1 /*- 2 * Copyright (c) 2004-2006 Kip Macy 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 */ 26 27 #include <sys/cdefs.h> 28 __FBSDID("$FreeBSD$"); 29 30 #include "opt_inet.h" 31 #include "opt_inet6.h" 32 33 #include <sys/param.h> 34 #include <sys/systm.h> 35 #include <sys/sockio.h> 36 #include <sys/limits.h> 37 #include <sys/mbuf.h> 38 #include <sys/malloc.h> 39 #include <sys/module.h> 40 #include <sys/kernel.h> 41 #include <sys/socket.h> 42 #include <sys/sysctl.h> 43 #include <sys/queue.h> 44 #include <sys/lock.h> 45 #include <sys/sx.h> 46 47 #include <net/if.h> 48 #include <net/if_var.h> 49 #include <net/if_arp.h> 50 #include <net/ethernet.h> 51 #include <net/if_dl.h> 52 #include <net/if_media.h> 53 54 #include <net/bpf.h> 55 56 #include <net/if_types.h> 57 58 #include <netinet/in_systm.h> 59 #include <netinet/in.h> 60 #include <netinet/ip.h> 61 #include <netinet/if_ether.h> 62 #if __FreeBSD_version >= 700000 63 #include <netinet/tcp.h> 64 #include <netinet/tcp_lro.h> 65 #endif 66 67 #include <vm/vm.h> 68 #include <vm/pmap.h> 69 70 #include <machine/clock.h> /* for DELAY */ 71 #include <machine/bus.h> 72 #include <machine/resource.h> 73 #include <machine/frame.h> 74 #include <machine/vmparam.h> 75 76 #include <sys/bus.h> 77 #include <sys/rman.h> 78 79 #include <machine/intr_machdep.h> 80 81 #include <xen/xen-os.h> 82 #include <xen/hypervisor.h> 83 #include <xen/xen_intr.h> 84 #include <xen/gnttab.h> 85 #include <xen/interface/memory.h> 86 #include <xen/interface/io/netif.h> 87 #include <xen/xenbus/xenbusvar.h> 88 89 #include "xenbus_if.h" 90 91 /* Features supported by all backends. TSO and LRO can be negotiated */ 92 #define XN_CSUM_FEATURES (CSUM_TCP | CSUM_UDP) 93 94 #define NET_TX_RING_SIZE __RING_SIZE((netif_tx_sring_t *)0, PAGE_SIZE) 95 #define NET_RX_RING_SIZE __RING_SIZE((netif_rx_sring_t *)0, PAGE_SIZE) 96 97 #if __FreeBSD_version >= 700000 98 /* 99 * Should the driver do LRO on the RX end 100 * this can be toggled on the fly, but the 101 * interface must be reset (down/up) for it 102 * to take effect. 103 */ 104 static int xn_enable_lro = 1; 105 TUNABLE_INT("hw.xn.enable_lro", &xn_enable_lro); 106 #else 107 108 #define IFCAP_TSO4 0 109 #define CSUM_TSO 0 110 111 #endif 112 113 #ifdef CONFIG_XEN 114 static int MODPARM_rx_copy = 0; 115 module_param_named(rx_copy, MODPARM_rx_copy, bool, 0); 116 MODULE_PARM_DESC(rx_copy, "Copy packets from network card (rather than flip)"); 117 static int MODPARM_rx_flip = 0; 118 module_param_named(rx_flip, MODPARM_rx_flip, bool, 0); 119 MODULE_PARM_DESC(rx_flip, "Flip packets from network card (rather than copy)"); 120 #else 121 static const int MODPARM_rx_copy = 1; 122 static const int MODPARM_rx_flip = 0; 123 #endif 124 125 /** 126 * \brief The maximum allowed data fragments in a single transmit 127 * request. 128 * 129 * This limit is imposed by the backend driver. We assume here that 130 * we are dealing with a Linux driver domain and have set our limit 131 * to mirror the Linux MAX_SKB_FRAGS constant. 132 */ 133 #define MAX_TX_REQ_FRAGS (65536 / PAGE_SIZE + 2) 134 135 #define RX_COPY_THRESHOLD 256 136 137 #define net_ratelimit() 0 138 139 struct netfront_info; 140 struct netfront_rx_info; 141 142 static void xn_txeof(struct netfront_info *); 143 static void xn_rxeof(struct netfront_info *); 144 static void network_alloc_rx_buffers(struct netfront_info *); 145 146 static void xn_tick_locked(struct netfront_info *); 147 static void xn_tick(void *); 148 149 static void xn_intr(void *); 150 static inline int xn_count_frags(struct mbuf *m); 151 static int xn_assemble_tx_request(struct netfront_info *sc, 152 struct mbuf *m_head); 153 static void xn_start_locked(struct ifnet *); 154 static void xn_start(struct ifnet *); 155 static int xn_ioctl(struct ifnet *, u_long, caddr_t); 156 static void xn_ifinit_locked(struct netfront_info *); 157 static void xn_ifinit(void *); 158 static void xn_stop(struct netfront_info *); 159 static void xn_query_features(struct netfront_info *np); 160 static int xn_configure_features(struct netfront_info *np); 161 #ifdef notyet 162 static void xn_watchdog(struct ifnet *); 163 #endif 164 165 #ifdef notyet 166 static void netfront_closing(device_t dev); 167 #endif 168 static void netif_free(struct netfront_info *info); 169 static int netfront_detach(device_t dev); 170 171 static int talk_to_backend(device_t dev, struct netfront_info *info); 172 static int create_netdev(device_t dev); 173 static void netif_disconnect_backend(struct netfront_info *info); 174 static int setup_device(device_t dev, struct netfront_info *info); 175 static void free_ring(int *ref, void *ring_ptr_ref); 176 177 static int xn_ifmedia_upd(struct ifnet *ifp); 178 static void xn_ifmedia_sts(struct ifnet *ifp, struct ifmediareq *ifmr); 179 180 /* Xenolinux helper functions */ 181 int network_connect(struct netfront_info *); 182 183 static void xn_free_rx_ring(struct netfront_info *); 184 185 static void xn_free_tx_ring(struct netfront_info *); 186 187 static int xennet_get_responses(struct netfront_info *np, 188 struct netfront_rx_info *rinfo, RING_IDX rp, RING_IDX *cons, 189 struct mbuf **list, int *pages_flipped_p); 190 191 #define virt_to_mfn(x) (vtophys(x) >> PAGE_SHIFT) 192 193 #define INVALID_P2M_ENTRY (~0UL) 194 195 /* 196 * Mbuf pointers. We need these to keep track of the virtual addresses 197 * of our mbuf chains since we can only convert from virtual to physical, 198 * not the other way around. The size must track the free index arrays. 199 */ 200 struct xn_chain_data { 201 struct mbuf *xn_tx_chain[NET_TX_RING_SIZE+1]; 202 int xn_tx_chain_cnt; 203 struct mbuf *xn_rx_chain[NET_RX_RING_SIZE+1]; 204 }; 205 206 struct net_device_stats 207 { 208 u_long rx_packets; /* total packets received */ 209 u_long tx_packets; /* total packets transmitted */ 210 u_long rx_bytes; /* total bytes received */ 211 u_long tx_bytes; /* total bytes transmitted */ 212 u_long rx_errors; /* bad packets received */ 213 u_long tx_errors; /* packet transmit problems */ 214 u_long rx_dropped; /* no space in linux buffers */ 215 u_long tx_dropped; /* no space available in linux */ 216 u_long multicast; /* multicast packets received */ 217 u_long collisions; 218 219 /* detailed rx_errors: */ 220 u_long rx_length_errors; 221 u_long rx_over_errors; /* receiver ring buff overflow */ 222 u_long rx_crc_errors; /* recved pkt with crc error */ 223 u_long rx_frame_errors; /* recv'd frame alignment error */ 224 u_long rx_fifo_errors; /* recv'r fifo overrun */ 225 u_long rx_missed_errors; /* receiver missed packet */ 226 227 /* detailed tx_errors */ 228 u_long tx_aborted_errors; 229 u_long tx_carrier_errors; 230 u_long tx_fifo_errors; 231 u_long tx_heartbeat_errors; 232 u_long tx_window_errors; 233 234 /* for cslip etc */ 235 u_long rx_compressed; 236 u_long tx_compressed; 237 }; 238 239 struct netfront_info { 240 struct ifnet *xn_ifp; 241 #if __FreeBSD_version >= 700000 242 struct lro_ctrl xn_lro; 243 #endif 244 245 struct net_device_stats stats; 246 u_int tx_full; 247 248 netif_tx_front_ring_t tx; 249 netif_rx_front_ring_t rx; 250 251 struct mtx tx_lock; 252 struct mtx rx_lock; 253 struct mtx sc_lock; 254 255 xen_intr_handle_t xen_intr_handle; 256 u_int copying_receiver; 257 u_int carrier; 258 u_int maxfrags; 259 260 /* Receive-ring batched refills. */ 261 #define RX_MIN_TARGET 32 262 #define RX_MAX_TARGET NET_RX_RING_SIZE 263 int rx_min_target; 264 int rx_max_target; 265 int