search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
usb: Avoid use-after-free by flushing endpoints early in usb_set_interface()
[linux/fpc-iii.git] / drivers / misc / vmw_balloon.c
blob518e2dec2aa28a8d72da6fd9e8ea6de4af64b25f
1 /*
2 * VMware Balloon driver.
3 *
4 * Copyright (C) 2000-2014, VMware, Inc. All Rights Reserved.
5 *
6 * This program is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; version 2 of the License and no later version.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, GOOD TITLE or
13 * NON INFRINGEMENT. See the GNU General Public License for more
14 * details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
19 *
20 * Maintained by: Xavier Deguillard <xdeguillard@vmware.com>
21 * Philip Moltmann <moltmann@vmware.com>
22 */
23
24 /*
25 * This is VMware physical memory management driver for Linux. The driver
26 * acts like a "balloon" that can be inflated to reclaim physical pages by
27 * reserving them in the guest and invalidating them in the monitor,
28 * freeing up the underlying machine pages so they can be allocated to
29 * other guests. The balloon can also be deflated to allow the guest to
30 * use more physical memory. Higher level policies can control the sizes
31 * of balloons in VMs in order to manage physical memory resources.
32 */
33
34 //#define DEBUG
35 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
36
37 #include <linux/types.h>
38 #include <linux/kernel.h>
39 #include <linux/mm.h>
40 #include <linux/vmalloc.h>
41 #include <linux/sched.h>
42 #include <linux/module.h>
43 #include <linux/workqueue.h>
44 #include <linux/debugfs.h>
45 #include <linux/seq_file.h>
46 #include <linux/vmw_vmci_defs.h>
47 #include <linux/vmw_vmci_api.h>
48 #include <asm/hypervisor.h>
49
50 MODULE_AUTHOR("VMware, Inc.");
51 MODULE_DESCRIPTION("VMware Memory Control (Balloon) Driver");
52 MODULE_VERSION("1.5.0.0-k");
53 MODULE_ALIAS("dmi:*:svnVMware*:*");
54 MODULE_ALIAS("vmware_vmmemctl");
55 MODULE_LICENSE("GPL");
56
57 /*
58 * Various constants controlling rate of inflaint/deflating balloon,
59 * measured in pages.
60 */
61
62 /*
63 * Rates of memory allocaton when guest experiences memory pressure
64 * (driver performs sleeping allocations).
65 */
66 #define VMW_BALLOON_RATE_ALLOC_MIN 512U
67 #define VMW_BALLOON_RATE_ALLOC_MAX 2048U
68 #define VMW_BALLOON_RATE_ALLOC_INC 16U
69
70 /*
71 * When guest is under memory pressure, use a reduced page allocation
72 * rate for next several cycles.
73 */
74 #define VMW_BALLOON_SLOW_CYCLES 4
75
76 /*
77 * Use __GFP_HIGHMEM to allow pages from HIGHMEM zone. We don't
78 * allow wait (__GFP_RECLAIM) for NOSLEEP page allocations. Use
79 * __GFP_NOWARN, to suppress page allocation failure warnings.
80 */
81 #define VMW_PAGE_ALLOC_NOSLEEP (__GFP_HIGHMEM|__GFP_NOWARN)
82
83 /*
84 * Use GFP_HIGHUSER when executing in a separate kernel thread
85 * context and allocation can sleep. This is less stressful to
86 * the guest memory system, since it allows the thread to block
87 * while memory is reclaimed, and won't take pages from emergency
88 * low-memory pools.
89 */
90 #define VMW_PAGE_ALLOC_CANSLEEP (GFP_HIGHUSER)
91
92 /* Maximum number of refused pages we accumulate during inflation cycle */
93 #define VMW_BALLOON_MAX_REFUSED 16
94
95 /*
96 * Hypervisor communication port definitions.
97 */
98 #define VMW_BALLOON_HV_PORT 0x5670
99 #define VMW_BALLOON_HV_MAGIC 0x456c6d6f
100 #define VMW_BALLOON_GUEST_ID 1 /* Linux */
101
102 enum vmwballoon_capabilities {
103 /*
104 * Bit 0 is reserved and not associated to any capability.
105 */
106 VMW_BALLOON_BASIC_CMDS = (1 << 1),
107 VMW_BALLOON_BATCHED_CMDS = (1 << 2),
108 VMW_BALLOON_BATCHED_2M_CMDS = (1 << 3),
109 VMW_BALLOON_SIGNALLED_WAKEUP_CMD = (1 << 4),
110 };
111
112 #define VMW_BALLOON_CAPABILITIES (VMW_BALLOON_BASIC_CMDS \
113 | VMW_BALLOON_BATCHED_CMDS \
114 | VMW_BALLOON_BATCHED_2M_CMDS \
115 | VMW_BALLOON_SIGNALLED_WAKEUP_CMD)
116
117 #define VMW_BALLOON_2M_SHIFT (9)
118 #define VMW_BALLOON_NUM_PAGE_SIZES (2)
119
120 /*
121 * Backdoor commands availability:
122 *
123 * START, GET_TARGET and GUEST_ID are always available,
124 *
125 * VMW_BALLOON_BASIC_CMDS:
126 * LOCK and UNLOCK commands,
127 * VMW_BALLOON_BATCHED_CMDS:
128 * BATCHED_LOCK and BATCHED_UNLOCK commands.
129 * VMW BALLOON_BATCHED_2M_CMDS:
130 * BATCHED_2M_LOCK and BATCHED_2M_UNLOCK commands,
131 * VMW VMW_BALLOON_SIGNALLED_WAKEUP_CMD:
132 * VMW_BALLOON_CMD_VMCI_DOORBELL_SET command.
