1 // SPDX-License-Identifier: GPL-2.0
3 * Copyright (c) Microsoft Corporation.
6 * Jake Oshins <jakeo@microsoft.com>
8 * This driver acts as a paravirtual front-end for PCI Express root buses.
9 * When a PCI Express function (either an entire device or an SR-IOV
10 * Virtual Function) is being passed through to the VM, this driver exposes
11 * a new bus to the guest VM. This is modeled as a root PCI bus because
12 * no bridges are being exposed to the VM. In fact, with a "Generation 2"
13 * VM within Hyper-V, there may seem to be no PCI bus at all in the VM
14 * until a device as been exposed using this driver.
16 * Each root PCI bus has its own PCI domain, which is called "Segment" in
17 * the PCI Firmware Specifications. Thus while each device passed through
18 * to the VM using this front-end will appear at "device 0", the domain will
19 * be unique. Typically, each bus will have one PCI function on it, though
20 * this driver does support more than one.
22 * In order to map the interrupts from the device through to the guest VM,
23 * this driver also implements an IRQ Domain, which handles interrupts (either
24 * MSI or MSI-X) associated with the functions on the bus. As interrupts are
25 * set up, torn down, or reaffined, this driver communicates with the
26 * underlying hypervisor to adjust the mappings in the I/O MMU so that each
27 * interrupt will be delivered to the correct virtual processor at the right
28 * vector. This driver does not support level-triggered (line-based)
29 * interrupts, and will report that the Interrupt Line register in the
30 * function's configuration space is zero.
32 * The rest of this driver mostly maps PCI concepts onto underlying Hyper-V
33 * facilities. For instance, the configuration space of a function exposed
34 * by Hyper-V is mapped into a single page of memory space, and the
35 * read and write handlers for config space must be aware of this mechanism.
36 * Similarly, device setup and teardown involves messages sent to and from
37 * the PCI back-end driver in Hyper-V.
40 #include <linux/kernel.h>
41 #include <linux/module.h>
42 #include <linux/pci.h>
43 #include <linux/delay.h>
44 #include <linux/semaphore.h>
45 #include <linux/irqdomain.h>
46 #include <asm/irqdomain.h>
48 #include <linux/irq.h>
49 #include <linux/msi.h>
50 #include <linux/hyperv.h>
51 #include <linux/refcount.h>
52 #include <asm/mshyperv.h>
55 * Protocol versions. The low word is the minor version, the high word the
59 #define PCI_MAKE_VERSION(major, minor) ((u32)(((major) << 16) | (minor)))
60 #define PCI_MAJOR_VERSION(version) ((u32)(version) >> 16)
61 #define PCI_MINOR_VERSION(version) ((u32)(version) & 0xff)
63 enum pci_protocol_version_t {
64 PCI_PROTOCOL_VERSION_1_1 = PCI_MAKE_VERSION(1, 1), /* Win10 */
65 PCI_PROTOCOL_VERSION_1_2 = PCI_MAKE_VERSION(1, 2), /* RS1 */
66 PCI_PROTOCOL_VERSION_1_3 = PCI_MAKE_VERSION(1, 3), /* Vibranium */
69 #define CPU_AFFINITY_ALL -1ULL
72 * Supported protocol versions in the order of probing - highest go
75 static enum pci_protocol_version_t pci_protocol_versions[] = {
76 PCI_PROTOCOL_VERSION_1_3,
77 PCI_PROTOCOL_VERSION_1_2,
78 PCI_PROTOCOL_VERSION_1_1,
81 #define PCI_CONFIG_MMIO_LENGTH 0x2000
82 #define CFG_PAGE_OFFSET 0x1000
83 #define CFG_PAGE_SIZE (PCI_CONFIG_MMIO_LENGTH - CFG_PAGE_OFFSET)
85 #define MAX_SUPPORTED_MSI_MESSAGES 0x400
87 #define STATUS_REVISION_MISMATCH 0xC0000059
89 /* space for 32bit serial number as string */
90 #define SLOT_NAME_SIZE 11
96 enum pci_message_type {
100 PCI_MESSAGE_BASE = 0x42490000,
101 PCI_BUS_RELATIONS = PCI_MESSAGE_BASE + 0,
102 PCI_QUERY_BUS_RELATIONS = PCI_MESSAGE_BASE + 1,
103 PCI_POWER_STATE_CHANGE = PCI_MESSAGE_BASE + 4,
104 PCI_QUERY_RESOURCE_REQUIREMENTS = PCI_MESSAGE_BASE + 5,
105 PCI_QUERY_RESOURCE_RESOURCES = PCI_MESSAGE_BASE + 6,
106 PCI_BUS_D0ENTRY = PCI_MESSAGE_BASE + 7,
107 PCI_BUS_D0EXIT = PCI_MESSAGE_BASE + 8,
108 PCI_READ_BLOCK = PCI_MESSAGE_BASE + 9,
109 PCI_WRITE_BLOCK = PCI_MESSAGE_BASE + 0xA,
110 PCI_EJECT = PCI_MESSAGE_BASE + 0xB,
111 PCI_QUERY_STOP = PCI_MESSAGE_BASE + 0xC,
112 PCI_REENABLE = PCI_MESSAGE_BASE + 0xD,
113 PCI_QUERY_STOP_FAILED = PCI_MESSAGE_BASE + 0xE,
114 PCI_EJECTION_COMPLETE = PCI_MESSAGE_BASE + 0xF,
115 PCI_RESOURCES_ASSIGNED = PCI_MESSAGE_BASE + 0x10,
116 PCI_RESOURCES_RELEASED = PCI_MESSAGE_BASE + 0x11,
117 PCI_INVALIDATE_BLOCK = PCI_MESSAGE_BASE + 0x12,
118 PCI_QUERY_PROTOCOL_VERSION = PCI_MESSAGE_BASE + 0x13,
119 PCI_CREATE_INTERRUPT_MESSAGE = PCI_MESSAGE_BASE + 0x14,
120 PCI_DELETE_INTERRUPT_MESSAGE = PCI_MESSAGE_BASE + 0x15,
121 PCI_RESOURCES_ASSIGNED2 = PCI_MESSAGE_BASE + 0x16,
122 PCI_CREATE_INTERRUPT_MESSAGE2 = PCI_MESSAGE_BASE + 0x17,
123 PCI_DELETE_INTERRUPT_MESSAGE2 = PCI_MESSAGE_BASE + 0x18, /* unused */
124 PCI_BUS_RELATIONS2 = PCI_MESSAGE_BASE + 0x19,
129 * Structures defining the virtual PCI Express protocol.
141 * Function numbers are 8-bits wide on Express, as interpreted through ARI,
142 * which is all this driver does. This representation is the one used in
143 * Windows, which is what is expected when sending this back and forth with
144 * the Hyper-V parent partition.
146 union win_slot_encoding {
156 * Pretty much as defined in the PCI Specifications.
158 struct pci_function_description {
159 u16 v_id; /* vendor ID */
160 u16 d_id; /* device ID */
166 union win_slot_encoding win_slot;
167 u32 ser; /* serial number */
170 enum pci_device_description_flags {
171 HV_PCI_DEVICE_FLAG_NONE = 0x0,
172 HV_PCI_DEVICE_FLAG_NUMA_AFFINITY = 0x1,
175 struct pci_function_description2 {
176 u16 v_id; /* vendor ID */
177 u16 d_id; /* device ID */
183 union win_slot_encoding win_slot;
184 u32 ser; /* serial number */
186 u16 virtual_numa_node;
193 * @delivery_mode: As defined in Intel's Programmer's
194 * Reference Manual, Volume 3, Chapter 8.
195 * @vector_count: Number of contiguous entries in the
196 * Interrupt Descriptor Table that are
197 * occupied by this Message-Signaled
198 * Interrupt. For "MSI", as first defined
199 * in PCI 2.2, this can be between 1 and
200 * 32. For "MSI-X," as first defined in PCI
201 * 3.0, this must be 1, as each MSI-X table
202 * entry would have its own descriptor.
203 * @reserved: Empty space
204 * @cpu_mask: All the target virtual processors.
215 * struct hv_msi_desc2 - 1.2 version of hv_msi_desc
217 * @delivery_mode: As defined in Intel's Programmer's
218 * Reference Manual, Volume 3, Chapter 8.
219 * @vector_count: Number of contiguous entries in the
220 * Interrupt Descriptor Table that are
221 * occupied by this Message-Signaled
222 * Interrupt. For "MSI", as first defined
223 * in PCI 2.2, this can be between 1 and
224 * 32. For "MSI-X," as first defined in PCI
225 * 3.0, this must be 1, as each MSI-X table
226 * entry would have its own descriptor.
227 * @processor_count: number of bits enabled in array.
228 * @processor_array: All the target virtual processors.
230 struct hv_msi_desc2 {
235 u16 processor_array[32];
239 * struct tran_int_desc
240 * @reserved: unused, padding
241 * @vector_count: same as in hv_msi_desc
242 * @data: This is the "data payload" value that is
243 * written by the device when it generates
244 * a message-signaled interrupt, either MSI
246 * @address: This is the address to which the data
247 * payload is written on interrupt
250 struct tran_int_desc {
258 * A generic message format for virtual PCI.
259 * Specific message formats are defined later in the file.
266 struct pci_child_message {
267 struct pci_message message_type;
268 union win_slot_encoding wslot;
271 struct pci_incoming_message {
272 struct vmpacket_descriptor hdr;
273 struct pci_message message_type;
276 struct pci_response {
277 struct vmpacket_descriptor hdr;
278 s32 status; /* negative values are failures */
282 void (*completion_func)(void *context, struct pci_response *resp,
283 int resp_packet_size);
286 struct pci_message message[];
290 * Specific message types supporting the PCI protocol.
294 * Version negotiation message. Sent from the guest to the host.
295 * The guest is free to try different versions until the host
296 * accepts the version.
298 * pci_version: The protocol version requested.
299 * is_last_attempt: If TRUE, this is the last version guest will request.
300 * reservedz: Reserved field, set to zero.
303 struct pci_version_request {
304 struct pci_message message_type;
305 u32 protocol_version;
309 * Bus D0 Entry. This is sent from the guest to the host when the virtual
310 * bus (PCI Express port) is ready for action.
313 struct pci_bus_d0_entry {
314 struct pci_message message_type;
319 struct pci_bus_relations {
320 struct pci_incoming_message incoming;
322 struct pci_function_description func[];
325 struct pci_bus_relations2 {
326 struct pci_incoming_message incoming;
328 struct pci_function_description2 func[];
331 struct pci_q_res_req_response {
332 struct vmpacket_descriptor hdr;
333 s32 status; /* negative values are failures */
334 u32 probed_bar[PCI_STD_NUM_BARS];
337 struct pci_set_power {
338 struct pci_message message_type;
339 union win_slot_encoding wslot;
340 u32 power_state; /* In Windows terms */
344 struct pci_set_power_response {
345 struct vmpacket_descriptor hdr;
346 s32 status; /* negative values are failures */
347 union win_slot_encoding wslot;
348 u32 resultant_state; /* In Windows terms */
352 struct pci_resources_assigned {
353 struct pci_message message_type;
354 union win_slot_encoding wslot;
355 u8 memory_range[0x14][6]; /* not used here */
360 struct pci_resources_assigned2 {
361 struct pci_message message_type;
362 union win_slot_encoding wslot;
363 u8 memory_range[0x14][6]; /* not used here */
364 u32 msi_descriptor_count;
368 struct pci_create_interrupt {
369 struct pci_message message_type;
370 union win_slot_encoding wslot;
371 struct hv_msi_desc int_desc;
374 struct pci_create_int_response {
375 struct pci_response response;
377 struct tran_int_desc int_desc;
380 struct pci_create_interrupt2 {
381 struct pci_message message_type;
382 union win_slot_encoding wslot;
383 struct hv_msi_desc2 int_desc;
386 struct pci_delete_interrupt {
387 struct pci_message message_type;
388 union win_slot_encoding wslot;
389 struct tran_int_desc int_desc;
393 * Note: the VM must pass a valid block id, wslot and bytes_requested.
395 struct pci_read_block {
396 struct pci_message message_type;
398 union win_slot_encoding wslot;
402 struct pci_read_block_response {
403 struct vmpacket_descriptor hdr;
405 u8 bytes[HV_CONFIG_BLOCK_SIZE_MAX];
409 * Note: the VM must pass a valid block id, wslot and byte_count.
411 struct pci_write_block {
412 struct pci_message message_type;
414 union win_slot_encoding wslot;
416 u8 bytes[HV_CONFIG_BLOCK_SIZE_MAX];
419 struct pci_dev_inval_block {
420 struct pci_incoming_message incoming;
421 union win_slot_encoding wslot;
425 struct pci_dev_incoming {
426 struct pci_incoming_message incoming;
427 union win_slot_encoding wslot;
430 struct pci_eject_response {
431 struct pci_message message_type;
432 union win_slot_encoding wslot;
436 static int pci_ring_size = (4 * PAGE_SIZE);
439 * Driver specific state.
