1/*
2 * vfio based subchannel assignment support
3 *
4 * Copyright 2017 IBM Corp.
5 * Copyright 2019 Red Hat, Inc.
6 *
7 * Author(s): Dong Jia Shi <bjsdjshi@linux.vnet.ibm.com>
8 * Xiao Feng Ren <renxiaof@linux.vnet.ibm.com>
9 * Pierre Morel <pmorel@linux.vnet.ibm.com>
10 * Cornelia Huck <cohuck@redhat.com>
11 *
12 * This work is licensed under the terms of the GNU GPL, version 2 or (at
13 * your option) any later version. See the COPYING file in the top-level
14 * directory.
15 */
16
17#include "qemu/osdep.h"
18#include <linux/vfio.h>
19#include <linux/vfio_ccw.h>
20#include <sys/ioctl.h>
21
22#include "qapi/error.h"
23#include "hw/sysbus.h"
24#include "hw/vfio/vfio.h"
25#include "hw/vfio/vfio-common.h"
26#include "hw/s390x/s390-ccw.h"
27#include "hw/s390x/vfio-ccw.h"
28#include "hw/qdev-properties.h"
29#include "hw/s390x/ccw-device.h"
30#include "exec/address-spaces.h"
31#include "qemu/error-report.h"
32#include "qemu/main-loop.h"
33#include "qemu/module.h"
34
35struct VFIOCCWDevice {
36 S390CCWDevice cdev;
37 VFIODevice vdev;
38 uint64_t io_region_size;
39 uint64_t io_region_offset;
40 struct ccw_io_region *io_region;
41 uint64_t async_cmd_region_size;
42 uint64_t async_cmd_region_offset;
43 struct ccw_cmd_region *async_cmd_region;
44 EventNotifier io_notifier;
45 bool force_orb_pfch;
46 bool warned_orb_pfch;
47};
48
49static inline void warn_once_pfch(VFIOCCWDevice *vcdev, SubchDev *sch,
50 const char *msg)
51{
52 warn_report_once_cond(&vcdev->warned_orb_pfch,
53 "vfio-ccw (devno %x.%x.%04x): %s",
54 sch->cssid, sch->ssid, sch->devno, msg);
55}
56
57static void vfio_ccw_compute_needs_reset(VFIODevice *vdev)
58{
59 vdev->needs_reset = false;
60}
61
62/*
63 * We don't need vfio_hot_reset_multi and vfio_eoi operations for
64 * vfio_ccw device now.
65 */
66struct VFIODeviceOps vfio_ccw_ops = {
67 .vfio_compute_needs_reset = vfio_ccw_compute_needs_reset,
68};
69
70static IOInstEnding vfio_ccw_handle_request(SubchDev *sch)
71{
72 S390CCWDevice *cdev = sch->driver_data;
73 VFIOCCWDevice *vcdev = DO_UPCAST(VFIOCCWDevice, cdev, cdev);
74 struct ccw_io_region *region = vcdev->io_region;
75 int ret;
76
77 if (!(sch->orb.ctrl0 & ORB_CTRL0_MASK_PFCH)) {
78 if (!(vcdev->force_orb_pfch)) {
79 warn_once_pfch(vcdev, sch, "requires PFCH flag set");
80 sch_gen_unit_exception(sch);
81 css_inject_io_interrupt(sch);
82 return IOINST_CC_EXPECTED;
83 } else {
84 sch->orb.ctrl0 |= ORB_CTRL0_MASK_PFCH;
85 warn_once_pfch(vcdev, sch, "PFCH flag forced");
86 }
87 }
88
89 QEMU_BUILD_BUG_ON(sizeof(region->orb_area) != sizeof(ORB));
90 QEMU_BUILD_BUG_ON(sizeof(region->scsw_area) != sizeof(SCSW));
