1 /****************************************************************************** 2 * 3 * Back-end of the driver for virtual block devices. This portion of the 4 * driver exports a 'unified' block-device interface that can be accessed 5 * by any operating system that implements a compatible front end. A 6 * reference front-end implementation can be found in: 7 * drivers/block/xen-blkfront.c 8 * 9 * Copyright (c) 2003-2004, Keir Fraser & Steve Hand 10 * Copyright (c) 2005, Christopher Clark 11 * 12 * This program is free software; you can redistribute it and/or 13 * modify it under the terms of the GNU General Public License version 2 14 * as published by the Free Software Foundation; or, when distributed 15 * separately from the Linux kernel or incorporated into other 16 * software packages, subject to the following license: 17 * 18 * Permission is hereby granted, free of charge, to any person obtaining a copy 19 * of this source file (the "Software"), to deal in the Software without 20 * restriction, including without limitation the rights to use, copy, modify, 21 * merge, publish, distribute, sublicense, and/or sell copies of the Software, 22 * and to permit persons to whom the Software is furnished to do so, subject to 23 * the following conditions: 24 * 25 * The above copyright notice and this permission notice shall be included in 26 * all copies or substantial portions of the Software. 27 * 28 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 29 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 30 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 31 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 32 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 33 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 34 * IN THE SOFTWARE. 35 */ 36 37 #define pr_fmt(fmt) "xen-blkback: " fmt 38 39 #include <linux/spinlock.h> 40 #include <linux/kthread.h> 41 #include <linux/list.h> 42 #include <linux/delay.h> 43 #include <linux/freezer.h> 44 #include <linux/bitmap.h> 45 46 #include <xen/events.h> 47 #include <xen/page.h> 48 #include <xen/xen.h> 49 #include <asm/xen/hypervisor.h> 50 #include <asm/xen/hypercall.h> 51 #include <xen/balloon.h> 52 #include <xen/grant_table.h> 53 #include "common.h" 54 55 /* 56 * Maximum number of unused free pages to keep in the internal buffer. 57 * Setting this to a value too low will reduce memory used in each backend, 58 * but can have a performance penalty. 59 * 60 * A sane value is xen_blkif_reqs * BLKIF_MAX_SEGMENTS_PER_REQUEST, but can 61 * be set to a lower value that might degrade performance on some intensive 62 * IO workloads. 63 */ 64 65 static int xen_blkif_max_buffer_pages = 1024; 66 module_param_named(max_buffer_pages, xen_blkif_max_buffer_pages, int, 0644); 67 MODULE_PARM_DESC(max_buffer_pages, 68 "Maximum number of free pages to keep in each block backend buffer"); 69 70 /* 71 * Maximum number of grants to map persistently in blkback. For maximum 72 * performance this should be the total numbers of grants that can be used 73 * to fill the ring, but since this might become too high, specially with 74 * the use of indirect descriptors, we set it to a value that provides good 75 * performance without using too much memory. 76 * 77 * When the list of persistent grants is full we clean it up using a LRU 78 * algorithm. 79 */ 80 81 static int xen_blkif_max_pgrants = 1056; 82 module_param_named(max_persistent_grants, xen_blkif_max_pgrants, int, 0644); 83 MODULE_PARM_DESC(max_persistent_grants, 84 "Maximum number of grants to map persistently"); 85 86 /* 87 * Maximum number of rings/queues blkback supports, allow as many queues as there 88 * are CPUs if user has not specified a value. 89 */ 90 unsigned int xenblk_max_queues; 91 module_param_named(max_queues, xenblk_max_queues, uint, 0644); 92 MODULE_PARM_DESC(max_queues, 93 "Maximum number of hardware queues per virtual disk." \ 94 "By default it is the number of online CPUs."); 95 96 /* 97 * Maximum order of pages to be used for the shared ring between front and 98 * backend, 4KB page granularity is used. 99 */ 100 unsigned int xen_blkif_max_ring_order = XENBUS_MAX_RING_GRANT_ORDER; 101 module_param_named(max_ring_page_order, xen_blkif_max_ring_order, int, 0444); 102 MODULE_PARM_DESC(max_ring_page_order, "Maximum order of pages to be used for the shared ring"); 103 /* 104 * The LRU mechanism to clean the lists of persistent grants needs to 105 * be executed periodically. The time interval between consecutive executions 106 * of the purge mechanism is set in ms. 107 */ 108 #define LRU_INTERVAL 100 109 110 /* 111 * When the persistent grants list is full we will remove unused grants 112 * from the list. The percent number of grants to be removed at each LRU 113 * execution. 114 */ 115 #define LRU_PERCENT_CLEAN 5 116 117 /* Run-time switchable: /sys/module/blkback/parameters/ */ 118 static unsigned int log_stats; 119 module_param(log_stats, int, 0644); 120 121 #define BLKBACK_INVALID_HANDLE (~0) 122 123 /* Number of free pages to remove on each call to gnttab_free_pages */ 124 #define NUM_BATCH_FREE_PAGES 10 125 126 static inline int get_free_page(struct xen_blkif_ring *ring, struct page **page) 127 { 128 unsigned long flags; 129 130 spin_lock_irqsave(&ring->free_pages_lock, flags); 131 if (list_empty(&ring->free_pages)) { 132 BUG_ON(ring->free_pages_num != 0); 133 spin_unlock_irqrestore(&ring->free_pages_lock, flags); 134 return gnttab_alloc_pages(1, page); 135 } 136 BUG_ON(ring->free_pages_num == 0); 137 page[0] = list_first_entry(&ring->free_pages, struct page, lru); 138 list_del(&page[0]->lru); 139 ring->free_pages_num--; 140 spin_unlock_irqrestore(&ring->free_pages_lock, flags); 141 142 return 0; 143 } 144 145 static inline void put_free_pages(struct xen_blkif_ring *ring, struct page **page, 146 int num) 147 { 148 unsigned long flags; 