linux/drivers/gpu/drm/vmwgfx/vmwgfx_msg.c
<<
>>
Prefs
   1// SPDX-License-Identifier: GPL-2.0 OR MIT
   2/*
   3 * Copyright 2016 VMware, Inc., Palo Alto, CA., USA
   4 *
   5 * Permission is hereby granted, free of charge, to any person obtaining a
   6 * copy of this software and associated documentation files (the
   7 * "Software"), to deal in the Software without restriction, including
   8 * without limitation the rights to use, copy, modify, merge, publish,
   9 * distribute, sub license, and/or sell copies of the Software, and to
  10 * permit persons to whom the Software is furnished to do so, subject to
  11 * the following conditions:
  12 *
  13 * The above copyright notice and this permission notice (including the
  14 * next paragraph) shall be included in all copies or substantial portions
  15 * of the Software.
  16 *
  17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  19 * FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT. IN NO EVENT SHALL
  20 * THE COPYRIGHT HOLDERS, AUTHORS AND/OR ITS SUPPLIERS BE LIABLE FOR ANY CLAIM,
  21 * DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
  22 * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
  23 * USE OR OTHER DEALINGS IN THE SOFTWARE.
  24 *
  25 */
  26
  27#include <linux/frame.h>
  28#include <linux/kernel.h>
  29#include <linux/module.h>
  30#include <linux/slab.h>
  31#include <linux/mem_encrypt.h>
  32
  33#include <asm/hypervisor.h>
  34
  35#include "vmwgfx_drv.h"
  36#include "vmwgfx_msg.h"
  37
  38#define MESSAGE_STATUS_SUCCESS  0x0001
  39#define MESSAGE_STATUS_DORECV   0x0002
  40#define MESSAGE_STATUS_CPT      0x0010
  41#define MESSAGE_STATUS_HB       0x0080
  42
  43#define RPCI_PROTOCOL_NUM       0x49435052
  44#define GUESTMSG_FLAG_COOKIE    0x80000000
  45
  46#define RETRIES                 3
  47
  48#define VMW_HYPERVISOR_MAGIC    0x564D5868
  49
  50#define VMW_PORT_CMD_MSG        30
  51#define VMW_PORT_CMD_HB_MSG     0
  52#define VMW_PORT_CMD_OPEN_CHANNEL  (MSG_TYPE_OPEN << 16 | VMW_PORT_CMD_MSG)
  53#define VMW_PORT_CMD_CLOSE_CHANNEL (MSG_TYPE_CLOSE << 16 | VMW_PORT_CMD_MSG)
  54#define VMW_PORT_CMD_SENDSIZE   (MSG_TYPE_SENDSIZE << 16 | VMW_PORT_CMD_MSG)
  55#define VMW_PORT_CMD_RECVSIZE   (MSG_TYPE_RECVSIZE << 16 | VMW_PORT_CMD_MSG)
  56#define VMW_PORT_CMD_RECVSTATUS (MSG_TYPE_RECVSTATUS << 16 | VMW_PORT_CMD_MSG)
  57
  58#define HIGH_WORD(X) ((X & 0xFFFF0000) >> 16)
  59
  60#define MAX_USER_MSG_LENGTH     PAGE_SIZE
  61
  62static u32 vmw_msg_enabled = 1;
  63
  64enum rpc_msg_type {
  65        MSG_TYPE_OPEN,
  66        MSG_TYPE_SENDSIZE,
  67        MSG_TYPE_SENDPAYLOAD,
  68        MSG_TYPE_RECVSIZE,
  69        MSG_TYPE_RECVPAYLOAD,
  70        MSG_TYPE_RECVSTATUS,
  71        MSG_TYPE_CLOSE,
  72};
  73
  74struct rpc_channel {
  75        u16 channel_id;
  76        u32 cookie_high;
  77        u32 cookie_low;
  78};
  79
  80
  81
  82/**
  83 * vmw_open_channel
  84 *
  85 * @channel: RPC channel
  86 * @protocol:
  87 *
  88 * Returns: 0 on success
  89 */
  90static int vmw_open_channel(struct rpc_channel *channel, unsigned int protocol)
  91{
  92        unsigned long eax, ebx, ecx, edx, si = 0, di = 0;
  93
  94        VMW_PORT(VMW_PORT_CMD_OPEN_CHANNEL,
  95                (protocol | GUESTMSG_FLAG_COOKIE), si, di,
  96                0,
  97                VMW_HYPERVISOR_MAGIC,
  98                eax, ebx, ecx, edx, si, di);
  99
 100        if ((HIGH_WORD(ecx) & MESSAGE_STATUS_SUCCESS) == 0)
