1
2
3
4
5
6
7
8
9#include <linux/compat.h>
10#include <linux/eventfd.h>
11#include <linux/vhost.h>
12#include <linux/virtio_net.h>
13#include <linux/miscdevice.h>
14#include <linux/module.h>
15#include <linux/moduleparam.h>
16#include <linux/mutex.h>
17#include <linux/workqueue.h>
18#include <linux/file.h>
19#include <linux/slab.h>
20#include <linux/vmalloc.h>
21
22#include <linux/net.h>
23#include <linux/if_packet.h>
24#include <linux/if_arp.h>
25#include <linux/if_tun.h>
26#include <linux/if_macvlan.h>
27#include <linux/if_vlan.h>
28
29#include <net/sock.h>
30
31#include "vhost.h"
32
33static int experimental_zcopytx = 1;
34module_param(experimental_zcopytx, int, 0444);
35MODULE_PARM_DESC(experimental_zcopytx, "Enable Zero Copy TX;"
36 " 1 -Enable; 0 - Disable");
37
38
39
40#define VHOST_NET_WEIGHT 0x80000
41
42
43#define VHOST_MAX_PEND 128
44#define VHOST_GOODCOPY_LEN 256
45
46
47
48
49
50
51#define VHOST_DMA_FAILED_LEN ((__force __virtio32)3)
52
53#define VHOST_DMA_DONE_LEN ((__force __virtio32)2)
54
55#define VHOST_DMA_IN_PROGRESS ((__force __virtio32)1)
56
57#define VHOST_DMA_CLEAR_LEN ((__force __virtio32)0)
58
59#define VHOST_DMA_IS_DONE(len) ((__force u32)(len) >= (__force u32)VHOST_DMA_DONE_LEN)
60
61enum {
62 VHOST_NET_FEATURES = VHOST_FEATURES |
63 (1ULL << VHOST_NET_F_VIRTIO_NET_HDR) |
64 (1ULL << VIRTIO_NET_F_MRG_RXBUF) |
65 (1ULL << VIRTIO_F_IOMMU_PLATFORM)
66};
67
68enum {
69 VHOST_NET_VQ_RX = 0,
70 VHOST_NET_VQ_TX = 1,
71 VHOST_NET_VQ_MAX = 2,
72};
73
74struct vhost_net_ubuf_ref {
75
76
77
78
79
80 atomic_t refcount;
81 wait_queue_head_t wait;
82 struct vhost_virtqueue *vq;
83};
84
85struct vhost_net_virtqueue {
86 struct vhost_virtqueue vq;
87 size_t vhost_hlen;
88 size_t sock_hlen;
89
90
91 int upend_idx;
92
93 int done_idx;
94
95 struct ubuf_info *ubuf_info;
96
97
98 struct vhost_net_ubuf_ref *ubufs;
99};
100
101struct vhost_net {
102 struct vhost_dev dev;
103 struct vhost_net_virtqueue vqs[VHOST_NET_VQ_MAX];
104 struct vhost_poll poll[VHOST_NET_VQ_MAX];
105
106
107 unsigned tx_packets;
108
109
110 unsigned tx_zcopy_err;
111
112 bool tx_flush;
113};
114
115static unsigned vhost_net_zcopy_mask __read_mostly;
116
117static void vhost_net_enable_zcopy(int vq)
118{
119 vhost_net_zcopy_mask |= 0x1 << vq;
120}
121
122static struct vhost_net_ubuf_ref *
123vhost_net_ubuf_alloc(struct vhost_virtqueue *vq, bool zcopy)
124{
125 struct vhost_net_ubuf_ref *ubufs;
126
127 if (!zcopy)
128 return NULL;
129 ubufs = kmalloc(sizeof(*ubufs), GFP_KERNEL);
130 if (!ubufs)
131 return ERR_PTR(-ENOMEM);
132 atomic_set(&ubufs->refcount, 1);
133 init_waitqueue_head(&ubufs->wait);
134 ubufs->vq = vq;
135 return ubufs;
136}
137
138static int vhost_net_ubuf_put(struct vhost_net_ubuf_ref *ubufs)
139{
140 int r = atomic_sub_return(1, &ubufs->refcount);
141 if (unlikely(!r))
142 wake_up(&ubufs->wait);
143 return r;
144}
145
146static void vhost_net_ubuf_put_and_wait(struct vhost_net_ubuf_ref *ubufs)
147{
148 vhost_net_ubuf_put(ubufs);
149 wait_event(ubufs->wait, !atomic_read(&ubufs->refcount));
150}
151
152static void vhost_net_ubuf_put_wait_and_free(struct vhost_net_ubuf_ref *ubufs)
153{
154 vhost_net_ubuf_put_and_wait(ubufs);
155 kfree(ubufs);
156}
157
158static void vhost_net_clear_ubuf_info(struct vhost_net *n)
159{
160 int i;
161
162 for (i = 0; i < VHOST_NET_VQ_MAX; ++i) {
163 kfree(n->vqs[i].ubuf_info);
164 n->vqs[i].ubuf_info = NULL;
165 }
166}
167
168static int vhost_net_set_ubuf_info(struct vhost_net *n)
169{
170 bool zcopy;
171 int i;
172
173 for (i = 0; i < VHOST_NET_VQ_MAX; ++i) {
174 zcopy = vhost_net_zcopy_mask & (0x1 << i);
175 if (!zcopy)
176 continue;
177 n->vqs[i].ubuf_info = kmalloc(sizeof(*n->vqs[i].ubuf_info) *
178 UIO_MAXIOV, GFP_KERNEL);
179 if (!n->vqs[i].ubuf_info)
180 goto err;
181 }
182 return 0;
