xref: /openbmc/qemu/hw/audio/virtio-snd.c (revision 6ea3f1f0)
1 /*
2  * VIRTIO Sound Device conforming to
3  *
4  * "Virtual I/O Device (VIRTIO) Version 1.2
5  * Committee Specification Draft 01
6  * 09 May 2022"
7  *
8  * <https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01.html#x1-52900014>
9  *
10  * Copyright (c) 2023 Emmanouil Pitsidianakis <manos.pitsidianakis@linaro.org>
11  * Copyright (C) 2019 OpenSynergy GmbH
12  *
13  * This work is licensed under the terms of the GNU GPL, version 2 or
14  * (at your option) any later version.  See the COPYING file in the
15  * top-level directory.
16  */
17 
18 #include "qemu/osdep.h"
19 #include "qemu/iov.h"
20 #include "qemu/log.h"
21 #include "qemu/error-report.h"
22 #include "qemu/lockable.h"
23 #include "exec/tswap.h"
24 #include "sysemu/runstate.h"
25 #include "trace.h"
26 #include "qapi/error.h"
27 #include "hw/audio/virtio-snd.h"
28 
29 #define VIRTIO_SOUND_VM_VERSION 1
30 #define VIRTIO_SOUND_JACK_DEFAULT 0
31 #define VIRTIO_SOUND_STREAM_DEFAULT 2
32 #define VIRTIO_SOUND_CHMAP_DEFAULT 0
33 #define VIRTIO_SOUND_HDA_FN_NID 0
34 
35 static void virtio_snd_pcm_out_cb(void *data, int available);
36 static void virtio_snd_process_cmdq(VirtIOSound *s);
37 static void virtio_snd_pcm_flush(VirtIOSoundPCMStream *stream);
38 static void virtio_snd_pcm_in_cb(void *data, int available);
39 static void virtio_snd_unrealize(DeviceState *dev);
40 
41 static uint32_t supported_formats = BIT(VIRTIO_SND_PCM_FMT_S8)
42                                   | BIT(VIRTIO_SND_PCM_FMT_U8)
43                                   | BIT(VIRTIO_SND_PCM_FMT_S16)
44                                   | BIT(VIRTIO_SND_PCM_FMT_U16)
45                                   | BIT(VIRTIO_SND_PCM_FMT_S32)
46                                   | BIT(VIRTIO_SND_PCM_FMT_U32)
47                                   | BIT(VIRTIO_SND_PCM_FMT_FLOAT);
48 
49 static uint32_t supported_rates = BIT(VIRTIO_SND_PCM_RATE_5512)
50                                 | BIT(VIRTIO_SND_PCM_RATE_8000)
51                                 | BIT(VIRTIO_SND_PCM_RATE_11025)
52                                 | BIT(VIRTIO_SND_PCM_RATE_16000)
53                                 | BIT(VIRTIO_SND_PCM_RATE_22050)
54                                 | BIT(VIRTIO_SND_PCM_RATE_32000)
55                                 | BIT(VIRTIO_SND_PCM_RATE_44100)
56                                 | BIT(VIRTIO_SND_PCM_RATE_48000)
57                                 | BIT(VIRTIO_SND_PCM_RATE_64000)
58                                 | BIT(VIRTIO_SND_PCM_RATE_88200)
59                                 | BIT(VIRTIO_SND_PCM_RATE_96000)
60                                 | BIT(VIRTIO_SND_PCM_RATE_176400)
61                                 | BIT(VIRTIO_SND_PCM_RATE_192000)
62                                 | BIT(VIRTIO_SND_PCM_RATE_384000);
63 
64 static const VMStateDescription vmstate_virtio_snd_device = {
65     .name = TYPE_VIRTIO_SND,
66     .version_id = VIRTIO_SOUND_VM_VERSION,
67     .minimum_version_id = VIRTIO_SOUND_VM_VERSION,
68 };
69 
70 static const VMStateDescription vmstate_virtio_snd = {
71     .name = TYPE_VIRTIO_SND,
72     .unmigratable = 1,
73     .minimum_version_id = VIRTIO_SOUND_VM_VERSION,
74     .version_id = VIRTIO_SOUND_VM_VERSION,
75     .fields = (const VMStateField[]) {
76         VMSTATE_VIRTIO_DEVICE,
77         VMSTATE_END_OF_LIST()
78     },
79 };
80 
81 static Property virtio_snd_properties[] = {
82     DEFINE_AUDIO_PROPERTIES(VirtIOSound, card),
83     DEFINE_PROP_UINT32("jacks", VirtIOSound, snd_conf.jacks,
84                        VIRTIO_SOUND_JACK_DEFAULT),
85     DEFINE_PROP_UINT32("streams", VirtIOSound, snd_conf.streams,
86                        VIRTIO_SOUND_STREAM_DEFAULT),
87     DEFINE_PROP_UINT32("chmaps", VirtIOSound, snd_conf.chmaps,
88                        VIRTIO_SOUND_CHMAP_DEFAULT),
89     DEFINE_PROP_END_OF_LIST(),
90 };
91 
92 static void
93 virtio_snd_get_config(VirtIODevice *vdev, uint8_t *config)
94 {
95     VirtIOSound *s = VIRTIO_SND(vdev);
96     virtio_snd_config *sndconfig =
97         (virtio_snd_config *)config;
98     trace_virtio_snd_get_config(vdev,
99                                 s->snd_conf.jacks,
100                                 s->snd_conf.streams,
101                                 s->snd_conf.chmaps);
102 
103     memcpy(sndconfig, &s->snd_conf, sizeof(s->snd_conf));
104     cpu_to_le32s(&sndconfig->jacks);
105     cpu_to_le32s(&sndconfig->streams);
106     cpu_to_le32s(&sndconfig->chmaps);
107 
108 }
109 
110 static void
111 virtio_snd_pcm_buffer_free(VirtIOSoundPCMBuffer *buffer)
112 {
113     g_free(buffer->elem);
114     g_free(buffer);
115 }
116 
117 static void
118 virtio_snd_ctrl_cmd_free(virtio_snd_ctrl_command *cmd)
119 {
120     g_free(cmd->elem);
121     g_free(cmd);
122 }
123 
124 /*
125  * Get a specific stream from the virtio sound card device.
126  * Returns NULL if @stream_id is invalid or not allocated.
127  *
128  * @s: VirtIOSound device
129  * @stream_id: stream id
130  */
131 static VirtIOSoundPCMStream *virtio_snd_pcm_get_stream(VirtIOSound *s,
132                                                        uint32_t stream_id)
133 {
134     return stream_id >= s->snd_conf.streams ? NULL :
135         s->pcm->streams[stream_id];
136 }
137 
138 /*
139  * Get params for a specific stream.
140  *
141  * @s: VirtIOSound device
142  * @stream_id: stream id
143  */
144 static virtio_snd_pcm_set_params *virtio_snd_pcm_get_params(VirtIOSound *s,
145                                                             uint32_t stream_id)
146 {
147     return stream_id >= s->snd_conf.streams ? NULL
148         : &s->pcm->pcm_params[stream_id];
149 }
150 
151 /*
152  * Handle the VIRTIO_SND_R_PCM_INFO request.
