search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
e1000: bounds packet size against buffer size
[qemu.git] / hw / msi.c
blobf214fcf5793b649ff0b3165ef76a07846753a142
1 /*
2 * msi.c
3 *
4 * Copyright (c) 2010 Isaku Yamahata <yamahata at valinux co jp>
5 * VA Linux Systems Japan K.K.
6 *
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License as published by
9 * the Free Software Foundation; either version 2 of the License, or
10 * (at your option) any later version.
11
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16
17 * You should have received a copy of the GNU General Public License along
18 * with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "msi.h"
22 #include "range.h"
23
24 /* Eventually those constants should go to Linux pci_regs.h */
25 #define PCI_MSI_PENDING_32 0x10
26 #define PCI_MSI_PENDING_64 0x14
27
28 /* PCI_MSI_ADDRESS_LO */
29 #define PCI_MSI_ADDRESS_LO_MASK (~0x3)
30
31 /* If we get rid of cap allocator, we won't need those. */
32 #define PCI_MSI_32_SIZEOF 0x0a
33 #define PCI_MSI_64_SIZEOF 0x0e
34 #define PCI_MSI_32M_SIZEOF 0x14
35 #define PCI_MSI_64M_SIZEOF 0x18
36
37 #define PCI_MSI_VECTORS_MAX 32
38
39 /* If we get rid of cap allocator, we won't need this. */
40 static inline uint8_t msi_cap_sizeof(uint16_t flags)
41 {
42 switch (flags & (PCI_MSI_FLAGS_MASKBIT | PCI_MSI_FLAGS_64BIT)) {
43 case PCI_MSI_FLAGS_MASKBIT | PCI_MSI_FLAGS_64BIT:
44 return PCI_MSI_64M_SIZEOF;
45 case PCI_MSI_FLAGS_64BIT:
46 return PCI_MSI_64_SIZEOF;
47 case PCI_MSI_FLAGS_MASKBIT:
48 return PCI_MSI_32M_SIZEOF;
49 case 0:
50 return PCI_MSI_32_SIZEOF;
51 default:
52 abort();
53 break;
54 }
55 return 0;
56 }
57
58 //#define MSI_DEBUG
59
60 #ifdef MSI_DEBUG
61 # define MSI_DPRINTF(fmt, ...) \
62 fprintf(stderr, "%s:%d " fmt, __func__, __LINE__, ## __VA_ARGS__)
63 #else
64 # define MSI_DPRINTF(fmt, ...) do { } while (0)
65 #endif
66 #define MSI_DEV_PRINTF(dev, fmt, ...) \
67 MSI_DPRINTF("%s:%x " fmt, (dev)->name, (dev)->devfn, ## __VA_ARGS__)
68
69 static inline unsigned int msi_nr_vectors(uint16_t flags)
70 {
71 return 1U <<
72 ((flags & PCI_MSI_FLAGS_QSIZE) >> (ffs(PCI_MSI_FLAGS_QSIZE) - 1));
73 }
74
75 static inline uint8_t msi_flags_off(const PCIDevice* dev)
76 {
77 return dev->msi_cap + PCI_MSI_FLAGS;
78 }
79
80 static inline uint8_t msi_address_lo_off(const PCIDevice* dev)
81 {
82 return dev->msi_cap + PCI_MSI_ADDRESS_LO;
83 }
84
85 static inline uint8_t msi_address_hi_off(const PCIDevice* dev)
86 {
87 return dev->msi_cap + PCI_MSI_ADDRESS_HI;
88 }
89
90 static inline uint8_t msi_data_off(const PCIDevice* dev, bool msi64bit)
91 {
92 return dev->msi_cap + (msi64bit ? PCI_MSI_DATA_64 : PCI_MSI_DATA_32);
93 }
94
95 static inline uint8_t msi_mask_off(const PCIDevice* dev, bool msi64bit)
96 {
97 return dev->msi_cap + (msi64bit ? PCI_MSI_MASK_64 : PCI_MSI_MASK_32);
98 }
99
100 static inline uint8_t msi_pending_off(const PCIDevice* dev, bool msi64bit)
101 {
102 return dev->msi_cap + (msi64bit ? PCI_MSI_PENDING_64 : PCI_MSI_PENDING_32);
103 }
104
105 bool msi_enabled(const PCIDevice *dev)
106 {
107 return msi_present(dev) &&
108 (pci_get_word(dev->config + msi_flags_off(dev)) &
109 PCI_MSI_FLAGS_ENABLE);
110 }
111
112 int msi_init(struct PCIDevice *dev, uint8_t offset,
113 unsigned int nr_vectors, bool msi64bit, bool msi_per_vector_mask)
114 {
115 unsigned int vectors_order;
116 uint16_t flags;
117 uint8_t cap_size;
118 int config_offset;
119 MSI_DEV_PRINTF(dev,
120 "init offset: 0x%"PRIx8" vector: %"PRId8
121 " 64bit %d mask %d\n",
122 offset, nr_vectors, msi64bit, msi_per_vector_mask);
123
124 assert(!(nr_vectors & (nr_vectors - 1))); /* power of 2 */
125 assert(nr_vectors > 0);
