1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include "qemu/osdep.h"
17#include "qapi/error.h"
18#include "hw/virtio/vhost.h"
19#include "qemu/atomic.h"
20#include "qemu/range.h"
21#include "qemu/error-report.h"
22#include "qemu/memfd.h"
23#include "standard-headers/linux/vhost_types.h"
24#include "exec/address-spaces.h"
25#include "hw/virtio/virtio-bus.h"
26#include "hw/virtio/virtio-access.h"
27#include "migration/blocker.h"
28#include "migration/qemu-file-types.h"
29#include "sysemu/dma.h"
30#include "trace.h"
31
32
33#define _VHOST_DEBUG 1
34
35#ifdef _VHOST_DEBUG
36#define VHOST_OPS_DEBUG(fmt, ...) \
37 do { error_report(fmt ": %s (%d)", ## __VA_ARGS__, \
38 strerror(errno), errno); } while (0)
39#else
40#define VHOST_OPS_DEBUG(fmt, ...) \
41 do { } while (0)
42#endif
43
44static struct vhost_log *vhost_log;
45static struct vhost_log *vhost_log_shm;
46
47static unsigned int used_memslots;
48static QLIST_HEAD(, vhost_dev) vhost_devices =
49 QLIST_HEAD_INITIALIZER(vhost_devices);
50
51bool vhost_has_free_slot(void)
52{
53 unsigned int slots_limit = ~0U;
54 struct vhost_dev *hdev;
55
56 QLIST_FOREACH(hdev, &vhost_devices, entry) {
57 unsigned int r = hdev->vhost_ops->vhost_backend_memslots_limit(hdev);
58 slots_limit = MIN(slots_limit, r);
59 }
60 return slots_limit > used_memslots;
61}
62
63static void vhost_dev_sync_region(struct vhost_dev *dev,
64 MemoryRegionSection *section,
65 uint64_t mfirst, uint64_t mlast,
66 uint64_t rfirst, uint64_t rlast)
67{
68 vhost_log_chunk_t *log = dev->log->log;
69
70 uint64_t start = MAX(mfirst, rfirst);
71 uint64_t end = MIN(mlast, rlast);
72 vhost_log_chunk_t *from = log + start / VHOST_LOG_CHUNK;
73 vhost_log_chunk_t *to = log + end / VHOST_LOG_CHUNK + 1;
74 uint64_t addr = QEMU_ALIGN_DOWN(start, VHOST_LOG_CHUNK);
75
76 if (end < start) {
77 return;
78 }
79 assert(end / VHOST_LOG_CHUNK < dev->log_size);
80 assert(start / VHOST_LOG_CHUNK < dev->log_size);
81
82 for (;from < to; ++from) {
83 vhost_log_chunk_t log;
84
85
86 if (!*from) {
87 addr += VHOST_LOG_CHUNK;
88 continue;
89 }
90
91
92 log = atomic_xchg(from, 0);
93 while (log) {
94 int bit = ctzl(log);
95 hwaddr page_addr;
96 hwaddr section_offset;
97 hwaddr mr_offset;
98 page_addr = addr + bit * VHOST_LOG_PAGE;
99 section_offset = page_addr - section->offset_within_address_space;
100 mr_offset = section_offset + section->offset_within_region;
101 memory_region_set_dirty(section->mr, mr_offset, VHOST_LOG_PAGE);
102 log &= ~(0x1ull << bit);
103 }
104 addr += VHOST_LOG_CHUNK;
105 }
106}
107
108static int vhost_sync_dirty_bitmap(struct vhost_dev *dev,
109 MemoryRegionSection *section,
110 hwaddr first,
111 hwaddr last)
112{
113 int i;
114 hwaddr start_addr;
115 hwaddr end_addr;
116
117 if (!dev->log_enabled || !dev->started) {
118 return 0;
119 }
120 start_addr = section->offset_within_address_space;
121 end_addr = range_get_last(start_addr, int128_get64(section->size));
122 start_addr = MAX(first, start_addr);
123 end_addr = MIN(last, end_addr);
124
125 for (i = 0; i < dev->mem->nregions; ++i) {
126 struct vhost_memory_region *reg = dev->mem->regions + i;
127 vhost_dev_sync_region(dev, section, start_addr, end_addr,
128 reg->guest_phys_addr,
129 range_get_last(reg->guest_phys_addr,
130 reg->memory_size));
131 }
132 for (i = 0; i < dev->nvqs; ++i) {
133 struct vhost_virtqueue *vq = dev->vqs + i;
134
135 if (!vq->used_phys && !vq->used_size) {
136 continue;
137 }
138
139 vhost_dev_sync_region(dev, section, start_addr, end_addr, vq->used_phys,
140 range_get_last(vq->used_phys, vq->used_size));
141 }
142 return 0;
143}
144
145static void vhost_log_sync(MemoryListener *listener,
146 MemoryRegionSection *section)
147{
148 struct vhost_dev *dev = container_of(listener, struct vhost_dev,
149 memory_listener);
150 vhost_sync_dirty_bitmap(dev, section, 0x0, ~0x0ULL);
151}
152
153static void vhost_log_sync_range(struct vhost_dev *dev,
154 hwaddr first, hwaddr last)
155{
156 int i;
157
158 for (i = 0; i < dev->n_mem_sections; ++i) {
159 MemoryRegionSection *section = &dev->mem_sections[i];
160 vhost_sync_dirty_bitmap(dev, section, first, last);
161 }
162}
163
164static uint64_t vhost_get_log_size(struct vhost_dev *dev)
165{
166 uint64_t log_size = 0;
167 int i;
168 for (i = 0; i < dev->mem->nregions; ++i) {
169 struct vhost_memory_region *reg = dev->mem->regions + i;
170 uint64_t last = range_get_last(reg->guest_phys_addr,
171 reg->memory_size);
172 log_size = MAX(log_size, last / VHOST_LOG_CHUNK + 1);
173 }
174 for (i = 0; i < dev->nvqs; ++i) {
175 struct vhost_virtqueue *vq = dev->vqs + i;
176
177 if (!vq->used_phys && !vq->used_size) {
178 continue;
179 }
180
181 uint64_t last = vq->used_phys + vq->used_size - 1;
182 log_size = MAX(log_size, last / VHOST_LOG_CHUNK + 1);
183 }
184 return log_size;
185}
186
187static struct vhost_log *vhost_log_alloc(uint64_t size, bool share)
188{
189 Error *err = NULL;
190 struct vhost_log *log;
191 uint64_t logsize = size * sizeof(*(log->log));
192 int fd = -1;
193
194 log = g_new0(struct vhost_log, 1);
195 if (share) {
196 log->log = qemu_memfd_alloc("vhost-log", logsize,
197 F_SEAL_GROW | F_SEAL_SHRINK | F_SEAL_SEAL,
198 &fd, &err);
199 if (err) {
200 error_report_err(err);
201 g_free(log);
202 return NULL;
203 }
204 memset(log->log, 0, logsize);
205 } else {
206 log->log = g_malloc0(logsize);
207 }
208
209 log->size = size;
210 log->refcnt = 1;
211 log->fd = fd;
212
213 return log;
214}
215
216static struct vhost_log *vhost_log_get(uint64_t size, bool share)
