1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2011 NetApp, Inc. 5 * All rights reserved. 6 * 7 * Redistribution and use in source and binary forms, with or without 8 * modification, are permitted provided that the following conditions 9 * are met: 10 * 1. Redistributions of source code must retain the above copyright 11 * notice, this list of conditions and the following disclaimer. 12 * 2. Redistributions in binary form must reproduce the above copyright 13 * notice, this list of conditions and the following disclaimer in the 14 * documentation and/or other materials provided with the distribution. 15 * 16 * THIS SOFTWARE IS PROVIDED BY NETAPP, INC ``AS IS'' AND 17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 19 * ARE DISCLAIMED. IN NO EVENT SHALL NETAPP, INC OR CONTRIBUTORS BE LIABLE 20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 26 * SUCH DAMAGE. 27 * 28 * $FreeBSD$ 29 */ 30 31 #include <sys/cdefs.h> 32 __FBSDID("$FreeBSD$"); 33 34 #include <sys/param.h> 35 #ifndef WITHOUT_CAPSICUM 36 #include <sys/capsicum.h> 37 #endif 38 #include <sys/types.h> 39 #include <sys/mman.h> 40 #include <sys/pciio.h> 41 #include <sys/ioctl.h> 42 #include <sys/stat.h> 43 44 #include <dev/io/iodev.h> 45 #include <dev/pci/pcireg.h> 46 47 #include <vm/vm.h> 48 49 #include <machine/iodev.h> 50 #include <machine/vm.h> 51 52 #ifndef WITHOUT_CAPSICUM 53 #include <capsicum_helpers.h> 54 #endif 55 #include <ctype.h> 56 #include <stdio.h> 57 #include <stdlib.h> 58 #include <string.h> 59 #include <err.h> 60 #include <errno.h> 61 #include <fcntl.h> 62 #include <sysexits.h> 63 #include <unistd.h> 64 65 #include <machine/vmm.h> 66 67 #include "config.h" 68 #include "debug.h" 69 #include "mem.h" 70 #include "pci_passthru.h" 71 72 #ifndef _PATH_DEVPCI 73 #define _PATH_DEVPCI "/dev/pci" 74 #endif 75 76 #define LEGACY_SUPPORT 1 77 78 #define MSIX_TABLE_COUNT(ctrl) (((ctrl) & PCIM_MSIXCTRL_TABLE_SIZE) + 1) 79 #define MSIX_CAPLEN 12 80 81 #define PASSTHRU_MMIO_MAX 2 82 83 static int pcifd = -1; 84 85 struct passthru_softc { 86 struct pci_devinst *psc_pi; 87 /* ROM is handled like a BAR */ 88 struct pcibar psc_bar[PCI_BARMAX_WITH_ROM + 1]; 89 struct { 90 int capoff; 91 int msgctrl; 92 int emulated; 93 } psc_msi; 94 struct { 95 int capoff; 96 } psc_msix; 97 struct pcisel psc_sel; 98 99 struct passthru_mmio_mapping psc_mmio_map[PASSTHRU_MMIO_MAX]; 100 cfgread_handler psc_pcir_rhandler[PCI_REGMAX + 1]; 101 cfgwrite_handler psc_pcir_whandler[PCI_REGMAX + 1]; 102 }; 103 104 static int 105 msi_caplen(int msgctrl) 106 { 107 int len; 108 109 len = 10; /* minimum length of msi capability */ 110 111 if (msgctrl & PCIM_MSICTRL_64BIT) 112 len += 4; 113 114 #if 0 115 /* 116 * Ignore the 'mask' and 'pending' bits in the MSI capability. 117 * We'll let the guest manipulate them directly. 118 */ 119 if (msgctrl & PCIM_MSICTRL_VECTOR) 120 len += 10; 121 #endif 122 123 return (len); 124 } 125 126 static int 127 pcifd_init(void) 128 { 129 pcifd = open(_PATH_DEVPCI, O_RDWR, 0); 130 if (pcifd < 0) { 131 warn("failed to open %s", _PATH_DEVPCI); 132 return (1); 133 } 134 135 #ifndef WITHOUT_CAPSICUM 136 cap_rights_t pcifd_rights; 137 cap_rights_init(&pcifd_rights, CAP_IOCTL, CAP_READ, CAP_WRITE); 138 if (caph_rights_limit(pcifd, &pcifd_rights) == -1) 139 errx(EX_OSERR, "Unable to apply rights for sandbox"); 140 141 const cap_ioctl_t pcifd_ioctls[] = { PCIOCREAD, PCIOCWRITE, PCIOCGETBAR, 142 PCIOCBARIO, PCIOCBARMMAP, PCIOCGETCONF }; 143 if (caph_ioctls_limit(pcifd, pcifd_ioctls, nitems(pcifd_ioctls)) == -1) 144 errx(EX_OSERR, "Unable to apply rights for sandbox"); 145 #endif 146 147 return (0); 148 } 149 150 uint32_t 151 read_config(const struct pcisel *sel, long reg, int width) 152 { 153 struct pci_io pi; 154 155 if (pcifd < 0 && pcifd_init()) { 156 return (0); 157 } 158 159 bzero(&pi, sizeof(pi)); 160 pi.pi_sel = *sel; 161 pi.pi_reg = reg; 162 pi.pi_width = width; 163 164 if (ioctl(pcifd, PCIOCREAD, &pi) < 0) 165 return (0); /* XXX */ 166 else 167 return (pi.pi_data); 168 } 169 170 void 171 write_config(const struct pcisel *sel, long reg, int width, uint32_t data) 172 { 173 struct pci_io pi; 174 175 if (pcifd < 0 && pcifd_init()) { 176 return; 177 } 178 179 bzero(&pi, sizeof(pi)); 180 pi.pi_sel = *sel; 181 pi.pi_reg = reg; 182 pi.pi_width = width; 183 pi.pi_data = data; 184 185 (void)ioctl(pcifd, PCIOCWRITE, &pi); /* XXX */ 186 } 187 188 #ifdef LEGACY_SUPPORT 189 static int 190 passthru_add_msicap(struct pci_devinst *pi, int msgnum, int nextptr) 191 { 192 int capoff; 193 struct msicap msicap; 194 u_char *capdata; 195 196 pci_populate_msicap(&msicap, msgnum, nextptr); 197 198 /* 199 * XXX 200 * Copy the msi capability structure in the last 16 bytes of the 201 * config space. This is wrong because it could shadow something 202 * useful to the device. 