1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2011 NetApp, Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY NETAPP, INC ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL NETAPP, INC OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * 28 * $FreeBSD$ 29 */ 30 31 #include <sys/cdefs.h> 32 __FBSDID("$FreeBSD$"); 33 34 #include <sys/param.h> 35 #ifndef WITHOUT_CAPSICUM 36 #include <sys/capsicum.h> 37 #endif 38 #include <sys/types.h> 39 #include <sys/mman.h> 40 #include <sys/pciio.h> 41 #include <sys/ioctl.h> 42 #include <sys/stat.h> 43 44 #include <dev/io/iodev.h> 45 #include <dev/pci/pcireg.h> 46 47 #include <vm/vm.h> 48 49 #include <machine/iodev.h> 50 #include <machine/vm.h> 51 52 #ifndef WITHOUT_CAPSICUM 53 #include <capsicum_helpers.h> 54 #endif 55 #include <ctype.h> 56 #include <stdio.h> 57 #include <stdlib.h> 58 #include <string.h> 59 #include <err.h> 60 #include <errno.h> 61 #include <fcntl.h> 62 #include <sysexits.h> 63 #include <unistd.h> 64 65 #include <machine/vmm.h> 66 67 #include "debug.h" 68 #include "mem.h" 69 #include "pci_passthru.h" 70 71 #ifndef _PATH_DEVPCI 72 #define _PATH_DEVPCI "/dev/pci" 73 #endif 74 75 #define LEGACY_SUPPORT 1 76 77 #define MSIX_TABLE_COUNT(ctrl) (((ctrl) & PCIM_MSIXCTRL_TABLE_SIZE) + 1) 78 #define MSIX_CAPLEN 12 79 80 #define PASSTHRU_MMIO_MAX 2 81 82 static int pcifd = -1; 83 84 SET_DECLARE(passthru_dev_set, struct passthru_dev); 85 86 struct passthru_softc { 87 struct pci_devinst *psc_pi; 88 /* ROM is handled like a BAR */ 89 struct pcibar psc_bar[PCI_BARMAX_WITH_ROM + 1]; 90 struct { 91 int capoff; 92 int msgctrl; 93 int emulated; 94 } psc_msi; 95 struct { 96 int capoff; 97 } psc_msix; 98 struct pcisel psc_sel; 99 100 struct passthru_mmio_mapping psc_mmio_map[PASSTHRU_MMIO_MAX]; 101 cfgread_handler psc_pcir_rhandler[PCI_REGMAX + 1]; 102 cfgwrite_handler psc_pcir_whandler[PCI_REGMAX + 1]; 103 }; 104 105 static int 106 msi_caplen(int msgctrl) 107 { 108 int len; 109 110 len = 10; /* minimum length of msi capability */ 111 112 if (msgctrl & PCIM_MSICTRL_64BIT) 113 len += 4; 114 115 #if 0 116 /* 117 * Ignore the 'mask' and 'pending' bits in the MSI capability. 118 * We'll let the guest manipulate them directly. 119 */ 120 if (msgctrl & PCIM_MSICTRL_VECTOR) 121 len += 10; 122 #endif 123 124 return (len); 125 } 126 127 static int 128 pcifd_init(void) 129 { 130 pcifd = open(_PATH_DEVPCI, O_RDWR, 0); 131 if (pcifd < 0) { 132 warn("failed to open %s", _PATH_DEVPCI); 133 return (1); 134 } 135 136 #ifndef WITHOUT_CAPSICUM 137 cap_rights_t pcifd_rights; 138 cap_rights_init(&pcifd_rights, CAP_IOCTL, CAP_READ, CAP_WRITE); 139 if (caph_rights_limit(pcifd, &pcifd_rights) == -1) 140 errx(EX_OSERR, "Unable to apply rights for sandbox"); 141 142 const cap_ioctl_t pcifd_ioctls[] = { PCIOCREAD, PCIOCWRITE, PCIOCGETBAR, 143 PCIOCBARIO, PCIOCBARMMAP, PCIOCGETCONF }; 144 if (caph_ioctls_limit(pcifd, pcifd_ioctls, nitems(pcifd_ioctls)) == -1) 145 errx(EX_OSERR, "Unable to apply rights for sandbox"); 146 #endif 147 148 return (0); 149 } 150 151 uint32_t 152 read_config(const struct pcisel *sel, long reg, int width) 153 { 154 struct pci_io pi; 155 156 if (pcifd < 0 && pcifd_init()) { 157 return (0); 158 } 159 160 bzero(&pi, sizeof(pi)); 161 pi.pi_sel = *sel; 162 pi.pi_reg = reg; 163 pi.pi_width = width; 164 165 if (ioctl(pcifd, PCIOCREAD, &pi) < 0) 166 return (0); /* XXX */ 167 else 168 return (pi.pi_data); 169 } 170 171 void 172 write_config(const struct pcisel *sel, long reg, int width, uint32_t data) 173 { 174 struct pci_io pi; 175 176 if (pcifd < 0 && pcifd_init()) { 177 return; 178 } 179 180 bzero(&pi, sizeof(pi)); 181 pi.pi_sel = *sel; 182 pi.pi_reg = reg; 183 pi.pi_width = width; 184 pi.pi_data = data; 185 186 (void)ioctl(pcifd, PCIOCWRITE, &pi); /* XXX */ 187 } 188 189 #ifdef LEGACY_SUPPORT 190 static int 191 passthru_add_msicap(struct pci_devinst *pi, int msgnum, int nextptr) 192 { 193 int capoff; 194 struct msicap msicap; 195 u_char *capdata; 196 197 pci_populate_msicap(&msicap, msgnum, nextptr); 198 199 /* 200 * XXX 201 * Copy the msi capability structure in the last 16 bytes of the 202 * config space. This is wrong because it could shadow something 203 * useful to the device. 