projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
vsock/virtio/vhost: read data from non-linear skb
[linux-2.6-block.git] / drivers / vhost / vsock.c
CommitLineData
7a338472 1// SPDX-License-Identifier: GPL-2.0-only
433fc58e
AH		 2/*
3 * vhost transport for vsock
4 *
5 * Copyright (C) 2013-2015 Red Hat, Inc.
6 * Author: Asias He <asias@redhat.com>
7 * Stefan Hajnoczi <stefanha@redhat.com>
433fc58e
AH		 8 */
9#include <linux/miscdevice.h>
10#include <linux/atomic.h>
11#include <linux/module.h>
12#include <linux/mutex.h>
13#include <linux/vmalloc.h>
14#include <net/sock.h>
15#include <linux/virtio_vsock.h>
16#include <linux/vhost.h>
834e772c 17#include <linux/hashtable.h>
433fc58e
AH		 18
19#include <net/af_vsock.h>
20#include "vhost.h"
21
22#define VHOST_VSOCK_DEFAULT_HOST_CID 2
e82b9b07
JW		 23/* Max number of bytes transferred before requeueing the job.
24 * Using this limit prevents one virtqueue from starving others. */
25#define VHOST_VSOCK_WEIGHT 0x80000
26/* Max number of packets transferred before requeueing the job.
27 * Using this limit prevents one virtqueue from starving others with
28 * small pkts.
29 */
30#define VHOST_VSOCK_PKT_WEIGHT 256
433fc58e
AH		 31
32enum {
e13a6915 33 VHOST_VSOCK_FEATURES = VHOST_FEATURES |
ced7b713
AK		 34 (1ULL << VIRTIO_F_ACCESS_PLATFORM) |
35 (1ULL << VIRTIO_VSOCK_F_SEQPACKET)
e13a6915
SG		 36};
37
38enum {
39 VHOST_VSOCK_BACKEND_FEATURES = (1ULL << VHOST_BACKEND_F_IOTLB_MSG_V2)
433fc58e
AH		 40};
41
42/* Used to track all the vhost_vsock instances on the system. */
6db3d8dc 43static DEFINE_MUTEX(vhost_vsock_mutex);
834e772c 44static DEFINE_READ_MOSTLY_HASHTABLE(vhost_vsock_hash, 8);
433fc58e
AH		 45
46struct vhost_vsock {
47 struct vhost_dev dev;
48 struct vhost_virtqueue vqs[2];
49
6db3d8dc 50 /* Link to global vhost_vsock_hash, writes use vhost_vsock_mutex */
834e772c 51 struct hlist_node hash;
433fc58e
AH		 52
53 struct vhost_work send_pkt_work;
71dc9ec9 54 struct sk_buff_head send_pkt_queue; /* host->guest pending packets */
433fc58e
AH		 55
56 atomic_t queued_replies;
57
58 u32 guest_cid;
ced7b713 59 bool seqpacket_allow;
433fc58e
AH		 60};
61
62static u32 vhost_transport_get_local_cid(void)
63{
64 return VHOST_VSOCK_DEFAULT_HOST_CID;
65}
66
6db3d8dc 67/* Callers that dereference the return value must hold vhost_vsock_mutex or the
834e772c
SH		 68 * RCU read lock.
69 */
70static struct vhost_vsock *vhost_vsock_get(u32 guest_cid)
433fc58e
AH		 71{
72 struct vhost_vsock *vsock;
73
834e772c 74 hash_for_each_possible_rcu(vhost_vsock_hash, vsock, hash, guest_cid) {
433fc58e
AH		 75 u32 other_cid = vsock->guest_cid;
76
77 /* Skip instances that have no CID yet */
78 if (other_cid == 0)
79 continue;
80
ff3c1b1a 81 if (other_cid == guest_cid)
433fc58e 82 return vsock;
ff3c1b1a 83
433fc58e 84 }
433fc58e
AH		 85
86 return NULL;
87}
88
89static void
90vhost_transport_do_send_pkt(struct vhost_vsock *vsock,
91 struct vhost_virtqueue *vq)
92{
93 struct vhost_virtqueue *tx_vq = &vsock->vqs[VSOCK_VQ_TX];
e79b431f 94 int pkts = 0, total_len = 0;
433fc58e
AH		 95 bool added = false;
96 bool restart_tx = false;
97
98 mutex_lock(&vq->mutex);
99
247643f8 100 if (!vhost_vq_get_backend(vq))
433fc58e
AH		 101 goto out;
102
e13a6915
SG		 103 if (!vq_meta_prefetch(vq))
104 goto out;
105
433fc58e
AH		 106 /* Avoid further vmexits, we're already processing the virtqueue */
107 vhost_disable_notify(&vsock->dev, vq);
108
e79b431f 109 do {
71dc9ec9
BE		 110 struct virtio_vsock_hdr *hdr;
111 size_t iov_len, payload_len;
433fc58e 112 struct iov_iter iov_iter;
71dc9ec9
BE		 113 u32 flags_to_restore = 0;
114 struct sk_buff *skb;
433fc58e
AH		 115 unsigned out, in;
116 size_t nbytes;
0df7cd3c 117 u32 offset;
433fc58e
AH		 118 int head;
119
71dc9ec9
BE		 120 skb = virtio_vsock_skb_dequeue(&vsock->send_pkt_queue);
121
122 if (!skb) {
433fc58e
AH		 123 vhost_enable_notify(&vsock->dev, vq);
124 break;
125 }
126
433fc58e
AH		 127 head = vhost_get_vq_desc(vq, vq->iov, ARRAY_SIZE(vq->iov),
128 &out, &in, NULL, NULL);
129 if (head < 0) {
71dc9ec9 130 virtio_vsock_skb_queue_head(&vsock->send_pkt_queue, skb);
433fc58e
AH		 131 break;
132 }
133
134 if (head == vq->num) {
71dc9ec9 135 virtio_vsock_skb_queue_head(&vsock->send_pkt_queue, skb);
433fc58e
AH		 136 /* We cannot finish yet if more buffers snuck in while
137 * re-enabling notify.
