xref: /freebsd/usr.sbin/bhyve/pci_passthru.c (revision 9f23cbd6cae82fd77edfad7173432fa8dccd0a95)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2011 NetApp, Inc.
5  * All rights reserved.
6  *
7  * Redistribution and use in source and binary forms, with or without
8  * modification, are permitted provided that the following conditions
9  * are met:
10  * 1. Redistributions of source code must retain the above copyright
11  *    notice, this list of conditions and the following disclaimer.
12  * 2. Redistributions in binary form must reproduce the above copyright
13  *    notice, this list of conditions and the following disclaimer in the
14  *    documentation and/or other materials provided with the distribution.
15  *
16  * THIS SOFTWARE IS PROVIDED BY NETAPP, INC ``AS IS'' AND
17  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19  * ARE DISCLAIMED.  IN NO EVENT SHALL NETAPP, INC OR CONTRIBUTORS BE LIABLE
20  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
26  * SUCH DAMAGE.
27  *
28  * $FreeBSD$
29  */
30 
31 #include <sys/cdefs.h>
32 __FBSDID("$FreeBSD$");
33 
34 #include <sys/param.h>
35 #ifndef WITHOUT_CAPSICUM
36 #include <sys/capsicum.h>
37 #endif
38 #include <sys/types.h>
39 #include <sys/mman.h>
40 #include <sys/pciio.h>
41 #include <sys/ioctl.h>
42 #include <sys/stat.h>
43 
44 #include <dev/io/iodev.h>
45 #include <dev/pci/pcireg.h>
46 
47 #include <vm/vm.h>
48 
49 #include <machine/iodev.h>
50 #include <machine/vm.h>
51 
52 #ifndef WITHOUT_CAPSICUM
53 #include <capsicum_helpers.h>
54 #endif
55 #include <ctype.h>
56 #include <stdio.h>
57 #include <stdlib.h>
58 #include <string.h>
59 #include <err.h>
60 #include <errno.h>
61 #include <fcntl.h>
62 #include <sysexits.h>
63 #include <unistd.h>
64 
65 #include <machine/vmm.h>
66 
67 #include "debug.h"
68 #include "mem.h"
69 #include "pci_passthru.h"
70 
71 #ifndef _PATH_DEVPCI
72 #define	_PATH_DEVPCI	"/dev/pci"
73 #endif
74 
75 #define	LEGACY_SUPPORT	1
76 
77 #define MSIX_TABLE_COUNT(ctrl) (((ctrl) & PCIM_MSIXCTRL_TABLE_SIZE) + 1)
78 #define MSIX_CAPLEN 12
79 
80 #define PASSTHRU_MMIO_MAX 2
81 
82 static int pcifd = -1;
83 
84 SET_DECLARE(passthru_dev_set, struct passthru_dev);
85 
86 struct passthru_softc {
87 	struct pci_devinst *psc_pi;
88 	/* ROM is handled like a BAR */
89 	struct pcibar psc_bar[PCI_BARMAX_WITH_ROM + 1];
90 	struct {
91 		int		capoff;
92 		int		msgctrl;
93 		int		emulated;
94 	} psc_msi;
95 	struct {
96 		int		capoff;
97 	} psc_msix;
98 	struct pcisel psc_sel;
99 
100 	struct passthru_mmio_mapping psc_mmio_map[PASSTHRU_MMIO_MAX];
101 	cfgread_handler psc_pcir_rhandler[PCI_REGMAX + 1];
102 	cfgwrite_handler psc_pcir_whandler[PCI_REGMAX + 1];
103 };
104 
105 static int
106 msi_caplen(int msgctrl)
107 {
108 	int len;
109 
110 	len = 10;		/* minimum length of msi capability */
111 
112 	if (msgctrl & PCIM_MSICTRL_64BIT)
113 		len += 4;
114 
115 #if 0
116 	/*
117 	 * Ignore the 'mask' and 'pending' bits in the MSI capability.
118 	 * We'll let the guest manipulate them directly.
119 	 */
120 	if (msgctrl & PCIM_MSICTRL_VECTOR)
121 		len += 10;
122 #endif
123 
124 	return (len);
125 }
126 
127 static int
128 pcifd_init(void)
129 {
130 	pcifd = open(_PATH_DEVPCI, O_RDWR, 0);
131 	if (pcifd < 0) {
132 		warn("failed to open %s", _PATH_DEVPCI);
133 		return (1);
134 	}
135 
136 #ifndef WITHOUT_CAPSICUM
137 	cap_rights_t pcifd_rights;
138 	cap_rights_init(&pcifd_rights, CAP_IOCTL, CAP_READ, CAP_WRITE);
139 	if (caph_rights_limit(pcifd, &pcifd_rights) == -1)
140 		errx(EX_OSERR, "Unable to apply rights for sandbox");
141 
142 	const cap_ioctl_t pcifd_ioctls[] = { PCIOCREAD, PCIOCWRITE, PCIOCGETBAR,
143 		PCIOCBARIO, PCIOCBARMMAP, PCIOCGETCONF };
144 	if (caph_ioctls_limit(pcifd, pcifd_ioctls, nitems(pcifd_ioctls)) == -1)
145 		errx(EX_OSERR, "Unable to apply rights for sandbox");
146 #endif
147 
148 	return (0);
149 }
150 
151 uint32_t
152 read_config(const struct pcisel *sel, long reg, int width)
153 {
154 	struct pci_io pi;
155 
156 	if (pcifd < 0 && pcifd_init()) {
157 		return (0);
158 	}
159 
160 	bzero(&pi, sizeof(pi));
161 	pi.pi_sel = *sel;
162 	pi.pi_reg = reg;
163 	pi.pi_width = width;
164 
165 	if (ioctl(pcifd, PCIOCREAD, &pi) < 0)
166 		return (0);				/* XXX */
167 	else
168 		return (pi.pi_data);
169 }
170 
171 void
172 write_config(const struct pcisel *sel, long reg, int width, uint32_t data)
173 {
174 	struct pci_io pi;
175 
176 	if (pcifd < 0 && pcifd_init()) {
177 		return;
178 	}
179 
180 	bzero(&pi, sizeof(pi));
181 	pi.pi_sel = *sel;
182 	pi.pi_reg = reg;
183 	pi.pi_width = width;
184 	pi.pi_data = data;
185 
186 	(void)ioctl(pcifd, PCIOCWRITE, &pi);		/* XXX */
187 }
188 
189 #ifdef LEGACY_SUPPORT
190 static int
191 passthru_add_msicap(struct pci_devinst *pi, int msgnum, int nextptr)
192 {
193 	int capoff;
194 	struct msicap msicap;
195 	u_char *capdata;
196 
197 	pci_populate_msicap(&msicap, msgnum, nextptr);
198 
199 	/*
200 	 * XXX
201 	 * Copy the msi capability structure in the last 16 bytes of the
202 	 * config space. This is wrong because it could shadow something
203 	 * useful to the device.
