1 /* SPDX-License-Identifier: (GPL-2.0 OR CDDL-1.0) */
2 /*
3 * vboxguest vmm-req and hgcm-call code, VBoxGuestR0LibHGCMInternal.cpp,
4 * VBoxGuestR0LibGenericRequest.cpp and RTErrConvertToErrno.cpp in vbox svn.
5 *
6 * Copyright (C) 2006-2016 Oracle Corporation
7 */
8
9 #include <linux/errno.h>
10 #include <linux/kernel.h>
11 #include <linux/mm.h>
12 #include <linux/module.h>
13 #include <linux/sizes.h>
14 #include <linux/slab.h>
15 #include <linux/uaccess.h>
16 #include <linux/vmalloc.h>
17 #include <linux/vbox_err.h>
18 #include <linux/vbox_utils.h>
19 #include "vboxguest_core.h"
20
21 /* Get the pointer to the first parameter of a HGCM call request. */
22 #define VMMDEV_HGCM_CALL_PARMS(a) \
23 ((struct vmmdev_hgcm_function_parameter *)( \
24 (u8 *)(a) + sizeof(struct vmmdev_hgcm_call)))
25
26 /* The max parameter buffer size for a user request. */
27 #define VBG_MAX_HGCM_USER_PARM (24 * SZ_1M)
28 /* The max parameter buffer size for a kernel request. */
29 #define VBG_MAX_HGCM_KERNEL_PARM (16 * SZ_1M)
30
31 #define VBG_DEBUG_PORT 0x504
32
33 /* This protects vbg_log_buf and serializes VBG_DEBUG_PORT accesses */
34 static DEFINE_SPINLOCK(vbg_log_lock);
35 static char vbg_log_buf[128];
36
37 #define VBG_LOG(name, pr_func) \
38 void name(const char *fmt, ...) \
39 { \
40 unsigned long flags; \
41 va_list args; \
42 int i, count; \
43 \
44 va_start(args, fmt); \
45 spin_lock_irqsave(&vbg_log_lock, flags); \
46 \
47 count = vscnprintf(vbg_log_buf, sizeof(vbg_log_buf), fmt, args);\
48 for (i = 0; i < count; i++) \
49 outb(vbg_log_buf[i], VBG_DEBUG_PORT); \
50 \
51 pr_func("%s", vbg_log_buf); \
52 \
53 spin_unlock_irqrestore(&vbg_log_lock, flags); \
54 va_end(args); \
55 } \
56 EXPORT_SYMBOL(name)
57
58 VBG_LOG(vbg_info, pr_info);
59 VBG_LOG(vbg_warn, pr_warn);
60 VBG_LOG(vbg_err, pr_err);
61 #if defined(DEBUG) && !defined(CONFIG_DYNAMIC_DEBUG)
62 VBG_LOG(vbg_debug, pr_debug);
63 #endif
64
vbg_req_alloc(size_t len,enum vmmdev_request_type req_type)65 void *vbg_req_alloc(size_t len, enum vmmdev_request_type req_type)
66 {
67 struct vmmdev_request_header *req;
68 int order = get_order(PAGE_ALIGN(len));
69
70 req = (void *)__get_free_pages(GFP_KERNEL | GFP_DMA32, order);
71 if (!req)
72 return NULL;
73
74 memset(req, 0xaa, len);
75
76 req->size = len;
77 req->version = VMMDEV_REQUEST_HEADER_VERSION;
78 req->request_type = req_type;
79 req->rc = VERR_GENERAL_FAILURE;
80 req->reserved1 = 0;
81 req->reserved2 = 0;
82
83 return req;
84 }
85
vbg_req_free(void * req,size_t len)86 void vbg_req_free(void *req, size_t len)
87 {
88 if (!req)
89 return;
90
91 free_pages((unsigned long)req, get_order(PAGE_ALIGN(len)));
92 }
93
94 /* Note this function returns a VBox status code, not a negative errno!! */
vbg_req_perform(struct vbg_dev * gdev,void * req)95 int vbg_req_perform(struct vbg_dev *gdev, void *req)
96 {
97 unsigned long phys_req = virt_to_phys(req);
98
99 outl(phys_req, gdev->io_port + VMMDEV_PORT_OFF_REQUEST);
100 /*
101 * The host changes the request as a result of the outl, make sure
102 * the outl and any reads of the req happen in the correct order.
