xref: /openbmc/qemu/hw/net/virtio-net.c (revision ddbb0d09)
1 /*
2  * Virtio Network Device
3  *
4  * Copyright IBM, Corp. 2007
5  *
6  * Authors:
7  *  Anthony Liguori   <aliguori@us.ibm.com>
8  *
9  * This work is licensed under the terms of the GNU GPL, version 2.  See
10  * the COPYING file in the top-level directory.
11  *
12  */
13 
14 #include "qemu/iov.h"
15 #include "hw/virtio/virtio.h"
16 #include "net/net.h"
17 #include "net/checksum.h"
18 #include "net/tap.h"
19 #include "qemu/error-report.h"
20 #include "qemu/timer.h"
21 #include "hw/virtio/virtio-net.h"
22 #include "net/vhost_net.h"
23 #include "hw/virtio/virtio-bus.h"
24 #include "qapi/qmp/qjson.h"
25 #include "qapi-event.h"
26 #include "hw/virtio/virtio-access.h"
27 
28 #define VIRTIO_NET_VM_VERSION    11
29 
30 #define MAC_TABLE_ENTRIES    64
31 #define MAX_VLAN    (1 << 12)   /* Per 802.1Q definition */
32 
33 /*
34  * Calculate the number of bytes up to and including the given 'field' of
35  * 'container'.
36  */
37 #define endof(container, field) \
38     (offsetof(container, field) + sizeof(((container *)0)->field))
39 
40 typedef struct VirtIOFeature {
41     uint32_t flags;
42     size_t end;
43 } VirtIOFeature;
44 
45 static VirtIOFeature feature_sizes[] = {
46     {.flags = 1 << VIRTIO_NET_F_MAC,
47      .end = endof(struct virtio_net_config, mac)},
48     {.flags = 1 << VIRTIO_NET_F_STATUS,
49      .end = endof(struct virtio_net_config, status)},
50     {.flags = 1 << VIRTIO_NET_F_MQ,
51      .end = endof(struct virtio_net_config, max_virtqueue_pairs)},
52     {}
53 };
54 
55 static VirtIONetQueue *virtio_net_get_subqueue(NetClientState *nc)
56 {
57     VirtIONet *n = qemu_get_nic_opaque(nc);
58 
59     return &n->vqs[nc->queue_index];
60 }
61 
62 static int vq2q(int queue_index)
63 {
64     return queue_index / 2;
65 }
66 
67 /* TODO
68  * - we could suppress RX interrupt if we were so inclined.
69  */
70 
71 static void virtio_net_get_config(VirtIODevice *vdev, uint8_t *config)
72 {
73     VirtIONet *n = VIRTIO_NET(vdev);
74     struct virtio_net_config netcfg;
75 
76     virtio_stw_p(vdev, &netcfg.status, n->status);
77     virtio_stw_p(vdev, &netcfg.max_virtqueue_pairs, n->max_queues);
78     memcpy(netcfg.mac, n->mac, ETH_ALEN);
79     memcpy(config, &netcfg, n->config_size);
80 }
81 
82 static void virtio_net_set_config(VirtIODevice *vdev, const uint8_t *config)
83 {
84     VirtIONet *n = VIRTIO_NET(vdev);
85     struct virtio_net_config netcfg = {};
86 
87     memcpy(&netcfg, config, n->config_size);
88 
89     if (!virtio_has_feature(vdev, VIRTIO_NET_F_CTRL_MAC_ADDR) &&
90         !virtio_has_feature(vdev, VIRTIO_F_VERSION_1) &&
91         memcmp(netcfg.mac, n->mac, ETH_ALEN)) {
92         memcpy(n->mac, netcfg.mac, ETH_ALEN);
93         qemu_format_nic_info_str(qemu_get_queue(n->nic), n->mac);
94     }
95 }
96 
97 static bool virtio_net_started(VirtIONet *n, uint8_t status)
98 {
99     VirtIODevice *vdev = VIRTIO_DEVICE(n);
100     return (status & VIRTIO_CONFIG_S_DRIVER_OK) &&
101         (n->status & VIRTIO_NET_S_LINK_UP) && vdev->vm_running;
102 }
103 
104 static void virtio_net_announce_timer(void *opaque)
105 {
106     VirtIONet *n = opaque;
107     VirtIODevice *vdev = VIRTIO_DEVICE(n);
108 
109     n->announce_counter--;
110     n->status |= VIRTIO_NET_S_ANNOUNCE;
111     virtio_notify_config(vdev);
112 }
113 
114 static void virtio_net_vhost_status(VirtIONet *n, uint8_t status)
115 {
116     VirtIODevice *vdev = VIRTIO_DEVICE(n);
117     NetClientState *nc = qemu_get_queue(n->nic);
118     int queues = n->multiqueue ? n->max_queues : 1;
119 
120     if (!get_vhost_net(nc->peer)) {
121         return;
122     }
123 
124     if ((virtio_net_started(n, status) && !nc->peer->link_down) ==
125         !!n->vhost_started) {
126         return;
127     }
128     if (!n->vhost_started) {
129         int r, i;
130 
131         /* Any packets outstanding? Purge them to avoid touching rings
132          * when vhost is running.
133          */
134         for (i = 0;  i < queues; i++) {
135             NetClientState *qnc = qemu_get_subqueue(n->nic, i);
136 
137             /* Purge both directions: TX and RX. */
138             qemu_net_queue_purge(qnc->peer->incoming_queue, qnc);
139             qemu_net_queue_purge(qnc->incoming_queue, qnc->peer);
140         }
141 
142         n->vhost_started = 1;
143         r = vhost_net_start(vdev, n->nic->ncs, queues);
144         if (r < 0) {
145             error_report("unable to start vhost net: %d: "
146                          "falling back on userspace virtio", -r);
147             n->vhost_started = 0;
148         }
149     } else {
150         vhost_net_stop(vdev, n->nic->ncs, queues);
151         n->vhost_started = 0;
152     }
153 }
154 
155 static void virtio_net_set_status(struct VirtIODevice *vdev, uint8_t status)
156 {
157     VirtIONet *n = VIRTIO_NET(vdev);
158     VirtIONetQueue *q;
159     int i;
160     uint8_t queue_status;
161 
162     virtio_net_vhost_status(n, status);
163 
164     for (i = 0; i < n->max_queues; i++) {
165         q = &n->vqs[i];
166 
167         if ((!n->multiqueue && i != 0) || i >= n->curr_queues) {
168             queue_status = 0;
169         } else {
170             queue_status = status;
171         }
172 
173         if (!q->tx_waiting) {
174             continue;
175         }
176 
177         if (virtio_net_started(n, queue_status) && !n->vhost_started) {
178             if (q->tx_timer) {
179                 timer_mod(q->tx_timer,
180                                qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + n->tx_timeout);
181             } else {
182                 qemu_bh_schedule(q->tx_bh);
183             }
184         } else {
185             if (q->tx_timer) {
186                 timer_del(q->tx_timer);
187             } else {
188                 qemu_bh_cancel(q->tx_bh);
189             }
190         }
191     }
192 }
193 
194 static void virtio_net_set_link_status(NetClientState *nc)
195 {
196     VirtIONet *n = qemu_get_nic_opaque(nc);
197     VirtIODevice *vdev = VIRTIO_DEVICE(n);
198     uint16_t old_status = n->status;
199 
200     if (nc->link_down)
201         n->status &= ~VIRTIO_NET_S_LINK_UP;
202     else
203         n->status |= VIRTIO_NET_S_LINK_UP;
204 
205     if (n->status != old_status)
206         virtio_notify_config(vdev);
207 
208     virtio_net_set_status(vdev, vdev->status);
209 }
210 
211 static void rxfilter_notify(NetClientState *nc)
212 {
213     VirtIONet *n = qemu_get_nic_opaque(nc);
214 
215     if (nc->rxfilter_notify_enabled) {
216         gchar *path = object_get_canonical_path(OBJECT(n->qdev));
217         qapi_event_send_nic_rx_filter_changed(!!n->netclient_name,
218                                               n->netclient_name, path, &error_abort);
219         g_free(path);
220 
221         /* disable event notification to avoid events flooding */
222         nc->rxfilter_notify_enabled = 0;
223     }
224 }
225 
226 static intList *get_vlan_table(VirtIONet *n)
227 {
228     intList *list, *entry;
229     int i, j;
230 
231     list = NULL;
232     for (i = 0; i < MAX_VLAN >> 5; i++) {
233         for (j = 0; n->vlans[i] && j <= 0x1f; j++) {
234             if (n->vlans[i] & (1U << j)) {
235                 entry = g_malloc0(sizeof(*entry));
236                 entry->value = (i << 5) + j;
237                 entry->next = list;
238                 list = entry;
239             }
240         }
241     }
242 
243     return list;
244 }
245 
246 static RxFilterInfo *virtio_net_query_rxfilter(NetClientState *nc)
247 {