133 */
134 #define VMW_BALLOON_CMD_START 0
135 #define VMW_BALLOON_CMD_GET_TARGET 1
136 #define VMW_BALLOON_CMD_LOCK 2
137 #define VMW_BALLOON_CMD_UNLOCK 3
138 #define VMW_BALLOON_CMD_GUEST_ID 4
139 #define VMW_BALLOON_CMD_BATCHED_LOCK 6
140 #define VMW_BALLOON_CMD_BATCHED_UNLOCK 7
141 #define VMW_BALLOON_CMD_BATCHED_2M_LOCK 8
142 #define VMW_BALLOON_CMD_BATCHED_2M_UNLOCK 9
143 #define VMW_BALLOON_CMD_VMCI_DOORBELL_SET 10
144
145
146 /* error codes */
147 #define VMW_BALLOON_SUCCESS 0
148 #define VMW_BALLOON_FAILURE -1
149 #define VMW_BALLOON_ERROR_CMD_INVALID 1
150 #define VMW_BALLOON_ERROR_PPN_INVALID 2
151 #define VMW_BALLOON_ERROR_PPN_LOCKED 3
152 #define VMW_BALLOON_ERROR_PPN_UNLOCKED 4
153 #define VMW_BALLOON_ERROR_PPN_PINNED 5
154 #define VMW_BALLOON_ERROR_PPN_NOTNEEDED 6
155 #define VMW_BALLOON_ERROR_RESET 7
156 #define VMW_BALLOON_ERROR_BUSY 8
157
158 #define VMW_BALLOON_SUCCESS_WITH_CAPABILITIES (0x03000000)
159
160 /* Batch page description */
161
162 /*
163 * Layout of a page in the batch page:
164 *
165 * +-------------+----------+--------+
166 * | | | |
167 * | Page number | Reserved | Status |
168 * | | | |
169 * +-------------+----------+--------+
170 * 64 PAGE_SHIFT 6 0
171 *
172 * The reserved field should be set to 0.
173 */
174 #define VMW_BALLOON_BATCH_MAX_PAGES (PAGE_SIZE / sizeof(u64))
175 #define VMW_BALLOON_BATCH_STATUS_MASK ((1UL << 5) - 1)
176 #define VMW_BALLOON_BATCH_PAGE_MASK (~((1UL << PAGE_SHIFT) - 1))
177
178 struct vmballoon_batch_page {
179 u64 pages[VMW_BALLOON_BATCH_MAX_PAGES];
180 };
181
182 static u64 vmballoon_batch_get_pa(struct vmballoon_batch_page *batch, int idx)
183 {
184 return batch->pages[idx] & VMW_BALLOON_BATCH_PAGE_MASK;
185 }
186
187 static int vmballoon_batch_get_status(struct vmballoon_batch_page *batch,
188 int idx)
189 {
190 return (int)(batch->pages[idx] & VMW_BALLOON_BATCH_STATUS_MASK);
191 }
192
193 static void vmballoon_batch_set_pa(struct vmballoon_batch_page *batch, int idx,
194 u64 pa)
195 {
196 batch->pages[idx] = pa;
197 }
198
199
200 #define VMWARE_BALLOON_CMD(cmd, arg1, arg2, result) \
201 ({ \
202 unsigned long __status, __dummy1, __dummy2, __dummy3; \
203 __asm__ __volatile__ ("inl %%dx" : \
204 "=a"(__status), \
205 "=c"(__dummy1), \
206 "=d"(__dummy2), \
207 "=b"(result), \
208 "=S" (__dummy3) : \
209 "0"(VMW_BALLOON_HV_MAGIC), \
210 "1"(VMW_BALLOON_CMD_##cmd), \
211 "2"(VMW_BALLOON_HV_PORT), \
212 "3"(arg1), \
213 "4" (arg2) : \
214 "memory"); \
215 if (VMW_BALLOON_CMD_##cmd == VMW_BALLOON_CMD_START) \
216 result = __dummy1; \
217 result &= -1UL; \
218 __status & -1UL; \
219 })
220
221 #ifdef CONFIG_DEBUG_FS
222 struct vmballoon_stats {
223 unsigned int timer;
224 unsigned int doorbell;
225
226 /* allocation statistics */
227 unsigned int alloc[VMW_BALLOON_NUM_PAGE_SIZES];
228 unsigned int alloc_fail[VMW_BALLOON_NUM_PAGE_SIZES];
229 unsigned int sleep_alloc;
230 unsigned int sleep_alloc_fail;
231 unsigned int refused_alloc[VMW_BALLOON_NUM_PAGE_SIZES];
232 unsigned int refused_free[VMW_BALLOON_NUM_PAGE_SIZES];
233 unsigned int free[VMW_BALLOON_NUM_PAGE_SIZES];
234
235 /* monitor operations */
236 unsigned int lock[VMW_BALLOON_NUM_PAGE_SIZES];
237 unsigned int lock_fail[VMW_BALLOON_NUM_PAGE_SIZES];
238 unsigned int unlock[VMW_BALLOON_NUM_PAGE_SIZES];
239 unsigned int unlock_fail[VMW_BALLOON_NUM_PAGE_SIZES];
240 unsigned int target;
241 unsigned int target_fail;
242 unsigned int start;
243 unsigned int start_fail;
244 unsigned int guest_type;
245 unsigned int guest_type_fail;
246 unsigned int doorbell_set;
247 unsigned int doorbell_unset;
248 };
249
250 #define STATS_INC(stat) (stat)++
251 #else
252 #define STATS_INC(stat)
253 #endif
254
255 struct vmballoon;
256
257 struct vmballoon_ops {
258 void (*add_page)(struct vmballoon *b, int idx, struct page *p);
259 int (*lock)(struct vmballoon *b, unsigned int num_pages,
260 bool is_2m_pages, unsigned int *target);
261 int (*unlock)(struct vmballoon *b, unsigned int num_pages,
262 bool is_2m_pages, unsigned int *target);
263 };
264
265 struct vmballoon_page_size {
266 /* list of reserved physical pages */
267 struct list_head pages;
268
269 /* transient list of non-balloonable pages */
270 struct list_head refused_pages;
271 unsigned int n_refused_pages;
272 };
273
274 struct vmballoon {
275 struct vmballoon_page_size page_sizes[VMW_BALLOON_NUM_PAGE_SIZES];
276
277 /* supported page sizes. 1 == 4k pages only, 2 == 4k and 2m pages */
278 unsigned supported_page_sizes;
279
280 /* balloon size in pages */
281 unsigned int size;
282 unsigned int target;
283
284 /* reset flag */
285 bool reset_required;
286
287 /* adjustment rates (pages per second) */
288 unsigned int rate_alloc;
289
290 /* slowdown page allocations for next few cycles */
291 unsigned int slow_allocation_cycles;
292
293 unsigned long capabilities;
294
295 struct vmballoon_batch_page *batch_page;
296 unsigned int batch_max_pages;
297 struct page *page;
298
299 const struct vmballoon_ops *ops;
300
301 #ifdef CONFIG_DEBUG_FS
302 /* statistics */
303 struct vmballoon_stats stats;
304
305 /* debugfs file exporting statistics */
306 struct dentry *dbg_entry;
307 #endif
308
309 struct sysinfo sysinfo;
310
311 struct delayed_work dwork;
312
313 struct vmci_handle vmci_doorbell;
314 };
315
316 static struct vmballoon balloon;
317
318 /*
319 * Send "start" command to the host, communicating supported version
320 * of the protocol.
