1 /* 2 * QEMU Xen emulation: Shared/overlay pages support 3 * 4 * Copyright © 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved. 5 * 6 * Authors: David Woodhouse <dwmw2@infradead.org> 7 * 8 * This work is licensed under the terms of the GNU GPL, version 2 or later. 9 * See the COPYING file in the top-level directory. 10 */ 11 12 #include "qemu/osdep.h" 13 14 #include "qemu/host-utils.h" 15 #include "qemu/module.h" 16 #include "qemu/main-loop.h" 17 #include "qemu/cutils.h" 18 #include "qapi/error.h" 19 #include "qom/object.h" 20 #include "migration/vmstate.h" 21 22 #include "hw/sysbus.h" 23 #include "hw/xen/xen.h" 24 #include "xen_overlay.h" 25 #include "xen_evtchn.h" 26 #include "xen_xenstore.h" 27 28 #include "sysemu/kvm.h" 29 #include "sysemu/kvm_xen.h" 30 31 #include "trace.h" 32 33 #include "xenstore_impl.h" 34 35 #include "hw/xen/interface/io/xs_wire.h" 36 #include "hw/xen/interface/event_channel.h" 37 38 #define TYPE_XEN_XENSTORE "xen-xenstore" 39 OBJECT_DECLARE_SIMPLE_TYPE(XenXenstoreState, XEN_XENSTORE) 40 41 #define ENTRIES_PER_FRAME_V1 (XEN_PAGE_SIZE / sizeof(grant_entry_v1_t)) 42 #define ENTRIES_PER_FRAME_V2 (XEN_PAGE_SIZE / sizeof(grant_entry_v2_t)) 43 44 #define XENSTORE_HEADER_SIZE ((unsigned int)sizeof(struct xsd_sockmsg)) 45 46 struct XenXenstoreState { 47 /*< private >*/ 48 SysBusDevice busdev; 49 /*< public >*/ 50 51 XenstoreImplState *impl; 52 GList *watch_events; 53 54 MemoryRegion xenstore_page; 55 struct xenstore_domain_interface *xs; 56 uint8_t req_data[XENSTORE_HEADER_SIZE + XENSTORE_PAYLOAD_MAX]; 57 uint8_t rsp_data[XENSTORE_HEADER_SIZE + XENSTORE_PAYLOAD_MAX]; 58 uint32_t req_offset; 59 uint32_t rsp_offset; 60 bool rsp_pending; 61 bool fatal_error; 62 63 evtchn_port_t guest_port; 64 evtchn_port_t be_port; 65 struct xenevtchn_handle *eh; 66 67 uint8_t *impl_state; 68 uint32_t impl_state_size; 69 }; 70 71 struct XenXenstoreState *xen_xenstore_singleton; 72 73 static void xen_xenstore_event(void *opaque); 74 static void fire_watch_cb(void *opaque, const char *path, const char *token); 75 76 static void G_GNUC_PRINTF (4, 5) relpath_printf(XenXenstoreState *s, 77 GList *perms, 78 const char *relpath, 79 const char *fmt, ...) 80 { 81 gchar *abspath; 82 gchar *value; 83 va_list args; 84 GByteArray *data; 85 int err; 86 87 abspath = g_strdup_printf("/local/domain/%u/%s", xen_domid, relpath); 88 va_start(args, fmt); 89 value = g_strdup_vprintf(fmt, args); 90 va_end(args); 91 92 data = g_byte_array_new_take((void *)value, strlen(value)); 93 94 err = xs_impl_write(s->impl, DOMID_QEMU, XBT_NULL, abspath, data); 95 assert(!err); 96 97 g_byte_array_unref(data); 98 99 err = xs_impl_set_perms(s->impl, DOMID_QEMU, XBT_NULL, abspath, perms); 100 assert(!err); 101 102 g_free(abspath); 103 } 104 105 static void xen_xenstore_realize(DeviceState *dev, Error **errp) 106 { 107 XenXenstoreState *s = XEN_XENSTORE(dev); 108 GList *perms; 109 110 if (xen_mode != XEN_EMULATE) { 111 error_setg(errp, "Xen xenstore support is for Xen emulation"); 112 return; 113 } 114 memory_region_init_ram(&s->xenstore_page, OBJECT(dev), "xen:xenstore_page", 115 XEN_PAGE_SIZE, &error_abort); 116 memory_region_set_enabled(&s->xenstore_page, true); 117 s->xs = memory_region_get_ram_ptr(&s->xenstore_page); 118 memset(s->xs, 0, XEN_PAGE_SIZE); 119 120 /* We can't map it this early as KVM isn't ready */ 121 xen_xenstore_singleton = s; 122 123 s->eh = xen_be_evtchn_open(); 124 if (!s->eh) { 125 error_setg(errp, "Xenstore evtchn port init failed"); 126 return; 127 } 128 aio_set_fd_handler(qemu_get_aio_context(), xen_be_evtchn_fd(s->eh), true, 129 xen_xenstore_event, NULL, NULL, NULL, s); 130 131 s->impl = xs_impl_create(xen_domid); 132 133 /* Populate the default nodes */ 134 135 /* Nodes owned by 'dom0' but readable by the guest */ 136 perms = g_list_append(NULL, xs_perm_as_string(XS_PERM_NONE, DOMID_QEMU)); 137 perms = g_list_append(perms, xs_perm_as_string(XS_PERM_READ, xen_domid)); 138 139 relpath_printf(s, perms, "", "%s", ""); 140 141 relpath_printf(s, perms, "domid", "%u", xen_domid); 142 143 relpath_printf(s, perms, "control/platform-feature-xs_reset_watches", "%u", 1); 144 relpath_printf(s, perms, "control/platform-feature-multiprocessor-suspend", "%u", 1); 145 146 relpath_printf(s, perms, "platform/acpi", "%u", 1); 147 relpath_printf(s, perms, "platform/acpi_s3", "%u", 1); 148 relpath_printf(s, perms, "platform/acpi_s4", "%u", 1); 149 relpath_printf(s, perms, "platform/acpi_laptop_slate", "%u", 0); 150 151 g_list_free_full(perms, g_free); 152 153 /* Nodes owned by the guest */ 154 perms = g_list_append(NULL, xs_perm_as_string(XS_PERM_NONE, xen_domid)); 155 156 relpath_printf(s, perms, "attr", "%s", ""); 157 158 relpath_printf(s, perms, "control/shutdown", "%s", ""); 159 relpath_printf(s, perms, "control/feature-poweroff", "%u", 1); 160 relpath_printf(s, perms, "control/feature-reboot", "%u", 1); 161 relpath_printf(s, perms, "control/feature-suspend", "%u", 1); 162 relpath_printf(s, perms, "control/feature-s3", "%u", 1); 163 relpath_printf(s, perms, "control/feature-s4", "%u", 