248     VirtIONet *n = qemu_get_nic_opaque(nc);
249     VirtIODevice *vdev = VIRTIO_DEVICE(n);
250     RxFilterInfo *info;
251     strList *str_list, *entry;
252     int i;
253 
254     info = g_malloc0(sizeof(*info));
255     info->name = g_strdup(nc->name);
256     info->promiscuous = n->promisc;
257 
258     if (n->nouni) {
259         info->unicast = RX_STATE_NONE;
260     } else if (n->alluni) {
261         info->unicast = RX_STATE_ALL;
262     } else {
263         info->unicast = RX_STATE_NORMAL;
264     }
265 
266     if (n->nomulti) {
267         info->multicast = RX_STATE_NONE;
268     } else if (n->allmulti) {
269         info->multicast = RX_STATE_ALL;
270     } else {
271         info->multicast = RX_STATE_NORMAL;
272     }
273 
274     info->broadcast_allowed = n->nobcast;
275     info->multicast_overflow = n->mac_table.multi_overflow;
276     info->unicast_overflow = n->mac_table.uni_overflow;
277 
278     info->main_mac = qemu_mac_strdup_printf(n->mac);
279 
280     str_list = NULL;
281     for (i = 0; i < n->mac_table.first_multi; i++) {
282         entry = g_malloc0(sizeof(*entry));
283         entry->value = qemu_mac_strdup_printf(n->mac_table.macs + i * ETH_ALEN);
284         entry->next = str_list;
285         str_list = entry;
286     }
287     info->unicast_table = str_list;
288 
289     str_list = NULL;
290     for (i = n->mac_table.first_multi; i < n->mac_table.in_use; i++) {
291         entry = g_malloc0(sizeof(*entry));
292         entry->value = qemu_mac_strdup_printf(n->mac_table.macs + i * ETH_ALEN);
293         entry->next = str_list;
294         str_list = entry;
295     }
296     info->multicast_table = str_list;
297     info->vlan_table = get_vlan_table(n);
298 
299     if (!virtio_has_feature(vdev, VIRTIO_NET_F_CTRL_VLAN)) {
300         info->vlan = RX_STATE_ALL;
301     } else if (!info->vlan_table) {
302         info->vlan = RX_STATE_NONE;
303     } else {
304         info->vlan = RX_STATE_NORMAL;
305     }
306 
307     /* enable event notification after query */
308     nc->rxfilter_notify_enabled = 1;
309 
310     return info;
311 }
312 
313 static void virtio_net_reset(VirtIODevice *vdev)
314 {
315     VirtIONet *n = VIRTIO_NET(vdev);
316 
317     /* Reset back to compatibility mode */
318     n->promisc = 1;
319     n->allmulti = 0;
320     n->alluni = 0;
321     n->nomulti = 0;
322     n->nouni = 0;
323     n->nobcast = 0;
324     /* multiqueue is disabled by default */
325     n->curr_queues = 1;
326     timer_del(n->announce_timer);
327     n->announce_counter = 0;
328     n->status &= ~VIRTIO_NET_S_ANNOUNCE;
329 
330     /* Flush any MAC and VLAN filter table state */
331     n->mac_table.in_use = 0;
332     n->mac_table.first_multi = 0;
333     n->mac_table.multi_overflow = 0;
334     n->mac_table.uni_overflow = 0;
335     memset(n->mac_table.macs, 0, MAC_TABLE_ENTRIES * ETH_ALEN);
336     memcpy(&n->mac[0], &n->nic->conf->macaddr, sizeof(n->mac));
337     qemu_format_nic_info_str(qemu_get_queue(n->nic), n->mac);
338     memset(n->vlans, 0, MAX_VLAN >> 3);
339 }
340 
341 static void peer_test_vnet_hdr(VirtIONet *n)
342 {
343     NetClientState *nc = qemu_get_queue(n->nic);
344     if (!nc->peer) {
345         return;
346     }
347 
348     n->has_vnet_hdr = qemu_has_vnet_hdr(nc->peer);
349 }
350 
351 static int peer_has_vnet_hdr(VirtIONet *n)
352 {
353     return n->has_vnet_hdr;
354 }
355 
356 static int peer_has_ufo(VirtIONet *n)
357 {
358     if (!peer_has_vnet_hdr(n))
359         return 0;
360 
361     n->has_ufo = qemu_has_ufo(qemu_get_queue(n->nic)->peer);
362 
363     return n->has_ufo;
364 }
365 
366 static void virtio_net_set_mrg_rx_bufs(VirtIONet *n, int mergeable_rx_bufs,
367                                        int version_1)
368 {
369     int i;
370     NetClientState *nc;
371 
372     n->mergeable_rx_bufs = mergeable_rx_bufs;
373 
374     if (version_1) {
375         n->guest_hdr_len = sizeof(struct virtio_net_hdr_mrg_rxbuf);
376     } else {
377         n->guest_hdr_len = n->mergeable_rx_bufs ?
378             sizeof(struct virtio_net_hdr_mrg_rxbuf) :
379             sizeof(struct virtio_net_hdr);
380     }
381 
382     for (i = 0; i < n->max_queues; i++) {
383         nc = qemu_get_subqueue(n->nic, i);
384 
385         if (peer_has_vnet_hdr(n) &&
386             qemu_has_vnet_hdr_len(nc->peer, n->guest_hdr_len)) {
387             qemu_set_vnet_hdr_len(nc->peer, n->guest_hdr_len);
388             n->host_hdr_len = n->guest_hdr_len;
389         }
390     }
391 }
392 
393 static int peer_attach(VirtIONet *n, int index)
394 {
395     NetClientState *nc = qemu_get_subqueue(n->nic, index);
396 
397     if (!nc->peer) {
398         return 0;
399     }
400 
401     if (nc->peer->info->type != NET_CLIENT_OPTIONS_KIND_TAP) {
402         return 0;
403     }
404 
405     return tap_enable(nc->peer);
406 }
407 
408 static int peer_detach(VirtIONet *n, int index)
409 {
410     NetClientState *nc = qemu_get_subqueue(n->nic, index);
411 
412     if (!nc->peer) {
413         return 0;
414     }
415 
416     if (nc->peer->info->type !=  NET_CLIENT_OPTIONS_KIND_TAP) {
417         return 0;
418     }
419 
420     return tap_disable(nc->peer);
421 }
422 
423 static void virtio_net_set_queues(VirtIONet *n)
424 {
425     int i;
426     int r;
427 
428     for (i = 0; i < n->max_queues; i++) {
429         if (i < n->curr_queues) {
430             r = peer_attach(n, i);
431             assert(!r);
432         } else {
433             r = peer_detach(n, i);
434             assert(!r);
435         }
436     }
437 }
438 
439 static void virtio_net_set_multiqueue(VirtIONet *n, int multiqueue);
440 
441 static uint64_t virtio_net_get_features(VirtIODevice *vdev, uint64_t features)
442 {
443     VirtIONet *n = VIRTIO_NET(vdev);
444     NetClientState *nc = qemu_get_queue(n->nic);
445 
446     /* Firstly sync all virtio-net possible supported features */
447     features |= n->host_features;
448 
449     virtio_add_feature(&features, VIRTIO_NET_F_MAC);
450 
451     if (!peer_has_vnet_hdr(n)) {
452         virtio_clear_feature(&features, VIRTIO_NET_F_CSUM);
453         virtio_clear_feature(&features, VIRTIO_NET_F_HOST_TSO4);
454         virtio_clear_feature(&features, VIRTIO_NET_F_HOST_TSO6);
455         virtio_clear_feature(&features, VIRTIO_NET_F_HOST_ECN);
456 
457         virtio_clear_feature(&features, VIRTIO_NET_F_GUEST_CSUM);
458         virtio_clear_feature(&features, VIRTIO_NET_F_GUEST_TSO4);
459         virtio_clear_feature(&features, VIRTIO_NET_F_GUEST_TSO6);
460         virtio_clear_feature(&features, VIRTIO_NET_F_GUEST_ECN);
461     }
462 
463     if (!peer_has_vnet_hdr(n) || !peer_has_ufo(n)) {
464         virtio_clear_feature(&features, VIRTIO_NET_F_GUEST_UFO);
465         virtio_clear_feature(&features, VIRTIO_NET_F_HOST_UFO);
466     }
467 
468     if (!get_vhost_net(nc->peer)) {
469         virtio_add_feature(&features, VIRTIO_F_VERSION_1);
470         return features;
471     }
472     return vhost_net_get_features(get_vhost_net(nc->peer), features);
473 }
474 
475 static uint64_t virtio_net_bad_features(VirtIODevice *vdev)
476 {
477     uint64_t features = 0;
478 
479     /* Linux kernel 2.6.25.  It understood MAC (as everyone must),
480      * but also these: */
481     virtio_add_feature(&features, VIRTIO_NET_F_MAC);
482     virtio_add_feature(&features, VIRTIO_NET_F_CSUM);
483     virtio_add_feature(&features, VIRTIO_NET_F_HOST_TSO4);
484     virtio_add_feature(&features, VIRTIO_NET_F_HOST_TSO6);
485     virtio_add_feature(&features, VIRTIO_NET_F_HOST_ECN);
486 
487     return features;
488 }