183
184err:
185 vhost_net_clear_ubuf_info(n);
186 return -ENOMEM;
187}
188
189static void vhost_net_vq_reset(struct vhost_net *n)
190{
191 int i;
192
193 vhost_net_clear_ubuf_info(n);
194
195 for (i = 0; i < VHOST_NET_VQ_MAX; i++) {
196 n->vqs[i].done_idx = 0;
197 n->vqs[i].upend_idx = 0;
198 n->vqs[i].ubufs = NULL;
199 n->vqs[i].vhost_hlen = 0;
200 n->vqs[i].sock_hlen = 0;
201 }
202
203}
204
205static void vhost_net_tx_packet(struct vhost_net *net)
206{
207 ++net->tx_packets;
208 if (net->tx_packets < 1024)
209 return;
210 net->tx_packets = 0;
211 net->tx_zcopy_err = 0;
212}
213
214static void vhost_net_tx_err(struct vhost_net *net)
215{
216 ++net->tx_zcopy_err;
217}
218
219static bool vhost_net_tx_select_zcopy(struct vhost_net *net)
220{
221
222
223
224 return !net->tx_flush &&
225 net->tx_packets / 64 >= net->tx_zcopy_err;
226}
227
228static bool vhost_sock_zcopy(struct socket *sock)
229{
230 return unlikely(experimental_zcopytx) &&
231 sock_flag(sock->sk, SOCK_ZEROCOPY);
232}
233
234
235
236
237
238
239static void vhost_zerocopy_signal_used(struct vhost_net *net,
240 struct vhost_virtqueue *vq)
241{
242 struct vhost_net_virtqueue *nvq =
243 container_of(vq, struct vhost_net_virtqueue, vq);
244 int i, add;
245 int j = 0;
246
247 for (i = nvq->done_idx; i != nvq->upend_idx; i = (i + 1) % UIO_MAXIOV) {
248 if (vq->heads[i].len == VHOST_DMA_FAILED_LEN)
249 vhost_net_tx_err(net);
250 if (VHOST_DMA_IS_DONE(vq->heads[i].len)) {
251 vq->heads[i].len = VHOST_DMA_CLEAR_LEN;
252 ++j;
253 } else
254 break;
255 }
256 while (j) {
257 add = min(UIO_MAXIOV - nvq->done_idx, j);
258 vhost_add_used_and_signal_n(vq->dev, vq,
259 &vq->heads[nvq->done_idx], add);
260 nvq->done_idx = (nvq->done_idx + add) % UIO_MAXIOV;
261 j -= add;
262 }
263}
264
265static void vhost_zerocopy_callback(struct ubuf_info *ubuf, bool success)
266{
267 struct vhost_net_ubuf_ref *ubufs = ubuf->ctx;
268 struct vhost_virtqueue *vq = ubufs->vq;
269 int cnt;
270
271 rcu_read_lock_bh();
272
273
274 vq->heads[ubuf->desc].len = success ?
275 VHOST_DMA_DONE_LEN : VHOST_DMA_FAILED_LEN;
276 cnt = vhost_net_ubuf_put(ubufs);
277
278
279
280
281
282
283
284
285 if (cnt <= 1 || !(cnt % 16))
286 vhost_poll_queue(&vq->poll);
287
288 rcu_read_unlock_bh();
289}
290
291static inline unsigned long busy_clock(void)
292{
293 return local_clock() >> 10;
294}
295
296static bool vhost_can_busy_poll(struct vhost_dev *dev,
297 unsigned long endtime)
298{
299 return likely(!need_resched()) &&
300 likely(!time_after(busy_clock(), endtime)) &&
301 likely(!signal_pending(current)) &&
302 !vhost_has_work(dev);
303}
304
305static void vhost_net_disable_vq(struct vhost_net *n,
306 struct vhost_virtqueue *vq)
307{
308 struct vhost_net_virtqueue *nvq =
309 container_of(vq, struct vhost_net_virtqueue, vq);
310 struct vhost_poll *poll = n->poll + (nvq - n->vqs);
311 if (!vq->private_data)
312 return;
313 vhost_poll_stop(poll);
314}
315
316static int vhost_net_enable_vq(struct vhost_net *n,
317 struct vhost_virtqueue *vq)
318{
319 struct vhost_net_virtqueue *nvq =
320 container_of(vq, struct vhost_net_virtqueue, vq);
321 struct vhost_poll *poll = n->poll + (nvq - n->vqs);
322 struct socket *sock;
323
324 sock = vq->private_data;
325 if (!sock)
326 return 0;
327
328 return vhost_poll_start(poll, sock->file);
329}
330
331static int vhost_net_tx_get_vq_desc(struct vhost_net *net,
332 struct vhost_virtqueue *vq,
333 struct iovec iov[], unsigned int iov_size,
334 unsigned int *out_num, unsigned int *in_num)
335{
336 unsigned long uninitialized_var(endtime);
337 int r = vhost_get_vq_desc(vq, vq->iov, ARRAY_SIZE(vq->iov),
338 out_num, in_num, NULL, NULL);
339
340 if (r == vq->num && vq->busyloop_timeout) {
341 preempt_disable();
342 endtime = busy_clock() + vq->busyloop_timeout;
