1 /* 2 * MSI-X device support 3 * 4 * This module includes support for MSI-X in pci devices. 5 * 6 * Author: Michael S. Tsirkin <mst@redhat.com> 7 * 8 * Copyright (c) 2009, Red Hat Inc, Michael S. Tsirkin (mst@redhat.com) 9 * 10 * This work is licensed under the terms of the GNU GPL, version 2. See 11 * the COPYING file in the top-level directory. 12 * 13 * Contributions after 2012-01-13 are licensed under the terms of the 14 * GNU GPL, version 2 or (at your option) any later version. 15 */ 16 17 #include "hw/hw.h" 18 #include "hw/pci/msi.h" 19 #include "hw/pci/msix.h" 20 #include "hw/pci/pci.h" 21 #include "qemu/range.h" 22 23 #define MSIX_CAP_LENGTH 12 24 25 /* MSI enable bit and maskall bit are in byte 1 in FLAGS register */ 26 #define MSIX_CONTROL_OFFSET (PCI_MSIX_FLAGS + 1) 27 #define MSIX_ENABLE_MASK (PCI_MSIX_FLAGS_ENABLE >> 8) 28 #define MSIX_MASKALL_MASK (PCI_MSIX_FLAGS_MASKALL >> 8) 29 30 MSIMessage msix_get_message(PCIDevice *dev, unsigned vector) 31 { 32 uint8_t *table_entry = dev->msix_table + vector * PCI_MSIX_ENTRY_SIZE; 33 MSIMessage msg; 34 35 msg.address = pci_get_quad(table_entry + PCI_MSIX_ENTRY_LOWER_ADDR); 36 msg.data = pci_get_long(table_entry + PCI_MSIX_ENTRY_DATA); 37 return msg; 38 } 39 40 /* 41 * Special API for POWER to configure the vectors through 42 * a side channel. Should never be used by devices. 43 */ 44 void msix_set_message(PCIDevice *dev, int vector, struct MSIMessage msg) 45 { 46 uint8_t *table_entry = dev->msix_table + vector * PCI_MSIX_ENTRY_SIZE; 47 48 pci_set_quad(table_entry + PCI_MSIX_ENTRY_LOWER_ADDR, msg.address); 49 pci_set_long(table_entry + PCI_MSIX_ENTRY_DATA, msg.data); 50 table_entry[PCI_MSIX_ENTRY_VECTOR_CTRL] &= ~PCI_MSIX_ENTRY_CTRL_MASKBIT; 51 } 52 53 static uint8_t msix_pending_mask(int vector) 54 { 55 return 1 << (vector % 8); 56 } 57 58 static uint8_t *msix_pending_byte(PCIDevice *dev, int vector) 59 { 60 return dev->msix_pba + vector / 8; 61 } 62 63 static int msix_is_pending(PCIDevice *dev, int vector) 64 { 65 return *msix_pending_byte(dev, vector) & msix_pending_mask(vector); 66 } 67 68 void msix_set_pending(PCIDevice *dev, unsigned int vector) 69 { 70 *msix_pending_byte(dev, vector) |= msix_pending_mask(vector); 71 } 72 73 static void msix_clr_pending(PCIDevice *dev, int vector) 74 { 75 *msix_pending_byte(dev, vector) &= ~msix_pending_mask(vector); 76 } 77 78 static bool msix_vector_masked(PCIDevice *dev, unsigned int vector, bool fmask) 79 { 80 unsigned offset = vector * PCI_MSIX_ENTRY_SIZE + PCI_MSIX_ENTRY_VECTOR_CTRL; 81 return fmask || dev->msix_table[offset] & PCI_MSIX_ENTRY_CTRL_MASKBIT; 82 } 83 84 bool msix_is_masked(PCIDevice *dev, unsigned int vector) 85 { 86 return msix_vector_masked(dev, vector, dev->msix_function_masked); 87 } 88 89 static void msix_fire_vector_notifier(PCIDevice *dev, 90 unsigned int vector, bool is_masked) 91 { 92 MSIMessage msg; 93 int ret; 94 95 if (!dev->msix_vector_use_notifier) { 96 return; 97 } 98 if (is_masked) { 99 dev->msix_vector_release_notifier(dev, vector); 100 } else { 101 msg = msix_get_message(dev, vector); 102 ret = dev->msix_vector_use_notifier(dev, vector, msg); 103 assert(ret >= 0); 104 } 105 } 106 107 static void msix_handle_mask_update(PCIDevice *dev, int vector, bool was_masked) 108 { 109 bool is_masked = msix_is_masked(dev, vector); 110 111 if (is_masked == was_masked) { 112 return; 113 } 114 115 msix_fire_vector_notifier(dev, vector, is_masked); 116 117 if (!is_masked && msix_is_pending(dev, vector)) { 