1 /* 2 * Virtio Balloon Device 3 * 4 * Copyright IBM, Corp. 2008 5 * Copyright (C) 2011 Red Hat, Inc. 6 * Copyright (C) 2011 Amit Shah <amit.shah@redhat.com> 7 * 8 * Authors: 9 * Anthony Liguori <aliguori@us.ibm.com> 10 * 11 * This work is licensed under the terms of the GNU GPL, version 2. See 12 * the COPYING file in the top-level directory. 13 * 14 */ 15 16 #include "qemu/osdep.h" 17 #include "qemu/iov.h" 18 #include "qemu/module.h" 19 #include "qemu/timer.h" 20 #include "hw/virtio/virtio.h" 21 #include "hw/mem/pc-dimm.h" 22 #include "sysemu/balloon.h" 23 #include "hw/virtio/virtio-balloon.h" 24 #include "exec/address-spaces.h" 25 #include "qapi/error.h" 26 #include "qapi/qapi-events-misc.h" 27 #include "qapi/visitor.h" 28 #include "trace.h" 29 #include "qemu/error-report.h" 30 #include "migration/misc.h" 31 32 #include "hw/virtio/virtio-bus.h" 33 #include "hw/virtio/virtio-access.h" 34 35 #define BALLOON_PAGE_SIZE (1 << VIRTIO_BALLOON_PFN_SHIFT) 36 37 struct PartiallyBalloonedPage { 38 RAMBlock *rb; 39 ram_addr_t base; 40 unsigned long bitmap[]; 41 }; 42 43 static void balloon_inflate_page(VirtIOBalloon *balloon, 44 MemoryRegion *mr, hwaddr offset) 45 { 46 void *addr = memory_region_get_ram_ptr(mr) + offset; 47 RAMBlock *rb; 48 size_t rb_page_size; 49 int subpages; 50 ram_addr_t ram_offset, host_page_base; 51 52 /* XXX is there a better way to get to the RAMBlock than via a 53 * host address? */ 54 rb = qemu_ram_block_from_host(addr, false, &ram_offset); 55 rb_page_size = qemu_ram_pagesize(rb); 56 host_page_base = ram_offset & ~(rb_page_size - 1); 57 58 if (rb_page_size == BALLOON_PAGE_SIZE) { 59 /* Easy case */ 60 61 ram_block_discard_range(rb, ram_offset, rb_page_size); 62 /* We ignore errors from ram_block_discard_range(), because it 63 * has already reported them, and failing to discard a balloon 64 * page is not fatal */ 65 return; 66 } 67 68 /* Hard case 69 * 70 * We've put a piece of a larger host page into the balloon - we 71 * need to keep track until we have a whole host page to 72 * discard 73 */ 74 warn_report_once( 75 "Balloon used with backing page size > 4kiB, this may not be reliable"); 76 77 subpages = rb_page_size / BALLOON_PAGE_SIZE; 78 79 if (balloon->pbp 80 && (rb != balloon->pbp->rb 81 || host_page_base != balloon->pbp->base)) { 82 /* We've partially ballooned part of a host page, but now 83 * we're trying to balloon part of a different one. Too hard, 84 * give up on the old partial page */ 85 g_free(balloon->pbp); 86 balloon->pbp = NULL; 87 } 88 89 if (!balloon->pbp) { 90 /* Starting on a new host page */ 91 size_t bitlen = BITS_TO_LONGS(subpages) * sizeof(unsigned long); 92 balloon->pbp = g_malloc0(sizeof(PartiallyBalloonedPage) + bitlen); 93 balloon->pbp->rb = rb; 94 balloon->pbp->base = host_page_base; 95 } 96 97 set_bit((ram_offset - balloon->pbp->base) / BALLOON_PAGE_SIZE, 98 balloon->pbp->bitmap); 99 100 if (bitmap_full(balloon->pbp->bitmap, subpages)) { 101 /* We've accumulated a full host page, we can actually discard 102 * it now */ 103 104 ram_block_discard_range(rb, balloon->pbp->base, rb_page_size); 105 /* We ignore errors from ram_block_discard_range(), because it 106 * has already reported them, and failing to discard a balloon 107 * page is not fatal */ 108 109 g_free(balloon->pbp); 110 balloon->pbp = NULL; 111 } 112 } 113 114 static void balloon_deflate_page(VirtIOBalloon *balloon, 115 MemoryRegion *mr, hwaddr offset) 116 { 117 void *addr = memory_region_get_ram_ptr(mr) + offset; 118 RAMBlock *rb; 119 size_t rb_page_size; 120 ram_addr_t ram_offset, host_page_base; 121 void *host_addr; 