1 // SPDX-License-Identifier: GPL-2.0-only
2 /*
3 * VMware VMCI Driver
4 *
5 * Copyright (C) 2012 VMware, Inc. All rights reserved.
6 */
7
8 #include <linux/vmw_vmci_defs.h>
9 #include <linux/vmw_vmci_api.h>
10 #include <linux/completion.h>
11 #include <linux/hash.h>
12 #include <linux/kernel.h>
13 #include <linux/list.h>
14 #include <linux/module.h>
15 #include <linux/sched.h>
16 #include <linux/slab.h>
17
18 #include "vmci_datagram.h"
19 #include "vmci_doorbell.h"
20 #include "vmci_resource.h"
21 #include "vmci_driver.h"
22 #include "vmci_route.h"
23
24
25 #define VMCI_DOORBELL_INDEX_BITS 6
26 #define VMCI_DOORBELL_INDEX_TABLE_SIZE (1 << VMCI_DOORBELL_INDEX_BITS)
27 #define VMCI_DOORBELL_HASH(_idx) hash_32(_idx, VMCI_DOORBELL_INDEX_BITS)
28
29 /*
30 * DoorbellEntry describes the a doorbell notification handle allocated by the
31 * host.
32 */
33 struct dbell_entry {
34 struct vmci_resource resource;
35 struct hlist_node node;
36 struct work_struct work;
37 vmci_callback notify_cb;
38 void *client_data;
39 u32 idx;
40 u32 priv_flags;
41 bool run_delayed;
42 atomic_t active; /* Only used by guest personality */
43 };
44
45 /* The VMCI index table keeps track of currently registered doorbells. */
46 struct dbell_index_table {
47 spinlock_t lock; /* Index table lock */
48 struct hlist_head entries[VMCI_DOORBELL_INDEX_TABLE_SIZE];
49 };
50
51 static struct dbell_index_table vmci_doorbell_it = {
52 .lock = __SPIN_LOCK_UNLOCKED(vmci_doorbell_it.lock),
53 };
54
55 /*
56 * The max_notify_idx is one larger than the currently known bitmap index in
57 * use, and is used to determine how much of the bitmap needs to be scanned.
58 */
59 static u32 max_notify_idx;
60
61 /*
62 * The notify_idx_count is used for determining whether there are free entries
63 * within the bitmap (if notify_idx_count + 1 < max_notify_idx).
64 */
65 static u32 notify_idx_count;
66
67 /*
68 * The last_notify_idx_reserved is used to track the last index handed out - in
69 * the case where multiple handles share a notification index, we hand out
70 * indexes round robin based on last_notify_idx_reserved.
71 */
72 static u32 last_notify_idx_reserved;
73
74 /* This is a one entry cache used to by the index allocation. */
75 static u32 last_notify_idx_released = PAGE_SIZE;
76
77
78 /*
79 * Utility function that retrieves the privilege flags associated
80 * with a given doorbell handle. For guest endpoints, the
81 * privileges are determined by the context ID, but for host
82 * endpoints privileges are associated with the complete
83 * handle. Hypervisor endpoints are not yet supported.
84 */
vmci_dbell_get_priv_flags(struct vmci_handle handle,u32 * priv_flags)85 int vmci_dbell_get_priv_flags(struct vmci_handle handle, u32 *priv_flags)
86 {
87 if (priv_flags == NULL || handle.context == VMCI_INVALID_ID)
88 return VMCI_ERROR_INVALID_ARGS;
89
90 if (handle.context == VMCI_HOST_CONTEXT_ID) {
91 struct dbell_entry *entry;
92 struct vmci_resource *resource;
93
94 resource = vmci_resource_by_handle(handle,
95 VMCI_RESOURCE_TYPE_DOORBELL);
96 if (!resource)
97 return VMCI_ERROR_NOT_FOUND;
98
99 entry = container_of(resource, struct dbell_entry, resource);
100 *priv_flags = entry->priv_flags;
101 vmci_resource_put(resource);
102 } else if (handle.context == VMCI_HYPERVISOR_CONTEXT_ID) {
103 /*
104 * Hypervisor endpoints for notifications are not
105 * supported (yet).
