1a28b0fc0SDavid Woodhouse /* 2a28b0fc0SDavid Woodhouse * QEMU Xen emulation: Grant table support 3a28b0fc0SDavid Woodhouse * 4a28b0fc0SDavid Woodhouse * Copyright © 2022 Amazon.com, Inc. or its affiliates. All Rights Reserved. 5a28b0fc0SDavid Woodhouse * 6a28b0fc0SDavid Woodhouse * Authors: David Woodhouse <dwmw2@infradead.org> 7a28b0fc0SDavid Woodhouse * 8a28b0fc0SDavid Woodhouse * This work is licensed under the terms of the GNU GPL, version 2 or later. 9a28b0fc0SDavid Woodhouse * See the COPYING file in the top-level directory. 10a28b0fc0SDavid Woodhouse */ 11a28b0fc0SDavid Woodhouse 12a28b0fc0SDavid Woodhouse #include "qemu/osdep.h" 13a28b0fc0SDavid Woodhouse #include "qemu/host-utils.h" 14a28b0fc0SDavid Woodhouse #include "qemu/module.h" 15a28b0fc0SDavid Woodhouse #include "qemu/lockable.h" 16a28b0fc0SDavid Woodhouse #include "qemu/main-loop.h" 17a28b0fc0SDavid Woodhouse #include "qapi/error.h" 18a28b0fc0SDavid Woodhouse #include "qom/object.h" 19a28b0fc0SDavid Woodhouse #include "exec/target_page.h" 20dfc56946SRichard Henderson #include "system/address-spaces.h" 21a28b0fc0SDavid Woodhouse #include "migration/vmstate.h" 22a28b0fc0SDavid Woodhouse 23a28b0fc0SDavid Woodhouse #include "hw/sysbus.h" 24a28b0fc0SDavid Woodhouse #include "hw/xen/xen.h" 25b08d88e3SDavid Woodhouse #include "hw/xen/xen_backend_ops.h" 26a28b0fc0SDavid Woodhouse #include "xen_overlay.h" 27a28b0fc0SDavid Woodhouse #include "xen_gnttab.h" 28a72ccc7fSDavid Woodhouse #include "xen_primary_console.h" 29a28b0fc0SDavid Woodhouse 3032cad1ffSPhilippe Mathieu-Daudé #include "system/kvm.h" 3132cad1ffSPhilippe Mathieu-Daudé #include "system/kvm_xen.h" 32a28b0fc0SDavid Woodhouse 33a28b0fc0SDavid Woodhouse #include "hw/xen/interface/memory.h" 34a28b0fc0SDavid Woodhouse #include "hw/xen/interface/grant_table.h" 35a28b0fc0SDavid Woodhouse 36a28b0fc0SDavid Woodhouse #define TYPE_XEN_GNTTAB "xen-gnttab" 37a28b0fc0SDavid Woodhouse OBJECT_DECLARE_SIMPLE_TYPE(XenGnttabState, XEN_GNTTAB) 38a28b0fc0SDavid Woodhouse 39e33cb789SDavid Woodhouse #define ENTRIES_PER_FRAME_V1 (XEN_PAGE_SIZE / sizeof(grant_entry_v1_t)) 40e33cb789SDavid Woodhouse 41b08d88e3SDavid Woodhouse static struct gnttab_backend_ops emu_gnttab_backend_ops; 42b08d88e3SDavid Woodhouse 43a28b0fc0SDavid Woodhouse struct XenGnttabState { 44a28b0fc0SDavid Woodhouse /*< private >*/ 45a28b0fc0SDavid Woodhouse SysBusDevice busdev; 46a28b0fc0SDavid Woodhouse /*< public >*/ 47a28b0fc0SDavid Woodhouse 48e33cb789SDavid Woodhouse QemuMutex gnt_lock; 49e33cb789SDavid Woodhouse 50a28b0fc0SDavid Woodhouse uint32_t nr_frames; 51a28b0fc0SDavid Woodhouse uint32_t max_frames; 52e33cb789SDavid Woodhouse 53e33cb789SDavid Woodhouse union { 54e33cb789SDavid Woodhouse grant_entry_v1_t *v1; 55e33cb789SDavid Woodhouse /* Theoretically, v2 support could be added here. */ 56e33cb789SDavid Woodhouse } entries; 57e33cb789SDavid Woodhouse 58e33cb789SDavid Woodhouse MemoryRegion gnt_frames; 59e33cb789SDavid Woodhouse MemoryRegion *gnt_aliases; 60e33cb789SDavid Woodhouse uint64_t *gnt_frame_gpas; 61b08d88e3SDavid Woodhouse 62b08d88e3SDavid Woodhouse uint8_t *map_track; 63a28b0fc0SDavid Woodhouse }; 64a28b0fc0SDavid Woodhouse 65a28b0fc0SDavid Woodhouse struct XenGnttabState *xen_gnttab_singleton; 66a28b0fc0SDavid Woodhouse 67a28b0fc0SDavid Woodhouse static void xen_gnttab_realize(DeviceState *dev, Error **errp) 68a28b0fc0SDavid Woodhouse { 69a28b0fc0SDavid Woodhouse