rx_target; 266 267 grant_ref_t gref_tx_head; 268 grant_ref_t grant_tx_ref[NET_TX_RING_SIZE + 1]; 269 grant_ref_t gref_rx_head; 270 grant_ref_t grant_rx_ref[NET_TX_RING_SIZE + 1]; 271 272 device_t xbdev; 273 int tx_ring_ref; 274 int rx_ring_ref; 275 uint8_t mac[ETHER_ADDR_LEN]; 276 struct xn_chain_data xn_cdata; /* mbufs */ 277 struct mbufq xn_rx_batch; /* batch queue */ 278 279 int xn_if_flags; 280 struct callout xn_stat_ch; 281 282 u_long rx_pfn_array[NET_RX_RING_SIZE]; 283 struct ifmedia sc_media; 284 285 bool xn_resume; 286 }; 287 288 #define rx_mbufs xn_cdata.xn_rx_chain 289 #define tx_mbufs xn_cdata.xn_tx_chain 290 291 #define XN_LOCK_INIT(_sc, _name) \ 292 mtx_init(&(_sc)->tx_lock, #_name"_tx", "network transmit lock", MTX_DEF); \ 293 mtx_init(&(_sc)->rx_lock, #_name"_rx", "network receive lock", MTX_DEF); \ 294 mtx_init(&(_sc)->sc_lock, #_name"_sc", "netfront softc lock", MTX_DEF) 295 296 #define XN_RX_LOCK(_sc) mtx_lock(&(_sc)->rx_lock) 297 #define XN_RX_UNLOCK(_sc) mtx_unlock(&(_sc)->rx_lock) 298 299 #define XN_TX_LOCK(_sc) mtx_lock(&(_sc)->tx_lock) 300 #define XN_TX_UNLOCK(_sc) mtx_unlock(&(_sc)->tx_lock) 301 302 #define XN_LOCK(_sc) mtx_lock(&(_sc)->sc_lock); 303 #define XN_UNLOCK(_sc) mtx_unlock(&(_sc)->sc_lock); 304 305 #define XN_LOCK_ASSERT(_sc) mtx_assert(&(_sc)->sc_lock, MA_OWNED); 306 #define XN_RX_LOCK_ASSERT(_sc) mtx_assert(&(_sc)->rx_lock, MA_OWNED); 307 #define XN_TX_LOCK_ASSERT(_sc) mtx_assert(&(_sc)->tx_lock, MA_OWNED); 308 #define XN_LOCK_DESTROY(_sc) mtx_destroy(&(_sc)->rx_lock); \ 309 mtx_destroy(&(_sc)->tx_lock); \ 310 mtx_destroy(&(_sc)->sc_lock); 311 312 struct netfront_rx_info { 313 struct netif_rx_response rx; 314 struct netif_extra_info extras[XEN_NETIF_EXTRA_TYPE_MAX - 1]; 315 }; 316 317 #define netfront_carrier_on(netif) ((netif)->carrier = 1) 318 #define netfront_carrier_off(netif) ((netif)->carrier = 0) 319 #define netfront_carrier_ok(netif) ((netif)->carrier) 320 321 /* Access macros for acquiring freeing slots in xn_free_{tx,rx}_idxs[]. */ 322 323 static inline void 324 add_id_to_freelist(struct mbuf **list, uintptr_t id) 325 { 326 KASSERT(id != 0, 327 ("%s: the head item (0) must always be free.", __func__)); 328 list[id] = list[0]; 329 list[0] = (struct mbuf *)id; 330 } 331 332 static inline unsigned short 333 get_id_from_freelist(struct mbuf **list) 334 { 335 uintptr_t id; 336 337 id = (uintptr_t)list[0]; 338 KASSERT(id != 0, 339 ("%s: the head item (0) must always remain free.", __func__)); 340 list[0] = list[id]; 341 return (id); 342 } 343 344 static inline int 345 xennet_rxidx(RING_IDX idx) 346 { 347 return idx & (NET_RX_RING_SIZE - 1); 348 } 349 350 static inline struct mbuf * 351 xennet_get_rx_mbuf(struct netfront_info *np, RING_IDX ri) 352 { 353 int i = xennet_rxidx(ri); 354 struct mbuf *m; 355 356 m = np->rx_mbufs[i]; 357 np->rx_mbufs[i] = NULL; 358 return (m); 359 } 360 361 static inline grant_ref_t 362 xennet_get_rx_ref(struct netfront_info *np, RING_IDX ri) 363 { 364 int i = xennet_rxidx(ri); 365 grant_ref_t ref = np->grant_rx_ref[i]; 366 KASSERT(ref != GRANT_REF_INVALID, ("Invalid grant reference!\n")); 367 np->grant_rx_ref[i] = GRANT_REF_INVALID; 368 return ref; 369 } 370 371 #define IPRINTK(fmt, args...) \ 372 printf("[XEN] " fmt, ##args) 373 #ifdef INVARIANTS 374 #define WPRINTK(fmt, args...) \ 375 printf("[XEN] " fmt, ##args) 376 #else 377 #define WPRINTK(fmt, args...) 378 #endif 379 #ifdef DEBUG 380 #define DPRINTK(fmt, args...) \ 381 printf("[XEN] %s: " fmt, __func__, ##args) 382 #else 383 #define DPRINTK(fmt, args...) 384 #endif 385 386 /** 387 * Read the 'mac' node at the given device's node in the store, and parse that 388 * as colon-separated octets, placing result the given mac array. mac must be 389 * a preallocated array of length ETH_ALEN (as declared in linux/if_ether.h). 390 * Return 0 on success, or errno on error. 391 */ 392 static int 393 xen_net_read_mac(device_t dev, uint8_t mac[]) 394 { 395 int error, i; 396 char *s, *e, *macstr; 397 const char *path; 398 399 path = xenbus_get_node(dev); 400 error = xs_read(XST_NIL, path, "mac", NULL, (void **) &macstr); 401 if (error == ENOENT) { 402 /* 403 * Deal with missing mac XenStore nodes on devices with 404 * HVM emulation (the 'ioemu' configuration attribute) 405 * enabled. 406 * 407 * The HVM emulator may execute in a stub device model 408 * domain which lacks the permission, only given to Dom0, 409 * to update the guest's XenStore tree. For this reason, 410 * the HVM emulator doesn't even attempt to write the 411 * front-side mac node, even when operating in Dom0. 412 * However, there should always be a mac listed in the 413 * backend tree. Fallback to this version if our query 414 * of the front side XenStore location doesn't find 415 * anything. 416 */ 417 path = xenbus_get_otherend_path(dev); 418 error = xs_read(XST_NIL, path, "mac", NULL, (void **) &macstr); 419 } 420 if (error != 0) { 421 xenbus_dev_fatal(dev, error, "parsing %s/mac", path); 422 return (error); 423 } 424 425 s = macstr; 426 for (i = 0; i < ETHER_ADDR_LEN; i++) { 427 mac[i] = strtoul(s, &e, 16); 428 if (s == e || (e[0] != ':' && e[0] != 0)) { 429 free(macstr, M_XENBUS); 430 return (ENOENT); 431 } 432 s = &e[1]; 433 } 434 free(macstr, M_XENBUS); 435 return (0); 436 } 437 438 /** 439 * Entry point to this code when a new device is created. Allocate the basic 440 * structures and the ring buffers for communication with the backend, and 441 * inform the backend of the appropriate details for those. Switch to 442 * Connected state. 443 */ 444 static int 445 netfront_probe(device_t dev) 446 { 447 448 if (xen_hvm_domain() && xen_disable_pv_nics != 0) 449 return (ENXIO); 450 451 if (!strcmp(xenbus_get_type(dev), "vif")) { 452 device_set_desc(dev, "Virtual Network Interface"); 453 return (0); 454 } 455 456 return (ENXIO); 457 } 458 459 static int 460 netfront_attach(device_t dev) 461 { 462 int err; 463 464 err = create_netdev(dev); 465 if (err) { 466 xenbus_dev_fatal(dev, err, "creating netdev"); 467 return (err); 468 } 469 470 #if __FreeBSD_version >= 700000 471 SYSCTL_ADD_INT(device_get_sysctl_ctx(dev), 472 SYSCTL_CHILDREN(device_get_sysctl_tree(dev)), 473 OID_AUTO, "enable_lro", CTLFLAG_RW, 474 &xn_enable_lro, 0, "Large Receive Offload"); 475 #endif 476 477 return (0); 478 } 479 480 static int 481 netfront_suspend(device_t dev) 482 { 483 struct netfront_info *info = device_get_softc(dev); 484 485 XN_RX_LOCK(info); 486 XN_TX_LOCK(info); 487 netfront_carrier_off(info); 488 XN_TX_UNLOCK(info); 489 XN_RX_UNLOCK(info); 490 return (0); 491 } 492 493 /** 494 * We are reconnecting to the backend, due to a suspend/resume, or a backend 495 * driver restart. We tear down our netif structure and recreate it, but 496 * leave the device-layer structures intact so that this is transparent to the 497 * rest of the kernel. 