489 
490 static void virtio_net_apply_guest_offloads(VirtIONet *n)
491 {
492     qemu_set_offload(qemu_get_queue(n->nic)->peer,
493             !!(n->curr_guest_offloads & (1ULL << VIRTIO_NET_F_GUEST_CSUM)),
494             !!(n->curr_guest_offloads & (1ULL << VIRTIO_NET_F_GUEST_TSO4)),
495             !!(n->curr_guest_offloads & (1ULL << VIRTIO_NET_F_GUEST_TSO6)),
496             !!(n->curr_guest_offloads & (1ULL << VIRTIO_NET_F_GUEST_ECN)),
497             !!(n->curr_guest_offloads & (1ULL << VIRTIO_NET_F_GUEST_UFO)));
498 }
499 
500 static uint64_t virtio_net_guest_offloads_by_features(uint32_t features)
501 {
502     static const uint64_t guest_offloads_mask =
503         (1ULL << VIRTIO_NET_F_GUEST_CSUM) |
504         (1ULL << VIRTIO_NET_F_GUEST_TSO4) |
505         (1ULL << VIRTIO_NET_F_GUEST_TSO6) |
506         (1ULL << VIRTIO_NET_F_GUEST_ECN)  |
507         (1ULL << VIRTIO_NET_F_GUEST_UFO);
508 
509     return guest_offloads_mask & features;
510 }
511 
512 static inline uint64_t virtio_net_supported_guest_offloads(VirtIONet *n)
513 {
514     VirtIODevice *vdev = VIRTIO_DEVICE(n);
515     return virtio_net_guest_offloads_by_features(vdev->guest_features);
516 }
517 
518 static void virtio_net_set_features(VirtIODevice *vdev, uint64_t features)
519 {
520     VirtIONet *n = VIRTIO_NET(vdev);
521     int i;
522 
523     virtio_net_set_multiqueue(n,
524                               __virtio_has_feature(features, VIRTIO_NET_F_MQ));
525 
526     virtio_net_set_mrg_rx_bufs(n,
527                                __virtio_has_feature(features,
528                                                     VIRTIO_NET_F_MRG_RXBUF),
529                                __virtio_has_feature(features,
530                                                     VIRTIO_F_VERSION_1));
531 
532     if (n->has_vnet_hdr) {
533         n->curr_guest_offloads =
534             virtio_net_guest_offloads_by_features(features);
535         virtio_net_apply_guest_offloads(n);
536     }
537 
538     for (i = 0;  i < n->max_queues; i++) {
539         NetClientState *nc = qemu_get_subqueue(n->nic, i);
540 
541         if (!get_vhost_net(nc->peer)) {
542             continue;
543         }
544         vhost_net_ack_features(get_vhost_net(nc->peer), features);
545     }
546 
547     if (__virtio_has_feature(features, VIRTIO_NET_F_CTRL_VLAN)) {
548         memset(n->vlans, 0, MAX_VLAN >> 3);
549     } else {
550         memset(n->vlans, 0xff, MAX_VLAN >> 3);
551     }
552 }
553 
554 static int virtio_net_handle_rx_mode(VirtIONet *n, uint8_t cmd,
555                                      struct iovec *iov, unsigned int iov_cnt)
556 {
557     uint8_t on;
558     size_t s;
559     NetClientState *nc = qemu_get_queue(n->nic);
560 
561     s = iov_to_buf(iov, iov_cnt, 0, &on, sizeof(on));
562     if (s != sizeof(on)) {
563         return VIRTIO_NET_ERR;
564     }
565 
566     if (cmd == VIRTIO_NET_CTRL_RX_PROMISC) {
567         n->promisc = on;
568     } else if (cmd == VIRTIO_NET_CTRL_RX_ALLMULTI) {
569         n->allmulti = on;
570     } else if (cmd == VIRTIO_NET_CTRL_RX_ALLUNI) {
571         n->alluni = on;
572     } else if (cmd == VIRTIO_NET_CTRL_RX_NOMULTI) {
573         n->nomulti = on;
574     } else if (cmd == VIRTIO_NET_CTRL_RX_NOUNI) {
575         n->nouni = on;
576     } else if (cmd == VIRTIO_NET_CTRL_RX_NOBCAST) {
577         n->nobcast = on;
578     } else {
579         return VIRTIO_NET_ERR;
580     }
581 
582     rxfilter_notify(nc);
583 
584     return VIRTIO_NET_OK;
585 }
586 
587 static int virtio_net_handle_offloads(VirtIONet *n, uint8_t cmd,
588                                      struct iovec *iov, unsigned int iov_cnt)
589 {
590     VirtIODevice *vdev = VIRTIO_DEVICE(n);
591     uint64_t offloads;
592     size_t s;
593 
594     if (!virtio_has_feature(vdev, VIRTIO_NET_F_CTRL_GUEST_OFFLOADS)) {
595         return VIRTIO_NET_ERR;
596     }
597 
598     s = iov_to_buf(iov, iov_cnt, 0, &offloads, sizeof(offloads));
599     if (s != sizeof(offloads)) {
600         return VIRTIO_NET_ERR;
601     }
602 
603     if (cmd == VIRTIO_NET_CTRL_GUEST_OFFLOADS_SET) {
604         uint64_t supported_offloads;
605 
606         if (!n->has_vnet_hdr) {
607             return VIRTIO_NET_ERR;
608         }
609 
610         supported_offloads = virtio_net_supported_guest_offloads(n);
611         if (offloads & ~supported_offloads) {
612             return VIRTIO_NET_ERR;
613         }
614 
615         n->curr_guest_offloads = offloads;
616         virtio_net_apply_guest_offloads(n);
617 
618         return VIRTIO_NET_OK;
619     } else {
620         return VIRTIO_NET_ERR;
621     }
622 }
623 
624 static int virtio_net_handle_mac(VirtIONet *n, uint8_t cmd,
625                                  struct iovec *iov, unsigned int iov_cnt)
626 {
627     VirtIODevice *vdev = VIRTIO_DEVICE(n);
628     struct virtio_net_ctrl_mac mac_data;
629     size_t s;
630     NetClientState *nc = qemu_get_queue(n->nic);
631 
632     if (cmd == VIRTIO_NET_CTRL_MAC_ADDR_SET) {
633         if (iov_size(iov, iov_cnt) != sizeof(n->mac)) {
634             return VIRTIO_NET_ERR;
635         }
636         s = iov_to_buf(iov, iov_cnt, 0, &n->mac, sizeof(n->mac));
637         assert(s == sizeof(n->mac));
638         qemu_format_nic_info_str(qemu_get_queue(n->nic), n->mac);
639         rxfilter_notify(nc);
640 
641         return VIRTIO_NET_OK;
642     }
643 
644     if (cmd != VIRTIO_NET_CTRL_MAC_TABLE_SET) {
645         return VIRTIO_NET_ERR;
646     }
647 
648     int in_use = 0;
649     int first_multi = 0;
650     uint8_t uni_overflow = 0;
651     uint8_t multi_overflow = 0;
652     uint8_t *macs = g_malloc0(MAC_TABLE_ENTRIES * ETH_ALEN);
653 
654     s = iov_to_buf(iov, iov_cnt, 0, &mac_data.entries,
655                    sizeof(mac_data.entries));
656     mac_data.entries = virtio_ldl_p(vdev, &mac_data.entries);
657     if (s != sizeof(mac_data.entries)) {
658         goto error;
659     }
660     iov_discard_front(&iov, &iov_cnt, s);
661 
662     if (mac_data.entries * ETH_ALEN > iov_size(iov, iov_cnt)) {
663         goto error;
664     }
665 
666     if (mac_data.entries <= MAC_TABLE_ENTRIES) {
667         s = iov_to_buf(iov, iov_cnt, 0, macs,
668                        mac_data.entries * ETH_ALEN);
669         if (s != mac_data.entries * ETH_ALEN) {
670             goto error;
671         }
672         in_use += mac_data.entries;
673     } else {
674         uni_overflow = 1;
675     }
676 
677     iov_discard_front(&iov, &iov_cnt, mac_data.entries * ETH_ALEN);
678 
679     first_multi = in_use;
680 
681     s = iov_to_buf(iov, iov_cnt, 0, &mac_data.entries,
682                    sizeof(mac_data.entries));
683     mac_data.entries = virtio_ldl_p(vdev, &mac_data.entries);
684     if (s != sizeof(mac_data.entries)) {
685         goto error;
686     }
687 
688     iov_discard_front(&iov, &iov_cnt, s);
689 
690     if (mac_data.entries * ETH_ALEN != iov_size(iov, iov_cnt)) {
691         goto error;
692     }
693 
694     if (mac_data.entries <= MAC_TABLE_ENTRIES - in_use) {
695         s = iov_to_buf(iov, iov_cnt, 0, &macs[in_use * ETH_ALEN],
696                        mac_data.entries * ETH_ALEN);
697         if (s != mac_data.entries * ETH_ALEN) {
698             goto error;
699         }
700         in_use += mac_data.entries;
701     } else {
702         multi_overflow = 1;
703     }
704 
705     n->mac_table.in_use = in_use;
706     n->mac_table.first_multi = first_multi;
707     n->mac_table.uni_overflow = uni_overflow;
708     n->mac_table.multi_overflow = multi_overflow;