217{
218 struct vhost_log *log = share ? vhost_log_shm : vhost_log;
219
220 if (!log || log->size != size) {
221 log = vhost_log_alloc(size, share);
222 if (share) {
223 vhost_log_shm = log;
224 } else {
225 vhost_log = log;
226 }
227 } else {
228 ++log->refcnt;
229 }
230
231 return log;
232}
233
234static void vhost_log_put(struct vhost_dev *dev, bool sync)
235{
236 struct vhost_log *log = dev->log;
237
238 if (!log) {
239 return;
240 }
241
242 --log->refcnt;
243 if (log->refcnt == 0) {
244
245 if (dev->log_size && sync) {
246 vhost_log_sync_range(dev, 0, dev->log_size * VHOST_LOG_CHUNK - 1);
247 }
248
249 if (vhost_log == log) {
250 g_free(log->log);
251 vhost_log = NULL;
252 } else if (vhost_log_shm == log) {
253 qemu_memfd_free(log->log, log->size * sizeof(*(log->log)),
254 log->fd);
255 vhost_log_shm = NULL;
256 }
257
258 g_free(log);
259 }
260
261 dev->log = NULL;
262 dev->log_size = 0;
263}
264
265static bool vhost_dev_log_is_shared(struct vhost_dev *dev)
266{
267 return dev->vhost_ops->vhost_requires_shm_log &&
268 dev->vhost_ops->vhost_requires_shm_log(dev);
269}
270
271static inline void vhost_dev_log_resize(struct vhost_dev *dev, uint64_t size)
272{
273 struct vhost_log *log = vhost_log_get(size, vhost_dev_log_is_shared(dev));
274 uint64_t log_base = (uintptr_t)log->log;
275 int r;
276
277
278
279 r = dev->vhost_ops->vhost_set_log_base(dev, log_base, log);
280 if (r < 0) {
281 VHOST_OPS_DEBUG("vhost_set_log_base failed");
282 }
283
284 vhost_log_put(dev, true);
285 dev->log = log;
286 dev->log_size = size;
287}
288
289static int vhost_dev_has_iommu(struct vhost_dev *dev)
290{
291 VirtIODevice *vdev = dev->vdev;
292
293 return virtio_host_has_feature(vdev, VIRTIO_F_IOMMU_PLATFORM);
294}
295
296static void *vhost_memory_map(struct vhost_dev *dev, hwaddr addr,
297 hwaddr *plen, int is_write)
298{
299 if (!vhost_dev_has_iommu(dev)) {
300 return cpu_physical_memory_map(addr, plen, is_write);
301 } else {
302 return (void *)(uintptr_t)addr;
303 }
304}
305
306static void vhost_memory_unmap(struct vhost_dev *dev, void *buffer,
307 hwaddr len, int is_write,
308 hwaddr access_len)
309{
310 if (!vhost_dev_has_iommu(dev)) {
311 cpu_physical_memory_unmap(buffer, len, is_write, access_len);
312 }
313}
314
315static int vhost_verify_ring_part_mapping(void *ring_hva,
316 uint64_t ring_gpa,
317 uint64_t ring_size,
318 void *reg_hva,
319 uint64_t reg_gpa,
320 uint64_t reg_size)
321{
322 uint64_t hva_ring_offset;
323 uint64_t ring_last = range_get_last(ring_gpa, ring_size);
324 uint64_t reg_last = range_get_last(reg_gpa, reg_size);
325
326 if (ring_last < reg_gpa || ring_gpa > reg_last) {
327 return 0;
328 }
329
330 if (ring_last > reg_last) {
331 return -ENOMEM;
332 }
333
334 hva_ring_offset = ring_gpa - reg_gpa;
335 if (ring_hva != reg_hva + hva_ring_offset) {
336 return -EBUSY;
337 }
338
339 return 0;
340}
341
342static int vhost_verify_ring_mappings(struct vhost_dev *dev,
343 void *reg_hva,
344 uint64_t reg_gpa,
345 uint64_t reg_size)
346{
347 int i, j;
348 int r = 0;
349 const char *part_name[] = {
350 "descriptor table",
351 "available ring",
352 "used ring"
353 };
354
355 if (vhost_dev_has_iommu(dev)) {
356 return 0;
357 }
358
359 for (i = 0; i < dev->nvqs; ++i) {
360 struct vhost_virtqueue *vq = dev->vqs + i;
361
362 if (vq->desc_phys == 0) {
363 continue;
364 }
365
366 j = 0;
367 r = vhost_verify_ring_part_mapping(
368 vq->desc, vq->desc_phys, vq->desc_size,
369 reg_hva, reg_gpa, reg_size);
370 if (r) {
371 break;
372 }
373
374 j++;
375 r = vhost_verify_ring_part_mapping(
376 vq->avail, vq->avail_phys, vq->avail_size,
377 reg_hva, reg_gpa, reg_size);
378 if (r) {
379 break;
380 }
381
382 j++;
383 r = vhost_verify_ring_part_mapping(
384 vq->used, vq->used_phys, vq->used_size,
385 reg_hva, reg_gpa, reg_size);
386 if (r) {
387 break;
388 }
389 }
390
391 if (r == -ENOMEM) {
392 error_report("Unable to map %s for ring %d", part_name[j], i);
393 } else if (r == -EBUSY) {
394 error_report("%s relocated for ring %d", part_name[j], i);
395 }
396 return r;
397}
398
399static bool vhost_section(struct vhost_dev *dev, MemoryRegionSection *section)
400{
401 bool result;
402 bool log_dirty = memory_region_get_dirty_log_mask(section->mr) &
403 ~(1 << DIRTY_MEMORY_MIGRATION);
404 result = memory_region_is_ram(section->mr) &&
405 !memory_region_is_rom(section->mr);
406
407
408
409
410 result &= !log_dirty;
411
412 if (result && dev->vhost_ops->vhost_backend_mem_section_filter) {
413 result &=
414 dev->vhost_ops->vhost_backend_mem_section_filter(dev, section);
415 }
416
417 trace_vhost_section(section->mr->name, result);
418 return result;
419}
420
421static void vhost_begin(MemoryListener *listener)
422{
423 struct vhost_dev *dev = container_of(listener, struct vhost_dev,
424 memory_listener);
425 dev->tmp_sections = NULL;
426 dev->n_tmp_sections = 0;
427}
428
429static void vhost_commit(MemoryListener *listener)
430{
431 struct vhost_dev *dev = container_of(listener, struct vhost_dev,
432 memory_listener);
433 MemoryRegionSection *old_sections;
434 int n_old_sections;
435 uint64_t log_size;
436 size_t regions_size;
437 int r;
438 int i;
439 bool changed = false;
440
441
442
443
444
445 old_sections = dev->mem_sections;
446 n_old_sections = dev->n_mem_sections;
447 dev->mem_sections = dev->tmp_sections;
448 dev->n_mem_sections = dev->n_tmp_sections;
449
450 if (dev->n_mem_sections != n_old_sections) {
451 changed = true;
452 } else {
453
454 for (int i = 0; i < n_old_sections; i++) {