XenGnttabState *s = XEN_GNTTAB(dev); 70e33cb789SDavid Woodhouse int i; 71a28b0fc0SDavid Woodhouse 72a28b0fc0SDavid Woodhouse if (xen_mode != XEN_EMULATE) { 73a28b0fc0SDavid Woodhouse error_setg(errp, "Xen grant table support is for Xen emulation"); 74a28b0fc0SDavid Woodhouse return; 75a28b0fc0SDavid Woodhouse } 76a28b0fc0SDavid Woodhouse s->max_frames = kvm_xen_get_gnttab_max_frames(); 77e33cb789SDavid Woodhouse memory_region_init_ram(&s->gnt_frames, OBJECT(dev), "xen:grant_table", 78e33cb789SDavid Woodhouse XEN_PAGE_SIZE * s->max_frames, &error_abort); 79e33cb789SDavid Woodhouse memory_region_set_enabled(&s->gnt_frames, true); 80e33cb789SDavid Woodhouse s->entries.v1 = memory_region_get_ram_ptr(&s->gnt_frames); 81e33cb789SDavid Woodhouse 82e33cb789SDavid Woodhouse /* Create individual page-sizes aliases for overlays */ 83e33cb789SDavid Woodhouse s->gnt_aliases = (void *)g_new0(MemoryRegion, s->max_frames); 84e33cb789SDavid Woodhouse s->gnt_frame_gpas = (void *)g_new(uint64_t, s->max_frames); 85e33cb789SDavid Woodhouse for (i = 0; i < s->max_frames; i++) { 86e33cb789SDavid Woodhouse memory_region_init_alias(&s->gnt_aliases[i], OBJECT(dev), 87e33cb789SDavid Woodhouse NULL, &s->gnt_frames, 88e33cb789SDavid Woodhouse i * XEN_PAGE_SIZE, XEN_PAGE_SIZE); 89e33cb789SDavid Woodhouse s->gnt_frame_gpas[i] = INVALID_GPA; 90e33cb789SDavid Woodhouse } 91e33cb789SDavid Woodhouse 92de26b261SDavid Woodhouse s->nr_frames = 0; 93de26b261SDavid Woodhouse memset(s->entries.v1, 0, XEN_PAGE_SIZE * s->max_frames); 94b08d88e3SDavid Woodhouse s->entries.v1[GNTTAB_RESERVED_XENSTORE].flags = GTF_permit_access; 95b08d88e3SDavid Woodhouse s->entries.v1[GNTTAB_RESERVED_XENSTORE].frame = XEN_SPECIAL_PFN(XENSTORE); 96de26b261SDavid Woodhouse 97e33cb789SDavid Woodhouse qemu_mutex_init(&s->gnt_lock); 98e33cb789SDavid Woodhouse 99e33cb789SDavid Woodhouse xen_gnttab_singleton = s; 100b08d88e3SDavid Woodhouse 101b08d88e3SDavid Woodhouse s->map_track = g_new0(uint8_t, s->max_frames * ENTRIES_PER_FRAME_V1); 102b08d88e3SDavid Woodhouse 103b08d88e3SDavid Woodhouse xen_gnttab_ops = &emu_gnttab_backend_ops; 104e33cb789SDavid Woodhouse } 105e33cb789SDavid Woodhouse 106e33cb789SDavid Woodhouse static int xen_gnttab_post_load(void *opaque, int version_id) 107e33cb789SDavid Woodhouse { 108e33cb789SDavid Woodhouse XenGnttabState *s = XEN_GNTTAB(opaque); 109e33cb789SDavid Woodhouse uint32_t i; 110e33cb789SDavid Woodhouse 111e33cb789SDavid Woodhouse for (i = 0; i < s->nr_frames; i++) { 112e33cb789SDavid Woodhouse if (s->gnt_frame_gpas[i] != INVALID_GPA) { 113e33cb789SDavid Woodhouse xen_overlay_do_map_page(&s->gnt_aliases[i], s->gnt_frame_gpas[i]); 114e33cb789SDavid Woodhouse } 115e33cb789SDavid Woodhouse } 116e33cb789SDavid Woodhouse return 0; 117a28b0fc0SDavid Woodhouse } 118a28b0fc0SDavid Woodhouse 119a28b0fc0SDavid Woodhouse static bool xen_gnttab_is_needed(void *opaque) 120a28b0fc0SDavid Woodhouse { 121a28b0fc0SDavid Woodhouse return xen_mode == XEN_EMULATE; 122a28b0fc0SDavid Woodhouse } 123a28b0fc0SDavid Woodhouse 124a28b0fc0SDavid Woodhouse static const VMStateDescription xen_gnttab_vmstate = { 125a28b0fc0SDavid Woodhouse .name = "xen_gnttab", 126a28b0fc0SDavid Woodhouse .version_id = 1, 127a28b0fc0SDavid Woodhouse .minimum_version_id = 1, 128a28b0fc0SDavid Woodhouse .needed = xen_gnttab_is_needed, 129e33cb789SDavid Woodhouse .post_load = xen_gnttab_post_load, 1309231a017SRichard Henderson .fields = (const VMStateField[]) { 131a28b0fc0SDavid Woodhouse VMSTATE_UINT32(nr_frames, XenGnttabState), 132e33cb789SDavid Woodhouse VMSTATE_VARRAY_UINT32(gnt_frame_gpas, XenGnttabState, nr_frames, 0, 133e33cb789SDavid Woodhouse vmstate_info_uint64, uint64_t), 134a28b0fc0SDavid Woodhouse VMSTATE_END_OF_LIST() 135a28b0fc0SDavid Woodhouse } 136a28b0fc0SDavid Woodhouse }; 137a28b0fc0SDavid Woodhouse 138*12d1a768SPhilippe Mathieu-Daudé static void xen_gnttab_class_init(ObjectClass *klass, const void *data) 139a28b0fc0SDavid Woodhouse { 140a28b0fc0SDavid Woodhouse DeviceClass *dc = DEVICE_CLASS(klass); 141a28b0fc0SDavid Woodhouse 142a28b0fc0SDavid Woodhouse dc->realize = xen_gnttab_realize; 143a28b0fc0SDavid Woodhouse dc->vmsd = &xen_gnttab_vmstate; 144a28b0fc0SDavid Woodhouse } 145a28b0fc0SDavid Woodhouse 146a28b0fc0SDavid Woodhouse static const TypeInfo xen_gnttab_info = { 147a28b0fc0SDavid Woodhouse .name = TYPE_XEN_GNTTAB, 148a28b0fc0SDavid Woodhouse .parent = TYPE_SYS_BUS_DEVICE, 149a28b0fc0SDavid Woodhouse .instance_size = sizeof(XenGnttabState), 150a28b0fc0SDavid Woodhouse .class_init = xen_gnttab_class_init, 151a28b0fc0SDavid Woodhouse }; 152a28b0fc0SDavid Woodhouse 153a28b0fc0SDavid Woodhouse void xen_gnttab_create(void) 154a28b0fc0SDavid Woodhouse { 155a28b0fc0SDavid Woodhouse xen_gnttab_singleton = XEN_GNTTAB(sysbus_create_simple(TYPE_XEN_GNTTAB, 156a28b0fc0SDavid Woodhouse -1, NULL)); 157a28b0fc0SDavid Woodhouse } 158a28b0fc0SDavid Woodhouse 159a28b0fc0SDavid Woodhouse static void xen_gnttab_register_types(void) 160a28b0fc0SDavid Woodhouse { 161a28b0fc0SDavid Woodhouse type_register_static(&xen_gnttab_info); 162a28b0fc0SDavid Woodhouse } 163a28b0fc0SDavid Woodhouse 164a28b0fc0SDavid Woodhouse type_init(xen_gnttab_register_types) 165a28b0fc0SDavid Woodhouse 166a28b0fc0SDavid Woodhouse int xen_gnttab_map_page(uint64_t idx, uint64_t gfn) 167a28b0fc0SDavid Woodhouse { 168e33cb789SDavid Woodhouse XenGnttabState *s = xen_gnttab_singleton; 169e33cb789SDavid Woodhouse uint64_t gpa = gfn << XEN_PAGE_SHIFT; 170e33cb789SDavid Woodhouse 171e33cb789SDavid Woodhouse if (!s) { 172e33cb789SDavid Woodhouse return -ENOTSUP; 173e33cb789SDavid Woodhouse } 174e33cb789SDavid Woodhouse 175e33cb789SDavid Woodhouse if (idx >= s->max_frames) { 176e33cb789SDavid Woodhouse return -EINVAL; 177e33cb789SDavid Woodhouse } 178e33cb789SDavid Woodhouse 17932ead8e6SStefan Hajnoczi BQL_LOCK_GUARD(); 180e33cb789SDavid Woodhouse QEMU_LOCK_GUARD(&s->gnt_lock); 181e33cb789SDavid Woodhouse 182e33cb789SDavid Woodhouse xen_overlay_do_map_page(&s->gnt_aliases[idx], gpa); 183e33cb789SDavid Woodhouse 184e33cb789SDavid Woodhouse s->gnt_frame_gpas[idx] = gpa; 185e33cb789SDavid Woodhouse 186e33cb789SDavid Woodhouse if (s->nr_frames <= idx) { 187e33cb789SDavid Woodhouse s->nr_frames = idx + 1; 188e33cb789SDavid Woodhouse } 189e33cb789SDavid Woodhouse 190e33cb789SDavid Woodhouse return 0; 191a28b0fc0SDavid Woodhouse } 192a28b0fc0SDavid Woodhouse 19328b7ae94SDavid Woodhouse int xen_gnttab_set_version_op(struct gnttab_set_version *set) 19428b7ae94SDavid Woodhouse { 19528b7ae94SDavid Woodhouse int ret; 19628b7ae94SDavid Woodhouse 19728b7ae94SDavid Woodhouse switch (set->version) { 19828b7ae94SDavid Woodhouse case 1: 19928b7ae94SDavid Woodhouse ret = 0; 20028b7ae94SDavid Woodhouse break; 20128b7ae94SDavid Woodhouse 20228b7ae94SDavid Woodhouse case 2: 20328b7ae94SDavid Woodhouse /* Behave as before set_version was