110857ec0SEugenio Pérez /* 210857ec0SEugenio Pérez * vhost shadow virtqueue 310857ec0SEugenio Pérez * 410857ec0SEugenio Pérez * SPDX-FileCopyrightText: Red Hat, Inc. 2021 510857ec0SEugenio Pérez * SPDX-FileContributor: Author: Eugenio Pérez <eperezma@redhat.com> 610857ec0SEugenio Pérez * 710857ec0SEugenio Pérez * SPDX-License-Identifier: GPL-2.0-or-later 810857ec0SEugenio Pérez */ 910857ec0SEugenio Pérez 1010857ec0SEugenio Pérez #include "qemu/osdep.h" 1110857ec0SEugenio Pérez #include "hw/virtio/vhost-shadow-virtqueue.h" 1210857ec0SEugenio Pérez 1310857ec0SEugenio Pérez #include "qemu/error-report.h" 144725a418SEugenio Pérez #include "qapi/error.h" 15dff4426fSEugenio Pérez #include "qemu/main-loop.h" 16100890f7SEugenio Pérez #include "qemu/log.h" 17100890f7SEugenio Pérez #include "qemu/memalign.h" 18dff4426fSEugenio Pérez #include "linux-headers/linux/vhost.h" 19dff4426fSEugenio Pérez 20dff4426fSEugenio Pérez /** 214725a418SEugenio Pérez * Validate the transport device features that both guests can use with the SVQ 224725a418SEugenio Pérez * and SVQs can use with the device. 234725a418SEugenio Pérez * 244725a418SEugenio Pérez * @dev_features: The features 254725a418SEugenio Pérez * @errp: Error pointer 264725a418SEugenio Pérez */ 274725a418SEugenio Pérez bool vhost_svq_valid_features(uint64_t features, Error **errp) 284725a418SEugenio Pérez { 294725a418SEugenio Pérez bool ok = true; 304725a418SEugenio Pérez uint64_t svq_features = features; 314725a418SEugenio Pérez 324725a418SEugenio Pérez for (uint64_t b = VIRTIO_TRANSPORT_F_START; b <= VIRTIO_TRANSPORT_F_END; 334725a418SEugenio Pérez ++b) { 344725a418SEugenio Pérez switch (b) { 354725a418SEugenio Pérez case VIRTIO_F_ANY_LAYOUT: 36396d5126SEugenio Pérez case VIRTIO_RING_F_EVENT_IDX: 374725a418SEugenio Pérez continue; 384725a418SEugenio Pérez 394725a418SEugenio Pérez case VIRTIO_F_ACCESS_PLATFORM: 404725a418SEugenio Pérez /* SVQ trust in the host's IOMMU to translate addresses */ 414725a418SEugenio Pérez case VIRTIO_F_VERSION_1: 424725a418SEugenio Pérez /* SVQ trust that the guest vring is little endian */ 434725a418SEugenio Pérez if (!(svq_features & BIT_ULL(b))) { 444725a418SEugenio Pérez svq_features |= BIT_ULL(b); 454725a418SEugenio Pérez ok = false; 464725a418SEugenio Pérez } 474725a418SEugenio Pérez continue; 484725a418SEugenio Pérez 494725a418SEugenio Pérez default: 504725a418SEugenio Pérez if (svq_features & BIT_ULL(b)) { 514725a418SEugenio Pérez svq_features &= ~BIT_ULL(b); 524725a418SEugenio Pérez ok = false; 534725a418SEugenio Pérez } 544725a418SEugenio Pérez } 554725a418SEugenio Pérez } 564725a418SEugenio Pérez 574725a418SEugenio Pérez if (!ok) { 584725a418SEugenio Pérez error_setg(errp, "SVQ Invalid device feature flags, offer: 0x%"PRIx64 594725a418SEugenio Pérez ", ok: 0x%"PRIx64, features, svq_features); 604725a418SEugenio Pérez } 614725a418SEugenio Pérez return ok; 624725a418SEugenio Pérez } 634725a418SEugenio Pérez 644725a418SEugenio Pérez /** 65100890f7SEugenio Pérez * Number of descriptors that the SVQ can make available from the guest. 66dff4426fSEugenio Pérez * 67100890f7SEugenio Pérez * @svq: The svq 68dff4426fSEugenio Pérez */ 6999d6a324SHawkins Jiawei uint16_t vhost_svq_available_slots(const VhostShadowVirtqueue *svq) 70dff4426fSEugenio Pérez { 715d410557SHawkins Jiawei return svq->num_free; 72100890f7SEugenio Pérez } 73100890f7SEugenio Pérez 7434e3c94eSEugenio Pérez /** 7534e3c94eSEugenio Pérez * Translate addresses between the qemu's virtual address and the SVQ IOVA 7634e3c94eSEugenio Pérez * 7734e3c94eSEugenio Pérez * @svq: Shadow VirtQueue 7834e3c94eSEugenio Pérez * @vaddr: Translated IOVA addresses 7934e3c94eSEugenio Pérez * @iovec: Source qemu's VA addresses 8034e3c94eSEugenio Pérez * @num: Length of iovec and minimum length of vaddr 81*05063f55SJonah Palmer * @gpas: Descriptors' GPAs, if backed by guest memory 8234e3c94eSEugenio Pérez */ 8334e3c94eSEugenio Pérez static bool vhost_svq_translate_addr(const VhostShadowVirtqueue *svq, 8434e3c94eSEugenio Pérez hwaddr *addrs, const struct iovec *iovec, 85*05063f55SJonah Palmer size_t num, const hwaddr *gpas) 8634e3c94eSEugenio Pérez { 8734e3c94eSEugenio Pérez if (num == 0) { 8834e3c94eSEugenio Pérez return true; 8934e3c94eSEugenio Pérez } 9034e3c94eSEugenio Pérez 9134e3c94eSEugenio Pérez for (size_t i = 0; i < num; ++i) { 92*05063f55SJonah Palmer Int128 needle_last, map_last; 93*05063f55SJonah Palmer size_t off; 94*05063f55SJonah Palmer const DMAMap *map; 95*05063f55SJonah Palmer DMAMap needle; 96*05063f55SJonah Palmer 97*05063f55SJonah Palmer /* Check if the descriptor is backed by guest memory */ 98*05063f55SJonah Palmer if (gpas) { 99*05063f55SJonah Palmer /* Search the GPA->IOVA tree */ 100*05063f55SJonah Palmer needle = (DMAMap) { 101*05063f55SJonah Palmer .translated_addr = gpas[i], 102*05063f55SJonah Palmer .size = iovec[i].iov_len, 103*05063f55SJonah Palmer }; 104*05063f55SJonah Palmer map = vhost_iova_tree_find_gpa(svq->iova_tree, &needle); 