1 // SPDX-License-Identifier: GPL-2.0+
3 * Adjunct processor matrix VFIO device driver callbacks.
5 * Copyright IBM Corp. 2018
7 * Author(s): Tony Krowiak <akrowiak@linux.ibm.com>
8 * Halil Pasic <pasic@linux.ibm.com>
9 * Pierre Morel <pmorel@linux.ibm.com>
11 #include <linux/string.h>
12 #include <linux/vfio.h>
13 #include <linux/device.h>
14 #include <linux/list.h>
15 #include <linux/ctype.h>
16 #include <linux/bitops.h>
17 #include <linux/kvm_host.h>
18 #include <linux/module.h>
19 #include <linux/uuid.h>
21 #include <asm/zcrypt.h>
23 #include "vfio_ap_private.h"
24 #include "vfio_ap_debug.h"
26 #define VFIO_AP_MDEV_TYPE_HWVIRT "passthrough"
27 #define VFIO_AP_MDEV_NAME_HWVIRT "VFIO AP Passthrough Device"
29 static int vfio_ap_mdev_reset_queues(struct ap_matrix_mdev *matrix_mdev);
30 static struct vfio_ap_queue *vfio_ap_find_queue(int apqn);
31 static const struct vfio_device_ops vfio_ap_matrix_dev_ops;
33 static int match_apqn(struct device *dev, const void *data)
35 struct vfio_ap_queue *q = dev_get_drvdata(dev);
37 return (q->apqn == *(int *)(data)) ? 1 : 0;
41 * vfio_ap_get_queue - retrieve a queue with a specific APQN from a list
42 * @matrix_mdev: the associated mediated matrix
43 * @apqn: The queue APQN
45 * Retrieve a queue with a specific APQN from the list of the
46 * devices of the vfio_ap_drv.
47 * Verify that the APID and the APQI are set in the matrix.
49 * Return: the pointer to the associated vfio_ap_queue
51 static struct vfio_ap_queue *vfio_ap_get_queue(
52 struct ap_matrix_mdev *matrix_mdev,
55 struct vfio_ap_queue *q;
57 if (!test_bit_inv(AP_QID_CARD(apqn), matrix_mdev->matrix.apm))
59 if (!test_bit_inv(AP_QID_QUEUE(apqn), matrix_mdev->matrix.aqm))
62 q = vfio_ap_find_queue(apqn);
64 q->matrix_mdev = matrix_mdev;
70 * vfio_ap_wait_for_irqclear - clears the IR bit or gives up after 5 tries
71 * @apqn: The AP Queue number
73 * Checks the IRQ bit for the status of this APQN using ap_tapq.
74 * Returns if the ap_tapq function succeeded and the bit is clear.
75 * Returns if ap_tapq function failed with invalid, deconfigured or
77 * Otherwise retries up to 5 times after waiting 20ms.
79 static void vfio_ap_wait_for_irqclear(int apqn)
81 struct ap_queue_status status;
85 status = ap_tapq(apqn, NULL);
86 switch (status.response_code) {
87 case AP_RESPONSE_NORMAL:
88 case AP_RESPONSE_RESET_IN_PROGRESS:
89 if (!status.irq_enabled)
92 case AP_RESPONSE_BUSY:
95 case AP_RESPONSE_Q_NOT_AVAIL:
96 case AP_RESPONSE_DECONFIGURED:
97 case AP_RESPONSE_CHECKSTOPPED:
99 WARN_ONCE(1, "%s: tapq rc %02x: %04x\n", __func__,
100 status.response_code, apqn);
105 WARN_ONCE(1, "%s: tapq rc %02x: %04x could not clear IR bit\n",
106 __func__, status.response_code, apqn);
110 * vfio_ap_free_aqic_resources - free vfio_ap_queue resources
111 * @q: The vfio_ap_queue
113 * Unregisters the ISC in the GIB when the saved ISC not invalid.
114 * Unpins the guest's page holding the NIB when it exists.
115 * Resets the saved_pfn and saved_isc to invalid values.
117 static void vfio_ap_free_aqic_resources(struct vfio_ap_queue *q)
121 if (q->saved_isc != VFIO_AP_ISC_INVALID &&
122 !WARN_ON(!(q->matrix_mdev && q->matrix_mdev->kvm))) {
123 kvm_s390_gisc_unregister(q->matrix_mdev->kvm, q->saved_isc);
124 q->saved_isc = VFIO_AP_ISC_INVALID;
126 if (q->saved_pfn && !WARN_ON(!q->matrix_mdev)) {
127 vfio_unpin_pages(&q->matrix_mdev->vdev, &q->saved_pfn, 1);
133 * vfio_ap_irq_disable - disables and clears an ap_queue interrupt
134 * @q: The vfio_ap_queue
136 * Uses ap_aqic to disable the interruption and in case of success, reset
137 * in progress or IRQ disable command already proceeded: calls
138 * vfio_ap_wait_for_irqclear() to check for the IRQ bit to be clear
139 * and calls vfio_ap_free_aqic_resources() to free the resources associated
140 * with the AP interrupt handling.
142 * In the case the AP is busy, or a reset is in progress,
143 * retries after 20ms, up to 5 times.
145 * Returns if ap_aqic function failed with invalid, deconfigured or
148 * Return: &struct ap_queue_status
150 static struct ap_queue_status vfio_ap_irq_disable(struct vfio_ap_queue *q)
152 struct ap_qirq_ctrl aqic_gisa = {};
153 struct ap_queue_status status;
157 status = ap_aqic(q->apqn, aqic_gisa, NULL);
158 switch (status.response_code) {
159 case AP_RESPONSE_OTHERWISE_CHANGED:
160 case AP_RESPONSE_NORMAL:
161 vfio_ap_wait_for_irqclear(q->apqn);
163 case AP_RESPONSE_RESET_IN_PROGRESS:
164 case AP_RESPONSE_BUSY:
167 case AP_RESPONSE_Q_NOT_AVAIL:
168 case AP_RESPONSE_DECONFIGURED:
169 case AP_RESPONSE_CHECKSTOPPED:
170 case AP_RESPONSE_INVALID_ADDRESS:
172 /* All cases in default means AP not operational */
173 WARN_ONCE(1, "%s: ap_aqic status %d\n", __func__,
174 status.response_code);
179 WARN_ONCE(1, "%s: ap_aqic status %d\n", __func__,
180 status.response_code);
182 vfio_ap_free_aqic_resources(q);
183 q->matrix_mdev = NULL;
188 * vfio_ap_validate_nib - validate a notification indicator byte (nib) address.
