bridge: fix a possible use after free
[linux-2.6/linux-acpi-2.6/ibm-acpi-2.6.git] / drivers / pci / xen-pcifront.c
blob6fa215a38615df05fa40549ce9354daaf7c0ce67
1 /*
2 * Xen PCI Frontend.
4 * Author: Ryan Wilson <hap9@epoch.ncsc.mil>
5 */
6 #include <linux/module.h>
7 #include <linux/init.h>
8 #include <linux/mm.h>
9 #include <xen/xenbus.h>
10 #include <xen/events.h>
11 #include <xen/grant_table.h>
12 #include <xen/page.h>
13 #include <linux/spinlock.h>
14 #include <linux/pci.h>
15 #include <linux/msi.h>
16 #include <xen/interface/io/pciif.h>
17 #include <asm/xen/pci.h>
18 #include <linux/interrupt.h>
19 #include <linux/atomic.h>
20 #include <linux/workqueue.h>
21 #include <linux/bitops.h>
22 #include <linux/time.h>
24 #define INVALID_GRANT_REF (0)
25 #define INVALID_EVTCHN (-1)
27 struct pci_bus_entry {
28 struct list_head list;
29 struct pci_bus *bus;
32 #define _PDEVB_op_active (0)
33 #define PDEVB_op_active (1 << (_PDEVB_op_active))
35 struct pcifront_device {
36 struct xenbus_device *xdev;
37 struct list_head root_buses;
39 int evtchn;
40 int gnt_ref;
42 int irq;
44 /* Lock this when doing any operations in sh_info */
45 spinlock_t sh_info_lock;
46 struct xen_pci_sharedinfo *sh_info;
47 struct work_struct op_work;
48 unsigned long flags;
52 struct pcifront_sd {
53 int domain;
54 struct pcifront_device *pdev;
57 static inline struct pcifront_device *
58 pcifront_get_pdev(struct pcifront_sd *sd)
60 return sd->pdev;
63 static inline void pcifront_init_sd(struct pcifront_sd *sd,
64 unsigned int domain, unsigned int bus,
65 struct pcifront_device *pdev)
67 sd->domain = domain;
68 sd->pdev = pdev;
71 static DEFINE_SPINLOCK(pcifront_dev_lock);
72 static struct pcifront_device *pcifront_dev;
74 static int verbose_request;
75 module_param(verbose_request, int, 0644);
77 static int errno_to_pcibios_err(int errno)
79 switch (errno) {
80 case XEN_PCI_ERR_success:
81 return PCIBIOS_SUCCESSFUL;
83 case XEN_PCI_ERR_dev_not_found:
84 return PCIBIOS_DEVICE_NOT_FOUND;
86 case XEN_PCI_ERR_invalid_offset:
87 case XEN_PCI_ERR_op_failed:
88 return PCIBIOS_BAD_REGISTER_NUMBER;
90 case XEN_PCI_ERR_not_implemented:
91 return PCIBIOS_FUNC_NOT_SUPPORTED;
93 case XEN_PCI_ERR_access_denied:
94 return PCIBIOS_SET_FAILED;
96 return errno;
99 static inline void schedule_pcifront_aer_op(struct pcifront_device *pdev)
101 if (test_bit(_XEN_PCIB_active, (unsigned long *)&pdev->sh_info->flags)
102 && !test_and_set_bit(_PDEVB_op_active, &pdev->flags)) {
103 dev_dbg(&pdev->xdev->dev, "schedule aer frontend job\n");
104 schedule_work(&pdev->op_work);
108 static int do_pci_op(struct pcifront_device *pdev, struct xen_pci_op *op)
110 int err = 0;
111 struct xen_pci_op *active_op = &pdev->sh_info->op;
112 unsigned long irq_flags;
113 evtchn_port_t port = pdev->evtchn;
114 unsigned irq = pdev->irq;
115 s64 ns, ns_timeout;
116 struct timeval tv;
118 spin_lock_irqsave(&pdev->sh_info_lock, irq_flags);
120 memcpy(active_op, op, sizeof(struct xen_pci_op));
122 /* Go */
123 wmb();
124 set_bit(_XEN_PCIF_active, (unsigned long *)&pdev->sh_info->flags);
125 notify_remote_via_evtchn(port);
128 * We set a poll timeout of 3 seconds but give up on return after
129 * 2 seconds. It is better to time out too late rather than too early
130 * (in the latter case we end up continually re-executing poll() with a
131 * timeout in the past). 1s difference gives plenty of slack for error.
