Avoid beyond bounds copy while caching ACL
[zen-stable.git] / drivers / xen / xenbus / xenbus_client.c
blob566d2adbd6ea4f349edf875566cfaeef66c48fa9
1 /******************************************************************************
2 * Client-facing interface for the Xenbus driver. In other words, the
3 * interface between the Xenbus and the device-specific code, be it the
4 * frontend or the backend of that driver.
6 * Copyright (C) 2005 XenSource Ltd
8 * This program is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU General Public License version 2
10 * as published by the Free Software Foundation; or, when distributed
11 * separately from the Linux kernel or incorporated into other
12 * software packages, subject to the following license:
14 * Permission is hereby granted, free of charge, to any person obtaining a copy
15 * of this source file (the "Software"), to deal in the Software without
16 * restriction, including without limitation the rights to use, copy, modify,
17 * merge, publish, distribute, sublicense, and/or sell copies of the Software,
18 * and to permit persons to whom the Software is furnished to do so, subject to
19 * the following conditions:
21 * The above copyright notice and this permission notice shall be included in
22 * all copies or substantial portions of the Software.
24 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
25 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
26 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
27 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
28 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
29 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
30 * IN THE SOFTWARE.
33 #include <linux/slab.h>
34 #include <linux/types.h>
35 #include <linux/spinlock.h>
36 #include <linux/vmalloc.h>
37 #include <linux/export.h>
38 #include <asm/xen/hypervisor.h>
39 #include <asm/xen/page.h>
40 #include <xen/interface/xen.h>
41 #include <xen/interface/event_channel.h>
42 #include <xen/balloon.h>
43 #include <xen/events.h>
44 #include <xen/grant_table.h>
45 #include <xen/xenbus.h>
46 #include <xen/xen.h>
48 #include "xenbus_probe.h"
50 struct xenbus_map_node {
51 struct list_head next;
52 union {
53 struct vm_struct *area; /* PV */
54 struct page *page; /* HVM */
56 grant_handle_t handle;
59 static DEFINE_SPINLOCK(xenbus_valloc_lock);
60 static LIST_HEAD(xenbus_valloc_pages);
62 struct xenbus_ring_ops {
63 int (*map)(struct xenbus_device *dev, int gnt, void **vaddr);
64 int (*unmap)(struct xenbus_device *dev, void *vaddr);
67 static const struct xenbus_ring_ops *ring_ops __read_mostly;
69 const char *xenbus_strstate(enum xenbus_state state)
71 static const char *const name[] = {
72 [ XenbusStateUnknown ] = "Unknown",
73 [ XenbusStateInitialising ] = "Initialising",
74 [ XenbusStateInitWait ] = "InitWait",
75 [ XenbusStateInitialised ] = "Initialised",
76 [ XenbusStateConnected ] = "Connected",
77 [ XenbusStateClosing ] = "Closing",
78 [ XenbusStateClosed ] = "Closed",
79 [XenbusStateReconfiguring] = "Reconfiguring",
80 [XenbusStateReconfigured] = "Reconfigured",
82 return (state < ARRAY_SIZE(name)) ? name[state] : "INVALID";
84 EXPORT_SYMBOL_GPL(xenbus_strstate);
86 /**
87 * xenbus_watch_path - register a watch
88 * @dev: xenbus device
89 * @path: path to watch
90 * @watch: watch to register
91 * @callback: callback to register
93 * Register a @watch on the given path, using the given xenbus_watch structure
94 * for storage, and the given @callback function as the callback. Return 0 on
95 * success, or -errno on error. On success, the given @path will be saved as
96 * @watch->node, and remains the caller's to free. On error, @watch->node will
97 * be NULL, the device will switch to %XenbusStateClosing, and the error will
98 * be saved in the store.