103 */
104 mb();
105
106 return ((struct vmmdev_request_header *)req)->rc;
107 }
108
hgcm_req_done(struct vbg_dev * gdev,struct vmmdev_hgcmreq_header * header)109 static bool hgcm_req_done(struct vbg_dev *gdev,
110 struct vmmdev_hgcmreq_header *header)
111 {
112 unsigned long flags;
113 bool done;
114
115 spin_lock_irqsave(&gdev->event_spinlock, flags);
116 done = header->flags & VMMDEV_HGCM_REQ_DONE;
117 spin_unlock_irqrestore(&gdev->event_spinlock, flags);
118
119 return done;
120 }
121
vbg_hgcm_connect(struct vbg_dev * gdev,struct vmmdev_hgcm_service_location * loc,u32 * client_id,int * vbox_status)122 int vbg_hgcm_connect(struct vbg_dev *gdev,
123 struct vmmdev_hgcm_service_location *loc,
124 u32 *client_id, int *vbox_status)
125 {
126 struct vmmdev_hgcm_connect *hgcm_connect = NULL;
127 int rc;
128
129 hgcm_connect = vbg_req_alloc(sizeof(*hgcm_connect),
130 VMMDEVREQ_HGCM_CONNECT);
131 if (!hgcm_connect)
132 return -ENOMEM;
133
134 hgcm_connect->header.flags = 0;
135 memcpy(&hgcm_connect->loc, loc, sizeof(*loc));
136 hgcm_connect->client_id = 0;
137
138 rc = vbg_req_perform(gdev, hgcm_connect);
139
140 if (rc == VINF_HGCM_ASYNC_EXECUTE)
141 wait_event(gdev->hgcm_wq,
142 hgcm_req_done(gdev, &hgcm_connect->header));
143
144 if (rc >= 0) {
145 *client_id = hgcm_connect->client_id;
146 rc = hgcm_connect->header.result;
147 }
148
149 vbg_req_free(hgcm_connect, sizeof(*hgcm_connect));
150
151 *vbox_status = rc;
152 return 0;
153 }
154 EXPORT_SYMBOL(vbg_hgcm_connect);
155
vbg_hgcm_disconnect(struct vbg_dev * gdev,u32 client_id,int * vbox_status)156 int vbg_hgcm_disconnect(struct vbg_dev *gdev, u32 client_id, int *vbox_status)
157 {
158 struct vmmdev_hgcm_disconnect *hgcm_disconnect = NULL;
159 int rc;
160
161 hgcm_disconnect = vbg_req_alloc(sizeof(*hgcm_disconnect),
162 VMMDEVREQ_HGCM_DISCONNECT);
163 if (!hgcm_disconnect)
164 return -ENOMEM;
165
166 hgcm_disconnect->header.flags = 0;
167 hgcm_disconnect->client_id = client_id;
168
169 rc = vbg_req_perform(gdev, hgcm_disconnect);
170
171 if (rc == VINF_HGCM_ASYNC_EXECUTE)
172 wait_event(gdev->hgcm_wq,
173 hgcm_req_done(gdev, &hgcm_disconnect->header));
174
175 if (rc >= 0)
176 rc = hgcm_disconnect->header.result;
177
178 vbg_req_free(hgcm_disconnect, sizeof(*hgcm_disconnect));
179
180 *vbox_status = rc;
181 return 0;
182 }
183 EXPORT_SYMBOL(vbg_hgcm_disconnect);
184
hgcm_call_buf_size_in_pages(void * buf,u32 len)185 static u32 hgcm_call_buf_size_in_pages(void *buf, u32 len)
186 {
187 u32 size = PAGE_ALIGN(len + ((unsigned long)buf & ~PAGE_MASK));
188
189 return size >> PAGE_SHIFT;
190 }
191
hgcm_call_add_pagelist_size(void * buf,u32 len,size_t * extra)192 static void hgcm_call_add_pagelist_size(void *buf, u32 len, size_t *extra)
193 {
194 u32 page_count;
195
196 page_count = hgcm_call_buf_size_in_pages(buf, len);
197 *extra += offsetof(struct vmmdev_hgcm_pagelist, pages[page_count]);
198 }
199
hgcm_call_preprocess_linaddr(const struct vmmdev_hgcm_function_parameter * src_parm,void ** bounce_buf_ret,size_t * extra)200 static int hgcm_call_preprocess_linaddr(
201 const struct vmmdev_hgcm_function_parameter *src_parm,
202 void **bounce_buf_ret, size_t *extra)
203 {
204 void *buf, *bounce_buf;
205 bool copy_in;
206 u32 len;
207 int ret;
208
209 buf = (void *)src_parm->u.pointer.u.linear_addr;
210 len = src_parm->u.pointer.size;
211 copy_in = src_parm->type != VMMDEV_HGCM_PARM_TYPE_LINADDR_OUT;
212
213 if (len > VBG_MAX_HGCM_USER_PARM)
214 return -E2BIG;
215
216 bounce_buf = kvmalloc(len, GFP_KERNEL);
217 if (!bounce_buf)
218 return -ENOMEM;
219
220 *bounce_buf_ret = bounce_buf;
221
222 if (copy_in) {
223 ret = copy_from_user(bounce_buf, (void __user *)buf, len);
224 if (ret)
225 return -EFAULT;
226 } else {
227 memset(bounce_buf, 0, len);
228 }
229
230 hgcm_call_add_pagelist_size(bounce_buf, len, extra);
231 return 0;
232 }
233
234 /**
235 * Preprocesses the HGCM call, validate parameters, alloc bounce buffers and
236 * figure out how much extra storage we need for page lists.