106 */
107 return VMCI_ERROR_INVALID_ARGS;
108 } else {
109 *priv_flags = vmci_context_get_priv_flags(handle.context);
110 }
111
112 return VMCI_SUCCESS;
113 }
114
115 /*
116 * Find doorbell entry by bitmap index.
117 */
dbell_index_table_find(u32 idx)118 static struct dbell_entry *dbell_index_table_find(u32 idx)
119 {
120 u32 bucket = VMCI_DOORBELL_HASH(idx);
121 struct dbell_entry *dbell;
122
123 hlist_for_each_entry(dbell, &vmci_doorbell_it.entries[bucket],
124 node) {
125 if (idx == dbell->idx)
126 return dbell;
127 }
128
129 return NULL;
130 }
131
132 /*
133 * Add the given entry to the index table. This willi take a reference to the
134 * entry's resource so that the entry is not deleted before it is removed from
135 * the * table.
136 */
dbell_index_table_add(struct dbell_entry * entry)137 static void dbell_index_table_add(struct dbell_entry *entry)
138 {
139 u32 bucket;
140 u32 new_notify_idx;
141
142 vmci_resource_get(&entry->resource);
143
144 spin_lock_bh(&vmci_doorbell_it.lock);
145
146 /*
147 * Below we try to allocate an index in the notification
148 * bitmap with "not too much" sharing between resources. If we
149 * use less that the full bitmap, we either add to the end if
150 * there are no unused flags within the currently used area,
151 * or we search for unused ones. If we use the full bitmap, we
152 * allocate the index round robin.
153 */
154 if (max_notify_idx < PAGE_SIZE || notify_idx_count < PAGE_SIZE) {
155 if (last_notify_idx_released < max_notify_idx &&
156 !dbell_index_table_find(last_notify_idx_released)) {
157 new_notify_idx = last_notify_idx_released;
158 last_notify_idx_released = PAGE_SIZE;
159 } else {
160 bool reused = false;
161 new_notify_idx = last_notify_idx_reserved;
162 if (notify_idx_count + 1 < max_notify_idx) {
163 do {
164 if (!dbell_index_table_find
165 (new_notify_idx)) {
166 reused = true;
167 break;
168 }
169 new_notify_idx = (new_notify_idx + 1) %
170 max_notify_idx;
171 } while (new_notify_idx !=
172 last_notify_idx_released);
173 }
174 if (!reused) {
175 new_notify_idx = max_notify_idx;
176 max_notify_idx++;
177 }
178 }
179 } else {
180 new_notify_idx = (last_notify_idx_reserved + 1) % PAGE_SIZE;
181 }
182
183 last_notify_idx_reserved = new_notify_idx;
184 notify_idx_count++;
185
186 entry->idx = new_notify_idx;
187 bucket = VMCI_DOORBELL_HASH(entry->idx);
188 hlist_add_head(&entry->node, &vmci_doorbell_it.entries[bucket]);
189
190 spin_unlock_bh(&vmci_doorbell_it.lock);
191 }
192
193 /*
194 * Remove the given entry from the index table. This will release() the
195 * entry's resource.
196 */
dbell_index_table_remove(struct dbell_entry * entry)197 static void dbell_index_table_remove(struct dbell_entry *entry)
198 {
199 spin_lock_bh(&vmci_doorbell_it.lock);
200
201 hlist_del_init(&entry->node);
202
203 notify_idx_count--;
204 if (entry->idx == max_notify_idx - 1) {
205 /*
206 * If we delete an entry with the maximum known
207 * notification index, we take the opportunity to
208 * prune the current max. As there might be other
209 * unused indices immediately below, we lower the
210 * maximum until we hit an index in use.
211 */
212 while (max_notify_idx > 0 &&
213 !dbell_index_table_find(max_notify_idx - 1))
214 max_notify_idx--;
215 }
216
217 last_notify_idx_released = entry->idx;
218
219 spin_unlock_bh(&vmci_doorbell_it.lock);
220
221 vmci_resource_put(&entry->resource);
222 }
223
224 /*
225 * Creates a link between the given doorbell handle and the given
226 * index in the bitmap in the device backend. A notification state
227 * is created in hypervisor.
