From patchwork Wed Mar 21 18:29:02 2012 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Anthony PERARD X-Patchwork-Id: 148057 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (Client did not present a certificate) by ozlabs.org (Postfix) with ESMTPS id C5FE0B6F9D for ; Thu, 22 Mar 2012 05:43:15 +1100 (EST) Received: from localhost ([::1]:37521 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SAQIh-0003Gq-7o for incoming@patchwork.ozlabs.org; Wed, 21 Mar 2012 14:30:23 -0400 Received: from eggs.gnu.org ([208.118.235.92]:57062) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SAQIG-0002Tk-NF for qemu-devel@nongnu.org; Wed, 21 Mar 2012 14:30:00 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1SAQIB-0004Fw-O2 for qemu-devel@nongnu.org; Wed, 21 Mar 2012 14:29:56 -0400 Received: from smtp02.citrix.com ([66.165.176.63]:64459) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1SAQIB-0004Ey-AC for qemu-devel@nongnu.org; Wed, 21 Mar 2012 14:29:51 -0400 X-IronPort-AV: E=Sophos;i="4.73,625,1325480400"; d="scan'208";a="186973210" Received: from ftlpmailmx02.citrite.net ([10.13.107.66]) by FTLPIPO02.CITRIX.COM with ESMTP/TLS/RC4-MD5; 21 Mar 2012 14:29:22 -0400 Received: from ukmail1.uk.xensource.com (10.80.16.128) by smtprelay.citrix.com (10.13.107.66) with Microsoft SMTP Server id 8.3.213.0; Wed, 21 Mar 2012 14:29:21 -0400 Received: from [10.80.3.61] (helo=perard.uk.xensource.com) by ukmail1.uk.xensource.com with esmtp (Exim 4.69) (envelope-from ) id 1SAQHh-00019f-6n; Wed, 21 Mar 2012 18:29:21 +0000 From: Anthony PERARD To: QEMU-devel Date: Wed, 21 Mar 2012 18:29:02 +0000 Message-ID: <1332354545-17044-6-git-send-email-anthony.perard@citrix.com> X-Mailer: git-send-email 1.7.2.5 In-Reply-To: <1332354545-17044-1-git-send-email-anthony.perard@citrix.com> References: <1332354545-17044-1-git-send-email-anthony.perard@citrix.com> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 66.165.176.63 Cc: Anthony PERARD , Guy Zana , Xen Devel , Allen Kay , Stefano Stabellini Subject: [Qemu-devel] [PATCH V9 5/8] Introduce Xen PCI Passthrough, qdevice (1/3) X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org From: Allen Kay A more complete history can be found here: git://xenbits.xensource.com/qemu-xen-unstable.git Signed-off-by: Allen Kay Signed-off-by: Guy Zana Signed-off-by: Anthony PERARD Acked-by: Stefano Stabellini --- Makefile.target | 2 + hw/xen_common.h | 3 + hw/xen_pci_passthrough.c | 808 ++++++++++++++++++++++++++++++++++ hw/xen_pci_passthrough.h | 250 +++++++++++ hw/xen_pci_passthrough_config_init.c | 11 + xen-all.c | 12 + 6 files changed, 1086 insertions(+), 0 deletions(-) create mode 100644 hw/xen_pci_passthrough.c create mode 100644 hw/xen_pci_passthrough.h create mode 100644 hw/xen_pci_passthrough_config_init.c diff --git a/Makefile.target b/Makefile.target index 0ccfd5b..1869f0d 100644 --- a/Makefile.target +++ b/Makefile.target @@ -234,6 +234,8 @@ obj-i386-$(CONFIG_XEN) += xen_platform.o # Xen PCI Passthrough obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += host-pci-device.o +obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pci_passthrough.o +obj-i386-$(CONFIG_XEN_PCI_PASSTHROUGH) += xen_pci_passthrough_config_init.o # Inter-VM PCI shared memory CONFIG_IVSHMEM = diff --git a/hw/xen_common.h b/hw/xen_common.h index 0409ac7..48916fd 100644 --- a/hw/xen_common.h +++ b/hw/xen_common.h @@ -135,4 +135,7 @@ static inline int xc_fd(xc_interface *xen_xc) void destroy_hvm_domain(void); +/* shutdown/destroy current domain because of an error */ +void xen_shutdown_fatal_error(const char *fmt, ...) GCC_FMT_ATTR(1, 2); + #endif /* QEMU_HW_XEN_COMMON_H */ diff --git a/hw/xen_pci_passthrough.c b/hw/xen_pci_passthrough.c new file mode 100644 index 0000000..d91b48e --- /dev/null +++ b/hw/xen_pci_passthrough.c @@ -0,0 +1,808 @@ +/* + * Copyright (c) 2007, Neocleus Corporation. + * Copyright (c) 2007, Intel Corporation. + * + * This work is licensed under the terms of the GNU GPL, version 2. See + * the COPYING file