1); 164 165 relpath_printf(s, perms, "data", "%s", ""); 166 relpath_printf(s, perms, "device", "%s", ""); 167 relpath_printf(s, perms, "drivers", "%s", ""); 168 relpath_printf(s, perms, "error", "%s", ""); 169 relpath_printf(s, perms, "feature", "%s", ""); 170 171 g_list_free_full(perms, g_free); 172 } 173 174 static bool xen_xenstore_is_needed(void *opaque) 175 { 176 return xen_mode == XEN_EMULATE; 177 } 178 179 static int xen_xenstore_pre_save(void *opaque) 180 { 181 XenXenstoreState *s = opaque; 182 GByteArray *save; 183 184 if (s->eh) { 185 s->guest_port = xen_be_evtchn_get_guest_port(s->eh); 186 } 187 188 g_free(s->impl_state); 189 save = xs_impl_serialize(s->impl); 190 s->impl_state = save->data; 191 s->impl_state_size = save->len; 192 g_byte_array_free(save, false); 193 194 return 0; 195 } 196 197 static int xen_xenstore_post_load(void *opaque, int ver) 198 { 199 XenXenstoreState *s = opaque; 200 GByteArray *save; 201 int ret; 202 203 /* 204 * As qemu/dom0, rebind to the guest's port. The Windows drivers may 205 * unbind the XenStore evtchn and rebind to it, having obtained the 206 * "remote" port through EVTCHNOP_status. In the case that migration 207 * occurs while it's unbound, the "remote" port needs to be the same 208 * as before so that the guest can find it, but should remain unbound. 209 */ 210 if (s->guest_port) { 211 int be_port = xen_be_evtchn_bind_interdomain(s->eh, xen_domid, 212 s->guest_port); 213 if (be_port < 0) { 214 return be_port; 215 } 216 s->be_port = be_port; 217 } 218 219 save = g_byte_array_new_take(s->impl_state, s->impl_state_size); 220 s->impl_state = NULL; 221 s->impl_state_size = 0; 222 223 ret = xs_impl_deserialize(s->impl, save, xen_domid, fire_watch_cb, s); 224 return ret; 225 } 226 227 static const VMStateDescription xen_xenstore_vmstate = { 228 .name = "xen_xenstore", 229 .unmigratable = 1, /* The PV back ends don't migrate yet */ 230 .version_id = 1, 231 .minimum_version_id = 1, 232 .needed = xen_xenstore_is_needed, 233 .pre_save = xen_xenstore_pre_save, 234 .post_load = xen_xenstore_post_load, 235 .fields = (VMStateField[]) { 236 VMSTATE_UINT8_ARRAY(req_data, XenXenstoreState, 237 sizeof_field(XenXenstoreState, req_data)), 238 VMSTATE_UINT8_ARRAY(rsp_data, XenXenstoreState, 239 sizeof_field(XenXenstoreState, rsp_data)), 240 VMSTATE_UINT32(req_offset, XenXenstoreState), 241 VMSTATE_UINT32(rsp_offset, XenXenstoreState), 242 VMSTATE_BOOL(rsp_pending, XenXenstoreState), 243 VMSTATE_UINT32(guest_port, XenXenstoreState), 244 VMSTATE_BOOL(fatal_error, XenXenstoreState), 245 VMSTATE_UINT32(impl_state_size, XenXenstoreState), 246 VMSTATE_VARRAY_UINT32_ALLOC(impl_state, XenXenstoreState, 247 impl_state_size, 0, 248 vmstate_info_uint8, uint8_t), 249 VMSTATE_END_OF_LIST() 250 } 251 }; 252 253 static void xen_xenstore_class_init(ObjectClass *klass, void *data) 254 { 255 DeviceClass *dc = DEVICE_CLASS(klass); 256 257 dc->realize = xen_xenstore_realize; 258 dc->vmsd = &xen_xenstore_vmstate; 259 } 260 261 static const TypeInfo xen_xenstore_info = { 262 .name = TYPE_XEN_XENSTORE, 263 .parent = TYPE_SYS_BUS_DEVICE, 264 .instance_size = sizeof(XenXenstoreState), 265 .class_init = xen_xenstore_class_init, 266 }; 267 268 void xen_xenstore_create(void) 269 { 270 DeviceState *dev = sysbus_create_simple(TYPE_XEN_XENSTORE, -1, NULL); 271 272 xen_xenstore_singleton = XEN_XENSTORE(dev); 273 274 /* 275 * Defer the init (xen_xenstore_reset()) until KVM is set up and the 276 * overlay page can be mapped. 277 */ 278 } 279 280 static void xen_xenstore_register_types(void) 281 { 282 type_register_static(&xen_xenstore_info); 283 } 284 285 type_init(xen_xenstore_register_types) 286 287 uint16_t xen_xenstore_get_port(void) 288 { 289 XenXenstoreState *s = xen_xenstore_singleton; 290 if (!s) { 291 return 0; 292 } 293 return s->guest_port; 294 } 295 296 static bool req_pending(XenXenstoreState *s) 297 { 298 struct xsd_sockmsg *req = (struct xsd_sockmsg *)s->req_data; 299 300 return s->req_offset == XENSTORE_HEADER_SIZE + req->len; 301 } 302 303 static void reset_req(XenXenstoreState *s) 304 { 305 memset(s->req_data, 0, sizeof(s->req_data)); 306 s->req_offset = 0; 307 } 308 309 static void reset_rsp(XenXenstoreState *s) 310 { 311 s->rsp_pending = false; 312 313 memset(s->rsp_data, 0, sizeof(s->rsp_data)); 314 s->rsp_offset = 0; 315 } 316 317 static void xs_error(XenXenstoreState *s, unsigned int id, 318 xs_transaction_t tx_id, int errnum) 319 { 320 struct xsd_sockmsg *rsp = (struct xsd_sockmsg *)s->rsp_data; 321 const char *errstr = NULL; 322 323 for (unsigned int i = 0; i < ARRAY_SIZE(xsd_errors); i++) { 324 struct xsd_errors *xsd_error = &xsd_errors[i]; 325 326 if (xsd_error->errnum == errnum) { 327 errstr = xsd_error->errstring; 328 break; 329 } 330 } 331 assert(errstr); 332 333 trace_xenstore_error(id, tx_id, errstr); 334 335 rsp->type = XS_ERROR; 336 rsp->req_id = id; 337 rsp->tx_id = tx_id; 338 rsp->len = (uint32_t)strlen(errstr) + 1; 339 340 memcpy(&rsp[1], errstr, rsp->len); 341 } 342 343 static void xs_ok(XenXenstoreState *s, unsigned int type, unsigned int req_id, 344 xs_transaction_t tx_id) 345 { 346 struct xsd_sockmsg *rsp = (struct xsd_sockmsg *)s->rsp_data; 347 const char *okstr = "OK"; 348 349 rsp->type = type; 350 rsp->req_id = req_id; 351 rsp->tx_id = tx_id; 352 rsp->len = (uint32_t)strlen(okstr) + 1; 353 354 memcpy(&rsp[1], okstr, rsp->len); 355 } 356 357 /* 358 * The correct request and response formats are documented in xen.git: 359 * docs/misc/xenstore.txt. A summary is given below for convenience. 