228 */
dbell_link(struct vmci_handle handle,u32 notify_idx)229 static int dbell_link(struct vmci_handle handle, u32 notify_idx)
230 {
231 struct vmci_doorbell_link_msg link_msg;
232
233 link_msg.hdr.dst = vmci_make_handle(VMCI_HYPERVISOR_CONTEXT_ID,
234 VMCI_DOORBELL_LINK);
235 link_msg.hdr.src = VMCI_ANON_SRC_HANDLE;
236 link_msg.hdr.payload_size = sizeof(link_msg) - VMCI_DG_HEADERSIZE;
237 link_msg.handle = handle;
238 link_msg.notify_idx = notify_idx;
239
240 return vmci_send_datagram(&link_msg.hdr);
241 }
242
243 /*
244 * Unlinks the given doorbell handle from an index in the bitmap in
245 * the device backend. The notification state is destroyed in hypervisor.
246 */
dbell_unlink(struct vmci_handle handle)247 static int dbell_unlink(struct vmci_handle handle)
248 {
249 struct vmci_doorbell_unlink_msg unlink_msg;
250
251 unlink_msg.hdr.dst = vmci_make_handle(VMCI_HYPERVISOR_CONTEXT_ID,
252 VMCI_DOORBELL_UNLINK);
253 unlink_msg.hdr.src = VMCI_ANON_SRC_HANDLE;
254 unlink_msg.hdr.payload_size = sizeof(unlink_msg) - VMCI_DG_HEADERSIZE;
255 unlink_msg.handle = handle;
256
257 return vmci_send_datagram(&unlink_msg.hdr);
258 }
259
260 /*
261 * Calls the specified callback in a delayed context.
262 */
dbell_delayed_dispatch(struct work_struct * work)263 static void dbell_delayed_dispatch(struct work_struct *work)
264 {
265 struct dbell_entry *entry = container_of(work,
266 struct dbell_entry, work);
267
268 entry->notify_cb(entry->client_data);
269 vmci_resource_put(&entry->resource);
270 }
271
272 /*
273 * Dispatches a doorbell notification to the host context.
274 */
vmci_dbell_host_context_notify(u32 src_cid,struct vmci_handle handle)275 int vmci_dbell_host_context_notify(u32 src_cid, struct vmci_handle handle)
276 {
277 struct dbell_entry *entry;
278 struct vmci_resource *resource;
279
280 if (vmci_handle_is_invalid(handle)) {
281 pr_devel("Notifying an invalid doorbell (handle=0x%x:0x%x)\n",
282 handle.context, handle.resource);
283 return VMCI_ERROR_INVALID_ARGS;
284 }
285
286 resource = vmci_resource_by_handle(handle,
287 VMCI_RESOURCE_TYPE_DOORBELL);
288 if (!resource) {
289 pr_devel("Notifying an unknown doorbell (handle=0x%x:0x%x)\n",
290 handle.context, handle.resource);
291 return VMCI_ERROR_NOT_FOUND;
292 }
293
294 entry = container_of(resource, struct dbell_entry, resource);
295 if (entry->run_delayed) {
296 if (!schedule_work(&entry->work))
297 vmci_resource_put(resource);
298 } else {
299 entry->notify_cb(entry->client_data);
300 vmci_resource_put(resource);
301 }
302
303 return VMCI_SUCCESS;
304 }
305
306 /*
307 * Register the notification bitmap with the host.
308 */
vmci_dbell_register_notification_bitmap(u64 bitmap_ppn)309 bool vmci_dbell_register_notification_bitmap(u64 bitmap_ppn)
310 {
311 int result;
312 struct vmci_notify_bm_set_msg bitmap_set_msg = { };
313
314 bitmap_set_msg.hdr.dst = vmci_make_handle(VMCI_HYPERVISOR_CONTEXT_ID,
315 VMCI_SET_NOTIFY_BITMAP);
316 bitmap_set_msg.hdr.src = VMCI_ANON_SRC_HANDLE;
317 bitmap_set_msg.hdr.payload_size = sizeof(bitmap_set_msg) -
318 VMCI_DG_HEADERSIZE;
319 if (vmci_use_ppn64())
320 bitmap_set_msg.bitmap_ppn64 = bitmap_ppn;
321 else
322 bitmap_set_msg.bitmap_ppn32 = (u32) bitmap_ppn;
323
324 result = vmci_send_datagram(&bitmap_set_msg.hdr);
325 if (result != VMCI_SUCCESS) {
326 pr_devel("Failed to register (PPN=%llu) as notification bitmap (error=%d)\n",
327 bitmap_ppn, result);
328 return false;
329 }
330 return true;
331 }
332
333 /*
334 * Executes or schedules the handlers for a given notify index.