122 int ret; 123 124 /* XXX is there a better way to get to the RAMBlock than via a 125 * host address? */ 126 rb = qemu_ram_block_from_host(addr, false, &ram_offset); 127 rb_page_size = qemu_ram_pagesize(rb); 128 host_page_base = ram_offset & ~(rb_page_size - 1); 129 130 if (balloon->pbp 131 && rb == balloon->pbp->rb 132 && host_page_base == balloon->pbp->base) { 133 int subpages = rb_page_size / BALLOON_PAGE_SIZE; 134 135 /* 136 * This means the guest has asked to discard some of the 4kiB 137 * subpages of a host page, but then changed its mind and 138 * asked to keep them after all. It's exceedingly unlikely 139 * for a guest to do this in practice, but handle it anyway, 140 * since getting it wrong could mean discarding memory the 141 * guest is still using. */ 142 clear_bit((ram_offset - balloon->pbp->base) / BALLOON_PAGE_SIZE, 143 balloon->pbp->bitmap); 144 145 if (bitmap_empty(balloon->pbp->bitmap, subpages)) { 146 g_free(balloon->pbp); 147 balloon->pbp = NULL; 148 } 149 } 150 151 host_addr = (void *)((uintptr_t)addr & ~(rb_page_size - 1)); 152 153 /* When a page is deflated, we hint the whole host page it lives 154 * on, since we can't do anything smaller */ 155 ret = qemu_madvise(host_addr, rb_page_size, QEMU_MADV_WILLNEED); 156 if (ret != 0) { 157 warn_report("Couldn't MADV_WILLNEED on balloon deflate: %s", 158 strerror(errno)); 159 /* Otherwise ignore, failing to page hint shouldn't be fatal */ 160 } 161 } 162 163 static const char *balloon_stat_names[] = { 164 [VIRTIO_BALLOON_S_SWAP_IN] = "stat-swap-in", 165 [VIRTIO_BALLOON_S_SWAP_OUT] = "stat-swap-out", 166 [VIRTIO_BALLOON_S_MAJFLT] = "stat-major-faults", 167 [VIRTIO_BALLOON_S_MINFLT] = "stat-minor-faults", 168 [VIRTIO_BALLOON_S_MEMFREE] = "stat-free-memory", 169 [VIRTIO_BALLOON_S_MEMTOT] = "stat-total-memory", 170 [VIRTIO_BALLOON_S_AVAIL] = "stat-available-memory", 171 [VIRTIO_BALLOON_S_CACHES] = "stat-disk-caches", 172 [VIRTIO_BALLOON_S_HTLB_PGALLOC] = "stat-htlb-pgalloc", 173 [VIRTIO_BALLOON_S_HTLB_PGFAIL] = "stat-htlb-pgfail", 174 [VIRTIO_BALLOON_S_NR] = NULL 175 }; 176 177 /* 178 * reset_stats - Mark all items in the stats array as unset 179 * 180 * This function needs to be called at device initialization and before 181 * updating to a set of newly-generated stats. This will ensure that no 182 * stale values stick around in case the guest reports a subset of the supported 183 * statistics. 184 */ 185 static inline void reset_stats(VirtIOBalloon *dev) 186 { 187 int i; 188 for (i = 0; i < VIRTIO_BALLOON_S_NR; dev->stats[i++] = -1); 189 } 190 191 static bool balloon_stats_supported(const VirtIOBalloon *s) 192 { 193 VirtIODevice *vdev = VIRTIO_DEVICE(s); 194 return virtio_vdev_has_feature(vdev, VIRTIO_BALLOON_F_STATS_VQ); 195 } 196 197 static bool balloon_stats_enabled(const VirtIOBalloon *s) 198 { 199 return s->stats_poll_interval > 0; 200 } 201 202 static void balloon_stats_destroy_timer(VirtIOBalloon *s) 203 { 204 if (balloon_stats_enabled(s)) { 205 timer_del(s->stats_timer); 206 timer_free(s->stats_timer); 207 s->stats_timer = NULL; 208 s->stats_poll_interval = 0; 209 } 210 } 211 212 static void balloon_stats_change_timer(VirtIOBalloon *s, int64_t secs) 213 { 214 timer_mod(s->stats_timer, qemu_clock_get_ms(QEMU_CLOCK_VIRTUAL) + secs * 1000); 215 } 216 217 static void balloon_stats_poll_cb(void *opaque) 218 { 219 VirtIOBalloon *s = opaque; 220 VirtIODevice *vdev = VIRTIO_DEVICE(s); 221 222 if (s->stats_vq_elem == NULL || !balloon_stats_supported(s)) { 223 /* re-schedule */ 224 balloon_stats_change_timer(s, s->stats_poll_interval); 225 return; 226 } 227 228 