91 QEMU_BUILD_BUG_ON(sizeof(region->irb_area) != sizeof(IRB));
92
93 memset(region, 0, sizeof(*region));
94
95 memcpy(region->orb_area, &sch->orb, sizeof(ORB));
96 memcpy(region->scsw_area, &sch->curr_status.scsw, sizeof(SCSW));
97
98again:
99 ret = pwrite(vcdev->vdev.fd, region,
100 vcdev->io_region_size, vcdev->io_region_offset);
101 if (ret != vcdev->io_region_size) {
102 if (errno == EAGAIN) {
103 goto again;
104 }
105 error_report("vfio-ccw: wirte I/O region failed with errno=%d", errno);
106 ret = -errno;
107 } else {
108 ret = region->ret_code;
109 }
110 switch (ret) {
111 case 0:
112 return IOINST_CC_EXPECTED;
113 case -EBUSY:
114 return IOINST_CC_BUSY;
115 case -ENODEV:
116 case -EACCES:
117 return IOINST_CC_NOT_OPERATIONAL;
118 case -EFAULT:
119 default:
120 sch_gen_unit_exception(sch);
121 css_inject_io_interrupt(sch);
122 return IOINST_CC_EXPECTED;
123 }
124}
125
126static int vfio_ccw_handle_clear(SubchDev *sch)
127{
128 S390CCWDevice *cdev = sch->driver_data;
129 VFIOCCWDevice *vcdev = DO_UPCAST(VFIOCCWDevice, cdev, cdev);
130 struct ccw_cmd_region *region = vcdev->async_cmd_region;
131 int ret;
132
133 if (!vcdev->async_cmd_region) {
134 /* Async command region not available, fall back to emulation */
135 return -ENOSYS;
136 }
137
138 memset(region, 0, sizeof(*region));
139 region->command = VFIO_CCW_ASYNC_CMD_CSCH;
140
141again:
142 ret = pwrite(vcdev->vdev.fd, region,
143 vcdev->async_cmd_region_size, vcdev->async_cmd_region_offset);
144 if (ret != vcdev->async_cmd_region_size) {
145 if (errno == EAGAIN) {
146 goto again;
147 }
148 error_report("vfio-ccw: write cmd region failed with errno=%d", errno);
149 ret = -errno;
150 } else {
151 ret = region->ret_code;
152 }
153 switch (ret) {
154 case 0:
155 case -ENODEV:
156 case -EACCES:
157 return 0;
158 case -EFAULT:
159 default:
160 sch_gen_unit_exception(sch);
161 css_inject_io_interrupt(sch);
162 return 0;
163 }
164}
165
166static int vfio_ccw_handle_halt(SubchDev *sch)
167{
168 S390CCWDevice *cdev = sch->driver_data;
169 VFIOCCWDevice *vcdev = DO_UPCAST(VFIOCCWDevice, cdev, cdev);
170 struct ccw_cmd_region *region = vcdev->async_cmd_region;
171 int ret;
172
173 if (!vcdev->async_cmd_region) {
174 /* Async command region not available, fall back to emulation */
175 return -ENOSYS;
176 }
177
178 memset(region, 0, sizeof(*region));
179 region->command = VFIO_CCW_ASYNC_CMD_HSCH;
180
181again:
182 ret = pwrite(vcdev->vdev.fd, region,
183 vcdev->async_cmd_region_size, vcdev->async_cmd_region_offset);
184 if (ret != vcdev->async_cmd_region_size) {
185 if (errno == EAGAIN) {
186 goto again;
187 }