237 * Return: 0 or negative errno value.
238 * @src_parm: Pointer to source function call parameters
239 * @parm_count: Number of function call parameters.
240 * @bounce_bufs_ret: Where to return the allocated bouncebuffer array
241 * @extra: Where to return the extra request space needed for
242 * physical page lists.
243 */
hgcm_call_preprocess(const struct vmmdev_hgcm_function_parameter * src_parm,u32 parm_count,void *** bounce_bufs_ret,size_t * extra)244 static int hgcm_call_preprocess(
245 const struct vmmdev_hgcm_function_parameter *src_parm,
246 u32 parm_count, void ***bounce_bufs_ret, size_t *extra)
247 {
248 void *buf, **bounce_bufs = NULL;
249 u32 i, len;
250 int ret;
251
252 for (i = 0; i < parm_count; i++, src_parm++) {
253 switch (src_parm->type) {
254 case VMMDEV_HGCM_PARM_TYPE_32BIT:
255 case VMMDEV_HGCM_PARM_TYPE_64BIT:
256 break;
257
258 case VMMDEV_HGCM_PARM_TYPE_LINADDR:
259 case VMMDEV_HGCM_PARM_TYPE_LINADDR_IN:
260 case VMMDEV_HGCM_PARM_TYPE_LINADDR_OUT:
261 if (!bounce_bufs) {
262 bounce_bufs = kcalloc(parm_count,
263 sizeof(void *),
264 GFP_KERNEL);
265 if (!bounce_bufs)
266 return -ENOMEM;
267
268 *bounce_bufs_ret = bounce_bufs;
269 }
270
271 ret = hgcm_call_preprocess_linaddr(src_parm,
272 &bounce_bufs[i],
273 extra);
274 if (ret)
275 return ret;
276
277 break;
278
279 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL:
280 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL_IN:
281 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL_OUT:
282 buf = (void *)src_parm->u.pointer.u.linear_addr;
283 len = src_parm->u.pointer.size;
284 if (WARN_ON(len > VBG_MAX_HGCM_KERNEL_PARM))
285 return -E2BIG;
286
287 hgcm_call_add_pagelist_size(buf, len, extra);
288 break;
289
290 default:
291 return -EINVAL;
292 }
293 }
294
295 return 0;
296 }
297
298 /**
299 * Translates linear address types to page list direction flags.
300 *
301 * Return: page list flags.
302 * @type: The type.