105*05063f55SJonah Palmer } else { 106*05063f55SJonah Palmer /* Search the IOVA->HVA tree */ 107*05063f55SJonah Palmer needle = (DMAMap) { 10834e3c94eSEugenio Pérez .translated_addr = (hwaddr)(uintptr_t)iovec[i].iov_base, 10934e3c94eSEugenio Pérez .size = iovec[i].iov_len, 11034e3c94eSEugenio Pérez }; 111*05063f55SJonah Palmer map = vhost_iova_tree_find_iova(svq->iova_tree, &needle); 112*05063f55SJonah Palmer } 11334e3c94eSEugenio Pérez 11434e3c94eSEugenio Pérez /* 11534e3c94eSEugenio Pérez * Map cannot be NULL since iova map contains all guest space and 11634e3c94eSEugenio Pérez * qemu already has a physical address mapped 11734e3c94eSEugenio Pérez */ 11834e3c94eSEugenio Pérez if (unlikely(!map)) { 11934e3c94eSEugenio Pérez qemu_log_mask(LOG_GUEST_ERROR, 12034e3c94eSEugenio Pérez "Invalid address 0x%"HWADDR_PRIx" given by guest", 12134e3c94eSEugenio Pérez needle.translated_addr); 12234e3c94eSEugenio Pérez return false; 12334e3c94eSEugenio Pérez } 12434e3c94eSEugenio Pérez 12534e3c94eSEugenio Pérez off = needle.translated_addr - map->translated_addr; 12634e3c94eSEugenio Pérez addrs[i] = map->iova + off; 12734e3c94eSEugenio Pérez 12834e3c94eSEugenio Pérez needle_last = int128_add(int128_make64(needle.translated_addr), 129b77a5f22SHawkins Jiawei int128_makes64(iovec[i].iov_len - 1)); 13034e3c94eSEugenio Pérez map_last = int128_make64(map->translated_addr + map->size); 13134e3c94eSEugenio Pérez if (unlikely(int128_gt(needle_last, map_last))) { 13234e3c94eSEugenio Pérez qemu_log_mask(LOG_GUEST_ERROR, 13334e3c94eSEugenio Pérez "Guest buffer expands over iova range"); 13434e3c94eSEugenio Pérez return false; 13534e3c94eSEugenio Pérez } 13634e3c94eSEugenio Pérez } 13734e3c94eSEugenio Pérez 13834e3c94eSEugenio Pérez return true; 13934e3c94eSEugenio Pérez } 14034e3c94eSEugenio Pérez 141009c2549SEugenio Pérez /** 142009c2549SEugenio Pérez * Write descriptors to SVQ vring 143009c2549SEugenio Pérez * 144009c2549SEugenio Pérez * @svq: The shadow virtqueue 145009c2549SEugenio Pérez * @sg: Cache for hwaddr 146009c2549SEugenio Pérez * @iovec: The iovec from the guest 147009c2549SEugenio Pérez * @num: iovec length 148*05063f55SJonah Palmer * @addr: Descriptors' GPAs, if backed by guest memory 149009c2549SEugenio Pérez * @more_descs: True if more descriptors come in the chain 150009c2549SEugenio Pérez * @write: True if they are writeable descriptors 151009c2549SEugenio Pérez * 152009c2549SEugenio Pérez * Return true if success, false otherwise and print error. 153009c2549SEugenio Pérez */ 154009c2549SEugenio Pérez static bool vhost_svq_vring_write_descs(VhostShadowVirtqueue *svq, hwaddr *sg, 155100890f7SEugenio Pérez const struct iovec *iovec, size_t num, 156*05063f55SJonah Palmer const hwaddr *addr, bool more_descs, 157*05063f55SJonah Palmer bool write) 158100890f7SEugenio Pérez { 159100890f7SEugenio Pérez uint16_t i = svq->free_head, last = svq->free_head; 160100890f7SEugenio Pérez unsigned n; 161100890f7SEugenio Pérez uint16_t flags = write ? cpu_to_le16(VRING_DESC_F_WRITE) : 0; 162100890f7SEugenio Pérez vring_desc_t *descs = svq->vring.desc; 163009c2549SEugenio Pérez bool ok; 164100890f7SEugenio Pérez 165100890f7SEugenio Pérez if (num == 0) { 166009c2549SEugenio Pérez return true; 167009c2549SEugenio Pérez } 168009c2549SEugenio Pérez 169*05063f55SJonah Palmer ok = vhost_svq_translate_addr(svq, sg, iovec, num, addr); 170009c2549SEugenio Pérez if (unlikely(!ok)) { 171009c2549SEugenio Pérez return false; 172100890f7SEugenio Pérez } 173100890f7SEugenio Pérez 174100890f7SEugenio Pérez for (n = 0; n < num; n++) { 175100890f7SEugenio Pérez if (more_descs || (n + 1 < num)) { 176100890f7SEugenio Pérez descs[i].flags = flags | cpu_to_le16(VRING_DESC_F_NEXT); 177495fe3a7SEugenio Pérez descs[i].next = cpu_to_le16(svq->desc_next[i]); 178100890f7SEugenio Pérez } else { 179100890f7SEugenio Pérez descs[i].flags = flags; 180100890f7SEugenio Pérez } 18134e3c94eSEugenio Pérez descs[i].addr = cpu_to_le64(sg[n]); 182100890f7SEugenio Pérez descs[i].len = cpu_to_le32(iovec[n].iov_len); 183100890f7SEugenio Pérez 184100890f7SEugenio Pérez last = i; 185495fe3a7SEugenio Pérez i = cpu_to_le16(svq->desc_next[i]); 186100890f7SEugenio Pérez } 187100890f7SEugenio Pérez 188495fe3a7SEugenio Pérez svq->free_head = le16_to_cpu(svq->desc_next[last]); 189009c2549SEugenio Pérez return true; 190100890f7SEugenio Pérez } 191100890f7SEugenio Pérez 192100890f7SEugenio Pérez static bool vhost_svq_add_split(VhostShadowVirtqueue *svq, 1931f46ae65SEugenio Pérez const struct iovec *out_sg, size_t out_num, 194*05063f55SJonah Palmer const hwaddr *out_addr, 1951f46ae65SEugenio Pérez const struct iovec *in_sg, size_t in_num, 196*05063f55SJonah Palmer const hwaddr *in_addr, unsigned *head) 197100890f7SEugenio Pérez { 198100890f7SEugenio Pérez unsigned avail_idx; 199100890f7SEugenio Pérez vring_avail_t *avail = svq->vring.avail; 20034e3c94eSEugenio Pérez bool ok; 2011f46ae65SEugenio Pérez g_autofree hwaddr *sgs = g_new(hwaddr, MAX(out_num, in_num)); 202100890f7SEugenio