442 enum hv_pcibus_state {
451 struct hv_pcibus_device {
452 struct pci_sysdata sysdata;
453 /* Protocol version negotiated with the host */
454 enum pci_protocol_version_t protocol_version;
455 enum hv_pcibus_state state;
456 refcount_t remove_lock;
457 struct hv_device *hdev;
458 resource_size_t low_mmio_space;
459 resource_size_t high_mmio_space;
460 struct resource *mem_config;
461 struct resource *low_mmio_res;
462 struct resource *high_mmio_res;
463 struct completion *survey_event;
464 struct completion remove_event;
465 struct pci_bus *pci_bus;
466 spinlock_t config_lock; /* Avoid two threads writing index page */
467 spinlock_t device_list_lock; /* Protect lists below */
468 void __iomem *cfg_addr;
470 struct list_head resources_for_children;
472 struct list_head children;
473 struct list_head dr_list;
475 struct msi_domain_info msi_info;
476 struct msi_controller msi_chip;
477 struct irq_domain *irq_domain;
479 spinlock_t retarget_msi_interrupt_lock;
481 struct workqueue_struct *wq;
483 /* Highest slot of child device with resources allocated */
484 int wslot_res_allocated;
486 /* hypercall arg, must not cross page boundary */
487 struct hv_retarget_device_interrupt retarget_msi_interrupt_params;
490 * Don't put anything here: retarget_msi_interrupt_params must be last
495 * Tracks "Device Relations" messages from the host, which must be both
496 * processed in order and deferred so that they don't run in the context
497 * of the incoming packet callback.
500 struct work_struct wrk;
501 struct hv_pcibus_device *bus;
504 struct hv_pcidev_description {
505 u16 v_id; /* vendor ID */
506 u16 d_id; /* device ID */
512 union win_slot_encoding win_slot;
513 u32 ser; /* serial number */
515 u16 virtual_numa_node;
519 struct list_head list_entry;
521 struct hv_pcidev_description func[];
524 enum hv_pcichild_state {
525 hv_pcichild_init = 0,
526 hv_pcichild_requirements,
527 hv_pcichild_resourced,
528 hv_pcichild_ejecting,
533 /* List protected by pci_rescan_remove_lock */
534 struct list_head list_entry;
536 enum hv_pcichild_state state;
537 struct pci_slot *pci_slot;
538 struct hv_pcidev_description desc;
539 bool reported_missing;
540 struct hv_pcibus_device *hbus;
541 struct work_struct wrk;
543 void (*block_invalidate)(void *context, u64 block_mask);
544 void *invalidate_context;
547 * What would be observed if one wrote 0xFFFFFFFF to a BAR and then
548 * read it back, for each of the BAR offsets within config space.
550 u32 probed_bar[PCI_STD_NUM_BARS];
553 struct hv_pci_compl {
554 struct completion host_event;
555 s32 completion_status;
558 static void hv_pci_onchannelcallback(void *context);
561 * hv_pci_generic_compl() - Invoked for a completion packet
562 * @context: Set up by the sender of the packet.
563 * @resp: The response packet
564 * @resp_packet_size: Size in bytes of the packet
566 * This function is used to trigger an event and report status
567 * for any message for which the completion packet contains a
568 * status and nothing else.
570 static void hv_pci_generic_compl(void *context, struct pci_response *resp,
571 int resp_packet_size)
573 struct hv_pci_compl *comp_pkt = context;
575 if (resp_packet_size >= offsetofend(struct pci_response, status))
576 comp_pkt->completion_status = resp->status;
578 comp_pkt->completion_status = -1;
580 complete(&comp_pkt->host_event);
583 static struct hv_pci_dev *get_pcichild_wslot(struct hv_pcibus_device *hbus,
586 static void get_pcichild(struct hv_pci_dev *hpdev)
588 refcount_inc(&hpdev->refs);
591 static void put_pcichild(struct hv_pci_dev *hpdev)
593 if (refcount_dec_and_test(&hpdev->refs))
597 static void get_hvpcibus(struct hv_pcibus_device *hv_pcibus);
598 static void put_hvpcibus(struct hv_pcibus_device *hv_pcibus);
601 * There is no good way to get notified from vmbus_onoffer_rescind(),
602 * so let's use polling here, since this is not a hot path.
604 static int wait_for_response(struct hv_device *hdev,
605 struct completion *comp)
608 if (hdev->channel->rescind) {
609 dev_warn_once(&hdev->device, "The device is gone.\n");
613 if (wait_for_completion_timeout(comp, HZ / 10))
621 * devfn_to_wslot() - Convert from Linux PCI slot to Windows
622 * @devfn: The Linux representation of PCI slot
624 * Windows uses a slightly different representation of PCI slot.
626 * Return: The Windows representation
628 static u32 devfn_to_wslot(int devfn)
630 union win_slot_encoding wslot;
633 wslot.bits.dev = PCI_SLOT(devfn);
634 wslot.bits.func = PCI_FUNC(devfn);
640 * wslot_to_devfn() - Convert from Windows PCI slot to Linux
641 * @wslot: The Windows representation of PCI slot
643 * Windows uses a slightly different representation of PCI slot.
645 * Return: The Linux representation
647 static int wslot_to_devfn(u32 wslot)
649 union win_slot_encoding slot_no;
651 slot_no.slot = wslot;
652 return PCI_DEVFN(slot_no.bits.dev, slot_no.bits.func);
656 * PCI Configuration Space for these root PCI buses is implemented as a pair
657 * of pages in memory-mapped I/O space. Writing to the first page chooses
658 * the PCI function being written or read. Once the first page has been
659 * written to, the following page maps in the entire configuration space of
664 * _hv_pcifront_read_config() - Internal PCI config read
665 * @hpdev: The PCI driver's representation of the device
666 * @where: Offset within config space
667 * @size: Size of the transfer
668 * @val: Pointer to the buffer receiving the data
670 static void _hv_pcifront_read_config(struct hv_pci_dev *hpdev, int where,
674 void __iomem *addr = hpdev->hbus->cfg_addr + CFG_PAGE_OFFSET + where;
677 * If the attempt is to read the IDs or the ROM BAR, simulate that.
679 if (where + size <= PCI_COMMAND) {
680 memcpy(val, ((u8 *)&hpdev->desc.v_id) + where, size);
681 } else if (where >= PCI_CLASS_REVISION && where + size <=
682 PCI_CACHE_LINE_SIZE) {
683 memcpy(val, ((u8 *)&hpdev->desc.rev) + where -
684 PCI_CLASS_REVISION, size);
685 } else if (where >= PCI_SUBSYSTEM_VENDOR_ID && where + size <=
687 memcpy(val, (u8 *)&hpdev->desc.subsystem_id + where -
688 PCI_SUBSYSTEM_VENDOR_ID, size);
689 } else if (where >= PCI_ROM_ADDRESS && where + size <=
690 PCI_CAPABILITY_LIST) {
691 /* ROM BARs are unimplemented */
693 } else if (where >= PCI_INTERRUPT_LINE && where + size <=
696 * Interrupt Line and Interrupt PIN are hard-wired to zero
697 * because this front-end only supports message-signaled
701 } else if (where + size <= CFG_PAGE_SIZE) {
702 spin_lock_irqsave(&hpdev->hbus->config_lock, flags);
703 /* Choose the function to be read. (See comment above) */
704 writel(hpdev->desc.win_slot.slot, hpdev->hbus->cfg_addr);
705 /* Make sure the function was chosen before we start reading. */
707 /* Read from that function's config space. */
720 * Make sure the read was done before we release the spinlock
721 * allowing consecutive reads/writes.
724 spin_unlock_irqrestore(&hpdev->hbus->config_lock, flags);
726 dev_err(&hpdev->hbus->hdev->device,
727 "Attempt to read beyond a function's config space.\n");
731 static u16 hv_pcifront_get_vendor_id(struct hv_pci_dev *hpdev)
735 void __iomem *addr = hpdev->hbus->cfg_addr + CFG_PAGE_OFFSET +
738 spin_lock_irqsave(&hpdev->hbus->config_lock, flags);
740 /* Choose the function to be read. (See comment above) */
741 writel(hpdev->desc.win_slot.slot, hpdev->hbus->cfg_addr);
742 /* Make sure the function was chosen before we start reading. */
744 /* Read from that function's config space. */
747 * mb() is not required here, because the spin_unlock_irqrestore()
751 spin_unlock_irqrestore(&hpdev->hbus->config_lock, flags);
757 * _hv_pcifront_write_config() - Internal PCI config write
758 * @hpdev: The PCI driver's representation of the device
759 * @where: Offset within config space
760 * @size: Size of the transfer
761 * @val: The data being transferred
763 static void _hv_pcifront_write_config(struct hv_pci_dev *hpdev, int where,
767 void __iomem *addr = hpdev->hbus->cfg_addr + CFG_PAGE_OFFSET + where;
769 if (where >= PCI_SUBSYSTEM_VENDOR_ID &&
770 where + size <= PCI_CAPABILITY_LIST) {
771 /* SSIDs and ROM BARs are read-only */
772 } else if (where >= PCI_COMMAND && where + size <= CFG_PAGE_SIZE) {
773 spin_lock_irqsave(&hpdev->hbus->config_lock, flags);
774 /* Choose the function to be written. (See comment above) */
775 writel(hpdev->desc.win_slot.slot, hpdev->hbus->cfg_addr);
776 /* Make sure the function was chosen before we start writing. */
778 /* Write to that function's config space. */
791 * Make sure the write was done before we release the spinlock
792 * allowing consecutive reads/writes.
795 spin_unlock_irqrestore(&hpdev->hbus->config_lock, flags);
797 dev_err(&hpdev->hbus->hdev->device,
798 "Attempt to write beyond a function's config space.\n");
803 * hv_pcifront_read_config() - Read configuration space
804 * @bus: PCI Bus structure
805 * @devfn: Device/function
806 * @where: Offset from base
807 * @size: Byte/word/dword
808 * @val: Value to be read
810 * Return: PCIBIOS_SUCCESSFUL on success
811 * PCIBIOS_DEVICE_NOT_FOUND on failure
813 static int hv_pcifront_read_config(struct pci_bus *bus, unsigned int devfn,
814 int where, int size, u32 *val)
816 struct hv_pcibus_device *hbus =
817 container_of(bus->sysdata, struct hv_pcibus_device, sysdata);
818 struct hv_pci_dev *hpdev;
820 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(devfn));
822 return PCIBIOS_DEVICE_NOT_FOUND;
824 _hv_pcifront_read_config(hpdev, where, size, val);
827 return PCIBIOS_SUCCESSFUL;
831 * hv_pcifront_write_config() - Write configuration space
832 * @bus: PCI Bus structure
833 * @devfn: Device/function
834 * @where: Offset from base
835 * @size: Byte/word/dword
836 * @val: Value to be written to device
838 * Return: PCIBIOS_SUCCESSFUL on success
839 * PCIBIOS_DEVICE_NOT_FOUND on failure
841 static int hv_pcifront_write_config(struct pci_bus *bus, unsigned int devfn,
842 int where, int size, u32 val)
844 struct hv_pcibus_device *hbus =
845 container_of(bus->sysdata, struct hv_pcibus_device, sysdata);
846 struct hv_pci_dev *hpdev;
848 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(devfn));
850 return PCIBIOS_DEVICE_NOT_FOUND;
852 _hv_pcifront_write_config(hpdev, where, size, val);
855 return PCIBIOS_SUCCESSFUL;
858 /* PCIe operations */
859 static struct pci_ops hv_pcifront_ops = {
860 .read = hv_pcifront_read_config,
861 .write = hv_pcifront_write_config,
865 * Paravirtual backchannel
867 * Hyper-V SR-IOV provides a backchannel mechanism in software for
868 * communication between a VF driver and a PF driver. These
869 * "configuration blocks" are similar in concept to PCI configuration space,
870 * but instead of doing reads and writes in 32-bit chunks through a very slow
871 * path, packets of up to 128 bytes can be sent or received asynchronously.
873 * Nearly every SR-IOV device contains just such a communications channel in
874 * hardware, so using this one in software is usually optional. Using the
875 * software channel, however, allows driver implementers to leverage software
876 * tools that fuzz the communications channel looking for vulnerabilities.
878 * The usage model for these packets puts the responsibility for reading or
879 * writing on the VF driver. The VF driver sends a read or a write packet,
880 * indicating which "block" is being referred to by number.
882 * If the PF driver wishes to initiate communication, it can "invalidate" one or
883 * more of the first 64 blocks. This invalidation is delivered via a callback
884 * supplied by the VF driver by this driver.
886 * No protocol is implied, except that supplied by the PF and VF drivers.
889 struct hv_read_config_compl {
890 struct hv_pci_compl comp_pkt;
893 unsigned int bytes_returned;
897 * hv_pci_read_config_compl() - Invoked when a response packet
898 * for a read config block operation arrives.
899 * @context: Identifies the read config operation
900 * @resp: The response packet itself
901 * @resp_packet_size: Size in bytes of the response packet
903 static void hv_pci_read_config_compl(void *context, struct pci_response *resp,
904 int resp_packet_size)
906 struct hv_read_config_compl *comp = context;
907 struct pci_read_block_response *read_resp =
908 (struct pci_read_block_response *)resp;
909 unsigned int data_len, hdr_len;
911 hdr_len = offsetof(struct pci_read_block_response, bytes);
912 if (resp_packet_size < hdr_len) {
913 comp->comp_pkt.completion_status = -1;
917 data_len = resp_packet_size - hdr_len;
918 if (data_len > 0 && read_resp->status == 0) {
919 comp->bytes_returned = min(comp->len, data_len);
920 memcpy(comp->buf, read_resp->bytes, comp->bytes_returned);
922 comp->bytes_returned = 0;
925 comp->comp_pkt.completion_status = read_resp->status;
927 complete(&comp->comp_pkt.host_event);
931 * hv_read_config_block() - Sends a read config block request to
932 * the back-end driver running in the Hyper-V parent partition.
933 * @pdev: The PCI driver's representation for this device.
934 * @buf: Buffer into which the config block will be copied.
935 * @len: Size in bytes of buf.