321 */
322 static bool vmballoon_send_start(struct vmballoon *b, unsigned long req_caps)
323 {
324 unsigned long status, capabilities, dummy = 0;
325 bool success;
326
327 STATS_INC(b->stats.start);
328
329 status = VMWARE_BALLOON_CMD(START, req_caps, dummy, capabilities);
330
331 switch (status) {
332 case VMW_BALLOON_SUCCESS_WITH_CAPABILITIES:
333 b->capabilities = capabilities;
334 success = true;
335 break;
336 case VMW_BALLOON_SUCCESS:
337 b->capabilities = VMW_BALLOON_BASIC_CMDS;
338 success = true;
339 break;
340 default:
341 success = false;
342 }
343
344 /*
345 * 2MB pages are only supported with batching. If batching is for some
346 * reason disabled, do not use 2MB pages, since otherwise the legacy
347 * mechanism is used with 2MB pages, causing a failure.
348 */
349 if ((b->capabilities & VMW_BALLOON_BATCHED_2M_CMDS) &&
350 (b->capabilities & VMW_BALLOON_BATCHED_CMDS))
351 b->supported_page_sizes = 2;
352 else
353 b->supported_page_sizes = 1;
354
355 if (!success) {
356 pr_debug("%s - failed, hv returns %ld\n", __func__, status);
357 STATS_INC(b->stats.start_fail);
358 }
359 return success;
360 }
361
362 static bool vmballoon_check_status(struct vmballoon *b, unsigned long status)
363 {
364 switch (status) {
365 case VMW_BALLOON_SUCCESS:
366 return true;
367
368 case VMW_BALLOON_ERROR_RESET:
369 b->reset_required = true;
370 /* fall through */
371
372 default:
373 return false;
374 }
375 }
376
377 /*
378 * Communicate guest type to the host so that it can adjust ballooning
379 * algorithm to the one most appropriate for the guest. This command
380 * is normally issued after sending "start" command and is part of
381 * standard reset sequence.
382 */
383 static bool vmballoon_send_guest_id(struct vmballoon *b)
384 {
385 unsigned long status, dummy = 0;
386
387 status = VMWARE_BALLOON_CMD(GUEST_ID, VMW_BALLOON_GUEST_ID, dummy,
388 dummy);
389
390 STATS_INC(b->stats.guest_type);
391
392 if (vmballoon_check_status(b, status))
393 return true;
394
395 pr_debug("%s - failed, hv returns %ld\n", __func__, status);
396 STATS_INC(b->stats.guest_type_fail);
397 return false;
398 }
399
400 static u16 vmballoon_page_size(bool is_2m_page)
401 {
402 if (is_2m_page)
403 return 1 << VMW_BALLOON_2M_SHIFT;
404
405 return 1;
406 }
407
408 /*
409 * Retrieve desired balloon size from the host.
410 */
411 static bool vmballoon_send_get_target(struct vmballoon *b, u32 *new_target)
412 {
413 unsigned long status;
414 unsigned long target;
415 unsigned long limit;
416 unsigned long dummy = 0;
417 u32 limit32;
418
419 /*
420 * si_meminfo() is cheap. Moreover, we want to provide dynamic
421 * max balloon size later. So let us call si_meminfo() every
422 * iteration.
423 */
424 si_meminfo(&b->sysinfo);
425 limit = b->sysinfo.totalram;
426
427 /* Ensure limit fits in 32-bits */
428 limit32 = (u32)limit;
429 if (limit != limit32)
430 return false;
431
432 /* update stats */
433 STATS_INC(b->stats.target);
434
435 status = VMWARE_BALLOON_CMD(GET_TARGET, limit, dummy, target);
436 if (vmballoon_check_status(b, status)) {
437 *new_target = target;
438 return true;
439 }
440
441 pr_debug("%s - failed, hv returns %ld\n", __func__, status);
442 STATS_INC(b->stats.target_fail);
443 return false;
444 }
445
446 /*
447 * Notify the host about allocated page so that host can use it without
448 * fear that guest will need it. Host may reject some pages, we need to
449 * check the return value and maybe submit a different page.
450 */
451 static int vmballoon_send_lock_page(struct vmballoon *b, unsigned long pfn,
452 unsigned int *hv_status, unsigned int *target)
453 {
454 unsigned long status, dummy = 0;
455 u32 pfn32;
456
457 pfn32 = (u32)pfn;
458 if (pfn32 != pfn)
459 return -EINVAL;
460
461 STATS_INC(b->stats.lock[false]);
462
463 *hv_status = status = VMWARE_BALLOON_CMD(LOCK, pfn, dummy, *target);
464 if (vmballoon_check_status(b, status))
465 return 0;
466
467 pr_debug("%s - ppn %lx, hv returns %ld\n", __func__, pfn, status);
468 STATS_INC(b->stats.lock_fail[false]);
469 return -EIO;
470 }
471
472 static int vmballoon_send_batched_lock(struct vmballoon *b,
473 unsigned int num_pages, bool is_2m_pages, unsigned int *target)
474 {
475 unsigned long status;
476 unsigned long pfn = PHYS_PFN(virt_to_phys(b->batch_page));
477
478 STATS_INC(b->stats.lock[is_2m_pages]);
479
480 if (is_2m_pages)
481 status = VMWARE_BALLOON_CMD(BATCHED_2M_LOCK, pfn, num_pages,
482 *target);
483 else
484 status = VMWARE_BALLOON_CMD(BATCHED_LOCK, pfn, num_pages,
485 *target);
486
487 if (vmballoon_check_status(b, status))
488 return 0;
489
490 pr_debug("%s - batch ppn %lx, hv returns %ld\n", __func__, pfn, status);
491 STATS_INC(b->stats.lock_fail[is_2m_pages]);
492 return 1;
493 }
494
495 /*
496 * Notify the host that guest intends to release given page back into
497 * the pool of available (to the guest) pages.
