| Message ID | 20240409181154.9962-1-sudanl@amazon.com |
|---|---|
| Headers | show |
| Series | virt: vmgenid: Add devicetree bindings support | expand |
On 09.04.24 20:11, Sudan Landge wrote: > Extend the vmgenid platform driver to support devicetree bindings. > With this support, hypervisors can send vmgenid notifications to > the virtual machine without the need to enable ACPI. > The bindings are located at: > Documentation/devicetree/bindings/rng/microsoft,vmgenid.yaml > > Signed-off-by: Sudan Landge <sudanl@amazon.com> > --- > drivers/virt/vmgenid.c | 53 ++++++++++++++++++++++++++++++++++++++++-- > 1 file changed, 51 insertions(+), 2 deletions(-) > > diff --git a/drivers/virt/vmgenid.c b/drivers/virt/vmgenid.c > index 3d93e3fb94c4..e1ad74116c0c 100644 > --- a/drivers/virt/vmgenid.c > +++ b/drivers/virt/vmgenid.c > @@ -2,12 +2,13 @@ > /* > * Copyright (C) 2022 Jason A. Donenfeld <Jason@zx2c4.com>. All Rights Reserved. > * > - * The "Virtual Machine Generation ID" is exposed via ACPI and changes when a > + * The "Virtual Machine Generation ID" is exposed via ACPI or DT and changes when a > * virtual machine forks or is cloned. This driver exists for shepherding that > * information to random.c. > */ > > #include <linux/acpi.h> > +#include <linux/interrupt.h> > #include <linux/kernel.h> > #include <linux/module.h> > #include <linux/platform_device.h> > @@ -20,6 +21,7 @@ enum { VMGENID_SIZE = 16 }; > struct vmgenid_state { > u8 *next_id; > u8 this_id[VMGENID_SIZE]; > + int irq; > }; > > static void vmgenid_notify(struct device *device) > @@ -43,6 +45,14 @@ vmgenid_acpi_handler(acpi_handle __always_unused handle, > vmgenid_notify(dev); > } > > +static __maybe_unused irqreturn_t Why is this maybe_unused? It seems to be always referenced by vmgenid_add_of(), no? > +vmgenid_of_irq_handler(int __always_unused irq, void *dev) > +{ > + vmgenid_notify(dev); > + > + return IRQ_HANDLED; > +} > + > static int __maybe_unused > setup_vmgenid_state(struct vmgenid_state *state, u8 *next_id) > { > @@ -106,6 +116,35 @@ static int vmgenid_add_acpi(struct device __maybe_unused *dev, > #endif > } > > +static int vmgenid_add_of(struct platform_device *pdev, > + struct vmgenid_state *state) > +{ > + u8 *virt_addr; > + int ret = 0; > + > + virt_addr = (u8 *)devm_platform_get_and_ioremap_resource(pdev, 0, NULL); > + if (IS_ERR(virt_addr)) > + return PTR_ERR(virt_addr); > + > + ret = setup_vmgenid_state(state, virt_addr); > + if (ret) > + return ret; > + > + ret = platform_get_irq(pdev, 0); > + if (ret < 0) > + return ret; Doesn't this error path need to do something about the ioremap'ed resource? Or does devm do that automatically for you? Alex > + > + state->irq = ret; > + pdev->dev.driver_data = state; > + > + ret = devm_request_irq(&pdev->dev, state->irq, vmgenid_of_irq_handler, > + IRQF_SHARED, "vmgenid", &pdev->dev); > + if (ret) > + pdev->dev.driver_data = NULL; > + > + return ret; > +} > + > static int vmgenid_add(struct platform_device *pdev) > { > struct vmgenid_state *state; > @@ -116,7 +155,10 @@ static int vmgenid_add(struct platform_device *pdev) > if (!state) > return -ENOMEM; > > - ret = vmgenid_add_acpi(dev, state); > + if (dev->of_node) > + ret = vmgenid_add_of(pdev, state); > + else > + ret = vmgenid_add_acpi(dev, state); > > if (ret) > devm_kfree(dev, state); > @@ -124,6 +166,12 @@ static int vmgenid_add(struct platform_device *pdev) > return ret; > } > > +static const struct of_device_id vmgenid_of_ids[] = { > + { .compatible = "microsoft,vmgenid", }, > + { }, > +}; > +MODULE_DEVICE_TABLE(of, vmgenid_of_ids); > + > static const struct acpi_device_id vmgenid_acpi_ids[] = { > { "VMGENCTR", 0 }, > { "VM_GEN_COUNTER", 0 }, > @@ -136,6 +184,7 @@ static struct platform_driver vmgenid_plaform_driver = { > .driver = { > .name = "vmgenid", > .acpi_match_table = vmgenid_acpi_ids, > + .of_match_table = vmgenid_of_ids, > }, > }; > Amazon Development Center Germany GmbH Krausenstr. 38 10117 Berlin Geschaeftsfuehrung: Christian Schlaeger, Jonathan Weiss Eingetragen am Amtsgericht Charlottenburg unter HRB 149173 B Sitz: Berlin Ust-ID: DE 289 237 879
