	if (size < kvm_dirty_ring_get_rsvd_entries() *
fb04a1edSPeter Xu	    sizeof(struct kvm_dirty_gfn) || size < PAGE_SIZE)
fb04a1edSPeter Xu		return -EINVAL;
fb04a1edSPeter Xu
fb04a1edSPeter Xu	if (size > KVM_DIRTY_RING_MAX_ENTRIES *
fb04a1edSPeter Xu	    sizeof(struct kvm_dirty_gfn))
fb04a1edSPeter Xu		return -E2BIG;
fb04a1edSPeter Xu
fb04a1edSPeter Xu	/* We only allow it to set once */
fb04a1edSPeter Xu	if (kvm->dirty_ring_size)
fb04a1edSPeter Xu		return -EINVAL;
fb04a1edSPeter Xu
fb04a1edSPeter Xu	mutex_lock(&kvm->lock);
fb04a1edSPeter Xu
fb04a1edSPeter Xu	if (kvm->created_vcpus) {
fb04a1edSPeter Xu		/* We don't allow to change this value after vcpu created */
fb04a1edSPeter Xu		r = -EINVAL;
fb04a1edSPeter Xu	} else {
fb04a1edSPeter Xu		kvm->dirty_ring_size = size;
fb04a1edSPeter Xu		r = 0;
fb04a1edSPeter Xu	}
fb04a1edSPeter Xu
fb04a1edSPeter Xu	mutex_unlock(&kvm->lock);
fb04a1edSPeter Xu	return r;
fb04a1edSPeter Xu}
fb04a1edSPeter Xu
fb04a1edSPeter Xustatic int kvm_vm_ioctl_reset_dirty_pages(struct kvm *kvm)
fb04a1edSPeter Xu{
46808a4cSMarc Zyngier	unsigned long i;
fb04a1edSPeter Xu	struct kvm_vcpu *vcpu;
fb04a1edSPeter Xu	int cleared = 0;
fb04a1edSPeter Xu
fb04a1edSPeter Xu	if (!kvm->dirty_ring_size)
fb04a1edSPeter Xu		return -EINVAL;
fb04a1edSPeter Xu
fb04a1edSPeter Xu	mutex_lock(&kvm->slots_lock);
fb04a1edSPeter Xu
fb04a1edSPeter Xu	kvm_for_each_vcpu(i, vcpu, kvm)
fb04a1edSPeter Xu		cleared += kvm_dirty_ring_reset(vcpu->kvm, &vcpu->dirty_ring);
fb04a1edSPeter Xu
fb04a1edSPeter Xu	mutex_unlock(&kvm->slots_lock);
fb04a1edSPeter Xu
fb04a1edSPeter Xu	if (cleared)
fb04a1edSPeter Xu		kvm_flush_remote_tlbs(kvm);
fb04a1edSPeter Xu
fb04a1edSPeter Xu	return cleared;
fb04a1edSPeter Xu}
fb04a1edSPeter Xu
e5d83c74SPaolo Bonziniint __attribute__((weak)) kvm_vm_ioctl_enable_cap(struct kvm *kvm,
e5d83c74SPaolo Bonzini						  struct kvm_enable_cap *cap)
e5d83c74SPaolo Bonzini{
e5d83c74SPaolo Bonzini	return -EINVAL;
e5d83c74SPaolo Bonzini}
e5d83c74SPaolo Bonzini
26f45714SRicardo Kollerbool kvm_are_all_memslots_empty(struct kvm *kvm)
86bdf3ebSGavin Shan{
86bdf3ebSGavin Shan	int i;
86bdf3ebSGavin Shan
86bdf3ebSGavin Shan	lockdep_assert_held(&kvm->slots_lock);
86bdf3ebSGavin Shan
86bdf3ebSGavin Shan	for (i = 0; i < KVM_ADDRESS_SPACE_NUM; i++) {
86bdf3ebSGavin Shan		if (!kvm_memslots_empty(__kvm_memslots(kvm, i)))
86bdf3ebSGavin Shan			return false;
86bdf3ebSGavin Shan	}
86bdf3ebSGavin Shan
86bdf3ebSGavin Shan	return true;
86bdf3ebSGavin Shan}
26f45714SRicardo KollerEXPORT_SYMBOL_GPL(kvm_are_all_memslots_empty);
86bdf3ebSGavin Shan
e5d83c74SPaolo Bonzinistatic int kvm_vm_ioctl_enable_cap_generic(struct kvm *kvm,
e5d83c74SPaolo Bonzini					   struct kvm_enable_cap *cap)
e5d83c74SPaolo Bonzini{
e5d83c74SPaolo Bonzini	switch (cap->cap) {
2a31b9dbSPaolo Bonzini#ifdef CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT
3c9bd400SJay Zhou	case KVM_CAP_MANUAL_DIRTY_LOG_PROTECT2: {
3c9bd400SJay Zhou		u64 allowed_options = KVM_DIRTY_LOG_MANUAL_PROTECT_ENABLE;
3c9bd400SJay Zhou
3c9bd400SJay Zhou		if (cap->args[0] & KVM_DIRTY_LOG_MANUAL_PROTECT_ENABLE)
3c9bd400SJay Zhou			allowed_options = KVM_DIRTY_LOG_MANUAL_CAPS;
3c9bd400SJay Zhou
3c9bd400SJay Zhou		if (cap->flags || (cap->args[0] & ~allowed_options))
2a31b9dbSPaolo Bonzini			return -EINVAL;
2a31b9dbSPaolo Bonzini		kvm->manual_dirty_log_protect = cap->args[0];
2a31b9dbSPaolo Bonzini		return 0;
3c9bd400SJay Zhou	}
2a31b9dbSPaolo Bonzini#endif
acd05785SDavid Matlack	case KVM_CAP_HALT_POLL: {
acd05785SDavid Matlack		if (cap->flags || cap->args[0] != (unsigned int)cap->args[0])
acd05785SDavid Matlack			return -EINVAL;
acd05785SDavid Matlack
acd05785SDavid Matlack		kvm->max_halt_poll_ns = cap->args[0];
9eb8ca04SDavid Matlack
9eb8ca04SDavid Matlack		/*
9eb8ca04SDavid Matlack		 * Ensure kvm->override_halt_poll_ns does not become visible
9eb8ca04SDavid Matlack		 * before kvm->max_halt_poll_ns.
9eb8ca04SDavid Matlack		 *
9eb8ca04SDavid Matlack		 * Pairs with the smp_rmb() in kvm_vcpu_max_halt_poll_ns().
9eb8ca04SDavid Matlack		 */
9eb8ca04SDavid Matlack		smp_wmb();
9eb8ca04SDavid Matlack		kvm->override_halt_poll_ns = true;
9eb8ca04SDavid Matlack
acd05785SDavid Matlack		return 0;
acd05785SDavid Matlack	}
fb04a1edSPeter Xu	case KVM_CAP_DIRTY_LOG_RING:
17601bfeSMarc Zyngier	case KVM_CAP_DIRTY_LOG_RING_ACQ_REL:
7a2726ecSGavin Shan		if (!kvm_vm_ioctl_check_extension_generic(kvm, cap->cap))
7a2726ecSGavin Shan			return -EINVAL;
7a2726ecSGavin Shan
fb04a1edSPeter Xu		return kvm_vm_ioctl_enable_dirty_log_ring(kvm, cap->args[0]);
86bdf3ebSGavin Shan	case KVM_CAP_DIRTY_LOG_RING_WITH_BITMAP: {
86bdf3ebSGavin Shan		int r = -EINVAL;
86bdf3ebSGavin Shan
86bdf3ebSGavin Shan		if (!IS_ENABLED(CONFIG_NEED_KVM_DIRTY_RING_WITH_BITMAP) ||
86bdf3ebSGavin Shan		    !kvm->dirty_ring_size || cap->flags)
86bdf3ebSGavin Shan			return r;
86bdf3ebSGavin Shan
86bdf3ebSGavin Shan		mutex_lock(&kvm->slots_lock);
86bdf3ebSGavin Shan
86bdf3ebSGavin Shan		/*
86bdf3ebSGavin Shan		 * For simplicity, allow enabling ring+bitmap if and only if
86bdf3ebSGavin Shan		 * there are no memslots, e.g. to ensure all memslots allocate
86bdf3ebSGavin Shan		 * a bitmap after the capability is enabled.
86bdf3ebSGavin Shan		 */
86bdf3ebSGavin Shan		if (kvm_are_all_memslots_empty(kvm)) {
86bdf3ebSGavin Shan			kvm->dirty_ring_with_bitmap = true;
86bdf3ebSGavin Shan			r = 0;
86bdf3ebSGavin Shan		}
86bdf3ebSGavin Shan
86bdf3ebSGavin Shan		mutex_unlock(&kvm->slots_lock);
86bdf3ebSGavin Shan
86bdf3ebSGavin Shan		return r;
86bdf3ebSGavin Shan	}
e5d83c74SPaolo Bonzini	default:
e5d83c74SPaolo Bonzini		return kvm_vm_ioctl_enable_cap(kvm, cap);
e5d83c74SPaolo Bonzini	}
e5d83c74SPaolo Bonzini}
e5d83c74SPaolo Bonzini
fcfe1baeSJing Zhangstatic ssize_t kvm_vm_stats_read(struct file *file, char __user *user_buffer,
fcfe1baeSJing Zhang			      size_t size, loff_t *offset)
fcfe1baeSJing Zhang{
fcfe1baeSJing Zhang	struct kvm *kvm = file->private_data;
fcfe1baeSJing Zhang
fcfe1baeSJing Zhang	return kvm_stats_read(kvm->stats_id, &kvm_vm_stats_header,
fcfe1baeSJing Zhang				&kvm_vm_stats_desc[0], &kvm->stat,
fcfe1baeSJing Zhang				sizeof(kvm->stat), user_buffer, size, offset);
fcfe1baeSJing Zhang}
fcfe1baeSJing Zhang
eed3013fSSean Christophersonstatic int kvm_vm_stats_release(struct inode *inode, struct file *file)
eed3013fSSean Christopherson{
eed3013fSSean Christopherson	struct kvm *kvm = file->private_data;
eed3013fSSean Christopherson
eed3013fSSean Christopherson	kvm_put_kvm(kvm);
eed3013fSSean Christopherson	return 0;
eed3013fSSean Christopherson}
eed3013fSSean Christopherson
fcfe1baeSJing Zhangstatic const struct file_operations kvm_vm_stats_fops = {
fcfe1baeSJing Zhang	.read = kvm_vm_stats_read,
eed3013fSSean Christopherson	.release = kvm_vm_stats_release,
fcfe1baeSJing Zhang	.llseek = noop_llseek,
fcfe1baeSJing Zhang};
fcfe1baeSJing Zhang
fcfe1baeSJing Zhangstatic int kvm_vm_ioctl_get_stats_fd(struct kvm *kvm)
fcfe1baeSJing Zhang{
fcfe1baeSJing Zhang	int fd;
fcfe1baeSJing Zhang	struct file *file;
fcfe1baeSJing Zhang
fcfe1baeSJing Zhang	fd = get_unused_fd_flags(O_CLOEXEC);
fcfe1baeSJing Zhang	if (fd < 0)
fcfe1baeSJing Zhang		return fd;
fcfe1baeSJing Zhang
fcfe1baeSJing Zhang	file = anon_inode_getfile("kvm-vm-stats",
fcfe1baeSJing Zhang			&kvm_vm_stats_fops, kvm, O_RDONLY);
fcfe1baeSJing Zhang	if (IS_ERR(file)) {
fcfe1baeSJing Zhang		put_unused_fd(fd);
fcfe1baeSJing Zhang		return PTR_ERR(file);
fcfe1baeSJing Zhang	}
eed3013fSSean Christopherson
eed3013fSSean Christopherson	kvm_get_kvm(kvm);
eed3013fSSean Christopherson
fcfe1baeSJing Zhang	file->f_mode |= FMODE_PREAD;
fcfe1baeSJing Zhang	fd_install(fd, file);
fcfe1baeSJing Zhang
fcfe1baeSJing Zhang	return fd;
fcfe1baeSJing Zhang}
fcfe1baeSJing Zhang
0fce5623SAvi Kivitystatic long kvm_vm_ioctl(struct file *filp,
0fce5623SAvi Kivity			   unsigned int ioctl, unsigned long arg)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	struct kvm *kvm = filp->private_data;
0fce5623SAvi Kivity	void __user *argp = (void __user *)arg;
0fce5623SAvi Kivity	int r;
0fce5623SAvi Kivity
f4d31653SPaolo Bonzini	if (kvm->mm != current->mm || kvm->vm_dead)
0fce5623SAvi Kivity		return -EIO;
0fce5623SAvi Kivity	switch (ioctl) {
0fce5623SAvi Kivity	case KVM_CREATE_VCPU:
0fce5623SAvi Kivity		r = kvm_vm_ioctl_create_vcpu(kvm, arg);
0fce5623SAvi Kivity		break;
e5d83c74SPaolo Bonzini	case KVM_ENABLE_CAP: {
e5d83c74SPaolo Bonzini		struct kvm_enable_cap cap;
e5d83c74SPaolo Bonzini
e5d83c74SPaolo Bonzini		r = -EFAULT;
e5d83c74SPaolo Bonzini		if (copy_from_user(&cap, argp, sizeof(cap)))
e5d83c74SPaolo Bonzini			goto out;
e5d83c74SPaolo Bonzini		r = kvm_vm_ioctl_enable_cap_generic(kvm, &cap);
e5d83c74SPaolo Bonzini		break;
e5d83c74SPaolo Bonzini	}
0fce5623SAvi Kivity	case KVM_SET_USER_MEMORY_REGION: {
0fce5623SAvi Kivity		struct kvm_userspace_memory_region kvm_userspace_mem;