133 do_gettimeofday(&tv);
134 ns_timeout = timeval_to_ns(&tv) + 2 * (s64)NSEC_PER_SEC;
136 xen_clear_irq_pending(irq);
138 while (test_bit(_XEN_PCIF_active,
139 (unsigned long *)&pdev->sh_info->flags)) {
140 xen_poll_irq_timeout(irq, jiffies + 3*HZ);
141 xen_clear_irq_pending(irq);
142 do_gettimeofday(&tv);
143 ns = timeval_to_ns(&tv);
144 if (ns > ns_timeout) {
145 dev_err(&pdev->xdev->dev,
146 "pciback not responding!!!\n");
147 clear_bit(_XEN_PCIF_active,
148 (unsigned long *)&pdev->sh_info->flags);
149 err = XEN_PCI_ERR_dev_not_found;
150 goto out;
155 * We might lose backend service request since we
156 * reuse same evtchn with pci_conf backend response. So re-schedule
157 * aer pcifront service.
159 if (test_bit(_XEN_PCIB_active,
160 (unsigned long *)&pdev->sh_info->flags)) {
161 dev_err(&pdev->xdev->dev,
162 "schedule aer pcifront service\n");
163 schedule_pcifront_aer_op(pdev);
166 memcpy(op, active_op, sizeof(struct xen_pci_op));
168 err = op->err;
169 out:
170 spin_unlock_irqrestore(&pdev->sh_info_lock, irq_flags);
171 return err;
174 /* Access to this function is spinlocked in drivers/pci/access.c */
175 static int pcifront_bus_read(struct pci_bus *bus, unsigned int devfn,
176 int where, int size, u32 *val)
178 int err = 0;
179 struct xen_pci_op op = {
180 .cmd = XEN_PCI_OP_conf_read,
181 .domain = pci_domain_nr(bus),
182 .bus = bus->number,
183 .devfn = devfn,
184 .offset = where,
185 .size = size,
187 struct pcifront_sd *sd = bus->sysdata;
188 struct pcifront_device *pdev = pcifront_get_pdev(sd);
190 if (verbose_request)
191 dev_info(&pdev->xdev->dev,
192 "read dev=%04x:%02x:%02x.%01x - offset %x size %d\n",
193 pci_domain_nr(bus), bus->number, PCI_SLOT(devfn),
194 PCI_FUNC(devfn), where, size);
196 err = do_pci_op(pdev, &op);
198 if (likely(!err)) {
199 if (verbose_request)
200 dev_info(&pdev->xdev->dev, "read got back value %x\n",
201 op.value);
203 *val = op.value;
204 } else if (err == -ENODEV) {
205 /* No device here, pretend that it just returned 0 */
206 err = 0;
207 *val = 0;
210 return errno_to_pcibios_err(err);
213 /* Access to this function is spinlocked in drivers/pci/access.c */
214 static int pcifront_bus_write(struct pci_bus *bus, unsigned int devfn,
215 int where, int size, u32 val)
217 struct xen_pci_op op = {
218 .cmd = XEN_PCI_OP_conf_write,
219 .domain = pci_domain_nr(bus),
220 .bus = bus->number,
221 .devfn = devfn,
222 .offset = where,
223 .size = size,
224 .value = val,
226 struct pcifront_sd *sd = bus->sysdata;
227 struct pcifront_device *pdev = pcifront_get_pdev(sd);
229 if (verbose_request)
230 dev_info(&pdev->xdev->dev,
231 "write dev=%04x:%02x:%02x.%01x - "
232 "offset %x size %d val %x\n",
233 pci_domain_nr(bus), bus->number,
234 PCI_SLOT(devfn), PCI_FUNC(devfn), where, size, val);
236 return errno_to_pcibios_err(do_pci_op(pdev, &op));
239 struct pci_ops pcifront_bus_ops = {
240 .read = pcifront_bus_read,
241 .write = pcifront_bus_write,
244 #ifdef CONFIG_PCI_MSI
245 static int pci_frontend_enable_msix(struct pci_dev *dev,
246 int vector[], int nvec)
248 int err;
249 int i;
250 struct xen_pci_op op = {
251 .cmd = XEN_PCI_OP_enable_msix,
252 .domain = pci_domain_nr(dev->bus),
253 .bus = dev->bus->number,
254 .devfn = dev->devfn,
255 .value = nvec,
257 struct pcifront_sd *sd = dev->bus->sysdata;
258 struct pcifront_device *pdev = pcifront_get_pdev(sd);
259 struct msi_desc *entry;
261 if (nvec > SH_INFO_MAX_VEC) {
262 dev_err(&dev->dev, "too much vector for pci frontend: %x."
