lguest_user.c revision 3c6b5bfa3cf3b4057788e08482a468cc3bc00780
1f938d2c892db0d80d144253d4a7b7083efdbedebRusty Russell/*P:200 This contains all the /dev/lguest code, whereby the userspace launcher 2f938d2c892db0d80d144253d4a7b7083efdbedebRusty Russell * controls and communicates with the Guest. For example, the first write will 33c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell * tell us the Guest's memory layout, pagetable, entry point and kernel address 43c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell * offset. A read will run the Guest until something happens, such as a signal 53c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell * or the Guest doing a DMA out to the Launcher. Writes are also used to get a 63c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell * DMA buffer registered by the Guest and to send the Guest an interrupt. :*/ 7d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell#include <linux/uaccess.h> 8d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell#include <linux/miscdevice.h> 9d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell#include <linux/fs.h> 10d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell#include "lg.h" 11d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 12dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell/*L:030 setup_regs() doesn't really belong in this file, but it gives us an 13dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * early glimpse deeper into the Host so it's worth having here. 14dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 15dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * Most of the Guest's registers are left alone: we used get_zeroed_page() to 16dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * allocate the structure, so they will be 0. */ 17d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic void setup_regs(struct lguest_regs *regs, unsigned long start) 18d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 19dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* There are four "segment" registers which the Guest needs to boot: 20dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * The "code segment" register (cs) refers to the kernel code segment 21dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * __KERNEL_CS, and the "data", "extra" and "stack" segment registers 22dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * refer to the kernel data segment __KERNEL_DS. 23dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 24dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * The privilege level is packed into the lower bits. The Guest runs 25dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * at privilege level 1 (GUEST_PL).*/ 26d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell regs->ds = regs->es = regs->ss = __KERNEL_DS|GUEST_PL; 27d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell regs->cs = __KERNEL_CS|GUEST_PL; 28dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 29dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* The "eflags" register contains miscellaneous flags. Bit 1 (0x002) 30dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * is supposed to always be "1". Bit 9 (0x200) controls whether 31dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * interrupts are enabled. We always leave interrupts enabled while 32dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * running the Guest. */ 33dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell regs->eflags = 0x202; 34dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 35dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* The "Extended Instruction Pointer" register says where the Guest is 36dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * running. */ 37d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell regs->eip = start; 38dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 39dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* %esi points to our boot information, at physical address 0, so don't 40dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * touch it. */ 41d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 42d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 43dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell/*L:310 To send DMA into the Guest, the Launcher needs to be able to ask for a 44dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * DMA buffer. This is done by writing LHREQ_GETDMA and the key to 45dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * /dev/lguest. */ 46d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic long user_get_dma(struct lguest *lg, const u32 __user *input) 47d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 48d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell unsigned long key, udma, irq; 49d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 50dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Fetch the key they wrote to us. */ 51d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (get_user(key, input) != 0) 52d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EFAULT; 53dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Look for a free Guest DMA buffer bound to that key. */ 54d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell udma = get_dma_buffer(lg, key, &irq); 55d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (!udma) 56d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -ENOENT; 57d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 58dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We need to tell the Launcher what interrupt the Guest expects after 59dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * the buffer is filled. We stash it in udma->used_len. */ 60d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lgwrite_u32(lg, udma + offsetof(struct lguest_dma, used_len), irq); 61dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 62dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* The (guest-physical) address of the DMA buffer is returned from 63dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * the write(). */ 64d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return udma; 65d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 66d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 67dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell/*L:315 To force the Guest to stop running and return to the Launcher, the 68d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell * Waker sets writes LHREQ_BREAK and the value "1" to /dev/lguest. The 69d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell * Launcher then writes LHREQ_BREAK and "0" to release the Waker. */ 70d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic int break_guest_out(struct lguest *lg, const u32 __user *input) 71d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 72d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell unsigned long on; 73d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 74d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell /* Fetch whether they're turning break on or off.. */ 75d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (get_user(on, input) != 0) 76d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EFAULT; 77d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 78d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (on) { 79d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg->break_out = 1; 80d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell /* Pop it out (may be running on different CPU) */ 81d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell wake_up_process(lg->tsk); 82d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell /* Wait for them to reset it */ 83d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return wait_event_interruptible(lg->break_wq, !lg->break_out); 84d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell } else { 85d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg->break_out = 0; 86d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell wake_up(&lg->break_wq); 87d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return 0; 88d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell } 89d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 90d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 91dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell/*L:050 Sending an interrupt is done by writing LHREQ_IRQ and an interrupt 92dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * number to /dev/lguest. */ 