0fce5623SAvi Kivity
0fce5623SAvi Kivity		r = -EFAULT;
0fce5623SAvi Kivity		if (copy_from_user(&kvm_userspace_mem, argp,
893bdbf1SXiubo Li						sizeof(kvm_userspace_mem)))
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity
47ae31e2STakuya Yoshikawa		r = kvm_vm_ioctl_set_memory_region(kvm, &kvm_userspace_mem);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity	case KVM_GET_DIRTY_LOG: {
0fce5623SAvi Kivity		struct kvm_dirty_log log;
0fce5623SAvi Kivity
0fce5623SAvi Kivity		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&log, argp, sizeof(log)))
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity		r = kvm_vm_ioctl_get_dirty_log(kvm, &log);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	}
2a31b9dbSPaolo Bonzini#ifdef CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT
2a31b9dbSPaolo Bonzini	case KVM_CLEAR_DIRTY_LOG: {
2a31b9dbSPaolo Bonzini		struct kvm_clear_dirty_log log;
2a31b9dbSPaolo Bonzini
2a31b9dbSPaolo Bonzini		r = -EFAULT;
2a31b9dbSPaolo Bonzini		if (copy_from_user(&log, argp, sizeof(log)))
2a31b9dbSPaolo Bonzini			goto out;
2a31b9dbSPaolo Bonzini		r = kvm_vm_ioctl_clear_dirty_log(kvm, &log);
2a31b9dbSPaolo Bonzini		break;
2a31b9dbSPaolo Bonzini	}
2a31b9dbSPaolo Bonzini#endif
4b4357e0SPaolo Bonzini#ifdef CONFIG_KVM_MMIO
5f94c174SLaurent Vivier	case KVM_REGISTER_COALESCED_MMIO: {
5f94c174SLaurent Vivier		struct kvm_coalesced_mmio_zone zone;
f95ef0cdSXiubo Li
5f94c174SLaurent Vivier		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&zone, argp, sizeof(zone)))
5f94c174SLaurent Vivier			goto out;
5f94c174SLaurent Vivier		r = kvm_vm_ioctl_register_coalesced_mmio(kvm, &zone);
5f94c174SLaurent Vivier		break;
5f94c174SLaurent Vivier	}
5f94c174SLaurent Vivier	case KVM_UNREGISTER_COALESCED_MMIO: {
5f94c174SLaurent Vivier		struct kvm_coalesced_mmio_zone zone;
f95ef0cdSXiubo Li
5f94c174SLaurent Vivier		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&zone, argp, sizeof(zone)))
5f94c174SLaurent Vivier			goto out;
5f94c174SLaurent Vivier		r = kvm_vm_ioctl_unregister_coalesced_mmio(kvm, &zone);
5f94c174SLaurent Vivier		break;
5f94c174SLaurent Vivier	}
5f94c174SLaurent Vivier#endif
721eecbfSGregory Haskins	case KVM_IRQFD: {
721eecbfSGregory Haskins		struct kvm_irqfd data;
721eecbfSGregory Haskins
721eecbfSGregory Haskins		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&data, argp, sizeof(data)))
721eecbfSGregory Haskins			goto out;
d4db2935SAlex Williamson		r = kvm_irqfd(kvm, &data);
721eecbfSGregory Haskins		break;
721eecbfSGregory Haskins	}
d34e6b17SGregory Haskins	case KVM_IOEVENTFD: {
d34e6b17SGregory Haskins		struct kvm_ioeventfd data;
d34e6b17SGregory Haskins
d34e6b17SGregory Haskins		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&data, argp, sizeof(data)))
d34e6b17SGregory Haskins			goto out;
d34e6b17SGregory Haskins		r = kvm_ioeventfd(kvm, &data);
d34e6b17SGregory Haskins		break;
d34e6b17SGregory Haskins	}
07975ad3SJan Kiszka#ifdef CONFIG_HAVE_KVM_MSI
07975ad3SJan Kiszka	case KVM_SIGNAL_MSI: {
07975ad3SJan Kiszka		struct kvm_msi msi;
07975ad3SJan Kiszka
07975ad3SJan Kiszka		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&msi, argp, sizeof(msi)))
07975ad3SJan Kiszka			goto out;
07975ad3SJan Kiszka		r = kvm_send_userspace_msi(kvm, &msi);
07975ad3SJan Kiszka		break;
07975ad3SJan Kiszka	}
07975ad3SJan Kiszka#endif
23d43cf9SChristoffer Dall#ifdef __KVM_HAVE_IRQ_LINE
23d43cf9SChristoffer Dall	case KVM_IRQ_LINE_STATUS:
23d43cf9SChristoffer Dall	case KVM_IRQ_LINE: {
23d43cf9SChristoffer Dall		struct kvm_irq_level irq_event;
23d43cf9SChristoffer Dall
23d43cf9SChristoffer Dall		r = -EFAULT;
893bdbf1SXiubo Li		if (copy_from_user(&irq_event, argp, sizeof(irq_event)))
23d43cf9SChristoffer Dall			goto out;
23d43cf9SChristoffer Dall
aa2fbe6dSYang Zhang		r = kvm_vm_ioctl_irq_line(kvm, &irq_event,
aa2fbe6dSYang Zhang					ioctl == KVM_IRQ_LINE_STATUS);
23d43cf9SChristoffer Dall		if (r)
23d43cf9SChristoffer Dall			goto out;
23d43cf9SChristoffer Dall
23d43cf9SChristoffer Dall		r = -EFAULT;
23d43cf9SChristoffer Dall		if (ioctl == KVM_IRQ_LINE_STATUS) {
893bdbf1SXiubo Li			if (copy_to_user(argp, &irq_event, sizeof(irq_event)))
23d43cf9SChristoffer Dall				goto out;
23d43cf9SChristoffer Dall		}
23d43cf9SChristoffer Dall
23d43cf9SChristoffer Dall		r = 0;
23d43cf9SChristoffer Dall		break;
23d43cf9SChristoffer Dall	}
23d43cf9SChristoffer Dall#endif
aa8d5944SAlexander Graf#ifdef CONFIG_HAVE_KVM_IRQ_ROUTING
aa8d5944SAlexander Graf	case KVM_SET_GSI_ROUTING: {
aa8d5944SAlexander Graf		struct kvm_irq_routing routing;
aa8d5944SAlexander Graf		struct kvm_irq_routing __user *urouting;
f8c1b85bSPaolo Bonzini		struct kvm_irq_routing_entry *entries = NULL;
aa8d5944SAlexander Graf
aa8d5944SAlexander Graf		r = -EFAULT;
aa8d5944SAlexander Graf		if (copy_from_user(&routing, argp, sizeof(routing)))
aa8d5944SAlexander Graf			goto out;
aa8d5944SAlexander Graf		r = -EINVAL;
5c0aea0eSDavid Hildenbrand		if (!kvm_arch_can_set_irq_routing(kvm))
5c0aea0eSDavid Hildenbrand			goto out;
caf1ff26SXiubo Li		if (routing.nr > KVM_MAX_IRQ_ROUTES)
aa8d5944SAlexander Graf			goto out;
aa8d5944SAlexander Graf		if (routing.flags)
aa8d5944SAlexander Graf			goto out;
f8c1b85bSPaolo Bonzini		if (routing.nr) {
aa8d5944SAlexander Graf			urouting = argp;
7ec28e26SDenis Efremov			entries = vmemdup_user(urouting->entries,
7ec28e26SDenis Efremov					       array_size(sizeof(*entries),
7ec28e26SDenis Efremov							  routing.nr));
7ec28e26SDenis Efremov			if (IS_ERR(entries)) {
7ec28e26SDenis Efremov				r = PTR_ERR(entries);
7ec28e26SDenis Efremov				goto out;
7ec28e26SDenis Efremov			}
f8c1b85bSPaolo Bonzini		}
aa8d5944SAlexander Graf		r = kvm_set_irq_routing(kvm, entries, routing.nr,
aa8d5944SAlexander Graf					routing.flags);
7ec28e26SDenis Efremov		kvfree(entries);
aa8d5944SAlexander Graf		break;
aa8d5944SAlexander Graf	}
aa8d5944SAlexander Graf#endif /* CONFIG_HAVE_KVM_IRQ_ROUTING */
852b6d57SScott Wood	case KVM_CREATE_DEVICE: {
852b6d57SScott Wood		struct kvm_create_device cd;
852b6d57SScott Wood
852b6d57SScott Wood		r = -EFAULT;
852b6d57SScott Wood		if (copy_from_user(&cd, argp, sizeof(cd)))
852b6d57SScott Wood			goto out;
852b6d57SScott Wood
852b6d57SScott Wood		r = kvm_ioctl_create_device(kvm, &cd);
852b6d57SScott Wood		if (r)
852b6d57SScott Wood			goto out;
852b6d57SScott Wood
852b6d57SScott Wood		r = -EFAULT;
852b6d57SScott Wood		if (copy_to_user(argp, &cd, sizeof(cd)))
852b6d57SScott Wood			goto out;
852b6d57SScott Wood
852b6d57SScott Wood		r = 0;
852b6d57SScott Wood		break;
852b6d57SScott Wood	}
92b591a4SAlexander Graf	case KVM_CHECK_EXTENSION:
92b591a4SAlexander Graf		r = kvm_vm_ioctl_check_extension_generic(kvm, arg);
92b591a4SAlexander Graf		break;
fb04a1edSPeter Xu	case KVM_RESET_DIRTY_RINGS:
fb04a1edSPeter Xu		r = kvm_vm_ioctl_reset_dirty_pages(kvm);
fb04a1edSPeter Xu		break;
fcfe1baeSJing Zhang	case KVM_GET_STATS_FD:
fcfe1baeSJing Zhang		r = kvm_vm_ioctl_get_stats_fd(kvm);
fcfe1baeSJing Zhang		break;
0fce5623SAvi Kivity	default:
0fce5623SAvi Kivity		r = kvm_arch_vm_ioctl(filp, ioctl, arg);
0fce5623SAvi Kivity	}
0fce5623SAvi Kivityout:
0fce5623SAvi Kivity	return r;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
de8e5d74SChristian Borntraeger#ifdef CONFIG_KVM_COMPAT
6ff5894cSArnd Bergmannstruct compat_kvm_dirty_log {
6ff5894cSArnd Bergmann	__u32 slot;
6ff5894cSArnd Bergmann	__u32 padding1;
6ff5894cSArnd Bergmann	union {
6ff5894cSArnd Bergmann		compat_uptr_t dirty_bitmap; /* one bit per page */
6ff5894cSArnd Bergmann		__u64 padding2;
6ff5894cSArnd Bergmann	};
6ff5894cSArnd Bergmann};
6ff5894cSArnd Bergmann
8750f9bbSPaolo Bonzinistruct compat_kvm_clear_dirty_log {
8750f9bbSPaolo Bonzini	__u32 slot;
8750f9bbSPaolo Bonzini	__u32 num_pages;
8750f9bbSPaolo Bonzini	__u64 first_page;
8750f9bbSPaolo Bonzini	union {
8750f9bbSPaolo Bonzini		compat_uptr_t dirty_bitmap; /* one bit per page */
8750f9bbSPaolo Bonzini		__u64 padding2;
8750f9bbSPaolo Bonzini	};
8750f9bbSPaolo Bonzini};
8750f9bbSPaolo Bonzini
ed51862fSAlexander Graflong __weak kvm_arch_vm_compat_ioctl(struct file *filp, unsigned int ioctl,
ed51862fSAlexander Graf				     unsigned long arg)
ed51862fSAlexander Graf{
ed51862fSAlexander Graf	return -ENOTTY;
ed51862fSAlexander Graf}
ed51862fSAlexander Graf
6ff5894cSArnd Bergmannstatic long kvm_vm_compat_ioctl(struct file *filp,
6ff5894cSArnd Bergmann			   unsigned int ioctl, unsigned long arg)
6ff5894cSArnd Bergmann{
6ff5894cSArnd Bergmann	struct kvm *kvm = filp->private_data;
6ff5894cSArnd Bergmann	int r;
6ff5894cSArnd Bergmann
f4d31653SPaolo Bonzini	if (kvm->mm != current->mm || kvm->vm_dead)
6ff5894cSArnd Bergmann		return -EIO;
ed51862fSAlexander Graf
ed51862fSAlexander Graf	r = kvm_arch_vm_compat_ioctl(filp, ioctl, arg);
ed51862fSAlexander Graf	if (r != -ENOTTY)
ed51862fSAlexander Graf		return r;