204 	 */
205 	capoff = 256 - roundup(sizeof(msicap), 4);
206 	capdata = (u_char *)&msicap;
207 	for (size_t i = 0; i < sizeof(msicap); i++)
208 		pci_set_cfgdata8(pi, capoff + i, capdata[i]);
209 
210 	return (capoff);
211 }
212 #endif	/* LEGACY_SUPPORT */
213 
214 static int
215 cfginitmsi(struct passthru_softc *sc)
216 {
217 	int i, ptr, capptr, cap, sts, caplen, table_size;
218 	uint32_t u32;
219 	struct pcisel sel;
220 	struct pci_devinst *pi;
221 	struct msixcap msixcap;
222 	char *msixcap_ptr;
223 
224 	pi = sc->psc_pi;
225 	sel = sc->psc_sel;
226 
227 	/*
228 	 * Parse the capabilities and cache the location of the MSI
229 	 * and MSI-X capabilities.
230 	 */
231 	sts = read_config(&sel, PCIR_STATUS, 2);
232 	if (sts & PCIM_STATUS_CAPPRESENT) {
233 		ptr = read_config(&sel, PCIR_CAP_PTR, 1);
234 		while (ptr != 0 && ptr != 0xff) {
235 			cap = read_config(&sel, ptr + PCICAP_ID, 1);
236 			if (cap == PCIY_MSI) {
237 				/*
238 				 * Copy the MSI capability into the config
239 				 * space of the emulated pci device
240 				 */
241 				sc->psc_msi.capoff = ptr;
242 				sc->psc_msi.msgctrl = read_config(&sel,
243 								  ptr + 2, 2);
244 				sc->psc_msi.emulated = 0;
245 				caplen = msi_caplen(sc->psc_msi.msgctrl);
246 				capptr = ptr;
247 				while (caplen > 0) {
248 					u32 = read_config(&sel, capptr, 4);
249 					pci_set_cfgdata32(pi, capptr, u32);
250 					caplen -= 4;
251 					capptr += 4;
252 				}
253 			} else if (cap == PCIY_MSIX) {
254 				/*
255 				 * Copy the MSI-X capability
256 				 */
257 				sc->psc_msix.capoff = ptr;
258 				caplen = 12;
259 				msixcap_ptr = (char *)&msixcap;
260 				capptr = ptr;
261 				while (caplen > 0) {
262 					u32 = read_config(&sel, capptr, 4);
263 					memcpy(msixcap_ptr, &u32, 4);
264 					pci_set_cfgdata32(pi, capptr, u32);
265 					caplen -= 4;
266 					capptr += 4;
267 					msixcap_ptr += 4;
268 				}
269 			}
270 			ptr = read_config(&sel, ptr + PCICAP_NEXTPTR, 1);
271 		}
272 	}
273 
274 	if (sc->psc_msix.capoff != 0) {
275 		pi->pi_msix.pba_bar =
276 		    msixcap.pba_info & PCIM_MSIX_BIR_MASK;
277 		pi->pi_msix.pba_offset =
278 		    msixcap.pba_info & ~PCIM_MSIX_BIR_MASK;
279 		pi->pi_msix.table_bar =
280 		    msixcap.table_info & PCIM_MSIX_BIR_MASK;
281 		pi->pi_msix.table_offset =
282 		    msixcap.table_info & ~PCIM_MSIX_BIR_MASK;
283 		pi->pi_msix.table_count = MSIX_TABLE_COUNT(msixcap.msgctrl);
284 		pi->pi_msix.pba_size = PBA_SIZE(pi->pi_msix.table_count);
285 
286 		/* Allocate the emulated MSI-X table array */
287 		table_size = pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE;
288 		pi->pi_msix.table = calloc(1, table_size);
289 
290 		/* Mask all table entries */
291 		for (i = 0; i < pi->pi_msix.table_count; i++) {
292 			pi->pi_msix.table[i].vector_control |=
293 						PCIM_MSIX_VCTRL_MASK;
294 		}
295 	}
296 
297 #ifdef LEGACY_SUPPORT
298 	/*
299 	 * If the passthrough device does not support MSI then craft a
300 	 * MSI capability for it. We link the new MSI capability at the
301 	 * head of the list of capabilities.