 101                return -EINVAL;
 102
 103        channel->channel_id  = HIGH_WORD(edx);
 104        channel->cookie_high = si;
 105        channel->cookie_low  = di;
 106
 107        return 0;
 108}
 109
 110
 111
 112/**
 113 * vmw_close_channel
 114 *
 115 * @channel: RPC channel
 116 *
 117 * Returns: 0 on success
 118 */
 119static int vmw_close_channel(struct rpc_channel *channel)
 120{
 121        unsigned long eax, ebx, ecx, edx, si, di;
 122
 123        /* Set up additional parameters */
 124        si  = channel->cookie_high;
 125        di  = channel->cookie_low;
 126
 127        VMW_PORT(VMW_PORT_CMD_CLOSE_CHANNEL,
 128                0, si, di,
 129                channel->channel_id << 16,
 130                VMW_HYPERVISOR_MAGIC,
 131                eax, ebx, ecx, edx, si, di);
 132
 133        if ((HIGH_WORD(ecx) & MESSAGE_STATUS_SUCCESS) == 0)
 134                return -EINVAL;
 135
 136        return 0;
 137}
 138
 139/**
 140 * vmw_port_hb_out - Send the message payload either through the
 141 * high-bandwidth port if available, or through the backdoor otherwise.
 142 * @channel: The rpc channel.
 143 * @msg: NULL-terminated message.
 144 * @hb: Whether the high-bandwidth port is available.
 145 *
 146 * Return: The port status.
 147 */
 148static unsigned long vmw_port_hb_out(struct rpc_channel *channel,
 149                                     const char *msg, bool hb)
 150{
 151        unsigned long si, di, eax, ebx, ecx, edx;
 152        unsigned long msg_len = strlen(msg);
 153
 154        /* HB port can't access encrypted memory. */
 155        if (hb && !mem_encrypt_active()) {
 156                unsigned long bp = channel->cookie_high;
 157
 158                si = (uintptr_t) msg;
 159                di = channel->cookie_low;
 160
 161                VMW_PORT_HB_OUT(
 162                        (MESSAGE_STATUS_SUCCESS << 16) | VMW_PORT_CMD_HB_MSG,
 163                        msg_len, si, di,
 164                        VMWARE_HYPERVISOR_HB | (channel->channel_id << 16) |
 165                        VMWARE_HYPERVISOR_OUT,
 166                        VMW_HYPERVISOR_MAGIC, bp,
 167                        eax, ebx, ecx, edx, si, di);
 168
 169                return ebx;
 170        }
 171
 172        /* HB port not available. Send the message 4 bytes at a time. */
 173        ecx = MESSAGE_STATUS_SUCCESS << 16;
 174        while (msg_len && (HIGH_WORD(ecx) & MESSAGE_STATUS_SUCCESS)) {
 175                unsigned int bytes = min_t(size_t, msg_len, 4);
 176                unsigned long word = 0;
 177
 178                memcpy(&word, msg, bytes);
 179                msg_len -= bytes;
 180                msg += bytes;
 181                si = channel->cookie_high;
 182                di = channel->cookie_low;
 183
 184                VMW_PORT(VMW_PORT_CMD_MSG | (MSG_TYPE_SENDPAYLOAD << 16),
 185                         word, si, di,
 186                         channel->channel_id << 16,
 187                         VMW_HYPERVISOR_MAGIC,
 188                         eax, ebx, ecx, edx, si, di);
 189        }
 190
 191        return ecx;
 192}
 193
 194/**
 195 * vmw_port_hb_in - Receive the message payload either through the
 196 * high-bandwidth port if available, or through the backdoor otherwise.
 197 * @channel: The rpc channel.
 198 * @reply: Pointer to buffer holding reply.
 199 * @reply_len: Length of the reply.
 200 * @hb: Whether the high-bandwidth port is available.
 201 *
 202 * Return: The port status.
