projects / linux-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
s390/vfio-ap: add s390dbf logging to the handle_pqap function
[linux-block.git] / drivers / s390 / crypto / vfio_ap_ops.c
CommitLineData
65f06713
TK		 1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Adjunct processor matrix VFIO device driver callbacks.
4 *
5 * Copyright IBM Corp. 2018
6 *
7 * Author(s): Tony Krowiak <akrowiak@linux.ibm.com>
8 * Halil Pasic <pasic@linux.ibm.com>
9 * Pierre Morel <pmorel@linux.ibm.com>
10 */
11#include <linux/string.h>
12#include <linux/vfio.h>
13#include <linux/device.h>
14#include <linux/list.h>
15#include <linux/ctype.h>
258287c9
TK		 16#include <linux/bitops.h>
17#include <linux/kvm_host.h>
18#include <linux/module.h>
68f554b7 19#include <linux/uuid.h>
258287c9 20#include <asm/kvm.h>
65f06713
TK		 21#include <asm/zcrypt.h>
22
23#include "vfio_ap_private.h"
68f554b7 24#include "vfio_ap_debug.h"
65f06713
TK		 25
26#define VFIO_AP_MDEV_TYPE_HWVIRT "passthrough"
27#define VFIO_AP_MDEV_NAME_HWVIRT "VFIO AP Passthrough Device"
28
eb0feefd 29static int vfio_ap_mdev_reset_queues(struct ap_matrix_mdev *matrix_mdev);
6c12a638 30static struct vfio_ap_queue *vfio_ap_find_queue(int apqn);
eb0feefd 31static const struct vfio_device_ops vfio_ap_matrix_dev_ops;
ec89b55e 32
f632a817 33static int match_apqn(struct device *dev, const void *data)
ec89b55e
PM		 34{
35 struct vfio_ap_queue *q = dev_get_drvdata(dev);
36
37 return (q->apqn == *(int *)(data)) ? 1 : 0;
38}
39
40/**
0c1abe7c 41 * vfio_ap_get_queue - retrieve a queue with a specific APQN from a list
ec89b55e
PM		 42 * @matrix_mdev: the associated mediated matrix
43 * @apqn: The queue APQN
44 *
45 * Retrieve a queue with a specific APQN from the list of the
46 * devices of the vfio_ap_drv.
47 * Verify that the APID and the APQI are set in the matrix.
48 *
0c1abe7c 49 * Return: the pointer to the associated vfio_ap_queue
ec89b55e
PM		 50 */
51static struct vfio_ap_queue *vfio_ap_get_queue(
52 struct ap_matrix_mdev *matrix_mdev,
53 int apqn)
54{
55 struct vfio_ap_queue *q;
ec89b55e
PM		 56
57 if (!test_bit_inv(AP_QID_CARD(apqn), matrix_mdev->matrix.apm))
58 return NULL;
59 if (!test_bit_inv(AP_QID_QUEUE(apqn), matrix_mdev->matrix.aqm))
60 return NULL;
61
6c12a638
TK		 62 q = vfio_ap_find_queue(apqn);
63 if (q)
64 q->matrix_mdev = matrix_mdev;
ec89b55e
PM		 65
66 return q;
67}
68
69/**
0c1abe7c 70 * vfio_ap_wait_for_irqclear - clears the IR bit or gives up after 5 tries
ec89b55e
PM		 71 * @apqn: The AP Queue number
72 *
73 * Checks the IRQ bit for the status of this APQN using ap_tapq.
74 * Returns if the ap_tapq function succeeded and the bit is clear.
75 * Returns if ap_tapq function failed with invalid, deconfigured or
76 * checkstopped AP.
77 * Otherwise retries up to 5 times after waiting 20ms.
ec89b55e
PM		 78 */
79static void vfio_ap_wait_for_irqclear(int apqn)
80{
81 struct ap_queue_status status;
82 int retry = 5;
83
84 do {
85 status = ap_tapq(apqn, NULL);
86 switch (status.response_code) {
87 case AP_RESPONSE_NORMAL:
88 case AP_RESPONSE_RESET_IN_PROGRESS:
89 if (!status.irq_enabled)
90 return;
0696178e 91 fallthrough;
ec89b55e
PM		 92 case AP_RESPONSE_BUSY:
93 msleep(20);
94 break;
95 case AP_RESPONSE_Q_NOT_AVAIL:
96 case AP_RESPONSE_DECONFIGURED:
97 case AP_RESPONSE_CHECKSTOPPED:
98 default:
99 WARN_ONCE(1, "%s: tapq rc %02x: %04x\n", __func__,
100 status.response_code, apqn);
101 return;
102 }
103 } while (--retry);
104
105 WARN_ONCE(1, "%s: tapq rc %02x: %04x could not clear IR bit\n",
106 __func__, status.response_code, apqn);
107}
108
109/**
0c1abe7c 110 * vfio_ap_free_aqic_resources - free vfio_ap_queue resources
ec89b55e
PM		 111 * @q: The vfio_ap_queue
112 *
113 * Unregisters the ISC in the GIB when the saved ISC not invalid.
0c1abe7c
RD		 114 * Unpins the guest's page holding the NIB when it exists.
115 * Resets the saved_pfn and saved_isc to invalid values.
ec89b55e
PM		 116 */
117static void vfio_ap_free_aqic_resources(struct vfio_ap_queue *q)
118{
6c12a638
TK		 119 if (!q)
120 return;
121 if (q->saved_isc != VFIO_AP_ISC_INVALID &&
122 !WARN_ON(!(q->matrix_mdev && q->matrix_mdev->kvm))) {
ec89b55e 123 kvm_s390_gisc_unregister(q->matrix_mdev->kvm, q->saved_isc);
6c12a638
TK		 124 q->saved_isc = VFIO_AP_ISC_INVALID;
125 }
126 if (q->saved_pfn && !WARN_ON(!q->matrix_mdev)) {
ec89b55e
PM		 127 vfio_unpin_pages(mdev_dev(q->matrix_mdev->mdev),
128 &q->saved_pfn, 1);
6c12a638
TK		 129 q->saved_pfn = 0;
130 }
ec89b55e
PM		 131}
132
133/**
0c1abe7c 134 * vfio_ap_irq_disable - disables and clears an ap_queue interrupt
ec89b55e
PM		 135 * @q: The vfio_ap_queue
136 *
137 * Uses ap_aqic to disable the interruption and in case of success, reset
138 * in progress or IRQ disable command already proceeded: calls
139 * vfio_ap_wait_for_irqclear() to check for the IRQ bit to be clear
140 * and calls vfio_ap_free_aqic_resources() to free the resources associated
141 * with the AP interrupt handling.
142 *
143 * In the case the AP is busy, or a reset is in progress,
144 * retries after 20ms, up to 5 times.
145 *
146 * Returns if ap_aqic function failed with invalid, deconfigured or
147 * checkstopped AP.
0c1abe7c
RD		 148 *
149 * Return: &struct ap_queue_status
ec89b55e 150 */
6c12a638 151static struct ap_queue_status vfio_ap_irq_disable(struct vfio_ap_queue *q)
ec89b55e
PM		 152{
153 struct ap_qirq_ctrl aqic_gisa = {};
154 struct ap_queue_status status;
155 int retries = 5;
156
157 do {
158 status = ap_aqic(q->apqn, aqic_gisa, NULL);
159 switch (status.response_code) {
160 case AP_RESPONSE_OTHERWISE_CHANGED:
161 case AP_RESPONSE_NORMAL:
162 vfio_ap_wait_for_irqclear(q->apqn);
163 goto end_free;
164 case AP_RESPONSE_RESET_IN_PROGRESS:
165 case AP_RESPONSE_BUSY:
166 msleep(20);
167 break;
168 case AP_RESPONSE_Q_NOT_AVAIL:
169 case AP_RESPONSE_DECONFIGURED:
170 case AP_RESPONSE_CHECKSTOPPED:
171 case AP_RESPONSE_INVALID_ADDRESS:
172 default:
173 /* All cases in default means AP not operational */
174 WARN_ONCE(1, "%s: ap_aqic status %d\n", __func__,
175 status.response_code);
176 goto end_free;
177 }
178 } while (retries--);
179
180 WARN_ONCE(1, "%s: ap_aqic status %d\n", __func__,
181 status.response_code);
182end_free:
183 vfio_ap_free_aqic_resources(q);
5c4c2126 184 q->matrix_mdev = NULL;
ec89b55e
PM		 185 return status;
186}
187
188/**
0c1abe7c 189 * vfio_ap_irq_enable - Enable Interruption for a APQN
ec89b55e 190 *
ec89b55e 191 * @q: the vfio_ap_queue holding AQIC parameters
5ef4f710
TK		 192 * @isc: the guest ISC to register with the GIB interface
193 * @nib: the notification indicator byte to pin.
ec89b55e
PM		 194 *
195 * Pin the NIB saved in *q
196 * Register the guest ISC to GIB interface and retrieve the
197 * host ISC to issue the host side PQAP/AQIC
198 *
199 * Response.status may be set to AP_RESPONSE_INVALID_ADDRESS in case the
200 * vfio_pin_pages failed.
