1 /* 2 * Back-end of the driver for virtual network devices. This portion of the 3 * driver exports a 'unified' network-device interface that can be accessed 4 * by any operating system that implements a compatible front end. A 5 * reference front-end implementation can be found in: 6 * drivers/net/xen-netfront.c 7 * 8 * Copyright (c) 2002-2005, K A Fraser 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License version 2 12 * as published by the Free Software Foundation; or, when distributed 13 * separately from the Linux kernel or incorporated into other 14 * software packages, subject to the following license: 15 * 16 * Permission is hereby granted, free of charge, to any person obtaining a copy 17 * of this source file (the "Software"), to deal in the Software without 18 * restriction, including without limitation the rights to use, copy, modify, 19 * merge, publish, distribute, sublicense, and/or sell copies of the Software, 20 * and to permit persons to whom the Software is furnished to do so, subject to 21 * the following conditions: 22 * 23 * The above copyright notice and this permission notice shall be included in 24 * all copies or substantial portions of the Software. 25 * 26 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 27 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 28 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 29 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 30 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 31 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 32 * IN THE SOFTWARE. 33 */ 34 35 #include "common.h" 36 37 #include <linux/kthread.h> 38 #include <linux/if_vlan.h> 39 #include <linux/udp.h> 40 41 #include <net/tcp.h> 42 43 #include <xen/events.h> 44 #include <xen/interface/memory.h> 45 46 #include <asm/xen/hypercall.h> 47 #include <asm/xen/page.h> 48 49 struct pending_tx_info { 50 struct xen_netif_tx_request req; 51 struct xenvif *vif; 52 }; 53 typedef unsigned int pending_ring_idx_t; 54 55 struct netbk_rx_meta { 56 int id; 57 int size; 58 int gso_size; 59 }; 60 61 #define MAX_PENDING_REQS 256 62 63 /* Discriminate from any valid pending_idx value. */ 64 #define INVALID_PENDING_IDX 0xFFFF 65 66 #define MAX_BUFFER_OFFSET PAGE_SIZE 67 68 /* extra field used in struct page */ 69 union page_ext { 70 struct { 71 #if BITS_PER_LONG < 64 72 #define IDX_WIDTH 8 73 #define GROUP_WIDTH (BITS_PER_LONG - IDX_WIDTH) 74 unsigned int group:GROUP_WIDTH; 75 unsigned int idx:IDX_WIDTH; 76 #else 77 unsigned int group, idx; 78 #endif 79 } e; 80 void *mapping; 81 }; 82 83 struct xen_netbk { 84 wait_queue_head_t wq; 85 struct task_struct *task; 86 87 struct sk_buff_head rx_queue; 88 struct sk_buff_head tx_queue; 89 90 struct timer_list net_timer; 91 92 struct page *mmap_pages[MAX_PENDING_REQS]; 93 94 pending_ring_idx_t pending_prod; 95 pending_ring_idx_t pending_cons; 96 struct list_head net_schedule_list; 97 98 /* Protect the net_schedule_list in netif. */ 99 spinlock_t net_schedule_list_lock; 100 101 atomic_t netfront_count; 102 103 struct pending_tx_info pending_tx_info[MAX_PENDING_REQS]; 104 struct gnttab_copy tx_copy_ops[MAX_PENDING_REQS]; 105 106 u16 pending_ring[MAX_PENDING_REQS]; 107 108 /* 109 * Given MAX_BUFFER_OFFSET of 4096 the worst case is that each 110 * head/fragment page uses 2 copy operations because it 111 * straddles two buffers in the frontend. 112 */ 113 struct gnttab_copy grant_copy_op[2*XEN_NETIF_RX_RING_SIZE]; 114 struct netbk_rx_meta meta[2*XEN_NETIF_RX_RING_SIZE]; 115 }; 116 117 static struct xen_netbk *xen_netbk; 118 static int xen_netbk_group_nr; 119 120 void xen_netbk_add_xenvif(struct xenvif *vif) 121 { 122 int i; 123 int min_netfront_count; 124 int min_group = 0; 125 struct xen_netbk *netbk; 126 127 min_netfront_count = atomic_read(&xen_netbk[0].netfront_count); 128 for (i = 0; i < xen_netbk_group_nr; i++) { 129 int netfront_count = atomic_read(&xen_netbk[i].netfront_count); 130 if (netfront_count < min_netfront_count) { 131 min_group = i; 132 min_netfront_count = netfront_count; 133 } 134 } 135 136 netbk = &xen_netbk[min_group]; 137 138 vif->netbk = netbk; 139 atomic_inc(&netbk->netfront_count); 140 } 141 142 void xen_netbk_remove_xenvif(struct xenvif *vif) 143 { 144 struct xen_netbk *netbk = vif->netbk; 145 vif->netbk = NULL; 146 atomic_dec(&netbk->netfront_count); 147 } 148 149 static void xen_netbk_idx_release(struct xen_netbk *netbk, u16 pending_idx); 150 static void make_tx_response(struct xenvif *vif, 151 struct xen_netif_tx_request *txp, 152 s8 st); 153 static struct xen_netif_rx_response *make_rx_response(struct xenvif *vif, 154 u16 id, 155 s8 st, 156 u16 offset, 157 u16 size, 158 u16 flags); 159 160 static inline unsigned long idx_to_pfn(struct xen_netbk *netbk, 161 u16 idx) 162 { 163 return page_to_pfn(netbk->mmap_pages[idx]); 164 } 165 166 static inline unsigned long idx_to_kaddr(struct xen_netbk *netbk, 167 u16 idx) 168 { 169 return (unsigned long)pfn_to_kaddr(idx_to_pfn(netbk, idx)); 170 } 171 172 /* extra field used in struct page */ 173 static inline void set_page_ext(struct page *pg, struct xen_netbk *netbk, 174 unsigned int idx) 175 { 176 unsigned int group = netbk - xen_netbk; 177 union page_ext ext = { .e = { .group = group + 1, .idx = idx } }; 178 179 BUILD_BUG_ON(sizeof(ext) > sizeof(ext.mapping)); 180 pg->mapping = ext.mapping; 181 } 182 183 static int get_page_ext(struct page *pg, 184 unsigned int *pgroup, unsigned int *pidx) 185 { 186 union page_ext ext = { .mapping = pg->mapping }; 187 struct xen_netbk *netbk; 188 unsigned int group, idx; 189 190 group = ext.e.group - 1; 191 192 if (group < 0 || group >= xen_netbk_group_nr) 193 return 0; 194 195 netbk = &xen_netbk[group]; 196 197 idx = ext.e.idx; 198 199 if ((idx < 0) || (idx >= MAX_PENDING_REQS)) 200 return 0; 201 202 if (netbk->mmap_pages[idx] != pg) 203 return 0; 204 205 *pgroup = group; 206 *pidx = idx; 207 208 return 1; 209 } 210 211 /* 212 * This is the amount of packet we copy rather than map, so that the 213 * guest can't fiddle with the contents of the headers while we do 214 * packet processing on them (netfilter, routing, etc). 