Blame - inc/hf/ffa_memory_internal.h - hafnium/hafnium.git

blob: 27608ede697278f78b5f69146d82efb1a2f447c2 [file] [log] [blame]

J-Alves	6665225	2022-07-06 09:49:51 +0100	[diff] [blame]	1	/*
				2	* Copyright 2022 The Hafnium Authors.
				3	*
				4	* Use of this source code is governed by a BSD-style
				5	* license that can be found in the LICENSE file or at
				6	* https://opensource.org/licenses/BSD-3-Clause.
				7	*/
				8
				9	/**
				10	* The maximum number of memory sharing handles which may be active at once. A
				11	* DONATE handle is active from when it is sent to when it is retrieved; a SHARE
				12	* or LEND handle is active from when it is sent to when it is reclaimed.
				13	*/
				14	#define MAX_MEM_SHARES 100
				15
J-Alves	d15905d	2023-02-20 11:52:37 +0000	[diff] [blame]	16	#include <stdbool.h>
				17	#include <stdint.h>
				18
				19	#include "hf/check.h"
				20	#include "hf/ffa_memory.h"
				21	#include "hf/mpool.h"
				22	#include "hf/vm.h"
				23
				24	#include "vmapi/hf/ffa.h"
				25
J-Alves	6665225	2022-07-06 09:49:51 +0100	[diff] [blame]	26	/**
				27	* The maximum number of fragments into which a memory sharing message may be
				28	* broken.
				29	*/
				30	#define MAX_FRAGMENTS 20
				31
				32	static_assert(sizeof(struct ffa_memory_region_constituent) % 16 == 0,
				33	"struct ffa_memory_region_constituent must be a multiple of 16 "
				34	"bytes long.");
				35	static_assert(sizeof(struct ffa_composite_memory_region) % 16 == 0,
				36	"struct ffa_composite_memory_region must be a multiple of 16 "
				37	"bytes long.");
				38	static_assert(sizeof(struct ffa_memory_region_attributes) == 4,
				39	"struct ffa_memory_region_attributes must be 4 bytes long.");
				40	static_assert(sizeof(struct ffa_memory_access) % 16 == 0,
				41	"struct ffa_memory_access must be a multiple of 16 bytes long.");
				42	static_assert(sizeof(struct ffa_memory_region) % 16 == 0,
				43	"struct ffa_memory_region must be a multiple of 16 bytes long.");
				44	static_assert(sizeof(struct ffa_mem_relinquish) % 16 == 0,
				45	"struct ffa_mem_relinquish must be a multiple of 16 "
				46	"bytes long.");
Demi Marie Obenour	d467741	2023-02-03 20:35:12 -0500	[diff] [blame]	47	static_assert(sizeof(((struct ffa_memory_region){0}).receiver_count == 4),
				48	"struct ffa_memory_region::receiver_count must be 4 bytes long");
J-Alves	6665225	2022-07-06 09:49:51 +0100	[diff] [blame]	49
				50	struct ffa_memory_share_state {
				51	/**
				52	* The memory region being shared, or NULL if this share state is
				53	* unallocated.
				54	*/
				55	struct ffa_memory_region *memory_region;
				56
				57	struct ffa_memory_region_constituent *fragments[MAX_FRAGMENTS];
				58
				59	/** The number of constituents in each fragment. */
				60	uint32_t fragment_constituent_counts[MAX_FRAGMENTS];
				61
				62	/**
				63	* The number of valid elements in the `fragments` and
				64	* `fragment_constituent_counts` arrays.
				65	*/
				66	uint32_t fragment_count;
				67
				68	/**
				69	* The FF-A function used for sharing the memory. Must be one of
				70	* FFA_MEM_DONATE_32, FFA_MEM_LEND_32 or FFA_MEM_SHARE_32 if the
				71	* share state is allocated, or 0.
				72	*/
				73	uint32_t share_func;
				74
				75	/**
				76	* The sender's original mode before invoking the FF-A function for
				77	* sharing the memory.
				78	* This is used to reset the original configuration when sender invokes
				79	* FFA_MEM_RECLAIM_32.
				80	*/
				81	uint32_t sender_orig_mode;
				82
				83	/**
				84	* True if all the fragments of this sharing request have been sent and
				85	* Hafnium has updated the sender page table accordingly.
				86	*/
				87	bool sending_complete;
				88
				89	/**
				90	* How many fragments of the memory region each recipient has retrieved
				91	* so far. The order of this array matches the order of the endpoint
				92	* memory access descriptors in the memory region descriptor. Any
				93	* entries beyond the receiver_count will always be 0.
				94	*/
				95	uint32_t retrieved_fragment_count[MAX_MEM_SHARE_RECIPIENTS];
				96
J-Alves	3c5b207	2022-11-21 12:45:40 +0000	[diff] [blame]	97	/*
				98	* This is set when one of the receivers has requested that the page is
				99	* cleared after relinquish. This is reset when the memory is cleared.
				100	* In a multi-receiver case this is when all receivers relinquish the
				101	* memory.
				102	*/
				103	bool clear_after_relinquish;
				104
J-Alves	6665225	2022-07-06 09:49:51 +0100	[diff] [blame]	105	/**
				106	* Field for the SPMC to keep track of how many fragments of the memory
				107	* region the hypervisor has managed to retrieve, using a
				108	* `hypervisor retrieve request`, as defined by FF-A v1.1 EAC0
				109	* specification.