190 * @vcpu: the object representing the vcpu executing the PQAP(AQIC) instruction.
191 * @nib: the location for storing the nib address.
192 * @g_pfn: the location for storing the page frame number of the page containing
195 * When the PQAP(AQIC) instruction is executed, general register 2 contains the
196 * address of the notification indicator byte (nib) used for IRQ notification.
197 * This function parses the nib from gr2 and calculates the page frame
198 * number for the guest of the page containing the nib. The values are
199 * stored in @nib and @g_pfn respectively.
201 * The g_pfn of the nib is then validated to ensure the nib address is valid.
203 * Return: returns zero if the nib address is a valid; otherwise, returns
206 static int vfio_ap_validate_nib(struct kvm_vcpu *vcpu, unsigned long *nib,
207 unsigned long *g_pfn)
209 *nib = vcpu->run->s.regs.gprs[2];
210 *g_pfn = *nib >> PAGE_SHIFT;
212 if (kvm_is_error_hva(gfn_to_hva(vcpu->kvm, *g_pfn)))
219 * vfio_ap_irq_enable - Enable Interruption for a APQN
221 * @q: the vfio_ap_queue holding AQIC parameters
222 * @isc: the guest ISC to register with the GIB interface
223 * @vcpu: the vcpu object containing the registers specifying the parameters
224 * passed to the PQAP(AQIC) instruction.
226 * Pin the NIB saved in *q
227 * Register the guest ISC to GIB interface and retrieve the
228 * host ISC to issue the host side PQAP/AQIC
230 * Response.status may be set to AP_RESPONSE_INVALID_ADDRESS in case the
231 * vfio_pin_pages failed.
233 * Otherwise return the ap_queue_status returned by the ap_aqic(),
234 * all retry handling will be done by the guest.
236 * Return: &struct ap_queue_status
238 static struct ap_queue_status vfio_ap_irq_enable(struct vfio_ap_queue *q,
240 struct kvm_vcpu *vcpu)
243 struct ap_qirq_ctrl aqic_gisa = {};
244 struct ap_queue_status status = {};
245 struct kvm_s390_gisa *gisa;
248 unsigned long h_nib, g_pfn, h_pfn;
251 /* Verify that the notification indicator byte address is valid */
252 if (vfio_ap_validate_nib(vcpu, &nib, &g_pfn)) {
253 VFIO_AP_DBF_WARN("%s: invalid NIB address: nib=%#lx, g_pfn=%#lx, apqn=%#04x\n",
254 __func__, nib, g_pfn, q->apqn);
256 status.response_code = AP_RESPONSE_INVALID_ADDRESS;
260 ret = vfio_pin_pages(&q->matrix_mdev->vdev, &g_pfn, 1,
261 IOMMU_READ | IOMMU_WRITE, &h_pfn);
266 VFIO_AP_DBF_WARN("%s: vfio_pin_pages failed: rc=%d,"
267 "nib=%#lx, g_pfn=%#lx, apqn=%#04x\n",
268 __func__, ret, nib, g_pfn, q->apqn);
270 status.response_code = AP_RESPONSE_INVALID_ADDRESS;
274 kvm = q->matrix_mdev->kvm;
275 gisa = kvm->arch.gisa_int.origin;
277 h_nib = (h_pfn << PAGE_SHIFT) | (nib & ~PAGE_MASK);
278 aqic_gisa.gisc = isc;
280 nisc = kvm_s390_gisc_register(kvm, isc);
282 VFIO_AP_DBF_WARN("%s: gisc registration failed: nisc=%d, isc=%d, apqn=%#04x\n",
283 __func__, nisc, isc, q->apqn);
285 status.response_code = AP_RESPONSE_INVALID_GISA;
289 aqic_gisa.isc = nisc;
291 aqic_gisa.gisa = (uint64_t)gisa >> 4;
293 status = ap_aqic(q->apqn, aqic_gisa, (void *)h_nib);
294 switch (status.response_code) {
295 case AP_RESPONSE_NORMAL:
296 /* See if we did clear older IRQ configuration */
297 vfio_ap_free_aqic_resources(q);
298 q->saved_pfn = g_pfn;
301 case AP_RESPONSE_OTHERWISE_CHANGED:
302 /* We could not modify IRQ setings: clear new configuration */
303 vfio_unpin_pages(&q->matrix_mdev->vdev, &g_pfn, 1);
304 kvm_s390_gisc_unregister(kvm, isc);
307 pr_warn("%s: apqn %04x: response: %02x\n", __func__, q->apqn,
308 status.response_code);
309 vfio_ap_irq_disable(q);
313 if (status.response_code != AP_RESPONSE_NORMAL) {
314 VFIO_AP_DBF_WARN("%s: PQAP(AQIC) failed with status=%#02x: "
315 "zone=%#x, ir=%#x, gisc=%#x, f=%#x,"
316 "gisa=%#x, isc=%#x, apqn=%#04x\n",
317 __func__, status.response_code,
318 aqic_gisa.zone, aqic_gisa.ir, aqic_gisa.gisc,
319 aqic_gisa.gf, aqic_gisa.gisa, aqic_gisa.isc,
327 * vfio_ap_le_guid_to_be_uuid - convert a little endian guid array into an array
328 * of big endian elements that can be passed by
329 * value to an s390dbf sprintf event function to
330 * format a UUID string.
