1 /*
2 * Copyright © 2018, 2021 Oracle and/or its affiliates.
3 *
4 * This work is licensed under the terms of the GNU GPL, version 2 or later.
5 * See the COPYING file in the top-level directory.
6 *
7 */
8
9 #include "qemu/osdep.h"
10
11 #include "hw/remote/proxy.h"
12 #include "hw/pci/pci.h"
13 #include "qapi/error.h"
14 #include "io/channel-util.h"
15 #include "hw/qdev-properties.h"
16 #include "monitor/monitor.h"
17 #include "migration/blocker.h"
18 #include "qemu/sockets.h"
19 #include "hw/remote/mpqemu-link.h"
20 #include "qemu/error-report.h"
21 #include "hw/remote/proxy-memory-listener.h"
22 #include "qom/object.h"
23 #include "qemu/event_notifier.h"
24 #include "sysemu/kvm.h"
25
26 static void probe_pci_info(PCIDevice *dev, Error **errp);
27 static void proxy_device_reset(DeviceState *dev);
28
proxy_intx_update(PCIDevice * pci_dev)29 static void proxy_intx_update(PCIDevice *pci_dev)
30 {
31 PCIProxyDev *dev = PCI_PROXY_DEV(pci_dev);
32 PCIINTxRoute route;
33 int pin = pci_get_byte(pci_dev->config + PCI_INTERRUPT_PIN) - 1;
34
35 if (dev->virq != -1) {
36 kvm_irqchip_remove_irqfd_notifier_gsi(kvm_state, &dev->intr, dev->virq);
37 dev->virq = -1;
38 }
39
40 route = pci_device_route_intx_to_irq(pci_dev, pin);
41
42 dev->virq = route.irq;
43
44 if (dev->virq != -1) {
45 kvm_irqchip_add_irqfd_notifier_gsi(kvm_state, &dev->intr,
46 &dev->resample, dev->virq);
47 }
48 }
49
setup_irqfd(PCIProxyDev * dev)50 static void setup_irqfd(PCIProxyDev *dev)
51 {
52 PCIDevice *pci_dev = PCI_DEVICE(dev);
53 MPQemuMsg msg;
54 Error *local_err = NULL;
55
56 event_notifier_init(&dev->intr, 0);
57 event_notifier_init(&dev->resample, 0);
58
59 memset(&msg, 0, sizeof(MPQemuMsg));
60 msg.cmd = MPQEMU_CMD_SET_IRQFD;
61 msg.num_fds = 2;
62 msg.fds[0] = event_notifier_get_fd(&dev->intr);
63 msg.fds[1] = event_notifier_get_fd(&dev->resample);
64 msg.size = 0;
65
66 if (!mpqemu_msg_send(&msg, dev->ioc, &local_err)) {
67 error_report_err(local_err);
68 }
69
70 dev->virq = -1;
71
72 proxy_intx_update(pci_dev);
73
74 pci_device_set_intx_routing_notifier(pci_dev, proxy_intx_update);
75 }
76
pci_proxy_dev_realize(PCIDevice * device,Error ** errp)77 static void pci_proxy_dev_realize(PCIDevice *device, Error **errp)
78 {
79 ERRP_GUARD();
80 PCIProxyDev *dev = PCI_PROXY_DEV(device);
81 uint8_t *pci_conf = device->config;
82 int fd;
83
84 if (!dev->fd) {
85 error_setg(errp, "fd parameter not specified for %s",
86 DEVICE(device)->id);
87 return;
88 }
89
90 fd = monitor_fd_param(monitor_cur(), dev->fd, errp);
91 if (fd == -1) {
92 error_prepend(errp, "proxy: unable to parse fd %s: ", dev->fd);
93 return;
94 }
95
96 if (!fd_is_socket(fd)) {