100 int xenbus_watch_path(struct xenbus_device *dev, const char *path,
101 struct xenbus_watch *watch,
102 void (*callback)(struct xenbus_watch *,
103 const char **, unsigned int))
105 int err;
107 watch->node = path;
108 watch->callback = callback;
110 err = register_xenbus_watch(watch);
112 if (err) {
113 watch->node = NULL;
114 watch->callback = NULL;
115 xenbus_dev_fatal(dev, err, "adding watch on %s", path);
118 return err;
120 EXPORT_SYMBOL_GPL(xenbus_watch_path);
124 * xenbus_watch_pathfmt - register a watch on a sprintf-formatted path
125 * @dev: xenbus device
126 * @watch: watch to register
127 * @callback: callback to register
128 * @pathfmt: format of path to watch
130 * Register a watch on the given @path, using the given xenbus_watch
131 * structure for storage, and the given @callback function as the callback.
132 * Return 0 on success, or -errno on error. On success, the watched path
133 * (@path/@path2) will be saved as @watch->node, and becomes the caller's to
134 * kfree(). On error, watch->node will be NULL, so the caller has nothing to
135 * free, the device will switch to %XenbusStateClosing, and the error will be
136 * saved in the store.
138 int xenbus_watch_pathfmt(struct xenbus_device *dev,
139 struct xenbus_watch *watch,
140 void (*callback)(struct xenbus_watch *,
141 const char **, unsigned int),
142 const char *pathfmt, ...)
144 int err;
145 va_list ap;
146 char *path;
148 va_start(ap, pathfmt);
149 path = kvasprintf(GFP_NOIO | __GFP_HIGH, pathfmt, ap);
150 va_end(ap);
152 if (!path) {
153 xenbus_dev_fatal(dev, -ENOMEM, "allocating path for watch");
154 return -ENOMEM;
156 err = xenbus_watch_path(dev, path, watch, callback);
158 if (err)
159 kfree(path);
160 return err;
162 EXPORT_SYMBOL_GPL(xenbus_watch_pathfmt);
164 static void xenbus_switch_fatal(struct xenbus_device *, int, int,
165 const char *, ...);
167 static int
168 __xenbus_switch_state(struct xenbus_device *dev,
169 enum xenbus_state state, int depth)
171 /* We check whether the state is currently set to the given value, and
172 if not, then the state is set. We don't want to unconditionally
173 write the given state, because we don't want to fire watches
174 unnecessarily. Furthermore, if the node has gone, we don't write
175 to it, as the device will be tearing down, and we don't want to
176 resurrect that directory.
178 Note that, because of this cached value of our state, this
179 function will not take a caller's Xenstore transaction
180 (something it was trying to in the past) because dev->state
181 would not get reset if the transaction was aborted.
184 struct xenbus_transaction xbt;
185 int current_state;
186 int err, abort;
188 if (state == dev->state)
189 return 0;
191 again:
192 abort = 1;
194 err = xenbus_transaction_start(&xbt);
195 if (err) {
196 xenbus_switch_fatal(dev, depth, err, "starting transaction");
197 return 0;
200 err = xenbus_scanf(xbt, dev->nodename, "state", "%d", &current_state);
201 if (err != 1)
202 goto abort;
204 err = xenbus_printf(xbt, dev->nodename, "state", "%d", state);
205 if (err) {
206 xenbus_switch_fatal(dev, depth, err, "writing new state");
207 goto abort;
210 abort = 0;
211 abort:
212 err = xenbus_transaction_end(xbt, abort);
213 if (err) {
214 if (err == -EAGAIN && !abort)
215 goto again;
216 xenbus_switch_fatal(dev, depth, err, "ending transaction");
217 } else
218 dev->state = state;
220 return 0;
224 * xenbus_switch_state
225 * @dev: xenbus device
226 * @state: new state
228 * Advertise in the store a change of the given driver to the given new_state.
229 * Return 0 on success, or -errno on error. On error, the device will switch
230 * to XenbusStateClosing, and the error will be saved in the store.
232 int xenbus_switch_state(struct xenbus_device *dev, enum xenbus_state state)
234 return __xenbus_switch_state(dev, state, 0);
237 EXPORT_SYMBOL_GPL(xenbus_switch_state);
239 int xenbus_frontend_closed(struct xenbus_device *dev)
241 xenbus_switch_state(dev, XenbusStateClosed);
242 complete(&dev->down);
243 return 0;
245 EXPORT_SYMBOL_GPL(xenbus_frontend_closed);
248 * Return the path to the error node for the given device, or NULL on failure.