936 * @block_id: Identifies the config block which has been requested.
937 * @bytes_returned: Size which came back from the back-end driver.
939 * Return: 0 on success, -errno on failure
941 static int hv_read_config_block(struct pci_dev *pdev, void *buf,
942 unsigned int len, unsigned int block_id,
943 unsigned int *bytes_returned)
945 struct hv_pcibus_device *hbus =
946 container_of(pdev->bus->sysdata, struct hv_pcibus_device,
949 struct pci_packet pkt;
950 char buf[sizeof(struct pci_read_block)];
952 struct hv_read_config_compl comp_pkt;
953 struct pci_read_block *read_blk;
956 if (len == 0 || len > HV_CONFIG_BLOCK_SIZE_MAX)
959 init_completion(&comp_pkt.comp_pkt.host_event);
963 memset(&pkt, 0, sizeof(pkt));
964 pkt.pkt.completion_func = hv_pci_read_config_compl;
965 pkt.pkt.compl_ctxt = &comp_pkt;
966 read_blk = (struct pci_read_block *)&pkt.pkt.message;
967 read_blk->message_type.type = PCI_READ_BLOCK;
968 read_blk->wslot.slot = devfn_to_wslot(pdev->devfn);
969 read_blk->block_id = block_id;
970 read_blk->bytes_requested = len;
972 ret = vmbus_sendpacket(hbus->hdev->channel, read_blk,
973 sizeof(*read_blk), (unsigned long)&pkt.pkt,
975 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
979 ret = wait_for_response(hbus->hdev, &comp_pkt.comp_pkt.host_event);
983 if (comp_pkt.comp_pkt.completion_status != 0 ||
984 comp_pkt.bytes_returned == 0) {
985 dev_err(&hbus->hdev->device,
986 "Read Config Block failed: 0x%x, bytes_returned=%d\n",
987 comp_pkt.comp_pkt.completion_status,
988 comp_pkt.bytes_returned);
992 *bytes_returned = comp_pkt.bytes_returned;
997 * hv_pci_write_config_compl() - Invoked when a response packet for a write
998 * config block operation arrives.
999 * @context: Identifies the write config operation
1000 * @resp: The response packet itself
1001 * @resp_packet_size: Size in bytes of the response packet
1003 static void hv_pci_write_config_compl(void *context, struct pci_response *resp,
1004 int resp_packet_size)
1006 struct hv_pci_compl *comp_pkt = context;
1008 comp_pkt->completion_status = resp->status;
1009 complete(&comp_pkt->host_event);
1013 * hv_write_config_block() - Sends a write config block request to the
1014 * back-end driver running in the Hyper-V parent partition.
1015 * @pdev: The PCI driver's representation for this device.
1016 * @buf: Buffer from which the config block will be copied.
1017 * @len: Size in bytes of buf.
1018 * @block_id: Identifies the config block which is being written.
1020 * Return: 0 on success, -errno on failure
1022 static int hv_write_config_block(struct pci_dev *pdev, void *buf,
1023 unsigned int len, unsigned int block_id)
1025 struct hv_pcibus_device *hbus =
1026 container_of(pdev->bus->sysdata, struct hv_pcibus_device,
1029 struct pci_packet pkt;
1030 char buf[sizeof(struct pci_write_block)];
1033 struct hv_pci_compl comp_pkt;
1034 struct pci_write_block *write_blk;
1038 if (len == 0 || len > HV_CONFIG_BLOCK_SIZE_MAX)
1041 init_completion(&comp_pkt.host_event);
1043 memset(&pkt, 0, sizeof(pkt));
1044 pkt.pkt.completion_func = hv_pci_write_config_compl;
1045 pkt.pkt.compl_ctxt = &comp_pkt;
1046 write_blk = (struct pci_write_block *)&pkt.pkt.message;
1047 write_blk->message_type.type = PCI_WRITE_BLOCK;
1048 write_blk->wslot.slot = devfn_to_wslot(pdev->devfn);
1049 write_blk->block_id = block_id;
1050 write_blk->byte_count = len;
1051 memcpy(write_blk->bytes, buf, len);
1052 pkt_size = offsetof(struct pci_write_block, bytes) + len;
1054 * This quirk is required on some hosts shipped around 2018, because
1055 * these hosts don't check the pkt_size correctly (new hosts have been
1056 * fixed since early 2019). The quirk is also safe on very old hosts
1057 * and new hosts, because, on them, what really matters is the length
1058 * specified in write_blk->byte_count.
1060 pkt_size += sizeof(pkt.reserved);
1062 ret = vmbus_sendpacket(hbus->hdev->channel, write_blk, pkt_size,
1063 (unsigned long)&pkt.pkt, VM_PKT_DATA_INBAND,
1064 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
1068 ret = wait_for_response(hbus->hdev, &comp_pkt.host_event);
1072 if (comp_pkt.completion_status != 0) {
1073 dev_err(&hbus->hdev->device,
1074 "Write Config Block failed: 0x%x\n",
1075 comp_pkt.completion_status);
1083 * hv_register_block_invalidate() - Invoked when a config block invalidation
1084 * arrives from the back-end driver.
1085 * @pdev: The PCI driver's representation for this device.
1086 * @context: Identifies the device.
1087 * @block_invalidate: Identifies all of the blocks being invalidated.
1089 * Return: 0 on success, -errno on failure
1091 static int hv_register_block_invalidate(struct pci_dev *pdev, void *context,
1092 void (*block_invalidate)(void *context,
1095 struct hv_pcibus_device *hbus =
1096 container_of(pdev->bus->sysdata, struct hv_pcibus_device,
1098 struct hv_pci_dev *hpdev;
1100 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(pdev->devfn));
1104 hpdev->block_invalidate = block_invalidate;
1105 hpdev->invalidate_context = context;
1107 put_pcichild(hpdev);
1112 /* Interrupt management hooks */
1113 static void hv_int_desc_free(struct hv_pci_dev *hpdev,
1114 struct tran_int_desc *int_desc)
1116 struct pci_delete_interrupt *int_pkt;
1118 struct pci_packet pkt;
1119 u8 buffer[sizeof(struct pci_delete_interrupt)];
1122 memset(&ctxt, 0, sizeof(ctxt));
1123 int_pkt = (struct pci_delete_interrupt *)&ctxt.pkt.message;
1124 int_pkt->message_type.type =
1125 PCI_DELETE_INTERRUPT_MESSAGE;
1126 int_pkt->wslot.slot = hpdev->desc.win_slot.slot;
1127 int_pkt->int_desc = *int_desc;
1128 vmbus_sendpacket(hpdev->hbus->hdev->channel, int_pkt, sizeof(*int_pkt),
1129 (unsigned long)&ctxt.pkt, VM_PKT_DATA_INBAND, 0);
1134 * hv_msi_free() - Free the MSI.
1135 * @domain: The interrupt domain pointer
1136 * @info: Extra MSI-related context
1137 * @irq: Identifies the IRQ.
1139 * The Hyper-V parent partition and hypervisor are tracking the
1140 * messages that are in use, keeping the interrupt redirection
1141 * table up to date. This callback sends a message that frees
1142 * the IRT entry and related tracking nonsense.
1144 static void hv_msi_free(struct irq_domain *domain, struct msi_domain_info *info,
1147 struct hv_pcibus_device *hbus;
1148 struct hv_pci_dev *hpdev;
1149 struct pci_dev *pdev;
1150 struct tran_int_desc *int_desc;
1151 struct irq_data *irq_data = irq_domain_get_irq_data(domain, irq);
1152 struct msi_desc *msi = irq_data_get_msi_desc(irq_data);
1154 pdev = msi_desc_to_pci_dev(msi);
1156 int_desc = irq_data_get_irq_chip_data(irq_data);
1160 irq_data->chip_data = NULL;
1161 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(pdev->devfn));
1167 hv_int_desc_free(hpdev, int_desc);
1168 put_pcichild(hpdev);
1171 static int hv_set_affinity(struct irq_data *data, const struct cpumask *dest,
1174 struct irq_data *parent = data->parent_data;
1176 return parent->chip->irq_set_affinity(parent, dest, force);
1179 static void hv_irq_mask(struct irq_data *data)
1181 pci_msi_mask_irq(data);
1185 * hv_irq_unmask() - "Unmask" the IRQ by setting its current
1187 * @data: Describes the IRQ
1189 * Build new a destination for the MSI and make a hypercall to
1190 * update the Interrupt Redirection Table. "Device Logical ID"
1191 * is built out of this PCI bus's instance GUID and the function
1192 * number of the device.
1194 static void hv_irq_unmask(struct irq_data *data)
1196 struct msi_desc *msi_desc = irq_data_get_msi_desc(data);
1197 struct irq_cfg *cfg = irqd_cfg(data);
1198 struct hv_retarget_device_interrupt *params;
1199 struct hv_pcibus_device *hbus;
1200 struct cpumask *dest;
1202 struct pci_bus *pbus;
1203 struct pci_dev *pdev;
1204 unsigned long flags;
1209 dest = irq_data_get_effective_affinity_mask(data);
1210 pdev = msi_desc_to_pci_dev(msi_desc);
1212 hbus = container_of(pbus->sysdata, struct hv_pcibus_device, sysdata);
1214 spin_lock_irqsave(&hbus->retarget_msi_interrupt_lock, flags);
1216 params = &hbus->retarget_msi_interrupt_params;
1217 memset(params, 0, sizeof(*params));
1218 params->partition_id = HV_PARTITION_ID_SELF;
1219 params->int_entry.source = 1; /* MSI(-X) */
1220 hv_set_msi_entry_from_desc(¶ms->int_entry.msi_entry, msi_desc);
1221 params->device_id = (hbus->hdev->dev_instance.b[5] << 24) |
1222 (hbus->hdev->dev_instance.b[4] << 16) |
1223 (hbus->hdev->dev_instance.b[7] << 8) |
1224 (hbus->hdev->dev_instance.b[6] & 0xf8) |
1225 PCI_FUNC(pdev->devfn);
1226 params->int_target.vector = cfg->vector;
1229 * Honoring apic->irq_delivery_mode set to dest_Fixed by
1230 * setting the HV_DEVICE_INTERRUPT_TARGET_MULTICAST flag results in a
1231 * spurious interrupt storm. Not doing so does not seem to have a
1232 * negative effect (yet?).
1235 if (hbus->protocol_version >= PCI_PROTOCOL_VERSION_1_2) {
1237 * PCI_PROTOCOL_VERSION_1_2 supports the VP_SET version of the
1238 * HVCALL_RETARGET_INTERRUPT hypercall, which also coincides
1239 * with >64 VP support.
1240 * ms_hyperv.hints & HV_X64_EX_PROCESSOR_MASKS_RECOMMENDED
1241 * is not sufficient for this hypercall.
1243 params->int_target.flags |=
1244 HV_DEVICE_INTERRUPT_TARGET_PROCESSOR_SET;
1246 if (!alloc_cpumask_var(&tmp, GFP_ATOMIC)) {
1251 cpumask_and(tmp, dest, cpu_online_mask);
1252 nr_bank = cpumask_to_vpset(¶ms->int_target.vp_set, tmp);
1253 free_cpumask_var(tmp);
1261 * var-sized hypercall, var-size starts after vp_mask (thus
1262 * vp_set.format does not count, but vp_set.valid_bank_mask
1265 var_size = 1 + nr_bank;
1267 for_each_cpu_and(cpu, dest, cpu_online_mask) {
1268 params->int_target.vp_mask |=
1269 (1ULL << hv_cpu_number_to_vp_number(cpu));
1273 res = hv_do_hypercall(HVCALL_RETARGET_INTERRUPT | (var_size << 17),
1277 spin_unlock_irqrestore(&hbus->retarget_msi_interrupt_lock, flags);
1280 * During hibernation, when a CPU is offlined, the kernel tries
1281 * to move the interrupt to the remaining CPUs that haven't
1282 * been offlined yet. In this case, the below hv_do_hypercall()
1283 * always fails since the vmbus channel has been closed:
1284 * refer to cpu_disable_common() -> fixup_irqs() ->
1285 * irq_migrate_all_off_this_cpu() -> migrate_one_irq().
1287 * Suppress the error message for hibernation because the failure
1288 * during hibernation does not matter (at this time all the devices
1289 * have been frozen). Note: the correct affinity info is still updated
1290 * into the irqdata data structure in migrate_one_irq() ->
1291 * irq_do_set_affinity() -> hv_set_affinity(), so later when the VM
1292 * resumes, hv_pci_restore_msi_state() is able to correctly restore
1293 * the interrupt with the correct affinity.