201 *
202 * Otherwise return the ap_queue_status returned by the ap_aqic(),
203 * all retry handling will be done by the guest.
0c1abe7c
RD		 204 *
205 * Return: &struct ap_queue_status
ec89b55e
PM		 206 */
207static struct ap_queue_status vfio_ap_irq_enable(struct vfio_ap_queue *q,
208 int isc,
209 unsigned long nib)
210{
211 struct ap_qirq_ctrl aqic_gisa = {};
212 struct ap_queue_status status = {};
213 struct kvm_s390_gisa *gisa;
214 struct kvm *kvm;
215 unsigned long h_nib, g_pfn, h_pfn;
216 int ret;
217
218 g_pfn = nib >> PAGE_SHIFT;
219 ret = vfio_pin_pages(mdev_dev(q->matrix_mdev->mdev), &g_pfn, 1,
220 IOMMU_READ | IOMMU_WRITE, &h_pfn);
221 switch (ret) {
222 case 1:
223 break;
224 default:
225 status.response_code = AP_RESPONSE_INVALID_ADDRESS;
226 return status;
227 }
228
229 kvm = q->matrix_mdev->kvm;
230 gisa = kvm->arch.gisa_int.origin;
231
232 h_nib = (h_pfn << PAGE_SHIFT) | (nib & ~PAGE_MASK);
233 aqic_gisa.gisc = isc;
234 aqic_gisa.isc = kvm_s390_gisc_register(kvm, isc);
235 aqic_gisa.ir = 1;
236 aqic_gisa.gisa = (uint64_t)gisa >> 4;
237
238 status = ap_aqic(q->apqn, aqic_gisa, (void *)h_nib);
239 switch (status.response_code) {
240 case AP_RESPONSE_NORMAL:
241 /* See if we did clear older IRQ configuration */
242 vfio_ap_free_aqic_resources(q);
243 q->saved_pfn = g_pfn;
244 q->saved_isc = isc;
245 break;
246 case AP_RESPONSE_OTHERWISE_CHANGED:
247 /* We could not modify IRQ setings: clear new configuration */
248 vfio_unpin_pages(mdev_dev(q->matrix_mdev->mdev), &g_pfn, 1);
249 kvm_s390_gisc_unregister(kvm, isc);
250 break;
251 default:
252 pr_warn("%s: apqn %04x: response: %02x\n", __func__, q->apqn,
253 status.response_code);
254 vfio_ap_irq_disable(q);
255 break;
256 }
257
258 return status;
259}
260
68f554b7
TK		 261/**
262 * vfio_ap_le_guid_to_be_uuid - convert a little endian guid array into an array
263 * of big endian elements that can be passed by
264 * value to an s390dbf sprintf event function to
265 * format a UUID string.
266 *
267 * @guid: the object containing the little endian guid
268 * @uuid: a six-element array of long values that can be passed by value as
269 * arguments for a formatting string specifying a UUID.
270 *
271 * The S390 Debug Feature (s390dbf) allows the use of "%s" in the sprintf
272 * event functions if the memory for the passed string is available as long as
273 * the debug feature exists. Since a mediated device can be removed at any
274 * time, it's name can not be used because %s passes the reference to the string
275 * in memory and the reference will go stale once the device is removed .
276 *
277 * The s390dbf string formatting function allows a maximum of 9 arguments for a
278 * message to be displayed in the 'sprintf' view. In order to use the bytes
279 * comprising the mediated device's UUID to display the mediated device name,
280 * they will have to be converted into an array whose elements can be passed by
281 * value to sprintf. For example:
282 *
283 * guid array: { 83, 78, 17, 62, bb, f1, f0, 47, 91, 4d, 32, a2, 2e, 3a, 88, 04 }
284 * mdev name: 62177883-f1bb-47f0-914d-32a22e3a8804
285 * array returned: { 62177883, f1bb, 47f0, 914d, 32a2, 2e3a8804 }
286 * formatting string: "%08lx-%04lx-%04lx-%04lx-%02lx%04lx"
287 */
288static void vfio_ap_le_guid_to_be_uuid(guid_t *guid, unsigned long *uuid)
289{
290 /*
291 * The input guid is ordered in little endian, so it needs to be
292 * reordered for displaying a UUID as a string. This specifies the
293 * guid indices in proper order.
294 */
295 uuid[0] = le32_to_cpup((__le32 *)guid);
296 uuid[1] = le16_to_cpup((__le16 *)&guid->b[4]);
297 uuid[2] = le16_to_cpup((__le16 *)&guid->b[6]);
298 uuid[3] = *((__u16 *)&guid->b[8]);
299 uuid[4] = *((__u16 *)&guid->b[10]);
300 uuid[5] = *((__u32 *)&guid->b[12]);
301}
302
ec89b55e 303/**
0c1abe7c 304 * handle_pqap - PQAP instruction callback
ec89b55e
PM		 305 *
306 * @vcpu: The vcpu on which we received the PQAP instruction
307 *
308 * Get the general register contents to initialize internal variables.
309 * REG[0]: APQN
310 * REG[1]: IR and ISC
311 * REG[2]: NIB
312 *
313 * Response.status may be set to following Response Code:
314 * - AP_RESPONSE_Q_NOT_AVAIL: if the queue is not available
315 * - AP_RESPONSE_DECONFIGURED: if the queue is not configured
316 * - AP_RESPONSE_NORMAL (0) : in case of successs
317 * Check vfio_ap_setirq() and vfio_ap_clrirq() for other possible RC.
318 * We take the matrix_dev lock to ensure serialization on queues and
319 * mediated device access.
320 *
0c1abe7c
RD		 321 * Return: 0 if we could handle the request inside KVM.
322 * Otherwise, returns -EOPNOTSUPP to let QEMU handle the fault.