203 */ 204 capoff = 256 - roundup(sizeof(msicap), 4); 205 capdata = (u_char *)&msicap; 206 for (size_t i = 0; i < sizeof(msicap); i++) 207 pci_set_cfgdata8(pi, capoff + i, capdata[i]); 208 209 return (capoff); 210 } 211 #endif /* LEGACY_SUPPORT */ 212 213 static int 214 cfginitmsi(struct passthru_softc *sc) 215 { 216 int i, ptr, capptr, cap, sts, caplen, table_size; 217 uint32_t u32; 218 struct pcisel sel; 219 struct pci_devinst *pi; 220 struct msixcap msixcap; 221 char *msixcap_ptr; 222 223 pi = sc->psc_pi; 224 sel = sc->psc_sel; 225 226 /* 227 * Parse the capabilities and cache the location of the MSI 228 * and MSI-X capabilities. 229 */ 230 sts = read_config(&sel, PCIR_STATUS, 2); 231 if (sts & PCIM_STATUS_CAPPRESENT) { 232 ptr = read_config(&sel, PCIR_CAP_PTR, 1); 233 while (ptr != 0 && ptr != 0xff) { 234 cap = read_config(&sel, ptr + PCICAP_ID, 1); 235 if (cap == PCIY_MSI) { 236 /* 237 * Copy the MSI capability into the config 238 * space of the emulated pci device 239 */ 240 sc->psc_msi.capoff = ptr; 241 sc->psc_msi.msgctrl = read_config(&sel, 242 ptr + 2, 2); 243 sc->psc_msi.emulated = 0; 244 caplen = msi_caplen(sc->psc_msi.msgctrl); 245 capptr = ptr; 246 while (caplen > 0) { 247 u32 = read_config(&sel, capptr, 4); 248 pci_set_cfgdata32(pi, capptr, u32); 249 caplen -= 4; 250 capptr += 4; 251 } 252 } else if (cap == PCIY_MSIX) { 253 /* 254 * Copy the MSI-X capability 255 */ 256 sc->psc_msix.capoff = ptr; 257 caplen = 12; 258 msixcap_ptr = (char *)&msixcap; 259 capptr = ptr; 260 while (caplen > 0) { 261 u32 = read_config(&sel, capptr, 4); 262 memcpy(msixcap_ptr, &u32, 4); 263 pci_set_cfgdata32(pi, capptr, u32); 264 caplen -= 4; 265 capptr += 4; 266 msixcap_ptr += 4; 267 } 268 } 269 ptr = read_config(&sel, ptr + PCICAP_NEXTPTR, 1); 270 } 271 } 272 273 if (sc->psc_msix.capoff != 0) { 274 pi->pi_msix.pba_bar = 275 msixcap.pba_info & PCIM_MSIX_BIR_MASK; 276 pi->pi_msix.pba_offset = 277 msixcap.pba_info & ~PCIM_MSIX_BIR_MASK; 278 pi->pi_msix.table_bar = 279 msixcap.table_info & PCIM_MSIX_BIR_MASK; 280 pi->pi_msix.table_offset = 281 msixcap.table_info & ~PCIM_MSIX_BIR_MASK; 282 pi->pi_msix.table_count = MSIX_TABLE_COUNT(msixcap.msgctrl); 283 pi->pi_msix.pba_size = PBA_SIZE(pi->pi_msix.table_count); 284 285 /* Allocate the emulated MSI-X table array */ 286 table_size = pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE; 287 pi->pi_msix.table = calloc(1, table_size); 288 289 /* Mask all table entries */ 290 for (i = 0; i < pi->pi_msix.table_count; i++) { 291 pi->pi_msix.table[i].vector_control |= 292 PCIM_MSIX_VCTRL_MASK; 293 } 294 } 295 296 #ifdef LEGACY_SUPPORT 297 /* 298 * If the passthrough device does not support MSI then craft a 299 * MSI capability for it. We link the new MSI capability at the 300 * head of the list of capabilities. 301 */ 302 if ((sts & PCIM_STATUS_CAPPRESENT) != 0 && sc->psc_msi.capoff == 0) { 303 int origptr, msiptr; 304 origptr = read_config(&sel, PCIR_CAP_PTR, 1); 305 msiptr = passthru_add_msicap(pi, 1, origptr); 306 sc->psc_msi.capoff = msiptr; 307 sc->psc_msi.msgctrl = pci_get_cfgdata16(pi, msiptr + 2); 308 sc->psc_msi.emulated = 1; 309 pci_set_cfgdata8(pi, PCIR_CAP_PTR, msiptr); 310 } 311 #endif 312 313 /* Make sure one of the capabilities is present */ 314 if (sc->psc_msi.capoff == 0 && sc->psc_msix.capoff == 0) 315 return (-1); 316 else 317 return (0); 318 } 319 320 static uint64_t 321 msix_table_read(struct passthru_softc *sc, uint64_t offset, int size) 322 { 323 struct pci_devinst *pi; 324 struct msix_table_entry *entry; 325 uint8_t *src8; 326 uint16_t *src16; 327 uint32_t *src32; 328 uint64_t *src64; 329 uint64_t data; 330 size_t entry_offset; 331 uint32_t table_offset; 332 int index, table_count; 333 334 pi = sc->psc_pi; 335 336 table_offset = pi->pi_msix.table_offset; 337 table_count = pi->pi_msix.table_count; 338 if (offset < table_offset || 339 offset >= table_offset + table_count * MSIX_TABLE_ENTRY_SIZE) { 340 switch (size) { 341 case 1: 342 src8 = (uint8_t *)(pi->pi_msix.mapped_addr + offset); 343 data = *src8; 344 break; 345 case 2: 346 src16 = (uint16_t *)(pi->pi_msix.mapped_addr + offset); 347 data = *src16; 348 break; 349 case 4: 350 src32 = (uint32_t *)(pi->pi_msix.mapped_addr + offset); 351 data = *src32; 352 break; 353 case 8: 354 src64 = (uint64_t *)(pi->pi_msix.mapped_addr + offset); 355 data = *src64; 356 break; 357 default: 358 return (-1); 359 } 360 return (data); 361 } 362 363 offset -= table_offset; 364 index = offset / MSIX_TABLE_ENTRY_SIZE; 365 assert(index < table_count); 366 367 entry = &pi->pi_msix.table[index]; 368 entry_offset = offset % MSIX_TABLE_ENTRY_SIZE; 369 370 switch (size) { 371 case 1: 372 src8 = (uint8_t *)((uint8_t *)entry + entry_offset); 373 data = *src8; 374 break; 375 case 2: 376 src16 = (uint16_t *)((uint8_t *)entry + entry_offset); 377 data = *src16; 378 break; 379 case 4: 380 src32 = (uint32_t *)((uint8_t *)entry + entry_offset); 381 data = *src32; 382 break; 383 case 8: 384 src64 = (uint64_t *)((uint8_t *)entry + entry_offset); 385 data = *src64; 386 break; 387 default: 388 return (-1); 389 } 390 391 return (data); 392 } 393 394 static void 395 msix_table_write(struct passthru_softc *sc, uint64_t offset, int size, 396 uint64_t data) 397 { 398 struct pci_devinst *pi; 399 struct msix_table_entry *entry; 400 uint8_t *dest8; 401 uint16_t *dest16; 402 uint32_t *dest32; 403 uint64_t *dest64; 404 size_t entry_offset; 405 uint32_t table_offset, vector_control; 406 int index, table_count; 407 408 pi = sc->psc_pi; 409 410 table_offset = pi->pi_msix.table_offset; 411 table_count = pi->pi_msix.table_count; 412 if (offset < table_offset || 413 offset >= table_offset + table_count * MSIX_TABLE_ENTRY_SIZE) { 414 switch (size) { 415 case 1: 416 dest8 = (uint8_t *)(pi->pi_msix.mapped_addr + offset); 417 *dest8 = data; 418 break; 419 case 2: 420 dest16 = (uint16_t *)(pi->pi_msix.mapped_addr + offset); 421 *dest16 = data; 422 break; 423 case 4: 424 dest32 = (uint32_t *)(pi->pi_msix.mapped_addr + offset); 425 *dest32 = data; 426 break; 427 case 8: 428 dest64 = (uint64_t *)(pi->pi_msix.mapped_addr + offset); 429 *dest64 = data; 430 break; 431 } 432 return; 433 } 434 435 offset -= table_offset; 436 index = offset / MSIX_TABLE_ENTRY_SIZE; 437 assert(index < table_count); 438 439 entry = &pi->pi_msix.table[index]; 440 entry_offset = offset % MSIX_TABLE_ENTRY_SIZE; 441 442 /* Only 4 byte naturally-aligned writes are supported */ 443 assert(size == 4); 444 assert(entry_offset % 4 == 0); 445 446 vector_control = entry->vector_control; 447 dest32 = (uint32_t *)((uint8_t *)entry + entry_offset); 448 *dest32 = data; 449 /* If MSI-X hasn't been enabled, do nothing */ 450 if (pi->pi_msix.enabled) { 451 /* If the entry is masked, don't set it up */ 452 if ((entry->vector_control & PCIM_MSIX_VCTRL_MASK) == 0 || 453 (vector_control & PCIM_MSIX_VCTRL_MASK) == 0) { 454 (void)vm_setup_pptdev_msix(sc->psc_pi->pi_vmctx, 455 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 456 sc->psc_sel.pc_func, index, entry->addr, 457 entry->msg_data, entry->vector_control); 458 } 459 } 460 } 461 462 static int 463 init_msix_table(struct passthru_softc *sc) 464 { 465 struct pci_devinst *pi = sc->psc_pi; 466 struct pci_bar_mmap pbm; 467 int b, s, f; 468 uint32_t table_size, table_offset; 469 470 assert(pci_msix_table_bar(pi) >= 0 && pci_msix_pba_bar(pi) >= 0); 471 472 b = sc->psc_sel.pc_bus; 473 s = sc->psc_sel.pc_dev; 474 f = sc->psc_sel.pc_func; 475 476 /* 477 * Map the region of the BAR containing the MSI-X table. This is 478 * necessary for two reasons: 479 * 1. The PBA may reside in the first or last page containing the MSI-X 480 * table. 481 * 2. While PCI devices are not supposed to use the page(s) containing 482 * the MSI-X table for other purposes, some do in practice. 483 */ 484 memset(&pbm, 0, sizeof(pbm)); 485 pbm.pbm_sel = sc->psc_sel; 486 pbm.pbm_flags = PCIIO_BAR_MMAP_RW; 487 pbm.pbm_reg = PCIR_BAR(pi->pi_msix.table_bar); 488 pbm.pbm_memattr = VM_MEMATTR_DEVICE; 489 490 if (ioctl(pcifd, PCIOCBARMMAP, &pbm) != 0) { 491 warn("Failed to map MSI-X table BAR on %d/%d/%d", b, s, f); 492 return (-1); 493 } 494 assert(pbm.pbm_bar_off == 0); 495 pi->pi_msix.mapped_addr = (uint8_t *)(uintptr_t)pbm.pbm_map_base; 496 pi->pi_msix.mapped_size = pbm.pbm_map_length; 497 498 table_offset = rounddown2(pi->pi_msix.table_offset, 4096); 499 500 table_size = pi->pi_msix.table_offset - table_offset; 501 table_size += pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE; 502 table_size = roundup2(table_size, 4096); 503 504 /* 505 * Unmap any pages not containing the table, we do not need to emulate 506 * accesses to them. Avoid releasing address space to help ensure that 507 * a buggy out-of-bounds access causes a crash. 