93d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic int user_send_irq(struct lguest *lg, const u32 __user *input) 94d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 95d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell u32 irq; 96d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 97d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (get_user(irq, input) != 0) 98d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EFAULT; 99d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (irq >= LGUEST_IRQS) 100d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EINVAL; 101dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Next time the Guest runs, the core code will see if it can deliver 102dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * this interrupt. */ 103d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell set_bit(irq, lg->irqs_pending); 104d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return 0; 105d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 106d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 107dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell/*L:040 Once our Guest is initialized, the Launcher makes it run by reading 108dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * from /dev/lguest. */ 109d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic ssize_t read(struct file *file, char __user *user, size_t size,loff_t*o) 110d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 111d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell struct lguest *lg = file->private_data; 112d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 113dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* You must write LHREQ_INITIALIZE first! */ 114d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (!lg) 115d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EINVAL; 116d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 117d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell /* If you're not the task which owns the guest, go away. */ 118d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (current != lg->tsk) 119d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EPERM; 120d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 121dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* If the guest is already dead, we indicate why */ 122d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (lg->dead) { 123d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell size_t len; 124d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 125dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* lg->dead either contains an error code, or a string. */ 126d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (IS_ERR(lg->dead)) 127d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return PTR_ERR(lg->dead); 128d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 129dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We can only return as much as the buffer they read with. */ 130d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell len = min(size, strlen(lg->dead)+1); 131d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (copy_to_user(user, lg->dead, len) != 0) 132d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EFAULT; 133d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return len; 134d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell } 135d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 136dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* If we returned from read() last time because the Guest sent DMA, 137dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * clear the flag. */ 138d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (lg->dma_is_pending) 139d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg->dma_is_pending = 0; 140d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 141dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Run the Guest until something interesting happens. */ 142d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return run_guest(lg, (unsigned long __user *)user); 143d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 144d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 1453c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell/*L:020 The initialization write supplies 5 32-bit values (in addition to the 146dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 32-bit LHREQ_INITIALIZE value). These are: 147dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 1483c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell * base: The start of the Guest-physical memory inside the Launcher memory. 1493c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell * 150dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * pfnlimit: The highest (Guest-physical) page number the Guest should be 151dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * allowed to access. The Launcher has to live in Guest memory, so it sets 152dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * this to ensure the Guest can't reach it. 153dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 154dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * pgdir: The (Guest-physical) address of the top of the initial Guest 155dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * pagetables (which are set up by the Launcher). 156dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 157dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * start: The first instruction to execute ("eip" in x86-speak). 158dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 159dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * page_offset: The PAGE_OFFSET constant in the Guest kernel. We should 160dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * probably wean the code off this, but it's a very useful constant! Any 161dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * address above this is within the Guest kernel, and any kernel address can 162dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * quickly converted from physical to virtual by adding PAGE_OFFSET. It's 163dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 0xC0000000 (3G) by default, but it's configurable at kernel build time. 164dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell */ 165d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic int initialize(struct file *file, const u32 __user *input) 166d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 167dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* "struct lguest" contains everything we (the Host) know about a 168dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * Guest. */ 169d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell struct lguest *lg; 170d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell int err, i; 1713c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell u32 args[5]; 172d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 173d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell /* We grab the Big Lguest lock, which protects the global array 174d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell * "lguests" and multiple simultaneous initializations. */ 175d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell mutex_lock(&lguest_lock); 176dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* You can't initialize twice! Close the device and start again... */ 177d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (file->private_data) { 178d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell err = -EBUSY; 179d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell goto unlock; 180d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell } 181d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 182d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (copy_from_user(args, input, sizeof(args)) != 0) { 183d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell err = -EFAULT; 184d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell goto unlock; 185d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell } 186d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 187dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Find an unused guest. */ 188d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell i = find_free_guest(); 189d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (i < 0) { 190d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell err = -ENOSPC; 191d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell goto unlock; 192d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell } 193dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* OK, we have an index into the "lguest" array: "lg" is a convenient 194dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * pointer. */ 195d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg = &lguests[i]; 196dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 197dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Populate the easy fields of our "struct lguest" */ 198d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg->guestid = i; 1993c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell lg->mem_base = (void __user *)(long)args[0]; 2003c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell lg->pfn_limit = args[1]; 2013c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell lg->page_offset = args[4]; 202dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 203dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We need a complete page for the Guest registers: they are accessible 204dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * to the Guest and we can only grant it access to whole pages. */ 205d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg->regs_page = get_zeroed_page(GFP_KERNEL); 206d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (!lg->regs_page) { 207d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell err = -ENOMEM; 208d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell goto release_guest; 209d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell } 210dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We actually put the registers at the bottom of the page. */ 211d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg->regs = (void *)lg->regs_page + PAGE_SIZE - sizeof(*lg->regs); 212d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 213dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Initialize the Guest's shadow page tables, using the toplevel 214dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * address the Launcher gave us. This allocates memory, so can 215dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * fail. */ 2163c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell err = init_guest_pagetable(lg, args[2]); 217d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (err) 218d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell goto free_regs; 219d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 220dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Now we initialize the Guest's registers, handing it the start 221dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * address. */ 2223c6b5bfa3cf3b4057788e08482a468cc3bc00780Rusty Russell setup_regs(lg->regs, args[3]); 223dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 224dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* There are a couple of GDT entries the Guest expects when first 225dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * booting. */ 226d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell setup_guest_gdt(lg); 227dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 228dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* The timer for lguest's clock needs initialization. */ 229d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell init_clockdev(lg); 230dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 231dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We keep a pointer to the Launcher task (ie. current task) for when 232dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * other Guests want to wake this one (inter-Guest I/O). */ 233d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg->tsk = current; 234dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We need to keep a pointer to the Launcher's memory map, because if 235dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * the Launcher dies we need to clean it up. If we don't keep a 236dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * reference, it is destroyed before close() is called. */ 237d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg->mm = get_task_mm(lg->tsk); 238dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 239dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Initialize the queue for the waker to wait on */ 240d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell init_waitqueue_head(&lg->break_wq); 241dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 242dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We remember which CPU's pages this Guest used last, for optimization 243dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * when the same Guest runs on the same CPU twice. */ 244d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell lg->last_pages = NULL; 245dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 246dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We keep our "struct lguest" in the file's private_data. */ 247d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell file->private_data = lg; 248d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 249d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell mutex_unlock(&lguest_lock); 250d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 251dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* And because this is a write() call, we return the length used. */ 252d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return sizeof(args); 253d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 254d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellfree_regs: 255d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell free_page(lg->regs_page); 256d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellrelease_guest: 257d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell memset(lg, 0, sizeof(*lg)); 258d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellunlock: 259d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell mutex_unlock(&lguest_lock); 260d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return err; 261d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 262d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 263dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell/*L:010 The first operation the Launcher does must be a write. All writes 264dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * start with a 32 bit number: for the first write this must be 265dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * LHREQ_INITIALIZE to set up the Guest. After that the Launcher can use 266dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * writes of other values to get DMA buffers and send interrupts. */ 267d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic ssize_t write(struct file *file, const char __user *input, 268d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell size_t size, loff_t *off) 269d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 270dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Once the guest is initialized, we hold the "struct lguest" in the 271dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * file private data. */ 272d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell struct lguest *lg = file->private_data; 273d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell u32 req; 274d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 275d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (get_user(req, input) != 0) 276d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EFAULT; 277d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell input += sizeof(req); 278d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 279dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* If you haven't initialized, you must do that first. */ 280d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (req != LHREQ_INITIALIZE && !lg) 281d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EINVAL; 282dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 283dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Once the Guest is dead, all you can do is read() why it died. */ 284d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (lg && lg->dead) 285d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -ENOENT; 286d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 287d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell /* If you're not the task which owns the Guest, you can only break */ 288d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (lg && current != lg->tsk && req != LHREQ_BREAK) 289d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EPERM; 