204 */ 205 capoff = 256 - roundup(sizeof(msicap), 4); 206 capdata = (u_char *)&msicap; 207 for (size_t i = 0; i < sizeof(msicap); i++) 208 pci_set_cfgdata8(pi, capoff + i, capdata[i]); 209 210 return (capoff); 211 } 212 #endif /* LEGACY_SUPPORT */ 213 214 static int 215 cfginitmsi(struct passthru_softc *sc) 216 { 217 int i, ptr, capptr, cap, sts, caplen, table_size; 218 uint32_t u32; 219 struct pcisel sel; 220 struct pci_devinst *pi; 221 struct msixcap msixcap; 222 char *msixcap_ptr; 223 224 pi = sc->psc_pi; 225 sel = sc->psc_sel; 226 227 /* 228 * Parse the capabilities and cache the location of the MSI 229 * and MSI-X capabilities. 230 */ 231 sts = read_config(&sel, PCIR_STATUS, 2); 232 if (sts & PCIM_STATUS_CAPPRESENT) { 233 ptr = read_config(&sel, PCIR_CAP_PTR, 1); 234 while (ptr != 0 && ptr != 0xff) { 235 cap = read_config(&sel, ptr + PCICAP_ID, 1); 236 if (cap == PCIY_MSI) { 237 /* 238 * Copy the MSI capability into the config 239 * space of the emulated pci device 240 */ 241 sc->psc_msi.capoff = ptr; 242 sc->psc_msi.msgctrl = read_config(&sel, 243 ptr + 2, 2); 244 sc->psc_msi.emulated = 0; 245 caplen = msi_caplen(sc->psc_msi.msgctrl); 246 capptr = ptr; 247 while (caplen > 0) { 248 u32 = read_config(&sel, capptr, 4); 249 pci_set_cfgdata32(pi, capptr, u32); 250 caplen -= 4; 251 capptr += 4; 252 } 253 } else if (cap == PCIY_MSIX) { 254 /* 255 * Copy the MSI-X capability 256 */ 257 sc->psc_msix.capoff = ptr; 258 caplen = 12; 259 msixcap_ptr = (char *)&msixcap; 260 capptr = ptr; 261 while (caplen > 0) { 262 u32 = read_config(&sel, capptr, 4); 263 memcpy(msixcap_ptr, &u32, 4); 264 pci_set_cfgdata32(pi, capptr, u32); 265 caplen -= 4; 266 capptr += 4; 267 msixcap_ptr += 4; 268 } 269 } 270 ptr = read_config(&sel, ptr + PCICAP_NEXTPTR, 1); 271 } 272 } 273 274 if (sc->psc_msix.capoff != 0) { 275 pi->pi_msix.pba_bar = 276 msixcap.pba_info & PCIM_MSIX_BIR_MASK; 277 pi->pi_msix.pba_offset = 278 msixcap.pba_info & ~PCIM_MSIX_BIR_MASK; 279 pi->pi_msix.table_bar = 280 msixcap.table_info & PCIM_MSIX_BIR_MASK; 281 pi->pi_msix.table_offset = 282 msixcap.table_info & ~PCIM_MSIX_BIR_MASK; 283 pi->pi_msix.table_count = MSIX_TABLE_COUNT(msixcap.msgctrl); 284 pi->pi_msix.pba_size = PBA_SIZE(pi->pi_msix.table_count); 285 286 /* Allocate the emulated MSI-X table array */ 287 table_size = pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE; 288 pi->pi_msix.table = calloc(1, table_size); 289 290 /* Mask all table entries */ 291 for (i = 0; i < pi->pi_msix.table_count; i++) { 292 pi->pi_msix.table[i].vector_control |= 293 PCIM_MSIX_VCTRL_MASK; 294 } 295 } 296 297 #ifdef LEGACY_SUPPORT 298 /* 299 * If the passthrough device does not support MSI then craft a 300 * MSI capability for it. We link the new MSI capability at the 301 * head of the list of capabilities. 302 */ 303 if ((sts & PCIM_STATUS_CAPPRESENT) != 0 && sc->psc_msi.capoff == 0) { 304 int origptr, msiptr; 305 origptr = read_config(&sel, PCIR_CAP_PTR, 1); 306 msiptr = passthru_add_msicap(pi, 1, origptr); 307 sc->psc_msi.capoff = msiptr; 308 sc->psc_msi.msgctrl = pci_get_cfgdata16(pi, msiptr + 2); 309 sc->psc_msi.emulated = 1; 310 pci_set_cfgdata8(pi, PCIR_CAP_PTR, msiptr); 311 } 312 #endif 313 314 /* Make sure one of the capabilities is present */ 315 if (sc->psc_msi.capoff == 0 && sc->psc_msix.capoff == 0) 316 return (-1); 317 else 318 return (0); 319 } 320 321 static uint64_t 322 msix_table_read(struct passthru_softc *sc, uint64_t offset, int size) 323 { 324 struct pci_devinst *pi; 325 struct msix_table_entry *entry; 326 uint8_t *src8; 327 uint16_t *src16; 328 uint32_t *src32; 329 uint64_t *src64; 330 uint64_t data; 331 size_t entry_offset; 332 uint32_t table_offset; 333 int index, table_count; 334 335 pi = sc->psc_pi; 336 337 table_offset = pi->pi_msix.table_offset; 338 table_count = pi->pi_msix.table_count; 339 if (offset < table_offset || 340 offset >= table_offset + table_count * MSIX_TABLE_ENTRY_SIZE) { 341 switch (size) { 342 case 1: 343 src8 = (uint8_t *)(pi->pi_msix.mapped_addr + offset); 344 data = *src8; 345 break; 346 case 2: 347 src16 = (uint16_t *)(pi->pi_msix.mapped_addr + offset); 348 data = *src16; 349 break; 350 case 4: 351 src32 = (uint32_t *)(pi->pi_msix.mapped_addr + offset); 352 data = *src32; 353 break; 354 case 8: 355 src64 = (uint64_t *)(pi->pi_msix.mapped_addr + offset); 356 data = *src64; 357 break; 358 default: 359 return (-1); 360 } 361 return (data); 362 } 363 364 offset -= table_offset; 365 index = offset / MSIX_TABLE_ENTRY_SIZE; 366 assert(index < table_count); 367 368 entry = &pi->pi_msix.table[index]; 