aboutsummaryrefslogtreecommitdiffstats
path: root/drivers/lguest/core.c
diff options
context:
space:
mode:
Diffstat (limited to 'drivers/lguest/core.c')
-rw-r--r--drivers/lguest/core.c114
1 files changed, 75 insertions, 39 deletions
diff --git a/drivers/lguest/core.c b/drivers/lguest/core.c
index a6974e9b8ebf..cd058bc903ff 100644
--- a/drivers/lguest/core.c
+++ b/drivers/lguest/core.c
@@ -1,6 +1,8 @@
1/*P:400 This contains run_guest() which actually calls into the Host<->Guest 1/*P:400
2 * This contains run_guest() which actually calls into the Host<->Guest
2 * Switcher and analyzes the return, such as determining if the Guest wants the 3 * Switcher and analyzes the return, such as determining if the Guest wants the
3 * Host to do something. This file also contains useful helper routines. :*/ 4 * Host to do something. This file also contains useful helper routines.
5:*/
4#include <linux/module.h> 6#include <linux/module.h>
5#include <linux/stringify.h> 7#include <linux/stringify.h>
6#include <linux/stddef.h> 8#include <linux/stddef.h>
@@ -24,7 +26,8 @@ static struct page **switcher_page;
24/* This One Big lock protects all inter-guest data structures. */ 26/* This One Big lock protects all inter-guest data structures. */
25DEFINE_MUTEX(lguest_lock); 27DEFINE_MUTEX(lguest_lock);
26 28
27/*H:010 We need to set up the Switcher at a high virtual address. Remember the 29/*H:010
30 * We need to set up the Switcher at a high virtual address. Remember the
28 * Switcher is a few hundred bytes of assembler code which actually changes the 31 * Switcher is a few hundred bytes of assembler code which actually changes the
29 * CPU to run the Guest, and then changes back to the Host when a trap or 32 * CPU to run the Guest, and then changes back to the Host when a trap or
30 * interrupt happens. 33 * interrupt happens.
@@ -33,7 +36,8 @@ DEFINE_MUTEX(lguest_lock);
33 * Host since it will be running as the switchover occurs. 36 * Host since it will be running as the switchover occurs.
34 * 37 *
35 * Trying to map memory at a particular address is an unusual thing to do, so 38 * Trying to map memory at a particular address is an unusual thing to do, so
36 * it's not a simple one-liner. */ 39 * it's not a simple one-liner.
40 */
37static __init int map_switcher(void) 41static __init int map_switcher(void)
38{ 42{
39 int i, err; 43 int i, err;
@@ -47,8 +51,10 @@ static __init int map_switcher(void)
47 * easy. 51 * easy.
48 */ 52 */
49 53
50 /* We allocate an array of struct page pointers. map_vm_area() wants 54 /*
51 * this, rather than just an array of pages. */ 55 * We allocate an array of struct page pointers. map_vm_area() wants
56 * this, rather than just an array of pages.
57 */
52 switcher_page = kmalloc(sizeof(switcher_page[0])*TOTAL_SWITCHER_PAGES, 58 switcher_page = kmalloc(sizeof(switcher_page[0])*TOTAL_SWITCHER_PAGES,
53 GFP_KERNEL); 59 GFP_KERNEL);
54 if (!switcher_page) { 60 if (!switcher_page) {
@@ -56,8 +62,10 @@ static __init int map_switcher(void)
56 goto out; 62 goto out;
57 } 63 }
58 64
59 /* Now we actually allocate the pages. The Guest will see these pages, 65 /*
60 * so we make sure they're zeroed. */ 66 * Now we actually allocate the pages. The Guest will see these pages,
67 * so we make sure they're zeroed.