1295 if (res && hbus->state != hv_pcibus_removing)
1296 dev_err(&hbus->hdev->device,
1297 "%s() failed: %#llx", __func__, res);
1299 pci_msi_unmask_irq(data);
1302 struct compose_comp_ctxt {
1303 struct hv_pci_compl comp_pkt;
1304 struct tran_int_desc int_desc;
1307 static void hv_pci_compose_compl(void *context, struct pci_response *resp,
1308 int resp_packet_size)
1310 struct compose_comp_ctxt *comp_pkt = context;
1311 struct pci_create_int_response *int_resp =
1312 (struct pci_create_int_response *)resp;
1314 comp_pkt->comp_pkt.completion_status = resp->status;
1315 comp_pkt->int_desc = int_resp->int_desc;
1316 complete(&comp_pkt->comp_pkt.host_event);
1319 static u32 hv_compose_msi_req_v1(
1320 struct pci_create_interrupt *int_pkt, struct cpumask *affinity,
1321 u32 slot, u8 vector)
1323 int_pkt->message_type.type = PCI_CREATE_INTERRUPT_MESSAGE;
1324 int_pkt->wslot.slot = slot;
1325 int_pkt->int_desc.vector = vector;
1326 int_pkt->int_desc.vector_count = 1;
1327 int_pkt->int_desc.delivery_mode = dest_Fixed;
1330 * Create MSI w/ dummy vCPU set, overwritten by subsequent retarget in
1333 int_pkt->int_desc.cpu_mask = CPU_AFFINITY_ALL;
1335 return sizeof(*int_pkt);
1338 static u32 hv_compose_msi_req_v2(
1339 struct pci_create_interrupt2 *int_pkt, struct cpumask *affinity,
1340 u32 slot, u8 vector)
1344 int_pkt->message_type.type = PCI_CREATE_INTERRUPT_MESSAGE2;
1345 int_pkt->wslot.slot = slot;
1346 int_pkt->int_desc.vector = vector;
1347 int_pkt->int_desc.vector_count = 1;
1348 int_pkt->int_desc.delivery_mode = dest_Fixed;
1351 * Create MSI w/ dummy vCPU set targeting just one vCPU, overwritten
1352 * by subsequent retarget in hv_irq_unmask().
1354 cpu = cpumask_first_and(affinity, cpu_online_mask);
1355 int_pkt->int_desc.processor_array[0] =
1356 hv_cpu_number_to_vp_number(cpu);
1357 int_pkt->int_desc.processor_count = 1;
1359 return sizeof(*int_pkt);
1363 * hv_compose_msi_msg() - Supplies a valid MSI address/data
1364 * @data: Everything about this MSI
1365 * @msg: Buffer that is filled in by this function
1367 * This function unpacks the IRQ looking for target CPU set, IDT
1368 * vector and mode and sends a message to the parent partition
1369 * asking for a mapping for that tuple in this partition. The
1370 * response supplies a data value and address to which that data
1371 * should be written to trigger that interrupt.
1373 static void hv_compose_msi_msg(struct irq_data *data, struct msi_msg *msg)
1375 struct irq_cfg *cfg = irqd_cfg(data);
1376 struct hv_pcibus_device *hbus;
1377 struct vmbus_channel *channel;
1378 struct hv_pci_dev *hpdev;
1379 struct pci_bus *pbus;
1380 struct pci_dev *pdev;
1381 struct cpumask *dest;
1382 struct compose_comp_ctxt comp;
1383 struct tran_int_desc *int_desc;
1385 struct pci_packet pci_pkt;
1387 struct pci_create_interrupt v1;
1388 struct pci_create_interrupt2 v2;
1395 pdev = msi_desc_to_pci_dev(irq_data_get_msi_desc(data));
1396 dest = irq_data_get_effective_affinity_mask(data);
1398 hbus = container_of(pbus->sysdata, struct hv_pcibus_device, sysdata);
1399 channel = hbus->hdev->channel;
1400 hpdev = get_pcichild_wslot(hbus, devfn_to_wslot(pdev->devfn));
1402 goto return_null_message;
1404 /* Free any previous message that might have already been composed. */
1405 if (data->chip_data) {
1406 int_desc = data->chip_data;
1407 data->chip_data = NULL;
1408 hv_int_desc_free(hpdev, int_desc);
1411 int_desc = kzalloc(sizeof(*int_desc), GFP_ATOMIC);
1413 goto drop_reference;
1415 memset(&ctxt, 0, sizeof(ctxt));
1416 init_completion(&comp.comp_pkt.host_event);
1417 ctxt.pci_pkt.completion_func = hv_pci_compose_compl;
1418 ctxt.pci_pkt.compl_ctxt = ∁
1420 switch (hbus->protocol_version) {
1421 case PCI_PROTOCOL_VERSION_1_1:
1422 size = hv_compose_msi_req_v1(&ctxt.int_pkts.v1,
1424 hpdev->desc.win_slot.slot,
1428 case PCI_PROTOCOL_VERSION_1_2:
1429 case PCI_PROTOCOL_VERSION_1_3:
1430 size = hv_compose_msi_req_v2(&ctxt.int_pkts.v2,
1432 hpdev->desc.win_slot.slot,
1437 /* As we only negotiate protocol versions known to this driver,
1438 * this path should never hit. However, this is it not a hot
1439 * path so we print a message to aid future updates.
1441 dev_err(&hbus->hdev->device,
1442 "Unexpected vPCI protocol, update driver.");
1446 ret = vmbus_sendpacket(hpdev->hbus->hdev->channel, &ctxt.int_pkts,
1447 size, (unsigned long)&ctxt.pci_pkt,
1449 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
1451 dev_err(&hbus->hdev->device,
1452 "Sending request for interrupt failed: 0x%x",
1453 comp.comp_pkt.completion_status);
1458 * Prevents hv_pci_onchannelcallback() from running concurrently
1461 tasklet_disable(&channel->callback_event);
1464 * Since this function is called with IRQ locks held, can't
1465 * do normal wait for completion; instead poll.
1467 while (!try_wait_for_completion(&comp.comp_pkt.host_event)) {
1468 unsigned long flags;
1470 /* 0xFFFF means an invalid PCI VENDOR ID. */
1471 if (hv_pcifront_get_vendor_id(hpdev) == 0xFFFF) {
1472 dev_err_once(&hbus->hdev->device,
1473 "the device has gone\n");
1474 goto enable_tasklet;
1478 * Make sure that the ring buffer data structure doesn't get
1479 * freed while we dereference the ring buffer pointer. Test
1480 * for the channel's onchannel_callback being NULL within a
1481 * sched_lock critical section. See also the inline comments
1482 * in vmbus_reset_channel_cb().
1484 spin_lock_irqsave(&channel->sched_lock, flags);
1485 if (unlikely(channel->onchannel_callback == NULL)) {
1486 spin_unlock_irqrestore(&channel->sched_lock, flags);
1487 goto enable_tasklet;
1489 hv_pci_onchannelcallback(hbus);
1490 spin_unlock_irqrestore(&channel->sched_lock, flags);
1492 if (hpdev->state == hv_pcichild_ejecting) {
1493 dev_err_once(&hbus->hdev->device,
1494 "the device is being ejected\n");
1495 goto enable_tasklet;
1501 tasklet_enable(&channel->callback_event);
1503 if (comp.comp_pkt.completion_status < 0) {
1504 dev_err(&hbus->hdev->device,
1505 "Request for interrupt failed: 0x%x",
1506 comp.comp_pkt.completion_status);
1511 * Record the assignment so that this can be unwound later. Using
1512 * irq_set_chip_data() here would be appropriate, but the lock it takes
1515 *int_desc = comp.int_desc;
1516 data->chip_data = int_desc;
1518 /* Pass up the result. */
1519 msg->address_hi = comp.int_desc.address >> 32;
1520 msg->address_lo = comp.int_desc.address & 0xffffffff;
1521 msg->data = comp.int_desc.data;
1523 put_pcichild(hpdev);
1527 tasklet_enable(&channel->callback_event);
1531 put_pcichild(hpdev);
1532 return_null_message:
1533 msg->address_hi = 0;
1534 msg->address_lo = 0;
1538 /* HW Interrupt Chip Descriptor */
1539 static struct irq_chip hv_msi_irq_chip = {
1540 .name = "Hyper-V PCIe MSI",
1541 .irq_compose_msi_msg = hv_compose_msi_msg,
1542 .irq_set_affinity = hv_set_affinity,
1543 .irq_ack = irq_chip_ack_parent,
1544 .irq_mask = hv_irq_mask,
1545 .irq_unmask = hv_irq_unmask,
1548 static struct msi_domain_ops hv_msi_ops = {
1549 .msi_prepare = pci_msi_prepare,
1550 .msi_free = hv_msi_free,
1554 * hv_pcie_init_irq_domain() - Initialize IRQ domain
1555 * @hbus: The root PCI bus
1557 * This function creates an IRQ domain which will be used for
1558 * interrupts from devices that have been passed through. These
1559 * devices only support MSI and MSI-X, not line-based interrupts
1560 * or simulations of line-based interrupts through PCIe's
1561 * fabric-layer messages. Because interrupts are remapped, we
1562 * can support multi-message MSI here.
1564 * Return: '0' on success and error value on failure
1566 static int hv_pcie_init_irq_domain(struct hv_pcibus_device *hbus)
1568 hbus->msi_info.chip = &hv_msi_irq_chip;
1569 hbus->msi_info.ops = &hv_msi_ops;
1570 hbus->msi_info.flags = (MSI_FLAG_USE_DEF_DOM_OPS |
1571 MSI_FLAG_USE_DEF_CHIP_OPS | MSI_FLAG_MULTI_PCI_MSI |
1573 hbus->msi_info.handler = handle_edge_irq;
1574 hbus->msi_info.handler_name = "edge";
1575 hbus->msi_info.data = hbus;
1576 hbus->irq_domain = pci_msi_create_irq_domain(hbus->sysdata.fwnode,
1579 if (!hbus->irq_domain) {
1580 dev_err(&hbus->hdev->device,
1581 "Failed to build an MSI IRQ domain\n");
1589 * get_bar_size() - Get the address space consumed by a BAR
1590 * @bar_val: Value that a BAR returned after -1 was written
1593 * This function returns the size of the BAR, rounded up to 1
1594 * page. It has to be rounded up because the hypervisor's page
1595 * table entry that maps the BAR into the VM can't specify an
1596 * offset within a page. The invariant is that the hypervisor
1597 * must place any BARs of smaller than page length at the
1598 * beginning of a page.
1600 * Return: Size in bytes of the consumed MMIO space.
1602 static u64 get_bar_size(u64 bar_val)
1604 return round_up((1 + ~(bar_val & PCI_BASE_ADDRESS_MEM_MASK)),
1609 * survey_child_resources() - Total all MMIO requirements
1610 * @hbus: Root PCI bus, as understood by this driver
1612 static void survey_child_resources(struct hv_pcibus_device *hbus)
1614 struct hv_pci_dev *hpdev;
1615 resource_size_t bar_size = 0;
1616 unsigned long flags;
1617 struct completion *event;
1621 /* If nobody is waiting on the answer, don't compute it. */
1622 event = xchg(&hbus->survey_event, NULL);
1626 /* If the answer has already been computed, go with it. */
1627 if (hbus->low_mmio_space || hbus->high_mmio_space) {
1632 spin_lock_irqsave(&hbus->device_list_lock, flags);
1635 * Due to an interesting quirk of the PCI spec, all memory regions
1636 * for a child device are a power of 2 in size and aligned in memory,
1637 * so it's sufficient to just add them up without tracking alignment.
1639 list_for_each_entry(hpdev, &hbus->children, list_entry) {
1640 for (i = 0; i < PCI_STD_NUM_BARS; i++) {
1641 if (hpdev->probed_bar[i] & PCI_BASE_ADDRESS_SPACE_IO)
1642 dev_err(&hbus->hdev->device,
1643 "There's an I/O BAR in this list!\n");
1645 if (hpdev->probed_bar[i] != 0) {
1647 * A probed BAR has all the upper bits set that
1651 bar_val = hpdev->probed_bar[i];
1652 if (bar_val & PCI_BASE_ADDRESS_MEM_TYPE_64)
1654 ((u64)hpdev->probed_bar[++i] << 32);
1656 bar_val |= 0xffffffff00000000ULL;
1658 bar_size = get_bar_size(bar_val);
1660 if (bar_val & PCI_BASE_ADDRESS_MEM_TYPE_64)
1661 hbus->high_mmio_space += bar_size;
1663 hbus->low_mmio_space += bar_size;
1668 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
1673 * prepopulate_bars() - Fill in BARs with defaults
1674 * @hbus: Root PCI bus, as understood by this driver
1676 * The core PCI driver code seems much, much happier if the BARs
1677 * for a device have values upon first scan. So fill them in.
1678 * The algorithm below works down from large sizes to small,
1679 * attempting to pack the assignments optimally. The assumption,
1680 * enforced in other parts of the code, is that the beginning of
1681 * the memory-mapped I/O space will be aligned on the largest
1684 static void prepopulate_bars(struct hv_pcibus_device *hbus)
1686 resource_size_t high_size = 0;
1687 resource_size_t low_size = 0;
1688 resource_size_t high_base = 0;
1689 resource_size_t low_base = 0;
1690 resource_size_t bar_size;
1691 struct hv_pci_dev *hpdev;
1692 unsigned long flags;
1698 if (hbus->low_mmio_space) {
1699 low_size = 1ULL << (63 - __builtin_clzll(hbus->low_mmio_space));
1700 low_base = hbus->low_mmio_res->start;
1703 if (hbus->high_mmio_space) {
1705 (63 - __builtin_clzll(hbus->high_mmio_space));
1706 high_base = hbus->high_mmio_res->start;
1709 spin_lock_irqsave(&hbus->device_list_lock, flags);
1712 * Clear the memory enable bit, in case it's already set. This occurs
1713 * in the suspend path of hibernation, where the device is suspended,
1714 * resumed and suspended again: see hibernation_snapshot() and
1715 * hibernation_platform_enter().