138 */
139 if (unlikely(vhost_enable_notify(&vsock->dev, vq))) {
140 vhost_disable_notify(&vsock->dev, vq);
141 continue;
142 }
143 break;
144 }
145
146 if (out) {
71dc9ec9 147 kfree_skb(skb);
433fc58e
AH		 148 vq_err(vq, "Expected 0 output buffers, got %u\n", out);
149 break;
150 }
151
6dbd3e66 152 iov_len = iov_length(&vq->iov[out], in);
71dc9ec9
BE		 153 if (iov_len < sizeof(*hdr)) {
154 kfree_skb(skb);
6dbd3e66
SG		 155 vq_err(vq, "Buffer len [%zu] too small\n", iov_len);
156 break;
157 }
158
de4eda9d 159 iov_iter_init(&iov_iter, ITER_DEST, &vq->iov[out], in, iov_len);
0df7cd3c
AK		 160 offset = VIRTIO_VSOCK_SKB_CB(skb)->offset;
161 payload_len = skb->len - offset;
71dc9ec9 162 hdr = virtio_vsock_hdr(skb);
6dbd3e66
SG		 163
164 /* If the packet is greater than the space available in the
165 * buffer, we split it using multiple buffers.
166 */
71dc9ec9
BE		 167 if (payload_len > iov_len - sizeof(*hdr)) {
168 payload_len = iov_len - sizeof(*hdr);
6dbd3e66 169
ced7b713
AK		 170 /* As we are copying pieces of large packet's buffer to
171 * small rx buffers, headers of packets in rx queue are
172 * created dynamically and are initialized with header
173 * of current packet(except length). But in case of
9af8f106 174 * SOCK_SEQPACKET, we also must clear message delimeter
1af7e555
AK		 175 * bit (VIRTIO_VSOCK_SEQ_EOM) and MSG_EOR bit
176 * (VIRTIO_VSOCK_SEQ_EOR) if set. Otherwise,
177 * there will be sequence of packets with these
178 * bits set. After initialized header will be copied to
179 * rx buffer, these required bits will be restored.
ced7b713 180 */
71dc9ec9
BE		 181 if (le32_to_cpu(hdr->flags) & VIRTIO_VSOCK_SEQ_EOM) {
182 hdr->flags &= ~cpu_to_le32(VIRTIO_VSOCK_SEQ_EOM);
1af7e555
AK		 183 flags_to_restore |= VIRTIO_VSOCK_SEQ_EOM;
184
71dc9ec9
BE		 185 if (le32_to_cpu(hdr->flags) & VIRTIO_VSOCK_SEQ_EOR) {
186 hdr->flags &= ~cpu_to_le32(VIRTIO_VSOCK_SEQ_EOR);
1af7e555
AK		 187 flags_to_restore |= VIRTIO_VSOCK_SEQ_EOR;
188 }
ced7b713
AK		 189 }
190 }
191
6dbd3e66 192 /* Set the correct length in the header */
71dc9ec9 193 hdr->len = cpu_to_le32(payload_len);
433fc58e 194
71dc9ec9
BE		 195 nbytes = copy_to_iter(hdr, sizeof(*hdr), &iov_iter);
196 if (nbytes != sizeof(*hdr)) {
197 kfree_skb(skb);
433fc58e
AH		 198 vq_err(vq, "Faulted on copying pkt hdr\n");
199 break;
200 }
201
0df7cd3c
AK		 202 if (skb_copy_datagram_iter(skb,
203 offset,
204 &iov_iter,
205 payload_len)) {
71dc9ec9 206 kfree_skb(skb);
433fc58e
AH		 207 vq_err(vq, "Faulted on copying pkt buf\n");
208 break;
209 }
210
107bc076
SG		 211 /* Deliver to monitoring devices all packets that we
212 * will transmit.
82dfb540 213 */
71dc9ec9 214 virtio_transport_deliver_tap_pkt(skb);
82dfb540 215
71dc9ec9 216 vhost_add_used(vq, head, sizeof(*hdr) + payload_len);
107bc076
SG		 217 added = true;
218
0df7cd3c 219 VIRTIO_VSOCK_SKB_CB(skb)->offset += payload_len;
6dbd3e66
SG		 220 total_len += payload_len;
221
222 /* If we didn't send all the payload we can requeue the packet
223 * to send it with the next available buffer.
