powerpc/kvm/book3s_64_mmu_hv.c

de56a948SPaul Mackerras/*
de56a948SPaul Mackerras * This program is free software; you can redistribute it and/or modify
de56a948SPaul Mackerras * it under the terms of the GNU General Public License, version 2, as
de56a948SPaul Mackerras * published by the Free Software Foundation.
de56a948SPaul Mackerras *
de56a948SPaul Mackerras * This program is distributed in the hope that it will be useful,
de56a948SPaul Mackerras * but WITHOUT ANY WARRANTY; without even the implied warranty of
de56a948SPaul Mackerras * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
de56a948SPaul Mackerras * GNU General Public License for more details.
de56a948SPaul Mackerras *
de56a948SPaul Mackerras * You should have received a copy of the GNU General Public License
de56a948SPaul Mackerras * along with this program; if not, write to the Free Software
de56a948SPaul Mackerras * Foundation, 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
de56a948SPaul Mackerras *
de56a948SPaul Mackerras * Copyright 2010 Paul Mackerras, IBM Corp. <paulus@au1.ibm.com>
de56a948SPaul Mackerras */
de56a948SPaul Mackerras
de56a948SPaul Mackerras#include <linux/types.h>
de56a948SPaul Mackerras#include <linux/string.h>
de56a948SPaul Mackerras#include <linux/kvm.h>
de56a948SPaul Mackerras#include <linux/kvm_host.h>
de56a948SPaul Mackerras#include <linux/highmem.h>
de56a948SPaul Mackerras#include <linux/gfp.h>
de56a948SPaul Mackerras#include <linux/slab.h>
de56a948SPaul Mackerras#include <linux/hugetlb.h>
8936dda4SPaul Mackerras#include <linux/vmalloc.h>
2c9097e4SPaul Mackerras#include <linux/srcu.h>
a2932923SPaul Mackerras#include <linux/anon_inodes.h>
a2932923SPaul Mackerras#include <linux/file.h>
de56a948SPaul Mackerras
de56a948SPaul Mackerras#include <asm/tlbflush.h>
de56a948SPaul Mackerras#include <asm/kvm_ppc.h>
de56a948SPaul Mackerras#include <asm/kvm_book3s.h>
de56a948SPaul Mackerras#include <asm/mmu-hash64.h>
de56a948SPaul Mackerras#include <asm/hvcall.h>
de56a948SPaul Mackerras#include <asm/synch.h>
de56a948SPaul Mackerras#include <asm/ppc-opcode.h>
de56a948SPaul Mackerras#include <asm/cputable.h>
de56a948SPaul Mackerras
990978e9SAneesh Kumar K.V#include "book3s_hv_cma.h"
990978e9SAneesh Kumar K.V
9e368f29SPaul Mackerras/* POWER7 has 10-bit LPIDs, PPC970 has 6-bit LPIDs */
9e368f29SPaul Mackerras#define MAX_LPID_970	63
de56a948SPaul Mackerras
32fad281SPaul Mackerras/* Power architecture requires HPT is at least 256kB */
32fad281SPaul Mackerras#define PPC_MIN_HPT_ORDER	18
32fad281SPaul Mackerras
7ed661bfSPaul Mackerrasstatic long kvmppc_virtmode_do_h_enter(struct kvm *kvm, unsigned long flags,
7ed661bfSPaul Mackerras				long pte_index, unsigned long pteh,
7ed661bfSPaul Mackerras				unsigned long ptel, unsigned long *pte_idx_ret);
a64fd707SPaul Mackerrasstatic void kvmppc_rmap_reset(struct kvm *kvm);
7ed661bfSPaul Mackerras
32fad281SPaul Mackerraslong kvmppc_alloc_hpt(struct kvm *kvm, u32 *htab_orderp)
de56a948SPaul Mackerras{
de56a948SPaul Mackerras	unsigned long hpt;
8936dda4SPaul Mackerras	struct revmap_entry *rev;
fa61a4e3SAneesh Kumar K.V	struct page *page = NULL;
fa61a4e3SAneesh Kumar K.V	long order = KVM_DEFAULT_HPT_ORDER;
de56a948SPaul Mackerras
32fad281SPaul Mackerras	if (htab_orderp) {
32fad281SPaul Mackerras		order = *htab_orderp;
32fad281SPaul Mackerras		if (order < PPC_MIN_HPT_ORDER)
32fad281SPaul Mackerras			order = PPC_MIN_HPT_ORDER;
32fad281SPaul Mackerras	}
32fad281SPaul Mackerras
fa61a4e3SAneesh Kumar K.V	kvm->arch.hpt_cma_alloc = 0;
32fad281SPaul Mackerras	/*
32fad281SPaul Mackerras	 * try first to allocate it from the kernel page allocator.
fa61a4e3SAneesh Kumar K.V	 * We keep the CMA reserved for failed allocation.
32fad281SPaul Mackerras	 */
32fad281SPaul Mackerras	hpt = __get_free_pages(GFP_KERNEL | __GFP_ZERO | __GFP_REPEAT |
32fad281SPaul Mackerras			       __GFP_NOWARN, order - PAGE_SHIFT);
32fad281SPaul Mackerras
32fad281SPaul Mackerras	/* Next try to allocate from the preallocated pool */
32fad281SPaul Mackerras	if (!hpt) {
990978e9SAneesh Kumar K.V		VM_BUG_ON(order < KVM_CMA_CHUNK_ORDER);
fa61a4e3SAneesh Kumar K.V		page = kvm_alloc_hpt(1 << (order - PAGE_SHIFT));
fa61a4e3SAneesh Kumar K.V		if (page) {
fa61a4e3SAneesh Kumar K.V			hpt = (unsigned long)pfn_to_kaddr(page_to_pfn(page));
fa61a4e3SAneesh Kumar K.V			kvm->arch.hpt_cma_alloc = 1;
fa61a4e3SAneesh Kumar K.V		} else
fa61a4e3SAneesh Kumar K.V			--order;
d2a1b483SAlexander Graf	}
d2a1b483SAlexander Graf
32fad281SPaul Mackerras	/* Lastly try successively smaller sizes from the page allocator */
32fad281SPaul Mackerras	while (!hpt && order > PPC_MIN_HPT_ORDER) {
32fad281SPaul Mackerras		hpt = __get_free_pages(GFP_KERNEL|__GFP_ZERO|__GFP_REPEAT|
32fad281SPaul Mackerras				       __GFP_NOWARN, order - PAGE_SHIFT);
32fad281SPaul Mackerras		if (!hpt)
32fad281SPaul Mackerras			--order;
de56a948SPaul Mackerras	}
32fad281SPaul Mackerras
32fad281SPaul Mackerras	if (!hpt)
32fad281SPaul Mackerras		return -ENOMEM;
32fad281SPaul Mackerras
de56a948SPaul Mackerras	kvm->arch.hpt_virt = hpt;
32fad281SPaul Mackerras	kvm->arch.hpt_order = order;
32fad281SPaul Mackerras	/* HPTEs are 2**4 bytes long */
32fad281SPaul Mackerras	kvm->arch.hpt_npte = 1ul << (order - 4);
32fad281SPaul Mackerras	/* 128 (2**7) bytes in each HPTEG */
32fad281SPaul Mackerras	kvm->arch.hpt_mask = (1ul << (order - 7)) - 1;
de56a948SPaul Mackerras
8936dda4SPaul Mackerras	/* Allocate reverse map array */
32fad281SPaul Mackerras	rev = vmalloc(sizeof(struct revmap_entry) * kvm->arch.hpt_npte);
8936dda4SPaul Mackerras	if (!rev) {
8936dda4SPaul Mackerras		pr_err("kvmppc_alloc_hpt: Couldn't alloc reverse map array\n");
8936dda4SPaul Mackerras		goto out_freehpt;
8936dda4SPaul Mackerras	}
8936dda4SPaul Mackerras	kvm->arch.revmap = rev;
32fad281SPaul Mackerras	kvm->arch.sdr1 = __pa(hpt) | (order - 18);
8936dda4SPaul Mackerras
32fad281SPaul Mackerras	pr_info("KVM guest htab at %lx (order %ld), LPID %x\n",
32fad281SPaul Mackerras		hpt, order, kvm->arch.lpid);
de56a948SPaul Mackerras
32fad281SPaul Mackerras	if (htab_orderp)
32fad281SPaul Mackerras		*htab_orderp = order;
de56a948SPaul Mackerras	return 0;
8936dda4SPaul Mackerras
8936dda4SPaul Mackerras out_freehpt:
fa61a4e3SAneesh Kumar K.V	if (kvm->arch.hpt_cma_alloc)
fa61a4e3SAneesh Kumar K.V		kvm_release_hpt(page, 1 << (order - PAGE_SHIFT));
32fad281SPaul Mackerras	else
32fad281SPaul Mackerras		free_pages(hpt, order - PAGE_SHIFT);
8936dda4SPaul Mackerras	return -ENOMEM;
de56a948SPaul Mackerras}
de56a948SPaul Mackerras
32fad281SPaul Mackerraslong kvmppc_alloc_reset_hpt(struct kvm *kvm, u32 *htab_orderp)
32fad281SPaul Mackerras{
32fad281SPaul Mackerras	long err = -EBUSY;
32fad281SPaul Mackerras	long order;
32fad281SPaul Mackerras
32fad281SPaul Mackerras	mutex_lock(&kvm->lock);
32fad281SPaul Mackerras	if (kvm->arch.rma_setup_done) {
32fad281SPaul Mackerras		kvm->arch.rma_setup_done = 0;
32fad281SPaul Mackerras		/* order rma_setup_done vs. vcpus_running */
32fad281SPaul Mackerras		smp_mb();
32fad281SPaul Mackerras		if (atomic_read(&kvm->arch.vcpus_running)) {
32fad281SPaul Mackerras			kvm->arch.rma_setup_done = 1;
32fad281SPaul Mackerras			goto out;
32fad281SPaul Mackerras		}
32fad281SPaul Mackerras	}
32fad281SPaul Mackerras	if (kvm->arch.hpt_virt) {
32fad281SPaul Mackerras		order = kvm->arch.hpt_order;
32fad281SPaul Mackerras		/* Set the entire HPT to 0, i.e. invalid HPTEs */
32fad281SPaul Mackerras		memset((void *)kvm->arch.hpt_virt, 0, 1ul << order);
32fad281SPaul Mackerras		/*
a64fd707SPaul Mackerras		 * Reset all the reverse-mapping chains for all memslots
a64fd707SPaul Mackerras		 */
a64fd707SPaul Mackerras		kvmppc_rmap_reset(kvm);
1b400ba0SPaul Mackerras		/* Ensure that each vcpu will flush its TLB on next entry. */
1b400ba0SPaul Mackerras		cpumask_setall(&kvm->arch.need_tlb_flush);
32fad281SPaul Mackerras		*htab_orderp = order;
32fad281SPaul Mackerras		err = 0;
32fad281SPaul Mackerras	} else {
32fad281SPaul Mackerras		err = kvmppc_alloc_hpt(kvm, htab_orderp);
32fad281SPaul Mackerras		order = *htab_orderp;
32fad281SPaul Mackerras	}
32fad281SPaul Mackerras out:
32fad281SPaul Mackerras	mutex_unlock(&kvm->lock);
32fad281SPaul Mackerras	return err;
32fad281SPaul Mackerras}
32fad281SPaul Mackerras
de56a948SPaul Mackerrasvoid kvmppc_free_hpt(struct kvm *kvm)
de56a948SPaul Mackerras{
043cc4d7SScott Wood	kvmppc_free_lpid(kvm->arch.lpid);
8936dda4SPaul Mackerras	vfree(kvm->arch.revmap);
fa61a4e3SAneesh Kumar K.V	if (kvm->arch.hpt_cma_alloc)
fa61a4e3SAneesh Kumar K.V		kvm_release_hpt(virt_to_page(kvm->arch.hpt_virt),
fa61a4e3SAneesh Kumar K.V				1 << (kvm->arch.hpt_order - PAGE_SHIFT));
d2a1b483SAlexander Graf	else
32fad281SPaul Mackerras		free_pages(kvm->arch.hpt_virt,
32fad281SPaul Mackerras			   kvm->arch.hpt_order - PAGE_SHIFT);
de56a948SPaul Mackerras}
de56a948SPaul Mackerras
da9d1d7fSPaul Mackerras/* Bits in first HPTE dword for pagesize 4k, 64k or 16M */
da9d1d7fSPaul Mackerrasstatic inline unsigned long hpte0_pgsize_encoding(unsigned long pgsize)
de56a948SPaul Mackerras{
da9d1d7fSPaul Mackerras	return (pgsize > 0x1000) ? HPTE_V_LARGE : 0;
da9d1d7fSPaul Mackerras}
da9d1d7fSPaul Mackerras
da9d1d7fSPaul Mackerras/* Bits in second HPTE dword for pagesize 4k, 64k or 16M */
da9d1d7fSPaul Mackerrasstatic inline unsigned long hpte1_pgsize_encoding(unsigned long pgsize)
da9d1d7fSPaul Mackerras{
da9d1d7fSPaul Mackerras	return (pgsize == 0x10000) ? 0x1000 : 0;
da9d1d7fSPaul Mackerras}
da9d1d7fSPaul Mackerras
da9d1d7fSPaul Mackerrasvoid kvmppc_map_vrma(struct kvm_vcpu *vcpu, struct kvm_memory_slot *memslot,
da9d1d7fSPaul Mackerras		     unsigned long porder)
da9d1d7fSPaul Mackerras{
de56a948SPaul Mackerras	unsigned long i;
b2b2f165SPaul Mackerras	unsigned long npages;
c77162deSPaul Mackerras	unsigned long hp_v, hp_r;
c77162deSPaul Mackerras	unsigned long addr, hash;
da9d1d7fSPaul Mackerras	unsigned long psize;
da9d1d7fSPaul Mackerras	unsigned long hp0, hp1;
7ed661bfSPaul Mackerras	unsigned long idx_ret;
c77162deSPaul Mackerras	long ret;
32fad281SPaul Mackerras	struct kvm *kvm = vcpu->kvm;
de56a948SPaul Mackerras
da9d1d7fSPaul Mackerras	psize = 1ul << porder;
da9d1d7fSPaul Mackerras	npages = memslot->npages >> (porder - PAGE_SHIFT);
de56a948SPaul Mackerras
de56a948SPaul Mackerras	/* VRMA can't be > 1TB */
8936dda4SPaul Mackerras	if (npages > 1ul << (40 - porder))
8936dda4SPaul Mackerras		npages = 1ul << (40 - porder);
de56a948SPaul Mackerras	/* Can't use more than 1 HPTE per HPTEG */
32fad281SPaul Mackerras	if (npages > kvm->arch.hpt_mask + 1)
32fad281SPaul Mackerras		npages = kvm->arch.hpt_mask + 1;
de56a948SPaul Mackerras
da9d1d7fSPaul Mackerras	hp0 = HPTE_V_1TB_SEG | (VRMA_VSID << (40 - 16)) |
da9d1d7fSPaul Mackerras		HPTE_V_BOLTED | hpte0_pgsize_encoding(psize);
da9d1d7fSPaul Mackerras	hp1 = hpte1_pgsize_encoding(psize) |
da9d1d7fSPaul Mackerras		HPTE_R_R | HPTE_R_C | HPTE_R_M | PP_RWXX;
da9d1d7fSPaul Mackerras
de56a948SPaul Mackerras	for (i = 0; i < npages; ++i) {
c77162deSPaul Mackerras		addr = i << porder;
de56a948SPaul Mackerras		/* can't use hpt_hash since va > 64 bits */
32fad281SPaul Mackerras		hash = (i ^ (VRMA_VSID ^ (VRMA_VSID << 25))) & kvm->arch.hpt_mask;
de56a948SPaul Mackerras		/*
de56a948SPaul Mackerras		 * We assume that the hash table is empty and no
de56a948SPaul Mackerras		 * vcpus are using it at this stage.  Since we create
de56a948SPaul Mackerras		 * at most one HPTE per HPTEG, we just assume entry 7
de56a948SPaul Mackerras		 * is available and use it.
