1 /******************************************************************************
2 * drivers/xen/blktap/blktap.c
4 * Back-end driver for user level virtual block devices. This portion of the
5 * driver exports a 'unified' block-device interface that can be accessed
6 * by any operating system that implements a compatible front end. Requests
7 * are remapped to a user-space memory region.
9 * Based on the blkback driver code.
11 * Copyright (c) 2004-2005, Andrew Warfield and Julian Chesterfield
13 * This program is free software; you can redistribute it and/or
14 * modify it under the terms of the GNU General Public License version 2
15 * as published by the Free Software Foundation; or, when distributed
16 * separately from the Linux kernel or incorporated into other
17 * software packages, subject to the following license:
19 * Permission is hereby granted, free of charge, to any person obtaining a copy
20 * of this source file (the "Software"), to deal in the Software without
21 * restriction, including without limitation the rights to use, copy, modify,
22 * merge, publish, distribute, sublicense, and/or sell copies of the Software,
23 * and to permit persons to whom the Software is furnished to do so, subject to
24 * the following conditions:
26 * The above copyright notice and this permission notice shall be included in
27 * all copies or substantial portions of the Software.
29 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
30 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
31 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
32 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
33 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
34 * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
38 #include <linux/spinlock.h>
39 #include <linux/kthread.h>
40 #include <linux/list.h>
41 #include <asm/hypervisor.h>
43 #include <xen/balloon.h>
44 #include <linux/kernel.h>
47 #include <linux/errno.h>
48 #include <linux/major.h>
49 #include <linux/gfp.h>
50 #include <linux/poll.h>
51 #include <asm/tlbflush.h>
53 #define MAX_TAP_DEV 100 /*the maximum number of tapdisk ring devices */
54 #define MAX_DEV_NAME 100 /*the max tapdisk ring device name e.g. blktap0 */
57 struct class *xen_class;
58 EXPORT_SYMBOL_GPL(xen_class);
61 * Setup the xen class. This should probably go in another file, but
62 * since blktap is the only user of it so far, it gets to keep it.
64 int setup_xen_class(void)
71 xen_class = class_create(THIS_MODULE, "xen");
72 if ((ret = IS_ERR(xen_class))) {
81 * The maximum number of requests that can be outstanding at any time
84 * [mmap_alloc * MAX_PENDING_REQS * BLKIF_MAX_SEGMENTS_PER_REQUEST]
86 * where mmap_alloc < MAX_DYNAMIC_MEM.
89 * mmap_alloc is initialised to 2 and should be adjustable on the fly via
92 #define MAX_DYNAMIC_MEM 64
93 #define MAX_PENDING_REQS 64
94 #define MMAP_PAGES (MAX_PENDING_REQS * BLKIF_MAX_SEGMENTS_PER_REQUEST)
95 #define MMAP_VADDR(_start, _req,_seg) \
97 ((_req) * BLKIF_MAX_SEGMENTS_PER_REQUEST * PAGE_SIZE) + \
99 static int blkif_reqs = MAX_PENDING_REQS;
100 static int mmap_pages = MMAP_PAGES;
102 #define RING_PAGES 1 /* BLKTAP - immediately before the mmap area, we
103 * have a bunch of pages reserved for shared
107 /*Data struct associated with each of the tapdisk devices*/
108 typedef struct tap_blkif {
109 struct vm_area_struct *vma; /*Shared memory area */
110 unsigned long rings_vstart; /*Kernel memory mapping */
111 unsigned long user_vstart; /*User memory mapping */
112 unsigned long dev_inuse; /*One process opens device at a time. */
113 unsigned long dev_pending; /*In process of being opened */
114 unsigned long ring_ok; /*make this ring->state */
115 blkif_front_ring_t ufe_ring; /*Rings up to user space. */
116 wait_queue_head_t wait; /*for poll */
117 unsigned long mode; /*current switching mode */
118 int minor; /*Minor number for tapdisk device */
119 pid_t pid; /*tapdisk process id */
120 enum { RUNNING, CLEANSHUTDOWN } status; /*Detect a clean userspace
122 unsigned long *idx_map; /*Record the user ring id to kern
123 [req id, idx] tuple */
124 blkif_t *blkif; /*Associate blkif with tapdev */
125 int sysfs_set; /*Set if it has a class device. */
128 /*Data struct handed back to userspace for tapdisk device to VBD mapping*/
129 typedef struct domid_translate {
130 unsigned short domid;
131 unsigned short busid;
132 } domid_translate_t ;
134 static domid_translate_t translate_domid[MAX_TAP_DEV];
135 static tap_blkif_t *tapfds[MAX_TAP_DEV];
137 static int __init set_blkif_reqs(char *str)
139 get_option(&str, &blkif_reqs);
142 __setup("blkif_reqs=", set_blkif_reqs);
144 /* Run-time switchable: /sys/module/blktap/parameters/ */
145 static unsigned int log_stats = 0;
146 static unsigned int debug_lvl = 0;
147 module_param(log_stats, int, 0644);
148 module_param(debug_lvl, int, 0644);
151 * Each outstanding request that we've passed to the lower device layers has a
152 * 'pending_req' allocated to it. Each buffer_head that completes decrements
153 * the pendcnt towards zero. When it hits zero, the specified domain has a
154 * response queued for it, with the saved 'id' passed back.