153  * The function writes the info structs to the request element.
154  *
155  * @s: VirtIOSound device
156  * @cmd: The request command queue element from VirtIOSound cmdq field
157  */
158 static void virtio_snd_handle_pcm_info(VirtIOSound *s,
159                                        virtio_snd_ctrl_command *cmd)
160 {
161     uint32_t stream_id, start_id, count, size;
162     virtio_snd_pcm_info val;
163     virtio_snd_query_info req;
164     VirtIOSoundPCMStream *stream = NULL;
165     g_autofree virtio_snd_pcm_info *pcm_info = NULL;
166     size_t msg_sz = iov_to_buf(cmd->elem->out_sg,
167                                cmd->elem->out_num,
168                                0,
169                                &req,
170                                sizeof(virtio_snd_query_info));
171 
172     if (msg_sz != sizeof(virtio_snd_query_info)) {
173         /*
174          * TODO: do we need to set DEVICE_NEEDS_RESET?
175          */
176         qemu_log_mask(LOG_GUEST_ERROR,
177                 "%s: virtio-snd command size incorrect %zu vs \
178                 %zu\n", __func__, msg_sz, sizeof(virtio_snd_query_info));
179         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
180         return;
181     }
182 
183     start_id = le32_to_cpu(req.start_id);
184     count = le32_to_cpu(req.count);
185     size = le32_to_cpu(req.size);
186 
187     if (iov_size(cmd->elem->in_sg, cmd->elem->in_num) <
188         sizeof(virtio_snd_hdr) + size * count) {
189         /*
190          * TODO: do we need to set DEVICE_NEEDS_RESET?
191          */
192         error_report("pcm info: buffer too small, got: %zu, needed: %zu",
193                 iov_size(cmd->elem->in_sg, cmd->elem->in_num),
194                 sizeof(virtio_snd_pcm_info));
195         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
196         return;
197     }
198 
199     pcm_info = g_new0(virtio_snd_pcm_info, count);
200     for (uint32_t i = 0; i < count; i++) {
201         stream_id = i + start_id;
202         trace_virtio_snd_handle_pcm_info(stream_id);
203         stream = virtio_snd_pcm_get_stream(s, stream_id);
204         if (!stream) {
205             error_report("Invalid stream id: %"PRIu32, stream_id);
206             cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
207             return;
208         }
209         val = stream->info;
210         val.hdr.hda_fn_nid = cpu_to_le32(val.hdr.hda_fn_nid);
211         val.features = cpu_to_le32(val.features);
212         val.formats = cpu_to_le64(val.formats);
213         val.rates = cpu_to_le64(val.rates);
214         /*
215          * 5.14.6.6.2.1 Device Requirements: Stream Information The device MUST
216          * NOT set undefined feature, format, rate and direction values. The
217          * device MUST initialize the padding bytes to 0.
218          */
219         pcm_info[i] = val;
220         memset(&pcm_info[i].padding, 0, 5);
221     }
222 
223     cmd->payload_size = sizeof(virtio_snd_pcm_info) * count;
224     cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_OK);
225     iov_from_buf(cmd->elem->in_sg,
226                  cmd->elem->in_num,
227                  sizeof(virtio_snd_hdr),
228                  pcm_info,
229                  cmd->payload_size);
230 }
231 
232 /*
233  * Set the given stream params.
234  * Called by both virtio_snd_handle_pcm_set_params and during device
235  * initialization.
236  * Returns the response status code. (VIRTIO_SND_S_*).
237  *
238  * @s: VirtIOSound device
239  * @params: The PCM params as defined in the virtio specification
240  */
241 static
242 uint32_t virtio_snd_set_pcm_params(VirtIOSound *s,
243                                    uint32_t stream_id,
244                                    virtio_snd_pcm_set_params *params)
245 {
246     virtio_snd_pcm_set_params *st_params;
247 
248     if (stream_id >= s->snd_conf.streams || s->pcm->pcm_params == NULL) {
249         /*
250          * TODO: do we need to set DEVICE_NEEDS_RESET?
251          */
252         virtio_error(VIRTIO_DEVICE(s), "Streams have not been initialized.\n");
253         return cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
254     }
255 
256     st_params = virtio_snd_pcm_get_params(s, stream_id);
257 
258     if (params->channels < 1 || params->channels > AUDIO_MAX_CHANNELS) {
259         error_report("Number of channels is not supported.");
260         return cpu_to_le32(VIRTIO_SND_S_NOT_SUPP);
261     }
262     if (params->format >= sizeof(supported_formats) * BITS_PER_BYTE ||
263         !(supported_formats & BIT(params->format))) {
264         error_report("Stream format is not supported.");
265         return cpu_to_le32(VIRTIO_SND_S_NOT_SUPP);
266     }
267     if (params->rate >= sizeof(supported_rates) * BITS_PER_BYTE ||
268         !(supported_rates & BIT(params->rate))) {
269         error_report("Stream rate is not supported.");
270         return cpu_to_le32(VIRTIO_SND_S_NOT_SUPP);
271     }
272 
273     st_params->buffer_bytes = le32_to_cpu(params->buffer_bytes);
274     st_params->period_bytes = le32_to_cpu(params->period_bytes);
275     st_params->features = le32_to_cpu(params->features);
276     /* the following are uint8_t, so there's no need to bswap the values. */
277     st_params->channels = params->channels;
278     st_params->format = params->format;
279     st_params->rate = params->rate;
280 
281     return cpu_to_le32(VIRTIO_SND_S_OK);
282 }
283 
284 /*
285  * Handles the VIRTIO_SND_R_PCM_SET_PARAMS request.
286  *
287  * @s: VirtIOSound device
288  * @cmd: The request command queue element from VirtIOSound cmdq field
289  */
290 static void virtio_snd_handle_pcm_set_params(VirtIOSound *s,
291                                              virtio_snd_ctrl_command *cmd)
292 {
293     virtio_snd_pcm_set_params req = { 0 };
294     uint32_t stream_id;
295     size_t msg_sz = iov_to_buf(cmd->elem->out_sg,
296                                cmd->elem->out_num,
297                                0,
298                                &req,
299                                sizeof(virtio_snd_pcm_set_params));
300 
301     if (msg_sz != sizeof(virtio_snd_pcm_set_params)) {
302         /*
303          * TODO: do we need to set DEVICE_NEEDS_RESET?