de56a948SPaul Mackerras		 */
8936dda4SPaul Mackerras		hash = (hash << 3) + 7;
da9d1d7fSPaul Mackerras		hp_v = hp0 | ((addr >> 16) & ~0x7fUL);
da9d1d7fSPaul Mackerras		hp_r = hp1 | addr;
7ed661bfSPaul Mackerras		ret = kvmppc_virtmode_do_h_enter(kvm, H_EXACT, hash, hp_v, hp_r,
7ed661bfSPaul Mackerras						 &idx_ret);
c77162deSPaul Mackerras		if (ret != H_SUCCESS) {
c77162deSPaul Mackerras			pr_err("KVM: map_vrma at %lx failed, ret=%ld\n",
c77162deSPaul Mackerras			       addr, ret);
c77162deSPaul Mackerras			break;
c77162deSPaul Mackerras		}
de56a948SPaul Mackerras	}
de56a948SPaul Mackerras}
de56a948SPaul Mackerras
de56a948SPaul Mackerrasint kvmppc_mmu_hv_init(void)
de56a948SPaul Mackerras{
9e368f29SPaul Mackerras	unsigned long host_lpid, rsvd_lpid;
9e368f29SPaul Mackerras
9e368f29SPaul Mackerras	if (!cpu_has_feature(CPU_FTR_HVMODE))
de56a948SPaul Mackerras		return -EINVAL;
9e368f29SPaul Mackerras
043cc4d7SScott Wood	/* POWER7 has 10-bit LPIDs, PPC970 and e500mc have 6-bit LPIDs */
9e368f29SPaul Mackerras	if (cpu_has_feature(CPU_FTR_ARCH_206)) {
9e368f29SPaul Mackerras		host_lpid = mfspr(SPRN_LPID);	/* POWER7 */
9e368f29SPaul Mackerras		rsvd_lpid = LPID_RSVD;
9e368f29SPaul Mackerras	} else {
9e368f29SPaul Mackerras		host_lpid = 0;			/* PPC970 */
9e368f29SPaul Mackerras		rsvd_lpid = MAX_LPID_970;
9e368f29SPaul Mackerras	}
9e368f29SPaul Mackerras
043cc4d7SScott Wood	kvmppc_init_lpid(rsvd_lpid + 1);
043cc4d7SScott Wood
043cc4d7SScott Wood	kvmppc_claim_lpid(host_lpid);
9e368f29SPaul Mackerras	/* rsvd_lpid is reserved for use in partition switching */
043cc4d7SScott Wood	kvmppc_claim_lpid(rsvd_lpid);
de56a948SPaul Mackerras
de56a948SPaul Mackerras	return 0;
de56a948SPaul Mackerras}
de56a948SPaul Mackerras
de56a948SPaul Mackerrasstatic void kvmppc_mmu_book3s_64_hv_reset_msr(struct kvm_vcpu *vcpu)
de56a948SPaul Mackerras{
de56a948SPaul Mackerras	kvmppc_set_msr(vcpu, MSR_SF | MSR_ME);
de56a948SPaul Mackerras}
de56a948SPaul Mackerras
c77162deSPaul Mackerras/*
c77162deSPaul Mackerras * This is called to get a reference to a guest page if there isn't
a66b48c3SPaul Mackerras * one already in the memslot->arch.slot_phys[] array.
c77162deSPaul Mackerras */
c77162deSPaul Mackerrasstatic long kvmppc_get_guest_page(struct kvm *kvm, unsigned long gfn,
da9d1d7fSPaul Mackerras				  struct kvm_memory_slot *memslot,
da9d1d7fSPaul Mackerras				  unsigned long psize)
c77162deSPaul Mackerras{
c77162deSPaul Mackerras	unsigned long start;
da9d1d7fSPaul Mackerras	long np, err;
da9d1d7fSPaul Mackerras	struct page *page, *hpage, *pages[1];
da9d1d7fSPaul Mackerras	unsigned long s, pgsize;
c77162deSPaul Mackerras	unsigned long *physp;
9d0ef5eaSPaul Mackerras	unsigned int is_io, got, pgorder;
9d0ef5eaSPaul Mackerras	struct vm_area_struct *vma;
da9d1d7fSPaul Mackerras	unsigned long pfn, i, npages;
c77162deSPaul Mackerras
a66b48c3SPaul Mackerras	physp = memslot->arch.slot_phys;
c77162deSPaul Mackerras	if (!physp)
c77162deSPaul Mackerras		return -EINVAL;
da9d1d7fSPaul Mackerras	if (physp[gfn - memslot->base_gfn])
c77162deSPaul Mackerras		return 0;
c77162deSPaul Mackerras
9d0ef5eaSPaul Mackerras	is_io = 0;
9d0ef5eaSPaul Mackerras	got = 0;
c77162deSPaul Mackerras	page = NULL;
da9d1d7fSPaul Mackerras	pgsize = psize;
9d0ef5eaSPaul Mackerras	err = -EINVAL;
c77162deSPaul Mackerras	start = gfn_to_hva_memslot(memslot, gfn);
c77162deSPaul Mackerras
c77162deSPaul Mackerras	/* Instantiate and get the page we want access to */
c77162deSPaul Mackerras	np = get_user_pages_fast(start, 1, 1, pages);
9d0ef5eaSPaul Mackerras	if (np != 1) {
9d0ef5eaSPaul Mackerras		/* Look up the vma for the page */
9d0ef5eaSPaul Mackerras		down_read(&current->mm->mmap_sem);
9d0ef5eaSPaul Mackerras		vma = find_vma(current->mm, start);
9d0ef5eaSPaul Mackerras		if (!vma || vma->vm_start > start ||
9d0ef5eaSPaul Mackerras		    start + psize > vma->vm_end ||
9d0ef5eaSPaul Mackerras		    !(vma->vm_flags & VM_PFNMAP))
9d0ef5eaSPaul Mackerras			goto up_err;
9d0ef5eaSPaul Mackerras		is_io = hpte_cache_bits(pgprot_val(vma->vm_page_prot));
9d0ef5eaSPaul Mackerras		pfn = vma->vm_pgoff + ((start - vma->vm_start) >> PAGE_SHIFT);
9d0ef5eaSPaul Mackerras		/* check alignment of pfn vs. requested page size */
9d0ef5eaSPaul Mackerras		if (psize > PAGE_SIZE && (pfn & ((psize >> PAGE_SHIFT) - 1)))
9d0ef5eaSPaul Mackerras			goto up_err;
9d0ef5eaSPaul Mackerras		up_read(&current->mm->mmap_sem);
9d0ef5eaSPaul Mackerras
9d0ef5eaSPaul Mackerras	} else {
c77162deSPaul Mackerras		page = pages[0];
da9d1d7fSPaul Mackerras		got = KVMPPC_GOT_PAGE;
c77162deSPaul Mackerras
da9d1d7fSPaul Mackerras		/* See if this is a large page */
da9d1d7fSPaul Mackerras		s = PAGE_SIZE;
da9d1d7fSPaul Mackerras		if (PageHuge(page)) {
da9d1d7fSPaul Mackerras			hpage = compound_head(page);
da9d1d7fSPaul Mackerras			s <<= compound_order(hpage);
da9d1d7fSPaul Mackerras			/* Get the whole large page if slot alignment is ok */
da9d1d7fSPaul Mackerras			if (s > psize && slot_is_aligned(memslot, s) &&
da9d1d7fSPaul Mackerras			    !(memslot->userspace_addr & (s - 1))) {
da9d1d7fSPaul Mackerras				start &= ~(s - 1);
da9d1d7fSPaul Mackerras				pgsize = s;
de6c0b02SDavid Gibson				get_page(hpage);
de6c0b02SDavid Gibson				put_page(page);
da9d1d7fSPaul Mackerras				page = hpage;
c77162deSPaul Mackerras			}
da9d1d7fSPaul Mackerras		}
da9d1d7fSPaul Mackerras		if (s < psize)
da9d1d7fSPaul Mackerras			goto out;
c77162deSPaul Mackerras		pfn = page_to_pfn(page);
9d0ef5eaSPaul Mackerras	}
c77162deSPaul Mackerras
da9d1d7fSPaul Mackerras	npages = pgsize >> PAGE_SHIFT;
da9d1d7fSPaul Mackerras	pgorder = __ilog2(npages);
da9d1d7fSPaul Mackerras	physp += (gfn - memslot->base_gfn) & ~(npages - 1);
c77162deSPaul Mackerras	spin_lock(&kvm->arch.slot_phys_lock);
da9d1d7fSPaul Mackerras	for (i = 0; i < npages; ++i) {
da9d1d7fSPaul Mackerras		if (!physp[i]) {
9d0ef5eaSPaul Mackerras			physp[i] = ((pfn + i) << PAGE_SHIFT) +
9d0ef5eaSPaul Mackerras				got + is_io + pgorder;
da9d1d7fSPaul Mackerras			got = 0;
da9d1d7fSPaul Mackerras		}
da9d1d7fSPaul Mackerras	}
c77162deSPaul Mackerras	spin_unlock(&kvm->arch.slot_phys_lock);
da9d1d7fSPaul Mackerras	err = 0;
c77162deSPaul Mackerras
da9d1d7fSPaul Mackerras out:
de6c0b02SDavid Gibson	if (got)
da9d1d7fSPaul Mackerras		put_page(page);
da9d1d7fSPaul Mackerras	return err;
9d0ef5eaSPaul Mackerras
9d0ef5eaSPaul Mackerras up_err:
9d0ef5eaSPaul Mackerras	up_read(&current->mm->mmap_sem);
9d0ef5eaSPaul Mackerras	return err;
c77162deSPaul Mackerras}
c77162deSPaul Mackerras
7ed661bfSPaul Mackerraslong kvmppc_virtmode_do_h_enter(struct kvm *kvm, unsigned long flags,
7ed661bfSPaul Mackerras				long pte_index, unsigned long pteh,
7ed661bfSPaul Mackerras				unsigned long ptel, unsigned long *pte_idx_ret)
c77162deSPaul Mackerras{
c77162deSPaul Mackerras	unsigned long psize, gpa, gfn;
c77162deSPaul Mackerras	struct kvm_memory_slot *memslot;
c77162deSPaul Mackerras	long ret;
c77162deSPaul Mackerras
342d3db7SPaul Mackerras	if (kvm->arch.using_mmu_notifiers)
342d3db7SPaul Mackerras		goto do_insert;
342d3db7SPaul Mackerras
c77162deSPaul Mackerras	psize = hpte_page_size(pteh, ptel);
c77162deSPaul Mackerras	if (!psize)
c77162deSPaul Mackerras		return H_PARAMETER;
c77162deSPaul Mackerras
697d3899SPaul Mackerras	pteh &= ~(HPTE_V_HVLOCK | HPTE_V_ABSENT | HPTE_V_VALID);
697d3899SPaul Mackerras
c77162deSPaul Mackerras	/* Find the memslot (if any) for this address */
c77162deSPaul Mackerras	gpa = (ptel & HPTE_R_RPN) & ~(psize - 1);
c77162deSPaul Mackerras	gfn = gpa >> PAGE_SHIFT;
c77162deSPaul Mackerras	memslot = gfn_to_memslot(kvm, gfn);
697d3899SPaul Mackerras	if (memslot && !(memslot->flags & KVM_MEMSLOT_INVALID)) {
da9d1d7fSPaul Mackerras		if (!slot_is_aligned(memslot, psize))
da9d1d7fSPaul Mackerras			return H_PARAMETER;
da9d1d7fSPaul Mackerras		if (kvmppc_get_guest_page(kvm, gfn, memslot, psize) < 0)
c77162deSPaul Mackerras			return H_PARAMETER;
697d3899SPaul Mackerras	}
c77162deSPaul Mackerras
342d3db7SPaul Mackerras do_insert:
342d3db7SPaul Mackerras	/* Protect linux PTE lookup from page table destruction */
342d3db7SPaul Mackerras	rcu_read_lock_sched();	/* this disables preemption too */
7ed661bfSPaul Mackerras	ret = kvmppc_do_h_enter(kvm, flags, pte_index, pteh, ptel,
7ed661bfSPaul Mackerras				current->mm->pgd, false, pte_idx_ret);
342d3db7SPaul Mackerras	rcu_read_unlock_sched();
c77162deSPaul Mackerras	if (ret == H_TOO_HARD) {
c77162deSPaul Mackerras		/* this can't happen */
c77162deSPaul Mackerras		pr_err("KVM: Oops, kvmppc_h_enter returned too hard!\n");
c77162deSPaul Mackerras		ret = H_RESOURCE;	/* or something */
c77162deSPaul Mackerras	}
c77162deSPaul Mackerras	return ret;
c77162deSPaul Mackerras
c77162deSPaul Mackerras}
c77162deSPaul Mackerras
7ed661bfSPaul Mackerras/*
7ed661bfSPaul Mackerras * We come here on a H_ENTER call from the guest when we are not
7ed661bfSPaul Mackerras * using mmu notifiers and we don't have the requested page pinned
7ed661bfSPaul Mackerras * already.
