4
4
* Author: Michael S. Tsirkin <mst@redhat.com>
6
6
* Inspiration, some code, and most witty comments come from
7
* Documentation/lguest/lguest.c, by Rusty Russell
7
* Documentation/virtual/lguest/lguest.c, by Rusty Russell
9
9
* This work is licensed under the terms of the GNU GPL, version 2.
37
37
VHOST_MEMORY_F_LOG = 0x1,
40
#define vhost_used_event(vq) ((u16 __user *)&vq->avail->ring[vq->num])
41
#define vhost_avail_event(vq) ((u16 __user *)&vq->used->ring[vq->num])
40
43
static void vhost_poll_func(struct file *file, wait_queue_head_t *wqh,
43
46
struct vhost_poll *poll;
44
48
poll = container_of(pt, struct vhost_poll, table);
47
50
add_wait_queue(wqh, &poll->wait);
85
88
void vhost_poll_start(struct vhost_poll *poll, struct file *file)
87
90
unsigned long mask;
88
92
mask = file->f_op->poll(file, &poll->table);
90
94
vhost_poll_wakeup(&poll->wait, 0, 0, (void *)mask);
298
308
struct vhost_attach_cgroups_struct {
299
struct vhost_work work;
300
struct task_struct *owner;
309
struct vhost_work work;
310
struct task_struct *owner;
304
314
static void vhost_attach_cgroups_work(struct vhost_work *work)
306
struct vhost_attach_cgroups_struct *s;
307
s = container_of(work, struct vhost_attach_cgroups_struct, work);
308
s->ret = cgroup_attach_task_all(s->owner, current);
316
struct vhost_attach_cgroups_struct *s;
318
s = container_of(work, struct vhost_attach_cgroups_struct, work);
319
s->ret = cgroup_attach_task_all(s->owner, current);
311
322
static int vhost_attach_cgroups(struct vhost_dev *dev)
313
struct vhost_attach_cgroups_struct attach;
314
attach.owner = current;
315
vhost_work_init(&attach.work, vhost_attach_cgroups_work);
316
vhost_work_queue(dev, &attach.work);
317
vhost_work_flush(dev, &attach.work);
324
struct vhost_attach_cgroups_struct attach;
326
attach.owner = current;
327
vhost_work_init(&attach.work, vhost_attach_cgroups_work);
328
vhost_work_queue(dev, &attach.work);
329
vhost_work_flush(dev, &attach.work);
321
333
/* Caller should have device mutex */
324
336
struct task_struct *worker;
326
339
/* Is there an owner already? */
331
345
/* No owner, become one */
332
346
dev->mm = get_task_mm(current);
333
347
worker = kthread_create(vhost_worker, dev, "vhost-%d", current->pid);
421
436
static int log_access_ok(void __user *log_base, u64 addr, unsigned long sz)
423
438
u64 a = addr / VHOST_PAGE_SIZE / 8;
424
440
/* Make sure 64 bit math will not overflow. */
425
441
if (a > ULONG_MAX - (unsigned long)log_base ||
426
442
a + (unsigned long)log_base > ULONG_MAX)
480
static int vq_access_ok(unsigned int num,
497
static int vq_access_ok(struct vhost_dev *d, unsigned int num,
481
498
struct vring_desc __user *desc,
482
499
struct vring_avail __user *avail,
483
500
struct vring_used __user *used)
502
size_t s = vhost_has_feature(d, VIRTIO_RING_F_EVENT_IDX) ? 2 : 0;
485
503
return access_ok(VERIFY_READ, desc, num * sizeof *desc) &&
486
504
access_ok(VERIFY_READ, avail,
487
sizeof *avail + num * sizeof *avail->ring) &&
505
sizeof *avail + num * sizeof *avail->ring + s) &&
488
506
access_ok(VERIFY_WRITE, used,
489
sizeof *used + num * sizeof *used->ring);
507
sizeof *used + num * sizeof *used->ring + s);
492
510
/* Can we log writes? */
503
521
/* Verify access for write logging. */
504
522
/* Caller should have vq mutex and device mutex */
505
static int vq_log_access_ok(struct vhost_virtqueue *vq, void __user *log_base)
523
static int vq_log_access_ok(struct vhost_dev *d, struct vhost_virtqueue *vq,
524
void __user *log_base)
507
526
struct vhost_memory *mp;
527
size_t s = vhost_has_feature(d, VIRTIO_RING_F_EVENT_IDX) ? 2 : 0;
509
529
mp = rcu_dereference_protected(vq->dev->memory,
510
530