304          */
305         qemu_log_mask(LOG_GUEST_ERROR,
306                 "%s: virtio-snd command size incorrect %zu vs \
307                 %zu\n", __func__, msg_sz, sizeof(virtio_snd_pcm_set_params));
308         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
309         return;
310     }
311     stream_id = le32_to_cpu(req.hdr.stream_id);
312     trace_virtio_snd_handle_pcm_set_params(stream_id);
313     cmd->resp.code = virtio_snd_set_pcm_params(s, stream_id, &req);
314 }
315 
316 /*
317  * Get a QEMU Audiosystem compatible format value from a VIRTIO_SND_PCM_FMT_*
318  */
319 static AudioFormat virtio_snd_get_qemu_format(uint32_t format)
320 {
321     #define CASE(FMT)               \
322     case VIRTIO_SND_PCM_FMT_##FMT:  \
323         return AUDIO_FORMAT_##FMT;
324 
325     switch (format) {
326     CASE(U8)
327     CASE(S8)
328     CASE(U16)
329     CASE(S16)
330     CASE(U32)
331     CASE(S32)
332     case VIRTIO_SND_PCM_FMT_FLOAT:
333         return AUDIO_FORMAT_F32;
334     default:
335         g_assert_not_reached();
336     }
337 
338     #undef CASE
339 }
340 
341 /*
342  * Get a QEMU Audiosystem compatible frequency value from a
343  * VIRTIO_SND_PCM_RATE_*
344  */
345 static uint32_t virtio_snd_get_qemu_freq(uint32_t rate)
346 {
347     #define CASE(RATE)               \
348     case VIRTIO_SND_PCM_RATE_##RATE: \
349         return RATE;
350 
351     switch (rate) {
352     CASE(5512)
353     CASE(8000)
354     CASE(11025)
355     CASE(16000)
356     CASE(22050)
357     CASE(32000)
358     CASE(44100)
359     CASE(48000)
360     CASE(64000)
361     CASE(88200)
362     CASE(96000)
363     CASE(176400)
364     CASE(192000)
365     CASE(384000)
366     default:
367         g_assert_not_reached();
368     }
369 
370     #undef CASE
371 }
372 
373 /*
374  * Get QEMU Audiosystem compatible audsettings from virtio based pcm stream
375  * params.
376  */
377 static void virtio_snd_get_qemu_audsettings(audsettings *as,
378                                             virtio_snd_pcm_set_params *params)
379 {
380     as->nchannels = MIN(AUDIO_MAX_CHANNELS, params->channels);
381     as->fmt = virtio_snd_get_qemu_format(params->format);
382     as->freq = virtio_snd_get_qemu_freq(params->rate);
383     as->endianness = 0; /* Conforming to VIRTIO 1.0: always little endian. */
384 }
385 
386 /*
387  * Close a stream and free all its resources.
388  *
389  * @stream: VirtIOSoundPCMStream *stream
390  */
391 static void virtio_snd_pcm_close(VirtIOSoundPCMStream *stream)
392 {
393     if (stream) {
394         virtio_snd_pcm_flush(stream);
395         if (stream->info.direction == VIRTIO_SND_D_OUTPUT) {
396             AUD_close_out(&stream->pcm->snd->card, stream->voice.out);
397             stream->voice.out = NULL;
398         } else if (stream->info.direction == VIRTIO_SND_D_INPUT) {
399             AUD_close_in(&stream->pcm->snd->card, stream->voice.in);
400             stream->voice.in = NULL;
401         }
402     }
403 }
404 
405 /*
406  * Prepares a VirtIOSound card stream.
407  * Returns the response status code. (VIRTIO_SND_S_*).
408  *
409  * @s: VirtIOSound device
410  * @stream_id: stream id
411  */
412 static uint32_t virtio_snd_pcm_prepare(VirtIOSound *s, uint32_t stream_id)
413 {
414     audsettings as;
415     virtio_snd_pcm_set_params *params;
416     VirtIOSoundPCMStream *stream;
417 
418     if (s->pcm->streams == NULL ||
419         s->pcm->pcm_params == NULL ||
420         stream_id >= s->snd_conf.streams) {
421         return cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
422     }
423 
424     params = virtio_snd_pcm_get_params(s, stream_id);
425     if (params == NULL) {
426         return cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
427     }
428 
429     stream = virtio_snd_pcm_get_stream(s, stream_id);
430     if (stream == NULL) {
431         stream = g_new0(VirtIOSoundPCMStream, 1);
432         stream->active = false;
433         stream->id = stream_id;
434         stream->pcm = s->pcm;
435         stream->s = s;
436         qemu_mutex_init(&stream->queue_mutex);
437         QSIMPLEQ_INIT(&stream->queue);
438 
439         /*
440          * stream_id >= s->snd_conf.streams was checked before so this is
441          * in-bounds
442          */
443         s->pcm->streams[stream_id] = stream;
444     }
445 
446     virtio_snd_get_qemu_audsettings(&as, params);
447     stream->info.direction = stream_id < s->snd_conf.streams / 2 +
448         (s->snd_conf.streams & 1) ? VIRTIO_SND_D_OUTPUT : VIRTIO_SND_D_INPUT;
449     stream->info.hdr.hda_fn_nid = VIRTIO_SOUND_HDA_FN_NID;
450     stream->info.features = 0;
451     stream->info.channels_min = 1;
452     stream->info.channels_max = as.nchannels;
453     stream->info.formats = supported_formats;
454     stream->info.rates = supported_rates;
455     stream->params = *params;
456 
457     stream->positions[0] = VIRTIO_SND_CHMAP_FL;
458     stream->positions[1] = VIRTIO_SND_CHMAP_FR;
459     stream->as = as;
460 
461     if (stream->info.direction == VIRTIO_SND_D_OUTPUT) {
462         stream->voice.out = AUD_open_out(&s->card,
463                                          stream->voice.out,
464                                          "virtio-sound.out",
465                                          stream,
466                                          virtio_snd_pcm_out_cb,
467                                          &as);
468         AUD_set_volume_out(stream->voice.out, 0, 255, 255);
469     } else {
470         stream->voice.in = AUD_open_in(&s->card,
471                                         stream->voice.in,
472                                         "virtio-sound.in",
473                                         stream,
474                                         virtio_snd_pcm_in_cb,
475                                         &as);
476         AUD_set_volume_in(stream->voice.in, 0, 255, 255);
477     }
478 
479     return cpu_to_le32(VIRTIO_SND_S_OK);
480 }
481 
482 static const char *print_code(uint32_t code)
483 {
484     #define CASE(CODE)            \
485     case VIRTIO_SND_R_##CODE:     \
486         return "VIRTIO_SND_R_"#CODE
487 
488     switch (code) {
489     CASE(JACK_INFO);
490     CASE(JACK_REMAP);
491     CASE(PCM_INFO);
492     CASE(PCM_SET_PARAMS);
493     CASE(PCM_PREPARE);
494     CASE(PCM_RELEASE);
495     CASE(PCM_START);
496     CASE(PCM_STOP);
497     CASE(CHMAP_INFO);
498     default:
499         return "invalid code";
500     }
501 
502     #undef CASE
503 };
504 
505 /*
506  * Handles VIRTIO_SND_R_PCM_PREPARE.
