s390/cio/vfio_ccw_cp.c

0001 // SPDX-License-Identifier: GPL-2.0
0002 /*
0003  * channel program interfaces
0004  *
0005  * Copyright IBM Corp. 2017
0006  *
0007  * Author(s): Dong Jia Shi <bjsdjshi@linux.vnet.ibm.com>
0008  *            Xiao Feng Ren <renxiaof@linux.vnet.ibm.com>
0009  */
0010
0011 #include <linux/ratelimit.h>
0012 #include <linux/mm.h>
0013 #include <linux/slab.h>
0014 #include <linux/highmem.h>
0015 #include <linux/iommu.h>
0016 #include <linux/vfio.h>
0017 #include <asm/idals.h>
0018
0019 #include "vfio_ccw_cp.h"
0020 #include "vfio_ccw_private.h"
0021
0022 struct page_array {
0023     /* Array that stores pages need to pin. */
0024     dma_addr_t      *pa_iova;
0025     /* Array that receives the pinned pages. */
0026     struct page     **pa_page;
0027     /* Number of pages pinned from @pa_iova. */
0028     int         pa_nr;
0029 };
0030
0031 struct ccwchain {
0032     struct list_head    next;
0033     struct ccw1     *ch_ccw;
0034     /* Guest physical address of the current chain. */
0035     u64         ch_iova;
0036     /* Count of the valid ccws in chain. */
0037     int         ch_len;
0038     /* Pinned PAGEs for the original data. */
0039     struct page_array   *ch_pa;
0040 };
0041
0042 /*
0043  * page_array_alloc() - alloc memory for page array
0044  * @pa: page_array on which to perform the operation
0045  * @iova: target guest physical address
0046  * @len: number of bytes that should be pinned from @iova
0047  *
0048  * Attempt to allocate memory for page array.
0049  *
0050  * Usage of page_array:
0051  * We expect (pa_nr == 0) and (pa_iova == NULL), any field in
0052  * this structure will be filled in by this function.
0053  *
0054  * Returns:
0055  *         0 if page array is allocated
0056  *   -EINVAL if pa->pa_nr is not initially zero, or pa->pa_iova is not NULL
0057  *   -ENOMEM if alloc failed
0058  */
0059 static int page_array_alloc(struct page_array *pa, u64 iova, unsigned int len)
0060 {
0061     int i;
0062
0063     if (pa->pa_nr || pa->pa_iova)
0064         return -EINVAL;
0065
0066     pa->pa_nr = ((iova & ~PAGE_MASK) + len + (PAGE_SIZE - 1)) >> PAGE_SHIFT;
0067     if (!pa->pa_nr)
0068         return -EINVAL;
0069
0070     pa->pa_iova = kcalloc(pa->pa_nr,
0071                   sizeof(*pa->pa_iova) + sizeof(*pa->pa_page),
0072                   GFP_KERNEL);
0073     if (unlikely(!pa->pa_iova)) {
0074         pa->pa_nr = 0;
0075         return -ENOMEM;
0076     }
0077     pa->pa_page = (struct page **)&pa->pa_iova[pa->pa_nr];
0078
0079     pa->pa_iova[0] = iova;
0080     pa->pa_page[0] = NULL;
0081     for (i = 1; i < pa->pa_nr; i++) {
0082         pa->pa_iova[i] = pa->pa_iova[i - 1] + PAGE_SIZE;
0083         pa->pa_page[i] = NULL;
0084     }
0085
0086     return 0;
0087 }
0088
0089 /*
0090  * page_array_unpin() - Unpin user pages in memory
0091  * @pa: page_array on which to perform the operation
0092  * @vdev: the vfio device to perform the operation
0093  * @pa_nr: number of user pages to unpin
0094  *
0095  * Only unpin if any pages were pinned to begin with, i.e. pa_nr > 0,
0096  * otherwise only clear pa->pa_nr
0097  */
0098 static void page_array_unpin(struct page_array *pa,
0099                  struct vfio_device *vdev, int pa_nr)
0100 {
0101     int unpinned = 0, npage = 1;
0102
0103     while (unpinned < pa_nr) {
0104         dma_addr_t *first = &pa->pa_iova[unpinned];
0105         dma_addr_t *last = &first[npage];
0106
0107         if (unpinned + npage < pa_nr &&
0108             *first + npage * PAGE_SIZE == *last) {
0109             npage++;
0110             continue;
0111         }
0112
0113         vfio_unpin_pages(vdev, *first, npage);
0114         unpinned += npage;
0115         npage = 1;
0116     }
0117
0118     pa->pa_nr = 0;
0119 }
0120
0121 /*
0122  * page_array_pin() - Pin user pages in memory
0123  * @pa: page_array on which to perform the operation
0124  * @mdev: the mediated device to perform pin operations
0125  *
0126  * Returns number of pages pinned upon success.
