2 * VFIO PCI interrupt handling
4 * Copyright (C) 2012 Red Hat, Inc. All rights reserved.
5 * Author: Alex Williamson <alex.williamson@redhat.com>
7 * This program is free software; you can redistribute it and/or modify
8 * it under the terms of the GNU General Public License version 2 as
9 * published by the Free Software Foundation.
11 * Derived from original vfio:
12 * Copyright 2010 Cisco Systems, Inc. All rights reserved.
13 * Author: Tom Lyon, pugs@cisco.com
16 #include <linux/device.h>
17 #include <linux/interrupt.h>
18 #include <linux/eventfd.h>
19 #include <linux/msi.h>
20 #include <linux/pci.h>
21 #include <linux/file.h>
22 #include <linux/poll.h>
23 #include <linux/vfio.h>
24 #include <linux/wait.h>
25 #include <linux/workqueue.h>
26 #include <linux/slab.h>
28 #include "vfio_pci_private.h"
34 struct vfio_pci_device *vdev;
35 struct eventfd_ctx *eventfd;
36 int (*handler)(struct vfio_pci_device *, void *);
37 void (*thread)(struct vfio_pci_device *, void *);
39 struct work_struct inject;
42 struct work_struct shutdown;
43 struct virqfd **pvirqfd;
46 static struct workqueue_struct *vfio_irqfd_cleanup_wq;
48 int __init vfio_pci_virqfd_init(void)
50 vfio_irqfd_cleanup_wq =
51 create_singlethread_workqueue("vfio-irqfd-cleanup");
52 if (!vfio_irqfd_cleanup_wq)
58 void vfio_pci_virqfd_exit(void)
60 destroy_workqueue(vfio_irqfd_cleanup_wq);
63 static void virqfd_deactivate(struct virqfd *virqfd)
65 queue_work(vfio_irqfd_cleanup_wq, &virqfd->shutdown);
68 static int virqfd_wakeup(wait_queue_t *wait, unsigned mode, int sync, void *key)
70 struct virqfd *virqfd = container_of(wait, struct virqfd, wait);
71 unsigned long flags = (unsigned long)key;
74 /* An event has been signaled, call function */
75 if ((!virqfd->handler ||
76 virqfd->handler(virqfd->vdev, virqfd->data)) &&
78 schedule_work(&virqfd->inject);
81 if (flags & POLLHUP) {
83 spin_lock_irqsave(&virqfd->vdev->irqlock, flags);
86 * The eventfd is closing, if the virqfd has not yet been
87 * queued for release, as determined by testing whether the
88 * vdev pointer to it is still valid, queue it now. As
89 * with kvm irqfds, we know we won't race against the virqfd
90 * going away because we hold wqh->lock to get here.
92 if (*(virqfd->pvirqfd) == virqfd) {
93 *(virqfd->pvirqfd) = NULL;
94 virqfd_deactivate(virqfd);
97 spin_unlock_irqrestore(&virqfd->vdev->irqlock, flags);
103 static void virqfd_ptable_queue_proc(struct file *file,
104 wait_queue_head_t *wqh, poll_table *pt)
106 struct virqfd *virqfd = container_of(pt, struct virqfd, pt);
107 add_wait_queue(wqh, &virqfd->wait);
110 static void virqfd_shutdown(struct work_struct *work)
112 struct virqfd *virqfd = container_of(work, struct virqfd, shutdown);
115 eventfd_ctx_remove_wait_queue(virqfd->eventfd, &virqfd->wait, &cnt);
116 flush_work(&virqfd->inject);
117 eventfd_ctx_put(virqfd->eventfd);
122 static void virqfd_inject(struct work_struct *work)
124 struct virqfd *virqfd = container_of(work, struct virqfd, inject);
126 virqfd->thread(virqfd->vdev, virqfd->data);
129 static int virqfd_enable(struct vfio_pci_device *vdev,
130 int (*handler)(struct vfio_pci_device *, void *),
131 void (*thread)(struct vfio_pci_device *, void *),
132 void *data, struct virqfd **pvirqfd, int fd)
135 struct eventfd_ctx *ctx;
136 struct virqfd *virqfd;
140 virqfd = kzalloc(sizeof(*virqfd), GFP_KERNEL);
144 virqfd->pvirqfd = pvirqfd;
146 virqfd->handler = handler;
147 virqfd->thread = thread;
150 INIT_WORK(&virqfd->shutdown, virqfd_shutdown);
151 INIT_WORK(&virqfd->inject, virqfd_inject);
159 ctx = eventfd_ctx_fileget(irqfd.file);
165 virqfd->eventfd = ctx;
168 * virqfds can be released by closing the eventfd or directly
169 * through ioctl. These are both done through a workqueue, so
170 * we update the pointer to the virqfd under lock to avoid
171 * pushing multiple jobs to release the same virqfd.