263 " Increase SH_INFO_MAX_VEC.\n", nvec);
264 return -EINVAL;
267 i = 0;
268 list_for_each_entry(entry, &dev->msi_list, list) {
269 op.msix_entries[i].entry = entry->msi_attrib.entry_nr;
270 /* Vector is useless at this point. */
271 op.msix_entries[i].vector = -1;
272 i++;
275 err = do_pci_op(pdev, &op);
277 if (likely(!err)) {
278 if (likely(!op.value)) {
279 /* we get the result */
280 for (i = 0; i < nvec; i++) {
281 if (op.msix_entries[i].vector <= 0) {
282 dev_warn(&dev->dev, "MSI-X entry %d is invalid: %d!\n",
283 i, op.msix_entries[i].vector);
284 err = -EINVAL;
285 vector[i] = -1;
286 continue;
288 vector[i] = op.msix_entries[i].vector;
290 } else {
291 printk(KERN_DEBUG "enable msix get value %x\n",
292 op.value);
294 } else {
295 dev_err(&dev->dev, "enable msix get err %x\n", err);
297 return err;
300 static void pci_frontend_disable_msix(struct pci_dev *dev)
302 int err;
303 struct xen_pci_op op = {
304 .cmd = XEN_PCI_OP_disable_msix,
305 .domain = pci_domain_nr(dev->bus),
306 .bus = dev->bus->number,
307 .devfn = dev->devfn,
309 struct pcifront_sd *sd = dev->bus->sysdata;
310 struct pcifront_device *pdev = pcifront_get_pdev(sd);
312 err = do_pci_op(pdev, &op);
314 /* What should do for error ? */
315 if (err)
316 dev_err(&dev->dev, "pci_disable_msix get err %x\n", err);
319 static int pci_frontend_enable_msi(struct pci_dev *dev, int vector[])
321 int err;
322 struct xen_pci_op op = {
323 .cmd = XEN_PCI_OP_enable_msi,
324 .domain = pci_domain_nr(dev->bus),
325 .bus = dev->bus->number,
326 .devfn = dev->devfn,
328 struct pcifront_sd *sd = dev->bus->sysdata;
329 struct pcifront_device *pdev = pcifront_get_pdev(sd);
331 err = do_pci_op(pdev, &op);
332 if (likely(!err)) {
333 vector[0] = op.value;
334 if (op.value <= 0) {
335 dev_warn(&dev->dev, "MSI entry is invalid: %d!\n",
336 op.value);
337 err = -EINVAL;
338 vector[0] = -1;
340 } else {
341 dev_err(&dev->dev, "pci frontend enable msi failed for dev "
342 "%x:%x\n", op.bus, op.devfn);
343 err = -EINVAL;
345 return err;
348 static void pci_frontend_disable_msi(struct pci_dev *dev)
350 int err;
351 struct xen_pci_op op = {
352 .cmd = XEN_PCI_OP_disable_msi,
353 .domain = pci_domain_nr(dev->bus),
354 .bus = dev->bus->number,
355 .devfn = dev->devfn,
357 struct pcifront_sd *sd = dev->bus->sysdata;
358 struct pcifront_device *pdev = pcifront_get_pdev(sd);
360 err = do_pci_op(pdev, &op);
361 if (err == XEN_PCI_ERR_dev_not_found) {
362 /* XXX No response from backend, what shall we do? */
363 printk(KERN_DEBUG "get no response from backend for disable MSI\n");
364 return;
366 if (err)
367 /* how can pciback notify us fail? */
368 printk(KERN_DEBUG "get fake response frombackend\n");
371 static struct xen_pci_frontend_ops pci_frontend_ops = {
372 .enable_msi = pci_frontend_enable_msi,
373 .disable_msi = pci_frontend_disable_msi,
374 .enable_msix = pci_frontend_enable_msix,
375 .disable_msix = pci_frontend_disable_msix,
378 static void pci_frontend_registrar(int enable)
380 if (enable)
381 xen_pci_frontend = &pci_frontend_ops;
382 else
383 xen_pci_frontend = NULL;
385 #else
386 static inline void pci_frontend_registrar(int enable) { };
387 #endif /* CONFIG_PCI_MSI */
389 /* Claim resources for the PCI frontend as-is, backend won't allow changes */
390 static int pcifront_claim_resource(struct pci_dev *dev, void *data)
392 struct pcifront_device *pdev = data;
393 int i;
394 struct resource *r;
396 for (i = 0; i < PCI_NUM_RESOURCES; i++) {
397 r = &dev->resource[i];
399 if (!r->parent && r->start && r->flags) {
400 dev_info(&pdev->xdev->dev, "claiming resource %s/%d\n",
401 pci_name(dev), i);
402 if (pci_claim_resource(dev, i)) {
403 dev_err(&pdev->xdev->dev, "Could not claim "
404 "resource %s/%d! Device offline. Try "
405 "giving less than 4GB to domain.\n",
406 pci_name(dev), i);
411 return 0;
414 static int __devinit pcifront_scan_bus(struct pcifront_device *pdev,
415 unsigned int domain, unsigned int bus,
416 struct pci_bus *b)
418 struct pci_dev *d;
419 unsigned int devfn;
421 /* Scan the bus for functions and add.