0127  * If the pin request partially succeeds, or fails completely,
0128  * all pages are left unpinned and a negative error value is returned.
0129  */
0130 static int page_array_pin(struct page_array *pa, struct vfio_device *vdev)
0131 {
0132     int pinned = 0, npage = 1;
0133     int ret = 0;
0134
0135     while (pinned < pa->pa_nr) {
0136         dma_addr_t *first = &pa->pa_iova[pinned];
0137         dma_addr_t *last = &first[npage];
0138
0139         if (pinned + npage < pa->pa_nr &&
0140             *first + npage * PAGE_SIZE == *last) {
0141             npage++;
0142             continue;
0143         }
0144
0145         ret = vfio_pin_pages(vdev, *first, npage,
0146                      IOMMU_READ | IOMMU_WRITE,
0147                      &pa->pa_page[pinned]);
0148         if (ret < 0) {
0149             goto err_out;
0150         } else if (ret > 0 && ret != npage) {
0151             pinned += ret;
0152             ret = -EINVAL;
0153             goto err_out;
0154         }
0155         pinned += npage;
0156         npage = 1;
0157     }
0158
0159     return ret;
0160
0161 err_out:
0162     page_array_unpin(pa, vdev, pinned);
0163     return ret;
0164 }
0165
0166 /* Unpin the pages before releasing the memory. */
0167 static void page_array_unpin_free(struct page_array *pa, struct vfio_device *vdev)
0168 {
0169     page_array_unpin(pa, vdev, pa->pa_nr);
0170     kfree(pa->pa_iova);
0171 }
0172
0173 static bool page_array_iova_pinned(struct page_array *pa, u64 iova, u64 length)
0174 {
0175     u64 iova_pfn_start = iova >> PAGE_SHIFT;
0176     u64 iova_pfn_end = (iova + length - 1) >> PAGE_SHIFT;
0177     u64 pfn;
0178     int i;
0179
0180     for (i = 0; i < pa->pa_nr; i++) {
0181         pfn = pa->pa_iova[i] >> PAGE_SHIFT;
0182         if (pfn >= iova_pfn_start && pfn <= iova_pfn_end)
0183             return true;
0184     }
0185
0186     return false;
0187 }
0188 /* Create the list of IDAL words for a page_array. */
0189 static inline void page_array_idal_create_words(struct page_array *pa,
0190                         unsigned long *idaws)
0191 {
0192     int i;
0193
0194     /*
0195      * Idal words (execept the first one) rely on the memory being 4k
0196      * aligned. If a user virtual address is 4K aligned, then it's
0197      * corresponding kernel physical address will also be 4K aligned. Thus
0198      * there will be no problem here to simply use the phys to create an
0199      * idaw.
0200      */
0201
0202     for (i = 0; i < pa->pa_nr; i++)
0203         idaws[i] = page_to_phys(pa->pa_page[i]);
0204
0205     /* Adjust the first IDAW, since it may not start on a page boundary */
0206     idaws[0] += pa->pa_iova[0] & (PAGE_SIZE - 1);
0207 }
0208
0209 static void convert_ccw0_to_ccw1(struct ccw1 *source, unsigned long len)
0210 {
0211     struct ccw0 ccw0;
0212     struct ccw1 *pccw1 = source;
0213     int i;
0214
0215     for (i = 0; i < len; i++) {
0216         ccw0 = *(struct ccw0 *)pccw1;
0217         if ((pccw1->cmd_code & 0x0f) == CCW_CMD_TIC) {
0218             pccw1->cmd_code = CCW_CMD_TIC;
0219             pccw1->flags = 0;
0220             pccw1->count = 0;
0221         } else {
0222             pccw1->cmd_code = ccw0.cmd_code;
0223             pccw1->flags = ccw0.flags;
0224             pccw1->count = ccw0.count;
0225         }
0226         pccw1->cda = ccw0.cda;
0227         pccw1++;
0228     }
0229 }
0230
0231 /*
0232  * Within the domain (@mdev), copy @n bytes from a guest physical
0233  * address (@iova) to a host physical address (@to).