159 unsigned short mem_idx;
162 unsigned short operation;
164 struct list_head free_list;
168 static pending_req_t *pending_reqs[MAX_PENDING_REQS];
169 static struct list_head pending_free;
170 static DEFINE_SPINLOCK(pending_free_lock);
171 static DECLARE_WAIT_QUEUE_HEAD (pending_free_wq);
172 static int alloc_pending_reqs;
174 typedef unsigned int PEND_RING_IDX;
176 static inline int MASK_PEND_IDX(int i) {
177 return (i & (MAX_PENDING_REQS-1));
180 static inline unsigned int RTN_PEND_IDX(pending_req_t *req, int idx) {
181 return (req - pending_reqs[idx]);
184 #define NR_PENDING_REQS (MAX_PENDING_REQS - pending_prod + pending_cons)
186 #define BLKBACK_INVALID_HANDLE (~0)
188 static struct page **foreign_pages[MAX_DYNAMIC_MEM];
189 static inline unsigned long idx_to_kaddr(
190 unsigned int mmap_idx, unsigned int req_idx, unsigned int sg_idx)
192 unsigned int arr_idx = req_idx*BLKIF_MAX_SEGMENTS_PER_REQUEST + sg_idx;
193 unsigned long pfn = page_to_pfn(foreign_pages[mmap_idx][arr_idx]);
194 return (unsigned long)pfn_to_kaddr(pfn);
197 static unsigned short mmap_alloc = 0;
198 static unsigned short mmap_lock = 0;
199 static unsigned short mmap_inuse = 0;
201 /******************************************************************
205 /* When using grant tables to map a frame for device access then the
206 * handle returned must be used to unmap the frame. This is needed to
207 * drop the ref count on the frame.
209 struct grant_handle_pair
211 grant_handle_t kernel;
215 static struct grant_handle_pair
216 pending_grant_handles[MAX_DYNAMIC_MEM][MMAP_PAGES];
217 #define pending_handle(_id, _idx, _i) \
218 (pending_grant_handles[_id][((_idx) * BLKIF_MAX_SEGMENTS_PER_REQUEST) \
222 static int blktap_read_ufe_ring(tap_blkif_t *info); /*local prototypes*/
224 #define BLKTAP_MINOR 0 /*/dev/xen/blktap has a dynamic major */
225 #define BLKTAP_DEV_DIR "/dev/xen"
227 static int blktap_major;
230 #define BLKTAP_IOCTL_KICK_FE 1
231 #define BLKTAP_IOCTL_KICK_BE 2 /* currently unused */
232 #define BLKTAP_IOCTL_SETMODE 3
233 #define BLKTAP_IOCTL_SENDPID 4
234 #define BLKTAP_IOCTL_NEWINTF 5
235 #define BLKTAP_IOCTL_MINOR 6
236 #define BLKTAP_IOCTL_MAJOR 7
237 #define BLKTAP_QUERY_ALLOC_REQS 8
238 #define BLKTAP_IOCTL_FREEINTF 9
239 #define BLKTAP_IOCTL_PRINT_IDXS 100
241 /* blktap switching modes: (Set with BLKTAP_IOCTL_SETMODE) */
242 #define BLKTAP_MODE_PASSTHROUGH 0x00000000 /* default */
243 #define BLKTAP_MODE_INTERCEPT_FE 0x00000001
244 #define BLKTAP_MODE_INTERCEPT_BE 0x00000002 /* unimp. */
246 #define BLKTAP_MODE_INTERPOSE \
247 (BLKTAP_MODE_INTERCEPT_FE | BLKTAP_MODE_INTERCEPT_BE)
250 static inline int BLKTAP_MODE_VALID(unsigned long arg)
252 return ((arg == BLKTAP_MODE_PASSTHROUGH ) ||
253 (arg == BLKTAP_MODE_INTERCEPT_FE) ||
254 (arg == BLKTAP_MODE_INTERPOSE ));
257 /* Requests passing through the tap to userspace are re-assigned an ID.
258 * We must record a mapping between the BE [IDX,ID] tuple and the userspace
262 static inline unsigned long MAKE_ID(domid_t fe_dom, PEND_RING_IDX idx)
264 return ((fe_dom << 16) | MASK_PEND_IDX(idx));
267 extern inline PEND_RING_IDX ID_TO_IDX(unsigned long id)
269 return (PEND_RING_IDX)(id & 0x0000ffff);
272 extern inline int ID_TO_MIDX(unsigned long id)
274 return (int)(id >> 16);
277 #define INVALID_REQ 0xdead0000
279 /*TODO: Convert to a free list*/
280 static inline int GET_NEXT_REQ(unsigned long *idx_map)
283 for (i = 0; i < MAX_PENDING_REQS; i++)
284 if (idx_map[i] == INVALID_REQ)
291 #define BLKTAP_INVALID_HANDLE(_g) \
292 (((_g->kernel) == 0xFFFF) && ((_g->user) == 0xFFFF))
294 #define BLKTAP_INVALIDATE_HANDLE(_g) do { \
295 (_g)->kernel = 0xFFFF; (_g)->user = 0xFFFF; \
299 /******************************************************************
303 static struct page *blktap_nopage(struct vm_area_struct *vma,
304 unsigned long address,
308 * if the page has not been mapped in by the driver then return
309 * NOPAGE_SIGBUS to the domain.
