6 files changed, 10 insertions, 215 deletions

diff --git a/arch/x86/include/asm/lguest_hcall.h b/arch/x86/include/asm/lguest_hcall.h
index 879fd7d33877..ef01fef3eebc 100644
--- a/arch/x86/include/asm/lguest_hcall.h
+++ b/arch/x86/include/asm/lguest_hcall.h
@@ -16,7 +16,6 @@
 #define LHCALL_SET_PTE          14
 #define LHCALL_SET_PGD          15
 #define LHCALL_LOAD_TLS         16
-#define LHCALL_NOTIFY           17
 #define LHCALL_LOAD_GDT_ENTRY   18
 #define LHCALL_SEND_INTERRUPTS  19
 
diff --git a/drivers/lguest/core.c b/drivers/lguest/core.c
index 9159dbc583f6..7dc93aa004c8 100644
--- a/drivers/lguest/core.c
+++ b/drivers/lguest/core.c
@@ -225,22 +225,12 @@ int run_guest(struct lg_cpu *cpu, unsigned long __user *user)
                 if (cpu->hcall)
                         do_hypercalls(cpu);
 
-                /*
-                 * It's possible the Guest did a NOTIFY hypercall to the
-                 * Launcher.
-                 */
+                /* Do we have to tell the Launcher about a trap? */
                 if (cpu->pending.trap) {
-                        /*
-                         * Does it just needs to write to a registered
-                         * eventfd (ie. the appropriate virtqueue thread)?
-                         */
-                        if (!send_notify_to_eventfd(cpu)) {
-                                /* OK, we tell the main Launcher. */
-                                if (copy_to_user(user, &cpu->pending,
-                                                 sizeof(cpu->pending)))
-                                        return -EFAULT;
-                                return sizeof(cpu->pending);
-                        }
+                        if (copy_to_user(user, &cpu->pending,
+                                         sizeof(cpu->pending)))
+                                return -EFAULT;
+                        return sizeof(cpu->pending);
                 }
 
                 /*
diff --git a/drivers/lguest/hypercalls.c b/drivers/lguest/hypercalls.c
index 5dd1fb8a6610..1219af493c0f 100644
--- a/drivers/lguest/hypercalls.c
+++ b/drivers/lguest/hypercalls.c
@@ -117,10 +117,6 @@ static void do_hcall(struct lg_cpu *cpu, struct hcall_args *args)
                 /* Similarly, this sets the halted flag for run_guest(). */
                 cpu->halted = 1;
                 break;
-        case LHCALL_NOTIFY:
-                cpu->pending.trap = LGUEST_TRAP_ENTRY;
-                cpu->pending.addr = args->arg1;
-                break;
         default:
                 /* It should be an architecture-specific hypercall. */
                 if (lguest_arch_do_hcall(cpu, args))
diff --git a/drivers/lguest/lg.h b/drivers/lguest/lg.h
index eb81abc05995..307e8b39e7d1 100644
--- a/drivers/lguest/lg.h
+++ b/drivers/lguest/lg.h
@@ -81,16 +81,6 @@ struct lg_cpu {
         struct lg_cpu_arch arch;
 };
 
-struct lg_eventfd {
-        unsigned long addr;
-        struct eventfd_ctx *event;
-};
-
-struct lg_eventfd_map {
-        unsigned int num;
-        struct lg_eventfd map[];
-};
-
 /* The private info the thread maintains about the guest. */
 struct lguest {
         struct lguest_data __user *lguest_data;
@@ -117,8 +107,6 @@ struct lguest {
         unsigned int stack_pages;
         u32 tsc_khz;
 
-        struct lg_eventfd_map *eventfds;
-
         /* Dead? */
         const char *dead;
 };
diff --git a/drivers/lguest/lguest_user.c b/drivers/lguest/lguest_user.c
index c8b0e8575b44..c4c6113eb9a6 100644
--- a/drivers/lguest/lguest_user.c
+++ b/drivers/lguest/lguest_user.c
@@ -2,182 +2,20 @@
  * launcher controls and communicates with the Guest.  For example,
  * the first write will tell us the Guest's memory layout and entry
  * point.  A read will run the Guest until something happens, such as
- * a signal or the Guest doing a NOTIFY out to the Launcher.  There is
- * also a way for the Launcher to attach eventfds to particular NOTIFY
- * values instead of returning from the read() call.
+ * a signal or the Guest accessing a device.
 :*/
 #include <linux/uaccess.h>
 #include <linux/miscdevice.h>
 #include <linux/fs.h>
 #include <linux/sched.h>
-#include <linux/eventfd.h>
 #include <linux/file.h>
 #include <linux/slab.h>
 #include <linux/export.h>
 #include "lg.h"
 