335 */
dbell_fire_entries(u32 notify_idx)336 static void dbell_fire_entries(u32 notify_idx)
337 {
338 u32 bucket = VMCI_DOORBELL_HASH(notify_idx);
339 struct dbell_entry *dbell;
340
341 spin_lock_bh(&vmci_doorbell_it.lock);
342
343 hlist_for_each_entry(dbell, &vmci_doorbell_it.entries[bucket], node) {
344 if (dbell->idx == notify_idx &&
345 atomic_read(&dbell->active) == 1) {
346 if (dbell->run_delayed) {
347 vmci_resource_get(&dbell->resource);
348 if (!schedule_work(&dbell->work))
349 vmci_resource_put(&dbell->resource);
350 } else {
351 dbell->notify_cb(dbell->client_data);
352 }
353 }
354 }
355
356 spin_unlock_bh(&vmci_doorbell_it.lock);
357 }
358
359 /*
360 * Scans the notification bitmap, collects pending notifications,
361 * resets the bitmap and invokes appropriate callbacks.
362 */
vmci_dbell_scan_notification_entries(u8 * bitmap)363 void vmci_dbell_scan_notification_entries(u8 *bitmap)
364 {
365 u32 idx;
366
367 for (idx = 0; idx < max_notify_idx; idx++) {
368 if (bitmap[idx] & 0x1) {
369 bitmap[idx] &= ~1;
370 dbell_fire_entries(idx);
371 }
372 }
373 }
374
375 /*
376 * vmci_doorbell_create() - Creates a doorbell
377 * @handle: A handle used to track the resource. Can be invalid.
378 * @flags: Flag that determines context of callback.
379 * @priv_flags: Privileges flags.
380 * @notify_cb: The callback to be ivoked when the doorbell fires.
381 * @client_data: A parameter to be passed to the callback.
382 *
383 * Creates a doorbell with the given callback. If the handle is
384 * VMCI_INVALID_HANDLE, a free handle will be assigned, if
385 * possible. The callback can be run immediately (potentially with
386 * locks held - the default) or delayed (in a kernel thread) by
387 * specifying the flag VMCI_FLAG_DELAYED_CB. If delayed execution
388 * is selected, a given callback may not be run if the kernel is
389 * unable to allocate memory for the delayed execution (highly
390 * unlikely).
391 */
vmci_doorbell_create(struct vmci_handle * handle,u32 flags,u32 priv_flags,vmci_callback notify_cb,void * client_data)392 int vmci_doorbell_create(struct vmci_handle *handle,
393 u32 flags,
394 u32 priv_flags,
395 vmci_callback notify_cb, void *client_data)
396 {
397 struct dbell_entry *entry;
398 struct vmci_handle new_handle;
399 int result;
400
401 if (!handle || !notify_cb || flags & ~VMCI_FLAG_DELAYED_CB ||
402 priv_flags & ~VMCI_PRIVILEGE_ALL_FLAGS)
403 return VMCI_ERROR_INVALID_ARGS;
404
405 entry = kmalloc(sizeof(*entry), GFP_KERNEL);
406 if (entry == NULL) {
407 pr_warn("Failed allocating memory for datagram entry\n");
408 return VMCI_ERROR_NO_MEM;
409 }
410
411 if (vmci_handle_is_invalid(*handle)) {
412 u32 context_id = vmci_get_context_id();
413
414 if (context_id == VMCI_INVALID_ID) {
415 pr_warn("Failed to get context ID\n");
416 result = VMCI_ERROR_NO_RESOURCES;
417 goto free_mem;
418 }
419
420 /* Let resource code allocate a free ID for us */
421 new_handle = vmci_make_handle(context_id, VMCI_INVALID_ID);
422 } else {
423 bool valid_context = false;
424
425 /*
426 * Validate the handle. We must do both of the checks below
427 * because we can be acting as both a host and a guest at the
428 * same time. We always allow the host context ID, since the
429 * host functionality is in practice always there with the
430 * unified driver.