332 * @guid: the object containing the little endian guid
333 * @uuid: a six-element array of long values that can be passed by value as
334 * arguments for a formatting string specifying a UUID.
336 * The S390 Debug Feature (s390dbf) allows the use of "%s" in the sprintf
337 * event functions if the memory for the passed string is available as long as
338 * the debug feature exists. Since a mediated device can be removed at any
339 * time, it's name can not be used because %s passes the reference to the string
340 * in memory and the reference will go stale once the device is removed .
342 * The s390dbf string formatting function allows a maximum of 9 arguments for a
343 * message to be displayed in the 'sprintf' view. In order to use the bytes
344 * comprising the mediated device's UUID to display the mediated device name,
345 * they will have to be converted into an array whose elements can be passed by
346 * value to sprintf. For example:
348 * guid array: { 83, 78, 17, 62, bb, f1, f0, 47, 91, 4d, 32, a2, 2e, 3a, 88, 04 }
349 * mdev name: 62177883-f1bb-47f0-914d-32a22e3a8804
350 * array returned: { 62177883, f1bb, 47f0, 914d, 32a2, 2e3a8804 }
351 * formatting string: "%08lx-%04lx-%04lx-%04lx-%02lx%04lx"
353 static void vfio_ap_le_guid_to_be_uuid(guid_t *guid, unsigned long *uuid)
356 * The input guid is ordered in little endian, so it needs to be
357 * reordered for displaying a UUID as a string. This specifies the
358 * guid indices in proper order.
360 uuid[0] = le32_to_cpup((__le32 *)guid);
361 uuid[1] = le16_to_cpup((__le16 *)&guid->b[4]);
362 uuid[2] = le16_to_cpup((__le16 *)&guid->b[6]);
363 uuid[3] = *((__u16 *)&guid->b[8]);
364 uuid[4] = *((__u16 *)&guid->b[10]);
365 uuid[5] = *((__u32 *)&guid->b[12]);
369 * handle_pqap - PQAP instruction callback
371 * @vcpu: The vcpu on which we received the PQAP instruction
373 * Get the general register contents to initialize internal variables.
378 * Response.status may be set to following Response Code:
379 * - AP_RESPONSE_Q_NOT_AVAIL: if the queue is not available
380 * - AP_RESPONSE_DECONFIGURED: if the queue is not configured
381 * - AP_RESPONSE_NORMAL (0) : in case of successs
382 * Check vfio_ap_setirq() and vfio_ap_clrirq() for other possible RC.
383 * We take the matrix_dev lock to ensure serialization on queues and
384 * mediated device access.
386 * Return: 0 if we could handle the request inside KVM.
387 * Otherwise, returns -EOPNOTSUPP to let QEMU handle the fault.
389 static int handle_pqap(struct kvm_vcpu *vcpu)
393 unsigned long uuid[6];
394 struct vfio_ap_queue *q;
395 struct ap_queue_status qstatus = {
396 .response_code = AP_RESPONSE_Q_NOT_AVAIL, };
397 struct ap_matrix_mdev *matrix_mdev;
399 apqn = vcpu->run->s.regs.gprs[0] & 0xffff;
401 /* If we do not use the AIV facility just go to userland */
402 if (!(vcpu->arch.sie_block->eca & ECA_AIV)) {
403 VFIO_AP_DBF_WARN("%s: AIV facility not installed: apqn=0x%04x, eca=0x%04x\n",
404 __func__, apqn, vcpu->arch.sie_block->eca);
409 mutex_lock(&matrix_dev->lock);
410 if (!vcpu->kvm->arch.crypto.pqap_hook) {
411 VFIO_AP_DBF_WARN("%s: PQAP(AQIC) hook not registered with the vfio_ap driver: apqn=0x%04x\n",
416 matrix_mdev = container_of(vcpu->kvm->arch.crypto.pqap_hook,
417 struct ap_matrix_mdev, pqap_hook);
419 /* If the there is no guest using the mdev, there is nothing to do */
420 if (!matrix_mdev->kvm) {
421 vfio_ap_le_guid_to_be_uuid(&matrix_mdev->mdev->uuid, uuid);
422 VFIO_AP_DBF_WARN("%s: mdev %08lx-%04lx-%04lx-%04lx-%04lx%08lx not in use: apqn=0x%04x\n",
423 __func__, uuid[0], uuid[1], uuid[2],
424 uuid[3], uuid[4], uuid[5], apqn);
428 q = vfio_ap_get_queue(matrix_mdev, apqn);
430 VFIO_AP_DBF_WARN("%s: Queue %02x.%04x not bound to the vfio_ap driver\n",
431 __func__, AP_QID_CARD(apqn),
436 status = vcpu->run->s.regs.gprs[1];
438 /* If IR bit(16) is set we enable the interrupt */
439 if ((status >> (63 - 16)) & 0x01)
440 qstatus = vfio_ap_irq_enable(q, status & 0x07, vcpu);
442 qstatus = vfio_ap_irq_disable(q);
445 memcpy(&vcpu->run->s.regs.gprs[1], &qstatus, sizeof(qstatus));
446 vcpu->run->s.regs.gprs[1] >>= 32;
447 mutex_unlock(&matrix_dev->lock);
451 static void vfio_ap_matrix_init(struct ap_config_info *info,
452 struct ap_matrix *matrix)
454 matrix->apm_max = info->apxa ? info->Na : 63;
455 matrix->aqm_max = info->apxa ? info->Nd : 15;
456 matrix->adm_max = info->apxa ? info->Nd : 15;
459 static int vfio_ap_mdev_probe(struct mdev_device *mdev)
461 struct ap_matrix_mdev *matrix_mdev;
464 if ((atomic_dec_if_positive(&matrix_dev->available_instances) < 0))