709     memcpy(n->mac_table.macs, macs, MAC_TABLE_ENTRIES * ETH_ALEN);
710     g_free(macs);
711     rxfilter_notify(nc);
712 
713     return VIRTIO_NET_OK;
714 
715 error:
716     g_free(macs);
717     return VIRTIO_NET_ERR;
718 }
719 
720 static int virtio_net_handle_vlan_table(VirtIONet *n, uint8_t cmd,
721                                         struct iovec *iov, unsigned int iov_cnt)
722 {
723     VirtIODevice *vdev = VIRTIO_DEVICE(n);
724     uint16_t vid;
725     size_t s;
726     NetClientState *nc = qemu_get_queue(n->nic);
727 
728     s = iov_to_buf(iov, iov_cnt, 0, &vid, sizeof(vid));
729     vid = virtio_lduw_p(vdev, &vid);
730     if (s != sizeof(vid)) {
731         return VIRTIO_NET_ERR;
732     }
733 
734     if (vid >= MAX_VLAN)
735         return VIRTIO_NET_ERR;
736 
737     if (cmd == VIRTIO_NET_CTRL_VLAN_ADD)
738         n->vlans[vid >> 5] |= (1U << (vid & 0x1f));
739     else if (cmd == VIRTIO_NET_CTRL_VLAN_DEL)
740         n->vlans[vid >> 5] &= ~(1U << (vid & 0x1f));
741     else
742         return VIRTIO_NET_ERR;
743 
744     rxfilter_notify(nc);
745 
746     return VIRTIO_NET_OK;
747 }
748 
749 static int virtio_net_handle_announce(VirtIONet *n, uint8_t cmd,
750                                       struct iovec *iov, unsigned int iov_cnt)
751 {
752     if (cmd == VIRTIO_NET_CTRL_ANNOUNCE_ACK &&
753         n->status & VIRTIO_NET_S_ANNOUNCE) {
754         n->status &= ~VIRTIO_NET_S_ANNOUNCE;
755         if (n->announce_counter) {
756             timer_mod(n->announce_timer,
757                       qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) +
758                       self_announce_delay(n->announce_counter));
759         }
760         return VIRTIO_NET_OK;
761     } else {
762         return VIRTIO_NET_ERR;
763     }
764 }
765 
766 static int virtio_net_handle_mq(VirtIONet *n, uint8_t cmd,
767                                 struct iovec *iov, unsigned int iov_cnt)
768 {
769     VirtIODevice *vdev = VIRTIO_DEVICE(n);
770     struct virtio_net_ctrl_mq mq;
771     size_t s;
772     uint16_t queues;
773 
774     s = iov_to_buf(iov, iov_cnt, 0, &mq, sizeof(mq));
775     if (s != sizeof(mq)) {
776         return VIRTIO_NET_ERR;
777     }
778 
779     if (cmd != VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET) {
780         return VIRTIO_NET_ERR;
781     }
782 
783     queues = virtio_lduw_p(vdev, &mq.virtqueue_pairs);
784 
785     if (queues < VIRTIO_NET_CTRL_MQ_VQ_PAIRS_MIN ||
786         queues > VIRTIO_NET_CTRL_MQ_VQ_PAIRS_MAX ||
787         queues > n->max_queues ||
788         !n->multiqueue) {
789         return VIRTIO_NET_ERR;
790     }
791 
792     n->curr_queues = queues;
793     /* stop the backend before changing the number of queues to avoid handling a
794      * disabled queue */
795     virtio_net_set_status(vdev, vdev->status);
796     virtio_net_set_queues(n);
797 
798     return VIRTIO_NET_OK;
799 }
800 static void virtio_net_handle_ctrl(VirtIODevice *vdev, VirtQueue *vq)
801 {
802     VirtIONet *n = VIRTIO_NET(vdev);
803     struct virtio_net_ctrl_hdr ctrl;
804     virtio_net_ctrl_ack status = VIRTIO_NET_ERR;
805     VirtQueueElement elem;
806     size_t s;
807     struct iovec *iov, *iov2;
808     unsigned int iov_cnt;
809 
810     while (virtqueue_pop(vq, &elem)) {
811         if (iov_size(elem.in_sg, elem.in_num) < sizeof(status) ||
812             iov_size(elem.out_sg, elem.out_num) < sizeof(ctrl)) {
813             error_report("virtio-net ctrl missing headers");
814             exit(1);
815         }
816 
817         iov_cnt = elem.out_num;
818         iov2 = iov = g_memdup(elem.out_sg, sizeof(struct iovec) * elem.out_num);
819         s = iov_to_buf(iov, iov_cnt, 0, &ctrl, sizeof(ctrl));
820         iov_discard_front(&iov, &iov_cnt, sizeof(ctrl));
821         if (s != sizeof(ctrl)) {
822             status = VIRTIO_NET_ERR;
823         } else if (ctrl.class == VIRTIO_NET_CTRL_RX) {
824             status = virtio_net_handle_rx_mode(n, ctrl.cmd, iov, iov_cnt);
825         } else if (ctrl.class == VIRTIO_NET_CTRL_MAC) {
826             status = virtio_net_handle_mac(n, ctrl.cmd, iov, iov_cnt);
827         } else if (ctrl.class == VIRTIO_NET_CTRL_VLAN) {
828             status = virtio_net_handle_vlan_table(n, ctrl.cmd, iov, iov_cnt);
829         } else if (ctrl.class == VIRTIO_NET_CTRL_ANNOUNCE) {
830             status = virtio_net_handle_announce(n, ctrl.cmd, iov, iov_cnt);
831         } else if (ctrl.class == VIRTIO_NET_CTRL_MQ) {
832             status = virtio_net_handle_mq(n, ctrl.cmd, iov, iov_cnt);
833         } else if (ctrl.class == VIRTIO_NET_CTRL_GUEST_OFFLOADS) {
834             status = virtio_net_handle_offloads(n, ctrl.cmd, iov, iov_cnt);
835         }
836 
837         s = iov_from_buf(elem.in_sg, elem.in_num, 0, &status, sizeof(status));
838         assert(s == sizeof(status));
839 
840         virtqueue_push(vq, &elem, sizeof(status));
841         virtio_notify(vdev, vq);
842         g_free(iov2);
843     }
844 }
845 
846 /* RX */
847 
848 static void virtio_net_handle_rx(VirtIODevice *vdev, VirtQueue *vq)
849 {
850     VirtIONet *n = VIRTIO_NET(vdev);
851     int queue_index = vq2q(virtio_get_queue_index(vq));
852 
853     qemu_flush_queued_packets(qemu_get_subqueue(n->nic, queue_index));
854 }
855 
856 static int virtio_net_can_receive(NetClientState *nc)
857 {
858     VirtIONet *n = qemu_get_nic_opaque(nc);
859     VirtIODevice *vdev = VIRTIO_DEVICE(n);
860     VirtIONetQueue *q = virtio_net_get_subqueue(nc);
861 
862     if (!vdev->vm_running) {
863         return 0;
864     }
865 
866     if (nc->queue_index >= n->curr_queues) {
867         return 0;
868     }
869 
870     if (!virtio_queue_ready(q->rx_vq) ||
871         !(vdev->status & VIRTIO_CONFIG_S_DRIVER_OK)) {
872         return 0;
873     }
874 
875     return 1;
876 }
877 
878 static int virtio_net_has_buffers(VirtIONetQueue *q, int bufsize)
879 {
880     VirtIONet *n = q->n;
881     if (virtio_queue_empty(q->rx_vq) ||
882         (n->mergeable_rx_bufs &&
883          !virtqueue_avail_bytes(q->rx_vq, bufsize, 0))) {
884         virtio_queue_set_notification(q->rx_vq, 1);
885 
886         /* To avoid a race condition where the guest has made some buffers
887          * available after the above check but before notification was
888          * enabled, check for available buffers again.
889          */
890         if (virtio_queue_empty(q->rx_vq) ||
891             (n->mergeable_rx_bufs &&
892              !virtqueue_avail_bytes(q->rx_vq, bufsize, 0))) {
893             return 0;
894         }
895     }
896 
897     virtio_queue_set_notification(q->rx_vq, 0);
898     return 1;
899 }
900 
901 static void virtio_net_hdr_swap(VirtIODevice *vdev, struct virtio_net_hdr *hdr)
902 {
903     virtio_tswap16s(vdev, &hdr->hdr_len);
904     virtio_tswap16s(vdev, &hdr->gso_size);
905     virtio_tswap16s(vdev, &hdr->csum_start);
906     virtio_tswap16s(vdev, &hdr->csum_offset);
907 }
908 
909 /* dhclient uses AF_PACKET but doesn't pass auxdata to the kernel so
910  * it never finds out that the packets don't have valid checksums.  This
911  * causes dhclient to get upset.  Fedora's carried a patch for ages to
912  * fix this with Xen but it hasn't appeared in an upstream release of
913  * dhclient yet.
914  *
915  * To avoid breaking existing guests, we catch udp packets and add
916  * checksums.  This is terrible but it's better than hacking the guest
917  * kernels.
918  *
919  * N.B. if we introduce a zero-copy API, this operation is no longer free so
920  * we should provide a mechanism to disable it to avoid polluting the host
921  * cache.