369 entry_offset = offset % MSIX_TABLE_ENTRY_SIZE; 370 371 switch (size) { 372 case 1: 373 src8 = (uint8_t *)((uint8_t *)entry + entry_offset); 374 data = *src8; 375 break; 376 case 2: 377 src16 = (uint16_t *)((uint8_t *)entry + entry_offset); 378 data = *src16; 379 break; 380 case 4: 381 src32 = (uint32_t *)((uint8_t *)entry + entry_offset); 382 data = *src32; 383 break; 384 case 8: 385 src64 = (uint64_t *)((uint8_t *)entry + entry_offset); 386 data = *src64; 387 break; 388 default: 389 return (-1); 390 } 391 392 return (data); 393 } 394 395 static void 396 msix_table_write(struct passthru_softc *sc, uint64_t offset, int size, 397 uint64_t data) 398 { 399 struct pci_devinst *pi; 400 struct msix_table_entry *entry; 401 uint8_t *dest8; 402 uint16_t *dest16; 403 uint32_t *dest32; 404 uint64_t *dest64; 405 size_t entry_offset; 406 uint32_t table_offset, vector_control; 407 int index, table_count; 408 409 pi = sc->psc_pi; 410 411 table_offset = pi->pi_msix.table_offset; 412 table_count = pi->pi_msix.table_count; 413 if (offset < table_offset || 414 offset >= table_offset + table_count * MSIX_TABLE_ENTRY_SIZE) { 415 switch (size) { 416 case 1: 417 dest8 = (uint8_t *)(pi->pi_msix.mapped_addr + offset); 418 *dest8 = data; 419 break; 420 case 2: 421 dest16 = (uint16_t *)(pi->pi_msix.mapped_addr + offset); 422 *dest16 = data; 423 break; 424 case 4: 425 dest32 = (uint32_t *)(pi->pi_msix.mapped_addr + offset); 426 *dest32 = data; 427 break; 428 case 8: 429 dest64 = (uint64_t *)(pi->pi_msix.mapped_addr + offset); 430 *dest64 = data; 431 break; 432 } 433 return; 434 } 435 436 offset -= table_offset; 437 index = offset / MSIX_TABLE_ENTRY_SIZE; 438 assert(index < table_count); 439 440 entry = &pi->pi_msix.table[index]; 441 entry_offset = offset % MSIX_TABLE_ENTRY_SIZE; 442 443 /* Only 4 byte naturally-aligned writes are supported */ 444 assert(size == 4); 445 assert(entry_offset % 4 == 0); 446 447 vector_control = entry->vector_control; 448 dest32 = (uint32_t *)((uint8_t *)entry + entry_offset); 449 *dest32 = data; 450 /* If MSI-X hasn't been enabled, do nothing */ 451 if (pi->pi_msix.enabled) { 452 /* If the entry is masked, don't set it up */ 453 if ((entry->vector_control & PCIM_MSIX_VCTRL_MASK) == 0 || 454 (vector_control & PCIM_MSIX_VCTRL_MASK) == 0) { 455 (void)vm_setup_pptdev_msix(sc->psc_pi->pi_vmctx, 456 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 457 sc->psc_sel.pc_func, index, entry->addr, 458 entry->msg_data, entry->vector_control); 459 } 460 } 461 } 462 463 static int 464 init_msix_table(struct passthru_softc *sc) 465 { 466 struct pci_devinst *pi = sc->psc_pi; 467 struct pci_bar_mmap pbm; 468 int b, s, f; 469 uint32_t table_size, table_offset; 470 471 assert(pci_msix_table_bar(pi) >= 0 && pci_msix_pba_bar(pi) >= 0); 472 473 b = sc->psc_sel.pc_bus; 474 s = sc->psc_sel.pc_dev; 475 f = sc->psc_sel.pc_func; 476 477 /* 478 * Map the region of the BAR containing the MSI-X table. This is 479 * necessary for two reasons: 480 * 1. The PBA may reside in the first or last page containing the MSI-X 481 * table. 482 * 2. While PCI devices are not supposed to use the page(s) containing 483 * the MSI-X table for other purposes, some do in practice. 484 */ 485 memset(&pbm, 0, sizeof(pbm)); 486 pbm.pbm_sel = sc->psc_sel; 487 pbm.pbm_flags = PCIIO_BAR_MMAP_RW; 488 pbm.pbm_reg = PCIR_BAR(pi->pi_msix.table_bar); 489 pbm.pbm_memattr = VM_MEMATTR_DEVICE; 490 491 if (ioctl(pcifd, PCIOCBARMMAP, &pbm) != 0) { 492 warn("Failed to map MSI-X table BAR on %d/%d/%d", b, s, f); 493 return (-1); 494 } 495 assert(pbm.pbm_bar_off == 0); 496 pi->pi_msix.mapped_addr = (uint8_t *)(uintptr_t)pbm.pbm_map_base; 497 pi->pi_msix.mapped_size = pbm.pbm_map_length; 498 499 table_offset = rounddown2(pi->pi_msix.table_offset, 4096); 500 501 table_size = pi->pi_msix.table_offset - table_offset; 502 table_size += pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE; 503 table_size = roundup2(table_size, 4096); 504 505 /* 506 * Unmap any pages not containing the table, we do not need to emulate 507 * accesses to them. Avoid releasing address space to help ensure that 508 * a buggy out-of-bounds access causes a crash. 