224 */
0df7cd3c 225 if (VIRTIO_VSOCK_SKB_CB(skb)->offset < skb->len) {
71dc9ec9 226 hdr->flags |= cpu_to_le32(flags_to_restore);
ced7b713 227
71dc9ec9 228 /* We are queueing the same skb to handle
a78d1639
SG		 229 * the remaining bytes, and we want to deliver it
230 * to monitoring devices in the next iteration.
231 */
71dc9ec9
BE		 232 virtio_vsock_skb_clear_tap_delivered(skb);
233 virtio_vsock_skb_queue_head(&vsock->send_pkt_queue, skb);
6dbd3e66 234 } else {
71dc9ec9 235 if (virtio_vsock_skb_reply(skb)) {
6dbd3e66
SG		 236 int val;
237
238 val = atomic_dec_return(&vsock->queued_replies);
239
240 /* Do we have resources to resume tx
241 * processing?
242 */
243 if (val + 1 == tx_vq->num)
244 restart_tx = true;
245 }
246
71dc9ec9 247 consume_skb(skb);
6dbd3e66 248 }
e79b431f 249 } while(likely(!vhost_exceeds_weight(vq, ++pkts, total_len)));
433fc58e
AH		 250 if (added)
251 vhost_signal(&vsock->dev, vq);
252
253out:
254 mutex_unlock(&vq->mutex);
255
256 if (restart_tx)
257 vhost_poll_queue(&tx_vq->poll);
258}
259
260static void vhost_transport_send_pkt_work(struct vhost_work *work)
261{
262 struct vhost_virtqueue *vq;
263 struct vhost_vsock *vsock;
264
265 vsock = container_of(work, struct vhost_vsock, send_pkt_work);
266 vq = &vsock->vqs[VSOCK_VQ_RX];
267
268 vhost_transport_do_send_pkt(vsock, vq);
269}
270
271static int
71dc9ec9 272vhost_transport_send_pkt(struct sk_buff *skb)
433fc58e 273{
71dc9ec9 274 struct virtio_vsock_hdr *hdr = virtio_vsock_hdr(skb);
433fc58e 275 struct vhost_vsock *vsock;
71dc9ec9 276 int len = skb->len;
433fc58e 277
834e772c
SH		 278 rcu_read_lock();
279
433fc58e 280 /* Find the vhost_vsock according to guest context id */
71dc9ec9 281 vsock = vhost_vsock_get(le64_to_cpu(hdr->dst_cid));
433fc58e 282 if (!vsock) {
834e772c 283 rcu_read_unlock();
71dc9ec9 284 kfree_skb(skb);
433fc58e
AH		 285 return -ENODEV;
286 }
287
71dc9ec9 288 if (virtio_vsock_skb_reply(skb))
433fc58e
AH		 289 atomic_inc(&vsock->queued_replies);
290
71dc9ec9 291 virtio_vsock_skb_queue_tail(&vsock->send_pkt_queue, skb);
9e09d0ec 292 vhost_vq_work_queue(&vsock->vqs[VSOCK_VQ_RX], &vsock->send_pkt_work);
834e772c
SH		 293
294 rcu_read_unlock();
433fc58e
AH		 295 return len;
296}
297
16320f36
PT		 298static int
299vhost_transport_cancel_pkt(struct vsock_sock *vsk)
300{
301 struct vhost_vsock *vsock;
16320f36 302 int cnt = 0;
834e772c 303 int ret = -ENODEV;
16320f36 304
834e772c
SH		 305 rcu_read_lock();
306
16320f36
PT		 307 /* Find the vhost_vsock according to guest context id */
308 vsock = vhost_vsock_get(vsk->remote_addr.svm_cid);
309 if (!vsock)
834e772c 310 goto out;
16320f36 311
71dc9ec9 312 cnt = virtio_transport_purge_skbs(vsk, &vsock->send_pkt_queue);
16320f36
PT		 313
314 if (cnt) {
315 struct vhost_virtqueue *tx_vq = &vsock->vqs[VSOCK_VQ_TX];
316 int new_cnt;
317
318 new_cnt = atomic_sub_return(cnt, &vsock->queued_replies);
319 if (new_cnt + cnt >= tx_vq->num && new_cnt < tx_vq->num)
320 vhost_poll_queue(&tx_vq->poll);
321 }
322
834e772c
SH		 323 ret = 0;
324out:
325 rcu_read_unlock();
326 return ret;
16320f36
PT		 327}
328
71dc9ec9
BE		 329static struct sk_buff *
330vhost_vsock_alloc_skb(struct vhost_virtqueue *vq,
433fc58e
AH		 331 unsigned int out, unsigned int in)
332{
71dc9ec9 333 struct virtio_vsock_hdr *hdr;
433fc58e 334 struct iov_iter iov_iter;
71dc9ec9
BE		 335 struct sk_buff *skb;
336 size_t payload_len;
433fc58e
AH		 337 size_t nbytes;
338 size_t len;
339
340 if (in != 0) {
341 vq_err(vq, "Expected 0 input buffers, got %u\n", in);
342 return NULL;
343 }
344
71dc9ec9
BE		 345 len = iov_length(vq->iov, out);
346
347 /* len contains both payload and hdr */
348 skb = virtio_vsock_alloc_skb(len, GFP_KERNEL);
349 if (!skb)
433fc58e
AH		 350 return NULL;
351