68 */
61 for (i = 0; i < TOTAL_SWITCHER_PAGES; i++) { 69 for (i = 0; i < TOTAL_SWITCHER_PAGES; i++) {
62 unsigned long addr = get_zeroed_page(GFP_KERNEL); 70 unsigned long addr = get_zeroed_page(GFP_KERNEL);
63 if (!addr) { 71 if (!addr) {
@@ -67,19 +75,23 @@ static __init int map_switcher(void)
67 switcher_page[i] = virt_to_page(addr); 75 switcher_page[i] = virt_to_page(addr);
68 } 76 }
69 77
70 /* First we check that the Switcher won't overlap the fixmap area at 78 /*
79 * First we check that the Switcher won't overlap the fixmap area at
71 * the top of memory. It's currently nowhere near, but it could have 80 * the top of memory. It's currently nowhere near, but it could have
72 * very strange effects if it ever happened. */ 81 * very strange effects if it ever happened.
82 */
73 if (SWITCHER_ADDR + (TOTAL_SWITCHER_PAGES+1)*PAGE_SIZE > FIXADDR_START){ 83 if (SWITCHER_ADDR + (TOTAL_SWITCHER_PAGES+1)*PAGE_SIZE > FIXADDR_START){
74 err = -ENOMEM; 84 err = -ENOMEM;
75 printk("lguest: mapping switcher would thwack fixmap\n"); 85 printk("lguest: mapping switcher would thwack fixmap\n");
76 goto free_pages; 86 goto free_pages;
77 } 87 }
78 88
79 /* Now we reserve the "virtual memory area" we want: 0xFFC00000 89 /*
90 * Now we reserve the "virtual memory area" we want: 0xFFC00000
80 * (SWITCHER_ADDR). We might not get it in theory, but in practice 91 * (SWITCHER_ADDR). We might not get it in theory, but in practice
81 * it's worked so far. The end address needs +1 because __get_vm_area 92 * it's worked so far. The end address needs +1 because __get_vm_area
82 * allocates an extra guard page, so we need space for that. */ 93 * allocates an extra guard page, so we need space for that.
94 */
83 switcher_vma = __get_vm_area(TOTAL_SWITCHER_PAGES * PAGE_SIZE, 95 switcher_vma = __get_vm_area(TOTAL_SWITCHER_PAGES * PAGE_SIZE,
84 VM_ALLOC, SWITCHER_ADDR, SWITCHER_ADDR 96 VM_ALLOC, SWITCHER_ADDR, SWITCHER_ADDR
85 + (TOTAL_SWITCHER_PAGES+1) * PAGE_SIZE); 97 + (TOTAL_SWITCHER_PAGES+1) * PAGE_SIZE);
@@ -89,11 +101,13 @@ static __init int map_switcher(void)
89 goto free_pages; 101 goto free_pages;
90 } 102 }
91 103
92 /* This code actually sets up the pages we've allocated to appear at 104 /*
105 * This code actually sets up the pages we've allocated to appear at
93 * SWITCHER_ADDR. map_vm_area() takes the vma we allocated above, the 106 * SWITCHER_ADDR. map_vm_area() takes the vma we allocated above, the
94 * kind of pages we're mapping (kernel pages), and a pointer to our 107 * kind of pages we're mapping (kernel pages), and a pointer to our
95 * array of struct pages. It increments that pointer, but we don't 108 * array of struct pages. It increments that pointer, but we don't
96 * care. */ 109 * care.
110 */
97 pagep = switcher_page; 111 pagep = switcher_page;
98 err = map_vm_area(switcher_vma, PAGE_KERNEL_EXEC, &pagep); 112 err = map_vm_area(switcher_vma, PAGE_KERNEL_EXEC, &pagep);
99 if (err) { 113 if (err) {
@@ -101,8 +115,10 @@ static __init int map_switcher(void)
101 goto free_vma; 115 goto free_vma;
102 } 116 }
103 117
104 /* Now the Switcher is mapped at the right address, we can't fail! 118 /*
105 * Copy in the compiled-in Switcher code (from <arch>_switcher.S). */ 119 * Now the Switcher is mapped at the right address, we can't fail!
120 * Copy in the compiled-in Switcher code (from <arch>_switcher.S).