290d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 291d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell switch (req) { 292d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell case LHREQ_INITIALIZE: 293d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return initialize(file, (const u32 __user *)input); 294d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell case LHREQ_GETDMA: 295d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return user_get_dma(lg, (const u32 __user *)input); 296d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell case LHREQ_IRQ: 297d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return user_send_irq(lg, (const u32 __user *)input); 298d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell case LHREQ_BREAK: 299d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return break_guest_out(lg, (const u32 __user *)input); 300d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell default: 301d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return -EINVAL; 302d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell } 303d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 304d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 305dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell/*L:060 The final piece of interface code is the close() routine. It reverses 306dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * everything done in initialize(). This is usually called because the 307dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * Launcher exited. 308dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 309dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * Note that the close routine returns 0 or a negative error number: it can't 310dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * really fail, but it can whine. I blame Sun for this wart, and K&R C for 311dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * letting them do it. :*/ 312d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic int close(struct inode *inode, struct file *file) 313d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 314d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell struct lguest *lg = file->private_data; 315d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 316dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* If we never successfully initialized, there's nothing to clean up */ 317d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (!lg) 318d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return 0; 319d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 320dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We need the big lock, to protect from inter-guest I/O and other 321dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * Launchers initializing guests. */ 322d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell mutex_lock(&lguest_lock); 323d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell /* Cancels the hrtimer set via LHCALL_SET_CLOCKEVENT. */ 324d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell hrtimer_cancel(&lg->hrt); 325dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Free any DMA buffers the Guest had bound. */ 326d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell release_all_dma(lg); 327dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Free up the shadow page tables for the Guest. */ 328d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell free_guest_pagetable(lg); 329dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Now all the memory cleanups are done, it's safe to release the 330dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * Launcher's memory management structure. */ 331d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell mmput(lg->mm); 332dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* If lg->dead doesn't contain an error code it will be NULL or a 333dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * kmalloc()ed string, either of which is ok to hand to kfree(). */ 334d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell if (!IS_ERR(lg->dead)) 335d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell kfree(lg->dead); 336dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We can free up the register page we allocated. */ 337d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell free_page(lg->regs_page); 338dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* We clear the entire structure, which also marks it as free for the 339dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * next user. */ 340d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell memset(lg, 0, sizeof(*lg)); 341dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell /* Release lock and exit. */ 342d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell mutex_unlock(&lguest_lock); 343dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 344d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return 0; 345d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 346d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 347dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell/*L:000 348dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * Welcome to our journey through the Launcher! 349dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 350dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * The Launcher is the Host userspace program which sets up, runs and services 351dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * the Guest. In fact, many comments in the Drivers which refer to "the Host" 352dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * doing things are inaccurate: the Launcher does all the device handling for 353dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * the Guest. The Guest can't tell what's done by the the Launcher and what by 354dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * the Host. 355dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 356dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * Just to confuse you: to the Host kernel, the Launcher *is* the Guest and we 357dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * shall see more of that later. 358dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * 359dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * We begin our understanding with the Host kernel interface which the Launcher 360dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * uses: reading and writing a character device called /dev/lguest. All the 361dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * work happens in the read(), write() and close() routines: */ 362d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic struct file_operations lguest_fops = { 363d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell .owner = THIS_MODULE, 364d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell .release = close, 365d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell .write = write, 366d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell .read = read, 367d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell}; 368dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell 369dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell/* This is a textbook example of a "misc" character device. Populate a "struct 370dde797899ac17ebb812b7566044124d785e98dc7Rusty Russell * miscdevice" and register it with misc_register(). */ 371d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellstatic struct miscdevice lguest_dev = { 372d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell .minor = MISC_DYNAMIC_MINOR, 373d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell .name = "lguest", 374d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell .fops = &lguest_fops, 375d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell}; 376d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 377d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellint __init lguest_device_init(void) 378d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 379d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell return misc_register(&lguest_dev); 380d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 381d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell 382d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russellvoid __exit lguest_device_remove(void) 383d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell{ 384d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell misc_deregister(&lguest_dev); 385d7e28ffe6c74416b54345d6004fd0964c115b12cRusty Russell} 386