7ed661bfSPaul Mackerras */
7ed661bfSPaul Mackerraslong kvmppc_virtmode_h_enter(struct kvm_vcpu *vcpu, unsigned long flags,
7ed661bfSPaul Mackerras			     long pte_index, unsigned long pteh,
7ed661bfSPaul Mackerras			     unsigned long ptel)
7ed661bfSPaul Mackerras{
7ed661bfSPaul Mackerras	return kvmppc_virtmode_do_h_enter(vcpu->kvm, flags, pte_index,
7ed661bfSPaul Mackerras					  pteh, ptel, &vcpu->arch.gpr[4]);
7ed661bfSPaul Mackerras}
7ed661bfSPaul Mackerras
697d3899SPaul Mackerrasstatic struct kvmppc_slb *kvmppc_mmu_book3s_hv_find_slbe(struct kvm_vcpu *vcpu,
697d3899SPaul Mackerras							 gva_t eaddr)
697d3899SPaul Mackerras{
697d3899SPaul Mackerras	u64 mask;
697d3899SPaul Mackerras	int i;
697d3899SPaul Mackerras
697d3899SPaul Mackerras	for (i = 0; i < vcpu->arch.slb_nr; i++) {
697d3899SPaul Mackerras		if (!(vcpu->arch.slb[i].orige & SLB_ESID_V))
697d3899SPaul Mackerras			continue;
697d3899SPaul Mackerras
697d3899SPaul Mackerras		if (vcpu->arch.slb[i].origv & SLB_VSID_B_1T)
697d3899SPaul Mackerras			mask = ESID_MASK_1T;
697d3899SPaul Mackerras		else
697d3899SPaul Mackerras			mask = ESID_MASK;
697d3899SPaul Mackerras
697d3899SPaul Mackerras		if (((vcpu->arch.slb[i].orige ^ eaddr) & mask) == 0)
697d3899SPaul Mackerras			return &vcpu->arch.slb[i];
697d3899SPaul Mackerras	}
697d3899SPaul Mackerras	return NULL;
697d3899SPaul Mackerras}
697d3899SPaul Mackerras
697d3899SPaul Mackerrasstatic unsigned long kvmppc_mmu_get_real_addr(unsigned long v, unsigned long r,
697d3899SPaul Mackerras			unsigned long ea)
697d3899SPaul Mackerras{
697d3899SPaul Mackerras	unsigned long ra_mask;
697d3899SPaul Mackerras
697d3899SPaul Mackerras	ra_mask = hpte_page_size(v, r) - 1;
697d3899SPaul Mackerras	return (r & HPTE_R_RPN & ~ra_mask) | (ea & ra_mask);
697d3899SPaul Mackerras}
697d3899SPaul Mackerras
de56a948SPaul Mackerrasstatic int kvmppc_mmu_book3s_64_hv_xlate(struct kvm_vcpu *vcpu, gva_t eaddr,
93b159b4SPaul Mackerras			struct kvmppc_pte *gpte, bool data, bool iswrite)
de56a948SPaul Mackerras{
697d3899SPaul Mackerras	struct kvm *kvm = vcpu->kvm;
697d3899SPaul Mackerras	struct kvmppc_slb *slbe;
697d3899SPaul Mackerras	unsigned long slb_v;
697d3899SPaul Mackerras	unsigned long pp, key;
697d3899SPaul Mackerras	unsigned long v, gr;
697d3899SPaul Mackerras	unsigned long *hptep;
697d3899SPaul Mackerras	int index;
697d3899SPaul Mackerras	int virtmode = vcpu->arch.shregs.msr & (data ? MSR_DR : MSR_IR);
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* Get SLB entry */
697d3899SPaul Mackerras	if (virtmode) {
697d3899SPaul Mackerras		slbe = kvmppc_mmu_book3s_hv_find_slbe(vcpu, eaddr);
697d3899SPaul Mackerras		if (!slbe)
697d3899SPaul Mackerras			return -EINVAL;
697d3899SPaul Mackerras		slb_v = slbe->origv;
697d3899SPaul Mackerras	} else {
697d3899SPaul Mackerras		/* real mode access */
697d3899SPaul Mackerras		slb_v = vcpu->kvm->arch.vrma_slb_v;
697d3899SPaul Mackerras	}
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* Find the HPTE in the hash table */
697d3899SPaul Mackerras	index = kvmppc_hv_find_lock_hpte(kvm, eaddr, slb_v,
697d3899SPaul Mackerras					 HPTE_V_VALID | HPTE_V_ABSENT);
697d3899SPaul Mackerras	if (index < 0)
de56a948SPaul Mackerras		return -ENOENT;
697d3899SPaul Mackerras	hptep = (unsigned long *)(kvm->arch.hpt_virt + (index << 4));
697d3899SPaul Mackerras	v = hptep[0] & ~HPTE_V_HVLOCK;
697d3899SPaul Mackerras	gr = kvm->arch.revmap[index].guest_rpte;
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* Unlock the HPTE */
697d3899SPaul Mackerras	asm volatile("lwsync" : : : "memory");
697d3899SPaul Mackerras	hptep[0] = v;
697d3899SPaul Mackerras
697d3899SPaul Mackerras	gpte->eaddr = eaddr;
697d3899SPaul Mackerras	gpte->vpage = ((v & HPTE_V_AVPN) << 4) | ((eaddr >> 12) & 0xfff);
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* Get PP bits and key for permission check */
697d3899SPaul Mackerras	pp = gr & (HPTE_R_PP0 | HPTE_R_PP);
697d3899SPaul Mackerras	key = (vcpu->arch.shregs.msr & MSR_PR) ? SLB_VSID_KP : SLB_VSID_KS;
697d3899SPaul Mackerras	key &= slb_v;
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* Calculate permissions */
697d3899SPaul Mackerras	gpte->may_read = hpte_read_permission(pp, key);
697d3899SPaul Mackerras	gpte->may_write = hpte_write_permission(pp, key);
697d3899SPaul Mackerras	gpte->may_execute = gpte->may_read && !(gr & (HPTE_R_N | HPTE_R_G));
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* Storage key permission check for POWER7 */
697d3899SPaul Mackerras	if (data && virtmode && cpu_has_feature(CPU_FTR_ARCH_206)) {
697d3899SPaul Mackerras		int amrfield = hpte_get_skey_perm(gr, vcpu->arch.amr);
697d3899SPaul Mackerras		if (amrfield & 1)
697d3899SPaul Mackerras			gpte->may_read = 0;
697d3899SPaul Mackerras		if (amrfield & 2)
697d3899SPaul Mackerras			gpte->may_write = 0;
697d3899SPaul Mackerras	}
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* Get the guest physical address */
697d3899SPaul Mackerras	gpte->raddr = kvmppc_mmu_get_real_addr(v, gr, eaddr);
697d3899SPaul Mackerras	return 0;
697d3899SPaul Mackerras}
697d3899SPaul Mackerras
697d3899SPaul Mackerras/*
697d3899SPaul Mackerras * Quick test for whether an instruction is a load or a store.
697d3899SPaul Mackerras * If the instruction is a load or a store, then this will indicate
697d3899SPaul Mackerras * which it is, at least on server processors.  (Embedded processors
697d3899SPaul Mackerras * have some external PID instructions that don't follow the rule
697d3899SPaul Mackerras * embodied here.)  If the instruction isn't a load or store, then
697d3899SPaul Mackerras * this doesn't return anything useful.
697d3899SPaul Mackerras */
697d3899SPaul Mackerrasstatic int instruction_is_store(unsigned int instr)
697d3899SPaul Mackerras{
697d3899SPaul Mackerras	unsigned int mask;
697d3899SPaul Mackerras
697d3899SPaul Mackerras	mask = 0x10000000;
697d3899SPaul Mackerras	if ((instr & 0xfc000000) == 0x7c000000)
697d3899SPaul Mackerras		mask = 0x100;		/* major opcode 31 */
697d3899SPaul Mackerras	return (instr & mask) != 0;
697d3899SPaul Mackerras}
697d3899SPaul Mackerras
697d3899SPaul Mackerrasstatic int kvmppc_hv_emulate_mmio(struct kvm_run *run, struct kvm_vcpu *vcpu,
6020c0f6SAlexander Graf				  unsigned long gpa, gva_t ea, int is_store)
697d3899SPaul Mackerras{
697d3899SPaul Mackerras	int ret;
697d3899SPaul Mackerras	u32 last_inst;
697d3899SPaul Mackerras	unsigned long srr0 = kvmppc_get_pc(vcpu);
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* We try to load the last instruction.  We don't let
697d3899SPaul Mackerras	 * emulate_instruction do it as it doesn't check what
697d3899SPaul Mackerras	 * kvmppc_ld returns.
697d3899SPaul Mackerras	 * If we fail, we just return to the guest and try executing it again.
697d3899SPaul Mackerras	 */
697d3899SPaul Mackerras	if (vcpu->arch.last_inst == KVM_INST_FETCH_FAILED) {
697d3899SPaul Mackerras		ret = kvmppc_ld(vcpu, &srr0, sizeof(u32), &last_inst, false);
697d3899SPaul Mackerras		if (ret != EMULATE_DONE || last_inst == KVM_INST_FETCH_FAILED)
697d3899SPaul Mackerras			return RESUME_GUEST;
697d3899SPaul Mackerras		vcpu->arch.last_inst = last_inst;
697d3899SPaul Mackerras	}
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/*
697d3899SPaul Mackerras	 * WARNING: We do not know for sure whether the instruction we just
697d3899SPaul Mackerras	 * read from memory is the same that caused the fault in the first
697d3899SPaul Mackerras	 * place.  If the instruction we read is neither an load or a store,
697d3899SPaul Mackerras	 * then it can't access memory, so we don't need to worry about
697d3899SPaul Mackerras	 * enforcing access permissions.  So, assuming it is a load or
697d3899SPaul Mackerras	 * store, we just check that its direction (load or store) is
697d3899SPaul Mackerras	 * consistent with the original fault, since that's what we
697d3899SPaul Mackerras	 * checked the access permissions against.  If there is a mismatch
697d3899SPaul Mackerras	 * we just return and retry the instruction.
697d3899SPaul Mackerras	 */
697d3899SPaul Mackerras
697d3899SPaul Mackerras	if (instruction_is_store(vcpu->arch.last_inst) != !!is_store)
697d3899SPaul Mackerras		return RESUME_GUEST;
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/*
697d3899SPaul Mackerras	 * Emulated accesses are emulated by looking at the hash for
697d3899SPaul Mackerras	 * translation once, then performing the access later. The
697d3899SPaul Mackerras	 * translation could be invalidated in the meantime in which
697d3899SPaul Mackerras	 * point performing the subsequent memory access on the old
697d3899SPaul Mackerras	 * physical address could possibly be a security hole for the
697d3899SPaul Mackerras	 * guest (but not the host).
697d3899SPaul Mackerras	 *
697d3899SPaul Mackerras	 * This is less of an issue for MMIO stores since they aren't
697d3899SPaul Mackerras	 * globally visible. It could be an issue for MMIO loads to
697d3899SPaul Mackerras	 * a certain extent but we'll ignore it for now.
697d3899SPaul Mackerras	 */
697d3899SPaul Mackerras
697d3899SPaul Mackerras	vcpu->arch.paddr_accessed = gpa;
6020c0f6SAlexander Graf	vcpu->arch.vaddr_accessed = ea;
697d3899SPaul Mackerras	return kvmppc_emulate_mmio(run, vcpu);
697d3899SPaul Mackerras}
697d3899SPaul Mackerras
697d3899SPaul Mackerrasint kvmppc_book3s_hv_page_fault(struct kvm_run *run, struct kvm_vcpu *vcpu,
697d3899SPaul Mackerras				unsigned long ea, unsigned long dsisr)
697d3899SPaul Mackerras{
697d3899SPaul Mackerras	struct kvm *kvm = vcpu->kvm;
342d3db7SPaul Mackerras	unsigned long *hptep, hpte[3], r;
342d3db7SPaul Mackerras	unsigned long mmu_seq, psize, pte_size;
70bddfefSPaul Mackerras	unsigned long gpa, gfn, hva, pfn;
697d3899SPaul Mackerras	struct kvm_memory_slot *memslot;
342d3db7SPaul Mackerras	unsigned long *rmap;
697d3899SPaul Mackerras	struct revmap_entry *rev;
342d3db7SPaul Mackerras	struct page *page, *pages[1];
342d3db7SPaul Mackerras	long index, ret, npages;
342d3db7SPaul Mackerras	unsigned long is_io;
4cf302bcSPaul Mackerras	unsigned int writing, write_ok;
342d3db7SPaul Mackerras	struct vm_area_struct *vma;
bad3b507SPaul Mackerras	unsigned long rcbits;
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/*
697d3899SPaul Mackerras	 * Real-mode code has already searched the HPT and found the
697d3899SPaul Mackerras	 * entry we're interested in.  Lock the entry and check that
697d3899SPaul Mackerras	 * it hasn't changed.  If it has, just return and re-execute the
697d3899SPaul Mackerras	 * instruction.