121 */
106 memcpy(switcher_vma->addr, start_switcher_text, 122 memcpy(switcher_vma->addr, start_switcher_text,
107 end_switcher_text - start_switcher_text); 123 end_switcher_text - start_switcher_text);
108 124
@@ -124,8 +140,7 @@ out:
124} 140}
125/*:*/ 141/*:*/
126 142
127/* Cleaning up the mapping when the module is unloaded is almost... 143/* Cleaning up the mapping when the module is unloaded is almost... too easy. */
128 * too easy. */
129static void unmap_switcher(void) 144static void unmap_switcher(void)
130{ 145{
131 unsigned int i; 146 unsigned int i;
@@ -151,16 +166,19 @@ static void unmap_switcher(void)
151 * But we can't trust the Guest: it might be trying to access the Launcher 166 * But we can't trust the Guest: it might be trying to access the Launcher
152 * code. We have to check that the range is below the pfn_limit the Launcher 167 * code. We have to check that the range is below the pfn_limit the Launcher
153 * gave us. We have to make sure that addr + len doesn't give us a false 168 * gave us. We have to make sure that addr + len doesn't give us a false
154 * positive by overflowing, too. */ 169 * positive by overflowing, too.
170 */
155bool lguest_address_ok(const struct lguest *lg, 171bool lguest_address_ok(const struct lguest *lg,
156 unsigned long addr, unsigned long len) 172 unsigned long addr, unsigned long len)
157{ 173{
158 return (addr+len) / PAGE_SIZE < lg->pfn_limit && (addr+len >= addr); 174 return (addr+len) / PAGE_SIZE < lg->pfn_limit && (addr+len >= addr);
159} 175}
160 176
161/* This routine copies memory from the Guest. Here we can see how useful the 177/*
178 * This routine copies memory from the Guest. Here we can see how useful the
162 * kill_lguest() routine we met in the Launcher can be: we return a random 179 * kill_lguest() routine we met in the Launcher can be: we return a random
163 * value (all zeroes) instead of needing to return an error. */ 180 * value (all zeroes) instead of needing to return an error.
181 */
164void __lgread(struct lg_cpu *cpu, void *b, unsigned long addr, unsigned bytes) 182void __lgread(struct lg_cpu *cpu, void *b, unsigned long addr, unsigned bytes)
165{ 183{
166 if (!lguest_address_ok(cpu->lg, addr, bytes) 184 if (!lguest_address_ok(cpu->lg, addr, bytes)
@@ -181,9 +199,11 @@ void __lgwrite(struct lg_cpu *cpu, unsigned long addr, const void *b,
181} 199}
182/*:*/ 200/*:*/
183 201
184/*H:030 Let's jump straight to the the main loop which runs the Guest. 202/*H:030
203 * Let's jump straight to the the main loop which runs the Guest.
185 * Remember, this is called by the Launcher reading /dev/lguest, and we keep 204 * Remember, this is called by the Launcher reading /dev/lguest, and we keep
186 * going around and around until something interesting happens. */ 205 * going around and around until something interesting happens.
206 */
187int run_guest(struct lg_cpu *cpu, unsigned long __user *user) 207int run_guest(struct lg_cpu *cpu, unsigned long __user *user)
188{ 208{
189 /* We stop running once the Guest is dead. */ 209 /* We stop running once the Guest is dead. */
@@ -195,8 +215,10 @@ int run_guest(struct lg_cpu *cpu, unsigned long __user *user)
195 if (cpu->hcall) 215 if (cpu->hcall)
196 do_hypercalls(cpu); 216 do_hypercalls(cpu);
197 217
198 /* It's possible the Guest did a NOTIFY hypercall to the 218 /*
199 * Launcher, in which case we return from the read() now. */ 219 * It's possible the Guest did a NOTIFY hypercall to the
220 * Launcher, in which case we return from the read() now.