508 */ 509 if (table_offset != 0) 510 if (mprotect(pi->pi_msix.mapped_addr, table_offset, 511 PROT_NONE) != 0) 512 warn("Failed to unmap MSI-X table BAR region"); 513 if (table_offset + table_size != pi->pi_msix.mapped_size) 514 if (mprotect( 515 pi->pi_msix.mapped_addr + table_offset + table_size, 516 pi->pi_msix.mapped_size - (table_offset + table_size), 517 PROT_NONE) != 0) 518 warn("Failed to unmap MSI-X table BAR region"); 519 520 return (0); 521 } 522 523 static int 524 cfginitbar(struct passthru_softc *sc) 525 { 526 int i, error; 527 struct pci_devinst *pi; 528 struct pci_bar_io bar; 529 enum pcibar_type bartype; 530 uint64_t base, size; 531 532 pi = sc->psc_pi; 533 534 /* 535 * Initialize BAR registers 536 */ 537 for (i = 0; i <= PCI_BARMAX; i++) { 538 bzero(&bar, sizeof(bar)); 539 bar.pbi_sel = sc->psc_sel; 540 bar.pbi_reg = PCIR_BAR(i); 541 542 if (ioctl(pcifd, PCIOCGETBAR, &bar) < 0) 543 continue; 544 545 if (PCI_BAR_IO(bar.pbi_base)) { 546 bartype = PCIBAR_IO; 547 base = bar.pbi_base & PCIM_BAR_IO_BASE; 548 } else { 549 switch (bar.pbi_base & PCIM_BAR_MEM_TYPE) { 550 case PCIM_BAR_MEM_64: 551 bartype = PCIBAR_MEM64; 552 break; 553 default: 554 bartype = PCIBAR_MEM32; 555 break; 556 } 557 base = bar.pbi_base & PCIM_BAR_MEM_BASE; 558 } 559 size = bar.pbi_length; 560 561 if (bartype != PCIBAR_IO) { 562 if (((base | size) & PAGE_MASK) != 0) { 563 warnx("passthru device %d/%d/%d BAR %d: " 564 "base %#lx or size %#lx not page aligned\n", 565 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 566 sc->psc_sel.pc_func, i, base, size); 567 return (-1); 568 } 569 } 570 571 /* Cache information about the "real" BAR */ 572 sc->psc_bar[i].type = bartype; 573 sc->psc_bar[i].size = size; 574 sc->psc_bar[i].addr = base; 575 sc->psc_bar[i].lobits = 0; 576 577 /* Allocate the BAR in the guest I/O or MMIO space */ 578 error = pci_emul_alloc_bar(pi, i, bartype, size); 579 if (error) 580 return (-1); 581 582 /* Use same lobits as physical bar */ 583 uint8_t lobits = read_config(&sc->psc_sel, PCIR_BAR(i), 0x01); 584 if (bartype == PCIBAR_MEM32 || bartype == PCIBAR_MEM64) { 585 lobits &= ~PCIM_BAR_MEM_BASE; 586 } else { 587 lobits &= ~PCIM_BAR_IO_BASE; 588 } 589 sc->psc_bar[i].lobits = lobits; 590 pi->pi_bar[i].lobits = lobits; 591 592 /* 593 * 64-bit BAR takes up two slots so skip the next one. 594 */ 595 if (bartype == PCIBAR_MEM64) { 596 i++; 597 assert(i <= PCI_BARMAX); 598 sc->psc_bar[i].type = PCIBAR_MEMHI64; 599 } 600 } 601 return (0); 602 } 603 604 static int 605 cfginit(struct pci_devinst *pi, int bus, int slot, int func) 606 { 607 int error; 608 struct passthru_softc *sc; 609 uint8_t intline, intpin; 610 611 error = 1; 612 sc = pi->pi_arg; 613 614 bzero(&sc->psc_sel, sizeof(struct pcisel)); 615 sc->psc_sel.pc_bus = bus; 616 sc->psc_sel.pc_dev = slot; 617 sc->psc_sel.pc_func = func; 618 619 /* 620 * Copy physical PCI header to virtual config space. INTLINE and INTPIN 621 * shouldn't be aligned with their physical value and they are already set by 622 * pci_emul_init(). 623 */ 624 intline = pci_get_cfgdata8(pi, PCIR_INTLINE); 625 intpin = pci_get_cfgdata8(pi, PCIR_INTPIN); 626 for (int i = 0; i <= PCIR_MAXLAT; i += 4) { 627 pci_set_cfgdata32(pi, i, read_config(&sc->psc_sel, i, 4)); 628 } 629 pci_set_cfgdata8(pi, PCIR_INTLINE, intline); 630 pci_set_cfgdata8(pi, PCIR_INTPIN, intpin); 631 632 if (cfginitmsi(sc) != 0) { 633 warnx("failed to initialize MSI for PCI %d/%d/%d", 634 bus, slot, func); 635 goto done; 636 } 637 638 if (cfginitbar(sc) != 0) { 639 warnx("failed to initialize BARs for PCI %d/%d/%d", 640 bus, slot, func); 641 goto done; 642 } 643 644 write_config(&sc->psc_sel, PCIR_COMMAND, 2, 645 pci_get_cfgdata16(pi, PCIR_COMMAND)); 646 647 /* 648 * We need to do this after PCIR_COMMAND got possibly updated, e.g., 649 * a BAR was enabled, as otherwise the PCIOCBARMMAP might fail on us. 650 */ 651 if (pci_msix_table_bar(pi) >= 0) { 652 error = init_msix_table(sc); 653 if (error != 0) { 654 warnx( 655 "failed to initialize MSI-X table for PCI %d/%d/%d: %d", 656 bus, slot, func, error); 657 goto done; 658 } 659 } 660 