in the top-level directory. + * + * Alex Novik + * Allen Kay + * Guy Zana + * + * This file implements direct PCI assignment to a HVM guest + */ + +/* + * Interrupt Disable policy: + * + * INTx interrupt: + * Initialize(register_real_device) + * Map INTx(xc_physdev_map_pirq): + * + * - Set real Interrupt Disable bit to '1'. + * - Set machine_irq and assigned_device->machine_irq to '0'. + * * Don't bind INTx. + * + * Bind INTx(xc_domain_bind_pt_pci_irq): + * + * - Set real Interrupt Disable bit to '1'. + * - Unmap INTx. + * - Decrement mapped_machine_irq[machine_irq] + * - Set assigned_device->machine_irq to '0'. + * + * Write to Interrupt Disable bit by guest software(pt_cmd_reg_write) + * Write '0' + * - Set real bit to '0' if assigned_device->machine_irq isn't '0'. + * + * Write '1' + * - Set real bit to '1'. + */ + +#include + +#include "pci.h" +#include "xen.h" +#include "xen_backend.h" +#include "xen_pci_passthrough.h" +#include "range.h" + +#define PCI_BAR_ENTRIES (6) + +#define PT_NR_IRQS (256) +uint8_t mapped_machine_irq[PT_NR_IRQS] = {0}; + +void pt_log(const PCIDevice *d, const char *f, ...) +{ + va_list ap; + + va_start(ap, f); + if (d) { + fprintf(stderr, "[%02x:%02x.%x] ", pci_bus_num(d->bus), + PCI_SLOT(d->devfn), PCI_FUNC(d->devfn)); + } + vfprintf(stderr, f, ap); + va_end(ap); +} + +/* Config Space */ + +static int pt_pci_config_access_check(PCIDevice *d, uint32_t address, int len) +{ + /* check offset range */ + if (address >= 0xFF) { + PT_ERR(d, "Failed to access register with offset exceeding 0xFF. " + "(addr: 0x%02x, len: %d)\n", address, len); + return -1; + } + + /* check read size */ + if ((len != 1) && (len != 2) && (len != 4)) { + PT_ERR(d, "Failed to access register with invalid access length. " + "(addr: 0x%02x, len: %d)\n", address, len); + return -1; + } + + /* check offset alignment */ + if (address & (len - 1)) { + PT_ERR(d, "Failed to access register with invalid access size " + "alignment. (addr: 0x%02x, len: %d)\n", address, len); + return -1; + } + + return 0; +} + +int pt_bar_offset_to_index(uint32_t offset) +{ + int index = 0; + + /* check Exp ROM BAR */ + if (offset == PCI_ROM_ADDRESS) { + return PCI_ROM_SLOT; + } + + /* calculate BAR index */ + index = (offset - PCI_BASE_ADDRESS_0) >> 2; + if (index >= PCI_NUM_REGIONS) { + return -1; + } + + return index; +} + +static uint32_t pt_pci_read_config(PCIDevice *d, uint32_t addr, int len) +{ + XenPCIPassthroughState *s = DO_UPCAST(XenPCIPassthroughState, dev, d); + uint32_t val = 0; + XenPTRegGroup *reg_grp_entry = NULL; + XenPTReg *reg_entry = NULL; + int rc = 0; + int emul_len = 0; + uint32_t find_addr = addr; + + if (pt_pci_config_access_check(d, addr, len)) { + goto exit; + } + + /* find register group entry */ + reg_grp_entry = pt_find_reg_grp(s, addr); + if (reg_grp_entry) { + /* check 0-Hardwired register group */ + if (reg_grp_entry->reg_grp->grp_type == GRP_TYPE_HARDWIRED) { + /* no need to emulate, just return 0 */ + val = 0; + goto exit; + } + } + + /* read I/O device register value */ + rc = host_pci_get_block(s->real_device, addr, (uint8_t *)&val, len); + if (rc < 0) { + PT_ERR(d, "pci_read_block failed. return value: %d.\n", rc); + memset(&val, 0xff, len); + } + + /* just return the I/O device register value for + * passthrough type register group */ + if (reg_grp_entry == NULL) { + goto exit; + } + + /* adjust the read value to appropriate CFC-CFF window */ + val <<= (addr & 3) << 3; + emul_len = len; + + /* loop around the guest requested size */ + while (emul_len > 0) { + /* find register entry to be emulated */ + reg_entry = pt_find_reg(reg_grp_entry, find_addr); + if (reg_entry) { + XenPTRegInfo *reg = reg_entry->reg; + uint32_t real_offset = reg_grp_entry->base_offset + reg->offset; + uint32_t valid_mask = 0xFFFFFFFF >> ((4 - emul_len) << 3); + uint8_t *ptr_val = NULL; + + valid_mask <<= (find_addr - real_offset) << 3; + ptr_val = (uint8_t *)&val + (real_offset & 3); + + /* do emulation based on register size */ + switch (reg->size) { + case 1: + if (reg->u.b.read) { + rc = reg->u.b.read(s, reg_entry, ptr_val, valid_mask); + } + break; + case 2: + if (reg->u.w.read) { + rc = reg->u.w.read(s, reg_entry, + (uint16_t *)ptr_val, valid_mask); + } + break; + case 4: + if (reg->u.dw.read) { + rc = reg->u.dw.read(s, reg_entry, + (uint32_t *)ptr_val, valid_mask); + } + break; + } + + if (rc < 0) { + xen_shutdown_fatal_error("Internal error: Invalid read " + "emulation. (%s, rc: %d)\n", + __func__, rc); + return 0; + } + + /* calculate next address to find */ + emul_len -= reg->size; + if (emul_len > 0) { + find_addr = real_offset + reg->size; + } + } else { + /* nothing to do with passthrough type register, + * continue to find next byte */ + emul_len--; + find_addr++; + } + } + + /* need to shift back before returning them to pci bus emulator */ + val >>= ((addr & 3) << 3); + +exit: + PT_LOG_CONFIG(d, addr, val, len); + return val; +} + +static void pt_pci_write_config(PCIDevice *d, uint32_t addr, + uint32_t val, int len) +{ + XenPCIPassthroughState *s = DO_UPCAST(XenPCIPassthroughState, dev, d); + int index = 0; + XenPTRegGroup *reg_grp_entry = NULL; + int rc = 0; + uint32_t read_val = 0; + int emul_len = 0; + XenPTReg *reg_entry = NULL; + uint32_t find_addr = addr; + XenPTRegInfo *reg = NULL; + + if (pt_pci_config_access_check(d, addr, len)) { + return; + } + + PT_LOG_CONFIG(d, addr, val, len); + + /* check unused BAR register */ + index = pt_bar_offset_to_index(addr); + if ((index >= 0) && (val > 0 && val < PT_BAR_ALLF) && + (s->bases[index].bar_flag == PT_BAR_FLAG_UNUSED)) { + PT_WARN(d, "Guest attempt to set address to unused Base Address " + "Register. (addr: 0x%02x, len: %d)\n", addr, len); + } + + /* find register group entry */ + reg_grp_entry = pt_find_reg_grp(s, addr); + if (reg_grp_entry) { + /* check 0-Hardwired register group */ + if (reg_grp_entry->reg_grp->grp_type == GRP_TYPE_HARDWIRED) { + /* ignore silently */ + PT_WARN(d, "Access to 0-Hardwired register. " + "(addr: 0x%02x, len: %d)\n", addr, len); + return; + } + } + + rc = host_pci_get_block(s->real_device, addr, (uint8_t *)&read_val, len); + if (rc < 0) { + PT_ERR(d, "pci_read_block failed. return value: %d.\n", rc); + memset(&read_val, 0xff, len); + } + + /* pass directly to the real device for passthrough type register group */ + if (reg_grp_entry == NULL) { + goto out; + } + + memory_region_transaction_begin(); + pci_default_write_config(d, addr, val, len); + + /* adjust the read and write value to appropriate CFC-CFF window */ + read_val <<= (addr & 3) << 3; + val <<= (addr & 3) << 3; + emul_len = len; + + /* loop around the guest requested size */ + while (emul_len > 0) { + /* find register entry to be emulated */ + reg_entry = pt_find_reg(reg_grp_entry, find_addr); + if (reg_entry) { + reg = reg_entry->reg; + uint32_t real_offset = reg_grp_entry->base_offset + reg->offset; + uint32_t valid_mask = 0xFFFFFFFF >> ((4 - emul_len) << 3); + uint8_t *ptr_val = NULL; + + valid_mask <<= (find_addr - real_offset) << 3; + ptr_val = (uint8_t *)&val + (real_offset & 3); + + /* do emulation based on register size */ + switch (reg->size) { + case 1: + if (reg->u.b.write) { + rc = reg->u.b.write(s, reg_entry, ptr_val, + read_val >> ((real_offset & 3) << 3), + valid_mask); + } + break; + case 2: + if (reg->u.w.write) { + rc = reg->u.w.write(s, reg_entry, (uint16_t *)ptr_val, + (read_val >> ((real_offset & 3) << 3)), + valid_mask); + } + break; + case 4: + if (reg->u.dw.write) { + rc = reg->u.dw.write(s, reg_entry, (uint32_t *)ptr_val, + (read_val >> ((real_offset & 3) << 3)), + valid_mask); + } + break; + } + + if (rc < 0) { + xen_shutdown_fatal_error("Internal error: Invalid write" + " emulation. (%s, rc: %d)\n", + __func__, rc); + return; + } + + /* calculate next address to find */ + emul_len -= reg->size; + if (emul_len > 0) { + find_addr = real_offset + reg->size; + } + } else { + /* nothing to do with passthrough type register, + * continue to find next byte */ + emul_len--; + find_addr++; + } + } + + /* need to shift back before passing them to host_pci_device */ + val >>= (addr & 3) << 3; + + memory_region_transaction_commit(); + +out: + if (!