149 int i; 150 151 spin_lock_irqsave(&ring->free_pages_lock, flags); 152 for (i = 0; i < num; i++) 153 list_add(&page[i]->lru, &ring->free_pages); 154 ring->free_pages_num += num; 155 spin_unlock_irqrestore(&ring->free_pages_lock, flags); 156 } 157 158 static inline void shrink_free_pagepool(struct xen_blkif_ring *ring, int num) 159 { 160 /* Remove requested pages in batches of NUM_BATCH_FREE_PAGES */ 161 struct page *page[NUM_BATCH_FREE_PAGES]; 162 unsigned int num_pages = 0; 163 unsigned long flags; 164 165 spin_lock_irqsave(&ring->free_pages_lock, flags); 166 while (ring->free_pages_num > num) { 167 BUG_ON(list_empty(&ring->free_pages)); 168 page[num_pages] = list_first_entry(&ring->free_pages, 169 struct page, lru); 170 list_del(&page[num_pages]->lru); 171 ring->free_pages_num--; 172 if (++num_pages == NUM_BATCH_FREE_PAGES) { 173 spin_unlock_irqrestore(&ring->free_pages_lock, flags); 174 gnttab_free_pages(num_pages, page); 175 spin_lock_irqsave(&ring->free_pages_lock, flags); 176 num_pages = 0; 177 } 178 } 179 spin_unlock_irqrestore(&ring->free_pages_lock, flags); 180 if (num_pages != 0) 181 gnttab_free_pages(num_pages, page); 182 } 183 184 #define vaddr(page) ((unsigned long)pfn_to_kaddr(page_to_pfn(page))) 185 186 static int do_block_io_op(struct xen_blkif_ring *ring); 187 static int dispatch_rw_block_io(struct xen_blkif_ring *ring, 188 struct blkif_request *req, 189 struct pending_req *pending_req); 190 static void make_response(struct xen_blkif_ring *ring, u64 id, 191 unsigned short op, int st); 192 193 #define foreach_grant_safe(pos, n, rbtree, node) \ 194 for ((pos) = container_of(rb_first((rbtree)), typeof(*(pos)), node), \ 195 (n) = (&(pos)->node != NULL) ? rb_next(&(pos)->node) : NULL; \ 196 &(pos)->node != NULL; \ 197 (pos) = container_of(n, typeof(*(pos)), node), \ 198 (n) = (&(pos)->node != NULL) ? rb_next(&(pos)->node) : NULL) 199 200 201 /* 202 * We don't need locking around the persistent grant helpers 203 * because blkback uses a single-thread for each backend, so we 204 * can be sure that this functions will never be called recursively. 205 * 206 * The only exception to that is put_persistent_grant, that can be called 207 * from interrupt context (by xen_blkbk_unmap), so we have to use atomic 208 * bit operations to modify the flags of a persistent grant and to count 209 * the number of used grants. 210 */ 211 static int add_persistent_gnt(struct xen_blkif_ring *ring, 212 struct persistent_gnt *persistent_gnt) 213 { 214 struct rb_node **new = NULL, *parent = NULL; 215 struct persistent_gnt *this; 216 struct xen_blkif *blkif = ring->blkif; 217 218 if (ring->persistent_gnt_c >= xen_blkif_max_pgrants) { 219 if (!blkif->vbd.overflow_max_grants) 220 blkif->vbd.overflow_max_grants = 1; 221 return -EBUSY; 222 } 223 /* Figure out where to put new node */ 224 new = &ring->persistent_gnts.rb_node; 225 while (*new) { 226 this = container_of(*new, struct persistent_gnt, node); 227 228 parent = *new; 229 if (persistent_gnt->gnt < this->gnt) 230 new = &((*new)->rb_left); 231 else if (persistent_gnt->gnt > this->gnt) 232 new = &((*new)->rb_right); 233 else { 234 pr_alert_ratelimited("trying to add a gref that's already in the tree\n"); 235 return -EINVAL; 236 } 237 } 238 239 bitmap_zero(persistent_gnt->flags, PERSISTENT_GNT_FLAGS_SIZE); 240 set_bit(PERSISTENT_GNT_ACTIVE, persistent_gnt->flags); 241 /* Add new node and rebalance tree. */ 242 rb_link_node(&(persistent_gnt->node), parent, new); 243 rb_insert_color(&(persistent_gnt->node), &ring->persistent_gnts); 244 ring->persistent_gnt_c++; 245 atomic_inc(&ring->persistent_gnt_in_use); 246 return 0; 247 } 248 249 static struct persistent_gnt *get_persistent_gnt(struct xen_blkif_ring *ring, 250 grant_ref_t gref) 251 { 252 struct persistent_gnt *data; 253 struct rb_node *node = NULL; 254 255 node = ring->persistent_gnts.rb_node; 256 while (node) { 257 data = container_of(node, struct persistent_gnt, node); 258 259 if (gref < data->gnt) 260 node = node->rb_left; 261 else if (gref > data->gnt) 262 node = node->rb_right; 263 else { 264 if(test_bit(PERSISTENT_GNT_ACTIVE, data->flags)) { 265 pr_alert_ratelimited("requesting a grant already in use\n"); 266 return NULL; 267 } 268 set_bit(PERSISTENT_GNT_ACTIVE, data->flags); 269 atomic_inc(&ring->persistent_gnt_in_use); 270 return data; 271 } 272 } 273 return NULL; 274 } 275 276 static void put_persistent_gnt(struct xen_blkif_ring *ring, 277 struct persistent_gnt *persistent_gnt) 278 { 279 if(!test_bit(PERSISTENT_GNT_ACTIVE, persistent_gnt->flags)) 280 pr_alert_ratelimited("freeing a grant already unused\n"); 281 set_bit(PERSISTENT_GNT_WAS_ACTIVE, persistent_gnt->flags); 282 clear_bit(PERSISTENT_GNT_ACTIVE, persistent_gnt->flags); 283 atomic_dec(&ring->persistent_gnt_in_use); 284 } 285 286 static void free_persistent_gnts(struct xen_blkif_ring *ring, struct rb_root *root, 287 unsigned int num) 288 { 289 struct gnttab_unmap_grant_ref unmap[BLKIF_MAX_SEGMENTS_PER_REQUEST]; 290 struct page *pages[BLKIF_MAX_SEGMENTS_PER_REQUEST]; 291 struct persistent_gnt *persistent_gnt; 292 struct rb_node *n; 293 int segs_to_unmap = 0; 294 struct gntab_unmap_queue_data unmap_data; 295 296 unmap_data.pages = pages; 297 unmap_data.unmap_ops = unmap; 298 unmap_data.kunmap_ops = NULL; 299 300 foreach_grant_safe(persistent_gnt, n, root, node) { 301 BUG_ON(persistent_gnt->handle == 302 BLKBACK_INVALID_HANDLE); 303 gnttab_set_unmap_op(&unmap[segs_to_unmap], 304 (unsigned long) pfn_to_kaddr(page_to_pfn( 305 persistent_gnt->page)), 306 GNTMAP_host_map, 307 persistent_gnt->handle); 308 309 pages[segs_to_unmap] = persistent_gnt->page; 310 311 if (++segs_to_unmap == BLKIF_MAX_SEGMENTS_PER_REQUEST || 312 !rb_next(&persistent_gnt->node)) { 313 314 unmap_data.count = segs_to_unmap; 315 BUG_ON(gnttab_unmap_refs_sync(&unmap_data)); 316 317 put_free_pages(ring, pages, segs_to_unmap); 