661 error = 0; /* success */ 662 done: 663 return (error); 664 } 665 666 struct passthru_mmio_mapping * 667 passthru_get_mmio(struct passthru_softc *sc, int num) 668 { 669 assert(sc != NULL); 670 assert(num < PASSTHRU_MMIO_MAX); 671 672 return (&sc->psc_mmio_map[num]); 673 } 674 675 struct pcisel * 676 passthru_get_sel(struct passthru_softc *sc) 677 { 678 assert(sc != NULL); 679 680 return (&sc->psc_sel); 681 } 682 683 int 684 set_pcir_handler(struct passthru_softc *sc, int reg, int len, 685 cfgread_handler rhandler, cfgwrite_handler whandler) 686 { 687 if (reg > PCI_REGMAX || reg + len > PCI_REGMAX + 1) 688 return (-1); 689 690 for (int i = reg; i < reg + len; ++i) { 691 assert(sc->psc_pcir_rhandler[i] == NULL || rhandler == NULL); 692 assert(sc->psc_pcir_whandler[i] == NULL || whandler == NULL); 693 sc->psc_pcir_rhandler[i] = rhandler; 694 sc->psc_pcir_whandler[i] = whandler; 695 } 696 697 return (0); 698 } 699 700 static int 701 passthru_legacy_config(nvlist_t *nvl, const char *opts) 702 { 703 const char *cp; 704 char *tofree; 705 char value[16]; 706 int bus, slot, func; 707 708 if (opts == NULL) 709 return (0); 710 711 cp = strchr(opts, ','); 712 713 if (strncmp(opts, "ppt", strlen("ppt")) == 0) { 714 tofree = strndup(opts, cp - opts); 715 set_config_value_node(nvl, "pptdev", tofree); 716 free(tofree); 717 } else if (sscanf(opts, "pci0:%d:%d:%d", &bus, &slot, &func) == 3 || 718 sscanf(opts, "pci%d:%d:%d", &bus, &slot, &func) == 3 || 719 sscanf(opts, "%d/%d/%d", &bus, &slot, &func) == 3) { 720 snprintf(value, sizeof(value), "%d", bus); 721 set_config_value_node(nvl, "bus", value); 722 snprintf(value, sizeof(value), "%d", slot); 723 set_config_value_node(nvl, "slot", value); 724 snprintf(value, sizeof(value), "%d", func); 725 set_config_value_node(nvl, "func", value); 726 } else { 727 EPRINTLN("passthru: invalid options \"%s\"", opts); 728 return (-1); 729 } 730 731 if (cp == NULL) { 732 return (0); 733 } 734 735 return (pci_parse_legacy_config(nvl, cp + 1)); 736 } 737 738 static int 739 passthru_init_rom(struct passthru_softc *const sc, const char *const romfile) 740 { 741 if (romfile == NULL) { 742 return (0); 743 } 744 745 const int fd = open(romfile, O_RDONLY); 746 if (fd < 0) { 747 warnx("%s: can't open romfile \"%s\"", __func__, romfile); 748 return (-1); 749 } 750 751 struct stat sbuf; 752 if (fstat(fd, &sbuf) < 0) { 753 warnx("%s: can't fstat romfile \"%s\"", __func__, romfile); 754 close(fd); 755 return (-1); 756 } 757 const uint64_t rom_size = sbuf.st_size; 758 759 void *const rom_data = mmap(NULL, rom_size, PROT_READ, MAP_SHARED, fd, 760 0); 761 if (rom_data == MAP_FAILED) { 762 warnx("%s: unable to mmap romfile \"%s\" (%d)", __func__, 763 romfile, errno); 764 close(fd); 765 return (-1); 766 } 767 768 void *rom_addr; 769 int error = pci_emul_alloc_rom(sc->psc_pi, rom_size, &rom_addr); 770 if (error) { 771 warnx("%s: failed to alloc rom segment", __func__); 772 munmap(rom_data, rom_size); 773 close(fd); 774 return (error); 775 } 776 memcpy(rom_addr, rom_data, rom_size); 777 778 sc->psc_bar[PCI_ROM_IDX].type = PCIBAR_ROM; 779 sc->psc_bar[PCI_ROM_IDX].addr = (uint64_t)rom_addr; 780 sc->psc_bar[PCI_ROM_IDX].size = rom_size; 781 782 munmap(rom_data, rom_size); 783 close(fd); 784 785 return (0); 786 } 787 788 static bool 789 passthru_lookup_pptdev(const char *name, int *bus, int *slot, int *func) 790 { 791 struct pci_conf_io pc; 792 struct pci_conf conf[1]; 793 struct pci_match_conf patterns[1]; 794 char *cp; 795 796 bzero(&pc, sizeof(struct pci_conf_io)); 797 pc.match_buf_len = sizeof(conf); 798 pc.matches = conf; 799 800 bzero(&patterns, sizeof(patterns)); 801 802 /* 803 * The pattern structure requires the unit to be split out from 804 * the driver name. Walk backwards from the end of the name to 805 * find the start of the unit. 806 */ 807 cp = strchr(name, '\0'); 808 assert(cp != NULL); 809 while (cp != name && isdigit(cp[-1])) 810 cp--; 811 if (cp == name || !isdigit(*cp)) { 812 EPRINTLN("Invalid passthru device name %s", name); 813 return (false); 814 } 815 if ((size_t)(cp - name) + 1 > sizeof(patterns[0].pd_name)) { 816 EPRINTLN("Passthru device name %s is too long", name); 817 return (false); 818 } 819 memcpy(patterns[0].pd_name, name, cp - name); 820 patterns[0].pd_unit = strtol(cp, &cp, 10); 821 if (*cp != '\0') { 822 EPRINTLN("Invalid passthru device name %s", name); 823 return (false); 824 } 825 