(reg && reg->no_wb)) { + /* unknown regs are passed through */ + rc = host_pci_set_block(s->real_device, addr, (uint8_t *)&val, len); + + if (rc < 0) { + PT_ERR(d, "pci_write_block failed. return value: %d.\n", rc); + } + } +} + +/* register regions */ + +static uint64_t bar_read(void *o, target_phys_addr_t addr, unsigned size) +{ + PCIDevice *d = o; + /* if this function is called, that probably means that there is a + * misconfiguration of the IOMMU. */ + PT_ERR(d, "Should not read BAR through QEMU. @0x"TARGET_FMT_plx"\n", addr); + return 0; +} +static void bar_write(void *o, target_phys_addr_t a, uint64_t v, unsigned s) +{ + PCIDevice *d = o; + /* Same comment as bar_read function */ + PT_ERR(d, "Should not write BAR through QEMU. @0x"TARGET_FMT_plx"\n", a); +} + +static const MemoryRegionOps ops = { + .endianness = DEVICE_NATIVE_ENDIAN, + .read = bar_read, + .write = bar_write, +}; + +static int pt_register_regions(XenPCIPassthroughState *s) +{ + int i = 0; + HostPCIDevice *d = s->real_device; + + /* Register PIO/MMIO BARs */ + for (i = 0; i < PCI_BAR_ENTRIES; i++) { + HostPCIIORegion *r = &d->io_regions[i]; + uint8_t type; + + if (r->base_addr == 0 || r->size == 0) { + continue; + } + + s->bases[i].access.u = r->base_addr; + + if (r->flags & IORESOURCE_IO) { + type = PCI_BASE_ADDRESS_SPACE_IO; + } else { + type = PCI_BASE_ADDRESS_SPACE_MEMORY; + if (r->flags & IORESOURCE_PREFETCH) { + type |= PCI_BASE_ADDRESS_MEM_PREFETCH; + } + } + + memory_region_init_io(&s->bar[i], &ops, &s->dev, + "xen-pci-pt-bar", r->size); + pci_register_bar(&s->dev, i, type, &s->bar[i]); + + PT_LOG(&s->dev, "IO region %i registered (size=0x%08"PRIx64 + " base_addr=0x%08"PRIx64" type: %#x)\n", + i, r->size, r->base_addr, type); + } + + /* Register expansion ROM address */ + if (d->rom.base_addr && d->rom.size) { + uint32_t bar_data = 0; + + /* Re-set BAR reported by OS, otherwise ROM can't be read. */ + if (host_pci_get_long(d, PCI_ROM_ADDRESS, &bar_data)) { + return 0; + } + if ((bar_data & PCI_ROM_ADDRESS_MASK) == 0) { + bar_data |= d->rom.base_addr & PCI_ROM_ADDRESS_MASK; + host_pci_set_long(d, PCI_ROM_ADDRESS, bar_data); + } + + s->bases[PCI_ROM_SLOT].access.maddr = d->rom.base_addr; + + memory_region_init_rom_device(&s->rom, NULL, NULL, + "xen-pci-pt-rom", d->rom.size); + pci_register_bar(&s->dev, PCI_ROM_SLOT, PCI_BASE_ADDRESS_MEM_PREFETCH, + &s->rom); + + PT_LOG(&s->dev, "Expansion ROM registered (size=0x%08"PRIx64 + " base_addr=0x%08"PRIx64")\n", + d->rom.size, d->rom.base_addr); + } + + return 0; +} + +static void pt_unregister_regions(XenPCIPassthroughState *s) +{ + HostPCIDevice *d = s->real_device; + int i; + + for (i = 0; i < PCI_NUM_REGIONS - 1; i++) { + HostPCIIORegion *r = &d->io_regions[i]; + + if (r->base_addr == 0 || r->size == 0) { + continue; + } + + memory_region_destroy(&s->bar[i]); + } + if (d->rom.base_addr && d->rom.size) { + memory_region_destroy(&s->rom); + } +} + +/* region mapping */ + +static int pt_bar_from_region(XenPCIPassthroughState *s, MemoryRegion *mr) +{ + int i = 0; + + for (i = 0; i < PCI_NUM_REGIONS - 1; i++) { + if (mr == &s->bar[i]) { + return i; + } + } + if (mr == &s->rom) { + return PCI_ROM_SLOT; + } + return -1; +} + +/* + * This function checks if an io_region overlaps an io_region from another + * device. The io_region to check is provided with (addr, size and type) + * A callback can be provided and will be called for every region that is + * overlapped. + * The return value indicates if the region is overlappsed */ +struct CheckBarArgs { + XenPCIPassthroughState *s; + pcibus_t addr; + pcibus_t size; + uint8_t type; + bool rc; +}; +static void check_bar_overlap(PCIBus *bus, PCIDevice *d, void *opaque) +{ + struct CheckBarArgs *arg = opaque; + XenPCIPassthroughState *s = arg->s; + uint8_t type = arg->type; + int i; + + if (d->devfn == s->dev.devfn) { + return; + } + + /* xxx: This ignores bridges. */ + for (i = 0; i < PCI_NUM_REGIONS; i++) { + const PCIIORegion *r = &d->io_regions[i]; + + if (!r->size) { + continue; + } + if ((type & PCI_BASE_ADDRESS_SPACE_IO) + != (r->type & PCI_BASE_ADDRESS_SPACE_IO)) { + continue; + } + + if (ranges_overlap(arg->addr, arg->size, r->addr, r->size)) { + PT_WARN(&s->dev, "Overlapped to device [%02x:%02x.