virtqueue_push(s->svq, s->stats_vq_elem, s->stats_vq_offset); 229 virtio_notify(vdev, s->svq); 230 g_free(s->stats_vq_elem); 231 s->stats_vq_elem = NULL; 232 } 233 234 static void balloon_stats_get_all(Object *obj, Visitor *v, const char *name, 235 void *opaque, Error **errp) 236 { 237 Error *err = NULL; 238 VirtIOBalloon *s = opaque; 239 int i; 240 241 visit_start_struct(v, name, NULL, 0, &err); 242 if (err) { 243 goto out; 244 } 245 visit_type_int(v, "last-update", &s->stats_last_update, &err); 246 if (err) { 247 goto out_end; 248 } 249 250 visit_start_struct(v, "stats", NULL, 0, &err); 251 if (err) { 252 goto out_end; 253 } 254 for (i = 0; i < VIRTIO_BALLOON_S_NR; i++) { 255 visit_type_uint64(v, balloon_stat_names[i], &s->stats[i], &err); 256 if (err) { 257 goto out_nested; 258 } 259 } 260 visit_check_struct(v, &err); 261 out_nested: 262 visit_end_struct(v, NULL); 263 264 if (!err) { 265 visit_check_struct(v, &err); 266 } 267 out_end: 268 visit_end_struct(v, NULL); 269 out: 270 error_propagate(errp, err); 271 } 272 273 static void balloon_stats_get_poll_interval(Object *obj, Visitor *v, 274 const char *name, void *opaque, 275 Error **errp) 276 { 277 VirtIOBalloon *s = opaque; 278 visit_type_int(v, name, &s->stats_poll_interval, errp); 279 } 280 281 static void balloon_stats_set_poll_interval(Object *obj, Visitor *v, 282 const char *name, void *opaque, 283 Error **errp) 284 { 285 VirtIOBalloon *s = opaque; 286 Error *local_err = NULL; 287 int64_t value; 288 289 visit_type_int(v, name, &value, &local_err); 290 if (local_err) { 291 error_propagate(errp, local_err); 292 return; 293 } 294 295 if (value < 0) { 296 error_setg(errp, "timer value must be greater than zero"); 297 return; 298 } 299 300 if (value > UINT32_MAX) { 301 error_setg(errp, "timer value is too big"); 302 return; 303 } 304 305 if (value == s->stats_poll_interval) { 306 return; 307 } 308 309 if (value == 0) { 310 /* timer=0 disables the timer */ 311 balloon_stats_destroy_timer(s); 312 return; 313 } 314 315 if (balloon_stats_enabled(s)) { 316 /* timer interval change */ 317 s->stats_poll_interval = value; 318 balloon_stats_change_timer(s, value); 319 return; 320 } 321 322 /* create a new timer */ 323 g_assert(s->stats_timer == NULL); 324 s->stats_timer = timer_new_ms(QEMU_CLOCK_VIRTUAL, balloon_stats_poll_cb, s); 325 s->stats_poll_interval = value; 326 balloon_stats_change_timer(s, 0); 327 } 328 329 static void virtio_balloon_handle_output(VirtIODevice *vdev, VirtQueue *vq) 330 { 331 VirtIOBalloon *s = VIRTIO_BALLOON(vdev); 332 VirtQueueElement *elem; 333 MemoryRegionSection section; 334 335 for (;;) { 336 size_t offset = 0; 337 uint32_t pfn; 338 elem = virtqueue_pop(vq, sizeof(VirtQueueElement)); 339 if (!elem) { 340 return; 341 } 342 343 while (iov_to_buf(elem->out_sg, elem->out_num, offset, &pfn, 4) == 4) { 344 unsigned int p = virtio_ldl_p(vdev, &pfn); 345 hwaddr pa; 346 347 pa = (hwaddr) p << VIRTIO_BALLOON_PFN_SHIFT; 348 offset += 4; 349 350 section = memory_region_find(get_system_memory(), pa, 351 BALLOON_PAGE_SIZE); 352 if (!section.mr) { 353 trace_virtio_balloon_bad_addr(pa); 354 continue; 355 } 356 if (!memory_region_is_ram(section.mr) || 357 memory_region_is_rom(section.mr) || 358 memory_region_is_romd(section.mr)) { 359 trace_virtio_balloon_bad_addr(pa); 360 memory_region_unref(section.mr); 361 continue; 362 } 363 364 trace_virtio_balloon_handle_output(memory_region_name(section.mr), 365 pa); 366 if (!qemu_balloon_is_inhibited()) { 367 if (vq == s->ivq) { 368 balloon_inflate_page(s, section.mr, 369 section.offset_within_region); 370 } else if (vq == s->dvq) { 