1 /* 2 * MSI-X device support 3 * 4 * This module includes support for MSI-X in pci devices. 5 * 6 * Author: Michael S. Tsirkin <mst@redhat.com> 7 * 8 * Copyright (c) 2009, Red Hat Inc, Michael S. Tsirkin (mst@redhat.com) 9 * 10 * This work is licensed under the terms of the GNU GPL, version 2. See 11 * the COPYING file in the top-level directory. 12 * 13 * Contributions after 2012-01-13 are licensed under the terms of the 14 * GNU GPL, version 2 or (at your option) any later version. 15 */ 16 17 #include "hw/hw.h" 18 #include "hw/pci/msi.h" 19 #include "hw/pci/msix.h" 20 #include "hw/pci/pci.h" 21 #include "qemu/range.h" 22 23 #define MSIX_CAP_LENGTH 12 24 25 /* MSI enable bit and maskall bit are in byte 1 in FLAGS register */ 26 #define MSIX_CONTROL_OFFSET (PCI_MSIX_FLAGS + 1) 27 #define MSIX_ENABLE_MASK (PCI_MSIX_FLAGS_ENABLE >> 8) 28 #define MSIX_MASKALL_MASK (PCI_MSIX_FLAGS_MASKALL >> 8) 29 30 MSIMessage msix_get_message(PCIDevice *dev, unsigned vector) 31 { 32 uint8_t *table_entry = dev->msix_table + vector * PCI_MSIX_ENTRY_SIZE; 33 MSIMessage msg; 34 35 msg.address = pci_get_quad(table_entry + PCI_MSIX_ENTRY_LOWER_ADDR); 36 msg.data = pci_get_long(table_entry + PCI_MSIX_ENTRY_DATA); 37 return msg; 38 } 39 40 /* 41 * Special API for POWER to configure the vectors through 42 * a side channel. Should never be used by devices. 43 */ 44 void msix_set_message(PCIDevice *dev, int vector, struct MSIMessage msg) 45 { 46 uint8_t *table_entry = dev->msix_table + vector * PCI_MSIX_ENTRY_SIZE; 47 48 pci_set_quad(table_entry + PCI_MSIX_ENTRY_LOWER_ADDR, msg.address); 49 pci_set_long(table_entry + PCI_MSIX_ENTRY_DATA, msg.data); 50 table_entry[PCI_MSIX_ENTRY_VECTOR_CTRL] &= ~PCI_MSIX_ENTRY_CTRL_MASKBIT; 51 } 52 53 static uint8_t msix_pending_mask(int vector) 54 { 55 return 1 << (vector % 8); 56 } 57 58 static uint8_t *msix_pending_byte(PCIDevice *dev, int vector) 59 { 60 return dev->msix_pba + vector / 8; 61 } 62 63 static int msix_is_pending(PCIDevice *dev, int vector) 64 { 65 return *msix_pending_byte(dev, vector) & msix_pending_mask(vector); 66 } 67 68 void msix_set_pending(PCIDevice *dev, unsigned int vector) 69 { 70 *msix_pending_byte(dev, vector) |= msix_pending_mask(vector); 71 } 72 73 static void msix_clr_pending(PCIDevice *dev, int vector) 74 { 75 *msix_pending_byte(dev, vector) &= ~msix_pending_mask(vector); 76 } 77 78 static bool msix_vector_masked(PCIDevice *dev, unsigned int vector, bool fmask) 79 { 80 unsigned offset = vector * PCI_MSIX_ENTRY_SIZE + PCI_MSIX_ENTRY_VECTOR_CTRL; 81 return fmask || dev->msix_table[offset] & PCI_MSIX_ENTRY_CTRL_MASKBIT; 82 } 83 84 bool msix_is_masked(PCIDevice *dev, unsigned int vector) 85 { 86 return msix_vector_masked(dev, vector, dev->msix_function_masked); 87 } 88 89 static void msix_fire_vector_notifier(PCIDevice *dev, 90 unsigned int vector, bool is_masked) 91 { 92 MSIMessage msg; 93 int ret; 94 95 if (!dev->msix_vector_use_notifier) { 96 return; 97 } 98 if (is_masked) { 99 dev->msix_vector_release_notifier(dev, vector); 100 } else { 101 msg = msix_get_message(dev, vector); 102 ret = dev->msix_vector_use_notifier(dev, vector, msg); 103 assert(ret >= 0); 104 } 105 } 106 107 static void msix_handle_mask_update(PCIDevice *dev, int vector, bool was_masked) 108 { 109 bool is_masked = msix_is_masked(dev, vector); 110 111 if (is_masked == was_masked) { 112 return; 113 } 114 115 msix_fire_vector_notifier(dev, vector, is_masked); 116 117 if (!is_masked && msix_is_pending(dev, vector)) { 118 msix_clr_pending(dev, vector); 119 msix_notify(dev, vector); 120 } 121 } 122 123 static void msix_update_function_masked(PCIDevice *dev) 124 { 125 dev->msix_function_masked = !msix_enabled(dev) || 126 (dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] & MSIX_MASKALL_MASK); 127 } 128 129 /* Handle MSI-X capability config write. */ 130 void msix_write_config(PCIDevice *dev, uint32_t addr, 131 uint32_t val, int len) 132 { 133 unsigned enable_pos = dev->msix_cap + MSIX_CONTROL_OFFSET; 134 int vector; 135 bool was_masked; 136 137 if (!msix_present(dev) || !range_covers_byte(addr, len, enable_pos)) { 138 return; 139 } 140 141 was_masked = dev->msix_function_masked; 142 msix_update_function_masked(dev); 143 144 if (!msix_enabled(dev)) { 145 return; 146 } 147 148 pci_device_deassert_intx(dev); 149 150 if (dev->msix_function_masked == was_masked) { 151 return; 152 } 153 154 for (vector = 0; vector < dev->msix_entries_nr; ++vector) { 155 msix_handle_mask_update(dev, vector, 156 msix_vector_masked(dev, vector, was_masked)); 157 } 158 } 159 160 static uint64_t msix_table_mmio_read(void *opaque, hwaddr addr, 161 unsigned size) 162 { 163 PCIDevice *dev = opaque; 164 165 return pci_get_long(dev->msix_table + addr); 166 } 167 168 static void msix_table_mmio_write(void *opaque, hwaddr addr, 169 uint64_t val, unsigned size) 170 { 171 PCIDevice *dev = opaque; 172 int vector = addr / PCI_MSIX_ENTRY_SIZE; 173 bool was_masked; 174 175 was_masked = msix_is_masked(dev, vector); 176 pci_set_long(dev->msix_table + addr, val); 177 msix_handle_mask_update(dev, vector, was_masked); 178 } 179 180 static const MemoryRegionOps msix_table_mmio_ops = { 181 .read = msix_table_mmio_read, 182 .write = msix_table_mmio_write, 183 .endianness = DEVICE_LITTLE_ENDIAN, 184 .valid = { 185 .min_access_size = 4, 186 .max_access_size = 4, 187 }, 188 }; 189 190 static uint64_t msix_pba_mmio_read(void *opaque, hwaddr addr, 191 unsigned size) 192 { 193 PCIDevice *dev = opaque; 194 if (dev->msix_vector_poll_notifier) { 195 unsigned vector_start = addr * 8; 196 unsigned vector_end = MIN(addr + size * 8, dev->msix_entries_nr); 197 dev->msix_vector_poll_notifier(dev, vector_start, vector_end); 198 } 199 200 return pci_get_long(dev->msix_pba + addr); 201 } 202 203 static const MemoryRegionOps msix_pba_mmio_ops = { 204 .read = msix_pba_mmio_read, 205 .endianness = DEVICE_LITTLE_ENDIAN, 206 .valid = { 207 .min_access_size = 4, 208 .max_access_size = 4, 209 }, 210 }; 211 212 static void msix_mask_all(struct PCIDevice *dev, unsigned nentries) 213 { 214 int vector; 215 216 for (vector = 0; vector < nentries; ++vector) { 217 unsigned offset = 218 vector * PCI_MSIX_ENTRY_SIZE + PCI_MSIX_ENTRY_VECTOR_CTRL; 219 bool was_masked = msix_is_masked(dev, vector); 220 221 dev->msix_table[offset] |= PCI_MSIX_ENTRY_CTRL_MASKBIT; 222 msix_handle_mask_update(dev, vector, was_masked); 223 } 224 } 225 226 /* Initialize the MSI-X structures */ 227 int msix_init(struct PCIDevice *dev, unsigned short nentries, 228 MemoryRegion *table_bar, uint8_t table_bar_nr, 229 unsigned table_offset, MemoryRegion *pba_bar, 230 uint8_t pba_bar_nr, unsigned pba_offset, uint8_t cap_pos) 231 { 232 int cap; 233 unsigned table_size, pba_size; 234 uint8_t *config; 235 236 /* Nothing to do if MSI is not supported by interrupt controller */ 237 if (!msi_supported) { 238 return -ENOTSUP; 239 } 240 241 if (nentries < 1 || nentries > PCI_MSIX_FLAGS_QSIZE + 1) { 242 return -EINVAL; 243 } 244 245 table_size = nentries * PCI_MSIX_ENTRY_SIZE; 246 pba_size = QEMU_ALIGN_UP(nentries, 64) / 8; 247 248 /* Sanity test: table & pba don't overlap, fit within BARs, min aligned */ 249 if ((table_bar_nr == pba_bar_nr && 250 ranges_overlap(table_offset, table_size, pba_offset, pba_size)) || 251 table_offset + table_size > memory_region_size(table_bar) || 252 pba_offset + pba_size > memory_region_size(pba_bar) || 253 (table_offset | pba_offset) & PCI_MSIX_FLAGS_BIRMASK) { 254 return -EINVAL; 255 } 256 257 cap = pci_add_capability(dev, PCI_CAP_ID_MSIX, cap_pos, MSIX_CAP_LENGTH); 258 if (cap < 0) { 259 return cap; 260 } 261 262 dev->msix_cap = cap; 263 dev->cap_present |= QEMU_PCI_CAP_MSIX; 264 config = dev->config + cap; 265 266 pci_set_word(config + PCI_MSIX_FLAGS, nentries - 1); 267 dev->msix_entries_nr = nentries; 268 dev->msix_function_masked = true; 269 270 pci_set_long(config + PCI_MSIX_TABLE, table_offset | table_bar_nr); 271 pci_set_long(config + PCI_MSIX_PBA, pba_offset | pba_bar_nr); 272 273 /* Make flags bit writable. */ 274 dev->wmask[cap + MSIX_CONTROL_OFFSET] |= MSIX_ENABLE_MASK | 275 MSIX_MASKALL_MASK; 276 277 dev->msix_table = g_malloc0(table_size); 278 dev->msix_pba = g_malloc0(pba_size); 279 dev->msix_entry_used = g_malloc0(nentries * sizeof *dev->msix_entry_used); 280 281 msix_mask_all(dev, nentries); 282 283 memory_region_init_io(&dev->msix_table_mmio, OBJECT(dev), &msix_table_mmio_ops, dev, 284 "msix-table", table_size); 285 memory_region_add_subregion(table_bar, table_offset, &dev->msix_table_mmio); 286 memory_region_init_io(&dev->msix_pba_mmio, OBJECT(dev), &msix_pba_mmio_ops, dev, 287 "msix-pba", pba_size); 288 memory_region_add_subregion(pba_bar, pba_offset, &dev->msix_pba_mmio); 289 290 return 0; 291 } 292 293 int msix_init_exclusive_bar(PCIDevice *dev, unsigned short nentries, 294 uint8_t bar_nr) 295 { 296 int ret; 297 char *name; 298 299 /* 300 * Migration compatibility dictates that this remains a 4k 301 * BAR with the vector table in the lower half and PBA in 302 * the upper half. Do not use these elsewhere! 303 */ 304 #define MSIX_EXCLUSIVE_BAR_SIZE 4096 305 #define MSIX_EXCLUSIVE_BAR_TABLE_OFFSET 0 306 #define MSIX_EXCLUSIVE_BAR_PBA_OFFSET (MSIX_EXCLUSIVE_BAR_SIZE / 2) 307 #define MSIX_EXCLUSIVE_CAP_OFFSET 0 308 309 if (nentries * PCI_MSIX_ENTRY_SIZE > MSIX_EXCLUSIVE_BAR_PBA_OFFSET) { 310 return -EINVAL; 311 } 312 313 name = g_strdup_printf("%s-msix", dev->name); 314 memory_region_init(&dev->msix_exclusive_bar, OBJECT(dev), name, MSIX_EXCLUSIVE_BAR_SIZE); 315 g_free(name); 316 317 ret = msix_init(dev, nentries, &dev->msix_exclusive_bar, bar_nr, 318 MSIX_EXCLUSIVE_BAR_TABLE_OFFSET, &dev->msix_exclusive_bar, 319 bar_nr, MSIX_EXCLUSIVE_BAR_PBA_OFFSET, 320 MSIX_EXCLUSIVE_CAP_OFFSET); 321 if (ret) { 322 return ret; 323 } 324 325 pci_register_bar(dev, bar_nr, PCI_BASE_ADDRESS_SPACE_MEMORY, 326 &dev->msix_exclusive_bar); 327 328 return 0; 329 } 330 331 static void msix_free_irq_entries(PCIDevice *dev) 332 { 333 int vector; 334 335 for (vector = 0; vector < dev->msix_entries_nr; ++vector) { 336 dev->msix_entry_used[vector] = 0; 337 msix_clr_pending(dev, vector); 338 } 339 } 340 341 static void msix_clear_all_vectors(PCIDevice *dev) 342 { 343 int vector; 344 345 for (vector = 0; vector < dev->msix_entries_nr; ++vector) { 346 msix_clr_pending(dev, vector); 347 } 348 } 349 350 /* Clean up resources for the