509 */ 510 if (table_offset != 0) 511 if (mprotect(pi->pi_msix.mapped_addr, table_offset, 512 PROT_NONE) != 0) 513 warn("Failed to unmap MSI-X table BAR region"); 514 if (table_offset + table_size != pi->pi_msix.mapped_size) 515 if (mprotect( 516 pi->pi_msix.mapped_addr + table_offset + table_size, 517 pi->pi_msix.mapped_size - (table_offset + table_size), 518 PROT_NONE) != 0) 519 warn("Failed to unmap MSI-X table BAR region"); 520 521 return (0); 522 } 523 524 static int 525 cfginitbar(struct passthru_softc *sc) 526 { 527 int i, error; 528 struct pci_devinst *pi; 529 struct pci_bar_io bar; 530 enum pcibar_type bartype; 531 uint64_t base, size; 532 533 pi = sc->psc_pi; 534 535 /* 536 * Initialize BAR registers 537 */ 538 for (i = 0; i <= PCI_BARMAX; i++) { 539 bzero(&bar, sizeof(bar)); 540 bar.pbi_sel = sc->psc_sel; 541 bar.pbi_reg = PCIR_BAR(i); 542 543 if (ioctl(pcifd, PCIOCGETBAR, &bar) < 0) 544 continue; 545 546 if (PCI_BAR_IO(bar.pbi_base)) { 547 bartype = PCIBAR_IO; 548 base = bar.pbi_base & PCIM_BAR_IO_BASE; 549 } else { 550 switch (bar.pbi_base & PCIM_BAR_MEM_TYPE) { 551 case PCIM_BAR_MEM_64: 552 bartype = PCIBAR_MEM64; 553 break; 554 default: 555 bartype = PCIBAR_MEM32; 556 break; 557 } 558 base = bar.pbi_base & PCIM_BAR_MEM_BASE; 559 } 560 size = bar.pbi_length; 561 562 if (bartype != PCIBAR_IO) { 563 if (((base | size) & PAGE_MASK) != 0) { 564 warnx("passthru device %d/%d/%d BAR %d: " 565 "base %#lx or size %#lx not page aligned\n", 566 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 567 sc->psc_sel.pc_func, i, base, size); 568 return (-1); 569 } 570 } 571 572 /* Cache information about the "real" BAR */ 573 sc->psc_bar[i].type = bartype; 574 sc->psc_bar[i].size = size; 575 sc->psc_bar[i].addr = base; 576 sc->psc_bar[i].lobits = 0; 577 578 /* Allocate the BAR in the guest I/O or MMIO space */ 579 error = pci_emul_alloc_bar(pi, i, bartype, size); 580 if (error) 581 return (-1); 582 583 /* Use same lobits as physical bar */ 584 uint8_t lobits = read_config(&sc->psc_sel, PCIR_BAR(i), 0x01); 585 if (bartype == PCIBAR_MEM32 || bartype == PCIBAR_MEM64) { 586 lobits &= ~PCIM_BAR_MEM_BASE; 587 } else { 588 lobits &= ~PCIM_BAR_IO_BASE; 589 } 590 sc->psc_bar[i].lobits = lobits; 591 pi->pi_bar[i].lobits = lobits; 592 593 /* 594 * 64-bit BAR takes up two slots so skip the next one. 595 */ 596 if (bartype == PCIBAR_MEM64) { 597 i++; 598 assert(i <= PCI_BARMAX); 599 sc->psc_bar[i].type = PCIBAR_MEMHI64; 600 } 601 } 602 return (0); 603 } 604 605 static int 606 cfginit(struct pci_devinst *pi, int bus, int slot, int func) 607 { 608 int error; 609 struct passthru_softc *sc; 610 uint8_t intline, intpin; 611 612 error = 1; 613 sc = pi->pi_arg; 614 615 bzero(&sc->psc_sel, sizeof(struct pcisel)); 616 sc->psc_sel.pc_bus = bus; 617 sc->psc_sel.pc_dev = slot; 618 sc->psc_sel.pc_func = func; 619 620 /* 621 * Copy physical PCI header to virtual config space. INTLINE and INTPIN 622 * shouldn't be aligned with their physical value and they are already set by 623 * pci_emul_init(). 624 */ 625 intline = pci_get_cfgdata8(pi, PCIR_INTLINE); 626 intpin = pci_get_cfgdata8(pi, PCIR_INTPIN); 627 for (int i = 0; i <= PCIR_MAXLAT; i += 4) { 628 pci_set_cfgdata32(pi, i, read_config(&sc->psc_sel, i, 4)); 629 } 630 pci_set_cfgdata8(pi, PCIR_INTLINE, intline); 631 pci_set_cfgdata8(pi, PCIR_INTPIN, intpin); 632 633 if (cfginitmsi(sc) != 0) { 634 warnx("failed to initialize MSI for PCI %d/%d/%d", 635 bus, slot, func); 636 goto done; 637 } 638 639 if (cfginitbar(sc) != 0) { 640 warnx("failed to initialize BARs for PCI %d/%d/%d", 641 bus, slot, func); 642 goto done; 643 } 644 645 write_config(&sc->psc_sel, PCIR_COMMAND, 2, 646 pci_get_cfgdata16(pi, PCIR_COMMAND)); 647 648 /* 649 * We need to do this after PCIR_COMMAND got possibly updated, e.g., 650 * a BAR was enabled, as otherwise the PCIOCBARMMAP might fail on us. 651 */ 652 if (pci_msix_table_bar(pi) >= 0) { 653 error = init_msix_table(sc); 654 if (error != 0) { 655 warnx( 656 "failed to initialize MSI-X table for PCI %d/%d/%d: %d", 657 bus, slot, func, error); 658 goto done; 659 } 660 } 661 662 error = 0; /* success */ 663 done: 664 return (error); 665 } 666 667 struct passthru_mmio_mapping * 668 passthru_get_mmio(struct passthru_softc *sc, int num) 669 { 670 assert(sc != NULL); 671 assert(num < PASSTHRU_MMIO_MAX); 672 673 return (&sc->psc_mmio_map[num]); 674 } 675 676 struct pcisel * 677 passthru_get_sel(struct passthru_softc *sc) 678 { 679 assert(sc != NULL); 680 681 return (&sc->psc_sel); 682 } 683 684 int 685 set_pcir_handler(struct passthru_softc *sc, int reg, int len, 686 cfgread_handler