343 while (vhost_can_busy_poll(vq->dev, endtime) &&
344 vhost_vq_avail_empty(vq->dev, vq))
345 cpu_relax_lowlatency();
346 preempt_enable();
347 r = vhost_get_vq_desc(vq, vq->iov, ARRAY_SIZE(vq->iov),
348 out_num, in_num, NULL, NULL);
349 }
350
351 return r;
352}
353
354
355
356static void handle_tx(struct vhost_net *net)
357{
358 struct vhost_net_virtqueue *nvq = &net->vqs[VHOST_NET_VQ_TX];
359 struct vhost_virtqueue *vq = &nvq->vq;
360 unsigned out, in;
361 int head;
362 struct msghdr msg = {
363 .msg_name = NULL,
364 .msg_namelen = 0,
365 .msg_control = NULL,
366 .msg_controllen = 0,
367 .msg_flags = MSG_DONTWAIT,
368 };
369 size_t len, total_len = 0;
370 int err;
371 size_t hdr_size;
372 struct socket *sock;
373 struct vhost_net_ubuf_ref *uninitialized_var(ubufs);
374 bool zcopy, zcopy_used;
375
376 mutex_lock(&vq->mutex);
377 sock = vq->private_data;
378 if (!sock)
379 goto out;
380
381 if (!vq_iotlb_prefetch(vq))
382 goto out;
383
384 vhost_disable_notify(&net->dev, vq);
385
386 hdr_size = nvq->vhost_hlen;
387 zcopy = nvq->ubufs;
388
389 for (;;) {
390
391 if (zcopy)
392 vhost_zerocopy_signal_used(net, vq);
393
394
395
396
397 if (unlikely((nvq->upend_idx + vq->num - VHOST_MAX_PEND)
398 % UIO_MAXIOV == nvq->done_idx))
399 break;
400
401 head = vhost_net_tx_get_vq_desc(net, vq, vq->iov,
402 ARRAY_SIZE(vq->iov),
403 &out, &in);
404
405 if (unlikely(head < 0))
406 break;
407
408 if (head == vq->num) {
409 if (unlikely(vhost_enable_notify(&net->dev, vq))) {
410 vhost_disable_notify(&net->dev, vq);
411 continue;
412 }
413 break;
414 }
415 if (in) {
416 vq_err(vq, "Unexpected descriptor format for TX: "
417 "out %d, int %d\n", out, in);
418 break;
419 }
420
421 len = iov_length(vq->iov, out);
422 iov_iter_init(&msg.msg_iter, WRITE, vq->iov, out, len);
423 iov_iter_advance(&msg.msg_iter, hdr_size);
424
425 if (!msg_data_left(&msg)) {
426 vq_err(vq, "Unexpected header len for TX: "
427 "%zd expected %zd\n",
428 len, hdr_size);
429 break;
430 }
431 len = msg_data_left(&msg);
432
433 zcopy_used = zcopy && len >= VHOST_GOODCOPY_LEN
434 && (nvq->upend_idx + 1) % UIO_MAXIOV !=
435 nvq->done_idx
436 && vhost_net_tx_select_zcopy(net);
437
438
439 if (zcopy_used) {
440 struct ubuf_info *ubuf;
441 ubuf = nvq->ubuf_info + nvq->upend_idx;
442
443 vq->heads[nvq->upend_idx].id = cpu_to_vhost32(vq, head);
444 vq->heads[nvq->upend_idx].len = VHOST_DMA_IN_PROGRESS;
445 ubuf->callback = vhost_zerocopy_callback;
446 ubuf->ctx = nvq->ubufs;
447 ubuf->desc = nvq->upend_idx;
448 msg.msg_control = ubuf;
449 msg.msg_controllen = sizeof(ubuf);
450 ubufs = nvq->ubufs;
451 atomic_inc(&ubufs->refcount);
452 nvq->upend_idx = (nvq->upend_idx + 1) % UIO_MAXIOV;
453 } else {
454 msg.msg_control = NULL;
455 ubufs = NULL;
456 }
457
458 err = sock->ops->sendmsg(sock, &msg, len);
459 if (unlikely(err < 0)) {
460 if (zcopy_used) {
461 vhost_net_ubuf_put(ubufs);
462 nvq->upend_idx = ((unsigned)nvq->upend_idx - 1)
463 % UIO_MAXIOV;
464 }
465 vhost_discard_vq_desc(vq, 1);
466 break;
467 }
468 if (err != len)
469 pr_debug("Truncated TX packet: "
470 " len %d != %zd\n", err, len);
471 if (!zcopy_used)
472 vhost_add_used_and_signal(&net->dev, vq, head, 0);
473 else
474 vhost_zerocopy_signal_used(net, vq);
475 total_len += len;
476 vhost_net_tx_packet(net);
477 if (unlikely(total_len >= VHOST_NET_WEIGHT)) {
478 vhost_poll_queue(&vq->poll);
479 break;
480 }
481 }
482out:
483 mutex_unlock(&vq->mutex);
484}
485
486static int peek_head_len(struct sock *sk)
487{
488 struct socket *sock = sk->sk_socket;
489 struct sk_buff *head;
490 int len = 0;
491 unsigned long flags;
492
493 if (sock->ops->peek_len)
494 return sock->ops->peek_len(sock);
495
496 spin_lock_irqsave(&sk->sk_receive_queue.lock, flags);
497 head = skb_peek(&sk->sk_receive_queue);
498 if (likely(head)) {