introduced. */ 20428b7ae94SDavid Woodhouse ret = -ENOSYS; 20528b7ae94SDavid Woodhouse break; 20628b7ae94SDavid Woodhouse 20728b7ae94SDavid Woodhouse default: 20828b7ae94SDavid Woodhouse ret = -EINVAL; 20928b7ae94SDavid Woodhouse } 21028b7ae94SDavid Woodhouse 21128b7ae94SDavid Woodhouse set->version = 1; 21228b7ae94SDavid Woodhouse return ret; 21328b7ae94SDavid Woodhouse } 21428b7ae94SDavid Woodhouse 21528b7ae94SDavid Woodhouse int xen_gnttab_get_version_op(struct gnttab_get_version *get) 21628b7ae94SDavid Woodhouse { 21728b7ae94SDavid Woodhouse if (get->dom != DOMID_SELF && get->dom != xen_domid) { 21828b7ae94SDavid Woodhouse return -ESRCH; 21928b7ae94SDavid Woodhouse } 22028b7ae94SDavid Woodhouse 22128b7ae94SDavid Woodhouse get->version = 1; 22228b7ae94SDavid Woodhouse return 0; 22328b7ae94SDavid Woodhouse } 224b46f9745SDavid Woodhouse 225b46f9745SDavid Woodhouse int xen_gnttab_query_size_op(struct gnttab_query_size *size) 226b46f9745SDavid Woodhouse { 227b46f9745SDavid Woodhouse XenGnttabState *s = xen_gnttab_singleton; 228b46f9745SDavid Woodhouse 229b46f9745SDavid Woodhouse if (!s) { 230b46f9745SDavid Woodhouse return -ENOTSUP; 231b46f9745SDavid Woodhouse } 232b46f9745SDavid Woodhouse 233b46f9745SDavid Woodhouse if (size->dom != DOMID_SELF && size->dom != xen_domid) { 234b46f9745SDavid Woodhouse size->status = GNTST_bad_domain; 235b46f9745SDavid Woodhouse return 0; 236b46f9745SDavid Woodhouse } 237b46f9745SDavid Woodhouse 238b46f9745SDavid Woodhouse size->status = GNTST_okay; 239b46f9745SDavid Woodhouse size->nr_frames = s->nr_frames; 240b46f9745SDavid Woodhouse size->max_nr_frames = s->max_frames; 241b46f9745SDavid Woodhouse return 0; 242b46f9745SDavid Woodhouse } 243b08d88e3SDavid Woodhouse 244b08d88e3SDavid Woodhouse /* Track per-open refs, to allow close() to clean up. */ 245b08d88e3SDavid Woodhouse struct active_ref { 246b08d88e3SDavid Woodhouse MemoryRegionSection mrs; 247b08d88e3SDavid Woodhouse void *virtaddr; 248b08d88e3SDavid Woodhouse uint32_t refcnt; 249b08d88e3SDavid Woodhouse int prot; 250b08d88e3SDavid Woodhouse }; 251b08d88e3SDavid Woodhouse 252b08d88e3SDavid Woodhouse static void gnt_unref(XenGnttabState *s, grant_ref_t ref, 253b08d88e3SDavid Woodhouse MemoryRegionSection *mrs, int prot) 254b08d88e3SDavid Woodhouse { 255b08d88e3SDavid Woodhouse if (mrs && mrs->mr) { 256b08d88e3SDavid Woodhouse if (prot & PROT_WRITE) { 257b08d88e3SDavid Woodhouse memory_region_set_dirty(mrs->mr, mrs->offset_within_region, 258b08d88e3SDavid Woodhouse XEN_PAGE_SIZE); 259b08d88e3SDavid Woodhouse } 260b08d88e3SDavid Woodhouse memory_region_unref(mrs->mr); 261b08d88e3SDavid Woodhouse mrs->mr = NULL; 262b08d88e3SDavid Woodhouse } 263b08d88e3SDavid Woodhouse assert(s->map_track[ref] != 0); 264b08d88e3SDavid Woodhouse 265b08d88e3SDavid Woodhouse if (--s->map_track[ref] == 0) { 266b08d88e3SDavid Woodhouse grant_entry_v1_t *gnt_p = &s->entries.v1[ref]; 267b08d88e3SDavid Woodhouse qatomic_and(&gnt_p->flags, (uint16_t)~(GTF_reading | GTF_writing)); 268b08d88e3SDavid Woodhouse } 269b08d88e3SDavid Woodhouse } 270b08d88e3SDavid Woodhouse 271b08d88e3SDavid Woodhouse static uint64_t gnt_ref(XenGnttabState *s, grant_ref_t ref, int prot) 272b08d88e3SDavid Woodhouse { 273b08d88e3SDavid Woodhouse uint16_t mask = GTF_type_mask | GTF_sub_page; 274b08d88e3SDavid Woodhouse grant_entry_v1_t gnt, *gnt_p; 275b08d88e3SDavid Woodhouse int retries = 0; 276b08d88e3SDavid Woodhouse 