173 spin_lock_irq(&vdev->irqlock);
176 spin_unlock_irq(&vdev->irqlock);
182 spin_unlock_irq(&vdev->irqlock);
185 * Install our own custom wake-up handling so we are notified via
186 * a callback whenever someone signals the underlying eventfd.
188 init_waitqueue_func_entry(&virqfd->wait, virqfd_wakeup);
189 init_poll_funcptr(&virqfd->pt, virqfd_ptable_queue_proc);
191 events = irqfd.file->f_op->poll(irqfd.file, &virqfd->pt);
194 * Check if there was an event already pending on the eventfd
195 * before we registered and trigger it as if we didn't miss it.
197 if (events & POLLIN) {
198 if ((!handler || handler(vdev, data)) && thread)
199 schedule_work(&virqfd->inject);
203 * Do not drop the file until the irqfd is fully initialized,
204 * otherwise we might race against the POLLHUP.
210 eventfd_ctx_put(ctx);
219 static void virqfd_disable(struct vfio_pci_device *vdev,
220 struct virqfd **pvirqfd)
224 spin_lock_irqsave(&vdev->irqlock, flags);
227 virqfd_deactivate(*pvirqfd);
231 spin_unlock_irqrestore(&vdev->irqlock, flags);
234 * Block until we know all outstanding shutdown jobs have completed.
235 * Even if we don't queue the job, flush the wq to be sure it's
238 flush_workqueue(vfio_irqfd_cleanup_wq);
244 static void vfio_send_intx_eventfd(struct vfio_pci_device *vdev, void *unused)
246 if (likely(is_intx(vdev) && !vdev->virq_disabled))
247 eventfd_signal(vdev->ctx[0].trigger, 1);
250 void vfio_pci_intx_mask(struct vfio_pci_device *vdev)
252 struct pci_dev *pdev = vdev->pdev;
255 spin_lock_irqsave(&vdev->irqlock, flags);
258 * Masking can come from interrupt, ioctl, or config space
259 * via INTx disable. The latter means this can get called
260 * even when not using intx delivery. In this case, just
261 * try to have the physical bit follow the virtual bit.
263 if (unlikely(!is_intx(vdev))) {
266 } else if (!vdev->ctx[0].masked) {
268 * Can't use check_and_mask here because we always want to
269 * mask, not just when something is pending.
274 disable_irq_nosync(pdev->irq);
276 vdev->ctx[0].masked = true;
279 spin_unlock_irqrestore(&vdev->irqlock, flags);
283 * If this is triggered by an eventfd, we can't call eventfd_signal
284 * or else we'll deadlock on the eventfd wait queue. Return >0 when
285 * a signal is necessary, which can then be handled via a work queue
286 * or directly depending on the caller.
288 static int vfio_pci_intx_unmask_handler(struct vfio_pci_device *vdev,
291 struct pci_dev *pdev = vdev->pdev;
295 spin_lock_irqsave(&vdev->irqlock, flags);
298 * Unmasking comes from ioctl or config, so again, have the
299 * physical bit follow the virtual even when not using INTx.