360 * The '|' symbol represents a NUL character. 361 * 362 * ---------- Database read, write and permissions operations ---------- 363 * 364 * READ <path>| <value|> 365 * WRITE <path>|<value|> 366 * Store and read the octet string <value> at <path>. 367 * WRITE creates any missing parent paths, with empty values. 368 * 369 * MKDIR <path>| 370 * Ensures that the <path> exists, by necessary by creating 371 * it and any missing parents with empty values. If <path> 372 * or any parent already exists, its value is left unchanged. 373 * 374 * RM <path>| 375 * Ensures that the <path> does not exist, by deleting 376 * it and all of its children. It is not an error if <path> does 377 * not exist, but it _is_ an error if <path>'s immediate parent 378 * does not exist either. 379 * 380 * DIRECTORY <path>| <child-leaf-name>|* 381 * Gives a list of the immediate children of <path>, as only the 382 * leafnames. The resulting children are each named 383 * <path>/<child-leaf-name>. 384 * 385 * DIRECTORY_PART <path>|<offset> <gencnt>|<child-leaf-name>|* 386 * Same as DIRECTORY, but to be used for children lists longer than 387 * XENSTORE_PAYLOAD_MAX. Input are <path> and the byte offset into 388 * the list of children to return. Return values are the generation 389 * count <gencnt> of the node (to be used to ensure the node hasn't 390 * changed between two reads: <gencnt> being the same for multiple 391 * reads guarantees the node hasn't changed) and the list of children 392 * starting at the specified <offset> of the complete list. 393 * 394 * GET_PERMS <path>| <perm-as-string>|+ 395 * SET_PERMS <path>|<perm-as-string>|+? 396 * <perm-as-string> is one of the following 397 * w<domid> write only 398 * r<domid> read only 399 * b<domid> both read and write 400 * n<domid> no access 401 * See https://wiki.xen.org/wiki/XenBus section 402 * `Permissions' for details of the permissions system. 403 * It is possible to set permissions for the special watch paths 404 * "@introduceDomain" and "@releaseDomain" to enable receiving those 405 * watches in unprivileged domains. 406 * 407 * ---------- Watches ---------- 408 * 409 * WATCH <wpath>|<token>|? 410 * Adds a watch. 411 * 412 * When a <path> is modified (including path creation, removal, 413 * contents change or permissions change) this generates an event 414 * on the changed <path>. Changes made in transactions cause an 415 * event only if and when committed. Each occurring event is 416 * matched against all the watches currently set up, and each 417 * matching watch results in a WATCH_EVENT message (see below). 418 * 419 * The event's path matches the watch's <wpath> if it is an child 420 * of <wpath>. 421 * 422 * <wpath> can be a <path> to watch or @<wspecial>. In the 423 * latter case <wspecial> may have any syntax but it matches 424 * (according to the rules above) only the following special 425 * events which are invented by xenstored: 426 * @introduceDomain occurs on INTRODUCE 427 * @releaseDomain occurs on any domain crash or 428 * shutdown, and also on RELEASE 429 * and domain destruction 430 * <wspecial> events are sent to privileged callers or explicitly 431 * via SET_PERMS enabled domains only. 432 * 433 * When a watch is first set up it is triggered once straight 434 * away, with <path> equal to <wpath>. Watches may be triggered 435 * spuriously. The tx_id in a WATCH request is ignored. 436 * 437 * Watches are supposed to be restricted by the permissions 438 * system but in practice the implementation is imperfect. 439 * Applications should not rely on being sent a notification for 440 * paths that they cannot read; however, an application may rely 441 * on being sent a watch when a path which it _is_ able to read 442 * is deleted even if that leaves only a nonexistent unreadable 443 * parent. A notification may omitted if a node's permissions 444 * are changed so as to make it unreadable, in which case future 445 * notifications may be suppressed (and if the node is later made 446 * readable, some notifications may have been lost). 447 * 448 * WATCH_EVENT <epath>|<token>| 449 * Unsolicited `reply' generated for matching modification events 450 * as described above. req_id and tx_id are both 0. 451 * 452 * <epath> is the event's path, ie the actual path that was 453 * modified; however if the event was the recursive removal of an 454 * parent of <wpath>, <epath> is just 455 * <wpath> (rather than the actual path which was removed). So 456 * <epath> is a child of <wpath>, regardless. 457 * 458 * Iff <wpath> for the watch was specified as a relative pathname, 459 * the <epath> path will also be relative (with the same base, 460 * obviously). 