tjh.dev
Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'hyperv-next-signed-20220528' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux
Pull hyperv updates from Wei Liu:
- Harden hv_sock driver (Andrea Parri)
- Harden Hyper-V PCI driver (Andrea Parri)
- Fix multi-MSI for Hyper-V PCI driver (Jeffrey Hugo)
- Fix Hyper-V PCI to reduce boot time (Dexuan Cui)
- Remove code for long EOL'ed Hyper-V versions (Michael Kelley, Saurabh
Sengar)
- Fix balloon driver error handling (Shradha Gupta)
- Fix a typo in vmbus driver (Julia Lawall)
- Ignore vmbus IMC device (Michael Kelley)
- Add a new error message to Hyper-V DRM driver (Saurabh Sengar)
* tag 'hyperv-next-signed-20220528' of git://git.kernel.org/pub/scm/linux/kernel/git/hyperv/linux: (28 commits)
hv_balloon: Fix balloon_probe() and balloon_remove() error handling
scsi: storvsc: Removing Pre Win8 related logic
Drivers: hv: vmbus: fix typo in comment
PCI: hv: Fix synchronization between channel callback and hv_pci_bus_exit()
PCI: hv: Add validation for untrusted Hyper-V values
PCI: hv: Fix interrupt mapping for multi-MSI
PCI: hv: Reuse existing IRTE allocation in compose_msi_msg()
drm/hyperv: Remove support for Hyper-V 2008 and 2008R2/Win7
video: hyperv_fb: Remove support for Hyper-V 2008 and 2008R2/Win7
scsi: storvsc: Remove support for Hyper-V 2008 and 2008R2/Win7
Drivers: hv: vmbus: Remove support for Hyper-V 2008 and Hyper-V 2008R2/Win7
x86/hyperv: Disable hardlockup detector by default in Hyper-V guests
drm/hyperv: Add error message for fb size greater than allocated
PCI: hv: Do not set PCI_COMMAND_MEMORY to reduce VM boot time
PCI: hv: Fix hv_arch_irq_unmask() for multi-MSI
Drivers: hv: vmbus: Refactor the ring-buffer iterator functions
Drivers: hv: vmbus: Accept hv_sock offers in isolated guests
hv_sock: Add validation for untrusted Hyper-V values
hv_sock: Copy packets sent by Hyper-V out of the ring buffer
hv_sock: Check hv_pkt_iter_first_raw()'s return value
...
+491
-433
+2
arch/x86/kernel/cpu/mshyperv.c
+2
arch/x86/kernel/cpu/mshyperv.c
+4
-1
drivers/gpu/drm/hyperv/hyperv_drm_modeset.c
+4
-1
drivers/gpu/drm/hyperv/hyperv_drm_modeset.c
···
123
123
if (fb->format->format != DRM_FORMAT_XRGB8888)
124
124
return -EINVAL;
125
125
126
-
if (fb->pitches[0] * fb->height > hv->fb_size)
126
+
if (fb->pitches[0] * fb->height > hv->fb_size) {
127
+
drm_err(&hv->dev, "fb size requested by %s for %dX%d (pitch %d) greater than %ld\n",
128
+
current->comm, fb->width, fb->height, fb->pitches[0], hv->fb_size);
127
129
return -EINVAL;
130
+
}
128
131
129
132
return 0;
130
133
}
+7
-16
drivers/gpu/drm/hyperv/hyperv_drm_proto.c
+7
-16
drivers/gpu/drm/hyperv/hyperv_drm_proto.c
···
18
18
#define SYNTHVID_VERSION(major, minor) ((minor) << 16 | (major))
19
19
#define SYNTHVID_VER_GET_MAJOR(ver) (ver & 0x0000ffff)
20
20
#define SYNTHVID_VER_GET_MINOR(ver) ((ver & 0xffff0000) >> 16)
21
+
22
+
/* Support for VERSION_WIN7 is removed. #define is retained for reference. */
21
23
#define SYNTHVID_VERSION_WIN7 SYNTHVID_VERSION(3, 0)
22
24
#define SYNTHVID_VERSION_WIN8 SYNTHVID_VERSION(3, 2)
23
25
#define SYNTHVID_VERSION_WIN10 SYNTHVID_VERSION(3, 5)
24
26
25
-
#define SYNTHVID_DEPTH_WIN7 16
26
27
#define SYNTHVID_DEPTH_WIN8 32
27
-
#define SYNTHVID_FB_SIZE_WIN7 (4 * 1024 * 1024)
28
+
#define SYNTHVID_WIDTH_WIN8 1600
29
+
#define SYNTHVID_HEIGHT_WIN8 1200
28
30
#define SYNTHVID_FB_SIZE_WIN8 (8 * 1024 * 1024)
29
-
#define SYNTHVID_WIDTH_MAX_WIN7 1600
30
-
#define SYNTHVID_HEIGHT_MAX_WIN7 1200
31
31
32
32
enum pipe_msg_type {
33
33
PIPE_MSG_INVALID,
···
496
496
case VERSION_WIN8:
497
497
case VERSION_WIN8_1:
498
498
ret = hyperv_negotiate_version(hdev, SYNTHVID_VERSION_WIN8);
499
-
if (!ret)
500
-
break;
501
-
fallthrough;
502
-
case VERSION_WS2008:
503
-
case VERSION_WIN7:
504
-
ret = hyperv_negotiate_version(hdev, SYNTHVID_VERSION_WIN7);
505
499
break;
506
500
default:
507
501
ret = hyperv_negotiate_version(hdev, SYNTHVID_VERSION_WIN10);
···
507
513
goto error;
508
514
}
509
515
510
-
if (hv->synthvid_version == SYNTHVID_VERSION_WIN7)
511
-
hv->screen_depth = SYNTHVID_DEPTH_WIN7;
512
-
else
513
-
hv->screen_depth = SYNTHVID_DEPTH_WIN8;
516
+
hv->screen_depth = SYNTHVID_DEPTH_WIN8;
514
517
515
518
if (hyperv_version_ge(hv->synthvid_version, SYNTHVID_VERSION_WIN10)) {
516
519
ret = hyperv_get_supported_resolution(hdev);
517
520
if (ret)
518
521
drm_err(dev, "Failed to get supported resolution from host, use default\n");
519
522
} else {
520
-
hv->screen_width_max = SYNTHVID_WIDTH_MAX_WIN7;
521
-
hv->screen_height_max = SYNTHVID_HEIGHT_MAX_WIN7;
523
+
hv->screen_width_max = SYNTHVID_WIDTH_WIN8;
524
+
hv->screen_height_max = SYNTHVID_HEIGHT_WIN8;
522
525
}
523
526
524
527
hv->mmio_megabytes = hdev->channel->offermsg.offer.mmio_megabytes;
+98
-42
drivers/hv/channel.c
+98
-42
drivers/hv/channel.c
···
1022
1022
EXPORT_SYMBOL_GPL(vmbus_close);
1023
1023
1024
1024
/**
1025
-
* vmbus_sendpacket() - Send the specified buffer on the given channel
1025
+
* vmbus_sendpacket_getid() - Send the specified buffer on the given channel
1026
1026
* @channel: Pointer to vmbus_channel structure
1027
1027
* @buffer: Pointer to the buffer you want to send the data from.
1028
1028
* @bufferlen: Maximum size of what the buffer holds.
1029
1029
* @requestid: Identifier of the request
1030
+
* @trans_id: Identifier of the transaction associated to this request, if
1031
+
* the send is successful; undefined, otherwise.
1030
1032
* @type: Type of packet that is being sent e.g. negotiate, time
1031
1033
* packet etc.
1032
1034
* @flags: 0 or VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED
···
1038
1036
*
1039
1037
* Mainly used by Hyper-V drivers.
1040
1038
*/
1041
-
int vmbus_sendpacket(struct vmbus_channel *channel, void *buffer,
1042
-
u32 bufferlen, u64 requestid,
1039
+
int vmbus_sendpacket_getid(struct vmbus_channel *channel, void *buffer,
1040
+
u32 bufferlen, u64 requestid, u64 *trans_id,
1043
1041
enum vmbus_packet_type type, u32 flags)
1044
1042
{
1045
1043
struct vmpacket_descriptor desc;
···
1065
1063
bufferlist[2].iov_base = &aligned_data;
1066
1064
bufferlist[2].iov_len = (packetlen_aligned - packetlen);
1067
1065
1068
-
return hv_ringbuffer_write(channel, bufferlist, num_vecs, requestid);
1066
+
return hv_ringbuffer_write(channel, bufferlist, num_vecs, requestid, trans_id);
1067
+
}
1068
+
EXPORT_SYMBOL(vmbus_sendpacket_getid);
1069
+
1070
+
/**
1071
+
* vmbus_sendpacket() - Send the specified buffer on the given channel
1072
+
* @channel: Pointer to vmbus_channel structure
1073
+
* @buffer: Pointer to the buffer you want to send the data from.
1074
+
* @bufferlen: Maximum size of what the buffer holds.
1075
+
* @requestid: Identifier of the request
1076
+
* @type: Type of packet that is being sent e.g. negotiate, time
1077
+
* packet etc.
1078
+
* @flags: 0 or VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED
1079
+
*
1080
+
* Sends data in @buffer directly to Hyper-V via the vmbus.
1081
+
* This will send the data unparsed to Hyper-V.
1082
+
*
1083
+
* Mainly used by Hyper-V drivers.
1084
+
*/
1085
+
int vmbus_sendpacket(struct vmbus_channel *channel, void *buffer,
1086
+
u32 bufferlen, u64 requestid,
1087
+
enum vmbus_packet_type type, u32 flags)
1088
+
{
1089
+
return vmbus_sendpacket_getid(channel, buffer, bufferlen,
1090
+
requestid, NULL, type, flags);
1069
1091
}
1070
1092
EXPORT_SYMBOL(vmbus_sendpacket);
1071
1093
···
1148
1122
bufferlist[2].iov_base = &aligned_data;
1149
1123
bufferlist[2].iov_len = (packetlen_aligned - packetlen);
1150
1124
1151
-
return hv_ringbuffer_write(channel, bufferlist, 3, requestid);
1125
+
return hv_ringbuffer_write(channel, bufferlist, 3, requestid, NULL);
1152
1126
}
1153
1127
EXPORT_SYMBOL_GPL(vmbus_sendpacket_pagebuffer);
1154
1128
···
1186
1160
bufferlist[2].iov_base = &aligned_data;
1187
1161
bufferlist[2].iov_len = (packetlen_aligned - packetlen);
1188
1162
1189
-
return hv_ringbuffer_write(channel, bufferlist, 3, requestid);
1163
+
return hv_ringbuffer_write(channel, bufferlist, 3, requestid, NULL);
1190
1164
}
1191
1165
EXPORT_SYMBOL_GPL(vmbus_sendpacket_mpb_desc);
1192
1166
···
1252
1226
if (!channel->rqstor_size)
1253
1227
return VMBUS_NO_RQSTOR;
1254
1228
1255
-
spin_lock_irqsave(&rqstor->req_lock, flags);
1229
+
lock_requestor(channel, flags);
1256
1230
current_id = rqstor->next_request_id;
1257
1231
1258
1232
/* Requestor array is full */
1259
1233
if (current_id >= rqstor->size) {
1260
-
spin_unlock_irqrestore(&rqstor->req_lock, flags);
1234
+
unlock_requestor(channel, flags);
1261
1235
return VMBUS_RQST_ERROR;
1262
1236
}
1263
1237
···
1267
1241
/* The already held spin lock provides atomicity */
1268
1242
bitmap_set(rqstor->req_bitmap, current_id, 1);
1269
1243
1270
-
spin_unlock_irqrestore(&rqstor->req_lock, flags);
1244
+
unlock_requestor(channel, flags);
1271
1245
1272
1246
/*
1273
1247
* Cannot return an ID of 0, which is reserved for an unsolicited
1274
-
* message from Hyper-V.