277b08d88e3SDavid Woodhouse if (ref >= s->max_frames * ENTRIES_PER_FRAME_V1 || 278b08d88e3SDavid Woodhouse s->map_track[ref] == UINT8_MAX) { 279b08d88e3SDavid Woodhouse return INVALID_GPA; 280b08d88e3SDavid Woodhouse } 281b08d88e3SDavid Woodhouse 282b08d88e3SDavid Woodhouse if (prot & PROT_WRITE) { 283b08d88e3SDavid Woodhouse mask |= GTF_readonly; 284b08d88e3SDavid Woodhouse } 285b08d88e3SDavid Woodhouse 286b08d88e3SDavid Woodhouse gnt_p = &s->entries.v1[ref]; 287b08d88e3SDavid Woodhouse 288b08d88e3SDavid Woodhouse /* 289b08d88e3SDavid Woodhouse * The guest can legitimately be changing the GTF_readonly flag. Allow 290b08d88e3SDavid Woodhouse * that, but don't let a malicious guest cause a livelock. 291b08d88e3SDavid Woodhouse */ 292b08d88e3SDavid Woodhouse for (retries = 0; retries < 5; retries++) { 293b08d88e3SDavid Woodhouse uint16_t new_flags; 294b08d88e3SDavid Woodhouse 295b08d88e3SDavid Woodhouse /* Read the entry before an atomic operation on its flags */ 296b08d88e3SDavid Woodhouse gnt = *(volatile grant_entry_v1_t *)gnt_p; 297b08d88e3SDavid Woodhouse 298b08d88e3SDavid Woodhouse if ((gnt.flags & mask) != GTF_permit_access || 299b08d88e3SDavid Woodhouse gnt.domid != DOMID_QEMU) { 300b08d88e3SDavid Woodhouse return INVALID_GPA; 301b08d88e3SDavid Woodhouse } 302b08d88e3SDavid Woodhouse 303b08d88e3SDavid Woodhouse new_flags = gnt.flags | GTF_reading; 304b08d88e3SDavid Woodhouse if (prot & PROT_WRITE) { 305b08d88e3SDavid Woodhouse new_flags |= GTF_writing; 306b08d88e3SDavid Woodhouse } 307b08d88e3SDavid Woodhouse 308b08d88e3SDavid Woodhouse if (qatomic_cmpxchg(&gnt_p->flags, gnt.flags, new_flags) == gnt.flags) { 309b08d88e3SDavid Woodhouse return (uint64_t)gnt.frame << XEN_PAGE_SHIFT; 310b08d88e3SDavid Woodhouse } 311b08d88e3SDavid Woodhouse } 312b08d88e3SDavid Woodhouse 313b08d88e3SDavid Woodhouse return INVALID_GPA; 314b08d88e3SDavid Woodhouse } 315b08d88e3SDavid Woodhouse 316b08d88e3SDavid Woodhouse struct xengntdev_handle { 317b08d88e3SDavid Woodhouse GHashTable *active_maps; 318b08d88e3SDavid Woodhouse }; 319b08d88e3SDavid Woodhouse 320b08d88e3SDavid Woodhouse static int xen_be_gnttab_set_max_grants(struct xengntdev_handle *xgt, 321b08d88e3SDavid Woodhouse uint32_t nr_grants) 322b08d88e3SDavid Woodhouse { 323b08d88e3SDavid Woodhouse return 0; 324b08d88e3SDavid Woodhouse } 325b08d88e3SDavid Woodhouse 326b08d88e3SDavid Woodhouse static void *xen_be_gnttab_map_refs(struct xengntdev_handle *xgt, 327b08d88e3SDavid Woodhouse uint32_t count, uint32_t domid, 328b08d88e3SDavid Woodhouse uint32_t *refs, int prot) 329b08d88e3SDavid Woodhouse { 330b08d88e3SDavid Woodhouse XenGnttabState *s = xen_gnttab_singleton; 331b08d88e3SDavid Woodhouse struct active_ref *act; 332b08d88e3SDavid Woodhouse 333b08d88e3SDavid Woodhouse if (!s) { 334b08d88e3SDavid Woodhouse errno = ENOTSUP; 335b08d88e3SDavid Woodhouse return NULL; 336b08d88e3SDavid Woodhouse } 337b08d88e3SDavid Woodhouse 338b08d88e3SDavid Woodhouse if (domid != xen_domid) { 339b08d88e3SDavid Woodhouse errno = EINVAL; 340b08d88e3SDavid Woodhouse return NULL; 341b08d88e3SDavid Woodhouse } 342b08d88e3SDavid Woodhouse 343b08d88e3SDavid Woodhouse if (!count || count > 4096) { 344b08d88e3SDavid Woodhouse errno = EINVAL; 345b08d88e3SDavid Woodhouse return NULL; 346b08d88e3SDavid Woodhouse } 347b08d88e3SDavid Woodhouse 348b08d88e3SDavid Woodhouse /* 349b08d88e3SDavid Woodhouse * Making a contiguous mapping from potentially discontiguous grant 350b08d88e3SDavid Woodhouse * references would be... distinctly non-trivial. We don't support it. 351b08d88e3SDavid Woodhouse * Even changing the API to return an array of pointers, one per page, 352b08d88e3SDavid Woodhouse * wouldn't be simple to use in PV backends because some structures 353b08d88e3SDavid Woodhouse * actually cross page boundaries (e.g. 32-bit blkif_response ring 354b08d88e3SDavid Woodhouse * entries are 12 bytes). 