461 * 462 * UNWATCH <wpath>|<token>|? 463 * 464 * RESET_WATCHES | 465 * Reset all watches and transactions of the caller. 466 * 467 * ---------- Transactions ---------- 468 * 469 * TRANSACTION_START | <transid>| 470 * <transid> is an opaque uint32_t allocated by xenstored 471 * represented as unsigned decimal. After this, transaction may 472 * be referenced by using <transid> (as 32-bit binary) in the 473 * tx_id request header field. When transaction is started whole 474 * db is copied; reads and writes happen on the copy. 475 * It is not legal to send non-0 tx_id in TRANSACTION_START. 476 * 477 * TRANSACTION_END T| 478 * TRANSACTION_END F| 479 * tx_id must refer to existing transaction. After this 480 * request the tx_id is no longer valid and may be reused by 481 * xenstore. If F, the transaction is discarded. If T, 482 * it is committed: if there were any other intervening writes 483 * then our END gets get EAGAIN. 484 * 485 * The plan is that in the future only intervening `conflicting' 486 * writes cause EAGAIN, meaning only writes or other commits 487 * which changed paths which were read or written in the 488 * transaction at hand. 489 * 490 */ 491 492 static void xs_read(XenXenstoreState *s, unsigned int req_id, 493 xs_transaction_t tx_id, uint8_t *req_data, unsigned int len) 494 { 495 const char *path = (const char *)req_data; 496 struct xsd_sockmsg *rsp = (struct xsd_sockmsg *)s->rsp_data; 497 uint8_t *rsp_data = (uint8_t *)&rsp[1]; 498 g_autoptr(GByteArray) data = g_byte_array_new(); 499 int err; 500 501 if (len == 0 || req_data[len - 1] != '\0') { 502 xs_error(s, req_id, tx_id, EINVAL); 503 return; 504 } 505 506 trace_xenstore_read(tx_id, path); 507 err = xs_impl_read(s->impl, xen_domid, tx_id, path, data); 508 if (err) { 509 xs_error(s, req_id, tx_id, err); 510 return; 511 } 512 513 rsp->type = XS_READ; 514 rsp->req_id = req_id; 515 rsp->tx_id = tx_id; 516 rsp->len = 0; 517 518 len = data->len; 519 if (len > XENSTORE_PAYLOAD_MAX) { 520 xs_error(s, req_id, tx_id, E2BIG); 521 return; 522 } 523 524 memcpy(&rsp_data[rsp->len], data->data, len); 525 rsp->len += len; 526 } 527 528 static void xs_write(XenXenstoreState *s, unsigned int req_id, 529 xs_transaction_t tx_id, uint8_t *req_data, 530 unsigned int len) 531 { 532 g_autoptr(GByteArray) data = g_byte_array_new(); 533 const char *path; 534 int err; 535 536 if (len == 0) { 537 xs_error(s, req_id, tx_id, EINVAL); 538 return; 539 } 540 541 path = (const char *)req_data; 542 543 while (len--) { 544 if (*req_data++ == '\0') { 545 break; 546 } 547 if (len == 0) { 548 xs_error(s, req_id, tx_id, EINVAL); 549 return; 550 } 551 } 552 553 g_byte_array_append(data, req_data, len); 554 555 trace_xenstore_write(tx_id, path); 556 err = xs_impl_write(s->impl, xen_domid, tx_id, path, data); 557 if (err) { 558 xs_error(s, req_id, tx_id, err); 559 return; 560 } 561 562 xs_ok(s, XS_WRITE, req_id, tx_id); 563 } 564 565 static void xs_mkdir(XenXenstoreState *s, unsigned int req_id, 566 xs_transaction_t tx_id, uint8_t *req_data, 567 unsigned int len) 568 { 569 g_autoptr(GByteArray) data = g_byte_array_new(); 570 const char *path; 571 int err; 572 573 if (len == 0 || req_data[len - 1] != '\0') { 574 xs_error(s, req_id, tx_id, EINVAL); 575 return; 576 } 577 578 path = (const char *)req_data; 579 580 trace_xenstore_mkdir(tx_id, path); 581 err = xs_impl_read(s->impl, xen_domid, tx_id, path, data); 582 if (err == ENOENT) { 583 err = xs_impl_write(s->impl, xen_domid, tx_id, path, data); 584 } 585 586 if (!err) { 587 xs_error(s, req_id, tx_id, err); 588 return; 589 } 590 591 xs_ok(s, XS_MKDIR, req_id, tx_id); 592 } 593 594 static void xs_append_strings(XenXenstoreState *s, struct xsd_sockmsg *rsp, 595 GList *strings, unsigned int start, bool truncate) 596 { 597 uint8_t *rsp_data = (uint8_t *)&rsp[1]; 598 GList *l; 599 600 for (l = strings; l; l = l->next) { 601 size_t len = strlen(l->data) + 1; /* Including the NUL termination */ 602 char *str = l->data; 603 604 if (rsp->len + len > XENSTORE_PAYLOAD_MAX) { 605 if (truncate) { 606 len = XENSTORE_PAYLOAD_MAX - rsp->len; 607 if (!len) { 608 return; 609 } 610 } else { 611 xs_error(s, rsp->req_id, rsp->tx_id, E2BIG); 612 return; 613 } 614 } 615 616 if (start) { 617 if (start >= len) { 618 start -= len; 619 continue; 620 } 621 622 str += start; 623 len -= start; 624 start = 0; 625 } 626 627 memcpy(&rsp_data[rsp->len], str, len); 628 rsp->len += len; 629 } 630 /* XS_DIRECTORY_PART wants an extra NUL to indicate the end */ 631 if (truncate && rsp->len < XENSTORE_PAYLOAD_MAX) { 632 rsp_data[rsp->len++] = '\0'; 633 } 634 } 635 636 static void xs_directory(XenXenstoreState *s, unsigned int req_id, 637 xs_transaction_t tx_id, uint8_t *req_data, 638 unsigned int len) 639 { 640 struct xsd_sockmsg *rsp = (struct xsd_sockmsg *)s->rsp_data; 641 GList *items = NULL; 642 const char *path; 643 int err; 644 645 if (len == 0 || req_data[len - 1] != '\0') { 646 xs_error(s, req_id, tx_id, EINVAL); 647 return; 648 } 649 650 path = (const