371 balloon_deflate_page(s, section.mr, section.offset_within_region); 372 } else { 373 g_assert_not_reached(); 374 } 375 } 376 memory_region_unref(section.mr); 377 } 378 379 virtqueue_push(vq, elem, offset); 380 virtio_notify(vdev, vq); 381 g_free(elem); 382 } 383 } 384 385 static void virtio_balloon_receive_stats(VirtIODevice *vdev, VirtQueue *vq) 386 { 387 VirtIOBalloon *s = VIRTIO_BALLOON(vdev); 388 VirtQueueElement *elem; 389 VirtIOBalloonStat stat; 390 size_t offset = 0; 391 qemu_timeval tv; 392 393 elem = virtqueue_pop(vq, sizeof(VirtQueueElement)); 394 if (!elem) { 395 goto out; 396 } 397 398 if (s->stats_vq_elem != NULL) { 399 /* This should never happen if the driver follows the spec. */ 400 virtqueue_push(vq, s->stats_vq_elem, 0); 401 virtio_notify(vdev, vq); 402 g_free(s->stats_vq_elem); 403 } 404 405 s->stats_vq_elem = elem; 406 407 /* Initialize the stats to get rid of any stale values. This is only 408 * needed to handle the case where a guest supports fewer stats than it 409 * used to (ie. it has booted into an old kernel). 410 */ 411 reset_stats(s); 412 413 while (iov_to_buf(elem->out_sg, elem->out_num, offset, &stat, sizeof(stat)) 414 == sizeof(stat)) { 415 uint16_t tag = virtio_tswap16(vdev, stat.tag); 416 uint64_t val = virtio_tswap64(vdev, stat.val); 417 418 offset += sizeof(stat); 419 if (tag < VIRTIO_BALLOON_S_NR) 420 s->stats[tag] = val; 421 } 422 s->stats_vq_offset = offset; 423 424 if (qemu_gettimeofday(&tv) < 0) { 425 warn_report("%s: failed to get time of day", __func__); 426 goto out; 427 } 428 429 s->stats_last_update = tv.tv_sec; 430 431 out: 432 if (balloon_stats_enabled(s)) { 433 balloon_stats_change_timer(s, s->stats_poll_interval); 434 } 435 } 436 437 static void virtio_balloon_handle_free_page_vq(VirtIODevice *vdev, 438 VirtQueue *vq) 439 { 440 VirtIOBalloon *s = VIRTIO_BALLOON(vdev); 441 qemu_bh_schedule(s->free_page_bh); 442 } 443 444 static bool get_free_page_hints(VirtIOBalloon *dev) 445 { 446 VirtQueueElement *elem; 447 VirtIODevice *vdev = VIRTIO_DEVICE(dev); 448 VirtQueue *vq = dev->free_page_vq; 449 bool ret = true; 450 451 while (dev->block_iothread) { 452 qemu_cond_wait(&dev->free_page_cond, &dev->free_page_lock); 453 } 454 455 elem = virtqueue_pop(vq, sizeof(VirtQueueElement)); 456 if (!elem) { 457 return false; 458 } 459 460 if (elem->out_num) { 461 uint32_t id; 462 size_t size = iov_to_buf(elem->out_sg, elem->out_num, 0, 463 &id, sizeof(id)); 464 465 virtio_tswap32s(vdev, &id); 466 if (unlikely(size != sizeof(id))) { 467 virtio_error(vdev, "received an incorrect cmd id"); 468 ret = false; 469 goto out; 470 } 471 if (id == dev->free_page_report_cmd_id) { 472 dev->free_page_report_status = FREE_PAGE_REPORT_S_START; 473 } else { 474 /* 475 * Stop the optimization only when it has started. This 476 * avoids a stale stop sign for the previous command. 477 */ 478 if (dev->free_page_report_status == FREE_PAGE_REPORT_S_START) { 479 dev->free_page_report_status = FREE_PAGE_REPORT_S_STOP; 480 } 481 } 482 } 483 484 if (elem->in_num) { 485 if (dev->free_page_report_status == FREE_PAGE_REPORT_S_START) { 486 qemu_guest_free_page_hint(elem->in_sg[0].iov_base, 487 elem->in_sg[0].iov_len); 488 } 489 } 490 491 out: 492 virtqueue_push(vq, elem, 1); 493 g_free(elem); 494 return ret; 495 } 496 497 static void virtio_ballloon_get_free_page_hints(void *opaque) 498 { 499 VirtIOBalloon *dev = opaque; 500 VirtIODevice *vdev = VIRTIO_DEVICE(dev); 501 VirtQueue *vq = dev->free_page_vq; 502 bool continue_to_get_hints; 503 504 do { 505 qemu_mutex_lock(&dev->free_page_lock); 506 virtio_queue_set_notification(vq, 