ec89b55e
PM		 323 */
324static int handle_pqap(struct kvm_vcpu *vcpu)
325{
326 uint64_t status;
327 uint16_t apqn;
68f554b7 328 unsigned long uuid[6];
ec89b55e
PM		 329 struct vfio_ap_queue *q;
330 struct ap_queue_status qstatus = {
331 .response_code = AP_RESPONSE_Q_NOT_AVAIL, };
332 struct ap_matrix_mdev *matrix_mdev;
333
68f554b7
TK		 334 apqn = vcpu->run->s.regs.gprs[0] & 0xffff;
335
ec89b55e 336 /* If we do not use the AIV facility just go to userland */
68f554b7
TK		 337 if (!(vcpu->arch.sie_block->eca & ECA_AIV)) {
338 VFIO_AP_DBF_WARN("%s: AIV facility not installed: apqn=0x%04x, eca=0x%04x\n",
339 __func__, apqn, vcpu->arch.sie_block->eca);
340
ec89b55e 341 return -EOPNOTSUPP;
68f554b7 342 }
ec89b55e 343
ec89b55e 344 mutex_lock(&matrix_dev->lock);
68f554b7
TK		 345 if (!vcpu->kvm->arch.crypto.pqap_hook) {
346 VFIO_AP_DBF_WARN("%s: PQAP(AQIC) hook not registered with the vfio_ap driver: apqn=0x%04x\n",
347 __func__, apqn);
ec89b55e 348 goto out_unlock;
68f554b7
TK		 349 }
350
ec89b55e
PM		 351 matrix_mdev = container_of(vcpu->kvm->arch.crypto.pqap_hook,
352 struct ap_matrix_mdev, pqap_hook);
353
0cc00c8d 354 /* If the there is no guest using the mdev, there is nothing to do */
68f554b7
TK		 355 if (!matrix_mdev->kvm) {
356 vfio_ap_le_guid_to_be_uuid(&matrix_mdev->mdev->uuid, uuid);
357 VFIO_AP_DBF_WARN("%s: mdev %08lx-%04lx-%04lx-%04lx-%04lx%08lx not in use: apqn=0x%04x\n",
358 __func__, uuid[0], uuid[1], uuid[2],
359 uuid[3], uuid[4], uuid[5], apqn);
0cc00c8d 360 goto out_unlock;
68f554b7 361 }
0cc00c8d 362
ec89b55e 363 q = vfio_ap_get_queue(matrix_mdev, apqn);
68f554b7
TK		 364 if (!q) {
365 VFIO_AP_DBF_WARN("%s: Queue %02x.%04x not bound to the vfio_ap driver\n",
366 __func__, AP_QID_CARD(apqn),
367 AP_QID_QUEUE(apqn));
ec89b55e 368 goto out_unlock;
68f554b7 369 }
ec89b55e
PM		 370
371 status = vcpu->run->s.regs.gprs[1];
372
373 /* If IR bit(16) is set we enable the interrupt */
374 if ((status >> (63 - 16)) & 0x01)
375 qstatus = vfio_ap_irq_enable(q, status & 0x07,
376 vcpu->run->s.regs.gprs[2]);
377 else
378 qstatus = vfio_ap_irq_disable(q);
379
380out_unlock:
381 memcpy(&vcpu->run->s.regs.gprs[1], &qstatus, sizeof(qstatus));
382 vcpu->run->s.regs.gprs[1] >>= 32;
383 mutex_unlock(&matrix_dev->lock);
384 return 0;
385}
386
65f06713
TK		 387static void vfio_ap_matrix_init(struct ap_config_info *info,
388 struct ap_matrix *matrix)
389{
390 matrix->apm_max = info->apxa ? info->Na : 63;
391 matrix->aqm_max = info->apxa ? info->Nd : 15;
392 matrix->adm_max = info->apxa ? info->Nd : 15;
393}
394
eb0feefd 395static int vfio_ap_mdev_probe(struct mdev_device *mdev)
65f06713
TK		 396{
397 struct ap_matrix_mdev *matrix_mdev;
eb0feefd 398 int ret;
65f06713
TK		 399
400 if ((atomic_dec_if_positive(&matrix_dev->available_instances) < 0))
401 return -EPERM;
402
403 matrix_mdev = kzalloc(sizeof(*matrix_mdev), GFP_KERNEL);
404 if (!matrix_mdev) {
eb0feefd
JG		 405 ret = -ENOMEM;
406 goto err_dec_available;
65f06713 407 }
eb0feefd
JG		 408 vfio_init_group_dev(&matrix_mdev->vdev, &mdev->dev,
409 &vfio_ap_matrix_dev_ops);
65f06713 410
ec89b55e 411 matrix_mdev->mdev = mdev;
65f06713 412 vfio_ap_matrix_init(&matrix_dev->info, &matrix_mdev->matrix);
1e753732 413 matrix_mdev->pqap_hook = handle_pqap;
65f06713
TK		 414 mutex_lock(&matrix_dev->lock);
415 list_add(&matrix_mdev->node, &matrix_dev->mdev_list);
416 mutex_unlock(&matrix_dev->lock);
417
c68ea0d0 418 ret = vfio_register_emulated_iommu_dev(&matrix_mdev->vdev);
eb0feefd
JG		 419 if (ret)
420 goto err_list;
421 dev_set_drvdata(&mdev->dev, matrix_mdev);
65f06713 422 return 0;
eb0feefd
JG		 423
424err_list:
425 mutex_lock(&matrix_dev->lock);
426 list_del(&matrix_mdev->node);
427 mutex_unlock(&matrix_dev->lock);
42de956c 428 vfio_uninit_group_dev(&matrix_mdev->vdev);
eb0feefd
JG		 429 kfree(matrix_mdev);
430err_dec_available:
431 atomic_inc(&matrix_dev->available_instances);
432 return ret;
65f06713
TK		 433}
434
eb0feefd 435static void vfio_ap_mdev_remove(struct mdev_device *mdev)
65f06713 436{
eb0feefd
JG		 437 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(&mdev->dev);
438
439 vfio_unregister_group_dev(&matrix_mdev->vdev);
65f06713 440
0cc00c8d 441 mutex_lock(&matrix_dev->lock);
eb0feefd 442 vfio_ap_mdev_reset_queues(matrix_mdev);
65f06713 443 list_del(&matrix_mdev->node);
42de956c
JG		 444 mutex_unlock(&matrix_dev->lock);
445 vfio_uninit_group_dev(&matrix_mdev->vdev);
65f06713 446 kfree(matrix_mdev);
65f06713 447 atomic_inc(&matrix_dev->available_instances);
65f06713
TK		 448}
449
9169cff1
JG		 450static ssize_t name_show(struct mdev_type *mtype,
451 struct mdev_type_attribute *attr, char *buf)
65f06713
TK		 452{
453 return sprintf(buf, "%s\n", VFIO_AP_MDEV_NAME_HWVIRT);
454}
455
46623ab3 456static MDEV_TYPE_ATTR_RO(name);
65f06713 457
9169cff1
JG		 458static ssize_t available_instances_show(struct mdev_type *mtype,
459 struct mdev_type_attribute *attr,
460 char *buf)
65f06713
TK		 461{
462 return sprintf(buf, "%d\n",
463 atomic_read(&matrix_dev->available_instances));
464}
465
46623ab3 466static MDEV_TYPE_ATTR_RO(available_instances);
65f06713 467
9169cff1
JG		 468static ssize_t device_api_show(struct mdev_type *mtype,
469 struct mdev_type_attribute *attr, char *buf)
65f06713
TK		 470{
471 return sprintf(buf, "%s\n", VFIO_DEVICE_API_AP_STRING);
472}
473
46623ab3 474static MDEV_TYPE_ATTR_RO(device_api);
65f06713
TK		 475
476static struct attribute *vfio_ap_mdev_type_attrs[] = {
477 &mdev_type_attr_name.attr,
478 &mdev_type_attr_device_api.attr,
479 &mdev_type_attr_available_instances.attr,
480 NULL,
481};
482
483static struct attribute_group vfio_ap_mdev_hwvirt_type_group = {
484 .name = VFIO_AP_MDEV_TYPE_HWVIRT,
485 .attrs = vfio_ap_mdev_type_attrs,
486};
487
488static struct attribute_group *vfio_ap_mdev_type_groups[] = {
489 &vfio_ap_mdev_hwvirt_type_group,
490 NULL,
491};
492
96d152bd
TK		 493struct vfio_ap_queue_reserved {
494 unsigned long *apid;
495 unsigned long *apqi;
496 bool reserved;
497};
498
499/**
0c1abe7c 500 * vfio_ap_has_queue - determines if the AP queue containing the target in @data
96d152bd
TK		 501 *
502 * @dev: an AP queue device
503 * @data: a struct vfio_ap_queue_reserved reference
504 *
505 * Flags whether the AP queue device (@dev) has a queue ID containing the APQN,
506 * apid or apqi specified in @data:
507 *
508 * - If @data contains both an apid and apqi value, then @data will be flagged
509 * as reserved if the APID and APQI fields for the AP queue device matches
510 *
511 * - If @data contains only an apid value, @data will be flagged as
512 * reserved if the APID field in the AP queue device matches
513 *
514 * - If @data contains only an apqi value, @data will be flagged as
515 * reserved if the APQI field in the AP queue device matches
516 *
0c1abe7c 517 * Return: 0 to indicate the input to function succeeded. Returns -EINVAL if
96d152bd
TK		 518 * @data does not contain either an apid or apqi.
