1 // SPDX-License-Identifier: GPL-2.0-only 2 /* 3 * VMware VMCI Driver 4 * 5 * Copyright (C) 2012 VMware, Inc. All rights reserved. 6 */ 7 8 #include <linux/vmw_vmci_defs.h> 9 #include <linux/vmw_vmci_api.h> 10 #include <linux/completion.h> 11 #include <linux/hash.h> 12 #include <linux/kernel.h> 13 #include <linux/list.h> 14 #include <linux/module.h> 15 #include <linux/sched.h> 16 #include <linux/slab.h> 17 18 #include "vmci_datagram.h" 19 #include "vmci_doorbell.h" 20 #include "vmci_resource.h" 21 #include "vmci_driver.h" 22 #include "vmci_route.h" 23 24 25 #define VMCI_DOORBELL_INDEX_BITS 6 26 #define VMCI_DOORBELL_INDEX_TABLE_SIZE (1 << VMCI_DOORBELL_INDEX_BITS) 27 #define VMCI_DOORBELL_HASH(_idx) hash_32(_idx, VMCI_DOORBELL_INDEX_BITS) 28 29 /* 30 * DoorbellEntry describes the a doorbell notification handle allocated by the 31 * host. 32 */ 33 struct dbell_entry { 34 struct vmci_resource resource; 35 struct hlist_node node; 36 struct work_struct work; 37 vmci_callback notify_cb; 38 void *client_data; 39 u32 idx; 40 u32 priv_flags; 41 bool run_delayed; 42 atomic_t active; /* Only used by guest personality */ 43 }; 44 45 /* The VMCI index table keeps track of currently registered doorbells. */ 46 struct dbell_index_table { 47 spinlock_t lock; /* Index table lock */ 48 struct hlist_head entries[VMCI_DOORBELL_INDEX_TABLE_SIZE]; 49 }; 50 51 static struct dbell_index_table vmci_doorbell_it = { 52 .lock = __SPIN_LOCK_UNLOCKED(vmci_doorbell_it.lock), 53 }; 54 55 /* 56 * The max_notify_idx is one larger than the currently known bitmap index in 57 * use, and is used to determine how much of the bitmap needs to be scanned. 58 */ 59 static u32 max_notify_idx; 60 61 /* 62 * The notify_idx_count is used for determining whether there are free entries 63 * within the bitmap (if notify_idx_count + 1 < max_notify_idx). 64 */ 65 static u32 notify_idx_count; 66 67 /* 68 * The last_notify_idx_reserved is used to track the last index handed out - in 69 * the case where multiple handles share a notification index, we hand out 70 * indexes round robin based on last_notify_idx_reserved. 71 */ 72 static u32 last_notify_idx_reserved; 73 74 /* This is a one entry cache used to by the index allocation. */ 75 static u32 last_notify_idx_released = PAGE_SIZE; 76 77 78 /* 79 * Utility function that retrieves the privilege flags associated 80 * with a given doorbell handle. For guest endpoints, the 81 * privileges are determined by the context ID, but for host 82 * endpoints privileges are associated with the complete 83 * handle. Hypervisor endpoints are not yet supported. 84 */ 85 int vmci_dbell_get_priv_flags(struct vmci_handle handle, u32 *priv_flags) 86 { 87 if (priv_flags == NULL || handle.context == VMCI_INVALID_ID) 88 return VMCI_ERROR_INVALID_ARGS; 89 90 if (handle.context == VMCI_HOST_CONTEXT_ID) { 91 struct dbell_entry *entry; 92 struct vmci_resource *resource; 93 94 resource = vmci_resource_by_handle(handle, 95 VMCI_RESOURCE_TYPE_DOORBELL); 96 if (!resource) 97 return VMCI_ERROR_NOT_FOUND; 98 99 entry = container_of(resource, struct dbell_entry, resource); 100 *priv_flags = entry->priv_flags; 101 vmci_resource_put(resource); 102 } else if (handle.context == VMCI_HYPERVISOR_CONTEXT_ID) { 103 /* 104 * Hypervisor endpoints for notifications are not 105 * supported (yet). 106 */ 107 return VMCI_ERROR_INVALID_ARGS; 108 } else { 109 *priv_flags = vmci_context_get_priv_flags(handle.context); 110 } 111 112 return VMCI_SUCCESS; 113 } 114 115 /* 116 * Find doorbell entry by bitmap index. 