302 	 */
303 	if ((sts & PCIM_STATUS_CAPPRESENT) != 0 && sc->psc_msi.capoff == 0) {
304 		int origptr, msiptr;
305 		origptr = read_config(&sel, PCIR_CAP_PTR, 1);
306 		msiptr = passthru_add_msicap(pi, 1, origptr);
307 		sc->psc_msi.capoff = msiptr;
308 		sc->psc_msi.msgctrl = pci_get_cfgdata16(pi, msiptr + 2);
309 		sc->psc_msi.emulated = 1;
310 		pci_set_cfgdata8(pi, PCIR_CAP_PTR, msiptr);
311 	}
312 #endif
313 
314 	/* Make sure one of the capabilities is present */
315 	if (sc->psc_msi.capoff == 0 && sc->psc_msix.capoff == 0)
316 		return (-1);
317 	else
318 		return (0);
319 }
320 
321 static uint64_t
322 msix_table_read(struct passthru_softc *sc, uint64_t offset, int size)
323 {
324 	struct pci_devinst *pi;
325 	struct msix_table_entry *entry;
326 	uint8_t *src8;
327 	uint16_t *src16;
328 	uint32_t *src32;
329 	uint64_t *src64;
330 	uint64_t data;
331 	size_t entry_offset;
332 	uint32_t table_offset;
333 	int index, table_count;
334 
335 	pi = sc->psc_pi;
336 
337 	table_offset = pi->pi_msix.table_offset;
338 	table_count = pi->pi_msix.table_count;
339 	if (offset < table_offset ||
340 	    offset >= table_offset + table_count * MSIX_TABLE_ENTRY_SIZE) {
341 		switch (size) {
342 		case 1:
343 			src8 = (uint8_t *)(pi->pi_msix.mapped_addr + offset);
344 			data = *src8;
345 			break;
346 		case 2:
347 			src16 = (uint16_t *)(pi->pi_msix.mapped_addr + offset);
348 			data = *src16;
349 			break;
350 		case 4:
351 			src32 = (uint32_t *)(pi->pi_msix.mapped_addr + offset);
352 			data = *src32;
353 			break;
354 		case 8:
355 			src64 = (uint64_t *)(pi->pi_msix.mapped_addr + offset);
356 			data = *src64;
357 			break;
358 		default:
359 			return (-1);
360 		}
361 		return (data);
362 	}
363 
364 	offset -= table_offset;
365 	index = offset / MSIX_TABLE_ENTRY_SIZE;
366 	assert(index < table_count);
367 
368 	entry = &pi->pi_msix.table[index];
369 	entry_offset = offset % MSIX_TABLE_ENTRY_SIZE;
370 
371 	switch (size) {
372 	case 1:
373 		src8 = (uint8_t *)((uint8_t *)entry + entry_offset);
374 		data = *src8;
375 		break;
376 	case 2:
377 		src16 = (uint16_t *)((uint8_t *)entry + entry_offset);
378 		data = *src16;
379 		break;
380 	case 4:
381 		src32 = (uint32_t *)((uint8_t *)entry + entry_offset);
382 		data = *src32;
383 		break;
384 	case 8:
385 		src64 = (uint64_t *)((uint8_t *)entry + entry_offset);
386 		data = *src64;
387 		break;
388 	default:
389 		return (-1);
390 	}
391 
392 	return (data);
393 }
394 
395 static void
396 msix_table_write(struct passthru_softc *sc, uint64_t offset, int size,
397     uint64_t data)
398 {
399 	struct pci_devinst *pi;
400 	struct msix_table_entry *entry;
401 	uint8_t *dest8;
402 	uint16_t *dest16;
403 	uint32_t *dest32;
404 	uint64_t *dest64;
405 	size_t entry_offset;
406 	uint32_t table_offset, vector_control;
407 	int index, table_count;
408 
409 	pi = sc->psc_pi;
410 
411 	table_offset = pi->pi_msix.table_offset;
412 	table_count = pi->pi_msix.table_count;
413 	if (offset < table_offset ||
414 	    offset >= table_offset + table_count * MSIX_TABLE_ENTRY_SIZE) {
415 		switch (size) {
416 		case 1:
417 			dest8 = (uint8_t *)(pi->pi_msix.mapped_addr + offset);
418 			*dest8 = data;
419 			break;
420 		case 2:
421 			dest16 = (uint16_t *)(pi->pi_msix.mapped_addr + offset);
422 			*dest16 = data;
423 			break;
424 		case 4:
425 			dest32 = (uint32_t *)(pi->pi_msix.mapped_addr + offset);
426 			*dest32 = data;
427 			break;
428 		case 8:
429 			dest64 = (uint64_t *)(pi->pi_msix.mapped_addr + offset);
430 			*dest64 = data;
431 			break;
432 		}
433 		return;
434 	}
435 
436 	offset -= table_offset;
437 	index = offset / MSIX_TABLE_ENTRY_SIZE;
438 	assert(index < table_count);
439 
440 	entry = &pi->pi_msix.table[index];
441 	entry_offset = offset % MSIX_TABLE_ENTRY_SIZE;
442 
443 	/* Only 4 byte naturally-aligned writes are supported */
444 	assert(size == 4);
445 	assert(entry_offset % 4 == 0);
446 
447 	vector_control = entry->vector_control;
448 	dest32 = (uint32_t *)((uint8_t *)entry + entry_offset);
449 	*dest32 = data;
450 	/* If MSI-X hasn't been enabled, do nothing */
451 	if (pi->pi_msix.enabled) {
452 		/* If the entry is masked, don't set it up */
453 		if ((entry->vector_control & PCIM_MSIX_VCTRL_MASK) == 0 ||
454 		    (vector_control & PCIM_MSIX_VCTRL_MASK) == 0) {
455 			(void)vm_setup_pptdev_msix(sc->psc_pi->pi_vmctx,
456 			    sc->psc_sel.pc_bus, sc->psc_sel.pc_dev,
457 			    sc->psc_sel.pc_func, index, entry->addr,
458 			    entry->msg_data, entry->vector_control);
459 		}
460 	}
461 }
462 
463 static int
464 init_msix_table(struct passthru_softc *sc)
465 {
466 	struct pci_devinst *pi = sc->psc_pi;
467 	struct pci_bar_mmap pbm;
468 	int b, s, f;
469 	uint32_t table_size, table_offset;
470 
471 	assert(pci_msix_table_bar(pi) >= 0 && pci_msix_pba_bar(pi) >= 0);
472 
473 	b = sc->psc_sel.pc_bus;
474 	s = sc->psc_sel.pc_dev;
475 	f = sc->psc_sel.pc_func;
476 
477 	/*
478 	 * Map the region of the BAR containing the MSI-X table.  This is
479 	 * necessary for two reasons:
480 	 * 1. The PBA may reside in the first or last page containing the MSI-X
481 	 *    table.
482 	 * 2. While PCI devices are not supposed to use the page(s) containing
483 	 *    the MSI-X table for other purposes, some do in practice.
484 	 */
485 	memset(&pbm, 0, sizeof(pbm));
486 	pbm.pbm_sel = sc->psc_sel;
487 	pbm.pbm_flags = PCIIO_BAR_MMAP_RW;
488 	pbm.pbm_reg = PCIR_BAR(pi->pi_msix.table_bar);
489 	pbm.pbm_memattr = VM_MEMATTR_DEVICE;
490 
491 	if (ioctl(pcifd, PCIOCBARMMAP, &pbm) != 0) {
492 		warn("Failed to map MSI-X table BAR on %d/%d/%d", b, s, f);
493 		return (-1);
494 	}
495 	assert(pbm.pbm_bar_off == 0);
496 	pi->pi_msix.mapped_addr = (uint8_t *)(uintptr_t)pbm.pbm_map_base;
497 	pi->pi_msix.mapped_size = pbm.pbm_map_length;
498 
499 	table_offset = rounddown2(pi->pi_msix.table_offset, 4096);
500 
501 	table_size = pi->pi_msix.table_offset - table_offset;
502 	table_size += pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE;
503 	table_size = roundup2(table_size, 4096);
504 
505 	/*
506 	 * Unmap any pages not containing the table, we do not need to emulate
507 	 * accesses to them.  Avoid releasing address space to help ensure that
508 	 * a buggy out-of-bounds access causes a crash.