215 */ 216 #define PKT_PROT_LEN (ETH_HLEN + \ 217 VLAN_HLEN + \ 218 sizeof(struct iphdr) + MAX_IPOPTLEN + \ 219 sizeof(struct tcphdr) + MAX_TCP_OPTION_SPACE) 220 221 static u16 frag_get_pending_idx(skb_frag_t *frag) 222 { 223 return (u16)frag->page_offset; 224 } 225 226 static void frag_set_pending_idx(skb_frag_t *frag, u16 pending_idx) 227 { 228 frag->page_offset = pending_idx; 229 } 230 231 static inline pending_ring_idx_t pending_index(unsigned i) 232 { 233 return i & (MAX_PENDING_REQS-1); 234 } 235 236 static inline pending_ring_idx_t nr_pending_reqs(struct xen_netbk *netbk) 237 { 238 return MAX_PENDING_REQS - 239 netbk->pending_prod + netbk->pending_cons; 240 } 241 242 static void xen_netbk_kick_thread(struct xen_netbk *netbk) 243 { 244 wake_up(&netbk->wq); 245 } 246 247 static int max_required_rx_slots(struct xenvif *vif) 248 { 249 int max = DIV_ROUND_UP(vif->dev->mtu, PAGE_SIZE); 250 251 if (vif->can_sg || vif->gso || vif->gso_prefix) 252 max += MAX_SKB_FRAGS + 1; /* extra_info + frags */ 253 254 return max; 255 } 256 257 int xen_netbk_rx_ring_full(struct xenvif *vif) 258 { 259 RING_IDX peek = vif->rx_req_cons_peek; 260 RING_IDX needed = max_required_rx_slots(vif); 261 262 return ((vif->rx.sring->req_prod - peek) < needed) || 263 ((vif->rx.rsp_prod_pvt + XEN_NETIF_RX_RING_SIZE - peek) < needed); 264 } 265 266 int xen_netbk_must_stop_queue(struct xenvif *vif) 267 { 268 if (!xen_netbk_rx_ring_full(vif)) 269 return 0; 270 271 vif->rx.sring->req_event = vif->rx_req_cons_peek + 272 max_required_rx_slots(vif); 273 mb(); /* request notification /then/ check the queue */ 274 275 return xen_netbk_rx_ring_full(vif); 276 } 277 278 /* 279 * Returns true if we should start a new receive buffer instead of 280 * adding 'size' bytes to a buffer which currently contains 'offset' 281 * bytes. 282 */ 283 static bool start_new_rx_buffer(int offset, unsigned long size, int head) 284 { 285 /* simple case: we have completely filled the current buffer. */ 286 if (offset == MAX_BUFFER_OFFSET) 287 return true; 288 289 /* 290 * complex case: start a fresh buffer if the current frag 291 * would overflow the current buffer but only if: 292 * (i) this frag would fit completely in the next buffer 293 * and (ii) there is already some data in the current buffer 294 * and (iii) this is not the head buffer. 295 * 296 * Where: 297 * - (i) stops us splitting a frag into two copies 298 * unless the frag is too large for a single buffer. 299 * - (ii) stops us from leaving a buffer pointlessly empty. 300 * - (iii) stops us leaving the first buffer 301 * empty. Strictly speaking this is already covered 302 * by (ii) but is explicitly checked because 303 * netfront relies on the first buffer being 304 * non-empty and can crash otherwise. 305 * 306 * This means we will effectively linearise small 307 * frags but do not needlessly split large buffers 308 * into multiple copies tend to give large frags their 309 * own buffers as before. 310 */ 311 if ((offset + size > MAX_BUFFER_OFFSET) && 312 (size <= MAX_BUFFER_OFFSET) && offset && !head) 313 return true; 314 315 return false; 316 } 317 318 /* 319 * Figure out how many ring slots we're going to need to send @skb to 320 * the guest. This function is essentially a dry run of 321 * netbk_gop_frag_copy. 322 */ 323 unsigned int xen_netbk_count_skb_slots(struct xenvif *vif, struct sk_buff *skb) 324 { 325 unsigned int count; 326 int i, copy_off; 327 328 count = DIV_ROUND_UP( 329 offset_in_page(skb->data)+skb_headlen(skb), PAGE_SIZE); 330 331 copy_off = skb_headlen(skb) % PAGE_SIZE; 332 333 if (skb_shinfo(skb)->gso_size) 334 count++; 335 336 for (i = 0; i < skb_shinfo(skb)->nr_frags; i++) { 337 unsigned long size = skb_frag_size(&skb_shinfo(skb)->frags[i]); 338 unsigned long bytes; 339 while (size > 0) { 340 BUG_ON(copy_off > MAX_BUFFER_OFFSET); 341 342 if (start_new_rx_buffer(copy_off, size, 0)) { 343 count++; 344 copy_off = 0; 345 } 346 347 bytes = size; 348 if (copy_off + bytes > MAX_BUFFER_OFFSET) 349 bytes = MAX_BUFFER_OFFSET - copy_off; 350 351 copy_off += bytes; 352 size -= bytes; 353 } 354 } 355 return count; 356 } 357 358 struct netrx_pending_operations { 359 unsigned copy_prod, copy_cons; 360 unsigned meta_prod, meta_cons; 361 struct gnttab_copy *copy; 362 struct netbk_rx_meta *meta; 363 int copy_off; 364 grant_ref_t copy_gref; 365 }; 366 367 static struct netbk_rx_meta *get_next_rx_buffer(struct xenvif *vif, 368 struct netrx_pending_operations *npo) 369 { 370 struct netbk_rx_meta *meta; 371 struct xen_netif_rx_request *req; 372 373 req = RING_GET_REQUEST(&vif->rx, vif->rx.req_cons++); 374 375 meta = npo->meta + npo->meta_prod++; 376 meta->gso_size = 0; 377 meta->size = 0; 378 meta->id = req->id; 379 380 npo->copy_off = 0; 381 npo->copy_gref = req->gref; 382 383 return meta; 384 } 385 386 /* 387 * Set up the grant operations for this fragment. If it's a flipping 388 * interface, we also set up the unmap request from here. 389 */ 390 static void netbk_gop_frag_copy(struct xenvif *vif, struct sk_buff *skb, 391 struct netrx_pending_operations *npo, 392 struct page *page, unsigned long size, 393 unsigned long offset, int *head) 394 { 395 struct gnttab_copy *copy_gop; 396 struct netbk_rx_meta *meta; 397 /* 398 * These variables are used iff get_page_ext returns true, 399 * in which case they are guaranteed to be initialized. 400 */ 401 unsigned int uninitialized_var(group), uninitialized_var(idx); 402 int foreign = get_page_ext(page, &group, &idx); 403 unsigned long bytes; 404 405 /* Data must not cross a page boundary. */ 406 BUG_ON(size + offset > PAGE_SIZE); 407 408 meta = npo->meta + npo->meta_prod - 1; 409 410 while (size > 0) { 411 BUG_ON(npo->copy_off > MAX_BUFFER_OFFSET); 412 413 if (start_new_rx_buffer(npo->copy_off, size, *head)) { 414 /* 415 * Netfront requires there to be some data in the head 416 * buffer. 