1717 * If the memory enable bit is already set, Hyper-V sliently ignores
1718 * the below BAR updates, and the related PCI device driver can not
1719 * work, because reading from the device register(s) always returns
1722 list_for_each_entry(hpdev, &hbus->children, list_entry) {
1723 _hv_pcifront_read_config(hpdev, PCI_COMMAND, 2, &command);
1724 command &= ~PCI_COMMAND_MEMORY;
1725 _hv_pcifront_write_config(hpdev, PCI_COMMAND, 2, command);
1728 /* Pick addresses for the BARs. */
1730 list_for_each_entry(hpdev, &hbus->children, list_entry) {
1731 for (i = 0; i < PCI_STD_NUM_BARS; i++) {
1732 bar_val = hpdev->probed_bar[i];
1735 high = bar_val & PCI_BASE_ADDRESS_MEM_TYPE_64;
1738 ((u64)hpdev->probed_bar[i + 1]
1741 bar_val |= 0xffffffffULL << 32;
1743 bar_size = get_bar_size(bar_val);
1745 if (high_size != bar_size) {
1749 _hv_pcifront_write_config(hpdev,
1750 PCI_BASE_ADDRESS_0 + (4 * i),
1752 (u32)(high_base & 0xffffff00));
1754 _hv_pcifront_write_config(hpdev,
1755 PCI_BASE_ADDRESS_0 + (4 * i),
1756 4, (u32)(high_base >> 32));
1757 high_base += bar_size;
1759 if (low_size != bar_size)
1761 _hv_pcifront_write_config(hpdev,
1762 PCI_BASE_ADDRESS_0 + (4 * i),
1764 (u32)(low_base & 0xffffff00));
1765 low_base += bar_size;
1768 if (high_size <= 1 && low_size <= 1) {
1769 /* Set the memory enable bit. */
1770 _hv_pcifront_read_config(hpdev, PCI_COMMAND, 2,
1772 command |= PCI_COMMAND_MEMORY;
1773 _hv_pcifront_write_config(hpdev, PCI_COMMAND, 2,
1781 } while (high_size || low_size);
1783 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
1787 * Assign entries in sysfs pci slot directory.
1789 * Note that this function does not need to lock the children list
1790 * because it is called from pci_devices_present_work which
1791 * is serialized with hv_eject_device_work because they are on the
1792 * same ordered workqueue. Therefore hbus->children list will not change
1793 * even when pci_create_slot sleeps.
1795 static void hv_pci_assign_slots(struct hv_pcibus_device *hbus)
1797 struct hv_pci_dev *hpdev;
1798 char name[SLOT_NAME_SIZE];
1801 list_for_each_entry(hpdev, &hbus->children, list_entry) {
1802 if (hpdev->pci_slot)
1805 slot_nr = PCI_SLOT(wslot_to_devfn(hpdev->desc.win_slot.slot));
1806 snprintf(name, SLOT_NAME_SIZE, "%u", hpdev->desc.ser);
1807 hpdev->pci_slot = pci_create_slot(hbus->pci_bus, slot_nr,
1809 if (IS_ERR(hpdev->pci_slot)) {
1810 pr_warn("pci_create slot %s failed\n", name);
1811 hpdev->pci_slot = NULL;
1817 * Remove entries in sysfs pci slot directory.
1819 static void hv_pci_remove_slots(struct hv_pcibus_device *hbus)
1821 struct hv_pci_dev *hpdev;
1823 list_for_each_entry(hpdev, &hbus->children, list_entry) {
1824 if (!hpdev->pci_slot)
1826 pci_destroy_slot(hpdev->pci_slot);
1827 hpdev->pci_slot = NULL;
1832 * Set NUMA node for the devices on the bus
1834 static void hv_pci_assign_numa_node(struct hv_pcibus_device *hbus)
1836 struct pci_dev *dev;
1837 struct pci_bus *bus = hbus->pci_bus;
1838 struct hv_pci_dev *hv_dev;
1840 list_for_each_entry(dev, &bus->devices, bus_list) {
1841 hv_dev = get_pcichild_wslot(hbus, devfn_to_wslot(dev->devfn));
1845 if (hv_dev->desc.flags & HV_PCI_DEVICE_FLAG_NUMA_AFFINITY)
1846 set_dev_node(&dev->dev, hv_dev->desc.virtual_numa_node);
1848 put_pcichild(hv_dev);
1853 * create_root_hv_pci_bus() - Expose a new root PCI bus
1854 * @hbus: Root PCI bus, as understood by this driver
1856 * Return: 0 on success, -errno on failure
1858 static int create_root_hv_pci_bus(struct hv_pcibus_device *hbus)
1860 /* Register the device */
1861 hbus->pci_bus = pci_create_root_bus(&hbus->hdev->device,
1862 0, /* bus number is always zero */
1865 &hbus->resources_for_children);
1869 hbus->pci_bus->msi = &hbus->msi_chip;
1870 hbus->pci_bus->msi->dev = &hbus->hdev->device;
1872 pci_lock_rescan_remove();
1873 pci_scan_child_bus(hbus->pci_bus);
1874 hv_pci_assign_numa_node(hbus);
1875 pci_bus_assign_resources(hbus->pci_bus);
1876 hv_pci_assign_slots(hbus);
1877 pci_bus_add_devices(hbus->pci_bus);
1878 pci_unlock_rescan_remove();
1879 hbus->state = hv_pcibus_installed;
1883 struct q_res_req_compl {
1884 struct completion host_event;
1885 struct hv_pci_dev *hpdev;
1889 * q_resource_requirements() - Query Resource Requirements
1890 * @context: The completion context.
1891 * @resp: The response that came from the host.
1892 * @resp_packet_size: The size in bytes of resp.
1894 * This function is invoked on completion of a Query Resource
1895 * Requirements packet.
1897 static void q_resource_requirements(void *context, struct pci_response *resp,
1898 int resp_packet_size)
1900 struct q_res_req_compl *completion = context;
1901 struct pci_q_res_req_response *q_res_req =
1902 (struct pci_q_res_req_response *)resp;
1905 if (resp->status < 0) {
1906 dev_err(&completion->hpdev->hbus->hdev->device,
1907 "query resource requirements failed: %x\n",
1910 for (i = 0; i < PCI_STD_NUM_BARS; i++) {
1911 completion->hpdev->probed_bar[i] =
1912 q_res_req->probed_bar[i];
1916 complete(&completion->host_event);
1920 * new_pcichild_device() - Create a new child device
1921 * @hbus: The internal struct tracking this root PCI bus.
1922 * @desc: The information supplied so far from the host
1925 * This function creates the tracking structure for a new child
1926 * device and kicks off the process of figuring out what it is.
1928 * Return: Pointer to the new tracking struct
1930 static struct hv_pci_dev *new_pcichild_device(struct hv_pcibus_device *hbus,
1931 struct hv_pcidev_description *desc)
1933 struct hv_pci_dev *hpdev;
1934 struct pci_child_message *res_req;
1935 struct q_res_req_compl comp_pkt;
1937 struct pci_packet init_packet;
1938 u8 buffer[sizeof(struct pci_child_message)];
1940 unsigned long flags;
1943 hpdev = kzalloc(sizeof(*hpdev), GFP_KERNEL);
1949 memset(&pkt, 0, sizeof(pkt));
1950 init_completion(&comp_pkt.host_event);
1951 comp_pkt.hpdev = hpdev;
1952 pkt.init_packet.compl_ctxt = &comp_pkt;
1953 pkt.init_packet.completion_func = q_resource_requirements;
1954 res_req = (struct pci_child_message *)&pkt.init_packet.message;
1955 res_req->message_type.type = PCI_QUERY_RESOURCE_REQUIREMENTS;
1956 res_req->wslot.slot = desc->win_slot.slot;
1958 ret = vmbus_sendpacket(hbus->hdev->channel, res_req,
1959 sizeof(struct pci_child_message),
1960 (unsigned long)&pkt.init_packet,
1962 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
1966 if (wait_for_response(hbus->hdev, &comp_pkt.host_event))
1969 hpdev->desc = *desc;
1970 refcount_set(&hpdev->refs, 1);
1971 get_pcichild(hpdev);
1972 spin_lock_irqsave(&hbus->device_list_lock, flags);
1974 list_add_tail(&hpdev->list_entry, &hbus->children);
1975 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
1984 * get_pcichild_wslot() - Find device from slot
1985 * @hbus: Root PCI bus, as understood by this driver
1986 * @wslot: Location on the bus
1988 * This function looks up a PCI device and returns the internal
1989 * representation of it. It acquires a reference on it, so that
1990 * the device won't be deleted while somebody is using it. The
1991 * caller is responsible for calling put_pcichild() to release
1994 * Return: Internal representation of a PCI device
1996 static struct hv_pci_dev *get_pcichild_wslot(struct hv_pcibus_device *hbus,
1999 unsigned long flags;
2000 struct hv_pci_dev *iter, *hpdev = NULL;
2002 spin_lock_irqsave(&hbus->device_list_lock, flags);
2003 list_for_each_entry(iter, &hbus->children, list_entry) {
2004 if (iter->desc.win_slot.slot == wslot) {
2006 get_pcichild(hpdev);
2010 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2016 * pci_devices_present_work() - Handle new list of child devices
2017 * @work: Work struct embedded in struct hv_dr_work
2019 * "Bus Relations" is the Windows term for "children of this
2020 * bus." The terminology is preserved here for people trying to
2021 * debug the interaction between Hyper-V and Linux. This
2022 * function is called when the parent partition reports a list
2023 * of functions that should be observed under this PCI Express
2026 * This function updates the list, and must tolerate being
2027 * called multiple times with the same information. The typical
2028 * number of child devices is one, with very atypical cases
2029 * involving three or four, so the algorithms used here can be
2030 * simple and inefficient.
2032 * It must also treat the omission of a previously observed device as
2033 * notification that the device no longer exists.
2035 * Note that this function is serialized with hv_eject_device_work(),
2036 * because both are pushed to the ordered workqueue hbus->wq.
2038 static void pci_devices_present_work(struct work_struct *work)
2042 struct hv_pcidev_description *new_desc;
2043 struct hv_pci_dev *hpdev;
2044 struct hv_pcibus_device *hbus;
2045 struct list_head removed;
2046 struct hv_dr_work *dr_wrk;
2047 struct hv_dr_state *dr = NULL;
2048 unsigned long flags;
2050 dr_wrk = container_of(work, struct hv_dr_work, wrk);
2054 INIT_LIST_HEAD(&removed);
2056 /* Pull this off the queue and process it if it was the last one. */
2057 spin_lock_irqsave(&hbus->device_list_lock, flags);
2058 while (!list_empty(&hbus->dr_list)) {
2059 dr = list_first_entry(&hbus->dr_list, struct hv_dr_state,
2061 list_del(&dr->list_entry);
2063 /* Throw this away if the list still has stuff in it. */
2064 if (!list_empty(&hbus->dr_list)) {
2069 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2076 /* First, mark all existing children as reported missing. */
2077 spin_lock_irqsave(&hbus->device_list_lock, flags);
2078 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2079 hpdev->reported_missing = true;
2081 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2083 /* Next, add back any reported devices. */
2084 for (child_no = 0; child_no < dr->device_count; child_no++) {
2086 new_desc = &dr->func[child_no];
2088 spin_lock_irqsave(&hbus->device_list_lock, flags);
2089 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2090 if ((hpdev->desc.win_slot.slot == new_desc->win_slot.slot) &&
2091 (hpdev->desc.v_id == new_desc->v_id) &&
2092 (hpdev->desc.d_id == new_desc->d_id) &&
2093 (hpdev->desc.ser == new_desc->ser)) {
2094 hpdev->reported_missing = false;
2098 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2101 hpdev = new_pcichild_device(hbus, new_desc);
2103 dev_err(&hbus->hdev->device,
2104 "couldn't record a child device.\n");
2108 /* Move missing children to a list on the stack. */
2109 spin_lock_irqsave(&hbus->device_list_lock, flags);
2112 list_for_each_entry(hpdev, &hbus->children, list_entry) {
2113 if (hpdev->reported_missing) {
2115 put_pcichild(hpdev);
2116 list_move_tail(&hpdev->list_entry, &removed);
2121 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2123 /* Delete everything that should no longer exist. */
2124 while (!list_empty(&removed)) {
2125 hpdev = list_first_entry(&removed, struct hv_pci_dev,
2127 list_del(&hpdev->list_entry);
2129 if (hpdev->pci_slot)
2130 pci_destroy_slot(hpdev->pci_slot);
2132 put_pcichild(hpdev);
2135 switch (hbus->state) {
2136 case hv_pcibus_installed:
2138 * Tell the core to rescan bus
2139 * because there may have been changes.
2141 pci_lock_rescan_remove();
2142 pci_scan_child_bus(hbus->pci_bus);
2143 hv_pci_assign_numa_node(hbus);
2144 hv_pci_assign_slots(hbus);
2145 pci_unlock_rescan_remove();
2148 case hv_pcibus_init:
2149 case hv_pcibus_probed:
2150 survey_child_resources(hbus);
2162 * hv_pci_start_relations_work() - Queue work to start device discovery
2163 * @hbus: Root PCI bus, as understood by this driver
2164 * @dr: The list of children returned from host
2166 * Return: 0 on success, -errno on failure
2168 static int hv_pci_start_relations_work(struct hv_pcibus_device *hbus,
2169 struct hv_dr_state *dr)
2171 struct hv_dr_work *dr_wrk;
2172 unsigned long flags;
2175 if (hbus->state == hv_pcibus_removing) {
2176 dev_info(&hbus->hdev->device,
2177 "PCI VMBus BUS_RELATIONS: ignored\n");
2181 dr_wrk = kzalloc(sizeof(*dr_wrk), GFP_NOWAIT);
2185 INIT_WORK(&dr_wrk->wrk, pci_devices_present_work);
2188 spin_lock_irqsave(&hbus->device_list_lock, flags);
2190 * If pending_dr is true, we have already queued a work,
2191 * which will see the new dr. Otherwise, we need to
2194 pending_dr = !list_empty(&hbus->dr_list);
2195 list_add_tail(&dr->list_entry, &hbus->dr_list);
2196 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2202 queue_work(hbus->wq, &dr_wrk->wrk);
2209 * hv_pci_devices_present() - Handle list of new children
2210 * @hbus: Root PCI bus, as understood by this driver
2211 * @relations: Packet from host listing children
2213 * Process a new list of devices on the bus. The list of devices is
2214 * discovered by VSP and sent to us via VSP message PCI_BUS_RELATIONS,
2215 * whenever a new list of devices for this bus appears.
