net/hyperv/rndis_filter.c

0001 // SPDX-License-Identifier: GPL-2.0-only
0002 /*
0003  * Copyright (c) 2009, Microsoft Corporation.
0004  *
0005  * Authors:
0006  *   Haiyang Zhang <haiyangz@microsoft.com>
0007  *   Hank Janssen  <hjanssen@microsoft.com>
0008  */
0009 #include <linux/ethtool.h>
0010 #include <linux/kernel.h>
0011 #include <linux/sched.h>
0012 #include <linux/wait.h>
0013 #include <linux/highmem.h>
0014 #include <linux/slab.h>
0015 #include <linux/io.h>
0016 #include <linux/if_ether.h>
0017 #include <linux/netdevice.h>
0018 #include <linux/if_vlan.h>
0019 #include <linux/nls.h>
0020 #include <linux/vmalloc.h>
0021 #include <linux/rtnetlink.h>
0022 #include <linux/ucs2_string.h>
0023
0024 #include "hyperv_net.h"
0025 #include "netvsc_trace.h"
0026
0027 static void rndis_set_multicast(struct work_struct *w);
0028
0029 #define RNDIS_EXT_LEN HV_HYP_PAGE_SIZE
0030 struct rndis_request {
0031     struct list_head list_ent;
0032     struct completion  wait_event;
0033
0034     struct rndis_message response_msg;
0035     /*
0036      * The buffer for extended info after the RNDIS response message. It's
0037      * referenced based on the data offset in the RNDIS message. Its size
0038      * is enough for current needs, and should be sufficient for the near
0039      * future.
0040      */
0041     u8 response_ext[RNDIS_EXT_LEN];
0042
0043     /* Simplify allocation by having a netvsc packet inline */
0044     struct hv_netvsc_packet pkt;
0045
0046     struct rndis_message request_msg;
0047     /*
0048      * The buffer for the extended info after the RNDIS request message.
0049      * It is referenced and sized in a similar way as response_ext.
0050      */
0051     u8 request_ext[RNDIS_EXT_LEN];
0052 };
0053
0054 static const u8 netvsc_hash_key[NETVSC_HASH_KEYLEN] = {
0055     0x6d, 0x5a, 0x56, 0xda, 0x25, 0x5b, 0x0e, 0xc2,
0056     0x41, 0x67, 0x25, 0x3d, 0x43, 0xa3, 0x8f, 0xb0,
0057     0xd0, 0xca, 0x2b, 0xcb, 0xae, 0x7b, 0x30, 0xb4,
0058     0x77, 0xcb, 0x2d, 0xa3, 0x80, 0x30, 0xf2, 0x0c,
0059     0x6a, 0x42, 0xb7, 0x3b, 0xbe, 0xac, 0x01, 0xfa
0060 };
0061
0062 static struct rndis_device *get_rndis_device(void)
0063 {
0064     struct rndis_device *device;
0065
0066     device = kzalloc(sizeof(struct rndis_device), GFP_KERNEL);
0067     if (!device)
0068         return NULL;
0069
0070     spin_lock_init(&device->request_lock);
0071
0072     INIT_LIST_HEAD(&device->req_list);
0073     INIT_WORK(&device->mcast_work, rndis_set_multicast);
0074
0075     device->state = RNDIS_DEV_UNINITIALIZED;
0076
0077     return device;
0078 }
0079
0080 static struct rndis_request *get_rndis_request(struct rndis_device *dev,
0081                          u32 msg_type,
0082                          u32 msg_len)
0083 {
0084     struct rndis_request *request;
0085     struct rndis_message *rndis_msg;
0086     struct rndis_set_request *set;
0087     unsigned long flags;
0088
0089     request = kzalloc(sizeof(struct rndis_request), GFP_KERNEL);
0090     if (!request)
0091         return NULL;
0092
0093     init_completion(&request->wait_event);
0094
0095     rndis_msg = &request->request_msg;
0096     rndis_msg->ndis_msg_type = msg_type;
0097     rndis_msg->msg_len = msg_len;
0098
0099     request->pkt.q_idx = 0;
0100
0101     /*
0102      * Set the request id. This field is always after the rndis header for
0103      * request/response packet types so we just used the SetRequest as a
0104      * template
0105      */
0106     set = &rndis_msg->msg.set_req;
0107     set->req_id = atomic_inc_return(&dev->new_req_id);
0108
0109     /* Add to the request list */
0110     spin_lock_irqsave(&dev->request_lock, flags);
0111     list_add_tail(&request->list_ent, &dev->req_list);
0112     spin_unlock_irqrestore(&dev->request_lock, flags);
0113
0114     return request;
0115 }
0116
0117 static void put_rndis_request(struct rndis_device *dev,
0118                 struct rndis_request *req)
0119 {
0120     unsigned long flags;
0121
0122     spin_lock_irqsave(&dev->request_lock, flags);
0123     list_del(&req->list_ent);
0124     spin_unlock_irqrestore(&dev->request_lock, flags);
0125
0126     kfree(req);
0127 }
0128
0129 static void dump_rndis_message(struct net_device *netdev,
0130                    const struct rndis_message *rndis_msg,
0131                    const void *data)
0132 {
0133     switch (rndis_msg->ndis_msg_type) {
0134     case RNDIS_MSG_PACKET:
0135         if (rndis_msg->msg_len - RNDIS_HEADER_SIZE >= sizeof(struct rndis_packet)) {
0136             const struct rndis_packet *pkt = data + RNDIS_HEADER_SIZE;
0137             netdev_dbg(netdev, "RNDIS_MSG_PACKET (len %u, "
0138                    "data offset %u data len %u, # oob %u, "
0139                    "oob offset %u, oob len %u, pkt offset %u, "
0140                    "pkt len %u\n",
0141                    rndis_msg->msg_len,
0142                    pkt->data_offset,
0143                    pkt->data_len,
0144                    pkt->num_oob_data_elements,
0145                    pkt->oob_data_offset,
0146                    pkt->oob_data_len,
0147                    pkt->per_pkt_info_offset,
0148                    pkt->per_pkt_info_len);
0149         }
0150         break;
0151
0152     case RNDIS_MSG_INIT_C:
0153         if (rndis_msg->msg_len - RNDIS_HEADER_SIZE >=
0154                 sizeof(struct rndis_initialize_complete)) {
0155             const struct rndis_initialize_complete *init_complete =
0156                 data + RNDIS_HEADER_SIZE;
0157             netdev_dbg(netdev, "RNDIS_MSG_INIT_C "
0158                 "(len %u, id 0x%x, status 0x%x, major %d, minor %d, "
0159                 "device flags %d, max xfer size 0x%x, max pkts %u, "
0160                 "pkt aligned %u)\n",
0161                 rndis_msg->msg_len,
0162                 init_complete->req_id,
0163                 init_complete->status,
0164                 init_complete->major_ver,
0165                 init_complete->minor_ver,
0166                 init_complete->dev_flags,
0167                 init_complete->max_xfer_size,
0168                 init_complete->max_pkt_per_msg,
0169                 init_complete->pkt_alignment_factor);
0170         }
0171         break;
0172
0173     case RNDIS_MSG_QUERY_C:
0174         if (rndis_msg->msg_len - RNDIS_HEADER_SIZE >=
0175                 sizeof(struct rndis_query_complete)) {
0176             const struct rndis_query_complete *query_complete =
0177                 data + RNDIS_HEADER_SIZE;
0178             netdev_dbg(netdev, "RNDIS_MSG_QUERY_C "
0179                 "(len %u, id 0x%x, status 0x%x, buf len %u, "
0180                 "buf offset %u)\n",
0181                 rndis_msg->msg_len,
0182                 query_complete->req_id,
0183                 query_complete->status,
0184                 query_complete->info_buflen,
0185                 query_complete->info_buf_offset);
0186         }
0187         break;
0188
0189     case RNDIS_MSG_SET_C:
0190         if (rndis_msg->msg_len - RNDIS_HEADER_SIZE + sizeof(struct rndis_set_complete)) {
0191             const struct rndis_set_complete *set_complete =
0192                 data + RNDIS_HEADER_SIZE;
0193             netdev_dbg(netdev,
0194                 "RNDIS_MSG_SET_C (len %u, id 0x%x, status 0x%x)\n",