499 len = head->len;
500 if (skb_vlan_tag_present(head))
501 len += VLAN_HLEN;
502 }
503
504 spin_unlock_irqrestore(&sk->sk_receive_queue.lock, flags);
505 return len;
506}
507
508static int sk_has_rx_data(struct sock *sk)
509{
510 struct socket *sock = sk->sk_socket;
511
512 if (sock->ops->peek_len)
513 return sock->ops->peek_len(sock);
514
515 return skb_queue_empty(&sk->sk_receive_queue);
516}
517
518static int vhost_net_rx_peek_head_len(struct vhost_net *net, struct sock *sk)
519{
520 struct vhost_net_virtqueue *nvq = &net->vqs[VHOST_NET_VQ_TX];
521 struct vhost_virtqueue *vq = &nvq->vq;
522 unsigned long uninitialized_var(endtime);
523 int len = peek_head_len(sk);
524
525 if (!len && vq->busyloop_timeout) {
526
527 mutex_lock(&vq->mutex);
528 vhost_disable_notify(&net->dev, vq);
529
530 preempt_disable();
531 endtime = busy_clock() + vq->busyloop_timeout;
532
533 while (vhost_can_busy_poll(&net->dev, endtime) &&
534 !sk_has_rx_data(sk) &&
535 vhost_vq_avail_empty(&net->dev, vq))
536 cpu_relax_lowlatency();
537
538 preempt_enable();
539
540 if (vhost_enable_notify(&net->dev, vq))
541 vhost_poll_queue(&vq->poll);
542 mutex_unlock(&vq->mutex);
543
544 len = peek_head_len(sk);
545 }
546
547 return len;
548}
549
550
551
552
553
554
555
556
557
558
559
560static int get_rx_bufs(struct vhost_virtqueue *vq,
561 struct vring_used_elem *heads,
562 int datalen,
563 unsigned *iovcount,
564 struct vhost_log *log,
565 unsigned *log_num,
566 unsigned int quota)
567{
568 unsigned int out, in;
569 int seg = 0;
570 int headcount = 0;
571 unsigned d;
572 int r, nlogs = 0;
573
574
575
576 u32 uninitialized_var(len);
577
578 while (datalen > 0 && headcount < quota) {
579 if (unlikely(seg >= UIO_MAXIOV)) {
580 r = -ENOBUFS;
581 goto err;
582 }
583 r = vhost_get_vq_desc(vq, vq->iov + seg,
584 ARRAY_SIZE(vq->iov) - seg, &out,
585 &in, log, log_num);
586 if (unlikely(r < 0))
587 goto err;
588
589 d = r;
590 if (d == vq->num) {
591 r = 0;
592 goto err;
593 }
594 if (unlikely(out || in <= 0)) {
595 vq_err(vq, "unexpected descriptor format for RX: "
596 "out %d, in %d\n", out, in);
597 r = -EINVAL;
598 goto err;
599 }
600 if (unlikely(log)) {
601 nlogs += *log_num;
602 log += *log_num;
603 }
604 heads[headcount].id = cpu_to_vhost32(vq, d);
605 len = iov_length(vq->iov + seg, in);
606 heads[headcount].len = cpu_to_vhost32(vq, len);
607 datalen -= len;
608 ++headcount;
609 seg += in;
610 }
611 heads[headcount - 1].len = cpu_to_vhost32(vq, len + datalen);
612 *iovcount = seg;
613 if (unlikely(log))
614 *log_num = nlogs;
615
616
617 if (unlikely(datalen > 0)) {
618 r = UIO_MAXIOV + 1;
619 goto err;
620 }
621 return headcount;
622err:
623 vhost_discard_vq_desc(vq, headcount);
624 return r;
625}
626
627
628
629static void handle_rx(struct vhost_net *net)
630{
631 struct vhost_net_virtqueue *nvq = &net->vqs[VHOST_NET_VQ_RX];
632 struct vhost_virtqueue *vq = &nvq->vq;
633 unsigned uninitialized_var(in), log;
634 struct vhost_log *vq_log;
635 struct msghdr msg = {
636 .msg_name = NULL,
637 .msg_namelen = 0,
638 .msg_control = NULL,
639 .msg_controllen = 0,
640 .msg_flags = MSG_DONTWAIT,
641 };
642 struct virtio_net_hdr hdr = {
643 .flags = 0,
644 .gso_type = VIRTIO_NET_HDR_GSO_NONE
645 };
646 size_t total_len = 0;
647 int err, mergeable;
648 s16 headcount;
649 size_t vhost_hlen, sock_hlen;
650 size_t vhost_len, sock_len;
651 struct socket *sock;
652 struct iov_iter fixup;
653 __virtio16 num_buffers;
654
655 mutex_lock(&vq->mutex);
656 sock = vq->private_data;
657 if (!sock)
658 goto out;
659
660 if (!vq_iotlb_prefetch(vq))
661 goto out;
662
663 vhost_disable_notify(&net->dev, vq);
664 vhost_net_disable_vq(net, vq);
665
666 vhost_hlen = nvq->vhost_hlen;
667 sock_hlen = nvq->sock_hlen;
668
669 vq_log = unlikely(vhost_has_feature(vq, VHOST_F_LOG_ALL)) ?