467 matrix_mdev = kzalloc(sizeof(*matrix_mdev), GFP_KERNEL);
470 goto err_dec_available;
472 vfio_init_group_dev(&matrix_mdev->vdev, &mdev->dev,
473 &vfio_ap_matrix_dev_ops);
475 matrix_mdev->mdev = mdev;
476 vfio_ap_matrix_init(&matrix_dev->info, &matrix_mdev->matrix);
477 matrix_mdev->pqap_hook = handle_pqap;
478 mutex_lock(&matrix_dev->lock);
479 list_add(&matrix_mdev->node, &matrix_dev->mdev_list);
480 mutex_unlock(&matrix_dev->lock);
482 ret = vfio_register_emulated_iommu_dev(&matrix_mdev->vdev);
485 dev_set_drvdata(&mdev->dev, matrix_mdev);
489 mutex_lock(&matrix_dev->lock);
490 list_del(&matrix_mdev->node);
491 mutex_unlock(&matrix_dev->lock);
492 vfio_uninit_group_dev(&matrix_mdev->vdev);
495 atomic_inc(&matrix_dev->available_instances);
499 static void vfio_ap_mdev_remove(struct mdev_device *mdev)
501 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(&mdev->dev);
503 vfio_unregister_group_dev(&matrix_mdev->vdev);
505 mutex_lock(&matrix_dev->lock);
506 vfio_ap_mdev_reset_queues(matrix_mdev);
507 list_del(&matrix_mdev->node);
508 mutex_unlock(&matrix_dev->lock);
509 vfio_uninit_group_dev(&matrix_mdev->vdev);
511 atomic_inc(&matrix_dev->available_instances);
514 static ssize_t name_show(struct mdev_type *mtype,
515 struct mdev_type_attribute *attr, char *buf)
517 return sprintf(buf, "%s\n", VFIO_AP_MDEV_NAME_HWVIRT);
520 static MDEV_TYPE_ATTR_RO(name);
522 static ssize_t available_instances_show(struct mdev_type *mtype,
523 struct mdev_type_attribute *attr,
526 return sprintf(buf, "%d\n",
527 atomic_read(&matrix_dev->available_instances));
530 static MDEV_TYPE_ATTR_RO(available_instances);
532 static ssize_t device_api_show(struct mdev_type *mtype,
533 struct mdev_type_attribute *attr, char *buf)
535 return sprintf(buf, "%s\n", VFIO_DEVICE_API_AP_STRING);
538 static MDEV_TYPE_ATTR_RO(device_api);
540 static struct attribute *vfio_ap_mdev_type_attrs[] = {
541 &mdev_type_attr_name.attr,
542 &mdev_type_attr_device_api.attr,
543 &mdev_type_attr_available_instances.attr,
547 static struct attribute_group vfio_ap_mdev_hwvirt_type_group = {
548 .name = VFIO_AP_MDEV_TYPE_HWVIRT,
549 .attrs = vfio_ap_mdev_type_attrs,
552 static struct attribute_group *vfio_ap_mdev_type_groups[] = {
553 &vfio_ap_mdev_hwvirt_type_group,
557 struct vfio_ap_queue_reserved {
564 * vfio_ap_has_queue - determines if the AP queue containing the target in @data
566 * @dev: an AP queue device
567 * @data: a struct vfio_ap_queue_reserved reference
569 * Flags whether the AP queue device (@dev) has a queue ID containing the APQN,
570 * apid or apqi specified in @data:
572 * - If @data contains both an apid and apqi value, then @data will be flagged
573 * as reserved if the APID and APQI fields for the AP queue device matches
575 * - If @data contains only an apid value, @data will be flagged as
576 * reserved if the APID field in the AP queue device matches
578 * - If @data contains only an apqi value, @data will be flagged as
579 * reserved if the APQI field in the AP queue device matches
581 * Return: 0 to indicate the input to function succeeded. Returns -EINVAL if
582 * @data does not contain either an apid or apqi.
584 static int vfio_ap_has_queue(struct device *dev, void *data)
586 struct vfio_ap_queue_reserved *qres = data;
587 struct ap_queue *ap_queue = to_ap_queue(dev);
591 if (qres->apid && qres->apqi) {
592 qid = AP_MKQID(*qres->apid, *qres->apqi);
593 if (qid == ap_queue->qid)
594 qres->reserved = true;
595 } else if (qres->apid && !qres->apqi) {
596 id = AP_QID_CARD(ap_queue->qid);
597 if (id == *qres->apid)
598 qres->reserved = true;
599 } else if (!qres->apid && qres->apqi) {
600 id = AP_QID_QUEUE(ap_queue->qid);
601 if (id == *qres->apqi)
602 qres->reserved = true;
611 * vfio_ap_verify_queue_reserved - verifies that the AP queue containing
612 * @apid or @aqpi is reserved
614 * @apid: an AP adapter ID
615 * @apqi: an AP queue index
617 * Verifies that the AP queue with @apid/@apqi is reserved by the VFIO AP device
618 * driver according to the following rules:
620 * - If both @apid and @apqi are not NULL, then there must be an AP queue
621 * device bound to the vfio_ap driver with the APQN identified by @apid and
624 * - If only @apid is not NULL, then there must be an AP queue device bound
625 * to the vfio_ap driver with an APQN containing @apid
627 * - If only @apqi is not NULL, then there must be an AP queue device bound
628 * to the vfio_ap driver with an APQN containing @apqi
630 * Return: 0 if the AP queue is reserved; otherwise, returns -EADDRNOTAVAIL.