1248
+
* message from Hyper-V; Hyper-V does not acknowledge (respond to)
1249
+
* VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED requests with ID of
1250
+
* 0 sent by the guest.
1275
1251
*/
1276
1252
return current_id + 1;
1277
1253
}
1278
1254
EXPORT_SYMBOL_GPL(vmbus_next_request_id);
1255
+
1256
+
/* As in vmbus_request_addr_match() but without the requestor lock */
1257
+
u64 __vmbus_request_addr_match(struct vmbus_channel *channel, u64 trans_id,
1258
+
u64 rqst_addr)
1259
+
{
1260
+
struct vmbus_requestor *rqstor = &channel->requestor;
1261
+
u64 req_addr;
1262
+
1263
+
/* Check rqstor has been initialized */
1264
+
if (!channel->rqstor_size)
1265
+
return VMBUS_NO_RQSTOR;
1266
+
1267
+
/* Hyper-V can send an unsolicited message with ID of 0 */
1268
+
if (!trans_id)
1269
+
return VMBUS_RQST_ERROR;
1270
+
1271
+
/* Data corresponding to trans_id is stored at trans_id - 1 */
1272
+
trans_id--;
1273
+
1274
+
/* Invalid trans_id */
1275
+
if (trans_id >= rqstor->size || !test_bit(trans_id, rqstor->req_bitmap))
1276
+
return VMBUS_RQST_ERROR;
1277
+
1278
+
req_addr = rqstor->req_arr[trans_id];
1279
+
if (rqst_addr == VMBUS_RQST_ADDR_ANY || req_addr == rqst_addr) {
1280
+
rqstor->req_arr[trans_id] = rqstor->next_request_id;
1281
+
rqstor->next_request_id = trans_id;
1282
+
1283
+
/* The already held spin lock provides atomicity */
1284
+
bitmap_clear(rqstor->req_bitmap, trans_id, 1);
1285
+
}
1286
+
1287
+
return req_addr;
1288
+
}
1289
+
EXPORT_SYMBOL_GPL(__vmbus_request_addr_match);
1290
+
1291
+
/*
1292
+
* vmbus_request_addr_match - Clears/removes @trans_id from the @channel's
1293
+
* requestor, provided the memory address stored at @trans_id equals @rqst_addr
1294
+
* (or provided @rqst_addr matches the sentinel value VMBUS_RQST_ADDR_ANY).
1295
+
*
1296
+
* Returns the memory address stored at @trans_id, or VMBUS_RQST_ERROR if
1297
+
* @trans_id is not contained in the requestor.
1298
+
*
1299
+
* Acquires and releases the requestor spin lock.
1300
+
*/
1301
+
u64 vmbus_request_addr_match(struct vmbus_channel *channel, u64 trans_id,
1302
+
u64 rqst_addr)
1303
+
{
1304
+
unsigned long flags;
1305
+
u64 req_addr;
1306
+
1307
+
lock_requestor(channel, flags);
1308
+
req_addr = __vmbus_request_addr_match(channel, trans_id, rqst_addr);
1309
+
unlock_requestor(channel, flags);
1310
+
1311
+
return req_addr;
1312
+
}
1313
+
EXPORT_SYMBOL_GPL(vmbus_request_addr_match);
1279
1314
1280
1315
/*
1281
1316
* vmbus_request_addr - Returns the memory address stored at @trans_id
···
1347
1260
*/
1348
1261
u64 vmbus_request_addr(struct vmbus_channel *channel, u64 trans_id)
1349
1262
{
1350
-
struct vmbus_requestor *rqstor = &channel->requestor;
1351
-
unsigned long flags;
1352
-
u64 req_addr;
1353
-
1354
-
/* Check rqstor has been initialized */
1355
-
if (!channel->rqstor_size)
1356
-
return VMBUS_NO_RQSTOR;
1357
-
1358
-
/* Hyper-V can send an unsolicited message with ID of 0 */
1359
-
if (!trans_id)
1360
-
return trans_id;
1361
-
1362
-
spin_lock_irqsave(&rqstor->req_lock, flags);
1363
-
1364
-
/* Data corresponding to trans_id is stored at trans_id - 1 */
1365
-
trans_id--;
1366
-
1367
-
/* Invalid trans_id */
1368
-
if (trans_id >= rqstor->size || !test_bit(trans_id, rqstor->req_bitmap)) {
1369
-
spin_unlock_irqrestore(&rqstor->req_lock, flags);
1370
-
return VMBUS_RQST_ERROR;
1371
-
}
1372
-
1373
-
req_addr = rqstor->req_arr[trans_id];
1374
-
rqstor->req_arr[trans_id] = rqstor->next_request_id;
1375
-
rqstor->next_request_id = trans_id;
1376
-
1377
-
/* The already held spin lock provides atomicity */
1378
-
bitmap_clear(rqstor->req_bitmap, trans_id, 1);
1379
-
1380
-
spin_unlock_irqrestore(&rqstor->req_lock, flags);
1381
-
return req_addr;
1263
+
return vmbus_request_addr_match(channel, trans_id, VMBUS_RQST_ADDR_ANY);
1382
1264
}
1383
1265
EXPORT_SYMBOL_GPL(vmbus_request_addr);
+19
-21
drivers/hv/channel_mgmt.c
+19
-21
drivers/hv/channel_mgmt.c
···
152
152
{ HV_AVMA1_GUID },
153
153
{ HV_AVMA2_GUID },
154
154
{ HV_RDV_GUID },
155
+
{ HV_IMC_GUID },
155
156
};
156
157
157
158
/*
···
443
442
/*
444
443
* Upon suspend, an in-use hv_sock channel is removed from the array of
445
444
* channels and the relid is invalidated. After hibernation, when the
446
-
* user-space appplication destroys the channel, it's unnecessary and
445
+
* user-space application destroys the channel, it's unnecessary and
447
446
* unsafe to remove the channel from the array of channels. See also
448
447
* the inline comments before the call of vmbus_release_relid() below.
449
448
*/
···
714
713
static int next_numa_node_id;
715
714
716
715
/*
717
-
* Starting with Win8, we can statically distribute the incoming
718
-
* channel interrupt load by binding a channel to VCPU.
716
+
* We can statically distribute the incoming channel interrupt load
717
+
* by binding a channel to VCPU.
719
718
*
720
-
* For pre-win8 hosts or non-performance critical channels we assign the
721
-
* VMBUS_CONNECT_CPU.
722
-
*
723
-
* Starting with win8, performance critical channels will be distributed
724
-
* evenly among all the available NUMA nodes. Once the node is assigned,
725
-
* we will assign the CPU based on a simple round robin scheme.
719
+
* For non-performance critical channels we assign the VMBUS_CONNECT_CPU.
720
+
* Performance critical channels will be distributed evenly among all
721
+
* the available NUMA nodes. Once the node is assigned, we will assign
722
+
* the CPU based on a simple round robin scheme.
726
723
*/
727
724
static void init_vp_index(struct vmbus_channel *channel)
728
725
{
···
731
732
u32 target_cpu;
732
733
int numa_node;
733
734
734
-
if ((vmbus_proto_version == VERSION_WS2008) ||
735
-
(vmbus_proto_version == VERSION_WIN7) || (!perf_chn) ||
735
+
if (!perf_chn ||
736
736
!alloc_cpumask_var(&available_mask, GFP_KERNEL)) {
737
737
/*
738
-
* Prior to win8, all channel interrupts are
739
-
* delivered on VMBUS_CONNECT_CPU.
740
-
* Also if the channel is not a performance critical
738
+
* If the channel is not a performance critical
741
739
* channel, bind it to VMBUS_CONNECT_CPU.
742
740
* In case alloc_cpumask_var() fails, bind it to
743
741
* VMBUS_CONNECT_CPU.
···
927
931
*/
928
932
channel->sig_event = VMBUS_EVENT_CONNECTION_ID;
929
933
930
-
if (vmbus_proto_version != VERSION_WS2008) {
931
-
channel->is_dedicated_interrupt =
932
-
(offer->is_dedicated_interrupt != 0);
933
-
channel->sig_event = offer->connection_id;
934
-
}
934
+
channel->is_dedicated_interrupt =
935
+
(offer->is_dedicated_interrupt != 0);
936
+
channel->sig_event = offer->connection_id;
935
937
936
938
memcpy(&channel->offermsg, offer,
937
939
sizeof(struct vmbus_channel_offer_channel));
···
969
975
return channel;
970
976
}
971
977
972
-
static bool vmbus_is_valid_device(const guid_t *guid)
978
+
static bool vmbus_is_valid_offer(const struct vmbus_channel_offer_channel *offer)
973
979
{
980
+
const guid_t *guid = &offer->offer.if_type;
974
981
u16 i;
975
982
976
983
if (!hv_is_isolation_supported())
984
+
return true;
985
+
986
+
if (is_hvsock_offer(offer))
977
987
return true;
978
988
979
989
for (i = 0; i < ARRAY_SIZE(vmbus_devs); i++) {
···
1001
1003
1002
1004
trace_vmbus_onoffer(offer);
1003
1005
1004
-
if (!vmbus_is_valid_device(&offer->offer.if_type)) {
1006
+
if (!vmbus_is_valid_offer(offer)) {
1005
1007
pr_err_ratelimited("Invalid offer %d from the host supporting isolation\n",
1006
1008
offer->child_relid);
1007
1009
atomic_dec(&vmbus_connection.offer_in_progress);
+3
-3
drivers/hv/connection.c
+3
-3
drivers/hv/connection.c
···
47
47
48
48
/*
49
49
* Table of VMBus versions listed from newest to oldest.
50
+
* VERSION_WIN7 and VERSION_WS2008 are no longer supported in
51
+
* Linux guests and are not listed.
50
52
*/
51
53
static __u32 vmbus_versions[] = {
52
54
VERSION_WIN10_V5_3,
···
58
56
VERSION_WIN10_V4_1,
59
57
VERSION_WIN10,
60
58
VERSION_WIN8_1,
61
-
VERSION_WIN8,
62
-
VERSION_WIN7,
63
-
VERSION_WS2008
59
+
VERSION_WIN8
64
60
};
65
61
66
62
/*
+16
-5
drivers/hv/hv_balloon.c
+16
-5
drivers/hv/hv_balloon.c
···
1842
1842
1843
1843
ret = balloon_connect_vsp(dev);
1844
1844
if (ret != 0)
1845
-
return ret;
1845
+
goto connect_error;
1846
1846
1847
1847
enable_page_reporting();
1848
1848
dm_device.state = DM_INITIALIZED;
···
1861
1861
dm_device.thread = NULL;
1862
1862
disable_page_reporting();
1863
1863
vmbus_close(dev->channel);
1864
+
connect_error:
1864
1865
#ifdef CONFIG_MEMORY_HOTPLUG
1865
1866
unregister_memory_notifier(&hv_memory_nb);
1866
1867
restore_online_page_callback(&hv_online_page);
···
1883
1882
cancel_work_sync(&dm->ha_wrk.wrk);
1884
1883
1885
1884
kthread_stop(dm->thread);
1886
-
disable_page_reporting();
1887
-
vmbus_close(dev->channel);
1885
+
1886
+
/*
1887
+
* This is to handle the case when balloon_resume()
1888
+
* call has failed and some cleanup has been done as
1889
+
* a part of the error handling.
