1 // Copyright 2018 The Chromium OS Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE-BSD-3-Clause file.
4 //
5 // Copyright © 2019 Intel Corporation
6 //
7 // SPDX-License-Identifier: Apache-2.0 AND BSD-3-Clause
8
9 use std::sync::atomic::{AtomicU16, Ordering};
10 use std::sync::{Arc, Mutex};
11
12 use byteorder::{ByteOrder, LittleEndian};
13 use serde::{Deserialize, Serialize};
14 use virtio_queue::{Queue, QueueT};
15 use vm_migration::{MigratableError, Pausable, Snapshot, Snapshottable};
16 use vm_virtio::AccessPlatform;
17
18 use crate::VirtioDevice;
19
20 pub const VIRTIO_PCI_COMMON_CONFIG_ID: &str = "virtio_pci_common_config";
21
22 #[derive(Clone, Serialize, Deserialize)]
23 pub struct VirtioPciCommonConfigState {
24 pub driver_status: u8,
25 pub config_generation: u8,
26 pub device_feature_select: u32,
27 pub driver_feature_select: u32,
28 pub queue_select: u16,
29 pub msix_config: u16,
30 pub msix_queues: Vec<u16>,
31 }
32
33 /* The standard layout for the ring is a continuous chunk of memory which looks
34 * like this. We assume num is a power of 2.
35 *
36 * struct vring
37 * {
38 * // The actual descriptors (16 bytes each)
39 * struct vring_desc desc[num];
40 *
41 * // A ring of available descriptor heads with free-running index.
42 * __virtio16 avail_flags;
43 * __virtio16 avail_idx;
44 * __virtio16 available[num];
45 * __virtio16 used_event_idx;
46 *
47 * // Padding to the next align boundary.
48 * char pad[];
49 *
50 * // A ring of used descriptor heads with free-running index.
51 * __virtio16 used_flags;
52 * __virtio16 used_idx;
53 * struct vring_used_elem used[num];
54 * __virtio16 avail_event_idx;
55 * };
56 * struct vring_desc {
57 * __virtio64 addr;
58 * __virtio32 len;
59 * __virtio16 flags;
60 * __virtio16 next;
61 * };
62 *
63 * struct vring_avail {
64 * __virtio16 flags;
65 * __virtio16 idx;
66 * __virtio16 ring[];
67 * };
68 *
69 * // u32 is used here for ids for padding reasons.
70 * struct vring_used_elem {
71 * // Index of start of used descriptor chain.
72 * __virtio32 id;
73 * // Total length of the descriptor chain which was used (written to)
74 * __virtio32 len;
75 * };
76 *
77 * Kernel header used for this reference: include/uapi/linux/virtio_ring.h
78 * Virtio Spec: https://docs.oasis-open.org/virtio/virtio/v1.2/csd01/virtio-v1.2-csd01.html
79 *
80 */
81 const VRING_DESC_ELEMENT_SIZE: usize = 16;
82 const VRING_AVAIL_ELEMENT_SIZE: usize = 2;
83 const VRING_USED_ELEMENT_SIZE: usize = 8;
84 pub enum VringType {
85 Desc,
86 Avail,
87 Used,
88 }
89
get_vring_size(t: VringType, queue_size: u16) -> u6490 pub fn get_vring_size(t: VringType, queue_size: u16) -> u64 {
91 let (length_except_ring, element_size) = match t {
92 VringType::Desc => (0, VRING_DESC_ELEMENT_SIZE),
93 VringType::Avail => (6, VRING_AVAIL_ELEMENT_SIZE),
94 VringType::Used => (6, VRING_USED_ELEMENT_SIZE),
95 };
96 (length_except_ring + element_size * queue_size as usize) as u64
97 }
98
99 /// Contains the data for reading and writing the common configuration structure of a virtio PCI
100 /// device.
101 ///
102 /// * Registers:
103 ///
104 /// ** About the whole device.
105 /// le32 device_feature_select; // 0x00 // read-write
106 /// le32 device_feature; // 0x04 // read-only for driver
107 /// le32 driver_feature_select; // 0x08 // read-write
108 /// le32 driver_feature; // 0x0C // read-write
109 /// le16 msix_config; // 0x10 // read-write
110 /// le16 num_queues; // 0x12 // read-only for driver
111 /// u8 device_status; // 0x14 // read-write (driver_status)
112 /// u8 config_generation; // 0x15 // read-only for driver
113 ///
114 /// ** About a specific virtqueue.