507  *
508  * @s: VirtIOSound device
509  * @cmd: The request command queue element from VirtIOSound cmdq field
510  */
511 static void virtio_snd_handle_pcm_prepare(VirtIOSound *s,
512                                           virtio_snd_ctrl_command *cmd)
513 {
514     uint32_t stream_id;
515     size_t msg_sz = iov_to_buf(cmd->elem->out_sg,
516                                cmd->elem->out_num,
517                                sizeof(virtio_snd_hdr),
518                                &stream_id,
519                                sizeof(stream_id));
520 
521     stream_id = le32_to_cpu(stream_id);
522     cmd->resp.code = msg_sz == sizeof(stream_id)
523                    ? virtio_snd_pcm_prepare(s, stream_id)
524                    : cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
525 }
526 
527 /*
528  * Handles VIRTIO_SND_R_PCM_START.
529  *
530  * @s: VirtIOSound device
531  * @cmd: The request command queue element from VirtIOSound cmdq field
532  * @start: whether to start or stop the device
533  */
534 static void virtio_snd_handle_pcm_start_stop(VirtIOSound *s,
535                                              virtio_snd_ctrl_command *cmd,
536                                              bool start)
537 {
538     VirtIOSoundPCMStream *stream;
539     virtio_snd_pcm_hdr req;
540     uint32_t stream_id;
541     size_t msg_sz = iov_to_buf(cmd->elem->out_sg,
542                                cmd->elem->out_num,
543                                0,
544                                &req,
545                                sizeof(virtio_snd_pcm_hdr));
546 
547     if (msg_sz != sizeof(virtio_snd_pcm_hdr)) {
548         qemu_log_mask(LOG_GUEST_ERROR,
549                 "%s: virtio-snd command size incorrect %zu vs \
550                 %zu\n", __func__, msg_sz, sizeof(virtio_snd_pcm_hdr));
551         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
552         return;
553     }
554 
555     stream_id = le32_to_cpu(req.stream_id);
556     cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_OK);
557     trace_virtio_snd_handle_pcm_start_stop(start ? "VIRTIO_SND_R_PCM_START" :
558             "VIRTIO_SND_R_PCM_STOP", stream_id);
559 
560     stream = virtio_snd_pcm_get_stream(s, stream_id);
561     if (stream) {
562         WITH_QEMU_LOCK_GUARD(&stream->queue_mutex) {
563             stream->active = start;
564         }
565         if (stream->info.direction == VIRTIO_SND_D_OUTPUT) {
566             AUD_set_active_out(stream->voice.out, start);
567         } else {
568             AUD_set_active_in(stream->voice.in, start);
569         }
570     } else {
571         error_report("Invalid stream id: %"PRIu32, stream_id);
572         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
573         return;
574     }
575     stream->active = start;
576 }
577 
578 /*
579  * Returns the number of I/O messages that are being processed.
580  *
581  * @stream: VirtIOSoundPCMStream
582  */
583 static size_t virtio_snd_pcm_get_io_msgs_count(VirtIOSoundPCMStream *stream)
584 {
585     VirtIOSoundPCMBuffer *buffer, *next;
586     size_t count = 0;
587 
588     WITH_QEMU_LOCK_GUARD(&stream->queue_mutex) {
589         QSIMPLEQ_FOREACH_SAFE(buffer, &stream->queue, entry, next) {
590             count += 1;
591         }
592     }
593     return count;
594 }
595 
596 /*
597  * Handles VIRTIO_SND_R_PCM_RELEASE.
598  *
599  * @s: VirtIOSound device
600  * @cmd: The request command queue element from VirtIOSound cmdq field
601  */
602 static void virtio_snd_handle_pcm_release(VirtIOSound *s,
603                                           virtio_snd_ctrl_command *cmd)
604 {
605     uint32_t stream_id;
606     VirtIOSoundPCMStream *stream;
607     size_t msg_sz = iov_to_buf(cmd->elem->out_sg,
608                                cmd->elem->out_num,
609                                sizeof(virtio_snd_hdr),
610                                &stream_id,
611                                sizeof(stream_id));
612 
613     if (msg_sz != sizeof(stream_id)) {
614         /*
615          * TODO: do we need to set DEVICE_NEEDS_RESET?
616          */
617         qemu_log_mask(LOG_GUEST_ERROR,
618                 "%s: virtio-snd command size incorrect %zu vs \
619                 %zu\n", __func__, msg_sz, sizeof(stream_id));
620         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
621         return;
622     }
623 
624     stream_id = le32_to_cpu(stream_id);
625     trace_virtio_snd_handle_pcm_release(stream_id);
626     stream = virtio_snd_pcm_get_stream(s, stream_id);
627     if (stream == NULL) {
628         /*
629          * TODO: do we need to set DEVICE_NEEDS_RESET?
630          */
631         error_report("already released stream %"PRIu32, stream_id);
632         virtio_error(VIRTIO_DEVICE(s),
633                      "already released stream %"PRIu32,
634                      stream_id);
635         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
636         return;
637     }
638 
639     if (virtio_snd_pcm_get_io_msgs_count(stream)) {
640         /*
641          * virtio-v1.2-csd01, 5.14.6.6.5.1,
642          * Device Requirements: Stream Release
643          *
644          * - The device MUST complete all pending I/O messages for the
645          *   specified stream ID.
646          * - The device MUST NOT complete the control request while there
647          *   are pending I/O messages for the specified stream ID.
648          */
649         trace_virtio_snd_pcm_stream_flush(stream_id);
650         virtio_snd_pcm_flush(stream);
651     }
652 
653     cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_OK);
654 }
655 
656 /*
657  * The actual processing done in virtio_snd_process_cmdq().
658  *
659  * @s: VirtIOSound device
660  * @cmd: control command request
661  */
662 static inline void
663 process_cmd(VirtIOSound *s, virtio_snd_ctrl_command *cmd)
664 {
665     uint32_t code;
666     size_t msg_sz = iov_to_buf(cmd->elem->out_sg,
667                                cmd->elem->out_num,
668                                0,
669                                &cmd->ctrl,
670                                sizeof(virtio_snd_hdr));
671 
672     if (msg_sz != sizeof(virtio_snd_hdr)) {
673         /*
674          * TODO: do we need to set DEVICE_NEEDS_RESET?