632 static int vfio_ap_verify_queue_reserved(unsigned long *apid,
636 struct vfio_ap_queue_reserved qres;
640 qres.reserved = false;
642 ret = driver_for_each_device(&matrix_dev->vfio_ap_drv->driver, NULL,
643 &qres, vfio_ap_has_queue);
650 return -EADDRNOTAVAIL;
654 vfio_ap_mdev_verify_queues_reserved_for_apid(struct ap_matrix_mdev *matrix_mdev,
659 unsigned long nbits = matrix_mdev->matrix.aqm_max + 1;
661 if (find_first_bit_inv(matrix_mdev->matrix.aqm, nbits) >= nbits)
662 return vfio_ap_verify_queue_reserved(&apid, NULL);
664 for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, nbits) {
665 ret = vfio_ap_verify_queue_reserved(&apid, &apqi);
674 * vfio_ap_mdev_verify_no_sharing - verifies that the AP matrix is not configured
676 * @matrix_mdev: the mediated matrix device
678 * Verifies that the APQNs derived from the cross product of the AP adapter IDs
679 * and AP queue indexes comprising the AP matrix are not configured for another
680 * mediated device. AP queue sharing is not allowed.
682 * Return: 0 if the APQNs are not shared; otherwise returns -EADDRINUSE.
684 static int vfio_ap_mdev_verify_no_sharing(struct ap_matrix_mdev *matrix_mdev)
686 struct ap_matrix_mdev *lstdev;
687 DECLARE_BITMAP(apm, AP_DEVICES);
688 DECLARE_BITMAP(aqm, AP_DOMAINS);
690 list_for_each_entry(lstdev, &matrix_dev->mdev_list, node) {
691 if (matrix_mdev == lstdev)
694 memset(apm, 0, sizeof(apm));
695 memset(aqm, 0, sizeof(aqm));
698 * We work on full longs, as we can only exclude the leftover
699 * bits in non-inverse order. The leftover is all zeros.
701 if (!bitmap_and(apm, matrix_mdev->matrix.apm,
702 lstdev->matrix.apm, AP_DEVICES))
705 if (!bitmap_and(aqm, matrix_mdev->matrix.aqm,
706 lstdev->matrix.aqm, AP_DOMAINS))
716 * assign_adapter_store - parses the APID from @buf and sets the
717 * corresponding bit in the mediated matrix device's APM
719 * @dev: the matrix device
720 * @attr: the mediated matrix device's assign_adapter attribute
721 * @buf: a buffer containing the AP adapter number (APID) to
723 * @count: the number of bytes in @buf
725 * Return: the number of bytes processed if the APID is valid; otherwise,
726 * returns one of the following errors:
729 * The APID is not a valid number
732 * The APID exceeds the maximum value configured for the system
735 * An APQN derived from the cross product of the APID being assigned
736 * and the APQIs previously assigned is not bound to the vfio_ap device
737 * driver; or, if no APQIs have yet been assigned, the APID is not
738 * contained in an APQN bound to the vfio_ap device driver.
741 * An APQN derived from the cross product of the APID being assigned
742 * and the APQIs previously assigned is being used by another mediated
745 static ssize_t assign_adapter_store(struct device *dev,
746 struct device_attribute *attr,
747 const char *buf, size_t count)
751 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
753 mutex_lock(&matrix_dev->lock);
755 /* If the KVM guest is running, disallow assignment of adapter */
756 if (matrix_mdev->kvm) {
761 ret = kstrtoul(buf, 0, &apid);
765 if (apid > matrix_mdev->matrix.apm_max) {
771 * Set the bit in the AP mask (APM) corresponding to the AP adapter
772 * number (APID). The bits in the mask, from most significant to least
773 * significant bit, correspond to APIDs 0-255.
775 ret = vfio_ap_mdev_verify_queues_reserved_for_apid(matrix_mdev, apid);
779 set_bit_inv(apid, matrix_mdev->matrix.apm);
781 ret = vfio_ap_mdev_verify_no_sharing(matrix_mdev);
789 clear_bit_inv(apid, matrix_mdev->matrix.apm);
791 mutex_unlock(&matrix_dev->lock);
795 static DEVICE_ATTR_WO(assign_adapter);
798 * unassign_adapter_store - parses the APID from @buf and clears the
799 * corresponding bit in the mediated matrix device's APM
801 * @dev: the matrix device
802 * @attr: the mediated matrix device's unassign_adapter attribute
803 * @buf: a buffer containing the adapter number (APID) to be unassigned
804 * @count: the number of bytes in @buf
806 * Return: the number of bytes processed if the APID is valid; otherwise,
807 * returns one of the following errors:
808 * -EINVAL if the APID is not a number
809 * -ENODEV if the APID it exceeds the maximum value configured for the
812 static ssize_t unassign_adapter_store(struct device *dev,
813 struct device_attribute *attr,
814 const char *buf, size_t count)
818 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
820 mutex_lock(&matrix_dev->lock);
822 /* If the KVM guest is running, disallow unassignment of adapter */
823 if (matrix_mdev->kvm) {
828 ret = kstrtoul(buf, 0, &apid);
832 if (apid > matrix_mdev->matrix.apm_max) {
837 clear_bit_inv((unsigned long)apid, matrix_mdev->matrix.apm);
840 mutex_unlock(&matrix_dev->lock);
843 static DEVICE_ATTR_WO(unassign_adapter);
846 vfio_ap_mdev_verify_queues_reserved_for_apqi(struct ap_matrix_mdev *matrix_mdev,
851 unsigned long nbits = matrix_mdev->matrix.apm_max + 1;
853 if (find_first_bit_inv(matrix_mdev->matrix.apm, nbits) >= nbits)
854 return vfio_ap_verify_queue_reserved(NULL, &apqi);
856 for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, nbits) {
857 ret = vfio_ap_verify_queue_reserved(&apid, &apqi);
866 * assign_domain_store - parses the APQI from @buf and sets the
867 * corresponding bit in the mediated matrix device's AQM
869 * @dev: the matrix device
870 * @attr: the mediated matrix device's assign_domain attribute
871 * @buf: a buffer containing the AP queue index (APQI) of the domain to
873 * @count: the number of bytes in @buf
875 * Return: the number of bytes processed if the APQI is valid; otherwise returns
876 * one of the following errors:
879 * The APQI is not a valid number
882 * The APQI exceeds the maximum value configured for the system
885 * An APQN derived from the cross product of the APQI being assigned
886 * and the APIDs previously assigned is not bound to the vfio_ap device
887 * driver; or, if no APIDs have yet been assigned, the APQI is not
888 * contained in an APQN bound to the vfio_ap device driver.