1890
+
*/
1891
+
if (dm_device.state != DM_INIT_ERROR) {
1892
+
disable_page_reporting();
1893
+
vmbus_close(dev->channel);
1888
1894
#ifdef CONFIG_MEMORY_HOTPLUG
1889
-
unregister_memory_notifier(&hv_memory_nb);
1890
-
restore_online_page_callback(&hv_online_page);
1895
+
unregister_memory_notifier(&hv_memory_nb);
1896
+
restore_online_page_callback(&hv_online_page);
1891
1897
#endif
1898
+
}
1899
+
1892
1900
spin_lock_irqsave(&dm_device.ha_lock, flags);
1893
1901
list_for_each_entry_safe(has, tmp, &dm->ha_region_list, list) {
1894
1902
list_for_each_entry_safe(gap, tmp_gap, &has->gap_list, list) {
···
1958
1948
vmbus_close(dev->channel);
1959
1949
out:
1960
1950
dm_device.state = DM_INIT_ERROR;
1951
+
disable_page_reporting();
1961
1952
#ifdef CONFIG_MEMORY_HOTPLUG
1962
1953
unregister_memory_notifier(&hv_memory_nb);
1963
1954
restore_online_page_callback(&hv_online_page);
+1
-1
drivers/hv/hyperv_vmbus.h
+1
-1
drivers/hv/hyperv_vmbus.h
···
181
181
182
182
int hv_ringbuffer_write(struct vmbus_channel *channel,
183
183
const struct kvec *kv_list, u32 kv_count,
184
-
u64 requestid);
184
+
u64 requestid, u64 *trans_id);
185
185
186
186
int hv_ringbuffer_read(struct vmbus_channel *channel,
187
187
void *buffer, u32 buflen, u32 *buffer_actual_len,
+21
-27
drivers/hv/ring_buffer.c
+21
-27
drivers/hv/ring_buffer.c
···
283
283
/* Write to the ring buffer. */
284
284
int hv_ringbuffer_write(struct vmbus_channel *channel,
285
285
const struct kvec *kv_list, u32 kv_count,
286
-
u64 requestid)
286
+
u64 requestid, u64 *trans_id)
287
287
{
288
288
int i;
289
289
u32 bytes_avail_towrite;
···
294
294
unsigned long flags;
295
295
struct hv_ring_buffer_info *outring_info = &channel->outbound;
296
296
struct vmpacket_descriptor *desc = kv_list[0].iov_base;
297
-
u64 rqst_id = VMBUS_NO_RQSTOR;
297
+
u64 __trans_id, rqst_id = VMBUS_NO_RQSTOR;
298
298
299
299
if (channel->rescind)
300
300
return -ENODEV;
···
353
353
}
354
354
}
355
355
desc = hv_get_ring_buffer(outring_info) + old_write;
356
-
desc->trans_id = (rqst_id == VMBUS_NO_RQSTOR) ? requestid : rqst_id;
356
+
__trans_id = (rqst_id == VMBUS_NO_RQSTOR) ? requestid : rqst_id;
357
+
/*
358
+
* Ensure the compiler doesn't generate code that reads the value of
359
+
* the transaction ID from the ring buffer, which is shared with the
360
+
* Hyper-V host and subject to being changed at any time.
361
+
*/
362
+
WRITE_ONCE(desc->trans_id, __trans_id);
363
+
if (trans_id)
364
+
*trans_id = __trans_id;
357
365
358
366
/* Set previous packet start */
359
367
prev_indices = hv_get_ring_bufferindices(outring_info);
···
429
421
memcpy(buffer, (const char *)desc + offset, packetlen);
430
422
431
423
/* Advance ring index to next packet descriptor */
432
-
__hv_pkt_iter_next(channel, desc, true);
424
+
__hv_pkt_iter_next(channel, desc);
433
425
434
426
/* Notify host of update */
435
427
hv_pkt_iter_close(channel);
···
465
457
}
466
458
467
459
/*
468
-
* Get first vmbus packet without copying it out of the ring buffer
469
-
*/
470
-
struct vmpacket_descriptor *hv_pkt_iter_first_raw(struct vmbus_channel *channel)
471
-
{
472
-
struct hv_ring_buffer_info *rbi = &channel->inbound;
473
-
474
-
hv_debug_delay_test(channel, MESSAGE_DELAY);
475
-
476
-
if (hv_pkt_iter_avail(rbi) < sizeof(struct vmpacket_descriptor))
477
-
return NULL;
478
-
479
-
return (struct vmpacket_descriptor *)(hv_get_ring_buffer(rbi) + rbi->priv_read_index);
480
-
}
481
-
EXPORT_SYMBOL_GPL(hv_pkt_iter_first_raw);
482
-
483
-
/*
484
460
* Get first vmbus packet from ring buffer after read_index
485
461
*
486
462
* If ring buffer is empty, returns NULL and no other action needed.
···
475
483
struct vmpacket_descriptor *desc, *desc_copy;
476
484
u32 bytes_avail, pkt_len, pkt_offset;
477
485
478
-
desc = hv_pkt_iter_first_raw(channel);
479
-
if (!desc)
480
-
return NULL;
486
+
hv_debug_delay_test(channel, MESSAGE_DELAY);
481
487
482
-
bytes_avail = min(rbi->pkt_buffer_size, hv_pkt_iter_avail(rbi));
488
+
bytes_avail = hv_pkt_iter_avail(rbi);
489
+
if (bytes_avail < sizeof(struct vmpacket_descriptor))
490
+
return NULL;
491
+
bytes_avail = min(rbi->pkt_buffer_size, bytes_avail);
492
+
493
+
desc = (struct vmpacket_descriptor *)(hv_get_ring_buffer(rbi) + rbi->priv_read_index);
483
494
484
495
/*
485
496
* Ensure the compiler does not use references to incoming Hyper-V values (which
···
529
534
*/
530
535
struct vmpacket_descriptor *
531
536
__hv_pkt_iter_next(struct vmbus_channel *channel,
532
-
const struct vmpacket_descriptor *desc,
533
-
bool copy)
537
+
const struct vmpacket_descriptor *desc)
534
538
{
535
539
struct hv_ring_buffer_info *rbi = &channel->inbound;
536
540
u32 packetlen = desc->len8 << 3;
···
542
548
rbi->priv_read_index -= dsize;
543
549
544
550
/* more data? */
545
-
return copy ? hv_pkt_iter_first(channel) : hv_pkt_iter_first_raw(channel);
551
+
return hv_pkt_iter_first(channel);
546
552
}
547
553
EXPORT_SYMBOL_GPL(__hv_pkt_iter_next);
548
554
+12
-48
drivers/hv/vmbus_drv.c
+12
-48
drivers/hv/vmbus_drv.c
···
1263
1263
unsigned long *recv_int_page;
1264
1264
u32 maxbits, relid;
1265
1265
1266
-
if (vmbus_proto_version < VERSION_WIN8) {
1267
-
maxbits = MAX_NUM_CHANNELS_SUPPORTED;
1268
-
recv_int_page = vmbus_connection.recv_int_page;
1269
-
} else {
1270
-
/*
1271
-
* When the host is win8 and beyond, the event page
1272
-
* can be directly checked to get the id of the channel
1273
-
* that has the interrupt pending.
1274
-
*/
1275
-
void *page_addr = hv_cpu->synic_event_page;
1276
-
union hv_synic_event_flags *event
1277
-
= (union hv_synic_event_flags *)page_addr +
1278
-
VMBUS_MESSAGE_SINT;
1266
+
/*
1267
+
* The event page can be directly checked to get the id of
1268
+
* the channel that has the interrupt pending.
1269
+
*/
1270
+
void *page_addr = hv_cpu->synic_event_page;
1271
+
union hv_synic_event_flags *event
1272
+
= (union hv_synic_event_flags *)page_addr +
1273
+
VMBUS_MESSAGE_SINT;
1279
1274
1280
-
maxbits = HV_EVENT_FLAGS_COUNT;
1281
-
recv_int_page = event->flags;
1282
-
}
1275
+
maxbits = HV_EVENT_FLAGS_COUNT;
1276
+
recv_int_page = event->flags;
1283
1277
1284
1278
if (unlikely(!recv_int_page))
1285
1279
return;
···
1345
1351
{
1346
1352
struct hv_per_cpu_context *hv_cpu
1347
1353
= this_cpu_ptr(hv_context.cpu_context);
1348
-
void *page_addr = hv_cpu->synic_event_page;
1354
+
void *page_addr;
1349
1355
struct hv_message *msg;
1350
-
union hv_synic_event_flags *event;
1351
-
bool handled = false;
1352
1356
1353
-
if (unlikely(page_addr == NULL))
1354
-
return;
1355
-
1356
-
event = (union hv_synic_event_flags *)page_addr +
1357
-
VMBUS_MESSAGE_SINT;
1358
-
/*
1359
-
* Check for events before checking for messages. This is the order
1360
-
* in which events and messages are checked in Windows guests on
1361
-
* Hyper-V, and the Windows team suggested we do the same.
1362
-
*/
1363
-
1364
-
if ((vmbus_proto_version == VERSION_WS2008) ||
1365
-
(vmbus_proto_version == VERSION_WIN7)) {
1366
-
1367
-
/* Since we are a child, we only need to check bit 0 */
1368
-
if (sync_test_and_clear_bit(0, event->flags))
1369
-
handled = true;
1370
-
} else {
1371
-
/*
1372
-
* Our host is win8 or above. The signaling mechanism
1373
-
* has changed and we can directly look at the event page.
1374
-
* If bit n is set then we have an interrup on the channel
1375
-
* whose id is n.
1376
-
*/
1377
-
handled = true;
1378
-
}
1379
-
1380
-
if (handled)
1381
-
vmbus_chan_sched(hv_cpu);
1357
+
vmbus_chan_sched(hv_cpu);
1382
1358
1383
1359
page_addr = hv_cpu->synic_message_page;
1384
1360
msg = (struct hv_message *)page_addr + VMBUS_MESSAGE_SINT;
+182
-63
drivers/pci/controller/pci-hyperv.c
+182
-63
drivers/pci/controller/pci-hyperv.c
···
92
92
#define SLOT_NAME_SIZE 11
93
93
94
94
/*
95
+
* Size of requestor for VMbus; the value is based on the observation
96
+
* that having more than one request outstanding is 'rare', and so 64
97
+
* should be generous in ensuring that we don't ever run out.