422 * We omit handling of PCI bridge attachment because pciback prevents
423 * bridges from being exported.
425 for (devfn = 0; devfn < 0x100; devfn++) {
426 d = pci_get_slot(b, devfn);
427 if (d) {
428 /* Device is already known. */
429 pci_dev_put(d);
430 continue;
433 d = pci_scan_single_device(b, devfn);
434 if (d)
435 dev_info(&pdev->xdev->dev, "New device on "
436 "%04x:%02x:%02x.%02x found.\n", domain, bus,
437 PCI_SLOT(devfn), PCI_FUNC(devfn));
440 return 0;
443 static int __devinit pcifront_scan_root(struct pcifront_device *pdev,
444 unsigned int domain, unsigned int bus)
446 struct pci_bus *b;
447 struct pcifront_sd *sd = NULL;
448 struct pci_bus_entry *bus_entry = NULL;
449 int err = 0;
451 #ifndef CONFIG_PCI_DOMAINS
452 if (domain != 0) {
453 dev_err(&pdev->xdev->dev,
454 "PCI Root in non-zero PCI Domain! domain=%d\n", domain);
455 dev_err(&pdev->xdev->dev,
456 "Please compile with CONFIG_PCI_DOMAINS\n");
457 err = -EINVAL;
458 goto err_out;
460 #endif
462 dev_info(&pdev->xdev->dev, "Creating PCI Frontend Bus %04x:%02x\n",
463 domain, bus);
465 bus_entry = kmalloc(sizeof(*bus_entry), GFP_KERNEL);
466 sd = kmalloc(sizeof(*sd), GFP_KERNEL);
467 if (!bus_entry || !sd) {
468 err = -ENOMEM;
469 goto err_out;
471 pcifront_init_sd(sd, domain, bus, pdev);
473 b = pci_scan_bus_parented(&pdev->xdev->dev, bus,
474 &pcifront_bus_ops, sd);
475 if (!b) {
476 dev_err(&pdev->xdev->dev,
477 "Error creating PCI Frontend Bus!\n");
478 err = -ENOMEM;
479 goto err_out;
482 bus_entry->bus = b;
484 list_add(&bus_entry->list, &pdev->root_buses);
486 /* pci_scan_bus_parented skips devices which do not have a have
487 * devfn==0. The pcifront_scan_bus enumerates all devfn. */
488 err = pcifront_scan_bus(pdev, domain, bus, b);
490 /* Claim resources before going "live" with our devices */
491 pci_walk_bus(b, pcifront_claim_resource, pdev);
493 /* Create SysFS and notify udev of the devices. Aka: "going live" */
494 pci_bus_add_devices(b);
496 return err;
498 err_out:
499 kfree(bus_entry);
500 kfree(sd);
502 return err;
505 static int __devinit pcifront_rescan_root(struct pcifront_device *pdev,
506 unsigned int domain, unsigned int bus)
508 int err;
509 struct pci_bus *b;
511 #ifndef CONFIG_PCI_DOMAINS
512 if (domain != 0) {
513 dev_err(&pdev->xdev->dev,
514 "PCI Root in non-zero PCI Domain! domain=%d\n", domain);
515 dev_err(&pdev->xdev->dev,
516 "Please compile with CONFIG_PCI_DOMAINS\n");
517 return -EINVAL;
519 #endif
521 dev_info(&pdev->xdev->dev, "Rescanning PCI Frontend Bus %04x:%02x\n",
522 domain, bus);
524 b = pci_find_bus(domain, bus);
525 if (!b)
526 /* If the bus is unknown, create it. */
527 return pcifront_scan_root(pdev, domain, bus);
529 err = pcifront_scan_bus(pdev, domain, bus, b);
531 /* Claim resources before going "live" with our devices */
532 pci_walk_bus(b, pcifront_claim_resource, pdev);
534 /* Create SysFS and notify udev of the devices. Aka: "going live" */
535 pci_bus_add_devices(b);
537 return err;
540 static void free_root_bus_devs(struct pci_bus *bus)
542 struct pci_dev *dev;
544 while (!list_empty(&bus->devices)) {
545 dev = container_of(bus->devices.next, struct pci_dev,
546 bus_list);
547 dev_dbg(&dev->dev, "removing device\n");
548 pci_remove_bus_device(dev);
552 static void pcifront_free_roots(struct pcifront_device *pdev)
554 struct pci_bus_entry *bus_entry, *t;
556 dev_dbg(&pdev->xdev->dev, "cleaning up root buses\n");
558 list_for_each_entry_safe(bus_entry, t, &pdev->root_buses, list) {
559 list_del(&bus_entry->list);
561 free_root_bus_devs(bus_entry->bus);