455 if (!MemoryRegionSection_eq(&old_sections[i],
456 &dev->mem_sections[i])) {
457 changed = true;
458 break;
459 }
460 }
461 }
462
463 trace_vhost_commit(dev->started, changed);
464 if (!changed) {
465 goto out;
466 }
467
468
469 regions_size = offsetof(struct vhost_memory, regions) +
470 dev->n_mem_sections * sizeof dev->mem->regions[0];
471 dev->mem = g_realloc(dev->mem, regions_size);
472 dev->mem->nregions = dev->n_mem_sections;
473 used_memslots = dev->mem->nregions;
474 for (i = 0; i < dev->n_mem_sections; i++) {
475 struct vhost_memory_region *cur_vmr = dev->mem->regions + i;
476 struct MemoryRegionSection *mrs = dev->mem_sections + i;
477
478 cur_vmr->guest_phys_addr = mrs->offset_within_address_space;
479 cur_vmr->memory_size = int128_get64(mrs->size);
480 cur_vmr->userspace_addr =
481 (uintptr_t)memory_region_get_ram_ptr(mrs->mr) +
482 mrs->offset_within_region;
483 cur_vmr->flags_padding = 0;
484 }
485
486 if (!dev->started) {
487 goto out;
488 }
489
490 for (i = 0; i < dev->mem->nregions; i++) {
491 if (vhost_verify_ring_mappings(dev,
492 (void *)(uintptr_t)dev->mem->regions[i].userspace_addr,
493 dev->mem->regions[i].guest_phys_addr,
494 dev->mem->regions[i].memory_size)) {
495 error_report("Verify ring failure on region %d", i);
496 abort();
497 }
498 }
499
500 if (!dev->log_enabled) {
501 r = dev->vhost_ops->vhost_set_mem_table(dev, dev->mem);
502 if (r < 0) {
503 VHOST_OPS_DEBUG("vhost_set_mem_table failed");
504 }
505 goto out;
506 }
507 log_size = vhost_get_log_size(dev);
508
509
510#define VHOST_LOG_BUFFER (0x1000 / sizeof *dev->log)
511
512 if (dev->log_size < log_size) {
513 vhost_dev_log_resize(dev, log_size + VHOST_LOG_BUFFER);
514 }
515 r = dev->vhost_ops->vhost_set_mem_table(dev, dev->mem);
516 if (r < 0) {
517 VHOST_OPS_DEBUG("vhost_set_mem_table failed");
518 }
519
520 if (dev->log_size > log_size + VHOST_LOG_BUFFER) {
521 vhost_dev_log_resize(dev, log_size);
522 }
523
524out:
525
526
527
528
529 while (n_old_sections--) {
530 memory_region_unref(old_sections[n_old_sections].mr);
531 }
532 g_free(old_sections);
533 return;
534}
535
536
537
538
539
540
541static void vhost_region_add_section(struct vhost_dev *dev,
542 MemoryRegionSection *section)
543{
544 bool need_add = true;
545 uint64_t mrs_size = int128_get64(section->size);
546 uint64_t mrs_gpa = section->offset_within_address_space;
547 uintptr_t mrs_host = (uintptr_t)memory_region_get_ram_ptr(section->mr) +
548 section->offset_within_region;
549 RAMBlock *mrs_rb = section->mr->ram_block;
550 size_t mrs_page = qemu_ram_pagesize(mrs_rb);
551
552 trace_vhost_region_add_section(section->mr->name, mrs_gpa, mrs_size,
553 mrs_host);
554
555
556
557 uint64_t alignage = mrs_host & (mrs_page - 1);
558 if (alignage) {
559 mrs_host -= alignage;
560 mrs_size += alignage;
561 mrs_gpa -= alignage;
562 }
563
564 alignage = mrs_size & (mrs_page - 1);
565 if (alignage) {
566 mrs_size += mrs_page - alignage;
567 }
568 trace_vhost_region_add_section_aligned(section->mr->name, mrs_gpa, mrs_size,
569 mrs_host);
570
571 if (dev->n_tmp_sections) {
572
573
574
575
576
577 MemoryRegionSection *prev_sec = dev->tmp_sections +
578 (dev->n_tmp_sections - 1);
579 uint64_t prev_gpa_start = prev_sec->offset_within_address_space;
580 uint64_t prev_size = int128_get64(prev_sec->size);
581 uint64_t prev_gpa_end = range_get_last(prev_gpa_start, prev_size);
582 uint64_t prev_host_start =
583 (uintptr_t)memory_region_get_ram_ptr(prev_sec->mr) +
584 prev_sec->offset_within_region;
585 uint64_t prev_host_end = range_get_last(prev_host_start, prev_size);
586
587 if (mrs_gpa <= (prev_gpa_end + 1)) {
588
589
590
591
592 if (mrs_gpa < prev_gpa_start) {
593 error_report("%s:Section rounded to %"PRIx64
594 " prior to previous %"PRIx64,
595 __func__, mrs_gpa, prev_gpa_start);
596
597 return;
598 }
599
600 size_t offset = mrs_gpa - prev_gpa_start;
601
602 if (prev_host_start + offset == mrs_host &&
603 section->mr == prev_sec->mr &&
604 (!dev->vhost_ops->vhost_backend_can_merge ||
605 dev->vhost_ops->vhost_backend_can_merge(dev,
606 mrs_host, mrs_size,
607 prev_host_start, prev_size))) {
608 uint64_t max_end = MAX(prev_host_end, mrs_host + mrs_size);
609 need_add = false;
610 prev_sec->offset_within_address_space =
611 MIN(prev_gpa_start, mrs_gpa);
612 prev_sec->offset_within_region =
613 MIN(prev_host_start, mrs_host) -
614 (uintptr_t)memory_region_get_ram_ptr(prev_sec->mr);
615 prev_sec->size = int128_make64(max_end - MIN(prev_host_start,
616 mrs_host));
617 trace_vhost_region_add_section_merge(section->mr->name,
618 int128_get64(prev_sec->size),
619 prev_sec->offset_within_address_space,
620 prev_sec->offset_within_region);
621 } else {
622
623
624
625 if (mrs_gpa != prev_gpa_end + 1) {
626 error_report("%s: Overlapping but not coherent sections "
627 "at %"PRIx64,
628 __func__, mrs_gpa);
629 return;
630 }
631 }
632 }
633 }
634
635 if (need_add) {
636 ++dev->n_tmp_sections;
637 dev->tmp_sections = g_renew(MemoryRegionSection, dev->tmp_sections,
638 dev->n_tmp_sections);
639 dev->tmp_sections[dev->n_tmp_sections - 1] = *section;
640
641
642
643 dev->tmp_sections[dev->n_tmp_sections - 1].fv = NULL;
644 memory_region_ref(section->mr);
645 }
646}
647
648
649static void vhost_region_addnop(MemoryListener *listener,
650 MemoryRegionSection *section)
651{
652 struct vhost_dev *dev = container_of(listener, struct vhost_dev,
653 memory_listener);
654
655 if (!vhost_section(dev, section)) {
656 return;
657 }
658 vhost_region_add_section(dev, section);
