1 /* Copyright (C) 2009 Red Hat, Inc.
2 * Author: Michael S. Tsirkin <mst@redhat.com>
4 * This work is licensed under the terms of the GNU GPL, version 2.
6 * virtio-net server in host kernel.
9 #include <linux/compat.h>
10 #include <linux/eventfd.h>
11 #include <linux/vhost.h>
12 #include <linux/virtio_net.h>
13 #include <linux/miscdevice.h>
14 #include <linux/module.h>
15 #include <linux/moduleparam.h>
16 #include <linux/mutex.h>
17 #include <linux/workqueue.h>
18 #include <linux/rcupdate.h>
19 #include <linux/file.h>
20 #include <linux/slab.h>
22 #include <linux/net.h>
23 #include <linux/if_packet.h>
24 #include <linux/if_arp.h>
25 #include <linux/if_tun.h>
26 #include <linux/if_macvlan.h>
32 static int experimental_zcopytx;
33 module_param(experimental_zcopytx, int, 0444);
34 MODULE_PARM_DESC(experimental_zcopytx, "Enable Experimental Zero Copy TX");
36 /* Max number of bytes transferred before requeueing the job.
37 * Using this limit prevents one virtqueue from starving others. */
38 #define VHOST_NET_WEIGHT 0x80000
40 /* MAX number of TX used buffers for outstanding zerocopy */
41 #define VHOST_MAX_PEND 128
42 #define VHOST_GOODCOPY_LEN 256
50 enum vhost_net_poll_state {
51 VHOST_NET_POLL_DISABLED = 0,
52 VHOST_NET_POLL_STARTED = 1,
53 VHOST_NET_POLL_STOPPED = 2,
58 struct vhost_virtqueue vqs[VHOST_NET_VQ_MAX];
59 struct vhost_poll poll[VHOST_NET_VQ_MAX];
60 /* Tells us whether we are polling a socket for TX.
61 * We only do this when socket buffer fills up.
62 * Protected by tx vq lock. */
63 enum vhost_net_poll_state tx_poll_state;
66 static bool vhost_sock_zcopy(struct socket *sock)
68 return unlikely(experimental_zcopytx) &&
69 sock_flag(sock->sk, SOCK_ZEROCOPY);
72 /* Pop first len bytes from iovec. Return number of segments used. */
73 static int move_iovec_hdr(struct iovec *from, struct iovec *to,
74 size_t len, int iov_count)
79 while (len && seg < iov_count) {
80 size = min(from->iov_len, len);
81 to->iov_base = from->iov_base;
83 from->iov_len -= size;
84 from->iov_base += size;
92 /* Copy iovec entries for len bytes from iovec. */
93 static void copy_iovec_hdr(const struct iovec *from, struct iovec *to,
94 size_t len, int iovcount)
99 while (len && seg < iovcount) {
100 size = min(from->iov_len, len);
101 to->iov_base = from->iov_base;
110 /* Caller must have TX VQ lock */
111 static void tx_poll_stop(struct vhost_net *net)
113 if (likely(net->tx_poll_state != VHOST_NET_POLL_STARTED))
115 vhost_poll_stop(net->poll + VHOST_NET_VQ_TX);
116 net->tx_poll_state = VHOST_NET_POLL_STOPPED;
119 /* Caller must have TX VQ lock */
120 static void tx_poll_start(struct vhost_net *net, struct socket *sock)
122 if (unlikely(net->tx_poll_state != VHOST_NET_POLL_STOPPED))
124 vhost_poll_start(net->poll + VHOST_NET_VQ_TX, sock->file);
125 net->tx_poll_state = VHOST_NET_POLL_STARTED;
128 /* Expects to be always run from workqueue - which acts as
129 * read-size critical section for our kind of RCU. */
130 static void handle_tx(struct vhost_net *net)
132 struct vhost_virtqueue *vq = &net->dev.vqs[VHOST_NET_VQ_TX];
135 struct msghdr msg = {
141 .msg_flags = MSG_DONTWAIT,
143 size_t len, total_len = 0;
147 struct vhost_ubuf_ref *uninitialized_var(ubufs);
150 /* TODO: check that we are running from vhost_worker? */