118 msix_clr_pending(dev, vector); 119 msix_notify(dev, vector); 120 } 121 } 122 123 static void msix_update_function_masked(PCIDevice *dev) 124 { 125 dev->msix_function_masked = !msix_enabled(dev) || 126 (dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] & MSIX_MASKALL_MASK); 127 } 128 129 /* Handle MSI-X capability config write. */ 130 void msix_write_config(PCIDevice *dev, uint32_t addr, 131 uint32_t val, int len) 132 { 133 unsigned enable_pos = dev->msix_cap + MSIX_CONTROL_OFFSET; 134 int vector; 135 bool was_masked; 136 137 if (!msix_present(dev) || !range_covers_byte(addr, len, enable_pos)) { 138 return; 139 } 140 141 was_masked = dev->msix_function_masked; 142 msix_update_function_masked(dev); 143 144 if (!msix_enabled(dev)) { 145 return; 146 } 147 148 pci_device_deassert_intx(dev); 149 150 if (dev->msix_function_masked == was_masked) { 151 return; 152 } 153 154 for (vector = 0; vector < dev->msix_entries_nr; ++vector) { 155 msix_handle_mask_update(dev, vector, 156 msix_vector_masked(dev, vector, was_masked)); 157 } 158 } 159 160 static uint64_t msix_table_mmio_read(void *opaque, hwaddr addr, 161 unsigned size) 162 { 163 PCIDevice *dev = opaque; 164 165 return pci_get_long(dev->msix_table + addr); 166 } 167 168 static void msix_table_mmio_write(void *opaque, hwaddr addr, 169 uint64_t val, unsigned size) 170 { 171 PCIDevice *dev = opaque; 172 int vector = addr / PCI_MSIX_ENTRY_SIZE; 173 bool was_masked; 174 175 was_masked = msix_is_masked(dev, vector); 176 pci_set_long(dev->msix_table + addr, val); 177 msix_handle_mask_update(dev, vector, was_masked); 178 } 179 180 static const MemoryRegionOps msix_table_mmio_ops = { 181 .read = msix_table_mmio_read, 182 .write = msix_table_mmio_write, 183 .endianness = DEVICE_LITTLE_ENDIAN, 184 .valid = { 185 .min_access_size = 4, 186 .max_access_size = 4, 187 }, 188 }; 189 190 static uint64_t msix_pba_mmio_read(void *opaque, hwaddr addr, 191 unsigned size) 192 { 193 PCIDevice *dev = opaque; 194 if (dev->msix_vector_poll_notifier) { 195 unsigned vector_start = addr * 8; 196 unsigned vector_end = MIN(addr + size * 8, dev->msix_entries_nr); 197 dev->msix_vector_poll_notifier(dev, vector_start, vector_end); 198 } 199 200 return pci_get_long(dev->msix_pba + addr); 201 } 202 203 static const MemoryRegionOps msix_pba_mmio_ops = { 204 .read = msix_pba_mmio_read, 205 .endianness = DEVICE_LITTLE_ENDIAN, 206 .valid = { 207 .min_access_size = 4, 208 .max_access_size = 4, 209 }, 210 }; 211 212 static void msix_mask_all(struct PCIDevice *dev, unsigned nentries) 213 { 214 int vector; 215 216 for (vector = 0; vector < nentries; ++vector) { 217 unsigned offset = 218 vector * PCI_MSIX_ENTRY_SIZE + PCI_MSIX_ENTRY_VECTOR_CTRL; 219 bool was_masked = msix_is_masked(dev, vector); 220 221 dev->msix_table[offset] |= PCI_MSIX_ENTRY_CTRL_MASKBIT; 222 msix_handle_mask_update(dev, vector, was_masked); 223 } 224 } 225 226 /* Initialize the MSI-X structures */ 227 int msix_init(struct PCIDevice *dev, unsigned short nentries, 228 MemoryRegion *table_bar, uint8_t table_bar_nr, 229 unsigned table_offset, MemoryRegion *pba_bar, 230 uint8_t pba_bar_nr, unsigned pba_offset, uint8_t cap_pos) 231 { 232 int cap; 233 unsigned table_size, pba_size; 234 uint8_t *config; 235 236 /* Nothing to do if MSI is not supported by interrupt controller */ 237 if (!msi_supported) { 238 return -ENOTSUP; 239 } 240 241 if (nentries < 1 || nentries > PCI_MSIX_FLAGS_QSIZE + 1) { 242 return -EINVAL; 243 } 244 