exec: Make ldl_*_phys input an AddressSpace
[qemu.git] / hw / scsi / vmw_pvscsi.c
1 /*
2 * QEMU VMWARE PVSCSI paravirtual SCSI bus
3 *
4 * Copyright (c) 2012 Ravello Systems LTD (http://ravellosystems.com)
5 *
6 * Developed by Daynix Computing LTD (http://www.daynix.com)
7 *
8 * Based on implementation by Paolo Bonzini
9 * http://lists.gnu.org/archive/html/qemu-devel/2011-08/msg00729.html
10 *
11 * Authors:
12 * Paolo Bonzini <pbonzini@redhat.com>
13 * Dmitry Fleytman <dmitry@daynix.com>
14 * Yan Vugenfirer <yan@daynix.com>
15 *
16 * This work is licensed under the terms of the GNU GPL, version 2.
17 * See the COPYING file in the top-level directory.
18 *
19 * NOTE about MSI-X:
20 * MSI-X support has been removed for the moment because it leads Windows OS
21 * to crash on startup. The crash happens because Windows driver requires
22 * MSI-X shared memory to be part of the same BAR used for rings state
23 * registers, etc. This is not supported by QEMU infrastructure so separate
24 * BAR created from MSI-X purposes. Windows driver fails to deal with 2 BARs.
25 *
26 */
27
28 #include "hw/scsi/scsi.h"
29 #include <block/scsi.h>
30 #include "hw/pci/msi.h"
31 #include "vmw_pvscsi.h"
32 #include "trace.h"
33
34
35 #define PVSCSI_MSI_OFFSET (0x50)
36 #define PVSCSI_USE_64BIT (true)
37 #define PVSCSI_PER_VECTOR_MASK (false)
38
39 #define PVSCSI_MAX_DEVS (64)
40 #define PVSCSI_MSIX_NUM_VECTORS (1)
41
42 #define PVSCSI_MAX_CMD_DATA_WORDS \
43 (sizeof(PVSCSICmdDescSetupRings)/sizeof(uint32_t))
44
45 #define RS_GET_FIELD(rs_pa, field) \
46 (ldl_le_phys(&address_space_memory, \
47 rs_pa + offsetof(struct PVSCSIRingsState, field)))
48 #define RS_SET_FIELD(rs_pa, field, val) \
49 (stl_le_phys(rs_pa + offsetof(struct PVSCSIRingsState, field), val))
50
51 #define TYPE_PVSCSI "pvscsi"
52 #define PVSCSI(obj) OBJECT_CHECK(PVSCSIState, (obj), TYPE_PVSCSI)
53
54 typedef struct PVSCSIRingInfo {
55 uint64_t rs_pa;
56 uint32_t txr_len_mask;
57 uint32_t rxr_len_mask;
58 uint32_t msg_len_mask;
59 uint64_t req_ring_pages_pa[PVSCSI_SETUP_RINGS_MAX_NUM_PAGES];
60 uint64_t cmp_ring_pages_pa[PVSCSI_SETUP_RINGS_MAX_NUM_PAGES];
61 uint64_t msg_ring_pages_pa[PVSCSI_SETUP_MSG_RING_MAX_NUM_PAGES];
62 uint64_t consumed_ptr;
63 uint64_t filled_cmp_ptr;
64 uint64_t filled_msg_ptr;
65 } PVSCSIRingInfo;
66
67 typedef struct PVSCSISGState {
68 hwaddr elemAddr;
69 hwaddr dataAddr;
70 uint32_t resid;
71 } PVSCSISGState;
72
73 typedef QTAILQ_HEAD(, PVSCSIRequest) PVSCSIRequestList;
74
75 typedef struct {
76 PCIDevice parent_obj;
77 MemoryRegion io_space;
78 SCSIBus bus;
79 QEMUBH *completion_worker;
80 PVSCSIRequestList pending_queue;
81 PVSCSIRequestList completion_queue;
82
83 uint64_t reg_interrupt_status; /* Interrupt status register value */
84 uint64_t reg_interrupt_enabled; /* Interrupt mask register value */
85 uint64_t reg_command_status; /* Command status register value */
86
87 /* Command data adoption mechanism */
88 uint64_t curr_cmd; /* Last command arrived */
89 uint32_t curr_cmd_data_cntr; /* Amount of data for last command */
90
91 /* Collector for current command data */
92 uint32_t curr_cmd_data[PVSCSI_MAX_CMD_DATA_WORDS];
93
94 uint8_t rings_info_valid; /* Whether data rings initialized */
95 uint8_t msg_ring_info_valid; /* Whether message ring initialized */
96 uint8_t use_msg; /* Whether to use message ring */
97
98 uint8_t msi_used; /* Whether MSI support was installed successfully */
99
100 PVSCSIRingInfo rings; /* Data transfer rings manager */
101 uint32_t resetting; /* Reset in progress */
102 } PVSCSIState;
103
104 typedef struct PVSCSIRequest {
105 SCSIRequest *sreq;
106 PVSCSIState *dev;
107 uint8_t sense_key;
108 uint8_t completed;
109 int lun;
110 QEMUSGList sgl;
111 PVSCSISGState sg;
112 struct PVSCSIRingReqDesc req;
113 struct PVSCSIRingCmpDesc cmp;
114 QTAILQ_ENTRY(PVSCSIRequest) next;
115 } PVSCSIRequest;
116