2217 static void hv_pci_devices_present(struct hv_pcibus_device *hbus,
2218 struct pci_bus_relations *relations)
2220 struct hv_dr_state *dr;
2223 dr = kzalloc(struct_size(dr, func, relations->device_count),
2228 dr->device_count = relations->device_count;
2229 for (i = 0; i < dr->device_count; i++) {
2230 dr->func[i].v_id = relations->func[i].v_id;
2231 dr->func[i].d_id = relations->func[i].d_id;
2232 dr->func[i].rev = relations->func[i].rev;
2233 dr->func[i].prog_intf = relations->func[i].prog_intf;
2234 dr->func[i].subclass = relations->func[i].subclass;
2235 dr->func[i].base_class = relations->func[i].base_class;
2236 dr->func[i].subsystem_id = relations->func[i].subsystem_id;
2237 dr->func[i].win_slot = relations->func[i].win_slot;
2238 dr->func[i].ser = relations->func[i].ser;
2241 if (hv_pci_start_relations_work(hbus, dr))
2246 * hv_pci_devices_present2() - Handle list of new children
2247 * @hbus: Root PCI bus, as understood by this driver
2248 * @relations: Packet from host listing children
2250 * This function is the v2 version of hv_pci_devices_present()
2252 static void hv_pci_devices_present2(struct hv_pcibus_device *hbus,
2253 struct pci_bus_relations2 *relations)
2255 struct hv_dr_state *dr;
2258 dr = kzalloc(struct_size(dr, func, relations->device_count),
2263 dr->device_count = relations->device_count;
2264 for (i = 0; i < dr->device_count; i++) {
2265 dr->func[i].v_id = relations->func[i].v_id;
2266 dr->func[i].d_id = relations->func[i].d_id;
2267 dr->func[i].rev = relations->func[i].rev;
2268 dr->func[i].prog_intf = relations->func[i].prog_intf;
2269 dr->func[i].subclass = relations->func[i].subclass;
2270 dr->func[i].base_class = relations->func[i].base_class;
2271 dr->func[i].subsystem_id = relations->func[i].subsystem_id;
2272 dr->func[i].win_slot = relations->func[i].win_slot;
2273 dr->func[i].ser = relations->func[i].ser;
2274 dr->func[i].flags = relations->func[i].flags;
2275 dr->func[i].virtual_numa_node =
2276 relations->func[i].virtual_numa_node;
2279 if (hv_pci_start_relations_work(hbus, dr))
2284 * hv_eject_device_work() - Asynchronously handles ejection
2285 * @work: Work struct embedded in internal device struct
2287 * This function handles ejecting a device. Windows will
2288 * attempt to gracefully eject a device, waiting 60 seconds to
2289 * hear back from the guest OS that this completed successfully.
2290 * If this timer expires, the device will be forcibly removed.
2292 static void hv_eject_device_work(struct work_struct *work)
2294 struct pci_eject_response *ejct_pkt;
2295 struct hv_pcibus_device *hbus;
2296 struct hv_pci_dev *hpdev;
2297 struct pci_dev *pdev;
2298 unsigned long flags;
2301 struct pci_packet pkt;
2302 u8 buffer[sizeof(struct pci_eject_response)];
2305 hpdev = container_of(work, struct hv_pci_dev, wrk);
2308 WARN_ON(hpdev->state != hv_pcichild_ejecting);
2311 * Ejection can come before or after the PCI bus has been set up, so
2312 * attempt to find it and tear down the bus state, if it exists. This
2313 * must be done without constructs like pci_domain_nr(hbus->pci_bus)
2314 * because hbus->pci_bus may not exist yet.
2316 wslot = wslot_to_devfn(hpdev->desc.win_slot.slot);
2317 pdev = pci_get_domain_bus_and_slot(hbus->sysdata.domain, 0, wslot);
2319 pci_lock_rescan_remove();
2320 pci_stop_and_remove_bus_device(pdev);
2322 pci_unlock_rescan_remove();
2325 spin_lock_irqsave(&hbus->device_list_lock, flags);
2326 list_del(&hpdev->list_entry);
2327 spin_unlock_irqrestore(&hbus->device_list_lock, flags);
2329 if (hpdev->pci_slot)
2330 pci_destroy_slot(hpdev->pci_slot);
2332 memset(&ctxt, 0, sizeof(ctxt));
2333 ejct_pkt = (struct pci_eject_response *)&ctxt.pkt.message;
2334 ejct_pkt->message_type.type = PCI_EJECTION_COMPLETE;
2335 ejct_pkt->wslot.slot = hpdev->desc.win_slot.slot;
2336 vmbus_sendpacket(hbus->hdev->channel, ejct_pkt,
2337 sizeof(*ejct_pkt), (unsigned long)&ctxt.pkt,
2338 VM_PKT_DATA_INBAND, 0);
2340 /* For the get_pcichild() in hv_pci_eject_device() */
2341 put_pcichild(hpdev);
2342 /* For the two refs got in new_pcichild_device() */
2343 put_pcichild(hpdev);
2344 put_pcichild(hpdev);
2345 /* hpdev has been freed. Do not use it any more. */
2351 * hv_pci_eject_device() - Handles device ejection
2352 * @hpdev: Internal device tracking struct
2354 * This function is invoked when an ejection packet arrives. It
2355 * just schedules work so that we don't re-enter the packet
2356 * delivery code handling the ejection.
2358 static void hv_pci_eject_device(struct hv_pci_dev *hpdev)
2360 struct hv_pcibus_device *hbus = hpdev->hbus;
2361 struct hv_device *hdev = hbus->hdev;
2363 if (hbus->state == hv_pcibus_removing) {
2364 dev_info(&hdev->device, "PCI VMBus EJECT: ignored\n");
2368 hpdev->state = hv_pcichild_ejecting;
2369 get_pcichild(hpdev);
2370 INIT_WORK(&hpdev->wrk, hv_eject_device_work);
2372 queue_work(hbus->wq, &hpdev->wrk);
2376 * hv_pci_onchannelcallback() - Handles incoming packets
2377 * @context: Internal bus tracking struct
2379 * This function is invoked whenever the host sends a packet to
2380 * this channel (which is private to this root PCI bus).
2382 static void hv_pci_onchannelcallback(void *context)
2384 const int packet_size = 0x100;
2386 struct hv_pcibus_device *hbus = context;
2389 struct vmpacket_descriptor *desc;
2390 unsigned char *buffer;
2391 int bufferlen = packet_size;
2392 struct pci_packet *comp_packet;
2393 struct pci_response *response;
2394 struct pci_incoming_message *new_message;
2395 struct pci_bus_relations *bus_rel;
2396 struct pci_bus_relations2 *bus_rel2;
2397 struct pci_dev_inval_block *inval;
2398 struct pci_dev_incoming *dev_message;
2399 struct hv_pci_dev *hpdev;
2401 buffer = kmalloc(bufferlen, GFP_ATOMIC);
2406 ret = vmbus_recvpacket_raw(hbus->hdev->channel, buffer,
2407 bufferlen, &bytes_recvd, &req_id);
2409 if (ret == -ENOBUFS) {
2411 /* Handle large packet */
2412 bufferlen = bytes_recvd;
2413 buffer = kmalloc(bytes_recvd, GFP_ATOMIC);
2419 /* Zero length indicates there are no more packets. */
2420 if (ret || !bytes_recvd)
2424 * All incoming packets must be at least as large as a
2427 if (bytes_recvd <= sizeof(struct pci_response))
2429 desc = (struct vmpacket_descriptor *)buffer;
2431 switch (desc->type) {
2435 * The host is trusted, and thus it's safe to interpret
2436 * this transaction ID as a pointer.
2438 comp_packet = (struct pci_packet *)req_id;
2439 response = (struct pci_response *)buffer;
2440 comp_packet->completion_func(comp_packet->compl_ctxt,
2445 case VM_PKT_DATA_INBAND:
2447 new_message = (struct pci_incoming_message *)buffer;
2448 switch (new_message->message_type.type) {
2449 case PCI_BUS_RELATIONS:
2451 bus_rel = (struct pci_bus_relations *)buffer;
2453 struct_size(bus_rel, func,
2454 bus_rel->device_count)) {
2455 dev_err(&hbus->hdev->device,
2456 "bus relations too small\n");
2460 hv_pci_devices_present(hbus, bus_rel);
2463 case PCI_BUS_RELATIONS2:
2465 bus_rel2 = (struct pci_bus_relations2 *)buffer;
2467 struct_size(bus_rel2, func,
2468 bus_rel2->device_count)) {
2469 dev_err(&hbus->hdev->device,
2470 "bus relations v2 too small\n");
2474 hv_pci_devices_present2(hbus, bus_rel2);
2479 dev_message = (struct pci_dev_incoming *)buffer;
2480 hpdev = get_pcichild_wslot(hbus,
2481 dev_message->wslot.slot);
2483 hv_pci_eject_device(hpdev);
2484 put_pcichild(hpdev);
2488 case PCI_INVALIDATE_BLOCK:
2490 inval = (struct pci_dev_inval_block *)buffer;
2491 hpdev = get_pcichild_wslot(hbus,
2494 if (hpdev->block_invalidate) {
2495 hpdev->block_invalidate(
2496 hpdev->invalidate_context,
2499 put_pcichild(hpdev);
2504 dev_warn(&hbus->hdev->device,
2505 "Unimplemented protocol message %x\n",
2506 new_message->message_type.type);
2512 dev_err(&hbus->hdev->device,
2513 "unhandled packet type %d, tid %llx len %d\n",
2514 desc->type, req_id, bytes_recvd);
2523 * hv_pci_protocol_negotiation() - Set up protocol
2524 * @hdev: VMBus's tracking struct for this root PCI bus.
2525 * @version: Array of supported channel protocol versions in
2526 * the order of probing - highest go first.
2527 * @num_version: Number of elements in the version array.
2529 * This driver is intended to support running on Windows 10
2530 * (server) and later versions. It will not run on earlier
2531 * versions, as they assume that many of the operations which
2532 * Linux needs accomplished with a spinlock held were done via
2533 * asynchronous messaging via VMBus. Windows 10 increases the
2534 * surface area of PCI emulation so that these actions can take
2535 * place by suspending a virtual processor for their duration.
2537 * This function negotiates the channel protocol version,
2538 * failing if the host doesn't support the necessary protocol
2541 static int hv_pci_protocol_negotiation(struct hv_device *hdev,
2542 enum pci_protocol_version_t version[],
2545 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
2546 struct pci_version_request *version_req;
2547 struct hv_pci_compl comp_pkt;
2548 struct pci_packet *pkt;
2553 * Initiate the handshake with the host and negotiate
2554 * a version that the host can support. We start with the
2555 * highest version number and go down if the host cannot
2558 pkt = kzalloc(sizeof(*pkt) + sizeof(*version_req), GFP_KERNEL);
2562 init_completion(&comp_pkt.host_event);
2563 pkt->completion_func = hv_pci_generic_compl;
2564 pkt->compl_ctxt = &comp_pkt;
2565 version_req = (struct pci_version_request *)&pkt->message;
2566 version_req->message_type.type = PCI_QUERY_PROTOCOL_VERSION;
2568 for (i = 0; i < num_version; i++) {
2569 version_req->protocol_version = version[i];
2570 ret = vmbus_sendpacket(hdev->channel, version_req,
2571 sizeof(struct pci_version_request),
2572 (unsigned long)pkt, VM_PKT_DATA_INBAND,
2573 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
2575 ret = wait_for_response(hdev, &comp_pkt.host_event);
2578 dev_err(&hdev->device,
2579 "PCI Pass-through VSP failed to request version: %d",
2584 if (comp_pkt.completion_status >= 0) {
2585 hbus->protocol_version = version[i];
2586 dev_info(&hdev->device,
2587 "PCI VMBus probing: Using version %#x\n",
2588 hbus->protocol_version);
2592 if (comp_pkt.completion_status != STATUS_REVISION_MISMATCH) {
2593 dev_err(&hdev->device,
2594 "PCI Pass-through VSP failed version request: %#x",
2595 comp_pkt.completion_status);
2600 reinit_completion(&comp_pkt.host_event);
2603 dev_err(&hdev->device,
2604 "PCI pass-through VSP failed to find supported version");
2613 * hv_pci_free_bridge_windows() - Release memory regions for the
2615 * @hbus: Root PCI bus, as understood by this driver
2617 static void hv_pci_free_bridge_windows(struct hv_pcibus_device *hbus)
2620 * Set the resources back to the way they looked when they
2621 * were allocated by setting IORESOURCE_BUSY again.