117 */ 118 static struct dbell_entry *dbell_index_table_find(u32 idx) 119 { 120 u32 bucket = VMCI_DOORBELL_HASH(idx); 121 struct dbell_entry *dbell; 122 123 hlist_for_each_entry(dbell, &vmci_doorbell_it.entries[bucket], 124 node) { 125 if (idx == dbell->idx) 126 return dbell; 127 } 128 129 return NULL; 130 } 131 132 /* 133 * Add the given entry to the index table. This willi take a reference to the 134 * entry's resource so that the entry is not deleted before it is removed from 135 * the * table. 136 */ 137 static void dbell_index_table_add(struct dbell_entry *entry) 138 { 139 u32 bucket; 140 u32 new_notify_idx; 141 142 vmci_resource_get(&entry->resource); 143 144 spin_lock_bh(&vmci_doorbell_it.lock); 145 146 /* 147 * Below we try to allocate an index in the notification 148 * bitmap with "not too much" sharing between resources. If we 149 * use less that the full bitmap, we either add to the end if 150 * there are no unused flags within the currently used area, 151 * or we search for unused ones. If we use the full bitmap, we 152 * allocate the index round robin. 153 */ 154 if (max_notify_idx < PAGE_SIZE || notify_idx_count < PAGE_SIZE) { 155 if (last_notify_idx_released < max_notify_idx && 156 !dbell_index_table_find(last_notify_idx_released)) { 157 new_notify_idx = last_notify_idx_released; 158 last_notify_idx_released = PAGE_SIZE; 159 } else { 160 bool reused = false; 161 new_notify_idx = last_notify_idx_reserved; 162 if (notify_idx_count + 1 < max_notify_idx) { 163 do { 164 if (!dbell_index_table_find 165 (new_notify_idx)) { 166 reused = true; 167 break; 168 } 169 new_notify_idx = (new_notify_idx + 1) % 170 max_notify_idx; 171 } while (new_notify_idx != 172 last_notify_idx_released); 173 } 174 if (!reused) { 175 new_notify_idx = max_notify_idx; 176 max_notify_idx++; 177 } 178 } 179 } else { 180 new_notify_idx = (last_notify_idx_reserved + 1) % PAGE_SIZE; 181 } 182 183 last_notify_idx_reserved = new_notify_idx; 184 notify_idx_count++; 185 186 entry->idx = new_notify_idx; 187 bucket = VMCI_DOORBELL_HASH(entry->idx); 188 hlist_add_head(&entry->node, &vmci_doorbell_it.entries[bucket]); 189 190 spin_unlock_bh(&vmci_doorbell_it.lock); 191 } 192 193 /* 194 * Remove the given entry from the index table. This will release() the 195 * entry's resource. 196 */ 197 static void dbell_index_table_remove(struct dbell_entry *entry) 198 { 199 spin_lock_bh(&vmci_doorbell_it.lock); 200 201 hlist_del_init(&entry->node); 202 203 notify_idx_count--; 204 if (entry->idx == max_notify_idx - 1) { 205 /* 206 * If we delete an entry with the maximum known 207 * notification index, we take the opportunity to 208 * prune the current max. As there might be other 209 * unused indices immediately below, we lower the 210 * maximum until we hit an index in use. 211 */ 212 while (max_notify_idx > 0 && 213 !dbell_index_table_find(max_notify_idx - 1)) 214 max_notify_idx--; 215 } 216 217 last_notify_idx_released = entry->idx; 218 219 spin_unlock_bh(&vmci_doorbell_it.lock); 220 221 vmci_resource_put(&entry->resource); 222 } 223 224 /* 225 * Creates a link between the given doorbell handle and the given 226 * index in the bitmap in the device backend. A notification state 227 * is created in hypervisor. 228 */ 229 static int dbell_link(struct vmci_handle handle, u32 notify_idx) 230 { 231 struct vmci_doorbell_link_msg link_msg; 232 233 link_msg.hdr.dst = vmci_make_handle(VMCI_HYPERVISOR_CONTEXT_ID, 234 VMCI_DOORBELL_LINK); 235 link_msg.hdr.src = VMCI_ANON_SRC_HANDLE; 236 link_msg.hdr.payload_size = sizeof(link_msg) - VMCI_DG_HEADERSIZE; 237 link_msg.handle = handle; 238 link_msg.notify_idx = notify_idx; 239 240 return vmci_send_datagram(&link_msg.hdr); 241 } 242 243 /* 244 * Unlinks the given doorbell handle from an index in the bitmap in 245 * the device backend. The notification state is destroyed in hypervisor. 