117 /* Integer binary logarithm */
118 static int
119 pvscsi_log2(uint32_t input)
120 {
121 int log = 0;
122 assert(input > 0);
123 while (input >> ++log) {
124 }
125 return log;
126 }
127
128 static void
129 pvscsi_ring_init_data(PVSCSIRingInfo *m, PVSCSICmdDescSetupRings *ri)
130 {
131 int i;
132 uint32_t txr_len_log2, rxr_len_log2;
133 uint32_t req_ring_size, cmp_ring_size;
134 m->rs_pa = ri->ringsStatePPN << VMW_PAGE_SHIFT;
135
136 req_ring_size = ri->reqRingNumPages * PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
137 cmp_ring_size = ri->cmpRingNumPages * PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
138 txr_len_log2 = pvscsi_log2(req_ring_size - 1);
139 rxr_len_log2 = pvscsi_log2(cmp_ring_size - 1);
140
141 m->txr_len_mask = MASK(txr_len_log2);
142 m->rxr_len_mask = MASK(rxr_len_log2);
143
144 m->consumed_ptr = 0;
145 m->filled_cmp_ptr = 0;
146
147 for (i = 0; i < ri->reqRingNumPages; i++) {
148 m->req_ring_pages_pa[i] = ri->reqRingPPNs[i] << VMW_PAGE_SHIFT;
149 }
150
151 for (i = 0; i < ri->cmpRingNumPages; i++) {
152 m->cmp_ring_pages_pa[i] = ri->cmpRingPPNs[i] << VMW_PAGE_SHIFT;
153 }
154
155 RS_SET_FIELD(m->rs_pa, reqProdIdx, 0);
156 RS_SET_FIELD(m->rs_pa, reqConsIdx, 0);
157 RS_SET_FIELD(m->rs_pa, reqNumEntriesLog2, txr_len_log2);
158
159 RS_SET_FIELD(m->rs_pa, cmpProdIdx, 0);
160 RS_SET_FIELD(m->rs_pa, cmpConsIdx, 0);
161 RS_SET_FIELD(m->rs_pa, cmpNumEntriesLog2, rxr_len_log2);
162
163 trace_pvscsi_ring_init_data(txr_len_log2, rxr_len_log2);
164
165 /* Flush ring state page changes */
166 smp_wmb();
167 }
168
169 static void
170 pvscsi_ring_init_msg(PVSCSIRingInfo *m, PVSCSICmdDescSetupMsgRing *ri)
171 {
172 int i;
173 uint32_t len_log2;
174 uint32_t ring_size;
175
176 ring_size = ri->numPages * PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;
177 len_log2 = pvscsi_log2(ring_size - 1);
178
179 m->msg_len_mask = MASK(len_log2);
180
181 m->filled_msg_ptr = 0;
182
183 for (i = 0; i < ri->numPages; i++) {
184 m->msg_ring_pages_pa[i] = ri->ringPPNs[i] << VMW_PAGE_SHIFT;
185 }
186
187 RS_SET_FIELD(m->rs_pa, msgProdIdx, 0);
188 RS_SET_FIELD(m->rs_pa, msgConsIdx, 0);
189 RS_SET_FIELD(m->rs_pa, msgNumEntriesLog2, len_log2);
190
191 trace_pvscsi_ring_init_msg(len_log2);
192
193 /* Flush ring state page changes */
194 smp_wmb();
195 }
196
197 static void
198 pvscsi_ring_cleanup(PVSCSIRingInfo *mgr)
199 {
200 mgr->rs_pa = 0;
201 mgr->txr_len_mask = 0;
202 mgr->rxr_len_mask = 0;
203 mgr->msg_len_mask = 0;
204 mgr->consumed_ptr = 0;
205 mgr->filled_cmp_ptr = 0;
206 mgr->filled_msg_ptr = 0;
207 memset(mgr->req_ring_pages_pa, 0, sizeof(mgr->req_ring_pages_pa));
208 memset(mgr->cmp_ring_pages_pa, 0, sizeof(mgr->cmp_ring_pages_pa));
209 memset(mgr->msg_ring_pages_pa, 0, sizeof(mgr->msg_ring_pages_pa));
210 }
211
212 static hwaddr
213 pvscsi_ring_pop_req_descr(PVSCSIRingInfo *mgr)
214 {
215 uint32_t ready_ptr = RS_GET_FIELD(mgr->rs_pa, reqProdIdx);
216
217 if (ready_ptr != mgr->consumed_ptr) {
218 uint32_t next_ready_ptr =
219 mgr->consumed_ptr++ & mgr->txr_len_mask;
220 uint32_t next_ready_page =
221 next_ready_ptr / PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
222 uint32_t inpage_idx =
223 next_ready_ptr % PVSCSI_MAX_NUM_REQ_ENTRIES_PER_PAGE;
224
225 return mgr->req_ring_pages_pa[next_ready_page] +
226 inpage_idx * sizeof(PVSCSIRingReqDesc);
227 } else {
228 return 0;
229 }
230 }
231
232 static void
233 pvscsi_ring_flush_req(PVSCSIRingInfo *mgr)
234 {
235 RS_SET_FIELD(mgr->rs_pa, reqConsIdx, mgr->consumed_ptr);
236 }
237
238 static hwaddr
239 pvscsi_ring_pop_cmp_descr(PVSCSIRingInfo *mgr)
240 {
241 /*
242 * According to Linux driver code it explicitly verifies that number
243 * of requests being processed by device is less then the size of
244 * completion queue, so device may omit completion queue overflow
245 * conditions check. We assume that this is true for other (Windows)
246 * drivers as well.