0234  */
0235 static long copy_from_iova(struct vfio_device *vdev, void *to, u64 iova,
0236                unsigned long n)
0237 {
0238     struct page_array pa = {0};
0239     int i, ret;
0240     unsigned long l, m;
0241
0242     ret = page_array_alloc(&pa, iova, n);
0243     if (ret < 0)
0244         return ret;
0245
0246     ret = page_array_pin(&pa, vdev);
0247     if (ret < 0) {
0248         page_array_unpin_free(&pa, vdev);
0249         return ret;
0250     }
0251
0252     l = n;
0253     for (i = 0; i < pa.pa_nr; i++) {
0254         void *from = kmap_local_page(pa.pa_page[i]);
0255
0256         m = PAGE_SIZE;
0257         if (i == 0) {
0258             from += iova & (PAGE_SIZE - 1);
0259             m -= iova & (PAGE_SIZE - 1);
0260         }
0261
0262         m = min(l, m);
0263         memcpy(to + (n - l), from, m);
0264         kunmap_local(from);
0265
0266         l -= m;
0267         if (l == 0)
0268             break;
0269     }
0270
0271     page_array_unpin_free(&pa, vdev);
0272
0273     return l;
0274 }
0275
0276 /*
0277  * Helpers to operate ccwchain.
0278  */
0279 #define ccw_is_read(_ccw) (((_ccw)->cmd_code & 0x03) == 0x02)
0280 #define ccw_is_read_backward(_ccw) (((_ccw)->cmd_code & 0x0F) == 0x0C)
0281 #define ccw_is_sense(_ccw) (((_ccw)->cmd_code & 0x0F) == CCW_CMD_BASIC_SENSE)
0282
0283 #define ccw_is_noop(_ccw) ((_ccw)->cmd_code == CCW_CMD_NOOP)
0284
0285 #define ccw_is_tic(_ccw) ((_ccw)->cmd_code == CCW_CMD_TIC)
0286
0287 #define ccw_is_idal(_ccw) ((_ccw)->flags & CCW_FLAG_IDA)
0288 #define ccw_is_skip(_ccw) ((_ccw)->flags & CCW_FLAG_SKIP)
0289
0290 #define ccw_is_chain(_ccw) ((_ccw)->flags & (CCW_FLAG_CC | CCW_FLAG_DC))
0291
0292 /*
0293  * ccw_does_data_transfer()
0294  *
0295  * Determine whether a CCW will move any data, such that the guest pages
0296  * would need to be pinned before performing the I/O.
0297  *
0298  * Returns 1 if yes, 0 if no.
0299  */
0300 static inline int ccw_does_data_transfer(struct ccw1 *ccw)
0301 {
0302     /* If the count field is zero, then no data will be transferred */
0303     if (ccw->count == 0)
0304         return 0;
0305
0306     /* If the command is a NOP, then no data will be transferred */
0307     if (ccw_is_noop(ccw))
0308         return 0;
0309
0310     /* If the skip flag is off, then data will be transferred */
0311     if (!ccw_is_skip(ccw))
0312         return 1;
0313
0314     /*
0315      * If the skip flag is on, it is only meaningful if the command
0316      * code is a read, read backward, sense, or sense ID.  In those
0317      * cases, no data will be transferred.
0318      */
0319     if (ccw_is_read(ccw) || ccw_is_read_backward(ccw))
0320         return 0;
0321
0322     if (ccw_is_sense(ccw))
0323         return 0;
0324
0325     /* The skip flag is on, but it is ignored for this command code. */
0326     return 1;
0327 }
0328
0329 /*
0330  * is_cpa_within_range()
0331  *
0332  * @cpa: channel program address being questioned
0333  * @head: address of the beginning of a CCW chain
0334  * @len: number of CCWs within the chain
0335  *
0336  * Determine whether the address of a CCW (whether a new chain,
0337  * or the target of a TIC) falls within a range (including the end points).
0338  *
0339  * Returns 1 if yes, 0 if no.
