1 /* 2 * Driver giving user-space access to the kernel's xenbus connection 3 * to xenstore. 4 * 5 * Copyright (c) 2005, Christian Limpach 6 * Copyright (c) 2005, Rusty Russell, IBM Corporation 7 * 8 * This program is free software; you can redistribute it and/or 9 * modify it under the terms of the GNU General Public License version 2 10 * as published by the Free Software Foundation; or, when distributed 11 * separately from the Linux kernel or incorporated into other 12 * software packages, subject to the following license: 13 * 14 * Permission is hereby granted, free of charge, to any person obtaining a copy 15 * of this source file (the "Software"), to deal in the Software without 16 * restriction, including without limitation the rights to use, copy, modify, 17 * merge, publish, distribute, sublicense, and/or sell copies of the Software, 18 * and to permit persons to whom the Software is furnished to do so, subject to 19 * the following conditions: 20 * 21 * The above copyright notice and this permission notice shall be included in 22 * all copies or substantial portions of the Software. 23 * 24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 25 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 26 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 27 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 28 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING 29 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS 30 * IN THE SOFTWARE. 31 * 32 * Changes: 33 * 2008-10-07 Alex Zeffertt Replaced /proc/xen/xenbus with xenfs filesystem 34 * and /proc/xen compatibility mount point. 35 * Turned xenfs into a loadable module. 36 */ 37 38 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 39 40 #include <linux/kernel.h> 41 #include <linux/errno.h> 42 #include <linux/uio.h> 43 #include <linux/notifier.h> 44 #include <linux/wait.h> 45 #include <linux/fs.h> 46 #include <linux/poll.h> 47 #include <linux/mutex.h> 48 #include <linux/sched.h> 49 #include <linux/spinlock.h> 50 #include <linux/mount.h> 51 #include <linux/pagemap.h> 52 #include <linux/uaccess.h> 53 #include <linux/init.h> 54 #include <linux/namei.h> 55 #include <linux/string.h> 56 #include <linux/slab.h> 57 #include <linux/miscdevice.h> 58 #include <linux/workqueue.h> 59 60 #include <xen/xenbus.h> 61 #include <xen/xen.h> 62 #include <asm/xen/hypervisor.h> 63 64 #include "xenbus.h" 65 66 unsigned int xb_dev_generation_id; 67 68 /* 69 * An element of a list of outstanding transactions, for which we're 70 * still waiting a reply. 71 */ 72 struct xenbus_transaction_holder { 73 struct list_head list; 74 struct xenbus_transaction handle; 75 unsigned int generation_id; 76 }; 77 78 /* 79 * A buffer of data on the queue. 80 */ 81 struct read_buffer { 82 struct list_head list; 83 unsigned int cons; 84 unsigned int len; 85 char msg[]; 86 }; 87 88 struct xenbus_file_priv { 89 /* 90 * msgbuffer_mutex is held while partial requests are built up 91 * and complete requests are acted on. It therefore protects 92 * the "transactions" and "watches" lists, and the partial 93 * request length and buffer. 94 * 95 * reply_mutex protects the reply being built up to return to 96 * usermode. It nests inside msgbuffer_mutex but may be held 97 * alone during a watch callback. 