249 * If the value returned is non-NULL, then it is the caller's to kfree.
251 static char *error_path(struct xenbus_device *dev)
253 return kasprintf(GFP_KERNEL, "error/%s", dev->nodename);
257 static void xenbus_va_dev_error(struct xenbus_device *dev, int err,
258 const char *fmt, va_list ap)
260 int ret;
261 unsigned int len;
262 char *printf_buffer = NULL;
263 char *path_buffer = NULL;
265 #define PRINTF_BUFFER_SIZE 4096
266 printf_buffer = kmalloc(PRINTF_BUFFER_SIZE, GFP_KERNEL);
267 if (printf_buffer == NULL)
268 goto fail;
270 len = sprintf(printf_buffer, "%i ", -err);
271 ret = vsnprintf(printf_buffer+len, PRINTF_BUFFER_SIZE-len, fmt, ap);
273 BUG_ON(len + ret > PRINTF_BUFFER_SIZE-1);
275 dev_err(&dev->dev, "%s\n", printf_buffer);
277 path_buffer = error_path(dev);
279 if (path_buffer == NULL) {
280 dev_err(&dev->dev, "failed to write error node for %s (%s)\n",
281 dev->nodename, printf_buffer);
282 goto fail;
285 if (xenbus_write(XBT_NIL, path_buffer, "error", printf_buffer) != 0) {
286 dev_err(&dev->dev, "failed to write error node for %s (%s)\n",
287 dev->nodename, printf_buffer);
288 goto fail;
291 fail:
292 kfree(printf_buffer);
293 kfree(path_buffer);
298 * xenbus_dev_error
299 * @dev: xenbus device
300 * @err: error to report
301 * @fmt: error message format
303 * Report the given negative errno into the store, along with the given
304 * formatted message.
306 void xenbus_dev_error(struct xenbus_device *dev, int err, const char *fmt, ...)
308 va_list ap;
310 va_start(ap, fmt);
311 xenbus_va_dev_error(dev, err, fmt, ap);
312 va_end(ap);
314 EXPORT_SYMBOL_GPL(xenbus_dev_error);
317 * xenbus_dev_fatal
318 * @dev: xenbus device
319 * @err: error to report
320 * @fmt: error message format
322 * Equivalent to xenbus_dev_error(dev, err, fmt, args), followed by
323 * xenbus_switch_state(dev, XenbusStateClosing) to schedule an orderly
324 * closedown of this driver and its peer.
327 void xenbus_dev_fatal(struct xenbus_device *dev, int err, const char *fmt, ...)
329 va_list ap;
331 va_start(ap, fmt);
332 xenbus_va_dev_error(dev, err, fmt, ap);
333 va_end(ap);
335 xenbus_switch_state(dev, XenbusStateClosing);
337 EXPORT_SYMBOL_GPL(xenbus_dev_fatal);
340 * Equivalent to xenbus_dev_fatal(dev, err, fmt, args), but helps
341 * avoiding recursion within xenbus_switch_state.
343 static void xenbus_switch_fatal(struct xenbus_device *dev, int depth, int err,
344 const char *fmt, ...)
346 va_list ap;
348 va_start(ap, fmt);
349 xenbus_va_dev_error(dev, err, fmt, ap);
350 va_end(ap);
352 if (!depth)
353 __xenbus_switch_state(dev, XenbusStateClosing, 1);
357 * xenbus_grant_ring
358 * @dev: xenbus device
359 * @ring_mfn: mfn of ring to grant
361 * Grant access to the given @ring_mfn to the peer of the given device. Return
362 * 0 on success, or -errno on error. On error, the device will switch to
363 * XenbusStateClosing, and the error will be saved in the store.