rhandler, cfgwrite_handler whandler) 687 { 688 if (reg > PCI_REGMAX || reg + len > PCI_REGMAX + 1) 689 return (-1); 690 691 for (int i = reg; i < reg + len; ++i) { 692 assert(sc->psc_pcir_rhandler[i] == NULL || rhandler == NULL); 693 assert(sc->psc_pcir_whandler[i] == NULL || whandler == NULL); 694 sc->psc_pcir_rhandler[i] = rhandler; 695 sc->psc_pcir_whandler[i] = whandler; 696 } 697 698 return (0); 699 } 700 701 static int 702 passthru_legacy_config(nvlist_t *nvl, const char *opts) 703 { 704 const char *cp; 705 char *tofree; 706 char value[16]; 707 int bus, slot, func; 708 709 if (opts == NULL) 710 return (0); 711 712 cp = strchr(opts, ','); 713 714 if (strncmp(opts, "ppt", strlen("ppt")) == 0) { 715 tofree = strndup(opts, cp - opts); 716 set_config_value_node(nvl, "pptdev", tofree); 717 free(tofree); 718 } else if (sscanf(opts, "pci0:%d:%d:%d", &bus, &slot, &func) == 3 || 719 sscanf(opts, "pci%d:%d:%d", &bus, &slot, &func) == 3 || 720 sscanf(opts, "%d/%d/%d", &bus, &slot, &func) == 3) { 721 snprintf(value, sizeof(value), "%d", bus); 722 set_config_value_node(nvl, "bus", value); 723 snprintf(value, sizeof(value), "%d", slot); 724 set_config_value_node(nvl, "slot", value); 725 snprintf(value, sizeof(value), "%d", func); 726 set_config_value_node(nvl, "func", value); 727 } else { 728 EPRINTLN("passthru: invalid options \"%s\"", opts); 729 return (-1); 730 } 731 732 if (cp == NULL) { 733 return (0); 734 } 735 736 return (pci_parse_legacy_config(nvl, cp + 1)); 737 } 738 739 static int 740 passthru_init_rom(struct passthru_softc *const sc, const char *const romfile) 741 { 742 if (romfile == NULL) { 743 return (0); 744 } 745 746 const int fd = open(romfile, O_RDONLY); 747 if (fd < 0) { 748 warnx("%s: can't open romfile \"%s\"", __func__, romfile); 749 return (-1); 750 } 751 752 struct stat sbuf; 753 if (fstat(fd, &sbuf) < 0) { 754 warnx("%s: can't fstat romfile \"%s\"", __func__, romfile); 755 close(fd); 756 return (-1); 757 } 758 const uint64_t rom_size = sbuf.st_size; 759 760 void *const rom_data = mmap(NULL, rom_size, PROT_READ, MAP_SHARED, fd, 761 0); 762 if (rom_data == MAP_FAILED) { 763 warnx("%s: unable to mmap romfile \"%s\" (%d)", __func__, 764 romfile, errno); 765 close(fd); 766 return (-1); 767 } 768 769 void *rom_addr; 770 int error = pci_emul_alloc_rom(sc->psc_pi, rom_size, &rom_addr); 771 if (error) { 772 warnx("%s: failed to alloc rom segment", __func__); 773 munmap(rom_data, rom_size); 774 close(fd); 775 return (error); 776 } 777 memcpy(rom_addr, rom_data, rom_size); 778 779 sc->psc_bar[PCI_ROM_IDX].type = PCIBAR_ROM; 780 sc->psc_bar[PCI_ROM_IDX].addr = (uint64_t)rom_addr; 781 sc->psc_bar[PCI_ROM_IDX].size = rom_size; 782 783 munmap(rom_data, rom_size); 784 close(fd); 785 786 return (0); 787 } 788 789 static bool 790 passthru_lookup_pptdev(const char *name, int *bus, int *slot, int *func) 791 { 792 struct pci_conf_io pc; 793 struct pci_conf conf[1]; 794 struct pci_match_conf patterns[1]; 795 char *cp; 796 797 bzero(&pc, sizeof(struct pci_conf_io)); 798 pc.match_buf_len = sizeof(conf); 799 pc.matches = conf; 800 801 bzero(&patterns, sizeof(patterns)); 802 803 /* 804 * The pattern structure requires the unit to be split out from 805 * the driver name. Walk backwards from the end of the name to 806 * find the start of the unit. 807 */ 808 cp = strchr(name, '\0'); 809 assert(cp != NULL); 810 while (cp != name && isdigit(cp[-1])) 811 cp--; 812 if (cp == name || !isdigit(*cp)) { 813 EPRINTLN("Invalid passthru device name %s", name); 814 return (false); 815 } 816 if ((size_t)(cp - name) + 1 > sizeof(patterns[0].pd_name)) { 817 EPRINTLN("Passthru device name %s is too long", name); 818 return (false); 819 } 820 memcpy(patterns[0].pd_name, name, cp - name); 821 patterns[0].pd_unit = strtol(cp, &cp, 10); 822 if (*cp != '\0') { 823 EPRINTLN("Invalid passthru device name %s", name); 824 return (false); 825 } 826 patterns[0].flags = PCI_GETCONF_MATCH_NAME | PCI_GETCONF_MATCH_UNIT; 827 pc.num_patterns = 1; 828 pc.pat_buf_len = sizeof(patterns); 829 pc.patterns = patterns; 830 831 if (ioctl(pcifd, PCIOCGETCONF, &pc) == -1) { 832 EPRINTLN("ioctl(PCIOCGETCONF): %s", strerror(errno)); 833 return (false); 834 } 835 if (pc.status != PCI_GETCONF_LAST_DEVICE && 836 pc.status != PCI_GETCONF_MORE_DEVS) { 837 EPRINTLN("error returned from PCIOCGETCONF ioctl"); 838 return (false); 839 } 840 if (pc.num_matches == 