659}
660
661static void vhost_iommu_unmap_notify(IOMMUNotifier *n, IOMMUTLBEntry *iotlb)
662{
663 struct vhost_iommu *iommu = container_of(n, struct vhost_iommu, n);
664 struct vhost_dev *hdev = iommu->hdev;
665 hwaddr iova = iotlb->iova + iommu->iommu_offset;
666
667 if (vhost_backend_invalidate_device_iotlb(hdev, iova,
668 iotlb->addr_mask + 1)) {
669 error_report("Fail to invalidate device iotlb");
670 }
671}
672
673static void vhost_iommu_region_add(MemoryListener *listener,
674 MemoryRegionSection *section)
675{
676 struct vhost_dev *dev = container_of(listener, struct vhost_dev,
677 iommu_listener);
678 struct vhost_iommu *iommu;
679 Int128 end;
680 int iommu_idx, ret;
681 IOMMUMemoryRegion *iommu_mr;
682 Error *err = NULL;
683
684 if (!memory_region_is_iommu(section->mr)) {
685 return;
686 }
687
688 iommu_mr = IOMMU_MEMORY_REGION(section->mr);
689
690 iommu = g_malloc0(sizeof(*iommu));
691 end = int128_add(int128_make64(section->offset_within_region),
692 section->size);
693 end = int128_sub(end, int128_one());
694 iommu_idx = memory_region_iommu_attrs_to_index(iommu_mr,
695 MEMTXATTRS_UNSPECIFIED);
696 iommu_notifier_init(&iommu->n, vhost_iommu_unmap_notify,
697 IOMMU_NOTIFIER_UNMAP,
698 section->offset_within_region,
699 int128_get64(end),
700 iommu_idx);
701 iommu->mr = section->mr;
702 iommu->iommu_offset = section->offset_within_address_space -
703 section->offset_within_region;
704 iommu->hdev = dev;
705 ret = memory_region_register_iommu_notifier(section->mr, &iommu->n, &err);
706 if (ret) {
707 error_report_err(err);
708 exit(1);
709 }
710 QLIST_INSERT_HEAD(&dev->iommu_list, iommu, iommu_next);
711
712}
713
714static void vhost_iommu_region_del(MemoryListener *listener,
715 MemoryRegionSection *section)
716{
717 struct vhost_dev *dev = container_of(listener, struct vhost_dev,
718 iommu_listener);
719 struct vhost_iommu *iommu;
720
721 if (!memory_region_is_iommu(section->mr)) {
722 return;
723 }
724
725 QLIST_FOREACH(iommu, &dev->iommu_list, iommu_next) {
726 if (iommu->mr == section->mr &&
727 iommu->n.start == section->offset_within_region) {
728 memory_region_unregister_iommu_notifier(iommu->mr,
729 &iommu->n);
730 QLIST_REMOVE(iommu, iommu_next);
731 g_free(iommu);
732 break;
733 }
734 }
735}
736
737static int vhost_virtqueue_set_addr(struct vhost_dev *dev,
738 struct vhost_virtqueue *vq,
739 unsigned idx, bool enable_log)
740{
741 struct vhost_vring_addr addr = {
742 .index = idx,
743 .desc_user_addr = (uint64_t)(unsigned long)vq->desc,
744 .avail_user_addr = (uint64_t)(unsigned long)vq->avail,
745 .used_user_addr = (uint64_t)(unsigned long)vq->used,
746 .log_guest_addr = vq->used_phys,
747 .flags = enable_log ? (1 << VHOST_VRING_F_LOG) : 0,
748 };
749 int r = dev->vhost_ops->vhost_set_vring_addr(dev, &addr);
750 if (r < 0) {
751 VHOST_OPS_DEBUG("vhost_set_vring_addr failed");
752 return -errno;
753 }
754 return 0;
755}
756
757static int vhost_dev_set_features(struct vhost_dev *dev,
758 bool enable_log)
759{
760 uint64_t features = dev->acked_features;
761 int r;
762 if (enable_log) {
763 features |= 0x1ULL << VHOST_F_LOG_ALL;
764 }
765 r = dev->vhost_ops->vhost_set_features(dev, features);
766 if (r < 0) {
767 VHOST_OPS_DEBUG("vhost_set_features failed");
768 }
769 return r < 0 ? -errno : 0;
770}
771
772static int vhost_dev_set_log(struct vhost_dev *dev, bool enable_log)
773{
774 int r, i, idx;
775 r = vhost_dev_set_features(dev, enable_log);
776 if (r < 0) {
777 goto err_features;
778 }
779 for (i = 0; i < dev->nvqs; ++i) {
780 idx = dev->vhost_ops->vhost_get_vq_index(dev, dev->vq_index + i);
781 r = vhost_virtqueue_set_addr(dev, dev->vqs + i, idx,
782 enable_log);
783 if (r < 0) {
784 goto err_vq;
785 }
786 }
787 return 0;
788err_vq:
789 for (; i >= 0; --i) {
790 idx = dev->vhost_ops->vhost_get_vq_index(dev, dev->vq_index + i);
791 vhost_virtqueue_set_addr(dev, dev->vqs + i, idx,
792 dev->log_enabled);
793 }
794 vhost_dev_set_features(dev, dev->log_enabled);
795err_features:
796 return r;
797}
798
799static int vhost_migration_log(MemoryListener *listener, int enable)
800{
801 struct vhost_dev *dev = container_of(listener, struct vhost_dev,
802 memory_listener);
803 int r;
804 if (!!enable == dev->log_enabled) {
805 return 0;
806 }
807 if (!dev->started) {
808 dev->log_enabled = enable;
809 return 0;
810 }
811 if (!enable) {
812 r = vhost_dev_set_log(dev, false);
813 if (r < 0) {
814 return r;
815 }
816 vhost_log_put(dev, false);
817 } else {
818 vhost_dev_log_resize(dev, vhost_get_log_size(dev));
819 r = vhost_dev_set_log(dev, true);
820 if (r < 0) {
821 return r;
822 }
823 }
824 dev->log_enabled = enable;
825 return 0;
826}
827
828static void vhost_log_global_start(MemoryListener *listener)
829{
830 int r;
831
832 r = vhost_migration_log(listener, true);
833 if (r < 0) {
834 abort();
835 }
836}
837
838static void vhost_log_global_stop(MemoryListener *listener)
839{
840 int r;
841
842 r = vhost_migration_log(listener, false);
843 if (r < 0) {
844 abort();
845 }
846}
847
848static void vhost_log_start(MemoryListener *listener,
849 MemoryRegionSection *section,
850 int old, int new)
851{
852
853}
854
855static void vhost_log_stop(MemoryListener *listener,
856 MemoryRegionSection *section,
857 int old, int new)
858{
859
860}
861
862
863
864
865
866
867static inline bool vhost_needs_vring_endian(VirtIODevice *vdev)
868{
869 if (virtio_vdev_has_feature(vdev, VIRTIO_F_VERSION_1)) {
870 return false;
871 }
872#ifdef HOST_WORDS_BIGENDIAN