98
+
*/
99
+
#define HV_PCI_RQSTOR_SIZE 64
100
+
101
+
/*
95
102
* Message Types
96
103
*/
97
104
···
611
604
return cfg->vector;
612
605
}
613
606
614
-
static void hv_set_msi_entry_from_desc(union hv_msi_entry *msi_entry,
615
-
struct msi_desc *msi_desc)
616
-
{
617
-
msi_entry->address.as_uint32 = msi_desc->msg.address_lo;
618
-
msi_entry->data.as_uint32 = msi_desc->msg.data;
619
-
}
620
-
621
607
static int hv_msi_prepare(struct irq_domain *domain, struct device *dev,
622
608
int nvec, msi_alloc_info_t *info)
623
609
{
624
-
return pci_msi_prepare(domain, dev, nvec, info);
610
+
int ret = pci_msi_prepare(domain, dev, nvec, info);
611
+
612
+
/*
613
+
* By using the interrupt remapper in the hypervisor IOMMU, contiguous
614
+
* CPU vectors is not needed for multi-MSI
615
+
*/
616
+
if (info->type == X86_IRQ_ALLOC_TYPE_PCI_MSI)
617
+
info->flags &= ~X86_IRQ_ALLOC_CONTIGUOUS_VECTORS;
618
+
619
+
return ret;
625
620
}
626
621
627
622
/**
···
640
631
{
641
632
struct msi_desc *msi_desc = irq_data_get_msi_desc(data);
642
633
struct hv_retarget_device_interrupt *params;
634
+
struct tran_int_desc *int_desc;
643
635
struct hv_pcibus_device *hbus;
644
636
struct cpumask *dest;
645
637
cpumask_var_t tmp;
···
655
645
pdev = msi_desc_to_pci_dev(msi_desc);
656
646
pbus = pdev->bus;
657
647
hbus = container_of(pbus->sysdata, struct hv_pcibus_device, sysdata);
648
+
int_desc = data->chip_data;
658
649
659
650
spin_lock_irqsave(&hbus->retarget_msi_interrupt_lock, flags);
660
651
···
663
652
memset(params, 0, sizeof(*params));
664
653
params->partition_id = HV_PARTITION_ID_SELF;
665
654
params->int_entry.source = HV_INTERRUPT_SOURCE_MSI;
666
-
hv_set_msi_entry_from_desc(¶ms->int_entry.msi_entry, msi_desc);
655
+
params->int_entry.msi_entry.address.as_uint32 = int_desc->address & 0xffffffff;
656
+
params->int_entry.msi_entry.data.as_uint32 = int_desc->data;
667
657
params->device_id = (hbus->hdev->dev_instance.b[5] << 24) |
668
658
(hbus->hdev->dev_instance.b[4] << 16) |
669
659
(hbus->hdev->dev_instance.b[7] << 8) |
···
981
969
{
982
970
struct hv_pci_compl *comp_pkt = context;
983
971
984
-
if (resp_packet_size >= offsetofend(struct pci_response, status))
985
-
comp_pkt->completion_status = resp->status;
986
-
else
987
-
comp_pkt->completion_status = -1;
988
-
972
+
comp_pkt->completion_status = resp->status;
989
973
complete(&comp_pkt->host_event);
990
974
}
991
975
···
1521
1513
u8 buffer[sizeof(struct pci_delete_interrupt)];
1522
1514
} ctxt;
1523
1515
1516
+
if (!int_desc->vector_count) {
1517
+
kfree(int_desc);
1518
+
return;
1519
+
}
1524
1520
memset(&ctxt, 0, sizeof(ctxt));
1525
1521
int_pkt = (struct pci_delete_interrupt *)&ctxt.pkt.message;
1526
1522
int_pkt->message_type.type =
···
1532
1520
int_pkt->wslot.slot = hpdev->desc.win_slot.slot;
1533
1521
int_pkt->int_desc = *int_desc;
1534
1522
vmbus_sendpacket(hpdev->hbus->hdev->channel, int_pkt, sizeof(*int_pkt),
1535
-
(unsigned long)&ctxt.pkt, VM_PKT_DATA_INBAND, 0);
1523
+
0, VM_PKT_DATA_INBAND, 0);
1536
1524
kfree(int_desc);
1537
1525
}
1538
1526
···
1602
1590
struct pci_create_int_response *int_resp =
1603
1591
(struct pci_create_int_response *)resp;
1604
1592
1593
+
if (resp_packet_size < sizeof(*int_resp)) {
1594
+
comp_pkt->comp_pkt.completion_status = -1;
1595
+
goto out;
1596
+
}
1605
1597
comp_pkt->comp_pkt.completion_status = resp->status;
1606
1598
comp_pkt->int_desc = int_resp->int_desc;
1599
+
out:
1607
1600
complete(&comp_pkt->comp_pkt.host_event);
1608
1601
}
1609
1602
1610
1603
static u32 hv_compose_msi_req_v1(
1611
1604
struct pci_create_interrupt *int_pkt, struct cpumask *affinity,
1612
-
u32 slot, u8 vector)
1605
+
u32 slot, u8 vector, u8 vector_count)
1613
1606
{
1614
1607
int_pkt->message_type.type = PCI_CREATE_INTERRUPT_MESSAGE;
1615
1608
int_pkt->wslot.slot = slot;
1616
1609
int_pkt->int_desc.vector = vector;
1617
-
int_pkt->int_desc.vector_count = 1;
1610
+
int_pkt->int_desc.vector_count = vector_count;
1618
1611
int_pkt->int_desc.delivery_mode = DELIVERY_MODE;
1619
1612
1620
1613
/*
···
1642
1625
1643
1626
static u32 hv_compose_msi_req_v2(
1644
1627
struct pci_create_interrupt2 *int_pkt, struct cpumask *affinity,
1645
-
u32 slot, u8 vector)
1628
+
u32 slot, u8 vector, u8 vector_count)
1646
1629
{
1647
1630
int cpu;
1648
1631
1649
1632
int_pkt->message_type.type = PCI_CREATE_INTERRUPT_MESSAGE2;
1650
1633
int_pkt->wslot.slot = slot;
1651
1634
int_pkt->int_desc.vector = vector;
1652
-
int_pkt->int_desc.vector_count = 1;
1635
+
int_pkt->int_desc.vector_count = vector_count;
1653
1636
int_pkt->int_desc.delivery_mode = DELIVERY_MODE;
1654
1637
cpu = hv_compose_msi_req_get_cpu(affinity);
1655
1638
int_pkt->int_desc.processor_array[0] =
···
1661
1644
1662
1645
static u32 hv_compose_msi_req_v3(
1663
1646
struct pci_create_interrupt3 *int_pkt, struct cpumask *affinity,
1664
-
u32 slot, u32 vector)
1647
+
u32 slot, u32 vector, u8 vector_count)
1665
1648
{
1666
1649
int cpu;
1667
1650
···
1669
1652
int_pkt->wslot.slot = slot;
1670
1653
int_pkt->int_desc.vector = vector;
1671
1654
int_pkt->int_desc.reserved = 0;
1672
-
int_pkt->int_desc.vector_count = 1;
1655
+
int_pkt->int_desc.vector_count = vector_count;
1673
1656
int_pkt->int_desc.delivery_mode = DELIVERY_MODE;
1674
1657
cpu = hv_compose_msi_req_get_cpu(affinity);
1675
1658
int_pkt->int_desc.processor_array[0] =
···
1700
1683
struct cpumask *dest;
1701
1684
struct compose_comp_ctxt comp;
1702
1685
struct tran_int_desc *int_desc;
1686
+
struct msi_desc *msi_desc;
1687
+
u8 vector, vector_count;
1703
1688
struct {
1704
1689
struct pci_packet pci_pkt;
1705
1690
union {
···
1710
1691
struct pci_create_interrupt3 v3;
1711
1692
} int_pkts;
1712
1693
} __packed ctxt;
1713
-
1694
+
u64 trans_id;
1714
1695
u32 size;
1715
1696
int ret;
1716
1697
1717
-
pdev = msi_desc_to_pci_dev(irq_data_get_msi_desc(data));
1698
+
/* Reuse the previous allocation */
1699
+
if (data->chip_data) {
1700
+
int_desc = data->chip_data;
1701
+
msg->address_hi = int_desc->address >> 32;
1702
+
msg->address_lo = int_desc->address & 0xffffffff;
1703
+
msg->data = int_desc->data;
1704
+
return;
1705
+
}
1706
+
1707
+
msi_desc = irq_data_get_msi_desc(data);
1708
+
pdev = msi_desc_to_pci_dev(msi_desc);
1718
1709
dest = irq_data_get_effective_affinity_mask(data);
1719
1710
pbus = pdev->bus;
1720
1711
hbus = container_of(pbus->sysdata, struct hv_pcibus_device, sysdata);
···
1733
1704
if (!hpdev)
1734
1705
goto return_null_message;
1735
1706
1736
-
/* Free any previous message that might have already been composed. */
1737
-
if (data->chip_data) {
1738
-
int_desc = data->chip_data;
1739
-
data->chip_data = NULL;
1740
-
hv_int_desc_free(hpdev, int_desc);
1741
-
}
1742
-
1743
1707
int_desc = kzalloc(sizeof(*int_desc), GFP_ATOMIC);
1744
1708
if (!int_desc)
1745
1709
goto drop_reference;
1710
+
1711
+
if (!msi_desc->pci.msi_attrib.is_msix && msi_desc->nvec_used > 1) {
1712
+
/*
1713
+
* If this is not the first MSI of Multi MSI, we already have
1714
+
* a mapping. Can exit early.
1715
+
*/
1716
+
if (msi_desc->irq != data->irq) {
1717
+
data->chip_data = int_desc;
1718
+
int_desc->address = msi_desc->msg.address_lo |
1719
+
(u64)msi_desc->msg.address_hi << 32;
1720
+
int_desc->data = msi_desc->msg.data +
1721
+
(data->irq - msi_desc->irq);
1722
+
msg->address_hi = msi_desc->msg.address_hi;
1723
+
msg->address_lo = msi_desc->msg.address_lo;
1724
+
msg->data = int_desc->data;
1725
+
put_pcichild(hpdev);
1726
+
return;
1727
+
}
1728
+
/*
1729
+
* The vector we select here is a dummy value. The correct
1730
+
* value gets sent to the hypervisor in unmask(). This needs
1731
+
* to be aligned with the count, and also not zero. Multi-msi
1732
+
* is powers of 2 up to 32, so 32 will always work here.
1733
+
*/
1734
+
vector = 32;
1735
+
vector_count = msi_desc->nvec_used;
1736
+
} else {
1737
+
vector = hv_msi_get_int_vector(data);
1738
+
vector_count = 1;
1739
+
}
1746
1740
1747
1741
memset(&ctxt, 0, sizeof(ctxt));
1748
1742
init_completion(&comp.comp_pkt.host_event);
···
1777
1725
size = hv_compose_msi_req_v1(&ctxt.int_pkts.v1,
1778
1726
dest,
1779
1727
hpdev->desc.win_slot.slot,
1780
-
hv_msi_get_int_vector(data));
1728
+
vector,
1729
+
vector_count);
1781
1730
break;
1782
1731
1783
1732
case PCI_PROTOCOL_VERSION_1_2:
···
1786
1733
size = hv_compose_msi_req_v2(&ctxt.int_pkts.v2,
1787
1734
dest,
1788
1735
hpdev->desc.win_slot.slot,
1789
-
hv_msi_get_int_vector(data));
1736
+
vector,
1737
+
vector_count);
1790
1738
break;
1791
1739
1792
1740
case PCI_PROTOCOL_VERSION_1_4:
1793
1741
size = hv_compose_msi_req_v3(&ctxt.int_pkts.v3,
1794
1742
dest,
1795
1743
hpdev->desc.win_slot.slot,
1796
-
hv_msi_get_int_vector(data));
1744
+
vector,
1745
+
vector_count);
1797
1746
break;
1798
1747
1799
1748
default:
···
1808
1753
goto free_int_desc;
1809
1754
}
1810
1755
1811
-
ret = vmbus_sendpacket(hpdev->hbus->hdev->channel, &ctxt.int_pkts,
1812
-
size, (unsigned long)&ctxt.pci_pkt,
1813
-
VM_PKT_DATA_INBAND,
1814
-
VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
1756
+
ret = vmbus_sendpacket_getid(hpdev->hbus->hdev->channel, &ctxt.int_pkts,
1757
+
size, (unsigned long)&ctxt.pci_pkt,
1758
+
&trans_id, VM_PKT_DATA_INBAND,
1759
+
VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
1815
1760
if (ret) {
1816
1761
dev_err(&hbus->hdev->device,
1817
1762
"Sending request for interrupt failed: 0x%x",
···
1890
1835
1891
1836
enable_tasklet:
1892
1837
tasklet_enable(&channel->callback_event);
1838
+
/*
1839
+
* The completion packet on the stack becomes invalid after 'return';
1840
+
* remove the ID from the VMbus requestor if the identifier is still
1841
+
* mapped to/associated with the packet. (The identifier could have
1842
+
* been 're-used', i.e., already removed and (re-)mapped.)