0) { 841 EPRINTLN("Passthru device %s not found", name); 842 return (false); 843 } 844 845 if (conf[0].pc_sel.pc_domain != 0) { 846 EPRINTLN("Passthru device %s on unsupported domain", name); 847 return (false); 848 } 849 *bus = conf[0].pc_sel.pc_bus; 850 *slot = conf[0].pc_sel.pc_dev; 851 *func = conf[0].pc_sel.pc_func; 852 return (true); 853 } 854 855 static int 856 passthru_init(struct pci_devinst *pi, nvlist_t *nvl) 857 { 858 int bus, slot, func, error, memflags; 859 struct passthru_softc *sc; 860 struct passthru_dev **devpp; 861 struct passthru_dev *devp, *dev = NULL; 862 const char *value; 863 864 sc = NULL; 865 error = 1; 866 867 memflags = vm_get_memflags(pi->pi_vmctx); 868 if (!(memflags & VM_MEM_F_WIRED)) { 869 warnx("passthru requires guest memory to be wired"); 870 return (error); 871 } 872 873 if (pcifd < 0 && pcifd_init()) { 874 return (error); 875 } 876 877 #define GET_INT_CONFIG(var, name) do { \ 878 value = get_config_value_node(nvl, name); \ 879 if (value == NULL) { \ 880 EPRINTLN("passthru: missing required %s setting", name); \ 881 return (error); \ 882 } \ 883 var = atoi(value); \ 884 } while (0) 885 886 value = get_config_value_node(nvl, "pptdev"); 887 if (value != NULL) { 888 if (!passthru_lookup_pptdev(value, &bus, &slot, &func)) 889 return (error); 890 } else { 891 GET_INT_CONFIG(bus, "bus"); 892 GET_INT_CONFIG(slot, "slot"); 893 GET_INT_CONFIG(func, "func"); 894 } 895 896 if (vm_assign_pptdev(pi->pi_vmctx, bus, slot, func) != 0) { 897 warnx("PCI device at %d/%d/%d is not using the ppt(4) driver", 898 bus, slot, func); 899 goto done; 900 } 901 902 sc = calloc(1, sizeof(struct passthru_softc)); 903 904 pi->pi_arg = sc; 905 sc->psc_pi = pi; 906 907 /* initialize config space */ 908 if ((error = cfginit(pi, bus, slot, func)) != 0) 909 goto done; 910 911 /* initialize ROM */ 912 if ((error = passthru_init_rom(sc, 913 get_config_value_node(nvl, "rom"))) != 0) 914 goto done; 915 916 /* Emulate most PCI header register. */ 917 if ((error = set_pcir_handler(sc, 0, PCIR_MAXLAT + 1, 918 passthru_cfgread_emulate, passthru_cfgwrite_emulate)) != 0) 919 goto done; 920 921 /* Allow access to the physical command and status register. */ 922 if ((error = set_pcir_handler(sc, PCIR_COMMAND, 0x04, NULL, NULL)) != 0) 923 goto done; 924 925 SET_FOREACH(devpp, passthru_dev_set) { 926 devp = *devpp; 927 assert(devp->probe != NULL); 928 if (devp->probe(pi) == 0) { 929 dev = devp; 930 break; 931 } 932 } 933 934 if (dev != NULL) { 935 error = dev->init(pi, nvl); 936 if (error != 0) 937 goto done; 938 } 939 940 error = 0; /* success */ 941 done: 942 if (error) { 943 if (dev != NULL) 944 dev->deinit(pi); 945 free(sc); 946 vm_unassign_pptdev(pi->pi_vmctx, bus, slot, func); 947 } 948 return (error); 949 } 950 951 static int 952 msicap_access(struct passthru_softc *sc, int coff) 953 { 954 int caplen; 955 956 if (sc->psc_msi.capoff == 0) 957 return (0); 958 959 caplen = msi_caplen(sc->psc_msi.msgctrl); 960 961 if (coff >= sc->psc_msi.capoff && coff < sc->psc_msi.capoff + caplen) 962 return (1); 963 else 964 return (0); 965 } 966 967 static int 968 msixcap_access(struct passthru_softc *sc, int coff) 969 { 970 if (sc->psc_msix.capoff == 0) 971 return (0); 972 973 return (coff >= sc->psc_msix.capoff && 974 coff < sc->psc_msix.capoff + MSIX_CAPLEN); 975 } 976 977 static int 978 passthru_cfgread_default(struct passthru_softc *sc, 979 struct pci_devinst *pi __unused, int coff, int bytes, uint32_t *rv) 980 { 981 /* 982 * MSI capability is emulated. 983 */ 984 if (msicap_access(sc, coff) || msixcap_access(sc, coff)) 985 return (-1); 986 987 /* 988 * Emulate the command register. If a single read reads both the 989 * command and status registers, read the status register from the 990 * device's config space. 