1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD 3 * 4 * Copyright (c) 2011 NetApp, Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY NETAPP, INC ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL NETAPP, INC OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * 28 * $FreeBSD$ 29 */ 30 31 #include <sys/cdefs.h> 32 __FBSDID("$FreeBSD$"); 33 34 #include <sys/param.h> 35 #ifndef WITHOUT_CAPSICUM 36 #include <sys/capsicum.h> 37 #endif 38 #include <sys/types.h> 39 #include <sys/mman.h> 40 #include <sys/pciio.h> 41 #include <sys/ioctl.h> 42 #include <sys/stat.h> 43 44 #include <dev/io/iodev.h> 45 #include <dev/pci/pcireg.h> 46 47 #include <vm/vm.h> 48 49 #include <machine/iodev.h> 50 #include <machine/vm.h> 51 52 #ifndef WITHOUT_CAPSICUM 53 #include <capsicum_helpers.h> 54 #endif 55 #include <ctype.h> 56 #include <stdio.h> 57 #include <stdlib.h> 58 #include <string.h> 59 #include <err.h> 60 #include <errno.h> 61 #include <fcntl.h> 62 #include <sysexits.h> 63 #include <unistd.h> 64 65 #include <machine/vmm.h> 66 67 #include "config.h" 68 #include "debug.h" 69 #include "mem.h" 70 #include "pci_passthru.h" 71 72 #ifndef _PATH_DEVPCI 73 #define _PATH_DEVPCI "/dev/pci" 74 #endif 75 76 #define LEGACY_SUPPORT 1 77 78 #define MSIX_TABLE_COUNT(ctrl) (((ctrl) & PCIM_MSIXCTRL_TABLE_SIZE) + 1) 79 #define MSIX_CAPLEN 12 80 81 static int pcifd = -1; 82 83 struct passthru_softc { 84 struct pci_devinst *psc_pi; 85 /* ROM is handled like a BAR */ 86 struct pcibar psc_bar[PCI_BARMAX_WITH_ROM + 1]; 87 struct { 88 int capoff; 89 int msgctrl; 90 int emulated; 91 } psc_msi; 92 struct { 93 int capoff; 94 } psc_msix; 95 struct pcisel psc_sel; 96 97 cfgread_handler psc_pcir_rhandler[PCI_REGMAX + 1]; 98 cfgwrite_handler psc_pcir_whandler[PCI_REGMAX + 1]; 99 }; 100 101 static int 102 msi_caplen(int msgctrl) 103 { 104 int len; 105 106 len = 10; /* minimum length of msi capability */ 107 108 if (msgctrl & PCIM_MSICTRL_64BIT) 109 len += 4; 110 111 #if 0 112 /* 113 * Ignore the 'mask' and 'pending' bits in the MSI capability. 114 * We'll let the guest manipulate them directly. 115 */ 116 if (msgctrl & PCIM_MSICTRL_VECTOR) 117 len += 10; 118 #endif 119 120 return (len); 121 } 122 123 static int 124 pcifd_init(void) 125 { 126 pcifd = open(_PATH_DEVPCI, O_RDWR, 0); 127 if (pcifd < 0) { 128 warn("failed to open %s", _PATH_DEVPCI); 129 return (1); 130 } 131 132 #ifndef WITHOUT_CAPSICUM 133 cap_rights_t pcifd_rights; 134 cap_rights_init(&pcifd_rights, CAP_IOCTL, CAP_READ, CAP_WRITE); 135 if (caph_rights_limit(pcifd, &pcifd_rights) == -1) 136 errx(EX_OSERR, "Unable to apply rights for sandbox"); 137 138 const cap_ioctl_t pcifd_ioctls[] = { PCIOCREAD, PCIOCWRITE, PCIOCGETBAR, 139 PCIOCBARIO, PCIOCBARMMAP, PCIOCGETCONF }; 140 if (caph_ioctls_limit(pcifd, pcifd_ioctls, nitems(pcifd_ioctls)) == -1) 141 errx(EX_OSERR, "Unable to apply rights for sandbox"); 142 #endif 143 144 return (0); 145 } 146 147 uint32_t 148 read_config(const struct pcisel *sel, long reg, int width) 149 { 150 struct pci_io pi; 151 152 if (pcifd < 0 && pcifd_init()) { 153 return (0); 154 } 155 156 bzero(&pi, sizeof(pi)); 157 pi.pi_sel = *sel; 158 pi.pi_reg = reg; 159 pi.pi_width = width; 160 161 if (ioctl(pcifd, PCIOCREAD, &pi) < 0) 162 return (0); /* XXX */ 163 else 164 return (pi.pi_data); 165 } 166 167 void 168 write_config(const struct pcisel *sel, long reg, int width, uint32_t data) 169 { 170 struct pci_io pi; 171 172 if (pcifd < 0 && pcifd_init()) { 173 return; 174 } 175 176 bzero(&pi, sizeof(pi)); 177 pi.pi_sel = *sel; 178 pi.pi_reg = reg; 179 pi.pi_width = width; 180 pi.pi_data = data; 181 182 (void)ioctl(pcifd, PCIOCWRITE, &pi); /* XXX */ 183 } 184 185 #ifdef LEGACY_SUPPORT 186 static int 187 passthru_add_msicap(struct pci_devinst *pi, int msgnum, int nextptr) 188 { 189 int capoff; 190 struct msicap msicap; 191 u_char *capdata; 192 193 pci_populate_msicap(&msicap, msgnum, nextptr); 194 195 /* 196 * XXX 197 * Copy the msi capability structure in the last 16 bytes of the 198 * config space. This is wrong because it could shadow something 199 * useful to the device. 