519 */
520static int vfio_ap_has_queue(struct device *dev, void *data)
521{
522 struct vfio_ap_queue_reserved *qres = data;
523 struct ap_queue *ap_queue = to_ap_queue(dev);
524 ap_qid_t qid;
525 unsigned long id;
526
527 if (qres->apid && qres->apqi) {
528 qid = AP_MKQID(*qres->apid, *qres->apqi);
529 if (qid == ap_queue->qid)
530 qres->reserved = true;
531 } else if (qres->apid && !qres->apqi) {
532 id = AP_QID_CARD(ap_queue->qid);
533 if (id == *qres->apid)
534 qres->reserved = true;
535 } else if (!qres->apid && qres->apqi) {
536 id = AP_QID_QUEUE(ap_queue->qid);
537 if (id == *qres->apqi)
538 qres->reserved = true;
539 } else {
540 return -EINVAL;
541 }
542
543 return 0;
544}
545
546/**
0c1abe7c
RD		 547 * vfio_ap_verify_queue_reserved - verifies that the AP queue containing
548 * @apid or @aqpi is reserved
96d152bd 549 *
96d152bd
TK		 550 * @apid: an AP adapter ID
551 * @apqi: an AP queue index
552 *
553 * Verifies that the AP queue with @apid/@apqi is reserved by the VFIO AP device
554 * driver according to the following rules:
555 *
556 * - If both @apid and @apqi are not NULL, then there must be an AP queue
557 * device bound to the vfio_ap driver with the APQN identified by @apid and
558 * @apqi
559 *
560 * - If only @apid is not NULL, then there must be an AP queue device bound
561 * to the vfio_ap driver with an APQN containing @apid
562 *
563 * - If only @apqi is not NULL, then there must be an AP queue device bound
564 * to the vfio_ap driver with an APQN containing @apqi
565 *
0c1abe7c 566 * Return: 0 if the AP queue is reserved; otherwise, returns -EADDRNOTAVAIL.
96d152bd
TK		 567 */
568static int vfio_ap_verify_queue_reserved(unsigned long *apid,
569 unsigned long *apqi)
570{
571 int ret;
572 struct vfio_ap_queue_reserved qres;
573
574 qres.apid = apid;
575 qres.apqi = apqi;
576 qres.reserved = false;
577
36360658
PM		 578 ret = driver_for_each_device(&matrix_dev->vfio_ap_drv->driver, NULL,
579 &qres, vfio_ap_has_queue);
96d152bd
TK		 580 if (ret)
581 return ret;
582
583 if (qres.reserved)
584 return 0;
585
586 return -EADDRNOTAVAIL;
587}
588
589static int
590vfio_ap_mdev_verify_queues_reserved_for_apid(struct ap_matrix_mdev *matrix_mdev,
591 unsigned long apid)
592{
593 int ret;
594 unsigned long apqi;
595 unsigned long nbits = matrix_mdev->matrix.aqm_max + 1;
596
597 if (find_first_bit_inv(matrix_mdev->matrix.aqm, nbits) >= nbits)
598 return vfio_ap_verify_queue_reserved(&apid, NULL);
599
600 for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, nbits) {
601 ret = vfio_ap_verify_queue_reserved(&apid, &apqi);
602 if (ret)
603 return ret;
604 }
605
606 return 0;
607}
608
609/**
0c1abe7c
RD		 610 * vfio_ap_mdev_verify_no_sharing - verifies that the AP matrix is not configured
611 *
612 * @matrix_mdev: the mediated matrix device
96d152bd
TK		 613 *
614 * Verifies that the APQNs derived from the cross product of the AP adapter IDs
615 * and AP queue indexes comprising the AP matrix are not configured for another
616 * mediated device. AP queue sharing is not allowed.
617 *
0c1abe7c 618 * Return: 0 if the APQNs are not shared; otherwise returns -EADDRINUSE.
96d152bd
TK		 619 */
620static int vfio_ap_mdev_verify_no_sharing(struct ap_matrix_mdev *matrix_mdev)
621{
622 struct ap_matrix_mdev *lstdev;
623 DECLARE_BITMAP(apm, AP_DEVICES);
624 DECLARE_BITMAP(aqm, AP_DOMAINS);
625
626 list_for_each_entry(lstdev, &matrix_dev->mdev_list, node) {
627 if (matrix_mdev == lstdev)
628 continue;
629
630 memset(apm, 0, sizeof(apm));
631 memset(aqm, 0, sizeof(aqm));
632
633 /*
634 * We work on full longs, as we can only exclude the leftover
635 * bits in non-inverse order. The leftover is all zeros.
636 */
637 if (!bitmap_and(apm, matrix_mdev->matrix.apm,
638 lstdev->matrix.apm, AP_DEVICES))
639 continue;
640
641 if (!bitmap_and(aqm, matrix_mdev->matrix.aqm,
642 lstdev->matrix.aqm, AP_DOMAINS))
643 continue;
644
645 return -EADDRINUSE;
646 }
647
648 return 0;
649}
650
651/**
0c1abe7c
RD		 652 * assign_adapter_store - parses the APID from @buf and sets the
653 * corresponding bit in the mediated matrix device's APM
96d152bd
TK		 654 *
655 * @dev: the matrix device
656 * @attr: the mediated matrix device's assign_adapter attribute
657 * @buf: a buffer containing the AP adapter number (APID) to
658 * be assigned
659 * @count: the number of bytes in @buf
660 *
0c1abe7c 661 * Return: the number of bytes processed if the APID is valid; otherwise,
96d152bd
TK		 662 * returns one of the following errors:
663 *
664 * 1. -EINVAL
665 * The APID is not a valid number
666 *
667 * 2. -ENODEV
668 * The APID exceeds the maximum value configured for the system
669 *
670 * 3. -EADDRNOTAVAIL
671 * An APQN derived from the cross product of the APID being assigned
672 * and the APQIs previously assigned is not bound to the vfio_ap device
673 * driver; or, if no APQIs have yet been assigned, the APID is not
674 * contained in an APQN bound to the vfio_ap device driver.
675 *
676 * 4. -EADDRINUSE
677 * An APQN derived from the cross product of the APID being assigned
678 * and the APQIs previously assigned is being used by another mediated
679 * matrix device
680 */
681static ssize_t assign_adapter_store(struct device *dev,
682 struct device_attribute *attr,
683 const char *buf, size_t count)
684{
685 int ret;
686 unsigned long apid;
eb0feefd 687 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
96d152bd 688
0cc00c8d
TK		 689 mutex_lock(&matrix_dev->lock);
690
86956e70
TK		 691 /* If the KVM guest is running, disallow assignment of adapter */
692 if (matrix_mdev->kvm) {
0cc00c8d
TK		 693 ret = -EBUSY;
694 goto done;
695 }
258287c9 696
96d152bd
TK		 697 ret = kstrtoul(buf, 0, &apid);
698 if (ret)
0cc00c8d 699 goto done;
96d152bd 700
0cc00c8d
TK		 701 if (apid > matrix_mdev->matrix.apm_max) {
702 ret = -ENODEV;
703 goto done;
704 }
96d152bd
TK		 705
706 /*
707 * Set the bit in the AP mask (APM) corresponding to the AP adapter
708 * number (APID). The bits in the mask, from most significant to least
709 * significant bit, correspond to APIDs 0-255.