922  */
923 static void work_around_broken_dhclient(struct virtio_net_hdr *hdr,
924                                         uint8_t *buf, size_t size)
925 {
926     if ((hdr->flags & VIRTIO_NET_HDR_F_NEEDS_CSUM) && /* missing csum */
927         (size > 27 && size < 1500) && /* normal sized MTU */
928         (buf[12] == 0x08 && buf[13] == 0x00) && /* ethertype == IPv4 */
929         (buf[23] == 17) && /* ip.protocol == UDP */
930         (buf[34] == 0 && buf[35] == 67)) { /* udp.srcport == bootps */
931         net_checksum_calculate(buf, size);
932         hdr->flags &= ~VIRTIO_NET_HDR_F_NEEDS_CSUM;
933     }
934 }
935 
936 static void receive_header(VirtIONet *n, const struct iovec *iov, int iov_cnt,
937                            const void *buf, size_t size)
938 {
939     if (n->has_vnet_hdr) {
940         /* FIXME this cast is evil */
941         void *wbuf = (void *)buf;
942         work_around_broken_dhclient(wbuf, wbuf + n->host_hdr_len,
943                                     size - n->host_hdr_len);
944         virtio_net_hdr_swap(VIRTIO_DEVICE(n), wbuf);
945         iov_from_buf(iov, iov_cnt, 0, buf, sizeof(struct virtio_net_hdr));
946     } else {
947         struct virtio_net_hdr hdr = {
948             .flags = 0,
949             .gso_type = VIRTIO_NET_HDR_GSO_NONE
950         };
951         iov_from_buf(iov, iov_cnt, 0, &hdr, sizeof hdr);
952     }
953 }
954 
955 static int receive_filter(VirtIONet *n, const uint8_t *buf, int size)
956 {
957     static const uint8_t bcast[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff};
958     static const uint8_t vlan[] = {0x81, 0x00};
959     uint8_t *ptr = (uint8_t *)buf;
960     int i;
961 
962     if (n->promisc)
963         return 1;
964 
965     ptr += n->host_hdr_len;
966 
967     if (!memcmp(&ptr[12], vlan, sizeof(vlan))) {
968         int vid = be16_to_cpup((uint16_t *)(ptr + 14)) & 0xfff;
969         if (!(n->vlans[vid >> 5] & (1U << (vid & 0x1f))))
970             return 0;
971     }
972 
973     if (ptr[0] & 1) { // multicast
974         if (!memcmp(ptr, bcast, sizeof(bcast))) {
975             return !n->nobcast;
976         } else if (n->nomulti) {
977             return 0;
978         } else if (n->allmulti || n->mac_table.multi_overflow) {
979             return 1;
980         }
981 
982         for (i = n->mac_table.first_multi; i < n->mac_table.in_use; i++) {
983             if (!memcmp(ptr, &n->mac_table.macs[i * ETH_ALEN], ETH_ALEN)) {
984                 return 1;
985             }
986         }
987     } else { // unicast
988         if (n->nouni) {
989             return 0;
990         } else if (n->alluni || n->mac_table.uni_overflow) {
991             return 1;
992         } else if (!memcmp(ptr, n->mac, ETH_ALEN)) {
993             return 1;
994         }
995 
996         for (i = 0; i < n->mac_table.first_multi; i++) {
997             if (!memcmp(ptr, &n->mac_table.macs[i * ETH_ALEN], ETH_ALEN)) {
998                 return 1;
999             }
1000         }
1001     }
1002 
1003     return 0;
1004 }
1005 
1006 static ssize_t virtio_net_receive(NetClientState *nc, const uint8_t *buf, size_t size)
1007 {
1008     VirtIONet *n = qemu_get_nic_opaque(nc);
1009     VirtIONetQueue *q = virtio_net_get_subqueue(nc);
1010     VirtIODevice *vdev = VIRTIO_DEVICE(n);
1011     struct iovec mhdr_sg[VIRTQUEUE_MAX_SIZE];
1012     struct virtio_net_hdr_mrg_rxbuf mhdr;
1013     unsigned mhdr_cnt = 0;
1014     size_t offset, i, guest_offset;
1015 
1016     if (!virtio_net_can_receive(nc)) {
1017         return -1;
1018     }
1019 
1020     /* hdr_len refers to the header we supply to the guest */
1021     if (!virtio_net_has_buffers(q, size + n->guest_hdr_len - n->host_hdr_len)) {
1022         return 0;
1023     }
1024 
1025     if (!receive_filter(n, buf, size))
1026         return size;
1027 
1028     offset = i = 0;
1029 
1030     while (offset < size) {
1031         VirtQueueElement elem;
1032         int len, total;
1033         const struct iovec *sg = elem.in_sg;
1034 
1035         total = 0;
1036 
1037         if (virtqueue_pop(q->rx_vq, &elem) == 0) {
1038             if (i == 0)
1039                 return -1;
1040             error_report("virtio-net unexpected empty queue: "
1041                          "i %zd mergeable %d offset %zd, size %zd, "
1042                          "guest hdr len %zd, host hdr len %zd "
1043                          "guest features 0x%" PRIx64,
1044                          i, n->mergeable_rx_bufs, offset, size,
1045                          n->guest_hdr_len, n->host_hdr_len,
1046                          vdev->guest_features);
1047             exit(1);
1048         }
1049 
1050         if (elem.in_num < 1) {
1051             error_report("virtio-net receive queue contains no in buffers");
1052             exit(1);
1053         }
1054 
1055         if (i == 0) {
1056             assert(offset == 0);
1057             if (n->mergeable_rx_bufs) {
1058                 mhdr_cnt = iov_copy(mhdr_sg, ARRAY_SIZE(mhdr_sg),
1059                                     sg, elem.in_num,
1060                                     offsetof(typeof(mhdr), num_buffers),
1061                                     sizeof(mhdr.num_buffers));
1062             }
1063 
1064             receive_header(n, sg, elem.in_num, buf, size);
1065             offset = n->host_hdr_len;
1066             total += n->guest_hdr_len;
1067             guest_offset = n->guest_hdr_len;
1068         } else {
1069             guest_offset = 0;
1070         }
1071 
1072         /* copy in packet.  ugh */
1073         len = iov_from_buf(sg, elem.in_num, guest_offset,
1074                            buf + offset, size - offset);
1075         total += len;
1076         offset += len;
1077         /* If buffers can't be merged, at this point we
1078          * must have consumed the complete packet.
1079          * Otherwise, drop it. */
1080         if (!n->mergeable_rx_bufs && offset < size) {
1081 #if 0
1082             error_report("virtio-net truncated non-mergeable packet: "
1083                          "i %zd mergeable %d offset %zd, size %zd, "
1084                          "guest hdr len %zd, host hdr len %zd",
1085                          i, n->mergeable_rx_bufs,
1086                          offset, size, n->guest_hdr_len, n->host_hdr_len);
1087 #endif
1088             return size;
1089         }
1090 
1091         /* signal other side */
1092         virtqueue_fill(q->rx_vq, &elem, total, i++);
1093     }
1094 
1095     if (mhdr_cnt) {
1096         virtio_stw_p(vdev, &mhdr.num_buffers, i);
1097         iov_from_buf(mhdr_sg, mhdr_cnt,
1098                      0,
1099                      &mhdr.num_buffers, sizeof mhdr.num_buffers);
1100     }
1101 
1102     virtqueue_flush(q->rx_vq, i);
1103     virtio_notify(vdev, q->rx_vq);
1104 
1105     return size;
1106 }
1107 
1108 static int32_t virtio_net_flush_tx(VirtIONetQueue *q);
1109 
1110 static void virtio_net_tx_complete(NetClientState *nc, ssize_t len)
1111 {
1112     VirtIONet *n = qemu_get_nic_opaque(nc);
1113     VirtIONetQueue *q = virtio_net_get_subqueue(nc);
1114     VirtIODevice *vdev = VIRTIO_DEVICE(n);
1115 
1116     virtqueue_push(q->tx_vq, &q->async_tx.elem, 0);
1117     virtio_notify(vdev, q->tx_vq);
1118 
1119     q->async_tx.elem.out_num = q->async_tx.len = 0;
1120 
1121     virtio_queue_set_notification(q->tx_vq, 1);
1122     virtio_net_flush_tx(q);
1123 }
1124 
1125 /* TX */
1126 static int32_t virtio_net_flush_tx(VirtIONetQueue *q)
1127 {
1128     VirtIONet *n = q->n;
1129     VirtIODevice *vdev = VIRTIO_DEVICE(n);
1130     VirtQueueElement elem;
1131     int32_t num_packets = 0;
1132     int queue_index = vq2q(virtio_get_queue_index(q->tx_vq));
1133     if (!(vdev->status & VIRTIO_CONFIG_S_DRIVER_OK)) {
1134         return num_packets;
1135     }
1136 
1137     if (q->async_tx.elem.out_num) {
1138         virtio_queue_set_notification(q->tx_vq, 0);
1139         return num_packets;
1140     }
1141 
1142     while (virtqueue_pop(q->tx_vq, &elem)) {
1143         ssize_t ret, len;
1144         unsigned int out_num = elem.out_num;
1145         struct iovec *out_sg = &elem.out_sg[0];
1146         struct iovec sg[VIRTQUEUE_MAX_SIZE];
1147 
1148         if (out_num < 1) {
1149             error_report("virtio-net header not in first element");
1150             exit(1);
1151         }
1152 
1153         if (n->has_vnet_hdr) {
1154             if (out_sg[0].iov_len < n->guest_hdr_len) {
1155                 error_report("virtio-net header incorrect");
1156                 exit(1);
1157             }
1158             virtio_net_hdr_swap(vdev, (void *) out_sg[0].iov_base);
1159         }
1160 
1161         /*
1162          * If host wants to see the guest header as is, we can
1163          * pass it on unchanged. Otherwise, copy just the parts
1164          * that host is interested in.