245 table_size = nentries * PCI_MSIX_ENTRY_SIZE; 246 pba_size = QEMU_ALIGN_UP(nentries, 64) / 8; 247 248 /* Sanity test: table & pba don't overlap, fit within BARs, min aligned */ 249 if ((table_bar_nr == pba_bar_nr && 250 ranges_overlap(table_offset, table_size, pba_offset, pba_size)) || 251 table_offset + table_size > memory_region_size(table_bar) || 252 pba_offset + pba_size > memory_region_size(pba_bar) || 253 (table_offset | pba_offset) & PCI_MSIX_FLAGS_BIRMASK) { 254 return -EINVAL; 255 } 256 257 cap = pci_add_capability(dev, PCI_CAP_ID_MSIX, cap_pos, MSIX_CAP_LENGTH); 258 if (cap < 0) { 259 return cap; 260 } 261 262 dev->msix_cap = cap; 263 dev->cap_present |= QEMU_PCI_CAP_MSIX; 264 config = dev->config + cap; 265 266 pci_set_word(config + PCI_MSIX_FLAGS, nentries - 1); 267 dev->msix_entries_nr = nentries; 268 dev->msix_function_masked = true; 269 270 pci_set_long(config + PCI_MSIX_TABLE, table_offset | table_bar_nr); 271 pci_set_long(config + PCI_MSIX_PBA, pba_offset | pba_bar_nr); 272 273 /* Make flags bit writable. */ 274 dev->wmask[cap + MSIX_CONTROL_OFFSET] |= MSIX_ENABLE_MASK | 275 MSIX_MASKALL_MASK; 276 277 dev->msix_table = g_malloc0(table_size); 278 dev->msix_pba = g_malloc0(pba_size); 279 dev->msix_entry_used = g_malloc0(nentries * sizeof *dev->msix_entry_used); 280 281 msix_mask_all(dev, nentries); 282 283 memory_region_init_io(&dev->msix_table_mmio, OBJECT(dev), &msix_table_mmio_ops, dev, 284 "msix-table", table_size); 285 memory_region_add_subregion(table_bar, table_offset, &dev->msix_table_mmio); 286 memory_region_init_io(&dev->msix_pba_mmio, OBJECT(dev), &msix_pba_mmio_ops, dev, 287 "msix-pba", pba_size); 288 memory_region_add_subregion(pba_bar, pba_offset, &dev->msix_pba_mmio); 289 290 return 0; 291 } 292 293 int msix_init_exclusive_bar(PCIDevice *dev, unsigned short nentries, 294 uint8_t bar_nr) 295 { 296 int ret; 297 char *name; 298 uint32_t bar_size = 4096; 299 uint32_t bar_pba_offset = bar_size / 2; 300 uint32_t bar_pba_size = (nentries / 8 + 1) * 8; 301 302 /* 303 * Migration compatibility dictates that this remains a 4k 304 * BAR with the vector table in the lower half and PBA in 305 * the upper half for nentries which is lower or equal to 128. 306 * No need to care about using more than 65 entries for legacy 307 * machine types who has at most 64 queues. 308 */ 309 if (nentries * PCI_MSIX_ENTRY_SIZE > bar_pba_offset) { 310 bar_pba_offset = nentries * PCI_MSIX_ENTRY_SIZE; 311 } 312 313 if (bar_pba_offset + bar_pba_size > 4096) { 314 bar_size = bar_pba_offset + bar_pba_size; 315 } 316 317 if (bar_size & (bar_size - 1)) { 318 bar_size = 1 << qemu_fls(bar_size); 319 } 320 321 name = g_strdup_printf("%s-msix", dev->name); 322 memory_region_init(&dev->msix_exclusive_bar, OBJECT(dev), name, bar_size); 323 g_free(name); 324 325 ret = msix_init(dev, nentries, &dev->msix_exclusive_bar, bar_nr, 326 0, &dev->msix_exclusive_bar, 327 bar_nr, bar_pba_offset, 328 0); 329 if (ret) { 330 return ret; 331 } 332 333 pci_register_bar(dev, bar_nr, PCI_BASE_ADDRESS_SPACE_MEMORY, 334 &dev->msix_exclusive_bar); 335 336 return 0; 337 } 338 339 static void msix_free_irq_entries(PCIDevice *dev) 340 { 341 int vector; 342 343 for (vector = 0; vector < dev->msix_entries_nr; ++vector) { 344 dev->msix_entry_used[vector] = 0; 345 msix_clr_pending(dev, vector); 346 } 347 } 348 349 static void msix_clear_all_vectors(PCIDevice *dev) 350 { 351 int vector; 352 353 for (vector = 0; vector < dev->msix_entries_nr; ++vector) { 