303 */
hgcm_call_linear_addr_type_to_pagelist_flags(enum vmmdev_hgcm_function_parameter_type type)304 static u32 hgcm_call_linear_addr_type_to_pagelist_flags(
305 enum vmmdev_hgcm_function_parameter_type type)
306 {
307 switch (type) {
308 default:
309 WARN_ON(1);
310 /* Fall through */
311 case VMMDEV_HGCM_PARM_TYPE_LINADDR:
312 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL:
313 return VMMDEV_HGCM_F_PARM_DIRECTION_BOTH;
314
315 case VMMDEV_HGCM_PARM_TYPE_LINADDR_IN:
316 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL_IN:
317 return VMMDEV_HGCM_F_PARM_DIRECTION_TO_HOST;
318
319 case VMMDEV_HGCM_PARM_TYPE_LINADDR_OUT:
320 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL_OUT:
321 return VMMDEV_HGCM_F_PARM_DIRECTION_FROM_HOST;
322 }
323 }
324
hgcm_call_init_linaddr(struct vmmdev_hgcm_call * call,struct vmmdev_hgcm_function_parameter * dst_parm,void * buf,u32 len,enum vmmdev_hgcm_function_parameter_type type,u32 * off_extra)325 static void hgcm_call_init_linaddr(struct vmmdev_hgcm_call *call,
326 struct vmmdev_hgcm_function_parameter *dst_parm, void *buf, u32 len,
327 enum vmmdev_hgcm_function_parameter_type type, u32 *off_extra)
328 {
329 struct vmmdev_hgcm_pagelist *dst_pg_lst;
330 struct page *page;
331 bool is_vmalloc;
332 u32 i, page_count;
333
334 dst_parm->type = type;
335
336 if (len == 0) {
337 dst_parm->u.pointer.size = 0;
338 dst_parm->u.pointer.u.linear_addr = 0;
339 return;
340 }
341
342 dst_pg_lst = (void *)call + *off_extra;
343 page_count = hgcm_call_buf_size_in_pages(buf, len);
344 is_vmalloc = is_vmalloc_addr(buf);
345
346 dst_parm->type = VMMDEV_HGCM_PARM_TYPE_PAGELIST;
347 dst_parm->u.page_list.size = len;
348 dst_parm->u.page_list.offset = *off_extra;
349 dst_pg_lst->flags = hgcm_call_linear_addr_type_to_pagelist_flags(type);
350 dst_pg_lst->offset_first_page = (unsigned long)buf & ~PAGE_MASK;
351 dst_pg_lst->page_count = page_count;
352
353 for (i = 0; i < page_count; i++) {
354 if (is_vmalloc)
355 page = vmalloc_to_page(buf);
356 else
357 page = virt_to_page(buf);
358
359 dst_pg_lst->pages[i] = page_to_phys(page);
360 buf += PAGE_SIZE;
361 }
362
363 *off_extra += offsetof(struct vmmdev_hgcm_pagelist, pages[page_count]);
364 }
365
366 /**
367 * Initializes the call request that we're sending to the host.
368 * @call: The call to initialize.
369 * @client_id: The client ID of the caller.
370 * @function: The function number of the function to call.
371 * @src_parm: Pointer to source function call parameters.
372 * @parm_count: Number of function call parameters.
373 * @bounce_bufs: The bouncebuffer array.
374 */
hgcm_call_init_call(struct vmmdev_hgcm_call * call,u32 client_id,u32 function,const struct vmmdev_hgcm_function_parameter * src_parm,u32 parm_count,void ** bounce_bufs)375 static void hgcm_call_init_call(
376 struct vmmdev_hgcm_call *call, u32 client_id, u32 function,
377 const struct vmmdev_hgcm_function_parameter *src_parm,
378 u32 parm_count, void **bounce_bufs)
379 {
380 struct vmmdev_hgcm_function_parameter *dst_parm =
381 VMMDEV_HGCM_CALL_PARMS(call);
382 u32 i, off_extra = (uintptr_t)(dst_parm + parm_count) - (uintptr_t)call;
383 void *buf;
384
385 call->header.flags = 0;
386 call->header.result = VINF_SUCCESS;
387 call->client_id = client_id;
388 call->function = function;
389 call->parm_count = parm_count;
390
391 for (i = 0; i < parm_count; i++, src_parm++, dst_parm++) {
392 switch (src_parm->type) {
393 case VMMDEV_HGCM_PARM_TYPE_32BIT:
394 case VMMDEV_HGCM_PARM_TYPE_64BIT:
395 *dst_parm = *src_parm;
396 break;
397
398 case VMMDEV_HGCM_PARM_TYPE_LINADDR:
399 case VMMDEV_HGCM_PARM_TYPE_LINADDR_IN:
400 case VMMDEV_HGCM_PARM_TYPE_LINADDR_OUT:
401 hgcm_call_init_linaddr(call, dst_parm, bounce_bufs[i],
402 src_parm->u.pointer.size,
403 src_parm->type, &off_extra);
404 break;
405
406 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL:
407 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL_IN:
408 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL_OUT:
409 buf = (void *)src_parm->u.pointer.u.linear_addr;
410 hgcm_call_init_linaddr(call, dst_parm, buf,
411 src_parm->u.pointer.size,
412 src_parm->type, &off_extra);
413 break;
414
415 default:
416 WARN_ON(1);
417 dst_parm->type = VMMDEV_HGCM_PARM_TYPE_INVALID;
418 }
419 }
420 }
421
422 /**
423 * Tries to cancel a pending HGCM call.
424 *
425 * Return: VBox status code
426 */
hgcm_cancel_call(struct vbg_dev * gdev,struct vmmdev_hgcm_call * call)427 static int hgcm_cancel_call(struct vbg_dev *gdev, struct vmmdev_hgcm_call *call)
428 {
429 int rc;
430
431 /*
432 * We use a pre-allocated request for cancellations, which is
433 * protected by cancel_req_mutex. This means that all cancellations
434 * get serialized, this should be fine since they should be rare.