891 * An APQN derived from the cross product of the APQI being assigned
892 * and the APIDs previously assigned is being used by another mediated
895 static ssize_t assign_domain_store(struct device *dev,
896 struct device_attribute *attr,
897 const char *buf, size_t count)
901 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
902 unsigned long max_apqi = matrix_mdev->matrix.aqm_max;
904 mutex_lock(&matrix_dev->lock);
906 /* If the KVM guest is running, disallow assignment of domain */
907 if (matrix_mdev->kvm) {
912 ret = kstrtoul(buf, 0, &apqi);
915 if (apqi > max_apqi) {
920 ret = vfio_ap_mdev_verify_queues_reserved_for_apqi(matrix_mdev, apqi);
924 set_bit_inv(apqi, matrix_mdev->matrix.aqm);
926 ret = vfio_ap_mdev_verify_no_sharing(matrix_mdev);
934 clear_bit_inv(apqi, matrix_mdev->matrix.aqm);
936 mutex_unlock(&matrix_dev->lock);
940 static DEVICE_ATTR_WO(assign_domain);
944 * unassign_domain_store - parses the APQI from @buf and clears the
945 * corresponding bit in the mediated matrix device's AQM
947 * @dev: the matrix device
948 * @attr: the mediated matrix device's unassign_domain attribute
949 * @buf: a buffer containing the AP queue index (APQI) of the domain to
951 * @count: the number of bytes in @buf
953 * Return: the number of bytes processed if the APQI is valid; otherwise,
954 * returns one of the following errors:
955 * -EINVAL if the APQI is not a number
956 * -ENODEV if the APQI exceeds the maximum value configured for the system
958 static ssize_t unassign_domain_store(struct device *dev,
959 struct device_attribute *attr,
960 const char *buf, size_t count)
964 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
966 mutex_lock(&matrix_dev->lock);
968 /* If the KVM guest is running, disallow unassignment of domain */
969 if (matrix_mdev->kvm) {
974 ret = kstrtoul(buf, 0, &apqi);
978 if (apqi > matrix_mdev->matrix.aqm_max) {
983 clear_bit_inv((unsigned long)apqi, matrix_mdev->matrix.aqm);
987 mutex_unlock(&matrix_dev->lock);
990 static DEVICE_ATTR_WO(unassign_domain);
993 * assign_control_domain_store - parses the domain ID from @buf and sets
994 * the corresponding bit in the mediated matrix device's ADM
996 * @dev: the matrix device
997 * @attr: the mediated matrix device's assign_control_domain attribute
998 * @buf: a buffer containing the domain ID to be assigned
999 * @count: the number of bytes in @buf
1001 * Return: the number of bytes processed if the domain ID is valid; otherwise,
1002 * returns one of the following errors:
1003 * -EINVAL if the ID is not a number
1004 * -ENODEV if the ID exceeds the maximum value configured for the system
1006 static ssize_t assign_control_domain_store(struct device *dev,
1007 struct device_attribute *attr,
1008 const char *buf, size_t count)
1012 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
1014 mutex_lock(&matrix_dev->lock);
1016 /* If the KVM guest is running, disallow assignment of control domain */
1017 if (matrix_mdev->kvm) {
1022 ret = kstrtoul(buf, 0, &id);
1026 if (id > matrix_mdev->matrix.adm_max) {
1031 /* Set the bit in the ADM (bitmask) corresponding to the AP control
1032 * domain number (id). The bits in the mask, from most significant to
1033 * least significant, correspond to IDs 0 up to the one less than the
1034 * number of control domains that can be assigned.
1036 set_bit_inv(id, matrix_mdev->matrix.adm);
1039 mutex_unlock(&matrix_dev->lock);
1042 static DEVICE_ATTR_WO(assign_control_domain);
1045 * unassign_control_domain_store - parses the domain ID from @buf and
1046 * clears the corresponding bit in the mediated matrix device's ADM
1048 * @dev: the matrix device
1049 * @attr: the mediated matrix device's unassign_control_domain attribute
1050 * @buf: a buffer containing the domain ID to be unassigned
1051 * @count: the number of bytes in @buf
1053 * Return: the number of bytes processed if the domain ID is valid; otherwise,
1054 * returns one of the following errors:
1055 * -EINVAL if the ID is not a number
1056 * -ENODEV if the ID exceeds the maximum value configured for the system
1058 static ssize_t unassign_control_domain_store(struct device *dev,
1059 struct device_attribute *attr,