247 */
248
249 uint32_t free_cmp_ptr =
250 mgr->filled_cmp_ptr++ & mgr->rxr_len_mask;
251 uint32_t free_cmp_page =
252 free_cmp_ptr / PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
253 uint32_t inpage_idx =
254 free_cmp_ptr % PVSCSI_MAX_NUM_CMP_ENTRIES_PER_PAGE;
255 return mgr->cmp_ring_pages_pa[free_cmp_page] +
256 inpage_idx * sizeof(PVSCSIRingCmpDesc);
257 }
258
259 static hwaddr
260 pvscsi_ring_pop_msg_descr(PVSCSIRingInfo *mgr)
261 {
262 uint32_t free_msg_ptr =
263 mgr->filled_msg_ptr++ & mgr->msg_len_mask;
264 uint32_t free_msg_page =
265 free_msg_ptr / PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;
266 uint32_t inpage_idx =
267 free_msg_ptr % PVSCSI_MAX_NUM_MSG_ENTRIES_PER_PAGE;
268 return mgr->msg_ring_pages_pa[free_msg_page] +
269 inpage_idx * sizeof(PVSCSIRingMsgDesc);
270 }
271
272 static void
273 pvscsi_ring_flush_cmp(PVSCSIRingInfo *mgr)
274 {
275 /* Flush descriptor changes */
276 smp_wmb();
277
278 trace_pvscsi_ring_flush_cmp(mgr->filled_cmp_ptr);
279
280 RS_SET_FIELD(mgr->rs_pa, cmpProdIdx, mgr->filled_cmp_ptr);
281 }
282
283 static bool
284 pvscsi_ring_msg_has_room(PVSCSIRingInfo *mgr)
285 {
286 uint32_t prodIdx = RS_GET_FIELD(mgr->rs_pa, msgProdIdx);
287 uint32_t consIdx = RS_GET_FIELD(mgr->rs_pa, msgConsIdx);
288
289 return (prodIdx - consIdx) < (mgr->msg_len_mask + 1);
290 }
291
292 static void
293 pvscsi_ring_flush_msg(PVSCSIRingInfo *mgr)
294 {
295 /* Flush descriptor changes */
296 smp_wmb();
297
298 trace_pvscsi_ring_flush_msg(mgr->filled_msg_ptr);
299
300 RS_SET_FIELD(mgr->rs_pa, msgProdIdx, mgr->filled_msg_ptr);
301 }
302
303 static void
304 pvscsi_reset_state(PVSCSIState *s)
305 {
306 s->curr_cmd = PVSCSI_CMD_FIRST;
307 s->curr_cmd_data_cntr = 0;
308 s->reg_command_status = PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
309 s->reg_interrupt_status = 0;
310 pvscsi_ring_cleanup(&s->rings);
311 s->rings_info_valid = FALSE;
312 s->msg_ring_info_valid = FALSE;
313 QTAILQ_INIT(&s->pending_queue);
314 QTAILQ_INIT(&s->completion_queue);
315 }
316
317 static void
318 pvscsi_update_irq_status(PVSCSIState *s)
319 {
320 PCIDevice *d = PCI_DEVICE(s);
321 bool should_raise = s->reg_interrupt_enabled & s->reg_interrupt_status;
322
323 trace_pvscsi_update_irq_level(should_raise, s->reg_interrupt_enabled,
324 s->reg_interrupt_status);
325
326 if (s->msi_used && msi_enabled(d)) {
327 if (should_raise) {
328 trace_pvscsi_update_irq_msi();
329 msi_notify(d, PVSCSI_VECTOR_COMPLETION);
330 }
331 return;
332 }
333
334 pci_set_irq(d, !!should_raise);
335 }
336
337 static void
338 pvscsi_raise_completion_interrupt(PVSCSIState *s)
339 {
340 s->reg_interrupt_status |= PVSCSI_INTR_CMPL_0;
341
342 /* Memory barrier to flush interrupt status register changes*/
343 smp_wmb();
344
345 pvscsi_update_irq_status(s);
346 }
347
348 static void
349 pvscsi_raise_message_interrupt(PVSCSIState *s)
350 {
351 s->reg_interrupt_status |= PVSCSI_INTR_MSG_0;
352
353 /* Memory barrier to flush interrupt status register changes*/
354 smp_wmb();
355
356 pvscsi_update_irq_status(s);
357 }
358
359 static void
360 pvscsi_cmp_ring_put(PVSCSIState *s, struct PVSCSIRingCmpDesc *cmp_desc)
361 {
362 hwaddr cmp_descr_pa;
363
364 cmp_descr_pa = pvscsi_ring_pop_cmp_descr(&s->rings);
365 trace_pvscsi_cmp_ring_put(cmp_descr_pa);
366 cpu_physical_memory_write(cmp_descr_pa, (void *)cmp_desc,
367 sizeof(*cmp_desc));
368 }
369
370 static void
371 pvscsi_msg_ring_put(PVSCSIState *s, struct PVSCSIRingMsgDesc *msg_desc)
372 {
373 hwaddr msg_descr_pa;
374
375 msg_descr_pa = pvscsi_ring_pop_msg_descr(&s->rings);
376 trace_pvscsi_msg_ring_put(msg_descr_pa);
377 cpu_physical_memory_write(msg_descr_pa, (void *)msg_desc,
378 sizeof(*msg_desc));
379 }
380
381 static void
382 pvscsi_process_completion_queue(void *opaque)
383 {
384 PVSCSIState *s = opaque;
385 PVSCSIRequest *pvscsi_req;
386 bool has_completed = false;
387
388 while (!QTAILQ_EMPTY(&s->completion_queue)) {
389 pvscsi_req = QTAILQ_FIRST(&s->completion_queue);
390 QTAILQ_REMOVE(&s->completion_queue, pvscsi_req, next);
391 pvscsi_cmp_ring_put(s, &pvscsi_req->cmp);
392 g_free(pvscsi_req);
393 has_completed = true;
394 }
395
396 if (has_completed) {
397 pvscsi_ring_flush_cmp(&s->rings);
398 pvscsi_raise_completion_interrupt(s);
399 }
400 }
401
402 static void
403 pvscsi_reset_adapter(PVSCSIState *s)
404 {
405 s->resetting++;
406 qbus_reset_all_fn(&s->bus);
407 s->resetting--;
408 pvscsi_process_completion_queue(s);
409 assert(QTAILQ_EMPTY(&s->pending_queue));