1165          */
1166         assert(n->host_hdr_len <= n->guest_hdr_len);
1167         if (n->host_hdr_len != n->guest_hdr_len) {
1168             unsigned sg_num = iov_copy(sg, ARRAY_SIZE(sg),
1169                                        out_sg, out_num,
1170                                        0, n->host_hdr_len);
1171             sg_num += iov_copy(sg + sg_num, ARRAY_SIZE(sg) - sg_num,
1172                              out_sg, out_num,
1173                              n->guest_hdr_len, -1);
1174             out_num = sg_num;
1175             out_sg = sg;
1176         }
1177 
1178         len = n->guest_hdr_len;
1179 
1180         ret = qemu_sendv_packet_async(qemu_get_subqueue(n->nic, queue_index),
1181                                       out_sg, out_num, virtio_net_tx_complete);
1182         if (ret == 0) {
1183             virtio_queue_set_notification(q->tx_vq, 0);
1184             q->async_tx.elem = elem;
1185             q->async_tx.len  = len;
1186             return -EBUSY;
1187         }
1188 
1189         len += ret;
1190 
1191         virtqueue_push(q->tx_vq, &elem, 0);
1192         virtio_notify(vdev, q->tx_vq);
1193 
1194         if (++num_packets >= n->tx_burst) {
1195             break;
1196         }
1197     }
1198     return num_packets;
1199 }
1200 
1201 static void virtio_net_handle_tx_timer(VirtIODevice *vdev, VirtQueue *vq)
1202 {
1203     VirtIONet *n = VIRTIO_NET(vdev);
1204     VirtIONetQueue *q = &n->vqs[vq2q(virtio_get_queue_index(vq))];
1205 
1206     /* This happens when device was stopped but VCPU wasn't. */
1207     if (!vdev->vm_running) {
1208         q->tx_waiting = 1;
1209         return;
1210     }
1211 
1212     if (q->tx_waiting) {
1213         virtio_queue_set_notification(vq, 1);
1214         timer_del(q->tx_timer);
1215         q->tx_waiting = 0;
1216         virtio_net_flush_tx(q);
1217     } else {
1218         timer_mod(q->tx_timer,
1219                        qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + n->tx_timeout);
1220         q->tx_waiting = 1;
1221         virtio_queue_set_notification(vq, 0);
1222     }
1223 }
1224 
1225 static void virtio_net_handle_tx_bh(VirtIODevice *vdev, VirtQueue *vq)
1226 {
1227     VirtIONet *n = VIRTIO_NET(vdev);
1228     VirtIONetQueue *q = &n->vqs[vq2q(virtio_get_queue_index(vq))];
1229 
1230     if (unlikely(q->tx_waiting)) {
1231         return;
1232     }
1233     q->tx_waiting = 1;
1234     /* This happens when device was stopped but VCPU wasn't. */
1235     if (!vdev->vm_running) {
1236         return;
1237     }
1238     virtio_queue_set_notification(vq, 0);
1239     qemu_bh_schedule(q->tx_bh);
1240 }
1241 
1242 static void virtio_net_tx_timer(void *opaque)
1243 {
1244     VirtIONetQueue *q = opaque;
1245     VirtIONet *n = q->n;
1246     VirtIODevice *vdev = VIRTIO_DEVICE(n);
1247     /* This happens when device was stopped but BH wasn't. */
1248     if (!vdev->vm_running) {
1249         /* Make sure tx waiting is set, so we'll run when restarted. */
1250         assert(q->tx_waiting);
1251         return;
1252     }
1253 
1254     q->tx_waiting = 0;
1255 
1256     /* Just in case the driver is not ready on more */
1257     if (!(vdev->status & VIRTIO_CONFIG_S_DRIVER_OK)) {
1258         return;
1259     }
1260 
1261     virtio_queue_set_notification(q->tx_vq, 1);
1262     virtio_net_flush_tx(q);
1263 }
1264 
1265 static void virtio_net_tx_bh(void *opaque)
1266 {
1267     VirtIONetQueue *q = opaque;
1268     VirtIONet *n = q->n;
1269     VirtIODevice *vdev = VIRTIO_DEVICE(n);
1270     int32_t ret;
1271 
1272     /* This happens when device was stopped but BH wasn't. */
1273     if (!vdev->vm_running) {
1274         /* Make sure tx waiting is set, so we'll run when restarted. */
1275         assert(q->tx_waiting);
1276         return;
1277     }
1278 
1279     q->tx_waiting = 0;
1280 
1281     /* Just in case the driver is not ready on more */
1282     if (unlikely(!(vdev->status & VIRTIO_CONFIG_S_DRIVER_OK))) {
1283         return;
1284     }
1285 
1286     ret = virtio_net_flush_tx(q);
1287     if (ret == -EBUSY) {
1288         return; /* Notification re-enable handled by tx_complete */
1289     }
1290 
1291     /* If we flush a full burst of packets, assume there are
1292      * more coming and immediately reschedule */
1293     if (ret >= n->tx_burst) {
1294         qemu_bh_schedule(q->tx_bh);
1295         q->tx_waiting = 1;
1296         return;
1297     }
1298 
1299     /* If less than a full burst, re-enable notification and flush
1300      * anything that may have come in while we weren't looking.  If
1301      * we find something, assume the guest is still active and reschedule */
1302     virtio_queue_set_notification(q->tx_vq, 1);
1303     if (virtio_net_flush_tx(q) > 0) {
1304         virtio_queue_set_notification(q->tx_vq, 0);
1305         qemu_bh_schedule(q->tx_bh);
1306         q->tx_waiting = 1;
1307     }
1308 }
1309 
1310 static void virtio_net_set_multiqueue(VirtIONet *n, int multiqueue)
1311 {
1312     n->multiqueue = multiqueue;
1313 
1314     virtio_net_set_queues(n);
1315 }
1316 
1317 static void virtio_net_save(QEMUFile *f, void *opaque)
1318 {
1319     VirtIONet *n = opaque;
1320     VirtIODevice *vdev = VIRTIO_DEVICE(n);
1321 
1322     /* At this point, backend must be stopped, otherwise
1323      * it might keep writing to memory. */
1324     assert(!n->vhost_started);
1325     virtio_save(vdev, f);
1326 }
1327 
1328 static void virtio_net_save_device(VirtIODevice *vdev, QEMUFile *f)
1329 {
1330     VirtIONet *n = VIRTIO_NET(vdev);
1331     int i;
1332 
1333     qemu_put_buffer(f, n->mac, ETH_ALEN);
1334     qemu_put_be32(f, n->vqs[0].tx_waiting);
1335     qemu_put_be32(f, n->mergeable_rx_bufs);
1336     qemu_put_be16(f, n->status);
1337     qemu_put_byte(f, n->promisc);
1338     qemu_put_byte(f, n->allmulti);
1339     qemu_put_be32(f, n->mac_table.in_use);
1340     qemu_put_buffer(f, n->mac_table.macs, n->mac_table.in_use * ETH_ALEN);
1341     qemu_put_buffer(f, (uint8_t *)n->vlans, MAX_VLAN >> 3);
1342     qemu_put_be32(f, n->has_vnet_hdr);
1343     qemu_put_byte(f, n->mac_table.multi_overflow);
1344     qemu_put_byte(f, n->mac_table.uni_overflow);
1345     qemu_put_byte(f, n->alluni);
1346     qemu_put_byte(f, n->nomulti);
1347     qemu_put_byte(f, n->nouni);
1348     qemu_put_byte(f, n->nobcast);
1349     qemu_put_byte(f, n->has_ufo);
1350     if (n->max_queues > 1) {
1351         qemu_put_be16(f, n->max_queues);
1352         qemu_put_be16(f, n->curr_queues);
1353         for (i = 1; i < n->curr_queues; i++) {
1354             qemu_put_be32(f, n->vqs[i].tx_waiting);
1355         }
1356     }
1357 
1358     if (virtio_has_feature(vdev, VIRTIO_NET_F_CTRL_GUEST_OFFLOADS)) {
1359         qemu_put_be64(f, n->curr_guest_offloads);
1360     }
1361 }
1362 
1363 static int virtio_net_load(QEMUFile *f, void *opaque, int version_id)
1364 {
1365     VirtIONet *n = opaque;
1366     VirtIODevice *vdev = VIRTIO_DEVICE(n);
1367 
1368     if (version_id < 2 || version_id > VIRTIO_NET_VM_VERSION)
1369         return -EINVAL;
1370 
1371     return virtio_load(vdev, f, version_id);
1372 }
1373 
1374 static int virtio_net_load_device(VirtIODevice *vdev, QEMUFile *f,
1375                                   int version_id)
1376 {
1377     VirtIONet *n = VIRTIO_NET(vdev);
1378     int i, link_down;
1379 
1380     qemu_get_buffer(f, n->mac, ETH_ALEN);
1381     n->vqs[0].tx_waiting = qemu_get_be32(f);
1382 
1383     virtio_net_set_mrg_rx_bufs(n, qemu_get_be32(f),
1384                                virtio_has_feature(vdev, VIRTIO_F_VERSION_1));
1385 
1386     if (version_id >= 3)
1387         n->status = qemu_get_be16(f);
1388 
1389     if (version_id >= 4) {
1390         if (version_id < 8) {
1391             n->promisc = qemu_get_be32(f);
1392             n->allmulti = qemu_get_be32(f);
1393         } else {
1394             n->promisc = qemu_get_byte(f);
1395             n->allmulti = qemu_get_byte(f);
1396         }
1397     }
1398 
1399     if (version_id >= 5) {
1400         n->mac_table.in_use = qemu_get_be32(f);
1401         /* MAC_TABLE_ENTRIES may be different from the saved image */
1402         if (n->mac_table.in_use <= MAC_TABLE_ENTRIES) {
1403             qemu_get_buffer(f, n->mac_table.macs,
1404                             n->mac_table.in_use * ETH_ALEN);
1405         } else {
1406             int64_t i;
1407 
1408             /* Overflow detected - can happen if source has a larger MAC table.