0); 507 continue_to_get_hints = get_free_page_hints(dev); 508 qemu_mutex_unlock(&dev->free_page_lock); 509 virtio_notify(vdev, vq); 510 /* 511 * Start to poll the vq once the reporting started. Otherwise, continue 512 * only when there are entries on the vq, which need to be given back. 513 */ 514 } while (continue_to_get_hints || 515 dev->free_page_report_status == FREE_PAGE_REPORT_S_START); 516 virtio_queue_set_notification(vq, 1); 517 } 518 519 static bool virtio_balloon_free_page_support(void *opaque) 520 { 521 VirtIOBalloon *s = opaque; 522 VirtIODevice *vdev = VIRTIO_DEVICE(s); 523 524 return virtio_vdev_has_feature(vdev, VIRTIO_BALLOON_F_FREE_PAGE_HINT); 525 } 526 527 static void virtio_balloon_free_page_start(VirtIOBalloon *s) 528 { 529 VirtIODevice *vdev = VIRTIO_DEVICE(s); 530 531 /* For the stop and copy phase, we don't need to start the optimization */ 532 if (!vdev->vm_running) { 533 return; 534 } 535 536 if (s->free_page_report_cmd_id == UINT_MAX) { 537 s->free_page_report_cmd_id = 538 VIRTIO_BALLOON_FREE_PAGE_REPORT_CMD_ID_MIN; 539 } else { 540 s->free_page_report_cmd_id++; 541 } 542 543 s->free_page_report_status = FREE_PAGE_REPORT_S_REQUESTED; 544 virtio_notify_config(vdev); 545 } 546 547 static void virtio_balloon_free_page_stop(VirtIOBalloon *s) 548 { 549 VirtIODevice *vdev = VIRTIO_DEVICE(s); 550 551 if (s->free_page_report_status != FREE_PAGE_REPORT_S_STOP) { 552 /* 553 * The lock also guarantees us that the 554 * virtio_ballloon_get_free_page_hints exits after the 555 * free_page_report_status is set to S_STOP. 556 */ 557 qemu_mutex_lock(&s->free_page_lock); 558 /* 559 * The guest hasn't done the reporting, so host sends a notification 560 * to the guest to actively stop the reporting. 561 */ 562 s->free_page_report_status = FREE_PAGE_REPORT_S_STOP; 563 qemu_mutex_unlock(&s->free_page_lock); 564 virtio_notify_config(vdev); 565 } 566 } 567 568 static void virtio_balloon_free_page_done(VirtIOBalloon *s) 569 { 570 VirtIODevice *vdev = VIRTIO_DEVICE(s); 571 572 s->free_page_report_status = FREE_PAGE_REPORT_S_DONE; 573 virtio_notify_config(vdev); 574 } 575 576 static int 577 virtio_balloon_free_page_report_notify(NotifierWithReturn *n, void *data) 578 { 579 VirtIOBalloon *dev = container_of(n, VirtIOBalloon, 580 free_page_report_notify); 581 VirtIODevice *vdev = VIRTIO_DEVICE(dev); 582 PrecopyNotifyData *pnd = data; 583 584 if (!virtio_balloon_free_page_support(dev)) { 585 /* 586 * This is an optimization provided to migration, so just return 0 to 587 * have the normal migration process not affected when this feature is 588 * not supported. 589 */ 590 return 0; 591 } 592 593 switch (pnd->reason) { 594 case PRECOPY_NOTIFY_SETUP: 595 precopy_enable_free_page_optimization(); 596 break; 597 case PRECOPY_NOTIFY_COMPLETE: 598 case PRECOPY_NOTIFY_CLEANUP: 599 case PRECOPY_NOTIFY_BEFORE_BITMAP_SYNC: 600 virtio_balloon_free_page_stop(dev); 601 break; 602 case PRECOPY_NOTIFY_AFTER_BITMAP_SYNC: 603 if (vdev->vm_running) { 604 virtio_balloon_free_page_start(dev); 605 } else { 606 virtio_balloon_free_page_done(dev); 607 } 608 break; 609 default: 610 virtio_error(vdev, "%s: %d reason unknown", __func__, pnd->reason); 611 } 612 613 return 0; 614 } 615 616 static size_t virtio_balloon_config_size(VirtIOBalloon *s) 617 { 618 uint64_t features = s->host_features; 619 620 if (s->qemu_4_0_config_size) { 621 return sizeof(struct virtio_balloon_config); 622 } 623 if (virtio_has_feature(features, VIRTIO_BALLOON_F_PAGE_POISON)) { 624 return sizeof(struct virtio_balloon_config); 625 } 626 if (virtio_has_feature(features, VIRTIO_BALLOON_F_FREE_PAGE_HINT)) { 