410 pvscsi_reset_state(s);
411 }
412
413 static void
414 pvscsi_schedule_completion_processing(PVSCSIState *s)
415 {
416 /* Try putting more complete requests on the ring. */
417 if (!QTAILQ_EMPTY(&s->completion_queue)) {
418 qemu_bh_schedule(s->completion_worker);
419 }
420 }
421
422 static void
423 pvscsi_complete_request(PVSCSIState *s, PVSCSIRequest *r)
424 {
425 assert(!r->completed);
426
427 trace_pvscsi_complete_request(r->cmp.context, r->cmp.dataLen,
428 r->sense_key);
429 if (r->sreq != NULL) {
430 scsi_req_unref(r->sreq);
431 r->sreq = NULL;
432 }
433 r->completed = 1;
434 QTAILQ_REMOVE(&s->pending_queue, r, next);
435 QTAILQ_INSERT_TAIL(&s->completion_queue, r, next);
436 pvscsi_schedule_completion_processing(s);
437 }
438
439 static QEMUSGList *pvscsi_get_sg_list(SCSIRequest *r)
440 {
441 PVSCSIRequest *req = r->hba_private;
442
443 trace_pvscsi_get_sg_list(req->sgl.nsg, req->sgl.size);
444
445 return &req->sgl;
446 }
447
448 static void
449 pvscsi_get_next_sg_elem(PVSCSISGState *sg)
450 {
451 struct PVSCSISGElement elem;
452
453 cpu_physical_memory_read(sg->elemAddr, (void *)&elem, sizeof(elem));
454 if ((elem.flags & ~PVSCSI_KNOWN_FLAGS) != 0) {
455 /*
456 * There is PVSCSI_SGE_FLAG_CHAIN_ELEMENT flag described in
457 * header file but its value is unknown. This flag requires
458 * additional processing, so we put warning here to catch it
459 * some day and make proper implementation
460 */
461 trace_pvscsi_get_next_sg_elem(elem.flags);
462 }
463
464 sg->elemAddr += sizeof(elem);
465 sg->dataAddr = elem.addr;
466 sg->resid = elem.length;
467 }
468
469 static void
470 pvscsi_write_sense(PVSCSIRequest *r, uint8_t *sense, int len)
471 {
472 r->cmp.senseLen = MIN(r->req.senseLen, len);
473 r->sense_key = sense[(sense[0] & 2) ? 1 : 2];
474 cpu_physical_memory_write(r->req.senseAddr, sense, r->cmp.senseLen);
475 }
476
477 static void
478 pvscsi_command_complete(SCSIRequest *req, uint32_t status, size_t resid)
479 {
480 PVSCSIRequest *pvscsi_req = req->hba_private;
481 PVSCSIState *s = pvscsi_req->dev;
482
483 if (!pvscsi_req) {
484 trace_pvscsi_command_complete_not_found(req->tag);
485 return;
486 }
487
488 if (resid) {
489 /* Short transfer. */
490 trace_pvscsi_command_complete_data_run();
491 pvscsi_req->cmp.hostStatus = BTSTAT_DATARUN;
492 }
493
494 pvscsi_req->cmp.scsiStatus = status;
495 if (pvscsi_req->cmp.scsiStatus == CHECK_CONDITION) {
496 uint8_t sense[SCSI_SENSE_BUF_SIZE];
497 int sense_len =
498 scsi_req_get_sense(pvscsi_req->sreq, sense, sizeof(sense));
499
500 trace_pvscsi_command_complete_sense_len(sense_len);
501 pvscsi_write_sense(pvscsi_req, sense, sense_len);
502 }
503 qemu_sglist_destroy(&pvscsi_req->sgl);
504 pvscsi_complete_request(s, pvscsi_req);
505 }
506
507 static void
508 pvscsi_send_msg(PVSCSIState *s, SCSIDevice *dev, uint32_t msg_type)
509 {
510 if (s->msg_ring_info_valid && pvscsi_ring_msg_has_room(&s->rings)) {
511 PVSCSIMsgDescDevStatusChanged msg = {0};
512
513 msg.type = msg_type;
514 msg.bus = dev->channel;
515 msg.target = dev->id;
516 msg.lun[1] = dev->lun;
517
518 pvscsi_msg_ring_put(s, (PVSCSIRingMsgDesc *)&msg);
519 pvscsi_ring_flush_msg(&s->rings);
520 pvscsi_raise_message_interrupt(s);
521 }
522 }
523
524 static void
525 pvscsi_hotplug(SCSIBus *bus, SCSIDevice *dev)
526 {
527 PVSCSIState *s = container_of(bus, PVSCSIState, bus);
528 pvscsi_send_msg(s, dev, PVSCSI_MSG_DEV_ADDED);
529 }
530
531 static void
532 pvscsi_hot_unplug(SCSIBus *bus, SCSIDevice *dev)
533 {
534 PVSCSIState *s = container_of(bus, PVSCSIState, bus);
535 pvscsi_send_msg(s, dev, PVSCSI_MSG_DEV_REMOVED);
536 }
537
538 static void
539 pvscsi_request_cancelled(SCSIRequest *req)
540 {
541 PVSCSIRequest *pvscsi_req = req->hba_private;
542 PVSCSIState *s = pvscsi_req->dev;
543
544 if (pvscsi_req->completed) {
545 return;
546 }
547
548 if (pvscsi_req->dev->resetting) {
549 pvscsi_req->cmp.hostStatus = BTSTAT_BUSRESET;
550 } else {
551 pvscsi_req->cmp.hostStatus = BTSTAT_ABORTQUEUE;
552 }
553
554 pvscsi_complete_request(s, pvscsi_req);
555 }
556
557 static SCSIDevice*
558 pvscsi_device_find(PVSCSIState *s, int channel, int target,
559 uint8_t *requested_lun, uint8_t *target_lun)
560 {
561 if (requested_lun[0] || requested_lun[2] || requested_lun[3] ||
562 requested_lun[4] || requested_lun[5] || requested_lun[6] ||
563 requested_lun[7] || (target > PVSCSI_MAX_DEVS)) {
564 return NULL;
565 } else {
566 *target_lun = requested_lun[1];