device. */ 351 void msix_uninit(PCIDevice *dev, MemoryRegion *table_bar, MemoryRegion *pba_bar) 352 { 353 if (!msix_present(dev)) { 354 return; 355 } 356 pci_del_capability(dev, PCI_CAP_ID_MSIX, MSIX_CAP_LENGTH); 357 dev->msix_cap = 0; 358 msix_free_irq_entries(dev); 359 dev->msix_entries_nr = 0; 360 memory_region_del_subregion(pba_bar, &dev->msix_pba_mmio); 361 g_free(dev->msix_pba); 362 dev->msix_pba = NULL; 363 memory_region_del_subregion(table_bar, &dev->msix_table_mmio); 364 g_free(dev->msix_table); 365 dev->msix_table = NULL; 366 g_free(dev->msix_entry_used); 367 dev->msix_entry_used = NULL; 368 dev->cap_present &= ~QEMU_PCI_CAP_MSIX; 369 } 370 371 void msix_uninit_exclusive_bar(PCIDevice *dev) 372 { 373 if (msix_present(dev)) { 374 msix_uninit(dev, &dev->msix_exclusive_bar, &dev->msix_exclusive_bar); 375 } 376 } 377 378 void msix_save(PCIDevice *dev, QEMUFile *f) 379 { 380 unsigned n = dev->msix_entries_nr; 381 382 if (!msix_present(dev)) { 383 return; 384 } 385 386 qemu_put_buffer(f, dev->msix_table, n * PCI_MSIX_ENTRY_SIZE); 387 qemu_put_buffer(f, dev->msix_pba, (n + 7) / 8); 388 } 389 390 /* Should be called after restoring the config space. */ 391 void msix_load(PCIDevice *dev, QEMUFile *f) 392 { 393 unsigned n = dev->msix_entries_nr; 394 unsigned int vector; 395 396 if (!msix_present(dev)) { 397 return; 398 } 399 400 msix_clear_all_vectors(dev); 401 qemu_get_buffer(f, dev->msix_table, n * PCI_MSIX_ENTRY_SIZE); 402 qemu_get_buffer(f, dev->msix_pba, (n + 7) / 8); 403 msix_update_function_masked(dev); 404 405 for (vector = 0; vector < n; vector++) { 406 msix_handle_mask_update(dev, vector, true); 407 } 408 } 409 410 /* Does device support MSI-X? */ 411 int msix_present(PCIDevice *dev) 412 { 413 return dev->cap_present & QEMU_PCI_CAP_MSIX; 414 } 415 416 /* Is MSI-X enabled? */ 417 int msix_enabled(PCIDevice *dev) 418 { 419 return (dev->cap_present & QEMU_PCI_CAP_MSIX) && 420 (dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] & 421 MSIX_ENABLE_MASK); 422 } 423 424 /* Send an MSI-X message */ 425 void msix_notify(PCIDevice *dev, unsigned vector) 426 { 427 MSIMessage msg; 428 429 if (vector >= dev->msix_entries_nr || !dev->msix_entry_used[vector]) 430 return; 431 if (msix_is_masked(dev, vector)) { 432 msix_set_pending(dev, vector); 433 return; 434 } 435 436 msg = msix_get_message(dev, vector); 437 438 stl_le_phys(&address_space_memory, msg.address, msg.data); 439 } 440 441 void msix_reset(PCIDevice *dev) 442 { 443 if (!msix_present(dev)) { 444 return; 445 } 446 msix_clear_all_vectors(dev); 447 dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] &= 448 ~dev->wmask[dev->msix_cap + MSIX_CONTROL_OFFSET]; 449 memset(dev->msix_table, 0, dev->msix_entries_nr * PCI_MSIX_ENTRY_SIZE); 450 memset(dev->msix_pba, 0, QEMU_ALIGN_UP(dev->msix_entries_nr, 64) / 8); 451 msix_mask_all(dev, dev->msix_entries_nr); 452 } 453 454 /* PCI spec suggests that devices make it possible for software to configure 455 * less vectors than supported by the device, but does not specify a standard 456 * mechanism for devices to do so. 457 * 458 * We support this by asking devices to declare vectors software is going to 459 * actually use, and checking this on the notification path. Devices that 460 * don't want to follow the spec suggestion can declare all vectors as used. */ 461 462 /* Mark vector as used. */ 463 int msix_vector_use(PCIDevice *dev, unsigned vector) 464 { 465 if (vector >= dev->msix_entries_nr) 