lockdep_is_held(&vq->mutex));
512
532
vhost_has_feature(vq->dev, VHOST_F_LOG_ALL)) &&
513
533
(!vq->log_used || log_access_ok(log_base, vq->log_addr,
514
534
sizeof *vq->used +
515
vq->num * sizeof *vq->used->ring));
535
vq->num * sizeof *vq->used->ring + s));
518
538
/* Can we start vq? */
519
539
/* Caller should have vq mutex and device mutex */
520
540
int vhost_vq_access_ok(struct vhost_virtqueue *vq)
522
return vq_access_ok(vq->num, vq->desc, vq->avail, vq->used) &&
523
vq_log_access_ok(vq, vq->log_base);
542
return vq_access_ok(vq->dev, vq->num, vq->desc, vq->avail, vq->used) &&
543
vq_log_access_ok(vq->dev, vq, vq->log_base);
526
546
static long vhost_set_memory(struct vhost_dev *d, struct vhost_memory __user *m)
528
548
struct vhost_memory mem, *newmem, *oldmem;
529
549
unsigned long size = offsetof(struct vhost_memory, regions);
530
551
if (copy_from_user(&mem, m, size))
547
if (!memory_access_ok(d, newmem, vhost_has_feature(d, VHOST_F_LOG_ALL))) {
568
if (!memory_access_ok(d, newmem,
569
vhost_has_feature(d, VHOST_F_LOG_ALL))) {
560
582
struct vring_used __user *used)
562
584
int r = put_user(vq->used_flags, &used->flags);
588
vq->signalled_used_valid = false;
565
589
return get_user(vq->last_used_idx, &used->idx);
659
683
* If it is not, we don't as size might not have been setup.
660
684
* We will verify when backend is configured. */
661
685
if (vq->private_data) {
662
if (!vq_access_ok(vq->num,
686
if (!vq_access_ok(d, vq->num,
663
687
(void __user *)(unsigned long)a.desc_user_addr,
664
688
(void __user *)(unsigned long)a.avail_user_addr,
665
689
(void __user *)(unsigned long)a.used_user_addr)) {
804
828
mutex_lock(&vq->mutex);
805
829
/* If ring is inactive, will check when it's enabled. */
806
if (vq->private_data && !vq_log_access_ok(vq, base))
830
if (vq->private_data && !vq_log_access_ok(d, vq, base))
809
833
vq->log_base = base;
1038
1065
return -EINVAL;
1040
if (unlikely(memcpy_fromiovec((unsigned char *)&desc, vq->indirect,
1067
if (unlikely(memcpy_fromiovec((unsigned char *)&desc,
1068
vq->indirect, sizeof desc))) {
1042
1069
vq_err(vq, "Failed indirect descriptor: idx %d, %zx\n",
1043
1070
i, (size_t)indirect->addr + i * sizeof desc);
1044
1071
return -EINVAL;
1153
1180
i, vq->num, head);
1154
1181
return -EINVAL;
1156
ret = copy_from_user(&desc, vq->desc + i, sizeof desc);
1183
ret = __copy_from_user(&desc, vq->desc + i, sizeof desc);
1157
1184
if (unlikely(ret)) {
1158
1185
vq_err(vq, "Failed to get descriptor: idx %d addr %p\n",
1159
1186
i, vq->desc + i);
1202
1229
/* On success, increment avail index. */
1203
1230
vq->last_avail_idx++;
1232
/* Assume notifications from guest are disabled at this point,
1233
* if they aren't we would need to update avail_event index. */
1234
BUG_ON(!(vq->used_flags & VRING_USED_F_NO_NOTIFY));
1249
1280
eventfd_signal(vq->log_ctx, 1);
1251
1282
vq->last_used_idx++;
1283
/* If the driver never bothers to signal in a very long while,
1284
* used index might wrap around. If that happens, invalidate
1285
* signalled_used index we stored. TODO: make sure driver
1286
* signals at least once in 2^16 and remove this. */
1287
if (unlikely(vq->last_used_idx == vq->signalled_used))
1288
vq->signalled_used_valid = false;
1274
1312
((void __user *)used - (void __user *)vq->used),
1275
1313
count * sizeof *used);
1277
vq->last_used_idx += count;
1315
old = vq->last_used_idx;
1316
new = (vq->last_used_idx += count);
1317
/* If the driver never bothers to signal in a very long while,
1318
* used index might wrap around. If that happens, invalidate
1319
* signalled_used index we stored. TODO: make sure driver
1320
* signals at least once in 2^16 and remove this. */