0340  */
0341 static inline int is_cpa_within_range(u32 cpa, u32 head, int len)
0342 {
0343     u32 tail = head + (len - 1) * sizeof(struct ccw1);
0344
0345     return (head <= cpa && cpa <= tail);
0346 }
0347
0348 static inline int is_tic_within_range(struct ccw1 *ccw, u32 head, int len)
0349 {
0350     if (!ccw_is_tic(ccw))
0351         return 0;
0352
0353     return is_cpa_within_range(ccw->cda, head, len);
0354 }
0355
0356 static struct ccwchain *ccwchain_alloc(struct channel_program *cp, int len)
0357 {
0358     struct ccwchain *chain;
0359     void *data;
0360     size_t size;
0361
0362     /* Make ccw address aligned to 8. */
0363     size = ((sizeof(*chain) + 7L) & -8L) +
0364         sizeof(*chain->ch_ccw) * len +
0365         sizeof(*chain->ch_pa) * len;
0366     chain = kzalloc(size, GFP_DMA | GFP_KERNEL);
0367     if (!chain)
0368         return NULL;
0369
0370     data = (u8 *)chain + ((sizeof(*chain) + 7L) & -8L);
0371     chain->ch_ccw = (struct ccw1 *)data;
0372
0373     data = (u8 *)(chain->ch_ccw) + sizeof(*chain->ch_ccw) * len;
0374     chain->ch_pa = (struct page_array *)data;
0375
0376     chain->ch_len = len;
0377
0378     list_add_tail(&chain->next, &cp->ccwchain_list);
0379
0380     return chain;
0381 }
0382
0383 static void ccwchain_free(struct ccwchain *chain)
0384 {
0385     list_del(&chain->next);
0386     kfree(chain);
0387 }
0388
0389 /* Free resource for a ccw that allocated memory for its cda. */
0390 static void ccwchain_cda_free(struct ccwchain *chain, int idx)
0391 {
0392     struct ccw1 *ccw = chain->ch_ccw + idx;
0393
0394     if (ccw_is_tic(ccw))
0395         return;
0396
0397     kfree((void *)(u64)ccw->cda);
0398 }
0399
0400 /**
0401  * ccwchain_calc_length - calculate the length of the ccw chain.
0402  * @iova: guest physical address of the target ccw chain
0403  * @cp: channel_program on which to perform the operation
0404  *
0405  * This is the chain length not considering any TICs.
0406  * You need to do a new round for each TIC target.
0407  *
0408  * The program is also validated for absence of not yet supported
0409  * indirect data addressing scenarios.
0410  *
0411  * Returns: the length of the ccw chain or -errno.
0412  */
0413 static int ccwchain_calc_length(u64 iova, struct channel_program *cp)
0414 {
0415     struct ccw1 *ccw = cp->guest_cp;
0416     int cnt = 0;
0417
0418     do {
0419         cnt++;
0420
0421         /*
0422          * As we don't want to fail direct addressing even if the
0423          * orb specified one of the unsupported formats, we defer
0424          * checking for IDAWs in unsupported formats to here.
0425          */
0426         if ((!cp->orb.cmd.c64 || cp->orb.cmd.i2k) && ccw_is_idal(ccw))
0427             return -EOPNOTSUPP;
0428
0429         /*
0430          * We want to keep counting if the current CCW has the
0431          * command-chaining flag enabled, or if it is a TIC CCW
0432          * that loops back into the current chain.  The latter
0433          * is used for device orientation, where the CCW PRIOR to
0434          * the TIC can either jump to the TIC or a CCW immediately
0435          * after the TIC, depending on the results of its operation.