Pérez 203100890f7SEugenio Pérez *head = svq->free_head; 204100890f7SEugenio Pérez 205100890f7SEugenio Pérez /* We need some descriptors here */ 2061f46ae65SEugenio Pérez if (unlikely(!out_num && !in_num)) { 207100890f7SEugenio Pérez qemu_log_mask(LOG_GUEST_ERROR, 208100890f7SEugenio Pérez "Guest provided element with no descriptors"); 209100890f7SEugenio Pérez return false; 210100890f7SEugenio Pérez } 211100890f7SEugenio Pérez 212*05063f55SJonah Palmer ok = vhost_svq_vring_write_descs(svq, sgs, out_sg, out_num, out_addr, 213*05063f55SJonah Palmer in_num > 0, false); 21434e3c94eSEugenio Pérez if (unlikely(!ok)) { 21534e3c94eSEugenio Pérez return false; 21634e3c94eSEugenio Pérez } 21734e3c94eSEugenio Pérez 218*05063f55SJonah Palmer ok = vhost_svq_vring_write_descs(svq, sgs, in_sg, in_num, in_addr, false, 219*05063f55SJonah Palmer true); 220009c2549SEugenio Pérez if (unlikely(!ok)) { 221009c2549SEugenio Pérez return false; 222009c2549SEugenio Pérez } 223100890f7SEugenio Pérez 224100890f7SEugenio Pérez /* 225100890f7SEugenio Pérez * Put the entry in the available array (but don't update avail->idx until 226100890f7SEugenio Pérez * they do sync). 227100890f7SEugenio Pérez */ 228100890f7SEugenio Pérez avail_idx = svq->shadow_avail_idx & (svq->vring.num - 1); 229100890f7SEugenio Pérez avail->ring[avail_idx] = cpu_to_le16(*head); 230100890f7SEugenio Pérez svq->shadow_avail_idx++; 231100890f7SEugenio Pérez 232100890f7SEugenio Pérez /* Update the avail index after write the descriptor */ 233100890f7SEugenio Pérez smp_wmb(); 234100890f7SEugenio Pérez avail->idx = cpu_to_le16(svq->shadow_avail_idx); 235100890f7SEugenio Pérez 236100890f7SEugenio Pérez return true; 237100890f7SEugenio Pérez } 238100890f7SEugenio Pérez 239d93a2405SEugenio Pérez static void vhost_svq_kick(VhostShadowVirtqueue *svq) 240d93a2405SEugenio Pérez { 24122a6840fSEugenio Pérez bool needs_kick; 24222a6840fSEugenio Pérez 243d93a2405SEugenio Pérez /* 244d93a2405SEugenio Pérez * We need to expose the available array entries before checking the used 245d93a2405SEugenio Pérez * flags 246d93a2405SEugenio Pérez */ 247d93a2405SEugenio Pérez smp_mb(); 24822a6840fSEugenio Pérez 24922a6840fSEugenio Pérez if (virtio_vdev_has_feature(svq->vdev, VIRTIO_RING_F_EVENT_IDX)) { 25022a6840fSEugenio Pérez uint16_t avail_event = *(uint16_t *)(&svq->vring.used->ring[svq->vring.num]); 25122a6840fSEugenio Pérez needs_kick = vring_need_event(avail_event, svq->shadow_avail_idx, svq->shadow_avail_idx - 1); 25222a6840fSEugenio Pérez } else { 25322a6840fSEugenio Pérez needs_kick = !(svq->vring.used->flags & VRING_USED_F_NO_NOTIFY); 25422a6840fSEugenio Pérez } 25522a6840fSEugenio Pérez 25622a6840fSEugenio Pérez if (!needs_kick) { 257d93a2405SEugenio Pérez return; 258d93a2405SEugenio Pérez } 259d93a2405SEugenio Pérez 260d93a2405SEugenio Pérez event_notifier_set(&svq->hdev_kick); 261d93a2405SEugenio Pérez } 262d93a2405SEugenio Pérez 2635181db13SEugenio Pérez /** 2645181db13SEugenio Pérez * Add an element to a SVQ. 2655181db13SEugenio Pérez * 266f20b70ebSEugenio Pérez * Return -EINVAL if element is invalid, -ENOSPC if dev queue is full 2675181db13SEugenio Pérez */ 268d0291f3fSEugenio Pérez int vhost_svq_add(VhostShadowVirtqueue *svq, const struct iovec *out_sg, 269*05063f55SJonah Palmer size_t out_num, const hwaddr *out_addr, 270*05063f55SJonah Palmer const struct iovec *in_sg, size_t in_num, 271*05063f55SJonah Palmer const hwaddr *in_addr, VirtQueueElement *elem) 272100890f7SEugenio Pérez { 273100890f7SEugenio Pérez unsigned qemu_head; 2741f46ae65SEugenio Pérez unsigned ndescs = in_num + out_num; 275f20b70ebSEugenio Pérez bool ok; 276f20b70ebSEugenio Pérez 277f20b70ebSEugenio Pérez if (unlikely(ndescs > vhost_svq_available_slots(svq))) { 278f20b70ebSEugenio Pérez return -ENOSPC; 279f20b70ebSEugenio Pérez } 280f20b70ebSEugenio Pérez 281*05063f55SJonah Palmer ok = vhost_svq_add_split(svq, out_sg, out_num, out_addr, in_sg, in_num, 282*05063f55SJonah Palmer in_addr, &qemu_head); 283100890f7SEugenio Pérez if (unlikely(!ok)) { 284f20b70ebSEugenio Pérez return -EINVAL; 285100890f7SEugenio Pérez } 286100890f7SEugenio Pérez 2875d410557SHawkins Jiawei svq->num_free -= ndescs; 2889e87868fSEugenio Pérez svq->desc_state[qemu_head].elem = elem; 289ac4cfdc6SEugenio Pérez svq->desc_state[qemu_head].ndescs = ndescs; 29098b5adefSEugenio Pérez vhost_svq_kick(svq); 291f20b70ebSEugenio Pérez return 0; 292100890f7SEugenio Pérez } 293100890f7SEugenio Pérez 2941f46ae65SEugenio Pérez /* Convenience wrapper to add a guest's element to SVQ */ 2951f46ae65SEugenio Pérez static int vhost_svq_add_element(VhostShadowVirtqueue *svq, 2961f46ae65SEugenio Pérez VirtQueueElement *elem) 2971f46ae65SEugenio Pérez { 298*05063f55SJonah Palmer return vhost_svq_add(svq, elem->out_sg, elem->out_num, elem->out_addr, 299*05063f55SJonah Palmer elem->in_sg, elem->in_num, elem->in_addr, elem); 3001f46ae65SEugenio Pérez } 3011f46ae65SEugenio Pérez 302dff4426fSEugenio Pérez /** 303100890f7SEugenio Pérez * Forward available buffers. 