365 int xenbus_grant_ring(struct xenbus_device *dev, unsigned long ring_mfn)
367 int err = gnttab_grant_foreign_access(dev->otherend_id, ring_mfn, 0);
368 if (err < 0)
369 xenbus_dev_fatal(dev, err, "granting access to ring page");
370 return err;
372 EXPORT_SYMBOL_GPL(xenbus_grant_ring);
376 * Allocate an event channel for the given xenbus_device, assigning the newly
377 * created local port to *port. Return 0 on success, or -errno on error. On
378 * error, the device will switch to XenbusStateClosing, and the error will be
379 * saved in the store.
381 int xenbus_alloc_evtchn(struct xenbus_device *dev, int *port)
383 struct evtchn_alloc_unbound alloc_unbound;
384 int err;
386 alloc_unbound.dom = DOMID_SELF;
387 alloc_unbound.remote_dom = dev->otherend_id;
389 err = HYPERVISOR_event_channel_op(EVTCHNOP_alloc_unbound,
390 &alloc_unbound);
391 if (err)
392 xenbus_dev_fatal(dev, err, "allocating event channel");
393 else
394 *port = alloc_unbound.port;
396 return err;
398 EXPORT_SYMBOL_GPL(xenbus_alloc_evtchn);
402 * Bind to an existing interdomain event channel in another domain. Returns 0
403 * on success and stores the local port in *port. On error, returns -errno,
404 * switches the device to XenbusStateClosing, and saves the error in XenStore.
406 int xenbus_bind_evtchn(struct xenbus_device *dev, int remote_port, int *port)
408 struct evtchn_bind_interdomain bind_interdomain;
409 int err;
411 bind_interdomain.remote_dom = dev->otherend_id;
412 bind_interdomain.remote_port = remote_port;
414 err = HYPERVISOR_event_channel_op(EVTCHNOP_bind_interdomain,
415 &bind_interdomain);
416 if (err)
417 xenbus_dev_fatal(dev, err,
418 "binding to event channel %d from domain %d",
419 remote_port, dev->otherend_id);
420 else
421 *port = bind_interdomain.local_port;
423 return err;
425 EXPORT_SYMBOL_GPL(xenbus_bind_evtchn);
429 * Free an existing event channel. Returns 0 on success or -errno on error.
431 int xenbus_free_evtchn(struct xenbus_device *dev, int port)
433 struct evtchn_close close;
434 int err;
436 close.port = port;
438 err = HYPERVISOR_event_channel_op(EVTCHNOP_close, &close);
439 if (err)
440 xenbus_dev_error(dev, err, "freeing event channel %d", port);
442 return err;
444 EXPORT_SYMBOL_GPL(xenbus_free_evtchn);
448 * xenbus_map_ring_valloc
449 * @dev: xenbus device
450 * @gnt_ref: grant reference
451 * @vaddr: pointer to address to be filled out by mapping
453 * Based on Rusty Russell's skeleton driver's map_page.
454 * Map a page of memory into this domain from another domain's grant table.
455 * xenbus_map_ring_valloc allocates a page of virtual address space, maps the
456 * page to that address, and sets *vaddr to that address.
457 * Returns 0 on success, and GNTST_* (see xen/include/interface/grant_table.h)
458 * or -ENOMEM on error. If an error is returned, device will switch to
459 * XenbusStateClosing and the error message will be saved in XenStore.