151 sock = rcu_dereference_check(vq->private_data, 1);
155 wmem = atomic_read(&sock->sk->sk_wmem_alloc);
156 if (wmem >= sock->sk->sk_sndbuf) {
157 mutex_lock(&vq->mutex);
158 tx_poll_start(net, sock);
159 mutex_unlock(&vq->mutex);
163 mutex_lock(&vq->mutex);
164 vhost_disable_notify(&net->dev, vq);
166 if (wmem < sock->sk->sk_sndbuf / 2)
168 hdr_size = vq->vhost_hlen;
169 zcopy = vhost_sock_zcopy(sock);
172 /* Release DMAs done buffers first */
174 vhost_zerocopy_signal_used(vq);
176 head = vhost_get_vq_desc(&net->dev, vq, vq->iov,
180 /* On error, stop handling until the next kick. */
181 if (unlikely(head < 0))
183 /* Nothing new? Wait for eventfd to tell us they refilled. */
184 if (head == vq->num) {
187 wmem = atomic_read(&sock->sk->sk_wmem_alloc);
188 if (wmem >= sock->sk->sk_sndbuf * 3 / 4) {
189 tx_poll_start(net, sock);
190 set_bit(SOCK_ASYNC_NOSPACE, &sock->flags);
193 /* If more outstanding DMAs, queue the work.
194 * Handle upend_idx wrap around
196 num_pends = likely(vq->upend_idx >= vq->done_idx) ?
197 (vq->upend_idx - vq->done_idx) :
198 (vq->upend_idx + UIO_MAXIOV - vq->done_idx);
199 if (unlikely(num_pends > VHOST_MAX_PEND)) {
200 tx_poll_start(net, sock);
201 set_bit(SOCK_ASYNC_NOSPACE, &sock->flags);
204 if (unlikely(vhost_enable_notify(&net->dev, vq))) {
205 vhost_disable_notify(&net->dev, vq);
211 vq_err(vq, "Unexpected descriptor format for TX: "
212 "out %d, int %d\n", out, in);
215 /* Skip header. TODO: support TSO. */
216 s = move_iovec_hdr(vq->iov, vq->hdr, hdr_size, out);
217 msg.msg_iovlen = out;
218 len = iov_length(vq->iov, out);
221 vq_err(vq, "Unexpected header len for TX: "
222 "%zd expected %zd\n",
223 iov_length(vq->hdr, s), hdr_size);
226 /* use msg_control to pass vhost zerocopy ubuf info to skb */
228 vq->heads[vq->upend_idx].id = head;
229 if (len < VHOST_GOODCOPY_LEN) {
230 /* copy don't need to wait for DMA done */
231 vq->heads[vq->upend_idx].len =
233 msg.msg_control = NULL;
234 msg.msg_controllen = 0;
237 struct ubuf_info *ubuf;
238 ubuf = vq->ubuf_info + vq->upend_idx;
240 vq->heads[vq->upend_idx].len = len;
241 ubuf->callback = vhost_zerocopy_callback;
242 ubuf->arg = vq->ubufs;
243 ubuf->desc = vq->upend_idx;
244 msg.msg_control = ubuf;
245 msg.msg_controllen = sizeof(ubuf);
247 kref_get(&ubufs->kref);
249 vq->upend_idx = (vq->upend_idx + 1) % UIO_MAXIOV;
251 /* TODO: Check specific error and bomb out unless ENOBUFS? */
252 err = sock->ops->sendmsg(NULL, sock, &msg, len);
253 if (unlikely(err < 0)) {
256 vhost_ubuf_put(ubufs);
257 vq->upend_idx = ((unsigned)vq->upend_idx - 1) %
260 vhost_discard_vq_desc(vq, 1);
261 tx_poll_start(net, sock);
265 pr_debug("Truncated TX packet: "
266 " len %d != %zd\n", err, len);
268 vhost_add_used_and_signal(&net->dev, vq, head, 0);
270 if (unlikely(total_len >= VHOST_NET_WEIGHT)) {
271 vhost_poll_queue(&vq->poll);
276 mutex_unlock(&vq->mutex);
279 static int peek_head_len(struct sock *sk)
281 struct sk_buff *head;
285 spin_lock_irqsave(&sk->sk_receive_queue.lock, flags);
286 head = skb_peek(&sk->sk_receive_queue);
289 spin_unlock_irqrestore(&sk->sk_receive_queue.lock, flags);
293 /* This is a multi-buffer version of vhost_get_desc, that works if
294 * vq has read descriptors only.