710 */
96d152bd
TK		 711 ret = vfio_ap_mdev_verify_queues_reserved_for_apid(matrix_mdev, apid);
712 if (ret)
713 goto done;
714
715 set_bit_inv(apid, matrix_mdev->matrix.apm);
716
717 ret = vfio_ap_mdev_verify_no_sharing(matrix_mdev);
718 if (ret)
719 goto share_err;
720
721 ret = count;
722 goto done;
723
724share_err:
725 clear_bit_inv(apid, matrix_mdev->matrix.apm);
726done:
727 mutex_unlock(&matrix_dev->lock);
728
729 return ret;
730}
731static DEVICE_ATTR_WO(assign_adapter);
732
733/**
0c1abe7c
RD		 734 * unassign_adapter_store - parses the APID from @buf and clears the
735 * corresponding bit in the mediated matrix device's APM
96d152bd
TK		 736 *
737 * @dev: the matrix device
738 * @attr: the mediated matrix device's unassign_adapter attribute
739 * @buf: a buffer containing the adapter number (APID) to be unassigned
740 * @count: the number of bytes in @buf
741 *
0c1abe7c 742 * Return: the number of bytes processed if the APID is valid; otherwise,
96d152bd
TK		 743 * returns one of the following errors:
744 * -EINVAL if the APID is not a number
745 * -ENODEV if the APID it exceeds the maximum value configured for the
746 * system
747 */
748static ssize_t unassign_adapter_store(struct device *dev,
749 struct device_attribute *attr,
750 const char *buf, size_t count)
751{
752 int ret;
753 unsigned long apid;
eb0feefd 754 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
96d152bd 755
0cc00c8d
TK		 756 mutex_lock(&matrix_dev->lock);
757
86956e70
TK		 758 /* If the KVM guest is running, disallow unassignment of adapter */
759 if (matrix_mdev->kvm) {
0cc00c8d
TK		 760 ret = -EBUSY;
761 goto done;
762 }
258287c9 763
96d152bd
TK		 764 ret = kstrtoul(buf, 0, &apid);
765 if (ret)
0cc00c8d 766 goto done;
96d152bd 767
0cc00c8d
TK		 768 if (apid > matrix_mdev->matrix.apm_max) {
769 ret = -ENODEV;
770 goto done;
771 }
96d152bd 772
96d152bd 773 clear_bit_inv((unsigned long)apid, matrix_mdev->matrix.apm);
0cc00c8d
TK		 774 ret = count;
775done:
96d152bd 776 mutex_unlock(&matrix_dev->lock);
0cc00c8d 777 return ret;
96d152bd 778}
46623ab3 779static DEVICE_ATTR_WO(unassign_adapter);
96d152bd 780
3211da0c
TK		 781static int
782vfio_ap_mdev_verify_queues_reserved_for_apqi(struct ap_matrix_mdev *matrix_mdev,
783 unsigned long apqi)
784{
785 int ret;
786 unsigned long apid;
787 unsigned long nbits = matrix_mdev->matrix.apm_max + 1;
788
789 if (find_first_bit_inv(matrix_mdev->matrix.apm, nbits) >= nbits)
790 return vfio_ap_verify_queue_reserved(NULL, &apqi);
791
792 for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, nbits) {
793 ret = vfio_ap_verify_queue_reserved(&apid, &apqi);
794 if (ret)
795 return ret;
796 }
797
798 return 0;
799}
800
801/**
0c1abe7c
RD		 802 * assign_domain_store - parses the APQI from @buf and sets the
803 * corresponding bit in the mediated matrix device's AQM
804 *
3211da0c
TK		 805 * @dev: the matrix device
806 * @attr: the mediated matrix device's assign_domain attribute
807 * @buf: a buffer containing the AP queue index (APQI) of the domain to
808 * be assigned
809 * @count: the number of bytes in @buf
810 *
0c1abe7c 811 * Return: the number of bytes processed if the APQI is valid; otherwise returns
3211da0c
TK		 812 * one of the following errors:
813 *
814 * 1. -EINVAL
815 * The APQI is not a valid number
816 *
817 * 2. -ENODEV
818 * The APQI exceeds the maximum value configured for the system
819 *
820 * 3. -EADDRNOTAVAIL
821 * An APQN derived from the cross product of the APQI being assigned
822 * and the APIDs previously assigned is not bound to the vfio_ap device
823 * driver; or, if no APIDs have yet been assigned, the APQI is not
824 * contained in an APQN bound to the vfio_ap device driver.
825 *
826 * 4. -EADDRINUSE
827 * An APQN derived from the cross product of the APQI being assigned
828 * and the APIDs previously assigned is being used by another mediated
829 * matrix device
830 */
831static ssize_t assign_domain_store(struct device *dev,
832 struct device_attribute *attr,
833 const char *buf, size_t count)
834{
835 int ret;
836 unsigned long apqi;
eb0feefd 837 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
3211da0c
TK		 838 unsigned long max_apqi = matrix_mdev->matrix.aqm_max;
839
0cc00c8d
TK		 840 mutex_lock(&matrix_dev->lock);
841
86956e70
TK		 842 /* If the KVM guest is running, disallow assignment of domain */
843 if (matrix_mdev->kvm) {
0cc00c8d
TK		 844 ret = -EBUSY;
845 goto done;
846 }
258287c9 847
3211da0c
TK		 848 ret = kstrtoul(buf, 0, &apqi);
849 if (ret)
0cc00c8d
TK		 850 goto done;
851 if (apqi > max_apqi) {
852 ret = -ENODEV;
853 goto done;
854 }
3211da0c
TK		 855
856 ret = vfio_ap_mdev_verify_queues_reserved_for_apqi(matrix_mdev, apqi);
857 if (ret)
858 goto done;
859
860 set_bit_inv(apqi, matrix_mdev->matrix.aqm);
861
862 ret = vfio_ap_mdev_verify_no_sharing(matrix_mdev);
863 if (ret)
864 goto share_err;
865
866 ret = count;
867 goto done;
868
869share_err:
870 clear_bit_inv(apqi, matrix_mdev->matrix.aqm);
871done:
872 mutex_unlock(&matrix_dev->lock);
873
874 return ret;
875}
46623ab3 876static DEVICE_ATTR_WO(assign_domain);
3211da0c
TK		 877
878
879/**
0c1abe7c
RD		 880 * unassign_domain_store - parses the APQI from @buf and clears the
881 * corresponding bit in the mediated matrix device's AQM
3211da0c
TK		 882 *
883 * @dev: the matrix device
884 * @attr: the mediated matrix device's unassign_domain attribute
885 * @buf: a buffer containing the AP queue index (APQI) of the domain to
886 * be unassigned
887 * @count: the number of bytes in @buf
888 *
0c1abe7c 889 * Return: the number of bytes processed if the APQI is valid; otherwise,
3211da0c
TK		 890 * returns one of the following errors:
891 * -EINVAL if the APQI is not a number
892 * -ENODEV if the APQI exceeds the maximum value configured for the system
893 */
894static ssize_t unassign_domain_store(struct device *dev,
895 struct device_attribute *attr,
896 const char *buf, size_t count)
897{
898 int ret;
899 unsigned long apqi;
eb0feefd 900 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
3211da0c 901
0cc00c8d
TK		 902 mutex_lock(&matrix_dev->lock);
903
86956e70
TK		 904 /* If the KVM guest is running, disallow unassignment of domain */
905 if (matrix_mdev->kvm) {
0cc00c8d
TK		 906 ret = -EBUSY;
907 goto done;
908 }
258287c9 909
3211da0c
TK		 910 ret = kstrtoul(buf, 0, &apqi);
911 if (ret)
0cc00c8d 912 goto done;
3211da0c 913
0cc00c8d
TK		 914 if (apqi > matrix_mdev->matrix.aqm_max) {
915 ret = -ENODEV;
916 goto done;
917 }
3211da0c 918
3211da0c 919 clear_bit_inv((unsigned long)apqi, matrix_mdev->matrix.aqm);
0cc00c8d 920 ret = count;
3211da0c 921
0cc00c8d
TK		 922done:
923 mutex_unlock(&matrix_dev->lock);
924 return ret;
3211da0c 925}
46623ab3 926static DEVICE_ATTR_WO(unassign_domain);
3211da0c 927
3b1eab7f 928/**
0c1abe7c
RD		 929 * assign_control_domain_store - parses the domain ID from @buf and sets
930 * the corresponding bit in the mediated matrix device's ADM
931 *
3b1eab7f
TK		 932 * @dev: the matrix device
933 * @attr: the mediated matrix device's assign_control_domain attribute
934 * @buf: a buffer containing the domain ID to be assigned
935 * @count: the number of bytes in @buf
936 *
0c1abe7c 937 * Return: the number of bytes processed if the domain ID is valid; otherwise,
3b1eab7f
TK		 938 * returns one of the following errors:
939 * -EINVAL if the ID is not a number
940 * -ENODEV if the ID exceeds the maximum value configured for the system
941 */
942static ssize_t assign_control_domain_store(struct device *dev,
943 struct device_attribute *attr,
944 const char *buf, size_t count)
945{
946 int ret;
947 unsigned long id;
eb0feefd 948 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
3b1eab7f 949
0cc00c8d
TK		 950 mutex_lock(&matrix_dev->lock);
951
86956e70
TK		 952 /* If the KVM guest is running, disallow assignment of control domain */
953 if (matrix_mdev->kvm) {
0cc00c8d
TK		 954 ret = -EBUSY;
955 goto done;
956 }
258287c9 957
3b1eab7f
TK		 958 ret = kstrtoul(buf, 0, &id);
959 if (ret)
0cc00c8d 960 goto done;
3b1eab7f 961
0cc00c8d
TK		 962 if (id > matrix_mdev->matrix.adm_max) {
963 ret = -ENODEV;
964 goto done;
965 }
3b1eab7f
TK		 966
967 /* Set the bit in the ADM (bitmask) corresponding to the AP control
968 * domain number (id). The bits in the mask, from most significant to
969 * least significant, correspond to IDs 0 up to the one less than the
970 * number of control domains that can be assigned.