318 segs_to_unmap = 0; 319 } 320 321 rb_erase(&persistent_gnt->node, root); 322 kfree(persistent_gnt); 323 num--; 324 } 325 BUG_ON(num != 0); 326 } 327 328 void xen_blkbk_unmap_purged_grants(struct work_struct *work) 329 { 330 struct gnttab_unmap_grant_ref unmap[BLKIF_MAX_SEGMENTS_PER_REQUEST]; 331 struct page *pages[BLKIF_MAX_SEGMENTS_PER_REQUEST]; 332 struct persistent_gnt *persistent_gnt; 333 int segs_to_unmap = 0; 334 struct xen_blkif_ring *ring = container_of(work, typeof(*ring), persistent_purge_work); 335 struct gntab_unmap_queue_data unmap_data; 336 337 unmap_data.pages = pages; 338 unmap_data.unmap_ops = unmap; 339 unmap_data.kunmap_ops = NULL; 340 341 while(!list_empty(&ring->persistent_purge_list)) { 342 persistent_gnt = list_first_entry(&ring->persistent_purge_list, 343 struct persistent_gnt, 344 remove_node); 345 list_del(&persistent_gnt->remove_node); 346 347 gnttab_set_unmap_op(&unmap[segs_to_unmap], 348 vaddr(persistent_gnt->page), 349 GNTMAP_host_map, 350 persistent_gnt->handle); 351 352 pages[segs_to_unmap] = persistent_gnt->page; 353 354 if (++segs_to_unmap == BLKIF_MAX_SEGMENTS_PER_REQUEST) { 355 unmap_data.count = segs_to_unmap; 356 BUG_ON(gnttab_unmap_refs_sync(&unmap_data)); 357 put_free_pages(ring, pages, segs_to_unmap); 358 segs_to_unmap = 0; 359 } 360 kfree(persistent_gnt); 361 } 362 if (segs_to_unmap > 0) { 363 unmap_data.count = segs_to_unmap; 364 BUG_ON(gnttab_unmap_refs_sync(&unmap_data)); 365 put_free_pages(ring, pages, segs_to_unmap); 366 } 367 } 368 369 static void purge_persistent_gnt(struct xen_blkif_ring *ring) 370 { 371 struct persistent_gnt *persistent_gnt; 372 struct rb_node *n; 373 unsigned int num_clean, total; 374 bool scan_used = false, clean_used = false; 375 struct rb_root *root; 376 377 if (ring->persistent_gnt_c < xen_blkif_max_pgrants || 378 (ring->persistent_gnt_c == xen_blkif_max_pgrants && 379 !ring->blkif->vbd.overflow_max_grants)) { 380 goto out; 381 } 382 383 if (work_busy(&ring->persistent_purge_work)) { 384 pr_alert_ratelimited("Scheduled work from previous purge is still busy, cannot purge list\n"); 385 goto out; 386 } 387 388 num_clean = (xen_blkif_max_pgrants / 100) * LRU_PERCENT_CLEAN; 389 num_clean = ring->persistent_gnt_c - xen_blkif_max_pgrants + num_clean; 390 num_clean = min(ring->persistent_gnt_c, num_clean); 391 if ((num_clean == 0) || 392 (num_clean > (ring->persistent_gnt_c - atomic_read(&ring->persistent_gnt_in_use)))) 393 goto out; 394 395 /* 396 * At this point, we can assure that there will be no calls 397 * to get_persistent_grant (because we are executing this code from 398 * xen_blkif_schedule), there can only be calls to put_persistent_gnt, 399 * which means that the number of currently used grants will go down, 400 * but never up, so we will always be able to remove the requested 401 * number of grants. 402 */ 403 404 total = num_clean; 405 406 pr_debug("Going to purge %u persistent grants\n", num_clean); 407 408 BUG_ON(!list_empty(&ring->persistent_purge_list)); 409 root = &ring->persistent_gnts; 410 purge_list: 411 foreach_grant_safe(persistent_gnt, n, root, node) { 412 BUG_ON(persistent_gnt->handle == 413 BLKBACK_INVALID_HANDLE); 414 415 if (clean_used) { 416 clear_bit(PERSISTENT_GNT_WAS_ACTIVE, persistent_gnt->flags); 417 continue; 418 } 419 420 if (test_bit(PERSISTENT_GNT_ACTIVE, persistent_gnt->flags)) 421 continue; 422 if (!scan_used && 423 (test_bit(PERSISTENT_GNT_WAS_ACTIVE, persistent_gnt->flags))) 424 continue; 425 426 rb_erase(&persistent_gnt->node, root); 427 list_add(&persistent_gnt->remove_node, 428 &ring->persistent_purge_list); 429 if (--num_clean == 0) 430 goto finished; 431 } 432 /* 433 * If we get here it means we also need to start cleaning 434 * grants that were used since last purge in order to cope 435 * with the requested num 436 */ 437 if (!scan_used && !clean_used) { 438 pr_debug("Still missing %u purged frames\n", num_clean); 439 scan_used = true; 440 goto purge_list; 441 } 442 finished: 443 if (!clean_used) { 444 pr_debug("Finished scanning for grants to clean, removing used flag\n"); 445 clean_used = true; 446 goto purge_list; 447 } 448 449 ring->persistent_gnt_c -= (total - num_clean); 450 ring->blkif->vbd.overflow_max_grants = 0; 451 452 /* We can defer this work */ 453 schedule_work(&ring->persistent_purge_work); 454 pr_debug("Purged %u/%u\n", (total - num_clean), total); 455 456 out: 457 return; 458 } 459 460 /* 461 * Retrieve from the 'pending_reqs' a free pending_req structure to be used. 462 */ 463 static struct pending_req *alloc_req(struct xen_blkif_ring *ring) 464 { 465 struct pending_req *req = NULL; 466 unsigned long flags; 467 468 spin_lock_irqsave(&ring->pending_free_lock, flags); 469 if (!list_empty(&ring->pending_free)) { 470 req = list_entry(ring->pending_free.next, struct pending_req, 471 free_list); 472 list_del(&req->free_list); 473 } 474 spin_unlock_irqrestore(&ring->pending_free_lock, flags); 475 return req; 476 } 477 478 /* 479 * Return the 'pending_req' structure back to the freepool. We also 480 * wake up the thread if it was waiting for a free page. 481 */ 482 static void free_req(struct xen_blkif_ring *ring, struct pending_req *req) 483 { 484 unsigned long flags; 485 int was_empty; 486 487 spin_lock_irqsave(&ring->pending_free_lock, flags); 488 was_empty = list_empty(&ring->pending_free); 489 list_add(&req->free_list, &ring->pending_free); 490 spin_unlock_irqrestore(&ring->pending_free_lock, flags); 491 if (was_empty) 492 wake_up(&ring->pending_free_wq); 493 } 494 495 /* 496 * Routines for managing virtual block devices (vbds). 