%x] Region: %i" + " (addr: %#"FMT_PCIBUS", len: %#"FMT_PCIBUS")\n", + pci_bus_num(bus), PCI_SLOT(d->devfn), PCI_FUNC(d->devfn), + i, r->addr, r->size); + arg->rc = true; + } + } +} + +static void pt_region_update(XenPCIPassthroughState *s, + MemoryRegionSection *sec, bool adding) +{ + PCIDevice *d = &s->dev; + MemoryRegion *mr = sec->mr; + int bar = -1; + int rc; + int op = adding ? DPCI_ADD_MAPPING : DPCI_REMOVE_MAPPING; + struct CheckBarArgs args = { + .s = s, + .addr = sec->offset_within_address_space, + .size = sec->size, + .rc = false, + }; + + bar = pt_bar_from_region(s, mr); + if (bar == -1) { + return; + } + + args.type = d->io_regions[bar].type; + pci_for_each_device(d->bus, pci_bus_num(d->bus), check_bar_overlap, &args); + if (args.rc) { + PT_WARN(d, "Region: %d (addr: %#"FMT_PCIBUS + ", len: %#"FMT_PCIBUS") is overlapped.\n", + bar, sec->offset_within_address_space, sec->size); + } + + if (d->io_regions[bar].type & PCI_BASE_ADDRESS_SPACE_IO) { + uint32_t guest_port = sec->offset_within_address_space; + uint32_t machine_port = s->bases[bar].access.pio_base; + uint32_t size = sec->size; + rc = xc_domain_ioport_mapping(xen_xc, xen_domid, + guest_port, machine_port, size, + op); + if (rc) { + PT_ERR(d, "%s ioport mapping failed! (rc: %i)\n", + adding ? "create new" : "remove old", rc); + } + } else { + pcibus_t guest_addr = sec->offset_within_address_space; + pcibus_t machine_addr = s->bases[bar].access.maddr + + sec->offset_within_region; + pcibus_t size = sec->size; + rc = xc_domain_memory_mapping(xen_xc, xen_domid, + PFN(guest_addr + XC_PAGE_SIZE - 1), + PFN(machine_addr + XC_PAGE_SIZE - 1), + PFN(size), + op); + if (rc) { + PT_ERR(d, "%s mem mapping failed! (rc: %i)\n", + adding ? "create new" : "remove old", rc); + } + } +} + +static void pt_begin(MemoryListener *l) +{ +} + +static void pt_commit(MemoryListener *l) +{ +} + +static void pt_region_add(MemoryListener *l, MemoryRegionSection *sec) +{ + XenPCIPassthroughState *s = container_of(l, XenPCIPassthroughState, + memory_listener); + + pt_region_update(s, sec, true); +} + +static void pt_region_del(MemoryListener *l, MemoryRegionSection *sec) +{ + XenPCIPassthroughState *s = container_of(l, XenPCIPassthroughState, + memory_listener); + + pt_region_update(s, sec, false); +} + +static void pt_region_nop(MemoryListener *l, MemoryRegionSection *s) +{ +} + +static void pt_log_fns(MemoryListener *l, MemoryRegionSection *s) +{ +} + +static void pt_log_global_fns(MemoryListener *l) +{ +} + +static void pt_eventfd_fns(MemoryListener *l, MemoryRegionSection *s, + bool match_data, uint64_t data, int fd) +{ +} + +static const MemoryListener xen_pt_memory_listener = { + .begin = pt_begin, + .commit = pt_commit, + .region_add = pt_region_add, + .region_nop = pt_region_nop, + .region_del = pt_region_del, + .log_start = pt_log_fns, + .log_stop = pt_log_fns, + .log_sync = pt_log_fns, + .log_global_start = pt_log_global_fns, + .log_global_stop = pt_log_global_fns, + .eventfd_add = pt_eventfd_fns, + .eventfd_del = pt_eventfd_fns, + .priority = 10, +}; + +/* init */ + +static int pt_initfn(PCIDevice *d) +{ + XenPCIPassthroughState *s = DO_UPCAST(XenPCIPassthroughState, dev, d); + int dom, bus; + unsigned slot, func; + int rc = 0; + uint8_t machine_irq = 0; + int pirq = PT_UNASSIGNED_PIRQ; + + if (pci_parse_devaddr(s->hostaddr, &dom, &bus, &slot, &func) < 0) { + PT_ERR(d, "Failed to parse BDF: %s\n", s->hostaddr); + return -1; + } + + /* register real device */ + PT_LOG(d, "Assigning real physical device %02x:%02x.