304100890f7SEugenio Pérez * 305100890f7SEugenio Pérez * @svq: Shadow VirtQueue 306100890f7SEugenio Pérez * 307100890f7SEugenio Pérez * Note that this function does not guarantee that all guest's available 308100890f7SEugenio Pérez * buffers are available to the device in SVQ avail ring. The guest may have 309100890f7SEugenio Pérez * exposed a GPA / GIOVA contiguous buffer, but it may not be contiguous in 310100890f7SEugenio Pérez * qemu vaddr. 311100890f7SEugenio Pérez * 312100890f7SEugenio Pérez * If that happens, guest's kick notifications will be disabled until the 313100890f7SEugenio Pérez * device uses some buffers. 314100890f7SEugenio Pérez */ 315100890f7SEugenio Pérez static void vhost_handle_guest_kick(VhostShadowVirtqueue *svq) 316100890f7SEugenio Pérez { 317100890f7SEugenio Pérez /* Clear event notifier */ 318100890f7SEugenio Pérez event_notifier_test_and_clear(&svq->svq_kick); 319100890f7SEugenio Pérez 320100890f7SEugenio Pérez /* Forward to the device as many available buffers as possible */ 321100890f7SEugenio Pérez do { 322100890f7SEugenio Pérez virtio_queue_set_notification(svq->vq, false); 323100890f7SEugenio Pérez 324100890f7SEugenio Pérez while (true) { 325ad9f958dSBernhard Beschow g_autofree VirtQueueElement *elem = NULL; 326f20b70ebSEugenio Pérez int r; 327100890f7SEugenio Pérez 328100890f7SEugenio Pérez if (svq->next_guest_avail_elem) { 329100890f7SEugenio Pérez elem = g_steal_pointer(&svq->next_guest_avail_elem); 330100890f7SEugenio Pérez } else { 331100890f7SEugenio Pérez elem = virtqueue_pop(svq->vq, sizeof(*elem)); 332100890f7SEugenio Pérez } 333100890f7SEugenio Pérez 334100890f7SEugenio Pérez if (!elem) { 335100890f7SEugenio Pérez break; 336100890f7SEugenio Pérez } 337100890f7SEugenio Pérez 338e966c0b7SEugenio Pérez if (svq->ops) { 339e966c0b7SEugenio Pérez r = svq->ops->avail_handler(svq, elem, svq->ops_opaque); 340e966c0b7SEugenio Pérez } else { 3411f46ae65SEugenio Pérez r = vhost_svq_add_element(svq, elem); 342e966c0b7SEugenio Pérez } 343f20b70ebSEugenio Pérez if (unlikely(r != 0)) { 344f20b70ebSEugenio Pérez if (r == -ENOSPC) { 345100890f7SEugenio Pérez /* 346f20b70ebSEugenio Pérez * This condition is possible since a contiguous buffer in 347f20b70ebSEugenio Pérez * GPA does not imply a contiguous buffer in qemu's VA 348f20b70ebSEugenio Pérez * scatter-gather segments. If that happens, the buffer 349f20b70ebSEugenio Pérez * exposed to the device needs to be a chain of descriptors 350f20b70ebSEugenio Pérez * at this moment. 351100890f7SEugenio Pérez * 352100890f7SEugenio Pérez * SVQ cannot hold more available buffers if we are here: 353f20b70ebSEugenio Pérez * queue the current guest descriptor and ignore kicks 354100890f7SEugenio Pérez * until some elements are used. 355100890f7SEugenio Pérez */ 3569c2ab2f1SEugenio Pérez svq->next_guest_avail_elem = g_steal_pointer(&elem); 357100890f7SEugenio Pérez } 358100890f7SEugenio Pérez 359f20b70ebSEugenio Pérez /* VQ is full or broken, just return and ignore kicks */ 360100890f7SEugenio Pérez return; 361100890f7SEugenio Pérez } 3629c2ab2f1SEugenio Pérez /* elem belongs to SVQ or external caller now */ 3639c2ab2f1SEugenio Pérez elem = NULL; 364100890f7SEugenio Pérez } 365100890f7SEugenio Pérez 366100890f7SEugenio Pérez virtio_queue_set_notification(svq->vq, true); 367100890f7SEugenio Pérez } while (!virtio_queue_empty(svq->vq)); 368100890f7SEugenio Pérez } 369100890f7SEugenio Pérez 370100890f7SEugenio Pérez /** 371100890f7SEugenio Pérez * Handle guest's kick. 372100890f7SEugenio Pérez * 373100890f7SEugenio Pérez * @n: guest kick event notifier, the one that guest set to notify svq. 374100890f7SEugenio Pérez */ 375100890f7SEugenio Pérez static void vhost_handle_guest_kick_notifier(EventNotifier *n) 376100890f7SEugenio Pérez { 377100890f7SEugenio Pérez VhostShadowVirtqueue *svq = container_of(n, VhostShadowVirtqueue, svq_kick); 378100890f7SEugenio Pérez event_notifier_test_and_clear(n); 379100890f7SEugenio Pérez vhost_handle_guest_kick(svq); 380100890f7SEugenio Pérez } 381100890f7SEugenio Pérez 382100890f7SEugenio Pérez static bool vhost_svq_more_used(VhostShadowVirtqueue *svq) 383100890f7SEugenio Pérez { 384c381abc3SEugenio Pérez uint16_t *used_idx = &svq->vring.used->idx; 385100890f7SEugenio Pérez if (svq->last_used_idx != svq->shadow_used_idx) { 386100890f7SEugenio Pérez return true; 387100890f7SEugenio Pérez } 388100890f7SEugenio Pérez 389c381abc3SEugenio Pérez svq->shadow_used_idx = cpu_to_le16(*(volatile uint16_t *)used_idx); 390100890f7SEugenio Pérez 391100890f7SEugenio Pérez return svq->last_used_idx != svq->shadow_used_idx; 392100890f7SEugenio Pérez } 393100890f7SEugenio Pérez 394100890f7SEugenio Pérez /** 395100890f7SEugenio Pérez * Enable vhost device calls after disable them. 396100890f7SEugenio Pérez * 397100890f7SEugenio Pérez * @svq: The svq 398100890f7SEugenio Pérez * 399100890f7SEugenio Pérez * It returns false if there are pending used buffers from the vhost device, 400100890f7SEugenio Pérez * avoiding the possible races between SVQ checking for more work and enabling 401100890f7SEugenio Pérez * callbacks. True if SVQ used vring has no more pending buffers. 