188 error_report("vfio-ccw: write cmd region failed with errno=%d", errno);
189 ret = -errno;
190 } else {
191 ret = region->ret_code;
192 }
193 switch (ret) {
194 case 0:
195 case -EBUSY:
196 case -ENODEV:
197 case -EACCES:
198 return 0;
199 case -EFAULT:
200 default:
201 sch_gen_unit_exception(sch);
202 css_inject_io_interrupt(sch);
203 return 0;
204 }
205}
206
207static void vfio_ccw_reset(DeviceState *dev)
208{
209 CcwDevice *ccw_dev = DO_UPCAST(CcwDevice, parent_obj, dev);
210 S390CCWDevice *cdev = DO_UPCAST(S390CCWDevice, parent_obj, ccw_dev);
211 VFIOCCWDevice *vcdev = DO_UPCAST(VFIOCCWDevice, cdev, cdev);
212
213 ioctl(vcdev->vdev.fd, VFIO_DEVICE_RESET);
214}
215
216static void vfio_ccw_io_notifier_handler(void *opaque)
217{
218 VFIOCCWDevice *vcdev = opaque;
219 struct ccw_io_region *region = vcdev->io_region;
220 S390CCWDevice *cdev = S390_CCW_DEVICE(vcdev);
221 CcwDevice *ccw_dev = CCW_DEVICE(cdev);
222 SubchDev *sch = ccw_dev->sch;
223 SCHIB *schib = &sch->curr_status;
224 SCSW s;
225 IRB irb;
226 int size;
227
228 if (!event_notifier_test_and_clear(&vcdev->io_notifier)) {
229 return;
230 }
231
232 size = pread(vcdev->vdev.fd, region, vcdev->io_region_size,
233 vcdev->io_region_offset);
234 if (size == -1) {
235 switch (errno) {
236 case ENODEV:
237 /* Generate a deferred cc 3 condition. */
238 schib->scsw.flags |= SCSW_FLAGS_MASK_CC;
239 schib->scsw.ctrl &= ~SCSW_CTRL_MASK_STCTL;
240 schib->scsw.ctrl |= (SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND);
241 goto read_err;
242 case EFAULT:
243 /* Memory problem, generate channel data check. */
244 schib->scsw.ctrl &= ~SCSW_ACTL_START_PEND;
245 schib->scsw.cstat = SCSW_CSTAT_DATA_CHECK;
246 schib->scsw.ctrl &= ~SCSW_CTRL_MASK_STCTL;
247 schib->scsw.ctrl |= SCSW_STCTL_PRIMARY | SCSW_STCTL_SECONDARY |
248 SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND;
249 goto read_err;
250 default:
251 /* Error, generate channel program check. */
252 schib->scsw.ctrl &= ~SCSW_ACTL_START_PEND;
253 schib->scsw.cstat = SCSW_CSTAT_PROG_CHECK;
254 schib->scsw.ctrl &= ~SCSW_CTRL_MASK_STCTL;
255 schib->scsw.ctrl |= SCSW_STCTL_PRIMARY | SCSW_STCTL_SECONDARY |
256 SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND;
257 goto read_err;
258 }
259 } else if (size != vcdev->io_region_size) {
260 /* Information transfer error, generate channel-control check. */
261 schib->scsw.ctrl &= ~SCSW_ACTL_START_PEND;
262 schib->scsw.cstat = SCSW_CSTAT_CHN_CTRL_CHK;
263 schib->scsw.ctrl &= ~SCSW_CTRL_MASK_STCTL;
264 schib->scsw.ctrl |= SCSW_STCTL_PRIMARY | SCSW_STCTL_SECONDARY |
265 SCSW_STCTL_ALERT | SCSW_STCTL_STATUS_PEND;
266 goto read_err;
267 }
268