-/*L:056
- * Before we move on, let's jump ahead and look at what the kernel does when
- * it needs to look up the eventfds.  That will complete our picture of how we
- * use RCU.
- *
- * The notification value is in cpu->pending_notify: we return true if it went
- * to an eventfd.
- */
-bool send_notify_to_eventfd(struct lg_cpu *cpu)
-{
-        unsigned int i;
-        struct lg_eventfd_map *map;
-
-        /* We only connect LHCALL_NOTIFY to event fds, not other traps. */
-        if (cpu->pending.trap != LGUEST_TRAP_ENTRY)
-                return false;
-
-        /*
-         * This "rcu_read_lock()" helps track when someone is still looking at
-         * the (RCU-using) eventfds array.  It's not actually a lock at all;
-         * indeed it's a noop in many configurations.  (You didn't expect me to
-         * explain all the RCU secrets here, did you?)
-         */
-        rcu_read_lock();
-        /*
-         * rcu_dereference is the counter-side of rcu_assign_pointer(); it
-         * makes sure we don't access the memory pointed to by
-         * cpu->lg->eventfds before cpu->lg->eventfds is set.  Sounds crazy,
-         * but Alpha allows this!  Paul McKenney points out that a really
-         * aggressive compiler could have the same effect:
-         *   http://lists.ozlabs.org/pipermail/lguest/2009-July/001560.html
-         *
-         * So play safe, use rcu_dereference to get the rcu-protected pointer:
-         */
-        map = rcu_dereference(cpu->lg->eventfds);
-        /*
-         * Simple array search: even if they add an eventfd while we do this,
-         * we'll continue to use the old array and just won't see the new one.
-         */
-        for (i = 0; i < map->num; i++) {
-                if (map->map[i].addr == cpu->pending.addr) {
-                        eventfd_signal(map->map[i].event, 1);
-                        cpu->pending.trap = 0;
-                        break;
-                }
-        }
-        /* We're done with the rcu-protected variable cpu->lg->eventfds. */
-        rcu_read_unlock();
-
-        /* If we cleared the notification, it's because we found a match. */
-        return cpu->pending.trap == 0;
-}
-
-/*L:055
- * One of the more tricksy tricks in the Linux Kernel is a technique called
- * Read Copy Update.  Since one point of lguest is to teach lguest journeyers
- * about kernel coding, I use it here.  (In case you're curious, other purposes
- * include learning about virtualization and instilling a deep appreciation for
- * simplicity and puppies).
- *
- * We keep a simple array which maps LHCALL_NOTIFY values to eventfds, but we
- * add new eventfds without ever blocking readers from accessing the array.
- * The current Launcher only does this during boot, so that never happens.  But
- * Read Copy Update is cool, and adding a lock risks damaging even more puppies
- * than this code does.
- *
- * We allocate a brand new one-larger array, copy the old one and add our new
- * element.  Then we make the lg eventfd pointer point to the new array.
- * That's the easy part: now we need to free the old one, but we need to make
- * sure no slow CPU somewhere is still looking at it.  That's what
- * synchronize_rcu does for us: waits until every CPU has indicated that it has
- * moved on to know it's no longer using the old one.
- *
- * If that's unclear, see http://en.wikipedia.org/wiki/Read-copy-update.
- */
-static int add_eventfd(struct lguest *lg, unsigned long addr, int fd)
-{
-        struct lg_eventfd_map *new, *old = lg->eventfds;
-
-        /*
-         * We don't allow notifications on value 0 anyway (pending_notify of
-         * 0 means "nothing pending").
-         */
-        if (!addr)
-                return -EINVAL;
-
-        /*
-         * Replace the old array with the new one, carefully: others can
-         * be accessing it at the same time.
-         */
-        new = kmalloc(sizeof(*new) + sizeof(new->map[0]) * (old->num + 1),
-                      GFP_KERNEL);
-        if (!new)
-                return -ENOMEM;
-
-        /* First make identical copy. */
-        memcpy(new->map, old->map, sizeof(old->map[0]) * old->num);
-        new->num = old->num;
-
-        /* Now append new entry. */
-        new->map[new->num].addr = addr;
-        new->map[new->num].event = eventfd_ctx_fdget(fd);
-        if (IS_ERR(new->map[new->num].event)) {
-                int err =  PTR_ERR(new->map[new->num].event);
-                kfree(new);
-                return err;
-        }
-        new->num++;
-
-        /*
-         * Now put new one in place: rcu_assign_pointer() is a fancy way of
-         * doing "lg->eventfds = new", but it uses memory barriers to make
-         * absolutely sure that the contents of "new" written above is nailed
-         * down before we actually do the assignment.
-         *
-         * We have to think about these kinds of things when we're operating on
-         * live data without locks.
-         */
-        rcu_assign_pointer(lg->eventfds, new);
-
-        /*
-         * We're not in a big hurry.  Wait until no one's looking at old
-         * version, then free it.
-         */
-        synchronize_rcu();
-        kfree(old);
-
-        return 0;
-}
-
 /*L:052
- * Receiving notifications from the Guest is usually done by attaching a
- * particular LHCALL_NOTIFY value to an event filedescriptor.  The eventfd will
- * become readable when the Guest does an LHCALL_NOTIFY with that value.
- *
- * This is really convenient for processing each virtqueue in a separate
- * thread.
- */
-static int attach_eventfd(struct lguest *lg, const unsigned long __user *input)
-{
-        unsigned long addr, fd;
-        int err;
-
-        if (get_user(addr, input) != 0)
-                return -EFAULT;
-        input++;
-        if (get_user(fd, input) != 0)
-                return -EFAULT;
-
-        /*
-         * Just make sure two callers don't add eventfds at once.  We really
-         * only need to lock against callers adding to the same Guest, so using
-         * the Big Lguest Lock is overkill.  But this is setup, not a fast path.
-         */
-        mutex_lock(&lguest_lock);
-        err = add_eventfd(lg, addr, fd);
-        mutex_unlock(&lguest_lock);
-
-        return err;
-}
-
-/* The Launcher can get the registers, and also set some of them. */
+  The Launcher can get the registers, and also set some of them.
+*/
 static int getreg_setup(struct lg_cpu *cpu, const unsigned long __user *input)
 {
         unsigned long which;
@@ -409,13 +247,6 @@ static int initialize(struct file *file, const unsigned long __user *input)
                 goto unlock;
         }
 