de4eda9d 352 iov_iter_init(&iov_iter, ITER_SOURCE, vq->iov, out, len);
433fc58e 353
71dc9ec9
BE		 354 hdr = virtio_vsock_hdr(skb);
355 nbytes = copy_from_iter(hdr, sizeof(*hdr), &iov_iter);
356 if (nbytes != sizeof(*hdr)) {
433fc58e 357 vq_err(vq, "Expected %zu bytes for pkt->hdr, got %zu bytes\n",
71dc9ec9
BE		 358 sizeof(*hdr), nbytes);
359 kfree_skb(skb);
433fc58e
AH		 360 return NULL;
361 }
362
71dc9ec9 363 payload_len = le32_to_cpu(hdr->len);
433fc58e
AH		 364
365 /* No payload */
71dc9ec9
BE		 366 if (!payload_len)
367 return skb;
433fc58e 368
71dc9ec9
BE		 369 /* The pkt is too big or the length in the header is invalid */
370 if (payload_len > VIRTIO_VSOCK_MAX_PKT_BUF_SIZE ||
371 payload_len + sizeof(*hdr) > len) {
372 kfree_skb(skb);
433fc58e
AH		 373 return NULL;
374 }
375
71dc9ec9 376 virtio_vsock_skb_rx_put(skb);
433fc58e 377
71dc9ec9
BE		 378 nbytes = copy_from_iter(skb->data, payload_len, &iov_iter);
379 if (nbytes != payload_len) {
380 vq_err(vq, "Expected %zu byte payload, got %zu bytes\n",
381 payload_len, nbytes);
382 kfree_skb(skb);
433fc58e
AH		 383 return NULL;
384 }
385
71dc9ec9 386 return skb;
433fc58e
AH		 387}
388
389/* Is there space left for replies to rx packets? */
390static bool vhost_vsock_more_replies(struct vhost_vsock *vsock)
391{
392 struct vhost_virtqueue *vq = &vsock->vqs[VSOCK_VQ_TX];
393 int val;
394
395 smp_rmb(); /* paired with atomic_inc() and atomic_dec_return() */
396 val = atomic_read(&vsock->queued_replies);
397
398 return val < vq->num;
399}
400
ced7b713
AK		 401static bool vhost_transport_seqpacket_allow(u32 remote_cid);
402
4c7246dc
SG		 403static struct virtio_transport vhost_transport = {
404 .transport = {
6a2c0962
SG		 405 .module = THIS_MODULE,
406
4c7246dc
SG		 407 .get_local_cid = vhost_transport_get_local_cid,
408
409 .init = virtio_transport_do_socket_init,
410 .destruct = virtio_transport_destruct,
411 .release = virtio_transport_release,
412 .connect = virtio_transport_connect,
413 .shutdown = virtio_transport_shutdown,
414 .cancel_pkt = vhost_transport_cancel_pkt,
415
416 .dgram_enqueue = virtio_transport_dgram_enqueue,
417 .dgram_dequeue = virtio_transport_dgram_dequeue,
418 .dgram_bind = virtio_transport_dgram_bind,
419 .dgram_allow = virtio_transport_dgram_allow,
420
421 .stream_enqueue = virtio_transport_stream_enqueue,
422 .stream_dequeue = virtio_transport_stream_dequeue,
423 .stream_has_data = virtio_transport_stream_has_data,
424 .stream_has_space = virtio_transport_stream_has_space,
425 .stream_rcvhiwat = virtio_transport_stream_rcvhiwat,
426 .stream_is_active = virtio_transport_stream_is_active,
427 .stream_allow = virtio_transport_stream_allow,
428
ced7b713
AK		 429 .seqpacket_dequeue = virtio_transport_seqpacket_dequeue,
430 .seqpacket_enqueue = virtio_transport_seqpacket_enqueue,
431 .seqpacket_allow = vhost_transport_seqpacket_allow,
432 .seqpacket_has_data = virtio_transport_seqpacket_has_data,
433
4c7246dc
SG		 434 .notify_poll_in = virtio_transport_notify_poll_in,
435 .notify_poll_out = virtio_transport_notify_poll_out,
436 .notify_recv_init = virtio_transport_notify_recv_init,
437 .notify_recv_pre_block = virtio_transport_notify_recv_pre_block,
438 .notify_recv_pre_dequeue = virtio_transport_notify_recv_pre_dequeue,
439 .notify_recv_post_dequeue = virtio_transport_notify_recv_post_dequeue,
440 .notify_send_init = virtio_transport_notify_send_init,
441 .notify_send_pre_block = virtio_transport_notify_send_pre_block,
442 .notify_send_pre_enqueue = virtio_transport_notify_send_pre_enqueue,
443 .notify_send_post_enqueue = virtio_transport_notify_send_post_enqueue,
b9f2b0ff 444 .notify_buffer_size = virtio_transport_notify_buffer_size,
4c7246dc 445
634f1a71 446 .read_skb = virtio_transport_read_skb,
4c7246dc
SG		 447 },
448
449 .send_pkt = vhost_transport_send_pkt,