269 memcpy(&irb, region->irb_area, sizeof(IRB));
270
271 /* Update control block via irb. */
272 s = schib->scsw;
273 copy_scsw_to_guest(&s, &irb.scsw);
274 schib->scsw = s;
275
276 /* If a uint check is pending, copy sense data. */
277 if ((schib->scsw.dstat & SCSW_DSTAT_UNIT_CHECK) &&
278 (schib->pmcw.chars & PMCW_CHARS_MASK_CSENSE)) {
279 memcpy(sch->sense_data, irb.ecw, sizeof(irb.ecw));
280 }
281
282read_err:
283 css_inject_io_interrupt(sch);
284}
285
286static void vfio_ccw_register_io_notifier(VFIOCCWDevice *vcdev, Error **errp)
287{
288 VFIODevice *vdev = &vcdev->vdev;
289 struct vfio_irq_info *irq_info;
290 size_t argsz;
291 int fd;
292
293 if (vdev->num_irqs < VFIO_CCW_IO_IRQ_INDEX + 1) {
294 error_setg(errp, "vfio: unexpected number of io irqs %u",
295 vdev->num_irqs);
296 return;
297 }
298
299 argsz = sizeof(*irq_info);
300 irq_info = g_malloc0(argsz);
301 irq_info->index = VFIO_CCW_IO_IRQ_INDEX;
302 irq_info->argsz = argsz;
303 if (ioctl(vdev->fd, VFIO_DEVICE_GET_IRQ_INFO,
304 irq_info) < 0 || irq_info->count < 1) {
305 error_setg_errno(errp, errno, "vfio: Error getting irq info");
306 goto out_free_info;
307 }
308
309 if (event_notifier_init(&vcdev->io_notifier, 0)) {
310 error_setg_errno(errp, errno,
311 "vfio: Unable to init event notifier for IO");
312 goto out_free_info;
313 }
314
315 fd = event_notifier_get_fd(&vcdev->io_notifier);
316 qemu_set_fd_handler(fd, vfio_ccw_io_notifier_handler, NULL, vcdev);
317
318 if (vfio_set_irq_signaling(vdev, VFIO_CCW_IO_IRQ_INDEX, 0,
319 VFIO_IRQ_SET_ACTION_TRIGGER, fd, errp)) {
320 qemu_set_fd_handler(fd, NULL, NULL, vcdev);
321 event_notifier_cleanup(&vcdev->io_notifier);
322 }
323
324out_free_info:
325 g_free(irq_info);
326}
327
328static void vfio_ccw_unregister_io_notifier(VFIOCCWDevice *vcdev)
329{
330 Error *err = NULL;
331
332 if (vfio_set_irq_signaling(&vcdev->vdev, VFIO_CCW_IO_IRQ_INDEX, 0,
333 VFIO_IRQ_SET_ACTION_TRIGGER, -1, &err)) {
334 error_reportf_err(err, VFIO_MSG_PREFIX, vcdev->vdev.name);
335 }
336
337 qemu_set_fd_handler(event_notifier_get_fd(&vcdev->io_notifier),
338 NULL, NULL, vcdev);
339 event_notifier_cleanup(&vcdev->io_notifier);
340}
341
342static void vfio_ccw_get_region(VFIOCCWDevice *vcdev, Error **errp)
343{
344 VFIODevice *vdev = &vcdev->vdev;
345 struct vfio_region_info *info;
346 int ret;
347
348 /* Sanity check device */
349 if (!(vdev->flags & VFIO_DEVICE_FLAGS_CCW)) {
350 error_setg(errp, "vfio: Um, this isn't a vfio-ccw device");
351 return;
352 }
353
354 /*
355 * We always expect at least the I/O region to be present. We also
356 * may have a variable number of regions governed by capabilities.