98 */ 99 struct mutex msgbuffer_mutex; 100 101 /* In-progress transactions */ 102 struct list_head transactions; 103 104 /* Active watches. */ 105 struct list_head watches; 106 107 /* Partial request. */ 108 unsigned int len; 109 union { 110 struct xsd_sockmsg msg; 111 char buffer[XENSTORE_PAYLOAD_MAX]; 112 } u; 113 114 /* Response queue. */ 115 struct mutex reply_mutex; 116 struct list_head read_buffers; 117 wait_queue_head_t read_waitq; 118 119 struct kref kref; 120 121 struct work_struct wq; 122 }; 123 124 /* Read out any raw xenbus messages queued up. */ 125 static ssize_t xenbus_file_read(struct file *filp, 126 char __user *ubuf, 127 size_t len, loff_t *ppos) 128 { 129 struct xenbus_file_priv *u = filp->private_data; 130 struct read_buffer *rb; 131 unsigned i; 132 int ret; 133 134 mutex_lock(&u->reply_mutex); 135 again: 136 while (list_empty(&u->read_buffers)) { 137 mutex_unlock(&u->reply_mutex); 138 if (filp->f_flags & O_NONBLOCK) 139 return -EAGAIN; 140 141 ret = wait_event_interruptible(u->read_waitq, 142 !list_empty(&u->read_buffers)); 143 if (ret) 144 return ret; 145 mutex_lock(&u->reply_mutex); 146 } 147 148 rb = list_entry(u->read_buffers.next, struct read_buffer, list); 149 i = 0; 150 while (i < len) { 151 unsigned sz = min((unsigned)len - i, rb->len - rb->cons); 152 153 ret = copy_to_user(ubuf + i, &rb->msg[rb->cons], sz); 154 155 i += sz - ret; 156 rb->cons += sz - ret; 157 158 if (ret != 0) { 159 if (i == 0) 160 i = -EFAULT; 161 goto out; 162 } 163 164 /* Clear out buffer if it has been consumed */ 165 if (rb->cons == rb->len) { 166 list_del(&rb->list); 167 kfree(rb); 168 if (list_empty(&u->read_buffers)) 169 break; 170 rb = list_entry(u->read_buffers.next, 171 struct read_buffer, list); 172 } 173 } 174 if (i == 0) 175 goto again; 176 177 out: 178 mutex_unlock(&u->reply_mutex); 179 return i; 180 } 181 182 /* 183 * Add a buffer to the queue. Caller must hold the appropriate lock 184 * if the queue is not local. (Commonly the caller will build up 185 * multiple queued buffers on a temporary local list, and then add it 186 * to the appropriate list under lock once all the buffers have een 187 * successfully allocated.) 188 */ 189 static int queue_reply(struct list_head *queue, const void *data, size_t len) 190 { 191 struct read_buffer *rb; 192 193 if (len == 0) 194 return 0; 195 if (len > XENSTORE_PAYLOAD_MAX) 196 return -EINVAL; 197 198 rb = kmalloc(sizeof(*rb) + len, GFP_KERNEL); 199 if (rb == NULL) 200 return -ENOMEM; 201 202 rb->cons = 0; 203 rb->len = len; 204 205 memcpy(rb->msg, data, len); 206 207 list_add_tail(&rb->list, queue); 208 return 0; 209 } 210 211 /* 212 * Free all the read_buffer s on a list. 213 * Caller must have sole reference to list. 214 */ 215 static void queue_cleanup(struct list_head *list) 216 { 217 struct read_buffer *rb; 218 219 while (!list_empty(list)) { 220 rb = list_entry(list->next, struct read_buffer, list); 221 list_del(list->next); 222 kfree(rb); 223 } 224 } 225 226 struct watch_adapter { 227 struct list_head list; 228 struct xenbus_watch watch; 229 struct xenbus_file_priv *dev_data; 230 char *token; 231 }; 232 233 static void free_watch_adapter(struct watch_adapter *watch) 234 { 235 kfree(watch->watch.node); 236 kfree(watch->token); 237 kfree(watch); 238 } 239 240 static struct watch_adapter *alloc_watch_adapter(const char *path, 241 const char *token) 242 { 243 struct watch_adapter *watch; 244 245 watch = kzalloc(sizeof(*watch), GFP_KERNEL); 246 if (watch == NULL) 247 goto out_fail; 248 249 watch->watch.node = kstrdup(path, GFP_KERNEL); 250 if (watch->watch.node == NULL) 251 goto out_free; 252 253 watch->token = kstrdup(token, GFP_KERNEL); 254 if (watch->token == NULL) 255 goto out_free; 256 257 return watch; 258 259 out_free: 260 free_watch_adapter(watch); 261 262 out_fail: 263 return NULL; 264 } 265 266 static void watch_fired(struct xenbus_watch *watch, 267 const char *path, 268 const char *token) 269 { 270 struct watch_adapter *adap; 271 struct xsd_sockmsg hdr; 272 const char *token_caller; 273 int path_len, tok_len, body_len; 274 int ret; 275 LIST_HEAD(staging_q); 276 277 adap = container_of(watch, struct watch_adapter, watch); 278 279 token_caller = adap->token; 280 281 path_len = strlen(path) + 1; 282 tok_len = strlen(token_caller) + 1; 283 body_len = path_len + tok_len; 284 285 hdr.type = XS_WATCH_EVENT; 286 hdr.len = body_len; 287 288 mutex_lock(&adap->dev_data->reply_mutex); 289 290 ret = queue_reply(&staging_q, &hdr, sizeof(hdr)); 291 if (!ret) 292 ret = queue_reply(&staging_q, path, path_len); 293 if (!ret) 294 ret = queue_reply(&staging_q, token_caller, tok_len); 295 296 if (!ret) { 297 /* success: pass reply list onto watcher */ 298 list_splice_tail(&staging_q, &adap->dev_data->read_buffers); 299 wake_up(&adap->dev_data->read_waitq); 300 } else 301 queue_cleanup(&staging_q); 302 303 mutex_unlock(&adap->dev_data->reply_mutex); 304 } 305 306 static void xenbus_worker(struct work_struct *wq) 307 { 308 struct xenbus_file_priv *u; 309 struct xenbus_transaction_holder *trans, *tmp; 310 struct watch_adapter *watch, *tmp_watch; 311 struct read_buffer *rb, *tmp_rb; 312 313 u = container_of(wq, struct xenbus_file_priv, wq); 314 315 /* 316 * No need for locking here because there are no other users, 317 * by definition. 318 */ 319 320 list_for_each_entry_safe(trans, tmp, &u->transactions, list) { 321 xenbus_transaction_end(trans->handle, 1); 322 list_del(&trans->list); 323 kfree(trans); 324 } 325 326 list_for_each_entry_safe(watch, tmp_watch, &u->watches, list) { 327 unregister_xenbus_watch(&watch->watch); 328 list_del(&watch->list); 329 free_watch_adapter(watch); 330 } 331 332 list_for_each_entry_safe(rb, tmp_rb, &u->read_buffers, list) { 333 list_del(&rb->list); 334 kfree(rb); 335 } 336 kfree(u); 337 } 338 339 static void xenbus_file_free(struct kref *kref) 340 { 341 struct xenbus_file_priv *u; 342 343 /* 344 * We might be called in xenbus_thread(). 345 * Use workqueue to avoid deadlock. 346 */ 347 u = container_of(kref, struct xenbus_file_priv, kref); 348 schedule_work(&u->wq); 349 } 350 351 static struct xenbus_transaction_holder *xenbus_get_transaction( 352 struct xenbus_file_priv *u, uint32_t tx_id) 353 { 354 struct xenbus_transaction_holder *trans; 355 356 list_for_each_entry(trans, &u->transactions, list) 357 if (trans->handle.id == tx_id) 358 return trans; 359 360 return NULL; 361 } 362 363 void xenbus_dev_queue_reply(struct xb_req_data *req) 364 { 365 struct xenbus_file_priv *u = req->par; 366 struct xenbus_transaction_holder *trans = NULL; 367 int rc; 368 LIST_HEAD(staging_q); 369 370 xs_request_exit(req); 371 372 mutex_lock(&u->msgbuffer_mutex); 373 374 if (req->type == XS_TRANSACTION_START) { 375 trans = xenbus_get_transaction(u, 0); 376 if (WARN_ON(!trans)) 377 goto out; 378 if (req->msg.type == XS_ERROR) { 379 list_del(&trans->list); 380 kfree(trans); 381 } else { 382 rc = kstrtou32(req->body, 10, &trans->handle.id); 383 if (WARN_ON(rc)) 384 goto out; 385 } 386 } else if (req->type == XS_TRANSACTION_END) { 387 trans = xenbus_get_transaction(u, req->msg.tx_id); 388 if (WARN_ON(!trans)) 389 goto out; 390 list_del(&trans->list); 391 kfree(trans); 392 } 393 394 mutex_unlock(&u->msgbuffer_mutex); 395 396 mutex_lock(&u->reply_mutex); 397 rc = queue_reply(&staging_q, &req->msg, sizeof(req->msg)); 398 if (!rc) 399 rc = queue_reply(&staging_q, req->body, req->msg.len); 400 if (!rc) { 401 list_splice_tail(&staging_q, &u->read_buffers); 402 wake_up(&u->read_waitq); 403 } else { 404 queue_cleanup(&staging_q); 405 } 406 mutex_unlock(&u->reply_mutex); 407 408 kfree(req->body); 409 kfree(req); 410 411 kref_put(&u->kref, xenbus_file_free); 412 413 return; 414 415 out: 416 mutex_unlock(&u->msgbuffer_mutex); 417 } 418 419 static int xenbus_command_reply(struct xenbus_file_priv *u, 420 unsigned int msg_type, const char *reply) 421 { 422 struct { 423 struct xsd_sockmsg hdr; 424 char body[16]; 425 } msg; 426 int rc; 427 428 msg.hdr = u->u.msg; 429 msg.hdr.type = msg_type; 430 msg.hdr.len = strlen(reply) + 1; 431 if (msg.hdr.len > sizeof(msg.body)) 432 return -E2BIG; 433 memcpy(&msg.body, reply, msg.hdr.len); 434 435 mutex_lock(&u->reply_mutex); 436 rc = queue_reply(&u->read_buffers, &msg, sizeof(msg.hdr) + msg.hdr.len); 437 wake_up(&u->read_waitq); 438 mutex_unlock(&u->reply_mutex); 439 440 if (!rc) 441 kref_put(&u->kref, xenbus_file_free); 442 443 return rc; 444 } 445 446 static int xenbus_write_transaction(unsigned msg_type, 447 struct xenbus_file_priv *u) 448 { 449 int rc; 450 struct xenbus_transaction_holder *trans = NULL; 451 struct { 452 struct xsd_sockmsg hdr; 453 char body[]; 454 } *msg = (void *)u->u.buffer; 455 456 if (msg_type == XS_TRANSACTION_START) { 457 trans = kzalloc(sizeof(*trans), GFP_KERNEL); 458 if (!trans) { 459 rc = -ENOMEM; 460 goto out; 461 } 462 trans->generation_id = xb_dev_generation_id; 463 list_add(&trans->list, &u->transactions); 464 } else if (msg->hdr.tx_id != 0 && 465 !xenbus_get_transaction(u, msg->hdr.tx_id)) 466 return xenbus_command_reply(u, XS_ERROR, "ENOENT"); 467 else if (msg_type == XS_TRANSACTION_END && 468 !(msg->hdr.len == 2 && 469 (!strcmp(msg->body, "T") || !strcmp(msg->body, "F")))) 470 return xenbus_command_reply(u, XS_ERROR, "EINVAL"); 471 else if (msg_type == XS_TRANSACTION_END) { 472 trans = xenbus_get_transaction(u, msg->hdr.tx_id); 473 if (trans && trans->generation_id != xb_dev_generation_id) { 474 list_del(&trans->list); 475 kfree(trans); 476 if (!strcmp(msg->body, "T")) 477 return xenbus_command_reply(u, XS_ERROR, 478 "EAGAIN"); 479 else 480 return xenbus_command_reply(u, 481 XS_TRANSACTION_END, 482 "OK"); 483 } 484 } 485 486 rc = xenbus_dev_request_and_reply(&msg->hdr, u); 487 if (rc && trans) { 488 list_del(&trans->list); 489 kfree(trans); 490 } 491 492 out: 493 return rc; 494 } 495 496 static int xenbus_write_watch(unsigned msg_type, struct xenbus_file_priv *u) 497 { 498 struct watch_adapter *watch; 499 char *path, *token; 500 int err, rc; 501 502 path = u->u.buffer + sizeof(u->u.msg); 503 token = memchr(path, 0, u->u.msg.len); 504 if (token == NULL) { 505 rc = xenbus_command_reply(u, XS_ERROR, "EINVAL"); 506 goto out; 507 } 508 token++; 509 if (memchr(token, 0, u->u.msg.len - (token - path)) == NULL) { 510 rc = xenbus_command_reply(u, XS_ERROR, "EINVAL"); 511 goto out; 512 } 513 514 if (msg_type == XS_WATCH) { 515 watch = alloc_watch_adapter(path, token); 516 if (watch == NULL) { 517 rc = -ENOMEM; 518 goto out; 519 } 520 521 watch->watch.callback = watch_fired; 522 watch->dev_data = u; 523 524 err = register_xenbus_watch(&watch->watch); 525 if (err) { 526 free_watch_adapter(watch); 527 rc = err; 528 goto out; 529 } 530 list_add(&watch->list, &u->watches); 531 } else { 532 list_for_each_entry(watch, &u->watches, list) { 533 if (!strcmp(watch->token, token) && 534 !strcmp(watch->watch.node, path)) { 535 unregister_xenbus_watch(&watch->watch); 536 list_del(&watch->list); 537 free_watch_adapter(watch); 538 break; 539 } 540 } 541 } 542 543 /* Success. Synthesize a reply to say all is OK. */ 544 rc = xenbus_command_reply(u, msg_type, "OK"); 545 546 out: 547 return rc; 548 } 549 550 static ssize_t xenbus_file_write(struct file *filp, 551 const char __user *ubuf, 552 size_t len, loff_t *ppos) 553 { 554 struct xenbus_file_priv *u = filp->private_data; 555 uint32_t msg_type; 556 int rc = len; 557 int ret; 558 559 /* 560 * We're expecting usermode to be writing properly formed 561 * xenbus messages. If they write an incomplete message we 562 * buffer it up. Once it is complete, we act on it. 563 */ 564 565 /* 566 * Make sure concurrent writers can't stomp all over each 567 * other's messages and make a mess of our partial message 568 * buffer. We don't make any attemppt to stop multiple 569 * writers from making a mess of each other's incomplete 570 * messages; we're just trying to guarantee our own internal 571 * consistency and make sure that single writes are handled 572 * atomically. 