312 return NOPAGE_SIGBUS;
315 struct vm_operations_struct blktap_vm_ops = {
316 nopage: blktap_nopage,
319 /******************************************************************
323 /*Function Declarations*/
324 static int get_next_free_dev(void);
325 static int blktap_open(struct inode *inode, struct file *filp);
326 static int blktap_release(struct inode *inode, struct file *filp);
327 static int blktap_mmap(struct file *filp, struct vm_area_struct *vma);
328 static int blktap_ioctl(struct inode *inode, struct file *filp,
329 unsigned int cmd, unsigned long arg);
330 static unsigned int blktap_poll(struct file *file, poll_table *wait);
332 static struct file_operations blktap_fops = {
333 .owner = THIS_MODULE,
335 .ioctl = blktap_ioctl,
337 .release = blktap_release,
342 static int get_next_free_dev(void)
348 spin_lock_irqsave(&pending_free_lock, flags);
350 while (i < MAX_TAP_DEV) {
352 if ( (tapfds[i] != NULL) && (info->dev_inuse == 0)
353 && (info->dev_pending == 0) ) {
354 info->dev_pending = 1;
362 spin_unlock_irqrestore(&pending_free_lock, flags);
365 * We are protected by having the dev_pending set.
367 if (!tapfds[i]->sysfs_set && xen_class) {
368 class_device_create(xen_class, NULL,
369 MKDEV(blktap_major, ret), NULL,
371 tapfds[i]->sysfs_set = 1;
376 int dom_to_devid(domid_t domid, int xenbus_id, blkif_t *blkif)
380 for (i = 0; i < MAX_TAP_DEV; i++)
381 if ( (translate_domid[i].domid == domid)
382 && (translate_domid[i].busid == xenbus_id) ) {
383 tapfds[i]->blkif = blkif;
384 tapfds[i]->status = RUNNING;
390 void signal_tapdisk(int idx)
393 struct task_struct *ptask;
396 if ( (idx > 0) && (idx < MAX_TAP_DEV) && (info->pid > 0) ) {
397 ptask = find_task_by_pid(info->pid);
399 info->status = CLEANSHUTDOWN;
405 static int blktap_open(struct inode *inode, struct file *filp)
407 blkif_sring_t *sring;
408 int idx = iminor(inode) - BLKTAP_MINOR;
412 if (tapfds[idx] == NULL) {
413 WPRINTK("Unable to open device /dev/xen/blktap%d\n",
417 DPRINTK("Opening device /dev/xen/blktap%d\n",idx);
421 /*Only one process can access device at a time*/
422 if (test_and_set_bit(0, &info->dev_inuse))
425 info->dev_pending = 0;
427 /* Allocate the fe ring. */
428 sring = (blkif_sring_t *)get_zeroed_page(GFP_KERNEL);
432 SetPageReserved(virt_to_page(sring));
434 SHARED_RING_INIT(sring);
435 FRONT_RING_INIT(&info->ufe_ring, sring, PAGE_SIZE);
437 filp->private_data = info;
440 info->idx_map = kmalloc(sizeof(unsigned long) * MAX_PENDING_REQS,
444 init_waitqueue_head(&info->wait);
445 for (i = 0; i < MAX_PENDING_REQS; i++)
446 info->idx_map[i] = INVALID_REQ;
449 DPRINTK("Tap open: device /dev/xen/blktap%d\n",idx);
456 static int blktap_release(struct inode *inode, struct file *filp)
458 tap_blkif_t *info = filp->private_data;
460 /* can this ever happen? - sdr */
462 WPRINTK("Trying to free device that doesn't exist "
463 "[/dev/xen/blktap%d]\n",iminor(inode) - BLKTAP_MINOR);
467 DPRINTK("Freeing device [/dev/xen/blktap%d]\n",info->minor);
469 /* Free the ring page. */
470 ClearPageReserved(virt_to_page(info->ufe_ring.sring));
471 free_page((unsigned long) info->ufe_ring.sring);
473 /* Clear any active mappings and free foreign map table */
476 info->vma, info->vma->vm_start,
477 info->vma->vm_end - info->vma->vm_start, NULL);
481 if ( (info->status != CLEANSHUTDOWN) && (info->blkif != NULL) ) {
482 kthread_stop(info->blkif->xenblkd);
483 info->blkif->xenblkd = NULL;
484 info->status = CLEANSHUTDOWN;
491 * We need to map pages to user space in a way that will allow the block
492 * subsystem set up direct IO to them. This couldn't be done before, because
493 * there isn't really a sane way to translate a user virtual address down to a
494 * physical address when the page belongs to another domain.
496 * My first approach was to map the page in to kernel memory, add an entry
497 * for it in the physical frame list (using alloc_lomem_region as in blkback)
498 * and then attempt to map that page up to user space. This is disallowed
499 * by xen though, which realizes that we don't really own the machine frame
500 * underlying the physical page.