450};
451
ced7b713
AK		 452static bool vhost_transport_seqpacket_allow(u32 remote_cid)
453{
454 struct vhost_vsock *vsock;
455 bool seqpacket_allow = false;
456
457 rcu_read_lock();
458 vsock = vhost_vsock_get(remote_cid);
459
460 if (vsock)
461 seqpacket_allow = vsock->seqpacket_allow;
462
463 rcu_read_unlock();
464
465 return seqpacket_allow;
466}
467
433fc58e
AH		 468static void vhost_vsock_handle_tx_kick(struct vhost_work *work)
469{
470 struct vhost_virtqueue *vq = container_of(work, struct vhost_virtqueue,
471 poll.work);
472 struct vhost_vsock *vsock = container_of(vq->dev, struct vhost_vsock,
473 dev);
e79b431f 474 int head, pkts = 0, total_len = 0;
433fc58e 475 unsigned int out, in;
71dc9ec9 476 struct sk_buff *skb;
433fc58e
AH		 477 bool added = false;
478
479 mutex_lock(&vq->mutex);
480
247643f8 481 if (!vhost_vq_get_backend(vq))
433fc58e
AH		 482 goto out;
483
e13a6915
SG		 484 if (!vq_meta_prefetch(vq))
485 goto out;
486
433fc58e 487 vhost_disable_notify(&vsock->dev, vq);
e79b431f 488 do {
71dc9ec9
BE		 489 struct virtio_vsock_hdr *hdr;
490
433fc58e
AH		 491 if (!vhost_vsock_more_replies(vsock)) {
492 /* Stop tx until the device processes already
493 * pending replies. Leave tx virtqueue
494 * callbacks disabled.
495 */
496 goto no_more_replies;
497 }
498
499 head = vhost_get_vq_desc(vq, vq->iov, ARRAY_SIZE(vq->iov),
500 &out, &in, NULL, NULL);
501 if (head < 0)
502 break;
503
504 if (head == vq->num) {
505 if (unlikely(vhost_enable_notify(&vsock->dev, vq))) {
506 vhost_disable_notify(&vsock->dev, vq);
507 continue;
508 }
509 break;
510 }
511
71dc9ec9
BE		 512 skb = vhost_vsock_alloc_skb(vq, out, in);
513 if (!skb) {
433fc58e
AH		 514 vq_err(vq, "Faulted on pkt\n");
515 continue;
516 }
517
71dc9ec9 518 total_len += sizeof(*hdr) + skb->len;
3fda5d6e 519
82dfb540 520 /* Deliver to monitoring devices all received packets */
71dc9ec9
BE		 521 virtio_transport_deliver_tap_pkt(skb);
522
523 hdr = virtio_vsock_hdr(skb);
82dfb540 524
433fc58e 525 /* Only accept correctly addressed packets */
71dc9ec9
BE		 526 if (le64_to_cpu(hdr->src_cid) == vsock->guest_cid &&
527 le64_to_cpu(hdr->dst_cid) ==
8a3cc29c 528 vhost_transport_get_local_cid())
71dc9ec9 529 virtio_transport_recv_pkt(&vhost_transport, skb);
433fc58e 530 else
71dc9ec9 531 kfree_skb(skb);
433fc58e 532
49d8c5ff 533 vhost_add_used(vq, head, 0);
433fc58e 534 added = true;
e79b431f 535 } while(likely(!vhost_exceeds_weight(vq, ++pkts, total_len)));
433fc58e
AH		 536
537no_more_replies:
538 if (added)
539 vhost_signal(&vsock->dev, vq);
540
541out:
542 mutex_unlock(&vq->mutex);
543}
544
545static void vhost_vsock_handle_rx_kick(struct vhost_work *work)
546{
547 struct vhost_virtqueue *vq = container_of(work, struct vhost_virtqueue,
548 poll.work);
549 struct vhost_vsock *vsock = container_of(vq->dev, struct vhost_vsock,
550 dev);
551
552 vhost_transport_do_send_pkt(vsock, vq);
553}
554
555static int vhost_vsock_start(struct vhost_vsock *vsock)
556{
0516ffd8 557 struct vhost_virtqueue *vq;
433fc58e
AH		 558 size_t i;
559 int ret;
560
561 mutex_lock(&vsock->dev.mutex);
562
563 ret = vhost_dev_check_owner(&vsock->dev);
564 if (ret)
565 goto err;
566
567 for (i = 0; i < ARRAY_SIZE(vsock->vqs); i++) {
0516ffd8 568 vq = &vsock->vqs[i];
433fc58e
AH		 569
570 mutex_lock(&vq->mutex);
571
572 if (!vhost_vq_access_ok(vq)) {
573 ret = -EFAULT;
433fc58e
AH		 574 goto err_vq;
575 }
576
247643f8
EP		 577 if (!vhost_vq_get_backend(vq)) {
578 vhost_vq_set_backend(vq, vsock);
0516ffd8
SH		 579 ret = vhost_vq_init_access(vq);
580 if (ret)
581 goto err_vq;
433fc58e
AH		 582 }
583
584 mutex_unlock(&vq->mutex);
585 }
586
0b841030
JH		 587 /* Some packets may have been queued before the device was started,
588 * let's kick the send worker to send them.