627 return offsetof(struct virtio_balloon_config, poison_val); 628 } 629 return offsetof(struct virtio_balloon_config, free_page_report_cmd_id); 630 } 631 632 static void virtio_balloon_get_config(VirtIODevice *vdev, uint8_t *config_data) 633 { 634 VirtIOBalloon *dev = VIRTIO_BALLOON(vdev); 635 struct virtio_balloon_config config = {}; 636 637 config.num_pages = cpu_to_le32(dev->num_pages); 638 config.actual = cpu_to_le32(dev->actual); 639 640 if (dev->free_page_report_status == FREE_PAGE_REPORT_S_REQUESTED) { 641 config.free_page_report_cmd_id = 642 cpu_to_le32(dev->free_page_report_cmd_id); 643 } else if (dev->free_page_report_status == FREE_PAGE_REPORT_S_STOP) { 644 config.free_page_report_cmd_id = 645 cpu_to_le32(VIRTIO_BALLOON_CMD_ID_STOP); 646 } else if (dev->free_page_report_status == FREE_PAGE_REPORT_S_DONE) { 647 config.free_page_report_cmd_id = 648 cpu_to_le32(VIRTIO_BALLOON_CMD_ID_DONE); 649 } 650 651 trace_virtio_balloon_get_config(config.num_pages, config.actual); 652 memcpy(config_data, &config, virtio_balloon_config_size(dev)); 653 } 654 655 static int build_dimm_list(Object *obj, void *opaque) 656 { 657 GSList **list = opaque; 658 659 if (object_dynamic_cast(obj, TYPE_PC_DIMM)) { 660 DeviceState *dev = DEVICE(obj); 661 if (dev->realized) { /* only realized DIMMs matter */ 662 *list = g_slist_prepend(*list, dev); 663 } 664 } 665 666 object_child_foreach(obj, build_dimm_list, opaque); 667 return 0; 668 } 669 670 static ram_addr_t get_current_ram_size(void) 671 { 672 GSList *list = NULL, *item; 673 ram_addr_t size = ram_size; 674 675 build_dimm_list(qdev_get_machine(), &list); 676 for (item = list; item; item = g_slist_next(item)) { 677 Object *obj = OBJECT(item->data); 678 if (!strcmp(object_get_typename(obj), TYPE_PC_DIMM)) { 679 size += object_property_get_int(obj, PC_DIMM_SIZE_PROP, 680 &error_abort); 681 } 682 } 683 g_slist_free(list); 684 685 return size; 686 } 687 688 static void virtio_balloon_set_config(VirtIODevice *vdev, 689 const uint8_t *config_data) 690 { 691 VirtIOBalloon *dev = VIRTIO_BALLOON(vdev); 692 struct virtio_balloon_config config; 693 uint32_t oldactual = dev->actual; 694 ram_addr_t vm_ram_size = get_current_ram_size(); 695 696 memcpy(&config, config_data, virtio_balloon_config_size(dev)); 697 dev->actual = le32_to_cpu(config.actual); 698 if (dev->actual != oldactual) { 699 qapi_event_send_balloon_change(vm_ram_size - 700 ((ram_addr_t) dev->actual << VIRTIO_BALLOON_PFN_SHIFT)); 701 } 702 trace_virtio_balloon_set_config(dev->actual, oldactual); 703 } 704 705 static uint64_t virtio_balloon_get_features(VirtIODevice *vdev, uint64_t f, 706 Error **errp) 707 { 708 VirtIOBalloon *dev = VIRTIO_BALLOON(vdev); 709 f |= dev->host_features; 710 virtio_add_feature(&f, VIRTIO_BALLOON_F_STATS_VQ); 711 712 return f; 713 } 714 715 static void virtio_balloon_stat(void *opaque, BalloonInfo *info) 716 { 717 VirtIOBalloon *dev = opaque; 718 info->actual = get_current_ram_size() - ((uint64_t) dev->actual << 719 VIRTIO_BALLOON_PFN_SHIFT); 720 } 721 722 static void virtio_balloon_to_target(void *opaque, ram_addr_t target) 723 { 724 VirtIOBalloon *dev = VIRTIO_BALLOON(opaque); 725 VirtIODevice *vdev = VIRTIO_DEVICE(dev); 726 ram_addr_t vm_ram_size = get_current_ram_size(); 727 728 if (target > vm_ram_size) { 729 target = vm_ram_size; 730 } 731 if (target) { 732 dev->num_pages = (vm_ram_size - target) >> VIRTIO_BALLOON_PFN_SHIFT; 733 virtio_notify_config(vdev); 734 } 735 trace_virtio_balloon_to_target(target, dev->num_pages); 736 } 737 738 static int virtio_balloon_post_load_device(void *opaque, int version_id) 739 { 740 VirtIOBalloon *s = VIRTIO_BALLOON(opaque); 741 742 if (balloon_stats_enabled(s)) { 743 balloon_stats_change_timer(s, s->stats_poll_interval); 744 } 745 return 0; 746 } 747 748 static const VMStateDescription vmstate_virtio_balloon_free_page_report = { 749 .name = "virtio-balloon-device/free-page-report", 750 .version_id = 1, 751 .minimum_version_id = 1, 752 .needed = virtio_balloon_free_page_support, 753 .fields = (VMStateField[]) { 754 VMSTATE_UINT32(free_page_report_cmd_id, VirtIOBalloon), 755 VMSTATE_UINT32(free_page_report_status, VirtIOBalloon), 756 VMSTATE_END_OF_LIST() 757 } 758 }; 759 760 static const VMStateDescription vmstate_virtio_balloon_device = { 761 .name = "virtio-balloon-device", 762 .version_id = 1, 763 .minimum_version_id = 1, 764 .post_load = virtio_balloon_post_load_device, 765 .fields = (VMStateField[]) { 766 VMSTATE_UINT32(num_pages, VirtIOBalloon), 767 VMSTATE_UINT32(actual, VirtIOBalloon), 768 VMSTATE_END_OF_LIST() 769 }, 770 .subsections = (const VMStateDescription * []) { 771 &vmstate_virtio_balloon_free_page_report, 772 NULL 773 } 774 }; 775 776 static void virtio_balloon_device_realize(DeviceState *dev, Error **errp) 777 { 778 VirtIODevice *vdev = VIRTIO_DEVICE(dev); 779 VirtIOBalloon *s = VIRTIO_BALLOON(dev); 780 int ret; 781 782 virtio_init(vdev, "virtio-balloon", VIRTIO_ID_BALLOON, 783 virtio_balloon_config_size(s)); 784 785 ret = qemu_add_balloon_handler(virtio_balloon_to_target, 786 virtio_balloon_stat, s); 787 788 if (ret < 0) { 789 error_setg(errp, "Only one balloon device is supported"); 790 virtio_cleanup(vdev); 791 return; 792 } 793 794 s->ivq = virtio_add_queue(vdev, 128, virtio_balloon_handle_output); 795 s->dvq = virtio_add_queue(vdev, 128, virtio_balloon_handle_output); 796 s->svq = virtio_add_queue(vdev, 128, virtio_balloon_receive_stats); 797 798 if (virtio_has_feature(s->host_features, 799 VIRTIO_BALLOON_F_FREE_PAGE_HINT)) { 800 s->free_page_vq = virtio_add_queue(vdev, VIRTQUEUE_MAX_SIZE, 801 virtio_balloon_handle_free_page_vq); 802 s->free_page_report_status = FREE_PAGE_REPORT_S_STOP; 803 s->free_page_report_cmd_id = 804 VIRTIO_BALLOON_FREE_PAGE_REPORT_CMD_ID_MIN; 805 s->free_page_report_notify.notify = 806 virtio_balloon_free_page_report_notify; 807 precopy_add_notifier(&s->free_page_report_notify); 808 if (s->iothread) { 809 object_ref(OBJECT(s->iothread)); 810 s->free_page_bh = aio_bh_new(iothread_get_aio_context(s->iothread), 811 virtio_ballloon_get_free_page_hints, s); 812 qemu_mutex_init(&s->free_page_lock); 813 qemu_cond_init(&s->free_page_cond); 814 s->block_iothread = false; 815 } else { 816 /* Simply disable this feature if the iothread wasn't created. */ 817 s->host_features &= ~(1 << VIRTIO_BALLOON_F_FREE_PAGE_HINT); 818 virtio_error(vdev, "iothread is missing"); 819 } 820 } 821 reset_stats(s); 822 } 823 824 static void virtio_balloon_device_unrealize(DeviceState *dev, Error **errp) 825 { 826 VirtIODevice *vdev = VIRTIO_DEVICE(dev); 827 VirtIOBalloon *s = VIRTIO_BALLOON(dev); 828 829 if (virtio_balloon_free_page_support(s)) { 830 qemu_bh_delete(s->free_page_bh); 831 virtio_balloon_free_page_stop(s); 832 precopy_remove_notifier(&s->free_page_report_notify); 833 } 834 balloon_stats_destroy_timer(s); 835 qemu_remove_balloon_handler(s); 836 virtio_cleanup(vdev); 837 } 838 839 static void virtio_balloon_device_reset(VirtIODevice *vdev) 840 { 841 VirtIOBalloon *s = VIRTIO_BALLOON(vdev); 842 843 if (virtio_balloon_free_page_support(s)) { 844 virtio_balloon_free_page_stop(s); 845 } 846 847 if (s->stats_vq_elem != NULL) { 848 virtqueue_unpop(s->svq, s->stats_vq_elem, 