 203 */
 204static unsigned long vmw_port_hb_in(struct rpc_channel *channel, char *reply,
 205                                    unsigned long reply_len, bool hb)
 206{
 207        unsigned long si, di, eax, ebx, ecx, edx;
 208
 209        /* HB port can't access encrypted memory */
 210        if (hb && !mem_encrypt_active()) {
 211                unsigned long bp = channel->cookie_low;
 212
 213                si = channel->cookie_high;
 214                di = (uintptr_t) reply;
 215
 216                VMW_PORT_HB_IN(
 217                        (MESSAGE_STATUS_SUCCESS << 16) | VMW_PORT_CMD_HB_MSG,
 218                        reply_len, si, di,
 219                        VMWARE_HYPERVISOR_HB | (channel->channel_id << 16),
 220                        VMW_HYPERVISOR_MAGIC, bp,
 221                        eax, ebx, ecx, edx, si, di);
 222
 223                return ebx;
 224        }
 225
 226        /* HB port not available. Retrieve the message 4 bytes at a time. */
 227        ecx = MESSAGE_STATUS_SUCCESS << 16;
 228        while (reply_len) {
 229                unsigned int bytes = min_t(unsigned long, reply_len, 4);
 230
 231                si = channel->cookie_high;
 232                di = channel->cookie_low;
 233
 234                VMW_PORT(VMW_PORT_CMD_MSG | (MSG_TYPE_RECVPAYLOAD << 16),
 235                         MESSAGE_STATUS_SUCCESS, si, di,
 236                         channel->channel_id << 16,
 237                         VMW_HYPERVISOR_MAGIC,
 238                         eax, ebx, ecx, edx, si, di);
 239
 240                if ((HIGH_WORD(ecx) & MESSAGE_STATUS_SUCCESS) == 0)
 241                        break;
 242
 243                memcpy(reply, &ebx, bytes);
 244                reply_len -= bytes;
 245                reply += bytes;
 246        }
 247
 248        return ecx;
 249}
 250
 251
 252/**
 253 * vmw_send_msg: Sends a message to the host
 254 *
 255 * @channel: RPC channel
 256 * @logmsg: NULL terminated string
 257 *
 258 * Returns: 0 on success
 259 */
 260static int vmw_send_msg(struct rpc_channel *channel, const char *msg)
 261{
 262        unsigned long eax, ebx, ecx, edx, si, di;
 263        size_t msg_len = strlen(msg);
 264        int retries = 0;
 265
 266        while (retries < RETRIES) {
 267                retries++;
 268
 269                /* Set up additional parameters */
 270                si  = channel->cookie_high;
 271                di  = channel->cookie_low;
 272
 273                VMW_PORT(VMW_PORT_CMD_SENDSIZE,
 274                        msg_len, si, di,
 275                        channel->channel_id << 16,
 276                        VMW_HYPERVISOR_MAGIC,
 277                        eax, ebx, ecx, edx, si, di);
 278
 279                if ((HIGH_WORD(ecx) & MESSAGE_STATUS_SUCCESS) == 0) {
 280                        /* Expected success. Give up. */
 281                        return -EINVAL;
 282                }
 283
 284                /* Send msg */
 285                ebx = vmw_port_hb_out(channel, msg,
 286                                      !!(HIGH_WORD(ecx) & MESSAGE_STATUS_HB));
 287
 288                if ((HIGH_WORD(ebx) & MESSAGE_STATUS_SUCCESS) != 0) {
 289                        return 0;
 290                } else if ((HIGH_WORD(ebx) & MESSAGE_STATUS_CPT) != 0) {
 291                        /* A checkpoint occurred. Retry. */
 292                        continue;
 293                } else {
 294                        break;
 295                }
 296        }
 297
 298        return -EINVAL;
 299}
 300STACK_FRAME_NON_STANDARD(vmw_send_msg);
 301
 302
 303/**
 304 * vmw_recv_msg: Receives a message from the host
 305 *
 306 * Note:  It is the caller's responsibility to call kfree() on msg.