498 */ 499 static int 500 netfront_resume(device_t dev) 501 { 502 struct netfront_info *info = device_get_softc(dev); 503 504 info->xn_resume = true; 505 netif_disconnect_backend(info); 506 return (0); 507 } 508 509 /* Common code used when first setting up, and when resuming. */ 510 static int 511 talk_to_backend(device_t dev, struct netfront_info *info) 512 { 513 const char *message; 514 struct xs_transaction xst; 515 const char *node = xenbus_get_node(dev); 516 int err; 517 518 err = xen_net_read_mac(dev, info->mac); 519 if (err) { 520 xenbus_dev_fatal(dev, err, "parsing %s/mac", node); 521 goto out; 522 } 523 524 /* Create shared ring, alloc event channel. */ 525 err = setup_device(dev, info); 526 if (err) 527 goto out; 528 529 again: 530 err = xs_transaction_start(&xst); 531 if (err) { 532 xenbus_dev_fatal(dev, err, "starting transaction"); 533 goto destroy_ring; 534 } 535 err = xs_printf(xst, node, "tx-ring-ref","%u", 536 info->tx_ring_ref); 537 if (err) { 538 message = "writing tx ring-ref"; 539 goto abort_transaction; 540 } 541 err = xs_printf(xst, node, "rx-ring-ref","%u", 542 info->rx_ring_ref); 543 if (err) { 544 message = "writing rx ring-ref"; 545 goto abort_transaction; 546 } 547 err = xs_printf(xst, node, 548 "event-channel", "%u", 549 xen_intr_port(info->xen_intr_handle)); 550 if (err) { 551 message = "writing event-channel"; 552 goto abort_transaction; 553 } 554 err = xs_printf(xst, node, "request-rx-copy", "%u", 555 info->copying_receiver); 556 if (err) { 557 message = "writing request-rx-copy"; 558 goto abort_transaction; 559 } 560 err = xs_printf(xst, node, "feature-rx-notify", "%d", 1); 561 if (err) { 562 message = "writing feature-rx-notify"; 563 goto abort_transaction; 564 } 565 err = xs_printf(xst, node, "feature-sg", "%d", 1); 566 if (err) { 567 message = "writing feature-sg"; 568 goto abort_transaction; 569 } 570 #if __FreeBSD_version >= 700000 571 err = xs_printf(xst, node, "feature-gso-tcpv4", "%d", 1); 572 if (err) { 573 message = "writing feature-gso-tcpv4"; 574 goto abort_transaction; 575 } 576 #endif 577 578 err = xs_transaction_end(xst, 0); 579 if (err) { 580 if (err == EAGAIN) 581 goto again; 582 xenbus_dev_fatal(dev, err, "completing transaction"); 583 goto destroy_ring; 584 } 585 586 return 0; 587 588 abort_transaction: 589 xs_transaction_end(xst, 1); 590 xenbus_dev_fatal(dev, err, "%s", message); 591 destroy_ring: 592 netif_free(info); 593 out: 594 return err; 595 } 596 597 static int 598 setup_device(device_t dev, struct netfront_info *info) 599 { 600 netif_tx_sring_t *txs; 601 netif_rx_sring_t *rxs; 602 int error; 603 struct ifnet *ifp; 604 605 ifp = info->xn_ifp; 606 607 info->tx_ring_ref = GRANT_REF_INVALID; 608 info->rx_ring_ref = GRANT_REF_INVALID; 609 info->rx.sring = NULL; 610 info->tx.sring = NULL; 611 612 txs = (netif_tx_sring_t *)malloc(PAGE_SIZE, M_DEVBUF, M_NOWAIT|M_ZERO); 613 if (!txs) { 614 error = ENOMEM; 615 xenbus_dev_fatal(dev, error, "allocating tx ring page"); 616 goto fail; 617 } 618 SHARED_RING_INIT(txs); 619 FRONT_RING_INIT(&info->tx, txs, PAGE_SIZE); 620 error = xenbus_grant_ring(dev, virt_to_mfn(txs), &info->tx_ring_ref); 621 if (error) 622 goto fail; 623 624 rxs = (netif_rx_sring_t *)malloc(PAGE_SIZE, M_DEVBUF, M_NOWAIT|M_ZERO); 625 if (!rxs) { 626 error = ENOMEM; 627 xenbus_dev_fatal(dev, error, "allocating rx ring page"); 628 goto fail; 629 } 630 SHARED_RING_INIT(rxs); 631 FRONT_RING_INIT(&info->rx, rxs, PAGE_SIZE); 632 633 error = xenbus_grant_ring(dev, virt_to_mfn(rxs), &info->rx_ring_ref); 634 if (error) 635 goto fail; 636 637 error = xen_intr_alloc_and_bind_local_port(dev, 638 xenbus_get_otherend_id(dev), /*filter*/NULL, xn_intr, info, 639 INTR_TYPE_NET | INTR_MPSAFE | INTR_ENTROPY, &info->xen_intr_handle); 640 641 if (error) { 642 xenbus_dev_fatal(dev, error, 643 "xen_intr_alloc_and_bind_local_port failed"); 644 goto fail; 645 } 646 647 return (0); 648 649 fail: 650 netif_free(info); 651 return (error); 652 } 653 654 #ifdef INET 655 /** 656 * If this interface has an ipv4 address, send an arp for it. This 657 * helps to get the network going again after migrating hosts. 658 */ 659 static void 660 netfront_send_fake_arp(device_t dev, struct netfront_info *info) 661 { 662 struct ifnet *ifp; 663 struct ifaddr *ifa; 664 665 ifp = info->xn_ifp; 666 TAILQ_FOREACH(ifa, &ifp->if_addrhead, ifa_link) { 667 if (ifa->ifa_addr->sa_family == AF_INET) { 668 arp_ifinit(ifp, ifa); 669 } 670 } 671 } 672 #endif 673 674 /** 675 * Callback received when the backend's state changes. 676 */ 677 static void 678 netfront_backend_changed(device_t dev, XenbusState newstate) 679 { 680 struct netfront_info *sc = device_get_softc(dev); 681 682 DPRINTK("newstate=%d\n", newstate); 683 684 switch (newstate) { 685 case XenbusStateInitialising: 686 case XenbusStateInitialised: 687 case XenbusStateUnknown: 688 case XenbusStateClosed: 689 case XenbusStateReconfigured: 690 case XenbusStateReconfiguring: 691 break; 692 case XenbusStateInitWait: 693 if (xenbus_get_state(dev) != XenbusStateInitialising) 694 break; 695 if (network_connect(sc) != 0) 696 break; 697 xenbus_set_state(dev, XenbusStateConnected); 698 break; 699 case XenbusStateClosing: 700 xenbus_set_state(dev, XenbusStateClosed); 701 break; 702 case XenbusStateConnected: 703 #ifdef INET 704 netfront_send_fake_arp(dev, sc); 705 #endif 706 break; 707 } 708 } 709 710 static void 711 xn_free_rx_ring(struct netfront_info *sc) 712 { 713 #if 0 714 int i; 715 716 for (i = 0; i < NET_RX_RING_SIZE; i++) { 717 if (sc->xn_cdata.rx_mbufs[i] != NULL) { 718 m_freem(sc->rx_mbufs[i]); 719 sc->rx_mbufs[i] = NULL; 720 } 721 } 722 723 sc->rx.rsp_cons = 0; 724 sc->xn_rx_if->req_prod = 0; 725 sc->xn_rx_if->event = sc->rx.rsp_cons ; 726 #endif 727 } 728 729 static void 730 xn_free_tx_ring(struct netfront_info *sc) 731 { 732 #if 0 733 int i; 734 735 for (i = 0; i < NET_TX_RING_SIZE; i++) { 736 if (sc->tx_mbufs[i] != NULL) { 737 m_freem(sc->tx_mbufs[i]); 738 sc->xn_cdata.xn_tx_chain[i] = NULL; 739 } 740 } 741 742 return; 743 #endif 744 } 745 746 /** 747 * \brief Verify that there is sufficient space in the Tx ring 748 * buffer for a maximally sized request to be enqueued. 749 * 750 * A transmit request requires a transmit descriptor for each packet 751 * fragment, plus up to 2 entries for "options" (e.g. TSO). 752 */ 753 static inline int 754 xn_tx_slot_available(struct netfront_info *np) 755 { 756 return (RING_FREE_REQUESTS(&np->tx) > (MAX_TX_REQ_FRAGS + 2)); 757 } 758 759 static void 760 netif_release_tx_bufs(struct netfront_info *np) 761 { 762 int i; 763 764 for (i = 1; i <= NET_TX_RING_SIZE; i++) { 765 struct mbuf *m; 766 767 m = np->tx_mbufs[i]; 768 769 /* 770 * We assume that no kernel addresses are 771 * less than NET_TX_RING_SIZE. Any entry 772 * in the table that is below this number 773 * must be an index from free-list tracking. 774 */ 775 if (((uintptr_t)m) <= NET_TX_RING_SIZE) 776 continue; 777 gnttab_end_foreign_access_ref(np->grant_tx_ref[i]); 778 gnttab_release_grant_reference(&np->gref_tx_head, 779 np->grant_tx_ref[i]); 780 np->grant_tx_ref[i] = GRANT_REF_INVALID; 781 add_id_to_freelist(np->tx_mbufs, i); 782 np->xn_cdata.xn_tx_chain_cnt--; 783 if (np->xn_cdata.xn_tx_chain_cnt < 0) { 784 panic("%s: tx_chain_cnt must be >= 0", __func__); 785 } 786 m_free(m); 787 } 788 } 789 790 static void 791 network_alloc_rx_buffers(struct netfront_info *sc) 792 { 793 int otherend_id = xenbus_get_otherend_id(sc->xbdev); 794 unsigned short id; 795 struct mbuf *m_new; 796 int i, batch_target, notify; 797 RING_IDX req_prod; 798 struct xen_memory_reservation reservation; 799 grant_ref_t ref; 800 int nr_flips; 801 netif_rx_request_t *req; 802 vm_offset_t vaddr; 803 u_long pfn; 804 805 req_prod = sc->rx.req_prod_pvt; 806 807 if (__predict_false(sc->carrier == 0)) 808 return; 809 810 /* 811 * Allocate mbufs greedily, even though we batch updates to the 812 * receive ring. This creates a less bursty demand on the memory 813 * allocator, and so should reduce the chance of failed allocation 814 * requests both for ourself and for other kernel subsystems. 