%x" + " to devfn %#x\n", bus, slot, func, s->dev.devfn); + + s->real_device = host_pci_device_get(bus, slot, func); + if (!s->real_device) { + return -1; + } + + s->is_virtfn = s->real_device->is_virtfn; + if (s->is_virtfn) { + PT_LOG(d, "%04x:%02x:%02x.%x is a SR-IOV Virtual Function\n", + s->real_device->domain, bus, slot, func); + } + + /* Initialize virtualized PCI configuration (Extended 256 Bytes) */ + if (host_pci_get_block(s->real_device, 0, d->config, + PCI_CONFIG_SPACE_SIZE) == -1) { + host_pci_device_put(s->real_device); + return -1; + } + + s->memory_listener = xen_pt_memory_listener; + + /* Handle real device's MMIO/PIO BARs */ + pt_register_regions(s); + + /* Bind interrupt */ + if (!s->dev.config[PCI_INTERRUPT_PIN]) { + PT_LOG(d, "no pin interrupt\n"); + goto out; + } + + host_pci_get_byte(s->real_device, PCI_INTERRUPT_LINE, &machine_irq); + rc = xc_physdev_map_pirq(xen_xc, xen_domid, machine_irq, &pirq); + + if (rc < 0) { + PT_ERR(d, "Mapping machine irq %u to pirq %i failed, (rc: %d)\n", + machine_irq, pirq, rc); + + /* Disable PCI intx assertion (turn on bit10 of devctl) */ + host_pci_set_word(s->real_device, + PCI_COMMAND, + pci_get_word(s->dev.config + PCI_COMMAND) + | PCI_COMMAND_INTX_DISABLE); + machine_irq = 0; + s->machine_irq = 0; + } else { + machine_irq = pirq; + s->machine_irq = pirq; + mapped_machine_irq[machine_irq]++; + } + + /* bind machine_irq to device */ + if (machine_irq != 0) { + uint8_t e_intx = pci_intx(s); + + rc = xc_domain_bind_pt_pci_irq(xen_xc, xen_domid, machine_irq, + pci_bus_num(d->bus), + PCI_SLOT(d->devfn), + e_intx); + if (rc < 0) { + PT_ERR(d, "Binding of interrupt %i failed! (rc: %d)\n", + e_intx, rc); + + /* Disable PCI intx assertion (turn on bit10 of devctl) */ + host_pci_set_word(s->real_device, PCI_COMMAND, + *(uint16_t *)(&s->dev.config[PCI_COMMAND]) + | PCI_COMMAND_INTX_DISABLE); + mapped_machine_irq[machine_irq]--; + + if (mapped_machine_irq[machine_irq] == 0) { + if (xc_physdev_unmap_pirq(xen_xc, xen_domid, machine_irq)) { + PT_ERR(d, "Unmapping of machine interrupt %i failed!" + " (rc: %d)\n", machine_irq, rc); + } + } + s->machine_irq = 0; + } + } + +out: + memory_listener_register(&s->memory_listener, NULL); + PT_LOG(d, "Real physical device %02x:%02x.%x registered successfuly!\n", + bus, slot, func); + + return 0; +} + +static int pt_unregister_device(PCIDevice *d) +{ + XenPCIPassthroughState *s = DO_UPCAST(XenPCIPassthroughState, dev, d); + uint8_t machine_irq = s->machine_irq; + uint8_t intx = pci_intx(s); + int rc; + + if (machine_irq) { + rc = xc_domain_unbind_pt_irq(xen_xc, xen_domid, machine_irq, + PT_IRQ_TYPE_PCI, + pci_bus_num(d->bus), + PCI_SLOT(s->dev.devfn), + intx, + 0 /* isa_irq */); + if (rc < 0) { + PT_ERR(d, "unbinding of interrupt INT%c failed." + " (machine irq: %i, rc: %d)" + " But bravely continuing on..\n", + 'a' + intx, machine_irq, rc); + } + } + + if (machine_irq) { + mapped_machine_irq[machine_irq]--; + + if (mapped_machine_irq[machine_irq] == 0) { + rc = xc_physdev_unmap_pirq(xen_xc, xen_domid, machine_irq); + + if (rc < 0) { + PT_ERR(d, "unmapping of interrupt %i failed. (rc: %d)" + " But bravely continuing on..\n", + machine_irq, rc); + } + } + } + + pt_unregister_regions(s); + memory_listener_unregister(&s->memory_listener); + + host_pci_device_put(s->real_device); + + return 0; +} + +static Property xen_pci_passthrough_properties[] = { + DEFINE_PROP_STRING("hostaddr", XenPCIPassthroughState, hostaddr), + DEFINE_PROP_END_OF_LIST(), +}; + +static void xen_pci_passthrough_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + PCIDeviceClass *k = PCI_DEVICE_CLASS(klass); + + k->init = pt_initfn; + k->exit = pt_unregister_device; + k->config_read = pt_pci_read_config; + k->config_write = pt_pci_write_config; + dc->desc = "Assign an host PCI device with Xen"; + dc->props = xen_pci_passthrough_properties; +}; + +static TypeInfo xen_pci_passthrough_info = { + .name = "xen-pci-passthrough", + .parent = TYPE_PCI_DEVICE, + .instance_size = sizeof(XenPCIPassthroughState), + .class_init = xen_pci_passthrough_class_init, +}; + +static void