497 */ 498 static int xen_vbd_translate(struct phys_req *req, struct xen_blkif *blkif, 499 int operation) 500 { 501 struct xen_vbd *vbd = &blkif->vbd; 502 int rc = -EACCES; 503 504 if ((operation != REQ_OP_READ) && vbd->readonly) 505 goto out; 506 507 if (likely(req->nr_sects)) { 508 blkif_sector_t end = req->sector_number + req->nr_sects; 509 510 if (unlikely(end < req->sector_number)) 511 goto out; 512 if (unlikely(end > vbd_sz(vbd))) 513 goto out; 514 } 515 516 req->dev = vbd->pdevice; 517 req->bdev = vbd->bdev; 518 rc = 0; 519 520 out: 521 return rc; 522 } 523 524 static void xen_vbd_resize(struct xen_blkif *blkif) 525 { 526 struct xen_vbd *vbd = &blkif->vbd; 527 struct xenbus_transaction xbt; 528 int err; 529 struct xenbus_device *dev = xen_blkbk_xenbus(blkif->be); 530 unsigned long long new_size = vbd_sz(vbd); 531 532 pr_info("VBD Resize: Domid: %d, Device: (%d, %d)\n", 533 blkif->domid, MAJOR(vbd->pdevice), MINOR(vbd->pdevice)); 534 pr_info("VBD Resize: new size %llu\n", new_size); 535 vbd->size = new_size; 536 again: 537 err = xenbus_transaction_start(&xbt); 538 if (err) { 539 pr_warn("Error starting transaction\n"); 540 return; 541 } 542 err = xenbus_printf(xbt, dev->nodename, "sectors", "%llu", 543 (unsigned long long)vbd_sz(vbd)); 544 if (err) { 545 pr_warn("Error writing new size\n"); 546 goto abort; 547 } 548 /* 549 * Write the current state; we will use this to synchronize 550 * the front-end. If the current state is "connected" the 551 * front-end will get the new size information online. 552 */ 553 err = xenbus_printf(xbt, dev->nodename, "state", "%d", dev->state); 554 if (err) { 555 pr_warn("Error writing the state\n"); 556 goto abort; 557 } 558 559 err = xenbus_transaction_end(xbt, 0); 560 if (err == -EAGAIN) 561 goto again; 562 if (err) 563 pr_warn("Error ending transaction\n"); 564 return; 565 abort: 566 xenbus_transaction_end(xbt, 1); 567 } 568 569 /* 570 * Notification from the guest OS. 571 */ 572 static void blkif_notify_work(struct xen_blkif_ring *ring) 573 { 574 ring->waiting_reqs = 1; 575 wake_up(&ring->wq); 576 } 577 578 irqreturn_t xen_blkif_be_int(int irq, void *dev_id) 579 { 580 blkif_notify_work(dev_id); 581 return IRQ_HANDLED; 582 } 583 584 /* 585 * SCHEDULER FUNCTIONS 586 */ 587 588 static void print_stats(struct xen_blkif_ring *ring) 589 { 590 pr_info("(%s): oo %3llu | rd %4llu | wr %4llu | f %4llu" 591 " | ds %4llu | pg: %4u/%4d\n", 592 current->comm, ring->st_oo_req, 593 ring->st_rd_req, ring->st_wr_req, 594 ring->st_f_req, ring->st_ds_req, 595 ring->persistent_gnt_c, 596 xen_blkif_max_pgrants); 597 ring->st_print = jiffies + msecs_to_jiffies(10 * 1000); 598 ring->st_rd_req = 0; 599 ring->st_wr_req = 0; 600 ring->st_oo_req = 0; 601 ring->st_ds_req = 0; 602 } 603 604 int xen_blkif_schedule(void *arg) 605 { 606 struct xen_blkif_ring *ring = arg; 607 struct xen_blkif *blkif = ring->blkif; 608 struct xen_vbd *vbd = &blkif->vbd; 609 unsigned long timeout; 610 int ret; 611 612 set_freezable(); 613 while (!kthread_should_stop()) { 614 if (try_to_freeze()) 615 continue; 616 if (unlikely(vbd->size != vbd_sz(vbd))) 617 xen_vbd_resize(blkif); 618 619 timeout = msecs_to_jiffies(LRU_INTERVAL); 620 621 timeout = wait_event_interruptible_timeout( 622 ring->wq, 623 ring->waiting_reqs || kthread_should_stop(), 624 timeout); 625 if (timeout == 0) 626 goto purge_gnt_list; 627 timeout = wait_event_interruptible_timeout( 628 ring->pending_free_wq, 629 !list_empty(&ring->pending_free) || 630 kthread_should_stop(), 631 timeout); 632 if (timeout == 0) 633 goto purge_gnt_list; 634 635 ring->waiting_reqs = 0; 636 smp_mb(); /* clear flag *before* checking for work */ 637 638 ret = do_block_io_op(ring); 639 if (ret > 0) 640 ring->waiting_reqs = 1; 641 if (ret == -EACCES) 642 wait_event_interruptible(ring->shutdown_wq, 643 kthread_should_stop()); 644 645 purge_gnt_list: 646 if (blkif->vbd.feature_gnt_persistent && 647 time_after(jiffies, ring->next_lru)) { 648 purge_persistent_gnt(ring); 649 ring->next_lru = jiffies + msecs_to_jiffies(LRU_INTERVAL); 650 } 651 652 /* Shrink if we have more than xen_blkif_max_buffer_pages */ 653 shrink_free_pagepool(ring, xen_blkif_max_buffer_pages); 654 655 if (log_stats && time_after(jiffies, ring->st_print)) 656 print_stats(ring); 657 } 658 659 /* Drain pending purge work */ 660 flush_work(&ring->persistent_purge_work); 661 662 if (log_stats) 663 print_stats(ring); 664 665 ring->xenblkd = NULL; 666 667 return 0; 668 } 669 670 /* 671 * Remove persistent grants and empty the pool of free pages 672 */ 673 void xen_blkbk_free_caches(struct xen_blkif_ring *ring) 674 { 675 /* Free all persistent grant pages */ 676 if (!RB_EMPTY_ROOT(&ring->persistent_gnts)) 677 free_persistent_gnts(ring, &ring->persistent_gnts, 678 ring->persistent_gnt_c); 679 680 BUG_ON(!RB_EMPTY_ROOT(&ring->persistent_gnts)); 681 ring->persistent_gnt_c = 0; 682 683 /* Since we are shutting down remove all pages from the buffer */ 684 shrink_free_pagepool(ring, 0 /* All */); 685 } 686 687 static unsigned int xen_blkbk_unmap_prepare( 688 struct xen_blkif_ring *ring, 689 struct grant_page **pages, 690 unsigned int num, 691 struct gnttab_unmap_grant_ref *unmap_ops, 692 struct page **unmap_pages) 693 { 694 unsigned int i, invcount = 0; 695 696 for (i = 0; i < num; i++) { 697 if (pages[i]->persistent_gnt != NULL) { 698 put_persistent_gnt(ring, pages[i]->persistent_gnt); 699 continue; 700 } 701 if (pages[i]->handle == BLKBACK_INVALID_HANDLE) 702 continue; 703 unmap_pages[invcount] = pages[i]->page; 704 gnttab_set_unmap_op(&unmap_ops[invcount], vaddr(pages[i]->page), 705 GNTMAP_host_map, pages[i]->handle); 706 pages[i]->handle = BLKBACK_INVALID_HANDLE; 707 invcount++; 708 } 709 710 return invcount; 711 } 712 713 static void xen_blkbk_unmap_and_respond_callback(int result, struct gntab_unmap_queue_data *data) 714 { 715 struct pending_req *pending_req = (struct pending_req *)(data->data); 716 struct xen_blkif_ring *ring = pending_req->ring; 717 struct xen_blkif *blkif = ring->blkif; 718 719 /* BUG_ON used to reproduce existing behaviour, 720 but is this the best way to deal with this? */ 721 BUG_ON(result); 722 723 put_free_pages(ring, data->pages, data->count); 724 make_response(ring, pending_req->id, 725 pending_req->operation, pending_req->status); 726 free_req(ring, pending_req); 727 /* 728 * Make sure the request is freed before releasing blkif, 729 * or there could be a race between free_req and the 730 * cleanup done in xen_blkif_free during shutdown. 