670 vq->log : NULL;
671 mergeable = vhost_has_feature(vq, VIRTIO_NET_F_MRG_RXBUF);
672
673 while ((sock_len = vhost_net_rx_peek_head_len(net, sock->sk))) {
674 sock_len += sock_hlen;
675 vhost_len = sock_len + vhost_hlen;
676 headcount = get_rx_bufs(vq, vq->heads, vhost_len,
677 &in, vq_log, &log,
678 likely(mergeable) ? UIO_MAXIOV : 1);
679
680 if (unlikely(headcount < 0))
681 goto out;
682
683 if (unlikely(headcount > UIO_MAXIOV)) {
684 iov_iter_init(&msg.msg_iter, READ, vq->iov, 1, 1);
685 err = sock->ops->recvmsg(sock, &msg,
686 1, MSG_DONTWAIT | MSG_TRUNC);
687 pr_debug("Discarded rx packet: len %zd\n", sock_len);
688 continue;
689 }
690
691 if (!headcount) {
692 if (unlikely(vhost_enable_notify(&net->dev, vq))) {
693
694
695 vhost_disable_notify(&net->dev, vq);
696 continue;
697 }
698
699
700 goto out;
701 }
702
703 iov_iter_init(&msg.msg_iter, READ, vq->iov, in, vhost_len);
704 fixup = msg.msg_iter;
705 if (unlikely((vhost_hlen))) {
706
707
708
709 iov_iter_advance(&msg.msg_iter, vhost_hlen);
710 }
711 err = sock->ops->recvmsg(sock, &msg,
712 sock_len, MSG_DONTWAIT | MSG_TRUNC);
713
714
715
716 if (unlikely(err != sock_len)) {
717 pr_debug("Discarded rx packet: "
718 " len %d, expected %zd\n", err, sock_len);
719 vhost_discard_vq_desc(vq, headcount);
720 continue;
721 }
722
723 if (unlikely(vhost_hlen)) {
724 if (copy_to_iter(&hdr, sizeof(hdr),
725 &fixup) != sizeof(hdr)) {
726 vq_err(vq, "Unable to write vnet_hdr "
727 "at addr %p\n", vq->iov->iov_base);
728 goto out;
729 }
730 } else {
731
732
733
734 iov_iter_advance(&fixup, sizeof(hdr));
735 }
736
737
738 num_buffers = cpu_to_vhost16(vq, headcount);
739 if (likely(mergeable) &&
740 copy_to_iter(&num_buffers, sizeof num_buffers,
741 &fixup) != sizeof num_buffers) {
742 vq_err(vq, "Failed num_buffers write");
743 vhost_discard_vq_desc(vq, headcount);
744 goto out;
745 }
746 vhost_add_used_and_signal_n(&net->dev, vq, vq->heads,
747 headcount);
748 if (unlikely(vq_log))
749 vhost_log_write(vq, vq_log, log, vhost_len);
750 total_len += vhost_len;
751 if (unlikely(total_len >= VHOST_NET_WEIGHT)) {
752 vhost_poll_queue(&vq->poll);
753 goto out;
754 }
755 }
756 vhost_net_enable_vq(net, vq);
757out:
758 mutex_unlock(&vq->mutex);
759}
760
761static void handle_tx_kick(struct vhost_work *work)
762{
763 struct vhost_virtqueue *vq = container_of(work, struct vhost_virtqueue,
764 poll.work);
765 struct vhost_net *net = container_of(vq->dev, struct vhost_net, dev);
766
767 handle_tx(net);
768}
769
770static void handle_rx_kick(struct vhost_work *work)
771{
772 struct vhost_virtqueue *vq = container_of(work, struct vhost_virtqueue,
773 poll.work);
774 struct vhost_net *net = container_of(vq->dev, struct vhost_net, dev);
775
776 handle_rx(net);
777}
778
779static void handle_tx_net(struct vhost_work *work)
780{
781 struct vhost_net *net = container_of(work, struct vhost_net,
782 poll[VHOST_NET_VQ_TX].work);
783 handle_tx(net);
784}
785
786static void handle_rx_net(struct vhost_work *work)
787{
788 struct vhost_net *net = container_of(work, struct vhost_net,
789 poll[VHOST_NET_VQ_RX].work);
790 handle_rx(net);
791}
792
793static int vhost_net_open(struct inode *inode, struct file *f)
794{
795 struct vhost_net *n;
796 struct vhost_dev *dev;
797 struct vhost_virtqueue **vqs;
798 int i;
799
800 n = kmalloc(sizeof *n, GFP_KERNEL | __GFP_NOWARN | __GFP_REPEAT);
801 if (!n) {
802 n = vmalloc(sizeof *n);
803 if (!n)
804 return -ENOMEM;
805 }