ed51862fSAlexander Graf
6ff5894cSArnd Bergmann	switch (ioctl) {
8750f9bbSPaolo Bonzini#ifdef CONFIG_KVM_GENERIC_DIRTYLOG_READ_PROTECT
8750f9bbSPaolo Bonzini	case KVM_CLEAR_DIRTY_LOG: {
8750f9bbSPaolo Bonzini		struct compat_kvm_clear_dirty_log compat_log;
8750f9bbSPaolo Bonzini		struct kvm_clear_dirty_log log;
8750f9bbSPaolo Bonzini
8750f9bbSPaolo Bonzini		if (copy_from_user(&compat_log, (void __user *)arg,
8750f9bbSPaolo Bonzini				   sizeof(compat_log)))
8750f9bbSPaolo Bonzini			return -EFAULT;
8750f9bbSPaolo Bonzini		log.slot	 = compat_log.slot;
8750f9bbSPaolo Bonzini		log.num_pages	 = compat_log.num_pages;
8750f9bbSPaolo Bonzini		log.first_page	 = compat_log.first_page;
8750f9bbSPaolo Bonzini		log.padding2	 = compat_log.padding2;
8750f9bbSPaolo Bonzini		log.dirty_bitmap = compat_ptr(compat_log.dirty_bitmap);
8750f9bbSPaolo Bonzini
8750f9bbSPaolo Bonzini		r = kvm_vm_ioctl_clear_dirty_log(kvm, &log);
8750f9bbSPaolo Bonzini		break;
8750f9bbSPaolo Bonzini	}
8750f9bbSPaolo Bonzini#endif
6ff5894cSArnd Bergmann	case KVM_GET_DIRTY_LOG: {
6ff5894cSArnd Bergmann		struct compat_kvm_dirty_log compat_log;
6ff5894cSArnd Bergmann		struct kvm_dirty_log log;
6ff5894cSArnd Bergmann
6ff5894cSArnd Bergmann		if (copy_from_user(&compat_log, (void __user *)arg,
6ff5894cSArnd Bergmann				   sizeof(compat_log)))
f6a3b168SMarkus Elfring			return -EFAULT;
6ff5894cSArnd Bergmann		log.slot	 = compat_log.slot;
6ff5894cSArnd Bergmann		log.padding1	 = compat_log.padding1;
6ff5894cSArnd Bergmann		log.padding2	 = compat_log.padding2;
6ff5894cSArnd Bergmann		log.dirty_bitmap = compat_ptr(compat_log.dirty_bitmap);
6ff5894cSArnd Bergmann
6ff5894cSArnd Bergmann		r = kvm_vm_ioctl_get_dirty_log(kvm, &log);
6ff5894cSArnd Bergmann		break;
6ff5894cSArnd Bergmann	}
6ff5894cSArnd Bergmann	default:
6ff5894cSArnd Bergmann		r = kvm_vm_ioctl(filp, ioctl, arg);
6ff5894cSArnd Bergmann	}
6ff5894cSArnd Bergmann	return r;
6ff5894cSArnd Bergmann}
6ff5894cSArnd Bergmann#endif
6ff5894cSArnd Bergmann
70375c2dSDavid Matlackstatic const struct file_operations kvm_vm_fops = {
0fce5623SAvi Kivity	.release        = kvm_vm_release,
0fce5623SAvi Kivity	.unlocked_ioctl = kvm_vm_ioctl,
6038f373SArnd Bergmann	.llseek		= noop_llseek,
7ddfd3e0SMarc Zyngier	KVM_COMPAT(kvm_vm_compat_ioctl),
0fce5623SAvi Kivity};
0fce5623SAvi Kivity
54526d1fSNathan Tempelmanbool file_is_kvm(struct file *file)
54526d1fSNathan Tempelman{
54526d1fSNathan Tempelman	return file && file->f_op == &kvm_vm_fops;
54526d1fSNathan Tempelman}
54526d1fSNathan TempelmanEXPORT_SYMBOL_GPL(file_is_kvm);
54526d1fSNathan Tempelman
e08b9637SCarsten Ottestatic int kvm_dev_ioctl_create_vm(unsigned long type)
0fce5623SAvi Kivity{
59f82aadSOliver Upton	char fdname[ITOA_MAX_LEN + 1];
20020f4cSOliver Upton	int r, fd;
0fce5623SAvi Kivity	struct kvm *kvm;
506cfba9SAl Viro	struct file *file;
0fce5623SAvi Kivity
20020f4cSOliver Upton	fd = get_unused_fd_flags(O_CLOEXEC);
20020f4cSOliver Upton	if (fd < 0)
20020f4cSOliver Upton		return fd;
20020f4cSOliver Upton
59f82aadSOliver Upton	snprintf(fdname, sizeof(fdname), "%d", fd);
59f82aadSOliver Upton
b74ed7a6SOliver Upton	kvm = kvm_create_vm(type, fdname);
20020f4cSOliver Upton	if (IS_ERR(kvm)) {
20020f4cSOliver Upton		r = PTR_ERR(kvm);
20020f4cSOliver Upton		goto put_fd;
20020f4cSOliver Upton	}
20020f4cSOliver Upton
506cfba9SAl Viro	file = anon_inode_getfile("kvm-vm", &kvm_vm_fops, kvm, O_RDWR);
506cfba9SAl Viro	if (IS_ERR(file)) {
78588335SMarkus Elfring		r = PTR_ERR(file);
78588335SMarkus Elfring		goto put_kvm;
506cfba9SAl Viro	}
536a6f88SJanosch Frank
525df861SPaolo Bonzini	/*
525df861SPaolo Bonzini	 * Don't call kvm_put_kvm anymore at this point; file->f_op is
525df861SPaolo Bonzini	 * already set, with ->release() being kvm_vm_release().  In error
525df861SPaolo Bonzini	 * cases it will be called by the final fput(file) and will take
525df861SPaolo Bonzini	 * care of doing kvm_put_kvm(kvm).
525df861SPaolo Bonzini	 */
286de8f6SClaudio Imbrenda	kvm_uevent_notify_change(KVM_EVENT_CREATE_VM, kvm);
0fce5623SAvi Kivity
20020f4cSOliver Upton	fd_install(fd, file);
20020f4cSOliver Upton	return fd;
78588335SMarkus Elfring
78588335SMarkus Elfringput_kvm:
78588335SMarkus Elfring	kvm_put_kvm(kvm);
20020f4cSOliver Uptonput_fd:
20020f4cSOliver Upton	put_unused_fd(fd);
78588335SMarkus Elfring	return r;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic long kvm_dev_ioctl(struct file *filp,
0fce5623SAvi Kivity			  unsigned int ioctl, unsigned long arg)
0fce5623SAvi Kivity{
f15ba52bSThomas Huth	int r = -EINVAL;
0fce5623SAvi Kivity
0fce5623SAvi Kivity	switch (ioctl) {
0fce5623SAvi Kivity	case KVM_GET_API_VERSION:
0fce5623SAvi Kivity		if (arg)
0fce5623SAvi Kivity			goto out;
0fce5623SAvi Kivity		r = KVM_API_VERSION;
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	case KVM_CREATE_VM:
e08b9637SCarsten Otte		r = kvm_dev_ioctl_create_vm(arg);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	case KVM_CHECK_EXTENSION:
784aa3d7SAlexander Graf		r = kvm_vm_ioctl_check_extension_generic(NULL, arg);
0fce5623SAvi Kivity		break;
0fce5623SAvi Kivity	case KVM_GET_VCPU_MMAP_SIZE:
0fce5623SAvi Kivity		if (arg)
0fce5623SAvi Kivity			goto out;
adb1ff46SAvi Kivity		r = PAGE_SIZE;     /* struct kvm_run */
adb1ff46SAvi Kivity#ifdef CONFIG_X86
adb1ff46SAvi Kivity		r += PAGE_SIZE;    /* pio data page */
adb1ff46SAvi Kivity#endif
4b4357e0SPaolo Bonzini#ifdef CONFIG_KVM_MMIO
5f94c174SLaurent Vivier		r += PAGE_SIZE;    /* coalesced mmio ring page */
5f94c174SLaurent Vivier#endif
0fce5623SAvi Kivity		break;
d4c9ff2dSFeng(Eric) Liu	case KVM_TRACE_ENABLE:
d4c9ff2dSFeng(Eric) Liu	case KVM_TRACE_PAUSE:
d4c9ff2dSFeng(Eric) Liu	case KVM_TRACE_DISABLE:
2023a29cSMarcelo Tosatti		r = -EOPNOTSUPP;
d4c9ff2dSFeng(Eric) Liu		break;
0fce5623SAvi Kivity	default:
0fce5623SAvi Kivity		return kvm_arch_dev_ioctl(filp, ioctl, arg);
0fce5623SAvi Kivity	}
0fce5623SAvi Kivityout:
0fce5623SAvi Kivity	return r;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic struct file_operations kvm_chardev_ops = {
0fce5623SAvi Kivity	.unlocked_ioctl = kvm_dev_ioctl,
6038f373SArnd Bergmann	.llseek		= noop_llseek,
7ddfd3e0SMarc Zyngier	KVM_COMPAT(kvm_dev_ioctl),
0fce5623SAvi Kivity};
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic struct miscdevice kvm_dev = {
0fce5623SAvi Kivity	KVM_MINOR,
0fce5623SAvi Kivity	"kvm",
0fce5623SAvi Kivity	&kvm_chardev_ops,
0fce5623SAvi Kivity};
0fce5623SAvi Kivity
441f7bfaSSean Christopherson#ifdef CONFIG_KVM_GENERIC_HARDWARE_ENABLING
441f7bfaSSean Christopherson__visible bool kvm_rebooting;
441f7bfaSSean ChristophersonEXPORT_SYMBOL_GPL(kvm_rebooting);
441f7bfaSSean Christopherson
441f7bfaSSean Christophersonstatic DEFINE_PER_CPU(bool, hardware_enabled);
*4777225eSSean Christophersonstatic DEFINE_MUTEX(kvm_usage_lock);
441f7bfaSSean Christophersonstatic int kvm_usage_count;
441f7bfaSSean Christopherson
e6fb7d6eSIsaku Yamahatastatic int __hardware_enable_nolock(void)
0fce5623SAvi Kivity{
37d25881SSean Christopherson	if (__this_cpu_read(hardware_enabled))
e6fb7d6eSIsaku Yamahata		return 0;
10474ae8SAlexander Graf
37d25881SSean Christopherson	if (kvm_arch_hardware_enable()) {
37d25881SSean Christopherson		pr_info("kvm: enabling virtualization on CPU%d failed\n",
37d25881SSean Christopherson			raw_smp_processor_id());
e6fb7d6eSIsaku Yamahata		return -EIO;
10474ae8SAlexander Graf	}
37d25881SSean Christopherson
37d25881SSean Christopherson	__this_cpu_write(hardware_enabled, true);
e6fb7d6eSIsaku Yamahata	return 0;
e6fb7d6eSIsaku Yamahata}
e6fb7d6eSIsaku Yamahata
e6fb7d6eSIsaku Yamahatastatic void hardware_enable_nolock(void *failed)
e6fb7d6eSIsaku Yamahata{
e6fb7d6eSIsaku Yamahata	if (__hardware_enable_nolock())
e6fb7d6eSIsaku Yamahata		atomic_inc(failed);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
aaf12a7bSChao Gaostatic int kvm_online_cpu(unsigned int cpu)
75b7127cSTakuya Yoshikawa{
aaf12a7bSChao Gao	int ret = 0;
aaf12a7bSChao Gao
aaf12a7bSChao Gao	/*
aaf12a7bSChao Gao	 * Abort the CPU online process if hardware virtualization cannot
aaf12a7bSChao Gao	 * be enabled. Otherwise running VMs would encounter unrecoverable
aaf12a7bSChao Gao	 * errors when scheduled to this CPU.
aaf12a7bSChao Gao	 */
*4777225eSSean Christopherson	mutex_lock(&kvm_usage_lock);
e6fb7d6eSIsaku Yamahata	if (kvm_usage_count)
e6fb7d6eSIsaku Yamahata		ret = __hardware_enable_nolock();
*4777225eSSean Christopherson	mutex_unlock(&kvm_usage_lock);
aaf12a7bSChao Gao	return ret;
75b7127cSTakuya Yoshikawa}
75b7127cSTakuya Yoshikawa
75b7127cSTakuya Yoshikawastatic void hardware_disable_nolock(void *junk)
0fce5623SAvi Kivity{
37d25881SSean Christopherson	/*
37d25881SSean Christopherson	 * Note, hardware_disable_all_nolock() tells all online CPUs to disable
37d25881SSean Christopherson	 * hardware, not just CPUs that successfully enabled hardware!