589 */
9e09d0ec 590 vhost_vq_work_queue(&vsock->vqs[VSOCK_VQ_RX], &vsock->send_pkt_work);
0b841030 591
433fc58e
AH		 592 mutex_unlock(&vsock->dev.mutex);
593 return 0;
594
595err_vq:
247643f8 596 vhost_vq_set_backend(vq, NULL);
0516ffd8
SH		 597 mutex_unlock(&vq->mutex);
598
433fc58e 599 for (i = 0; i < ARRAY_SIZE(vsock->vqs); i++) {
0516ffd8 600 vq = &vsock->vqs[i];
433fc58e
AH		 601
602 mutex_lock(&vq->mutex);
247643f8 603 vhost_vq_set_backend(vq, NULL);
433fc58e
AH		 604 mutex_unlock(&vq->mutex);
605 }
606err:
607 mutex_unlock(&vsock->dev.mutex);
608 return ret;
609}
610
a58da53f 611static int vhost_vsock_stop(struct vhost_vsock *vsock, bool check_owner)
433fc58e
AH		 612{
613 size_t i;
a58da53f 614 int ret = 0;
433fc58e
AH		 615
616 mutex_lock(&vsock->dev.mutex);
617
a58da53f
SG		 618 if (check_owner) {
619 ret = vhost_dev_check_owner(&vsock->dev);
620 if (ret)
621 goto err;
622 }
433fc58e
AH		 623
624 for (i = 0; i < ARRAY_SIZE(vsock->vqs); i++) {
625 struct vhost_virtqueue *vq = &vsock->vqs[i];
626
627 mutex_lock(&vq->mutex);
247643f8 628 vhost_vq_set_backend(vq, NULL);
433fc58e
AH		 629 mutex_unlock(&vq->mutex);
630 }
631
632err:
633 mutex_unlock(&vsock->dev.mutex);
634 return ret;
635}
636
637static void vhost_vsock_free(struct vhost_vsock *vsock)
638{
b226acab 639 kvfree(vsock);
433fc58e
AH		 640}
641
642static int vhost_vsock_dev_open(struct inode *inode, struct file *file)
643{
644 struct vhost_virtqueue **vqs;
645 struct vhost_vsock *vsock;
646 int ret;
647
648 /* This struct is large and allocation could fail, fall back to vmalloc
649 * if there is no other way.
650 */
dcda9b04 651 vsock = kvmalloc(sizeof(*vsock), GFP_KERNEL | __GFP_RETRY_MAYFAIL);
6c5ab651
MH		 652 if (!vsock)
653 return -ENOMEM;
433fc58e
AH		 654
655 vqs = kmalloc_array(ARRAY_SIZE(vsock->vqs), sizeof(*vqs), GFP_KERNEL);
656 if (!vqs) {
657 ret = -ENOMEM;
658 goto out;
659 }
660
a72b69dc
SH		 661 vsock->guest_cid = 0; /* no CID assigned yet */
662
433fc58e
AH		 663 atomic_set(&vsock->queued_replies, 0);
664
665 vqs[VSOCK_VQ_TX] = &vsock->vqs[VSOCK_VQ_TX];
666 vqs[VSOCK_VQ_RX] = &vsock->vqs[VSOCK_VQ_RX];
667 vsock->vqs[VSOCK_VQ_TX].handle_kick = vhost_vsock_handle_tx_kick;
668 vsock->vqs[VSOCK_VQ_RX].handle_kick = vhost_vsock_handle_rx_kick;
669
e82b9b07
JW		 670 vhost_dev_init(&vsock->dev, vqs, ARRAY_SIZE(vsock->vqs),
671 UIO_MAXIOV, VHOST_VSOCK_PKT_WEIGHT,
01fcb1cb 672 VHOST_VSOCK_WEIGHT, true, NULL);
433fc58e
AH		 673
674 file->private_data = vsock;
71dc9ec9 675 skb_queue_head_init(&vsock->send_pkt_queue);
433fc58e 676 vhost_work_init(&vsock->send_pkt_work, vhost_transport_send_pkt_work);
433fc58e
AH		 677 return 0;
678
679out:
680 vhost_vsock_free(vsock);
681 return ret;
682}
683
684static void vhost_vsock_flush(struct vhost_vsock *vsock)
685{
b2ffa407 686 vhost_dev_flush(&vsock->dev);
433fc58e
AH		 687}
688
689static void vhost_vsock_reset_orphans(struct sock *sk)
690{
691 struct vsock_sock *vsk = vsock_sk(sk);
692
693 /* vmci_transport.c doesn't take sk_lock here either. At least we're
694 * under vsock_table_lock so the sock cannot disappear while we're
695 * executing.
696 */
697
c38f57da
SH		 698 /* If the peer is still valid, no need to reset connection */
699 if (vhost_vsock_get(vsk->remote_addr.svm_cid))
700 return;
701
702 /* If the close timeout is pending, let it expire. This avoids races
703 * with the timeout callback.