502 * The new approach is to provide explicit support for this in xen linux.
503 * The VMA now has a flag, VM_FOREIGN, to indicate that it contains pages
504 * mapped from other vms. vma->vm_private_data is set up as a mapping
505 * from pages to actual page structs. There is a new clause in get_user_pages
506 * that does the right thing for this sort of mapping.
508 static int blktap_mmap(struct file *filp, struct vm_area_struct *vma)
513 tap_blkif_t *info = filp->private_data;
516 WPRINTK("blktap: mmap, retrieving idx failed\n");
520 vma->vm_flags |= VM_RESERVED;
521 vma->vm_ops = &blktap_vm_ops;
523 size = vma->vm_end - vma->vm_start;
524 if (size != ((mmap_pages + RING_PAGES) << PAGE_SHIFT)) {
525 WPRINTK("you _must_ map exactly %d pages!\n",
526 mmap_pages + RING_PAGES);
531 info->rings_vstart = vma->vm_start;
532 info->user_vstart = info->rings_vstart + (RING_PAGES << PAGE_SHIFT);
534 /* Map the ring pages to the start of the region and reserve it. */
535 vma->vm_page_prot = pgprot_noncached(vma->vm_page_prot);
537 if (remap_pfn_range(vma, vma->vm_start,
538 __pa(info->ufe_ring.sring) >> PAGE_SHIFT,
539 PAGE_SIZE, vma->vm_page_prot)) {
540 WPRINTK("Mapping user ring failed!\n");
544 /* Mark this VM as containing foreign pages, and set up mappings. */
545 map = kzalloc(((vma->vm_end - vma->vm_start) >> PAGE_SHIFT)
546 * sizeof(struct page_struct*),
549 WPRINTK("Couldn't alloc VM_FOREIGN map.\n");
553 for (i = 0; i < ((vma->vm_end - vma->vm_start) >> PAGE_SHIFT); i++)
556 vma->vm_private_data = map;
557 vma->vm_flags |= VM_FOREIGN;
563 /* Clear any active mappings. */
564 zap_page_range(vma, vma->vm_start,
565 vma->vm_end - vma->vm_start, NULL);
571 static int blktap_ioctl(struct inode *inode, struct file *filp,
572 unsigned int cmd, unsigned long arg)
574 tap_blkif_t *info = filp->private_data;
577 case BLKTAP_IOCTL_KICK_FE:
579 /* There are fe messages to process. */
580 return blktap_read_ufe_ring(info);
582 case BLKTAP_IOCTL_SETMODE:
585 if (BLKTAP_MODE_VALID(arg)) {
587 /* XXX: may need to flush rings here. */
588 DPRINTK("blktap: set mode to %lx\n",
595 case BLKTAP_IOCTL_PRINT_IDXS:
598 printk("User Rings: \n-----------\n");
599 printk("UF: rsp_cons: %2d, req_prod_prv: %2d "
600 "| req_prod: %2d, rsp_prod: %2d\n",
601 info->ufe_ring.rsp_cons,
602 info->ufe_ring.req_prod_pvt,
603 info->ufe_ring.sring->req_prod,
604 info->ufe_ring.sring->rsp_prod);
608 case BLKTAP_IOCTL_SENDPID:
611 info->pid = (pid_t)arg;
612 DPRINTK("blktap: pid received %d\n",
617 case BLKTAP_IOCTL_NEWINTF:
619 uint64_t val = (uint64_t)arg;
620 domid_translate_t *tr = (domid_translate_t *)&val;
623 DPRINTK("NEWINTF Req for domid %d and bus id %d\n",
624 tr->domid, tr->busid);
625 newdev = get_next_free_dev();
627 WPRINTK("Error initialising /dev/xen/blktap - "
628 "No more devices\n");
631 translate_domid[newdev].domid = tr->domid;
632 translate_domid[newdev].busid = tr->busid;
635 case BLKTAP_IOCTL_FREEINTF:
637 unsigned long dev = arg;
640 /* Looking at another device */
643 if ( (dev > 0) && (dev < MAX_TAP_DEV) )
646 spin_lock_irqsave(&pending_free_lock, flags);
647 if ( (info != NULL) && (info->dev_pending) )
648 info->dev_pending = 0;
649 spin_unlock_irqrestore(&pending_free_lock, flags);
653 case BLKTAP_IOCTL_MINOR:
655 unsigned long dev = arg;
657 /* Looking at another device */
660 if ( (dev > 0) && (dev < MAX_TAP_DEV) )
668 case BLKTAP_IOCTL_MAJOR:
671 case BLKTAP_QUERY_ALLOC_REQS:
673 WPRINTK("BLKTAP_QUERY_ALLOC_REQS ioctl: %d/%d\n",
674 alloc_pending_reqs, blkif_reqs);
675 return (alloc_pending_reqs/blkif_reqs) * 100;
681 static unsigned int blktap_poll(struct file *filp, poll_table *wait)
683 tap_blkif_t *info = filp->private_data;
686 WPRINTK(" poll, retrieving idx failed\n");
690 /* do not work on the control device */
694 poll_wait(filp, &info->wait, wait);