0436          */
0437         if (!ccw_is_chain(ccw) && !is_tic_within_range(ccw, iova, cnt))
0438             break;
0439
0440         ccw++;
0441     } while (cnt < CCWCHAIN_LEN_MAX + 1);
0442
0443     if (cnt == CCWCHAIN_LEN_MAX + 1)
0444         cnt = -EINVAL;
0445
0446     return cnt;
0447 }
0448
0449 static int tic_target_chain_exists(struct ccw1 *tic, struct channel_program *cp)
0450 {
0451     struct ccwchain *chain;
0452     u32 ccw_head;
0453
0454     list_for_each_entry(chain, &cp->ccwchain_list, next) {
0455         ccw_head = chain->ch_iova;
0456         if (is_cpa_within_range(tic->cda, ccw_head, chain->ch_len))
0457             return 1;
0458     }
0459
0460     return 0;
0461 }
0462
0463 static int ccwchain_loop_tic(struct ccwchain *chain,
0464                  struct channel_program *cp);
0465
0466 static int ccwchain_handle_ccw(u32 cda, struct channel_program *cp)
0467 {
0468     struct vfio_device *vdev =
0469         &container_of(cp, struct vfio_ccw_private, cp)->vdev;
0470     struct ccwchain *chain;
0471     int len, ret;
0472
0473     /* Copy 2K (the most we support today) of possible CCWs */
0474     len = copy_from_iova(vdev, cp->guest_cp, cda,
0475                  CCWCHAIN_LEN_MAX * sizeof(struct ccw1));
0476     if (len)
0477         return len;
0478
0479     /* Convert any Format-0 CCWs to Format-1 */
0480     if (!cp->orb.cmd.fmt)
0481         convert_ccw0_to_ccw1(cp->guest_cp, CCWCHAIN_LEN_MAX);
0482
0483     /* Count the CCWs in the current chain */
0484     len = ccwchain_calc_length(cda, cp);
0485     if (len < 0)
0486         return len;
0487
0488     /* Need alloc a new chain for this one. */
0489     chain = ccwchain_alloc(cp, len);
0490     if (!chain)
0491         return -ENOMEM;
0492     chain->ch_iova = cda;
0493
0494     /* Copy the actual CCWs into the new chain */
0495     memcpy(chain->ch_ccw, cp->guest_cp, len * sizeof(struct ccw1));
0496
0497     /* Loop for tics on this new chain. */
0498     ret = ccwchain_loop_tic(chain, cp);
0499
0500     if (ret)
0501         ccwchain_free(chain);
0502
0503     return ret;
0504 }
0505
0506 /* Loop for TICs. */
0507 static int ccwchain_loop_tic(struct ccwchain *chain, struct channel_program *cp)
0508 {
0509     struct ccw1 *tic;
0510     int i, ret;
0511
0512     for (i = 0; i < chain->ch_len; i++) {
0513         tic = chain->ch_ccw + i;
0514
0515         if (!ccw_is_tic(tic))
0516             continue;
0517
0518         /* May transfer to an existing chain. */
0519         if (tic_target_chain_exists(tic, cp))
0520             continue;
0521
0522         /* Build a ccwchain for the next segment */
0523         ret = ccwchain_handle_ccw(tic->cda, cp);
0524         if (ret)
0525             return ret;
0526     }
0527
0528     return 0;
0529 }
0530
0531 static int ccwchain_fetch_tic(struct ccwchain *chain,
0532                   int idx,
0533                   struct channel_program *cp)
0534 {
0535     struct ccw1 *ccw = chain->ch_ccw + idx;
0536     struct ccwchain *iter;
0537     u32 ccw_head;
0538
0539     list_for_each_entry(iter, &cp->ccwchain_list, next) {
0540         ccw_head = iter->ch_iova;
0541         if (is_cpa_within_range(ccw->cda, ccw_head, iter->ch_len)) {
0542             ccw->cda = (__u32) (addr_t) (((char *)iter->ch_ccw) +
0543                              (ccw->cda - ccw_head));
0544             return 0;
0545         }
0546     }
0547
0548     return -EFAULT;
0549 }
0550
0551 static int ccwchain_fetch_direct(struct ccwchain *chain,
0552                  int idx,
0553                  struct channel_program *cp)
0554 {
0555     struct vfio_device *vdev =
0556         &container_of(cp, struct vfio_ccw_private, cp)->vdev;
0557     struct ccw1 *ccw;
0558     struct page_array *pa;
0559     u64 iova;
0560     unsigned long *idaws;
0561     int ret;
0562     int bytes = 1;
0563     int idaw_nr, idal_len;
0564     int i;
0565
0566     ccw = chain->ch_ccw + idx;
0567
0568     if (ccw->count)
0569         bytes = ccw->count;
0570
0571     /* Calculate size of IDAL */
0572     if (ccw_is_idal(ccw)) {
0573         /* Read first IDAW to see if it's 4K-aligned or not. */
0574         /* All subsequent IDAws will be 4K-aligned. */
0575         ret = copy_from_iova(vdev, &iova, ccw->cda, sizeof(iova));
0576         if (ret)
0577             return ret;
0578     } else {
0579         iova = ccw->cda;
0580     }
0581     idaw_nr = idal_nr_words((void *)iova, bytes);
0582     idal_len = idaw_nr * sizeof(*idaws);
0583
0584     /* Allocate an IDAL from host storage */
0585     idaws = kcalloc(idaw_nr, sizeof(*idaws), GFP_DMA | GFP_KERNEL);
0586     if (!idaws) {
0587         ret = -ENOMEM;
0588         goto out_init;
0589     }
0590
0591     /*
0592      * Allocate an array of pages to pin/translate.