509 	 */
510 	if (table_offset != 0)
511 		if (mprotect(pi->pi_msix.mapped_addr, table_offset,
512 		    PROT_NONE) != 0)
513 			warn("Failed to unmap MSI-X table BAR region");
514 	if (table_offset + table_size != pi->pi_msix.mapped_size)
515 		if (mprotect(
516 		    pi->pi_msix.mapped_addr + table_offset + table_size,
517 		    pi->pi_msix.mapped_size - (table_offset + table_size),
518 		    PROT_NONE) != 0)
519 			warn("Failed to unmap MSI-X table BAR region");
520 
521 	return (0);
522 }
523 
524 static int
525 cfginitbar(struct passthru_softc *sc)
526 {
527 	int i, error;
528 	struct pci_devinst *pi;
529 	struct pci_bar_io bar;
530 	enum pcibar_type bartype;
531 	uint64_t base, size;
532 
533 	pi = sc->psc_pi;
534 
535 	/*
536 	 * Initialize BAR registers
537 	 */
538 	for (i = 0; i <= PCI_BARMAX; i++) {
539 		bzero(&bar, sizeof(bar));
540 		bar.pbi_sel = sc->psc_sel;
541 		bar.pbi_reg = PCIR_BAR(i);
542 
543 		if (ioctl(pcifd, PCIOCGETBAR, &bar) < 0)
544 			continue;
545 
546 		if (PCI_BAR_IO(bar.pbi_base)) {
547 			bartype = PCIBAR_IO;
548 			base = bar.pbi_base & PCIM_BAR_IO_BASE;
549 		} else {
550 			switch (bar.pbi_base & PCIM_BAR_MEM_TYPE) {
551 			case PCIM_BAR_MEM_64:
552 				bartype = PCIBAR_MEM64;
553 				break;
554 			default:
555 				bartype = PCIBAR_MEM32;
556 				break;
557 			}
558 			base = bar.pbi_base & PCIM_BAR_MEM_BASE;
559 		}
560 		size = bar.pbi_length;
561 
562 		if (bartype != PCIBAR_IO) {
563 			if (((base | size) & PAGE_MASK) != 0) {
564 				warnx("passthru device %d/%d/%d BAR %d: "
565 				    "base %#lx or size %#lx not page aligned\n",
566 				    sc->psc_sel.pc_bus, sc->psc_sel.pc_dev,
567 				    sc->psc_sel.pc_func, i, base, size);
568 				return (-1);
569 			}
570 		}
571 
572 		/* Cache information about the "real" BAR */
573 		sc->psc_bar[i].type = bartype;
574 		sc->psc_bar[i].size = size;
575 		sc->psc_bar[i].addr = base;
576 		sc->psc_bar[i].lobits = 0;
577 
578 		/* Allocate the BAR in the guest I/O or MMIO space */
579 		error = pci_emul_alloc_bar(pi, i, bartype, size);
580 		if (error)
581 			return (-1);
582 
583 		/* Use same lobits as physical bar */
584 		uint8_t lobits = read_config(&sc->psc_sel, PCIR_BAR(i), 0x01);
585 		if (bartype == PCIBAR_MEM32 || bartype == PCIBAR_MEM64) {
586 			lobits &= ~PCIM_BAR_MEM_BASE;
587 		} else {
588 			lobits &= ~PCIM_BAR_IO_BASE;
589 		}
590 		sc->psc_bar[i].lobits = lobits;
591 		pi->pi_bar[i].lobits = lobits;
592 
593 		/*
594 		 * 64-bit BAR takes up two slots so skip the next one.
595 		 */
596 		if (bartype == PCIBAR_MEM64) {
597 			i++;
598 			assert(i <= PCI_BARMAX);
599 			sc->psc_bar[i].type = PCIBAR_MEMHI64;
600 		}
601 	}
602 	return (0);
603 }
604 
605 static int
606 cfginit(struct pci_devinst *pi, int bus, int slot, int func)
607 {
608 	int error;
609 	struct passthru_softc *sc;
610 	uint8_t intline, intpin;
611 
612 	error = 1;
613 	sc = pi->pi_arg;
614 
615 	bzero(&sc->psc_sel, sizeof(struct pcisel));
616 	sc->psc_sel.pc_bus = bus;
617 	sc->psc_sel.pc_dev = slot;
618 	sc->psc_sel.pc_func = func;
619 
620 	/*
621 	 * Copy physical PCI header to virtual config space. INTLINE and INTPIN
622 	 * shouldn't be aligned with their physical value and they are already set by
623 	 * pci_emul_init().
624 	 */
625 	intline = pci_get_cfgdata8(pi, PCIR_INTLINE);
626 	intpin = pci_get_cfgdata8(pi, PCIR_INTPIN);
627 	for (int i = 0; i <= PCIR_MAXLAT; i += 4) {
628 		pci_set_cfgdata32(pi, i, read_config(&sc->psc_sel, i, 4));
629 	}
630 	pci_set_cfgdata8(pi, PCIR_INTLINE, intline);
631 	pci_set_cfgdata8(pi, PCIR_INTPIN, intpin);
632 
633 	if (cfginitmsi(sc) != 0) {
634 		warnx("failed to initialize MSI for PCI %d/%d/%d",
635 		    bus, slot, func);
636 		goto done;
637 	}
638 
639 	if (cfginitbar(sc) != 0) {
640 		warnx("failed to initialize BARs for PCI %d/%d/%d",
641 		    bus, slot, func);
642 		goto done;
643 	}
644 
645 	write_config(&sc->psc_sel, PCIR_COMMAND, 2,
646 	    pci_get_cfgdata16(pi, PCIR_COMMAND));
647 
648 	/*
649 	 * We need to do this after PCIR_COMMAND got possibly updated, e.g.,
650 	 * a BAR was enabled, as otherwise the PCIOCBARMMAP might fail on us.