				110	*/
				111	uint32_t hypervisor_fragment_count;
				112	};
				113
				114	/**
				115	* Encapsulates the set of share states while the `share_states_lock` is held.
				116	*/
				117	struct share_states_locked {
				118	struct ffa_memory_share_state *share_states;
				119	};
				120
Karl Meakin	52cdfe7	2023-06-30 14:49:10 +0100	[diff] [blame]	121	struct ffa_memory_share_state *allocate_share_state(
				122	struct share_states_locked share_states, uint32_t share_func,
				123	struct ffa_memory_region *memory_region, uint32_t fragment_length,
				124	ffa_memory_handle_t handle);
J-Alves	6665225	2022-07-06 09:49:51 +0100	[diff] [blame]	125	struct share_states_locked share_states_lock(void);
				126	void share_states_unlock(struct share_states_locked *share_states);
Karl Meakin	4a2854a	2023-06-30 16:26:52 +0100	[diff] [blame^]	127	struct ffa_memory_share_state *get_share_state(
				128	struct share_states_locked share_states, ffa_memory_handle_t handle);
J-Alves	fdd2927	2022-07-19 13:16:31 +0100	[diff] [blame]	129	void share_state_free(struct share_states_locked share_states,
				130	struct ffa_memory_share_state *share_state,
				131	struct mpool *page_pool);
				132	uint32_t share_state_next_fragment_offset(
				133	struct share_states_locked share_states,
				134	struct ffa_memory_share_state *share_state);
				135	/** Checks whether the given share state has been fully sent. */
				136	bool share_state_sending_complete(struct share_states_locked share_states,
				137	struct ffa_memory_share_state *share_state);
J-Alves	6665225	2022-07-06 09:49:51 +0100	[diff] [blame]	138	void dump_share_states(void);
				139
				140	/**
				141	* Return the offset to the first constituent within the
				142	* `ffa_composite_memory_region` for the given receiver from an
				143	* `ffa_memory_region`. The caller must check that the receiver_index is within
				144	* bounds, and that it has a composite memory region offset.
				145	*/
				146	static inline uint32_t ffa_composite_constituent_offset(
				147	struct ffa_memory_region *memory_region, uint32_t receiver_index)
				148	{
				149	CHECK(receiver_index < memory_region->receiver_count);
				150	CHECK(memory_region->receivers[receiver_index]
				151	.composite_memory_region_offset != 0);
				152
				153	return memory_region->receivers[receiver_index]
				154	.composite_memory_region_offset +
				155	sizeof(struct ffa_composite_memory_region);
				156	}
				157
				158	struct ffa_value ffa_memory_send_validate(
				159	struct vm_locked from_locked, struct ffa_memory_region *memory_region,
				160	uint32_t memory_share_length, uint32_t fragment_length,
				161	uint32_t share_func);
				162	struct ffa_value ffa_send_check_update(
				163	struct vm_locked from_locked,
				164	struct ffa_memory_region_constituent **fragments,
				165	uint32_t *fragment_constituent_counts, uint32_t fragment_count,
J-Alves	8f11cde	2022-12-21 16:18:22 +0000	[diff] [blame]	166	uint32_t total_page_count, uint32_t share_func,
				167	struct ffa_memory_access *receivers, uint32_t receivers_count,
				168	struct mpool page_pool, bool clear, uint32_t orig_from_mode_ret);
J-Alves	fdd2927	2022-07-19 13:16:31 +0100	[diff] [blame]	169	struct ffa_value ffa_memory_send_complete(
				170	struct vm_locked from_locked, struct share_states_locked share_states,
				171	struct ffa_memory_share_state share_state, struct mpool page_pool,
				172	uint32_t *orig_from_mode_ret);
				173	struct ffa_value ffa_memory_send_continue_validate(
				174	struct share_states_locked share_states, ffa_memory_handle_t handle,
				175	struct ffa_memory_share_state **share_state_ret, ffa_vm_id_t from_vm_id,
				176	struct mpool *page_pool);
J-Alves	fc19b37	2022-07-06 12:17:35 +0100	[diff] [blame]	177	struct ffa_value ffa_retrieve_check_transition(
				178	struct vm_locked to, uint32_t share_func,
				179	struct ffa_memory_region_constituent **fragments,
				180	uint32_t *fragment_constituent_counts, uint32_t fragment_count,
				181	uint32_t memory_to_attributes, uint32_t *to_mode);
J-Alves	b5084cf	2022-07-06 14:20:12 +0100	[diff] [blame]	182	struct ffa_value ffa_retrieve_check_update(
				183	struct vm_locked to_locked, ffa_vm_id_t from_id,
				184	struct ffa_memory_region_constituent **fragments,
				185	uint32_t *fragment_constituent_counts, uint32_t fragment_count,
				186	uint32_t memory_to_attributes, uint32_t share_func, bool clear,
				187	struct mpool *page_pool);
J-Alves	fdd2927	2022-07-19 13:16:31 +0100	[diff] [blame]	188	uint32_t ffa_memory_region_get_receiver(struct ffa_memory_region *memory_region,
				189	ffa_vm_id_t receiver);
				190	bool ffa_region_group_identity_map(
				191	struct vm_locked vm_locked,
				192	struct ffa_memory_region_constituent **fragments,
				193	const uint32_t *fragment_constituent_counts, uint32_t fragment_count,
				194	uint32_t mode, struct mpool *ppool, bool commit);
				195	bool memory_region_receivers_from_other_world(
				196	struct ffa_memory_region *memory_region);