991 */ 992 if (coff == PCIR_COMMAND) { 993 if (bytes <= 2) 994 return (-1); 995 *rv = read_config(&sc->psc_sel, PCIR_STATUS, 2) << 16 | 996 pci_get_cfgdata16(pi, PCIR_COMMAND); 997 return (0); 998 } 999 1000 /* Everything else just read from the device's config space */ 1001 *rv = read_config(&sc->psc_sel, coff, bytes); 1002 1003 return (0); 1004 } 1005 1006 int 1007 passthru_cfgread_emulate(struct passthru_softc *sc __unused, 1008 struct pci_devinst *pi __unused, int coff __unused, int bytes __unused, 1009 uint32_t *rv __unused) 1010 { 1011 return (-1); 1012 } 1013 1014 static int 1015 passthru_cfgread(struct pci_devinst *pi, int coff, int bytes, uint32_t *rv) 1016 { 1017 struct passthru_softc *sc; 1018 1019 sc = pi->pi_arg; 1020 1021 if (sc->psc_pcir_rhandler[coff] != NULL) 1022 return (sc->psc_pcir_rhandler[coff](sc, pi, coff, bytes, rv)); 1023 1024 return (passthru_cfgread_default(sc, pi, coff, bytes, rv)); 1025 } 1026 1027 static int 1028 passthru_cfgwrite_default(struct passthru_softc *sc, struct pci_devinst *pi, 1029 int coff, int bytes, uint32_t val) 1030 { 1031 int error, msix_table_entries, i; 1032 uint16_t cmd_old; 1033 1034 /* 1035 * MSI capability is emulated 1036 */ 1037 if (msicap_access(sc, coff)) { 1038 pci_emul_capwrite(pi, coff, bytes, val, sc->psc_msi.capoff, 1039 PCIY_MSI); 1040 error = vm_setup_pptdev_msi(pi->pi_vmctx, sc->psc_sel.pc_bus, 1041 sc->psc_sel.pc_dev, sc->psc_sel.pc_func, 1042 pi->pi_msi.addr, pi->pi_msi.msg_data, 1043 pi->pi_msi.maxmsgnum); 1044 if (error != 0) 1045 err(1, "vm_setup_pptdev_msi"); 1046 return (0); 1047 } 1048 1049 if (msixcap_access(sc, coff)) { 1050 pci_emul_capwrite(pi, coff, bytes, val, sc->psc_msix.capoff, 1051 PCIY_MSIX); 1052 if (pi->pi_msix.enabled) { 1053 msix_table_entries = pi->pi_msix.table_count; 1054 for (i = 0; i < msix_table_entries; i++) { 1055 error = vm_setup_pptdev_msix(pi->pi_vmctx, 1056 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 1057 sc->psc_sel.pc_func, i, 1058 pi->pi_msix.table[i].addr, 1059 pi->pi_msix.table[i].msg_data, 1060 pi->pi_msix.table[i].vector_control); 1061 1062 if (error) 1063 err(1, "vm_setup_pptdev_msix"); 1064 } 1065 } else { 1066 error = vm_disable_pptdev_msix(pi->pi_vmctx, 1067 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 1068 sc->psc_sel.pc_func); 1069 if (error) 1070 err(1, "vm_disable_pptdev_msix"); 1071 } 1072 return (0); 1073 } 1074 1075 #ifdef LEGACY_SUPPORT 1076 /* 1077 * If this device does not support MSI natively then we cannot let 1078 * the guest disable legacy interrupts from the device. It is the 1079 * legacy interrupt that is triggering the virtual MSI to the guest. 1080 */ 1081 if (sc->psc_msi.emulated && pci_msi_enabled(pi)) { 1082 if (coff == PCIR_COMMAND && bytes == 2) 1083 val &= ~PCIM_CMD_INTxDIS; 1084 } 1085 #endif 1086 1087 write_config(&sc->psc_sel, coff, bytes, val); 1088 if (coff == PCIR_COMMAND) { 1089 cmd_old = pci_get_cfgdata16(pi, PCIR_COMMAND); 1090 if (bytes == 1) 1091 pci_set_cfgdata8(pi, PCIR_COMMAND, val); 1092 else if (bytes == 2) 1093 pci_set_cfgdata16(pi, PCIR_COMMAND, val); 1094 pci_emul_cmd_changed(pi, cmd_old); 1095 } 1096 1097 return (0); 1098 } 1099 1100 int 1101 passthru_cfgwrite_emulate(struct passthru_softc *sc __unused, 1102 struct pci_devinst *pi __unused, int coff __unused, int bytes __unused, 1103 uint32_t val __unused) 1104 { 1105 return (-1); 1106 } 1107 1108 static int 1109 passthru_cfgwrite(struct pci_devinst *pi, int coff, int bytes, uint32_t val) 1110 { 1111 struct passthru_softc *sc; 1112 1113 sc = pi->pi_arg; 1114 1115 if (sc->psc_pcir_whandler[coff] != NULL) 1116 return (sc->psc_pcir_whandler[coff](sc, pi, coff, bytes, val)); 1117 1118 return (passthru_cfgwrite_default(sc, pi, coff, bytes, val)); 1119 } 1120 1121 static void 1122 passthru_write(struct pci_devinst *pi, int baridx, uint64_t offset, int size, 1123 uint64_t value) 1124 { 1125 struct passthru_softc *sc; 1126 struct pci_bar_ioreq pio; 1127 1128 sc = pi->pi_arg; 1129 1130 if (baridx == pci_msix_table_bar(pi)) { 1131 msix_table_write(sc, offset, size, value); 1132 } else { 1133 assert(pi->pi_bar[baridx].type == PCIBAR_IO); 1134 assert(size == 1 || size == 2 || size == 4); 1135 assert(offset <= UINT32_MAX && offset + size <= UINT32_MAX); 1136 1137 bzero(&pio, sizeof(pio)); 1138 pio.pbi_sel = sc->psc_sel; 1139 pio.pbi_op = PCIBARIO_WRITE; 1140 pio.pbi_bar = baridx; 1141 pio.pbi_offset = (uint32_t)offset; 1142 pio.pbi_width = size; 1143 pio.pbi_value = (uint32_t)value; 1144 1145 (void)ioctl(pcifd, PCIOCBARIO, &pio); 1146 } 1147 } 1148 1149 static uint64_t 1150 passthru_read(struct pci_devinst *pi, int baridx, uint64_t offset, int size) 1151 { 1152 struct passthru_softc *sc; 1153 struct pci_bar_ioreq pio; 1154 uint64_t val; 1155 1156 sc = pi->pi_arg; 1157 1158 if (baridx == pci_msix_table_bar(pi)) { 1159 val = msix_table_read(sc, offset, size); 1160 } else { 1161 assert(pi->pi_bar[baridx].type == PCIBAR_IO); 1162 assert(size == 1 || size == 2 || size == 4); 1163 assert(offset <= UINT32_MAX && offset + size <= UINT32_MAX); 1164 1165 bzero(&pio, sizeof(pio)); 1166 pio.pbi_sel = sc->psc_sel; 1167 pio.pbi_op = PCIBARIO_READ; 1168 pio.pbi_bar = baridx; 1169 pio.pbi_offset = (uint32_t)offset; 1170 pio.pbi_width = size; 1171 1172 (void)ioctl(pcifd, PCIOCBARIO, &pio); 1173 1174 val = pio.pbi_value; 1175 } 1176 1177 return (val); 1178 } 1179 1180 static void 1181 passthru_msix_addr(struct pci_devinst *pi, int baridx, int enabled, 1182 uint64_t address) 1183 { 1184 struct passthru_softc *sc; 1185 size_t remaining; 1186 uint32_t table_size, table_offset; 1187 1188 sc = pi->pi_arg; 1189 table_offset = rounddown2(pi->pi_msix.table_offset, 4096); 1190 if (table_offset > 0) { 1191 if (!enabled) { 1192 if (vm_unmap_pptdev_mmio(pi->pi_vmctx, 1193 sc->psc_sel.pc_bus, 1194 sc->psc_sel.pc_dev, 1195 sc->psc_sel.pc_func, address, 1196 table_offset) != 0) 1197 warnx("pci_passthru: unmap_pptdev_mmio failed"); 1198 } else { 1199 if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1200 sc->psc_sel.pc_dev, 1201 sc->psc_sel.pc_func, address, 1202 table_offset, 1203 sc->psc_bar[baridx].addr) != 0) 1204 warnx("pci_passthru: map_pptdev_mmio failed"); 1205 } 1206 } 1207 table_size = pi->pi_msix.table_offset - table_offset; 1208 table_size += pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE; 1209 table_size = roundup2(table_size, 4096); 1210 remaining = pi->pi_bar[baridx].size - table_offset - table_size; 1211 if (remaining > 0) { 1212 address += table_offset + table_size; 1213 if (!enabled) { 1214 if (vm_unmap_pptdev_mmio(pi->pi_vmctx, 1215 sc->psc_sel.pc_bus, 1216 sc->psc_sel.pc_dev, 1217 sc->psc_sel.pc_func, address, 1218 remaining) != 0) 1219 warnx("pci_passthru: unmap_pptdev_mmio failed"); 1220 } else { 1221 if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1222 sc->psc_sel.pc_dev, 1223 sc->psc_sel.pc_func, address, 1224 remaining, 1225 sc->psc_bar[baridx].addr + 1226 table_offset + table_size) != 0) 1227 warnx("pci_passthru: map_pptdev_mmio failed"); 1228 } 1229 } 1230 } 1231 1232 static void 1233 passthru_mmio_addr(struct pci_devinst *pi, int baridx, int enabled, 1234 uint64_t address) 1235 { 1236 struct passthru_softc *sc; 1237 1238 sc = pi->pi_arg; 1239 if (!enabled) { 1240 if (vm_unmap_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1241 sc->psc_sel.pc_dev, 1242 sc->psc_sel.pc_func, address, 1243 sc->psc_bar[baridx].size) != 0) 1244 warnx("pci_passthru: unmap_pptdev_mmio failed"); 1245 } else { 1246 if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1247 sc->psc_sel.pc_dev, 1248 sc->psc_sel.pc_func, address, 1249 sc->psc_bar[baridx].size, 1250 sc->psc_bar[baridx].addr) != 0) 1251 warnx("pci_passthru: map_pptdev_mmio failed"); 1252 } 1253 } 1254 1255 static void 1256 passthru_addr_rom(struct pci_devinst *const pi, const int idx, 1257 const int enabled) 1258 { 1259 const uint64_t addr = pi->pi_bar[idx].addr; 1260 const uint64_t size = pi->pi_bar[idx].size; 1261 1262 if (!enabled) { 1263 if (vm_munmap_memseg(pi->pi_vmctx, addr, size) != 0) { 1264 errx(4, "%s: munmap_memseg @ [%016lx - %016lx] failed", 1265 __func__, addr, addr + size); 1266 } 1267 1268 } else { 1269 if (vm_mmap_memseg(pi->pi_vmctx, addr, VM_PCIROM, 1270 pi->pi_romoffset, size, PROT_READ | PROT_EXEC) != 0) { 1271 errx(4, "%s: mmap_memseg @ [%016lx - %016lx] failed", 1272 __func__, addr, addr + size); 1273 } 1274 } 1275 } 1276 1277 static void 1278 passthru_addr(struct pci_devinst *pi, int baridx, int enabled, uint64_t address) 1279 { 1280 switch (pi->pi_bar[baridx].type) { 1281 case PCIBAR_IO: 1282 /* IO BARs are emulated */ 1283 break; 1284 case PCIBAR_ROM: 1285 passthru_addr_rom(pi, baridx, enabled); 1286 break; 1287 case PCIBAR_MEM32: 1288 case PCIBAR_MEM64: 1289 if (baridx == pci_msix_table_bar(pi)) 1290 passthru_msix_addr(pi, baridx, enabled, address); 1291 else 1292 passthru_mmio_addr(pi, baridx, enabled, address); 1293 break; 1294 default: 1295 errx(4, "%s: invalid BAR type %d", __func__, 1296 pi->pi_bar[baridx].type); 1297 } 1298 } 1299 1300 static const struct pci_devemu passthru = { 1301 .pe_emu = "passthru", 1302 .pe_init = passthru_init, 1303 .pe_legacy_config = passthru_legacy_config, 1304 .pe_cfgwrite = passthru_cfgwrite, 1305 .pe_cfgread = passthru_cfgread, 1306 .pe_barwrite = passthru_write, 1307 .pe_barread = passthru_read, 1308 .pe_baraddr = passthru_addr, 1309 }; 1310 PCI_EMUL_SET(passthru); 1311