1843
+
*
1844
+
* Cf. hv_pci_onchannelcallback().
1845
+
*/
1846
+
vmbus_request_addr_match(channel, trans_id, (unsigned long)&ctxt.pci_pkt);
1893
1847
free_int_desc:
1894
1848
kfree(int_desc);
1895
1849
drop_reference:
···
2146
2082
}
2147
2083
}
2148
2084
if (high_size <= 1 && low_size <= 1) {
2149
-
/* Set the memory enable bit. */
2150
-
_hv_pcifront_read_config(hpdev, PCI_COMMAND, 2,
2151
-
&command);
2152
-
command |= PCI_COMMAND_MEMORY;
2153
-
_hv_pcifront_write_config(hpdev, PCI_COMMAND, 2,
2154
-
command);
2085
+
/*
2086
+
* No need to set the PCI_COMMAND_MEMORY bit as
2087
+
* the core PCI driver doesn't require the bit
2088
+
* to be pre-set. Actually here we intentionally
2089
+
* keep the bit off so that the PCI BAR probing
2090
+
* in the core PCI driver doesn't cause Hyper-V
2091
+
* to unnecessarily unmap/map the virtual BARs
2092
+
* from/to the physical BARs multiple times.
2093
+
* This reduces the VM boot time significantly
2094
+
* if the BAR sizes are huge.
2095
+
*/
2155
2096
break;
2156
2097
}
2157
2098
}
···
2292
2223
struct q_res_req_compl *completion = context;
2293
2224
struct pci_q_res_req_response *q_res_req =
2294
2225
(struct pci_q_res_req_response *)resp;
2226
+
s32 status;
2295
2227
int i;
2296
2228
2297
-
if (resp->status < 0) {
2229
+
status = (resp_packet_size < sizeof(*q_res_req)) ? -1 : resp->status;
2230
+
if (status < 0) {
2298
2231
dev_err(&completion->hpdev->hbus->hdev->device,
2299
2232
"query resource requirements failed: %x\n",
2300
-
resp->status);
2233
+
status);
2301
2234
} else {
2302
2235
for (i = 0; i < PCI_STD_NUM_BARS; i++) {
2303
2236
completion->hpdev->probed_bar[i] =
···
2723
2652
ejct_pkt->message_type.type = PCI_EJECTION_COMPLETE;
2724
2653
ejct_pkt->wslot.slot = hpdev->desc.win_slot.slot;
2725
2654
vmbus_sendpacket(hbus->hdev->channel, ejct_pkt,
2726
-
sizeof(*ejct_pkt), (unsigned long)&ctxt.pkt,
2655
+
sizeof(*ejct_pkt), 0,
2727
2656
VM_PKT_DATA_INBAND, 0);
2728
2657
2729
2658
/* For the get_pcichild() in hv_pci_eject_device() */
···
2770
2699
const int packet_size = 0x100;
2771
2700
int ret;
2772
2701
struct hv_pcibus_device *hbus = context;
2702
+
struct vmbus_channel *chan = hbus->hdev->channel;
2773
2703
u32 bytes_recvd;
2774
-
u64 req_id;
2704
+
u64 req_id, req_addr;
2775
2705
struct vmpacket_descriptor *desc;
2776
2706
unsigned char *buffer;
2777
2707
int bufferlen = packet_size;
···
2784
2712
struct pci_dev_inval_block *inval;
2785
2713
struct pci_dev_incoming *dev_message;
2786
2714
struct hv_pci_dev *hpdev;
2715
+
unsigned long flags;
2787
2716
2788
2717
buffer = kmalloc(bufferlen, GFP_ATOMIC);
2789
2718
if (!buffer)
2790
2719
return;
2791
2720
2792
2721
while (1) {
2793
-
ret = vmbus_recvpacket_raw(hbus->hdev->channel, buffer,
2794
-
bufferlen, &bytes_recvd, &req_id);
2722
+
ret = vmbus_recvpacket_raw(chan, buffer, bufferlen,
2723
+
&bytes_recvd, &req_id);
2795
2724
2796
2725
if (ret == -ENOBUFS) {
2797
2726
kfree(buffer);
···
2819
2746
switch (desc->type) {
2820
2747
case VM_PKT_COMP:
2821
2748
2822
-
/*
2823
-
* The host is trusted, and thus it's safe to interpret
2824
-
* this transaction ID as a pointer.
2825
-
*/
2826
-
comp_packet = (struct pci_packet *)req_id;
2749
+
lock_requestor(chan, flags);
2750
+
req_addr = __vmbus_request_addr_match(chan, req_id,
2751
+
VMBUS_RQST_ADDR_ANY);
2752
+
if (req_addr == VMBUS_RQST_ERROR) {
2753
+
unlock_requestor(chan, flags);
2754
+
dev_err(&hbus->hdev->device,
2755
+
"Invalid transaction ID %llx\n",
2756
+
req_id);
2757
+
break;
2758
+
}
2759
+
comp_packet = (struct pci_packet *)req_addr;
2827
2760
response = (struct pci_response *)buffer;
2761
+
/*
2762
+
* Call ->completion_func() within the critical section to make
2763
+
* sure that the packet pointer is still valid during the call:
2764
+
* here 'valid' means that there's a task still waiting for the
2765
+
* completion, and that the packet data is still on the waiting
2766
+
* task's stack. Cf. hv_compose_msi_msg().
2767
+
*/
2828
2768
comp_packet->completion_func(comp_packet->compl_ctxt,
2829
2769
response,
2830
2770
bytes_recvd);
2771
+
unlock_requestor(chan, flags);
2831
2772
break;
2832
2773
2833
2774
case VM_PKT_DATA_INBAND:
···
2851
2764
case PCI_BUS_RELATIONS:
2852
2765
2853
2766
bus_rel = (struct pci_bus_relations *)buffer;
2854
-
if (bytes_recvd <
2767
+
if (bytes_recvd < sizeof(*bus_rel) ||
2768
+
bytes_recvd <
2855
2769
struct_size(bus_rel, func,
2856
2770
bus_rel->device_count)) {
2857
2771
dev_err(&hbus->hdev->device,
···
2866
2778
case PCI_BUS_RELATIONS2:
2867
2779
2868
2780
bus_rel2 = (struct pci_bus_relations2 *)buffer;
2869
-
if (bytes_recvd <
2781
+
if (bytes_recvd < sizeof(*bus_rel2) ||
2782
+
bytes_recvd <
2870
2783
struct_size(bus_rel2, func,
2871
2784
bus_rel2->device_count)) {
2872
2785
dev_err(&hbus->hdev->device,
···
2881
2792
case PCI_EJECT:
2882
2793
2883
2794
dev_message = (struct pci_dev_incoming *)buffer;
2795
+
if (bytes_recvd < sizeof(*dev_message)) {
2796
+
dev_err(&hbus->hdev->device,
2797
+
"eject message too small\n");
2798
+
break;
2799
+
}
2884
2800
hpdev = get_pcichild_wslot(hbus,
2885
2801
dev_message->wslot.slot);
2886
2802
if (hpdev) {
···
2897
2803
case PCI_INVALIDATE_BLOCK:
2898
2804
2899
2805
inval = (struct pci_dev_inval_block *)buffer;
2806
+
if (bytes_recvd < sizeof(*inval)) {
2807
+
dev_err(&hbus->hdev->device,
2808
+
"invalidate message too small\n");
2809
+
break;
2810
+
}
2900
2811
hpdev = get_pcichild_wslot(hbus,
2901
2812
inval->wslot.slot);
2902
2813
if (hpdev) {
···
3530
3431
goto free_dom;
3531
3432
}
3532
3433
3434
+
hdev->channel->next_request_id_callback = vmbus_next_request_id;
3435
+
hdev->channel->request_addr_callback = vmbus_request_addr;
3436
+
hdev->channel->rqstor_size = HV_PCI_RQSTOR_SIZE;
3437
+
3533
3438
ret = vmbus_open(hdev->channel, pci_ring_size, pci_ring_size, NULL, 0,
3534
3439
hv_pci_onchannelcallback, hbus);
3535
3440
if (ret)
···
3664
3561
static int hv_pci_bus_exit(struct hv_device *hdev, bool keep_devs)
3665
3562
{
3666
3563
struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3564
+
struct vmbus_channel *chan = hdev->channel;
3667
3565
struct {
3668
3566
struct pci_packet teardown_packet;
3669
3567
u8 buffer[sizeof(struct pci_message)];
···
3672
3568
struct hv_pci_compl comp_pkt;
3673
3569
struct hv_pci_dev *hpdev, *tmp;
3674
3570
unsigned long flags;
3571
+
u64 trans_id;
3675
3572
int ret;
3676
3573
3677
3574
/*
3678
3575
* After the host sends the RESCIND_CHANNEL message, it doesn't
3679
3576
* access the per-channel ringbuffer any longer.
3680
3577
*/
3681
-
if (hdev->channel->rescind)
3578
+
if (chan->rescind)
3682
3579
return 0;
3683
3580
3684
3581
if (!keep_devs) {
···
3716
3611
pkt.teardown_packet.compl_ctxt = &comp_pkt;
3717
3612
pkt.teardown_packet.message[0].type = PCI_BUS_D0EXIT;
3718
3613
3719
-
ret = vmbus_sendpacket(hdev->channel, &pkt.teardown_packet.message,
3720
-
sizeof(struct pci_message),
3721
-
(unsigned long)&pkt.teardown_packet,
3722
-
VM_PKT_DATA_INBAND,
3723
-
VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
3614
+
ret = vmbus_sendpacket_getid(chan, &pkt.teardown_packet.message,
3615
+
sizeof(struct pci_message),
3616
+
(unsigned long)&pkt.teardown_packet,
3617
+
&trans_id, VM_PKT_DATA_INBAND,
3618
+
VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
3724
3619
if (ret)
3725
3620
return ret;
3726
3621
3727
-
if (wait_for_completion_timeout(&comp_pkt.host_event, 10 * HZ) == 0)
3622
+
if (wait_for_completion_timeout(&comp_pkt.host_event, 10 * HZ) == 0) {
3623
+
/*
3624
+
* The completion packet on the stack becomes invalid after
3625
+
* 'return'; remove the ID from the VMbus requestor if the
3626
+
* identifier is still mapped to/associated with the packet.