731 * 732 * NB: The fact that we might try to wake up pending_free_wq 733 * before drain_complete (in case there's a drain going on) 734 * it's not a problem with our current implementation 735 * because we can assure there's no thread waiting on 736 * pending_free_wq if there's a drain going on, but it has 737 * to be taken into account if the current model is changed. 738 */ 739 if (atomic_dec_and_test(&ring->inflight) && atomic_read(&blkif->drain)) { 740 complete(&blkif->drain_complete); 741 } 742 xen_blkif_put(blkif); 743 } 744 745 static void xen_blkbk_unmap_and_respond(struct pending_req *req) 746 { 747 struct gntab_unmap_queue_data* work = &req->gnttab_unmap_data; 748 struct xen_blkif_ring *ring = req->ring; 749 struct grant_page **pages = req->segments; 750 unsigned int invcount; 751 752 invcount = xen_blkbk_unmap_prepare(ring, pages, req->nr_segs, 753 req->unmap, req->unmap_pages); 754 755 work->data = req; 756 work->done = xen_blkbk_unmap_and_respond_callback; 757 work->unmap_ops = req->unmap; 758 work->kunmap_ops = NULL; 759 work->pages = req->unmap_pages; 760 work->count = invcount; 761 762 gnttab_unmap_refs_async(&req->gnttab_unmap_data); 763 } 764 765 766 /* 767 * Unmap the grant references. 768 * 769 * This could accumulate ops up to the batch size to reduce the number 770 * of hypercalls, but since this is only used in error paths there's 771 * no real need. 772 */ 773 static void xen_blkbk_unmap(struct xen_blkif_ring *ring, 774 struct grant_page *pages[], 775 int num) 776 { 777 struct gnttab_unmap_grant_ref unmap[BLKIF_MAX_SEGMENTS_PER_REQUEST]; 778 struct page *unmap_pages[BLKIF_MAX_SEGMENTS_PER_REQUEST]; 779 unsigned int invcount = 0; 780 int ret; 781 782 while (num) { 783 unsigned int batch = min(num, BLKIF_MAX_SEGMENTS_PER_REQUEST); 784 785 invcount = xen_blkbk_unmap_prepare(ring, pages, batch, 786 unmap, unmap_pages); 787 if (invcount) { 788 ret = gnttab_unmap_refs(unmap, NULL, unmap_pages, invcount); 789 BUG_ON(ret); 790 put_free_pages(ring, unmap_pages, invcount); 791 } 792 pages += batch; 793 num -= batch; 794 } 795 } 796 797 static int xen_blkbk_map(struct xen_blkif_ring *ring, 798 struct grant_page *pages[], 799 int num, bool ro) 800 { 801 struct gnttab_map_grant_ref map[BLKIF_MAX_SEGMENTS_PER_REQUEST]; 802 struct page *pages_to_gnt[BLKIF_MAX_SEGMENTS_PER_REQUEST]; 803 struct persistent_gnt *persistent_gnt = NULL; 804 phys_addr_t addr = 0; 805 int i, seg_idx, new_map_idx; 806 int segs_to_map = 0; 807 int ret = 0; 808 int last_map = 0, map_until = 0; 809 int use_persistent_gnts; 810 struct xen_blkif *blkif = ring->blkif; 811 812 use_persistent_gnts = (blkif->vbd.feature_gnt_persistent); 813 814 /* 815 * Fill out preq.nr_sects with proper amount of sectors, and setup 816 * assign map[..] with the PFN of the page in our domain with the 817 * corresponding grant reference for each page. 818 */ 819 again: 820 for (i = map_until; i < num; i++) { 821 uint32_t flags; 822 823 if (use_persistent_gnts) { 824 persistent_gnt = get_persistent_gnt( 825 ring, 826 pages[i]->gref); 827 } 828 829 if (persistent_gnt) { 830 /* 831 * We are using persistent grants and 832 * the grant is already mapped 833 */ 834 pages[i]->page = persistent_gnt->page; 835 pages[i]->persistent_gnt = persistent_gnt; 836 } else { 837 if (get_free_page(ring, &pages[i]->page)) 838 goto out_of_memory; 839 addr = vaddr(pages[i]->page); 840 pages_to_gnt[segs_to_map] = pages[i]->page; 841 pages[i]->persistent_gnt = NULL; 842 flags = GNTMAP_host_map; 843 if (!use_persistent_gnts && ro) 844 flags |= GNTMAP_readonly; 845 gnttab_set_map_op(&map[segs_to_map++], addr, 846 flags, pages[i]->gref, 847 blkif->domid); 848 } 849 map_until = i + 1; 850 if (segs_to_map == BLKIF_MAX_SEGMENTS_PER_REQUEST) 851 break; 852 } 853 854 if (segs_to_map) { 855 ret = gnttab_map_refs(map, NULL, pages_to_gnt, segs_to_map); 856 BUG_ON(ret); 857 } 858 859 /* 860 * Now swizzle the MFN in our domain with the MFN from the other domain 861 * so that when we access vaddr(pending_req,i) it has the contents of 862 * the page from the other domain. 863 */ 864 for (seg_idx = last_map, new_map_idx = 0; seg_idx < map_until; seg_idx++) { 865 if (!pages[seg_idx]->persistent_gnt) { 866 /* This is a newly mapped grant */ 867 BUG_ON(new_map_idx >= segs_to_map); 868 if (unlikely(map[new_map_idx].status != 0)) { 869 pr_debug("invalid buffer -- could not remap it\n"); 870 put_free_pages(ring, &pages[seg_idx]->page, 1); 871 pages[seg_idx]->handle = BLKBACK_INVALID_HANDLE; 872 ret |= 1; 873 goto next; 874 } 875 pages[seg_idx]->handle = map[new_map_idx].handle; 876 } else { 877 continue; 878 } 879 if (use_persistent_gnts && 880 ring->persistent_gnt_c < xen_blkif_max_pgrants) { 881 /* 882 * We are using persistent grants, the grant is 883 * not mapped but we might have room for it. 884 */ 885 persistent_gnt = kmalloc(sizeof(struct persistent_gnt), 886 GFP_KERNEL); 887 if (!persistent_gnt) { 888 /* 889 * If we don't have enough memory to 890 * allocate the persistent_gnt struct 891 * map this grant non-persistenly 892 */ 893 goto next; 894 } 895 persistent_gnt->gnt = map[new_map_idx].ref; 896 persistent_gnt->handle = map[new_map_idx].handle; 897 persistent_gnt->page = pages[seg_idx]->page; 898 if (add_persistent_gnt(ring, 899 persistent_gnt)) { 900 kfree(persistent_gnt); 901 persistent_gnt = NULL; 902 goto next; 903 } 904 pages[seg_idx]->persistent_gnt = persistent_gnt; 905 pr_debug("grant %u added to the tree of persistent grants, using %u/%u\n", 906 persistent_gnt->gnt, ring->persistent_gnt_c, 907 xen_blkif_max_pgrants); 908 goto next; 909 } 910 if (use_persistent_gnts && !blkif->vbd.overflow_max_grants) { 911 blkif->vbd.overflow_max_grants = 1; 912 pr_debug("domain %u, device %#x is using maximum number of persistent grants\n", 913 blkif->domid, blkif->vbd.handle); 914 } 915 /* 916 * We could not map this grant persistently, so use it as 917 * a non-persistent grant. 