417 */ 418 BUG_ON(*head); 419 420 meta = get_next_rx_buffer(vif, npo); 421 } 422 423 bytes = size; 424 if (npo->copy_off + bytes > MAX_BUFFER_OFFSET) 425 bytes = MAX_BUFFER_OFFSET - npo->copy_off; 426 427 copy_gop = npo->copy + npo->copy_prod++; 428 copy_gop->flags = GNTCOPY_dest_gref; 429 if (foreign) { 430 struct xen_netbk *netbk = &xen_netbk[group]; 431 struct pending_tx_info *src_pend; 432 433 src_pend = &netbk->pending_tx_info[idx]; 434 435 copy_gop->source.domid = src_pend->vif->domid; 436 copy_gop->source.u.ref = src_pend->req.gref; 437 copy_gop->flags |= GNTCOPY_source_gref; 438 } else { 439 void *vaddr = page_address(page); 440 copy_gop->source.domid = DOMID_SELF; 441 copy_gop->source.u.gmfn = virt_to_mfn(vaddr); 442 } 443 copy_gop->source.offset = offset; 444 copy_gop->dest.domid = vif->domid; 445 446 copy_gop->dest.offset = npo->copy_off; 447 copy_gop->dest.u.ref = npo->copy_gref; 448 copy_gop->len = bytes; 449 450 npo->copy_off += bytes; 451 meta->size += bytes; 452 453 offset += bytes; 454 size -= bytes; 455 456 /* Leave a gap for the GSO descriptor. */ 457 if (*head && skb_shinfo(skb)->gso_size && !vif->gso_prefix) 458 vif->rx.req_cons++; 459 460 *head = 0; /* There must be something in this buffer now. */ 461 462 } 463 } 464 465 /* 466 * Prepare an SKB to be transmitted to the frontend. 467 * 468 * This function is responsible for allocating grant operations, meta 469 * structures, etc. 470 * 471 * It returns the number of meta structures consumed. The number of 472 * ring slots used is always equal to the number of meta slots used 473 * plus the number of GSO descriptors used. Currently, we use either 474 * zero GSO descriptors (for non-GSO packets) or one descriptor (for 475 * frontend-side LRO). 476 */ 477 static int netbk_gop_skb(struct sk_buff *skb, 478 struct netrx_pending_operations *npo) 479 { 480 struct xenvif *vif = netdev_priv(skb->dev); 481 int nr_frags = skb_shinfo(skb)->nr_frags; 482 int i; 483 struct xen_netif_rx_request *req; 484 struct netbk_rx_meta *meta; 485 unsigned char *data; 486 int head = 1; 487 int old_meta_prod; 488 489 old_meta_prod = npo->meta_prod; 490 491 /* Set up a GSO prefix descriptor, if necessary */ 492 if (skb_shinfo(skb)->gso_size && vif->gso_prefix) { 493 req = RING_GET_REQUEST(&vif->rx, vif->rx.req_cons++); 494 meta = npo->meta + npo->meta_prod++; 495 meta->gso_size = skb_shinfo(skb)->gso_size; 496 meta->size = 0; 497 meta->id = req->id; 498 } 499 500 req = RING_GET_REQUEST(&vif->rx, vif->rx.req_cons++); 501 meta = npo->meta + npo->meta_prod++; 502 503 if (!vif->gso_prefix) 504 meta->gso_size = skb_shinfo(skb)->gso_size; 505 else 506 meta->gso_size = 0; 507 508 meta->size = 0; 509 meta->id = req->id; 510 npo->copy_off = 0; 511 npo->copy_gref = req->gref; 512 513 data = skb->data; 514 while (data < skb_tail_pointer(skb)) { 515 unsigned int offset = offset_in_page(data); 516 unsigned int len = PAGE_SIZE - offset; 517 518 if (data + len > skb_tail_pointer(skb)) 519 len = skb_tail_pointer(skb) - data; 520 521 netbk_gop_frag_copy(vif, skb, npo, 522 virt_to_page(data), len, offset, &head); 523 data += len; 524 } 525 526 for (i = 0; i < nr_frags; i++) { 527 netbk_gop_frag_copy(vif, skb, npo, 528 skb_frag_page(&skb_shinfo(skb)->frags[i]), 529 skb_frag_size(&skb_shinfo(skb)->frags[i]), 530 skb_shinfo(skb)->frags[i].page_offset, 531 &head); 532 } 533 534 return npo->meta_prod - old_meta_prod; 535 } 536 537 /* 538 * This is a twin to netbk_gop_skb. Assume that netbk_gop_skb was 539 * used to set up the operations on the top of 540 * netrx_pending_operations, which have since been done. Check that 541 * they didn't give any errors and advance over them. 542 */ 543 static int netbk_check_gop(struct xenvif *vif, int nr_meta_slots, 544 struct netrx_pending_operations *npo) 545 { 546 struct gnttab_copy *copy_op; 547 int status = XEN_NETIF_RSP_OKAY; 548 int i; 549 550 for (i = 0; i < nr_meta_slots; i++) { 551 copy_op = npo->copy + npo->copy_cons++; 552 if (copy_op->status != GNTST_okay) { 553 netdev_dbg(vif->dev, 554 "Bad status %d from copy to DOM%d.\n", 555 copy_op->status, vif->domid); 556 status = XEN_NETIF_RSP_ERROR; 557 } 558 } 559 560 return status; 561 } 562 563 static void netbk_add_frag_responses(struct xenvif *vif, int status, 564 struct netbk_rx_meta *meta, 565 int nr_meta_slots) 566 { 567 int i; 568 unsigned long offset; 569 570 /* No fragments used */ 571 if (nr_meta_slots <= 1) 572 return; 573 574 nr_meta_slots--; 575 576 for (i = 0; i < nr_meta_slots; i++) { 577 int flags; 578 if (i == nr_meta_slots - 1) 579 flags = 0; 580 else 581 flags = XEN_NETRXF_more_data; 582 583 offset = 0; 584 make_rx_response(vif, meta[i].id, status, offset, 585 meta[i].size, flags); 586 } 587 } 588 589 struct skb_cb_overlay { 590 int meta_slots_used; 591 }; 592 593 static void xen_netbk_rx_action(struct xen_netbk *netbk) 594 { 595 struct xenvif *vif = NULL, *tmp; 596 s8 status; 597 u16 irq, flags; 598 struct xen_netif_rx_response *resp; 599 struct sk_buff_head rxq; 600 struct sk_buff *skb; 601 LIST_HEAD(notify); 602 int ret; 603 int nr_frags; 604 int count; 605 unsigned long offset; 606 struct skb_cb_overlay *sco; 607 608 struct netrx_pending_operations npo = { 609 .copy = netbk->grant_copy_op, 610 .meta = netbk->meta, 611 }; 612 613 skb_queue_head_init(&rxq); 614 615 count = 0; 616 617 while ((skb = skb_dequeue(&netbk->rx_queue)) != NULL) { 618 vif = netdev_priv(skb->dev); 619 nr_frags = skb_shinfo(skb)->nr_frags; 620 621 sco = (struct skb_cb_overlay *)skb->cb; 622 sco->meta_slots_used = netbk_gop_skb(skb, &npo); 623 624 count += nr_frags + 1; 625 626 __skb_queue_tail(&rxq, skb); 627 628 /* Filled the batch queue? */ 629 if (count + MAX_SKB_FRAGS >= XEN_NETIF_RX_RING_SIZE) 630 break; 631 } 632 633 BUG_ON(npo.meta_prod > ARRAY_SIZE(netbk->meta)); 634 635 if (!npo.copy_prod) 636 return; 637 638 BUG_ON(npo.copy_prod > ARRAY_SIZE(netbk->grant_copy_op)); 