115 /// le16 queue_select; // 0x16 // read-write
116 /// le16 queue_size; // 0x18 // read-write, power of 2, or 0.
117 /// le16 queue_msix_vector; // 0x1A // read-write
118 /// le16 queue_enable; // 0x1C // read-write (Ready)
119 /// le16 queue_notify_off; // 0x1E // read-only for driver
120 /// le64 queue_desc; // 0x20 // read-write
121 /// le64 queue_avail; // 0x28 // read-write
122 /// le64 queue_used; // 0x30 // read-write
123 pub struct VirtioPciCommonConfig {
124 pub access_platform: Option<Arc<dyn AccessPlatform>>,
125 pub driver_status: u8,
126 pub config_generation: u8,
127 pub device_feature_select: u32,
128 pub driver_feature_select: u32,
129 pub queue_select: u16,
130 pub msix_config: Arc<AtomicU16>,
131 pub msix_queues: Arc<Mutex<Vec<u16>>>,
132 }
133
134 impl VirtioPciCommonConfig {
new( state: VirtioPciCommonConfigState, access_platform: Option<Arc<dyn AccessPlatform>>, ) -> Self135 pub fn new(
136 state: VirtioPciCommonConfigState,
137 access_platform: Option<Arc<dyn AccessPlatform>>,
138 ) -> Self {
139 VirtioPciCommonConfig {
140 access_platform,
141 driver_status: state.driver_status,
142 config_generation: state.config_generation,
143 device_feature_select: state.device_feature_select,
144 driver_feature_select: state.driver_feature_select,
145 queue_select: state.queue_select,
146 msix_config: Arc::new(AtomicU16::new(state.msix_config)),
147 msix_queues: Arc::new(Mutex::new(state.msix_queues)),
148 }
149 }
150
state(&self) -> VirtioPciCommonConfigState151 fn state(&self) -> VirtioPciCommonConfigState {
152 VirtioPciCommonConfigState {
153 driver_status: self.driver_status,
154 config_generation: self.config_generation,
155 device_feature_select: self.device_feature_select,
156 driver_feature_select: self.driver_feature_select,
157 queue_select: self.queue_select,
158 msix_config: self.msix_config.load(Ordering::Acquire),
159 msix_queues: self.msix_queues.lock().unwrap().clone(),
160 }
161 }
162
read( &mut self, offset: u64, data: &mut [u8], queues: &[Queue], device: Arc<Mutex<dyn VirtioDevice>>, )163 pub fn read(
164 &mut self,
165 offset: u64,
166 data: &mut [u8],
167 queues: &[Queue],
168 device: Arc<Mutex<dyn VirtioDevice>>,
169 ) {
170 assert!(data.len() <= 8);
171
172 match data.len() {
173 1 => {
174 let v = self.read_common_config_byte(offset);
175 data[0] = v;
176 }
177 2 => {
178 let v = self.read_common_config_word(offset, queues);
179 LittleEndian::write_u16(data, v);
180 }
181 4 => {
182 let v = self.read_common_config_dword(offset, device);
183 LittleEndian::write_u32(data, v);
184 }
185 8 => {
186 let v = self.read_common_config_qword(offset);
187 LittleEndian::write_u64(data, v);
188 }
189 _ => error!("invalid data length for virtio read: len {}", data.len()),
190 }
191 }
192
write( &mut self, offset: u64, data: &[u8], queues: &mut [Queue], device: Arc<Mutex<dyn VirtioDevice>>, )193 pub fn write(
194 &mut self,
195 offset: u64,
196 data: &[u8],
197 queues: &mut [Queue],
198 device: Arc<Mutex<dyn VirtioDevice>>,
199 ) {
200 assert!(data.len() <= 8);
201
202 match data.len() {
203 1 => self.write_common_config_byte(offset, data[0]),
204 2 => self.write_common_config_word(offset, LittleEndian::read_u16(data), queues),
205 4 => {
206 self.write_common_config_dword(offset, LittleEndian::read_u32(data), queues, device)
207 }
208 8 => self.write_common_config_qword(offset, LittleEndian::read_u64(data), queues),
209 _ => error!("invalid data length for virtio write: len {}", data.len()),
210 }
211 }
212
read_common_config_byte(&self, offset: u64) -> u8213 fn read_common_config_byte(&self, offset: u64) -> u8 {
214 debug!("read_common_config_byte: offset 0x{:x}", offset);
215 // The driver is only allowed to do aligned, properly sized access.