697d3899SPaul Mackerras	 */
697d3899SPaul Mackerras	if (ea != vcpu->arch.pgfault_addr)
697d3899SPaul Mackerras		return RESUME_GUEST;
697d3899SPaul Mackerras	index = vcpu->arch.pgfault_index;
697d3899SPaul Mackerras	hptep = (unsigned long *)(kvm->arch.hpt_virt + (index << 4));
697d3899SPaul Mackerras	rev = &kvm->arch.revmap[index];
697d3899SPaul Mackerras	preempt_disable();
697d3899SPaul Mackerras	while (!try_lock_hpte(hptep, HPTE_V_HVLOCK))
697d3899SPaul Mackerras		cpu_relax();
697d3899SPaul Mackerras	hpte[0] = hptep[0] & ~HPTE_V_HVLOCK;
697d3899SPaul Mackerras	hpte[1] = hptep[1];
342d3db7SPaul Mackerras	hpte[2] = r = rev->guest_rpte;
697d3899SPaul Mackerras	asm volatile("lwsync" : : : "memory");
697d3899SPaul Mackerras	hptep[0] = hpte[0];
697d3899SPaul Mackerras	preempt_enable();
697d3899SPaul Mackerras
697d3899SPaul Mackerras	if (hpte[0] != vcpu->arch.pgfault_hpte[0] ||
697d3899SPaul Mackerras	    hpte[1] != vcpu->arch.pgfault_hpte[1])
697d3899SPaul Mackerras		return RESUME_GUEST;
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* Translate the logical address and get the page */
342d3db7SPaul Mackerras	psize = hpte_page_size(hpte[0], r);
70bddfefSPaul Mackerras	gpa = (r & HPTE_R_RPN & ~(psize - 1)) | (ea & (psize - 1));
70bddfefSPaul Mackerras	gfn = gpa >> PAGE_SHIFT;
697d3899SPaul Mackerras	memslot = gfn_to_memslot(kvm, gfn);
697d3899SPaul Mackerras
697d3899SPaul Mackerras	/* No memslot means it's an emulated MMIO region */
70bddfefSPaul Mackerras	if (!memslot || (memslot->flags & KVM_MEMSLOT_INVALID))
6020c0f6SAlexander Graf		return kvmppc_hv_emulate_mmio(run, vcpu, gpa, ea,
697d3899SPaul Mackerras					      dsisr & DSISR_ISSTORE);
697d3899SPaul Mackerras
342d3db7SPaul Mackerras	if (!kvm->arch.using_mmu_notifiers)
342d3db7SPaul Mackerras		return -EFAULT;		/* should never get here */
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	/* used to check for invalidations in progress */
342d3db7SPaul Mackerras	mmu_seq = kvm->mmu_notifier_seq;
342d3db7SPaul Mackerras	smp_rmb();
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	is_io = 0;
342d3db7SPaul Mackerras	pfn = 0;
342d3db7SPaul Mackerras	page = NULL;
342d3db7SPaul Mackerras	pte_size = PAGE_SIZE;
4cf302bcSPaul Mackerras	writing = (dsisr & DSISR_ISSTORE) != 0;
4cf302bcSPaul Mackerras	/* If writing != 0, then the HPTE must allow writing, if we get here */
4cf302bcSPaul Mackerras	write_ok = writing;
342d3db7SPaul Mackerras	hva = gfn_to_hva_memslot(memslot, gfn);
4cf302bcSPaul Mackerras	npages = get_user_pages_fast(hva, 1, writing, pages);
342d3db7SPaul Mackerras	if (npages < 1) {
342d3db7SPaul Mackerras		/* Check if it's an I/O mapping */
342d3db7SPaul Mackerras		down_read(&current->mm->mmap_sem);
342d3db7SPaul Mackerras		vma = find_vma(current->mm, hva);
342d3db7SPaul Mackerras		if (vma && vma->vm_start <= hva && hva + psize <= vma->vm_end &&
342d3db7SPaul Mackerras		    (vma->vm_flags & VM_PFNMAP)) {
342d3db7SPaul Mackerras			pfn = vma->vm_pgoff +
342d3db7SPaul Mackerras				((hva - vma->vm_start) >> PAGE_SHIFT);
342d3db7SPaul Mackerras			pte_size = psize;
342d3db7SPaul Mackerras			is_io = hpte_cache_bits(pgprot_val(vma->vm_page_prot));
4cf302bcSPaul Mackerras			write_ok = vma->vm_flags & VM_WRITE;
342d3db7SPaul Mackerras		}
342d3db7SPaul Mackerras		up_read(&current->mm->mmap_sem);
342d3db7SPaul Mackerras		if (!pfn)
697d3899SPaul Mackerras			return -EFAULT;
342d3db7SPaul Mackerras	} else {
342d3db7SPaul Mackerras		page = pages[0];
342d3db7SPaul Mackerras		if (PageHuge(page)) {
342d3db7SPaul Mackerras			page = compound_head(page);
342d3db7SPaul Mackerras			pte_size <<= compound_order(page);
342d3db7SPaul Mackerras		}
4cf302bcSPaul Mackerras		/* if the guest wants write access, see if that is OK */
4cf302bcSPaul Mackerras		if (!writing && hpte_is_writable(r)) {
db7cb5b9SAneesh Kumar K.V			unsigned int hugepage_shift;
4cf302bcSPaul Mackerras			pte_t *ptep, pte;
4cf302bcSPaul Mackerras
4cf302bcSPaul Mackerras			/*
4cf302bcSPaul Mackerras			 * We need to protect against page table destruction
4cf302bcSPaul Mackerras			 * while looking up and updating the pte.
4cf302bcSPaul Mackerras			 */
4cf302bcSPaul Mackerras			rcu_read_lock_sched();
4cf302bcSPaul Mackerras			ptep = find_linux_pte_or_hugepte(current->mm->pgd,
db7cb5b9SAneesh Kumar K.V							 hva, &hugepage_shift);
db7cb5b9SAneesh Kumar K.V			if (ptep) {
db7cb5b9SAneesh Kumar K.V				pte = kvmppc_read_update_linux_pte(ptep, 1,
db7cb5b9SAneesh Kumar K.V							   hugepage_shift);
4cf302bcSPaul Mackerras				if (pte_write(pte))
4cf302bcSPaul Mackerras					write_ok = 1;
4cf302bcSPaul Mackerras			}
4cf302bcSPaul Mackerras			rcu_read_unlock_sched();
4cf302bcSPaul Mackerras		}
342d3db7SPaul Mackerras		pfn = page_to_pfn(page);
342d3db7SPaul Mackerras	}
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	ret = -EFAULT;
342d3db7SPaul Mackerras	if (psize > pte_size)
342d3db7SPaul Mackerras		goto out_put;
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	/* Check WIMG vs. the actual page we're accessing */
342d3db7SPaul Mackerras	if (!hpte_cache_flags_ok(r, is_io)) {
342d3db7SPaul Mackerras		if (is_io)
342d3db7SPaul Mackerras			return -EFAULT;
342d3db7SPaul Mackerras		/*
342d3db7SPaul Mackerras		 * Allow guest to map emulated device memory as
342d3db7SPaul Mackerras		 * uncacheable, but actually make it cacheable.
342d3db7SPaul Mackerras		 */
342d3db7SPaul Mackerras		r = (r & ~(HPTE_R_W|HPTE_R_I|HPTE_R_G)) | HPTE_R_M;
342d3db7SPaul Mackerras	}
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	/* Set the HPTE to point to pfn */
342d3db7SPaul Mackerras	r = (r & ~(HPTE_R_PP0 - pte_size)) | (pfn << PAGE_SHIFT);
4cf302bcSPaul Mackerras	if (hpte_is_writable(r) && !write_ok)
4cf302bcSPaul Mackerras		r = hpte_make_readonly(r);
342d3db7SPaul Mackerras	ret = RESUME_GUEST;
342d3db7SPaul Mackerras	preempt_disable();
342d3db7SPaul Mackerras	while (!try_lock_hpte(hptep, HPTE_V_HVLOCK))
342d3db7SPaul Mackerras		cpu_relax();
342d3db7SPaul Mackerras	if ((hptep[0] & ~HPTE_V_HVLOCK) != hpte[0] || hptep[1] != hpte[1] ||
342d3db7SPaul Mackerras	    rev->guest_rpte != hpte[2])
342d3db7SPaul Mackerras		/* HPTE has been changed under us; let the guest retry */
342d3db7SPaul Mackerras		goto out_unlock;
342d3db7SPaul Mackerras	hpte[0] = (hpte[0] & ~HPTE_V_ABSENT) | HPTE_V_VALID;
342d3db7SPaul Mackerras
d89cc617STakuya Yoshikawa	rmap = &memslot->arch.rmap[gfn - memslot->base_gfn];
342d3db7SPaul Mackerras	lock_rmap(rmap);
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	/* Check if we might have been invalidated; let the guest retry if so */
342d3db7SPaul Mackerras	ret = RESUME_GUEST;
8ca40a70SChristoffer Dall	if (mmu_notifier_retry(vcpu->kvm, mmu_seq)) {
342d3db7SPaul Mackerras		unlock_rmap(rmap);
342d3db7SPaul Mackerras		goto out_unlock;
342d3db7SPaul Mackerras	}
4cf302bcSPaul Mackerras
bad3b507SPaul Mackerras	/* Only set R/C in real HPTE if set in both *rmap and guest_rpte */
bad3b507SPaul Mackerras	rcbits = *rmap >> KVMPPC_RMAP_RC_SHIFT;
bad3b507SPaul Mackerras	r &= rcbits | ~(HPTE_R_R | HPTE_R_C);
bad3b507SPaul Mackerras
4cf302bcSPaul Mackerras	if (hptep[0] & HPTE_V_VALID) {
4cf302bcSPaul Mackerras		/* HPTE was previously valid, so we need to invalidate it */
4cf302bcSPaul Mackerras		unlock_rmap(rmap);
4cf302bcSPaul Mackerras		hptep[0] |= HPTE_V_ABSENT;
4cf302bcSPaul Mackerras		kvmppc_invalidate_hpte(kvm, hptep, index);
bad3b507SPaul Mackerras		/* don't lose previous R and C bits */
bad3b507SPaul Mackerras		r |= hptep[1] & (HPTE_R_R | HPTE_R_C);
4cf302bcSPaul Mackerras	} else {
342d3db7SPaul Mackerras		kvmppc_add_revmap_chain(kvm, rev, rmap, index, 0);
4cf302bcSPaul Mackerras	}
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	hptep[1] = r;
342d3db7SPaul Mackerras	eieio();
342d3db7SPaul Mackerras	hptep[0] = hpte[0];
342d3db7SPaul Mackerras	asm volatile("ptesync" : : : "memory");
342d3db7SPaul Mackerras	preempt_enable();
4cf302bcSPaul Mackerras	if (page && hpte_is_writable(r))
342d3db7SPaul Mackerras		SetPageDirty(page);
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras out_put:
de6c0b02SDavid Gibson	if (page) {
de6c0b02SDavid Gibson		/*
de6c0b02SDavid Gibson		 * We drop pages[0] here, not page because page might
de6c0b02SDavid Gibson		 * have been set to the head page of a compound, but
de6c0b02SDavid Gibson		 * we have to drop the reference on the correct tail
de6c0b02SDavid Gibson		 * page to match the get inside gup()
de6c0b02SDavid Gibson		 */
de6c0b02SDavid Gibson		put_page(pages[0]);
de6c0b02SDavid Gibson	}
342d3db7SPaul Mackerras	return ret;
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras out_unlock:
342d3db7SPaul Mackerras	hptep[0] &= ~HPTE_V_HVLOCK;
342d3db7SPaul Mackerras	preempt_enable();
342d3db7SPaul Mackerras	goto out_put;
342d3db7SPaul Mackerras}
342d3db7SPaul Mackerras
a64fd707SPaul Mackerrasstatic void kvmppc_rmap_reset(struct kvm *kvm)
a64fd707SPaul Mackerras{
a64fd707SPaul Mackerras	struct kvm_memslots *slots;
a64fd707SPaul Mackerras	struct kvm_memory_slot *memslot;
a64fd707SPaul Mackerras	int srcu_idx;
a64fd707SPaul Mackerras
a64fd707SPaul Mackerras	srcu_idx = srcu_read_lock(&kvm->srcu);
a64fd707SPaul Mackerras	slots = kvm->memslots;
a64fd707SPaul Mackerras	kvm_for_each_memslot(memslot, slots) {
a64fd707SPaul Mackerras		/*
a64fd707SPaul Mackerras		 * This assumes it is acceptable to lose reference and
a64fd707SPaul Mackerras		 * change bits across a reset.
a64fd707SPaul Mackerras		 */
a64fd707SPaul Mackerras		memset(memslot->arch.rmap, 0,
a64fd707SPaul Mackerras		       memslot->npages * sizeof(*memslot->arch.rmap));
a64fd707SPaul Mackerras	}
a64fd707SPaul Mackerras	srcu_read_unlock(&kvm->srcu, srcu_idx);
a64fd707SPaul Mackerras}
a64fd707SPaul Mackerras
84504ef3STakuya Yoshikawastatic int kvm_handle_hva_range(struct kvm *kvm,
84504ef3STakuya Yoshikawa				unsigned long start,
84504ef3STakuya Yoshikawa				unsigned long end,
84504ef3STakuya Yoshikawa				int (*handler)(struct kvm *kvm,
84504ef3STakuya Yoshikawa					       unsigned long *rmapp,
342d3db7SPaul Mackerras					       unsigned long gfn))
342d3db7SPaul Mackerras{
342d3db7SPaul Mackerras	int ret;
342d3db7SPaul Mackerras	int retval = 0;
342d3db7SPaul Mackerras	struct kvm_memslots *slots;
342d3db7SPaul Mackerras	struct kvm_memory_slot *memslot;
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	slots = kvm_memslots(kvm);
342d3db7SPaul Mackerras	kvm_for_each_memslot(memslot, slots) {
84504ef3STakuya Yoshikawa		unsigned long hva_start, hva_end;
84504ef3STakuya Yoshikawa		gfn_t gfn, gfn_end;
342d3db7SPaul Mackerras
84504ef3STakuya Yoshikawa		hva_start = max(start, memslot->userspace_addr);
84504ef3STakuya Yoshikawa		hva_end = min(end, memslot->userspace_addr +
84504ef3STakuya Yoshikawa					(memslot->npages << PAGE_SHIFT));
84504ef3STakuya Yoshikawa		if (hva_start >= hva_end)
84504ef3STakuya Yoshikawa			continue;
84504ef3STakuya Yoshikawa		/*
84504ef3STakuya Yoshikawa		 * {gfn(page) | page intersects with [hva_start, hva_end)} =
84504ef3STakuya Yoshikawa		 * {gfn, gfn+1, ..., gfn_end-1}.