0195                 rndis_msg->msg_len,
0196                 set_complete->req_id,
0197                 set_complete->status);
0198         }
0199         break;
0200
0201     case RNDIS_MSG_INDICATE:
0202         if (rndis_msg->msg_len - RNDIS_HEADER_SIZE >=
0203                 sizeof(struct rndis_indicate_status)) {
0204             const struct rndis_indicate_status *indicate_status =
0205                 data + RNDIS_HEADER_SIZE;
0206             netdev_dbg(netdev, "RNDIS_MSG_INDICATE "
0207                 "(len %u, status 0x%x, buf len %u, buf offset %u)\n",
0208                 rndis_msg->msg_len,
0209                 indicate_status->status,
0210                 indicate_status->status_buflen,
0211                 indicate_status->status_buf_offset);
0212         }
0213         break;
0214
0215     default:
0216         netdev_dbg(netdev, "0x%x (len %u)\n",
0217             rndis_msg->ndis_msg_type,
0218             rndis_msg->msg_len);
0219         break;
0220     }
0221 }
0222
0223 static int rndis_filter_send_request(struct rndis_device *dev,
0224                   struct rndis_request *req)
0225 {
0226     struct hv_netvsc_packet *packet;
0227     struct hv_page_buffer page_buf[2];
0228     struct hv_page_buffer *pb = page_buf;
0229     int ret;
0230
0231     /* Setup the packet to send it */
0232     packet = &req->pkt;
0233
0234     packet->total_data_buflen = req->request_msg.msg_len;
0235     packet->page_buf_cnt = 1;
0236
0237     pb[0].pfn = virt_to_phys(&req->request_msg) >>
0238                     HV_HYP_PAGE_SHIFT;
0239     pb[0].len = req->request_msg.msg_len;
0240     pb[0].offset = offset_in_hvpage(&req->request_msg);
0241
0242     /* Add one page_buf when request_msg crossing page boundary */
0243     if (pb[0].offset + pb[0].len > HV_HYP_PAGE_SIZE) {
0244         packet->page_buf_cnt++;
0245         pb[0].len = HV_HYP_PAGE_SIZE -
0246             pb[0].offset;
0247         pb[1].pfn = virt_to_phys((void *)&req->request_msg
0248             + pb[0].len) >> HV_HYP_PAGE_SHIFT;
0249         pb[1].offset = 0;
0250         pb[1].len = req->request_msg.msg_len -
0251             pb[0].len;
0252     }
0253
0254     trace_rndis_send(dev->ndev, 0, &req->request_msg);
0255
0256     rcu_read_lock_bh();
0257     ret = netvsc_send(dev->ndev, packet, NULL, pb, NULL, false);
0258     rcu_read_unlock_bh();
0259
0260     return ret;
0261 }
0262
0263 static void rndis_set_link_state(struct rndis_device *rdev,
0264                  struct rndis_request *request)
0265 {
0266     u32 link_status;
0267     struct rndis_query_complete *query_complete;
0268     u32 msg_len = request->response_msg.msg_len;
0269
0270     /* Ensure the packet is big enough to access its fields */
0271     if (msg_len - RNDIS_HEADER_SIZE < sizeof(struct rndis_query_complete))
0272         return;
0273
0274     query_complete = &request->response_msg.msg.query_complete;
0275
0276     if (query_complete->status == RNDIS_STATUS_SUCCESS &&
0277         query_complete->info_buflen >= sizeof(u32) &&
0278         query_complete->info_buf_offset >= sizeof(*query_complete) &&
0279         msg_len - RNDIS_HEADER_SIZE >= query_complete->info_buf_offset &&
0280         msg_len - RNDIS_HEADER_SIZE - query_complete->info_buf_offset
0281             >= query_complete->info_buflen) {
0282         memcpy(&link_status, (void *)((unsigned long)query_complete +
0283                query_complete->info_buf_offset), sizeof(u32));
0284         rdev->link_state = link_status != 0;
0285     }
0286 }
0287
0288 static void rndis_filter_receive_response(struct net_device *ndev,
0289                       struct netvsc_device *nvdev,
0290                       struct rndis_message *resp,
0291                       void *data)
0292 {
0293     u32 *req_id = &resp->msg.init_complete.req_id;
0294     struct rndis_device *dev = nvdev->extension;
0295     struct rndis_request *request = NULL;
0296     bool found = false;
0297     unsigned long flags;
0298
0299     /* This should never happen, it means control message
0300      * response received after device removed.
0301      */
0302     if (dev->state == RNDIS_DEV_UNINITIALIZED) {
0303         netdev_err(ndev,
0304                "got rndis message uninitialized\n");
0305         return;
0306     }
0307
0308     /* Ensure the packet is big enough to read req_id. Req_id is the 1st
0309      * field in any request/response message, so the payload should have at
0310      * least sizeof(u32) bytes
0311      */
0312     if (resp->msg_len - RNDIS_HEADER_SIZE < sizeof(u32)) {
0313         netdev_err(ndev, "rndis msg_len too small: %u\n",
0314                resp->msg_len);
0315         return;
0316     }
0317
0318     /* Copy the request ID into nvchan->recv_buf */
0319     *req_id = *(u32 *)(data + RNDIS_HEADER_SIZE);
0320
0321     spin_lock_irqsave(&dev->request_lock, flags);
0322     list_for_each_entry(request, &dev->req_list, list_ent) {
0323         /*
0324          * All request/response message contains RequestId as the 1st
0325          * field
0326          */
0327         if (request->request_msg.msg.init_req.req_id == *req_id) {
0328             found = true;
0329             break;
0330         }
0331     }
0332     spin_unlock_irqrestore(&dev->request_lock, flags);
0333
0334     if (found) {
0335         if (resp->msg_len <=
0336             sizeof(struct rndis_message) + RNDIS_EXT_LEN) {
0337             memcpy(&request->response_msg, resp, RNDIS_HEADER_SIZE + sizeof(*req_id));
0338             memcpy((void *)&request->response_msg + RNDIS_HEADER_SIZE + sizeof(*req_id),
0339                    data + RNDIS_HEADER_SIZE + sizeof(*req_id),
0340                    resp->msg_len - RNDIS_HEADER_SIZE - sizeof(*req_id));
0341             if (request->request_msg.ndis_msg_type ==
0342                 RNDIS_MSG_QUERY && request->request_msg.msg.
0343                 query_req.oid == RNDIS_OID_GEN_MEDIA_CONNECT_STATUS)
0344                 rndis_set_link_state(dev, request);
0345         } else {
0346             netdev_err(ndev,
0347                 "rndis response buffer overflow "
0348                 "detected (size %u max %zu)\n",
0349                 resp->msg_len,
0350                 sizeof(struct rndis_message));
0351
0352             if (resp->ndis_msg_type ==
0353                 RNDIS_MSG_RESET_C) {
0354                 /* does not have a request id field */
0355                 request->response_msg.msg.reset_complete.
0356                     status = RNDIS_STATUS_BUFFER_OVERFLOW;
0357             } else {
0358                 request->response_msg.msg.
0359                 init_complete.status =
0360                     RNDIS_STATUS_BUFFER_OVERFLOW;
0361             }
0362         }
0363
0364         netvsc_dma_unmap(((struct net_device_context *)
0365             netdev_priv(ndev))->device_ctx, &request->pkt);
0366         complete(&request->wait_event);
0367     } else {
0368         netdev_err(ndev,
0369             "no rndis request found for this response "
0370             "(id 0x%x res type 0x%x)\n",
0371             *req_id,
0372             resp->ndis_msg_type);
0373     }
0374 }
0375
0376 /*
0377  * Get the Per-Packet-Info with the specified type
0378  * return NULL if not found.