806 vqs = kmalloc(VHOST_NET_VQ_MAX * sizeof(*vqs), GFP_KERNEL);
807 if (!vqs) {
808 kvfree(n);
809 return -ENOMEM;
810 }
811
812 dev = &n->dev;
813 vqs[VHOST_NET_VQ_TX] = &n->vqs[VHOST_NET_VQ_TX].vq;
814 vqs[VHOST_NET_VQ_RX] = &n->vqs[VHOST_NET_VQ_RX].vq;
815 n->vqs[VHOST_NET_VQ_TX].vq.handle_kick = handle_tx_kick;
816 n->vqs[VHOST_NET_VQ_RX].vq.handle_kick = handle_rx_kick;
817 for (i = 0; i < VHOST_NET_VQ_MAX; i++) {
818 n->vqs[i].ubufs = NULL;
819 n->vqs[i].ubuf_info = NULL;
820 n->vqs[i].upend_idx = 0;
821 n->vqs[i].done_idx = 0;
822 n->vqs[i].vhost_hlen = 0;
823 n->vqs[i].sock_hlen = 0;
824 }
825 vhost_dev_init(dev, vqs, VHOST_NET_VQ_MAX);
826
827 vhost_poll_init(n->poll + VHOST_NET_VQ_TX, handle_tx_net, POLLOUT, dev);
828 vhost_poll_init(n->poll + VHOST_NET_VQ_RX, handle_rx_net, POLLIN, dev);
829
830 f->private_data = n;
831
832 return 0;
833}
834
835static struct socket *vhost_net_stop_vq(struct vhost_net *n,
836 struct vhost_virtqueue *vq)
837{
838 struct socket *sock;
839
840 mutex_lock(&vq->mutex);
841 sock = vq->private_data;
842 vhost_net_disable_vq(n, vq);
843 vq->private_data = NULL;
844 mutex_unlock(&vq->mutex);
845 return sock;
846}
847
848static void vhost_net_stop(struct vhost_net *n, struct socket **tx_sock,
849 struct socket **rx_sock)
850{
851 *tx_sock = vhost_net_stop_vq(n, &n->vqs[VHOST_NET_VQ_TX].vq);
852 *rx_sock = vhost_net_stop_vq(n, &n->vqs[VHOST_NET_VQ_RX].vq);
853}
854
855static void vhost_net_flush_vq(struct vhost_net *n, int index)
856{
857 vhost_poll_flush(n->poll + index);
858 vhost_poll_flush(&n->vqs[index].vq.poll);
859}
860
861static void vhost_net_flush(struct vhost_net *n)
862{
863 vhost_net_flush_vq(n, VHOST_NET_VQ_TX);
864 vhost_net_flush_vq(n, VHOST_NET_VQ_RX);
865 if (n->vqs[VHOST_NET_VQ_TX].ubufs) {
866 mutex_lock(&n->vqs[VHOST_NET_VQ_TX].vq.mutex);
867 n->tx_flush = true;
868 mutex_unlock(&n->vqs[VHOST_NET_VQ_TX].vq.mutex);
869
870 vhost_net_ubuf_put_and_wait(n->vqs[VHOST_NET_VQ_TX].ubufs);
871 mutex_lock(&n->vqs[VHOST_NET_VQ_TX].vq.mutex);
872 n->tx_flush = false;
873 atomic_set(&n->vqs[VHOST_NET_VQ_TX].ubufs->refcount, 1);
874 mutex_unlock(&n->vqs[VHOST_NET_VQ_TX].vq.mutex);
875 }
876}
877
878static int vhost_net_release(struct inode *inode, struct file *f)
879{
880 struct vhost_net *n = f->private_data;
881 struct socket *tx_sock;
882 struct socket *rx_sock;
883
884 vhost_net_stop(n, &tx_sock, &rx_sock);
885 vhost_net_flush(n);
886 vhost_dev_stop(&n->dev);
887 vhost_dev_cleanup(&n->dev, false);
888 vhost_net_vq_reset(n);
889 if (tx_sock)
890 sockfd_put(tx_sock);
891 if (rx_sock)
892 sockfd_put(rx_sock);
893
894 synchronize_rcu_bh();
895
896
897 vhost_net_flush(n);
898 kfree(n->dev.vqs);
899 kvfree(n);
900 return 0;
901}
902
903static struct socket *get_raw_socket(int fd)
904{
905 struct {
906 struct sockaddr_ll sa;
907 char buf[MAX_ADDR_LEN];
908 } uaddr;
909 int uaddr_len = sizeof uaddr, r;
910 struct socket *sock = sockfd_lookup(fd, &r);
911
912 if (!sock)
913 return ERR_PTR(-ENOTSOCK);
914
915
916 if (sock->sk->sk_type != SOCK_RAW) {
917 r = -ESOCKTNOSUPPORT;
918 goto err;
919 }
920
921 r = sock->ops->getname(sock, (struct sockaddr *)&uaddr.sa,
922 &uaddr_len, 0);
923 if (r)
924 goto err;
925
926 if (uaddr.sa.sll_family != AF_PACKET) {
927 r = -EPFNOSUPPORT;
928 goto err;
929 }
930 return sock;
931err:
932 sockfd_put(sock);
933 return ERR_PTR(r);
934}
935
936static struct socket *get_tap_socket(int fd)
937{