84504ef3STakuya Yoshikawa		 */
84504ef3STakuya Yoshikawa		gfn = hva_to_gfn_memslot(hva_start, memslot);
84504ef3STakuya Yoshikawa		gfn_end = hva_to_gfn_memslot(hva_end + PAGE_SIZE - 1, memslot);
84504ef3STakuya Yoshikawa
84504ef3STakuya Yoshikawa		for (; gfn < gfn_end; ++gfn) {
d19a748bSTakuya Yoshikawa			gfn_t gfn_offset = gfn - memslot->base_gfn;
342d3db7SPaul Mackerras
d89cc617STakuya Yoshikawa			ret = handler(kvm, &memslot->arch.rmap[gfn_offset], gfn);
342d3db7SPaul Mackerras			retval |= ret;
342d3db7SPaul Mackerras		}
342d3db7SPaul Mackerras	}
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	return retval;
342d3db7SPaul Mackerras}
342d3db7SPaul Mackerras
84504ef3STakuya Yoshikawastatic int kvm_handle_hva(struct kvm *kvm, unsigned long hva,
84504ef3STakuya Yoshikawa			  int (*handler)(struct kvm *kvm, unsigned long *rmapp,
84504ef3STakuya Yoshikawa					 unsigned long gfn))
84504ef3STakuya Yoshikawa{
84504ef3STakuya Yoshikawa	return kvm_handle_hva_range(kvm, hva, hva + 1, handler);
84504ef3STakuya Yoshikawa}
84504ef3STakuya Yoshikawa
342d3db7SPaul Mackerrasstatic int kvm_unmap_rmapp(struct kvm *kvm, unsigned long *rmapp,
342d3db7SPaul Mackerras			   unsigned long gfn)
342d3db7SPaul Mackerras{
342d3db7SPaul Mackerras	struct revmap_entry *rev = kvm->arch.revmap;
342d3db7SPaul Mackerras	unsigned long h, i, j;
342d3db7SPaul Mackerras	unsigned long *hptep;
bad3b507SPaul Mackerras	unsigned long ptel, psize, rcbits;
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras	for (;;) {
bad3b507SPaul Mackerras		lock_rmap(rmapp);
342d3db7SPaul Mackerras		if (!(*rmapp & KVMPPC_RMAP_PRESENT)) {
bad3b507SPaul Mackerras			unlock_rmap(rmapp);
342d3db7SPaul Mackerras			break;
342d3db7SPaul Mackerras		}
342d3db7SPaul Mackerras
342d3db7SPaul Mackerras		/*
342d3db7SPaul Mackerras		 * To avoid an ABBA deadlock with the HPTE lock bit,
bad3b507SPaul Mackerras		 * we can't spin on the HPTE lock while holding the
bad3b507SPaul Mackerras		 * rmap chain lock.
342d3db7SPaul Mackerras		 */
342d3db7SPaul Mackerras		i = *rmapp & KVMPPC_RMAP_INDEX;
bad3b507SPaul Mackerras		hptep = (unsigned long *) (kvm->arch.hpt_virt + (i << 4));
bad3b507SPaul Mackerras		if (!try_lock_hpte(hptep, HPTE_V_HVLOCK)) {
bad3b507SPaul Mackerras			/* unlock rmap before spinning on the HPTE lock */
bad3b507SPaul Mackerras			unlock_rmap(rmapp);
bad3b507SPaul Mackerras			while (hptep[0] & HPTE_V_HVLOCK)
bad3b507SPaul Mackerras				cpu_relax();
bad3b507SPaul Mackerras			continue;
bad3b507SPaul Mackerras		}
342d3db7SPaul Mackerras		j = rev[i].forw;
342d3db7SPaul Mackerras		if (j == i) {
342d3db7SPaul Mackerras			/* chain is now empty */
bad3b507SPaul Mackerras			*rmapp &= ~(KVMPPC_RMAP_PRESENT | KVMPPC_RMAP_INDEX);
342d3db7SPaul Mackerras		} else {
342d3db7SPaul Mackerras			/* remove i from chain */
342d3db7SPaul Mackerras			h = rev[i].back;
342d3db7SPaul Mackerras			rev[h].forw = j;
342d3db7SPaul Mackerras			rev[j].back = h;
342d3db7SPaul Mackerras			rev[i].forw = rev[i].back = i;
bad3b507SPaul Mackerras			*rmapp = (*rmapp & ~KVMPPC_RMAP_INDEX) | j;
342d3db7SPaul Mackerras		}
342d3db7SPaul Mackerras
bad3b507SPaul Mackerras		/* Now check and modify the HPTE */
342d3db7SPaul Mackerras		ptel = rev[i].guest_rpte;
342d3db7SPaul Mackerras		psize = hpte_page_size(hptep[0], ptel);
342d3db7SPaul Mackerras		if ((hptep[0] & HPTE_V_VALID) &&
342d3db7SPaul Mackerras		    hpte_rpn(ptel, psize) == gfn) {
dfe49dbdSPaul Mackerras			if (kvm->arch.using_mmu_notifiers)
342d3db7SPaul Mackerras				hptep[0] |= HPTE_V_ABSENT;
bad3b507SPaul Mackerras			kvmppc_invalidate_hpte(kvm, hptep, i);
bad3b507SPaul Mackerras			/* Harvest R and C */
bad3b507SPaul Mackerras			rcbits = hptep[1] & (HPTE_R_R | HPTE_R_C);
bad3b507SPaul Mackerras			*rmapp |= rcbits << KVMPPC_RMAP_RC_SHIFT;
a1b4a0f6SPaul Mackerras			if (rcbits & ~rev[i].guest_rpte) {
bad3b507SPaul Mackerras				rev[i].guest_rpte = ptel | rcbits;
a1b4a0f6SPaul Mackerras				note_hpte_modification(kvm, &rev[i]);
a1b4a0f6SPaul Mackerras			}
342d3db7SPaul Mackerras		}
bad3b507SPaul Mackerras		unlock_rmap(rmapp);
342d3db7SPaul Mackerras		hptep[0] &= ~HPTE_V_HVLOCK;
342d3db7SPaul Mackerras	}
342d3db7SPaul Mackerras	return 0;
342d3db7SPaul Mackerras}
342d3db7SPaul Mackerras
3a167beaSAneesh Kumar K.Vint kvm_unmap_hva_hv(struct kvm *kvm, unsigned long hva)
342d3db7SPaul Mackerras{
342d3db7SPaul Mackerras	if (kvm->arch.using_mmu_notifiers)
342d3db7SPaul Mackerras		kvm_handle_hva(kvm, hva, kvm_unmap_rmapp);
342d3db7SPaul Mackerras	return 0;
342d3db7SPaul Mackerras}
342d3db7SPaul Mackerras
3a167beaSAneesh Kumar K.Vint kvm_unmap_hva_range_hv(struct kvm *kvm, unsigned long start, unsigned long end)
b3ae2096STakuya Yoshikawa{
b3ae2096STakuya Yoshikawa	if (kvm->arch.using_mmu_notifiers)
b3ae2096STakuya Yoshikawa		kvm_handle_hva_range(kvm, start, end, kvm_unmap_rmapp);
b3ae2096STakuya Yoshikawa	return 0;
b3ae2096STakuya Yoshikawa}
b3ae2096STakuya Yoshikawa
3a167beaSAneesh Kumar K.Vvoid kvmppc_core_flush_memslot_hv(struct kvm *kvm,
3a167beaSAneesh Kumar K.V				  struct kvm_memory_slot *memslot)
dfe49dbdSPaul Mackerras{
dfe49dbdSPaul Mackerras	unsigned long *rmapp;
dfe49dbdSPaul Mackerras	unsigned long gfn;
dfe49dbdSPaul Mackerras	unsigned long n;
dfe49dbdSPaul Mackerras
dfe49dbdSPaul Mackerras	rmapp = memslot->arch.rmap;
dfe49dbdSPaul Mackerras	gfn = memslot->base_gfn;
dfe49dbdSPaul Mackerras	for (n = memslot->npages; n; --n) {
dfe49dbdSPaul Mackerras		/*
dfe49dbdSPaul Mackerras		 * Testing the present bit without locking is OK because
dfe49dbdSPaul Mackerras		 * the memslot has been marked invalid already, and hence
dfe49dbdSPaul Mackerras		 * no new HPTEs referencing this page can be created,
dfe49dbdSPaul Mackerras		 * thus the present bit can't go from 0 to 1.