216 match offset {
217 0x14 => self.driver_status,
218 0x15 => self.config_generation,
219 _ => {
220 warn!("invalid virtio config byte read: 0x{:x}", offset);
221 0
222 }
223 }
224 }
225
write_common_config_byte(&mut self, offset: u64, value: u8)226 fn write_common_config_byte(&mut self, offset: u64, value: u8) {
227 debug!("write_common_config_byte: offset 0x{:x}", offset);
228 match offset {
229 0x14 => self.driver_status = value,
230 _ => {
231 warn!("invalid virtio config byte write: 0x{:x}", offset);
232 }
233 }
234 }
235
read_common_config_word(&self, offset: u64, queues: &[Queue]) -> u16236 fn read_common_config_word(&self, offset: u64, queues: &[Queue]) -> u16 {
237 debug!("read_common_config_word: offset 0x{:x}", offset);
238 match offset {
239 0x10 => self.msix_config.load(Ordering::Acquire),
240 0x12 => queues.len() as u16, // num_queues
241 0x16 => self.queue_select,
242 0x18 => self.with_queue(queues, |q| q.size()).unwrap_or(0),
243 0x1a => self.msix_queues.lock().unwrap()[self.queue_select as usize],
244 0x1c => u16::from(self.with_queue(queues, |q| q.ready()).unwrap_or(false)),
245 0x1e => self.queue_select, // notify_off
246 _ => {
247 warn!("invalid virtio register word read: 0x{:x}", offset);
248 0
249 }
250 }
251 }
252
write_common_config_word(&mut self, offset: u64, value: u16, queues: &mut [Queue])253 fn write_common_config_word(&mut self, offset: u64, value: u16, queues: &mut [Queue]) {
254 debug!("write_common_config_word: offset 0x{:x}", offset);
255 match offset {
256 0x10 => self.msix_config.store(value, Ordering::Release),
257 0x16 => self.queue_select = value,
258 0x18 => self.with_queue_mut(queues, |q| q.set_size(value)),
259 0x1a => self.msix_queues.lock().unwrap()[self.queue_select as usize] = value,
260 0x1c => self.with_queue_mut(queues, |q| {
261 let ready = value == 1;
262 q.set_ready(ready);
263 // Translate address of descriptor table and vrings.
264 if let Some(access_platform) = &self.access_platform {
265 if ready {
266 let desc_table = access_platform
267 .translate_gva(
268 q.desc_table(),
269 get_vring_size(VringType::Desc, q.size()),
270 )
271 .unwrap();
272 let avail_ring = access_platform
273 .translate_gva(
274 q.avail_ring(),
275 get_vring_size(VringType::Avail, q.size()),
276 )
277 .unwrap();
278 let used_ring = access_platform
279 .translate_gva(q.used_ring(), get_vring_size(VringType::Used, q.size()))
280 .unwrap();
281 q.set_desc_table_address(
282 Some((desc_table & 0xffff_ffff) as u32),
283 Some((desc_table >> 32) as u32),
284 );
285 q.set_avail_ring_address(
286 Some((avail_ring & 0xffff_ffff) as u32),
287 Some((avail_ring >> 32) as u32),
288 );
289 q.set_used_ring_address(
290 Some((used_ring & 0xffff_ffff) as u32),
291 Some((used_ring >> 32) as u32),
292 );
293 }
294 }
295 }),
296 _ => {
297 warn!("invalid virtio register word write: 0x{:x}", offset);
298 }
299 }
300 }
301
read_common_config_dword(&self, offset: u64, device: Arc<Mutex<dyn VirtioDevice>>) -> u32302 fn read_common_config_dword(&self, offset: u64, device: Arc<Mutex<dyn VirtioDevice>>) -> u32 {
303 debug!("read_common_config_dword: offset 0x{:x}", offset);
304 match offset {
305 0x00 => self.device_feature_select,
306 0x04 => {
307 let locked_device = device.lock().unwrap();
308 // Only 64 bits of features (2 pages) are defined for now, so limit
309 // device_feature_select to avoid shifting by 64 or more bits.