567 return scsi_device_find(&s->bus, channel, target, *target_lun);
568 }
569 }
570
571 static PVSCSIRequest *
572 pvscsi_queue_pending_descriptor(PVSCSIState *s, SCSIDevice **d,
573 struct PVSCSIRingReqDesc *descr)
574 {
575 PVSCSIRequest *pvscsi_req;
576 uint8_t lun;
577
578 pvscsi_req = g_malloc0(sizeof(*pvscsi_req));
579 pvscsi_req->dev = s;
580 pvscsi_req->req = *descr;
581 pvscsi_req->cmp.context = pvscsi_req->req.context;
582 QTAILQ_INSERT_TAIL(&s->pending_queue, pvscsi_req, next);
583
584 *d = pvscsi_device_find(s, descr->bus, descr->target, descr->lun, &lun);
585 if (*d) {
586 pvscsi_req->lun = lun;
587 }
588
589 return pvscsi_req;
590 }
591
592 static void
593 pvscsi_convert_sglist(PVSCSIRequest *r)
594 {
595 int chunk_size;
596 uint64_t data_length = r->req.dataLen;
597 PVSCSISGState sg = r->sg;
598 while (data_length) {
599 while (!sg.resid) {
600 pvscsi_get_next_sg_elem(&sg);
601 trace_pvscsi_convert_sglist(r->req.context, r->sg.dataAddr,
602 r->sg.resid);
603 }
604 assert(data_length > 0);
605 chunk_size = MIN((unsigned) data_length, sg.resid);
606 if (chunk_size) {
607 qemu_sglist_add(&r->sgl, sg.dataAddr, chunk_size);
608 }
609
610 sg.dataAddr += chunk_size;
611 data_length -= chunk_size;
612 sg.resid -= chunk_size;
613 }
614 }
615
616 static void
617 pvscsi_build_sglist(PVSCSIState *s, PVSCSIRequest *r)
618 {
619 PCIDevice *d = PCI_DEVICE(s);
620
621 pci_dma_sglist_init(&r->sgl, d, 1);
622 if (r->req.flags & PVSCSI_FLAG_CMD_WITH_SG_LIST) {
623 pvscsi_convert_sglist(r);
624 } else {
625 qemu_sglist_add(&r->sgl, r->req.dataAddr, r->req.dataLen);
626 }
627 }
628
629 static void
630 pvscsi_process_request_descriptor(PVSCSIState *s,
631 struct PVSCSIRingReqDesc *descr)
632 {
633 SCSIDevice *d;
634 PVSCSIRequest *r = pvscsi_queue_pending_descriptor(s, &d, descr);
635 int64_t n;
636
637 trace_pvscsi_process_req_descr(descr->cdb[0], descr->context);
638
639 if (!d) {
640 r->cmp.hostStatus = BTSTAT_SELTIMEO;
641 trace_pvscsi_process_req_descr_unknown_device();
642 pvscsi_complete_request(s, r);
643 return;
644 }
645
646 if (descr->flags & PVSCSI_FLAG_CMD_WITH_SG_LIST) {
647 r->sg.elemAddr = descr->dataAddr;
648 }
649
650 r->sreq = scsi_req_new(d, descr->context, r->lun, descr->cdb, r);
651 if (r->sreq->cmd.mode == SCSI_XFER_FROM_DEV &&
652 (descr->flags & PVSCSI_FLAG_CMD_DIR_TODEVICE)) {
653 r->cmp.hostStatus = BTSTAT_BADMSG;
654 trace_pvscsi_process_req_descr_invalid_dir();
655 scsi_req_cancel(r->sreq);
656 return;
657 }
658 if (r->sreq->cmd.mode == SCSI_XFER_TO_DEV &&
659 (descr->flags & PVSCSI_FLAG_CMD_DIR_TOHOST)) {
660 r->cmp.hostStatus = BTSTAT_BADMSG;
661 trace_pvscsi_process_req_descr_invalid_dir();
662 scsi_req_cancel(r->sreq);
663 return;
664 }
665
666 pvscsi_build_sglist(s, r);
667 n = scsi_req_enqueue(r->sreq);
668
669 if (n) {
670 scsi_req_continue(r->sreq);
671 }
672 }
673
674 static void
675 pvscsi_process_io(PVSCSIState *s)
676 {
677 PVSCSIRingReqDesc descr;
678 hwaddr next_descr_pa;
679
680 assert(s->rings_info_valid);
681 while ((next_descr_pa = pvscsi_ring_pop_req_descr(&s->rings)) != 0) {
682
683 /* Only read after production index verification */
684 smp_rmb();
685
686 trace_pvscsi_process_io(next_descr_pa);
687 cpu_physical_memory_read(next_descr_pa, &descr, sizeof(descr));
688 pvscsi_process_request_descriptor(s, &descr);
689 }
690
691 pvscsi_ring_flush_req(&s->rings);
692 }
693
694 static void
695 pvscsi_dbg_dump_tx_rings_config(PVSCSICmdDescSetupRings *rc)
696 {
697 int i;
698 trace_pvscsi_tx_rings_ppn("Rings State", rc->ringsStatePPN);
699
700 trace_pvscsi_tx_rings_num_pages("Request Ring", rc->reqRingNumPages);
701 for (i = 0; i < rc->reqRingNumPages; i++) {
702 trace_pvscsi_tx_rings_ppn("Request Ring", rc->reqRingPPNs[i]);
703 }
704
705 trace_pvscsi_tx_rings_num_pages("Confirm Ring", rc->cmpRingNumPages);
706 for (i = 0; i < rc->cmpRingNumPages; i++) {
707 trace_pvscsi_tx_rings_ppn("Confirm Ring", rc->reqRingPPNs[i]);
708 }
709 }
710
711 static uint64_t
712 pvscsi_on_cmd_config(PVSCSIState *s)
713 {
714 trace_pvscsi_on_cmd_noimpl("PVSCSI_CMD_CONFIG");
715 return PVSCSI_COMMAND_PROCESSING_FAILED;
716 }
717
718 static uint64_t
719 pvscsi_on_cmd_unplug(PVSCSIState *s)
720 {
721 trace_pvscsi_on_cmd_noimpl("PVSCSI_CMD_DEVICE_UNPLUG");
722 return PVSCSI_COMMAND_PROCESSING_FAILED;
723 }
724
725 static uint64_t
726 pvscsi_on_issue_scsi(PVSCSIState *s)
727 {
728 trace_pvscsi_on_cmd_noimpl("PVSCSI_CMD_ISSUE_SCSI");
729 return PVSCSI_COMMAND_PROCESSING_FAILED;
730 }
731