0593      * The number of pages is actually the count of the idaws
0594      * required for the data transfer, since we only only support
0595      * 4K IDAWs today.
0596      */
0597     pa = chain->ch_pa + idx;
0598     ret = page_array_alloc(pa, iova, bytes);
0599     if (ret < 0)
0600         goto out_free_idaws;
0601
0602     if (ccw_is_idal(ccw)) {
0603         /* Copy guest IDAL into host IDAL */
0604         ret = copy_from_iova(vdev, idaws, ccw->cda, idal_len);
0605         if (ret)
0606             goto out_unpin;
0607
0608         /*
0609          * Copy guest IDAWs into page_array, in case the memory they
0610          * occupy is not contiguous.
0611          */
0612         for (i = 0; i < idaw_nr; i++)
0613             pa->pa_iova[i] = idaws[i];
0614     } else {
0615         /*
0616          * No action is required here; the iova addresses in page_array
0617          * were initialized sequentially in page_array_alloc() beginning
0618          * with the contents of ccw->cda.
0619          */
0620     }
0621
0622     if (ccw_does_data_transfer(ccw)) {
0623         ret = page_array_pin(pa, vdev);
0624         if (ret < 0)
0625             goto out_unpin;
0626     } else {
0627         pa->pa_nr = 0;
0628     }
0629
0630     ccw->cda = (__u32) virt_to_phys(idaws);
0631     ccw->flags |= CCW_FLAG_IDA;
0632
0633     /* Populate the IDAL with pinned/translated addresses from page */
0634     page_array_idal_create_words(pa, idaws);
0635
0636     return 0;
0637
0638 out_unpin:
0639     page_array_unpin_free(pa, vdev);
0640 out_free_idaws:
0641     kfree(idaws);
0642 out_init:
0643     ccw->cda = 0;
0644     return ret;
0645 }
0646
0647 /*
0648  * Fetch one ccw.
0649  * To reduce memory copy, we'll pin the cda page in memory,
0650  * and to get rid of the cda 2G limitiaion of ccw1, we'll translate
0651  * direct ccws to idal ccws.
0652  */
0653 static int ccwchain_fetch_one(struct ccwchain *chain,
0654                   int idx,
0655                   struct channel_program *cp)
0656 {
0657     struct ccw1 *ccw = chain->ch_ccw + idx;
0658
0659     if (ccw_is_tic(ccw))
0660         return ccwchain_fetch_tic(chain, idx, cp);
0661
0662     return ccwchain_fetch_direct(chain, idx, cp);
0663 }
0664
0665 /**
0666  * cp_init() - allocate ccwchains for a channel program.
0667  * @cp: channel_program on which to perform the operation
0668  * @mdev: the mediated device to perform pin/unpin operations
0669  * @orb: control block for the channel program from the guest
0670  *
0671  * This creates one or more ccwchain(s), and copies the raw data of
0672  * the target channel program from @orb->cmd.iova to the new ccwchain(s).
0673  *
0674  * Limitations:
0675  * 1. Supports idal(c64) ccw chaining.
0676  * 2. Supports 4k idaw.
0677  *
0678  * Returns:
0679  *   %0 on success and a negative error value on failure.
0680  */
0681 int cp_init(struct channel_program *cp, union orb *orb)
0682 {
0683     struct vfio_device *vdev =
0684         &container_of(cp, struct vfio_ccw_private, cp)->vdev;
0685     /* custom ratelimit used to avoid flood during guest IPL */
0686     static DEFINE_RATELIMIT_STATE(ratelimit_state, 5 * HZ, 1);
0687     int ret;
0688
0689     /* this is an error in the caller */
0690     if (cp->initialized)
0691         return -EBUSY;
0692
0693     /*
0694      * We only support prefetching the channel program. We assume all channel
0695      * programs executed by supported guests likewise support prefetching.