patterns[0].flags = PCI_GETCONF_MATCH_NAME | PCI_GETCONF_MATCH_UNIT; 826 pc.num_patterns = 1; 827 pc.pat_buf_len = sizeof(patterns); 828 pc.patterns = patterns; 829 830 if (ioctl(pcifd, PCIOCGETCONF, &pc) == -1) { 831 EPRINTLN("ioctl(PCIOCGETCONF): %s", strerror(errno)); 832 return (false); 833 } 834 if (pc.status != PCI_GETCONF_LAST_DEVICE && 835 pc.status != PCI_GETCONF_MORE_DEVS) { 836 EPRINTLN("error returned from PCIOCGETCONF ioctl"); 837 return (false); 838 } 839 if (pc.num_matches == 0) { 840 EPRINTLN("Passthru device %s not found", name); 841 return (false); 842 } 843 844 if (conf[0].pc_sel.pc_domain != 0) { 845 EPRINTLN("Passthru device %s on unsupported domain", name); 846 return (false); 847 } 848 *bus = conf[0].pc_sel.pc_bus; 849 *slot = conf[0].pc_sel.pc_dev; 850 *func = conf[0].pc_sel.pc_func; 851 return (true); 852 } 853 854 static int 855 passthru_init(struct pci_devinst *pi, nvlist_t *nvl) 856 { 857 int bus, slot, func, error, memflags; 858 struct passthru_softc *sc; 859 const char *value; 860 861 sc = NULL; 862 error = 1; 863 864 memflags = vm_get_memflags(pi->pi_vmctx); 865 if (!(memflags & VM_MEM_F_WIRED)) { 866 warnx("passthru requires guest memory to be wired"); 867 return (error); 868 } 869 870 if (pcifd < 0 && pcifd_init()) { 871 return (error); 872 } 873 874 #define GET_INT_CONFIG(var, name) do { \ 875 value = get_config_value_node(nvl, name); \ 876 if (value == NULL) { \ 877 EPRINTLN("passthru: missing required %s setting", name); \ 878 return (error); \ 879 } \ 880 var = atoi(value); \ 881 } while (0) 882 883 value = get_config_value_node(nvl, "pptdev"); 884 if (value != NULL) { 885 if (!passthru_lookup_pptdev(value, &bus, &slot, &func)) 886 return (error); 887 } else { 888 GET_INT_CONFIG(bus, "bus"); 889 GET_INT_CONFIG(slot, "slot"); 890 GET_INT_CONFIG(func, "func"); 891 } 892 893 if (vm_assign_pptdev(pi->pi_vmctx, bus, slot, func) != 0) { 894 warnx("PCI device at %d/%d/%d is not using the ppt(4) driver", 895 bus, slot, func); 896 goto done; 897 } 898 899 sc = calloc(1, sizeof(struct passthru_softc)); 900 901 pi->pi_arg = sc; 902 sc->psc_pi = pi; 903 904 /* initialize config space */ 905 if ((error = cfginit(pi, bus, slot, func)) != 0) 906 goto done; 907 908 /* initialize ROM */ 909 if ((error = passthru_init_rom(sc, 910 get_config_value_node(nvl, "rom"))) != 0) 911 goto done; 912 913 /* Emulate most PCI header register. */ 914 if ((error = set_pcir_handler(sc, 0, PCIR_MAXLAT + 1, 915 passthru_cfgread_emulate, passthru_cfgwrite_emulate)) != 0) 916 goto done; 917 918 /* Allow access to the physical command and status register. */ 919 if ((error = set_pcir_handler(sc, PCIR_COMMAND, 0x04, NULL, NULL)) != 0) 920 goto done; 921 922 error = 0; /* success */ 923 done: 924 if (error) { 925 free(sc); 926 vm_unassign_pptdev(pi->pi_vmctx, bus, slot, func); 927 } 928 return (error); 929 } 930 931 static int 932 msicap_access(struct passthru_softc *sc, int coff) 933 { 934 int caplen; 935 936 if (sc->psc_msi.capoff == 0) 937 return (0); 938 939 caplen = msi_caplen(sc->psc_msi.msgctrl); 940 941 if (coff >= sc->psc_msi.capoff && coff < sc->psc_msi.capoff + caplen) 942 return (1); 943 else 944 return (0); 945 } 946 947 static int 948 msixcap_access(struct passthru_softc *sc, int coff) 949 { 950 if (sc->psc_msix.capoff == 0) 951 return (0); 952 953 return (coff >= sc->psc_msix.capoff && 954 coff < sc->psc_msix.capoff + MSIX_CAPLEN); 955 } 956 957 static int 958 passthru_cfgread_default(struct passthru_softc *sc, 959 struct pci_devinst *pi __unused, int coff, int bytes, uint32_t *rv) 960 { 961 /* 962 * MSI capability is emulated. 963 */ 964 if (msicap_access(sc, coff) || msixcap_access(sc, coff)) 965 return (-1); 966 967 /* 968 * Emulate the command register. If a single read reads both the 969 * command and status registers, read the status register from the 970 * device's config space. 