461 int xenbus_map_ring_valloc(struct xenbus_device *dev, int gnt_ref, void **vaddr)
463 return ring_ops->map(dev, gnt_ref, vaddr);
465 EXPORT_SYMBOL_GPL(xenbus_map_ring_valloc);
467 static int xenbus_map_ring_valloc_pv(struct xenbus_device *dev,
468 int gnt_ref, void **vaddr)
470 struct gnttab_map_grant_ref op = {
471 .flags = GNTMAP_host_map | GNTMAP_contains_pte,
472 .ref = gnt_ref,
473 .dom = dev->otherend_id,
475 struct xenbus_map_node *node;
476 struct vm_struct *area;
477 pte_t *pte;
479 *vaddr = NULL;
481 node = kzalloc(sizeof(*node), GFP_KERNEL);
482 if (!node)
483 return -ENOMEM;
485 area = alloc_vm_area(PAGE_SIZE, &pte);
486 if (!area) {
487 kfree(node);
488 return -ENOMEM;
491 op.host_addr = arbitrary_virt_to_machine(pte).maddr;
493 if (HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, &op, 1))
494 BUG();
496 if (op.status != GNTST_okay) {
497 free_vm_area(area);
498 kfree(node);
499 xenbus_dev_fatal(dev, op.status,
500 "mapping in shared page %d from domain %d",
501 gnt_ref, dev->otherend_id);
502 return op.status;
505 node->handle = op.handle;
506 node->area = area;
508 spin_lock(&xenbus_valloc_lock);
509 list_add(&node->next, &xenbus_valloc_pages);
510 spin_unlock(&xenbus_valloc_lock);
512 *vaddr = area->addr;
513 return 0;
516 static int xenbus_map_ring_valloc_hvm(struct xenbus_device *dev,
517 int gnt_ref, void **vaddr)
519 struct xenbus_map_node *node;
520 int err;
521 void *addr;
523 *vaddr = NULL;
525 node = kzalloc(sizeof(*node), GFP_KERNEL);
526 if (!node)
527 return -ENOMEM;
529 err = alloc_xenballooned_pages(1, &node->page, false /* lowmem */);
530 if (err)
531 goto out_err;
533 addr = pfn_to_kaddr(page_to_pfn(node->page));
535 err = xenbus_map_ring(dev, gnt_ref, &node->handle, addr);
536 if (err)
537 goto out_err;
539 spin_lock(&xenbus_valloc_lock);
540 list_add(&node->next, &xenbus_valloc_pages);
541 spin_unlock(&xenbus_valloc_lock);
543 *vaddr = addr;
544 return 0;
546 out_err:
547 free_xenballooned_pages(1, &node->page);
548 kfree(node);
549 return err;
554 * xenbus_map_ring
555 * @dev: xenbus device
556 * @gnt_ref: grant reference
557 * @handle: pointer to grant handle to be filled
558 * @vaddr: address to be mapped to
560 * Map a page of memory into this domain from another domain's grant table.
561 * xenbus_map_ring does not allocate the virtual address space (you must do
562 * this yourself!). It only maps in the page to the specified address.
563 * Returns 0 on success, and GNTST_* (see xen/include/interface/grant_table.h)
564 * or -ENOMEM on error. If an error is returned, device will switch to
565 * XenbusStateClosing and the error message will be saved in XenStore.
567 int xenbus_map_ring(struct xenbus_device *dev, int gnt_ref,
568 grant_handle_t *handle, void *vaddr)
570 struct gnttab_map_grant_ref op;
572 gnttab_set_map_op(&op, (phys_addr_t)vaddr, GNTMAP_host_map, gnt_ref,
573 dev->otherend_id);
575 if (HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, &op, 1))
576 BUG();
578 if (op.status != GNTST_okay) {
579 xenbus_dev_fatal(dev, op.status,
580 "mapping in shared page %d from domain %d",
581 gnt_ref, dev->otherend_id);
582 } else
583 *handle = op.handle;
585 return op.status;
587 EXPORT_SYMBOL_GPL(xenbus_map_ring);
591 * xenbus_unmap_ring_vfree
592 * @dev: xenbus device
593 * @vaddr: addr to unmap
595 * Based on Rusty Russell's skeleton driver's unmap_page.
596 * Unmap a page of memory in this domain that was imported from another domain.
597 * Use xenbus_unmap_ring_vfree if you mapped in your memory with
598 * xenbus_map_ring_valloc (it will free the virtual address space).
599 * Returns 0 on success and returns GNTST_* on error
600 * (see xen/include/interface/grant_table.h).