938 struct file *file = fget(fd);
939 struct socket *sock;
940
941 if (!file)
942 return ERR_PTR(-EBADF);
943 sock = tun_get_socket(file);
944 if (!IS_ERR(sock))
945 return sock;
946 sock = macvtap_get_socket(file);
947 if (IS_ERR(sock))
948 fput(file);
949 return sock;
950}
951
952static struct socket *get_socket(int fd)
953{
954 struct socket *sock;
955
956
957 if (fd == -1)
958 return NULL;
959 sock = get_raw_socket(fd);
960 if (!IS_ERR(sock))
961 return sock;
962 sock = get_tap_socket(fd);
963 if (!IS_ERR(sock))
964 return sock;
965 return ERR_PTR(-ENOTSOCK);
966}
967
968static long vhost_net_set_backend(struct vhost_net *n, unsigned index, int fd)
969{
970 struct socket *sock, *oldsock;
971 struct vhost_virtqueue *vq;
972 struct vhost_net_virtqueue *nvq;
973 struct vhost_net_ubuf_ref *ubufs, *oldubufs = NULL;
974 int r;
975
976 mutex_lock(&n->dev.mutex);
977 r = vhost_dev_check_owner(&n->dev);
978 if (r)
979 goto err;
980
981 if (index >= VHOST_NET_VQ_MAX) {
982 r = -ENOBUFS;
983 goto err;
984 }
985 vq = &n->vqs[index].vq;
986 nvq = &n->vqs[index];
987 mutex_lock(&vq->mutex);
988
989
990 if (!vhost_vq_access_ok(vq)) {
991 r = -EFAULT;
992 goto err_vq;
993 }
994 sock = get_socket(fd);
995 if (IS_ERR(sock)) {
996 r = PTR_ERR(sock);
997 goto err_vq;
998 }
999
1000
1001 oldsock = vq->private_data;
1002 if (sock != oldsock) {
1003 ubufs = vhost_net_ubuf_alloc(vq,
1004 sock && vhost_sock_zcopy(sock));
1005 if (IS_ERR(ubufs)) {
1006 r = PTR_ERR(ubufs);
1007 goto err_ubufs;
1008 }
1009
1010 vhost_net_disable_vq(n, vq);
1011 vq->private_data = sock;
1012 r = vhost_vq_init_access(vq);
1013 if (r)
1014 goto err_used;
1015 r = vhost_net_enable_vq(n, vq);
1016 if (r)
1017 goto err_used;
1018
1019 oldubufs = nvq->ubufs;
1020 nvq->ubufs = ubufs;
1021
1022 n->tx_packets = 0;
1023 n->tx_zcopy_err = 0;
1024 n->tx_flush = false;
1025 }
1026
1027 mutex_unlock(&vq->mutex);
1028
1029 if (oldubufs) {
1030 vhost_net_ubuf_put_wait_and_free(oldubufs);
1031 mutex_lock(&vq->mutex);
1032 vhost_zerocopy_signal_used(n, vq);
1033 mutex_unlock(&vq->mutex);
1034 }
1035
1036 if (oldsock) {
1037 vhost_net_flush_vq(n, index);
1038 sockfd_put(oldsock);
1039 }
1040
1041 mutex_unlock(&n->dev.mutex);
1042 return 0;
1043
1044err_used:
1045 vq->private_data = oldsock;
1046 vhost_net_enable_vq(n, vq);
1047 if (ubufs)
1048 vhost_net_ubuf_put_wait_and_free(ubufs);
1049err_ubufs:
1050 sockfd_put(sock);
1051err_vq:
1052 mutex_unlock(&vq->mutex);
1053err:
1054 mutex_unlock(&n->dev.mutex);
1055 return r;
1056}
1057
1058static long vhost_net_reset_owner(struct vhost_net *n)
1059{
1060 struct socket *tx_sock = NULL;
1061 struct socket *rx_sock = NULL;
1062 long err;
1063 struct vhost_umem *umem;
1064
1065 mutex_lock(&n->dev.mutex);
1066 err = vhost_dev_check_owner(&n->dev);
1067 if (err)
1068 goto done;
1069 umem = vhost_dev_reset_owner_prepare();
1070 if (!umem) {
1071 err = -ENOMEM;
1072 goto done;
1073 }
1074 vhost_net_stop(n, &tx_sock, &rx_sock);
1075 vhost_net_flush(n);
1076 vhost_dev_reset_owner(&n->dev, umem);
1077 vhost_net_vq_reset(n);
1078done:
1079 mutex_unlock(&n->dev.mutex);
1080 if (tx_sock)
1081 sockfd_put(tx_sock);
1082 if (rx_sock)
1083 sockfd_put(rx_sock);
1084 return err;
1085}
1086
1087static int vhost_net_set_features(struct vhost_net *n, u64 features)
1088{
1089 size_t vhost_hlen, sock_hlen, hdr_len;
1090 int i;
1091
1092 hdr_len = (features & ((1ULL << VIRTIO_NET_F_MRG_RXBUF) |
1093 (1ULL << VIRTIO_F_VERSION_1))) ?