200 */ 201 capoff = 256 - roundup(sizeof(msicap), 4); 202 capdata = (u_char *)&msicap; 203 for (size_t i = 0; i < sizeof(msicap); i++) 204 pci_set_cfgdata8(pi, capoff + i, capdata[i]); 205 206 return (capoff); 207 } 208 #endif /* LEGACY_SUPPORT */ 209 210 static int 211 cfginitmsi(struct passthru_softc *sc) 212 { 213 int i, ptr, capptr, cap, sts, caplen, table_size; 214 uint32_t u32; 215 struct pcisel sel; 216 struct pci_devinst *pi; 217 struct msixcap msixcap; 218 char *msixcap_ptr; 219 220 pi = sc->psc_pi; 221 sel = sc->psc_sel; 222 223 /* 224 * Parse the capabilities and cache the location of the MSI 225 * and MSI-X capabilities. 226 */ 227 sts = read_config(&sel, PCIR_STATUS, 2); 228 if (sts & PCIM_STATUS_CAPPRESENT) { 229 ptr = read_config(&sel, PCIR_CAP_PTR, 1); 230 while (ptr != 0 && ptr != 0xff) { 231 cap = read_config(&sel, ptr + PCICAP_ID, 1); 232 if (cap == PCIY_MSI) { 233 /* 234 * Copy the MSI capability into the config 235 * space of the emulated pci device 236 */ 237 sc->psc_msi.capoff = ptr; 238 sc->psc_msi.msgctrl = read_config(&sel, 239 ptr + 2, 2); 240 sc->psc_msi.emulated = 0; 241 caplen = msi_caplen(sc->psc_msi.msgctrl); 242 capptr = ptr; 243 while (caplen > 0) { 244 u32 = read_config(&sel, capptr, 4); 245 pci_set_cfgdata32(pi, capptr, u32); 246 caplen -= 4; 247 capptr += 4; 248 } 249 } else if (cap == PCIY_MSIX) { 250 /* 251 * Copy the MSI-X capability 252 */ 253 sc->psc_msix.capoff = ptr; 254 caplen = 12; 255 msixcap_ptr = (char *)&msixcap; 256 capptr = ptr; 257 while (caplen > 0) { 258 u32 = read_config(&sel, capptr, 4); 259 memcpy(msixcap_ptr, &u32, 4); 260 pci_set_cfgdata32(pi, capptr, u32); 261 caplen -= 4; 262 capptr += 4; 263 msixcap_ptr += 4; 264 } 265 } 266 ptr = read_config(&sel, ptr + PCICAP_NEXTPTR, 1); 267 } 268 } 269 270 if (sc->psc_msix.capoff != 0) { 271 pi->pi_msix.pba_bar = 272 msixcap.pba_info & PCIM_MSIX_BIR_MASK; 273 pi->pi_msix.pba_offset = 274 msixcap.pba_info & ~PCIM_MSIX_BIR_MASK; 275 pi->pi_msix.table_bar = 276 msixcap.table_info & PCIM_MSIX_BIR_MASK; 277 pi->pi_msix.table_offset = 278 msixcap.table_info & ~PCIM_MSIX_BIR_MASK; 279 pi->pi_msix.table_count = MSIX_TABLE_COUNT(msixcap.msgctrl); 280 pi->pi_msix.pba_size = PBA_SIZE(pi->pi_msix.table_count); 281 282 /* Allocate the emulated MSI-X table array */ 283 table_size = pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE; 284 pi->pi_msix.table = calloc(1, table_size); 285 286 /* Mask all table entries */ 287 for (i = 0; i < pi->pi_msix.table_count; i++) { 288 pi->pi_msix.table[i].vector_control |= 289 PCIM_MSIX_VCTRL_MASK; 290 } 291 } 292 293 #ifdef LEGACY_SUPPORT 294 /* 295 * If the passthrough device does not support MSI then craft a 296 * MSI capability for it. We link the new MSI capability at the 297 * head of the list of capabilities. 298 */ 299 if ((sts & PCIM_STATUS_CAPPRESENT) != 0 && sc->psc_msi.capoff == 0) { 300 int origptr, msiptr; 301 origptr = read_config(&sel, PCIR_CAP_PTR, 1); 302 msiptr = passthru_add_msicap(pi, 1, origptr); 303 sc->psc_msi.capoff = msiptr; 304 sc->psc_msi.msgctrl = pci_get_cfgdata16(pi, msiptr + 2); 305 sc->psc_msi.emulated = 1; 306 pci_set_cfgdata8(pi, PCIR_CAP_PTR, msiptr); 307 } 308 #endif 309 310 /* Make sure one of the capabilities is present */ 311 if (sc->psc_msi.capoff == 0 && sc->psc_msix.capoff == 0) 312 return (-1); 313 else 314 return (0); 315 } 316 317 static uint64_t 318 msix_table_read(struct passthru_softc *sc, uint64_t offset, int size) 319 { 320 struct pci_devinst *pi; 321 struct msix_table_entry *entry; 322 uint8_t *src8; 323 uint16_t *src16; 324 uint32_t *src32; 325 uint64_t *src64; 326 uint64_t data; 327 size_t entry_offset; 328 uint32_t table_offset; 329 int index, table_count; 330 331 pi = sc->psc_pi; 332 333 table_offset = pi->pi_msix.table_offset; 334 table_count = pi->pi_msix.table_count; 335 if (offset < table_offset || 336 offset >= table_offset + table_count * MSIX_TABLE_ENTRY_SIZE) { 337 switch (size) { 338 case 1: 339 src8 = (uint8_t *)(pi->pi_msix.mapped_addr + offset); 340 data = *src8; 341 break; 342 case 2: 343 src16 = (uint16_t *)(pi->pi_msix.mapped_addr + offset); 344 data = *src16; 345 break; 346 case 4: 347 src32 = (uint32_t *)(pi->pi_msix.mapped_addr + offset); 348 data = *src32; 349 break; 350 case 8: 351 src64 = (uint64_t *)(pi->pi_msix.mapped_addr + offset); 352 data = *src64; 353 break; 354 default: 355 return (-1); 356 } 357 return (data); 358 } 359 360 offset -= table_offset; 361 index = offset / MSIX_TABLE_ENTRY_SIZE; 362 