0696      * Executing a channel program that does not specify prefetching will
0697      * typically not cause an error, but a warning is issued to help identify
0698      * the problem if something does break.
0699      */
0700     if (!orb->cmd.pfch && __ratelimit(&ratelimit_state))
0701         dev_warn(
0702             vdev->dev,
0703             "Prefetching channel program even though prefetch not specified in ORB");
0704
0705     INIT_LIST_HEAD(&cp->ccwchain_list);
0706     memcpy(&cp->orb, orb, sizeof(*orb));
0707
0708     /* Build a ccwchain for the first CCW segment */
0709     ret = ccwchain_handle_ccw(orb->cmd.cpa, cp);
0710
0711     if (!ret) {
0712         cp->initialized = true;
0713
0714         /* It is safe to force: if it was not set but idals used
0715          * ccwchain_calc_length would have returned an error.
0716          */
0717         cp->orb.cmd.c64 = 1;
0718     }
0719
0720     return ret;
0721 }
0722
0723
0724 /**
0725  * cp_free() - free resources for channel program.
0726  * @cp: channel_program on which to perform the operation
0727  *
0728  * This unpins the memory pages and frees the memory space occupied by
0729  * @cp, which must have been returned by a previous call to cp_init().
0730  * Otherwise, undefined behavior occurs.
0731  */
0732 void cp_free(struct channel_program *cp)
0733 {
0734     struct vfio_device *vdev =
0735         &container_of(cp, struct vfio_ccw_private, cp)->vdev;
0736     struct ccwchain *chain, *temp;
0737     int i;
0738
0739     if (!cp->initialized)
0740         return;
0741
0742     cp->initialized = false;
0743     list_for_each_entry_safe(chain, temp, &cp->ccwchain_list, next) {
0744         for (i = 0; i < chain->ch_len; i++) {
0745             page_array_unpin_free(chain->ch_pa + i, vdev);
0746             ccwchain_cda_free(chain, i);
0747         }
0748         ccwchain_free(chain);
0749     }
0750 }
0751
0752 /**
0753  * cp_prefetch() - translate a guest physical address channel program to
0754  *                 a real-device runnable channel program.
0755  * @cp: channel_program on which to perform the operation
0756  *
0757  * This function translates the guest-physical-address channel program
0758  * and stores the result to ccwchain list. @cp must have been
0759  * initialized by a previous call with cp_init(). Otherwise, undefined
0760  * behavior occurs.
0761  * For each chain composing the channel program:
0762  * - On entry ch_len holds the count of CCWs to be translated.
0763  * - On exit ch_len is adjusted to the count of successfully translated CCWs.
0764  * This allows cp_free to find in ch_len the count of CCWs to free in a chain.
0765  *
0766  * The S/390 CCW Translation APIS (prefixed by 'cp_') are introduced
0767  * as helpers to do ccw chain translation inside the kernel. Basically
0768  * they accept a channel program issued by a virtual machine, and
0769  * translate the channel program to a real-device runnable channel
0770  * program.
0771  *
0772  * These APIs will copy the ccws into kernel-space buffers, and update
0773  * the guest phsical addresses with their corresponding host physical
0774  * addresses.  Then channel I/O device drivers could issue the
0775  * translated channel program to real devices to perform an I/O
0776  * operation.
0777  *
0778  * These interfaces are designed to support translation only for
0779  * channel programs, which are generated and formatted by a
0780  * guest. Thus this will make it possible for things like VFIO to
0781  * leverage the interfaces to passthrough a channel I/O mediated
0782  * device in QEMU.
0783  *
0784  * We support direct ccw chaining by translating them to idal ccws.
0785  *
0786  * Returns:
0787  *   %0 on success and a negative error value on failure.