97 error_setg(errp, "proxy: fd %d is not a socket", fd);
98 close(fd);
99 return;
100 }
101
102 dev->ioc = qio_channel_new_fd(fd, errp);
103 if (!dev->ioc) {
104 close(fd);
105 return;
106 }
107
108 error_setg(&dev->migration_blocker, "%s does not support migration",
109 TYPE_PCI_PROXY_DEV);
110 if (migrate_add_blocker(&dev->migration_blocker, errp) < 0) {
111 object_unref(dev->ioc);
112 return;
113 }
114
115 qemu_mutex_init(&dev->io_mutex);
116 qio_channel_set_blocking(dev->ioc, true, NULL);
117
118 pci_conf[PCI_LATENCY_TIMER] = 0xff;
119 pci_conf[PCI_INTERRUPT_PIN] = 0x01;
120
121 proxy_memory_listener_configure(&dev->proxy_listener, dev->ioc);
122
123 setup_irqfd(dev);
124
125 probe_pci_info(PCI_DEVICE(dev), errp);
126 }
127
pci_proxy_dev_exit(PCIDevice * pdev)128 static void pci_proxy_dev_exit(PCIDevice *pdev)
129 {
130 PCIProxyDev *dev = PCI_PROXY_DEV(pdev);
131
132 if (dev->ioc) {
133 qio_channel_close(dev->ioc, NULL);
134 }
135
136 migrate_del_blocker(&dev->migration_blocker);
137
138 proxy_memory_listener_deconfigure(&dev->proxy_listener);
139
140 event_notifier_cleanup(&dev->intr);
141 event_notifier_cleanup(&dev->resample);
142 }
143
config_op_send(PCIProxyDev * pdev,uint32_t addr,uint32_t * val,int len,unsigned int op)144 static void config_op_send(PCIProxyDev *pdev, uint32_t addr, uint32_t *val,
145 int len, unsigned int op)
146 {
147 MPQemuMsg msg = { 0 };
148 uint64_t ret = -EINVAL;
149 Error *local_err = NULL;
150
151 msg.cmd = op;
152 msg.data.pci_conf_data.addr = addr;
153 msg.data.pci_conf_data.val = (op == MPQEMU_CMD_PCI_CFGWRITE) ? *val : 0;
154 msg.data.pci_conf_data.len = len;
155 msg.size = sizeof(PciConfDataMsg);
156
157 ret = mpqemu_msg_send_and_await_reply(&msg, pdev, &local_err);
158 if (local_err) {
159 error_report_err(local_err);
160 }
161
162 if (ret == UINT64_MAX) {
163 error_report("Failed to perform PCI config %s operation",
164 (op == MPQEMU_CMD_PCI_CFGREAD) ? "READ" : "WRITE");
165 }
166
167 if (op == MPQEMU_CMD_PCI_CFGREAD) {
168 *val = (uint32_t)ret;
169 }
170 }
171
pci_proxy_read_config(PCIDevice * d,uint32_t addr,int len)172 static uint32_t pci_proxy_read_config(PCIDevice *d, uint32_t addr, int len)
173 {
174 uint32_t val;
175
176 config_op_send(PCI_PROXY_DEV(d), addr, &val, len, MPQEMU_CMD_PCI_CFGREAD);
177
178 return val;
179 }
180
pci_proxy_write_config(PCIDevice * d,uint32_t addr,uint32_t val,int len)181 static void pci_proxy_write_config(PCIDevice *d, uint32_t addr, uint32_t val,
182 int len)
183 {
184 /*
185 * Some of the functions access the copy of remote device's PCI config
186 * space which is cached in the proxy device. Therefore, maintain
187 * it updated.