498 */
499 static bool vmballoon_send_unlock_page(struct vmballoon *b, unsigned long pfn,
500 unsigned int *target)
501 {
502 unsigned long status, dummy = 0;
503 u32 pfn32;
504
505 pfn32 = (u32)pfn;
506 if (pfn32 != pfn)
507 return false;
508
509 STATS_INC(b->stats.unlock[false]);
510
511 status = VMWARE_BALLOON_CMD(UNLOCK, pfn, dummy, *target);
512 if (vmballoon_check_status(b, status))
513 return true;
514
515 pr_debug("%s - ppn %lx, hv returns %ld\n", __func__, pfn, status);
516 STATS_INC(b->stats.unlock_fail[false]);
517 return false;
518 }
519
520 static bool vmballoon_send_batched_unlock(struct vmballoon *b,
521 unsigned int num_pages, bool is_2m_pages, unsigned int *target)
522 {
523 unsigned long status;
524 unsigned long pfn = PHYS_PFN(virt_to_phys(b->batch_page));
525
526 STATS_INC(b->stats.unlock[is_2m_pages]);
527
528 if (is_2m_pages)
529 status = VMWARE_BALLOON_CMD(BATCHED_2M_UNLOCK, pfn, num_pages,
530 *target);
531 else
532 status = VMWARE_BALLOON_CMD(BATCHED_UNLOCK, pfn, num_pages,
533 *target);
534
535 if (vmballoon_check_status(b, status))
536 return true;
537
538 pr_debug("%s - batch ppn %lx, hv returns %ld\n", __func__, pfn, status);
539 STATS_INC(b->stats.unlock_fail[is_2m_pages]);
540 return false;
541 }
542
543 static struct page *vmballoon_alloc_page(gfp_t flags, bool is_2m_page)
544 {
545 if (is_2m_page)
546 return alloc_pages(flags, VMW_BALLOON_2M_SHIFT);
547
548 return alloc_page(flags);
549 }
550
551 static void vmballoon_free_page(struct page *page, bool is_2m_page)
552 {
553 if (is_2m_page)
554 __free_pages(page, VMW_BALLOON_2M_SHIFT);
555 else
556 __free_page(page);
557 }
558
559 /*
560 * Quickly release all pages allocated for the balloon. This function is
561 * called when host decides to "reset" balloon for one reason or another.
562 * Unlike normal "deflate" we do not (shall not) notify host of the pages
563 * being released.
564 */
565 static void vmballoon_pop(struct vmballoon *b)
566 {
567 struct page *page, *next;
568 unsigned is_2m_pages;
569
570 for (is_2m_pages = 0; is_2m_pages < VMW_BALLOON_NUM_PAGE_SIZES;
571 is_2m_pages++) {
572 struct vmballoon_page_size *page_size =
573 &b->page_sizes[is_2m_pages];
574 u16 size_per_page = vmballoon_page_size(is_2m_pages);
575
576 list_for_each_entry_safe(page, next, &page_size->pages, lru) {
577 list_del(&page->lru);
578 vmballoon_free_page(page, is_2m_pages);
579 STATS_INC(b->stats.free[is_2m_pages]);
580 b->size -= size_per_page;
581 cond_resched();
582 }
583 }
584
585 /* Clearing the batch_page unconditionally has no adverse effect */
586 free_page((unsigned long)b->batch_page);
587 b->batch_page = NULL;
588 }
589
590 /*
591 * Notify the host of a ballooned page. If host rejects the page put it on the
592 * refuse list, those refused page are then released at the end of the
593 * inflation cycle.
594 */
595 static int vmballoon_lock_page(struct vmballoon *b, unsigned int num_pages,
596 bool is_2m_pages, unsigned int *target)
597 {
598 int locked, hv_status;
599 struct page *page = b->page;
600 struct vmballoon_page_size *page_size = &b->page_sizes[false];
601
602 /* is_2m_pages can never happen as 2m pages support implies batching */
603
604 locked = vmballoon_send_lock_page(b, page_to_pfn(page), &hv_status,
605 target);
606 if (locked) {
607 STATS_INC(b->stats.refused_alloc[false]);
608
609 if (locked == -EIO &&
610 (hv_status == VMW_BALLOON_ERROR_RESET ||
611 hv_status == VMW_BALLOON_ERROR_PPN_NOTNEEDED)) {
612 vmballoon_free_page(page, false);
613 return -EIO;
614 }
615
616 /*
617 * Place page on the list of non-balloonable pages
618 * and retry allocation, unless we already accumulated
619 * too many of them, in which case take a breather.