704 */
705 if (vsk->close_work_scheduled)
706 return;
707
708 sock_set_flag(sk, SOCK_DONE);
709 vsk->peer_shutdown = SHUTDOWN_MASK;
710 sk->sk_state = SS_UNCONNECTED;
711 sk->sk_err = ECONNRESET;
e3ae2365 712 sk_error_report(sk);
433fc58e
AH		 713}
714
715static int vhost_vsock_dev_release(struct inode *inode, struct file *file)
716{
717 struct vhost_vsock *vsock = file->private_data;
718
6db3d8dc 719 mutex_lock(&vhost_vsock_mutex);
834e772c
SH		 720 if (vsock->guest_cid)
721 hash_del_rcu(&vsock->hash);
6db3d8dc 722 mutex_unlock(&vhost_vsock_mutex);
433fc58e 723
834e772c
SH		 724 /* Wait for other CPUs to finish using vsock */
725 synchronize_rcu();
726
433fc58e
AH		 727 /* Iterating over all connections for all CIDs to find orphans is
728 * inefficient. Room for improvement here. */
8e6ed963
JP		 729 vsock_for_each_connected_socket(&vhost_transport.transport,
730 vhost_vsock_reset_orphans);
433fc58e 731
a58da53f
SG		 732 /* Don't check the owner, because we are in the release path, so we
733 * need to stop the vsock device in any case.
734 * vhost_vsock_stop() can not fail in this case, so we don't need to
735 * check the return code.
736 */
737 vhost_vsock_stop(vsock, false);
433fc58e
AH		 738 vhost_vsock_flush(vsock);
739 vhost_dev_stop(&vsock->dev);
740
71dc9ec9 741 virtio_vsock_skb_queue_purge(&vsock->send_pkt_queue);
433fc58e 742
f6f93f75 743 vhost_dev_cleanup(&vsock->dev);
433fc58e
AH		 744 kfree(vsock->dev.vqs);
745 vhost_vsock_free(vsock);
746 return 0;
747}
748
749static int vhost_vsock_set_cid(struct vhost_vsock *vsock, u64 guest_cid)
750{
751 struct vhost_vsock *other;
752
753 /* Refuse reserved CIDs */
754 if (guest_cid <= VMADDR_CID_HOST ||
755 guest_cid == U32_MAX)
756 return -EINVAL;
757
758 /* 64-bit CIDs are not yet supported */
759 if (guest_cid > U32_MAX)
760 return -EINVAL;
761
ed8640a9
SG		 762 /* Refuse if CID is assigned to the guest->host transport (i.e. nested
763 * VM), to make the loopback work.
764 */
765 if (vsock_find_cid(guest_cid))
766 return -EADDRINUSE;
767
433fc58e 768 /* Refuse if CID is already in use */
6db3d8dc 769 mutex_lock(&vhost_vsock_mutex);
834e772c 770 other = vhost_vsock_get(guest_cid);
6c083c2b 771 if (other && other != vsock) {
6db3d8dc 772 mutex_unlock(&vhost_vsock_mutex);
6c083c2b
G		 773 return -EADDRINUSE;
774 }
834e772c
SH		 775
776 if (vsock->guest_cid)
777 hash_del_rcu(&vsock->hash);
778
433fc58e 779 vsock->guest_cid = guest_cid;
7fbe078c 780 hash_add_rcu(vhost_vsock_hash, &vsock->hash, vsock->guest_cid);
6db3d8dc 781 mutex_unlock(&vhost_vsock_mutex);
433fc58e
AH		 782
783 return 0;
784}
785
786static int vhost_vsock_set_features(struct vhost_vsock *vsock, u64 features)
787{
788 struct vhost_virtqueue *vq;
789 int i;
790
791 if (features & ~VHOST_VSOCK_FEATURES)
792 return -EOPNOTSUPP;
793
794 mutex_lock(&vsock->dev.mutex);
795 if ((features & (1 << VHOST_F_LOG_ALL)) &&
796 !vhost_log_access_ok(&vsock->dev)) {
e13a6915
SG		 797 goto err;
798 }
799
800 if ((features & (1ULL << VIRTIO_F_ACCESS_PLATFORM))) {
759aba1e 801 if (vhost_init_device_iotlb(&vsock->dev))
e13a6915 802 goto err;
433fc58e
AH		 803 }
804
ced7b713
AK		 805 if (features & (1ULL << VIRTIO_VSOCK_F_SEQPACKET))
806 vsock->seqpacket_allow = true;
807
433fc58e
AH		 808 for (i = 0; i < ARRAY_SIZE(vsock->vqs); i++) {
809 vq = &vsock->vqs[i];
810 mutex_lock(&vq->mutex);
811 vq->acked_features = features;
812 mutex_unlock(&vq->mutex);
813 }
814 mutex_unlock(&vsock->dev.mutex);
815 return 0;
e13a6915
SG		 816
817err:
818 mutex_unlock(&vsock->dev.mutex);
819 return -EFAULT;
433fc58e
AH		 820}
821
822static long vhost_vsock_dev_ioctl(struct file *f, unsigned int ioctl,
823 unsigned long arg)
824{
825 struct vhost_vsock *vsock = f->private_data;
826 void __user *argp = (void __user *)arg;
827 u64 guest_cid;
828 u64 features;
829 int start;
830 int r;
831
832 switch (ioctl) {