695 if (info->ufe_ring.req_prod_pvt != info->ufe_ring.sring->req_prod) {
696 RING_PUSH_REQUESTS(&info->ufe_ring);
697 return POLLIN | POLLRDNORM;
702 void blktap_kick_user(int idx)
712 wake_up_interruptible(&info->wait);
717 static int do_block_io_op(blkif_t *blkif);
718 static void dispatch_rw_block_io(blkif_t *blkif,
719 blkif_request_t *req,
720 pending_req_t *pending_req);
721 static void make_response(blkif_t *blkif, unsigned long id,
722 unsigned short op, int st);
724 /******************************************************************
727 static int req_increase(void)
731 if (mmap_alloc >= MAX_PENDING_REQS || mmap_lock)
734 pending_reqs[mmap_alloc] = kzalloc(sizeof(pending_req_t)
735 * blkif_reqs, GFP_KERNEL);
736 foreign_pages[mmap_alloc] = alloc_empty_pages_and_pagevec(mmap_pages);
738 if (!pending_reqs[mmap_alloc] || !foreign_pages[mmap_alloc])
741 DPRINTK("%s: reqs=%d, pages=%d\n",
742 __FUNCTION__, blkif_reqs, mmap_pages);
744 for (i = 0; i < MAX_PENDING_REQS; i++) {
745 list_add_tail(&pending_reqs[mmap_alloc][i].free_list,
747 pending_reqs[mmap_alloc][i].mem_idx = mmap_alloc;
748 for (j = 0; j < BLKIF_MAX_SEGMENTS_PER_REQUEST; j++)
749 BLKTAP_INVALIDATE_HANDLE(&pending_handle(mmap_alloc,
754 DPRINTK("# MMAPs increased to %d\n",mmap_alloc);
758 free_empty_pages_and_pagevec(foreign_pages[mmap_alloc], mmap_pages);
759 kfree(pending_reqs[mmap_alloc]);
760 WPRINTK("%s: out of memory\n", __FUNCTION__);
764 static void mmap_req_del(int mmap)
766 BUG_ON(!spin_is_locked(&pending_free_lock));
768 kfree(pending_reqs[mmap]);
769 pending_reqs[mmap] = NULL;
771 free_empty_pages_and_pagevec(foreign_pages[mmap_alloc], mmap_pages);
772 foreign_pages[mmap] = NULL;
775 DPRINTK("# MMAPs decreased to %d\n",mmap_alloc);
779 static pending_req_t* alloc_req(void)
781 pending_req_t *req = NULL;
784 spin_lock_irqsave(&pending_free_lock, flags);
786 if (!list_empty(&pending_free)) {
787 req = list_entry(pending_free.next, pending_req_t, free_list);
788 list_del(&req->free_list);
793 alloc_pending_reqs++;
795 spin_unlock_irqrestore(&pending_free_lock, flags);
800 static void free_req(pending_req_t *req)
805 spin_lock_irqsave(&pending_free_lock, flags);
807 alloc_pending_reqs--;
809 if (mmap_lock && (req->mem_idx == mmap_alloc-1)) {
811 if (mmap_inuse == 0) mmap_req_del(mmap_alloc-1);
812 spin_unlock_irqrestore(&pending_free_lock, flags);
815 was_empty = list_empty(&pending_free);
816 list_add(&req->free_list, &pending_free);
818 spin_unlock_irqrestore(&pending_free_lock, flags);
821 wake_up(&pending_free_wq);
824 static void fast_flush_area(pending_req_t *req, int k_idx, int u_idx, int
827 struct gnttab_unmap_grant_ref unmap[BLKIF_MAX_SEGMENTS_PER_REQUEST*2];
828 unsigned int i, invcount = 0;
829 struct grant_handle_pair *khandle;
832 unsigned long kvaddr, uvaddr;
834 tap_blkif_t *info = tapfds[tapidx];
837 WPRINTK("fast_flush: Couldn't get info!\n");
840 mmap_idx = req->mem_idx;
842 for (i = 0; i < req->nr_pages; i++) {
843 kvaddr = idx_to_kaddr(mmap_idx, k_idx, i);
844 uvaddr = MMAP_VADDR(info->user_vstart, u_idx, i);
846 khandle = &pending_handle(mmap_idx, k_idx, i);
847 if (BLKTAP_INVALID_HANDLE(khandle)) {
848 WPRINTK("BLKTAP_INVALID_HANDLE\n");
851 gnttab_set_unmap_op(&unmap[invcount],
852 idx_to_kaddr(mmap_idx, k_idx, i),
853 GNTMAP_host_map, khandle->kernel);
856 if (create_lookup_pte_addr(
858 MMAP_VADDR(info->user_vstart, u_idx, i),
860 WPRINTK("Couldn't get a pte addr!\n");
864 gnttab_set_unmap_op(&unmap[invcount],
865 ptep, GNTMAP_host_map,
869 BLKTAP_INVALIDATE_HANDLE(khandle);
871 ret = HYPERVISOR_grant_table_op(
872 GNTTABOP_unmap_grant_ref, unmap, invcount);
875 if (info->vma != NULL)
876 zap_page_range(info->vma,
877 MMAP_VADDR(info->user_vstart, u_idx, 0),
878 req->nr_pages << PAGE_SHIFT, NULL);
881 /******************************************************************