0379  */
0380 static inline void *rndis_get_ppi(struct net_device *ndev,
0381                   struct rndis_packet *rpkt,
0382                   u32 rpkt_len, u32 type, u8 internal,
0383                   u32 ppi_size, void *data)
0384 {
0385     struct rndis_per_packet_info *ppi;
0386     int len;
0387
0388     if (rpkt->per_pkt_info_offset == 0)
0389         return NULL;
0390
0391     /* Validate info_offset and info_len */
0392     if (rpkt->per_pkt_info_offset < sizeof(struct rndis_packet) ||
0393         rpkt->per_pkt_info_offset > rpkt_len) {
0394         netdev_err(ndev, "Invalid per_pkt_info_offset: %u\n",
0395                rpkt->per_pkt_info_offset);
0396         return NULL;
0397     }
0398
0399     if (rpkt->per_pkt_info_len < sizeof(*ppi) ||
0400         rpkt->per_pkt_info_len > rpkt_len - rpkt->per_pkt_info_offset) {
0401         netdev_err(ndev, "Invalid per_pkt_info_len: %u\n",
0402                rpkt->per_pkt_info_len);
0403         return NULL;
0404     }
0405
0406     ppi = (struct rndis_per_packet_info *)((ulong)rpkt +
0407         rpkt->per_pkt_info_offset);
0408     /* Copy the PPIs into nvchan->recv_buf */
0409     memcpy(ppi, data + RNDIS_HEADER_SIZE + rpkt->per_pkt_info_offset, rpkt->per_pkt_info_len);
0410     len = rpkt->per_pkt_info_len;
0411
0412     while (len > 0) {
0413         /* Validate ppi_offset and ppi_size */
0414         if (ppi->size > len) {
0415             netdev_err(ndev, "Invalid ppi size: %u\n", ppi->size);
0416             continue;
0417         }
0418
0419         if (ppi->ppi_offset >= ppi->size) {
0420             netdev_err(ndev, "Invalid ppi_offset: %u\n", ppi->ppi_offset);
0421             continue;
0422         }
0423
0424         if (ppi->type == type && ppi->internal == internal) {
0425             /* ppi->size should be big enough to hold the returned object. */
0426             if (ppi->size - ppi->ppi_offset < ppi_size) {
0427                 netdev_err(ndev, "Invalid ppi: size %u ppi_offset %u\n",
0428                        ppi->size, ppi->ppi_offset);
0429                 continue;
0430             }
0431             return (void *)((ulong)ppi + ppi->ppi_offset);
0432         }
0433         len -= ppi->size;
0434         ppi = (struct rndis_per_packet_info *)((ulong)ppi + ppi->size);
0435     }
0436
0437     return NULL;
0438 }
0439
0440 static inline
0441 void rsc_add_data(struct netvsc_channel *nvchan,
0442           const struct ndis_pkt_8021q_info *vlan,
0443           const struct ndis_tcp_ip_checksum_info *csum_info,
0444           const u32 *hash_info,
0445           void *data, u32 len)
0446 {
0447     u32 cnt = nvchan->rsc.cnt;
0448
0449     if (cnt) {
0450         nvchan->rsc.pktlen += len;
0451     } else {
0452         /* The data/values pointed by vlan, csum_info and hash_info are shared
0453          * across the different 'fragments' of the RSC packet; store them into
0454          * the packet itself.
0455          */
0456         if (vlan != NULL) {
0457             memcpy(&nvchan->rsc.vlan, vlan, sizeof(*vlan));
0458             nvchan->rsc.ppi_flags |= NVSC_RSC_VLAN;
0459         } else {
0460             nvchan->rsc.ppi_flags &= ~NVSC_RSC_VLAN;
0461         }
0462         if (csum_info != NULL) {
0463             memcpy(&nvchan->rsc.csum_info, csum_info, sizeof(*csum_info));
0464             nvchan->rsc.ppi_flags |= NVSC_RSC_CSUM_INFO;
0465         } else {
0466             nvchan->rsc.ppi_flags &= ~NVSC_RSC_CSUM_INFO;
0467         }
0468         nvchan->rsc.pktlen = len;
0469         if (hash_info != NULL) {
0470             nvchan->rsc.hash_info = *hash_info;
0471             nvchan->rsc.ppi_flags |= NVSC_RSC_HASH_INFO;
0472         } else {
0473             nvchan->rsc.ppi_flags &= ~NVSC_RSC_HASH_INFO;
0474         }
0475     }
0476
0477     nvchan->rsc.data[cnt] = data;
0478     nvchan->rsc.len[cnt] = len;
0479     nvchan->rsc.cnt++;
0480 }
0481
0482 static int rndis_filter_receive_data(struct net_device *ndev,
0483                      struct netvsc_device *nvdev,
0484                      struct netvsc_channel *nvchan,
0485                      struct rndis_message *msg,
0486                      void *data, u32 data_buflen)
0487 {
0488     struct rndis_packet *rndis_pkt = &msg->msg.pkt;
0489     const struct ndis_tcp_ip_checksum_info *csum_info;
0490     const struct ndis_pkt_8021q_info *vlan;
0491     const struct rndis_pktinfo_id *pktinfo_id;
0492     const u32 *hash_info;
0493     u32 data_offset, rpkt_len;
0494     bool rsc_more = false;
0495     int ret;
0496
0497     /* Ensure data_buflen is big enough to read header fields */
0498     if (data_buflen < RNDIS_HEADER_SIZE + sizeof(struct rndis_packet)) {
0499         netdev_err(ndev, "invalid rndis pkt, data_buflen too small: %u\n",
0500                data_buflen);
0501         return NVSP_STAT_FAIL;
0502     }
0503
0504     /* Copy the RNDIS packet into nvchan->recv_buf */
0505     memcpy(rndis_pkt, data + RNDIS_HEADER_SIZE, sizeof(*rndis_pkt));
0506
0507     /* Validate rndis_pkt offset */
0508     if (rndis_pkt->data_offset >= data_buflen - RNDIS_HEADER_SIZE) {
0509         netdev_err(ndev, "invalid rndis packet offset: %u\n",
0510                rndis_pkt->data_offset);
0511         return NVSP_STAT_FAIL;
0512     }
0513
0514     /* Remove the rndis header and pass it back up the stack */
0515     data_offset = RNDIS_HEADER_SIZE + rndis_pkt->data_offset;
0516
0517     rpkt_len = data_buflen - RNDIS_HEADER_SIZE;
0518     data_buflen -= data_offset;
0519
0520     /*
0521      * Make sure we got a valid RNDIS message, now total_data_buflen
0522      * should be the data packet size plus the trailer padding size
0523      */
0524     if (unlikely(data_buflen < rndis_pkt->data_len)) {
0525         netdev_err(ndev, "rndis message buffer "
0526                "overflow detected (got %u, min %u)"
0527                "...dropping this message!\n",
0528                data_buflen, rndis_pkt->data_len);
0529         return NVSP_STAT_FAIL;
0530     }
0531
0532     vlan = rndis_get_ppi(ndev, rndis_pkt, rpkt_len, IEEE_8021Q_INFO, 0, sizeof(*vlan),
0533                  data);
0534
0535     csum_info = rndis_get_ppi(ndev, rndis_pkt, rpkt_len, TCPIP_CHKSUM_PKTINFO, 0,
0536                   sizeof(*csum_info), data);
0537
0538     hash_info = rndis_get_ppi(ndev, rndis_pkt, rpkt_len, NBL_HASH_VALUE, 0,
0539                   sizeof(*hash_info), data);
0540
0541     pktinfo_id = rndis_get_ppi(ndev, rndis_pkt, rpkt_len, RNDIS_PKTINFO_ID, 1,
0542                    sizeof(*pktinfo_id), data);
0543
0544     /* Identify RSC frags, drop erroneous packets */
0545     if (pktinfo_id && (pktinfo_id->flag & RNDIS_PKTINFO_SUBALLOC)) {
0546         if (pktinfo_id->flag & RNDIS_PKTINFO_1ST_FRAG)
0547             nvchan->rsc.cnt = 0;
0548         else if (nvchan->rsc.cnt == 0)
0549             goto drop;
0550
0551         rsc_more = true;
0552
0553         if (pktinfo_id->flag & RNDIS_PKTINFO_LAST_FRAG)
0554             rsc_more = false;
0555
0556         if (rsc_more && nvchan->rsc.is_last)
0557             goto drop;
0558     } else {
0559         nvchan->rsc.cnt = 0;
0560     }
0561
0562     if (unlikely(nvchan->rsc.cnt >= NVSP_RSC_MAX))
0563         goto drop;
0564
0565     /* Put data into per channel structure.