246 */ 247 static int dbell_unlink(struct vmci_handle handle) 248 { 249 struct vmci_doorbell_unlink_msg unlink_msg; 250 251 unlink_msg.hdr.dst = vmci_make_handle(VMCI_HYPERVISOR_CONTEXT_ID, 252 VMCI_DOORBELL_UNLINK); 253 unlink_msg.hdr.src = VMCI_ANON_SRC_HANDLE; 254 unlink_msg.hdr.payload_size = sizeof(unlink_msg) - VMCI_DG_HEADERSIZE; 255 unlink_msg.handle = handle; 256 257 return vmci_send_datagram(&unlink_msg.hdr); 258 } 259 260 /* 261 * Notify another guest or the host. We send a datagram down to the 262 * host via the hypervisor with the notification info. 263 */ 264 static int dbell_notify_as_guest(struct vmci_handle handle, u32 priv_flags) 265 { 266 struct vmci_doorbell_notify_msg notify_msg; 267 268 notify_msg.hdr.dst = vmci_make_handle(VMCI_HYPERVISOR_CONTEXT_ID, 269 VMCI_DOORBELL_NOTIFY); 270 notify_msg.hdr.src = VMCI_ANON_SRC_HANDLE; 271 notify_msg.hdr.payload_size = sizeof(notify_msg) - VMCI_DG_HEADERSIZE; 272 notify_msg.handle = handle; 273 274 return vmci_send_datagram(¬ify_msg.hdr); 275 } 276 277 /* 278 * Calls the specified callback in a delayed context. 279 */ 280 static void dbell_delayed_dispatch(struct work_struct *work) 281 { 282 struct dbell_entry *entry = container_of(work, 283 struct dbell_entry, work); 284 285 entry->notify_cb(entry->client_data); 286 vmci_resource_put(&entry->resource); 287 } 288 289 /* 290 * Dispatches a doorbell notification to the host context. 291 */ 292 int vmci_dbell_host_context_notify(u32 src_cid, struct vmci_handle handle) 293 { 294 struct dbell_entry *entry; 295 struct vmci_resource *resource; 296 297 if (vmci_handle_is_invalid(handle)) { 298 pr_devel("Notifying an invalid doorbell (handle=0x%x:0x%x)\n", 299 handle.context, handle.resource); 300 return VMCI_ERROR_INVALID_ARGS; 301 } 302 303 resource = vmci_resource_by_handle(handle, 304 VMCI_RESOURCE_TYPE_DOORBELL); 305 if (!resource) { 306 pr_devel("Notifying an unknown doorbell (handle=0x%x:0x%x)\n", 307 handle.context, handle.resource); 308 return VMCI_ERROR_NOT_FOUND; 309 } 310 311 entry = container_of(resource, struct dbell_entry, resource); 312 if (entry->run_delayed) { 313 schedule_work(&entry->work); 314 } else { 315 entry->notify_cb(entry->client_data); 316 vmci_resource_put(resource); 317 } 318 319 return VMCI_SUCCESS; 320 } 321 322 /* 323 * Register the notification bitmap with the host. 324 */ 325 bool vmci_dbell_register_notification_bitmap(u64 bitmap_ppn) 326 { 327 int result; 328 struct vmci_notify_bm_set_msg bitmap_set_msg; 329 330 bitmap_set_msg.hdr.dst = vmci_make_handle(VMCI_HYPERVISOR_CONTEXT_ID, 331 VMCI_SET_NOTIFY_BITMAP); 332 bitmap_set_msg.hdr.src = VMCI_ANON_SRC_HANDLE; 333 bitmap_set_msg.hdr.payload_size = sizeof(bitmap_set_msg) - 334 VMCI_DG_HEADERSIZE; 335 if (vmci_use_ppn64()) 336 bitmap_set_msg.bitmap_ppn64 = bitmap_ppn; 337 else 338 bitmap_set_msg.bitmap_ppn32 = (u32) bitmap_ppn; 339 340 result = vmci_send_datagram(&bitmap_set_msg.hdr); 341 if (result != VMCI_SUCCESS) { 342 pr_devel("Failed to register (PPN=%llu) as notification bitmap (error=%d)\n", 343 bitmap_ppn, result); 344 return false; 345 } 346 return true; 347 } 348 349 /* 350 * Executes or schedules the handlers for a given notify index. 351 */ 352 static void dbell_fire_entries(u32 notify_idx) 353 { 354 u32 bucket = VMCI_DOORBELL_HASH(notify_idx); 355 struct dbell_entry *dbell; 356 357 spin_lock_bh(&vmci_doorbell_it.lock); 358 359 hlist_for_each_entry(dbell, &vmci_doorbell_it.entries[bucket], node) { 360 if (dbell->idx == notify_idx && 361 atomic_read(&dbell->active) == 1) { 362 if (dbell->run_delayed) { 363 vmci_resource_get(&dbell->resource); 364 schedule_work(&dbell->work); 365 } else { 366 dbell->notify_cb(dbell->client_data); 367 } 368 } 369 } 370 371 spin_unlock_bh(&vmci_doorbell_it.lock); 372 } 373 374 /* 375 * Scans the notification bitmap, collects pending notifications, 376 * resets the bitmap and invokes appropriate callbacks. 