971 */ 972 if (coff == PCIR_COMMAND) { 973 if (bytes <= 2) 974 return (-1); 975 *rv = read_config(&sc->psc_sel, PCIR_STATUS, 2) << 16 | 976 pci_get_cfgdata16(pi, PCIR_COMMAND); 977 return (0); 978 } 979 980 /* Everything else just read from the device's config space */ 981 *rv = read_config(&sc->psc_sel, coff, bytes); 982 983 return (0); 984 } 985 986 int 987 passthru_cfgread_emulate(struct passthru_softc *sc __unused, 988 struct pci_devinst *pi __unused, int coff __unused, int bytes __unused, 989 uint32_t *rv __unused) 990 { 991 return (-1); 992 } 993 994 static int 995 passthru_cfgread(struct pci_devinst *pi, int coff, int bytes, uint32_t *rv) 996 { 997 struct passthru_softc *sc; 998 999 sc = pi->pi_arg; 1000 1001 if (sc->psc_pcir_rhandler[coff] != NULL) 1002 return (sc->psc_pcir_rhandler[coff](sc, pi, coff, bytes, rv)); 1003 1004 return (passthru_cfgread_default(sc, pi, coff, bytes, rv)); 1005 } 1006 1007 static int 1008 passthru_cfgwrite_default(struct passthru_softc *sc, struct pci_devinst *pi, 1009 int coff, int bytes, uint32_t val) 1010 { 1011 int error, msix_table_entries, i; 1012 uint16_t cmd_old; 1013 1014 /* 1015 * MSI capability is emulated 1016 */ 1017 if (msicap_access(sc, coff)) { 1018 pci_emul_capwrite(pi, coff, bytes, val, sc->psc_msi.capoff, 1019 PCIY_MSI); 1020 error = vm_setup_pptdev_msi(pi->pi_vmctx, sc->psc_sel.pc_bus, 1021 sc->psc_sel.pc_dev, sc->psc_sel.pc_func, 1022 pi->pi_msi.addr, pi->pi_msi.msg_data, 1023 pi->pi_msi.maxmsgnum); 1024 if (error != 0) 1025 err(1, "vm_setup_pptdev_msi"); 1026 return (0); 1027 } 1028 1029 if (msixcap_access(sc, coff)) { 1030 pci_emul_capwrite(pi, coff, bytes, val, sc->psc_msix.capoff, 1031 PCIY_MSIX); 1032 if (pi->pi_msix.enabled) { 1033 msix_table_entries = pi->pi_msix.table_count; 1034 for (i = 0; i < msix_table_entries; i++) { 1035 error = vm_setup_pptdev_msix(pi->pi_vmctx, 1036 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 1037 sc->psc_sel.pc_func, i, 1038 pi->pi_msix.table[i].addr, 1039 pi->pi_msix.table[i].msg_data, 1040 pi->pi_msix.table[i].vector_control); 1041 1042 if (error) 1043 err(1, "vm_setup_pptdev_msix"); 1044 } 1045 } else { 1046 error = vm_disable_pptdev_msix(pi->pi_vmctx, 1047 sc->psc_sel.pc_bus, sc->psc_sel.pc_dev, 1048 sc->psc_sel.pc_func); 1049 if (error) 1050 err(1, "vm_disable_pptdev_msix"); 1051 } 1052 return (0); 1053 } 1054 1055 #ifdef LEGACY_SUPPORT 1056 /* 1057 * If this device does not support MSI natively then we cannot let 1058 * the guest disable legacy interrupts from the device. It is the 1059 * legacy interrupt that is triggering the virtual MSI to the guest. 1060 */ 1061 if (sc->psc_msi.emulated && pci_msi_enabled(pi)) { 1062 if (coff == PCIR_COMMAND && bytes == 2) 1063 val &= ~PCIM_CMD_INTxDIS; 1064 } 1065 #endif 1066 1067 write_config(&sc->psc_sel, coff, bytes, val); 1068 if (coff == PCIR_COMMAND) { 1069 cmd_old = pci_get_cfgdata16(pi, PCIR_COMMAND); 1070 if (bytes == 1) 1071 pci_set_cfgdata8(pi, PCIR_COMMAND, val); 1072 else if (bytes == 2) 1073 pci_set_cfgdata16(pi, PCIR_COMMAND, val); 1074 pci_emul_cmd_changed(pi, cmd_old); 1075 } 1076 1077 return (0); 1078 } 1079 1080 int 1081 passthru_cfgwrite_emulate(struct passthru_softc *sc __unused, 1082 struct pci_devinst *pi __unused, int coff __unused, int bytes __unused, 1083 uint32_t val __unused) 1084 { 1085 return (-1); 1086 } 1087 1088 static int 1089 passthru_cfgwrite(struct pci_devinst *pi, int coff, int bytes, uint32_t val) 1090 { 1091 struct passthru_softc *sc; 1092 1093 sc = pi->pi_arg; 1094 1095 if (sc->psc_pcir_whandler[coff] != NULL) 1096 return (sc->psc_pcir_whandler[coff](sc, pi, coff, bytes, val)); 1097 1098 return (passthru_cfgwrite_default(sc, pi, coff, bytes, val)); 1099 } 1100 1101 static void 1102 passthru_write(struct pci_devinst *pi, int baridx, uint64_t offset, int size, 1103 uint64_t value) 1104 { 1105 struct passthru_softc *sc; 1106 struct pci_bar_ioreq pio; 1107 1108 sc = pi->pi_arg; 1109 1110 if (baridx == pci_msix_table_bar(pi)) { 1111 msix_table_write(sc, offset, size, value); 1112 } else { 1113 assert(pi->pi_bar[baridx].type == PCIBAR_IO); 1114 assert(size == 1 || size == 2 || size == 4); 1115 assert(offset <= UINT32_MAX && offset + size <= UINT32_MAX); 1116 1117 bzero(&pio, sizeof(pio)); 1118 pio.pbi_sel = sc->psc_sel; 1119 pio.pbi_op = PCIBARIO_WRITE; 1120 pio.pbi_bar = baridx; 1121 pio.pbi_offset = (uint32_t)offset; 1122 pio.pbi_width = size; 1123 pio.pbi_value = (uint32_t)value; 1124 1125 (void)ioctl(pcifd, PCIOCBARIO, &pio); 1126 } 1127 } 1128 1129 static uint64_t 1130 passthru_read(struct pci_devinst *pi, int baridx, uint64_t offset, int size) 1131 { 1132 struct passthru_softc *sc; 1133 struct pci_bar_ioreq pio; 1134 uint64_t val; 1135 1136 sc = pi->pi_arg; 1137 1138 if (baridx == pci_msix_table_bar(pi)) { 1139 val = msix_table_read(sc, offset, size); 1140 } else { 1141 assert(pi->pi_bar[baridx].type == PCIBAR_IO); 1142 assert(size == 1 || size == 2 || size == 4); 