971 */
3b1eab7f 972 set_bit_inv(id, matrix_mdev->matrix.adm);
0cc00c8d
TK		 973 ret = count;
974done:
3b1eab7f 975 mutex_unlock(&matrix_dev->lock);
0cc00c8d 976 return ret;
3b1eab7f 977}
46623ab3 978static DEVICE_ATTR_WO(assign_control_domain);
3b1eab7f
TK		 979
980/**
0c1abe7c
RD		 981 * unassign_control_domain_store - parses the domain ID from @buf and
982 * clears the corresponding bit in the mediated matrix device's ADM
3b1eab7f
TK		 983 *
984 * @dev: the matrix device
985 * @attr: the mediated matrix device's unassign_control_domain attribute
986 * @buf: a buffer containing the domain ID to be unassigned
987 * @count: the number of bytes in @buf
988 *
0c1abe7c 989 * Return: the number of bytes processed if the domain ID is valid; otherwise,
3b1eab7f
TK		 990 * returns one of the following errors:
991 * -EINVAL if the ID is not a number
992 * -ENODEV if the ID exceeds the maximum value configured for the system
993 */
994static ssize_t unassign_control_domain_store(struct device *dev,
995 struct device_attribute *attr,
996 const char *buf, size_t count)
997{
998 int ret;
999 unsigned long domid;
eb0feefd 1000 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
3b1eab7f
TK		 1001 unsigned long max_domid = matrix_mdev->matrix.adm_max;
1002
0cc00c8d
TK		 1003 mutex_lock(&matrix_dev->lock);
1004
86956e70
TK		 1005 /* If a KVM guest is running, disallow unassignment of control domain */
1006 if (matrix_mdev->kvm) {
0cc00c8d
TK		 1007 ret = -EBUSY;
1008 goto done;
1009 }
258287c9 1010
3b1eab7f
TK		 1011 ret = kstrtoul(buf, 0, &domid);
1012 if (ret)
0cc00c8d
TK		 1013 goto done;
1014 if (domid > max_domid) {
1015 ret = -ENODEV;
1016 goto done;
1017 }
3b1eab7f 1018
3b1eab7f 1019 clear_bit_inv(domid, matrix_mdev->matrix.adm);
0cc00c8d
TK		 1020 ret = count;
1021done:
3b1eab7f 1022 mutex_unlock(&matrix_dev->lock);
0cc00c8d 1023 return ret;
3b1eab7f 1024}
46623ab3 1025static DEVICE_ATTR_WO(unassign_control_domain);
3b1eab7f
TK		 1026
1027static ssize_t control_domains_show(struct device *dev,
1028 struct device_attribute *dev_attr,
1029 char *buf)
1030{
1031 unsigned long id;
1032 int nchars = 0;
1033 int n;
1034 char *bufpos = buf;
eb0feefd 1035 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
3b1eab7f
TK		 1036 unsigned long max_domid = matrix_mdev->matrix.adm_max;
1037
1038 mutex_lock(&matrix_dev->lock);
1039 for_each_set_bit_inv(id, matrix_mdev->matrix.adm, max_domid + 1) {
1040 n = sprintf(bufpos, "%04lx\n", id);
1041 bufpos += n;
1042 nchars += n;
1043 }
1044 mutex_unlock(&matrix_dev->lock);
1045
1046 return nchars;
1047}
46623ab3 1048static DEVICE_ATTR_RO(control_domains);
3b1eab7f 1049
81b2b4b7
TK		 1050static ssize_t matrix_show(struct device *dev, struct device_attribute *attr,
1051 char *buf)
1052{
eb0feefd 1053 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
81b2b4b7
TK		 1054 char *bufpos = buf;
1055 unsigned long apid;
1056 unsigned long apqi;
1057 unsigned long apid1;
1058 unsigned long apqi1;
1059 unsigned long napm_bits = matrix_mdev->matrix.apm_max + 1;
1060 unsigned long naqm_bits = matrix_mdev->matrix.aqm_max + 1;
1061 int nchars = 0;
1062 int n;
1063
1064 apid1 = find_first_bit_inv(matrix_mdev->matrix.apm, napm_bits);
1065 apqi1 = find_first_bit_inv(matrix_mdev->matrix.aqm, naqm_bits);
1066
1067 mutex_lock(&matrix_dev->lock);
1068
1069 if ((apid1 < napm_bits) && (apqi1 < naqm_bits)) {
1070 for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, napm_bits) {
1071 for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm,
1072 naqm_bits) {
1073 n = sprintf(bufpos, "%02lx.%04lx\n", apid,
1074 apqi);
1075 bufpos += n;
1076 nchars += n;
1077 }
1078 }
1079 } else if (apid1 < napm_bits) {
1080 for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, napm_bits) {
1081 n = sprintf(bufpos, "%02lx.\n", apid);
1082 bufpos += n;
1083 nchars += n;
1084 }
1085 } else if (apqi1 < naqm_bits) {
1086 for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, naqm_bits) {
1087 n = sprintf(bufpos, ".%04lx\n", apqi);
1088 bufpos += n;
1089 nchars += n;
1090 }
1091 }
1092
1093 mutex_unlock(&matrix_dev->lock);
1094
1095 return nchars;
1096}
46623ab3 1097static DEVICE_ATTR_RO(matrix);
81b2b4b7 1098
96d152bd
TK		 1099static struct attribute *vfio_ap_mdev_attrs[] = {
1100 &dev_attr_assign_adapter.attr,
1101 &dev_attr_unassign_adapter.attr,
3211da0c
TK		 1102 &dev_attr_assign_domain.attr,
1103 &dev_attr_unassign_domain.attr,
3b1eab7f
TK		 1104 &dev_attr_assign_control_domain.attr,
1105 &dev_attr_unassign_control_domain.attr,
1106 &dev_attr_control_domains.attr,
81b2b4b7 1107 &dev_attr_matrix.attr,
3211da0c 1108 NULL,
96d152bd
TK		 1109};
1110
1111static struct attribute_group vfio_ap_mdev_attr_group = {
1112 .attrs = vfio_ap_mdev_attrs
1113};
1114
1115static const struct attribute_group *vfio_ap_mdev_attr_groups[] = {
1116 &vfio_ap_mdev_attr_group,
1117 NULL
1118};
1119
258287c9 1120/**
0c1abe7c
RD		 1121 * vfio_ap_mdev_set_kvm - sets all data for @matrix_mdev that are needed
1122 * to manage AP resources for the guest whose state is represented by @kvm
258287c9
TK		 1123 *
1124 * @matrix_mdev: a mediated matrix device
1125 * @kvm: reference to KVM instance
1126 *
0cc00c8d
TK		 1127 * Note: The matrix_dev->lock must be taken prior to calling
1128 * this function; however, the lock will be temporarily released while the
1129 * guest's AP configuration is set to avoid a potential lockdep splat.
1130 * The kvm->lock is taken to set the guest's AP configuration which, under
1131 * certain circumstances, will result in a circular lock dependency if this is
1132 * done under the @matrix_mdev->lock.
258287c9 1133 *
0c1abe7c 1134 * Return: 0 if no other mediated matrix device has a reference to @kvm;
258287c9
TK		 1135 * otherwise, returns an -EPERM.