354 msix_clr_pending(dev, vector); 355 } 356 } 357 358 /* Clean up resources for the device. */ 359 void msix_uninit(PCIDevice *dev, MemoryRegion *table_bar, MemoryRegion *pba_bar) 360 { 361 if (!msix_present(dev)) { 362 return; 363 } 364 pci_del_capability(dev, PCI_CAP_ID_MSIX, MSIX_CAP_LENGTH); 365 dev->msix_cap = 0; 366 msix_free_irq_entries(dev); 367 dev->msix_entries_nr = 0; 368 memory_region_del_subregion(pba_bar, &dev->msix_pba_mmio); 369 g_free(dev->msix_pba); 370 dev->msix_pba = NULL; 371 memory_region_del_subregion(table_bar, &dev->msix_table_mmio); 372 g_free(dev->msix_table); 373 dev->msix_table = NULL; 374 g_free(dev->msix_entry_used); 375 dev->msix_entry_used = NULL; 376 dev->cap_present &= ~QEMU_PCI_CAP_MSIX; 377 } 378 379 void msix_uninit_exclusive_bar(PCIDevice *dev) 380 { 381 if (msix_present(dev)) { 382 msix_uninit(dev, &dev->msix_exclusive_bar, &dev->msix_exclusive_bar); 383 } 384 } 385 386 void msix_save(PCIDevice *dev, QEMUFile *f) 387 { 388 unsigned n = dev->msix_entries_nr; 389 390 if (!msix_present(dev)) { 391 return; 392 } 393 394 qemu_put_buffer(f, dev->msix_table, n * PCI_MSIX_ENTRY_SIZE); 395 qemu_put_buffer(f, dev->msix_pba, (n + 7) / 8); 396 } 397 398 /* Should be called after restoring the config space. */ 399 void msix_load(PCIDevice *dev, QEMUFile *f) 400 { 401 unsigned n = dev->msix_entries_nr; 402 unsigned int vector; 403 404 if (!msix_present(dev)) { 405 return; 406 } 407 408 msix_clear_all_vectors(dev); 409 qemu_get_buffer(f, dev->msix_table, n * PCI_MSIX_ENTRY_SIZE); 410 qemu_get_buffer(f, dev->msix_pba, (n + 7) / 8); 411 msix_update_function_masked(dev); 412 413 for (vector = 0; vector < n; vector++) { 414 msix_handle_mask_update(dev, vector, true); 415 } 416 } 417 418 /* Does device support MSI-X? */ 419 int msix_present(PCIDevice *dev) 420 { 421 return dev->cap_present & QEMU_PCI_CAP_MSIX; 422 } 423 424 /* Is MSI-X enabled? */ 425 int msix_enabled(PCIDevice *dev) 426 { 427 return (dev->cap_present & QEMU_PCI_CAP_MSIX) && 428 (dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] & 429 MSIX_ENABLE_MASK); 430 } 431 432 /* Send an MSI-X message */ 433 void msix_notify(PCIDevice *dev, unsigned vector) 434 { 435 MSIMessage msg; 436 437 if (vector >= dev->msix_entries_nr || !dev->msix_entry_used[vector]) 438 return; 439 if (msix_is_masked(dev, vector)) { 440 msix_set_pending(dev, vector); 441 return; 442 } 443 444 msg = msix_get_message(dev, vector); 445 446 msi_send_message(dev, msg); 447 } 448 449 void msix_reset(PCIDevice *dev) 450 { 451 if (!msix_present(dev)) { 452 return; 453 } 454 msix_clear_all_vectors(dev); 455 dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] &= 456 ~dev->wmask[dev->msix_cap + MSIX_CONTROL_OFFSET]; 457 memset(dev->msix_table, 0, dev->msix_entries_nr * PCI_MSIX_ENTRY_SIZE); 458 memset(dev->msix_pba, 0, QEMU_ALIGN_UP(dev->msix_entries_nr, 64) / 8); 459 msix_mask_all(dev, dev->msix_entries_nr); 460 } 461 462 /* PCI spec suggests that devices make it possible for software to configure 463 * less vectors than supported by the device, but does not specify a standard 464 * mechanism for devices to do so. 465 * 466 * We support this by asking devices to declare vectors software is going to 467 * actually use, and checking this on the notification path. Devices that 468 * don't want to follow the spec suggestion can declare all vectors as used. */ 469 470 /* Mark vector as used. */ 471 int msix_vector_use(PCIDevice *dev, unsigned vector) 472 { 473 if (vector >= dev->msix_entries_nr) 474 return -EINVAL; 475 dev->msix_entry_used[vector]++; 476 return 0; 477 } 478 479 /* Mark vector as unused. */ 480 void msix_vector_unuse(PCIDevice *dev, unsigned vector) 481 { 482 if (vector >= dev->msix_entries_nr || !dev->msix_entry_used[vector]) { 483 return; 484 } 485 if (--dev->msix_entry_used[vector]) { 486 return; 487 } 488 msix_clr_pending(dev, vector); 489 } 490 491 void msix_unuse_all_vectors(PCIDevice *dev) 492 { 493 if (!msix_present(dev)) { 494 return; 495 } 496 msix_free_irq_entries(dev); 497 } 498 499 unsigned int msix_nr_vectors_allocated(const PCIDevice *dev) 500 { 501 return dev->msix_entries_nr; 502 } 503 504 static int msix_set_notifier_for_vector(PCIDevice *dev, unsigned int vector) 505 { 506 MSIMessage msg; 507 508 if (msix_is_masked(dev, vector)) { 509 return 0; 510 } 511 msg = msix_get_message(dev, vector); 512 return dev->msix_vector_use_notifier(dev, vector, msg); 513 } 514 515 static void msix_unset_notifier_for_vector(PCIDevice *dev, unsigned int vector) 516 { 517 if (msix_is_masked(dev, vector)) { 518 return; 519 } 520 dev->msix_vector_release_notifier(dev, vector); 521 } 522 523 int msix_set_vector_notifiers(PCIDevice *dev, 524 MSIVectorUseNotifier use_notifier, 525 MSIVectorReleaseNotifier release_notifier, 526 MSIVectorPollNotifier poll_notifier) 527 { 528 int vector, ret; 529 530 assert(use_notifier && release_notifier); 531 532 dev->msix_vector_use_notifier = use_notifier; 533 dev->msix_vector_release_notifier = release_notifier; 534 dev->msix_vector_poll_notifier = poll_notifier; 535 536 if ((dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] & 537 (MSIX_ENABLE_MASK | MSIX_MASKALL_MASK)) == MSIX_ENABLE_MASK) { 538 for (vector = 0; vector < dev->msix_entries_nr; vector++) { 539 ret = msix_set_notifier_for_vector(dev, vector); 540 if (ret < 0) { 541 goto undo; 542 } 543 } 544 } 545 if (dev->msix_vector_poll_notifier) { 546 dev->msix_vector_poll_notifier(dev, 0, dev->msix_entries_nr); 547 } 548 return 0; 549 550 undo: 551 while (--vector >= 0) { 552 msix_unset_notifier_for_vector(dev, vector); 553 } 554 dev->msix_vector_use_notifier = NULL; 555 dev->msix_vector_release_notifier = NULL; 556 return ret; 557 } 558 559 void msix_unset_vector_notifiers(PCIDevice *dev) 560 { 561 int vector; 562 563 assert(dev->msix_vector_use_notifier && 564 dev->msix_vector_release_notifier); 565 566 if ((dev->config[dev->msix_cap + MSIX_CONTROL_OFFSET] & 567 (MSIX_ENABLE_MASK | MSIX_MASKALL_MASK)) == MSIX_ENABLE_MASK) { 568 for (vector = 0; vector < dev->msix_entries_nr; vector++) { 569 msix_unset_notifier_for_vector(dev, vector); 570 } 571 } 572 dev->msix_vector_use_notifier = NULL; 573 dev->msix_vector_release_notifier = NULL; 574 dev->msix_vector_poll_notifier = NULL; 575 } 576 577 static void put_msix_state(QEMUFile *f, void *pv, size_t size) 578 { 579 msix_save(pv, f); 580 } 581 582 static int get_msix_state(QEMUFile *f, void *pv, size_t size) 583 { 584 msix_load(pv, f); 585 return 0; 586 } 587 588 static VMStateInfo vmstate_info_msix = { 589 .name = "msix state", 590 .get = get_msix_state, 591 .put = put_msix_state, 592 }; 593 594 const VMStateDescription vmstate_msix = { 595 .name = "msix", 596 .fields = (VMStateField[]) { 597 { 598 .name = "msix", 599 .version_id = 0, 600 .field_exists = NULL, 601 .size = 0, /* ouch */ 602 .info = &vmstate_info_msix, 603 .flags = VMS_SINGLE, 604 .offset = 0, 605 }, 606 VMSTATE_END_OF_LIST() 607 } 608 }; 609