466 return -EINVAL; 467 dev->msix_entry_used[vector]++; 468 return 0; 469 } 470 471 /* Mark vector as unused. */ 472 void msix_vector_unuse(PCIDevice *dev, unsigned vector) 473 { 474 if (vector >= dev->msix_entries_nr || !dev->msix_entry_used[vector]) { 475 return; 476 } 477 if (--dev->msix_entry_used[vector]) { 478 return; 479 } 480 msix_clr_pending(dev, vector); 481 } 482 483 void msix_unuse_all_vectors(PCIDevice *dev) 484 { 485 if (!msix_present(dev)) { 486 return; 487 } 488 msix_free_irq_entries(dev); 489 } 490 491 unsigned int msix_nr_vectors_allocated(const PCIDevice *dev) 492 { 493 return dev->msix_entries_nr; 494 } 495 496 static int msix_set_notifier_for_vector(PCIDevice *dev, unsigned int vector) 497 { 498 MSIMessage msg; 499 500 if (msix_is_masked(dev, vector)) { 501 return 0; 502 } 503 msg = msix_get_message(dev, vector); 504 return dev->msix_vector_use_notifier(dev, vector, msg); 505 } 506 507 static void msix_unset_notifier_for_vector(PCIDevice *dev, unsigned int vector) 508 { 509 if (msix_is_masked(dev, vector)) { 510 return; 511 } 512 dev->msix_vector_release_notifier(dev, vector); 513 } 514 515 int msix_set_vector_notifiers(PCIDevice *dev, 516 MSIVectorUseNotifier use_notifier, 517 MSIVectorReleaseNotifier release_notifier, 518 MSIVectorPollNotifier poll_notifier) 519 { 520 int vector, ret; 521 522 assert(use_notifier && release_notifier); 523 524 dev->msix_vector_use_notifier = use_notifier; 525 dev->msix_vector_release_notifier = release_notifier; 526 dev->msix_vector_poll_notifier = poll_notifier; 527 528 if ((dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] & 529 (MSIX_ENABLE_MASK | MSIX_MASKALL_MASK)) == MSIX_ENABLE_MASK) { 530 for (vector = 0; vector < dev->msix_entries_nr; vector++) { 531 ret = msix_set_notifier_for_vector(dev, vector); 532 if (ret < 0) { 533 goto undo; 534 } 535 } 536 } 537 if (dev->msix_vector_poll_notifier) { 538 dev->msix_vector_poll_notifier(dev, 0, dev->msix_entries_nr); 539 } 540 return 0; 541 542 undo: 543 while (--vector >= 0) { 544 msix_unset_notifier_for_vector(dev, vector); 545 } 546 dev->msix_vector_use_notifier = NULL; 547 dev->msix_vector_release_notifier = NULL; 548 return ret; 549 } 550 551 void msix_unset_vector_notifiers(PCIDevice *dev) 552 { 553 int vector; 554 555 assert(dev->msix_vector_use_notifier && 556 dev->msix_vector_release_notifier); 557 558 if ((dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] & 559 (MSIX_ENABLE_MASK | MSIX_MASKALL_MASK)) == MSIX_ENABLE_MASK) { 560 for (vector = 0; vector < dev->msix_entries_nr; vector++) { 561 msix_unset_notifier_for_vector(dev, vector); 562 } 563 } 564 dev->msix_vector_use_notifier = NULL; 565 dev->msix_vector_release_notifier = NULL; 566 dev->msix_vector_poll_notifier = NULL; 567 } 568 569 static void put_msix_state(QEMUFile *f, void *pv, size_t size) 570 { 571 msix_save(pv, f); 572 } 573 574 static int get_msix_state(QEMUFile *f, void *pv, size_t size) 575 { 576 msix_load(pv, f); 577 return 0; 578 } 579 580 static VMStateInfo vmstate_info_msix = { 581 .name = "msix state", 582 .get = get_msix_state, 583 .put = put_msix_state, 584 }; 585 586 const VMStateDescription vmstate_msix = { 587 .name = "msix", 588 .fields = (VMStateField[]) { 589 { 590 .name = "msix", 591 .version_id = 0, 592 .field_exists = NULL, 593 .size = 0, /* ouch */ 594 .info = &vmstate_info_msix, 595 .flags = VMS_SINGLE, 596 .offset = 0, 597 }, 598 VMSTATE_END_OF_LIST() 599 } 600 }; 601