651 	 */
652 	if (pci_msix_table_bar(pi) >= 0) {
653 		error = init_msix_table(sc);
654 		if (error != 0) {
655 			warnx(
656 			    "failed to initialize MSI-X table for PCI %d/%d/%d: %d",
657 			    bus, slot, func, error);
658 			goto done;
659 		}
660 	}
661 
662 	error = 0;				/* success */
663 done:
664 	return (error);
665 }
666 
667 struct passthru_mmio_mapping *
668 passthru_get_mmio(struct passthru_softc *sc, int num)
669 {
670 	assert(sc != NULL);
671 	assert(num < PASSTHRU_MMIO_MAX);
672 
673 	return (&sc->psc_mmio_map[num]);
674 }
675 
676 struct pcisel *
677 passthru_get_sel(struct passthru_softc *sc)
678 {
679 	assert(sc != NULL);
680 
681 	return (&sc->psc_sel);
682 }
683 
684 int
685 set_pcir_handler(struct passthru_softc *sc, int reg, int len,
686     cfgread_handler rhandler, cfgwrite_handler whandler)
687 {
688 	if (reg > PCI_REGMAX || reg + len > PCI_REGMAX + 1)
689 		return (-1);
690 
691 	for (int i = reg; i < reg + len; ++i) {
692 		assert(sc->psc_pcir_rhandler[i] == NULL || rhandler == NULL);
693 		assert(sc->psc_pcir_whandler[i] == NULL || whandler == NULL);
694 		sc->psc_pcir_rhandler[i] = rhandler;
695 		sc->psc_pcir_whandler[i] = whandler;
696 	}
697 
698 	return (0);
699 }
700 
701 static int
702 passthru_legacy_config(nvlist_t *nvl, const char *opts)
703 {
704 	const char *cp;
705 	char *tofree;
706 	char value[16];
707 	int bus, slot, func;
708 
709 	if (opts == NULL)
710 		return (0);
711 
712 	cp = strchr(opts, ',');
713 
714 	if (strncmp(opts, "ppt", strlen("ppt")) == 0) {
715 		tofree = strndup(opts, cp - opts);
716 		set_config_value_node(nvl, "pptdev", tofree);
717 		free(tofree);
718 	} else if (sscanf(opts, "pci0:%d:%d:%d", &bus, &slot, &func) == 3 ||
719 	    sscanf(opts, "pci%d:%d:%d", &bus, &slot, &func) == 3 ||
720 	    sscanf(opts, "%d/%d/%d", &bus, &slot, &func) == 3) {
721 		snprintf(value, sizeof(value), "%d", bus);
722 		set_config_value_node(nvl, "bus", value);
723 		snprintf(value, sizeof(value), "%d", slot);
724 		set_config_value_node(nvl, "slot", value);
725 		snprintf(value, sizeof(value), "%d", func);
726 		set_config_value_node(nvl, "func", value);
727 	} else {
728 		EPRINTLN("passthru: invalid options \"%s\"", opts);
729 		return (-1);
730 	}
731 
732 	if (cp == NULL) {
733 		return (0);
734 	}
735 
736 	return (pci_parse_legacy_config(nvl, cp + 1));
737 }
738 
739 static int
740 passthru_init_rom(struct passthru_softc *const sc, const char *const romfile)
741 {
742 	if (romfile == NULL) {
743 		return (0);
744 	}
745 
746 	const int fd = open(romfile, O_RDONLY);
747 	if (fd < 0) {
748 		warnx("%s: can't open romfile \"%s\"", __func__, romfile);
749 		return (-1);
750 	}
751 
752 	struct stat sbuf;
753 	if (fstat(fd, &sbuf) < 0) {
754 		warnx("%s: can't fstat romfile \"%s\"", __func__, romfile);
755 		close(fd);
756 		return (-1);
757 	}
758 	const uint64_t rom_size = sbuf.st_size;
759 
760 	void *const rom_data = mmap(NULL, rom_size, PROT_READ, MAP_SHARED, fd,
761 	    0);
762 	if (rom_data == MAP_FAILED) {
763 		warnx("%s: unable to mmap romfile \"%s\" (%d)", __func__,
764 		    romfile, errno);
765 		close(fd);
766 		return (-1);
767 	}
768 
769 	void *rom_addr;
770 	int error = pci_emul_alloc_rom(sc->psc_pi, rom_size, &rom_addr);
771 	if (error) {
772 		warnx("%s: failed to alloc rom segment", __func__);
773 		munmap(rom_data, rom_size);
774 		close(fd);
775 		return (error);
776 	}
777 	memcpy(rom_addr, rom_data, rom_size);
778 
779 	sc->psc_bar[PCI_ROM_IDX].type = PCIBAR_ROM;
780 	sc->psc_bar[PCI_ROM_IDX].addr = (uint64_t)rom_addr;
781 	sc->psc_bar[PCI_ROM_IDX].size = rom_size;
782 
783 	munmap(rom_data, rom_size);
784 	close(fd);
785 
786 	return (0);
787 }
788 
789 static bool
790 passthru_lookup_pptdev(const char *name, int *bus, int *slot, int *func)
791 {
792 	struct pci_conf_io pc;
793 	struct pci_conf conf[1];
794 	struct pci_match_conf patterns[1];
795 	char *cp;
796 
797 	bzero(&pc, sizeof(struct pci_conf_io));
798 	pc.match_buf_len = sizeof(conf);
799 	pc.matches = conf;
800 
801 	bzero(&patterns, sizeof(patterns));
802 
803 	/*
804 	 * The pattern structure requires the unit to be split out from
805 	 * the driver name.  Walk backwards from the end of the name to
806 	 * find the start of the unit.