301 if (unlikely(!is_intx(vdev))) {
304 } else if (vdev->ctx[0].masked && !vdev->virq_disabled) {
306 * A pending interrupt here would immediately trigger,
307 * but we can avoid that overhead by just re-sending
308 * the interrupt to the user.
311 if (!pci_check_and_unmask_intx(pdev))
314 enable_irq(pdev->irq);
316 vdev->ctx[0].masked = (ret > 0);
319 spin_unlock_irqrestore(&vdev->irqlock, flags);
324 void vfio_pci_intx_unmask(struct vfio_pci_device *vdev)
326 if (vfio_pci_intx_unmask_handler(vdev, NULL) > 0)
327 vfio_send_intx_eventfd(vdev, NULL);
330 static irqreturn_t vfio_intx_handler(int irq, void *dev_id)
332 struct vfio_pci_device *vdev = dev_id;
336 spin_lock_irqsave(&vdev->irqlock, flags);
338 if (!vdev->pci_2_3) {
339 disable_irq_nosync(vdev->pdev->irq);
340 vdev->ctx[0].masked = true;
342 } else if (!vdev->ctx[0].masked && /* may be shared */
343 pci_check_and_mask_intx(vdev->pdev)) {
344 vdev->ctx[0].masked = true;
348 spin_unlock_irqrestore(&vdev->irqlock, flags);
350 if (ret == IRQ_HANDLED)
351 vfio_send_intx_eventfd(vdev, NULL);
356 static int vfio_intx_enable(struct vfio_pci_device *vdev)
358 if (!is_irq_none(vdev))
361 if (!vdev->pdev->irq)
364 vdev->ctx = kzalloc(sizeof(struct vfio_pci_irq_ctx), GFP_KERNEL);
371 * If the virtual interrupt is masked, restore it. Devices
372 * supporting DisINTx can be masked at the hardware level
373 * here, non-PCI-2.3 devices will have to wait until the
374 * interrupt is enabled.
376 vdev->ctx[0].masked = vdev->virq_disabled;
378 pci_intx(vdev->pdev, !vdev->ctx[0].masked);
380 vdev->irq_type = VFIO_PCI_INTX_IRQ_INDEX;
385 static int vfio_intx_set_signal(struct vfio_pci_device *vdev, int fd)
387 struct pci_dev *pdev = vdev->pdev;
388 unsigned long irqflags = IRQF_SHARED;
389 struct eventfd_ctx *trigger;
393 if (vdev->ctx[0].trigger) {
394 free_irq(pdev->irq, vdev);
395 kfree(vdev->ctx[0].name);
396 eventfd_ctx_put(vdev->ctx[0].trigger);
397 vdev->ctx[0].trigger = NULL;
400 if (fd < 0) /* Disable only */
403 vdev->ctx[0].name = kasprintf(GFP_KERNEL, "vfio-intx(%s)",
405 if (!vdev->ctx[0].name)
408 trigger = eventfd_ctx_fdget(fd);
409 if (IS_ERR(trigger)) {
410 kfree(vdev->ctx[0].name);
411 return PTR_ERR(trigger);
414 vdev->ctx[0].trigger = trigger;
419 ret = request_irq(pdev->irq, vfio_intx_handler,
420 irqflags, vdev->ctx[0].name, vdev);
422 vdev->ctx[0].trigger = NULL;
423 kfree(vdev->ctx[0].name);
424 eventfd_ctx_put(trigger);
429 * INTx disable will stick across the new irq setup,
432 spin_lock_irqsave(&vdev->irqlock, flags);
433 if (!vdev->pci_2_3 && vdev->ctx[0].masked)
434 disable_irq_nosync(pdev->irq);
435 spin_unlock_irqrestore(&vdev->irqlock, flags);
440 static void vfio_intx_disable(struct vfio_pci_device *vdev)
442 vfio_intx_set_signal(vdev, -1);
443 virqfd_disable(vdev, &vdev->ctx[0].unmask);
444 virqfd_disable(vdev, &vdev->ctx[0].mask);
445 vdev->irq_type = VFIO_PCI_NUM_IRQS;