1136 */
1137static int vfio_ap_mdev_set_kvm(struct ap_matrix_mdev *matrix_mdev,
1138 struct kvm *kvm)
1139{
1140 struct ap_matrix_mdev *m;
1141
0cc00c8d 1142 if (kvm->arch.crypto.crycbd) {
86956e70
TK		 1143 down_write(&kvm->arch.crypto.pqap_hook_rwsem);
1144 kvm->arch.crypto.pqap_hook = &matrix_mdev->pqap_hook;
1145 up_write(&kvm->arch.crypto.pqap_hook_rwsem);
1146
1147 mutex_lock(&kvm->lock);
1148 mutex_lock(&matrix_dev->lock);
1149
0cc00c8d 1150 list_for_each_entry(m, &matrix_dev->mdev_list, node) {
86956e70
TK		 1151 if (m != matrix_mdev && m->kvm == kvm) {
1152 mutex_unlock(&kvm->lock);
1153 mutex_unlock(&matrix_dev->lock);
0cc00c8d 1154 return -EPERM;
86956e70 1155 }
0cc00c8d 1156 }
258287c9 1157
0cc00c8d 1158 kvm_get_kvm(kvm);
1e753732 1159 matrix_mdev->kvm = kvm;
0cc00c8d
TK		 1160 kvm_arch_crypto_set_masks(kvm,
1161 matrix_mdev->matrix.apm,
1162 matrix_mdev->matrix.aqm,
1163 matrix_mdev->matrix.adm);
1e753732 1164
86956e70
TK		 1165 mutex_unlock(&kvm->lock);
1166 mutex_unlock(&matrix_dev->lock);
0cc00c8d 1167 }
258287c9
TK		 1168
1169 return 0;
1170}
1171
0c1abe7c
RD		 1172/**
1173 * vfio_ap_mdev_iommu_notifier - IOMMU notifier callback
62e358ce
PM		 1174 *
1175 * @nb: The notifier block
1176 * @action: Action to be taken
1177 * @data: data associated with the request
1178 *
1179 * For an UNMAP request, unpin the guest IOVA (the NIB guest address we
1180 * pinned before). Other requests are ignored.
1181 *
0c1abe7c 1182 * Return: for an UNMAP request, NOFITY_OK; otherwise NOTIFY_DONE.
62e358ce
PM		 1183 */
1184static int vfio_ap_mdev_iommu_notifier(struct notifier_block *nb,
1185 unsigned long action, void *data)
1186{
1187 struct ap_matrix_mdev *matrix_mdev;
1188
1189 matrix_mdev = container_of(nb, struct ap_matrix_mdev, iommu_notifier);
1190
1191 if (action == VFIO_IOMMU_NOTIFY_DMA_UNMAP) {
1192 struct vfio_iommu_type1_dma_unmap *unmap = data;
1193 unsigned long g_pfn = unmap->iova >> PAGE_SHIFT;
1194
1195 vfio_unpin_pages(mdev_dev(matrix_mdev->mdev), &g_pfn, 1);
1196 return NOTIFY_OK;
1197 }
1198
1199 return NOTIFY_DONE;
1200}
1201
0cc00c8d 1202/**
0c1abe7c
RD		 1203 * vfio_ap_mdev_unset_kvm - performs clean-up of resources no longer needed
1204 * by @matrix_mdev.
0cc00c8d
TK		 1205 *
1206 * @matrix_mdev: a matrix mediated device
5ef4f710 1207 * @kvm: the pointer to the kvm structure being unset.
0cc00c8d 1208 *
0cc00c8d
TK		 1209 * Note: The matrix_dev->lock must be taken prior to calling
1210 * this function; however, the lock will be temporarily released while the
1211 * guest's AP configuration is cleared to avoid a potential lockdep splat.
1212 * The kvm->lock is taken to clear the guest's AP configuration which, under
1213 * certain circumstances, will result in a circular lock dependency if this is
1214 * done under the @matrix_mdev->lock.
0cc00c8d 1215 */
86956e70
TK		 1216static void vfio_ap_mdev_unset_kvm(struct ap_matrix_mdev *matrix_mdev,
1217 struct kvm *kvm)
f21916ec 1218{
86956e70
TK		 1219 if (kvm && kvm->arch.crypto.crycbd) {
1220 down_write(&kvm->arch.crypto.pqap_hook_rwsem);
1221 kvm->arch.crypto.pqap_hook = NULL;
1222 up_write(&kvm->arch.crypto.pqap_hook_rwsem);
0cc00c8d 1223
86956e70 1224 mutex_lock(&kvm->lock);
0cc00c8d 1225 mutex_lock(&matrix_dev->lock);
86956e70
TK		 1226
1227 kvm_arch_crypto_clear_masks(kvm);
eb0feefd 1228 vfio_ap_mdev_reset_queues(matrix_mdev);
86956e70 1229 kvm_put_kvm(kvm);
0cc00c8d 1230 matrix_mdev->kvm = NULL;
86956e70
TK		 1231
1232 mutex_unlock(&kvm->lock);
1233 mutex_unlock(&matrix_dev->lock);
0cc00c8d 1234 }
f21916ec
TK		 1235}
1236
258287c9
TK		 1237static int vfio_ap_mdev_group_notifier(struct notifier_block *nb,
1238 unsigned long action, void *data)
1239{
0cc00c8d 1240 int notify_rc = NOTIFY_OK;
258287c9
TK		 1241 struct ap_matrix_mdev *matrix_mdev;
1242
1243 if (action != VFIO_GROUP_NOTIFY_SET_KVM)
1244 return NOTIFY_OK;
1245
0cc00c8d 1246 matrix_mdev = container_of(nb, struct ap_matrix_mdev, group_notifier);
258287c9 1247
0cc00c8d 1248 if (!data)
86956e70 1249 vfio_ap_mdev_unset_kvm(matrix_mdev, matrix_mdev->kvm);
0cc00c8d 1250 else if (vfio_ap_mdev_set_kvm(matrix_mdev, data))
f21916ec 1251 notify_rc = NOTIFY_DONE;
258287c9 1252
f21916ec 1253 return notify_rc;
258287c9
TK		 1254}
1255
6c12a638 1256static struct vfio_ap_queue *vfio_ap_find_queue(int apqn)
ec89b55e
PM		 1257{
1258 struct device *dev;
6c12a638 1259 struct vfio_ap_queue *q = NULL;
ec89b55e
PM		 1260
1261 dev = driver_find_device(&matrix_dev->vfio_ap_drv->driver, NULL,
1262 &apqn, match_apqn);
1263 if (dev) {
1264 q = dev_get_drvdata(dev);
ec89b55e
PM		 1265 put_device(dev);
1266 }
6c12a638
TK		 1267
1268 return q;
ec89b55e
PM		 1269}
1270
6c12a638 1271int vfio_ap_mdev_reset_queue(struct vfio_ap_queue *q,
ec89b55e 1272 unsigned int retry)
46a7263d
TK		 1273{
1274 struct ap_queue_status status;
6c12a638 1275 int ret;
ec89b55e 1276 int retry2 = 2;
46a7263d 1277
6c12a638
TK		 1278 if (!q)
1279 return 0;
1280
1281retry_zapq:
1282 status = ap_zapq(q->apqn);
1283 switch (status.response_code) {
1284 case AP_RESPONSE_NORMAL:
1285 ret = 0;
1286 break;
1287 case AP_RESPONSE_RESET_IN_PROGRESS:
1288 if (retry--) {
46a7263d 1289 msleep(20);
6c12a638 1290 goto retry_zapq;
46a7263d 1291 }
6c12a638
TK		 1292 ret = -EBUSY;
1293 break;
1294 case AP_RESPONSE_Q_NOT_AVAIL:
1295 case AP_RESPONSE_DECONFIGURED:
1296 case AP_RESPONSE_CHECKSTOPPED:
1297 WARN_ON_ONCE(status.irq_enabled);
1298 ret = -EBUSY;
1299 goto free_resources;
1300 default:
1301 /* things are really broken, give up */
1302 WARN(true, "PQAP/ZAPQ completed with invalid rc (%x)\n",
1303 status.response_code);
1304 return -EIO;
1305 }
1306
1307 /* wait for the reset to take effect */
1308 while (retry2--) {
1309 if (status.queue_empty && !status.irq_enabled)
1310 break;
1311 msleep(20);
1312 status = ap_tapq(q->apqn, NULL);
1313 }
1314 WARN_ON_ONCE(retry2 <= 0);
46a7263d 1315
6c12a638
TK		 1316free_resources:
1317 vfio_ap_free_aqic_resources(q);
1318
1319 return ret;
46a7263d
TK		 1320}
1321
eb0feefd 1322static int vfio_ap_mdev_reset_queues(struct ap_matrix_mdev *matrix_mdev)
46a7263d
TK		 1323{
1324 int ret;
1325 int rc = 0;
1326 unsigned long apid, apqi;
6c12a638 1327 struct vfio_ap_queue *q;
46a7263d
TK		 1328
1329 for_each_set_bit_inv(apid, matrix_mdev->matrix.apm,
1330 matrix_mdev->matrix.apm_max + 1) {
1331 for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm,
1332 matrix_mdev->matrix.aqm_max + 1) {
6c12a638
TK		 1333 q = vfio_ap_find_queue(AP_MKQID(apid, apqi));
1334 ret = vfio_ap_mdev_reset_queue(q, 1);
46a7263d
TK		 1335 /*
1336 * Regardless whether a queue turns out to be busy, or
1337 * is not operational, we need to continue resetting
1338 * the remaining queues.