563 kfree(bus_entry->bus->sysdata);
565 device_unregister(bus_entry->bus->bridge);
566 pci_remove_bus(bus_entry->bus);
568 kfree(bus_entry);
572 static pci_ers_result_t pcifront_common_process(int cmd,
573 struct pcifront_device *pdev,
574 pci_channel_state_t state)
576 pci_ers_result_t result;
577 struct pci_driver *pdrv;
578 int bus = pdev->sh_info->aer_op.bus;
579 int devfn = pdev->sh_info->aer_op.devfn;
580 struct pci_dev *pcidev;
581 int flag = 0;
583 dev_dbg(&pdev->xdev->dev,
584 "pcifront AER process: cmd %x (bus:%x, devfn%x)",
585 cmd, bus, devfn);
586 result = PCI_ERS_RESULT_NONE;
588 pcidev = pci_get_bus_and_slot(bus, devfn);
589 if (!pcidev || !pcidev->driver) {
590 dev_err(&pdev->xdev->dev, "device or AER driver is NULL\n");
591 if (pcidev)
592 pci_dev_put(pcidev);
593 return result;
595 pdrv = pcidev->driver;
597 if (get_driver(&pdrv->driver)) {
598 if (pdrv->err_handler && pdrv->err_handler->error_detected) {
599 dev_dbg(&pcidev->dev,
600 "trying to call AER service\n");
601 if (pcidev) {
602 flag = 1;
603 switch (cmd) {
604 case XEN_PCI_OP_aer_detected:
605 result = pdrv->err_handler->
606 error_detected(pcidev, state);
607 break;
608 case XEN_PCI_OP_aer_mmio:
609 result = pdrv->err_handler->
610 mmio_enabled(pcidev);
611 break;
612 case XEN_PCI_OP_aer_slotreset:
613 result = pdrv->err_handler->
614 slot_reset(pcidev);
615 break;
616 case XEN_PCI_OP_aer_resume:
617 pdrv->err_handler->resume(pcidev);
618 break;
619 default:
620 dev_err(&pdev->xdev->dev,
621 "bad request in aer recovery "
622 "operation!\n");
627 put_driver(&pdrv->driver);
629 if (!flag)
630 result = PCI_ERS_RESULT_NONE;
632 return result;
636 static void pcifront_do_aer(struct work_struct *data)
638 struct pcifront_device *pdev =
639 container_of(data, struct pcifront_device, op_work);
640 int cmd = pdev->sh_info->aer_op.cmd;
641 pci_channel_state_t state =
642 (pci_channel_state_t)pdev->sh_info->aer_op.err;
644 /*If a pci_conf op is in progress,
645 we have to wait until it is done before service aer op*/
646 dev_dbg(&pdev->xdev->dev,
647 "pcifront service aer bus %x devfn %x\n",
648 pdev->sh_info->aer_op.bus, pdev->sh_info->aer_op.devfn);
650 pdev->sh_info->aer_op.err = pcifront_common_process(cmd, pdev, state);
652 /* Post the operation to the guest. */
653 wmb();
654 clear_bit(_XEN_PCIB_active, (unsigned long *)&pdev->sh_info->flags);
655 notify_remote_via_evtchn(pdev->evtchn);
657 /*in case of we lost an aer request in four lines time_window*/
658 smp_mb__before_clear_bit();
659 clear_bit(_PDEVB_op_active, &pdev->flags);
660 smp_mb__after_clear_bit();
662 schedule_pcifront_aer_op(pdev);
666 static irqreturn_t pcifront_handler_aer(int irq, void *dev)
668 struct pcifront_device *pdev = dev;
669 schedule_pcifront_aer_op(pdev);
670 return IRQ_HANDLED;
672 static int pcifront_connect(struct pcifront_device *pdev)
674 int err = 0;
676 spin_lock(&pcifront_dev_lock);
678 if (!pcifront_dev) {
679 dev_info(&pdev->xdev->dev, "Installing PCI frontend\n");
680 pcifront_dev = pdev;
681 } else {
682 dev_err(&pdev->xdev->dev, "PCI frontend already installed!\n");
683 err = -EEXIST;
686 spin_unlock(&pcifront_dev_lock);
688 return err;
691 static void pcifront_disconnect(struct pcifront_device *pdev)
693 spin_lock(&pcifront_dev_lock);
695 if (pdev == pcifront_dev) {
696 dev_info(&pdev->xdev->dev,
697 "Disconnecting PCI Frontend Buses\n");
698 pcifront_dev = NULL;
701 spin_unlock(&pcifront_dev_lock);
703 static struct pcifront_device *alloc_pdev(struct xenbus_device *xdev)