402100890f7SEugenio Pérez */ 403100890f7SEugenio Pérez static bool vhost_svq_enable_notification(VhostShadowVirtqueue *svq) 404100890f7SEugenio Pérez { 40501f8beacSEugenio Pérez if (virtio_vdev_has_feature(svq->vdev, VIRTIO_RING_F_EVENT_IDX)) { 40601f8beacSEugenio Pérez uint16_t *used_event = (uint16_t *)&svq->vring.avail->ring[svq->vring.num]; 40701f8beacSEugenio Pérez *used_event = svq->shadow_used_idx; 40801f8beacSEugenio Pérez } else { 409100890f7SEugenio Pérez svq->vring.avail->flags &= ~cpu_to_le16(VRING_AVAIL_F_NO_INTERRUPT); 41001f8beacSEugenio Pérez } 41101f8beacSEugenio Pérez 41201f8beacSEugenio Pérez /* Make sure the event is enabled before the read of used_idx */ 413100890f7SEugenio Pérez smp_mb(); 414100890f7SEugenio Pérez return !vhost_svq_more_used(svq); 415100890f7SEugenio Pérez } 416100890f7SEugenio Pérez 417100890f7SEugenio Pérez static void vhost_svq_disable_notification(VhostShadowVirtqueue *svq) 418100890f7SEugenio Pérez { 41901f8beacSEugenio Pérez /* 42001f8beacSEugenio Pérez * No need to disable notification in the event idx case, since used event 42101f8beacSEugenio Pérez * index is already an index too far away. 42201f8beacSEugenio Pérez */ 42301f8beacSEugenio Pérez if (!virtio_vdev_has_feature(svq->vdev, VIRTIO_RING_F_EVENT_IDX)) { 424100890f7SEugenio Pérez svq->vring.avail->flags |= cpu_to_le16(VRING_AVAIL_F_NO_INTERRUPT); 425100890f7SEugenio Pérez } 42601f8beacSEugenio Pérez } 427100890f7SEugenio Pérez 42881abfa57SEugenio Pérez static uint16_t vhost_svq_last_desc_of_chain(const VhostShadowVirtqueue *svq, 42981abfa57SEugenio Pérez uint16_t num, uint16_t i) 43081abfa57SEugenio Pérez { 43181abfa57SEugenio Pérez for (uint16_t j = 0; j < (num - 1); ++j) { 43281abfa57SEugenio Pérez i = le16_to_cpu(svq->desc_next[i]); 43381abfa57SEugenio Pérez } 43481abfa57SEugenio Pérez 43581abfa57SEugenio Pérez return i; 43681abfa57SEugenio Pérez } 43781abfa57SEugenio Pérez 43895eaaa76SMarc-André Lureau G_GNUC_WARN_UNUSED_RESULT 439100890f7SEugenio Pérez static VirtQueueElement *vhost_svq_get_buf(VhostShadowVirtqueue *svq, 440100890f7SEugenio Pérez uint32_t *len) 441100890f7SEugenio Pérez { 442100890f7SEugenio Pérez const vring_used_t *used = svq->vring.used; 443100890f7SEugenio Pérez vring_used_elem_t used_elem; 44481abfa57SEugenio Pérez uint16_t last_used, last_used_chain, num; 445100890f7SEugenio Pérez 446100890f7SEugenio Pérez if (!vhost_svq_more_used(svq)) { 447100890f7SEugenio Pérez return NULL; 448100890f7SEugenio Pérez } 449100890f7SEugenio Pérez 450100890f7SEugenio Pérez /* Only get used array entries after they have been exposed by dev */ 451100890f7SEugenio Pérez smp_rmb(); 452100890f7SEugenio Pérez last_used = svq->last_used_idx & (svq->vring.num - 1); 453100890f7SEugenio Pérez used_elem.id = le32_to_cpu(used->ring[last_used].id); 454100890f7SEugenio Pérez used_elem.len = le32_to_cpu(used->ring[last_used].len); 455100890f7SEugenio Pérez 456100890f7SEugenio Pérez svq->last_used_idx++; 457100890f7SEugenio Pérez if (unlikely(used_elem.id >= svq->vring.num)) { 458100890f7SEugenio Pérez qemu_log_mask(LOG_GUEST_ERROR, "Device %s says index %u is used", 459100890f7SEugenio Pérez svq->vdev->name, used_elem.id); 460100890f7SEugenio Pérez return NULL; 461100890f7SEugenio Pérez } 462100890f7SEugenio Pérez 46386f5f254SEugenio Pérez if (unlikely(!svq->desc_state[used_elem.id].ndescs)) { 464100890f7SEugenio Pérez qemu_log_mask(LOG_GUEST_ERROR, 465100890f7SEugenio Pérez "Device %s says index %u is used, but it was not available", 466100890f7SEugenio Pérez svq->vdev->name, used_elem.id); 467100890f7SEugenio Pérez return NULL; 468100890f7SEugenio Pérez } 469100890f7SEugenio Pérez 470ac4cfdc6SEugenio Pérez num = svq->desc_state[used_elem.id].ndescs; 47186f5f254SEugenio Pérez svq->desc_state[used_elem.id].ndescs = 0; 47281abfa57SEugenio Pérez last_used_chain = vhost_svq_last_desc_of_chain(svq, num, used_elem.id); 47381abfa57SEugenio Pérez svq->desc_next[last_used_chain] = svq->free_head; 474100890f7SEugenio Pérez svq->free_head = used_elem.id; 4755d410557SHawkins Jiawei svq->num_free += num; 476100890f7SEugenio Pérez 477100890f7SEugenio Pérez *len = used_elem.len; 4789e87868fSEugenio Pérez return g_steal_pointer(&svq->desc_state[used_elem.id].elem); 479100890f7SEugenio Pérez } 480100890f7SEugenio Pérez 481432efd14SEugenio Pérez /** 482432efd14SEugenio Pérez * Push an element to SVQ, returning it to the guest. 483432efd14SEugenio Pérez */ 484432efd14SEugenio Pérez void vhost_svq_push_elem(VhostShadowVirtqueue *svq, 485432efd14SEugenio Pérez const VirtQueueElement *elem, uint32_t len) 486432efd14SEugenio Pérez { 487432efd14SEugenio Pérez virtqueue_push(svq->vq, elem, len); 488432efd14SEugenio Pérez if (svq->next_guest_avail_elem) { 489432efd14SEugenio Pérez /* 490432efd14SEugenio Pérez * Avail ring was full when vhost_svq_flush was called, so it's a 491432efd14SEugenio Pérez * good moment to make more descriptors available if possible. 