1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * VMware VMCI Driver 4 * 5 * Copyright (C) 2012 VMware, Inc. All rights reserved. 6 */ 7 8 #include <linux/vmw_vmci_defs.h> 9 #include <linux/vmw_vmci_api.h> 10 #include <linux/module.h> 11 #include <linux/sched.h> 12 #include <linux/slab.h> 13 #include <linux/bug.h> 14 15 #include "vmci_datagram.h" 16 #include "vmci_resource.h" 17 #include "vmci_context.h" 18 #include "vmci_driver.h" 19 #include "vmci_event.h" 20 #include "vmci_route.h" 21 22 /* 23 * struct datagram_entry describes the datagram entity. It is used for datagram 24 * entities created only on the host. 25 */ 26 struct datagram_entry { 27 struct vmci_resource resource; 28 u32 flags; 29 bool run_delayed; 30 vmci_datagram_recv_cb recv_cb; 31 void *client_data; 32 u32 priv_flags; 33 }; 34 35 struct delayed_datagram_info { 36 struct datagram_entry *entry; 37 struct work_struct work; 38 bool in_dg_host_queue; 39 /* msg and msg_payload must be together. */ 40 struct vmci_datagram msg; 41 u8 msg_payload[]; 42 }; 43 44 /* Number of in-flight host->host datagrams */ 45 static atomic_t delayed_dg_host_queue_size = ATOMIC_INIT(0); 46 47 /* 48 * Create a datagram entry given a handle pointer. 49 */ 50 static int dg_create_handle(u32 resource_id, 51 u32 flags, 52 u32 priv_flags, 53 vmci_datagram_recv_cb recv_cb, 54 void *client_data, struct vmci_handle *out_handle) 55 { 56 int result; 57 u32 context_id; 58 struct vmci_handle handle; 59 struct datagram_entry *entry; 60 61 if ((flags & VMCI_FLAG_WELLKNOWN_DG_HND) != 0) 62 return VMCI_ERROR_INVALID_ARGS; 63 64 if ((flags & VMCI_FLAG_ANYCID_DG_HND) != 0) { 65 context_id = VMCI_INVALID_ID; 66 } else { 67 context_id = vmci_get_context_id(); 68 if (context_id == VMCI_INVALID_ID) 69 return VMCI_ERROR_NO_RESOURCES; 70 } 71 72 handle = vmci_make_handle(context_id, resource_id); 73 74 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 75 if (!entry) { 76 pr_warn("Failed allocating memory for datagram entry\n"); 77 return VMCI_ERROR_NO_MEM; 78 } 79 80 entry->run_delayed = (flags & VMCI_FLAG_DG_DELAYED_CB) ? true : false; 81 entry->flags = flags; 82 entry->recv_cb = recv_cb; 83 entry->client_data = client_data; 84 entry->priv_flags = priv_flags; 85 86 /* Make datagram resource live. */ 87 result = vmci_resource_add(&entry->resource, 88 VMCI_RESOURCE_TYPE_DATAGRAM, 89 handle); 90 if (result != VMCI_SUCCESS) { 91 pr_warn("Failed to add new resource (handle=0x%x:0x%x), error: %d\n", 92 handle.context, handle.resource, result); 93 kfree(entry); 94 return result; 95 } 96 97 *out_handle = vmci_resource_handle(&entry->resource); 98 return VMCI_SUCCESS; 99 } 100 101 /* 102 * Internal utility function with the same purpose as 103 * vmci_datagram_get_priv_flags that also takes a context_id. 104 */ 105 static int vmci_datagram_get_priv_flags(u32 context_id, 106 struct vmci_handle handle, 107 u32 *priv_flags) 108 { 109 if (context_id == VMCI_INVALID_ID) 110 return VMCI_ERROR_INVALID_ARGS; 111 112 if (context_id == VMCI_HOST_CONTEXT_ID) { 113 struct datagram_entry *src_entry; 114 struct vmci_resource *resource; 115 116 resource = vmci_resource_by_handle(handle, 117 VMCI_RESOURCE_TYPE_DATAGRAM); 118 if (!resource) 119 return VMCI_ERROR_INVALID_ARGS; 120 121 src_entry = container_of(resource, struct datagram_entry, 122 resource); 123 *priv_flags = src_entry->priv_flags; 124 vmci_resource_put(resource); 125 } else if (context_id == VMCI_HYPERVISOR_CONTEXT_ID) 126 *priv_flags = VMCI_MAX_PRIVILEGE_FLAGS; 127 else 128 *priv_flags = vmci_context_get_priv_flags(context_id); 129 130 return VMCI_SUCCESS; 131 } 132 133 /* 134 * Calls the specified callback in a delayed context. 