431 */
432 if (handle->context == VMCI_HOST_CONTEXT_ID ||
433 (vmci_guest_code_active() &&
434 vmci_get_context_id() == handle->context)) {
435 valid_context = true;
436 }
437
438 if (!valid_context || handle->resource == VMCI_INVALID_ID) {
439 pr_devel("Invalid argument (handle=0x%x:0x%x)\n",
440 handle->context, handle->resource);
441 result = VMCI_ERROR_INVALID_ARGS;
442 goto free_mem;
443 }
444
445 new_handle = *handle;
446 }
447
448 entry->idx = 0;
449 INIT_HLIST_NODE(&entry->node);
450 entry->priv_flags = priv_flags;
451 INIT_WORK(&entry->work, dbell_delayed_dispatch);
452 entry->run_delayed = flags & VMCI_FLAG_DELAYED_CB;
453 entry->notify_cb = notify_cb;
454 entry->client_data = client_data;
455 atomic_set(&entry->active, 0);
456
457 result = vmci_resource_add(&entry->resource,
458 VMCI_RESOURCE_TYPE_DOORBELL,
459 new_handle);
460 if (result != VMCI_SUCCESS) {
461 pr_warn("Failed to add new resource (handle=0x%x:0x%x), error: %d\n",
462 new_handle.context, new_handle.resource, result);
463 goto free_mem;
464 }
465
466 new_handle = vmci_resource_handle(&entry->resource);
467 if (vmci_guest_code_active()) {
468 dbell_index_table_add(entry);
469 result = dbell_link(new_handle, entry->idx);
470 if (VMCI_SUCCESS != result)
471 goto destroy_resource;
472
473 atomic_set(&entry->active, 1);
474 }
475
476 *handle = new_handle;
477
478 return result;
479
480 destroy_resource:
481 dbell_index_table_remove(entry);
482 vmci_resource_remove(&entry->resource);
483 free_mem:
484 kfree(entry);
485 return result;
486 }
487 EXPORT_SYMBOL_GPL(vmci_doorbell_create);
488
489 /*
490 * vmci_doorbell_destroy() - Destroy a doorbell.
491 * @handle: The handle tracking the resource.
492 *
493 * Destroys a doorbell previously created with vmcii_doorbell_create. This
494 * operation may block waiting for a callback to finish.
495 */
vmci_doorbell_destroy(struct vmci_handle handle)496 int vmci_doorbell_destroy(struct vmci_handle handle)
497 {
498 struct dbell_entry *entry;
499 struct vmci_resource *resource;
500
501 if (vmci_handle_is_invalid(handle))
502 return VMCI_ERROR_INVALID_ARGS;
503
504 resource = vmci_resource_by_handle(handle,
505 VMCI_RESOURCE_TYPE_DOORBELL);
506 if (!resource) {
507 pr_devel("Failed to destroy doorbell (handle=0x%x:0x%x)\n",
508 handle.context, handle.resource);
509 return VMCI_ERROR_NOT_FOUND;
510 }
511
512 entry = container_of(resource, struct dbell_entry, resource);
513
514 if (!hlist_unhashed(&entry->node)) {
515 int result;
516
517 dbell_index_table_remove(entry);
518
519 result = dbell_unlink(handle);
520 if (VMCI_SUCCESS != result) {
521
522 /*
523 * The only reason this should fail would be
524 * an inconsistency between guest and
525 * hypervisor state, where the guest believes
526 * it has an active registration whereas the
527 * hypervisor doesn't. One case where this may
528 * happen is if a doorbell is unregistered
529 * following a hibernation at a time where the
530 * doorbell state hasn't been restored on the
531 * hypervisor side yet. Since the handle has
532 * now been removed in the guest, we just
533 * print a warning and return success.
534 */
535 pr_devel("Unlink of doorbell (handle=0x%x:0x%x) unknown by hypervisor (error=%d)\n",
536 handle.context, handle.resource, result);
537 }
538 }
539
540 /*
541 * Now remove the resource from the table. It might still be in use
542 * after this, in a callback or still on the delayed work queue.
543 */
544 vmci_resource_put(&entry->resource);
545 vmci_resource_remove(&entry->resource);
546
547 kfree(entry);
548
549 return VMCI_SUCCESS;
550 }
551 EXPORT_SYMBOL_GPL(vmci_doorbell_destroy);
552