3627
+
*
3628
+
* Cf. hv_pci_onchannelcallback().
3629
+
*/
3630
+
vmbus_request_addr_match(chan, trans_id,
3631
+
(unsigned long)&pkt.teardown_packet);
3728
3632
return -ETIMEDOUT;
3633
+
}
3729
3634
3730
3635
return 0;
3731
3636
}
···
3875
3760
int ret;
3876
3761
3877
3762
hbus->state = hv_pcibus_init;
3763
+
3764
+
hdev->channel->next_request_id_callback = vmbus_next_request_id;
3765
+
hdev->channel->request_addr_callback = vmbus_request_addr;
3766
+
hdev->channel->rqstor_size = HV_PCI_RQSTOR_SIZE;
3878
3767
3879
3768
ret = vmbus_open(hdev->channel, pci_ring_size, pci_ring_size, NULL, 0,
3880
3769
hv_pci_onchannelcallback, hbus);
+48
-143
drivers/scsi/storvsc_drv.c
+48
-143
drivers/scsi/storvsc_drv.c
···
54
54
55
55
#define VMSTOR_PROTO_VERSION(MAJOR_, MINOR_) ((((MAJOR_) & 0xff) << 8) | \
56
56
(((MINOR_) & 0xff)))
57
-
58
57
#define VMSTOR_PROTO_VERSION_WIN6 VMSTOR_PROTO_VERSION(2, 0)
59
58
#define VMSTOR_PROTO_VERSION_WIN7 VMSTOR_PROTO_VERSION(4, 2)
60
59
#define VMSTOR_PROTO_VERSION_WIN8 VMSTOR_PROTO_VERSION(5, 1)
···
135
136
*/
136
137
#define STORVSC_MAX_CMD_LEN 0x10
137
138
138
-
#define POST_WIN7_STORVSC_SENSE_BUFFER_SIZE 0x14
139
-
#define PRE_WIN8_STORVSC_SENSE_BUFFER_SIZE 0x12
140
-
139
+
/* Sense buffer size is the same for all versions since Windows 8 */
141
140
#define STORVSC_SENSE_BUFFER_SIZE 0x14
142
141
#define STORVSC_MAX_BUF_LEN_WITH_PADDING 0x14
143
-
144
-
/*
145
-
* Sense buffer size changed in win8; have a run-time
146
-
* variable to track the size we should use. This value will
147
-
* likely change during protocol negotiation but it is valid
148
-
* to start by assuming pre-Win8.
149
-
*/
150
-
static int sense_buffer_size = PRE_WIN8_STORVSC_SENSE_BUFFER_SIZE;
151
142
152
143
/*
153
144
* The storage protocol version is determined during the
···
166
177
dev_warn(&(dev)->device, fmt, ##__VA_ARGS__); \
167
178
} while (0)
168
179
169
-
struct vmscsi_win8_extension {
170
-
/*
171
-
* The following were added in Windows 8
172
-
*/
173
-
u16 reserve;
174
-
u8 queue_tag;
175
-
u8 queue_action;
176
-
u32 srb_flags;
177
-
u32 time_out_value;
178
-
u32 queue_sort_ey;
179
-
} __packed;
180
-
181
180
struct vmscsi_request {
182
181
u16 length;
183
182
u8 srb_status;
···
191
214
/*
192
215
* The following was added in win8.
193
216
*/
194
-
struct vmscsi_win8_extension win8_extension;
217
+
u16 reserve;
218
+
u8 queue_tag;
219
+
u8 queue_action;
220
+
u32 srb_flags;
221
+
u32 time_out_value;
222
+
u32 queue_sort_ey;
195
223
196
224
} __attribute((packed));
197
225
198
226
/*
199
-
* The list of storage protocols in order of preference.
227
+
* The list of windows version in order of preference.
200
228
*/
201
-
struct vmstor_protocol {
202
-
int protocol_version;
203
-
int sense_buffer_size;
204
-
int vmscsi_size_delta;
205
-
};
206
229
207
-
208
-
static const struct vmstor_protocol vmstor_protocols[] = {
209
-
{
230
+
static const int protocol_version[] = {
210
231
VMSTOR_PROTO_VERSION_WIN10,
211
-
POST_WIN7_STORVSC_SENSE_BUFFER_SIZE,
212
-
0
213
-
},
214
-
{
215
232
VMSTOR_PROTO_VERSION_WIN8_1,
216
-
POST_WIN7_STORVSC_SENSE_BUFFER_SIZE,
217
-
0
218
-
},
219
-
{
220
233
VMSTOR_PROTO_VERSION_WIN8,
221
-
POST_WIN7_STORVSC_SENSE_BUFFER_SIZE,
222
-
0
223
-
},
224
-
{
225
-
VMSTOR_PROTO_VERSION_WIN7,
226
-
PRE_WIN8_STORVSC_SENSE_BUFFER_SIZE,
227
-
sizeof(struct vmscsi_win8_extension),
228
-
},
229
-
{
230
-
VMSTOR_PROTO_VERSION_WIN6,
231
-
PRE_WIN8_STORVSC_SENSE_BUFFER_SIZE,
232
-
sizeof(struct vmscsi_win8_extension),
233
-
}
234
234
};
235
235
236
236
···
363
409
#define STORVSC_IDE_MAX_CHANNELS 1
364
410
365
411
/*
366
-
* Upper bound on the size of a storvsc packet. vmscsi_size_delta is not
367
-
* included in the calculation because it is set after STORVSC_MAX_PKT_SIZE
368
-
* is used in storvsc_connect_to_vsp
412
+
* Upper bound on the size of a storvsc packet.
369
413
*/
370
414
#define STORVSC_MAX_PKT_SIZE (sizeof(struct vmpacket_descriptor) +\
371
415
sizeof(struct vstor_packet))
···
403
451
unsigned int port_number;
404
452
unsigned char path_id;
405
453
unsigned char target_id;
406
-
407
-
/*
408
-
* The size of the vmscsi_request has changed in win8. The
409
-
* additional size is because of new elements added to the
410
-
* structure. These elements are valid only when we are talking
411
-
* to a win8 host.
412
-
* Track the correction to size we need to apply. This value
413
-
* will likely change during protocol negotiation but it is
414
-
* valid to start by assuming pre-Win8.
415
-
*/
416
-
int vmscsi_size_delta;
417
454
418
455
/*
419
456
* Max I/O, the device can support.
···
736
795
vstor_packet->sub_channel_count = num_sc;
737
796
738
797
ret = vmbus_sendpacket(device->channel, vstor_packet,
739
-
(sizeof(struct vstor_packet) -
740
-
stor_device->vmscsi_size_delta),
798
+
sizeof(struct vstor_packet),
741
799
VMBUS_RQST_INIT,
742
800
VM_PKT_DATA_INBAND,
743
801
VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
···
804
864
vstor_packet->flags = REQUEST_COMPLETION_FLAG;
805
865
806
866
ret = vmbus_sendpacket(device->channel, vstor_packet,
807
-
(sizeof(struct vstor_packet) -
808
-
stor_device->vmscsi_size_delta),
867
+
sizeof(struct vstor_packet),
809
868
VMBUS_RQST_INIT,
810
869
VM_PKT_DATA_INBAND,
811
870
VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
···
854
915
* Query host supported protocol version.
855
916
*/
856
917
857
-
for (i = 0; i < ARRAY_SIZE(vmstor_protocols); i++) {
918
+
for (i = 0; i < ARRAY_SIZE(protocol_version); i++) {
858
919
/* reuse the packet for version range supported */
859
920
memset(vstor_packet, 0, sizeof(struct vstor_packet));
860
921
vstor_packet->operation =
861
922
VSTOR_OPERATION_QUERY_PROTOCOL_VERSION;
862
923
863
-
vstor_packet->version.major_minor =
864
-
vmstor_protocols[i].protocol_version;
924
+
vstor_packet->version.major_minor = protocol_version[i];
865
925
866
926
/*
867
927
* The revision number is only used in Windows; set it to 0.
···
874
936
return -EINVAL;
875
937
876
938
if (vstor_packet->status == 0) {
877
-
vmstor_proto_version =
878
-
vmstor_protocols[i].protocol_version;
879
-
880
-
sense_buffer_size =
881
-
vmstor_protocols[i].sense_buffer_size;
882
-
883
-
stor_device->vmscsi_size_delta =
884
-
vmstor_protocols[i].vmscsi_size_delta;
939
+
vmstor_proto_version = protocol_version[i];
885
940
886
941
break;
887
942
}
888
943
}
889
944
890
-
if (vstor_packet->status != 0)
945
+
if (vstor_packet->status != 0) {
946
+
dev_err(&device->device, "Obsolete Hyper-V version\n");
891
947
return -EINVAL;
948
+
}
892
949
893
950
894
951
memset(vstor_packet, 0, sizeof(struct vstor_packet));
···
919
986
cpumask_set_cpu(device->channel->target_cpu,
920
987
&stor_device->alloced_cpus);
921
988
922
-
if (vmstor_proto_version >= VMSTOR_PROTO_VERSION_WIN8) {
923
-
if (vstor_packet->storage_channel_properties.flags &
924
-
STORAGE_CHANNEL_SUPPORTS_MULTI_CHANNEL)
925
-
process_sub_channels = true;
926
-
}
989
+
if (vstor_packet->storage_channel_properties.flags &
990
+
STORAGE_CHANNEL_SUPPORTS_MULTI_CHANNEL)
991
+
process_sub_channels = true;
992
+
927
993
stor_device->max_transfer_bytes =
928
994
vstor_packet->storage_channel_properties.max_transfer_bytes;
929
995
···
1129
1197
* Copy over the sense_info_length, but limit to the known max
1130
1198
* size if Hyper-V returns a bad value.