135 */ 136 static void dg_delayed_dispatch(struct work_struct *work) 137 { 138 struct delayed_datagram_info *dg_info = 139 container_of(work, struct delayed_datagram_info, work); 140 141 dg_info->entry->recv_cb(dg_info->entry->client_data, &dg_info->msg); 142 143 vmci_resource_put(&dg_info->entry->resource); 144 145 if (dg_info->in_dg_host_queue) 146 atomic_dec(&delayed_dg_host_queue_size); 147 148 kfree(dg_info); 149 } 150 151 /* 152 * Dispatch datagram as a host, to the host, or other vm context. This 153 * function cannot dispatch to hypervisor context handlers. This should 154 * have been handled before we get here by vmci_datagram_dispatch. 155 * Returns number of bytes sent on success, error code otherwise. 156 */ 157 static int dg_dispatch_as_host(u32 context_id, struct vmci_datagram *dg) 158 { 159 int retval; 160 size_t dg_size; 161 u32 src_priv_flags; 162 163 dg_size = VMCI_DG_SIZE(dg); 164 165 /* Host cannot send to the hypervisor. */ 166 if (dg->dst.context == VMCI_HYPERVISOR_CONTEXT_ID) 167 return VMCI_ERROR_DST_UNREACHABLE; 168 169 /* Check that source handle matches sending context. */ 170 if (dg->src.context != context_id) { 171 pr_devel("Sender context (ID=0x%x) is not owner of src datagram entry (handle=0x%x:0x%x)\n", 172 context_id, dg->src.context, dg->src.resource); 173 return VMCI_ERROR_NO_ACCESS; 174 } 175 176 /* Get hold of privileges of sending endpoint. */ 177 retval = vmci_datagram_get_priv_flags(context_id, dg->src, 178 &src_priv_flags); 179 if (retval != VMCI_SUCCESS) { 180 pr_warn("Couldn't get privileges (handle=0x%x:0x%x)\n", 181 dg->src.context, dg->src.resource); 182 return retval; 183 } 184 185 /* Determine if we should route to host or guest destination. */ 186 if (dg->dst.context == VMCI_HOST_CONTEXT_ID) { 187 /* Route to host datagram entry. */ 188 struct datagram_entry *dst_entry; 189 struct vmci_resource *resource; 190 191 if (dg->src.context == VMCI_HYPERVISOR_CONTEXT_ID && 192 dg->dst.resource == VMCI_EVENT_HANDLER) { 193 return vmci_event_dispatch(dg); 194 } 195 196 resource = vmci_resource_by_handle(dg->dst, 197 VMCI_RESOURCE_TYPE_DATAGRAM); 198 if (!resource) { 199 pr_devel("Sending to invalid destination (handle=0x%x:0x%x)\n", 200 dg->dst.context, dg->dst.resource); 201 return VMCI_ERROR_INVALID_RESOURCE; 202 } 203 dst_entry = container_of(resource, struct datagram_entry, 204 resource); 205 if (vmci_deny_interaction(src_priv_flags, 206 dst_entry->priv_flags)) { 207 vmci_resource_put(resource); 208 return VMCI_ERROR_NO_ACCESS; 209 } 210 211 /* 212 * If a VMCI datagram destined for the host is also sent by the 213 * host, we always run it delayed. This ensures that no locks 214 * are held when the datagram callback runs. 215 */ 216 if (dst_entry->run_delayed || 217 dg->src.context == VMCI_HOST_CONTEXT_ID) { 218 struct delayed_datagram_info *dg_info; 219 220 if (atomic_add_return(1, &delayed_dg_host_queue_size) 221 == VMCI_MAX_DELAYED_DG_HOST_QUEUE_SIZE) { 222 atomic_dec(&delayed_dg_host_queue_size); 223 vmci_resource_put(resource); 224 return VMCI_ERROR_NO_MEM; 225 } 226 227 dg_info = kmalloc(sizeof(*dg_info) + 228 (size_t) dg->payload_size, GFP_ATOMIC); 229 if (!dg_info) { 230 atomic_dec(&delayed_dg_host_queue_size); 231 vmci_resource_put(resource); 232 return VMCI_ERROR_NO_MEM; 233 } 234 235 dg_info->in_dg_host_queue = true; 236 dg_info->entry = dst_entry; 237 memcpy(&dg_info->msg, dg, dg_size); 238 239 INIT_WORK(&dg_info->work, dg_delayed_dispatch); 240 schedule_work(&dg_info->work); 241 retval = VMCI_SUCCESS; 242 243 } else { 244 retval = dst_entry->recv_cb(dst_entry->client_data, dg); 245 vmci_resource_put(resource); 246 if (retval < VMCI_SUCCESS) 247 return retval; 248 } 249 } else { 250 /* Route to