639 ret = HYPERVISOR_grant_table_op(GNTTABOP_copy, &netbk->grant_copy_op, 640 npo.copy_prod); 641 BUG_ON(ret != 0); 642 643 while ((skb = __skb_dequeue(&rxq)) != NULL) { 644 sco = (struct skb_cb_overlay *)skb->cb; 645 646 vif = netdev_priv(skb->dev); 647 648 if (netbk->meta[npo.meta_cons].gso_size && vif->gso_prefix) { 649 resp = RING_GET_RESPONSE(&vif->rx, 650 vif->rx.rsp_prod_pvt++); 651 652 resp->flags = XEN_NETRXF_gso_prefix | XEN_NETRXF_more_data; 653 654 resp->offset = netbk->meta[npo.meta_cons].gso_size; 655 resp->id = netbk->meta[npo.meta_cons].id; 656 resp->status = sco->meta_slots_used; 657 658 npo.meta_cons++; 659 sco->meta_slots_used--; 660 } 661 662 663 vif->dev->stats.tx_bytes += skb->len; 664 vif->dev->stats.tx_packets++; 665 666 status = netbk_check_gop(vif, sco->meta_slots_used, &npo); 667 668 if (sco->meta_slots_used == 1) 669 flags = 0; 670 else 671 flags = XEN_NETRXF_more_data; 672 673 if (skb->ip_summed == CHECKSUM_PARTIAL) /* local packet? */ 674 flags |= XEN_NETRXF_csum_blank | XEN_NETRXF_data_validated; 675 else if (skb->ip_summed == CHECKSUM_UNNECESSARY) 676 /* remote but checksummed. */ 677 flags |= XEN_NETRXF_data_validated; 678 679 offset = 0; 680 resp = make_rx_response(vif, netbk->meta[npo.meta_cons].id, 681 status, offset, 682 netbk->meta[npo.meta_cons].size, 683 flags); 684 685 if (netbk->meta[npo.meta_cons].gso_size && !vif->gso_prefix) { 686 struct xen_netif_extra_info *gso = 687 (struct xen_netif_extra_info *) 688 RING_GET_RESPONSE(&vif->rx, 689 vif->rx.rsp_prod_pvt++); 690 691 resp->flags |= XEN_NETRXF_extra_info; 692 693 gso->u.gso.size = netbk->meta[npo.meta_cons].gso_size; 694 gso->u.gso.type = XEN_NETIF_GSO_TYPE_TCPV4; 695 gso->u.gso.pad = 0; 696 gso->u.gso.features = 0; 697 698 gso->type = XEN_NETIF_EXTRA_TYPE_GSO; 699 gso->flags = 0; 700 } 701 702 netbk_add_frag_responses(vif, status, 703 netbk->meta + npo.meta_cons + 1, 704 sco->meta_slots_used); 705 706 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(&vif->rx, ret); 707 irq = vif->irq; 708 if (ret && list_empty(&vif->notify_list)) 709 list_add_tail(&vif->notify_list, ¬ify); 710 711 xenvif_notify_tx_completion(vif); 712 713 xenvif_put(vif); 714 npo.meta_cons += sco->meta_slots_used; 715 dev_kfree_skb(skb); 716 } 717 718 list_for_each_entry_safe(vif, tmp, ¬ify, notify_list) { 719 notify_remote_via_irq(vif->irq); 720 list_del_init(&vif->notify_list); 721 } 722 723 /* More work to do? */ 724 if (!skb_queue_empty(&netbk->rx_queue) && 725 !timer_pending(&netbk->net_timer)) 726 xen_netbk_kick_thread(netbk); 727 } 728 729 void xen_netbk_queue_tx_skb(struct xenvif *vif, struct sk_buff *skb) 730 { 731 struct xen_netbk *netbk = vif->netbk; 732 733 skb_queue_tail(&netbk->rx_queue, skb); 734 735 xen_netbk_kick_thread(netbk); 736 } 737 738 static void xen_netbk_alarm(unsigned long data) 739 { 740 struct xen_netbk *netbk = (struct xen_netbk *)data; 741 xen_netbk_kick_thread(netbk); 742 } 743 744 static int __on_net_schedule_list(struct xenvif *vif) 745 { 746 return !list_empty(&vif->schedule_list); 747 } 748 749 /* Must be called with net_schedule_list_lock held */ 750 static void remove_from_net_schedule_list(struct xenvif *vif) 751 { 752 if (likely(__on_net_schedule_list(vif))) { 753 list_del_init(&vif->schedule_list); 754 xenvif_put(vif); 755 } 756 } 757 758 static struct xenvif *poll_net_schedule_list(struct xen_netbk *netbk) 759 { 760 struct xenvif *vif = NULL; 761 762 spin_lock_irq(&netbk->net_schedule_list_lock); 763 if (list_empty(&netbk->net_schedule_list)) 764 goto out; 765 766 vif = list_first_entry(&netbk->net_schedule_list, 767 struct xenvif, schedule_list); 768 if (!vif) 769 goto out; 770 771 xenvif_get(vif); 772 773 remove_from_net_schedule_list(vif); 774 out: 775 spin_unlock_irq(&netbk->net_schedule_list_lock); 776 return vif; 777 } 778 779 void xen_netbk_schedule_xenvif(struct xenvif *vif) 780 { 781 unsigned long flags; 782 struct xen_netbk *netbk = vif->netbk; 783 784 if (__on_net_schedule_list(vif)) 785 goto kick; 786 787 spin_lock_irqsave(&netbk->net_schedule_list_lock, flags); 788 if (!__on_net_schedule_list(vif) && 789 likely(xenvif_schedulable(vif))) { 790 list_add_tail(&vif->schedule_list, &netbk->net_schedule_list); 791 xenvif_get(vif); 792 } 793 spin_unlock_irqrestore(&netbk->net_schedule_list_lock, flags); 794 795 kick: 796 smp_mb(); 797 if ((nr_pending_reqs(netbk) < (MAX_PENDING_REQS/2)) && 798 !list_empty(&netbk->net_schedule_list)) 799 xen_netbk_kick_thread(netbk); 800 } 801 802 void xen_netbk_deschedule_xenvif(struct xenvif *vif) 803 { 804 struct xen_netbk *netbk = vif->netbk; 805 spin_lock_irq(&netbk->net_schedule_list_lock); 806 remove_from_net_schedule_list(vif); 807 spin_unlock_irq(&netbk->net_schedule_list_lock); 808 } 809 810 void xen_netbk_check_rx_xenvif(struct xenvif *vif) 811 { 812 int more_to_do; 813 814 RING_FINAL_CHECK_FOR_REQUESTS(&vif->tx, more_to_do); 815 816 if (more_to_do) 817 xen_netbk_schedule_xenvif(vif); 818 } 819 820 static void tx_add_credit(struct xenvif *vif) 821 { 822 unsigned long max_burst, max_credit; 823 824 /* 825 * Allow a burst big enough to transmit a jumbo packet of up to 128kB. 826 * Otherwise the interface can seize up due to insufficient credit. 827 */ 828 max_burst = RING_GET_REQUEST(&vif->tx, vif->tx.req_cons)->size; 829 max_burst = min(max_burst, 131072UL); 830 max_burst = max(max_burst, vif->credit_bytes); 831 832 /* Take care that adding a new chunk of credit doesn't wrap to zero. */ 833 max_credit = vif->remaining_credit + vif->credit_bytes; 834 if (max_credit < vif->remaining_credit) 835 max_credit = ULONG_MAX; /* wrapped: clamp to ULONG_MAX */ 836 837 vif->remaining_credit = min(max_credit, max_burst); 838 } 839 840 static void tx_credit_callback(unsigned long data) 841 { 842 struct xenvif *vif = (struct xenvif *)data; 843 tx_add_credit(vif); 844 xen_netbk_check_rx_xenvif(vif); 845 } 846 847 static void netbk_tx_err(struct xenvif *vif, 848 struct xen_netif_tx_request *txp, RING_IDX end) 849 { 850 RING_IDX cons = vif->tx.req_cons; 851 852 do { 853 make_tx_response(vif, txp, XEN_NETIF_RSP_ERROR); 854 if (cons >= end) 855 break; 856 txp = RING_GET_REQUEST(&vif->tx, cons++); 857 } while (1); 858 vif->tx.req_cons = cons; 859 xen_netbk_check_rx_xenvif(vif); 860 xenvif_put(vif); 861 } 862 863 static int netbk_count_requests(struct xenvif *vif, 864 struct xen_netif_tx_request *first, 865 struct xen_netif_tx_request *txp, 866 int work_to_do) 867 { 868 RING_IDX cons = vif->tx.req_cons; 869 int frags = 0; 870 871 if (!