918 */ 919 next: 920 new_map_idx++; 921 } 922 segs_to_map = 0; 923 last_map = map_until; 924 if (map_until != num) 925 goto again; 926 927 return ret; 928 929 out_of_memory: 930 pr_alert("%s: out of memory\n", __func__); 931 put_free_pages(ring, pages_to_gnt, segs_to_map); 932 return -ENOMEM; 933 } 934 935 static int xen_blkbk_map_seg(struct pending_req *pending_req) 936 { 937 int rc; 938 939 rc = xen_blkbk_map(pending_req->ring, pending_req->segments, 940 pending_req->nr_segs, 941 (pending_req->operation != BLKIF_OP_READ)); 942 943 return rc; 944 } 945 946 static int xen_blkbk_parse_indirect(struct blkif_request *req, 947 struct pending_req *pending_req, 948 struct seg_buf seg[], 949 struct phys_req *preq) 950 { 951 struct grant_page **pages = pending_req->indirect_pages; 952 struct xen_blkif_ring *ring = pending_req->ring; 953 int indirect_grefs, rc, n, nseg, i; 954 struct blkif_request_segment *segments = NULL; 955 956 nseg = pending_req->nr_segs; 957 indirect_grefs = INDIRECT_PAGES(nseg); 958 BUG_ON(indirect_grefs > BLKIF_MAX_INDIRECT_PAGES_PER_REQUEST); 959 960 for (i = 0; i < indirect_grefs; i++) 961 pages[i]->gref = req->u.indirect.indirect_grefs[i]; 962 963 rc = xen_blkbk_map(ring, pages, indirect_grefs, true); 964 if (rc) 965 goto unmap; 966 967 for (n = 0, i = 0; n < nseg; n++) { 968 uint8_t first_sect, last_sect; 969 970 if ((n % SEGS_PER_INDIRECT_FRAME) == 0) { 971 /* Map indirect segments */ 972 if (segments) 973 kunmap_atomic(segments); 974 segments = kmap_atomic(pages[n/SEGS_PER_INDIRECT_FRAME]->page); 975 } 976 i = n % SEGS_PER_INDIRECT_FRAME; 977 978 pending_req->segments[n]->gref = segments[i].gref; 979 980 first_sect = READ_ONCE(segments[i].first_sect); 981 last_sect = READ_ONCE(segments[i].last_sect); 982 if (last_sect >= (XEN_PAGE_SIZE >> 9) || last_sect < first_sect) { 983 rc = -EINVAL; 984 goto unmap; 985 } 986 987 seg[n].nsec = last_sect - first_sect + 1; 988 seg[n].offset = first_sect << 9; 989 preq->nr_sects += seg[n].nsec; 990 } 991 992 unmap: 993 if (segments) 994 kunmap_atomic(segments); 995 xen_blkbk_unmap(ring, pages, indirect_grefs); 996 return rc; 997 } 998 999 static int dispatch_discard_io(struct xen_blkif_ring *ring, 1000 struct blkif_request *req) 1001 { 1002 int err = 0; 1003 int status = BLKIF_RSP_OKAY; 1004 struct xen_blkif *blkif = ring->blkif; 1005 struct block_device *bdev = blkif->vbd.bdev; 1006 unsigned long secure; 1007 struct phys_req preq; 1008 1009 xen_blkif_get(blkif); 1010 1011 preq.sector_number = req->u.discard.sector_number; 1012 preq.nr_sects = req->u.discard.nr_sectors; 1013 1014 err = xen_vbd_translate(&preq, blkif, REQ_OP_WRITE); 1015 if (err) { 1016 pr_warn("access denied: DISCARD [%llu->%llu] on dev=%04x\n", 1017 preq.sector_number, 1018 preq.sector_number + preq.nr_sects, blkif->vbd.pdevice); 1019 goto fail_response; 1020 } 1021 ring->st_ds_req++; 1022 1023 secure = (blkif->vbd.discard_secure && 1024 (req->u.discard.flag & BLKIF_DISCARD_SECURE)) ? 1025 BLKDEV_DISCARD_SECURE : 0; 1026 1027 err = blkdev_issue_discard(bdev, req->u.discard.sector_number, 1028 req->u.discard.nr_sectors, 1029 GFP_KERNEL, secure); 1030 fail_response: 1031 if (err == -EOPNOTSUPP) { 1032 pr_debug("discard op failed, not supported\n"); 1033 status = BLKIF_RSP_EOPNOTSUPP; 1034 } else if (err) 1035 status = BLKIF_RSP_ERROR; 1036 1037 make_response(ring, req->u.discard.id, req->operation, status); 1038 xen_blkif_put(blkif); 1039 return err; 1040 } 1041 1042 static int dispatch_other_io(struct xen_blkif_ring *ring, 1043 struct blkif_request *req, 1044 struct pending_req *pending_req) 1045 { 1046 free_req(ring, pending_req); 1047 make_response(ring, req->u.other.id, req->operation, 1048 BLKIF_RSP_EOPNOTSUPP); 1049 return -EIO; 1050 } 1051 1052 static void xen_blk_drain_io(struct xen_blkif_ring *ring) 1053 { 1054 struct xen_blkif *blkif = ring->blkif; 1055 1056 atomic_set(&blkif->drain, 1); 1057 do { 1058 if (atomic_read(&ring->inflight) == 0) 1059 break; 1060 wait_for_completion_interruptible_timeout( 1061 &blkif->drain_complete, HZ); 1062 1063 if (!atomic_read(&blkif->drain)) 1064 break; 1065 } while (!kthread_should_stop()); 1066 atomic_set(&blkif->drain, 0); 1067 } 1068 1069 static void __end_block_io_op(struct pending_req *pending_req, 1070 blk_status_t error) 1071 { 1072 /* An error fails the entire request. */ 1073 if (pending_req->operation == BLKIF_OP_FLUSH_DISKCACHE && 1074 error == BLK_STS_NOTSUPP) { 1075 pr_debug("flush diskcache op failed, not supported\n"); 1076 xen_blkbk_flush_diskcache(XBT_NIL, pending_req->ring->blkif->be, 0); 1077 pending_req->status = BLKIF_RSP_EOPNOTSUPP; 1078 } else if (pending_req->operation == BLKIF_OP_WRITE_BARRIER && 1079 error == BLK_STS_NOTSUPP) { 1080 pr_debug("write barrier op failed, not supported\n"); 1081 xen_blkbk_barrier(XBT_NIL, pending_req->ring->blkif->be, 0); 1082 pending_req->status = BLKIF_RSP_EOPNOTSUPP; 1083 } else if (error) { 1084 pr_debug("Buffer not up-to-date at end of operation," 1085 " error=%d\n", error); 1086 pending_req->status = BLKIF_RSP_ERROR; 1087 } 1088 1089 /* 1090 * If all of the bio's have completed it is time to unmap 1091 * the grant references associated with 'request' and provide 1092 * the proper response on the ring. 1093 */ 1094 if (atomic_dec_and_test(&pending_req->pendcnt)) 1095 xen_blkbk_unmap_and_respond(pending_req); 1096 } 1097 1098 /* 1099 * bio callback. 