882 * SCHEDULER FUNCTIONS
885 static void print_stats(blkif_t *blkif)
887 printk(KERN_DEBUG "%s: oo %3d | rd %4d | wr %4d\n",
888 current->comm, blkif->st_oo_req,
889 blkif->st_rd_req, blkif->st_wr_req);
890 blkif->st_print = jiffies + msecs_to_jiffies(10 * 1000);
891 blkif->st_rd_req = 0;
892 blkif->st_wr_req = 0;
893 blkif->st_oo_req = 0;
896 int tap_blkif_schedule(void *arg)
898 blkif_t *blkif = arg;
903 printk(KERN_DEBUG "%s: started\n", current->comm);
905 while (!kthread_should_stop()) {
906 wait_event_interruptible(
908 blkif->waiting_reqs || kthread_should_stop());
909 wait_event_interruptible(
911 !list_empty(&pending_free) || kthread_should_stop());
913 blkif->waiting_reqs = 0;
914 smp_mb(); /* clear flag *before* checking for work */
916 if (do_block_io_op(blkif))
917 blkif->waiting_reqs = 1;
919 if (log_stats && time_after(jiffies, blkif->st_print))
926 printk(KERN_DEBUG "%s: exiting\n", current->comm);
928 blkif->xenblkd = NULL;
934 /******************************************************************
935 * COMPLETION CALLBACK -- Called by user level ioctl()
938 static int blktap_read_ufe_ring(tap_blkif_t *info)
940 /* This is called to read responses from the UFE ring. */
942 blkif_response_t *resp;
944 int pending_idx, usr_idx, mmap_idx;
945 pending_req_t *pending_req;
950 /* We currently only forward packets in INTERCEPT_FE mode. */
951 if (!(info->mode & BLKTAP_MODE_INTERCEPT_FE))
954 /* for each outstanding message on the UFEring */
955 rp = info->ufe_ring.sring->rsp_prod;
958 for (i = info->ufe_ring.rsp_cons; i != rp; i++) {
959 resp = RING_GET_RESPONSE(&info->ufe_ring, i);
960 ++info->ufe_ring.rsp_cons;
962 /*retrieve [usr_idx] to [mmap_idx,pending_idx] mapping*/
963 usr_idx = (int)resp->id;
964 pending_idx = MASK_PEND_IDX(ID_TO_IDX(info->idx_map[usr_idx]));
965 mmap_idx = ID_TO_MIDX(info->idx_map[usr_idx]);
967 if ( (mmap_idx >= mmap_alloc) ||
968 (ID_TO_IDX(info->idx_map[usr_idx]) >= MAX_PENDING_REQS) )
969 WPRINTK("Incorrect req map"
970 "[%d], internal map [%d,%d (%d)]\n",
972 ID_TO_IDX(info->idx_map[usr_idx]),
974 ID_TO_IDX(info->idx_map[usr_idx])));
976 pending_req = &pending_reqs[mmap_idx][pending_idx];
977 blkif = pending_req->blkif;
979 for (j = 0; j < pending_req->nr_pages; j++) {
981 unsigned long kvaddr, uvaddr;
982 struct page **map = info->vma->vm_private_data;
986 uvaddr = MMAP_VADDR(info->user_vstart, usr_idx, j);
987 kvaddr = idx_to_kaddr(mmap_idx, pending_idx, j);
989 pg = pfn_to_page(__pa(kvaddr) >> PAGE_SHIFT);
990 ClearPageReserved(pg);
991 offset = (uvaddr - info->vma->vm_start)
995 fast_flush_area(pending_req, pending_idx, usr_idx, info->minor);
996 make_response(blkif, pending_req->id, resp->operation,
998 info->idx_map[usr_idx] = INVALID_REQ;
999 blkif_put(pending_req->blkif);
1000 free_req(pending_req);
1007 /******************************************************************************
1008 * NOTIFICATION FROM GUEST OS.
1011 static void blkif_notify_work(blkif_t *blkif)
1013 blkif->waiting_reqs = 1;
1014 wake_up(&blkif->wq);
1017 irqreturn_t tap_blkif_be_int(int irq, void *dev_id, struct pt_regs *regs)
1019 blkif_notify_work(dev_id);
1025 /******************************************************************
1026 * DOWNWARD CALLS -- These interface with the block-device layer proper.
1028 static int print_dbug = 1;
1029 static int do_block_io_op(blkif_t *blkif)
1031 blkif_back_ring_t *blk_ring = &blkif->blk_ring;
1032 blkif_request_t *req;
1033 pending_req_t *pending_req;
1038 rc = blk_ring->req_cons;
1039 rp = blk_ring->sring->req_prod;
1040 rmb(); /* Ensure we see queued requests up to 'rp'. */
1042 /*Check blkif has corresponding UE ring*/
1043 if (blkif->dev_num == -1) {
1046 WPRINTK("Corresponding UE "
1047 "ring does not exist!\n");
1048 print_dbug = 0; /*We only print this message once*/
1053 info = tapfds[blkif->dev_num];