(first->flags & XEN_NETTXF_more_data)) 872 return 0; 873 874 do { 875 if (frags >= work_to_do) { 876 netdev_dbg(vif->dev, "Need more frags\n"); 877 return -frags; 878 } 879 880 if (unlikely(frags >= MAX_SKB_FRAGS)) { 881 netdev_dbg(vif->dev, "Too many frags\n"); 882 return -frags; 883 } 884 885 memcpy(txp, RING_GET_REQUEST(&vif->tx, cons + frags), 886 sizeof(*txp)); 887 if (txp->size > first->size) { 888 netdev_dbg(vif->dev, "Frags galore\n"); 889 return -frags; 890 } 891 892 first->size -= txp->size; 893 frags++; 894 895 if (unlikely((txp->offset + txp->size) > PAGE_SIZE)) { 896 netdev_dbg(vif->dev, "txp->offset: %x, size: %u\n", 897 txp->offset, txp->size); 898 return -frags; 899 } 900 } while ((txp++)->flags & XEN_NETTXF_more_data); 901 return frags; 902 } 903 904 static struct page *xen_netbk_alloc_page(struct xen_netbk *netbk, 905 struct sk_buff *skb, 906 u16 pending_idx) 907 { 908 struct page *page; 909 page = alloc_page(GFP_KERNEL|__GFP_COLD); 910 if (!page) 911 return NULL; 912 set_page_ext(page, netbk, pending_idx); 913 netbk->mmap_pages[pending_idx] = page; 914 return page; 915 } 916 917 static struct gnttab_copy *xen_netbk_get_requests(struct xen_netbk *netbk, 918 struct xenvif *vif, 919 struct sk_buff *skb, 920 struct xen_netif_tx_request *txp, 921 struct gnttab_copy *gop) 922 { 923 struct skb_shared_info *shinfo = skb_shinfo(skb); 924 skb_frag_t *frags = shinfo->frags; 925 u16 pending_idx = *((u16 *)skb->data); 926 int i, start; 927 928 /* Skip first skb fragment if it is on same page as header fragment. */ 929 start = (frag_get_pending_idx(&shinfo->frags[0]) == pending_idx); 930 931 for (i = start; i < shinfo->nr_frags; i++, txp++) { 932 struct page *page; 933 pending_ring_idx_t index; 934 struct pending_tx_info *pending_tx_info = 935 netbk->pending_tx_info; 936 937 index = pending_index(netbk->pending_cons++); 938 pending_idx = netbk->pending_ring[index]; 939 page = xen_netbk_alloc_page(netbk, skb, pending_idx); 940 if (!page) 941 return NULL; 942 943 gop->source.u.ref = txp->gref; 944 gop->source.domid = vif->domid; 945 gop->source.offset = txp->offset; 946 947 gop->dest.u.gmfn = virt_to_mfn(page_address(page)); 948 gop->dest.domid = DOMID_SELF; 949 gop->dest.offset = txp->offset; 950 951 gop->len = txp->size; 952 gop->flags = GNTCOPY_source_gref; 953 954 gop++; 955 956 memcpy(&pending_tx_info[pending_idx].req, txp, sizeof(*txp)); 957 xenvif_get(vif); 958 pending_tx_info[pending_idx].vif = vif; 959 frag_set_pending_idx(&frags[i], pending_idx); 960 } 961 962 return gop; 963 } 964 965 static int xen_netbk_tx_check_gop(struct xen_netbk *netbk, 966 struct sk_buff *skb, 967 struct gnttab_copy **gopp) 968 { 969 struct gnttab_copy *gop = *gopp; 970 u16 pending_idx = *((u16 *)skb->data); 971 struct pending_tx_info *pending_tx_info = netbk->pending_tx_info; 972 struct xenvif *vif = pending_tx_info[pending_idx].vif; 973 struct xen_netif_tx_request *txp; 974 struct skb_shared_info *shinfo = skb_shinfo(skb); 975 int nr_frags = shinfo->nr_frags; 976 int i, err, start; 977 978 /* Check status of header. */ 979 err = gop->status; 980 if (unlikely(err)) { 981 pending_ring_idx_t index; 982 index = pending_index(netbk->pending_prod++); 983 txp = &pending_tx_info[pending_idx].req; 984 make_tx_response(vif, txp, XEN_NETIF_RSP_ERROR); 985 netbk->pending_ring[index] = pending_idx; 986 xenvif_put(vif); 987 } 988 989 /* Skip first skb fragment if it is on same page as header fragment. */ 990 start = (frag_get_pending_idx(&shinfo->frags[0]) == pending_idx); 991 992 for (i = start; i < nr_frags; i++) { 993 int j, newerr; 994 pending_ring_idx_t index; 995 996 pending_idx = frag_get_pending_idx(&shinfo->frags[i]); 997 998 /* Check error status: if okay then remember grant handle. */ 999 newerr = (++gop)->status; 1000 if (likely(!newerr)) { 1001 /* Had a previous error? Invalidate this fragment. */ 1002 if (unlikely(err)) 1003 xen_netbk_idx_release(netbk, pending_idx); 1004 continue; 1005 } 1006 1007 /* Error on this fragment: respond to client with an error. */ 1008 txp = &netbk->pending_tx_info[pending_idx].req; 1009 make_tx_response(vif, txp, XEN_NETIF_RSP_ERROR); 1010 index = pending_index(netbk->pending_prod++); 1011 netbk->pending_ring[index] = pending_idx; 1012 xenvif_put(vif); 1013 1014 /* Not the first error? Preceding frags already invalidated. */ 1015 if (err) 1016 continue; 1017 1018 /* First error: invalidate header and preceding fragments. */ 1019 pending_idx = *((u16 *)skb->data); 1020 xen_netbk_idx_release(netbk, pending_idx); 1021 for (j = start; j < i; j++) { 1022 pending_idx = frag_get_pending_idx(&shinfo->frags[j]); 1023 xen_netbk_idx_release(netbk, pending_idx); 1024 } 1025 1026 /* Remember the error: invalidate all subsequent fragments. */ 1027 err = newerr; 1028 } 1029 1030 *gopp = gop + 1; 1031 return err; 1032 } 1033 1034 static void xen_netbk_fill_frags(struct xen_netbk *netbk, struct sk_buff *skb) 1035 { 1036 struct skb_shared_info *shinfo = skb_shinfo(skb); 1037 int nr_frags = shinfo->nr_frags; 1038 int i; 1039 1040 for (i = 0; i < nr_frags; i++) { 1041 skb_frag_t *frag = shinfo->frags + i; 1042 struct xen_netif_tx_request *txp; 1043 struct page *page; 1044 u16 pending_idx; 1045 1046 pending_idx = frag_get_pending_idx(frag); 1047 1048 txp = &netbk->pending_tx_info[pending_idx].req; 1049 page = virt_to_page(idx_to_kaddr(netbk, pending_idx)); 1050 __skb_fill_page_desc(skb, i, page, txp->offset, txp->size); 