1100 */ 1101 static void end_block_io_op(struct bio *bio) 1102 { 1103 __end_block_io_op(bio->bi_private, bio->bi_status); 1104 bio_put(bio); 1105 } 1106 1107 1108 1109 /* 1110 * Function to copy the from the ring buffer the 'struct blkif_request' 1111 * (which has the sectors we want, number of them, grant references, etc), 1112 * and transmute it to the block API to hand it over to the proper block disk. 1113 */ 1114 static int 1115 __do_block_io_op(struct xen_blkif_ring *ring) 1116 { 1117 union blkif_back_rings *blk_rings = &ring->blk_rings; 1118 struct blkif_request req; 1119 struct pending_req *pending_req; 1120 RING_IDX rc, rp; 1121 int more_to_do = 0; 1122 1123 rc = blk_rings->common.req_cons; 1124 rp = blk_rings->common.sring->req_prod; 1125 rmb(); /* Ensure we see queued requests up to 'rp'. */ 1126 1127 if (RING_REQUEST_PROD_OVERFLOW(&blk_rings->common, rp)) { 1128 rc = blk_rings->common.rsp_prod_pvt; 1129 pr_warn("Frontend provided bogus ring requests (%d - %d = %d). Halting ring processing on dev=%04x\n", 1130 rp, rc, rp - rc, ring->blkif->vbd.pdevice); 1131 return -EACCES; 1132 } 1133 while (rc != rp) { 1134 1135 if (RING_REQUEST_CONS_OVERFLOW(&blk_rings->common, rc)) 1136 break; 1137 1138 if (kthread_should_stop()) { 1139 more_to_do = 1; 1140 break; 1141 } 1142 1143 pending_req = alloc_req(ring); 1144 if (NULL == pending_req) { 1145 ring->st_oo_req++; 1146 more_to_do = 1; 1147 break; 1148 } 1149 1150 switch (ring->blkif->blk_protocol) { 1151 case BLKIF_PROTOCOL_NATIVE: 1152 memcpy(&req, RING_GET_REQUEST(&blk_rings->native, rc), sizeof(req)); 1153 break; 1154 case BLKIF_PROTOCOL_X86_32: 1155 blkif_get_x86_32_req(&req, RING_GET_REQUEST(&blk_rings->x86_32, rc)); 1156 break; 1157 case BLKIF_PROTOCOL_X86_64: 1158 blkif_get_x86_64_req(&req, RING_GET_REQUEST(&blk_rings->x86_64, rc)); 1159 break; 1160 default: 1161 BUG(); 1162 } 1163 blk_rings->common.req_cons = ++rc; /* before make_response() */ 1164 1165 /* Apply all sanity checks to /private copy/ of request. */ 1166 barrier(); 1167 1168 switch (req.operation) { 1169 case BLKIF_OP_READ: 1170 case BLKIF_OP_WRITE: 1171 case BLKIF_OP_WRITE_BARRIER: 1172 case BLKIF_OP_FLUSH_DISKCACHE: 1173 case BLKIF_OP_INDIRECT: 1174 if (dispatch_rw_block_io(ring, &req, pending_req)) 1175 goto done; 1176 break; 1177 case BLKIF_OP_DISCARD: 1178 free_req(ring, pending_req); 1179 if (dispatch_discard_io(ring, &req)) 1180 goto done; 1181 break; 1182 default: 1183 if (dispatch_other_io(ring, &req, pending_req)) 1184 goto done; 1185 break; 1186 } 1187 1188 /* Yield point for this unbounded loop. */ 1189 cond_resched(); 1190 } 1191 done: 1192 return more_to_do; 1193 } 1194 1195 static int 1196 do_block_io_op(struct xen_blkif_ring *ring) 1197 { 1198 union blkif_back_rings *blk_rings = &ring->blk_rings; 1199 int more_to_do; 1200 1201 do { 1202 more_to_do = __do_block_io_op(ring); 1203 if (more_to_do) 1204 break; 1205 1206 RING_FINAL_CHECK_FOR_REQUESTS(&blk_rings->common, more_to_do); 1207 } while (more_to_do); 1208 1209 return more_to_do; 1210 } 1211 /* 1212 * Transmutation of the 'struct blkif_request' to a proper 'struct bio' 1213 * and call the 'submit_bio' to pass it to the underlying storage. 1214 */ 1215 static int dispatch_rw_block_io(struct xen_blkif_ring *ring, 1216 struct blkif_request *req, 1217 struct pending_req *pending_req) 1218 { 1219 struct phys_req preq; 1220 struct seg_buf *seg = pending_req->seg; 1221 unsigned int nseg; 1222 struct bio *bio = NULL; 1223 struct bio **biolist = pending_req->biolist; 1224 int i, nbio = 0; 1225 int operation; 1226 int operation_flags = 0; 1227 struct blk_plug plug; 1228 bool drain = false; 1229 struct grant_page **pages = pending_req->segments; 1230 unsigned short req_operation; 1231 1232 req_operation = req->operation == BLKIF_OP_INDIRECT ? 1233 req->u.indirect.indirect_op : req->operation; 1234 1235 if ((req->operation == BLKIF_OP_INDIRECT) && 1236 (req_operation != BLKIF_OP_READ) && 1237 (req_operation != BLKIF_OP_WRITE)) { 1238 pr_debug("Invalid indirect operation (%u)\n", req_operation); 1239 goto fail_response; 1240 } 1241 1242 switch (req_operation) { 1243 case BLKIF_OP_READ: 1244 ring->st_rd_req++; 1245 operation = REQ_OP_READ; 1246 break; 1247 case BLKIF_OP_WRITE: 1248 ring->st_wr_req++; 1249 operation = REQ_OP_WRITE; 1250 operation_flags = REQ_SYNC | REQ_IDLE; 1251 break; 1252 case BLKIF_OP_WRITE_BARRIER: 1253 drain = true; 1254 /* fall through */ 1255 case BLKIF_OP_FLUSH_DISKCACHE: 1256 ring->st_f_req++; 1257 operation = REQ_OP_WRITE; 1258 operation_flags = REQ_PREFLUSH; 1259 break; 1260 default: 1261 operation = 0; /* make gcc happy */ 1262 goto fail_response; 1263 break; 1264 } 1265 1266 /* Check that the number of segments is sane. */ 1267 nseg = req->operation == BLKIF_OP_INDIRECT ? 1268 req->u.indirect.nr_segments : req->u.rw.nr_segments; 1269 1270 if (unlikely(nseg == 0 && operation_flags != REQ_PREFLUSH) || 1271 unlikely((req->operation != BLKIF_OP_INDIRECT) && 1272 (nseg > BLKIF_MAX_SEGMENTS_PER_REQUEST)) || 1273 unlikely((req->operation == BLKIF_OP_INDIRECT) && 1274 (nseg > MAX_INDIRECT_SEGMENTS))) { 1275 pr_debug("Bad number of segments in request (%d)\n", nseg); 1276 /* Haven't submitted any bio's yet. */ 1277 goto fail_response; 1278 } 1279 1280 preq.nr_sects = 0; 1281 1282 pending_req->ring = ring; 1283 pending_req->id = req->u.rw.id; 1284 pending_req->operation = req_operation; 1285 pending_req->status = BLKIF_RSP_OKAY; 1286 pending_req->nr_segs = nseg; 1287 1288 if (req->operation != BLKIF_OP_INDIRECT) { 1289 preq.dev = req->u.rw.handle; 1290 preq.sector_number = req->u.rw.sector_number; 1291 for (i = 0; i < nseg; i++) { 1292 pages[i]->gref = req->u.rw.seg[i].gref; 1293 seg[i].nsec = req->u.rw.seg[i].last_sect - 1294 req->u.rw.seg[i].first_sect + 1; 1295 seg[i].offset = (req->u.rw.seg[i].first_sect << 9); 1296 if ((req->u.rw.seg[i].last_sect >= (XEN_PAGE_SIZE >> 9)) || 1297 (req->u.rw.seg[i].last_sect < 1298 req->u.rw.seg[i].first_sect)) 1299 goto fail_response; 1300 preq.nr_sects += seg[i].nsec; 1301 } 1302 } else { 1303 preq.dev = req->u.indirect.handle; 1304 preq.sector_number = req->u.indirect.sector_number; 1305 if (xen_blkbk_parse_indirect(req, pending_req, seg, &preq)) 1306 goto fail_response; 1307 } 1308 1309 if (xen_vbd_translate(&preq, ring->blkif, operation) != 0) { 1310 pr_debug("access denied: %s of [%llu,%llu] on dev=%04x\n", 1311 operation == REQ_OP_READ ? "read" : "write", 1312 preq.sector_number, 1313 preq.sector_number + preq.nr_sects, 1314 ring->blkif->vbd.pdevice); 1315 goto fail_response; 1316 } 1317 1318 /* 1319 * This check _MUST_ be done after xen_vbd_translate as the preq.bdev 1320 * is set there. 