833 case VHOST_VSOCK_SET_GUEST_CID:
834 if (copy_from_user(&guest_cid, argp, sizeof(guest_cid)))
835 return -EFAULT;
836 return vhost_vsock_set_cid(vsock, guest_cid);
837 case VHOST_VSOCK_SET_RUNNING:
838 if (copy_from_user(&start, argp, sizeof(start)))
839 return -EFAULT;
840 if (start)
841 return vhost_vsock_start(vsock);
842 else
a58da53f 843 return vhost_vsock_stop(vsock, true);
433fc58e
AH		 844 case VHOST_GET_FEATURES:
845 features = VHOST_VSOCK_FEATURES;
846 if (copy_to_user(argp, &features, sizeof(features)))
847 return -EFAULT;
848 return 0;
849 case VHOST_SET_FEATURES:
850 if (copy_from_user(&features, argp, sizeof(features)))
851 return -EFAULT;
852 return vhost_vsock_set_features(vsock, features);
e13a6915
SG		 853 case VHOST_GET_BACKEND_FEATURES:
854 features = VHOST_VSOCK_BACKEND_FEATURES;
855 if (copy_to_user(argp, &features, sizeof(features)))
856 return -EFAULT;
857 return 0;
858 case VHOST_SET_BACKEND_FEATURES:
859 if (copy_from_user(&features, argp, sizeof(features)))
860 return -EFAULT;
861 if (features & ~VHOST_VSOCK_BACKEND_FEATURES)
862 return -EOPNOTSUPP;
863 vhost_set_backend_features(&vsock->dev, features);
864 return 0;
433fc58e
AH		 865 default:
866 mutex_lock(&vsock->dev.mutex);
867 r = vhost_dev_ioctl(&vsock->dev, ioctl, argp);
868 if (r == -ENOIOCTLCMD)
869 r = vhost_vring_ioctl(&vsock->dev, ioctl, argp);
870 else
871 vhost_vsock_flush(vsock);
872 mutex_unlock(&vsock->dev.mutex);
873 return r;
874 }
875}
876
e13a6915
SG		 877static ssize_t vhost_vsock_chr_read_iter(struct kiocb *iocb, struct iov_iter *to)
878{
879 struct file *file = iocb->ki_filp;
880 struct vhost_vsock *vsock = file->private_data;
881 struct vhost_dev *dev = &vsock->dev;
882 int noblock = file->f_flags & O_NONBLOCK;
883
884 return vhost_chr_read_iter(dev, to, noblock);
885}
886
887static ssize_t vhost_vsock_chr_write_iter(struct kiocb *iocb,
888 struct iov_iter *from)
889{
890 struct file *file = iocb->ki_filp;
891 struct vhost_vsock *vsock = file->private_data;
892 struct vhost_dev *dev = &vsock->dev;
893
894 return vhost_chr_write_iter(dev, from);
895}
896
897static __poll_t vhost_vsock_chr_poll(struct file *file, poll_table *wait)
898{
899 struct vhost_vsock *vsock = file->private_data;
900 struct vhost_dev *dev = &vsock->dev;
901
902 return vhost_chr_poll(file, dev, wait);
903}
904
433fc58e
AH		 905static const struct file_operations vhost_vsock_fops = {
906 .owner = THIS_MODULE,
907 .open = vhost_vsock_dev_open,
908 .release = vhost_vsock_dev_release,
909 .llseek = noop_llseek,
910 .unlocked_ioctl = vhost_vsock_dev_ioctl,
407e9ef7 911 .compat_ioctl = compat_ptr_ioctl,
e13a6915
SG		 912 .read_iter = vhost_vsock_chr_read_iter,
913 .write_iter = vhost_vsock_chr_write_iter,
914 .poll = vhost_vsock_chr_poll,
433fc58e
AH		 915};
916
917static struct miscdevice vhost_vsock_misc = {
f4660cc9 918 .minor = VHOST_VSOCK_MINOR,
433fc58e
AH		 919 .name = "vhost-vsock",
920 .fops = &vhost_vsock_fops,
921};
922
433fc58e
AH		 923static int __init vhost_vsock_init(void)
924{
925 int ret;
926
c0cfa2d8
SG		 927 ret = vsock_core_register(&vhost_transport.transport,
928 VSOCK_TRANSPORT_F_H2G);
433fc58e
AH		 929 if (ret < 0)
930 return ret;
7a4efe18
YC		 931
932 ret = misc_register(&vhost_vsock_misc);
933 if (ret) {
934 vsock_core_unregister(&vhost_transport.transport);
935 return ret;
936 }
937
938 return 0;
433fc58e
AH		 939};
940
941static void __exit vhost_vsock_exit(void)
942{
943 misc_deregister(&vhost_vsock_misc);
c0cfa2d8 944 vsock_core_unregister(&vhost_transport.transport);
433fc58e
AH		 945};
946
947module_init(vhost_vsock_init);
948module_exit(vhost_vsock_exit);
949MODULE_LICENSE("GPL v2");
950MODULE_AUTHOR("Asias He");
951MODULE_DESCRIPTION("vhost transport for vsock ");
f4660cc9
SH		 952MODULE_ALIAS_MISCDEV(VHOST_VSOCK_MINOR);
953MODULE_ALIAS("devname:vhost-vsock");
Linux 6.x block layer and io_uring tree(s)