1143 assert(offset <= UINT32_MAX && offset + size <= UINT32_MAX); 1144 1145 bzero(&pio, sizeof(pio)); 1146 pio.pbi_sel = sc->psc_sel; 1147 pio.pbi_op = PCIBARIO_READ; 1148 pio.pbi_bar = baridx; 1149 pio.pbi_offset = (uint32_t)offset; 1150 pio.pbi_width = size; 1151 1152 (void)ioctl(pcifd, PCIOCBARIO, &pio); 1153 1154 val = pio.pbi_value; 1155 } 1156 1157 return (val); 1158 } 1159 1160 static void 1161 passthru_msix_addr(struct pci_devinst *pi, int baridx, int enabled, 1162 uint64_t address) 1163 { 1164 struct passthru_softc *sc; 1165 size_t remaining; 1166 uint32_t table_size, table_offset; 1167 1168 sc = pi->pi_arg; 1169 table_offset = rounddown2(pi->pi_msix.table_offset, 4096); 1170 if (table_offset > 0) { 1171 if (!enabled) { 1172 if (vm_unmap_pptdev_mmio(pi->pi_vmctx, 1173 sc->psc_sel.pc_bus, 1174 sc->psc_sel.pc_dev, 1175 sc->psc_sel.pc_func, address, 1176 table_offset) != 0) 1177 warnx("pci_passthru: unmap_pptdev_mmio failed"); 1178 } else { 1179 if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1180 sc->psc_sel.pc_dev, 1181 sc->psc_sel.pc_func, address, 1182 table_offset, 1183 sc->psc_bar[baridx].addr) != 0) 1184 warnx("pci_passthru: map_pptdev_mmio failed"); 1185 } 1186 } 1187 table_size = pi->pi_msix.table_offset - table_offset; 1188 table_size += pi->pi_msix.table_count * MSIX_TABLE_ENTRY_SIZE; 1189 table_size = roundup2(table_size, 4096); 1190 remaining = pi->pi_bar[baridx].size - table_offset - table_size; 1191 if (remaining > 0) { 1192 address += table_offset + table_size; 1193 if (!enabled) { 1194 if (vm_unmap_pptdev_mmio(pi->pi_vmctx, 1195 sc->psc_sel.pc_bus, 1196 sc->psc_sel.pc_dev, 1197 sc->psc_sel.pc_func, address, 1198 remaining) != 0) 1199 warnx("pci_passthru: unmap_pptdev_mmio failed"); 1200 } else { 1201 if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1202 sc->psc_sel.pc_dev, 1203 sc->psc_sel.pc_func, address, 1204 remaining, 1205 sc->psc_bar[baridx].addr + 1206 table_offset + table_size) != 0) 1207 warnx("pci_passthru: map_pptdev_mmio failed"); 1208 } 1209 } 1210 } 1211 1212 static void 1213 passthru_mmio_addr(struct pci_devinst *pi, int baridx, int enabled, 1214 uint64_t address) 1215 { 1216 struct passthru_softc *sc; 1217 1218 sc = pi->pi_arg; 1219 if (!enabled) { 1220 if (vm_unmap_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1221 sc->psc_sel.pc_dev, 1222 sc->psc_sel.pc_func, address, 1223 sc->psc_bar[baridx].size) != 0) 1224 warnx("pci_passthru: unmap_pptdev_mmio failed"); 1225 } else { 1226 if (vm_map_pptdev_mmio(pi->pi_vmctx, sc->psc_sel.pc_bus, 1227 sc->psc_sel.pc_dev, 1228 sc->psc_sel.pc_func, address, 1229 sc->psc_bar[baridx].size, 1230 sc->psc_bar[baridx].addr) != 0) 1231 warnx("pci_passthru: map_pptdev_mmio failed"); 1232 } 1233 } 1234 1235 static void 1236 passthru_addr_rom(struct pci_devinst *const pi, const int idx, 1237 const int enabled) 1238 { 1239 const uint64_t addr = pi->pi_bar[idx].addr; 1240 const uint64_t size = pi->pi_bar[idx].size; 1241 1242 if (!enabled) { 1243 if (vm_munmap_memseg(pi->pi_vmctx, addr, size) != 0) { 1244 errx(4, "%s: munmap_memseg @ [%016lx - %016lx] failed", 1245 __func__, addr, addr + size); 1246 } 1247 1248 } else { 1249 if (vm_mmap_memseg(pi->pi_vmctx, addr, VM_PCIROM, 1250 pi->pi_romoffset, size, PROT_READ | PROT_EXEC) != 0) { 1251 errx(4, "%s: mmap_memseg @ [%016lx - %016lx] failed", 1252 __func__, addr, addr + size); 1253 } 1254 } 1255 } 1256 1257 static void 1258 passthru_addr(struct pci_devinst *pi, int baridx, int enabled, uint64_t address) 1259 { 1260 switch (pi->pi_bar[baridx].type) { 1261 case PCIBAR_IO: 1262 /* IO BARs are emulated */ 1263 break; 1264 case PCIBAR_ROM: 1265 passthru_addr_rom(pi, baridx, enabled); 1266 break; 1267 case PCIBAR_MEM32: 1268 case PCIBAR_MEM64: 1269 if (baridx == pci_msix_table_bar(pi)) 1270 passthru_msix_addr(pi, baridx, enabled, address); 1271 else 1272 passthru_mmio_addr(pi, baridx, enabled, address); 1273 break; 1274 default: 1275 errx(4, "%s: invalid BAR type %d", __func__, 1276 pi->pi_bar[baridx].type); 1277 } 1278 } 1279 1280 static const struct pci_devemu passthru = { 1281 .pe_emu = "passthru", 1282 .pe_init = passthru_init, 1283 .pe_legacy_config = passthru_legacy_config, 1284 .pe_cfgwrite = passthru_cfgwrite, 1285 .pe_cfgread = passthru_cfgread, 1286 .pe_barwrite = passthru_write, 1287 .pe_barread = passthru_read, 1288 .pe_baraddr = passthru_addr, 1289 }; 1290 PCI_EMUL_SET(passthru); 1291