310 if self.device_feature_select < 2 {
311 (locked_device.features() >> (self.device_feature_select * 32)) as u32
312 } else {
313 0
314 }
315 }
316 0x08 => self.driver_feature_select,
317 _ => {
318 warn!("invalid virtio register dword read: 0x{:x}", offset);
319 0
320 }
321 }
322 }
323
write_common_config_dword( &mut self, offset: u64, value: u32, queues: &mut [Queue], device: Arc<Mutex<dyn VirtioDevice>>, )324 fn write_common_config_dword(
325 &mut self,
326 offset: u64,
327 value: u32,
328 queues: &mut [Queue],
329 device: Arc<Mutex<dyn VirtioDevice>>,
330 ) {
331 debug!("write_common_config_dword: offset 0x{:x}", offset);
332
333 match offset {
334 0x00 => self.device_feature_select = value,
335 0x08 => self.driver_feature_select = value,
336 0x0c => {
337 if self.driver_feature_select < 2 {
338 let mut locked_device = device.lock().unwrap();
339 locked_device
340 .ack_features(u64::from(value) << (self.driver_feature_select * 32));
341 } else {
342 warn!(
343 "invalid ack_features (page {}, value 0x{:x})",
344 self.driver_feature_select, value
345 );
346 }
347 }
348 0x20 => self.with_queue_mut(queues, |q| q.set_desc_table_address(Some(value), None)),
349 0x24 => self.with_queue_mut(queues, |q| q.set_desc_table_address(None, Some(value))),
350 0x28 => self.with_queue_mut(queues, |q| q.set_avail_ring_address(Some(value), None)),
351 0x2c => self.with_queue_mut(queues, |q| q.set_avail_ring_address(None, Some(value))),
352 0x30 => self.with_queue_mut(queues, |q| q.set_used_ring_address(Some(value), None)),
353 0x34 => self.with_queue_mut(queues, |q| q.set_used_ring_address(None, Some(value))),
354 _ => {
355 warn!("invalid virtio register dword write: 0x{:x}", offset);
356 }
357 }
358 }
359
read_common_config_qword(&self, _offset: u64) -> u64360 fn read_common_config_qword(&self, _offset: u64) -> u64 {
361 debug!("read_common_config_qword: offset 0x{:x}", _offset);
362 0 // Assume the guest has no reason to read write-only registers.
363 }
364
write_common_config_qword(&mut self, offset: u64, value: u64, queues: &mut [Queue])365 fn write_common_config_qword(&mut self, offset: u64, value: u64, queues: &mut [Queue]) {
366 debug!("write_common_config_qword: offset 0x{:x}", offset);
367
368 let low = Some((value & 0xffff_ffff) as u32);
369 let high = Some((value >> 32) as u32);
370
371 match offset {
372 0x20 => self.with_queue_mut(queues, |q| q.set_desc_table_address(low, high)),
373 0x28 => self.with_queue_mut(queues, |q| q.set_avail_ring_address(low, high)),
374 0x30 => self.with_queue_mut(queues, |q| q.set_used_ring_address(low, high)),
375 _ => {
376 warn!("invalid virtio register qword write: 0x{:x}", offset);
377 }
378 }
379 }
380
with_queue<U, F>(&self, queues: &[Queue], f: F) -> Option<U> where F: FnOnce(&Queue) -> U,381 fn with_queue<U, F>(&self, queues: &[Queue], f: F) -> Option<U>
382 where
383 F: FnOnce(&Queue) -> U,
384 {
385 queues.get(self.queue_select as usize).map(f)
386 }
387
with_queue_mut<F: FnOnce(&mut Queue)>(&self, queues: &mut [Queue], f: F)388 fn with_queue_mut<F: FnOnce(&mut Queue)>(&self, queues: &mut [Queue], f: F) {
389 if let Some(queue) = queues.get_mut(self.queue_select as usize) {
390 f(queue);
391 }
392 }
393 }
394
395 impl Pausable for VirtioPciCommonConfig {}
396
397 impl Snapshottable for VirtioPciCommonConfig {
id(&self) -> String398 fn id(&self) -> String {
399 String::from(VIRTIO_PCI_COMMON_CONFIG_ID)
400 }
401
snapshot(&mut self) -> std::result::Result<Snapshot, MigratableError>402 fn snapshot(&mut self) -> std::result::Result<Snapshot, MigratableError> {