1094 sizeof(struct virtio_net_hdr_mrg_rxbuf) :
1095 sizeof(struct virtio_net_hdr);
1096 if (features & (1 << VHOST_NET_F_VIRTIO_NET_HDR)) {
1097
1098 vhost_hlen = hdr_len;
1099 sock_hlen = 0;
1100 } else {
1101
1102 vhost_hlen = 0;
1103 sock_hlen = hdr_len;
1104 }
1105 mutex_lock(&n->dev.mutex);
1106 if ((features & (1 << VHOST_F_LOG_ALL)) &&
1107 !vhost_log_access_ok(&n->dev))
1108 goto out_unlock;
1109
1110 if ((features & (1ULL << VIRTIO_F_IOMMU_PLATFORM))) {
1111 if (vhost_init_device_iotlb(&n->dev, true))
1112 goto out_unlock;
1113 }
1114
1115 for (i = 0; i < VHOST_NET_VQ_MAX; ++i) {
1116 mutex_lock(&n->vqs[i].vq.mutex);
1117 n->vqs[i].vq.acked_features = features;
1118 n->vqs[i].vhost_hlen = vhost_hlen;
1119 n->vqs[i].sock_hlen = sock_hlen;
1120 mutex_unlock(&n->vqs[i].vq.mutex);
1121 }
1122 mutex_unlock(&n->dev.mutex);
1123 return 0;
1124
1125out_unlock:
1126 mutex_unlock(&n->dev.mutex);
1127 return -EFAULT;
1128}
1129
1130static long vhost_net_set_owner(struct vhost_net *n)
1131{
1132 int r;
1133
1134 mutex_lock(&n->dev.mutex);
1135 if (vhost_dev_has_owner(&n->dev)) {
1136 r = -EBUSY;
1137 goto out;
1138 }
1139 r = vhost_net_set_ubuf_info(n);
1140 if (r)
1141 goto out;
1142 r = vhost_dev_set_owner(&n->dev);
1143 if (r)
1144 vhost_net_clear_ubuf_info(n);
1145 vhost_net_flush(n);
1146out:
1147 mutex_unlock(&n->dev.mutex);
1148 return r;
1149}
1150
1151static long vhost_net_ioctl(struct file *f, unsigned int ioctl,
1152 unsigned long arg)
1153{
1154 struct vhost_net *n = f->private_data;
1155 void __user *argp = (void __user *)arg;
1156 u64 __user *featurep = argp;
1157 struct vhost_vring_file backend;
1158 u64 features;
1159 int r;
1160
1161 switch (ioctl) {
1162 case VHOST_NET_SET_BACKEND:
1163 if (copy_from_user(&backend, argp, sizeof backend))
1164 return -EFAULT;
1165 return vhost_net_set_backend(n, backend.index, backend.fd);
1166 case VHOST_GET_FEATURES:
1167 features = VHOST_NET_FEATURES;
1168 if (copy_to_user(featurep, &features, sizeof features))
1169 return -EFAULT;
1170 return 0;
1171 case VHOST_SET_FEATURES:
1172 if (copy_from_user(&features, featurep, sizeof features))
1173 return -EFAULT;
1174 if (features & ~VHOST_NET_FEATURES)
1175 return -EOPNOTSUPP;
1176 return vhost_net_set_features(n, features);
1177 case VHOST_RESET_OWNER:
1178 return vhost_net_reset_owner(n);
1179 case VHOST_SET_OWNER:
1180 return vhost_net_set_owner(n);
1181 default:
1182 mutex_lock(&n->dev.mutex);
1183 r = vhost_dev_ioctl(&n->dev, ioctl, argp);
1184 if (r == -ENOIOCTLCMD)
1185 r = vhost_vring_ioctl(&n->dev, ioctl, argp);
1186 else
1187 vhost_net_flush(n);
1188 mutex_unlock(&n->dev.mutex);
1189 return r;
1190 }
1191}
1192
1193#ifdef CONFIG_COMPAT
1194static long vhost_net_compat_ioctl(struct file *f, unsigned int ioctl,
1195 unsigned long arg)
1196{
1197 return vhost_net_ioctl(f, ioctl, (unsigned long)compat_ptr(arg));
1198}
1199#endif
1200
1201static ssize_t vhost_net_chr_read_iter(struct kiocb *iocb, struct iov_iter *to)
1202{
1203 struct file *file = iocb->ki_filp;
1204 struct vhost_net *n = file->private_data;
1205 struct vhost_dev *dev = &n->dev;
1206 int noblock = file->f_flags & O_NONBLOCK;
1207
1208 return vhost_chr_read_iter(dev, to, noblock);
1209}
1210
1211static ssize_t vhost_net_chr_write_iter(struct kiocb *iocb,
1212 struct iov_iter *from)
1213{
1214 struct file *file = iocb->ki_filp;
1215 struct vhost_net *n = file->private_data;
1216 struct vhost_dev *dev = &n->dev;
1217
1218 return vhost_chr_write_iter(dev, from);
1219}
1220
1221static unsigned int vhost_net_chr_poll(struct file *file, poll_table *wait)
1222{
1223 struct vhost_net *n = file->private_data;
1224 struct vhost_dev *dev = &n->dev;
1225
1226 return vhost_chr_poll(file, dev, wait);
1227}
1228
1229static const struct file_operations vhost_net_fops = {
1230 .owner = THIS_MODULE,
1231 .release = vhost_net_release,
1232 .read_iter = vhost_net_chr_read_iter,
1233 .write_iter = vhost_net_chr_write_iter,
1234 .poll = vhost_net_chr_poll,
1235 .unlocked_ioctl = vhost_net_ioctl,
1236#ifdef CONFIG_COMPAT
1237 .compat_ioctl = vhost_net_compat_ioctl,
1238#endif
1239 .open = vhost_net_open,
1240 .llseek = noop_llseek,
1241};
1242
1243static struct miscdevice vhost_net_misc = {
1244 .minor = VHOST_NET_MINOR,
1245 .name = "vhost-net",
1246 .fops = &vhost_net_fops,
1247};
1248
1249static int vhost_net_init(void)
1250{
1251 if (experimental_zcopytx)
1252 vhost_net_enable_zcopy(VHOST_NET_VQ_TX);
1253 return misc_register(&vhost_net_misc);
1254}
1255module_init(vhost_net_init);
1256
1257static void vhost_net_exit(void)
1258{
1259 misc_deregister(&vhost_net_misc);
1260}
1261module_exit(vhost_net_exit);
1262
1263MODULE_VERSION("0.0.1");
1264MODULE_LICENSE("GPL v2");
1265MODULE_AUTHOR("Michael S. Tsirkin");
1266MODULE_DESCRIPTION("Host kernel accelerator for virtio net");
1267MODULE_ALIAS_MISCDEV(VHOST_NET_MINOR);
1268MODULE_ALIAS("devname:vhost-net");
1269