assert(index < table_count); 363 364 entry = &pi->pi_msix.table[index]; 365 entry_offset = offset % MSIX_TABLE_ENTRY_SIZE; 366 367 switch (size) { 368 case 1: 369 src8 = (uint8_t *)((uint8_t *)entry + entry_offset); 370 data = *src8; 371 break; 372 case 2: 373 src16 = (uint16_t *)((uint8_t *)entry + entry_offset); 374 data = *src16; 375 break; 376 case 4: 377 src32 = (uint32_t *)((uint8_t *)entry + entry_offset); 378 data = *src32; 379 break; 380 case 8: 381 src64 = (uint64_t *)((uint8_t *)entry + entry_offset); 382 data = *src64; 383 break; 384 default: 385 return (-1); 386 } 387 388 return (data); 389 } 390 391 static void 392 msix_table_write(struct passthru_softc *sc, uint64_t offset, int size, 393 uint64_t data) 394 { 395 struct pci_devinst *pi; 396 struct msix_table_entry *entry; 397 uint8_t *dest8; 398 uint16_t *dest16; 399 uint32_t *dest32; 400 uint64_t *dest64; 401 size_t entry_offset; 402 uint32_t table_offset, vector_control; 403 int index, table_count; 404 405 pi = sc->psc_pi; 406 407 table_offset = pi->pi_msix.table_offset; 408 table_count = pi->pi_msix.table_count; 409 if (offset < table_offset || 410 offset >= table_offset + table_count * MSIX_TABLE_ENTRY_SIZE) { 411 switch (size) { 412 case 1: 413 dest8 = (uint8_t *)(pi->pi_msix.mapped_addr + offset); 414 *dest8 = data; 415 break; 416 case 2: 417 dest16 = (uint16_t *)(pi->pi_msix.mapped_addr + offset); 418 *dest16 = data; 419 break; 420 case 4: 421 dest32 = (uint32_t *)(pi->pi_msix.mapped_addr + offset); 422 *dest32 = data; 423 break; 424 case 8: 425 dest64 = (uint64_t *)(pi->pi_msix.mapped_addr + offset); 426 *dest64 = data; 427 break; 428 } 429 return; 430 } 431 432 offset -= table_offset; 433 index = offset / MSIX_TABLE_ENTRY_SIZE; 434 assert(index < table_count); 435 436 entry = &pi->pi_msix.table[index]; 437 entry_offset = offset % MSIX_TABLE_ENTRY_SIZE; 438 439 /* Only 4 byte naturally-aligned writes are supported */ 440 assert(size == 4); 441 assert(entry_offset % 4 == 0); 442 443 vector_control = entry->vector_control; 444 dest32 = (uint32_t *)((uint8_t *)entry + entry_offset); 445 *dest32 = data; 446 /* If MSI-X hasn't been enabled, do nothing */ 447 if (pi->pi_msix.enabled) { 448 /* If the entry is masked, don't set it up */ 449 if ((entry->vector_control & PCIM_MSIX_VCTRL_MASK) == 0 || 450 (vector_control & PCIM_MSIX_VCTRL_MASK) == 0) { 451 (void)vm_setup_pptdev_msix(sc->psc_pi->pi_vmctx, 452 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 453 sc->psc_sel.pc_func, index, entry->addr, 454 entry->msg_data, entry->vector_control); 455 } 456 } 457 } 458 459 static int 460 init_msix_table(struct passthru_softc *sc) 461 { 462 struct pci_devinst *pi = sc->psc_pi; 463 struct pci_bar_mmap pbm; 464 int b, s, f; 465 uint32_t table_size, table_offset; 466 467 assert(pci_msix_table_bar(pi) >= 0 && pci_msix_pba_bar(pi) >= 0); 468 469 b = sc->psc_sel.pc_bus; 470 s = sc->psc_sel.pc_dev; 471 f = sc->psc_sel.pc_func; 472 473 /* 474 * Map the region of the BAR containing the MSI-X table. This is 475 * necessary for two reasons: 476 * 1. The PBA may reside in the first or last page containing the MSI-X 477 * table. 478 * 2. While PCI devices are not supposed to use the page(s) containing 479 * the MSI-X table for other purposes, some do in practice. 480 */ 481 memset(&pbm, 0, sizeof(pbm)); 482 pbm.pbm_sel = sc->psc_sel; 483 pbm.pbm_flags = PCIIO_BAR_MMAP_RW; 484 pbm.pbm_reg = PCIR_BAR(pi->pi_msix.table_bar); 485 pbm.pbm_memattr = VM_MEMATTR_DEVICE; 486 487 if (ioctl(pcifd, PCIOCBARMMAP, &pbm) != 0) { 488 warn("Failed to map MSI-X table BAR on %d/%d/%d", b, s, f); 489 return (-1); 490 } 491 assert(pbm.pbm_bar_off == 0); 492 pi->pi_msix.mapped_addr = (uint8_t *)(uintptr_t)pbm.pbm_map_base; 493 pi->pi_msix.mapped_size = pbm.pbm_map_length; 494 495 table_offset = rounddown2(pi->pi_msix.table_offset, 4096); 496 497 table_size = pi->pi_msix.table_offset - table_offset; 498 table_size += pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE; 499 table_size = roundup2(table_size, 4096); 500 501 /* 502 * Unmap any pages not containing the table, we do not need to emulate 503 * accesses to them. Avoid releasing address space to help ensure that 504 * a buggy out-of-bounds access causes a crash. 