1339 */
1340 if (ret)
1341 rc = ret;
1342 }
1343 }
1344
1345 return rc;
1346}
1347
eb0feefd 1348static int vfio_ap_mdev_open_device(struct vfio_device *vdev)
258287c9 1349{
eb0feefd
JG		 1350 struct ap_matrix_mdev *matrix_mdev =
1351 container_of(vdev, struct ap_matrix_mdev, vdev);
258287c9
TK		 1352 unsigned long events;
1353 int ret;
1354
258287c9
TK		 1355 matrix_mdev->group_notifier.notifier_call = vfio_ap_mdev_group_notifier;
1356 events = VFIO_GROUP_NOTIFY_SET_KVM;
1357
eb0feefd 1358 ret = vfio_register_notifier(vdev->dev, VFIO_GROUP_NOTIFY,
258287c9 1359 &events, &matrix_mdev->group_notifier);
eb0feefd 1360 if (ret)
258287c9 1361 return ret;
258287c9 1362
62e358ce
PM		 1363 matrix_mdev->iommu_notifier.notifier_call = vfio_ap_mdev_iommu_notifier;
1364 events = VFIO_IOMMU_NOTIFY_DMA_UNMAP;
eb0feefd 1365 ret = vfio_register_notifier(vdev->dev, VFIO_IOMMU_NOTIFY,
62e358ce 1366 &events, &matrix_mdev->iommu_notifier);
eb0feefd
JG		 1367 if (ret)
1368 goto out_unregister_group;
1369 return 0;
62e358ce 1370
eb0feefd
JG		 1371out_unregister_group:
1372 vfio_unregister_notifier(vdev->dev, VFIO_GROUP_NOTIFY,
62e358ce 1373 &matrix_mdev->group_notifier);
62e358ce 1374 return ret;
258287c9
TK		 1375}
1376
eb0feefd 1377static void vfio_ap_mdev_close_device(struct vfio_device *vdev)
258287c9 1378{
eb0feefd
JG		 1379 struct ap_matrix_mdev *matrix_mdev =
1380 container_of(vdev, struct ap_matrix_mdev, vdev);
258287c9 1381
eb0feefd 1382 vfio_unregister_notifier(vdev->dev, VFIO_IOMMU_NOTIFY,
62e358ce 1383 &matrix_mdev->iommu_notifier);
eb0feefd 1384 vfio_unregister_notifier(vdev->dev, VFIO_GROUP_NOTIFY,
258287c9 1385 &matrix_mdev->group_notifier);
86956e70 1386 vfio_ap_mdev_unset_kvm(matrix_mdev, matrix_mdev->kvm);
258287c9
TK		 1387}
1388
e06670c5
TK		 1389static int vfio_ap_mdev_get_device_info(unsigned long arg)
1390{
1391 unsigned long minsz;
1392 struct vfio_device_info info;
1393
1394 minsz = offsetofend(struct vfio_device_info, num_irqs);
1395
1396 if (copy_from_user(&info, (void __user *)arg, minsz))
1397 return -EFAULT;
1398
1399 if (info.argsz < minsz)
1400 return -EINVAL;
1401
cd8a377e 1402 info.flags = VFIO_DEVICE_FLAGS_AP | VFIO_DEVICE_FLAGS_RESET;
e06670c5
TK		 1403 info.num_regions = 0;
1404 info.num_irqs = 0;
1405
942df4be 1406 return copy_to_user((void __user *)arg, &info, minsz) ? -EFAULT : 0;
e06670c5
TK		 1407}
1408
eb0feefd 1409static ssize_t vfio_ap_mdev_ioctl(struct vfio_device *vdev,
e06670c5
TK		 1410 unsigned int cmd, unsigned long arg)
1411{
eb0feefd
JG		 1412 struct ap_matrix_mdev *matrix_mdev =
1413 container_of(vdev, struct ap_matrix_mdev, vdev);
e06670c5
TK		 1414 int ret;
1415
ec89b55e 1416 mutex_lock(&matrix_dev->lock);
e06670c5
TK		 1417 switch (cmd) {
1418 case VFIO_DEVICE_GET_INFO:
1419 ret = vfio_ap_mdev_get_device_info(arg);
1420 break;
cd8a377e 1421 case VFIO_DEVICE_RESET:
eb0feefd 1422 ret = vfio_ap_mdev_reset_queues(matrix_mdev);
cd8a377e 1423 break;
e06670c5
TK		 1424 default:
1425 ret = -EOPNOTSUPP;
1426 break;
1427 }
ec89b55e 1428 mutex_unlock(&matrix_dev->lock);
e06670c5
TK		 1429
1430 return ret;
1431}
1432
eb0feefd
JG		 1433static const struct vfio_device_ops vfio_ap_matrix_dev_ops = {
1434 .open_device = vfio_ap_mdev_open_device,
1435 .close_device = vfio_ap_mdev_close_device,
1436 .ioctl = vfio_ap_mdev_ioctl,
1437};
1438
1439static struct mdev_driver vfio_ap_matrix_driver = {
1440 .driver = {
1441 .name = "vfio_ap_mdev",
1442 .owner = THIS_MODULE,
1443 .mod_name = KBUILD_MODNAME,
1444 .dev_groups = vfio_ap_mdev_attr_groups,
1445 },
1446 .probe = vfio_ap_mdev_probe,
1447 .remove = vfio_ap_mdev_remove,
1448};
1449
65f06713
TK		 1450static const struct mdev_parent_ops vfio_ap_matrix_ops = {
1451 .owner = THIS_MODULE,
eb0feefd 1452 .device_driver = &vfio_ap_matrix_driver,
65f06713 1453 .supported_type_groups = vfio_ap_mdev_type_groups,
65f06713
TK		 1454};
1455
1456int vfio_ap_mdev_register(void)
1457{
eb0feefd
JG		 1458 int ret;
1459
65f06713
TK		 1460 atomic_set(&matrix_dev->available_instances, MAX_ZDEV_ENTRIES_EXT);
1461
eb0feefd
JG		 1462 ret = mdev_register_driver(&vfio_ap_matrix_driver);
1463 if (ret)
1464 return ret;
1465
1466 ret = mdev_register_device(&matrix_dev->device, &vfio_ap_matrix_ops);
1467 if (ret)
1468 goto err_driver;
1469 return 0;
1470
1471err_driver:
1472 mdev_unregister_driver(&vfio_ap_matrix_driver);
1473 return ret;
65f06713
TK		 1474}
1475
1476void vfio_ap_mdev_unregister(void)
1477{
1478 mdev_unregister_device(&matrix_dev->device);
eb0feefd 1479 mdev_unregister_driver(&vfio_ap_matrix_driver);
65f06713 1480}
Linux 6.x block layer and io_uring tree(s)