815 * 816 * Here we attempt to maintain rx_target buffers in flight, counting 817 * buffers that we have yet to process in the receive ring. 818 */ 819 batch_target = sc->rx_target - (req_prod - sc->rx.rsp_cons); 820 for (i = mbufq_len(&sc->xn_rx_batch); i < batch_target; i++) { 821 m_new = m_getjcl(M_NOWAIT, MT_DATA, M_PKTHDR, MJUMPAGESIZE); 822 if (m_new == NULL) { 823 if (i != 0) 824 goto refill; 825 /* 826 * XXX set timer 827 */ 828 break; 829 } 830 m_new->m_len = m_new->m_pkthdr.len = MJUMPAGESIZE; 831 832 /* queue the mbufs allocated */ 833 (void )mbufq_enqueue(&sc->xn_rx_batch, m_new); 834 } 835 836 /* 837 * If we've allocated at least half of our target number of entries, 838 * submit them to the backend - we have enough to make the overhead 839 * of submission worthwhile. Otherwise wait for more mbufs and 840 * request entries to become available. 841 */ 842 if (i < (sc->rx_target/2)) { 843 if (req_prod >sc->rx.sring->req_prod) 844 goto push; 845 return; 846 } 847 848 /* 849 * Double floating fill target if we risked having the backend 850 * run out of empty buffers for receive traffic. We define "running 851 * low" as having less than a fourth of our target buffers free 852 * at the time we refilled the queue. 853 */ 854 if ((req_prod - sc->rx.sring->rsp_prod) < (sc->rx_target / 4)) { 855 sc->rx_target *= 2; 856 if (sc->rx_target > sc->rx_max_target) 857 sc->rx_target = sc->rx_max_target; 858 } 859 860 refill: 861 for (nr_flips = i = 0; ; i++) { 862 if ((m_new = mbufq_dequeue(&sc->xn_rx_batch)) == NULL) 863 break; 864 865 m_new->m_ext.ext_arg1 = (vm_paddr_t *)(uintptr_t)( 866 vtophys(m_new->m_ext.ext_buf) >> PAGE_SHIFT); 867 868 id = xennet_rxidx(req_prod + i); 869 870 KASSERT(sc->rx_mbufs[id] == NULL, ("non-NULL xm_rx_chain")); 871 sc->rx_mbufs[id] = m_new; 872 873 ref = gnttab_claim_grant_reference(&sc->gref_rx_head); 874 KASSERT(ref != GNTTAB_LIST_END, 875 ("reserved grant references exhuasted")); 876 sc->grant_rx_ref[id] = ref; 877 878 vaddr = mtod(m_new, vm_offset_t); 879 pfn = vtophys(vaddr) >> PAGE_SHIFT; 880 req = RING_GET_REQUEST(&sc->rx, req_prod + i); 881 882 if (sc->copying_receiver == 0) { 883 gnttab_grant_foreign_transfer_ref(ref, 884 otherend_id, pfn); 885 sc->rx_pfn_array[nr_flips] = pfn; 886 nr_flips++; 887 } else { 888 gnttab_grant_foreign_access_ref(ref, 889 otherend_id, 890 pfn, 0); 891 } 892 req->id = id; 893 req->gref = ref; 894 895 sc->rx_pfn_array[i] = 896 vtophys(mtod(m_new,vm_offset_t)) >> PAGE_SHIFT; 897 } 898 899 KASSERT(i, ("no mbufs processed")); /* should have returned earlier */ 900 KASSERT(mbufq_len(&sc->xn_rx_batch) == 0, ("not all mbufs processed")); 901 /* 902 * We may have allocated buffers which have entries outstanding 903 * in the page * update queue -- make sure we flush those first! 904 */ 905 if (nr_flips != 0) { 906 #ifdef notyet 907 /* Tell the ballon driver what is going on. */ 908 balloon_update_driver_allowance(i); 909 #endif 910 set_xen_guest_handle(reservation.extent_start, sc->rx_pfn_array); 911 reservation.nr_extents = i; 912 reservation.extent_order = 0; 913 reservation.address_bits = 0; 914 reservation.domid = DOMID_SELF; 915 } else { 916 wmb(); 917 } 918 919 /* Above is a suitable barrier to ensure backend will see requests. */ 920 sc->rx.req_prod_pvt = req_prod + i; 921 push: 922 RING_PUSH_REQUESTS_AND_CHECK_NOTIFY(&sc->rx, notify); 923 if (notify) 924 xen_intr_signal(sc->xen_intr_handle); 925 } 926 927 static void 928 xn_rxeof(struct netfront_info *np) 929 { 930 struct ifnet *ifp; 931 #if __FreeBSD_version >= 700000 && (defined(INET) || defined(INET6)) 932 struct lro_ctrl *lro = &np->xn_lro; 933 struct lro_entry *queued; 934 #endif 935 struct netfront_rx_info rinfo; 936 struct netif_rx_response *rx = &rinfo.rx; 937 struct netif_extra_info *extras = rinfo.extras; 938 RING_IDX i, rp; 939 struct mbuf *m; 940 struct mbufq rxq, errq; 941 int err, pages_flipped = 0, work_to_do; 942 943 do { 944 XN_RX_LOCK_ASSERT(np); 945 if (!netfront_carrier_ok(np)) 946 return; 947 948 /* XXX: there should be some sane limit. */ 949 mbufq_init(&errq, INT_MAX); 950 mbufq_init(&rxq, INT_MAX); 951 952 ifp = np->xn_ifp; 953 954 rp = np->rx.sring->rsp_prod; 955 rmb(); /* Ensure we see queued responses up to 'rp'. */ 956 957 i = np->rx.rsp_cons; 958 while ((i != rp)) { 959 memcpy(rx, RING_GET_RESPONSE(&np->rx, i), sizeof(*rx)); 960 memset(extras, 0, sizeof(rinfo.extras)); 961 962 m = NULL; 963 err = xennet_get_responses(np, &rinfo, rp, &i, &m, 964 &pages_flipped); 965 966 if (__predict_false(err)) { 967 if (m) 968 (void )mbufq_enqueue(&errq, m); 969 np->stats.rx_errors++; 970 continue; 971 } 972 973 m->m_pkthdr.rcvif = ifp; 974 if ( rx->flags & NETRXF_data_validated ) { 975 /* Tell the stack the checksums are okay */ 976 /* 977 * XXX this isn't necessarily the case - need to add 978 * check 979 */ 980 981 m->m_pkthdr.csum_flags |= 982 (CSUM_IP_CHECKED | CSUM_IP_VALID | CSUM_DATA_VALID 983 | CSUM_PSEUDO_HDR); 984 m->m_pkthdr.csum_data = 0xffff; 985 } 986 987 np->stats.rx_packets++; 988 np->stats.rx_bytes += m->m_pkthdr.len; 989 990 (void )mbufq_enqueue(&rxq, m); 991 np->rx.rsp_cons = i; 992 } 993 994 if (pages_flipped) { 995 /* Some pages are no longer absent... */ 996 #ifdef notyet 997 balloon_update_driver_allowance(-pages_flipped); 998 #endif 999 } 1000 1001 mbufq_drain(&errq); 1002 1003 /* 1004 * Process all the mbufs after the remapping is complete. 1005 * Break the mbuf chain first though. 1006 */ 1007 while ((m = mbufq_dequeue(&rxq)) != NULL) { 1008 if_inc_counter(ifp, IFCOUNTER_IPACKETS, 1); 1009 1010 /* 1011 * Do we really need to drop the rx lock? 1012 */ 1013 XN_RX_UNLOCK(np); 1014 #if __FreeBSD_version >= 700000 && (defined(INET) || defined(INET6)) 1015 /* Use LRO if possible */ 1016 if ((ifp->if_capenable & IFCAP_LRO) == 0 || 1017 lro->lro_cnt == 0 || tcp_lro_rx(lro, m, 0)) { 1018 /* 1019 * If LRO fails, pass up to the stack 1020 * directly. 1021 */ 1022 (*ifp->if_input)(ifp, m); 1023 } 1024 #else 1025 (*ifp->if_input)(ifp, m); 1026 #endif 1027 XN_RX_LOCK(np); 1028 } 1029 1030 np->rx.rsp_cons = i; 1031 1032 #if __FreeBSD_version >= 700000 && (defined(INET) || defined(INET6)) 1033 /* 1034 * Flush any outstanding LRO work 1035 */ 1036 while (!SLIST_EMPTY(&lro->lro_active)) { 1037 queued = SLIST_FIRST(&lro->lro_active); 1038 SLIST_REMOVE_HEAD(&lro->lro_active, next); 1039 tcp_lro_flush(lro, queued); 1040 } 1041 #endif 1042 1043 #if 0 1044 /* If we get a callback with very few responses, reduce fill target. */ 1045 /* NB. Note exponential increase, linear decrease. */ 1046 if (((np->rx.req_prod_pvt - np->rx.sring->rsp_prod) > 1047 ((3*np->rx_target) / 4)) && (--np->rx_target < np->rx_min_target)) 1048 np->rx_target = np->rx_min_target; 1049 #endif 1050 1051 network_alloc_rx_buffers(np); 1052 1053 RING_FINAL_CHECK_FOR_RESPONSES(&np->rx, work_to_do); 1054 } while (work_to_do); 1055 } 1056 1057 static void 1058 xn_txeof(struct netfront_info *np) 1059 { 1060 RING_IDX i, prod; 1061 unsigned short id; 1062 struct ifnet *ifp; 1063 netif_tx_response_t *txr; 1064 struct mbuf *m; 1065 1066 XN_TX_LOCK_ASSERT(np); 1067 1068 if (!netfront_carrier_ok(np)) 1069 return; 1070 1071 ifp = np->xn_ifp; 1072 1073 do { 1074 prod = np->tx.sring->rsp_prod; 1075 rmb(); /* Ensure we see responses up to 'rp'. */ 1076 1077 for (i = np->tx.rsp_cons; i != prod; i++) { 1078 txr = RING_GET_RESPONSE(&np->tx, i); 1079 if (txr->status == NETIF_RSP_NULL) 1080 continue; 1081 1082 if (txr->status != NETIF_RSP_OKAY) { 1083 printf("%s: WARNING: response is %d!