188 */
189 pci_default_write_config(d, addr, val, len);
190
191 config_op_send(PCI_PROXY_DEV(d), addr, &val, len, MPQEMU_CMD_PCI_CFGWRITE);
192 }
193
194 static Property proxy_properties[] = {
195 DEFINE_PROP_STRING("fd", PCIProxyDev, fd),
196 DEFINE_PROP_END_OF_LIST(),
197 };
198
pci_proxy_dev_class_init(ObjectClass * klass,void * data)199 static void pci_proxy_dev_class_init(ObjectClass *klass, void *data)
200 {
201 DeviceClass *dc = DEVICE_CLASS(klass);
202 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
203
204 k->realize = pci_proxy_dev_realize;
205 k->exit = pci_proxy_dev_exit;
206 k->config_read = pci_proxy_read_config;
207 k->config_write = pci_proxy_write_config;
208
209 dc->reset = proxy_device_reset;
210
211 device_class_set_props(dc, proxy_properties);
212 }
213
214 static const TypeInfo pci_proxy_dev_type_info = {
215 .name = TYPE_PCI_PROXY_DEV,
216 .parent = TYPE_PCI_DEVICE,
217 .instance_size = sizeof(PCIProxyDev),
218 .class_init = pci_proxy_dev_class_init,
219 .interfaces = (InterfaceInfo[]) {
220 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
221 { },
222 },
223 };
224
pci_proxy_dev_register_types(void)225 static void pci_proxy_dev_register_types(void)
226 {
227 type_register_static(&pci_proxy_dev_type_info);
228 }
229
type_init(pci_proxy_dev_register_types)230 type_init(pci_proxy_dev_register_types)
231
232 static void send_bar_access_msg(PCIProxyDev *pdev, MemoryRegion *mr,
233 bool write, hwaddr addr, uint64_t *val,
234 unsigned size, bool memory)
235 {
236 MPQemuMsg msg = { 0 };
237 long ret = -EINVAL;
238 Error *local_err = NULL;
239
240 msg.size = sizeof(BarAccessMsg);
241 msg.data.bar_access.addr = mr->addr + addr;
242 msg.data.bar_access.size = size;
243 msg.data.bar_access.memory = memory;
244
245 if (write) {
246 msg.cmd = MPQEMU_CMD_BAR_WRITE;
247 msg.data.bar_access.val = *val;
248 } else {
249 msg.cmd = MPQEMU_CMD_BAR_READ;
250 }
251
252 ret = mpqemu_msg_send_and_await_reply(&msg, pdev, &local_err);
253 if (local_err) {
254 error_report_err(local_err);
255 }
256
257 if (!write) {
258 *val = ret;
259 }
260 }
261
proxy_bar_write(void * opaque,hwaddr addr,uint64_t val,unsigned size)262 static void proxy_bar_write(void *opaque, hwaddr addr, uint64_t val,
263 unsigned size)
264 {
265 ProxyMemoryRegion *pmr = opaque;
266
267 send_bar_access_msg(pmr->dev, &pmr->mr, true, addr, &val, size,
268 pmr->memory);
269 }
270
proxy_bar_read(void * opaque,hwaddr addr,unsigned size)271 static uint64_t proxy_bar_read(void *opaque, hwaddr addr, unsigned size)
272 {
273 ProxyMemoryRegion *pmr = opaque;
274 uint64_t val;
275
276 send_bar_access_msg(pmr->dev, &pmr->mr, false, addr, &val, size,
277 pmr->memory);
278
279 return val;
280 }
281
282 const MemoryRegionOps proxy_mr_ops = {
283 .read = proxy_bar_read,
284 .write = proxy_bar_write,
285 .endianness = DEVICE_NATIVE_ENDIAN,
286 .impl = {
287 .min_access_size = 1,
288 .max_access_size = 8,
289 },
290 };
291