453 static irqreturn_t vfio_msihandler(int irq, void *arg)
455 struct eventfd_ctx *trigger = arg;
457 eventfd_signal(trigger, 1);
461 static int vfio_msi_enable(struct vfio_pci_device *vdev, int nvec, bool msix)
463 struct pci_dev *pdev = vdev->pdev;
466 if (!is_irq_none(vdev))
469 vdev->ctx = kzalloc(nvec * sizeof(struct vfio_pci_irq_ctx), GFP_KERNEL);
476 vdev->msix = kzalloc(nvec * sizeof(struct msix_entry),
483 for (i = 0; i < nvec; i++)
484 vdev->msix[i].entry = i;
486 ret = pci_enable_msix_range(pdev, vdev->msix, 1, nvec);
489 pci_disable_msix(pdev);
495 ret = pci_enable_msi_range(pdev, 1, nvec);
498 pci_disable_msi(pdev);
504 vdev->num_ctx = nvec;
505 vdev->irq_type = msix ? VFIO_PCI_MSIX_IRQ_INDEX :
506 VFIO_PCI_MSI_IRQ_INDEX;
510 * Compute the virtual hardware field for max msi vectors -
511 * it is the log base 2 of the number of vectors.
513 vdev->msi_qmax = fls(nvec * 2 - 1) - 1;
519 static int vfio_msi_set_vector_signal(struct vfio_pci_device *vdev,
520 int vector, int fd, bool msix)
522 struct pci_dev *pdev = vdev->pdev;
523 int irq = msix ? vdev->msix[vector].vector : pdev->irq + vector;
524 char *name = msix ? "vfio-msix" : "vfio-msi";
525 struct eventfd_ctx *trigger;
528 if (vector >= vdev->num_ctx)
531 if (vdev->ctx[vector].trigger) {
532 free_irq(irq, vdev->ctx[vector].trigger);
533 kfree(vdev->ctx[vector].name);
534 eventfd_ctx_put(vdev->ctx[vector].trigger);
535 vdev->ctx[vector].trigger = NULL;
541 vdev->ctx[vector].name = kasprintf(GFP_KERNEL, "%s[%d](%s)",
542 name, vector, pci_name(pdev));
543 if (!vdev->ctx[vector].name)
546 trigger = eventfd_ctx_fdget(fd);
547 if (IS_ERR(trigger)) {
548 kfree(vdev->ctx[vector].name);
549 return PTR_ERR(trigger);
553 * The MSIx vector table resides in device memory which may be cleared
554 * via backdoor resets. We don't allow direct access to the vector
555 * table so even if a userspace driver attempts to save/restore around
556 * such a reset it would be unsuccessful. To avoid this, restore the
557 * cached value of the message prior to enabling.
562 get_cached_msi_msg(irq, &msg);
563 pci_write_msi_msg(irq, &msg);
566 ret = request_irq(irq, vfio_msihandler, 0,
567 vdev->ctx[vector].name, trigger);
569 kfree(vdev->ctx[vector].name);
570 eventfd_ctx_put(trigger);
574 vdev->ctx[vector].trigger = trigger;
579 static int vfio_msi_set_block(struct vfio_pci_device *vdev, unsigned start,
580 unsigned count, int32_t *fds, bool msix)
584 if (start + count > vdev->num_ctx)
587 for (i = 0, j = start; i < count && !ret; i++, j++) {
588 int fd = fds ? fds[i] : -1;
589 ret = vfio_msi_set_vector_signal(vdev, j, fd, msix);
593 for (--j; j >= start; j--)
594 vfio_msi_set_vector_signal(vdev, j, -1, msix);
600 static void vfio_msi_disable(struct vfio_pci_device *vdev, bool msix)
602 struct pci_dev *pdev = vdev->pdev;
605 vfio_msi_set_block(vdev, 0, vdev->num_ctx, NULL, msix);
607 for (i = 0; i < vdev->num_ctx; i++) {
608 virqfd_disable(vdev, &vdev->ctx[i].unmask);