620 */
621 if (page_size->n_refused_pages < VMW_BALLOON_MAX_REFUSED) {
622 page_size->n_refused_pages++;
623 list_add(&page->lru, &page_size->refused_pages);
624 } else {
625 vmballoon_free_page(page, false);
626 }
627 return locked;
628 }
629
630 /* track allocated page */
631 list_add(&page->lru, &page_size->pages);
632
633 /* update balloon size */
634 b->size++;
635
636 return 0;
637 }
638
639 static int vmballoon_lock_batched_page(struct vmballoon *b,
640 unsigned int num_pages, bool is_2m_pages, unsigned int *target)
641 {
642 int locked, i;
643 u16 size_per_page = vmballoon_page_size(is_2m_pages);
644
645 locked = vmballoon_send_batched_lock(b, num_pages, is_2m_pages,
646 target);
647 if (locked > 0) {
648 for (i = 0; i < num_pages; i++) {
649 u64 pa = vmballoon_batch_get_pa(b->batch_page, i);
650 struct page *p = pfn_to_page(pa >> PAGE_SHIFT);
651
652 vmballoon_free_page(p, is_2m_pages);
653 }
654
655 return -EIO;
656 }
657
658 for (i = 0; i < num_pages; i++) {
659 u64 pa = vmballoon_batch_get_pa(b->batch_page, i);
660 struct page *p = pfn_to_page(pa >> PAGE_SHIFT);
661 struct vmballoon_page_size *page_size =
662 &b->page_sizes[is_2m_pages];
663
664 locked = vmballoon_batch_get_status(b->batch_page, i);
665
666 switch (locked) {
667 case VMW_BALLOON_SUCCESS:
668 list_add(&p->lru, &page_size->pages);
669 b->size += size_per_page;
670 break;
671 case VMW_BALLOON_ERROR_PPN_PINNED:
672 case VMW_BALLOON_ERROR_PPN_INVALID:
673 if (page_size->n_refused_pages
674 < VMW_BALLOON_MAX_REFUSED) {
675 list_add(&p->lru, &page_size->refused_pages);
676 page_size->n_refused_pages++;
677 break;
678 }
679 /* Fallthrough */
680 case VMW_BALLOON_ERROR_RESET:
681 case VMW_BALLOON_ERROR_PPN_NOTNEEDED:
682 vmballoon_free_page(p, is_2m_pages);
683 break;
684 default:
685 /* This should never happen */
686 WARN_ON_ONCE(true);
687 }
688 }
689
690 return 0;
691 }
692
693 /*
694 * Release the page allocated for the balloon. Note that we first notify
695 * the host so it can make sure the page will be available for the guest
696 * to use, if needed.
697 */
698 static int vmballoon_unlock_page(struct vmballoon *b, unsigned int num_pages,
699 bool is_2m_pages, unsigned int *target)
700 {
701 struct page *page = b->page;
702 struct vmballoon_page_size *page_size = &b->page_sizes[false];
703
704 /* is_2m_pages can never happen as 2m pages support implies batching */
705
706 if (!vmballoon_send_unlock_page(b, page_to_pfn(page), target)) {
707 list_add(&page->lru, &page_size->pages);
708 return -EIO;
709 }
710
711 /* deallocate page */
712 vmballoon_free_page(page, false);
713 STATS_INC(b->stats.free[false]);
714
715 /* update balloon size */
716 b->size--;
717
718 return 0;
719 }
720
721 static int vmballoon_unlock_batched_page(struct vmballoon *b,
722 unsigned int num_pages, bool is_2m_pages,
723 unsigned int *target)
724 {
725 int locked, i, ret = 0;
726 bool hv_success;
727 u16 size_per_page = vmballoon_page_size(is_2m_pages);
728
729 hv_success = vmballoon_send_batched_unlock(b, num_pages, is_2m_pages,
730 target);
731 if (!hv_success)
732 ret = -EIO;
733
734 for (i = 0; i < num_pages; i++) {
735 u64 pa = vmballoon_batch_get_pa(b->batch_page, i);
736 struct page *p = pfn_to_page(pa >> PAGE_SHIFT);
737 struct vmballoon_page_size *page_size =
738 &b->page_sizes[is_2m_pages];
739
740 locked = vmballoon_batch_get_status(b->batch_page, i);
741 if (!hv_success || locked != VMW_BALLOON_SUCCESS) {
742 /*
743 * That page wasn't successfully unlocked by the
744 * hypervisor, re-add it to the list of pages owned by
745 * the balloon driver.
746 */
747 list_add(&p->lru, &page_size->pages);
748 } else {
749 /* deallocate page */
750 vmballoon_free_page(p, is_2m_pages);
751 STATS_INC(b->stats.free[is_2m_pages]);
752
753 /* update balloon size */
754 b->size -= size_per_page;
755 }
756 }
757
758 return ret;
759 }
760
761 /*
762 * Release pages that were allocated while attempting to inflate the
763 * balloon but were refused by the host for one reason or another.
764 */
765 static void vmballoon_release_refused_pages(struct vmballoon *b,
766 bool is_2m_pages)
767 {
768 struct page *page, *next;
769 struct vmballoon_page_size *page_size =
770 &b->page_sizes[is_2m_pages];
771
772 list_for_each_entry_safe(page, next, &page_size->refused_pages, lru) {
773 list_del(&page->lru);
774 vmballoon_free_page(page, is_2m_pages);
775 STATS_INC(b->stats.refused_free[is_2m_pages]);
776 }
777
778 page_size->n_refused_pages = 0;
779 }
780
781 static void vmballoon_add_page(struct vmballoon *b, int idx, struct page *p)
782 {
783 b->page = p;
784 }
785
786 static void vmballoon_add_batched_page(struct vmballoon *b, int idx,
787 struct page *p)
788 {
789 vmballoon_batch_set_pa(b->batch_page, idx,
790 (u64)page_to_pfn(p) << PAGE_SHIFT);
791 }
792
793 /*
794 * Inflate the balloon towards its target size. Note that we try to limit
795 * the rate of allocation to make sure we are not choking the rest of the
796 * system.
797 */
798 static void vmballoon_inflate(struct vmballoon *b)
799 {
800 unsigned rate;
801 unsigned int allocations = 0;
802 unsigned int num_pages = 0;
803 int error = 0;
804 gfp_t flags = VMW_PAGE_ALLOC_NOSLEEP;
805 bool is_2m_pages;
806
807 pr_debug("%s - size: %d, target %d\n", __func__, b->size, b->target);
808
809 /*
810 * First try NOSLEEP page allocations to inflate balloon.
811 *
812 * If we do not throttle nosleep allocations, we can drain all
813 * free pages in the guest quickly (if the balloon target is high).