37d25881SSean Christopherson	 */
37d25881SSean Christopherson	if (!__this_cpu_read(hardware_enabled))
0fce5623SAvi Kivity		return;
37d25881SSean Christopherson
13a34e06SRadim Krčmář	kvm_arch_hardware_disable();
37d25881SSean Christopherson
37d25881SSean Christopherson	__this_cpu_write(hardware_enabled, false);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
aaf12a7bSChao Gaostatic int kvm_offline_cpu(unsigned int cpu)
75b7127cSTakuya Yoshikawa{
*4777225eSSean Christopherson	mutex_lock(&kvm_usage_lock);
4fa92fb2SPaolo Bonzini	if (kvm_usage_count)
4fa92fb2SPaolo Bonzini		hardware_disable_nolock(NULL);
*4777225eSSean Christopherson	mutex_unlock(&kvm_usage_lock);
8c18b2d2SThomas Gleixner	return 0;
75b7127cSTakuya Yoshikawa}
75b7127cSTakuya Yoshikawa
10474ae8SAlexander Grafstatic void hardware_disable_all_nolock(void)
10474ae8SAlexander Graf{
10474ae8SAlexander Graf	BUG_ON(!kvm_usage_count);
10474ae8SAlexander Graf
10474ae8SAlexander Graf	kvm_usage_count--;
10474ae8SAlexander Graf	if (!kvm_usage_count)
75b7127cSTakuya Yoshikawa		on_each_cpu(hardware_disable_nolock, NULL, 1);
10474ae8SAlexander Graf}
10474ae8SAlexander Graf
10474ae8SAlexander Grafstatic void hardware_disable_all(void)
10474ae8SAlexander Graf{
e4aa7f88SChao Gao	cpus_read_lock();
*4777225eSSean Christopherson	mutex_lock(&kvm_usage_lock);
10474ae8SAlexander Graf	hardware_disable_all_nolock();
*4777225eSSean Christopherson	mutex_unlock(&kvm_usage_lock);
e4aa7f88SChao Gao	cpus_read_unlock();
10474ae8SAlexander Graf}
10474ae8SAlexander Graf
10474ae8SAlexander Grafstatic int hardware_enable_all(void)
10474ae8SAlexander Graf{
e6fb7d6eSIsaku Yamahata	atomic_t failed = ATOMIC_INIT(0);
e0ceec22SSean Christopherson	int r;
e0ceec22SSean Christopherson
e0ceec22SSean Christopherson	/*
e0ceec22SSean Christopherson	 * Do not enable hardware virtualization if the system is going down.
e0ceec22SSean Christopherson	 * If userspace initiated a forced reboot, e.g. reboot -f, then it's
e0ceec22SSean Christopherson	 * possible for an in-flight KVM_CREATE_VM to trigger hardware enabling
e0ceec22SSean Christopherson	 * after kvm_reboot() is called.  Note, this relies on system_state
e0ceec22SSean Christopherson	 * being set _before_ kvm_reboot(), which is why KVM uses a syscore ops
e0ceec22SSean Christopherson	 * hook instead of registering a dedicated reboot notifier (the latter
e0ceec22SSean Christopherson	 * runs before system_state is updated).
e0ceec22SSean Christopherson	 */
e0ceec22SSean Christopherson	if (system_state == SYSTEM_HALT || system_state == SYSTEM_POWER_OFF ||
e0ceec22SSean Christopherson	    system_state == SYSTEM_RESTART)
e0ceec22SSean Christopherson		return -EBUSY;
10474ae8SAlexander Graf
e4aa7f88SChao Gao	/*
e4aa7f88SChao Gao	 * When onlining a CPU, cpu_online_mask is set before kvm_online_cpu()
e4aa7f88SChao Gao	 * is called, and so on_each_cpu() between them includes the CPU that
e4aa7f88SChao Gao	 * is being onlined.  As a result, hardware_enable_nolock() may get
e4aa7f88SChao Gao	 * invoked before kvm_online_cpu(), which also enables hardware if the
e4aa7f88SChao Gao	 * usage count is non-zero.  Disable CPU hotplug to avoid attempting to
e4aa7f88SChao Gao	 * enable hardware multiple times.
e4aa7f88SChao Gao	 */
e4aa7f88SChao Gao	cpus_read_lock();
*4777225eSSean Christopherson	mutex_lock(&kvm_usage_lock);
10474ae8SAlexander Graf
e0ceec22SSean Christopherson	r = 0;
e0ceec22SSean Christopherson
10474ae8SAlexander Graf	kvm_usage_count++;
10474ae8SAlexander Graf	if (kvm_usage_count == 1) {
e6fb7d6eSIsaku Yamahata		on_each_cpu(hardware_enable_nolock, &failed, 1);
10474ae8SAlexander Graf
e6fb7d6eSIsaku Yamahata		if (atomic_read(&failed)) {
10474ae8SAlexander Graf			hardware_disable_all_nolock();
10474ae8SAlexander Graf			r = -EBUSY;
10474ae8SAlexander Graf		}
10474ae8SAlexander Graf	}
10474ae8SAlexander Graf
*4777225eSSean Christopherson	mutex_unlock(&kvm_usage_lock);
e4aa7f88SChao Gao	cpus_read_unlock();
10474ae8SAlexander Graf
10474ae8SAlexander Graf	return r;
10474ae8SAlexander Graf}
10474ae8SAlexander Graf
6735150bSSean Christophersonstatic void kvm_shutdown(void)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	/*
6735150bSSean Christopherson	 * Disable hardware virtualization and set kvm_rebooting to indicate
6735150bSSean Christopherson	 * that KVM has asynchronously disabled hardware virtualization, i.e.
6735150bSSean Christopherson	 * that relevant errors and exceptions aren't entirely unexpected.
6735150bSSean Christopherson	 * Some flavors of hardware virtualization need to be disabled before
6735150bSSean Christopherson	 * transferring control to firmware (to perform shutdown/reboot), e.g.
6735150bSSean Christopherson	 * on x86, virtualization can block INIT interrupts, which are used by
6735150bSSean Christopherson	 * firmware to pull APs back under firmware control.  Note, this path
6735150bSSean Christopherson	 * is used for both shutdown and reboot scenarios, i.e. neither name is
6735150bSSean Christopherson	 * 100% comprehensive.
0fce5623SAvi Kivity	 */
1170adc6SXiubo Li	pr_info("kvm: exiting hardware virtualization\n");
4ecac3fdSAvi Kivity	kvm_rebooting = true;
75b7127cSTakuya Yoshikawa	on_each_cpu(hardware_disable_nolock, NULL, 1);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
35774a9fSSean Christophersonstatic int kvm_suspend(void)
35774a9fSSean Christopherson{
35774a9fSSean Christopherson	/*
35774a9fSSean Christopherson	 * Secondary CPUs and CPU hotplug are disabled across the suspend/resume
*4777225eSSean Christopherson	 * callbacks, i.e. no need to acquire kvm_usage_lock to ensure the usage
*4777225eSSean Christopherson	 * count is stable.  Assert that kvm_usage_lock is not held to ensure
*4777225eSSean Christopherson	 * the system isn't suspended while KVM is enabling hardware.  Hardware
*4777225eSSean Christopherson	 * enabling can be preempted, but the task cannot be frozen until it has
*4777225eSSean Christopherson	 * dropped all locks (userspace tasks are frozen via a fake signal).
35774a9fSSean Christopherson	 */
*4777225eSSean Christopherson	lockdep_assert_not_held(&kvm_usage_lock);
35774a9fSSean Christopherson	lockdep_assert_irqs_disabled();
35774a9fSSean Christopherson
35774a9fSSean Christopherson	if (kvm_usage_count)
35774a9fSSean Christopherson		hardware_disable_nolock(NULL);
35774a9fSSean Christopherson	return 0;
35774a9fSSean Christopherson}
35774a9fSSean Christopherson
35774a9fSSean Christophersonstatic void kvm_resume(void)
35774a9fSSean Christopherson{
*4777225eSSean Christopherson	lockdep_assert_not_held(&kvm_usage_lock);
35774a9fSSean Christopherson	lockdep_assert_irqs_disabled();
35774a9fSSean Christopherson
35774a9fSSean Christopherson	if (kvm_usage_count)
35774a9fSSean Christopherson		WARN_ON_ONCE(__hardware_enable_nolock());
35774a9fSSean Christopherson}
35774a9fSSean Christopherson
35774a9fSSean Christophersonstatic struct syscore_ops kvm_syscore_ops = {
35774a9fSSean Christopherson	.suspend = kvm_suspend,
35774a9fSSean Christopherson	.resume = kvm_resume,
6735150bSSean Christopherson	.shutdown = kvm_shutdown,
35774a9fSSean Christopherson};
441f7bfaSSean Christopherson#else /* CONFIG_KVM_GENERIC_HARDWARE_ENABLING */
441f7bfaSSean Christophersonstatic int hardware_enable_all(void)
441f7bfaSSean Christopherson{
441f7bfaSSean Christopherson	return 0;
441f7bfaSSean Christopherson}
441f7bfaSSean Christopherson
441f7bfaSSean Christophersonstatic void hardware_disable_all(void)
441f7bfaSSean Christopherson{
441f7bfaSSean Christopherson
441f7bfaSSean Christopherson}
441f7bfaSSean Christopherson#endif /* CONFIG_KVM_GENERIC_HARDWARE_ENABLING */
35774a9fSSean Christopherson
5ea5ca3cSWei Wangstatic void kvm_iodevice_destructor(struct kvm_io_device *dev)
5ea5ca3cSWei Wang{
5ea5ca3cSWei Wang	if (dev->ops->destructor)
5ea5ca3cSWei Wang		dev->ops->destructor(dev);
5ea5ca3cSWei Wang}
5ea5ca3cSWei Wang
e93f8a0fSMarcelo Tosattistatic void kvm_io_bus_destroy(struct kvm_io_bus *bus)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	int i;
0fce5623SAvi Kivity
0fce5623SAvi Kivity	for (i = 0; i < bus->dev_count; i++) {
743eeb0bSSasha Levin		struct kvm_io_device *pos = bus->range[i].dev;
0fce5623SAvi Kivity
0fce5623SAvi Kivity		kvm_iodevice_destructor(pos);
0fce5623SAvi Kivity	}
e93f8a0fSMarcelo Tosatti	kfree(bus);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
c21fbff1SPaolo Bonzinistatic inline int kvm_io_bus_cmp(const struct kvm_io_range *r1,
a343c9b7SPaolo Bonzini				 const struct kvm_io_range *r2)
743eeb0bSSasha Levin{
8f4216c7SJason Wang	gpa_t addr1 = r1->addr;
8f4216c7SJason Wang	gpa_t addr2 = r2->addr;
8f4216c7SJason Wang
8f4216c7SJason Wang	if (addr1 < addr2)
743eeb0bSSasha Levin		return -1;
8f4216c7SJason Wang
8f4216c7SJason Wang	/* If r2->len == 0, match the exact address.  If r2->len != 0,
8f4216c7SJason Wang	 * accept any overlapping write.  Any order is acceptable for
8f4216c7SJason Wang	 * overlapping ranges, because kvm_io_bus_get_first_dev ensures
8f4216c7SJason Wang	 * we process all of them.
8f4216c7SJason Wang	 */
8f4216c7SJason Wang	if (r2->len) {
8f4216c7SJason Wang		addr1 += r1->len;
8f4216c7SJason Wang		addr2 += r2->len;
8f4216c7SJason Wang	}
8f4216c7SJason Wang
8f4216c7SJason Wang	if (addr1 > addr2)
743eeb0bSSasha Levin		return 1;
8f4216c7SJason Wang
743eeb0bSSasha Levin	return 0;
743eeb0bSSasha Levin}
743eeb0bSSasha Levin
a343c9b7SPaolo Bonzinistatic int kvm_io_bus_sort_cmp(const void *p1, const void *p2)
a343c9b7SPaolo Bonzini{
c21fbff1SPaolo Bonzini	return kvm_io_bus_cmp(p1, p2);
a343c9b7SPaolo Bonzini}
a343c9b7SPaolo Bonzini
39369f7aSGeoff Levandstatic int kvm_io_bus_get_first_dev(struct kvm_io_bus *bus,
743eeb0bSSasha Levin			     gpa_t addr, int len)
743eeb0bSSasha Levin{
743eeb0bSSasha Levin	struct kvm_io_range *range, key;
743eeb0bSSasha Levin	int off;
743eeb0bSSasha Levin
743eeb0bSSasha Levin	key = (struct kvm_io_range) {
743eeb0bSSasha Levin		.addr = addr,
743eeb0bSSasha Levin		.len = len,
743eeb0bSSasha Levin	};
743eeb0bSSasha Levin
743eeb0bSSasha Levin	range = bsearch(&key, bus->range, bus->dev_count,
743eeb0bSSasha Levin			sizeof(struct kvm_io_range), kvm_io_bus_sort_cmp);
743eeb0bSSasha Levin	if (range == NULL)
743eeb0bSSasha Levin		return -ENOENT;
743eeb0bSSasha Levin
743eeb0bSSasha Levin	off = range - bus->range;
743eeb0bSSasha Levin
c21fbff1SPaolo Bonzini	while (off > 0 && kvm_io_bus_cmp(&key, &bus->range[off-1]) == 0)
743eeb0bSSasha Levin		off--;
743eeb0bSSasha Levin
743eeb0bSSasha Levin	return off;
743eeb0bSSasha Levin}
743eeb0bSSasha Levin
e32edf4fSNikolay Nikolaevstatic int __kvm_io_bus_write(struct kvm_vcpu *vcpu, struct kvm_io_bus *bus,
126a5af5SCornelia Huck			      struct kvm_io_range *range, const void *val)
126a5af5SCornelia Huck{
126a5af5SCornelia Huck	int idx;
126a5af5SCornelia Huck
126a5af5SCornelia Huck	idx = kvm_io_bus_get_first_dev(bus, range->addr, range->len);
126a5af5SCornelia Huck	if (idx < 0)
126a5af5SCornelia Huck		return -EOPNOTSUPP;
126a5af5SCornelia Huck
126a5af5SCornelia Huck	while (idx < bus->dev_count &&
c21fbff1SPaolo Bonzini		kvm_io_bus_cmp(range, &bus->range[idx]) == 0) {
e32edf4fSNikolay Nikolaev		if (!kvm_iodevice_write(vcpu, bus->range[idx].dev, range->addr,
126a5af5SCornelia Huck					range->len, val))
126a5af5SCornelia Huck			return idx;
126a5af5SCornelia Huck		idx++;
126a5af5SCornelia Huck	}
126a5af5SCornelia Huck
126a5af5SCornelia Huck	return -EOPNOTSUPP;
126a5af5SCornelia Huck}
126a5af5SCornelia Huck
bda9020eSMichael S. Tsirkin/* kvm_io_bus_write - called under kvm->slots_lock */
e32edf4fSNikolay Nikolaevint kvm_io_bus_write(struct kvm_vcpu *vcpu, enum kvm_bus bus_idx, gpa_t addr,
bda9020eSMichael S. Tsirkin		     int len, const void *val)
0fce5623SAvi Kivity{
126a5af5SCornelia Huck	struct kvm_io_bus *bus;
126a5af5SCornelia Huck	struct kvm_io_range range;
126a5af5SCornelia Huck	int r;
126a5af5SCornelia Huck
126a5af5SCornelia Huck	range = (struct kvm_io_range) {
126a5af5SCornelia Huck		.addr = addr,
126a5af5SCornelia Huck		.len = len,
126a5af5SCornelia Huck	};
126a5af5SCornelia Huck
e32edf4fSNikolay Nikolaev	bus = srcu_dereference(vcpu->kvm->buses[bus_idx], &vcpu->kvm->srcu);
90db1043SDavid Hildenbrand	if (!bus)
90db1043SDavid Hildenbrand		return -ENOMEM;
e32edf4fSNikolay Nikolaev	r = __kvm_io_bus_write(vcpu, bus, &range, val);
126a5af5SCornelia Huck	return r < 0 ? r : 0;
126a5af5SCornelia Huck}
a2420107SLeo YanEXPORT_SYMBOL_GPL(kvm_io_bus_write);
126a5af5SCornelia Huck
126a5af5SCornelia Huck/* kvm_io_bus_write_cookie - called under kvm->slots_lock */
e32edf4fSNikolay Nikolaevint kvm_io_bus_write_cookie(struct kvm_vcpu *vcpu, enum kvm_bus bus_idx,
e32edf4fSNikolay Nikolaev			    gpa_t addr, int len, const void *val, long cookie)
126a5af5SCornelia Huck{
90d83dc3SLai Jiangshan	struct kvm_io_bus *bus;
743eeb0bSSasha Levin	struct kvm_io_range range;
743eeb0bSSasha Levin
743eeb0bSSasha Levin	range = (struct kvm_io_range) {
743eeb0bSSasha Levin		.addr = addr,
743eeb0bSSasha Levin		.len = len,
743eeb0bSSasha Levin	};
90d83dc3SLai Jiangshan
e32edf4fSNikolay Nikolaev	bus = srcu_dereference(vcpu->kvm->buses[bus_idx], &vcpu->kvm->srcu);
90db1043SDavid Hildenbrand	if (!bus)
90db1043SDavid Hildenbrand		return -ENOMEM;
126a5af5SCornelia Huck
126a5af5SCornelia Huck	/* First try the device referenced by cookie. */
126a5af5SCornelia Huck	if ((cookie >= 0) && (cookie < bus->dev_count) &&
c21fbff1SPaolo Bonzini	    (kvm_io_bus_cmp(&range, &bus->range[cookie]) == 0))
e32edf4fSNikolay Nikolaev		if (!kvm_iodevice_write(vcpu, bus->range[cookie].dev, addr, len,
126a5af5SCornelia Huck					val))
126a5af5SCornelia Huck			return cookie;
126a5af5SCornelia Huck
126a5af5SCornelia Huck	/*
126a5af5SCornelia Huck	 * cookie contained garbage; fall back to search and return the
126a5af5SCornelia Huck	 * correct cookie value.