char *)req_data; 651 652 trace_xenstore_directory(tx_id, path); 653 err = xs_impl_directory(s->impl, xen_domid, tx_id, path, NULL, &items); 654 if (err != 0) { 655 xs_error(s, req_id, tx_id, err); 656 return; 657 } 658 659 rsp->type = XS_DIRECTORY; 660 rsp->req_id = req_id; 661 rsp->tx_id = tx_id; 662 rsp->len = 0; 663 664 xs_append_strings(s, rsp, items, 0, false); 665 666 g_list_free_full(items, g_free); 667 } 668 669 static void xs_directory_part(XenXenstoreState *s, unsigned int req_id, 670 xs_transaction_t tx_id, uint8_t *req_data, 671 unsigned int len) 672 { 673 const char *offset_str, *path = (const char *)req_data; 674 struct xsd_sockmsg *rsp = (struct xsd_sockmsg *)s->rsp_data; 675 char *rsp_data = (char *)&rsp[1]; 676 uint64_t gencnt = 0; 677 unsigned int offset; 678 GList *items = NULL; 679 int err; 680 681 if (len == 0) { 682 xs_error(s, req_id, tx_id, EINVAL); 683 return; 684 } 685 686 while (len--) { 687 if (*req_data++ == '\0') { 688 break; 689 } 690 if (len == 0) { 691 xs_error(s, req_id, tx_id, EINVAL); 692 return; 693 } 694 } 695 696 offset_str = (const char *)req_data; 697 while (len--) { 698 if (*req_data++ == '\0') { 699 break; 700 } 701 if (len == 0) { 702 xs_error(s, req_id, tx_id, EINVAL); 703 return; 704 } 705 } 706 707 if (len) { 708 xs_error(s, req_id, tx_id, EINVAL); 709 return; 710 } 711 712 if (qemu_strtoui(offset_str, NULL, 10, &offset) < 0) { 713 xs_error(s, req_id, tx_id, EINVAL); 714 return; 715 } 716 717 trace_xenstore_directory_part(tx_id, path, offset); 718 err = xs_impl_directory(s->impl, xen_domid, tx_id, path, &gencnt, &items); 719 if (err != 0) { 720 xs_error(s, req_id, tx_id, err); 721 return; 722 } 723 724 rsp->type = XS_DIRECTORY_PART; 725 rsp->req_id = req_id; 726 rsp->tx_id = tx_id; 727 rsp->len = snprintf(rsp_data, XENSTORE_PAYLOAD_MAX, "%" PRIu64, gencnt) + 1; 728 729 xs_append_strings(s, rsp, items, offset, true); 730 731 g_list_free_full(items, g_free); 732 } 733 734 static void xs_transaction_start(XenXenstoreState *s, unsigned int req_id, 735 xs_transaction_t tx_id, uint8_t *req_data, 736 unsigned int len) 737 { 738 struct xsd_sockmsg *rsp = (struct xsd_sockmsg *)s->rsp_data; 739 char *rsp_data = (char *)&rsp[1]; 740 int err; 741 742 if (len != 1 || req_data[0] != '\0') { 743 xs_error(s, req_id, tx_id, EINVAL); 744 return; 745 } 746 747 rsp->type = XS_TRANSACTION_START; 748 rsp->req_id = req_id; 749 rsp->tx_id = tx_id; 750 rsp->len = 0; 751 752 err = xs_impl_transaction_start(s->impl, xen_domid, &tx_id); 753 if (err) { 754 xs_error(s, req_id, tx_id, err); 755 return; 756 } 757 758 trace_xenstore_transaction_start(tx_id); 759 760 rsp->len = snprintf(rsp_data, XENSTORE_PAYLOAD_MAX, "%u", tx_id); 761 assert(rsp->len < XENSTORE_PAYLOAD_MAX); 762 rsp->len++; 763 } 764 765 static void xs_transaction_end(XenXenstoreState *s, unsigned int req_id, 766 xs_transaction_t tx_id, uint8_t *req_data, 767 unsigned int len) 768 { 769 bool commit; 770 int err; 771 772 if (len != 2 || req_data[1] != '\0') { 773 xs_error(s, req_id, tx_id, EINVAL); 774 return; 775 } 776 777 switch (req_data[0]) { 778 case 'T': 779 commit = true; 780 break; 781 case 'F': 782 commit = false; 783 break; 784 default: 785 xs_error(s, req_id, tx_id, EINVAL); 786 return; 787 } 788 789 trace_xenstore_transaction_end(tx_id, commit); 790 err = xs_impl_transaction_end(s->impl, xen_domid, tx_id, commit); 791 if (err) { 792 xs_error(s, req_id, tx_id, err); 793 return; 794 } 795 796 xs_ok(s, XS_TRANSACTION_END, req_id, tx_id); 797 } 798 799 static void xs_rm(XenXenstoreState *s, unsigned int req_id, 800 xs_transaction_t tx_id, uint8_t *req_data, unsigned int len) 801 { 802 const char *path = (const char *)req_data; 803 int err; 804 805 if (len == 0 || req_data[len - 1] != '\0') { 806 xs_error(s, req_id, tx_id, EINVAL); 807 return; 808 } 809 810 trace_xenstore_rm(tx_id, path); 811 err = xs_impl_rm(s->impl, xen_domid, tx_id, path); 812 if (err) { 813 xs_error(s, req_id, tx_id, err); 814 return; 815 } 816 817 xs_ok(s, XS_RM, req_id, tx_id); 818 } 819 820 static void xs_get_perms(XenXenstoreState *s, unsigned int req_id, 821 xs_transaction_t tx_id, uint8_t *req_data, 822 unsigned int len) 823 { 824 const char *path = (const char *)req_data; 825 struct xsd_sockmsg *rsp = (struct xsd_sockmsg *)s->rsp_data; 826 GList *perms = NULL; 827 int err; 828 829 if (len == 0 || req_data[len - 1] != '\0') { 830 xs_error(s, req_id, tx_id, EINVAL); 831 return; 832 } 833 834 trace_xenstore_get_perms(tx_id, path); 835 err = xs_impl_get_perms(s->impl, xen_domid, tx_id, path, &perms); 836 if (err) { 837 xs_error(s, req_id, tx_id, err); 838 return; 839 } 840 841 rsp->type = XS_GET_PERMS; 842 rsp->req_id = req_id; 843 rsp->tx_id = tx_id; 844 rsp->len = 0; 845 846 xs_append_strings(s, rsp, perms, 0, false); 847 848 g_list_free_full(perms, g_free); 849 } 850 851 static void xs_set_perms(XenXenstoreState *s, unsigned int req_id, 852 xs_transaction_t tx_id, uint8_t *req_data, 853 unsigned int len) 854 { 855 const char *path = (const char *)req_data; 856 uint8_t *perm; 857 GList *perms = NULL; 858 int err; 859 860 if (len == 0) { 861 xs_error(s, req_id, tx_id, EINVAL); 862 return; 863 } 864 865 while (len--) { 866 if (*req_data++ == '\0') { 867 break; 868 } 869 if (len == 0) { 870 xs_error(s, req_id, tx_id, EINVAL); 871 return; 872 } 873 } 874 875 perm = req_data; 876 while (len--) { 877 if (*req_data++ == '\0') { 878 perms = g_list_append(perms, perm); 879 perm = req_data; 880 } 881 } 882 883 /* 884 * Note that there may be trailing garbage at the end of the buffer. 