1060 const char *buf, size_t count)
1063 unsigned long domid;
1064 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
1065 unsigned long max_domid = matrix_mdev->matrix.adm_max;
1067 mutex_lock(&matrix_dev->lock);
1069 /* If a KVM guest is running, disallow unassignment of control domain */
1070 if (matrix_mdev->kvm) {
1075 ret = kstrtoul(buf, 0, &domid);
1078 if (domid > max_domid) {
1083 clear_bit_inv(domid, matrix_mdev->matrix.adm);
1086 mutex_unlock(&matrix_dev->lock);
1089 static DEVICE_ATTR_WO(unassign_control_domain);
1091 static ssize_t control_domains_show(struct device *dev,
1092 struct device_attribute *dev_attr,
1099 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
1100 unsigned long max_domid = matrix_mdev->matrix.adm_max;
1102 mutex_lock(&matrix_dev->lock);
1103 for_each_set_bit_inv(id, matrix_mdev->matrix.adm, max_domid + 1) {
1104 n = sprintf(bufpos, "%04lx\n", id);
1108 mutex_unlock(&matrix_dev->lock);
1112 static DEVICE_ATTR_RO(control_domains);
1114 static ssize_t matrix_show(struct device *dev, struct device_attribute *attr,
1117 struct ap_matrix_mdev *matrix_mdev = dev_get_drvdata(dev);
1121 unsigned long apid1;
1122 unsigned long apqi1;
1123 unsigned long napm_bits = matrix_mdev->matrix.apm_max + 1;
1124 unsigned long naqm_bits = matrix_mdev->matrix.aqm_max + 1;
1128 apid1 = find_first_bit_inv(matrix_mdev->matrix.apm, napm_bits);
1129 apqi1 = find_first_bit_inv(matrix_mdev->matrix.aqm, naqm_bits);
1131 mutex_lock(&matrix_dev->lock);
1133 if ((apid1 < napm_bits) && (apqi1 < naqm_bits)) {
1134 for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, napm_bits) {
1135 for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm,
1137 n = sprintf(bufpos, "%02lx.%04lx\n", apid,
1143 } else if (apid1 < napm_bits) {
1144 for_each_set_bit_inv(apid, matrix_mdev->matrix.apm, napm_bits) {
1145 n = sprintf(bufpos, "%02lx.\n", apid);
1149 } else if (apqi1 < naqm_bits) {
1150 for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm, naqm_bits) {
1151 n = sprintf(bufpos, ".%04lx\n", apqi);
1157 mutex_unlock(&matrix_dev->lock);
1161 static DEVICE_ATTR_RO(matrix);
1163 static struct attribute *vfio_ap_mdev_attrs[] = {
1164 &dev_attr_assign_adapter.attr,
1165 &dev_attr_unassign_adapter.attr,
1166 &dev_attr_assign_domain.attr,
1167 &dev_attr_unassign_domain.attr,
1168 &dev_attr_assign_control_domain.attr,
1169 &dev_attr_unassign_control_domain.attr,
1170 &dev_attr_control_domains.attr,
1171 &dev_attr_matrix.attr,
1175 static struct attribute_group vfio_ap_mdev_attr_group = {
1176 .attrs = vfio_ap_mdev_attrs
1179 static const struct attribute_group *vfio_ap_mdev_attr_groups[] = {
1180 &vfio_ap_mdev_attr_group,
1185 * vfio_ap_mdev_set_kvm - sets all data for @matrix_mdev that are needed
1186 * to manage AP resources for the guest whose state is represented by @kvm
1188 * @matrix_mdev: a mediated matrix device
1189 * @kvm: reference to KVM instance
1191 * Return: 0 if no other mediated matrix device has a reference to @kvm;
1192 * otherwise, returns an -EPERM.
1194 static int vfio_ap_mdev_set_kvm(struct ap_matrix_mdev *matrix_mdev,
1197 struct ap_matrix_mdev *m;
1199 if (kvm->arch.crypto.crycbd) {
1200 down_write(&kvm->arch.crypto.pqap_hook_rwsem);
1201 kvm->arch.crypto.pqap_hook = &matrix_mdev->pqap_hook;
1202 up_write(&kvm->arch.crypto.pqap_hook_rwsem);
1204 mutex_lock(&kvm->lock);
1205 mutex_lock(&matrix_dev->lock);
1207 list_for_each_entry(m, &matrix_dev->mdev_list, node) {
1208 if (m != matrix_mdev && m->kvm == kvm) {
1209 mutex_unlock(&kvm->lock);
1210 mutex_unlock(&matrix_dev->lock);
1216 matrix_mdev->kvm = kvm;
1217 kvm_arch_crypto_set_masks(kvm,
1218 matrix_mdev->matrix.apm,
1219 matrix_mdev->matrix.aqm,
1220 matrix_mdev->matrix.adm);
1222 mutex_unlock(&kvm->lock);
1223 mutex_unlock(&matrix_dev->lock);
1230 * vfio_ap_mdev_iommu_notifier - IOMMU notifier callback
1232 * @nb: The notifier block
1233 * @action: Action to be taken
1234 * @data: data associated with the request
1236 * For an UNMAP request, unpin the guest IOVA (the NIB guest address we
1237 * pinned before). Other requests are ignored.
1239 * Return: for an UNMAP request, NOFITY_OK; otherwise NOTIFY_DONE.