814 * As a side-effect, draining free pages helps to inform (force)
815 * the guest to start swapping if balloon target is not met yet,
816 * which is a desired behavior. However, balloon driver can consume
817 * all available CPU cycles if too many pages are allocated in a
818 * second. Therefore, we throttle nosleep allocations even when
819 * the guest is not under memory pressure. OTOH, if we have already
820 * predicted that the guest is under memory pressure, then we
821 * slowdown page allocations considerably.
822 */
823
824 /*
825 * Start with no sleep allocation rate which may be higher
826 * than sleeping allocation rate.
827 */
828 if (b->slow_allocation_cycles) {
829 rate = b->rate_alloc;
830 is_2m_pages = false;
831 } else {
832 rate = UINT_MAX;
833 is_2m_pages =
834 b->supported_page_sizes == VMW_BALLOON_NUM_PAGE_SIZES;
835 }
836
837 pr_debug("%s - goal: %d, no-sleep rate: %u, sleep rate: %d\n",
838 __func__, b->target - b->size, rate, b->rate_alloc);
839
840 while (!b->reset_required &&
841 b->size + num_pages * vmballoon_page_size(is_2m_pages)
842 < b->target) {
843 struct page *page;
844
845 if (flags == VMW_PAGE_ALLOC_NOSLEEP)
846 STATS_INC(b->stats.alloc[is_2m_pages]);
847 else
848 STATS_INC(b->stats.sleep_alloc);
849
850 page = vmballoon_alloc_page(flags, is_2m_pages);
851 if (!page) {
852 STATS_INC(b->stats.alloc_fail[is_2m_pages]);
853
854 if (is_2m_pages) {
855 b->ops->lock(b, num_pages, true, &b->target);
856
857 /*
858 * ignore errors from locking as we now switch
859 * to 4k pages and we might get different
860 * errors.
861 */
862
863 num_pages = 0;
864 is_2m_pages = false;
865 continue;
866 }
867
868 if (flags == VMW_PAGE_ALLOC_CANSLEEP) {
869 /*
870 * CANSLEEP page allocation failed, so guest
871 * is under severe memory pressure. Quickly
872 * decrease allocation rate.
873 */
874 b->rate_alloc = max(b->rate_alloc / 2,
875 VMW_BALLOON_RATE_ALLOC_MIN);
876 STATS_INC(b->stats.sleep_alloc_fail);
877 break;
878 }
879
880 /*
881 * NOSLEEP page allocation failed, so the guest is
882 * under memory pressure. Let us slow down page
883 * allocations for next few cycles so that the guest
884 * gets out of memory pressure. Also, if we already
885 * allocated b->rate_alloc pages, let's pause,
886 * otherwise switch to sleeping allocations.
887 */
888 b->slow_allocation_cycles = VMW_BALLOON_SLOW_CYCLES;
889
890 if (allocations >= b->rate_alloc)
891 break;
892
893 flags = VMW_PAGE_ALLOC_CANSLEEP;
894 /* Lower rate for sleeping allocations. */
895 rate = b->rate_alloc;
896 continue;
897 }
898
899 b->ops->add_page(b, num_pages++, page);
900 if (num_pages == b->batch_max_pages) {
901 error = b->ops->lock(b, num_pages, is_2m_pages,
902 &b->target);
903 num_pages = 0;
904 if (error)
905 break;
906 }
907
908 cond_resched();
909
910 if (allocations >= rate) {
911 /* We allocated enough pages, let's take a break. */
912 break;
913 }
914 }
915
916 if (num_pages > 0)
917 b->ops->lock(b, num_pages, is_2m_pages, &b->target);
918
919 /*
920 * We reached our goal without failures so try increasing
921 * allocation rate.
922 */
923 if (error == 0 && allocations >= b->rate_alloc) {
924 unsigned int mult = allocations / b->rate_alloc;
925
926 b->rate_alloc =
927 min(b->rate_alloc + mult * VMW_BALLOON_RATE_ALLOC_INC,
928 VMW_BALLOON_RATE_ALLOC_MAX);
929 }
930
931 vmballoon_release_refused_pages(b, true);
932 vmballoon_release_refused_pages(b, false);
933 }
934
935 /*
936 * Decrease the size of the balloon allowing guest to use more memory.
937 */
938 static void vmballoon_deflate(struct vmballoon *b)
939 {
940 unsigned is_2m_pages;
941
942 pr_debug("%s - size: %d, target %d\n", __func__, b->size, b->target);
943
944 /* free pages to reach target */
945 for (is_2m_pages = 0; is_2m_pages < b->supported_page_sizes;
946 is_2m_pages++) {
947 struct page *page, *next;
948 unsigned int num_pages = 0;
949 struct vmballoon_page_size *page_size =
950 &b->page_sizes[is_2m_pages];
951
952 list_for_each_entry_safe(page, next, &page_size->pages, lru) {
953 if (b->reset_required ||
954 (b->target > 0 &&
955 b->size - num_pages
956 * vmballoon_page_size(is_2m_pages)
957 < b->target + vmballoon_page_size(true)))
958 break;
959
960 list_del(&page->lru);
961 b->ops->add_page(b, num_pages++, page);
962
963 if (num_pages == b->batch_max_pages) {
964 int error;
965
966 error = b->ops->unlock(b, num_pages,
967 is_2m_pages, &b->target);
968 num_pages = 0;
969 if (error)
970 return;
971 }
972
973 cond_resched();
974 }
975
976 if (num_pages > 0)
977 b->ops->unlock(b, num_pages, is_2m_pages, &b->target);