295 * @vq - the relevant virtqueue
296 * @datalen - data length we'll be reading
297 * @iovcount - returned count of io vectors we fill
299 * @log_num - log offset
300 * @quota - headcount quota, 1 for big buffer
301 * returns number of buffer heads allocated, negative on error
303 static int get_rx_bufs(struct vhost_virtqueue *vq,
304 struct vring_used_elem *heads,
307 struct vhost_log *log,
311 unsigned int out, in;
317 while (datalen > 0 && headcount < quota) {
318 if (unlikely(seg >= UIO_MAXIOV)) {
322 d = vhost_get_vq_desc(vq->dev, vq, vq->iov + seg,
323 ARRAY_SIZE(vq->iov) - seg, &out,
329 if (unlikely(out || in <= 0)) {
330 vq_err(vq, "unexpected descriptor format for RX: "
331 "out %d, in %d\n", out, in);
339 heads[headcount].id = d;
340 heads[headcount].len = iov_length(vq->iov + seg, in);
341 datalen -= heads[headcount].len;
345 heads[headcount - 1].len += datalen;
351 if (unlikely(datalen > 0)) {
357 vhost_discard_vq_desc(vq, headcount);
361 /* Expects to be always run from workqueue - which acts as
362 * read-size critical section for our kind of RCU. */
363 static void handle_rx(struct vhost_net *net)
365 struct vhost_virtqueue *vq = &net->dev.vqs[VHOST_NET_VQ_RX];
366 unsigned uninitialized_var(in), log;
367 struct vhost_log *vq_log;
368 struct msghdr msg = {
371 .msg_control = NULL, /* FIXME: get and handle RX aux data. */
374 .msg_flags = MSG_DONTWAIT,
376 struct virtio_net_hdr_mrg_rxbuf hdr = {
378 .hdr.gso_type = VIRTIO_NET_HDR_GSO_NONE
380 size_t total_len = 0;
383 size_t vhost_hlen, sock_hlen;
384 size_t vhost_len, sock_len;
385 /* TODO: check that we are running from vhost_worker? */
386 struct socket *sock = rcu_dereference_check(vq->private_data, 1);
391 mutex_lock(&vq->mutex);
392 vhost_disable_notify(&net->dev, vq);
393 vhost_hlen = vq->vhost_hlen;
394 sock_hlen = vq->sock_hlen;
396 vq_log = unlikely(vhost_has_feature(&net->dev, VHOST_F_LOG_ALL)) ?
398 mergeable = vhost_has_feature(&net->dev, VIRTIO_NET_F_MRG_RXBUF);
400 while ((sock_len = peek_head_len(sock->sk))) {
401 sock_len += sock_hlen;
402 vhost_len = sock_len + vhost_hlen;
403 headcount = get_rx_bufs(vq, vq->heads, vhost_len,
405 likely(mergeable) ? UIO_MAXIOV : 1);
406 /* On error, stop handling until the next kick. */
407 if (unlikely(headcount < 0))
409 /* On overrun, truncate and discard */
410 if (unlikely(headcount > UIO_MAXIOV)) {
412 err = sock->ops->recvmsg(NULL, sock, &msg,
413 1, MSG_DONTWAIT | MSG_TRUNC);
414 pr_debug("Discarded rx packet: len %zd\n", sock_len);
417 /* OK, now we need to know about added descriptors. */
419 if (unlikely(vhost_enable_notify(&net->dev, vq))) {
420 /* They have slipped one in as we were
421 * doing that: check again. */
422 vhost_disable_notify(&net->dev, vq);
425 /* Nothing new? Wait for eventfd to tell us
429 /* We don't need to be notified again. */
430 if (unlikely((vhost_hlen)))
431 /* Skip header. TODO: support TSO. */
432 move_iovec_hdr(vq->iov, vq->hdr, vhost_hlen, in);
434 /* Copy the header for use in VIRTIO_NET_F_MRG_RXBUF:
435 * needed because recvmsg can modify msg_iov. */
436 copy_iovec_hdr(vq->iov, vq->hdr, sock_hlen, in);
438 err = sock->ops->recvmsg(NULL, sock, &msg,
439 sock_len, MSG_DONTWAIT | MSG_TRUNC);
440 /* Userspace might have consumed the packet meanwhile:
441 * it's not supposed to do this usually, but might be hard
442 * to prevent. Discard data we got (if any) and keep going. */
443 if (unlikely(err != sock_len)) {
444 pr_debug("Discarded rx packet: "
445 " len %d, expected %zd\n", err, sock_len);
446 vhost_discard_vq_desc(vq, headcount);
449 if (unlikely(vhost_hlen) &&
450 memcpy_toiovecend(vq->hdr, (unsigned char *)&hdr, 0,
452 vq_err(vq, "Unable to write vnet_hdr at addr %p\n",
456 /* TODO: Should check and handle checksum. */
457 if (likely(mergeable) &&
458 memcpy_toiovecend(vq->hdr, (unsigned char *)&headcount,
459 offsetof(typeof(hdr), num_buffers),
460 sizeof hdr.num_buffers)) {
461 vq_err(vq, "Failed num_buffers write");
462 vhost_discard_vq_desc(vq, headcount);
465 vhost_add_used_and_signal_n(&net->dev, vq, vq->heads,
467 if (unlikely(vq_log))
468 vhost_log_write(vq, vq_log, log, vhost_len);
469 total_len += vhost_len;
470 if (unlikely(total_len >= VHOST_NET_WEIGHT)) {
471 vhost_poll_queue(&vq->poll);
476 mutex_unlock(&vq->mutex);
479 static void handle_tx_kick(struct vhost_work *work)
481 struct vhost_virtqueue *vq = container_of(work, struct vhost_virtqueue,
483 struct vhost_net *net = container_of(vq->dev, struct vhost_net, dev);
488 static void handle_rx_kick(struct vhost_work *work)
490 struct vhost_virtqueue *vq = container_of(work, struct vhost_virtqueue,
492 struct vhost_net *net = container_of(vq->dev, struct vhost_net, dev);
497 static void handle_tx_net(struct vhost_work *work)
499 struct vhost_net *net = container_of(work, struct vhost_net,
500 poll[VHOST_NET_VQ_TX].work);
504 static void handle_rx_net(struct vhost_work *work)
506 struct vhost_net *net = container_of(work, struct vhost_net,
507 poll[VHOST_NET_VQ_RX].work);
511 static int vhost_net_open(struct inode *inode, struct file *f)
513 struct vhost_net *n = kmalloc(sizeof *n, GFP_KERNEL);
514 struct vhost_dev *dev;
521 n->vqs[VHOST_NET_VQ_TX].handle_kick = handle_tx_kick;
522 n->vqs[VHOST_NET_VQ_RX].handle_kick = handle_rx_kick;
523 r = vhost_dev_init(dev, n->vqs, VHOST_NET_VQ_MAX);
529 vhost_poll_init(n->poll + VHOST_NET_VQ_TX, handle_tx_net, POLLOUT, dev);
530 vhost_poll_init(n->poll + VHOST_NET_VQ_RX, handle_rx_net, POLLIN, dev);
531 n->tx_poll_state = VHOST_NET_POLL_DISABLED;
538 static void vhost_net_disable_vq(struct vhost_net *n,
539 struct vhost_virtqueue *vq)
541 if (!vq->private_data)
543 if (vq == n->vqs + VHOST_NET_VQ_TX) {
545 n->tx_poll_state = VHOST_NET_POLL_DISABLED;
547 vhost_poll_stop(n->poll + VHOST_NET_VQ_RX);
550 static void vhost_net_enable_vq(struct vhost_net *n,
551 struct vhost_virtqueue *vq)
555 sock = rcu_dereference_protected(vq->private_data,
556 lockdep_is_held(&vq->mutex));
559 if (vq == n->vqs + VHOST_NET_VQ_TX) {
560 n->tx_poll_state = VHOST_NET_POLL_STOPPED;
561 tx_poll_start(n, sock);
563 vhost_poll_start(n->poll + VHOST_NET_VQ_RX, sock->file);
566 static struct socket *vhost_net_stop_vq(struct vhost_net *n,
567 struct vhost_virtqueue *vq)
571 mutex_lock(&vq->mutex);
572 sock = rcu_dereference_protected(vq->private_data,
573 lockdep_is_held(&vq->mutex));
574 vhost_net_disable_vq(n, vq);
575 rcu_assign_pointer(vq->private_data, NULL);
576 mutex_unlock(&vq->mutex);