xen_pci_passthrough_register_types(void) +{ + type_register_static(&xen_pci_passthrough_info); +} + +type_init(xen_pci_passthrough_register_types) diff --git a/hw/xen_pci_passthrough.h b/hw/xen_pci_passthrough.h new file mode 100644 index 0000000..2c5e83d --- /dev/null +++ b/hw/xen_pci_passthrough.h @@ -0,0 +1,250 @@ +#ifndef QEMU_HW_XEN_PCI_PASSTHROUGH_H +# define QEMU_HW_XEN_PCI_PASSTHROUGH_H + +#include "qemu-common.h" +#include "xen_common.h" +#include "pci.h" +#include "host-pci-device.h" + +/* #define PT_LOGGING_ENABLED */ +/* #define PT_DEBUG_PCI_CONFIG_ACCESS */ + +void pt_log(const PCIDevice *d, const char *f, ...) GCC_FMT_ATTR(2, 3); + +#define PT_ERR(d, _f, _a...) pt_log(d, "%s: Error: " _f, __func__, ##_a) + +#ifdef PT_LOGGING_ENABLED +# define PT_LOG(d, _f, _a...) pt_log(d, "%s: " _f, __func__, ##_a) +# define PT_WARN(d, _f, _a...) pt_log(d, "%s: Warning: " _f, __func__, ##_a) +#else +# define PT_LOG(d, _f, _a...) +# define PT_WARN(d, _f, _a...) +#endif + +#ifdef PT_DEBUG_PCI_CONFIG_ACCESS +# define PT_LOG_CONFIG(d, addr, val, len) \ + pt_log(d, "%s: address=0x%04x val=0x%08x len=%d\n", \ + __func__, addr, val, len) +#else +# define PT_LOG_CONFIG(d, addr, val, len) +#endif + + +/* Helper */ +#define PFN(x) ((x) >> XC_PAGE_SHIFT) + +typedef struct XenPTRegInfo XenPTRegInfo; +typedef struct XenPTReg XenPTReg; + +typedef struct XenPCIPassthroughState XenPCIPassthroughState; + +/* function type for config reg */ +typedef int (*conf_reg_init) + (XenPCIPassthroughState *, XenPTRegInfo *, uint32_t real_offset, + uint32_t *data); +typedef int (*conf_dword_write) + (XenPCIPassthroughState *, XenPTReg *cfg_entry, + uint32_t *val, uint32_t dev_value, uint32_t valid_mask); +typedef int (*conf_word_write) + (XenPCIPassthroughState *, XenPTReg *cfg_entry, + uint16_t *val, uint16_t dev_value, uint16_t valid_mask); +typedef int (*conf_byte_write) + (XenPCIPassthroughState *, XenPTReg *cfg_entry, + uint8_t *val, uint8_t dev_value, uint8_t valid_mask); +typedef int (*conf_dword_read) + (XenPCIPassthroughState *, XenPTReg *cfg_entry, + uint32_t *val, uint32_t valid_mask); +typedef int (*conf_word_read) + (XenPCIPassthroughState *, XenPTReg *cfg_entry, + uint16_t *val, uint16_t valid_mask); +typedef int (*conf_byte_read) + (XenPCIPassthroughState *, XenPTReg *cfg_entry, + uint8_t *val, uint8_t valid_mask); + +#define PT_BAR_ALLF 0xFFFFFFFF /* BAR ALLF value */ +#define PT_PCI_BAR_UNMAPPED (-1) + + +typedef enum { + GRP_TYPE_HARDWIRED = 0, /* 0 Hardwired reg group */ + GRP_TYPE_EMU, /* emul reg group */ +} RegisterGroupType; + +typedef enum { + PT_BAR_FLAG_MEM = 0, /* Memory type BAR */ + PT_BAR_FLAG_IO, /* I/O type BAR */ + PT_BAR_FLAG_UPPER, /* upper 64bit BAR */ + PT_BAR_FLAG_UNUSED, /* unused BAR */ +} PTBarFlag; + + +typedef struct XenPTRegion { + /* BAR flag */ + PTBarFlag bar_flag; + /* Translation of the emulated address */ + union { + uint64_t maddr; + uint64_t pio_base; + uint64_t u; + } access; +} XenPTRegion; + +/* XenPTRegInfo declaration + * - only for emulated register (either a part or whole bit). + * - for passthrough register that need special behavior (like interacting with + * other component), set emu_mask to all 0 and specify r/w func properly. + * - do NOT use ALL F for init_val, otherwise the tbl will not be registered. + */ + +/* emulated register infomation */ +struct XenPTRegInfo { + uint32_t offset; + uint32_t size; + uint32_t init_val; + /* reg read only field mask (ON:RO/ROS, OFF:other) */ + uint32_t ro_mask; + /* reg emulate field mask (ON:emu, OFF:passthrough) */ + uint32_t emu_mask; + /* no write back allowed */ + uint32_t no_wb; + conf_reg_init init; + /* read/write function pointer + * for double_word/word/byte size */ + union { + struct { + conf_dword_write write; + conf_dword_read read; + } dw; + struct { + conf_word_write write; + conf_word_read read; + } w; + struct { + conf_byte_write write; + conf_byte_read read; + } b; + } u; +}; + +/* emulated register management */ +struct XenPTReg { + QLIST_ENTRY(XenPTReg) entries; + XenPTRegInfo *reg; + uint32_t data; /* emulated value */ +}; + +typedef struct XenPTRegGroupInfo XenPTRegGroupInfo; + +/* emul reg group size initialize method */ +typedef int (*pt_reg_size_init_fn) + (XenPCIPassthroughState *, const XenPTRegGroupInfo *, + uint32_t base_offset, uint8_t *size); + +/* emulated register group infomation */ +struct XenPTRegGroupInfo { + uint8_t grp_id; + RegisterGroupType grp_type; + uint8_t grp_size; + pt_reg_size_init_fn size_init; + XenPTRegInfo *emu_reg_tbl; +}; + +/* emul register group management table */ +typedef struct XenPTRegGroup { + QLIST_ENTRY(XenPTRegGroup) entries; + const XenPTRegGroupInfo *reg_grp; + uint32_t base_offset; + uint8_t size; + QLIST_HEAD(, XenPTReg) reg_tbl_list; +} XenPTRegGroup; + + +#define PT_UNASSIGNED_PIRQ (-1) + +struct XenPCIPassthroughState { + PCIDevice dev; + + char *hostaddr; + bool is_virtfn; + HostPCIDevice *real_device; + XenPTRegion bases[PCI_NUM_REGIONS]; /* Access regions */ + QLIST_HEAD(, XenPTRegGroup) reg_grp_tbl; + + uint32_t machine_irq; + + MemoryRegion bar[PCI_NUM_REGIONS - 1]; + MemoryRegion rom; + + MemoryListener memory_listener; +}; + +int pt_config_init(XenPCIPassthroughState *s); +void pt_config_delete(XenPCIPassthroughState *s); +XenPTRegGroup *pt_find_reg_grp(XenPCIPassthroughState *s, uint32_t address); +XenPTReg *pt_find_reg(XenPTRegGroup *reg_grp, uint32_t address); +int pt_bar_offset_to_index(uint32_t offset); + +static inline pcibus_t pt_get_emul_size(PTBarFlag flag, pcibus_t r_size) +{ + /* align resource size (memory type only) */ + if (flag == PT_BAR_FLAG_MEM) { + return (r_size + XC_PAGE_SIZE - 1) & XC_PAGE_MASK; + } else { + return r_size; + } +} + +/* INTx */ +/* The PCI Local Bus Specification, Rev. 3.0, + * Section 6.2.4 Miscellaneous Registers, pp 223 + * outlines 5 valid values for the interrupt pin (intx). + * 0: For devices (or device functions) that don't use an interrupt in + * 1: INTA# + * 2: INTB# + * 3: INTC# + * 4: INTD# + * + * Xen uses the following 4 values for intx + * 0: INTA# + * 1: INTB# + * 2: INTC# + * 3: INTD# + * + * Observing that these list of values are not the same, pci_read_intx() + * uses the following mapping from hw to xen values. + * This seems to reflect the current usage within Xen. + * + * PCI hardware | Xen | Notes + * ----------------+-----+---------------------------------------------------- + * 0 | 0 | No interrupt + * 1 | 0 | INTA# + * 2 | 1 | INTB# + * 3 | 2 | INTC# + * 4 | 3 | INTD# + * any other value | 0 | This should never happen, log error message + */ + +static inline uint8_t pci_read_intx(XenPCIPassthroughState *s) +{ + uint8_t v = 0; + host_pci_get_byte(s->real_device, PCI_INTERRUPT_PIN, &v); + return v; +} + +static inline uint8_t pci_intx(XenPCIPassthroughState *s) +{ + uint8_t r_val = pci_read_intx(s); + + PT_LOG(&s->dev, "intx=%i\n", r_val); + if (r_val < 1 || r_val > 4) { + PT_LOG(&s->dev, "Interrupt pin read from hardware is out of range:" + " value=%i, acceptable range is 1 - 4\n", r_val); + r_val = 0; + } else { + r_val -= 1; + } + + return r_val; +} + +#endif /* !QEMU_HW_XEN_PCI_PASSTHROUGH_H */ diff --git a/hw/xen_pci_passthrough_config_init.c b/hw/xen_pci_passthrough_config_init.c new file mode 100644 index 0000000..1e9de64 --- /dev/null +++ b/hw/xen_pci_passthrough_config_init.c @@ -0,0 +1,11 @@ +#include "xen_pci_passthrough.h" + +XenPTRegGroup *pt_find_reg_grp(XenPCIPassthroughState *s, uint32_t address) +{ + return NULL; +} + +XenPTReg *pt_find_reg(XenPTRegGroup *reg_grp, uint32_t address) +{ + return NULL; +} diff --git a/xen-all.c b/xen-all.c index 3e6de41..e9daf8e 100644 --- a/xen-all.c +++ b/xen-all.c @@ -1145,3 +1145,15 @@ void xen_register_framebuffer(MemoryRegion *mr) { framebuffer = mr; } + +void xen_shutdown_fatal_error(const char *fmt, ...) +{ + va_list ap; + + va_start(ap, fmt); + vfprintf(stderr, fmt, ap); + va_end(ap); + fprintf(stderr, "Will destroy the domain.\n"); + /* destroy the domain */ + qemu_system_shutdown_request(); +}