1054 if (info == NULL || !info->dev_inuse) {
1056 WPRINTK("Can't get UE info!\n");
1064 if (RING_FULL(&info->ufe_ring)) {
1065 WPRINTK("RING_FULL! More to do\n");
1070 if (RING_REQUEST_CONS_OVERFLOW(blk_ring, rc)) {
1071 WPRINTK("RING_REQUEST_CONS_OVERFLOW!"
1077 pending_req = alloc_req();
1078 if (NULL == pending_req) {
1084 req = RING_GET_REQUEST(blk_ring, rc);
1085 blk_ring->req_cons = ++rc; /* before make_response() */
1087 switch (req->operation) {
1090 dispatch_rw_block_io(blkif, req, pending_req);
1093 case BLKIF_OP_WRITE:
1095 dispatch_rw_block_io(blkif, req, pending_req);
1099 WPRINTK("unknown operation [%d]\n",
1101 make_response(blkif, req->id, req->operation,
1103 free_req(pending_req);
1108 blktap_kick_user(blkif->dev_num);
1113 static void dispatch_rw_block_io(blkif_t *blkif,
1114 blkif_request_t *req,
1115 pending_req_t *pending_req)
1117 extern void ll_rw_block(int rw, int nr, struct buffer_head * bhs[]);
1118 int op, operation = (req->operation == BLKIF_OP_WRITE) ? WRITE : READ;
1119 struct gnttab_map_grant_ref map[BLKIF_MAX_SEGMENTS_PER_REQUEST*2];
1122 tap_blkif_t *info = tapfds[blkif->dev_num];
1125 blkif_request_t *target;
1126 int pending_idx = RTN_PEND_IDX(pending_req,pending_req->mem_idx);
1127 int usr_idx = GET_NEXT_REQ(info->idx_map);
1128 uint16_t mmap_idx = pending_req->mem_idx;
1130 /*Check we have space on user ring - should never fail*/
1131 if(usr_idx == INVALID_REQ) goto fail_flush;
1133 /* Check that number of segments is sane. */
1134 nseg = req->nr_segments;
1135 if ( unlikely(nseg == 0) ||
1136 unlikely(nseg > BLKIF_MAX_SEGMENTS_PER_REQUEST) ) {
1137 WPRINTK("Bad number of segments in request (%d)\n", nseg);
1141 /* Make sure userspace is ready. */
1142 if (!info->ring_ok) {
1143 WPRINTK("blktap: ring not ready for requests!\n");
1147 if (RING_FULL(&info->ufe_ring)) {
1148 WPRINTK("blktap: fe_ring is full, can't add "
1149 "IO Request will be dropped. %d %d\n",
1150 RING_SIZE(&info->ufe_ring),
1151 RING_SIZE(&blkif->blk_ring));
1155 pending_req->blkif = blkif;
1156 pending_req->id = req->id;
1157 pending_req->operation = operation;
1158 pending_req->status = BLKIF_RSP_OKAY;
1159 pending_req->nr_pages = nseg;
1161 for (i = 0; i < nseg; i++) {
1162 unsigned long uvaddr;
1163 unsigned long kvaddr;
1168 uvaddr = MMAP_VADDR(info->user_vstart, usr_idx, i);
1169 kvaddr = idx_to_kaddr(mmap_idx, pending_idx, i);
1170 page = virt_to_page(kvaddr);
1172 sector = req->sector_number + (8*i);
1173 if( (blkif->sectors > 0) && (sector >= blkif->sectors) ) {
1174 WPRINTK("BLKTAP: Sector request greater"
1176 WPRINTK("BLKTAP: %s request sector"
1177 "[%llu,%llu], Total [%llu]\n",
1179 BLKIF_OP_WRITE ? "WRITE" : "READ"),
1180 (long long unsigned) sector,
1181 (long long unsigned) sector>>9,
1185 flags = GNTMAP_host_map;
1186 if (operation == WRITE)
1187 flags |= GNTMAP_readonly;
1188 gnttab_set_map_op(&map[op], kvaddr, flags,
1189 req->seg[i].gref, blkif->domid);
1192 /* Now map it to user. */
1193 ret = create_lookup_pte_addr(info->vma->vm_mm,
1196 WPRINTK("Couldn't get a pte addr!\n");
1197 fast_flush_area(pending_req, pending_idx, usr_idx,
1202 flags = GNTMAP_host_map | GNTMAP_application_map
1203 | GNTMAP_contains_pte;
1204 if (operation == WRITE)
1205 flags |= GNTMAP_readonly;
1206 gnttab_set_map_op(&map[op], ptep, flags,
1207 req->seg[i].gref, blkif->domid);
1211 ret = HYPERVISOR_grant_table_op(GNTTABOP_map_grant_ref, map, op);
1214 for (i = 0; i < (nseg*2); i+=2) {
1215 unsigned long uvaddr;
1216 unsigned long kvaddr;
1217 unsigned long offset;
1220 uvaddr = MMAP_VADDR(info->user_vstart, usr_idx, i/2);
1221 kvaddr = idx_to_kaddr(mmap_idx, pending_idx, i/2);
1223 if (unlikely(map[i].status != 0)) {
1224 WPRINTK("invalid kernel buffer -- "
1225 "could not remap it\n");
1229 if (unlikely(map[i+1].status != 0)) {
1230 WPRINTK("invalid user buffer -- "