602 int xenbus_unmap_ring_vfree(struct xenbus_device *dev, void *vaddr)
604 return ring_ops->unmap(dev, vaddr);
606 EXPORT_SYMBOL_GPL(xenbus_unmap_ring_vfree);
608 static int xenbus_unmap_ring_vfree_pv(struct xenbus_device *dev, void *vaddr)
610 struct xenbus_map_node *node;
611 struct gnttab_unmap_grant_ref op = {
612 .host_addr = (unsigned long)vaddr,
614 unsigned int level;
616 spin_lock(&xenbus_valloc_lock);
617 list_for_each_entry(node, &xenbus_valloc_pages, next) {
618 if (node->area->addr == vaddr) {
619 list_del(&node->next);
620 goto found;
623 node = NULL;
624 found:
625 spin_unlock(&xenbus_valloc_lock);
627 if (!node) {
628 xenbus_dev_error(dev, -ENOENT,
629 "can't find mapped virtual address %p", vaddr);
630 return GNTST_bad_virt_addr;
633 op.handle = node->handle;
634 op.host_addr = arbitrary_virt_to_machine(
635 lookup_address((unsigned long)vaddr, &level)).maddr;
637 if (HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, &op, 1))
638 BUG();
640 if (op.status == GNTST_okay)
641 free_vm_area(node->area);
642 else
643 xenbus_dev_error(dev, op.status,
644 "unmapping page at handle %d error %d",
645 node->handle, op.status);
647 kfree(node);
648 return op.status;
651 static int xenbus_unmap_ring_vfree_hvm(struct xenbus_device *dev, void *vaddr)
653 int rv;
654 struct xenbus_map_node *node;
655 void *addr;
657 spin_lock(&xenbus_valloc_lock);
658 list_for_each_entry(node, &xenbus_valloc_pages, next) {
659 addr = pfn_to_kaddr(page_to_pfn(node->page));
660 if (addr == vaddr) {
661 list_del(&node->next);
662 goto found;
665 node = NULL;
666 found:
667 spin_unlock(&xenbus_valloc_lock);
669 if (!node) {
670 xenbus_dev_error(dev, -ENOENT,
671 "can't find mapped virtual address %p", vaddr);
672 return GNTST_bad_virt_addr;
675 rv = xenbus_unmap_ring(dev, node->handle, addr);
677 if (!rv)
678 free_xenballooned_pages(1, &node->page);
679 else
680 WARN(1, "Leaking %p\n", vaddr);
682 kfree(node);
683 return rv;
687 * xenbus_unmap_ring
688 * @dev: xenbus device
689 * @handle: grant handle
690 * @vaddr: addr to unmap
692 * Unmap a page of memory in this domain that was imported from another domain.
693 * Returns 0 on success and returns GNTST_* on error
694 * (see xen/include/interface/grant_table.h).
696 int xenbus_unmap_ring(struct xenbus_device *dev,
697 grant_handle_t handle, void *vaddr)
699 struct gnttab_unmap_grant_ref op;
701 gnttab_set_unmap_op(&op, (phys_addr_t)vaddr, GNTMAP_host_map, handle);
703 if (HYPERVISOR_grant_table_op(GNTTABOP_unmap_grant_ref, &op, 1))
704 BUG();
706 if (op.status != GNTST_okay)
707 xenbus_dev_error(dev, op.status,
708 "unmapping page at handle %d error %d",
709 handle, op.status);
711 return op.status;
713 EXPORT_SYMBOL_GPL(xenbus_unmap_ring);
717 * xenbus_read_driver_state
718 * @path: path for driver
720 * Return the state of the driver rooted at the given store path, or
721 * XenbusStateUnknown if no state can be read.
723 enum xenbus_state xenbus_read_driver_state(const char *path)
725 enum xenbus_state result;
726 int err = xenbus_gather(XBT_NIL, path, "state", "%d", &result, NULL);
727 if (err)
728 result = XenbusStateUnknown;
730 return result;
732 EXPORT_SYMBOL_GPL(xenbus_read_driver_state);
734 static const struct xenbus_ring_ops ring_ops_pv = {
735 .map = xenbus_map_ring_valloc_pv,
736 .unmap = xenbus_unmap_ring_vfree_pv,
739 static const struct xenbus_ring_ops ring_ops_hvm = {
740 .map = xenbus_map_ring_valloc_hvm,
741 .unmap = xenbus_unmap_ring_vfree_hvm,
744 void __init xenbus_ring_ops_init(void)
746 if (xen_pv_domain())
747 ring_ops = &ring_ops_pv;
748 else
749 ring_ops = &ring_ops_hvm;