492432efd14SEugenio Pérez */ 493432efd14SEugenio Pérez vhost_handle_guest_kick(svq); 494432efd14SEugenio Pérez } 495432efd14SEugenio Pérez } 496432efd14SEugenio Pérez 497100890f7SEugenio Pérez static void vhost_svq_flush(VhostShadowVirtqueue *svq, 498100890f7SEugenio Pérez bool check_for_avail_queue) 499100890f7SEugenio Pérez { 500100890f7SEugenio Pérez VirtQueue *vq = svq->vq; 501100890f7SEugenio Pérez 502100890f7SEugenio Pérez /* Forward as many used buffers as possible. */ 503100890f7SEugenio Pérez do { 504100890f7SEugenio Pérez unsigned i = 0; 505100890f7SEugenio Pérez 506100890f7SEugenio Pérez vhost_svq_disable_notification(svq); 507100890f7SEugenio Pérez while (true) { 508100890f7SEugenio Pérez uint32_t len; 509100890f7SEugenio Pérez g_autofree VirtQueueElement *elem = vhost_svq_get_buf(svq, &len); 510100890f7SEugenio Pérez if (!elem) { 511100890f7SEugenio Pérez break; 512100890f7SEugenio Pérez } 513100890f7SEugenio Pérez 514100890f7SEugenio Pérez if (unlikely(i >= svq->vring.num)) { 515100890f7SEugenio Pérez qemu_log_mask(LOG_GUEST_ERROR, 516100890f7SEugenio Pérez "More than %u used buffers obtained in a %u size SVQ", 517100890f7SEugenio Pérez i, svq->vring.num); 518100890f7SEugenio Pérez virtqueue_fill(vq, elem, len, i); 519100890f7SEugenio Pérez virtqueue_flush(vq, i); 520100890f7SEugenio Pérez return; 521100890f7SEugenio Pérez } 522100890f7SEugenio Pérez virtqueue_fill(vq, elem, len, i++); 523100890f7SEugenio Pérez } 524100890f7SEugenio Pérez 525100890f7SEugenio Pérez virtqueue_flush(vq, i); 526100890f7SEugenio Pérez event_notifier_set(&svq->svq_call); 527100890f7SEugenio Pérez 528100890f7SEugenio Pérez if (check_for_avail_queue && svq->next_guest_avail_elem) { 529100890f7SEugenio Pérez /* 530100890f7SEugenio Pérez * Avail ring was full when vhost_svq_flush was called, so it's a 531100890f7SEugenio Pérez * good moment to make more descriptors available if possible. 532100890f7SEugenio Pérez */ 533100890f7SEugenio Pérez vhost_handle_guest_kick(svq); 534100890f7SEugenio Pérez } 535100890f7SEugenio Pérez } while (!vhost_svq_enable_notification(svq)); 536100890f7SEugenio Pérez } 537100890f7SEugenio Pérez 538100890f7SEugenio Pérez /** 539b0de17a2SHawkins Jiawei * Poll the SVQ to wait for the device to use the specified number 540b0de17a2SHawkins Jiawei * of elements and return the total length written by the device. 5413f44d13dSEugenio Pérez * 5423f44d13dSEugenio Pérez * This function race with main event loop SVQ polling, so extra 5433f44d13dSEugenio Pérez * synchronization is needed. 5443f44d13dSEugenio Pérez * 545b0de17a2SHawkins Jiawei * @svq: The svq 546b0de17a2SHawkins Jiawei * @num: The number of elements that need to be used 5473f44d13dSEugenio Pérez */ 548b0de17a2SHawkins Jiawei size_t vhost_svq_poll(VhostShadowVirtqueue *svq, size_t num) 5493f44d13dSEugenio Pérez { 550b0de17a2SHawkins Jiawei size_t len = 0; 551b0de17a2SHawkins Jiawei 552b0de17a2SHawkins Jiawei while (num--) { 55395eaaa76SMarc-André Lureau g_autofree VirtQueueElement *elem = NULL; 5543f44d13dSEugenio Pérez int64_t start_us = g_get_monotonic_time(); 5553073c6b9SMarc-André Lureau uint32_t r = 0; 556d368c0b0SEugenio Pérez 557d368c0b0SEugenio Pérez do { 558d368c0b0SEugenio Pérez if (vhost_svq_more_used(svq)) { 559d368c0b0SEugenio Pérez break; 5603f44d13dSEugenio Pérez } 5613f44d13dSEugenio Pérez 5623f44d13dSEugenio Pérez if (unlikely(g_get_monotonic_time() - start_us > 10e6)) { 563b0de17a2SHawkins Jiawei return len; 5643f44d13dSEugenio Pérez } 5653f44d13dSEugenio Pérez } while (true); 566d368c0b0SEugenio Pérez 56795eaaa76SMarc-André Lureau elem = vhost_svq_get_buf(svq, &r); 568b0de17a2SHawkins Jiawei len += r; 569b0de17a2SHawkins Jiawei } 570b0de17a2SHawkins Jiawei 571d368c0b0SEugenio Pérez return len; 5723f44d13dSEugenio Pérez } 5733f44d13dSEugenio Pérez 5743f44d13dSEugenio Pérez /** 575100890f7SEugenio Pérez * Forward used buffers. 576a8ac8858SEugenio Pérez * 577a8ac8858SEugenio Pérez * @n: hdev call event notifier, the one that device set to notify svq. 578100890f7SEugenio Pérez * 579100890f7SEugenio Pérez * Note that we are not making any buffers available in the loop, there is no 580100890f7SEugenio Pérez * way that it runs more than virtqueue size times. 581a8ac8858SEugenio Pérez */ 582a8ac8858SEugenio Pérez static void vhost_svq_handle_call(EventNotifier *n) 583a8ac8858SEugenio Pérez { 584a8ac8858SEugenio Pérez VhostShadowVirtqueue *svq = container_of(n, VhostShadowVirtqueue, 585a8ac8858SEugenio Pérez hdev_call); 586a8ac8858SEugenio Pérez event_notifier_test_and_clear(n); 587100890f7SEugenio Pérez vhost_svq_flush(svq, true); 588a8ac8858SEugenio Pérez } 589a8ac8858SEugenio Pérez 590a8ac8858SEugenio Pérez /** 591a8ac8858SEugenio Pérez * Set the call notifier for the SVQ to call the guest 592a8ac8858SEugenio Pérez * 593a8ac8858SEugenio Pérez * @svq: Shadow virtqueue 594a8ac8858SEugenio Pérez * @call_fd: call notifier 595a8ac8858SEugenio Pérez * 596a8ac8858SEugenio Pérez * Called on BQL context. 