1051 skb->len += txp->size; 1052 skb->data_len += txp->size; 1053 skb->truesize += txp->size; 1054 1055 /* Take an extra reference to offset xen_netbk_idx_release */ 1056 get_page(netbk->mmap_pages[pending_idx]); 1057 xen_netbk_idx_release(netbk, pending_idx); 1058 } 1059 } 1060 1061 static int xen_netbk_get_extras(struct xenvif *vif, 1062 struct xen_netif_extra_info *extras, 1063 int work_to_do) 1064 { 1065 struct xen_netif_extra_info extra; 1066 RING_IDX cons = vif->tx.req_cons; 1067 1068 do { 1069 if (unlikely(work_to_do-- <= 0)) { 1070 netdev_dbg(vif->dev, "Missing extra info\n"); 1071 return -EBADR; 1072 } 1073 1074 memcpy(&extra, RING_GET_REQUEST(&vif->tx, cons), 1075 sizeof(extra)); 1076 if (unlikely(!extra.type || 1077 extra.type >= XEN_NETIF_EXTRA_TYPE_MAX)) { 1078 vif->tx.req_cons = ++cons; 1079 netdev_dbg(vif->dev, 1080 "Invalid extra type: %d\n", extra.type); 1081 return -EINVAL; 1082 } 1083 1084 memcpy(&extras[extra.type - 1], &extra, sizeof(extra)); 1085 vif->tx.req_cons = ++cons; 1086 } while (extra.flags & XEN_NETIF_EXTRA_FLAG_MORE); 1087 1088 return work_to_do; 1089 } 1090 1091 static int netbk_set_skb_gso(struct xenvif *vif, 1092 struct sk_buff *skb, 1093 struct xen_netif_extra_info *gso) 1094 { 1095 if (!gso->u.gso.size) { 1096 netdev_dbg(vif->dev, "GSO size must not be zero.\n"); 1097 return -EINVAL; 1098 } 1099 1100 /* Currently only TCPv4 S.O. is supported. */ 1101 if (gso->u.gso.type != XEN_NETIF_GSO_TYPE_TCPV4) { 1102 netdev_dbg(vif->dev, "Bad GSO type %d.\n", gso->u.gso.type); 1103 return -EINVAL; 1104 } 1105 1106 skb_shinfo(skb)->gso_size = gso->u.gso.size; 1107 skb_shinfo(skb)->gso_type = SKB_GSO_TCPV4; 1108 1109 /* Header must be checked, and gso_segs computed. */ 1110 skb_shinfo(skb)->gso_type |= SKB_GSO_DODGY; 1111 skb_shinfo(skb)->gso_segs = 0; 1112 1113 return 0; 1114 } 1115 1116 static int checksum_setup(struct xenvif *vif, struct sk_buff *skb) 1117 { 1118 struct iphdr *iph; 1119 unsigned char *th; 1120 int err = -EPROTO; 1121 int recalculate_partial_csum = 0; 1122 1123 /* 1124 * A GSO SKB must be CHECKSUM_PARTIAL. However some buggy 1125 * peers can fail to set NETRXF_csum_blank when sending a GSO 1126 * frame. In this case force the SKB to CHECKSUM_PARTIAL and 1127 * recalculate the partial checksum. 1128 */ 1129 if (skb->ip_summed != CHECKSUM_PARTIAL && skb_is_gso(skb)) { 1130 vif->rx_gso_checksum_fixup++; 1131 skb->ip_summed = CHECKSUM_PARTIAL; 1132 recalculate_partial_csum = 1; 1133 } 1134 1135 /* A non-CHECKSUM_PARTIAL SKB does not require setup. */ 1136 if (skb->ip_summed != CHECKSUM_PARTIAL) 1137 return 0; 1138 1139 if (skb->protocol != htons(ETH_P_IP)) 1140 goto out; 1141 1142 iph = (void *)skb->data; 1143 th = skb->data + 4 * iph->ihl; 1144 if (th >= skb_tail_pointer(skb)) 1145 goto out; 1146 1147 skb->csum_start = th - skb->head; 1148 switch (iph->protocol) { 1149 case IPPROTO_TCP: 1150 skb->csum_offset = offsetof(struct tcphdr, check); 1151 1152 if (recalculate_partial_csum) { 1153 struct tcphdr *tcph = (struct tcphdr *)th; 1154 tcph->check = ~csum_tcpudp_magic(iph->saddr, iph->daddr, 1155 skb->len - iph->ihl*4, 1156 IPPROTO_TCP, 0); 1157 } 1158 break; 1159 case IPPROTO_UDP: 1160 skb->csum_offset = offsetof(struct udphdr, check); 1161 1162 if (recalculate_partial_csum) { 1163 struct udphdr *udph = (struct udphdr *)th; 1164 udph->check = ~csum_tcpudp_magic(iph->saddr, iph->daddr, 1165 skb->len - iph->ihl*4, 1166 IPPROTO_UDP, 0); 1167 } 1168 break; 1169 default: 1170 if (net_ratelimit()) 1171 netdev_err(vif->dev, 1172 "Attempting to checksum a non-TCP/UDP packet, dropping a protocol %d packet\n", 1173 iph->protocol); 1174 goto out; 1175 } 1176 1177 if ((th + skb->csum_offset + 2) > skb_tail_pointer(skb)) 1178 goto out; 1179 1180 err = 0; 1181 1182 out: 1183 return err; 1184 } 1185 1186 static bool tx_credit_exceeded(struct xenvif *vif, unsigned size) 1187 { 1188 unsigned long now = jiffies; 1189 unsigned long next_credit = 1190 vif->credit_timeout.expires + 1191 msecs_to_jiffies(vif->credit_usec / 1000); 1192 1193 /* Timer could already be pending in rare cases. */ 1194 if (timer_pending(&vif->credit_timeout)) 1195 return true; 1196 1197 /* Passed the point where we can replenish credit? */ 1198 if (time_after_eq(now, next_credit)) { 1199 vif->credit_timeout.expires = now; 1200 tx_add_credit(vif); 1201 } 1202 1203 /* Still too big to send right now? Set a callback. */ 1204 if (size > vif->remaining_credit) { 1205 vif->credit_timeout.data = 1206 (unsigned long)vif; 1207 vif->credit_timeout.function = 1208 tx_credit_callback; 1209 mod_timer(&vif->credit_timeout, 1210 next_credit); 1211 1212 return true; 1213 } 1214 1215 return false; 1216 } 1217 1218 static unsigned xen_netbk_tx_build_gops(struct xen_netbk *netbk) 1219 { 1220 struct gnttab_copy *gop = netbk->tx_copy_ops, *request_gop; 1221 struct sk_buff *skb; 1222 int ret; 1223 1224 while (((nr_pending_reqs(netbk) + MAX_SKB_FRAGS) < MAX_PENDING_REQS) && 1225 !list_empty(&netbk->net_schedule_list)) { 1226 struct xenvif *vif; 1227 struct xen_netif_tx_request txreq; 1228 struct xen_netif_tx_request txfrags[MAX_SKB_FRAGS]; 1229 struct page *page; 1230 struct xen_netif_extra_info extras[XEN_NETIF_EXTRA_TYPE_MAX-1]; 1231 u16 pending_idx; 1232 RING_IDX idx; 1233 int work_to_do; 1234 unsigned int data_len; 1235 pending_ring_idx_t index; 1236 1237 /* Get a netif from the list with work to do. */ 1238 vif = poll_net_schedule_list(netbk); 1239 if (!vif) 1240 continue; 1241 1242 RING_FINAL_CHECK_FOR_REQUESTS(&vif->tx, work_to_do); 1243 if (!work_to_do) { 1244 xenvif_put(vif); 1245 continue; 1246 } 1247 1248 idx = vif->tx.req_cons; 1249 rmb(); /* Ensure that we see the request before we copy it. */ 1250 memcpy(&txreq, RING_GET_REQUEST(&vif->tx, idx), sizeof(txreq)); 1251 1252 /* Credit-based scheduling. */ 1253 if (txreq.size > vif->remaining_credit && 1254 tx_credit_exceeded(vif, txreq.size)) { 1255 xenvif_put(vif); 1256 continue; 