732 static uint64_t
733 pvscsi_on_cmd_setup_rings(PVSCSIState *s)
734 {
735 PVSCSICmdDescSetupRings *rc =
736 (PVSCSICmdDescSetupRings *) s->curr_cmd_data;
737
738 trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_SETUP_RINGS");
739
740 pvscsi_dbg_dump_tx_rings_config(rc);
741 pvscsi_ring_init_data(&s->rings, rc);
742 s->rings_info_valid = TRUE;
743 return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
744 }
745
746 static uint64_t
747 pvscsi_on_cmd_abort(PVSCSIState *s)
748 {
749 PVSCSICmdDescAbortCmd *cmd = (PVSCSICmdDescAbortCmd *) s->curr_cmd_data;
750 PVSCSIRequest *r, *next;
751
752 trace_pvscsi_on_cmd_abort(cmd->context, cmd->target);
753
754 QTAILQ_FOREACH_SAFE(r, &s->pending_queue, next, next) {
755 if (r->req.context == cmd->context) {
756 break;
757 }
758 }
759 if (r) {
760 assert(!r->completed);
761 r->cmp.hostStatus = BTSTAT_ABORTQUEUE;
762 scsi_req_cancel(r->sreq);
763 }
764
765 return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
766 }
767
768 static uint64_t
769 pvscsi_on_cmd_unknown(PVSCSIState *s)
770 {
771 trace_pvscsi_on_cmd_unknown_data(s->curr_cmd_data[0]);
772 return PVSCSI_COMMAND_PROCESSING_FAILED;
773 }
774
775 static uint64_t
776 pvscsi_on_cmd_reset_device(PVSCSIState *s)
777 {
778 uint8_t target_lun = 0;
779 struct PVSCSICmdDescResetDevice *cmd =
780 (struct PVSCSICmdDescResetDevice *) s->curr_cmd_data;
781 SCSIDevice *sdev;
782
783 sdev = pvscsi_device_find(s, 0, cmd->target, cmd->lun, &target_lun);
784
785 trace_pvscsi_on_cmd_reset_dev(cmd->target, (int) target_lun, sdev);
786
787 if (sdev != NULL) {
788 s->resetting++;
789 device_reset(&sdev->qdev);
790 s->resetting--;
791 return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
792 }
793
794 return PVSCSI_COMMAND_PROCESSING_FAILED;
795 }
796
797 static uint64_t
798 pvscsi_on_cmd_reset_bus(PVSCSIState *s)
799 {
800 trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_RESET_BUS");
801
802 s->resetting++;
803 qbus_reset_all_fn(&s->bus);
804 s->resetting--;
805 return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
806 }
807
808 static uint64_t
809 pvscsi_on_cmd_setup_msg_ring(PVSCSIState *s)
810 {
811 PVSCSICmdDescSetupMsgRing *rc =
812 (PVSCSICmdDescSetupMsgRing *) s->curr_cmd_data;
813
814 trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_SETUP_MSG_RING");
815
816 if (!s->use_msg) {
817 return PVSCSI_COMMAND_PROCESSING_FAILED;
818 }
819
820 if (s->rings_info_valid) {
821 pvscsi_ring_init_msg(&s->rings, rc);
822 s->msg_ring_info_valid = TRUE;
823 }
824 return sizeof(PVSCSICmdDescSetupMsgRing) / sizeof(uint32_t);
825 }
826
827 static uint64_t
828 pvscsi_on_cmd_adapter_reset(PVSCSIState *s)
829 {
830 trace_pvscsi_on_cmd_arrived("PVSCSI_CMD_ADAPTER_RESET");
831
832 pvscsi_reset_adapter(s);
833 return PVSCSI_COMMAND_PROCESSING_SUCCEEDED;
834 }
835
836 static const struct {
837 int data_size;
838 uint64_t (*handler_fn)(PVSCSIState *s);
839 } pvscsi_commands[] = {
840 [PVSCSI_CMD_FIRST] = {
841 .data_size = 0,
842 .handler_fn = pvscsi_on_cmd_unknown,
843 },
844
845 /* Not implemented, data size defined based on what arrives on windows */
846 [PVSCSI_CMD_CONFIG] = {
847 .data_size = 6 * sizeof(uint32_t),
848 .handler_fn = pvscsi_on_cmd_config,
849 },
850
851 /* Command not implemented, data size is unknown */
852 [PVSCSI_CMD_ISSUE_SCSI] = {
853 .data_size = 0,
854 .handler_fn = pvscsi_on_issue_scsi,
855 },
856
857 /* Command not implemented, data size is unknown */
858 [PVSCSI_CMD_DEVICE_UNPLUG] = {
859 .data_size = 0,
860 .handler_fn = pvscsi_on_cmd_unplug,
861 },
862
863 [PVSCSI_CMD_SETUP_RINGS] = {
864 .data_size = sizeof(PVSCSICmdDescSetupRings),
865 .handler_fn = pvscsi_on_cmd_setup_rings,
866 },
867
868 [PVSCSI_CMD_RESET_DEVICE] = {
869 .data_size = sizeof(struct PVSCSICmdDescResetDevice),
870 .handler_fn = pvscsi_on_cmd_reset_device,
871 },
872
873 [PVSCSI_CMD_RESET_BUS] = {
874 .data_size = 0,
875 .handler_fn = pvscsi_on_cmd_reset_bus,
876 },
877
878 [PVSCSI_CMD_SETUP_MSG_RING] = {
879 .data_size = sizeof(PVSCSICmdDescSetupMsgRing),
880 .handler_fn = pvscsi_on_cmd_setup_msg_ring,
881 },
882
883 [PVSCSI_CMD_ADAPTER_RESET] = {
884 .data_size = 0,
885 .handler_fn = pvscsi_on_cmd_adapter_reset,
886 },
887
888 [PVSCSI_CMD_ABORT_CMD] = {
889 .data_size = sizeof(struct PVSCSICmdDescAbortCmd),
890 .handler_fn = pvscsi_on_cmd_abort,
891 },
892 };
893
894 static void
895 pvscsi_do_command_processing(PVSCSIState *s)
896 {
897 size_t bytes_arrived = s->curr_cmd_data_cntr * sizeof(uint32_t);