355b08d88e3SDavid Woodhouse */ 356b08d88e3SDavid Woodhouse if (count != 1) { 357b08d88e3SDavid Woodhouse errno = EINVAL; 358b08d88e3SDavid Woodhouse return NULL; 359b08d88e3SDavid Woodhouse } 360b08d88e3SDavid Woodhouse 361b08d88e3SDavid Woodhouse QEMU_LOCK_GUARD(&s->gnt_lock); 362b08d88e3SDavid Woodhouse 363b08d88e3SDavid Woodhouse act = g_hash_table_lookup(xgt->active_maps, GINT_TO_POINTER(refs[0])); 364b08d88e3SDavid Woodhouse if (act) { 365b08d88e3SDavid Woodhouse if ((prot & PROT_WRITE) && !(act->prot & PROT_WRITE)) { 366b08d88e3SDavid Woodhouse if (gnt_ref(s, refs[0], prot) == INVALID_GPA) { 367b08d88e3SDavid Woodhouse return NULL; 368b08d88e3SDavid Woodhouse } 369b08d88e3SDavid Woodhouse act->prot |= PROT_WRITE; 370b08d88e3SDavid Woodhouse } 371b08d88e3SDavid Woodhouse act->refcnt++; 372b08d88e3SDavid Woodhouse } else { 373b08d88e3SDavid Woodhouse uint64_t gpa = gnt_ref(s, refs[0], prot); 374b08d88e3SDavid Woodhouse if (gpa == INVALID_GPA) { 375b08d88e3SDavid Woodhouse errno = EINVAL; 376b08d88e3SDavid Woodhouse return NULL; 377b08d88e3SDavid Woodhouse } 378b08d88e3SDavid Woodhouse 379b08d88e3SDavid Woodhouse act = g_new0(struct active_ref, 1); 380b08d88e3SDavid Woodhouse act->prot = prot; 381b08d88e3SDavid Woodhouse act->refcnt = 1; 382b08d88e3SDavid Woodhouse act->mrs = memory_region_find(get_system_memory(), gpa, XEN_PAGE_SIZE); 383b08d88e3SDavid Woodhouse 384b08d88e3SDavid Woodhouse if (act->mrs.mr && 385b08d88e3SDavid Woodhouse !int128_lt(act->mrs.size, int128_make64(XEN_PAGE_SIZE)) && 386b08d88e3SDavid Woodhouse memory_region_get_ram_addr(act->mrs.mr) != RAM_ADDR_INVALID) { 387b08d88e3SDavid Woodhouse act->virtaddr = qemu_map_ram_ptr(act->mrs.mr->ram_block, 388b08d88e3SDavid Woodhouse act->mrs.offset_within_region); 389b08d88e3SDavid Woodhouse } 390b08d88e3SDavid Woodhouse if (!act->virtaddr) { 391b08d88e3SDavid Woodhouse gnt_unref(s, refs[0], &act->mrs, 0); 392b08d88e3SDavid Woodhouse g_free(act); 393b08d88e3SDavid Woodhouse errno = EINVAL; 394b08d88e3SDavid Woodhouse return NULL; 395b08d88e3SDavid Woodhouse } 396b08d88e3SDavid Woodhouse 397b08d88e3SDavid Woodhouse s->map_track[refs[0]]++; 398b08d88e3SDavid Woodhouse g_hash_table_insert(xgt->active_maps, GINT_TO_POINTER(refs[0]), act); 399b08d88e3SDavid Woodhouse } 400b08d88e3SDavid Woodhouse 401b08d88e3SDavid Woodhouse return act->virtaddr; 402b08d88e3SDavid Woodhouse } 403b08d88e3SDavid Woodhouse 404b08d88e3SDavid Woodhouse static gboolean do_unmap(gpointer key, gpointer value, gpointer user_data) 405b08d88e3SDavid Woodhouse { 406b08d88e3SDavid Woodhouse XenGnttabState *s = user_data; 407b08d88e3SDavid Woodhouse grant_ref_t gref = GPOINTER_TO_INT(key); 408b08d88e3SDavid Woodhouse struct active_ref *act = value; 409b08d88e3SDavid Woodhouse 410b08d88e3SDavid Woodhouse gnt_unref(s, gref, &act->mrs, act->prot); 411b08d88e3SDavid Woodhouse g_free(act); 412b08d88e3SDavid Woodhouse return true; 413b08d88e3SDavid Woodhouse } 414b08d88e3SDavid