1131
1199
*/
1132
-
stor_pkt->vm_srb.sense_info_length = min_t(u8, sense_buffer_size,
1200
+
stor_pkt->vm_srb.sense_info_length = min_t(u8, STORVSC_SENSE_BUFFER_SIZE,
1133
1201
vstor_packet->vm_srb.sense_info_length);
1134
1202
1135
1203
if (vstor_packet->vm_srb.scsi_status != 0 ||
···
1221
1289
struct storvsc_cmd_request *request = NULL;
1222
1290
u32 pktlen = hv_pkt_datalen(desc);
1223
1291
u64 rqst_id = desc->trans_id;
1224
-
u32 minlen = rqst_id ? sizeof(struct vstor_packet) -
1225
-
stor_device->vmscsi_size_delta : sizeof(enum vstor_packet_operation);
1292
+
u32 minlen = rqst_id ? sizeof(struct vstor_packet) :
1293
+
sizeof(enum vstor_packet_operation);
1226
1294
1227
1295
if (pktlen < minlen) {
1228
1296
dev_err(&device->device,
···
1278
1346
}
1279
1347
1280
1348
memcpy(&request->vstor_packet, packet,
1281
-
(sizeof(struct vstor_packet) - stor_device->vmscsi_size_delta));
1349
+
sizeof(struct vstor_packet));
1282
1350
complete(&request->wait_event);
1283
1351
}
1284
1352
}
···
1489
1557
found_channel:
1490
1558
vstor_packet->flags |= REQUEST_COMPLETION_FLAG;
1491
1559
1492
-
vstor_packet->vm_srb.length = (sizeof(struct vmscsi_request) -
1493
-
stor_device->vmscsi_size_delta);
1560
+
vstor_packet->vm_srb.length = sizeof(struct vmscsi_request);
1494
1561
1495
1562
1496
-
vstor_packet->vm_srb.sense_info_length = sense_buffer_size;
1563
+
vstor_packet->vm_srb.sense_info_length = STORVSC_SENSE_BUFFER_SIZE;
1497
1564
1498
1565
1499
1566
vstor_packet->vm_srb.data_transfer_length =
···
1505
1574
ret = vmbus_sendpacket_mpb_desc(outgoing_channel,
1506
1575
request->payload, request->payload_sz,
1507
1576
vstor_packet,
1508
-
(sizeof(struct vstor_packet) -
1509
-
stor_device->vmscsi_size_delta),
1577
+
sizeof(struct vstor_packet),
1510
1578
(unsigned long)request);
1511
1579
} else {
1512
1580
ret = vmbus_sendpacket(outgoing_channel, vstor_packet,
1513
-
(sizeof(struct vstor_packet) -
1514
-
stor_device->vmscsi_size_delta),
1581
+
sizeof(struct vstor_packet),
1515
1582
(unsigned long)request,
1516
1583
VM_PKT_DATA_INBAND,
1517
1584
VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
···
1613
1684
vstor_packet->vm_srb.path_id = stor_device->path_id;
1614
1685
1615
1686
ret = vmbus_sendpacket(device->channel, vstor_packet,
1616
-
(sizeof(struct vstor_packet) -
1617
-
stor_device->vmscsi_size_delta),
1687
+
sizeof(struct vstor_packet),
1618
1688
VMBUS_RQST_RESET,
1619
1689
VM_PKT_DATA_INBAND,
1620
1690
VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
···
1706
1778
1707
1779
memset(&cmd_request->vstor_packet, 0, sizeof(struct vstor_packet));
1708
1780
vm_srb = &cmd_request->vstor_packet.vm_srb;
1709
-
vm_srb->win8_extension.time_out_value = 60;
1781
+
vm_srb->time_out_value = 60;
1710
1782
1711
-
vm_srb->win8_extension.srb_flags |=
1783
+
vm_srb->srb_flags |=
1712
1784
SRB_FLAGS_DISABLE_SYNCH_TRANSFER;
1713
1785
1714
1786
if (scmnd->device->tagged_supported) {
1715
-
vm_srb->win8_extension.srb_flags |=
1787
+
vm_srb->srb_flags |=
1716
1788
(SRB_FLAGS_QUEUE_ACTION_ENABLE | SRB_FLAGS_NO_QUEUE_FREEZE);
1717
-
vm_srb->win8_extension.queue_tag = SP_UNTAGGED;
1718
-
vm_srb->win8_extension.queue_action = SRB_SIMPLE_TAG_REQUEST;
1789
+
vm_srb->queue_tag = SP_UNTAGGED;
1790
+
vm_srb->queue_action = SRB_SIMPLE_TAG_REQUEST;
1719
1791
}
1720
1792
1721
1793
/* Build the SRB */
1722
1794
switch (scmnd->sc_data_direction) {
1723
1795
case DMA_TO_DEVICE:
1724
1796
vm_srb->data_in = WRITE_TYPE;
1725
-
vm_srb->win8_extension.srb_flags |= SRB_FLAGS_DATA_OUT;
1797
+
vm_srb->srb_flags |= SRB_FLAGS_DATA_OUT;
1726
1798
break;
1727
1799
case DMA_FROM_DEVICE:
1728
1800
vm_srb->data_in = READ_TYPE;
1729
-
vm_srb->win8_extension.srb_flags |= SRB_FLAGS_DATA_IN;
1801
+
vm_srb->srb_flags |= SRB_FLAGS_DATA_IN;
1730
1802
break;
1731
1803
case DMA_NONE:
1732
1804
vm_srb->data_in = UNKNOWN_TYPE;
1733
-
vm_srb->win8_extension.srb_flags |= SRB_FLAGS_NO_DATA_TRANSFER;
1805
+
vm_srb->srb_flags |= SRB_FLAGS_NO_DATA_TRANSFER;
1734
1806
break;
1735
1807
default:
1736
1808
/*
···
1894
1966
bool is_fc = ((dev_id->driver_data == SFC_GUID) ? true : false);
1895
1967
int target = 0;
1896
1968
struct storvsc_device *stor_device;
1897
-
int max_luns_per_target;
1898
-
int max_targets;
1899
-
int max_channels;
1900
1969
int max_sub_channels = 0;
1901
1970
1902
1971
/*
1903
-
* Based on the windows host we are running on,
1904
-
* set state to properly communicate with the host.
1972
+
* We support sub-channels for storage on SCSI and FC controllers.
1973
+
* The number of sub-channels offerred is based on the number of
1974
+
* VCPUs in the guest.
1905
1975
*/
1906
-
1907
-
if (vmbus_proto_version < VERSION_WIN8) {
1908
-
max_luns_per_target = STORVSC_IDE_MAX_LUNS_PER_TARGET;
1909
-
max_targets = STORVSC_IDE_MAX_TARGETS;
1910
-
max_channels = STORVSC_IDE_MAX_CHANNELS;
1911
-
} else {
1912
-
max_luns_per_target = STORVSC_MAX_LUNS_PER_TARGET;
1913
-
max_targets = STORVSC_MAX_TARGETS;
1914
-
max_channels = STORVSC_MAX_CHANNELS;
1915
-
/*
1916
-
* On Windows8 and above, we support sub-channels for storage
1917
-
* on SCSI and FC controllers.
1918
-
* The number of sub-channels offerred is based on the number of
1919
-
* VCPUs in the guest.
1920
-
*/
1921
-
if (!dev_is_ide)
1922
-
max_sub_channels =
1923
-
(num_cpus - 1) / storvsc_vcpus_per_sub_channel;
1924
-
}
1976
+
if (!dev_is_ide)
1977
+
max_sub_channels =
1978
+
(num_cpus - 1) / storvsc_vcpus_per_sub_channel;
1925
1979
1926
1980
scsi_driver.can_queue = max_outstanding_req_per_channel *
1927
1981
(max_sub_channels + 1) *
···
1932
2022
init_waitqueue_head(&stor_device->waiting_to_drain);
1933
2023
stor_device->device = device;
1934
2024
stor_device->host = host;
1935
-
stor_device->vmscsi_size_delta = sizeof(struct vmscsi_win8_extension);
1936
2025
spin_lock_init(&stor_device->lock);
1937
2026
hv_set_drvdata(device, stor_device);
1938
2027
dma_set_min_align_mask(&device->device, HV_HYP_PAGE_SIZE - 1);
···
1955
2046
break;
1956
2047
1957
2048
case SCSI_GUID:
1958
-
host->max_lun = max_luns_per_target;
1959
-
host->max_id = max_targets;
1960
-
host->max_channel = max_channels - 1;
2049
+
host->max_lun = STORVSC_MAX_LUNS_PER_TARGET;
2050
+
host->max_id = STORVSC_MAX_TARGETS;
2051
+
host->max_channel = STORVSC_MAX_CHANNELS - 1;
1961
2052
break;
1962
2053
1963
2054
default:
···
2144
2235
* than the ring buffer size since that page is reserved for
2145
2236
* the ring buffer indices) by the max request size (which is
2146
2237
* vmbus_channel_packet_multipage_buffer + struct vstor_packet + u64)
2147
-
*
2148
-
* The computation underestimates max_outstanding_req_per_channel
2149
-
* for Win7 and older hosts because it does not take into account
2150
-
* the vmscsi_size_delta correction to the max request size.
2151
2238
*/
2152
2239
max_outstanding_req_per_channel =
2153
2240
((storvsc_ringbuffer_size - PAGE_SIZE) /
+3
-20
drivers/video/fbdev/hyperv_fb.c
+3
-20
drivers/video/fbdev/hyperv_fb.c
···
63
63
#define MAX_VMBUS_PKT_SIZE 0x4000
64
64
65
65
#define SYNTHVID_VERSION(major, minor) ((minor) << 16 | (major))
66
+
/* Support for VERSION_WIN7 is removed. #define is retained for reference. */
66
67
#define SYNTHVID_VERSION_WIN7 SYNTHVID_VERSION(3, 0)
67
68
#define SYNTHVID_VERSION_WIN8 SYNTHVID_VERSION(3, 2)
68
69
#define SYNTHVID_VERSION_WIN10 SYNTHVID_VERSION(3, 5)
···
71
70
#define SYNTHVID_VER_GET_MAJOR(ver) (ver & 0x0000ffff)
72
71
#define SYNTHVID_VER_GET_MINOR(ver) ((ver & 0xffff0000) >> 16)
73
72
74
-
#define SYNTHVID_DEPTH_WIN7 16
75
73
#define SYNTHVID_DEPTH_WIN8 32
76
-
77
-
#define SYNTHVID_FB_SIZE_WIN7 (4 * 1024 * 1024)
78
-
#define SYNTHVID_WIDTH_MAX_WIN7 1600
79
-
#define SYNTHVID_HEIGHT_MAX_WIN7 1200
80
-
81
74
#define SYNTHVID_FB_SIZE_WIN8 (8 * 1024 * 1024)
82
75
83
76
#define PCI_VENDOR_ID_MICROSOFT 0x1414
···
638
643
case VERSION_WIN8:
639
644
case VERSION_WIN8_1:
640
645
ret = synthvid_negotiate_ver(hdev, SYNTHVID_VERSION_WIN8);
641
-
if (!ret)
642
-
break;
643
-
fallthrough;
644
-
case VERSION_WS2008:
645
-
case VERSION_WIN7:
646
-
ret = synthvid_negotiate_ver(hdev, SYNTHVID_VERSION_WIN7);
647
646
break;
648
647
default:
649
648
ret = synthvid_negotiate_ver(hdev, SYNTHVID_VERSION_WIN10);
···
649
660
goto error;
650
661
}
651
662
652
-
if (par->synthvid_version == SYNTHVID_VERSION_WIN7)
653
-
screen_depth = SYNTHVID_DEPTH_WIN7;
654
-
else
655
-
screen_depth = SYNTHVID_DEPTH_WIN8;
656
-
663
+
screen_depth = SYNTHVID_DEPTH_WIN8;
657
664
if (synthvid_ver_ge(par->synthvid_version, SYNTHVID_VERSION_WIN10)) {
658
665
ret = synthvid_get_supported_resolution(hdev);
659
666
if (ret)
···
918
933
(synthvid_ver_ge(par->synthvid_version, SYNTHVID_VERSION_WIN10) &&
919
934
(x * y * screen_depth / 8 > screen_fb_size)) ||
920
935
(par->synthvid_version == SYNTHVID_VERSION_WIN8 &&
921
-
x * y * screen_depth / 8 > SYNTHVID_FB_SIZE_WIN8) ||
922
-
(par->synthvid_version == SYNTHVID_VERSION_WIN7 &&
923
-
(x > SYNTHVID_WIDTH_MAX_WIN7 || y > SYNTHVID_HEIGHT_MAX_WIN7))) {
936
+
x * y * screen_depth / 8 > SYNTHVID_FB_SIZE_WIN8)) {
924
937
pr_err("Screen resolution option is out of range: skipped\n");
925
938
return;
926
939
}
+58
-39
include/linux/hyperv.h
+58
-39
include/linux/hyperv.h
···
230
230
* two 16 bit quantities: major_number. minor_number.