-        lg->eventfds = kmalloc(sizeof(*lg->eventfds), GFP_KERNEL);
-        if (!lg->eventfds) {
-                err = -ENOMEM;
-                goto free_lg;
-        }
-        lg->eventfds->num = 0;
-
         /* Populate the easy fields of our "struct lguest" */
         lg->mem_base = (void __user *)args[0];
         lg->pfn_limit = args[1];
@@ -424,7 +255,7 @@ static int initialize(struct file *file, const unsigned long __user *input)
         /* This is the first cpu (cpu 0) and it will start booting at args[2] */
         err = lg_cpu_start(&lg->cpus[0], 0, args[2]);
         if (err)
-                goto free_eventfds;
+                goto free_lg;
 
         /*
          * Initialize the Guest's shadow page tables.  This allocates
@@ -445,8 +276,6 @@ static int initialize(struct file *file, const unsigned long __user *input)
 free_regs:
         /* FIXME: This should be in free_vcpu */
         free_page(lg->cpus[0].regs_page);
-free_eventfds:
-        kfree(lg->eventfds);
 free_lg:
         kfree(lg);
 unlock:
@@ -499,8 +328,6 @@ static ssize_t write(struct file *file, const char __user *in,
                 return initialize(file, input);
         case LHREQ_IRQ:
                 return user_send_irq(cpu, input);
-        case LHREQ_EVENTFD:
-                return attach_eventfd(lg, input);
         case LHREQ_GETREG:
                 return getreg_setup(cpu, input);
         case LHREQ_SETREG:
@@ -551,11 +378,6 @@ static int close(struct inode *inode, struct file *file)
                 mmput(lg->cpus[i].mm);
         }
 
-        /* Release any eventfds they registered. */
-        for (i = 0; i < lg->eventfds->num; i++)
-                eventfd_ctx_put(lg->eventfds->map[i].event);
-        kfree(lg->eventfds);
-
         /*
          * If lg->dead doesn't contain an error code it will be NULL or a
          * kmalloc()ed string, either of which is ok to hand to kfree().
diff --git a/include/linux/lguest_launcher.h b/include/linux/lguest_launcher.h
index 677cde735d4b..acd5b12565cc 100644
--- a/include/linux/lguest_launcher.h
+++ b/include/linux/lguest_launcher.h
@@ -23,7 +23,7 @@ enum lguest_req
         LHREQ_GETDMA, /* No longer used */
         LHREQ_IRQ, /* + irq */
         LHREQ_BREAK, /* No longer used */
-        LHREQ_EVENTFD, /* + address, fd. */
+        LHREQ_EVENTFD, /* No longer used. */
         LHREQ_GETREG, /* + offset within struct pt_regs (then read value). */
         LHREQ_SETREG, /* + offset within struct pt_regs, value. */
         LHREQ_TRAP, /* + trap number to deliver to guest. */