221 */
200 if (cpu->pending_notify) { 222 if (cpu->pending_notify) {
201 if (!send_notify_to_eventfd(cpu)) { 223 if (!send_notify_to_eventfd(cpu)) {
202 if (put_user(cpu->pending_notify, user)) 224 if (put_user(cpu->pending_notify, user))
@@ -209,29 +231,39 @@ int run_guest(struct lg_cpu *cpu, unsigned long __user *user)
209 if (signal_pending(current)) 231 if (signal_pending(current))
210 return -ERESTARTSYS; 232 return -ERESTARTSYS;
211 233
212 /* Check if there are any interrupts which can be delivered now: 234 /*
235 * Check if there are any interrupts which can be delivered now:
213 * if so, this sets up the hander to be executed when we next 236 * if so, this sets up the hander to be executed when we next
214 * run the Guest. */ 237 * run the Guest.
238 */
215 irq = interrupt_pending(cpu, &more); 239 irq = interrupt_pending(cpu, &more);
216 if (irq < LGUEST_IRQS) 240 if (irq < LGUEST_IRQS)
217 try_deliver_interrupt(cpu, irq, more); 241 try_deliver_interrupt(cpu, irq, more);
218 242
219 /* All long-lived kernel loops need to check with this horrible 243 /*
244 * All long-lived kernel loops need to check with this horrible
220 * thing called the freezer. If the Host is trying to suspend, 245 * thing called the freezer. If the Host is trying to suspend,
221 * it stops us. */ 246 * it stops us.
247 */
222 try_to_freeze(); 248 try_to_freeze();
223 249
224 /* Just make absolutely sure the Guest is still alive. One of 250 /*
225 * those hypercalls could have been fatal, for example. */ 251 * Just make absolutely sure the Guest is still alive. One of
252 * those hypercalls could have been fatal, for example.
253 */
226 if (cpu->lg->dead) 254 if (cpu->lg->dead)
227 break; 255 break;
228 256
229 /* If the Guest asked to be stopped, we sleep. The Guest's 257 /*
230 * clock timer will wake us. */ 258 * If the Guest asked to be stopped, we sleep. The Guest's
259 * clock timer will wake us.
260 */
231 if (cpu->halted) { 261 if (cpu->halted) {
232 set_current_state(TASK_INTERRUPTIBLE); 262 set_current_state(TASK_INTERRUPTIBLE);
233 /* Just before we sleep, make sure no interrupt snuck in 263 /*
234 * which we should be doing. */ 264 * Just before we sleep, make sure no interrupt snuck in
265 * which we should be doing.
266 */
235 if (interrupt_pending(cpu, &more) < LGUEST_IRQS) 267 if (interrupt_pending(cpu, &more) < LGUEST_IRQS)
236 set_current_state(TASK_RUNNING); 268 set_current_state(TASK_RUNNING);
237 else 269 else
@@ -239,8 +271,10 @@ int run_guest(struct lg_cpu *cpu, unsigned long __user *user)
239 continue; 271 continue;
240 } 272 }
241 273
242 /* OK, now we're ready to jump into the Guest. First we put up 274 /*
243 * the "Do Not Disturb" sign: */ 275 * OK, now we're ready to jump into the Guest. First we put up
276 * the "Do Not Disturb" sign:
277 */
244 local_irq_disable(); 278 local_irq_disable();
245 279
246 /* Actually run the Guest until something happens. */ 280 /* Actually run the Guest until something happens. */
@@ -327,8 +361,10 @@ static void __exit fini(void)
327} 361}
328/*:*/ 362/*:*/
329 363
330/* The Host side of lguest can be a module. This is a nice way for people to 364/*
331 * play with it. */ 365 * The Host side of lguest can be a module. This is a nice way for people to
366 * play with it.
367 */
332module_init(init); 368module_init(init);
333module_exit(fini); 369module_exit(fini);
334MODULE_LICENSE("GPL"); 370MODULE_LICENSE("GPL");
generated by cgit v1.2.2 (git 2.25.0) at 2024-11-11 16:04:04 -0500