978 }
979 }
980
981 static const struct vmballoon_ops vmballoon_basic_ops = {
982 .add_page = vmballoon_add_page,
983 .lock = vmballoon_lock_page,
984 .unlock = vmballoon_unlock_page
985 };
986
987 static const struct vmballoon_ops vmballoon_batched_ops = {
988 .add_page = vmballoon_add_batched_page,
989 .lock = vmballoon_lock_batched_page,
990 .unlock = vmballoon_unlock_batched_page
991 };
992
993 static bool vmballoon_init_batching(struct vmballoon *b)
994 {
995 struct page *page;
996
997 page = alloc_page(GFP_KERNEL | __GFP_ZERO);
998 if (!page)
999 return false;
1000
1001 b->batch_page = page_address(page);
1002 return true;
1003 }
1004
1005 /*
1006 * Receive notification and resize balloon
1007 */
1008 static void vmballoon_doorbell(void *client_data)
1009 {
1010 struct vmballoon *b = client_data;
1011
1012 STATS_INC(b->stats.doorbell);
1013
1014 mod_delayed_work(system_freezable_wq, &b->dwork, 0);
1015 }
1016
1017 /*
1018 * Clean up vmci doorbell
1019 */
1020 static void vmballoon_vmci_cleanup(struct vmballoon *b)
1021 {
1022 int error;
1023
1024 VMWARE_BALLOON_CMD(VMCI_DOORBELL_SET, VMCI_INVALID_ID,
1025 VMCI_INVALID_ID, error);
1026 STATS_INC(b->stats.doorbell_unset);
1027
1028 if (!vmci_handle_is_invalid(b->vmci_doorbell)) {
1029 vmci_doorbell_destroy(b->vmci_doorbell);
1030 b->vmci_doorbell = VMCI_INVALID_HANDLE;
1031 }
1032 }
1033
1034 /*
1035 * Initialize vmci doorbell, to get notified as soon as balloon changes
1036 */
1037 static int vmballoon_vmci_init(struct vmballoon *b)
1038 {
1039 unsigned long error, dummy;
1040
1041 if ((b->capabilities & VMW_BALLOON_SIGNALLED_WAKEUP_CMD) == 0)
1042 return 0;
1043
1044 error = vmci_doorbell_create(&b->vmci_doorbell, VMCI_FLAG_DELAYED_CB,
1045 VMCI_PRIVILEGE_FLAG_RESTRICTED,
1046 vmballoon_doorbell, b);
1047
1048 if (error != VMCI_SUCCESS)
1049 goto fail;
1050
1051 error = VMWARE_BALLOON_CMD(VMCI_DOORBELL_SET, b->vmci_doorbell.context,
1052 b->vmci_doorbell.resource, dummy);
1053
1054 STATS_INC(b->stats.doorbell_set);
1055
1056 if (error != VMW_BALLOON_SUCCESS)
1057 goto fail;
1058
1059 return 0;
1060 fail:
1061 vmballoon_vmci_cleanup(b);
1062 return -EIO;
1063 }
1064
1065 /*
1066 * Perform standard reset sequence by popping the balloon (in case it
1067 * is not empty) and then restarting protocol. This operation normally
1068 * happens when host responds with VMW_BALLOON_ERROR_RESET to a command.
1069 */
1070 static void vmballoon_reset(struct vmballoon *b)
1071 {
1072 int error;
1073
1074 vmballoon_vmci_cleanup(b);
1075
1076 /* free all pages, skipping monitor unlock */
1077 vmballoon_pop(b);
1078
1079 if (!vmballoon_send_start(b, VMW_BALLOON_CAPABILITIES))
1080 return;
1081
1082 if ((b->capabilities & VMW_BALLOON_BATCHED_CMDS) != 0) {
1083 b->ops = &vmballoon_batched_ops;
1084 b->batch_max_pages = VMW_BALLOON_BATCH_MAX_PAGES;
1085 if (!vmballoon_init_batching(b)) {
1086 /*
1087 * We failed to initialize batching, inform the monitor
1088 * about it by sending a null capability.
1089 *
1090 * The guest will retry in one second.
1091 */
1092 vmballoon_send_start(b, 0);
1093 return;
1094 }
1095 } else if ((b->capabilities & VMW_BALLOON_BASIC_CMDS) != 0) {
1096 b->ops = &vmballoon_basic_ops;
1097 b->batch_max_pages = 1;
1098 }
1099
1100 b->reset_required = false;
1101
1102 error = vmballoon_vmci_init(b);
1103 if (error)
1104 pr_err("failed to initialize vmci doorbell\n");
1105
1106 if (!vmballoon_send_guest_id(b))
1107 pr_err("failed to send guest ID to the host\n");
1108 }
1109
1110 /*
1111 * Balloon work function: reset protocol, if needed, get the new size and
1112 * adjust balloon as needed. Repeat in 1 sec.
1113 */
1114 static void vmballoon_work(struct work_struct *work)
1115 {
1116 struct delayed_work *dwork = to_delayed_work(work);
1117 struct vmballoon *b = container_of(dwork, struct vmballoon, dwork);
1118 unsigned int target;
1119
1120 STATS_INC(b->stats.timer);
1121
1122 if (b->reset_required)
1123 vmballoon_reset(b);
1124
1125 if (b->slow_allocation_cycles > 0)
1126 b->slow_allocation_cycles--;
1127
1128 if (!b->reset_required && vmballoon_send_get_target(b, &target)) {
1129 /* update target, adjust size */
1130 b->target = target;
1131
1132 if (b->size < target)
1133 vmballoon_inflate(b);
1134 else if (target == 0 ||
1135 b->size > target + vmballoon_page_size(true))
1136 vmballoon_deflate(b);
1137 }
1138
1139 /*
1140 * We are using a freezable workqueue so that balloon operations are
1141 * stopped while the system transitions to/from sleep/hibernation.