\n", 1084 __func__, txr->status); 1085 } 1086 id = txr->id; 1087 m = np->tx_mbufs[id]; 1088 KASSERT(m != NULL, ("mbuf not found in xn_tx_chain")); 1089 KASSERT((uintptr_t)m > NET_TX_RING_SIZE, 1090 ("mbuf already on the free list, but we're " 1091 "trying to free it again!")); 1092 M_ASSERTVALID(m); 1093 1094 /* 1095 * Increment packet count if this is the last 1096 * mbuf of the chain. 1097 */ 1098 if (!m->m_next) 1099 if_inc_counter(ifp, IFCOUNTER_OPACKETS, 1); 1100 if (__predict_false(gnttab_query_foreign_access( 1101 np->grant_tx_ref[id]) != 0)) { 1102 panic("%s: grant id %u still in use by the " 1103 "backend", __func__, id); 1104 } 1105 gnttab_end_foreign_access_ref( 1106 np->grant_tx_ref[id]); 1107 gnttab_release_grant_reference( 1108 &np->gref_tx_head, np->grant_tx_ref[id]); 1109 np->grant_tx_ref[id] = GRANT_REF_INVALID; 1110 1111 np->tx_mbufs[id] = NULL; 1112 add_id_to_freelist(np->tx_mbufs, id); 1113 np->xn_cdata.xn_tx_chain_cnt--; 1114 m_free(m); 1115 /* Only mark the queue active if we've freed up at least one slot to try */ 1116 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 1117 } 1118 np->tx.rsp_cons = prod; 1119 1120 /* 1121 * Set a new event, then check for race with update of 1122 * tx_cons. Note that it is essential to schedule a 1123 * callback, no matter how few buffers are pending. Even if 1124 * there is space in the transmit ring, higher layers may 1125 * be blocked because too much data is outstanding: in such 1126 * cases notification from Xen is likely to be the only kick 1127 * that we'll get. 1128 */ 1129 np->tx.sring->rsp_event = 1130 prod + ((np->tx.sring->req_prod - prod) >> 1) + 1; 1131 1132 mb(); 1133 } while (prod != np->tx.sring->rsp_prod); 1134 1135 if (np->tx_full && 1136 ((np->tx.sring->req_prod - prod) < NET_TX_RING_SIZE)) { 1137 np->tx_full = 0; 1138 #if 0 1139 if (np->user_state == UST_OPEN) 1140 netif_wake_queue(dev); 1141 #endif 1142 } 1143 } 1144 1145 static void 1146 xn_intr(void *xsc) 1147 { 1148 struct netfront_info *np = xsc; 1149 struct ifnet *ifp = np->xn_ifp; 1150 1151 #if 0 1152 if (!(np->rx.rsp_cons != np->rx.sring->rsp_prod && 1153 likely(netfront_carrier_ok(np)) && 1154 ifp->if_drv_flags & IFF_DRV_RUNNING)) 1155 return; 1156 #endif 1157 if (RING_HAS_UNCONSUMED_RESPONSES(&np->tx)) { 1158 XN_TX_LOCK(np); 1159 xn_txeof(np); 1160 XN_TX_UNLOCK(np); 1161 } 1162 1163 XN_RX_LOCK(np); 1164 xn_rxeof(np); 1165 XN_RX_UNLOCK(np); 1166 1167 if (ifp->if_drv_flags & IFF_DRV_RUNNING && 1168 !IFQ_DRV_IS_EMPTY(&ifp->if_snd)) 1169 xn_start(ifp); 1170 } 1171 1172 static void 1173 xennet_move_rx_slot(struct netfront_info *np, struct mbuf *m, 1174 grant_ref_t ref) 1175 { 1176 int new = xennet_rxidx(np->rx.req_prod_pvt); 1177 1178 KASSERT(np->rx_mbufs[new] == NULL, ("rx_mbufs != NULL")); 1179 np->rx_mbufs[new] = m; 1180 np->grant_rx_ref[new] = ref; 1181 RING_GET_REQUEST(&np->rx, np->rx.req_prod_pvt)->id = new; 1182 RING_GET_REQUEST(&np->rx, np->rx.req_prod_pvt)->gref = ref; 1183 np->rx.req_prod_pvt++; 1184 } 1185 1186 static int 1187 xennet_get_extras(struct netfront_info *np, 1188 struct netif_extra_info *extras, RING_IDX rp, RING_IDX *cons) 1189 { 1190 struct netif_extra_info *extra; 1191 1192 int err = 0; 1193 1194 do { 1195 struct mbuf *m; 1196 grant_ref_t ref; 1197 1198 if (__predict_false(*cons + 1 == rp)) { 1199 #if 0 1200 if (net_ratelimit()) 1201 WPRINTK("Missing extra info\n"); 1202 #endif 1203 err = EINVAL; 1204 break; 1205 } 1206 1207 extra = (struct netif_extra_info *) 1208 RING_GET_RESPONSE(&np->rx, ++(*cons)); 1209 1210 if (__predict_false(!extra->type || 1211 extra->type >= XEN_NETIF_EXTRA_TYPE_MAX)) { 1212 #if 0 1213 if (net_ratelimit()) 1214 WPRINTK("Invalid extra type: %d\n", 1215 extra->type); 1216 #endif 1217 err = EINVAL; 1218 } else { 1219 memcpy(&extras[extra->type - 1], extra, sizeof(*extra)); 1220 } 1221 1222 m = xennet_get_rx_mbuf(np, *cons); 1223 ref = xennet_get_rx_ref(np, *cons); 1224 xennet_move_rx_slot(np, m, ref); 1225 } while (extra->flags & XEN_NETIF_EXTRA_FLAG_MORE); 1226 1227 return err; 1228 } 1229 1230 static int 1231 xennet_get_responses(struct netfront_info *np, 1232 struct netfront_rx_info *rinfo, RING_IDX rp, RING_IDX *cons, 1233 struct mbuf **list, 1234 int *pages_flipped_p) 1235 { 1236 int pages_flipped = *pages_flipped_p; 1237 struct netif_rx_response *rx = &rinfo->rx; 1238 struct netif_extra_info *extras = rinfo->extras; 1239 struct mbuf *m, *m0, *m_prev; 1240 grant_ref_t ref = xennet_get_rx_ref(np, *cons); 1241 RING_IDX ref_cons = *cons; 1242 int frags = 1; 1243 int err = 0; 1244 u_long ret; 1245 1246 m0 = m = m_prev = xennet_get_rx_mbuf(np, *cons); 1247 1248 if (rx->flags & NETRXF_extra_info) { 1249 err = xennet_get_extras(np, extras, rp, cons); 1250 } 1251 1252 if (m0 != NULL) { 1253 m0->m_pkthdr.len = 0; 1254 m0->m_next = NULL; 1255 } 1256 1257 for (;;) { 1258 u_long mfn; 1259 1260 #if 0 1261 DPRINTK("rx->status=%hd rx->offset=%hu frags=%u\n", 1262 rx->status, rx->offset, frags); 1263 #endif 1264 if (__predict_false(rx->status < 0 || 1265 rx->offset + rx->status > PAGE_SIZE)) { 1266 1267 #if 0 1268 if (net_ratelimit()) 1269 WPRINTK("rx->offset: %x, size: %u\n", 1270 rx->offset, rx->status); 1271 #endif 1272 xennet_move_rx_slot(np, m, ref); 1273 if (m0 == m) 1274 m0 = NULL; 1275 m = NULL; 1276 err = EINVAL; 1277 goto next_skip_queue; 1278 } 1279 1280 /* 1281 * This definitely indicates a bug, either in this driver or in 1282 * the backend driver. In future this should flag the bad 1283 * situation to the system controller to reboot the backed. 1284 */ 1285 if (ref == GRANT_REF_INVALID) { 1286 1287 #if 0 1288 if (net_ratelimit()) 1289 WPRINTK("Bad rx response id %d.\n", rx->id); 1290 #endif 1291 printf("%s: Bad rx response id %d.\n", __func__,rx->id); 1292 err = EINVAL; 1293 goto next; 1294 } 1295 1296 if (!np->copying_receiver) { 1297 /* Memory pressure, insufficient buffer 1298 * headroom, ... 1299 */ 1300 if (!(mfn = gnttab_end_foreign_transfer_ref(ref))) { 1301 WPRINTK("Unfulfilled rx req (id=%d, st=%d).\n", 1302 rx->id, rx->status); 1303 xennet_move_rx_slot(np, m, ref); 1304 err = ENOMEM; 1305 goto next; 1306 } 1307 1308 pages_flipped++; 1309 } else { 1310 ret = gnttab_end_foreign_access_ref(ref); 1311 KASSERT(ret, ("ret != 0")); 1312 } 1313 1314 gnttab_release_grant_reference(&np->gref_rx_head, ref); 1315 1316 next: 1317 if (m == NULL) 1318 break; 1319 1320 m->m_len = rx->status; 1321 m->m_data += rx->offset; 1322 m0->m_pkthdr.len += rx->status; 1323 1324 next_skip_queue: 1325 if (!(rx->flags & NETRXF_more_data)) 1326 break; 1327 1328 if (*cons + frags == rp) { 1329 if (net_ratelimit()) 1330 WPRINTK("Need more frags\n"); 1331 err = ENOENT; 1332 printf("%s: cons %u frags %u rp %u, not enough frags\n", 1333 __func__, *cons, frags, rp); 1334 break; 1335 } 1336 /* 1337 * Note that m can be NULL, if rx->status < 0 or if 1338 * rx->offset + rx->status > PAGE_SIZE above. 1339 */ 1340 m_prev = m; 1341 1342 rx = RING_GET_RESPONSE(&np->rx, *cons + frags); 1343 m = xennet_get_rx_mbuf(np, *cons + frags); 1344 1345 /* 1346 * m_prev == NULL can happen if rx->status < 0 or if 1347 * rx->offset + * rx->status > PAGE_SIZE above. 1348 */ 1349 if (m_prev != NULL) 1350 m_prev->m_next = m; 1351 1352 /* 1353 * m0 can be NULL if rx->status < 0 or if * rx->offset + 1354 * rx->status > PAGE_SIZE above. 