609 virqfd_disable(vdev, &vdev->ctx[i].mask);
613 pci_disable_msix(vdev->pdev);
616 pci_disable_msi(pdev);
618 vdev->irq_type = VFIO_PCI_NUM_IRQS;
626 static int vfio_pci_set_intx_unmask(struct vfio_pci_device *vdev,
627 unsigned index, unsigned start,
628 unsigned count, uint32_t flags, void *data)
630 if (!is_intx(vdev) || start != 0 || count != 1)
633 if (flags & VFIO_IRQ_SET_DATA_NONE) {
634 vfio_pci_intx_unmask(vdev);
635 } else if (flags & VFIO_IRQ_SET_DATA_BOOL) {
636 uint8_t unmask = *(uint8_t *)data;
638 vfio_pci_intx_unmask(vdev);
639 } else if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
640 int32_t fd = *(int32_t *)data;
642 return virqfd_enable(vdev, vfio_pci_intx_unmask_handler,
643 vfio_send_intx_eventfd, NULL,
644 &vdev->ctx[0].unmask, fd);
646 virqfd_disable(vdev, &vdev->ctx[0].unmask);
652 static int vfio_pci_set_intx_mask(struct vfio_pci_device *vdev,
653 unsigned index, unsigned start,
654 unsigned count, uint32_t flags, void *data)
656 if (!is_intx(vdev) || start != 0 || count != 1)
659 if (flags & VFIO_IRQ_SET_DATA_NONE) {
660 vfio_pci_intx_mask(vdev);
661 } else if (flags & VFIO_IRQ_SET_DATA_BOOL) {
662 uint8_t mask = *(uint8_t *)data;
664 vfio_pci_intx_mask(vdev);
665 } else if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
666 return -ENOTTY; /* XXX implement me */
672 static int vfio_pci_set_intx_trigger(struct vfio_pci_device *vdev,
673 unsigned index, unsigned start,
674 unsigned count, uint32_t flags, void *data)
676 if (is_intx(vdev) && !count && (flags & VFIO_IRQ_SET_DATA_NONE)) {
677 vfio_intx_disable(vdev);
681 if (!(is_intx(vdev) || is_irq_none(vdev)) || start != 0 || count != 1)
684 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
685 int32_t fd = *(int32_t *)data;
689 return vfio_intx_set_signal(vdev, fd);
691 ret = vfio_intx_enable(vdev);
695 ret = vfio_intx_set_signal(vdev, fd);
697 vfio_intx_disable(vdev);
705 if (flags & VFIO_IRQ_SET_DATA_NONE) {
706 vfio_send_intx_eventfd(vdev, NULL);
707 } else if (flags & VFIO_IRQ_SET_DATA_BOOL) {
708 uint8_t trigger = *(uint8_t *)data;
710 vfio_send_intx_eventfd(vdev, NULL);
715 static int vfio_pci_set_msi_trigger(struct vfio_pci_device *vdev,
716 unsigned index, unsigned start,
717 unsigned count, uint32_t flags, void *data)
720 bool msix = (index == VFIO_PCI_MSIX_IRQ_INDEX) ? true : false;
722 if (irq_is(vdev, index) && !count && (flags & VFIO_IRQ_SET_DATA_NONE)) {
723 vfio_msi_disable(vdev, msix);
727 if (!(irq_is(vdev, index) || is_irq_none(vdev)))
730 if (flags & VFIO_IRQ_SET_DATA_EVENTFD) {
734 if (vdev->irq_type == index)
735 return vfio_msi_set_block(vdev, start, count,
738 ret = vfio_msi_enable(vdev, start + count, msix);
742 ret = vfio_msi_set_block(vdev, start, count, fds, msix);
744 vfio_msi_disable(vdev, msix);
749 if (!irq_is(vdev, index) || start + count > vdev->num_ctx)
752 for (i = start; i < start + count; i++) {
753 if (!vdev->ctx[i].trigger)