dfe49dbdSPaul Mackerras		 */
dfe49dbdSPaul Mackerras		if (*rmapp & KVMPPC_RMAP_PRESENT)
dfe49dbdSPaul Mackerras			kvm_unmap_rmapp(kvm, rmapp, gfn);
dfe49dbdSPaul Mackerras		++rmapp;
dfe49dbdSPaul Mackerras		++gfn;
dfe49dbdSPaul Mackerras	}
dfe49dbdSPaul Mackerras}
dfe49dbdSPaul Mackerras
342d3db7SPaul Mackerrasstatic int kvm_age_rmapp(struct kvm *kvm, unsigned long *rmapp,
342d3db7SPaul Mackerras			 unsigned long gfn)
342d3db7SPaul Mackerras{
55514893SPaul Mackerras	struct revmap_entry *rev = kvm->arch.revmap;
55514893SPaul Mackerras	unsigned long head, i, j;
55514893SPaul Mackerras	unsigned long *hptep;
55514893SPaul Mackerras	int ret = 0;
55514893SPaul Mackerras
55514893SPaul Mackerras retry:
55514893SPaul Mackerras	lock_rmap(rmapp);
55514893SPaul Mackerras	if (*rmapp & KVMPPC_RMAP_REFERENCED) {
bad3b507SPaul Mackerras		*rmapp &= ~KVMPPC_RMAP_REFERENCED;
55514893SPaul Mackerras		ret = 1;
55514893SPaul Mackerras	}
55514893SPaul Mackerras	if (!(*rmapp & KVMPPC_RMAP_PRESENT)) {
55514893SPaul Mackerras		unlock_rmap(rmapp);
55514893SPaul Mackerras		return ret;
55514893SPaul Mackerras	}
55514893SPaul Mackerras
55514893SPaul Mackerras	i = head = *rmapp & KVMPPC_RMAP_INDEX;
55514893SPaul Mackerras	do {
55514893SPaul Mackerras		hptep = (unsigned long *) (kvm->arch.hpt_virt + (i << 4));
55514893SPaul Mackerras		j = rev[i].forw;
55514893SPaul Mackerras
55514893SPaul Mackerras		/* If this HPTE isn't referenced, ignore it */
55514893SPaul Mackerras		if (!(hptep[1] & HPTE_R_R))
55514893SPaul Mackerras			continue;
55514893SPaul Mackerras
55514893SPaul Mackerras		if (!try_lock_hpte(hptep, HPTE_V_HVLOCK)) {
55514893SPaul Mackerras			/* unlock rmap before spinning on the HPTE lock */
55514893SPaul Mackerras			unlock_rmap(rmapp);
55514893SPaul Mackerras			while (hptep[0] & HPTE_V_HVLOCK)
55514893SPaul Mackerras				cpu_relax();
55514893SPaul Mackerras			goto retry;
55514893SPaul Mackerras		}
55514893SPaul Mackerras
55514893SPaul Mackerras		/* Now check and modify the HPTE */
55514893SPaul Mackerras		if ((hptep[0] & HPTE_V_VALID) && (hptep[1] & HPTE_R_R)) {
55514893SPaul Mackerras			kvmppc_clear_ref_hpte(kvm, hptep, i);
a1b4a0f6SPaul Mackerras			if (!(rev[i].guest_rpte & HPTE_R_R)) {
55514893SPaul Mackerras				rev[i].guest_rpte |= HPTE_R_R;
a1b4a0f6SPaul Mackerras				note_hpte_modification(kvm, &rev[i]);
a1b4a0f6SPaul Mackerras			}
55514893SPaul Mackerras			ret = 1;
55514893SPaul Mackerras		}
55514893SPaul Mackerras		hptep[0] &= ~HPTE_V_HVLOCK;
55514893SPaul Mackerras	} while ((i = j) != head);
55514893SPaul Mackerras
55514893SPaul Mackerras	unlock_rmap(rmapp);
55514893SPaul Mackerras	return ret;
342d3db7SPaul Mackerras}
342d3db7SPaul Mackerras
3a167beaSAneesh Kumar K.Vint kvm_age_hva_hv(struct kvm *kvm, unsigned long hva)
342d3db7SPaul Mackerras{
342d3db7SPaul Mackerras	if (!kvm->arch.using_mmu_notifiers)
342d3db7SPaul Mackerras		return 0;
342d3db7SPaul Mackerras	return kvm_handle_hva(kvm, hva, kvm_age_rmapp);
342d3db7SPaul Mackerras}
342d3db7SPaul Mackerras
342d3db7SPaul Mackerrasstatic int kvm_test_age_rmapp(struct kvm *kvm, unsigned long *rmapp,
342d3db7SPaul Mackerras			      unsigned long gfn)
342d3db7SPaul Mackerras{
55514893SPaul Mackerras	struct revmap_entry *rev = kvm->arch.revmap;
55514893SPaul Mackerras	unsigned long head, i, j;
55514893SPaul Mackerras	unsigned long *hp;
55514893SPaul Mackerras	int ret = 1;
55514893SPaul Mackerras
55514893SPaul Mackerras	if (*rmapp & KVMPPC_RMAP_REFERENCED)
55514893SPaul Mackerras		return 1;
55514893SPaul Mackerras
55514893SPaul Mackerras	lock_rmap(rmapp);
55514893SPaul Mackerras	if (*rmapp & KVMPPC_RMAP_REFERENCED)
55514893SPaul Mackerras		goto out;
55514893SPaul Mackerras
55514893SPaul Mackerras	if (*rmapp & KVMPPC_RMAP_PRESENT) {
55514893SPaul Mackerras		i = head = *rmapp & KVMPPC_RMAP_INDEX;
55514893SPaul Mackerras		do {
55514893SPaul Mackerras			hp = (unsigned long *)(kvm->arch.hpt_virt + (i << 4));
55514893SPaul Mackerras			j = rev[i].forw;
55514893SPaul Mackerras			if (hp[1] & HPTE_R_R)
55514893SPaul Mackerras				goto out;
55514893SPaul Mackerras		} while ((i = j) != head);
55514893SPaul Mackerras	}
55514893SPaul Mackerras	ret = 0;
55514893SPaul Mackerras
55514893SPaul Mackerras out:
55514893SPaul Mackerras	unlock_rmap(rmapp);
55514893SPaul Mackerras	return ret;
342d3db7SPaul Mackerras}
342d3db7SPaul Mackerras
3a167beaSAneesh Kumar K.Vint kvm_test_age_hva_hv(struct kvm *kvm, unsigned long hva)
342d3db7SPaul Mackerras{
342d3db7SPaul Mackerras	if (!kvm->arch.using_mmu_notifiers)
342d3db7SPaul Mackerras		return 0;
342d3db7SPaul Mackerras	return kvm_handle_hva(kvm, hva, kvm_test_age_rmapp);
342d3db7SPaul Mackerras}
342d3db7SPaul Mackerras
3a167beaSAneesh Kumar K.Vvoid kvm_set_spte_hva_hv(struct kvm *kvm, unsigned long hva, pte_t pte)
342d3db7SPaul Mackerras{
342d3db7SPaul Mackerras	if (!kvm->arch.using_mmu_notifiers)
342d3db7SPaul Mackerras		return;
342d3db7SPaul Mackerras	kvm_handle_hva(kvm, hva, kvm_unmap_rmapp);
de56a948SPaul Mackerras}
de56a948SPaul Mackerras
82ed3616SPaul Mackerrasstatic int kvm_test_clear_dirty(struct kvm *kvm, unsigned long *rmapp)
82ed3616SPaul Mackerras{
82ed3616SPaul Mackerras	struct revmap_entry *rev = kvm->arch.revmap;
82ed3616SPaul Mackerras	unsigned long head, i, j;
82ed3616SPaul Mackerras	unsigned long *hptep;
82ed3616SPaul Mackerras	int ret = 0;
82ed3616SPaul Mackerras
82ed3616SPaul Mackerras retry:
82ed3616SPaul Mackerras	lock_rmap(rmapp);
82ed3616SPaul Mackerras	if (*rmapp & KVMPPC_RMAP_CHANGED) {
82ed3616SPaul Mackerras		*rmapp &= ~KVMPPC_RMAP_CHANGED;
82ed3616SPaul Mackerras		ret = 1;
82ed3616SPaul Mackerras	}
82ed3616SPaul Mackerras	if (!(*rmapp & KVMPPC_RMAP_PRESENT)) {
82ed3616SPaul Mackerras		unlock_rmap(rmapp);
82ed3616SPaul Mackerras		return ret;
82ed3616SPaul Mackerras	}
82ed3616SPaul Mackerras
82ed3616SPaul Mackerras	i = head = *rmapp & KVMPPC_RMAP_INDEX;
82ed3616SPaul Mackerras	do {
82ed3616SPaul Mackerras		hptep = (unsigned long *) (kvm->arch.hpt_virt + (i << 4));
82ed3616SPaul Mackerras		j = rev[i].forw;
82ed3616SPaul Mackerras
82ed3616SPaul Mackerras		if (!(hptep[1] & HPTE_R_C))
82ed3616SPaul Mackerras			continue;
82ed3616SPaul Mackerras
82ed3616SPaul Mackerras		if (!try_lock_hpte(hptep, HPTE_V_HVLOCK)) {
82ed3616SPaul Mackerras			/* unlock rmap before spinning on the HPTE lock */
82ed3616SPaul Mackerras			unlock_rmap(rmapp);
82ed3616SPaul Mackerras			while (hptep[0] & HPTE_V_HVLOCK)
82ed3616SPaul Mackerras				cpu_relax();
82ed3616SPaul Mackerras			goto retry;
82ed3616SPaul Mackerras		}
82ed3616SPaul Mackerras
82ed3616SPaul Mackerras		/* Now check and modify the HPTE */
82ed3616SPaul Mackerras		if ((hptep[0] & HPTE_V_VALID) && (hptep[1] & HPTE_R_C)) {
82ed3616SPaul Mackerras			/* need to make it temporarily absent to clear C */
82ed3616SPaul Mackerras			hptep[0] |= HPTE_V_ABSENT;
82ed3616SPaul Mackerras			kvmppc_invalidate_hpte(kvm, hptep, i);
82ed3616SPaul Mackerras			hptep[1] &= ~HPTE_R_C;
82ed3616SPaul Mackerras			eieio();
82ed3616SPaul Mackerras			hptep[0] = (hptep[0] & ~HPTE_V_ABSENT) | HPTE_V_VALID;
a1b4a0f6SPaul Mackerras			if (!(rev[i].guest_rpte & HPTE_R_C)) {
82ed3616SPaul Mackerras				rev[i].guest_rpte |= HPTE_R_C;
a1b4a0f6SPaul Mackerras				note_hpte_modification(kvm, &rev[i]);
a1b4a0f6SPaul Mackerras			}
82ed3616SPaul Mackerras			ret = 1;
82ed3616SPaul Mackerras		}
82ed3616SPaul Mackerras		hptep[0] &= ~HPTE_V_HVLOCK;
82ed3616SPaul Mackerras	} while ((i = j) != head);
82ed3616SPaul Mackerras
82ed3616SPaul Mackerras	unlock_rmap(rmapp);
82ed3616SPaul Mackerras	return ret;
82ed3616SPaul Mackerras}
82ed3616SPaul Mackerras
c35635efSPaul Mackerrasstatic void harvest_vpa_dirty(struct kvmppc_vpa *vpa,
c35635efSPaul Mackerras			      struct kvm_memory_slot *memslot,
c35635efSPaul Mackerras			      unsigned long *map)
c35635efSPaul Mackerras{
c35635efSPaul Mackerras	unsigned long gfn;
c35635efSPaul Mackerras
c35635efSPaul Mackerras	if (!vpa->dirty || !vpa->pinned_addr)
c35635efSPaul Mackerras		return;
c35635efSPaul Mackerras	gfn = vpa->gpa >> PAGE_SHIFT;
c35635efSPaul Mackerras	if (gfn < memslot->base_gfn ||
c35635efSPaul Mackerras	    gfn >= memslot->base_gfn + memslot->npages)
c35635efSPaul Mackerras		return;
c35635efSPaul Mackerras
c35635efSPaul Mackerras	vpa->dirty = false;
c35635efSPaul Mackerras	if (map)
c35635efSPaul Mackerras		__set_bit_le(gfn - memslot->base_gfn, map);
c35635efSPaul Mackerras}
c35635efSPaul Mackerras
dfe49dbdSPaul Mackerraslong kvmppc_hv_get_dirty_log(struct kvm *kvm, struct kvm_memory_slot *memslot,
dfe49dbdSPaul Mackerras			     unsigned long *map)
82ed3616SPaul Mackerras{
82ed3616SPaul Mackerras	unsigned long i;
dfe49dbdSPaul Mackerras	unsigned long *rmapp;
c35635efSPaul Mackerras	struct kvm_vcpu *vcpu;
82ed3616SPaul Mackerras
82ed3616SPaul Mackerras	preempt_disable();
d89cc617STakuya Yoshikawa	rmapp = memslot->arch.rmap;
82ed3616SPaul Mackerras	for (i = 0; i < memslot->npages; ++i) {
dfe49dbdSPaul Mackerras		if (kvm_test_clear_dirty(kvm, rmapp) && map)
82ed3616SPaul Mackerras			__set_bit_le(i, map);
82ed3616SPaul Mackerras		++rmapp;
82ed3616SPaul Mackerras	}
c35635efSPaul Mackerras
c35635efSPaul Mackerras	/* Harvest dirty bits from VPA and DTL updates */
c35635efSPaul Mackerras	/* Note: we never modify the SLB shadow buffer areas */
c35635efSPaul Mackerras	kvm_for_each_vcpu(i, vcpu, kvm) {
c35635efSPaul Mackerras		spin_lock(&vcpu->arch.vpa_update_lock);
c35635efSPaul Mackerras		harvest_vpa_dirty(&vcpu->arch.vpa, memslot, map);
c35635efSPaul Mackerras		harvest_vpa_dirty(&vcpu->arch.dtl, memslot, map);
c35635efSPaul Mackerras		spin_unlock(&vcpu->arch.vpa_update_lock);
c35635efSPaul Mackerras	}
82ed3616SPaul Mackerras	preempt_enable();
82ed3616SPaul Mackerras	return 0;
82ed3616SPaul Mackerras}
82ed3616SPaul Mackerras
93e60249SPaul Mackerrasvoid *kvmppc_pin_guest_page(struct kvm *kvm, unsigned long gpa,
93e60249SPaul Mackerras			    unsigned long *nb_ret)
93e60249SPaul Mackerras{
93e60249SPaul Mackerras	struct kvm_memory_slot *memslot;
93e60249SPaul Mackerras	unsigned long gfn = gpa >> PAGE_SHIFT;
342d3db7SPaul Mackerras	struct page *page, *pages[1];
342d3db7SPaul Mackerras	int npages;
c35635efSPaul Mackerras	unsigned long hva, offset;
da9d1d7fSPaul Mackerras	unsigned long pa;
93e60249SPaul Mackerras	unsigned long *physp;
2c9097e4SPaul Mackerras	int srcu_idx;
93e60249SPaul Mackerras
2c9097e4SPaul Mackerras	srcu_idx = srcu_read_lock(&kvm->srcu);
93e60249SPaul Mackerras	memslot = gfn_to_memslot(kvm, gfn);
93e60249SPaul Mackerras	if (!memslot || (memslot->flags & KVM_MEMSLOT_INVALID))
2c9097e4SPaul Mackerras		goto err;
342d3db7SPaul Mackerras	if (!kvm->arch.using_mmu_notifiers) {
a66b48c3SPaul Mackerras		physp = memslot->arch.slot_phys;
93e60249SPaul Mackerras		if (!physp)
2c9097e4SPaul Mackerras			goto err;
da9d1d7fSPaul Mackerras		physp += gfn - memslot->base_gfn;
93e60249SPaul Mackerras		pa = *physp;
c77162deSPaul Mackerras		if (!pa) {
342d3db7SPaul Mackerras			if (kvmppc_get_guest_page(kvm, gfn, memslot,
342d3db7SPaul Mackerras						  PAGE_SIZE) < 0)
2c9097e4SPaul Mackerras				goto err;
c77162deSPaul Mackerras			pa = *physp;
c77162deSPaul Mackerras		}
da9d1d7fSPaul Mackerras		page = pfn_to_page(pa >> PAGE_SHIFT);
de6c0b02SDavid Gibson		get_page(page);
342d3db7SPaul Mackerras	} else {
342d3db7SPaul Mackerras		hva = gfn_to_hva_memslot(memslot, gfn);
342d3db7SPaul Mackerras		npages = get_user_pages_fast(hva, 1, 1, pages);
342d3db7SPaul Mackerras		if (npages < 1)
2c9097e4SPaul Mackerras			goto err;
342d3db7SPaul Mackerras		page = pages[0];
342d3db7SPaul Mackerras	}
2c9097e4SPaul Mackerras	srcu_read_unlock(&kvm->srcu, srcu_idx);
2c9097e4SPaul Mackerras
c35635efSPaul Mackerras	offset = gpa & (PAGE_SIZE - 1);
93e60249SPaul Mackerras	if (nb_ret)
c35635efSPaul Mackerras		*nb_ret = PAGE_SIZE - offset;
93e60249SPaul Mackerras	return page_address(page) + offset;
2c9097e4SPaul Mackerras
2c9097e4SPaul Mackerras err:
2c9097e4SPaul Mackerras	srcu_read_unlock(&kvm->srcu, srcu_idx);
2c9097e4SPaul Mackerras	return NULL;
93e60249SPaul Mackerras}
93e60249SPaul Mackerras
c35635efSPaul Mackerrasvoid kvmppc_unpin_guest_page(struct kvm *kvm, void *va, unsigned long gpa,
c35635efSPaul Mackerras			     bool dirty)
93e60249SPaul Mackerras{
93e60249SPaul Mackerras	struct page *page = virt_to_page(va);
c35635efSPaul Mackerras	struct kvm_memory_slot *memslot;
c35635efSPaul Mackerras	unsigned long gfn;
c35635efSPaul Mackerras	unsigned long *rmap;
c35635efSPaul Mackerras	int srcu_idx;
93e60249SPaul Mackerras
93e60249SPaul Mackerras	put_page(page);
c35635efSPaul Mackerras
c35635efSPaul Mackerras	if (!dirty || !kvm->arch.using_mmu_notifiers)
c35635efSPaul Mackerras		return;
c35635efSPaul Mackerras
c35635efSPaul Mackerras	/* We need to mark this page dirty in the rmap chain */
c35635efSPaul Mackerras	gfn = gpa >> PAGE_SHIFT;
c35635efSPaul Mackerras	srcu_idx = srcu_read_lock(&kvm->srcu);
c35635efSPaul Mackerras	memslot = gfn_to_memslot(kvm, gfn);
c35635efSPaul Mackerras	if (memslot) {
c35635efSPaul Mackerras		rmap = &memslot->arch.rmap[gfn - memslot->base_gfn];
c35635efSPaul Mackerras		lock_rmap(rmap);
c35635efSPaul Mackerras		*rmap |= KVMPPC_RMAP_CHANGED;
c35635efSPaul Mackerras		unlock_rmap(rmap);
c35635efSPaul Mackerras	}
c35635efSPaul Mackerras	srcu_read_unlock(&kvm->srcu, srcu_idx);
93e60249SPaul Mackerras}
93e60249SPaul Mackerras
a2932923SPaul Mackerras/*
a2932923SPaul Mackerras * Functions for reading and writing the hash table via reads and
a2932923SPaul Mackerras * writes on a file descriptor.