675          */
676         qemu_log_mask(LOG_GUEST_ERROR,
677                 "%s: virtio-snd command size incorrect %zu vs \
678                 %zu\n", __func__, msg_sz, sizeof(virtio_snd_hdr));
679         return;
680     }
681 
682     code = le32_to_cpu(cmd->ctrl.code);
683 
684     trace_virtio_snd_handle_code(code, print_code(code));
685 
686     switch (code) {
687     case VIRTIO_SND_R_JACK_INFO:
688     case VIRTIO_SND_R_JACK_REMAP:
689         qemu_log_mask(LOG_UNIMP,
690                      "virtio_snd: jack functionality is unimplemented.\n");
691         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_NOT_SUPP);
692         break;
693     case VIRTIO_SND_R_PCM_INFO:
694         virtio_snd_handle_pcm_info(s, cmd);
695         break;
696     case VIRTIO_SND_R_PCM_START:
697         virtio_snd_handle_pcm_start_stop(s, cmd, true);
698         break;
699     case VIRTIO_SND_R_PCM_STOP:
700         virtio_snd_handle_pcm_start_stop(s, cmd, false);
701         break;
702     case VIRTIO_SND_R_PCM_SET_PARAMS:
703         virtio_snd_handle_pcm_set_params(s, cmd);
704         break;
705     case VIRTIO_SND_R_PCM_PREPARE:
706         virtio_snd_handle_pcm_prepare(s, cmd);
707         break;
708     case VIRTIO_SND_R_PCM_RELEASE:
709         virtio_snd_handle_pcm_release(s, cmd);
710         break;
711     case VIRTIO_SND_R_CHMAP_INFO:
712         qemu_log_mask(LOG_UNIMP,
713                      "virtio_snd: chmap info functionality is unimplemented.\n");
714         trace_virtio_snd_handle_chmap_info();
715         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_NOT_SUPP);
716         break;
717     default:
718         /* error */
719         error_report("virtio snd header not recognized: %"PRIu32, code);
720         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
721     }
722 
723     iov_from_buf(cmd->elem->in_sg,
724                  cmd->elem->in_num,
725                  0,
726                  &cmd->resp,
727                  sizeof(virtio_snd_hdr));
728     virtqueue_push(cmd->vq, cmd->elem,
729                    sizeof(virtio_snd_hdr) + cmd->payload_size);
730     virtio_notify(VIRTIO_DEVICE(s), cmd->vq);
731 }
732 
733 /*
734  * Consume all elements in command queue.
735  *
736  * @s: VirtIOSound device
737  */
738 static void virtio_snd_process_cmdq(VirtIOSound *s)
739 {
740     virtio_snd_ctrl_command *cmd;
741 
742     if (unlikely(qatomic_read(&s->processing_cmdq))) {
743         return;
744     }
745 
746     WITH_QEMU_LOCK_GUARD(&s->cmdq_mutex) {
747         qatomic_set(&s->processing_cmdq, true);
748         while (!QTAILQ_EMPTY(&s->cmdq)) {
749             cmd = QTAILQ_FIRST(&s->cmdq);
750 
751             /* process command */
752             process_cmd(s, cmd);
753 
754             QTAILQ_REMOVE(&s->cmdq, cmd, next);
755 
756             virtio_snd_ctrl_cmd_free(cmd);
757         }
758         qatomic_set(&s->processing_cmdq, false);
759     }
760 }
761 
762 /*
763  * The control message handler. Pops an element from the control virtqueue,
764  * and stores them to VirtIOSound's cmdq queue and finally calls
765  * virtio_snd_process_cmdq() for processing.
766  *
767  * @vdev: VirtIOSound device
768  * @vq: Control virtqueue
769  */
770 static void virtio_snd_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
771 {
772     VirtIOSound *s = VIRTIO_SND(vdev);
773     VirtQueueElement *elem;
774     virtio_snd_ctrl_command *cmd;
775 
776     trace_virtio_snd_handle_ctrl(vdev, vq);
777 
778     if (!virtio_queue_ready(vq)) {
779         return;
780     }
781 
782     elem = virtqueue_pop(vq, sizeof(VirtQueueElement));
783     while (elem) {
784         cmd = g_new0(virtio_snd_ctrl_command, 1);
785         cmd->elem = elem;
786         cmd->vq = vq;
787         cmd->resp.code = cpu_to_le32(VIRTIO_SND_S_OK);
788         /* implicit cmd->payload_size = 0; */
789         QTAILQ_INSERT_TAIL(&s->cmdq, cmd, next);
790         elem = virtqueue_pop(vq, sizeof(VirtQueueElement));
791     }
792 
793     virtio_snd_process_cmdq(s);
794 }
795 
796 /*
797  * The event virtqueue handler.
798  * Not implemented yet.
799  *
800  * @vdev: VirtIOSound device
801  * @vq: event vq
802  */
803 static void virtio_snd_handle_event(VirtIODevice *vdev, VirtQueue *vq)
804 {
805     qemu_log_mask(LOG_UNIMP, "virtio_snd: event queue is unimplemented.\n");
806     trace_virtio_snd_handle_event();
807 }
808 
809 /*
810  * Must only be called if vsnd->invalid is not empty.
811  */
812 static inline void empty_invalid_queue(VirtIODevice *vdev, VirtQueue *vq)
813 {
814     VirtIOSoundPCMBuffer *buffer = NULL;
815     virtio_snd_pcm_status resp = { 0 };
816     VirtIOSound *vsnd = VIRTIO_SND(vdev);
817 
818     g_assert(!QSIMPLEQ_EMPTY(&vsnd->invalid));
819 
820     while (!QSIMPLEQ_EMPTY(&vsnd->invalid)) {
821         buffer = QSIMPLEQ_FIRST(&vsnd->invalid);
822         /* If buffer->vq != vq, our logic is fundamentally wrong, so bail out */
823         g_assert(buffer->vq == vq);
824 
825         resp.status = cpu_to_le32(VIRTIO_SND_S_BAD_MSG);
826         iov_from_buf(buffer->elem->in_sg,
827                      buffer->elem->in_num,
828                      0,
829                      &resp,
830                      sizeof(virtio_snd_pcm_status));
831         virtqueue_push(vq,
832                        buffer->elem,
833                        sizeof(virtio_snd_pcm_status));
834         QSIMPLEQ_REMOVE_HEAD(&vsnd->invalid, entry);
835         virtio_snd_pcm_buffer_free(buffer);
836     }
837     /* Notify vq about virtio_snd_pcm_status responses. */
838     virtio_notify(vdev, vq);
839 }
840 
841 /*
842  * The tx virtqueue handler. Makes the buffers available to their respective
843  * streams for consumption.
844  *
845  * @vdev: VirtIOSound device
846  * @vq: tx virtqueue
847  */
848 static void virtio_snd_handle_tx_xfer(VirtIODevice *vdev, VirtQueue *vq)
849 {
850     VirtIOSound *vsnd = VIRTIO_SND(vdev);
851     VirtIOSoundPCMBuffer *buffer;
852     VirtQueueElement *elem;
853     size_t msg_sz, size;
854     virtio_snd_pcm_xfer hdr;
855     uint32_t stream_id;
856     /*
857      * If any of the I/O messages are invalid, put them in vsnd->invalid and
858      * return them after the for loop.