898
899 assert(s->curr_cmd < PVSCSI_CMD_LAST);
900 if (bytes_arrived >= pvscsi_commands[s->curr_cmd].data_size) {
901 s->reg_command_status = pvscsi_commands[s->curr_cmd].handler_fn(s);
902 s->curr_cmd = PVSCSI_CMD_FIRST;
903 s->curr_cmd_data_cntr = 0;
904 }
905 }
906
907 static void
908 pvscsi_on_command_data(PVSCSIState *s, uint32_t value)
909 {
910 size_t bytes_arrived = s->curr_cmd_data_cntr * sizeof(uint32_t);
911
912 assert(bytes_arrived < sizeof(s->curr_cmd_data));
913 s->curr_cmd_data[s->curr_cmd_data_cntr++] = value;
914
915 pvscsi_do_command_processing(s);
916 }
917
918 static void
919 pvscsi_on_command(PVSCSIState *s, uint64_t cmd_id)
920 {
921 if ((cmd_id > PVSCSI_CMD_FIRST) && (cmd_id < PVSCSI_CMD_LAST)) {
922 s->curr_cmd = cmd_id;
923 } else {
924 s->curr_cmd = PVSCSI_CMD_FIRST;
925 trace_pvscsi_on_cmd_unknown(cmd_id);
926 }
927
928 s->curr_cmd_data_cntr = 0;
929 s->reg_command_status = PVSCSI_COMMAND_NOT_ENOUGH_DATA;
930
931 pvscsi_do_command_processing(s);
932 }
933
934 static void
935 pvscsi_io_write(void *opaque, hwaddr addr,
936 uint64_t val, unsigned size)
937 {
938 PVSCSIState *s = opaque;
939
940 switch (addr) {
941 case PVSCSI_REG_OFFSET_COMMAND:
942 pvscsi_on_command(s, val);
943 break;
944
945 case PVSCSI_REG_OFFSET_COMMAND_DATA:
946 pvscsi_on_command_data(s, (uint32_t) val);
947 break;
948
949 case PVSCSI_REG_OFFSET_INTR_STATUS:
950 trace_pvscsi_io_write("PVSCSI_REG_OFFSET_INTR_STATUS", val);
951 s->reg_interrupt_status &= ~val;
952 pvscsi_update_irq_status(s);
953 pvscsi_schedule_completion_processing(s);
954 break;
955
956 case PVSCSI_REG_OFFSET_INTR_MASK:
957 trace_pvscsi_io_write("PVSCSI_REG_OFFSET_INTR_MASK", val);
958 s->reg_interrupt_enabled = val;
959 pvscsi_update_irq_status(s);
960 break;
961
962 case PVSCSI_REG_OFFSET_KICK_NON_RW_IO:
963 trace_pvscsi_io_write("PVSCSI_REG_OFFSET_KICK_NON_RW_IO", val);
964 pvscsi_process_io(s);
965 break;
966
967 case PVSCSI_REG_OFFSET_KICK_RW_IO:
968 trace_pvscsi_io_write("PVSCSI_REG_OFFSET_KICK_RW_IO", val);
969 pvscsi_process_io(s);
970 break;
971
972 case PVSCSI_REG_OFFSET_DEBUG:
973 trace_pvscsi_io_write("PVSCSI_REG_OFFSET_DEBUG", val);
974 break;
975
976 default:
977 trace_pvscsi_io_write_unknown(addr, size, val);
978 break;
979 }
980
981 }
982
983 static uint64_t
984 pvscsi_io_read(void *opaque, hwaddr addr, unsigned size)
985 {
986 PVSCSIState *s = opaque;
987
988 switch (addr) {
989 case PVSCSI_REG_OFFSET_INTR_STATUS:
990 trace_pvscsi_io_read("PVSCSI_REG_OFFSET_INTR_STATUS",
991 s->reg_interrupt_status);
992 return s->reg_interrupt_status;
993
994 case PVSCSI_REG_OFFSET_INTR_MASK:
995 trace_pvscsi_io_read("PVSCSI_REG_OFFSET_INTR_MASK",
996 s->reg_interrupt_status);
997 return s->reg_interrupt_enabled;
998
999 case PVSCSI_REG_OFFSET_COMMAND_STATUS:
1000 trace_pvscsi_io_read("PVSCSI_REG_OFFSET_COMMAND_STATUS",
1001 s->reg_interrupt_status);
1002 return s->reg_command_status;
1003
1004 default:
1005 trace_pvscsi_io_read_unknown(addr, size);
1006 return 0;
1007 }
1008 }
1009
1010
1011 static bool
1012 pvscsi_init_msi(PVSCSIState *s)
1013 {
1014 int res;
1015 PCIDevice *d = PCI_DEVICE(s);
1016
1017 res = msi_init(d, PVSCSI_MSI_OFFSET, PVSCSI_MSIX_NUM_VECTORS,
1018 PVSCSI_USE_64BIT, PVSCSI_PER_VECTOR_MASK);
1019 if (res < 0) {
1020 trace_pvscsi_init_msi_fail(res);
1021 s->msi_used = false;
1022 } else {
1023 s->msi_used = true;
1024 }
1025
1026 return s->msi_used;
1027 }
1028
1029 static void
1030 pvscsi_cleanup_msi(PVSCSIState *s)
1031 {
1032 PCIDevice *d = PCI_DEVICE(s);
1033
1034 if (s->msi_used) {
1035 msi_uninit(d);
1036 }
1037 }
1038
1039 static const MemoryRegionOps pvscsi_ops = {
1040 .read = pvscsi_io_read,
1041 .write = pvscsi_io_write,
1042 .endianness = DEVICE_LITTLE_ENDIAN,
1043 .impl = {
1044 .min_access_size = 4,
1045 .max_access_size = 4,
1046 },
1047 };
1048
1049 static const struct SCSIBusInfo pvscsi_scsi_info = {
1050 .tcq = true,
1051 .max_target = PVSCSI_MAX_DEVS,
1052 .max_channel = 0,
1053 .max_lun = 0,
1054
1055 .get_sg_list = pvscsi_get_sg_list,
1056 .complete = pvscsi_command_complete,
1057 .cancel = pvscsi_request_cancelled,
1058 .hotplug = pvscsi_hotplug,
1059 .hot_unplug = pvscsi_hot_unplug,
1060 };
1061
1062 static int
1063 pvscsi_init(PCIDevice *pci_dev)
1064 {
1065 PVSCSIState *s = PVSCSI(pci_dev);
1066
1067 trace_pvscsi_state("init");
1068
1069 /* PCI subsystem ID */
1070 pci_dev->config[PCI_SUBSYSTEM_ID] = 0x00;
1071 pci_dev->config[PCI_SUBSYSTEM_ID + 1] = 0x10;