807 	 */
808 	cp = strchr(name, '\0');
809 	assert(cp != NULL);
810 	while (cp != name && isdigit(cp[-1]))
811 		cp--;
812 	if (cp == name || !isdigit(*cp)) {
813 		EPRINTLN("Invalid passthru device name %s", name);
814 		return (false);
815 	}
816 	if ((size_t)(cp - name) + 1 > sizeof(patterns[0].pd_name)) {
817 		EPRINTLN("Passthru device name %s is too long", name);
818 		return (false);
819 	}
820 	memcpy(patterns[0].pd_name, name, cp - name);
821 	patterns[0].pd_unit = strtol(cp, &cp, 10);
822 	if (*cp != '\0') {
823 		EPRINTLN("Invalid passthru device name %s", name);
824 		return (false);
825 	}
826 	patterns[0].flags = PCI_GETCONF_MATCH_NAME | PCI_GETCONF_MATCH_UNIT;
827 	pc.num_patterns = 1;
828 	pc.pat_buf_len = sizeof(patterns);
829 	pc.patterns = patterns;
830 
831 	if (ioctl(pcifd, PCIOCGETCONF, &pc) == -1) {
832 		EPRINTLN("ioctl(PCIOCGETCONF): %s", strerror(errno));
833 		return (false);
834 	}
835 	if (pc.status != PCI_GETCONF_LAST_DEVICE &&
836 	    pc.status != PCI_GETCONF_MORE_DEVS) {
837 		EPRINTLN("error returned from PCIOCGETCONF ioctl");
838 		return (false);
839 	}
840 	if (pc.num_matches == 0) {
841 		EPRINTLN("Passthru device %s not found", name);
842 		return (false);
843 	}
844 
845 	if (conf[0].pc_sel.pc_domain != 0) {
846 		EPRINTLN("Passthru device %s on unsupported domain", name);
847 		return (false);
848 	}
849 	*bus = conf[0].pc_sel.pc_bus;
850 	*slot = conf[0].pc_sel.pc_dev;
851 	*func = conf[0].pc_sel.pc_func;
852 	return (true);
853 }
854 
855 static int
856 passthru_init(struct pci_devinst *pi, nvlist_t *nvl)
857 {
858 	int bus, slot, func, error, memflags;
859 	struct passthru_softc *sc;
860 	struct passthru_dev **devpp;
861 	struct passthru_dev *devp, *dev = NULL;
862 	const char *value;
863 
864 	sc = NULL;
865 	error = 1;
866 
867 	memflags = vm_get_memflags(pi->pi_vmctx);
868 	if (!(memflags & VM_MEM_F_WIRED)) {
869 		warnx("passthru requires guest memory to be wired");
870 		return (error);
871 	}
872 
873 	if (pcifd < 0 && pcifd_init()) {
874 		return (error);
875 	}
876 
877 #define GET_INT_CONFIG(var, name) do {					\
878 	value = get_config_value_node(nvl, name);			\
879 	if (value == NULL) {						\
880 		EPRINTLN("passthru: missing required %s setting", name); \
881 		return (error);						\
882 	}								\
883 	var = atoi(value);						\
884 } while (0)
885 
886 	value = get_config_value_node(nvl, "pptdev");
887 	if (value != NULL) {
888 		if (!passthru_lookup_pptdev(value, &bus, &slot, &func))
889 			return (error);
890 	} else {
891 		GET_INT_CONFIG(bus, "bus");
892 		GET_INT_CONFIG(slot, "slot");
893 		GET_INT_CONFIG(func, "func");
894 	}
895 
896 	if (vm_assign_pptdev(pi->pi_vmctx, bus, slot, func) != 0) {
897 		warnx("PCI device at %d/%d/%d is not using the ppt(4) driver",
898 		    bus, slot, func);
899 		goto done;
900 	}
901 
902 	sc = calloc(1, sizeof(struct passthru_softc));
903 
904 	pi->pi_arg = sc;
905 	sc->psc_pi = pi;
906 
907 	/* initialize config space */
908 	if ((error = cfginit(pi, bus, slot, func)) != 0)
909 		goto done;
910 
911 	/* initialize ROM */
912 	if ((error = passthru_init_rom(sc,
913             get_config_value_node(nvl, "rom"))) != 0)
914 		goto done;
915 
916 	/* Emulate most PCI header register. */
917 	if ((error = set_pcir_handler(sc, 0, PCIR_MAXLAT + 1,
918 	    passthru_cfgread_emulate, passthru_cfgwrite_emulate)) != 0)
919 		goto done;
920 
921 	/* Allow access to the physical command and status register. */
922 	if ((error = set_pcir_handler(sc, PCIR_COMMAND, 0x04, NULL, NULL)) != 0)
923 		goto done;
924 
925 	SET_FOREACH(devpp, passthru_dev_set) {
926 		devp = *devpp;
927 		assert(devp->probe != NULL);
928 		if (devp->probe(pi) == 0) {
929 			dev = devp;
930 			break;
931 		}
932 	}
933 
934 	if (dev != NULL) {
935 		error = dev->init(pi, nvl);
936 		if (error != 0)
937 			goto done;
938 	}
939 
940 	error = 0;		/* success */
941 done:
942 	if (error) {
943 		if (dev != NULL)
944 			dev->deinit(pi);
945 		free(sc);
946 		vm_unassign_pptdev(pi->pi_vmctx, bus, slot, func);
947 	}
948 	return (error);
949 }
950 
951 static int
952 msicap_access(struct passthru_softc *sc, int coff)
953 {
954 	int caplen;
955 
956 	if (sc->psc_msi.capoff == 0)
957 		return (0);
958 
959 	caplen = msi_caplen(sc->psc_msi.msgctrl);
960 
961 	if (coff >= sc->psc_msi.capoff && coff < sc->psc_msi.capoff + caplen)
962 		return (1);
963 	else
964 		return (0);
965 }
966 
967 static int
968 msixcap_access(struct passthru_softc *sc, int coff)
969 {
970 	if (sc->psc_msix.capoff == 0)
971 		return (0);
972 
973 	return (coff >= sc->psc_msix.capoff &&
974 	        coff < sc->psc_msix.capoff + MSIX_CAPLEN);
975 }
976 
977 static int
978 passthru_cfgread_default(struct passthru_softc *sc,
979     struct pci_devinst *pi __unused, int coff, int bytes, uint32_t *rv)
980 {
981 	/*
982 	 * MSI capability is emulated.
983 	 */
984 	if (msicap_access(sc, coff) || msixcap_access(sc, coff))
985 		return (-1);
986 
987 	/*
988 	 * Emulate the command register.  If a single read reads both the
989 	 * command and status registers, read the status register from the
990 	 * device's config space.