126 assert(nr_vectors <= PCI_MSI_VECTORS_MAX);
127 /* the nr of MSI vectors is up to 32 */
128 vectors_order = ffs(nr_vectors) - 1;
129
130 flags = vectors_order << (ffs(PCI_MSI_FLAGS_QMASK) - 1);
131 if (msi64bit) {
132 flags |= PCI_MSI_FLAGS_64BIT;
133 }
134 if (msi_per_vector_mask) {
135 flags |= PCI_MSI_FLAGS_MASKBIT;
136 }
137
138 cap_size = msi_cap_sizeof(flags);
139 config_offset = pci_add_capability(dev, PCI_CAP_ID_MSI, offset, cap_size);
140 if (config_offset < 0) {
141 return config_offset;
142 }
143
144 dev->msi_cap = config_offset;
145 dev->cap_present |= QEMU_PCI_CAP_MSI;
146
147 pci_set_word(dev->config + msi_flags_off(dev), flags);
148 pci_set_word(dev->wmask + msi_flags_off(dev),
149 PCI_MSI_FLAGS_QSIZE | PCI_MSI_FLAGS_ENABLE);
150 pci_set_long(dev->wmask + msi_address_lo_off(dev),
151 PCI_MSI_ADDRESS_LO_MASK);
152 if (msi64bit) {
153 pci_set_long(dev->wmask + msi_address_hi_off(dev), 0xffffffff);
154 }
155 pci_set_word(dev->wmask + msi_data_off(dev, msi64bit), 0xffff);
156
157 if (msi_per_vector_mask) {
158 /* Make mask bits 0 to nr_vectors - 1 writable. */
159 pci_set_long(dev->wmask + msi_mask_off(dev, msi64bit),
160 0xffffffff >> (PCI_MSI_VECTORS_MAX - nr_vectors));
161 }
162 return config_offset;
163 }
164
165 void msi_uninit(struct PCIDevice *dev)
166 {
167 uint16_t flags;
168 uint8_t cap_size;
169
170 if (!(dev->cap_present & QEMU_PCI_CAP_MSI)) {
171 return;
172 }
173 flags = pci_get_word(dev->config + msi_flags_off(dev));
174 cap_size = msi_cap_sizeof(flags);
175 pci_del_capability(dev, PCI_CAP_ID_MSI, cap_size);
176 dev->cap_present &= ~QEMU_PCI_CAP_MSI;
177
178 MSI_DEV_PRINTF(dev, "uninit\n");
179 }
180
181 void msi_reset(PCIDevice *dev)
182 {
183 uint16_t flags;
184 bool msi64bit;
185
186 flags = pci_get_word(dev->config + msi_flags_off(dev));
187 flags &= ~(PCI_MSI_FLAGS_QSIZE | PCI_MSI_FLAGS_ENABLE);
188 msi64bit = flags & PCI_MSI_FLAGS_64BIT;
189
190 pci_set_word(dev->config + msi_flags_off(dev), flags);
191 pci_set_long(dev->config + msi_address_lo_off(dev), 0);
192 if (msi64bit) {
193 pci_set_long(dev->config + msi_address_hi_off(dev), 0);
194 }
195 pci_set_word(dev->config + msi_data_off(dev, msi64bit), 0);
196 if (flags & PCI_MSI_FLAGS_MASKBIT) {
197 pci_set_long(dev->config + msi_mask_off(dev, msi64bit), 0);
198 pci_set_long(dev->config + msi_pending_off(dev, msi64bit), 0);
199 }
200 MSI_DEV_PRINTF(dev, "reset\n");
201 }
202
203 static bool msi_is_masked(const PCIDevice *dev, unsigned int vector)
204 {
205 uint16_t flags = pci_get_word(dev->config + msi_flags_off(dev));
206 uint32_t mask;
207 assert(vector < PCI_MSI_VECTORS_MAX);
208
209 if (!(flags & PCI_MSI_FLAGS_MASKBIT)) {
210 return false;
211 }
212
213 mask = pci_get_long(dev->config +
214 msi_mask_off(dev, flags & PCI_MSI_FLAGS_64BIT));
215 return mask & (1U << vector);
216 }
217
218 void msi_notify(PCIDevice *dev, unsigned int vector)
219 {
220 uint16_t flags = pci_get_word(dev->config + msi_flags_off(dev));
221 bool msi64bit = flags & PCI_MSI_FLAGS_64BIT;
222 unsigned int nr_vectors = msi_nr_vectors(flags);
223 uint64_t address;
224 uint32_t data;
225
226 assert(vector < nr_vectors);
227 if (msi_is_masked(dev, vector)) {
228 assert(flags & PCI_MSI_FLAGS_MASKBIT);
229 pci_long_test_and_set_mask(
230 dev->config + msi_pending_off(dev, msi64bit), 1U << vector);
231 MSI_DEV_PRINTF(dev, "pending vector 0x%x\n", vector);
232 return;
233 }
234
235 if (msi64bit) {
236 address = pci_get_quad(dev->config + msi_address_lo_off(dev));
237 } else {
238 address = pci_get_long(dev->config + msi_address_lo_off(dev));
239 }
240
241 /* upper bit 31:16 is zero */
242 data = pci_get_word(dev->config + msi_data_off(dev, msi64bit));
243 if (nr_vectors > 1) {