231
231
*
232
232
* 0 . 13 (Windows Server 2008)
233
-
* 1 . 1 (Windows 7)
234
-
* 2 . 4 (Windows 8)
235
-
* 3 . 0 (Windows 8 R2)
233
+
* 1 . 1 (Windows 7, WS2008 R2)
234
+
* 2 . 4 (Windows 8, WS2012)
235
+
* 3 . 0 (Windows 8.1, WS2012 R2)
236
236
* 4 . 0 (Windows 10)
237
237
* 4 . 1 (Windows 10 RS3)
238
238
* 5 . 0 (Newer Windows 10)
239
239
* 5 . 1 (Windows 10 RS4)
240
240
* 5 . 2 (Windows Server 2019, RS5)
241
241
* 5 . 3 (Windows Server 2022)
242
+
*
243
+
* The WS2008 and WIN7 versions are listed here for
244
+
* completeness but are no longer supported in the
245
+
* Linux kernel.
242
246
*/
243
247
244
248
#define VERSION_WS2008 ((0 << 16) | (13))
···
792
788
793
789
#define VMBUS_NO_RQSTOR U64_MAX
794
790
#define VMBUS_RQST_ERROR (U64_MAX - 1)
791
+
#define VMBUS_RQST_ADDR_ANY U64_MAX
795
792
/* NetVSC-specific */
796
793
#define VMBUS_RQST_ID_NO_RESPONSE (U64_MAX - 2)
797
794
/* StorVSC-specific */
···
1046
1041
u32 max_pkt_size;
1047
1042
};
1048
1043
1044
+
#define lock_requestor(channel, flags) \
1045
+
do { \
1046
+
struct vmbus_requestor *rqstor = &(channel)->requestor; \
1047
+
\
1048
+
spin_lock_irqsave(&rqstor->req_lock, flags); \
1049
+
} while (0)
1050
+
1051
+
static __always_inline void unlock_requestor(struct vmbus_channel *channel,
1052
+
unsigned long flags)
1053
+
{
1054
+
struct vmbus_requestor *rqstor = &channel->requestor;
1055
+
1056
+
spin_unlock_irqrestore(&rqstor->req_lock, flags);
1057
+
}
1058
+
1049
1059
u64 vmbus_next_request_id(struct vmbus_channel *channel, u64 rqst_addr);
1060
+
u64 __vmbus_request_addr_match(struct vmbus_channel *channel, u64 trans_id,
1061
+
u64 rqst_addr);
1062
+
u64 vmbus_request_addr_match(struct vmbus_channel *channel, u64 trans_id,
1063
+
u64 rqst_addr);
1050
1064
u64 vmbus_request_addr(struct vmbus_channel *channel, u64 trans_id);
1065
+
1066
+
static inline bool is_hvsock_offer(const struct vmbus_channel_offer_channel *o)
1067
+
{
1068
+
return !!(o->offer.chn_flags & VMBUS_CHANNEL_TLNPI_PROVIDER_OFFER);
1069
+
}
1051
1070
1052
1071
static inline bool is_hvsock_channel(const struct vmbus_channel *c)
1053
1072
{
1054
-
return !!(c->offermsg.offer.chn_flags &
1055
-
VMBUS_CHANNEL_TLNPI_PROVIDER_OFFER);
1073
+
return is_hvsock_offer(&c->offermsg);
1056
1074
}
1057
1075
1058
1076
static inline bool is_sub_channel(const struct vmbus_channel *c)
···
1189
1161
1190
1162
extern void vmbus_close(struct vmbus_channel *channel);
1191
1163
1164
+
extern int vmbus_sendpacket_getid(struct vmbus_channel *channel,
1165
+
void *buffer,
1166
+
u32 bufferLen,
1167
+
u64 requestid,
1168
+
u64 *trans_id,
1169
+
enum vmbus_packet_type type,
1170
+
u32 flags);
1192
1171
extern int vmbus_sendpacket(struct vmbus_channel *channel,
1193
1172
void *buffer,
1194
1173
u32 bufferLen,
···
1486
1451
0x80, 0x2e, 0x27, 0xed, 0xe1, 0x9f)
1487
1452
1488
1453
/*
1489
-
* Linux doesn't support the 3 devices: the first two are for
1490
-
* Automatic Virtual Machine Activation, and the third is for
1491
-
* Remote Desktop Virtualization.
1454
+
* Linux doesn't support these 4 devices: the first two are for
1455
+
* Automatic Virtual Machine Activation, the third is for
1456
+
* Remote Desktop Virtualization, and the fourth is Initial
1457
+
* Machine Configuration (IMC) used only by Windows guests.
1492
1458
* {f8e65716-3cb3-4a06-9a60-1889c5cccab5}
1493
1459
* {3375baf4-9e15-4b30-b765-67acb10d607b}
1494
1460
* {276aacf4-ac15-426c-98dd-7521ad3f01fe}
1461
+
* {c376c1c3-d276-48d2-90a9-c04748072c60}
1495
1462
*/
1496
1463
1497
1464
#define HV_AVMA1_GUID \
···
1507
1470
#define HV_RDV_GUID \
1508
1471
.guid = GUID_INIT(0x276aacf4, 0xac15, 0x426c, 0x98, 0xdd, \
1509
1472
0x75, 0x21, 0xad, 0x3f, 0x01, 0xfe)
1473
+
1474
+
#define HV_IMC_GUID \
1475
+
.guid = GUID_INIT(0xc376c1c3, 0xd276, 0x48d2, 0x90, 0xa9, \
1476
+
0xc0, 0x47, 0x48, 0x07, 0x2c, 0x60)
1510
1477
1511
1478
/*
1512
1479
* Common header for Hyper-V ICs
···
1704
1663
return (desc->len8 << 3) - (desc->offset8 << 3);
1705
1664
}
1706
1665
1707
-
1708
-
struct vmpacket_descriptor *
1709
-
hv_pkt_iter_first_raw(struct vmbus_channel *channel);
1666
+
/* Get packet length associated with descriptor */
1667
+
static inline u32 hv_pkt_len(const struct vmpacket_descriptor *desc)
1668
+
{
1669
+
return desc->len8 << 3;
1670
+
}
1710
1671
1711
1672
struct vmpacket_descriptor *
1712
1673
hv_pkt_iter_first(struct vmbus_channel *channel);
1713
1674
1714
1675
struct vmpacket_descriptor *
1715
1676
__hv_pkt_iter_next(struct vmbus_channel *channel,
1716
-
const struct vmpacket_descriptor *pkt,
1717
-
bool copy);
1677
+
const struct vmpacket_descriptor *pkt);
1718
1678
1719
1679
void hv_pkt_iter_close(struct vmbus_channel *channel);
1720
1680
1721
1681
static inline struct vmpacket_descriptor *
1722
-
hv_pkt_iter_next_pkt(struct vmbus_channel *channel,
1723
-
const struct vmpacket_descriptor *pkt,
1724
-
bool copy)
1682
+
hv_pkt_iter_next(struct vmbus_channel *channel,
1683
+
const struct vmpacket_descriptor *pkt)
1725
1684
{
1726
1685
struct vmpacket_descriptor *nxt;
1727
1686
1728
-
nxt = __hv_pkt_iter_next(channel, pkt, copy);
1687
+
nxt = __hv_pkt_iter_next(channel, pkt);
1729
1688
if (!nxt)
1730
1689
hv_pkt_iter_close(channel);
1731
1690
1732
1691
return nxt;
1733
-
}
1734
-
1735
-
/*
1736
-
* Get next packet descriptor without copying it out of the ring buffer
1737
-
* If at end of list, return NULL and update host.
1738
-
*/
1739
-
static inline struct vmpacket_descriptor *
1740
-
hv_pkt_iter_next_raw(struct vmbus_channel *channel,
1741
-
const struct vmpacket_descriptor *pkt)
1742
-
{
1743
-
return hv_pkt_iter_next_pkt(channel, pkt, false);
1744
-
}
1745
-
1746
-
/*
1747
-
* Get next packet descriptor from iterator
1748
-
* If at end of list, return NULL and update host.
1749
-
*/
1750
-
static inline struct vmpacket_descriptor *
1751
-
hv_pkt_iter_next(struct vmbus_channel *channel,
1752
-
const struct vmpacket_descriptor *pkt)
1753
-
{
1754
-
return hv_pkt_iter_next_pkt(channel, pkt, true);
1755
1692
}
1756
1693
1757
1694
#define foreach_vmbus_pkt(pkt, channel) \
+17
-4
net/vmw_vsock/hyperv_transport.c
+17
-4
net/vmw_vsock/hyperv_transport.c
···
78
78
ALIGN((payload_len), 8) + \
79
79
VMBUS_PKT_TRAILER_SIZE)
80
80
81
+
/* Upper bound on the size of a VMbus packet for hv_sock */
82
+
#define HVS_MAX_PKT_SIZE HVS_PKT_LEN(HVS_MTU_SIZE)
83
+
81
84
union hvs_service_id {
82
85
guid_t srv_id;
83
86
···
381
378
rcvbuf = ALIGN(rcvbuf, HV_HYP_PAGE_SIZE);
382
379
}
383
380
381
+
chan->max_pkt_size = HVS_MAX_PKT_SIZE;
382
+
384
383
ret = vmbus_open(chan, sndbuf, rcvbuf, NULL, 0, hvs_channel_cb,
385
384
conn_from_host ? new : sk);
386
385
if (ret != 0) {
···
577
572
static int hvs_update_recv_data(struct hvsock *hvs)
578
573
{
579
574
struct hvs_recv_buf *recv_buf;
580
-
u32 payload_len;
575
+
u32 pkt_len, payload_len;
576
+
577
+
pkt_len = hv_pkt_len(hvs->recv_desc);
578
+
579
+
if (pkt_len < HVS_HEADER_LEN)
580
+
return -EIO;
581
581
582
582
recv_buf = (struct hvs_recv_buf *)(hvs->recv_desc + 1);
583
583
payload_len = recv_buf->hdr.data_size;
584
584
585
-
if (payload_len > HVS_MTU_SIZE)
585
+
if (payload_len > pkt_len - HVS_HEADER_LEN ||
586
+
payload_len > HVS_MTU_SIZE)
586
587
return -EIO;
587
588
588
589
if (payload_len == 0)
···
613
602
return -EOPNOTSUPP;
614
603
615
604
if (need_refill) {
616
-
hvs->recv_desc = hv_pkt_iter_first_raw(hvs->chan);
605
+
hvs->recv_desc = hv_pkt_iter_first(hvs->chan);
606
+
if (!hvs->recv_desc)
607
+
return -ENOBUFS;
617
608
ret = hvs_update_recv_data(hvs);
618
609
if (ret)
619
610
return ret;
···
629
616
630
617
hvs->recv_data_len -= to_read;
631
618
if (hvs->recv_data_len == 0) {
632
-
hvs->recv_desc = hv_pkt_iter_next_raw(hvs->chan, hvs->recv_desc);
619
+
hvs->recv_desc = hv_pkt_iter_next(hvs->chan, hvs->recv_desc);
633
620
if (hvs->recv_desc) {
634
621
ret = hvs_update_recv_data(hvs);
635
622
if (ret)