991 	 */
992 	if (coff == PCIR_COMMAND) {
993 		if (bytes <= 2)
994 			return (-1);
995 		*rv = read_config(&sc->psc_sel, PCIR_STATUS, 2) << 16 |
996 		    pci_get_cfgdata16(pi, PCIR_COMMAND);
997 		return (0);
998 	}
999 
1000 	/* Everything else just read from the device's config space */
1001 	*rv = read_config(&sc->psc_sel, coff, bytes);
1002 
1003 	return (0);
1004 }
1005 
1006 int
1007 passthru_cfgread_emulate(struct passthru_softc *sc __unused,
1008     struct pci_devinst *pi __unused, int coff __unused, int bytes __unused,
1009     uint32_t *rv __unused)
1010 {
1011 	return (-1);
1012 }
1013 
1014 static int
1015 passthru_cfgread(struct pci_devinst *pi, int coff, int bytes, uint32_t *rv)
1016 {
1017 	struct passthru_softc *sc;
1018 
1019 	sc = pi->pi_arg;
1020 
1021 	if (sc->psc_pcir_rhandler[coff] != NULL)
1022 		return (sc->psc_pcir_rhandler[coff](sc, pi, coff, bytes, rv));
1023 
1024 	return (passthru_cfgread_default(sc, pi, coff, bytes, rv));
1025 }
1026 
1027 static int
1028 passthru_cfgwrite_default(struct passthru_softc *sc, struct pci_devinst *pi,
1029     int coff, int bytes, uint32_t val)
1030 {
1031 	int error, msix_table_entries, i;
1032 	uint16_t cmd_old;
1033 
1034 	/*
1035 	 * MSI capability is emulated
1036 	 */
1037 	if (msicap_access(sc, coff)) {
1038 		pci_emul_capwrite(pi, coff, bytes, val, sc->psc_msi.capoff,
1039 		    PCIY_MSI);
1040 		error = vm_setup_pptdev_msi(pi->pi_vmctx, sc->psc_sel.pc_bus,
1041 			sc->psc_sel.pc_dev, sc->psc_sel.pc_func,
1042 			pi->pi_msi.addr, pi->pi_msi.msg_data,
1043 			pi->pi_msi.maxmsgnum);
1044 		if (error != 0)
1045 			err(1, "vm_setup_pptdev_msi");
1046 		return (0);
1047 	}
1048 
1049 	if (msixcap_access(sc, coff)) {
1050 		pci_emul_capwrite(pi, coff, bytes, val, sc->psc_msix.capoff,
1051 		    PCIY_MSIX);
1052 		if (pi->pi_msix.enabled) {
1053 			msix_table_entries = pi->pi_msix.table_count;
1054 			for (i = 0; i < msix_table_entries; i++) {
1055 				error = vm_setup_pptdev_msix(pi->pi_vmctx,
1056 				    sc->psc_sel.pc_bus, sc->psc_sel.pc_dev,
1057 				    sc->psc_sel.pc_func, i,
1058 				    pi->pi_msix.table[i].addr,
1059 				    pi->pi_msix.table[i].msg_data,
1060 				    pi->pi_msix.table[i].vector_control);
1061 
1062 				if (error)
1063 					err(1, "vm_setup_pptdev_msix");
1064 			}
1065 		} else {
1066 			error = vm_disable_pptdev_msix(pi->pi_vmctx,
1067 			    sc->psc_sel.pc_bus, sc->psc_sel.pc_dev,
1068 			    sc->psc_sel.pc_func);
1069 			if (error)
1070 				err(1, "vm_disable_pptdev_msix");
1071 		}
1072 		return (0);
1073 	}
1074 
1075 #ifdef LEGACY_SUPPORT
1076 	/*
1077 	 * If this device does not support MSI natively then we cannot let
1078 	 * the guest disable legacy interrupts from the device. It is the
1079 	 * legacy interrupt that is triggering the virtual MSI to the guest.
1080 	 */
1081 	if (sc->psc_msi.emulated && pci_msi_enabled(pi)) {
1082 		if (coff == PCIR_COMMAND && bytes == 2)
1083 			val &= ~PCIM_CMD_INTxDIS;
1084 	}
1085 #endif
1086 
1087 	write_config(&sc->psc_sel, coff, bytes, val);
1088 	if (coff == PCIR_COMMAND) {
1089 		cmd_old = pci_get_cfgdata16(pi, PCIR_COMMAND);
1090 		if (bytes == 1)
1091 			pci_set_cfgdata8(pi, PCIR_COMMAND, val);
1092 		else if (bytes == 2)
1093 			pci_set_cfgdata16(pi, PCIR_COMMAND, val);
1094 		pci_emul_cmd_changed(pi, cmd_old);
1095 	}
1096 
1097 	return (0);
1098 }
1099 
1100 int
1101 passthru_cfgwrite_emulate(struct passthru_softc *sc __unused,
1102     struct pci_devinst *pi __unused, int coff __unused, int bytes __unused,
1103     uint32_t val __unused)
1104 {
1105 	return (-1);
1106 }
1107 
1108 static int
1109 passthru_cfgwrite(struct pci_devinst *pi, int coff, int bytes, uint32_t val)
1110 {
1111 	struct passthru_softc *sc;
1112 
1113 	sc = pi->pi_arg;
1114 
1115 	if (sc->psc_pcir_whandler[coff] != NULL)
1116 		return (sc->psc_pcir_whandler[coff](sc, pi, coff, bytes, val));
1117 
1118 	return (passthru_cfgwrite_default(sc, pi, coff, bytes, val));
1119 }
1120 
1121 static void
1122 passthru_write(struct pci_devinst *pi, int baridx, uint64_t offset, int size,
1123     uint64_t value)
1124 {
1125 	struct passthru_softc *sc;
1126 	struct pci_bar_ioreq pio;
1127 
1128 	sc = pi->pi_arg;
1129 
1130 	if (baridx == pci_msix_table_bar(pi)) {
1131 		msix_table_write(sc, offset, size, value);
1132 	} else {
1133 		assert(pi->pi_bar[baridx].type == PCIBAR_IO);
1134 		assert(size == 1 || size == 2 || size == 4);
1135 		assert(offset <= UINT32_MAX && offset + size <= UINT32_MAX);
1136 
1137 		bzero(&pio, sizeof(pio));
1138 		pio.pbi_sel = sc->psc_sel;
1139 		pio.pbi_op = PCIBARIO_WRITE;
1140 		pio.pbi_bar = baridx;
1141 		pio.pbi_offset = (uint32_t)offset;
1142 		pio.pbi_width = size;
1143 		pio.pbi_value = (uint32_t)value;
1144 
1145 		(void)ioctl(pcifd, PCIOCBARIO, &pio);
1146 	}
1147 }
1148 
1149 static uint64_t
1150 passthru_read(struct pci_devinst *pi, int baridx, uint64_t offset, int size)
1151 {
1152 	struct passthru_softc *sc;
1153 	struct pci_bar_ioreq pio;
1154 	uint64_t val;
1155 
1156 	sc = pi->pi_arg;
1157 