705 struct pcifront_device *pdev;
707 pdev = kzalloc(sizeof(struct pcifront_device), GFP_KERNEL);
708 if (pdev == NULL)
709 goto out;
711 pdev->sh_info =
712 (struct xen_pci_sharedinfo *)__get_free_page(GFP_KERNEL);
713 if (pdev->sh_info == NULL) {
714 kfree(pdev);
715 pdev = NULL;
716 goto out;
718 pdev->sh_info->flags = 0;
720 /*Flag for registering PV AER handler*/
721 set_bit(_XEN_PCIB_AERHANDLER, (void *)&pdev->sh_info->flags);
723 dev_set_drvdata(&xdev->dev, pdev);
724 pdev->xdev = xdev;
726 INIT_LIST_HEAD(&pdev->root_buses);
728 spin_lock_init(&pdev->sh_info_lock);
730 pdev->evtchn = INVALID_EVTCHN;
731 pdev->gnt_ref = INVALID_GRANT_REF;
732 pdev->irq = -1;
734 INIT_WORK(&pdev->op_work, pcifront_do_aer);
736 dev_dbg(&xdev->dev, "Allocated pdev @ 0x%p pdev->sh_info @ 0x%p\n",
737 pdev, pdev->sh_info);
738 out:
739 return pdev;
742 static void free_pdev(struct pcifront_device *pdev)
744 dev_dbg(&pdev->xdev->dev, "freeing pdev @ 0x%p\n", pdev);
746 pcifront_free_roots(pdev);
748 cancel_work_sync(&pdev->op_work);
750 if (pdev->irq >= 0)
751 unbind_from_irqhandler(pdev->irq, pdev);
753 if (pdev->evtchn != INVALID_EVTCHN)
754 xenbus_free_evtchn(pdev->xdev, pdev->evtchn);
756 if (pdev->gnt_ref != INVALID_GRANT_REF)
757 gnttab_end_foreign_access(pdev->gnt_ref, 0 /* r/w page */,
758 (unsigned long)pdev->sh_info);
759 else
760 free_page((unsigned long)pdev->sh_info);
762 dev_set_drvdata(&pdev->xdev->dev, NULL);
764 kfree(pdev);
767 static int pcifront_publish_info(struct pcifront_device *pdev)
769 int err = 0;
770 struct xenbus_transaction trans;
772 err = xenbus_grant_ring(pdev->xdev, virt_to_mfn(pdev->sh_info));
773 if (err < 0)
774 goto out;
776 pdev->gnt_ref = err;
778 err = xenbus_alloc_evtchn(pdev->xdev, &pdev->evtchn);
779 if (err)
780 goto out;
782 err = bind_evtchn_to_irqhandler(pdev->evtchn, pcifront_handler_aer,
783 0, "pcifront", pdev);
785 if (err < 0)
786 return err;
788 pdev->irq = err;
790 do_publish:
791 err = xenbus_transaction_start(&trans);
792 if (err) {
793 xenbus_dev_fatal(pdev->xdev, err,
794 "Error writing configuration for backend "
795 "(start transaction)");
796 goto out;
799 err = xenbus_printf(trans, pdev->xdev->nodename,
800 "pci-op-ref", "%u", pdev->gnt_ref);
801 if (!err)
802 err = xenbus_printf(trans, pdev->xdev->nodename,
803 "event-channel", "%u", pdev->evtchn);
804 if (!err)
805 err = xenbus_printf(trans, pdev->xdev->nodename,
806 "magic", XEN_PCI_MAGIC);
808 if (err) {
809 xenbus_transaction_end(trans, 1);
810 xenbus_dev_fatal(pdev->xdev, err,
811 "Error writing configuration for backend");
812 goto out;
813 } else {
814 err = xenbus_transaction_end(trans, 0);
815 if (err == -EAGAIN)
816 goto do_publish;
817 else if (err) {
818 xenbus_dev_fatal(pdev->xdev, err,
819 "Error completing transaction "
820 "for backend");
821 goto out;
825 xenbus_switch_state(pdev->xdev, XenbusStateInitialised);
827 dev_dbg(&pdev->xdev->dev, "publishing successful!\n");
829 out:
830 return err;
833 static int __devinit pcifront_try_connect(struct pcifront_device *pdev)
835 int err = -EFAULT;
836 int i, num_roots, len;
837 char str[64];
838 unsigned int domain, bus;
841 /* Only connect once */
842 if (xenbus_read_driver_state(pdev->xdev->nodename) !=
843 XenbusStateInitialised)
844 goto out;
846 err = pcifront_connect(pdev);
847 if (err) {
848 xenbus_dev_fatal(pdev->xdev, err,
849 "Error connecting PCI Frontend");
850 goto out;
853 err = xenbus_scanf(XBT_NIL, pdev->xdev->otherend,
854 "root_num", "%d", &num_roots);
855 if (err == -ENOENT) {
856 xenbus_dev_error(pdev->xdev, err,