377 */ 378 void vmci_dbell_scan_notification_entries(u8 *bitmap) 379 { 380 u32 idx; 381 382 for (idx = 0; idx < max_notify_idx; idx++) { 383 if (bitmap[idx] & 0x1) { 384 bitmap[idx] &= ~1; 385 dbell_fire_entries(idx); 386 } 387 } 388 } 389 390 /* 391 * vmci_doorbell_create() - Creates a doorbell 392 * @handle: A handle used to track the resource. Can be invalid. 393 * @flags: Flag that determines context of callback. 394 * @priv_flags: Privileges flags. 395 * @notify_cb: The callback to be ivoked when the doorbell fires. 396 * @client_data: A parameter to be passed to the callback. 397 * 398 * Creates a doorbell with the given callback. If the handle is 399 * VMCI_INVALID_HANDLE, a free handle will be assigned, if 400 * possible. The callback can be run immediately (potentially with 401 * locks held - the default) or delayed (in a kernel thread) by 402 * specifying the flag VMCI_FLAG_DELAYED_CB. If delayed execution 403 * is selected, a given callback may not be run if the kernel is 404 * unable to allocate memory for the delayed execution (highly 405 * unlikely). 406 */ 407 int vmci_doorbell_create(struct vmci_handle *handle, 408 u32 flags, 409 u32 priv_flags, 410 vmci_callback notify_cb, void *client_data) 411 { 412 struct dbell_entry *entry; 413 struct vmci_handle new_handle; 414 int result; 415 416 if (!handle || !notify_cb || flags & ~VMCI_FLAG_DELAYED_CB || 417 priv_flags & ~VMCI_PRIVILEGE_ALL_FLAGS) 418 return VMCI_ERROR_INVALID_ARGS; 419 420 entry = kmalloc(sizeof(*entry), GFP_KERNEL); 421 if (entry == NULL) { 422 pr_warn("Failed allocating memory for datagram entry\n"); 423 return VMCI_ERROR_NO_MEM; 424 } 425 426 if (vmci_handle_is_invalid(*handle)) { 427 u32 context_id = vmci_get_context_id(); 428 429 if (context_id == VMCI_INVALID_ID) { 430 pr_warn("Failed to get context ID\n"); 431 result = VMCI_ERROR_NO_RESOURCES; 432 goto free_mem; 433 } 434 435 /* Let resource code allocate a free ID for us */ 436 new_handle = vmci_make_handle(context_id, VMCI_INVALID_ID); 437 } else { 438 bool valid_context = false; 439 440 /* 441 * Validate the handle. We must do both of the checks below 442 * because we can be acting as both a host and a guest at the 443 * same time. We always allow the host context ID, since the 444 * host functionality is in practice always there with the 445 * unified driver. 446 */ 447 if (handle->context == VMCI_HOST_CONTEXT_ID || 448 (vmci_guest_code_active() && 449 vmci_get_context_id() == handle->context)) { 450 valid_context = true; 451 } 452 453 if (!valid_context || handle->resource == VMCI_INVALID_ID) { 454 pr_devel("Invalid argument (handle=0x%x:0x%x)\n", 455 handle->context, handle->resource); 456 result = VMCI_ERROR_INVALID_ARGS; 457 goto free_mem; 458 } 459 460 new_handle = *handle; 461 } 462 463 entry->idx = 0; 464 INIT_HLIST_NODE(&entry->node); 465 entry->priv_flags = priv_flags; 466 INIT_WORK(&entry->work, dbell_delayed_dispatch); 467 entry->run_delayed = flags & VMCI_FLAG_DELAYED_CB; 468 entry->notify_cb = notify_cb; 469 entry->client_data = client_data; 470 atomic_set(&entry->active, 0); 471 472 result = vmci_resource_add(&entry->resource, 473 VMCI_RESOURCE_TYPE_DOORBELL, 474 new_handle); 475 if (result != VMCI_SUCCESS) { 476 pr_warn("Failed to add new resource (handle=0x%x:0x%x), error: %d\n", 477 new_handle.context, new_handle.resource, result); 478 goto free_mem; 479 } 480 481 new_handle = vmci_resource_handle(&entry->resource); 482 if (vmci_guest_code_active()) { 483 dbell_index_table_add(entry); 484 result = dbell_link(new_handle, entry->idx); 485 if (VMCI_SUCCESS != result) 486 goto destroy_resource; 487 488 atomic_set(&entry->active, 1); 489 } 490 491 *handle = new_handle; 492 493 return result; 494 495 destroy_resource: 496 dbell_index_table_remove(entry); 497 vmci_resource_remove(&entry->resource); 498 free_mem: 499 kfree(entry); 500 return result; 501 } 502 EXPORT_SYMBOL_GPL(vmci_doorbell_create); 503 504 /* 505 * vmci_doorbell_destroy() - Destroy a doorbell. 506 * @handle: The handle tracking the resource. 507 * 508 * Destroys a doorbell previously created with vmcii_doorbell_create. This 509 * operation may block waiting for a callback to finish. 510 */ 511 int vmci_doorbell_destroy(struct vmci_handle handle) 512 { 513 struct dbell_entry *entry; 514 struct vmci_resource *resource; 515 516 if (vmci_handle_is_invalid(handle)) 517 return VMCI_ERROR_INVALID_ARGS; 518 519 resource = vmci_resource_by_handle(handle, 520 VMCI_RESOURCE_TYPE_DOORBELL); 521 if (!resource) { 522 pr_devel("Failed to destroy doorbell (handle=0x%x:0x%x)\n", 523 handle.context, handle.resource); 524 return VMCI_ERROR_NOT_FOUND; 525 } 526 527 entry = container_of(resource, struct dbell_entry, resource); 528 529 if (!hlist_unhashed(&entry->node)) { 530 int result; 531 532 dbell_index_table_remove(entry); 533 534 result = dbell_unlink(handle); 535 if (VMCI_SUCCESS != result) { 536 537 /* 538 * The only reason this should fail would be 539 * an inconsistency between guest and 540 * hypervisor state, where the guest believes 541 * it has an active registration whereas the 542 * hypervisor doesn't. One case where this may 543 * happen is if a doorbell is unregistered 544 * following a hibernation at a time where the 545 * doorbell state hasn't been restored on the 546 * hypervisor side yet. Since the handle has 547 * now been removed in the guest, we just 548 * print a warning and return success. 549 */ 550 pr_devel("Unlink of doorbell (handle=0x%x:0x%x) unknown by hypervisor (error=%d)\n", 551 handle.context, handle.resource, result); 552 } 553 } 554 555 /* 556 * Now remove the resource from the table. It might still be in use 557 * after this, in a callback or still on the delayed work queue. 558 */ 559 vmci_resource_put(&entry->resource); 560 vmci_resource_remove(&entry->resource); 561 562 kfree(entry); 563 564 return VMCI_SUCCESS; 565 } 566 EXPORT_SYMBOL_GPL(vmci_doorbell_destroy); 567 568 /* 569 * vmci_doorbell_notify() - Ring the doorbell (and hide in the bushes). 570 * @dst: The handlle identifying the doorbell resource 571 * @priv_flags: Priviledge flags. 572 * 573 * Generates a notification on the doorbell identified by the 574 * handle. For host side generation of notifications, the caller 575 * can specify what the privilege of the calling side is. 576 */ 577 int vmci_doorbell_notify(struct vmci_handle dst, u32 priv_flags) 578 { 579 int retval; 580 enum vmci_route route; 581 struct vmci_handle src; 582 583 if (vmci_handle_is_invalid(dst) || 584 (priv_flags & ~VMCI_PRIVILEGE_ALL_FLAGS)) 585 return VMCI_ERROR_INVALID_ARGS; 586 587 src = VMCI_INVALID_HANDLE; 588 retval = vmci_route(&src, &dst, false, &route); 589 if (retval < VMCI_SUCCESS) 590 return retval; 591 592 if (VMCI_ROUTE_AS_HOST == route) 593 return vmci_ctx_notify_dbell(VMCI_HOST_CONTEXT_ID, 594 dst, priv_flags); 595 596 if (VMCI_ROUTE_AS_GUEST == route) 597 return dbell_notify_as_guest(dst, priv_flags); 598 599 pr_warn("Unknown route (%d) for doorbell\n", route); 600 return VMCI_ERROR_DST_UNREACHABLE; 601 } 602 EXPORT_SYMBOL_GPL(vmci_doorbell_notify); 603