1241 static int vfio_ap_mdev_iommu_notifier(struct notifier_block *nb,
1242 unsigned long action, void *data)
1244 struct ap_matrix_mdev *matrix_mdev;
1246 matrix_mdev = container_of(nb, struct ap_matrix_mdev, iommu_notifier);
1248 if (action == VFIO_IOMMU_NOTIFY_DMA_UNMAP) {
1249 struct vfio_iommu_type1_dma_unmap *unmap = data;
1250 unsigned long g_pfn = unmap->iova >> PAGE_SHIFT;
1252 vfio_unpin_pages(&matrix_mdev->vdev, &g_pfn, 1);
1260 * vfio_ap_mdev_unset_kvm - performs clean-up of resources no longer needed
1263 * @matrix_mdev: a matrix mediated device
1265 static void vfio_ap_mdev_unset_kvm(struct ap_matrix_mdev *matrix_mdev)
1267 struct kvm *kvm = matrix_mdev->kvm;
1269 if (kvm && kvm->arch.crypto.crycbd) {
1270 down_write(&kvm->arch.crypto.pqap_hook_rwsem);
1271 kvm->arch.crypto.pqap_hook = NULL;
1272 up_write(&kvm->arch.crypto.pqap_hook_rwsem);
1274 mutex_lock(&kvm->lock);
1275 mutex_lock(&matrix_dev->lock);
1277 kvm_arch_crypto_clear_masks(kvm);
1278 vfio_ap_mdev_reset_queues(matrix_mdev);
1280 matrix_mdev->kvm = NULL;
1282 mutex_unlock(&kvm->lock);
1283 mutex_unlock(&matrix_dev->lock);
1287 static struct vfio_ap_queue *vfio_ap_find_queue(int apqn)
1290 struct vfio_ap_queue *q = NULL;
1292 dev = driver_find_device(&matrix_dev->vfio_ap_drv->driver, NULL,
1295 q = dev_get_drvdata(dev);
1302 int vfio_ap_mdev_reset_queue(struct vfio_ap_queue *q,
1305 struct ap_queue_status status;
1313 status = ap_zapq(q->apqn);
1314 switch (status.response_code) {
1315 case AP_RESPONSE_NORMAL:
1318 case AP_RESPONSE_RESET_IN_PROGRESS:
1325 case AP_RESPONSE_Q_NOT_AVAIL:
1326 case AP_RESPONSE_DECONFIGURED:
1327 case AP_RESPONSE_CHECKSTOPPED:
1328 WARN_ON_ONCE(status.irq_enabled);
1330 goto free_resources;
1332 /* things are really broken, give up */
1333 WARN(true, "PQAP/ZAPQ completed with invalid rc (%x)\n",
1334 status.response_code);
1338 /* wait for the reset to take effect */
1340 if (status.queue_empty && !status.irq_enabled)
1343 status = ap_tapq(q->apqn, NULL);
1345 WARN_ON_ONCE(retry2 <= 0);
1348 vfio_ap_free_aqic_resources(q);
1353 static int vfio_ap_mdev_reset_queues(struct ap_matrix_mdev *matrix_mdev)
1357 unsigned long apid, apqi;
1358 struct vfio_ap_queue *q;
1360 for_each_set_bit_inv(apid, matrix_mdev->matrix.apm,
1361 matrix_mdev->matrix.apm_max + 1) {
1362 for_each_set_bit_inv(apqi, matrix_mdev->matrix.aqm,
1363 matrix_mdev->matrix.aqm_max + 1) {
1364 q = vfio_ap_find_queue(AP_MKQID(apid, apqi));
1365 ret = vfio_ap_mdev_reset_queue(q, 1);
1367 * Regardless whether a queue turns out to be busy, or
1368 * is not operational, we need to continue resetting
1369 * the remaining queues.
1379 static int vfio_ap_mdev_open_device(struct vfio_device *vdev)
1381 struct ap_matrix_mdev *matrix_mdev =
1382 container_of(vdev, struct ap_matrix_mdev, vdev);
1383 unsigned long events;
1389 ret = vfio_ap_mdev_set_kvm(matrix_mdev, vdev->kvm);
1393 matrix_mdev->iommu_notifier.notifier_call = vfio_ap_mdev_iommu_notifier;
1394 events = VFIO_IOMMU_NOTIFY_DMA_UNMAP;
1395 ret = vfio_register_notifier(vdev, VFIO_IOMMU_NOTIFY, &events,
1396 &matrix_mdev->iommu_notifier);
1402 vfio_ap_mdev_unset_kvm(matrix_mdev);
1406 static void vfio_ap_mdev_close_device(struct vfio_device *vdev)
1408 struct ap_matrix_mdev *matrix_mdev =
1409 container_of(vdev, struct ap_matrix_mdev, vdev);
1411 vfio_unregister_notifier(vdev, VFIO_IOMMU_NOTIFY,
1412 &matrix_mdev->iommu_notifier);
1413 vfio_ap_mdev_unset_kvm(matrix_mdev);
1416 static int vfio_ap_mdev_get_device_info(unsigned long arg)
1418 unsigned long minsz;
1419 struct vfio_device_info info;
1421 minsz = offsetofend(struct vfio_device_info, num_irqs);
1423 if (copy_from_user(&info, (void __user *)arg, minsz))
1426 if (info.argsz < minsz)
1429 info.flags = VFIO_DEVICE_FLAGS_AP | VFIO_DEVICE_FLAGS_RESET;
1430 info.num_regions = 0;
1433 return copy_to_user((void __user *)arg, &info, minsz) ? -EFAULT : 0;
1436 static ssize_t vfio_ap_mdev_ioctl(struct vfio_device *vdev,
1437 unsigned int cmd, unsigned long arg)
1439 struct ap_matrix_mdev *matrix_mdev =
1440 container_of(vdev, struct ap_matrix_mdev, vdev);
1443 mutex_lock(&matrix_dev->lock);
1445 case VFIO_DEVICE_GET_INFO:
1446 ret = vfio_ap_mdev_get_device_info(arg);
1448 case VFIO_DEVICE_RESET:
1449 ret = vfio_ap_mdev_reset_queues(matrix_mdev);
1455 mutex_unlock(&matrix_dev->lock);
1460 static const struct vfio_device_ops vfio_ap_matrix_dev_ops = {
1461 .open_device = vfio_ap_mdev_open_device,
1462 .close_device = vfio_ap_mdev_close_device,
1463 .ioctl = vfio_ap_mdev_ioctl,
1466 static struct mdev_driver vfio_ap_matrix_driver = {
1468 .name = "vfio_ap_mdev",
1469 .owner = THIS_MODULE,
1470 .mod_name = KBUILD_MODNAME,
1471 .dev_groups = vfio_ap_mdev_attr_groups,
1473 .probe = vfio_ap_mdev_probe,
1474 .remove = vfio_ap_mdev_remove,
1475 .supported_type_groups = vfio_ap_mdev_type_groups,
1478 int vfio_ap_mdev_register(void)
1482 atomic_set(&matrix_dev->available_instances, MAX_ZDEV_ENTRIES_EXT);
1484 ret = mdev_register_driver(&vfio_ap_matrix_driver);
1488 ret = mdev_register_device(&matrix_dev->device, &vfio_ap_matrix_driver);
1494 mdev_unregister_driver(&vfio_ap_matrix_driver);
1498 void vfio_ap_mdev_unregister(void)
1500 mdev_unregister_device(&matrix_dev->device);
1501 mdev_unregister_driver(&vfio_ap_matrix_driver);
projects / releases.git / blob