126a5af5SCornelia Huck	 */
e32edf4fSNikolay Nikolaev	return __kvm_io_bus_write(vcpu, bus, &range, val);
126a5af5SCornelia Huck}
126a5af5SCornelia Huck
e32edf4fSNikolay Nikolaevstatic int __kvm_io_bus_read(struct kvm_vcpu *vcpu, struct kvm_io_bus *bus,
e32edf4fSNikolay Nikolaev			     struct kvm_io_range *range, void *val)
126a5af5SCornelia Huck{
126a5af5SCornelia Huck	int idx;
126a5af5SCornelia Huck
126a5af5SCornelia Huck	idx = kvm_io_bus_get_first_dev(bus, range->addr, range->len);
743eeb0bSSasha Levin	if (idx < 0)
743eeb0bSSasha Levin		return -EOPNOTSUPP;
743eeb0bSSasha Levin
743eeb0bSSasha Levin	while (idx < bus->dev_count &&
c21fbff1SPaolo Bonzini		kvm_io_bus_cmp(range, &bus->range[idx]) == 0) {
e32edf4fSNikolay Nikolaev		if (!kvm_iodevice_read(vcpu, bus->range[idx].dev, range->addr,
126a5af5SCornelia Huck				       range->len, val))
126a5af5SCornelia Huck			return idx;
743eeb0bSSasha Levin		idx++;
743eeb0bSSasha Levin	}
743eeb0bSSasha Levin
bda9020eSMichael S. Tsirkin	return -EOPNOTSUPP;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
bda9020eSMichael S. Tsirkin/* kvm_io_bus_read - called under kvm->slots_lock */
e32edf4fSNikolay Nikolaevint kvm_io_bus_read(struct kvm_vcpu *vcpu, enum kvm_bus bus_idx, gpa_t addr,
e93f8a0fSMarcelo Tosatti		    int len, void *val)
bda9020eSMichael S. Tsirkin{
126a5af5SCornelia Huck	struct kvm_io_bus *bus;
126a5af5SCornelia Huck	struct kvm_io_range range;
126a5af5SCornelia Huck	int r;
126a5af5SCornelia Huck
126a5af5SCornelia Huck	range = (struct kvm_io_range) {
126a5af5SCornelia Huck		.addr = addr,
126a5af5SCornelia Huck		.len = len,
126a5af5SCornelia Huck	};
126a5af5SCornelia Huck
e32edf4fSNikolay Nikolaev	bus = srcu_dereference(vcpu->kvm->buses[bus_idx], &vcpu->kvm->srcu);
90db1043SDavid Hildenbrand	if (!bus)
90db1043SDavid Hildenbrand		return -ENOMEM;
e32edf4fSNikolay Nikolaev	r = __kvm_io_bus_read(vcpu, bus, &range, val);
126a5af5SCornelia Huck	return r < 0 ? r : 0;
126a5af5SCornelia Huck}
126a5af5SCornelia Huck
79fac95eSMarcelo Tosatti/* Caller must hold slots_lock. */
743eeb0bSSasha Levinint kvm_io_bus_register_dev(struct kvm *kvm, enum kvm_bus bus_idx, gpa_t addr,
743eeb0bSSasha Levin			    int len, struct kvm_io_device *dev)
090b7affSGregory Haskins{
d4c67a7aSGal Hammer	int i;
e93f8a0fSMarcelo Tosatti	struct kvm_io_bus *new_bus, *bus;
d4c67a7aSGal Hammer	struct kvm_io_range range;
090b7affSGregory Haskins
4a12f951SChristian Borntraeger	bus = kvm_get_bus(kvm, bus_idx);
90db1043SDavid Hildenbrand	if (!bus)
90db1043SDavid Hildenbrand		return -ENOMEM;
90db1043SDavid Hildenbrand
6ea34c9bSAmos Kong	/* exclude ioeventfd which is limited by maximum fd */
6ea34c9bSAmos Kong	if (bus->dev_count - bus->ioeventfd_count > NR_IOBUS_DEVS - 1)
090b7affSGregory Haskins		return -ENOSPC;
090b7affSGregory Haskins
90952cd3SGustavo A. R. Silva	new_bus = kmalloc(struct_size(bus, range, bus->dev_count + 1),
b12ce36aSBen Gardon			  GFP_KERNEL_ACCOUNT);
e93f8a0fSMarcelo Tosatti	if (!new_bus)
e93f8a0fSMarcelo Tosatti		return -ENOMEM;
d4c67a7aSGal Hammer
d4c67a7aSGal Hammer	range = (struct kvm_io_range) {
d4c67a7aSGal Hammer		.addr = addr,
d4c67a7aSGal Hammer		.len = len,
d4c67a7aSGal Hammer		.dev = dev,
d4c67a7aSGal Hammer	};
d4c67a7aSGal Hammer
d4c67a7aSGal Hammer	for (i = 0; i < bus->dev_count; i++)
d4c67a7aSGal Hammer		if (kvm_io_bus_cmp(&bus->range[i], &range) > 0)
d4c67a7aSGal Hammer			break;
d4c67a7aSGal Hammer
d4c67a7aSGal Hammer	memcpy(new_bus, bus, sizeof(*bus) + i * sizeof(struct kvm_io_range));
d4c67a7aSGal Hammer	new_bus->dev_count++;
d4c67a7aSGal Hammer	new_bus->range[i] = range;
d4c67a7aSGal Hammer	memcpy(new_bus->range + i + 1, bus->range + i,
d4c67a7aSGal Hammer		(bus->dev_count - i) * sizeof(struct kvm_io_range));
e93f8a0fSMarcelo Tosatti	rcu_assign_pointer(kvm->buses[bus_idx], new_bus);
e93f8a0fSMarcelo Tosatti	synchronize_srcu_expedited(&kvm->srcu);
e93f8a0fSMarcelo Tosatti	kfree(bus);
090b7affSGregory Haskins
090b7affSGregory Haskins	return 0;
090b7affSGregory Haskins}
090b7affSGregory Haskins
5d3c4c79SSean Christophersonint kvm_io_bus_unregister_dev(struct kvm *kvm, enum kvm_bus bus_idx,
6c474694SMichael S. Tsirkin			      struct kvm_io_device *dev)
6c474694SMichael S. Tsirkin{
5ea5ca3cSWei Wang	int i;
e93f8a0fSMarcelo Tosatti	struct kvm_io_bus *new_bus, *bus;
6c474694SMichael S. Tsirkin
7c896d37SSean Christopherson	lockdep_assert_held(&kvm->slots_lock);
7c896d37SSean Christopherson
4a12f951SChristian Borntraeger	bus = kvm_get_bus(kvm, bus_idx);
df630b8cSPeter Xu	if (!bus)
5d3c4c79SSean Christopherson		return 0;
df630b8cSPeter Xu
7c896d37SSean Christopherson	for (i = 0; i < bus->dev_count; i++) {
a1300716SAmos Kong		if (bus->range[i].dev == dev) {
090b7affSGregory Haskins			break;
090b7affSGregory Haskins		}
7c896d37SSean Christopherson	}
e93f8a0fSMarcelo Tosatti
90db1043SDavid Hildenbrand	if (i == bus->dev_count)
5d3c4c79SSean Christopherson		return 0;
a1300716SAmos Kong
90952cd3SGustavo A. R. Silva	new_bus = kmalloc(struct_size(bus, range, bus->dev_count - 1),
b12ce36aSBen Gardon			  GFP_KERNEL_ACCOUNT);
f6588660SRustam Kovhaev	if (new_bus) {
871c433bSRustam Kovhaev		memcpy(new_bus, bus, struct_size(bus, range, i));
a1300716SAmos Kong		new_bus->dev_count--;
a1300716SAmos Kong		memcpy(new_bus->range + i, bus->range + i + 1,
871c433bSRustam Kovhaev				flex_array_size(new_bus, range, new_bus->dev_count - i));
2ee37574SSean Christopherson	}
2ee37574SSean Christopherson
2ee37574SSean Christopherson	rcu_assign_pointer(kvm->buses[bus_idx], new_bus);
2ee37574SSean Christopherson	synchronize_srcu_expedited(&kvm->srcu);
2ee37574SSean Christopherson
5ea5ca3cSWei Wang	/*
5ea5ca3cSWei Wang	 * If NULL bus is installed, destroy the old bus, including all the
5ea5ca3cSWei Wang	 * attached devices. Otherwise, destroy the caller's device only.
5ea5ca3cSWei Wang	 */
2ee37574SSean Christopherson	if (!new_bus) {
f6588660SRustam Kovhaev		pr_err("kvm: failed to shrink bus, removing it completely\n");
5ea5ca3cSWei Wang		kvm_io_bus_destroy(bus);
5ea5ca3cSWei Wang		return -ENOMEM;
f6588660SRustam Kovhaev	}
e93f8a0fSMarcelo Tosatti
5ea5ca3cSWei Wang	kvm_iodevice_destructor(dev);
e93f8a0fSMarcelo Tosatti	kfree(bus);
5ea5ca3cSWei Wang	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
8a39d006SAndre Przywarastruct kvm_io_device *kvm_io_bus_get_dev(struct kvm *kvm, enum kvm_bus bus_idx,
8a39d006SAndre Przywara					 gpa_t addr)
8a39d006SAndre Przywara{
8a39d006SAndre Przywara	struct kvm_io_bus *bus;
8a39d006SAndre Przywara	int dev_idx, srcu_idx;
8a39d006SAndre Przywara	struct kvm_io_device *iodev = NULL;
8a39d006SAndre Przywara
8a39d006SAndre Przywara	srcu_idx = srcu_read_lock(&kvm->srcu);
8a39d006SAndre Przywara
8a39d006SAndre Przywara	bus = srcu_dereference(kvm->buses[bus_idx], &kvm->srcu);
90db1043SDavid Hildenbrand	if (!bus)
90db1043SDavid Hildenbrand		goto out_unlock;
8a39d006SAndre Przywara
8a39d006SAndre Przywara	dev_idx = kvm_io_bus_get_first_dev(bus, addr, 1);
8a39d006SAndre Przywara	if (dev_idx < 0)
8a39d006SAndre Przywara		goto out_unlock;
8a39d006SAndre Przywara
8a39d006SAndre Przywara	iodev = bus->range[dev_idx].dev;
8a39d006SAndre Przywara
8a39d006SAndre Przywaraout_unlock:
8a39d006SAndre Przywara	srcu_read_unlock(&kvm->srcu, srcu_idx);
8a39d006SAndre Przywara
8a39d006SAndre Przywara	return iodev;
8a39d006SAndre Przywara}
8a39d006SAndre PrzywaraEXPORT_SYMBOL_GPL(kvm_io_bus_get_dev);
8a39d006SAndre Przywara
536a6f88SJanosch Frankstatic int kvm_debugfs_open(struct inode *inode, struct file *file,
536a6f88SJanosch Frank			   int (*get)(void *, u64 *), int (*set)(void *, u64),
536a6f88SJanosch Frank			   const char *fmt)
536a6f88SJanosch Frank{
180418e2SHou Wenlong	int ret;
14aa40a1SLi kunyu	struct kvm_stat_data *stat_data = inode->i_private;
536a6f88SJanosch Frank
605c7130SPeter Xu	/*
605c7130SPeter Xu	 * The debugfs files are a reference to the kvm struct which
605c7130SPeter Xu        * is still valid when kvm_destroy_vm is called.  kvm_get_kvm_safe
605c7130SPeter Xu        * avoids the race between open and the removal of the debugfs directory.