873 return vdev->device_endian == VIRTIO_DEVICE_ENDIAN_LITTLE;
874#else
875 return vdev->device_endian == VIRTIO_DEVICE_ENDIAN_BIG;
876#endif
877}
878
879static int vhost_virtqueue_set_vring_endian_legacy(struct vhost_dev *dev,
880 bool is_big_endian,
881 int vhost_vq_index)
882{
883 struct vhost_vring_state s = {
884 .index = vhost_vq_index,
885 .num = is_big_endian
886 };
887
888 if (!dev->vhost_ops->vhost_set_vring_endian(dev, &s)) {
889 return 0;
890 }
891
892 VHOST_OPS_DEBUG("vhost_set_vring_endian failed");
893 if (errno == ENOTTY) {
894 error_report("vhost does not support cross-endian");
895 return -ENOSYS;
896 }
897
898 return -errno;
899}
900
901static int vhost_memory_region_lookup(struct vhost_dev *hdev,
902 uint64_t gpa, uint64_t *uaddr,
903 uint64_t *len)
904{
905 int i;
906
907 for (i = 0; i < hdev->mem->nregions; i++) {
908 struct vhost_memory_region *reg = hdev->mem->regions + i;
909
910 if (gpa >= reg->guest_phys_addr &&
911 reg->guest_phys_addr + reg->memory_size > gpa) {
912 *uaddr = reg->userspace_addr + gpa - reg->guest_phys_addr;
913 *len = reg->guest_phys_addr + reg->memory_size - gpa;
914 return 0;
915 }
916 }
917
918 return -EFAULT;
919}
920
921int vhost_device_iotlb_miss(struct vhost_dev *dev, uint64_t iova, int write)
922{
923 IOMMUTLBEntry iotlb;
924 uint64_t uaddr, len;
925 int ret = -EFAULT;
926
927 RCU_READ_LOCK_GUARD();
928
929 trace_vhost_iotlb_miss(dev, 1);
930
931 iotlb = address_space_get_iotlb_entry(dev->vdev->dma_as,
932 iova, write,
933 MEMTXATTRS_UNSPECIFIED);
934 if (iotlb.target_as != NULL) {
935 ret = vhost_memory_region_lookup(dev, iotlb.translated_addr,
936 &uaddr, &len);
937 if (ret) {
938 trace_vhost_iotlb_miss(dev, 3);
939 error_report("Fail to lookup the translated address "
940 "%"PRIx64, iotlb.translated_addr);
941 goto out;
942 }
943
944 len = MIN(iotlb.addr_mask + 1, len);
945 iova = iova & ~iotlb.addr_mask;
946
947 ret = vhost_backend_update_device_iotlb(dev, iova, uaddr,
948 len, iotlb.perm);
949 if (ret) {
950 trace_vhost_iotlb_miss(dev, 4);
951 error_report("Fail to update device iotlb");
952 goto out;
953 }
954 }
955
956 trace_vhost_iotlb_miss(dev, 2);
957
958out:
959 return ret;
960}
961
962static int vhost_virtqueue_start(struct vhost_dev *dev,
963 struct VirtIODevice *vdev,
964 struct vhost_virtqueue *vq,
965 unsigned idx)
966{
967 BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(vdev)));
968 VirtioBusState *vbus = VIRTIO_BUS(qbus);
969 VirtioBusClass *k = VIRTIO_BUS_GET_CLASS(vbus);
970 hwaddr s, l, a;
971 int r;
972 int vhost_vq_index = dev->vhost_ops->vhost_get_vq_index(dev, idx);
973 struct vhost_vring_file file = {
974 .index = vhost_vq_index
975 };
976 struct vhost_vring_state state = {
977 .index = vhost_vq_index
978 };
979 struct VirtQueue *vvq = virtio_get_queue(vdev, idx);
980
981 a = virtio_queue_get_desc_addr(vdev, idx);
982 if (a == 0) {
983
984 return 0;
985 }
986
987 vq->num = state.num = virtio_queue_get_num(vdev, idx);
988 r = dev->vhost_ops->vhost_set_vring_num(dev, &state);
989 if (r) {
990 VHOST_OPS_DEBUG("vhost_set_vring_num failed");
991 return -errno;
992 }
993
994 state.num = virtio_queue_get_last_avail_idx(vdev, idx);
995 r = dev->vhost_ops->vhost_set_vring_base(dev, &state);
996 if (r) {
997 VHOST_OPS_DEBUG("vhost_set_vring_base failed");
998 return -errno;
999 }
1000
1001 if (vhost_needs_vring_endian(vdev)) {
1002 r = vhost_virtqueue_set_vring_endian_legacy(dev,
1003 virtio_is_big_endian(vdev),
1004 vhost_vq_index);
1005 if (r) {
1006 return -errno;
1007 }
1008 }
1009
1010 vq->desc_size = s = l = virtio_queue_get_desc_size(vdev, idx);
1011 vq->desc_phys = a;
1012 vq->desc = vhost_memory_map(dev, a, &l, 0);
1013 if (!vq->desc || l != s) {
1014 r = -ENOMEM;
1015 goto fail_alloc_desc;
1016 }
1017 vq->avail_size = s = l = virtio_queue_get_avail_size(vdev, idx);
1018 vq->avail_phys = a = virtio_queue_get_avail_addr(vdev, idx);
1019 vq->avail = vhost_memory_map(dev, a, &l, 0);
1020 if (!vq->avail || l != s) {
1021 r = -ENOMEM;
1022 goto fail_alloc_avail;
1023 }
1024 vq->used_size = s = l = virtio_queue_get_used_size(vdev, idx);
1025 vq->used_phys = a = virtio_queue_get_used_addr(vdev, idx);
1026 vq->used = vhost_memory_map(dev, a, &l, 1);
1027 if (!vq->used || l != s) {
1028 r = -ENOMEM;
1029 goto fail_alloc_used;
1030 }
1031
1032 r = vhost_virtqueue_set_addr(dev, vq, vhost_vq_index, dev->log_enabled);
1033 if (r < 0) {
1034 r = -errno;
1035 goto fail_alloc;
1036 }
1037
1038 file.fd = event_notifier_get_fd(virtio_queue_get_host_notifier(vvq));
1039 r = dev->vhost_ops->vhost_set_vring_kick(dev, &file);
1040 if (r) {
1041 VHOST_OPS_DEBUG("vhost_set_vring_kick failed");
1042 r = -errno;
1043 goto fail_kick;
1044 }
1045
1046
1047 event_notifier_test_and_clear(&vq->masked_notifier);
1048
1049
1050
1051
1052 if (!vdev->use_guest_notifier_mask) {
1053
1054 vhost_virtqueue_mask(dev, vdev, idx, false);
1055 }
1056
1057 if (k->query_guest_notifiers &&
1058 k->query_guest_notifiers(qbus->parent) &&
1059 virtio_queue_vector(vdev, idx) == VIRTIO_NO_VECTOR) {
1060 file.fd = -1;
1061 r = dev->vhost_ops->vhost_set_vring_call(dev, &file);
1062 if (r) {
1063 goto fail_vector;
1064 }
1065 }
1066
1067 return 0;
1068
1069fail_vector:
1070fail_kick:
1071fail_alloc:
1072 vhost_memory_unmap(dev, vq->used, virtio_queue_get_used_size(vdev, idx),
1073 0, 0);
1074fail_alloc_used:
1075 vhost_memory_unmap(dev, vq->avail, virtio_queue_get_avail_size(vdev, idx),
1076 0, 0);
1077fail_alloc_avail:
1078 vhost_memory_unmap(dev, vq->desc, virtio_queue_get_desc_size(vdev, idx),
1079 0, 0);
1080fail_alloc_desc:
1081 return r;
1082}
1083
1084static void vhost_virtqueue_stop(struct vhost_dev *dev,
1085 struct VirtIODevice *vdev,
1086 struct vhost_virtqueue *vq,
1087 unsigned idx)
1088{
1089 int vhost_vq_index = dev->vhost_ops->vhost_get_vq_index(dev, idx);
1090 struct vhost_vring_state state = {
1091 .index = vhost_vq_index,
1092 };
1093 int r;
1094
1095 if (virtio_queue_get_desc_addr(vdev, idx) == 0) {
1096
1097 return;
1098 }
1099
1100 r = dev->vhost_ops->vhost_get_vring_base(dev, &state);
1101 if (r < 0) {
1102 VHOST_OPS_DEBUG("vhost VQ %u ring restore failed: %d", idx, r);
1103
1104
1105
1106 virtio_queue_restore_last_avail_idx(vdev, idx);
1107 } else {
1108 virtio_queue_set_last_avail_idx(vdev, idx, state.num);
1109 }
1110 virtio_queue_invalidate_signalled_used(vdev, idx);
1111 virtio_queue_update_used_idx(vdev, idx);
1112
1113
1114
1115
1116 if (vhost_needs_vring_endian(vdev)) {
1117 vhost_virtqueue_set_vring_endian_legacy(dev,
1118 !virtio_is_big_endian(vdev),
1119 vhost_vq_index);
1120 }
1121
1122 vhost_memory_unmap(dev, vq->used, virtio_queue_get_used_size(vdev, idx),
1123 1, virtio_queue_get_used_size(vdev, idx));
1124 vhost_memory_unmap(dev, vq->avail, virtio_queue_get_avail_size(vdev, idx),
1125 0, virtio_queue_get_avail_size(vdev, idx));
1126 vhost_memory_unmap(dev, vq->desc, virtio_queue_get_desc_size(vdev, idx),
1127 0, virtio_queue_get_desc_size(vdev, idx));
1128}
1129
1130static void vhost_eventfd_add(MemoryListener *listener,
1131 MemoryRegionSection *section,
1132 bool match_data, uint64_t data, EventNotifier *e)
1133{
1134}
1135
1136static void vhost_eventfd_del(MemoryListener *listener,
1137 MemoryRegionSection *section,
1138 bool match_data, uint64_t data, EventNotifier *e)
1139{
1140}
1141
1142static int vhost_virtqueue_set_busyloop_timeout(struct vhost_dev *dev,
1143 int n, uint32_t timeout)
1144{
1145 int vhost_vq_index = dev->vhost_ops->vhost_get_vq_index(dev, n);
1146 struct vhost_vring_state state = {
1147 .index = vhost_vq_index,
1148 .num = timeout,
1149 };
1150 int r;
1151
1152 if (!dev->vhost_ops->vhost_set_vring_busyloop_timeout) {
1153 return -EINVAL;
1154 }
1155
1156 r = dev->vhost_ops->vhost_set_vring_busyloop_timeout(dev, &state);
1157 if (r) {
1158 VHOST_OPS_DEBUG("vhost_set_vring_busyloop_timeout failed");
1159 return r;
1160 }
1161
1162 return 0;
1163}
1164
1165static int vhost_virtqueue_init(struct vhost_dev *dev,
1166 struct vhost_virtqueue *vq, int n)
1167{
1168 int vhost_vq_index = dev->vhost_ops->vhost_get_vq_index(dev, n);
1169 struct vhost_vring_file file = {
1170 .index = vhost_vq_index,
1171 };
1172 int r = event_notifier_init(&vq->masked_notifier, 0);
1173 if (r < 0) {
1174 return r;
1175 }
1176
1177 file.fd = event_notifier_get_fd(&vq->masked_notifier);
1178 r = dev->vhost_ops->vhost_set_vring_call(dev, &file);
1179 if (r) {
1180 VHOST_OPS_DEBUG("vhost_set_vring_call failed");
1181 r = -errno;
1182 goto fail_call;
1183 }
1184
1185 vq->dev = dev;
1186
1187 return 0;
1188fail_call:
1189 event_notifier_cleanup(&vq->masked_notifier);
1190 return r;
1191}
1192
1193static void vhost_virtqueue_cleanup(struct vhost_virtqueue *vq)
1194{
1195 event_notifier_cleanup(&vq->masked_notifier);
1196}
1197
1198int vhost_dev_init(struct vhost_dev *hdev, void *opaque,
1199 VhostBackendType backend_type, uint32_t busyloop_timeout)
1200{
1201 uint64_t features;
1202 int i, r, n_initialized_vqs = 0;
1203 Error *local_err = NULL;
1204
1205 hdev->vdev = NULL;
1206 hdev->migration_blocker = NULL;
1207
1208 r = vhost_set_backend_type(hdev, backend_type);
1209 assert(r >= 0);
1210
1211 r = hdev->vhost_ops->vhost_backend_init(hdev, opaque);
1212 if (r < 0) {
1213 goto fail;
1214 }
1215
1216 r = hdev->vhost_ops->vhost_set_owner(hdev);
1217 if (r < 0) {
1218 VHOST_OPS_DEBUG("vhost_set_owner failed");
1219 goto fail;
1220 }
1221
1222 r = hdev->vhost_ops->vhost_get_features(hdev, &features);
1223 if (r < 0) {
1224 VHOST_OPS_DEBUG("vhost_get_features failed");
1225 goto fail;
1226 }
1227
1228 for (i = 0; i < hdev->nvqs; ++i, ++n_initialized_vqs) {
1229 r = vhost_virtqueue_init(hdev, hdev->vqs + i, hdev->vq_index + i);
1230 if (r < 0) {
1231 goto fail;
1232 }
1233 }
1234
1235 if (busyloop_timeout) {
1236 for (i = 0; i < hdev->nvqs; ++i) {
1237 r = vhost_virtqueue_set_busyloop_timeout(hdev, hdev->vq_index + i,
1238 busyloop_timeout);
1239 if (r < 0) {
1240 goto fail_busyloop;
1241 }
1242 }
1243 }
1244
1245 hdev->features = features;
1246
1247 hdev->memory_listener = (MemoryListener) {
1248 .begin = vhost_begin,
1249 .commit = vhost_commit,
1250 .region_add = vhost_region_addnop,
1251 .region_nop = vhost_region_addnop,
1252 .log_start = vhost_log_start,
1253 .log_stop = vhost_log_stop,
1254 .log_sync = vhost_log_sync,
1255 .log_global_start = vhost_log_global_start,
1256 .log_global_stop = vhost_log_global_stop,
1257 .eventfd_add = vhost_eventfd_add,
1258 .eventfd_del = vhost_eventfd_del,
1259 .priority = 10
1260 };
1261
1262 hdev->iommu_listener = (MemoryListener) {
1263 .region_add = vhost_iommu_region_add,
1264 .region_del = vhost_iommu_region_del,
1265 };
1266
1267 if (hdev->migration_blocker == NULL) {
1268 if (!(hdev->features & (0x1ULL << VHOST_F_LOG_ALL))) {
1269 error_setg(&hdev->migration_blocker,
1270 "Migration disabled: vhost lacks VHOST_F_LOG_ALL feature.");
1271 } else if (vhost_dev_log_is_shared(hdev) && !qemu_memfd_alloc_check()) {
1272 error_setg(&hdev->migration_blocker,