1355 */ 1356 if (m0 == NULL) 1357 m0 = m; 1358 m->m_next = NULL; 1359 ref = xennet_get_rx_ref(np, *cons + frags); 1360 ref_cons = *cons + frags; 1361 frags++; 1362 } 1363 *list = m0; 1364 *cons += frags; 1365 *pages_flipped_p = pages_flipped; 1366 1367 return (err); 1368 } 1369 1370 static void 1371 xn_tick_locked(struct netfront_info *sc) 1372 { 1373 XN_RX_LOCK_ASSERT(sc); 1374 callout_reset(&sc->xn_stat_ch, hz, xn_tick, sc); 1375 1376 /* XXX placeholder for printing debug information */ 1377 } 1378 1379 static void 1380 xn_tick(void *xsc) 1381 { 1382 struct netfront_info *sc; 1383 1384 sc = xsc; 1385 XN_RX_LOCK(sc); 1386 xn_tick_locked(sc); 1387 XN_RX_UNLOCK(sc); 1388 } 1389 1390 /** 1391 * \brief Count the number of fragments in an mbuf chain. 1392 * 1393 * Surprisingly, there isn't an M* macro for this. 1394 */ 1395 static inline int 1396 xn_count_frags(struct mbuf *m) 1397 { 1398 int nfrags; 1399 1400 for (nfrags = 0; m != NULL; m = m->m_next) 1401 nfrags++; 1402 1403 return (nfrags); 1404 } 1405 1406 /** 1407 * Given an mbuf chain, make sure we have enough room and then push 1408 * it onto the transmit ring. 1409 */ 1410 static int 1411 xn_assemble_tx_request(struct netfront_info *sc, struct mbuf *m_head) 1412 { 1413 struct ifnet *ifp; 1414 struct mbuf *m; 1415 u_int nfrags; 1416 int otherend_id; 1417 1418 ifp = sc->xn_ifp; 1419 1420 /** 1421 * Defragment the mbuf if necessary. 1422 */ 1423 nfrags = xn_count_frags(m_head); 1424 1425 /* 1426 * Check to see whether this request is longer than netback 1427 * can handle, and try to defrag it. 1428 */ 1429 /** 1430 * It is a bit lame, but the netback driver in Linux can't 1431 * deal with nfrags > MAX_TX_REQ_FRAGS, which is a quirk of 1432 * the Linux network stack. 1433 */ 1434 if (nfrags > sc->maxfrags) { 1435 m = m_defrag(m_head, M_NOWAIT); 1436 if (!m) { 1437 /* 1438 * Defrag failed, so free the mbuf and 1439 * therefore drop the packet. 1440 */ 1441 m_freem(m_head); 1442 return (EMSGSIZE); 1443 } 1444 m_head = m; 1445 } 1446 1447 /* Determine how many fragments now exist */ 1448 nfrags = xn_count_frags(m_head); 1449 1450 /* 1451 * Check to see whether the defragmented packet has too many 1452 * segments for the Linux netback driver. 1453 */ 1454 /** 1455 * The FreeBSD TCP stack, with TSO enabled, can produce a chain 1456 * of mbufs longer than Linux can handle. Make sure we don't 1457 * pass a too-long chain over to the other side by dropping the 1458 * packet. It doesn't look like there is currently a way to 1459 * tell the TCP stack to generate a shorter chain of packets. 1460 */ 1461 if (nfrags > MAX_TX_REQ_FRAGS) { 1462 #ifdef DEBUG 1463 printf("%s: nfrags %d > MAX_TX_REQ_FRAGS %d, netback " 1464 "won't be able to handle it, dropping\n", 1465 __func__, nfrags, MAX_TX_REQ_FRAGS); 1466 #endif 1467 m_freem(m_head); 1468 return (EMSGSIZE); 1469 } 1470 1471 /* 1472 * This check should be redundant. We've already verified that we 1473 * have enough slots in the ring to handle a packet of maximum 1474 * size, and that our packet is less than the maximum size. Keep 1475 * it in here as an assert for now just to make certain that 1476 * xn_tx_chain_cnt is accurate. 1477 */ 1478 KASSERT((sc->xn_cdata.xn_tx_chain_cnt + nfrags) <= NET_TX_RING_SIZE, 1479 ("%s: xn_tx_chain_cnt (%d) + nfrags (%d) > NET_TX_RING_SIZE " 1480 "(%d)!", __func__, (int) sc->xn_cdata.xn_tx_chain_cnt, 1481 (int) nfrags, (int) NET_TX_RING_SIZE)); 1482 1483 /* 1484 * Start packing the mbufs in this chain into 1485 * the fragment pointers. Stop when we run out 1486 * of fragments or hit the end of the mbuf chain. 1487 */ 1488 m = m_head; 1489 otherend_id = xenbus_get_otherend_id(sc->xbdev); 1490 for (m = m_head; m; m = m->m_next) { 1491 netif_tx_request_t *tx; 1492 uintptr_t id; 1493 grant_ref_t ref; 1494 u_long mfn; /* XXX Wrong type? */ 1495 1496 tx = RING_GET_REQUEST(&sc->tx, sc->tx.req_prod_pvt); 1497 id = get_id_from_freelist(sc->tx_mbufs); 1498 if (id == 0) 1499 panic("%s: was allocated the freelist head!\n", 1500 __func__); 1501 sc->xn_cdata.xn_tx_chain_cnt++; 1502 if (sc->xn_cdata.xn_tx_chain_cnt > NET_TX_RING_SIZE) 1503 panic("%s: tx_chain_cnt must be <= NET_TX_RING_SIZE\n", 1504 __func__); 1505 sc->tx_mbufs[id] = m; 1506 tx->id = id; 1507 ref = gnttab_claim_grant_reference(&sc->gref_tx_head); 1508 KASSERT((short)ref >= 0, ("Negative ref")); 1509 mfn = virt_to_mfn(mtod(m, vm_offset_t)); 1510 gnttab_grant_foreign_access_ref(ref, otherend_id, 1511 mfn, GNTMAP_readonly); 1512 tx->gref = sc->grant_tx_ref[id] = ref; 1513 tx->offset = mtod(m, vm_offset_t) & (PAGE_SIZE - 1); 1514 tx->flags = 0; 1515 if (m == m_head) { 1516 /* 1517 * The first fragment has the entire packet 1518 * size, subsequent fragments have just the 1519 * fragment size. The backend works out the 1520 * true size of the first fragment by 1521 * subtracting the sizes of the other 1522 * fragments. 1523 */ 1524 tx->size = m->m_pkthdr.len; 1525 1526 /* 1527 * The first fragment contains the checksum flags 1528 * and is optionally followed by extra data for 1529 * TSO etc. 1530 */ 1531 /** 1532 * CSUM_TSO requires checksum offloading. 1533 * Some versions of FreeBSD fail to 1534 * set CSUM_TCP in the CSUM_TSO case, 1535 * so we have to test for CSUM_TSO 1536 * explicitly. 1537 */ 1538 if (m->m_pkthdr.csum_flags 1539 & (CSUM_DELAY_DATA | CSUM_TSO)) { 1540 tx->flags |= (NETTXF_csum_blank 1541 | NETTXF_data_validated); 1542 } 1543 #if __FreeBSD_version >= 700000 1544 if (m->m_pkthdr.csum_flags & CSUM_TSO) { 1545 struct netif_extra_info *gso = 1546 (struct netif_extra_info *) 1547 RING_GET_REQUEST(&sc->tx, 1548 ++sc->tx.req_prod_pvt); 1549 1550 tx->flags |= NETTXF_extra_info; 1551 1552 gso->u.gso.size = m->m_pkthdr.tso_segsz; 1553 gso->u.gso.type = 1554 XEN_NETIF_GSO_TYPE_TCPV4; 1555 gso->u.gso.pad = 0; 1556 gso->u.gso.features = 0; 1557 1558 gso->type = XEN_NETIF_EXTRA_TYPE_GSO; 1559 gso->flags = 0; 1560 } 1561 #endif 1562 } else { 1563 tx->size = m->m_len; 1564 } 1565 if (m->m_next) 1566 tx->flags |= NETTXF_more_data; 1567 1568 sc->tx.req_prod_pvt++; 1569 } 1570 BPF_MTAP(ifp, m_head); 1571 1572 sc->stats.tx_bytes += m_head->m_pkthdr.len; 1573 sc->stats.tx_packets++; 1574 1575 return (0); 1576 } 1577 1578 static void 1579 xn_start_locked(struct ifnet *ifp) 1580 { 1581 struct netfront_info *sc; 1582 struct mbuf *m_head; 1583 int notify; 1584 1585 sc = ifp->if_softc; 1586 1587 if (!netfront_carrier_ok(sc)) 1588 return; 1589 1590 /* 1591 * While we have enough transmit slots available for at least one 1592 * maximum-sized packet, pull mbufs off the queue and put them on 1593 * the transmit ring. 1594 */ 1595 while (xn_tx_slot_available(sc)) { 1596 IF_DEQUEUE(&ifp->if_snd, m_head); 1597 if (m_head == NULL) 1598 break; 1599 1600 if (xn_assemble_tx_request(sc, m_head) != 0) 1601 break; 1602 } 1603 1604 RING_PUSH_REQUESTS_AND_CHECK_NOTIFY(&sc->tx, notify); 1605 if (notify) 1606 xen_intr_signal(sc->xen_intr_handle); 1607 1608 if (RING_FULL(&sc->tx)) { 1609 sc->tx_full = 1; 1610 #if 0 1611 netif_stop_queue(dev); 1612 #endif 1613 } 1614 } 1615 1616 static void 1617 xn_start(struct ifnet *ifp) 1618 { 1619 struct netfront_info *sc; 1620 sc = ifp->if_softc; 1621 XN_TX_LOCK(sc); 1622 xn_start_locked(ifp); 1623 XN_TX_UNLOCK(sc); 1624 } 1625 1626 /* equivalent of network_open() in Linux */ 1627 static void 1628 xn_ifinit_locked(struct netfront_info *sc) 1629 { 1630 struct ifnet *ifp; 1631 1632 XN_LOCK_ASSERT(sc); 1633 1634 ifp = sc->xn_ifp; 1635 1636 if (ifp->if_drv_flags & IFF_DRV_RUNNING) 1637 return; 1638 1639 xn_stop(sc); 1640 1641 network_alloc_rx_buffers(sc); 1642 sc->rx.sring->rsp_event = sc->rx.rsp_cons + 1; 1643 1644 ifp->if_drv_flags |= IFF_DRV_RUNNING; 1645 ifp->if_drv_flags &= ~IFF_DRV_OACTIVE; 1646 if_link_state_change(ifp, LINK_STATE_UP); 1647 1648 callout_reset(&sc->xn_stat_ch, hz, xn_tick, sc); 1649 } 1650 1651 static void 1652 xn_ifinit(void *xsc) 1653 { 1654 struct netfront_info *sc = xsc; 1655 1656 XN_LOCK(sc); 1657 xn_ifinit_locked(sc); 1658 XN_UNLOCK(sc); 1659 } 1660 1661 static int 1662 xn_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) 1663 { 1664 struct netfront_info *sc = ifp->if_softc; 1665 struct ifreq *ifr = (struct ifreq *) data; 1666 #ifdef INET 1667 struct ifaddr *ifa = (struct ifaddr *)data; 1668 #endif 1669 1670 int mask, error = 0; 1671 switch(cmd) { 1672 case SIOCSIFADDR: 1673 #ifdef INET 1674 XN_LOCK(sc); 1675 if (ifa->ifa_addr->sa_family == AF_INET) { 1676 ifp->if_flags |= IFF_UP; 1677 if (!