0788  */
0789 int cp_prefetch(struct channel_program *cp)
0790 {
0791     struct ccwchain *chain;
0792     int len, idx, ret;
0793
0794     /* this is an error in the caller */
0795     if (!cp->initialized)
0796         return -EINVAL;
0797
0798     list_for_each_entry(chain, &cp->ccwchain_list, next) {
0799         len = chain->ch_len;
0800         for (idx = 0; idx < len; idx++) {
0801             ret = ccwchain_fetch_one(chain, idx, cp);
0802             if (ret)
0803                 goto out_err;
0804         }
0805     }
0806
0807     return 0;
0808 out_err:
0809     /* Only cleanup the chain elements that were actually translated. */
0810     chain->ch_len = idx;
0811     list_for_each_entry_continue(chain, &cp->ccwchain_list, next) {
0812         chain->ch_len = 0;
0813     }
0814     return ret;
0815 }
0816
0817 /**
0818  * cp_get_orb() - get the orb of the channel program
0819  * @cp: channel_program on which to perform the operation
0820  * @intparm: new intparm for the returned orb
0821  * @lpm: candidate value of the logical-path mask for the returned orb
0822  *
0823  * This function returns the address of the updated orb of the channel
0824  * program. Channel I/O device drivers could use this orb to issue a
0825  * ssch.
0826  */
0827 union orb *cp_get_orb(struct channel_program *cp, u32 intparm, u8 lpm)
0828 {
0829     union orb *orb;
0830     struct ccwchain *chain;
0831     struct ccw1 *cpa;
0832
0833     /* this is an error in the caller */
0834     if (!cp->initialized)
0835         return NULL;
0836
0837     orb = &cp->orb;
0838
0839     orb->cmd.intparm = intparm;
0840     orb->cmd.fmt = 1;
0841     orb->cmd.key = PAGE_DEFAULT_KEY >> 4;
0842
0843     if (orb->cmd.lpm == 0)
0844         orb->cmd.lpm = lpm;
0845
0846     chain = list_first_entry(&cp->ccwchain_list, struct ccwchain, next);
0847     cpa = chain->ch_ccw;
0848     orb->cmd.cpa = (__u32) __pa(cpa);
0849
0850     return orb;
0851 }
0852
0853 /**
0854  * cp_update_scsw() - update scsw for a channel program.
0855  * @cp: channel_program on which to perform the operation
0856  * @scsw: I/O results of the channel program and also the target to be
0857  *        updated
0858  *
0859  * @scsw contains the I/O results of the channel program that pointed
0860  * to by @cp. However what @scsw->cpa stores is a host physical
0861  * address, which is meaningless for the guest, which is waiting for
0862  * the I/O results.
0863  *
0864  * This function updates @scsw->cpa to its coressponding guest physical
0865  * address.
0866  */
0867 void cp_update_scsw(struct channel_program *cp, union scsw *scsw)
0868 {
0869     struct ccwchain *chain;
0870     u32 cpa = scsw->cmd.cpa;
0871     u32 ccw_head;
0872
0873     if (!cp->initialized)
0874         return;
0875
0876     /*
0877      * LATER:
0878      * For now, only update the cmd.cpa part. We may need to deal with
0879      * other portions of the schib as well, even if we don't return them
0880      * in the ioctl directly. Path status changes etc.
0881      */
0882     list_for_each_entry(chain, &cp->ccwchain_list, next) {
0883         ccw_head = (u32)(u64)chain->ch_ccw;
0884         /*
0885          * On successful execution, cpa points just beyond the end
0886          * of the chain.
0887          */
0888         if (is_cpa_within_range(cpa, ccw_head, chain->ch_len + 1)) {
0889             /*
0890              * (cpa - ccw_head) is the offset value of the host
0891              * physical ccw to its chain head.
0892              * Adding this value to the guest physical ccw chain
0893              * head gets us the guest cpa.
0894              */
0895             cpa = chain->ch_iova + (cpa - ccw_head);
0896             break;
0897         }
0898     }
0899
0900     scsw->cmd.cpa = cpa;
0901 }
0902
0903 /**
0904  * cp_iova_pinned() - check if an iova is pinned for a ccw chain.
0905  * @cp: channel_program on which to perform the operation
0906  * @iova: the iova to check
0907  * @length: the length to check from @iova
0908  *
0909  * If the @iova is currently pinned for the ccw chain, return true;
0910  * else return false.
0911  */
0912 bool cp_iova_pinned(struct channel_program *cp, u64 iova, u64 length)
0913 {
0914     struct ccwchain *chain;
0915     int i;
0916
0917     if (!cp->initialized)
0918         return false;
0919
0920     list_for_each_entry(chain, &cp->ccwchain_list, next) {
0921         for (i = 0; i < chain->ch_len; i++)
0922             if (page_array_iova_pinned(chain->ch_pa + i, iova, length))
0923                 return true;
0924     }
0925
0926     return false;
0927 }