0566      * Also, remove the rndis trailer padding from rndis packet message
0567      * rndis_pkt->data_len tell us the real data length, we only copy
0568      * the data packet to the stack, without the rndis trailer padding
0569      */
0570     rsc_add_data(nvchan, vlan, csum_info, hash_info,
0571              data + data_offset, rndis_pkt->data_len);
0572
0573     if (rsc_more)
0574         return NVSP_STAT_SUCCESS;
0575
0576     ret = netvsc_recv_callback(ndev, nvdev, nvchan);
0577     nvchan->rsc.cnt = 0;
0578
0579     return ret;
0580
0581 drop:
0582     return NVSP_STAT_FAIL;
0583 }
0584
0585 int rndis_filter_receive(struct net_device *ndev,
0586              struct netvsc_device *net_dev,
0587              struct netvsc_channel *nvchan,
0588              void *data, u32 buflen)
0589 {
0590     struct net_device_context *net_device_ctx = netdev_priv(ndev);
0591     struct rndis_message *rndis_msg = nvchan->recv_buf;
0592
0593     if (buflen < RNDIS_HEADER_SIZE) {
0594         netdev_err(ndev, "Invalid rndis_msg (buflen: %u)\n", buflen);
0595         return NVSP_STAT_FAIL;
0596     }
0597
0598     /* Copy the RNDIS msg header into nvchan->recv_buf */
0599     memcpy(rndis_msg, data, RNDIS_HEADER_SIZE);
0600
0601     /* Validate incoming rndis_message packet */
0602     if (rndis_msg->msg_len < RNDIS_HEADER_SIZE ||
0603         buflen < rndis_msg->msg_len) {
0604         netdev_err(ndev, "Invalid rndis_msg (buflen: %u, msg_len: %u)\n",
0605                buflen, rndis_msg->msg_len);
0606         return NVSP_STAT_FAIL;
0607     }
0608
0609     if (netif_msg_rx_status(net_device_ctx))
0610         dump_rndis_message(ndev, rndis_msg, data);
0611
0612     switch (rndis_msg->ndis_msg_type) {
0613     case RNDIS_MSG_PACKET:
0614         return rndis_filter_receive_data(ndev, net_dev, nvchan,
0615                          rndis_msg, data, buflen);
0616     case RNDIS_MSG_INIT_C:
0617     case RNDIS_MSG_QUERY_C:
0618     case RNDIS_MSG_SET_C:
0619         /* completion msgs */
0620         rndis_filter_receive_response(ndev, net_dev, rndis_msg, data);
0621         break;
0622
0623     case RNDIS_MSG_INDICATE:
0624         /* notification msgs */
0625         netvsc_linkstatus_callback(ndev, rndis_msg, data, buflen);
0626         break;
0627     default:
0628         netdev_err(ndev,
0629             "unhandled rndis message (type %u len %u)\n",
0630                rndis_msg->ndis_msg_type,
0631                rndis_msg->msg_len);
0632         return NVSP_STAT_FAIL;
0633     }
0634
0635     return NVSP_STAT_SUCCESS;
0636 }
0637
0638 static int rndis_filter_query_device(struct rndis_device *dev,
0639                      struct netvsc_device *nvdev,
0640                      u32 oid, void *result, u32 *result_size)
0641 {
0642     struct rndis_request *request;
0643     u32 inresult_size = *result_size;
0644     struct rndis_query_request *query;
0645     struct rndis_query_complete *query_complete;
0646     u32 msg_len;
0647     int ret = 0;
0648
0649     if (!result)
0650         return -EINVAL;
0651
0652     *result_size = 0;
0653     request = get_rndis_request(dev, RNDIS_MSG_QUERY,
0654             RNDIS_MESSAGE_SIZE(struct rndis_query_request));
0655     if (!request) {
0656         ret = -ENOMEM;
0657         goto cleanup;
0658     }
0659
0660     /* Setup the rndis query */
0661     query = &request->request_msg.msg.query_req;
0662     query->oid = oid;
0663     query->info_buf_offset = sizeof(struct rndis_query_request);
0664     query->info_buflen = 0;
0665     query->dev_vc_handle = 0;
0666
0667     if (oid == OID_TCP_OFFLOAD_HARDWARE_CAPABILITIES) {
0668         struct ndis_offload *hwcaps;
0669         u32 nvsp_version = nvdev->nvsp_version;
0670         u8 ndis_rev;
0671         size_t size;
0672
0673         if (nvsp_version >= NVSP_PROTOCOL_VERSION_5) {
0674             ndis_rev = NDIS_OFFLOAD_PARAMETERS_REVISION_3;
0675             size = NDIS_OFFLOAD_SIZE;
0676         } else if (nvsp_version >= NVSP_PROTOCOL_VERSION_4) {
0677             ndis_rev = NDIS_OFFLOAD_PARAMETERS_REVISION_2;
0678             size = NDIS_OFFLOAD_SIZE_6_1;
0679         } else {
0680             ndis_rev = NDIS_OFFLOAD_PARAMETERS_REVISION_1;
0681             size = NDIS_OFFLOAD_SIZE_6_0;
0682         }
0683
0684         request->request_msg.msg_len += size;
0685         query->info_buflen = size;
0686         hwcaps = (struct ndis_offload *)
0687             ((unsigned long)query + query->info_buf_offset);
0688
0689         hwcaps->header.type = NDIS_OBJECT_TYPE_OFFLOAD;
0690         hwcaps->header.revision = ndis_rev;
0691         hwcaps->header.size = size;
0692
0693     } else if (oid == OID_GEN_RECEIVE_SCALE_CAPABILITIES) {
0694         struct ndis_recv_scale_cap *cap;
0695
0696         request->request_msg.msg_len +=
0697             sizeof(struct ndis_recv_scale_cap);
0698         query->info_buflen = sizeof(struct ndis_recv_scale_cap);
0699         cap = (struct ndis_recv_scale_cap *)((unsigned long)query +
0700                              query->info_buf_offset);
0701         cap->hdr.type = NDIS_OBJECT_TYPE_RSS_CAPABILITIES;
0702         cap->hdr.rev = NDIS_RECEIVE_SCALE_CAPABILITIES_REVISION_2;
0703         cap->hdr.size = sizeof(struct ndis_recv_scale_cap);
0704     }
0705
0706     ret = rndis_filter_send_request(dev, request);
0707     if (ret != 0)
0708         goto cleanup;
0709
0710     wait_for_completion(&request->wait_event);
0711
0712     /* Copy the response back */
0713     query_complete = &request->response_msg.msg.query_complete;
0714     msg_len = request->response_msg.msg_len;
0715
0716     /* Ensure the packet is big enough to access its fields */
0717     if (msg_len - RNDIS_HEADER_SIZE < sizeof(struct rndis_query_complete)) {
0718         ret = -1;
0719         goto cleanup;
0720     }
0721
0722     if (query_complete->info_buflen > inresult_size ||
0723         query_complete->info_buf_offset < sizeof(*query_complete) ||
0724         msg_len - RNDIS_HEADER_SIZE < query_complete->info_buf_offset ||
0725         msg_len - RNDIS_HEADER_SIZE - query_complete->info_buf_offset
0726             < query_complete->info_buflen) {
0727         ret = -1;
0728         goto cleanup;
0729     }
0730
0731     memcpy(result,
0732            (void *)((unsigned long)query_complete +
0733              query_complete->info_buf_offset),
0734            query_complete->info_buflen);
0735
0736     *result_size = query_complete->info_buflen;
0737
0738 cleanup:
0739     if (request)
0740         put_rndis_request(dev, request);
0741
0742     return ret;
0743 }
0744
0745 /* Get the hardware offload capabilities */
0746 static int
0747 rndis_query_hwcaps(struct rndis_device *dev, struct netvsc_device *net_device,
0748            struct ndis_offload *caps)
0749 {
0750     u32 caps_len = sizeof(*caps);
0751     int ret;
0752
0753     memset(caps, 0, sizeof(*caps));
0754
0755     ret = rndis_filter_query_device(dev, net_device,
0756                     OID_TCP_OFFLOAD_HARDWARE_CAPABILITIES,
0757                     caps, &caps_len);
0758     if (ret)
0759         return ret;
0760
0761     if (caps->header.type != NDIS_OBJECT_TYPE_OFFLOAD) {
0762         netdev_warn(dev->ndev, "invalid NDIS objtype %#x\n",
0763                 caps->header.type);
0764         return -EINVAL;
0765     }
0766
0767     if (caps->header.revision < NDIS_OFFLOAD_PARAMETERS_REVISION_1) {
0768         netdev_warn(dev->ndev, "invalid NDIS objrev %x\n",
0769                 caps->header.revision);
0770         return -EINVAL;
0771     }
0772
0773     if (caps->header.size > caps_len ||
0774         caps->header.size < NDIS_OFFLOAD_SIZE_6_0) {
0775         netdev_warn(dev->ndev,
0776                 "invalid NDIS objsize %u, data size %u\n",
0777                 caps->header.size, caps_len);
0778         return -EINVAL;
0779     }
0780
0781     return 0;
0782 }
0783
0784 static int rndis_filter_query_device_mac(struct rndis_device *dev,
0785                      struct netvsc_device *net_device)
0786 {
0787     u32 size = ETH_ALEN;
0788
0789     return rndis_filter_query_device(dev, net_device,
0790                       RNDIS_OID_802_3_PERMANENT_ADDRESS,
0791                       dev->hw_mac_adr, &size);
0792 }
0793
0794 #define NWADR_STR "NetworkAddress"
0795 #define NWADR_STRLEN 14
0796
0797 int rndis_filter_set_device_mac(struct netvsc_device *nvdev,
0798                 const char *mac)
0799 {
0800     struct rndis_device *rdev = nvdev->extension;
0801     struct rndis_request *request;
0802     struct rndis_set_request *set;
0803     struct rndis_config_parameter_info *cpi;
0804     wchar_t *cfg_nwadr, *cfg_mac;