1273 "Migration disabled: failed to allocate shared memory");
1274 }
1275 }
1276
1277 if (hdev->migration_blocker != NULL) {
1278 r = migrate_add_blocker(hdev->migration_blocker, &local_err);
1279 if (local_err) {
1280 error_report_err(local_err);
1281 error_free(hdev->migration_blocker);
1282 goto fail_busyloop;
1283 }
1284 }
1285
1286 hdev->mem = g_malloc0(offsetof(struct vhost_memory, regions));
1287 hdev->n_mem_sections = 0;
1288 hdev->mem_sections = NULL;
1289 hdev->log = NULL;
1290 hdev->log_size = 0;
1291 hdev->log_enabled = false;
1292 hdev->started = false;
1293 memory_listener_register(&hdev->memory_listener, &address_space_memory);
1294 QLIST_INSERT_HEAD(&vhost_devices, hdev, entry);
1295
1296 if (used_memslots > hdev->vhost_ops->vhost_backend_memslots_limit(hdev)) {
1297 error_report("vhost backend memory slots limit is less"
1298 " than current number of present memory slots");
1299 r = -1;
1300 if (busyloop_timeout) {
1301 goto fail_busyloop;
1302 } else {
1303 goto fail;
1304 }
1305 }
1306
1307 return 0;
1308
1309fail_busyloop:
1310 while (--i >= 0) {
1311 vhost_virtqueue_set_busyloop_timeout(hdev, hdev->vq_index + i, 0);
1312 }
1313fail:
1314 hdev->nvqs = n_initialized_vqs;
1315 vhost_dev_cleanup(hdev);
1316 return r;
1317}
1318
1319void vhost_dev_cleanup(struct vhost_dev *hdev)
1320{
1321 int i;
1322
1323 for (i = 0; i < hdev->nvqs; ++i) {
1324 vhost_virtqueue_cleanup(hdev->vqs + i);
1325 }
1326 if (hdev->mem) {
1327
1328 memory_listener_unregister(&hdev->memory_listener);
1329 QLIST_REMOVE(hdev, entry);
1330 }
1331 if (hdev->migration_blocker) {
1332 migrate_del_blocker(hdev->migration_blocker);
1333 error_free(hdev->migration_blocker);
1334 }
1335 g_free(hdev->mem);
1336 g_free(hdev->mem_sections);
1337 if (hdev->vhost_ops) {
1338 hdev->vhost_ops->vhost_backend_cleanup(hdev);
1339 }
1340 assert(!hdev->log);
1341
1342 memset(hdev, 0, sizeof(struct vhost_dev));
1343}
1344
1345
1346
1347
1348int vhost_dev_enable_notifiers(struct vhost_dev *hdev, VirtIODevice *vdev)
1349{
1350 BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(vdev)));
1351 int i, r, e;
1352
1353
1354
1355
1356 r = virtio_device_grab_ioeventfd(vdev);
1357 if (r < 0) {
1358 error_report("binding does not support host notifiers");
1359 goto fail;
1360 }
1361
1362 for (i = 0; i < hdev->nvqs; ++i) {
1363 r = virtio_bus_set_host_notifier(VIRTIO_BUS(qbus), hdev->vq_index + i,
1364 true);
1365 if (r < 0) {
1366 error_report("vhost VQ %d notifier binding failed: %d", i, -r);
1367 goto fail_vq;
1368 }
1369 }
1370
1371 return 0;
1372fail_vq:
1373 while (--i >= 0) {
1374 e = virtio_bus_set_host_notifier(VIRTIO_BUS(qbus), hdev->vq_index + i,
1375 false);
1376 if (e < 0) {
1377 error_report("vhost VQ %d notifier cleanup error: %d", i, -r);
1378 }
1379 assert (e >= 0);
1380 virtio_bus_cleanup_host_notifier(VIRTIO_BUS(qbus), hdev->vq_index + i);
1381 }
1382 virtio_device_release_ioeventfd(vdev);
1383fail:
1384 return r;
1385}
1386
1387
1388
1389
1390
1391
1392void vhost_dev_disable_notifiers(struct vhost_dev *hdev, VirtIODevice *vdev)
1393{
1394 BusState *qbus = BUS(qdev_get_parent_bus(DEVICE(vdev)));
1395 int i, r;
1396
1397 for (i = 0; i < hdev->nvqs; ++i) {
1398 r = virtio_bus_set_host_notifier(VIRTIO_BUS(qbus), hdev->vq_index + i,
1399 false);
1400 if (r < 0) {
1401 error_report("vhost VQ %d notifier cleanup failed: %d", i, -r);
1402 }
1403 assert (r >= 0);
1404 virtio_bus_cleanup_host_notifier(VIRTIO_BUS(qbus), hdev->vq_index + i);
1405 }
1406 virtio_device_release_ioeventfd(vdev);
1407}
1408
1409
1410
1411
1412bool vhost_virtqueue_pending(struct vhost_dev *hdev, int n)
1413{
1414 struct vhost_virtqueue *vq = hdev->vqs + n - hdev->vq_index;
1415 assert(n >= hdev->vq_index && n < hdev->vq_index + hdev->nvqs);
1416 return event_notifier_test_and_clear(&vq->masked_notifier);
1417}
1418
1419
1420void vhost_virtqueue_mask(struct vhost_dev *hdev, VirtIODevice *vdev, int n,
1421 bool mask)
1422{
1423 struct VirtQueue *vvq = virtio_get_queue(vdev, n);
1424 int r, index = n - hdev->vq_index;
1425 struct vhost_vring_file file;
1426
1427
1428 assert(hdev->vhost_ops);
1429
1430 if (mask) {
1431 assert(vdev->use_guest_notifier_mask);
1432 file.fd = event_notifier_get_fd(&hdev->vqs[index].masked_notifier);
1433 } else {
1434 file.fd = event_notifier_get_fd(virtio_queue_get_guest_notifier(vvq));
1435 }
1436
1437 file.index = hdev->vhost_ops->vhost_get_vq_index(hdev, n);
1438 r = hdev->vhost_ops->vhost_set_vring_call(hdev, &file);
1439 if (r < 0) {
1440 VHOST_OPS_DEBUG("vhost_set_vring_call failed");
1441 }
1442}
1443
1444uint64_t vhost_get_features(struct vhost_dev *hdev, const int *feature_bits,
1445 uint64_t features)
1446{
1447 const int *bit = feature_bits;
1448 while (*bit != VHOST_INVALID_FEATURE_BIT) {
1449 uint64_t bit_mask = (1ULL << *bit);
1450 if (!(hdev->features & bit_mask)) {
1451 features &= ~bit_mask;
1452 }
1453 bit++;
1454 }
1455 return features;
1456}
1457
1458void vhost_ack_features(struct vhost_dev *hdev, const int *feature_bits,
1459 uint64_t features)
1460{
1461 const int *bit = feature_bits;
1462 while (*bit != VHOST_INVALID_FEATURE_BIT) {
1463 uint64_t bit_mask = (1ULL << *bit);
1464 if (features & bit_mask) {
1465 hdev->acked_features |= bit_mask;
1466 }
1467 bit++;
1468 }
1469}
1470
1471int vhost_dev_get_config(struct vhost_dev *hdev, uint8_t *config,
1472 uint32_t config_len)
1473{
1474 assert(hdev->vhost_ops);
1475
1476 if (hdev->vhost_ops->vhost_get_config) {