destination VM context. */ 251 struct vmci_datagram *new_dg; 252 253 if (context_id != dg->dst.context) { 254 if (vmci_deny_interaction(src_priv_flags, 255 vmci_context_get_priv_flags 256 (dg->dst.context))) { 257 return VMCI_ERROR_NO_ACCESS; 258 } else if (VMCI_CONTEXT_IS_VM(context_id)) { 259 /* 260 * If the sending context is a VM, it 261 * cannot reach another VM. 262 */ 263 264 pr_devel("Datagram communication between VMs not supported (src=0x%x, dst=0x%x)\n", 265 context_id, dg->dst.context); 266 return VMCI_ERROR_DST_UNREACHABLE; 267 } 268 } 269 270 /* We make a copy to enqueue. */ 271 new_dg = kmemdup(dg, dg_size, GFP_KERNEL); 272 if (new_dg == NULL) 273 return VMCI_ERROR_NO_MEM; 274 275 retval = vmci_ctx_enqueue_datagram(dg->dst.context, new_dg); 276 if (retval < VMCI_SUCCESS) { 277 kfree(new_dg); 278 return retval; 279 } 280 } 281 282 /* 283 * We currently truncate the size to signed 32 bits. This doesn't 284 * matter for this handler as it only support 4Kb messages. 285 */ 286 return (int)dg_size; 287 } 288 289 /* 290 * Dispatch datagram as a guest, down through the VMX and potentially to 291 * the host. 292 * Returns number of bytes sent on success, error code otherwise. 293 */ 294 static int dg_dispatch_as_guest(struct vmci_datagram *dg) 295 { 296 int retval; 297 struct vmci_resource *resource; 298 299 resource = vmci_resource_by_handle(dg->src, 300 VMCI_RESOURCE_TYPE_DATAGRAM); 301 if (!resource) 302 return VMCI_ERROR_NO_HANDLE; 303 304 retval = vmci_send_datagram(dg); 305 vmci_resource_put(resource); 306 return retval; 307 } 308 309 /* 310 * Dispatch datagram. This will determine the routing for the datagram 311 * and dispatch it accordingly. 312 * Returns number of bytes sent on success, error code otherwise. 313 */ 314 int vmci_datagram_dispatch(u32 context_id, 315 struct vmci_datagram *dg, bool from_guest) 316 { 317 int retval; 318 enum vmci_route route; 319 320 BUILD_BUG_ON(sizeof(struct vmci_datagram) != 24); 321 322 if (dg->payload_size > VMCI_MAX_DG_SIZE || 323 VMCI_DG_SIZE(dg) > VMCI_MAX_DG_SIZE) { 324 pr_devel("Payload (size=%llu bytes) too big to send\n", 325 (unsigned long long)dg->payload_size); 326 return VMCI_ERROR_INVALID_ARGS; 327 } 328 329 retval = vmci_route(&dg->src, &dg->dst, from_guest, &route); 330 if (retval < VMCI_SUCCESS) { 331 pr_devel("Failed to route datagram (src=0x%x, dst=0x%x, err=%d)\n", 332 dg->src.context, dg->dst.context, retval); 333 return retval; 334 } 335 336 if (VMCI_ROUTE_AS_HOST == route) { 337 if (VMCI_INVALID_ID == context_id) 338 context_id = VMCI_HOST_CONTEXT_ID; 339 return dg_dispatch_as_host(context_id, dg); 340 } 341 342 if (VMCI_ROUTE_AS_GUEST == route) 343 return dg_dispatch_as_guest(dg); 344 345 pr_warn("Unknown route (%d) for datagram\n", route); 346 return VMCI_ERROR_DST_UNREACHABLE; 347 } 348 349 /* 350 * Invoke the handler for the given datagram. This is intended to be 351 * called only when acting as a guest and receiving a datagram from the 352 * virtual device. 353 */ 354 int vmci_datagram_invoke_guest_handler(struct vmci_datagram *dg) 355 { 356 struct vmci_resource *resource; 357 struct datagram_entry *dst_entry; 358 359 resource = vmci_resource_by_handle(dg->dst, 360 VMCI_RESOURCE_TYPE_DATAGRAM); 361 if (!resource) { 362 pr_devel("destination (handle=0x%x:0x%x) doesn't exist\n", 363 dg->dst.context, dg->dst.resource); 364 return VMCI_ERROR_NO_HANDLE; 365 } 366 367 dst_entry = container_of(resource, struct datagram_entry, resource); 368 if (dst_entry->run_delayed) { 369 struct delayed_datagram_info *dg_info; 370 371 dg_info = kmalloc(sizeof(*dg_info) + (size_t)dg->payload_size, 372 GFP_ATOMIC); 373 if (!dg_info) { 374 vmci_resource_put(resource); 375 return VMCI_ERROR_NO_MEM; 376 } 377 378 dg_info->in_dg_host_queue = false; 379 dg_info->entry = dst_entry; 380 memcpy(&dg_info->msg, dg, VMCI_DG_SIZE(dg)); 381 382 INIT_WORK(&dg_info->work, dg_delayed_dispatch); 383 schedule_work(&dg_info->work); 384 } else { 385 dst_entry->recv_cb(dst_entry->client_data, dg); 386 vmci_resource_put(resource); 387 } 388 389 return VMCI_SUCCESS; 390 } 391 392 /* 393 * vmci_datagram_create_handle_priv() - Create host context datagram endpoint 394 * @resource_id: The resource ID. 395 * @flags: Datagram Flags. 