2624 if (hbus->low_mmio_space && hbus->low_mmio_res) {
2625 hbus->low_mmio_res->flags |= IORESOURCE_BUSY;
2626 vmbus_free_mmio(hbus->low_mmio_res->start,
2627 resource_size(hbus->low_mmio_res));
2630 if (hbus->high_mmio_space && hbus->high_mmio_res) {
2631 hbus->high_mmio_res->flags |= IORESOURCE_BUSY;
2632 vmbus_free_mmio(hbus->high_mmio_res->start,
2633 resource_size(hbus->high_mmio_res));
2638 * hv_pci_allocate_bridge_windows() - Allocate memory regions
2640 * @hbus: Root PCI bus, as understood by this driver
2642 * This function calls vmbus_allocate_mmio(), which is itself a
2643 * bit of a compromise. Ideally, we might change the pnp layer
2644 * in the kernel such that it comprehends either PCI devices
2645 * which are "grandchildren of ACPI," with some intermediate bus
2646 * node (in this case, VMBus) or change it such that it
2647 * understands VMBus. The pnp layer, however, has been declared
2648 * deprecated, and not subject to change.
2650 * The workaround, implemented here, is to ask VMBus to allocate
2651 * MMIO space for this bus. VMBus itself knows which ranges are
2652 * appropriate by looking at its own ACPI objects. Then, after
2653 * these ranges are claimed, they're modified to look like they
2654 * would have looked if the ACPI and pnp code had allocated
2655 * bridge windows. These descriptors have to exist in this form
2656 * in order to satisfy the code which will get invoked when the
2657 * endpoint PCI function driver calls request_mem_region() or
2658 * request_mem_region_exclusive().
2660 * Return: 0 on success, -errno on failure
2662 static int hv_pci_allocate_bridge_windows(struct hv_pcibus_device *hbus)
2664 resource_size_t align;
2667 if (hbus->low_mmio_space) {
2668 align = 1ULL << (63 - __builtin_clzll(hbus->low_mmio_space));
2669 ret = vmbus_allocate_mmio(&hbus->low_mmio_res, hbus->hdev, 0,
2670 (u64)(u32)0xffffffff,
2671 hbus->low_mmio_space,
2674 dev_err(&hbus->hdev->device,
2675 "Need %#llx of low MMIO space. Consider reconfiguring the VM.\n",
2676 hbus->low_mmio_space);
2680 /* Modify this resource to become a bridge window. */
2681 hbus->low_mmio_res->flags |= IORESOURCE_WINDOW;
2682 hbus->low_mmio_res->flags &= ~IORESOURCE_BUSY;
2683 pci_add_resource(&hbus->resources_for_children,
2684 hbus->low_mmio_res);
2687 if (hbus->high_mmio_space) {
2688 align = 1ULL << (63 - __builtin_clzll(hbus->high_mmio_space));
2689 ret = vmbus_allocate_mmio(&hbus->high_mmio_res, hbus->hdev,
2691 hbus->high_mmio_space, align,
2694 dev_err(&hbus->hdev->device,
2695 "Need %#llx of high MMIO space. Consider reconfiguring the VM.\n",
2696 hbus->high_mmio_space);
2697 goto release_low_mmio;
2700 /* Modify this resource to become a bridge window. */
2701 hbus->high_mmio_res->flags |= IORESOURCE_WINDOW;
2702 hbus->high_mmio_res->flags &= ~IORESOURCE_BUSY;
2703 pci_add_resource(&hbus->resources_for_children,
2704 hbus->high_mmio_res);
2710 if (hbus->low_mmio_res) {
2711 vmbus_free_mmio(hbus->low_mmio_res->start,
2712 resource_size(hbus->low_mmio_res));
2719 * hv_allocate_config_window() - Find MMIO space for PCI Config
2720 * @hbus: Root PCI bus, as understood by this driver
2722 * This function claims memory-mapped I/O space for accessing
2723 * configuration space for the functions on this bus.
2725 * Return: 0 on success, -errno on failure
2727 static int hv_allocate_config_window(struct hv_pcibus_device *hbus)
2732 * Set up a region of MMIO space to use for accessing configuration
2735 ret = vmbus_allocate_mmio(&hbus->mem_config, hbus->hdev, 0, -1,
2736 PCI_CONFIG_MMIO_LENGTH, 0x1000, false);
2741 * vmbus_allocate_mmio() gets used for allocating both device endpoint
2742 * resource claims (those which cannot be overlapped) and the ranges
2743 * which are valid for the children of this bus, which are intended
2744 * to be overlapped by those children. Set the flag on this claim
2745 * meaning that this region can't be overlapped.
2748 hbus->mem_config->flags |= IORESOURCE_BUSY;
2753 static void hv_free_config_window(struct hv_pcibus_device *hbus)
2755 vmbus_free_mmio(hbus->mem_config->start, PCI_CONFIG_MMIO_LENGTH);
2758 static int hv_pci_bus_exit(struct hv_device *hdev, bool keep_devs);
2761 * hv_pci_enter_d0() - Bring the "bus" into the D0 power state
2762 * @hdev: VMBus's tracking struct for this root PCI bus
2764 * Return: 0 on success, -errno on failure
2766 static int hv_pci_enter_d0(struct hv_device *hdev)
2768 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
2769 struct pci_bus_d0_entry *d0_entry;
2770 struct hv_pci_compl comp_pkt;
2771 struct pci_packet *pkt;
2775 * Tell the host that the bus is ready to use, and moved into the
2776 * powered-on state. This includes telling the host which region
2777 * of memory-mapped I/O space has been chosen for configuration space
2780 pkt = kzalloc(sizeof(*pkt) + sizeof(*d0_entry), GFP_KERNEL);
2784 init_completion(&comp_pkt.host_event);
2785 pkt->completion_func = hv_pci_generic_compl;
2786 pkt->compl_ctxt = &comp_pkt;
2787 d0_entry = (struct pci_bus_d0_entry *)&pkt->message;
2788 d0_entry->message_type.type = PCI_BUS_D0ENTRY;
2789 d0_entry->mmio_base = hbus->mem_config->start;
2791 ret = vmbus_sendpacket(hdev->channel, d0_entry, sizeof(*d0_entry),
2792 (unsigned long)pkt, VM_PKT_DATA_INBAND,
2793 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
2795 ret = wait_for_response(hdev, &comp_pkt.host_event);
2800 if (comp_pkt.completion_status < 0) {
2801 dev_err(&hdev->device,
2802 "PCI Pass-through VSP failed D0 Entry with status %x\n",
2803 comp_pkt.completion_status);
2816 * hv_pci_query_relations() - Ask host to send list of child
2818 * @hdev: VMBus's tracking struct for this root PCI bus
2820 * Return: 0 on success, -errno on failure
2822 static int hv_pci_query_relations(struct hv_device *hdev)
2824 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
2825 struct pci_message message;
2826 struct completion comp;
2829 /* Ask the host to send along the list of child devices */
2830 init_completion(&comp);
2831 if (cmpxchg(&hbus->survey_event, NULL, &comp))
2834 memset(&message, 0, sizeof(message));
2835 message.type = PCI_QUERY_BUS_RELATIONS;
2837 ret = vmbus_sendpacket(hdev->channel, &message, sizeof(message),
2838 0, VM_PKT_DATA_INBAND, 0);
2840 ret = wait_for_response(hdev, &comp);
2846 * hv_send_resources_allocated() - Report local resource choices
2847 * @hdev: VMBus's tracking struct for this root PCI bus
2849 * The host OS is expecting to be sent a request as a message
2850 * which contains all the resources that the device will use.
2851 * The response contains those same resources, "translated"
2852 * which is to say, the values which should be used by the
2853 * hardware, when it delivers an interrupt. (MMIO resources are
2854 * used in local terms.) This is nice for Windows, and lines up
2855 * with the FDO/PDO split, which doesn't exist in Linux. Linux
2856 * is deeply expecting to scan an emulated PCI configuration
2857 * space. So this message is sent here only to drive the state
2858 * machine on the host forward.
2860 * Return: 0 on success, -errno on failure
2862 static int hv_send_resources_allocated(struct hv_device *hdev)
2864 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
2865 struct pci_resources_assigned *res_assigned;
2866 struct pci_resources_assigned2 *res_assigned2;
2867 struct hv_pci_compl comp_pkt;
2868 struct hv_pci_dev *hpdev;
2869 struct pci_packet *pkt;
2874 size_res = (hbus->protocol_version < PCI_PROTOCOL_VERSION_1_2)
2875 ? sizeof(*res_assigned) : sizeof(*res_assigned2);
2877 pkt = kmalloc(sizeof(*pkt) + size_res, GFP_KERNEL);
2883 for (wslot = 0; wslot < 256; wslot++) {
2884 hpdev = get_pcichild_wslot(hbus, wslot);
2888 memset(pkt, 0, sizeof(*pkt) + size_res);
2889 init_completion(&comp_pkt.host_event);
2890 pkt->completion_func = hv_pci_generic_compl;
2891 pkt->compl_ctxt = &comp_pkt;
2893 if (hbus->protocol_version < PCI_PROTOCOL_VERSION_1_2) {
2895 (struct pci_resources_assigned *)&pkt->message;
2896 res_assigned->message_type.type =
2897 PCI_RESOURCES_ASSIGNED;
2898 res_assigned->wslot.slot = hpdev->desc.win_slot.slot;
2901 (struct pci_resources_assigned2 *)&pkt->message;
2902 res_assigned2->message_type.type =
2903 PCI_RESOURCES_ASSIGNED2;
2904 res_assigned2->wslot.slot = hpdev->desc.win_slot.slot;
2906 put_pcichild(hpdev);
2908 ret = vmbus_sendpacket(hdev->channel, &pkt->message,
2909 size_res, (unsigned long)pkt,
2911 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
2913 ret = wait_for_response(hdev, &comp_pkt.host_event);
2917 if (comp_pkt.completion_status < 0) {
2919 dev_err(&hdev->device,
2920 "resource allocated returned 0x%x",
2921 comp_pkt.completion_status);
2925 hbus->wslot_res_allocated = wslot;
2933 * hv_send_resources_released() - Report local resources
2935 * @hdev: VMBus's tracking struct for this root PCI bus
2937 * Return: 0 on success, -errno on failure
2939 static int hv_send_resources_released(struct hv_device *hdev)
2941 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
2942 struct pci_child_message pkt;
2943 struct hv_pci_dev *hpdev;
2947 for (wslot = hbus->wslot_res_allocated; wslot >= 0; wslot--) {
2948 hpdev = get_pcichild_wslot(hbus, wslot);
2952 memset(&pkt, 0, sizeof(pkt));
2953 pkt.message_type.type = PCI_RESOURCES_RELEASED;
2954 pkt.wslot.slot = hpdev->desc.win_slot.slot;
2956 put_pcichild(hpdev);
2958 ret = vmbus_sendpacket(hdev->channel, &pkt, sizeof(pkt), 0,
2959 VM_PKT_DATA_INBAND, 0);
2963 hbus->wslot_res_allocated = wslot - 1;
2966 hbus->wslot_res_allocated = -1;
2971 static void get_hvpcibus(struct hv_pcibus_device *hbus)
2973 refcount_inc(&hbus->remove_lock);
2976 static void put_hvpcibus(struct hv_pcibus_device *hbus)
2978 if (refcount_dec_and_test(&hbus->remove_lock))
2979 complete(&hbus->remove_event);
2982 #define HVPCI_DOM_MAP_SIZE (64 * 1024)
2983 static DECLARE_BITMAP(hvpci_dom_map, HVPCI_DOM_MAP_SIZE);
2986 * PCI domain number 0 is used by emulated devices on Gen1 VMs, so define 0
2987 * as invalid for passthrough PCI devices of this driver.
2989 #define HVPCI_DOM_INVALID 0
2992 * hv_get_dom_num() - Get a valid PCI domain number
2993 * Check if the PCI domain number is in use, and return another number if
2996 * @dom: Requested domain number
2998 * return: domain number on success, HVPCI_DOM_INVALID on failure
3000 static u16 hv_get_dom_num(u16 dom)
3004 if (test_and_set_bit(dom, hvpci_dom_map) == 0)
3007 for_each_clear_bit(i, hvpci_dom_map, HVPCI_DOM_MAP_SIZE) {
3008 if (test_and_set_bit(i, hvpci_dom_map) == 0)
3012 return HVPCI_DOM_INVALID;
3016 * hv_put_dom_num() - Mark the PCI domain number as free
3017 * @dom: Domain number to be freed
3019 static void hv_put_dom_num(u16 dom)
3021 clear_bit(dom, hvpci_dom_map);
3025 * hv_pci_probe() - New VMBus channel probe, for a root PCI bus
3026 * @hdev: VMBus's tracking struct for this root PCI bus
3027 * @dev_id: Identifies the device itself
3029 * Return: 0 on success, -errno on failure
3031 static int hv_pci_probe(struct hv_device *hdev,
3032 const struct hv_vmbus_device_id *dev_id)
3034 struct hv_pcibus_device *hbus;
3037 bool enter_d0_retry = true;
3041 * hv_pcibus_device contains the hypercall arguments for retargeting in
3042 * hv_irq_unmask(). Those must not cross a page boundary.
3044 BUILD_BUG_ON(sizeof(*hbus) > HV_HYP_PAGE_SIZE);
3047 * With the recent 59bb47985c1d ("mm, sl[aou]b: guarantee natural
3048 * alignment for kmalloc(power-of-two)"), kzalloc() is able to allocate
3049 * a 4KB buffer that is guaranteed to be 4KB-aligned. Here the size and
3050 * alignment of hbus is important because hbus's field
3051 * retarget_msi_interrupt_params must not cross a 4KB page boundary.
3053 * Here we prefer kzalloc to get_zeroed_page(), because a buffer
3054 * allocated by the latter is not tracked and scanned by kmemleak, and
3055 * hence kmemleak reports the pointer contained in the hbus buffer
3056 * (i.e. the hpdev struct, which is created in new_pcichild_device() and
3057 * is tracked by hbus->children) as memory leak (false positive).