357 */
358 if (vdev->num_regions < VFIO_CCW_CONFIG_REGION_INDEX + 1) {
359 error_setg(errp, "vfio: too few regions (%u), expected at least %u",
360 vdev->num_regions, VFIO_CCW_CONFIG_REGION_INDEX + 1);
361 return;
362 }
363
364 ret = vfio_get_region_info(vdev, VFIO_CCW_CONFIG_REGION_INDEX, &info);
365 if (ret) {
366 error_setg_errno(errp, -ret, "vfio: Error getting config info");
367 return;
368 }
369
370 vcdev->io_region_size = info->size;
371 if (sizeof(*vcdev->io_region) != vcdev->io_region_size) {
372 error_setg(errp, "vfio: Unexpected size of the I/O region");
373 g_free(info);
374 return;
375 }
376
377 vcdev->io_region_offset = info->offset;
378 vcdev->io_region = g_malloc0(info->size);
379
380 /* check for the optional async command region */
381 ret = vfio_get_dev_region_info(vdev, VFIO_REGION_TYPE_CCW,
382 VFIO_REGION_SUBTYPE_CCW_ASYNC_CMD, &info);
383 if (!ret) {
384 vcdev->async_cmd_region_size = info->size;
385 if (sizeof(*vcdev->async_cmd_region) != vcdev->async_cmd_region_size) {
386 error_setg(errp, "vfio: Unexpected size of the async cmd region");
387 g_free(vcdev->io_region);
388 g_free(info);
389 return;
390 }
391 vcdev->async_cmd_region_offset = info->offset;
392 vcdev->async_cmd_region = g_malloc0(info->size);
393 }
394
395 g_free(info);
396}
397
398static void vfio_ccw_put_region(VFIOCCWDevice *vcdev)
399{
400 g_free(vcdev->async_cmd_region);
401 g_free(vcdev->io_region);
402}
403
404static void vfio_ccw_put_device(VFIOCCWDevice *vcdev)
405{
406 g_free(vcdev->vdev.name);
407 vfio_put_base_device(&vcdev->vdev);
408}
409
410static void vfio_ccw_get_device(VFIOGroup *group, VFIOCCWDevice *vcdev,
411 Error **errp)
412{
413 char *name = g_strdup_printf("%x.%x.%04x", vcdev->cdev.hostid.cssid,
414 vcdev->cdev.hostid.ssid,
415 vcdev->cdev.hostid.devid);
416 VFIODevice *vbasedev;
417
418 QLIST_FOREACH(vbasedev, &group->device_list, next) {
419 if (strcmp(vbasedev->name, name) == 0) {
420 error_setg(errp, "vfio: subchannel %s has already been attached",
421 name);
422 goto out_err;
423 }
424 }
425
426 /*
427 * All vfio-ccw devices are believed to operate in a way compatible with
428 * memory ballooning, ie. pages pinned in the host are in the current
429 * working set of the guest driver and therefore never overlap with pages
430 * available to the guest balloon driver. This needs to be set before
431 * vfio_get_device() for vfio common to handle the balloon inhibitor.
432 */
433 vcdev->vdev.balloon_allowed = true;
434
435 if (vfio_get_device(group, vcdev->cdev.mdevid, &vcdev->vdev, errp)) {
436 goto out_err;
437 }
438
439 vcdev->vdev.ops = &vfio_ccw_ops;
440 vcdev->vdev.type = VFIO_DEVICE_TYPE_CCW;
441 vcdev->vdev.name = name;
442 vcdev->vdev.dev = &vcdev->cdev.parent_obj.parent_obj;
443
444 return;
445
446out_err:
447 g_free(name);
448}
449
450static VFIOGroup *vfio_ccw_get_group(S390CCWDevice *cdev, Error **errp)
451{
452 char *tmp, group_path[PATH_MAX];
453 ssize_t len;
454 int groupid;
455
456 tmp = g_strdup_printf("/sys/bus/css/devices/%x.%x.%04x/%s/iommu_group",
457 cdev->hostid.cssid, cdev->hostid.ssid,
458 cdev->hostid.devid, cdev->mdevid);
459 len = readlink(tmp, group_path, sizeof(group_path));
460 g_free(tmp);
461
462 if (len <= 0 || len >= sizeof(group_path)) {
463 error_setg(errp, "vfio: no iommu_group found");
464 return NULL;
465 }
466
467 group_path[len] = 0;
468