1072
1073 /* PCI latency timer = 255 */
1074 pci_dev->config[PCI_LATENCY_TIMER] = 0xff;
1075
1076 /* Interrupt pin A */
1077 pci_config_set_interrupt_pin(pci_dev->config, 1);
1078
1079 memory_region_init_io(&s->io_space, OBJECT(s), &pvscsi_ops, s,
1080 "pvscsi-io", PVSCSI_MEM_SPACE_SIZE);
1081 pci_register_bar(pci_dev, 0, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->io_space);
1082
1083 pvscsi_init_msi(s);
1084
1085 s->completion_worker = qemu_bh_new(pvscsi_process_completion_queue, s);
1086 if (!s->completion_worker) {
1087 pvscsi_cleanup_msi(s);
1088 memory_region_destroy(&s->io_space);
1089 return -ENOMEM;
1090 }
1091
1092 scsi_bus_new(&s->bus, sizeof(s->bus), DEVICE(pci_dev),
1093 &pvscsi_scsi_info, NULL);
1094 pvscsi_reset_state(s);
1095
1096 return 0;
1097 }
1098
1099 static void
1100 pvscsi_uninit(PCIDevice *pci_dev)
1101 {
1102 PVSCSIState *s = PVSCSI(pci_dev);
1103
1104 trace_pvscsi_state("uninit");
1105 qemu_bh_delete(s->completion_worker);
1106
1107 pvscsi_cleanup_msi(s);
1108
1109 memory_region_destroy(&s->io_space);
1110 }
1111
1112 static void
1113 pvscsi_reset(DeviceState *dev)
1114 {
1115 PCIDevice *d = PCI_DEVICE(dev);
1116 PVSCSIState *s = PVSCSI(d);
1117
1118 trace_pvscsi_state("reset");
1119 pvscsi_reset_adapter(s);
1120 }
1121
1122 static void
1123 pvscsi_pre_save(void *opaque)
1124 {
1125 PVSCSIState *s = (PVSCSIState *) opaque;
1126
1127 trace_pvscsi_state("presave");
1128
1129 assert(QTAILQ_EMPTY(&s->pending_queue));
1130 assert(QTAILQ_EMPTY(&s->completion_queue));
1131 }
1132
1133 static int
1134 pvscsi_post_load(void *opaque, int version_id)
1135 {
1136 trace_pvscsi_state("postload");
1137 return 0;
1138 }
1139
1140 static const VMStateDescription vmstate_pvscsi = {
1141 .name = "pvscsi",
1142 .version_id = 0,
1143 .minimum_version_id = 0,
1144 .minimum_version_id_old = 0,
1145 .pre_save = pvscsi_pre_save,
1146 .post_load = pvscsi_post_load,
1147 .fields = (VMStateField[]) {
1148 VMSTATE_PCI_DEVICE(parent_obj, PVSCSIState),
1149 VMSTATE_UINT8(msi_used, PVSCSIState),
1150 VMSTATE_UINT32(resetting, PVSCSIState),
1151 VMSTATE_UINT64(reg_interrupt_status, PVSCSIState),
1152 VMSTATE_UINT64(reg_interrupt_enabled, PVSCSIState),
1153 VMSTATE_UINT64(reg_command_status, PVSCSIState),
1154 VMSTATE_UINT64(curr_cmd, PVSCSIState),
1155 VMSTATE_UINT32(curr_cmd_data_cntr, PVSCSIState),
1156 VMSTATE_UINT32_ARRAY(curr_cmd_data, PVSCSIState,
1157 ARRAY_SIZE(((PVSCSIState *)NULL)->curr_cmd_data)),
1158 VMSTATE_UINT8(rings_info_valid, PVSCSIState),
1159 VMSTATE_UINT8(msg_ring_info_valid, PVSCSIState),
1160 VMSTATE_UINT8(use_msg, PVSCSIState),
1161
1162 VMSTATE_UINT64(rings.rs_pa, PVSCSIState),
1163 VMSTATE_UINT32(rings.txr_len_mask, PVSCSIState),
1164 VMSTATE_UINT32(rings.rxr_len_mask, PVSCSIState),
1165 VMSTATE_UINT64_ARRAY(rings.req_ring_pages_pa, PVSCSIState,
1166 PVSCSI_SETUP_RINGS_MAX_NUM_PAGES),
1167 VMSTATE_UINT64_ARRAY(rings.cmp_ring_pages_pa, PVSCSIState,
1168 PVSCSI_SETUP_RINGS_MAX_NUM_PAGES),
1169 VMSTATE_UINT64(rings.consumed_ptr, PVSCSIState),
1170 VMSTATE_UINT64(rings.filled_cmp_ptr, PVSCSIState),
1171
1172 VMSTATE_END_OF_LIST()
1173 }
1174 };
1175
1176 static void
1177 pvscsi_write_config(PCIDevice *pci, uint32_t addr, uint32_t val, int len)
1178 {
1179 pci_default_write_config(pci, addr, val, len);
1180 msi_write_config(pci, addr, val, len);
1181 }
1182
1183 static Property pvscsi_properties[] = {
1184 DEFINE_PROP_UINT8("use_msg", PVSCSIState, use_msg, 1),
1185 DEFINE_PROP_END_OF_LIST(),
1186 };
1187
1188 static void pvscsi_class_init(ObjectClass *klass, void *data)
1189 {
1190 DeviceClass *dc = DEVICE_CLASS(klass);
1191 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
1192
1193 k->init = pvscsi_init;
1194 k->exit = pvscsi_uninit;
1195 k->vendor_id = PCI_VENDOR_ID_VMWARE;
1196 k->device_id = PCI_DEVICE_ID_VMWARE_PVSCSI;
1197 k->class_id = PCI_CLASS_STORAGE_SCSI;
1198 k->subsystem_id = 0x1000;
1199 dc->reset = pvscsi_reset;
1200 dc->vmsd = &vmstate_pvscsi;
1201 dc->props = pvscsi_properties;
1202 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1203 k->config_write = pvscsi_write_config;
1204 }
1205
1206 static const TypeInfo pvscsi_info = {
1207 .name = TYPE_PVSCSI,
1208 .parent = TYPE_PCI_DEVICE,
1209 .instance_size = sizeof(PVSCSIState),
1210 .class_init = pvscsi_class_init,
1211 };
1212
1213 static void
1214 pvscsi_register_types(void)
1215 {
1216 type_register_static(&pvscsi_info);
1217 }
1218
1219 type_init(pvscsi_register_types);