536a6f88SJanosch Frank	 */
605c7130SPeter Xu	if (!kvm_get_kvm_safe(stat_data->kvm))
536a6f88SJanosch Frank		return -ENOENT;
536a6f88SJanosch Frank
180418e2SHou Wenlong	ret = simple_attr_open(inode, file, get,
bc9e9e67SJing Zhang			       kvm_stats_debugfs_mode(stat_data->desc) & 0222
180418e2SHou Wenlong			       ? set : NULL, fmt);
180418e2SHou Wenlong	if (ret)
536a6f88SJanosch Frank		kvm_put_kvm(stat_data->kvm);
536a6f88SJanosch Frank
180418e2SHou Wenlong	return ret;
536a6f88SJanosch Frank}
536a6f88SJanosch Frank
536a6f88SJanosch Frankstatic int kvm_debugfs_release(struct inode *inode, struct file *file)
536a6f88SJanosch Frank{
14aa40a1SLi kunyu	struct kvm_stat_data *stat_data = inode->i_private;
536a6f88SJanosch Frank
536a6f88SJanosch Frank	simple_attr_release(inode, file);
536a6f88SJanosch Frank	kvm_put_kvm(stat_data->kvm);
536a6f88SJanosch Frank
536a6f88SJanosch Frank	return 0;
536a6f88SJanosch Frank}
536a6f88SJanosch Frank
09cbcef6SMilan Pandurovstatic int kvm_get_stat_per_vm(struct kvm *kvm, size_t offset, u64 *val)
536a6f88SJanosch Frank{
bc9e9e67SJing Zhang	*val = *(u64 *)((void *)(&kvm->stat) + offset);
536a6f88SJanosch Frank
536a6f88SJanosch Frank	return 0;
536a6f88SJanosch Frank}
536a6f88SJanosch Frank
09cbcef6SMilan Pandurovstatic int kvm_clear_stat_per_vm(struct kvm *kvm, size_t offset)
ce35ef27SSuraj Jitindar Singh{
bc9e9e67SJing Zhang	*(u64 *)((void *)(&kvm->stat) + offset) = 0;
ce35ef27SSuraj Jitindar Singh
ce35ef27SSuraj Jitindar Singh	return 0;
ce35ef27SSuraj Jitindar Singh}
ce35ef27SSuraj Jitindar Singh
09cbcef6SMilan Pandurovstatic int kvm_get_stat_per_vcpu(struct kvm *kvm, size_t offset, u64 *val)
536a6f88SJanosch Frank{
46808a4cSMarc Zyngier	unsigned long i;
536a6f88SJanosch Frank	struct kvm_vcpu *vcpu;
536a6f88SJanosch Frank
536a6f88SJanosch Frank	*val = 0;
536a6f88SJanosch Frank
09cbcef6SMilan Pandurov	kvm_for_each_vcpu(i, vcpu, kvm)
bc9e9e67SJing Zhang		*val += *(u64 *)((void *)(&vcpu->stat) + offset);
536a6f88SJanosch Frank
536a6f88SJanosch Frank	return 0;
536a6f88SJanosch Frank}
536a6f88SJanosch Frank
09cbcef6SMilan Pandurovstatic int kvm_clear_stat_per_vcpu(struct kvm *kvm, size_t offset)
ce35ef27SSuraj Jitindar Singh{
46808a4cSMarc Zyngier	unsigned long i;
ce35ef27SSuraj Jitindar Singh	struct kvm_vcpu *vcpu;
ce35ef27SSuraj Jitindar Singh
09cbcef6SMilan Pandurov	kvm_for_each_vcpu(i, vcpu, kvm)
bc9e9e67SJing Zhang		*(u64 *)((void *)(&vcpu->stat) + offset) = 0;
09cbcef6SMilan Pandurov
09cbcef6SMilan Pandurov	return 0;
09cbcef6SMilan Pandurov}
09cbcef6SMilan Pandurov
09cbcef6SMilan Pandurovstatic int kvm_stat_data_get(void *data, u64 *val)
09cbcef6SMilan Pandurov{
09cbcef6SMilan Pandurov	int r = -EFAULT;
14aa40a1SLi kunyu	struct kvm_stat_data *stat_data = data;
09cbcef6SMilan Pandurov
bc9e9e67SJing Zhang	switch (stat_data->kind) {
09cbcef6SMilan Pandurov	case KVM_STAT_VM:
09cbcef6SMilan Pandurov		r = kvm_get_stat_per_vm(stat_data->kvm,
bc9e9e67SJing Zhang					stat_data->desc->desc.offset, val);
09cbcef6SMilan Pandurov		break;
09cbcef6SMilan Pandurov	case KVM_STAT_VCPU:
09cbcef6SMilan Pandurov		r = kvm_get_stat_per_vcpu(stat_data->kvm,
bc9e9e67SJing Zhang					  stat_data->desc->desc.offset, val);
09cbcef6SMilan Pandurov		break;
09cbcef6SMilan Pandurov	}
09cbcef6SMilan Pandurov
09cbcef6SMilan Pandurov	return r;
09cbcef6SMilan Pandurov}
09cbcef6SMilan Pandurov
09cbcef6SMilan Pandurovstatic int kvm_stat_data_clear(void *data, u64 val)
09cbcef6SMilan Pandurov{
09cbcef6SMilan Pandurov	int r = -EFAULT;
14aa40a1SLi kunyu	struct kvm_stat_data *stat_data = data;
09cbcef6SMilan Pandurov
ce35ef27SSuraj Jitindar Singh	if (val)
ce35ef27SSuraj Jitindar Singh		return -EINVAL;
ce35ef27SSuraj Jitindar Singh
bc9e9e67SJing Zhang	switch (stat_data->kind) {
09cbcef6SMilan Pandurov	case KVM_STAT_VM:
09cbcef6SMilan Pandurov		r = kvm_clear_stat_per_vm(stat_data->kvm,
bc9e9e67SJing Zhang					  stat_data->desc->desc.offset);
09cbcef6SMilan Pandurov		break;
09cbcef6SMilan Pandurov	case KVM_STAT_VCPU:
09cbcef6SMilan Pandurov		r = kvm_clear_stat_per_vcpu(stat_data->kvm,
bc9e9e67SJing Zhang					    stat_data->desc->desc.offset);
09cbcef6SMilan Pandurov		break;
ce35ef27SSuraj Jitindar Singh	}
ce35ef27SSuraj Jitindar Singh
09cbcef6SMilan Pandurov	return r;
09cbcef6SMilan Pandurov}
09cbcef6SMilan Pandurov
09cbcef6SMilan Pandurovstatic int kvm_stat_data_open(struct inode *inode, struct file *file)
536a6f88SJanosch Frank{
536a6f88SJanosch Frank	__simple_attr_check_format("%llu\n", 0ull);
09cbcef6SMilan Pandurov	return kvm_debugfs_open(inode, file, kvm_stat_data_get,
09cbcef6SMilan Pandurov				kvm_stat_data_clear, "%llu\n");
536a6f88SJanosch Frank}
536a6f88SJanosch Frank
09cbcef6SMilan Pandurovstatic const struct file_operations stat_fops_per_vm = {
536a6f88SJanosch Frank	.owner = THIS_MODULE,
09cbcef6SMilan Pandurov	.open = kvm_stat_data_open,
536a6f88SJanosch Frank	.release = kvm_debugfs_release,
536a6f88SJanosch Frank	.read = simple_attr_read,
536a6f88SJanosch Frank	.write = simple_attr_write,
3bed8888SGeliang Tang	.llseek = no_llseek,
536a6f88SJanosch Frank};
536a6f88SJanosch Frank
8b88b099SChristoph Hellwigstatic int vm_stat_get(void *_offset, u64 *val)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	unsigned offset = (long)_offset;
0fce5623SAvi Kivity	struct kvm *kvm;
536a6f88SJanosch Frank	u64 tmp_val;
0fce5623SAvi Kivity
8b88b099SChristoph Hellwig	*val = 0;
0d9ce162SJunaid Shahid	mutex_lock(&kvm_lock);
536a6f88SJanosch Frank	list_for_each_entry(kvm, &vm_list, vm_list) {
09cbcef6SMilan Pandurov		kvm_get_stat_per_vm(kvm, offset, &tmp_val);
536a6f88SJanosch Frank		*val += tmp_val;
536a6f88SJanosch Frank	}
0d9ce162SJunaid Shahid	mutex_unlock(&kvm_lock);
8b88b099SChristoph Hellwig	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
ce35ef27SSuraj Jitindar Singhstatic int vm_stat_clear(void *_offset, u64 val)
ce35ef27SSuraj Jitindar Singh{
ce35ef27SSuraj Jitindar Singh	unsigned offset = (long)_offset;
ce35ef27SSuraj Jitindar Singh	struct kvm *kvm;
ce35ef27SSuraj Jitindar Singh
ce35ef27SSuraj Jitindar Singh	if (val)
ce35ef27SSuraj Jitindar Singh		return -EINVAL;
ce35ef27SSuraj Jitindar Singh
0d9ce162SJunaid Shahid	mutex_lock(&kvm_lock);
ce35ef27SSuraj Jitindar Singh	list_for_each_entry(kvm, &vm_list, vm_list) {
09cbcef6SMilan Pandurov		kvm_clear_stat_per_vm(kvm, offset);
ce35ef27SSuraj Jitindar Singh	}
0d9ce162SJunaid Shahid	mutex_unlock(&kvm_lock);
ce35ef27SSuraj Jitindar Singh
ce35ef27SSuraj Jitindar Singh	return 0;
ce35ef27SSuraj Jitindar Singh}
ce35ef27SSuraj Jitindar Singh
ce35ef27SSuraj Jitindar SinghDEFINE_SIMPLE_ATTRIBUTE(vm_stat_fops, vm_stat_get, vm_stat_clear, "%llu\n");
bc9e9e67SJing ZhangDEFINE_SIMPLE_ATTRIBUTE(vm_stat_readonly_fops, vm_stat_get, NULL, "%llu\n");
0fce5623SAvi Kivity
8b88b099SChristoph Hellwigstatic int vcpu_stat_get(void *_offset, u64 *val)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	unsigned offset = (long)_offset;
0fce5623SAvi Kivity	struct kvm *kvm;
536a6f88SJanosch Frank	u64 tmp_val;
0fce5623SAvi Kivity
8b88b099SChristoph Hellwig	*val = 0;
0d9ce162SJunaid Shahid	mutex_lock(&kvm_lock);
536a6f88SJanosch Frank	list_for_each_entry(kvm, &vm_list, vm_list) {
09cbcef6SMilan Pandurov		kvm_get_stat_per_vcpu(kvm, offset, &tmp_val);
536a6f88SJanosch Frank		*val += tmp_val;
536a6f88SJanosch Frank	}
0d9ce162SJunaid Shahid	mutex_unlock(&kvm_lock);
8b88b099SChristoph Hellwig	return 0;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
ce35ef27SSuraj Jitindar Singhstatic int vcpu_stat_clear(void *_offset, u64 val)
ce35ef27SSuraj Jitindar Singh{