755 if (flags & VFIO_IRQ_SET_DATA_NONE) {
756 eventfd_signal(vdev->ctx[i].trigger, 1);
757 } else if (flags & VFIO_IRQ_SET_DATA_BOOL) {
758 uint8_t *bools = data;
759 if (bools[i - start])
760 eventfd_signal(vdev->ctx[i].trigger, 1);
766 static int vfio_pci_set_ctx_trigger_single(struct eventfd_ctx **ctx,
767 uint32_t flags, void *data)
769 int32_t fd = *(int32_t *)data;
771 if (!(flags & VFIO_IRQ_SET_DATA_TYPE_MASK))
774 /* DATA_NONE/DATA_BOOL enables loopback testing */
775 if (flags & VFIO_IRQ_SET_DATA_NONE) {
777 eventfd_signal(*ctx, 1);
779 } else if (flags & VFIO_IRQ_SET_DATA_BOOL) {
780 uint8_t trigger = *(uint8_t *)data;
782 eventfd_signal(*ctx, 1);
786 /* Handle SET_DATA_EVENTFD */
789 eventfd_ctx_put(*ctx);
792 } else if (fd >= 0) {
793 struct eventfd_ctx *efdctx;
794 efdctx = eventfd_ctx_fdget(fd);
796 return PTR_ERR(efdctx);
798 eventfd_ctx_put(*ctx);
805 static int vfio_pci_set_err_trigger(struct vfio_pci_device *vdev,
806 unsigned index, unsigned start,
807 unsigned count, uint32_t flags, void *data)
809 if (index != VFIO_PCI_ERR_IRQ_INDEX)
813 * We should sanitize start & count, but that wasn't caught
814 * originally, so this IRQ index must forever ignore them :-(
817 return vfio_pci_set_ctx_trigger_single(&vdev->err_trigger, flags, data);
820 static int vfio_pci_set_req_trigger(struct vfio_pci_device *vdev,
821 unsigned index, unsigned start,
822 unsigned count, uint32_t flags, void *data)
824 if (index != VFIO_PCI_REQ_IRQ_INDEX || start != 0 || count != 1)
827 return vfio_pci_set_ctx_trigger_single(&vdev->req_trigger, flags, data);
830 int vfio_pci_set_irqs_ioctl(struct vfio_pci_device *vdev, uint32_t flags,
831 unsigned index, unsigned start, unsigned count,
834 int (*func)(struct vfio_pci_device *vdev, unsigned index,
835 unsigned start, unsigned count, uint32_t flags,
839 case VFIO_PCI_INTX_IRQ_INDEX:
840 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
841 case VFIO_IRQ_SET_ACTION_MASK:
842 func = vfio_pci_set_intx_mask;
844 case VFIO_IRQ_SET_ACTION_UNMASK:
845 func = vfio_pci_set_intx_unmask;
847 case VFIO_IRQ_SET_ACTION_TRIGGER:
848 func = vfio_pci_set_intx_trigger;
852 case VFIO_PCI_MSI_IRQ_INDEX:
853 case VFIO_PCI_MSIX_IRQ_INDEX:
854 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
855 case VFIO_IRQ_SET_ACTION_MASK:
856 case VFIO_IRQ_SET_ACTION_UNMASK:
857 /* XXX Need masking support exported */
859 case VFIO_IRQ_SET_ACTION_TRIGGER:
860 func = vfio_pci_set_msi_trigger;
864 case VFIO_PCI_ERR_IRQ_INDEX:
865 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
866 case VFIO_IRQ_SET_ACTION_TRIGGER:
867 if (pci_is_pcie(vdev->pdev))
868 func = vfio_pci_set_err_trigger;
871 case VFIO_PCI_REQ_IRQ_INDEX:
872 switch (flags & VFIO_IRQ_SET_ACTION_TYPE_MASK) {
873 case VFIO_IRQ_SET_ACTION_TRIGGER:
874 func = vfio_pci_set_req_trigger;
882 return func(vdev, index, start, count, flags, data);
projects / cascardo / linux.git / blob