580 static void vhost_net_stop(struct vhost_net *n, struct socket **tx_sock,
581 struct socket **rx_sock)
583 *tx_sock = vhost_net_stop_vq(n, n->vqs + VHOST_NET_VQ_TX);
584 *rx_sock = vhost_net_stop_vq(n, n->vqs + VHOST_NET_VQ_RX);
587 static void vhost_net_flush_vq(struct vhost_net *n, int index)
589 vhost_poll_flush(n->poll + index);
590 vhost_poll_flush(&n->dev.vqs[index].poll);
593 static void vhost_net_flush(struct vhost_net *n)
595 vhost_net_flush_vq(n, VHOST_NET_VQ_TX);
596 vhost_net_flush_vq(n, VHOST_NET_VQ_RX);
599 static int vhost_net_release(struct inode *inode, struct file *f)
601 struct vhost_net *n = f->private_data;
602 struct socket *tx_sock;
603 struct socket *rx_sock;
605 vhost_net_stop(n, &tx_sock, &rx_sock);
607 vhost_dev_cleanup(&n->dev);
612 /* We do an extra flush before freeing memory,
613 * since jobs can re-queue themselves. */
619 static struct socket *get_raw_socket(int fd)
622 struct sockaddr_ll sa;
623 char buf[MAX_ADDR_LEN];
625 int uaddr_len = sizeof uaddr, r;
626 struct socket *sock = sockfd_lookup(fd, &r);
629 return ERR_PTR(-ENOTSOCK);
631 /* Parameter checking */
632 if (sock->sk->sk_type != SOCK_RAW) {
633 r = -ESOCKTNOSUPPORT;
637 r = sock->ops->getname(sock, (struct sockaddr *)&uaddr.sa,
642 if (uaddr.sa.sll_family != AF_PACKET) {
652 static struct socket *get_tap_socket(int fd)
654 struct file *file = fget(fd);
658 return ERR_PTR(-EBADF);
659 sock = tun_get_socket(file);
662 sock = macvtap_get_socket(file);
668 static struct socket *get_socket(int fd)
672 /* special case to disable backend */
675 sock = get_raw_socket(fd);
678 sock = get_tap_socket(fd);
681 return ERR_PTR(-ENOTSOCK);
684 static long vhost_net_set_backend(struct vhost_net *n, unsigned index, int fd)
686 struct socket *sock, *oldsock;
687 struct vhost_virtqueue *vq;
688 struct vhost_ubuf_ref *ubufs, *oldubufs = NULL;
691 mutex_lock(&n->dev.mutex);
692 r = vhost_dev_check_owner(&n->dev);
696 if (index >= VHOST_NET_VQ_MAX) {
701 mutex_lock(&vq->mutex);
703 /* Verify that ring has been setup correctly. */
704 if (!vhost_vq_access_ok(vq)) {
708 sock = get_socket(fd);
714 /* start polling new socket */
715 oldsock = rcu_dereference_protected(vq->private_data,
716 lockdep_is_held(&vq->mutex));
717 if (sock != oldsock) {
718 ubufs = vhost_ubuf_alloc(vq, sock && vhost_sock_zcopy(sock));
723 oldubufs = vq->ubufs;
725 vhost_net_disable_vq(n, vq);
726 rcu_assign_pointer(vq->private_data, sock);
727 vhost_net_enable_vq(n, vq);
729 r = vhost_init_used(vq);
734 mutex_unlock(&vq->mutex);
737 vhost_ubuf_put_and_wait(oldubufs);
738 mutex_lock(&vq->mutex);
739 vhost_zerocopy_signal_used(vq);
740 mutex_unlock(&vq->mutex);
744 vhost_net_flush_vq(n, index);
748 mutex_unlock(&n->dev.mutex);
754 mutex_unlock(&vq->mutex);
756 mutex_unlock(&n->dev.mutex);
760 static long vhost_net_reset_owner(struct vhost_net *n)
762 struct socket *tx_sock = NULL;
763 struct socket *rx_sock = NULL;
766 mutex_lock(&n->dev.mutex);
767 err = vhost_dev_check_owner(&n->dev);
770 vhost_net_stop(n, &tx_sock, &rx_sock);
772 err = vhost_dev_reset_owner(&n->dev);
774 mutex_unlock(&n->dev.mutex);
782 static int vhost_net_set_features(struct vhost_net *n, u64 features)
784 size_t vhost_hlen, sock_hlen, hdr_len;
787 hdr_len = (features & (1 << VIRTIO_NET_F_MRG_RXBUF)) ?