859      */
860     bool must_empty_invalid_queue = false;
861 
862     if (!virtio_queue_ready(vq)) {
863         return;
864     }
865     trace_virtio_snd_handle_tx_xfer();
866 
867     for (;;) {
868         VirtIOSoundPCMStream *stream;
869 
870         elem = virtqueue_pop(vq, sizeof(VirtQueueElement));
871         if (!elem) {
872             break;
873         }
874         /* get the message hdr object */
875         msg_sz = iov_to_buf(elem->out_sg,
876                             elem->out_num,
877                             0,
878                             &hdr,
879                             sizeof(virtio_snd_pcm_xfer));
880         if (msg_sz != sizeof(virtio_snd_pcm_xfer)) {
881             goto tx_err;
882         }
883         stream_id = le32_to_cpu(hdr.stream_id);
884 
885         if (stream_id >= vsnd->snd_conf.streams
886             || vsnd->pcm->streams[stream_id] == NULL) {
887             goto tx_err;
888         }
889 
890         stream = vsnd->pcm->streams[stream_id];
891         if (stream->info.direction != VIRTIO_SND_D_OUTPUT) {
892             goto tx_err;
893         }
894 
895         WITH_QEMU_LOCK_GUARD(&stream->queue_mutex) {
896             size = iov_size(elem->out_sg, elem->out_num) - msg_sz;
897 
898             buffer = g_malloc0(sizeof(VirtIOSoundPCMBuffer) + size);
899             buffer->elem = elem;
900             buffer->populated = false;
901             buffer->vq = vq;
902             buffer->size = size;
903             buffer->offset = 0;
904 
905             QSIMPLEQ_INSERT_TAIL(&stream->queue, buffer, entry);
906         }
907         continue;
908 
909 tx_err:
910         must_empty_invalid_queue = true;
911         buffer = g_malloc0(sizeof(VirtIOSoundPCMBuffer));
912         buffer->elem = elem;
913         buffer->vq = vq;
914         QSIMPLEQ_INSERT_TAIL(&vsnd->invalid, buffer, entry);
915     }
916 
917     if (must_empty_invalid_queue) {
918         empty_invalid_queue(vdev, vq);
919     }
920 }
921 
922 /*
923  * The rx virtqueue handler. Makes the buffers available to their respective
924  * streams for consumption.
925  *
926  * @vdev: VirtIOSound device
927  * @vq: rx virtqueue
928  */
929 static void virtio_snd_handle_rx_xfer(VirtIODevice *vdev, VirtQueue *vq)
930 {
931     VirtIOSound *vsnd = VIRTIO_SND(vdev);
932     VirtIOSoundPCMBuffer *buffer;
933     VirtQueueElement *elem;
934     size_t msg_sz, size;
935     virtio_snd_pcm_xfer hdr;
936     uint32_t stream_id;
937     /*
938      * if any of the I/O messages are invalid, put them in vsnd->invalid and
939      * return them after the for loop.
940      */
941     bool must_empty_invalid_queue = false;
942 
943     if (!virtio_queue_ready(vq)) {
944         return;
945     }
946     trace_virtio_snd_handle_rx_xfer();
947 
948     for (;;) {
949         VirtIOSoundPCMStream *stream;
950 
951         elem = virtqueue_pop(vq, sizeof(VirtQueueElement));
952         if (!elem) {
953             break;
954         }
955         /* get the message hdr object */
956         msg_sz = iov_to_buf(elem->out_sg,
957                             elem->out_num,
958                             0,
959                             &hdr,
960                             sizeof(virtio_snd_pcm_xfer));
961         if (msg_sz != sizeof(virtio_snd_pcm_xfer)) {
962             goto rx_err;
963         }
964         stream_id = le32_to_cpu(hdr.stream_id);
965 
966         if (stream_id >= vsnd->snd_conf.streams
967             || !vsnd->pcm->streams[stream_id]) {
968             goto rx_err;
969         }
970 
971         stream = vsnd->pcm->streams[stream_id];
972         if (stream == NULL || stream->info.direction != VIRTIO_SND_D_INPUT) {
973             goto rx_err;
974         }
975         WITH_QEMU_LOCK_GUARD(&stream->queue_mutex) {
976             size = iov_size(elem->in_sg, elem->in_num) -
977                 sizeof(virtio_snd_pcm_status);
978             buffer = g_malloc0(sizeof(VirtIOSoundPCMBuffer) + size);
979             buffer->elem = elem;
980             buffer->vq = vq;
981             buffer->size = 0;
982             buffer->offset = 0;
983             QSIMPLEQ_INSERT_TAIL(&stream->queue, buffer, entry);
984         }
985         continue;
986 
987 rx_err:
988         must_empty_invalid_queue = true;
989         buffer = g_malloc0(sizeof(VirtIOSoundPCMBuffer));
990         buffer->elem = elem;
991         buffer->vq = vq;
992         QSIMPLEQ_INSERT_TAIL(&vsnd->invalid, buffer, entry);
993     }
994 
995     if (must_empty_invalid_queue) {
996         empty_invalid_queue(vdev, vq);
997     }
998 }
999 
1000 static uint64_t get_features(VirtIODevice *vdev, uint64_t features,
1001                              Error **errp)
1002 {
1003     /*
1004      * virtio-v1.2-csd01, 5.14.3,
1005      * Feature Bits
1006      * None currently defined.
1007      */
1008     VirtIOSound *s = VIRTIO_SND(vdev);
1009     features |= s->features;
1010 
1011     trace_virtio_snd_get_features(vdev, features);
1012 
1013     return features;
1014 }
1015 
1016 static void
1017 virtio_snd_vm_state_change(void *opaque, bool running,
1018                                        RunState state)
1019 {
1020     if (running) {
1021         trace_virtio_snd_vm_state_running();
1022     } else {
1023         trace_virtio_snd_vm_state_stopped();
1024     }
1025 }
1026 
1027 static void virtio_snd_realize(DeviceState *dev, Error **errp)
1028 {
1029     ERRP_GUARD();
1030     VirtIOSound *vsnd = VIRTIO_SND(dev);
1031     VirtIODevice *vdev = VIRTIO_DEVICE(dev);
1032     virtio_snd_pcm_set_params default_params = { 0 };
1033     uint32_t status;
1034 
1035     trace_virtio_snd_realize(vsnd);
1036 
1037     /* check number of jacks and streams */
1038     if (vsnd->snd_conf.jacks > 8) {
1039         error_setg(errp,
1040                    "Invalid number of jacks: %"PRIu32,
1041                    vsnd->snd_conf.jacks);
1042         return;
1043     }
1044     if (vsnd->snd_conf.streams < 1 || vsnd->snd_conf.streams > 10) {
1045         error_setg(errp,
1046                    "Invalid number of streams: %"PRIu32,
1047                     vsnd->snd_conf.streams);
1048         return;
1049     }
1050 
1051     if (vsnd->snd_conf.chmaps > VIRTIO_SND_CHMAP_MAX_SIZE) {
1052         error_setg(errp,
1053                    "Invalid number of channel maps: %"PRIu32,
1054                    vsnd->snd_conf.chmaps);
1055         return;
1056     }
1057 
1058     if (!AUD_register_card("virtio-sound", &vsnd->card, errp)) {
1059         return;
1060     }
1061 
1062     vsnd->vmstate =
1063         qemu_add_vm_change_state_handler(virtio_snd_vm_state_change, vsnd);
1064 