a2932923SPaul Mackerras *
a2932923SPaul Mackerras * Reads return the guest view of the hash table, which has to be
a2932923SPaul Mackerras * pieced together from the real hash table and the guest_rpte
a2932923SPaul Mackerras * values in the revmap array.
a2932923SPaul Mackerras *
a2932923SPaul Mackerras * On writes, each HPTE written is considered in turn, and if it
a2932923SPaul Mackerras * is valid, it is written to the HPT as if an H_ENTER with the
a2932923SPaul Mackerras * exact flag set was done.  When the invalid count is non-zero
a2932923SPaul Mackerras * in the header written to the stream, the kernel will make
a2932923SPaul Mackerras * sure that that many HPTEs are invalid, and invalidate them
a2932923SPaul Mackerras * if not.
a2932923SPaul Mackerras */
a2932923SPaul Mackerras
a2932923SPaul Mackerrasstruct kvm_htab_ctx {
a2932923SPaul Mackerras	unsigned long	index;
a2932923SPaul Mackerras	unsigned long	flags;
a2932923SPaul Mackerras	struct kvm	*kvm;
a2932923SPaul Mackerras	int		first_pass;
a2932923SPaul Mackerras};
a2932923SPaul Mackerras
a2932923SPaul Mackerras#define HPTE_SIZE	(2 * sizeof(unsigned long))
a2932923SPaul Mackerras
a1b4a0f6SPaul Mackerras/*
a1b4a0f6SPaul Mackerras * Returns 1 if this HPT entry has been modified or has pending
a1b4a0f6SPaul Mackerras * R/C bit changes.
a1b4a0f6SPaul Mackerras */
a1b4a0f6SPaul Mackerrasstatic int hpte_dirty(struct revmap_entry *revp, unsigned long *hptp)
a1b4a0f6SPaul Mackerras{
a1b4a0f6SPaul Mackerras	unsigned long rcbits_unset;
a1b4a0f6SPaul Mackerras
a1b4a0f6SPaul Mackerras	if (revp->guest_rpte & HPTE_GR_MODIFIED)
a1b4a0f6SPaul Mackerras		return 1;
a1b4a0f6SPaul Mackerras
a1b4a0f6SPaul Mackerras	/* Also need to consider changes in reference and changed bits */
a1b4a0f6SPaul Mackerras	rcbits_unset = ~revp->guest_rpte & (HPTE_R_R | HPTE_R_C);
a1b4a0f6SPaul Mackerras	if ((hptp[0] & HPTE_V_VALID) && (hptp[1] & rcbits_unset))
a1b4a0f6SPaul Mackerras		return 1;
a1b4a0f6SPaul Mackerras
a1b4a0f6SPaul Mackerras	return 0;
a1b4a0f6SPaul Mackerras}
a1b4a0f6SPaul Mackerras
a2932923SPaul Mackerrasstatic long record_hpte(unsigned long flags, unsigned long *hptp,
a2932923SPaul Mackerras			unsigned long *hpte, struct revmap_entry *revp,
a2932923SPaul Mackerras			int want_valid, int first_pass)
a2932923SPaul Mackerras{
a2932923SPaul Mackerras	unsigned long v, r;
a1b4a0f6SPaul Mackerras	unsigned long rcbits_unset;
a2932923SPaul Mackerras	int ok = 1;
a2932923SPaul Mackerras	int valid, dirty;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	/* Unmodified entries are uninteresting except on the first pass */
a1b4a0f6SPaul Mackerras	dirty = hpte_dirty(revp, hptp);
a2932923SPaul Mackerras	if (!first_pass && !dirty)
a2932923SPaul Mackerras		return 0;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	valid = 0;
a2932923SPaul Mackerras	if (hptp[0] & (HPTE_V_VALID | HPTE_V_ABSENT)) {
a2932923SPaul Mackerras		valid = 1;
a2932923SPaul Mackerras		if ((flags & KVM_GET_HTAB_BOLTED_ONLY) &&
a2932923SPaul Mackerras		    !(hptp[0] & HPTE_V_BOLTED))
a2932923SPaul Mackerras			valid = 0;
a2932923SPaul Mackerras	}
a2932923SPaul Mackerras	if (valid != want_valid)
a2932923SPaul Mackerras		return 0;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	v = r = 0;
a2932923SPaul Mackerras	if (valid || dirty) {
a2932923SPaul Mackerras		/* lock the HPTE so it's stable and read it */
a2932923SPaul Mackerras		preempt_disable();
a2932923SPaul Mackerras		while (!try_lock_hpte(hptp, HPTE_V_HVLOCK))
a2932923SPaul Mackerras			cpu_relax();
a2932923SPaul Mackerras		v = hptp[0];
a1b4a0f6SPaul Mackerras
a1b4a0f6SPaul Mackerras		/* re-evaluate valid and dirty from synchronized HPTE value */
a1b4a0f6SPaul Mackerras		valid = !!(v & HPTE_V_VALID);
a1b4a0f6SPaul Mackerras		dirty = !!(revp->guest_rpte & HPTE_GR_MODIFIED);
a1b4a0f6SPaul Mackerras
a1b4a0f6SPaul Mackerras		/* Harvest R and C into guest view if necessary */
a1b4a0f6SPaul Mackerras		rcbits_unset = ~revp->guest_rpte & (HPTE_R_R | HPTE_R_C);
a1b4a0f6SPaul Mackerras		if (valid && (rcbits_unset & hptp[1])) {
a1b4a0f6SPaul Mackerras			revp->guest_rpte |= (hptp[1] & (HPTE_R_R | HPTE_R_C)) |
a1b4a0f6SPaul Mackerras				HPTE_GR_MODIFIED;
a1b4a0f6SPaul Mackerras			dirty = 1;
a1b4a0f6SPaul Mackerras		}
a1b4a0f6SPaul Mackerras
a2932923SPaul Mackerras		if (v & HPTE_V_ABSENT) {
a2932923SPaul Mackerras			v &= ~HPTE_V_ABSENT;
a2932923SPaul Mackerras			v |= HPTE_V_VALID;
a1b4a0f6SPaul Mackerras			valid = 1;
a2932923SPaul Mackerras		}
a2932923SPaul Mackerras		if ((flags & KVM_GET_HTAB_BOLTED_ONLY) && !(v & HPTE_V_BOLTED))
a2932923SPaul Mackerras			valid = 0;
a1b4a0f6SPaul Mackerras
a1b4a0f6SPaul Mackerras		r = revp->guest_rpte;
a2932923SPaul Mackerras		/* only clear modified if this is the right sort of entry */
a2932923SPaul Mackerras		if (valid == want_valid && dirty) {
a2932923SPaul Mackerras			r &= ~HPTE_GR_MODIFIED;
a2932923SPaul Mackerras			revp->guest_rpte = r;
a2932923SPaul Mackerras		}
a2932923SPaul Mackerras		asm volatile(PPC_RELEASE_BARRIER "" : : : "memory");
a2932923SPaul Mackerras		hptp[0] &= ~HPTE_V_HVLOCK;
a2932923SPaul Mackerras		preempt_enable();
a2932923SPaul Mackerras		if (!(valid == want_valid && (first_pass || dirty)))
a2932923SPaul Mackerras			ok = 0;
a2932923SPaul Mackerras	}
a2932923SPaul Mackerras	hpte[0] = v;
a2932923SPaul Mackerras	hpte[1] = r;
a2932923SPaul Mackerras	return ok;
a2932923SPaul Mackerras}
a2932923SPaul Mackerras
a2932923SPaul Mackerrasstatic ssize_t kvm_htab_read(struct file *file, char __user *buf,
a2932923SPaul Mackerras			     size_t count, loff_t *ppos)
a2932923SPaul Mackerras{
a2932923SPaul Mackerras	struct kvm_htab_ctx *ctx = file->private_data;
a2932923SPaul Mackerras	struct kvm *kvm = ctx->kvm;
a2932923SPaul Mackerras	struct kvm_get_htab_header hdr;
a2932923SPaul Mackerras	unsigned long *hptp;
a2932923SPaul Mackerras	struct revmap_entry *revp;
a2932923SPaul Mackerras	unsigned long i, nb, nw;
a2932923SPaul Mackerras	unsigned long __user *lbuf;
a2932923SPaul Mackerras	struct kvm_get_htab_header __user *hptr;
a2932923SPaul Mackerras	unsigned long flags;
a2932923SPaul Mackerras	int first_pass;
a2932923SPaul Mackerras	unsigned long hpte[2];
a2932923SPaul Mackerras
a2932923SPaul Mackerras	if (!access_ok(VERIFY_WRITE, buf, count))
a2932923SPaul Mackerras		return -EFAULT;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	first_pass = ctx->first_pass;
a2932923SPaul Mackerras	flags = ctx->flags;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	i = ctx->index;
a2932923SPaul Mackerras	hptp = (unsigned long *)(kvm->arch.hpt_virt + (i * HPTE_SIZE));
a2932923SPaul Mackerras	revp = kvm->arch.revmap + i;
a2932923SPaul Mackerras	lbuf = (unsigned long __user *)buf;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	nb = 0;
a2932923SPaul Mackerras	while (nb + sizeof(hdr) + HPTE_SIZE < count) {
a2932923SPaul Mackerras		/* Initialize header */
a2932923SPaul Mackerras		hptr = (struct kvm_get_htab_header __user *)buf;
a2932923SPaul Mackerras		hdr.n_valid = 0;
a2932923SPaul Mackerras		hdr.n_invalid = 0;
a2932923SPaul Mackerras		nw = nb;
a2932923SPaul Mackerras		nb += sizeof(hdr);
a2932923SPaul Mackerras		lbuf = (unsigned long __user *)(buf + sizeof(hdr));
a2932923SPaul Mackerras
a2932923SPaul Mackerras		/* Skip uninteresting entries, i.e. clean on not-first pass */
a2932923SPaul Mackerras		if (!first_pass) {
a2932923SPaul Mackerras			while (i < kvm->arch.hpt_npte &&
a1b4a0f6SPaul Mackerras			       !hpte_dirty(revp, hptp)) {
a2932923SPaul Mackerras				++i;
a2932923SPaul Mackerras				hptp += 2;
a2932923SPaul Mackerras				++revp;
a2932923SPaul Mackerras			}
a2932923SPaul Mackerras		}
05dd85f7SPaul Mackerras		hdr.index = i;
a2932923SPaul Mackerras
a2932923SPaul Mackerras		/* Grab a series of valid entries */
a2932923SPaul Mackerras		while (i < kvm->arch.hpt_npte &&
a2932923SPaul Mackerras		       hdr.n_valid < 0xffff &&
a2932923SPaul Mackerras		       nb + HPTE_SIZE < count &&
a2932923SPaul Mackerras		       record_hpte(flags, hptp, hpte, revp, 1, first_pass)) {
a2932923SPaul Mackerras			/* valid entry, write it out */
a2932923SPaul Mackerras			++hdr.n_valid;
a2932923SPaul Mackerras			if (__put_user(hpte[0], lbuf) ||
a2932923SPaul Mackerras			    __put_user(hpte[1], lbuf + 1))
a2932923SPaul Mackerras				return -EFAULT;
a2932923SPaul Mackerras			nb += HPTE_SIZE;
a2932923SPaul Mackerras			lbuf += 2;
a2932923SPaul Mackerras			++i;
a2932923SPaul Mackerras			hptp += 2;
a2932923SPaul Mackerras			++revp;
a2932923SPaul Mackerras		}
a2932923SPaul Mackerras		/* Now skip invalid entries while we can */
a2932923SPaul Mackerras		while (i < kvm->arch.hpt_npte &&
a2932923SPaul Mackerras		       hdr.n_invalid < 0xffff &&
a2932923SPaul Mackerras		       record_hpte(flags, hptp, hpte, revp, 0, first_pass)) {
a2932923SPaul Mackerras			/* found an invalid entry */
a2932923SPaul Mackerras			++hdr.n_invalid;
a2932923SPaul Mackerras			++i;
a2932923SPaul Mackerras			hptp += 2;
a2932923SPaul Mackerras			++revp;
a2932923SPaul Mackerras		}
a2932923SPaul Mackerras
a2932923SPaul Mackerras		if (hdr.n_valid || hdr.n_invalid) {
a2932923SPaul Mackerras			/* write back the header */
a2932923SPaul Mackerras			if (__copy_to_user(hptr, &hdr, sizeof(hdr)))