1257 } 1258 1259 vif->remaining_credit -= txreq.size; 1260 1261 work_to_do--; 1262 vif->tx.req_cons = ++idx; 1263 1264 memset(extras, 0, sizeof(extras)); 1265 if (txreq.flags & XEN_NETTXF_extra_info) { 1266 work_to_do = xen_netbk_get_extras(vif, extras, 1267 work_to_do); 1268 idx = vif->tx.req_cons; 1269 if (unlikely(work_to_do < 0)) { 1270 netbk_tx_err(vif, &txreq, idx); 1271 continue; 1272 } 1273 } 1274 1275 ret = netbk_count_requests(vif, &txreq, txfrags, work_to_do); 1276 if (unlikely(ret < 0)) { 1277 netbk_tx_err(vif, &txreq, idx - ret); 1278 continue; 1279 } 1280 idx += ret; 1281 1282 if (unlikely(txreq.size < ETH_HLEN)) { 1283 netdev_dbg(vif->dev, 1284 "Bad packet size: %d\n", txreq.size); 1285 netbk_tx_err(vif, &txreq, idx); 1286 continue; 1287 } 1288 1289 /* No crossing a page as the payload mustn't fragment. */ 1290 if (unlikely((txreq.offset + txreq.size) > PAGE_SIZE)) { 1291 netdev_dbg(vif->dev, 1292 "txreq.offset: %x, size: %u, end: %lu\n", 1293 txreq.offset, txreq.size, 1294 (txreq.offset&~PAGE_MASK) + txreq.size); 1295 netbk_tx_err(vif, &txreq, idx); 1296 continue; 1297 } 1298 1299 index = pending_index(netbk->pending_cons); 1300 pending_idx = netbk->pending_ring[index]; 1301 1302 data_len = (txreq.size > PKT_PROT_LEN && 1303 ret < MAX_SKB_FRAGS) ? 1304 PKT_PROT_LEN : txreq.size; 1305 1306 skb = alloc_skb(data_len + NET_SKB_PAD + NET_IP_ALIGN, 1307 GFP_ATOMIC | __GFP_NOWARN); 1308 if (unlikely(skb == NULL)) { 1309 netdev_dbg(vif->dev, 1310 "Can't allocate a skb in start_xmit.\n"); 1311 netbk_tx_err(vif, &txreq, idx); 1312 break; 1313 } 1314 1315 /* Packets passed to netif_rx() must have some headroom. */ 1316 skb_reserve(skb, NET_SKB_PAD + NET_IP_ALIGN); 1317 1318 if (extras[XEN_NETIF_EXTRA_TYPE_GSO - 1].type) { 1319 struct xen_netif_extra_info *gso; 1320 gso = &extras[XEN_NETIF_EXTRA_TYPE_GSO - 1]; 1321 1322 if (netbk_set_skb_gso(vif, skb, gso)) { 1323 kfree_skb(skb); 1324 netbk_tx_err(vif, &txreq, idx); 1325 continue; 1326 } 1327 } 1328 1329 /* XXX could copy straight to head */ 1330 page = xen_netbk_alloc_page(netbk, skb, pending_idx); 1331 if (!page) { 1332 kfree_skb(skb); 1333 netbk_tx_err(vif, &txreq, idx); 1334 continue; 1335 } 1336 1337 gop->source.u.ref = txreq.gref; 1338 gop->source.domid = vif->domid; 1339 gop->source.offset = txreq.offset; 1340 1341 gop->dest.u.gmfn = virt_to_mfn(page_address(page)); 1342 gop->dest.domid = DOMID_SELF; 1343 gop->dest.offset = txreq.offset; 1344 1345 gop->len = txreq.size; 1346 gop->flags = GNTCOPY_source_gref; 1347 1348 gop++; 1349 1350 memcpy(&netbk->pending_tx_info[pending_idx].req, 1351 &txreq, sizeof(txreq)); 1352 netbk->pending_tx_info[pending_idx].vif = vif; 1353 *((u16 *)skb->data) = pending_idx; 1354 1355 __skb_put(skb, data_len); 1356 1357 skb_shinfo(skb)->nr_frags = ret; 1358 if (data_len < txreq.size) { 1359 skb_shinfo(skb)->nr_frags++; 1360 frag_set_pending_idx(&skb_shinfo(skb)->frags[0], 1361 pending_idx); 1362 } else { 1363 frag_set_pending_idx(&skb_shinfo(skb)->frags[0], 1364 INVALID_PENDING_IDX); 1365 } 1366 1367 __skb_queue_tail(&netbk->tx_queue, skb); 1368 1369 netbk->pending_cons++; 1370 1371 request_gop = xen_netbk_get_requests(netbk, vif, 1372 skb, txfrags, gop); 1373 if (request_gop == NULL) { 1374 kfree_skb(skb); 1375 netbk_tx_err(vif, &txreq, idx); 1376 continue; 1377 } 1378 gop = request_gop; 1379 1380 vif->tx.req_cons = idx; 1381 xen_netbk_check_rx_xenvif(vif); 1382 1383 if ((gop-netbk->tx_copy_ops) >= ARRAY_SIZE(netbk->tx_copy_ops)) 1384 break; 1385 } 1386 1387 return gop - netbk->tx_copy_ops; 1388 } 1389 1390 static void xen_netbk_tx_submit(struct xen_netbk *netbk) 1391 { 1392 struct gnttab_copy *gop = netbk->tx_copy_ops; 1393 struct sk_buff *skb; 1394 1395 while ((skb = __skb_dequeue(&netbk->tx_queue)) != NULL) { 1396 struct xen_netif_tx_request *txp; 1397 struct xenvif *vif; 1398 u16 pending_idx; 1399 unsigned data_len; 1400 1401 pending_idx = *((u16 *)skb->data); 1402 vif = netbk->pending_tx_info[pending_idx].vif; 1403 txp = &netbk->pending_tx_info[pending_idx].req; 1404 1405 /* Check the remap error code. */ 1406 if (unlikely(xen_netbk_tx_check_gop(netbk, skb, &gop))) { 1407 netdev_dbg(vif->dev, "netback grant failed.\n"); 1408 skb_shinfo(skb)->nr_frags = 0; 1409 kfree_skb(skb); 1410 continue; 1411 } 1412 1413 data_len = skb->len; 1414 memcpy(skb->data, 1415 (void *)(idx_to_kaddr(netbk, pending_idx)|txp->offset), 1416 data_len); 1417 if (data_len < txp->size) { 1418 /* Append the packet payload as a fragment. */ 1419 txp->offset += data_len; 1420 txp->size -= data_len; 1421 } else { 1422 /* Schedule a response immediately. */ 1423 xen_netbk_idx_release(netbk, pending_idx); 1424 } 1425 1426 if (txp->flags & XEN_NETTXF_csum_blank) 1427 skb->ip_summed = CHECKSUM_PARTIAL; 1428 else if (txp->flags & XEN_NETTXF_data_validated) 1429 skb->ip_summed = CHECKSUM_UNNECESSARY; 1430 1431 xen_netbk_fill_frags(netbk, skb); 1432 1433 /* 1434 * If the initial fragment was < PKT_PROT_LEN then 1435 * pull through some bytes from the other fragments to 1436 * increase the linear region to PKT_PROT_LEN bytes. 