ce35ef27SSuraj Jitindar Singh	unsigned offset = (long)_offset;
ce35ef27SSuraj Jitindar Singh	struct kvm *kvm;
ce35ef27SSuraj Jitindar Singh
ce35ef27SSuraj Jitindar Singh	if (val)
ce35ef27SSuraj Jitindar Singh		return -EINVAL;
ce35ef27SSuraj Jitindar Singh
0d9ce162SJunaid Shahid	mutex_lock(&kvm_lock);
ce35ef27SSuraj Jitindar Singh	list_for_each_entry(kvm, &vm_list, vm_list) {
09cbcef6SMilan Pandurov		kvm_clear_stat_per_vcpu(kvm, offset);
ce35ef27SSuraj Jitindar Singh	}
0d9ce162SJunaid Shahid	mutex_unlock(&kvm_lock);
ce35ef27SSuraj Jitindar Singh
ce35ef27SSuraj Jitindar Singh	return 0;
ce35ef27SSuraj Jitindar Singh}
ce35ef27SSuraj Jitindar Singh
ce35ef27SSuraj Jitindar SinghDEFINE_SIMPLE_ATTRIBUTE(vcpu_stat_fops, vcpu_stat_get, vcpu_stat_clear,
ce35ef27SSuraj Jitindar Singh			"%llu\n");
bc9e9e67SJing ZhangDEFINE_SIMPLE_ATTRIBUTE(vcpu_stat_readonly_fops, vcpu_stat_get, NULL, "%llu\n");
0fce5623SAvi Kivity
286de8f6SClaudio Imbrendastatic void kvm_uevent_notify_change(unsigned int type, struct kvm *kvm)
286de8f6SClaudio Imbrenda{
286de8f6SClaudio Imbrenda	struct kobj_uevent_env *env;
286de8f6SClaudio Imbrenda	unsigned long long created, active;
286de8f6SClaudio Imbrenda
286de8f6SClaudio Imbrenda	if (!kvm_dev.this_device || !kvm)
286de8f6SClaudio Imbrenda		return;
286de8f6SClaudio Imbrenda
0d9ce162SJunaid Shahid	mutex_lock(&kvm_lock);
286de8f6SClaudio Imbrenda	if (type == KVM_EVENT_CREATE_VM) {
286de8f6SClaudio Imbrenda		kvm_createvm_count++;
286de8f6SClaudio Imbrenda		kvm_active_vms++;
286de8f6SClaudio Imbrenda	} else if (type == KVM_EVENT_DESTROY_VM) {
286de8f6SClaudio Imbrenda		kvm_active_vms--;
286de8f6SClaudio Imbrenda	}
286de8f6SClaudio Imbrenda	created = kvm_createvm_count;
286de8f6SClaudio Imbrenda	active = kvm_active_vms;
0d9ce162SJunaid Shahid	mutex_unlock(&kvm_lock);
286de8f6SClaudio Imbrenda
b12ce36aSBen Gardon	env = kzalloc(sizeof(*env), GFP_KERNEL_ACCOUNT);
286de8f6SClaudio Imbrenda	if (!env)
286de8f6SClaudio Imbrenda		return;
286de8f6SClaudio Imbrenda
286de8f6SClaudio Imbrenda	add_uevent_var(env, "CREATED=%llu", created);
286de8f6SClaudio Imbrenda	add_uevent_var(env, "COUNT=%llu", active);
286de8f6SClaudio Imbrenda
fdeaf7e3SClaudio Imbrenda	if (type == KVM_EVENT_CREATE_VM) {
286de8f6SClaudio Imbrenda		add_uevent_var(env, "EVENT=create");
fdeaf7e3SClaudio Imbrenda		kvm->userspace_pid = task_pid_nr(current);
fdeaf7e3SClaudio Imbrenda	} else if (type == KVM_EVENT_DESTROY_VM) {
286de8f6SClaudio Imbrenda		add_uevent_var(env, "EVENT=destroy");
fdeaf7e3SClaudio Imbrenda	}
fdeaf7e3SClaudio Imbrenda	add_uevent_var(env, "PID=%d", kvm->userspace_pid);
286de8f6SClaudio Imbrenda
a44a4cc1SOliver Upton	if (!IS_ERR(kvm->debugfs_dentry)) {
b12ce36aSBen Gardon		char *tmp, *p = kmalloc(PATH_MAX, GFP_KERNEL_ACCOUNT);
286de8f6SClaudio Imbrenda
fdeaf7e3SClaudio Imbrenda		if (p) {
fdeaf7e3SClaudio Imbrenda			tmp = dentry_path_raw(kvm->debugfs_dentry, p, PATH_MAX);
fdeaf7e3SClaudio Imbrenda			if (!IS_ERR(tmp))
fdeaf7e3SClaudio Imbrenda				add_uevent_var(env, "STATS_PATH=%s", tmp);
fdeaf7e3SClaudio Imbrenda			kfree(p);
286de8f6SClaudio Imbrenda		}
286de8f6SClaudio Imbrenda	}
286de8f6SClaudio Imbrenda	/* no need for checks, since we are adding at most only 5 keys */
286de8f6SClaudio Imbrenda	env->envp[env->envp_idx++] = NULL;
286de8f6SClaudio Imbrenda	kobject_uevent_env(&kvm_dev.this_device->kobj, KOBJ_CHANGE, env->envp);
286de8f6SClaudio Imbrenda	kfree(env);
286de8f6SClaudio Imbrenda}
286de8f6SClaudio Imbrenda
929f45e3SGreg Kroah-Hartmanstatic void kvm_init_debug(void)
0fce5623SAvi Kivity{
bc9e9e67SJing Zhang	const struct file_operations *fops;
bc9e9e67SJing Zhang	const struct _kvm_stats_desc *pdesc;
bc9e9e67SJing Zhang	int i;
0fce5623SAvi Kivity
76f7c879SHollis Blanchard	kvm_debugfs_dir = debugfs_create_dir("kvm", NULL);
4f69b680SHamo
bc9e9e67SJing Zhang	for (i = 0; i < kvm_vm_stats_header.num_desc; ++i) {
bc9e9e67SJing Zhang		pdesc = &kvm_vm_stats_desc[i];
bc9e9e67SJing Zhang		if (kvm_stats_debugfs_mode(pdesc) & 0222)
bc9e9e67SJing Zhang			fops = &vm_stat_fops;
bc9e9e67SJing Zhang		else
bc9e9e67SJing Zhang			fops = &vm_stat_readonly_fops;
bc9e9e67SJing Zhang		debugfs_create_file(pdesc->name, kvm_stats_debugfs_mode(pdesc),
bc9e9e67SJing Zhang				kvm_debugfs_dir,
bc9e9e67SJing Zhang				(void *)(long)pdesc->desc.offset, fops);
bc9e9e67SJing Zhang	}
bc9e9e67SJing Zhang
bc9e9e67SJing Zhang	for (i = 0; i < kvm_vcpu_stats_header.num_desc; ++i) {
bc9e9e67SJing Zhang		pdesc = &kvm_vcpu_stats_desc[i];
bc9e9e67SJing Zhang		if (kvm_stats_debugfs_mode(pdesc) & 0222)
bc9e9e67SJing Zhang			fops = &vcpu_stat_fops;
bc9e9e67SJing Zhang		else
bc9e9e67SJing Zhang			fops = &vcpu_stat_readonly_fops;
bc9e9e67SJing Zhang		debugfs_create_file(pdesc->name, kvm_stats_debugfs_mode(pdesc),
bc9e9e67SJing Zhang				kvm_debugfs_dir,
bc9e9e67SJing Zhang				(void *)(long)pdesc->desc.offset, fops);
4f69b680SHamo	}
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic inline
0fce5623SAvi Kivitystruct kvm_vcpu *preempt_notifier_to_vcpu(struct preempt_notifier *pn)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	return container_of(pn, struct kvm_vcpu, preempt_notifier);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic void kvm_sched_in(struct preempt_notifier *pn, int cpu)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	struct kvm_vcpu *vcpu = preempt_notifier_to_vcpu(pn);
f95ef0cdSXiubo Li
046ddeedSWanpeng Li	WRITE_ONCE(vcpu->preempted, false);
d73eb57bSWanpeng Li	WRITE_ONCE(vcpu->ready, false);
0fce5623SAvi Kivity
7495e22bSPaolo Bonzini	__this_cpu_write(kvm_running_vcpu, vcpu);
e790d9efSRadim Krčmář	kvm_arch_sched_in(vcpu, cpu);
0fce5623SAvi Kivity	kvm_arch_vcpu_load(vcpu, cpu);
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
0fce5623SAvi Kivitystatic void kvm_sched_out(struct preempt_notifier *pn,
0fce5623SAvi Kivity			  struct task_struct *next)
0fce5623SAvi Kivity{
0fce5623SAvi Kivity	struct kvm_vcpu *vcpu = preempt_notifier_to_vcpu(pn);
0fce5623SAvi Kivity
3ba9f93bSPeter Zijlstra	if (current->on_rq) {
046ddeedSWanpeng Li		WRITE_ONCE(vcpu->preempted, true);
d73eb57bSWanpeng Li		WRITE_ONCE(vcpu->ready, true);
d73eb57bSWanpeng Li	}
0fce5623SAvi Kivity	kvm_arch_vcpu_put(vcpu);
7495e22bSPaolo Bonzini	__this_cpu_write(kvm_running_vcpu, NULL);
7495e22bSPaolo Bonzini}
7495e22bSPaolo Bonzini
7495e22bSPaolo Bonzini/**
7495e22bSPaolo Bonzini * kvm_get_running_vcpu - get the vcpu running on the current CPU.
1f03b2bcSMarc Zyngier *
1f03b2bcSMarc Zyngier * We can disable preemption locally around accessing the per-CPU variable,
1f03b2bcSMarc Zyngier * and use the resolved vcpu pointer after enabling preemption again,
1f03b2bcSMarc Zyngier * because even if the current thread is migrated to another CPU, reading
1f03b2bcSMarc Zyngier * the per-CPU value later will give us the same value as we update the
1f03b2bcSMarc Zyngier * per-CPU variable in the preempt notifier handlers.
7495e22bSPaolo Bonzini */
7495e22bSPaolo Bonzinistruct kvm_vcpu *kvm_get_running_vcpu(void)
7495e22bSPaolo Bonzini{
1f03b2bcSMarc Zyngier	struct kvm_vcpu *vcpu;
1f03b2bcSMarc Zyngier
1f03b2bcSMarc Zyngier	preempt_disable();
1f03b2bcSMarc Zyngier	vcpu = __this_cpu_read(kvm_running_vcpu);
1f03b2bcSMarc Zyngier	preempt_enable();
1f03b2bcSMarc Zyngier
1f03b2bcSMarc Zyngier	return vcpu;
7495e22bSPaolo Bonzini}
379a3c8eSWanpeng LiEXPORT_SYMBOL_GPL(kvm_get_running_vcpu);
7495e22bSPaolo Bonzini
7495e22bSPaolo Bonzini/**
7495e22bSPaolo Bonzini * kvm_get_running_vcpus - get the per-CPU array of currently running vcpus.