On 16/4/24 12:49, Alexander Graf wrote: > > On 09.04.24 20:11, Sudan Landge wrote: >> Extend the vmgenid platform driver to support devicetree bindings. >> With this support, hypervisors can send vmgenid notifications to >> the virtual machine without the need to enable ACPI. >> The bindings are located at: >> Documentation/devicetree/bindings/rng/microsoft,vmgenid.yaml >> >> Signed-off-by: Sudan Landge <sudanl@amazon.com> >> --- >> drivers/virt/vmgenid.c | 53 ++++++++++++++++++++++++++++++++++++++++-- >> 1 file changed, 51 insertions(+), 2 deletions(-) >> >> diff --git a/drivers/virt/vmgenid.c b/drivers/virt/vmgenid.c >> index 3d93e3fb94c4..e1ad74116c0c 100644 >> --- a/drivers/virt/vmgenid.c >> +++ b/drivers/virt/vmgenid.c >> @@ -2,12 +2,13 @@ >> /* >> * Copyright (C) 2022 Jason A. Donenfeld <Jason@zx2c4.com>. All >> Rights Reserved. >> * >> - * The "Virtual Machine Generation ID" is exposed via ACPI and >> changes when a >> + * The "Virtual Machine Generation ID" is exposed via ACPI or DT and >> changes when a >> * virtual machine forks or is cloned. This driver exists for >> shepherding that >> * information to random.c. >> */ >> #include <linux/acpi.h> >> +#include <linux/interrupt.h> >> #include <linux/kernel.h> >> #include <linux/module.h> >> #include <linux/platform_device.h> >> @@ -20,6 +21,7 @@ enum { VMGENID_SIZE = 16 }; >> struct vmgenid_state { >> u8 *next_id; >> u8 this_id[VMGENID_SIZE]; >> + int irq; >> }; >> static void vmgenid_notify(struct device *device) >> @@ -43,6 +45,14 @@ vmgenid_acpi_handler(acpi_handle __always_unused >> handle, >> vmgenid_notify(dev); >> } >> +static __maybe_unused irqreturn_t > > > Why is this maybe_unused? It seems to be always referenced by > vmgenid_add_of(), no? You are right, Alex. I removed the attribute and build the kernel without `CONFIG_OF` without any warnings. I will remove it in the next version. > > >> +vmgenid_of_irq_handler(int __always_unused irq, void *dev) >> +{ >> + vmgenid_notify(dev); >> + >> + return IRQ_HANDLED; >> +} >> + >> static int __maybe_unused >> setup_vmgenid_state(struct vmgenid_state *state, u8 *next_id) >> { >> @@ -106,6 +116,35 @@ static int vmgenid_add_acpi(struct device >> __maybe_unused *dev, >> #endif >> } >> +static int vmgenid_add_of(struct platform_device *pdev, >> + struct vmgenid_state *state) >> +{ >> + u8 *virt_addr; >> + int ret = 0; >> + >> + virt_addr = (u8 *)devm_platform_get_and_ioremap_resource(pdev, >> 0, NULL); >> + if (IS_ERR(virt_addr)) >> + return PTR_ERR(virt_addr); >> + >> + ret = setup_vmgenid_state(state, virt_addr); >> + if (ret) >> + return ret; >> + >> + ret = platform_get_irq(pdev, 0); >> + if (ret < 0) >> + return ret; > > > Doesn't this error path need to do something about the ioremap'ed > resource? Or does devm do that automatically for you? devm should be doing this automatically according to this: https://docs.kernel.org/driver-api/driver-model/devres.html#devres Also, I took a quick look in other drivers and it looks like the virtio-mmio probe callback follows the same pattern: https://elixir.bootlin.com/linux/latest/source/drivers/virtio/virtio_mmio.c#L636 Cheers, Babis > > Alex > > >> + >> + state->irq = ret; >> + pdev->dev.driver_data = state; >> + >> + ret = devm_request_irq(&pdev->dev, state->irq, >> vmgenid_of_irq_handler, >> + IRQF_SHARED, "vmgenid", &pdev->dev); >> + if (ret) >> + pdev->dev.driver_data = NULL; >> + >> + return ret; >> +} >> + >> static int vmgenid_add(struct platform_device *pdev) >> { >> struct vmgenid_state *state; >> @@ -116,7 +155,10 @@ static int vmgenid_add(struct platform_device >> *pdev) >> if (!state) >> return -ENOMEM; >> - ret = vmgenid_add_acpi(dev, state); >> + if (dev->of_node) >> + ret = vmgenid_add_of(pdev, state); >> + else >> + ret = vmgenid_add_acpi(dev, state); >> if (ret) >> devm_kfree(dev, state); >> @@ -124,6 +166,12 @@ static int vmgenid_add(struct platform_device >> *pdev) >> return ret; >> } >> +static const struct of_device_id vmgenid_of_ids[] = { >> + { .compatible = "microsoft,vmgenid", }, >> + { }, >> +}; >> +MODULE_DEVICE_TABLE(of, vmgenid_of_ids); >> + >> static const struct acpi_device_id vmgenid_acpi_ids[] = { >> { "VMGENCTR", 0 }, >> { "VM_GEN_COUNTER", 0 }, >> @@ -136,6 +184,7 @@ static struct platform_driver >> vmgenid_plaform_driver = { >> .driver = { >> .name = "vmgenid", >> .acpi_match_table = vmgenid_acpi_ids, >> + .of_match_table = vmgenid_of_ids, >> }, >> };