435 */
436 mutex_lock(&gdev->cancel_req_mutex);
437 gdev->cancel_req->phys_req_to_cancel = virt_to_phys(call);
438 rc = vbg_req_perform(gdev, gdev->cancel_req);
439 mutex_unlock(&gdev->cancel_req_mutex);
440
441 if (rc == VERR_NOT_IMPLEMENTED) {
442 call->header.flags |= VMMDEV_HGCM_REQ_CANCELLED;
443 call->header.header.request_type = VMMDEVREQ_HGCM_CANCEL;
444
445 rc = vbg_req_perform(gdev, call);
446 if (rc == VERR_INVALID_PARAMETER)
447 rc = VERR_NOT_FOUND;
448 }
449
450 if (rc >= 0)
451 call->header.flags |= VMMDEV_HGCM_REQ_CANCELLED;
452
453 return rc;
454 }
455
456 /**
457 * Performs the call and completion wait.
458 * Return: 0 or negative errno value.
459 * @gdev: The VBoxGuest device extension.
460 * @call: The call to execute.
461 * @timeout_ms: Timeout in ms.
462 * @leak_it: Where to return the leak it / free it, indicator.
463 * Cancellation fun.
464 */
vbg_hgcm_do_call(struct vbg_dev * gdev,struct vmmdev_hgcm_call * call,u32 timeout_ms,bool * leak_it)465 static int vbg_hgcm_do_call(struct vbg_dev *gdev, struct vmmdev_hgcm_call *call,
466 u32 timeout_ms, bool *leak_it)
467 {
468 int rc, cancel_rc, ret;
469 long timeout;
470
471 *leak_it = false;
472
473 rc = vbg_req_perform(gdev, call);
474
475 /*
476 * If the call failed, then pretend success. Upper layers will
477 * interpret the result code in the packet.
478 */
479 if (rc < 0) {
480 call->header.result = rc;
481 return 0;
482 }
483
484 if (rc != VINF_HGCM_ASYNC_EXECUTE)
485 return 0;
486
487 /* Host decided to process the request asynchronously, wait for it */
488 if (timeout_ms == U32_MAX)
489 timeout = MAX_SCHEDULE_TIMEOUT;
490 else
491 timeout = msecs_to_jiffies(timeout_ms);
492
493 timeout = wait_event_interruptible_timeout(
494 gdev->hgcm_wq,
495 hgcm_req_done(gdev, &call->header),
496 timeout);
497
498 /* timeout > 0 means hgcm_req_done has returned true, so success */
499 if (timeout > 0)
500 return 0;
501
502 if (timeout == 0)
503 ret = -ETIMEDOUT;
504 else
505 ret = -EINTR;
506
507 /* Cancel the request */
508 cancel_rc = hgcm_cancel_call(gdev, call);
509 if (cancel_rc >= 0)
510 return ret;
511
512 /*
513 * Failed to cancel, this should mean that the cancel has lost the
514 * race with normal completion, wait while the host completes it.
515 */
516 if (cancel_rc == VERR_NOT_FOUND || cancel_rc == VERR_SEM_DESTROYED)
517 timeout = msecs_to_jiffies(500);
518 else
519 timeout = msecs_to_jiffies(2000);
520
521 timeout = wait_event_timeout(gdev->hgcm_wq,
522 hgcm_req_done(gdev, &call->header),
523 timeout);
524
525 if (WARN_ON(timeout == 0)) {
526 /* We really should never get here */
527 vbg_err("%s: Call timedout and cancellation failed, leaking the request\n",
528 __func__);
529 *leak_it = true;
530 return ret;
531 }
532
533 /* The call has completed normally after all */
534 return 0;
535 }
536
537 /**
538 * Copies the result of the call back to the caller info structure and user
539 * buffers.
540 * Return: 0 or negative errno value.
541 * @call: HGCM call request.
542 * @dst_parm: Pointer to function call parameters destination.
543 * @parm_count: Number of function call parameters.
544 * @bounce_bufs: The bouncebuffer array.