396 * @priv_flags: Privilege Flags. 397 * @recv_cb: Callback when receiving datagrams. 398 * @client_data: Pointer for a datagram_entry struct 399 * @out_handle: vmci_handle that is populated as a result of this function. 400 * 401 * Creates a host context datagram endpoint and returns a handle to it. 402 */ 403 int vmci_datagram_create_handle_priv(u32 resource_id, 404 u32 flags, 405 u32 priv_flags, 406 vmci_datagram_recv_cb recv_cb, 407 void *client_data, 408 struct vmci_handle *out_handle) 409 { 410 if (out_handle == NULL) 411 return VMCI_ERROR_INVALID_ARGS; 412 413 if (recv_cb == NULL) { 414 pr_devel("Client callback needed when creating datagram\n"); 415 return VMCI_ERROR_INVALID_ARGS; 416 } 417 418 if (priv_flags & ~VMCI_PRIVILEGE_ALL_FLAGS) 419 return VMCI_ERROR_INVALID_ARGS; 420 421 return dg_create_handle(resource_id, flags, priv_flags, recv_cb, 422 client_data, out_handle); 423 } 424 EXPORT_SYMBOL_GPL(vmci_datagram_create_handle_priv); 425 426 /* 427 * vmci_datagram_create_handle() - Create host context datagram endpoint 428 * @resource_id: Resource ID. 429 * @flags: Datagram Flags. 430 * @recv_cb: Callback when receiving datagrams. 431 * @client_ata: Pointer for a datagram_entry struct 432 * @out_handle: vmci_handle that is populated as a result of this function. 433 * 434 * Creates a host context datagram endpoint and returns a handle to 435 * it. Same as vmci_datagram_create_handle_priv without the priviledge 436 * flags argument. 437 */ 438 int vmci_datagram_create_handle(u32 resource_id, 439 u32 flags, 440 vmci_datagram_recv_cb recv_cb, 441 void *client_data, 442 struct vmci_handle *out_handle) 443 { 444 return vmci_datagram_create_handle_priv( 445 resource_id, flags, 446 VMCI_DEFAULT_PROC_PRIVILEGE_FLAGS, 447 recv_cb, client_data, 448 out_handle); 449 } 450 EXPORT_SYMBOL_GPL(vmci_datagram_create_handle); 451 452 /* 453 * vmci_datagram_destroy_handle() - Destroys datagram handle 454 * @handle: vmci_handle to be destroyed and reaped. 455 * 456 * Use this function to destroy any datagram handles created by 457 * vmci_datagram_create_handle{,Priv} functions. 458 */ 459 int vmci_datagram_destroy_handle(struct vmci_handle handle) 460 { 461 struct datagram_entry *entry; 462 struct vmci_resource *resource; 463 464 resource = vmci_resource_by_handle(handle, VMCI_RESOURCE_TYPE_DATAGRAM); 465 if (!resource) { 466 pr_devel("Failed to destroy datagram (handle=0x%x:0x%x)\n", 467 handle.context, handle.resource); 468 return VMCI_ERROR_NOT_FOUND; 469 } 470 471 entry = container_of(resource, struct datagram_entry, resource); 472 473 vmci_resource_put(&entry->resource); 474 vmci_resource_remove(&entry->resource); 475 kfree(entry); 476 477 return VMCI_SUCCESS; 478 } 479 EXPORT_SYMBOL_GPL(vmci_datagram_destroy_handle); 480 481 /* 482 * vmci_datagram_send() - Send a datagram 483 * @msg: The datagram to send. 484 * 485 * Sends the provided datagram on its merry way. 486 */ 487 int vmci_datagram_send(struct vmci_datagram *msg) 488 { 489 if (msg == NULL) 490 return VMCI_ERROR_INVALID_ARGS; 491 492 return vmci_datagram_dispatch(VMCI_INVALID_ID, msg, false); 493 } 494 EXPORT_SYMBOL_GPL(vmci_datagram_send); 495