573 */ 574 mutex_lock(&u->msgbuffer_mutex); 575 576 /* Get this out of the way early to avoid confusion */ 577 if (len == 0) 578 goto out; 579 580 /* Can't write a xenbus message larger we can buffer */ 581 if (len > sizeof(u->u.buffer) - u->len) { 582 /* On error, dump existing buffer */ 583 u->len = 0; 584 rc = -EINVAL; 585 goto out; 586 } 587 588 ret = copy_from_user(u->u.buffer + u->len, ubuf, len); 589 590 if (ret != 0) { 591 rc = -EFAULT; 592 goto out; 593 } 594 595 /* Deal with a partial copy. */ 596 len -= ret; 597 rc = len; 598 599 u->len += len; 600 601 /* Return if we haven't got a full message yet */ 602 if (u->len < sizeof(u->u.msg)) 603 goto out; /* not even the header yet */ 604 605 /* If we're expecting a message that's larger than we can 606 possibly send, dump what we have and return an error. */ 607 if ((sizeof(u->u.msg) + u->u.msg.len) > sizeof(u->u.buffer)) { 608 rc = -E2BIG; 609 u->len = 0; 610 goto out; 611 } 612 613 if (u->len < (sizeof(u->u.msg) + u->u.msg.len)) 614 goto out; /* incomplete data portion */ 615 616 /* 617 * OK, now we have a complete message. Do something with it. 618 */ 619 620 kref_get(&u->kref); 621 622 msg_type = u->u.msg.type; 623 624 switch (msg_type) { 625 case XS_WATCH: 626 case XS_UNWATCH: 627 /* (Un)Ask for some path to be watched for changes */ 628 ret = xenbus_write_watch(msg_type, u); 629 break; 630 631 default: 632 /* Send out a transaction */ 633 ret = xenbus_write_transaction(msg_type, u); 634 break; 635 } 636 if (ret != 0) { 637 rc = ret; 638 kref_put(&u->kref, xenbus_file_free); 639 } 640 641 /* Buffered message consumed */ 642 u->len = 0; 643 644 out: 645 mutex_unlock(&u->msgbuffer_mutex); 646 return rc; 647 } 648 649 static int xenbus_file_open(struct inode *inode, struct file *filp) 650 { 651 struct xenbus_file_priv *u; 652 653 if (xen_store_evtchn == 0) 654 return -ENOENT; 655 656 stream_open(inode, filp); 657 658 u = kzalloc(sizeof(*u), GFP_KERNEL); 659 if (u == NULL) 660 return -ENOMEM; 661 662 kref_init(&u->kref); 663 664 INIT_LIST_HEAD(&u->transactions); 665 INIT_LIST_HEAD(&u->watches); 666 INIT_LIST_HEAD(&u->read_buffers); 667 init_waitqueue_head(&u->read_waitq); 668 INIT_WORK(&u->wq, xenbus_worker); 669 670 mutex_init(&u->reply_mutex); 671 mutex_init(&u->msgbuffer_mutex); 672 673 filp->private_data = u; 674 675 return 0; 676 } 677 678 static int xenbus_file_release(struct inode *inode, struct file *filp) 679 { 680 struct xenbus_file_priv *u = filp->private_data; 681 682 kref_put(&u->kref, xenbus_file_free); 683 684 return 0; 685 } 686 687 static __poll_t xenbus_file_poll(struct file *file, poll_table *wait) 688 { 689 struct xenbus_file_priv *u = file->private_data; 690 691 poll_wait(file, &u->read_waitq, wait); 692 if (!list_empty(&u->read_buffers)) 693 return EPOLLIN | EPOLLRDNORM; 694 return 0; 695 } 696 697 const struct file_operations xen_xenbus_fops = { 698 .read = xenbus_file_read, 699 .write = xenbus_file_write, 700 .open = xenbus_file_open, 701 .release = xenbus_file_release, 702 .poll = xenbus_file_poll, 703 .llseek = no_llseek, 704 }; 705 EXPORT_SYMBOL_GPL(xen_xenbus_fops); 706 707 static struct miscdevice xenbus_dev = { 708 .minor = MISC_DYNAMIC_MINOR, 709 .name = "xen/xenbus", 710 .fops = &xen_xenbus_fops, 711 }; 712 713 static int __init xenbus_init(void) 714 { 715 int err; 716 717 if (!xen_domain()) 718 return -ENODEV; 719 720 err = misc_register(&xenbus_dev); 721 if (err) 722 pr_err("Could not register xenbus frontend device\n"); 723 return err; 724 } 725 device_initcall(xenbus_init); 726