1231 "could not remap it\n");
1235 pending_handle(mmap_idx, pending_idx, i/2).kernel
1237 pending_handle(mmap_idx, pending_idx, i/2).user
1239 set_phys_to_machine(__pa(kvaddr) >> PAGE_SHIFT,
1240 FOREIGN_FRAME(map[i].dev_bus_addr >> PAGE_SHIFT));
1241 offset = (uvaddr - info->vma->vm_start) >> PAGE_SHIFT;
1242 pg = pfn_to_page(__pa(kvaddr) >> PAGE_SHIFT);
1243 ((struct page **)info->vma->vm_private_data)[offset] =
1246 /* Mark mapped pages as reserved: */
1247 for (i = 0; i < req->nr_segments; i++) {
1248 unsigned long kvaddr;
1251 kvaddr = idx_to_kaddr(mmap_idx, pending_idx, i);
1252 pg = pfn_to_page(__pa(kvaddr) >> PAGE_SHIFT);
1253 SetPageReserved(pg);
1256 /*record [mmap_idx,pending_idx] to [usr_idx] mapping*/
1257 info->idx_map[usr_idx] = MAKE_ID(mmap_idx, pending_idx);
1260 /* Finally, write the request message to the user ring. */
1261 target = RING_GET_REQUEST(&info->ufe_ring,
1262 info->ufe_ring.req_prod_pvt);
1263 memcpy(target, req, sizeof(*req));
1264 target->id = usr_idx;
1265 info->ufe_ring.req_prod_pvt++;
1269 WPRINTK("Reached Fail_flush\n");
1270 fast_flush_area(pending_req, pending_idx, usr_idx, blkif->dev_num);
1272 make_response(blkif, req->id, req->operation, BLKIF_RSP_ERROR);
1273 free_req(pending_req);
1278 /******************************************************************
1279 * MISCELLANEOUS SETUP / TEARDOWN / DEBUGGING
1283 static void make_response(blkif_t *blkif, unsigned long id,
1284 unsigned short op, int st)
1286 blkif_response_t *resp;
1287 unsigned long flags;
1288 blkif_back_ring_t *blk_ring = &blkif->blk_ring;
1292 spin_lock_irqsave(&blkif->blk_ring_lock, flags);
1293 /* Place on the response ring for the relevant domain. */
1294 resp = RING_GET_RESPONSE(blk_ring, blk_ring->rsp_prod_pvt);
1296 resp->operation = op;
1298 blk_ring->rsp_prod_pvt++;
1299 RING_PUSH_RESPONSES_AND_CHECK_NOTIFY(blk_ring, notify);
1301 if (blk_ring->rsp_prod_pvt == blk_ring->req_cons) {
1303 * Tail check for pending requests. Allows frontend to avoid
1304 * notifications if requests are already in flight (lower
1305 * overheads and promotes batching).
1307 RING_FINAL_CHECK_FOR_REQUESTS(blk_ring, more_to_do);
1308 } else if (RING_HAS_UNCONSUMED_REQUESTS(blk_ring)) {
1312 spin_unlock_irqrestore(&blkif->blk_ring_lock, flags);
1314 blkif_notify_work(blkif);
1316 notify_remote_via_irq(blkif->irq);
1319 static int __init blkif_init(void)
1324 if (!is_running_on_xen())
1327 INIT_LIST_HEAD(&pending_free);
1328 for(i = 0; i < 2; i++) {
1329 ret = req_increase();
1336 tap_blkif_interface_init();
1338 alloc_pending_reqs = 0;
1340 tap_blkif_xenbus_init();
1342 /*Create the blktap devices, but do not map memory or waitqueue*/
1343 for(i = 0; i < MAX_TAP_DEV; i++) translate_domid[i].domid = 0xFFFF;
1345 /* Dynamically allocate a major for this device */
1346 ret = register_chrdev(0, "blktap", &blktap_fops);
1349 WPRINTK("Couldn't register /dev/xen/blktap\n");
1355 for(i = 0; i < MAX_TAP_DEV; i++ ) {
1356 info = tapfds[i] = kzalloc(sizeof(tap_blkif_t),GFP_KERNEL);
1357 if(tapfds[i] == NULL)
1363 info->dev_pending = info->dev_inuse = 0;
1365 DPRINTK("Created misc_dev [/dev/xen/blktap%d]\n",i);
1368 /* Make sure the xen class exists */
1369 if (!setup_xen_class()) {
1371 * This will allow udev to create the blktap ctrl device.
1372 * We only want to create blktap0 first. We don't want
1373 * to flood the sysfs system with needless blktap devices.
1374 * We only create the device when a request of a new device is
1377 class_device_create(xen_class, NULL,
1378 MKDEV(blktap_major, 0), NULL,
1380 tapfds[0]->sysfs_set = 1;
1382 /* this is bad, but not fatal */
1383 WPRINTK("blktap: sysfs xen_class not created\n");
1386 DPRINTK("Blktap device successfully created\n");
1391 module_init(blkif_init);
1393 MODULE_LICENSE("Dual BSD/GPL");
git://git.onelab.eu / linux-2.6.git / blob