469 if (sscanf(basename(group_path), "%d", &groupid) != 1) {
470 error_setg(errp, "vfio: failed to read %s", group_path);
471 return NULL;
472 }
473
474 return vfio_get_group(groupid, &address_space_memory, errp);
475}
476
477static void vfio_ccw_realize(DeviceState *dev, Error **errp)
478{
479 VFIOGroup *group;
480 CcwDevice *ccw_dev = DO_UPCAST(CcwDevice, parent_obj, dev);
481 S390CCWDevice *cdev = DO_UPCAST(S390CCWDevice, parent_obj, ccw_dev);
482 VFIOCCWDevice *vcdev = DO_UPCAST(VFIOCCWDevice, cdev, cdev);
483 S390CCWDeviceClass *cdc = S390_CCW_DEVICE_GET_CLASS(cdev);
484 Error *err = NULL;
485
486 /* Call the class init function for subchannel. */
487 if (cdc->realize) {
488 cdc->realize(cdev, vcdev->vdev.sysfsdev, &err);
489 if (err) {
490 goto out_err_propagate;
491 }
492 }
493
494 group = vfio_ccw_get_group(cdev, &err);
495 if (!group) {
496 goto out_group_err;
497 }
498
499 vfio_ccw_get_device(group, vcdev, &err);
500 if (err) {
501 goto out_device_err;
502 }
503
504 vfio_ccw_get_region(vcdev, &err);
505 if (err) {
506 goto out_region_err;
507 }
508
509 vfio_ccw_register_io_notifier(vcdev, &err);
510 if (err) {
511 goto out_notifier_err;
512 }
513
514 return;
515
516out_notifier_err:
517 vfio_ccw_put_region(vcdev);
518out_region_err:
519 vfio_ccw_put_device(vcdev);
520out_device_err:
521 vfio_put_group(group);
522out_group_err:
523 if (cdc->unrealize) {
524 cdc->unrealize(cdev, NULL);
525 }
526out_err_propagate:
527 error_propagate(errp, err);
528}
529
530static void vfio_ccw_unrealize(DeviceState *dev, Error **errp)
531{
532 CcwDevice *ccw_dev = DO_UPCAST(CcwDevice, parent_obj, dev);
533 S390CCWDevice *cdev = DO_UPCAST(S390CCWDevice, parent_obj, ccw_dev);
534 VFIOCCWDevice *vcdev = DO_UPCAST(VFIOCCWDevice, cdev, cdev);
535 S390CCWDeviceClass *cdc = S390_CCW_DEVICE_GET_CLASS(cdev);
536 VFIOGroup *group = vcdev->vdev.group;
537
538 vfio_ccw_unregister_io_notifier(vcdev);
539 vfio_ccw_put_region(vcdev);
540 vfio_ccw_put_device(vcdev);
541 vfio_put_group(group);
542
543 if (cdc->unrealize) {
544 cdc->unrealize(cdev, errp);
545 }
546}
547
548static Property vfio_ccw_properties[] = {
549 DEFINE_PROP_STRING("sysfsdev", VFIOCCWDevice, vdev.sysfsdev),
550 DEFINE_PROP_BOOL("force-orb-pfch", VFIOCCWDevice, force_orb_pfch, false),
551 DEFINE_PROP_END_OF_LIST(),
552};
553
554static const VMStateDescription vfio_ccw_vmstate = {
555 .name = "vfio-ccw",
556 .unmigratable = 1,
557};
558
559static void vfio_ccw_class_init(ObjectClass *klass, void *data)
560{
561 DeviceClass *dc = DEVICE_CLASS(klass);
562 S390CCWDeviceClass *cdc = S390_CCW_DEVICE_CLASS(klass);
563
564 dc->props = vfio_ccw_properties;
565 dc->vmsd = &vfio_ccw_vmstate;
566 dc->desc = "VFIO-based subchannel assignment";
567 set_bit(DEVICE_CATEGORY_MISC, dc->categories);
568 dc->realize = vfio_ccw_realize;
569 dc->unrealize = vfio_ccw_unrealize;
570 dc->reset = vfio_ccw_reset;
571
572 cdc->handle_request = vfio_ccw_handle_request;
573 cdc->handle_halt = vfio_ccw_handle_halt;
574 cdc->handle_clear = vfio_ccw_handle_clear;
575}
576
577static const TypeInfo vfio_ccw_info = {
578 .name = TYPE_VFIO_CCW,
579 .parent = TYPE_S390_CCW,
580 .instance_size = sizeof(VFIOCCWDevice),
581 .class_init = vfio_ccw_class_init,
582};
583
584static void register_vfio_ccw_type(void)
585{
586 type_register_static(&vfio_ccw_info);
587}
588
589type_init(register_vfio_ccw_type)
590