 307 *
 308 * @channel:  channel opened by vmw_open_channel
 309 * @msg:  [OUT] message received from the host
 310 * @msg_len: message length
 311 */
 312static int vmw_recv_msg(struct rpc_channel *channel, void **msg,
 313                        size_t *msg_len)
 314{
 315        unsigned long eax, ebx, ecx, edx, si, di;
 316        char *reply;
 317        size_t reply_len;
 318        int retries = 0;
 319
 320
 321        *msg_len = 0;
 322        *msg = NULL;
 323
 324        while (retries < RETRIES) {
 325                retries++;
 326
 327                /* Set up additional parameters */
 328                si  = channel->cookie_high;
 329                di  = channel->cookie_low;
 330
 331                VMW_PORT(VMW_PORT_CMD_RECVSIZE,
 332                        0, si, di,
 333                        channel->channel_id << 16,
 334                        VMW_HYPERVISOR_MAGIC,
 335                        eax, ebx, ecx, edx, si, di);
 336
 337                if ((HIGH_WORD(ecx) & MESSAGE_STATUS_SUCCESS) == 0) {
 338                        DRM_ERROR("Failed to get reply size for host message.\n");
 339                        return -EINVAL;
 340                }
 341
 342                /* No reply available.  This is okay. */
 343                if ((HIGH_WORD(ecx) & MESSAGE_STATUS_DORECV) == 0)
 344                        return 0;
 345
 346                reply_len = ebx;
 347                reply     = kzalloc(reply_len + 1, GFP_KERNEL);
 348                if (!reply) {
 349                        DRM_ERROR("Cannot allocate memory for host message reply.\n");
 350                        return -ENOMEM;
 351                }
 352
 353
 354                /* Receive buffer */
 355                ebx = vmw_port_hb_in(channel, reply, reply_len,
 356                                     !!(HIGH_WORD(ecx) & MESSAGE_STATUS_HB));
 357                if ((HIGH_WORD(ebx) & MESSAGE_STATUS_SUCCESS) == 0) {
 358                        kfree(reply);
 359                        reply = NULL;
 360                        if ((HIGH_WORD(ebx) & MESSAGE_STATUS_CPT) != 0) {
 361                                /* A checkpoint occurred. Retry. */
 362                                continue;
 363                        }
 364
 365                        return -EINVAL;
 366                }
 367
 368                reply[reply_len] = '\0';
 369
 370
 371                /* Ack buffer */
 372                si  = channel->cookie_high;
 373                di  = channel->cookie_low;
 374
 375                VMW_PORT(VMW_PORT_CMD_RECVSTATUS,
 376                        MESSAGE_STATUS_SUCCESS, si, di,
 377                        channel->channel_id << 16,
 378                        VMW_HYPERVISOR_MAGIC,
 379                        eax, ebx, ecx, edx, si, di);
 380
 381                if ((HIGH_WORD(ecx) & MESSAGE_STATUS_SUCCESS) == 0) {
 382                        kfree(reply);
 383                        reply = NULL;
 384                        if ((HIGH_WORD(ecx) & MESSAGE_STATUS_CPT) != 0) {
 385                                /* A checkpoint occurred. Retry. */
 386                                continue;
 387                        }
 388
 389                        return -EINVAL;
 390                }
 391
 392                break;
 393        }
 394
 395        if (!reply)
 396                return -EINVAL;
 397
 398        *msg_len = reply_len;
 399        *msg     = reply;
 400
 401        return 0;
 402}
 403STACK_FRAME_NON_STANDARD(vmw_recv_msg);
 404
 405
 406/**
 407 * vmw_host_get_guestinfo: Gets a GuestInfo parameter
 408 *
 409 * Gets the value of a  GuestInfo.* parameter.  The value returned will be in
 410 * a string, and it is up to the caller to post-process.
 411 *
 412 * @guest_info_param:  Parameter to get, e.g. GuestInfo.svga.gl3
 413 * @buffer: if NULL, *reply_len will contain reply size.
 414 * @length: size of the reply_buf.  Set to size of reply upon return
 415 *
 416 * Returns: 0 on success
 417 */
 418int vmw_host_get_guestinfo(const char *guest_info_param,
 419                           char *buffer, size_t *length)
 420{
 421        struct rpc_channel channel;
 422        char *msg, *reply = NULL;
 423        size_t reply_len = 0;
 424
 425        if (!vmw_msg_enabled)
 426                return -ENODEV;
 427
 428        if (!guest_info_param || !length)
 429                return -EINVAL;
 430
 431        msg = kasprintf(GFP_KERNEL, "info-get %s", guest_info_param);
 432        if (!msg) {
 433                DRM_ERROR("Cannot allocate memory to get guest info \"%s\".",
 434                          guest_info_param);
 435                return -ENOMEM;
 436        }
 437
 438        if (vmw_open_channel(&channel, RPCI_PROTOCOL_NUM))
 439                goto out_open;
 440
 441        if (vmw_send_msg(&channel, msg) ||
 442            vmw_recv_msg(&channel, (void *) &reply, &reply_len))