505 */ 506 if (table_offset != 0) 507 if (mprotect(pi->pi_msix.mapped_addr, table_offset, 508 PROT_NONE) != 0) 509 warn("Failed to unmap MSI-X table BAR region"); 510 if (table_offset + table_size != pi->pi_msix.mapped_size) 511 if (mprotect( 512 pi->pi_msix.mapped_addr + table_offset + table_size, 513 pi->pi_msix.mapped_size - (table_offset + table_size), 514 PROT_NONE) != 0) 515 warn("Failed to unmap MSI-X table BAR region"); 516 517 return (0); 518 } 519 520 static int 521 cfginitbar(struct passthru_softc *sc) 522 { 523 int i, error; 524 struct pci_devinst *pi; 525 struct pci_bar_io bar; 526 enum pcibar_type bartype; 527 uint64_t base, size; 528 529 pi = sc->psc_pi; 530 531 /* 532 * Initialize BAR registers 533 */ 534 for (i = 0; i <= PCI_BARMAX; i++) { 535 bzero(&bar, sizeof(bar)); 536 bar.pbi_sel = sc->psc_sel; 537 bar.pbi_reg = PCIR_BAR(i); 538 539 if (ioctl(pcifd, PCIOCGETBAR, &bar) < 0) 540 continue; 541 542 if (PCI_BAR_IO(bar.pbi_base)) { 543 bartype = PCIBAR_IO; 544 base = bar.pbi_base & PCIM_BAR_IO_BASE; 545 } else { 546 switch (bar.pbi_base & PCIM_BAR_MEM_TYPE) { 547 case PCIM_BAR_MEM_64: 548 bartype = PCIBAR_MEM64; 549 break; 550 default: 551 bartype = PCIBAR_MEM32; 552 break; 553 } 554 base = bar.pbi_base & PCIM_BAR_MEM_BASE; 555 } 556 size = bar.pbi_length; 557 558 if (bartype != PCIBAR_IO) { 559 if (((base | size) & PAGE_MASK) != 0) { 560 warnx("passthru device %d/%d/%d BAR %d: " 561 "base %#lx or size %#lx not page aligned\n", 562 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 563 sc->psc_sel.pc_func, i, base, size); 564 return (-1); 565 } 566 } 567 568 /* Cache information about the "real" BAR */ 569 sc->psc_bar[i].type = bartype; 570 sc->psc_bar[i].size = size; 571 sc->psc_bar[i].addr = base; 572 sc->psc_bar[i].lobits = 0; 573 574 /* Allocate the BAR in the guest I/O or MMIO space */ 575 error = pci_emul_alloc_bar(pi, i, bartype, size); 576 if (error) 577 return (-1); 578 579 /* Use same lobits as physical bar */ 580 uint8_t lobits = read_config(&sc->psc_sel, PCIR_BAR(i), 0x01); 581 if (bartype == PCIBAR_MEM32 || bartype == PCIBAR_MEM64) { 582 lobits &= ~PCIM_BAR_MEM_BASE; 583 } else { 584 lobits &= ~PCIM_BAR_IO_BASE; 585 } 586 sc->psc_bar[i].lobits = lobits; 587 pi->pi_bar[i].lobits = lobits; 588 589 /* 590 * 64-bit BAR takes up two slots so skip the next one. 591 */ 592 if (bartype == PCIBAR_MEM64) { 593 i++; 594 assert(i <= PCI_BARMAX); 595 sc->psc_bar[i].type = PCIBAR_MEMHI64; 596 } 597 } 598 return (0); 599 } 600 601 static int 602 cfginit(struct pci_devinst *pi, int bus, int slot, int func) 603 { 604 int error; 605 struct passthru_softc *sc; 606 uint8_t intline, intpin; 607 608 error = 1; 609 sc = pi->pi_arg; 610 611 bzero(&sc->psc_sel, sizeof(struct pcisel)); 612 sc->psc_sel.pc_bus = bus; 613 sc->psc_sel.pc_dev = slot; 614 sc->psc_sel.pc_func = func; 615 616 /* 617 * Copy physical PCI header to virtual config space. INTLINE and INTPIN 618 * shouldn't be aligned with their physical value and they are already set by 619 * pci_emul_init(). 620 */ 621 intline = pci_get_cfgdata8(pi, PCIR_INTLINE); 622 intpin = pci_get_cfgdata8(pi, PCIR_INTPIN); 623 for (int i = 0; i <= PCIR_MAXLAT; i += 4) { 624 pci_set_cfgdata32(pi, i, read_config(&sc->psc_sel, i, 4)); 625 } 626 pci_set_cfgdata8(pi, PCIR_INTLINE, intline); 627 pci_set_cfgdata8(pi, PCIR_INTPIN, intpin); 628 629 if (cfginitmsi(sc) != 0) { 630 warnx("failed to initialize MSI for PCI %d/%d/%d", 631 bus, slot, func); 632 goto done; 633 } 634 635 if (cfginitbar(sc) != 0) { 636 warnx("failed to initialize BARs for PCI %d/%d/%d", 637 bus, slot, func); 638 goto done; 639 } 640 641 write_config(&sc->psc_sel, PCIR_COMMAND, 2, 642 pci_get_cfgdata16(pi, PCIR_COMMAND)); 643 644 /* 645 * We need to do this after PCIR_COMMAND got possibly updated, e.g., 646 * a BAR was enabled, as otherwise the PCIOCBARMMAP might fail on us. 647 */ 648 if (pci_msix_table_bar(pi) >= 0) { 649 error = init_msix_table(sc); 650 if (error != 0) { 651 warnx( 652 "failed to initialize MSI-X table for PCI %d/%d/%d: %d", 653 bus, slot, func, error); 654 goto done; 655 } 656 } 657 658 error = 0; /* success */ 659 done: 660 return (error); 661 } 662 663 struct pcisel * 664 passthru_get_sel(struct passthru_softc *sc) 665 { 666 assert(sc != NULL); 667 668 return (&sc->psc_sel); 669 } 670 671 int 672 set_pcir_handler(struct passthru_softc *sc, int reg, int len, 673 cfgread_handler rhandler, cfgwrite_handler whandler) 674 { 675 if (reg > PCI_REGMAX || reg + len > PCI_REGMAX + 1) 676 return (-1); 677 678 for (int i = reg; i < reg + len; ++i) { 679 assert(sc->psc_pcir_rhandler[i] == NULL || rhandler == NULL); 680 assert(sc->psc_pcir_whandler[i] == NULL || whandler == NULL); 681 sc->psc_pcir_rhandler[i] = rhandler; 682 sc->psc_pcir_whandler[i] = whandler; 683 } 684 685 return (0); 686 } 687 688 static int 689 passthru_legacy_config(nvlist_t *nvl, const char *opts) 690 { 691 const char *cp; 692 char *tofree; 693 char value[16]; 694 int bus, slot, func; 695 696 if (opts == NULL) 697 return (0); 698 699 cp = strchr(opts, ','); 700 701 if (strncmp(opts, "ppt", strlen("ppt")) == 0) { 702 tofree = strndup(opts, cp - opts); 703 set_config_value_node(nvl, "pptdev", tofree); 704 free(tofree); 705 } else if (sscanf(opts, "pci0:%d:%d:%d", &bus, &slot, &func) == 3 || 706 sscanf(opts, "pci%d:%d:%d", &bus, &slot, &func) == 3 || 707 sscanf(opts, "%d/%d/%d", &bus, &slot, &func) == 3) { 708 snprintf(value, sizeof(value), "%d", bus); 709 set_config_value_node(nvl, "bus", value); 710 snprintf(value, sizeof(value), "%d", slot); 711 set_config_value_node(nvl, "slot", value); 712 snprintf(value, sizeof(value), "%d", func); 713 set_config_value_node(nvl, "func", value); 714 } else { 715 EPRINTLN("passthru: invalid options \"%s\"", opts); 716 return (-1); 717 } 718 719 if (cp == NULL) { 720 return (0); 721 } 722 723 return (pci_parse_legacy_config(nvl, cp + 1)); 724 } 725 726 static int 727 passthru_init_rom(struct passthru_softc *const sc, const char *const romfile) 728 { 729 if (romfile == NULL) { 730 return (0); 731 } 732 733 const int fd = open(romfile, O_RDONLY); 734 if (fd < 0) { 735 warnx("%s: can't open romfile \"%s\"", __func__, romfile); 736 return (-1); 737 } 738 739 struct stat sbuf; 740 if (fstat(fd, &sbuf) < 0) { 741 warnx("%s: can't fstat romfile \"%s\"", __func__, romfile); 742 close(fd); 743 return (-1); 744 } 745 const uint64_t rom_size = sbuf.st_size; 746 747 void *const rom_data = mmap(NULL, rom_size, PROT_READ, MAP_SHARED, fd, 748 0); 749 if (rom_data == MAP_FAILED) { 750 warnx("%s: unable to mmap romfile \"%s\" (%d)", __func__, 751 romfile, errno); 752 close(fd); 753 return (-1); 754 } 755 756 void *rom_addr; 757 int error = pci_emul_alloc_rom(sc->psc_pi, rom_size, &rom_addr); 758 if (error) { 759 warnx("%s: failed to alloc rom segment", __func__); 760 munmap(rom_data, rom_size); 761 close(fd); 762 return (error); 763 } 764 memcpy(rom_addr, rom_data, rom_size); 765 766 sc->psc_bar[PCI_ROM_IDX].type = PCIBAR_ROM; 767 sc->psc_bar[PCI_ROM_IDX].addr = (uint64_t)rom_addr; 768 sc->psc_bar[PCI_ROM_IDX].size = rom_size; 769 770 munmap(rom_data, rom_size); 771 close(fd); 772 773 return (0); 774 } 775 776 static bool 777 passthru_lookup_pptdev(const char *name, int *bus, int *slot, int *func) 778 { 779 struct pci_conf_io pc; 780 struct pci_conf conf[1]; 781 struct pci_match_conf patterns[1]; 782 char *cp; 783 784 bzero(&pc, sizeof(struct pci_conf_io)); 785 pc.match_buf_len = sizeof(conf); 786 pc.matches = conf; 787 788 bzero(&patterns, sizeof(patterns)); 789 790 /* 791 * The pattern structure requires the unit to be split out from 792 * the driver name. Walk backwards from the end of the name to 793 * find the start of the unit. 794 */ 795 cp = strchr(name, '\0'); 796 assert(cp != NULL); 797 while (cp != name && isdigit(cp[-1])) 798 cp--; 799 if (cp == name || !isdigit(*cp)) { 800 EPRINTLN("Invalid passthru device name %s", name); 801 return (false); 802 } 803 if ((size_t)(cp - name) + 1 > sizeof(patterns[0].pd_name)) { 804 EPRINTLN("Passthru device name %s is too long", name); 805 return (false); 806 } 807 memcpy(patterns[0].pd_name, name, cp - name); 808 patterns[0].pd_unit = strtol(cp, &cp, 10); 809 if (*cp != '\0') { 810 EPRINTLN("Invalid passthru device name %s", name); 811 return (false); 812 } 813 patterns[0].flags = PCI_GETCONF_MATCH_NAME | PCI_GETCONF_MATCH_UNIT; 814 pc.num_patterns = 1; 815 pc.pat_buf_len = sizeof(patterns); 816 pc.patterns = patterns; 817 818 if (ioctl(pcifd, PCIOCGETCONF, &pc) == -1) { 819 EPRINTLN("ioctl(PCIOCGETCONF): %s", strerror(errno)); 820 return (false); 821 } 822 if (pc.status != PCI_GETCONF_LAST_DEVICE && 823 pc.status != PCI_GETCONF_MORE_DEVS) { 824 EPRINTLN("error returned from PCIOCGETCONF ioctl"); 825 return (false); 826 } 827 if (pc.num_matches == 0) { 828 EPRINTLN("Passthru device %s not found", name); 829 return (false); 830 } 831 832 if (conf[0].pc_sel.pc_domain != 0) { 833 EPRINTLN("Passthru device %s on unsupported domain", name); 834 return (false); 835 } 836 *bus = conf[0].pc_sel.pc_bus; 837 *slot = conf[0].pc_sel.pc_dev; 838 *func = conf[0].pc_sel.pc_func; 839 return (true); 840 } 841 842 static int 843 passthru_init(struct pci_devinst *pi, nvlist_t *nvl) 844 { 845 int bus, slot, func, error, memflags; 846 struct passthru_softc *sc; 847 const char *value; 848 849 sc = NULL; 850 error = 1; 851 852 memflags = vm_get_memflags(pi->pi_vmctx); 853 if (!(memflags & VM_MEM_F_WIRED)) { 854 warnx("passthru requires guest memory to be wired"); 855 return (error); 856 } 857 858 if (pcifd < 0 && pcifd_init()) { 859 return (error); 860 } 861 862 #define GET_INT_CONFIG(var, name) do { \ 863 value = get_config_value_node(nvl, name); \ 864 if (value == NULL) { \ 865 EPRINTLN("passthru: missing required %s setting", name); \ 866 return (error); \ 867 } \ 868 var = atoi(value); \ 869 } while (0) 870 871 value = get_config_value_node(nvl, "pptdev"); 872 if (value != NULL) { 873 if (!passthru_lookup_pptdev(value, &bus, &slot, &func)) 874 return (error); 875 } else { 876 GET_INT_CONFIG(bus, "bus"); 877 GET_INT_CONFIG(slot, "slot"); 878 GET_INT_CONFIG(func, "func"); 879 } 880 881 if (vm_assign_pptdev(pi->pi_vmctx, bus, slot, func) != 0) { 882 warnx("PCI device at %d/%d/%d is not using the ppt(4) driver", 883 bus, slot, func); 884 goto done; 885 } 886 887 sc = calloc(1, sizeof(struct passthru_softc)); 888 889 pi->pi_arg = sc; 890 sc->psc_pi = pi; 891 892 /* initialize config space */ 893 if ((error = cfginit(pi, bus, slot, func)) != 0) 894 goto done; 895 896 /* initialize ROM */ 897 if ((error = passthru_init_rom(sc, 898 get_config_value_node(nvl, "rom"))) != 0) 899 goto done; 900 901 /* Emulate most PCI header register. */ 902 if ((error = set_pcir_handler(sc, 0, PCIR_MAXLAT + 1, 903 passthru_cfgread_emulate, passthru_cfgwrite_emulate)) != 0) 904 goto done; 905 906 /* Allow access to the physical command and status register. */ 907 if ((error = set_pcir_handler(sc, PCIR_COMMAND, 0x04, NULL, NULL)) != 0) 908 goto done; 909 910 error = 0; /* success */ 911 done: 912 if (error) { 913 free(sc); 914 vm_unassign_pptdev(pi->pi_vmctx, bus, slot, func); 915 } 916 return (error); 917 } 918 919 static int 920 msicap_access(struct passthru_softc *sc, int coff) 921 { 922 int caplen; 923 924 if (sc->psc_msi.capoff == 0) 925 return (0); 926 927 caplen = msi_caplen(sc->psc_msi.msgctrl); 928 929 if (coff >= sc->psc_msi.capoff && coff < sc->psc_msi.capoff + caplen) 930 return (1); 931 else 932 return (0); 933 } 934 935 static int 936 msixcap_access(struct passthru_softc *sc, int coff) 937 { 938 if (sc->psc_msix.capoff == 0) 939 return (0); 940 941 return (coff >= sc->psc_msix.capoff && 942 coff < sc->psc_msix.capoff + MSIX_CAPLEN); 943 } 944 945 static int 946 passthru_cfgread_default(struct passthru_softc *sc, 947 struct pci_devinst *pi __unused, int coff, int bytes, uint32_t *rv) 948 { 949 /* 950 * MSI capability is emulated. 951 */ 952 if (msicap_access(sc, coff) || msixcap_access(sc, coff)) 953 return (-1); 954 955 /* 956 * Emulate the command register. If a single read reads both the 957 * command and status registers, read the status register from the 958 * device's config space. 959 */ 960 if (coff == PCIR_COMMAND) { 961 if (bytes <= 2) 962 return (-1); 963 *rv = read_config(&sc->psc_sel, PCIR_STATUS, 2) << 16 | 964 pci_get_cfgdata16(pi, PCIR_COMMAND); 965 return (0); 966 } 967 968 /* Everything else just read from the device's config space */ 969 *rv = read_config(&sc->psc_sel, coff, bytes); 970 971 return (0); 972 } 973 974 int 975 passthru_cfgread_emulate(struct passthru_softc *sc __unused, 976 struct pci_devinst *pi __unused, int coff __unused, int bytes __unused, 977 uint32_t *rv __unused) 978 { 979 return (-1); 980 } 981 982 static int 983 passthru_cfgread(struct pci_devinst *pi, int coff, int bytes, uint32_t *rv) 984 { 985 struct passthru_softc *sc; 986 987 sc = pi->pi_arg; 988 989 if (sc->psc_pcir_rhandler[coff] != NULL) 990 return (sc->psc_pcir_rhandler[coff](sc, pi, coff, bytes, rv)); 991 992 return (passthru_cfgread_default(sc, pi, coff, bytes, rv)); 993 } 994 995 static int 996 passthru_cfgwrite_default(struct passthru_softc *sc, struct pci_devinst *pi, 997 int coff, int bytes, uint32_t val) 998 { 999 int error, msix_table_entries, i; 1000 uint16_t cmd_old; 1001 1002 /* 1003 * MSI capability is emulated 1004 */ 1005 if (msicap_access(sc, coff)) { 1006 pci_emul_capwrite(pi, coff, bytes, val, sc->psc_msi.capoff, 1007 PCIY_MSI); 1008 error = vm_setup_pptdev_msi(pi->pi_vmctx, sc->psc_sel.pc_bus, 1009 sc->psc_sel.pc_dev, sc->psc_sel.pc_func, 1010 pi->pi_msi.addr, pi->pi_msi.msg_data, 1011 pi->pi_msi.maxmsgnum); 1012 if (error != 0) 1013 err(1, "vm_setup_pptdev_msi"); 1014 return (0); 1015 } 1016 1017 if (msixcap_access(sc, coff)) { 1018 pci_emul_capwrite(pi, coff, bytes, val, sc->psc_msix.capoff, 1019 PCIY_MSIX); 1020 if (pi->pi_msix.enabled) { 1021 msix_table_entries = pi->pi_msix.table_count; 1022 for (i = 0; i < msix_table_entries; i++) { 1023 error = vm_setup_pptdev_msix(pi->pi_vmctx, 1024 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 1025 sc->psc_sel.pc_func, i, 1026 pi->pi_msix.table[i].addr, 1027 pi->pi_msix.table[i].msg_data, 1028 pi->pi_msix.table[i].vector_control); 1029 1030 if (error) 1031 err(1, "vm_setup_pptdev_msix"); 1032 } 1033 } else { 1034 error = vm_disable_pptdev_msix(pi->pi_vmctx, 1035 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 1036 sc->psc_sel.pc_func); 1037 if (error) 1038 err(1, "vm_disable_pptdev_msix"); 1039 } 1040 return (0); 1041 } 1042 1043 #ifdef LEGACY_SUPPORT 1044 /* 1045 * If this device does not support MSI natively then we cannot let 1046 * the guest disable legacy interrupts from the device. It is the 1047 * legacy interrupt that is triggering the virtual MSI to the guest. 1048 */ 1049 if (sc->psc_msi.emulated && pci_msi_enabled(pi)) { 1050 if (coff == PCIR_COMMAND && bytes == 2) 1051 val &= ~PCIM_CMD_INTxDIS; 1052 } 1053 #endif 1054 1055 write_config(&sc->psc_sel, coff, bytes, val); 1056 if (coff == PCIR_COMMAND) { 1057 cmd_old = pci_get_cfgdata16(pi, PCIR_COMMAND); 1058 if (bytes == 1) 1059 pci_set_cfgdata8(pi, PCIR_COMMAND, val); 1060 else if (bytes == 2) 1061 pci_set_cfgdata16(pi, PCIR_COMMAND, val); 1062 pci_emul_cmd_changed(pi, cmd_old); 1063 } 1064 1065 return (0); 1066 } 1067 1068 int 1069 passthru_cfgwrite_emulate(struct passthru_softc *sc __unused, 1070 struct pci_devinst *pi __unused, int coff __unused, int bytes __unused, 1071 uint32_t val __unused) 1072 { 1073 return (-1); 1074 } 1075 1076 static int 1077 passthru_cfgwrite(struct pci_devinst *pi, int coff, int bytes, uint32_t val) 1078 { 1079 struct passthru_softc *sc; 1080 1081 sc = pi->pi_arg; 1082 1083 if (sc->psc_pcir_whandler[coff] != NULL) 1084 return (sc->psc_pcir_whandler[coff](sc, pi, coff, bytes, val)); 1085 1086 return (passthru_cfgwrite_default(sc, pi, coff, bytes, val)); 1087 } 1088 1089 static void 1090 passthru_write(struct pci_devinst *pi, int baridx, uint64_t offset, int size, 1091 uint64_t value) 1092 { 1093 struct passthru_softc *sc; 1094 struct pci_bar_ioreq pio; 1095 1096 sc = pi->pi_arg; 1097 1098 if (baridx == pci_msix_table_bar(pi)) { 1099 msix_table_write(sc, offset, size, value); 1100 } else { 1101 assert(pi->pi_bar[baridx].type == PCIBAR_IO); 1102 assert(size == 1 || size == 2 || size == 4); 1103 assert(offset <= UINT32_MAX && offset + size <= UINT32_MAX); 1104 1105 bzero(&pio, sizeof(pio)); 1106 pio.pbi_sel = sc->psc_sel; 1107 pio.pbi_op = PCIBARIO_WRITE; 1108 pio.pbi_bar = baridx; 1109 pio.pbi_offset = (uint32_t)offset; 1110 pio.pbi_width = size; 1111 pio.pbi_value = (uint32_t)value; 1112 1113 (void)ioctl(pcifd, PCIOCBARIO, &pio); 1114 } 1115 } 1116 1117 static uint64_t 1118 passthru_read(struct pci_devinst *pi, int baridx, uint64_t offset, int size) 1119 { 1120 struct passthru_softc *sc; 1121 struct pci_bar_ioreq pio; 1122 uint64_t val; 1123 1124 sc = pi->pi_arg; 1125 1126 if (baridx == pci_msix_table_bar(pi)) { 1127 val = msix_table_read(sc, offset, size); 1128 } else { 1129 assert(pi->pi_bar[baridx].type == PCIBAR_IO); 1130 assert(size == 1 || size == 2 || size == 4); 1131 assert(offset <= UINT32_MAX && offset + size <= UINT32_MAX); 1132 1133 bzero(&pio, sizeof(pio)); 1134 pio.pbi_sel = sc->psc_sel; 1135 pio.pbi_op = PCIBARIO_READ; 1136 pio.pbi_bar = baridx; 1137 pio.pbi_offset = (uint32_t)offset; 1138 pio.pbi_width = size; 1139 1140 (void)ioctl(pcifd, PCIOCBARIO, &pio); 1141 1142 val = pio.pbi_value; 1143 } 1144 1145 return (val); 1146 } 1147 1148 static void 1149 passthru_msix_addr(struct pci_devinst *pi, int baridx, int enabled, 1150 uint64_t address) 1151 { 1152 struct passthru_softc *sc; 1153 size_t remaining; 1154 uint32_t table_size, table_offset; 1155 1156 sc = pi->pi_arg; 1157 table_offset = rounddown2(pi->pi_msix.table_offset, 4096); 1158 if (table_offset > 0) { 1159 if (!enabled) { 1160 if (vm_unmap_pptdev_mmio(pi->pi_vmctx, 1161 sc->psc_sel.pc_bus, 1162 sc->psc_sel.pc_dev, 1163 sc->psc_sel.pc_func, address, 1164 table_offset) != 0) 1165 warnx("pci_passthru: unmap_pptdev_mmio failed"); 1166 } else { 1167 if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1168 sc->psc_sel.pc_dev, 1169 sc->psc_sel.pc_func, address, 1170 table_offset, 1171 sc->psc_bar[baridx].addr) != 0) 1172 warnx("pci_passthru: map_pptdev_mmio failed"); 1173 } 1174 } 1175 table_size = pi->pi_msix.table_offset - table_offset; 1176 table_size += pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE; 1177 table_size = roundup2(table_size, 4096); 1178 remaining = pi->pi_bar[baridx].size - table_offset - table_size; 1179 if (remaining > 0) { 1180 address += table_offset + table_size; 1181 if (!enabled) { 1182 if (vm_unmap_pptdev_mmio(pi->pi_vmctx, 1183 sc->psc_sel.pc_bus, 1184 sc->psc_sel.pc_dev, 1185 sc->psc_sel.pc_func, address, 1186 remaining) != 0) 1187 warnx("pci_passthru: unmap_pptdev_mmio failed"); 1188 } else { 1189 if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1190 sc->psc_sel.pc_dev, 1191 sc->psc_sel.pc_func, address, 1192 remaining, 1193 sc->psc_bar[baridx].addr + 1194 table_offset + table_size) != 0) 1195 warnx("pci_passthru: map_pptdev_mmio failed"); 1196 } 1197 } 1198 } 1199 1200 static void 1201 passthru_mmio_addr(struct pci_devinst *pi, int baridx, int enabled, 1202 uint64_t address) 1203 { 1204 struct passthru_softc *sc; 1205 1206 sc = pi->pi_arg; 1207 if (!enabled) { 1208 if (vm_unmap_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1209 sc->psc_sel.pc_dev, 1210 sc->psc_sel.pc_func, address, 1211 sc->psc_bar[baridx].size) != 0) 1212 warnx("pci_passthru: unmap_pptdev_mmio failed"); 1213 } else { 1214 if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1215 sc->psc_sel.pc_dev, 1216 sc->psc_sel.pc_func, address, 1217 sc->psc_bar[baridx].size, 1218 sc->psc_bar[baridx].addr) != 0) 1219 warnx("pci_passthru: map_pptdev_mmio failed"); 1220 } 1221 } 1222 1223 static void 1224 passthru_addr_rom(struct pci_devinst *const pi, const int idx, 1225 const int enabled) 1226 { 1227 const uint64_t addr = pi->pi_bar[idx].addr; 1228 const uint64_t size = pi->pi_bar[idx].size; 1229 1230 if (!enabled) { 1231 if (vm_munmap_memseg(pi->pi_vmctx, addr, size) != 0) { 1232 errx(4, "%s: munmap_memseg @ [%016lx - %016lx] failed", 1233 __func__, addr, addr + size); 1234 } 1235 1236 } else { 1237 if (vm_mmap_memseg(pi->pi_vmctx, addr, VM_PCIROM, 1238 pi->pi_romoffset, size, PROT_READ | PROT_EXEC) != 0) { 1239 errx(4, "%s: mmap_memseg @ [%016lx - %016lx] failed", 1240 __func__, addr, addr + size); 1241 } 1242 } 1243 } 1244 1245 static void 1246 passthru_addr(struct pci_devinst *pi, int baridx, int enabled, uint64_t address) 1247 { 1248 switch (pi->pi_bar[baridx].type) { 1249 case PCIBAR_IO: 1250 /* IO BARs are emulated */ 1251 break; 1252 case PCIBAR_ROM: 1253 passthru_addr_rom(pi, baridx, enabled); 1254 break; 1255 case PCIBAR_MEM32: 1256 case PCIBAR_MEM64: 1257 if (baridx == pci_msix_table_bar(pi)) 1258 passthru_msix_addr(pi, baridx, enabled, address); 1259 else 1260 passthru_mmio_addr(pi, baridx, enabled, address); 1261 break; 1262 default: 1263 errx(4, "%s: invalid BAR type %d", __func__, 1264 pi->pi_bar[baridx].type); 1265 } 1266 } 1267 1268 static const struct pci_devemu passthru = { 1269 .pe_emu = "passthru", 1270 .pe_init = passthru_init, 1271 .pe_legacy_config = passthru_legacy_config, 1272 .pe_cfgwrite = passthru_cfgwrite, 1273 .pe_cfgread = passthru_cfgread, 1274 .pe_barwrite = passthru_write, 1275 .pe_barread = passthru_read, 1276 .pe_baraddr = passthru_addr, 1277 }; 1278 PCI_EMUL_SET(passthru); 1279