788 sizeof(struct virtio_net_hdr_mrg_rxbuf) :
789 sizeof(struct virtio_net_hdr);
790 if (features & (1 << VHOST_NET_F_VIRTIO_NET_HDR)) {
791 /* vhost provides vnet_hdr */
792 vhost_hlen = hdr_len;
795 /* socket provides vnet_hdr */
799 mutex_lock(&n->dev.mutex);
800 if ((features & (1 << VHOST_F_LOG_ALL)) &&
801 !vhost_log_access_ok(&n->dev)) {
802 mutex_unlock(&n->dev.mutex);
805 n->dev.acked_features = features;
807 for (i = 0; i < VHOST_NET_VQ_MAX; ++i) {
808 mutex_lock(&n->vqs[i].mutex);
809 n->vqs[i].vhost_hlen = vhost_hlen;
810 n->vqs[i].sock_hlen = sock_hlen;
811 mutex_unlock(&n->vqs[i].mutex);
814 mutex_unlock(&n->dev.mutex);
818 static long vhost_net_ioctl(struct file *f, unsigned int ioctl,
821 struct vhost_net *n = f->private_data;
822 void __user *argp = (void __user *)arg;
823 u64 __user *featurep = argp;
824 struct vhost_vring_file backend;
829 case VHOST_NET_SET_BACKEND:
830 if (copy_from_user(&backend, argp, sizeof backend))
832 return vhost_net_set_backend(n, backend.index, backend.fd);
833 case VHOST_GET_FEATURES:
834 features = VHOST_FEATURES;
835 if (copy_to_user(featurep, &features, sizeof features))
838 case VHOST_SET_FEATURES:
839 if (copy_from_user(&features, featurep, sizeof features))
841 if (features & ~VHOST_FEATURES)
843 return vhost_net_set_features(n, features);
844 case VHOST_RESET_OWNER:
845 return vhost_net_reset_owner(n);
847 mutex_lock(&n->dev.mutex);
848 r = vhost_dev_ioctl(&n->dev, ioctl, arg);
850 mutex_unlock(&n->dev.mutex);
856 static long vhost_net_compat_ioctl(struct file *f, unsigned int ioctl,
859 return vhost_net_ioctl(f, ioctl, (unsigned long)compat_ptr(arg));
863 static const struct file_operations vhost_net_fops = {
864 .owner = THIS_MODULE,
865 .release = vhost_net_release,
866 .unlocked_ioctl = vhost_net_ioctl,
868 .compat_ioctl = vhost_net_compat_ioctl,
870 .open = vhost_net_open,
871 .llseek = noop_llseek,
874 static struct miscdevice vhost_net_misc = {
880 static int vhost_net_init(void)
882 if (experimental_zcopytx)
883 vhost_enable_zcopy(VHOST_NET_VQ_TX);
884 return misc_register(&vhost_net_misc);
886 module_init(vhost_net_init);
888 static void vhost_net_exit(void)
890 misc_deregister(&vhost_net_misc);
892 module_exit(vhost_net_exit);
894 MODULE_VERSION("0.0.1");
895 MODULE_LICENSE("GPL v2");
896 MODULE_AUTHOR("Michael S. Tsirkin");
897 MODULE_DESCRIPTION("Host kernel accelerator for virtio net");
git.openpandora.org / pandora-kernel.git / blob