This small series of patches aims to add devicetree bindings support for the Virtual Machine Generation ID (vmgenid). Virtual Machine Generation ID was introduced in commit af6b54e2b5ba ("virt: vmgenid: notify RNG of VM fork and supply generation ID") as an ACPI only device. VMGenID specification http://go.microsoft.com/fwlink/?LinkId=260709 defines a mechanism for the BIOS/hypervisors to communicate to the virtual machine that it is executed with a different configuration (e.g. snapshot execution or creation from a template). The guest operating system can use the notification for various purposes such as re-initializing its random number generator etc. More references to vmgenid specs: - https://www.qemu.org/docs/master/specs/vmgenid.html - https://learn.microsoft.com/en-us/windows/win32/hyperv_v2/ virtual-machine-generation-identifier *Reason for this change*: Chosing ACPI or devicetree is an intrinsic part of an hypervisor design. Without going into details of why a hypervisor would choose DT over ACPI, we would like to highlight that the hypervisors that have chosen devicetree and now want to make use of the vmgenid functionality cannot do so today because vmgenid is an ACPI only device. This forces these hypervisors to change their design which could have undesirable impacts on their use-cases, test-scenarios etc. vmgenid exposes to the guest a 16-byte cryptographically random number, the value of which changes every time it starts executing from a new configuration (snapshot, backup, etc.). During initialization, the device exposes to the guest the address of the generation ID and an interrupt number, which the device will use to notify the guest when the generation ID changes. These attributes can be trivially communicated via device tree bindings. We believe that adding a devicetree binding for vmgenid is a simpler alternative way to expose the device to the guest than forcing the hypervisors to implement ACPI. Addtional notes: While adding the devicetree support we considered re-using existing structures/code to avoid duplicating code and reduce maintenance; so, we used the same driver to be configured either by ACPI or by DT. This also meant reimplementing the existing vmgenid ACPI bus driver as a platform driver and making it discoverable using `driver.of_match_table` and `driver.acpi_match_table`. There is no user impact or change in vmgenid functionality when used with ACPI. We verified ACPI support of these patches on X86 and DT support on ARM using Firecracker hypervisor https://github.com/firecracker-microvm/firecracker. To check schema and syntax errors, the bindings file is verified with: ``` make dt_binding_check \ DT_SCHEMA_FILES=\ Documentation/devicetree/bindings/rng/microsoft,vmgenid.yaml ``` and the patches were verified with: `scripts/checkpatch.pl --strict v4-000*`. Changelog with respect to version 3: - Changed the compatible string from "virtual,vmgenctr" to "microsoft,vmgenid" as per review comments. - Renamed vmgenid.yaml to follow DT file naming convention. - Updated the description of properties and example in vmgenid yaml file. - Addressed the review comments to remove all ifdefs in vmgenid.c with one exception which still needs to be under CONFIG_ACPI. - reformated the code with clang-format. - Tested code with W=1, Sparse, Smatch and Coccinelle tools. Changelog with respect to version 2: - As per review comments, used platform apis instead of "of_*" APIs, removed unnecessary #include and used IF_ENABLED instead of ifdef. - Added more info for vmgenid buffer address and corrected the formatting. - Replaced the compatible string from "linux,*" to "virtual,*" because, the device does not have a vendor. Changelog with respect to version 1: - Moved vmgenid.yaml bindings to the more related "rng" folder. - Removed `vmgenid_remove` to since it is unrelated to the current goal of the patch. - Updated the cover letter and bindings commit "[PATCH v2 3/4] dt-bindings: rng: Add vmgenid support" to provide more information on vmgenid. - Compiled with and without CONFIG_OF/CONFIG_ACPI and fixed compilers errors/warnings. Sudan Landge (5): virt: vmgenid: rearrange code to make review easier virt: vmgenid: change implementation to use a platform driver virt: vmgenid: enable driver regardless of ACPI config dt-bindings: rng: Add vmgenid support virt: vmgenid: add support for devicetree bindings .../bindings/rng/microsoft,vmgenid.yaml | 49 +++++ MAINTAINERS | 1 + drivers/virt/Kconfig | 1 - drivers/virt/vmgenid.c | 168 ++++++++++++++---- 4 files changed, 180 insertions(+), 39 deletions(-) create mode 100644 Documentation/devicetree/bindings/rng/microsoft,vmgenid.yaml base-commit: 20cb38a7af88dc40095da7c2c9094da3873fea23