1065     vsnd->pcm = g_new0(VirtIOSoundPCM, 1);
1066     vsnd->pcm->snd = vsnd;
1067     vsnd->pcm->streams =
1068         g_new0(VirtIOSoundPCMStream *, vsnd->snd_conf.streams);
1069     vsnd->pcm->pcm_params =
1070         g_new0(virtio_snd_pcm_set_params, vsnd->snd_conf.streams);
1071 
1072     virtio_init(vdev, VIRTIO_ID_SOUND, sizeof(virtio_snd_config));
1073     virtio_add_feature(&vsnd->features, VIRTIO_F_VERSION_1);
1074 
1075     /* set default params for all streams */
1076     default_params.features = 0;
1077     default_params.buffer_bytes = cpu_to_le32(8192);
1078     default_params.period_bytes = cpu_to_le32(2048);
1079     default_params.channels = 2;
1080     default_params.format = VIRTIO_SND_PCM_FMT_S16;
1081     default_params.rate = VIRTIO_SND_PCM_RATE_48000;
1082     vsnd->queues[VIRTIO_SND_VQ_CONTROL] =
1083         virtio_add_queue(vdev, 64, virtio_snd_handle_ctrl);
1084     vsnd->queues[VIRTIO_SND_VQ_EVENT] =
1085         virtio_add_queue(vdev, 64, virtio_snd_handle_event);
1086     vsnd->queues[VIRTIO_SND_VQ_TX] =
1087         virtio_add_queue(vdev, 64, virtio_snd_handle_tx_xfer);
1088     vsnd->queues[VIRTIO_SND_VQ_RX] =
1089         virtio_add_queue(vdev, 64, virtio_snd_handle_rx_xfer);
1090     qemu_mutex_init(&vsnd->cmdq_mutex);
1091     QTAILQ_INIT(&vsnd->cmdq);
1092     QSIMPLEQ_INIT(&vsnd->invalid);
1093 
1094     for (uint32_t i = 0; i < vsnd->snd_conf.streams; i++) {
1095         status = virtio_snd_set_pcm_params(vsnd, i, &default_params);
1096         if (status != cpu_to_le32(VIRTIO_SND_S_OK)) {
1097             error_setg(errp,
1098                        "Can't initialize stream params, device responded with %s.",
1099                        print_code(status));
1100             goto error_cleanup;
1101         }
1102         status = virtio_snd_pcm_prepare(vsnd, i);
1103         if (status != cpu_to_le32(VIRTIO_SND_S_OK)) {
1104             error_setg(errp,
1105                        "Can't prepare streams, device responded with %s.",
1106                        print_code(status));
1107             goto error_cleanup;
1108         }
1109     }
1110 
1111     return;
1112 
1113 error_cleanup:
1114     virtio_snd_unrealize(dev);
1115 }
1116 
1117 static inline void return_tx_buffer(VirtIOSoundPCMStream *stream,
1118                                     VirtIOSoundPCMBuffer *buffer)
1119 {
1120     virtio_snd_pcm_status resp = { 0 };
1121     resp.status = cpu_to_le32(VIRTIO_SND_S_OK);
1122     resp.latency_bytes = cpu_to_le32((uint32_t)buffer->size);
1123     iov_from_buf(buffer->elem->in_sg,
1124                  buffer->elem->in_num,
1125                  0,
1126                  &resp,
1127                  sizeof(virtio_snd_pcm_status));
1128     virtqueue_push(buffer->vq,
1129                    buffer->elem,
1130                    sizeof(virtio_snd_pcm_status));
1131     virtio_notify(VIRTIO_DEVICE(stream->s), buffer->vq);
1132     QSIMPLEQ_REMOVE(&stream->queue,
1133                     buffer,
1134                     VirtIOSoundPCMBuffer,
1135                     entry);
1136     virtio_snd_pcm_buffer_free(buffer);
1137 }
1138 
1139 /*
1140  * AUD_* output callback.
1141  *
1142  * @data: VirtIOSoundPCMStream stream
1143  * @available: number of bytes that can be written with AUD_write()
1144  */
1145 static void virtio_snd_pcm_out_cb(void *data, int available)
1146 {
1147     VirtIOSoundPCMStream *stream = data;
1148     VirtIOSoundPCMBuffer *buffer;
1149     size_t size;
1150 
1151     WITH_QEMU_LOCK_GUARD(&stream->queue_mutex) {
1152         while (!QSIMPLEQ_EMPTY(&stream->queue)) {
1153             buffer = QSIMPLEQ_FIRST(&stream->queue);
1154             if (!virtio_queue_ready(buffer->vq)) {
1155                 return;
1156             }
1157             if (!stream->active) {
1158                 /* Stream has stopped, so do not perform AUD_write. */
1159                 return_tx_buffer(stream, buffer);
1160                 continue;
1161             }
1162             if (!buffer->populated) {
1163                 iov_to_buf(buffer->elem->out_sg,
1164                            buffer->elem->out_num,
1165                            sizeof(virtio_snd_pcm_xfer),
1166                            buffer->data,
1167                            buffer->size);
1168                 buffer->populated = true;
1169             }
1170             for (;;) {
1171                 size = AUD_write(stream->voice.out,
1172                                  buffer->data + buffer->offset,
1173                                  MIN(buffer->size, available));
1174                 assert(size <= MIN(buffer->size, available));
1175                 if (size == 0) {
1176                     /* break out of both loops */
1177                     available = 0;
1178                     break;
1179                 }
1180                 buffer->size -= size;
1181                 buffer->offset += size;
1182                 available -= size;
1183                 if (buffer->size < 1) {
1184                     return_tx_buffer(stream, buffer);
1185                     break;
1186                 }
1187                 if (!available) {
1188                     break;
1189                 }
1190             }
1191             if (!available) {
1192                 break;
1193             }
1194         }
1195     }
1196 }
1197 
1198 /*
1199  * Flush all buffer data from this input stream's queue into the driver's
1200  * virtual queue.
1201  *
1202  * @stream: VirtIOSoundPCMStream *stream
1203  */
1204 static inline void return_rx_buffer(VirtIOSoundPCMStream *stream,
1205                                     VirtIOSoundPCMBuffer *buffer)
1206 {
1207     virtio_snd_pcm_status resp = { 0 };
1208     resp.status = cpu_to_le32(VIRTIO_SND_S_OK);
1209     resp.latency_bytes = 0;
1210     /* Copy data -if any- to guest */
1211     iov_from_buf(buffer->elem->in_sg,
1212                  buffer->elem->in_num,
1213                  0,
1214                  buffer->data,
1215                  buffer->size);
1216     iov_from_buf(buffer->elem->in_sg,
1217                  buffer->elem->in_num,
1218                  buffer->size,
1219                  &resp,
1220                  sizeof(virtio_snd_pcm_status));
1221     virtqueue_push(buffer->vq,
1222                    buffer->elem,
1223                    sizeof(virtio_snd_pcm_status) + buffer->size);
1224     virtio_notify(VIRTIO_DEVICE(stream->s), buffer->vq);
1225     QSIMPLEQ_REMOVE(&stream->queue,
1226                     buffer,
1227                     VirtIOSoundPCMBuffer,
1228                     entry);
1229     virtio_snd_pcm_buffer_free(buffer);
1230 }
1231 
1232 
1233 /*
1234  * AUD_* input callback.