(ifp->if_drv_flags & IFF_DRV_RUNNING)) 1678 xn_ifinit_locked(sc); 1679 arp_ifinit(ifp, ifa); 1680 XN_UNLOCK(sc); 1681 } else { 1682 XN_UNLOCK(sc); 1683 #endif 1684 error = ether_ioctl(ifp, cmd, data); 1685 #ifdef INET 1686 } 1687 #endif 1688 break; 1689 case SIOCSIFMTU: 1690 /* XXX can we alter the MTU on a VN ?*/ 1691 #ifdef notyet 1692 if (ifr->ifr_mtu > XN_JUMBO_MTU) 1693 error = EINVAL; 1694 else 1695 #endif 1696 { 1697 ifp->if_mtu = ifr->ifr_mtu; 1698 ifp->if_drv_flags &= ~IFF_DRV_RUNNING; 1699 xn_ifinit(sc); 1700 } 1701 break; 1702 case SIOCSIFFLAGS: 1703 XN_LOCK(sc); 1704 if (ifp->if_flags & IFF_UP) { 1705 /* 1706 * If only the state of the PROMISC flag changed, 1707 * then just use the 'set promisc mode' command 1708 * instead of reinitializing the entire NIC. Doing 1709 * a full re-init means reloading the firmware and 1710 * waiting for it to start up, which may take a 1711 * second or two. 1712 */ 1713 #ifdef notyet 1714 /* No promiscuous mode with Xen */ 1715 if (ifp->if_drv_flags & IFF_DRV_RUNNING && 1716 ifp->if_flags & IFF_PROMISC && 1717 !(sc->xn_if_flags & IFF_PROMISC)) { 1718 XN_SETBIT(sc, XN_RX_MODE, 1719 XN_RXMODE_RX_PROMISC); 1720 } else if (ifp->if_drv_flags & IFF_DRV_RUNNING && 1721 !(ifp->if_flags & IFF_PROMISC) && 1722 sc->xn_if_flags & IFF_PROMISC) { 1723 XN_CLRBIT(sc, XN_RX_MODE, 1724 XN_RXMODE_RX_PROMISC); 1725 } else 1726 #endif 1727 xn_ifinit_locked(sc); 1728 } else { 1729 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 1730 xn_stop(sc); 1731 } 1732 } 1733 sc->xn_if_flags = ifp->if_flags; 1734 XN_UNLOCK(sc); 1735 error = 0; 1736 break; 1737 case SIOCSIFCAP: 1738 mask = ifr->ifr_reqcap ^ ifp->if_capenable; 1739 if (mask & IFCAP_TXCSUM) { 1740 if (IFCAP_TXCSUM & ifp->if_capenable) { 1741 ifp->if_capenable &= ~(IFCAP_TXCSUM|IFCAP_TSO4); 1742 ifp->if_hwassist &= ~(CSUM_TCP | CSUM_UDP 1743 | CSUM_IP | CSUM_TSO); 1744 } else { 1745 ifp->if_capenable |= IFCAP_TXCSUM; 1746 ifp->if_hwassist |= (CSUM_TCP | CSUM_UDP 1747 | CSUM_IP); 1748 } 1749 } 1750 if (mask & IFCAP_RXCSUM) { 1751 ifp->if_capenable ^= IFCAP_RXCSUM; 1752 } 1753 #if __FreeBSD_version >= 700000 1754 if (mask & IFCAP_TSO4) { 1755 if (IFCAP_TSO4 & ifp->if_capenable) { 1756 ifp->if_capenable &= ~IFCAP_TSO4; 1757 ifp->if_hwassist &= ~CSUM_TSO; 1758 } else if (IFCAP_TXCSUM & ifp->if_capenable) { 1759 ifp->if_capenable |= IFCAP_TSO4; 1760 ifp->if_hwassist |= CSUM_TSO; 1761 } else { 1762 IPRINTK("Xen requires tx checksum offload" 1763 " be enabled to use TSO\n"); 1764 error = EINVAL; 1765 } 1766 } 1767 if (mask & IFCAP_LRO) { 1768 ifp->if_capenable ^= IFCAP_LRO; 1769 1770 } 1771 #endif 1772 error = 0; 1773 break; 1774 case SIOCADDMULTI: 1775 case SIOCDELMULTI: 1776 #ifdef notyet 1777 if (ifp->if_drv_flags & IFF_DRV_RUNNING) { 1778 XN_LOCK(sc); 1779 xn_setmulti(sc); 1780 XN_UNLOCK(sc); 1781 error = 0; 1782 } 1783 #endif 1784 /* FALLTHROUGH */ 1785 case SIOCSIFMEDIA: 1786 case SIOCGIFMEDIA: 1787 error = ifmedia_ioctl(ifp, ifr, &sc->sc_media, cmd); 1788 break; 1789 default: 1790 error = ether_ioctl(ifp, cmd, data); 1791 } 1792 1793 return (error); 1794 } 1795 1796 static void 1797 xn_stop(struct netfront_info *sc) 1798 { 1799 struct ifnet *ifp; 1800 1801 XN_LOCK_ASSERT(sc); 1802 1803 ifp = sc->xn_ifp; 1804 1805 callout_stop(&sc->xn_stat_ch); 1806 1807 xn_free_rx_ring(sc); 1808 xn_free_tx_ring(sc); 1809 1810 ifp->if_drv_flags &= ~(IFF_DRV_RUNNING | IFF_DRV_OACTIVE); 1811 if_link_state_change(ifp, LINK_STATE_DOWN); 1812 } 1813 1814 /* START of Xenolinux helper functions adapted to FreeBSD */ 1815 int 1816 network_connect(struct netfront_info *np) 1817 { 1818 int i, requeue_idx, error; 1819 grant_ref_t ref; 1820 netif_rx_request_t *req; 1821 u_int feature_rx_copy, feature_rx_flip; 1822 1823 error = xs_scanf(XST_NIL, xenbus_get_otherend_path(np->xbdev), 1824 "feature-rx-copy", NULL, "%u", &feature_rx_copy); 1825 if (error) 1826 feature_rx_copy = 0; 1827 error = xs_scanf(XST_NIL, xenbus_get_otherend_path(np->xbdev), 1828 "feature-rx-flip", NULL, "%u", &feature_rx_flip); 1829 if (error) 1830 feature_rx_flip = 1; 1831 1832 /* 1833 * Copy packets on receive path if: 1834 * (a) This was requested by user, and the backend supports it; or 1835 * (b) Flipping was requested, but this is unsupported by the backend. 1836 */ 1837 np->copying_receiver = ((MODPARM_rx_copy && feature_rx_copy) || 1838 (MODPARM_rx_flip && !feature_rx_flip)); 1839 1840 /* Recovery procedure: */ 1841 error = talk_to_backend(np->xbdev, np); 1842 if (error) 1843 return (error); 1844 1845 /* Step 1: Reinitialise variables. */ 1846 xn_query_features(np); 1847 xn_configure_features(np); 1848 netif_release_tx_bufs(np); 1849 1850 /* Step 2: Rebuild the RX buffer freelist and the RX ring itself. */ 1851 for (requeue_idx = 0, i = 0; i < NET_RX_RING_SIZE; i++) { 1852 struct mbuf *m; 1853 u_long pfn; 1854 1855 if (np->rx_mbufs[i] == NULL) 1856 continue; 1857 1858 m = np->rx_mbufs[requeue_idx] = xennet_get_rx_mbuf(np, i); 1859 ref = np->grant_rx_ref[requeue_idx] = xennet_get_rx_ref(np, i); 1860 1861 req = RING_GET_REQUEST(&np->rx, requeue_idx); 1862 pfn = vtophys(mtod(m, vm_offset_t)) >> PAGE_SHIFT; 1863 1864 if (!np->copying_receiver) { 1865 gnttab_grant_foreign_transfer_ref(ref, 1866 xenbus_get_otherend_id(np->xbdev), 1867 pfn); 1868 } else { 1869 gnttab_grant_foreign_access_ref(ref, 1870 xenbus_get_otherend_id(np->xbdev), 1871 pfn, 0); 1872 } 1873 req->gref = ref; 1874 req->id = requeue_idx; 1875 1876 requeue_idx++; 1877 } 1878 1879 np->rx.req_prod_pvt = requeue_idx; 1880 1881 /* Step 3: All public and private state should now be sane. Get 1882 * ready to start sending and receiving packets and give the driver 1883 * domain a kick because we've probably just requeued some 1884 * packets. 