0805     struct rndis_set_complete *set_complete;
0806     char macstr[2*ETH_ALEN+1];
0807     u32 extlen = sizeof(struct rndis_config_parameter_info) +
0808         2*NWADR_STRLEN + 4*ETH_ALEN;
0809     int ret;
0810
0811     request = get_rndis_request(rdev, RNDIS_MSG_SET,
0812         RNDIS_MESSAGE_SIZE(struct rndis_set_request) + extlen);
0813     if (!request)
0814         return -ENOMEM;
0815
0816     set = &request->request_msg.msg.set_req;
0817     set->oid = RNDIS_OID_GEN_RNDIS_CONFIG_PARAMETER;
0818     set->info_buflen = extlen;
0819     set->info_buf_offset = sizeof(struct rndis_set_request);
0820     set->dev_vc_handle = 0;
0821
0822     cpi = (struct rndis_config_parameter_info *)((ulong)set +
0823         set->info_buf_offset);
0824     cpi->parameter_name_offset =
0825         sizeof(struct rndis_config_parameter_info);
0826     /* Multiply by 2 because host needs 2 bytes (utf16) for each char */
0827     cpi->parameter_name_length = 2*NWADR_STRLEN;
0828     cpi->parameter_type = RNDIS_CONFIG_PARAM_TYPE_STRING;
0829     cpi->parameter_value_offset =
0830         cpi->parameter_name_offset + cpi->parameter_name_length;
0831     /* Multiply by 4 because each MAC byte displayed as 2 utf16 chars */
0832     cpi->parameter_value_length = 4*ETH_ALEN;
0833
0834     cfg_nwadr = (wchar_t *)((ulong)cpi + cpi->parameter_name_offset);
0835     cfg_mac = (wchar_t *)((ulong)cpi + cpi->parameter_value_offset);
0836     ret = utf8s_to_utf16s(NWADR_STR, NWADR_STRLEN, UTF16_HOST_ENDIAN,
0837                   cfg_nwadr, NWADR_STRLEN);
0838     if (ret < 0)
0839         goto cleanup;
0840     snprintf(macstr, 2*ETH_ALEN+1, "%pm", mac);
0841     ret = utf8s_to_utf16s(macstr, 2*ETH_ALEN, UTF16_HOST_ENDIAN,
0842                   cfg_mac, 2*ETH_ALEN);
0843     if (ret < 0)
0844         goto cleanup;
0845
0846     ret = rndis_filter_send_request(rdev, request);
0847     if (ret != 0)
0848         goto cleanup;
0849
0850     wait_for_completion(&request->wait_event);
0851
0852     set_complete = &request->response_msg.msg.set_complete;
0853     if (set_complete->status != RNDIS_STATUS_SUCCESS)
0854         ret = -EIO;
0855
0856 cleanup:
0857     put_rndis_request(rdev, request);
0858     return ret;
0859 }
0860
0861 int
0862 rndis_filter_set_offload_params(struct net_device *ndev,
0863                 struct netvsc_device *nvdev,
0864                 struct ndis_offload_params *req_offloads)
0865 {
0866     struct rndis_device *rdev = nvdev->extension;
0867     struct rndis_request *request;
0868     struct rndis_set_request *set;
0869     struct ndis_offload_params *offload_params;
0870     struct rndis_set_complete *set_complete;
0871     u32 extlen = sizeof(struct ndis_offload_params);
0872     int ret;
0873     u32 vsp_version = nvdev->nvsp_version;
0874
0875     if (vsp_version <= NVSP_PROTOCOL_VERSION_4) {
0876         extlen = VERSION_4_OFFLOAD_SIZE;
0877         /* On NVSP_PROTOCOL_VERSION_4 and below, we do not support
0878          * UDP checksum offload.
0879          */
0880         req_offloads->udp_ip_v4_csum = 0;
0881         req_offloads->udp_ip_v6_csum = 0;
0882     }
0883
0884     request = get_rndis_request(rdev, RNDIS_MSG_SET,
0885         RNDIS_MESSAGE_SIZE(struct rndis_set_request) + extlen);
0886     if (!request)
0887         return -ENOMEM;
0888
0889     set = &request->request_msg.msg.set_req;
0890     set->oid = OID_TCP_OFFLOAD_PARAMETERS;
0891     set->info_buflen = extlen;
0892     set->info_buf_offset = sizeof(struct rndis_set_request);
0893     set->dev_vc_handle = 0;
0894
0895     offload_params = (struct ndis_offload_params *)((ulong)set +
0896                 set->info_buf_offset);
0897     *offload_params = *req_offloads;
0898     offload_params->header.type = NDIS_OBJECT_TYPE_DEFAULT;
0899     offload_params->header.revision = NDIS_OFFLOAD_PARAMETERS_REVISION_3;
0900     offload_params->header.size = extlen;
0901
0902     ret = rndis_filter_send_request(rdev, request);
0903     if (ret != 0)
0904         goto cleanup;
0905
0906     wait_for_completion(&request->wait_event);
0907     set_complete = &request->response_msg.msg.set_complete;
0908     if (set_complete->status != RNDIS_STATUS_SUCCESS) {
0909         netdev_err(ndev, "Fail to set offload on host side:0x%x\n",
0910                set_complete->status);
0911         ret = -EINVAL;
0912     }
0913
0914 cleanup:
0915     put_rndis_request(rdev, request);
0916     return ret;
0917 }
0918
0919 static int rndis_set_rss_param_msg(struct rndis_device *rdev,
0920                    const u8 *rss_key, u16 flag)
0921 {
0922     struct net_device *ndev = rdev->ndev;
0923     struct net_device_context *ndc = netdev_priv(ndev);
0924     struct rndis_request *request;
0925     struct rndis_set_request *set;
0926     struct rndis_set_complete *set_complete;
0927     u32 extlen = sizeof(struct ndis_recv_scale_param) +
0928              4 * ITAB_NUM + NETVSC_HASH_KEYLEN;
0929     struct ndis_recv_scale_param *rssp;
0930     u32 *itab;
0931     u8 *keyp;
0932     int i, ret;
0933
0934     request = get_rndis_request(
0935             rdev, RNDIS_MSG_SET,
0936             RNDIS_MESSAGE_SIZE(struct rndis_set_request) + extlen);
0937     if (!request)
0938         return -ENOMEM;
0939
0940     set = &request->request_msg.msg.set_req;
0941     set->oid = OID_GEN_RECEIVE_SCALE_PARAMETERS;
0942     set->info_buflen = extlen;
0943     set->info_buf_offset = sizeof(struct rndis_set_request);
0944     set->dev_vc_handle = 0;
0945
0946     rssp = (struct ndis_recv_scale_param *)(set + 1);
0947     rssp->hdr.type = NDIS_OBJECT_TYPE_RSS_PARAMETERS;
0948     rssp->hdr.rev = NDIS_RECEIVE_SCALE_PARAMETERS_REVISION_2;
0949     rssp->hdr.size = sizeof(struct ndis_recv_scale_param);
0950     rssp->flag = flag;
0951     rssp->hashinfo = NDIS_HASH_FUNC_TOEPLITZ | NDIS_HASH_IPV4 |
0952              NDIS_HASH_TCP_IPV4 | NDIS_HASH_IPV6 |
0953              NDIS_HASH_TCP_IPV6;
0954     rssp->indirect_tabsize = 4*ITAB_NUM;
0955     rssp->indirect_taboffset = sizeof(struct ndis_recv_scale_param);
0956     rssp->hashkey_size = NETVSC_HASH_KEYLEN;
0957     rssp->hashkey_offset = rssp->indirect_taboffset +
0958                    rssp->indirect_tabsize;
0959
0960     /* Set indirection table entries */
0961     itab = (u32 *)(rssp + 1);
0962     for (i = 0; i < ITAB_NUM; i++)
0963         itab[i] = ndc->rx_table[i];
0964
0965     /* Set hask key values */
0966     keyp = (u8 *)((unsigned long)rssp + rssp->hashkey_offset);
0967     memcpy(keyp, rss_key, NETVSC_HASH_KEYLEN);
0968
0969     ret = rndis_filter_send_request(rdev, request);
0970     if (ret != 0)
0971         goto cleanup;
0972
0973     wait_for_completion(&request->wait_event);
0974     set_complete = &request->response_msg.msg.set_complete;
0975     if (set_complete->status == RNDIS_STATUS_SUCCESS) {
0976         if (!(flag & NDIS_RSS_PARAM_FLAG_DISABLE_RSS) &&
0977             !(flag & NDIS_RSS_PARAM_FLAG_HASH_KEY_UNCHANGED))
0978             memcpy(rdev->rss_key, rss_key, NETVSC_HASH_KEYLEN);
0979
0980     } else {
0981         netdev_err(ndev, "Fail to set RSS parameters:0x%x\n",
0982                set_complete->status);
0983         ret = -EINVAL;
0984     }
0985
0986 cleanup:
0987     put_rndis_request(rdev, request);
0988     return ret;
0989 }
0990
0991 int rndis_filter_set_rss_param(struct rndis_device *rdev,
0992                    const u8 *rss_key)
0993 {
0994     /* Disable RSS before change */
0995     rndis_set_rss_param_msg(rdev, rss_key,
0996                 NDIS_RSS_PARAM_FLAG_DISABLE_RSS);
0997
0998     return rndis_set_rss_param_msg(rdev, rss_key, 0);
0999 }
1000
1001 static int rndis_filter_query_device_link_status(struct rndis_device *dev,
1002                          struct netvsc_device *net_device)
1003 {
1004     u32 size = sizeof(u32);
1005     u32 link_status;
1006
1007     return rndis_filter_query_device(dev, net_device,
1008                      RNDIS_OID_GEN_MEDIA_CONNECT_STATUS,
1009                      &link_status, &size);
1010 }
1011
1012 static int rndis_filter_query_link_speed(struct rndis_device *dev,
1013                      struct netvsc_device *net_device)
1014 {
1015     u32 size = sizeof(u32);
1016     u32 link_speed;
1017     struct net_device_context *ndc;
1018     int ret;
1019
1020     ret = rndis_filter_query_device(dev, net_device,
1021                     RNDIS_OID_GEN_LINK_SPEED,
1022                     &link_speed, &size);
1023
1024     if (!ret) {
1025         ndc = netdev_priv(dev->ndev);
1026
1027         /* The link speed reported from host is in 100bps unit, so
1028          * we convert it to Mbps here.