Woodhouse 415b08d88e3SDavid Woodhouse static int xen_be_gnttab_unmap(struct xengntdev_handle *xgt, 416b08d88e3SDavid Woodhouse void *start_address, uint32_t *refs, 417b08d88e3SDavid Woodhouse uint32_t count) 418b08d88e3SDavid Woodhouse { 419b08d88e3SDavid Woodhouse XenGnttabState *s = xen_gnttab_singleton; 420b08d88e3SDavid Woodhouse struct active_ref *act; 421b08d88e3SDavid Woodhouse 422b08d88e3SDavid Woodhouse if (!s) { 423b08d88e3SDavid Woodhouse return -ENOTSUP; 424b08d88e3SDavid Woodhouse } 425b08d88e3SDavid Woodhouse 426b08d88e3SDavid Woodhouse if (count != 1) { 427b08d88e3SDavid Woodhouse return -EINVAL; 428b08d88e3SDavid Woodhouse } 429b08d88e3SDavid Woodhouse 430b08d88e3SDavid Woodhouse QEMU_LOCK_GUARD(&s->gnt_lock); 431b08d88e3SDavid Woodhouse 432b08d88e3SDavid Woodhouse act = g_hash_table_lookup(xgt->active_maps, GINT_TO_POINTER(refs[0])); 433b08d88e3SDavid Woodhouse if (!act) { 434b08d88e3SDavid Woodhouse return -ENOENT; 435b08d88e3SDavid Woodhouse } 436b08d88e3SDavid Woodhouse 437b08d88e3SDavid Woodhouse if (act->virtaddr != start_address) { 438b08d88e3SDavid Woodhouse return -EINVAL; 439b08d88e3SDavid Woodhouse } 440b08d88e3SDavid Woodhouse 441b08d88e3SDavid Woodhouse if (!--act->refcnt) { 442b08d88e3SDavid Woodhouse do_unmap(GINT_TO_POINTER(refs[0]), act, s); 443b08d88e3SDavid Woodhouse g_hash_table_remove(xgt->active_maps, GINT_TO_POINTER(refs[0])); 444b08d88e3SDavid Woodhouse } 445b08d88e3SDavid Woodhouse 446b08d88e3SDavid Woodhouse return 0; 447b08d88e3SDavid Woodhouse } 448b08d88e3SDavid Woodhouse 449b08d88e3SDavid Woodhouse /* 450b08d88e3SDavid Woodhouse * This looks a bit like the one for true Xen in xen-operations.c but 451b08d88e3SDavid Woodhouse * in emulation we don't support multi-page mappings. And under Xen we 452b08d88e3SDavid Woodhouse * *want* the multi-page mappings so we have fewer bounces through the 453b08d88e3SDavid Woodhouse * kernel and the hypervisor. So the code paths end up being similar, 454b08d88e3SDavid Woodhouse * but different. 455b08d88e3SDavid Woodhouse */ 456b08d88e3SDavid Woodhouse static int xen_be_gnttab_copy(struct xengntdev_handle *xgt, bool to_domain, 457b08d88e3SDavid Woodhouse uint32_t domid, XenGrantCopySegment *segs, 458b08d88e3SDavid Woodhouse uint32_t nr_segs, Error **errp) 459b08d88e3SDavid Woodhouse { 460b08d88e3SDavid Woodhouse int prot = to_domain ? PROT_WRITE : PROT_READ; 461b08d88e3SDavid Woodhouse unsigned int i; 462b08d88e3SDavid Woodhouse 463b08d88e3SDavid Woodhouse for (i = 0; i < nr_segs; i++) { 464b08d88e3SDavid Woodhouse XenGrantCopySegment *seg = &segs[i]; 465b08d88e3SDavid Woodhouse void *page; 466b08d88e3SDavid Woodhouse uint32_t ref = to_domain ? seg->dest.foreign.ref : 467b08d88e3SDavid Woodhouse seg->source.foreign.ref; 468b08d88e3SDavid Woodhouse 469b08d88e3SDavid Woodhouse page = xen_be_gnttab_map_refs(xgt, 1, domid, &ref, prot); 470b08d88e3SDavid Woodhouse if (!page) { 471b08d88e3SDavid Woodhouse if (errp) { 472b08d88e3SDavid Woodhouse error_setg_errno(errp, errno, 473b08d88e3SDavid Woodhouse "xen_be_gnttab_map_refs failed"); 474b08d88e3SDavid Woodhouse } 475b08d88e3SDavid Woodhouse return -errno; 476b08d88e3SDavid Woodhouse } 477b08d88e3SDavid Woodhouse 478b08d88e3SDavid Woodhouse if (to_domain) { 479b08d88e3SDavid Woodhouse memcpy(page + seg->dest.foreign.offset, seg->source.virt, 480b08d88e3SDavid Woodhouse seg->len); 481b08d88e3SDavid Woodhouse } else { 482b08d88e3SDavid