a2932923SPaul Mackerras				return -EFAULT;
a2932923SPaul Mackerras			nw = nb;
a2932923SPaul Mackerras			buf = (char __user *)lbuf;
a2932923SPaul Mackerras		} else {
a2932923SPaul Mackerras			nb = nw;
a2932923SPaul Mackerras		}
a2932923SPaul Mackerras
a2932923SPaul Mackerras		/* Check if we've wrapped around the hash table */
a2932923SPaul Mackerras		if (i >= kvm->arch.hpt_npte) {
a2932923SPaul Mackerras			i = 0;
a2932923SPaul Mackerras			ctx->first_pass = 0;
a2932923SPaul Mackerras			break;
a2932923SPaul Mackerras		}
a2932923SPaul Mackerras	}
a2932923SPaul Mackerras
a2932923SPaul Mackerras	ctx->index = i;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	return nb;
a2932923SPaul Mackerras}
a2932923SPaul Mackerras
a2932923SPaul Mackerrasstatic ssize_t kvm_htab_write(struct file *file, const char __user *buf,
a2932923SPaul Mackerras			      size_t count, loff_t *ppos)
a2932923SPaul Mackerras{
a2932923SPaul Mackerras	struct kvm_htab_ctx *ctx = file->private_data;
a2932923SPaul Mackerras	struct kvm *kvm = ctx->kvm;
a2932923SPaul Mackerras	struct kvm_get_htab_header hdr;
a2932923SPaul Mackerras	unsigned long i, j;
a2932923SPaul Mackerras	unsigned long v, r;
a2932923SPaul Mackerras	unsigned long __user *lbuf;
a2932923SPaul Mackerras	unsigned long *hptp;
a2932923SPaul Mackerras	unsigned long tmp[2];
a2932923SPaul Mackerras	ssize_t nb;
a2932923SPaul Mackerras	long int err, ret;
a2932923SPaul Mackerras	int rma_setup;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	if (!access_ok(VERIFY_READ, buf, count))
a2932923SPaul Mackerras		return -EFAULT;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	/* lock out vcpus from running while we're doing this */
a2932923SPaul Mackerras	mutex_lock(&kvm->lock);
a2932923SPaul Mackerras	rma_setup = kvm->arch.rma_setup_done;
a2932923SPaul Mackerras	if (rma_setup) {
a2932923SPaul Mackerras		kvm->arch.rma_setup_done = 0;	/* temporarily */
a2932923SPaul Mackerras		/* order rma_setup_done vs. vcpus_running */
a2932923SPaul Mackerras		smp_mb();
a2932923SPaul Mackerras		if (atomic_read(&kvm->arch.vcpus_running)) {
a2932923SPaul Mackerras			kvm->arch.rma_setup_done = 1;
a2932923SPaul Mackerras			mutex_unlock(&kvm->lock);
a2932923SPaul Mackerras			return -EBUSY;
a2932923SPaul Mackerras		}
a2932923SPaul Mackerras	}
a2932923SPaul Mackerras
a2932923SPaul Mackerras	err = 0;
a2932923SPaul Mackerras	for (nb = 0; nb + sizeof(hdr) <= count; ) {
a2932923SPaul Mackerras		err = -EFAULT;
a2932923SPaul Mackerras		if (__copy_from_user(&hdr, buf, sizeof(hdr)))
a2932923SPaul Mackerras			break;
a2932923SPaul Mackerras
a2932923SPaul Mackerras		err = 0;
a2932923SPaul Mackerras		if (nb + hdr.n_valid * HPTE_SIZE > count)
a2932923SPaul Mackerras			break;
a2932923SPaul Mackerras
a2932923SPaul Mackerras		nb += sizeof(hdr);
a2932923SPaul Mackerras		buf += sizeof(hdr);
a2932923SPaul Mackerras
a2932923SPaul Mackerras		err = -EINVAL;
a2932923SPaul Mackerras		i = hdr.index;
a2932923SPaul Mackerras		if (i >= kvm->arch.hpt_npte ||
a2932923SPaul Mackerras		    i + hdr.n_valid + hdr.n_invalid > kvm->arch.hpt_npte)
a2932923SPaul Mackerras			break;
a2932923SPaul Mackerras
a2932923SPaul Mackerras		hptp = (unsigned long *)(kvm->arch.hpt_virt + (i * HPTE_SIZE));
a2932923SPaul Mackerras		lbuf = (unsigned long __user *)buf;
a2932923SPaul Mackerras		for (j = 0; j < hdr.n_valid; ++j) {
a2932923SPaul Mackerras			err = -EFAULT;
a2932923SPaul Mackerras			if (__get_user(v, lbuf) || __get_user(r, lbuf + 1))
a2932923SPaul Mackerras				goto out;
a2932923SPaul Mackerras			err = -EINVAL;
a2932923SPaul Mackerras			if (!(v & HPTE_V_VALID))
a2932923SPaul Mackerras				goto out;
a2932923SPaul Mackerras			lbuf += 2;
a2932923SPaul Mackerras			nb += HPTE_SIZE;
a2932923SPaul Mackerras
a2932923SPaul Mackerras			if (hptp[0] & (HPTE_V_VALID | HPTE_V_ABSENT))
a2932923SPaul Mackerras				kvmppc_do_h_remove(kvm, 0, i, 0, tmp);
a2932923SPaul Mackerras			err = -EIO;
a2932923SPaul Mackerras			ret = kvmppc_virtmode_do_h_enter(kvm, H_EXACT, i, v, r,
a2932923SPaul Mackerras							 tmp);
a2932923SPaul Mackerras			if (ret != H_SUCCESS) {
a2932923SPaul Mackerras				pr_err("kvm_htab_write ret %ld i=%ld v=%lx "
a2932923SPaul Mackerras				       "r=%lx\n", ret, i, v, r);
a2932923SPaul Mackerras				goto out;
a2932923SPaul Mackerras			}
a2932923SPaul Mackerras			if (!rma_setup && is_vrma_hpte(v)) {
a2932923SPaul Mackerras				unsigned long psize = hpte_page_size(v, r);
a2932923SPaul Mackerras				unsigned long senc = slb_pgsize_encoding(psize);
a2932923SPaul Mackerras				unsigned long lpcr;
a2932923SPaul Mackerras
a2932923SPaul Mackerras				kvm->arch.vrma_slb_v = senc | SLB_VSID_B_1T |
a2932923SPaul Mackerras					(VRMA_VSID << SLB_VSID_SHIFT_1T);
a0144e2aSPaul Mackerras				lpcr = senc << (LPCR_VRMASD_SH - 4);
a0144e2aSPaul Mackerras				kvmppc_update_lpcr(kvm, lpcr, LPCR_VRMASD);
a2932923SPaul Mackerras				rma_setup = 1;
a2932923SPaul Mackerras			}
a2932923SPaul Mackerras			++i;
a2932923SPaul Mackerras			hptp += 2;
a2932923SPaul Mackerras		}
a2932923SPaul Mackerras
a2932923SPaul Mackerras		for (j = 0; j < hdr.n_invalid; ++j) {
a2932923SPaul Mackerras			if (hptp[0] & (HPTE_V_VALID | HPTE_V_ABSENT))
a2932923SPaul Mackerras				kvmppc_do_h_remove(kvm, 0, i, 0, tmp);
a2932923SPaul Mackerras			++i;
a2932923SPaul Mackerras			hptp += 2;
a2932923SPaul Mackerras		}
a2932923SPaul Mackerras		err = 0;
a2932923SPaul Mackerras	}
a2932923SPaul Mackerras
a2932923SPaul Mackerras out:
a2932923SPaul Mackerras	/* Order HPTE updates vs. rma_setup_done */
a2932923SPaul Mackerras	smp_wmb();
a2932923SPaul Mackerras	kvm->arch.rma_setup_done = rma_setup;
a2932923SPaul Mackerras	mutex_unlock(&kvm->lock);
a2932923SPaul Mackerras
a2932923SPaul Mackerras	if (err)
a2932923SPaul Mackerras		return err;
a2932923SPaul Mackerras	return nb;
a2932923SPaul Mackerras}
a2932923SPaul Mackerras
a2932923SPaul Mackerrasstatic int kvm_htab_release(struct inode *inode, struct file *filp)
a2932923SPaul Mackerras{
a2932923SPaul Mackerras	struct kvm_htab_ctx *ctx = filp->private_data;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	filp->private_data = NULL;
a2932923SPaul Mackerras	if (!(ctx->flags & KVM_GET_HTAB_WRITE))
a2932923SPaul Mackerras		atomic_dec(&ctx->kvm->arch.hpte_mod_interest);
a2932923SPaul Mackerras	kvm_put_kvm(ctx->kvm);
a2932923SPaul Mackerras	kfree(ctx);
a2932923SPaul Mackerras	return 0;
a2932923SPaul Mackerras}
a2932923SPaul Mackerras
75ef9de1SAl Virostatic const struct file_operations kvm_htab_fops = {
a2932923SPaul Mackerras	.read		= kvm_htab_read,
a2932923SPaul Mackerras	.write		= kvm_htab_write,
a2932923SPaul Mackerras	.llseek		= default_llseek,
a2932923SPaul Mackerras	.release	= kvm_htab_release,
a2932923SPaul Mackerras};
a2932923SPaul Mackerras
a2932923SPaul Mackerrasint kvm_vm_ioctl_get_htab_fd(struct kvm *kvm, struct kvm_get_htab_fd *ghf)
a2932923SPaul Mackerras{
a2932923SPaul Mackerras	int ret;
a2932923SPaul Mackerras	struct kvm_htab_ctx *ctx;
a2932923SPaul Mackerras	int rwflag;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	/* reject flags we don't recognize */
a2932923SPaul Mackerras	if (ghf->flags & ~(KVM_GET_HTAB_BOLTED_ONLY | KVM_GET_HTAB_WRITE))
a2932923SPaul Mackerras		return -EINVAL;
a2932923SPaul Mackerras	ctx = kzalloc(sizeof(*ctx), GFP_KERNEL);
a2932923SPaul Mackerras	if (!ctx)
a2932923SPaul Mackerras		return -ENOMEM;
a2932923SPaul Mackerras	kvm_get_kvm(kvm);
a2932923SPaul Mackerras	ctx->kvm = kvm;
a2932923SPaul Mackerras	ctx->index = ghf->start_index;
a2932923SPaul Mackerras	ctx->flags = ghf->flags;
a2932923SPaul Mackerras	ctx->first_pass = 1;
a2932923SPaul Mackerras
a2932923SPaul Mackerras	rwflag = (ghf->flags & KVM_GET_HTAB_WRITE) ? O_WRONLY : O_RDONLY;
2f84d5eaSYann Droneaud	ret = anon_inode_getfd("kvm-htab", &kvm_htab_fops, ctx, rwflag | O_CLOEXEC);
a2932923SPaul Mackerras	if (ret < 0) {
a2932923SPaul Mackerras		kvm_put_kvm(kvm);
a2932923SPaul Mackerras		return ret;
a2932923SPaul Mackerras	}
a2932923SPaul Mackerras
a2932923SPaul Mackerras	if (rwflag == O_RDONLY) {
a2932923SPaul Mackerras		mutex_lock(&kvm->slots_lock);
a2932923SPaul Mackerras		atomic_inc(&kvm->arch.hpte_mod_interest);
a2932923SPaul Mackerras		/* make sure kvmppc_do_h_enter etc. see the increment */
a2932923SPaul Mackerras		synchronize_srcu_expedited(&kvm->srcu);
a2932923SPaul Mackerras		mutex_unlock(&kvm->slots_lock);
a2932923SPaul Mackerras	}
a2932923SPaul Mackerras
a2932923SPaul Mackerras	return ret;
a2932923SPaul Mackerras}
a2932923SPaul Mackerras
de56a948SPaul Mackerrasvoid kvmppc_mmu_book3s_hv_init(struct kvm_vcpu *vcpu)
de56a948SPaul Mackerras{
de56a948SPaul Mackerras	struct kvmppc_mmu *mmu = &vcpu->arch.mmu;
de56a948SPaul Mackerras
9e368f29SPaul Mackerras	if (cpu_has_feature(CPU_FTR_ARCH_206))
9e368f29SPaul Mackerras		vcpu->arch.slb_nr = 32;		/* POWER7 */
9e368f29SPaul Mackerras	else
9e368f29SPaul Mackerras		vcpu->arch.slb_nr = 64;
de56a948SPaul Mackerras
de56a948SPaul Mackerras	mmu->xlate = kvmppc_mmu_book3s_64_hv_xlate;
de56a948SPaul Mackerras	mmu->reset_msr = kvmppc_mmu_book3s_64_hv_reset_msr;
de56a948SPaul Mackerras
de56a948SPaul Mackerras	vcpu->arch.hflags |= BOOK3S_HFLAG_SLB;
de56a948SPaul Mackerras}