1409              * We simply set overflow flag so there's no need to maintain the
1410              * table of addresses, discard them all.
1411              * Note: 64 bit math to avoid integer overflow.
1412              */
1413             for (i = 0; i < (int64_t)n->mac_table.in_use * ETH_ALEN; ++i) {
1414                 qemu_get_byte(f);
1415             }
1416             n->mac_table.multi_overflow = n->mac_table.uni_overflow = 1;
1417             n->mac_table.in_use = 0;
1418         }
1419     }
1420 
1421     if (version_id >= 6)
1422         qemu_get_buffer(f, (uint8_t *)n->vlans, MAX_VLAN >> 3);
1423 
1424     if (version_id >= 7) {
1425         if (qemu_get_be32(f) && !peer_has_vnet_hdr(n)) {
1426             error_report("virtio-net: saved image requires vnet_hdr=on");
1427             return -1;
1428         }
1429     }
1430 
1431     if (version_id >= 9) {
1432         n->mac_table.multi_overflow = qemu_get_byte(f);
1433         n->mac_table.uni_overflow = qemu_get_byte(f);
1434     }
1435 
1436     if (version_id >= 10) {
1437         n->alluni = qemu_get_byte(f);
1438         n->nomulti = qemu_get_byte(f);
1439         n->nouni = qemu_get_byte(f);
1440         n->nobcast = qemu_get_byte(f);
1441     }
1442 
1443     if (version_id >= 11) {
1444         if (qemu_get_byte(f) && !peer_has_ufo(n)) {
1445             error_report("virtio-net: saved image requires TUN_F_UFO support");
1446             return -1;
1447         }
1448     }
1449 
1450     if (n->max_queues > 1) {
1451         if (n->max_queues != qemu_get_be16(f)) {
1452             error_report("virtio-net: different max_queues ");
1453             return -1;
1454         }
1455 
1456         n->curr_queues = qemu_get_be16(f);
1457         if (n->curr_queues > n->max_queues) {
1458             error_report("virtio-net: curr_queues %x > max_queues %x",
1459                          n->curr_queues, n->max_queues);
1460             return -1;
1461         }
1462         for (i = 1; i < n->curr_queues; i++) {
1463             n->vqs[i].tx_waiting = qemu_get_be32(f);
1464         }
1465     }
1466 
1467     if (virtio_has_feature(vdev, VIRTIO_NET_F_CTRL_GUEST_OFFLOADS)) {
1468         n->curr_guest_offloads = qemu_get_be64(f);
1469     } else {
1470         n->curr_guest_offloads = virtio_net_supported_guest_offloads(n);
1471     }
1472 
1473     if (peer_has_vnet_hdr(n)) {
1474         virtio_net_apply_guest_offloads(n);
1475     }
1476 
1477     virtio_net_set_queues(n);
1478 
1479     /* Find the first multicast entry in the saved MAC filter */
1480     for (i = 0; i < n->mac_table.in_use; i++) {
1481         if (n->mac_table.macs[i * ETH_ALEN] & 1) {
1482             break;
1483         }
1484     }
1485     n->mac_table.first_multi = i;
1486 
1487     /* nc.link_down can't be migrated, so infer link_down according
1488      * to link status bit in n->status */
1489     link_down = (n->status & VIRTIO_NET_S_LINK_UP) == 0;
1490     for (i = 0; i < n->max_queues; i++) {
1491         qemu_get_subqueue(n->nic, i)->link_down = link_down;
1492     }
1493 
1494     if (virtio_has_feature(vdev, VIRTIO_NET_F_GUEST_ANNOUNCE) &&
1495         virtio_has_feature(vdev, VIRTIO_NET_F_CTRL_VQ)) {
1496         n->announce_counter = SELF_ANNOUNCE_ROUNDS;
1497         timer_mod(n->announce_timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL));
1498     }
1499 
1500     return 0;
1501 }
1502 
1503 static NetClientInfo net_virtio_info = {
1504     .type = NET_CLIENT_OPTIONS_KIND_NIC,
1505     .size = sizeof(NICState),
1506     .can_receive = virtio_net_can_receive,
1507     .receive = virtio_net_receive,
1508     .link_status_changed = virtio_net_set_link_status,
1509     .query_rx_filter = virtio_net_query_rxfilter,
1510 };
1511 
1512 static bool virtio_net_guest_notifier_pending(VirtIODevice *vdev, int idx)
1513 {
1514     VirtIONet *n = VIRTIO_NET(vdev);
1515     NetClientState *nc = qemu_get_subqueue(n->nic, vq2q(idx));
1516     assert(n->vhost_started);
1517     return vhost_net_virtqueue_pending(get_vhost_net(nc->peer), idx);
1518 }
1519 
1520 static void virtio_net_guest_notifier_mask(VirtIODevice *vdev, int idx,
1521                                            bool mask)
1522 {
1523     VirtIONet *n = VIRTIO_NET(vdev);
1524     NetClientState *nc = qemu_get_subqueue(n->nic, vq2q(idx));
1525     assert(n->vhost_started);
1526     vhost_net_virtqueue_mask(get_vhost_net(nc->peer),
1527                              vdev, idx, mask);
1528 }
1529 
1530 static void virtio_net_set_config_size(VirtIONet *n, uint64_t host_features)
1531 {
1532     int i, config_size = 0;
1533     virtio_add_feature(&host_features, VIRTIO_NET_F_MAC);
1534     for (i = 0; feature_sizes[i].flags != 0; i++) {
1535         if (host_features & feature_sizes[i].flags) {
1536             config_size = MAX(feature_sizes[i].end, config_size);
1537         }
1538     }
1539     n->config_size = config_size;
1540 }
1541 
1542 void virtio_net_set_netclient_name(VirtIONet *n, const char *name,
1543                                    const char *type)
1544 {
1545     /*
1546      * The name can be NULL, the netclient name will be type.x.
1547      */
1548     assert(type != NULL);
1549 
1550     g_free(n->netclient_name);
1551     g_free(n->netclient_type);
1552     n->netclient_name = g_strdup(name);
1553     n->netclient_type = g_strdup(type);
1554 }
1555 
1556 static void virtio_net_device_realize(DeviceState *dev, Error **errp)
1557 {
1558     VirtIODevice *vdev = VIRTIO_DEVICE(dev);
1559     VirtIONet *n = VIRTIO_NET(dev);
1560     NetClientState *nc;
1561     int i;
1562 
1563     virtio_net_set_config_size(n, n->host_features);
1564     virtio_init(vdev, "virtio-net", VIRTIO_ID_NET, n->config_size);
1565 
1566     n->max_queues = MAX(n->nic_conf.peers.queues, 1);
1567     if (n->max_queues * 2 + 1 > VIRTIO_QUEUE_MAX) {
1568         error_setg(errp, "Invalid number of queues (= %" PRIu32 "), "
1569                    "must be a positive integer less than %d.",
1570                    n->max_queues, (VIRTIO_QUEUE_MAX - 1) / 2);
1571         virtio_cleanup(vdev);
1572         return;
1573     }
1574     n->vqs = g_malloc0(sizeof(VirtIONetQueue) * n->max_queues);
1575     n->curr_queues = 1;
1576     n->tx_timeout = n->net_conf.txtimer;
1577 
1578     if (n->net_conf.tx && strcmp(n->net_conf.tx, "timer")
1579                        && strcmp(n->net_conf.tx, "bh")) {
1580         error_report("virtio-net: "
1581                      "Unknown option tx=%s, valid options: \"timer\" \"bh\"",
1582                      n->net_conf.tx);
1583         error_report("Defaulting to \"bh\"");
1584     }
1585 
1586     for (i = 0; i < n->max_queues; i++) {
1587         n->vqs[i].rx_vq = virtio_add_queue(vdev, 256, virtio_net_handle_rx);
1588         if (n->net_conf.tx && !strcmp(n->net_conf.tx, "timer")) {
1589             n->vqs[i].tx_vq =
1590                 virtio_add_queue(vdev, 256, virtio_net_handle_tx_timer);
1591             n->vqs[i].tx_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
1592                                               virtio_net_tx_timer,
1593                                               &n->vqs[i]);
1594         } else {
1595             n->vqs[i].tx_vq =
1596                 virtio_add_queue(vdev, 256, virtio_net_handle_tx_bh);
1597             n->vqs[i].tx_bh = qemu_bh_new(virtio_net_tx_bh, &n->vqs[i]);
1598         }
1599 
1600         n->vqs[i].tx_waiting = 0;
1601         n->vqs[i].n = n;
1602     }
1603 
1604     n->ctrl_vq = virtio_add_queue(vdev, 64, virtio_net_handle_ctrl);
1605     qemu_macaddr_default_if_unset(&n->nic_conf.macaddr);
1606     memcpy(&n->mac[0], &n->nic_conf.macaddr, sizeof(n->mac));
1607     n->status = VIRTIO_NET_S_LINK_UP;
1608     n->announce_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL,
1609                                      virtio_net_announce_timer, n);
1610 
1611     if (n->netclient_type) {
1612         /*
1613          * Happen when virtio_net_set_netclient_name has been called.