Woodhouse memcpy(seg->dest.virt, page + seg->source.foreign.offset, 483b08d88e3SDavid Woodhouse seg->len); 484b08d88e3SDavid Woodhouse } 485b08d88e3SDavid Woodhouse 486b08d88e3SDavid Woodhouse if (xen_be_gnttab_unmap(xgt, page, &ref, 1)) { 487b08d88e3SDavid Woodhouse if (errp) { 488b08d88e3SDavid Woodhouse error_setg_errno(errp, errno, "xen_be_gnttab_unmap failed"); 489b08d88e3SDavid Woodhouse } 490b08d88e3SDavid Woodhouse return -errno; 491b08d88e3SDavid Woodhouse } 492b08d88e3SDavid Woodhouse } 493b08d88e3SDavid Woodhouse 494b08d88e3SDavid Woodhouse return 0; 495b08d88e3SDavid Woodhouse } 496b08d88e3SDavid Woodhouse 497b08d88e3SDavid Woodhouse static struct xengntdev_handle *xen_be_gnttab_open(void) 498b08d88e3SDavid Woodhouse { 499b08d88e3SDavid Woodhouse struct xengntdev_handle *xgt = g_new0(struct xengntdev_handle, 1); 500b08d88e3SDavid Woodhouse 501b08d88e3SDavid Woodhouse xgt->active_maps = g_hash_table_new(g_direct_hash, g_direct_equal); 502b08d88e3SDavid Woodhouse return xgt; 503b08d88e3SDavid Woodhouse } 504b08d88e3SDavid Woodhouse 505b08d88e3SDavid Woodhouse static int xen_be_gnttab_close(struct xengntdev_handle *xgt) 506b08d88e3SDavid Woodhouse { 507b08d88e3SDavid Woodhouse XenGnttabState *s = xen_gnttab_singleton; 508b08d88e3SDavid Woodhouse 509b08d88e3SDavid Woodhouse if (!s) { 510b08d88e3SDavid Woodhouse return -ENOTSUP; 511b08d88e3SDavid Woodhouse } 512b08d88e3SDavid Woodhouse 513b08d88e3SDavid Woodhouse g_hash_table_foreach_remove(xgt->active_maps, do_unmap, s); 514b08d88e3SDavid Woodhouse g_hash_table_destroy(xgt->active_maps); 515b08d88e3SDavid Woodhouse g_free(xgt); 516b08d88e3SDavid Woodhouse return 0; 517b08d88e3SDavid Woodhouse } 518b08d88e3SDavid Woodhouse 519b08d88e3SDavid Woodhouse static struct gnttab_backend_ops emu_gnttab_backend_ops = { 520b08d88e3SDavid Woodhouse .open = xen_be_gnttab_open, 521b08d88e3SDavid Woodhouse .close = xen_be_gnttab_close, 522b08d88e3SDavid Woodhouse .grant_copy = xen_be_gnttab_copy, 523b08d88e3SDavid Woodhouse .set_max_grants = xen_be_gnttab_set_max_grants, 524b08d88e3SDavid Woodhouse .map_refs = xen_be_gnttab_map_refs, 525b08d88e3SDavid Woodhouse .unmap = xen_be_gnttab_unmap, 526b08d88e3SDavid Woodhouse }; 527b08d88e3SDavid Woodhouse 528de26b261SDavid Woodhouse int xen_gnttab_reset(void) 529de26b261SDavid Woodhouse { 530de26b261SDavid Woodhouse XenGnttabState *s = xen_gnttab_singleton; 531de26b261SDavid Woodhouse 532de26b261SDavid Woodhouse if (!s) { 533de26b261SDavid Woodhouse return -ENOTSUP; 534de26b261SDavid Woodhouse } 535de26b261SDavid Woodhouse 536de26b261SDavid Woodhouse QEMU_LOCK_GUARD(&s->gnt_lock); 537de26b261SDavid Woodhouse 538de26b261SDavid Woodhouse s->nr_frames = 0; 539de26b261SDavid Woodhouse 540de26b261SDavid Woodhouse memset(s->entries.v1, 0, XEN_PAGE_SIZE * s->max_frames); 541de26b261SDavid Woodhouse s->entries.v1[GNTTAB_RESERVED_XENSTORE].flags = GTF_permit_access; 542de26b261SDavid Woodhouse s->entries.v1[GNTTAB_RESERVED_XENSTORE].frame = XEN_SPECIAL_PFN(XENSTORE); 543de26b261SDavid Woodhouse 544a72ccc7fSDavid Woodhouse if (xen_primary_console_get_pfn()) { 545a72ccc7fSDavid Woodhouse s->entries.v1[GNTTAB_RESERVED_CONSOLE].flags = GTF_permit_access; 546a72ccc7fSDavid Woodhouse s->entries.v1[GNTTAB_RESERVED_CONSOLE].frame = XEN_SPECIAL_PFN(CONSOLE); 547a72ccc7fSDavid Woodhouse } 548a72ccc7fSDavid Woodhouse 549de26b261SDavid Woodhouse return 0; 550de26b261SDavid Woodhouse } 551