857 "No PCI Roots found, trying 0000:00");
858 err = pcifront_scan_root(pdev, 0, 0);
859 num_roots = 0;
860 } else if (err != 1) {
861 if (err == 0)
862 err = -EINVAL;
863 xenbus_dev_fatal(pdev->xdev, err,
864 "Error reading number of PCI roots");
865 goto out;
868 for (i = 0; i < num_roots; i++) {
869 len = snprintf(str, sizeof(str), "root-%d", i);
870 if (unlikely(len >= (sizeof(str) - 1))) {
871 err = -ENOMEM;
872 goto out;
875 err = xenbus_scanf(XBT_NIL, pdev->xdev->otherend, str,
876 "%x:%x", &domain, &bus);
877 if (err != 2) {
878 if (err >= 0)
879 err = -EINVAL;
880 xenbus_dev_fatal(pdev->xdev, err,
881 "Error reading PCI root %d", i);
882 goto out;
885 err = pcifront_scan_root(pdev, domain, bus);
886 if (err) {
887 xenbus_dev_fatal(pdev->xdev, err,
888 "Error scanning PCI root %04x:%02x",
889 domain, bus);
890 goto out;
894 err = xenbus_switch_state(pdev->xdev, XenbusStateConnected);
896 out:
897 return err;
900 static int pcifront_try_disconnect(struct pcifront_device *pdev)
902 int err = 0;
903 enum xenbus_state prev_state;
906 prev_state = xenbus_read_driver_state(pdev->xdev->nodename);
908 if (prev_state >= XenbusStateClosing)
909 goto out;
911 if (prev_state == XenbusStateConnected) {
912 pcifront_free_roots(pdev);
913 pcifront_disconnect(pdev);
916 err = xenbus_switch_state(pdev->xdev, XenbusStateClosed);
918 out:
920 return err;
923 static int __devinit pcifront_attach_devices(struct pcifront_device *pdev)
925 int err = -EFAULT;
926 int i, num_roots, len;
927 unsigned int domain, bus;
928 char str[64];
930 if (xenbus_read_driver_state(pdev->xdev->nodename) !=
931 XenbusStateReconfiguring)
932 goto out;
934 err = xenbus_scanf(XBT_NIL, pdev->xdev->otherend,
935 "root_num", "%d", &num_roots);
936 if (err == -ENOENT) {
937 xenbus_dev_error(pdev->xdev, err,
938 "No PCI Roots found, trying 0000:00");
939 err = pcifront_rescan_root(pdev, 0, 0);
940 num_roots = 0;
941 } else if (err != 1) {
942 if (err == 0)
943 err = -EINVAL;
944 xenbus_dev_fatal(pdev->xdev, err,
945 "Error reading number of PCI roots");
946 goto out;
949 for (i = 0; i < num_roots; i++) {
950 len = snprintf(str, sizeof(str), "root-%d", i);
951 if (unlikely(len >= (sizeof(str) - 1))) {
952 err = -ENOMEM;
953 goto out;
956 err = xenbus_scanf(XBT_NIL, pdev->xdev->otherend, str,
957 "%x:%x", &domain, &bus);
958 if (err != 2) {
959 if (err >= 0)
960 err = -EINVAL;
961 xenbus_dev_fatal(pdev->xdev, err,
962 "Error reading PCI root %d", i);
963 goto out;
966 err = pcifront_rescan_root(pdev, domain, bus);
967 if (err) {
968 xenbus_dev_fatal(pdev->xdev, err,
969 "Error scanning PCI root %04x:%02x",
970 domain, bus);
971 goto out;
975 xenbus_switch_state(pdev->xdev, XenbusStateConnected);
977 out:
978 return err;
981 static int pcifront_detach_devices(struct pcifront_device *pdev)
983 int err = 0;
984 int i, num_devs;
985 unsigned int domain, bus, slot, func;
986 struct pci_bus *pci_bus;
987 struct pci_dev *pci_dev;
988 char str[64];
990 if (xenbus_read_driver_state(pdev->xdev->nodename) !=
991 XenbusStateConnected)
992 goto out;
994 err = xenbus_scanf(XBT_NIL, pdev->xdev->otherend, "num_devs", "%d",
995 &num_devs);
996 if (err != 1) {
997 if (err >= 0)
998 err = -EINVAL;
999 xenbus_dev_fatal(pdev->xdev, err,
1000 "Error reading number of PCI devices");
1001 goto out;
1004 /* Find devices being detached and remove them. */
1005 for (i = 0; i < num_devs; i++) {
1006 int l, state;
1007 l = snprintf(str, sizeof(str), "state-%d", i);
1008 if (unlikely(l >= (sizeof(str) - 1))) {
1009 err = -ENOMEM;