3059 * If the kernel doesn't have 59bb47985c1d, get_zeroed_page() *must* be
3060 * used to allocate the hbus buffer and we can avoid the kmemleak false
3061 * positive by using kmemleak_alloc() and kmemleak_free() to ask
3062 * kmemleak to track and scan the hbus buffer.
3064 hbus = kzalloc(HV_HYP_PAGE_SIZE, GFP_KERNEL);
3067 hbus->state = hv_pcibus_init;
3068 hbus->wslot_res_allocated = -1;
3071 * The PCI bus "domain" is what is called "segment" in ACPI and other
3072 * specs. Pull it from the instance ID, to get something usually
3073 * unique. In rare cases of collision, we will find out another number
3076 * Note that, since this code only runs in a Hyper-V VM, Hyper-V
3077 * together with this guest driver can guarantee that (1) The only
3078 * domain used by Gen1 VMs for something that looks like a physical
3079 * PCI bus (which is actually emulated by the hypervisor) is domain 0.
3080 * (2) There will be no overlap between domains (after fixing possible
3081 * collisions) in the same VM.
3083 dom_req = hdev->dev_instance.b[5] << 8 | hdev->dev_instance.b[4];
3084 dom = hv_get_dom_num(dom_req);
3086 if (dom == HVPCI_DOM_INVALID) {
3087 dev_err(&hdev->device,
3088 "Unable to use dom# 0x%hx or other numbers", dom_req);
3094 dev_info(&hdev->device,
3095 "PCI dom# 0x%hx has collision, using 0x%hx",
3098 hbus->sysdata.domain = dom;
3101 refcount_set(&hbus->remove_lock, 1);
3102 INIT_LIST_HEAD(&hbus->children);
3103 INIT_LIST_HEAD(&hbus->dr_list);
3104 INIT_LIST_HEAD(&hbus->resources_for_children);
3105 spin_lock_init(&hbus->config_lock);
3106 spin_lock_init(&hbus->device_list_lock);
3107 spin_lock_init(&hbus->retarget_msi_interrupt_lock);
3108 init_completion(&hbus->remove_event);
3109 hbus->wq = alloc_ordered_workqueue("hv_pci_%x", 0,
3110 hbus->sysdata.domain);
3116 ret = vmbus_open(hdev->channel, pci_ring_size, pci_ring_size, NULL, 0,
3117 hv_pci_onchannelcallback, hbus);
3121 hv_set_drvdata(hdev, hbus);
3123 ret = hv_pci_protocol_negotiation(hdev, pci_protocol_versions,
3124 ARRAY_SIZE(pci_protocol_versions));
3128 ret = hv_allocate_config_window(hbus);
3132 hbus->cfg_addr = ioremap(hbus->mem_config->start,
3133 PCI_CONFIG_MMIO_LENGTH);
3134 if (!hbus->cfg_addr) {
3135 dev_err(&hdev->device,
3136 "Unable to map a virtual address for config space\n");
3141 name = kasprintf(GFP_KERNEL, "%pUL", &hdev->dev_instance);
3147 hbus->sysdata.fwnode = irq_domain_alloc_named_fwnode(name);
3149 if (!hbus->sysdata.fwnode) {
3154 ret = hv_pcie_init_irq_domain(hbus);
3159 ret = hv_pci_query_relations(hdev);
3161 goto free_irq_domain;
3163 ret = hv_pci_enter_d0(hdev);
3165 * In certain case (Kdump) the pci device of interest was
3166 * not cleanly shut down and resource is still held on host
3167 * side, the host could return invalid device status.
3168 * We need to explicitly request host to release the resource
3169 * and try to enter D0 again.
3170 * Since the hv_pci_bus_exit() call releases structures
3171 * of all its child devices, we need to start the retry from
3172 * hv_pci_query_relations() call, requesting host to send
3173 * the synchronous child device relations message before this
3174 * information is needed in hv_send_resources_allocated()
3177 if (ret == -EPROTO && enter_d0_retry) {
3178 enter_d0_retry = false;
3180 dev_err(&hdev->device, "Retrying D0 Entry\n");
3183 * Hv_pci_bus_exit() calls hv_send_resources_released()
3184 * to free up resources of its child devices.
3185 * In the kdump kernel we need to set the
3186 * wslot_res_allocated to 255 so it scans all child
3187 * devices to release resources allocated in the
3188 * normal kernel before panic happened.
3190 hbus->wslot_res_allocated = 255;
3191 ret = hv_pci_bus_exit(hdev, true);
3196 dev_err(&hdev->device,
3197 "Retrying D0 failed with ret %d\n", ret);
3200 goto free_irq_domain;
3202 ret = hv_pci_allocate_bridge_windows(hbus);
3206 ret = hv_send_resources_allocated(hdev);
3210 prepopulate_bars(hbus);
3212 hbus->state = hv_pcibus_probed;
3214 ret = create_root_hv_pci_bus(hbus);
3221 hv_pci_free_bridge_windows(hbus);
3223 (void) hv_pci_bus_exit(hdev, true);
3225 irq_domain_remove(hbus->irq_domain);
3227 irq_domain_free_fwnode(hbus->sysdata.fwnode);
3229 iounmap(hbus->cfg_addr);
3231 hv_free_config_window(hbus);
3233 vmbus_close(hdev->channel);
3235 destroy_workqueue(hbus->wq);
3237 hv_put_dom_num(hbus->sysdata.domain);
3243 static int hv_pci_bus_exit(struct hv_device *hdev, bool keep_devs)
3245 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3247 struct pci_packet teardown_packet;
3248 u8 buffer[sizeof(struct pci_message)];
3250 struct hv_dr_state *dr;
3251 struct hv_pci_compl comp_pkt;
3255 * After the host sends the RESCIND_CHANNEL message, it doesn't
3256 * access the per-channel ringbuffer any longer.
3258 if (hdev->channel->rescind)
3262 /* Delete any children which might still exist. */
3263 dr = kzalloc(sizeof(*dr), GFP_KERNEL);
3264 if (dr && hv_pci_start_relations_work(hbus, dr))
3268 ret = hv_send_resources_released(hdev);
3270 dev_err(&hdev->device,
3271 "Couldn't send resources released packet(s)\n");
3275 memset(&pkt.teardown_packet, 0, sizeof(pkt.teardown_packet));
3276 init_completion(&comp_pkt.host_event);
3277 pkt.teardown_packet.completion_func = hv_pci_generic_compl;
3278 pkt.teardown_packet.compl_ctxt = &comp_pkt;
3279 pkt.teardown_packet.message[0].type = PCI_BUS_D0EXIT;
3281 ret = vmbus_sendpacket(hdev->channel, &pkt.teardown_packet.message,
3282 sizeof(struct pci_message),
3283 (unsigned long)&pkt.teardown_packet,
3285 VMBUS_DATA_PACKET_FLAG_COMPLETION_REQUESTED);
3289 if (wait_for_completion_timeout(&comp_pkt.host_event, 10 * HZ) == 0)
3296 * hv_pci_remove() - Remove routine for this VMBus channel
3297 * @hdev: VMBus's tracking struct for this root PCI bus
3299 * Return: 0 on success, -errno on failure
3301 static int hv_pci_remove(struct hv_device *hdev)
3303 struct hv_pcibus_device *hbus;
3306 hbus = hv_get_drvdata(hdev);
3307 if (hbus->state == hv_pcibus_installed) {
3308 /* Remove the bus from PCI's point of view. */
3309 pci_lock_rescan_remove();
3310 pci_stop_root_bus(hbus->pci_bus);
3311 hv_pci_remove_slots(hbus);
3312 pci_remove_root_bus(hbus->pci_bus);
3313 pci_unlock_rescan_remove();
3314 hbus->state = hv_pcibus_removed;
3317 ret = hv_pci_bus_exit(hdev, false);
3319 vmbus_close(hdev->channel);
3321 iounmap(hbus->cfg_addr);
3322 hv_free_config_window(hbus);
3323 pci_free_resource_list(&hbus->resources_for_children);
3324 hv_pci_free_bridge_windows(hbus);
3325 irq_domain_remove(hbus->irq_domain);
3326 irq_domain_free_fwnode(hbus->sysdata.fwnode);
3328 wait_for_completion(&hbus->remove_event);
3329 destroy_workqueue(hbus->wq);
3331 hv_put_dom_num(hbus->sysdata.domain);
3337 static int hv_pci_suspend(struct hv_device *hdev)
3339 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3340 enum hv_pcibus_state old_state;
3344 * hv_pci_suspend() must make sure there are no pending work items
3345 * before calling vmbus_close(), since it runs in a process context
3346 * as a callback in dpm_suspend(). When it starts to run, the channel
3347 * callback hv_pci_onchannelcallback(), which runs in a tasklet
3348 * context, can be still running concurrently and scheduling new work
3349 * items onto hbus->wq in hv_pci_devices_present() and
3350 * hv_pci_eject_device(), and the work item handlers can access the
3351 * vmbus channel, which can be being closed by hv_pci_suspend(), e.g.
3352 * the work item handler pci_devices_present_work() ->
3353 * new_pcichild_device() writes to the vmbus channel.
3355 * To eliminate the race, hv_pci_suspend() disables the channel
3356 * callback tasklet, sets hbus->state to hv_pcibus_removing, and
3357 * re-enables the tasklet. This way, when hv_pci_suspend() proceeds,
3358 * it knows that no new work item can be scheduled, and then it flushes
3359 * hbus->wq and safely closes the vmbus channel.
3361 tasklet_disable(&hdev->channel->callback_event);
3363 /* Change the hbus state to prevent new work items. */
3364 old_state = hbus->state;
3365 if (hbus->state == hv_pcibus_installed)
3366 hbus->state = hv_pcibus_removing;
3368 tasklet_enable(&hdev->channel->callback_event);
3370 if (old_state != hv_pcibus_installed)
3373 flush_workqueue(hbus->wq);
3375 ret = hv_pci_bus_exit(hdev, true);
3379 vmbus_close(hdev->channel);
3384 static int hv_pci_restore_msi_msg(struct pci_dev *pdev, void *arg)
3386 struct msi_desc *entry;
3387 struct irq_data *irq_data;
3389 for_each_pci_msi_entry(entry, pdev) {
3390 irq_data = irq_get_irq_data(entry->irq);
3391 if (WARN_ON_ONCE(!irq_data))
3394 hv_compose_msi_msg(irq_data, &entry->msg);
3401 * Upon resume, pci_restore_msi_state() -> ... -> __pci_write_msi_msg()
3402 * directly writes the MSI/MSI-X registers via MMIO, but since Hyper-V
3403 * doesn't trap and emulate the MMIO accesses, here hv_compose_msi_msg()
3404 * must be used to ask Hyper-V to re-create the IOMMU Interrupt Remapping
3407 static void hv_pci_restore_msi_state(struct hv_pcibus_device *hbus)
3409 pci_walk_bus(hbus->pci_bus, hv_pci_restore_msi_msg, NULL);
3412 static int hv_pci_resume(struct hv_device *hdev)
3414 struct hv_pcibus_device *hbus = hv_get_drvdata(hdev);
3415 enum pci_protocol_version_t version[1];
3418 hbus->state = hv_pcibus_init;
3420 ret = vmbus_open(hdev->channel, pci_ring_size, pci_ring_size, NULL, 0,
3421 hv_pci_onchannelcallback, hbus);
3425 /* Only use the version that was in use before hibernation. */
3426 version[0] = hbus->protocol_version;
3427 ret = hv_pci_protocol_negotiation(hdev, version, 1);
3431 ret = hv_pci_query_relations(hdev);
3435 ret = hv_pci_enter_d0(hdev);
3439 ret = hv_send_resources_allocated(hdev);
3443 prepopulate_bars(hbus);
3445 hv_pci_restore_msi_state(hbus);
3447 hbus->state = hv_pcibus_installed;
3450 vmbus_close(hdev->channel);
3454 static const struct hv_vmbus_device_id hv_pci_id_table[] = {
3455 /* PCI Pass-through Class ID */
3456 /* 44C4F61D-4444-4400-9D52-802E27EDE19F */
3461 MODULE_DEVICE_TABLE(vmbus, hv_pci_id_table);
3463 static struct hv_driver hv_pci_drv = {
3465 .id_table = hv_pci_id_table,
3466 .probe = hv_pci_probe,
3467 .remove = hv_pci_remove,
3468 .suspend = hv_pci_suspend,
3469 .resume = hv_pci_resume,
3472 static void __exit exit_hv_pci_drv(void)
3474 vmbus_driver_unregister(&hv_pci_drv);
3476 hvpci_block_ops.read_block = NULL;
3477 hvpci_block_ops.write_block = NULL;
3478 hvpci_block_ops.reg_blk_invalidate = NULL;
3481 static int __init init_hv_pci_drv(void)
3483 /* Set the invalid domain number's bit, so it will not be used */
3484 set_bit(HVPCI_DOM_INVALID, hvpci_dom_map);
3486 /* Initialize PCI block r/w interface */
3487 hvpci_block_ops.read_block = hv_read_config_block;
3488 hvpci_block_ops.write_block = hv_write_config_block;
3489 hvpci_block_ops.reg_blk_invalidate = hv_register_block_invalidate;
3491 return vmbus_driver_register(&hv_pci_drv);
3494 module_init(init_hv_pci_drv);
3495 module_exit(exit_hv_pci_drv);
3497 MODULE_DESCRIPTION("Hyper-V PCI");
3498 MODULE_LICENSE("GPL v2");
projects / linux-2.6-microblaze.git / blob