1321
if (unlikely((u16)(new - vq->signalled_used) < (u16)(new - old)))
1322
vq->signalled_used_valid = false;
1316
/* This actually signals the guest, using eventfd. */
1317
void vhost_signal(struct vhost_dev *dev, struct vhost_virtqueue *vq)
1361
static bool vhost_notify(struct vhost_dev *dev, struct vhost_virtqueue *vq)
1363
__u16 old, new, event;
1320
1365
/* Flush out used index updates. This is paired
1321
1366
* with the barrier that the Guest executes when enabling
1322
1367
* interrupts. */
1325
if (__get_user(flags, &vq->avail->flags)) {
1326
vq_err(vq, "Failed to get flags");
1330
/* If they don't want an interrupt, don't signal, unless empty. */
1331
if ((flags & VRING_AVAIL_F_NO_INTERRUPT) &&
1332
(vq->avail_idx != vq->last_avail_idx ||
1333
!vhost_has_feature(dev, VIRTIO_F_NOTIFY_ON_EMPTY)))
1370
if (vhost_has_feature(dev, VIRTIO_F_NOTIFY_ON_EMPTY) &&
1371
unlikely(vq->avail_idx == vq->last_avail_idx))
1374
if (!vhost_has_feature(dev, VIRTIO_RING_F_EVENT_IDX)) {
1376
if (__get_user(flags, &vq->avail->flags)) {
1377
vq_err(vq, "Failed to get flags");
1380
return !(flags & VRING_AVAIL_F_NO_INTERRUPT);
1382
old = vq->signalled_used;
1383
v = vq->signalled_used_valid;
1384
new = vq->signalled_used = vq->last_used_idx;
1385
vq->signalled_used_valid = true;
1390
if (get_user(event, vhost_used_event(vq))) {
1391
vq_err(vq, "Failed to get used event idx");
1394
return vring_need_event(event, new, old);
1397
/* This actually signals the guest, using eventfd. */
1398
void vhost_signal(struct vhost_dev *dev, struct vhost_virtqueue *vq)
1336
1400
/* Signal the Guest tell them we used something up. */
1401
if (vq->call_ctx && vhost_notify(dev, vq))
1338
1402
eventfd_signal(vq->call_ctx, 1);
1359
1423
/* OK, now we need to know about added descriptors. */
1360
bool vhost_enable_notify(struct vhost_virtqueue *vq)
1424
bool vhost_enable_notify(struct vhost_dev *dev, struct vhost_virtqueue *vq)
1364
1429
if (!(vq->used_flags & VRING_USED_F_NO_NOTIFY))
1366
1431
vq->used_flags &= ~VRING_USED_F_NO_NOTIFY;
1367
r = put_user(vq->used_flags, &vq->used->flags);
1369
vq_err(vq, "Failed to enable notification at %p: %d\n",
1370
&vq->used->flags, r);
1432
if (!vhost_has_feature(dev, VIRTIO_RING_F_EVENT_IDX)) {
1433
r = put_user(vq->used_flags, &vq->used->flags);
1435
vq_err(vq, "Failed to enable notification at %p: %d\n",
1436
&vq->used->flags, r);
1440
r = put_user(vq->avail_idx, vhost_avail_event(vq));
1442
vq_err(vq, "Failed to update avail event index at %p: %d\n",
1443
vhost_avail_event(vq), r);
1447
if (unlikely(vq->log_used)) {
1449
/* Make sure data is seen before log. */
1451
used = vhost_has_feature(dev, VIRTIO_RING_F_EVENT_IDX) ?
1452
&vq->used->flags : vhost_avail_event(vq);
1453
/* Log used flags or event index entry write. Both are 16 bit
1455
log_write(vq->log_base, vq->log_addr +
1456
(used - (void __user *)vq->used),
1459
eventfd_signal(vq->log_ctx, 1);
1373
1461
/* They could have slipped one in as we were doing that: make
1374
1462
* sure it's written, then check again. */
1386
1474
/* We don't need to be notified again. */
1387
void vhost_disable_notify(struct vhost_virtqueue *vq)
1475
void vhost_disable_notify(struct vhost_dev *dev, struct vhost_virtqueue *vq)
1390
1479
if (vq->used_flags & VRING_USED_F_NO_NOTIFY)
1392
1481
vq->used_flags |= VRING_USED_F_NO_NOTIFY;
1393
r = put_user(vq->used_flags, &vq->used->flags);
1395
vq_err(vq, "Failed to enable notification at %p: %d\n",
1396
&vq->used->flags, r);
1482
if (!vhost_has_feature(dev, VIRTIO_RING_F_EVENT_IDX)) {
1483
r = put_user(vq->used_flags, &vq->used->flags);
1485
vq_err(vq, "Failed to enable notification at %p: %d\n",
1486
&vq->used->flags, r);