244 data &= ~(nr_vectors - 1);
245 data |= vector;
246 }
247
248 MSI_DEV_PRINTF(dev,
249 "notify vector 0x%x"
250 " address: 0x%"PRIx64" data: 0x%"PRIx32"\n",
251 vector, address, data);
252 stl_le_phys(address, data);
253 }
254
255 /* call this function after updating configs by pci_default_write_config(). */
256 void msi_write_config(PCIDevice *dev, uint32_t addr, uint32_t val, int len)
257 {
258 uint16_t flags = pci_get_word(dev->config + msi_flags_off(dev));
259 bool msi64bit = flags & PCI_MSI_FLAGS_64BIT;
260 bool msi_per_vector_mask = flags & PCI_MSI_FLAGS_MASKBIT;
261 unsigned int nr_vectors;
262 uint8_t log_num_vecs;
263 uint8_t log_max_vecs;
264 unsigned int vector;
265 uint32_t pending;
266
267 if (!ranges_overlap(addr, len, dev->msi_cap, msi_cap_sizeof(flags))) {
268 return;
269 }
270
271 #ifdef MSI_DEBUG
272 MSI_DEV_PRINTF(dev, "addr 0x%"PRIx32" val 0x%"PRIx32" len %d\n",
273 addr, val, len);
274 MSI_DEV_PRINTF(dev, "ctrl: 0x%"PRIx16" address: 0x%"PRIx32,
275 flags,
276 pci_get_long(dev->config + msi_address_lo_off(dev)));
277 if (msi64bit) {
278 fprintf(stderr, " address-hi: 0x%"PRIx32,
279 pci_get_long(dev->config + msi_address_hi_off(dev)));
280 }
281 fprintf(stderr, " data: 0x%"PRIx16,
282 pci_get_word(dev->config + msi_data_off(dev, msi64bit)));
283 if (flags & PCI_MSI_FLAGS_MASKBIT) {
284 fprintf(stderr, " mask 0x%"PRIx32" pending 0x%"PRIx32,
285 pci_get_long(dev->config + msi_mask_off(dev, msi64bit)),
286 pci_get_long(dev->config + msi_pending_off(dev, msi64bit)));
287 }
288 fprintf(stderr, "\n");
289 #endif
290
291 if (!(flags & PCI_MSI_FLAGS_ENABLE)) {
292 return;
293 }
294
295 /*
296 * Now MSI is enabled, clear INTx# interrupts.
297 * the driver is prohibited from writing enable bit to mask
298 * a service request. But the guest OS could do this.
299 * So we just discard the interrupts as moderate fallback.
300 *
301 * 6.8.3.3. Enabling Operation
302 * While enabled for MSI or MSI-X operation, a function is prohibited
303 * from using its INTx# pin (if implemented) to request
304 * service (MSI, MSI-X, and INTx# are mutually exclusive).
305 */
306 pci_device_deassert_intx(dev);
307
308 /*
309 * nr_vectors might be set bigger than capable. So clamp it.
310 * This is not legal by spec, so we can do anything we like,
311 * just don't crash the host
312 */
313 log_num_vecs =
314 (flags & PCI_MSI_FLAGS_QSIZE) >> (ffs(PCI_MSI_FLAGS_QSIZE) - 1);
315 log_max_vecs =
316 (flags & PCI_MSI_FLAGS_QMASK) >> (ffs(PCI_MSI_FLAGS_QMASK) - 1);
317 if (log_num_vecs > log_max_vecs) {
318 flags &= ~PCI_MSI_FLAGS_QSIZE;
319 flags |= log_max_vecs << (ffs(PCI_MSI_FLAGS_QSIZE) - 1);
320 pci_set_word(dev->config + msi_flags_off(dev), flags);
321 }
322
323 if (!msi_per_vector_mask) {
324 /* if per vector masking isn't supported,
325 there is no pending interrupt. */
326 return;
327 }
328
329 nr_vectors = msi_nr_vectors(flags);
330
331 /* This will discard pending interrupts, if any. */
332 pending = pci_get_long(dev->config + msi_pending_off(dev, msi64bit));
333 pending &= 0xffffffff >> (PCI_MSI_VECTORS_MAX - nr_vectors);
334 pci_set_long(dev->config + msi_pending_off(dev, msi64bit), pending);
335
336 /* deliver pending interrupts which are unmasked */
337 for (vector = 0; vector < nr_vectors; ++vector) {
338 if (msi_is_masked(dev, vector) || !(pending & (1U << vector))) {
339 continue;
340 }
341
342 pci_long_test_and_clear_mask(
343 dev->config + msi_pending_off(dev, msi64bit), 1U << vector);
344 msi_notify(dev, vector);
345 }
346 }
347
348 unsigned int msi_nr_vectors_allocated(const PCIDevice *dev)
349 {
350 uint16_t flags = pci_get_word(dev->config + msi_flags_off(dev));
351 return msi_nr_vectors(flags);
352 }
QEmu