597a8ac8858SEugenio Pérez */ 598a8ac8858SEugenio Pérez void vhost_svq_set_svq_call_fd(VhostShadowVirtqueue *svq, int call_fd) 599a8ac8858SEugenio Pérez { 600a8ac8858SEugenio Pérez if (call_fd == VHOST_FILE_UNBIND) { 601a8ac8858SEugenio Pérez /* 602a8ac8858SEugenio Pérez * Fail event_notifier_set if called handling device call. 603a8ac8858SEugenio Pérez * 604a8ac8858SEugenio Pérez * SVQ still needs device notifications, since it needs to keep 605a8ac8858SEugenio Pérez * forwarding used buffers even with the unbind. 606a8ac8858SEugenio Pérez */ 607a8ac8858SEugenio Pérez memset(&svq->svq_call, 0, sizeof(svq->svq_call)); 608a8ac8858SEugenio Pérez } else { 609a8ac8858SEugenio Pérez event_notifier_init_fd(&svq->svq_call, call_fd); 610a8ac8858SEugenio Pérez } 611a8ac8858SEugenio Pérez } 612a8ac8858SEugenio Pérez 613a8ac8858SEugenio Pérez /** 614dafb34c9SEugenio Pérez * Get the shadow vq vring address. 615dafb34c9SEugenio Pérez * @svq: Shadow virtqueue 616dafb34c9SEugenio Pérez * @addr: Destination to store address 617dafb34c9SEugenio Pérez */ 618dafb34c9SEugenio Pérez void vhost_svq_get_vring_addr(const VhostShadowVirtqueue *svq, 619dafb34c9SEugenio Pérez struct vhost_vring_addr *addr) 620dafb34c9SEugenio Pérez { 62134e3c94eSEugenio Pérez addr->desc_user_addr = (uint64_t)(uintptr_t)svq->vring.desc; 62234e3c94eSEugenio Pérez addr->avail_user_addr = (uint64_t)(uintptr_t)svq->vring.avail; 62334e3c94eSEugenio Pérez addr->used_user_addr = (uint64_t)(uintptr_t)svq->vring.used; 624dafb34c9SEugenio Pérez } 625dafb34c9SEugenio Pérez 626dafb34c9SEugenio Pérez size_t vhost_svq_driver_area_size(const VhostShadowVirtqueue *svq) 627dafb34c9SEugenio Pérez { 628dafb34c9SEugenio Pérez size_t desc_size = sizeof(vring_desc_t) * svq->vring.num; 629f0c48e05SEugenio Pérez size_t avail_size = offsetof(vring_avail_t, ring[svq->vring.num]) + 630f0c48e05SEugenio Pérez sizeof(uint16_t); 631dafb34c9SEugenio Pérez 6328e3b0cbbSMarc-André Lureau return ROUND_UP(desc_size + avail_size, qemu_real_host_page_size()); 633dafb34c9SEugenio Pérez } 634dafb34c9SEugenio Pérez 635dafb34c9SEugenio Pérez size_t vhost_svq_device_area_size(const VhostShadowVirtqueue *svq) 636dafb34c9SEugenio Pérez { 637f0c48e05SEugenio Pérez size_t used_size = offsetof(vring_used_t, ring[svq->vring.num]) + 638f0c48e05SEugenio Pérez sizeof(uint16_t); 6398e3b0cbbSMarc-André Lureau return ROUND_UP(used_size, qemu_real_host_page_size()); 640dafb34c9SEugenio Pérez } 641dafb34c9SEugenio Pérez 642dafb34c9SEugenio Pérez /** 643dff4426fSEugenio Pérez * Set a new file descriptor for the guest to kick the SVQ and notify for avail 644dff4426fSEugenio Pérez * 645dff4426fSEugenio Pérez * @svq: The svq 646dff4426fSEugenio Pérez * @svq_kick_fd: The svq kick fd 647dff4426fSEugenio Pérez * 648dff4426fSEugenio Pérez * Note that the SVQ will never close the old file descriptor. 649dff4426fSEugenio Pérez */ 650dff4426fSEugenio Pérez void vhost_svq_set_svq_kick_fd(VhostShadowVirtqueue *svq, int svq_kick_fd) 651dff4426fSEugenio Pérez { 652dff4426fSEugenio Pérez EventNotifier *svq_kick = &svq->svq_kick; 653dff4426fSEugenio Pérez bool poll_stop = VHOST_FILE_UNBIND != event_notifier_get_fd(svq_kick); 654dff4426fSEugenio Pérez bool poll_start = svq_kick_fd != VHOST_FILE_UNBIND; 655dff4426fSEugenio Pérez 656dff4426fSEugenio Pérez if (poll_stop) { 657dff4426fSEugenio Pérez event_notifier_set_handler(svq_kick, NULL); 658dff4426fSEugenio Pérez } 659dff4426fSEugenio Pérez 6608b64e486SEugenio Pérez event_notifier_init_fd(svq_kick, svq_kick_fd); 661dff4426fSEugenio Pérez /* 662dff4426fSEugenio Pérez * event_notifier_set_handler already checks for guest's notifications if 663dff4426fSEugenio Pérez * they arrive at the new file descriptor in the switch, so there is no 664dff4426fSEugenio Pérez * need to explicitly check for them. 665dff4426fSEugenio Pérez */ 666dff4426fSEugenio Pérez if (poll_start) { 667dff4426fSEugenio Pérez event_notifier_set(svq_kick); 668100890f7SEugenio Pérez event_notifier_set_handler(svq_kick, vhost_handle_guest_kick_notifier); 669100890f7SEugenio Pérez } 670100890f7SEugenio Pérez } 671100890f7SEugenio Pérez 672100890f7SEugenio Pérez /** 673100890f7SEugenio Pérez * Start the shadow virtqueue operation. 