1235  *
1236  * @data: VirtIOSoundPCMStream stream
1237  * @available: number of bytes that can be read with AUD_read()
1238  */
1239 static void virtio_snd_pcm_in_cb(void *data, int available)
1240 {
1241     VirtIOSoundPCMStream *stream = data;
1242     VirtIOSoundPCMBuffer *buffer;
1243     size_t size, max_size;
1244 
1245     WITH_QEMU_LOCK_GUARD(&stream->queue_mutex) {
1246         while (!QSIMPLEQ_EMPTY(&stream->queue)) {
1247             buffer = QSIMPLEQ_FIRST(&stream->queue);
1248             if (!virtio_queue_ready(buffer->vq)) {
1249                 return;
1250             }
1251             if (!stream->active) {
1252                 /* Stream has stopped, so do not perform AUD_read. */
1253                 return_rx_buffer(stream, buffer);
1254                 continue;
1255             }
1256 
1257             max_size = iov_size(buffer->elem->in_sg, buffer->elem->in_num);
1258             for (;;) {
1259                 if (buffer->size >= max_size) {
1260                     return_rx_buffer(stream, buffer);
1261                     break;
1262                 }
1263                 size = AUD_read(stream->voice.in,
1264                         buffer->data + buffer->size,
1265                         MIN(available, (stream->params.period_bytes -
1266                                         buffer->size)));
1267                 if (!size) {
1268                     available = 0;
1269                     break;
1270                 }
1271                 buffer->size += size;
1272                 available -= size;
1273                 if (buffer->size >= stream->params.period_bytes) {
1274                     return_rx_buffer(stream, buffer);
1275                     break;
1276                 }
1277                 if (!available) {
1278                     break;
1279                 }
1280             }
1281             if (!available) {
1282                 break;
1283             }
1284         }
1285     }
1286 }
1287 
1288 /*
1289  * Flush all buffer data from this output stream's queue into the driver's
1290  * virtual queue.
1291  *
1292  * @stream: VirtIOSoundPCMStream *stream
1293  */
1294 static inline void virtio_snd_pcm_flush(VirtIOSoundPCMStream *stream)
1295 {
1296     VirtIOSoundPCMBuffer *buffer;
1297     void (*cb)(VirtIOSoundPCMStream *, VirtIOSoundPCMBuffer *) =
1298         (stream->info.direction == VIRTIO_SND_D_OUTPUT) ? return_tx_buffer :
1299         return_rx_buffer;
1300 
1301     WITH_QEMU_LOCK_GUARD(&stream->queue_mutex) {
1302         while (!QSIMPLEQ_EMPTY(&stream->queue)) {
1303             buffer = QSIMPLEQ_FIRST(&stream->queue);
1304             cb(stream, buffer);
1305         }
1306     }
1307 }
1308 
1309 static void virtio_snd_unrealize(DeviceState *dev)
1310 {
1311     VirtIODevice *vdev = VIRTIO_DEVICE(dev);
1312     VirtIOSound *vsnd = VIRTIO_SND(dev);
1313     VirtIOSoundPCMStream *stream;
1314 
1315     qemu_del_vm_change_state_handler(vsnd->vmstate);
1316     trace_virtio_snd_unrealize(vsnd);
1317 
1318     if (vsnd->pcm) {
1319         if (vsnd->pcm->streams) {
1320             for (uint32_t i = 0; i < vsnd->snd_conf.streams; i++) {
1321                 stream = vsnd->pcm->streams[i];
1322                 if (stream) {
1323                     virtio_snd_process_cmdq(stream->s);
1324                     virtio_snd_pcm_close(stream);
1325                     qemu_mutex_destroy(&stream->queue_mutex);
1326                     g_free(stream);
1327                 }
1328             }
1329             g_free(vsnd->pcm->streams);
1330         }
1331         g_free(vsnd->pcm->pcm_params);
1332         g_free(vsnd->pcm);
1333         vsnd->pcm = NULL;
1334     }
1335     AUD_remove_card(&vsnd->card);
1336     qemu_mutex_destroy(&vsnd->cmdq_mutex);
1337     virtio_delete_queue(vsnd->queues[VIRTIO_SND_VQ_CONTROL]);
1338     virtio_delete_queue(vsnd->queues[VIRTIO_SND_VQ_EVENT]);
1339     virtio_delete_queue(vsnd->queues[VIRTIO_SND_VQ_TX]);
1340     virtio_delete_queue(vsnd->queues[VIRTIO_SND_VQ_RX]);
1341     virtio_cleanup(vdev);
1342 }
1343 
1344 
1345 static void virtio_snd_reset(VirtIODevice *vdev)
1346 {
1347     VirtIOSound *vsnd = VIRTIO_SND(vdev);
1348     virtio_snd_ctrl_command *cmd;
1349 
1350     /*
1351      * Sanity check that the invalid buffer message queue is emptied at the end
1352      * of every virtio_snd_handle_tx_xfer/virtio_snd_handle_rx_xfer call, and
1353      * must be empty otherwise.
1354      */
1355     g_assert(QSIMPLEQ_EMPTY(&vsnd->invalid));
1356 
1357     WITH_QEMU_LOCK_GUARD(&vsnd->cmdq_mutex) {
1358         while (!QTAILQ_EMPTY(&vsnd->cmdq)) {
1359             cmd = QTAILQ_FIRST(&vsnd->cmdq);
1360             QTAILQ_REMOVE(&vsnd->cmdq, cmd, next);
1361             virtio_snd_ctrl_cmd_free(cmd);
1362         }
1363     }
1364 }
1365 
1366 static void virtio_snd_class_init(ObjectClass *klass, void *data)
1367 {
1368     DeviceClass *dc = DEVICE_CLASS(klass);
1369     VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
1370 
1371 
1372     set_bit(DEVICE_CATEGORY_SOUND, dc->categories);
1373     device_class_set_props(dc, virtio_snd_properties);
1374 
1375     dc->vmsd = &vmstate_virtio_snd;
1376     vdc->vmsd = &vmstate_virtio_snd_device;
1377     vdc->realize = virtio_snd_realize;
1378     vdc->unrealize = virtio_snd_unrealize;
1379     vdc->get_config = virtio_snd_get_config;
1380     vdc->get_features = get_features;
1381     vdc->reset = virtio_snd_reset;
1382     vdc->legacy_features = 0;
1383 }
1384 
1385 static const TypeInfo virtio_snd_types[] = {
1386     {
1387       .name          = TYPE_VIRTIO_SND,
1388       .parent        = TYPE_VIRTIO_DEVICE,
1389       .instance_size = sizeof(VirtIOSound),
1390       .class_init    = virtio_snd_class_init,
1391     }
1392 };
1393 
1394 DEFINE_TYPES(virtio_snd_types)
1395