1477 return hdev->vhost_ops->vhost_get_config(hdev, config, config_len);
1478 }
1479
1480 return -1;
1481}
1482
1483int vhost_dev_set_config(struct vhost_dev *hdev, const uint8_t *data,
1484 uint32_t offset, uint32_t size, uint32_t flags)
1485{
1486 assert(hdev->vhost_ops);
1487
1488 if (hdev->vhost_ops->vhost_set_config) {
1489 return hdev->vhost_ops->vhost_set_config(hdev, data, offset,
1490 size, flags);
1491 }
1492
1493 return -1;
1494}
1495
1496void vhost_dev_set_config_notifier(struct vhost_dev *hdev,
1497 const VhostDevConfigOps *ops)
1498{
1499 hdev->config_ops = ops;
1500}
1501
1502void vhost_dev_free_inflight(struct vhost_inflight *inflight)
1503{
1504 if (inflight->addr) {
1505 qemu_memfd_free(inflight->addr, inflight->size, inflight->fd);
1506 inflight->addr = NULL;
1507 inflight->fd = -1;
1508 }
1509}
1510
1511static int vhost_dev_resize_inflight(struct vhost_inflight *inflight,
1512 uint64_t new_size)
1513{
1514 Error *err = NULL;
1515 int fd = -1;
1516 void *addr = qemu_memfd_alloc("vhost-inflight", new_size,
1517 F_SEAL_GROW | F_SEAL_SHRINK | F_SEAL_SEAL,
1518 &fd, &err);
1519
1520 if (err) {
1521 error_report_err(err);
1522 return -1;
1523 }
1524
1525 vhost_dev_free_inflight(inflight);
1526 inflight->offset = 0;
1527 inflight->addr = addr;
1528 inflight->fd = fd;
1529 inflight->size = new_size;
1530
1531 return 0;
1532}
1533
1534void vhost_dev_save_inflight(struct vhost_inflight *inflight, QEMUFile *f)
1535{
1536 if (inflight->addr) {
1537 qemu_put_be64(f, inflight->size);
1538 qemu_put_be16(f, inflight->queue_size);
1539 qemu_put_buffer(f, inflight->addr, inflight->size);
1540 } else {
1541 qemu_put_be64(f, 0);
1542 }
1543}
1544
1545int vhost_dev_load_inflight(struct vhost_inflight *inflight, QEMUFile *f)
1546{
1547 uint64_t size;
1548
1549 size = qemu_get_be64(f);
1550 if (!size) {
1551 return 0;
1552 }
1553
1554 if (inflight->size != size) {
1555 if (vhost_dev_resize_inflight(inflight, size)) {
1556 return -1;
1557 }
1558 }
1559 inflight->queue_size = qemu_get_be16(f);
1560
1561 qemu_get_buffer(f, inflight->addr, size);
1562
1563 return 0;
1564}
1565
1566int vhost_dev_set_inflight(struct vhost_dev *dev,
1567 struct vhost_inflight *inflight)
1568{
1569 int r;
1570
1571 if (dev->vhost_ops->vhost_set_inflight_fd && inflight->addr) {
1572 r = dev->vhost_ops->vhost_set_inflight_fd(dev, inflight);
1573 if (r) {
1574 VHOST_OPS_DEBUG("vhost_set_inflight_fd failed");
1575 return -errno;
1576 }
1577 }
1578
1579 return 0;
1580}
1581
1582int vhost_dev_get_inflight(struct vhost_dev *dev, uint16_t queue_size,
1583 struct vhost_inflight *inflight)
1584{
1585 int r;
1586
1587 if (dev->vhost_ops->vhost_get_inflight_fd) {
1588 r = dev->vhost_ops->vhost_get_inflight_fd(dev, queue_size, inflight);
1589 if (r) {
1590 VHOST_OPS_DEBUG("vhost_get_inflight_fd failed");
1591 return -errno;
1592 }
1593 }
1594
1595 return 0;
1596}
1597
1598
1599int vhost_dev_start(struct vhost_dev *hdev, VirtIODevice *vdev)
1600{
1601 int i, r;
1602
1603
1604 assert(hdev->vhost_ops);
1605
1606 hdev->started = true;
1607 hdev->vdev = vdev;
1608
1609 r = vhost_dev_set_features(hdev, hdev->log_enabled);
1610 if (r < 0) {
1611 goto fail_features;
1612 }
1613
1614 if (vhost_dev_has_iommu(hdev)) {
1615 memory_listener_register(&hdev->iommu_listener, vdev->dma_as);
1616 }
1617
1618 r = hdev->vhost_ops->vhost_set_mem_table(hdev, hdev->mem);
1619 if (r < 0) {
1620 VHOST_OPS_DEBUG("vhost_set_mem_table failed");
1621 r = -errno;
1622 goto fail_mem;
1623 }
1624 for (i = 0; i < hdev->nvqs; ++i) {
1625 r = vhost_virtqueue_start(hdev,
1626 vdev,
1627 hdev->vqs + i,
1628 hdev->vq_index + i);
1629 if (r < 0) {
1630 goto fail_vq;
1631 }
1632 }
1633
1634 if (hdev->log_enabled) {
1635 uint64_t log_base;
1636
1637 hdev->log_size = vhost_get_log_size(hdev);
1638 hdev->log = vhost_log_get(hdev->log_size,
1639 vhost_dev_log_is_shared(hdev));
1640 log_base = (uintptr_t)hdev->log->log;
1641 r = hdev->vhost_ops->vhost_set_log_base(hdev,
1642 hdev->log_size ? log_base : 0,
1643 hdev->log);
1644 if (r < 0) {
1645 VHOST_OPS_DEBUG("vhost_set_log_base failed");
1646 r = -errno;
1647 goto fail_log;
1648 }
1649 }
1650
1651 if (vhost_dev_has_iommu(hdev)) {
1652 hdev->vhost_ops->vhost_set_iotlb_callback(hdev, true);
1653
1654
1655
1656 for (i = 0; i < hdev->nvqs; ++i) {
1657 struct vhost_virtqueue *vq = hdev->vqs + i;
1658 vhost_device_iotlb_miss(hdev, vq->used_phys, true);
1659 }
1660 }
1661 return 0;
1662fail_log:
1663 vhost_log_put(hdev, false);
1664fail_vq:
1665 while (--i >= 0) {
1666 vhost_virtqueue_stop(hdev,
1667 vdev,
1668 hdev->vqs + i,
1669 hdev->vq_index + i);
1670 }
1671
1672fail_mem:
1673fail_features:
1674
1675 hdev->started = false;
1676 return r;
1677}
1678
1679
1680void vhost_dev_stop(struct vhost_dev *hdev, VirtIODevice *vdev)
1681{
1682 int i;
1683
1684
1685 assert(hdev->vhost_ops);
1686
1687 for (i = 0; i < hdev->nvqs; ++i) {
1688 vhost_virtqueue_stop(hdev,
1689 vdev,
1690 hdev->vqs + i,
1691 hdev->vq_index + i);
1692 }
1693
1694 if (vhost_dev_has_iommu(hdev)) {
1695 hdev->vhost_ops->vhost_set_iotlb_callback(hdev, false);
1696 memory_listener_unregister(&hdev->iommu_listener);
1697 }
1698 vhost_log_put(hdev, true);
1699 hdev->started = false;
1700 hdev->vdev = NULL;
1701}
1702
1703int vhost_net_set_backend(struct vhost_dev *hdev,
1704 struct vhost_vring_file *file)
1705{
1706 if (hdev->vhost_ops->vhost_net_set_backend) {
1707 return hdev->vhost_ops->vhost_net_set_backend(hdev, file);
1708 }
1709
1710 return -1;
1711}
1712