1614          */
1615         n->nic = qemu_new_nic(&net_virtio_info, &n->nic_conf,
1616                               n->netclient_type, n->netclient_name, n);
1617     } else {
1618         n->nic = qemu_new_nic(&net_virtio_info, &n->nic_conf,
1619                               object_get_typename(OBJECT(dev)), dev->id, n);
1620     }
1621 
1622     peer_test_vnet_hdr(n);
1623     if (peer_has_vnet_hdr(n)) {
1624         for (i = 0; i < n->max_queues; i++) {
1625             qemu_using_vnet_hdr(qemu_get_subqueue(n->nic, i)->peer, true);
1626         }
1627         n->host_hdr_len = sizeof(struct virtio_net_hdr);
1628     } else {
1629         n->host_hdr_len = 0;
1630     }
1631 
1632     qemu_format_nic_info_str(qemu_get_queue(n->nic), n->nic_conf.macaddr.a);
1633 
1634     n->vqs[0].tx_waiting = 0;
1635     n->tx_burst = n->net_conf.txburst;
1636     virtio_net_set_mrg_rx_bufs(n, 0, 0);
1637     n->promisc = 1; /* for compatibility */
1638 
1639     n->mac_table.macs = g_malloc0(MAC_TABLE_ENTRIES * ETH_ALEN);
1640 
1641     n->vlans = g_malloc0(MAX_VLAN >> 3);
1642 
1643     nc = qemu_get_queue(n->nic);
1644     nc->rxfilter_notify_enabled = 1;
1645 
1646     n->qdev = dev;
1647     register_savevm(dev, "virtio-net", -1, VIRTIO_NET_VM_VERSION,
1648                     virtio_net_save, virtio_net_load, n);
1649 }
1650 
1651 static void virtio_net_device_unrealize(DeviceState *dev, Error **errp)
1652 {
1653     VirtIODevice *vdev = VIRTIO_DEVICE(dev);
1654     VirtIONet *n = VIRTIO_NET(dev);
1655     int i;
1656 
1657     /* This will stop vhost backend if appropriate. */
1658     virtio_net_set_status(vdev, 0);
1659 
1660     unregister_savevm(dev, "virtio-net", n);
1661 
1662     g_free(n->netclient_name);
1663     n->netclient_name = NULL;
1664     g_free(n->netclient_type);
1665     n->netclient_type = NULL;
1666 
1667     g_free(n->mac_table.macs);
1668     g_free(n->vlans);
1669 
1670     for (i = 0; i < n->max_queues; i++) {
1671         VirtIONetQueue *q = &n->vqs[i];
1672         NetClientState *nc = qemu_get_subqueue(n->nic, i);
1673 
1674         qemu_purge_queued_packets(nc);
1675 
1676         if (q->tx_timer) {
1677             timer_del(q->tx_timer);
1678             timer_free(q->tx_timer);
1679         } else if (q->tx_bh) {
1680             qemu_bh_delete(q->tx_bh);
1681         }
1682     }
1683 
1684     timer_del(n->announce_timer);
1685     timer_free(n->announce_timer);
1686     g_free(n->vqs);
1687     qemu_del_nic(n->nic);
1688     virtio_cleanup(vdev);
1689 }
1690 
1691 static void virtio_net_instance_init(Object *obj)
1692 {
1693     VirtIONet *n = VIRTIO_NET(obj);
1694 
1695     /*
1696      * The default config_size is sizeof(struct virtio_net_config).
1697      * Can be overriden with virtio_net_set_config_size.
1698      */
1699     n->config_size = sizeof(struct virtio_net_config);
1700     device_add_bootindex_property(obj, &n->nic_conf.bootindex,
1701                                   "bootindex", "/ethernet-phy@0",
1702                                   DEVICE(n), NULL);
1703 }
1704 
1705 static Property virtio_net_properties[] = {
1706     DEFINE_PROP_BIT("any_layout", VirtIONet, host_features,
1707                     VIRTIO_F_ANY_LAYOUT, true),
1708     DEFINE_PROP_BIT("csum", VirtIONet, host_features, VIRTIO_NET_F_CSUM, true),
1709     DEFINE_PROP_BIT("guest_csum", VirtIONet, host_features,
1710                     VIRTIO_NET_F_GUEST_CSUM, true),
1711     DEFINE_PROP_BIT("gso", VirtIONet, host_features, VIRTIO_NET_F_GSO, true),
1712     DEFINE_PROP_BIT("guest_tso4", VirtIONet, host_features,
1713                     VIRTIO_NET_F_GUEST_TSO4, true),
1714     DEFINE_PROP_BIT("guest_tso6", VirtIONet, host_features,
1715                     VIRTIO_NET_F_GUEST_TSO6, true),
1716     DEFINE_PROP_BIT("guest_ecn", VirtIONet, host_features,
1717                     VIRTIO_NET_F_GUEST_ECN, true),
1718     DEFINE_PROP_BIT("guest_ufo", VirtIONet, host_features,
1719                     VIRTIO_NET_F_GUEST_UFO, true),
1720     DEFINE_PROP_BIT("guest_announce", VirtIONet, host_features,
1721                     VIRTIO_NET_F_GUEST_ANNOUNCE, true),
1722     DEFINE_PROP_BIT("host_tso4", VirtIONet, host_features,
1723                     VIRTIO_NET_F_HOST_TSO4, true),
1724     DEFINE_PROP_BIT("host_tso6", VirtIONet, host_features,
1725                     VIRTIO_NET_F_HOST_TSO6, true),
1726     DEFINE_PROP_BIT("host_ecn", VirtIONet, host_features,
1727                     VIRTIO_NET_F_HOST_ECN, true),
1728     DEFINE_PROP_BIT("host_ufo", VirtIONet, host_features,
1729                     VIRTIO_NET_F_HOST_UFO, true),
1730     DEFINE_PROP_BIT("mrg_rxbuf", VirtIONet, host_features,
1731                     VIRTIO_NET_F_MRG_RXBUF, true),
1732     DEFINE_PROP_BIT("status", VirtIONet, host_features,
1733                     VIRTIO_NET_F_STATUS, true),
1734     DEFINE_PROP_BIT("ctrl_vq", VirtIONet, host_features,
1735                     VIRTIO_NET_F_CTRL_VQ, true),
1736     DEFINE_PROP_BIT("ctrl_rx", VirtIONet, host_features,
1737                     VIRTIO_NET_F_CTRL_RX, true),
1738     DEFINE_PROP_BIT("ctrl_vlan", VirtIONet, host_features,
1739                     VIRTIO_NET_F_CTRL_VLAN, true),
1740     DEFINE_PROP_BIT("ctrl_rx_extra", VirtIONet, host_features,
1741                     VIRTIO_NET_F_CTRL_RX_EXTRA, true),
1742     DEFINE_PROP_BIT("ctrl_mac_addr", VirtIONet, host_features,
1743                     VIRTIO_NET_F_CTRL_MAC_ADDR, true),
1744     DEFINE_PROP_BIT("ctrl_guest_offloads", VirtIONet, host_features,
1745                     VIRTIO_NET_F_CTRL_GUEST_OFFLOADS, true),
1746     DEFINE_PROP_BIT("mq", VirtIONet, host_features, VIRTIO_NET_F_MQ, false),
1747     DEFINE_NIC_PROPERTIES(VirtIONet, nic_conf),
1748     DEFINE_PROP_UINT32("x-txtimer", VirtIONet, net_conf.txtimer,
1749                        TX_TIMER_INTERVAL),
1750     DEFINE_PROP_INT32("x-txburst", VirtIONet, net_conf.txburst, TX_BURST),
1751     DEFINE_PROP_STRING("tx", VirtIONet, net_conf.tx),
1752     DEFINE_PROP_END_OF_LIST(),
1753 };
1754 
1755 static void virtio_net_class_init(ObjectClass *klass, void *data)
1756 {
1757     DeviceClass *dc = DEVICE_CLASS(klass);
1758     VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass);
1759 
1760     dc->props = virtio_net_properties;
1761     set_bit(DEVICE_CATEGORY_NETWORK, dc->categories);
1762     vdc->realize = virtio_net_device_realize;
1763     vdc->unrealize = virtio_net_device_unrealize;
1764     vdc->get_config = virtio_net_get_config;
1765     vdc->set_config = virtio_net_set_config;
1766     vdc->get_features = virtio_net_get_features;
1767     vdc->set_features = virtio_net_set_features;
1768     vdc->bad_features = virtio_net_bad_features;
1769     vdc->reset = virtio_net_reset;
1770     vdc->set_status = virtio_net_set_status;
1771     vdc->guest_notifier_mask = virtio_net_guest_notifier_mask;
1772     vdc->guest_notifier_pending = virtio_net_guest_notifier_pending;
1773     vdc->load = virtio_net_load_device;
1774     vdc->save = virtio_net_save_device;
1775 }
1776 
1777 static const TypeInfo virtio_net_info = {
1778     .name = TYPE_VIRTIO_NET,
1779     .parent = TYPE_VIRTIO_DEVICE,
1780     .instance_size = sizeof(VirtIONet),
1781     .instance_init = virtio_net_instance_init,
1782     .class_init = virtio_net_class_init,
1783 };
1784 
1785 static void virtio_register_types(void)
1786 {
1787     type_register_static(&virtio_net_info);
1788 }
1789 
1790 type_init(virtio_register_types)
1791