674100890f7SEugenio Pérez * 675100890f7SEugenio Pérez * @svq: Shadow Virtqueue 676100890f7SEugenio Pérez * @vdev: VirtIO device 677100890f7SEugenio Pérez * @vq: Virtqueue to shadow 6785fde952bSEugenio Pérez * @iova_tree: Tree to perform descriptors translations 679100890f7SEugenio Pérez */ 680100890f7SEugenio Pérez void vhost_svq_start(VhostShadowVirtqueue *svq, VirtIODevice *vdev, 6815fde952bSEugenio Pérez VirtQueue *vq, VhostIOVATree *iova_tree) 682100890f7SEugenio Pérez { 683babf8b87SEugenio Pérez size_t desc_size; 684100890f7SEugenio Pérez 68520e7412bSEugenio Pérez event_notifier_set_handler(&svq->hdev_call, vhost_svq_handle_call); 686100890f7SEugenio Pérez svq->next_guest_avail_elem = NULL; 687100890f7SEugenio Pérez svq->shadow_avail_idx = 0; 688100890f7SEugenio Pérez svq->shadow_used_idx = 0; 689100890f7SEugenio Pérez svq->last_used_idx = 0; 690100890f7SEugenio Pérez svq->vdev = vdev; 691100890f7SEugenio Pérez svq->vq = vq; 6925fde952bSEugenio Pérez svq->iova_tree = iova_tree; 693100890f7SEugenio Pérez 694100890f7SEugenio Pérez svq->vring.num = virtio_queue_get_num(vdev, virtio_get_queue_index(vq)); 6955d410557SHawkins Jiawei svq->num_free = svq->vring.num; 696babf8b87SEugenio Pérez svq->vring.desc = mmap(NULL, vhost_svq_driver_area_size(svq), 697babf8b87SEugenio Pérez PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, 698babf8b87SEugenio Pérez -1, 0); 699100890f7SEugenio Pérez desc_size = sizeof(vring_desc_t) * svq->vring.num; 700100890f7SEugenio Pérez svq->vring.avail = (void *)((char *)svq->vring.desc + desc_size); 701babf8b87SEugenio Pérez svq->vring.used = mmap(NULL, vhost_svq_device_area_size(svq), 702babf8b87SEugenio Pérez PROT_READ | PROT_WRITE, MAP_SHARED | MAP_ANONYMOUS, 703babf8b87SEugenio Pérez -1, 0); 7049e87868fSEugenio Pérez svq->desc_state = g_new0(SVQDescState, svq->vring.num); 705495fe3a7SEugenio Pérez svq->desc_next = g_new0(uint16_t, svq->vring.num); 706100890f7SEugenio Pérez for (unsigned i = 0; i < svq->vring.num - 1; i++) { 707495fe3a7SEugenio Pérez svq->desc_next[i] = cpu_to_le16(i + 1); 708dff4426fSEugenio Pérez } 709dff4426fSEugenio Pérez } 710dff4426fSEugenio Pérez 711dff4426fSEugenio Pérez /** 712dff4426fSEugenio Pérez * Stop the shadow virtqueue operation. 713dff4426fSEugenio Pérez * @svq: Shadow Virtqueue 714dff4426fSEugenio Pérez */ 715dff4426fSEugenio Pérez void vhost_svq_stop(VhostShadowVirtqueue *svq) 716dff4426fSEugenio Pérez { 7178b64e486SEugenio Pérez vhost_svq_set_svq_kick_fd(svq, VHOST_FILE_UNBIND); 718100890f7SEugenio Pérez g_autofree VirtQueueElement *next_avail_elem = NULL; 719100890f7SEugenio Pérez 720100890f7SEugenio Pérez if (!svq->vq) { 721100890f7SEugenio Pérez return; 722100890f7SEugenio Pérez } 723100890f7SEugenio Pérez 724100890f7SEugenio Pérez /* Send all pending used descriptors to guest */ 725100890f7SEugenio Pérez vhost_svq_flush(svq, false); 726100890f7SEugenio Pérez 727100890f7SEugenio Pérez for (unsigned i = 0; i < svq->vring.num; ++i) { 728100890f7SEugenio Pérez g_autofree VirtQueueElement *elem = NULL; 7299e87868fSEugenio Pérez elem = g_steal_pointer(&svq->desc_state[i].elem); 730100890f7SEugenio Pérez if (elem) { 7314241e8bdSEugenio Pérez /* 7324241e8bdSEugenio Pérez * TODO: This is ok for networking, but other kinds of devices 7334241e8bdSEugenio Pérez * might have problems with just unpop these. 7344241e8bdSEugenio Pérez */ 7354241e8bdSEugenio Pérez virtqueue_unpop(svq->vq, elem, 0); 736100890f7SEugenio Pérez } 737100890f7SEugenio Pérez } 738100890f7SEugenio Pérez 739100890f7SEugenio Pérez next_avail_elem = g_steal_pointer(&svq->next_guest_avail_elem); 740100890f7SEugenio Pérez if (next_avail_elem) { 7414241e8bdSEugenio Pérez virtqueue_unpop(svq->vq, next_avail_elem, 0); 742100890f7SEugenio Pérez } 743100890f7SEugenio Pérez svq->vq = NULL; 744495fe3a7SEugenio Pérez g_free(svq->desc_next); 7459e87868fSEugenio Pérez g_free(svq->desc_state); 746babf8b87SEugenio Pérez munmap(svq->vring.desc, vhost_svq_driver_area_size(svq)); 747babf8b87SEugenio Pérez munmap(svq->vring.used, vhost_svq_device_area_size(svq)); 74820e7412bSEugenio Pérez event_notifier_set_handler(&svq->hdev_call, NULL); 749dff4426fSEugenio Pérez } 75010857ec0SEugenio Pérez 75110857ec0SEugenio Pérez /** 75210857ec0SEugenio Pérez * Creates vhost shadow virtqueue, and instructs the vhost device to use the 75310857ec0SEugenio Pérez * shadow methods and file descriptors. 75410857ec0SEugenio Pérez * 755e966c0b7SEugenio Pérez * @ops: SVQ owner callbacks 756e966c0b7SEugenio Pérez * @ops_opaque: ops opaque pointer 75710857ec0SEugenio Pérez */ 7585fde952bSEugenio Pérez VhostShadowVirtqueue *vhost_svq_new(const VhostShadowVirtqueueOps *ops, 759e966c0b7SEugenio Pérez void *ops_opaque) 76010857ec0SEugenio Pérez { 7613cfb4d06SEugenio Pérez VhostShadowVirtqueue *svq = g_new0(VhostShadowVirtqueue, 1); 76210857ec0SEugenio Pérez 763dff4426fSEugenio Pérez event_notifier_init_fd(&svq->svq_kick, VHOST_FILE_UNBIND); 764e966c0b7SEugenio Pérez svq->ops = ops; 765e966c0b7SEugenio Pérez svq->ops_opaque = ops_opaque; 7663cfb4d06SEugenio Pérez return svq; 76710857ec0SEugenio Pérez } 76810857ec0SEugenio Pérez 76910857ec0SEugenio Pérez /** 77010857ec0SEugenio Pérez * Free the resources of the shadow virtqueue. 77110857ec0SEugenio Pérez * 77210857ec0SEugenio Pérez * @pvq: gpointer to SVQ so it can be used by autofree functions. 77310857ec0SEugenio Pérez */ 77410857ec0SEugenio Pérez void vhost_svq_free(gpointer pvq) 77510857ec0SEugenio Pérez { 77610857ec0SEugenio Pérez VhostShadowVirtqueue *vq = pvq; 777dff4426fSEugenio Pérez vhost_svq_stop(vq); 77810857ec0SEugenio Pérez g_free(vq); 77910857ec0SEugenio Pérez } 780