885 * This is explicitly permitted by the '?' at the end of the definition: 886 * 887 * SET_PERMS <path>|<perm-as-string>|+? 888 */ 889 890 trace_xenstore_set_perms(tx_id, path); 891 err = xs_impl_set_perms(s->impl, xen_domid, tx_id, path, perms); 892 g_list_free(perms); 893 if (err) { 894 xs_error(s, req_id, tx_id, err); 895 return; 896 } 897 898 xs_ok(s, XS_SET_PERMS, req_id, tx_id); 899 } 900 901 static void xs_watch(XenXenstoreState *s, unsigned int req_id, 902 xs_transaction_t tx_id, uint8_t *req_data, 903 unsigned int len) 904 { 905 const char *token, *path = (const char *)req_data; 906 int err; 907 908 if (len == 0) { 909 xs_error(s, req_id, tx_id, EINVAL); 910 return; 911 } 912 913 while (len--) { 914 if (*req_data++ == '\0') { 915 break; 916 } 917 if (len == 0) { 918 xs_error(s, req_id, tx_id, EINVAL); 919 return; 920 } 921 } 922 923 token = (const char *)req_data; 924 while (len--) { 925 if (*req_data++ == '\0') { 926 break; 927 } 928 if (len == 0) { 929 xs_error(s, req_id, tx_id, EINVAL); 930 return; 931 } 932 } 933 934 /* 935 * Note that there may be trailing garbage at the end of the buffer. 936 * This is explicitly permitted by the '?' at the end of the definition: 937 * 938 * WATCH <wpath>|<token>|? 939 */ 940 941 trace_xenstore_watch(path, token); 942 err = xs_impl_watch(s->impl, xen_domid, path, token, fire_watch_cb, s); 943 if (err) { 944 xs_error(s, req_id, tx_id, err); 945 return; 946 } 947 948 xs_ok(s, XS_WATCH, req_id, tx_id); 949 } 950 951 static void xs_unwatch(XenXenstoreState *s, unsigned int req_id, 952 xs_transaction_t tx_id, uint8_t *req_data, 953 unsigned int len) 954 { 955 const char *token, *path = (const char *)req_data; 956 int err; 957 958 if (len == 0) { 959 xs_error(s, req_id, tx_id, EINVAL); 960 return; 961 } 962 963 while (len--) { 964 if (*req_data++ == '\0') { 965 break; 966 } 967 if (len == 0) { 968 xs_error(s, req_id, tx_id, EINVAL); 969 return; 970 } 971 } 972 973 token = (const char *)req_data; 974 while (len--) { 975 if (*req_data++ == '\0') { 976 break; 977 } 978 if (len == 0) { 979 xs_error(s, req_id, tx_id, EINVAL); 980 return; 981 } 982 } 983 984 trace_xenstore_unwatch(path, token); 985 err = xs_impl_unwatch(s->impl, xen_domid, path, token, fire_watch_cb, s); 986 if (err) { 987 xs_error(s, req_id, tx_id, err); 988 return; 989 } 990 991 xs_ok(s, XS_UNWATCH, req_id, tx_id); 992 } 993 994 static void xs_reset_watches(XenXenstoreState *s, unsigned int req_id, 995 xs_transaction_t tx_id, uint8_t *req_data, 996 unsigned int len) 997 { 998 if (len == 0 || req_data[len - 1] != '\0') { 999 xs_error(s, req_id, tx_id, EINVAL); 1000 return; 1001 } 1002 1003 trace_xenstore_reset_watches(); 1004 xs_impl_reset_watches(s->impl, xen_domid); 1005 1006 xs_ok(s, XS_RESET_WATCHES, req_id, tx_id); 1007 } 1008 1009 static void xs_priv(XenXenstoreState *s, unsigned int req_id, 1010 xs_transaction_t tx_id, uint8_t *data, 1011 unsigned int len) 1012 { 1013 xs_error(s, req_id, tx_id, EACCES); 1014 } 1015 1016 static void xs_unimpl(XenXenstoreState *s, unsigned int req_id, 1017 xs_transaction_t tx_id, uint8_t *data, 1018 unsigned int len) 1019 { 1020 xs_error(s, req_id, tx_id, ENOSYS); 1021 } 1022 1023 typedef void (*xs_impl)(XenXenstoreState *s, unsigned int req_id, 1024 xs_transaction_t tx_id, uint8_t *data, 1025 unsigned int len); 1026 1027 struct xsd_req { 1028 const char *name; 1029 xs_impl fn; 1030 }; 1031 #define XSD_REQ(_type, _fn) \ 1032 [_type] = { .name = #_type, .fn = _fn } 1033 1034 struct xsd_req xsd_reqs[] = { 1035 XSD_REQ(XS_READ, xs_read), 1036 XSD_REQ(XS_WRITE, xs_write), 1037 XSD_REQ(XS_MKDIR, xs_mkdir), 1038 XSD_REQ(XS_DIRECTORY, xs_directory), 1039 XSD_REQ(XS_DIRECTORY_PART, xs_directory_part), 1040 XSD_REQ(XS_TRANSACTION_START, xs_transaction_start), 1041 XSD_REQ(XS_TRANSACTION_END, xs_transaction_end), 1042 XSD_REQ(XS_RM, xs_rm), 1043 XSD_REQ(XS_GET_PERMS, xs_get_perms), 1044 XSD_REQ(XS_SET_PERMS, xs_set_perms), 1045 XSD_REQ(XS_WATCH, xs_watch), 1046 XSD_REQ(XS_UNWATCH, xs_unwatch), 1047 XSD_REQ(XS_CONTROL, xs_priv), 1048 XSD_REQ(XS_INTRODUCE, xs_priv), 1049 XSD_REQ(XS_RELEASE, xs_priv), 1050 XSD_REQ(XS_IS_DOMAIN_INTRODUCED, xs_priv), 1051 XSD_REQ(XS_RESUME, xs_priv), 1052 XSD_REQ(XS_SET_TARGET, xs_priv), 1053 XSD_REQ(XS_RESET_WATCHES, xs_reset_watches), 1054 }; 1055 1056 static void process_req(XenXenstoreState *s) 1057 { 1058 struct xsd_sockmsg *req = (struct xsd_sockmsg *)s->req_data; 1059 xs_impl handler = NULL; 1060 1061 assert(req_pending(s)); 1062 assert(!s->rsp_pending); 1063 1064 if (req->type < ARRAY_SIZE(xsd_reqs)) { 1065 handler = xsd_reqs[req->type].fn; 1066 } 1067 if (!handler) { 1068 handler = &xs_unimpl; 1069 } 1070 1071 handler(s, req->req_id, req->tx_id, (uint8_t *)&req[1], req->len); 1072 1073 s->rsp_pending = true; 1074 reset_req(s); 1075 } 1076 1077 static unsigned int copy_from_ring(XenXenstoreState *s, uint8_t *ptr, 1078 unsigned int len) 1079 { 1080 if (!len) { 1081 return 0; 1082 } 1083 1084 XENSTORE_RING_IDX prod = qatomic_read(&s->xs->req_prod); 1085 XENSTORE_RING_IDX cons = qatomic_read(&s->xs->req_cons); 1086 unsigned int copied = 0; 1087 1088 /* Ensure the ring contents don't cross the req_prod access. */ 1089 smp_rmb(); 1090 1091 while (len) { 1092 unsigned int avail = prod - cons; 1093 unsigned int offset = MASK_XENSTORE_IDX(cons); 1094 unsigned int copylen = avail; 1095 1096 if (avail > XENSTORE_RING_SIZE) { 1097 error_report("XenStore ring handling error"); 1098 s->fatal_error = true; 1099 break; 1100 } else if (avail == 0) { 1101 break; 1102 } 1103 1104 if (copylen > len) { 1105 copylen = len; 1106 } 1107 if (copylen > XENSTORE_RING_SIZE - offset) { 1108 copylen = XENSTORE_RING_SIZE - offset; 1109 } 1110 1111 memcpy(ptr, &s->xs->req[offset], copylen); 1112 copied += copylen; 1113 1114 ptr += copylen; 1115 len -= copylen; 1116 1117 cons += copylen; 1118 } 1119 1120 /* 1121 * Not sure this ever mattered except on Alpha, but this barrier 1122 * is to ensure that the update to req_cons is globally visible 1123 * only after we have consumed all the data from the ring, and we 1124 * don't end up seeing data written to the ring *after* the other 1125 * end sees the update and writes more to the ring. Xen's own 1126 * xenstored has the same barrier here (although with no comment 1127 * at all, obviously, because it's Xen code). 1128 */ 1129 smp_mb(); 1130 1131 qatomic_set(&s->xs->req_cons, cons); 1132 1133 return copied; 1134 } 1135 1136 static unsigned int copy_to_ring(XenXenstoreState *s, uint8_t *ptr, 1137 unsigned int len) 1138 { 1139 if (!len) { 1140 return 0; 1141 } 1142 1143 XENSTORE_RING_IDX cons = qatomic_read(&s->xs->rsp_cons); 1144 XENSTORE_RING_IDX prod = qatomic_read(&s->xs->rsp_prod); 1145 unsigned int copied = 0; 1146 1147 /* 1148 * This matches the barrier in copy_to_ring() (or the guest's 1149 * equivalent) betweem writing the data to the ring and updating 1150 * rsp_prod. It protects against the pathological case (which 1151 * again I think never happened except on Alpha) where our 1152 * subsequent writes to the ring could *cross* the read of 1153 * rsp_cons and the guest could see the new data when it was 1154 * intending to read the old. 1155 */ 1156 smp_mb(); 1157 1158 while (len) { 1159 unsigned int avail = cons + XENSTORE_RING_SIZE - prod; 1160 unsigned int offset = MASK_XENSTORE_IDX(prod); 1161 unsigned int copylen = len; 1162 1163 if (avail > XENSTORE_RING_SIZE) { 1164 error_report("XenStore ring handling error"); 1165 s->fatal_error = true; 1166 break; 1167 } else if (avail == 0) { 1168 break; 1169 } 1170 1171 if (copylen > avail) { 1172 copylen = avail; 1173 } 1174 if (copylen > XENSTORE_RING_SIZE - offset) { 1175 copylen = XENSTORE_RING_SIZE - offset; 1176 } 1177 1178 1179 memcpy(&s->xs->rsp[offset], ptr, copylen); 1180 copied += copylen; 1181 1182 ptr += copylen; 1183 len -= copylen; 1184 1185 prod += copylen; 1186 } 1187 1188 /* Ensure the ring contents are seen before rsp_prod update. */ 1189 smp_wmb(); 1190 1191 qatomic_set(&s->xs->rsp_prod, prod); 1192 1193 return copied; 1194 } 1195 1196 static unsigned int get_req(XenXenstoreState *s) 1197 { 1198 unsigned int copied = 0; 1199 1200 if (s->fatal_error) { 1201 return 0; 1202 } 1203 1204 assert(!req_pending(s)); 1205 1206 if (s->req_offset < XENSTORE_HEADER_SIZE) { 1207 void *ptr = s->req_data + s->req_offset; 1208 unsigned int len = XENSTORE_HEADER_SIZE; 1209 unsigned int copylen = copy_from_ring(s, ptr, len); 1210 1211 copied += copylen; 1212 s->req_offset += copylen; 1213 } 1214 1215 if (s->req_offset >= XENSTORE_HEADER_SIZE) { 1216 struct xsd_sockmsg *req = (struct xsd_sockmsg *)s->req_data; 1217 1218 if (req->len > (uint32_t)XENSTORE_PAYLOAD_MAX) { 1219 error_report("Illegal XenStore request"); 1220 s->fatal_error = true; 1221 return 0; 1222 } 1223 1224 void *ptr = s->req_data + s->req_offset; 1225 unsigned int len = XENSTORE_HEADER_SIZE + req->len - s->req_offset; 1226 unsigned int copylen = copy_from_ring(s, ptr, len); 1227 1228 copied += copylen; 1229 s->req_offset += copylen; 1230 } 1231 1232 return copied; 1233 } 1234 1235 static unsigned int put_rsp(XenXenstoreState *s) 1236 { 1237 if (s->fatal_error) { 1238 return 0; 1239 } 1240 1241 assert(s->rsp_pending); 1242 1243 struct xsd_sockmsg *rsp = (struct xsd_sockmsg *)s->rsp_data; 1244 assert(s->rsp_offset < XENSTORE_HEADER_SIZE + rsp->len); 1245 1246 void *ptr = s->rsp_data + s->rsp_offset; 1247 unsigned int len = XENSTORE_HEADER_SIZE + rsp->len - s->rsp_offset; 1248 unsigned int copylen = copy_to_ring(s, ptr, len); 1249 1250 s->rsp_offset += copylen; 1251 1252 /* Have we produced a complete response? */ 1253 if (s->rsp_offset == XENSTORE_HEADER_SIZE + rsp->len) { 1254 reset_rsp(s); 1255 } 1256 1257 return copylen; 1258 } 1259 1260 static void deliver_watch(XenXenstoreState *s, const char *path, 1261 const char *token) 1262 { 1263 struct xsd_sockmsg *rsp = (struct xsd_sockmsg *)s->rsp_data; 1264 uint8_t *rsp_data = (uint8_t *)&rsp[1]; 1265 unsigned int len; 1266 1267 assert(!s->rsp_pending); 1268 1269 trace_xenstore_watch_event(path, token); 1270 1271 rsp->type = XS_WATCH_EVENT; 1272 rsp->req_id = 0; 1273 rsp->tx_id = 0; 1274 rsp->len = 0; 1275 1276 len = strlen(path); 1277 1278 /* XENSTORE_ABS/REL_PATH_MAX should ensure there can be no overflow */ 1279 assert(rsp->len + len < XENSTORE_PAYLOAD_MAX); 1280 1281 memcpy(&rsp_data[rsp->len], path, len); 1282 rsp->len += len; 1283 rsp_data[rsp->len] = '\0'; 1284 rsp->len++; 1285 1286 len = strlen(token); 1287 /* 1288 * It is possible for the guest to have chosen a token that will 1289 * not fit (along with the patch) into a watch event. We have no 1290 * choice but to drop the event if this is the case. 1291 */ 1292 if (rsp->len + len >= XENSTORE_PAYLOAD_MAX) { 1293 return; 1294 } 1295 1296 memcpy(&rsp_data[rsp->len], token, len); 1297 rsp->len += len; 1298 rsp_data[rsp->len] = '\0'; 1299 rsp->len++; 1300 1301 s->rsp_pending = true; 1302 } 1303 1304 struct watch_event { 1305 char *path; 1306 char *token; 1307 }; 1308 1309 static void queue_watch(XenXenstoreState *s, const char *path, 1310 const char *token) 1311 { 1312 struct watch_event *ev = g_new0(struct watch_event, 1); 1313 1314 ev->path = g_strdup(path); 1315 ev->token = g_strdup(token); 1316 1317 s->watch_events = g_list_append(s->watch_events, ev); 1318 } 1319 1320 static void fire_watch_cb(void *opaque, const char *path, const char *token) 1321 { 1322 XenXenstoreState *s = opaque; 1323 1324 assert(qemu_mutex_iothread_locked()); 1325 1326 /* 1327 * If there's a response pending, we obviously can't scribble over 1328 * it. But if there's a request pending, it has dibs on the buffer 1329 * too. 1330 * 1331 * In the common case of a watch firing due to backend activity 1332 * when the ring was otherwise idle, we should be able to copy the 1333 * strings directly into the rsp_data and thence the actual ring, 1334 * without needing to perform any allocations and queue them. 1335 */ 1336 if (s->rsp_pending || req_pending(s)) { 1337 queue_watch(s, path, token); 1338 } else { 1339 deliver_watch(s, path, token); 1340 /* 1341 * If the message was queued because there was already ring activity, 1342 * no need to wake the guest. But if not, we need to send the evtchn. 1343 */ 1344 xen_be_evtchn_notify(s->eh, s->be_port); 1345 } 1346 } 1347 1348 static void process_watch_events(XenXenstoreState *s) 1349 { 1350 struct watch_event *ev = s->watch_events->data; 1351 1352 deliver_watch(s, ev->path, ev->token); 1353 1354 s->watch_events = g_list_remove(s->watch_events, ev); 1355 g_free(ev->path); 1356 g_free(ev->token); 1357 g_free(ev); 1358 } 1359 1360 static void xen_xenstore_event(void *opaque) 1361 { 1362 XenXenstoreState *s = opaque; 1363 evtchn_port_t port = xen_be_evtchn_pending(s->eh); 1364 unsigned int copied_to, copied_from; 1365 bool processed, notify = false; 1366 1367 if (port != s->be_port) { 1368 return; 1369 } 1370 1371 /* We know this is a no-op. */ 1372 xen_be_evtchn_unmask(s->eh, port); 1373 1374 do { 1375 copied_to = copied_from = 0; 1376 processed = false; 1377 1378 if (!s->rsp_pending && s->watch_events) { 1379 process_watch_events(s); 1380 } 1381 1382 if (s->rsp_pending) { 1383 copied_to = put_rsp(s); 1384 } 1385 1386 if (!req_pending(s)) { 1387 copied_from = get_req(s); 1388 } 1389 1390 if (req_pending(s) && !s->rsp_pending && !s->watch_events) { 1391 process_req(s); 1392 processed = true; 1393 } 1394 1395 notify |= copied_to || copied_from; 1396 } while (copied_to || copied_from || processed); 1397 1398 if (notify) { 1399 xen_be_evtchn_notify(s->eh, s->be_port); 1400 } 1401 } 1402 1403 static void alloc_guest_port(XenXenstoreState *s) 1404 { 1405 struct evtchn_alloc_unbound alloc = { 1406 .dom = DOMID_SELF, 1407 .remote_dom = DOMID_QEMU, 1408 }; 1409 1410 if (!xen_evtchn_alloc_unbound_op(&alloc)) { 1411 s->guest_port = alloc.port; 1412 } 1413 } 1414 1415 int xen_xenstore_reset(void) 1416 { 1417 XenXenstoreState *s = xen_xenstore_singleton; 1418 int err; 1419 1420 if (!s) { 1421 return -ENOTSUP; 1422 } 1423 1424 s->req_offset = s->rsp_offset = 0; 1425 s->rsp_pending = false; 1426 1427 if (!memory_region_is_mapped(&s->xenstore_page)) { 1428 uint64_t gpa = XEN_SPECIAL_PFN(XENSTORE) << TARGET_PAGE_BITS; 1429 xen_overlay_do_map_page(&s->xenstore_page, gpa); 1430 } 1431 1432 alloc_guest_port(s); 1433 1434 /* 1435 * As qemu/dom0, bind to the guest's port. For incoming migration, this 1436 * will be unbound as the guest's evtchn table is overwritten. We then 1437 * rebind to the correct guest port in xen_xenstore_post_load(). 1438 */ 1439 err = xen_be_evtchn_bind_interdomain(s->eh, xen_domid, s->guest_port); 1440 if (err < 0) { 1441 return err; 1442 } 1443 s->be_port = err; 1444 1445 return 0; 1446 } 1447