1029          */
1030         ndc->speed = link_speed / 10000;
1031     }
1032
1033     return ret;
1034 }
1035
1036 static int rndis_filter_set_packet_filter(struct rndis_device *dev,
1037                       u32 new_filter)
1038 {
1039     struct rndis_request *request;
1040     struct rndis_set_request *set;
1041     int ret;
1042
1043     if (dev->filter == new_filter)
1044         return 0;
1045
1046     request = get_rndis_request(dev, RNDIS_MSG_SET,
1047             RNDIS_MESSAGE_SIZE(struct rndis_set_request) +
1048             sizeof(u32));
1049     if (!request)
1050         return -ENOMEM;
1051
1052     /* Setup the rndis set */
1053     set = &request->request_msg.msg.set_req;
1054     set->oid = RNDIS_OID_GEN_CURRENT_PACKET_FILTER;
1055     set->info_buflen = sizeof(u32);
1056     set->info_buf_offset = offsetof(typeof(*set), info_buf);
1057     memcpy(set->info_buf, &new_filter, sizeof(u32));
1058
1059     ret = rndis_filter_send_request(dev, request);
1060     if (ret == 0) {
1061         wait_for_completion(&request->wait_event);
1062         dev->filter = new_filter;
1063     }
1064
1065     put_rndis_request(dev, request);
1066
1067     return ret;
1068 }
1069
1070 static void rndis_set_multicast(struct work_struct *w)
1071 {
1072     struct rndis_device *rdev
1073         = container_of(w, struct rndis_device, mcast_work);
1074     u32 filter = NDIS_PACKET_TYPE_DIRECTED;
1075     unsigned int flags = rdev->ndev->flags;
1076
1077     if (flags & IFF_PROMISC) {
1078         filter = NDIS_PACKET_TYPE_PROMISCUOUS;
1079     } else {
1080         if (!netdev_mc_empty(rdev->ndev) || (flags & IFF_ALLMULTI))
1081             filter |= NDIS_PACKET_TYPE_ALL_MULTICAST;
1082         if (flags & IFF_BROADCAST)
1083             filter |= NDIS_PACKET_TYPE_BROADCAST;
1084     }
1085
1086     rndis_filter_set_packet_filter(rdev, filter);
1087 }
1088
1089 void rndis_filter_update(struct netvsc_device *nvdev)
1090 {
1091     struct rndis_device *rdev = nvdev->extension;
1092
1093     schedule_work(&rdev->mcast_work);
1094 }
1095
1096 static int rndis_filter_init_device(struct rndis_device *dev,
1097                     struct netvsc_device *nvdev)
1098 {
1099     struct rndis_request *request;
1100     struct rndis_initialize_request *init;
1101     struct rndis_initialize_complete *init_complete;
1102     u32 status;
1103     int ret;
1104
1105     request = get_rndis_request(dev, RNDIS_MSG_INIT,
1106             RNDIS_MESSAGE_SIZE(struct rndis_initialize_request));
1107     if (!request) {
1108         ret = -ENOMEM;
1109         goto cleanup;
1110     }
1111
1112     /* Setup the rndis set */
1113     init = &request->request_msg.msg.init_req;
1114     init->major_ver = RNDIS_MAJOR_VERSION;
1115     init->minor_ver = RNDIS_MINOR_VERSION;
1116     init->max_xfer_size = 0x4000;
1117
1118     dev->state = RNDIS_DEV_INITIALIZING;
1119
1120     ret = rndis_filter_send_request(dev, request);
1121     if (ret != 0) {
1122         dev->state = RNDIS_DEV_UNINITIALIZED;
1123         goto cleanup;
1124     }
1125
1126     wait_for_completion(&request->wait_event);
1127
1128     init_complete = &request->response_msg.msg.init_complete;
1129     status = init_complete->status;
1130     if (status == RNDIS_STATUS_SUCCESS) {
1131         dev->state = RNDIS_DEV_INITIALIZED;
1132         nvdev->max_pkt = init_complete->max_pkt_per_msg;
1133         nvdev->pkt_align = 1 << init_complete->pkt_alignment_factor;
1134         ret = 0;
1135     } else {
1136         dev->state = RNDIS_DEV_UNINITIALIZED;
1137         ret = -EINVAL;
1138     }
1139
1140 cleanup:
1141     if (request)
1142         put_rndis_request(dev, request);
1143
1144     return ret;
1145 }
1146
1147 static bool netvsc_device_idle(const struct netvsc_device *nvdev)
1148 {
1149     int i;
1150
1151     for (i = 0; i < nvdev->num_chn; i++) {
1152         const struct netvsc_channel *nvchan = &nvdev->chan_table[i];
1153
1154         if (nvchan->mrc.first != nvchan->mrc.next)
1155             return false;
1156
1157         if (atomic_read(&nvchan->queue_sends) > 0)
1158             return false;
1159     }
1160
1161     return true;
1162 }
1163
1164 static void rndis_filter_halt_device(struct netvsc_device *nvdev,
1165                      struct rndis_device *dev)
1166 {
1167     struct rndis_request *request;
1168     struct rndis_halt_request *halt;
1169
1170     /* Attempt to do a rndis device halt */
1171     request = get_rndis_request(dev, RNDIS_MSG_HALT,
1172                 RNDIS_MESSAGE_SIZE(struct rndis_halt_request));
1173     if (!request)
1174         goto cleanup;
1175
1176     /* Setup the rndis set */
1177     halt = &request->request_msg.msg.halt_req;
1178     halt->req_id = atomic_inc_return(&dev->new_req_id);
1179
1180     /* Ignore return since this msg is optional. */
1181     rndis_filter_send_request(dev, request);
1182
1183     dev->state = RNDIS_DEV_UNINITIALIZED;
1184
1185 cleanup:
1186     nvdev->destroy = true;
1187
1188     /* Force flag to be ordered before waiting */
1189     wmb();
1190
1191     /* Wait for all send completions */
1192     wait_event(nvdev->wait_drain, netvsc_device_idle(nvdev));
1193
1194     if (request)
1195         put_rndis_request(dev, request);
1196 }
1197
1198 static int rndis_filter_open_device(struct rndis_device *dev)
1199 {
1200     int ret;
1201
1202     if (dev->state != RNDIS_DEV_INITIALIZED)
1203         return 0;
1204
1205     ret = rndis_filter_set_packet_filter(dev,
1206                      NDIS_PACKET_TYPE_BROADCAST |
1207                      NDIS_PACKET_TYPE_ALL_MULTICAST |
1208                      NDIS_PACKET_TYPE_DIRECTED);
1209     if (ret == 0)
1210         dev->state = RNDIS_DEV_DATAINITIALIZED;
1211
1212     return ret;
1213 }
1214
1215 static int rndis_filter_close_device(struct rndis_device *dev)
1216 {
1217     int ret;
1218
1219     if (dev->state != RNDIS_DEV_DATAINITIALIZED)
1220         return 0;
1221
1222     /* Make sure rndis_set_multicast doesn't re-enable filter! */
1223     cancel_work_sync(&dev->mcast_work);
1224
1225     ret = rndis_filter_set_packet_filter(dev, 0);
1226     if (ret == -ENODEV)
1227         ret = 0;
1228
1229     if (ret == 0)
1230         dev->state = RNDIS_DEV_INITIALIZED;
1231
1232     return ret;
1233 }
1234
1235 static void netvsc_sc_open(struct vmbus_channel *new_sc)
1236 {
1237     struct net_device *ndev =
1238         hv_get_drvdata(new_sc->primary_channel->device_obj);
1239     struct net_device_context *ndev_ctx = netdev_priv(ndev);
1240     struct netvsc_device *nvscdev;
1241     u16 chn_index = new_sc->offermsg.offer.sub_channel_index;
1242     struct netvsc_channel *nvchan;
1243     int ret;
1244
1245     /* This is safe because this callback only happens when
1246      * new device is being setup and waiting on the channel_init_wait.