545 */
hgcm_call_copy_back_result(const struct vmmdev_hgcm_call * call,struct vmmdev_hgcm_function_parameter * dst_parm,u32 parm_count,void ** bounce_bufs)546 static int hgcm_call_copy_back_result(
547 const struct vmmdev_hgcm_call *call,
548 struct vmmdev_hgcm_function_parameter *dst_parm,
549 u32 parm_count, void **bounce_bufs)
550 {
551 const struct vmmdev_hgcm_function_parameter *src_parm =
552 VMMDEV_HGCM_CALL_PARMS(call);
553 void __user *p;
554 int ret;
555 u32 i;
556
557 /* Copy back parameters. */
558 for (i = 0; i < parm_count; i++, src_parm++, dst_parm++) {
559 switch (dst_parm->type) {
560 case VMMDEV_HGCM_PARM_TYPE_32BIT:
561 case VMMDEV_HGCM_PARM_TYPE_64BIT:
562 *dst_parm = *src_parm;
563 break;
564
565 case VMMDEV_HGCM_PARM_TYPE_PAGELIST:
566 dst_parm->u.page_list.size = src_parm->u.page_list.size;
567 break;
568
569 case VMMDEV_HGCM_PARM_TYPE_LINADDR_IN:
570 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL:
571 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL_IN:
572 case VMMDEV_HGCM_PARM_TYPE_LINADDR_KERNEL_OUT:
573 dst_parm->u.pointer.size = src_parm->u.pointer.size;
574 break;
575
576 case VMMDEV_HGCM_PARM_TYPE_LINADDR:
577 case VMMDEV_HGCM_PARM_TYPE_LINADDR_OUT:
578 dst_parm->u.pointer.size = src_parm->u.pointer.size;
579
580 p = (void __user *)dst_parm->u.pointer.u.linear_addr;
581 ret = copy_to_user(p, bounce_bufs[i],
582 min(src_parm->u.pointer.size,
583 dst_parm->u.pointer.size));
584 if (ret)
585 return -EFAULT;
586 break;
587
588 default:
589 WARN_ON(1);
590 return -EINVAL;
591 }
592 }
593
594 return 0;
595 }
596
vbg_hgcm_call(struct vbg_dev * gdev,u32 client_id,u32 function,u32 timeout_ms,struct vmmdev_hgcm_function_parameter * parms,u32 parm_count,int * vbox_status)597 int vbg_hgcm_call(struct vbg_dev *gdev, u32 client_id, u32 function,
598 u32 timeout_ms, struct vmmdev_hgcm_function_parameter *parms,
599 u32 parm_count, int *vbox_status)
600 {
601 struct vmmdev_hgcm_call *call;
602 void **bounce_bufs = NULL;
603 bool leak_it;
604 size_t size;
605 int i, ret;
606
607 size = sizeof(struct vmmdev_hgcm_call) +
608 parm_count * sizeof(struct vmmdev_hgcm_function_parameter);
609 /*
610 * Validate and buffer the parameters for the call. This also increases
611 * call_size with the amount of extra space needed for page lists.
612 */
613 ret = hgcm_call_preprocess(parms, parm_count, &bounce_bufs, &size);
614 if (ret) {
615 /* Even on error bounce bufs may still have been allocated */
616 goto free_bounce_bufs;
617 }
618
619 call = vbg_req_alloc(size, VMMDEVREQ_HGCM_CALL);
620 if (!call) {
621 ret = -ENOMEM;
622 goto free_bounce_bufs;
623 }
624
625 hgcm_call_init_call(call, client_id, function, parms, parm_count,
626 bounce_bufs);
627
628 ret = vbg_hgcm_do_call(gdev, call, timeout_ms, &leak_it);
629 if (ret == 0) {
630 *vbox_status = call->header.result;
631 ret = hgcm_call_copy_back_result(call, parms, parm_count,
632 bounce_bufs);
633 }
634
635 if (!leak_it)