 443                goto out_msg;
 444
 445        vmw_close_channel(&channel);
 446        if (buffer && reply && reply_len > 0) {
 447                /* Remove reply code, which are the first 2 characters of
 448                 * the reply
 449                 */
 450                reply_len = max(reply_len - 2, (size_t) 0);
 451                reply_len = min(reply_len, *length);
 452
 453                if (reply_len > 0)
 454                        memcpy(buffer, reply + 2, reply_len);
 455        }
 456
 457        *length = reply_len;
 458
 459        kfree(reply);
 460        kfree(msg);
 461
 462        return 0;
 463
 464out_msg:
 465        vmw_close_channel(&channel);
 466        kfree(reply);
 467out_open:
 468        *length = 0;
 469        kfree(msg);
 470        DRM_ERROR("Failed to get guest info \"%s\".", guest_info_param);
 471
 472        return -EINVAL;
 473}
 474
 475
 476
 477/**
 478 * vmw_host_log: Sends a log message to the host
 479 *
 480 * @log: NULL terminated string
 481 *
 482 * Returns: 0 on success
 483 */
 484int vmw_host_log(const char *log)
 485{
 486        struct rpc_channel channel;
 487        char *msg;
 488        int ret = 0;
 489
 490
 491        if (!vmw_msg_enabled)
 492                return -ENODEV;
 493
 494        if (!log)
 495                return ret;
 496
 497        msg = kasprintf(GFP_KERNEL, "log %s", log);
 498        if (!msg) {
 499                DRM_ERROR("Cannot allocate memory for host log message.\n");
 500                return -ENOMEM;
 501        }
 502
 503        if (vmw_open_channel(&channel, RPCI_PROTOCOL_NUM))
 504                goto out_open;
 505
 506        if (vmw_send_msg(&channel, msg))
 507                goto out_msg;
 508
 509        vmw_close_channel(&channel);
 510        kfree(msg);
 511
 512        return 0;
 513
 514out_msg:
 515        vmw_close_channel(&channel);
 516out_open:
 517        kfree(msg);
 518        DRM_ERROR("Failed to send host log message.\n");
 519
 520        return -EINVAL;
 521}
 522
 523
 524/**
 525 * vmw_msg_ioctl: Sends and receveives a message to/from host from/to user-space
 526 *
 527 * Sends a message from user-space to host.
 528 * Can also receive a result from host and return that to user-space.
 529 *
 530 * @dev: Identifies the drm device.
 531 * @data: Pointer to the ioctl argument.
 532 * @file_priv: Identifies the caller.
 533 * Return: Zero on success, negative error code on error.
 534 */
 535
 536int vmw_msg_ioctl(struct drm_device *dev, void *data,
 537                  struct drm_file *file_priv)
 538{
 539        struct drm_vmw_msg_arg *arg =
 540                (struct drm_vmw_msg_arg *) data;
 541        struct rpc_channel channel;
 542        char *msg;
 543        int length;
 544
 545        msg = kmalloc(MAX_USER_MSG_LENGTH, GFP_KERNEL);
 546        if (!msg) {
 547                DRM_ERROR("Cannot allocate memory for log message.\n");
 548                return -ENOMEM;
 549        }
 550
 551        length = strncpy_from_user(msg, (void __user *)((unsigned long)arg->send),
 552                                   MAX_USER_MSG_LENGTH);
 553        if (length < 0 || length >= MAX_USER_MSG_LENGTH) {
 554                DRM_ERROR("Userspace message access failure.\n");
 555                kfree(msg);
 556                return -EINVAL;
 557        }
 558
 559
 560        if (vmw_open_channel(&channel, RPCI_PROTOCOL_NUM)) {
 561                DRM_ERROR("Failed to open channel.\n");
 562                goto out_open;
 563        }
 564
 565        if (vmw_send_msg(&channel, msg)) {
 566                DRM_ERROR("Failed to send message to host.\n");
 567                goto out_msg;
 568        }
 569
 570        if (!arg->send_only) {
 571                char *reply = NULL;
 572                size_t reply_len = 0;
 573
 574                if (vmw_recv_msg(&channel, (void *) &reply, &reply_len)) {
 575                        DRM_ERROR("Failed to receive message from host.\n");
 576                        goto out_msg;
 577                }
 578                if (reply && reply_len > 0) {
 579                        if (copy_to_user((void __user *)((unsigned long)arg->receive),
 580                                                         reply, reply_len)) {
 581                                DRM_ERROR("Failed to copy message to userspace.\n");
 582                                kfree(reply);
 583                                goto out_msg;
 584                        }
 585                        arg->receive_len = (__u32)reply_len;
 586                }
 587                kfree(reply);
 588        }
 589
 590        vmw_close_channel(&channel);
 591        kfree(msg);
 592
 593        return 0;
 594
 595out_msg:
 596        vmw_close_channel(&channel);
 597out_open:
 598        kfree(msg);
 599
 600        return -EINVAL;
 601}
 602
 603