1885 */ 1886 netfront_carrier_on(np); 1887 xen_intr_signal(np->xen_intr_handle); 1888 XN_TX_LOCK(np); 1889 xn_txeof(np); 1890 XN_TX_UNLOCK(np); 1891 network_alloc_rx_buffers(np); 1892 1893 return (0); 1894 } 1895 1896 static void 1897 xn_query_features(struct netfront_info *np) 1898 { 1899 int val; 1900 1901 device_printf(np->xbdev, "backend features:"); 1902 1903 if (xs_scanf(XST_NIL, xenbus_get_otherend_path(np->xbdev), 1904 "feature-sg", NULL, "%d", &val) < 0) 1905 val = 0; 1906 1907 np->maxfrags = 1; 1908 if (val) { 1909 np->maxfrags = MAX_TX_REQ_FRAGS; 1910 printf(" feature-sg"); 1911 } 1912 1913 if (xs_scanf(XST_NIL, xenbus_get_otherend_path(np->xbdev), 1914 "feature-gso-tcpv4", NULL, "%d", &val) < 0) 1915 val = 0; 1916 1917 np->xn_ifp->if_capabilities &= ~(IFCAP_TSO4|IFCAP_LRO); 1918 if (val) { 1919 np->xn_ifp->if_capabilities |= IFCAP_TSO4|IFCAP_LRO; 1920 printf(" feature-gso-tcp4"); 1921 } 1922 1923 printf("\n"); 1924 } 1925 1926 static int 1927 xn_configure_features(struct netfront_info *np) 1928 { 1929 int err, cap_enabled; 1930 1931 err = 0; 1932 1933 if (np->xn_resume && 1934 ((np->xn_ifp->if_capenable & np->xn_ifp->if_capabilities) 1935 == np->xn_ifp->if_capenable)) { 1936 /* Current options are available, no need to do anything. */ 1937 return (0); 1938 } 1939 1940 /* Try to preserve as many options as possible. */ 1941 if (np->xn_resume) 1942 cap_enabled = np->xn_ifp->if_capenable; 1943 else 1944 cap_enabled = UINT_MAX; 1945 1946 #if __FreeBSD_version >= 700000 && (defined(INET) || defined(INET6)) 1947 if ((np->xn_ifp->if_capenable & IFCAP_LRO) == (cap_enabled & IFCAP_LRO)) 1948 tcp_lro_free(&np->xn_lro); 1949 #endif 1950 np->xn_ifp->if_capenable = 1951 np->xn_ifp->if_capabilities & ~(IFCAP_LRO|IFCAP_TSO4) & cap_enabled; 1952 np->xn_ifp->if_hwassist &= ~CSUM_TSO; 1953 #if __FreeBSD_version >= 700000 && (defined(INET) || defined(INET6)) 1954 if (xn_enable_lro && (np->xn_ifp->if_capabilities & IFCAP_LRO) == 1955 (cap_enabled & IFCAP_LRO)) { 1956 err = tcp_lro_init(&np->xn_lro); 1957 if (err) { 1958 device_printf(np->xbdev, "LRO initialization failed\n"); 1959 } else { 1960 np->xn_lro.ifp = np->xn_ifp; 1961 np->xn_ifp->if_capenable |= IFCAP_LRO; 1962 } 1963 } 1964 if ((np->xn_ifp->if_capabilities & IFCAP_TSO4) == 1965 (cap_enabled & IFCAP_TSO4)) { 1966 np->xn_ifp->if_capenable |= IFCAP_TSO4; 1967 np->xn_ifp->if_hwassist |= CSUM_TSO; 1968 } 1969 #endif 1970 return (err); 1971 } 1972 1973 /** 1974 * Create a network device. 1975 * @param dev Newbus device representing this virtual NIC. 1976 */ 1977 int 1978 create_netdev(device_t dev) 1979 { 1980 int i; 1981 struct netfront_info *np; 1982 int err; 1983 struct ifnet *ifp; 1984 1985 np = device_get_softc(dev); 1986 1987 np->xbdev = dev; 1988 1989 XN_LOCK_INIT(np, xennetif); 1990 1991 ifmedia_init(&np->sc_media, 0, xn_ifmedia_upd, xn_ifmedia_sts); 1992 ifmedia_add(&np->sc_media, IFM_ETHER|IFM_MANUAL, 0, NULL); 1993 ifmedia_set(&np->sc_media, IFM_ETHER|IFM_MANUAL); 1994 1995 np->rx_target = RX_MIN_TARGET; 1996 np->rx_min_target = RX_MIN_TARGET; 1997 np->rx_max_target = RX_MAX_TARGET; 1998 1999 /* Initialise {tx,rx}_skbs to be a free chain containing every entry. */ 2000 for (i = 0; i <= NET_TX_RING_SIZE; i++) { 2001 np->tx_mbufs[i] = (void *) ((u_long) i+1); 2002 np->grant_tx_ref[i] = GRANT_REF_INVALID; 2003 } 2004 np->tx_mbufs[NET_TX_RING_SIZE] = (void *)0; 2005 2006 for (i = 0; i <= NET_RX_RING_SIZE; i++) { 2007 2008 np->rx_mbufs[i] = NULL; 2009 np->grant_rx_ref[i] = GRANT_REF_INVALID; 2010 } 2011 2012 mbufq_init(&np->xn_rx_batch, INT_MAX); 2013 2014 /* A grant for every tx ring slot */ 2015 if (gnttab_alloc_grant_references(NET_TX_RING_SIZE, 2016 &np->gref_tx_head) != 0) { 2017 IPRINTK("#### netfront can't alloc tx grant refs\n"); 2018 err = ENOMEM; 2019 goto exit; 2020 } 2021 /* A grant for every rx ring slot */ 2022 if (gnttab_alloc_grant_references(RX_MAX_TARGET, 2023 &np->gref_rx_head) != 0) { 2024 WPRINTK("#### netfront can't alloc rx grant refs\n"); 2025 gnttab_free_grant_references(np->gref_tx_head); 2026 err = ENOMEM; 2027 goto exit; 2028 } 2029 2030 err = xen_net_read_mac(dev, np->mac); 2031 if (err) 2032 goto out; 2033 2034 /* Set up ifnet structure */ 2035 ifp = np->xn_ifp = if_alloc(IFT_ETHER); 2036 ifp->if_softc = np; 2037 if_initname(ifp, "xn", device_get_unit(dev)); 2038 ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST; 2039 ifp->if_ioctl = xn_ioctl; 2040 ifp->if_output = ether_output; 2041 ifp->if_start = xn_start; 2042 #ifdef notyet 2043 ifp->if_watchdog = xn_watchdog; 2044 #endif 2045 ifp->if_init = xn_ifinit; 2046 ifp->if_snd.ifq_maxlen = NET_TX_RING_SIZE - 1; 2047 2048 ifp->if_hwassist = XN_CSUM_FEATURES; 2049 ifp->if_capabilities = IFCAP_HWCSUM; 2050 ifp->if_hw_tsomax = 65536 - (ETHER_HDR_LEN + ETHER_VLAN_ENCAP_LEN); 2051 ifp->if_hw_tsomaxsegcount = MAX_TX_REQ_FRAGS; 2052 ifp->if_hw_tsomaxsegsize = PAGE_SIZE; 2053 2054 ether_ifattach(ifp, np->mac); 2055 callout_init(&np->xn_stat_ch, 1); 2056 netfront_carrier_off(np); 2057 2058 return (0); 2059 2060 exit: 2061 gnttab_free_grant_references(np->gref_tx_head); 2062 out: 2063 return (err); 2064 } 2065 2066 /** 2067 * Handle the change of state of the backend to Closing. We must delete our 2068 * device-layer structures now, to ensure that writes are flushed through to 2069 * the backend. Once is this done, we can switch to Closed in 2070 * acknowledgement. 2071 */ 2072 #if 0 2073 static void 2074 netfront_closing(device_t dev) 2075 { 2076 #if 0 2077 struct netfront_info *info = dev->dev_driver_data; 2078 2079 DPRINTK("netfront_closing: %s removed\n", dev->nodename); 2080 2081 close_netdev(info); 2082 #endif 2083 xenbus_switch_state(dev, XenbusStateClosed); 2084 } 2085 #endif 2086 2087 static int 2088 netfront_detach(device_t dev) 2089 { 2090 struct netfront_info *info = device_get_softc(dev); 2091 2092 DPRINTK("%s\n", xenbus_get_node(dev)); 2093 2094 netif_free(info); 2095 2096 return 0; 2097 } 2098 2099 static void 2100 netif_free(struct netfront_info *info) 2101 { 2102 XN_LOCK(info); 2103 xn_stop(info); 2104 XN_UNLOCK(info); 2105 callout_drain(&info->xn_stat_ch); 2106 netif_disconnect_backend(info); 2107 if (info->xn_ifp != NULL) { 2108 ether_ifdetach(info->xn_ifp); 2109 if_free(info->xn_ifp); 2110 info->xn_ifp = NULL; 2111 } 2112 ifmedia_removeall(&info->sc_media); 2113 } 2114 2115 static void 2116 netif_disconnect_backend(struct netfront_info *info) 2117 { 2118 XN_RX_LOCK(info); 2119 XN_TX_LOCK(info); 2120 netfront_carrier_off(info); 2121 XN_TX_UNLOCK(info); 2122 XN_RX_UNLOCK(info); 2123 2124 free_ring(&info->tx_ring_ref, &info->tx.sring); 2125 free_ring(&info->rx_ring_ref, &info->rx.sring); 2126 2127 xen_intr_unbind(&info->xen_intr_handle); 2128 } 2129 2130 static void 2131 free_ring(int *ref, void *ring_ptr_ref) 2132 { 2133 void **ring_ptr_ptr = ring_ptr_ref; 2134 2135 if (*ref != GRANT_REF_INVALID) { 2136 /* This API frees the associated storage. */ 2137 gnttab_end_foreign_access(*ref, *ring_ptr_ptr); 2138 *ref = GRANT_REF_INVALID; 2139 } 2140 *ring_ptr_ptr = NULL; 2141 } 2142 2143 static int 2144 xn_ifmedia_upd(struct ifnet *ifp) 2145 { 2146 return (0); 2147 } 2148 2149 static void 2150 xn_ifmedia_sts(struct ifnet *ifp, struct ifmediareq *ifmr) 2151 { 2152 ifmr->ifm_status = IFM_AVALID|IFM_ACTIVE; 2153 ifmr->ifm_active = IFM_ETHER|IFM_MANUAL; 2154 } 2155 2156 /* ** Driver registration ** */ 2157 static device_method_t netfront_methods[] = { 2158 /* Device interface */ 2159 DEVMETHOD(device_probe, netfront_probe), 2160 DEVMETHOD(device_attach, netfront_attach), 2161 DEVMETHOD(device_detach, netfront_detach), 2162 DEVMETHOD(device_shutdown, bus_generic_shutdown), 2163 DEVMETHOD(device_suspend, netfront_suspend), 2164 DEVMETHOD(device_resume, netfront_resume), 2165 2166 /* Xenbus interface */ 2167 DEVMETHOD(xenbus_otherend_changed, netfront_backend_changed), 2168 2169 DEVMETHOD_END 2170 }; 2171 2172 static driver_t netfront_driver = { 2173 "xn", 2174 netfront_methods, 2175 sizeof(struct netfront_info), 2176 }; 2177 devclass_t netfront_devclass; 2178 2179 DRIVER_MODULE(xe, xenbusb_front, netfront_driver, netfront_devclass, NULL, 2180 NULL); 2181