1142 */
1143 queue_delayed_work(system_freezable_wq,
1144 dwork, round_jiffies_relative(HZ));
1145 }
1146
1147 /*
1148 * DEBUGFS Interface
1149 */
1150 #ifdef CONFIG_DEBUG_FS
1151
1152 static int vmballoon_debug_show(struct seq_file *f, void *offset)
1153 {
1154 struct vmballoon *b = f->private;
1155 struct vmballoon_stats *stats = &b->stats;
1156
1157 /* format capabilities info */
1158 seq_printf(f,
1159 "balloon capabilities: %#4x\n"
1160 "used capabilities: %#4lx\n"
1161 "is resetting: %c\n",
1162 VMW_BALLOON_CAPABILITIES, b->capabilities,
1163 b->reset_required ? 'y' : 'n');
1164
1165 /* format size info */
1166 seq_printf(f,
1167 "target: %8d pages\n"
1168 "current: %8d pages\n",
1169 b->target, b->size);
1170
1171 /* format rate info */
1172 seq_printf(f,
1173 "rateSleepAlloc: %8d pages/sec\n",
1174 b->rate_alloc);
1175
1176 seq_printf(f,
1177 "\n"
1178 "timer: %8u\n"
1179 "doorbell: %8u\n"
1180 "start: %8u (%4u failed)\n"
1181 "guestType: %8u (%4u failed)\n"
1182 "2m-lock: %8u (%4u failed)\n"
1183 "lock: %8u (%4u failed)\n"
1184 "2m-unlock: %8u (%4u failed)\n"
1185 "unlock: %8u (%4u failed)\n"
1186 "target: %8u (%4u failed)\n"
1187 "prim2mAlloc: %8u (%4u failed)\n"
1188 "primNoSleepAlloc: %8u (%4u failed)\n"
1189 "primCanSleepAlloc: %8u (%4u failed)\n"
1190 "prim2mFree: %8u\n"
1191 "primFree: %8u\n"
1192 "err2mAlloc: %8u\n"
1193 "errAlloc: %8u\n"
1194 "err2mFree: %8u\n"
1195 "errFree: %8u\n"
1196 "doorbellSet: %8u\n"
1197 "doorbellUnset: %8u\n",
1198 stats->timer,
1199 stats->doorbell,
1200 stats->start, stats->start_fail,
1201 stats->guest_type, stats->guest_type_fail,
1202 stats->lock[true], stats->lock_fail[true],
1203 stats->lock[false], stats->lock_fail[false],
1204 stats->unlock[true], stats->unlock_fail[true],
1205 stats->unlock[false], stats->unlock_fail[false],
1206 stats->target, stats->target_fail,
1207 stats->alloc[true], stats->alloc_fail[true],
1208 stats->alloc[false], stats->alloc_fail[false],
1209 stats->sleep_alloc, stats->sleep_alloc_fail,
1210 stats->free[true],
1211 stats->free[false],
1212 stats->refused_alloc[true], stats->refused_alloc[false],
1213 stats->refused_free[true], stats->refused_free[false],
1214 stats->doorbell_set, stats->doorbell_unset);
1215
1216 return 0;
1217 }
1218
1219 static int vmballoon_debug_open(struct inode *inode, struct file *file)
1220 {
1221 return single_open(file, vmballoon_debug_show, inode->i_private);
1222 }
1223
1224 static const struct file_operations vmballoon_debug_fops = {
1225 .owner = THIS_MODULE,
1226 .open = vmballoon_debug_open,
1227 .read = seq_read,
1228 .llseek = seq_lseek,
1229 .release = single_release,
1230 };
1231
1232 static int __init vmballoon_debugfs_init(struct vmballoon *b)
1233 {
1234 int error;
1235
1236 b->dbg_entry = debugfs_create_file("vmmemctl", S_IRUGO, NULL, b,
1237 &vmballoon_debug_fops);
1238 if (IS_ERR(b->dbg_entry)) {
1239 error = PTR_ERR(b->dbg_entry);
1240 pr_err("failed to create debugfs entry, error: %d\n", error);
1241 return error;
1242 }
1243
1244 return 0;
1245 }
1246
1247 static void __exit vmballoon_debugfs_exit(struct vmballoon *b)
1248 {
1249 debugfs_remove(b->dbg_entry);
1250 }
1251
1252 #else
1253
1254 static inline int vmballoon_debugfs_init(struct vmballoon *b)
1255 {
1256 return 0;
1257 }
1258
1259 static inline void vmballoon_debugfs_exit(struct vmballoon *b)
1260 {
1261 }
1262
1263 #endif /* CONFIG_DEBUG_FS */
1264
1265 static int __init vmballoon_init(void)
1266 {
1267 int error;
1268 unsigned is_2m_pages;
1269 /*
1270 * Check if we are running on VMware's hypervisor and bail out
1271 * if we are not.
1272 */
1273 if (x86_hyper != &x86_hyper_vmware)
1274 return -ENODEV;
1275
1276 for (is_2m_pages = 0; is_2m_pages < VMW_BALLOON_NUM_PAGE_SIZES;
1277 is_2m_pages++) {
1278 INIT_LIST_HEAD(&balloon.page_sizes[is_2m_pages].pages);
1279 INIT_LIST_HEAD(&balloon.page_sizes[is_2m_pages].refused_pages);
1280 }
1281
1282 /* initialize rates */
1283 balloon.rate_alloc = VMW_BALLOON_RATE_ALLOC_MAX;
1284
1285 INIT_DELAYED_WORK(&balloon.dwork, vmballoon_work);
1286
1287 error = vmballoon_debugfs_init(&balloon);
1288 if (error)
1289 return error;
1290
1291 balloon.vmci_doorbell = VMCI_INVALID_HANDLE;
1292 balloon.batch_page = NULL;
1293 balloon.page = NULL;
1294 balloon.reset_required = true;
1295
1296 queue_delayed_work(system_freezable_wq, &balloon.dwork, 0);
1297
1298 return 0;
1299 }
1300
1301 /*
1302 * Using late_initcall() instead of module_init() allows the balloon to use the
1303 * VMCI doorbell even when the balloon is built into the kernel. Otherwise the
1304 * VMCI is probed only after the balloon is initialized. If the balloon is used
1305 * as a module, late_initcall() is equivalent to module_init().
1306 */
1307 late_initcall(vmballoon_init);
1308
1309 static void __exit vmballoon_exit(void)
1310 {
1311 vmballoon_vmci_cleanup(&balloon);
1312 cancel_delayed_work_sync(&balloon.dwork);
1313
1314 vmballoon_debugfs_exit(&balloon);
1315
1316 /*
1317 * Deallocate all reserved memory, and reset connection with monitor.
1318 * Reset connection before deallocating memory to avoid potential for
1319 * additional spurious resets from guest touching deallocated pages.
1320 */
1321 vmballoon_send_start(&balloon, 0);
1322 vmballoon_pop(&balloon);
1323 }
1324 module_exit(vmballoon_exit);
Linux with added FPC-III support