1321 */ 1322 for (i = 0; i < nseg; i++) { 1323 if (((int)preq.sector_number|(int)seg[i].nsec) & 1324 ((bdev_logical_block_size(preq.bdev) >> 9) - 1)) { 1325 pr_debug("Misaligned I/O request from domain %d\n", 1326 ring->blkif->domid); 1327 goto fail_response; 1328 } 1329 } 1330 1331 /* Wait on all outstanding I/O's and once that has been completed 1332 * issue the flush. 1333 */ 1334 if (drain) 1335 xen_blk_drain_io(pending_req->ring); 1336 1337 /* 1338 * If we have failed at this point, we need to undo the M2P override, 1339 * set gnttab_set_unmap_op on all of the grant references and perform 1340 * the hypercall to unmap the grants - that is all done in 1341 * xen_blkbk_unmap. 1342 */ 1343 if (xen_blkbk_map_seg(pending_req)) 1344 goto fail_flush; 1345 1346 /* 1347 * This corresponding xen_blkif_put is done in __end_block_io_op, or 1348 * below (in "!bio") if we are handling a BLKIF_OP_DISCARD. 1349 */ 1350 xen_blkif_get(ring->blkif); 1351 atomic_inc(&ring->inflight); 1352 1353 for (i = 0; i < nseg; i++) { 1354 while ((bio == NULL) || 1355 (bio_add_page(bio, 1356 pages[i]->page, 1357 seg[i].nsec << 9, 1358 seg[i].offset) == 0)) { 1359 1360 int nr_iovecs = min_t(int, (nseg-i), BIO_MAX_PAGES); 1361 bio = bio_alloc(GFP_KERNEL, nr_iovecs); 1362 if (unlikely(bio == NULL)) 1363 goto fail_put_bio; 1364 1365 biolist[nbio++] = bio; 1366 bio_set_dev(bio, preq.bdev); 1367 bio->bi_private = pending_req; 1368 bio->bi_end_io = end_block_io_op; 1369 bio->bi_iter.bi_sector = preq.sector_number; 1370 bio_set_op_attrs(bio, operation, operation_flags); 1371 } 1372 1373 preq.sector_number += seg[i].nsec; 1374 } 1375 1376 /* This will be hit if the operation was a flush or discard. */ 1377 if (!bio) { 1378 BUG_ON(operation_flags != REQ_PREFLUSH); 1379 1380 bio = bio_alloc(GFP_KERNEL, 0); 1381 if (unlikely(bio == NULL)) 1382 goto fail_put_bio; 1383 1384 biolist[nbio++] = bio; 1385 bio_set_dev(bio, preq.bdev); 1386 bio->bi_private = pending_req; 1387 bio->bi_end_io = end_block_io_op; 1388 bio_set_op_attrs(bio, operation, operation_flags); 1389 } 1390 1391 atomic_set(&pending_req->pendcnt, nbio); 1392 blk_start_plug(&plug); 1393 1394 for (i = 0; i < nbio; i++) 1395 submit_bio(biolist[i]); 1396 1397 /* Let the I/Os go.. */ 1398 blk_finish_plug(&plug); 1399 1400 if (operation == REQ_OP_READ) 1401 ring->st_rd_sect += preq.nr_sects; 1402 else if (operation == REQ_OP_WRITE) 1403 ring->st_wr_sect += preq.nr_sects; 1404 1405 return 0; 1406 1407 fail_flush: 1408 xen_blkbk_unmap(ring, pending_req->segments, 1409 pending_req->nr_segs); 1410 fail_response: 1411 /* Haven't submitted any bio's yet. */ 1412 make_response(ring, req->u.rw.id, req_operation, BLKIF_RSP_ERROR); 1413 free_req(ring, pending_req); 1414 msleep(1); /* back off a bit */ 1415 return -EIO; 1416 1417 fail_put_bio: 1418 for (i = 0; i < nbio; i++) 1419 bio_put(biolist[i]); 1420 atomic_set(&pending_req->pendcnt, 1); 1421 __end_block_io_op(pending_req, BLK_STS_RESOURCE); 1422 msleep(1); /* back off a bit */ 1423 return -EIO; 1424 } 1425 1426 1427 1428 /* 1429 * Put a response on the ring on how the operation fared. 1430 */ 1431 static void make_response(struct xen_blkif_ring *ring, u64 id, 1432 unsigned short op, int st) 1433 { 1434 struct blkif_response *resp; 1435 unsigned long flags; 1436 union blkif_back_rings *blk_rings; 1437 int notify; 1438 1439 spin_lock_irqsave(&ring->blk_ring_lock, flags); 1440 blk_rings = &ring->blk_rings; 1441 /* Place on the response ring for the relevant domain. */ 1442 switch (ring->blkif->blk_protocol) { 1443 case BLKIF_PROTOCOL_NATIVE: 1444 resp = RING_GET_RESPONSE(&blk_rings->native, 1445 blk_rings->native.rsp_prod_pvt); 1446 break; 1447 case BLKIF_PROTOCOL_X86_32: 1448 resp = RING_GET_RESPONSE(&blk_rings->x86_32, 1449 blk_rings->x86_32.rsp_prod_pvt); 1450 break; 1451 case BLKIF_PROTOCOL_X86_64: 1452 resp = RING_GET_RESPONSE(&blk_rings->x86_64, 1453 blk_rings->x86_64.rsp_prod_pvt); 1454 break; 1455 default: 1456 BUG(); 1457 } 1458 1459 resp->id = id; 1460 resp->operation = op; 1461 resp->status = st; 1462 1463 blk_rings->common.rsp_prod_pvt++; 1464 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(&blk_rings->common, notify); 1465 spin_unlock_irqrestore(&ring->blk_ring_lock, flags); 1466 if (notify) 1467 notify_remote_via_irq(ring->irq); 1468 } 1469 1470 static int __init xen_blkif_init(void) 1471 { 1472 int rc = 0; 1473 1474 if (!xen_domain()) 1475 return -ENODEV; 1476 1477 if (xen_blkif_max_ring_order > XENBUS_MAX_RING_GRANT_ORDER) { 1478 pr_info("Invalid max_ring_order (%d), will use default max: %d.\n", 1479 xen_blkif_max_ring_order, XENBUS_MAX_RING_GRANT_ORDER); 1480 xen_blkif_max_ring_order = XENBUS_MAX_RING_GRANT_ORDER; 1481 } 1482 1483 if (xenblk_max_queues == 0) 1484 xenblk_max_queues = num_online_cpus(); 1485 1486 rc = xen_blkif_interface_init(); 1487 if (rc) 1488 goto failed_init; 1489 1490 rc = xen_blkif_xenbus_init(); 1491 if (rc) 1492 goto failed_init; 1493 1494 failed_init: 1495 return rc; 1496 } 1497 1498 module_init(xen_blkif_init); 1499 1500 MODULE_LICENSE("Dual BSD/GPL"); 1501 MODULE_ALIAS("xen-backend:vbd"); 1502