636 vbg_req_free(call, size);
637
638 free_bounce_bufs:
639 if (bounce_bufs) {
640 for (i = 0; i < parm_count; i++)
641 kvfree(bounce_bufs[i]);
642 kfree(bounce_bufs);
643 }
644
645 return ret;
646 }
647 EXPORT_SYMBOL(vbg_hgcm_call);
648
649 #ifdef CONFIG_COMPAT
vbg_hgcm_call32(struct vbg_dev * gdev,u32 client_id,u32 function,u32 timeout_ms,struct vmmdev_hgcm_function_parameter32 * parm32,u32 parm_count,int * vbox_status)650 int vbg_hgcm_call32(
651 struct vbg_dev *gdev, u32 client_id, u32 function, u32 timeout_ms,
652 struct vmmdev_hgcm_function_parameter32 *parm32, u32 parm_count,
653 int *vbox_status)
654 {
655 struct vmmdev_hgcm_function_parameter *parm64 = NULL;
656 u32 i, size;
657 int ret = 0;
658
659 /* KISS allocate a temporary request and convert the parameters. */
660 size = parm_count * sizeof(struct vmmdev_hgcm_function_parameter);
661 parm64 = kzalloc(size, GFP_KERNEL);
662 if (!parm64)
663 return -ENOMEM;
664
665 for (i = 0; i < parm_count; i++) {
666 switch (parm32[i].type) {
667 case VMMDEV_HGCM_PARM_TYPE_32BIT:
668 parm64[i].type = VMMDEV_HGCM_PARM_TYPE_32BIT;
669 parm64[i].u.value32 = parm32[i].u.value32;
670 break;
671
672 case VMMDEV_HGCM_PARM_TYPE_64BIT:
673 parm64[i].type = VMMDEV_HGCM_PARM_TYPE_64BIT;
674 parm64[i].u.value64 = parm32[i].u.value64;
675 break;
676
677 case VMMDEV_HGCM_PARM_TYPE_LINADDR_OUT:
678 case VMMDEV_HGCM_PARM_TYPE_LINADDR:
679 case VMMDEV_HGCM_PARM_TYPE_LINADDR_IN:
680 parm64[i].type = parm32[i].type;
681 parm64[i].u.pointer.size = parm32[i].u.pointer.size;
682 parm64[i].u.pointer.u.linear_addr =
683 parm32[i].u.pointer.u.linear_addr;
684 break;
685
686 default:
687 ret = -EINVAL;
688 }
689 if (ret < 0)
690 goto out_free;
691 }
692
693 ret = vbg_hgcm_call(gdev, client_id, function, timeout_ms,
694 parm64, parm_count, vbox_status);
695 if (ret < 0)
696 goto out_free;
697
698 /* Copy back. */
699 for (i = 0; i < parm_count; i++, parm32++, parm64++) {
700 switch (parm64[i].type) {
701 case VMMDEV_HGCM_PARM_TYPE_32BIT:
702 parm32[i].u.value32 = parm64[i].u.value32;
703 break;
704
705 case VMMDEV_HGCM_PARM_TYPE_64BIT:
706 parm32[i].u.value64 = parm64[i].u.value64;
707 break;
708
709 case VMMDEV_HGCM_PARM_TYPE_LINADDR_OUT:
710 case VMMDEV_HGCM_PARM_TYPE_LINADDR:
711 case VMMDEV_HGCM_PARM_TYPE_LINADDR_IN:
712 parm32[i].u.pointer.size = parm64[i].u.pointer.size;
713 break;
714
715 default:
716 WARN_ON(1);
717 ret = -EINVAL;
718 }
719 }
720
721 out_free:
722 kfree(parm64);
723 return ret;
724 }
725 #endif
726
727 static const int vbg_status_code_to_errno_table[] = {
728 [-VERR_ACCESS_DENIED] = -EPERM,
729 [-VERR_FILE_NOT_FOUND] = -ENOENT,
730 [-VERR_PROCESS_NOT_FOUND] = -ESRCH,
731 [-VERR_INTERRUPTED] = -EINTR,
732 [-VERR_DEV_IO_ERROR] = -EIO,
733 [-VERR_TOO_MUCH_DATA] = -E2BIG,
734 [-VERR_BAD_EXE_FORMAT] = -ENOEXEC,
735 [-VERR_INVALID_HANDLE] = -EBADF,
736 [-VERR_TRY_AGAIN] = -EAGAIN,
737 [-VERR_NO_MEMORY] = -ENOMEM,
738 [-VERR_INVALID_POINTER] = -EFAULT,