1247      */
1248     nvscdev = rcu_dereference_raw(ndev_ctx->nvdev);
1249     if (!nvscdev || chn_index >= nvscdev->num_chn)
1250         return;
1251
1252     nvchan = nvscdev->chan_table + chn_index;
1253
1254     /* Because the device uses NAPI, all the interrupt batching and
1255      * control is done via Net softirq, not the channel handling
1256      */
1257     set_channel_read_mode(new_sc, HV_CALL_ISR);
1258
1259     /* Set the channel before opening.*/
1260     nvchan->channel = new_sc;
1261
1262     new_sc->next_request_id_callback = vmbus_next_request_id;
1263     new_sc->request_addr_callback = vmbus_request_addr;
1264     new_sc->rqstor_size = netvsc_rqstor_size(netvsc_ring_bytes);
1265     new_sc->max_pkt_size = NETVSC_MAX_PKT_SIZE;
1266
1267     ret = vmbus_open(new_sc, netvsc_ring_bytes,
1268              netvsc_ring_bytes, NULL, 0,
1269              netvsc_channel_cb, nvchan);
1270     if (ret == 0)
1271         napi_enable(&nvchan->napi);
1272     else
1273         netdev_notice(ndev, "sub channel open failed: %d\n", ret);
1274
1275     if (atomic_inc_return(&nvscdev->open_chn) == nvscdev->num_chn)
1276         wake_up(&nvscdev->subchan_open);
1277 }
1278
1279 /* Open sub-channels after completing the handling of the device probe.
1280  * This breaks overlap of processing the host message for the
1281  * new primary channel with the initialization of sub-channels.
1282  */
1283 int rndis_set_subchannel(struct net_device *ndev,
1284              struct netvsc_device *nvdev,
1285              struct netvsc_device_info *dev_info)
1286 {
1287     struct nvsp_message *init_packet = &nvdev->channel_init_pkt;
1288     struct net_device_context *ndev_ctx = netdev_priv(ndev);
1289     struct hv_device *hv_dev = ndev_ctx->device_ctx;
1290     struct rndis_device *rdev = nvdev->extension;
1291     int i, ret;
1292
1293     ASSERT_RTNL();
1294
1295     memset(init_packet, 0, sizeof(struct nvsp_message));
1296     init_packet->hdr.msg_type = NVSP_MSG5_TYPE_SUBCHANNEL;
1297     init_packet->msg.v5_msg.subchn_req.op = NVSP_SUBCHANNEL_ALLOCATE;
1298     init_packet->msg.v5_msg.subchn_req.num_subchannels =
1299                         nvdev->num_chn - 1;
1300     trace_nvsp_send(ndev, init_packet);
1301
1302     ret = vmbus_sendpacket(hv_dev->channel, init_packet,
1303                    sizeof(struct nvsp_message),
1304                    (unsigned long)init_packet,
1305                    VM_PKT_DATA_INBAND,
1306                    VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
1307     if (ret) {
1308         netdev_err(ndev, "sub channel allocate send failed: %d\n", ret);
1309         return ret;
1310     }
1311
1312     wait_for_completion(&nvdev->channel_init_wait);
1313     if (init_packet->msg.v5_msg.subchn_comp.status != NVSP_STAT_SUCCESS) {
1314         netdev_err(ndev, "sub channel request failed\n");
1315         return -EIO;
1316     }
1317
1318     /* Check that number of allocated sub channel is within the expected range */
1319     if (init_packet->msg.v5_msg.subchn_comp.num_subchannels > nvdev->num_chn - 1) {
1320         netdev_err(ndev, "invalid number of allocated sub channel\n");
1321         return -EINVAL;
1322     }
1323     nvdev->num_chn = 1 +
1324         init_packet->msg.v5_msg.subchn_comp.num_subchannels;
1325
1326     /* wait for all sub channels to open */
1327     wait_event(nvdev->subchan_open,
1328            atomic_read(&nvdev->open_chn) == nvdev->num_chn);
1329
1330     for (i = 0; i < VRSS_SEND_TAB_SIZE; i++)
1331         ndev_ctx->tx_table[i] = i % nvdev->num_chn;
1332
1333     /* ignore failures from setting rss parameters, still have channels */
1334     if (dev_info)
1335         rndis_filter_set_rss_param(rdev, dev_info->rss_key);
1336     else
1337         rndis_filter_set_rss_param(rdev, netvsc_hash_key);
1338
1339     netif_set_real_num_tx_queues(ndev, nvdev->num_chn);
1340     netif_set_real_num_rx_queues(ndev, nvdev->num_chn);
1341
1342     return 0;
1343 }
1344
1345 static int rndis_netdev_set_hwcaps(struct rndis_device *rndis_device,
1346                    struct netvsc_device *nvdev)
1347 {
1348     struct net_device *net = rndis_device->ndev;
1349     struct net_device_context *net_device_ctx = netdev_priv(net);
1350     struct ndis_offload hwcaps;
1351     struct ndis_offload_params offloads;
1352     unsigned int gso_max_size = GSO_LEGACY_MAX_SIZE;
1353     int ret;
1354
1355     /* Find HW offload capabilities */
1356     ret = rndis_query_hwcaps(rndis_device, nvdev, &hwcaps);
1357     if (ret != 0)
1358         return ret;
1359
1360     /* A value of zero means "no change"; now turn on what we want. */
1361     memset(&offloads, 0, sizeof(struct ndis_offload_params));
1362
1363     /* Linux does not care about IP checksum, always does in kernel */
1364     offloads.ip_v4_csum = NDIS_OFFLOAD_PARAMETERS_TX_RX_DISABLED;
1365
1366     /* Reset previously set hw_features flags */
1367     net->hw_features &= ~NETVSC_SUPPORTED_HW_FEATURES;
1368     net_device_ctx->tx_checksum_mask = 0;
1369
1370     /* Compute tx offload settings based on hw capabilities */
1371     net->hw_features |= NETIF_F_RXCSUM;
1372     net->hw_features |= NETIF_F_SG;
1373     net->hw_features |= NETIF_F_RXHASH;
1374
1375     if ((hwcaps.csum.ip4_txcsum & NDIS_TXCSUM_ALL_TCP4) == NDIS_TXCSUM_ALL_TCP4) {
1376         /* Can checksum TCP */
1377         net->hw_features |= NETIF_F_IP_CSUM;
1378         net_device_ctx->tx_checksum_mask |= TRANSPORT_INFO_IPV4_TCP;
1379
1380         offloads.tcp_ip_v4_csum = NDIS_OFFLOAD_PARAMETERS_TX_RX_ENABLED;
1381
1382         if (hwcaps.lsov2.ip4_encap & NDIS_OFFLOAD_ENCAP_8023) {
1383             offloads.lso_v2_ipv4 = NDIS_OFFLOAD_PARAMETERS_LSOV2_ENABLED;
1384             net->hw_features |= NETIF_F_TSO;
1385
1386             if (hwcaps.lsov2.ip4_maxsz < gso_max_size)
1387                 gso_max_size = hwcaps.lsov2.ip4_maxsz;
1388         }
1389
1390         if (hwcaps.csum.ip4_txcsum & NDIS_TXCSUM_CAP_UDP4) {
1391             offloads.udp_ip_v4_csum = NDIS_OFFLOAD_PARAMETERS_TX_RX_ENABLED;
1392             net_device_ctx->tx_checksum_mask |= TRANSPORT_INFO_IPV4_UDP;
1393         }
1394     }
1395
1396     if ((hwcaps.csum.ip6_txcsum & NDIS_TXCSUM_ALL_TCP6) == NDIS_TXCSUM_ALL_TCP6) {
1397         net->hw_features |= NETIF_F_IPV6_CSUM;
1398
1399         offloads.tcp_ip_v6_csum = NDIS_OFFLOAD_PARAMETERS_TX_RX_ENABLED;
1400         net_device_ctx->tx_checksum_mask |= TRANSPORT_INFO_IPV6_TCP;
1401
1402         if ((hwcaps.lsov2.ip6_encap & NDIS_OFFLOAD_ENCAP_8023) &&
1403             (hwcaps.lsov2.ip6_opts & NDIS_LSOV2_CAP_IP6) == NDIS_LSOV2_CAP_IP6) {
1404             offloads.lso_v2_ipv6 = NDIS_OFFLOAD_PARAMETERS_LSOV2_ENABLED;
1405             net->hw_features |= NETIF_F_TSO6;
1406
1407             if (hwcaps.lsov2.ip6_maxsz < gso_max_size)
1408                 gso_max_size = hwcaps.lsov2.ip6_maxsz;
1409         }
1410
1411         if (hwcaps.csum.ip6_txcsum & NDIS_TXCSUM_CAP_UDP6) {
1412             offloads.udp_ip_v6_csum = NDIS_OFFLOAD_PARAMETERS_TX_RX_ENABLED;
1413             net_device_ctx->tx_checksum_mask |= TRANSPORT_INFO_IPV6_UDP;
1414         }
1415     }
1416
1417     if (hwcaps.rsc.ip4 && hwcaps.rsc.ip6) {
1418         net->hw_features |= NETIF_F_LRO;
1419
1420         if (net->features & NETIF_F_LRO) {
1421             offloads.rsc_ip_v4 = NDIS_OFFLOAD_PARAMETERS_RSC_ENABLED;
1422             offloads.rsc_ip_v6 = NDIS_OFFLOAD_PARAMETERS_RSC_ENABLED;
1423         } else {
1424             offloads.rsc_ip_v4 = NDIS_OFFLOAD_PARAMETERS_RSC_DISABLED;
1425             offloads.rsc_ip_v6 = NDIS_OFFLOAD_PARAMETERS_RSC_DISABLED;
1426         }
1427     }
1428
1429     /* In case some hw_features disappeared we need to remove them from
1430      * net->features list as they're no longer supported.