probe_pci_info(PCIDevice * dev,Error ** errp)292 static void probe_pci_info(PCIDevice *dev, Error **errp)
293 {
294 PCIDeviceClass *pc = PCI_DEVICE_GET_CLASS(dev);
295 uint32_t orig_val, new_val, base_class, val;
296 PCIProxyDev *pdev = PCI_PROXY_DEV(dev);
297 DeviceClass *dc = DEVICE_CLASS(pc);
298 uint8_t type;
299 int i, size;
300
301 config_op_send(pdev, PCI_VENDOR_ID, &val, 2, MPQEMU_CMD_PCI_CFGREAD);
302 pc->vendor_id = (uint16_t)val;
303
304 config_op_send(pdev, PCI_DEVICE_ID, &val, 2, MPQEMU_CMD_PCI_CFGREAD);
305 pc->device_id = (uint16_t)val;
306
307 config_op_send(pdev, PCI_CLASS_DEVICE, &val, 2, MPQEMU_CMD_PCI_CFGREAD);
308 pc->class_id = (uint16_t)val;
309
310 config_op_send(pdev, PCI_SUBSYSTEM_ID, &val, 2, MPQEMU_CMD_PCI_CFGREAD);
311 pc->subsystem_id = (uint16_t)val;
312
313 base_class = pc->class_id >> 4;
314 switch (base_class) {
315 case PCI_BASE_CLASS_BRIDGE:
316 set_bit(DEVICE_CATEGORY_BRIDGE, dc->categories);
317 break;
318 case PCI_BASE_CLASS_STORAGE:
319 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
320 break;
321 case PCI_BASE_CLASS_NETWORK:
322 case PCI_BASE_CLASS_WIRELESS:
323 set_bit(DEVICE_CATEGORY_NETWORK, dc->categories);
324 break;
325 case PCI_BASE_CLASS_INPUT:
326 set_bit(DEVICE_CATEGORY_INPUT, dc->categories);
327 break;
328 case PCI_BASE_CLASS_DISPLAY:
329 set_bit(DEVICE_CATEGORY_DISPLAY, dc->categories);
330 break;
331 case PCI_BASE_CLASS_PROCESSOR:
332 set_bit(DEVICE_CATEGORY_CPU, dc->categories);
333 break;
334 default:
335 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
336 break;
337 }
338
339 for (i = 0; i < PCI_NUM_REGIONS; i++) {
340 config_op_send(pdev, PCI_BASE_ADDRESS_0 + (4 * i), &orig_val, 4,
341 MPQEMU_CMD_PCI_CFGREAD);
342 new_val = 0xffffffff;
343 config_op_send(pdev, PCI_BASE_ADDRESS_0 + (4 * i), &new_val, 4,
344 MPQEMU_CMD_PCI_CFGWRITE);
345 config_op_send(pdev, PCI_BASE_ADDRESS_0 + (4 * i), &new_val, 4,
346 MPQEMU_CMD_PCI_CFGREAD);
347 size = (~(new_val & 0xFFFFFFF0)) + 1;
348 config_op_send(pdev, PCI_BASE_ADDRESS_0 + (4 * i), &orig_val, 4,
349 MPQEMU_CMD_PCI_CFGWRITE);
350 type = (new_val & 0x1) ?
351 PCI_BASE_ADDRESS_SPACE_IO : PCI_BASE_ADDRESS_SPACE_MEMORY;
352
353 if (size) {
354 g_autofree char *name = g_strdup_printf("bar-region-%d", i);
355 pdev->region[i].dev = pdev;
356 pdev->region[i].present = true;
357 if (type == PCI_BASE_ADDRESS_SPACE_MEMORY) {
358 pdev->region[i].memory = true;
359 }
360 memory_region_init_io(&pdev->region[i].mr, OBJECT(pdev),
361 &proxy_mr_ops, &pdev->region[i],
362 name, size);
363 pci_register_bar(dev, i, type, &pdev->region[i].mr);
364 }
365 }
366 }
367
proxy_device_reset(DeviceState * dev)368 static void proxy_device_reset(DeviceState *dev)
369 {
370 PCIProxyDev *pdev = PCI_PROXY_DEV(dev);
371 MPQemuMsg msg = { 0 };
372 Error *local_err = NULL;
373
374 msg.cmd = MPQEMU_CMD_DEVICE_RESET;
375 msg.size = 0;
376
377 mpqemu_msg_send_and_await_reply(&msg, pdev, &local_err);
378 if (local_err) {
379 error_report_err(local_err);
380 }
381
382 }
383