739 [-VERR_RESOURCE_BUSY] = -EBUSY,
740 [-VERR_ALREADY_EXISTS] = -EEXIST,
741 [-VERR_NOT_SAME_DEVICE] = -EXDEV,
742 [-VERR_NOT_A_DIRECTORY] = -ENOTDIR,
743 [-VERR_PATH_NOT_FOUND] = -ENOTDIR,
744 [-VERR_INVALID_NAME] = -ENOENT,
745 [-VERR_IS_A_DIRECTORY] = -EISDIR,
746 [-VERR_INVALID_PARAMETER] = -EINVAL,
747 [-VERR_TOO_MANY_OPEN_FILES] = -ENFILE,
748 [-VERR_INVALID_FUNCTION] = -ENOTTY,
749 [-VERR_SHARING_VIOLATION] = -ETXTBSY,
750 [-VERR_FILE_TOO_BIG] = -EFBIG,
751 [-VERR_DISK_FULL] = -ENOSPC,
752 [-VERR_SEEK_ON_DEVICE] = -ESPIPE,
753 [-VERR_WRITE_PROTECT] = -EROFS,
754 [-VERR_BROKEN_PIPE] = -EPIPE,
755 [-VERR_DEADLOCK] = -EDEADLK,
756 [-VERR_FILENAME_TOO_LONG] = -ENAMETOOLONG,
757 [-VERR_FILE_LOCK_FAILED] = -ENOLCK,
758 [-VERR_NOT_IMPLEMENTED] = -ENOSYS,
759 [-VERR_NOT_SUPPORTED] = -ENOSYS,
760 [-VERR_DIR_NOT_EMPTY] = -ENOTEMPTY,
761 [-VERR_TOO_MANY_SYMLINKS] = -ELOOP,
762 [-VERR_NO_MORE_FILES] = -ENODATA,
763 [-VERR_NO_DATA] = -ENODATA,
764 [-VERR_NET_NO_NETWORK] = -ENONET,
765 [-VERR_NET_NOT_UNIQUE_NAME] = -ENOTUNIQ,
766 [-VERR_NO_TRANSLATION] = -EILSEQ,
767 [-VERR_NET_NOT_SOCKET] = -ENOTSOCK,
768 [-VERR_NET_DEST_ADDRESS_REQUIRED] = -EDESTADDRREQ,
769 [-VERR_NET_MSG_SIZE] = -EMSGSIZE,
770 [-VERR_NET_PROTOCOL_TYPE] = -EPROTOTYPE,
771 [-VERR_NET_PROTOCOL_NOT_AVAILABLE] = -ENOPROTOOPT,
772 [-VERR_NET_PROTOCOL_NOT_SUPPORTED] = -EPROTONOSUPPORT,
773 [-VERR_NET_SOCKET_TYPE_NOT_SUPPORTED] = -ESOCKTNOSUPPORT,
774 [-VERR_NET_OPERATION_NOT_SUPPORTED] = -EOPNOTSUPP,
775 [-VERR_NET_PROTOCOL_FAMILY_NOT_SUPPORTED] = -EPFNOSUPPORT,
776 [-VERR_NET_ADDRESS_FAMILY_NOT_SUPPORTED] = -EAFNOSUPPORT,
777 [-VERR_NET_ADDRESS_IN_USE] = -EADDRINUSE,
778 [-VERR_NET_ADDRESS_NOT_AVAILABLE] = -EADDRNOTAVAIL,
779 [-VERR_NET_DOWN] = -ENETDOWN,
780 [-VERR_NET_UNREACHABLE] = -ENETUNREACH,
781 [-VERR_NET_CONNECTION_RESET] = -ENETRESET,
782 [-VERR_NET_CONNECTION_ABORTED] = -ECONNABORTED,
783 [-VERR_NET_CONNECTION_RESET_BY_PEER] = -ECONNRESET,
784 [-VERR_NET_NO_BUFFER_SPACE] = -ENOBUFS,
785 [-VERR_NET_ALREADY_CONNECTED] = -EISCONN,
786 [-VERR_NET_NOT_CONNECTED] = -ENOTCONN,
787 [-VERR_NET_SHUTDOWN] = -ESHUTDOWN,
788 [-VERR_NET_TOO_MANY_REFERENCES] = -ETOOMANYREFS,
789 [-VERR_TIMEOUT] = -ETIMEDOUT,
790 [-VERR_NET_CONNECTION_REFUSED] = -ECONNREFUSED,
791 [-VERR_NET_HOST_DOWN] = -EHOSTDOWN,
792 [-VERR_NET_HOST_UNREACHABLE] = -EHOSTUNREACH,
793 [-VERR_NET_ALREADY_IN_PROGRESS] = -EALREADY,
794 [-VERR_NET_IN_PROGRESS] = -EINPROGRESS,
795 [-VERR_MEDIA_NOT_PRESENT] = -ENOMEDIUM,
796 [-VERR_MEDIA_NOT_RECOGNIZED] = -EMEDIUMTYPE,
797 };
798
vbg_status_code_to_errno(int rc)799 int vbg_status_code_to_errno(int rc)
800 {
801 if (rc >= 0)
802 return 0;
803
804 rc = -rc;
805 if (rc >= ARRAY_SIZE(vbg_status_code_to_errno_table) ||
806 vbg_status_code_to_errno_table[rc] == 0) {
807 vbg_warn("%s: Unhandled err %d\n", __func__, -rc);
808 return -EPROTO;
809 }
810
811 return vbg_status_code_to_errno_table[rc];
812 }
813 EXPORT_SYMBOL(vbg_status_code_to_errno);
814