0); 849 g_free(s->stats_vq_elem); 850 s->stats_vq_elem = NULL; 851 } 852 } 853 854 static void virtio_balloon_set_status(VirtIODevice *vdev, uint8_t status) 855 { 856 VirtIOBalloon *s = VIRTIO_BALLOON(vdev); 857 858 if (!s->stats_vq_elem && vdev->vm_running && 859 (status & VIRTIO_CONFIG_S_DRIVER_OK) && virtqueue_rewind(s->svq, 1)) { 860 /* poll stats queue for the element we have discarded when the VM 861 * was stopped */ 862 virtio_balloon_receive_stats(vdev, s->svq); 863 } 864 865 if (virtio_balloon_free_page_support(s)) { 866 /* 867 * The VM is woken up and the iothread was blocked, so signal it to 868 * continue. 869 */ 870 if (vdev->vm_running && s->block_iothread) { 871 qemu_mutex_lock(&s->free_page_lock); 872 s->block_iothread = false; 873 qemu_cond_signal(&s->free_page_cond); 874 qemu_mutex_unlock(&s->free_page_lock); 875 } 876 877 /* The VM is stopped, block the iothread. */ 878 if (!vdev->vm_running) { 879 qemu_mutex_lock(&s->free_page_lock); 880 s->block_iothread = true; 881 qemu_mutex_unlock(&s->free_page_lock); 882 } 883 } 884 } 885 886 static void virtio_balloon_instance_init(Object *obj) 887 { 888 VirtIOBalloon *s = VIRTIO_BALLOON(obj); 889 890 object_property_add(obj, "guest-stats", "guest statistics", 891 balloon_stats_get_all, NULL, NULL, s, NULL); 892 893 object_property_add(obj, "guest-stats-polling-interval", "int", 894 balloon_stats_get_poll_interval, 895 balloon_stats_set_poll_interval, 896 NULL, s, NULL); 897 } 898 899 static const VMStateDescription vmstate_virtio_balloon = { 900 .name = "virtio-balloon", 901 .minimum_version_id = 1, 902 .version_id = 1, 903 .fields = (VMStateField[]) { 904 VMSTATE_VIRTIO_DEVICE, 905 VMSTATE_END_OF_LIST() 906 }, 907 }; 908 909 static Property virtio_balloon_properties[] = { 910 DEFINE_PROP_BIT("deflate-on-oom", VirtIOBalloon, host_features, 911 VIRTIO_BALLOON_F_DEFLATE_ON_OOM, false), 912 DEFINE_PROP_BIT("free-page-hint", VirtIOBalloon, host_features, 913 VIRTIO_BALLOON_F_FREE_PAGE_HINT, false), 914 /* QEMU 4.0 accidentally changed the config size even when free-page-hint 915 * is disabled, resulting in QEMU 3.1 migration incompatibility. This 916 * property retains this quirk for QEMU 4.1 machine types. 917 */ 918 DEFINE_PROP_BOOL("qemu-4-0-config-size", VirtIOBalloon, 919 qemu_4_0_config_size, false), 920 DEFINE_PROP_LINK("iothread", VirtIOBalloon, iothread, TYPE_IOTHREAD, 921 IOThread *), 922 DEFINE_PROP_END_OF_LIST(), 923 }; 924 925 static void virtio_balloon_class_init(ObjectClass *klass, void *data) 926 { 927 DeviceClass *dc = DEVICE_CLASS(klass); 928 VirtioDeviceClass *vdc = VIRTIO_DEVICE_CLASS(klass); 929 930 dc->props = virtio_balloon_properties; 931 dc->vmsd = &vmstate_virtio_balloon; 932 set_bit(DEVICE_CATEGORY_MISC, dc->categories); 933 vdc->realize = virtio_balloon_device_realize; 934 vdc->unrealize = virtio_balloon_device_unrealize; 935 vdc->reset = virtio_balloon_device_reset; 936 vdc->get_config = virtio_balloon_get_config; 937 vdc->set_config = virtio_balloon_set_config; 938 vdc->get_features = virtio_balloon_get_features; 939 vdc->set_status = virtio_balloon_set_status; 940 vdc->vmsd = &vmstate_virtio_balloon_device; 941 } 942 943 static const TypeInfo virtio_balloon_info = { 944 .name = TYPE_VIRTIO_BALLOON, 945 .parent = TYPE_VIRTIO_DEVICE, 946 .instance_size = sizeof(VirtIOBalloon), 947 .instance_init = virtio_balloon_instance_init, 948 .class_init = virtio_balloon_class_init, 949 }; 950 951 static void virtio_register_types(void) 952 { 953 type_register_static(&virtio_balloon_info); 954 } 955 956 type_init(virtio_register_types) 957