1158 	if (baridx == pci_msix_table_bar(pi)) {
1159 		val = msix_table_read(sc, offset, size);
1160 	} else {
1161 		assert(pi->pi_bar[baridx].type == PCIBAR_IO);
1162 		assert(size == 1 || size == 2 || size == 4);
1163 		assert(offset <= UINT32_MAX && offset + size <= UINT32_MAX);
1164 
1165 		bzero(&pio, sizeof(pio));
1166 		pio.pbi_sel = sc->psc_sel;
1167 		pio.pbi_op = PCIBARIO_READ;
1168 		pio.pbi_bar = baridx;
1169 		pio.pbi_offset = (uint32_t)offset;
1170 		pio.pbi_width = size;
1171 
1172 		(void)ioctl(pcifd, PCIOCBARIO, &pio);
1173 
1174 		val = pio.pbi_value;
1175 	}
1176 
1177 	return (val);
1178 }
1179 
1180 static void
1181 passthru_msix_addr(struct pci_devinst *pi, int baridx, int enabled,
1182     uint64_t address)
1183 {
1184 	struct passthru_softc *sc;
1185 	size_t remaining;
1186 	uint32_t table_size, table_offset;
1187 
1188 	sc = pi->pi_arg;
1189 	table_offset = rounddown2(pi->pi_msix.table_offset, 4096);
1190 	if (table_offset > 0) {
1191 		if (!enabled) {
1192 			if (vm_unmap_pptdev_mmio(pi->pi_vmctx,
1193 						 sc->psc_sel.pc_bus,
1194 						 sc->psc_sel.pc_dev,
1195 						 sc->psc_sel.pc_func, address,
1196 						 table_offset) != 0)
1197 				warnx("pci_passthru: unmap_pptdev_mmio failed");
1198 		} else {
1199 			if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus,
1200 					       sc->psc_sel.pc_dev,
1201 					       sc->psc_sel.pc_func, address,
1202 					       table_offset,
1203 					       sc->psc_bar[baridx].addr) != 0)
1204 				warnx("pci_passthru: map_pptdev_mmio failed");
1205 		}
1206 	}
1207 	table_size = pi->pi_msix.table_offset - table_offset;
1208 	table_size += pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE;
1209 	table_size = roundup2(table_size, 4096);
1210 	remaining = pi->pi_bar[baridx].size - table_offset - table_size;
1211 	if (remaining > 0) {
1212 		address += table_offset + table_size;
1213 		if (!enabled) {
1214 			if (vm_unmap_pptdev_mmio(pi->pi_vmctx,
1215 						 sc->psc_sel.pc_bus,
1216 						 sc->psc_sel.pc_dev,
1217 						 sc->psc_sel.pc_func, address,
1218 						 remaining) != 0)
1219 				warnx("pci_passthru: unmap_pptdev_mmio failed");
1220 		} else {
1221 			if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus,
1222 					       sc->psc_sel.pc_dev,
1223 					       sc->psc_sel.pc_func, address,
1224 					       remaining,
1225 					       sc->psc_bar[baridx].addr +
1226 					       table_offset + table_size) != 0)
1227 				warnx("pci_passthru: map_pptdev_mmio failed");
1228 		}
1229 	}
1230 }
1231 
1232 static void
1233 passthru_mmio_addr(struct pci_devinst *pi, int baridx, int enabled,
1234     uint64_t address)
1235 {
1236 	struct passthru_softc *sc;
1237 
1238 	sc = pi->pi_arg;
1239 	if (!enabled) {
1240 		if (vm_unmap_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus,
1241 					 sc->psc_sel.pc_dev,
1242 					 sc->psc_sel.pc_func, address,
1243 					 sc->psc_bar[baridx].size) != 0)
1244 			warnx("pci_passthru: unmap_pptdev_mmio failed");
1245 	} else {
1246 		if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus,
1247 				       sc->psc_sel.pc_dev,
1248 				       sc->psc_sel.pc_func, address,
1249 				       sc->psc_bar[baridx].size,
1250 				       sc->psc_bar[baridx].addr) != 0)
1251 			warnx("pci_passthru: map_pptdev_mmio failed");
1252 	}
1253 }
1254 
1255 static void
1256 passthru_addr_rom(struct pci_devinst *const pi, const int idx,
1257     const int enabled)
1258 {
1259 	const uint64_t addr = pi->pi_bar[idx].addr;
1260 	const uint64_t size = pi->pi_bar[idx].size;
1261 
1262 	if (!enabled) {
1263 		if (vm_munmap_memseg(pi->pi_vmctx, addr, size) != 0) {
1264 			errx(4, "%s: munmap_memseg @ [%016lx - %016lx] failed",
1265 			    __func__, addr, addr + size);
1266 		}
1267 
1268 	} else {
1269 		if (vm_mmap_memseg(pi->pi_vmctx, addr, VM_PCIROM,
1270 			pi->pi_romoffset, size, PROT_READ | PROT_EXEC) != 0) {
1271 			errx(4, "%s: mmap_memseg @ [%016lx - %016lx]  failed",
1272 			    __func__, addr, addr + size);
1273 		}
1274 	}
1275 }
1276 
1277 static void
1278 passthru_addr(struct pci_devinst *pi, int baridx, int enabled, uint64_t address)
1279 {
1280 	switch (pi->pi_bar[baridx].type) {
1281 	case PCIBAR_IO:
1282 		/* IO BARs are emulated */
1283 		break;
1284 	case PCIBAR_ROM:
1285 		passthru_addr_rom(pi, baridx, enabled);
1286 		break;
1287 	case PCIBAR_MEM32:
1288 	case PCIBAR_MEM64:
1289 		if (baridx == pci_msix_table_bar(pi))
1290 			passthru_msix_addr(pi, baridx, enabled, address);
1291 		else
1292 			passthru_mmio_addr(pi, baridx, enabled, address);
1293 		break;
1294 	default:
1295 		errx(4, "%s: invalid BAR type %d", __func__,
1296 		    pi->pi_bar[baridx].type);
1297 	}
1298 }
1299 
1300 static const struct pci_devemu passthru = {
1301 	.pe_emu		= "passthru",
1302 	.pe_init	= passthru_init,
1303 	.pe_legacy_config = passthru_legacy_config,
1304 	.pe_cfgwrite	= passthru_cfgwrite,
1305 	.pe_cfgread	= passthru_cfgread,
1306 	.pe_barwrite 	= passthru_write,
1307 	.pe_barread    	= passthru_read,
1308 	.pe_baraddr	= passthru_addr,
1309 };
1310 PCI_EMUL_SET(passthru);
1311