7495e22bSPaolo Bonzini */
7495e22bSPaolo Bonzinistruct kvm_vcpu * __percpu *kvm_get_running_vcpus(void)
7495e22bSPaolo Bonzini{
7495e22bSPaolo Bonzini        return &kvm_running_vcpu;
0fce5623SAvi Kivity}
0fce5623SAvi Kivity
e1bfc245SSean Christopherson#ifdef CONFIG_GUEST_PERF_EVENTS
e1bfc245SSean Christophersonstatic unsigned int kvm_guest_state(void)
e1bfc245SSean Christopherson{
e1bfc245SSean Christopherson	struct kvm_vcpu *vcpu = kvm_get_running_vcpu();
e1bfc245SSean Christopherson	unsigned int state;
e1bfc245SSean Christopherson
e1bfc245SSean Christopherson	if (!kvm_arch_pmi_in_guest(vcpu))
e1bfc245SSean Christopherson		return 0;
e1bfc245SSean Christopherson
e1bfc245SSean Christopherson	state = PERF_GUEST_ACTIVE;
e1bfc245SSean Christopherson	if (!kvm_arch_vcpu_in_kernel(vcpu))
e1bfc245SSean Christopherson		state |= PERF_GUEST_USER;
e1bfc245SSean Christopherson
e1bfc245SSean Christopherson	return state;
e1bfc245SSean Christopherson}
e1bfc245SSean Christopherson
e1bfc245SSean Christophersonstatic unsigned long kvm_guest_get_ip(void)
e1bfc245SSean Christopherson{
e1bfc245SSean Christopherson	struct kvm_vcpu *vcpu = kvm_get_running_vcpu();
e1bfc245SSean Christopherson
e1bfc245SSean Christopherson	/* Retrieving the IP must be guarded by a call to kvm_guest_state(). */
e1bfc245SSean Christopherson	if (WARN_ON_ONCE(!kvm_arch_pmi_in_guest(vcpu)))
e1bfc245SSean Christopherson		return 0;
e1bfc245SSean Christopherson
e1bfc245SSean Christopherson	return kvm_arch_vcpu_get_ip(vcpu);
e1bfc245SSean Christopherson}
e1bfc245SSean Christopherson
e1bfc245SSean Christophersonstatic struct perf_guest_info_callbacks kvm_guest_cbs = {
e1bfc245SSean Christopherson	.state			= kvm_guest_state,
e1bfc245SSean Christopherson	.get_ip			= kvm_guest_get_ip,
e1bfc245SSean Christopherson	.handle_intel_pt_intr	= NULL,
e1bfc245SSean Christopherson};
e1bfc245SSean Christopherson
e1bfc245SSean Christophersonvoid kvm_register_perf_callbacks(unsigned int (*pt_intr_handler)(void))
e1bfc245SSean Christopherson{
e1bfc245SSean Christopherson	kvm_guest_cbs.handle_intel_pt_intr = pt_intr_handler;
e1bfc245SSean Christopherson	perf_register_guest_info_callbacks(&kvm_guest_cbs);
e1bfc245SSean Christopherson}
e1bfc245SSean Christophersonvoid kvm_unregister_perf_callbacks(void)
e1bfc245SSean Christopherson{
e1bfc245SSean Christopherson	perf_unregister_guest_info_callbacks(&kvm_guest_cbs);
e1bfc245SSean Christopherson}
e1bfc245SSean Christopherson#endif
e1bfc245SSean Christopherson
81a1cf9fSSean Christophersonint kvm_init(unsigned vcpu_size, unsigned vcpu_align, struct module *module)
f257d6dcSSean Christopherson{
0fce5623SAvi Kivity	int r;
0fce5623SAvi Kivity	int cpu;
0fce5623SAvi Kivity
441f7bfaSSean Christopherson#ifdef CONFIG_KVM_GENERIC_HARDWARE_ENABLING
aaf12a7bSChao Gao	r = cpuhp_setup_state_nocalls(CPUHP_AP_KVM_ONLINE, "kvm/cpu:online",
aaf12a7bSChao Gao				      kvm_online_cpu, kvm_offline_cpu);
0fce5623SAvi Kivity	if (r)
37d25881SSean Christopherson		return r;
37d25881SSean Christopherson
35774a9fSSean Christopherson	register_syscore_ops(&kvm_syscore_ops);
441f7bfaSSean Christopherson#endif
0fce5623SAvi Kivity
0fce5623SAvi Kivity	/* A kmem cache lets us meet the alignment requirements of fx_save. */
0ee75beaSAvi Kivity	if (!vcpu_align)
0ee75beaSAvi Kivity		vcpu_align = __alignof__(struct kvm_vcpu);
46515736SPaolo Bonzini	kvm_vcpu_cache =
46515736SPaolo Bonzini		kmem_cache_create_usercopy("kvm_vcpu", vcpu_size, vcpu_align,
46515736SPaolo Bonzini					   SLAB_ACCOUNT,
46515736SPaolo Bonzini					   offsetof(struct kvm_vcpu, arch),
ce55c049SJing Zhang					   offsetofend(struct kvm_vcpu, stats_id)
ce55c049SJing Zhang					   - offsetof(struct kvm_vcpu, arch),
46515736SPaolo Bonzini					   NULL);
0fce5623SAvi Kivity	if (!kvm_vcpu_cache) {
0fce5623SAvi Kivity		r = -ENOMEM;
9f1a4c00SSean Christopherson		goto err_vcpu_cache;
0fce5623SAvi Kivity	}
0fce5623SAvi Kivity
baff59ccSVitaly Kuznetsov	for_each_possible_cpu(cpu) {
baff59ccSVitaly Kuznetsov		if (!alloc_cpumask_var_node(&per_cpu(cpu_kick_mask, cpu),
baff59ccSVitaly Kuznetsov					    GFP_KERNEL, cpu_to_node(cpu))) {
baff59ccSVitaly Kuznetsov			r = -ENOMEM;
9f1a4c00SSean Christopherson			goto err_cpu_kick_mask;
baff59ccSVitaly Kuznetsov		}
baff59ccSVitaly Kuznetsov	}
baff59ccSVitaly Kuznetsov
5910ccf0SSean Christopherson	r = kvm_irqfd_init();
5910ccf0SSean Christopherson	if (r)
5910ccf0SSean Christopherson		goto err_irqfd;
5910ccf0SSean Christopherson
af585b92SGleb Natapov	r = kvm_async_pf_init();
af585b92SGleb Natapov	if (r)
5910ccf0SSean Christopherson		goto err_async_pf;
af585b92SGleb Natapov
0fce5623SAvi Kivity	kvm_chardev_ops.owner = module;
0fce5623SAvi Kivity
0fce5623SAvi Kivity	kvm_preempt_ops.sched_in = kvm_sched_in;
0fce5623SAvi Kivity	kvm_preempt_ops.sched_out = kvm_sched_out;
0fce5623SAvi Kivity
929f45e3SGreg Kroah-Hartman	kvm_init_debug();
0ea4ed8eSDarrick J. Wong
3c3c29fdSPaolo Bonzini	r = kvm_vfio_ops_init();
2b012812SSean Christopherson	if (WARN_ON_ONCE(r))
2b012812SSean Christopherson		goto err_vfio;
2b012812SSean Christopherson
2b012812SSean Christopherson	/*
2b012812SSean Christopherson	 * Registration _must_ be the very last thing done, as this exposes
2b012812SSean Christopherson	 * /dev/kvm to userspace, i.e. all infrastructure must be setup!
2b012812SSean Christopherson	 */
2b012812SSean Christopherson	r = misc_register(&kvm_dev);
2b012812SSean Christopherson	if (r) {
2b012812SSean Christopherson		pr_err("kvm: misc device register failed\n");
2b012812SSean Christopherson		goto err_register;
2b012812SSean Christopherson	}
3c3c29fdSPaolo Bonzini
0fce5623SAvi Kivity	return 0;
0fce5623SAvi Kivity
2b012812SSean Christophersonerr_register:
2b012812SSean Christopherson	kvm_vfio_ops_exit();
2b012812SSean Christophersonerr_vfio:
af585b92SGleb Natapov	kvm_async_pf_deinit();
5910ccf0SSean Christophersonerr_async_pf:
5910ccf0SSean Christopherson	kvm_irqfd_exit();
5910ccf0SSean Christophersonerr_irqfd:
9f1a4c00SSean Christophersonerr_cpu_kick_mask:
baff59ccSVitaly Kuznetsov	for_each_possible_cpu(cpu)
baff59ccSVitaly Kuznetsov		free_cpumask_var(per_cpu(cpu_kick_mask, cpu));
0fce5623SAvi Kivity	kmem_cache_destroy(kvm_vcpu_cache);
9f1a4c00SSean Christophersonerr_vcpu_cache:
441f7bfaSSean Christopherson#ifdef CONFIG_KVM_GENERIC_HARDWARE_ENABLING
35774a9fSSean Christopherson	unregister_syscore_ops(&kvm_syscore_ops);
aaf12a7bSChao Gao	cpuhp_remove_state_nocalls(CPUHP_AP_KVM_ONLINE);
441f7bfaSSean Christopherson#endif
0fce5623SAvi Kivity	return r;
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_init);
0fce5623SAvi Kivity
0fce5623SAvi Kivityvoid kvm_exit(void)
0fce5623SAvi Kivity{
baff59ccSVitaly Kuznetsov	int cpu;
baff59ccSVitaly Kuznetsov
2b012812SSean Christopherson	/*
2b012812SSean Christopherson	 * Note, unregistering /dev/kvm doesn't strictly need to come first,
2b012812SSean Christopherson	 * fops_get(), a.k.a. try_module_get(), prevents acquiring references
2b012812SSean Christopherson	 * to KVM while the module is being stopped.
2b012812SSean Christopherson	 */
0fce5623SAvi Kivity	misc_deregister(&kvm_dev);
2b012812SSean Christopherson
2b012812SSean Christopherson	debugfs_remove_recursive(kvm_debugfs_dir);
baff59ccSVitaly Kuznetsov	for_each_possible_cpu(cpu)
baff59ccSVitaly Kuznetsov		free_cpumask_var(per_cpu(cpu_kick_mask, cpu));
0fce5623SAvi Kivity	kmem_cache_destroy(kvm_vcpu_cache);
73b8dc04SSean Christopherson	kvm_vfio_ops_exit();
af585b92SGleb Natapov	kvm_async_pf_deinit();
441f7bfaSSean Christopherson#ifdef CONFIG_KVM_GENERIC_HARDWARE_ENABLING
fb3600ccSRafael J. Wysocki	unregister_syscore_ops(&kvm_syscore_ops);
aaf12a7bSChao Gao	cpuhp_remove_state_nocalls(CPUHP_AP_KVM_ONLINE);
441f7bfaSSean Christopherson#endif
5910ccf0SSean Christopherson	kvm_irqfd_exit();
0fce5623SAvi Kivity}
0fce5623SAvi KivityEXPORT_SYMBOL_GPL(kvm_exit);
c57c8046SJunaid Shahid
c57c8046SJunaid Shahidstruct kvm_vm_worker_thread_context {
c57c8046SJunaid Shahid	struct kvm *kvm;
c57c8046SJunaid Shahid	struct task_struct *parent;
c57c8046SJunaid Shahid	struct completion init_done;
c57c8046SJunaid Shahid	kvm_vm_thread_fn_t thread_fn;
c57c8046SJunaid Shahid	uintptr_t data;
c57c8046SJunaid Shahid	int err;
c57c8046SJunaid Shahid};
c57c8046SJunaid Shahid
c57c8046SJunaid Shahidstatic int kvm_vm_worker_thread(void *context)
c57c8046SJunaid Shahid{
c57c8046SJunaid Shahid	/*
c57c8046SJunaid Shahid	 * The init_context is allocated on the stack of the parent thread, so
c57c8046SJunaid Shahid	 * we have to locally copy anything that is needed beyond initialization
c57c8046SJunaid Shahid	 */
c57c8046SJunaid Shahid	struct kvm_vm_worker_thread_context *init_context = context;
e45cce30SVipin Sharma	struct task_struct *parent;
c57c8046SJunaid Shahid	struct kvm *kvm = init_context->kvm;
c57c8046SJunaid Shahid	kvm_vm_thread_fn_t thread_fn = init_context->thread_fn;
c57c8046SJunaid Shahid	uintptr_t data = init_context->data;
c57c8046SJunaid Shahid	int err;
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	err = kthread_park(current);
c57c8046SJunaid Shahid	/* kthread_park(current) is never supposed to return an error */
c57c8046SJunaid Shahid	WARN_ON(err != 0);
c57c8046SJunaid Shahid	if (err)
c57c8046SJunaid Shahid		goto init_complete;
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	err = cgroup_attach_task_all(init_context->parent, current);
c57c8046SJunaid Shahid	if (err) {
c57c8046SJunaid Shahid		kvm_err("%s: cgroup_attach_task_all failed with err %d\n",
c57c8046SJunaid Shahid			__func__, err);
c57c8046SJunaid Shahid		goto init_complete;
c57c8046SJunaid Shahid	}
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	set_user_nice(current, task_nice(init_context->parent));
c57c8046SJunaid Shahid
c57c8046SJunaid Shahidinit_complete:
c57c8046SJunaid Shahid	init_context->err = err;
c57c8046SJunaid Shahid	complete(&init_context->init_done);
c57c8046SJunaid Shahid	init_context = NULL;
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	if (err)
e45cce30SVipin Sharma		goto out;
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	/* Wait to be woken up by the spawner before proceeding. */
c57c8046SJunaid Shahid	kthread_parkme();
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	if (!kthread_should_stop())
c57c8046SJunaid Shahid		err = thread_fn(kvm, data);
c57c8046SJunaid Shahid
e45cce30SVipin Sharmaout:
e45cce30SVipin Sharma	/*
e45cce30SVipin Sharma	 * Move kthread back to its original cgroup to prevent it lingering in
e45cce30SVipin Sharma	 * the cgroup of the VM process, after the latter finishes its
e45cce30SVipin Sharma	 * execution.
e45cce30SVipin Sharma	 *
e45cce30SVipin Sharma	 * kthread_stop() waits on the 'exited' completion condition which is
e45cce30SVipin Sharma	 * set in exit_mm(), via mm_release(), in do_exit(). However, the
e45cce30SVipin Sharma	 * kthread is removed from the cgroup in the cgroup_exit() which is
e45cce30SVipin Sharma	 * called after the exit_mm(). This causes the kthread_stop() to return
e45cce30SVipin Sharma	 * before the kthread actually quits the cgroup.
e45cce30SVipin Sharma	 */
e45cce30SVipin Sharma	rcu_read_lock();
e45cce30SVipin Sharma	parent = rcu_dereference(current->real_parent);
e45cce30SVipin Sharma	get_task_struct(parent);
e45cce30SVipin Sharma	rcu_read_unlock();
e45cce30SVipin Sharma	cgroup_attach_task_all(parent, current);
e45cce30SVipin Sharma	put_task_struct(parent);
e45cce30SVipin Sharma
c57c8046SJunaid Shahid	return err;
c57c8046SJunaid Shahid}
c57c8046SJunaid Shahid
c57c8046SJunaid Shahidint kvm_vm_create_worker_thread(struct kvm *kvm, kvm_vm_thread_fn_t thread_fn,
c57c8046SJunaid Shahid				uintptr_t data, const char *name,
c57c8046SJunaid Shahid				struct task_struct **thread_ptr)
c57c8046SJunaid Shahid{
c57c8046SJunaid Shahid	struct kvm_vm_worker_thread_context init_context = {};
c57c8046SJunaid Shahid	struct task_struct *thread;
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	*thread_ptr = NULL;
c57c8046SJunaid Shahid	init_context.kvm = kvm;
c57c8046SJunaid Shahid	init_context.parent = current;
c57c8046SJunaid Shahid	init_context.thread_fn = thread_fn;
c57c8046SJunaid Shahid	init_context.data = data;
c57c8046SJunaid Shahid	init_completion(&init_context.init_done);
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	thread = kthread_run(kvm_vm_worker_thread, &init_context,
c57c8046SJunaid Shahid			     "%s-%d", name, task_pid_nr(current));
c57c8046SJunaid Shahid	if (IS_ERR(thread))
c57c8046SJunaid Shahid		return PTR_ERR(thread);
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	/* kthread_run is never supposed to return NULL */
c57c8046SJunaid Shahid	WARN_ON(thread == NULL);
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	wait_for_completion(&init_context.init_done);
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	if (!init_context.err)
c57c8046SJunaid Shahid		*thread_ptr = thread;
c57c8046SJunaid Shahid
c57c8046SJunaid Shahid	return init_context.err;
c57c8046SJunaid Shahid}