xref: /openbmc/linux/drivers/xen/privcmd-buf.c (revision dd2934a95701576203b2f61e8ded4e4a2f9183ea)
1 // SPDX-License-Identifier: GPL-2.0 OR MIT
2 
3 /******************************************************************************
4  * privcmd-buf.c
5  *
6  * Mmap of hypercall buffers.
7  *
8  * Copyright (c) 2018 Juergen Gross
9  */
10 
11 #define pr_fmt(fmt) "xen:" KBUILD_MODNAME ": " fmt
12 
13 #include <linux/kernel.h>
14 #include <linux/module.h>
15 #include <linux/list.h>
16 #include <linux/miscdevice.h>
17 #include <linux/mm.h>
18 #include <linux/slab.h>
19 
20 #include "privcmd.h"
21 
22 MODULE_LICENSE("GPL");
23 
24 static unsigned int limit = 64;
25 module_param(limit, uint, 0644);
26 MODULE_PARM_DESC(limit, "Maximum number of pages that may be allocated by "
27 			"the privcmd-buf device per open file");
28 
29 struct privcmd_buf_private {
30 	struct mutex lock;
31 	struct list_head list;
32 	unsigned int allocated;
33 };
34 
35 struct privcmd_buf_vma_private {
36 	struct privcmd_buf_private *file_priv;
37 	struct list_head list;
38 	unsigned int users;
39 	unsigned int n_pages;
40 	struct page *pages[];
41 };
42 
43 static int privcmd_buf_open(struct inode *ino, struct file *file)
44 {
45 	struct privcmd_buf_private *file_priv;
46 
47 	file_priv = kzalloc(sizeof(*file_priv), GFP_KERNEL);
48 	if (!file_priv)
49 		return -ENOMEM;
50 
51 	mutex_init(&file_priv->lock);
52 	INIT_LIST_HEAD(&file_priv->list);
53 
54 	file->private_data = file_priv;
55 
56 	return 0;
57 }
58 
59 static void privcmd_buf_vmapriv_free(struct privcmd_buf_vma_private *vma_priv)
60 {
61 	unsigned int i;
62 
63 	vma_priv->file_priv->allocated -= vma_priv->n_pages;
64 
65 	list_del(&vma_priv->list);
66 
67 	for (i = 0; i < vma_priv->n_pages; i++)
68 		if (vma_priv->pages[i])
69 			__free_page(vma_priv->pages[i]);
70 
71 	kfree(vma_priv);
72 }
73 
74 static int privcmd_buf_release(struct inode *ino, struct file *file)
75 {
76 	struct privcmd_buf_private *file_priv = file->private_data;
77 	struct privcmd_buf_vma_private *vma_priv;
78 
79 	mutex_lock(&file_priv->lock);
80 
81 	while (!list_empty(&file_priv->list)) {
82 		vma_priv = list_first_entry(&file_priv->list,
83 					    struct privcmd_buf_vma_private,
84 					    list);
85 		privcmd_buf_vmapriv_free(vma_priv);
86 	}
87 
88 	mutex_unlock(&file_priv->lock);
89 
90 	kfree(file_priv);
91 
92 	return 0;
93 }
94 
95 static void privcmd_buf_vma_open(struct vm_area_struct *vma)
96 {
97 	struct privcmd_buf_vma_private *vma_priv = vma->vm_private_data;
98 
99 	if (!vma_priv)
100 		return;
101 
102 	mutex_lock(&vma_priv->file_priv->lock);
103 	vma_priv->users++;
104 	mutex_unlock(&vma_priv->file_priv->lock);
105 }
106 
107 static void privcmd_buf_vma_close(struct vm_area_struct *vma)
108 {
109 	struct privcmd_buf_vma_private *vma_priv = vma->vm_private_data;
110 	struct privcmd_buf_private *file_priv;
111 
112 	if (!vma_priv)
113 		return;
114 
115 	file_priv = vma_priv->file_priv;
116 
117 	mutex_lock(&file_priv->lock);
118 
119 	vma_priv->users--;
120 	if (!vma_priv->users)
121 		privcmd_buf_vmapriv_free(vma_priv);
122 
123 	mutex_unlock(&file_priv->lock);
124 }
125 
126 static vm_fault_t privcmd_buf_vma_fault(struct vm_fault *vmf)
127 {
128 	pr_debug("fault: vma=%p %lx-%lx, pgoff=%lx, uv=%p\n",
129 		 vmf->vma, vmf->vma->vm_start, vmf->vma->vm_end,
130 		 vmf->pgoff, (void *)vmf->address);
131 
132 	return VM_FAULT_SIGBUS;
133 }
134 
135 static const struct vm_operations_struct privcmd_buf_vm_ops = {
136 	.open = privcmd_buf_vma_open,
137 	.close = privcmd_buf_vma_close,
138 	.fault = privcmd_buf_vma_fault,
139 };
140 
141 static int privcmd_buf_mmap(struct file *file, struct vm_area_struct *vma)
142 {
143 	struct privcmd_buf_private *file_priv = file->private_data;
144 	struct privcmd_buf_vma_private *vma_priv;
145 	unsigned long count = vma_pages(vma);
146 	unsigned int i;
147 	int ret = 0;
148 
149 	if (!(vma->vm_flags & VM_SHARED) || count > limit ||
150 	    file_priv->allocated + count > limit)
151 		return -EINVAL;
152 
153 	vma_priv = kzalloc(sizeof(*vma_priv) + count * sizeof(void *),
154 			   GFP_KERNEL);
155 	if (!vma_priv)
156 		return -ENOMEM;
157 
158 	vma_priv->n_pages = count;
159 	count = 0;
160 	for (i = 0; i < vma_priv->n_pages; i++) {
161 		vma_priv->pages[i] = alloc_page(GFP_KERNEL | __GFP_ZERO);
162 		if (!vma_priv->pages[i])
163 			break;
164 		count++;
165 	}
166 
167 	mutex_lock(&file_priv->lock);
168 
169 	file_priv->allocated += count;
170 
171 	vma_priv->file_priv = file_priv;
172 	vma_priv->users = 1;
173 
174 	vma->vm_flags |= VM_IO | VM_DONTEXPAND;
175 	vma->vm_ops = &privcmd_buf_vm_ops;
176 	vma->vm_private_data = vma_priv;
177 
178 	list_add(&vma_priv->list, &file_priv->list);
179 
180 	if (vma_priv->n_pages != count)
181 		ret = -ENOMEM;
182 	else
183 		for (i = 0; i < vma_priv->n_pages; i++) {
184 			ret = vm_insert_page(vma, vma->vm_start + i * PAGE_SIZE,
185 					     vma_priv->pages[i]);
186 			if (ret)
187 				break;
188 		}
189 
190 	if (ret)
191 		privcmd_buf_vmapriv_free(vma_priv);
192 
193 	mutex_unlock(&file_priv->lock);
194 
195 	return ret;
196 }
197 
198 const struct file_operations xen_privcmdbuf_fops = {
199 	.owner = THIS_MODULE,
200 	.open = privcmd_buf_open,
201 	.release = privcmd_buf_release,
202 	.mmap = privcmd_buf_mmap,
203 };
204 EXPORT_SYMBOL_GPL(xen_privcmdbuf_fops);
205 
206 struct miscdevice xen_privcmdbuf_dev = {
207 	.minor = MISC_DYNAMIC_MINOR,
208 	.name = "xen/hypercall",
209 	.fops = &xen_privcmdbuf_fops,
210 };
211