403 Snapshot::new_from_state(&self.state())
404 }
405 }
406
407 #[cfg(test)]
408 mod tests {
409 use vm_memory::GuestMemoryAtomic;
410 use vmm_sys_util::eventfd::EventFd;
411
412 use super::*;
413 use crate::{ActivateResult, GuestMemoryMmap, VirtioInterrupt};
414
415 struct DummyDevice(u32);
416 const QUEUE_SIZE: u16 = 256;
417 const QUEUE_SIZES: &[u16] = &[QUEUE_SIZE];
418 const DUMMY_FEATURES: u64 = 0x5555_aaaa;
419 impl VirtioDevice for DummyDevice {
device_type(&self) -> u32420 fn device_type(&self) -> u32 {
421 self.0
422 }
queue_max_sizes(&self) -> &[u16]423 fn queue_max_sizes(&self) -> &[u16] {
424 QUEUE_SIZES
425 }
activate( &mut self, _mem: GuestMemoryAtomic<GuestMemoryMmap>, _interrupt_evt: Arc<dyn VirtioInterrupt>, _queues: Vec<(usize, Queue, EventFd)>, ) -> ActivateResult426 fn activate(
427 &mut self,
428 _mem: GuestMemoryAtomic<GuestMemoryMmap>,
429 _interrupt_evt: Arc<dyn VirtioInterrupt>,
430 _queues: Vec<(usize, Queue, EventFd)>,
431 ) -> ActivateResult {
432 Ok(())
433 }
434
features(&self) -> u64435 fn features(&self) -> u64 {
436 DUMMY_FEATURES
437 }
438
ack_features(&mut self, _value: u64)439 fn ack_features(&mut self, _value: u64) {}
440
read_config(&self, _offset: u64, _data: &mut [u8])441 fn read_config(&self, _offset: u64, _data: &mut [u8]) {}
442
write_config(&mut self, _offset: u64, _data: &[u8])443 fn write_config(&mut self, _offset: u64, _data: &[u8]) {}
444 }
445
446 #[test]
write_base_regs()447 fn write_base_regs() {
448 let mut regs = VirtioPciCommonConfig {
449 access_platform: None,
450 driver_status: 0xaa,
451 config_generation: 0x55,
452 device_feature_select: 0x0,
453 driver_feature_select: 0x0,
454 queue_select: 0xff,
455 msix_config: Arc::new(AtomicU16::new(0)),
456 msix_queues: Arc::new(Mutex::new(vec![0; 3])),
457 };
458
459 let dev = Arc::new(Mutex::new(DummyDevice(0)));
460 let mut queues = Vec::new();
461
462 // Can set all bits of driver_status.
463 regs.write(0x14, &[0x55], &mut queues, dev.clone());
464 let mut read_back = vec![0x00];
465 regs.read(0x14, &mut read_back, &queues, dev.clone());
466 assert_eq!(read_back[0], 0x55);
467
468 // The config generation register is read only.
469 regs.write(0x15, &[0xaa], &mut queues, dev.clone());
470 let mut read_back = vec![0x00];
471 regs.read(0x15, &mut read_back, &queues, dev.clone());
472 assert_eq!(read_back[0], 0x55);
473
474 // Device features is read-only and passed through from the device.
475 regs.write(0x04, &[0, 0, 0, 0], &mut queues, dev.clone());
476 let mut read_back = vec![0, 0, 0, 0];
477 regs.read(0x04, &mut read_back, &queues, dev.clone());
478 assert_eq!(LittleEndian::read_u32(&read_back), DUMMY_FEATURES as u32);
479
480 // Feature select registers are read/write.
481 regs.write(0x00, &[1, 2, 3, 4], &mut queues, dev.clone());
482 let mut read_back = vec![0, 0, 0, 0];
483 regs.read(0x00, &mut read_back, &queues, dev.clone());
484 assert_eq!(LittleEndian::read_u32(&read_back), 0x0403_0201);
485 regs.write(0x08, &[1, 2, 3, 4], &mut queues, dev.clone());
486 let mut read_back = vec![0, 0, 0, 0];
487 regs.read(0x08, &mut read_back, &queues, dev.clone());
488 assert_eq!(LittleEndian::read_u32(&read_back), 0x0403_0201);
489
490 // 'queue_select' can be read and written.
491 regs.write(0x16, &[0xaa, 0x55], &mut queues, dev.clone());
492 let mut read_back = vec![0x00, 0x00];
493 regs.read(0x16, &mut read_back, &queues, dev);
494 assert_eq!(read_back[0], 0xaa);
495 assert_eq!(read_back[1], 0x55);
496 }
497 }
498