1437 */ 1438 if (skb_headlen(skb) < PKT_PROT_LEN && skb_is_nonlinear(skb)) { 1439 int target = min_t(int, skb->len, PKT_PROT_LEN); 1440 __pskb_pull_tail(skb, target - skb_headlen(skb)); 1441 } 1442 1443 skb->dev = vif->dev; 1444 skb->protocol = eth_type_trans(skb, skb->dev); 1445 1446 if (checksum_setup(vif, skb)) { 1447 netdev_dbg(vif->dev, 1448 "Can't setup checksum in net_tx_action\n"); 1449 kfree_skb(skb); 1450 continue; 1451 } 1452 1453 vif->dev->stats.rx_bytes += skb->len; 1454 vif->dev->stats.rx_packets++; 1455 1456 xenvif_receive_skb(vif, skb); 1457 } 1458 } 1459 1460 /* Called after netfront has transmitted */ 1461 static void xen_netbk_tx_action(struct xen_netbk *netbk) 1462 { 1463 unsigned nr_gops; 1464 int ret; 1465 1466 nr_gops = xen_netbk_tx_build_gops(netbk); 1467 1468 if (nr_gops == 0) 1469 return; 1470 ret = HYPERVISOR_grant_table_op(GNTTABOP_copy, 1471 netbk->tx_copy_ops, nr_gops); 1472 BUG_ON(ret); 1473 1474 xen_netbk_tx_submit(netbk); 1475 1476 } 1477 1478 static void xen_netbk_idx_release(struct xen_netbk *netbk, u16 pending_idx) 1479 { 1480 struct xenvif *vif; 1481 struct pending_tx_info *pending_tx_info; 1482 pending_ring_idx_t index; 1483 1484 /* Already complete? */ 1485 if (netbk->mmap_pages[pending_idx] == NULL) 1486 return; 1487 1488 pending_tx_info = &netbk->pending_tx_info[pending_idx]; 1489 1490 vif = pending_tx_info->vif; 1491 1492 make_tx_response(vif, &pending_tx_info->req, XEN_NETIF_RSP_OKAY); 1493 1494 index = pending_index(netbk->pending_prod++); 1495 netbk->pending_ring[index] = pending_idx; 1496 1497 xenvif_put(vif); 1498 1499 netbk->mmap_pages[pending_idx]->mapping = 0; 1500 put_page(netbk->mmap_pages[pending_idx]); 1501 netbk->mmap_pages[pending_idx] = NULL; 1502 } 1503 1504 static void make_tx_response(struct xenvif *vif, 1505 struct xen_netif_tx_request *txp, 1506 s8 st) 1507 { 1508 RING_IDX i = vif->tx.rsp_prod_pvt; 1509 struct xen_netif_tx_response *resp; 1510 int notify; 1511 1512 resp = RING_GET_RESPONSE(&vif->tx, i); 1513 resp->id = txp->id; 1514 resp->status = st; 1515 1516 if (txp->flags & XEN_NETTXF_extra_info) 1517 RING_GET_RESPONSE(&vif->tx, ++i)->status = XEN_NETIF_RSP_NULL; 1518 1519 vif->tx.rsp_prod_pvt = ++i; 1520 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(&vif->tx, notify); 1521 if (notify) 1522 notify_remote_via_irq(vif->irq); 1523 } 1524 1525 static struct xen_netif_rx_response *make_rx_response(struct xenvif *vif, 1526 u16 id, 1527 s8 st, 1528 u16 offset, 1529 u16 size, 1530 u16 flags) 1531 { 1532 RING_IDX i = vif->rx.rsp_prod_pvt; 1533 struct xen_netif_rx_response *resp; 1534 1535 resp = RING_GET_RESPONSE(&vif->rx, i); 1536 resp->offset = offset; 1537 resp->flags = flags; 1538 resp->id = id; 1539 resp->status = (s16)size; 1540 if (st < 0) 1541 resp->status = (s16)st; 1542 1543 vif->rx.rsp_prod_pvt = ++i; 1544 1545 return resp; 1546 } 1547 1548 static inline int rx_work_todo(struct xen_netbk *netbk) 1549 { 1550 return !skb_queue_empty(&netbk->rx_queue); 1551 } 1552 1553 static inline int tx_work_todo(struct xen_netbk *netbk) 1554 { 1555 1556 if (((nr_pending_reqs(netbk) + MAX_SKB_FRAGS) < MAX_PENDING_REQS) && 1557 !list_empty(&netbk->net_schedule_list)) 1558 return 1; 1559 1560 return 0; 1561 } 1562 1563 static int xen_netbk_kthread(void *data) 1564 { 1565 struct xen_netbk *netbk = data; 1566 while (!kthread_should_stop()) { 1567 wait_event_interruptible(netbk->wq, 1568 rx_work_todo(netbk) || 1569 tx_work_todo(netbk) || 1570 kthread_should_stop()); 1571 cond_resched(); 1572 1573 if (kthread_should_stop()) 1574 break; 1575 1576 if (rx_work_todo(netbk)) 1577 xen_netbk_rx_action(netbk); 1578 1579 if (tx_work_todo(netbk)) 1580 xen_netbk_tx_action(netbk); 1581 } 1582 1583 return 0; 1584 } 1585 1586 void xen_netbk_unmap_frontend_rings(struct xenvif *vif) 1587 { 1588 if (vif->tx.sring) 1589 xenbus_unmap_ring_vfree(xenvif_to_xenbus_device(vif), 1590 vif->tx.sring); 1591 if (vif->rx.sring) 1592 xenbus_unmap_ring_vfree(xenvif_to_xenbus_device(vif), 1593 vif->rx.sring); 1594 } 1595 1596 int xen_netbk_map_frontend_rings(struct xenvif *vif, 1597 grant_ref_t tx_ring_ref, 1598 grant_ref_t rx_ring_ref) 1599 { 1600 void *addr; 1601 struct xen_netif_tx_sring *txs; 1602 struct xen_netif_rx_sring *rxs; 1603 1604 int err = -ENOMEM; 1605 1606 err = xenbus_map_ring_valloc(xenvif_to_xenbus_device(vif), 1607 tx_ring_ref, &addr); 1608 if (err) 1609 goto err; 1610 1611 txs = (struct xen_netif_tx_sring *)addr; 1612 BACK_RING_INIT(&vif->tx, txs, PAGE_SIZE); 1613 1614 err = xenbus_map_ring_valloc(xenvif_to_xenbus_device(vif), 1615 rx_ring_ref, &addr); 1616 if (err) 1617 goto err; 1618 1619 rxs = (struct xen_netif_rx_sring *)addr; 1620 BACK_RING_INIT(&vif->rx, rxs, PAGE_SIZE); 1621 1622 vif->rx_req_cons_peek = 0; 1623 1624 return 0; 1625 1626 err: 1627 xen_netbk_unmap_frontend_rings(vif); 1628 return err; 1629 } 1630 1631 static int __init netback_init(void) 1632 { 1633 int i; 1634 int rc = 0; 1635 int group; 1636 1637 if (!xen_domain()) 1638 return -ENODEV; 1639 1640 xen_netbk_group_nr = num_online_cpus(); 1641 xen_netbk = vzalloc(sizeof(struct xen_netbk) * xen_netbk_group_nr); 1642 if (!xen_netbk) 1643 return -ENOMEM; 1644 1645 for (group = 0; group < xen_netbk_group_nr; group++) { 1646 struct xen_netbk *netbk = &xen_netbk[group]; 1647 skb_queue_head_init(&netbk->rx_queue); 1648 skb_queue_head_init(&netbk->tx_queue); 1649 1650 init_timer(&netbk->net_timer); 1651 netbk->net_timer.data = (unsigned long)netbk; 1652 netbk->net_timer.function = xen_netbk_alarm; 1653 1654 netbk->pending_cons = 0; 1655 netbk->pending_prod = MAX_PENDING_REQS; 1656 for (i = 0; i < MAX_PENDING_REQS; i++) 1657 netbk->pending_ring[i] = i; 1658 1659 init_waitqueue_head(&netbk->wq); 1660 netbk->task = kthread_create(xen_netbk_kthread, 1661 (void *)netbk, 1662 "netback/%u", group); 1663 1664 if (IS_ERR(netbk->task)) { 1665 printk(KERN_ALERT "kthread_create() fails at netback\n"); 1666 del_timer(&netbk->net_timer); 1667 rc = PTR_ERR(netbk->task); 1668 goto failed_init; 1669 } 1670 1671 kthread_bind(netbk->task, group); 1672 1673 INIT_LIST_HEAD(&netbk->net_schedule_list); 1674 1675 spin_lock_init(&netbk->net_schedule_list_lock); 1676 1677 atomic_set(&netbk->netfront_count, 0); 1678 1679 wake_up_process(netbk->task); 1680 } 1681 1682 rc = xenvif_xenbus_init(); 1683 if (rc) 1684 goto failed_init; 1685 1686 return 0; 1687 1688 failed_init: 1689 while (--group >= 0) { 1690 struct xen_netbk *netbk = &xen_netbk[group]; 1691 for (i = 0; i < MAX_PENDING_REQS; i++) { 1692 if (netbk->mmap_pages[i]) 1693 __free_page(netbk->mmap_pages[i]); 1694 } 1695 del_timer(&netbk->net_timer); 1696 kthread_stop(netbk->task); 1697 } 1698 vfree(xen_netbk); 1699 return rc; 1700 1701 } 1702 1703 module_init(netback_init); 1704 1705 MODULE_LICENSE("Dual BSD/GPL"); 1706 MODULE_ALIAS("xen-backend:vif"); 1707