1010 goto out;
1012 err = xenbus_scanf(XBT_NIL, pdev->xdev->otherend, str, "%d",
1013 &state);
1014 if (err != 1)
1015 state = XenbusStateUnknown;
1017 if (state != XenbusStateClosing)
1018 continue;
1020 /* Remove device. */
1021 l = snprintf(str, sizeof(str), "vdev-%d", i);
1022 if (unlikely(l >= (sizeof(str) - 1))) {
1023 err = -ENOMEM;
1024 goto out;
1026 err = xenbus_scanf(XBT_NIL, pdev->xdev->otherend, str,
1027 "%x:%x:%x.%x", &domain, &bus, &slot, &func);
1028 if (err != 4) {
1029 if (err >= 0)
1030 err = -EINVAL;
1031 xenbus_dev_fatal(pdev->xdev, err,
1032 "Error reading PCI device %d", i);
1033 goto out;
1036 pci_bus = pci_find_bus(domain, bus);
1037 if (!pci_bus) {
1038 dev_dbg(&pdev->xdev->dev, "Cannot get bus %04x:%02x\n",
1039 domain, bus);
1040 continue;
1042 pci_dev = pci_get_slot(pci_bus, PCI_DEVFN(slot, func));
1043 if (!pci_dev) {
1044 dev_dbg(&pdev->xdev->dev,
1045 "Cannot get PCI device %04x:%02x:%02x.%02x\n",
1046 domain, bus, slot, func);
1047 continue;
1049 pci_remove_bus_device(pci_dev);
1050 pci_dev_put(pci_dev);
1052 dev_dbg(&pdev->xdev->dev,
1053 "PCI device %04x:%02x:%02x.%02x removed.\n",
1054 domain, bus, slot, func);
1057 err = xenbus_switch_state(pdev->xdev, XenbusStateReconfiguring);
1059 out:
1060 return err;
1063 static void __init_refok pcifront_backend_changed(struct xenbus_device *xdev,
1064 enum xenbus_state be_state)
1066 struct pcifront_device *pdev = dev_get_drvdata(&xdev->dev);
1068 switch (be_state) {
1069 case XenbusStateUnknown:
1070 case XenbusStateInitialising:
1071 case XenbusStateInitWait:
1072 case XenbusStateInitialised:
1073 case XenbusStateClosed:
1074 break;
1076 case XenbusStateConnected:
1077 pcifront_try_connect(pdev);
1078 break;
1080 case XenbusStateClosing:
1081 dev_warn(&xdev->dev, "backend going away!\n");
1082 pcifront_try_disconnect(pdev);
1083 break;
1085 case XenbusStateReconfiguring:
1086 pcifront_detach_devices(pdev);
1087 break;
1089 case XenbusStateReconfigured:
1090 pcifront_attach_devices(pdev);
1091 break;
1095 static int pcifront_xenbus_probe(struct xenbus_device *xdev,
1096 const struct xenbus_device_id *id)
1098 int err = 0;
1099 struct pcifront_device *pdev = alloc_pdev(xdev);
1101 if (pdev == NULL) {
1102 err = -ENOMEM;
1103 xenbus_dev_fatal(xdev, err,
1104 "Error allocating pcifront_device struct");
1105 goto out;
1108 err = pcifront_publish_info(pdev);
1109 if (err)
1110 free_pdev(pdev);
1112 out:
1113 return err;
1116 static int pcifront_xenbus_remove(struct xenbus_device *xdev)
1118 struct pcifront_device *pdev = dev_get_drvdata(&xdev->dev);
1119 if (pdev)
1120 free_pdev(pdev);
1122 return 0;
1125 static const struct xenbus_device_id xenpci_ids[] = {
1126 {"pci"},
1127 {""},
1130 static struct xenbus_driver xenbus_pcifront_driver = {
1131 .name = "pcifront",
1132 .owner = THIS_MODULE,
1133 .ids = xenpci_ids,
1134 .probe = pcifront_xenbus_probe,
1135 .remove = pcifront_xenbus_remove,
1136 .otherend_changed = pcifront_backend_changed,
1139 static int __init pcifront_init(void)
1141 if (!xen_pv_domain() || xen_initial_domain())
1142 return -ENODEV;
1144 pci_frontend_registrar(1 /* enable */);
1146 return xenbus_register_frontend(&xenbus_pcifront_driver);
1149 static void __exit pcifront_cleanup(void)
1151 xenbus_unregister_driver(&xenbus_pcifront_driver);
1152 pci_frontend_registrar(0 /* disable */);
1154 module_init(pcifront_init);
1155 module_exit(pcifront_cleanup);
1157 MODULE_DESCRIPTION("Xen PCI passthrough frontend.");
1158 MODULE_LICENSE("GPL");
1159 MODULE_ALIAS("xen:pci");