1431      */
1432     net->features &= ~NETVSC_SUPPORTED_HW_FEATURES | net->hw_features;
1433
1434     netif_set_tso_max_size(net, gso_max_size);
1435
1436     ret = rndis_filter_set_offload_params(net, nvdev, &offloads);
1437
1438     return ret;
1439 }
1440
1441 static void rndis_get_friendly_name(struct net_device *net,
1442                     struct rndis_device *rndis_device,
1443                     struct netvsc_device *net_device)
1444 {
1445     ucs2_char_t wname[256];
1446     unsigned long len;
1447     u8 ifalias[256];
1448     u32 size;
1449
1450     size = sizeof(wname);
1451     if (rndis_filter_query_device(rndis_device, net_device,
1452                       RNDIS_OID_GEN_FRIENDLY_NAME,
1453                       wname, &size) != 0)
1454         return; /* ignore if host does not support */
1455
1456     if (size == 0)
1457         return; /* name not set */
1458
1459     /* Convert Windows Unicode string to UTF-8 */
1460     len = ucs2_as_utf8(ifalias, wname, sizeof(ifalias));
1461
1462     /* ignore the default value from host */
1463     if (strcmp(ifalias, "Network Adapter") != 0)
1464         dev_set_alias(net, ifalias, len);
1465 }
1466
1467 struct netvsc_device *rndis_filter_device_add(struct hv_device *dev,
1468                       struct netvsc_device_info *device_info)
1469 {
1470     struct net_device *net = hv_get_drvdata(dev);
1471     struct net_device_context *ndc = netdev_priv(net);
1472     struct netvsc_device *net_device;
1473     struct rndis_device *rndis_device;
1474     struct ndis_recv_scale_cap rsscap;
1475     u32 rsscap_size = sizeof(struct ndis_recv_scale_cap);
1476     u32 mtu, size;
1477     u32 num_possible_rss_qs;
1478     int i, ret;
1479
1480     rndis_device = get_rndis_device();
1481     if (!rndis_device)
1482         return ERR_PTR(-ENODEV);
1483
1484     /* Let the inner driver handle this first to create the netvsc channel
1485      * NOTE! Once the channel is created, we may get a receive callback
1486      * (RndisFilterOnReceive()) before this call is completed
1487      */
1488     net_device = netvsc_device_add(dev, device_info);
1489     if (IS_ERR(net_device)) {
1490         kfree(rndis_device);
1491         return net_device;
1492     }
1493
1494     /* Initialize the rndis device */
1495     net_device->max_chn = 1;
1496     net_device->num_chn = 1;
1497
1498     net_device->extension = rndis_device;
1499     rndis_device->ndev = net;
1500
1501     /* Send the rndis initialization message */
1502     ret = rndis_filter_init_device(rndis_device, net_device);
1503     if (ret != 0)
1504         goto err_dev_remv;
1505
1506     /* Get the MTU from the host */
1507     size = sizeof(u32);
1508     ret = rndis_filter_query_device(rndis_device, net_device,
1509                     RNDIS_OID_GEN_MAXIMUM_FRAME_SIZE,
1510                     &mtu, &size);
1511     if (ret == 0 && size == sizeof(u32) && mtu < net->mtu)
1512         net->mtu = mtu;
1513
1514     /* Get the mac address */
1515     ret = rndis_filter_query_device_mac(rndis_device, net_device);
1516     if (ret != 0)
1517         goto err_dev_remv;
1518
1519     memcpy(device_info->mac_adr, rndis_device->hw_mac_adr, ETH_ALEN);
1520
1521     /* Get friendly name as ifalias*/
1522     if (!net->ifalias)
1523         rndis_get_friendly_name(net, rndis_device, net_device);
1524
1525     /* Query and set hardware capabilities */
1526     ret = rndis_netdev_set_hwcaps(rndis_device, net_device);
1527     if (ret != 0)
1528         goto err_dev_remv;
1529
1530     rndis_filter_query_device_link_status(rndis_device, net_device);
1531
1532     netdev_dbg(net, "Device MAC %pM link state %s\n",
1533            rndis_device->hw_mac_adr,
1534            rndis_device->link_state ? "down" : "up");
1535
1536     if (net_device->nvsp_version < NVSP_PROTOCOL_VERSION_5)
1537         goto out;
1538
1539     rndis_filter_query_link_speed(rndis_device, net_device);
1540
1541     /* vRSS setup */
1542     memset(&rsscap, 0, rsscap_size);
1543     ret = rndis_filter_query_device(rndis_device, net_device,
1544                     OID_GEN_RECEIVE_SCALE_CAPABILITIES,
1545                     &rsscap, &rsscap_size);
1546     if (ret || rsscap.num_recv_que < 2)
1547         goto out;
1548
1549     /* This guarantees that num_possible_rss_qs <= num_online_cpus */
1550     num_possible_rss_qs = min_t(u32, num_online_cpus(),
1551                     rsscap.num_recv_que);
1552
1553     net_device->max_chn = min_t(u32, VRSS_CHANNEL_MAX, num_possible_rss_qs);
1554
1555     /* We will use the given number of channels if available. */
1556     net_device->num_chn = min(net_device->max_chn, device_info->num_chn);
1557
1558     if (!netif_is_rxfh_configured(net)) {
1559         for (i = 0; i < ITAB_NUM; i++)
1560             ndc->rx_table[i] = ethtool_rxfh_indir_default(
1561                         i, net_device->num_chn);
1562     }
1563
1564     atomic_set(&net_device->open_chn, 1);
1565     vmbus_set_sc_create_callback(dev->channel, netvsc_sc_open);
1566
1567     for (i = 1; i < net_device->num_chn; i++) {
1568         ret = netvsc_alloc_recv_comp_ring(net_device, i);
1569         if (ret) {
1570             while (--i != 0)
1571                 vfree(net_device->chan_table[i].mrc.slots);
1572             goto out;
1573         }
1574     }
1575
1576     for (i = 1; i < net_device->num_chn; i++)
1577         netif_napi_add(net, &net_device->chan_table[i].napi,
1578                    netvsc_poll, NAPI_POLL_WEIGHT);
1579
1580     return net_device;
1581
1582 out:
1583     /* setting up multiple channels failed */
1584     net_device->max_chn = 1;
1585     net_device->num_chn = 1;
1586     return net_device;
1587
1588 err_dev_remv:
1589     rndis_filter_device_remove(dev, net_device);
1590     return ERR_PTR(ret);
1591 }
1592
1593 void rndis_filter_device_remove(struct hv_device *dev,
1594                 struct netvsc_device *net_dev)
1595 {
1596     struct rndis_device *rndis_dev = net_dev->extension;
1597
1598     /* Halt and release the rndis device */
1599     rndis_filter_halt_device(net_dev, rndis_dev);
1600
1601     netvsc_device_remove(dev);
1602 }
1603
1604 int rndis_filter_open(struct netvsc_device *nvdev)
1605 {
1606     if (!nvdev)
1607         return -EINVAL;
1608
1609     return rndis_filter_open_device(nvdev->extension);
1610 }
1611
1612 int rndis_filter_close(struct netvsc_device *nvdev)
1613 {
1614     if (!nvdev)
1615         return -EINVAL;
1616
1617     return rndis_filter_close_device(nvdev->extension);
1618 }